public void Create(string email, string password)
{
try
{
Session["token"] = User.Authenticate(email, password);
Flash["success"] = "You have successfully logged in.";
Redirect("Admin", "Dashboard");
}
catch (SecurityException)
{
Flash["error"] = "Invalid email or password.";
RedirectToAction("New");
}
}