How can MonoTouch supply cookie on each ServiceStack request?

Question

I've spent several days attempting to get to grips with ServiceStack and it seems great. Only issue is with authentication which seems to be a lot of friction, hard work and tears.

I want MonoTouch to register users, authenticate against ServiceStack/authenticate against OAuth and generally minimise calls to the database when authenticating.

So far I have got this:

       var client = new JsonServiceClient(newbaseUri);

// register a new user:

        var registration  = new Registration {
            FirstName = "john"
            UserName = "user" ,
            Password = "pass",
            Email =   "john@john.com",              
        };

        var registerResponse = client.Send<RegistrationResponse>(registration);

       --------------------------------

// user registered...later on I authenticate:

        var authResponse = client.Send<AuthResponse>(new Auth {
            UserName = "user",
            Password = "pass",
            RememberMe = true
        });

        var authResponse = clientlogin.Send<AuthResponse>(auth);

        --------------------------------    

// somehow I need to store 'authresponse' for later calls, not sure how without a browser 
// tried manually setting the cookies and credentials parameters later but no joy
// but now I need to call a secured ([Authenticate] decorated) service method:

        var client = new JsonServiceClient(newbaseUri);
        var response = client.Send<HelloResponse>(new Hello { Name = "World!" });           
        return response.Result;

-----------------------------------------

// heres the configuration

        var appSettings = new AppSettings();

        //Default route: /auth/{provider}
        Plugins.Add(new AuthFeature(() => new CustomUserSession(),
            new IAuthProvider[] {
                new CredentialsAuthProvider(appSettings),  // never seems to get called
                //new FacebookAuthProvider(appSettings),    // not sure how to get this to work on monotouch
                //new TwitterAuthProvider(appSettings),    // same issue as facebook
                new BasicAuthProvider(appSettings)    // works but what about caching/tokens/cookies?
            }));

        //Default route: /register
        Plugins.Add(new RegistrationFeature());    // how do i send extra params to this as created in mongodb collection


        var mongoClient = new MongoClient("mongodb://localhost");
        var server = mongoClient.GetServer();
        var db = server.GetDatabase("users");

        container.Register<ICacheClient>(new MemoryCacheClient());
        container.Register<IUserAuthRepository>(new MongoDBAuthRepository(db, true));

My question is:

1) How do I enable extra fields to be passed in along with registration (as the mongodb [Servicestack.Authentication.Mongodb] has lots of empty fields i.e. birthdate, firstline, city, timezone, etc) that are not present in ServiceStack.Common.ServiceClient.Web.Registration object?

2) How can I transfer the cookie (or even maybe a token system) sent in the 'authresponse' to subsequent calls in order to allow ServiceStack to match against the session for ongoing authentication rather than more ongoing database calls that what seems to be issue with 'basic authentication' method (i.e CredentialsAuthProvider doesnt get called on server side)?

Please help...I've read documentation, run tests, examined social bootstrap and now I'm seriously losing days over this and thinking of integrating SS with simplemembership or even throwing ServiceStack away completely for old skool soap/wcf which is far easier to implement by the looks of it :(

Answer 1

1) If you want to use the Registration Plugin I don't think you can add additional fields since the Registration request/class is already defined. You could make your own registration Service and call into the RegistrationService/Plugin. Also, this post might be helpful.

[Route("/myregistration")]
public class MyRegistration : Registration //Add Additional fields for registration
{
    public DateTime? BirthDate { get; set;  }
    public string Gender { get; set; } 
}

public class MyRegisterService : Service
{
    public IUserAuthRepository UserAuthRepo { get; set; }
    public object Post(MyRegistration request)
    {
        using (var registrationService = base.ResolveService<RegistrationService>())
        {
            //handle the registration 
            var response = registrationService.Post(request.TranslateTo<Registration>());
        }

        //save the additional data
        var userAuth = request.TranslateTo<UserAuth>();
        UserAuthRepo.SaveUserAuth(userAuth);

        //can make your own response or grab response from RegistrationService above    
        return new MyRegistrationResponse();
    }
}

2) You can authenticate your JsonServiceClient and reuse it to make multiple requests.

var client = new JsonServiceClient(newbaseUri);
var authResponse = client.Send<AuthResponse>(new Auth {
    UserName = "user",
    Password = "pass",
    RememberMe = true
}); //if successful your 'client' will have a populated CookieContainer with 'ss-id' and 'ss-pid' values

//reusing 'client' (after successful authentication) to make a request
//to a service requiring authentication
var response = client.Send<HelloResponse>(new Hello { Name = "World!" });

If reusing your 'client' is not an option you can try to store the ss-id. I don't know much about MonoTouch and how it stores 'browser sessions' so I'm not sure how you would accomplish this. After you authenticate and store the ss-id you can add it to the client using a Request Filter

//Get ss-id value
foreach(Cookie cookie in previousAuthenticatedClient.GetCookies(new Uri(newbaseUri)))
{
    if (cookie.Name == "ss-id") 
    {
        //store ss-id 
    }
}

var newClient = new JsonServiceClient(newbaseUri)
{
    LocalHttpWebRequestFilter = (req) =>
        {
            req.CookieContainer.Add(new Uri("http://localhost:56006"), new System.Net.Cookie("ss-id", ssId));
        }
};