For this project, I would suggest that you continue with using
ASP.NET Web API[
^]. Web API would let you use REST services, and send responses in JSON format and also accept the request with JSON format of objects that are to be sent e.g. username and password data.
You can consume these services from any application, using an HTTP client; in .NET framework it is
HttpClient[
^]. Although you are right in storing the cookies, but since you're going to consume the Web API and not the MVC application, I suggest you avoid using Cookies; Cookies don't make any sense, your application is not going to be any kind of browser but just an offline-version of your service or something next to it. So it would be better if you store the Token (for the user logged in) and use it to make other requests, which would ensure that the user logged in is using the information. It won't also require any other credential information because it would be stored on your server along with Token you're having.
Web API can be backed-up by ASP.NET MVC, so the application you're having right now if fair enough. Just add another controller, only this time an
ApiController
. You can set the routings for your API too and other API related code can be added to your ASP.NET MVC application. Which means, that if you're going to use your application as a web app, you're good to go. If you want to use it as your API for third-party applications, then you allow them to consume your API; mostly you allow API requests at a URL
domain/api/controller/action
to distinguish between how you would respond to a request. ASP.NET team has written a very useful article about getting started using ASP.NET Web API. Please
read that article[
^] to learn about it. It is similar to MVC, and you won't even notice the difference, but the results would be worth investing your time in. :)