public ActionResult SignIn(LoginModel model, string returnUrl) { if (ModelState.IsValid) { var info = _userService.ValidateUser(model.UserName, StringEncryptor.EncryptPassword(model.Password)); if (info != null) { if (!info.IsActive) { ModelState.AddModelError("", "The account is not allowed to access. Please contact Administrator."); } else { string userPermission = ""; var userRoleList = _userRoleService.GetMany(x => x.UserId == info.Id && !x.Role.Deleted); //foreach (var userRole in info.UserRoles.Where(x => !x.Role.Deleted)) foreach (var userRole in userRoleList) { userRole.Role = _roleService.Get(x => x.Id == userRole.RoleId && !x.Deleted); if (userRole.Role != null) { userRole.Role.RolePermissions = _rolePermissionService.GetMany(x => x.RoleId == userRole.RoleId); var rolePermission = userRole.Role.RolePermissions.Distinct().ToList(); //userPermission += GetRoleString(userRole.Role.RolePermissions) + ","; userPermission += GetRoleString(rolePermission) + ","; } } SecurityContext.CreateAuthenticationCookie(info.Username.ToUpper(), true, info.Id, userPermission.TrimEnd(','), info.FirstName, info.LastName, info.IsSLS); if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\")) { return(Redirect(returnUrl)); } return(RedirectToAction("Index", "Home")); } } else { ModelState.AddModelError("", "The user name or password provided is incorrect."); } } // If we got this far, something failed, redisplay form return(View(model)); }