public ActionResult Login(LoginModel model, string returnUrl) { if (!ModelState.IsValid) { return(View(model)); } User user = new User() { UserName = model.UserName, Password = model.Password }; var authenticateService = new AuthenticateService(); user = authenticateService.GetUserDetails(user); if (user != null) { FormsAuthentication.SetAuthCookie(model.UserName, false); var authTicket = new FormsAuthenticationTicket(1, user.UserName, DateTime.Now, DateTime.Now.AddMinutes(20), false, user.Roles); string encryptedTicket = FormsAuthentication.Encrypt(authTicket); var authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket); HttpContext.Response.Cookies.Add(authCookie); return(RedirectToAction("Index", "Home")); } else { ModelState.AddModelError("", "Invalid login attempt."); return(View(model)); } }