Token based form authentication and cookies in asp.net mvc

The user logs in to the website account; you can encrypt and store cookie in client browser using asp.net token based authentication. The asp.net custom authentication provider allows to pass parameters such as multiple user roles separated by comma (additional user data), issue date, expiry date, is persisting or not and cookie path.

string userData = "A,V"; //string.Join("|",GetCustomUserRoles());
FormsAuthenticationTicketticket = new FormsAuthenticationTicket(
                          1,                                     // ticket version
                          login.First().Name,                              // authenticated username
                          DateTime.Now,                          // issueDate
                          DateTime.Now.AddDays(28),           //expiryDate
                          true,                          // true to persist across browser sessions
                          userData,                              // can be used to store additional user data
                          FormsAuthentication.FormsCookiePath);  // thepath for the cookie

 // Encrypt the ticket using the machine key
    string encryptedTicket = FormsAuthentication.Encrypt(ticket);
 // Add the cookie to the request to save it
    HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
    cookie.HttpOnly = true;

    Response.Cookies.Add(cookie);