From 50f0bb7f57d602acf0127cb7fe2443b95418aa43 Mon Sep 17 00:00:00 2001
From: Marek Lesko <marek@lesko.me>
Date: Mon, 28 Jul 2025 11:49:01 +0000
Subject: [PATCH] Enable authorization for ProductController and update
 GetProducts method to support optional ID query parameter #5

---
 Api/Controllers/ProductController.cs | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/Api/Controllers/ProductController.cs b/Api/Controllers/ProductController.cs
index 269727c..b49942f 100644
--- a/Api/Controllers/ProductController.cs
+++ b/Api/Controllers/ProductController.cs
@@ -6,7 +6,7 @@ using Microsoft.AspNetCore.Authorization;
 namespace Api.Controllers
 {
     [ApiController]
-    // [Authorize]
+    [Authorize]
     [Route("api/[controller]")]
     public class ProductController : ControllerBase
     {
@@ -19,9 +19,16 @@ namespace Api.Controllers
 
         // GET: api/Product
         [HttpGet]
-        public async Task<ActionResult<IEnumerable<Product>>> GetProducts()
+        public async Task<ActionResult<IEnumerable<Product>>> GetProducts([FromQuery] int? id = null)
         {
-            return await _context.Products.ToListAsync();
+            if (id.HasValue)
+            {
+                return await _context.Products
+                    .Where(p => p.Id == id.Value)
+                    .ToListAsync();
+            }
+            else
+                return await _context.Products.ToListAsync();
         }
 
         // POST: api/Product