public bool SetSessionVariableUser(string username)
        {
            HttpClient client = new HttpClient();
            //url for getting user info from AD
            var url = ConfigurationManager.AppSettings["api_base_" + ConfigurationManager.AppSettings["env"].ToString()].ToString() + "login/userinfo?username="******"&json=true";
            HttpResponseMessage res = client.GetAsync(url).Result;

            if (res.IsSuccessStatusCode)
            {
                string  strJson        = res.Content.ReadAsStringAsync().Result;
                dynamic jObj           = (JObject)JsonConvert.DeserializeObject(strJson);
                JavaScriptSerializer j = new JavaScriptSerializer();
                object a    = j.Deserialize(strJson, typeof(object));
                var    dict = JsonConvert.DeserializeObject <Dictionary <string, object> >(strJson);

                ADUserObject userObject = new ADUserObject();
                userObject.Username       = dict["sAMAccountName"].ToString();
                userObject.LastName       = dict["sn"].ToString();
                userObject.GivenName      = dict["givenName"].ToString();
                userObject.EmployeeNbr    = dict["employeeNumber"].ToString();
                userObject.Email          = dict["mail"].ToString();
                userObject.IsActive       = true;
                userObject.Department     = dict["department"].ToString();
                userObject.AddedBy        = 0;
                userObject.DateAdded      = DateTime.Now;
                userObject.Source         = "AD";
                userObject.Type           = "user";
                userObject.ThumbnailPhoto = dict["thumbnailPhoto"].ToString();

                int IsInLocal = userModel.CheckIdFromLocal(dict["mail"].ToString());
                //int IsInLocal = 0;
                if (IsInLocal <= 0)
                {
                    IsInLocal = userModel.AddUser(userObject);
                }

                HttpContext.Current.Session.Add("userId_local", IsInLocal);
                HttpContext.Current.Session.Add("cn", dict["cn"]);
                HttpContext.Current.Session.Add("title", dict["title"]);
                HttpContext.Current.Session.Add("department", dict["department"]);
                HttpContext.Current.Session.Add("company", dict["company"]);
                HttpContext.Current.Session.Add("employeeNumber", dict["employeeNumber"]);
                HttpContext.Current.Session.Add("mail", dict["mail"]);
                HttpContext.Current.Session.Add("thumbnailPhoto", dict["thumbnailPhoto"]);
            }

            return(true);
        }
        public JsonResult Attempt(string username, string password, string returnurl, bool isauto)
        {
            try
            {
                string userType = "";
                if (ModelState.IsValid)
                {
                    //++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ api login
                    var e = new Library.EncryptDecrypt.EncryptDecryptPassword();

                    var hndlr = new HttpClientHandler();
                    hndlr.UseDefaultCredentials = true;

                    var client = new HttpClient(hndlr);
                    client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue(mediaType: "application/json"));

                    string pw = password;

                    if (!isauto)
                    {
                        pw = Server.UrlEncode(e.EncryptPassword(password));
                    }

                    string url = ConfigurationManager.AppSettings[ConfigurationManager.AppSettings["env"].ToString() + "_api_base_url"].ToString() + "login/Authenticate?username="******"&password="******"&json=true";
                    HttpResponseMessage res = client.GetAsync(url).Result;

                    if (res.IsSuccessStatusCode)
                    {
                        string  strJson = res.Content.ReadAsStringAsync().Result;
                        dynamic jObj    = (JObject)JsonConvert.DeserializeObject(strJson);

                        var    j = new JavaScriptSerializer();
                        object a = j.Deserialize(strJson, typeof(object));

                        Dictionary <string, object> dict = JsonConvert.DeserializeObject <Dictionary <string, object> >(strJson);

                        if (bool.Parse(dict["success"].ToString()))
                        {
                            //url for getting user info from AD
                            url = ConfigurationManager.AppSettings[ConfigurationManager.AppSettings["env"].ToString() + "_api_base_url"].ToString() + "login/userinfo?username="******"&json=true";
                            res = new HttpResponseMessage();
                            res = client.GetAsync(url).Result;
                            if (res.IsSuccessStatusCode)
                            {
                                strJson = res.Content.ReadAsStringAsync().Result;
                                jObj    = (JObject)JsonConvert.DeserializeObject(strJson);
                                a       = j.Deserialize(strJson, typeof(object));
                                dict    = JsonConvert.DeserializeObject <Dictionary <string, object> >(strJson);


                                var userObject = new ADUserObject();

                                //userObject.Username = dict["sAMAccountName"].ToString();
                                //userObject.LastName = dict["sn"].ToString();
                                //userObject.GivenName = dict["givenName"].ToString();
                                //userObject.EmployeeNbr = dict["employeeNumber"].ToString();
                                //userObject.Email = dict["mail"].ToString();
                                //userObject.Department = dict["department"].ToString();

                                try { userObject.Username = dict["sAMAccountName"].ToString(); } catch { userObject.Username = ""; }
                                try { userObject.LastName = dict["sn"].ToString(); } catch { userObject.LastName = ""; }
                                try { userObject.GivenName = dict["givenName"].ToString(); } catch { userObject.GivenName = ""; }
                                try { userObject.EmployeeNbr = dict["employeeNumber"].ToString(); } catch { userObject.EmployeeNbr = ""; }
                                try { userObject.Email = dict["mail"].ToString(); } catch { userObject.Email = ""; }
                                try { userObject.Department = dict["department"].ToString(); } catch { userObject.Department = ""; }
                                try { userObject.ThumbnailPhoto = dict["thumbnailPhoto"].ToString(); } catch { userObject.ThumbnailPhoto = ""; }

                                userObject.IsActive  = true;
                                userObject.AddedBy   = 0;
                                userObject.DateAdded = DateTime.Now;
                                userObject.Source    = "AD";



                                int isInLocal = userModel.CheckIdFromLocal(dict["mail"].ToString());

                                if (isInLocal <= 0)
                                {
                                    userObject.Type = "user";
                                    isInLocal       = userModel.AddUser(userObject);
                                    userType        = userModel.GetUserDetail(isInLocal, col: "Type");
                                }
                                else
                                {
                                    userType = userModel.GetUserDetail(isInLocal, col: "Type");

                                    userObject.Id   = isInLocal;
                                    userObject.Type = userType;

                                    isInLocal = userModel.UpdateUser(userObject);
                                }

                                string userCode = userModel.GetUserDetail(isInLocal, col: "Code");

                                HttpContext.Session.Add(name: "loggedIn", value: true);
                                HttpContext.Session.Add(name: "userId_local", value: isInLocal);
                                HttpContext.Session.Add(name: "user_code", value: userCode);
                                HttpContext.Session.Add(name: "user_type", value: userType);

                                //HttpContext.Session.Add(name: "cn", value: dict["cn"]);
                                //HttpContext.Session.Add(name: "title", value: dict["title"]);
                                //HttpContext.Session.Add(name: "department", value: dict["department"]);
                                //HttpContext.Session.Add(name: "company", value: dict["company"]);
                                //HttpContext.Session.Add(name: "employeeNumber", value: dict["employeeNumber"]);
                                //HttpContext.Session.Add(name: "mail", value: dict["mail"]);

                                /// try catch for checking of thumbnail photo of the user
                                try { HttpContext.Session.Add(name: "cn", value: dict["cn"]); } catch { HttpContext.Session.Add(name: "cn", value: ""); }
                                try { HttpContext.Session.Add(name: "title", value: dict["title"]); } catch { HttpContext.Session.Add(name: "title", value: ""); }
                                try { HttpContext.Session.Add(name: "department", value: dict["department"]); } catch { HttpContext.Session.Add(name: "department", value: ""); }
                                try { HttpContext.Session.Add(name: "company", value: dict["company"]); } catch { HttpContext.Session.Add(name: "company", value: ""); }
                                try { HttpContext.Session.Add(name: "employeeNumber", value: dict["employeeNumber"]); } catch { HttpContext.Session.Add(name: "employeeNumber", value: ""); }
                                try { HttpContext.Session.Add(name: "mail", value: dict["mail"]); } catch { HttpContext.Session.Add(name: "mail", value: ""); }
                                try { HttpContext.Session.Add(name: "thumbnailPhoto", value: dict["thumbnailPhoto"]); } catch { HttpContext.Session.Add(name: "thumbnailPhoto", value: ""); }



                                HttpContext.Session.Add(name: "username", value: username);

                                FormsAuthentication.SetAuthCookie(username, true);

                                //set account credentials into browser cookie
                                var logInCookie = new HttpCookie(name: "logInCookie");
                                logInCookie.Values["UName"]     = username;
                                logInCookie.Values["PWord"]     = pw;
                                logInCookie.Values["lastVisit"] = DateTime.Now.ToString();
                                logInCookie.Expires             = DateTime.Now.AddDays(value: 30);
                                Response.Cookies.Add(logInCookie);

                                //return Redirect(returnUrl);
                                if (returnurl == "" || returnurl == null || returnurl == "/")
                                {
                                    response.Add(key: "message", value: ConfigurationManager.AppSettings[ConfigurationManager.AppSettings["env"].ToString() + "_base_url"].ToString());
                                }
                                else
                                {
                                    response.Add(key: "message", value: ConfigurationManager.AppSettings[ConfigurationManager.AppSettings["env"].ToString() + "_base_url"].ToString() + returnurl);
                                }
                                response.Add(key: "success", value: true);
                                response.Add(key: "error", value: false);
                            }
                            else
                            {
                                throw new Exception("Page return: " + res.IsSuccessStatusCode);
                            }
                        }
                        else
                        {
                            //throw new Exception(dict["message"].ToString());
                            // check for local db

                            DataTable dtLocal = userModel.AuthenticateUserToLocalDB(username, password);

                            if (dtLocal.Rows.Count > 0)
                            {
                                foreach (DataRow row in dtLocal.Rows)
                                {
                                    if (bool.Parse(row["IsActive"].ToString()))
                                    {
                                        HttpContext.Session.Add(name: "loggedIn", value: true);
                                        HttpContext.Session.Add(name: "userId_local", value: row["Id"]);
                                        HttpContext.Session.Add(name: "user_code", value: row["Code"]);
                                        HttpContext.Session.Add(name: "user_type", value: row["Type"]);
                                        HttpContext.Session.Add(name: "cn", value: row["LastName"] + ", " + row["GivenName"]);
                                        HttpContext.Session.Add(name: "title", value: "Guard");
                                        HttpContext.Session.Add(name: "department", value: row["Department"]);
                                        HttpContext.Session.Add(name: "company", value: "AMPI");
                                        HttpContext.Session.Add(name: "employeeNumber", value: 0);
                                        HttpContext.Session.Add(name: "mail", value: "");
                                        HttpContext.Session.Add(name: "thumbnailPhoto", value: "");

                                        FormsAuthentication.SetAuthCookie(username, true);

                                        if (returnurl == "" || returnurl == null || returnurl == "/")
                                        {
                                            response.Add(key: "message", value: ConfigurationManager.AppSettings[ConfigurationManager.AppSettings["env"].ToString() + "_base_url"].ToString());
                                        }
                                        else
                                        {
                                            response.Add(key: "message", value: ConfigurationManager.AppSettings[ConfigurationManager.AppSettings["env"].ToString() + "_base_url"].ToString() + returnurl);
                                        }
                                        response.Add(key: "success", value: true);
                                        response.Add(key: "error", value: false);
                                    }
                                    else
                                    {
                                        throw new Exception(message: "Your account is currently inactive. Please contact your system administrator.");
                                    }
                                }
                            }
                            else
                            {
                                throw new Exception(message: "User does not exist on the local database.");
                            }
                        }
                    }
                    else
                    {
                        throw new Exception("Page return: " + res.IsSuccessStatusCode);
                    }
                    //++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ api login
                }
                else
                {
                    //ModelState.AddModelError("", "Log In Failed");
                    throw new Exception(message: "ModelState is invalid!");
                }
            }
            catch (Exception e)
            {
                response.Add(key: "success", value: false);
                response.Add(key: "error", value: true);
                if (e.ToString().IndexOf(value: "The supplied credential is invalid") != -1)
                {
                    response.Add(key: "message", value: "Username and/or password is incorrect!");
                    var logInCookie = new HttpCookie(name: "logInCookie");
                    logInCookie.Expires = DateTime.Now.AddDays(-1);
                }
                else
                {
                    var logInCookie = new HttpCookie(name: "logInCookie");
                    response.Add(key: "message", value: "Username and/or password is incorrect!");
                    // return Redirect(returnUrl);
                    logInCookie.Expires = DateTime.Now.AddDays(-1);
                }
            }

            return(Json(response, JsonRequestBehavior.AllowGet));
        }