From a6262a681c9896d4e5bfe9dfbd418b9ff4763ba5 Mon Sep 17 00:00:00 2001
From: Tein Schoemaker <teintjomme@gmail.com>
Date: Sun, 24 Aug 2025 23:02:53 +0200
Subject: [PATCH 1/3] TODO: Security

---
 .gitignore                                    |   2 +
 api-cinema-challenge/api-cinema-challenge.sln |   1 +
 .../api-cinema-challenge/Data/Cinema ERD.png  | Bin 0 -> 22192 bytes
 .../api-cinema-challenge/Data/Seeder.cs       |   7 ++
 .../Requests/CustomerPostRequest.cs           |   9 ++
 .../DataTransfer/Requests/MoviePostRequest.cs |  15 +++
 .../Requests/ScreeningPostRequest.cs          |  12 ++
 .../Requests/TicketPostRequest.cs             |   7 ++
 .../Endpoints/CustomerEndpoints.cs            |  79 ++++++++++++++
 .../Endpoints/MovieEndpoints.cs               | 103 ++++++++++++++++++
 .../Endpoints/ScreeningEndpoints.cs           |  58 ++++++++++
 .../Models/ApplicationUser.cs                 |  10 ++
 .../api-cinema-challenge/Models/Customer.cs   |  24 ++++
 .../Models/Enums/MovieRating.cs               |  11 ++
 .../api-cinema-challenge/Models/Enums/Role.cs |   8 ++
 .../api-cinema-challenge/Models/Movie.cs      |  28 +++++
 .../Models/ParentModel.cs                     |  12 ++
 .../api-cinema-challenge/Models/Screening.cs  |  27 +++++
 .../api-cinema-challenge/Models/Ticket.cs     |  26 +++++
 .../api-cinema-challenge/Program.cs           |   7 ++
 .../Repository/IRepository.cs                 |  13 +++
 .../Repository/Repository.cs                  |  47 ++++++++
 .../api-cinema-challenge.csproj               |   2 +-
 .../appsettings.example.json                  |  12 --
 24 files changed, 507 insertions(+), 13 deletions(-)
 create mode 100644 api-cinema-challenge/api-cinema-challenge/Data/Cinema ERD.png
 create mode 100644 api-cinema-challenge/api-cinema-challenge/Data/Seeder.cs
 create mode 100644 api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/CustomerPostRequest.cs
 create mode 100644 api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/MoviePostRequest.cs
 create mode 100644 api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/ScreeningPostRequest.cs
 create mode 100644 api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/TicketPostRequest.cs
 create mode 100644 api-cinema-challenge/api-cinema-challenge/Endpoints/CustomerEndpoints.cs
 create mode 100644 api-cinema-challenge/api-cinema-challenge/Endpoints/MovieEndpoints.cs
 create mode 100644 api-cinema-challenge/api-cinema-challenge/Endpoints/ScreeningEndpoints.cs
 create mode 100644 api-cinema-challenge/api-cinema-challenge/Models/ApplicationUser.cs
 create mode 100644 api-cinema-challenge/api-cinema-challenge/Models/Customer.cs
 create mode 100644 api-cinema-challenge/api-cinema-challenge/Models/Enums/MovieRating.cs
 create mode 100644 api-cinema-challenge/api-cinema-challenge/Models/Enums/Role.cs
 create mode 100644 api-cinema-challenge/api-cinema-challenge/Models/Movie.cs
 create mode 100644 api-cinema-challenge/api-cinema-challenge/Models/ParentModel.cs
 create mode 100644 api-cinema-challenge/api-cinema-challenge/Models/Screening.cs
 create mode 100644 api-cinema-challenge/api-cinema-challenge/Models/Ticket.cs
 create mode 100644 api-cinema-challenge/api-cinema-challenge/Repository/IRepository.cs
 create mode 100644 api-cinema-challenge/api-cinema-challenge/Repository/Repository.cs
 delete mode 100644 api-cinema-challenge/api-cinema-challenge/appsettings.example.json

diff --git a/.gitignore b/.gitignore
index cf332414..608ac5c0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -362,6 +362,8 @@ MigrationBackup/
 # Fody - auto-generated XML schema
 FodyWeavers.xsd
 
+Migrations/
+
 */**/appsettings.json
 */**/appsettings.Development.json
 */**/bin/Debug   
diff --git a/api-cinema-challenge/api-cinema-challenge.sln b/api-cinema-challenge/api-cinema-challenge.sln
index 9cd490f5..c9e14d71 100644
--- a/api-cinema-challenge/api-cinema-challenge.sln
+++ b/api-cinema-challenge/api-cinema-challenge.sln
@@ -8,6 +8,7 @@ EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{3C371BAA-344D-4C8A-AF08-7829816D726F}"
 	ProjectSection(SolutionItems) = preProject
 		..\.gitignore = ..\.gitignore
+		api-cinema-challenge\Data\Cinema ERD.png = api-cinema-challenge\Data\Cinema ERD.png
 		..\README.md = ..\README.md
 	EndProjectSection
 EndProject
diff --git a/api-cinema-challenge/api-cinema-challenge/Data/Cinema ERD.png b/api-cinema-challenge/api-cinema-challenge/Data/Cinema ERD.png
new file mode 100644
index 0000000000000000000000000000000000000000..b2d1703c3849ac876430221bde865e802daed2f1
GIT binary patch
literal 22192
zcmce82UJs0w<d~+h%^yUDM5NiL3)WulOnyhh=NG((i0JtCIsm{A|M^4_W(jbKtM`B
zqy$1!5HQpLA(@N+dvD&Xnf1Rl>-{sVl^f1IeV={z-RC>sPPBoZCe7uWm&wS;XtW-v
z8Ih5l$CHtf4_qP#?o7(fcLQIXPaYUOBqIyvBO`n9ij3?Sxb@;E8JYiWGP3nYWMuN`
zWMnK}*)4{OK*p|tu8BH{L^?S+85$m`t!rFfUJ($HbaDx{uy(GgZA?fko}VYp%$$^z
zcIOusd;13GAR2%CIQje;)6g(BIJiDBu?I9GARq>Z7e0Jw>E#t(TH2$apq7(Uf9=|J
z2*d*hOY-p#_Vo{5Uth;yFnfD@V`F2MmX;nK9@np5FDxt!4-Xd;6YJ^eQBzY(N=mA)
zuRl0A$jr?AR9z=2DQRwQUQt;+GBUEVveMn%-PqU|931TD=T}@(uA!k(U0toMtzBGP
zJTo)n?CiX?wdLjWJT^Ag-od%EtJ~ev?~%Qui<`HDqqB#X|6@mIR}Y`3&)mgtOEP@&
zU<Af}?y-)h8d($t`vV|B<@LbQmyGOs*4gKrmVZPtaFfzc>!CX3uS?gjaB#qw#Useb
zOv1I)R7?VYY_?N}%xE-JM%Q%vY0k}C*VOY^H(=Rqs1F^o`?rR(bAN?B{di*Iv`Qjn
zmYAB7sW21>FsOy2w!^qGxKv)Mw2O#cdr|cg=;L4WH_VP(75%=TF!k{K(}f|IeWmL=
zk?3`Jr8Px%Cb$yXbUuslYotu3a)u&19gVPcZBT<+P)*U0>kR~yftyp^-n}0@%x;8v
zReYB?BIazQp5tHHJgj80<^vOA&r%dv_-++F#*>pMOONsW=hur^2*%F_(oVXauwXXl
z?R+nE<VF-sm0hOMPbOg@*CRLBJH$6i$>~bZVRksa@$m2v^egE&taW+`9tG2{9D0Rc
zxSl(K&smbuAkZ~#D0upH`Bs3Mj?`qJhetr~&!hA~=&DG#S^(X_u>RiB@%lkh%i7?6
zidd9QD;2J5W15@D65K}8-BZCFb<RV^mx{y#{NNm*Y=w{>5~0{7>tuv3wCKQYx{9M6
z$}@pqn4K0SiiWLkPxud`(Qvrp_aj3XRg*L$HsZ;5QDTIUbBjWB(_zPYq{1y_Szp@U
zxQ;O=|0PL($|g=_S<eGBK9qiAP}6n^5>`;v)_P)x#zQzP2y|7Se!YEx&#etGS=(CF
zG@hEZvBiu=9A6D29DDWUbo`h`71PQ-If#OtuIQl;Air}!KXKjYxMR+5bDK;sTEf=u
zE##UaLx%!rh@&|SR*T&2rUCV~hrwJ^2@8iAu7E7OtakqE1^MU8^`CR+D?0^9t1XV5
zT0tjCS^JeXBse&tZ1eon^H?}JPKolLUi+lIu1DWfiwXR=e-qd3Kp0KO#C+QRN@Q&L
zF4k%8MqYG{;vH4**Qef?C~@Z|iH#<%H5sm0wGK(7YJ20ddKGx|`8j0GEojDC##J%-
z9Vxo513YV)M7*RN({Y8`!LWhRibE?IWSSmq+K9~_xG~wv3?X@0GNP|d)7>8)puEMT
zK{#rU#3O5Yq4deVCQQPuR>WvY)5#0rVs&5hH3;vMgBk909MWR~G<rM*z^B2H*tCb%
zMon`|)TKxEhQ1@)Pl5JtFn|kw?`^QhRJH8B${e~0i3Z6`?BtYAA_CN$KH0vgdK(2A
z8ttM*t(`|qDP8N(bNwK(s!+0;iy1l_|0|<NPxn{^bDm{^0XQyy^L(fyl|p0aMhX5@
zmLF4c;IVf7G5a(ikcLRfEX&KW-niFcd(n6omiO1h?NHZdDDVU0<QAnhslLCp<D)S~
z?RQGY#Xql1T~V0jKFgdGq^?OX^kip*Bs=Kaf4>Tukfd8t4IK#zPW)lRgj#(!!+Cq{
z{p;taxZ|+zwKpGU7hL>!p@{dtUcP_6xPNooSJxm!mMHM$p2Ktm?C4;FbQz}^j-UVh
zgY?G8iIN^;{Pv(27jO>OUNBC)M)TGDZO@3^xX(Q+pKI!;g@WF9chRf#7}d!ipovbb
z<Md)EgS|)P<5@;yphykvHQk3XeD|MpRbQzG7l-Gkt^B@@i&YeN*0<|E=iGl;7%AXH
zHyMu4tu8tJ6#gX4u<Y0Trc~7}3{!(iI(W#_j*EFN|Cqy9)l%exUZ}LZb^y$QR!irp
zMJUT+20cbN*QLW_L4aFmw=!f3TVFaTCOrIS>3wh>G5KM6+OxtdPf9o(m6kM0oi1-a
z(^ADnBrI13_!wB#*m2!|CL$Z}zIk#{FDmA(6T4+Bh|!V8@L34q?SQo7J8s94(yqZe
z3459K3{z(b2%4M~3ocoVWJ^qSOO3irIj>6ay-zrS5RXqhh>e~Yr2E_vLYJJy?U{8W
zInGyFw)C-Y+P6Ed&BSNPDh9tUWM{rQ{_@Aesl=o3DW#tPv|93bySZ*z-qa)%@^H6k
zNtGap1(xAp)3bxLGnGTwCiOLXTGP#NH`dJ1%>BmY6Dzf6SjvWF#uPGxJ5pGTJ%lCv
z2ZK+1aD8KmQo(DfCec#9&_`srk;o3%$-el=5pJdm13e1b6&vr|2+vZ9gJj&q%sMiq
z7TSJ>o>ME$yz@2&W>GS(<SKI4Y#-0n=-l9Y9yjs|f;?SGKs8Lr(1--rznzR@5O;Z?
zNv-?~C(|<`5dC$r)E$@K{oJF~DJ~Y|t%V+LSGq+E`ZI_jo_6vgib)M+ICP_WV#Cv8
zcGDVR%x(hB*N5)hdmK;E+r$IxhW@K(Wem6^rOzChspTm6%5UEf_XxEMU?lr`*dMi1
zsEOw4>-pHP#m|g~^F2-DY|*7=hA8M@zPz(hx?v6tj-sDW&{U;H5c*E0^wJO84{VvK
zZt=4XgyULZ?B{Te9Uae(!jEmqg;84D^%_$B(lU}?f7H^Nbd9es1`B-<#YH>_dsKWS
z;vp`>M?c)>nN<w~B<%N7Wj|`%NH~UgFh=}j4x8&V4ESsz@cW(hJB!n=i#G3iHo$&?
z)k>YhLZ>g3NbkW~?%S-gcSYrX)3Pk_NPR-Vh$|~2)$2=j%if&C8-I3nga}erVNqb(
z9xyp^X+{`PJVDZ@hh2+;T_o%unuGUc_V7#h2$BnzaE43UWLU&GdRQ<}lMGix`QJ(`
z=n@?IQa&BaUqv!I9;Vbh(7C9&q)kZAFYNthPMbOL&P@|}X)Lj8RHU*`2AdX?%g~S0
zV|VUfc*e&7DHr!ex8F_^K2H6)QdjcDrn6kU%9h0RQ*q_?@1C{6(WTJ7#`9;Dbvcm+
zVYShJij9&Gsm3XWm0weMSfQL^ZXV|gy<M;@-`%ylf6R^q4NMgLG6<!OxG8Fska{Kl
z>3N)QqV~*NMmGoJq$|x|^>zge0vZGr*o5WKTx^jdgM8x6@>AHsL~g$ekwz&GwfEEr
zPZhaAe}_lkF+qjTo-`MFz1w26<$W=*xb~Y%jyRJ~?oG-C<Ifo`6-<b2&t_|JxrmBj
zA*gJw(Caz}ue*#<kc5dvS#M0M50~uWRQB6xf&KNwJ{D8kt3OL^(<S(C!%(Hxbo;c=
z+C-t!4R!^*5&0SSLd6zJE}2fv6(TZRxC`}E){WoAjke=gt7f4_FU^zX=f;8g*!A$_
z%X^y|R~)bT!$-E5Onz}|c^eFV`N*|RkJ-a78si4n0z6vNRIMZe8Tw+ytsGMqY$q~>
z)1)g}j%NH|LzZ7EI1D_K9;M+`EPH3WJflD|A(4{r07*SMkJBkln&n|mQ+$8p`4+H_
zE@CxLgtD}0O)ytG3{i=tedAr{MCzXi^^Hi~vyza_q|(lb;+HOYqHtY&X20jPx=gG6
zXVp{1)moj<T)Aq!$t8Sn{Mu=e2&d=`wk{qiXu4la=G$fEPZlP&84Ot_4!-M_u!%_m
zTFKH2jzJVOglPMniNf-WbAQIf{;++-mMl<n=zh<d@y+Ee%PQ$`{K7M4E@;ACXG8WT
z#>+TBrPK*&WWe`5!mn_=6Il;}15o$>cH%1^RALUzc`}|jM~)kL5!3@e;!?BxExRcj
zyog@-pSQ&Y%6|AM@)prC%B7z=_iq71=)8c9WTpDDdeh2Z$1Bq9_XLA;xWL2GjGqdD
zVYcpUhV1Sd!r*RVox>sUC;}ok&Ux|G-e_auf;OWdqhZ$D69;;V@09$M@<F#G-ob+C
zCl#4`R5s=islU%=rh5yib&po2C(W6=L~Q1bENw$UFZ1%o!tzT8W24c1e95uw7hBXf
zzJDL0V9%P@tC()ri`b+Exj?S1DK!7f)?JCU%$`@J-rL#Bcl2i-F?ORV@1JIX>atqF
zqSH$Bq$}xaghvT4W>e(n$fYqQ1AfnbbINAaKKGfXyf|sXC*JZs)ZD5j1TY=9Q}A7q
zSW26jf-X*3IqdiP8W!-f*9w+%|1h$*<;<##$BgWUHi;tR?k<%&v1ex+v3h=7G~fAj
zqyxCSnOdk3frh+;EbJOzdtwpUdPEX;>jMX6ac?`E(?>;z_J5y-7OJYaGA7tM^j3+M
zl@eVRjb7!^lLWrkl_xp_OBO~qnZ!ZpUuNxkI?w3<<HyH@SOdHDJcvX5;cOQPgg4OX
zRmwUvFKAkGbXGO(=tFFms{U<d1><LFxnhrs%awdwL7x^;AJ!F?n+DDFuG&BS!W4}A
z>B#W1b?mPakY%STp2_9~ejHE<vMBIBNfdn-!wy-0>I&#{HvkIqe;4yKE8Ff$0GFG=
z6raZ4C;ZBQwi3MeyP3W(>%;8Y<sK*f<6b%Ow^c3gPWO7$lYPKA^I^m=6~tw$8g(Dt
zG&)?7)6VA30o~bF3eypCD*YNiF4>O9w3@kP5dMf)VLtw~=eh*p9>_I%7#}CG<^^8T
z`y)1BF-=_WrBz(pmrI74Y_B#AxBccfC3arY!;)8G!KFns8V|l)NQnCRO^4EaM*Q*g
z7u&5wT>*2Qp$tJ<oYUhYEc^}ZyMm-d9@nV7c_!sa59W*QFq26s#E|pp&{!m1a?y_P
z-NtKB{q<JE$slA?z1p^BMP5Me+N7n5<&fZjw+<>i3@Q%29)R7bwDY=LWT!gYo^Z<3
z^X`Z$Vo^pX^h4SBEuwA{Gk8GuM$*aeH>&<>)`=qD@30pn99s5nyk9Qm({|l-Q#T!?
zN|(NSL|=~IU~zs>B%vu^tkMoQIel^*C=Asja7zrRp<heTrDpyZH;#qv5`WbD#&%ZY
zOCN|QA6vCqp_y(Jy7y9Xt%u)TnxGqBs)|SyP7Jd5ZFjwTCkv0|fSq!!2N)aA?c-C9
zuSt*nmUWAQthopZO;GYtNuM=39s?UeY=bcH)<28A^>LC|3&Kls_a7~$SYP_gZ@eLS
z!MLV}cnuF>oOWcf7PiLj&mlRcq;M*uU%Uc0C4P1F)|yy={i}=#x^%XYJiL6C;!<bB
zXR(wvKZ(>dw=^n<mjDs22I?T-A1u9r@k~h%M?Jwgx|5{W%_cMqlUd{P6*rPZC7oX;
zs@nS{@p+bF)k+RluvuvB+Wds&4Kf++ASI)VU5vPV58idVde^)(d4bwL{xgoBS=fMG
zbAZe-0&Z^JXa$|=$IR|jjrir0+KBJB+uECv$KSxE+s&J)$kPR@*<EIsXnAwWv`Wv!
zY<URo<h{eml`tnQ|I*9*J18uj9Z%(ca5>(vkpmi7glE-xxcN&EMS1|)>o^2?nv6c#
zGVGWzCksQikCAi+w)EkChh9UDqbHzWeH)bi+nSpvn*I@GJS`nEhuM-ID3-A1N98Vp
zQ;~5^--i=bQoTXRia&9xLdLIiCzc(7-U{CLD%(a<WpaRjRN`bp2wg_TA;H=>(65G$
zc4ksI$2NG}X=Vu`+}fc$#&3t++TcIdMQ|vOk&8bMAeowL6>tQ4iEahOR<$j;$hlXT
zR#)PZq|FLLzNF}<InM4V7d{iVAK3l&JI#!6RS}`>z?DMx$Y5zVwnsk3cw6UZw$JIk
z?2U6-IoPb5U}d+<sZ;J}D<w*-uL)5jzzbS%;@j?rq|QVL47$vVw6hJvuFa0Y*C&_i
zD-wT>Mugv5%a;!hEL=bSt?R!hDEP}a(bVq1vR7W9*+C}g9$%UW^6szsmpm8`h<xc2
zJDx&$!99ZI4JLxRaid%YeAENCX%q<^Y<t|Qi+?#11JmDIQ9X?OL293bBhA4wZpZD%
zN&YZGV1A$p;u29_HpB+LwEIFn<S7cynmg1iLDgHZrV_1_drf#urQiF#=5dL~GbQ%N
zc}N;7c{jUD!cY>Iii1xYdVrCZljZpI`cgowXR5qgCd%9+?U&u3X`?kOrrQOjP;TUr
z*Qf0)EXGek+GeS>VUiq|qTf<!0b;ChqhKgi4o!EQrR3ecT77)=XKtQn6nT;CHhead
z#gHfEldz0>$oGduj*wBdW~Mpoy2Ce-dM*3wn-Xa1_}{Zo)0MC7MEY6h(<%(?V{04-
zY0wM~d)U&q<_(I1k0<gwH7tImB+`d2&=LmIHp(^>9FH`KB8pxp*uLQup0zNZs5U#_
z5s9ZKUC1VqO|~EVcT<p-ro;o_!D|Owr!19T96xJ0&_{b-P8$BwJ?3y|Gi;gNE{YDv
z?}RjFMk<c2(b>#}HW?q{%){3YOcAhr<?HanMr$lYDYSw6m>z`HAO59p)cUKB%d>^M
z5ybIZZ=3RTVKagl0iU(A&5CGQy|+o}`*LPz6MaOEOQX=!$)$?w5aA^1-Xl1k!#SPD
zic?2{8R=n`_Xrs;@Pp^EBNuug%>QAf&jEFM5dWttu}t9j-1f2V-u{?0oBg;thxeA{
z_#+L2Y2=sXRPw2p<lIT(;-Wzm8b^&&p5r%A7?unh9ba#}$_?(cwAA14KiUK<^|RI5
z^3h}XxFU}=_evwZ`H^<_yk2~ame^`tDUQ{RFA<a*7g;77avIDZ)X{l^&j-pAp>23)
zgr$by+AVW8F(-y8n%EIs&qQVZTQpaFw60k6<z0vR_jb}~E!UBX!=16jTSS3Aw=@hX
zcrTa|E1cxZ?!}mCt^JtS$}HhpLm!=%bWp!##u2APb24B5KCcpyw~$wrU>H9w)}be?
z>{OUizx7#;Py3YCG}`_AxY4*=pUrf#&E!VYW2EHcUpkCFp<Zz?E$4pVr8T;_v-xQa
zdUBXQrEm=q;u=pQ?r&C|`Y!+NxbnSPk)RjVd|7t|>hNs*h00gau{|9Hbq-PB0R}9I
zut`!3ZYRgpYsi^OkEYl%%1@Rvg15Mng!2RY^;4659DEM0;>3kSZ(!j*ukbL^K7QW?
zhq8bpgr<B<>$5Z|m7v$6Rp5|}FAn{_MQkEO^+Mi&Zl{;<J#|Wbx}Yl>1h2k%SozF1
zr0~gz;7$PD53wvZ9wdGS5)bk0%KPFDS)x?DJ^d%Fr8kXFpgC4on$9b^nxkVv3i|Z<
z9bcsb-+K-_D?pn{x)Wi>j{E_b$)vkBqsR0Gxz)PNTHnGJHSccR`5d=d)31UhoqF~a
zXdXECJI*A}73-O15-c(rgH4J!GwvpWM2lAqa}q&c@Z1Jw!6q8%m$j&DcAW~tx{8Mj
z3wY^J;=78*V>#F|m#9sgj9IO+RWY(}e<td8PTt+1?cE(09PH#^=Guno@zakJTE=J|
zxvas6J>Gy7Z%_tXD%(XnoJH8cQH5JY@XKTQPwk-<`6xsH4p4(g>@LYLdtC5fAhH}a
z1wQ_+E92@Kple45uf}_{!Rqm_qvt&qt6uG&+3Fqhu*%`Gmp8Rs?CaxoS25m>9m?ug
zcWqBg+#(d0+HLHtc8qaB1`9nYsDa8v7*;n$>a@J#trFiztB(uAV(*E03~6^8LsZ5E
z>q`hBhsG$`R_QzBwBAWS5`a$E1=oBmQbI0-3Ds|yfn=+@Cfe>35U`We8JP0pOR&&(
zdWd8se$lzKPD&LgJpayB+BK9&>yEz^s(nKrw)C=*G}Xue#dKqkVJ97=CH%g!`$A~0
zcw1pC$>Sm}-#DN~71zx5o3cPk4(;szv2ih}rWm^E^6|SED}k_C6@nkE&N&_4AMP4M
zk@{MrA>aH<x*Ho%`mx_cjEWJe{96jB=hMrb#?0}HaoprAVn~ZH8Juv-eDjL6K5Dy9
z?nuu&v-XsBRxIl)C(`2KTs?d5XB25|dD}BYwpK34`;Hh?=E{LusB)@rCPR&C!yunz
zR8<QBCXdJ1HsQC;Jd2?HMU<aR{6+QK73BDkx%H;ICZVRmIe|_gBhRNDXmLl6zror<
z6lBV#rvh(pL#-<2vrEILibTF(m)VEY@rtlAxq%v9WHI}dl~zXZC1l89k}7c!w&`)&
zNSdEJt|FmU6oL;|FK8<(X}QN&O%HK5cJ-E5upZqwD1U=5*E3QGfSw%Gwxb~mgkA3<
zdy%Vv6Fs~V10o#9wvWb=2Ji4&iC>EX4^zZq0*-R<%FpriFiI8?C}t%9d-8ozmB8L4
z|FY#mix?(m+cA<37vR;84X{NrVFqbI*zJW6s76~P17_rZPt>4fY>~{E@xM9$OX4$X
z%2qjc+x2g2i`We@1nRK9I})$Z<cDh>G{=U_oONr{f}dRx#<g$$xkaQEvkOJ9koE&$
z3ZYRQ5wR=~|0CGx9OkTTGA!v}GYxXO`DcpdL;4_sHeG!`@E{7&q%}Hy5lh(tJz4dP
z>_F~)yYO_?SM8=E11y1q6`|O;`+8<2@n|!vkDX{0%J^~VK4G!0^e2v`r%D+D`?Q7g
zH$yOi8zd!O$=3xKkUcb_^2bsq)t5PKEt&p-Npm-m@FgdoQOoN#H(7ukA^J}EnmlXH
z_CwX&izN#$4qhyc1TmwRP8_mOxi}G>&w2%!#waa1J_cnyN?|t*r|n$lRvT%c=5du2
zHquC6=<9S!jR$W^Fc+<or0(3#UTI(DcoZVZO=rLjj$m{Qa_dQRoKJ2ezHu<lekxH-
z-Z<#!%YconPJa3s-&7H3miD<|vquWXX%*k_j_vndm70$X9m~H?et66Scmn#MR@t;|
zGEs6uC~7+<mL9P-HrR3#JW#9rtp>5ho2MA_VI42x$c;SSx;-9PJ|&U9kXY13<!@L1
z0$<rgkBi8>x(UfElAXH>Zmdn`P%;i@0I#C|aCE2Q=LplHhsSfF-5w3Vhy<~_zk~P`
zrEjQRKg60({It}C&$n)B_+v|@cXKZ+VY8gApX>omUc&`B8J%X`9B=HQ<6+IH)6}PQ
z;bZi$&N(NhYp|1!SE)FV$H(^0J#Tgs(+Jh`hzqP4ZxGe&5f{+;s+iqp-y>dPmSQ>p
zYLsVV=`gJ~&=T;s@xFugeN<DqZyE>jj0LT&N8FmppK{h_5374`W-CAPLtYF@@3=l5
z?j34w^8#;cQXQ=mUzPy>k@@5!t7M^>F`N3P3*mOP>3Hzt$*nK$U{9emRk2}AIKE3g
z3M@>CNX^E*otI-LvG4kDLIK2X^%3sKhDxq04{J__BaZ@0MM9zy0a&E@4+mC~9%ki5
zF_{4rqrf7lfD|Y3zn}0rhmCw^fB4e=sxH%NWZkml;`ttZcfT)N6mmb@KE#r}OAY0-
zd4*RW{%w~KLKu&N*DV+NFkl1b#11>$5I<kO+eCk|zuSy|pkpV?!VA^5y<bDyf2D9p
z@5wKICID`WUHjZqHIwNwZDNBK-X64Ziq{oW9!q2yQID$XKQg--mAPak_vt$ye-S_Z
z-{M?7RmSS|Ok9OTXVwplXZ@i7rL5A)0gQj83&AM&erN%&crG<FxImtveUA~o&M6wS
zX!8kAG4kpv;=_cB)y_`yC0r}HMHW`mC9+XepX=ZH!{pTbDd^Sr_t_EDX8+p;JuEEo
z$M`FUoNTvk1fE9<xS35&4>L;uCVh|K3^esuz|Q?n=X(&$HsStfcL6l$EENU&?<WAA
zu?MBNiGk$=H9~2ZY{clnO_y-{g^@KDMZdDIaw7{C`M+x2Tiu;mxq2l1GRe4Gf8fvK
z-OS|J+USmwmLzId1V$`vNPQ1qZeQrjv~zFIer{uD?N^xQr?Z1E&(G&FW7l_YLA_M4
z)Iyeof`UY9uhCSVU5hkubb*z4V%bT|(sOdN=P3k6r}Y(C@$rY!zkO#`YMQU(o(v=}
z*LYCpxFr})f6R7p-ddWdegDy9&Ky)foQHSJSGK(sOi=d`#6}95vfbjvOKcnLlPo(K
z6mG?W{;YADf#NhU^4ep0cvE^FLS`|J<%@b0q=?sBpW|2OfSTzsll6^P>z=-lLO;)v
zm=6MA56VCRWfr{c<)g$G_%2iwLb{FQqT!DZ&<KW2PMjVii}h`?bVJ)OMs?_l-6vEA
zTE=<?6D$t#Ie5`}dGF2Qc57foY>M%pnPvO$g(l6~*7E~?dEWz0s8=<%%!>cv<@qYx
zSkQzCk6?fP(-k(x4ypXY*mGFQG-2rM14$>KQW&B<-fAr!|A9yTNbA1%nP@4ZK+kJ`
z{79PkUE;#U(0%e1q^bY8EoixcTEnj6H7^-1A{NjW;EeVE>Pg&IZwqRrM>a#rQ@0hJ
zA4PS*Wy;WpkG_D+%D};+o%Ap|n9Zpdh4j%l!rU|T8Bied-;d-UhAC6`fcjGK{{|sR
z1OX6IpEoaY2HXT7MxmtPh>LIVA(JQVuBg<0IucfeT$P}-@fx2G07wW*VE3XY2u*Ht
z8JV`xxY{$?HC1#41ydH0R^0NbT523@J1d#3N60o-tvMZ?%lFuQ9dS<6K<m_#KzMDU
zijx^<$}Q(y1`jTcmBr7A`Bt$2F0}+s@<ZLwGPJ*Z=}Exl!~(F?(QfV*GpYZw5z$z-
ze>4(5h&91#nrIv&l26?HBU(3A?nz)`xJ!o$o9qKDo1)|`g$Mk19#|Nh*dQ>mRd#(b
zRpy+56u~*w&ApAQ;O6UNo`Tnhtr&9g1Ab>S0PIW!QAVFzZ?IhMeo=zS>Tj>EBn`EX
z*9RgvwcH=__-NHgVT*WN;(JF8T}Sqg%m}4s7zwFZ%%97$NX<MuQ6urh1K5rxH~%|B
zKB3B9e95V`Y|aaMm|?ayVR4T~`;Q2m!f-S-d#$u>#MSZrCeB*OdOzb*>s?1t<u#GU
z?6&8DaLBu_)a<mCP#Gz-EgVuZVx1o&HnYTv)7fX%7Mh6UrP{mtTG4s4gC6Gz@_>l-
zcT-Mf>WxJAuyikYGE!OpO0*T)NK~Y~0HaJV<rCe{&j`Lsn*NCq2`h&zFWdw#iAP1D
z=ytuDUg}=9_WN}c6NRAsurQx1>4v^~Ztcg@qHA7MSa7Hrd-vL*xZm=dEgM&PrQN8J
zb{L-=_xS26e`&{%`wpWc;YINM!ohsC!P3F(Ohn)(yit|W`c23cv-eQk<$_uI4n&TQ
z=wr-FMX^Fs!lndR73cYDYvZH}4xbWFUOv@9cwPKzy#B|NHMaaMwT@}{p&j2Gd1=*D
z%x=!D{<{x#>{bnMn>N<v{^c=Y>*n<P!rys`kD|w^n#geA(YWK&dysty$Zym)#5c^p
z`!VEj|7%6Fe?GDKPNT<=en(GS&|bFO{;+$#HZ!-fzTxLfP?3r7qaTCc{TdA&LPBkm
z?q*Bmu1_1&GGVT1xAch@Q^ifL3iH+j-9X#yuzu&o?h!!0K6VV5(y=HV?)@>G3p?3=
zx3zUd?zO9>^hbT}JshMwo`dus0m~dzZJcNZ6SP6LWv#ln$nFdcLaJ-%sM+V_t&9UB
z{fj*m4Pt}-?<!mgV-D=TAE0_8@eNm82nPN$cT$3BQ#~k-!)5h<Z}l|bHyXX}pJU-9
zlFuo9&w`}1B7Wh_qV>V^7(1o0B5}m8q;)i!{4k*4N>N{H$i8<|0~RwEcC?2t1}g_Z
zl&|(+Mms~vgh%!s6fi&%+)5K&^2#fd?$bF;n*1r&vt2nJNgmUNult>3qzsRxjpQ7E
z;z0KoRz3@)7+aQPQ7koXbfE}VEV<Oz1L=7ESJYJ|kcZ%PJJQzfK6-y@L`FN*@dO=$
z)$hrvAqdZ{=bS5)FL7C=2ERwGopg+yl(|+Y1`~2<+LRq{HTES>^u5qFJ?0<K8)Nt3
z4Vp3vW2;M5`I`T(xuuNLS2^xmNC9R1(r$K)iHwV*VaNGgYr~57(o08#d%*s~@`G&2
z3mtlh>0O&euMT4UiOA0#O;gfkvDaJ5yA=vXrDZFX9=aKl_zfi(Ycb0UyaKCi&C<5_
zntS$lrFkBPgY*))Pd^aDz0Ly%3#A(T9DO50X=9+~iu<iK1?%STNwlp@#o(cL)}!nV
z^+mgFJ8xU2+|n$k<zM)R6v^XGkUwM^IX34{)9B`)#Gw?k5K-u1T9{A|<Q_S2hN`q-
z8w+#Sc&uD3zpB)#NKeuX9$`O?6FS)5i_6-u#by=F-y=}mz1@SUomYXw`utlY%uV;<
zHqEoJwrVW+=S|XJcfC-sN6^CRDOwDNHuh|meu>{=y^h_s++HmnJ_R0>0#thlUKb83
z$4~9y_fOg9Y<KN{oQT8smOOCa682@yx9cK#;kSsn`?RhE{Qw8bUsc=ap}xq<iP8K+
zzrMn6-J1RzOZy(Us(DxeeESyh{LOzfKfD<!eyZiNI#D~r8lwE!A9nm>GXklz&0rIt
z={^O^aKtMt0{ke+YI+=e?U)-xaiS)!gm$+Fz^FeOp_Mq(48JXYxBEa!lTa2}1p?=s
zQe^?)l;Twk_5Tfqg(~Tx+f*0GUqp?paR!V+7k#JRKTAk$b7}`*oAE*swFAsMN9hkX
zsPq|WVIF}^RO5-ihSg5){(XYsY%D0wcFBGFidJURYd_Crnz6*g@_;j3Yy9pXgHU9r
zKfA{4+O4cgWsj2Ej)sT?!OwbxmsUyj-Fb?wQ_*$HD-{7l5{I3@p$Rv3t>=jHHM6L=
z*7`DASM$Zf+xA!9MOz8@1qSAAdA`NhNO!#$>B+t&8Wgl)>)VeNo=&lpU+G`HCA{r8
zJSx)wSPu_Lte?4-AWYAKpyq!_(I)_!SmG89()wH8w<d%3bn-MHzuV8sl=Q%{rNpIx
z%5ZQKA&-~%B4D;7(`7FO_>yUL^HOOd%9>K%_ukWfHL3h{6I|}I<xu}?JzOA0R<>f1
zW1c5A>x<(winw{vxqr}lJ5z@l!t$Hf|J)~e9?KL-$LVOq%=P>Up~~%YKZly!%Nu04
zcd2c~`<2ZiINzjH5r^jKrQP<~r83G=3(5%VK2~;fw#>}=P%{^7&vGUr?8TY8JrO)*
zlZt=Ih}^&C(b7xTlv&~ye5dG%*>U%yU;^JKm3}SO85e<-IXi{s3v??*b>a(j&ix~m
zY48GSq8lP`;`xPf`NjA<wcpkHvJRh-<Qx?gr^UuQ9;wtkGwsh?yPH=dv^Vrtn^t?Z
zCNoC6udCGB1uT;<a%XxV@iK?a*H&>F)@lgoZfQi_GW*6uf0q3Ir_V84;iF#l8{D{-
zFDdF*FNCF>go+XTW*m=MuDP{OL>!iSybI=3`X&i7vcJEJ?#|F+Sld!sb2i%RDosWd
zZ3%6D#106EIqM?;x8G^XwMX1n&m(O&x5hq%5SLP^V{S^hCaq_OxuKo8VpEzFJwl>O
z`9$(GOz<ONxS}`h(Lyz~sWaV0Xn7M$3_5N0SmU}9KlDZ2^4x|LcH@ZW;ffr{6}M04
zx!UD@Lvo(sxq^>x5X=atK%4$`O*Xapq^|#Q&ze%1<%pTpv`i=1`y+BlCcej7PFsoL
zKIiHV2X+MYvd2@eMY0xUK&Ua?e+DqaHdLj9^|q5Hvu0*i3dFCk@XzPSQ{ph9nuI?E
zk;RSIV;~f(282(&YXh~5;ct^oD!_eF!;e};@Dy|lY(1nt1(^+Y25@GDHTnub7=s`b
zB<KOgn54SNfF`?s&|auRt8O1FC39{#{_%cJ7L$0{#G>^Kw&=Ld#@{IqnrYcM=of`1
z*v{ODBI%oNdt3e+m5i1XBd8Y=|9kRzMuJQkEcf{%udEdS<JzAb&1?jSWzz#x-A(u$
zZv7tfR<ae5<Lvi5uvV+nrMVe7%b}JAmffu)^!gB6Tys(Q3Ash6g?A<UgYI;^JB)`|
zf-j}da-2HhIr)HTKcTu3c=&W{yR+h=9ioOaHUsnZ%!3ZGf$D@Bjz}bL6PJ~|jB;}e
zq)D1yyI<S`iWPtJt88K3DV5z)9!Z+$tntEh4$hMMcGz}md1E^1L9(4;<f@?yWQR0Y
zaN*>$GPipuX@N5T{R~=<1&5^_I^=bp+||!1<YS5c_gmZV@+v!9oeVZo%j(m*F9b>&
z)(-CTCiXpj$Ci-l_H^^MVCLG*o7AZ&;gC>nfGL!HFKkvpmQ&Qy9>ubv+a(V$EL&VX
zRCARB1EXDKFO|mUH|fMR?4I7lSxySn?_O(5RUJ#b!3;zG(T&=cvmLm9bEn|ZYf;-k
zEBoo5xpGMg-lw^3rCHknqR@l{#dUVJ<ka%CsA0Lg%p$RRp_UDa+8K>LN|;aatMQw<
zj(l4m-KhJ!D#&sBHoBT#53Fh|xrA1A_Fv(1CBLAfUB#>>cWD|+5mikElO20DkJ=*2
ziuhS$AZ%&thc;F|L&gNt;Pd>M!t5Yyh`u=Vb~;)AS7pKE#g^K&=(?fbaP@2IR65{m
z;4D2tb)7@pd~>1Eh&y-<U@b}r5g*-5e0g8;UBgbb?Z{!s2P6JV&m((FIUvi@Q_maD
zSd1owfdl*v(zHoSr@_GMr*8tpI`r#&SudRQzym#&mfj@TwVaV7V?6n~Cnf199W(kX
z&kHv9PVJsnqV(haao_43M4=*1nT!<Jkl|vyBIfpp;@5-v=efrD!M0L89}X!$@vvKm
z{e!1fsyQsh$0ic(jeC+CWTAh*{NPz!uzXK?(dEfVJpk=Y?wjO@{K(6SLp%ATsx|`a
zbX>Rm=*e@4>1V&S;qOUQ$4AhUj>pDZpus%n{sWG1Kou`Ec|OWcy~4JD48Nu9_2LBB
zNp+q(d)bpy0y$B1|C$UobmttJ%f2ok?^L`7EP5o;NNoYUO}t#H8f_!F-ip<c)DMby
z5i8Hn4X!=F3Em-X**+u1{?^w~9^5>is*mY>9Ohm2@B#B`>d%yG2Q}9F@Mdw|l6=kY
z#=hPnq{)#9>fWb$n`sMPt6NBbzB1fM{fBX;lZ#uTi=8dX#*EF=z%hBFjbi#)5jAVc
zJ?HF9gOy~T9Hr0LEZGah9AhH`A))=4k_AfE{hryjS0>_JhlN_x{_6m1gWZ#5LAW8@
zH_^Sn-??I}jqip};Db!f@RnM1VQ6`>Nvr@yEA^qB&%;VL(dok?fIF*FC^EsX8QE@B
znrq>87uX#AG_bJrlPm#d^SljEhVK`j!qf+EgcYtQ09>r&Qn(8Jdivd!ykoUjR<>L4
zq|SmXLe|_y`hh~wu8b@xn1#e?eW&=XBe^zB&U);IN;WXTcwmA|Go2LuF~U1d`tL{T
zvuJn?uSpGjX<5F`K0G*8YacC!P29*U!Ui;(NYmb)5WjXY<E}V^dsI8XjKKlQ{g^eK
zI#B37x+<XSnZ|N*OZt|Wpqzwn{vPzQ)}kbK7dzUk^ZP3J5~p(dYh?IRsTo>J_9xDA
z`K3?}oUP0X#lsuRk1hMbBZcJ;&)|7n*S8kg>?0$74j2AJmprxs9oBd|DYwoU{c!W+
zsk?9<k~(m#OPVS-X5^&cS~~n~a5MvM-{a+7<MQIPVp;}RB^BoZAZbxELgG44<G2m(
z#nYx-whs?na-(=Y)|5ENunrgyEY_<vIeJSpQAHod^5yUJYs{4*SYSD+zn`~~c~;Y~
zX>s(y-8pOAPSUZT4B*M~mk^Q1L0{KO@Yy`W@HC#J>YLz|=4-6;{_%S{Jzcd}fIIVd
zdBeyf!xViUW4l_pn?J07d>pmk36GOp#mog=eEv=8+UYxM)|PUX%V@^d0bXg>8@ca4
z0YW@_eh!L7hI?B{{6BkY{_z0*`Ek*Mzg6#obARW#Dz}Bys=T<*=1PZD06CF1(4E};
z6xG=Gvd&@Qg+F=UX<_}UkGYw5&U-d@F}@G7@x}3vecda9hs&yHG=Y)co9bkHVc>K7
z{+A%?*_5IQ?L_&NrbKz&hwlpbB;-CQPEonuadPlUm?(1v2yEn(-~Y0E#~-B}I_mMA
zw=80Fa+52}7(OXZUKa$H_Q)tf4R%lOuQ?-W&r0v*Rcm7!JR+JZzI(D~j$hy#7g;6L
zy$Nut^|-^HmEUn)2x)3aTn~5wjFxPsv&Ig?R8O;SIL|a#yfr9U*!(lVX$reBtgOIA
zq&l1J$MAfAc#f}6=5MLDx|;eX!ndYkD^TVT<~-S_p_F;mo#&(#YGq^qP}Houvad=&
z(z5!#K6BTV9(Zvzgu03xuwi>r$c0;3slHuub148+&rQ6pCQoB?it=qYbv9qhIxa5X
zpR1xc>+G~R{wuZ7n5LTCT5qOdj*w&X8NHz<A;n6Uj`$4cD%4arQbLD@(VWTs=gp>4
zQ+Cfc-X=<rq>QnIx*sn=gMKmID9eFnQGZ<*Ss0kjcMD*9hLcayuuZEPcr&d(DOLo#
zr@j9w*MIPptu|fhQQ5Y_Q+hDKKlJ*%by3-mvNq+k&9drz5g<u6QK-5JsBS@wQ`xI?
z>tZFX!u70zO>ea9zsfK8&o0J73XS5TKbI=*@D)mf-J71npGeXIoCB6z=|9E6SZ9fk
zx6=emQE)n4j+l-hnof<IlK#umB>VZz^NLH(<ZwIaRV5njvM+WX=^UW+Hfus$U9OEv
z;V~1%<2NE<fC~^tPAz74p~&oqtKEM4I$ZXxwUD1PV*rG*-mQ7cG<Hfea`_N@c9`Fs
zoK`EhAKN!~7<bC^XJ!FZYjXHV@fZ3R@G5g7r)E$6Xd`LZ&qNwbxm#GF>o4ZhV_3=K
z|C-U5VI$+#Z>*+0YAro7d7S;FMtiaDF$-LFt!EGS+*S?;4<5`|kSSHIyr}cA`L7Kg
z*7A|4*~F#jS*m1TE!58ZSfd2h^4Du=8%A$iDJj|mC*zMmST|u8m(o^_4x{~t+*+`y
z|CL7N1H?sC)7S_(sj*HADVV&j>o<|aNw@UEi?68^i+>X3byD_rTX2w4=5O%k9}%XL
z>*ue@-AHcuBG7RQI_!C8>038InbMV1AM^rR`o(?0vC!4Q+A)?#-!fl}BPqb6FdluS
z+@(50>9G**p-nAM>rTtaYC&?}?ZPWB`LUXFClYzN!6o_Up}h@%Uk7*6Zm2&)O^rHR
zV|{N_I6V+7)*Uy2-O%MlvdduW`|5|EHUPB*_`q$(gt)?wvp~GX@x^#yvGO>4bLp>#
zFLw+=EAQ`#RV5FE)N}vP<44B1rndBYe)hjvds_)wXS?KifR8BrI49Pr@1`4A#=~sH
z&rN-x@5KP7?=VEXRlMWq_gLcb6OI9WxVYFwDQI!a@ALrP<Wt+5wa|N2A#nW1Uihxo
zDu~_fucbFaZ_BYx7_j@G5O;k<kp}EabpFy>AD=t7M$a2zd1HTR_y_7;hEB^1@(AbP
zV$Dq&o0SaOtV3HTHu!mNV#GSF-N-c+tL!Uc4$`?lAF(jG;>b6XIfh3jitc3=nU$`Y
zk0>;Z$Y805`KnlJJk<~J(aVMpbC%rZdp&SNM$@jC?qR@(EA(9Wq@yv}=cdXEpN$*K
zA}`ST;CXO}i_70wCw_5f`k~sb#oKas^-G&nh(@+;t(=c=OMv6{W?Clj+5rRZJ3#II
zf9Ajc<2jYB32%Kn%`K*>0vL<VMH)q+!nj4PFR#+wQ9>ZHGb=;uxiHG+7~-VC7j!Ea
zwK9KZq%35-%1_L<YE=PVU;tIwuXQ=o@xAphFxzF<()Z<)M;vT5M`Oys2~_7fTXN0P
zaWVh<PsfWrvQ+5`^k_>8#Kh0Dn)JSNEv&4b!u6`Cr^JtaeJHpi0dTk39<f?5{Zj8W
z{G#1xWy*L)MjX{UBO}(`8(->MUwW_1cyxPS_L9rhJ0}5ZaCn`=ZQ-zI<vaBi*28MF
zP0t0-C#A79Mh{7iJ3c^pQ0W~5`+Z8Q<4nln{u$cPRsQ{=v^`3t$V1)zntJo7?0}@S
zb}T}R!%$a{?Uk(%m9QS08=L_c`6Dx3@~YQTjS>oe>6uyn;!v57*J-eELA{rT6GY)>
zr)!Vw+@3#$@LW%`8rbjR605H5xn9IxRVWw3b5RLeY}`Gb_<1V!Y=GinaU)VbKdjRB
zu9&Ng^_Ke4HSdgKH!eBm?p9Rv$j^V*&G}3%#b<W(8X$qoz6YU4BZN$+oSaJY^|iDR
zN##3<b1o$SQ>CUvTiS=+vs@KL&d4WR5_Vcl3(UyPkEVS5O&0QdJS%Trx!;Q>8okv^
zj(L42C2uKly;>|rUvY~SO0Q1NpGo(V$HD`1#trVglnT~BWTVHHwbHb^gawxw<oulE
z9t{p_Ne|H6&ph-058j6xdEY2;Lm?j7$$F+KBhp?-2K@%dr)sN4y9+3DJO49rEWE~g
zs`IhTrBqhw-2oW;UN77qWks>AgGS3ZdUNo>=eo{i@^v<CymfTn0n7f}@%KiZY3L`K
z>;o;wWFHP6)N3Vv`ZH!$9>B~ZKVxQz)iJsV57UO4>eT>&PMzmwu#8O2@%2<gqP)m4
zVc`dtXO<#)vf3Ol5pN%N2`XqF0szs)S_!T*2A0%eTlU+p*vQgP(&5e}zY?F&S_>bI
zX0Fgh<hue#sS%bp7!YM_XKbtc)n*Cg|HihmcsF>}cGX0F_4fk+o4WGU(K=LAUoU0I
z+p+r<t>i`z{N#(ne#uXtMEJG8iuDE?Tg?GBeY0YswmPZ;2dQ)MIr}6gJwXAUR(hJU
zsNAx}_sU*#4_`shkDHLp_se1u(~1fF1Ih|@#^0YUO`W+xFO)@_-Lh&}(IwhRAmLpz
z`1&=TB#oVX3N!$D?~q#>B;NS4NcSdqpgLdvY<{Csw?W}jg?gEZi3uC*E8vt22@!zx
z)t%VgS(fYyWq7_qLx(rnNwNPc-=C}&>G=)ihO=w5nt4iEqUDqC`Uwh^*he`@B6ev>
zZfCwnry04vEHm`_nH3}Z8_MWZ7QXAU8t_RMhfxXb@W#}N8WUh`zNfT60OZoF!kXu!
zE7ixt`_^Rq>g6^8?y=WMh}cl`NB8H;iE=Bq7X~dqJO(&BwjC5+F7uUUq`<>TcHzhk
zj+Ht6GBoQ{1rUqd8UU7Ch7m@#CP}-b=Z(ZQlGjoEe7pAv`z5iL804v&=jnbx$kLi;
zM>Eu%EIShdtCk7I!H&@TA?FvC_iUm3%JQLJ41WLfA0!iqUAc+gEzJ|98A&I0VP=ID
zH@X-R+vRtp5$cCuczhdR(VP|G^h>MyTjbK*N-h59pDy(-fJFnR1=(CX<H-PZs8#)s
zw9o2%Hn1f^U}w$6LtsZ6+dyFyZl)0eRR?atAsu0=XWtlPUN>dhmnw`+2RWGy5W%5-
z{{P>H0_T2V@%Z7n+dz=)zpUf8Q8Jz^pGj-SG!{tTIi5!s=gZA75w~C#6~vz{rky26
zOY4!spZXERw&0}}+s<gq)9L!BI?Itv=k*Ayt!RXePQ!z5D<Q-GaXjlk_#$cNAY>{=
zGzmmRou$s>`i{(_wq@vHY=D3G&#$UD@NDS!miqopmZ|&06hM4*9v&3!F;t;>EL++Q
z-&^?c1t6m4?y7~3=Yzk|;;JyM%syhA$ThbZQlOKk1<unSwY#W6^7i%hclEG^1xBkn
zQ30(y#DN*I!gRncI8Wsgx=wNy+0boDe~c2Y8^Q5w3!vO*(u3H#KH|55IPAmRv(RNV
z#1_bO|H;;A>3Rq=$!hM@OA}&S1_W0#xW&NyHB0$BLfRhVI(#%?VTYER8_IUL_9-g@
zWqZWQ18Bfmkalhq%u^wdnH2Beaje$ZQad%L97|eSiu;@lCZ5MBtwrM-_bf|@;iwKN
zg(gVyUZZv}(mYn5If`yL9oTKNPtRzY&i>?p(BZt`u>B*PHXZ&a2g2j7fPd$WT@%9L
z-aFSo<E7n25#S)i7FHFBKe<Ud9whIfboy$HLvM+0Hvl`EzLQ7=QNn({T(PT$KSu|$
zBY%V*lzqn<3qwCiYeB;B5Bv_*sfp3hwi@ilVpz*A;W{%QuA!ufiK-3Otsel%5!7OQ
z&11j)^xaIP_0;40p<dTyMT7q9mHg-H{GW3@%^xMheCH$<3ffMcds8ZGNEnXc@)?S+
zbUh$SYzXZ?y~evQ+`bwfbqyzI{<McK38(qQuH%zuACXah{y##l`+L6Xtsxm8V_r0q
z-s;1yY3d&^w3xhkgPjjk2<YE{>W;6wy3H)?N0|!MO2pm`*1nAF%k9K3^Eb3hZO%X;
zR&3F_S+;RdX-Wk^54D+8lTts3NT}UWdGMM6Q*sti-Oxk#a>s$9cc3!%FXdC^eVOoX
zF#}kj&`wQup96a`9EGP@;kTLwfOTh`%Z(wSDpFt(m#w3mv-Y{Mk;ysF9940q0l5aX
zmP^98r8ibcWAyQ`hTp}rpyw$3X#eq#JiN`q?&V1Al=DNA-cWw@?5+af8k=XQ$cMUG
z6Y4GvalJlvo;_=D__@c?q%rQqTMucxIhX5Zv%hc#VV-d?ZR75UAwR*D86cbIld-6>
z^guuaLBV7?Ow&6KAt_I=jV7LN*Y{$*hWtz0e@6i5Q%Z#~vx9ew$8+6K!$hUm_5kwT
z$~q7UJcoNc^-0VuS(+XZo!Jr0KT>)(QfB@Ua;<kkPlw~bT)uz4xc@wN_*1z0j4jpG
z+*OHfB`m+5v0noa8~udU0&<${`#uu+)0sW&wxE6wD6|bbPVt<h{_kE;da8AYsZ!p>
zo&y)@ssg8bin{A%V!%qlb=6zV|5|`{FQX<v<D@1+8Q8LJtZ&~Wir<AupQgQN*;b>N
zq6YR}%;TMWwXz=`=np3V;A>I%y4Dlgw|Fk&jpEm|{twUr4^a$s1a(#C?8N2kGKMK?
zL(#|pJ0NPl@k&T2FY$dJ{DE|H_FdDVe`hLIDZ5y5u;LsuWOyUv?z+sWBS2do0LFD=
z63;+dcO|@`dCMPXDv3>Vk@~Q?s?`5bt%4Z=c4R8zP0P+RQwjBwcpeLx%&s-o6GSj{
za9aM#p%g||F4yA~Yq%#W4AxMWqv-T{^>C^+y0Wv6d*IDcizdsWIOCAA6+47ev@a46
z%kM3m;|+C2r!xPuFwLwW{g(jjY)k9`UNrqbQTp<@=3*yaYTKo?r0v<52K0@E&lh;%
z(Vz*5$#IzcnFhL%o11885E5@nmL?fYH~5TA8@|Q!qP2#DWlSQMu#Kh6LR5vcvNsyS
z<!WUou;z&p#;;5S>FV?|xLmb!9_+{}!*YsK;$uN-8OMH)*g)BDk>TABE*Xz#+9S+t
z9<t`nqVe`u1B5pv5?i?&=eA!A-iln?27Xt=autZW{QCM>>>0ZoJvCsu9AhB#T3Tas
zy7z#GGF9*_>hg|v&b|cjju0^kT?49w1M$TFitF@L=VJ2Ij08PM<TX1@xp;(7(OYJF
zPGyVB3O6kv_?!8ClmPN7dxbo&supeAzHs58?}~dl^fMG0)zqqX;J=5RxxV_~G{3{-
z0%ok^h@W|tUG&jkm?8V4R>`hJw8Pc!oKN)RzGxLIP@CP+j$VHg|78o<)n~-ne^eAI
zag!U3luSHoJnk={Rn;=lV>2RVo^5d%5f1M*WV12{{>Ck<TPKa(HKAJ_=*vgxKUj^6
zxBpn<MlC3VN>c|kVn&zp*<VW;jBC!N+l?CEC{syzpUWZe@ofhU7yEK>9iD=+_%$Dg
zrRGb1R_qj;Cu%AqZR`{PmB(T|iPyC3YG0A#nkOselq`#8CxFmh<M`#}^t(yyj+e9J
ztc$YYKh@97*BktY)wi|$*qO*DNxsiR<3Rp*zS4u5o~RODW_~Mf6h&4j#&6>&(0p%#
zR6{G*tfS~wAFGDiTFF=u#3X}6p-;}Iz{UL~Dslc-e8r*f$IrX|Edl)gKtV#eU9Y5!
zTMX!GieSH>hW~){)Sa)cIO>5?-TR@pSy-`}yl_lyunVR(lnY8PQzNoN)r%{$0`Xms
z0ZsB)Pv9R(1Hmz7YoD&J3b?#?`Lp$9(~EWoo4y-x%-v`|rpYst-w=AcQ2_|G^pYDA
z?K#ZpW^GDQcYA|@&<vx`=`8-aIO)W|R_{rT>v|lhLf#jY+Mt;ue-YPZ)X8M=uTiys
zsO<E!1#<Dz2O1JmNve7?v)n|L5d;I^QnAv6en&y?57;*$kWYmQc3wCsGr<1H#nJ^M
zfnP2mEHPoh{k~G>{d|!ZY=N96`91t2GXSdW&58byWUx2-C9he`?6kt88c%p4*5_Vg
z5TLm#Cv73O&N1g86>7_XE=XOPsvE%sGFJ^Os-GP-wOm|Xj;Ncozx=vD!bwtc*z`$K
zS#oi?tk11}6H@L+wyN0#JCPNGx-ZLIe|#ul=LKk7*(2Jb88FDoIEP^^r9nl+m@IEU
z2J}HF`exc4>c5bmxpve2zGJEt4{M(qOFg5xFS3iet5W?2bE?i9H*ma#>!TkwaF(-^
zZ4bWooA6R{f#b$xurpKjO32_L5qKP)P(F5{f1tOGy${g182A5C%e6;CweRstOmRFq
z<xL%l$ZHVtJ|tnhW{mfvFy00YLt;pBa126Ylo@WAGUQG22x*2qLS={vHF@Px=42Qm
zcTcT*@49Q9bN@Pbt-bdC>-XDh|MuR$@9+0{T_%Q!)CJ*&Z00S-VQ5N;<D9u?1qfha
za{b!@`Ka>-`ULX@V`=VWur7}-BChhZk|txbrZR4wkVhK)lJ4xu`~pcJ@iLP0yd_=6
zwwpCn@(3Y)w2LP7j8{h5!91;_?-Q}?drwM5XH<LDNJkI7;5y%05b>pz$ZpLYXMA~{
zW#4QnO;Q9L!{Yaos!BtB@P1NcpW=+Qk@cq%O5`J*ab9W(A=lVZVw|D5)T#QJH#EJN
zXG-a#mK88%rvzR0CiuRFzpr|~ZQ#__&N9z77D}w_)!A(vN}N(k*lca1>V#llen`$!
zf5<$qT{VX?Z^Q{92SAmh9sV!mEDD_p8Icb{gX1@dB$clR0*cvyc=q}&G0{s;!UnT{
zjgL6PQ>th1RCu!ifH5jk>^pPcV#jV9*o%k#Zg+uNs`pmi*&qG@IxqnxVt|pM+e>F<
z4Ch_J-GqS%Khe8NR9LrvOS+S1KYUKi@_4x5YH~dWwxmGyd!|q3Cr=lnX#=G8y|(62
z^_t2e@k(khbwLMuTC5jz+IOnUF|afz`LX`qFDrIt7VEOnx%82hf*zdogY44B`Y88_
z!=WJc=UlB4orzQ6C9ej36n%Go0rF$Yk418IR_GY98)vQOO);X4sj7ghc_uPn(FhNP
z*;&u>0>4BJ^4*z4YMwx+kX+EK64at0WmDQCNlSpTDaDDJ_#4gyF3HDJk@pc&XlSC$
zC9|L9_3>u`(bQ#Kpti(5N@5Aa98WZYO{>)!{K`6J3DNVt)hn=P+#WoL;|-o&v0p;D
z3PXH0S!}ELNK`_%YXNATEm_glUb|7SdSFPB-sLTp_G#N$#9?pIm^WA!v!%R8IVo0l
zlMbIFtWfLj95Loyr?z=-y1HJv)+W-Kh!Gg^@F^B#8Uh(acjf)?SGzC~RwXiLLd8({
zg0X%LtQ@p2gGKJw)zWhV-^YgbxJ?@p)rz%pc(F%j+7k#l%Apa3%bB%t9CVuEEHV#F
z_7~h8`~X!zhnpGtQxGkJs%BlAW$P$_E(nFt+~U7RNxyL@e0$4=IdES^(JWi=?MTKj
zX2X8RJm&p|k!%9_DAsp6QTqOwg|bif#5hH&+s>zt+bQnu8-moDtHu8?$^71;GnEmE
zhQ0m`a2Nbi8Rme~WR-7cIC#mj3~NP<8|}g^9_=avqRkYHdYYg|t;5cz=_IzNK!->o
zvEt!3Mhl%+za~8vwi$I#7LQcdJjNk0BYM-=EE7fmrlNjJX$6+6Lv>y{jn*N_P(Tpx
z^E;H=^L7+Fb85|Fs|C2<uCr-V(cw8Vy9CMIOSu~y;1Q2!>JB5nFZw|+ZKR?O#m++B
zm%*27(@pO0`6Jim-Rkj6tPM+j?TVuZJ;A6<s5Dr=kkKrMd+DD!EW7nGjcr1q#feXL
z4#J)2j8r{|Si8)c4uQp6x~M4t4Og1Vp;wP*j$L$Wo4Ilds6E;Pk0FlLD=W<=;H!<m
zr`~DN^x-*D6f0%UryLEeTi$W9QaToX-T8l=r6#(jxRp~=OsmX`bWKN(fV|_1=-kRc
zp}RT?kL&X>)hmALmD-d?+t5^jo@19nRPVjz@l?6icD-SCjpz7_{dF<^2oy!Ou&_OO
ziV=e^4MB0^mYk0ra(3MY{!F0MEZgG0uGq)WcX72F+iz57Ve7<5h1Nx>{$R35w)>e4
z*47htFuzm$6fGky`1L~XRKx0NnNKD7<oDy2@!NpWzGESZUy5woHrO&8CP71HJUZoC
z8-^Rzx+oeVB^s>jdDU49>K1}gs&LDi=(EApA65FceJ9h+>jD0jtyngUmHqKU6}u(f
zYe?ZJ&Q1PxIQq%xM_^}jjNbL#XFvJW4JQUb+vcQ^JVS)kJ|94PkC7S;IH{xlJSCG|
zZMk^!&9iGeEKS<y`}bRynM$meA!QTpZ-hFBXfSxWp!Lt8%IH6U)fZJe;^~Aoa_X)%
z!m;hx_K;NzVJ-8m$eb|W=`sQSV>`QDF~J{05>k?bfzF;8{ABh*jchnvmhh|6cb>?k
zN_MuHgtyX;=Cy79zF*02+NGDfLnSXj!_H>?k<bk)%pt%Ou(7XhS~?~PSQ}Z#H>d_B
zYdHoKxeqJOiQ+X56{VfvUOuPPWPA^QCV-Q(^)J}G=m%_GoD*7{bC=zvXM@&QkzoiH
ziH~nntJu&@#?G28Qzu`K6}^AjN5W+tmwe<Q$>W3xqg5ZmQ`ghfDBhQR+_+4`adFE=
zKqzr-@P@=!DQWq@Yde8$Ju@pz5QKOQ*tmQQiB~1O9^(~RmM{+Tb!<)b*ovy_QTgn(
zghhCgQ~gDo82Iw?y1a`k2*9we={p^#tuF+R5u~&nuboirATvK0{A3FRY!QHjqwGew
zXEBkSWh5tuv90ePFdB1dnS{%Q^!sYIAef}X+ajm7qT@!&vts?N&@c-xUvuunwo#<*
zd_x0=JDRS^?*q1Mxay?XP$I5@(VMB^;3Pj-z$>CUX8F!w+RjgEF(;uy5>|X?u-%Mf
zE}zs9ZamVN=r3fs%LvZoa7erISSC<uA%2>`oS?YOlNFU-XJp_u;d2s>VS~rc+44Xr
z2D;U|?lVF!izLd7Q6WWSi!<KifxmBn>v}U*2MT1HeF}OEJc6@U548VXL1cfKM7J=(
zlT{j^wq1Lro-x7K1z_9x-3|PNa76xUhIN>3gvuMyJJ?1<?J+NfZ-5!w?d~!qCIAcI
z`pVq&F6|?_qsAr9hFE<j>%a}Jvo;l1X3k&qM4+r~`k4MQpujBrMF5$GJk^ev?8QU-
zW1kBb4%AW5&lr&~^`>RGZ<7V`WFDlX+rU+&9B+euHM!UikR18lkJ$aQ9syG~=ks%2
zbn(KcQdXJga{(odlfO}#wJPZ_8uO@^qgfbEV-s*rW37A(1qv*EIPKA4Ylw}pbfljH
z%C#mhV{0glq-HbC{3gL+vJ7Pzk>M}u-jlLa#=KA!S0+J$`EuD>V~9MS6p`W&Wuq5M
zu6Y3z0M}+{Monfvx&D3iL*mHc03sW(1AB;5Aqn+mw`KDh0yrSP%f9nJEYquhVwqkM
z<&XgT*Ms_GP9!Y_?_3ATOLo|evtJ#Qi^=Jm-*2lm_5t78Gdwu$U)`G!eL-Fp7|)dd
z4fl&D9_+Ug96975qlgdr_ONj{6L5NoKPH7-CWZT35zor`$^VIY8CtDe`ycaiOkg_a
zRc`Z$%$KXQ32%B+pn-NUzDhJgV=qf7ZVi4)eTG)tubrkn4JdUlD~4*VDT1B@M3M{d
z4+PGgpWyt!eL_5aPk`~2zq(6e;lyVE+m3)u4=R4xN>g*1X-VLFSC&S@deXPj_J+U2
zR=z{GyY7CO^-Y!z@O|Aza~}`iPq^D$Ni&{)LQJ6<RO;r&7*{!kdo=SFBz>OVJ;>7@
zr%8|b<?l)P+~>vI<LVX&YxKdW8UtO*MO|=-LU>2{>G`7kfXhA&u!fcj_?(KyS-84}
zo+cPLl)zv;Ft{w$PvO5BAj1(s{;_}EfHpbBNkCQj_Z^~wkbaR--pGi*ZgXRJ2f}$!
N%L}$<)uxwk{1Xw!VaWgh

literal 0
HcmV?d00001

diff --git a/api-cinema-challenge/api-cinema-challenge/Data/Seeder.cs b/api-cinema-challenge/api-cinema-challenge/Data/Seeder.cs
new file mode 100644
index 00000000..2e3b2dcb
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/Data/Seeder.cs
@@ -0,0 +1,7 @@
+namespace api_cinema_challenge.Data
+{
+    public class Seeder
+    {
+
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/CustomerPostRequest.cs b/api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/CustomerPostRequest.cs
new file mode 100644
index 00000000..f29f791e
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/CustomerPostRequest.cs
@@ -0,0 +1,9 @@
+namespace api_cinema_challenge.DataTransfer.Requests
+{
+    public class CustomerPostRequest
+    {
+        public string Name { get; set; }
+        public string Email { get; set; }
+        public string Phone {  get; set; }
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/MoviePostRequest.cs b/api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/MoviePostRequest.cs
new file mode 100644
index 00000000..699624af
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/MoviePostRequest.cs
@@ -0,0 +1,15 @@
+using api_cinema_challenge.Models;
+using api_cinema_challenge.Models.Enums;
+using Npgsql.PostgresTypes;
+
+namespace api_cinema_challenge.DataTransfer.Requests
+{
+    public class MoviePostRequest
+    {
+        public string Title { get; set; }
+        public MovieRating Rating { get; set; }
+        public string Description { get; set; }
+        public int RuntimeMins { get; set; }
+        public List<Screening> screenings { get; set; }
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/ScreeningPostRequest.cs b/api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/ScreeningPostRequest.cs
new file mode 100644
index 00000000..168762be
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/ScreeningPostRequest.cs
@@ -0,0 +1,12 @@
+using api_cinema_challenge.Models;
+using Npgsql.PostgresTypes;
+
+namespace api_cinema_challenge.DataTransfer.Requests
+{
+    public class ScreenPostRequest
+    {
+        public int ScreenNumber { get; set; }
+        public int Capacity { get; set; }
+        public DateTime StartsAt { get; set; }
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/TicketPostRequest.cs b/api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/TicketPostRequest.cs
new file mode 100644
index 00000000..50df326c
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/TicketPostRequest.cs
@@ -0,0 +1,7 @@
+namespace api_cinema_challenge.DataTransfer.Requests
+{
+    public class TicketPostRequest
+    {
+        public int NumSeats { get; set; }
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/Endpoints/CustomerEndpoints.cs b/api-cinema-challenge/api-cinema-challenge/Endpoints/CustomerEndpoints.cs
new file mode 100644
index 00000000..5b0bbead
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/Endpoints/CustomerEndpoints.cs
@@ -0,0 +1,79 @@
+using api_cinema_challenge.DataTransfer.Requests;
+using api_cinema_challenge.Models;
+using api_cinema_challenge.Repository;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+
+namespace api_cinema_challenge.Endpoints
+{
+    public static class CustomerEndpoints
+    {
+        public static void ConfigureCustomerEndpoint(this WebApplication app)
+        {
+            var customers = app.MapGroup("/customers");
+
+            customers.MapPost("/", Create);
+            customers.MapGet("/", GetAll);
+            customers.MapPut("/{id}", Update);
+            customers.MapDelete("/{id}", Delete);
+        }
+
+        [Authorize(Roles = "Admin")]
+        [ProducesResponseType(StatusCodes.Status201Created)]
+        public static async Task<IResult> Create(IRepository<Customer> repository, CustomerPostRequest customer)
+        {
+            var newCustomer = new Customer()
+            {
+                Name = customer.Name,
+                Email = customer.Email,
+                Phone = customer.Phone,
+                CreatedAt = DateTime.UtcNow,
+                UpdatedAt = DateTime.UtcNow
+            };
+
+            await repository.Create(newCustomer);
+            return TypedResults.Created($"/{newCustomer.Id}", newCustomer); 
+        }
+
+        [Authorize(Roles = "User")]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        public static async Task<IResult> GetAll(IRepository<Customer> repository)
+        {
+            var entities = await repository.GetAll();
+            List<Object> results = new List<Object>();
+
+            foreach (var entity in entities)
+            {
+                results.Add(new { Name = entity.Name, Email = entity.Email, Phone = entity.Phone });
+            }
+
+            return TypedResults.Ok(results);
+        }
+
+        [Authorize(Roles = "Admin")]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        public static async Task<IResult> Update(IRepository<Customer> repository, int id, CustomerPostRequest customer)
+        {
+            var entity = await repository.GetById(id);
+
+            entity.Name = !string.IsNullOrEmpty(customer.Name) ? customer.Name : entity.Name;
+            entity.Phone = !string.IsNullOrEmpty(customer.Phone) ? customer.Phone : entity.Phone;
+            entity.Email = !string.IsNullOrEmpty(customer.Email) ? customer.Email : entity.Email;
+            entity.UpdatedAt = DateTime.UtcNow;
+
+            var result = await repository.Update(entity);
+
+            return result != null ? TypedResults.Ok(new { Name = result.Name, Phone = result.Phone, Email = result.Email ,UpdatedAt = result.UpdatedAt}) : TypedResults.BadRequest("Couldn't save to the database?!");
+        }
+
+        [Authorize(Roles = "Admin")]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        public static async Task<IResult> Delete(IRepository<Customer> repository, int id)
+        {
+            var entity = await repository.GetById(id);
+            var result = await repository.Delete(entity);
+
+            return result != null ? TypedResults.Ok(new { Name = result.Name, Phone = result.Phone, Email = result.Email, UpdatedAt = result.UpdatedAt }) : TypedResults.BadRequest("Object wasnt deleted?!");
+        }
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/Endpoints/MovieEndpoints.cs b/api-cinema-challenge/api-cinema-challenge/Endpoints/MovieEndpoints.cs
new file mode 100644
index 00000000..e73b30be
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/Endpoints/MovieEndpoints.cs
@@ -0,0 +1,103 @@
+using api_cinema_challenge.DataTransfer.Requests;
+using api_cinema_challenge.Models;
+using api_cinema_challenge.Repository;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+
+namespace api_cinema_challenge.Endpoints
+{
+    public static class MovieEndpoints
+    {
+        public static void ConfigureMovieEndpoint(this WebApplication app)
+        {
+            var movies = app.MapGroup("/movies");
+
+            movies.MapPost("/", Create);
+            movies.MapGet("/", GetAll);
+            movies.MapPut("/{id}", Update);
+            movies.MapDelete("/{id}", Delete);
+        }
+
+        [Authorize(Roles = "Admin")]
+        [ProducesResponseType(StatusCodes.Status201Created)]
+        public static async Task<IResult> Create(IRepository<Movie> repository, MoviePostRequest movie)
+        {
+            var newMovie = new Movie()
+            {
+                Title = movie.Title,
+                Rating = movie.Rating,
+                Description = movie.Description,
+                RuntimeMins = movie.RuntimeMins,
+                Screenings = movie.screenings,
+                CreatedAt = DateTime.Now,
+                UpdatedAt = DateTime.Now
+            };
+
+            await repository.Create(newMovie);
+            return TypedResults.Created($"/{newMovie.Id}", newMovie);
+        }
+
+        [Authorize(Roles = "User")]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        public static async Task<IResult> GetAll(IRepository<Movie> repository)
+        {
+            var entities = await repository.GetAll();
+            List<Object> results = new List<Object>();
+
+            foreach (var entity in entities)
+            {
+                results.Add(new {
+                    Title = entity.Title,
+                    Rating = entity.Rating,
+                    Description = entity.Description,
+                    RuntimeMins = entity.RuntimeMins,
+                    Screenings = entity.Screenings
+                });
+            }
+
+            return TypedResults.Ok(results);
+        }
+
+        [Authorize(Roles = "Admin")]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        public static async Task<IResult> Update(IRepository<Movie> repository, int id, MoviePostRequest movie)
+        {
+            var entity = await repository.GetById(id);
+
+            entity.Title = !string.IsNullOrEmpty(movie.Title) ? movie.Title : entity.Title;
+            entity.Rating = movie.Rating;
+            entity.Description = !string.IsNullOrEmpty(movie.Description) ? movie.Description : entity.Description;
+            entity.RuntimeMins = movie.RuntimeMins;
+            entity.Screenings = movie.screenings;
+            entity.UpdatedAt = DateTime.UtcNow;
+
+            var result = await repository.Update(entity);
+
+            return result != null ? TypedResults.Ok(new {
+                Title = entity.Title,
+                Rating = entity.Rating,
+                Description = entity.Description,
+                RuntimeMins = entity.RuntimeMins,
+                Screenings = entity.Screenings,
+                UpdatedAt = result.UpdatedAt
+            }) : TypedResults.BadRequest("Couldn't save to the database?!");
+        }
+
+        [Authorize(Roles = "Admin")]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        public static async Task<IResult> Delete(IRepository<Movie> repository, int id)
+        {
+            var entity = await repository.GetById(id);
+            var result = await repository.Delete(entity);
+
+            return result != null ? TypedResults.Ok(new {
+                Title = entity.Title,
+                Rating = entity.Rating,
+                Description = entity.Description,
+                RuntimeMins = entity.RuntimeMins,
+                Screenings = entity.Screenings,
+                UpdatedAt = result.UpdatedAt
+            }) : TypedResults.BadRequest("Object wasnt deleted?!");
+        }
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/Endpoints/ScreeningEndpoints.cs b/api-cinema-challenge/api-cinema-challenge/Endpoints/ScreeningEndpoints.cs
new file mode 100644
index 00000000..fecfe0b9
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/Endpoints/ScreeningEndpoints.cs
@@ -0,0 +1,58 @@
+using api_cinema_challenge.DataTransfer.Requests;
+using api_cinema_challenge.Models;
+using api_cinema_challenge.Repository;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+
+namespace api_cinema_challenge.Endpoints
+{
+    public static class ScreeningEndpoints
+    {
+        public static void ConfigureScreeningEndpoint(this WebApplication app)
+        {
+            var screenings = app.MapGroup("/screenings");
+
+            screenings.MapPost("/", Create);
+            screenings.MapGet("/", GetAll);
+        }
+
+        [Authorize(Roles = "Admin")]
+        [ProducesResponseType(StatusCodes.Status201Created)]
+        public static async Task<IResult> Create(IRepository<Screening> repository, ScreenPostRequest screening, int movieId)
+        {
+            var newScreening = new Screening()
+            {
+                ScreenNumber = screening.ScreenNumber,
+                Capacity = screening.Capacity,
+                startsAt = screening.StartsAt,
+                MovieId = movieId,
+                CreatedAt = DateTime.Now,
+                UpdatedAt = DateTime.Now
+            };
+
+            await repository.Create(newScreening);
+            return TypedResults.Created($"/{newScreening.Id}", newScreening);
+        }
+
+        [Authorize(Roles = "User")]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        public static async Task<IResult> GetAll(IRepository<Screening> repository)
+        {
+            var entities = await repository.GetAll();
+            List<Object> results = new List<Object>();
+
+            foreach (var entity in entities)
+            {
+                results.Add(new
+                {
+                    ScreenNumber = entity.ScreenNumber,
+                    Capacity = entity.Capacity,
+                    StartsAt = entity.startsAt,
+                    MovieId = entity.MovieId
+                });
+            }
+
+            return TypedResults.Ok(results);
+        }
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/Models/ApplicationUser.cs b/api-cinema-challenge/api-cinema-challenge/Models/ApplicationUser.cs
new file mode 100644
index 00000000..3dbf15b5
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/Models/ApplicationUser.cs
@@ -0,0 +1,10 @@
+using Microsoft.AspNetCore.Identity;
+using api_cinema_challenge.Models.Enums;
+
+namespace api_cinema_challenge.Models
+{
+    public class ApplicationUser : IdentityUser
+    {
+        public Role Role { get; set; }
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/Models/Customer.cs b/api-cinema-challenge/api-cinema-challenge/Models/Customer.cs
new file mode 100644
index 00000000..b17d95e4
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/Models/Customer.cs
@@ -0,0 +1,24 @@
+using System.ComponentModel.DataAnnotations;
+using System.ComponentModel.DataAnnotations.Schema;
+
+namespace api_cinema_challenge.Models
+{
+    [Table("customers")]
+    public class Customer : ParentModel
+    {
+        [Key]
+        [Column("id")]
+        public int Id { get; set; }
+
+        [Column("name")]
+        public string Name { get; set; }
+
+        [Column("email")]
+        public string Email { get; set; }
+
+        [Column("phone")]
+        public string Phone { get; set; }
+
+        public List<Ticket> Tickets { get; set; }
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/Models/Enums/MovieRating.cs b/api-cinema-challenge/api-cinema-challenge/Models/Enums/MovieRating.cs
new file mode 100644
index 00000000..008ea3ba
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/Models/Enums/MovieRating.cs
@@ -0,0 +1,11 @@
+namespace api_cinema_challenge.Models.Enums
+{
+    public enum MovieRating
+    {
+        G,
+        PG,
+        PG13,
+        R,
+        NC17
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/Models/Enums/Role.cs b/api-cinema-challenge/api-cinema-challenge/Models/Enums/Role.cs
new file mode 100644
index 00000000..45bfa19e
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/Models/Enums/Role.cs
@@ -0,0 +1,8 @@
+namespace api_cinema_challenge.Models.Enums
+{
+    public enum Role
+    {
+        Admin,
+        User
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/Models/Movie.cs b/api-cinema-challenge/api-cinema-challenge/Models/Movie.cs
new file mode 100644
index 00000000..089c0fa0
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/Models/Movie.cs
@@ -0,0 +1,28 @@
+using api_cinema_challenge.Models.Enums;
+using System.ComponentModel.DataAnnotations;
+using System.ComponentModel.DataAnnotations.Schema;
+
+namespace api_cinema_challenge.Models
+{
+    [Table("movies")]
+    public class Movie : ParentModel
+    {
+        [Key]
+        [Column("id")]
+        public int Id { get; set; }
+
+        [Column("title")]
+        public string Title { get; set; }
+
+        [Column("rating")]
+        public MovieRating Rating { get; set; }
+
+        [Column("description")]
+        public string Description { get; set; }
+
+        [Column("runtimemins")]
+        public int RuntimeMins { get; set; }
+
+        public List<Screening> Screenings { get; set; }
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/Models/ParentModel.cs b/api-cinema-challenge/api-cinema-challenge/Models/ParentModel.cs
new file mode 100644
index 00000000..cf675a70
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/Models/ParentModel.cs
@@ -0,0 +1,12 @@
+using System.ComponentModel.DataAnnotations.Schema;
+
+namespace api_cinema_challenge.Models
+{
+    public class ParentModel
+    {
+        [Column("createdat")]
+        public DateTime CreatedAt { get; set; }
+        [Column("updatedat")]
+        public DateTime UpdatedAt { get; set; }
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/Models/Screening.cs b/api-cinema-challenge/api-cinema-challenge/Models/Screening.cs
new file mode 100644
index 00000000..9cae32bc
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/Models/Screening.cs
@@ -0,0 +1,27 @@
+using System.ComponentModel.DataAnnotations;
+using System.ComponentModel.DataAnnotations.Schema;
+
+namespace api_cinema_challenge.Models
+{
+    [Table("screenings")]
+    public class Screening : ParentModel
+    {
+        [Key]
+        [Column("id")]
+        public int Id { get; set; }
+
+        [ForeignKey("movies")]
+        public int MovieId { get; set; }
+
+        [Column("screennumber")]
+        public int ScreenNumber { get; set; }
+
+        [Column("capacity")]
+        public int Capacity { get; set; }
+
+        [Column("startsat")]
+        public DateTime startsAt { get; set; }
+
+        public List<Ticket> Tickets { get; set; }
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/Models/Ticket.cs b/api-cinema-challenge/api-cinema-challenge/Models/Ticket.cs
new file mode 100644
index 00000000..de1fe745
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/Models/Ticket.cs
@@ -0,0 +1,26 @@
+using System.ComponentModel.DataAnnotations.Schema;
+using System.ComponentModel.DataAnnotations;
+
+namespace api_cinema_challenge.Models
+{
+    [Table("tickets")]
+    public class Ticket : ParentModel
+    {
+        [Key]
+        [Column("id")]
+        public int Id { get; set; }
+
+        [Column("numseats")]
+        public int NumSeats { get; set; }
+
+        [ForeignKey("screenings")]
+        public int ScreeningId { get; set; }
+
+        [ForeignKey("customers")]
+        public int CustomerId { get; set; }
+
+        public Screening Screening { get; set; }
+        public Customer Customer { get; set; }
+
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/Program.cs b/api-cinema-challenge/api-cinema-challenge/Program.cs
index e55d9d54..7ad45453 100644
--- a/api-cinema-challenge/api-cinema-challenge/Program.cs
+++ b/api-cinema-challenge/api-cinema-challenge/Program.cs
@@ -1,4 +1,7 @@
 using api_cinema_challenge.Data;
+using api_cinema_challenge.Endpoints;
+using api_cinema_challenge.Repository;
+using api_cinema_challenge.Models;
 
 var builder = WebApplication.CreateBuilder(args);
 
@@ -6,6 +9,7 @@
 builder.Services.AddEndpointsApiExplorer();
 builder.Services.AddSwaggerGen();
 builder.Services.AddDbContext<CinemaContext>();
+builder.Services.AddScoped(typeof(IRepository<>), typeof(Repository<>));
 
 var app = builder.Build();
 
@@ -17,4 +21,7 @@
 }
 
 app.UseHttpsRedirection();
+app.ConfigureCustomerEndpoint();
+app.ConfigureMovieEndpoint();
+app.ConfigureScreeningEndpoint();
 app.Run();
diff --git a/api-cinema-challenge/api-cinema-challenge/Repository/IRepository.cs b/api-cinema-challenge/api-cinema-challenge/Repository/IRepository.cs
new file mode 100644
index 00000000..d0b3ec03
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/Repository/IRepository.cs
@@ -0,0 +1,13 @@
+using api_cinema_challenge.Models;
+
+namespace api_cinema_challenge.Repository
+{
+    public interface IRepository<T>
+    {
+        Task<T> Create(T entity);
+        Task<T> GetById(object id);
+        Task<IEnumerable<T>> GetAll();
+        Task<T> Update(T entity);
+        Task<T> Delete(T entity);
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/Repository/Repository.cs b/api-cinema-challenge/api-cinema-challenge/Repository/Repository.cs
new file mode 100644
index 00000000..2d2957cd
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/Repository/Repository.cs
@@ -0,0 +1,47 @@
+using api_cinema_challenge.Data;
+using Microsoft.EntityFrameworkCore;
+
+namespace api_cinema_challenge.Repository
+{
+    public class Repository<T> : IRepository<T> where T : class
+    {
+        private CinemaContext _db;
+        private DbSet<T> _table = null;
+        public Repository(CinemaContext db)
+        {
+            _db = db;
+            _table = _db.Set<T>();
+        }
+
+        public async Task<T> Create(T entity)
+        {
+            _table.Add(entity);
+            await _db.SaveChangesAsync();
+            return entity;
+        }
+
+        public async Task<T> GetById(object id)
+        {
+            return await _table.FindAsync(id);
+        }
+
+        public async Task<IEnumerable<T>> GetAll()
+        {
+            return await _table.ToListAsync();
+        }
+
+        public async Task<T> Update(T entity)
+        {
+            _table.Update(entity).State = EntityState.Modified;
+            await _db.SaveChangesAsync();
+            return entity;
+        }
+
+        public async Task<T> Delete(T entity)
+        {
+            _db.Entry(entity).State = EntityState.Deleted;
+            await _db.SaveChangesAsync();
+            return entity;
+        }
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/api-cinema-challenge.csproj b/api-cinema-challenge/api-cinema-challenge/api-cinema-challenge.csproj
index 11e5c66b..fa8193a4 100644
--- a/api-cinema-challenge/api-cinema-challenge/api-cinema-challenge.csproj
+++ b/api-cinema-challenge/api-cinema-challenge/api-cinema-challenge.csproj
@@ -28,7 +28,7 @@
   </ItemGroup>
 
   <ItemGroup>
-    <Folder Include="Models\" />
+    <Folder Include="Migrations\" />
   </ItemGroup>
 
 </Project>
diff --git a/api-cinema-challenge/api-cinema-challenge/appsettings.example.json b/api-cinema-challenge/api-cinema-challenge/appsettings.example.json
deleted file mode 100644
index b9175fe6..00000000
--- a/api-cinema-challenge/api-cinema-challenge/appsettings.example.json
+++ /dev/null
@@ -1,12 +0,0 @@
-{
-  "Logging": {
-    "LogLevel": {
-      "Default": "Information",
-      "Microsoft.AspNetCore": "Warning"
-    }
-  },
-  "AllowedHosts": "*",
-  "ConnectionStrings": {
-    "DefaultConnectionString": "Host=HOST; Database=DATABASE; Username=USERNAME; Password=PASSWORD;"
-  }
-}
\ No newline at end of file

From b56bd39d2c32bab2aaf993d475211f45408c8f4f Mon Sep 17 00:00:00 2001
From: Tein Schoemaker <teintjomme@gmail.com>
Date: Mon, 25 Aug 2025 15:32:03 +0200
Subject: [PATCH 2/3] Core + Extension

---
 .../Data/CinemaContext.cs                     |  12 ++
 .../api-cinema-challenge/Data/Seeder.cs       | 140 +++++++++++++++++-
 .../Endpoints/TicketEndpoints.cs              |  56 +++++++
 .../api-cinema-challenge/Program.cs           |   1 +
 4 files changed, 208 insertions(+), 1 deletion(-)
 create mode 100644 api-cinema-challenge/api-cinema-challenge/Endpoints/TicketEndpoints.cs

diff --git a/api-cinema-challenge/api-cinema-challenge/Data/CinemaContext.cs b/api-cinema-challenge/api-cinema-challenge/Data/CinemaContext.cs
index ad4fe854..70a9151d 100644
--- a/api-cinema-challenge/api-cinema-challenge/Data/CinemaContext.cs
+++ b/api-cinema-challenge/api-cinema-challenge/Data/CinemaContext.cs
@@ -1,5 +1,6 @@
 using Microsoft.EntityFrameworkCore;
 using Newtonsoft.Json.Linq;
+using api_cinema_challenge.Models;
 
 namespace api_cinema_challenge.Data
 {
@@ -20,7 +21,18 @@ protected override void OnConfiguring(DbContextOptionsBuilder optionsBuilder)
 
         protected override void OnModelCreating(ModelBuilder modelBuilder)
         {
+            Seeder seeder = new Seeder();
 
+            modelBuilder.Entity<Customer>().HasData(seeder.Customers);
+            modelBuilder.Entity<Movie>().HasData(seeder.Movies);
+            modelBuilder.Entity<Screening>().HasData(seeder.Screenings);
+            modelBuilder.Entity<Ticket>().HasData(seeder.Tickets);
+            base.OnModelCreating(modelBuilder);
         }
+        public DbSet<Customer> Customers { get; set; }
+        public DbSet<Movie> Movies { get; set; }
+        public DbSet<Screening> Screenings { get; set; }
+        public DbSet<Ticket> Tickets { get; set; }
+        
     }
 }
diff --git a/api-cinema-challenge/api-cinema-challenge/Data/Seeder.cs b/api-cinema-challenge/api-cinema-challenge/Data/Seeder.cs
index 2e3b2dcb..857b425a 100644
--- a/api-cinema-challenge/api-cinema-challenge/Data/Seeder.cs
+++ b/api-cinema-challenge/api-cinema-challenge/Data/Seeder.cs
@@ -1,7 +1,145 @@
-namespace api_cinema_challenge.Data
+using api_cinema_challenge.Models;
+using api_cinema_challenge.Models.Enums;
+
+namespace api_cinema_challenge.Data
 {
     public class Seeder
     {
+        private List<string> _firstNames = new List<string>()
+        {
+            "Audrey",
+            "Donald",
+            "Elvis",
+            "Barack",
+            "Oprah",
+            "Jimi",
+            "Mick",
+            "Kate",
+            "Charles",
+            "Kate"
+        };
+
+        private List<string> _lastNames = new List<string>()
+        {
+            "Hepburn",
+            "Trump",
+            "Presley",
+            "Obama",
+            "Winfrey",
+            "Hendrix",
+            "Jagger",
+            "Winslet",
+            "Windsor",
+            "Middleton"
+        };
+
+        private List<string> _domains = new List<string>()
+        {
+            "gmail.com",
+            "google.com",
+            "hotmail.com",
+            "something.com",
+            "mcdonalds.com",
+            "nasa.org.us",
+            "gov.us",
+            "gov.gr",
+            "gov.nl",
+            "gov.ru"
+        };
+
+        private List<string> _movieTitles = new List<string>()
+        {
+            "The Lost Kingdom", "Space Odyssey", "Dreamcatcher",
+            "Ocean Deep", "Hidden Truths", "Shadows Rising",
+            "Eternal Flame", "The Great Escape", "Parallel Worlds", "Infinite Loop"
+        };
+
+        private List<string> _descriptions = new List<string>()
+        {
+            "An epic adventure across unknown lands.",
+            "A thrilling journey through space and time.",
+            "A heartwarming story of friendship and courage.",
+            "A suspenseful drama filled with mystery.",
+            "A hilarious comedy for the whole family.",
+            "A dark tale of betrayal and survival."
+        };
+
+        private List<Customer> _customers = new List<Customer>();
+        private List<Movie> _movies = new List<Movie>();
+        private List<Screening> _screenings = new List<Screening>();
+        private List<Ticket> _tickets = new List<Ticket>();
+
+        public Seeder()
+        {
+            Random random = new Random();
+
+            for (int x = 1; x < 50; x++)
+            {
+                var first = _firstNames[random.Next(_firstNames.Count)];
+                var last = _lastNames[random.Next(_lastNames.Count)];
+                var domain = _domains[random.Next(_domains.Count)];
+
+                Customer customer = new Customer
+                {
+                    Id = x,
+                    Name = $"{first} {last}",
+                    Email = $"{first}{last}@{domain}",
+                    Phone = $"06{random.Next(1000, 9999)}{random.Next(1000, 9999)}"
+                };
+                _customers.Add(customer);
+            }
+
+            for (int y = 1; y < 50; y++)
+            {
+                Movie movie = new Movie
+                {
+                    Id = y,
+                    Title = _movieTitles[random.Next(_movieTitles.Count)],
+                    Rating = (MovieRating)random.Next(Enum.GetNames(typeof(MovieRating)).Length),
+                    Description = _descriptions[random.Next(_descriptions.Count)],
+                    RuntimeMins = random.Next(90, 180)
+                };
+                _movies.Add(movie);
+            }
+
+            foreach (var movie in _movies)
+            {
+                int screeningsAmount = random.Next(1, 5);
+                for (int z = 0; z < screeningsAmount; z++)
+                {
+                    Screening screening = new Screening
+                    {
+                        Id = z,
+                        MovieId = movie.Id,
+                        ScreenNumber = random.Next(1, 5),
+                        Capacity = random.Next(20, 60),
+                        startsAt = DateTime.UtcNow.AddDays(random.Next(1, 15))
+                    };
+                }
+            }
+
+            foreach (var screening in _screenings)
+            {
+                int ticketsAmount = random.Next(1, 60);
+                for (int a = 0; a < ticketsAmount; a++)
+                {
+                    var customer = _customers[random.Next(_customers.Count)];
+
+                    Ticket ticket = new Ticket
+                    {
+                        Id = a,
+                        NumSeats = random.Next(1, 5),
+                        ScreeningId = screening.Id,
+                        CustomerId = customer.Id
+                    };
+                    _tickets.Add(ticket);
+                }
+            }
+        }
 
+        public List<Customer> Customers { get { return _customers; } }
+        public List<Movie> Movies { get { return _movies; } }
+        public List<Screening> Screenings { get { return _screenings; } }
+        public List<Ticket> Tickets { get { return _tickets; } }
     }
 }
diff --git a/api-cinema-challenge/api-cinema-challenge/Endpoints/TicketEndpoints.cs b/api-cinema-challenge/api-cinema-challenge/Endpoints/TicketEndpoints.cs
new file mode 100644
index 00000000..278898c9
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/Endpoints/TicketEndpoints.cs
@@ -0,0 +1,56 @@
+using api_cinema_challenge.DataTransfer.Requests;
+using api_cinema_challenge.Models;
+using api_cinema_challenge.Repository;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+
+namespace api_cinema_challenge.Endpoints
+{
+    public static class TicketEndpoints
+    {
+        public static void ConfigureTicketEndpoints(this WebApplication app)
+        {
+            var screenings = app.MapGroup("/tickets");
+
+            screenings.MapPost("/", Create);
+            screenings.MapGet("/", GetAll);
+        }
+
+        [Authorize(Roles = "Admin")]
+        [ProducesResponseType(StatusCodes.Status201Created)]
+        public static async Task<IResult> Create(IRepository<Ticket> repository, TicketPostRequest ticket, int customerId, int screeningId)
+        {
+            var newTicket = new Ticket()
+            {
+                NumSeats = ticket.NumSeats,
+                CustomerId = customerId,
+                ScreeningId = screeningId,
+                CreatedAt = DateTime.Now,
+                UpdatedAt = DateTime.Now
+            };
+
+            await repository.Create(newTicket);
+            return TypedResults.Created($"/{newTicket.Id}", newTicket);
+        }
+
+        [Authorize(Roles = "User")]
+        [ProducesResponseType(StatusCodes.Status200OK)]
+        public static async Task<IResult> GetAll(IRepository<Ticket> repository)
+        {
+            var entities = await repository.GetAll();
+            List<Object> results = new List<Object>();
+
+            foreach (var entity in entities)
+            {
+                results.Add(new
+                {
+                    NumSeats = entity.NumSeats,
+                    CustomerId = entity.CustomerId,
+                    ScreeningId = entity.ScreeningId,
+                });
+            }
+
+            return TypedResults.Ok(results);
+        }
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/Program.cs b/api-cinema-challenge/api-cinema-challenge/Program.cs
index 7ad45453..2cd9dc31 100644
--- a/api-cinema-challenge/api-cinema-challenge/Program.cs
+++ b/api-cinema-challenge/api-cinema-challenge/Program.cs
@@ -24,4 +24,5 @@
 app.ConfigureCustomerEndpoint();
 app.ConfigureMovieEndpoint();
 app.ConfigureScreeningEndpoint();
+app.ConfigureTicketEndpoints();
 app.Run();

From 0a894ff0a5262ab393a32a3d49747e849c3fc823 Mon Sep 17 00:00:00 2001
From: Tein Schoemaker <teintjomme@gmail.com>
Date: Mon, 25 Aug 2025 16:32:07 +0200
Subject: [PATCH 3/3] Oops, JWS

---
 .../Controllers/UserController.cs             | 100 ++++++++++++++++++
 .../Data/CinemaContext.cs                     |   4 +-
 .../DataTransfer/Requests/AuthRequest.cs      |  13 +++
 .../Requests/RegistrationRequest.cs           |  19 ++++
 .../DataTransfer/Response/AuthResponse.cs     |   9 ++
 .../Helpers/ClaimsPrincipalHelpers.cs         |  28 +++++
 .../api-cinema-challenge/Program.cs           |  77 +++++++++++++-
 .../Services/TokenService.cs                  |  82 ++++++++++++++
 .../api-cinema-challenge.csproj               |  10 +-
 9 files changed, 332 insertions(+), 10 deletions(-)
 create mode 100644 api-cinema-challenge/api-cinema-challenge/Controllers/UserController.cs
 create mode 100644 api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/AuthRequest.cs
 create mode 100644 api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/RegistrationRequest.cs
 create mode 100644 api-cinema-challenge/api-cinema-challenge/DataTransfer/Response/AuthResponse.cs
 create mode 100644 api-cinema-challenge/api-cinema-challenge/Helpers/ClaimsPrincipalHelpers.cs
 create mode 100644 api-cinema-challenge/api-cinema-challenge/Services/TokenService.cs

diff --git a/api-cinema-challenge/api-cinema-challenge/Controllers/UserController.cs b/api-cinema-challenge/api-cinema-challenge/Controllers/UserController.cs
new file mode 100644
index 00000000..19fce7f7
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/Controllers/UserController.cs
@@ -0,0 +1,100 @@
+using api_cinema_challenge.Models;
+using api_cinema_challenge.Models.Enums;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Mvc;
+using api_cinema_challenge.Data;
+using api_cinema_challenge.DataTransfer.Requests;
+using api_cinema_challenge.DataTransfer.Response;
+using api_cinema_challenge.Services;
+
+namespace api_cinema_challenge.Controllers
+{
+
+    [ApiController]
+    [Route("/api/[controller]")]
+    public class UsersController : ControllerBase
+    {
+        private readonly UserManager<ApplicationUser> _userManager;
+        private readonly CinemaContext _context;
+        private readonly TokenService _tokenService;
+
+        public UsersController(UserManager<ApplicationUser> userManager, CinemaContext context,
+            TokenService tokenService, ILogger<UsersController> logger)
+        {
+            _userManager = userManager;
+            _context = context;
+            _tokenService = tokenService;
+        }
+
+
+        [HttpPost]
+        [Route("register")]
+        public async Task<IActionResult> Register(RegistrationRequest request)
+        {
+            if (!ModelState.IsValid)
+            {
+                return BadRequest(ModelState);
+            }
+
+            var result = await _userManager.CreateAsync(
+                new ApplicationUser { UserName = request.Username, Email = request.Email, Role = request.Role },
+                request.Password!
+            );
+
+            if (result.Succeeded)
+            {
+                request.Password = "";
+                return CreatedAtAction(nameof(Register), new { email = request.Email, role = Role.User }, request);
+            }
+
+            foreach (var error in result.Errors)
+            {
+                ModelState.AddModelError(error.Code, error.Description);
+            }
+
+            return BadRequest(ModelState);
+        }
+
+
+        [HttpPost]
+        [Route("login")]
+        public async Task<ActionResult<AuthResponse>> Authenticate([FromBody] AuthRequest request)
+        {
+            if (!ModelState.IsValid)
+            {
+                return BadRequest(ModelState);
+            }
+
+            var managedUser = await _userManager.FindByEmailAsync(request.Email!);
+
+            if (managedUser == null)
+            {
+                return BadRequest("Bad credentials");
+            }
+
+            var isPasswordValid = await _userManager.CheckPasswordAsync(managedUser, request.Password!);
+
+            if (!isPasswordValid)
+            {
+                return BadRequest("Bad credentials");
+            }
+
+            var userInDb = _context.Users.FirstOrDefault(u => u.Email == request.Email);
+
+            if (userInDb is null)
+            {
+                return Unauthorized();
+            }
+
+            var accessToken = _tokenService.CreateToken(userInDb);
+            await _context.SaveChangesAsync();
+
+            return Ok(new AuthResponse
+            {
+                Username = userInDb.UserName,
+                Email = userInDb.Email,
+                Token = accessToken,
+            });
+        }
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/Data/CinemaContext.cs b/api-cinema-challenge/api-cinema-challenge/Data/CinemaContext.cs
index 70a9151d..946f001e 100644
--- a/api-cinema-challenge/api-cinema-challenge/Data/CinemaContext.cs
+++ b/api-cinema-challenge/api-cinema-challenge/Data/CinemaContext.cs
@@ -1,10 +1,12 @@
 using Microsoft.EntityFrameworkCore;
 using Newtonsoft.Json.Linq;
 using api_cinema_challenge.Models;
+using System.Security.Claims;
+using Microsoft.AspNetCore.Identity.EntityFrameworkCore;
 
 namespace api_cinema_challenge.Data
 {
-    public class CinemaContext : DbContext
+    public class CinemaContext : IdentityUserContext<ApplicationUser>
     {
         private string _connectionString;
         public CinemaContext(DbContextOptions<CinemaContext> options) : base(options)
diff --git a/api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/AuthRequest.cs b/api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/AuthRequest.cs
new file mode 100644
index 00000000..606db053
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/AuthRequest.cs
@@ -0,0 +1,13 @@
+namespace api_cinema_challenge.DataTransfer.Requests
+{
+    public class AuthRequest
+    {
+        public string? Email { get; set; }
+        public string? Password { get; set; }
+
+        public bool IsValid()
+        {
+            return true;
+        }
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/RegistrationRequest.cs b/api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/RegistrationRequest.cs
new file mode 100644
index 00000000..3a26f463
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/DataTransfer/Requests/RegistrationRequest.cs
@@ -0,0 +1,19 @@
+using api_cinema_challenge.Models.Enums;
+using System.ComponentModel.DataAnnotations;
+
+namespace api_cinema_challenge.DataTransfer.Requests
+{
+    public class RegistrationRequest
+    {
+        [Required]
+        public string? Email { get; set; }
+
+        [Required]
+        public string? Username { get { return this.Email; } set { } }
+
+        [Required]
+        public string? Password { get; set; }
+
+        public Role Role { get; set; } = Role.User;
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/DataTransfer/Response/AuthResponse.cs b/api-cinema-challenge/api-cinema-challenge/DataTransfer/Response/AuthResponse.cs
new file mode 100644
index 00000000..b334a5a6
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/DataTransfer/Response/AuthResponse.cs
@@ -0,0 +1,9 @@
+namespace api_cinema_challenge.DataTransfer.Response
+{
+    public class AuthResponse
+    {
+        public string? Username { get; set; }
+        public string? Email { get; set; }
+        public string? Token { get; set; }
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/Helpers/ClaimsPrincipalHelpers.cs b/api-cinema-challenge/api-cinema-challenge/Helpers/ClaimsPrincipalHelpers.cs
new file mode 100644
index 00000000..3d4c0468
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/Helpers/ClaimsPrincipalHelpers.cs
@@ -0,0 +1,28 @@
+using System.Security.Claims;
+
+namespace api_cinema_challenge.Helpers
+{
+    public static class ClaimsPrincipalHelper
+    {
+        public static string? UserId(this ClaimsPrincipal user)
+        {
+            Claim? claim = user.FindFirst(ClaimTypes.NameIdentifier);
+            return claim?.Value;
+        }
+        public static string? Email(this ClaimsPrincipal user)
+        {
+            Claim? claim = user.FindFirst(ClaimTypes.Email);
+            return claim?.Value;
+        }
+
+        // public static string? UserId(this IIdentity identity)
+        // {
+        //   if (identity != null && identity.IsAuthenticated)
+        //   {
+        //     // return Guid.Parse(((ClaimsIdentity)identity).Claims.Where(x => x.Type == "NameIdentifier").FirstOrDefault()!.Value);
+        //     return ((ClaimsIdentity)identity).Claims.Where(x => x.Type == "NameIdentifier").FirstOrDefault()!.Value;
+        //   }
+        //   return null;
+        // }
+    }
+}
diff --git a/api-cinema-challenge/api-cinema-challenge/Program.cs b/api-cinema-challenge/api-cinema-challenge/Program.cs
index 2cd9dc31..ed0265a3 100644
--- a/api-cinema-challenge/api-cinema-challenge/Program.cs
+++ b/api-cinema-challenge/api-cinema-challenge/Program.cs
@@ -1,15 +1,81 @@
 using api_cinema_challenge.Data;
 using api_cinema_challenge.Endpoints;
-using api_cinema_challenge.Repository;
 using api_cinema_challenge.Models;
+using api_cinema_challenge.Repository;
+using api_cinema_challenge.Services;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.IdentityModel.Tokens;
+using Microsoft.OpenApi.Models;
+using System.Text;
 
 var builder = WebApplication.CreateBuilder(args);
 
 // Add services to the container.
+builder.Services.AddControllers();
 builder.Services.AddEndpointsApiExplorer();
-builder.Services.AddSwaggerGen();
+
+builder.Services.AddSwaggerGen(option =>
+{
+    option.SwaggerDoc("v1", new OpenApiInfo { Title = "Test API", Version = "v1" });
+    option.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
+    {
+        In = ParameterLocation.Header,
+        Description = "Please enter a valid token",
+        Name = "Authorization",
+        Type = SecuritySchemeType.Http,
+        BearerFormat = "JWT",
+        Scheme = "Bearer"
+    });
+    option.AddSecurityRequirement(new OpenApiSecurityRequirement
+    {
+        {
+            new OpenApiSecurityScheme
+            {
+                Reference = new OpenApiReference
+                {
+                    Type = ReferenceType.SecurityScheme,
+                    Id = "Bearer"
+                }
+            },
+            new string[] { }
+        }
+    });
+});
+
+builder.Services.AddProblemDetails();
+builder.Services.AddRouting(options => options.LowercaseUrls = true);
 builder.Services.AddDbContext<CinemaContext>();
 builder.Services.AddScoped(typeof(IRepository<>), typeof(Repository<>));
+builder.Services.AddScoped<TokenService, TokenService>();
+
+// These will eventually be moved to a secrets file, but for alpha development appsettings is fine
+var validIssuer = builder.Configuration.GetValue<string>("JwtTokenSettings:ValidIssuer");
+var validAudience = builder.Configuration.GetValue<string>("JwtTokenSettings:ValidAudience");
+var symmetricSecurityKey = builder.Configuration.GetValue<string>("JwtTokenSettings:SymmetricSecurityKey");
+
+builder.Services.AddAuthentication(options =>
+{
+    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
+    options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
+    options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
+})
+    .AddJwtBearer(options =>
+    {
+        options.IncludeErrorDetails = true;
+        options.TokenValidationParameters = new TokenValidationParameters()
+        {
+            ClockSkew = TimeSpan.Zero,
+            ValidateIssuer = true,
+            ValidateAudience = true,
+            ValidateLifetime = true,
+            ValidateIssuerSigningKey = true,
+            ValidIssuer = validIssuer,
+            ValidAudience = validAudience,
+            IssuerSigningKey = new SymmetricSecurityKey(
+                Encoding.UTF8.GetBytes(symmetricSecurityKey)
+            ),
+        };
+    });
 
 var app = builder.Build();
 
@@ -21,8 +87,15 @@
 }
 
 app.UseHttpsRedirection();
+app.UseStatusCodePages();
+
+app.UseAuthentication();
+app.UseAuthorization();
+
 app.ConfigureCustomerEndpoint();
 app.ConfigureMovieEndpoint();
 app.ConfigureScreeningEndpoint();
 app.ConfigureTicketEndpoints();
+
+app.MapControllers();
 app.Run();
diff --git a/api-cinema-challenge/api-cinema-challenge/Services/TokenService.cs b/api-cinema-challenge/api-cinema-challenge/Services/TokenService.cs
new file mode 100644
index 00000000..f10051e9
--- /dev/null
+++ b/api-cinema-challenge/api-cinema-challenge/Services/TokenService.cs
@@ -0,0 +1,82 @@
+using api_cinema_challenge.Models;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.IdentityModel.Tokens;
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
+using System.Text;
+
+namespace api_cinema_challenge.Services;
+
+public class TokenService
+{
+    private const int ExpirationMinutes = 60;
+    private readonly ILogger<TokenService> _logger;
+    public TokenService(ILogger<TokenService> logger)
+    {
+        _logger = logger;
+    }
+
+    public string CreateToken(ApplicationUser user)
+    {
+
+        var expiration = DateTime.UtcNow.AddMinutes(ExpirationMinutes);
+        var token = CreateJwtToken(
+            CreateClaims(user),
+            CreateSigningCredentials(),
+            expiration
+        );
+        var tokenHandler = new JwtSecurityTokenHandler();
+
+        _logger.LogInformation("JWT Token created");
+
+        return tokenHandler.WriteToken(token);
+    }
+
+    private JwtSecurityToken CreateJwtToken(List<Claim> claims, SigningCredentials credentials,
+        DateTime expiration) =>
+        new(
+            new ConfigurationBuilder().AddJsonFile("appsettings.json").Build().GetSection("JwtTokenSettings")["ValidIssuer"],
+            new ConfigurationBuilder().AddJsonFile("appsettings.json").Build().GetSection("JwtTokenSettings")["ValidAudience"],
+            claims,
+            expires: expiration,
+            signingCredentials: credentials
+        );
+
+    private List<Claim> CreateClaims(ApplicationUser user)
+    {
+        var jwtSub = new ConfigurationBuilder().AddJsonFile("appsettings.json").Build().GetSection("JwtTokenSettings")["JwtRegisteredClaimNamesSub"];
+
+        try
+        {
+            var claims = new List<Claim>
+            {
+                new Claim(JwtRegisteredClaimNames.Sub, jwtSub),
+                new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
+                new Claim(JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds().ToString()),
+                new Claim(ClaimTypes.NameIdentifier, user.Id),
+                new Claim(ClaimTypes.Name, user.UserName),
+                new Claim(ClaimTypes.Email, user.Email),
+                new Claim(ClaimTypes.Role, user.Role.ToString())
+            };
+
+            return claims;
+        }
+        catch (Exception e)
+        {
+            Console.WriteLine(e);
+            throw;
+        }
+    }
+
+    private SigningCredentials CreateSigningCredentials()
+    {
+        var symmetricSecurityKey = new ConfigurationBuilder().AddJsonFile("appsettings.json").Build().GetSection("JwtTokenSettings")["SymmetricSecurityKey"];
+
+        return new SigningCredentials(
+            new SymmetricSecurityKey(
+                Encoding.UTF8.GetBytes(symmetricSecurityKey)
+            ),
+            SecurityAlgorithms.HmacSha256
+        );
+    }
+}
\ No newline at end of file
diff --git a/api-cinema-challenge/api-cinema-challenge/api-cinema-challenge.csproj b/api-cinema-challenge/api-cinema-challenge/api-cinema-challenge.csproj
index fa8193a4..121cfb8c 100644
--- a/api-cinema-challenge/api-cinema-challenge/api-cinema-challenge.csproj
+++ b/api-cinema-challenge/api-cinema-challenge/api-cinema-challenge.csproj
@@ -8,13 +8,8 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <Compile Remove="Controllers\**" />
-    <Content Remove="Controllers\**" />
-    <EmbeddedResource Remove="Controllers\**" />
-    <None Remove="Controllers\**" />
-  </ItemGroup>
-
-  <ItemGroup>
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="9.0.8" />
+    <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="9.0.8" />
     <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="9.0.8" />
     <PackageReference Include="Microsoft.EntityFrameworkCore" Version="9.0.8" />
     <PackageReference Include="microsoft.entityframeworkcore.relational" Version="9.0.8" />
@@ -25,6 +20,7 @@
     <PackageReference Include="newtonsoft.json" Version="13.0.3" />
     <PackageReference Include="npgsql.entityframeworkcore.postgresql" Version="9.0.4" />
     <PackageReference Include="Swashbuckle.AspNetCore" Version="9.0.3" />
+    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="8.14.0" />
   </ItemGroup>
 
   <ItemGroup>