npm - @polymorphism-tech/morph-spec - Versions diffs - 3.0.0 → 3.0.1 - Mend

@polymorphism-tech/morph-spec 3.0.0 → 3.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (160) hide show

package/CLAUDE.md +75 -371
package/LICENSE +72 -72
package/bin/detect-agents.js +225 -225
package/bin/render-template.js +302 -302
package/bin/semantic-detect-agents.js +246 -246
package/bin/validate-agents-skills.js +251 -251
package/bin/validate-agents.js +69 -69
package/bin/validate-phase.js +263 -263
package/content/.azure/README.md +293 -293
package/content/.azure/docs/azure-devops-setup.md +454 -454
package/content/.azure/docs/branch-strategy.md +398 -398
package/content/.azure/docs/local-development.md +515 -515
package/content/.azure/pipelines/pipeline-variables.yml +34 -34
package/content/.azure/pipelines/prod-pipeline.yml +319 -319
package/content/.azure/pipelines/staging-pipeline.yml +234 -234
package/content/.azure/pipelines/templates/build-dotnet.yml +75 -75
package/content/.azure/pipelines/templates/deploy-app-service.yml +94 -94
package/content/.azure/pipelines/templates/deploy-container-app.yml +120 -120
package/content/.azure/pipelines/templates/infra-deploy.yml +90 -90
package/content/.claude/commands/morph-archive.md +79 -79
package/content/.claude/commands/morph-deploy.md +529 -529
package/content/.claude/commands/morph-infra.md +209 -209
package/content/.claude/commands/morph-preflight.md +227 -227
package/content/.claude/commands/morph-troubleshoot.md +122 -122
package/content/.claude/settings.local.json +15 -15
package/content/.claude/skills/{specialists → level-2-domains/architecture}/prompt-engineer.md +189 -189
package/content/.claude/skills/{specialists → level-2-domains/architecture}/seo-growth-hacker.md +320 -320
package/content/.claude/skills/{infra → level-2-domains/infrastructure}/azure-deploy-specialist.md +699 -699
package/content/.morph/.morphversion +5 -5
package/content/.morph/archive/.gitkeep +25 -25
package/content/.morph/config/agents.json +7 -5
package/content/.morph/docs/STORY-DRIVEN-DEVELOPMENT.md +392 -392
package/content/.morph/examples/api-nextjs/README.md +241 -241
package/content/.morph/examples/api-nextjs/contracts.ts +307 -307
package/content/.morph/examples/api-nextjs/spec.md +399 -399
package/content/.morph/examples/api-nextjs/tasks.md +168 -168
package/content/.morph/examples/micro-saas/README.md +125 -125
package/content/.morph/examples/micro-saas/contracts.cs +358 -358
package/content/.morph/examples/micro-saas/decisions.md +246 -246
package/content/.morph/examples/micro-saas/spec.md +236 -236
package/content/.morph/examples/micro-saas/tasks.md +150 -150
package/content/.morph/examples/multi-agent/README.md +309 -309
package/content/.morph/examples/multi-agent/contracts.cs +433 -433
package/content/.morph/examples/multi-agent/spec.md +479 -479
package/content/.morph/examples/multi-agent/tasks.md +185 -185
package/content/.morph/examples/state-v3.json +188 -188
package/content/.morph/features/.gitkeep +25 -25
package/content/.morph/hooks/pre-commit-all.sh +48 -48
package/content/.morph/hooks/pre-commit-specs.sh +49 -49
package/content/.morph/hooks/pre-commit-tests.sh +60 -60
package/content/.morph/project.md +160 -160
package/content/.morph/schemas/agent.schema.json +296 -296
package/content/.morph/specs/.gitkeep +20 -20
package/content/.morph/standards/coding.md +377 -377
package/content/.morph/standards/fluent-ui-setup.md +590 -590
package/content/.morph/standards/migration-guide.md +514 -514
package/content/.morph/standards/passkeys-auth.md +423 -423
package/content/.morph/standards/vector-search-rag.md +536 -536
package/content/.morph/state.json +17 -17
package/content/.morph/templates/FluentDesignTheme.cs +149 -149
package/content/.morph/templates/MudTheme.cs +281 -281
package/content/.morph/templates/component.razor +239 -239
package/content/.morph/templates/contracts.cs +217 -217
package/content/.morph/templates/design-system.css +226 -226
package/content/.morph/templates/infra/.dockerignore.example +89 -89
package/content/.morph/templates/infra/Dockerfile.example +82 -82
package/content/.morph/templates/infra/README.md +286 -286
package/content/.morph/templates/infra/app-insights.bicep +63 -63
package/content/.morph/templates/infra/app-service.bicep +164 -164
package/content/.morph/templates/infra/azure-pipelines-deploy.yml +480 -480
package/content/.morph/templates/infra/container-app-env.bicep +49 -49
package/content/.morph/templates/infra/container-app.bicep +156 -156
package/content/.morph/templates/infra/deploy-checklist.md +426 -426
package/content/.morph/templates/infra/deploy.ps1 +229 -229
package/content/.morph/templates/infra/deploy.sh +208 -208
package/content/.morph/templates/infra/key-vault.bicep +91 -91
package/content/.morph/templates/infra/main.bicep +189 -189
package/content/.morph/templates/infra/parameters.dev.json +29 -29
package/content/.morph/templates/infra/parameters.prod.json +29 -29
package/content/.morph/templates/infra/parameters.staging.json +29 -29
package/content/.morph/templates/infra/sql-database.bicep +103 -103
package/content/.morph/templates/infra/storage.bicep +106 -106
package/content/.morph/templates/integrations/asaas-client.cs +387 -387
package/content/.morph/templates/integrations/asaas-webhook.cs +351 -351
package/content/.morph/templates/integrations/azure-identity-config.cs +288 -288
package/content/.morph/templates/integrations/clerk-config.cs +258 -258
package/content/.morph/templates/job.cs +171 -171
package/content/.morph/templates/migration.cs +83 -83
package/content/.morph/templates/repository.cs +141 -141
package/content/.morph/templates/saas/subscription.cs +347 -347
package/content/.morph/templates/saas/tenant.cs +338 -338
package/content/.morph/templates/service.cs +139 -139
package/content/.morph/templates/sprint-status.yaml +68 -68
package/content/.morph/templates/story.md +143 -143
package/content/.morph/templates/test.cs +239 -239
package/content/.morph/templates/ui-design-system.md +286 -286
package/content/.morph/templates/ui-flows.md +336 -336
package/content/.morph/templates/ui-mockups.md +133 -133
package/content/.morph/test-infra/example.bicep +59 -59
package/content/README.md +79 -79
package/docs/api/fonts/Source-Sans-Pro/sourcesanspro-light-webfont.svg +977 -977
package/docs/api/fonts/Source-Sans-Pro/sourcesanspro-regular-webfont.svg +1048 -1048
package/docs/api/scripts/collapse.js +38 -38
package/docs/api/scripts/commonNav.js +28 -28
package/docs/api/scripts/linenumber.js +25 -25
package/docs/api/scripts/nav.js +12 -12
package/docs/api/scripts/polyfill.js +3 -3
package/docs/api/scripts/prettify/Apache-License-2.0.txt +202 -202
package/docs/api/scripts/prettify/lang-css.js +2 -2
package/docs/api/scripts/prettify/prettify.js +28 -28
package/docs/api/scripts/search.js +98 -98
package/docs/api/styles/jsdoc.css +776 -776
package/docs/api/styles/prettify.css +80 -80
package/docs/examples.md +328 -328
package/docs/templates.md +418 -418
package/package.json +1 -2
package/scripts/postinstall.js +132 -132
package/scripts/reorganize-skills.cjs +175 -0
package/scripts/validate-agents-structure.cjs +52 -0
package/scripts/validate-skills.cjs +180 -0
package/src/commands/analyze-blazor-concurrency.js +193 -193
package/src/commands/create-story.js +351 -351
package/src/commands/deploy.js +780 -780
package/src/commands/detect-agents.js +9 -0
package/src/commands/detect.js +104 -104
package/src/commands/generate.js +149 -149
package/src/commands/lint-fluent.js +352 -352
package/src/commands/rollback-phase.js +185 -185
package/src/commands/session-summary.js +291 -291
package/src/commands/shard-spec.js +224 -224
package/src/commands/sprint-status.js +250 -250
package/src/commands/state.js +334 -333
package/src/commands/sync.js +167 -167
package/src/commands/troubleshoot.js +222 -222
package/src/commands/update.js +13 -1
package/src/commands/validate-blazor-state.js +210 -210
package/src/commands/validate-blazor.js +156 -156
package/src/commands/validate-css.js +84 -84
package/src/commands/validate-phase.js +221 -221
package/src/lib/blazor-concurrency-analyzer.js +288 -288
package/src/lib/blazor-state-validator.js +291 -291
package/src/lib/blazor-validator.js +374 -374
package/src/lib/css-validator.js +352 -352
package/src/lib/design-system-generator.js +298 -298
package/{detectors → src/lib/detectors}/config-detector.js +223 -223
package/{detectors → src/lib/detectors}/conversation-analyzer.js +163 -163
package/{detectors → src/lib/detectors}/index.js +84 -84
package/{detectors → src/lib/detectors}/standards-generator.js +275 -275
package/src/lib/learning-system.js +520 -520
package/src/lib/mockup-generator.js +366 -366
package/src/lib/state-manager.js +21 -4
package/src/lib/troubleshoot-grep.js +194 -194
package/src/lib/troubleshoot-index.js +144 -144
package/src/lib/ui-detector.js +350 -350
package/src/lib/validators/architecture-validator.js +387 -387
package/src/lib/validators/package-validator.js +360 -360
package/src/lib/validators/ui-contrast-validator.js +422 -422
package/src/utils/logger.js +32 -32
package/src/utils/version-checker.js +175 -175
/package/{detectors → src/lib/detectors}/structure-detector.js +0 -0

package/content/.morph/standards/passkeys-auth.md CHANGED Viewed

@@ -1,423 +1,423 @@
-# Passkeys/WebAuthn - Autenticação Sem Senhas (.NET 10)
-> **Novidade .NET 10:** Suporte nativo a Passkeys/WebAuthn integrado no ASP.NET Core Identity.
----
-## 🎯 O Que São Passkeys?
-**Passkeys** são credenciais criptográficas que substituem senhas tradicionais.
-### Características
-| Aspecto | Descrição |
-|---------|-----------|
-| **Segurança** | Resistentes a phishing, não podem ser roubadas |
-| **Usabilidade** | Login com biometria ou PIN do dispositivo |
-| **Privacidade** | Chave privada nunca sai do dispositivo |
-| **Padrão** | WebAuthn (W3C) + FIDO2 |
-### Como Funciona
-```
-1. Usuário solicita criação de passkey
-2. Sistema gera par de chaves (pública/privada)
-3. Chave pública → Servidor
-4. Chave privada → Authenticator (Windows Hello, smartphone, security key)
-5. Login: Servidor desafia → Authenticator assina → Servidor verifica
-```
-**Authenticators suportados:**
-- Windows Hello
-- Face ID / Touch ID (Apple)
-- Biometria Android
-- Security keys (YubiKey, etc.)
----
-## 🚀 Setup em Blazor Web App
-### 1. Criar Projeto com Identity
-```bash
-dotnet new blazor --auth Individual -o MyApp
-cd MyApp
-```
-**Importante:** Escolher "Individual User Accounts" habilita passkeys automaticamente.
-### 2. Estrutura Gerada
-```
-MyApp/
-├── Components/
-│   └── Account/
-│       ├── Pages/
-│       │   ├── Manage/
-│       │   │   └── Passkeys.razor  ← Gerenciamento de passkeys
-│       │   ├── Login.razor         ← Login com passkey
-│       │   └── Register.razor
-│       └── IdentityUserAccessor.cs
-├── Data/
-│   ├── ApplicationDbContext.cs
-│   └── ApplicationUser.cs
-└── Program.cs
-```
-### 3. Configuração Automática no Program.cs
-```csharp
-// Já vem configurado no template
-builder.Services.AddIdentityCore<ApplicationUser>(options =>
-{
-    options.SignIn.RequireConfirmedAccount = true;
-    // Passkeys habilitados por padrão
-    options.Stores.MaxLengthForKeys = 128;
-})
-.AddEntityFrameworkStores<ApplicationDbContext>()
-.AddSignInManager()
-.AddDefaultTokenProviders();
-// WebAuthn/Passkeys configurado automaticamente
-builder.Services.AddAuthentication(options =>
-{
-    options.DefaultScheme = IdentityConstants.ApplicationScheme;
-    options.DefaultSignInScheme = IdentityConstants.ExternalScheme;
-})
-.AddIdentityCookies();
-```
----
-## 📱 Fluxo de Uso
-### Criar Passkey
-1. Usuário loga com email/senha (primeira vez)
-2. Acessa perfil → Aba "Passkeys"
-3. Clica "Add Passkey"
-4. Sistema solicita authenticator (Windows Hello, celular, etc.)
-5. Usuário confirma identidade (biometria/PIN)
-6. Passkey é criada e nomeada
-7. Salva no banco de dados
-### Login com Passkey
-1. Usuário acessa página de login
-2. Clica "Login with Passkey"
-3. Sistema envia desafio
-4. Authenticator assina desafio
-5. Servidor verifica assinatura
-6. Usuário autenticado
----
-## 💻 Implementação Customizada
-### Adicionar Passkeys a Projeto Existente
-Se você tem um projeto Blazor sem passkeys, use o **scaffolder**:
-```bash
-dotnet tool install -g dotnet-aspnet-codegenerator
-dotnet aspnet-codegenerator identity \
-    --useDefaultUI \
-    --dbContext ApplicationDbContext \
-    --files "Account.Manage.Passkeys;Account.Login"
-```
-Isso adiciona:
-- `Components/Account/Pages/Manage/Passkeys.razor`
-- `Components/Account/Pages/Login.razor` (atualizado)
-### Verificar Suporte a Passkeys
-```csharp
-@inject IPasskeyService PasskeyService
-@code {
-    private bool _supportsPasskeys;
-    protected override async Task OnInitializedAsync()
-    {
-        _supportsPasskeys = await PasskeyService.IsSupportedAsync();
-    }
-}
-```
-### Listar Passkeys do Usuário
-```csharp
-@page "/manage/passkeys"
-@inject IPasskeyService PasskeyService
-@inject UserManager<ApplicationUser> UserManager
-<h3>Minhas Passkeys</h3>
-@if (_passkeys is null)
-{
-    <p>Carregando...</p>
-}
-else if (!_passkeys.Any())
-{
-    <p>Você não tem passkeys configuradas.</p>
-}
-else
-{
-    <ul>
-        @foreach (var passkey in _passkeys)
-        {
-            <li>
-                @passkey.Name (@passkey.CreatedAt.ToString("dd/MM/yyyy"))
-                <button @onclick="() => RemovePasskey(passkey.Id)">Remover</button>
-            </li>
-        }
-    </ul>
-}
-<button @onclick="AddPasskey">Adicionar Passkey</button>
-@code {
-    private List<Passkey>? _passkeys;
-    protected override async Task OnInitializedAsync()
-    {
-        var user = await UserManager.GetUserAsync(User);
-        _passkeys = await PasskeyService.GetUserPasskeysAsync(user!.Id);
-    }
-    private async Task AddPasskey()
-    {
-        var user = await UserManager.GetUserAsync(User);
-        await PasskeyService.CreatePasskeyAsync(user!.Id);
-        await OnInitializedAsync(); // Recarregar lista
-    }
-    private async Task RemovePasskey(string passkeyId)
-    {
-        await PasskeyService.RemovePasskeyAsync(passkeyId);
-        await OnInitializedAsync(); // Recarregar lista
-    }
-}
-```
----
-## 🗄️ Modelo de Dados
-### Entidade Passkey
-```csharp
-public class Passkey
-{
-    public string Id { get; set; } = Guid.NewGuid().ToString();
-    public string UserId { get; set; } = null!;
-    public string Name { get; set; } = "Passkey";
-    public byte[] CredentialId { get; set; } = Array.Empty<byte>();
-    public byte[] PublicKey { get; set; } = Array.Empty<byte>();
-    public int SignatureCounter { get; set; }
-    public DateTime CreatedAt { get; set; } = DateTime.UtcNow;
-    public DateTime? LastUsedAt { get; set; }
-    // Relacionamento
-    public ApplicationUser User { get; set; } = null!;
-}
-```
-### DbContext
-```csharp
-public class ApplicationDbContext : IdentityDbContext<ApplicationUser>
-{
-    public DbSet<Passkey> Passkeys { get; set; }
-    protected override void OnModelCreating(ModelBuilder builder)
-    {
-        base.OnModelCreating(builder);
-        builder.Entity<Passkey>(entity =>
-        {
-            entity.HasKey(p => p.Id);
-            entity.HasIndex(p => p.UserId);
-            entity.HasIndex(p => p.CredentialId).IsUnique();
-            entity.HasOne(p => p.User)
-                .WithMany()
-                .HasForeignKey(p => p.UserId)
-                .OnDelete(DeleteBehavior.Cascade);
-        });
-    }
-}
-```
-### Migration
-```bash
-dotnet ef migrations add AddPasskeys
-dotnet ef database update
-```
----
-## 🔒 Segurança
-### Configurações Recomendadas
-```csharp
-builder.Services.AddAuthentication()
-    .AddWebAuthn(options =>
-    {
-        // Nome do site (aparece no authenticator)
-        options.RelyingPartyId = "myapp.com";
-        options.RelyingPartyName = "My Application";
-        // Origem permitida
-        options.Origins = new[] { "https://myapp.com" };
-        // Timeout de autenticação
-        options.Timeout = TimeSpan.FromSeconds(60);
-        // Tipo de authenticator
-        options.AuthenticatorSelection = new()
-        {
-            RequireResidentKey = false,
-            UserVerification = UserVerificationRequirement.Preferred
-        };
-    });
-```
-### User Verification
-| Modo | Descrição | Quando Usar |
-|------|-----------|-------------|
-| `Required` | Exige biometria/PIN sempre | Alto risco |
-| `Preferred` | Prefere biometria mas aceita alternativa | Padrão recomendado |
-| `Discouraged` | Não solicita verificação | Não use |
-### Attestation
-```csharp
-options.Attestation = AttestationConveyancePreference.None;
-```
-**Valores:**
-- `None`: Não requer attestation (mais compatível)
-- `Indirect`: Valida authenticator via CA
-- `Direct`: Requer attestation direta (mais restritivo)
-**Recomendação:** Use `None` para máxima compatibilidade.
----
-## 🧪 Testando Passkeys
-### Ambiente de Desenvolvimento
-1. **HTTPS obrigatório:** WebAuthn só funciona com HTTPS (ou localhost)
-2. **Windows Hello:** Habilite no Windows
-3. **Chrome DevTools:** Use Virtual Authenticator para testes
-### Virtual Authenticator (Chrome)
-1. F12 → More Tools → WebAuthn
-2. Enable virtual authenticator environment
-3. Add authenticator (escolha tipo: USB, NFC, Internal)
-4. Teste criação e login
-### Smartphone como Authenticator
-1. Use HTTPS (não localhost)
-2. Escaneie QR code gerado
-3. Confirme com biometria do celular
----
-## 🐛 Troubleshooting
-### Erro: "WebAuthn not supported"
-**Causa:** Navegador antigo ou HTTP (não HTTPS)
-**Solução:**
-- Use HTTPS em produção
-- Localhost funciona com HTTP (somente dev)
-- Atualize navegador
-### Erro: "User verification failed"
-**Causa:** Authenticator não configurado ou cancelado
-**Solução:**
-- Configure Windows Hello / Touch ID
-- Tente outro authenticator
-- Verifique `UserVerification = Preferred`
-### Passkey não aparece em outro dispositivo
-**Causa:** Passkeys não sincronizam automaticamente (depende do authenticator)
-**Solução:**
-- Use authenticator com sync (ex: Google Password Manager)
-- Ou crie passkey separada por dispositivo
----
-## 📊 Migração Gradual
-### Permitir Email/Senha + Passkeys
-```csharp
-// Login.razor
-<EditForm Model="Input" OnValidSubmit="LoginAsync">
-    <InputText @bind-Value="Input.Email" />
-    <InputText @bind-Value="Input.Password" type="password" />
-    <button type="submit">Login with Password</button>
-</EditForm>
-<hr />
-<button @onclick="LoginWithPasskey">Login with Passkey</button>
-@code {
-    private async Task LoginAsync()
-    {
-        // Login tradicional com senha
-    }
-    private async Task LoginWithPasskey()
-    {
-        // Login com WebAuthn
-    }
-}
-```
-**Estratégia:** Mantenha senha como fallback, incentive passkeys.
----
-## ✅ Checklist de Implementação
-- [ ] Projeto criado com `--auth Individual` ou scaffolder usado
-- [ ] DbContext inclui tabela `Passkeys`
-- [ ] Migration executada
-- [ ] HTTPS habilitado (dev e prod)
-- [ ] Página de gerenciamento de passkeys funcional
-- [ ] Login com passkey funcional
-- [ ] Fallback para email/senha disponível
-- [ ] Testado com Windows Hello ou smartphone
-- [ ] `RelyingPartyId` configurado corretamente
----
-## 📚 Referências
-- [WebAuthn Specification (W3C)](https://w3c.github.io/webauthn/)
-- [FIDO Alliance](https://fidoalliance.org/)
-- [ASP.NET Core Identity - Passkeys](https://learn.microsoft.com/aspnet/core/security/authentication/identity/passkeys)
-- [Chrome WebAuthn DevTools](https://developer.chrome.com/docs/devtools/webauthn/)
----
-*MORPH-SPEC by Polymorphism Tech*
+# Passkeys/WebAuthn - Autenticação Sem Senhas (.NET 10)
+> **Novidade .NET 10:** Suporte nativo a Passkeys/WebAuthn integrado no ASP.NET Core Identity.
+---
+## 🎯 O Que São Passkeys?
+**Passkeys** são credenciais criptográficas que substituem senhas tradicionais.
+### Características
+| Aspecto | Descrição |
+|---------|-----------|
+| **Segurança** | Resistentes a phishing, não podem ser roubadas |
+| **Usabilidade** | Login com biometria ou PIN do dispositivo |
+| **Privacidade** | Chave privada nunca sai do dispositivo |
+| **Padrão** | WebAuthn (W3C) + FIDO2 |
+### Como Funciona
+```
+1. Usuário solicita criação de passkey
+2. Sistema gera par de chaves (pública/privada)
+3. Chave pública → Servidor
+4. Chave privada → Authenticator (Windows Hello, smartphone, security key)
+5. Login: Servidor desafia → Authenticator assina → Servidor verifica
+```
+**Authenticators suportados:**
+- Windows Hello
+- Face ID / Touch ID (Apple)
+- Biometria Android
+- Security keys (YubiKey, etc.)
+---
+## 🚀 Setup em Blazor Web App
+### 1. Criar Projeto com Identity
+```bash
+dotnet new blazor --auth Individual -o MyApp
+cd MyApp
+```
+**Importante:** Escolher "Individual User Accounts" habilita passkeys automaticamente.
+### 2. Estrutura Gerada
+```
+MyApp/
+├── Components/
+│   └── Account/
+│       ├── Pages/
+│       │   ├── Manage/
+│       │   │   └── Passkeys.razor  ← Gerenciamento de passkeys
+│       │   ├── Login.razor         ← Login com passkey
+│       │   └── Register.razor
+│       └── IdentityUserAccessor.cs
+├── Data/
+│   ├── ApplicationDbContext.cs
+│   └── ApplicationUser.cs
+└── Program.cs
+```
+### 3. Configuração Automática no Program.cs
+```csharp
+// Já vem configurado no template
+builder.Services.AddIdentityCore<ApplicationUser>(options =>
+{
+    options.SignIn.RequireConfirmedAccount = true;
+    // Passkeys habilitados por padrão
+    options.Stores.MaxLengthForKeys = 128;
+})
+.AddEntityFrameworkStores<ApplicationDbContext>()
+.AddSignInManager()
+.AddDefaultTokenProviders();
+// WebAuthn/Passkeys configurado automaticamente
+builder.Services.AddAuthentication(options =>
+{
+    options.DefaultScheme = IdentityConstants.ApplicationScheme;
+    options.DefaultSignInScheme = IdentityConstants.ExternalScheme;
+})
+.AddIdentityCookies();
+```
+---
+## 📱 Fluxo de Uso
+### Criar Passkey
+1. Usuário loga com email/senha (primeira vez)
+2. Acessa perfil → Aba "Passkeys"
+3. Clica "Add Passkey"
+4. Sistema solicita authenticator (Windows Hello, celular, etc.)
+5. Usuário confirma identidade (biometria/PIN)
+6. Passkey é criada e nomeada
+7. Salva no banco de dados
+### Login com Passkey
+1. Usuário acessa página de login
+2. Clica "Login with Passkey"
+3. Sistema envia desafio
+4. Authenticator assina desafio
+5. Servidor verifica assinatura
+6. Usuário autenticado
+---
+## 💻 Implementação Customizada
+### Adicionar Passkeys a Projeto Existente
+Se você tem um projeto Blazor sem passkeys, use o **scaffolder**:
+```bash
+dotnet tool install -g dotnet-aspnet-codegenerator
+dotnet aspnet-codegenerator identity \
+    --useDefaultUI \
+    --dbContext ApplicationDbContext \
+    --files "Account.Manage.Passkeys;Account.Login"
+```
+Isso adiciona:
+- `Components/Account/Pages/Manage/Passkeys.razor`
+- `Components/Account/Pages/Login.razor` (atualizado)
+### Verificar Suporte a Passkeys
+```csharp
+@inject IPasskeyService PasskeyService
+@code {
+    private bool _supportsPasskeys;
+    protected override async Task OnInitializedAsync()
+    {
+        _supportsPasskeys = await PasskeyService.IsSupportedAsync();
+    }
+}
+```
+### Listar Passkeys do Usuário
+```csharp
+@page "/manage/passkeys"
+@inject IPasskeyService PasskeyService
+@inject UserManager<ApplicationUser> UserManager
+<h3>Minhas Passkeys</h3>
+@if (_passkeys is null)
+{
+    <p>Carregando...</p>
+}
+else if (!_passkeys.Any())
+{
+    <p>Você não tem passkeys configuradas.</p>
+}
+else
+{
+    <ul>
+        @foreach (var passkey in _passkeys)
+        {
+            <li>
+                @passkey.Name (@passkey.CreatedAt.ToString("dd/MM/yyyy"))
+                <button @onclick="() => RemovePasskey(passkey.Id)">Remover</button>
+            </li>
+        }
+    </ul>
+}
+<button @onclick="AddPasskey">Adicionar Passkey</button>
+@code {
+    private List<Passkey>? _passkeys;
+    protected override async Task OnInitializedAsync()
+    {
+        var user = await UserManager.GetUserAsync(User);
+        _passkeys = await PasskeyService.GetUserPasskeysAsync(user!.Id);
+    }
+    private async Task AddPasskey()
+    {
+        var user = await UserManager.GetUserAsync(User);
+        await PasskeyService.CreatePasskeyAsync(user!.Id);
+        await OnInitializedAsync(); // Recarregar lista
+    }
+    private async Task RemovePasskey(string passkeyId)
+    {
+        await PasskeyService.RemovePasskeyAsync(passkeyId);
+        await OnInitializedAsync(); // Recarregar lista
+    }
+}
+```
+---
+## 🗄️ Modelo de Dados
+### Entidade Passkey
+```csharp
+public class Passkey
+{
+    public string Id { get; set; } = Guid.NewGuid().ToString();
+    public string UserId { get; set; } = null!;
+    public string Name { get; set; } = "Passkey";
+    public byte[] CredentialId { get; set; } = Array.Empty<byte>();
+    public byte[] PublicKey { get; set; } = Array.Empty<byte>();
+    public int SignatureCounter { get; set; }
+    public DateTime CreatedAt { get; set; } = DateTime.UtcNow;
+    public DateTime? LastUsedAt { get; set; }
+    // Relacionamento
+    public ApplicationUser User { get; set; } = null!;
+}
+```
+### DbContext
+```csharp
+public class ApplicationDbContext : IdentityDbContext<ApplicationUser>
+{
+    public DbSet<Passkey> Passkeys { get; set; }
+    protected override void OnModelCreating(ModelBuilder builder)
+    {
+        base.OnModelCreating(builder);
+        builder.Entity<Passkey>(entity =>
+        {
+            entity.HasKey(p => p.Id);
+            entity.HasIndex(p => p.UserId);
+            entity.HasIndex(p => p.CredentialId).IsUnique();
+            entity.HasOne(p => p.User)
+                .WithMany()
+                .HasForeignKey(p => p.UserId)
+                .OnDelete(DeleteBehavior.Cascade);
+        });
+    }
+}
+```
+### Migration
+```bash
+dotnet ef migrations add AddPasskeys
+dotnet ef database update
+```
+---
+## 🔒 Segurança
+### Configurações Recomendadas
+```csharp
+builder.Services.AddAuthentication()
+    .AddWebAuthn(options =>
+    {
+        // Nome do site (aparece no authenticator)
+        options.RelyingPartyId = "myapp.com";
+        options.RelyingPartyName = "My Application";
+        // Origem permitida
+        options.Origins = new[] { "https://myapp.com" };
+        // Timeout de autenticação
+        options.Timeout = TimeSpan.FromSeconds(60);
+        // Tipo de authenticator
+        options.AuthenticatorSelection = new()
+        {
+            RequireResidentKey = false,
+            UserVerification = UserVerificationRequirement.Preferred
+        };
+    });
+```
+### User Verification
+| Modo | Descrição | Quando Usar |
+|------|-----------|-------------|
+| `Required` | Exige biometria/PIN sempre | Alto risco |
+| `Preferred` | Prefere biometria mas aceita alternativa | Padrão recomendado |
+| `Discouraged` | Não solicita verificação | Não use |
+### Attestation
+```csharp
+options.Attestation = AttestationConveyancePreference.None;
+```
+**Valores:**
+- `None`: Não requer attestation (mais compatível)
+- `Indirect`: Valida authenticator via CA
+- `Direct`: Requer attestation direta (mais restritivo)
+**Recomendação:** Use `None` para máxima compatibilidade.
+---
+## 🧪 Testando Passkeys
+### Ambiente de Desenvolvimento
+1. **HTTPS obrigatório:** WebAuthn só funciona com HTTPS (ou localhost)
+2. **Windows Hello:** Habilite no Windows
+3. **Chrome DevTools:** Use Virtual Authenticator para testes
+### Virtual Authenticator (Chrome)
+1. F12 → More Tools → WebAuthn
+2. Enable virtual authenticator environment
+3. Add authenticator (escolha tipo: USB, NFC, Internal)
+4. Teste criação e login
+### Smartphone como Authenticator
+1. Use HTTPS (não localhost)
+2. Escaneie QR code gerado
+3. Confirme com biometria do celular
+---
+## 🐛 Troubleshooting
+### Erro: "WebAuthn not supported"
+**Causa:** Navegador antigo ou HTTP (não HTTPS)
+**Solução:**
+- Use HTTPS em produção
+- Localhost funciona com HTTP (somente dev)
+- Atualize navegador
+### Erro: "User verification failed"
+**Causa:** Authenticator não configurado ou cancelado
+**Solução:**
+- Configure Windows Hello / Touch ID
+- Tente outro authenticator
+- Verifique `UserVerification = Preferred`
+### Passkey não aparece em outro dispositivo
+**Causa:** Passkeys não sincronizam automaticamente (depende do authenticator)
+**Solução:**
+- Use authenticator com sync (ex: Google Password Manager)
+- Ou crie passkey separada por dispositivo
+---
+## 📊 Migração Gradual
+### Permitir Email/Senha + Passkeys
+```csharp
+// Login.razor
+<EditForm Model="Input" OnValidSubmit="LoginAsync">
+    <InputText @bind-Value="Input.Email" />
+    <InputText @bind-Value="Input.Password" type="password" />
+    <button type="submit">Login with Password</button>
+</EditForm>
+<hr />
+<button @onclick="LoginWithPasskey">Login with Passkey</button>
+@code {
+    private async Task LoginAsync()
+    {
+        // Login tradicional com senha
+    }
+    private async Task LoginWithPasskey()
+    {
+        // Login com WebAuthn
+    }
+}
+```
+**Estratégia:** Mantenha senha como fallback, incentive passkeys.
+---
+## ✅ Checklist de Implementação
+- [ ] Projeto criado com `--auth Individual` ou scaffolder usado
+- [ ] DbContext inclui tabela `Passkeys`
+- [ ] Migration executada
+- [ ] HTTPS habilitado (dev e prod)
+- [ ] Página de gerenciamento de passkeys funcional
+- [ ] Login com passkey funcional
+- [ ] Fallback para email/senha disponível
+- [ ] Testado com Windows Hello ou smartphone
+- [ ] `RelyingPartyId` configurado corretamente
+---
+## 📚 Referências
+- [WebAuthn Specification (W3C)](https://w3c.github.io/webauthn/)
+- [FIDO Alliance](https://fidoalliance.org/)
+- [ASP.NET Core Identity - Passkeys](https://learn.microsoft.com/aspnet/core/security/authentication/identity/passkeys)
+- [Chrome WebAuthn DevTools](https://developer.chrome.com/docs/devtools/webauthn/)
+---
+*MORPH-SPEC by Polymorphism Tech*