public bool Authenticate(string UserName, string Password, bool IsAdmin = false) { var customer = !IsAdmin?_customerRepository.GetCustomerByUserNamePassword(UserName, Password) as IPerson : _adminUserRepository.GetAdminUser(UserName, Password); if (customer == null) { return(false); } CustomPrincipal principal = new CustomPrincipal(new GenericIdentity(customer.Email, "User"), new string[] { "User" }); principal.Customer = customer; System.Web.HttpContext.Current.Session["currentUser"] = principal; return(true); }