public ActionResult Login(LoginViewModel model, string returlUrl) { //TODO: Pull the user from the DB only once if (ModelState.IsValid) { User userToken = Authenticator.CanLogin(model); if (userToken != null) { SessionManager.Login(userToken); return(Redirect(returlUrl ?? Url.Action("About", "Home"))); } else { ViewBag.Incorrect = true; return(View()); } } else { return(View()); } }