public ActionResult Login(LoginModel model, string returnUrl) { if (ModelState.IsValid) { string decodedReturnUrl = this.Server.UrlDecode(returnUrl); bool isLocalUrl = !returnUrl.HasValue() || Url.IsLocalUrl(decodedReturnUrl); string passportToken = RdbmsWebSecurity.LoginAndCreateSSOToken(model.UserNameOrEmailOrCellPhoneNo, model.Password); if (!passportToken.HasValue()) { return(View(model)); } if (isLocalUrl) { if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\")) { return(Redirect(decodedReturnUrl)); } else { return(RedirectToAction("UserDetails", "Home", new { token = passportToken, userName = model.UserNameOrEmailOrCellPhoneNo })); } } else { string newRedirectedUrl = string.Format("{0}{1}token={2}&username={3}&remark={4}", decodedReturnUrl, "?", passportToken, model.UserNameOrEmailOrCellPhoneNo, "Success"); return(Redirect(newRedirectedUrl)); } } return(View(model)); }