API端：

namespace WebApplication3.Controllers
{
    [RoutePrefix("api/user")]
    public class UserController : ApiController
    {
        [Route("userAccount")]
        [HttpGet]
        public Task<HttpResponseMessage> Index() {

            FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
                                                                            1,
                                                                            "yujiajun",
                                                                            DateTime.Now,
                                                                            DateTime.Now.Add(FormsAuthentication.Timeout),
                                                                            false,
                                                                            "deadfish",
                                                                            FormsAuthentication.FormsCookiePath);
            CookieHeaderValue cookie = new CookieHeaderValue(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket));
            var response = new HttpResponseMessage()
            {
                Content =new StringContent("deadfish"),
            };
            response.Headers.AddCookies(new List<CookieHeaderValue>() { cookie });
            return Task.FromResult(response);
        }
        [Login]
        [Route("test")]
        [HttpPost]
        public Task<HttpResponseMessage> Test()
        {
            return Task.FromResult(new HttpResponseMessage());
        }
    }
}

public Task<HttpResponseMessage> ExecuteAuthorizationFilterAsync(HttpActionContext actionContext, CancellationToken cancellationToken, Func<Task<HttpResponseMessage>> continuation)
        {
            CookieHeaderValue cookie = actionContext.Request.Headers.GetCookies(FormsAuthentication.FormsCookieName).FirstOrDefault();
            if (cookie != null) //已登录
            {
                FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(cookie.Cookies.First().Value);//获取到登录数据
            }
            return continuation.Invoke();
        }

static void Main(string[] args)
        {
            //模拟登录
            HttpClientHandler handler = new HttpClientHandler();
            HttpClient Client = new HttpClient(handler);
            HttpRequestMessage request = new HttpRequestMessage();
            request.RequestUri = new Uri("http://localhost:6783/api/user/userAccount");
            request.Method = HttpMethod.Post;
            Task<HttpResponseMessage> task = Client.GetAsync("http://localhost:6783/api/user/userAccount");
            string result = task.Result.Content.ReadAsStringAsync().Result;
            CookieCollection cookies = handler.CookieContainer.GetCookies(request.RequestUri);
            foreach (Cookie item in cookies)
            {
                Authorization(item.Name, item.Value);
            }
            Console.WriteLine(result);
            Console.ReadLine();
        }
//模拟获取数据
        private static void Authorization(string cookieName, string cookieValue)
        {
            var cookie = new Cookie(cookieName, cookieValue);
            cookie.Path = "/";
            cookie.Domain = "localhost";
            var cookieContainer = new CookieContainer();
            cookieContainer.Add(cookie);
            HttpMessageHandler handler = new HttpClientHandler() { CookieContainer = cookieContainer };
            HttpClient httpClient = new HttpClient(handler);
            HttpRequestMessage request = new HttpRequestMessage();
            request.RequestUri = new Uri("http://localhost:6783/api/user/test");
            request.Method = HttpMethod.Post;
            Task<HttpResponseMessage> task = httpClient.SendAsync(request);
            string result = task.Result.Content.ReadAsStringAsync().Result;
        }