public IActionResult ProcessTransaction([FromForm, FromBody] TransactionData data)
{
var userName = User?.Identity?.Name;
if (userName == null)
{
return(NotFound());
}
if (!Request.Headers.ContainsKey("App-Auth") || !_apps.IsThisUsersAppKey(userName, Request.Headers["App-Auth"]))
{
return(NotFound()); // endpoint will be masked, so Unauthorized() is an additional info we don't want to share
}
return(Accepted());
}
