public ActionResult Login(string userName, string password) { if (string.IsNullOrEmpty(userName)) { ModelState.AddModelError("UserName", "Missing user name"); return(Index()); } if (string.IsNullOrEmpty(password)) { ModelState.AddModelError("Password", "Missing password"); return(Index()); } var user = new User(); var service = new UserService(); var result = service.Check(userName, password, out user); if (GetModelError(result)) { return(Index()); } var userViewResult = EntityHelper.CopyEntity(user, new UserViewResult()); userViewResult.Password = string.Empty; var cookie = UserAuthentication.CreateCookie(userViewResult); HttpContext.Response.Cookies.Remove(cookie.Name); HttpContext.Response.Cookies.Add(cookie); return(RedirectToAction("Index", "Home")); }