private ActionResult ValidateUser(UserLoginModel Model, string ReturnUrl) { SetTermOfUse(); string formId = "", pageNumber; if (ReturnUrl == null || !ReturnUrl.Contains("/")) { ReturnUrl = "/Home/Index"; } else { formId = ReturnUrl.Substring(0, ReturnUrl.IndexOf('/')); pageNumber = ReturnUrl.Substring(ReturnUrl.LastIndexOf('/') + 1); } try { Epi.Web.Enter.Common.Message.UserAuthenticationResponse result = _isurveyFacade.ValidateUser(Model.UserName, Model.Password); if (result.UserIsValid) { if (result.User.ResetPassword) { UserResetPasswordModel model = new UserResetPasswordModel(); model.UserName = Model.UserName; model.FirstName = result.User.FirstName; model.LastName = result.User.LastName; ReadPasswordPolicy(model); return(ResetPassword(model)); } else { FormsAuthentication.SetAuthCookie(Model.UserName, false); string UserId = Epi.Web.Enter.Common.Security.Cryptography.Encrypt(result.User.UserId.ToString()); Session["UserId"] = UserId; //Session["UsertRole"] = result.User.Role; Session["UserHighestRole"] = result.User.UserHighestRole; Session["UserEmailAddress"] = result.User.EmailAddress; Session["UserFirstName"] = result.User.FirstName; Session["UserLastName"] = result.User.LastName; Session["UGuid"] = result.User.UGuid; return(RedirectToAction(Epi.Web.MVC.Constants.Constant.INDEX, "Home", new { surveyid = formId })); //return Redirect(ReturnUrl); } } //else { ModelState.AddModelError("", "The email or password you entered is incorrect."); Model.ViewValidationSummary = true; return(View(Model)); } } catch (Exception) { ModelState.AddModelError("", "The email or password you entered is incorrect."); Model.ViewValidationSummary = true; return(View(Model)); throw; } }