public async Task<IHttpActionResult> PutToDoList(int id, ToDoList toDoList)
        {
            if (!ModelState.IsValid)
            {
                return BadRequest(ModelState);
            }

            if (id != toDoList.Id)
            {
                return BadRequest();
            }

            var rowToEdit = await db.ToDoLists
                .Where(a => a.Id == id)
                .Select(b => new {
                    Id = b.Id,
                    UserId = b.UserId
                })
                .FirstOrDefaultAsync();

            if (rowToEdit.UserId != User.Identity.GetUserId())
            {
                return Unauthorized();
            }

            db.Entry(toDoList).State = EntityState.Modified;
            db.Entry(toDoList).Property("UserId").IsModified = false;
            try
            {
                await db.SaveChangesAsync();
            }
            catch (DbUpdateConcurrencyException)
            {
                if (!ToDoListExists(id))
                {
                    return NotFound();
                }
                else
                {
                    throw;
                }
            }

            return StatusCode(HttpStatusCode.NoContent);
        }
        public async Task<IHttpActionResult> PostToDoList(ToDoList toDoList)
        {
            if (!ModelState.IsValid)
            {
                return BadRequest(ModelState);
            }

            toDoList.UserId = User.Identity.GetUserId();
            db.ToDoLists.Add(toDoList);
            await db.SaveChangesAsync();

            return CreatedAtRoute("DefaultApi", new { id = toDoList.Id }, toDoList);
        }