AfRApay/AfRApay.Web/Controllers/CardTransaction.cs

using AfRApay.Web.Backend;
using LinqToDB;
using Microsoft.AspNetCore.Mvc;

namespace AfRApay.Web.Controllers;

[ApiController, Route("/api/card/transaction")]
public class CardTransaction : Controller {
	[HttpGet]
	public string Get([FromQuery] string card, [FromQuery] decimal amount, [FromQuery] string ik) {
		var db = new Database.DbConn();
		if (db.Cards.Any(p => p.CardId == card)) {
			var userId = db.Cards.First(p => p.CardId == card).UserId;
			var user   = db.Users.First(p => p.Id == userId);

			// If an idempotency key is given, disregard duplicate requests.
			if (ik == "" || ik != user.LastIdempotencyKey) {
				if (user.Balance - amount < -50) {
					return "E:Balance too low!";
				}

				user.Balance -= amount;
				user.LastIdempotencyKey = ik;
				db.Update(user);
			}

			return $"S:{user.Nickname}: {user.Balance:N2}";
		}

		return "E:Unknown card.";
	}
}