I don't see any improvement you can made, in fact it seems to me you're properly using the pre request filter.
I've also implemented an authentication provider with ServiceStack reading the input data on a pre request filter, the same way you're doing it. Our client was also developed with Angular, we've a interceptor for http clients setting the Authorization header (we're using Restangular to be more specific).
The pre request filter allows you to grant that the service isn't reached for non authorized users. For more complex authorization schemas where you may want to authorize each service based on others permissions criteria i usually use a request attribute.
If i were you i would check the source code for authorization that ServiceStack is implementing and try to go from there.