Token Based Authentication using Web API in ASP.Net MVC

Hi, I am creating a MVC web app and it should also be working on mobile devices so I am creating a api inside of it with token based authentication. I am doing it first time and a bit confused about Project structure I should follow.It is a small project and just have 2 module one is Admin and other is Reporting . I have some queries: 1) Where to store Token? like in Session or in cookies and send it with header every request? 2) What should be the life time of the token? 3) How to use that api by Business model in MVC web APP