Hello guys.
So I'm not sure if my login system is ok or not, i am using ASP.NET MVC API, and this is how I;m handling it:
when someone has logged on, You get an encrypted cookie with ur username and password, and then everytime u try and get the data from the API it'll get the user's cookie and see if its correct.
Is that a good way to do that?