public IHttpActionResult PutUser(int id, UserModel user)
        {
            // Allow only for authorized user
            var userToCheck = _userRepository.FirstOrDefault(u => u.UserName == User.Identity.Name);
            if (!userToCheck.Authorized)
            {
                return Unauthorized();
            }

            // Validate the request
            if (!ModelState.IsValid)
            {
                return BadRequest(ModelState);
            }

            if (id != user.Id)
            {
                return BadRequest();
            }

            // Get the DB user, update it according to the input UserModel object,
            //   and then update the DB user in the database
            var dbUser = _userRepository.GetByID(id);
            if (dbUser == null)
            {
                return NotFound();
            }
            dbUser.Update(user);
            _userRepository.Update(dbUser);

            // Save database changes
            try
            {
                _unitOfWork.Commit();
            }
            catch (DBConcurrencyException e)
            {
                if (!UserExists(id))
                {
                    return NotFound();
                }
                else
                {
                    throw new Exception("Unable to update the user in the database", e);
                }
            }
            return StatusCode(HttpStatusCode.NoContent);
        }
        public IHttpActionResult PostUser(UserModel user)
        {
            // Validate request
            if (!ModelState.IsValid)
            {
                return BadRequest(ModelState);
            }

            //Set up new User object, populated from input user
            User dbUser = new User();
            dbUser.Update(user);

            // Add the new User object to the DB
            _userRepository.Add(dbUser);

            // Save the changes in the database
            try
            {
                _unitOfWork.Commit();
            }
            catch (Exception e)
            {
                throw new Exception("Unable to add the user to the database", e);
            }

            // Set user ID in UserModel object with the ID
            //  that was set in the DB user after db.SaveChanges
            user.Id = dbUser.Id;
            return CreatedAtRoute("DefaultApi", new { id = user.Id }, user);
        }