public static bool Login(string username, string password, bool rememberAccount) { Logout(); if (Authenticate.IsAuthenticated(username, password)) { FormsAuthentication.Initialize(); var ticket = new FormsAuthenticationTicket(1, Constant.BCS_CURRENT_USER + username + Constant.BCS_MEMBER_SEPARATOR + password, DateTime.Now, DateTime.Now.AddMinutes(HttpContext.Current.Session.Timeout), rememberAccount, "", FormsAuthentication.FormsCookiePath); string encrypetedTicket = FormsAuthentication.Encrypt(ticket); if (!FormsAuthentication.CookiesSupported) { //If the authentication ticket is specified not to use cookie, set it in the URL FormsAuthentication.SetAuthCookie(encrypetedTicket, false); } else { var authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encrypetedTicket) { HttpOnly = true, Path = "/", Expires = ticket.Expiration, Shareable = true }; HttpContext.Current.Response.Cookies.Add(authCookie); } // Write cookie Login Infomation if (rememberAccount) { var cookie = new HttpCookie(Constant.BCS_LOGIN_INFO); cookie.Values.Add(Constant.BCS_LOGIN_USERNAME, SecurityMethod.Base64Encode(username)); cookie.Values.Add(Constant.BCS_LOGIN_PASSWORD, SecurityMethod.Base64Encode(password)); cookie.Expires = DateTime.Now.AddDays(30); HttpContext.Current.Response.Cookies.Add(cookie); } return(true); } return(false); }