Merge pull request #7 from nodece/feat_application

feat: add application module
Merge pull request #6 from nodece/improve_user_style
2025-07-09 17:33:45 +08:00 · 2020-11-24 14:48:25 +00:00 · 2020-11-24 14:04:29 +00:00 · 2020-11-23 23:50:59 +08:00 · 2020-11-23 22:10:11 +08:00 · 2020-11-12 00:09:18 +08:00
642 changed files with 14322 additions and 156476 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -1 +0,0 @@
-web/node_modules/
--- a/.env.template
+++ b/.env.template
@ -0,0 +1,2 @@
+HTTP_PORT=:7000
+DB_DATABASE_SOURCE=root:123@tcp(localhost:3306)/casdoor
--- a/.gitattributes
+++ b/.gitattributes
@ -1,5 +0,0 @@
-*.go linguist-detectable=true
-*.js linguist-detectable=false
-# Declare files that will always have LF line endings on checkout.
-# Git will always convert line endings to LF on checkout. You should use this for files that must keep LF endings, even on Windows.
-*.sh text eol=lf
--- a/.github/semantic.yml
+++ b/.github/semantic.yml
@ -1,12 +0,0 @@
-# Always validate the PR title AND all the commits
-titleAndCommits: true
-# Require at least one commit to be valid
-# this is only relevant when using commitsOnly: true or titleAndCommits: true,
-# which validate all commits by default
-anyCommit: true
-# Allow use of Merge commits (eg on github: "Merge branch 'master' into feature/ride-unicorns")
-# this is only relevant when using commitsOnly: true (or titleAndCommits: true)
-allowMergeCommits: false
-# Allow use of Revert commits (eg on github: "Revert "feat: ride unicorns"")
-# this is only relevant when using commitsOnly: true (or titleAndCommits: true)
-allowRevertCommits: false
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -1,239 +0,0 @@
-name: Build
-
-on: [ push, pull_request ]
-
-jobs:
-
-  go-tests:
-    name: Running Go tests
-    runs-on: ubuntu-latest
-    services:
-      mysql:
-        image: mysql:5.7
-        env:
-          MYSQL_DATABASE: casdoor
-          MYSQL_ROOT_PASSWORD: 123456
-        ports:
-          - 3306:3306
-        options: --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=3
-    steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-go@v4
-        with:
-          go-version: '^1.16.5'
-          cache-dependency-path: ./go.mod
-      - name: Tests
-        run: |
-          go test -v $(go list ./...) -tags skipCi
-        working-directory: ./
-
-  frontend:
-    name: Front-end
-    runs-on: ubuntu-latest
-    needs: [ go-tests ]
-    steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
-        with:
-          node-version: 20
-          cache: 'yarn'
-          cache-dependency-path: ./web/yarn.lock
-      - run: yarn install && CI=false yarn run build
-        working-directory: ./web
-
-  backend:
-    name: Back-end
-    runs-on: ubuntu-latest
-    needs: [ go-tests ]
-    steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-go@v4
-        with:
-          go-version: '^1.16.5'
-          cache-dependency-path: ./go.mod
-      - run: go version
-      - name: Build
-        run: |
-          go build -race -ldflags "-extldflags '-static'"
-        working-directory: ./
-
-  linter:
-    name: Go-Linter
-    runs-on: ubuntu-latest
-    needs: [ go-tests ]
-    steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-go@v4
-        with:
-          go-version: '^1.16.5'
-          cache: false
-
-      # gen a dummy config file
-      - run: touch dummy.yml
-
-      - name: golangci-lint
-        uses: golangci/golangci-lint-action@v3
-        with:
-          version: latest
-          args: --disable-all -c dummy.yml -E=gofumpt --max-same-issues=0 --timeout 5m --modules-download-mode=mod
-
-  e2e:
-    name: e2e-test
-    runs-on: ubuntu-latest
-    needs: [ go-tests ]
-    services:
-      mysql:
-        image: mysql:5.7
-        env:
-          MYSQL_DATABASE: casdoor
-          MYSQL_ROOT_PASSWORD: 123456
-        ports:
-          - 3306:3306
-        options: --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=3
-    steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-go@v4
-        with:
-          go-version: '^1.16.5'
-          cache-dependency-path: ./go.mod
-      - name: start backend
-        run: nohup go run ./main.go &
-        working-directory: ./
-      - uses: actions/setup-node@v3
-        with:
-          node-version: 20
-          cache: 'yarn'
-          cache-dependency-path: ./web/yarn.lock
-      - run: yarn install
-        working-directory: ./web
-      - uses: cypress-io/github-action@v5
-        with:
-          browser: chrome
-          start: yarn start
-          wait-on: 'http://localhost:7001'
-          wait-on-timeout: 210
-          working-directory: ./web
-
-      - uses: actions/upload-artifact@v3
-        if: failure()
-        with:
-          name: cypress-screenshots
-          path: ./web/cypress/screenshots
-      - uses: actions/upload-artifact@v3
-        if: always()
-        with:
-          name: cypress-videos
-          path: ./web/cypress/videos
-
-  release-and-push:
-    name: Release And Push
-    runs-on: ubuntu-latest
-    if: github.repository == 'casdoor/casdoor' && github.event_name == 'push'
-    needs: [ frontend, backend, linter, e2e ]
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-        with:
-          fetch-depth: -1
-      - name: Setup Node.js
-        uses: actions/setup-node@v3
-        with:
-          node-version: 20
-
-      - name: Fetch Previous version
-        id: get-previous-tag
-        uses: actions-ecosystem/action-get-latest-tag@v1.6.0
-
-      - name: Release
-        run: yarn global add semantic-release@17.4.4 && semantic-release
-        env:
-          GH_TOKEN: ${{ secrets.GH_BOT_TOKEN }}
-
-      - name: Fetch Current version
-        id: get-current-tag
-        uses: actions-ecosystem/action-get-latest-tag@v1.6.0
-
-      - name: Decide Should_Push Or Not
-        id: should_push
-        run: |
-          old_version=${{steps.get-previous-tag.outputs.tag}}
-          new_version=${{steps.get-current-tag.outputs.tag }}
-
-          old_array=(${old_version//\./ })
-          new_array=(${new_version//\./ })
-
-          if [ ${old_array[0]} != ${new_array[0]} ]
-          then 
-              echo ::set-output name=push::'true'
-          elif [ ${old_array[1]} != ${new_array[1]} ]
-          then 
-              echo ::set-output name=push::'true'
-          else
-              echo ::set-output name=push::'false'
-          fi
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
-
-      - name: Set up buildx
-        id: buildx
-        uses: docker/setup-buildx-action@v2
-        with:
-          version: latest
-
-      - name: Log in to Docker Hub
-        uses: docker/login-action@v1
-        if: github.repository == 'casdoor/casdoor' && github.event_name == 'push' && steps.should_push.outputs.push=='true'
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_PASSWORD }}
-
-      - name: Push to Docker Hub
-        uses: docker/build-push-action@v3
-        if: github.repository == 'casdoor/casdoor' && github.event_name == 'push' && steps.should_push.outputs.push=='true'
-        with:
-          context: .
-          target: STANDARD
-          platforms: linux/amd64,linux/arm64
-          push: true
-          tags: casbin/casdoor:${{steps.get-current-tag.outputs.tag }},casbin/casdoor:latest
-
-      - name: Push All In One Version to Docker Hub
-        uses: docker/build-push-action@v3
-        if: github.repository == 'casdoor/casdoor' && github.event_name == 'push' && steps.should_push.outputs.push=='true'
-        with:
-          context: .
-          target: ALLINONE
-          platforms: linux/amd64,linux/arm64
-          push: true
-          tags: casbin/casdoor-all-in-one:${{steps.get-current-tag.outputs.tag }},casbin/casdoor-all-in-one:latest
-
-      - uses: actions/checkout@v3
-        if: steps.should_push.outputs.push=='true'
-        with:
-          repository: casdoor/casdoor-helm
-          ref: 'master'
-          token: ${{ secrets.GH_BOT_TOKEN }}
-
-      - name: Update Helm Chart
-        if: steps.should_push.outputs.push=='true'
-        run: |
-          # Set the appVersion and version of the chart to the current tag
-          sed -i "s/appVersion: .*/appVersion: ${{steps.get-current-tag.outputs.tag }}/g" ./charts/casdoor/Chart.yaml
-          sed -i "s/version: .*/version: ${{steps.get-current-tag.outputs.tag }}/g" ./charts/casdoor/Chart.yaml
-
-          REGISTRY=oci://registry-1.docker.io/casbin
-          cd charts/casdoor
-          helm package .
-          PKG_NAME=$(ls *.tgz)
-          helm repo index . --url $REGISTRY --merge index.yaml
-          helm push $PKG_NAME $REGISTRY
-          rm $PKG_NAME
-
-          # Commit and push the changes back to the repository
-          git config --global user.name "casbin-bot"
-          git config --global user.email "bot@casbin.org"
-          git add Chart.yaml index.yaml
-          git commit -m "chore(helm): bump helm charts appVersion to ${{steps.get-current-tag.outputs.tag }}"
-          git tag ${{steps.get-current-tag.outputs.tag }}
-          git push origin HEAD:master --follow-tags
--- a/.github/workflows/sync.yml
+++ b/.github/workflows/sync.yml
@ -1,56 +0,0 @@
-name: Crowdin Action
-
-on:
-  push:
-    branches: [ master ]
-
-jobs:
-  synchronize-with-crowdin:
-    runs-on: ubuntu-latest
-    if: github.repository == 'casdoor/casdoor' && github.event_name == 'push'
-    steps:
-
-    - name: Checkout
-      uses: actions/checkout@v2
-
-    - name: crowdin action
-      uses: crowdin/github-action@1.4.8
-      with:
-        upload_translations: true
-
-        download_translations: true
-        push_translations: true
-        commit_message: 'refactor: New Crowdin translations by Github Action'
-
-        localization_branch_name: l10n_crowdin_action
-        create_pull_request: true
-        pull_request_title: 'refactor: New Crowdin translations'
-
-        crowdin_branch_name: l10n_branch
-        config: './web/crowdin.yml'
-
-      env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        CROWDIN_PROJECT_ID: '463556'
-        CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}
-
-    - name: crowdin backend action
-      uses: crowdin/github-action@1.4.8
-      with:
-        upload_translations: true
-
-        download_translations: true
-        push_translations: true
-        commit_message: 'refactor: New Crowdin Backend translations by Github Action'
-
-        localization_branch_name: l10n_crowdin_action
-        create_pull_request: true
-        pull_request_title: 'refactor: New Crowdin Backend translations'
-
-        crowdin_branch_name: l10n_branch
-        config: './crowdin.yml'
-
-      env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        CROWDIN_PROJECT_ID: '463556'
-        CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}
--- a/.gitignore
+++ b/.gitignore
@ -4,7 +4,6 @@
 *.dll
 *.so
 *.dylib
-*.swp

 # Test binary, built with `go test -c`
 *.test
@ -13,24 +12,16 @@
 *.out

 # Dependency directories (remove the comment below to include it)
-vendor/
-bin/
+# vendor/

 .idea/
 *.iml
-.vscode/settings.json

 tmp/
 tmpFiles/
 *.tmp
 logs/
-files/
 lastupdate.tmp
 commentsRouter*.go

-# ignore build result
-casdoor
-server
-
-# include helm-chart
-!manifests/casdoor
+.env
--- a/.golangci.yml
+++ b/.golangci.yml
@ -1,42 +0,0 @@
-linters:
-  disable-all: true
-  enable:
-    - deadcode
-    - dupl
-    - errcheck
-    - goconst
-    - gocyclo
-    - gofmt
-    - goimports
-    - gosec
-    - gosimple
-    - govet
-    - ineffassign
-    - lll
-    - misspell
-    - nakedret
-    - prealloc
-    - staticcheck
-    - structcheck
-    - typecheck
-    - unconvert
-    - unparam
-    - unused
-    - varcheck
-    - revive
-    - exportloopref
-run:
-  deadline: 5m
-  skip-dirs:
-    - api
-  # skip-files:
-  #   - ".*_test\\.go$"
-  modules-download-mode: mod
-# all available settings of specific linters
-linters-settings:
-  lll:
-    # max line length, lines longer will be reported. Default is 120.
-    # '\t' is counted as 1 character by default, and can be changed with the tab-width option
-    line-length: 150
-    # tab width in spaces. Default to 1.
-    tab-width: 1
--- a/.releaserc.json
+++ b/.releaserc.json
@ -1,23 +0,0 @@
-{
-  "debug": true,
-  "branches": [
-    "+([0-9])?(.{+([0-9]),x}).x",
-    "master",
-    {
-      "name": "rc"
-    },
-    {
-      "name": "beta",
-      "prerelease": true
-    },
-    {
-      "name": "alpha",
-      "prerelease": true
-    }
-  ],
-  "plugins": [
-    "@semantic-release/commit-analyzer",
-    "@semantic-release/release-notes-generator",
-    "@semantic-release/github"
-  ]
-}
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@ -1,15 +0,0 @@
-{
-    "version": "0.2.0",
-    "configurations": [
-        {
-            "name": "Debug",
-            "type": "go",
-            "request": "launch",
-            "mode": "auto",
-            "program": "${workspaceFolder}",
-            "cwd": "${workspaceFolder}",
-            "debugAdapter": "dlv-dap",
-            "args": ["--createDatabase=true"]
-        }
-    ]
-}
--- a/69
+++ b/69
@ -1,69 +0,0 @@
-FROM --platform=$BUILDPLATFORM node:18.19.0 AS FRONT
-WORKDIR /web
-COPY ./web .
-RUN yarn install --frozen-lockfile --network-timeout 1000000 && yarn run build
-
-
-FROM --platform=$BUILDPLATFORM golang:1.20.12 AS BACK
-WORKDIR /go/src/casdoor
-COPY . .
-RUN ./build.sh
-RUN go test -v -run TestGetVersionInfo ./util/system_test.go ./util/system.go > version_info.txt
-
-FROM alpine:latest AS STANDARD
-LABEL MAINTAINER="https://casdoor.org/"
-ARG USER=casdoor
-ARG TARGETOS
-ARG TARGETARCH
-ENV BUILDX_ARCH="${TARGETOS:-linux}_${TARGETARCH:-amd64}"
-
-RUN sed -i 's/https/http/' /etc/apk/repositories
-RUN apk add --update sudo
-RUN apk add tzdata
-RUN apk add curl
-RUN apk add ca-certificates && update-ca-certificates
-
-RUN adduser -D $USER -u 1000 \
-    && echo "$USER ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/$USER \
-    && chmod 0440 /etc/sudoers.d/$USER \
-    && mkdir logs \
-    && chown -R $USER:$USER logs
-
-USER 1000
-WORKDIR /
-COPY --from=BACK --chown=$USER:$USER /go/src/casdoor/server_${BUILDX_ARCH} ./server
-COPY --from=BACK --chown=$USER:$USER /go/src/casdoor/swagger ./swagger
-COPY --from=BACK --chown=$USER:$USER /go/src/casdoor/conf/app.conf ./conf/app.conf
-COPY --from=BACK --chown=$USER:$USER /go/src/casdoor/version_info.txt ./go/src/casdoor/version_info.txt
-COPY --from=FRONT --chown=$USER:$USER /web/build ./web/build
-
-ENTRYPOINT ["/server"]
-
-
-FROM debian:latest AS db
-RUN apt update \
-    && apt install -y \
-        mariadb-server \
-        mariadb-client \
-    && rm -rf /var/lib/apt/lists/*
-
-
-FROM db AS ALLINONE
-LABEL MAINTAINER="https://casdoor.org/"
-ARG TARGETOS
-ARG TARGETARCH
-ENV BUILDX_ARCH="${TARGETOS:-linux}_${TARGETARCH:-amd64}"
-
-RUN apt update
-RUN apt install -y ca-certificates && update-ca-certificates
-
-WORKDIR /
-COPY --from=BACK /go/src/casdoor/server_${BUILDX_ARCH} ./server
-COPY --from=BACK /go/src/casdoor/swagger ./swagger
-COPY --from=BACK /go/src/casdoor/docker-entrypoint.sh /docker-entrypoint.sh
-COPY --from=BACK /go/src/casdoor/conf/app.conf ./conf/app.conf
-COPY --from=BACK /go/src/casdoor/version_info.txt ./go/src/casdoor/version_info.txt
-COPY --from=FRONT /web/build ./web/build
-
-ENTRYPOINT ["/bin/bash"]
-CMD ["/docker-entrypoint.sh"]
--- a/116
+++ b/116
@ -1,116 +0,0 @@
-
-# Image URL to use all building/pushing image targets
-REGISTRY ?= casbin
-IMG ?= casdoor
-IMG_TAG ?=$(shell git --no-pager log -1 --format="%ad" --date=format:"%Y%m%d")-$(shell git describe --tags --always --dirty --abbrev=6)
-NAMESPACE ?= casdoor
-APP ?= casdoor
-HOST ?= test.com
-
-
-# Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
-ifeq (,$(shell go env GOBIN))
-GOBIN=$(shell go env GOPATH)/bin
-else
-GOBIN=$(shell go env GOBIN)
-endif
-
-# Setting SHELL to bash allows bash commands to be executed by recipes.
-# This is a requirement for 'setup-envtest.sh' in the test target.
-# Options are set to exit when a recipe line exits non-zero or a piped command fails.
-SHELL = /usr/bin/env bash -o pipefail
-.SHELLFLAGS = -ec
-
-.PHONY: all
-all: docker-build docker-push deploy
-
-##@ General
-
-# The help target prints out all targets with their descriptions organized
-# beneath their categories. The categories are represented by '##@' and the
-# target descriptions by '##'. The awk commands is responsible for reading the
-# entire set of makefiles included in this invocation, looking for lines of the
-# file as xyz: ## something, and then pretty-format the target and help. Then,
-# if there's a line with ##@ something, that gets pretty-printed as a category.
-# More info on the usage of ANSI control characters for terminal formatting:
-# https://en.wikipedia.org/wiki/ANSI_escape_code#SGR_parameters
-# More info on the awk command:
-# http://linuxcommand.org/lc3_adv_awk.php
-
-.PHONY: help
-help: ## Display this help.
-	@awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n  make \033[36m<target>\033[0m\n"} /^[a-zA-Z_0-9-]+:.*?##/ { printf "  \033[36m%-15s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST)
-
-##@ Development
-
-.PHONY: fmt
-fmt: ## Run go fmt against code.
-	go fmt ./...
-
-.PHONY: vet
-vet: ## Run go vet against code.
-	go vet ./...
-
-.PHONY: ut
-ut: ## UT test
-	go test -v -cover -coverprofile=coverage.out ./...
-	go tool cover -func=coverage.out
-
-##@ Build
-
-.PHONY: backend
-backend: fmt vet ## Build backend binary.
-	go build -o bin/manager main.go
-
-.PHONY: backend-vendor
-backend-vendor: vendor fmt vet ## Build backend binary with vendor.
-	go build -mod=vendor -o bin/manager main.go
-
-.PHONY: frontend
-frontend: ## Build backend binary.
-	cd web/ && yarn && yarn run build && cd -
-
-.PHONY: vendor
-vendor: ## Update vendor.
-	go mod vendor
-
-.PHONY: run
-run: fmt vet ## Run backend in local 
-	go run ./main.go
-
-.PHONY: docker-build
-docker-build: ## Build docker image with the manager.
-	docker build -t ${REGISTRY}/${IMG}:${IMG_TAG} .
-
-.PHONY: docker-push
-docker-push: ## Push docker image with the manager.
-	docker push ${REGISTRY}/${IMG}:${IMG_TAG}
-
-deps: ## Run dependencies for local development
-	docker compose up -d db
-
-lint-install: ## Install golangci-lint
-	@# The following installs a specific version of golangci-lint, which is appropriate for a CI server to avoid different results from build to build
-	go get github.com/golangci/golangci-lint/cmd/golangci-lint@v1.40.1
-
-lint: ## Run golangci-lint
-	@echo "---lint---"
-	golangci-lint run --modules-download-mode=vendor ./...
-
-##@ Deployment
-
-.PHONY: deploy
-deploy:  ## Deploy controller to the K8s cluster specified in ~/.kube/config.
-	helm upgrade --install ${APP} manifests/casdoor --create-namespace --set ingress.enabled=true \
-	--set "ingress.hosts[0].host=${HOST},ingress.hosts[0].paths[0].path=/,ingress.hosts[0].paths[0].pathType=ImplementationSpecific" \
-	--set image.tag=${IMG_TAG} --set image.repository=${REGISTRY} --set image.name=${IMG} --version ${IMG_TAG} -n ${NAMESPACE}
-
-.PHONY: dry-run
-dry-run: ## Dry run for helm install
-	helm upgrade --install ${APP} manifests/casdoor --set ingress.enabled=true \
-	--set "ingress.hosts[0].host=${HOST},ingress.hosts[0].paths[0].path=/,ingress.hosts[0].paths[0].pathType=ImplementationSpecific" \
-	--set image.tag=${IMG_TAG} --set image.repository=${REGISTRY} --set image.name=${IMG} --version ${IMG_TAG} -n ${NAMESPACE} --dry-run
-
-.PHONY: undeploy
-undeploy: ## Undeploy controller from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion.
-	helm delete ${APP} -n ${NAMESPACE}
--- a/README.md
+++ b/README.md
@ -1,102 +1,36 @@
-<h1 align="center" style="border-bottom: none;">📦⚡️ Casdoor</h1>
-<h3 align="center">An open-source UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA and RADIUS</h3>
-<p align="center">
-  <a href="#badge">
-    <img alt="semantic-release" src="https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg">
-  </a>
-  <a href="https://hub.docker.com/r/casbin/casdoor">
-    <img alt="docker pull casbin/casdoor" src="https://img.shields.io/docker/pulls/casbin/casdoor.svg">
-  </a>
-  <a href="https://github.com/casdoor/casdoor/actions/workflows/build.yml">
-    <img alt="GitHub Workflow Status (branch)" src="https://github.com/casdoor/casdoor/workflows/Build/badge.svg?style=flat-square">
-  </a>
-  <a href="https://github.com/casdoor/casdoor/releases/latest">
-    <img alt="GitHub Release" src="https://img.shields.io/github/v/release/casdoor/casdoor.svg">
-  </a>
-  <a href="https://hub.docker.com/repository/docker/casbin/casdoor">
-    <img alt="Docker Image Version (latest semver)" src="https://img.shields.io/badge/Docker%20Hub-latest-brightgreen">
-  </a>
-</p>
-
-<p align="center">
-  <a href="https://goreportcard.com/report/github.com/casdoor/casdoor">
-    <img alt="Go Report Card" src="https://goreportcard.com/badge/github.com/casdoor/casdoor?style=flat-square">
-  </a>
-  <a href="https://github.com/casdoor/casdoor/blob/master/LICENSE">
-    <img src="https://img.shields.io/github/license/casdoor/casdoor?style=flat-square" alt="license">
-  </a>
-  <a href="https://github.com/casdoor/casdoor/issues">
-    <img alt="GitHub issues" src="https://img.shields.io/github/issues/casdoor/casdoor?style=flat-square">
-  </a>
-  <a href="#">
-    <img alt="GitHub stars" src="https://img.shields.io/github/stars/casdoor/casdoor?style=flat-square">
-  </a>
-  <a href="https://github.com/casdoor/casdoor/network">
-    <img alt="GitHub forks" src="https://img.shields.io/github/forks/casdoor/casdoor?style=flat-square">
-  </a>
-  <a href="https://crowdin.com/project/casdoor-site">
-    <img alt="Crowdin" src="https://badges.crowdin.net/casdoor-site/localized.svg">
-  </a>
-  <a href="https://discord.gg/5rPsrAzK7S">
-    <img alt="Discord" src="https://img.shields.io/discord/1022748306096537660?style=flat-square&logo=discord&label=discord&color=5865F2">
-  </a>
-</p>
-
-<p align="center">
-  <sup>Sponsored by</sup>
-  <br>
-  <a href="https://stytch.com/docs?utm_source=oss-sponsorship&utm_medium=paid_sponsorship&utm_campaign=casbin">
-    <picture>
-      <source media="(prefers-color-scheme: dark)" srcset="https://cdn.casbin.org/img/stytch-white.png">
-      <source media="(prefers-color-scheme: light)" srcset="https://cdn.casbin.org/img/stytch-charcoal.png">
-      <img src="https://cdn.casbin.org/img/stytch-charcoal.png" width="275">
-    </picture>
-  </a><br/>
-  <a href="https://stytch.com/docs?utm_source=oss-sponsorship&utm_medium=paid_sponsorship&utm_campaign=casbin"><b>Build auth with fraud prevention, faster.</b><br/> Try Stytch for API-first authentication, user & org management, multi-tenant SSO, MFA, device fingerprinting, and more.</a>
-  <br>
-</p>
-
-## Online demo
-
- Read-only site: https://door.casdoor.com (any modification operation will fail)
- Writable site: https://demo.casdoor.com (original data will be restored for every 5 minutes)
-
-## Documentation
-
-https://casdoor.org
-
-## Install
-
- By source code: https://casdoor.org/docs/basic/server-installation
- By Docker: https://casdoor.org/docs/basic/try-with-docker
- By Kubernetes Helm: https://casdoor.org/docs/basic/try-with-helm
-
-## How to connect to Casdoor?
-
-https://casdoor.org/docs/how-to-connect/overview
-
-## Casdoor Public API
-
- Docs: https://casdoor.org/docs/basic/public-api
- Swagger: https://door.casdoor.com/swagger
-
-## Integrations
-
-https://casdoor.org/docs/category/integrations
-
-## How to contact?
-
- Discord: https://discord.gg/5rPsrAzK7S
- Contact: https://casdoor.org/help
-
-## Contribute
-
-For casdoor, if you have any questions, you can give Issues, or you can also directly start Pull Requests(but we recommend giving issues first to communicate with the community).
-
-### I18n translation
-
-If you are contributing to casdoor, please note that we use [Crowdin](https://crowdin.com/project/casdoor-site) as translating platform and i18next as translating tool. When you add some words using i18next in the `web/` directory, please remember to add what you have added to the `web/src/locales/en/data.json` file.
-
-## License
-
-[Apache-2.0](https://github.com/casdoor/casdoor/blob/master/LICENSE)
+# Casdoor
+
+## Development
+
+### Prerequisites
+
+Go (1.15 or later)
+MySQL (5.8 or higher)
+Node.js (version 8 or higher)
+Yarn
+
+### Initialize project
+
+Create a database named casdoor.
+
+```sql
+CREATE DATABASE IF NOT EXISTS casdoor default charset utf8 COLLATE utf8_general_ci
+```
+
+Configure database source in the `.env` file. If you have not copied the `.env.template` file to a new file named `.env`, which should now be performed.
+
+### Run project
+
+#### backend
+
+```shell
+go run cmd/main.go
+```
+
+### frontend
+
+```shell
+cd web
+yarn
+yarn start
+```
--- a/SECURITY.md
+++ b/SECURITY.md
@ -1,9 +0,0 @@
-# Security Policy
-
-## Reporting a Vulnerability
-
-We are grateful for security researchers and users reporting a vulnerability to us first. To ensure that your request is handled in a timely manner and we can keep users safe, please follow the below guidelines.
-
- **Please do not report security vulnerabilities directly on GitHub.**
-
- To report a vulnerability, please email [admin@casdoor.org](admin@casdoor.org).
--- a/authz/authz.go
+++ b/authz/authz.go
@ -1,177 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package authz
-
-import (
-	"strings"
-
-	"github.com/casbin/casbin/v2"
-	"github.com/casdoor/casdoor/conf"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-	stringadapter "github.com/qiangmzsx/string-adapter/v2"
-)
-
-var Enforcer *casbin.Enforcer
-
-func InitApi() {
-	e, err := object.GetInitializedEnforcer(util.GetId("built-in", "api-enforcer-built-in"))
-	if err != nil {
-		panic(err)
-	}
-
-	Enforcer = e.Enforcer
-	Enforcer.ClearPolicy()
-
-	// if len(Enforcer.GetPolicy()) == 0 {
-	if true {
-		ruleText := `
-p, built-in, *, *, *, *, *
-p, app, *, *, *, *, *
-p, *, *, POST, /api/signup, *, *
-p, *, *, GET, /api/get-email-and-phone, *, *
-p, *, *, POST, /api/login, *, *
-p, *, *, GET, /api/get-app-login, *, *
-p, *, *, POST, /api/logout, *, *
-p, *, *, GET, /api/logout, *, *
-p, *, *, POST, /api/callback, *, *
-p, *, *, GET, /api/get-account, *, *
-p, *, *, GET, /api/userinfo, *, *
-p, *, *, GET, /api/user, *, *
-p, *, *, GET, /api/health, *, *
-p, *, *, *, /api/webhook, *, *
-p, *, *, GET, /api/get-qrcode, *, *
-p, *, *, GET, /api/get-webhook-event, *, *
-p, *, *, GET, /api/get-captcha-status, *, *
-p, *, *, *, /api/login/oauth, *, *
-p, *, *, GET, /api/get-application, *, *
-p, *, *, GET, /api/get-organization-applications, *, *
-p, *, *, GET, /api/get-user, *, *
-p, *, *, GET, /api/get-user-application, *, *
-p, *, *, GET, /api/get-resources, *, *
-p, *, *, GET, /api/get-records, *, *
-p, *, *, GET, /api/get-product, *, *
-p, *, *, POST, /api/buy-product, *, *
-p, *, *, GET, /api/get-payment, *, *
-p, *, *, POST, /api/update-payment, *, *
-p, *, *, POST, /api/invoice-payment, *, *
-p, *, *, POST, /api/notify-payment, *, *
-p, *, *, POST, /api/unlink, *, *
-p, *, *, POST, /api/set-password, *, *
-p, *, *, POST, /api/send-verification-code, *, *
-p, *, *, GET, /api/get-captcha, *, *
-p, *, *, POST, /api/verify-captcha, *, *
-p, *, *, POST, /api/verify-code, *, *
-p, *, *, POST, /api/reset-email-or-phone, *, *
-p, *, *, POST, /api/upload-resource, *, *
-p, *, *, GET, /.well-known/openid-configuration, *, *
-p, *, *, *, /.well-known/jwks, *, *
-p, *, *, GET, /api/get-saml-login, *, *
-p, *, *, POST, /api/acs, *, *
-p, *, *, GET, /api/saml/metadata, *, *
-p, *, *, *, /api/saml/redirect, *, *
-p, *, *, *, /cas, *, *
-p, *, *, *, /scim, *, *
-p, *, *, *, /api/webauthn, *, *
-p, *, *, GET, /api/get-release, *, *
-p, *, *, GET, /api/get-default-application, *, *
-p, *, *, GET, /api/get-prometheus-info, *, *
-p, *, *, *, /api/metrics, *, *
-p, *, *, GET, /api/get-pricing, *, *
-p, *, *, GET, /api/get-plan, *, *
-p, *, *, GET, /api/get-subscription, *, *
-p, *, *, GET, /api/get-provider, *, *
-p, *, *, GET, /api/get-organization-names, *, *
-p, *, *, GET, /api/get-all-objects, *, *
-p, *, *, GET, /api/get-all-actions, *, *
-p, *, *, GET, /api/get-all-roles, *, *
-p, *, *, GET, /api/get-invitation-info, *, *
-p, *, *, GET, /api/faceid-signin-begin, *, *
-`
-
-		sa := stringadapter.NewAdapter(ruleText)
-		// load all rules from string adapter to enforcer's memory
-		err = sa.LoadPolicy(Enforcer.GetModel())
-		if err != nil {
-			panic(err)
-		}
-
-		// save all rules from enforcer's memory to Xorm adapter (DB)
-		// same as:
-		// a.SavePolicy(Enforcer.GetModel())
-		err = Enforcer.SavePolicy()
-		if err != nil {
-			panic(err)
-		}
-	}
-}
-
-func IsAllowed(subOwner string, subName string, method string, urlPath string, objOwner string, objName string) bool {
-	if conf.IsDemoMode() {
-		if !isAllowedInDemoMode(subOwner, subName, method, urlPath, objOwner, objName) {
-			return false
-		}
-	}
-
-	user, err := object.GetUser(util.GetId(subOwner, subName))
-	if err != nil {
-		panic(err)
-	}
-
-	if subOwner == "app" {
-		return true
-	}
-
-	if user != nil {
-		if user.IsDeleted {
-			return false
-		}
-
-		if user.IsAdmin && (subOwner == objOwner || (objOwner == "admin")) {
-			return true
-		}
-	}
-
-	res, err := Enforcer.Enforce(subOwner, subName, method, urlPath, objOwner, objName)
-	if err != nil {
-		panic(err)
-	}
-
-	return res
-}
-
-func isAllowedInDemoMode(subOwner string, subName string, method string, urlPath string, objOwner string, objName string) bool {
-	if method == "POST" {
-		if strings.HasPrefix(urlPath, "/api/login") || urlPath == "/api/logout" || urlPath == "/api/signup" || urlPath == "/api/callback" || urlPath == "/api/send-verification-code" || urlPath == "/api/send-email" || urlPath == "/api/verify-captcha" || urlPath == "/api/verify-code" || urlPath == "/api/check-user-password" || strings.HasPrefix(urlPath, "/api/mfa/") || urlPath == "/api/webhook" || urlPath == "/api/get-qrcode" {
-			return true
-		} else if urlPath == "/api/update-user" {
-			// Allow ordinary users to update their own information
-			if (subOwner == objOwner && subName == objName || subOwner == "app") && !(subOwner == "built-in" && subName == "admin") {
-				return true
-			}
-			return false
-		} else if urlPath == "/api/upload-resource" {
-			if subOwner == "app" && subName == "app-casibase" {
-				return true
-			}
-			return false
-		} else {
-			return false
-		}
-	}
-
-	// If method equals GET
-	return true
-}
--- a/build.sh
+++ b/build.sh
@ -1,13 +0,0 @@
-#!/bin/bash
-#try to connect to google to determine whether user need to use proxy
-curl www.google.com -o /dev/null --connect-timeout 5 2> /dev/null
-if [ $? == 0 ]
-then
-    echo "Successfully connected to Google, no need to use Go proxy"
-else
-    echo "Google is blocked, Go proxy is enabled: GOPROXY=https://goproxy.cn,direct"
-    export GOPROXY="https://goproxy.cn,direct"
-fi
-
-CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="-w -s" -o server_linux_amd64 .
-CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -ldflags="-w -s" -o server_linux_arm64 .
--- a/captcha/aliyun.go
+++ b/captcha/aliyun.go
@ -1,115 +0,0 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package captcha
-
-import (
-	"encoding/json"
-	"errors"
-	"fmt"
-	"io"
-	"net/http"
-	"net/url"
-	"sort"
-	"strconv"
-	"strings"
-	"time"
-
-	"github.com/casdoor/casdoor/util"
-)
-
-const AliyunCaptchaVerifyUrl = "http://afs.aliyuncs.com"
-
-type captchaSuccessResponse struct {
-	Code int    `json:"Code"`
-	Msg  string `json:"Msg"`
-}
-
-type captchaFailResponse struct {
-	Code    string `json:"Code"`
-	Message string `json:"Message"`
-}
-
-type AliyunCaptchaProvider struct{}
-
-func NewAliyunCaptchaProvider() *AliyunCaptchaProvider {
-	captcha := &AliyunCaptchaProvider{}
-	return captcha
-}
-
-func contentEscape(str string) string {
-	str = strings.Replace(str, " ", "%20", -1)
-	str = url.QueryEscape(str)
-	return str
-}
-
-func (captcha *AliyunCaptchaProvider) VerifyCaptcha(token, clientSecret string) (bool, error) {
-	pathData, err := url.ParseQuery(token)
-	if err != nil {
-		return false, err
-	}
-
-	pathData["Action"] = []string{"AuthenticateSig"}
-	pathData["Format"] = []string{"json"}
-	pathData["SignatureMethod"] = []string{"HMAC-SHA1"}
-	pathData["SignatureNonce"] = []string{strconv.FormatInt(time.Now().UnixNano(), 10)}
-	pathData["SignatureVersion"] = []string{"1.0"}
-	pathData["Timestamp"] = []string{time.Now().UTC().Format("2006-01-02T15:04:05Z")}
-	pathData["Version"] = []string{"2018-01-12"}
-
-	var keys []string
-	for k := range pathData {
-		keys = append(keys, k)
-	}
-	sort.Strings(keys)
-
-	sortQuery := ""
-	for _, k := range keys {
-		sortQuery += k + "=" + contentEscape(pathData[k][0]) + "&"
-	}
-	sortQuery = strings.TrimSuffix(sortQuery, "&")
-
-	stringToSign := fmt.Sprintf("GET&%s&%s", url.QueryEscape("/"), url.QueryEscape(sortQuery))
-
-	signature := util.GetHmacSha1(clientSecret+"&", stringToSign)
-
-	resp, err := http.Get(fmt.Sprintf("%s?%s&Signature=%s", AliyunCaptchaVerifyUrl, sortQuery, url.QueryEscape(signature)))
-	if err != nil {
-		return false, err
-	}
-
-	defer resp.Body.Close()
-	body, err := io.ReadAll(resp.Body)
-	if err != nil {
-		return false, err
-	}
-
-	return handleCaptchaResponse(body)
-}
-
-func handleCaptchaResponse(body []byte) (bool, error) {
-	captchaResp := &captchaSuccessResponse{}
-	err := json.Unmarshal(body, captchaResp)
-	if err != nil {
-		captchaFailResp := &captchaFailResponse{}
-		err = json.Unmarshal(body, captchaFailResp)
-		if err != nil {
-			return false, err
-		}
-
-		return false, errors.New(captchaFailResp.Message)
-	}
-
-	return true, nil
-}
--- a/captcha/geetest.go
+++ b/captcha/geetest.go
@ -1,81 +0,0 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package captcha
-
-import (
-	"encoding/json"
-	"errors"
-	"fmt"
-	"io"
-	"net/http"
-	"net/url"
-	"time"
-
-	"github.com/casdoor/casdoor/util"
-)
-
-const GEETESTCaptchaVerifyUrl = "http://gcaptcha4.geetest.com/validate"
-
-type GEETESTCaptchaProvider struct{}
-
-func NewGEETESTCaptchaProvider() *GEETESTCaptchaProvider {
-	captcha := &GEETESTCaptchaProvider{}
-	return captcha
-}
-
-func (captcha *GEETESTCaptchaProvider) VerifyCaptcha(token, clientSecret string) (bool, error) {
-	pathData, err := url.ParseQuery(token)
-	if err != nil {
-		return false, err
-	}
-
-	signToken := util.GetHmacSha256(clientSecret, pathData["lot_number"][0])
-
-	formData := make(url.Values)
-	formData["lot_number"] = []string{pathData["lot_number"][0]}
-	formData["captcha_output"] = []string{pathData["captcha_output"][0]}
-	formData["pass_token"] = []string{pathData["pass_token"][0]}
-	formData["gen_time"] = []string{pathData["gen_time"][0]}
-	formData["sign_token"] = []string{signToken}
-	captchaId := pathData["captcha_id"][0]
-
-	cli := http.Client{Timeout: time.Second * 5}
-	resp, err := cli.PostForm(fmt.Sprintf("%s?captcha_id=%s", GEETESTCaptchaVerifyUrl, captchaId), formData)
-	if err != nil || resp.StatusCode != 200 {
-		return false, err
-	}
-
-	defer resp.Body.Close()
-	body, err := io.ReadAll(resp.Body)
-	if err != nil {
-		return false, err
-	}
-
-	type captchaResponse struct {
-		Result string `json:"result"`
-		Reason string `json:"reason"`
-	}
-	captchaResp := &captchaResponse{}
-	err = json.Unmarshal(body, captchaResp)
-	if err != nil {
-		return false, err
-	}
-
-	if captchaResp.Result == "success" {
-		return true, nil
-	}
-
-	return false, errors.New(captchaResp.Reason)
-}
--- a/captcha/hcaptcha.go
+++ b/captcha/hcaptcha.go
@ -1,66 +0,0 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package captcha
-
-import (
-	"encoding/json"
-	"errors"
-	"io"
-	"net/http"
-	"net/url"
-	"strings"
-)
-
-const HCaptchaVerifyUrl = "https://hcaptcha.com/siteverify"
-
-type HCaptchaProvider struct{}
-
-func NewHCaptchaProvider() *HCaptchaProvider {
-	captcha := &HCaptchaProvider{}
-	return captcha
-}
-
-func (captcha *HCaptchaProvider) VerifyCaptcha(token, clientSecret string) (bool, error) {
-	reqData := url.Values{
-		"secret":   {clientSecret},
-		"response": {token},
-	}
-	resp, err := http.PostForm(HCaptchaVerifyUrl, reqData)
-	if err != nil {
-		return false, err
-	}
-
-	defer resp.Body.Close()
-	body, err := io.ReadAll(resp.Body)
-	if err != nil {
-		return false, err
-	}
-
-	type captchaResponse struct {
-		Success    bool     `json:"success"`
-		ErrorCodes []string `json:"error-codes"`
-	}
-	captchaResp := &captchaResponse{}
-	err = json.Unmarshal(body, captchaResp)
-	if err != nil {
-		return false, err
-	}
-
-	if len(captchaResp.ErrorCodes) > 0 {
-		return false, errors.New(strings.Join(captchaResp.ErrorCodes, ","))
-	}
-
-	return captchaResp.Success, nil
-}
--- a/captcha/provider.go
+++ b/captcha/provider.go
@ -1,53 +0,0 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package captcha
-
-import "fmt"
-
-type CaptchaProvider interface {
-	VerifyCaptcha(token, clientSecret string) (bool, error)
-}
-
-func GetCaptchaProvider(captchaType string) CaptchaProvider {
-	switch captchaType {
-	case "Default":
-		return NewDefaultCaptchaProvider()
-	case "reCAPTCHA":
-		return NewReCaptchaProvider()
-	case "reCAPTCHA v2":
-		return NewReCaptchaProvider()
-	case "reCAPTCHA v3":
-		return NewReCaptchaProvider()
-	case "Aliyun Captcha":
-		return NewAliyunCaptchaProvider()
-	case "hCaptcha":
-		return NewHCaptchaProvider()
-	case "GEETEST":
-		return NewGEETESTCaptchaProvider()
-	case "Cloudflare Turnstile":
-		return NewCloudflareTurnstileProvider()
-	}
-
-	return nil
-}
-
-func VerifyCaptchaByCaptchaType(captchaType, token, clientSecret string) (bool, error) {
-	provider := GetCaptchaProvider(captchaType)
-	if provider == nil {
-		return false, fmt.Errorf("invalid captcha provider: %s", captchaType)
-	}
-
-	return provider.VerifyCaptcha(token, clientSecret)
-}
--- a/captcha/recaptcha.go
+++ b/captcha/recaptcha.go
@ -1,66 +0,0 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package captcha
-
-import (
-	"encoding/json"
-	"errors"
-	"io"
-	"net/http"
-	"net/url"
-	"strings"
-)
-
-const ReCaptchaVerifyUrl = "https://recaptcha.net/recaptcha/api/siteverify"
-
-type ReCaptchaProvider struct{}
-
-func NewReCaptchaProvider() *ReCaptchaProvider {
-	captcha := &ReCaptchaProvider{}
-	return captcha
-}
-
-func (captcha *ReCaptchaProvider) VerifyCaptcha(token, clientSecret string) (bool, error) {
-	reqData := url.Values{
-		"secret":   {clientSecret},
-		"response": {token},
-	}
-	resp, err := http.PostForm(ReCaptchaVerifyUrl, reqData)
-	if err != nil {
-		return false, err
-	}
-
-	defer resp.Body.Close()
-	body, err := io.ReadAll(resp.Body)
-	if err != nil {
-		return false, err
-	}
-
-	type captchaResponse struct {
-		Success    bool     `json:"success"`
-		ErrorCodes []string `json:"error-codes"`
-	}
-	captchaResp := &captchaResponse{}
-	err = json.Unmarshal(body, captchaResp)
-	if err != nil {
-		return false, err
-	}
-
-	if len(captchaResp.ErrorCodes) > 0 {
-		return false, errors.New(strings.Join(captchaResp.ErrorCodes, ","))
-	}
-
-	return captchaResp.Success, nil
-}
--- a/captcha/turnstile.go
+++ b/captcha/turnstile.go
@ -1,66 +0,0 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package captcha
-
-import (
-	"encoding/json"
-	"errors"
-	"io"
-	"net/http"
-	"net/url"
-	"strings"
-)
-
-const CloudflareTurnstileVerifyUrl = "https://challenges.cloudflare.com/turnstile/v0/siteverify"
-
-type CloudflareTurnstileProvider struct{}
-
-func NewCloudflareTurnstileProvider() *CloudflareTurnstileProvider {
-	captcha := &CloudflareTurnstileProvider{}
-	return captcha
-}
-
-func (captcha *CloudflareTurnstileProvider) VerifyCaptcha(token, clientSecret string) (bool, error) {
-	reqData := url.Values{
-		"secret":   {clientSecret},
-		"response": {token},
-	}
-	resp, err := http.PostForm(CloudflareTurnstileVerifyUrl, reqData)
-	if err != nil {
-		return false, err
-	}
-
-	defer resp.Body.Close()
-	body, err := io.ReadAll(resp.Body)
-	if err != nil {
-		return false, err
-	}
-
-	type captchaResponse struct {
-		Success    bool     `json:"success"`
-		ErrorCodes []string `json:"error-codes"`
-	}
-	captchaResp := &captchaResponse{}
-	err = json.Unmarshal(body, captchaResp)
-	if err != nil {
-		return false, err
-	}
-
-	if len(captchaResp.ErrorCodes) > 0 {
-		return false, errors.New(strings.Join(captchaResp.ErrorCodes, ","))
-	}
-
-	return captchaResp.Success, nil
-}
--- a/cmd/main.go
+++ b/cmd/main.go
@ -0,0 +1,68 @@
+// Copyright 2020 The casbin Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package main
+
+import (
+	"context"
+	"log"
+	"net/http"
+	"os"
+	"os/signal"
+	"time"
+
+	"github.com/casdoor/casdoor/internal/config"
+	"github.com/casdoor/casdoor/internal/handler"
+	"github.com/casdoor/casdoor/internal/store"
+	"github.com/casdoor/casdoor/internal/store/shared"
+)
+
+func main() {
+	cfg, err := config.NewConfig()
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	db, err := shared.NewDB(cfg)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	userStore := store.NewUserStore(db)
+	applicationStore := store.NewApplicationStore(db)
+
+	srv := &http.Server{
+		Addr:    cfg.HTTPPort,
+		Handler: handler.New(userStore, applicationStore),
+	}
+
+	go func() {
+		log.Printf("listen and serve on %s", srv.Addr)
+		if err := srv.ListenAndServe(); err != nil && err != http.ErrServerClosed {
+			log.Fatalf("listen: %s\n", err)
+		}
+	}()
+
+	quit := make(chan os.Signal)
+	signal.Notify(quit, os.Interrupt)
+	<-quit
+	log.Println("Shutdown Server ...")
+
+	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+	defer cancel()
+	if err := srv.Shutdown(ctx); err != nil {
+		log.Fatal("Server Shutdown:", err)
+	}
+	log.Println("Server exiting")
+}
--- a/conf/app.conf
+++ b/conf/app.conf
@ -1,32 +0,0 @@
-appname = casdoor
-httpport = 8000
-runmode = dev
-copyrequestbody = true
-driverName = mysql
-dataSourceName = root:123456@tcp(localhost:3306)/
-dbName = casdoor
-tableNamePrefix =
-showSql = false
-redisEndpoint =
-defaultStorageProvider =
-isCloudIntranet = false
-authState = "casdoor"
-socks5Proxy = "127.0.0.1:10808"
-verificationCodeTimeout = 10
-initScore = 0
-logPostOnly = true
-isUsernameLowered = false
-origin =
-originFrontend =
-staticBaseUrl = "https://cdn.casbin.org"
-isDemoMode = false
-batchSize = 100
-enableErrorMask = false
-enableGzip = true
-ldapServerPort = 389
-radiusServerPort = 1812
-radiusSecret = "secret"
-quota = {"organization": -1, "user": -1, "application": -1, "provider": -1}
-logConfig = {"filename": "logs/casdoor.log", "maxdays":99999, "perm":"0770"}
-initDataFile = "./init_data.json"
-frontendBaseDir = "../casdoor"
--- a/conf/conf.go
+++ b/conf/conf.go
@ -1,112 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package conf
-
-import (
-	"fmt"
-	"os"
-	"runtime"
-	"strconv"
-	"strings"
-
-	"github.com/beego/beego"
-)
-
-func init() {
-	// this array contains the beego configuration items that may be modified via env
-	presetConfigItems := []string{"httpport", "appname"}
-	for _, key := range presetConfigItems {
-		if value, ok := os.LookupEnv(key); ok {
-			err := beego.AppConfig.Set(key, value)
-			if err != nil {
-				panic(err)
-			}
-		}
-	}
-}
-
-func GetConfigString(key string) string {
-	if value, ok := os.LookupEnv(key); ok {
-		return value
-	}
-
-	res := beego.AppConfig.String(key)
-	if res == "" {
-		if key == "staticBaseUrl" {
-			res = "https://cdn.casbin.org"
-		} else if key == "logConfig" {
-			res = fmt.Sprintf("{\"filename\": \"logs/%s.log\", \"maxdays\":99999, \"perm\":\"0770\"}", beego.AppConfig.String("appname"))
-		}
-	}
-
-	return res
-}
-
-func GetConfigBool(key string) bool {
-	value := GetConfigString(key)
-	if value == "true" {
-		return true
-	} else {
-		return false
-	}
-}
-
-func GetConfigInt64(key string) (int64, error) {
-	value := GetConfigString(key)
-	num, err := strconv.ParseInt(value, 10, 64)
-	return num, err
-}
-
-func GetConfigDataSourceName() string {
-	dataSourceName := GetConfigString("dataSourceName")
-	return ReplaceDataSourceNameByDocker(dataSourceName)
-}
-
-func ReplaceDataSourceNameByDocker(dataSourceName string) string {
-	runningInDocker := os.Getenv("RUNNING_IN_DOCKER")
-	if runningInDocker == "true" {
-		// https://stackoverflow.com/questions/48546124/what-is-linux-equivalent-of-host-docker-internal
-		if runtime.GOOS == "linux" {
-			dataSourceName = strings.ReplaceAll(dataSourceName, "localhost", "172.17.0.1")
-		} else {
-			dataSourceName = strings.ReplaceAll(dataSourceName, "localhost", "host.docker.internal")
-		}
-	}
-	return dataSourceName
-}
-
-func GetLanguage(language string) string {
-	if language == "" || language == "*" {
-		return "en"
-	}
-
-	if len(language) != 2 || language == "nu" {
-		return "en"
-	} else {
-		return language
-	}
-}
-
-func IsDemoMode() bool {
-	return strings.ToLower(GetConfigString("isDemoMode")) == "true"
-}
-
-func GetConfigBatchSize() int {
-	res, err := strconv.Atoi(GetConfigString("batchSize"))
-	if err != nil {
-		res = 100
-	}
-	return res
-}
--- a/conf/conf_quota.go
+++ b/conf/conf_quota.go
@ -1,48 +0,0 @@
-// Copyright 2023 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package conf
-
-import (
-	"encoding/json"
-
-	"github.com/beego/beego"
-)
-
-type Quota struct {
-	Organization int `json:"organization"`
-	User         int `json:"user"`
-	Application  int `json:"application"`
-	Provider     int `json:"provider"`
-}
-
-var quota = &Quota{-1, -1, -1, -1}
-
-func init() {
-	initQuota()
-}
-
-func initQuota() {
-	res := beego.AppConfig.String("quota")
-	if res != "" {
-		err := json.Unmarshal([]byte(res), quota)
-		if err != nil {
-			panic(err)
-		}
-	}
-}
-
-func GetConfigQuota() *Quota {
-	return quota
-}
--- a/conf/conf_test.go
+++ b/conf/conf_test.go
@ -1,127 +0,0 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package conf
-
-import (
-	"os"
-	"testing"
-
-	"github.com/beego/beego"
-	"github.com/stretchr/testify/assert"
-)
-
-func TestGetConfString(t *testing.T) {
-	scenarios := []struct {
-		description string
-		input       string
-		expected    interface{}
-	}{
-		{"Should be return casbin", "appname", "casbin"},
-		{"Should be return 8000", "httpport", "8000"},
-		{"Should be return  value", "key", "value"},
-	}
-
-	// do some set up job
-
-	os.Setenv("appname", "casbin")
-	os.Setenv("key", "value")
-
-	err := beego.LoadAppConfig("ini", "app.conf")
-	assert.Nil(t, err)
-
-	for _, scenery := range scenarios {
-		t.Run(scenery.description, func(t *testing.T) {
-			actual := GetConfigString(scenery.input)
-			assert.Equal(t, scenery.expected, actual)
-		})
-	}
-}
-
-func TestGetConfInt(t *testing.T) {
-	scenarios := []struct {
-		description string
-		input       string
-		expected    interface{}
-	}{
-		{"Should be return 8000", "httpport", 8001},
-		{"Should be return 8000", "verificationCodeTimeout", 10},
-	}
-
-	// do some set up job
-	os.Setenv("httpport", "8001")
-
-	err := beego.LoadAppConfig("ini", "app.conf")
-	assert.Nil(t, err)
-
-	for _, scenery := range scenarios {
-		t.Run(scenery.description, func(t *testing.T) {
-			actual, err := GetConfigInt64(scenery.input)
-			assert.Nil(t, err)
-			assert.Equal(t, scenery.expected, int(actual))
-		})
-	}
-}
-
-func TestGetConfBool(t *testing.T) {
-	scenarios := []struct {
-		description string
-		input       string
-		expected    interface{}
-	}{
-		{"Should be return false", "copyrequestbody", true},
-	}
-
-	err := beego.LoadAppConfig("ini", "app.conf")
-	assert.Nil(t, err)
-	for _, scenery := range scenarios {
-		t.Run(scenery.description, func(t *testing.T) {
-			actual := GetConfigBool(scenery.input)
-			assert.Nil(t, err)
-			assert.Equal(t, scenery.expected, actual)
-		})
-	}
-}
-
-func TestGetConfigQuota(t *testing.T) {
-	scenarios := []struct {
-		description string
-		expected    *Quota
-	}{
-		{"default", &Quota{-1, -1, -1, -1}},
-	}
-
-	err := beego.LoadAppConfig("ini", "app.conf")
-	assert.Nil(t, err)
-	for _, scenery := range scenarios {
-		quota := GetConfigQuota()
-		assert.Equal(t, scenery.expected, quota)
-	}
-}
-
-func TestGetConfigLogs(t *testing.T) {
-	scenarios := []struct {
-		description string
-		expected    string
-	}{
-		{"Default log config", `{"filename": "logs/casdoor.log", "maxdays":99999, "perm":"0770"}`},
-	}
-
-	err := beego.LoadAppConfig("ini", "app.conf")
-	assert.Nil(t, err)
-	for _, scenery := range scenarios {
-		quota := GetConfigString("logConfig")
-		assert.Equal(t, scenery.expected, quota)
-	}
-}
--- a/controllers/account.go
+++ b/controllers/account.go
@ -1,561 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-	"fmt"
-	"net/http"
-	"strings"
-
-	"github.com/casdoor/casdoor/form"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-const (
-	ResponseTypeLogin   = "login"
-	ResponseTypeCode    = "code"
-	ResponseTypeToken   = "token"
-	ResponseTypeIdToken = "id_token"
-	ResponseTypeSaml    = "saml"
-	ResponseTypeCas     = "cas"
-)
-
-type Response struct {
-	Status string      `json:"status"`
-	Msg    string      `json:"msg"`
-	Sub    string      `json:"sub"`
-	Name   string      `json:"name"`
-	Data   interface{} `json:"data"`
-	Data2  interface{} `json:"data2"`
-}
-
-type Captcha struct {
-	Owner         string `json:"owner"`
-	Name          string `json:"name"`
-	Type          string `json:"type"`
-	AppKey        string `json:"appKey"`
-	Scene         string `json:"scene"`
-	CaptchaId     string `json:"captchaId"`
-	CaptchaImage  []byte `json:"captchaImage"`
-	ClientId      string `json:"clientId"`
-	ClientSecret  string `json:"clientSecret"`
-	ClientId2     string `json:"clientId2"`
-	ClientSecret2 string `json:"clientSecret2"`
-	SubType       string `json:"subType"`
-}
-
-// this API is used by "Api URL" of Flarum's FoF Passport plugin
-// https://github.com/FriendsOfFlarum/passport
-type LaravelResponse struct {
-	Id              string `json:"id"`
-	Name            string `json:"name"`
-	Email           string `json:"email"`
-	EmailVerifiedAt string `json:"email_verified_at"`
-	CreatedAt       string `json:"created_at"`
-	UpdatedAt       string `json:"updated_at"`
-}
-
-// Signup
-// @Tag Login API
-// @Title Signup
-// @Description sign up a new user
-// @Param   username     formData    string  true        "The username to sign up"
-// @Param   password     formData    string  true        "The password"
-// @Success 200 {object} controllers.Response The Response object
-// @router /signup [post]
-func (c *ApiController) Signup() {
-	if c.GetSessionUsername() != "" {
-		c.ResponseError(c.T("account:Please sign out first"), c.GetSessionUsername())
-		return
-	}
-
-	var authForm form.AuthForm
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &authForm)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	application, err := object.GetApplication(fmt.Sprintf("admin/%s", authForm.Application))
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	if application == nil {
-		c.ResponseError(fmt.Sprintf(c.T("auth:The application: %s does not exist"), authForm.Application))
-		return
-	}
-
-	if !application.EnableSignUp {
-		c.ResponseError(c.T("account:The application does not allow to sign up new account"))
-		return
-	}
-
-	organization, err := object.GetOrganization(util.GetId("admin", authForm.Organization))
-	if err != nil {
-		c.ResponseError(c.T(err.Error()))
-		return
-	}
-
-	if organization == nil {
-		c.ResponseError(fmt.Sprintf(c.T("auth:The organization: %s does not exist"), authForm.Organization))
-		return
-	}
-
-	msg := object.CheckUserSignup(application, organization, &authForm, c.GetAcceptLanguage())
-	if msg != "" {
-		c.ResponseError(msg)
-		return
-	}
-
-	invitation, msg := object.CheckInvitationCode(application, organization, &authForm, c.GetAcceptLanguage())
-	if msg != "" {
-		c.ResponseError(msg)
-		return
-	}
-	invitationName := ""
-	if invitation != nil {
-		invitationName = invitation.Name
-	}
-
-	if application.IsSignupItemVisible("Email") && application.GetSignupItemRule("Email") != "No verification" && authForm.Email != "" {
-		var checkResult *object.VerifyResult
-		checkResult, err = object.CheckVerificationCode(authForm.Email, authForm.EmailCode, c.GetAcceptLanguage())
-		if err != nil {
-			c.ResponseError(c.T(err.Error()))
-			return
-		}
-		if checkResult.Code != object.VerificationSuccess {
-			c.ResponseError(checkResult.Msg)
-			return
-		}
-	}
-
-	var checkPhone string
-	if application.IsSignupItemVisible("Phone") && application.GetSignupItemRule("Phone") != "No verification" && authForm.Phone != "" {
-		checkPhone, _ = util.GetE164Number(authForm.Phone, authForm.CountryCode)
-
-		var checkResult *object.VerifyResult
-		checkResult, err = object.CheckVerificationCode(checkPhone, authForm.PhoneCode, c.GetAcceptLanguage())
-		if err != nil {
-			c.ResponseError(c.T(err.Error()))
-			return
-		}
-		if checkResult.Code != object.VerificationSuccess {
-			c.ResponseError(checkResult.Msg)
-			return
-		}
-	}
-
-	id, err := object.GenerateIdForNewUser(application)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	username := authForm.Username
-	if !application.IsSignupItemVisible("Username") {
-		if organization.UseEmailAsUsername && application.IsSignupItemVisible("Email") {
-			username = authForm.Email
-		} else {
-			username = id
-		}
-	}
-
-	initScore, err := organization.GetInitScore()
-	if err != nil {
-		c.ResponseError(fmt.Errorf(c.T("account:Get init score failed, error: %w"), err).Error())
-		return
-	}
-
-	userType := "normal-user"
-	if authForm.Plan != "" && authForm.Pricing != "" {
-		err = object.CheckPricingAndPlan(authForm.Organization, authForm.Pricing, authForm.Plan)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-		userType = "paid-user"
-	}
-
-	user := &object.User{
-		Owner:             authForm.Organization,
-		Name:              username,
-		CreatedTime:       util.GetCurrentTime(),
-		Id:                id,
-		Type:              userType,
-		Password:          authForm.Password,
-		DisplayName:       authForm.Name,
-		Avatar:            organization.DefaultAvatar,
-		Email:             authForm.Email,
-		Phone:             authForm.Phone,
-		CountryCode:       authForm.CountryCode,
-		Address:           []string{},
-		Affiliation:       authForm.Affiliation,
-		IdCard:            authForm.IdCard,
-		Region:            authForm.Region,
-		Score:             initScore,
-		IsAdmin:           false,
-		IsForbidden:       false,
-		IsDeleted:         false,
-		SignupApplication: application.Name,
-		Properties:        map[string]string{},
-		Karma:             0,
-		Invitation:        invitationName,
-		InvitationCode:    authForm.InvitationCode,
-	}
-
-	if len(organization.Tags) > 0 {
-		tokens := strings.Split(organization.Tags[0], "|")
-		if len(tokens) > 0 {
-			user.Tag = tokens[0]
-		}
-	}
-
-	if application.GetSignupItemRule("Display name") == "First, last" {
-		if authForm.FirstName != "" || authForm.LastName != "" {
-			user.DisplayName = fmt.Sprintf("%s %s", authForm.FirstName, authForm.LastName)
-			user.FirstName = authForm.FirstName
-			user.LastName = authForm.LastName
-		}
-	}
-
-	affected, err := object.AddUser(user)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if !affected {
-		c.ResponseError(c.T("account:Failed to add user"), util.StructToJson(user))
-		return
-	}
-
-	err = object.AddUserToOriginalDatabase(user)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if invitation != nil {
-		invitation.UsedCount += 1
-		_, err := object.UpdateInvitation(invitation.GetId(), invitation, c.GetAcceptLanguage())
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-	}
-
-	if application.HasPromptPage() && user.Type == "normal-user" {
-		// The prompt page needs the user to be signed in
-		c.SetSessionUsername(user.GetId())
-	}
-
-	if authForm.Email != "" {
-		err = object.DisableVerificationCode(authForm.Email)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-	}
-
-	if checkPhone != "" {
-		err = object.DisableVerificationCode(checkPhone)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-	}
-
-	c.Ctx.Input.SetParam("recordUserId", user.GetId())
-	c.Ctx.Input.SetParam("recordSignup", "true")
-
-	userId := user.GetId()
-	util.LogInfo(c.Ctx, "API: [%s] is signed up as new user", userId)
-
-	c.ResponseOk(userId)
-}
-
-// Logout
-// @Title Logout
-// @Tag Login API
-// @Description logout the current user
-// @Param   id_token_hint   query        string  false        "id_token_hint"
-// @Param   post_logout_redirect_uri    query    string  false     "post_logout_redirect_uri"
-// @Param   state     query    string  false     "state"
-// @Success 200 {object} controllers.Response The Response object
-// @router /logout [post]
-func (c *ApiController) Logout() {
-	// https://openid.net/specs/openid-connect-rpinitiated-1_0-final.html
-	accessToken := c.Input().Get("id_token_hint")
-	redirectUri := c.Input().Get("post_logout_redirect_uri")
-	state := c.Input().Get("state")
-
-	user := c.GetSessionUsername()
-
-	if accessToken == "" && redirectUri == "" {
-		// TODO https://github.com/casdoor/casdoor/pull/1494#discussion_r1095675265
-		if user == "" {
-			c.ResponseOk()
-			return
-		}
-
-		c.ClearUserSession()
-		c.ClearTokenSession()
-		owner, username := util.GetOwnerAndNameFromId(user)
-		_, err := object.DeleteSessionId(util.GetSessionId(owner, username, object.CasdoorApplication), c.Ctx.Input.CruSession.SessionID())
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		util.LogInfo(c.Ctx, "API: [%s] logged out", user)
-
-		application := c.GetSessionApplication()
-		if application == nil || application.Name == "app-built-in" || application.HomepageUrl == "" {
-			c.ResponseOk(user)
-			return
-		}
-		c.ResponseOk(user, application.HomepageUrl)
-		return
-	} else {
-		// "post_logout_redirect_uri" has been made optional, see: https://github.com/casdoor/casdoor/issues/2151
-		// if redirectUri == "" {
-		// 	c.ResponseError(c.T("general:Missing parameter") + ": post_logout_redirect_uri")
-		// 	return
-		// }
-		if accessToken == "" {
-			c.ResponseError(c.T("general:Missing parameter") + ": id_token_hint")
-			return
-		}
-
-		_, application, token, err := object.ExpireTokenByAccessToken(accessToken)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-		if token == nil {
-			c.ResponseError(c.T("token:Token not found, invalid accessToken"))
-			return
-		}
-		if application == nil {
-			c.ResponseError(fmt.Sprintf(c.T("auth:The application: %s does not exist")), token.Application)
-			return
-		}
-
-		if user == "" {
-			user = util.GetId(token.Organization, token.User)
-		}
-
-		c.ClearUserSession()
-		c.ClearTokenSession()
-		// TODO https://github.com/casdoor/casdoor/pull/1494#discussion_r1095675265
-		owner, username := util.GetOwnerAndNameFromId(user)
-
-		_, err = object.DeleteSessionId(util.GetSessionId(owner, username, object.CasdoorApplication), c.Ctx.Input.CruSession.SessionID())
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		util.LogInfo(c.Ctx, "API: [%s] logged out", user)
-
-		if redirectUri == "" {
-			c.ResponseOk()
-			return
-		} else {
-			if application.IsRedirectUriValid(redirectUri) {
-				redirectUrl := redirectUri
-				if state != "" {
-					if strings.Contains(redirectUri, "?") {
-						redirectUrl = fmt.Sprintf("%s&state=%s", strings.TrimSuffix(redirectUri, "/"), state)
-					} else {
-						redirectUrl = fmt.Sprintf("%s?state=%s", strings.TrimSuffix(redirectUri, "/"), state)
-					}
-				}
-				c.Ctx.Redirect(http.StatusFound, redirectUrl)
-			} else {
-				c.ResponseError(fmt.Sprintf(c.T("token:Redirect URI: %s doesn't exist in the allowed Redirect URI list"), redirectUri))
-				return
-			}
-		}
-	}
-}
-
-// GetAccount
-// @Title GetAccount
-// @Tag Account API
-// @Description get the details of the current account
-// @Success 200 {object} controllers.Response The Response object
-// @router /get-account [get]
-func (c *ApiController) GetAccount() {
-	var err error
-	user, ok := c.RequireSignedInUser()
-	if !ok {
-		return
-	}
-
-	managedAccounts := c.Input().Get("managedAccounts")
-	if managedAccounts == "1" {
-		user, err = object.ExtendManagedAccountsWithUser(user)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-	}
-
-	err = object.ExtendUserWithRolesAndPermissions(user)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if user != nil {
-		user.Permissions = object.GetMaskedPermissions(user.Permissions)
-		user.Roles = object.GetMaskedRoles(user.Roles)
-		user.MultiFactorAuths = object.GetAllMfaProps(user, true)
-	}
-
-	organization, err := object.GetMaskedOrganization(object.GetOrganizationByUser(user))
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	isAdminOrSelf := c.IsAdminOrSelf(user)
-	u, err := object.GetMaskedUser(user, isAdminOrSelf)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	accessToken := c.GetSessionToken()
-	if accessToken == "" {
-		accessToken, err = object.GetAccessTokenByUser(user, c.Ctx.Request.Host)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-		c.SetSessionToken(accessToken)
-	}
-	u.AccessToken = accessToken
-
-	resp := Response{
-		Status: "ok",
-		Sub:    user.Id,
-		Name:   user.Name,
-		Data:   u,
-		Data2:  organization,
-	}
-	c.Data["json"] = resp
-	c.ServeJSON()
-}
-
-// GetUserinfo
-// UserInfo
-// @Title UserInfo
-// @Tag Account API
-// @Description return user information according to OIDC standards
-// @Success 200 {object} object.Userinfo The Response object
-// @router /userinfo [get]
-func (c *ApiController) GetUserinfo() {
-	user, ok := c.RequireSignedInUser()
-	if !ok {
-		return
-	}
-
-	scope, aud := c.GetSessionOidc()
-	host := c.Ctx.Request.Host
-
-	userInfo, err := object.GetUserInfo(user, scope, aud, host)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = userInfo
-	c.ServeJSON()
-}
-
-// GetUserinfo2
-// LaravelResponse
-// @Title UserInfo2
-// @Tag Account API
-// @Description return Laravel compatible user information according to OAuth 2.0
-// @Success 200 {object} controllers.LaravelResponse The Response object
-// @router /user [get]
-func (c *ApiController) GetUserinfo2() {
-	user, ok := c.RequireSignedInUser()
-	if !ok {
-		return
-	}
-
-	response := LaravelResponse{
-		Id:              user.Id,
-		Name:            user.Name,
-		Email:           user.Email,
-		EmailVerifiedAt: user.CreatedTime,
-		CreatedAt:       user.CreatedTime,
-		UpdatedAt:       user.UpdatedTime,
-	}
-
-	c.Data["json"] = response
-	c.ServeJSON()
-}
-
-// GetCaptcha ...
-// @Tag Login API
-// @Title GetCaptcha
-// @router /get-captcha [get]
-// @Success 200 {object} object.Userinfo The Response object
-func (c *ApiController) GetCaptcha() {
-	applicationId := c.Input().Get("applicationId")
-	isCurrentProvider := c.Input().Get("isCurrentProvider")
-
-	captchaProvider, err := object.GetCaptchaProviderByApplication(applicationId, isCurrentProvider, c.GetAcceptLanguage())
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if captchaProvider != nil {
-		if captchaProvider.Type == "Default" {
-			id, img, err := object.GetCaptcha()
-			if err != nil {
-				c.ResponseError(err.Error())
-				return
-			}
-
-			c.ResponseOk(Captcha{Owner: captchaProvider.Owner, Name: captchaProvider.Name, Type: captchaProvider.Type, CaptchaId: id, CaptchaImage: img})
-			return
-		} else if captchaProvider.Type != "" {
-			c.ResponseOk(Captcha{
-				Owner:         captchaProvider.Owner,
-				Name:          captchaProvider.Name,
-				Type:          captchaProvider.Type,
-				SubType:       captchaProvider.SubType,
-				ClientId:      captchaProvider.ClientId,
-				ClientSecret:  "***",
-				ClientId2:     captchaProvider.ClientId2,
-				ClientSecret2: captchaProvider.ClientSecret2,
-			})
-			return
-		}
-	}
-
-	c.ResponseOk(Captcha{Type: "none"})
-}
--- a/controllers/adapter.go
+++ b/controllers/adapter.go
@ -1,145 +0,0 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetAdapters
-// @Title GetAdapters
-// @Tag Adapter API
-// @Description get adapters
-// @Param   owner     query    string  true        "The owner of adapters"
-// @Success 200 {array} object.Adapter The Response object
-// @router /get-adapters [get]
-func (c *ApiController) GetAdapters() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-
-	if limit == "" || page == "" {
-		adapters, err := object.GetAdapters(owner)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(adapters)
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetAdapterCount(owner, field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		adapters, err := object.GetPaginationAdapters(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(adapters, paginator.Nums())
-	}
-}
-
-// GetAdapter
-// @Title GetAdapter
-// @Tag Adapter API
-// @Description get adapter
-// @Param   id     query    string  true        "The id ( owner/name ) of the adapter"
-// @Success 200 {object} object.Adapter The Response object
-// @router /get-adapter [get]
-func (c *ApiController) GetAdapter() {
-	id := c.Input().Get("id")
-
-	adapter, err := object.GetAdapter(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(adapter)
-}
-
-// UpdateAdapter
-// @Title UpdateAdapter
-// @Tag Adapter API
-// @Description update adapter
-// @Param   id     query    string  true        "The id ( owner/name ) of the adapter"
-// @Param   body    body   object.Adapter  true        "The details of the adapter"
-// @Success 200 {object} controllers.Response The Response object
-// @router /update-adapter [post]
-func (c *ApiController) UpdateAdapter() {
-	id := c.Input().Get("id")
-
-	var adapter object.Adapter
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &adapter)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.UpdateAdapter(id, &adapter))
-	c.ServeJSON()
-}
-
-// AddAdapter
-// @Title AddAdapter
-// @Tag Adapter API
-// @Description add adapter
-// @Param   body    body   object.Adapter  true        "The details of the adapter"
-// @Success 200 {object} controllers.Response The Response object
-// @router /add-adapter [post]
-func (c *ApiController) AddAdapter() {
-	var adapter object.Adapter
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &adapter)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.AddAdapter(&adapter))
-	c.ServeJSON()
-}
-
-// DeleteAdapter
-// @Title DeleteAdapter
-// @Tag Adapter API
-// @Description delete adapter
-// @Param   body    body   object.Adapter  true        "The details of the adapter"
-// @Success 200 {object} controllers.Response The Response object
-// @router /delete-adapter [post]
-func (c *ApiController) DeleteAdapter() {
-	var adapter object.Adapter
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &adapter)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.DeleteAdapter(&adapter))
-	c.ServeJSON()
-}
--- a/controllers/application.go
+++ b/controllers/application.go
@ -1,283 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-	"fmt"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetApplications
-// @Title GetApplications
-// @Tag Application API
-// @Description get all applications
-// @Param   owner     query    string  true        "The owner of applications."
-// @Success 200 {array} object.Application The Response object
-// @router /get-applications [get]
-func (c *ApiController) GetApplications() {
-	userId := c.GetSessionUsername()
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-	organization := c.Input().Get("organization")
-	var err error
-	if limit == "" || page == "" {
-		var applications []*object.Application
-		if organization == "" {
-			applications, err = object.GetApplications(owner)
-		} else {
-			applications, err = object.GetOrganizationApplications(owner, organization)
-		}
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-		c.ResponseOk(object.GetMaskedApplications(applications, userId))
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetApplicationCount(owner, field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		application, err := object.GetPaginationApplications(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		applications := object.GetMaskedApplications(application, userId)
-		c.ResponseOk(applications, paginator.Nums())
-	}
-}
-
-// GetApplication
-// @Title GetApplication
-// @Tag Application API
-// @Description get the detail of an application
-// @Param   id     query    string  true        "The id ( owner/name ) of the application."
-// @Success 200 {object} object.Application The Response object
-// @router /get-application [get]
-func (c *ApiController) GetApplication() {
-	userId := c.GetSessionUsername()
-	id := c.Input().Get("id")
-
-	application, err := object.GetApplication(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if c.Input().Get("withKey") != "" && application != nil && application.Cert != "" {
-		cert, err := object.GetCert(util.GetId(application.Owner, application.Cert))
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		if cert == nil {
-			cert, err = object.GetCert(util.GetId(application.Organization, application.Cert))
-			if err != nil {
-				c.ResponseError(err.Error())
-				return
-			}
-		}
-
-		if cert != nil {
-			application.CertPublicKey = cert.Certificate
-		}
-	}
-
-	c.ResponseOk(object.GetMaskedApplication(application, userId))
-}
-
-// GetUserApplication
-// @Title GetUserApplication
-// @Tag Application API
-// @Description get the detail of the user's application
-// @Param   id     query    string  true        "The id ( owner/name ) of the user"
-// @Success 200 {object} object.Application The Response object
-// @router /get-user-application [get]
-func (c *ApiController) GetUserApplication() {
-	userId := c.GetSessionUsername()
-	id := c.Input().Get("id")
-
-	user, err := object.GetUser(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	if user == nil {
-		c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), id))
-		return
-	}
-
-	application, err := object.GetApplicationByUser(user)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	if application == nil {
-		c.ResponseError(fmt.Sprintf(c.T("general:The organization: %s should have one application at least"), user.Owner))
-		return
-	}
-
-	c.ResponseOk(object.GetMaskedApplication(application, userId))
-}
-
-// GetOrganizationApplications
-// @Title GetOrganizationApplications
-// @Tag Application API
-// @Description get the detail of the organization's application
-// @Param   organization     query    string  true        "The organization name"
-// @Success 200 {array} object.Application The Response object
-// @router /get-organization-applications [get]
-func (c *ApiController) GetOrganizationApplications() {
-	userId := c.GetSessionUsername()
-	organization := c.Input().Get("organization")
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-
-	if organization == "" {
-		c.ResponseError(c.T("general:Missing parameter") + ": organization")
-		return
-	}
-
-	if limit == "" || page == "" {
-		applications, err := object.GetOrganizationApplications(owner, organization)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		applications, err = object.GetAllowedApplications(applications, userId, c.GetAcceptLanguage())
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(object.GetMaskedApplications(applications, userId))
-	} else {
-		limit := util.ParseInt(limit)
-
-		count, err := object.GetOrganizationApplicationCount(owner, organization, field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		applications, err := object.GetPaginationOrganizationApplications(owner, organization, paginator.Offset(), limit, field, value, sortField, sortOrder)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		applications, err = object.GetAllowedApplications(applications, userId, c.GetAcceptLanguage())
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		applications = object.GetMaskedApplications(applications, userId)
-		c.ResponseOk(applications, paginator.Nums())
-	}
-}
-
-// UpdateApplication
-// @Title UpdateApplication
-// @Tag Application API
-// @Description update an application
-// @Param   id     query    string  true        "The id ( owner/name ) of the application"
-// @Param   body    body   object.Application  true        "The details of the application"
-// @Success 200 {object} controllers.Response The Response object
-// @router /update-application [post]
-func (c *ApiController) UpdateApplication() {
-	id := c.Input().Get("id")
-
-	var application object.Application
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &application)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.UpdateApplication(id, &application))
-	c.ServeJSON()
-}
-
-// AddApplication
-// @Title AddApplication
-// @Tag Application API
-// @Description add an application
-// @Param   body    body   object.Application  true        "The details of the application"
-// @Success 200 {object} controllers.Response The Response object
-// @router /add-application [post]
-func (c *ApiController) AddApplication() {
-	var application object.Application
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &application)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	count, err := object.GetApplicationCount("", "", "")
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if err := checkQuotaForApplication(int(count)); err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.AddApplication(&application))
-	c.ServeJSON()
-}
-
-// DeleteApplication
-// @Title DeleteApplication
-// @Tag Application API
-// @Description delete an application
-// @Param   body    body   object.Application  true        "The details of the application"
-// @Success 200 {object} controllers.Response The Response object
-// @router /delete-application [post]
-func (c *ApiController) DeleteApplication() {
-	var application object.Application
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &application)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.DeleteApplication(&application))
-	c.ServeJSON()
-}
--- a/controllers/auth.go
+++ b/controllers/auth.go
--- a/controllers/base.go
+++ b/controllers/base.go
@ -1,261 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"strings"
-	"time"
-
-	"github.com/beego/beego"
-	"github.com/beego/beego/logs"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// ApiController
-// controller for handlers under /api uri
-type ApiController struct {
-	beego.Controller
-}
-
-// RootController
-// controller for handlers directly under / (root)
-type RootController struct {
-	ApiController
-}
-
-type SessionData struct {
-	ExpireTime int64
-}
-
-func (c *ApiController) IsGlobalAdmin() bool {
-	isGlobalAdmin, _ := c.isGlobalAdmin()
-
-	return isGlobalAdmin
-}
-
-func (c *ApiController) IsAdmin() bool {
-	isGlobalAdmin, user := c.isGlobalAdmin()
-	if !isGlobalAdmin && user == nil {
-		return false
-	}
-
-	return isGlobalAdmin || user.IsAdmin
-}
-
-func (c *ApiController) IsAdminOrSelf(user2 *object.User) bool {
-	isGlobalAdmin, user := c.isGlobalAdmin()
-	if isGlobalAdmin || (user != nil && user.IsAdmin) {
-		return true
-	}
-
-	if user == nil || user2 == nil {
-		return false
-	}
-
-	if user.Owner == user2.Owner && user.Name == user2.Name {
-		return true
-	}
-	return false
-}
-
-func (c *ApiController) isGlobalAdmin() (bool, *object.User) {
-	username := c.GetSessionUsername()
-	if object.IsAppUser(username) {
-		// e.g., "app/app-casnode"
-		return true, nil
-	}
-
-	user := c.getCurrentUser()
-	if user == nil {
-		return false, nil
-	}
-
-	return user.IsGlobalAdmin(), user
-}
-
-func (c *ApiController) getCurrentUser() *object.User {
-	var user *object.User
-	var err error
-	userId := c.GetSessionUsername()
-	if userId == "" {
-		user = nil
-	} else {
-		user, err = object.GetUser(userId)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return nil
-		}
-	}
-	return user
-}
-
-// GetSessionUsername ...
-func (c *ApiController) GetSessionUsername() string {
-	// check if user session expired
-	sessionData := c.GetSessionData()
-
-	if sessionData != nil &&
-		sessionData.ExpireTime != 0 &&
-		sessionData.ExpireTime < time.Now().Unix() {
-		c.ClearUserSession()
-		return ""
-	}
-
-	user := c.GetSession("username")
-	if user == nil {
-		return ""
-	}
-
-	return user.(string)
-}
-
-func (c *ApiController) GetSessionToken() string {
-	accessToken := c.GetSession("accessToken")
-	if accessToken == nil {
-		return ""
-	}
-
-	return accessToken.(string)
-}
-
-func (c *ApiController) GetSessionApplication() *object.Application {
-	clientId := c.GetSession("aud")
-	if clientId == nil {
-		return nil
-	}
-	application, err := object.GetApplicationByClientId(clientId.(string))
-	if err != nil {
-		c.ResponseError(err.Error())
-		return nil
-	}
-
-	return application
-}
-
-func (c *ApiController) ClearUserSession() {
-	c.SetSessionUsername("")
-	c.SetSessionData(nil)
-}
-
-func (c *ApiController) ClearTokenSession() {
-	c.SetSessionToken("")
-}
-
-func (c *ApiController) GetSessionOidc() (string, string) {
-	sessionData := c.GetSessionData()
-	if sessionData != nil &&
-		sessionData.ExpireTime != 0 &&
-		sessionData.ExpireTime < time.Now().Unix() {
-		c.ClearUserSession()
-		return "", ""
-	}
-	scopeValue := c.GetSession("scope")
-	audValue := c.GetSession("aud")
-	var scope, aud string
-	var ok bool
-	if scope, ok = scopeValue.(string); !ok {
-		scope = ""
-	}
-	if aud, ok = audValue.(string); !ok {
-		aud = ""
-	}
-	return scope, aud
-}
-
-// SetSessionUsername ...
-func (c *ApiController) SetSessionUsername(user string) {
-	c.SetSession("username", user)
-}
-
-func (c *ApiController) SetSessionToken(accessToken string) {
-	c.SetSession("accessToken", accessToken)
-}
-
-// GetSessionData ...
-func (c *ApiController) GetSessionData() *SessionData {
-	session := c.GetSession("SessionData")
-	if session == nil {
-		return nil
-	}
-
-	sessionData := &SessionData{}
-	err := util.JsonToStruct(session.(string), sessionData)
-	if err != nil {
-		logs.Error("GetSessionData failed, error: %s", err)
-		return nil
-	}
-
-	return sessionData
-}
-
-// SetSessionData ...
-func (c *ApiController) SetSessionData(s *SessionData) {
-	if s == nil {
-		c.DelSession("SessionData")
-		return
-	}
-
-	c.SetSession("SessionData", util.StructToJson(s))
-}
-
-func (c *ApiController) setMfaUserSession(userId string) {
-	c.SetSession(object.MfaSessionUserId, userId)
-}
-
-func (c *ApiController) getMfaUserSession() string {
-	userId := c.Ctx.Input.CruSession.Get(object.MfaSessionUserId)
-	if userId == nil {
-		return ""
-	}
-	return userId.(string)
-}
-
-func (c *ApiController) setExpireForSession() {
-	timestamp := time.Now().Unix()
-	timestamp += 3600 * 24
-	c.SetSessionData(&SessionData{
-		ExpireTime: timestamp,
-	})
-}
-
-func wrapActionResponse(affected bool, e ...error) *Response {
-	if len(e) != 0 && e[0] != nil {
-		return &Response{Status: "error", Msg: e[0].Error()}
-	} else if affected {
-		return &Response{Status: "ok", Msg: "", Data: "Affected"}
-	} else {
-		return &Response{Status: "ok", Msg: "", Data: "Unaffected"}
-	}
-}
-
-func wrapErrorResponse(err error) *Response {
-	if err == nil {
-		return &Response{Status: "ok", Msg: ""}
-	} else {
-		return &Response{Status: "error", Msg: err.Error()}
-	}
-}
-
-func (c *ApiController) Finish() {
-	if strings.HasPrefix(c.Ctx.Input.URL(), "/api") {
-		startTime := c.Ctx.Input.GetData("startTime")
-		if startTime != nil {
-			latency := time.Since(startTime.(time.Time)).Milliseconds()
-			object.ApiLatency.WithLabelValues(c.Ctx.Input.URL(), c.Ctx.Input.Method()).Observe(float64(latency))
-		}
-	}
-	c.Controller.Finish()
-}
--- a/controllers/cas.go
+++ b/controllers/cas.go
@ -1,281 +0,0 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/xml"
-	"fmt"
-	"net/http"
-	"net/url"
-	"strings"
-
-	"github.com/casdoor/casdoor/object"
-)
-
-const (
-	InvalidRequest           string = "INVALID_REQUEST"
-	InvalidTicketSpec        string = "INVALID_TICKET_SPEC"
-	UnauthorizedServiceProxy string = "UNAUTHORIZED_SERVICE_PROXY"
-	InvalidProxyCallback     string = "INVALID_PROXY_CALLBACK"
-	InvalidTicket            string = "INVALID_TICKET"
-	InvalidService           string = "INVALID_SERVICE"
-	InternalError            string = "INTERNAL_ERROR"
-	UnauthorizedService      string = "UNAUTHORIZED_SERVICE"
-)
-
-func queryUnescape(service string) string {
-	s, _ := url.QueryUnescape(service)
-	return s
-}
-
-func (c *RootController) CasValidate() {
-	ticket := c.Input().Get("ticket")
-	service := c.Input().Get("service")
-	c.Ctx.Output.Header("Content-Type", "text/html; charset=utf-8")
-	if service == "" || ticket == "" {
-		c.Ctx.Output.Body([]byte("no\n"))
-		return
-	}
-	if ok, response, issuedService, _ := object.GetCasTokenByTicket(ticket); ok {
-		// check whether service is the one for which we previously issued token
-		if issuedService == service {
-			c.Ctx.Output.Body([]byte(fmt.Sprintf("yes\n%s\n", response.User)))
-			return
-		}
-	}
-	// token not found
-	c.Ctx.Output.Body([]byte("no\n"))
-}
-
-func (c *RootController) CasServiceValidate() {
-	ticket := c.Input().Get("ticket")
-	format := c.Input().Get("format")
-	if !strings.HasPrefix(ticket, "ST") {
-		c.sendCasAuthenticationResponseErr(InvalidTicket, fmt.Sprintf("Ticket %s not recognized", ticket), format)
-	}
-	c.CasP3ProxyValidate()
-}
-
-func (c *RootController) CasProxyValidate() {
-	// https://apereo.github.io/cas/6.6.x/protocol/CAS-Protocol-Specification.html#26-proxyvalidate-cas-20
-	// "/proxyValidate" should accept both service tickets and proxy tickets.
-	c.CasP3ProxyValidate()
-}
-
-func (c *RootController) CasP3ServiceValidate() {
-	ticket := c.Input().Get("ticket")
-	format := c.Input().Get("format")
-	if !strings.HasPrefix(ticket, "ST") {
-		c.sendCasAuthenticationResponseErr(InvalidTicket, fmt.Sprintf("Ticket %s not recognized", ticket), format)
-	}
-	c.CasP3ProxyValidate()
-}
-
-func (c *RootController) CasP3ProxyValidate() {
-	ticket := c.Input().Get("ticket")
-	format := c.Input().Get("format")
-	service := c.Input().Get("service")
-	pgtUrl := c.Input().Get("pgtUrl")
-
-	serviceResponse := object.CasServiceResponse{
-		Xmlns: "http://www.yale.edu/tp/cas",
-	}
-
-	// check whether all required parameters are met
-	if service == "" || ticket == "" {
-		c.sendCasAuthenticationResponseErr(InvalidRequest, "service and ticket must exist", format)
-		return
-	}
-	ok, response, issuedService, userId := object.GetCasTokenByTicket(ticket)
-	// find the token
-	if ok {
-		// check whether service is the one for which we previously issued token
-		if strings.HasPrefix(service, issuedService) || strings.HasPrefix(queryUnescape(service), issuedService) {
-			serviceResponse.Success = response
-		} else {
-			// service not match
-			c.sendCasAuthenticationResponseErr(InvalidService, fmt.Sprintf("service %s and %s does not match", service, issuedService), format)
-			return
-		}
-	} else {
-		// token not found
-		c.sendCasAuthenticationResponseErr(InvalidTicket, fmt.Sprintf("Ticket %s not recognized", ticket), format)
-		return
-	}
-
-	if pgtUrl != "" && serviceResponse.Failure == nil {
-		// that means we are in proxy web flow
-		pgt := object.StoreCasTokenForPgt(serviceResponse.Success, service, userId)
-		pgtiou := serviceResponse.Success.ProxyGrantingTicket
-		// todo: check whether it is https
-		pgtUrlObj, err := url.Parse(pgtUrl)
-		if err != nil {
-			c.sendCasAuthenticationResponseErr(InvalidProxyCallback, err.Error(), format)
-			return
-		}
-
-		if pgtUrlObj.Scheme != "https" {
-			c.sendCasAuthenticationResponseErr(InvalidProxyCallback, "callback is not https", format)
-			return
-		}
-
-		// make a request to pgturl passing pgt and pgtiou
-		param := pgtUrlObj.Query()
-		param.Add("pgtId", pgt)
-		param.Add("pgtIou", pgtiou)
-		pgtUrlObj.RawQuery = param.Encode()
-
-		request, err := http.NewRequest("GET", pgtUrlObj.String(), nil)
-		if err != nil {
-			c.sendCasAuthenticationResponseErr(InternalError, err.Error(), format)
-			return
-		}
-
-		resp, err := http.DefaultClient.Do(request)
-		if err != nil || !(resp.StatusCode >= 200 && resp.StatusCode < 400) {
-			// failed to send request
-			c.sendCasAuthenticationResponseErr(InvalidProxyCallback, err.Error(), format)
-			return
-		}
-	}
-	// everything is ok, send the response
-	if format == "json" {
-		c.Data["json"] = serviceResponse
-		c.ServeJSON()
-	} else {
-		c.Data["xml"] = serviceResponse
-		c.ServeXML()
-	}
-}
-
-func (c *RootController) CasProxy() {
-	pgt := c.Input().Get("pgt")
-	targetService := c.Input().Get("targetService")
-	format := c.Input().Get("format")
-	if pgt == "" || targetService == "" {
-		c.sendCasProxyResponseErr(InvalidRequest, "pgt and targetService must exist", format)
-		return
-	}
-
-	ok, authenticationSuccess, issuedService, userId := object.GetCasTokenByPgt(pgt)
-	if !ok {
-		c.sendCasProxyResponseErr(UnauthorizedService, "service not authorized", format)
-		return
-	}
-
-	newAuthenticationSuccess := authenticationSuccess.DeepCopy()
-	if newAuthenticationSuccess.Proxies == nil {
-		newAuthenticationSuccess.Proxies = &object.CasProxies{}
-	}
-	newAuthenticationSuccess.Proxies.Proxies = append(newAuthenticationSuccess.Proxies.Proxies, issuedService)
-	proxyTicket := object.StoreCasTokenForProxyTicket(&newAuthenticationSuccess, targetService, userId)
-
-	serviceResponse := object.CasServiceResponse{
-		Xmlns: "http://www.yale.edu/tp/cas",
-		ProxySuccess: &object.CasProxySuccess{
-			ProxyTicket: proxyTicket,
-		},
-	}
-
-	if format == "json" {
-		c.Data["json"] = serviceResponse
-		c.ServeJSON()
-	} else {
-		c.Data["xml"] = serviceResponse
-		c.ServeXML()
-	}
-}
-
-func (c *RootController) SamlValidate() {
-	c.Ctx.Output.Header("Content-Type", "text/xml; charset=utf-8")
-	target := c.Input().Get("TARGET")
-	body := c.Ctx.Input.RequestBody
-	envelopRequest := struct {
-		XMLName xml.Name `xml:"Envelope"`
-		Body    struct {
-			XMLName xml.Name `xml:"Body"`
-			Content string   `xml:",innerxml"`
-		}
-	}{}
-
-	err := xml.Unmarshal(body, &envelopRequest)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	response, service, err := object.GetValidationBySaml(envelopRequest.Body.Content, c.Ctx.Request.Host)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if !strings.HasPrefix(target, service) {
-		c.ResponseError(fmt.Sprintf(c.T("cas:Service %s and %s do not match"), target, service))
-		return
-	}
-
-	envelopResponse := struct {
-		XMLName xml.Name `xml:"SOAP-ENV:Envelope"`
-		Xmlns   string   `xml:"xmlns:SOAP-ENV"`
-		Body    struct {
-			XMLName xml.Name `xml:"SOAP-ENV:Body"`
-			Content string   `xml:",innerxml"`
-		}
-	}{}
-	envelopResponse.Xmlns = "http://schemas.xmlsoap.org/soap/envelope/"
-	envelopResponse.Body.Content = response
-
-	data, err := xml.Marshal(envelopResponse)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	c.Ctx.Output.Body(data)
-}
-
-func (c *RootController) sendCasProxyResponseErr(code, msg, format string) {
-	serviceResponse := object.CasServiceResponse{
-		Xmlns: "http://www.yale.edu/tp/cas",
-		ProxyFailure: &object.CasProxyFailure{
-			Code:    code,
-			Message: msg,
-		},
-	}
-	if format == "json" {
-		c.Data["json"] = serviceResponse
-		c.ServeJSON()
-	} else {
-		c.Data["xml"] = serviceResponse
-		c.ServeXML()
-	}
-}
-
-func (c *RootController) sendCasAuthenticationResponseErr(code, msg, format string) {
-	serviceResponse := object.CasServiceResponse{
-		Xmlns: "http://www.yale.edu/tp/cas",
-		Failure: &object.CasAuthenticationFailure{
-			Code:    code,
-			Message: msg,
-		},
-	}
-	if format == "json" {
-		c.Data["json"] = serviceResponse
-		c.ServeJSON()
-	} else {
-		c.Data["xml"] = serviceResponse
-		c.ServeXML()
-	}
-}
--- a/controllers/casbin_api.go
+++ b/controllers/casbin_api.go
@ -1,329 +0,0 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-	"fmt"
-
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// Enforce
-// @Title Enforce
-// @Tag Enforcer API
-// @Description Call Casbin Enforce API
-// @Param   body    body   []string  true   "Casbin request"
-// @Param   permissionId    query   string  false   "permission id"
-// @Param   modelId    query   string  false   "model id"
-// @Param   resourceId    query   string  false   "resource id"
-// @Param   owner    query   string  false   "owner"
-// @Success 200 {object} controllers.Response The Response object
-// @router /enforce [post]
-func (c *ApiController) Enforce() {
-	permissionId := c.Input().Get("permissionId")
-	modelId := c.Input().Get("modelId")
-	resourceId := c.Input().Get("resourceId")
-	enforcerId := c.Input().Get("enforcerId")
-	owner := c.Input().Get("owner")
-
-	if len(c.Ctx.Input.RequestBody) == 0 {
-		c.ResponseError("The request body should not be empty")
-		return
-	}
-
-	var request []string
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &request)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if enforcerId != "" {
-		enforcer, err := object.GetInitializedEnforcer(enforcerId)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		res := []bool{}
-		keyRes := []string{}
-
-		// type transformation
-		interfaceRequest := util.StringToInterfaceArray(request)
-
-		enforceResult, err := enforcer.Enforce(interfaceRequest...)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		res = append(res, enforceResult)
-		keyRes = append(keyRes, enforcer.GetModelAndAdapter())
-
-		c.ResponseOk(res, keyRes)
-		return
-	}
-
-	if permissionId != "" {
-		permission, err := object.GetPermission(permissionId)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-		if permission == nil {
-			c.ResponseError(fmt.Sprintf(c.T("permission:The permission: \"%s\" doesn't exist"), permissionId))
-			return
-		}
-
-		res := []bool{}
-		keyRes := []string{}
-
-		enforceResult, err := object.Enforce(permission, request)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		res = append(res, enforceResult)
-		keyRes = append(keyRes, permission.GetModelAndAdapter())
-
-		c.ResponseOk(res, keyRes)
-		return
-	}
-
-	permissions := []*object.Permission{}
-	if modelId != "" {
-		owner, modelName := util.GetOwnerAndNameFromId(modelId)
-		permissions, err = object.GetPermissionsByModel(owner, modelName)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-	} else if resourceId != "" {
-		permissions, err = object.GetPermissionsByResource(resourceId)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-	} else if owner != "" {
-		permissions, err = object.GetPermissions(owner)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-	} else {
-		c.ResponseError(c.T("general:Missing parameter"))
-		return
-	}
-
-	res := []bool{}
-	keyRes := []string{}
-	listPermissionIdMap := object.GroupPermissionsByModelAdapter(permissions)
-	for key, permissionIds := range listPermissionIdMap {
-		firstPermission, err := object.GetPermission(permissionIds[0])
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		enforceResult, err := object.Enforce(firstPermission, request, permissionIds...)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		res = append(res, enforceResult)
-		keyRes = append(keyRes, key)
-	}
-
-	c.ResponseOk(res, keyRes)
-}
-
-// BatchEnforce
-// @Title BatchEnforce
-// @Tag Enforcer API
-// @Description Call Casbin BatchEnforce API
-// @Param   body    body   []string  true   "array of casbin requests"
-// @Param   permissionId    query   string  false   "permission id"
-// @Param   modelId    query   string  false   "model id"
-// @Param   owner    query   string  false   "owner"
-// @Success 200 {object} controllers.Response The Response object
-// @router /batch-enforce [post]
-func (c *ApiController) BatchEnforce() {
-	permissionId := c.Input().Get("permissionId")
-	modelId := c.Input().Get("modelId")
-	enforcerId := c.Input().Get("enforcerId")
-	owner := c.Input().Get("owner")
-
-	var requests [][]string
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &requests)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if enforcerId != "" {
-		enforcer, err := object.GetInitializedEnforcer(enforcerId)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		res := [][]bool{}
-		keyRes := []string{}
-
-		// type transformation
-		interfaceRequests := util.StringToInterfaceArray2d(requests)
-
-		enforceResult, err := enforcer.BatchEnforce(interfaceRequests)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		res = append(res, enforceResult)
-		keyRes = append(keyRes, enforcer.GetModelAndAdapter())
-
-		c.ResponseOk(res, keyRes)
-		return
-	}
-
-	if permissionId != "" {
-		permission, err := object.GetPermission(permissionId)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-		if permission == nil {
-			c.ResponseError(fmt.Sprintf(c.T("permission:The permission: \"%s\" doesn't exist"), permissionId))
-			return
-		}
-
-		res := [][]bool{}
-		keyRes := []string{}
-
-		enforceResult, err := object.BatchEnforce(permission, requests)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		res = append(res, enforceResult)
-		keyRes = append(keyRes, permission.GetModelAndAdapter())
-
-		c.ResponseOk(res, keyRes)
-		return
-	}
-
-	permissions := []*object.Permission{}
-	if modelId != "" {
-		owner, modelName := util.GetOwnerAndNameFromId(modelId)
-		permissions, err = object.GetPermissionsByModel(owner, modelName)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-	} else if owner != "" {
-		permissions, err = object.GetPermissions(owner)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-	} else {
-		c.ResponseError(c.T("general:Missing parameter"))
-		return
-	}
-
-	res := [][]bool{}
-	keyRes := []string{}
-	listPermissionIdMap := object.GroupPermissionsByModelAdapter(permissions)
-	for _, permissionIds := range listPermissionIdMap {
-		firstPermission, err := object.GetPermission(permissionIds[0])
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		enforceResult, err := object.BatchEnforce(firstPermission, requests, permissionIds...)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		res = append(res, enforceResult)
-		keyRes = append(keyRes, firstPermission.GetModelAndAdapter())
-	}
-
-	c.ResponseOk(res, keyRes)
-}
-
-func (c *ApiController) GetAllObjects() {
-	userId := c.Input().Get("userId")
-	if userId == "" {
-		userId = c.GetSessionUsername()
-		if userId == "" {
-			c.ResponseError(c.T("general:Please login first"))
-			return
-		}
-	}
-
-	objects, err := object.GetAllObjects(userId)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(objects)
-}
-
-func (c *ApiController) GetAllActions() {
-	userId := c.Input().Get("userId")
-	if userId == "" {
-		userId = c.GetSessionUsername()
-		if userId == "" {
-			c.ResponseError(c.T("general:Please login first"))
-			return
-		}
-	}
-
-	actions, err := object.GetAllActions(userId)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(actions)
-}
-
-func (c *ApiController) GetAllRoles() {
-	userId := c.Input().Get("userId")
-	if userId == "" {
-		userId = c.GetSessionUsername()
-		if userId == "" {
-			c.ResponseError(c.T("general:Please login first"))
-			return
-		}
-	}
-
-	roles, err := object.GetAllRoles(userId)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(roles)
-}
--- a/controllers/cert.go
+++ b/controllers/cert.go
@ -1,185 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetCerts
-// @Title GetCerts
-// @Tag Cert API
-// @Description get certs
-// @Param   owner     query    string  true        "The owner of certs"
-// @Success 200 {array} object.Cert The Response object
-// @router /get-certs [get]
-func (c *ApiController) GetCerts() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-
-	if limit == "" || page == "" {
-		certs, err := object.GetMaskedCerts(object.GetCerts(owner))
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(certs)
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetCertCount(owner, field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		certs, err := object.GetMaskedCerts(object.GetPaginationCerts(owner, paginator.Offset(), limit, field, value, sortField, sortOrder))
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(certs, paginator.Nums())
-	}
-}
-
-// GetGlobalCerts
-// @Title GetGlobalCerts
-// @Tag Cert API
-// @Description get global certs
-// @Success 200 {array} object.Cert The Response object
-// @router /get-global-certs [get]
-func (c *ApiController) GetGlobalCerts() {
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-
-	if limit == "" || page == "" {
-		certs, err := object.GetMaskedCerts(object.GetGlobalCerts())
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(certs)
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetGlobalCertsCount(field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		certs, err := object.GetMaskedCerts(object.GetPaginationGlobalCerts(paginator.Offset(), limit, field, value, sortField, sortOrder))
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(certs, paginator.Nums())
-	}
-}
-
-// GetCert
-// @Title GetCert
-// @Tag Cert API
-// @Description get cert
-// @Param   id     query    string  true        "The id ( owner/name ) of the cert"
-// @Success 200 {object} object.Cert The Response object
-// @router /get-cert [get]
-func (c *ApiController) GetCert() {
-	id := c.Input().Get("id")
-	cert, err := object.GetCert(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(object.GetMaskedCert(cert))
-}
-
-// UpdateCert
-// @Title UpdateCert
-// @Tag Cert API
-// @Description update cert
-// @Param   id     query    string  true        "The id ( owner/name ) of the cert"
-// @Param   body    body   object.Cert  true        "The details of the cert"
-// @Success 200 {object} controllers.Response The Response object
-// @router /update-cert [post]
-func (c *ApiController) UpdateCert() {
-	id := c.Input().Get("id")
-
-	var cert object.Cert
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &cert)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.UpdateCert(id, &cert))
-	c.ServeJSON()
-}
-
-// AddCert
-// @Title AddCert
-// @Tag Cert API
-// @Description add cert
-// @Param   body    body   object.Cert  true        "The details of the cert"
-// @Success 200 {object} controllers.Response The Response object
-// @router /add-cert [post]
-func (c *ApiController) AddCert() {
-	var cert object.Cert
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &cert)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.AddCert(&cert))
-	c.ServeJSON()
-}
-
-// DeleteCert
-// @Title DeleteCert
-// @Tag Cert API
-// @Description delete cert
-// @Param   body    body   object.Cert  true        "The details of the cert"
-// @Success 200 {object} controllers.Response The Response object
-// @router /delete-cert [post]
-func (c *ApiController) DeleteCert() {
-	var cert object.Cert
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &cert)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.DeleteCert(&cert))
-	c.ServeJSON()
-}
--- a/controllers/enforcer.go
+++ b/controllers/enforcer.go
@ -1,246 +0,0 @@
-// Copyright 2023 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-	"fmt"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-	xormadapter "github.com/casdoor/xorm-adapter/v3"
-)
-
-// GetEnforcers
-// @Title GetEnforcers
-// @Tag Enforcer API
-// @Description get enforcers
-// @Param   owner     query    string  true        "The owner of enforcers"
-// @Success 200 {array} object.Enforcer
-// @router /get-enforcers [get]
-func (c *ApiController) GetEnforcers() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-
-	if limit == "" || page == "" {
-		enforcers, err := object.GetEnforcers(owner)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(enforcers)
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetEnforcerCount(owner, field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		enforcers, err := object.GetPaginationEnforcers(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(enforcers, paginator.Nums())
-	}
-}
-
-// GetEnforcer
-// @Title GetEnforcer
-// @Tag Enforcer API
-// @Description get enforcer
-// @Param   id     query    string  true        "The id ( owner/name )  of enforcer"
-// @Success 200 {object} object.Enforcer
-// @router /get-enforcer [get]
-func (c *ApiController) GetEnforcer() {
-	id := c.Input().Get("id")
-	loadModelCfg := c.Input().Get("loadModelCfg")
-
-	enforcer, err := object.GetEnforcer(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if loadModelCfg == "true" && enforcer.Model != "" {
-		err := enforcer.LoadModelCfg()
-		if err != nil {
-			return
-		}
-	}
-
-	c.ResponseOk(enforcer)
-}
-
-// UpdateEnforcer
-// @Title UpdateEnforcer
-// @Tag Enforcer API
-// @Description update enforcer
-// @Param   id     query    string  true        "The id ( owner/name )  of enforcer"
-// @Param   enforcer     body    object  true        "The enforcer object"
-// @Success 200 {object} object.Enforcer
-// @router /update-enforcer [post]
-func (c *ApiController) UpdateEnforcer() {
-	id := c.Input().Get("id")
-
-	enforcer := object.Enforcer{}
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &enforcer)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.UpdateEnforcer(id, &enforcer))
-	c.ServeJSON()
-}
-
-// AddEnforcer
-// @Title AddEnforcer
-// @Tag Enforcer API
-// @Description add enforcer
-// @Param   enforcer     body    object  true        "The enforcer object"
-// @Success 200 {object} object.Enforcer
-// @router /add-enforcer [post]
-func (c *ApiController) AddEnforcer() {
-	enforcer := object.Enforcer{}
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &enforcer)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.AddEnforcer(&enforcer))
-	c.ServeJSON()
-}
-
-// DeleteEnforcer
-// @Title DeleteEnforcer
-// @Tag Enforcer API
-// @Description delete enforcer
-// @Param   body    body    object.Enforcer  true      "The enforcer object"
-// @Success 200 {object} object.Enforcer
-// @router /delete-enforcer [post]
-func (c *ApiController) DeleteEnforcer() {
-	var enforcer object.Enforcer
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &enforcer)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.DeleteEnforcer(&enforcer))
-	c.ServeJSON()
-}
-
-func (c *ApiController) GetPolicies() {
-	id := c.Input().Get("id")
-	adapterId := c.Input().Get("adapterId")
-
-	if adapterId != "" {
-		adapter, err := object.GetAdapter(adapterId)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-		if adapter == nil {
-			c.ResponseError(fmt.Sprintf(c.T("the adapter: %s is not found"), adapterId))
-			return
-		}
-
-		err = adapter.InitAdapter()
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk()
-		return
-	}
-
-	policies, err := object.GetPolicies(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(policies)
-}
-
-func (c *ApiController) UpdatePolicy() {
-	id := c.Input().Get("id")
-
-	var policies []xormadapter.CasbinRule
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &policies)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	affected, err := object.UpdatePolicy(id, policies[0].Ptype, util.CasbinToSlice(policies[0]), util.CasbinToSlice(policies[1]))
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	c.Data["json"] = wrapActionResponse(affected)
-	c.ServeJSON()
-}
-
-func (c *ApiController) AddPolicy() {
-	id := c.Input().Get("id")
-
-	var policy xormadapter.CasbinRule
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &policy)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	affected, err := object.AddPolicy(id, policy.Ptype, util.CasbinToSlice(policy))
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	c.Data["json"] = wrapActionResponse(affected)
-	c.ServeJSON()
-}
-
-func (c *ApiController) RemovePolicy() {
-	id := c.Input().Get("id")
-
-	var policy xormadapter.CasbinRule
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &policy)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	affected, err := object.RemovePolicy(id, policy.Ptype, util.CasbinToSlice(policy))
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	c.Data["json"] = wrapActionResponse(affected)
-	c.ServeJSON()
-}
--- a/controllers/face.go
+++ b/controllers/face.go
@ -1,55 +0,0 @@
-// Copyright 2024 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-// Casdoor will expose its providers as services to SDK
-// We are going to implement those services as APIs here
-
-package controllers
-
-import (
-	"fmt"
-
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// FaceIDSigninBegin
-// @Title FaceIDSigninBegin
-// @Tag Login API
-// @Description FaceId Login Flow 1st stage
-// @Param   owner     query    string  true        "owner"
-// @Param   name     query    string  true        "name"
-// @Success 200 {object} controllers.Response The Response object
-// @router /faceid-signin-begin [get]
-func (c *ApiController) FaceIDSigninBegin() {
-	userOwner := c.Input().Get("owner")
-	userName := c.Input().Get("name")
-
-	user, err := object.GetUserByFields(userOwner, userName)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	if user == nil {
-		c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), util.GetId(userOwner, userName)))
-		return
-	}
-
-	if len(user.FaceIds) == 0 {
-		c.ResponseError(c.T("check:Face data does not exist, cannot log in"))
-		return
-	}
-
-	c.ResponseOk()
-}
--- a/controllers/get-dashboard.go
+++ b/controllers/get-dashboard.go
@ -1,35 +0,0 @@
-// Copyright 2023 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import "github.com/casdoor/casdoor/object"
-
-// GetDashboard
-// @Title GetDashboard
-// @Tag System API
-// @Description get information of dashboard
-// @Success 200 {object} controllers.Response The Response object
-// @router /get-dashboard [get]
-func (c *ApiController) GetDashboard() {
-	owner := c.Input().Get("owner")
-
-	data, err := object.GetDashboard(owner)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(data)
-}
--- a/controllers/group.go
+++ b/controllers/group.go
@ -1,168 +0,0 @@
-// Copyright 2023 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-
-package controllers
-
-import (
-	"encoding/json"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetGroups
-// @Title GetGroups
-// @Tag Group API
-// @Description get groups
-// @Param   owner     query    string  true        "The owner of groups"
-// @Success 200 {array} object.Group The Response object
-// @router /get-groups [get]
-func (c *ApiController) GetGroups() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-	withTree := c.Input().Get("withTree")
-
-	if limit == "" || page == "" {
-		groups, err := object.GetGroups(owner)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		err = object.ExtendGroupsWithUsers(groups)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		if withTree == "true" {
-			c.ResponseOk(object.ConvertToTreeData(groups, owner))
-			return
-		}
-
-		c.ResponseOk(groups)
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetGroupCount(owner, field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		groups, err := object.GetPaginationGroups(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		} else {
-			err = object.ExtendGroupsWithUsers(groups)
-			if err != nil {
-				c.ResponseError(err.Error())
-				return
-			}
-
-			c.ResponseOk(groups, paginator.Nums())
-		}
-	}
-}
-
-// GetGroup
-// @Title GetGroup
-// @Tag Group API
-// @Description get group
-// @Param   id     query    string  true        "The id ( owner/name ) of the group"
-// @Success 200 {object} object.Group The Response object
-// @router /get-group [get]
-func (c *ApiController) GetGroup() {
-	id := c.Input().Get("id")
-
-	group, err := object.GetGroup(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	err = object.ExtendGroupWithUsers(group)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(group)
-}
-
-// UpdateGroup
-// @Title UpdateGroup
-// @Tag Group API
-// @Description update group
-// @Param   id     query    string  true        "The id ( owner/name ) of the group"
-// @Param   body    body   object.Group  true        "The details of the group"
-// @Success 200 {object} controllers.Response The Response object
-// @router /update-group [post]
-func (c *ApiController) UpdateGroup() {
-	id := c.Input().Get("id")
-
-	var group object.Group
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &group)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.UpdateGroup(id, &group))
-	c.ServeJSON()
-}
-
-// AddGroup
-// @Title AddGroup
-// @Tag Group API
-// @Description add group
-// @Param   body    body   object.Group  true      "The details of the group"
-// @Success 200 {object} controllers.Response The Response object
-// @router /add-group [post]
-func (c *ApiController) AddGroup() {
-	var group object.Group
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &group)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.AddGroup(&group))
-	c.ServeJSON()
-}
-
-// DeleteGroup
-// @Title DeleteGroup
-// @Tag Group API
-// @Description delete group
-// @Param   body    body   object.Group  true        "The details of the group"
-// @Success 200 {object} controllers.Response The Response object
-// @router /delete-group [post]
-func (c *ApiController) DeleteGroup() {
-	var group object.Group
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &group)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.DeleteGroup(&group))
-	c.ServeJSON()
-}
--- a/controllers/invitation.go
+++ b/controllers/invitation.go
@ -1,190 +0,0 @@
-// Copyright 2023 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetInvitations
-// @Title GetInvitations
-// @Tag Invitation API
-// @Description get invitations
-// @Param   owner     query    string  true        "The owner of invitations"
-// @Success 200 {array} object.Invitation The Response object
-// @router /get-invitations [get]
-func (c *ApiController) GetInvitations() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-
-	if limit == "" || page == "" {
-		invitations, err := object.GetInvitations(owner)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(invitations)
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetInvitationCount(owner, field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		invitations, err := object.GetPaginationInvitations(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(invitations, paginator.Nums())
-	}
-}
-
-// GetInvitation
-// @Title GetInvitation
-// @Tag Invitation API
-// @Description get invitation
-// @Param   id     query    string  true        "The id ( owner/name ) of the invitation"
-// @Success 200 {object} object.Invitation The Response object
-// @router /get-invitation [get]
-func (c *ApiController) GetInvitation() {
-	id := c.Input().Get("id")
-
-	invitation, err := object.GetInvitation(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(invitation)
-}
-
-// GetInvitationCodeInfo
-// @Title GetInvitationCodeInfo
-// @Tag Invitation API
-// @Description get invitation code information
-// @Param   code     query    string  true        "Invitation code"
-// @Success 200 {object} object.Invitation The Response object
-// @router /get-invitation-info [get]
-func (c *ApiController) GetInvitationCodeInfo() {
-	code := c.Input().Get("code")
-	applicationId := c.Input().Get("applicationId")
-
-	application, err := object.GetApplication(applicationId)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	invitation, msg := object.GetInvitationByCode(code, application.Organization, c.GetAcceptLanguage())
-	if msg != "" {
-		c.ResponseError(msg)
-		return
-	}
-
-	c.ResponseOk(object.GetMaskedInvitation(invitation))
-}
-
-// UpdateInvitation
-// @Title UpdateInvitation
-// @Tag Invitation API
-// @Description update invitation
-// @Param   id     query    string  true        "The id ( owner/name ) of the invitation"
-// @Param   body    body   object.Invitation  true        "The details of the invitation"
-// @Success 200 {object} controllers.Response The Response object
-// @router /update-invitation [post]
-func (c *ApiController) UpdateInvitation() {
-	id := c.Input().Get("id")
-
-	var invitation object.Invitation
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &invitation)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.UpdateInvitation(id, &invitation, c.GetAcceptLanguage()))
-	c.ServeJSON()
-}
-
-// AddInvitation
-// @Title AddInvitation
-// @Tag Invitation API
-// @Description add invitation
-// @Param   body    body   object.Invitation  true        "The details of the invitation"
-// @Success 200 {object} controllers.Response The Response object
-// @router /add-invitation [post]
-func (c *ApiController) AddInvitation() {
-	var invitation object.Invitation
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &invitation)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.AddInvitation(&invitation, c.GetAcceptLanguage()))
-	c.ServeJSON()
-}
-
-// DeleteInvitation
-// @Title DeleteInvitation
-// @Tag Invitation API
-// @Description delete invitation
-// @Param   body    body   object.Invitation  true        "The details of the invitation"
-// @Success 200 {object} controllers.Response The Response object
-// @router /delete-invitation [post]
-func (c *ApiController) DeleteInvitation() {
-	var invitation object.Invitation
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &invitation)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.DeleteInvitation(&invitation))
-	c.ServeJSON()
-}
-
-// VerifyInvitation
-// @Title VerifyInvitation
-// @Tag Invitation API
-// @Description verify invitation
-// @Param   id     query    string  true        "The id ( owner/name ) of the invitation"
-// @Success 200 {object} controllers.Response The Response object
-// @router /verify-invitation [get]
-func (c *ApiController) VerifyInvitation() {
-	id := c.Input().Get("id")
-
-	payment, attachInfo, err := object.VerifyInvitation(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(payment, attachInfo)
-}
--- a/controllers/ldap.go
+++ b/controllers/ldap.go
@ -1,278 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-type LdapResp struct {
-	// Groups []LdapRespGroup `json:"groups"`
-	Users      []object.LdapUser `json:"users"`
-	ExistUuids []string          `json:"existUuids"`
-}
-
-//type LdapRespGroup struct {
-//	GroupId   string
-//	GroupName string
-//}
-
-type LdapSyncResp struct {
-	Exist  []object.LdapUser `json:"exist"`
-	Failed []object.LdapUser `json:"failed"`
-}
-
-// GetLdapUsers
-// @Title GetLdapser
-// @Tag Account API
-// @Description get ldap users
-// Param	id	string	true	"id"
-// @Success 200 {object} controllers.LdapResp The Response object
-// @router /get-ldap-users [get]
-func (c *ApiController) GetLdapUsers() {
-	id := c.Input().Get("id")
-
-	_, ldapId := util.GetOwnerAndNameFromId(id)
-	ldapServer, err := object.GetLdap(ldapId)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	conn, err := ldapServer.GetLdapConn()
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	defer conn.Close()
-
-	//groupsMap, err := conn.GetLdapGroups(ldapServer.BaseDn)
-	//if err != nil {
-	//  c.ResponseError(err.Error())
-	//	return
-	//}
-
-	//for _, group := range groupsMap {
-	//	resp.Groups = append(resp.Groups, LdapRespGroup{
-	//		GroupId:   group.GidNumber,
-	//		GroupName: group.Cn,
-	//	})
-	//}
-
-	users, err := conn.GetLdapUsers(ldapServer)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	uuids := make([]string, len(users))
-	for i, user := range users {
-		uuids[i] = user.GetLdapUuid()
-	}
-	existUuids, err := object.GetExistUuids(ldapServer.Owner, uuids)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	resp := LdapResp{
-		Users:      object.AutoAdjustLdapUser(users),
-		ExistUuids: existUuids,
-	}
-	c.ResponseOk(resp)
-}
-
-// GetLdaps
-// @Title GetLdaps
-// @Tag Account API
-// @Description get ldaps
-// @Param	owner	query	string	false	"owner"
-// @Success 200 {array} object.Ldap The Response object
-// @router /get-ldaps [get]
-func (c *ApiController) GetLdaps() {
-	owner := c.Input().Get("owner")
-
-	c.ResponseOk(object.GetMaskedLdaps(object.GetLdaps(owner)))
-}
-
-// GetLdap
-// @Title GetLdap
-// @Tag Account API
-// @Description get ldap
-// @Param	id	query	string	true	"id"
-// @Success 200 {object} object.Ldap The Response object
-// @router /get-ldap [get]
-func (c *ApiController) GetLdap() {
-	id := c.Input().Get("id")
-
-	if util.IsStringsEmpty(id) {
-		c.ResponseError(c.T("general:Missing parameter"))
-		return
-	}
-
-	_, name := util.GetOwnerAndNameFromId(id)
-	ldap, err := object.GetLdap(name)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	c.ResponseOk(object.GetMaskedLdap(ldap))
-}
-
-// AddLdap
-// @Title AddLdap
-// @Tag Account API
-// @Description add ldap
-// @Param	body	body	object.Ldap		true	"The details of the ldap"
-// @Success 200 {object} controllers.Response The Response object
-// @router /add-ldap [post]
-func (c *ApiController) AddLdap() {
-	var ldap object.Ldap
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &ldap)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if util.IsStringsEmpty(ldap.Owner, ldap.ServerName, ldap.Host, ldap.Username, ldap.Password, ldap.BaseDn) {
-		c.ResponseError(c.T("general:Missing parameter"))
-		return
-	}
-
-	if ok, err := object.CheckLdapExist(&ldap); err != nil {
-		c.ResponseError(err.Error())
-		return
-	} else if ok {
-		c.ResponseError(c.T("ldap:Ldap server exist"))
-		return
-	}
-
-	resp := wrapActionResponse(object.AddLdap(&ldap))
-	resp.Data2 = ldap
-
-	if ldap.AutoSync != 0 {
-		err = object.GetLdapAutoSynchronizer().StartAutoSync(ldap.Id)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-	}
-
-	c.Data["json"] = resp
-	c.ServeJSON()
-}
-
-// UpdateLdap
-// @Title UpdateLdap
-// @Tag Account API
-// @Description update ldap
-// @Param	body	body	object.Ldap		true	"The details of the ldap"
-// @Success 200 {object} controllers.Response The Response object
-// @router /update-ldap [post]
-func (c *ApiController) UpdateLdap() {
-	var ldap object.Ldap
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &ldap)
-	if err != nil || util.IsStringsEmpty(ldap.Owner, ldap.ServerName, ldap.Host, ldap.Username, ldap.Password, ldap.BaseDn) {
-		c.ResponseError(c.T("general:Missing parameter"))
-		return
-	}
-
-	prevLdap, err := object.GetLdap(ldap.Id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	affected, err := object.UpdateLdap(&ldap)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if ldap.AutoSync != 0 {
-		err := object.GetLdapAutoSynchronizer().StartAutoSync(ldap.Id)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-	} else if ldap.AutoSync == 0 && prevLdap.AutoSync != 0 {
-		object.GetLdapAutoSynchronizer().StopAutoSync(ldap.Id)
-	}
-
-	c.Data["json"] = wrapActionResponse(affected)
-	c.ServeJSON()
-}
-
-// DeleteLdap
-// @Title DeleteLdap
-// @Tag Account API
-// @Description delete ldap
-// @Param	body	body	object.Ldap		true	"The details of the ldap"
-// @Success 200 {object} controllers.Response The Response object
-// @router /delete-ldap [post]
-func (c *ApiController) DeleteLdap() {
-	var ldap object.Ldap
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &ldap)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	affected, err := object.DeleteLdap(&ldap)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	object.GetLdapAutoSynchronizer().StopAutoSync(ldap.Id)
-
-	c.Data["json"] = wrapActionResponse(affected)
-	c.ServeJSON()
-}
-
-// SyncLdapUsers
-// @Title SyncLdapUsers
-// @Tag Account API
-// @Description sync ldap users
-// @Param	id	query	string		true	"id"
-// @Success 200 {object} controllers.LdapSyncResp The Response object
-// @router /sync-ldap-users [post]
-func (c *ApiController) SyncLdapUsers() {
-	id := c.Input().Get("id")
-
-	owner, ldapId := util.GetOwnerAndNameFromId(id)
-	var users []object.LdapUser
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &users)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	err = object.UpdateLdapSyncTime(ldapId)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	exist, failed, _ := object.SyncLdapUsers(owner, users, ldapId)
-
-	c.ResponseOk(&LdapSyncResp{
-		Exist:  exist,
-		Failed: failed,
-	})
-}
--- a/controllers/link.go
+++ b/controllers/link.go
@ -1,110 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-
-	"github.com/casdoor/casdoor/object"
-)
-
-type LinkForm struct {
-	ProviderType string      `json:"providerType"`
-	User         object.User `json:"user"`
-}
-
-// Unlink ...
-// @Tag Login API
-// @Title Unlink
-// @router /unlink [post]
-// @Success 200 {object} object.Userinfo The Response object
-func (c *ApiController) Unlink() {
-	user, ok := c.RequireSignedInUser()
-	if !ok {
-		return
-	}
-
-	var form LinkForm
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &form)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	providerType := form.ProviderType
-
-	// the user will be unlinked from the provider
-	unlinkedUser := form.User
-
-	if user.Id != unlinkedUser.Id && !user.IsGlobalAdmin() {
-		// if the user is not the same as the one we are unlinking, we need to make sure the user is the global admin.
-		c.ResponseError(c.T("link:You are not the global admin, you can't unlink other users"))
-		return
-	}
-
-	if user.Id == unlinkedUser.Id && !user.IsGlobalAdmin() {
-		// if the user is unlinking themselves, should check the provider can be unlinked, if not, we should return an error.
-		application, err := object.GetApplicationByUser(user)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-		if application == nil {
-			c.ResponseError(c.T("link:You can't unlink yourself, you are not a member of any application"))
-			return
-		}
-
-		if len(application.Providers) == 0 {
-			c.ResponseError(c.T("link:This application has no providers"))
-			return
-		}
-
-		provider := application.GetProviderItemByType(providerType)
-		if provider == nil {
-			c.ResponseError(c.T("link:This application has no providers of type") + providerType)
-			return
-		}
-
-		if !provider.CanUnlink {
-			c.ResponseError(c.T("link:This provider can't be unlinked"))
-			return
-		}
-
-	}
-
-	// only two situations can happen here
-	// 1. the user is the global admin
-	// 2. the user is unlinking themselves and provider can be unlinked
-
-	value := object.GetUserField(&unlinkedUser, providerType)
-
-	if value == "" {
-		c.ResponseError(c.T("link:Please link first"), value)
-		return
-	}
-
-	_, err = object.ClearUserOAuthProperties(&unlinkedUser, providerType)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	_, err = object.LinkUserAccount(&unlinkedUser, providerType, "")
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk()
-}
--- a/controllers/mfa.go
+++ b/controllers/mfa.go
@ -1,303 +0,0 @@
-// Copyright 2023 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"net/http"
-
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-	"github.com/google/uuid"
-)
-
-const (
-	MfaRecoveryCodesSession = "mfa_recovery_codes"
-	MfaCountryCodeSession   = "mfa_country_code"
-	MfaDestSession          = "mfa_dest"
-	MfaTotpSecretSession    = "mfa_totp_secret"
-)
-
-// MfaSetupInitiate
-// @Title MfaSetupInitiate
-// @Tag MFA API
-// @Description setup MFA
-// @param owner	form	string	true	"owner of user"
-// @param name	form	string	true	"name of user"
-// @param type	form	string	true	"MFA auth type"
-// @Success 200 {object} controllers.Response The Response object
-// @router /mfa/setup/initiate [post]
-func (c *ApiController) MfaSetupInitiate() {
-	owner := c.Ctx.Request.Form.Get("owner")
-	name := c.Ctx.Request.Form.Get("name")
-	mfaType := c.Ctx.Request.Form.Get("mfaType")
-	userId := util.GetId(owner, name)
-
-	if len(userId) == 0 {
-		c.ResponseError(http.StatusText(http.StatusBadRequest))
-		return
-	}
-
-	MfaUtil := object.GetMfaUtil(mfaType, nil)
-	if MfaUtil == nil {
-		c.ResponseError("Invalid auth type")
-	}
-
-	user, err := object.GetUser(userId)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if user == nil {
-		c.ResponseError("User doesn't exist")
-		return
-	}
-
-	mfaProps, err := MfaUtil.Initiate(user.GetId())
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	recoveryCode := uuid.NewString()
-	c.SetSession(MfaRecoveryCodesSession, recoveryCode)
-	if mfaType == object.TotpType {
-		c.SetSession(MfaTotpSecretSession, mfaProps.Secret)
-	}
-
-	mfaProps.RecoveryCodes = []string{recoveryCode}
-
-	resp := mfaProps
-	c.ResponseOk(resp)
-}
-
-// MfaSetupVerify
-// @Title MfaSetupVerify
-// @Tag MFA API
-// @Description setup verify totp
-// @param	secret		form	string	true	"MFA secret"
-// @param	passcode	form 	string 	true	"MFA passcode"
-// @Success 200 {object} controllers.Response The Response object
-// @router /mfa/setup/verify [post]
-func (c *ApiController) MfaSetupVerify() {
-	mfaType := c.Ctx.Request.Form.Get("mfaType")
-	passcode := c.Ctx.Request.Form.Get("passcode")
-
-	if mfaType == "" || passcode == "" {
-		c.ResponseError("missing auth type or passcode")
-		return
-	}
-
-	config := &object.MfaProps{
-		MfaType: mfaType,
-	}
-	if mfaType == object.TotpType {
-		secret := c.GetSession(MfaTotpSecretSession)
-		if secret == nil {
-			c.ResponseError("totp secret is missing")
-			return
-		}
-		config.Secret = secret.(string)
-	} else if mfaType == object.SmsType {
-		dest := c.GetSession(MfaDestSession)
-		if dest == nil {
-			c.ResponseError("destination is missing")
-			return
-		}
-		config.Secret = dest.(string)
-		countryCode := c.GetSession(MfaCountryCodeSession)
-		if countryCode == nil {
-			c.ResponseError("country code is missing")
-			return
-		}
-		config.CountryCode = countryCode.(string)
-	} else if mfaType == object.EmailType {
-		dest := c.GetSession(MfaDestSession)
-		if dest == nil {
-			c.ResponseError("destination is missing")
-			return
-		}
-		config.Secret = dest.(string)
-	}
-
-	mfaUtil := object.GetMfaUtil(mfaType, config)
-	if mfaUtil == nil {
-		c.ResponseError("Invalid multi-factor authentication type")
-		return
-	}
-
-	err := mfaUtil.SetupVerify(passcode)
-	if err != nil {
-		c.ResponseError(err.Error())
-	} else {
-		c.ResponseOk(http.StatusText(http.StatusOK))
-	}
-}
-
-// MfaSetupEnable
-// @Title MfaSetupEnable
-// @Tag MFA API
-// @Description enable totp
-// @param owner	form	string	true	"owner of user"
-// @param name	form	string	true	"name of user"
-// @param type	form	string	true	"MFA auth type"
-// @Success 200 {object} controllers.Response The Response object
-// @router /mfa/setup/enable [post]
-func (c *ApiController) MfaSetupEnable() {
-	owner := c.Ctx.Request.Form.Get("owner")
-	name := c.Ctx.Request.Form.Get("name")
-	mfaType := c.Ctx.Request.Form.Get("mfaType")
-
-	user, err := object.GetUser(util.GetId(owner, name))
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if user == nil {
-		c.ResponseError("User doesn't exist")
-		return
-	}
-
-	config := &object.MfaProps{
-		MfaType: mfaType,
-	}
-
-	if mfaType == object.TotpType {
-		secret := c.GetSession(MfaTotpSecretSession)
-		if secret == nil {
-			c.ResponseError("totp secret is missing")
-			return
-		}
-		config.Secret = secret.(string)
-	} else if mfaType == object.EmailType {
-		if user.Email == "" {
-			dest := c.GetSession(MfaDestSession)
-			if dest == nil {
-				c.ResponseError("destination is missing")
-				return
-			}
-			user.Email = dest.(string)
-		}
-	} else if mfaType == object.SmsType {
-		if user.Phone == "" {
-			dest := c.GetSession(MfaDestSession)
-			if dest == nil {
-				c.ResponseError("destination is missing")
-				return
-			}
-			user.Phone = dest.(string)
-			countryCode := c.GetSession(MfaCountryCodeSession)
-			if countryCode == nil {
-				c.ResponseError("country code is missing")
-				return
-			}
-			user.CountryCode = countryCode.(string)
-		}
-	}
-	recoveryCodes := c.GetSession(MfaRecoveryCodesSession)
-	if recoveryCodes == nil {
-		c.ResponseError("recovery codes is missing")
-		return
-	}
-	config.RecoveryCodes = []string{recoveryCodes.(string)}
-
-	mfaUtil := object.GetMfaUtil(mfaType, config)
-	if mfaUtil == nil {
-		c.ResponseError("Invalid multi-factor authentication type")
-		return
-	}
-
-	err = mfaUtil.Enable(user)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.DelSession(MfaRecoveryCodesSession)
-	if mfaType == object.TotpType {
-		c.DelSession(MfaTotpSecretSession)
-	} else {
-		c.DelSession(MfaCountryCodeSession)
-		c.DelSession(MfaDestSession)
-	}
-
-	c.ResponseOk(http.StatusText(http.StatusOK))
-}
-
-// DeleteMfa
-// @Title DeleteMfa
-// @Tag MFA API
-// @Description: Delete MFA
-// @param owner	form	string	true	"owner of user"
-// @param name	form	string	true	"name of user"
-// @Success 200 {object} controllers.Response The Response object
-// @router /delete-mfa/ [post]
-func (c *ApiController) DeleteMfa() {
-	owner := c.Ctx.Request.Form.Get("owner")
-	name := c.Ctx.Request.Form.Get("name")
-	userId := util.GetId(owner, name)
-
-	user, err := object.GetUser(userId)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	if user == nil {
-		c.ResponseError("User doesn't exist")
-		return
-	}
-
-	err = object.DisabledMultiFactorAuth(user)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(object.GetAllMfaProps(user, true))
-}
-
-// SetPreferredMfa
-// @Title SetPreferredMfa
-// @Tag MFA API
-// @Description: Set specific Mfa Preferred
-// @param owner	form	string	true	"owner of user"
-// @param name	form	string	true	"name of user"
-// @param id	form	string	true	"id of user's MFA props"
-// @Success 200 {object} controllers.Response The Response object
-// @router /set-preferred-mfa [post]
-func (c *ApiController) SetPreferredMfa() {
-	mfaType := c.Ctx.Request.Form.Get("mfaType")
-	owner := c.Ctx.Request.Form.Get("owner")
-	name := c.Ctx.Request.Form.Get("name")
-	userId := util.GetId(owner, name)
-
-	user, err := object.GetUser(userId)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	if user == nil {
-		c.ResponseError("User doesn't exist")
-		return
-	}
-
-	err = object.SetPreferredMultiFactorAuth(user, mfaType)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	c.ResponseOk(object.GetAllMfaProps(user, true))
-}
--- a/controllers/model.go
+++ b/controllers/model.go
@ -1,145 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetModels
-// @Title GetModels
-// @Tag Model API
-// @Description get models
-// @Param   owner     query    string  true        "The owner of models"
-// @Success 200 {array} object.Model The Response object
-// @router /get-models [get]
-func (c *ApiController) GetModels() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-
-	if limit == "" || page == "" {
-		models, err := object.GetModels(owner)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(models)
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetModelCount(owner, field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		models, err := object.GetPaginationModels(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(models, paginator.Nums())
-	}
-}
-
-// GetModel
-// @Title GetModel
-// @Tag Model API
-// @Description get model
-// @Param   id     query    string  true        "The id ( owner/name ) of the model"
-// @Success 200 {object} object.Model The Response object
-// @router /get-model [get]
-func (c *ApiController) GetModel() {
-	id := c.Input().Get("id")
-
-	model, err := object.GetModel(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(model)
-}
-
-// UpdateModel
-// @Title UpdateModel
-// @Tag Model API
-// @Description update model
-// @Param   id     query    string  true        "The id ( owner/name ) of the model"
-// @Param   body    body   object.Model  true        "The details of the model"
-// @Success 200 {object} controllers.Response The Response object
-// @router /update-model [post]
-func (c *ApiController) UpdateModel() {
-	id := c.Input().Get("id")
-
-	var model object.Model
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &model)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapErrorResponse(object.UpdateModelWithCheck(id, &model))
-	c.ServeJSON()
-}
-
-// AddModel
-// @Title AddModel
-// @Tag Model API
-// @Description add model
-// @Param   body    body   object.Model  true        "The details of the model"
-// @Success 200 {object} controllers.Response The Response object
-// @router /add-model [post]
-func (c *ApiController) AddModel() {
-	var model object.Model
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &model)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.AddModel(&model))
-	c.ServeJSON()
-}
-
-// DeleteModel
-// @Title DeleteModel
-// @Tag Model API
-// @Description delete model
-// @Param   body    body   object.Model  true        "The details of the model"
-// @Success 200 {object} controllers.Response The Response object
-// @router /delete-model [post]
-func (c *ApiController) DeleteModel() {
-	var model object.Model
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &model)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.DeleteModel(&model))
-	c.ServeJSON()
-}
--- a/controllers/oidc_discovery.go
+++ b/controllers/oidc_discovery.go
@ -1,44 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import "github.com/casdoor/casdoor/object"
-
-// GetOidcDiscovery
-// @Title GetOidcDiscovery
-// @Tag OIDC API
-// @Description Get Oidc Discovery
-// @Success 200 {object} object.OidcDiscovery
-// @router /.well-known/openid-configuration [get]
-func (c *RootController) GetOidcDiscovery() {
-	host := c.Ctx.Request.Host
-	c.Data["json"] = object.GetOidcDiscovery(host)
-	c.ServeJSON()
-}
-
-// GetJwks
-// @Title GetJwks
-// @Tag OIDC API
-// @Success 200 {object} jose.JSONWebKey
-// @router /.well-known/jwks [get]
-func (c *RootController) GetJwks() {
-	jwks, err := object.GetJsonWebKeySet()
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	c.Data["json"] = jwks
-	c.ServeJSON()
-}
--- a/controllers/organization.go
+++ b/controllers/organization.go
@ -1,212 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetOrganizations ...
-// @Title GetOrganizations
-// @Tag Organization API
-// @Description get organizations
-// @Param   owner     query    string  true        "owner"
-// @Success 200 {array} object.Organization The Response object
-// @router /get-organizations [get]
-func (c *ApiController) GetOrganizations() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-	organizationName := c.Input().Get("organizationName")
-
-	isGlobalAdmin := c.IsGlobalAdmin()
-	if limit == "" || page == "" {
-		var organizations []*object.Organization
-		var err error
-		if isGlobalAdmin {
-			organizations, err = object.GetMaskedOrganizations(object.GetOrganizations(owner))
-		} else {
-			organizations, err = object.GetMaskedOrganizations(object.GetOrganizations(owner, c.getCurrentUser().Owner))
-		}
-
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(organizations)
-	} else {
-		if !isGlobalAdmin {
-			organizations, err := object.GetMaskedOrganizations(object.GetOrganizations(owner, c.getCurrentUser().Owner))
-			if err != nil {
-				c.ResponseError(err.Error())
-				return
-			}
-			c.ResponseOk(organizations)
-		} else {
-			limit := util.ParseInt(limit)
-			count, err := object.GetOrganizationCount(owner, field, value)
-			if err != nil {
-				c.ResponseError(err.Error())
-				return
-			}
-
-			paginator := pagination.SetPaginator(c.Ctx, limit, count)
-			organizations, err := object.GetMaskedOrganizations(object.GetPaginationOrganizations(owner, organizationName, paginator.Offset(), limit, field, value, sortField, sortOrder))
-			if err != nil {
-				c.ResponseError(err.Error())
-				return
-			}
-
-			c.ResponseOk(organizations, paginator.Nums())
-		}
-	}
-}
-
-// GetOrganization ...
-// @Title GetOrganization
-// @Tag Organization API
-// @Description get organization
-// @Param   id     query    string  true        "organization id"
-// @Success 200 {object} object.Organization The Response object
-// @router /get-organization [get]
-func (c *ApiController) GetOrganization() {
-	id := c.Input().Get("id")
-	organization, err := object.GetMaskedOrganization(object.GetOrganization(id))
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(organization)
-}
-
-// UpdateOrganization ...
-// @Title UpdateOrganization
-// @Tag Organization API
-// @Description update organization
-// @Param   id     query    string  true        "The id ( owner/name ) of the organization"
-// @Param   body    body   object.Organization  true        "The details of the organization"
-// @Success 200 {object} controllers.Response The Response object
-// @router /update-organization [post]
-func (c *ApiController) UpdateOrganization() {
-	id := c.Input().Get("id")
-
-	var organization object.Organization
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &organization)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.UpdateOrganization(id, &organization))
-	c.ServeJSON()
-}
-
-// AddOrganization ...
-// @Title AddOrganization
-// @Tag Organization API
-// @Description add organization
-// @Param   body    body   object.Organization  true        "The details of the organization"
-// @Success 200 {object} controllers.Response The Response object
-// @router /add-organization [post]
-func (c *ApiController) AddOrganization() {
-	var organization object.Organization
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &organization)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	count, err := object.GetOrganizationCount("", "", "")
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if err = checkQuotaForOrganization(int(count)); err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.AddOrganization(&organization))
-	c.ServeJSON()
-}
-
-// DeleteOrganization ...
-// @Title DeleteOrganization
-// @Tag Organization API
-// @Description delete organization
-// @Param   body    body   object.Organization  true        "The details of the organization"
-// @Success 200 {object} controllers.Response The Response object
-// @router /delete-organization [post]
-func (c *ApiController) DeleteOrganization() {
-	var organization object.Organization
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &organization)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.DeleteOrganization(&organization))
-	c.ServeJSON()
-}
-
-// GetDefaultApplication ...
-// @Title GetDefaultApplication
-// @Tag Organization API
-// @Description get default application
-// @Param   id     query    string  true        "organization id"
-// @Success 200 {object} controllers.Response The Response object
-// @router /get-default-application [get]
-func (c *ApiController) GetDefaultApplication() {
-	userId := c.GetSessionUsername()
-	id := c.Input().Get("id")
-
-	application, err := object.GetDefaultApplication(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	application = object.GetMaskedApplication(application, userId)
-	c.ResponseOk(application)
-}
-
-// GetOrganizationNames ...
-// @Title GetOrganizationNames
-// @Tag Organization API
-// @Param   owner     query    string    true   "owner"
-// @Description get all organization name and displayName
-// @Success 200 {array} object.Organization The Response object
-// @router /get-organization-names [get]
-func (c *ApiController) GetOrganizationNames() {
-	owner := c.Input().Get("owner")
-	organizationNames, err := object.GetOrganizationsByFields(owner, []string{"name", "display_name"}...)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(organizationNames)
-}
--- a/controllers/payment.go
+++ b/controllers/payment.go
@ -1,212 +0,0 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetPayments
-// @Title GetPayments
-// @Tag Payment API
-// @Description get payments
-// @Param   owner     query    string  true        "The owner of payments"
-// @Success 200 {array} object.Payment The Response object
-// @router /get-payments [get]
-func (c *ApiController) GetPayments() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-
-	if limit == "" || page == "" {
-		payments, err := object.GetPayments(owner)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(payments)
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetPaymentCount(owner, field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		payments, err := object.GetPaginationPayments(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(payments, paginator.Nums())
-	}
-}
-
-// GetUserPayments
-// @Title GetUserPayments
-// @Tag Payment API
-// @Description get payments for a user
-// @Param   owner     query    string  true        "The owner of payments"
-// @Param   organization    query   string  true   "The organization of the user"
-// @Param   user    query   string  true           "The username of the user"
-// @Success 200 {array} object.Payment The Response object
-// @router /get-user-payments [get]
-func (c *ApiController) GetUserPayments() {
-	owner := c.Input().Get("owner")
-	user := c.Input().Get("user")
-
-	payments, err := object.GetUserPayments(owner, user)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(payments)
-}
-
-// GetPayment
-// @Title GetPayment
-// @Tag Payment API
-// @Description get payment
-// @Param   id     query    string  true        "The id ( owner/name ) of the payment"
-// @Success 200 {object} object.Payment The Response object
-// @router /get-payment [get]
-func (c *ApiController) GetPayment() {
-	id := c.Input().Get("id")
-
-	payment, err := object.GetPayment(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(payment)
-}
-
-// UpdatePayment
-// @Title UpdatePayment
-// @Tag Payment API
-// @Description update payment
-// @Param   id     query    string  true        "The id ( owner/name ) of the payment"
-// @Param   body    body   object.Payment  true        "The details of the payment"
-// @Success 200 {object} controllers.Response The Response object
-// @router /update-payment [post]
-func (c *ApiController) UpdatePayment() {
-	id := c.Input().Get("id")
-
-	var payment object.Payment
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &payment)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.UpdatePayment(id, &payment))
-	c.ServeJSON()
-}
-
-// AddPayment
-// @Title AddPayment
-// @Tag Payment API
-// @Description add payment
-// @Param   body    body   object.Payment  true        "The details of the payment"
-// @Success 200 {object} controllers.Response The Response object
-// @router /add-payment [post]
-func (c *ApiController) AddPayment() {
-	var payment object.Payment
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &payment)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.AddPayment(&payment))
-	c.ServeJSON()
-}
-
-// DeletePayment
-// @Title DeletePayment
-// @Tag Payment API
-// @Description delete payment
-// @Param   body    body   object.Payment  true        "The details of the payment"
-// @Success 200 {object} controllers.Response The Response object
-// @router /delete-payment [post]
-func (c *ApiController) DeletePayment() {
-	var payment object.Payment
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &payment)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.DeletePayment(&payment))
-	c.ServeJSON()
-}
-
-// NotifyPayment
-// @Title NotifyPayment
-// @Tag Payment API
-// @Description notify payment
-// @Param   body    body   object.Payment  true        "The details of the payment"
-// @Success 200 {object} controllers.Response The Response object
-// @router /notify-payment [post]
-func (c *ApiController) NotifyPayment() {
-	owner := c.Ctx.Input.Param(":owner")
-	paymentName := c.Ctx.Input.Param(":payment")
-
-	body := c.Ctx.Input.RequestBody
-
-	payment, err := object.NotifyPayment(body, owner, paymentName)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(payment)
-}
-
-// InvoicePayment
-// @Title InvoicePayment
-// @Tag Payment API
-// @Description invoice payment
-// @Param   id     query    string  true        "The id ( owner/name ) of the payment"
-// @Success 200 {object} controllers.Response The Response object
-// @router /invoice-payment [post]
-func (c *ApiController) InvoicePayment() {
-	id := c.Input().Get("id")
-
-	payment, err := object.GetPayment(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	invoiceUrl, err := object.InvoicePayment(payment)
-	if err != nil {
-		c.ResponseError(err.Error())
-	}
-	c.ResponseOk(invoiceUrl)
-}
--- a/controllers/permission.go
+++ b/controllers/permission.go
@ -1,184 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetPermissions
-// @Title GetPermissions
-// @Tag Permission API
-// @Description get permissions
-// @Param   owner     query    string  true        "The owner of permissions"
-// @Success 200 {array} object.Permission The Response object
-// @router /get-permissions [get]
-func (c *ApiController) GetPermissions() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-
-	if limit == "" || page == "" {
-		permissions, err := object.GetPermissions(owner)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(permissions)
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetPermissionCount(owner, field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		permissions, err := object.GetPaginationPermissions(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(permissions, paginator.Nums())
-	}
-}
-
-// GetPermissionsBySubmitter
-// @Title GetPermissionsBySubmitter
-// @Tag Permission API
-// @Description get permissions by submitter
-// @Success 200 {array} object.Permission The Response object
-// @router /get-permissions-by-submitter [get]
-func (c *ApiController) GetPermissionsBySubmitter() {
-	user, ok := c.RequireSignedInUser()
-	if !ok {
-		return
-	}
-
-	permissions, err := object.GetPermissionsBySubmitter(user.Owner, user.Name)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(permissions, len(permissions))
-}
-
-// GetPermissionsByRole
-// @Title GetPermissionsByRole
-// @Tag Permission API
-// @Description get permissions by role
-// @Param   id     query    string  true        "The id ( owner/name ) of the role"
-// @Success 200 {array} object.Permission The Response object
-// @router /get-permissions-by-role [get]
-func (c *ApiController) GetPermissionsByRole() {
-	id := c.Input().Get("id")
-	permissions, err := object.GetPermissionsByRole(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(permissions, len(permissions))
-}
-
-// GetPermission
-// @Title GetPermission
-// @Tag Permission API
-// @Description get permission
-// @Param   id     query    string  true        "The id ( owner/name ) of the permission"
-// @Success 200 {object} object.Permission The Response object
-// @router /get-permission [get]
-func (c *ApiController) GetPermission() {
-	id := c.Input().Get("id")
-
-	permission, err := object.GetPermission(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(permission)
-}
-
-// UpdatePermission
-// @Title UpdatePermission
-// @Tag Permission API
-// @Description update permission
-// @Param   id     query    string  true        "The id ( owner/name ) of the permission"
-// @Param   body    body   object.Permission  true        "The details of the permission"
-// @Success 200 {object} controllers.Response The Response object
-// @router /update-permission [post]
-func (c *ApiController) UpdatePermission() {
-	id := c.Input().Get("id")
-
-	var permission object.Permission
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &permission)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.UpdatePermission(id, &permission))
-	c.ServeJSON()
-}
-
-// AddPermission
-// @Title AddPermission
-// @Tag Permission API
-// @Description add permission
-// @Param   body    body   object.Permission  true        "The details of the permission"
-// @Success 200 {object} controllers.Response The Response object
-// @router /add-permission [post]
-func (c *ApiController) AddPermission() {
-	var permission object.Permission
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &permission)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.AddPermission(&permission))
-	c.ServeJSON()
-}
-
-// DeletePermission
-// @Title DeletePermission
-// @Tag Permission API
-// @Description delete permission
-// @Param   body    body   object.Permission  true        "The details of the permission"
-// @Success 200 {object} controllers.Response The Response object
-// @router /delete-permission [post]
-func (c *ApiController) DeletePermission() {
-	var permission object.Permission
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &permission)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.DeletePermission(&permission))
-	c.ServeJSON()
-}
--- a/controllers/permission_upload.go
+++ b/controllers/permission_upload.go
@ -1,54 +0,0 @@
-// Copyright 2023 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"fmt"
-	"os"
-
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-func (c *ApiController) UploadPermissions() {
-	userId := c.GetSessionUsername()
-	owner, user := util.GetOwnerAndNameFromId(userId)
-
-	file, header, err := c.Ctx.Request.FormFile("file")
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	fileId := fmt.Sprintf("%s_%s_%s", owner, user, util.RemoveExt(header.Filename))
-	path := util.GetUploadXlsxPath(fileId)
-	defer os.Remove(path)
-	err = saveFile(path, &file)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	affected, err := object.UploadPermissions(owner, path)
-	if err != nil {
-		c.ResponseError(err.Error())
-	}
-
-	if affected {
-		c.ResponseOk()
-	} else {
-		c.ResponseError(c.T("user_upload:Failed to import users"))
-	}
-}
--- a/controllers/plan.go
+++ b/controllers/plan.go
@ -1,187 +0,0 @@
-// Copyright 2023 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetPlans
-// @Title GetPlans
-// @Tag Plan API
-// @Description get plans
-// @Param   owner     query    string  true        "The owner of plans"
-// @Success 200 {array} object.Plan The Response object
-// @router /get-plans [get]
-func (c *ApiController) GetPlans() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-
-	if limit == "" || page == "" {
-		plans, err := object.GetPlans(owner)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(plans)
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetPlanCount(owner, field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		plan, err := object.GetPaginatedPlans(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(plan, paginator.Nums())
-	}
-}
-
-// GetPlan
-// @Title GetPlan
-// @Tag Plan API
-// @Description get plan
-// @Param   id     query    string  true        "The id ( owner/name ) of the plan"
-// @Param   includeOption     query    bool  false        "Should include plan's option"
-// @Success 200 {object} object.Plan The Response object
-// @router /get-plan [get]
-func (c *ApiController) GetPlan() {
-	id := c.Input().Get("id")
-	includeOption := c.Input().Get("includeOption") == "true"
-
-	plan, err := object.GetPlan(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if plan != nil && includeOption {
-		options, err := object.GetPermissionsByRole(plan.Role)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		for _, option := range options {
-			plan.Options = append(plan.Options, option.DisplayName)
-		}
-	}
-
-	c.ResponseOk(plan)
-}
-
-// UpdatePlan
-// @Title UpdatePlan
-// @Tag Plan API
-// @Description update plan
-// @Param   id     query    string  true        "The id ( owner/name ) of the plan"
-// @Param   body    body   object.Plan  true        "The details of the plan"
-// @Success 200 {object} controllers.Response The Response object
-// @router /update-plan [post]
-func (c *ApiController) UpdatePlan() {
-	id := c.Input().Get("id")
-	owner := util.GetOwnerFromId(id)
-	var plan object.Plan
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &plan)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	if plan.Product != "" {
-		productId := util.GetId(owner, plan.Product)
-		product, err := object.GetProduct(productId)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-		if product != nil {
-			object.UpdateProductForPlan(&plan, product)
-			_, err = object.UpdateProduct(productId, product)
-			if err != nil {
-				c.ResponseError(err.Error())
-				return
-			}
-		}
-	}
-	c.Data["json"] = wrapActionResponse(object.UpdatePlan(id, &plan))
-	c.ServeJSON()
-}
-
-// AddPlan
-// @Title AddPlan
-// @Tag Plan API
-// @Description add plan
-// @Param   body    body   object.Plan  true        "The details of the plan"
-// @Success 200 {object} controllers.Response The Response object
-// @router /add-plan [post]
-func (c *ApiController) AddPlan() {
-	var plan object.Plan
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &plan)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	// Create a related product for plan
-	product := object.CreateProductForPlan(&plan)
-	_, err = object.AddProduct(product)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	plan.Product = product.Name
-	c.Data["json"] = wrapActionResponse(object.AddPlan(&plan))
-	c.ServeJSON()
-}
-
-// DeletePlan
-// @Title DeletePlan
-// @Tag Plan API
-// @Description delete plan
-// @Param   body    body   object.Plan  true        "The details of the plan"
-// @Success 200 {object} controllers.Response The Response object
-// @router /delete-plan [post]
-func (c *ApiController) DeletePlan() {
-	var plan object.Plan
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &plan)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	if plan.Product != "" {
-		_, err = object.DeleteProduct(&object.Product{Owner: plan.Owner, Name: plan.Product})
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-	}
-	c.Data["json"] = wrapActionResponse(object.DeletePlan(&plan))
-	c.ServeJSON()
-}
--- a/controllers/pricing.go
+++ b/controllers/pricing.go
@ -1,145 +0,0 @@
-// Copyright 2023 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetPricings
-// @Title GetPricings
-// @Tag Pricing API
-// @Description get pricings
-// @Param   owner     query    string  true        "The owner of pricings"
-// @Success 200 {array} object.Pricing The Response object
-// @router /get-pricings [get]
-func (c *ApiController) GetPricings() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-
-	if limit == "" || page == "" {
-		pricings, err := object.GetPricings(owner)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(pricings)
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetPricingCount(owner, field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		pricing, err := object.GetPaginatedPricings(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(pricing, paginator.Nums())
-	}
-}
-
-// GetPricing
-// @Title GetPricing
-// @Tag Pricing API
-// @Description get pricing
-// @Param   id     query    string  true        "The id ( owner/name ) of the pricing"
-// @Success 200 {object} object.Pricing The Response object
-// @router /get-pricing [get]
-func (c *ApiController) GetPricing() {
-	id := c.Input().Get("id")
-
-	pricing, err := object.GetPricing(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(pricing)
-}
-
-// UpdatePricing
-// @Title UpdatePricing
-// @Tag Pricing API
-// @Description update pricing
-// @Param   id     query    string  true        "The id ( owner/name ) of the pricing"
-// @Param   body    body   object.Pricing  true        "The details of the pricing"
-// @Success 200 {object} controllers.Response The Response object
-// @router /update-pricing [post]
-func (c *ApiController) UpdatePricing() {
-	id := c.Input().Get("id")
-
-	var pricing object.Pricing
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &pricing)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.UpdatePricing(id, &pricing))
-	c.ServeJSON()
-}
-
-// AddPricing
-// @Title AddPricing
-// @Tag Pricing API
-// @Description add pricing
-// @Param   body    body   object.Pricing  true        "The details of the pricing"
-// @Success 200 {object} controllers.Response The Response object
-// @router /add-pricing [post]
-func (c *ApiController) AddPricing() {
-	var pricing object.Pricing
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &pricing)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.AddPricing(&pricing))
-	c.ServeJSON()
-}
-
-// DeletePricing
-// @Title DeletePricing
-// @Tag Pricing API
-// @Description delete pricing
-// @Param   body    body   object.Pricing  true        "The details of the pricing"
-// @Success 200 {object} controllers.Response The Response object
-// @router /delete-pricing [post]
-func (c *ApiController) DeletePricing() {
-	var pricing object.Pricing
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &pricing)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.DeletePricing(&pricing))
-	c.ServeJSON()
-}
--- a/controllers/product.go
+++ b/controllers/product.go
@ -1,210 +0,0 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-	"fmt"
-	"strconv"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetProducts
-// @Title GetProducts
-// @Tag Product API
-// @Description get products
-// @Param   owner     query    string  true        "The owner of products"
-// @Success 200 {array} object.Product The Response object
-// @router /get-products [get]
-func (c *ApiController) GetProducts() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-
-	if limit == "" || page == "" {
-		products, err := object.GetProducts(owner)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(products)
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetProductCount(owner, field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		products, err := object.GetPaginationProducts(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(products, paginator.Nums())
-	}
-}
-
-// GetProduct
-// @Title GetProduct
-// @Tag Product API
-// @Description get product
-// @Param   id     query    string  true        "The id ( owner/name ) of the product"
-// @Success 200 {object} object.Product The Response object
-// @router /get-product [get]
-func (c *ApiController) GetProduct() {
-	id := c.Input().Get("id")
-
-	product, err := object.GetProduct(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	err = object.ExtendProductWithProviders(product)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(product)
-}
-
-// UpdateProduct
-// @Title UpdateProduct
-// @Tag Product API
-// @Description update product
-// @Param   id     query    string  true        "The id ( owner/name ) of the product"
-// @Param   body    body   object.Product  true        "The details of the product"
-// @Success 200 {object} controllers.Response The Response object
-// @router /update-product [post]
-func (c *ApiController) UpdateProduct() {
-	id := c.Input().Get("id")
-
-	var product object.Product
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &product)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.UpdateProduct(id, &product))
-	c.ServeJSON()
-}
-
-// AddProduct
-// @Title AddProduct
-// @Tag Product API
-// @Description add product
-// @Param   body    body   object.Product  true        "The details of the product"
-// @Success 200 {object} controllers.Response The Response object
-// @router /add-product [post]
-func (c *ApiController) AddProduct() {
-	var product object.Product
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &product)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.AddProduct(&product))
-	c.ServeJSON()
-}
-
-// DeleteProduct
-// @Title DeleteProduct
-// @Tag Product API
-// @Description delete product
-// @Param   body    body   object.Product  true        "The details of the product"
-// @Success 200 {object} controllers.Response The Response object
-// @router /delete-product [post]
-func (c *ApiController) DeleteProduct() {
-	var product object.Product
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &product)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.DeleteProduct(&product))
-	c.ServeJSON()
-}
-
-// BuyProduct
-// @Title BuyProduct
-// @Tag Product API
-// @Description buy product
-// @Param   id     query    string  true        "The id ( owner/name ) of the product"
-// @Param   providerName    query    string  true  "The name of the provider"
-// @Success 200 {object} controllers.Response The Response object
-// @router /buy-product [post]
-func (c *ApiController) BuyProduct() {
-	id := c.Input().Get("id")
-	host := c.Ctx.Request.Host
-	providerName := c.Input().Get("providerName")
-	paymentEnv := c.Input().Get("paymentEnv")
-	customPriceStr := c.Input().Get("customPrice")
-	if customPriceStr == "" {
-		customPriceStr = "0"
-	}
-
-	customPrice, err := strconv.ParseFloat(customPriceStr, 64)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	// buy `pricingName/planName` for `paidUserName`
-	pricingName := c.Input().Get("pricingName")
-	planName := c.Input().Get("planName")
-	paidUserName := c.Input().Get("userName")
-	owner, _ := util.GetOwnerAndNameFromId(id)
-	userId := util.GetId(owner, paidUserName)
-	if paidUserName == "" {
-		userId = c.GetSessionUsername()
-	}
-	if userId == "" {
-		c.ResponseError(c.T("general:Please login first"))
-		return
-	}
-
-	user, err := object.GetUser(userId)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	if user == nil {
-		c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), userId))
-		return
-	}
-
-	payment, attachInfo, err := object.BuyProduct(id, user, providerName, pricingName, planName, host, paymentEnv, customPrice)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(payment, attachInfo)
-}
--- a/controllers/prometheus.go
+++ b/controllers/prometheus.go
@ -1,39 +0,0 @@
-// Copyright 2023 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"github.com/casdoor/casdoor/object"
-)
-
-// GetPrometheusInfo
-// @Title GetPrometheusInfo
-// @Tag System API
-// @Description get Prometheus Info
-// @Success 200 {object} object.PrometheusInfo The Response object
-// @router /get-prometheus-info [get]
-func (c *ApiController) GetPrometheusInfo() {
-	_, ok := c.RequireAdmin()
-	if !ok {
-		return
-	}
-	prometheusInfo, err := object.GetPrometheusInfo()
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(prometheusInfo)
-}
--- a/controllers/provider.go
+++ b/controllers/provider.go
@ -1,243 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetProviders
-// @Title GetProviders
-// @Tag Provider API
-// @Description get providers
-// @Param   owner     query    string  true        "The owner of providers"
-// @Success 200 {array} object.Provider The Response object
-// @router /get-providers [get]
-func (c *ApiController) GetProviders() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-
-	ok, isMaskEnabled := c.IsMaskedEnabled()
-	if !ok {
-		return
-	}
-
-	if limit == "" || page == "" {
-		providers, err := object.GetProviders(owner)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(object.GetMaskedProviders(providers, isMaskEnabled))
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetProviderCount(owner, field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		paginationProviders, err := object.GetPaginationProviders(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		providers := object.GetMaskedProviders(paginationProviders, isMaskEnabled)
-		c.ResponseOk(providers, paginator.Nums())
-	}
-}
-
-// GetGlobalProviders
-// @Title GetGlobalProviders
-// @Tag Provider API
-// @Description get Global providers
-// @Success 200 {array} object.Provider The Response object
-// @router /get-global-providers [get]
-func (c *ApiController) GetGlobalProviders() {
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-
-	ok, isMaskEnabled := c.IsMaskedEnabled()
-	if !ok {
-		return
-	}
-
-	if limit == "" || page == "" {
-		globalProviders, err := object.GetGlobalProviders()
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(object.GetMaskedProviders(globalProviders, isMaskEnabled))
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetGlobalProviderCount(field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		paginationGlobalProviders, err := object.GetPaginationGlobalProviders(paginator.Offset(), limit, field, value, sortField, sortOrder)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		providers := object.GetMaskedProviders(paginationGlobalProviders, isMaskEnabled)
-		c.ResponseOk(providers, paginator.Nums())
-	}
-}
-
-// GetProvider
-// @Title GetProvider
-// @Tag Provider API
-// @Description get provider
-// @Param   id     query    string  true        "The id ( owner/name ) of the provider"
-// @Success 200 {object} object.Provider The Response object
-// @router /get-provider [get]
-func (c *ApiController) GetProvider() {
-	id := c.Input().Get("id")
-
-	ok, isMaskEnabled := c.IsMaskedEnabled()
-	if !ok {
-		return
-	}
-	provider, err := object.GetProvider(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(object.GetMaskedProvider(provider, isMaskEnabled))
-}
-
-func (c *ApiController) requireProviderPermission(provider *object.Provider) bool {
-	isGlobalAdmin, user := c.isGlobalAdmin()
-	if isGlobalAdmin {
-		return true
-	}
-
-	if provider.Owner == "admin" || user.Owner != provider.Owner {
-		c.ResponseError(c.T("auth:Unauthorized operation"))
-		return false
-	}
-
-	return true
-}
-
-// UpdateProvider
-// @Title UpdateProvider
-// @Tag Provider API
-// @Description update provider
-// @Param   id     query    string  true        "The id ( owner/name ) of the provider"
-// @Param   body    body   object.Provider  true        "The details of the provider"
-// @Success 200 {object} controllers.Response The Response object
-// @router /update-provider [post]
-func (c *ApiController) UpdateProvider() {
-	id := c.Input().Get("id")
-
-	var provider object.Provider
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &provider)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	ok := c.requireProviderPermission(&provider)
-	if !ok {
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.UpdateProvider(id, &provider))
-	c.ServeJSON()
-}
-
-// AddProvider
-// @Title AddProvider
-// @Tag Provider API
-// @Description add provider
-// @Param   body    body   object.Provider  true        "The details of the provider"
-// @Success 200 {object} controllers.Response The Response object
-// @router /add-provider [post]
-func (c *ApiController) AddProvider() {
-	var provider object.Provider
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &provider)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	count, err := object.GetProviderCount("", "", "")
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	err = checkQuotaForProvider(int(count))
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	ok := c.requireProviderPermission(&provider)
-	if !ok {
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.AddProvider(&provider))
-	c.ServeJSON()
-}
-
-// DeleteProvider
-// @Title DeleteProvider
-// @Tag Provider API
-// @Description delete provider
-// @Param   body    body   object.Provider  true        "The details of the provider"
-// @Success 200 {object} controllers.Response The Response object
-// @router /delete-provider [post]
-func (c *ApiController) DeleteProvider() {
-	var provider object.Provider
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &provider)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	ok := c.requireProviderPermission(&provider)
-	if !ok {
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.DeleteProvider(&provider))
-	c.ServeJSON()
-}
--- a/controllers/record.go
+++ b/controllers/record.go
@ -1,128 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-
-	"github.com/casvisor/casvisor-go-sdk/casvisorsdk"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetRecords
-// @Title GetRecords
-// @Tag Record API
-// @Description get all records
-// @Param   pageSize     query    string  true        "The size of each page"
-// @Param   p     query    string  true        "The number of the page"
-// @Success 200 {object} object.Record The Response object
-// @router /get-records [get]
-func (c *ApiController) GetRecords() {
-	organization, ok := c.RequireAdmin()
-	if !ok {
-		return
-	}
-
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-	organizationName := c.Input().Get("organizationName")
-
-	if limit == "" || page == "" {
-		records, err := object.GetRecords()
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(records)
-	} else {
-		limit := util.ParseInt(limit)
-		if c.IsGlobalAdmin() && organizationName != "" {
-			organization = organizationName
-		}
-		filterRecord := &casvisorsdk.Record{Organization: organization}
-		count, err := object.GetRecordCount(field, value, filterRecord)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		records, err := object.GetPaginationRecords(paginator.Offset(), limit, field, value, sortField, sortOrder, filterRecord)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(records, paginator.Nums())
-	}
-}
-
-// GetRecordsByFilter
-// @Tag Record API
-// @Title GetRecordsByFilter
-// @Description get records by filter
-// @Param   filter  body string     true  "filter Record message"
-// @Success 200 {object} object.Record The Response object
-// @router /get-records-filter [post]
-func (c *ApiController) GetRecordsByFilter() {
-	_, ok := c.RequireAdmin()
-	if !ok {
-		return
-	}
-
-	body := string(c.Ctx.Input.RequestBody)
-
-	record := &casvisorsdk.Record{}
-	err := util.JsonToStruct(body, record)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	records, err := object.GetRecordsByField(record)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(records)
-}
-
-// AddRecord
-// @Title AddRecord
-// @Tag Record API
-// @Description add a record
-// @Param   body    body   object.Record  true        "The details of the record"
-// @Success 200 {object} controllers.Response The Response object
-// @router /add-record [post]
-func (c *ApiController) AddRecord() {
-	var record casvisorsdk.Record
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &record)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.AddRecord(&record))
-	c.ServeJSON()
-}
--- a/controllers/resource.go
+++ b/controllers/resource.go
@ -1,391 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"bytes"
-	"encoding/json"
-	"fmt"
-	"io"
-	"mime"
-	"path/filepath"
-	"strings"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetResources
-// @Tag Resource API
-// @Title GetResources
-// @Description get resources
-// @Param		owner 		query 		string 				true 				"Owner"
-// @Param		user 		query 		string 				true 				"User"
-// @Param 		pageSize 	query 		integer 			false 				"Page Size"
-// @Param 		p 			query 		integer 				false 				"Page Number"
-// @Param 		field 		query 		string 				false 				"Field"
-// @Param 		value 		query 		string 				false 				"Value"
-// @Param 		sortField 	query 		string 				false 				"Sort Field"
-// @Param 		sortOrder 	query 		string 				false 				"Sort Order"
-// @Success		200 		{array} 	object.Resource 	The Response object
-// @router /get-resources [get]
-func (c *ApiController) GetResources() {
-	owner := c.Input().Get("owner")
-	user := c.Input().Get("user")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-
-	isOrgAdmin, ok := c.IsOrgAdmin()
-	if !ok {
-		return
-	}
-
-	if isOrgAdmin {
-		user = ""
-	}
-
-	if sortField == "Direct" {
-		provider, err := c.GetProviderFromContext("Storage")
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		prefix := sortOrder
-		resources, err := object.GetDirectResources(owner, user, provider, prefix, c.GetAcceptLanguage())
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(resources)
-	} else if limit == "" || page == "" {
-		resources, err := object.GetResources(owner, user)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(resources)
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetResourceCount(owner, user, field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		resources, err := object.GetPaginationResources(owner, user, paginator.Offset(), limit, field, value, sortField, sortOrder)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(resources, paginator.Nums())
-	}
-}
-
-// GetResource
-// @Tag Resource API
-// @Title GetResource
-// @Description get resource
-// @Param   	id			query   	string     			true        		"The id ( owner/name ) of resource"
-// @Success 	200			{object}	object.Resource		The Response object
-// @router /get-resource [get]
-func (c *ApiController) GetResource() {
-	id := c.Input().Get("id")
-
-	resource, err := object.GetResource(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(resource)
-}
-
-// UpdateResource
-// @Tag Resource API
-// @Title UpdateResource
-// @Description get resource
-// @Param   	id     		query   	string  			true				"The id ( owner/name ) of resource"
-// @Param		resource	body		object.Resource		true				"The resource object"
-// @Success 	200			{object}	controllers.Response					Success or error
-// @router /update-resource [post]
-func (c *ApiController) UpdateResource() {
-	id := c.Input().Get("id")
-
-	var resource object.Resource
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &resource)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.UpdateResource(id, &resource))
-	c.ServeJSON()
-}
-
-// AddResource
-// @Tag Resource API
-// @Title AddResource
-// @Param     	resource    body    	object.Resource  	true      			"Resource object"
-// @Success 	200			{object}	controllers.Response					Success or error
-// @router /add-resource [post]
-func (c *ApiController) AddResource() {
-	var resource object.Resource
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &resource)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.AddResource(&resource))
-	c.ServeJSON()
-}
-
-// DeleteResource
-// @Tag Resource API
-// @Title DeleteResource
-// @Param     	resource    body    	object.Resource  	true      			"Resource object"
-// @Success 	200			{object}	controllers.Response					Success or error
-// @router /delete-resource [post]
-func (c *ApiController) DeleteResource() {
-	var resource object.Resource
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &resource)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if resource.Provider != "" {
-		c.Input().Set("provider", resource.Provider)
-	}
-	c.Input().Set("fullFilePath", resource.Name)
-	provider, err := c.GetProviderFromContext("Storage")
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	_, resource.Name = refineFullFilePath(resource.Name)
-
-	err = object.DeleteFile(provider, resource.Name, c.GetAcceptLanguage())
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.DeleteResource(&resource))
-	c.ServeJSON()
-}
-
-// UploadResource
-// @Tag Resource API
-// @Title UploadResource
-// @Param     owner           query   	string    			true      			"Owner"
-// @Param     user            query   	string    			true      			"User"
-// @Param     application     query   	string    			true     			"Application"
-// @Param     tag             query   	string    			false     			"Tag"
-// @Param     parent          query   	string    			false     			"Parent"
-// @Param     fullFilePath    query   	string    			true     			"Full File Path"
-// @Param     createdTime     query   	string    			false     			"Created Time"
-// @Param     description     query   	string    			false     			"Description"
-// @Param     file            formData 	file      			true      			"Resource file"
-// @Success   200             {object}  object.Resource  	FileUrl, objectKey
-// @router /upload-resource [post]
-func (c *ApiController) UploadResource() {
-	owner := c.Input().Get("owner")
-	username := c.Input().Get("user")
-	application := c.Input().Get("application")
-	tag := c.Input().Get("tag")
-	parent := c.Input().Get("parent")
-	fullFilePath := c.Input().Get("fullFilePath")
-	createdTime := c.Input().Get("createdTime")
-	description := c.Input().Get("description")
-
-	file, header, err := c.GetFile("file")
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	defer file.Close()
-
-	if username == "" || fullFilePath == "" {
-		c.ResponseError(fmt.Sprintf(c.T("resource:Username or fullFilePath is empty: username = %s, fullFilePath = %s"), username, fullFilePath))
-		return
-	}
-
-	filename := filepath.Base(fullFilePath)
-	fileBuffer := bytes.NewBuffer(nil)
-	if _, err = io.Copy(fileBuffer, file); err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	provider, err := c.GetProviderFromContext("Storage")
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	_, fullFilePath = refineFullFilePath(fullFilePath)
-
-	fileType := "unknown"
-	contentType := header.Header.Get("Content-Type")
-	fileType, _ = util.GetOwnerAndNameFromIdNoCheck(contentType + "/")
-
-	if fileType != "image" && fileType != "video" {
-		ext := filepath.Ext(filename)
-		mimeType := mime.TypeByExtension(ext)
-		fileType, _ = util.GetOwnerAndNameFromIdNoCheck(mimeType + "/")
-	}
-
-	fullFilePath = object.GetTruncatedPath(provider, fullFilePath, 450)
-	if tag != "avatar" && tag != "termsOfUse" && !strings.HasPrefix(tag, "idCard") {
-		ext := filepath.Ext(filepath.Base(fullFilePath))
-		index := len(fullFilePath) - len(ext)
-		for i := 1; ; i++ {
-			_, objectKey := object.GetUploadFileUrl(provider, fullFilePath, true)
-			if count, err := object.GetResourceCount(owner, username, "name", objectKey); err != nil {
-				c.ResponseError(err.Error())
-				return
-			} else if count == 0 {
-				break
-			}
-
-			// duplicated fullFilePath found, change it
-			fullFilePath = fullFilePath[:index] + fmt.Sprintf("-%d", i) + ext
-		}
-	}
-
-	fileUrl, objectKey, err := object.UploadFileSafe(provider, fullFilePath, fileBuffer, c.GetAcceptLanguage())
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if username == "Built-in-Untracked" {
-		c.ResponseOk(fileUrl, objectKey)
-		return
-	}
-
-	if createdTime == "" {
-		createdTime = util.GetCurrentTime()
-	}
-	fileFormat := filepath.Ext(fullFilePath)
-	fileSize := int(header.Size)
-	resource := &object.Resource{
-		Owner:       owner,
-		Name:        objectKey,
-		CreatedTime: createdTime,
-		User:        username,
-		Provider:    provider.Name,
-		Application: application,
-		Tag:         tag,
-		Parent:      parent,
-		FileName:    filename,
-		FileType:    fileType,
-		FileFormat:  fileFormat,
-		FileSize:    fileSize,
-		Url:         fileUrl,
-		Description: description,
-	}
-	_, err = object.AddOrUpdateResource(resource)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	switch tag {
-	case "avatar":
-		user, err := object.GetUserNoCheck(util.GetId(owner, username))
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		if user == nil {
-			c.ResponseError(c.T("resource:User is nil for tag: avatar"))
-			return
-		}
-
-		user.Avatar = fileUrl
-		_, err = object.UpdateUser(user.GetId(), user, []string{"avatar"}, false)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-	case "termsOfUse":
-		user, err := object.GetUserNoCheck(util.GetId(owner, username))
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		if user == nil {
-			c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), util.GetId(owner, username)))
-			return
-		}
-
-		if !user.IsAdminUser() {
-			c.ResponseError(c.T("auth:Unauthorized operation"))
-			return
-		}
-
-		_, applicationId := util.GetOwnerAndNameFromIdNoCheck(strings.TrimSuffix(fullFilePath, ".html"))
-		applicationObj, err := object.GetApplication(applicationId)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		applicationObj.TermsOfUse = fileUrl
-		_, err = object.UpdateApplication(applicationId, applicationObj)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-	case "idCardFront", "idCardBack", "idCardWithPerson":
-		user, err := object.GetUserNoCheck(util.GetId(owner, username))
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		if user == nil {
-			c.ResponseError(c.T("resource:User is nil for tag: avatar"))
-			return
-		}
-
-		if user.Properties == nil {
-			user.Properties = map[string]string{}
-		}
-		user.Properties[tag] = fileUrl
-		user.Properties["isIdCardVerified"] = "false"
-		_, err = object.UpdateUser(user.GetId(), user, []string{"properties"}, false)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-	}
-
-	c.ResponseOk(fileUrl, objectKey)
-}
--- a/controllers/role.go
+++ b/controllers/role.go
@ -1,145 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetRoles
-// @Title GetRoles
-// @Tag Role API
-// @Description get roles
-// @Param   owner     query    string  true        "The owner of roles"
-// @Success 200 {array} object.Role The Response object
-// @router /get-roles [get]
-func (c *ApiController) GetRoles() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-
-	if limit == "" || page == "" {
-		roles, err := object.GetRoles(owner)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(roles)
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetRoleCount(owner, field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		roles, err := object.GetPaginationRoles(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(roles, paginator.Nums())
-	}
-}
-
-// GetRole
-// @Title GetRole
-// @Tag Role API
-// @Description get role
-// @Param   id     query    string  true        "The id ( owner/name ) of the role"
-// @Success 200 {object} object.Role The Response object
-// @router /get-role [get]
-func (c *ApiController) GetRole() {
-	id := c.Input().Get("id")
-
-	role, err := object.GetRole(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(role)
-}
-
-// UpdateRole
-// @Title UpdateRole
-// @Tag Role API
-// @Description update role
-// @Param   id     query    string  true        "The id ( owner/name ) of the role"
-// @Param   body    body   object.Role  true        "The details of the role"
-// @Success 200 {object} controllers.Response The Response object
-// @router /update-role [post]
-func (c *ApiController) UpdateRole() {
-	id := c.Input().Get("id")
-
-	var role object.Role
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &role)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.UpdateRole(id, &role))
-	c.ServeJSON()
-}
-
-// AddRole
-// @Title AddRole
-// @Tag Role API
-// @Description add role
-// @Param   body    body   object.Role  true        "The details of the role"
-// @Success 200 {object} controllers.Response The Response object
-// @router /add-role [post]
-func (c *ApiController) AddRole() {
-	var role object.Role
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &role)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.AddRole(&role))
-	c.ServeJSON()
-}
-
-// DeleteRole
-// @Title DeleteRole
-// @Tag Role API
-// @Description delete role
-// @Param   body    body   object.Role  true        "The details of the role"
-// @Success 200 {object} controllers.Response The Response object
-// @router /delete-role [post]
-func (c *ApiController) DeleteRole() {
-	var role object.Role
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &role)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.DeleteRole(&role))
-	c.ServeJSON()
-}
--- a/controllers/role_upload.go
+++ b/controllers/role_upload.go
@ -1,54 +0,0 @@
-// Copyright 2023 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"fmt"
-	"os"
-
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-func (c *ApiController) UploadRoles() {
-	userId := c.GetSessionUsername()
-	owner, user := util.GetOwnerAndNameFromId(userId)
-
-	file, header, err := c.Ctx.Request.FormFile("file")
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	fileId := fmt.Sprintf("%s_%s_%s", owner, user, util.RemoveExt(header.Filename))
-	path := util.GetUploadXlsxPath(fileId)
-	defer os.Remove(path)
-	err = saveFile(path, &file)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	affected, err := object.UploadRoles(owner, path)
-	if err != nil {
-		c.ResponseError(err.Error())
-	}
-
-	if affected {
-		c.ResponseOk()
-	} else {
-		c.ResponseError(c.T("user_upload:Failed to import users"))
-	}
-}
--- a/controllers/saml.go
+++ b/controllers/saml.go
@ -1,66 +0,0 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"fmt"
-	"net/http"
-
-	"github.com/casdoor/casdoor/object"
-)
-
-func (c *ApiController) GetSamlMeta() {
-	host := c.Ctx.Request.Host
-	paramApp := c.Input().Get("application")
-	application, err := object.GetApplication(paramApp)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if application == nil {
-		c.ResponseError(fmt.Sprintf(c.T("saml:Application %s not found"), paramApp))
-		return
-	}
-
-	enablePostBinding, err := c.GetBool("enablePostBinding", false)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	metadata, err := object.GetSamlMeta(application, host, enablePostBinding)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["xml"] = metadata
-	c.ServeXML()
-}
-
-func (c *ApiController) HandleSamlRedirect() {
-	host := c.Ctx.Request.Host
-
-	owner := c.Ctx.Input.Param(":owner")
-	application := c.Ctx.Input.Param(":application")
-
-	relayState := c.Input().Get("RelayState")
-	samlRequest := c.Input().Get("SAMLRequest")
-
-	targetURL := object.GetSamlRedirectAddress(owner, application, relayState, samlRequest, host)
-
-	c.Redirect(targetURL, http.StatusSeeOther)
-}
--- a/controllers/service.go
+++ b/controllers/service.go
@ -1,222 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-// Casdoor will expose its providers as services to SDK
-// We are going to implement those services as APIs here
-
-package controllers
-
-import (
-	"encoding/json"
-	"fmt"
-	"strings"
-
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-type EmailForm struct {
-	Title          string          `json:"title"`
-	Content        string          `json:"content"`
-	Sender         string          `json:"sender"`
-	Receivers      []string        `json:"receivers"`
-	Provider       string          `json:"provider"`
-	ProviderObject object.Provider `json:"providerObject"`
-}
-
-type SmsForm struct {
-	Content   string   `json:"content"`
-	Receivers []string `json:"receivers"`
-	OrgId     string   `json:"organizationId"` // e.g. "admin/built-in"
-}
-
-type NotificationForm struct {
-	Content string `json:"content"`
-}
-
-// SendEmail
-// @Title SendEmail
-// @Tag Service API
-// @Description This API is not for Casdoor frontend to call, it is for Casdoor SDKs.
-// @Param   clientId    query    string  true        "The clientId of the application"
-// @Param   clientSecret    query    string  true    "The clientSecret of the application"
-// @Param   from    body   controllers.EmailForm    true         "Details of the email request"
-// @Success 200 {object} controllers.Response The Response object
-// @router /send-email [post]
-func (c *ApiController) SendEmail() {
-	userId, ok := c.RequireSignedIn()
-	if !ok {
-		return
-	}
-
-	var emailForm EmailForm
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &emailForm)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	var provider *object.Provider
-	if emailForm.Provider != "" {
-		// called by frontend's TestEmailWidget, provider name is set by frontend
-		provider, err = object.GetProvider(util.GetId("admin", emailForm.Provider))
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-	} else {
-		// called by Casdoor SDK via Client ID & Client Secret, so the used Email provider will be the application' Email provider or the default Email provider
-		provider, err = c.GetProviderFromContext("Email")
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-	}
-
-	if emailForm.ProviderObject.Name != "" {
-		if emailForm.ProviderObject.ClientSecret == "***" {
-			emailForm.ProviderObject.ClientSecret = provider.ClientSecret
-		}
-		provider = &emailForm.ProviderObject
-	}
-
-	// when receiver is the reserved keyword: "TestSmtpServer", it means to test the SMTP server instead of sending a real Email
-	if len(emailForm.Receivers) == 1 && emailForm.Receivers[0] == "TestSmtpServer" {
-		err = object.DailSmtpServer(provider)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-		c.ResponseOk()
-	}
-
-	if util.IsStringsEmpty(emailForm.Title, emailForm.Content, emailForm.Sender) {
-		c.ResponseError(fmt.Sprintf(c.T("service:Empty parameters for emailForm: %v"), emailForm))
-		return
-	}
-
-	invalidReceivers := []string{}
-	for _, receiver := range emailForm.Receivers {
-		if !util.IsEmailValid(receiver) {
-			invalidReceivers = append(invalidReceivers, receiver)
-		}
-	}
-
-	if len(invalidReceivers) != 0 {
-		c.ResponseError(fmt.Sprintf(c.T("service:Invalid Email receivers: %s"), invalidReceivers))
-		return
-	}
-
-	content := emailForm.Content
-	if content == "" {
-		content = provider.Content
-	}
-
-	code := "123456"
-	// "You have requested a verification code at Casdoor. Here is your code: %s, please enter in 5 minutes."
-	content = strings.Replace(content, "%s", code, 1)
-	userString := "Hi"
-	if !object.IsAppUser(userId) {
-		var user *object.User
-		user, err = object.GetUser(userId)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-		if user != nil {
-			userString = user.GetFriendlyName()
-		}
-	}
-	content = strings.Replace(content, "%{user.friendlyName}", userString, 1)
-
-	for _, receiver := range emailForm.Receivers {
-		err = object.SendEmail(provider, emailForm.Title, content, receiver, emailForm.Sender)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-	}
-
-	c.ResponseOk()
-}
-
-// SendSms
-// @Title SendSms
-// @Tag Service API
-// @Description This API is not for Casdoor frontend to call, it is for Casdoor SDKs.
-// @Param   clientId    query    string  true        "The clientId of the application"
-// @Param   clientSecret    query    string  true    "The clientSecret of the application"
-// @Param   from    body   controllers.SmsForm    true           "Details of the sms request"
-// @Success 200 {object} controllers.Response The Response object
-// @router /send-sms [post]
-func (c *ApiController) SendSms() {
-	provider, err := c.GetProviderFromContext("SMS")
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	var smsForm SmsForm
-	err = json.Unmarshal(c.Ctx.Input.RequestBody, &smsForm)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if provider.Type != "Custom HTTP SMS" {
-		invalidReceivers := getInvalidSmsReceivers(smsForm)
-		if len(invalidReceivers) != 0 {
-			c.ResponseError(fmt.Sprintf(c.T("service:Invalid phone receivers: %s"), strings.Join(invalidReceivers, ", ")))
-			return
-		}
-	}
-
-	err = object.SendSms(provider, smsForm.Content, smsForm.Receivers...)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk()
-}
-
-// SendNotification
-// @Title SendNotification
-// @Tag Service API
-// @Description This API is not for Casdoor frontend to call, it is for Casdoor SDKs.
-// @Param   from    body   controllers.NotificationForm    true         "Details of the notification request"
-// @Success 200 {object} controllers.Response The Response object
-// @router /send-notification [post]
-func (c *ApiController) SendNotification() {
-	provider, err := c.GetProviderFromContext("Notification")
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	var notificationForm NotificationForm
-	err = json.Unmarshal(c.Ctx.Input.RequestBody, &notificationForm)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	err = object.SendNotification(provider, notificationForm.Content)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk()
-}
--- a/controllers/session.go
+++ b/controllers/session.go
@ -1,163 +0,0 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetSessions
-// @Title GetSessions
-// @Tag Session API
-// @Description Get organization user sessions.
-// @Param   owner     query    string  true        "The organization name"
-// @Success 200 {array} string The Response object
-// @router /get-sessions [get]
-func (c *ApiController) GetSessions() {
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-	owner := c.Input().Get("owner")
-
-	if limit == "" || page == "" {
-		sessions, err := object.GetSessions(owner)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(sessions)
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetSessionCount(owner, field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		sessions, err := object.GetPaginationSessions(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(sessions, paginator.Nums())
-	}
-}
-
-// GetSingleSession
-// @Title GetSingleSession
-// @Tag Session API
-// @Description Get session for one user in one application.
-// @Param   id     query    string  true        "The id(organization/application/user) of session"
-// @Success 200 {array} string The Response object
-// @router /get-session [get]
-func (c *ApiController) GetSingleSession() {
-	id := c.Input().Get("sessionPkId")
-
-	session, err := object.GetSingleSession(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(session)
-}
-
-// UpdateSession
-// @Title UpdateSession
-// @Tag Session API
-// @Description Update session for one user in one application.
-// @Param   id     query    string  true        "The id(organization/application/user) of session"
-// @Success 200 {array} string The Response object
-// @router /update-session [post]
-func (c *ApiController) UpdateSession() {
-	var session object.Session
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &session)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.UpdateSession(util.GetSessionId(session.Owner, session.Name, session.Application), &session))
-	c.ServeJSON()
-}
-
-// AddSession
-// @Title AddSession
-// @Tag Session API
-// @Description Add session for one user in one application. If there are other existing sessions, join the session into the list.
-// @Param   id     query    string  true        "The id(organization/application/user) of session"
-// @Param   sessionId     query    string  true        "sessionId to be added"
-// @Success 200 {array} string The Response object
-// @router /add-session [post]
-func (c *ApiController) AddSession() {
-	var session object.Session
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &session)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.AddSession(&session))
-	c.ServeJSON()
-}
-
-// DeleteSession
-// @Title DeleteSession
-// @Tag Session API
-// @Description Delete session for one user in one application.
-// @Param   id     query    string  true        "The id(organization/application/user) of session"
-// @Success 200 {array} string The Response object
-// @router /delete-session [post]
-func (c *ApiController) DeleteSession() {
-	var session object.Session
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &session)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.DeleteSession(util.GetSessionId(session.Owner, session.Name, session.Application)))
-	c.ServeJSON()
-}
-
-// IsSessionDuplicated
-// @Title IsSessionDuplicated
-// @Tag Session API
-// @Description Check if there are other different sessions for one user in one application.
-// @Param   id     query    string  true        "The id(organization/application/user) of session"
-// @Param   sessionId     query    string  true        "sessionId to be checked"
-// @Success 200 {array} string The Response object
-// @router /is-session-duplicated [get]
-func (c *ApiController) IsSessionDuplicated() {
-	id := c.Input().Get("sessionPkId")
-	sessionId := c.Input().Get("sessionId")
-
-	isUserSessionDuplicated, err := object.IsSessionDuplicated(id, sessionId)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(isUserSessionDuplicated)
-}
--- a/controllers/subscription.go
+++ b/controllers/subscription.go
@ -1,145 +0,0 @@
-// Copyright 2023 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetSubscriptions
-// @Title GetSubscriptions
-// @Tag Subscription API
-// @Description get subscriptions
-// @Param   owner     query    string  true        "The owner of subscriptions"
-// @Success 200 {array} object.Subscription The Response object
-// @router /get-subscriptions [get]
-func (c *ApiController) GetSubscriptions() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-
-	if limit == "" || page == "" {
-		subscriptions, err := object.GetSubscriptions(owner)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(subscriptions)
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetSubscriptionCount(owner, field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		subscription, err := object.GetPaginationSubscriptions(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(subscription, paginator.Nums())
-	}
-}
-
-// GetSubscription
-// @Title GetSubscription
-// @Tag Subscription API
-// @Description get subscription
-// @Param   id     query    string  true        "The id ( owner/name ) of the subscription"
-// @Success 200 {object} object.Subscription The Response object
-// @router /get-subscription [get]
-func (c *ApiController) GetSubscription() {
-	id := c.Input().Get("id")
-
-	subscription, err := object.GetSubscription(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(subscription)
-}
-
-// UpdateSubscription
-// @Title UpdateSubscription
-// @Tag Subscription API
-// @Description update subscription
-// @Param   id     query    string  true        "The id ( owner/name ) of the subscription"
-// @Param   body    body   object.Subscription  true        "The details of the subscription"
-// @Success 200 {object} controllers.Response The Response object
-// @router /update-subscription [post]
-func (c *ApiController) UpdateSubscription() {
-	id := c.Input().Get("id")
-
-	var subscription object.Subscription
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &subscription)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.UpdateSubscription(id, &subscription))
-	c.ServeJSON()
-}
-
-// AddSubscription
-// @Title AddSubscription
-// @Tag Subscription API
-// @Description add subscription
-// @Param   body    body   object.Subscription  true        "The details of the subscription"
-// @Success 200 {object} controllers.Response The Response object
-// @router /add-subscription [post]
-func (c *ApiController) AddSubscription() {
-	var subscription object.Subscription
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &subscription)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.AddSubscription(&subscription))
-	c.ServeJSON()
-}
-
-// DeleteSubscription
-// @Title DeleteSubscription
-// @Tag Subscription API
-// @Description delete subscription
-// @Param   body    body   object.Subscription  true        "The details of the subscription"
-// @Success 200 {object} controllers.Response The Response object
-// @router /delete-subscription [post]
-func (c *ApiController) DeleteSubscription() {
-	var subscription object.Subscription
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &subscription)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.DeleteSubscription(&subscription))
-	c.ServeJSON()
-}
--- a/controllers/syncer.go
+++ b/controllers/syncer.go
@ -1,187 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetSyncers
-// @Title GetSyncers
-// @Tag Syncer API
-// @Description get syncers
-// @Param   owner     query    string  true        "The owner of syncers"
-// @Success 200 {array} object.Syncer The Response object
-// @router /get-syncers [get]
-func (c *ApiController) GetSyncers() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-	organization := c.Input().Get("organization")
-
-	if limit == "" || page == "" {
-		syncers, err := object.GetMaskedSyncers(object.GetOrganizationSyncers(owner, organization))
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(syncers)
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetSyncerCount(owner, organization, field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		syncers, err := object.GetMaskedSyncers(object.GetPaginationSyncers(owner, organization, paginator.Offset(), limit, field, value, sortField, sortOrder))
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(syncers, paginator.Nums())
-	}
-}
-
-// GetSyncer
-// @Title GetSyncer
-// @Tag Syncer API
-// @Description get syncer
-// @Param   id     query    string  true        "The id ( owner/name ) of the syncer"
-// @Success 200 {object} object.Syncer The Response object
-// @router /get-syncer [get]
-func (c *ApiController) GetSyncer() {
-	id := c.Input().Get("id")
-
-	syncer, err := object.GetMaskedSyncer(object.GetSyncer(id))
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(syncer)
-}
-
-// UpdateSyncer
-// @Title UpdateSyncer
-// @Tag Syncer API
-// @Description update syncer
-// @Param   id     query    string  true        "The id ( owner/name ) of the syncer"
-// @Param   body    body   object.Syncer  true        "The details of the syncer"
-// @Success 200 {object} controllers.Response The Response object
-// @router /update-syncer [post]
-func (c *ApiController) UpdateSyncer() {
-	id := c.Input().Get("id")
-
-	var syncer object.Syncer
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &syncer)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.UpdateSyncer(id, &syncer))
-	c.ServeJSON()
-}
-
-// AddSyncer
-// @Title AddSyncer
-// @Tag Syncer API
-// @Description add syncer
-// @Param   body    body   object.Syncer  true        "The details of the syncer"
-// @Success 200 {object} controllers.Response The Response object
-// @router /add-syncer [post]
-func (c *ApiController) AddSyncer() {
-	var syncer object.Syncer
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &syncer)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.AddSyncer(&syncer))
-	c.ServeJSON()
-}
-
-// DeleteSyncer
-// @Title DeleteSyncer
-// @Tag Syncer API
-// @Description delete syncer
-// @Param   body    body   object.Syncer  true        "The details of the syncer"
-// @Success 200 {object} controllers.Response The Response object
-// @router /delete-syncer [post]
-func (c *ApiController) DeleteSyncer() {
-	var syncer object.Syncer
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &syncer)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.DeleteSyncer(&syncer))
-	c.ServeJSON()
-}
-
-// RunSyncer
-// @Title RunSyncer
-// @Tag Syncer API
-// @Description run syncer
-// @Param   body    body   object.Syncer  true        "The details of the syncer"
-// @Success 200 {object} controllers.Response The Response object
-// @router /run-syncer [get]
-func (c *ApiController) RunSyncer() {
-	id := c.Input().Get("id")
-	syncer, err := object.GetSyncer(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	err = object.RunSyncer(syncer)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk()
-}
-
-func (c *ApiController) TestSyncerDb() {
-	var syncer object.Syncer
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &syncer)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	err = object.TestSyncerDb(syncer)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk()
-}
--- a/controllers/system_info.go
+++ b/controllers/system_info.go
@ -1,78 +0,0 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetSystemInfo
-// @Title GetSystemInfo
-// @Tag System API
-// @Description get system info like CPU and memory usage
-// @Success 200 {object} util.SystemInfo The Response object
-// @router /get-system-info [get]
-func (c *ApiController) GetSystemInfo() {
-	_, ok := c.RequireAdmin()
-	if !ok {
-		return
-	}
-
-	systemInfo, err := util.GetSystemInfo()
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(systemInfo)
-}
-
-// GetVersionInfo
-// @Title GetVersionInfo
-// @Tag System API
-// @Description get version info like Casdoor release version and commit ID
-// @Success 200 {object} util.VersionInfo The Response object
-// @router /get-version-info [get]
-func (c *ApiController) GetVersionInfo() {
-	errInfo := ""
-	versionInfo, err := util.GetVersionInfo()
-	if err != nil {
-		errInfo = "Git error: " + err.Error()
-	}
-
-	if versionInfo.Version != "" {
-		c.ResponseOk(versionInfo)
-		return
-	}
-
-	versionInfo, err = util.GetVersionInfoFromFile()
-	if err != nil {
-		errInfo = errInfo + ", File error: " + err.Error()
-		c.ResponseError(errInfo)
-		return
-	}
-
-	c.ResponseOk(versionInfo)
-}
-
-// Health
-// @Title Health
-// @Tag System API
-// @Description check if the system is live
-// @Success 200 {object} controllers.Response The Response object
-// @router /health [get]
-func (c *ApiController) Health() {
-	c.ResponseOk()
-}
--- a/controllers/token.go
+++ b/controllers/token.go
@ -1,390 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetTokens
-// @Title GetTokens
-// @Tag Token API
-// @Description get tokens
-// @Param   owner     query    string  true        "The owner of tokens"
-// @Param   pageSize     query    string  true        "The size of each page"
-// @Param   p     query    string  true        "The number of the page"
-// @Success 200 {array} object.Token The Response object
-// @router /get-tokens [get]
-func (c *ApiController) GetTokens() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-	organization := c.Input().Get("organization")
-	if limit == "" || page == "" {
-		token, err := object.GetTokens(owner, organization)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(token)
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetTokenCount(owner, organization, field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		tokens, err := object.GetPaginationTokens(owner, organization, paginator.Offset(), limit, field, value, sortField, sortOrder)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(tokens, paginator.Nums())
-	}
-}
-
-// GetToken
-// @Title GetToken
-// @Tag Token API
-// @Description get token
-// @Param   id     query    string  true        "The id ( owner/name ) of token"
-// @Success 200 {object} object.Token The Response object
-// @router /get-token [get]
-func (c *ApiController) GetToken() {
-	id := c.Input().Get("id")
-	token, err := object.GetToken(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(token)
-}
-
-// UpdateToken
-// @Title UpdateToken
-// @Tag Token API
-// @Description update token
-// @Param   id     query    string  true        "The id ( owner/name ) of token"
-// @Param   body    body   object.Token  true        "Details of the token"
-// @Success 200 {object} controllers.Response The Response object
-// @router /update-token [post]
-func (c *ApiController) UpdateToken() {
-	id := c.Input().Get("id")
-
-	var token object.Token
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &token)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.UpdateToken(id, &token))
-	c.ServeJSON()
-}
-
-// AddToken
-// @Title AddToken
-// @Tag Token API
-// @Description add token
-// @Param   body    body   object.Token  true        "Details of the token"
-// @Success 200 {object} controllers.Response The Response object
-// @router /add-token [post]
-func (c *ApiController) AddToken() {
-	var token object.Token
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &token)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.AddToken(&token))
-	c.ServeJSON()
-}
-
-// DeleteToken
-// @Tag Token API
-// @Title DeleteToken
-// @Description delete token
-// @Param   body    body   object.Token  true        "Details of the token"
-// @Success 200 {object} controllers.Response The Response object
-// @router /delete-token [post]
-func (c *ApiController) DeleteToken() {
-	var token object.Token
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &token)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.DeleteToken(&token))
-	c.ServeJSON()
-}
-
-// GetOAuthToken
-// @Title GetOAuthToken
-// @Tag Token API
-// @Description get OAuth access token
-// @Param   grant_type     query    string  true        "OAuth grant type"
-// @Param   client_id     query    string  true        "OAuth client id"
-// @Param   client_secret     query    string  true        "OAuth client secret"
-// @Param   code     query    string  true        "OAuth code"
-// @Success 200 {object} object.TokenWrapper The Response object
-// @Success 400 {object} object.TokenError The Response object
-// @Success 401 {object} object.TokenError The Response object
-// @router /login/oauth/access_token [post]
-func (c *ApiController) GetOAuthToken() {
-	clientId := c.Input().Get("client_id")
-	clientSecret := c.Input().Get("client_secret")
-	grantType := c.Input().Get("grant_type")
-	code := c.Input().Get("code")
-	verifier := c.Input().Get("code_verifier")
-	scope := c.Input().Get("scope")
-	nonce := c.Input().Get("nonce")
-	username := c.Input().Get("username")
-	password := c.Input().Get("password")
-	tag := c.Input().Get("tag")
-	avatar := c.Input().Get("avatar")
-	refreshToken := c.Input().Get("refresh_token")
-
-	if clientId == "" && clientSecret == "" {
-		clientId, clientSecret, _ = c.Ctx.Request.BasicAuth()
-	}
-
-	if len(c.Ctx.Input.RequestBody) != 0 {
-		// If clientId is empty, try to read data from RequestBody
-		var tokenRequest TokenRequest
-		err := json.Unmarshal(c.Ctx.Input.RequestBody, &tokenRequest)
-		if err == nil {
-			if clientId == "" {
-				clientId = tokenRequest.ClientId
-			}
-			if clientSecret == "" {
-				clientSecret = tokenRequest.ClientSecret
-			}
-			if grantType == "" {
-				grantType = tokenRequest.GrantType
-			}
-			if code == "" {
-				code = tokenRequest.Code
-			}
-			if verifier == "" {
-				verifier = tokenRequest.Verifier
-			}
-			if scope == "" {
-				scope = tokenRequest.Scope
-			}
-			if nonce == "" {
-				nonce = tokenRequest.Nonce
-			}
-			if username == "" {
-				username = tokenRequest.Username
-			}
-			if password == "" {
-				password = tokenRequest.Password
-			}
-			if tag == "" {
-				tag = tokenRequest.Tag
-			}
-			if avatar == "" {
-				avatar = tokenRequest.Avatar
-			}
-			if refreshToken == "" {
-				refreshToken = tokenRequest.RefreshToken
-			}
-		}
-	}
-
-	host := c.Ctx.Request.Host
-	token, err := object.GetOAuthToken(grantType, clientId, clientSecret, code, verifier, scope, nonce, username, password, host, refreshToken, tag, avatar, c.GetAcceptLanguage())
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = token
-	c.SetTokenErrorHttpStatus()
-	c.ServeJSON()
-}
-
-// RefreshToken
-// @Title RefreshToken
-// @Tag Token API
-// @Description refresh OAuth access token
-// @Param   grant_type     query    string  true        "OAuth grant type"
-// @Param	refresh_token	query	string	true		"OAuth refresh token"
-// @Param   scope     query    string  true        "OAuth scope"
-// @Param   client_id     query    string  true        "OAuth client id"
-// @Param   client_secret     query    string  false        "OAuth client secret"
-// @Success 200 {object} object.TokenWrapper The Response object
-// @Success 400 {object} object.TokenError The Response object
-// @Success 401 {object} object.TokenError The Response object
-// @router /login/oauth/refresh_token [post]
-func (c *ApiController) RefreshToken() {
-	grantType := c.Input().Get("grant_type")
-	refreshToken := c.Input().Get("refresh_token")
-	scope := c.Input().Get("scope")
-	clientId := c.Input().Get("client_id")
-	clientSecret := c.Input().Get("client_secret")
-	host := c.Ctx.Request.Host
-
-	if clientId == "" {
-		// If clientID is empty, try to read data from RequestBody
-		var tokenRequest TokenRequest
-		if err := json.Unmarshal(c.Ctx.Input.RequestBody, &tokenRequest); err == nil {
-			clientId = tokenRequest.ClientId
-			clientSecret = tokenRequest.ClientSecret
-			grantType = tokenRequest.GrantType
-			scope = tokenRequest.Scope
-			refreshToken = tokenRequest.RefreshToken
-		}
-	}
-
-	refreshToken2, err := object.RefreshToken(grantType, refreshToken, scope, clientId, clientSecret, host)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = refreshToken2
-	c.SetTokenErrorHttpStatus()
-	c.ServeJSON()
-}
-
-func (c *ApiController) ResponseTokenError(errorMsg string) {
-	c.Data["json"] = &object.TokenError{
-		Error: errorMsg,
-	}
-	c.SetTokenErrorHttpStatus()
-	c.ServeJSON()
-}
-
-// IntrospectToken
-// @Title IntrospectToken
-// @Tag Login API
-// @Description The introspection endpoint is an OAuth 2.0 endpoint that takes a
-// parameter representing an OAuth 2.0 token and returns a JSON document
-// representing the meta information surrounding the
-// token, including whether this token is currently active.
-// This endpoint only support Basic Authorization.
-//
-// @Param token formData string true "access_token's value or refresh_token's value"
-// @Param token_type_hint formData string true "the token type access_token or refresh_token"
-// @Success 200 {object} object.IntrospectionResponse The Response object
-// @Success 400 {object} object.TokenError The Response object
-// @Success 401 {object} object.TokenError The Response object
-// @router /login/oauth/introspect [post]
-func (c *ApiController) IntrospectToken() {
-	tokenValue := c.Input().Get("token")
-	clientId, clientSecret, ok := c.Ctx.Request.BasicAuth()
-	if !ok {
-		clientId = c.Input().Get("client_id")
-		clientSecret = c.Input().Get("client_secret")
-		if clientId == "" || clientSecret == "" {
-			c.ResponseTokenError(object.InvalidRequest)
-			return
-		}
-	}
-
-	application, err := object.GetApplicationByClientId(clientId)
-	if err != nil {
-		c.ResponseTokenError(err.Error())
-		return
-	}
-
-	if application == nil || application.ClientSecret != clientSecret {
-		c.ResponseTokenError(c.T("token:Invalid application or wrong clientSecret"))
-		return
-	}
-
-	tokenTypeHint := c.Input().Get("token_type_hint")
-	token, err := object.GetTokenByTokenValue(tokenValue, tokenTypeHint)
-	if err != nil {
-		c.ResponseTokenError(err.Error())
-		return
-	}
-	if token == nil {
-		c.Data["json"] = &object.IntrospectionResponse{Active: false}
-		c.ServeJSON()
-		return
-	}
-
-	if application.TokenFormat == "JWT-Standard" {
-		jwtToken, err := object.ParseStandardJwtTokenByApplication(tokenValue, application)
-		if err != nil || jwtToken.Valid() != nil {
-			// and token revoked case. but we not implement
-			// TODO: 2022-03-03 add token revoked check, when we implemented the Token Revocation(rfc7009) Specs.
-			// refs: https://tools.ietf.org/html/rfc7009
-			c.Data["json"] = &object.IntrospectionResponse{Active: false}
-			c.ServeJSON()
-			return
-		}
-
-		c.Data["json"] = &object.IntrospectionResponse{
-			Active:    true,
-			Scope:     jwtToken.Scope,
-			ClientId:  clientId,
-			Username:  token.User,
-			TokenType: token.TokenType,
-			Exp:       jwtToken.ExpiresAt.Unix(),
-			Iat:       jwtToken.IssuedAt.Unix(),
-			Nbf:       jwtToken.NotBefore.Unix(),
-			Sub:       jwtToken.Subject,
-			Aud:       jwtToken.Audience,
-			Iss:       jwtToken.Issuer,
-			Jti:       jwtToken.ID,
-		}
-		c.ServeJSON()
-		return
-	}
-
-	jwtToken, err := object.ParseJwtTokenByApplication(tokenValue, application)
-	if err != nil || jwtToken.Valid() != nil {
-		// and token revoked case. but we not implement
-		// TODO: 2022-03-03 add token revoked check, when we implemented the Token Revocation(rfc7009) Specs.
-		// refs: https://tools.ietf.org/html/rfc7009
-		c.Data["json"] = &object.IntrospectionResponse{Active: false}
-		c.ServeJSON()
-		return
-	}
-
-	c.Data["json"] = &object.IntrospectionResponse{
-		Active:    true,
-		Scope:     jwtToken.Scope,
-		ClientId:  clientId,
-		Username:  token.User,
-		TokenType: token.TokenType,
-		Exp:       jwtToken.ExpiresAt.Unix(),
-		Iat:       jwtToken.IssuedAt.Unix(),
-		Nbf:       jwtToken.NotBefore.Unix(),
-		Sub:       jwtToken.Subject,
-		Aud:       jwtToken.Audience,
-		Iss:       jwtToken.Issuer,
-		Jti:       jwtToken.ID,
-	}
-	c.ServeJSON()
-}
--- a/controllers/transaction.go
+++ b/controllers/transaction.go
@ -1,167 +0,0 @@
-// Copyright 2024 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetTransactions
-// @Title GetTransactions
-// @Tag Transaction API
-// @Description get transactions
-// @Param   owner     query    string  true        "The owner of transactions"
-// @Success 200 {array} object.Transaction The Response object
-// @router /get-transactions [get]
-func (c *ApiController) GetTransactions() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-
-	if limit == "" || page == "" {
-		transactions, err := object.GetTransactions(owner)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(transactions)
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetTransactionCount(owner, field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		transactions, err := object.GetPaginationTransactions(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(transactions, paginator.Nums())
-	}
-}
-
-// GetUserTransactions
-// @Title GetUserTransaction
-// @Tag Transaction API
-// @Description get transactions for a user
-// @Param   owner     query    string  true        "The owner of transactions"
-// @Param   organization    query   string  true   "The organization of the user"
-// @Param   user    query   string  true           "The username of the user"
-// @Success 200 {array} object.Transaction The Response object
-// @router /get-user-transactions [get]
-func (c *ApiController) GetUserTransactions() {
-	owner := c.Input().Get("owner")
-	user := c.Input().Get("user")
-
-	transactions, err := object.GetUserTransactions(owner, user)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(transactions)
-}
-
-// GetTransaction
-// @Title GetTransaction
-// @Tag Transaction API
-// @Description get transaction
-// @Param   id     query    string  true        "The id ( owner/name ) of the transaction"
-// @Success 200 {object} object.Transaction The Response object
-// @router /get-transaction [get]
-func (c *ApiController) GetTransaction() {
-	id := c.Input().Get("id")
-
-	transaction, err := object.GetTransaction(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(transaction)
-}
-
-// UpdateTransaction
-// @Title UpdateTransaction
-// @Tag Transaction API
-// @Description update transaction
-// @Param   id     query    string  true        "The id ( owner/name ) of the transaction"
-// @Param   body    body   object.Transaction  true        "The details of the transaction"
-// @Success 200 {object} controllers.Response The Response object
-// @router /update-transaction [post]
-func (c *ApiController) UpdateTransaction() {
-	id := c.Input().Get("id")
-
-	var transaction object.Transaction
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &transaction)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.UpdateTransaction(id, &transaction))
-	c.ServeJSON()
-}
-
-// AddTransaction
-// @Title AddTransaction
-// @Tag Transaction API
-// @Description add transaction
-// @Param   body    body   object.Transaction  true        "The details of the transaction"
-// @Success 200 {object} controllers.Response The Response object
-// @router /add-transaction [post]
-func (c *ApiController) AddTransaction() {
-	var transaction object.Transaction
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &transaction)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.AddTransaction(&transaction))
-	c.ServeJSON()
-}
-
-// DeleteTransaction
-// @Title DeleteTransaction
-// @Tag Transaction API
-// @Description delete transaction
-// @Param   body    body   object.Transaction  true        "The details of the transaction"
-// @Success 200 {object} controllers.Response The Response object
-// @router /delete-transaction [post]
-func (c *ApiController) DeleteTransaction() {
-	var transaction object.Transaction
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &transaction)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.DeleteTransaction(&transaction))
-	c.ServeJSON()
-}
--- a/controllers/types.go
+++ b/controllers/types.go
@ -1,30 +0,0 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-type TokenRequest struct {
-	ClientId     string `json:"client_id"`
-	ClientSecret string `json:"client_secret"`
-	GrantType    string `json:"grant_type"`
-	Code         string `json:"code"`
-	Verifier     string `json:"code_verifier"`
-	Scope        string `json:"scope"`
-	Nonce        string `json:"nonce"`
-	Username     string `json:"username"`
-	Password     string `json:"password"`
-	Tag          string `json:"tag"`
-	Avatar       string `json:"avatar"`
-	RefreshToken string `json:"refresh_token"`
-}
--- a/controllers/user.go
+++ b/controllers/user.go
@ -1,662 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-	"fmt"
-	"strings"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/conf"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetGlobalUsers
-// @Title GetGlobalUsers
-// @Tag User API
-// @Description get global users
-// @Success 200 {array} object.User The Response object
-// @router /get-global-users [get]
-func (c *ApiController) GetGlobalUsers() {
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-
-	if limit == "" || page == "" {
-		users, err := object.GetMaskedUsers(object.GetGlobalUsers())
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(users)
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetGlobalUserCount(field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		users, err := object.GetPaginationGlobalUsers(paginator.Offset(), limit, field, value, sortField, sortOrder)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		users, err = object.GetMaskedUsers(users)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(users, paginator.Nums())
-	}
-}
-
-// GetUsers
-// @Title GetUsers
-// @Tag User API
-// @Description
-// @Param   owner     query    string  true        "The owner of users"
-// @Success 200 {array} object.User The Response object
-// @router /get-users [get]
-func (c *ApiController) GetUsers() {
-	owner := c.Input().Get("owner")
-	groupName := c.Input().Get("groupName")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-
-	if limit == "" || page == "" {
-		if groupName != "" {
-			users, err := object.GetMaskedUsers(object.GetGroupUsers(util.GetId(owner, groupName)))
-			if err != nil {
-				c.ResponseError(err.Error())
-				return
-			}
-			c.ResponseOk(users)
-			return
-		}
-
-		users, err := object.GetMaskedUsers(object.GetUsers(owner))
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(users)
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetUserCount(owner, field, value, groupName)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		users, err := object.GetPaginationUsers(owner, paginator.Offset(), limit, field, value, sortField, sortOrder, groupName)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		users, err = object.GetMaskedUsers(users)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(users, paginator.Nums())
-	}
-}
-
-// GetUser
-// @Title GetUser
-// @Tag User API
-// @Description get user
-// @Param   id     query    string  false        "The id ( owner/name ) of the user"
-// @Param   owner  query    string  false        "The owner of the user"
-// @Param   email  query    string  false 	     "The email of the user"
-// @Param   phone  query    string  false 	     "The phone of the user"
-// @Param   userId query    string  false 	     "The userId of the user"
-// @Success 200 {object} object.User The Response object
-// @router /get-user [get]
-func (c *ApiController) GetUser() {
-	id := c.Input().Get("id")
-	email := c.Input().Get("email")
-	phone := c.Input().Get("phone")
-	userId := c.Input().Get("userId")
-	owner := c.Input().Get("owner")
-	var err error
-	var userFromUserId *object.User
-	if userId != "" && owner != "" {
-		userFromUserId, err = object.GetUserByUserId(owner, userId)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-		if userFromUserId == nil {
-			c.ResponseOk(nil)
-			return
-		}
-
-		id = util.GetId(userFromUserId.Owner, userFromUserId.Name)
-	}
-
-	var user *object.User
-	if id == "" && owner == "" {
-		switch {
-		case email != "":
-			user, err = object.GetUserByEmailOnly(email)
-		case phone != "":
-			user, err = object.GetUserByPhoneOnly(phone)
-		case userId != "":
-			user, err = object.GetUserByUserIdOnly(userId)
-		}
-	} else {
-		if owner == "" {
-			owner = util.GetOwnerFromId(id)
-		}
-
-		switch {
-		case email != "":
-			user, err = object.GetUserByEmail(owner, email)
-		case phone != "":
-			user, err = object.GetUserByPhone(owner, phone)
-		case userId != "":
-			user = userFromUserId
-		default:
-			user, err = object.GetUser(id)
-		}
-	}
-
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if user != nil {
-		var organization *object.Organization
-		organization, err = object.GetOrganizationByUser(user)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-		if organization == nil {
-			c.ResponseError(fmt.Sprintf(c.T("auth:The organization: %s does not exist"), owner))
-			return
-		}
-
-		if !organization.IsProfilePublic {
-			requestUserId := c.GetSessionUsername()
-			var hasPermission bool
-			hasPermission, err = object.CheckUserPermission(requestUserId, user.GetId(), false, c.GetAcceptLanguage())
-			if !hasPermission {
-				c.ResponseError(err.Error())
-				return
-			}
-		}
-	}
-
-	if user != nil {
-		user.MultiFactorAuths = object.GetAllMfaProps(user, true)
-	}
-
-	err = object.ExtendUserWithRolesAndPermissions(user)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	isAdminOrSelf := c.IsAdminOrSelf(user)
-	user, err = object.GetMaskedUser(user, isAdminOrSelf)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(user)
-}
-
-// UpdateUser
-// @Title UpdateUser
-// @Tag User API
-// @Description update user
-// @Param   id     query    string  true        "The id ( owner/name ) of the user"
-// @Param   body    body   object.User  true        "The details of the user"
-// @Success 200 {object} controllers.Response The Response object
-// @router /update-user [post]
-func (c *ApiController) UpdateUser() {
-	id := c.Input().Get("id")
-	columnsStr := c.Input().Get("columns")
-
-	var user object.User
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &user)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if id == "" {
-		id = c.GetSessionUsername()
-		if id == "" {
-			c.ResponseError(c.T("general:Missing parameter"))
-			return
-		}
-	}
-	oldUser, err := object.GetUser(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if oldUser == nil {
-		c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), id))
-		return
-	}
-
-	if oldUser.Owner == "built-in" && oldUser.Name == "admin" && (user.Owner != "built-in" || user.Name != "admin") {
-		c.ResponseError(c.T("auth:Unauthorized operation"))
-		return
-	}
-
-	if c.Input().Get("allowEmpty") == "" {
-		if user.DisplayName == "" {
-			c.ResponseError(c.T("user:Display name cannot be empty"))
-			return
-		}
-	}
-
-	if user.MfaEmailEnabled && user.Email == "" {
-		c.ResponseError(c.T("user:MFA email is enabled but email is empty"))
-		return
-	}
-
-	if user.MfaPhoneEnabled && user.Phone == "" {
-		c.ResponseError(c.T("user:MFA phone is enabled but phone number is empty"))
-		return
-	}
-
-	if msg := object.CheckUpdateUser(oldUser, &user, c.GetAcceptLanguage()); msg != "" {
-		c.ResponseError(msg)
-		return
-	}
-
-	isUsernameLowered := conf.GetConfigBool("isUsernameLowered")
-	if isUsernameLowered {
-		user.Name = strings.ToLower(user.Name)
-	}
-
-	isAdmin := c.IsAdmin()
-	if pass, err := object.CheckPermissionForUpdateUser(oldUser, &user, isAdmin, c.GetAcceptLanguage()); !pass {
-		c.ResponseError(err)
-		return
-	}
-
-	columns := []string{}
-	if columnsStr != "" {
-		columns = strings.Split(columnsStr, ",")
-	}
-
-	affected, err := object.UpdateUser(id, &user, columns, isAdmin)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if affected {
-		err = object.UpdateUserToOriginalDatabase(&user)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-	}
-
-	c.Data["json"] = wrapActionResponse(affected)
-	c.ServeJSON()
-}
-
-// AddUser
-// @Title AddUser
-// @Tag User API
-// @Description add user
-// @Param   body    body   object.User  true        "The details of the user"
-// @Success 200 {object} controllers.Response The Response object
-// @router /add-user [post]
-func (c *ApiController) AddUser() {
-	var user object.User
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &user)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	count, err := object.GetUserCount("", "", "", "")
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if err := checkQuotaForUser(int(count)); err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	msg := object.CheckUsername(user.Name, c.GetAcceptLanguage())
-	if msg != "" {
-		c.ResponseError(msg)
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.AddUser(&user))
-	c.ServeJSON()
-}
-
-// DeleteUser
-// @Title DeleteUser
-// @Tag User API
-// @Description delete user
-// @Param   body    body   object.User  true        "The details of the user"
-// @Success 200 {object} controllers.Response The Response object
-// @router /delete-user [post]
-func (c *ApiController) DeleteUser() {
-	var user object.User
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &user)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if user.Owner == "built-in" && user.Name == "admin" {
-		c.ResponseError(c.T("auth:Unauthorized operation"))
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.DeleteUser(&user))
-	c.ServeJSON()
-}
-
-// GetEmailAndPhone
-// @Title GetEmailAndPhone
-// @Tag User API
-// @Description get email and phone by username
-// @Param   username    formData   string  true        "The username of the user"
-// @Param   organization    formData   string  true        "The organization of the user"
-// @Success 200 {object} controllers.Response The Response object
-// @router /get-email-and-phone [get]
-func (c *ApiController) GetEmailAndPhone() {
-	organization := c.Ctx.Request.Form.Get("organization")
-	username := c.Ctx.Request.Form.Get("username")
-
-	user, err := object.GetUserByFields(organization, username)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if user == nil {
-		c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), util.GetId(organization, username)))
-		return
-	}
-
-	respUser := object.User{Name: user.Name}
-	var contentType string
-	switch username {
-	case user.Email:
-		contentType = "email"
-		respUser.Email = user.Email
-	case user.Phone:
-		contentType = "phone"
-		respUser.Phone = user.Phone
-	case user.Name:
-		contentType = "username"
-		respUser.Email = util.GetMaskedEmail(user.Email)
-		respUser.Phone = util.GetMaskedPhone(user.Phone)
-	}
-
-	c.ResponseOk(respUser, contentType)
-}
-
-// SetPassword
-// @Title SetPassword
-// @Tag Account API
-// @Description set password
-// @Param   userOwner   formData    string  true        "The owner of the user"
-// @Param   userName   formData    string  true        "The name of the user"
-// @Param   oldPassword   formData    string  true        "The old password of the user"
-// @Param   newPassword   formData    string  true        "The new password of the user"
-// @Success 200 {object} controllers.Response The Response object
-// @router /set-password [post]
-func (c *ApiController) SetPassword() {
-	userOwner := c.Ctx.Request.Form.Get("userOwner")
-	userName := c.Ctx.Request.Form.Get("userName")
-	oldPassword := c.Ctx.Request.Form.Get("oldPassword")
-	newPassword := c.Ctx.Request.Form.Get("newPassword")
-	code := c.Ctx.Request.Form.Get("code")
-
-	//if userOwner == "built-in" && userName == "admin" {
-	//	c.ResponseError(c.T("auth:Unauthorized operation"))
-	//	return
-	//}
-
-	if strings.Contains(newPassword, " ") {
-		c.ResponseError(c.T("user:New password cannot contain blank space."))
-		return
-	}
-
-	userId := util.GetId(userOwner, userName)
-
-	requestUserId := c.GetSessionUsername()
-	if requestUserId == "" && code == "" {
-		c.ResponseError(c.T("general:Please login first"), "Please login first")
-		return
-	} else if code == "" {
-		hasPermission, err := object.CheckUserPermission(requestUserId, userId, true, c.GetAcceptLanguage())
-		if !hasPermission {
-			c.ResponseError(err.Error())
-			return
-		}
-	} else {
-		if code != c.GetSession("verifiedCode") {
-			c.ResponseError(c.T("general:Missing parameter"))
-			return
-		}
-		c.SetSession("verifiedCode", "")
-	}
-
-	targetUser, err := object.GetUser(userId)
-	if targetUser == nil {
-		c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), userId))
-		return
-	}
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	isAdmin := c.IsAdmin()
-	if isAdmin {
-		if oldPassword != "" {
-			err = object.CheckPassword(targetUser, oldPassword, c.GetAcceptLanguage())
-			if err != nil {
-				c.ResponseError(err.Error())
-				return
-			}
-		}
-	} else if code == "" {
-		err = object.CheckPassword(targetUser, oldPassword, c.GetAcceptLanguage())
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-	}
-
-	msg := object.CheckPasswordComplexity(targetUser, newPassword)
-	if msg != "" {
-		c.ResponseError(msg)
-		return
-	}
-
-	organization, err := object.GetOrganizationByUser(targetUser)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	if organization == nil {
-		c.ResponseError(fmt.Sprintf(c.T("the organization: %s is not found"), targetUser.Owner))
-		return
-	}
-
-	targetUser.Password = newPassword
-	targetUser.UpdateUserPassword(organization)
-	targetUser.NeedUpdatePassword = false
-
-	_, err = object.UpdateUser(userId, targetUser, []string{"password", "need_update_password", "password_type"}, false)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk()
-}
-
-// CheckUserPassword
-// @Title CheckUserPassword
-// @router /check-user-password [post]
-// @Tag User API
-// @Success 200 {object} object.Userinfo The Response object
-func (c *ApiController) CheckUserPassword() {
-	var user object.User
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &user)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	_, err = object.CheckUserPassword(user.Owner, user.Name, user.Password, c.GetAcceptLanguage())
-	if err != nil {
-		c.ResponseError(err.Error())
-	} else {
-		c.ResponseOk()
-	}
-}
-
-// GetSortedUsers
-// @Title GetSortedUsers
-// @Tag User API
-// @Description
-// @Param   owner     query    string  true        "The owner of users"
-// @Param   sorter     query    string  true        "The DB column name to sort by, e.g., created_time"
-// @Param   limit     query    string  true        "The count of users to return, e.g., 25"
-// @Success 200 {array} object.User The Response object
-// @router /get-sorted-users [get]
-func (c *ApiController) GetSortedUsers() {
-	owner := c.Input().Get("owner")
-	sorter := c.Input().Get("sorter")
-	limit := util.ParseInt(c.Input().Get("limit"))
-
-	users, err := object.GetMaskedUsers(object.GetSortedUsers(owner, sorter, limit))
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(users)
-}
-
-// GetUserCount
-// @Title GetUserCount
-// @Tag User API
-// @Description
-// @Param   owner     query    string  true        "The owner of users"
-// @Param   isOnline     query    string  true        "The filter for query, 1 for online, 0 for offline, empty string for all users"
-// @Success 200 {int} int The count of filtered users for an organization
-// @router /get-user-count [get]
-func (c *ApiController) GetUserCount() {
-	owner := c.Input().Get("owner")
-	isOnline := c.Input().Get("isOnline")
-
-	var count int64
-	var err error
-	if isOnline == "" {
-		count, err = object.GetUserCount(owner, "", "", "")
-	} else {
-		count, err = object.GetOnlineUserCount(owner, util.ParseInt(isOnline))
-	}
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(count)
-}
-
-// AddUserKeys
-// @Title AddUserKeys
-// @router /add-user-keys [post]
-// @Tag User API
-// @Success 200 {object} object.Userinfo The Response object
-func (c *ApiController) AddUserKeys() {
-	var user object.User
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &user)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	isAdmin := c.IsAdmin()
-	affected, err := object.AddUserKeys(&user, isAdmin)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(affected)
-}
-
-func (c *ApiController) RemoveUserFromGroup() {
-	owner := c.Ctx.Request.Form.Get("owner")
-	name := c.Ctx.Request.Form.Get("name")
-	groupName := c.Ctx.Request.Form.Get("groupName")
-
-	organization, err := object.GetOrganization(util.GetId("admin", owner))
-	if err != nil {
-		return
-	}
-	item := object.GetAccountItemByName("Groups", organization)
-	res, msg := object.CheckAccountItemModifyRule(item, c.IsAdmin(), c.GetAcceptLanguage())
-	if !res {
-		c.ResponseError(msg)
-		return
-	}
-
-	affected, err := object.DeleteGroupForUser(util.GetId(owner, name), groupName)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(affected)
-}
--- a/controllers/user_upload.go
+++ b/controllers/user_upload.go
@ -1,72 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"fmt"
-	"io"
-	"mime/multipart"
-	"os"
-	"path/filepath"
-
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-func saveFile(path string, file *multipart.File) (err error) {
-	f, err := os.Create(filepath.Clean(path))
-	if err != nil {
-		return err
-	}
-	defer f.Close()
-
-	_, err = io.Copy(f, *file)
-	if err != nil {
-		return err
-	}
-	return nil
-}
-
-func (c *ApiController) UploadUsers() {
-	userId := c.GetSessionUsername()
-	owner, user := util.GetOwnerAndNameFromId(userId)
-
-	file, header, err := c.Ctx.Request.FormFile("file")
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	fileId := fmt.Sprintf("%s_%s_%s", owner, user, util.RemoveExt(header.Filename))
-	path := util.GetUploadXlsxPath(fileId)
-	defer os.Remove(path)
-	err = saveFile(path, &file)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	affected, err := object.UploadUsers(owner, path)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if affected {
-		c.ResponseOk()
-	} else {
-		c.ResponseError(c.T("user_upload:Failed to import users"))
-	}
-}
--- a/controllers/util.go
+++ b/controllers/util.go
@ -1,308 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"fmt"
-	"strings"
-
-	"github.com/casdoor/casdoor/conf"
-	"github.com/casdoor/casdoor/i18n"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// ResponseJsonData ...
-func (c *ApiController) ResponseJsonData(resp *Response, data ...interface{}) {
-	switch len(data) {
-	case 2:
-		resp.Data2 = data[1]
-		fallthrough
-	case 1:
-		resp.Data = data[0]
-	}
-	c.Data["json"] = resp
-	c.ServeJSON()
-}
-
-// ResponseOk ...
-func (c *ApiController) ResponseOk(data ...interface{}) {
-	resp := &Response{Status: "ok"}
-	c.ResponseJsonData(resp, data...)
-}
-
-// ResponseError ...
-func (c *ApiController) ResponseError(error string, data ...interface{}) {
-	enableErrorMask := conf.GetConfigBool("enableErrorMask")
-	if enableErrorMask {
-		if strings.HasPrefix(error, "The user: ") && strings.HasSuffix(error, " doesn't exist") || strings.HasPrefix(error, "用户: ") && strings.HasSuffix(error, "不存在") {
-			error = c.T("check:password or code is incorrect")
-		}
-	}
-
-	resp := &Response{Status: "error", Msg: error}
-	c.ResponseJsonData(resp, data...)
-}
-
-func (c *ApiController) T(error string) string {
-	return i18n.Translate(c.GetAcceptLanguage(), error)
-}
-
-// GetAcceptLanguage ...
-func (c *ApiController) GetAcceptLanguage() string {
-	language := c.Ctx.Request.Header.Get("Accept-Language")
-	if len(language) > 2 {
-		language = language[0:2]
-	}
-	return conf.GetLanguage(language)
-}
-
-// SetTokenErrorHttpStatus ...
-func (c *ApiController) SetTokenErrorHttpStatus() {
-	_, ok := c.Data["json"].(*object.TokenError)
-	if ok {
-		if c.Data["json"].(*object.TokenError).Error == object.InvalidClient {
-			c.Ctx.Output.SetStatus(401)
-			c.Ctx.Output.Header("WWW-Authenticate", "Basic realm=\"OAuth2\"")
-		} else {
-			c.Ctx.Output.SetStatus(400)
-		}
-	}
-	_, ok = c.Data["json"].(*object.TokenWrapper)
-	if ok {
-		c.Ctx.Output.SetStatus(200)
-	}
-}
-
-// RequireSignedIn ...
-func (c *ApiController) RequireSignedIn() (string, bool) {
-	userId := c.GetSessionUsername()
-	if userId == "" {
-		c.ResponseError(c.T("general:Please login first"), "Please login first")
-		return "", false
-	}
-	return userId, true
-}
-
-// RequireSignedInUser ...
-func (c *ApiController) RequireSignedInUser() (*object.User, bool) {
-	userId, ok := c.RequireSignedIn()
-	if !ok {
-		return nil, false
-	}
-
-	if object.IsAppUser(userId) {
-		tmpUserId := c.Input().Get("userId")
-		if tmpUserId != "" {
-			userId = tmpUserId
-		}
-	}
-
-	user, err := object.GetUser(userId)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return nil, false
-	}
-	if user == nil {
-		c.ClearUserSession()
-		c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), userId))
-		return nil, false
-	}
-
-	return user, true
-}
-
-// RequireAdmin ...
-func (c *ApiController) RequireAdmin() (string, bool) {
-	user, ok := c.RequireSignedInUser()
-	if !ok {
-		return "", false
-	}
-
-	if user.Owner == "built-in" {
-		return "", true
-	}
-
-	if !user.IsAdmin {
-		c.ResponseError(c.T("general:this operation requires administrator to perform"))
-		return "", false
-	}
-
-	return user.Owner, true
-}
-
-func (c *ApiController) IsOrgAdmin() (bool, bool) {
-	userId, ok := c.RequireSignedIn()
-	if !ok {
-		return false, true
-	}
-
-	if object.IsAppUser(userId) {
-		return true, true
-	}
-
-	user, err := object.GetUser(userId)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return false, false
-	}
-	if user == nil {
-		c.ClearUserSession()
-		c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), userId))
-		return false, false
-	}
-
-	return user.IsAdmin, true
-}
-
-// IsMaskedEnabled ...
-func (c *ApiController) IsMaskedEnabled() (bool, bool) {
-	isMaskEnabled := true
-	withSecret := c.Input().Get("withSecret")
-	if withSecret == "1" {
-		isMaskEnabled = false
-
-		if conf.IsDemoMode() {
-			c.ResponseError(c.T("general:this operation is not allowed in demo mode"))
-			return false, isMaskEnabled
-		}
-
-		_, ok := c.RequireAdmin()
-		if !ok {
-			return false, isMaskEnabled
-		}
-	}
-
-	return true, isMaskEnabled
-}
-
-func refineFullFilePath(fullFilePath string) (string, string) {
-	tokens := strings.Split(fullFilePath, "/")
-	if len(tokens) >= 2 && tokens[0] == "Direct" && tokens[1] != "" {
-		providerName := tokens[1]
-		res := strings.Join(tokens[2:], "/")
-		return providerName, "/" + res
-	} else {
-		return "", fullFilePath
-	}
-}
-
-func (c *ApiController) GetProviderFromContext(category string) (*object.Provider, error) {
-	providerName := c.Input().Get("provider")
-	if providerName == "" {
-		field := c.Input().Get("field")
-		value := c.Input().Get("value")
-		if field == "provider" && value != "" {
-			providerName = value
-		} else {
-			fullFilePath := c.Input().Get("fullFilePath")
-			providerName, _ = refineFullFilePath(fullFilePath)
-		}
-	}
-
-	if providerName != "" {
-		provider, err := object.GetProvider(util.GetId("admin", providerName))
-		if err != nil {
-			return nil, err
-		}
-
-		if provider == nil {
-			err = fmt.Errorf(c.T("util:The provider: %s is not found"), providerName)
-			return nil, err
-		}
-
-		return provider, nil
-	}
-
-	userId, ok := c.RequireSignedIn()
-	if !ok {
-		return nil, fmt.Errorf(c.T("general:Please login first"))
-	}
-
-	application, err := object.GetApplicationByUserId(userId)
-	if err != nil {
-		return nil, err
-	}
-
-	if application == nil {
-		return nil, fmt.Errorf(c.T("util:No application is found for userId: %s"), userId)
-	}
-
-	provider, err := application.GetProviderByCategory(category)
-	if err != nil {
-		return nil, err
-	}
-
-	if provider == nil {
-		return nil, fmt.Errorf(c.T("util:No provider for category: %s is found for application: %s"), category, application.Name)
-	}
-
-	return provider, nil
-}
-
-func checkQuotaForApplication(count int) error {
-	quota := conf.GetConfigQuota().Application
-	if quota == -1 {
-		return nil
-	}
-	if count >= quota {
-		return fmt.Errorf("application quota is exceeded")
-	}
-	return nil
-}
-
-func checkQuotaForOrganization(count int) error {
-	quota := conf.GetConfigQuota().Organization
-	if quota == -1 {
-		return nil
-	}
-	if count >= quota {
-		return fmt.Errorf("organization quota is exceeded")
-	}
-	return nil
-}
-
-func checkQuotaForProvider(count int) error {
-	quota := conf.GetConfigQuota().Provider
-	if quota == -1 {
-		return nil
-	}
-	if count >= quota {
-		return fmt.Errorf("provider quota is exceeded")
-	}
-	return nil
-}
-
-func checkQuotaForUser(count int) error {
-	quota := conf.GetConfigQuota().User
-	if quota == -1 {
-		return nil
-	}
-	if count >= quota {
-		return fmt.Errorf("user quota is exceeded")
-	}
-	return nil
-}
-
-func getInvalidSmsReceivers(smsForm SmsForm) []string {
-	var invalidReceivers []string
-	for _, receiver := range smsForm.Receivers {
-		// The receiver phone format: E164 like +8613854673829 +441932567890
-		if !util.IsPhoneValid(receiver, "") {
-			invalidReceivers = append(invalidReceivers, receiver)
-		}
-	}
-	return invalidReceivers
-}
--- a/controllers/verification.go
+++ b/controllers/verification.go
@ -1,536 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-	"errors"
-	"fmt"
-	"strings"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/captcha"
-	"github.com/casdoor/casdoor/form"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-const (
-	SignupVerification   = "signup"
-	ResetVerification    = "reset"
-	LoginVerification    = "login"
-	ForgetVerification   = "forget"
-	MfaSetupVerification = "mfaSetup"
-	MfaAuthVerification  = "mfaAuth"
-)
-
-// GetVerifications
-// @Title GetVerifications
-// @Tag Verification API
-// @Description get payments
-// @Param   owner     query    string  true        "The owner of payments"
-// @Success 200 {array} object.Verification The Response object
-// @router /get-payments [get]
-func (c *ApiController) GetVerifications() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-
-	if limit == "" || page == "" {
-		payments, err := object.GetVerifications(owner)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(payments)
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetVerificationCount(owner, field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		payments, err := object.GetPaginationVerifications(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(payments, paginator.Nums())
-	}
-}
-
-// GetUserVerifications
-// @Title GetUserVerifications
-// @Tag Verification API
-// @Description get payments for a user
-// @Param   owner     query    string  true        "The owner of payments"
-// @Param   organization    query   string  true   "The organization of the user"
-// @Param   user    query   string  true           "The username of the user"
-// @Success 200 {array} object.Verification The Response object
-// @router /get-user-payments [get]
-func (c *ApiController) GetUserVerifications() {
-	owner := c.Input().Get("owner")
-	user := c.Input().Get("user")
-
-	payments, err := object.GetUserVerifications(owner, user)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(payments)
-}
-
-// GetVerification
-// @Title GetVerification
-// @Tag Verification API
-// @Description get payment
-// @Param   id     query    string  true        "The id ( owner/name ) of the payment"
-// @Success 200 {object} object.Verification The Response object
-// @router /get-payment [get]
-func (c *ApiController) GetVerification() {
-	id := c.Input().Get("id")
-
-	payment, err := object.GetVerification(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(payment)
-}
-
-// SendVerificationCode ...
-// @Title SendVerificationCode
-// @Tag Verification API
-// @router /send-verification-code [post]
-// @Success 200 {object} object.Userinfo The Response object
-func (c *ApiController) SendVerificationCode() {
-	var vform form.VerificationForm
-	err := c.ParseForm(&vform)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	remoteAddr := util.GetIPFromRequest(c.Ctx.Request)
-
-	if msg := vform.CheckParameter(form.SendVerifyCode, c.GetAcceptLanguage()); msg != "" {
-		c.ResponseError(msg)
-		return
-	}
-
-	provider, err := object.GetCaptchaProviderByApplication(vform.ApplicationId, "false", c.GetAcceptLanguage())
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if provider != nil {
-		if vform.CaptchaType != provider.Type {
-			c.ResponseError(c.T("verification:Turing test failed."))
-			return
-		}
-
-		if provider.Type != "Default" {
-			vform.ClientSecret = provider.ClientSecret
-		}
-
-		if vform.CaptchaType != "none" {
-			if captchaProvider := captcha.GetCaptchaProvider(vform.CaptchaType); captchaProvider == nil {
-				c.ResponseError(c.T("general:don't support captchaProvider: ") + vform.CaptchaType)
-				return
-			} else if isHuman, err := captchaProvider.VerifyCaptcha(vform.CaptchaToken, vform.ClientSecret); err != nil {
-				c.ResponseError(err.Error())
-				return
-			} else if !isHuman {
-				c.ResponseError(c.T("verification:Turing test failed."))
-				return
-			}
-		}
-	}
-
-	application, err := object.GetApplication(vform.ApplicationId)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	organization, err := object.GetOrganization(util.GetId(application.Owner, application.Organization))
-	if err != nil {
-		c.ResponseError(c.T(err.Error()))
-	}
-
-	if organization == nil {
-		c.ResponseError(c.T("check:Organization does not exist"))
-		return
-	}
-
-	var user *object.User
-	// checkUser != "", means method is ForgetVerification
-	if vform.CheckUser != "" {
-		owner := application.Organization
-		user, err = object.GetUser(util.GetId(owner, vform.CheckUser))
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-		if user == nil || user.IsDeleted {
-			c.ResponseError(c.T("verification:the user does not exist, please sign up first"))
-			return
-		}
-
-		if user.IsForbidden {
-			c.ResponseError(c.T("check:The user is forbidden to sign in, please contact the administrator"))
-			return
-		}
-	}
-
-	// mfaUserSession != "", means method is MfaAuthVerification
-	if mfaUserSession := c.getMfaUserSession(); mfaUserSession != "" {
-		user, err = object.GetUser(mfaUserSession)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-	}
-
-	sendResp := errors.New("invalid dest type")
-
-	switch vform.Type {
-	case object.VerifyTypeEmail:
-		if !util.IsEmailValid(vform.Dest) {
-			c.ResponseError(c.T("check:Email is invalid"))
-			return
-		}
-
-		if vform.Method == LoginVerification || vform.Method == ForgetVerification {
-			if user != nil && util.GetMaskedEmail(user.Email) == vform.Dest {
-				vform.Dest = user.Email
-			}
-
-			user, err = object.GetUserByEmail(organization.Name, vform.Dest)
-			if err != nil {
-				c.ResponseError(err.Error())
-				return
-			}
-
-			if user == nil {
-				c.ResponseError(c.T("verification:the user does not exist, please sign up first"))
-				return
-			}
-		} else if vform.Method == ResetVerification {
-			user = c.getCurrentUser()
-		} else if vform.Method == MfaAuthVerification {
-			mfaProps := user.GetPreferredMfaProps(false)
-			if user != nil && util.GetMaskedEmail(mfaProps.Secret) == vform.Dest {
-				vform.Dest = mfaProps.Secret
-			}
-		} else if vform.Method == MfaSetupVerification {
-			c.SetSession(MfaDestSession, vform.Dest)
-		}
-
-		provider, err = application.GetEmailProvider(vform.Method)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-		if provider == nil {
-			c.ResponseError(fmt.Sprintf(c.T("verification:please add an Email provider to the \"Providers\" list for the application: %s"), application.Name))
-			return
-		}
-
-		sendResp = object.SendVerificationCodeToEmail(organization, user, provider, remoteAddr, vform.Dest)
-	case object.VerifyTypePhone:
-		if vform.Method == LoginVerification || vform.Method == ForgetVerification {
-			if user != nil && util.GetMaskedPhone(user.Phone) == vform.Dest {
-				vform.Dest = user.Phone
-			}
-
-			if user, err = object.GetUserByPhone(organization.Name, vform.Dest); err != nil {
-				c.ResponseError(err.Error())
-				return
-			} else if user == nil {
-				c.ResponseError(c.T("verification:the user does not exist, please sign up first"))
-				return
-			}
-
-			vform.CountryCode = user.GetCountryCode(vform.CountryCode)
-		} else if vform.Method == ResetVerification || vform.Method == MfaSetupVerification {
-			if vform.CountryCode == "" {
-				if user = c.getCurrentUser(); user != nil {
-					vform.CountryCode = user.GetCountryCode(vform.CountryCode)
-				}
-			}
-
-			if vform.Method == MfaSetupVerification {
-				c.SetSession(MfaCountryCodeSession, vform.CountryCode)
-				c.SetSession(MfaDestSession, vform.Dest)
-			}
-		} else if vform.Method == MfaAuthVerification {
-			mfaProps := user.GetPreferredMfaProps(false)
-			if user != nil && util.GetMaskedPhone(mfaProps.Secret) == vform.Dest {
-				vform.Dest = mfaProps.Secret
-			}
-
-			vform.CountryCode = mfaProps.CountryCode
-		}
-
-		provider, err = application.GetSmsProvider(vform.Method, vform.CountryCode)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-		if provider == nil {
-			c.ResponseError(fmt.Sprintf(c.T("verification:please add a SMS provider to the \"Providers\" list for the application: %s"), application.Name))
-			return
-		}
-
-		if phone, ok := util.GetE164Number(vform.Dest, vform.CountryCode); !ok {
-			c.ResponseError(fmt.Sprintf(c.T("verification:Phone number is invalid in your region %s"), vform.CountryCode))
-			return
-		} else {
-			sendResp = object.SendVerificationCodeToPhone(organization, user, provider, remoteAddr, phone)
-		}
-	}
-
-	if sendResp != nil {
-		c.ResponseError(sendResp.Error())
-	} else {
-		c.ResponseOk()
-	}
-}
-
-// VerifyCaptcha ...
-// @Title VerifyCaptcha
-// @Tag Verification API
-// @router /verify-captcha [post]
-// @Success 200 {object} object.Userinfo The Response object
-func (c *ApiController) VerifyCaptcha() {
-	var vform form.VerificationForm
-	err := c.ParseForm(&vform)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if msg := vform.CheckParameter(form.VerifyCaptcha, c.GetAcceptLanguage()); msg != "" {
-		c.ResponseError(msg)
-		return
-	}
-
-	captchaProvider, err := object.GetCaptchaProviderByOwnerName(vform.ApplicationId, c.GetAcceptLanguage())
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if captchaProvider.Type != "Default" {
-		vform.ClientSecret = captchaProvider.ClientSecret
-	}
-
-	provider := captcha.GetCaptchaProvider(vform.CaptchaType)
-	if provider == nil {
-		c.ResponseError(c.T("verification:Invalid captcha provider."))
-		return
-	}
-
-	isValid, err := provider.VerifyCaptcha(vform.CaptchaToken, vform.ClientSecret)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(isValid)
-}
-
-// ResetEmailOrPhone ...
-// @Tag Account API
-// @Title ResetEmailOrPhone
-// @router /reset-email-or-phone [post]
-// @Success 200 {object} object.Userinfo The Response object
-func (c *ApiController) ResetEmailOrPhone() {
-	user, ok := c.RequireSignedInUser()
-	if !ok {
-		return
-	}
-
-	destType := c.Ctx.Request.Form.Get("type")
-	dest := c.Ctx.Request.Form.Get("dest")
-	code := c.Ctx.Request.Form.Get("code")
-
-	if util.IsStringsEmpty(destType, dest, code) {
-		c.ResponseError(c.T("general:Missing parameter"))
-		return
-	}
-
-	checkDest := dest
-	organization, err := object.GetOrganizationByUser(user)
-	if err != nil {
-		c.ResponseError(c.T(err.Error()))
-		return
-	}
-
-	if destType == object.VerifyTypePhone {
-		if object.HasUserByField(user.Owner, "phone", dest) {
-			c.ResponseError(c.T("check:Phone already exists"))
-			return
-		}
-
-		phoneItem := object.GetAccountItemByName("Phone", organization)
-		if phoneItem == nil {
-			c.ResponseError(c.T("verification:Unable to get the phone modify rule."))
-			return
-		}
-
-		if pass, errMsg := object.CheckAccountItemModifyRule(phoneItem, user.IsAdminUser(), c.GetAcceptLanguage()); !pass {
-			c.ResponseError(errMsg)
-			return
-		}
-		if checkDest, ok = util.GetE164Number(dest, user.GetCountryCode("")); !ok {
-			c.ResponseError(fmt.Sprintf(c.T("verification:Phone number is invalid in your region %s"), user.CountryCode))
-			return
-		}
-	} else if destType == object.VerifyTypeEmail {
-		if object.HasUserByField(user.Owner, "email", dest) {
-			c.ResponseError(c.T("check:Email already exists"))
-			return
-		}
-
-		emailItem := object.GetAccountItemByName("Email", organization)
-		if emailItem == nil {
-			c.ResponseError(c.T("verification:Unable to get the email modify rule."))
-			return
-		}
-
-		if pass, errMsg := object.CheckAccountItemModifyRule(emailItem, user.IsAdminUser(), c.GetAcceptLanguage()); !pass {
-			c.ResponseError(errMsg)
-			return
-		}
-	}
-
-	result, err := object.CheckVerificationCode(checkDest, code, c.GetAcceptLanguage())
-	if err != nil {
-		c.ResponseError(c.T(err.Error()))
-		return
-	}
-	if result.Code != object.VerificationSuccess {
-		c.ResponseError(result.Msg)
-		return
-	}
-
-	switch destType {
-	case object.VerifyTypeEmail:
-		user.Email = dest
-		_, err = object.SetUserField(user, "email", user.Email)
-	case object.VerifyTypePhone:
-		user.Phone = dest
-		_, err = object.SetUserField(user, "phone", user.Phone)
-	default:
-		c.ResponseError(c.T("verification:Unknown type"))
-		return
-	}
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	err = object.DisableVerificationCode(checkDest)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk()
-}
-
-// VerifyCode
-// @Tag Verification API
-// @Title VerifyCode
-// @router /verify-code [post]
-// @Success 200 {object} object.Userinfo The Response object
-func (c *ApiController) VerifyCode() {
-	var authForm form.AuthForm
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &authForm)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	var user *object.User
-	if authForm.Name != "" {
-		user, err = object.GetUserByFields(authForm.Organization, authForm.Name)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-	}
-
-	var checkDest string
-	if strings.Contains(authForm.Username, "@") {
-		if user != nil && util.GetMaskedEmail(user.Email) == authForm.Username {
-			authForm.Username = user.Email
-		}
-		checkDest = authForm.Username
-	} else {
-		if user != nil && util.GetMaskedPhone(user.Phone) == authForm.Username {
-			authForm.Username = user.Phone
-		}
-	}
-
-	if user, err = object.GetUserByFields(authForm.Organization, authForm.Username); err != nil {
-		c.ResponseError(err.Error())
-		return
-	} else if user == nil {
-		c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), util.GetId(authForm.Organization, authForm.Username)))
-		return
-	}
-
-	verificationCodeType := object.GetVerifyType(authForm.Username)
-	if verificationCodeType == object.VerifyTypePhone {
-		authForm.CountryCode = user.GetCountryCode(authForm.CountryCode)
-		var ok bool
-		if checkDest, ok = util.GetE164Number(authForm.Username, authForm.CountryCode); !ok {
-			c.ResponseError(fmt.Sprintf(c.T("verification:Phone number is invalid in your region %s"), authForm.CountryCode))
-			return
-		}
-	}
-
-	result, err := object.CheckVerificationCode(checkDest, authForm.Code, c.GetAcceptLanguage())
-	if err != nil {
-		c.ResponseError(c.T(err.Error()))
-		return
-	}
-	if result.Code != object.VerificationSuccess {
-		c.ResponseError(result.Msg)
-		return
-	}
-
-	err = object.DisableVerificationCode(checkDest)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.SetSession("verifiedCode", authForm.Code)
-	c.ResponseOk()
-}
--- a/controllers/webauthn.go
+++ b/controllers/webauthn.go
@ -1,203 +0,0 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"bytes"
-	"fmt"
-	"io"
-
-	"github.com/casdoor/casdoor/form"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-	"github.com/go-webauthn/webauthn/protocol"
-	"github.com/go-webauthn/webauthn/webauthn"
-)
-
-// WebAuthnSignupBegin
-// @Title WebAuthnSignupBegin
-// @Tag User API
-// @Description WebAuthn Registration Flow 1st stage
-// @Success 200 {object} protocol.CredentialCreation The CredentialCreationOptions object
-// @router /webauthn/signup/begin [get]
-func (c *ApiController) WebAuthnSignupBegin() {
-	webauthnObj, err := object.GetWebAuthnObject(c.Ctx.Request.Host)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	user := c.getCurrentUser()
-	if user == nil {
-		c.ResponseError(c.T("general:Please login first"))
-		return
-	}
-
-	registerOptions := func(credCreationOpts *protocol.PublicKeyCredentialCreationOptions) {
-		credCreationOpts.CredentialExcludeList = user.CredentialExcludeList()
-	}
-	options, sessionData, err := webauthnObj.BeginRegistration(
-		user,
-		registerOptions,
-	)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	c.SetSession("registration", *sessionData)
-	c.Data["json"] = options
-	c.ServeJSON()
-}
-
-// WebAuthnSignupFinish
-// @Title WebAuthnSignupFinish
-// @Tag User API
-// @Description WebAuthn Registration Flow 2nd stage
-// @Param   body    body   protocol.CredentialCreationResponse  true        "authenticator attestation Response"
-// @Success 200 {object} controllers.Response "The Response object"
-// @router /webauthn/signup/finish [post]
-func (c *ApiController) WebAuthnSignupFinish() {
-	webauthnObj, err := object.GetWebAuthnObject(c.Ctx.Request.Host)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	user := c.getCurrentUser()
-	if user == nil {
-		c.ResponseError(c.T("general:Please login first"))
-		return
-	}
-	sessionObj := c.GetSession("registration")
-	sessionData, ok := sessionObj.(webauthn.SessionData)
-	if !ok {
-		c.ResponseError(c.T("webauthn:Please call WebAuthnSigninBegin first"))
-		return
-	}
-	c.Ctx.Request.Body = io.NopCloser(bytes.NewBuffer(c.Ctx.Input.RequestBody))
-
-	credential, err := webauthnObj.FinishRegistration(user, sessionData, c.Ctx.Request)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	isGlobalAdmin := c.IsGlobalAdmin()
-	_, err = user.AddCredentials(*credential, isGlobalAdmin)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk()
-}
-
-// WebAuthnSigninBegin
-// @Title WebAuthnSigninBegin
-// @Tag Login API
-// @Description WebAuthn Login Flow 1st stage
-// @Param   owner     query    string  true        "owner"
-// @Param   name     query    string  true        "name"
-// @Success 200 {object} protocol.CredentialAssertion The CredentialAssertion object
-// @router /webauthn/signin/begin [get]
-func (c *ApiController) WebAuthnSigninBegin() {
-	webauthnObj, err := object.GetWebAuthnObject(c.Ctx.Request.Host)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	userOwner := c.Input().Get("owner")
-	userName := c.Input().Get("name")
-	user, err := object.GetUserByFields(userOwner, userName)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	if user == nil {
-		c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), util.GetId(userOwner, userName)))
-		return
-	}
-	if len(user.WebauthnCredentials) == 0 {
-		c.ResponseError(c.T("webauthn:Found no credentials for this user"))
-		return
-	}
-
-	options, sessionData, err := webauthnObj.BeginLogin(user)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	c.SetSession("authentication", *sessionData)
-	c.Data["json"] = options
-	c.ServeJSON()
-}
-
-// WebAuthnSigninFinish
-// @Title WebAuthnSigninFinish
-// @Tag Login API
-// @Description WebAuthn Login Flow 2nd stage
-// @Param   body    body   protocol.CredentialAssertionResponse  true        "authenticator assertion Response"
-// @Success 200 {object} controllers.Response "The Response object"
-// @router /webauthn/signin/finish [post]
-func (c *ApiController) WebAuthnSigninFinish() {
-	responseType := c.Input().Get("responseType")
-	clientId := c.Input().Get("clientId")
-	webauthnObj, err := object.GetWebAuthnObject(c.Ctx.Request.Host)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	sessionObj := c.GetSession("authentication")
-	sessionData, ok := sessionObj.(webauthn.SessionData)
-	if !ok {
-		c.ResponseError(c.T("webauthn:Please call WebAuthnSigninBegin first"))
-		return
-	}
-	c.Ctx.Request.Body = io.NopCloser(bytes.NewBuffer(c.Ctx.Input.RequestBody))
-	userId := string(sessionData.UserID)
-	user, err := object.GetUser(userId)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	_, err = webauthnObj.FinishLogin(user, sessionData, c.Ctx.Request)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-	c.SetSessionUsername(userId)
-	util.LogInfo(c.Ctx, "API: [%s] signed in", userId)
-
-	var application *object.Application
-
-	if clientId != "" && (responseType == ResponseTypeCode) {
-		application, err = object.GetApplicationByClientId(clientId)
-	} else {
-		application, err = object.GetApplicationByUser(user)
-	}
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	var authForm form.AuthForm
-	authForm.Type = responseType
-	resp := c.HandleLoggedIn(application, user, &authForm)
-	c.Data["json"] = resp
-	c.ServeJSON()
-}
--- a/controllers/webhook.go
+++ b/controllers/webhook.go
@ -1,148 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package controllers
-
-import (
-	"encoding/json"
-
-	"github.com/beego/beego/utils/pagination"
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-// GetWebhooks
-// @Title GetWebhooks
-// @Tag Webhook API
-// @Description get webhooks
-// @Param   owner     query    string  built-in/admin	true        "The owner of webhooks"
-// @Success 200 {array} object.Webhook The Response object
-// @router /get-webhooks [get]
-// @Security test_apiKey
-func (c *ApiController) GetWebhooks() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-	organization := c.Input().Get("organization")
-
-	if limit == "" || page == "" {
-		webhooks, err := object.GetWebhooks(owner, organization)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(webhooks)
-	} else {
-		limit := util.ParseInt(limit)
-		count, err := object.GetWebhookCount(owner, organization, field, value)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-
-		webhooks, err := object.GetPaginationWebhooks(owner, organization, paginator.Offset(), limit, field, value, sortField, sortOrder)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		c.ResponseOk(webhooks, paginator.Nums())
-	}
-}
-
-// GetWebhook
-// @Title GetWebhook
-// @Tag Webhook API
-// @Description get webhook
-// @Param   id     query    string  built-in/admin	true        "The id ( owner/name ) of the webhook"
-// @Success 200 {object} object.Webhook The Response object
-// @router /get-webhook [get]
-func (c *ApiController) GetWebhook() {
-	id := c.Input().Get("id")
-
-	webhook, err := object.GetWebhook(id)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.ResponseOk(webhook)
-}
-
-// UpdateWebhook
-// @Title UpdateWebhook
-// @Tag Webhook API
-// @Description update webhook
-// @Param   id     query    string  built-in/admin true        "The id ( owner/name ) of the webhook"
-// @Param   body    body   object.Webhook  true        "The details of the webhook"
-// @Success 200 {object} controllers.Response The Response object
-// @router /update-webhook [post]
-func (c *ApiController) UpdateWebhook() {
-	id := c.Input().Get("id")
-
-	var webhook object.Webhook
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &webhook)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.UpdateWebhook(id, &webhook))
-	c.ServeJSON()
-}
-
-// AddWebhook
-// @Title AddWebhook
-// @Tag Webhook API
-// @Description add webhook
-// @Param   body    body   object.Webhook  true        "The details of the webhook"
-// @Success 200 {object} controllers.Response The Response object
-// @router /add-webhook [post]
-func (c *ApiController) AddWebhook() {
-	var webhook object.Webhook
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &webhook)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.AddWebhook(&webhook))
-	c.ServeJSON()
-}
-
-// DeleteWebhook
-// @Title DeleteWebhook
-// @Tag Webhook API
-// @Description delete webhook
-// @Param   body    body   object.Webhook  true        "The details of the webhook"
-// @Success 200 {object} controllers.Response The Response object
-// @router /delete-webhook [post]
-func (c *ApiController) DeleteWebhook() {
-	var webhook object.Webhook
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &webhook)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	c.Data["json"] = wrapActionResponse(object.DeleteWebhook(&webhook))
-	c.ServeJSON()
-}
--- a/cred/argon2id.go
+++ b/cred/argon2id.go
@ -1,37 +0,0 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package cred
-
-import "github.com/alexedwards/argon2id"
-
-type Argon2idCredManager struct{}
-
-func NewArgon2idCredManager() *Argon2idCredManager {
-	cm := &Argon2idCredManager{}
-	return cm
-}
-
-func (cm *Argon2idCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
-	hash, err := argon2id.CreateHash(password, argon2id.DefaultParams)
-	if err != nil {
-		return ""
-	}
-	return hash
-}
-
-func (cm *Argon2idCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, userSalt string, organizationSalt string) bool {
-	match, _ := argon2id.ComparePasswordAndHash(plainPwd, hashedPwd)
-	return match
-}
--- a/cred/bcrypt.go
+++ b/cred/bcrypt.go
@ -1,23 +0,0 @@
-package cred
-
-import "golang.org/x/crypto/bcrypt"
-
-type BcryptCredManager struct{}
-
-func NewBcryptCredManager() *BcryptCredManager {
-	cm := &BcryptCredManager{}
-	return cm
-}
-
-func (cm *BcryptCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
-	bytes, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
-	if err != nil {
-		return ""
-	}
-	return string(bytes)
-}
-
-func (cm *BcryptCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, userSalt string, organizationSalt string) bool {
-	err := bcrypt.CompareHashAndPassword([]byte(hashedPwd), []byte(plainPwd))
-	return err == nil
-}
--- a/cred/manager.go
+++ b/cred/manager.go
@ -1,39 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package cred
-
-type CredManager interface {
-	GetHashedPassword(password string, userSalt string, organizationSalt string) string
-	IsPasswordCorrect(password string, passwordHash string, userSalt string, organizationSalt string) bool
-}
-
-func GetCredManager(passwordType string) CredManager {
-	if passwordType == "plain" {
-		return NewPlainCredManager()
-	} else if passwordType == "salt" {
-		return NewSha256SaltCredManager()
-	} else if passwordType == "sha512-salt" {
-		return NewSha512SaltCredManager()
-	} else if passwordType == "md5-salt" {
-		return NewMd5UserSaltCredManager()
-	} else if passwordType == "bcrypt" {
-		return NewBcryptCredManager()
-	} else if passwordType == "pbkdf2-salt" {
-		return NewPbkdf2SaltCredManager()
-	} else if passwordType == "argon2id" {
-		return NewArgon2idCredManager()
-	}
-	return nil
-}
--- a/cred/md5-user-salt.go
+++ b/cred/md5-user-salt.go
@ -1,50 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package cred
-
-import (
-	"crypto/md5"
-	"encoding/hex"
-)
-
-type Md5UserSaltCredManager struct{}
-
-func getMd5(data []byte) []byte {
-	hash := md5.Sum(data)
-	return hash[:]
-}
-
-func getMd5HexDigest(s string) string {
-	b := getMd5([]byte(s))
-	res := hex.EncodeToString(b)
-	return res
-}
-
-func NewMd5UserSaltCredManager() *Md5UserSaltCredManager {
-	cm := &Md5UserSaltCredManager{}
-	return cm
-}
-
-func (cm *Md5UserSaltCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
-	res := getMd5HexDigest(password)
-	if userSalt != "" {
-		res = getMd5HexDigest(res + userSalt)
-	}
-	return res
-}
-
-func (cm *Md5UserSaltCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, userSalt string, organizationSalt string) bool {
-	return hashedPwd == cm.GetHashedPassword(plainPwd, userSalt, organizationSalt)
-}
--- a/cred/pbkdf2-salt.go
+++ b/cred/pbkdf2-salt.go
@ -1,40 +0,0 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package cred
-
-import (
-	"crypto/sha256"
-	"encoding/base64"
-
-	"golang.org/x/crypto/pbkdf2"
-)
-
-type Pbkdf2SaltCredManager struct{}
-
-func NewPbkdf2SaltCredManager() *Pbkdf2SaltCredManager {
-	cm := &Pbkdf2SaltCredManager{}
-	return cm
-}
-
-func (cm *Pbkdf2SaltCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
-	// https://www.keycloak.org/docs/latest/server_admin/index.html#password-database-compromised
-	decodedSalt, _ := base64.StdEncoding.DecodeString(userSalt)
-	res := pbkdf2.Key([]byte(password), decodedSalt, 27500, 64, sha256.New)
-	return base64.StdEncoding.EncodeToString(res)
-}
-
-func (cm *Pbkdf2SaltCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, userSalt string, organizationSalt string) bool {
-	return hashedPwd == cm.GetHashedPassword(plainPwd, userSalt, organizationSalt)
-}
--- a/cred/sha256-salt.go
+++ b/cred/sha256-salt.go
@ -1,50 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package cred
-
-import (
-	"crypto/sha256"
-	"encoding/hex"
-)
-
-type Sha256SaltCredManager struct{}
-
-func getSha256(data []byte) []byte {
-	hash := sha256.Sum256(data)
-	return hash[:]
-}
-
-func getSha256HexDigest(s string) string {
-	b := getSha256([]byte(s))
-	res := hex.EncodeToString(b)
-	return res
-}
-
-func NewSha256SaltCredManager() *Sha256SaltCredManager {
-	cm := &Sha256SaltCredManager{}
-	return cm
-}
-
-func (cm *Sha256SaltCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
-	res := getSha256HexDigest(password)
-	if organizationSalt != "" {
-		res = getSha256HexDigest(res + organizationSalt)
-	}
-	return res
-}
-
-func (cm *Sha256SaltCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, userSalt string, organizationSalt string) bool {
-	return hashedPwd == cm.GetHashedPassword(plainPwd, userSalt, organizationSalt)
-}
--- a/cred/sha256-salt_test.go
+++ b/cred/sha256-salt_test.go
@ -1,34 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package cred
-
-import (
-	"fmt"
-	"testing"
-)
-
-func TestGetSaltedPassword(t *testing.T) {
-	password := "123456"
-	salt := "123"
-	cm := NewSha256SaltCredManager()
-	fmt.Printf("%s -> %s\n", password, cm.GetHashedPassword(password, "", salt))
-}
-
-func TestGetPassword(t *testing.T) {
-	password := "123456"
-	cm := NewSha256SaltCredManager()
-	// https://passwordsgenerator.net/sha256-hash-generator/
-	fmt.Printf("%s -> %s\n", "8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92", cm.GetHashedPassword(password, "", ""))
-}
--- a/cred/sha512-salt.go
+++ b/cred/sha512-salt.go
@ -1,50 +0,0 @@
-// Copyright 2024 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package cred
-
-import (
-	"crypto/sha512"
-	"encoding/hex"
-)
-
-type Sha512SaltCredManager struct{}
-
-func getSha512(data []byte) []byte {
-	hash := sha512.Sum512(data)
-	return hash[:]
-}
-
-func getSha512HexDigest(s string) string {
-	b := getSha512([]byte(s))
-	res := hex.EncodeToString(b)
-	return res
-}
-
-func NewSha512SaltCredManager() *Sha512SaltCredManager {
-	cm := &Sha512SaltCredManager{}
-	return cm
-}
-
-func (cm *Sha512SaltCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
-	res := getSha512HexDigest(password)
-	if organizationSalt != "" {
-		res = getSha512HexDigest(res + organizationSalt)
-	}
-	return res
-}
-
-func (cm *Sha512SaltCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, userSalt string, organizationSalt string) bool {
-	return hashedPwd == cm.GetHashedPassword(plainPwd, userSalt, organizationSalt)
-}
--- a/crowdin.yml
+++ b/crowdin.yml
@ -1,10 +0,0 @@
-project_id: '491513'
-api_token_env: 'CROWDIN_PERSONAL_TOKEN'
-preserve_hierarchy: true
-files: [
-  # JSON translation files
-    {
-        source: '/i18n/locales/en/data.json',
-        translation: '/i18n/locales/%two_letters_code%/data.json',
-    },
-]
--- a/deployment/deploy.go
+++ b/deployment/deploy.go
@ -1,85 +0,0 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package deployment
-
-import (
-	"fmt"
-	"os"
-	"path/filepath"
-	"strings"
-
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/storage"
-	"github.com/casdoor/casdoor/util"
-	"github.com/casdoor/oss"
-)
-
-func deployStaticFiles(provider *object.Provider) {
-	certificate := ""
-	if provider.Category == "Storage" && provider.Type == "Casdoor" {
-		cert, err := object.GetCert(util.GetId(provider.Owner, provider.Cert))
-		if err != nil {
-			panic(err)
-		}
-		if cert == nil {
-			panic(err)
-		}
-		certificate = cert.Certificate
-	}
-	storageProvider, err := storage.GetStorageProvider(provider.Type, provider.ClientId, provider.ClientSecret, provider.RegionId, provider.Bucket, provider.Endpoint, certificate, provider.Content)
-	if err != nil {
-		panic(err)
-	}
-	if storageProvider == nil {
-		panic(fmt.Sprintf("the provider type: %s is not supported", provider.Type))
-	}
-
-	uploadFolder(storageProvider, "js")
-	uploadFolder(storageProvider, "css")
-	updateHtml(provider.Domain)
-}
-
-func uploadFolder(storageProvider oss.StorageInterface, folder string) {
-	path := fmt.Sprintf("../web/build/static/%s/", folder)
-	filenames := util.ListFiles(path)
-
-	for _, filename := range filenames {
-		if !strings.HasSuffix(filename, folder) {
-			continue
-		}
-
-		file, err := os.Open(filepath.Clean(path + filename))
-		if err != nil {
-			panic(err)
-		}
-
-		objectKey := fmt.Sprintf("static/%s/%s", folder, filename)
-		_, err = storageProvider.Put(objectKey, file)
-		if err != nil {
-			panic(err)
-		}
-
-		fmt.Printf("Uploaded [%s] to [%s]\n", path, objectKey)
-	}
-}
-
-func updateHtml(domainPath string) {
-	htmlPath := "../web/build/index.html"
-	html := util.ReadStringFromPath(htmlPath)
-	html = strings.Replace(html, "\"/static/", fmt.Sprintf("\"%s", domainPath), -1)
-	util.WriteStringToPath(html, htmlPath)
-
-	fmt.Printf("Updated HTML to [%s]\n", html)
-}
--- a/deployment/deploy_test.go
+++ b/deployment/deploy_test.go
@ -1,36 +0,0 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-//go:build !skipCi
-// +build !skipCi
-
-package deployment
-
-import (
-	"testing"
-
-	"github.com/casdoor/casdoor/object"
-	"github.com/casdoor/casdoor/util"
-)
-
-func TestDeployStaticFiles(t *testing.T) {
-	object.InitConfig()
-
-	provider, err := object.GetProvider(util.GetId("admin", "provider_storage_aliyun_oss"))
-	if err != nil {
-		panic(err)
-	}
-
-	deployStaticFiles(provider)
-}
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -1,27 +0,0 @@
-version: '3.1'
-services:
-  casdoor:
-    restart: always
-    build:
-      context: ./
-      dockerfile: Dockerfile
-      target: STANDARD
-    entrypoint: /bin/sh -c './server --createDatabase=true'
-    ports:
-      - "8000:8000"
-    depends_on:
-      - db
-    environment:
-      RUNNING_IN_DOCKER: "true"
-    volumes:
-      - ./conf:/conf/
-  db:
-    restart: always
-    image: mysql:8.0.25
-    platform: linux/amd64
-    ports:
-      - "3306:3306"
-    environment:
-      MYSQL_ROOT_PASSWORD: 123456
-    volumes:
-      - /usr/local/docker/mysql:/var/lib/mysql
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@ -1,8 +0,0 @@
-#!/bin/bash
-if [ "${MYSQL_ROOT_PASSWORD}" = "" ] ;then MYSQL_ROOT_PASSWORD=123456 ;fi
-
-service mariadb start
-
-mysqladmin -u root password ${MYSQL_ROOT_PASSWORD}
-
-exec /server --createDatabase=true
--- a/email/azure_acs.go
+++ b/email/azure_acs.go
@ -1,221 +0,0 @@
-// Copyright 2023 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package email
-
-import (
-	"bytes"
-	"crypto/hmac"
-	"crypto/sha256"
-	"encoding/base64"
-	"encoding/json"
-	"fmt"
-	"io"
-	"net/http"
-	"strings"
-	"time"
-
-	"github.com/google/uuid"
-)
-
-const (
-	importanceNormal  = "normal"
-	sendEmailEndpoint = "/emails:send"
-	apiVersion        = "2023-03-31"
-)
-
-type Email struct {
-	Recipients    Recipients     `json:"recipients"`
-	SenderAddress string         `json:"senderAddress"`
-	Content       Content        `json:"content"`
-	Headers       []CustomHeader `json:"headers"`
-	Tracking      bool           `json:"disableUserEngagementTracking"`
-	Importance    string         `json:"importance"`
-	ReplyTo       []EmailAddress `json:"replyTo"`
-	Attachments   []Attachment   `json:"attachments"`
-}
-
-type Recipients struct {
-	To  []EmailAddress `json:"to"`
-	CC  []EmailAddress `json:"cc"`
-	BCC []EmailAddress `json:"bcc"`
-}
-
-type EmailAddress struct {
-	DisplayName string `json:"displayName"`
-	Address     string `json:"address"`
-}
-
-type Content struct {
-	Subject   string `json:"subject"`
-	HTML      string `json:"html"`
-	PlainText string `json:"plainText"`
-}
-
-type CustomHeader struct {
-	Name  string `json:"name"`
-	Value string `json:"value"`
-}
-
-type Attachment struct {
-	Content        string `json:"contentBytesBase64"`
-	AttachmentType string `json:"attachmentType"`
-	Name           string `json:"name"`
-}
-
-type ErrorResponse struct {
-	Error CommunicationError `json:"error"`
-}
-
-// CommunicationError contains the error code and message
-type CommunicationError struct {
-	Code    string `json:"code"`
-	Message string `json:"message"`
-}
-
-type AzureACSEmailProvider struct {
-	AccessKey string
-	Endpoint  string
-}
-
-func NewAzureACSEmailProvider(accessKey string, endpoint string) *AzureACSEmailProvider {
-	return &AzureACSEmailProvider{
-		AccessKey: accessKey,
-		Endpoint:  endpoint,
-	}
-}
-
-func newEmail(fromAddress string, toAddress string, subject string, content string) *Email {
-	return &Email{
-		Recipients: Recipients{
-			To: []EmailAddress{
-				{
-					DisplayName: toAddress,
-					Address:     toAddress,
-				},
-			},
-		},
-		SenderAddress: fromAddress,
-		Content: Content{
-			Subject: subject,
-			HTML:    content,
-		},
-		Importance:  importanceNormal,
-		Attachments: []Attachment{},
-	}
-}
-
-func (a *AzureACSEmailProvider) Send(fromAddress string, fromName string, toAddress string, subject string, content string) error {
-	email := newEmail(fromAddress, toAddress, subject, content)
-
-	postBody, err := json.Marshal(email)
-	if err != nil {
-		return err
-	}
-
-	endpoint := strings.TrimSuffix(a.Endpoint, "/")
-	url := fmt.Sprintf("%s/emails:send?api-version=2023-03-31", endpoint)
-
-	bodyBuffer := bytes.NewBuffer(postBody)
-	req, err := http.NewRequest("POST", url, bodyBuffer)
-	if err != nil {
-		return err
-	}
-
-	err = signRequestHMAC(a.AccessKey, req)
-	if err != nil {
-		return err
-	}
-
-	req.Header.Set("Content-Type", "application/json")
-	req.Header.Set("repeatability-request-id", uuid.New().String())
-	req.Header.Set("repeatability-first-sent", time.Now().UTC().Format(http.TimeFormat))
-
-	client := &http.Client{}
-	resp, err := client.Do(req)
-	if err != nil {
-		return err
-	}
-	defer resp.Body.Close()
-
-	if resp.StatusCode == http.StatusBadRequest || resp.StatusCode == http.StatusUnauthorized {
-		commError := ErrorResponse{}
-
-		err = json.NewDecoder(resp.Body).Decode(&commError)
-		if err != nil {
-			return err
-		}
-
-		return fmt.Errorf("status code: %d, error message: %s", resp.StatusCode, commError.Error.Message)
-	}
-
-	if resp.StatusCode != http.StatusAccepted {
-		return fmt.Errorf("status code: %d", resp.StatusCode)
-	}
-
-	return nil
-}
-
-func signRequestHMAC(secret string, req *http.Request) error {
-	method := req.Method
-	host := req.URL.Host
-	pathAndQuery := req.URL.Path
-
-	if req.URL.RawQuery != "" {
-		pathAndQuery = pathAndQuery + "?" + req.URL.RawQuery
-	}
-
-	var content []byte
-	var err error
-	if req.Body != nil {
-		content, err = io.ReadAll(req.Body)
-		if err != nil {
-			// return err
-			content = []byte{}
-		}
-	}
-
-	req.Body = io.NopCloser(bytes.NewBuffer(content))
-
-	key, err := base64.StdEncoding.DecodeString(secret)
-	if err != nil {
-		return fmt.Errorf("error decoding secret: %s", err)
-	}
-
-	timestamp := time.Now().UTC().Format(http.TimeFormat)
-	contentHash := GetContentHashBase64(content)
-	stringToSign := fmt.Sprintf("%s\n%s\n%s;%s;%s", strings.ToUpper(method), pathAndQuery, timestamp, host, contentHash)
-	signature := GetHmac(stringToSign, key)
-
-	req.Header.Set("x-ms-content-sha256", contentHash)
-	req.Header.Set("x-ms-date", timestamp)
-
-	req.Header.Set("Authorization", "HMAC-SHA256 SignedHeaders=x-ms-date;host;x-ms-content-sha256&Signature="+signature)
-
-	return nil
-}
-
-func GetContentHashBase64(content []byte) string {
-	hasher := sha256.New()
-	hasher.Write(content)
-
-	return base64.StdEncoding.EncodeToString(hasher.Sum(nil))
-}
-
-func GetHmac(content string, key []byte) string {
-	hmac := hmac.New(sha256.New, key)
-	hmac.Write([]byte(content))
-
-	return base64.StdEncoding.EncodeToString(hmac.Sum(nil))
-}
--- a/email/custom_http.go
+++ b/email/custom_http.go
@ -1,82 +0,0 @@
-// Copyright 2023 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package email
-
-import (
-	"fmt"
-	"net/http"
-	"net/url"
-	"strings"
-
-	"github.com/casdoor/casdoor/proxy"
-)
-
-type HttpEmailProvider struct {
-	endpoint string
-	method   string
-}
-
-func NewHttpEmailProvider(endpoint string, method string) *HttpEmailProvider {
-	client := &HttpEmailProvider{
-		endpoint: endpoint,
-		method:   method,
-	}
-	return client
-}
-
-func (c *HttpEmailProvider) Send(fromAddress string, fromName string, toAddress string, subject string, content string) error {
-	var req *http.Request
-	var err error
-	if c.method == "POST" {
-		formValues := url.Values{}
-		formValues.Set("fromName", fromName)
-		formValues.Set("toAddress", toAddress)
-		formValues.Set("subject", subject)
-		formValues.Set("content", content)
-		req, err = http.NewRequest(c.method, c.endpoint, strings.NewReader(formValues.Encode()))
-		if err != nil {
-			return err
-		}
-
-		req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
-	} else if c.method == "GET" {
-		req, err = http.NewRequest(c.method, c.endpoint, nil)
-		if err != nil {
-			return err
-		}
-
-		q := req.URL.Query()
-		q.Add("fromName", fromName)
-		q.Add("toAddress", toAddress)
-		q.Add("subject", subject)
-		q.Add("content", content)
-		req.URL.RawQuery = q.Encode()
-	} else {
-		return fmt.Errorf("HttpEmailProvider's Send() error, unsupported method: %s", c.method)
-	}
-
-	httpClient := proxy.DefaultHttpClient
-	resp, err := httpClient.Do(req)
-	if err != nil {
-		return err
-	}
-	defer resp.Body.Close()
-
-	if resp.StatusCode != http.StatusOK {
-		return fmt.Errorf("HttpEmailProvider's Send() error, custom HTTP Email request failed with status: %s", resp.Status)
-	}
-
-	return err
-}
--- a/email/provider.go
+++ b/email/provider.go
@ -1,31 +0,0 @@
-// Copyright 2023 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package email
-
-type EmailProvider interface {
-	Send(fromAddress string, fromName, toAddress string, subject string, content string) error
-}
-
-func GetEmailProvider(typ string, clientId string, clientSecret string, host string, port int, disableSsl bool, endpoint string, method string) EmailProvider {
-	if typ == "Azure ACS" {
-		return NewAzureACSEmailProvider(clientSecret, host)
-	} else if typ == "Custom HTTP Email" {
-		return NewHttpEmailProvider(endpoint, method)
-	} else if typ == "SendGrid" {
-		return NewSendgridEmailProvider(clientSecret)
-	} else {
-		return NewSmtpEmailProvider(clientId, clientSecret, host, port, typ, disableSsl)
-	}
-}
--- a/email/sendgrid.go
+++ b/email/sendgrid.go
@ -1,68 +0,0 @@
-// Copyright 2024 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//	http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package email
-
-import (
-	"encoding/json"
-	"fmt"
-	"strings"
-
-	"github.com/sendgrid/sendgrid-go"
-	"github.com/sendgrid/sendgrid-go/helpers/mail"
-)
-
-type SendgridEmailProvider struct {
-	ApiKey string
-}
-
-type SendgridResponseBody struct {
-	Errors []struct {
-		Message string      `json:"message"`
-		Field   interface{} `json:"field"`
-		Help    interface{} `json:"help"`
-	} `json:"errors"`
-}
-
-func NewSendgridEmailProvider(apiKey string) *SendgridEmailProvider {
-	return &SendgridEmailProvider{ApiKey: apiKey}
-}
-
-func (s *SendgridEmailProvider) Send(fromAddress string, fromName, toAddress string, subject string, content string) error {
-	from := mail.NewEmail(fromName, fromAddress)
-	to := mail.NewEmail("", toAddress)
-	message := mail.NewSingleEmail(from, subject, to, "", content)
-	client := sendgrid.NewSendClient(s.ApiKey)
-	response, err := client.Send(message)
-	if err != nil {
-		return err
-	}
-
-	if response.StatusCode >= 300 {
-		var responseBody SendgridResponseBody
-		err = json.Unmarshal([]byte(response.Body), &responseBody)
-		if err != nil {
-			return err
-		}
-
-		messages := []string{}
-		for _, sendgridError := range responseBody.Errors {
-			messages = append(messages, sendgridError.Message)
-		}
-
-		return fmt.Errorf("SendGrid status code: %d, error message: %s", response.StatusCode, strings.Join(messages, " | "))
-	}
-
-	return nil
-}
--- a/email/smtp.go
+++ b/email/smtp.go
@ -1,49 +0,0 @@
-// Copyright 2023 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package email
-
-import (
-	"crypto/tls"
-
-	"github.com/casdoor/gomail/v2"
-)
-
-type SmtpEmailProvider struct {
-	Dialer *gomail.Dialer
-}
-
-func NewSmtpEmailProvider(userName string, password string, host string, port int, typ string, disableSsl bool) *SmtpEmailProvider {
-	dialer := &gomail.Dialer{}
-	dialer = gomail.NewDialer(host, port, userName, password)
-	if typ == "SUBMAIL" {
-		dialer.TLSConfig = &tls.Config{InsecureSkipVerify: true}
-	}
-
-	dialer.SSL = !disableSsl
-
-	return &SmtpEmailProvider{Dialer: dialer}
-}
-
-func (s *SmtpEmailProvider) Send(fromAddress string, fromName string, toAddress string, subject string, content string) error {
-	message := gomail.NewMessage()
-
-	message.SetAddressHeader("From", fromAddress, fromName)
-	message.SetHeader("To", toAddress)
-	message.SetHeader("Subject", subject)
-	message.SetBody("text/html", content)
-
-	message.SkipUsernameCheck = true
-	return s.Dialer.DialAndSend(message)
-}
--- a/form/auth.go
+++ b/form/auth.go
@ -1,76 +0,0 @@
-// Copyright 2023 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package form
-
-import "reflect"
-
-type AuthForm struct {
-	Type         string `json:"type"`
-	SigninMethod string `json:"signinMethod"`
-
-	Organization   string `json:"organization"`
-	Username       string `json:"username"`
-	Password       string `json:"password"`
-	Name           string `json:"name"`
-	FirstName      string `json:"firstName"`
-	LastName       string `json:"lastName"`
-	Email          string `json:"email"`
-	Phone          string `json:"phone"`
-	Affiliation    string `json:"affiliation"`
-	IdCard         string `json:"idCard"`
-	Region         string `json:"region"`
-	InvitationCode string `json:"invitationCode"`
-
-	Application string `json:"application"`
-	ClientId    string `json:"clientId"`
-	Provider    string `json:"provider"`
-	Code        string `json:"code"`
-	State       string `json:"state"`
-	RedirectUri string `json:"redirectUri"`
-	Method      string `json:"method"`
-
-	EmailCode   string `json:"emailCode"`
-	PhoneCode   string `json:"phoneCode"`
-	CountryCode string `json:"countryCode"`
-
-	AutoSignin bool `json:"autoSignin"`
-
-	RelayState   string `json:"relayState"`
-	SamlRequest  string `json:"samlRequest"`
-	SamlResponse string `json:"samlResponse"`
-
-	CaptchaType  string `json:"captchaType"`
-	CaptchaToken string `json:"captchaToken"`
-	ClientSecret string `json:"clientSecret"`
-
-	MfaType      string `json:"mfaType"`
-	Passcode     string `json:"passcode"`
-	RecoveryCode string `json:"recoveryCode"`
-
-	Plan    string `json:"plan"`
-	Pricing string `json:"pricing"`
-
-	FaceId []float64 `json:"faceId"`
-}
-
-func GetAuthFormFieldValue(form *AuthForm, fieldName string) (bool, string) {
-	val := reflect.ValueOf(*form)
-	fieldValue := val.FieldByName(fieldName)
-
-	if fieldValue.IsValid() && fieldValue.Kind() == reflect.String {
-		return true, fieldValue.String()
-	}
-	return false, ""
-}
--- a/form/verification.go
+++ b/form/verification.go
@ -1,67 +0,0 @@
-// Copyright 2023 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package form
-
-import (
-	"strings"
-
-	"github.com/casdoor/casdoor/i18n"
-)
-
-type VerificationForm struct {
-	Dest          string `form:"dest"`
-	Type          string `form:"type"`
-	CountryCode   string `form:"countryCode"`
-	ApplicationId string `form:"applicationId"`
-	Method        string `form:"method"`
-	CheckUser     string `form:"checkUser"`
-
-	CaptchaType  string `form:"captchaType"`
-	ClientSecret string `form:"clientSecret"`
-	CaptchaToken string `form:"captchaToken"`
-}
-
-const (
-	SendVerifyCode = 0
-	VerifyCaptcha  = 1
-)
-
-func (form *VerificationForm) CheckParameter(checkType int, lang string) string {
-	if checkType == SendVerifyCode {
-		if form.Type == "" {
-			return i18n.Translate(lang, "general:Missing parameter") + ": type."
-		}
-		if form.Dest == "" {
-			return i18n.Translate(lang, "general:Missing parameter") + ": dest."
-		}
-		if form.CaptchaType == "" {
-			return i18n.Translate(lang, "general:Missing parameter") + ": checkType."
-		}
-		if !strings.Contains(form.ApplicationId, "/") {
-			return i18n.Translate(lang, "verification:Wrong parameter") + ": applicationId."
-		}
-	}
-
-	if form.CaptchaType != "none" {
-		if form.CaptchaToken == "" {
-			return i18n.Translate(lang, "general:Missing parameter") + ": captchaToken."
-		}
-		if form.ClientSecret == "" {
-			return i18n.Translate(lang, "general:Missing parameter") + ": clientSecret."
-		}
-	}
-
-	return ""
-}
--- a/go.mod
+++ b/go.mod
@ -1,72 +1,23 @@
 module github.com/casdoor/casdoor

-go 1.16
+go 1.15

 require (
-	github.com/Masterminds/squirrel v1.5.3
-	github.com/alexedwards/argon2id v0.0.0-20211130144151-3585854a6387
-	github.com/aws/aws-sdk-go v1.45.5
-	github.com/beego/beego v1.12.12
-	github.com/beevik/etree v1.1.0
-	github.com/casbin/casbin/v2 v2.77.2
-	github.com/casdoor/go-sms-sender v0.24.0
-	github.com/casdoor/gomail/v2 v2.0.1
-	github.com/casdoor/notify v0.45.0
-	github.com/casdoor/oss v1.8.0
-	github.com/casdoor/xorm-adapter/v3 v3.1.0
-	github.com/casvisor/casvisor-go-sdk v1.4.0
-	github.com/dchest/captcha v0.0.0-20200903113550-03f5f0333e1f
-	github.com/denisenkom/go-mssqldb v0.9.0
-	github.com/elazarl/go-bindata-assetfs v1.0.1 // indirect
-	github.com/elimity-com/scim v0.0.0-20230426070224-941a5eac92f3
-	github.com/fogleman/gg v1.3.0
-	github.com/forestmgy/ldapserver v1.1.0
-	github.com/go-asn1-ber/asn1-ber v1.5.5
-	github.com/go-git/go-git/v5 v5.11.0
-	github.com/go-ldap/ldap/v3 v3.4.6
-	github.com/go-mysql-org/go-mysql v1.7.0
-	github.com/go-pay/gopay v1.5.72
-	github.com/go-sql-driver/mysql v1.6.0
-	github.com/go-telegram-bot-api/telegram-bot-api v4.6.4+incompatible
-	github.com/go-webauthn/webauthn v0.6.0
-	github.com/golang-jwt/jwt/v4 v4.5.0
-	github.com/google/uuid v1.6.0
-	github.com/json-iterator/go v1.1.12
-	github.com/lestrrat-go/jwx v1.2.29
-	github.com/lib/pq v1.10.9
-	github.com/lor00x/goldap v0.0.0-20180618054307-a546dffdd1a3
-	github.com/markbates/goth v1.79.0
-	github.com/mitchellh/mapstructure v1.5.0
-	github.com/nyaruka/phonenumbers v1.1.5
-	github.com/pquerna/otp v1.4.0
-	github.com/prometheus/client_golang v1.11.1
-	github.com/prometheus/client_model v0.4.0
-	github.com/qiangmzsx/string-adapter/v2 v2.1.0
-	github.com/robfig/cron/v3 v3.0.1
-	github.com/russellhaering/gosaml2 v0.9.0
-	github.com/russellhaering/goxmldsig v1.2.0
-	github.com/sendgrid/sendgrid-go v3.14.0+incompatible
-	github.com/shiena/ansicolor v0.0.0-20200904210342-c7312218db18 // indirect
-	github.com/shirou/gopsutil v3.21.11+incompatible
-	github.com/siddontang/go-log v0.0.0-20190221022429-1e957dd83bed
-	github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e
-	github.com/stretchr/testify v1.9.0
-	github.com/stripe/stripe-go/v74 v74.29.0
-	github.com/tealeg/xlsx v1.0.5
-	github.com/thanhpk/randstr v1.0.4
-	github.com/tidwall/pretty v1.2.1 // indirect
-	github.com/tklauser/go-sysconf v0.3.10 // indirect
-	github.com/xorm-io/builder v0.3.13
-	github.com/xorm-io/core v0.7.4
-	github.com/xorm-io/xorm v1.1.6
-	github.com/yusufpapurcu/wmi v1.2.2 // indirect
-	golang.org/x/crypto v0.21.0
-	golang.org/x/net v0.21.0
-	golang.org/x/oauth2 v0.17.0
-	google.golang.org/api v0.150.0
-	gopkg.in/ini.v1 v1.67.0 // indirect
-	gopkg.in/square/go-jose.v2 v2.6.0
-	layeh.com/radius v0.0.0-20221205141417-e7fbddd11d68
-	maunium.net/go/mautrix v0.16.0
-	modernc.org/sqlite v1.18.2
+	github.com/gin-contrib/cors v1.3.1
+	github.com/gin-gonic/gin v1.6.3
+	github.com/go-playground/validator/v10 v10.4.0 // indirect
+	github.com/go-sql-driver/mysql v1.5.0
+	github.com/golang/protobuf v1.4.3 // indirect
+	github.com/google/uuid v1.1.2
+	github.com/joho/godotenv v1.3.0
+	github.com/json-iterator/go v1.1.10 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.1 // indirect
+	github.com/ugorji/go v1.1.12 // indirect
+	golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897 // indirect
+	golang.org/x/sys v0.0.0-20201029080932-201ba4db2418 // indirect
+	google.golang.org/protobuf v1.25.0 // indirect
+	gopkg.in/yaml.v2 v2.3.0 // indirect
+	xorm.io/core v0.7.2
+	xorm.io/xorm v0.8.1
 )
--- a/go.sum
+++ b/go.sum
--- a/i18n/generate.go
+++ b/i18n/generate.go
@ -1,146 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package i18n
-
-import (
-	"fmt"
-	"os"
-	"path/filepath"
-	"regexp"
-	"strings"
-
-	"github.com/casdoor/casdoor/util"
-)
-
-type I18nData map[string]map[string]string
-
-var (
-	reI18nFrontend          *regexp.Regexp
-	reI18nBackendObject     *regexp.Regexp
-	reI18nBackendController *regexp.Regexp
-)
-
-func init() {
-	reI18nFrontend, _ = regexp.Compile("i18next.t\\(\"(.*?)\"\\)")
-	reI18nBackendObject, _ = regexp.Compile("i18n.Translate\\((.*?)\"\\)")
-	reI18nBackendController, _ = regexp.Compile("c.T\\((.*?)\"\\)")
-}
-
-func getAllI18nStringsFrontend(fileContent string) []string {
-	res := []string{}
-
-	matches := reI18nFrontend.FindAllStringSubmatch(fileContent, -1)
-	if matches == nil {
-		return res
-	}
-
-	for _, match := range matches {
-		res = append(res, match[1])
-	}
-	return res
-}
-
-func getAllI18nStringsBackend(fileContent string, isObjectPackage bool) []string {
-	res := []string{}
-	if isObjectPackage {
-		matches := reI18nBackendObject.FindAllStringSubmatch(fileContent, -1)
-		if matches == nil {
-			return res
-		}
-		for _, match := range matches {
-			match := strings.SplitN(match[1], ",", 2)
-			res = append(res, match[1][2:])
-		}
-	} else {
-		matches := reI18nBackendController.FindAllStringSubmatch(fileContent, -1)
-		if matches == nil {
-			return res
-		}
-		for _, match := range matches {
-			res = append(res, match[1][1:])
-		}
-	}
-
-	return res
-}
-
-func getAllFilePathsInFolder(folder string, fileSuffix string) []string {
-	res := []string{}
-	err := filepath.Walk(folder,
-		func(path string, info os.FileInfo, err error) error {
-			if err != nil {
-				return err
-			}
-
-			if !strings.HasSuffix(info.Name(), fileSuffix) {
-				return nil
-			}
-
-			res = append(res, path)
-			fmt.Println(path, info.Name())
-			return nil
-		})
-	if err != nil {
-		panic(err)
-	}
-
-	return res
-}
-
-func parseAllWords(category string) *I18nData {
-	var paths []string
-	if category == "backend" {
-		paths = getAllFilePathsInFolder("../", ".go")
-	} else {
-		paths = getAllFilePathsInFolder("../web/src", ".js")
-	}
-
-	allWords := []string{}
-	for _, path := range paths {
-		fileContent := util.ReadStringFromPath(path)
-
-		var words []string
-		if category == "backend" {
-			isObjectPackage := strings.Contains(path, "object")
-			words = getAllI18nStringsBackend(fileContent, isObjectPackage)
-		} else {
-			words = getAllI18nStringsFrontend(fileContent)
-		}
-		allWords = append(allWords, words...)
-	}
-	fmt.Printf("%v\n", allWords)
-
-	data := I18nData{}
-	for _, word := range allWords {
-		tokens := strings.SplitN(word, ":", 2)
-		namespace := tokens[0]
-		key := tokens[1]
-
-		if _, ok := data[namespace]; !ok {
-			data[namespace] = map[string]string{}
-		}
-		data[namespace][key] = key
-	}
-
-	return &data
-}
-
-func applyToOtherLanguage(category string, language string, newData *I18nData) {
-	oldData := readI18nFile(category, language)
-	println(oldData)
-
-	applyData(newData, oldData)
-	writeI18nFile(category, language, newData)
-}
--- a/i18n/generate_test.go
+++ b/i18n/generate_test.go
@ -1,80 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-//go:build !skipCi
-// +build !skipCi
-
-package i18n
-
-import "testing"
-
-func TestGenerateI18nFrontend(t *testing.T) {
-	data := parseAllWords("frontend")
-
-	applyToOtherLanguage("frontend", "en", data)
-	applyToOtherLanguage("frontend", "zh", data)
-	applyToOtherLanguage("frontend", "es", data)
-	applyToOtherLanguage("frontend", "fr", data)
-	applyToOtherLanguage("frontend", "de", data)
-	applyToOtherLanguage("frontend", "id", data)
-	applyToOtherLanguage("frontend", "ja", data)
-	applyToOtherLanguage("frontend", "ko", data)
-	applyToOtherLanguage("frontend", "ru", data)
-	applyToOtherLanguage("frontend", "vi", data)
-	applyToOtherLanguage("frontend", "pt", data)
-	applyToOtherLanguage("frontend", "it", data)
-	applyToOtherLanguage("frontend", "ms", data)
-	applyToOtherLanguage("frontend", "tr", data)
-	applyToOtherLanguage("frontend", "ar", data)
-	applyToOtherLanguage("frontend", "he", data)
-	applyToOtherLanguage("frontend", "nl", data)
-	applyToOtherLanguage("frontend", "pl", data)
-	applyToOtherLanguage("frontend", "fi", data)
-	applyToOtherLanguage("frontend", "sv", data)
-	applyToOtherLanguage("frontend", "uk", data)
-	applyToOtherLanguage("frontend", "kk", data)
-	applyToOtherLanguage("frontend", "fa", data)
-	applyToOtherLanguage("frontend", "cs", data)
-	applyToOtherLanguage("frontend", "sk", data)
-}
-
-func TestGenerateI18nBackend(t *testing.T) {
-	data := parseAllWords("backend")
-
-	applyToOtherLanguage("backend", "en", data)
-	applyToOtherLanguage("backend", "zh", data)
-	applyToOtherLanguage("backend", "es", data)
-	applyToOtherLanguage("backend", "fr", data)
-	applyToOtherLanguage("backend", "de", data)
-	applyToOtherLanguage("backend", "id", data)
-	applyToOtherLanguage("backend", "ja", data)
-	applyToOtherLanguage("backend", "ko", data)
-	applyToOtherLanguage("backend", "ru", data)
-	applyToOtherLanguage("backend", "vi", data)
-	applyToOtherLanguage("backend", "pt", data)
-	applyToOtherLanguage("backend", "it", data)
-	applyToOtherLanguage("backend", "ms", data)
-	applyToOtherLanguage("backend", "tr", data)
-	applyToOtherLanguage("backend", "ar", data)
-	applyToOtherLanguage("backend", "he", data)
-	applyToOtherLanguage("backend", "nl", data)
-	applyToOtherLanguage("backend", "pl", data)
-	applyToOtherLanguage("backend", "fi", data)
-	applyToOtherLanguage("backend", "sv", data)
-	applyToOtherLanguage("backend", "uk", data)
-	applyToOtherLanguage("backend", "kk", data)
-	applyToOtherLanguage("backend", "fa", data)
-	applyToOtherLanguage("backend", "cs", data)
-	applyToOtherLanguage("backend", "sk", data)
-}
--- a/i18n/locales/ar/data.json
+++ b/i18n/locales/ar/data.json
@ -1,167 +0,0 @@
-{
-  "account": {
-    "Failed to add user": "Failed to add user",
-    "Get init score failed, error: %w": "Get init score failed, error: %w",
-    "Please sign out first": "Please sign out first",
-    "The application does not allow to sign up new account": "The application does not allow to sign up new account"
-  },
-  "auth": {
-    "Challenge method should be S256": "Challenge method should be S256",
-    "Failed to create user, user information is invalid: %s": "Failed to create user, user information is invalid: %s",
-    "Failed to login in: %s": "Failed to login in: %s",
-    "Invalid token": "Invalid token",
-    "State expected: %s, but got: %s": "State expected: %s, but got: %s",
-    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up",
-    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support",
-    "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)",
-    "The application: %s does not exist": "The application: %s does not exist",
-    "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
-    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
-    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
-    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
-    "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
-    "The organization: %s does not exist": "The organization: %s does not exist",
-    "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
-    "Unauthorized operation": "Unauthorized operation",
-    "Unknown authentication type (not password or provider), form = %s": "Unknown authentication type (not password or provider), form = %s",
-    "User's tag: %s is not listed in the application's tags": "User's tag: %s is not listed in the application's tags",
-    "paid-user %s does not have active or pending subscription and the application: %s does not have default pricing": "paid-user %s does not have active or pending subscription and the application: %s does not have default pricing"
-  },
-  "cas": {
-    "Service %s and %s do not match": "Service %s and %s do not match"
-  },
-  "check": {
-    "Affiliation cannot be blank": "Affiliation cannot be blank",
-    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
-    "DisplayName cannot be blank": "DisplayName cannot be blank",
-    "DisplayName is not valid real name": "DisplayName is not valid real name",
-    "Email already exists": "Email already exists",
-    "Email cannot be empty": "Email cannot be empty",
-    "Email is invalid": "Email is invalid",
-    "Empty username.": "Empty username.",
-    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
-    "Face data mismatch": "Face data mismatch",
-    "FirstName cannot be blank": "FirstName cannot be blank",
-    "Invitation code cannot be blank": "Invitation code cannot be blank",
-    "Invitation code exhausted": "Invitation code exhausted",
-    "Invitation code is invalid": "Invitation code is invalid",
-    "Invitation code suspended": "Invitation code suspended",
-    "LDAP user name or password incorrect": "LDAP user name or password incorrect",
-    "LastName cannot be blank": "LastName cannot be blank",
-    "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
-    "Organization does not exist": "Organization does not exist",
-    "Phone already exists": "Phone already exists",
-    "Phone cannot be empty": "Phone cannot be empty",
-    "Phone number is invalid": "Phone number is invalid",
-    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
-    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
-    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
-    "Session outdated, please login again": "Session outdated, please login again",
-    "The invitation code has already been used": "The invitation code has already been used",
-    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
-    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
-    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
-    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
-    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
-    "Username already exists": "Username already exists",
-    "Username cannot be an email address": "Username cannot be an email address",
-    "Username cannot contain white spaces": "Username cannot contain white spaces",
-    "Username cannot start with a digit": "Username cannot start with a digit",
-    "Username is too long (maximum is 39 characters).": "Username is too long (maximum is 39 characters).",
-    "Username must have at least 2 characters": "Username must have at least 2 characters",
-    "You have entered the wrong password or code too many times, please wait for %d minutes and try again": "You have entered the wrong password or code too many times, please wait for %d minutes and try again",
-    "Your region is not allow to signup by phone": "Your region is not allow to signup by phone",
-    "password or code is incorrect": "password or code is incorrect",
-    "password or code is incorrect, you have %d remaining chances": "password or code is incorrect, you have %d remaining chances",
-    "unsupported password type: %s": "unsupported password type: %s"
-  },
-  "general": {
-    "Missing parameter": "Missing parameter",
-    "Please login first": "Please login first",
-    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
-    "The user: %s doesn't exist": "The user: %s doesn't exist",
-    "don't support captchaProvider: ": "don't support captchaProvider: ",
-    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode",
-    "this operation requires administrator to perform": "this operation requires administrator to perform"
-  },
-  "ldap": {
-    "Ldap server exist": "Ldap server exist"
-  },
-  "link": {
-    "Please link first": "Please link first",
-    "This application has no providers": "This application has no providers",
-    "This application has no providers of type": "This application has no providers of type",
-    "This provider can't be unlinked": "This provider can't be unlinked",
-    "You are not the global admin, you can't unlink other users": "You are not the global admin, you can't unlink other users",
-    "You can't unlink yourself, you are not a member of any application": "You can't unlink yourself, you are not a member of any application"
-  },
-  "organization": {
-    "Only admin can modify the %s.": "Only admin can modify the %s.",
-    "The %s is immutable.": "The %s is immutable.",
-    "Unknown modify rule %s.": "Unknown modify rule %s."
-  },
-  "permission": {
-    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
-  },
-  "provider": {
-    "Invalid application id": "Invalid application id",
-    "the provider: %s does not exist": "the provider: %s does not exist"
-  },
-  "resource": {
-    "User is nil for tag: avatar": "User is nil for tag: avatar",
-    "Username or fullFilePath is empty: username = %s, fullFilePath = %s": "Username or fullFilePath is empty: username = %s, fullFilePath = %s"
-  },
-  "saml": {
-    "Application %s not found": "Application %s not found"
-  },
-  "saml_sp": {
-    "provider %s's category is not SAML": "provider %s's category is not SAML"
-  },
-  "service": {
-    "Empty parameters for emailForm: %v": "Empty parameters for emailForm: %v",
-    "Invalid Email receivers: %s": "Invalid Email receivers: %s",
-    "Invalid phone receivers: %s": "Invalid phone receivers: %s"
-  },
-  "storage": {
-    "The objectKey: %s is not allowed": "The objectKey: %s is not allowed",
-    "The provider type: %s is not supported": "The provider type: %s is not supported"
-  },
-  "token": {
-    "Grant_type: %s is not supported in this application": "Grant_type: %s is not supported in this application",
-    "Invalid application or wrong clientSecret": "Invalid application or wrong clientSecret",
-    "Invalid client_id": "Invalid client_id",
-    "Redirect URI: %s doesn't exist in the allowed Redirect URI list": "Redirect URI: %s doesn't exist in the allowed Redirect URI list",
-    "Token not found, invalid accessToken": "Token not found, invalid accessToken"
-  },
-  "user": {
-    "Display name cannot be empty": "Display name cannot be empty",
-    "New password cannot contain blank space.": "New password cannot contain blank space."
-  },
-  "user_upload": {
-    "Failed to import users": "Failed to import users"
-  },
-  "util": {
-    "No application is found for userId: %s": "No application is found for userId: %s",
-    "No provider for category: %s is found for application: %s": "No provider for category: %s is found for application: %s",
-    "The provider: %s is not found": "The provider: %s is not found"
-  },
-  "verification": {
-    "Invalid captcha provider.": "Invalid captcha provider.",
-    "Phone number is invalid in your region %s": "Phone number is invalid in your region %s",
-    "The verification code has not been sent yet!": "The verification code has not been sent yet!",
-    "The verification code has not been sent yet, or has already been used!": "The verification code has not been sent yet, or has already been used!",
-    "Turing test failed.": "Turing test failed.",
-    "Unable to get the email modify rule.": "Unable to get the email modify rule.",
-    "Unable to get the phone modify rule.": "Unable to get the phone modify rule.",
-    "Unknown type": "Unknown type",
-    "Wrong verification code!": "Wrong verification code!",
-    "You should verify your code in %d min!": "You should verify your code in %d min!",
-    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
-    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
-    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
-  },
-  "webauthn": {
-    "Found no credentials for this user": "Found no credentials for this user",
-    "Please call WebAuthnSigninBegin first": "Please call WebAuthnSigninBegin first"
-  }
-}
--- a/i18n/locales/cs/data.json
+++ b/i18n/locales/cs/data.json
@ -1,167 +0,0 @@
-{
-  "account": {
-    "Failed to add user": "Nepodařilo se přidat uživatele",
-    "Get init score failed, error: %w": "Nepodařilo se získat počáteční skóre, chyba: %w",
-    "Please sign out first": "Nejprve se prosím odhlaste",
-    "The application does not allow to sign up new account": "Aplikace neumožňuje registraci nového účtu"
-  },
-  "auth": {
-    "Challenge method should be S256": "Metoda výzvy by měla být S256",
-    "Failed to create user, user information is invalid: %s": "Nepodařilo se vytvořit uživatele, informace o uživateli jsou neplatné: %s",
-    "Failed to login in: %s": "Nepodařilo se přihlásit: %s",
-    "Invalid token": "Neplatný token",
-    "State expected: %s, but got: %s": "Očekávaný stav: %s, ale získán: %s",
-    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up": "Účet pro poskytovatele: %s a uživatelské jméno: %s (%s) neexistuje a není povoleno se registrovat jako nový účet přes %%s, prosím použijte jiný způsob registrace",
-    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "Účet pro poskytovatele: %s a uživatelské jméno: %s (%s) neexistuje a není povoleno se registrovat jako nový účet, prosím kontaktujte svou IT podporu",
-    "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "Účet pro poskytovatele: %s a uživatelské jméno: %s (%s) je již propojen s jiným účtem: %s (%s)",
-    "The application: %s does not exist": "Aplikace: %s neexistuje",
-    "The login method: login with LDAP is not enabled for the application": "Metoda přihlášení: přihlášení pomocí LDAP není pro aplikaci povolena",
-    "The login method: login with SMS is not enabled for the application": "Metoda přihlášení: přihlášení pomocí SMS není pro aplikaci povolena",
-    "The login method: login with email is not enabled for the application": "Metoda přihlášení: přihlášení pomocí emailu není pro aplikaci povolena",
-    "The login method: login with face is not enabled for the application": "Metoda přihlášení: přihlášení pomocí obličeje není pro aplikaci povolena",
-    "The login method: login with password is not enabled for the application": "Metoda přihlášení: přihlášení pomocí hesla není pro aplikaci povolena",
-    "The organization: %s does not exist": "Organizace: %s neexistuje",
-    "The provider: %s is not enabled for the application": "Poskytovatel: %s není pro aplikaci povolen",
-    "Unauthorized operation": "Neoprávněná operace",
-    "Unknown authentication type (not password or provider), form = %s": "Neznámý typ autentizace (není heslo nebo poskytovatel), formulář = %s",
-    "User's tag: %s is not listed in the application's tags": "Štítek uživatele: %s není uveden v štítcích aplikace",
-    "paid-user %s does not have active or pending subscription and the application: %s does not have default pricing": "Placený uživatel %s nemá aktivní nebo čekající předplatné a aplikace: %s nemá výchozí ceny"
-  },
-  "cas": {
-    "Service %s and %s do not match": "Služba %s a %s se neshodují"
-  },
-  "check": {
-    "Affiliation cannot be blank": "Příslušnost nemůže být prázdná",
-    "Default code does not match the code's matching rules": "Výchozí kód neodpovídá pravidlům pro shodu kódů",
-    "DisplayName cannot be blank": "Zobrazované jméno nemůže být prázdné",
-    "DisplayName is not valid real name": "Zobrazované jméno není platné skutečné jméno",
-    "Email already exists": "Email již existuje",
-    "Email cannot be empty": "Email nemůže být prázdný",
-    "Email is invalid": "Email je neplatný",
-    "Empty username.": "Prázdné uživatelské jméno.",
-    "Face data does not exist, cannot log in": "Data obličeje neexistují, nelze se přihlásit",
-    "Face data mismatch": "Neshoda dat obličeje",
-    "FirstName cannot be blank": "Křestní jméno nemůže být prázdné",
-    "Invitation code cannot be blank": "Pozvánkový kód nemůže být prázdný",
-    "Invitation code exhausted": "Pozvánkový kód vyčerpán",
-    "Invitation code is invalid": "Pozvánkový kód je neplatný",
-    "Invitation code suspended": "Pozvánkový kód pozastaven",
-    "LDAP user name or password incorrect": "Uživatelské jméno nebo heslo LDAP je nesprávné",
-    "LastName cannot be blank": "Příjmení nemůže být prázdné",
-    "Multiple accounts with same uid, please check your ldap server": "Více účtů se stejným uid, prosím zkontrolujte svůj ldap server",
-    "Organization does not exist": "Organizace neexistuje",
-    "Phone already exists": "Telefon již existuje",
-    "Phone cannot be empty": "Telefon nemůže být prázdný",
-    "Phone number is invalid": "Telefonní číslo je neplatné",
-    "Please register using the email corresponding to the invitation code": "Prosím zaregistrujte se pomocí emailu odpovídajícího pozvánkovému kódu",
-    "Please register using the phone  corresponding to the invitation code": "Prosím zaregistrujte se pomocí telefonu odpovídajícího pozvánkovému kódu",
-    "Please register using the username corresponding to the invitation code": "Prosím zaregistrujte se pomocí uživatelského jména odpovídajícího pozvánkovému kódu",
-    "Session outdated, please login again": "Relace je zastaralá, prosím přihlaste se znovu",
-    "The invitation code has already been used": "Pozvánkový kód již byl použit",
-    "The user is forbidden to sign in, please contact the administrator": "Uživatel má zakázáno se přihlásit, prosím kontaktujte administrátora",
-    "The user: %s doesn't exist in LDAP server": "Uživatel: %s neexistuje na LDAP serveru",
-    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "Uživatelské jméno může obsahovat pouze alfanumerické znaky, podtržítka nebo pomlčky, nemůže mít po sobě jdoucí pomlčky nebo podtržítka a nemůže začínat nebo končit pomlčkou nebo podtržítkem.",
-    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "Hodnota \\\"%s\\\" pro pole účtu \\\"%s\\\" neodpovídá regulárnímu výrazu položky účtu",
-    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "Hodnota \\\"%s\\\" pro pole registrace \\\"%s\\\" neodpovídá regulárnímu výrazu položky registrace aplikace \\\"%s\\\"",
-    "Username already exists": "Uživatelské jméno již existuje",
-    "Username cannot be an email address": "Uživatelské jméno nemůže být emailová adresa",
-    "Username cannot contain white spaces": "Uživatelské jméno nemůže obsahovat mezery",
-    "Username cannot start with a digit": "Uživatelské jméno nemůže začínat číslicí",
-    "Username is too long (maximum is 39 characters).": "Uživatelské jméno je příliš dlouhé (maximálně 39 znaků).",
-    "Username must have at least 2 characters": "Uživatelské jméno musí mít alespoň 2 znaky",
-    "You have entered the wrong password or code too many times, please wait for %d minutes and try again": "Zadali jste špatné heslo nebo kód příliš mnohokrát, prosím počkejte %d minut a zkuste to znovu",
-    "Your region is not allow to signup by phone": "Vaše oblast neumožňuje registraci pomocí telefonu",
-    "password or code is incorrect": "heslo nebo kód je nesprávné",
-    "password or code is incorrect, you have %d remaining chances": "heslo nebo kód je nesprávné, máte %d zbývajících pokusů",
-    "unsupported password type: %s": "nepodporovaný typ hesla: %s"
-  },
-  "general": {
-    "Missing parameter": "Chybějící parametr",
-    "Please login first": "Prosím, přihlaste se nejprve",
-    "The organization: %s should have one application at least": "Organizace: %s by měla mít alespoň jednu aplikaci",
-    "The user: %s doesn't exist": "Uživatel: %s neexistuje",
-    "don't support captchaProvider: ": "nepodporuje captchaProvider: ",
-    "this operation is not allowed in demo mode": "tato operace není povolena v demo režimu",
-    "this operation requires administrator to perform": "tato operace vyžaduje administrátora"
-  },
-  "ldap": {
-    "Ldap server exist": "Ldap server existuje"
-  },
-  "link": {
-    "Please link first": "Prosím, nejprve propojte",
-    "This application has no providers": "Tato aplikace nemá žádné poskytovatele",
-    "This application has no providers of type": "Tato aplikace nemá žádné poskytovatele typu",
-    "This provider can't be unlinked": "Tento poskytovatel nemůže být odpojen",
-    "You are not the global admin, you can't unlink other users": "Nejste globální administrátor, nemůžete odpojovat jiné uživatele",
-    "You can't unlink yourself, you are not a member of any application": "Nemůžete odpojit sami sebe, nejste členem žádné aplikace"
-  },
-  "organization": {
-    "Only admin can modify the %s.": "Pouze administrátor může upravit %s.",
-    "The %s is immutable.": "%s je neměnný.",
-    "Unknown modify rule %s.": "Neznámé pravidlo úpravy %s."
-  },
-  "permission": {
-    "The permission: \\\"%s\\\" doesn't exist": "Oprávnění: \\\"%s\\\" neexistuje"
-  },
-  "provider": {
-    "Invalid application id": "Neplatné ID aplikace",
-    "the provider: %s does not exist": "poskytovatel: %s neexistuje"
-  },
-  "resource": {
-    "User is nil for tag: avatar": "Uživatel je nil pro tag: avatar",
-    "Username or fullFilePath is empty: username = %s, fullFilePath = %s": "Uživatelské jméno nebo úplná cesta k souboru je prázdná: uživatelské jméno = %s, úplná cesta k souboru = %s"
-  },
-  "saml": {
-    "Application %s not found": "Aplikace %s nebyla nalezena"
-  },
-  "saml_sp": {
-    "provider %s's category is not SAML": "poskytovatel %s není kategorie SAML"
-  },
-  "service": {
-    "Empty parameters for emailForm: %v": "Prázdné parametry pro emailForm: %v",
-    "Invalid Email receivers: %s": "Neplatní příjemci emailu: %s",
-    "Invalid phone receivers: %s": "Neplatní příjemci telefonu: %s"
-  },
-  "storage": {
-    "The objectKey: %s is not allowed": "objectKey: %s není povolen",
-    "The provider type: %s is not supported": "typ poskytovatele: %s není podporován"
-  },
-  "token": {
-    "Grant_type: %s is not supported in this application": "Grant_type: %s není v této aplikaci podporován",
-    "Invalid application or wrong clientSecret": "Neplatná aplikace nebo špatný clientSecret",
-    "Invalid client_id": "Neplatné client_id",
-    "Redirect URI: %s doesn't exist in the allowed Redirect URI list": "Přesměrovací URI: %s neexistuje v seznamu povolených přesměrovacích URI",
-    "Token not found, invalid accessToken": "Token nenalezen, neplatný accessToken"
-  },
-  "user": {
-    "Display name cannot be empty": "Zobrazované jméno nemůže být prázdné",
-    "New password cannot contain blank space.": "Nové heslo nemůže obsahovat prázdné místo."
-  },
-  "user_upload": {
-    "Failed to import users": "Nepodařilo se importovat uživatele"
-  },
-  "util": {
-    "No application is found for userId: %s": "Pro userId: %s nebyla nalezena žádná aplikace",
-    "No provider for category: %s is found for application: %s": "Pro kategorii: %s nebyl nalezen žádný poskytovatel pro aplikaci: %s",
-    "The provider: %s is not found": "Poskytovatel: %s nebyl nalezen"
-  },
-  "verification": {
-    "Invalid captcha provider.": "Neplatný poskytovatel captcha.",
-    "Phone number is invalid in your region %s": "Telefonní číslo je ve vaší oblasti %s neplatné",
-    "The verification code has not been sent yet!": "Ověřovací kód ještě nebyl odeslán!",
-    "The verification code has not been sent yet, or has already been used!": "Ověřovací kód ještě nebyl odeslán, nebo již byl použit!",
-    "Turing test failed.": "Turingův test selhal.",
-    "Unable to get the email modify rule.": "Nelze získat pravidlo pro úpravu emailu.",
-    "Unable to get the phone modify rule.": "Nelze získat pravidlo pro úpravu telefonu.",
-    "Unknown type": "Neznámý typ",
-    "Wrong verification code!": "Špatný ověřovací kód!",
-    "You should verify your code in %d min!": "Měli byste ověřit svůj kód do %d minut!",
-    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "prosím přidejte poskytovatele SMS do seznamu \\\"Providers\\\" pro aplikaci: %s",
-    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "prosím přidejte poskytovatele emailu do seznamu \\\"Providers\\\" pro aplikaci: %s",
-    "the user does not exist, please sign up first": "uživatel neexistuje, prosím nejprve se zaregistrujte"
-  },
-  "webauthn": {
-    "Found no credentials for this user": "Nebyly nalezeny žádné přihlašovací údaje pro tohoto uživatele",
-    "Please call WebAuthnSigninBegin first": "Prosím, nejprve zavolejte WebAuthnSigninBegin"
-  }
-}
--- a/i18n/locales/de/data.json
+++ b/i18n/locales/de/data.json
@ -1,167 +0,0 @@
-{
-  "account": {
-    "Failed to add user": "Konnte den Benutzer nicht hinzufügen",
-    "Get init score failed, error: %w": "Init-Score konnte nicht abgerufen werden, Fehler: %w",
-    "Please sign out first": "Bitte melden Sie sich zuerst ab",
-    "The application does not allow to sign up new account": "Die Anwendung erlaubt es nicht, sich für ein neues Konto anzumelden"
-  },
-  "auth": {
-    "Challenge method should be S256": "Die Challenge-Methode sollte S256 sein",
-    "Failed to create user, user information is invalid: %s": "Es konnte kein Benutzer erstellt werden, da die Benutzerinformationen ungültig sind: %s",
-    "Failed to login in: %s": "Konnte nicht anmelden: %s",
-    "Invalid token": "Ungültiges Token",
-    "State expected: %s, but got: %s": "Erwarteter Zustand: %s, aber erhalten: %s",
-    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up": "Das Konto für den Anbieter: %s und Benutzernamen: %s (%s) existiert nicht und darf nicht über %%s als neues Konto erstellt werden. Bitte nutzen Sie einen anderen Weg, um sich anzumelden",
-    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "Das Konto für den Anbieter %s und Benutzernamen %s (%s) existiert nicht und es ist nicht erlaubt, ein neues Konto anzumelden. Bitte wenden Sie sich an Ihren IT-Support",
-    "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "Das Konto für den Anbieter %s und Benutzernamen %s (%s) ist bereits mit einem anderen Konto verknüpft: %s (%s)",
-    "The application: %s does not exist": "Die Anwendung: %s existiert nicht",
-    "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
-    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
-    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
-    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
-    "The login method: login with password is not enabled for the application": "Die Anmeldeart \"Anmeldung mit Passwort\" ist für die Anwendung nicht aktiviert",
-    "The organization: %s does not exist": "The organization: %s does not exist",
-    "The provider: %s is not enabled for the application": "Der Anbieter: %s ist nicht für die Anwendung aktiviert",
-    "Unauthorized operation": "Nicht autorisierte Operation",
-    "Unknown authentication type (not password or provider), form = %s": "Unbekannter Authentifizierungstyp (nicht Passwort oder Anbieter), Formular = %s",
-    "User's tag: %s is not listed in the application's tags": "User's tag: %s is not listed in the application's tags",
-    "paid-user %s does not have active or pending subscription and the application: %s does not have default pricing": "paid-user %s does not have active or pending subscription and the application: %s does not have default pricing"
-  },
-  "cas": {
-    "Service %s and %s do not match": "Service %s und %s stimmen nicht überein"
-  },
-  "check": {
-    "Affiliation cannot be blank": "Zugehörigkeit darf nicht leer sein",
-    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
-    "DisplayName cannot be blank": "Anzeigename kann nicht leer sein",
-    "DisplayName is not valid real name": "DisplayName ist kein gültiger Vorname",
-    "Email already exists": "E-Mail existiert bereits",
-    "Email cannot be empty": "E-Mail darf nicht leer sein",
-    "Email is invalid": "E-Mail ist ungültig",
-    "Empty username.": "Leerer Benutzername.",
-    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
-    "Face data mismatch": "Face data mismatch",
-    "FirstName cannot be blank": "Vorname darf nicht leer sein",
-    "Invitation code cannot be blank": "Invitation code cannot be blank",
-    "Invitation code exhausted": "Invitation code exhausted",
-    "Invitation code is invalid": "Invitation code is invalid",
-    "Invitation code suspended": "Invitation code suspended",
-    "LDAP user name or password incorrect": "Ldap Benutzername oder Passwort falsch",
-    "LastName cannot be blank": "Nachname darf nicht leer sein",
-    "Multiple accounts with same uid, please check your ldap server": "Mehrere Konten mit derselben uid, bitte überprüfen Sie Ihren LDAP-Server",
-    "Organization does not exist": "Organisation existiert nicht",
-    "Phone already exists": "Telefon existiert bereits",
-    "Phone cannot be empty": "Das Telefon darf nicht leer sein",
-    "Phone number is invalid": "Die Telefonnummer ist ungültig",
-    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
-    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
-    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
-    "Session outdated, please login again": "Sitzung abgelaufen, bitte erneut anmelden",
-    "The invitation code has already been used": "The invitation code has already been used",
-    "The user is forbidden to sign in, please contact the administrator": "Dem Benutzer ist der Zugang verboten, bitte kontaktieren Sie den Administrator",
-    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
-    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "Der Benutzername darf nur alphanumerische Zeichen, Unterstriche oder Bindestriche enthalten, keine aufeinanderfolgenden Bindestriche oder Unterstriche haben und darf nicht mit einem Bindestrich oder Unterstrich beginnen oder enden.",
-    "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex": "The value \\\"%s\\\" for account field \\\"%s\\\" doesn't match the account item regex",
-    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
-    "Username already exists": "Benutzername existiert bereits",
-    "Username cannot be an email address": "Benutzername kann keine E-Mail-Adresse sein",
-    "Username cannot contain white spaces": "Benutzername darf keine Leerzeichen enthalten",
-    "Username cannot start with a digit": "Benutzername darf nicht mit einer Ziffer beginnen",
-    "Username is too long (maximum is 39 characters).": "Benutzername ist zu lang (das Maximum beträgt 39 Zeichen).",
-    "Username must have at least 2 characters": "Benutzername muss mindestens 2 Zeichen lang sein",
-    "You have entered the wrong password or code too many times, please wait for %d minutes and try again": "Sie haben zu oft das falsche Passwort oder den falschen Code eingegeben. Bitte warten Sie %d Minuten und versuchen Sie es erneut",
-    "Your region is not allow to signup by phone": "Ihre Region ist nicht berechtigt, sich telefonisch anzumelden",
-    "password or code is incorrect": "password or code is incorrect",
-    "password or code is incorrect, you have %d remaining chances": "Das Passwort oder der Code ist falsch. Du hast noch %d Versuche übrig",
-    "unsupported password type: %s": "Nicht unterstützter Passworttyp: %s"
-  },
-  "general": {
-    "Missing parameter": "Fehlender Parameter",
-    "Please login first": "Bitte zuerst einloggen",
-    "The organization: %s should have one application at least": "The organization: %s should have one application at least",
-    "The user: %s doesn't exist": "Der Benutzer %s existiert nicht",
-    "don't support captchaProvider: ": "Unterstütze captchaProvider nicht:",
-    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode",
-    "this operation requires administrator to perform": "this operation requires administrator to perform"
-  },
-  "ldap": {
-    "Ldap server exist": "Es gibt einen LDAP-Server"
-  },
-  "link": {
-    "Please link first": "Bitte verlinken Sie zuerst",
-    "This application has no providers": "Diese Anwendung hat keine Anbieter",
-    "This application has no providers of type": "Diese Anwendung hat keine Anbieter des Typs",
-    "This provider can't be unlinked": "Dieser Anbieter kann nicht entkoppelt werden",
-    "You are not the global admin, you can't unlink other users": "Sie sind nicht der globale Administrator, Sie können keine anderen Benutzer trennen",
-    "You can't unlink yourself, you are not a member of any application": "Du kannst dich nicht abmelden, du bist kein Mitglied einer Anwendung"
-  },
-  "organization": {
-    "Only admin can modify the %s.": "Nur der Administrator kann das %s ändern.",
-    "The %s is immutable.": "Das %s ist unveränderlich.",
-    "Unknown modify rule %s.": "Unbekannte Änderungsregel %s."
-  },
-  "permission": {
-    "The permission: \\\"%s\\\" doesn't exist": "The permission: \\\"%s\\\" doesn't exist"
-  },
-  "provider": {
-    "Invalid application id": "Ungültige Anwendungs-ID",
-    "the provider: %s does not exist": "Der Anbieter %s existiert nicht"
-  },
-  "resource": {
-    "User is nil for tag: avatar": "Benutzer ist null für Tag: Avatar",
-    "Username or fullFilePath is empty: username = %s, fullFilePath = %s": "Benutzername oder vollständiger Dateipfad sind leer: Benutzername = %s, vollständiger Dateipfad = %s"
-  },
-  "saml": {
-    "Application %s not found": "Anwendung %s wurde nicht gefunden"
-  },
-  "saml_sp": {
-    "provider %s's category is not SAML": "Der Anbieter %s ist keine Kategorie von SAML"
-  },
-  "service": {
-    "Empty parameters for emailForm: %v": "Leere Parameter für Email-Formular: %v",
-    "Invalid Email receivers: %s": "Ungültige E-Mail-Empfänger: %s",
-    "Invalid phone receivers: %s": "Ungültige Telefonempfänger: %s"
-  },
-  "storage": {
-    "The objectKey: %s is not allowed": "Der Objektschlüssel %s ist nicht erlaubt",
-    "The provider type: %s is not supported": "Der Anbieter-Typ %s wird nicht unterstützt"
-  },
-  "token": {
-    "Grant_type: %s is not supported in this application": "Grant_type: %s wird von dieser Anwendung nicht unterstützt",
-    "Invalid application or wrong clientSecret": "Ungültige Anwendung oder falsches clientSecret",
-    "Invalid client_id": "Ungültige client_id",
-    "Redirect URI: %s doesn't exist in the allowed Redirect URI list": "Weiterleitungs-URI: %s ist nicht in der Liste erlaubter Weiterleitungs-URIs vorhanden",
-    "Token not found, invalid accessToken": "Token nicht gefunden, ungültiger Zugriffs-Token"
-  },
-  "user": {
-    "Display name cannot be empty": "Anzeigename darf nicht leer sein",
-    "New password cannot contain blank space.": "Das neue Passwort darf keine Leerzeichen enthalten."
-  },
-  "user_upload": {
-    "Failed to import users": "Fehler beim Importieren von Benutzern"
-  },
-  "util": {
-    "No application is found for userId: %s": "Es wurde keine Anwendung für die Benutzer-ID gefunden: %s",
-    "No provider for category: %s is found for application: %s": "Kein Anbieter für die Kategorie %s gefunden für die Anwendung: %s",
-    "The provider: %s is not found": "Der Anbieter: %s wurde nicht gefunden"
-  },
-  "verification": {
-    "Invalid captcha provider.": "Ungültiger Captcha-Anbieter.",
-    "Phone number is invalid in your region %s": "Die Telefonnummer ist in Ihrer Region %s ungültig",
-    "The verification code has not been sent yet!": "The verification code has not been sent yet!",
-    "The verification code has not been sent yet, or has already been used!": "The verification code has not been sent yet, or has already been used!",
-    "Turing test failed.": "Turing-Test fehlgeschlagen.",
-    "Unable to get the email modify rule.": "Nicht in der Lage, die E-Mail-Änderungsregel zu erhalten.",
-    "Unable to get the phone modify rule.": "Nicht in der Lage, die Telefon-Änderungsregel zu erhalten.",
-    "Unknown type": "Unbekannter Typ",
-    "Wrong verification code!": "Falscher Bestätigungscode!",
-    "You should verify your code in %d min!": "Du solltest deinen Code in %d Minuten verifizieren!",
-    "please add a SMS provider to the \\\"Providers\\\" list for the application: %s": "please add a SMS provider to the \\\"Providers\\\" list for the application: %s",
-    "please add an Email provider to the \\\"Providers\\\" list for the application: %s": "please add an Email provider to the \\\"Providers\\\" list for the application: %s",
-    "the user does not exist, please sign up first": "Der Benutzer existiert nicht, bitte zuerst anmelden"
-  },
-  "webauthn": {
-    "Found no credentials for this user": "Es wurden keine Anmeldeinformationen für diesen Benutzer gefunden",
-    "Please call WebAuthnSigninBegin first": "Bitte rufen Sie zuerst WebAuthnSigninBegin auf"
-  }
-}
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Yang Luo	8435f7b5a2	Merge pull request #7 from nodece/feat_application feat: add application module	2020-11-24 14:48:25 +00:00
Yang Luo	98734837a8	Merge pull request #6 from nodece/improve_user_style fix: improve user style	2020-11-24 14:04:29 +00:00
Zixuan Liu	218b96ed74	feat: add application Signed-off-by: Zixuan Liu <nodeces@gmail.com>	2020-11-23 23:50:59 +08:00
Zixuan Liu	89476a79ad	fix: improve user style Signed-off-by: Zixuan Liu <nodeces@gmail.com>	2020-11-23 22:10:11 +08:00
Yang Luo	b003838b00	Merge pull request #5 from nodece/master refactor: adjust the structure for decoupling	2020-11-12 00:09:18 +08:00
Zixuan Liu	5efc866a84	refactor: adjust the structure for decoupling Signed-off-by: Zixuan Liu <nodeces@gmail.com>	2020-11-11 21:38:51 +08:00
Yang Luo	d77278fb93	Merge pull request #4 from nodece/master feat: building the main layout	2020-11-07 11:08:54 +08:00
Zixuan Liu	17b974f895	feat: building the main layout Signed-off-by: Zixuan Liu <nodeces@gmail.com>	2020-11-07 01:08:03 +08:00
Yang Luo	046ed8fe3b	Merge pull request #3 from nodece/master refactor: migrate from Beego to Gin	2020-11-01 10:41:43 +08:00
Zixuan Liu	2422943a59	refactor: migrate from Beego to Gin Signed-off-by: Zixuan Liu <nodeces@gmail.com>	2020-11-01 01:09:49 +08:00
Zixuan Liu	723c68822c	refactor: migrate to TypeScript (#2 ) * refactor: migrate to TypeScript Signed-off-by: Zixuan Liu <nodeces@gmail.com> * fix: cors Signed-off-by: Zixuan Liu <nodeces@gmail.com>	2020-10-31 23:20:40 +08:00