public ActionResult Login(UserLogin model, string returnUrl)
        {
            if (ModelState.IsValid && WebSecurity.Login(model.UserName, model.Password))
            {
                return RedirectToLocal(returnUrl);
            }

            // If we got this far, something failed, redisplay form
            ModelState.AddModelError("", "The user name or password provided is incorrect.");
            return View(model);
        }
        public ActionResult Login(UserLogin model, string returnUrl)
        {
            //string role = UserDAL.AuthenticateUser(model.UserName, model.Password);
            UserLoggedInProfile userProfile=new UserLoggedInProfile();
            if (Session["UserID"] != null) //already logged in
            {
                if (Session["Role"].Equals("admin")||Session["Role"].Equals("member"))
                {
                    return RedirectToLocal(returnUrl);
                }
                else
                {
                    //TODO: Logger
                    Console.WriteLine("Some error occured");
                }
            }
            try
            {
                userProfile = UserDAL.AuthenticateUser(model.UserName, model.Password);
            }
            catch (Exception)
            {
                ModelState.AddModelError("", "");

            }
            //new login
            string role=userProfile.Role; //populated above from database
            if (ModelState.IsValid && (role.Equals("admin") || role.Equals("member")))
            {
                //if(role
                Session["Role"] = userProfile.Role;
                Session["UserName"] = userProfile.UserName;
                Session["UserID"] = userProfile.UserID;
                return RedirectToLocal(returnUrl);
            }

            // If we got this far, something failed, redisplay form
            ModelState.AddModelError("", "The user name or password provided is incorrect.");
            return View(model);
        }