57 lines
1.7 KiB
C#
57 lines
1.7 KiB
C#
using DysonNetwork.Sphere.Auth;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using Microsoft.EntityFrameworkCore;
|
|
|
|
namespace DysonNetwork.Sphere.Wallet;
|
|
|
|
[ApiController]
|
|
[Route("/orders")]
|
|
public class OrderController(PaymentService payment, AuthService auth, AppDatabase db) : ControllerBase
|
|
{
|
|
[HttpGet("{id:guid}")]
|
|
public async Task<ActionResult<Order>> GetOrderById(Guid id)
|
|
{
|
|
var order = await db.PaymentOrders.FindAsync(id);
|
|
|
|
if (order == null)
|
|
{
|
|
return NotFound();
|
|
}
|
|
|
|
return Ok(order);
|
|
}
|
|
|
|
[HttpPost("{id:guid}/pay")]
|
|
[Authorize]
|
|
public async Task<ActionResult<Order>> PayOrder(Guid id, [FromBody] PayOrderRequest request)
|
|
{
|
|
if (HttpContext.Items["CurrentUser"] is not Account.Account currentUser ||
|
|
HttpContext.Items["CurrentSession"] is not Session currentSession) return Unauthorized();
|
|
|
|
// Validate PIN code
|
|
if (!await auth.ValidatePinCode(currentUser.Id, request.PinCode))
|
|
return StatusCode(403, "Invalid PIN Code");
|
|
|
|
try
|
|
{
|
|
// Get the wallet for the current user
|
|
var wallet = await db.Wallets.FirstOrDefaultAsync(w => w.AccountId == currentUser.Id);
|
|
if (wallet == null)
|
|
return BadRequest("Wallet was not found.");
|
|
|
|
// Pay the order
|
|
var paidOrder = await payment.PayOrderAsync(id, wallet.Id);
|
|
return Ok(paidOrder);
|
|
}
|
|
catch (InvalidOperationException ex)
|
|
{
|
|
return BadRequest(new { error = ex.Message });
|
|
}
|
|
}
|
|
}
|
|
|
|
public class PayOrderRequest
|
|
{
|
|
public string PinCode { get; set; } = string.Empty;
|
|
} |