pas/Api/Controllers/WebMessagesController.cs

using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Api.Helpers;
using Api.Models;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;

namespace Api.Controllers
{
    // Controller to expose WebMessage read endpoints for the SPA.
    // Assumes an EF DbContext named ApiDbContext with DbSet<WebMessage> WebMessages.
    [ApiController]
    [Route("api/[controller]")]
    public class WebMessagesController : ControllerBase
    {
        private readonly AppDbContext _context;

        public WebMessagesController(AppDbContext context)
        {
            _context = context;
        }

        // GET: api/webmessages
        // Optional pagination via ?page=1&pageSize=20
        [HttpGet]
        public async Task<ActionResult<IEnumerable<WebMessage>>> GetAll([FromQuery] int? page, [FromQuery] int? pageSize)
        {
            var query = _context.WebMessages.AsNoTracking().OrderByDescending(m => m.Id).AsQueryable();

            if (page.HasValue && pageSize.HasValue && page > 0 && pageSize > 0)
            {
                var skip = (page.Value - 1) * pageSize.Value;
                query = query.Skip(skip).Take(pageSize.Value);
            }

            var list = await query.ToListAsync();
            return Ok(list);
        }

        // GET: api/webmessages/5
        [HttpGet("{id:int}")]
        public async Task<ActionResult<WebMessage>> GetById(int id)
        {
            var message = await _context.WebMessages.AsNoTracking().FirstOrDefaultAsync(m => m.Id == id);
            if (message == null) return NotFound();
            return Ok(message);
        }

        // POST: api/webmessages
        // Saves a new WebMessage. Expects JSON body. Returns 201 with Location header.
        [HttpPost]
        public async Task<ActionResult<WebMessage>> Create([FromBody] WebMessage message)
        {
            if (message == null)
                return BadRequest();

            // optional: basic server-side validation
            if (string.IsNullOrWhiteSpace(message.Message) && string.IsNullOrWhiteSpace(message.Subject))
                return BadRequest("Message or Subject is required.");

            // optional: validate ReCaptcha token
            // if(ReCaptchaAssessment.CheckToken(message.RecaptchaToken, out string reason) == false)
            //     return BadRequest($"ReCaptcha validation failed: {reason}");

            _context.WebMessages.Add(message);
            await _context.SaveChangesAsync();

            return CreatedAtAction(nameof(GetById), new { id = message.Id }, message);
        }
    }
}