public virtual async Task EatAsync(FujiUser user, int appleId, DateTime timestamp) { // validate inputs // Now we have a verified Apple and a verified User. Let that user eat that apple! ApplesConsumed appleCore = new ApplesConsumed { AppleId = appleId, FujiUser = user, ConsumedAt = timestamp, Count = 1 }; _context.Add(appleCore); await _context.SaveChangesAsync(); return; }
// Note: can be forged as we don't have an anti forgery token. Will need to add this public async Task <JsonResult> Ate(int?id) { // verify id is actually a real apple if (id == null) { return(Json(new { success = false, message = "id expected" })); } if (!AppleExists((int)id)) { return(Json(new { success = false, message = "appleID not found" })); } // and that we have a logged in user string aspNetUserID = _userManager.GetUserId(User); if (aspNetUserID == null) { return(Json(new { success = false, message = "user not logged in" })); } FujiUser fu = null; if (aspNetUserID != null) { fu = _context.FujiUsers.Where(u => u.AspnetIdentityId == aspNetUserID).FirstOrDefault(); if (fu == null) { return(Json(new { success = false, message = "user not found" })); } } // Now we have a verified Apple and a verified User. Let that user eat that apple! ApplesConsumed appleCore = new ApplesConsumed { Apple = await _context.Apples.FirstOrDefaultAsync(a => a.Id == id), FujiUser = fu, ConsumedAt = DateTime.UtcNow, Count = 1 }; _context.Add(appleCore); await _context.SaveChangesAsync(); return(Json(new { success = true, message = "user ate apple" })); }