Service Stack

This is just a collection of notes around using MVC with ServiceStack for authentication and authorization.

Authentication in MVC

Authenticate / Require Role / Require Permission

// GET: /Admin/Doctors/List
public ActionResult List() {
return View();

How can I overwrite Login Url in ServiceStack.MVC authentication?

Sample Code:

public abstract class ControllerBase : ServiceStackController<CustomAuthSession> {
    public override string LoginRedirectUrl {
        get { return "/account/login?redirectTo={0}"; }

More details on Answer on Stack Overflow

More info on authentication and authorization in the Service Stack documentation

Authentication using Credentials Auth

Sample of Successful Registration




Content-headers:   application/json
encoding:  utf-8
method: POST


{"UserName":"philhack","FirstName":"Phil","LastName":"Hack","DisplayName":"Phil Hack","Email":"","Password":"somepassword","AutoLogin":false,"Continue":""}

Sample Successful Response

Status: 200 OK
    "UserId": "1",
    "ReferrerUrl": "",
    "ResponseStatus": {}

Sample Failure Response When User Already Exists

Status Code: 400

    "ResponseStatus": {
        "ErrorCode": "ValidationException",
        "Message": "Validation failed: \r\n -- UserName already exists\r\n -- Email already exists",
        "Errors": [{
            "ErrorCode": "AlreadyExists",
            "FieldName": "UserName",
            "Message": "UserName already exists"
        }, {
            "ErrorCode": "AlreadyExists",
            "FieldName": "Email",
            "Message": "Email already exists"

Sample of successful authentication

How to authentication using Crediantials Service Stack Auth Provider

Request Uri:  http://localhost:51737/api/auth/credentials
Accept Content-Type:  application/json
Request Method:  POST

Request Parameters:

UserName:  philhack
Password:   password
RememberMe:   false

Content Headers

Content-type:   application/x-www-form-urlencoded
Encoding: utf-8

Success Response:

StatusCode: 200
Response Body:
    "UserId": "1",
    "SessionId": "Pbu14a9gyJ8YvvMFPyTi",
    "UserName": "philhack",
    "ResponseStatus": {}

Invalid Credentials response

Status Code: 401
Response Body:
    "ResponseStatus": {
        "ErrorCode": "Invalid UserName or Password",
        "Message": "Invalid UserName or Password",
        "Errors": []