public async Task <int> CreateItemAsync(ItemModel itemModel, HttpContext httpContext) { //Potential security risk via Http spoofing? AccountModel account = _context.Users.FirstOrDefault(x => x.Id == _userManager.GetUserId(httpContext.User)); itemModel.Account = account; _context.Add(itemModel); return(await _context.SaveChangesAsync()); }
public IActionResult Edit(AccountModel model) { if (ModelState.IsValid) { var account = _context.Users.FirstOrDefault(x => x.Id == model.Id); account.Mobile = model.Mobile; account.PostCode = model.PostCode; _context.SaveChangesAsync(); } return(View(model)); }