using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Authorization; namespace SkyArtShop.Controllers { [Route("api/upload")] [Authorize(Roles = "Admin")] public class ApiUploadController : Controller { private readonly IWebHostEnvironment _environment; public ApiUploadController(IWebHostEnvironment environment) { _environment = environment; } [HttpPost("image")] public async Task UploadImage(IFormFile image) { if (image == null || image.Length == 0) { return Json(new { success = false, message = "No file uploaded" }); } var allowedExtensions = new[] { ".jpg", ".jpeg", ".png", ".gif", ".webp" }; var extension = Path.GetExtension(image.FileName).ToLowerInvariant(); if (!allowedExtensions.Contains(extension)) { return Json(new { success = false, message = "Invalid file type. Only images are allowed." }); } try { var uploadsPath = Path.Combine(_environment.WebRootPath, "uploads", "images"); if (!Directory.Exists(uploadsPath)) { Directory.CreateDirectory(uploadsPath); } var fileName = $"{Guid.NewGuid()}{extension}"; var filePath = Path.Combine(uploadsPath, fileName); using (var stream = new FileStream(filePath, FileMode.Create)) { await image.CopyToAsync(stream); } var imageUrl = $"/uploads/images/{fileName}"; Console.WriteLine($"[API-UPLOAD] Image uploaded successfully: {imageUrl}"); return Json(new { success = true, imageUrl = imageUrl }); } catch (Exception ex) { Console.WriteLine($"[API-UPLOAD] Upload failed: {ex.Message}"); return Json(new { success = false, message = $"Upload failed: {ex.Message}" }); } } } }