public ActionResult Create(WebUser user)
 {
     try
     {
         user.pass = HexSerialization.StringToHex(Cryptography.Encrypt(user.pass));
         BizWebUser.Add(user);
         return RedirectToAction("Index");
     }
     catch
     {
         return View();
     }
 }
        public ActionResult Login(LoginViewModel model, string returnUrl)
        {
            if (!String.IsNullOrEmpty(model.UserName) && !String.IsNullOrEmpty(model.Password))
            {
                //user exists
                #region user exists
                WebUser userTarget = null;
                string contraseñaDesencriptada = "";

                if (model.UserName.ToLower() != "root")
                {
                    userTarget = BizWebUser.GetSingle(model.UserName);

                    if (userTarget == null)
                    {
                        ViewBag.ErrorMessage = "Usuario no existe";
                        model.companies = BizCompany.GetList().ToList();
                        return View(model);
                    }
                }
                else
                {
                    userTarget = new WebUser()
                    {
                        id = 999999,
                        name = "root",
                        pass = ConfigurationManager.AppSettings["RootKey"].ToString()
                    };
                }
                #endregion

                contraseñaDesencriptada = Cryptography.Decrypt(HexSerialization.HexToString(userTarget.pass));

                //authenticacion
                if (model.Password.Equals(contraseñaDesencriptada))
                {
                    WebUserCompany webUserCompany = null;

                    //Authorization
                    if (model.UserName.ToLower() != "root")
                        webUserCompany = BizWebUserCompany.GetSingle(userTarget.id, model.companyId);
                    else
                        webUserCompany = new WebUserCompany()
                        {
                            webUserId = 999999,
                            companyId = model.companyId,
                            admin = true,
                            customerCreator = true,
                            purchaseOrderCreator = true,
                            supervisor = true,
                            orderApprover = true,
                            slpCode = 0
                        };

                    if (webUserCompany == null)
                    {
                        model.companies = BizCompany.GetList().ToList();
                        return View(model);
                    }

                    #region SESSION OBJECTS
                    //List<CompanyParameter> companyParameters = BizCompanyParameter.GetList(model.companyId).ToList();

                    //Session["companyParameters"] = companyParameters;

                    Company co = BizCompany.GetSingle(model.companyId);

                    FormsAuthentication.SetAuthCookie(model.UserName, false);

                    int id = userTarget.id;
                    int isAdmin = webUserCompany.admin ? 1 : 0;
                    int customerCreator = webUserCompany.customerCreator ? 1 : 0;
                    int purchaseOrderCreator = webUserCompany.purchaseOrderCreator ? 1 : 0;
                    int orderApprover = webUserCompany.orderApprover ? 1 : 0;
                    int company = webUserCompany.companyId;
                    int slpCode = webUserCompany.slpCode;
                    int supervisor = webUserCompany.supervisor ? 1 : 0;

                    string userData = string.Format("{0}|{1}|{2}|{3}|{4}|{5}|{6}|{7}|{8}",
                        id.ToString().Trim(),
                        isAdmin.ToString().Trim(),
                        customerCreator.ToString().Trim(),
                        purchaseOrderCreator.ToString().Trim(),
                        company,
                        slpCode.ToString().Trim(),
                        co.name,
                        orderApprover.ToString().Trim(),
                        supervisor.ToString().Trim()
                        );

                    FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, model.UserName, DateTime.Now, DateTime.Now.AddMinutes(30), false, userData);

                    string encTicket = FormsAuthentication.Encrypt(ticket);
                    HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
                    HttpContext.Response.Cookies.Add(faCookie);

                    HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];

                    if (authCookie != null)
                    {
                        FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
                        CustomIdentity identity = new CustomIdentity(authTicket.Name, userData);
                        GenericPrincipal newUser = new GenericPrincipal(identity, new string[] { });
                        HttpContext.User = newUser;
                    }
                    #endregion
                    //ActivityLogBiz.SaveActivityLog(new ActivityLog() { idUsuario = id, accion = "Login", fecha = DateTime.Now });
                    if (!string.IsNullOrEmpty(returnUrl))
                        return RedirectToLocal(returnUrl);
                    else
                        return RedirectToAction("index", "Home");
                }
            }
            model.companies = BizCompany.GetList().ToList();
            return View(model);
        }