feat: support i18n in backend err messages (#1232)

* feat: support i18n in backend err messages

* use gofumpt to fmt code

* fix review problems

* support auto generate err message

* delete beego/i18n moudle

* fix Github action test problems

* fix review problems

* use gofumpt to format code

* use gofumpt to fmt code

conf/app.conf

@@ -20,3 +20,4 @@ staticBaseUrl = "https://cdn.casbin.org"
 isDemoMode = false
 batchSize = 100
 ldapServerPort = 389
+languages = en,zh,es,fr,de,ja,ko,ru

controllers/account.go

@@ -98,7 +98,7 @@ type Captcha struct {
 // @router /signup [post]
 func (c *ApiController) Signup() {
 	if c.GetSessionUsername() != "" {
-		c.ResponseError("Please sign out first before signing up", c.GetSessionUsername())
+		c.ResponseError(c.T("SignUpErr.SignOutFirst"), c.GetSessionUsername())
 		return
 	}
 
@@ -111,21 +111,21 @@ func (c *ApiController) Signup() {
 
 	application := object.GetApplication(fmt.Sprintf("admin/%s", form.Application))
 	if !application.EnableSignUp {
-		c.ResponseError("The application does not allow to sign up new account")
+		c.ResponseError(c.T("SignUpErr.DoNotAllowSignUp"))
 		return
 	}
 
 	organization := object.GetOrganization(fmt.Sprintf("%s/%s", "admin", form.Organization))
-	msg := object.CheckUserSignup(application, organization, form.Username, form.Password, form.Name, form.FirstName, form.LastName, form.Email, form.Phone, form.Affiliation)
+	msg := object.CheckUserSignup(application, organization, form.Username, form.Password, form.Name, form.FirstName, form.LastName, form.Email, form.Phone, form.Affiliation, c.GetAcceptLanguage())
 	if msg != "" {
 		c.ResponseError(msg)
 		return
 	}
 
 	if application.IsSignupItemVisible("Email") && application.GetSignupItemRule("Email") != "No verification" && form.Email != "" {
-		checkResult := object.CheckVerificationCode(form.Email, form.EmailCode)
+		checkResult := object.CheckVerificationCode(form.Email, form.EmailCode, c.GetAcceptLanguage())
 		if len(checkResult) != 0 {
-			c.ResponseError(fmt.Sprintf("Email: %s", checkResult))
+			c.ResponseError(c.T("EmailErr.EmailCheckResult"), checkResult)
 			return
 		}
 	}
@@ -133,9 +133,9 @@ func (c *ApiController) Signup() {
 	var checkPhone string
 	if application.IsSignupItemVisible("Phone") && form.Phone != "" {
 		checkPhone = fmt.Sprintf("+%s%s", form.PhonePrefix, form.Phone)
-		checkResult := object.CheckVerificationCode(checkPhone, form.PhoneCode)
+		checkResult := object.CheckVerificationCode(checkPhone, form.PhoneCode, c.GetAcceptLanguage())
 		if len(checkResult) != 0 {
-			c.ResponseError(fmt.Sprintf("Phone: %s", checkResult))
+			c.ResponseError(c.T("PhoneErr.PhoneCheckResult"), checkResult)
 			return
 		}
 	}
@@ -159,7 +159,7 @@ func (c *ApiController) Signup() {
 
 	initScore, err := getInitScore()
 	if err != nil {
-		c.ResponseError(fmt.Errorf("get init score failed, error: %w", err).Error())
+		c.ResponseError(fmt.Errorf(c.T("InitErr.InitScoreFailed"), err).Error())
 		return
 	}
 
@@ -205,7 +205,7 @@ func (c *ApiController) Signup() {
 
 	affected := object.AddUser(user)
 	if !affected {
-		c.ResponseError(fmt.Sprintf("Failed to create user, user information is invalid: %s", util.StructToJson(user)))
+		c.ResponseError(c.T("UserErr.InvalidInformation"), util.StructToJson(user))
 		return
 	}
 
@@ -309,7 +309,7 @@ func (c *ApiController) GetCaptcha() {
 	applicationId := c.Input().Get("applicationId")
 	isCurrentProvider := c.Input().Get("isCurrentProvider")
 
-	captchaProvider, err := object.GetCaptchaProviderByApplication(applicationId, isCurrentProvider)
+	captchaProvider, err := object.GetCaptchaProviderByApplication(applicationId, isCurrentProvider, c.GetAcceptLanguage())
 	if err != nil {
 		c.ResponseError(err.Error())
 		return

controllers/application.go

@@ -86,7 +86,7 @@ func (c *ApiController) GetUserApplication() {
 	id := c.Input().Get("id")
 	user := object.GetUser(id)
 	if user == nil {
-		c.ResponseError(fmt.Sprintf("The user: %s doesn't exist", id))
+		c.ResponseError(fmt.Sprintf(c.T("UserErr.DoNotExist"), id))
 		return
 	}
 
@@ -107,7 +107,7 @@ func (c *ApiController) GetOrganizationApplications() {
 	organization := c.Input().Get("organization")
 
 	if organization == "" {
-		c.ResponseError("Parameter organization is missing")
+		c.ResponseError(c.T("ParameterErr.OrgMissingErr"))
 		return
 	}
 

controllers/auth.go

@@ -56,7 +56,7 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
 		return
 	}
 	if !allowed {
-		c.ResponseError("Unauthorized operation")
+		c.ResponseError(c.T("AuthErr.Unauthorized"))
 		return
 	}
 
@@ -75,10 +75,10 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
 		codeChallenge := c.Input().Get("code_challenge")
 
 		if challengeMethod != "S256" && challengeMethod != "null" && challengeMethod != "" {
-			c.ResponseError("Challenge method should be S256")
+			c.ResponseError(c.T("AuthErr.ChallengeMethodErr"))
 			return
 		}
-		code := object.GetOAuthCode(userId, clientId, responseType, redirectUri, scope, state, nonce, codeChallenge, c.Ctx.Request.Host)
+		code := object.GetOAuthCode(userId, clientId, responseType, redirectUri, scope, state, nonce, codeChallenge, c.Ctx.Request.Host, c.GetAcceptLanguage())
 		resp = codeToResponse(code)
 
 		if application.EnableSigninSession || application.HasPromptPage() {
@@ -151,7 +151,7 @@ func (c *ApiController) GetApplicationLogin() {
 	scope := c.Input().Get("scope")
 	state := c.Input().Get("state")
 
-	msg, application := object.CheckOAuthLogin(clientId, responseType, redirectUri, scope, state)
+	msg, application := object.CheckOAuthLogin(clientId, responseType, redirectUri, scope, state, c.GetAcceptLanguage())
 	application = object.GetMaskedApplication(application, "")
 	if msg != "" {
 		c.ResponseError(msg, application)
@@ -196,7 +196,7 @@ func (c *ApiController) Login() {
 	if form.Username != "" {
 		if form.Type == ResponseTypeLogin {
 			if c.GetSessionUsername() != "" {
-				c.ResponseError("Please sign out first before signing in", c.GetSessionUsername())
+				c.ResponseError(c.T("LoginErr.SignOutFirst"), c.GetSessionUsername())
 				return
 			}
 		}
@@ -218,11 +218,11 @@ func (c *ApiController) Login() {
 				if user != nil && util.GetMaskedEmail(user.Email) == form.Username {
 					form.Username = user.Email
 				}
-				checkResult = object.CheckVerificationCode(form.Username, form.Code)
+				checkResult = object.CheckVerificationCode(form.Username, form.Code, c.GetAcceptLanguage())
 			} else {
 				verificationCodeType = "phone"
 				if len(form.PhonePrefix) == 0 {
-					responseText := fmt.Sprintf("%s%s", verificationCodeType, "No phone prefix")
+					responseText := fmt.Sprintf(c.T("PhoneErr.NoPrefix"), verificationCodeType)
 					c.ResponseError(responseText)
 					return
 				}
@@ -230,7 +230,7 @@ func (c *ApiController) Login() {
 					form.Username = user.Phone
 				}
 				checkPhone := fmt.Sprintf("+%s%s", form.PhonePrefix, form.Username)
-				checkResult = object.CheckVerificationCode(checkPhone, form.Code)
+				checkResult = object.CheckVerificationCode(checkPhone, form.Code, c.GetAcceptLanguage())
 			}
 			if len(checkResult) != 0 {
 				responseText := fmt.Sprintf("%s%s", verificationCodeType, checkResult)
@@ -247,12 +247,12 @@ func (c *ApiController) Login() {
 
 			user = object.GetUserByFields(form.Organization, form.Username)
 			if user == nil {
-				c.ResponseError(fmt.Sprintf("The user: %s/%s doesn't exist", form.Organization, form.Username))
+				c.ResponseError(fmt.Sprintf(c.T("LoginErr.UserDoNotExist"), form.Organization, form.Username))
 				return
 			}
 		} else {
 			password := form.Password
-			user, msg = object.CheckUserPassword(form.Organization, form.Username, password)
+			user, msg = object.CheckUserPassword(form.Organization, form.Username, password, c.GetAcceptLanguage())
 		}
 
 		if msg != "" {
@@ -260,7 +260,7 @@ func (c *ApiController) Login() {
 		} else {
 			application := object.GetApplication(fmt.Sprintf("admin/%s", form.Application))
 			if application == nil {
-				c.ResponseError(fmt.Sprintf("The application: %s does not exist", form.Application))
+				c.ResponseError(fmt.Sprintf(c.T("LoginErr.AppDoNotExist"), form.Application))
 				return
 			}
 
@@ -274,7 +274,7 @@ func (c *ApiController) Login() {
 	} else if form.Provider != "" {
 		application := object.GetApplication(fmt.Sprintf("admin/%s", form.Application))
 		if application == nil {
-			c.ResponseError(fmt.Sprintf("The application: %s does not exist", form.Application))
+			c.ResponseError(fmt.Sprintf(c.T("LoginErr.AppDoNotExist"), form.Application))
 			return
 		}
 
@@ -282,7 +282,7 @@ func (c *ApiController) Login() {
 		provider := object.GetProvider(fmt.Sprintf("admin/%s", form.Provider))
 		providerItem := application.GetProviderItem(provider.Name)
 		if !providerItem.IsProviderVisible() {
-			c.ResponseError(fmt.Sprintf("The provider: %s is not enabled for the application", provider.Name))
+			c.ResponseError(fmt.Sprintf(c.T("ProviderErr.ProviderNotEnabled"), provider.Name))
 			return
 		}
 
@@ -306,14 +306,14 @@ func (c *ApiController) Login() {
 
 			idProvider := idp.GetIdProvider(provider.Type, provider.SubType, clientId, clientSecret, provider.AppId, form.RedirectUri, provider.Domain, provider.CustomAuthUrl, provider.CustomTokenUrl, provider.CustomUserInfoUrl)
 			if idProvider == nil {
-				c.ResponseError(fmt.Sprintf("The provider type: %s is not supported", provider.Type))
+				c.ResponseError(fmt.Sprintf(c.T("ProviderErr.ProviderNotSupported"), provider.Type))
 				return
 			}
 
 			setHttpClient(idProvider, provider.Type)
 
 			if form.State != conf.GetConfigString("authState") && form.State != application.Name {
-				c.ResponseError(fmt.Sprintf("state expected: \"%s\", but got: \"%s\"", conf.GetConfigString("authState"), form.State))
+				c.ResponseError(fmt.Sprintf(c.T("AuthErr.AuthStateWrong"), conf.GetConfigString("authState"), form.State))
 				return
 			}
 
@@ -325,13 +325,13 @@ func (c *ApiController) Login() {
 			}
 
 			if !token.Valid() {
-				c.ResponseError("Invalid token")
+				c.ResponseError(c.T("TokenErr.InvalidToken"))
 				return
 			}
 
 			userInfo, err = idProvider.GetUserInfo(token)
 			if err != nil {
-				c.ResponseError(fmt.Sprintf("Failed to login in: %s", err.Error()))
+				c.ResponseError(fmt.Sprintf(c.T("LoginErr.LoginFail"), err.Error()))
 				return
 			}
 		}
@@ -348,7 +348,7 @@ func (c *ApiController) Login() {
 				// Sign in via OAuth (want to sign up but already have account)
 
 				if user.IsForbidden {
-					c.ResponseError("the user is forbidden to sign in, please contact the administrator")
+					c.ResponseError(c.T("LoginErr.UserIsForbidden"))
 				}
 
 				resp = c.HandleLoggedIn(application, user, &form)
@@ -360,12 +360,12 @@ func (c *ApiController) Login() {
 			} else if provider.Category == "OAuth" {
 				// Sign up via OAuth
 				if !application.EnableSignUp {
-					c.ResponseError(fmt.Sprintf("The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support", provider.Type, userInfo.Username, userInfo.DisplayName))
+					c.ResponseError(fmt.Sprintf(c.T("LoginErr.AppNotEnableSignUp"), provider.Type, userInfo.Username, userInfo.DisplayName))
 					return
 				}
 
 				if !providerItem.CanSignUp {
-					c.ResponseError(fmt.Sprintf("The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %s, please use another way to sign up", provider.Type, userInfo.Username, userInfo.DisplayName, provider.Type))
+					c.ResponseError(fmt.Sprintf(c.T("LoginErr.ProviderCanNotSignUp"), provider.Type, userInfo.Username, userInfo.DisplayName, provider.Type))
 					return
 				}
 
@@ -386,7 +386,7 @@ func (c *ApiController) Login() {
 				properties["no"] = strconv.Itoa(len(object.GetUsers(application.Organization)) + 2)
 				initScore, err := getInitScore()
 				if err != nil {
-					c.ResponseError(fmt.Errorf("get init score failed, error: %w", err).Error())
+					c.ResponseError(fmt.Errorf(c.T("InitErr.InitScoreFailed"), err).Error())
 					return
 				}
 
@@ -413,7 +413,7 @@ func (c *ApiController) Login() {
 
 				affected := object.AddUser(user)
 				if !affected {
-					c.ResponseError(fmt.Sprintf("Failed to create user, user information is invalid: %s", util.StructToJson(user)))
+					c.ResponseError(fmt.Sprintf(c.T("LoginErr.InvalidUserInformation"), util.StructToJson(user)))
 					return
 				}
 
@@ -438,13 +438,13 @@ func (c *ApiController) Login() {
 		} else { // form.Method != "signup"
 			userId := c.GetSessionUsername()
 			if userId == "" {
-				c.ResponseError("The account does not exist", userInfo)
+				c.ResponseError(c.T("LoginErr.AccountDoNotExist"), userInfo)
 				return
 			}
 
 			oldUser := object.GetUserByField(application.Organization, provider.Type, userInfo.Id)
 			if oldUser != nil {
-				c.ResponseError(fmt.Sprintf("The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)", provider.Type, userInfo.Username, userInfo.DisplayName, oldUser.Name, oldUser.DisplayName))
+				c.ResponseError(fmt.Sprintf(c.T("LoginErr.OldUser"), provider.Type, userInfo.Username, userInfo.DisplayName, oldUser.Name, oldUser.DisplayName))
 				return
 			}
 
@@ -465,7 +465,7 @@ func (c *ApiController) Login() {
 			// user already signed in to Casdoor, so let the user click the avatar button to do the quick sign-in
 			application := object.GetApplication(fmt.Sprintf("admin/%s", form.Application))
 			if application == nil {
-				c.ResponseError(fmt.Sprintf("The application: %s does not exist", form.Application))
+				c.ResponseError(fmt.Sprintf(c.T("LoginErr.AppDoNotExist"), form.Application))
 				return
 			}
 
@@ -477,7 +477,7 @@ func (c *ApiController) Login() {
 			record.User = user.Name
 			util.SafeGoroutine(func() { object.AddRecord(record) })
 		} else {
-			c.ResponseError(fmt.Sprintf("unknown authentication type (not password or provider), form = %s", util.StructToJson(form)))
+			c.ResponseError(fmt.Sprintf(c.T("LoginErr.UnknownAuthentication"), util.StructToJson(form)))
 			return
 		}
 	}
@@ -489,7 +489,7 @@ func (c *ApiController) Login() {
 func (c *ApiController) GetSamlLogin() {
 	providerId := c.Input().Get("id")
 	relayState := c.Input().Get("relayState")
-	authURL, method, err := object.GenerateSamlLoginUrl(providerId, relayState)
+	authURL, method, err := object.GenerateSamlLoginUrl(providerId, relayState, c.GetAcceptLanguage())
 	if err != nil {
 		c.ResponseError(err.Error())
 	}

controllers/cas.go

@@ -210,7 +210,7 @@ func (c *RootController) SamlValidate() {
 	}
 
 	if !strings.HasPrefix(target, service) {
-		c.ResponseError(fmt.Sprintf("service %s and %s do not match", target, service))
+		c.ResponseError(fmt.Sprintf(c.T("CasErr.ServiceDoNotMatch"), target, service))
 		return
 	}
 

controllers/enforcer.go

@@ -23,7 +23,7 @@ import (
 func (c *ApiController) Enforce() {
 	userId := c.GetSessionUsername()
 	if userId == "" {
-		c.ResponseError("Please sign in first")
+		c.ResponseError(c.T("EnforcerErr.SignInFirst"))
 		return
 	}
 
@@ -41,7 +41,7 @@ func (c *ApiController) Enforce() {
 func (c *ApiController) BatchEnforce() {
 	userId := c.GetSessionUsername()
 	if userId == "" {
-		c.ResponseError("Please sign in first")
+		c.ResponseError(c.T("EnforcerErr.SignInFirst"))
 		return
 	}
 
@@ -59,7 +59,7 @@ func (c *ApiController) BatchEnforce() {
 func (c *ApiController) GetAllObjects() {
 	userId := c.GetSessionUsername()
 	if userId == "" {
-		c.ResponseError("Please sign in first")
+		c.ResponseError(c.T("EnforcerErr.SignInFirst"))
 		return
 	}
 
@@ -70,7 +70,7 @@ func (c *ApiController) GetAllObjects() {
 func (c *ApiController) GetAllActions() {
 	userId := c.GetSessionUsername()
 	if userId == "" {
-		c.ResponseError("Please sign in first")
+		c.ResponseError(c.T("EnforcerErr.SignInFirst"))
 		return
 	}
 
@@ -81,7 +81,7 @@ func (c *ApiController) GetAllActions() {
 func (c *ApiController) GetAllRoles() {
 	userId := c.GetSessionUsername()
 	if userId == "" {
-		c.ResponseError("Please sign in first")
+		c.ResponseError(c.T("EnforcerErr.SignInFirst"))
 		return
 	}
 

controllers/ldap.go

@@ -52,7 +52,7 @@ func (c *ApiController) GetLdapUser() {
 	ldapServer := LdapServer{}
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &ldapServer)
 	if err != nil || util.IsStrsEmpty(ldapServer.Host, ldapServer.Admin, ldapServer.Passwd, ldapServer.BaseDn) {
-		c.ResponseError("Missing parameter")
+		c.ResponseError(c.T("ParameterErr.Missing"))
 		return
 	}
 
@@ -120,7 +120,7 @@ func (c *ApiController) GetLdap() {
 	id := c.Input().Get("id")
 
 	if util.IsStrsEmpty(id) {
-		c.ResponseError("Missing parameter")
+		c.ResponseError(c.T("ParameterErr.Missing"))
 		return
 	}
 
@@ -136,17 +136,17 @@ func (c *ApiController) AddLdap() {
 	var ldap object.Ldap
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &ldap)
 	if err != nil {
-		c.ResponseError("Missing parameter")
+		c.ResponseError(c.T("ParameterErr.Missing"))
 		return
 	}
 
 	if util.IsStrsEmpty(ldap.Owner, ldap.ServerName, ldap.Host, ldap.Admin, ldap.Passwd, ldap.BaseDn) {
-		c.ResponseError("Missing parameter")
+		c.ResponseError(c.T("ParameterErr.Missing"))
 		return
 	}
 
 	if object.CheckLdapExist(&ldap) {
-		c.ResponseError("Ldap server exist")
+		c.ResponseError(c.T("LdapErr.ServerExisted"))
 		return
 	}
 
@@ -171,7 +171,7 @@ func (c *ApiController) UpdateLdap() {
 	var ldap object.Ldap
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &ldap)
 	if err != nil || util.IsStrsEmpty(ldap.Owner, ldap.ServerName, ldap.Host, ldap.Admin, ldap.Passwd, ldap.BaseDn) {
-		c.ResponseError("Missing parameter")
+		c.ResponseError(c.T("ParameterErr.Missing"))
 		return
 	}
 

controllers/ldapserver.go

@@ -49,7 +49,7 @@ func handleBind(w ldapserver.ResponseWriter, m *ldapserver.Message) {
 			return
 		}
 		bindpassword := string(r.AuthenticationSimple())
-		binduser, err := object.CheckUserPassword(bindorg, bindusername, bindpassword)
+		binduser, err := object.CheckUserPassword(bindorg, bindusername, bindpassword, "en")
 		if err != "" {
 			log.Printf("Bind failed User=%s, Pass=%#v, ErrMsg=%s", string(r.Name()), r.Authentication(), err)
 			res.SetResultCode(ldapserver.LDAPResultInvalidCredentials)

controllers/link.go

@@ -47,7 +47,7 @@ func (c *ApiController) Unlink() {
 
 	if user.Id != unlinkedUser.Id && !user.IsGlobalAdmin {
 		// if the user is not the same as the one we are unlinking, we need to make sure the user is the global admin.
-		c.ResponseError("You are not the global admin, you can't unlink other users")
+		c.ResponseError(c.T("AuthErr.CanNotUnlinkUsers"))
 		return
 	}
 
@@ -55,23 +55,23 @@ func (c *ApiController) Unlink() {
 		// if the user is unlinking themselves, should check the provider can be unlinked, if not, we should return an error.
 		application := object.GetApplicationByUser(user)
 		if application == nil {
-			c.ResponseError("You can't unlink yourself, you are not a member of any application")
+			c.ResponseError(c.T("AuthErr.CanNotLinkMySelf"))
 			return
 		}
 
 		if len(application.Providers) == 0 {
-			c.ResponseError("This application has no providers")
+			c.ResponseError(c.T("ApplicationErr.HasNoProviders"))
 			return
 		}
 
 		provider := application.GetProviderItemByType(providerType)
 		if provider == nil {
-			c.ResponseError("This application has no providers of type " + providerType)
+			c.ResponseError(c.T("ApplicationErr.HasNoProvidersOfType") + providerType)
 			return
 		}
 
 		if !provider.CanUnlink {
-			c.ResponseError("This provider can't be unlinked")
+			c.ResponseError(c.T("ProviderErr.CanNotBeUnlinked"))
 			return
 		}
 
@@ -84,7 +84,7 @@ func (c *ApiController) Unlink() {
 	value := object.GetUserField(&unlinkedUser, providerType)
 
 	if value == "" {
-		c.ResponseError("Please link first", value)
+		c.ResponseError(c.T("ProviderErr.LinkFirstErr"), value)
 		return
 	}
 

controllers/product.go

@@ -141,13 +141,13 @@ func (c *ApiController) BuyProduct() {
 
 	userId := c.GetSessionUsername()
 	if userId == "" {
-		c.ResponseError("Please login first")
+		c.ResponseError(c.T("LoginErr.LoginFirst"))
 		return
 	}
 
 	user := object.GetUser(userId)
 	if user == nil {
-		c.ResponseError(fmt.Sprintf("The user: %s doesn't exist", userId))
+		c.ResponseError(fmt.Sprintf(c.T("UserErr.DoNotExist"), userId))
 		return
 	}
 

controllers/resource.go

@@ -113,7 +113,7 @@ func (c *ApiController) DeleteResource() {
 		return
 	}
 
-	err = object.DeleteFile(provider, resource.Name)
+	err = object.DeleteFile(provider, resource.Name, c.GetAcceptLanguage())
 	if err != nil {
 		c.ResponseError(err.Error())
 		return
@@ -145,7 +145,7 @@ func (c *ApiController) UploadResource() {
 	defer file.Close()
 
 	if username == "" || fullFilePath == "" {
-		c.ResponseError(fmt.Sprintf("username or fullFilePath is empty: username = %s, fullFilePath = %s", username, fullFilePath))
+		c.ResponseError(fmt.Sprintf(c.T("ResourceErr.UsernameOrFilePathEmpty"), username, fullFilePath))
 		return
 	}
 
@@ -205,7 +205,7 @@ func (c *ApiController) UploadResource() {
 		if user == nil {
 			user = object.GetUserNoCheck(username)
 			if user == nil {
-				c.ResponseError("user is nil for tag: \"avatar\"")
+				c.ResponseError(c.T("ResourceErr.UserIsNil"))
 				return
 			}
 		}

controllers/saml.go

@@ -25,7 +25,7 @@ func (c *ApiController) GetSamlMeta() {
 	paramApp := c.Input().Get("application")
 	application := object.GetApplication(paramApp)
 	if application == nil {
-		c.ResponseError(fmt.Sprintf("err: application %s not found", paramApp))
+		c.ResponseError(fmt.Sprintf(c.T("ApplicationErr.AppNotFound"), paramApp))
 		return
 	}
 	metadata, _ := object.GetSamlMeta(application, host)

controllers/service.go

@@ -81,7 +81,7 @@ func (c *ApiController) SendEmail() {
 	}
 
 	if util.IsStrsEmpty(emailForm.Title, emailForm.Content, emailForm.Sender) {
-		c.ResponseError(fmt.Sprintf("Empty parameters for emailForm: %v", emailForm))
+		c.ResponseError(fmt.Sprintf(c.T("EmailErr.EmptyParam"), emailForm))
 		return
 	}
 
@@ -93,7 +93,7 @@ func (c *ApiController) SendEmail() {
 	}
 
 	if len(invalidReceivers) != 0 {
-		c.ResponseError(fmt.Sprintf("Invalid Email receivers: %s", invalidReceivers))
+		c.ResponseError(fmt.Sprintf(c.T("EmailErr.InvalidReceivers"), invalidReceivers))
 		return
 	}
 
@@ -141,7 +141,7 @@ func (c *ApiController) SendSms() {
 	}
 
 	if len(invalidReceivers) != 0 {
-		c.ResponseError(fmt.Sprintf("Invalid phone receivers: %s", invalidReceivers))
+		c.ResponseError(fmt.Sprintf(c.T("PhoneErr.InvalidReceivers"), invalidReceivers))
 		return
 	}
 

controllers/system_info.go

@@ -40,7 +40,7 @@ func (c *ApiController) GetSystemInfo() {
 
 	user := object.GetUser(id)
 	if user == nil || !user.IsGlobalAdmin {
-		c.ResponseError("You are not authorized to access this resource")
+		c.ResponseError(c.T("ResourceErr.NotAuthorized"))
 		return
 	}
 

controllers/token.go

@@ -150,12 +150,12 @@ func (c *ApiController) GetOAuthCode() {
 	codeChallenge := c.Input().Get("code_challenge")
 
 	if challengeMethod != "S256" && challengeMethod != "null" && challengeMethod != "" {
-		c.ResponseError("Challenge method should be S256")
+		c.ResponseError(c.T("AuthErr.ChallengeMethodErr"))
 		return
 	}
 	host := c.Ctx.Request.Host
 
-	c.Data["json"] = object.GetOAuthCode(userId, clientId, responseType, redirectUri, scope, state, nonce, codeChallenge, host)
+	c.Data["json"] = object.GetOAuthCode(userId, clientId, responseType, redirectUri, scope, state, nonce, codeChallenge, host, c.GetAcceptLanguage())
 	c.ServeJSON()
 }
 
@@ -204,7 +204,7 @@ func (c *ApiController) GetOAuthToken() {
 	}
 	host := c.Ctx.Request.Host
 
-	c.Data["json"] = object.GetOAuthToken(grantType, clientId, clientSecret, code, verifier, scope, username, password, host, tag, avatar)
+	c.Data["json"] = object.GetOAuthToken(grantType, clientId, clientSecret, code, verifier, scope, username, password, host, tag, avatar, c.GetAcceptLanguage())
 	c.SetTokenErrorHttpStatus()
 	c.ServeJSON()
 }
@@ -290,7 +290,7 @@ func (c *ApiController) IntrospectToken() {
 		clientId = c.Input().Get("client_id")
 		clientSecret = c.Input().Get("client_secret")
 		if clientId == "" || clientSecret == "" {
-			c.ResponseError("empty clientId or clientSecret")
+			c.ResponseError(c.T("TokenErr.EmptyClientID"))
 			c.Data["json"] = &object.TokenError{
 				Error: object.InvalidRequest,
 			}
@@ -301,7 +301,7 @@ func (c *ApiController) IntrospectToken() {
 	}
 	application := object.GetApplicationByClientId(clientId)
 	if application == nil || application.ClientSecret != clientSecret {
-		c.ResponseError("invalid application or wrong clientSecret")
+		c.ResponseError(c.T("TokenErr.InvalidAppOrWrongClientSecret"))
 		c.Data["json"] = &object.TokenError{
 			Error: object.InvalidClient,
 		}

controllers/user.go

@@ -100,7 +100,7 @@ func (c *ApiController) GetUser() {
 	organization := object.GetOrganization(fmt.Sprintf("%s/%s", "admin", owner))
 	if !organization.IsProfilePublic {
 		requestUserId := c.GetSessionUsername()
-		hasPermission, err := object.CheckUserPermission(requestUserId, id, owner, false)
+		hasPermission, err := object.CheckUserPermission(requestUserId, id, owner, false, c.GetAcceptLanguage())
 		if !hasPermission {
 			c.ResponseError(err.Error())
 			return
@@ -149,7 +149,7 @@ func (c *ApiController) UpdateUser() {
 	}
 
 	if user.DisplayName == "" {
-		c.ResponseError("Display name cannot be empty")
+		c.ResponseError(c.T("UserErr.DisplayNameCanNotBeEmpty"))
 		return
 	}
 
@@ -183,7 +183,7 @@ func (c *ApiController) AddUser() {
 		return
 	}
 
-	msg := object.CheckUsername(user.Name)
+	msg := object.CheckUsername(user.Name, c.GetAcceptLanguage())
 	if msg != "" {
 		c.ResponseError(msg)
 		return
@@ -230,7 +230,7 @@ func (c *ApiController) GetEmailAndPhone() {
 
 	user := object.GetUserByFields(form.Organization, form.Username)
 	if user == nil {
-		c.ResponseError(fmt.Sprintf("The user: %s/%s doesn't exist", form.Organization, form.Username))
+		c.ResponseError(fmt.Sprintf(c.T("UserErr.DoNotExistInOrg"), form.Organization, form.Username))
 		return
 	}
 
@@ -271,7 +271,7 @@ func (c *ApiController) SetPassword() {
 	requestUserId := c.GetSessionUsername()
 	userId := fmt.Sprintf("%s/%s", userOwner, userName)
 
-	hasPermission, err := object.CheckUserPermission(requestUserId, userId, userOwner, true)
+	hasPermission, err := object.CheckUserPermission(requestUserId, userId, userOwner, true, c.GetAcceptLanguage())
 	if !hasPermission {
 		c.ResponseError(err.Error())
 		return
@@ -280,7 +280,7 @@ func (c *ApiController) SetPassword() {
 	targetUser := object.GetUser(userId)
 
 	if oldPassword != "" {
-		msg := object.CheckPassword(targetUser, oldPassword)
+		msg := object.CheckPassword(targetUser, oldPassword, c.GetAcceptLanguage())
 		if msg != "" {
 			c.ResponseError(msg)
 			return
@@ -288,12 +288,12 @@ func (c *ApiController) SetPassword() {
 	}
 
 	if strings.Contains(newPassword, " ") {
-		c.ResponseError("New password cannot contain blank space.")
+		c.ResponseError(c.T("SetPasswordErr.CanNotContainBlank"))
 		return
 	}
 
 	if len(newPassword) <= 5 {
-		c.ResponseError("New password must have at least 6 characters")
+		c.ResponseError(c.T("SetPasswordErr.LessThanSixCharacters"))
 		return
 	}
 
@@ -315,7 +315,7 @@ func (c *ApiController) CheckUserPassword() {
 		return
 	}
 
-	_, msg := object.CheckUserPassword(user.Owner, user.Name, user.Password)
+	_, msg := object.CheckUserPassword(user.Owner, user.Name, user.Password, c.GetAcceptLanguage())
 	if msg == "" {
 		c.ResponseOk()
 	} else {

controllers/user_upload.go

@@ -61,6 +61,6 @@ func (c *ApiController) UploadUsers() {
 	if affected {
 		c.ResponseOk()
 	} else {
-		c.ResponseError("Failed to import users")
+		c.ResponseError(c.T("UserErr.FailToImportUsers"))
 	}
 }

controllers/util.go

@@ -19,6 +19,7 @@ import (
 	"strconv"
 
 	"github.com/casdoor/casdoor/conf"
+	"github.com/casdoor/casdoor/i18n"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -48,6 +49,16 @@ func (c *ApiController) ResponseError(error string, data ...interface{}) {
 	c.ResponseJsonData(resp, data...)
 }
 
+func (c *ApiController) T(error string) string {
+	return i18n.Translate(c.GetAcceptLanguage(), error)
+}
+
+// GetAcceptLanguage ...
+func (c *ApiController) GetAcceptLanguage() string {
+	lang := c.Ctx.Request.Header.Get("Accept-Language")
+	return lang[0:2]
+}
+
 // SetTokenErrorHttpStatus ...
 func (c *ApiController) SetTokenErrorHttpStatus() {
 	_, ok := c.Data["json"].(*object.TokenError)
@@ -69,7 +80,7 @@ func (c *ApiController) SetTokenErrorHttpStatus() {
 func (c *ApiController) RequireSignedIn() (string, bool) {
 	userId := c.GetSessionUsername()
 	if userId == "" {
-		c.ResponseError("Please sign in first")
+		c.ResponseError(c.T("LoginErr.SignInFirst"))
 		return "", false
 	}
 	return userId, true
@@ -84,7 +95,7 @@ func (c *ApiController) RequireSignedInUser() (*object.User, bool) {
 
 	user := object.GetUser(userId)
 	if user == nil {
-		c.ResponseError(fmt.Sprintf("The user: %s doesn't exist", userId))
+		c.ResponseError(fmt.Sprintf(c.T("UserErr.DoNotExist"), userId))
 		return nil, false
 	}
 	return user, true
@@ -112,7 +123,7 @@ func (c *ApiController) GetProviderFromContext(category string) (*object.Provide
 	if providerName != "" {
 		provider := object.GetProvider(util.GetId(providerName))
 		if provider == nil {
-			c.ResponseError(fmt.Sprintf("The provider: %s is not found", providerName))
+			c.ResponseError(c.T("ProviderErr.ProviderNotFound"), providerName)
 			return nil, nil, false
 		}
 		return provider, nil, true
@@ -125,13 +136,13 @@ func (c *ApiController) GetProviderFromContext(category string) (*object.Provide
 
 	application, user := object.GetApplicationByUserId(userId)
 	if application == nil {
-		c.ResponseError(fmt.Sprintf("No application is found for userId: \"%s\"", userId))
+		c.ResponseError(fmt.Sprintf(c.T("ApplicationErr.AppNotFoundForUserID"), userId))
 		return nil, nil, false
 	}
 
 	provider := application.GetProviderByCategory(category)
 	if provider == nil {
-		c.ResponseError(fmt.Sprintf("No provider for category: \"%s\" is found for application: %s", category, application.Name))
+		c.ResponseError(fmt.Sprintf(c.T("ProviderErr.ProviderNotFoundForCategory"), category, application.Name))
 		return nil, nil, false
 	}
 

controllers/verification.go

@@ -50,23 +50,23 @@ func (c *ApiController) SendVerificationCode() {
 	remoteAddr := util.GetIPFromRequest(c.Ctx.Request)
 
 	if destType == "" {
-		c.ResponseError("Missing parameter: type.")
+		c.ResponseError(c.T("ParameterErr.Missing") + ": type.")
 		return
 	}
 	if dest == "" {
-		c.ResponseError("Missing parameter: dest.")
+		c.ResponseError(c.T("ParameterErr.Missing") + ": dest.")
 		return
 	}
 	if applicationId == "" {
-		c.ResponseError("Missing parameter: applicationId.")
+		c.ResponseError(c.T("ParameterErr.Missing") + ": applicationId.")
 		return
 	}
 	if !strings.Contains(applicationId, "/") {
-		c.ResponseError("Wrong parameter: applicationId.")
+		c.ResponseError(c.T("ParameterErr.Wrong") + ": applicationId.")
 		return
 	}
 	if checkType == "" {
-		c.ResponseError("Missing parameter: checkType.")
+		c.ResponseError(c.T("ParameterErr.Missing") + ": checkType.")
 		return
 	}
 
@@ -74,7 +74,7 @@ func (c *ApiController) SendVerificationCode() {
 
 	if captchaProvider != nil {
 		if checkKey == "" {
-			c.ResponseError("Missing parameter: checkKey.")
+			c.ResponseError(c.T("ParameterErr.Missing") + ": checkKey.")
 			return
 		}
 		isHuman, err := captchaProvider.VerifyCaptcha(checkKey, checkId)
@@ -84,7 +84,7 @@ func (c *ApiController) SendVerificationCode() {
 		}
 
 		if !isHuman {
-			c.ResponseError("Turing test failed.")
+			c.ResponseError(c.T("AuthErr.NotHuman"))
 			return
 		}
 	}
@@ -94,7 +94,7 @@ func (c *ApiController) SendVerificationCode() {
 	organization := object.GetOrganization(fmt.Sprintf("%s/%s", application.Owner, application.Organization))
 
 	if checkUser == "true" && user == nil && object.GetUserByFields(organization.Name, dest) == nil {
-		c.ResponseError("Please login first")
+		c.ResponseError(c.T("LoginErr.LoginFirst"))
 		return
 	}
 
@@ -110,7 +110,7 @@ func (c *ApiController) SendVerificationCode() {
 			dest = user.Email
 		}
 		if !util.IsEmailValid(dest) {
-			c.ResponseError("Invalid Email address")
+			c.ResponseError(c.T("EmailErr.EmailInvalid"))
 			return
 		}
 
@@ -121,11 +121,11 @@ func (c *ApiController) SendVerificationCode() {
 			dest = user.Phone
 		}
 		if !util.IsPhoneCnValid(dest) {
-			c.ResponseError("Invalid phone number")
+			c.ResponseError(c.T("PhoneErr.NumberInvalid"))
 			return
 		}
 		if organization == nil {
-			c.ResponseError("The organization doesn't exist.")
+			c.ResponseError(c.T("OrgErr.DoNotExist"))
 			return
 		}
 
@@ -157,7 +157,7 @@ func (c *ApiController) ResetEmailOrPhone() {
 	dest := c.Ctx.Request.Form.Get("dest")
 	code := c.Ctx.Request.Form.Get("code")
 	if len(dest) == 0 || len(code) == 0 || len(destType) == 0 {
-		c.ResponseError("Missing parameter.")
+		c.ResponseError(c.T("ParameterErr.Missing"))
 		return
 	}
 
@@ -166,11 +166,11 @@ func (c *ApiController) ResetEmailOrPhone() {
 	if destType == "phone" {
 		phoneItem := object.GetAccountItemByName("Phone", org)
 		if phoneItem == nil {
-			c.ResponseError("Unable to get the phone modify rule.")
+			c.ResponseError(c.T("PhoneErr.UnableGetModifyRule"))
 			return
 		}
 
-		if pass, errMsg := object.CheckAccountItemModifyRule(phoneItem, user); !pass {
+		if pass, errMsg := object.CheckAccountItemModifyRule(phoneItem, user, c.GetAcceptLanguage()); !pass {
 			c.ResponseError(errMsg)
 			return
 		}
@@ -183,16 +183,16 @@ func (c *ApiController) ResetEmailOrPhone() {
 	} else if destType == "email" {
 		emailItem := object.GetAccountItemByName("Email", org)
 		if emailItem == nil {
-			c.ResponseError("Unable to get the email modify rule.")
+			c.ResponseError(c.T("EmailErr.UnableGetModifyRule"))
 			return
 		}
 
-		if pass, errMsg := object.CheckAccountItemModifyRule(emailItem, user); !pass {
+		if pass, errMsg := object.CheckAccountItemModifyRule(emailItem, user, c.GetAcceptLanguage()); !pass {
 			c.ResponseError(errMsg)
 			return
 		}
 	}
-	if ret := object.CheckVerificationCode(checkDest, code); len(ret) != 0 {
+	if ret := object.CheckVerificationCode(checkDest, code, c.GetAcceptLanguage()); len(ret) != 0 {
 		c.ResponseError(ret)
 		return
 	}
@@ -205,7 +205,7 @@ func (c *ApiController) ResetEmailOrPhone() {
 		user.Phone = dest
 		object.SetUserField(user, "phone", user.Phone)
 	default:
-		c.ResponseError("Unknown type.")
+		c.ResponseError(c.T("ParameterErr.UnknownType"))
 		return
 	}
 
@@ -224,17 +224,17 @@ func (c *ApiController) VerifyCaptcha() {
 	captchaToken := c.Ctx.Request.Form.Get("captchaToken")
 	clientSecret := c.Ctx.Request.Form.Get("clientSecret")
 	if captchaToken == "" {
-		c.ResponseError("Missing parameter: captchaToken.")
+		c.ResponseError(c.T("ParameterErr.Missing") + ": captchaToken.")
 		return
 	}
 	if clientSecret == "" {
-		c.ResponseError("Missing parameter: clientSecret.")
+		c.ResponseError(c.T("ParameterErr.Missing") + ": clientSecret.")
 		return
 	}
 
 	provider := captcha.GetCaptchaProvider(captchaType)
 	if provider == nil {
-		c.ResponseError("Invalid captcha provider.")
+		c.ResponseError(c.T("ProviderErr.InvalidProvider"))
 		return
 	}
 

controllers/webauthn.go

@@ -35,7 +35,7 @@ func (c *ApiController) WebAuthnSignupBegin() {
 	webauthnObj := object.GetWebAuthnObject(c.Ctx.Request.Host)
 	user := c.getCurrentUser()
 	if user == nil {
-		c.ResponseError("Please login first.")
+		c.ResponseError(c.T("LoginErr.LoginFirst"))
 		return
 	}
 
@@ -66,13 +66,13 @@ func (c *ApiController) WebAuthnSignupFinish() {
 	webauthnObj := object.GetWebAuthnObject(c.Ctx.Request.Host)
 	user := c.getCurrentUser()
 	if user == nil {
-		c.ResponseError("Please login first.")
+		c.ResponseError(c.T("LoginErr.LoginFirst"))
 		return
 	}
 	sessionObj := c.GetSession("registration")
 	sessionData, ok := sessionObj.(webauthn.SessionData)
 	if !ok {
-		c.ResponseError("Please call WebAuthnSignupBegin first")
+		c.ResponseError(c.T("AuthErr.CallWebAuthnSigninBegin"))
 		return
 	}
 	c.Ctx.Request.Body = io.NopCloser(bytes.NewBuffer(c.Ctx.Input.RequestBody))
@@ -101,7 +101,7 @@ func (c *ApiController) WebAuthnSigninBegin() {
 	userName := c.Input().Get("name")
 	user := object.GetUserByFields(userOwner, userName)
 	if user == nil {
-		c.ResponseError(fmt.Sprintf("The user: %s/%s doesn't exist", userOwner, userName))
+		c.ResponseError(fmt.Sprintf(c.T("UserErr.DoNotExistInOrg"), userOwner, userName))
 		return
 	}
 	options, sessionData, err := webauthnObj.BeginLogin(user)
@@ -127,7 +127,7 @@ func (c *ApiController) WebAuthnSigninFinish() {
 	sessionObj := c.GetSession("authentication")
 	sessionData, ok := sessionObj.(webauthn.SessionData)
 	if !ok {
-		c.ResponseError("Please call WebAuthnSigninBegin first")
+		c.ResponseError(c.T("AuthErr.CallWebAuthnSigninBegin"))
 		return
 	}
 	c.Ctx.Request.Body = io.NopCloser(bytes.NewBuffer(c.Ctx.Input.RequestBody))

go.mod

@@ -4,9 +4,11 @@ go 1.16
 
 require (
 	github.com/RobotsAndPencils/go-saml v0.0.0-20170520135329-fb13cb52a46b
+	github.com/Unknwon/goconfig v1.0.0 // indirect
 	github.com/alexedwards/argon2id v0.0.0-20211130144151-3585854a6387
 	github.com/aws/aws-sdk-go v1.44.4
 	github.com/beego/beego v1.12.11
+	github.com/beego/i18n v0.0.0-20161101132742-e9308947f407
 	github.com/beevik/etree v1.1.0
 	github.com/casbin/casbin/v2 v2.30.1
 	github.com/casbin/xorm-adapter/v3 v3.0.1
@@ -47,7 +49,7 @@ require (
 	golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a // indirect
 	gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
 	gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df // indirect
-	gopkg.in/ini.v1 v1.62.0 // indirect
+	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/square/go-jose.v2 v2.6.0
 	gopkg.in/yaml.v2 v2.3.0 // indirect
 	xorm.io/core v0.7.2

go.sum

@@ -61,6 +61,8 @@ github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go
 github.com/PuerkitoBio/goquery v1.5.1/go.mod h1:GsLWisAFVj4WgDibEWF4pvYnkVQBpKBKeU+7zCJoLcc=
 github.com/RobotsAndPencils/go-saml v0.0.0-20170520135329-fb13cb52a46b h1:EgJ6N2S0h1WfFIjU5/VVHWbMSVYXAluop97Qxpr/lfQ=
 github.com/RobotsAndPencils/go-saml v0.0.0-20170520135329-fb13cb52a46b/go.mod h1:3SAoF0F5EbcOuBD5WT9nYkbIJieBS84cUQXADbXeBsU=
+github.com/Unknwon/goconfig v1.0.0 h1:9IAu/BYbSLQi8puFjUQApZTxIHqSwrj5d8vpP8vTq4A=
+github.com/Unknwon/goconfig v1.0.0/go.mod h1:wngxua9XCNjvHjDiTiV26DaKDT+0c63QR6H5hjVUUxw=
 github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
@@ -82,6 +84,8 @@ github.com/baiyubin/aliyun-sts-go-sdk v0.0.0-20180326062324-cfa1a18b161f/go.mod
 github.com/beego/beego v1.12.11 h1:MWKcnpavb7iAIS0m6uuEq6pHKkYvGNw/5umIUKqL7jM=
 github.com/beego/beego v1.12.11/go.mod h1:QURFL1HldOcCZAxnc1cZ7wrplsYR5dKPHFjmk6WkLAs=
 github.com/beego/goyaml2 v0.0.0-20130207012346-5545475820dd/go.mod h1:1b+Y/CofkYwXMUU0OhQqGvsY2Bvgr4j6jfT699wyZKQ=
+github.com/beego/i18n v0.0.0-20161101132742-e9308947f407 h1:WtJfx5HqASTQp7HfiZldnin8KQV2futplF3duGp5PGc=
+github.com/beego/i18n v0.0.0-20161101132742-e9308947f407/go.mod h1:KLeFCpAMq2+50NkXC8iiJxLLiiTfTqrGtKEVm+2fk7s=
 github.com/beego/x2j v0.0.0-20131220205130-a0352aadc542/go.mod h1:kSeGC/p1AbBiEp5kat81+DSQrZenVBZXklMLaELspWU=
 github.com/beevik/etree v1.1.0 h1:T0xke/WvNtMoCqgzPhkX2r4rjY3GDZFi+FjpRZY2Jbs=
 github.com/beevik/etree v1.1.0/go.mod h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A=
@@ -759,6 +763,8 @@ gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df/go.mod h1:LRQQ+SO6ZHR7tOkp
 gopkg.in/ini.v1 v1.42.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
 gopkg.in/ini.v1 v1.62.0 h1:duBzk771uxoUuOlyRLkHsygud9+5lrlGjdFBb4mSKDU=
 gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
+gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA=
+gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
 gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22/go.mod h1:yeKp02qBN3iKW1OzL3MGk2IdtZzaj7SFntXj72NppTA=
 gopkg.in/square/go-jose.v2 v2.6.0 h1:NGk74WTnPKBNUhNzQX7PYcTLUjoq7mzKk2OKbvwk2iI=
 gopkg.in/square/go-jose.v2 v2.6.0/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=

i18n/generate_backend.go

@@ -0,0 +1,122 @@
+// Copyright 2022 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package i18n
+
+import (
+	"log"
+	"os"
+	"path/filepath"
+	"regexp"
+	"strings"
+
+	"github.com/Unknwon/goconfig"
+	"github.com/casdoor/casdoor/util"
+)
+
+var (
+	reI18nBackendObject    *regexp.Regexp
+	re18nBackendController *regexp.Regexp
+)
+
+func init() {
+	reI18nBackendObject, _ = regexp.Compile("i18n.Translate\\((.*?)\"\\)")
+	re18nBackendController, _ = regexp.Compile("c.T\\((.*?)\"\\)")
+}
+
+func GetAllI18nStrings(fileContent string, path string) []string {
+	res := []string{}
+	if strings.Contains(path, "object") {
+		matches := reI18nBackendObject.FindAllStringSubmatch(fileContent, -1)
+		if matches == nil {
+			return res
+		}
+		for _, match := range matches {
+			match := strings.Split(match[1], ",")
+			res = append(res, match[1][2:])
+		}
+	} else {
+		matches := re18nBackendController.FindAllStringSubmatch(fileContent, -1)
+		if matches == nil {
+			return res
+		}
+		for _, match := range matches {
+			res = append(res, match[1][1:])
+		}
+	}
+
+	return res
+}
+
+func getAllGoFilePaths() []string {
+	path := "../"
+
+	res := []string{}
+	err := filepath.Walk(path,
+		func(path string, info os.FileInfo, err error) error {
+			if err != nil {
+				return err
+			}
+
+			if !strings.HasSuffix(info.Name(), ".go") {
+				return nil
+			}
+
+			res = append(res, path)
+			// fmt.Println(path, info.Name())
+			return nil
+		})
+	if err != nil {
+		panic(err)
+	}
+
+	return res
+}
+
+func getErrName(paths []string) map[string]bool {
+	ErrName := make(map[string]bool)
+	for i := 0; i < len(paths); i++ {
+		content := util.ReadStringFromPath(paths[i])
+		words := GetAllI18nStrings(content, paths[i])
+		for i := 0; i < len(words); i++ {
+			ErrName[words[i]] = true
+		}
+	}
+	return ErrName
+}
+
+func writeToAllLanguageFiles(errName map[string]bool) {
+	languages := "en,zh,es,fr,de,ja,ko,ru"
+	languageArr := strings.Split(languages, ",")
+	var c [10]*goconfig.ConfigFile
+	for i := 0; i < len(languageArr); i++ {
+		var err error
+		c[i], err = goconfig.LoadConfigFile("../i18n/languages/" + "locale_" + languageArr[i] + ".ini")
+		if err != nil {
+			log.Println(err.Error())
+		}
+		for j := range errName {
+			parts := strings.Split(j, ".")
+			_, err := c[i].GetValue(parts[0], parts[1])
+			if err != nil {
+				c[i].SetValue(parts[0], parts[1], parts[1])
+			}
+		}
+		c[i].SetPrettyFormat(true)
+		err = goconfig.SaveConfigFile(c[i], "../i18n/languages/"+"locale_"+languageArr[i]+".ini")
+		if err != nil {
+			log.Println(err)
+		}
+	}
+}

i18n/generate_test.go

@@ -14,7 +14,10 @@
 
 package i18n
 
-import "testing"
+import (
+	"fmt"
+	"testing"
+)
 
 func applyToOtherLanguage(dataEn *I18nData, lang string) {
 	dataOther := readI18nFile(lang)
@@ -24,7 +27,7 @@ func applyToOtherLanguage(dataEn *I18nData, lang string) {
 	writeI18nFile(lang, dataEn)
 }
 
-func TestGenerateI18nStrings(t *testing.T) {
+func TestGenerateI18nStringsForFrontend(t *testing.T) {
 	dataEn := parseToData()
 	writeI18nFile("en", dataEn)
 
@@ -35,3 +38,17 @@ func TestGenerateI18nStrings(t *testing.T) {
 	applyToOtherLanguage(dataEn, "ru")
 	applyToOtherLanguage(dataEn, "zh")
 }
+
+func TestGenerateI18nStringsForBackend(t *testing.T) {
+	paths := getAllGoFilePaths()
+
+	errName := getErrName(paths)
+
+	writeToAllLanguageFiles(errName)
+
+	fmt.Println("Total Err Words:", len(errName))
+
+	for i := range errName {
+		fmt.Println(i)
+	}
+}

i18n/languages/locale_de.ini

@@ -0,0 +1,138 @@
+[ApplicationErr]
+AppNotFound = Application %s not found
+AppNotFoundForUserID = No application is found for userId: %s
+GrantTypeNotSupport = Grant_type: %s is not supported in this application
+HasNoProviders = This application has no providers
+HasNoProvidersOfType = This application has no providers of type
+InvalidID = Invalid application id
+
+[AuthErr]
+AuthStateWrong = State expected: %s, but got: %s
+ChallengeMethodErr = Challenge method should be S256
+CanNotUnlinkUsers = You are not the global admin, you can't unlink other users
+CanNotLinkMySelf = You can't unlink yourself, you are not a member of any application
+CallWebAuthnSigninBegin = Please call WebAuthnSigninBegin first
+NotHuman = Turing test failed.
+Unauthorized = Unauthorized operation
+WrongPasswordManyTimes = WrongPasswordManyTimes
+
+[CasErr]
+ServiceDoNotMatch = Service %s and %s do not match
+
+[EmailErr]
+ExistedErr = Email already exists
+EmptyErr = Email cannot be empty
+EmailInvalid = Email is invalid
+EmailCheckResult = Email: %s
+EmptyParam = Empty parameters for emailForm: %v
+InvalidReceivers = Invalid Email receivers: %s
+UnableGetModifyRule = Unable to get the email modify rule.
+
+[EnforcerErr]
+SignInFirst = Please sign in first
+
+[InitErr]
+InitScoreFailed = Get init score failed, error: %%w
+
+[LdapErr]
+MultipleAccounts = Multiple accounts with same uid, please check your ldap server
+PasswordWrong = Ldap user name or password incorrect
+ServerExisted = Ldap server exist
+
+[LoginErr]
+AppDoNotExist = The application: %s does not exist
+AppNotEnableSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support
+AccountDoNotExist = The account does not exist
+InvalidUserInformation = Failed to create user, user information is invalid: %s
+LoginFirst = Please login first
+LoginFail = Failed to login in: %s
+NoPermission = You don't have the permission to do this
+OldUser = The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)
+ProviderCanNotSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up
+SessionOutdated = Session outdated, please login again
+SignOutFirst = Please sign out first before signing in
+SignInFirst = Please sign in first
+UserDoNotExist = The user: %s/%s doesn't exist
+UserIsForbidden = The user is forbidden to sign in, please contact the administrator
+UnknownAuthentication = Unknown authentication type (not password or provider), form = %s
+UnsupportedPasswordType = unsupported password type: %s
+
+[OrgErr]
+DoNotExist = Organization does not exist
+Immutable = The %s is immutable.
+OnlyAdmin = Only admin can modify the %s.
+UnknownModifyRule = Unknown modify rule %s.
+
+[ParameterErr]
+OrgMissingErr = Parameter organization is missing
+Missing = Missing parameter
+UnknownType = Unknown type
+Wrong = Wrong parameter
+
+[PhoneErr]
+CodeNotSent = Code has not been sent yet!
+CodeTimeOut = You should verify your code in %d min!
+ExistedErr = Phone already exists
+EmptyErr = Phone cannot be empty
+InvalidReceivers = Invalid phone receivers: %s
+NumberInvalid = Phone number is invalid
+NoPrefix = %s No phone prefix
+PhoneCheckResult = Phone: %s
+UnableGetModifyRule = Unable to get the phone modify rule.
+
+[ProviderErr]
+CanNotBeUnlinked = This provider can't be unlinked
+CategoryNotSAML = provider %s's category is not SAML
+DoNotExist = the provider: %s does not exist
+InvalidProvider = Invalid captcha provider.
+LinkFirstErr = Please link first
+ProviderNotEnabled = The provider: %s is not enabled for the application
+ProviderNotSupported = The provider type: %s is not supported
+ProviderNotFound = The provider: %s is not found
+ProviderNotFoundForCategory = No provider for category: %s is found for application: %s
+
+[ResourceErr]
+NotAuthorized = You are not authorized to access this resource
+UserIsNil = User is nil for tag: /"avatar/"
+UsernameOrFilePathEmpty = Username or fullFilePath is empty: username = %s, fullFilePath = %s
+
+[SetPasswordErr]
+CanNotContainBlank = New password cannot contain blank space.
+LessThanSixCharacters = New password must have at least 6 characters
+
+[SignUpErr]
+DoNotAllowSignUp = The application does not allow to sign up new account
+SignOutFirst = Please sign out first before signing up
+
+[StorageErr]
+ObjectKeyNotAllowed = The objectKey: %s is not allowed
+
+[TokenErr]
+EmptyClientID = Empty clientId or clientSecret
+InvalidToken = Invalid token
+InvalidAppOrWrongClientSecret = Invalid application or wrong clientSecret
+InvalidClientId = Invalid client_id
+RedirectURIDoNotExist = Redirect URI: %s doesn't exist in the allowed Redirect URI list
+
+[UserErr]
+AffiliationBlankErr = Affiliation cannot be blank
+DisplayNameBlankErr = DisplayName cannot be blank
+DisplayNameInvalid = DisplayName is not valid real name
+DisplayNameCanNotBeEmpty = Display name cannot be empty
+DoNotExist = The user: %s doesn't exist
+DoNotExistInOrg = The user: %s/%s doesn't exist
+DoNotExistSignUp = the user does not exist, please sign up first
+FirstNameBlankErr = FirstName cannot be blank
+FailToImportUsers = Failed to import users
+LastNameBlankErr = LastName cannot be blank
+NameLessThanTwoCharacters = Username must have at least 2 characters
+NameStartWithADigitErr = Username cannot start with a digit
+NameIsEmailErr = Username cannot be an email address
+NameCantainWhitSpaceErr = Username cannot contain white spaces
+NameExistedErr = Username already exists
+NameEmptyErr = Empty username.
+NameTooLang = Username is too long (maximum is 39 characters).
+NameFormatErr = The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.
+PasswordLessThanSixCharacters = Password must have at least 6 characters
+InvalidInformation = Invalid information
+

i18n/languages/locale_en.ini

@@ -0,0 +1,138 @@
+[ApplicationErr]
+AppNotFound = Application %s not found
+AppNotFoundForUserID = No application is found for userId: %s
+GrantTypeNotSupport = Grant_type: %s is not supported in this application
+HasNoProviders = This application has no providers
+HasNoProvidersOfType = This application has no providers of type
+InvalidID = Invalid application id
+
+[AuthErr]
+AuthStateWrong = State expected: %s, but got: %s
+ChallengeMethodErr = Challenge method should be S256
+CanNotUnlinkUsers = You are not the global admin, you can't unlink other users
+CanNotLinkMySelf = You can't unlink yourself, you are not a member of any application
+CallWebAuthnSigninBegin = Please call WebAuthnSigninBegin first
+NotHuman = Turing test failed.
+WrongPasswordManyTimes = You have entered the wrong password too many times, please wait for %d minutes %d seconds and try again
+Unauthorized = Unauthorized operation
+
+[CasErr]
+ServiceDoNotMatch = Service %s and %s do not match
+
+[EmailErr]
+ExistedErr = Email already exists
+EmptyErr = Email cannot be empty
+EmailInvalid = Email is invalid
+EmailCheckResult = Email: %s
+EmptyParam = Empty parameters for emailForm: %v
+InvalidReceivers = Invalid Email receivers: %s
+UnableGetModifyRule = Unable to get the email modify rule.
+
+[EnforcerErr]
+SignInFirst = Please sign in first
+
+[InitErr]
+InitScoreFailed = Get init score failed, error: %%w
+
+[LdapErr]
+MultipleAccounts = Multiple accounts with same uid, please check your ldap server
+PasswordWrong = Ldap user name or password incorrect
+ServerExisted = Ldap server exist
+
+[LoginErr]
+AppDoNotExist = The application: %s does not exist
+AppNotEnableSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support
+AccountDoNotExist = The account does not exist
+InvalidUserInformation = Failed to create user, user information is invalid: %s
+LoginFirst = Please login first
+LoginFail = Failed to login in: %s
+NoPermission = You don't have the permission to do this
+OldUser = The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)
+ProviderCanNotSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up
+SessionOutdated = Session outdated, please login again
+SignOutFirst = Please sign out first before signing in
+SignInFirst = Please sign in first
+UserDoNotExist = The user: %s/%s doesn't exist
+UserIsForbidden = The user is forbidden to sign in, please contact the administrator
+UnknownAuthentication = Unknown authentication type (not password or provider), form = %s
+UnsupportedPasswordType = unsupported password type: %s
+
+[OrgErr]
+DoNotExist = Organization does not exist
+Immutable = The %s is immutable.
+OnlyAdmin = Only admin can modify the %s.
+UnknownModifyRule = Unknown modify rule %s.
+
+[ParameterErr]
+OrgMissingErr = Parameter organization is missing
+Missing = Missing parameter
+UnknownType = Unknown type
+Wrong = Wrong parameter
+
+[PhoneErr]
+CodeNotSent = Code has not been sent yet!
+CodeTimeOut = You should verify your code in %d min!
+ExistedErr = Phone already exists
+EmptyErr = Phone cannot be empty
+InvalidReceivers = Invalid phone receivers: %s
+NumberInvalid = Phone number is invalid
+NoPrefix = %s No phone prefix
+PhoneCheckResult = Phone: %s
+UnableGetModifyRule = Unable to get the phone modify rule.
+
+[ProviderErr]
+CanNotBeUnlinked = This provider can't be unlinked
+CategoryNotSAML = provider %s's category is not SAML
+DoNotExist = the provider: %s does not exist
+InvalidProvider = Invalid captcha provider.
+LinkFirstErr = Please link first
+ProviderNotEnabled = The provider: %s is not enabled for the application
+ProviderNotSupported = The provider type: %s is not supported
+ProviderNotFound = The provider: %s is not found
+ProviderNotFoundForCategory = No provider for category: %s is found for application: %s
+
+[ResourceErr]
+NotAuthorized = You are not authorized to access this resource
+UserIsNil = User is nil for tag: /"avatar/"
+UsernameOrFilePathEmpty = Username or fullFilePath is empty: username = %s, fullFilePath = %s
+
+[SetPasswordErr]
+CanNotContainBlank = New password cannot contain blank space.
+LessThanSixCharacters = New password must have at least 6 characters
+
+[SignUpErr]
+DoNotAllowSignUp = The application does not allow to sign up new account
+SignOutFirst = Please sign out first before signing up
+
+[StorageErr]
+ObjectKeyNotAllowed = The objectKey: %s is not allowed
+
+[TokenErr]
+EmptyClientID = Empty clientId or clientSecret
+InvalidToken = Invalid token
+InvalidAppOrWrongClientSecret = Invalid application or wrong clientSecret
+InvalidClientId = Invalid client_id
+RedirectURIDoNotExist = Redirect URI: %s doesn't exist in the allowed Redirect URI list
+
+[UserErr]
+AffiliationBlankErr = Affiliation cannot be blank
+DisplayNameBlankErr = DisplayName cannot be blank
+DisplayNameInvalid = DisplayName is not valid real name
+DisplayNameCanNotBeEmpty = Display name cannot be empty
+DoNotExist = The user: %s doesn't exist
+DoNotExistInOrg = The user: %s/%s doesn't exist
+DoNotExistSignUp = the user does not exist, please sign up first
+FirstNameBlankErr = FirstName cannot be blank
+FailToImportUsers = Failed to import users
+LastNameBlankErr = LastName cannot be blank
+NameLessThanTwoCharacters = Username must have at least 2 characters
+NameStartWithADigitErr = Username cannot start with a digit
+NameIsEmailErr = Username cannot be an email address
+NameCantainWhitSpaceErr = Username cannot contain white spaces
+NameExistedErr = Username already exists
+NameEmptyErr = Empty username.
+NameTooLang = Username is too long (maximum is 39 characters).
+NameFormatErr = The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.
+PasswordLessThanSixCharacters = Password must have at least 6 characters
+InvalidInformation = Invalid information
+

i18n/languages/locale_es.ini

@@ -0,0 +1,138 @@
+[ApplicationErr]
+AppNotFound = Application %s not found
+AppNotFoundForUserID = No application is found for userId: %s
+GrantTypeNotSupport = Grant_type: %s is not supported in this application
+HasNoProviders = This application has no providers
+HasNoProvidersOfType = This application has no providers of type
+InvalidID = Invalid application id
+
+[AuthErr]
+AuthStateWrong = State expected: %s, but got: %s
+ChallengeMethodErr = Challenge method should be S256
+CanNotUnlinkUsers = You are not the global admin, you can't unlink other users
+CanNotLinkMySelf = You can't unlink yourself, you are not a member of any application
+CallWebAuthnSigninBegin = Please call WebAuthnSigninBegin first
+NotHuman = Turing test failed.
+Unauthorized = Unauthorized operation
+WrongPasswordManyTimes = WrongPasswordManyTimes
+
+[CasErr]
+ServiceDoNotMatch = Service %s and %s do not match
+
+[EmailErr]
+ExistedErr = Email already exists
+EmptyErr = Email cannot be empty
+EmailInvalid = Email is invalid
+EmailCheckResult = Email: %s
+EmptyParam = Empty parameters for emailForm: %v
+InvalidReceivers = Invalid Email receivers: %s
+UnableGetModifyRule = Unable to get the email modify rule.
+
+[EnforcerErr]
+SignInFirst = Please sign in first
+
+[InitErr]
+InitScoreFailed = Get init score failed, error: %%w
+
+[LdapErr]
+MultipleAccounts = Multiple accounts with same uid, please check your ldap server
+PasswordWrong = Ldap user name or password incorrect
+ServerExisted = Ldap server exist
+
+[LoginErr]
+AppDoNotExist = The application: %s does not exist
+AppNotEnableSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support
+AccountDoNotExist = The account does not exist
+InvalidUserInformation = Failed to create user, user information is invalid: %s
+LoginFirst = Please login first
+LoginFail = Failed to login in: %s
+NoPermission = You don't have the permission to do this
+OldUser = The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)
+ProviderCanNotSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up
+SessionOutdated = Session outdated, please login again
+SignOutFirst = Please sign out first before signing in
+SignInFirst = Please sign in first
+UserDoNotExist = The user: %s/%s doesn't exist
+UserIsForbidden = The user is forbidden to sign in, please contact the administrator
+UnknownAuthentication = Unknown authentication type (not password or provider), form = %s
+UnsupportedPasswordType = unsupported password type: %s
+
+[OrgErr]
+DoNotExist = Organization does not exist
+Immutable = The %s is immutable.
+OnlyAdmin = Only admin can modify the %s.
+UnknownModifyRule = Unknown modify rule %s.
+
+[ParameterErr]
+OrgMissingErr = Parameter organization is missing
+Missing = Missing parameter
+UnknownType = Unknown type
+Wrong = Wrong parameter
+
+[PhoneErr]
+CodeNotSent = Code has not been sent yet!
+CodeTimeOut = You should verify your code in %d min!
+ExistedErr = Phone already exists
+EmptyErr = Phone cannot be empty
+InvalidReceivers = Invalid phone receivers: %s
+NumberInvalid = Phone number is invalid
+NoPrefix = %s No phone prefix
+PhoneCheckResult = Phone: %s
+UnableGetModifyRule = Unable to get the phone modify rule.
+
+[ProviderErr]
+CanNotBeUnlinked = This provider can't be unlinked
+CategoryNotSAML = provider %s's category is not SAML
+DoNotExist = the provider: %s does not exist
+InvalidProvider = Invalid captcha provider.
+LinkFirstErr = Please link first
+ProviderNotEnabled = The provider: %s is not enabled for the application
+ProviderNotSupported = The provider type: %s is not supported
+ProviderNotFound = The provider: %s is not found
+ProviderNotFoundForCategory = No provider for category: %s is found for application: %s
+
+[ResourceErr]
+NotAuthorized = You are not authorized to access this resource
+UserIsNil = User is nil for tag: /"avatar/"
+UsernameOrFilePathEmpty = Username or fullFilePath is empty: username = %s, fullFilePath = %s
+
+[SetPasswordErr]
+CanNotContainBlank = New password cannot contain blank space.
+LessThanSixCharacters = New password must have at least 6 characters
+
+[SignUpErr]
+DoNotAllowSignUp = The application does not allow to sign up new account
+SignOutFirst = Please sign out first before signing up
+
+[StorageErr]
+ObjectKeyNotAllowed = The objectKey: %s is not allowed
+
+[TokenErr]
+EmptyClientID = Empty clientId or clientSecret
+InvalidToken = Invalid token
+InvalidAppOrWrongClientSecret = Invalid application or wrong clientSecret
+InvalidClientId = Invalid client_id
+RedirectURIDoNotExist = Redirect URI: %s doesn't exist in the allowed Redirect URI list
+
+[UserErr]
+AffiliationBlankErr = Affiliation cannot be blank
+DisplayNameBlankErr = DisplayName cannot be blank
+DisplayNameInvalid = DisplayName is not valid real name
+DisplayNameCanNotBeEmpty = Display name cannot be empty
+DoNotExist = The user: %s doesn't exist
+DoNotExistInOrg = The user: %s/%s doesn't exist
+DoNotExistSignUp = the user does not exist, please sign up first
+FirstNameBlankErr = FirstName cannot be blank
+FailToImportUsers = Failed to import users
+LastNameBlankErr = LastName cannot be blank
+NameLessThanTwoCharacters = Username must have at least 2 characters
+NameStartWithADigitErr = Username cannot start with a digit
+NameIsEmailErr = Username cannot be an email address
+NameCantainWhitSpaceErr = Username cannot contain white spaces
+NameExistedErr = Username already exists
+NameEmptyErr = Empty username.
+NameTooLang = Username is too long (maximum is 39 characters).
+NameFormatErr = The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.
+PasswordLessThanSixCharacters = Password must have at least 6 characters
+InvalidInformation = Invalid information
+

i18n/languages/locale_fr.ini

@@ -0,0 +1,138 @@
+[ApplicationErr]
+AppNotFound = Application %s not found
+AppNotFoundForUserID = No application is found for userId: %s
+GrantTypeNotSupport = Grant_type: %s is not supported in this application
+HasNoProviders = This application has no providers
+HasNoProvidersOfType = This application has no providers of type
+InvalidID = Invalid application id
+
+[AuthErr]
+AuthStateWrong = State expected: %s, but got: %s
+ChallengeMethodErr = Challenge method should be S256
+CanNotUnlinkUsers = You are not the global admin, you can't unlink other users
+CanNotLinkMySelf = You can't unlink yourself, you are not a member of any application
+CallWebAuthnSigninBegin = Please call WebAuthnSigninBegin first
+NotHuman = Turing test failed.
+Unauthorized = Unauthorized operation
+WrongPasswordManyTimes = WrongPasswordManyTimes
+
+[CasErr]
+ServiceDoNotMatch = Service %s and %s do not match
+
+[EmailErr]
+ExistedErr = Email already exists
+EmptyErr = Email cannot be empty
+EmailInvalid = Email is invalid
+EmailCheckResult = Email: %s
+EmptyParam = Empty parameters for emailForm: %v
+InvalidReceivers = Invalid Email receivers: %s
+UnableGetModifyRule = Unable to get the email modify rule.
+
+[EnforcerErr]
+SignInFirst = Please sign in first
+
+[InitErr]
+InitScoreFailed = Get init score failed, error: %%w
+
+[LdapErr]
+MultipleAccounts = Multiple accounts with same uid, please check your ldap server
+PasswordWrong = Ldap user name or password incorrect
+ServerExisted = Ldap server exist
+
+[LoginErr]
+AppDoNotExist = The application: %s does not exist
+AppNotEnableSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support
+AccountDoNotExist = The account does not exist
+InvalidUserInformation = Failed to create user, user information is invalid: %s
+LoginFirst = Please login first
+LoginFail = Failed to login in: %s
+NoPermission = You don't have the permission to do this
+OldUser = The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)
+ProviderCanNotSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up
+SessionOutdated = Session outdated, please login again
+SignOutFirst = Please sign out first before signing in
+SignInFirst = Please sign in first
+UserDoNotExist = The user: %s/%s doesn't exist
+UserIsForbidden = The user is forbidden to sign in, please contact the administrator
+UnknownAuthentication = Unknown authentication type (not password or provider), form = %s
+UnsupportedPasswordType = unsupported password type: %s
+
+[OrgErr]
+DoNotExist = Organization does not exist
+Immutable = The %s is immutable.
+OnlyAdmin = Only admin can modify the %s.
+UnknownModifyRule = Unknown modify rule %s.
+
+[ParameterErr]
+OrgMissingErr = Parameter organization is missing
+Missing = Missing parameter
+UnknownType = Unknown type
+Wrong = Wrong parameter
+
+[PhoneErr]
+CodeNotSent = Code has not been sent yet!
+CodeTimeOut = You should verify your code in %d min!
+ExistedErr = Phone already exists
+EmptyErr = Phone cannot be empty
+InvalidReceivers = Invalid phone receivers: %s
+NumberInvalid = Phone number is invalid
+NoPrefix = %s No phone prefix
+PhoneCheckResult = Phone: %s
+UnableGetModifyRule = Unable to get the phone modify rule.
+
+[ProviderErr]
+CanNotBeUnlinked = This provider can't be unlinked
+CategoryNotSAML = provider %s's category is not SAML
+DoNotExist = the provider: %s does not exist
+InvalidProvider = Invalid captcha provider.
+LinkFirstErr = Please link first
+ProviderNotEnabled = The provider: %s is not enabled for the application
+ProviderNotSupported = The provider type: %s is not supported
+ProviderNotFound = The provider: %s is not found
+ProviderNotFoundForCategory = No provider for category: %s is found for application: %s
+
+[ResourceErr]
+NotAuthorized = You are not authorized to access this resource
+UserIsNil = User is nil for tag: /"avatar/"
+UsernameOrFilePathEmpty = Username or fullFilePath is empty: username = %s, fullFilePath = %s
+
+[SetPasswordErr]
+CanNotContainBlank = New password cannot contain blank space.
+LessThanSixCharacters = New password must have at least 6 characters
+
+[SignUpErr]
+DoNotAllowSignUp = The application does not allow to sign up new account
+SignOutFirst = Please sign out first before signing up
+
+[StorageErr]
+ObjectKeyNotAllowed = The objectKey: %s is not allowed
+
+[TokenErr]
+EmptyClientID = Empty clientId or clientSecret
+InvalidToken = Invalid token
+InvalidAppOrWrongClientSecret = Invalid application or wrong clientSecret
+InvalidClientId = Invalid client_id
+RedirectURIDoNotExist = Redirect URI: %s doesn't exist in the allowed Redirect URI list
+
+[UserErr]
+AffiliationBlankErr = Affiliation cannot be blank
+DisplayNameBlankErr = DisplayName cannot be blank
+DisplayNameInvalid = DisplayName is not valid real name
+DisplayNameCanNotBeEmpty = Display name cannot be empty
+DoNotExist = The user: %s doesn't exist
+DoNotExistInOrg = The user: %s/%s doesn't exist
+DoNotExistSignUp = the user does not exist, please sign up first
+FirstNameBlankErr = FirstName cannot be blank
+FailToImportUsers = Failed to import users
+LastNameBlankErr = LastName cannot be blank
+NameLessThanTwoCharacters = Username must have at least 2 characters
+NameStartWithADigitErr = Username cannot start with a digit
+NameIsEmailErr = Username cannot be an email address
+NameCantainWhitSpaceErr = Username cannot contain white spaces
+NameExistedErr = Username already exists
+NameEmptyErr = Empty username.
+NameTooLang = Username is too long (maximum is 39 characters).
+NameFormatErr = The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.
+PasswordLessThanSixCharacters = Password must have at least 6 characters
+InvalidInformation = Invalid information
+

i18n/languages/locale_ja.ini

@@ -0,0 +1,138 @@
+[ApplicationErr]
+AppNotFound = Application %s not found
+AppNotFoundForUserID = No application is found for userId: %s
+GrantTypeNotSupport = Grant_type: %s is not supported in this application
+HasNoProviders = This application has no providers
+HasNoProvidersOfType = This application has no providers of type
+InvalidID = Invalid application id
+
+[AuthErr]
+AuthStateWrong = State expected: %s, but got: %s
+ChallengeMethodErr = Challenge method should be S256
+CanNotUnlinkUsers = You are not the global admin, you can't unlink other users
+CanNotLinkMySelf = You can't unlink yourself, you are not a member of any application
+CallWebAuthnSigninBegin = Please call WebAuthnSigninBegin first
+NotHuman = Turing test failed.
+Unauthorized = Unauthorized operation
+WrongPasswordManyTimes = WrongPasswordManyTimes
+
+[CasErr]
+ServiceDoNotMatch = Service %s and %s do not match
+
+[EmailErr]
+ExistedErr = Email already exists
+EmptyErr = Email cannot be empty
+EmailInvalid = Email is invalid
+EmailCheckResult = Email: %s
+EmptyParam = Empty parameters for emailForm: %v
+InvalidReceivers = Invalid Email receivers: %s
+UnableGetModifyRule = Unable to get the email modify rule.
+
+[EnforcerErr]
+SignInFirst = Please sign in first
+
+[InitErr]
+InitScoreFailed = Get init score failed, error: %%w
+
+[LdapErr]
+MultipleAccounts = Multiple accounts with same uid, please check your ldap server
+PasswordWrong = Ldap user name or password incorrect
+ServerExisted = Ldap server exist
+
+[LoginErr]
+AppDoNotExist = The application: %s does not exist
+AppNotEnableSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support
+AccountDoNotExist = The account does not exist
+InvalidUserInformation = Failed to create user, user information is invalid: %s
+LoginFirst = Please login first
+LoginFail = Failed to login in: %s
+NoPermission = You don't have the permission to do this
+OldUser = The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)
+ProviderCanNotSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up
+SessionOutdated = Session outdated, please login again
+SignOutFirst = Please sign out first before signing in
+SignInFirst = Please sign in first
+UserDoNotExist = The user: %s/%s doesn't exist
+UserIsForbidden = The user is forbidden to sign in, please contact the administrator
+UnknownAuthentication = Unknown authentication type (not password or provider), form = %s
+UnsupportedPasswordType = unsupported password type: %s
+
+[OrgErr]
+DoNotExist = Organization does not exist
+Immutable = The %s is immutable.
+OnlyAdmin = Only admin can modify the %s.
+UnknownModifyRule = Unknown modify rule %s.
+
+[ParameterErr]
+OrgMissingErr = Parameter organization is missing
+Missing = Missing parameter
+UnknownType = Unknown type
+Wrong = Wrong parameter
+
+[PhoneErr]
+CodeNotSent = Code has not been sent yet!
+CodeTimeOut = You should verify your code in %d min!
+ExistedErr = Phone already exists
+EmptyErr = Phone cannot be empty
+InvalidReceivers = Invalid phone receivers: %s
+NumberInvalid = Phone number is invalid
+NoPrefix = %s No phone prefix
+PhoneCheckResult = Phone: %s
+UnableGetModifyRule = Unable to get the phone modify rule.
+
+[ProviderErr]
+CanNotBeUnlinked = This provider can't be unlinked
+CategoryNotSAML = provider %s's category is not SAML
+DoNotExist = the provider: %s does not exist
+InvalidProvider = Invalid captcha provider.
+LinkFirstErr = Please link first
+ProviderNotEnabled = The provider: %s is not enabled for the application
+ProviderNotSupported = The provider type: %s is not supported
+ProviderNotFound = The provider: %s is not found
+ProviderNotFoundForCategory = No provider for category: %s is found for application: %s
+
+[ResourceErr]
+NotAuthorized = You are not authorized to access this resource
+UserIsNil = User is nil for tag: /"avatar/"
+UsernameOrFilePathEmpty = Username or fullFilePath is empty: username = %s, fullFilePath = %s
+
+[SetPasswordErr]
+CanNotContainBlank = New password cannot contain blank space.
+LessThanSixCharacters = New password must have at least 6 characters
+
+[SignUpErr]
+DoNotAllowSignUp = The application does not allow to sign up new account
+SignOutFirst = Please sign out first before signing up
+
+[StorageErr]
+ObjectKeyNotAllowed = The objectKey: %s is not allowed
+
+[TokenErr]
+EmptyClientID = Empty clientId or clientSecret
+InvalidToken = Invalid token
+InvalidAppOrWrongClientSecret = Invalid application or wrong clientSecret
+InvalidClientId = Invalid client_id
+RedirectURIDoNotExist = Redirect URI: %s doesn't exist in the allowed Redirect URI list
+
+[UserErr]
+AffiliationBlankErr = Affiliation cannot be blank
+DisplayNameBlankErr = DisplayName cannot be blank
+DisplayNameInvalid = DisplayName is not valid real name
+DisplayNameCanNotBeEmpty = Display name cannot be empty
+DoNotExist = The user: %s doesn't exist
+DoNotExistInOrg = The user: %s/%s doesn't exist
+DoNotExistSignUp = the user does not exist, please sign up first
+FirstNameBlankErr = FirstName cannot be blank
+FailToImportUsers = Failed to import users
+LastNameBlankErr = LastName cannot be blank
+NameLessThanTwoCharacters = Username must have at least 2 characters
+NameStartWithADigitErr = Username cannot start with a digit
+NameIsEmailErr = Username cannot be an email address
+NameCantainWhitSpaceErr = Username cannot contain white spaces
+NameExistedErr = Username already exists
+NameEmptyErr = Empty username.
+NameTooLang = Username is too long (maximum is 39 characters).
+NameFormatErr = The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.
+PasswordLessThanSixCharacters = Password must have at least 6 characters
+InvalidInformation = Invalid information
+

i18n/languages/locale_ko.ini

@@ -0,0 +1,138 @@
+[ApplicationErr]
+AppNotFound = Application %s not found
+AppNotFoundForUserID = No application is found for userId: %s
+GrantTypeNotSupport = Grant_type: %s is not supported in this application
+HasNoProviders = This application has no providers
+HasNoProvidersOfType = This application has no providers of type
+InvalidID = Invalid application id
+
+[AuthErr]
+AuthStateWrong = State expected: %s, but got: %s
+ChallengeMethodErr = Challenge method should be S256
+CanNotUnlinkUsers = You are not the global admin, you can't unlink other users
+CanNotLinkMySelf = You can't unlink yourself, you are not a member of any application
+CallWebAuthnSigninBegin = Please call WebAuthnSigninBegin first
+NotHuman = Turing test failed.
+Unauthorized = Unauthorized operation
+WrongPasswordManyTimes = WrongPasswordManyTimes
+
+[CasErr]
+ServiceDoNotMatch = Service %s and %s do not match
+
+[EmailErr]
+ExistedErr = Email already exists
+EmptyErr = Email cannot be empty
+EmailInvalid = Email is invalid
+EmailCheckResult = Email: %s
+EmptyParam = Empty parameters for emailForm: %v
+InvalidReceivers = Invalid Email receivers: %s
+UnableGetModifyRule = Unable to get the email modify rule.
+
+[EnforcerErr]
+SignInFirst = Please sign in first
+
+[InitErr]
+InitScoreFailed = Get init score failed, error: %%w
+
+[LdapErr]
+MultipleAccounts = Multiple accounts with same uid, please check your ldap server
+PasswordWrong = Ldap user name or password incorrect
+ServerExisted = Ldap server exist
+
+[LoginErr]
+AppDoNotExist = The application: %s does not exist
+AppNotEnableSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support
+AccountDoNotExist = The account does not exist
+InvalidUserInformation = Failed to create user, user information is invalid: %s
+LoginFirst = Please login first
+LoginFail = Failed to login in: %s
+NoPermission = You don't have the permission to do this
+OldUser = The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)
+ProviderCanNotSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up
+SessionOutdated = Session outdated, please login again
+SignOutFirst = Please sign out first before signing in
+SignInFirst = Please sign in first
+UserDoNotExist = The user: %s/%s doesn't exist
+UserIsForbidden = The user is forbidden to sign in, please contact the administrator
+UnknownAuthentication = Unknown authentication type (not password or provider), form = %s
+UnsupportedPasswordType = unsupported password type: %s
+
+[OrgErr]
+DoNotExist = Organization does not exist
+Immutable = The %s is immutable.
+OnlyAdmin = Only admin can modify the %s.
+UnknownModifyRule = Unknown modify rule %s.
+
+[ParameterErr]
+OrgMissingErr = Parameter organization is missing
+Missing = Missing parameter
+UnknownType = Unknown type
+Wrong = Wrong parameter
+
+[PhoneErr]
+CodeNotSent = Code has not been sent yet!
+CodeTimeOut = You should verify your code in %d min!
+ExistedErr = Phone already exists
+EmptyErr = Phone cannot be empty
+InvalidReceivers = Invalid phone receivers: %s
+NumberInvalid = Phone number is invalid
+NoPrefix = %s No phone prefix
+PhoneCheckResult = Phone: %s
+UnableGetModifyRule = Unable to get the phone modify rule.
+
+[ProviderErr]
+CanNotBeUnlinked = This provider can't be unlinked
+CategoryNotSAML = provider %s's category is not SAML
+DoNotExist = the provider: %s does not exist
+InvalidProvider = Invalid captcha provider.
+LinkFirstErr = Please link first
+ProviderNotEnabled = The provider: %s is not enabled for the application
+ProviderNotSupported = The provider type: %s is not supported
+ProviderNotFound = The provider: %s is not found
+ProviderNotFoundForCategory = No provider for category: %s is found for application: %s
+
+[ResourceErr]
+NotAuthorized = You are not authorized to access this resource
+UserIsNil = User is nil for tag: /"avatar/"
+UsernameOrFilePathEmpty = Username or fullFilePath is empty: username = %s, fullFilePath = %s
+
+[SetPasswordErr]
+CanNotContainBlank = New password cannot contain blank space.
+LessThanSixCharacters = New password must have at least 6 characters
+
+[SignUpErr]
+DoNotAllowSignUp = The application does not allow to sign up new account
+SignOutFirst = Please sign out first before signing up
+
+[StorageErr]
+ObjectKeyNotAllowed = The objectKey: %s is not allowed
+
+[TokenErr]
+EmptyClientID = Empty clientId or clientSecret
+InvalidToken = Invalid token
+InvalidAppOrWrongClientSecret = Invalid application or wrong clientSecret
+InvalidClientId = Invalid client_id
+RedirectURIDoNotExist = Redirect URI: %s doesn't exist in the allowed Redirect URI list
+
+[UserErr]
+AffiliationBlankErr = Affiliation cannot be blank
+DisplayNameBlankErr = DisplayName cannot be blank
+DisplayNameInvalid = DisplayName is not valid real name
+DisplayNameCanNotBeEmpty = Display name cannot be empty
+DoNotExist = The user: %s doesn't exist
+DoNotExistInOrg = The user: %s/%s doesn't exist
+DoNotExistSignUp = the user does not exist, please sign up first
+FirstNameBlankErr = FirstName cannot be blank
+FailToImportUsers = Failed to import users
+LastNameBlankErr = LastName cannot be blank
+NameLessThanTwoCharacters = Username must have at least 2 characters
+NameStartWithADigitErr = Username cannot start with a digit
+NameIsEmailErr = Username cannot be an email address
+NameCantainWhitSpaceErr = Username cannot contain white spaces
+NameExistedErr = Username already exists
+NameEmptyErr = Empty username.
+NameTooLang = Username is too long (maximum is 39 characters).
+NameFormatErr = The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.
+PasswordLessThanSixCharacters = Password must have at least 6 characters
+InvalidInformation = Invalid information
+

i18n/languages/locale_ru.ini

@@ -0,0 +1,138 @@
+[ApplicationErr]
+AppNotFound = Application %s not found
+AppNotFoundForUserID = No application is found for userId: %s
+GrantTypeNotSupport = Grant_type: %s is not supported in this application
+HasNoProviders = This application has no providers
+HasNoProvidersOfType = This application has no providers of type
+InvalidID = Invalid application id
+
+[AuthErr]
+AuthStateWrong = State expected: %s, but got: %s
+ChallengeMethodErr = Challenge method should be S256
+CanNotUnlinkUsers = You are not the global admin, you can't unlink other users
+CanNotLinkMySelf = You can't unlink yourself, you are not a member of any application
+CallWebAuthnSigninBegin = Please call WebAuthnSigninBegin first
+NotHuman = Turing test failed.
+Unauthorized = Unauthorized operation
+WrongPasswordManyTimes = WrongPasswordManyTimes
+
+[CasErr]
+ServiceDoNotMatch = Service %s and %s do not match
+
+[EmailErr]
+ExistedErr = Email already exists
+EmptyErr = Email cannot be empty
+EmailInvalid = Email is invalid
+EmailCheckResult = Email: %s
+EmptyParam = Empty parameters for emailForm: %v
+InvalidReceivers = Invalid Email receivers: %s
+UnableGetModifyRule = Unable to get the email modify rule.
+
+[EnforcerErr]
+SignInFirst = Please sign in first
+
+[InitErr]
+InitScoreFailed = Get init score failed, error: %%w
+
+[LdapErr]
+MultipleAccounts = Multiple accounts with same uid, please check your ldap server
+PasswordWrong = Ldap user name or password incorrect
+ServerExisted = Ldap server exist
+
+[LoginErr]
+AppDoNotExist = The application: %s does not exist
+AppNotEnableSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support
+AccountDoNotExist = The account does not exist
+InvalidUserInformation = Failed to create user, user information is invalid: %s
+LoginFirst = Please login first
+LoginFail = Failed to login in: %s
+NoPermission = You don't have the permission to do this
+OldUser = The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)
+ProviderCanNotSignUp = The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up
+SessionOutdated = Session outdated, please login again
+SignOutFirst = Please sign out first before signing in
+SignInFirst = Please sign in first
+UserDoNotExist = The user: %s/%s doesn't exist
+UserIsForbidden = The user is forbidden to sign in, please contact the administrator
+UnknownAuthentication = Unknown authentication type (not password or provider), form = %s
+UnsupportedPasswordType = unsupported password type: %s
+
+[OrgErr]
+DoNotExist = Organization does not exist
+Immutable = The %s is immutable.
+OnlyAdmin = Only admin can modify the %s.
+UnknownModifyRule = Unknown modify rule %s.
+
+[ParameterErr]
+OrgMissingErr = Parameter organization is missing
+Missing = Missing parameter
+UnknownType = Unknown type
+Wrong = Wrong parameter
+
+[PhoneErr]
+CodeNotSent = Code has not been sent yet!
+CodeTimeOut = You should verify your code in %d min!
+ExistedErr = Phone already exists
+EmptyErr = Phone cannot be empty
+InvalidReceivers = Invalid phone receivers: %s
+NumberInvalid = Phone number is invalid
+NoPrefix = %s No phone prefix
+PhoneCheckResult = Phone: %s
+UnableGetModifyRule = Unable to get the phone modify rule.
+
+[ProviderErr]
+CanNotBeUnlinked = This provider can't be unlinked
+CategoryNotSAML = provider %s's category is not SAML
+DoNotExist = the provider: %s does not exist
+InvalidProvider = Invalid captcha provider.
+LinkFirstErr = Please link first
+ProviderNotEnabled = The provider: %s is not enabled for the application
+ProviderNotSupported = The provider type: %s is not supported
+ProviderNotFound = The provider: %s is not found
+ProviderNotFoundForCategory = No provider for category: %s is found for application: %s
+
+[ResourceErr]
+NotAuthorized = You are not authorized to access this resource
+UserIsNil = User is nil for tag: /"avatar/"
+UsernameOrFilePathEmpty = Username or fullFilePath is empty: username = %s, fullFilePath = %s
+
+[SetPasswordErr]
+CanNotContainBlank = New password cannot contain blank space.
+LessThanSixCharacters = New password must have at least 6 characters
+
+[SignUpErr]
+DoNotAllowSignUp = The application does not allow to sign up new account
+SignOutFirst = Please sign out first before signing up
+
+[StorageErr]
+ObjectKeyNotAllowed = The objectKey: %s is not allowed
+
+[TokenErr]
+EmptyClientID = Empty clientId or clientSecret
+InvalidToken = Invalid token
+InvalidAppOrWrongClientSecret = Invalid application or wrong clientSecret
+InvalidClientId = Invalid client_id
+RedirectURIDoNotExist = Redirect URI: %s doesn't exist in the allowed Redirect URI list
+
+[UserErr]
+AffiliationBlankErr = Affiliation cannot be blank
+DisplayNameBlankErr = DisplayName cannot be blank
+DisplayNameInvalid = DisplayName is not valid real name
+DisplayNameCanNotBeEmpty = Display name cannot be empty
+DoNotExist = The user: %s doesn't exist
+DoNotExistInOrg = The user: %s/%s doesn't exist
+DoNotExistSignUp = the user does not exist, please sign up first
+FirstNameBlankErr = FirstName cannot be blank
+FailToImportUsers = Failed to import users
+LastNameBlankErr = LastName cannot be blank
+NameLessThanTwoCharacters = Username must have at least 2 characters
+NameStartWithADigitErr = Username cannot start with a digit
+NameIsEmailErr = Username cannot be an email address
+NameCantainWhitSpaceErr = Username cannot contain white spaces
+NameExistedErr = Username already exists
+NameEmptyErr = Empty username.
+NameTooLang = Username is too long (maximum is 39 characters).
+NameFormatErr = The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.
+PasswordLessThanSixCharacters = Password must have at least 6 characters
+InvalidInformation = Invalid information
+

i18n/languages/locale_zh.ini

@@ -0,0 +1,138 @@
+[ApplicationErr]
+AppNotFound = 应用 %%s 未找到
+AppNotFoundForUserID = 找不到该用户的应用程序 %s
+GrantTypeNotSupport = 此应用中不支持此授权类型
+HasNoProviders = 该应用无提供商
+HasNoProvidersOfType = 应用没有该类型的提供商
+InvalidID = 无效的Application ID
+
+[AuthErr]
+AuthStateWrong = 期望状态位: %s, 实际状态为: %s
+ChallengeMethodErr = Challenge 方法应该为 S256
+CanNotUnlinkUsers = 您不是全局管理员，无法取消链接其他用户
+CanNotLinkMySelf = 您无法取消链接，您不是任何应用程序的成员
+CallWebAuthnSigninBegin = 请先调用WebAuthnSigninBegin
+NotHuman = 真人验证失败
+Unauthorized = 未授权的操作
+WrongPasswordManyTimes = 输入密码错误次数已达上限，请在 %d 分 %d 秒后重试
+
+[CasErr]
+ServiceDoNotMatch = 服务 %s 与 %s 不匹配
+
+[EmailErr]
+ExistedErr = 该邮箱已存在
+EmptyErr = 邮箱不可为空
+EmailInvalid = 无效邮箱
+EmailCheckResult = Email: %s
+EmptyParam = 邮件参数为空: %v
+InvalidReceivers = 无效的邮箱接收者: %%s
+UnableGetModifyRule = 无法得到Email修改规则
+
+[EnforcerErr]
+SignInFirst = 请先登录
+
+[InitErr]
+InitScoreFailed = 初始化分数失败: %w
+
+[LdapErr]
+MultipleAccounts = 多个帐户具有相同的uid，请检查您的 ldap 服务器
+PasswordWrong = Ldap密码错误
+ServerExisted = Ldap服务器已存在
+
+[LoginErr]
+AppDoNotExist = 应用不存在: %s
+AppNotEnableSignUp = 提供商账户: %s 与用户名: %s (%s) 不存在且 不允许注册新账户, 请联系IT支持
+AccountDoNotExist = 账户不存在
+InvalidUserInformation = 创建用户失败，用户信息无效: %%s
+LoginFirst = 请先登录
+LoginFail = 无法登录: %s
+NoPermission = 您没有权限执行此操作
+OldUser = 提供商账户: %s 与用户名: %s (%s) 已经与其他账户绑定: %s (%s)
+ProviderCanNotSignUp = 提供商账户: %s 与用户名: %s (%s) 不存在且 不允许通过 %s 注册新账户, 请使用其他方式注册
+SignOutFirst = 请在登录前登出
+SessionOutdated = Session已过期，请重新登陆
+SignInFirst = 请先登出
+UserDoNotExist = 用户不存在: %s/%s
+UserIsForbidden = 该用户被禁止登陆，请联系管理员
+UnknownAuthentication = 未知的认证类型 (非密码或提供商认证), form = %s
+UnsupportedPasswordType = 不支持此密码类型
+
+[OrgErr]
+DoNotExist = 组织不存在
+Immutable = %s是不可变的
+OnlyAdmin = 只有管理员用户有此权限
+UnknownModifyRule = 未知的修改规则
+
+[ParameterErr]
+Missing = 参数丢失
+OrgMissingErr = Organization参数丢失
+UnknownType = 未知类型
+Wrong = 参数错误
+
+[PhoneErr]
+CodeNotSent = 验证码还未发送
+CodeTimeOut = 验证码过期
+ExistedErr = 该电话已存在
+EmptyErr = 电话不可为空
+InvalidReceivers = 无效的电话接收者: %s
+NumberInvalid = 无效电话
+PhoneCheckResult = 电话: %s
+UnableGetModifyRule = 无法得到电话修改规则
+NoPrefix = %s 无此电话前缀
+
+[ProviderErr]
+CanNotBeUnlinked = 该提供商不可被链接
+InvalidProvider = 无效的验证码提供商
+LinkFirstErr = 请先绑定
+ProviderNotEnabled = 提供商: %s 未被启用
+ProviderNotSupported = 不支持该类型的提供商: %s
+ProviderNotFound = 该提供商未找到: %s
+ProviderNotFoundForCategory = 该类型的提供商: %s 在应用中未找到: %s
+DoNotExist = 提供商: %s 不存在
+CategoryNotSAML = 提供商 %s类型不是SAML
+
+[ResourceErr]
+NotAuthorized = 您无权获取此资源
+UserIsNil = 用户头像标签为空
+UsernameOrFilePathEmpty = username或FilePath为空: username = %s, fullFilePath = %s
+
+[SetPasswordErr]
+CanNotContainBlank = 新密码不可以包含空客
+LessThanSixCharacters = 新密码至少为6位
+
+[SignUpErr]
+DoNotAllowSignUp = 该应用不允许注册新账户
+SignOutFirst = 请在登陆前登出
+
+[TokenErr]
+EmptyClientID = clientId或clientSecret为空
+InvalidAppOrWrongClientSecret = 无效应用或错误的clientSecret
+InvalidToken = 无效token
+InvalidClientId = 无效的ClientId
+RedirectURIDoNotExist = 重定向 URI：%s 在可列表中未找到
+
+[UserErr]
+AffiliationBlankErr = 联系方式不可为空
+DisplayNameBlankErr = 展示名称不可为空
+DisplayNameInvalid = 展示名称无效
+DisplayNameCanNotBeEmpty = 展示名称不可为空
+DoNotExist = 用户不存在: %s
+DoNotExistInOrg = 用户不存在: %s/%s
+FirstNameBlankErr = 名不可以为空
+FailToImportUsers = 导入用户失败
+LastNameBlankErr = 姓不可以为空
+NameLessThanTwoCharacters = 用户名至少要有2个字符
+NameStartWithADigitErr = 用户名禁止使用数字作为第一个字符
+NameIsEmailErr = 用户名不可以是邮箱地址
+NameCantainWhitSpaceErr = 用户名不可以包含空格
+NameExistedErr = 用户名已存在
+NameEmptyErr = 用户名不可为空
+NameTooLang = 用户名过长（最大长度为39个字符）
+NameFormatErr = 用户名只能包含字母数字字符、下划线或连字符，不能有连续的连字符或下划线，也不能以连字符或下划线开头或结尾
+PasswordLessThanSixCharacters = 密码至少为6字符
+DoNotExistSignUp = 用户不存在，请先注册
+InvalidInformation = 无效信息
+
+[StorageErr]
+ObjectKeyNotAllowed = object key :%s 不被允许
+

i18n/util.go

@@ -15,10 +15,21 @@
 package i18n
 
 import (
+	"embed"
 	"fmt"
+	"log"
 	"strings"
 
 	"github.com/casdoor/casdoor/util"
+	"gopkg.in/ini.v1"
+)
+
+//go:embed languages/*.ini
+var f embed.FS
+
+var (
+	langMapConfig  = make(map[string]*ini.File)
+	isNotFirstLoad = make(map[string]bool)
 )
 
 func getI18nFilePath(language string) string {
@@ -62,3 +73,20 @@ func applyData(data1 *I18nData, data2 *I18nData) {
 		}
 	}
 }
+
+func Translate(lang string, error string) string {
+	parts := strings.Split(error, ".")
+	if !strings.Contains(error, ".") || len(parts) != 2 {
+		log.Println("Invalid Error Name")
+		return ""
+	}
+
+	if isNotFirstLoad[lang] {
+		return langMapConfig[lang].Section(parts[0]).Key(parts[1]).String()
+	} else {
+		file, _ := f.ReadFile("languages/locale_" + lang + ".ini")
+		langMapConfig[lang], _ = ini.Load(file)
+		isNotFirstLoad[lang] = true
+		return langMapConfig[lang].Section(parts[0]).Key(parts[1]).String()
+	}
+}

object/casbin_adapter.go

@@ -22,7 +22,6 @@ import (
 	"github.com/casbin/casbin/v2/model"
 	xormadapter "github.com/casbin/xorm-adapter/v3"
 	"github.com/casdoor/casdoor/util"
-
 	"xorm.io/core"
 )
 

object/check.go

@@ -22,6 +22,7 @@ import (
 	"unicode"
 
 	"github.com/casdoor/casdoor/cred"
+	"github.com/casdoor/casdoor/i18n"
 	"github.com/casdoor/casdoor/util"
 	goldap "github.com/go-ldap/ldap/v3"
 )
@@ -41,89 +42,89 @@ func init() {
 	reFieldWhiteList, _ = regexp.Compile(`^[A-Za-z0-9]+$`)
 }
 
-func CheckUserSignup(application *Application, organization *Organization, username string, password string, displayName string, firstName string, lastName string, email string, phone string, affiliation string) string {
+func CheckUserSignup(application *Application, organization *Organization, username string, password string, displayName string, firstName string, lastName string, email string, phone string, affiliation string, lang string) string {
 	if organization == nil {
-		return "organization does not exist"
+		return i18n.Translate(lang, "OrgErr.DoNotExist")
 	}
 
 	if application.IsSignupItemVisible("Username") {
 		if len(username) <= 1 {
-			return "username must have at least 2 characters"
+			return i18n.Translate(lang, "UserErr.NameLessThanTwoCharacters")
 		}
 		if unicode.IsDigit(rune(username[0])) {
-			return "username cannot start with a digit"
+			return i18n.Translate(lang, "UserErr.NameStartWithADigitErr")
 		}
 		if util.IsEmailValid(username) {
-			return "username cannot be an email address"
+			return i18n.Translate(lang, "UserErr.NameIsEmailErr")
 		}
 		if reWhiteSpace.MatchString(username) {
-			return "username cannot contain white spaces"
+			return i18n.Translate(lang, "UserErr.NameCantainWhitSpaceErr")
 		}
-		msg := CheckUsername(username)
+		msg := CheckUsername(username, lang)
 		if msg != "" {
 			return msg
 		}
 
 		if HasUserByField(organization.Name, "name", username) {
-			return "username already exists"
+			return i18n.Translate(lang, "UserErr.NameExistedErr")
 		}
 		if HasUserByField(organization.Name, "email", email) {
-			return "email already exists"
+			return i18n.Translate(lang, "EmailErr.ExistedErr")
 		}
 		if HasUserByField(organization.Name, "phone", phone) {
-			return "phone already exists"
+			return i18n.Translate(lang, "PhoneErr.ExistedErr")
 		}
 	}
 
 	if len(password) <= 5 {
-		return "password must have at least 6 characters"
+		return i18n.Translate(lang, "UserErr.PasswordLessThanSixCharacters")
 	}
 
 	if application.IsSignupItemVisible("Email") {
 		if email == "" {
 			if application.IsSignupItemRequired("Email") {
-				return "email cannot be empty"
+				return i18n.Translate(lang, "EmailErr.EmptyErr")
 			} else {
 				return ""
 			}
 		}
 
 		if HasUserByField(organization.Name, "email", email) {
-			return "email already exists"
+			return i18n.Translate(lang, "EmailErr.ExistedErr")
 		} else if !util.IsEmailValid(email) {
-			return "email is invalid"
+			return i18n.Translate(lang, "EmailErr.EmailInvalid")
 		}
 	}
 
 	if application.IsSignupItemVisible("Phone") {
 		if phone == "" {
 			if application.IsSignupItemRequired("Phone") {
-				return "phone cannot be empty"
+				return i18n.Translate(lang, "PhoneErr.EmptyErr")
 			} else {
 				return ""
 			}
 		}
 
 		if HasUserByField(organization.Name, "phone", phone) {
-			return "phone already exists"
+			return i18n.Translate(lang, "PhoneErr.ExistedErr")
 		} else if organization.PhonePrefix == "86" && !util.IsPhoneCnValid(phone) {
-			return "phone number is invalid"
+			return i18n.Translate(lang, "PhoneErr.NumberInvalid")
 		}
 	}
 
 	if application.IsSignupItemVisible("Display name") {
 		if application.GetSignupItemRule("Display name") == "First, last" && (firstName != "" || lastName != "") {
 			if firstName == "" {
-				return "firstName cannot be blank"
+				return i18n.Translate(lang, "UserErr.FirstNameBlankErr")
 			} else if lastName == "" {
-				return "lastName cannot be blank"
+				return i18n.Translate(lang, "UserErr.LastNameBlankErr")
 			}
 		} else {
 			if displayName == "" {
-				return "displayName cannot be blank"
+				return i18n.Translate(lang, "UserErr.DisplayNameBlankErr")
 			} else if application.GetSignupItemRule("Display name") == "Real name" {
 				if !isValidRealName(displayName) {
-					return "displayName is not valid real name"
+					return i18n.Translate(lang, "UserErr.DisplayNameInvalid")
 				}
 			}
 		}
@@ -131,14 +132,14 @@ func CheckUserSignup(application *Application, organization *Organization, usern
 
 	if application.IsSignupItemVisible("Affiliation") {
 		if affiliation == "" {
-			return "affiliation cannot be blank"
+			return i18n.Translate(lang, "UserErr.AffiliationBlankErr")
 		}
 	}
 
 	return ""
 }
 
-func checkSigninErrorTimes(user *User) string {
+func checkSigninErrorTimes(user *User, lang string) string {
 	if user.SigninWrongTimes >= SigninWrongTimesLimit {
 		lastSignWrongTime, _ := time.Parse(time.RFC3339, user.LastSigninWrongTime)
 		passedTime := time.Now().UTC().Sub(lastSignWrongTime)
@@ -146,7 +147,7 @@ func checkSigninErrorTimes(user *User) string {
 
 		// deny the login if the error times is greater than the limit and the last login time is less than the duration
 		if seconds > 0 {
-			return fmt.Sprintf("You have entered the wrong password too many times, please wait for %d minutes %d seconds and try again", seconds/60, seconds%60)
+			return fmt.Sprintf(i18n.Translate(lang, "AuthErr.WrongPasswordManyTimes"), seconds/60, seconds%60)
 		}
 
 		// reset the error times
@@ -158,15 +159,15 @@ func checkSigninErrorTimes(user *User) string {
 	return ""
 }
 
-func CheckPassword(user *User, password string) string {
+func CheckPassword(user *User, password string, lang string) string {
 	// check the login error times
-	if msg := checkSigninErrorTimes(user); msg != "" {
+	if msg := checkSigninErrorTimes(user, lang); msg != "" {
 		return msg
 	}
 
 	organization := GetOrganizationByUser(user)
 	if organization == nil {
-		return "organization does not exist"
+		return i18n.Translate(lang, "OrgErr.DoNotExist")
 	}
 
 	credManager := cred.GetCredManager(organization.PasswordType)
@@ -185,11 +186,11 @@ func CheckPassword(user *User, password string) string {
 
 		return recordSigninErrorInfo(user)
 	} else {
-		return fmt.Sprintf("unsupported password type: %s", organization.PasswordType)
+		return fmt.Sprintf(i18n.Translate(lang, "LoginErr.UnsupportedPasswordType"), organization.PasswordType)
 	}
 }
 
-func checkLdapUserPassword(user *User, password string) (*User, string) {
+func checkLdapUserPassword(user *User, password string, lang string) (*User, string) {
 	ldaps := GetLdaps(user.Owner)
 	ldapLoginSuccess := false
 	for _, ldapServer := range ldaps {
@@ -209,7 +210,7 @@ func checkLdapUserPassword(user *User, password string) (*User, string) {
 		if len(searchResult.Entries) == 0 {
 			continue
 		} else if len(searchResult.Entries) > 1 {
-			return nil, "Error: multiple accounts with same uid, please check your ldap server"
+			return nil, i18n.Translate(lang, "LdapErr.MultipleAccounts")
 		}
 
 		dn := searchResult.Entries[0].DN
@@ -220,26 +221,26 @@ func checkLdapUserPassword(user *User, password string) (*User, string) {
 	}
 
 	if !ldapLoginSuccess {
-		return nil, "ldap user name or password incorrect"
+		return nil, i18n.Translate(lang, "LdapErr.PasswordWrong")
 	}
 	return user, ""
 }
 
-func CheckUserPassword(organization string, username string, password string) (*User, string) {
+func CheckUserPassword(organization string, username string, password string, lang string) (*User, string) {
 	user := GetUserByFields(organization, username)
 	if user == nil || user.IsDeleted == true {
-		return nil, "the user does not exist, please sign up first"
+		return nil, i18n.Translate(lang, "UserErr.DoNotExistSignUp")
 	}
 
 	if user.IsForbidden {
-		return nil, "the user is forbidden to sign in, please contact the administrator"
+		return nil, i18n.Translate(lang, "LoginErr.UserIsForbidden")
 	}
 
 	if user.Ldap != "" {
 		// ONLY for ldap users
-		return checkLdapUserPassword(user, password)
+		return checkLdapUserPassword(user, password, lang)
 	} else {
-		msg := CheckPassword(user, password)
+		msg := CheckPassword(user, password, lang)
 		if msg != "" {
 			return nil, msg
 		}
@@ -251,15 +252,15 @@ func filterField(field string) bool {
 	return reFieldWhiteList.MatchString(field)
 }
 
-func CheckUserPermission(requestUserId, userId, userOwner string, strict bool) (bool, error) {
+func CheckUserPermission(requestUserId, userId, userOwner string, strict bool, lang string) (bool, error) {
 	if requestUserId == "" {
-		return false, fmt.Errorf("please login first")
+		return false, fmt.Errorf(i18n.Translate(lang, "LoginErr.LoginFirst"))
 	}
 
 	if userId != "" {
 		targetUser := GetUser(userId)
 		if targetUser == nil {
-			return false, fmt.Errorf("the user: %s doesn't exist", userId)
+			return false, fmt.Errorf(i18n.Translate(lang, "UserErr.DoNotExist"), userId)
 		}
 
 		userOwner = targetUser.Owner
@@ -271,7 +272,7 @@ func CheckUserPermission(requestUserId, userId, userOwner string, strict bool) (
 	} else {
 		requestUser := GetUser(requestUserId)
 		if requestUser == nil {
-			return false, fmt.Errorf("session outdated, please login again")
+			return false, fmt.Errorf(i18n.Translate(lang, "LoginErr.SessionOutdated"))
 		}
 		if requestUser.IsGlobalAdmin {
 			hasPermission = true
@@ -286,7 +287,7 @@ func CheckUserPermission(requestUserId, userId, userOwner string, strict bool) (
 		}
 	}
 
-	return hasPermission, fmt.Errorf("you don't have the permission to do this")
+	return hasPermission, fmt.Errorf(i18n.Translate(lang, "LoginErr.NoPermission"))
 }
 
 func CheckAccessPermission(userId string, application *Application) (bool, error) {
@@ -319,11 +320,11 @@ func CheckAccessPermission(userId string, application *Application) (bool, error
 	return allowed, err
 }
 
-func CheckUsername(username string) string {
+func CheckUsername(username string, lang string) string {
 	if username == "" {
-		return "Empty username."
+		return i18n.Translate(lang, "UserErr.NameEmptyErr")
 	} else if len(username) > 39 {
-		return "Username is too long (maximum is 39 characters)."
+		return i18n.Translate(lang, "UserErr.NameTooLang")
 	}
 
 	exclude, _ := regexp.Compile("^[\u0021-\u007E]+$")
@@ -334,7 +335,7 @@ func CheckUsername(username string) string {
 	// https://stackoverflow.com/questions/58726546/github-username-convention-using-regex
 	re, _ := regexp.Compile("^[a-zA-Z0-9]+((?:-[a-zA-Z0-9]+)|(?:_[a-zA-Z0-9]+))*$")
 	if !re.MatchString(username) {
-		return "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline."
+		return i18n.Translate(lang, "UserErr.NameFormatErr")
 	}
 
 	return ""

object/ldapserver.go

@@ -62,7 +62,7 @@ func GetFilteredUsers(m *ldapserver.Message, name, org string) ([]*User, int) {
 			return nil, ldapserver.LDAPResultInsufficientAccessRights
 		}
 	} else {
-		hasPermission, err := CheckUserPermission(fmt.Sprintf("%s/%s", m.Client.OrgName, m.Client.UserName), fmt.Sprintf("%s/%s", org, name), org, true)
+		hasPermission, err := CheckUserPermission(fmt.Sprintf("%s/%s", m.Client.OrgName, m.Client.UserName), fmt.Sprintf("%s/%s", org, name), org, true, "en")
 		if !hasPermission {
 			log.Printf("ErrMsg = %v", err.Error())
 			return nil, ldapserver.LDAPResultInsufficientAccessRights

object/organization.go

@@ -18,6 +18,7 @@ import (
 	"fmt"
 
 	"github.com/casdoor/casdoor/cred"
+	"github.com/casdoor/casdoor/i18n"
 	"github.com/casdoor/casdoor/util"
 	"xorm.io/core"
 )
@@ -202,18 +203,18 @@ func GetAccountItemByName(name string, organization *Organization) *AccountItem
 	return nil
 }
 
-func CheckAccountItemModifyRule(accountItem *AccountItem, user *User) (bool, string) {
+func CheckAccountItemModifyRule(accountItem *AccountItem, user *User, lang string) (bool, string) {
 	switch accountItem.ModifyRule {
 	case "Admin":
 		if !(user.IsAdmin || user.IsGlobalAdmin) {
-			return false, fmt.Sprintf("Only admin can modify the %s.", accountItem.Name)
+			return false, fmt.Sprintf(i18n.Translate(lang, "OrgErr.OnlyAdmin"), accountItem.Name)
 		}
 	case "Immutable":
-		return false, fmt.Sprintf("The %s is immutable.", accountItem.Name)
+		return false, fmt.Sprintf(i18n.Translate(lang, "OrgErr.Immutable"), accountItem.Name)
 	case "Self":
 		break
 	default:
-		return false, fmt.Sprintf("Unknown modify rule %s.", accountItem.ModifyRule)
+		return false, fmt.Sprintf(i18n.Translate(lang, "OrgErr.UnknownModifyRule"), accountItem.ModifyRule)
 	}
 	return true, ""
 }

object/provider.go

@@ -17,6 +17,7 @@ package object
 import (
 	"fmt"
 
+	"github.com/casdoor/casdoor/i18n"
 	"github.com/casdoor/casdoor/pp"
 	"github.com/casdoor/casdoor/util"
 	"xorm.io/core"
@@ -228,7 +229,7 @@ func (p *Provider) GetId() string {
 	return fmt.Sprintf("%s/%s", p.Owner, p.Name)
 }
 
-func GetCaptchaProviderByOwnerName(applicationId string) (*Provider, error) {
+func GetCaptchaProviderByOwnerName(applicationId, lang string) (*Provider, error) {
 	owner, name := util.GetOwnerAndNameFromId(applicationId)
 	provider := Provider{Owner: owner, Name: name, Category: "Captcha"}
 	existed, err := adapter.Engine.Get(&provider)
@@ -237,26 +238,26 @@ func GetCaptchaProviderByOwnerName(applicationId string) (*Provider, error) {
 	}
 
 	if !existed {
-		return nil, fmt.Errorf("the provider: %s does not exist", applicationId)
+		return nil, fmt.Errorf(i18n.Translate(lang, "ProviderErr.DoNotExist"), applicationId)
 	}
 
 	return &provider, nil
 }
 
-func GetCaptchaProviderByApplication(applicationId, isCurrentProvider string) (*Provider, error) {
+func GetCaptchaProviderByApplication(applicationId, isCurrentProvider, lang string) (*Provider, error) {
 	if isCurrentProvider == "true" {
-		return GetCaptchaProviderByOwnerName(applicationId)
+		return GetCaptchaProviderByOwnerName(applicationId, lang)
 	}
 	application := GetApplication(applicationId)
 	if application == nil || len(application.Providers) == 0 {
-		return nil, fmt.Errorf("invalid application id")
+		return nil, fmt.Errorf(i18n.Translate(lang, "ApplicationErr.InvalidID"))
 	}
 	for _, provider := range application.Providers {
 		if provider.Provider == nil {
 			continue
 		}
 		if provider.Provider.Category == "Captcha" {
-			return GetCaptchaProviderByOwnerName(fmt.Sprintf("%s/%s", provider.Provider.Owner, provider.Provider.Name))
+			return GetCaptchaProviderByOwnerName(fmt.Sprintf("%s/%s", provider.Provider.Owner, provider.Provider.Name), lang)
 		}
 	}
 	return nil, nil

object/saml_sp.go

@@ -24,6 +24,7 @@ import (
 	"strings"
 
 	"github.com/casdoor/casdoor/conf"
+	"github.com/casdoor/casdoor/i18n"
 	saml2 "github.com/russellhaering/gosaml2"
 	dsig "github.com/russellhaering/goxmldsig"
 )
@@ -41,10 +42,10 @@ func ParseSamlResponse(samlResponse string, providerType string) (string, error)
 	return assertionInfo.NameID, nil
 }
 
-func GenerateSamlLoginUrl(id, relayState string) (string, string, error) {
+func GenerateSamlLoginUrl(id, relayState, lang string) (string, string, error) {
 	provider := GetProvider(id)
 	if provider.Category != "SAML" {
-		return "", "", fmt.Errorf("provider %s's category is not SAML", provider.Name)
+		return "", "", fmt.Errorf(i18n.Translate(lang, "ProviderErr.CategoryNotSAML"), provider.Name)
 	}
 	sp, err := buildSp(provider, "")
 	if err != nil {

object/storage.go

@@ -21,6 +21,7 @@ import (
 	"strings"
 
 	"github.com/casdoor/casdoor/conf"
+	"github.com/casdoor/casdoor/i18n"
 	"github.com/casdoor/casdoor/storage"
 	"github.com/casdoor/casdoor/util"
 )
@@ -126,16 +127,16 @@ func UploadFileSafe(provider *Provider, fullFilePath string, fileBuffer *bytes.B
 	return fileUrl, objectKey, nil
 }
 
-func DeleteFile(provider *Provider, objectKey string) error {
+func DeleteFile(provider *Provider, objectKey string, lang string) error {
 	// check fullFilePath is there security issue
 	if strings.Contains(objectKey, "..") {
-		return fmt.Errorf("the objectKey: %s is not allowed", objectKey)
+		return fmt.Errorf(i18n.Translate(lang, "StorageErr.ObjectKeyNotAllowed"), objectKey)
 	}
 
 	endpoint := getProviderEndpoint(provider)
 	storageProvider := storage.GetStorageProvider(provider.Type, provider.ClientId, provider.ClientSecret, provider.RegionId, provider.Bucket, endpoint)
 	if storageProvider == nil {
-		return fmt.Errorf("the provider type: %s is not supported", provider.Type)
+		return fmt.Errorf(i18n.Translate(lang, "ProviderErr.ProviderNotSupported"), provider.Type)
 	}
 
 	if provider.Domain == "" {

object/token.go

@@ -21,6 +21,7 @@ import (
 	"strings"
 	"time"
 
+	"github.com/casdoor/casdoor/i18n"
 	"github.com/casdoor/casdoor/idp"
 	"github.com/casdoor/casdoor/util"
 	"xorm.io/core"
@@ -238,14 +239,14 @@ func GetTokenByTokenAndApplication(token string, application string) *Token {
 	return &tokenResult
 }
 
-func CheckOAuthLogin(clientId string, responseType string, redirectUri string, scope string, state string) (string, *Application) {
+func CheckOAuthLogin(clientId string, responseType string, redirectUri string, scope string, state string, lang string) (string, *Application) {
 	if responseType != "code" && responseType != "token" && responseType != "id_token" {
-		return fmt.Sprintf("error: grant_type: %s is not supported in this application", responseType), nil
+		return fmt.Sprintf(i18n.Translate(lang, "ApplicationErr.GrantTypeNotSupport"), responseType), nil
 	}
 
 	application := GetApplicationByClientId(clientId)
 	if application == nil {
-		return "Invalid client_id", nil
+		return i18n.Translate(lang, "TokenErr.InvalidClientId"), nil
 	}
 
 	validUri := false
@@ -256,7 +257,7 @@ func CheckOAuthLogin(clientId string, responseType string, redirectUri string, s
 		}
 	}
 	if !validUri {
-		return fmt.Sprintf("Redirect URI: \"%s\" doesn't exist in the allowed Redirect URI list", redirectUri), application
+		return fmt.Sprintf(i18n.Translate(lang, "TokenErr.RedirectURIDoNotExist"), redirectUri), application
 	}
 
 	// Mask application for /api/get-app-login
@@ -264,7 +265,7 @@ func CheckOAuthLogin(clientId string, responseType string, redirectUri string, s
 	return "", application
 }
 
-func GetOAuthCode(userId string, clientId string, responseType string, redirectUri string, scope string, state string, nonce string, challenge string, host string) *Code {
+func GetOAuthCode(userId string, clientId string, responseType string, redirectUri string, scope string, state string, nonce string, challenge string, host string, lang string) *Code {
 	user := GetUser(userId)
 	if user == nil {
 		return &Code{
@@ -279,7 +280,7 @@ func GetOAuthCode(userId string, clientId string, responseType string, redirectU
 		}
 	}
 
-	msg, application := CheckOAuthLogin(clientId, responseType, redirectUri, scope, state)
+	msg, application := CheckOAuthLogin(clientId, responseType, redirectUri, scope, state, lang)
 	if msg != "" {
 		return &Code{
 			Message: msg,
@@ -322,7 +323,7 @@ func GetOAuthCode(userId string, clientId string, responseType string, redirectU
 	}
 }
 
-func GetOAuthToken(grantType string, clientId string, clientSecret string, code string, verifier string, scope string, username string, password string, host string, tag string, avatar string) interface{} {
+func GetOAuthToken(grantType string, clientId string, clientSecret string, code string, verifier string, scope string, username string, password string, host string, tag string, avatar string, lang string) interface{} {
 	application := GetApplicationByClientId(clientId)
 	if application == nil {
 		return &TokenError{
@@ -353,7 +354,7 @@ func GetOAuthToken(grantType string, clientId string, clientSecret string, code
 
 	if tag == "wechat_miniprogram" {
 		// Wechat Mini Program
-		token, tokenError = GetWechatMiniProgramToken(application, code, host, username, avatar)
+		token, tokenError = GetWechatMiniProgramToken(application, code, host, username, avatar, lang)
 	}
 
 	if tokenError != nil {
@@ -559,7 +560,7 @@ func GetPasswordToken(application *Application, username string, password string
 			ErrorDescription: "the user does not exist",
 		}
 	}
-	msg := CheckPassword(user, password)
+	msg := CheckPassword(user, password, "en")
 	if msg != "" {
 		return nil, &TokenError{
 			Error:            InvalidGrant,
@@ -669,7 +670,7 @@ func GetTokenByUser(application *Application, user *User, scope string, host str
 
 // GetWechatMiniProgramToken
 // Wechat Mini Program flow
-func GetWechatMiniProgramToken(application *Application, code string, host string, username string, avatar string) (*Token, *TokenError) {
+func GetWechatMiniProgramToken(application *Application, code string, host string, username string, avatar string, lang string) (*Token, *TokenError) {
 	mpProvider := GetWechatMiniProgramProvider(application)
 	if mpProvider == nil {
 		return nil, &TokenError{
@@ -703,7 +704,7 @@ func GetWechatMiniProgramToken(application *Application, code string, host strin
 		}
 		// Add new user
 		var name string
-		if CheckUsername(username) == "" {
+		if CheckUsername(username, lang) == "" {
 			name = username
 		} else {
 			name = fmt.Sprintf("wechat-%s", openId)

object/verification.go

@@ -21,6 +21,7 @@ import (
 	"time"
 
 	"github.com/casdoor/casdoor/conf"
+	"github.com/casdoor/casdoor/i18n"
 	"github.com/casdoor/casdoor/util"
 	"xorm.io/core"
 )
@@ -122,11 +123,11 @@ func getVerificationRecord(dest string) *VerificationRecord {
 	return &record
 }
 
-func CheckVerificationCode(dest, code string) string {
+func CheckVerificationCode(dest, code, lang string) string {
 	record := getVerificationRecord(dest)
 
 	if record == nil {
-		return "Code has not been sent yet!"
+		return i18n.Translate(lang, "PhoneErr.CodeNotSent")
 	}
 
 	timeout, err := conf.GetConfigInt64("verificationCodeTimeout")
@@ -136,7 +137,7 @@ func CheckVerificationCode(dest, code string) string {
 
 	now := time.Now().Unix()
 	if now-record.Time > timeout*60 {
-		return fmt.Sprintf("You should verify your code in %d min!", timeout)
+		return fmt.Sprintf(i18n.Translate(lang, "PhoneErr.CodeTimeOut"), timeout)
 	}
 
 	if record.Code != code {

routers/auto_signin_filter.go

@@ -62,7 +62,7 @@ func AutoSigninFilter(ctx *context.Context) {
 	password := ctx.Input.Query("password")
 	if userId != "" && password != "" && ctx.Input.Query("grant_type") == "" {
 		owner, name := util.GetOwnerAndNameFromId(userId)
-		_, msg := object.CheckUserPassword(owner, name, password)
+		_, msg := object.CheckUserPassword(owner, name, password, "en")
 		if msg != "" {
 			responseError(ctx, msg)
 			return

web/src/Setting.js

@@ -559,6 +559,10 @@ export function changeLanguage(language) {
   // window.location.reload(true);
 }
 
+export function getAcceptLanguage() {
+  return i18next.language + ";q=0.9,en;q=0.8";
+}
+
 export function changeMomentLanguage(language) {
   // if (language === "zh") {
   //   moment.locale("zh", {

web/src/auth/AuthBackend.js

@@ -13,11 +13,15 @@
 // limitations under the License.
 
 import {authConfig} from "./Auth";
+import * as Setting from "../Setting";
 
 export function getAccount(query) {
   return fetch(`${authConfig.serverUrl}/api/get-account${query}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -26,6 +30,9 @@ export function signup(values) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(values),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -34,6 +41,9 @@ export function getEmailAndPhone(values) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(values),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then((res) => res.json());
 }
 
@@ -51,6 +61,9 @@ export function getApplicationLogin(oAuthParams) {
   return fetch(`${authConfig.serverUrl}/api/get-app-login${oAuthParamsToQuery(oAuthParams)}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -59,6 +72,9 @@ export function login(values, oAuthParams) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(values),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -67,6 +83,9 @@ export function loginCas(values, params) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(values),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -74,6 +93,9 @@ export function logout() {
   return fetch(`${authConfig.serverUrl}/api/logout`, {
     method: "POST",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -82,6 +104,9 @@ export function unlink(values) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(values),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -89,6 +114,9 @@ export function getSamlLogin(providerId, relayState) {
   return fetch(`${authConfig.serverUrl}/api/get-saml-login?id=${providerId}&relayState=${relayState}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -97,5 +125,8 @@ export function loginWithSaml(values, param) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(values),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }

web/src/backend/AdapterBackend.js

@@ -18,6 +18,9 @@ export function getAdapters(owner, page = "", pageSize = "", field = "", value =
   return fetch(`${Setting.ServerUrl}/api/get-adapters?owner=${owner}&p=${page}&pageSize=${pageSize}&field=${field}&value=${value}&sortField=${sortField}&sortOrder=${sortOrder}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -25,6 +28,9 @@ export function getAdapter(owner, name) {
   return fetch(`${Setting.ServerUrl}/api/get-adapter?id=${owner}/${encodeURIComponent(name)}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -34,6 +40,9 @@ export function updateAdapter(owner, name, Adapter) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newAdapter),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -43,6 +52,9 @@ export function addAdapter(Adapter) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newAdapter),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -52,6 +64,9 @@ export function deleteAdapter(Adapter) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newAdapter),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -59,5 +74,8 @@ export function syncPolicies(owner, name) {
   return fetch(`${Setting.ServerUrl}/api/sync-policies?id=${owner}/${encodeURIComponent(name)}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }

web/src/backend/ApplicationBackend.js

@@ -18,6 +18,9 @@ export function getApplications(owner, page = "", pageSize = "", field = "", val
   return fetch(`${Setting.ServerUrl}/api/get-applications?owner=${owner}&p=${page}&pageSize=${pageSize}&field=${field}&value=${value}&sortField=${sortField}&sortOrder=${sortOrder}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -25,6 +28,9 @@ export function getApplicationsByOrganization(owner, organization) {
   return fetch(`${Setting.ServerUrl}/api/get-organization-applications?owner=${owner}&organization=${organization}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -32,6 +38,9 @@ export function getApplication(owner, name) {
   return fetch(`${Setting.ServerUrl}/api/get-application?id=${owner}/${encodeURIComponent(name)}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -39,6 +48,9 @@ export function getUserApplication(owner, name) {
   return fetch(`${Setting.ServerUrl}/api/get-user-application?id=${owner}/${encodeURIComponent(name)}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -48,6 +60,9 @@ export function updateApplication(owner, name, application) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newApplication),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -58,6 +73,9 @@ export function addApplication(application) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newApplication),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -67,6 +85,9 @@ export function deleteApplication(application) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newApplication),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -74,5 +95,8 @@ export function getSamlMetadata(owner, name) {
   return fetch(`${Setting.ServerUrl}/api/saml/metadata?application=${owner}/${encodeURIComponent(name)}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.text());
 }

web/src/backend/CertBackend.js

@@ -18,6 +18,9 @@ export function getCerts(owner, page = "", pageSize = "", field = "", value = ""
   return fetch(`${Setting.ServerUrl}/api/get-certs?owner=${owner}&p=${page}&pageSize=${pageSize}&field=${field}&value=${value}&sortField=${sortField}&sortOrder=${sortOrder}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -25,6 +28,9 @@ export function getCert(owner, name) {
   return fetch(`${Setting.ServerUrl}/api/get-cert?id=${owner}/${encodeURIComponent(name)}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -34,6 +40,9 @@ export function updateCert(owner, name, cert) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newCert),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -43,6 +52,9 @@ export function addCert(cert) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newCert),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -52,5 +64,8 @@ export function deleteCert(cert) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newCert),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }

web/src/backend/LdapBackend.js

@@ -18,6 +18,9 @@ export function getLdaps(owner) {
   return fetch(`${Setting.ServerUrl}/api/get-ldaps?owner=${owner}`, {
     method: "POST",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -25,6 +28,9 @@ export function getLdap(id) {
   return fetch(`${Setting.ServerUrl}/api/get-ldap?id=${id}`, {
     method: "POST",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -33,6 +39,9 @@ export function addLdap(body) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(body),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -41,6 +50,9 @@ export function deleteLdap(body) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(body),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -49,6 +61,9 @@ export function updateLdap(body) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(body),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -57,6 +72,9 @@ export function getLdapUser(body) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(body),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -65,6 +83,9 @@ export function syncUsers(owner, ldapId, body) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(body),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -73,5 +94,8 @@ export function checkLdapUsersExist(owner, body) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(body),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }

web/src/backend/ModelBackend.js

@@ -18,6 +18,9 @@ export function getModels(owner, page = "", pageSize = "", field = "", value = "
   return fetch(`${Setting.ServerUrl}/api/get-models?owner=${owner}&p=${page}&pageSize=${pageSize}&field=${field}&value=${value}&sortField=${sortField}&sortOrder=${sortOrder}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -25,6 +28,9 @@ export function getModel(owner, name) {
   return fetch(`${Setting.ServerUrl}/api/get-model?id=${owner}/${encodeURIComponent(name)}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -34,6 +40,9 @@ export function updateModel(owner, name, model) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newModel),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -43,6 +52,9 @@ export function addModel(model) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newModel),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -52,5 +64,8 @@ export function deleteModel(model) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newModel),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }

web/src/backend/OrganizationBackend.js

@@ -18,6 +18,9 @@ export function getOrganizations(owner, page = "", pageSize = "", field = "", va
   return fetch(`${Setting.ServerUrl}/api/get-organizations?owner=${owner}&p=${page}&pageSize=${pageSize}&field=${field}&value=${value}&sortField=${sortField}&sortOrder=${sortOrder}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -25,6 +28,9 @@ export function getOrganization(owner, name) {
   return fetch(`${Setting.ServerUrl}/api/get-organization?id=${owner}/${encodeURIComponent(name)}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -34,6 +40,9 @@ export function updateOrganization(owner, name, organization) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newOrganization),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -43,6 +52,9 @@ export function addOrganization(organization) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newOrganization),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -52,6 +64,9 @@ export function deleteOrganization(organization) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newOrganization),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -59,5 +74,8 @@ export function getDefaultApplication(owner, name) {
   return fetch(`${Setting.ServerUrl}/api/get-default-application?id=${owner}/${encodeURIComponent(name)}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }

web/src/backend/PaymentBackend.js

@@ -18,6 +18,9 @@ export function getPayments(owner, page = "", pageSize = "", field = "", value =
   return fetch(`${Setting.ServerUrl}/api/get-payments?owner=${owner}&p=${page}&pageSize=${pageSize}&field=${field}&value=${value}&sortField=${sortField}&sortOrder=${sortOrder}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -25,6 +28,9 @@ export function getPayment(owner, name) {
   return fetch(`${Setting.ServerUrl}/api/get-payment?id=${owner}/${encodeURIComponent(name)}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -34,6 +40,9 @@ export function updatePayment(owner, name, payment) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newPayment),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -43,6 +52,9 @@ export function addPayment(payment) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newPayment),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -52,6 +64,9 @@ export function deletePayment(payment) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newPayment),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -59,5 +74,8 @@ export function invoicePayment(owner, name) {
   return fetch(`${Setting.ServerUrl}/api/invoice-payment?id=${owner}/${encodeURIComponent(name)}`, {
     method: "POST",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }

web/src/backend/PermissionBackend.js

@@ -18,6 +18,9 @@ export function getPermissions(owner, page = "", pageSize = "", field = "", valu
   return fetch(`${Setting.ServerUrl}/api/get-permissions?owner=${owner}&p=${page}&pageSize=${pageSize}&field=${field}&value=${value}&sortField=${sortField}&sortOrder=${sortOrder}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -25,6 +28,9 @@ export function getPermissionsBySubmitter() {
   return fetch(`${Setting.ServerUrl}/api/get-permissions-by-submitter`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -32,6 +38,9 @@ export function getPermission(owner, name) {
   return fetch(`${Setting.ServerUrl}/api/get-permission?id=${owner}/${encodeURIComponent(name)}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -41,6 +50,9 @@ export function updatePermission(owner, name, permission) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newPermission),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -50,6 +62,9 @@ export function addPermission(permission) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newPermission),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -59,5 +74,8 @@ export function deletePermission(permission) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newPermission),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }

web/src/backend/ProductBackend.js

@@ -18,6 +18,9 @@ export function getProducts(owner, page = "", pageSize = "", field = "", value =
   return fetch(`${Setting.ServerUrl}/api/get-products?owner=${owner}&p=${page}&pageSize=${pageSize}&field=${field}&value=${value}&sortField=${sortField}&sortOrder=${sortOrder}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -25,6 +28,9 @@ export function getProduct(owner, name) {
   return fetch(`${Setting.ServerUrl}/api/get-product?id=${owner}/${encodeURIComponent(name)}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -34,6 +40,9 @@ export function updateProduct(owner, name, product) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newProduct),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -43,6 +52,9 @@ export function addProduct(product) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newProduct),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -52,6 +64,9 @@ export function deleteProduct(product) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newProduct),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -59,5 +74,8 @@ export function buyProduct(owner, name, providerId) {
   return fetch(`${Setting.ServerUrl}/api/buy-product?id=${owner}/${encodeURIComponent(name)}&providerName=${providerId}`, {
     method: "POST",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }

web/src/backend/ProviderBackend.js

@@ -18,6 +18,9 @@ export function getProviders(owner, page = "", pageSize = "", field = "", value
   return fetch(`${Setting.ServerUrl}/api/get-providers?owner=${owner}&p=${page}&pageSize=${pageSize}&field=${field}&value=${value}&sortField=${sortField}&sortOrder=${sortOrder}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -25,6 +28,9 @@ export function getProvider(owner, name) {
   return fetch(`${Setting.ServerUrl}/api/get-provider?id=${owner}/${encodeURIComponent(name)}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -34,6 +40,9 @@ export function updateProvider(owner, name, provider) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newProvider),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -43,6 +52,9 @@ export function addProvider(provider) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newProvider),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -52,5 +64,8 @@ export function deleteProvider(provider) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newProvider),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }

web/src/backend/RecordBackend.js

@@ -18,5 +18,8 @@ export function getRecords(page, pageSize, field = "", value = "", sortField = "
   return fetch(`${Setting.ServerUrl}/api/get-records?pageSize=${pageSize}&p=${page}&field=${field}&value=${value}&sortField=${sortField}&sortOrder=${sortOrder}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }

web/src/backend/ResourceBackend.js

@@ -18,6 +18,9 @@ export function getResources(owner, user, page = "", pageSize = "", field = "",
   return fetch(`${Setting.ServerUrl}/api/get-resources?owner=${owner}&user=${user}&p=${page}&pageSize=${pageSize}&field=${field}&value=${value}&sortField=${sortField}&sortOrder=${sortOrder}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -25,6 +28,9 @@ export function getResource(owner, name) {
   return fetch(`${Setting.ServerUrl}/api/get-resource?id=${owner}/${encodeURIComponent(name)}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -34,6 +40,9 @@ export function updateResource(owner, name, resource) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newResource),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -43,6 +52,9 @@ export function addResource(resource) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newResource),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -52,6 +64,9 @@ export function deleteResource(resource, provider = "") {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newResource),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -63,5 +78,8 @@ export function uploadResource(owner, user, tag, parent, fullFilePath, file, pro
     body: formData,
     method: "POST",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }

web/src/backend/RoleBackend.js

@@ -18,6 +18,9 @@ export function getRoles(owner, page = "", pageSize = "", field = "", value = ""
   return fetch(`${Setting.ServerUrl}/api/get-roles?owner=${owner}&p=${page}&pageSize=${pageSize}&field=${field}&value=${value}&sortField=${sortField}&sortOrder=${sortOrder}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -25,6 +28,9 @@ export function getRole(owner, name) {
   return fetch(`${Setting.ServerUrl}/api/get-role?id=${owner}/${encodeURIComponent(name)}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -34,6 +40,9 @@ export function updateRole(owner, name, role) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newRole),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -43,6 +52,9 @@ export function addRole(role) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newRole),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -52,5 +64,8 @@ export function deleteRole(role) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newRole),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }

web/src/backend/SyncerBackend.js

@@ -18,6 +18,9 @@ export function getSyncers(owner, page = "", pageSize = "", field = "", value =
   return fetch(`${Setting.ServerUrl}/api/get-syncers?owner=${owner}&p=${page}&pageSize=${pageSize}&field=${field}&value=${value}&sortField=${sortField}&sortOrder=${sortOrder}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -25,6 +28,9 @@ export function getSyncer(owner, name) {
   return fetch(`${Setting.ServerUrl}/api/get-syncer?id=${owner}/${encodeURIComponent(name)}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -34,6 +40,9 @@ export function updateSyncer(owner, name, syncer) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newSyncer),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -43,6 +52,9 @@ export function addSyncer(syncer) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newSyncer),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -52,6 +64,9 @@ export function deleteSyncer(syncer) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newSyncer),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -59,5 +74,8 @@ export function runSyncer(owner, name) {
   return fetch(`${Setting.ServerUrl}/api/run-syncer?id=${owner}/${encodeURIComponent(name)}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }

web/src/backend/SystemInfo.js

@@ -18,6 +18,9 @@ export function getSystemInfo(owner, name) {
   return fetch(`${Setting.ServerUrl}/api/get-system-info?id=${owner}/${encodeURIComponent(name)}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -25,5 +28,8 @@ export function getGitHubLatestReleaseVersion() {
   return fetch(`${Setting.ServerUrl}/api/get-release`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }

web/src/backend/TokenBackend.js

@@ -18,6 +18,9 @@ export function getTokens(owner, page = "", pageSize = "", field = "", value = "
   return fetch(`${Setting.ServerUrl}/api/get-tokens?owner=${owner}&p=${page}&pageSize=${pageSize}&field=${field}&value=${value}&sortField=${sortField}&sortOrder=${sortOrder}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -25,6 +28,9 @@ export function getToken(owner, name) {
   return fetch(`${Setting.ServerUrl}/api/get-token?id=${owner}/${encodeURIComponent(name)}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -34,6 +40,9 @@ export function updateToken(owner, name, token) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newToken),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -43,6 +52,9 @@ export function addToken(token) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newToken),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -52,5 +64,8 @@ export function deleteToken(token) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newToken),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }

web/src/backend/UserBackend.js

@@ -19,6 +19,9 @@ export function getGlobalUsers(page, pageSize, field = "", value = "", sortField
   return fetch(`${Setting.ServerUrl}/api/get-global-users?p=${page}&pageSize=${pageSize}&field=${field}&value=${value}&sortField=${sortField}&sortOrder=${sortOrder}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -26,6 +29,9 @@ export function getUsers(owner, page = "", pageSize = "", field = "", value = ""
   return fetch(`${Setting.ServerUrl}/api/get-users?owner=${owner}&p=${page}&pageSize=${pageSize}&field=${field}&value=${value}&sortField=${sortField}&sortOrder=${sortOrder}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -33,6 +39,9 @@ export function getUser(owner, name) {
   return fetch(`${Setting.ServerUrl}/api/get-user?id=${owner}/${encodeURIComponent(name)}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -42,6 +51,9 @@ export function updateUser(owner, name, user) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newUser),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -51,6 +63,9 @@ export function addUser(user) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newUser),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -60,6 +75,9 @@ export function deleteUser(user) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newUser),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -85,6 +103,9 @@ export function setPassword(userOwner, userName, oldPassword, newPassword) {
     method: "POST",
     credentials: "include",
     body: formData,
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -101,6 +122,9 @@ export function sendCode(checkType, checkId, checkKey, dest, type, applicationId
     method: "POST",
     credentials: "include",
     body: formData,
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json()).then(res => {
     if (res.status === "ok") {
       Setting.showMessage("success", i18next.t("user:Code Sent"));
@@ -121,6 +145,9 @@ export function verifyCaptcha(captchaType, captchaToken, clientSecret) {
     method: "POST",
     credentials: "include",
     body: formData,
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json()).then(res => {
     if (res.status === "ok") {
       if (res.data) {
@@ -145,11 +172,17 @@ export function resetEmailOrPhone(dest, type, code) {
     method: "POST",
     credentials: "include",
     body: formData,
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
 export function getCaptcha(owner, name, isCurrentProvider) {
   return fetch(`${Setting.ServerUrl}/api/get-captcha?applicationId=${owner}/${encodeURIComponent(name)}&isCurrentProvider=${isCurrentProvider}`, {
     method: "GET",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json()).then(res => res.data);
 }

web/src/backend/UserWebauthnBackend.js

@@ -18,6 +18,9 @@ export function registerWebauthnCredential() {
   return fetch(`${Setting.ServerUrl}/api/webauthn/signup/begin`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   })
     .then(res => res.json())
     .then((credentialCreationOptions) => {
@@ -62,6 +65,9 @@ export function deleteUserWebAuthnCredential(credentialID) {
     credentials: "include",
     body: form,
     dataType: "text",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 

web/src/backend/WebhookBackend.js

@@ -18,6 +18,9 @@ export function getWebhooks(owner, page = "", pageSize = "", field = "", value =
   return fetch(`${Setting.ServerUrl}/api/get-webhooks?owner=${owner}&p=${page}&pageSize=${pageSize}&field=${field}&value=${value}&sortField=${sortField}&sortOrder=${sortOrder}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -25,6 +28,9 @@ export function getWebhook(owner, name) {
   return fetch(`${Setting.ServerUrl}/api/get-webhook?id=${owner}/${encodeURIComponent(name)}`, {
     method: "GET",
     credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -34,6 +40,9 @@ export function updateWebhook(owner, name, webhook) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newWebhook),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -43,6 +52,9 @@ export function addWebhook(webhook) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newWebhook),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }
 
@@ -52,5 +64,8 @@ export function deleteWebhook(webhook) {
     method: "POST",
     credentials: "include",
     body: JSON.stringify(newWebhook),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
   }).then(res => res.json());
 }