对于这个项目，我建议你继续使用ASP.NET Web API [ ^ ]。 Web API将允许您使用REST服务，并以JSON格式发送响应，并接受具有JSON格式的请求的请求，例如要发送的对象。用户名和密码数据。



您可以使用HTTP客户端从任何应用程序使用这些服务;在.NET框架中，它是 HttpClient [ ^ ]。虽然您正确存储cookie，但由于您将使用Web API而不是MVC应用程序，我建议您避免使用Cookie; Cookie没有任何意义，您的应用程序不会是任何类型的浏览器，只是您的服务的离线版本或旁边的东西。因此，如果您存储令牌（对于登录的用户）并使用它来发出其他请求会更好，这将确保登录的用户正在使用该信息。它不会还需要任何其他凭据信息，因为它将与您拥有的令牌一起存储在您的服务器上。



ASP.NET MVC可以备份Web API，所以如果公平的话，你现在拥有的应用程序。只需添加另一个控制器，这次只需 ApiController 。您也可以为API设置路由，并且可以将其他API相关代码添加到ASP.NET MVC应用程序中。这意味着，如果您要将您的应用程序用作Web应用程序，那么您就可以开始了。如果您想将它用作第三方应用程序的API，那么您允许它们使用您的API;主要是您允许在URL 域/ api / controller / action 中的API请求，以区分您对请求的响应方式。 ASP.NET团队编写了一篇关于开始使用ASP.NET Web API的非常有用的文章。请阅读该文章 [ ^ ]了解它。它类似于MVC，你甚至都不会注意到它的差异，但结果值得花时间投入。:)

For this project, I would suggest that you continue with using ASP.NET Web API[^]. Web API would let you use REST services, and send responses in JSON format and also accept the request with JSON format of objects that are to be sent e.g. username and password data.

You can consume these services from any application, using an HTTP client; in .NET framework it is HttpClient[^]. Although you are right in storing the cookies, but since you're going to consume the Web API and not the MVC application, I suggest you avoid using Cookies; Cookies don't make any sense, your application is not going to be any kind of browser but just an offline-version of your service or something next to it. So it would be better if you store the Token (for the user logged in) and use it to make other requests, which would ensure that the user logged in is using the information. It won't also require any other credential information because it would be stored on your server along with Token you're having.

Web API can be backed-up by ASP.NET MVC, so the application you're having right now if fair enough. Just add another controller, only this time an ApiController. You can set the routings for your API too and other API related code can be added to your ASP.NET MVC application. Which means, that if you're going to use your application as a web app, you're good to go. If you want to use it as your API for third-party applications, then you allow them to consume your API; mostly you allow API requests at a URL domain/api/controller/action to distinguish between how you would respond to a request. ASP.NET team has written a very useful article about getting started using ASP.NET Web API. Please read that article[^] to learn about it. It is similar to MVC, and you won't even notice the difference, but the results would be worth investing your time in. :)