- After receiving token JS sends auth request to ServiceStack
/auth/customauthprovider with token as parameter.
CustomAuthProvider validates this token on the server which issued the token and receives info about user, fills the session with user data and set that session is authenticated.
- All consequent calls from client to ServiceStack will be authenticated.
But need to handle this thing: if user renews the token on the client then script should call auth logout and auth login on ServiceStack server to update the user info otherwise the user still be able logged in with expired token.