public async Task <IActionResult> GetUser(int id) { var user = await _repo.GetUser(id); var userToReturn = _mapper.Map <UserForDetailsDto>(user); return(Ok(userToReturn)); }
// [ValidateAntiForgeryToken] public async Task <IActionResult> CreateOrder(int productId, OrderForCreateDto orderForCreateDto) { var userFromRepo = await _repo.GetUser(int.Parse(User.FindFirst(ClaimTypes.NameIdentifier).Value)); if (userFromRepo.Id != int.Parse(User.FindFirst(ClaimTypes.NameIdentifier).Value)) { return(Unauthorized()); } orderForCreateDto.UserId = userFromRepo.Id; var orderToCreate = _mapper.Map <Order>(orderForCreateDto); orderToCreate.OrderDate = DateTime.Now; orderToCreate.Status = "Pending"; orderToCreate.ToAddress = userFromRepo.Address; userFromRepo.Orders.Add(orderToCreate); await _repo.SaveAll(); return(Ok()); }