Don't store the UserId in the session.
Nancy uses Cookies for sessions, so they are sent to the client, you shouldn't send any sensitive information to the client regardless if the cookie is encrypted or not.
The default implementation for a cookie object serializer is Mono's binary serializer. At a guess, I would assume the serialization of the object creates a cookie that is too large. So maybe the cookie is not being created since its invalid.
Is there any reason why you cannot do this without storing it in session. This data should be able to come from the database easily. If I had a bunch of user settings I would persist the object itself in the database and then just query by ID.
You can argue that "oh but then I need to hit the database on every request", but in my opinion that's not a valid reason. Get by Id is as fast as it gets in a database and even with 100 million records that would return instantly.
Using a base module you could add a pre-hook to query for the user settings and attach them to a property making them accessible to all modules.