public async Task <ActionResult> Login(LoginViewModel model, string returnUrl)
        {
            if (!ModelState.IsValid)
            {
                return(View(model));
            }

            var helper = new WebApiHelper();
            var result = await helper.Authenticate(model.ApplicationId, model.Secret);

            if (!string.IsNullOrEmpty(result))
            {
                var ident = new ClaimsIdentity(new[] {
                    // adding following 2 claim just for supporting default antiforgery provider
                    new Claim(ClaimTypes.NameIdentifier, model.ApplicationId),
                    new Claim("http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider",
                              "ASP.NET Identity", "http://www.w3.org/2001/XMLSchema#string"),
                    new Claim(ClaimTypes.Name, model.ApplicationId),
                    new Claim("token", result),
                },
                                               DefaultAuthenticationTypes.ApplicationCookie
                                               );
                HttpContext.GetOwinContext().Authentication.SignIn(
                    new AuthenticationProperties {
                    IsPersistent = false
                }, ident);

                return(RedirectToAction("Message", "Home", result));
            }
            else
            {
                ModelState.AddModelError("", "Invalid login attempt.");
                return(View(model));
            }
        }