Ex2 (integrado): decorator de cache para IWorkshopRepository + TTL por Options

.gitignore

@@ -234,6 +234,7 @@ PublishScripts/
 # NuGet v3's project.json files produces more ignorable files
 *.nuget.props
 *.nuget.targets
+nuget.config
 
 # Microsoft Azure Build Output
 csx/

Controllers/AuthController.cs

@@ -0,0 +1,57 @@
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.IdentityModel.Tokens;
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
+using System.Text;
+
+namespace CampusWorkshops.Api.Controllers;
+
+[ApiController]
+[Route("api/[controller]")]
+public class AuthController : ControllerBase
+{
+    // Usuários de exemplo (NÃO use plaintext em produção)
+    private static readonly Dictionary<string,(string Password, string[] Roles)> Users = new()
+    {
+        ["admin@campus"] = ("admin123", new[] { "Admin", "Instructor" }),
+        ["inst@campus"]  = ("inst123",  new[] { "Instructor" }),
+        ["aluno@campus"] = ("aluno123", Array.Empty<string>())
+    };
+
+    private readonly IConfiguration _cfg;
+    public AuthController(IConfiguration cfg) => _cfg = cfg;
+
+    public record LoginRequest(string Username, string Password);
+    public record TokenResponse(string AccessToken, DateTime ExpiresAt);
+
+    [HttpPost("login")]
+    [ProducesResponseType(typeof(TokenResponse), 200)]
+    [ProducesResponseType(401)]
+    public IActionResult Login([FromBody] LoginRequest body)
+    {
+        if (!Users.TryGetValue(body.Username, out var u) || u.Password != body.Password)
+            return Unauthorized();
+
+        var jwt = _cfg.GetSection("Jwt");
+        var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwt["Key"]!));
+        var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
+
+        var claims = new List<Claim>
+        {
+            new(JwtRegisteredClaimNames.Sub, body.Username),
+            new(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
+        };
+        claims.AddRange(u.Roles.Select(r => new Claim(ClaimTypes.Role, r)));
+
+        var expires = DateTime.UtcNow.AddHours(2);
+        var token = new JwtSecurityToken(
+            issuer: jwt["Issuer"],
+            audience: jwt["Audience"],
+            claims: claims,
+            expires: expires,
+            signingCredentials: creds
+        );
+        var encoded = new JwtSecurityTokenHandler().WriteToken(token);
+        return Ok(new TokenResponse(encoded, expires));
+    }
+}

Controllers/DiDemoController.cs

@@ -0,0 +1,59 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using CampusWorkshops.Api.Services;
+
+namespace CampusWorkshops.Api.Controllers;
+
+[ApiController]
+[AllowAnonymous] // Deixe aberto para facilitar o teste
+[Route("api/[controller]")]
+public class DiDemoController : ControllerBase
+{
+    // Visualiza os IDs por lifetime
+    [HttpGet("lifetimes")]
+    public IActionResult Lifetimes(
+        [FromServices] IRequestIdTransient t1,
+        [FromServices] IRequestIdTransient t2,
+        [FromServices] IRequestIdScoped    s1,
+        [FromServices] IRequestIdScoped    s2,
+        [FromServices] IRequestIdSingleton g1,
+        [FromServices] IRequestIdSingleton g2)
+    {
+        return Ok(new {
+            transient1 = t1.Id, transient2 = t2.Id,    // normalmente diferentes NA MESMA chamada
+            scoped1 = s1.Id, scoped2 = s2.Id,          // iguais NA MESMA chamada; mudam entre chamadas
+            singleton1 = g1.Id, singleton2 = g2.Id     // sempre iguais
+        });
+    }
+
+    // Demonstra o "cativeiro" do transient dentro de um singleton
+    [HttpGet("captive-transient")]
+    public IActionResult Captive(
+        [FromServices] ReportingSingleton singleton,
+        [FromServices] IPerRequestClock clockTransient)
+    {
+        // clockTransient é Transient: CreatedAt muda entre requisições
+        var transientCreatedAtNow = clockTransient.CreatedAt;
+
+        // GetClockCreatedAt (TODO) deveria retornar o CreatedAt visto pelo singleton
+        DateTimeOffset? singletonClockCreatedAt = null;
+        string? error = null;
+        try
+        {
+            singletonClockCreatedAt = singleton.GetClockCreatedAt();
+        }
+        catch (Exception ex)
+        {
+            error = $"{ex.GetType().Name}: {ex.Message}";
+        }
+
+        return Ok(new {
+            transientCreatedAtNow,
+            singletonClockCreatedAt,
+            esperado = "Valores DIFERENTES por requisição",
+            observacao = "Mas como o transient foi resolvido DENTRO do singleton, ele congelou e não muda",
+            todoImplementado = error is null,
+            errorAoChamarSingleton = error
+        });
+    }
+}

Controllers/WorkshopsController.cs

@@ -2,6 +2,7 @@
 using CampusWorkshops.Api.Dtos;
 using CampusWorkshops.Api.Models;
 using CampusWorkshops.Api.Repositories;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
 namespace CampusWorkshops.Api.Controllers;
@@ -16,10 +17,11 @@ public class WorkshopsController : ControllerBase
 
     /// <summary>Lista workshops com filtros opcionais.</summary>
     [HttpGet]
+    [Authorize]
     public async Task<IActionResult> GetAll([FromQuery] DateTimeOffset? from, [FromQuery] DateTimeOffset? to, [FromQuery] string? q, CancellationToken ct)
     {
         var workshops = await _repo.GetAllAsync(from, to, q, ct);
-        
+
         var response = workshops.Select(w => new WorkshopResponse(
             w.Id,
             w.Title,
@@ -36,10 +38,11 @@ public class WorkshopsController : ControllerBase
 
     /// <summary>Obtém um workshop por Id.</summary>
     [HttpGet("{id:guid}")]
+    [Authorize]
     public async Task<IActionResult> GetById(Guid id, CancellationToken ct)
     {
         var workshop = await _repo.GetByIdAsync(id, ct);
-        
+
         if (workshop == null)
         {
             return NotFound();
@@ -61,6 +64,7 @@ public class WorkshopsController : ControllerBase
 
     /// <summary>Cria um novo workshop.</summary>
     [HttpPost]
+    [Authorize(Policy = "CanWriteWorkshops")]
     public async Task<IActionResult> Create([FromBody] CreateWorkshopRequest body, CancellationToken ct)
     {
         if (!ModelState.IsValid)
@@ -119,6 +123,8 @@ public class WorkshopsController : ControllerBase
 
     /// <summary>Atualiza parcialmente um workshop existente.</summary>
     [HttpPatch("{id:guid}")]
+    [Authorize(Policy = "CanWriteWorkshops")]
+
     public async Task<IActionResult> Patch(Guid id, [FromBody] PatchWorkshopRequest body, CancellationToken ct)
     {
         if (!ModelState.IsValid)
@@ -135,10 +141,10 @@ public class WorkshopsController : ControllerBase
         // Aplicar apenas os campos fornecidos
         if (body.Title != null)
             existingWorkshop.Title = body.Title;
-        
+
         if (body.Description != null)
             existingWorkshop.Description = body.Description;
-        
+
         if (body.StartAt.HasValue)
         {
             if (body.StartAt.Value < DateTimeOffset.UtcNow)
@@ -147,13 +153,13 @@ public class WorkshopsController : ControllerBase
             }
             existingWorkshop.StartAt = body.StartAt.Value;
         }
-        
+
         if (body.EndAt.HasValue)
             existingWorkshop.EndAt = body.EndAt.Value;
-        
+
         if (body.Location != null)
             existingWorkshop.Location = body.Location;
-        
+
         if (body.Capacity.HasValue)
         {
             if (body.Capacity.Value < 1)
@@ -162,7 +168,7 @@ public class WorkshopsController : ControllerBase
             }
             existingWorkshop.Capacity = body.Capacity.Value;
         }
-        
+
         if (body.IsOnline.HasValue)
             existingWorkshop.IsOnline = body.IsOnline.Value;
 
@@ -199,6 +205,8 @@ public class WorkshopsController : ControllerBase
 
     /// <summary>Remove um workshop.</summary>
     [HttpDelete("{id:guid}")]
+    [Authorize(Policy = "CanDeleteWorkshops")]
+
     public async Task<IActionResult> Delete(Guid id, CancellationToken ct)
     {
         var workshop = await _repo.GetByIdAsync(id, ct);

Program.cs

@@ -4,14 +4,75 @@ using Microsoft.AspNetCore.Mvc;
 using CampusWorkshops.Api.Repositories;
 using Microsoft.EntityFrameworkCore;
 using CampusWorkshops.Api.Infrastructure.Data;
+using System.Text;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.IdentityModel.Tokens;
+using Microsoft.OpenApi.Models;
+using CampusWorkshops.Api.Services;
+using Microsoft.Extensions.Options;
+using Microsoft.Extensions.Caching.Memory;
 
 var builder = WebApplication.CreateBuilder(args);
 
+// JWT
+var jwt = builder.Configuration.GetSection("Jwt");
+var keyBytes = Encoding.UTF8.GetBytes(jwt["Key"]!);
+
+builder.Services
+  .AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
+  .AddJwtBearer(options =>
+  {
+      options.TokenValidationParameters = new()
+      {
+          ValidateIssuer = true,
+          ValidateAudience = true,
+          ValidateIssuerSigningKey = true,
+          ValidIssuer = jwt["Issuer"],
+          ValidAudience = jwt["Audience"],
+          IssuerSigningKey = new SymmetricSecurityKey(keyBytes),
+          ClockSkew = TimeSpan.FromMinutes(1) // previsível para testes
+      };
+  });
+
+builder.Services.AddAuthorization();
+
+builder.Services.AddAuthorization(options =>
+{
+    options.AddPolicy("CanWriteWorkshops", p => p.RequireRole("Instructor","Admin"));
+    options.AddPolicy("CanDeleteWorkshops", p => p.RequireRole("Admin"));
+    options.AddPolicy("CanViewAnalytics",  p => p.RequireRole("Admin"));
+});
+
 // Add services
 builder.Services.AddDbContext<WorkshopsDbContext>(options =>
     options.UseSqlite(builder.Configuration.GetConnectionString("WorkshopsDb")));
 
-builder.Services.AddScoped<IWorkshopRepository, EfWorkshopRepository>();
+builder.Services.AddMemoryCache();
+builder.Services.Configure<CacheSettings>(builder.Configuration.GetSection("Cache"));
+
+
+// Primeiro registramos a implementação EF concreta
+builder.Services.AddScoped<EfWorkshopRepository>();
+
+// Depois expomos IWorkshopRepository como o "EF envelopado por cache"
+builder.Services.AddScoped<IWorkshopRepository>(sp =>
+    new CachedWorkshopRepository(
+        sp.GetRequiredService<EfWorkshopRepository>(),
+        sp.GetRequiredService<IMemoryCache>(),
+        sp.GetRequiredService<IOptionsSnapshot<CacheSettings>>()));
+
+// Lifetimes de exemplo
+builder.Services.AddTransient<IRequestIdTransient, RequestIdTransient>();
+builder.Services.AddScoped<IRequestIdScoped, RequestIdScoped>();
+builder.Services.AddSingleton<IRequestIdSingleton, RequestIdSingleton>();
+
+// Exemplo de "captive dependency"
+builder.Services.AddTransient<IPerRequestClock, PerRequestClock>(); // Transient
+builder.Services.AddSingleton<ReportingSingleton>();
+
+
+// Removendo para ativar o cached repository
+// builder.Services.AddScoped<IWorkshopRepository, EfWorkshopRepository>();
 builder.Services.AddControllers();
 builder.Services.AddEndpointsApiExplorer();
 builder.Services.AddSwaggerGen(o =>
@@ -22,6 +83,37 @@ builder.Services.AddSwaggerGen(o =>
         Version = "v1",
         Description = "API para gestão de workshops do campus (MVP in-memory)."
     });
+    var bearerScheme = new OpenApiSecurityScheme
+    {
+        Name = "Authorization",
+        Description = "Cole apenas o JWT (sem 'Bearer ').",
+        In = ParameterLocation.Header,
+        Type = SecuritySchemeType.Http,   // <- IMPORTANTE
+        Scheme = "bearer",                // <- minúsculo
+        BearerFormat = "JWT",
+        Reference = new OpenApiReference   // <- garante que o requirement aponte para esta definição
+        {
+            Type = ReferenceType.SecurityScheme,
+            Id = "Bearer"
+        }
+    };
+
+    o.AddSecurityDefinition("Bearer", bearerScheme);
+
+    o.AddSecurityRequirement(new OpenApiSecurityRequirement
+    {
+        {
+            new OpenApiSecurityScheme
+            {
+                Reference = new OpenApiReference
+                {
+                    Type = ReferenceType.SecurityScheme,
+                    Id = "Bearer"
+                }
+            },
+            Array.Empty<string>()
+        }
+    });
 });
 
 // DI
@@ -51,6 +143,9 @@ app.UseExceptionHandler(errApp =>
 
 app.UseHttpsRedirection();
 
+app.UseAuthentication();   // <-- antes
+app.UseAuthorization();    // <-- depois
+
 app.UseSwagger();
 app.UseSwaggerUI(c =>
 {

Repositories/CachedWorkshopRepository.cs

@@ -0,0 +1,82 @@
+using CampusWorkshops.Api.Models;
+using Microsoft.Extensions.Caching.Memory;
+using Microsoft.Extensions.Options;
+
+namespace CampusWorkshops.Api.Repositories;
+
+public sealed class CachedWorkshopRepository : IWorkshopRepository
+{
+    private readonly IWorkshopRepository _inner;
+    private readonly IMemoryCache _cache;
+    private readonly TimeSpan _ttl;
+
+    public CachedWorkshopRepository(
+        IWorkshopRepository inner,
+        IMemoryCache cache,
+        IOptionsSnapshot<CampusWorkshops.Api.Services.CacheSettings> opts)
+    {
+        _inner = inner;
+        _cache = cache;
+        _ttl = TimeSpan.FromSeconds(opts.Value.DefaultTtlSeconds);
+    }
+
+    private static string KeyById(Guid id) => $"workshops:byId:{id}";
+    private static string KeyList(DateTimeOffset? from, DateTimeOffset? to, string? q)
+        => $"workshops:list:{from?.ToUnixTimeSeconds()}:{to?.ToUnixTimeSeconds()}:{q?.Trim().ToLowerInvariant()}";
+    public async Task<IReadOnlyList<Workshop>> GetAllAsync(
+        DateTimeOffset? from, DateTimeOffset? to, string? q, CancellationToken ct)
+    {   
+        // Implementação final
+        var key = KeyList(from, to, q);
+        if (_cache.TryGetValue(key, out IReadOnlyList<Workshop>? cached) && cached is not null)
+            return cached;
+
+        var data = await _inner.GetAllAsync(from, to, q, ct);
+        _cache.Set(key, data, _ttl);
+        return data;
+    }
+
+
+    public async Task<Workshop?> GetByIdAsync(Guid id, CancellationToken ct)
+    {
+        var key = KeyById(id);
+        if (_cache.TryGetValue(key, out Workshop? cached) && cached is not null)
+            return cached;
+
+        var w = await _inner.GetByIdAsync(id, ct);
+        if (w is not null) _cache.Set(key, w, _ttl);
+        return w;
+    }
+
+    // Ações de escrita: apenas encaminham e limpam entradas simples
+    public async Task<Workshop> AddAsync(Workshop workshop, CancellationToken ct)
+    {
+        var w = await _inner.AddAsync(workshop, ct);
+        _cache.Remove(KeyById(w.Id));
+        return w;
+    }
+
+    public async Task<Workshop?> UpdateAsync(Workshop workshop, CancellationToken ct)
+    {
+        var w = await _inner.UpdateAsync(workshop, ct);
+        if (w is not null) _cache.Remove(KeyById(w.Id));
+        return w;
+    }
+
+    public async Task<bool> DeleteAsync(Guid id, CancellationToken ct)
+    {
+        var ok = await _inner.DeleteAsync(id, ct);
+        if (ok) _cache.Remove(KeyById(id));
+        return ok;
+    }
+
+    public Task<bool> ExistsAsync(Guid id, CancellationToken ct)
+        => _inner.ExistsAsync(id, ct);
+
+    public async Task<Workshop?> UpdatePartialAsync(Guid id, Action<Workshop> updateAction, CancellationToken ct)
+    {
+        var w = await _inner.UpdatePartialAsync(id, updateAction, ct);
+        if (w is not null) _cache.Remove(KeyById(w.Id));
+        return w;
+    }
+}

Services/CacheSettings.cs

@@ -0,0 +1,6 @@
+namespace CampusWorkshops.Api.Services;
+
+public sealed class CacheSettings
+{
+    public int DefaultTtlSeconds { get; set; } = 15;
+}

Services/PerRequestClock.cs

@@ -0,0 +1,12 @@
+namespace CampusWorkshops.Api.Services;
+
+public interface IPerRequestClock
+{
+    // Carimbo criado no CONSTRUTOR (não muda depois)
+    DateTimeOffset CreatedAt { get; }
+}
+
+public sealed class PerRequestClock : IPerRequestClock
+{
+    public DateTimeOffset CreatedAt { get; } = DateTimeOffset.UtcNow;
+}

Services/ReportingSingleton.cs

@@ -0,0 +1,23 @@
+using System;
+
+namespace CampusWorkshops.Api.Services;
+
+/// <summary>
+/// Singleton que recebe um Transient (IPerRequestClock).
+/// Na prática, o Transient é resolvido uma única vez, na construção do Singleton,
+/// e "vira" efetivamente singleton dentro dele.
+/// </summary>
+public sealed class ReportingSingleton
+{
+    private readonly IPerRequestClock _clock;
+
+    public ReportingSingleton(IPerRequestClock clock)
+    {
+        _clock = clock;
+    }
+
+    public DateTimeOffset GetClockCreatedAt()
+    {
+        return _clock.CreatedAt;
+    }
+}

Services/RequestId.cs

@@ -0,0 +1,9 @@
+namespace CampusWorkshops.Api.Services;
+
+public interface IRequestIdTransient { Guid Id { get; } }
+public interface IRequestIdScoped    { Guid Id { get; } }
+public interface IRequestIdSingleton { Guid Id { get; } }
+
+internal sealed class RequestIdTransient : IRequestIdTransient { public Guid Id { get; } = Guid.NewGuid(); }
+internal sealed class RequestIdScoped    : IRequestIdScoped    { public Guid Id { get; } = Guid.NewGuid(); }
+internal sealed class RequestIdSingleton : IRequestIdSingleton { public Guid Id { get; } = Guid.NewGuid(); }

Workshop10-API.csproj

@@ -8,6 +8,7 @@
   </PropertyGroup>
 
   <ItemGroup>
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="9.0.9" />
     <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="9.0.2" />
     <PackageReference Include="Microsoft.EntityFrameworkCore" Version="9.0.8" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="9.0.8">

appsettings.json

@@ -5,5 +5,11 @@
       "Microsoft.AspNetCore": "Warning"
     }
   },
+  "Jwt": {
+    "Issuer": "CampusWorkshops",
+    "Audience": "CampusWorkshops.Api",
+    "Key": "some-key-that-is-super-secret-always-secured"
+  },
+  "Cache": { "DefaultTtlSeconds": 15 },
   "AllowedHosts": "*"
 }