public async Task <IActionResult> My(int orderId = -1)
{
if (!int.TryParse(HttpContext.User.FindFirst(x => x.Type == "Id").Value, out var userId))
{
return(Unauthorized());
}
if (orderId == -1)
{
return(View(await _orders.GetOrdersForUser(userId)));
}
var order = await _orders.GetOrder(orderId);
if (order.UserId != userId)
{
return(Unauthorized());
}
return(View("Order", order));
}
