public IActionResult Account()
{
// Retrieves data from session to query as an event handler
// checks to see if the session data is present to prevent
// penetration.
string LoggedIn = HttpContext.Session.GetString("LoggedIn");
int? userId = HttpContext.Session.GetInt32("UserId");
string email = HttpContext.Session.GetString("Email");
// If logged in not present, proceed to default
if (LoggedIn == null)
{
return(View("Index"));
}
else
{
// Checks to see if the user is in the DB
var userTransactionBundle = new UserTransactionBundle();
userTransactionBundle.user = dbContext.Users.FirstOrDefault(user => user.Email == email);
if (userTransactionBundle.user == null)
{
// if user is not in DB, kill session, redirect to index
HttpContext.Session.Clear();
return(RedirectToAction("Index"));
}
else
{
// Checks to see if session user ID matches the actuall user ID
if (userTransactionBundle.user.UserId != (int)userId)
{
// if ID's do not match, kills session, redirects to Index
HttpContext.Session.Clear();
return(RedirectToAction("Index"));
}
else
{
// populates the user's transactions
userTransactionBundle.transactions = dbContext.Transactions
.Where(transaction => transaction.UserId == (int)userId)
.OrderByDescending(transaction => transaction.CreatedAt)
.ToList();
return(View("Account", userTransactionBundle));
}
}
}
}
public IActionResult CreateTransaction(UserTransactionBundle userTransactionBundle)
{
// Sets the User for the userTransactionBundle
string email = HttpContext.Session.GetString("Email");
int? userId = HttpContext.Session.GetInt32("UserId");
userTransactionBundle.user = dbContext.Users.FirstOrDefault(user => user.Email == email);
// populates the user's transaction
userTransactionBundle.transactions = dbContext.Transactions
.Where(transaction => transaction.UserId == (int)userId)
.OrderByDescending(transaction => transaction.CreatedAt)
.ToList();
// Checks validator
if (ModelState.IsValid)
{
// Checks to see if transaction results in negative balance
if (userTransactionBundle.Balance + userTransactionBundle.transaction.Amount > 0)
{
userTransactionBundle.transaction.CreatedAt = DateTime.Now;
dbContext.Add(userTransactionBundle.transaction);
dbContext.SaveChanges();
return(RedirectToAction("Account"));
}
else
{
// because the model is bundled, reference the sub-model/property for the annotation to fire
ModelState.AddModelError("transaction.Amount", "Transaction will result in a Negative Balance and is not allowed!");
return(View("Account", userTransactionBundle));
}
}
else
{
return(View("Account", userTransactionBundle));
}
}
