You don't need additional consent for authentication: this is implicit in the act of authenticating. Same goes for things like shopping baskets.
To be legally compliant you should identify those cookies and describe them in your privacy policy.
Cookie Control doesn't need to interact much with them - in the context of that kind of cookie it probably serves more as an awareness raising mechanism than anything else.
You don't need additional consent for authentication: this is implicit in the act of authenticating. Same goes for things like shopping baskets.
To be legally compliant you should identify those cookies and describe them in your privacy policy.
Cookie Control doesn't need to interact much with them - in the context of that kind of cookie it probably serves more as an awareness raising mechanism than anything else.
Hope that helps.