// POST: api/Books [HttpPost] [AllowAnonymous] //[Authorize(Roles = "Admin")] public async Task PostBook([FromBody] Book book, IFormFile image) { if (image.Length > 0) { string returnPath = Path.Combine("images\\booksImages", image.FileName); string path = Path.Combine(_env.WebRootPath, returnPath); if (System.IO.File.Exists(path)) { return BadRequest("File with that name already exists."); } using (var fs = new FileStream(path, FileMode.Create)) { await image.CopyToAsync(fs); } if (ModelState.IsValid) { book.ImagePath = returnPath; _context.Books.Add(book); await _context.SaveChangesAsync(); return CreatedAtAction("GetBook", new { id = book.BookId }, book); } } return BadRequest(ModelState); }