I don't think logging the user on both the sides would be a good idea. Since you're using the ASP.NET Technology you must know there is a Web API designed for ASP.NET developers that you can make use of. They provide some details in JSON too that you can use here.
If this was my application, I would have used any service (Web Pages, Web Forms, MVC) for my website in ASP.NET and I would have designed the Android Application to be as much Session enabled as it could be.
After that, I would develop the API for my website that would help me to take out the data from the Database by executing a set of commands. You should know HTTPS is powerfull enough to power entire Framework and you can definitely use it in your applications. Web API is a feature of ASP.NET that lets you to use HTTPS and allow the cross (remote) devices to connect to your service and communicate. Just like any other Application on the Internet.
After that you can create some objects, classes to work with and using the Web API, you can simply forward the user's token to the website and work with it on the website. You don't need to login him on the both sides (mobile and website) you can simply use the API token for the user and work with it. Database work and other stuff would be managed on the Desktop and the result would be passed back to the user in the format of JSON. In Android application, you can use any plugin for Java to work with JSON or you can develop your own plugin to work with JSON and extract the data from the JSON tree.
Remember, Web API is powerfull enough to run both devices on the same time. So you won't have to login the user on both sides, API would handle it. You just need to handle the request and the response from the server. If you're a newbie to the ASP.NET then I would ask you to first learn ASP.NET MVC which is an enterprise level of the ASP.NET and allows you to work with business level projects easily. Good luck brother!
http://www.asp.net/web-api[
^]