public IHttpActionResult PostJourney(Journey journey)
{
// Add authed user ID to model
journey.UserId = Convert.ToInt32(HttpContext.Current.User.Identity.Name);
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
db.Journeys.Add(journey);
db.SaveChanges();
return(CreatedAtRoute("GetJourney", new { journeyId = journey.Id }, journey.GetOutputObject(false)));
}
public IHttpActionResult GetJourney(int journeyId)
{
Journey journey = db.Journeys.Find(journeyId);
if (journey == null)
{
return(NotFound());
}
// Ensure user is only getting their own journey
if (HttpContext.Current.User.Identity.Name != journey.UserId.ToString())
{
return(NotFound());
}
return(Ok(journey.GetOutputObject()));
}