public ActionResult LogOn(LogOnModel model, string returnUrl)
        {
            if (ValidateLogOn(model))
            {
                FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);

                if (string.IsNullOrEmpty(returnUrl))
                {
                    return RedirectToAction("Index", "Home");
                }
                else
                {
                    return Redirect(returnUrl);
                }
            }
            else
            {
                return RedirectToAction("Index", "Home");
            }

            // If we got this far, something failed, redisplay form
            return View(model);
        }
        private bool ValidateLogOn(LogOnModel model)
        {
            if (string.IsNullOrEmpty(model.UserName))
                ModelState.AddModelError("username", "User name required");

            if (string.IsNullOrEmpty(model.Password))
                ModelState.AddModelError("password", "Password required");

            if (ModelState.IsValid && !FormsAuthentication.Authenticate(model.UserName, model.Password))
                ModelState.AddModelError("_FORM", "Wrong user name or password");

            return ModelState.IsValid;
        }