Merge pull request #127 from samuelzedec/develop

refactor: reestruturação da arquitetura de autenticação e serviços

Author: samuelzedec

.editorconfig

@@ -11,6 +11,7 @@ indent_size = 2
 # C# files
 [*.cs]
 dotnet_diagnostic.CS8019.severity = error
+# dotnet_diagnostic.IDE0005.severity = error
 
 # Migrations and auto-generated code
 [**/Migrations/*.cs]

CHANGELOG.md

@@ -1,5 +1,23 @@
 # Riber - Changelog
 
+## v4.1.0 - 26/10/2025
+
+- **NOVO**: Sistema modular de serviços de autenticação com separação de responsabilidades
+- Adiciona `IAuthenticationService` para operações de login e autenticação
+- Adiciona `IRoleManagementService` para gerenciamento de roles
+- Adiciona `IUserManagementService` para gerenciamento de usuários
+- Adiciona `IUserQueryService` para consultas de usuários
+- Implementa serviços de Identity: `AuthenticationService`, `RoleManagementService`, `UserManagementService`, `UserQueryService`, `UserMappingService` e `UserCreationService`
+- **NOVO**: `EmptyResult` para operações sem retorno de valor
+- **REFATORAÇÃO**: Reorganização das interfaces de serviços para pasta `Authentication`
+- **REFATORAÇÃO**: Atualização de toda a aplicação (handlers, controllers, middlewares) para usar novos serviços
+- **REFATORAÇÃO**: Melhorias no `PermissionDataService` e repositórios
+- Remove serviços obsoletos: `IAuthService`, `AuthService`, `UserCreationService` (versão antiga)
+- Remove `SpecificationExtension` não utilizada
+- Atualiza todos os testes para refletir as mudanças arquiteturais
+
+---
+
 # v4.0.1 - 22/10/2025
 
 - **CORREÇÃO**: Mudança no Job de limpeza de imagens na Bucket

Directory.Build.props

@@ -4,7 +4,7 @@
     <Companies>Samuel Zedec</Companies>
     <Copyright>Copyright © $([System.DateTime]::Now.Year)</Copyright>
     <Description>Sistema de gestão financeira para um lanchonete local</Description>
-    <Version>4.0.1</Version>
+    <Version>4.1.0</Version>
   </PropertyGroup>
 
   <!-- Repositório e Documentação -->
@@ -18,6 +18,7 @@
     <TargetFramework>net9.0</TargetFramework>
     <ImplicitUsings>enable</ImplicitUsings>
     <Nullable>enable</Nullable>
+    <InvariantGlobalization>true</InvariantGlobalization>
   </PropertyGroup>
 
   <!-- Configurações para análise de código do projeto -->

analyze.sh

@@ -62,7 +62,8 @@ SONAR_BEGIN_ARGS=(
 **/Identity/**,\
 **/Common/Api/**,\
 **/Requests/**,\
-**/AuthService.cs"
+**/UserManagementService.cs/**,\
+**/UserMappingService.cs/**"
 )
 
 # Adicionar /o: apenas se for SonarCloud

src/Riber.Api/Common/Api/BuilderExtension.cs

@@ -8,6 +8,7 @@
 using Microsoft.AspNetCore.Http.Timeouts;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Server.Kestrel.Core;
 using Microsoft.IdentityModel.Tokens;
 using Microsoft.OpenApi.Models;
 using Riber.Api.Authorizations.Permissions;
@@ -43,7 +44,13 @@ private static void AddMiddleware(this WebApplicationBuilder builder)
 
     private static void AddConfigurations(this WebApplicationBuilder builder)
     {
-        builder.WebHost.ConfigureKestrel(options => options.AddServerHeader = false);
+        builder.WebHost.ConfigureKestrel(options =>
+        {
+            options.AddServerHeader = false;
+            options.ConfigureEndpointDefaults(endpoint
+                => endpoint.Protocols = HttpProtocols.Http1AndHttp2AndHttp3);
+        });
+
         builder.Configuration.AddEnvironmentVariables();
         builder.Services.AddExceptionHandler<GlobalExceptionHandler>();
         builder.Services.AddProblemDetails();
@@ -196,7 +203,8 @@ private static void AddJsonConfiguration(this WebApplicationBuilder builder)
             options.SerializerOptions.DefaultIgnoreCondition = JsonIgnoreCondition.Never;
         });
 
-        builder.Services.AddControllers()
+        builder.Services
+            .AddControllers()
             .AddJsonOptions(options =>
             {
                 options.JsonSerializerOptions.PropertyNamingPolicy = JsonNamingPolicy.CamelCase;

src/Riber.Api/Common/Api/GlobalExceptionHandler.cs

@@ -2,6 +2,7 @@
 using Riber.Api.Extensions;
 using Riber.Application.Exceptions;
 using Riber.Domain.Exceptions;
+using System.Net;
 using Layer = Riber.Application.Exceptions;
 
 namespace Riber.Api.Common.Api;
@@ -20,18 +21,18 @@ public async ValueTask<bool> TryHandleAsync(
         logger.LogError(exception, "Exception occurred: {ExceptionType} - {Message}", 
             exception.GetType().Name, exception.Message);
 
-        (int statusCode, string message, Dictionary<string, string[]> details) = MapExceptionToError(exception);
+        (HttpStatusCode statusCode, string message, Dictionary<string, string[]> details) = MapExceptionToError(exception);
         await httpContext.WriteErrorResponse(statusCode, message, details);
         return true;
     }
 
-    private static (int StatusCode, string Message, Dictionary<string, string[]> Details) MapExceptionToError(Exception exception)
+    private static (HttpStatusCode StatusCode, string Message, Dictionary<string, string[]> Details) MapExceptionToError(Exception exception)
         => exception switch
         {
             RequestTimeoutException timeoutEx => (timeoutEx.Code, timeoutEx.Message, []),
-            ValidationException validationEx => (StatusCodes.Status400BadRequest, string.Empty, validationEx.Details),
+            ValidationException validationEx => (HttpStatusCode.BadRequest, string.Empty, validationEx.Details),
             Layer.ApplicationException applicationEx => (applicationEx.Code, applicationEx.Message, []),
-            DomainException domainEx => (StatusCodes.Status422UnprocessableEntity, domainEx.Message, []),
-            _ => (StatusCodes.Status500InternalServerError, "Erro inesperado no servidor.", [])
+            DomainException domainEx => (HttpStatusCode.UnprocessableContent, domainEx.Message, []),
+            _ => (HttpStatusCode.InternalServerError, "Erro inesperado no servidor.", [])
         };
 }

src/Riber.Api/Controllers/AuthController.cs

@@ -3,6 +3,7 @@
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http.Timeouts;
 using Microsoft.AspNetCore.Mvc;
+using Riber.Api.Extensions;
 using Riber.Application.Common;
 using Riber.Application.Features.Auths.Commands.Login;
 using Riber.Application.Features.Auths.Commands.Logout;
@@ -29,7 +30,7 @@ public async Task<IActionResult> Login(
         CancellationToken cancellationToken)
     {
         var response = await mediator.Send(command, cancellationToken);
-        return Ok(response);
+        return response.ToHttpResult();
     }
 
     [HttpGet("permissions")]
@@ -38,7 +39,7 @@ public async Task<IActionResult> Login(
     public async Task<IActionResult> GetPermissionsByAuthenticatedUser(CancellationToken cancellationToken)
     {
         var response = await mediator.Send(new GetPermissionsQuery(), cancellationToken);
-        return Ok(response);
+        return response.ToHttpResult();
     }
 
     [HttpGet("refresh")]
@@ -48,7 +49,7 @@ public async Task<IActionResult> GetPermissionsByAuthenticatedUser(CancellationT
     public async Task<IActionResult> GetRefreshToken(CancellationToken cancellationToken)
     {
         var response = await mediator.Send(new GetRefreshTokenQuery(), cancellationToken);
-        return Ok(response);
+        return response.ToHttpResult();
     }
 
     [HttpPost("logout")]
@@ -57,6 +58,6 @@ public async Task<IActionResult> GetRefreshToken(CancellationToken cancellationT
     public async Task<IActionResult> Logout(CancellationToken cancellationToken)
     {
         var response = await mediator.Send(new LogoutCommand(), cancellationToken);
-        return Ok(response);
+        return response.ToHttpResult();
     }
 }

src/Riber.Api/Controllers/CompanyController.cs

@@ -4,6 +4,8 @@
 using Microsoft.AspNetCore.Http.Timeouts;
 using Microsoft.AspNetCore.Mvc;
 using Riber.Api.Attributes;
+using Riber.Api.Extensions;
+using Riber.Api.Requests.Company;
 using Riber.Application.Common;
 using Riber.Application.Features.Companies.Commands.CreateCompanyWithAdmin;
 using Riber.Application.Features.Companies.Commands.UpdateCompany;
@@ -29,19 +31,20 @@ public async Task<IActionResult> CreateCompany(
         CancellationToken cancellationToken)
     {
         var response = await mediator.Send(withAdminCommand, cancellationToken);
-        return Created($"/api/company/{response.Value?.CompanyId}", response);
+        return response.ToHttpResult($"/api/company/{response.Value?.CompanyId}");
     }
-    
-    [HttpPut]
+
+    [HttpPut("{id:guid}")]
     [ProducesResponseType<Result<UpdateCompanyCommandResponse>>(StatusCodes.Status200OK)]
     [RequirePermission(PermissionsSettings.Companies.Read, PermissionsSettings.Companies.Update)]
-    [RequestTimeout("standard")] 
+    [RequestTimeout("standard")]
     public async Task<IActionResult> UpdateCompany(
-        [FromBody] UpdateCompanyCommand command,
+        [FromRoute] Guid id,
+        [FromBody] UpdateCompanyRequest request,
         CancellationToken cancellationToken)
     {
-        var response = await mediator.Send(command, cancellationToken);
-        return Ok(response);
+        var response = await mediator.Send(request.ToCommand(id), cancellationToken);
+        return response.ToHttpResult();
     }
 
     [HttpGet("{id:guid}")]
@@ -53,6 +56,6 @@ public async Task<IActionResult> GetCompanyById(
         CancellationToken cancellationToken)
     {
         var response = await mediator.Send(new GetCompanyByIdQuery(id), cancellationToken);
-        return Ok(response);
+        return response.ToHttpResult();
     }
 }

src/Riber.Api/Controllers/ProductCategoryController.cs

@@ -4,6 +4,7 @@
 using Microsoft.AspNetCore.Http.Timeouts;
 using Microsoft.AspNetCore.Mvc;
 using Riber.Api.Attributes;
+using Riber.Api.Extensions;
 using Riber.Application.Common;
 using Riber.Application.Features.ProductCategories.Commands;
 using Riber.Infrastructure.Settings;
@@ -27,6 +28,6 @@ public async Task<IActionResult> CreateProductCategory(
         CancellationToken cancellationToken)
     {
         var response = await mediator.Send(request, cancellationToken);
-        return Ok(response);
+        return response.ToHttpResult($"api/product-category/{response.Value?.ProductCategoryId}");
     }
 }

src/Riber.Api/Controllers/ProductController.cs

@@ -1,42 +1,36 @@
-// using Mediator;
-// using Microsoft.AspNetCore.Authorization;
-// using Microsoft.AspNetCore.Http.Timeouts;
-// using Microsoft.AspNetCore.Mvc;
-// using Riber.Api.Attributes;
-// using Riber.Api.Requests;
-// using Riber.Application.Common;
-// using Riber.Application.Features.Products.Commands;
-// using Riber.Infrastructure.Settings;
-//
-// namespace Riber.Api.Controllers;
-//
-// [ApiController]
-// [Authorize]
-// [Route("api/v{version:apiVersion}/product")]
-// [ApiVersion("1.0")]
-// [Produces("application/json")]
-// [Consumes("application/json", "multipart/form-data")]
-// public sealed class ProductController(IMediator mediator) : ControllerBase
-// {
-//     [HttpPost]
-//     [RequestSizeLimit(3_145_728)]
-//     [RequestFormLimits(MultipartBodyLengthLimit = 3_145_728)]
-//     [RequirePermission(PermissionsSettings.Products.Create)]
-//     [RequestTimeout("standard")]
-//     [ProducesResponseType<Result<CreateProductCommandResponse>>(StatusCodes.Status201Created)]
-//     public async Task<IActionResult> CreateProduct(
-//         [FromForm] CreateProductRequest request,
-//         CancellationToken cancellationToken)
-//     {
-//         var response = await mediator.Send(new CreateProductCommand(
-//             Name: request.Name,
-//             Description: request.Description,
-//             Price: request.Price,
-//             CategoryId: request.CategoryId,
-//             ImageStream: request.Image?.OpenReadStream(),
-//             ImageName: request.Image?.FileName ?? string.Empty,
-//             ImageContent: request.Image?.ContentType ?? string.Empty
-//         ), cancellationToken);
-//         return Created($"api/product/{response.Value.ProductId}", response);
-//     }
-// }
+using Asp.Versioning;
+using Mediator;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http.Timeouts;
+using Microsoft.AspNetCore.Mvc;
+using Riber.Api.Attributes;
+using Riber.Api.Extensions;
+using Riber.Api.Requests.Product;
+using Riber.Application.Common;
+using Riber.Application.Features.Products.Commands;
+using Riber.Infrastructure.Settings;
+
+namespace Riber.Api.Controllers;
+
+[ApiController]
+[Authorize]
+[Route("api/v{version:apiVersion}/product")]
+[ApiVersion("1.0")]
+[Produces("application/json")]
+[Consumes("application/json", "multipart/form-data")]
+public sealed class ProductController(IMediator mediator) : ControllerBase
+{
+    [HttpPost]
+    [RequestSizeLimit(3_145_728)]
+    [RequestFormLimits(MultipartBodyLengthLimit = 3_145_728)]
+    [RequirePermission(PermissionsSettings.Products.Create)]
+    [RequestTimeout("standard")]
+    [ProducesResponseType<Result<CreateProductCommandResponse>>(StatusCodes.Status201Created)]
+    public async Task<IActionResult> CreateProduct(
+        [FromForm] CreateProductRequest request,
+        CancellationToken cancellationToken)
+    {
+        var response = await mediator.Send(request.ToCommand(), cancellationToken);
+        return response.ToHttpResult($"/api/product/{response.Value?.ProductId}");
+    }
+}