public ActionResult Authenticate(string login, string password) { string passwordHash = EncodeMD5(password); //check user exists and password is correct if (db.People.Any(p => p.Login == login)) { Person user = db.People.SingleOrDefault(u => u.Login == login && u.Password == passwordHash); if (user == null) { ViewBag.ErrorLoginOrPassword = ErrorMessages.AuthenticateError(); return(View()); } else { FormsAuthentication.SetAuthCookie(user.ID.ToString(), false); Session["ID"] = user.ID.ToString(); Session["Login"] = user.FullName.ToString(); if ((db.Students.FirstOrDefault(p => p.ID == user.ID)) != null) { Session["Type"] = "Student"; } else { Session["Type"] = "Instructor"; } return(RedirectToAction("Index", "Home")); } } else { ViewBag.ErrorLoginOrPassword = ErrorMessages.AuthenticateError(); return(View()); } }