//[ValidateAntiForgeryToken]
        public ActionResult Login(User user)
        {            
            if (_usr.IsValid(user.UserName, user.Password))
            {
                var loginUser = _usr.GetLoginUser(user.UserName, user.Password);
                //WebSecurity.CreateUserAndAccount(user.UserName, user.Password);
                //WebSecurity.Login(user.UserName, user.Password);
                FormsAuthentication.SetAuthCookie(user.UserName, false);
                //FormsAuthentication.SetAuthCookie(model.EmailAddress, false);
                SetLoginCookie(user.UserName);
                //var d = from p in db.Users where p.UserName == GetLoginUser() select p.CustomerID;
                //int id = (from u in db.Users where u.UserName == user.UserName select u.CustomerID).FirstOrDefault();

                var cus = _cus.Find(loginUser.CustomerID); // db.Customers.Find(id);
                if (cus == null)
                    return RedirectToAction("Create", "Customer");
                else
                    return RedirectToAction("Index", "Order");
            }
            else
            {
                ModelState.AddModelError("", "Login data is incorrect!");
            }

            return View(user);
        }
        public ActionResult Register(User model)
        {
            //NorthWNDContext db = new NorthWNDContext();
            if (ModelState.IsValid)
            {
                // Attempt to register the user
                try
                {
                    //WebSecurity.CreateUserAndAccount(model.UserName, model.Password);
                    //WebSecurity.Login(model.UserName, model.Password);
                    FormsAuthentication.SetAuthCookie(model.UserName, false);
                    //FormsAuthentication.SetAuthCookie(model.EmailAddress, false);
                    SetLoginCookie(model.UserName);
                    model.Roles = false;
                    _usr.Add(model);
                    return RedirectToAction("Create", "Customer");

                }
                catch (MembershipCreateUserException e)
                {
                    ModelState.AddModelError("", ErrorCodeToString(e.StatusCode));
                }
            }

            // If we got this far, something failed, redisplay form
            return View(model);
        }