feat: revert PR: "fix: disable cookie for static files" (#1666 )

This reverts commit 312412ffe4.
feat: improve tooltips and i18n for frontend (#1645 )
2025-07-10 01:56:49 +08:00 · 2023-03-17 17:27:12 +08:00 · 2023-03-16 14:53:58 +08:00 · 2023-03-16 00:25:03 +08:00 · 2023-03-16 00:24:18 +08:00 · 2023-03-15 23:44:38 +08:00
130 changed files with 4465 additions and 2065 deletions
--- a/.github/workflows/migrate.yml
+++ b/.github/workflows/migrate.yml
@ -0,0 +1,61 @@
+name: Migration Test
+
+on:
+  push:
+    paths:
+      - 'object/migrator**'
+  pull_request:
+    paths:
+      - 'object/migrator**'
+
+jobs:
+
+  db-migrator-test:
+    name: db-migrator-test
+    runs-on: ubuntu-latest
+    services:
+      mysql:
+        image: mysql:5.7
+        env:
+          MYSQL_DATABASE: casdoor
+          MYSQL_ROOT_PASSWORD: 123456
+        ports:
+          - 3306:3306
+        options: --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=3
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-go@v2
+        with:
+          go-version: '^1.16.5'
+      - uses: actions/setup-node@v2
+        with:
+          node-version: 16
+      - name: pull casdoor-master-latest
+        run: |
+          sudo apt update
+          sudo apt install git
+          sudo apt install net-tools
+          sudo mkdir tmp
+          cd tmp
+          sudo git clone https://github.com/casdoor/casdoor.git
+          cd ..
+        working-directory: ./
+      - name: run casdoor-master-latest
+        run: |
+          sudo nohup go run main.go &
+          sudo sleep 2m
+        working-directory: ./tmp/casdoor
+      - name: stop casdoor-master-latest
+        run: |
+          sudo kill -9 `sudo netstat -anltp | grep 8000 | awk '{print $7}' | cut -d / -f 1`
+        working-directory: ./
+      - name: run casdoor-current-version
+        run: |
+          sudo nohup go run ./main.go &
+          sudo sleep 2m
+        working-directory: ./
+      - name: test port-8000
+        run: |
+          if [[ `sudo netstat -anltp | grep 8000 | awk '{print $7}'` == "" ]];then echo 'db-migrator-test fail' && exit 1;fi;
+          echo 'db-migrator-test pass'
+        working-directory: ./
--- a/authz/authz.go
+++ b/authz/authz.go
@ -80,7 +80,7 @@ m = (r.subOwner == p.subOwner || p.subOwner == "*") && \
 p, built-in, *, *, *, *, *
 p, app, *, *, *, *, *
 p, *, *, POST, /api/signup, *, *
-p, *, *, POST, /api/get-email-and-phone, *, *
+p, *, *, GET, /api/get-email-and-phone, *, *
 p, *, *, POST, /api/login, *, *
 p, *, *, GET, /api/get-app-login, *, *
 p, *, *, POST, /api/logout, *, *
@ -160,7 +160,7 @@ func IsAllowed(subOwner string, subName string, method string, urlPath string, o

 func isAllowedInDemoMode(subOwner string, subName string, method string, urlPath string, objOwner string, objName string) bool {
 	if method == "POST" {
-		if strings.HasPrefix(urlPath, "/api/login") || urlPath == "/api/logout" || urlPath == "/api/signup" || urlPath == "/api/send-verification-code" || urlPath == "/api/send-email" {
+		if strings.HasPrefix(urlPath, "/api/login") || urlPath == "/api/logout" || urlPath == "/api/signup" || urlPath == "/api/send-verification-code" || urlPath == "/api/send-email" || urlPath == "/api/verify-captcha" {
 			return true
 		} else if urlPath == "/api/update-user" {
 			// Allow ordinary users to update their own information
--- a/captcha/aliyun.go
+++ b/captcha/aliyun.go
@ -31,6 +31,16 @@ import (

 const AliyunCaptchaVerifyUrl = "http://afs.aliyuncs.com"

+type captchaSuccessResponse struct {
+	Code int    `json:"Code"`
+	Msg  string `json:"Msg"`
+}
+
+type captchaFailResponse struct {
+	Code    string `json:"Code"`
+	Message string `json:"Message"`
+}
+
 type AliyunCaptchaProvider struct{}

 func NewAliyunCaptchaProvider() *AliyunCaptchaProvider {
@ -85,19 +95,20 @@ func (captcha *AliyunCaptchaProvider) VerifyCaptcha(token, clientSecret string)
 		return false, err
 	}

-	type captchaResponse struct {
-		Code int    `json:"Code"`
-		Msg  string `json:"Msg"`
+	return handleCaptchaResponse(body)
 }
-	captchaResp := &captchaResponse{}

-	err = json.Unmarshal(body, captchaResp)
+func handleCaptchaResponse(body []byte) (bool, error) {
+	captchaResp := &captchaSuccessResponse{}
+	err := json.Unmarshal(body, captchaResp)
+	if err != nil {
+		captchaFailResp := &captchaFailResponse{}
+		err = json.Unmarshal(body, captchaFailResp)
 		if err != nil {
 			return false, err
 		}

-	if captchaResp.Code != 100 {
-		return false, errors.New(captchaResp.Msg)
+		return false, errors.New(captchaFailResp.Message)
 	}

 	return true, nil
--- a/captcha/provider.go
+++ b/captcha/provider.go
@ -21,19 +21,21 @@ type CaptchaProvider interface {
 }

 func GetCaptchaProvider(captchaType string) CaptchaProvider {
-	if captchaType == "Default" {
+	switch captchaType {
+	case "Default":
 		return NewDefaultCaptchaProvider()
-	} else if captchaType == "reCAPTCHA" {
+	case "reCAPTCHA":
 		return NewReCaptchaProvider()
-	} else if captchaType == "hCaptcha" {
-		return NewHCaptchaProvider()
-	} else if captchaType == "Aliyun Captcha" {
+	case "Aliyun Captcha":
 		return NewAliyunCaptchaProvider()
-	} else if captchaType == "GEETEST" {
+	case "hCaptcha":
+		return NewHCaptchaProvider()
+	case "GEETEST":
 		return NewGEETESTCaptchaProvider()
-	} else if captchaType == "Cloudflare Turnstile" {
+	case "Cloudflare Turnstile":
 		return NewCloudflareTurnstileProvider()
 	}
+
 	return nil
 }

--- a/conf/app.conf
+++ b/conf/app.conf
@ -20,5 +20,5 @@ staticBaseUrl = "https://cdn.casbin.org"
 isDemoMode = false
 batchSize = 100
 ldapServerPort = 389
-languages = en,zh,es,fr,de,ja,ko,ru
+languages = en,zh,es,fr,de,ja,ko,ru,vi
 quota = {"organization": -1, "user": -1, "application": -1, "provider": -1}
--- a/conf/conf.go
+++ b/conf/conf.go
@ -105,6 +105,23 @@ func GetConfigDataSourceName() string {
 	return dataSourceName
 }

+func GetLanguage(language string) string {
+	if language == "" || language == "*" {
+		return "en"
+	}
+
+	if len(language) < 2 {
+		return "en"
+	}
+
+	language = language[0:2]
+	if strings.Contains(GetConfigString("languages"), language) {
+		return language
+	} else {
+		return "en"
+	}
+}
+
 func IsDemoMode() bool {
 	return strings.ToLower(GetConfigString("isDemoMode")) == "true"
 }
--- a/controllers/account.go
+++ b/controllers/account.go
@ -58,7 +58,7 @@ type RequestForm struct {

 	EmailCode   string `json:"emailCode"`
 	PhoneCode   string `json:"phoneCode"`
-	PhonePrefix string `json:"phonePrefix"`
+	CountryCode string `json:"countryCode"`

 	AutoSignin bool `json:"autoSignin"`

@ -121,7 +121,7 @@ func (c *ApiController) Signup() {
 	}

 	organization := object.GetOrganization(fmt.Sprintf("%s/%s", "admin", form.Organization))
-	msg := object.CheckUserSignup(application, organization, form.Username, form.Password, form.Name, form.FirstName, form.LastName, form.Email, form.Phone, form.Affiliation, c.GetAcceptLanguage())
+	msg := object.CheckUserSignup(application, organization, form.Username, form.Password, form.Name, form.FirstName, form.LastName, form.Email, form.Phone, form.CountryCode, form.Affiliation, c.GetAcceptLanguage())
 	if msg != "" {
 		c.ResponseError(msg)
 		return
@ -129,18 +129,18 @@ func (c *ApiController) Signup() {

 	if application.IsSignupItemVisible("Email") && application.GetSignupItemRule("Email") != "No verification" && form.Email != "" {
 		checkResult := object.CheckVerificationCode(form.Email, form.EmailCode, c.GetAcceptLanguage())
-		if len(checkResult) != 0 {
-			c.ResponseError(c.T("account:Email: %s"), checkResult)
+		if checkResult.Code != object.VerificationSuccess {
+			c.ResponseError(checkResult.Msg)
 			return
 		}
 	}

 	var checkPhone string
 	if application.IsSignupItemVisible("Phone") && form.Phone != "" {
-		checkPhone = fmt.Sprintf("+%s%s", form.PhonePrefix, form.Phone)
+		checkPhone, _ = util.GetE164Number(form.Phone, form.CountryCode)
 		checkResult := object.CheckVerificationCode(checkPhone, form.PhoneCode, c.GetAcceptLanguage())
-		if len(checkResult) != 0 {
-			c.ResponseError(c.T("account:Phone: %s"), checkResult)
+		if checkResult.Code != object.VerificationSuccess {
+			c.ResponseError(checkResult.Msg)
 			return
 		}
 	}
@ -179,6 +179,7 @@ func (c *ApiController) Signup() {
 		Avatar:            organization.DefaultAvatar,
 		Email:             form.Email,
 		Phone:             form.Phone,
+		CountryCode:       form.CountryCode,
 		Address:           []string{},
 		Affiliation:       form.Affiliation,
 		IdCard:            form.IdCard,
@ -245,19 +246,24 @@ func (c *ApiController) Signup() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /logout [get,post]
 func (c *ApiController) Logout() {
-	user := c.GetSessionUsername()
-
 	// https://openid.net/specs/openid-connect-rpinitiated-1_0-final.html
 	accessToken := c.Input().Get("id_token_hint")
 	redirectUri := c.Input().Get("post_logout_redirect_uri")
 	state := c.Input().Get("state")

-	if accessToken == "" && redirectUri == "" {
-		c.ClearUserSession()
-		// TODO https://github.com/casdoor/casdoor/pull/1494#discussion_r1095675265
-		owner, username := util.GetOwnerAndNameFromId(user)
+	user := c.GetSessionUsername()

+	if accessToken == "" && redirectUri == "" {
+		// TODO https://github.com/casdoor/casdoor/pull/1494#discussion_r1095675265
+		if user == "" {
+			c.ResponseOk()
+			return
+		}
+
+		c.ClearUserSession()
+		owner, username := util.GetOwnerAndNameFromId(user)
 		object.DeleteSessionId(util.GetSessionId(owner, username, object.CasdoorApplication), c.Ctx.Input.CruSession.SessionID())
+
 		util.LogInfo(c.Ctx, "API: [%s] logged out", user)

 		application := c.GetSessionApplication()
@ -295,7 +301,9 @@ func (c *ApiController) Logout() {

 			c.ClearUserSession()
 			// TODO https://github.com/casdoor/casdoor/pull/1494#discussion_r1095675265
-			object.DeleteSessionId(util.GetSessionId(object.CasdoorOrganization, object.CasdoorApplication, user), c.Ctx.Input.CruSession.SessionID())
+			owner, username := util.GetOwnerAndNameFromId(user)
+
+			object.DeleteSessionId(util.GetSessionId(owner, username, object.CasdoorApplication), c.Ctx.Input.CruSession.SessionID())
 			util.LogInfo(c.Ctx, "API: [%s] logged out", user)

 			c.Ctx.Redirect(http.StatusFound, fmt.Sprintf("%s?state=%s", strings.TrimRight(redirectUri, "/"), state))
--- a/controllers/auth.go
+++ b/controllers/auth.go
@ -263,34 +263,32 @@ func (c *ApiController) Login() {
 				checkDest = form.Username
 			} else {
 				verificationCodeType = "phone"
-				if len(form.PhonePrefix) == 0 {
-					responseText := fmt.Sprintf(c.T("auth:%s No phone prefix"), verificationCodeType)
-					c.ResponseError(responseText)
-					return
-				}
 				if user != nil && util.GetMaskedPhone(user.Phone) == form.Username {
 					form.Username = user.Phone
 				}
-				checkDest = fmt.Sprintf("+%s%s", form.PhonePrefix, form.Username)
 			}
-			user = object.GetUserByFields(form.Organization, form.Username)
-			if user == nil {
+
+			if user = object.GetUserByFields(form.Organization, form.Username); user == nil {
 				c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), util.GetId(form.Organization, form.Username)))
 				return
 			}
+			if verificationCodeType == "phone" {
+				form.CountryCode = user.GetCountryCode(form.CountryCode)
+				var ok bool
+				if checkDest, ok = util.GetE164Number(form.Username, form.CountryCode); !ok {
+					c.ResponseError(fmt.Sprintf(c.T("verification:Phone number is invalid in your region %s"), form.CountryCode))
+					return
+				}
+			}
+
 			checkResult = object.CheckSigninCode(user, checkDest, form.Code, c.GetAcceptLanguage())
 			if len(checkResult) != 0 {
-				responseText := fmt.Sprintf("%s - %s", verificationCodeType, checkResult)
-				c.ResponseError(responseText)
+				c.ResponseError(fmt.Sprintf("%s - %s", verificationCodeType, checkResult))
 				return
 			}

 			// disable the verification code
-			if strings.Contains(form.Username, "@") {
-				object.DisableVerificationCode(form.Username)
-			} else {
-				object.DisableVerificationCode(fmt.Sprintf("+%s%s", form.PhonePrefix, form.Username))
-			}
+			object.DisableVerificationCode(checkDest)
 		} else {
 			application := object.GetApplication(fmt.Sprintf("admin/%s", form.Application))
 			if application == nil {
@ -453,7 +451,7 @@ func (c *ApiController) Login() {
 					}

 					properties := map[string]string{}
-					properties["no"] = strconv.Itoa(len(object.GetUsers(application.Organization)) + 2)
+					properties["no"] = strconv.Itoa(object.GetUserCount(application.Organization, "", "") + 2)
 					initScore, err := getInitScore(organization)
 					if err != nil {
 						c.ResponseError(fmt.Errorf(c.T("account:Get init score failed, error: %w"), err).Error())
--- a/controllers/ldap.go
+++ b/controllers/ldap.go
@ -21,14 +21,6 @@ import (
 	"github.com/casdoor/casdoor/util"
 )

-type LdapServer struct {
-	Host   string `json:"host"`
-	Port   int    `json:"port"`
-	Admin  string `json:"admin"`
-	Passwd string `json:"passwd"`
-	BaseDn string `json:"baseDn"`
-}
-
 type LdapResp struct {
 	// Groups []LdapRespGroup `json:"groups"`
 	Users []object.LdapRespUser `json:"users"`
@ -44,21 +36,17 @@ type LdapSyncResp struct {
 	Failed []object.LdapRespUser `json:"failed"`
 }

-// GetLdapUser
+// GetLdapUsers
 // @Tag Account API
 // @Title GetLdapser
-// @router /get-ldap-user [post]
-func (c *ApiController) GetLdapUser() {
-	ldapServer := LdapServer{}
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &ldapServer)
-	if err != nil || util.IsStrsEmpty(ldapServer.Host, ldapServer.Admin, ldapServer.Passwd, ldapServer.BaseDn) {
-		c.ResponseError(c.T("general:Missing parameter"))
-		return
-	}
+// @router /get-ldap-users [get]
+func (c *ApiController) GetLdapUsers() {
+	id := c.Input().Get("id")

-	var resp LdapResp
+	_, ldapId := util.GetOwnerAndNameFromId(id)
+	ldapServer := object.GetLdap(ldapId)

-	conn, err := object.GetLdapConn(ldapServer.Host, ldapServer.Port, ldapServer.Admin, ldapServer.Passwd)
+	conn, err := ldapServer.GetLdapConn()
 	if err != nil {
 		c.ResponseError(err.Error())
 		return
@ -83,6 +71,8 @@ func (c *ApiController) GetLdapUser() {
 		return
 	}

+	var resp LdapResp
+	uuids := make([]string, len(users))
 	for _, user := range users {
 		resp.Users = append(resp.Users, object.LdapRespUser{
 			UidNumber: user.UidNumber,
@ -95,37 +85,38 @@ func (c *ApiController) GetLdapUser() {
 			Phone:   util.GetMaxLenStr(user.TelephoneNumber, user.Mobile, user.MobileTelephoneNumber),
 			Address: util.GetMaxLenStr(user.RegisteredAddress, user.PostalAddress),
 		})
+		uuids = append(uuids, user.Uuid)
 	}

-	c.Data["json"] = Response{Status: "ok", Data: resp}
-	c.ServeJSON()
+	existUuids := object.CheckLdapUuidExist(ldapServer.Owner, uuids)
+
+	c.ResponseOk(resp, existUuids)
 }

 // GetLdaps
 // @Tag Account API
 // @Title GetLdaps
-// @router /get-ldaps [post]
+// @router /get-ldaps [get]
 func (c *ApiController) GetLdaps() {
 	owner := c.Input().Get("owner")

-	c.Data["json"] = Response{Status: "ok", Data: object.GetLdaps(owner)}
-	c.ServeJSON()
+	c.ResponseOk(object.GetLdaps(owner))
 }

 // GetLdap
 // @Tag Account API
 // @Title GetLdap
-// @router /get-ldap [post]
+// @router /get-ldap [get]
 func (c *ApiController) GetLdap() {
 	id := c.Input().Get("id")

-	if util.IsStrsEmpty(id) {
+	if util.IsStringsEmpty(id) {
 		c.ResponseError(c.T("general:Missing parameter"))
 		return
 	}

-	c.Data["json"] = Response{Status: "ok", Data: object.GetLdap(id)}
-	c.ServeJSON()
+	_, name := util.GetOwnerAndNameFromId(id)
+	c.ResponseOk(object.GetLdap(name))
 }

 // AddLdap
@ -136,11 +127,11 @@ func (c *ApiController) AddLdap() {
 	var ldap object.Ldap
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &ldap)
 	if err != nil {
-		c.ResponseError(c.T("general:Missing parameter"))
+		c.ResponseError(err.Error())
 		return
 	}

-	if util.IsStrsEmpty(ldap.Owner, ldap.ServerName, ldap.Host, ldap.Admin, ldap.Passwd, ldap.BaseDn) {
+	if util.IsStringsEmpty(ldap.Owner, ldap.ServerName, ldap.Host, ldap.Admin, ldap.Passwd, ldap.BaseDn) {
 		c.ResponseError(c.T("general:Missing parameter"))
 		return
 	}
@ -152,9 +143,8 @@ func (c *ApiController) AddLdap() {

 	affected := object.AddLdap(&ldap)
 	resp := wrapActionResponse(affected)
-	if affected {
 	resp.Data2 = ldap
-	}
+
 	if ldap.AutoSync != 0 {
 		object.GetLdapAutoSynchronizer().StartAutoSync(ldap.Id)
 	}
@ -170,24 +160,21 @@ func (c *ApiController) AddLdap() {
 func (c *ApiController) UpdateLdap() {
 	var ldap object.Ldap
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &ldap)
-	if err != nil || util.IsStrsEmpty(ldap.Owner, ldap.ServerName, ldap.Host, ldap.Admin, ldap.Passwd, ldap.BaseDn) {
+	if err != nil || util.IsStringsEmpty(ldap.Owner, ldap.ServerName, ldap.Host, ldap.Admin, ldap.Passwd, ldap.BaseDn) {
 		c.ResponseError(c.T("general:Missing parameter"))
 		return
 	}

 	prevLdap := object.GetLdap(ldap.Id)
 	affected := object.UpdateLdap(&ldap)
-	resp := wrapActionResponse(affected)
-	if affected {
-		resp.Data2 = ldap
-	}
+
 	if ldap.AutoSync != 0 {
 		object.GetLdapAutoSynchronizer().StartAutoSync(ldap.Id)
 	} else if ldap.AutoSync == 0 && prevLdap.AutoSync != 0 {
 		object.GetLdapAutoSynchronizer().StopAutoSync(ldap.Id)
 	}

-	c.Data["json"] = resp
+	c.Data["json"] = wrapActionResponse(affected)
 	c.ServeJSON()
 }

@ -203,8 +190,11 @@ func (c *ApiController) DeleteLdap() {
 		return
 	}

+	affected := object.DeleteLdap(&ldap)
+
 	object.GetLdapAutoSynchronizer().StopAutoSync(ldap.Id)
-	c.Data["json"] = wrapActionResponse(object.DeleteLdap(&ldap))
+
+	c.Data["json"] = wrapActionResponse(affected)
 	c.ServeJSON()
 }

@ -225,27 +215,9 @@ func (c *ApiController) SyncLdapUsers() {
 	object.UpdateLdapSyncTime(ldapId)

 	exist, failed := object.SyncLdapUsers(owner, users, ldapId)
-	c.Data["json"] = &Response{Status: "ok", Data: &LdapSyncResp{
+
+	c.ResponseOk(&LdapSyncResp{
 		Exist:  *exist,
 		Failed: *failed,
-	}}
-	c.ServeJSON()
-}
-
-// CheckLdapUsersExist
-// @Tag Account API
-// @Title CheckLdapUserExist
-// @router /check-ldap-users-exist [post]
-func (c *ApiController) CheckLdapUsersExist() {
-	owner := c.Input().Get("owner")
-	var uuids []string
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &uuids)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	exist := object.CheckLdapUuidExist(owner, uuids)
-	c.Data["json"] = &Response{Status: "ok", Data: exist}
-	c.ServeJSON()
+	})
 }
--- a/controllers/service.go
+++ b/controllers/service.go
@ -20,6 +20,7 @@ package controllers
 import (
 	"encoding/json"
 	"fmt"
+	"strings"

 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
@ -80,7 +81,7 @@ func (c *ApiController) SendEmail() {
 		c.ResponseOk()
 	}

-	if util.IsStrsEmpty(emailForm.Title, emailForm.Content, emailForm.Sender) {
+	if util.IsStringsEmpty(emailForm.Title, emailForm.Content, emailForm.Sender) {
 		c.ResponseError(fmt.Sprintf(c.T("service:Empty parameters for emailForm: %v"), emailForm))
 		return
 	}
@ -97,8 +98,11 @@ func (c *ApiController) SendEmail() {
 		return
 	}

+	code := "123456"
+	// "You have requested a verification code at Casdoor. Here is your code: %s, please enter in 5 minutes."
+	content := fmt.Sprintf(emailForm.Content, code)
 	for _, receiver := range emailForm.Receivers {
-		err = object.SendEmail(provider, emailForm.Title, emailForm.Content, receiver, emailForm.Sender)
+		err = object.SendEmail(provider, emailForm.Title, content, receiver, emailForm.Sender)
 		if err != nil {
 			c.ResponseError(err.Error())
 			return
@ -130,18 +134,9 @@ func (c *ApiController) SendSms() {
 		return
 	}

-	org := object.GetOrganization(smsForm.OrgId)
-	var invalidReceivers []string
-	for idx, receiver := range smsForm.Receivers {
-		if !util.IsPhoneCnValid(receiver) {
-			invalidReceivers = append(invalidReceivers, receiver)
-		} else {
-			smsForm.Receivers[idx] = fmt.Sprintf("+%s%s", org.PhonePrefix, receiver)
-		}
-	}
-
+	invalidReceivers := getInvalidSmsReceivers(smsForm)
 	if len(invalidReceivers) != 0 {
-		c.ResponseError(fmt.Sprintf(c.T("service:Invalid phone receivers: %s"), invalidReceivers))
+		c.ResponseError(fmt.Sprintf(c.T("service:Invalid phone receivers: %s"), strings.Join(invalidReceivers, ", ")))
 		return
 	}

--- a/controllers/system_info.go
+++ b/controllers/system_info.go
@ -15,16 +15,9 @@
 package controllers

 import (
-	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )

-type SystemInfo struct {
-	MemoryUsed  uint64    `json:"memory_used"`
-	MemoryTotal uint64    `json:"memory_total"`
-	CpuUsage    []float64 `json:"cpu_usage"`
-}
-
 // GetSystemInfo
 // @Title GetSystemInfo
 // @Tag System API
@ -33,50 +26,32 @@ type SystemInfo struct {
 // @Success 200 {object} object.SystemInfo The Response object
 // @router /get-system-info [get]
 func (c *ApiController) GetSystemInfo() {
-	id := c.GetString("id")
-	if id == "" {
-		id = c.GetSessionUsername()
-	}
-
-	user := object.GetUser(id)
-	if user == nil || !user.IsGlobalAdmin {
-		c.ResponseError(c.T("auth:Unauthorized operation"))
+	_, ok := c.RequireAdmin()
+	if !ok {
 		return
 	}

-	cpuUsage, err := util.GetCpuUsage()
+	systemInfo, err := util.GetSystemInfo()
 	if err != nil {
 		c.ResponseError(err.Error())
 		return
 	}

-	memoryUsed, memoryTotal, err := util.GetMemoryUsage()
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
+	c.ResponseOk(systemInfo)
 }

-	c.Data["json"] = SystemInfo{
-		CpuUsage:    cpuUsage,
-		MemoryUsed:  memoryUsed,
-		MemoryTotal: memoryTotal,
-	}
-	c.ServeJSON()
-}
-
-// GitRepoVersion
-// @Title GitRepoVersion
+// GetVersionInfo
+// @Title GetVersionInfo
 // @Tag System API
-// @Description get local github repo's latest release version info
-// @Success 200 {string} local latest version hash of casdoor
-// @router /get-release [get]
-func (c *ApiController) GitRepoVersion() {
-	version, err := util.GetGitRepoVersion()
+// @Description get local git repo's latest release version info
+// @Success 200 {string} local latest version hash of Casdoor
+// @router /get-version-info [get]
+func (c *ApiController) GetVersionInfo() {
+	versionInfo, err := util.GetVersionInfo()
 	if err != nil {
 		c.ResponseError(err.Error())
 		return
 	}

-	c.Data["json"] = version
-	c.ServeJSON()
+	c.ResponseOk(versionInfo)
 }
--- a/controllers/user.go
+++ b/controllers/user.go
@ -231,24 +231,20 @@ func (c *ApiController) DeleteUser() {
 // @Param   username    formData   string  true        "The username of the user"
 // @Param   organization    formData   string  true        "The organization of the user"
 // @Success 200 {object} controllers.Response The Response object
-// @router /get-email-and-phone [post]
+// @router /get-email-and-phone [get]
 func (c *ApiController) GetEmailAndPhone() {
-	var form RequestForm
-	err := json.Unmarshal(c.Ctx.Input.RequestBody, &form)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
+	organization := c.Ctx.Request.Form.Get("organization")
+	username := c.Ctx.Request.Form.Get("username")

-	user := object.GetUserByFields(form.Organization, form.Username)
+	user := object.GetUserByFields(organization, username)
 	if user == nil {
-		c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), util.GetId(form.Organization, form.Username)))
+		c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), util.GetId(organization, username)))
 		return
 	}

 	respUser := object.User{Name: user.Name}
 	var contentType string
-	switch form.Username {
+	switch username {
 	case user.Email:
 		contentType = "email"
 		respUser.Email = user.Email
@ -281,7 +277,7 @@ func (c *ApiController) SetPassword() {
 	newPassword := c.Ctx.Request.Form.Get("newPassword")

 	requestUserId := c.GetSessionUsername()
-	userId := fmt.Sprintf("%s/%s", userOwner, userName)
+	userId := util.GetId(userOwner, userName)

 	hasPermission, err := object.CheckUserPermission(requestUserId, userId, userOwner, true, c.GetAcceptLanguage())
 	if !hasPermission {
@ -311,8 +307,7 @@ func (c *ApiController) SetPassword() {

 	targetUser.Password = newPassword
 	object.SetUserField(targetUser, "password", targetUser.Password)
-	c.Data["json"] = Response{Status: "ok"}
-	c.ServeJSON()
+	c.ResponseOk()
 }

 // CheckUserPassword
--- a/controllers/user_util.go
+++ b/controllers/user_util.go
@ -62,6 +62,10 @@ func checkPermissionForUpdateUser(userId string, newUser object.User, c *ApiCont
 		item := object.GetAccountItemByName("Phone", organization)
 		itemsChanged = append(itemsChanged, item)
 	}
+	if oldUser.CountryCode != newUser.CountryCode {
+		item := object.GetAccountItemByName("Country code", organization)
+		itemsChanged = append(itemsChanged, item)
+	}
 	if oldUser.Region != newUser.Region {
 		item := object.GetAccountItemByName("Country/Region", organization)
 		itemsChanged = append(itemsChanged, item)
--- a/controllers/util.go
+++ b/controllers/util.go
@ -17,7 +17,6 @@ package controllers
 import (
 	"fmt"
 	"strconv"
-	"strings"

 	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/i18n"
@ -56,11 +55,8 @@ func (c *ApiController) T(error string) string {

 // GetAcceptLanguage ...
 func (c *ApiController) GetAcceptLanguage() string {
-	lang := c.Ctx.Request.Header.Get("Accept-Language")
-	if lang == "" || !strings.Contains(conf.GetConfigString("languages"), lang[0:2]) {
-		lang = "en"
-	}
-	return lang[0:2]
+	language := c.Ctx.Request.Header.Get("Accept-Language")
+	return conf.GetLanguage(language)
 }

 // SetTokenErrorHttpStatus ...
@ -201,3 +197,14 @@ func checkQuotaForUser(count int) error {
 	}
 	return nil
 }
+
+func getInvalidSmsReceivers(smsForm SmsForm) []string {
+	var invalidReceivers []string
+	for _, receiver := range smsForm.Receivers {
+		// The receiver phone format: E164 like +8613854673829 +441932567890
+		if !util.IsPhoneValid(receiver, "") {
+			invalidReceivers = append(invalidReceivers, receiver)
+		}
+	}
+	return invalidReceivers
+}
--- a/controllers/verification.go
+++ b/controllers/verification.go
@ -24,6 +24,13 @@ import (
 	"github.com/casdoor/casdoor/util"
 )

+const (
+	SignupVerification = "signup"
+	ResetVerification  = "reset"
+	LoginVerification  = "login"
+	ForgetVerification = "forget"
+)
+
 func (c *ApiController) getCurrentUser() *object.User {
 	var user *object.User
 	userId := c.GetSessionUsername()
@ -42,18 +49,15 @@ func (c *ApiController) getCurrentUser() *object.User {
 func (c *ApiController) SendVerificationCode() {
 	destType := c.Ctx.Request.Form.Get("type")
 	dest := c.Ctx.Request.Form.Get("dest")
+	countryCode := c.Ctx.Request.Form.Get("countryCode")
 	checkType := c.Ctx.Request.Form.Get("checkType")
-	checkId := c.Ctx.Request.Form.Get("checkId")
-	checkKey := c.Ctx.Request.Form.Get("checkKey")
-	checkUser := c.Ctx.Request.Form.Get("checkUser")
+	clientSecret := c.Ctx.Request.Form.Get("clientSecret")
+	captchaToken := c.Ctx.Request.Form.Get("captchaToken")
 	applicationId := c.Ctx.Request.Form.Get("applicationId")
 	method := c.Ctx.Request.Form.Get("method")
+	checkUser := c.Ctx.Request.Form.Get("checkUser")
 	remoteAddr := util.GetIPFromRequest(c.Ctx.Request)

-	if destType == "" {
-		c.ResponseError(c.T("general:Missing parameter") + ": type.")
-		return
-	}
 	if dest == "" {
 		c.ResponseError(c.T("general:Missing parameter") + ": dest.")
 		return
@ -62,98 +66,104 @@ func (c *ApiController) SendVerificationCode() {
 		c.ResponseError(c.T("general:Missing parameter") + ": applicationId.")
 		return
 	}
-	if !strings.Contains(applicationId, "/") {
-		c.ResponseError(c.T("verification:Wrong parameter") + ": applicationId.")
-		return
-	}
 	if checkType == "" {
 		c.ResponseError(c.T("general:Missing parameter") + ": checkType.")
 		return
 	}
-
-	captchaProvider := captcha.GetCaptchaProvider(checkType)
-
-	if captchaProvider != nil {
-		if checkKey == "" {
-			c.ResponseError(c.T("general:Missing parameter") + ": checkKey.")
+	if !strings.Contains(applicationId, "/") {
+		c.ResponseError(c.T("verification:Wrong parameter") + ": applicationId.")
 		return
 	}
-		isHuman, err := captchaProvider.VerifyCaptcha(checkKey, checkId)
-		if err != nil {
+
+	if checkType != "none" {
+		if captchaToken == "" {
+			c.ResponseError(c.T("general:Missing parameter") + ": captchaToken.")
+			return
+		}
+
+		if captchaProvider := captcha.GetCaptchaProvider(checkType); captchaProvider == nil {
+			c.ResponseError(c.T("general:don't support captchaProvider: ") + checkType)
+			return
+		} else if isHuman, err := captchaProvider.VerifyCaptcha(captchaToken, clientSecret); err != nil {
 			c.ResponseError(err.Error())
 			return
-		}
-
-		if !isHuman {
+		} else if !isHuman {
 			c.ResponseError(c.T("verification:Turing test failed."))
 			return
 		}
 	}

-	user := c.getCurrentUser()
 	application := object.GetApplication(applicationId)
-	organization := object.GetOrganization(fmt.Sprintf("%s/%s", application.Owner, application.Organization))
+	organization := object.GetOrganization(util.GetId(application.Owner, application.Organization))
 	if organization == nil {
 		c.ResponseError(c.T("verification:Organization does not exist"))
 		return
 	}

-	if checkUser == "true" && user == nil && object.GetUserByFields(organization.Name, dest) == nil {
-		c.ResponseError(c.T("general:Please login first"))
-		return
+	var user *object.User
+	// checkUser != "", means method is ForgetVerification
+	if checkUser != "" {
+		owner := application.Organization
+		user = object.GetUser(util.GetId(owner, checkUser))
 	}

 	sendResp := errors.New("invalid dest type")

-	if user == nil && checkUser != "" && checkUser != "true" {
-		name := application.Organization
-		user = object.GetUser(fmt.Sprintf("%s/%s", name, checkUser))
-	}
 	switch destType {
 	case "email":
-		if user != nil && util.GetMaskedEmail(user.Email) == dest {
-			dest = user.Email
-		}
 		if !util.IsEmailValid(dest) {
 			c.ResponseError(c.T("verification:Email is invalid"))
 			return
 		}

-		userByEmail := object.GetUserByEmail(organization.Name, dest)
-		if userByEmail == nil && method != "signup" && method != "reset" {
+		if method == LoginVerification || method == ForgetVerification {
+			if user != nil && util.GetMaskedEmail(user.Email) == dest {
+				dest = user.Email
+			}
+
+			user = object.GetUserByEmail(organization.Name, dest)
+			if user == nil {
 				c.ResponseError(c.T("verification:the user does not exist, please sign up first"))
 				return
 			}
+		} else if method == ResetVerification {
+			user = c.getCurrentUser()
+		}

 		provider := application.GetEmailProvider()
 		sendResp = object.SendVerificationCodeToEmail(organization, user, provider, remoteAddr, dest)
 	case "phone":
+		if method == LoginVerification || method == ForgetVerification {
 			if user != nil && util.GetMaskedPhone(user.Phone) == dest {
 				dest = user.Phone
 			}
-		if !util.IsPhoneCnValid(dest) {
-			c.ResponseError(c.T("verification:Phone number is invalid"))
-			return
-		}

-		userByPhone := object.GetUserByPhone(organization.Name, dest)
-		if userByPhone == nil && method != "signup" && method != "reset" {
+			if user = object.GetUserByPhone(organization.Name, dest); user == nil {
 				c.ResponseError(c.T("verification:the user does not exist, please sign up first"))
 				return
 			}

-		dest = fmt.Sprintf("+%s%s", organization.PhonePrefix, dest)
+			countryCode = user.GetCountryCode(countryCode)
+		} else if method == ResetVerification {
+			if user = c.getCurrentUser(); user != nil {
+				countryCode = user.GetCountryCode(countryCode)
+			}
+		}
+
 		provider := application.GetSmsProvider()
-		sendResp = object.SendVerificationCodeToPhone(organization, user, provider, remoteAddr, dest)
+		if phone, ok := util.GetE164Number(dest, countryCode); !ok {
+			c.ResponseError(fmt.Sprintf(c.T("verification:Phone number is invalid in your region %s"), countryCode))
+			return
+		} else {
+			sendResp = object.SendVerificationCodeToPhone(organization, user, provider, remoteAddr, phone)
+		}
 	}

 	if sendResp != nil {
-		c.Data["json"] = Response{Status: "error", Msg: sendResp.Error()}
+		c.ResponseError(sendResp.Error())
 	} else {
-		c.Data["json"] = Response{Status: "ok"}
+		c.ResponseOk()
 	}
-
-	c.ServeJSON()
 }

 // ResetEmailOrPhone ...
@ -169,7 +179,8 @@ func (c *ApiController) ResetEmailOrPhone() {
 	destType := c.Ctx.Request.Form.Get("type")
 	dest := c.Ctx.Request.Form.Get("dest")
 	code := c.Ctx.Request.Form.Get("code")
-	if len(dest) == 0 || len(code) == 0 || len(destType) == 0 {
+
+	if util.IsStringsEmpty(destType, dest, code) {
 		c.ResponseError(c.T("general:Missing parameter"))
 		return
 	}
@ -177,7 +188,7 @@ func (c *ApiController) ResetEmailOrPhone() {
 	checkDest := dest
 	organization := object.GetOrganizationByUser(user)
 	if destType == "phone" {
-		if object.HasUserByField(user.Owner, "phone", user.Phone) {
+		if object.HasUserByField(user.Owner, "phone", dest) {
 			c.ResponseError(c.T("check:Phone already exists"))
 			return
 		}
@ -192,14 +203,12 @@ func (c *ApiController) ResetEmailOrPhone() {
 			c.ResponseError(errMsg)
 			return
 		}
-
-		phonePrefix := "86"
-		if organization != nil && organization.PhonePrefix != "" {
-			phonePrefix = organization.PhonePrefix
+		if checkDest, ok = util.GetE164Number(dest, user.GetCountryCode("")); !ok {
+			c.ResponseError(fmt.Sprintf(c.T("verification:Phone number is invalid in your region %s"), user.CountryCode))
+			return
 		}
-		checkDest = fmt.Sprintf("+%s%s", phonePrefix, dest)
 	} else if destType == "email" {
-		if object.HasUserByField(user.Owner, "email", user.Email) {
+		if object.HasUserByField(user.Owner, "email", dest) {
 			c.ResponseError(c.T("check:Email already exists"))
 			return
 		}
@ -215,8 +224,8 @@ func (c *ApiController) ResetEmailOrPhone() {
 			return
 		}
 	}
-	if ret := object.CheckVerificationCode(checkDest, code, c.GetAcceptLanguage()); len(ret) != 0 {
-		c.ResponseError(ret)
+	if result := object.CheckVerificationCode(checkDest, code, c.GetAcceptLanguage()); result.Code != object.VerificationSuccess {
+		c.ResponseError(result.Msg)
 		return
 	}

@ -233,8 +242,7 @@ func (c *ApiController) ResetEmailOrPhone() {
 	}

 	object.DisableVerificationCode(checkDest)
-	c.Data["json"] = Response{Status: "ok"}
-	c.ServeJSON()
+	c.ResponseOk()
 }

 // VerifyCaptcha ...
--- a/controllers/webauthn.go
+++ b/controllers/webauthn.go
@ -21,8 +21,8 @@ import (

 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
-	"github.com/duo-labs/webauthn/protocol"
-	"github.com/duo-labs/webauthn/webauthn"
+	"github.com/go-webauthn/webauthn/protocol"
+	"github.com/go-webauthn/webauthn/webauthn"
 )

 // WebAuthnSignupBegin
--- a/go.mod
+++ b/go.mod
@ -3,51 +3,55 @@ module github.com/casdoor/casdoor
 go 1.16

 require (
+	github.com/Masterminds/squirrel v1.5.3
 	github.com/RobotsAndPencils/go-saml v0.0.0-20170520135329-fb13cb52a46b
 	github.com/alexedwards/argon2id v0.0.0-20211130144151-3585854a6387
+	github.com/aliyun/alibaba-cloud-sdk-go v1.62.188 // indirect
 	github.com/aws/aws-sdk-go v1.44.4
 	github.com/beego/beego v1.12.11
 	github.com/beevik/etree v1.1.0
 	github.com/casbin/casbin/v2 v2.30.1
-	github.com/casdoor/go-sms-sender v0.5.1
+	github.com/casdoor/go-sms-sender v0.6.1
 	github.com/casdoor/gomail/v2 v2.0.1
 	github.com/casdoor/oss v1.2.0
 	github.com/casdoor/xorm-adapter/v3 v3.0.4
 	github.com/dchest/captcha v0.0.0-20200903113550-03f5f0333e1f
 	github.com/denisenkom/go-mssqldb v0.9.0
-	github.com/duo-labs/webauthn v0.0.0-20211221191814-a22482edaa3b
 	github.com/forestmgy/ldapserver v1.1.0
+	github.com/go-git/go-git/v5 v5.6.0
 	github.com/go-ldap/ldap/v3 v3.3.0
+	github.com/go-mysql-org/go-mysql v1.7.0
 	github.com/go-pay/gopay v1.5.72
-	github.com/go-sql-driver/mysql v1.5.0
-	github.com/golang-jwt/jwt/v4 v4.2.0
+	github.com/go-sql-driver/mysql v1.6.0
+	github.com/go-webauthn/webauthn v0.8.2
+	github.com/golang-jwt/jwt/v4 v4.5.0
 	github.com/golang/snappy v0.0.4 // indirect
-	github.com/google/go-cmp v0.5.8 // indirect
-	github.com/google/uuid v1.2.0
+	github.com/google/uuid v1.3.0
 	github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0 // indirect
 	github.com/lestrrat-go/jwx v1.2.21
 	github.com/lib/pq v1.8.0
 	github.com/lor00x/goldap v0.0.0-20180618054307-a546dffdd1a3
 	github.com/markbates/goth v1.75.2
 	github.com/nu7hatch/gouuid v0.0.0-20131221200532-179d4d0c4d8d // indirect
+	github.com/nyaruka/phonenumbers v1.1.5
 	github.com/qiangmzsx/string-adapter/v2 v2.1.0
 	github.com/robfig/cron/v3 v3.0.1
 	github.com/russellhaering/gosaml2 v0.6.0
 	github.com/russellhaering/goxmldsig v1.1.1
 	github.com/satori/go.uuid v1.2.0
 	github.com/shirou/gopsutil v3.21.11+incompatible
+	github.com/siddontang/go-log v0.0.0-20190221022429-1e957dd83bed
 	github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e
-	github.com/stretchr/testify v1.8.0
+	github.com/stretchr/testify v1.8.1
 	github.com/tealeg/xlsx v1.0.5
 	github.com/thanhpk/randstr v1.0.4
 	github.com/tklauser/go-sysconf v0.3.10 // indirect
 	github.com/xorm-io/core v0.7.4
 	github.com/xorm-io/xorm v1.1.6
 	github.com/yusufpapurcu/wmi v1.2.2 // indirect
-	golang.org/x/crypto v0.0.0-20220214200702-86341886e292
-	golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd
+	golang.org/x/crypto v0.6.0
+	golang.org/x/net v0.6.0
 	golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914
-	golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/square/go-jose.v2 v2.6.0
 	gopkg.in/yaml.v2 v2.3.0 // indirect
--- a/go.sum
+++ b/go.sum
@ -58,8 +58,17 @@ github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym
 github.com/Knetic/govaluate v3.0.0+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0=
 github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible h1:1G1pk05UrOh0NlF1oeaaix1x8XzrfjIDK47TY0Zehcw=
 github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0=
+github.com/Masterminds/squirrel v1.5.3 h1:YPpoceAcxuzIljlr5iWpNKaql7hLeG1KLSrhvdHpkZc=
+github.com/Masterminds/squirrel v1.5.3/go.mod h1:NNaOrjSoIDfDA40n7sr2tPNZRfjzjA400rg+riTZj10=
+github.com/Microsoft/go-winio v0.5.2 h1:a9IhgEQBCUEk6QCdml9CiJGhAws+YwffDHEMp1VMrpA=
+github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY=
+github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
+github.com/ProtonMail/go-crypto v0.0.0-20221026131551-cf6655e29de4 h1:ra2OtmuW0AE5csawV4YXMNGNQQXvLRps3z2Z59OPO+I=
+github.com/ProtonMail/go-crypto v0.0.0-20221026131551-cf6655e29de4/go.mod h1:UBYPn8k0D56RtnR8RFQMjmh4KrZzWJ5o7Z9SYjossQ8=
 github.com/RobotsAndPencils/go-saml v0.0.0-20170520135329-fb13cb52a46b h1:EgJ6N2S0h1WfFIjU5/VVHWbMSVYXAluop97Qxpr/lfQ=
 github.com/RobotsAndPencils/go-saml v0.0.0-20170520135329-fb13cb52a46b/go.mod h1:3SAoF0F5EbcOuBD5WT9nYkbIJieBS84cUQXADbXeBsU=
+github.com/acomagu/bufpipe v1.0.3 h1:fxAGrHZTgQ9w5QqVItgzwj235/uYZYgbXitB+dLupOk=
+github.com/acomagu/bufpipe v1.0.3/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4=
 github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
@ -68,10 +77,16 @@ github.com/alexedwards/argon2id v0.0.0-20211130144151-3585854a6387 h1:loy0fjI90v
 github.com/alexedwards/argon2id v0.0.0-20211130144151-3585854a6387/go.mod h1:GuR5j/NW7AU7tDAQUDGCtpiPxWIOy/c3kiRDnlwiCHc=
 github.com/alicebob/gopher-json v0.0.0-20180125190556-5a6b3ba71ee6/go.mod h1:SGnFV6hVsYE877CKEZ6tDNTjaSXYUk6QqoIK6PrAtcc=
 github.com/alicebob/miniredis v2.5.0+incompatible/go.mod h1:8HZjEj4yU0dwhYHky+DxYx+6BMjkBbe5ONFIF1MXffk=
-github.com/aliyun/alibaba-cloud-sdk-go v1.61.1075 h1:Z0SzZttfYI/raZ5O9WF3cezZJTSW4Yz4Kow9uWdyRwg=
 github.com/aliyun/alibaba-cloud-sdk-go v1.61.1075/go.mod h1:pUKYbK5JQ+1Dfxk80P0qxGqe5dkxDoabbZS7zOcouyA=
+github.com/aliyun/alibaba-cloud-sdk-go v1.62.188 h1:8lIVcOlHW+fKCGMEf6nuGTTEFOt/EZJPZ8oq0kTlhGk=
+github.com/aliyun/alibaba-cloud-sdk-go v1.62.188/go.mod h1:Api2AkmMgGaSUAhmk76oaFObkoeCPc/bKAqcyplPODs=
 github.com/aliyun/aliyun-oss-go-sdk v2.2.2+incompatible h1:9gWa46nstkJ9miBReJcN8Gq34cBFbzSpQZVVT9N09TM=
 github.com/aliyun/aliyun-oss-go-sdk v2.2.2+incompatible/go.mod h1:T/Aws4fEfogEE9v+HPhhw+CntffsBHJ8nXQCwKr0/g8=
+github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8=
+github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuWl6zY27l47sB3qLNK6tF2fkHG55UZxx8oIVo4=
+github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
+github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio=
+github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
 github.com/avast/retry-go v3.0.0+incompatible/go.mod h1:XtSnn+n/sHqQIpZ10K1qAevBhOOCWBLXXy3hyiqqBrY=
 github.com/aws/aws-sdk-go v1.44.4 h1:ePN0CVJMdiz2vYUcJH96eyxRrtKGSDMgyhP6rah2OgE=
 github.com/aws/aws-sdk-go v1.44.4/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo=
@ -83,19 +98,22 @@ github.com/beego/goyaml2 v0.0.0-20130207012346-5545475820dd/go.mod h1:1b+Y/CofkY
 github.com/beego/x2j v0.0.0-20131220205130-a0352aadc542/go.mod h1:kSeGC/p1AbBiEp5kat81+DSQrZenVBZXklMLaELspWU=
 github.com/beevik/etree v1.1.0 h1:T0xke/WvNtMoCqgzPhkX2r4rjY3GDZFi+FjpRZY2Jbs=
 github.com/beevik/etree v1.1.0/go.mod h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A=
+github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8=
+github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
 github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
 github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
 github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
 github.com/bradfitz/gomemcache v0.0.0-20180710155616-bc664df96737/go.mod h1:PmM6Mmwb0LSuEubjR8N7PtNe1KxZLtOUHtbeikc5h60=
+github.com/bwesterb/go-ristretto v1.2.0/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0=
 github.com/casbin/casbin v1.7.0 h1:PuzlE8w0JBg/DhIqnkF1Dewf3z+qmUZMVN07PonvVUQ=
 github.com/casbin/casbin v1.7.0/go.mod h1:c67qKN6Oum3UF5Q1+BByfFxkwKvhwW57ITjqwtzR1KE=
 github.com/casbin/casbin/v2 v2.1.0/go.mod h1:YcPU1XXisHhLzuxH9coDNf2FbKpjGlbCg3n9yuLkIJQ=
 github.com/casbin/casbin/v2 v2.28.3/go.mod h1:vByNa/Fchek0KZUgG5wEsl7iFsiviAYKRtgrQfcJqHg=
 github.com/casbin/casbin/v2 v2.30.1 h1:P5HWadDL7olwUXNdcuKUBk+x75Y2eitFxYTcLNKeKF0=
 github.com/casbin/casbin/v2 v2.30.1/go.mod h1:vByNa/Fchek0KZUgG5wEsl7iFsiviAYKRtgrQfcJqHg=
-github.com/casdoor/go-sms-sender v0.5.1 h1:1/Wp1OLkVAVY4lEGQhekSNetSAWhnPcxYPV7xpCZgC0=
-github.com/casdoor/go-sms-sender v0.5.1/go.mod h1:kBykbqwgRDXbXdMAIxmZKinVM1WjdqEbej5LAbUbcfI=
+github.com/casdoor/go-sms-sender v0.6.1 h1:35HuxpuQ0jGAoRE0/E5lAchYpeoFwaB5NGsEA52/t9c=
+github.com/casdoor/go-sms-sender v0.6.1/go.mod h1:kBykbqwgRDXbXdMAIxmZKinVM1WjdqEbej5LAbUbcfI=
 github.com/casdoor/gomail/v2 v2.0.1 h1:J+FG6x80s9e5lBHUn8Sv0Y56mud34KiWih5YdmudR/w=
 github.com/casdoor/gomail/v2 v2.0.1/go.mod h1:VnGPslEAtpix5FjHisR/WKB1qvZDBaujbikxDe9d+2Q=
 github.com/casdoor/oss v1.2.0 h1:ozLAE+nnNdFQBWbzH8U9spzaO8h8NrB57lBcdyMUUQ8=
@ -103,21 +121,34 @@ github.com/casdoor/oss v1.2.0/go.mod h1:qii35VBuxnR/uEuYSKpS0aJ8htQFOcCVsZ4FHgHL
 github.com/casdoor/xorm-adapter/v3 v3.0.4 h1:vB04Ao8n2jA7aFBI9F+gGXo9+Aa1IQP6mTdo50913DM=
 github.com/casdoor/xorm-adapter/v3 v3.0.4/go.mod h1:4WTcUw+bTgBylGHeGHzTtBvuTXRS23dtwzFLl9tsgFM=
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
+github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko=
+github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
 github.com/cespare/xxhash/v2 v2.1.1 h1:6MnRN8NT7+YBpUIWxHtefFZOKTAPgGjpQSxqLNn0+qY=
 github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
 github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
 github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
 github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
-github.com/cloudflare/cfssl v0.0.0-20190726000631-633726f6bcb7 h1:Puu1hUwfps3+1CUzYdAZXijuvLuRMirgiXdf3zsM2Ig=
-github.com/cloudflare/cfssl v0.0.0-20190726000631-633726f6bcb7/go.mod h1:yMWuSON2oQp+43nFtAV/uvKQIFpSPerB57DCt9t8sSA=
+github.com/cloudflare/circl v1.1.0 h1:bZgT/A+cikZnKIwn7xL2OBj012Bmvho/o6RpRvv3GKY=
+github.com/cloudflare/circl v1.1.0/go.mod h1:prBCrKB9DV4poKZY1l9zBXg2QJY7mvgRvtMxxK7fi4I=
 github.com/cloudflare/golz4 v0.0.0-20150217214814-ef862a3cdc58/go.mod h1:EOBUe0h4xcZ5GoxqC5SDxFQ8gwyZPKQoEzownBlhI80=
 github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
+github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk=
+github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
+github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk=
+github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
+github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
+github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
 github.com/couchbase/go-couchbase v0.0.0-20201216133707-c04035124b17/go.mod h1:+/bddYDxXsf9qt0xpDUtRR47A2GjaXmGGAqQ/k3GJ8A=
 github.com/couchbase/gomemcached v0.1.2-0.20201224031647-c432ccf49f32/go.mod h1:mxliKQxOv84gQ0bJWbI+w9Wxdpt9HjDvgW9MjCym5Vo=
 github.com/couchbase/goutils v0.0.0-20210118111533-e33d3ffb5401/go.mod h1:BQwMFlJzDjFDG3DJUdU0KORxn88UlsOULuxLExMh3Hs=
+github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE=
+github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/cupcake/rdb v0.0.0-20161107195141-43ba34106c76/go.mod h1:vYwsqCOLxGiisLwp9rITslkFNpZD5rz43tf41QFkTWY=
+github.com/cznic/mathutil v0.0.0-20181122101859-297441e03548/go.mod h1:e6NPNENfs9mPDVNRekM7lKScauxd5kXTr1Mfyig6TDM=
+github.com/cznic/sortutil v0.0.0-20181122101858-f5f958428db8/go.mod h1:q2w6Bg5jeox1B+QkJ6Wp/+Vn0G/bo3f1uY7Fn3vivIQ=
+github.com/cznic/strutil v0.0.0-20171016134553-529a34b1c186/go.mod h1:AHHPPPXTw0h6pVabbcbyGRK1DckRn7r/STdZEeIDzZc=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@ -128,14 +159,16 @@ github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.0-20210816181553-5444fa50b93d h1:
 github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.0-20210816181553-5444fa50b93d/go.mod h1:tmAIfUFEirG/Y8jhZ9M+h36obRZAk/1fcSpXwAVlfqE=
 github.com/denisenkom/go-mssqldb v0.9.0 h1:RSohk2RsiZqLZ0zCjtfn3S4Gp4exhpBWHyQ7D0yGjAk=
 github.com/denisenkom/go-mssqldb v0.9.0/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU=
-github.com/duo-labs/webauthn v0.0.0-20211221191814-a22482edaa3b h1:L63RATZFZuFMXy6ixnKmv3eNAXwYQF6HW1vd4IYsQqQ=
-github.com/duo-labs/webauthn v0.0.0-20211221191814-a22482edaa3b/go.mod h1:EYSpSkwoEcryMmQGfhol2IiB3IMN9IIIaNd/wcAQMGQ=
+github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
+github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no=
 github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo=
 github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
 github.com/edsrzf/mmap-go v0.0.0-20170320065105-0bce6a688712/go.mod h1:YO35OhQPt3KJa3ryjFM5Bs14WD66h8eGKpfaBNrHW5M=
 github.com/elastic/go-elasticsearch/v6 v6.8.5/go.mod h1:UwaDJsD3rWLM5rKNFzv9hgox93HoX8utj1kxD9aFUcI=
 github.com/elazarl/go-bindata-assetfs v1.0.0 h1:G/bYguwHIzWq9ZoyUQqrjTmJbbYn3j3CKKpKinvZLFk=
 github.com/elazarl/go-bindata-assetfs v1.0.0/go.mod h1:v+YaWX3bdea5J/mo8dSETolEo7R71Vk1u8bnjau5yw4=
+github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc=
+github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ=
 github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
@ -145,11 +178,23 @@ github.com/forestmgy/ldapserver v1.1.0/go.mod h1:1RZ8lox1QSY7rmbjdmy+sYQXY4Lp7Sp
 github.com/form3tech-oss/jwt-go v3.2.2+incompatible h1:TcekIExNqud5crz4xD2pavyTgWiPvpYe4Xau31I0PRk=
 github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k=
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
-github.com/fxamacker/cbor/v2 v2.2.0 h1:6eXqdDDe588rSYAi1HfZKbx6YYQO4mxQ9eC6xYpU/JQ=
-github.com/fxamacker/cbor/v2 v2.2.0/go.mod h1:TA1xS00nchWmaBnEIxPSE5oHLuJBAVvqrtAnWBwBCVo=
+github.com/fxamacker/cbor/v2 v2.4.0 h1:ri0ArlOR+5XunOP8CRUowT0pSJOwhW098ZCUyskZD88=
+github.com/fxamacker/cbor/v2 v2.4.0/go.mod h1:TA1xS00nchWmaBnEIxPSE5oHLuJBAVvqrtAnWBwBCVo=
+github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
 github.com/glendc/gopher-json v0.0.0-20170414221815-dc4743023d0c/go.mod h1:Gja1A+xZ9BoviGJNA2E9vFkPjjsl+CoJxSXiQM1UXtw=
+github.com/gliderlabs/ssh v0.3.5 h1:OcaySEmAQJgyYcArR+gGGTHCyE7nvhEMTlYY+Dp8CpY=
+github.com/gliderlabs/ssh v0.3.5/go.mod h1:8XB4KraRrX39qHhT6yxPsHedjA08I/uBVwj4xC+/+z4=
 github.com/go-asn1-ber/asn1-ber v1.5.1 h1:pDbRAunXzIUXfx4CB2QJFv5IuPiuoW+sWvr/Us009o8=
 github.com/go-asn1-ber/asn1-ber v1.5.1/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0=
+github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4=
+github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E=
+github.com/go-git/go-billy/v5 v5.3.1/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0=
+github.com/go-git/go-billy/v5 v5.4.0 h1:Vaw7LaSTRJOUric7pe4vnzBSgyuf2KrLsu2Y4ZpQBDE=
+github.com/go-git/go-billy/v5 v5.4.0/go.mod h1:vjbugF6Fz7JIflbVpl1hJsGjSHNltrSw45YK/ukIvQg=
+github.com/go-git/go-git-fixtures/v4 v4.3.1 h1:y5z6dd3qi8Hl+stezc8p3JxDkoTRqMAlKnXHuzrfjTQ=
+github.com/go-git/go-git-fixtures/v4 v4.3.1/go.mod h1:8LHG1a3SRW71ettAD/jW13h8c6AqjVSeL11RAdgaqpo=
+github.com/go-git/go-git/v5 v5.6.0 h1:JvBdYfcttd+0kdpuWO7KTu0FYgCf5W0t5VwkWGobaa4=
+github.com/go-git/go-git/v5 v5.6.0/go.mod h1:6nmJ0tJ3N4noMV1Omv7rC5FG3/o8Cm51TB4CJp7mRmE=
 github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
 github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
 github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
@ -159,6 +204,8 @@ github.com/go-ldap/ldap/v3 v3.3.0 h1:lwx+SJpgOHd8tG6SumBQZXCmNX51zM8B1cfxJ5gv4tQ
 github.com/go-ldap/ldap/v3 v3.3.0/go.mod h1:iYS1MdmrmceOJ1QOTnRXrIs7i3kloqtmGQjRvjKpyMg=
 github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
 github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk=
+github.com/go-mysql-org/go-mysql v1.7.0 h1:qE5FTRb3ZeTQmlk3pjE+/m2ravGxxRDrVDTyDe9tvqI=
+github.com/go-mysql-org/go-mysql v1.7.0/go.mod h1:9cRWLtuXNKhamUPMkrDVzBhaomGvqLRLtBiyjvjc4pk=
 github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY=
 github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
 github.com/go-pay/gopay v1.5.72 h1:3zm64xMBhJBa8rXbm//q5UiGgOa4WO5XYEnU394N2Zw=
@ -171,21 +218,28 @@ github.com/go-playground/universal-translator v0.18.0/go.mod h1:UvRDBj+xPUEGrFYl
 github.com/go-playground/validator/v10 v10.8.0/go.mod h1:9JhgTzTaE31GZDpH/HSvHiRJrJ3iKAgqqH0Bl/Ocjdk=
 github.com/go-redis/redis v6.14.2+incompatible/go.mod h1:NAIEuMOZ/fxfXJIrKDQDz8wamY7mA7PouImQ2Jvg6kA=
 github.com/go-sql-driver/mysql v1.4.1/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w=
-github.com/go-sql-driver/mysql v1.5.0 h1:ozyZYNQW3x3HtqT1jira07DN2PArx2v7/mN66gGcHOs=
 github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
+github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfCHuOE=
+github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
 github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
+github.com/go-webauthn/revoke v0.1.9 h1:gSJ1ckA9VaKA2GN4Ukp+kiGTk1/EXtaDb1YE8RknbS0=
+github.com/go-webauthn/revoke v0.1.9/go.mod h1:j6WKPnv0HovtEs++paan9g3ar46gm1NarktkXBaPR+w=
+github.com/go-webauthn/webauthn v0.8.2 h1:8KLIbpldjz9KVGHfqEgJNbkhd7bbRXhNw4QWFJE15oA=
+github.com/go-webauthn/webauthn v0.8.2/go.mod h1:d+ezx/jMCNDiqSMzOchuynKb9CVU1NM9BumOnokfcVQ=
 github.com/goccy/go-json v0.9.6 h1:5/4CtRQdtsX0sal8fdVhTaiMN01Ri8BExZZ8iRmHQ6E=
 github.com/goccy/go-json v0.9.6/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
 github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
+github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4=
 github.com/goji/httpauth v0.0.0-20160601135302-2da839ab0f4d/go.mod h1:nnjvkQ9ptGaCkuDUx6wNykzzlUixGxvkme+H/lnzb+A=
 github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
 github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
-github.com/golang-jwt/jwt/v4 v4.1.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
-github.com/golang-jwt/jwt/v4 v4.2.0 h1:besgBTC8w8HjP6NzQdxwKH9Z5oQMZ24ThTrHp3cZ8eU=
 github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
+github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
+github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
 github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe h1:lXe2qZdvpiX5WZkZR4hgp4KJVfY3nMkvmwbVkpv1rVY=
 github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
+github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
@ -221,8 +275,6 @@ github.com/gomodule/redigo v2.0.0+incompatible h1:K/R+8tc58AaqLkqG2Ol3Qk+DR/TlNu
 github.com/gomodule/redigo v2.0.0+incompatible/go.mod h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4=
 github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
-github.com/google/certificate-transparency-go v1.0.21 h1:Yf1aXowfZ2nuboBsg7iYGLmwsOARdV86pfH3g95wXmE=
-github.com/google/certificate-transparency-go v1.0.21/go.mod h1:QeJfpSbVSfYc7RgB3gJFj9cbuQMMchQxrWXz8Ruopmg=
 github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
 github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
@ -232,8 +284,14 @@ github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
 github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg=
-github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
+github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/go-tpm v0.1.2-0.20190725015402-ae6dd98980d4/go.mod h1:H9HbmUG2YgV/PHITkO7p6wxEEj/v5nlsVWIwumwH2NI=
+github.com/google/go-tpm v0.3.0/go.mod h1:iVLWvrPp/bHeEkxTFi9WG6K9w0iy2yIszHwZGHPbzAw=
+github.com/google/go-tpm v0.3.3 h1:P/ZFNBZYXRxc+z7i5uyd8VP7MaDteuLZInzrH2idRGo=
+github.com/google/go-tpm v0.3.3/go.mod h1:9Hyn3rgnzWF9XBWVk6ml6A6hNkbWjNFlDQL51BeghL4=
+github.com/google/go-tpm-tools v0.0.0-20190906225433-1614c142f845/go.mod h1:AVfHadzbdzHo54inR2x1v640jdi1YSi3NauM2DUsxk0=
+github.com/google/go-tpm-tools v0.2.0/go.mod h1:npUd03rQ60lxN7tzeBJreG38RvWwme2N1reF/eeiBk4=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
 github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
@ -247,8 +305,9 @@ github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hf
 github.com/google/pprof v0.0.0-20200905233945-acf8798be1f7/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
 github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
 github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/google/uuid v1.2.0 h1:qJYtXnJRWmpe7m/3XlyhrsLrEURqHRM2kxzoxXqyUDs=
 github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
+github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
 github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
 github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
@ -260,15 +319,26 @@ github.com/gorilla/pat v0.0.0-20180118222023-199c85a7f6d1 h1:LqbZZ9sNMWVjeXS4NN5
 github.com/gorilla/pat v0.0.0-20180118222023-199c85a7f6d1/go.mod h1:YeAe0gNeiNT5hoiZRI4yiOky6jVdNvfO2N6Kav/HmxY=
 github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4=
 github.com/gorilla/sessions v1.1.1/go.mod h1:8KCfur6+4Mqcc6S0FEfKuN15Vl5MgXW92AE8ovaJD0w=
+github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
+github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
+github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk=
+github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
 github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
 github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
 github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc=
 github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4=
+github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
 github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
 github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
+github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk=
+github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg=
+github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
 github.com/jarcoal/httpmock v0.0.0-20180424175123-9c70cfe4a1da h1:FjHUJJ7oBW4G/9j1KzlHaXL09LyMVM9rupS39lncbXk=
 github.com/jarcoal/httpmock v0.0.0-20180424175123-9c70cfe4a1da/go.mod h1:ks+b9deReOc7jgqp+e7LuFiCBH6Rm5hL32cLcEAArb4=
+github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A=
+github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo=
+github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4=
 github.com/jinzhu/configor v1.2.1 h1:OKk9dsR8i6HPOCZR8BcMtcEImAFjIhbJFZNyn5GCZko=
 github.com/jinzhu/configor v1.2.1/go.mod h1:nX89/MOmDba7ZX7GCyU/VIaQ2Ar2aizBl2d3JLF/rDc=
 github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
@ -276,6 +346,8 @@ github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9Y
 github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
 github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8=
 github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U=
+github.com/jmoiron/sqlx v1.3.3/go.mod h1:2BljVx/86SuTyjE+aPYlHCTNvZrnJXghYGpNiXLBMCQ=
+github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo=
 github.com/jonboulle/clockwork v0.2.0/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8=
 github.com/jonboulle/clockwork v0.2.2 h1:UOGuzwb1PwsrDAObMuhUnj0p5ULPj8V/xJ7Kx9qUBdQ=
 github.com/jonboulle/clockwork v0.2.2/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8=
@ -292,6 +364,9 @@ github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0 h1:iQTw/8FWTuc7uia
 github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0/go.mod h1:1NbS8ALrpOvjt0rHPNLyCIeMtbizbir8U//inJ+zuB8=
 github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs=
 github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
+github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4=
+github.com/kevinburke/ssh_config v1.2.0/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM=
+github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
 github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
@ -304,6 +379,10 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 h1:SOEGU9fKiNWd/HOJuq6+3iTQz8KNCLtVX6idSoTLdUw=
+github.com/lann/builder v0.0.0-20180802200727-47ae307949d0/go.mod h1:dXGbAdH5GtBTC4WfIxhKZfyBF/HBFgRZSWwZ9g/He9o=
+github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 h1:P6pPBnrTSX3DEVR4fDembhRWSsG5rVo6hYhAB/ADZrk=
+github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0/go.mod h1:vmVJ0l/dxyfGW6FmdpVm2joNMFikkuWg0EoCKLGUMNw=
 github.com/ledisdb/ledisdb v0.0.0-20200510135210-d35789ec47e6/go.mod h1:n931TsDuKuq+uX4v1fulaMbA/7ZLLhjc85h7chZGBCQ=
 github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY=
 github.com/lestrrat-go/backoff/v2 v2.0.8 h1:oNb5E5isby2kiro9AgdHLv5N5tint1AnDVVf2E2un5A=
@ -319,15 +398,19 @@ github.com/lestrrat-go/jwx v1.2.21/go.mod h1:9cfxnOH7G1gN75CaJP2hKGcxFEx5sPh1abR
 github.com/lestrrat-go/option v1.0.0 h1:WqAWL8kh8VcSoD6xjSH34/1m8yxluXQbDeKNfvFeEO4=
 github.com/lestrrat-go/option v1.0.0/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I=
 github.com/lib/pq v1.0.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
+github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
 github.com/lib/pq v1.7.0/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
 github.com/lib/pq v1.8.0 h1:9xohqzkUwzR4Ga4ivdTcawVS89YSDVxXMa3xJX3cGzg=
 github.com/lib/pq v1.8.0/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
 github.com/lor00x/goldap v0.0.0-20180618054307-a546dffdd1a3 h1:wIONC+HMNRqmWBjuMxhatuSzHaljStc4gjDeKycxy0A=
 github.com/lor00x/goldap v0.0.0-20180618054307-a546dffdd1a3/go.mod h1:37YR9jabpiIxsb8X9VCIx8qFOjTDIIrIHHODa8C4gz0=
+github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
 github.com/markbates/going v1.0.0 h1:DQw0ZP7NbNlFGcKbcE/IVSOAFzScxRtLpd0rLMzLhq0=
 github.com/markbates/going v1.0.0/go.mod h1:I6mnB4BPnEeqo85ynXIx1ZFLLbtiLHNXVgWeFO9OGOA=
 github.com/markbates/goth v1.75.2 h1:C7KloBMMk50JyXaHhzfqWYLW6+bDcSVIvUGHXneLWro=
 github.com/markbates/goth v1.75.2/go.mod h1:X6xdNgpapSENS0O35iTBBcMHoJDQDfI9bJl+APCkYMc=
+github.com/matryer/is v1.2.0 h1:92UTHpy8CDwaJ08GqLDzhhuixiBUUD1p3AU6PHddz4A=
+github.com/matryer/is v1.2.0/go.mod h1:2fLPjFQM9rhQ15aVEtbuwhJinnOqrmgXPNdZsdwlWXA=
 github.com/mattermost/xml-roundtrip-validator v0.0.0-20201208211235-fe770d50d911 h1:erppMjjp69Rertg1zlgRbLJH1u+eCmRPxKjMZ5I8/Ro=
 github.com/mattermost/xml-roundtrip-validator v0.0.0-20201208211235-fe770d50d911/go.mod h1:qccnGMcpgwcNaBnxqpJpWWUiPNr5H3O8eDgGV9gT5To=
 github.com/mattn/go-ieproxy v0.0.1 h1:qiyop7gCflfhwCzGyeT0gro3sF9AIg9HU98JORTkqfI=
@ -340,8 +423,11 @@ github.com/mattn/go-sqlite3 v2.0.3+incompatible h1:gXHsfypPkaMZrKbD5209QV9jbUTJK
 github.com/mattn/go-sqlite3 v2.0.3+incompatible/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc=
 github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU=
 github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
-github.com/mitchellh/mapstructure v1.1.2 h1:fmNYVwqnSfB9mZU6OS2O6GsXM+wcskZDuKQzvN1EDeE=
+github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
 github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
+github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
+github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
+github.com/mmcloughlin/avo v0.5.0/go.mod h1:ChHFdoV7ql95Wi7vuq2YT1bwCJqiWdZrQ1im3VujLYM=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
@ -354,6 +440,9 @@ github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRW
 github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
 github.com/nu7hatch/gouuid v0.0.0-20131221200532-179d4d0c4d8d h1:VhgPp6v9qf9Agr/56bj7Y/xa04UccTW04VP0Qed4vnQ=
 github.com/nu7hatch/gouuid v0.0.0-20131221200532-179d4d0c4d8d/go.mod h1:YUTz3bUH2ZwIWBy3CJBeOBEugqcmXREj14T+iG/4k4U=
+github.com/nyaruka/phonenumbers v1.1.5 h1:vYy2DI+z5hdaemqVzXYJ4CVyK92IG484CirEY+40GTo=
+github.com/nyaruka/phonenumbers v1.1.5/go.mod h1:yShPJHDSH3aTKzCbXyVxNpbl2kA+F+Ne5Pun/MvFRos=
+github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U=
 github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
 github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
 github.com/onsi/ginkgo v1.12.0 h1:Iw5WCbBcaAAd0fpRb1c9r5YCylv4XDoCSigm1zLevwU=
@ -361,8 +450,22 @@ github.com/onsi/ginkgo v1.12.0/go.mod h1:oUhWkIvk5aDxtKvDDuw8gItl8pKl42LzjC9KZE0
 github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
 github.com/onsi/gomega v1.7.1 h1:K0jcRCwNQM3vFGh1ppMtDh/+7ApJrjldlX8fA0jDTLQ=
 github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
+github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b h1:FfH+VrHHk6Lxt9HdVS0PXzSXFyS2NbZKXv33FYPol0A=
+github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b/go.mod h1:AC62GU6hc0BrNm+9RK9VSiwa/EUe1bkIeFORAMcHvJU=
 github.com/pelletier/go-toml v1.0.1/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
+github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
 github.com/peterh/liner v1.0.1-0.20171122030339-3681c2a91233/go.mod h1:xIteQHvHuaLYG9IFj6mSxM0fCKrs34IrEQUhOYuGPHc=
+github.com/pingcap/check v0.0.0-20190102082844-67f458068fc8 h1:USx2/E1bX46VG32FIw034Au6seQ2fY9NEILmNh/UlQg=
+github.com/pingcap/check v0.0.0-20190102082844-67f458068fc8/go.mod h1:B1+S9LNcuMyLH/4HMTViQOJevkGiik3wW2AN9zb2fNQ=
+github.com/pingcap/errors v0.11.0/go.mod h1:Oi8TUi2kEtXXLMJk9l1cGmz20kV3TaQ0usTwv5KuLY8=
+github.com/pingcap/errors v0.11.5-0.20210425183316-da1aaba5fb63 h1:+FZIDR/D97YOPik4N4lPDaUcLDF/EQPogxtlHB2ZZRM=
+github.com/pingcap/errors v0.11.5-0.20210425183316-da1aaba5fb63/go.mod h1:X2r9ueLEUZgtx2cIogM0v4Zj5uvvzhuuiu7Pn8HzMPg=
+github.com/pingcap/log v0.0.0-20210625125904-98ed8e2eb1c7 h1:k2BbABz9+TNpYRwsCCFS8pEEnFVOdbgEjL/kTlLuzZQ=
+github.com/pingcap/log v0.0.0-20210625125904-98ed8e2eb1c7/go.mod h1:8AanEdAHATuRurdGxZXBz0At+9avep+ub7U1AGYLIMM=
+github.com/pingcap/tidb/parser v0.0.0-20221126021158-6b02a5d8ba7d h1:1DyyRrgYeNjqPkgjrdEsaIbX+kHpuTTk5ZOCtrcRFcQ=
+github.com/pingcap/tidb/parser v0.0.0-20221126021158-6b02a5d8ba7d/go.mod h1:ElJiub4lRy6UZDb+0JHDkGEdr6aOli+ykhyej7VCLoI=
+github.com/pjbgf/sha1cd v0.3.0 h1:4D5XXmUUBUl/xQ6IjCkEAbqXskkq/4O7LmGn0AqMDs4=
+github.com/pjbgf/sha1cd v0.3.0/go.mod h1:nZ1rrWOcGJ5uZgEEVL1VUM9iRQiZvWdbZjkKyFzPPsI=
 github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
 github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
@ -371,6 +474,7 @@ github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINE
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
+github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso=
 github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
 github.com/prometheus/client_golang v1.7.0 h1:wCi7urQOGBsYcQROHqpUUX4ct84xp40t9R9JX0FuA/U=
 github.com/prometheus/client_golang v1.7.0/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M=
@ -379,13 +483,17 @@ github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/client_model v0.2.0 h1:uq5h0d+GuxiXLJLNABMgp2qUWDPiLvgCzz2dUR+/W/M=
 github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
+github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
+github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
 github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
 github.com/prometheus/common v0.10.0 h1:RyRA7RzGXQZiW+tGMr7sxa85G1z0yOpM1qq5c8lNawc=
 github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo=
 github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
+github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
 github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
 github.com/prometheus/procfs v0.1.3 h1:F0+tqvhOksq22sc6iCHF5WGlWjdwj92p0udFh1VFBS8=
 github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU=
+github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU=
 github.com/qiangmzsx/string-adapter/v2 v2.1.0 h1:q0y8TPa/sTwtriJPRe8gWL++PuZ+XbOUuvKU+hvtTYs=
 github.com/qiangmzsx/string-adapter/v2 v2.1.0/go.mod h1:PElPB7b7HnGKTsuADAffFpOQXHqjEGJz1+U1a6yR5wA=
 github.com/qiniu/dyn v1.3.0/go.mod h1:E8oERcm8TtwJiZvkQPbcAh0RL8jO1G0VXJMW3FAWdkk=
@ -395,6 +503,7 @@ github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0 h1:OdAsTTz6O
 github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
 github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs=
 github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro=
+github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=
 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
 github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
 github.com/rogpeppe/go-internal v1.8.0 h1:FCbCCtXNOY3UtUuHUYaghJg4y7Fd14rXifAYUAtL9R8=
@ -404,25 +513,51 @@ github.com/russellhaering/gosaml2 v0.6.0/go.mod h1:CtzxpPr4+bevsATaqR0rw3aqrNlX2
 github.com/russellhaering/goxmldsig v1.1.0/go.mod h1:QK8GhXPB3+AfuCrfo0oRISa9NfzeCpWmxeGnqEpDF9o=
 github.com/russellhaering/goxmldsig v1.1.1 h1:vI0r2osGF1A9PLvsGdPUAGwEIrKa4Pj5sesSBsebIxM=
 github.com/russellhaering/goxmldsig v1.1.1/go.mod h1:gM4MDENBQf7M+V824SGfyIUVFWydB7n0KkEubVJl+Tw=
+github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
+github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/satori/go.uuid v1.2.0 h1:0uYX9dsZ2yD7q2RtLRtPSdGDWzjeM3TbMJP9utgA0ww=
 github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
+github.com/sergi/go-diff v1.1.0 h1:we8PVUC3FE2uYfodKH/nBHMSetSfHDR6scGdBi+erh0=
+github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
 github.com/shiena/ansicolor v0.0.0-20151119151921-a422bbe96644 h1:X+yvsM2yrEktyI+b2qND5gpH8YhURn0k8OCaeRnkINo=
 github.com/shiena/ansicolor v0.0.0-20151119151921-a422bbe96644/go.mod h1:nkxAfR/5quYxwPZhyDxgasBMnRtBZd0FCEpawpjMUFg=
 github.com/shirou/gopsutil v3.21.11+incompatible h1:+1+c1VGhc88SSonWP6foOcLhvnKlUeu/erjjvaPEYiI=
 github.com/shirou/gopsutil v3.21.11+incompatible/go.mod h1:5b4v6he4MtMOwMlS0TUMTu2PcXUg8+E1lC7eC3UO/RA=
+github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24 h1:pntxY8Ary0t43dCZ5dqY4YTJCObLY1kIXl0uzMv+7DE=
+github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24/go.mod h1:M+9NzErvs504Cn4c5DxATwIqPbtswREoFCre64PpcG4=
+github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
 github.com/siddontang/go v0.0.0-20170517070808-cb568a3e5cc0/go.mod h1:3yhqj7WBBfRhbBlzyOC3gUxftwsU0u8gqevxwIHQpMw=
+github.com/siddontang/go v0.0.0-20180604090527-bdc77568d726 h1:xT+JlYxNGqyT+XcU8iUrN18JYed2TvG9yN5ULG2jATM=
+github.com/siddontang/go v0.0.0-20180604090527-bdc77568d726/go.mod h1:3yhqj7WBBfRhbBlzyOC3gUxftwsU0u8gqevxwIHQpMw=
+github.com/siddontang/go-log v0.0.0-20180807004314-8d05993dda07/go.mod h1:yFdBgwXP24JziuRl2NMUahT7nGLNOKi1SIiFxMttVD4=
+github.com/siddontang/go-log v0.0.0-20190221022429-1e957dd83bed h1:KMgQoLJGCq1IoZpLZE3AIffh9veYWoVlsvA4ib55TMM=
+github.com/siddontang/go-log v0.0.0-20190221022429-1e957dd83bed/go.mod h1:yFdBgwXP24JziuRl2NMUahT7nGLNOKi1SIiFxMttVD4=
 github.com/siddontang/goredis v0.0.0-20150324035039-760763f78400/go.mod h1:DDcKzU3qCuvj/tPnimWSsZZzvk9qvkvrIL5naVBPh5s=
 github.com/siddontang/rdb v0.0.0-20150307021120-fc89ed2e418d/go.mod h1:AMEsy7v5z92TR1JKMkLLoaOQk++LVnOKL3ScbJ8GNGA=
 github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
 github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
+github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
+github.com/skeema/knownhosts v1.1.0 h1:Wvr9V0MxhjRbl3f9nMnKnFfiWTJmtECJ9Njkea3ysW0=
+github.com/skeema/knownhosts v1.1.0/go.mod h1:sKFq3RD6/TKZkSWn8boUbDC7Qkgcv+8XXijpFO6roag=
 github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e h1:MRM5ITcdelLK2j1vwZ3Je0FKVCfqOLp5zO6trqMLYs0=
 github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e/go.mod h1:XV66xRDqSt+GTGFMVlhk3ULuV0y9ZmzeVGR4mloJI3M=
 github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc=
 github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
+github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM=
+github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
+github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ=
+github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
+github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU=
+github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE=
+github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo=
+github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
+github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s=
+github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE=
 github.com/ssdb/gossdb v0.0.0-20180723034631-88f6b59b84ec/go.mod h1:QBvMkMya+gXctz3kmljlUCu/yB3GZ6oee+dUozsezQE=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
+github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
@ -430,8 +565,9 @@ github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
+github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/syndtr/goleveldb v0.0.0-20160425020131-cfa635847112/go.mod h1:Z4AUp2Km+PwemOoO/VB5AOx9XSsIItzFjoJlOSiYmn0=
 github.com/syndtr/goleveldb v1.0.0 h1:fBdIW9lB4Iz0n9khmH8w27SJ3QEJ7+IgjPEwGSZiFdE=
 github.com/syndtr/goleveldb v1.0.0/go.mod h1:ZVVdQEZoIme9iO1Ch2Jdy24qqXrMMOU6lpPAyBWyWuQ=
@ -445,14 +581,25 @@ github.com/tklauser/go-sysconf v0.3.10 h1:IJ1AZGZRWbY8T5Vfk04D9WOA5WSejdflXxP03O
 github.com/tklauser/go-sysconf v0.3.10/go.mod h1:C8XykCvCb+Gn0oNCWPIlcb0RuglQTYaQ2hGm7jmxEFk=
 github.com/tklauser/numcpus v0.4.0 h1:E53Dm1HjH1/R2/aoCtXtPgzmElmn51aOkhCFSuZq//o=
 github.com/tklauser/numcpus v0.4.0/go.mod h1:1+UI3pD8NW14VMwdgJNJ1ESk2UnwhAnz5hMwiKKqXCQ=
+github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
 github.com/twilio/twilio-go v0.26.0 h1:wFW4oTe3/LKt6bvByP7eio8JsjtaLHjMQKOUEzQry7U=
 github.com/twilio/twilio-go v0.26.0/go.mod h1:lz62Hopu4vicpQ056H5TJ0JE4AP0rS3sQ35/ejmgOwE=
+github.com/uber/jaeger-client-go v2.30.0+incompatible h1:D6wyKGCecFaSRUpo8lCVbaOOb6ThwMmTEbhRwtKR97o=
+github.com/uber/jaeger-client-go v2.30.0+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk=
+github.com/uber/jaeger-lib v2.4.1+incompatible h1:td4jdvLcExb4cBISKIpHuGoVXh+dVKhn2Um6rjCsSsg=
+github.com/uber/jaeger-lib v2.4.1+incompatible/go.mod h1:ComeNDZlWwrWnDv8aPp0Ba6+uUTzImX/AauajbLI56U=
 github.com/ugorji/go v0.0.0-20171122102828-84cb69a8af83/go.mod h1:hnLbHMwcvSihnDhEfx2/BzKp2xb0Y+ErdfYcrs9tkJQ=
+github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc=
+github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0=
 github.com/volcengine/volc-sdk-golang v1.0.19 h1:jJp+aJgK0e//rZ9I0K2Y7ufJwvuZRo/AQsYDynXMNgA=
 github.com/volcengine/volc-sdk-golang v1.0.19/go.mod h1:+GGi447k4p1I5PNdbpG2GLaF0Ui9vIInTojMM0IfSS4=
 github.com/wendal/errors v0.0.0-20181209125328-7f31f4b264ec/go.mod h1:Q12BUT7DqIlHRmgv3RskH+UCM/4eqVMgI0EMmlSpAXc=
 github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
 github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
+github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM=
+github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw=
+github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU=
+github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
 github.com/xorm-io/builder v0.3.13 h1:J4oZxt4Gjgm/Si9iKazfzYwHB/ijEOD9EHInyjOSX+M=
 github.com/xorm-io/builder v0.3.13/go.mod h1:24o5riRwzre2WvjmN+LM4YpUtJg7W8MdvJ8H57rvrJA=
 github.com/xorm-io/core v0.7.4 h1:qIznlqqmYNEb03ewzRXCrNkbbxpkgc/44nVF8yoFV7Y=
@ -464,21 +611,39 @@ github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de
 github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
+github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
 github.com/yuin/gopher-lua v0.0.0-20171031051903-609c9cd26973/go.mod h1:aEV29XrmTYFr3CiRxZeGHpkvbwq+prZduBqMaascyCU=
 github.com/yusufpapurcu/wmi v1.2.2 h1:KBNDSne4vP5mbSWnJbO+51IMOXJB67QiYCSBrubbPRg=
 github.com/yusufpapurcu/wmi v1.2.2/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0=
 github.com/ziutek/mymysql v1.5.4/go.mod h1:LMSpPZ6DbqWFxNCHW77HeMg9I646SAhApZ/wKdgO/C0=
+go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
 go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
 go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
 go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
 go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
 go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
+go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
+go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
+go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
+go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
+go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE=
+go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
+go.uber.org/goleak v1.1.10 h1:z+mqJhf6ss6BSfSM671tgKyZBFPTTJM+HLxnhPC3wu0=
+go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A=
+go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
+go.uber.org/multierr v1.6.0 h1:y6IPFStTAIT5Ytl7/XYmHvzXQ7S3g/IeZW9hyZ5thw4=
+go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU=
+go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
+go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
+go.uber.org/zap v1.18.1 h1:CSUJ2mjFszzEWt4CdKISEuChVIXGBn3lAPwkRGyVrc4=
+go.uber.org/zap v1.18.1/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI=
+golang.org/x/arch v0.1.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
 golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
+golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190325154230-a5d413f7728c/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
@ -489,8 +654,15 @@ golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5y
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20211117183948-ae814b36b871/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/crypto v0.0.0-20220208233918-bba287dce954/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
-golang.org/x/crypto v0.0.0-20220214200702-86341886e292 h1:f+lwQ+GtmgoY+A2YaQxlSOnDjXcQ7ZRLWOHbC6HtRqE=
 golang.org/x/crypto v0.0.0-20220214200702-86341886e292/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
+golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
+golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
+golang.org/x/crypto v0.0.0-20220826181053-bd7e27e6170d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
+golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw=
+golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4=
+golang.org/x/crypto v0.6.0 h1:qfktjS5LUO+fFKeJXZ+ikTRijMmljikvG68fpMMruSc=
+golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58=
+golang.org/x/exp v0.0.0-20181106170214-d68db9428509/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@ -512,6 +684,7 @@ golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHl
 golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs=
 golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
+golang.org/x/lint v0.0.0-20200302205851-738671d3881b h1:Wh+f8QHJXR411sJR8/vRBTZ7YapZaRvUcLFFJhusH0k=
 golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
 golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE=
 golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
@ -521,18 +694,22 @@ golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzB
 golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
 golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/mod v0.4.2 h1:Gz96sIWK3OalVv/I/qNygP42zyoKp3xptRVCWRFEBvo=
 golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
+golang.org/x/mod v0.6.0 h1:b9gGHsz9/HhJ3HF5DHQytPpuwocVTChQJK3AvoLRD5I=
+golang.org/x/mod v0.6.0/go.mod h1:4mET923SAdbXp2ki8ey+zGs1SLqsuM2Y0uvdZR/fUNI=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
 golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
 golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
@ -559,8 +736,13 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v
 golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
 golang.org/x/net v0.0.0-20210610132358-84b48f89b13b/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd h1:O7DYs+zxREGLKzKoMQrtrEacpb0ZVXA5rIwylE2Xchk=
 golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
+golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
+golang.org/x/net v0.0.0-20220826154423-83b083e8dc8b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk=
+golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco=
+golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
+golang.org/x/net v0.6.0 h1:L4ZwwTvKW9gr0ZMS1yrHD9GZhIuVjOBBnaKH+SPQK0Q=
+golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@ -580,10 +762,13 @@ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJ
 golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@ -621,32 +806,51 @@ golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201126233918-771906719818/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210629170331-7dc0b73dc9fb/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20211020174200-9d6173849985/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a h1:dGzPydgVsqGcTRVwiLJ1jVbufYwmzD3LfVPLKsKg+0k=
 golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220825204002-c680a09ffe64/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU=
+golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
+golang.org/x/term v0.0.0-20220722155259-a9ba230a4035/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
+golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
+golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
+golang.org/x/term v0.5.0 h1:n2a8QNdAb0sZNpU9R1ALUXBbY+w51fCQDN+7EdxNBsY=
+golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
+golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo=
+golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20220411224347-583f2d630306 h1:+gHMid33q6pen7kv9xvT+JRinntgeXO2AeZVd0AWD3w=
 golang.org/x/time v0.0.0-20220411224347-583f2d630306/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
@ -663,6 +867,8 @@ golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgw
 golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
@ -691,12 +897,14 @@ golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc
 golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE=
 golang.org/x/tools v0.0.0-20200929161345-d7fc70abf50f/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU=
 golang.org/x/tools v0.0.0-20201124115921-2c860bdd6e78/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.1.1 h1:wGiQel/hW0NnEkJUk8lbzkX2gFJU6PFxf1v5OlCfuOs=
+golang.org/x/tools v0.0.0-20201125231158-b5590deeca9b/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
 golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
+golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
+golang.org/x/tools v0.2.0 h1:G6AHpWxTMGY1KyEYoAQ5WTtIekUUvDNjan3ugu60JvE=
+golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
 google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M=
@ -756,6 +964,7 @@ google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6D
 google.golang.org/genproto v0.0.0-20200929141702-51c3e5b607fe/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
 google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
 google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
+google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
 google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
 google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
 google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
@ -792,13 +1001,20 @@ gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
 gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4=
 gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
 gopkg.in/ini.v1 v1.42.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
+gopkg.in/ini.v1 v1.66.2/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
 gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA=
 gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
 gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22/go.mod h1:yeKp02qBN3iKW1OzL3MGk2IdtZzaj7SFntXj72NppTA=
+gopkg.in/natefinch/lumberjack.v2 v2.0.0 h1:1Lc07Kr7qY4U2YPouBjpCLxpiyxIVoxqXgkXLknAOE8=
+gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k=
+gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo=
 gopkg.in/square/go-jose.v2 v2.6.0 h1:NGk74WTnPKBNUhNzQX7PYcTLUjoq7mzKk2OKbvwk2iI=
 gopkg.in/square/go-jose.v2 v2.6.0/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
+gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME=
+gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI=
+gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74=
 gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
@ -808,6 +1024,7 @@ gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU=
 gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
@ -821,29 +1038,42 @@ modernc.org/cc/v3 v3.31.5-0.20210308123301-7a3e9dab9009 h1:u0oCo5b9wyLr++HF3AN9J
 modernc.org/cc/v3 v3.31.5-0.20210308123301-7a3e9dab9009/go.mod h1:0R6jl1aZlIl2avnYfbfHBS1QB6/f+16mihBObaBC878=
 modernc.org/ccgo/v3 v3.9.0 h1:JbcEIqjw4Agf+0g3Tc85YvfYqkkFOv6xBwS4zkfqSoA=
 modernc.org/ccgo/v3 v3.9.0/go.mod h1:nQbgkn8mwzPdp4mm6BT6+p85ugQ7FrGgIcYaE7nSrpY=
+modernc.org/fileutil v1.0.0/go.mod h1:JHsWpkrk/CnVV1H/eGlFf85BEpfkrp56ro8nojIq9Q8=
+modernc.org/golex v1.0.1/go.mod h1:QCA53QtsT1NdGkaZZkF5ezFwk4IXh4BGNafAARTC254=
 modernc.org/httpfs v1.0.6 h1:AAgIpFZRXuYnkjftxTAZwMIiwEqAfk8aVB2/oA6nAeM=
 modernc.org/httpfs v1.0.6/go.mod h1:7dosgurJGp0sPaRanU53W4xZYKh14wfzX420oZADeHM=
+modernc.org/lex v1.0.0/go.mod h1:G6rxMTy3cH2iA0iXL/HRRv4Znu8MK4higxph/lE7ypk=
+modernc.org/lexer v1.0.0/go.mod h1:F/Dld0YKYdZCLQ7bD0USbWL4YKCyTDRDHiDTOs0q0vk=
 modernc.org/libc v1.7.13-0.20210308123627-12f642a52bb8/go.mod h1:U1eq8YWr/Kc1RWCMFUWEdkTg8OTcfLw2kY8EDwl039w=
 modernc.org/libc v1.8.0 h1:Pp4uv9g0csgBMpGPABKtkieF6O5MGhfGo6ZiOdlYfR8=
 modernc.org/libc v1.8.0/go.mod h1:U1eq8YWr/Kc1RWCMFUWEdkTg8OTcfLw2kY8EDwl039w=
+modernc.org/mathutil v1.0.0/go.mod h1:wU0vUrJsVWBZ4P6e7xtFJEhFSNsfRLJ8H458uRjg03k=
 modernc.org/mathutil v1.1.1/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E=
-modernc.org/mathutil v1.2.2 h1:+yFk8hBprV+4c0U9GjFtL+dV3N8hOJ8JCituQcMShFY=
 modernc.org/mathutil v1.2.2/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E=
+modernc.org/mathutil v1.4.1 h1:ij3fYGe8zBF4Vu+g0oT7mB06r8sqGWKuJu1yXeR4by8=
+modernc.org/mathutil v1.4.1/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E=
 modernc.org/memory v1.0.4 h1:utMBrFcpnQDdNsmM6asmyH/FM9TqLPS7XF7otpJmrwM=
 modernc.org/memory v1.0.4/go.mod h1:nV2OApxradM3/OVbs2/0OsP6nPfakXpi50C7dcoHXlc=
 modernc.org/opt v0.1.1 h1:/0RX92k9vwVeDXj+Xn23DKp2VJubL7k8qNffND6qn3A=
 modernc.org/opt v0.1.1/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0=
+modernc.org/parser v1.0.0/go.mod h1:H20AntYJ2cHHL6MHthJ8LZzXCdDCHMWt1KZXtIMjejA=
+modernc.org/parser v1.0.2/go.mod h1:TXNq3HABP3HMaqLK7brD1fLA/LfN0KS6JxZn71QdDqs=
+modernc.org/scanner v1.0.1/go.mod h1:OIzD2ZtjYk6yTuyqZr57FmifbM9fIH74SumloSsajuE=
+modernc.org/sortutil v1.0.0/go.mod h1:1QO0q8IlIlmjBIwm6t/7sof874+xCfZouyqZMLIAtxM=
 modernc.org/sqlite v1.10.1-0.20210314190707-798bbeb9bb84 h1:rgEUzE849tFlHSoeCrKyS9cZAljC+DY7MdMHKq6R6sY=
 modernc.org/sqlite v1.10.1-0.20210314190707-798bbeb9bb84/go.mod h1:PGzq6qlhyYjL6uVbSgS6WoF7ZopTW/sI7+7p+mb4ZVU=
+modernc.org/strutil v1.0.0/go.mod h1:lstksw84oURvj9y3tn8lGvRxyRC1S2+g5uuIzNfIOBs=
 modernc.org/strutil v1.1.0 h1:+1/yCzZxY2pZwwrsbH+4T7BQMoLQ9QiBshRC9eicYsc=
 modernc.org/strutil v1.1.0/go.mod h1:lstksw84oURvj9y3tn8lGvRxyRC1S2+g5uuIzNfIOBs=
 modernc.org/tcl v1.5.0 h1:euZSUNfE0Fd4W8VqXI1Ly1v7fqDJoBuAV88Ea+SnaSs=
 modernc.org/tcl v1.5.0/go.mod h1:gb57hj4pO8fRrK54zveIfFXBaMHK3SKJNWcmRw1cRzc=
 modernc.org/token v1.0.0 h1:a0jaWiNMDhDUtqOj09wvjWWAqd3q7WpBulmL9H2egsk=
 modernc.org/token v1.0.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM=
+modernc.org/y v1.0.1/go.mod h1:Ho86I+LVHEI+LYXoUKlmOMAM1JTXOCfj8qi1T8PsClE=
 modernc.org/z v1.0.1-0.20210308123920-1f282aa71362/go.mod h1:8/SRk5C/HgiQWCgXdfpb+1RvhORdkz5sw72d3jjtyqA=
 modernc.org/z v1.0.1 h1:WyIDpEpAIx4Hel6q/Pcgj/VhaQV5XPJ2I6ryIYbjnpc=
 modernc.org/z v1.0.1/go.mod h1:8/SRk5C/HgiQWCgXdfpb+1RvhORdkz5sw72d3jjtyqA=
 rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
+rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4=
 rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
 rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
--- a/i18n/generate_test.go
+++ b/i18n/generate_test.go
@ -12,6 +12,9 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.

+//go:build !skipCi
+// +build !skipCi
+
 package i18n

 import (
@ -30,24 +33,26 @@ func TestGenerateI18nFrontend(t *testing.T) {
 	enData := parseEnData("frontend")
 	writeI18nFile("frontend", "en", enData)

-	applyToOtherLanguage("frontend", "de", enData)
+	applyToOtherLanguage("frontend", "zh", enData)
 	applyToOtherLanguage("frontend", "es", enData)
 	applyToOtherLanguage("frontend", "fr", enData)
+	applyToOtherLanguage("frontend", "de", enData)
 	applyToOtherLanguage("frontend", "ja", enData)
 	applyToOtherLanguage("frontend", "ko", enData)
 	applyToOtherLanguage("frontend", "ru", enData)
-	applyToOtherLanguage("frontend", "zh", enData)
+	applyToOtherLanguage("frontend", "vi", enData)
 }

 func TestGenerateI18nBackend(t *testing.T) {
 	enData := parseEnData("backend")
 	writeI18nFile("backend", "en", enData)

-	applyToOtherLanguage("backend", "de", enData)
+	applyToOtherLanguage("backend", "zh", enData)
 	applyToOtherLanguage("backend", "es", enData)
 	applyToOtherLanguage("backend", "fr", enData)
+	applyToOtherLanguage("backend", "de", enData)
 	applyToOtherLanguage("backend", "ja", enData)
 	applyToOtherLanguage("backend", "ko", enData)
 	applyToOtherLanguage("backend", "ru", enData)
-	applyToOtherLanguage("backend", "zh", enData)
+	applyToOtherLanguage("backend", "vi", enData)
 }
--- a/i18n/locales/de/data.json
+++ b/i18n/locales/de/data.json
@ -1,15 +1,12 @@
 {
  "account": {
-    "Email: %s": "Email: %s",
    "Get init score failed, error: %w": "Get init score failed, error: %w",
    "Invalid information": "Invalid information",
-    "Phone: %s": "Phone: %s",
    "Please sign out first before signing in": "Please sign out first before signing in",
    "Please sign out first before signing up": "Please sign out first before signing up",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account"
  },
  "auth": {
-    "%s No phone prefix": "%s No phone prefix",
    "Challenge method should be S256": "Challenge method should be S256",
    "Failed to create user, user information is invalid: %s": "Failed to create user, user information is invalid: %s",
    "Failed to login in: %s": "Failed to login in: %s",
@ -55,15 +52,17 @@
    "Username cannot contain white spaces": "Username cannot contain white spaces",
    "Username cannot start with a digit": "Username cannot start with a digit",
    "Username is too long (maximum is 39 characters).": "Username is too long (maximum is 39 characters).",
-    "Username must have at least 2 characters": "Username must have at least 2 characters",
+    "Username must have at least 2 characters": "Benutzername muss mindestens 2 Zeichen lang sein",
    "You have entered the wrong password or code too many times, please wait for %d minutes and try again": "You have entered the wrong password or code too many times, please wait for %d minutes and try again",
+    "Your region is not allow to signup by phone": "Your region is not allow to signup by phone",
    "password or code is incorrect, you have %d remaining chances": "password or code is incorrect, you have %d remaining chances",
    "unsupported password type: %s": "unsupported password type: %s"
  },
  "general": {
    "Missing parameter": "Missing parameter",
    "Please login first": "Please login first",
-    "The user: %s doesn't exist": "The user: %s doesn't exist"
+    "The user: %s doesn't exist": "The user: %s doesn't exist",
+    "don't support captchaProvider: ": "don't support captchaProvider: "
  },
  "ldap": {
    "Ldap server exist": "Ldap server exist"
@ -130,12 +129,13 @@
    "Email is invalid": "Email is invalid",
    "Invalid captcha provider.": "Invalid captcha provider.",
    "Organization does not exist": "Organization does not exist",
-    "Phone number is invalid": "Phone number is invalid",
+    "Phone number is invalid in your region %s": "Phone number is invalid in your region %s",
    "Turing test failed.": "Turing test failed.",
    "Unable to get the email modify rule.": "Unable to get the email modify rule.",
    "Unable to get the phone modify rule.": "Unable to get the phone modify rule.",
    "Unknown type": "Unknown type",
    "Wrong parameter": "Wrong parameter",
+    "Wrong verification code!": "Wrong verification code!",
    "You should verify your code in %d min!": "You should verify your code in %d min!",
    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
  },
--- a/i18n/locales/en/data.json
+++ b/i18n/locales/en/data.json
@ -1,15 +1,12 @@
 {
  "account": {
-    "Email: %s": "Email: %s",
    "Get init score failed, error: %w": "Get init score failed, error: %w",
    "Invalid information": "Invalid information",
-    "Phone: %s": "Phone: %s",
    "Please sign out first before signing in": "Please sign out first before signing in",
    "Please sign out first before signing up": "Please sign out first before signing up",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account"
  },
  "auth": {
-    "%s No phone prefix": "%s No phone prefix",
    "Challenge method should be S256": "Challenge method should be S256",
    "Failed to create user, user information is invalid: %s": "Failed to create user, user information is invalid: %s",
    "Failed to login in: %s": "Failed to login in: %s",
@ -57,13 +54,15 @@
    "Username is too long (maximum is 39 characters).": "Username is too long (maximum is 39 characters).",
    "Username must have at least 2 characters": "Username must have at least 2 characters",
    "You have entered the wrong password or code too many times, please wait for %d minutes and try again": "You have entered the wrong password or code too many times, please wait for %d minutes and try again",
+    "Your region is not allow to signup by phone": "Your region is not allow to signup by phone",
    "password or code is incorrect, you have %d remaining chances": "password or code is incorrect, you have %d remaining chances",
    "unsupported password type: %s": "unsupported password type: %s"
  },
  "general": {
    "Missing parameter": "Missing parameter",
    "Please login first": "Please login first",
-    "The user: %s doesn't exist": "The user: %s doesn't exist"
+    "The user: %s doesn't exist": "The user: %s doesn't exist",
+    "don't support captchaProvider: ": "don't support captchaProvider: "
  },
  "ldap": {
    "Ldap server exist": "Ldap server exist"
@ -130,12 +129,13 @@
    "Email is invalid": "Email is invalid",
    "Invalid captcha provider.": "Invalid captcha provider.",
    "Organization does not exist": "Organization does not exist",
-    "Phone number is invalid": "Phone number is invalid",
+    "Phone number is invalid in your region %s": "Phone number is invalid in your region %s",
    "Turing test failed.": "Turing test failed.",
    "Unable to get the email modify rule.": "Unable to get the email modify rule.",
    "Unable to get the phone modify rule.": "Unable to get the phone modify rule.",
    "Unknown type": "Unknown type",
    "Wrong parameter": "Wrong parameter",
+    "Wrong verification code!": "Wrong verification code!",
    "You should verify your code in %d min!": "You should verify your code in %d min!",
    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
  },
--- a/i18n/locales/es/data.json
+++ b/i18n/locales/es/data.json
@ -1,15 +1,12 @@
 {
  "account": {
-    "Email: %s": "Email: %s",
    "Get init score failed, error: %w": "Get init score failed, error: %w",
    "Invalid information": "Invalid information",
-    "Phone: %s": "Phone: %s",
    "Please sign out first before signing in": "Please sign out first before signing in",
    "Please sign out first before signing up": "Please sign out first before signing up",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account"
  },
  "auth": {
-    "%s No phone prefix": "%s No phone prefix",
    "Challenge method should be S256": "Challenge method should be S256",
    "Failed to create user, user information is invalid: %s": "Failed to create user, user information is invalid: %s",
    "Failed to login in: %s": "Failed to login in: %s",
@ -57,13 +54,15 @@
    "Username is too long (maximum is 39 characters).": "Username is too long (maximum is 39 characters).",
    "Username must have at least 2 characters": "Username must have at least 2 characters",
    "You have entered the wrong password or code too many times, please wait for %d minutes and try again": "You have entered the wrong password or code too many times, please wait for %d minutes and try again",
+    "Your region is not allow to signup by phone": "Your region is not allow to signup by phone",
    "password or code is incorrect, you have %d remaining chances": "password or code is incorrect, you have %d remaining chances",
    "unsupported password type: %s": "unsupported password type: %s"
  },
  "general": {
    "Missing parameter": "Missing parameter",
    "Please login first": "Please login first",
-    "The user: %s doesn't exist": "The user: %s doesn't exist"
+    "The user: %s doesn't exist": "The user: %s doesn't exist",
+    "don't support captchaProvider: ": "don't support captchaProvider: "
  },
  "ldap": {
    "Ldap server exist": "Ldap server exist"
@ -130,12 +129,13 @@
    "Email is invalid": "Email is invalid",
    "Invalid captcha provider.": "Invalid captcha provider.",
    "Organization does not exist": "Organization does not exist",
-    "Phone number is invalid": "Phone number is invalid",
+    "Phone number is invalid in your region %s": "Phone number is invalid in your region %s",
    "Turing test failed.": "Turing test failed.",
    "Unable to get the email modify rule.": "Unable to get the email modify rule.",
    "Unable to get the phone modify rule.": "Unable to get the phone modify rule.",
    "Unknown type": "Unknown type",
    "Wrong parameter": "Wrong parameter",
+    "Wrong verification code!": "Wrong verification code!",
    "You should verify your code in %d min!": "You should verify your code in %d min!",
    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
  },
--- a/i18n/locales/fr/data.json
+++ b/i18n/locales/fr/data.json
@ -1,15 +1,12 @@
 {
  "account": {
-    "Email: %s": "Email: %s",
    "Get init score failed, error: %w": "Get init score failed, error: %w",
    "Invalid information": "Invalid information",
-    "Phone: %s": "Phone: %s",
    "Please sign out first before signing in": "Please sign out first before signing in",
    "Please sign out first before signing up": "Please sign out first before signing up",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account"
  },
  "auth": {
-    "%s No phone prefix": "%s No phone prefix",
    "Challenge method should be S256": "Challenge method should be S256",
    "Failed to create user, user information is invalid: %s": "Failed to create user, user information is invalid: %s",
    "Failed to login in: %s": "Failed to login in: %s",
@ -57,13 +54,15 @@
    "Username is too long (maximum is 39 characters).": "Username is too long (maximum is 39 characters).",
    "Username must have at least 2 characters": "Username must have at least 2 characters",
    "You have entered the wrong password or code too many times, please wait for %d minutes and try again": "You have entered the wrong password or code too many times, please wait for %d minutes and try again",
+    "Your region is not allow to signup by phone": "Your region is not allow to signup by phone",
    "password or code is incorrect, you have %d remaining chances": "password or code is incorrect, you have %d remaining chances",
    "unsupported password type: %s": "unsupported password type: %s"
  },
  "general": {
    "Missing parameter": "Missing parameter",
    "Please login first": "Please login first",
-    "The user: %s doesn't exist": "The user: %s doesn't exist"
+    "The user: %s doesn't exist": "The user: %s doesn't exist",
+    "don't support captchaProvider: ": "don't support captchaProvider: "
  },
  "ldap": {
    "Ldap server exist": "Ldap server exist"
@ -130,12 +129,13 @@
    "Email is invalid": "Email is invalid",
    "Invalid captcha provider.": "Invalid captcha provider.",
    "Organization does not exist": "Organization does not exist",
-    "Phone number is invalid": "Phone number is invalid",
+    "Phone number is invalid in your region %s": "Phone number is invalid in your region %s",
    "Turing test failed.": "Turing test failed.",
    "Unable to get the email modify rule.": "Unable to get the email modify rule.",
    "Unable to get the phone modify rule.": "Unable to get the phone modify rule.",
    "Unknown type": "Unknown type",
    "Wrong parameter": "Wrong parameter",
+    "Wrong verification code!": "Wrong verification code!",
    "You should verify your code in %d min!": "You should verify your code in %d min!",
    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
  },
--- a/i18n/locales/ja/data.json
+++ b/i18n/locales/ja/data.json
@ -1,15 +1,12 @@
 {
  "account": {
-    "Email: %s": "Email: %s",
    "Get init score failed, error: %w": "Get init score failed, error: %w",
    "Invalid information": "Invalid information",
-    "Phone: %s": "Phone: %s",
    "Please sign out first before signing in": "Please sign out first before signing in",
    "Please sign out first before signing up": "Please sign out first before signing up",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account"
  },
  "auth": {
-    "%s No phone prefix": "%s No phone prefix",
    "Challenge method should be S256": "Challenge method should be S256",
    "Failed to create user, user information is invalid: %s": "Failed to create user, user information is invalid: %s",
    "Failed to login in: %s": "Failed to login in: %s",
@ -57,13 +54,15 @@
    "Username is too long (maximum is 39 characters).": "Username is too long (maximum is 39 characters).",
    "Username must have at least 2 characters": "Username must have at least 2 characters",
    "You have entered the wrong password or code too many times, please wait for %d minutes and try again": "You have entered the wrong password or code too many times, please wait for %d minutes and try again",
+    "Your region is not allow to signup by phone": "Your region is not allow to signup by phone",
    "password or code is incorrect, you have %d remaining chances": "password or code is incorrect, you have %d remaining chances",
    "unsupported password type: %s": "unsupported password type: %s"
  },
  "general": {
    "Missing parameter": "Missing parameter",
    "Please login first": "Please login first",
-    "The user: %s doesn't exist": "The user: %s doesn't exist"
+    "The user: %s doesn't exist": "The user: %s doesn't exist",
+    "don't support captchaProvider: ": "don't support captchaProvider: "
  },
  "ldap": {
    "Ldap server exist": "Ldap server exist"
@ -130,12 +129,13 @@
    "Email is invalid": "Email is invalid",
    "Invalid captcha provider.": "Invalid captcha provider.",
    "Organization does not exist": "Organization does not exist",
-    "Phone number is invalid": "Phone number is invalid",
+    "Phone number is invalid in your region %s": "Phone number is invalid in your region %s",
    "Turing test failed.": "Turing test failed.",
    "Unable to get the email modify rule.": "Unable to get the email modify rule.",
    "Unable to get the phone modify rule.": "Unable to get the phone modify rule.",
    "Unknown type": "Unknown type",
    "Wrong parameter": "Wrong parameter",
+    "Wrong verification code!": "Wrong verification code!",
    "You should verify your code in %d min!": "You should verify your code in %d min!",
    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
  },
--- a/i18n/locales/ko/data.json
+++ b/i18n/locales/ko/data.json
@ -1,15 +1,12 @@
 {
  "account": {
-    "Email: %s": "Email: %s",
    "Get init score failed, error: %w": "Get init score failed, error: %w",
    "Invalid information": "Invalid information",
-    "Phone: %s": "Phone: %s",
    "Please sign out first before signing in": "Please sign out first before signing in",
    "Please sign out first before signing up": "Please sign out first before signing up",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account"
  },
  "auth": {
-    "%s No phone prefix": "%s No phone prefix",
    "Challenge method should be S256": "Challenge method should be S256",
    "Failed to create user, user information is invalid: %s": "Failed to create user, user information is invalid: %s",
    "Failed to login in: %s": "Failed to login in: %s",
@ -57,13 +54,15 @@
    "Username is too long (maximum is 39 characters).": "Username is too long (maximum is 39 characters).",
    "Username must have at least 2 characters": "Username must have at least 2 characters",
    "You have entered the wrong password or code too many times, please wait for %d minutes and try again": "You have entered the wrong password or code too many times, please wait for %d minutes and try again",
+    "Your region is not allow to signup by phone": "Your region is not allow to signup by phone",
    "password or code is incorrect, you have %d remaining chances": "password or code is incorrect, you have %d remaining chances",
    "unsupported password type: %s": "unsupported password type: %s"
  },
  "general": {
    "Missing parameter": "Missing parameter",
    "Please login first": "Please login first",
-    "The user: %s doesn't exist": "The user: %s doesn't exist"
+    "The user: %s doesn't exist": "The user: %s doesn't exist",
+    "don't support captchaProvider: ": "don't support captchaProvider: "
  },
  "ldap": {
    "Ldap server exist": "Ldap server exist"
@ -130,12 +129,13 @@
    "Email is invalid": "Email is invalid",
    "Invalid captcha provider.": "Invalid captcha provider.",
    "Organization does not exist": "Organization does not exist",
-    "Phone number is invalid": "Phone number is invalid",
+    "Phone number is invalid in your region %s": "Phone number is invalid in your region %s",
    "Turing test failed.": "Turing test failed.",
    "Unable to get the email modify rule.": "Unable to get the email modify rule.",
    "Unable to get the phone modify rule.": "Unable to get the phone modify rule.",
    "Unknown type": "Unknown type",
    "Wrong parameter": "Wrong parameter",
+    "Wrong verification code!": "Wrong verification code!",
    "You should verify your code in %d min!": "You should verify your code in %d min!",
    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
  },
--- a/i18n/locales/ru/data.json
+++ b/i18n/locales/ru/data.json
@ -1,15 +1,12 @@
 {
  "account": {
-    "Email: %s": "Email: %s",
    "Get init score failed, error: %w": "Get init score failed, error: %w",
    "Invalid information": "Invalid information",
-    "Phone: %s": "Phone: %s",
    "Please sign out first before signing in": "Please sign out first before signing in",
    "Please sign out first before signing up": "Please sign out first before signing up",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account"
  },
  "auth": {
-    "%s No phone prefix": "%s No phone prefix",
    "Challenge method should be S256": "Challenge method should be S256",
    "Failed to create user, user information is invalid: %s": "Failed to create user, user information is invalid: %s",
    "Failed to login in: %s": "Failed to login in: %s",
@ -57,13 +54,15 @@
    "Username is too long (maximum is 39 characters).": "Username is too long (maximum is 39 characters).",
    "Username must have at least 2 characters": "Username must have at least 2 characters",
    "You have entered the wrong password or code too many times, please wait for %d minutes and try again": "You have entered the wrong password or code too many times, please wait for %d minutes and try again",
+    "Your region is not allow to signup by phone": "Your region is not allow to signup by phone",
    "password or code is incorrect, you have %d remaining chances": "password or code is incorrect, you have %d remaining chances",
    "unsupported password type: %s": "unsupported password type: %s"
  },
  "general": {
    "Missing parameter": "Missing parameter",
    "Please login first": "Please login first",
-    "The user: %s doesn't exist": "The user: %s doesn't exist"
+    "The user: %s doesn't exist": "The user: %s doesn't exist",
+    "don't support captchaProvider: ": "don't support captchaProvider: "
  },
  "ldap": {
    "Ldap server exist": "Ldap server exist"
@ -130,12 +129,13 @@
    "Email is invalid": "Email is invalid",
    "Invalid captcha provider.": "Invalid captcha provider.",
    "Organization does not exist": "Organization does not exist",
-    "Phone number is invalid": "Phone number is invalid",
+    "Phone number is invalid in your region %s": "Phone number is invalid in your region %s",
    "Turing test failed.": "Turing test failed.",
    "Unable to get the email modify rule.": "Unable to get the email modify rule.",
    "Unable to get the phone modify rule.": "Unable to get the phone modify rule.",
    "Unknown type": "Unknown type",
    "Wrong parameter": "Wrong parameter",
+    "Wrong verification code!": "Wrong verification code!",
    "You should verify your code in %d min!": "You should verify your code in %d min!",
    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
  },
--- a/i18n/locales/vi/data.json
+++ b/i18n/locales/vi/data.json
@ -0,0 +1,146 @@
+{
+  "account": {
+    "Get init score failed, error: %w": "Get init score failed, error: %w",
+    "Invalid information": "Invalid information",
+    "Please sign out first before signing in": "Please sign out first before signing in",
+    "Please sign out first before signing up": "Please sign out first before signing up",
+    "The application does not allow to sign up new account": "The application does not allow to sign up new account"
+  },
+  "auth": {
+    "Challenge method should be S256": "Challenge method should be S256",
+    "Failed to create user, user information is invalid: %s": "Failed to create user, user information is invalid: %s",
+    "Failed to login in: %s": "Failed to login in: %s",
+    "Invalid token": "Invalid token",
+    "State expected: %s, but got: %s": "State expected: %s, but got: %s",
+    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up",
+    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support",
+    "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)",
+    "The application: %s does not exist": "The application: %s does not exist",
+    "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
+    "The provider type: %s is not supported": "The provider type: %s is not supported",
+    "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
+    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
+    "Turing test failed.": "Turing test failed.",
+    "Unauthorized operation": "Unauthorized operation",
+    "Unknown authentication type (not password or provider), form = %s": "Unknown authentication type (not password or provider), form = %s"
+  },
+  "cas": {
+    "Service %s and %s do not match": "Service %s and %s do not match"
+  },
+  "check": {
+    "Affiliation cannot be blank": "Affiliation cannot be blank",
+    "DisplayName cannot be blank": "DisplayName cannot be blank",
+    "DisplayName is not valid real name": "DisplayName is not valid real name",
+    "Email already exists": "Email already exists",
+    "Email cannot be empty": "Email cannot be empty",
+    "Email is invalid": "Email is invalid",
+    "Empty username.": "Empty username.",
+    "FirstName cannot be blank": "FirstName cannot be blank",
+    "LastName cannot be blank": "LastName cannot be blank",
+    "Ldap user name or password incorrect": "Ldap user name or password incorrect",
+    "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
+    "Organization does not exist": "Organization does not exist",
+    "Password must have at least 6 characters": "Password must have at least 6 characters",
+    "Phone already exists": "Phone already exists",
+    "Phone cannot be empty": "Phone cannot be empty",
+    "Phone number is invalid": "Phone number is invalid",
+    "Session outdated, please login again": "Session outdated, please login again",
+    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
+    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "Username already exists": "Username already exists",
+    "Username cannot be an email address": "Username cannot be an email address",
+    "Username cannot contain white spaces": "Username cannot contain white spaces",
+    "Username cannot start with a digit": "Username cannot start with a digit",
+    "Username is too long (maximum is 39 characters).": "Username is too long (maximum is 39 characters).",
+    "Username must have at least 2 characters": "Username must have at least 2 characters",
+    "You have entered the wrong password or code too many times, please wait for %d minutes and try again": "You have entered the wrong password or code too many times, please wait for %d minutes and try again",
+    "Your region is not allow to signup by phone": "Your region is not allow to signup by phone",
+    "password or code is incorrect, you have %d remaining chances": "password or code is incorrect, you have %d remaining chances",
+    "unsupported password type: %s": "unsupported password type: %s"
+  },
+  "general": {
+    "Missing parameter": "Missing parameter",
+    "Please login first": "Please login first",
+    "The user: %s doesn't exist": "The user: %s doesn't exist",
+    "don't support captchaProvider: ": "don't support captchaProvider: "
+  },
+  "ldap": {
+    "Ldap server exist": "Ldap server exist"
+  },
+  "link": {
+    "Please link first": "Please link first",
+    "This application has no providers": "This application has no providers",
+    "This application has no providers of type": "This application has no providers of type",
+    "This provider can't be unlinked": "This provider can't be unlinked",
+    "You are not the global admin, you can't unlink other users": "You are not the global admin, you can't unlink other users",
+    "You can't unlink yourself, you are not a member of any application": "You can't unlink yourself, you are not a member of any application"
+  },
+  "organization": {
+    "Only admin can modify the %s.": "Only admin can modify the %s.",
+    "The %s is immutable.": "The %s is immutable.",
+    "Unknown modify rule %s.": "Unknown modify rule %s."
+  },
+  "provider": {
+    "Invalid application id": "Invalid application id",
+    "the provider: %s does not exist": "the provider: %s does not exist"
+  },
+  "resource": {
+    "User is nil for tag: avatar": "User is nil for tag: avatar",
+    "Username or fullFilePath is empty: username = %s, fullFilePath = %s": "Username or fullFilePath is empty: username = %s, fullFilePath = %s"
+  },
+  "saml": {
+    "Application %s not found": "Application %s not found"
+  },
+  "saml_sp": {
+    "provider %s's category is not SAML": "provider %s's category is not SAML"
+  },
+  "service": {
+    "Empty parameters for emailForm: %v": "Empty parameters for emailForm: %v",
+    "Invalid Email receivers: %s": "Invalid Email receivers: %s",
+    "Invalid phone receivers: %s": "Invalid phone receivers: %s"
+  },
+  "storage": {
+    "The objectKey: %s is not allowed": "The objectKey: %s is not allowed",
+    "The provider type: %s is not supported": "The provider type: %s is not supported"
+  },
+  "token": {
+    "Empty clientId or clientSecret": "Empty clientId or clientSecret",
+    "Grant_type: %s is not supported in this application": "Grant_type: %s is not supported in this application",
+    "Invalid application or wrong clientSecret": "Invalid application or wrong clientSecret",
+    "Invalid client_id": "Invalid client_id",
+    "Redirect URI: %s doesn't exist in the allowed Redirect URI list": "Redirect URI: %s doesn't exist in the allowed Redirect URI list",
+    "Token not found, invalid accessToken": "Token not found, invalid accessToken"
+  },
+  "user": {
+    "Display name cannot be empty": "Display name cannot be empty",
+    "New password cannot contain blank space.": "New password cannot contain blank space.",
+    "New password must have at least 6 characters": "New password must have at least 6 characters"
+  },
+  "user_upload": {
+    "Failed to import users": "Failed to import users"
+  },
+  "util": {
+    "No application is found for userId: %s": "No application is found for userId: %s",
+    "No provider for category: %s is found for application: %s": "No provider for category: %s is found for application: %s",
+    "The provider: %s is not found": "The provider: %s is not found"
+  },
+  "verification": {
+    "Code has not been sent yet!": "Code has not been sent yet!",
+    "Email is invalid": "Email is invalid",
+    "Invalid captcha provider.": "Invalid captcha provider.",
+    "Organization does not exist": "Organization does not exist",
+    "Phone number is invalid in your region %s": "Phone number is invalid in your region %s",
+    "Turing test failed.": "Turing test failed.",
+    "Unable to get the email modify rule.": "Unable to get the email modify rule.",
+    "Unable to get the phone modify rule.": "Unable to get the phone modify rule.",
+    "Unknown type": "Unknown type",
+    "Wrong parameter": "Wrong parameter",
+    "Wrong verification code!": "Wrong verification code!",
+    "You should verify your code in %d min!": "You should verify your code in %d min!",
+    "the user does not exist, please sign up first": "the user does not exist, please sign up first"
+  },
+  "webauthn": {
+    "Found no credentials for this user": "Found no credentials for this user",
+    "Please call WebAuthnSigninBegin first": "Please call WebAuthnSigninBegin first"
+  }
+}
--- a/i18n/locales/zh/data.json
+++ b/i18n/locales/zh/data.json
@ -1,15 +1,12 @@
 {
  "account": {
-    "Email: %s": "邮件: %s",
    "Get init score failed, error: %w": "初始化分数失败: %w",
    "Invalid information": "无效信息",
-    "Phone: %s": "手机号: %s",
    "Please sign out first before signing in": "请在登录前先退出登录",
    "Please sign out first before signing up": "请在注册前先退出登录",
    "The application does not allow to sign up new account": "该应用不允许注册新用户"
  },
  "auth": {
-    "%s No phone prefix": "%s 无此手机号前缀",
    "Challenge method should be S256": "Challenge 方法应该为 S256",
    "Failed to create user, user information is invalid: %s": "创建用户失败，用户信息无效: %s",
    "Failed to login in: %s": "登录失败: %s",
@ -57,13 +54,15 @@
    "Username is too long (maximum is 39 characters).": "用户名过长（最大允许长度为39个字符）",
    "Username must have at least 2 characters": "用户名至少要有2个字符",
    "You have entered the wrong password or code too many times, please wait for %d minutes and try again": "密码错误次数已达上限，请在 %d 分后重试",
+    "Your region is not allow to signup by phone": "所在地区不支持手机号注册",
    "password or code is incorrect, you have %d remaining chances": "密码错误，您还有 %d 次尝试的机会",
    "unsupported password type: %s": "不支持的密码类型: %s"
  },
  "general": {
    "Missing parameter": "缺少参数",
    "Please login first": "请先登录",
-    "The user: %s doesn't exist": "用户: %s 不存在"
+    "The user: %s doesn't exist": "用户: %s 不存在",
+    "don't support captchaProvider: ": "不支持验证码提供商: "
  },
  "ldap": {
    "Ldap server exist": "LDAP服务器已存在"
@ -130,12 +129,13 @@
    "Email is invalid": "非法的邮箱",
    "Invalid captcha provider.": "非法的验证码提供商",
    "Organization does not exist": "组织不存在",
-    "Phone number is invalid": "非法的手机号码",
+    "Phone number is invalid in your region %s": "您所在地区的电话号码无效 %s",
    "Turing test failed.": "验证码还未发送",
    "Unable to get the email modify rule.": "无法获取邮箱修改规则",
    "Unable to get the phone modify rule.": "无法获取手机号修改规则",
    "Unknown type": "未知类型",
    "Wrong parameter": "参数错误",
+    "Wrong verification code!": "验证码错误!",
    "You should verify your code in %d min!": "请在 %d 分钟内输入正确验证码",
    "the user does not exist, please sign up first": "用户不存在，请先注册"
  },
--- a/idp/dingtalk.go
+++ b/idp/dingtalk.go
@ -15,11 +15,9 @@
 package idp

 import (
-	"bytes"
 	"encoding/json"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"log"
 	"net/http"
 	"strings"
@ -170,10 +168,18 @@ func (idp *DingTalkIdProvider) GetUserInfo(token *oauth2.Token) (*UserInfo, erro
 		Email:       dtUserInfo.Email,
 		AvatarUrl:   dtUserInfo.AvatarUrl,
 	}
-	isUserInOrg, err := idp.isUserInOrg(userInfo.UnionId)
-	if !isUserInOrg {
+
+	corpAccessToken := idp.getInnerAppAccessToken()
+	userId, err := idp.getUserId(userInfo.UnionId, corpAccessToken)
+	if err != nil {
 		return nil, err
 	}
+
+	corpEmail, err := idp.getUserCorpEmail(userId, corpAccessToken)
+	if err == nil && corpEmail != "" {
+		userInfo.Email = corpEmail
+	}
+
 	return &userInfo, nil
 }

@ -202,23 +208,14 @@ func (idp *DingTalkIdProvider) postWithBody(body interface{}, url string) ([]byt
 }

 func (idp *DingTalkIdProvider) getInnerAppAccessToken() string {
-	appKey := idp.Config.ClientID
-	appSecret := idp.Config.ClientSecret
 	body := make(map[string]string)
-	body["appKey"] = appKey
-	body["appSecret"] = appSecret
-	bodyData, err := json.Marshal(body)
-	if err != nil {
-		log.Println(err.Error())
-	}
-	reader := bytes.NewReader(bodyData)
-	request, err := http.NewRequest("POST", "https://api.dingtalk.com/v1.0/oauth2/accessToken", reader)
-	request.Header.Set("Content-Type", "application/json;charset=UTF-8")
-	resp, err := idp.Client.Do(request)
-	respBytes, err := ioutil.ReadAll(resp.Body)
+	body["appKey"] = idp.Config.ClientID
+	body["appSecret"] = idp.Config.ClientSecret
+	respBytes, err := idp.postWithBody(body, "https://api.dingtalk.com/v1.0/oauth2/accessToken")
 	if err != nil {
 		log.Println(err.Error())
 	}
+
 	var data struct {
 		ExpireIn    int    `json:"expireIn"`
 		AccessToken string `json:"accessToken"`
@ -230,34 +227,53 @@ func (idp *DingTalkIdProvider) getInnerAppAccessToken() string {
 	return data.AccessToken
 }

-func (idp *DingTalkIdProvider) isUserInOrg(unionId string) (bool, error) {
+func (idp *DingTalkIdProvider) getUserId(unionId string, accessToken string) (string, error) {
 	body := make(map[string]string)
 	body["unionid"] = unionId
-	bodyData, err := json.Marshal(body)
+	respBytes, err := idp.postWithBody(body, "https://oapi.dingtalk.com/topapi/user/getbyunionid?access_token="+accessToken)
 	if err != nil {
-		log.Println(err.Error())
-	}
-	reader := bytes.NewReader(bodyData)
-	accessToken := idp.getInnerAppAccessToken()
-	request, _ := http.NewRequest("POST", "https://oapi.dingtalk.com/topapi/user/getbyunionid?access_token="+accessToken, reader)
-	request.Header.Set("Content-Type", "application/json;charset=UTF-8")
-	resp, err := idp.Client.Do(request)
-	respBytes, err := ioutil.ReadAll(resp.Body)
-	if err != nil {
-		log.Println(err.Error())
+		return "", err
 	}
+
 	var data struct {
 		ErrCode    int    `json:"errcode"`
 		ErrMessage string `json:"errmsg"`
+		Result     struct {
+			UserId string `json:"userid"`
+		} `json:"result"`
 	}
 	err = json.Unmarshal(respBytes, &data)
 	if err != nil {
-		log.Println(err.Error())
+		return "", err
 	}
 	if data.ErrCode == 60121 {
-		return false, fmt.Errorf("the user is not found in the organization where clientId and clientSecret belong")
+		return "", fmt.Errorf("the user is not found in the organization where clientId and clientSecret belong")
 	} else if data.ErrCode != 0 {
-		return false, fmt.Errorf(data.ErrMessage)
+		return "", fmt.Errorf(data.ErrMessage)
 	}
-	return true, nil
+	return data.Result.UserId, nil
+}
+
+func (idp *DingTalkIdProvider) getUserCorpEmail(userId string, accessToken string) (string, error) {
+	body := make(map[string]string)
+	body["userid"] = userId
+	respBytes, err := idp.postWithBody(body, "https://oapi.dingtalk.com/topapi/v2/user/get?access_token="+accessToken)
+	if err != nil {
+		return "", err
+	}
+
+	var data struct {
+		ErrMessage string `json:"errmsg"`
+		Result     struct {
+			Email string `json:"email"`
+		} `json:"result"`
+	}
+	err = json.Unmarshal(respBytes, &data)
+	if err != nil {
+		return "", err
+	}
+	if data.ErrMessage != "ok" {
+		return "", fmt.Errorf(data.ErrMessage)
+	}
+	return data.Result.Email, nil
 }
--- a/init_data.json.template
+++ b/init_data.json.template
@ -6,10 +6,18 @@
      "displayName": "",
      "websiteUrl": "",
      "favicon": "",
-      "passwordType": "",
-      "phonePrefix": "",
+      "passwordType": "plain",
+      "passwordSalt": "",
+      "countryCodes": ["US", "ES", "CN", "FR", "DE", "GB", "JP", "KR", "VN", "ID", "SG", "IN"],
      "defaultAvatar": "",
-      "tags": [""]
+      "defaultApplication": "",
+      "tags": [],
+      "languages": ["en", "zh", "es", "fr", "de", "ja", "ko", "ru", "vi"],
+      "masterPassword": "",
+      "initScore": 2000,
+      "enableSoftDeletion": false,
+      "isProfilePublic": true,
+      "accountItems": []
    }
  ],
  "applications": [
@ -107,6 +115,7 @@
      "avatar": "",
      "email": "",
      "phone": "",
+      "countryCode": "",
      "address": [],
      "affiliation": "",
      "tag": "",
--- a/manifests/casdoor/templates/configmap.yaml
+++ b/manifests/casdoor/templates/configmap.yaml
@ -1,23 +1,8 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: casdoor-config
+  name: {{ printf "%s-config" (include "casdoor.fullname" .) }}
+  labels:
+    {{- include "casdoor.labels" . | nindent 4 }}
 data:
-  app.conf: |
-    appname = casdoor
-    httpport = 80
-    runmode = dev
-    SessionOn = true
-    copyrequestbody = true
-    driverName = mysql
-    dataSourceName = root:123456@tcp(localhost:3306)/
-    dbName = casdoor
-    redisEndpoint =
-    defaultStorageProvider = 
-    isCloudIntranet = false
-    authState = "casdoor"
-    socks5Proxy = "127.0.0.1:10808"
-    verificationCodeTimeout = 10
-    initScore = 2000
-    logPostOnly = true
-    origin = "https://door.casbin.com"
+  app.conf: {{ tpl .Values.config . | toYaml | nindent 4 }}
--- a/manifests/casdoor/templates/deployment.yaml
+++ b/manifests/casdoor/templates/deployment.yaml
@ -13,8 +13,9 @@ spec:
      {{- include "casdoor.selectorLabels" . | nindent 6 }}
  template:
    metadata:
-      {{- with .Values.podAnnotations }}
      annotations:
+        checksum/config: {{ tpl .Values.config . | toYaml | sha256sum }}
+        {{- with .Values.podAnnotations }}
        {{- toYaml . | nindent 8 }}
        {{- end }}
      labels:
@ -34,18 +35,25 @@ spec:
          image: "{{ .Values.image.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
          imagePullPolicy: {{ .Values.image.pullPolicy }}
          # command: ["sleep", "100000000"]
+          env:
+            - name: RUNNING_IN_DOCKER
+              value: "true"
          ports:
            - name: http
-              containerPort: 80
+              containerPort: {{ .Values.service.port }}
              protocol: TCP
-          # livenessProbe:
-          #   httpGet:
-          #     path: /
-          #     port: http
-          # readinessProbe:
-          #   httpGet:
-          #     path: /
-          #     port: http
+          {{ if .Values.probe.liveness.enabled }}
+          livenessProbe:
+            httpGet:
+              path: /
+              port: http
+          {{ end }}
+          {{ if .Values.probe.readiness.enabled }}
+          readinessProbe:
+            httpGet:
+              path: /
+              port: http
+          {{ end }}
          resources:
            {{- toYaml .Values.resources | nindent 12 }}
          volumeMounts:
@ -60,7 +68,7 @@ spec:
               items:
               - key: app.conf
                 path: app.conf
-               name: casdoor-config
+               name: {{ printf "%s-config" (include "casdoor.fullname" .) }}
      {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
--- a/manifests/casdoor/values.yaml
+++ b/manifests/casdoor/values.yaml
@ -6,11 +6,31 @@ replicaCount: 1

 image:
  repository: casbin
-  name: casdoor-all-in-one
+  name: casdoor
  pullPolicy: IfNotPresent
  # Overrides the image tag whose default is the chart appVersion.
  tag: ""

+# ref: https://casdoor.org/docs/basic/server-installation#via-ini-file
+config: |
+  appname = casdoor
+  httpport = {{ .Values.service.port }}
+  runmode = dev
+  SessionOn = true
+  copyrequestbody = true
+  driverName = sqlite
+  dataSourceName = "file:ent?mode=memory&cache=shared&_fk=1"
+  dbName = casdoor
+  redisEndpoint =
+  defaultStorageProvider = 
+  isCloudIntranet = false
+  authState = "casdoor"
+  socks5Proxy = ""
+  verificationCodeTimeout = 10
+  initScore = 2000
+  logPostOnly = true
+  origin = "https://door.casbin.com"
+
 imagePullSecrets: []
 nameOverride: ""
 fullnameOverride: ""
@ -37,9 +57,15 @@ securityContext: {}
  # runAsNonRoot: true
  # runAsUser: 1000

+probe:
+  readiness:
+    enabled: true
+  liveness:
+    enabled: true
+
 service:
  type: ClusterIP
-  port: 80
+  port: 8000

 ingress:
  enabled: false
--- a/object/check.go
+++ b/object/check.go
@ -42,7 +42,7 @@ func init() {
 	reFieldWhiteList, _ = regexp.Compile(`^[A-Za-z0-9]+$`)
 }

-func CheckUserSignup(application *Application, organization *Organization, username string, password string, displayName string, firstName string, lastName string, email string, phone string, affiliation string, lang string) string {
+func CheckUserSignup(application *Application, organization *Organization, username string, password string, displayName string, firstName string, lastName string, email string, phone string, countryCode string, affiliation string, lang string) string {
 	if organization == nil {
 		return i18n.Translate(lang, "check:Organization does not exist")
 	}
@ -84,33 +84,31 @@ func CheckUserSignup(application *Application, organization *Organization, usern
 		if email == "" {
 			if application.IsSignupItemRequired("Email") {
 				return i18n.Translate(lang, "check:Email cannot be empty")
+			}
 		} else {
-				return ""
-			}
-		}
-
 			if HasUserByField(organization.Name, "email", email) {
 				return i18n.Translate(lang, "check:Email already exists")
 			} else if !util.IsEmailValid(email) {
 				return i18n.Translate(lang, "check:Email is invalid")
 			}
 		}
+	}

 	if application.IsSignupItemVisible("Phone") {
 		if phone == "" {
 			if application.IsSignupItemRequired("Phone") {
 				return i18n.Translate(lang, "check:Phone cannot be empty")
+			}
 		} else {
-				return ""
-			}
-		}
-
 			if HasUserByField(organization.Name, "phone", phone) {
 				return i18n.Translate(lang, "check:Phone already exists")
-		} else if organization.PhonePrefix == "86" && !util.IsPhoneCnValid(phone) {
+			} else if !util.IsPhoneAllowInRegin(countryCode, organization.CountryCodes) {
+				return i18n.Translate(lang, "check:Your region is not allow to signup by phone")
+			} else if !util.IsPhoneValid(phone, countryCode) {
 				return i18n.Translate(lang, "check:Phone number is invalid")
 			}
 		}
+	}

 	if application.IsSignupItemVisible("Display name") {
 		if application.GetSignupItemRule("Display name") == "First, last" && (firstName != "" || lastName != "") {
@ -194,7 +192,7 @@ func checkLdapUserPassword(user *User, password string, lang string) (*User, str
 	ldaps := GetLdaps(user.Owner)
 	ldapLoginSuccess := false
 	for _, ldapServer := range ldaps {
-		conn, err := GetLdapConn(ldapServer.Host, ldapServer.Port, ldapServer.Admin, ldapServer.Passwd)
+		conn, err := ldapServer.GetLdapConn()
 		if err != nil {
 			continue
 		}
@ -378,7 +376,7 @@ func CheckToEnableCaptcha(application *Application) bool {
 		if providerItem.Provider == nil {
 			continue
 		}
-		if providerItem.Provider.Category == "Captcha" && providerItem.Provider.Type == "Default" {
+		if providerItem.Provider.Category == "Captcha" {
 			return providerItem.Rule == "Always"
 		}
 	}
--- a/object/init.go
+++ b/object/init.go
@ -21,7 +21,7 @@ import (

 	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/util"
-	"github.com/duo-labs/webauthn/webauthn"
+	"github.com/go-webauthn/webauthn/webauthn"
 )

 func InitDb() {
@ -39,26 +39,8 @@ func InitDb() {
 	initWebAuthn()
 }

-func initBuiltInOrganization() bool {
-	organization := getOrganization("admin", "built-in")
-	if organization != nil {
-		return true
-	}
-
-	organization = &Organization{
-		Owner:         "admin",
-		Name:          "built-in",
-		CreatedTime:   util.GetCurrentTime(),
-		DisplayName:   "Built-in Organization",
-		WebsiteUrl:    "https://example.com",
-		Favicon:       fmt.Sprintf("%s/img/casbin/favicon.ico", conf.GetConfigString("staticBaseUrl")),
-		PasswordType:  "plain",
-		PhonePrefix:   "86",
-		DefaultAvatar: fmt.Sprintf("%s/img/casbin.svg", conf.GetConfigString("staticBaseUrl")),
-		Tags:          []string{},
-		Languages:     []string{"en", "zh", "es", "fr", "de", "ja", "ko", "ru"},
-		InitScore:     2000,
-		AccountItems: []*AccountItem{
+func getBuiltInAccountItems() []*AccountItem {
+	return []*AccountItem{
 		{Name: "Organization", Visible: true, ViewRule: "Public", ModifyRule: "Admin"},
 		{Name: "ID", Visible: true, ViewRule: "Public", ModifyRule: "Immutable"},
 		{Name: "Name", Visible: true, ViewRule: "Public", ModifyRule: "Admin"},
@ -68,6 +50,7 @@ func initBuiltInOrganization() bool {
 		{Name: "Password", Visible: true, ViewRule: "Self", ModifyRule: "Self"},
 		{Name: "Email", Visible: true, ViewRule: "Public", ModifyRule: "Self"},
 		{Name: "Phone", Visible: true, ViewRule: "Public", ModifyRule: "Self"},
+		{Name: "Country code", Visible: true, ViewRule: "Public", ModifyRule: "Admin"},
 		{Name: "Country/Region", Visible: true, ViewRule: "Public", ModifyRule: "Self"},
 		{Name: "Location", Visible: true, ViewRule: "Public", ModifyRule: "Self"},
 		{Name: "Affiliation", Visible: true, ViewRule: "Public", ModifyRule: "Self"},
@ -86,7 +69,31 @@ func initBuiltInOrganization() bool {
 		{Name: "Is deleted", Visible: true, ViewRule: "Admin", ModifyRule: "Admin"},
 		{Name: "WebAuthn credentials", Visible: true, ViewRule: "Self", ModifyRule: "Self"},
 		{Name: "Managed accounts", Visible: true, ViewRule: "Self", ModifyRule: "Self"},
-		},
+	}
+}
+
+func initBuiltInOrganization() bool {
+	organization := getOrganization("admin", "built-in")
+	if organization != nil {
+		return true
+	}
+
+	organization = &Organization{
+		Owner:              "admin",
+		Name:               "built-in",
+		CreatedTime:        util.GetCurrentTime(),
+		DisplayName:        "Built-in Organization",
+		WebsiteUrl:         "https://example.com",
+		Favicon:            fmt.Sprintf("%s/img/casbin/favicon.ico", conf.GetConfigString("staticBaseUrl")),
+		PasswordType:       "plain",
+		CountryCodes:       []string{"US", "ES", "CN", "FR", "DE", "GB", "JP", "KR", "VN", "ID", "SG", "IN"},
+		DefaultAvatar:      fmt.Sprintf("%s/img/casbin.svg", conf.GetConfigString("staticBaseUrl")),
+		Tags:               []string{},
+		Languages:          []string{"en", "zh", "es", "fr", "de", "ja", "ko", "ru", "vi"},
+		InitScore:          2000,
+		AccountItems:       getBuiltInAccountItems(),
+		EnableSoftDeletion: false,
+		IsProfilePublic:    false,
 	}
 	AddOrganization(organization)
 	return false
@ -109,6 +116,7 @@ func initBuiltInUser() {
 		Avatar:            fmt.Sprintf("%s/img/casbin.svg", conf.GetConfigString("staticBaseUrl")),
 		Email:             "admin@example.com",
 		Phone:             "12345678910",
+		CountryCode:       "CN",
 		Address:           []string{},
 		Affiliation:       "Example Inc.",
 		Tag:               "staff",
--- a/object/init_data.go
+++ b/object/init_data.go
@ -179,33 +179,7 @@ func initDefinedOrganization(organization *Organization) {
 		return
 	}
 	organization.CreatedTime = util.GetCurrentTime()
-	organization.AccountItems = []*AccountItem{
-		{Name: "Organization", Visible: true, ViewRule: "Public", ModifyRule: "Admin"},
-		{Name: "ID", Visible: true, ViewRule: "Public", ModifyRule: "Immutable"},
-		{Name: "Name", Visible: true, ViewRule: "Public", ModifyRule: "Admin"},
-		{Name: "Display name", Visible: true, ViewRule: "Public", ModifyRule: "Self"},
-		{Name: "Avatar", Visible: true, ViewRule: "Public", ModifyRule: "Self"},
-		{Name: "User type", Visible: true, ViewRule: "Public", ModifyRule: "Admin"},
-		{Name: "Password", Visible: true, ViewRule: "Self", ModifyRule: "Self"},
-		{Name: "Email", Visible: true, ViewRule: "Public", ModifyRule: "Self"},
-		{Name: "Phone", Visible: true, ViewRule: "Public", ModifyRule: "Self"},
-		{Name: "Country/Region", Visible: true, ViewRule: "Public", ModifyRule: "Self"},
-		{Name: "Location", Visible: true, ViewRule: "Public", ModifyRule: "Self"},
-		{Name: "Affiliation", Visible: true, ViewRule: "Public", ModifyRule: "Self"},
-		{Name: "Title", Visible: true, ViewRule: "Public", ModifyRule: "Self"},
-		{Name: "Homepage", Visible: true, ViewRule: "Public", ModifyRule: "Self"},
-		{Name: "Bio", Visible: true, ViewRule: "Public", ModifyRule: "Self"},
-		{Name: "Tag", Visible: true, ViewRule: "Public", ModifyRule: "Admin"},
-		{Name: "Signup application", Visible: true, ViewRule: "Public", ModifyRule: "Admin"},
-		{Name: "Roles", Visible: true, ViewRule: "Public", ModifyRule: "Immutable"},
-		{Name: "Permissions", Visible: true, ViewRule: "Public", ModifyRule: "Immutable"},
-		{Name: "3rd-party logins", Visible: true, ViewRule: "Self", ModifyRule: "Self"},
-		{Name: "Properties", Visible: false, ViewRule: "Admin", ModifyRule: "Admin"},
-		{Name: "Is admin", Visible: true, ViewRule: "Admin", ModifyRule: "Admin"},
-		{Name: "Is global admin", Visible: true, ViewRule: "Admin", ModifyRule: "Admin"},
-		{Name: "Is forbidden", Visible: true, ViewRule: "Admin", ModifyRule: "Admin"},
-		{Name: "Is deleted", Visible: true, ViewRule: "Admin", ModifyRule: "Admin"},
-	}
+	organization.AccountItems = getBuiltInAccountItems()

 	AddOrganization(organization)
 }
--- a/object/ldap.go
+++ b/object/ldap.go
@ -33,6 +33,7 @@ type Ldap struct {
 	ServerName string `xorm:"varchar(100)" json:"serverName"`
 	Host       string `xorm:"varchar(100)" json:"host"`
 	Port       int    `json:"port"`
+	EnableSsl  bool   `xorm:"bool" json:"enableSsl"`
 	Admin      string `xorm:"varchar(100)" json:"admin"`
 	Passwd     string `xorm:"varchar(100)" json:"passwd"`
 	BaseDn     string `xorm:"varchar(100)" json:"baseDn"`
@ -152,20 +153,26 @@ func isMicrosoftAD(Conn *goldap.Conn) (bool, error) {
 	return isMicrosoft, err
 }

-func GetLdapConn(host string, port int, adminUser string, adminPasswd string) (*ldapConn, error) {
-	conn, err := goldap.Dial("tcp", fmt.Sprintf("%s:%d", host, port))
+func (ldap *Ldap) GetLdapConn() (c *ldapConn, err error) {
+	var conn *goldap.Conn
+	if ldap.EnableSsl {
+		conn, err = goldap.DialTLS("tcp", fmt.Sprintf("%s:%d", ldap.Host, ldap.Port), nil)
+	} else {
+		conn, err = goldap.Dial("tcp", fmt.Sprintf("%s:%d", ldap.Host, ldap.Port))
+	}
+
 	if err != nil {
 		return nil, err
 	}

-	err = conn.Bind(adminUser, adminPasswd)
+	err = conn.Bind(ldap.Admin, ldap.Passwd)
 	if err != nil {
-		return nil, fmt.Errorf("fail to login Ldap server with [%s]", adminUser)
+		return nil, err
 	}

 	isAD, err := isMicrosoftAD(conn)
 	if err != nil {
-		return nil, fmt.Errorf("fail to get Ldap server type [%s]", adminUser)
+		return nil, err
 	}
 	return &ldapConn{Conn: conn, IsAD: isAD}, nil
 }
@ -329,7 +336,7 @@ func GetLdaps(owner string) []*Ldap {
 }

 func GetLdap(id string) *Ldap {
-	if util.IsStrsEmpty(id) {
+	if util.IsStringsEmpty(id) {
 		return nil
 	}

@ -352,7 +359,7 @@ func UpdateLdap(ldap *Ldap) bool {
 	}

 	affected, err := adapter.Engine.ID(ldap.Id).Cols("owner", "server_name", "host",
-		"port", "admin", "passwd", "base_dn", "auto_sync").Update(ldap)
+		"port", "enable_ssl", "admin", "passwd", "base_dn", "auto_sync").Update(ldap)
 	if err != nil {
 		panic(err)
 	}
--- a/object/ldap_autosync.go
+++ b/object/ldap_autosync.go
@ -76,7 +76,7 @@ func (l *LdapAutoSynchronizer) syncRoutine(ldap *Ldap, stopChan chan struct{}) {

 		UpdateLdapSyncTime(ldap.Id)
 		// fetch all users
-		conn, err := GetLdapConn(ldap.Host, ldap.Port, ldap.Admin, ldap.Passwd)
+		conn, err := ldap.GetLdapConn()
 		if err != nil {
 			logs.Warning(fmt.Sprintf("autoSync failed for %s, error %s", ldap.Id, err))
 			continue
--- a/object/organization.go
+++ b/object/organization.go
@ -49,7 +49,7 @@ type Organization struct {
 	Favicon            string     `xorm:"varchar(100)" json:"favicon"`
 	PasswordType       string     `xorm:"varchar(100)" json:"passwordType"`
 	PasswordSalt       string     `xorm:"varchar(100)" json:"passwordSalt"`
-	PhonePrefix        string     `xorm:"varchar(10)"  json:"phonePrefix"`
+	CountryCodes       []string   `xorm:"varchar(200)"  json:"countryCodes"`
 	DefaultAvatar      string     `xorm:"varchar(100)" json:"defaultAvatar"`
 	DefaultApplication string     `xorm:"varchar(100)" json:"defaultApplication"`
 	Tags               []string   `xorm:"mediumtext" json:"tags"`
@ -211,6 +211,10 @@ func GetAccountItemByName(name string, organization *Organization) *AccountItem
 }

 func CheckAccountItemModifyRule(accountItem *AccountItem, user *User, lang string) (bool, string) {
+	if accountItem == nil {
+		return true, ""
+	}
+
 	switch accountItem.ModifyRule {
 	case "Admin":
 		if user == nil || !user.IsAdmin && !user.IsGlobalAdmin {
--- a/object/payment.go
+++ b/object/payment.go
@ -43,7 +43,7 @@ type Payment struct {
 	PayUrl    string `xorm:"varchar(2000)" json:"payUrl"`
 	ReturnUrl string `xorm:"varchar(1000)" json:"returnUrl"`
 	State     string `xorm:"varchar(100)" json:"state"`
-	Message   string `xorm:"varchar(1000)" json:"message"`
+	Message   string `xorm:"varchar(2000)" json:"message"`

 	PersonName    string `xorm:"varchar(100)" json:"personName"`
 	PersonIdCard  string `xorm:"varchar(100)" json:"personIdCard"`
--- a/object/permission.go
+++ b/object/permission.go
@ -80,7 +80,6 @@ func (p *PermissionRule) GetRequest(adapterName string, permissionId string) ([]
 		if p.V5 != "" {
 			return nil, fmt.Errorf("too many parameters. The maximum parameter number cannot exceed %d", builtInAvailableField)
 		}
-		request = append(request, permissionId)
 		return request, nil
 	} else {
 		if p.V5 != "" {
@ -245,6 +244,10 @@ func GetPermissionsByUser(userId string) []*Permission {
 		panic(err)
 	}

+	for i := range permissions {
+		permissions[i].Users = nil
+	}
+
 	return permissions
 }

--- a/object/role.go
+++ b/object/role.go
@ -159,6 +159,10 @@ func GetRolesByUser(userId string) []*Role {
 		panic(err)
 	}

+	for i := range roles {
+		roles[i].Users = nil
+	}
+
 	return roles
 }

--- a/object/saml_idp.go
+++ b/object/saml_idp.go
@ -64,7 +64,7 @@ func NewSamlResponse(user *User, host string, certificate string, destination st
 	assertion.CreateAttr("IssueInstant", now)
 	assertion.CreateElement("saml:Issuer").SetText(host)
 	subject := assertion.CreateElement("saml:Subject")
-	subject.CreateElement("saml:NameID").SetText(user.Email)
+	subject.CreateElement("saml:NameID").SetText(user.Name)
 	subjectConfirmation := subject.CreateElement("saml:SubjectConfirmation")
 	subjectConfirmation.CreateAttr("Method", "urn:oasis:names:tc:SAML:2.0:cm:bearer")
 	subjectConfirmationData := subjectConfirmation.CreateElement("saml:SubjectConfirmationData")
@ -230,16 +230,20 @@ func GetSamlResponse(application *Application, user *User, samlRequest string, h
 	// base64 decode
 	defated, err := base64.StdEncoding.DecodeString(samlRequest)
 	if err != nil {
-		return "", "", method, fmt.Errorf("err: %s", err.Error())
+		return "", "", method, fmt.Errorf("err: Failed to decode SAML request , %s", err.Error())
 	}
+
 	// decompress
 	var buffer bytes.Buffer
 	rdr := flate.NewReader(bytes.NewReader(defated))
-	io.Copy(&buffer, rdr)
+	_, err = io.Copy(&buffer, rdr)
+	if err != nil {
+		return "", "", "", err
+	}
 	var authnRequest saml.AuthnRequest
 	err = xml.Unmarshal(buffer.Bytes(), &authnRequest)
 	if err != nil {
-		return "", "", method, fmt.Errorf("err: %s", err.Error())
+		return "", "", method, fmt.Errorf("err: Failed to unmarshal AuthnRequest, please check the SAML request. %s", err.Error())
 	}

 	// verify samlRequest
@ -252,14 +256,15 @@ func GetSamlResponse(application *Application, user *User, samlRequest string, h
 	block, _ := pem.Decode([]byte(cert.Certificate))
 	certificate := base64.StdEncoding.EncodeToString(block.Bytes)

-	_, originBackend := getOriginFromHost(host)
-
 	// redirect Url (Assertion Consumer Url)
 	if application.SamlReplyUrl != "" {
 		method = "POST"
 		authnRequest.AssertionConsumerServiceURL = application.SamlReplyUrl
+	} else if authnRequest.AssertionConsumerServiceURL == "" {
+		return "", "", "", fmt.Errorf("err: SAML request don't has attribute 'AssertionConsumerServiceURL' in <samlp:AuthnRequest>")
 	}

+	_, originBackend := getOriginFromHost(host)
 	// build signedResponse
 	samlResponse, _ := NewSamlResponse(user, originBackend, certificate, authnRequest.AssertionConsumerServiceURL, authnRequest.Issuer.Url, authnRequest.ID, application.RedirectUris)
 	randomKeyStore := &X509Key{
@ -279,7 +284,7 @@ func GetSamlResponse(application *Application, user *User, samlRequest string, h
 	doc.SetRoot(samlResponse)
 	xmlBytes, err := doc.WriteToBytes()
 	if err != nil {
-		return "", "", method, fmt.Errorf("err: %s", err.Error())
+		return "", "", method, fmt.Errorf("err: Failed to serializes the SAML request into bytes, %s", err.Error())
 	}

 	// compress
@ -287,15 +292,21 @@ func GetSamlResponse(application *Application, user *User, samlRequest string, h
 		flated := bytes.NewBuffer(nil)
 		writer, err := flate.NewWriter(flated, flate.DefaultCompression)
 		if err != nil {
-			return "", "", method, fmt.Errorf("err: %s", err.Error())
+			return "", "", method, err
+		}
+		_, err = writer.Write(xmlBytes)
+		if err != nil {
+			return "", "", "", err
+		}
+		err = writer.Close()
+		if err != nil {
+			return "", "", "", err
 		}
-		writer.Write(xmlBytes)
-		writer.Close()
 		xmlBytes = flated.Bytes()
 	}
 	// base64 encode
 	res := base64.StdEncoding.EncodeToString(xmlBytes)
-	return res, authnRequest.AssertionConsumerServiceURL, method, nil
+	return res, authnRequest.AssertionConsumerServiceURL, method, err
 }

 // NewSamlResponse11 return a saml1.1 response(not 2.0)
@ -359,7 +370,10 @@ func NewSamlResponse11(user *User, requestID string, host string) *etree.Element

 	data, _ := json.Marshal(user)
 	tmp := map[string]string{}
-	json.Unmarshal(data, &tmp)
+	err := json.Unmarshal(data, &tmp)
+	if err != nil {
+		panic(err)
+	}

 	for k, v := range tmp {
 		if v != "" {
--- a/object/sms.go
+++ b/object/sms.go
@ -14,19 +14,42 @@

 package object

-import "github.com/casdoor/go-sms-sender"
+import (
+	"strings"
+
+	sender "github.com/casdoor/go-sms-sender"
+)
+
+func getSmsClient(provider *Provider) (sender.SmsClient, error) {
+	var client sender.SmsClient
+	var err error
+
+	if provider.Type == sender.HuaweiCloud {
+		client, err = sender.NewSmsClient(provider.Type, provider.ClientId, provider.ClientSecret, provider.SignName, provider.TemplateCode, provider.ProviderUrl, provider.AppId)
+	} else {
+		client, err = sender.NewSmsClient(provider.Type, provider.ClientId, provider.ClientSecret, provider.SignName, provider.TemplateCode, provider.AppId)
+	}
+	if err != nil {
+		return nil, err
+	}
+
+	return client, nil
+}

 func SendSms(provider *Provider, content string, phoneNumbers ...string) error {
-	client, err := go_sms_sender.NewSmsClient(provider.Type, provider.ClientId, provider.ClientSecret, provider.SignName, provider.TemplateCode, provider.AppId)
-	if provider.Type == go_sms_sender.HuaweiCloud {
-		client, err = go_sms_sender.NewSmsClient(provider.Type, provider.ClientId, provider.ClientSecret, provider.SignName, provider.TemplateCode, provider.ProviderUrl, provider.AppId)
-	}
+	client, err := getSmsClient(provider)
 	if err != nil {
 		return err
 	}

+	if provider.Type == sender.Aliyun {
+		for i, number := range phoneNumbers {
+			phoneNumbers[i] = strings.TrimPrefix(number, "+86")
+		}
+	}
+
 	params := map[string]string{}
-	if provider.Type == go_sms_sender.TencentCloud {
+	if provider.Type == sender.TencentCloud {
 		params["0"] = content
 	} else {
 		params["code"] = content
--- a/object/user.go
+++ b/object/user.go
@ -20,7 +20,7 @@ import (

 	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/util"
-	"github.com/duo-labs/webauthn/webauthn"
+	"github.com/go-webauthn/webauthn/webauthn"
 	"github.com/xorm-io/core"
 )

@ -46,7 +46,8 @@ type User struct {
 	PermanentAvatar   string   `xorm:"varchar(500)" json:"permanentAvatar"`
 	Email             string   `xorm:"varchar(100) index" json:"email"`
 	EmailVerified     bool     `json:"emailVerified"`
-	Phone             string   `xorm:"varchar(100) index" json:"phone"`
+	Phone             string   `xorm:"varchar(20) index" json:"phone"`
+	CountryCode       string   `xorm:"varchar(6)" json:"countryCode"`
 	Location          string   `xorm:"varchar(100)" json:"location"`
 	Address           []string `json:"address"`
 	Affiliation       string   `xorm:"varchar(100)" json:"affiliation"`
@ -171,8 +172,8 @@ type Userinfo struct {
 	Sub         string `json:"sub"`
 	Iss         string `json:"iss"`
 	Aud         string `json:"aud"`
-	Name        string `json:"name,omitempty"`
-	DisplayName string `json:"preferred_username,omitempty"`
+	Name        string `json:"preferred_username,omitempty"`
+	DisplayName string `json:"name,omitempty"`
 	Email       string `json:"email,omitempty"`
 	Avatar      string `json:"picture,omitempty"`
 	Address     string `json:"address,omitempty"`
@ -448,13 +449,13 @@ func UpdateUser(id string, user *User, columns []string, isGlobalAdmin bool) boo
 	if len(columns) == 0 {
 		columns = []string{
 			"owner", "display_name", "avatar",
-			"location", "address", "region", "language", "affiliation", "title", "homepage", "bio", "score", "tag", "signup_application",
+			"location", "address", "country_code", "region", "language", "affiliation", "title", "homepage", "bio", "score", "tag", "signup_application",
 			"is_admin", "is_global_admin", "is_forbidden", "is_deleted", "hash", "is_default_avatar", "properties", "webauthnCredentials", "managedAccounts",
 			"signin_wrong_times", "last_signin_wrong_time",
 		}
 	}
 	if isGlobalAdmin {
-		columns = append(columns, "name", "email", "phone")
+		columns = append(columns, "name", "email", "phone", "country_code")
 	}

 	affected, err := adapter.Engine.ID(core.PK{owner, name}).Cols(columns...).Update(user)
--- a/object/user_util.go
+++ b/object/user_util.go
@ -53,10 +53,12 @@ func GetUserByFields(organization string, field string) *User {
 	}

 	// check email
+	if strings.Contains(field, "@") {
 		user = GetUserByField(organization, "email", field)
 		if user != nil {
 			return user
 		}
+	}

 	// check phone
 	user = GetUserByField(organization, "phone", field)
@ -170,3 +172,18 @@ func ClearUserOAuthProperties(user *User, providerType string) bool {

 	return affected != 0
 }
+
+func (user *User) GetCountryCode(countryCode string) string {
+	if countryCode != "" {
+		return countryCode
+	}
+
+	if user != nil && user.CountryCode != "" {
+		return user.CountryCode
+	}
+
+	if org := GetOrganizationByUser(user); org != nil && len(org.CountryCodes) > 0 {
+		return org.CountryCodes[0]
+	}
+	return ""
+}
--- a/object/user_webauthn.go
+++ b/object/user_webauthn.go
@ -20,8 +20,8 @@ import (
 	"strings"

 	"github.com/casdoor/casdoor/conf"
-	"github.com/duo-labs/webauthn/protocol"
-	"github.com/duo-labs/webauthn/webauthn"
+	"github.com/go-webauthn/webauthn/protocol"
+	"github.com/go-webauthn/webauthn/webauthn"
 )

 func GetWebAuthnObject(host string) *webauthn.WebAuthn {
--- a/object/verification.go
+++ b/object/verification.go
@ -26,8 +26,16 @@ import (
 	"github.com/xorm-io/core"
 )

+type VerifyResult struct {
+	Code int
+	Msg  string
+}
+
 const (
-	wrongCode = "wrongCode"
+	VerificationSuccess int = 0
+	wrongCodeError          = 1
+	noRecordError           = 2
+	timeoutError            = 3
 )

 type VerificationRecord struct {
@ -122,11 +130,8 @@ func AddToVerificationRecord(user *User, provider *Provider, remoteAddr, recordT
 	record.Owner = provider.Owner
 	record.Name = util.GenerateId()
 	record.CreatedTime = util.GetCurrentTime()
-	if user != nil {
-		record.User = user.GetId()
-	}
-	record.Provider = provider.Name

+	record.Provider = provider.Name
 	record.Receiver = dest
 	record.Code = code
 	record.Time = time.Now().Unix()
@ -153,11 +158,11 @@ func getVerificationRecord(dest string) *VerificationRecord {
 	return &record
 }

-func CheckVerificationCode(dest, code, lang string) string {
+func CheckVerificationCode(dest, code, lang string) *VerifyResult {
 	record := getVerificationRecord(dest)

 	if record == nil {
-		return i18n.Translate(lang, "verification:Code has not been sent yet!")
+		return &VerifyResult{noRecordError, i18n.Translate(lang, "verification:Code has not been sent yet!")}
 	}

 	timeout, err := conf.GetConfigInt64("verificationCodeTimeout")
@ -167,14 +172,14 @@ func CheckVerificationCode(dest, code, lang string) string {

 	now := time.Now().Unix()
 	if now-record.Time > timeout*60 {
-		return fmt.Sprintf(i18n.Translate(lang, "verification:You should verify your code in %d min!"), timeout)
+		return &VerifyResult{timeoutError, fmt.Sprintf(i18n.Translate(lang, "verification:You should verify your code in %d min!"), timeout)}
 	}

 	if record.Code != code {
-		return wrongCode
+		return &VerifyResult{wrongCodeError, i18n.Translate(lang, "verification:Wrong verification code!")}
 	}

-	return ""
+	return &VerifyResult{VerificationSuccess, ""}
 }

 func DisableVerificationCode(dest string) {
@ -197,14 +202,14 @@ func CheckSigninCode(user *User, dest, code, lang string) string {
 	}

 	result := CheckVerificationCode(dest, code, lang)
-	switch result {
-	case "":
+	switch result.Code {
+	case VerificationSuccess:
 		resetUserSigninErrorTimes(user)
 		return ""
-	case wrongCode:
+	case wrongCodeError:
 		return recordSigninErrorInfo(user, lang)
 	default:
-		return result
+		return result.Msg
 	}
 }

--- a/routers/base.go
+++ b/routers/base.go
@ -19,6 +19,8 @@ import (
 	"strings"

 	"github.com/beego/beego/context"
+	"github.com/casdoor/casdoor/conf"
+	"github.com/casdoor/casdoor/i18n"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@ -46,8 +48,17 @@ func responseError(ctx *context.Context, error string, data ...interface{}) {
 	}
 }

+func getAcceptLanguage(ctx *context.Context) string {
+	language := ctx.Request.Header.Get("Accept-Language")
+	return conf.GetLanguage(language)
+}
+
+func T(ctx *context.Context, error string) string {
+	return i18n.Translate(getAcceptLanguage(ctx), error)
+}
+
 func denyRequest(ctx *context.Context) {
-	responseError(ctx, "Unauthorized operation")
+	responseError(ctx, T(ctx, "auth:Unauthorized operation"))
 }

 func getUsernameByClientIdSecret(ctx *context.Context) string {
--- a/routers/cors_filter.go
+++ b/routers/cors_filter.go
@ -36,7 +36,7 @@ func CorsFilter(ctx *context.Context) {
 	if origin != "" && originConf != "" && origin != originConf {
 		if object.IsOriginAllowed(origin) {
 			ctx.Output.Header(headerAllowOrigin, origin)
-			ctx.Output.Header(headerAllowMethods, "POST, GET, OPTIONS")
+			ctx.Output.Header(headerAllowMethods, "POST, GET, OPTIONS, DELETE")
 			ctx.Output.Header(headerAllowHeaders, "Content-Type, Authorization")
 		} else {
 			ctx.ResponseWriter.WriteHeader(http.StatusForbidden)
@ -48,4 +48,11 @@ func CorsFilter(ctx *context.Context) {
 			return
 		}
 	}
+
+	if ctx.Input.Method() == "OPTIONS" {
+		ctx.Output.Header(headerAllowOrigin, "*")
+		ctx.Output.Header(headerAllowMethods, "POST, GET, OPTIONS, DELETE")
+		ctx.ResponseWriter.WriteHeader(http.StatusOK)
+		return
+	}
 }
--- a/routers/router.go
+++ b/routers/router.go
@ -112,19 +112,18 @@ func initAPI() {

 	beego.Router("/api/set-password", &controllers.ApiController{}, "POST:SetPassword")
 	beego.Router("/api/check-user-password", &controllers.ApiController{}, "POST:CheckUserPassword")
-	beego.Router("/api/get-email-and-phone", &controllers.ApiController{}, "POST:GetEmailAndPhone")
+	beego.Router("/api/get-email-and-phone", &controllers.ApiController{}, "GET:GetEmailAndPhone")
 	beego.Router("/api/send-verification-code", &controllers.ApiController{}, "POST:SendVerificationCode")
 	beego.Router("/api/verify-captcha", &controllers.ApiController{}, "POST:VerifyCaptcha")
 	beego.Router("/api/reset-email-or-phone", &controllers.ApiController{}, "POST:ResetEmailOrPhone")
 	beego.Router("/api/get-captcha", &controllers.ApiController{}, "GET:GetCaptcha")

-	beego.Router("/api/get-ldap-user", &controllers.ApiController{}, "POST:GetLdapUser")
-	beego.Router("/api/get-ldaps", &controllers.ApiController{}, "POST:GetLdaps")
-	beego.Router("/api/get-ldap", &controllers.ApiController{}, "POST:GetLdap")
+	beego.Router("/api/get-ldap-users", &controllers.ApiController{}, "GET:GetLdapUsers")
+	beego.Router("/api/get-ldaps", &controllers.ApiController{}, "GET:GetLdaps")
+	beego.Router("/api/get-ldap", &controllers.ApiController{}, "GET:GetLdap")
 	beego.Router("/api/add-ldap", &controllers.ApiController{}, "POST:AddLdap")
 	beego.Router("/api/update-ldap", &controllers.ApiController{}, "POST:UpdateLdap")
 	beego.Router("/api/delete-ldap", &controllers.ApiController{}, "POST:DeleteLdap")
-	beego.Router("/api/check-ldap-users-exist", &controllers.ApiController{}, "POST:CheckLdapUsersExist")
 	beego.Router("/api/sync-ldap-users", &controllers.ApiController{}, "POST:SyncLdapUsers")

 	beego.Router("/api/get-providers", &controllers.ApiController{}, "GET:GetProviders")
@ -225,5 +224,5 @@ func initAPI() {
 	beego.Router("/api/webauthn/signin/finish", &controllers.ApiController{}, "Post:WebAuthnSigninFinish")

 	beego.Router("/api/get-system-info", &controllers.ApiController{}, "GET:GetSystemInfo")
-	beego.Router("/api/get-release", &controllers.ApiController{}, "GET:GitRepoVersion")
+	beego.Router("/api/get-version-info", &controllers.ApiController{}, "GET:GetVersionInfo")
 }
--- a/routers/static_filter.go
+++ b/routers/static_filter.go
@ -18,6 +18,7 @@ import (
 	"net/http"
 	"os"
 	"strings"
+	"time"

 	"github.com/beego/beego/context"
 	"github.com/casdoor/casdoor/conf"
@ -31,6 +32,11 @@ var (

 func StaticFilter(ctx *context.Context) {
 	urlPath := ctx.Request.URL.Path
+
+	if urlPath == "/.well-known/acme-challenge/filename" {
+		http.ServeContent(ctx.ResponseWriter, ctx.Request, "acme-challenge", time.Now(), strings.NewReader("content"))
+	}
+
 	if strings.HasPrefix(urlPath, "/api/") || strings.HasPrefix(urlPath, "/.well-known/") {
 		return
 	}
--- a/swagger/swagger.json
+++ b/swagger/swagger.json
@ -339,6 +339,42 @@
                }
            }
        },
+        "/api/add-session": {
+            "post": {
+                "tags": [
+                    "Session API"
+                ],
+                "description": "Add session for one user in one application. If there are other existing sessions, join the session into the list.",
+                "operationId": "ApiController.AddSession",
+                "parameters": [
+                    {
+                        "in": "query",
+                        "name": "id",
+                        "description": "The id(organization/application/user) of session",
+                        "required": true,
+                        "type": "string"
+                    },
+                    {
+                        "in": "query",
+                        "name": "sessionId",
+                        "description": "sessionId to be added",
+                        "required": true,
+                        "type": "string"
+                    }
+                ],
+                "responses": {
+                    "200": {
+                        "description": "The Response object",
+                        "schema": {
+                            "type": "array",
+                            "items": {
+                                "type": "string"
+                            }
+                        }
+                    }
+                }
+            }
+        },
        "/api/add-syncer": {
            "post": {
                "tags": [
@ -600,14 +636,6 @@
                }
            }
        },
-        "/api/check-ldap-users-exist": {
-            "post": {
-                "tags": [
-                    "Account API"
-                ],
-                "operationId": "ApiController.CheckLdapUserExist"
-            }
-        },
        "/api/check-user-password": {
            "post": {
                "tags": [
@ -889,13 +917,13 @@
                "tags": [
                    "Session API"
                ],
-                "description": "Delete session by userId",
+                "description": "Delete session for one user in one application.",
                "operationId": "ApiController.DeleteSession",
                "parameters": [
                    {
                        "in": "query",
                        "name": "id",
-                        "description": "The id ( owner/name )(owner/name) of user.",
+                        "description": "The id(organization/application/user) of session",
                        "required": true,
                        "type": "string"
                    }
@ -1233,7 +1261,7 @@
            }
        },
        "/api/get-email-and-phone": {
-            "post": {
+            "get": {
                "tags": [
                    "User API"
                ],
@ -1306,15 +1334,15 @@
            }
        },
        "/api/get-ldap": {
-            "post": {
+            "get": {
                "tags": [
                    "Account API"
                ],
                "operationId": "ApiController.GetLdap"
            }
        },
-        "/api/get-ldap-user": {
-            "post": {
+        "/api/get-ldap-users": {
+            "get": {
                "tags": [
                    "Account API"
                ],
@ -1322,7 +1350,7 @@
            }
        },
        "/api/get-ldaps": {
-            "post": {
+            "get": {
                "tags": [
                    "Account API"
                ],
@ -1799,20 +1827,6 @@
                }
            }
        },
-        "/api/get-release": {
-            "get": {
-                "tags": [
-                    "System API"
-                ],
-                "description": "get local github repo's latest release version info",
-                "operationId": "ApiController.GitRepoVersion",
-                "responses": {
-                    "200": {
-                        "description": "{string} local latest version hash of casdoor"
-                    }
-                }
-            }
-        },
        "/api/get-resource": {
            "get": {
                "tags": [
@ -1884,12 +1898,41 @@
                }
            }
        },
+        "/api/get-session": {
+            "get": {
+                "tags": [
+                    "Session API"
+                ],
+                "description": "Get session for one user in one application.",
+                "operationId": "ApiController.GetSingleSession",
+                "parameters": [
+                    {
+                        "in": "query",
+                        "name": "id",
+                        "description": "The id(organization/application/user) of session",
+                        "required": true,
+                        "type": "string"
+                    }
+                ],
+                "responses": {
+                    "200": {
+                        "description": "The Response object",
+                        "schema": {
+                            "type": "array",
+                            "items": {
+                                "type": "string"
+                            }
+                        }
+                    }
+                }
+            }
+        },
        "/api/get-sessions": {
            "get": {
                "tags": [
                    "Session API"
                ],
-                "description": "Get organization user sessions",
+                "description": "Get organization user sessions.",
                "operationId": "ApiController.GetSessions",
                "parameters": [
                    {
@ -2275,6 +2318,20 @@
                }
            }
        },
+        "/api/get-version-info": {
+            "get": {
+                "tags": [
+                    "System API"
+                ],
+                "description": "get local git repo's latest release version info",
+                "operationId": "ApiController.GetVersionInfo",
+                "responses": {
+                    "200": {
+                        "description": "{string} local latest version hash of Casdoor"
+                    }
+                }
+            }
+        },
        "/api/get-webhook": {
            "get": {
                "tags": [
@ -2356,6 +2413,42 @@
                }
            }
        },
+        "/api/is-session-duplicated": {
+            "get": {
+                "tags": [
+                    "Session API"
+                ],
+                "description": "Check if there are other different sessions for one user in one application.",
+                "operationId": "ApiController.IsSessionDuplicated",
+                "parameters": [
+                    {
+                        "in": "query",
+                        "name": "id",
+                        "description": "The id(organization/application/user) of session",
+                        "required": true,
+                        "type": "string"
+                    },
+                    {
+                        "in": "query",
+                        "name": "sessionId",
+                        "description": "sessionId to be checked",
+                        "required": true,
+                        "type": "string"
+                    }
+                ],
+                "responses": {
+                    "200": {
+                        "description": "The Response object",
+                        "schema": {
+                            "type": "array",
+                            "items": {
+                                "type": "string"
+                            }
+                        }
+                    }
+                }
+            }
+        },
        "/api/login": {
            "post": {
                "tags": [
@ -3224,6 +3317,35 @@
                }
            }
        },
+        "/api/update-session": {
+            "post": {
+                "tags": [
+                    "Session API"
+                ],
+                "description": "Update session for one user in one application.",
+                "operationId": "ApiController.UpdateSession",
+                "parameters": [
+                    {
+                        "in": "query",
+                        "name": "id",
+                        "description": "The id(organization/application/user) of session",
+                        "required": true,
+                        "type": "string"
+                    }
+                ],
+                "responses": {
+                    "200": {
+                        "description": "The Response object",
+                        "schema": {
+                            "type": "array",
+                            "items": {
+                                "type": "string"
+                            }
+                        }
+                    }
+                }
+            }
+        },
        "/api/update-syncer": {
            "post": {
                "tags": [
@ -3505,11 +3627,11 @@
        }
    },
    "definitions": {
-        "2346.0xc0001ce990.false": {
+        "2268.0xc000528cf0.false": {
            "title": "false",
            "type": "object"
        },
-        "2381.0xc0001ce9c0.false": {
+        "2302.0xc000528d20.false": {
            "title": "false",
            "type": "object"
        },
@ -3566,6 +3688,9 @@
                "code": {
                    "type": "string"
                },
+                "countryCode": {
+                    "type": "string"
+                },
                "email": {
                    "type": "string"
                },
@ -3599,9 +3724,6 @@
                "phoneCode": {
                    "type": "string"
                },
-                "phonePrefix": {
-                    "type": "string"
-                },
                "provider": {
                    "type": "string"
                },
@ -3636,10 +3758,10 @@
            "type": "object",
            "properties": {
                "data": {
-                    "$ref": "#/definitions/2346.0xc0001ce990.false"
+                    "$ref": "#/definitions/2268.0xc000528cf0.false"
                },
                "data2": {
-                    "$ref": "#/definitions/2381.0xc0001ce9c0.false"
+                    "$ref": "#/definitions/2302.0xc000528d20.false"
                },
                "msg": {
                    "type": "string"
@ -4091,6 +4213,12 @@
                        "$ref": "#/definitions/object.AccountItem"
                    }
                },
+                "countryCodes": {
+                    "type": "array",
+                    "items": {
+                        "type": "string"
+                    }
+                },
                "createdTime": {
                    "type": "string"
                },
@ -4137,9 +4265,6 @@
                "passwordType": {
                    "type": "string"
                },
-                "phonePrefix": {
-                    "type": "string"
-                },
                "tags": {
                    "type": "array",
                    "items": {
@ -4906,6 +5031,9 @@
                "cloudfoundry": {
                    "type": "string"
                },
+                "countryCode": {
+                    "type": "string"
+                },
                "createdIp": {
                    "type": "string"
                },
--- a/swagger/swagger.yml
+++ b/swagger/swagger.yml
@ -218,6 +218,30 @@ paths:
          description: The Response object
          schema:
            $ref: '#/definitions/controllers.Response'
+  /api/add-session:
+    post:
+      tags:
+      - Session API
+      description: Add session for one user in one application. If there are other existing sessions, join the session into the list.
+      operationId: ApiController.AddSession
+      parameters:
+      - in: query
+        name: id
+        description: The id(organization/application/user) of session
+        required: true
+        type: string
+      - in: query
+        name: sessionId
+        description: sessionId to be added
+        required: true
+        type: string
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            type: array
+            items:
+              type: string
  /api/add-syncer:
    post:
      tags:
@ -388,11 +412,6 @@ paths:
          description: The Response object
          schema:
            $ref: '#/definitions/controllers.Response'
-  /api/check-ldap-users-exist:
-    post:
-      tags:
-      - Account API
-      operationId: ApiController.CheckLdapUserExist
  /api/check-user-password:
    post:
      tags:
@ -574,12 +593,12 @@ paths:
    post:
      tags:
      - Session API
-      description: Delete session by userId
+      description: Delete session for one user in one application.
      operationId: ApiController.DeleteSession
      parameters:
      - in: query
        name: id
-        description: The id ( owner/name )(owner/name) of user.
+        description: The id(organization/application/user) of session
        required: true
        type: string
      responses:
@ -799,7 +818,7 @@ paths:
          schema:
            $ref: '#/definitions/Response'
  /api/get-email-and-phone:
-    post:
+    get:
      tags:
      - User API
      description: get email and phone by username
@ -847,17 +866,17 @@ paths:
            items:
              $ref: '#/definitions/object.User'
  /api/get-ldap:
-    post:
+    get:
      tags:
      - Account API
      operationId: ApiController.GetLdap
-  /api/get-ldap-user:
-    post:
+  /api/get-ldap-users:
+    get:
      tags:
      - Account API
      operationId: ApiController.GetLdapser
  /api/get-ldaps:
-    post:
+    get:
      tags:
      - Account API
      operationId: ApiController.GetLdaps
@ -1169,15 +1188,6 @@ paths:
          description: The Response object
          schema:
            $ref: '#/definitions/object.Record'
-  /api/get-release:
-    get:
-      tags:
-      - System API
-      description: get local github repo's latest release version info
-      operationId: ApiController.GitRepoVersion
-      responses:
-        "200":
-          description: '{string} local latest version hash of casdoor'
  /api/get-resource:
    get:
      tags:
@ -1224,11 +1234,30 @@ paths:
            type: array
            items:
              $ref: '#/definitions/object.Role'
+  /api/get-session:
+    get:
+      tags:
+      - Session API
+      description: Get session for one user in one application.
+      operationId: ApiController.GetSingleSession
+      parameters:
+      - in: query
+        name: id
+        description: The id(organization/application/user) of session
+        required: true
+        type: string
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            type: array
+            items:
+              type: string
  /api/get-sessions:
    get:
      tags:
      - Session API
-      description: Get organization user sessions
+      description: Get organization user sessions.
      operationId: ApiController.GetSessions
      parameters:
      - in: query
@ -1482,6 +1511,15 @@ paths:
            type: array
            items:
              $ref: '#/definitions/object.User'
+  /api/get-version-info:
+    get:
+      tags:
+      - System API
+      description: get local git repo's latest release version info
+      operationId: ApiController.GetVersionInfo
+      responses:
+        "200":
+          description: '{string} local latest version hash of Casdoor'
  /api/get-webhook:
    get:
      tags:
@ -1535,6 +1573,30 @@ paths:
          description: The Response object
          schema:
            $ref: '#/definitions/controllers.Response'
+  /api/is-session-duplicated:
+    get:
+      tags:
+      - Session API
+      description: Check if there are other different sessions for one user in one application.
+      operationId: ApiController.IsSessionDuplicated
+      parameters:
+      - in: query
+        name: id
+        description: The id(organization/application/user) of session
+        required: true
+        type: string
+      - in: query
+        name: sessionId
+        description: sessionId to be checked
+        required: true
+        type: string
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            type: array
+            items:
+              type: string
  /api/login:
    post:
      tags:
@ -2110,6 +2172,25 @@ paths:
          description: The Response object
          schema:
            $ref: '#/definitions/controllers.Response'
+  /api/update-session:
+    post:
+      tags:
+      - Session API
+      description: Update session for one user in one application.
+      operationId: ApiController.UpdateSession
+      parameters:
+      - in: query
+        name: id
+        description: The id(organization/application/user) of session
+        required: true
+        type: string
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            type: array
+            items:
+              type: string
  /api/update-syncer:
    post:
      tags:
@ -2293,10 +2374,10 @@ paths:
          schema:
            $ref: '#/definitions/Response'
 definitions:
-  2346.0xc0001ce990.false:
+  2268.0xc000528cf0.false:
    title: "false"
    type: object
-  2381.0xc0001ce9c0.false:
+  2302.0xc000528d20.false:
    title: "false"
    type: object
  Response:
@ -2336,6 +2417,8 @@ definitions:
        type: string
      code:
        type: string
+      countryCode:
+        type: string
      email:
        type: string
      emailCode:
@ -2358,8 +2441,6 @@ definitions:
        type: string
      phoneCode:
        type: string
-      phonePrefix:
-        type: string
      provider:
        type: string
      redirectUri:
@ -2383,9 +2464,9 @@ definitions:
    type: object
    properties:
      data:
-        $ref: '#/definitions/2346.0xc0001ce990.false'
+        $ref: '#/definitions/2268.0xc000528cf0.false'
      data2:
-        $ref: '#/definitions/2381.0xc0001ce9c0.false'
+        $ref: '#/definitions/2302.0xc000528d20.false'
      msg:
        type: string
      name:
@ -2689,6 +2770,10 @@ definitions:
        type: array
        items:
          $ref: '#/definitions/object.AccountItem'
+      countryCodes:
+        type: array
+        items:
+          type: string
      createdTime:
        type: string
      defaultApplication:
@ -2720,8 +2805,6 @@ definitions:
        type: string
      passwordType:
        type: string
-      phonePrefix:
-        type: string
      tags:
        type: array
        items:
@ -3237,6 +3320,8 @@ definitions:
        type: string
      cloudfoundry:
        type: string
+      countryCode:
+        type: string
      createdIp:
        type: string
      createdTime:
--- a/sync/database.go
+++ b/sync/database.go
@ -0,0 +1,100 @@
+// Copyright 2023 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package sync
+
+import (
+	"fmt"
+
+	"github.com/go-mysql-org/go-mysql/canal"
+	"github.com/xorm-io/xorm"
+)
+
+type Database struct {
+	host     string
+	port     int
+	database string
+	username string
+	password string
+
+	engine     *xorm.Engine
+	serverId   uint32
+	serverUuid string
+	Gtid       string
+	canal.DummyEventHandler
+}
+
+func newDatabase(host string, port int, database string, username string, password string) *Database {
+	db := &Database{
+		host:     host,
+		port:     port,
+		database: database,
+		username: username,
+		password: password,
+	}
+
+	dataSourceName := fmt.Sprintf("%s:%s@tcp(%s:%d)/%s", username, password, host, port, database)
+	engine, err := createEngine(dataSourceName)
+	if err != nil {
+		panic(err)
+	}
+
+	db.engine = engine
+
+	db.serverId, err = getServerId(engine)
+	if err != nil {
+		panic(err)
+	}
+
+	db.serverUuid, err = getServerUuid(engine)
+	if err != nil {
+		panic(err)
+	}
+
+	return db
+}
+
+func (db *Database) getCanalConfig() *canal.Config {
+	// config canal
+	cfg := canal.NewDefaultConfig()
+	cfg.Addr = fmt.Sprintf("%s:%d", db.host, db.port)
+	cfg.Password = db.password
+	cfg.User = db.username
+	// We only care table in database1
+	cfg.Dump.TableDB = db.database
+	return cfg
+}
+
+func (db *Database) startCanal(targetDb *Database) error {
+	canalConfig := db.getCanalConfig()
+	c, err := canal.NewCanal(canalConfig)
+	if err != nil {
+		return err
+	}
+
+	gtidSet, err := c.GetMasterGTIDSet()
+	if err != nil {
+		return err
+	}
+
+	// Register a handler to handle RowsEvent
+	c.SetEventHandler(targetDb)
+
+	// Start replication
+	err = c.StartFromGTID(gtidSet)
+	if err != nil {
+		return err
+	}
+	return nil
+}
--- a/sync/database_canal.go
+++ b/sync/database_canal.go
@ -0,0 +1,163 @@
+// Copyright 2023 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package sync
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/go-mysql-org/go-mysql/canal"
+	"github.com/go-mysql-org/go-mysql/mysql"
+	"github.com/go-mysql-org/go-mysql/replication"
+	"github.com/siddontang/go-log/log"
+)
+
+func (db *Database) OnGTID(header *replication.EventHeader, gtid mysql.GTIDSet) error {
+	log.Info("OnGTID: ", gtid.String())
+	db.Gtid = gtid.String()
+	return nil
+}
+
+func (db *Database) onDDL(header *replication.EventHeader, nextPos mysql.Position, queryEvent *replication.QueryEvent) error {
+	log.Info("into DDL event")
+	return nil
+}
+
+func (db *Database) OnRow(e *canal.RowsEvent) error {
+	log.Info("serverId: ", e.Header.ServerID)
+	if strings.Contains(db.Gtid, db.serverUuid) {
+		return nil
+	}
+
+	// Set the next gtid of the target library to the gtid of the current target library to avoid loopbacks
+	db.engine.Exec(fmt.Sprintf("SET GTID_NEXT= '%s'", db.Gtid))
+	length := len(e.Table.Columns)
+	columnNames := make([]string, length)
+	oldColumnValue := make([]interface{}, length)
+	newColumnValue := make([]interface{}, length)
+	isChar := make([]bool, len(e.Table.Columns))
+
+	for i, col := range e.Table.Columns {
+		columnNames[i] = col.Name
+		if col.Type <= 2 {
+			isChar[i] = false
+		} else {
+			isChar[i] = true
+		}
+	}
+	// get pk column name
+	pkColumnNames := getPkColumnNames(columnNames, e.Table.PKColumns)
+
+	switch e.Action {
+	case canal.UpdateAction:
+		db.engine.Exec("BEGIN")
+		for i, row := range e.Rows {
+			for j, item := range row {
+				if i%2 == 0 {
+					if isChar[j] == true {
+						oldColumnValue[j] = fmt.Sprintf("%s", item)
+					} else {
+						oldColumnValue[j] = fmt.Sprintf("%d", item)
+					}
+				} else {
+					if isChar[j] == true {
+						if item == nil {
+							newColumnValue[j] = nil
+						} else {
+							newColumnValue[j] = fmt.Sprintf("%s", item)
+						}
+					} else {
+						newColumnValue[j] = fmt.Sprintf("%d", item)
+					}
+				}
+			}
+			if i%2 == 1 {
+				pkColumnValue := getPkColumnValues(oldColumnValue, e.Table.PKColumns)
+				updateSql, args, err := getUpdateSql(e.Table.Schema, e.Table.Name, columnNames, newColumnValue, pkColumnNames, pkColumnValue)
+				if err != nil {
+					return err
+				}
+
+				res, err := db.engine.DB().Exec(updateSql, args...)
+				if err != nil {
+					return err
+				}
+				log.Info(updateSql, args, res)
+			}
+		}
+		db.engine.Exec("COMMIT")
+		db.engine.Exec("SET GTID_NEXT='automatic'")
+	case canal.DeleteAction:
+		db.engine.Exec("BEGIN")
+		for _, row := range e.Rows {
+			for j, item := range row {
+				if isChar[j] == true {
+					oldColumnValue[j] = fmt.Sprintf("%s", item)
+				} else {
+					oldColumnValue[j] = fmt.Sprintf("%d", item)
+				}
+			}
+
+			pkColumnValue := getPkColumnValues(oldColumnValue, e.Table.PKColumns)
+			deleteSql, args, err := getDeleteSql(e.Table.Schema, e.Table.Name, pkColumnNames, pkColumnValue)
+			if err != nil {
+				return err
+			}
+
+			res, err := db.engine.DB().Exec(deleteSql, args...)
+			if err != nil {
+				return err
+			}
+			log.Info(deleteSql, args, res)
+		}
+		db.engine.Exec("COMMIT")
+		db.engine.Exec("SET GTID_NEXT='automatic'")
+	case canal.InsertAction:
+		db.engine.Exec("BEGIN")
+		for _, row := range e.Rows {
+			for j, item := range row {
+				if isChar[j] == true {
+					if item == nil {
+						newColumnValue[j] = nil
+					} else {
+						newColumnValue[j] = fmt.Sprintf("%s", item)
+					}
+				} else {
+					newColumnValue[j] = fmt.Sprintf("%d", item)
+				}
+			}
+
+			insertSql, args, err := getInsertSql(e.Table.Schema, e.Table.Name, columnNames, newColumnValue)
+			if err != nil {
+				return err
+			}
+
+			res, err := db.engine.DB().Exec(insertSql, args...)
+			if err != nil {
+				return err
+			}
+			log.Info(insertSql, args, res)
+		}
+		db.engine.Exec("COMMIT")
+		db.engine.Exec("SET GTID_NEXT='automatic'")
+	default:
+		log.Infof("%v", e.String())
+	}
+	return nil
+}
+
+func (db *Database) String() string {
+	return "Database"
+}
--- a/sync/sync.go
+++ b/sync/sync.go
@ -0,0 +1,32 @@
+// Copyright 2023 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package sync
+
+import "sync"
+
+func startSyncJob(db1 *Database, db2 *Database) error {
+	var wg sync.WaitGroup
+
+	// start canal1 replication
+	go db1.startCanal(db2)
+	wg.Add(1)
+
+	// start canal2 replication
+	go db2.startCanal(db1)
+	wg.Add(1)
+
+	wg.Wait()
+	return nil
+}
--- a/util/sysytem_test.go
+++ b/util/sysytem_test.go
@ -1,4 +1,4 @@
-// Copyright 2022 The Casdoor Authors. All Rights Reserved.
+// Copyright 2023 The Casdoor Authors. All Rights Reserved.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@ -12,22 +12,19 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.

-package util
+//go:build !skipCi
+// +build !skipCi
+
+package sync

 import (
 	"testing"

-	"github.com/stretchr/testify/assert"
+	_ "github.com/go-sql-driver/mysql"
 )

-func TestGetCpuUsage(t *testing.T) {
-	usage, err := GetCpuUsage()
-	assert.Nil(t, err)
-	t.Log(usage)
-}
-
-func TestGetMemoryUsage(t *testing.T) {
-	used, total, err := GetMemoryUsage()
-	assert.Nil(t, err)
-	t.Log(used, total)
+func TestStartSyncJob(t *testing.T) {
+	db1 := newDatabase("127.0.0.1", 3306, "casdoor", "root", "123456")
+	db2 := newDatabase("127.0.0.1", 3306, "casdoor2", "root", "123456")
+	startSyncJob(db1, db2)
 }
--- a/sync/util.go
+++ b/sync/util.go
@ -0,0 +1,108 @@
+// Copyright 2023 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package sync
+
+import (
+	"fmt"
+	"log"
+	"strconv"
+
+	"github.com/Masterminds/squirrel"
+	"github.com/xorm-io/xorm"
+)
+
+func getUpdateSql(schemaName string, tableName string, columnNames []string, newColumnVal []interface{}, pkColumnNames []string, pkColumnValue []interface{}) (string, []interface{}, error) {
+	updateSql := squirrel.Update(schemaName + "." + tableName)
+	for i, columnName := range columnNames {
+		updateSql = updateSql.Set(columnName, newColumnVal[i])
+	}
+
+	for i, pkColumnName := range pkColumnNames {
+		updateSql = updateSql.Where(squirrel.Eq{pkColumnName: pkColumnValue[i]})
+	}
+
+	sql, args, err := updateSql.ToSql()
+	if err != nil {
+		return "", nil, err
+	}
+
+	return sql, args, nil
+}
+
+func getInsertSql(schemaName string, tableName string, columnNames []string, columnValue []interface{}) (string, []interface{}, error) {
+	insertSql := squirrel.Insert(schemaName + "." + tableName).Columns(columnNames...).Values(columnValue...)
+
+	return insertSql.ToSql()
+}
+
+func getDeleteSql(schemaName string, tableName string, pkColumnNames []string, pkColumnValue []interface{}) (string, []interface{}, error) {
+	deleteSql := squirrel.Delete(schemaName + "." + tableName)
+
+	for i, columnName := range pkColumnNames {
+		deleteSql = deleteSql.Where(squirrel.Eq{columnName: pkColumnValue[i]})
+	}
+
+	return deleteSql.ToSql()
+}
+
+func createEngine(dataSourceName string) (*xorm.Engine, error) {
+	engine, err := xorm.NewEngine("mysql", dataSourceName)
+	if err != nil {
+		return nil, err
+	}
+
+	// ping mysql
+	err = engine.Ping()
+	if err != nil {
+		return nil, err
+	}
+
+	log.Println("mysql connection success……")
+	return engine, nil
+}
+
+func getServerId(engin *xorm.Engine) (uint32, error) {
+	res, err := engin.QueryInterface("SELECT @@server_id")
+	if err != nil {
+		return 0, err
+	}
+	serverId, _ := strconv.ParseUint(fmt.Sprintf("%s", res[0]["@@server_id"]), 10, 32)
+	return uint32(serverId), nil
+}
+
+func getServerUuid(engin *xorm.Engine) (string, error) {
+	res, err := engin.QueryString("show variables like 'server_uuid'")
+	if err != nil {
+		return "", err
+	}
+	serverUuid := fmt.Sprintf("%s", res[0]["Value"])
+	return serverUuid, err
+}
+
+func getPkColumnNames(columnNames []string, PKColumns []int) []string {
+	pkColumnNames := make([]string, len(PKColumns))
+	for i, index := range PKColumns {
+		pkColumnNames[i] = columnNames[index]
+	}
+	return pkColumnNames
+}
+
+func getPkColumnValues(columnValues []interface{}, PKColumns []int) []interface{} {
+	pkColumnNames := make([]interface{}, len(PKColumns))
+	for i, index := range PKColumns {
+		pkColumnNames[i] = columnValues[index]
+	}
+	return pkColumnNames
+}
--- a/util/slice.go
+++ b/util/slice.go
@ -14,6 +14,8 @@

 package util

+import "sort"
+
 func DeleteVal(values []string, val string) []string {
 	newValues := []string{}
 	for _, v := range values {
@ -23,3 +25,8 @@ func DeleteVal(values []string, val string) []string {
 	}
 	return newValues
 }
+
+func ContainsString(values []string, val string) bool {
+	sort.Strings(values)
+	return sort.SearchStrings(values, val) != len(values)
+}
--- a/util/string.go
+++ b/util/string.go
@ -145,7 +145,7 @@ func GetMd5Hash(text string) string {
 	return hex.EncodeToString(hash[:])
 }

-func IsStrsEmpty(strs ...string) bool {
+func IsStringsEmpty(strs ...string) bool {
 	for _, str := range strs {
 		if len(str) == 0 {
 			return true
@ -227,7 +227,7 @@ func IsChinese(str string) bool {
 }

 func GetMaskedPhone(phone string) string {
-	return getMaskedPhone(phone)
+	return rePhone.ReplaceAllString(phone, "$1****$2")
 }

 func GetMaskedEmail(email string) string {
--- a/util/string_test.go
+++ b/util/string_test.go
@ -183,7 +183,7 @@ func TestIsStrsEmpty(t *testing.T) {
 	}
 	for _, scenery := range scenarios {
 		t.Run(scenery.description, func(t *testing.T) {
-			actual := IsStrsEmpty(scenery.input...)
+			actual := IsStringsEmpty(scenery.input...)
 			assert.Equal(t, scenery.expected, actual, "The returned value not is expected")
 		})
 	}
--- a/util/system.go
+++ b/util/system.go
@ -15,26 +15,37 @@
 package util

 import (
-	"io/ioutil"
-	"os"
+	"path"
 	"runtime"
-	"strings"
 	"time"

+	"github.com/go-git/go-git/v5"
+	"github.com/go-git/go-git/v5/plumbing"
+	"github.com/go-git/go-git/v5/plumbing/object"
 	"github.com/shirou/gopsutil/cpu"
 	"github.com/shirou/gopsutil/mem"
 )

-// get cpu usage
-func GetCpuUsage() ([]float64, error) {
+type SystemInfo struct {
+	CpuUsage    []float64 `json:"cpuUsage"`
+	MemoryUsed  uint64    `json:"memoryUsed"`
+	MemoryTotal uint64    `json:"memoryTotal"`
+}
+
+type VersionInfo struct {
+	Version      string `json:"version"`
+	CommitId     string `json:"commitId"`
+	CommitOffset int    `json:"commitOffset"`
+}
+
+// getCpuUsage get cpu usage
+func getCpuUsage() ([]float64, error) {
 	usage, err := cpu.Percent(time.Second, true)
 	return usage, err
 }

-var fileDate, version string
-
-// get memory usage
-func GetMemoryUsage() (uint64, uint64, error) {
+// getMemoryUsage get memory usage
+func getMemoryUsage() (uint64, uint64, error) {
 	virtualMem, err := mem.VirtualMemory()
 	if err != nil {
 		return 0, 0, err
@ -46,33 +57,86 @@ func GetMemoryUsage() (uint64, uint64, error) {
 	return m.TotalAlloc, virtualMem.Total, nil
 }

-// get github repo release version
-func GetGitRepoVersion() (string, error) {
-	pwd, err := os.Getwd()
+func GetSystemInfo() (*SystemInfo, error) {
+	cpuUsage, err := getCpuUsage()
 	if err != nil {
-		return "", err
+		return nil, err
 	}

-	fileInfos, err := ioutil.ReadDir(pwd + "/.git/refs/heads")
-	for _, v := range fileInfos {
-		if v.Name() == "master" {
-			if v.ModTime().String() == fileDate {
-				return version, nil
-			} else {
-				fileDate = v.ModTime().String()
-				break
-			}
-		}
-	}
-
-	content, err := ioutil.ReadFile(pwd + "/.git/refs/heads/master")
+	memoryUsed, memoryTotal, err := getMemoryUsage()
 	if err != nil {
-		return "", err
+		return nil, err
 	}

-	// Convert to full length
-	temp := string(content)
-	version = strings.ReplaceAll(temp, "\n", "")
-
-	return version, nil
+	res := &SystemInfo{
+		CpuUsage:    cpuUsage,
+		MemoryUsed:  memoryUsed,
+		MemoryTotal: memoryTotal,
+	}
+	return res, nil
+}
+
+// GetVersionInfo get git current commit and repo release version
+func GetVersionInfo() (*VersionInfo, error) {
+	res := &VersionInfo{
+		Version:      "",
+		CommitId:     "",
+		CommitOffset: -1,
+	}
+
+	_, filename, _, _ := runtime.Caller(0)
+	rootPath := path.Dir(path.Dir(filename))
+	r, err := git.PlainOpen(rootPath)
+	if err != nil {
+		return res, err
+	}
+	ref, err := r.Head()
+	if err != nil {
+		return res, err
+	}
+	tags, err := r.Tags()
+	if err != nil {
+		return res, err
+	}
+	tagMap := make(map[plumbing.Hash]string)
+	err = tags.ForEach(func(t *plumbing.Reference) error {
+		// This technique should work for both lightweight and annotated tags.
+		revHash, err := r.ResolveRevision(plumbing.Revision(t.Name()))
+		if err != nil {
+			return err
+		}
+		tagMap[*revHash] = t.Name().Short()
+		return nil
+	})
+	if err != nil {
+		return res, err
+	}
+
+	cIter, err := r.Log(&git.LogOptions{From: ref.Hash()})
+
+	commitOffset := 0
+	version := ""
+	// iterates over the commits
+	err = cIter.ForEach(func(c *object.Commit) error {
+		tag, ok := tagMap[c.Hash]
+		if ok {
+			if version == "" {
+				version = tag
+			}
+		}
+		if version == "" {
+			commitOffset++
+		}
+		return nil
+	})
+	if err != nil {
+		return res, err
+	}
+
+	res = &VersionInfo{
+		Version:      version,
+		CommitId:     ref.Hash().String(),
+		CommitOffset: commitOffset,
+	}
+	return res, nil
 }
--- a/util/system_test.go
+++ b/util/system_test.go
@ -0,0 +1,92 @@
+// Copyright 2022 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//go:build !skipCi
+// +build !skipCi
+
+package util
+
+import (
+	"path"
+	"runtime"
+	"testing"
+
+	"github.com/go-git/go-git/v5"
+	"github.com/go-git/go-git/v5/plumbing"
+	"github.com/go-git/go-git/v5/plumbing/object"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestGetCpuUsage(t *testing.T) {
+	usage, err := getCpuUsage()
+	assert.Nil(t, err)
+	t.Log(usage)
+}
+
+func TestGetMemoryUsage(t *testing.T) {
+	used, total, err := getMemoryUsage()
+	assert.Nil(t, err)
+	t.Log(used, total)
+}
+
+func TestGetGitRepoVersion(t *testing.T) {
+	versionInfo, err := GetVersionInfo()
+	assert.Nil(t, err)
+	t.Log(versionInfo)
+}
+
+func TestGetVersion(t *testing.T) {
+	_, filename, _, _ := runtime.Caller(0)
+	root := path.Dir(path.Dir(filename))
+	r, err := git.PlainOpen(root)
+	if err != nil {
+		t.Log(err)
+	}
+	tags, err := r.Tags()
+	if err != nil {
+		t.Log(err)
+	}
+	tagMap := make(map[plumbing.Hash]string)
+	err = tags.ForEach(func(t *plumbing.Reference) error {
+		// This technique should work for both lightweight and annotated tags.
+		revHash, err := r.ResolveRevision(plumbing.Revision(t.Name()))
+		if err != nil {
+			return err
+		}
+		tagMap[*revHash] = t.Name().Short()
+		return nil
+	})
+
+	testHash := plumbing.NewHash("f8bc87eb4e5ba3256424cf14aafe0549f812f1cf")
+	cIter, err := r.Log(&git.LogOptions{From: testHash})
+
+	aheadCnt := 0
+	releaseVersion := ""
+	// iterates over the commits
+	err = cIter.ForEach(func(c *object.Commit) error {
+		tag, ok := tagMap[c.Hash]
+		if ok {
+			if releaseVersion == "" {
+				releaseVersion = tag
+			}
+		}
+		if releaseVersion == "" {
+			aheadCnt++
+		}
+		return nil
+	})
+
+	assert.Equal(t, 3, aheadCnt)
+	assert.Equal(t, "v1.257.0", releaseVersion)
+}
--- a/util/validation.go
+++ b/util/validation.go
@ -17,16 +17,13 @@ package util
 import (
 	"net/mail"
 	"regexp"
+
+	"github.com/nyaruka/phonenumbers"
 )

-var (
-	rePhoneCn *regexp.Regexp
-	rePhone   *regexp.Regexp
-)
+var rePhone *regexp.Regexp

 func init() {
-	// https://learnku.com/articles/31543
-	rePhoneCn, _ = regexp.Compile(`^1(3\d|4[5-9]|5[0-35-9]|6[2567]|7[0-8]|8\d|9[0-35-9])\d{8}$`)
 	rePhone, _ = regexp.Compile("(\\d{3})\\d*(\\d{4})")
 }

@ -35,10 +32,19 @@ func IsEmailValid(email string) bool {
 	return err == nil
 }

-func IsPhoneCnValid(phone string) bool {
-	return rePhoneCn.MatchString(phone)
+func IsPhoneValid(phone string, countryCode string) bool {
+	phoneNumber, err := phonenumbers.Parse(phone, countryCode)
+	if err != nil {
+		return false
+	}
+	return phonenumbers.IsValidNumber(phoneNumber)
 }

-func getMaskedPhone(phone string) string {
-	return rePhone.ReplaceAllString(phone, "$1****$2")
+func IsPhoneAllowInRegin(countryCode string, allowRegions []string) bool {
+	return ContainsString(allowRegions, countryCode)
+}
+
+func GetE164Number(phone string, countryCode string) (string, bool) {
+	phoneNumber, _ := phonenumbers.Parse(phone, countryCode)
+	return phonenumbers.Format(phoneNumber, phonenumbers.E164), phonenumbers.IsValidNumber(phoneNumber)
 }
--- a/web/cypress/e2e/login.cy.js
+++ b/web/cypress/e2e/login.cy.js
@ -15,7 +15,6 @@ describe("Login test", () => {
        "password": "123",
        "autoSignin": true,
        "type": "login",
-        "phonePrefix": "86",
      },
    }).then((Response) => {
      expect(Response).property("body").property("status").to.equal("ok");
@ -40,7 +39,6 @@ describe("Login test", () => {
        "password": "1234",
        "autoSignin": true,
        "type": "login",
-        "phonePrefix": "86",
      },
    }).then((Response) => {
      expect(Response).property("body").property("status").to.equal("error");
--- a/web/cypress/support/commands.js
+++ b/web/cypress/support/commands.js
@ -34,7 +34,6 @@ Cypress.Commands.add('login', ()=>{
          "password": "123",
          "autoSignin": true,
          "type": "login",
-          "phonePrefix": "86",
        },
      }).then((Response) => {
        expect(Response).property("body").property("status").to.equal("ok");
--- a/web/package.json
+++ b/web/package.json
@ -3,6 +3,7 @@
  "version": "0.1.0",
  "private": true,
  "dependencies": {
+    "@ant-design/cssinjs": "^1.5.6",
    "@ant-design/icons": "^4.7.0",
    "@craco/craco": "^6.4.5",
    "@crowdin/cli": "^3.7.10",
@ -21,6 +22,7 @@
    "file-saver": "^2.0.5",
    "i18n-iso-countries": "^7.0.0",
    "i18next": "^19.8.9",
+    "libphonenumber-js": "^1.10.19",
    "moment": "^2.29.1",
    "qs": "^6.10.2",
    "react": "^18.2.0",
--- a/web/src/AccountTable.js
+++ b/web/src/AccountTable.js
@ -78,6 +78,7 @@ class AccountTable extends React.Component {
            {name: "Password", displayName: i18next.t("general:Password")},
            {name: "Email", displayName: i18next.t("general:Email")},
            {name: "Phone", displayName: i18next.t("general:Phone")},
+            {name: "Country code", displayName: i18next.t("user:Country code")},
            {name: "Country/Region", displayName: i18next.t("user:Country/Region")},
            {name: "Location", displayName: i18next.t("user:Location")},
            {name: "Affiliation", displayName: i18next.t("user:Affiliation")},
--- a/web/src/AdapterListPage.js
+++ b/web/src/AdapterListPage.js
@ -14,12 +14,13 @@

 import React from "react";
 import {Link} from "react-router-dom";
-import {Button, Popconfirm, Switch, Table} from "antd";
+import {Button, Switch, Table} from "antd";
 import moment from "moment";
 import * as Setting from "./Setting";
 import * as AdapterBackend from "./backend/AdapterBackend";
 import i18next from "i18next";
 import BaseListPage from "./BaseListPage";
+import PopconfirmModal from "./PopconfirmModal";

 class AdapterListPage extends BaseListPage {
  newAdapter() {
@ -204,12 +205,11 @@ class AdapterListPage extends BaseListPage {
          return (
            <div>
              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} type="primary" onClick={() => this.props.history.push(`/adapters/${record.owner}/${record.name}`)}>{i18next.t("general:Edit")}</Button>
-              <Popconfirm
-                title={`Sure to delete adapter: ${record.name} ?`}
+              <PopconfirmModal
+                title={i18next.t("general:Sure to delete") + `: ${record.name} ?`}
                onConfirm={() => this.deleteAdapter(index)}
              >
-                <Button style={{marginBottom: "10px"}} type="primary" danger>{i18next.t("general:Delete")}</Button>
-              </Popconfirm>
+              </PopconfirmModal>
            </div>
          );
        },
@ -261,7 +261,7 @@ class AdapterListPage extends BaseListPage {
            searchedColumn: params.searchedColumn,
          });
        } else {
-          if (res.msg.includes("Unauthorized")) {
+          if (Setting.isResponseDenied(res)) {
            this.setState({
              loading: false,
              isAuthorized: false,
--- a/web/src/App.js
+++ b/web/src/App.js
@ -16,8 +16,9 @@ import React, {Component} from "react";
 import "./App.less";
 import {Helmet} from "react-helmet";
 import * as Setting from "./Setting";
-import {BarsOutlined, DownOutlined, LogoutOutlined, SettingOutlined} from "@ant-design/icons";
-import {Avatar, Button, Card, ConfigProvider, Drawer, Dropdown, FloatButton, Layout, Menu, Result} from "antd";
+import {StyleProvider, legacyLogicalPropertiesTransformer} from "@ant-design/cssinjs";
+import {BarsOutlined, DownOutlined, InfoCircleFilled, LogoutOutlined, SettingOutlined} from "@ant-design/icons";
+import {Alert, Avatar, Button, Card, ConfigProvider, Drawer, Dropdown, FloatButton, Layout, Menu, Result} from "antd";
 import {Link, Redirect, Route, Switch, withRouter} from "react-router-dom";
 import OrganizationListPage from "./OrganizationListPage";
 import OrganizationEditPage from "./OrganizationEditPage";
@ -515,8 +516,8 @@ class App extends Component {
        <Route exact path="/applications/:organizationName/:applicationName" render={(props) => this.renderLoginIfNotLoggedIn(<ApplicationEditPage account={this.state.account} {...props} />)} />
        <Route exact path="/resources" render={(props) => this.renderLoginIfNotLoggedIn(<ResourceListPage account={this.state.account} {...props} />)} />
        {/* <Route exact path="/resources/:resourceName" render={(props) => this.renderLoginIfNotLoggedIn(<ResourceEditPage account={this.state.account} {...props} />)}/>*/}
-        <Route exact path="/ldap/:ldapId" render={(props) => this.renderLoginIfNotLoggedIn(<LdapEditPage account={this.state.account} {...props} />)} />
-        <Route exact path="/ldap/sync/:ldapId" render={(props) => this.renderLoginIfNotLoggedIn(<LdapSyncPage account={this.state.account} {...props} />)} />
+        <Route exact path="/ldap/:organizationName/:ldapId" render={(props) => this.renderLoginIfNotLoggedIn(<LdapEditPage account={this.state.account} {...props} />)} />
+        <Route exact path="/ldap/sync/:organizationName/:ldapId" render={(props) => this.renderLoginIfNotLoggedIn(<LdapSyncPage account={this.state.account} {...props} />)} />
        <Route exact path="/tokens" render={(props) => this.renderLoginIfNotLoggedIn(<TokenListPage account={this.state.account} {...props} />)} />
        <Route exact path="/sessions" render={(props) => this.renderLoginIfNotLoggedIn(<SessionListPage account={this.state.account} {...props} />)} />
        <Route exact path="/tokens/:tokenName" render={(props) => this.renderLoginIfNotLoggedIn(<TokenEditPage account={this.state.account} {...props} />)} />
@ -671,6 +672,9 @@ class App extends Component {

    return (
      <React.Fragment>
+        {
+          this.renderBanner()
+        }
        <FloatButton.BackTop />
        <CustomGithubCorner />
        {
@ -680,6 +684,32 @@ class App extends Component {
    );
  }

+  renderBanner() {
+    if (!Conf.IsDemoMode) {
+      return null;
+    }
+
+    const language = Setting.getLanguage();
+    if (language === "en" || language === "zh") {
+      return null;
+    }
+
+    return (
+      <Alert type="info" banner showIcon={false} closable message={
+        <div style={{textAlign: "center"}}>
+          <InfoCircleFilled style={{color: "rgb(87,52,211)"}} />
+          &nbsp;&nbsp;
+          {i18next.t("general:Found some texts still not translated? Please help us translate at")}
+          &nbsp;
+          <a target="_blank" rel="noreferrer" href={"https://crowdin.com/project/casdoor-site"}>
+            Crowdin
+          </a>
+          &nbsp;!&nbsp;🙏
+        </div>
+      } />
+    );
+  }
+
  render() {
    return (
      <React.Fragment>
@ -700,9 +730,11 @@ class App extends Component {
          },
          algorithm: Setting.getAlgorithm(this.state.themeAlgorithm),
        }}>
+          <StyleProvider hashPriority="high" transformers={[legacyLogicalPropertiesTransformer]}>
            {
              this.renderPage()
            }
+          </StyleProvider>
        </ConfigProvider>
      </React.Fragment>
    );
--- a/web/src/ApplicationListPage.js
+++ b/web/src/ApplicationListPage.js
@ -14,13 +14,14 @@

 import React from "react";
 import {Link} from "react-router-dom";
-import {Button, Col, List, Popconfirm, Row, Table, Tooltip} from "antd";
+import {Button, Col, List, Row, Table, Tooltip} from "antd";
 import {EditOutlined} from "@ant-design/icons";
 import moment from "moment";
 import * as Setting from "./Setting";
 import * as ApplicationBackend from "./backend/ApplicationBackend";
 import i18next from "i18next";
 import BaseListPage from "./BaseListPage";
+import PopconfirmModal from "./PopconfirmModal";

 class ApplicationListPage extends BaseListPage {
  constructor(props) {
@ -232,13 +233,12 @@ class ApplicationListPage extends BaseListPage {
          return (
            <div>
              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} type="primary" onClick={() => this.props.history.push(`/applications/${record.organization}/${record.name}`)}>{i18next.t("general:Edit")}</Button>
-              <Popconfirm
-                title={`Sure to delete application: ${record.name} ?`}
+              <PopconfirmModal
+                title={i18next.t("general:Sure to delete") + `: ${record.name} ?`}
                onConfirm={() => this.deleteApplication(index)}
                disabled={record.name === "app-built-in"}
              >
-                <Button style={{marginBottom: "10px"}} disabled={record.name === "app-built-in"} type="primary" danger>{i18next.t("general:Delete")}</Button>
-              </Popconfirm>
+              </PopconfirmModal>
            </div>
          );
        },
@ -287,7 +287,7 @@ class ApplicationListPage extends BaseListPage {
            searchedColumn: params.searchedColumn,
          });
        } else {
-          if (res.msg.includes("Unauthorized")) {
+          if (Setting.isResponseDenied(res)) {
            this.setState({
              loading: false,
              isAuthorized: false,
--- a/web/src/CertListPage.js
+++ b/web/src/CertListPage.js
@ -14,12 +14,13 @@

 import React from "react";
 import {Link} from "react-router-dom";
-import {Button, Popconfirm, Table} from "antd";
+import {Button, Table} from "antd";
 import moment from "moment";
 import * as Setting from "./Setting";
 import * as CertBackend from "./backend/CertBackend";
 import i18next from "i18next";
 import BaseListPage from "./BaseListPage";
+import PopconfirmModal from "./PopconfirmModal";

 class CertListPage extends BaseListPage {
  newCert() {
@ -168,12 +169,11 @@ class CertListPage extends BaseListPage {
          return (
            <div>
              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} type="primary" onClick={() => this.props.history.push(`/certs/${record.name}`)}>{i18next.t("general:Edit")}</Button>
-              <Popconfirm
-                title={`Sure to delete cert: ${record.name} ?`}
+              <PopconfirmModal
+                title={i18next.t("general:Sure to delete") + `: ${record.name} ?`}
                onConfirm={() => this.deleteCert(index)}
              >
-                <Button style={{marginBottom: "10px"}} type="primary" danger>{i18next.t("general:Delete")}</Button>
-              </Popconfirm>
+              </PopconfirmModal>
            </div>
          );
        },
@ -228,7 +228,7 @@ class CertListPage extends BaseListPage {
            searchedColumn: params.searchedColumn,
          });
        } else {
-          if (res.msg.includes("Unauthorized")) {
+          if (Setting.isResponseDenied(res)) {
            this.setState({
              loading: false,
              isAuthorized: false,
--- a/web/src/LdapEditPage.js
+++ b/web/src/LdapEditPage.js
@ -13,7 +13,7 @@
 // limitations under the License.

 import React from "react";
-import {Button, Card, Col, Input, InputNumber, Row, Select} from "antd";
+import {Button, Card, Col, Input, InputNumber, Row, Select, Switch} from "antd";
 import {EyeInvisibleOutlined, EyeTwoTone} from "@ant-design/icons";
 import * as LddpBackend from "./backend/LdapBackend";
 import * as OrganizationBackend from "./backend/OrganizationBackend";
@ -27,6 +27,7 @@ class LdapEditPage extends React.Component {
    super(props);
    this.state = {
      ldapId: props.match.params.ldapId,
+      organizationName: props.match.params.organizationName,
      ldap: null,
      organizations: [],
    };
@ -38,7 +39,7 @@ class LdapEditPage extends React.Component {
  }

  getLdap() {
-    LddpBackend.getLdap(this.state.ldapId)
+    LddpBackend.getLdap(this.state.organizationName, this.state.ldapId)
      .then((res) => {
        if (res.status === "ok") {
          this.setState({
@ -82,7 +83,12 @@ class LdapEditPage extends React.Component {
      <Card size="small" title={
        <div>
          {i18next.t("ldap:Edit LDAP")}&nbsp;&nbsp;&nbsp;&nbsp;
-          <Button type="primary" onClick={() => this.submitLdapEdit()}>{i18next.t("general:Save")}</Button>
+          <Button onClick={() => this.submitLdapEdit()}>{i18next.t("general:Save")}</Button>
+          <Button style={{marginLeft: "20px"}} type="primary" onClick={() => this.submitLdapEdit(true)}>{i18next.t("general:Save & Exit")}</Button>
+          <Button style={{marginLeft: "20px"}}
+            onClick={() => Setting.goToLink(`/ldap/sync/${this.state.organizationName}/${this.state.ldapId}`)}>
+            {i18next.t("ldap:Sync")} LDAP
+          </Button>
        </div>
      } style={{marginLeft: "5px"}} type="inner">
        <Row style={{marginTop: "10px"}}>
@ -140,6 +146,16 @@ class LdapEditPage extends React.Component {
              }} />
          </Col>
        </Row>
+        <Row style={{marginTop: "20px"}} >
+          <Col style={{lineHeight: "32px", textAlign: "right", paddingRight: "25px"}} span={3}>
+            {Setting.getLabel(i18next.t("ldap:Enable SSL"), i18next.t("ldap:Enable SSL - Tooltip"))} :
+          </Col>
+          <Col span={21} >
+            <Switch checked={this.state.ldap.enableSsl} onChange={checked => {
+              this.updateLdapField("enableSsl", checked);
+            }} />
+          </Col>
+        </Row>
        <Row style={{marginTop: "20px"}}>
          <Col style={{lineHeight: "32px", textAlign: "right", paddingRight: "25px"}} span={3}>
            {Setting.getLabel(i18next.t("ldap:Base DN"), i18next.t("ldap:Base DN - Tooltip"))} :
@ -189,14 +205,18 @@ class LdapEditPage extends React.Component {
    );
  }

-  submitLdapEdit() {
+  submitLdapEdit(willExist) {
    LddpBackend.updateLdap(this.state.ldap)
      .then((res) => {
        if (res.status === "ok") {
          Setting.showMessage("success", "Update LDAP server success");
-          this.setState((prevState) => {
-            prevState.ldap = res.data2;
+          this.setState({
+            organizationName: this.state.ldap.owner,
          });
+
+          if (willExist) {
+            this.props.history.push(`/organizations/${this.state.organizationName}`);
+          }
        } else {
          Setting.showMessage("error", res.msg);
        }
@ -209,25 +229,13 @@ class LdapEditPage extends React.Component {
  render() {
    return (
      <div>
-        <Row style={{width: "100%"}}>
-          <Col span={1}>
-          </Col>
-          <Col span={22}>
        {
          this.state.ldap !== null ? this.renderLdap() : null
        }
-          </Col>
-          <Col span={1}>
-          </Col>
-        </Row>
-        <Row style={{margin: 10}}>
-          <Col span={2}>
-          </Col>
-          <Col span={18}>
-            <Button type="primary" size="large"
-              onClick={() => this.submitLdapEdit()}>{i18next.t("general:Save")}</Button>
-          </Col>
-        </Row>
+        <div style={{marginTop: "20px", marginLeft: "40px"}}>
+          <Button size="large" onClick={() => this.submitLdapEdit()}>{i18next.t("general:Save")}</Button>
+          <Button style={{marginLeft: "20px"}} type="primary" size="large" onClick={() => this.submitLdapEdit(true)}>{i18next.t("general:Save & Exit")}</Button>
+        </div>
      </div>
    );
  }
--- a/web/src/LdapListPage.js
+++ b/web/src/LdapListPage.js
@ -14,10 +14,11 @@

 import React from "react";
 import {Link} from "react-router-dom";
-import {Button, Col, Popconfirm, Row, Table} from "antd";
+import {Button, Col, Row, Table} from "antd";
 import * as Setting from "./Setting";
 import * as LdapBackend from "./backend/LdapBackend";
 import i18next from "i18next";
+import PopconfirmModal from "./PopconfirmModal";

 class LdapListPage extends React.Component {
  constructor(props) {
@ -139,13 +140,11 @@ class LdapListPage extends React.Component {
                onClick={() => Setting.goToLink(`/ldap/sync/${record.id}`)}>{i18next.t("ldap:Sync")}</Button>
              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}}
                onClick={() => Setting.goToLink(`/ldap/${record.id}`)}>{i18next.t("general:Edit")}</Button>
-              <Popconfirm
-                title={`Sure to delete LDAP Config: ${record.serverName} ?`}
+              <PopconfirmModal
+                title={i18next.t("general:Sure to delete") + `: ${record.serverName} ?`}
                onConfirm={() => this.deleteLdap(index)}
              >
-                <Button style={{marginBottom: "10px"}}
-                  type="primary" danger>{i18next.t("general:Delete")}</Button>
-              </Popconfirm>
+              </PopconfirmModal>
            </div>
          );
        },
--- a/web/src/LdapSyncPage.js
+++ b/web/src/LdapSyncPage.js
@ -23,6 +23,7 @@ class LdapSyncPage extends React.Component {
    super(props);
    this.state = {
      ldapId: props.match.params.ldapId,
+      organizationName: props.match.params.organizationName,
      ldap: null,
      users: [],
      existUuids: [],
@ -73,51 +74,35 @@ class LdapSyncPage extends React.Component {
  }

  getLdap() {
-    LdapBackend.getLdap(this.state.ldapId)
+    LdapBackend.getLdap(this.state.organizationName, this.state.ldapId)
      .then((res) => {
        if (res.status === "ok") {
          this.setState((prevState) => {
            prevState.ldap = res.data;
            return prevState;
          });
-          this.getLdapUser(res.data);
+          this.getLdapUser();
        } else {
          Setting.showMessage("error", res.msg);
        }
      });
  }

-  getLdapUser(ldap) {
-    LdapBackend.getLdapUser(ldap)
+  getLdapUser() {
+    LdapBackend.getLdapUser(this.state.organizationName, this.state.ldapId)
      .then((res) => {
        if (res.status === "ok") {
          this.setState((prevState) => {
            prevState.users = res.data.users;
+            prevState.existUuids = res.data2?.length > 0 ? res.data2 : [];
            return prevState;
          });
-          this.getExistUsers(ldap.owner, res.data.users);
        } else {
          Setting.showMessage("error", res.msg);
        }
      });
  }

-  getExistUsers(owner, users) {
-    const uuidArray = [];
-    users.forEach(elem => {
-      uuidArray.push(elem.uuid);
-    });
-    LdapBackend.checkLdapUsersExist(owner, uuidArray)
-      .then((res) => {
-        if (res.status === "ok") {
-          this.setState(prevState => {
-            prevState.existUuids = res.data?.length > 0 ? res.data : [];
-            return prevState;
-          });
-        }
-      });
-  }
-
  buildValArray(data, key) {
    const valTypesArray = [];

@ -219,9 +204,14 @@ class LdapSyncPage extends React.Component {
                title={"Please confirm to sync selected users"}
                onConfirm={() => this.syncUsers()}
              >
-                <Button type="primary" size="small"
-                  style={{marginLeft: "10px"}}>{i18next.t("ldap:Sync")}</Button>
+                <Button type="primary" style={{marginLeft: "10px"}}>
+                  {i18next.t("ldap:Sync")}
+                </Button>
              </Popconfirm>
+              <Button style={{marginLeft: "20px"}}
+                onClick={() => Setting.goToLink(`/ldap/${this.state.organizationName}/${this.state.ldapId}`)}>
+                {i18next.t("general:Edit")} LDAP
+              </Button>
            </div>
          )}
          loading={users === null}
@ -233,17 +223,20 @@ class LdapSyncPage extends React.Component {
  render() {
    return (
      <div>
-        <Row style={{width: "100%"}}>
-          <Col span={1}>
-          </Col>
+        <Row style={{width: "100%", justifyContent: "center"}}>
          <Col span={22}>
            {
              this.renderTable(this.state.users)
            }
          </Col>
-          <Col span={1}>
-          </Col>
        </Row>
+        <div style={{marginTop: "20px", marginLeft: "40px"}}>
+          <Button style={{marginLeft: "20px"}} type="primary" size="large" onClick={() => {
+            this.props.history.push(`/organizations/${this.state.organizationName}`);
+          }}>
+            {i18next.t("general:Save & Exit")}
+          </Button>
+        </div>
      </div>
    );
  }
--- a/web/src/LdapTable.js
+++ b/web/src/LdapTable.js
@ -13,11 +13,12 @@
 // limitations under the License.

 import React from "react";
-import {Button, Col, Popconfirm, Row, Table} from "antd";
+import {Button, Col, Row, Table} from "antd";
 import * as Setting from "./Setting";
 import i18next from "i18next";
 import * as LdapBackend from "./backend/LdapBackend";
 import {Link} from "react-router-dom";
+import PopconfirmModal from "./PopconfirmModal";

 class LdapTable extends React.Component {
  constructor(props) {
@ -57,14 +58,14 @@ class LdapTable extends React.Component {
    LdapBackend.addLdap(newLdap)
      .then((res) => {
        if (res.status === "ok") {
-          Setting.showMessage("success", "Add LDAP server success");
+          Setting.showMessage("success", i18next.t("general:Successfully added"));
          if (table === undefined) {
            table = [];
          }
          table = Setting.addRow(table, res.data2);
          this.updateTable(table);
        } else {
-          Setting.showMessage("error", res.msg);
+          Setting.showMessage("error", `${i18next.t("general:Failed to add")}: ${res.msg}`);
        }
      }
      )
@ -77,14 +78,13 @@ class LdapTable extends React.Component {
    LdapBackend.deleteLdap(table[i])
      .then((res) => {
        if (res.status === "ok") {
-          Setting.showMessage("success", "Delete LDAP server success");
+          Setting.showMessage("success", i18next.t("general:Successfully deleted"));
          table = Setting.deleteRow(table, i);
          this.updateTable(table);
        } else {
-          Setting.showMessage("error", `${i18next.t("general:Failed to save")}: ${res.msg}`);
+          Setting.showMessage("error", `${i18next.t("general:Failed to delete")}: ${res.msg}`);
        }
-      }
-      )
+      })
      .catch(error => {
        Setting.showMessage("error", `Delete LDAP server failed: ${error}`);
      });
@ -152,18 +152,19 @@ class LdapTable extends React.Component {
        render: (text, record, index) => {
          return (
            <div>
+              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} type="primary"
+                onClick={() => Setting.goToLink(`/ldap/sync/${record.owner}/${record.id}`)}>
+                {i18next.t("ldap:Sync")}
+              </Button>
              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}}
-                type="primary"
-                onClick={() => Setting.goToLink(`/ldap/sync/${record.id}`)}>{i18next.t("ldap:Sync")}</Button>
-              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}}
-                onClick={() => Setting.goToLink(`/ldap/${record.id}`)}>{i18next.t("general:Edit")}</Button>
-              <Popconfirm
-                title={`Sure to delete LDAP Config: ${record.serverName} ?`}
+                onClick={() => Setting.goToLink(`/ldap/${record.owner}/${record.id}`)}>
+                {i18next.t("general:Edit")}
+              </Button>
+              <PopconfirmModal
+                title={i18next.t("general:Sure to delete") + `: ${record.serverName} ?`}
                onConfirm={() => this.deleteRow(table, index)}
              >
-                <Button style={{marginBottom: "10px"}}
-                  type="primary" danger>{i18next.t("general:Delete")}</Button>
-              </Popconfirm>
+              </PopconfirmModal>
            </div>
          );
        },
--- a/web/src/ModelListPage.js
+++ b/web/src/ModelListPage.js
@ -14,12 +14,13 @@

 import React from "react";
 import {Link} from "react-router-dom";
-import {Button, Popconfirm, Switch, Table} from "antd";
+import {Button, Switch, Table} from "antd";
 import moment from "moment";
 import * as Setting from "./Setting";
 import * as ModelBackend from "./backend/ModelBackend";
 import i18next from "i18next";
 import BaseListPage from "./BaseListPage";
+import PopconfirmModal from "./PopconfirmModal";

 class ModelListPage extends BaseListPage {
  newModel() {
@ -142,12 +143,11 @@ class ModelListPage extends BaseListPage {
            <div>
              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} type="primary"
                onClick={() => this.props.history.push(`/models/${record.owner}/${record.name}`)}>{i18next.t("general:Edit")}</Button>
-              <Popconfirm
-                title={`Sure to delete model: ${record.name} ?`}
+              <PopconfirmModal
+                title={i18next.t("general:Sure to delete") + `: ${record.name} ?`}
                onConfirm={() => this.deleteModel(index)}
              >
-                <Button style={{marginBottom: "10px"}} type="primary" danger>{i18next.t("general:Delete")}</Button>
-              </Popconfirm>
+              </PopconfirmModal>
            </div>
          );
        },
@ -201,7 +201,7 @@ class ModelListPage extends BaseListPage {
            searchedColumn: params.searchedColumn,
          });
        } else {
-          if (res.msg.includes("Unauthorized")) {
+          if (Setting.isResponseDenied(res)) {
            this.setState({
              loading: false,
              isAuthorized: false,
--- a/web/src/OrganizationEditPage.js
+++ b/web/src/OrganizationEditPage.js
@ -184,12 +184,19 @@ class OrganizationEditPage extends React.Component {
        </Row>
        <Row style={{marginTop: "20px"}} >
          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
-            {Setting.getLabel(i18next.t("general:Phone prefix"), i18next.t("general:Phone prefix - Tooltip"))} :
+            {Setting.getLabel(i18next.t("general:Supported country codes"), i18next.t("general:Supported country codes - Tooltip"))} :
          </Col>
          <Col span={22} >
-            <Input addonBefore={"+"} value={this.state.organization.phonePrefix} onChange={e => {
-              this.updateOrganizationField("phonePrefix", e.target.value);
-            }} />
+            <Select virtual={false} mode={"multiple"} style={{width: "100%"}} value={this.state.organization.countryCodes ?? []}
+              onChange={value => {
+                this.updateOrganizationField("countryCodes", value);
+              }}
+              filterOption={(input, option) => (option?.text ?? "").toLowerCase().includes(input.toLowerCase())}
+            >
+              {
+                Setting.getCountryCodeData().map((country) => Setting.getCountryCodeOption(country))
+              }
+            </Select>
          </Col>
        </Row>
        <Row style={{marginTop: "20px"}} >
@ -257,22 +264,13 @@ class OrganizationEditPage extends React.Component {
          </Col>
          <Col span={22} >
            <Select virtual={false} mode="tags" style={{width: "100%"}}
-              value={this.state.organization.languages}
+              options={Setting.Countries.map((item) => {
+                return Setting.getOption(item.label, item.key);
+              })}
+              value={this.state.organization.languages ?? []}
              onChange={(value => {
                this.updateOrganizationField("languages", value);
              })} >
-              {
-                [
-                  {value: "en", label: "English"},
-                  {value: "zh", label: "简体中文"},
-                  {value: "es", label: "Español"},
-                  {value: "fr", label: "Français"},
-                  {value: "de", label: "Deutsch"},
-                  {value: "ja", label: "日本語"},
-                  {value: "ko", label: "한국어"},
-                  {value: "ru", label: "Русский"},
-                ].map((item, index) => <Option key={index} value={item.value}>{item.label}</Option>)
-              }
            </Select>
          </Col>
        </Row>
--- a/web/src/OrganizationListPage.js
+++ b/web/src/OrganizationListPage.js
@ -14,12 +14,13 @@

 import React from "react";
 import {Link} from "react-router-dom";
-import {Button, Popconfirm, Switch, Table} from "antd";
+import {Button, Switch, Table} from "antd";
 import moment from "moment";
 import * as Setting from "./Setting";
 import * as OrganizationBackend from "./backend/OrganizationBackend";
 import i18next from "i18next";
 import BaseListPage from "./BaseListPage";
+import PopconfirmModal from "./PopconfirmModal";

 class OrganizationListPage extends BaseListPage {
  newOrganization() {
@ -33,11 +34,11 @@ class OrganizationListPage extends BaseListPage {
      favicon: `${Setting.StaticBaseUrl}/img/favicon.png`,
      passwordType: "plain",
      PasswordSalt: "",
-      phonePrefix: "86",
+      countryCodes: ["CN"],
      defaultAvatar: `${Setting.StaticBaseUrl}/img/casbin.svg`,
      defaultApplication: "",
      tags: [],
-      languages: ["en", "zh", "es", "fr", "de", "ja", "ko", "ru"],
+      languages: Setting.Countries.map(item => item.key),
      masterPassword: "",
      enableSoftDeletion: false,
      isProfilePublic: true,
@ -226,13 +227,12 @@ class OrganizationListPage extends BaseListPage {
            <div>
              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} type="primary" onClick={() => this.props.history.push(`/organizations/${record.name}/users`)}>{i18next.t("general:Users")}</Button>
              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} onClick={() => this.props.history.push(`/organizations/${record.name}`)}>{i18next.t("general:Edit")}</Button>
-              <Popconfirm
-                title={`Sure to delete organization: ${record.name} ?`}
+              <PopconfirmModal
+                title={i18next.t("general:Sure to delete") + `: ${record.name} ?`}
                onConfirm={() => this.deleteOrganization(index)}
                disabled={record.name === "built-in"}
              >
-                <Button style={{marginBottom: "10px"}} disabled={record.name === "built-in"} type="primary" danger>{i18next.t("general:Delete")}</Button>
-              </Popconfirm>
+              </PopconfirmModal>
            </div>
          );
        },
@ -284,7 +284,7 @@ class OrganizationListPage extends BaseListPage {
            searchedColumn: params.searchedColumn,
          });
        } else {
-          if (res.msg.includes("Unauthorized")) {
+          if (Setting.isResponseDenied(res)) {
            this.setState({
              loading: false,
              isAuthorized: false,
--- a/web/src/PaymentListPage.js
+++ b/web/src/PaymentListPage.js
@ -14,13 +14,14 @@

 import React from "react";
 import {Link} from "react-router-dom";
-import {Button, Popconfirm, Table} from "antd";
+import {Button, Table} from "antd";
 import moment from "moment";
 import * as Setting from "./Setting";
 import * as PaymentBackend from "./backend/PaymentBackend";
 import i18next from "i18next";
 import BaseListPage from "./BaseListPage";
 import * as Provider from "./auth/Provider";
+import PopconfirmModal from "./PopconfirmModal";

 class PaymentListPage extends BaseListPage {
  newPayment() {
@ -222,12 +223,11 @@ class PaymentListPage extends BaseListPage {
            <div>
              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} onClick={() => this.props.history.push(`/payments/${record.name}/result`)}>{i18next.t("payment:Result")}</Button>
              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} type="primary" onClick={() => this.props.history.push(`/payments/${record.name}`)}>{i18next.t("general:Edit")}</Button>
-              <Popconfirm
-                title={`Sure to delete payment: ${record.name} ?`}
+              <PopconfirmModal
+                title={i18next.t("general:Sure to delete") + `: ${record.name} ?`}
                onConfirm={() => this.deletePayment(index)}
              >
-                <Button style={{marginBottom: "10px"}} type="primary" danger>{i18next.t("general:Delete")}</Button>
-              </Popconfirm>
+              </PopconfirmModal>
            </div>
          );
        },
@ -279,7 +279,7 @@ class PaymentListPage extends BaseListPage {
            searchedColumn: params.searchedColumn,
          });
        } else {
-          if (res.msg.includes("Unauthorized")) {
+          if (Setting.isResponseDenied(res)) {
            this.setState({
              loading: false,
              isAuthorized: false,
--- a/web/src/PermissionListPage.js
+++ b/web/src/PermissionListPage.js
@ -14,12 +14,13 @@

 import React from "react";
 import {Link} from "react-router-dom";
-import {Button, Popconfirm, Switch, Table} from "antd";
+import {Button, Switch, Table} from "antd";
 import moment from "moment";
 import * as Setting from "./Setting";
 import * as PermissionBackend from "./backend/PermissionBackend";
 import i18next from "i18next";
 import BaseListPage from "./BaseListPage";
+import PopconfirmModal from "./PopconfirmModal";

 class PermissionListPage extends BaseListPage {
  newPermission() {
@ -300,12 +301,11 @@ class PermissionListPage extends BaseListPage {
          return (
            <div>
              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} type="primary" onClick={() => this.props.history.push(`/permissions/${record.owner}/${record.name}`)}>{i18next.t("general:Edit")}</Button>
-              <Popconfirm
-                title={`Sure to delete permission: ${record.name} ?`}
+              <PopconfirmModal
+                title={i18next.t("general:Sure to delete") + `: ${record.name} ?`}
                onConfirm={() => this.deletePermission(index)}
              >
-                <Button style={{marginBottom: "10px"}} type="primary" danger>{i18next.t("general:Delete")}</Button>
-              </Popconfirm>
+              </PopconfirmModal>
            </div>
          );
        },
@ -359,7 +359,7 @@ class PermissionListPage extends BaseListPage {
            searchedColumn: params.searchedColumn,
          });
        } else {
-          if (res.msg.includes("Unauthorized")) {
+          if (Setting.isResponseDenied(res)) {
            this.setState({
              loading: false,
              isAuthorized: false,
--- a/web/src/PopconfirmModal.js
+++ b/web/src/PopconfirmModal.js
@ -0,0 +1,33 @@
+// Copyright 2021 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import {Button, Popconfirm} from "antd";
+import i18next from "i18next";
+import React from "react";
+
+export const PopconfirmModal = (props) => {
+  return (
+    <Popconfirm
+      title={props.title}
+      onConfirm={props.onConfirm}
+      disabled={props.disabled}
+      okText={i18next.t("user:OK")}
+      cancelText={i18next.t("general:Cancel")}
+    >
+      <Button style={{marginBottom: "10px"}} disabled={props.disabled} type="primary" danger>{i18next.t("general:Delete")}</Button>
+    </Popconfirm>
+  );
+};
+
+export default PopconfirmModal;
--- a/web/src/ProductListPage.js
+++ b/web/src/ProductListPage.js
@ -14,13 +14,14 @@

 import React from "react";
 import {Link} from "react-router-dom";
-import {Button, Col, List, Popconfirm, Row, Table, Tooltip} from "antd";
+import {Button, Col, List, Row, Table, Tooltip} from "antd";
 import moment from "moment";
 import * as Setting from "./Setting";
 import * as ProductBackend from "./backend/ProductBackend";
 import i18next from "i18next";
 import BaseListPage from "./BaseListPage";
 import {EditOutlined} from "@ant-design/icons";
+import PopconfirmModal from "./PopconfirmModal";

 class ProductListPage extends BaseListPage {
  newProduct() {
@ -239,12 +240,11 @@ class ProductListPage extends BaseListPage {
            <div>
              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} onClick={() => this.props.history.push(`/products/${record.name}/buy`)}>{i18next.t("product:Buy")}</Button>
              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} type="primary" onClick={() => this.props.history.push(`/products/${record.name}`)}>{i18next.t("general:Edit")}</Button>
-              <Popconfirm
-                title={`Sure to delete product: ${record.name} ?`}
+              <PopconfirmModal
+                title={i18next.t("general:Sure to delete") + `: ${record.name} ?`}
                onConfirm={() => this.deleteProduct(index)}
              >
-                <Button style={{marginBottom: "10px"}} type="primary" danger>{i18next.t("general:Delete")}</Button>
-              </Popconfirm>
+              </PopconfirmModal>
            </div>
          );
        },
@ -296,7 +296,7 @@ class ProductListPage extends BaseListPage {
            searchedColumn: params.searchedColumn,
          });
        } else {
-          if (res.msg.includes("Unauthorized")) {
+          if (Setting.isResponseDenied(res)) {
            this.setState({
              loading: false,
              isAuthorized: false,
--- a/web/src/ProviderEditPage.js
+++ b/web/src/ProviderEditPage.js
@ -20,9 +20,11 @@ import * as Setting from "./Setting";
 import i18next from "i18next";
 import {authConfig} from "./auth/Auth";
 import * as ProviderEditTestEmail from "./TestEmailWidget";
+import * as ProviderEditTestSms from "./TestSmsWidget";
 import copy from "copy-to-clipboard";
 import {CaptchaPreview} from "./common/CaptchaPreview";
 import * as OrganizationBackend from "./backend/OrganizationBackend";
+import {CountryCodeSelect} from "./common/CountryCodeSelect";

 const {Option} = Select;
 const {TextArea} = Input;
@ -82,20 +84,20 @@ class ProviderEditPage extends React.Component {
    });
  }

-  getClientIdLabel() {
-    switch (this.state.provider.category) {
+  getClientIdLabel(provider) {
+    switch (provider.category) {
    case "Email":
      return Setting.getLabel(i18next.t("signup:Username"), i18next.t("signup:Username - Tooltip"));
    case "SMS":
-      if (this.state.provider.type === "Volc Engine SMS") {
+      if (provider.type === "Volc Engine SMS") {
        return Setting.getLabel(i18next.t("provider:Access key"), i18next.t("provider:Access key - Tooltip"));
-      } else if (this.state.provider.type === "Huawei Cloud SMS") {
+      } else if (provider.type === "Huawei Cloud SMS") {
        return Setting.getLabel(i18next.t("provider:App key"), i18next.t("provider:App key - Tooltip"));
      } else {
        return Setting.getLabel(i18next.t("provider:Client ID"), i18next.t("provider:Client ID - Tooltip"));
      }
    case "Captcha":
-      if (this.state.provider.type === "Aliyun Captcha") {
+      if (provider.type === "Aliyun Captcha") {
        return Setting.getLabel(i18next.t("provider:Access key"), i18next.t("provider:Access key - Tooltip"));
      } else {
        return Setting.getLabel(i18next.t("provider:Site key"), i18next.t("provider:Site key - Tooltip"));
@ -105,20 +107,20 @@ class ProviderEditPage extends React.Component {
    }
  }

-  getClientSecretLabel() {
-    switch (this.state.provider.category) {
+  getClientSecretLabel(provider) {
+    switch (provider.category) {
    case "Email":
      return Setting.getLabel(i18next.t("login:Password"), i18next.t("login:Password - Tooltip"));
    case "SMS":
-      if (this.state.provider.type === "Volc Engine SMS") {
+      if (provider.type === "Volc Engine SMS") {
        return Setting.getLabel(i18next.t("provider:Secret access key"), i18next.t("provider:SecretAccessKey - Tooltip"));
-      } else if (this.state.provider.type === "Huawei Cloud SMS") {
+      } else if (provider.type === "Huawei Cloud SMS") {
        return Setting.getLabel(i18next.t("provider:App secret"), i18next.t("provider:AppSecret - Tooltip"));
      } else {
        return Setting.getLabel(i18next.t("provider:Client secret"), i18next.t("provider:Client secret - Tooltip"));
      }
    case "Captcha":
-      if (this.state.provider.type === "Aliyun Captcha") {
+      if (provider.type === "Aliyun Captcha") {
        return Setting.getLabel(i18next.t("provider:Secret access key"), i18next.t("provider:SecretAccessKey - Tooltip"));
      } else {
        return Setting.getLabel(i18next.t("provider:Secret key"), i18next.t("provider:Secret key - Tooltip"));
@ -128,40 +130,52 @@ class ProviderEditPage extends React.Component {
    }
  }

-  getAppIdRow() {
-    let text, tooltip;
-    if (this.state.provider.category === "SMS" && this.state.provider.type === "Tencent Cloud SMS") {
+  getAppIdRow(provider) {
+    let text = "";
+    let tooltip = "";
+
+    if (provider.category === "OAuth") {
+      if (provider.type === "WeCom" && provider.subType === "Internal") {
+        text = i18next.t("provider:Agent ID");
+        tooltip = i18next.t("provider:Agent ID - Tooltip");
+      } else if (provider.type === "Infoflow") {
+        text = i18next.t("provider:Agent ID");
+        tooltip = i18next.t("provider:Agent ID - Tooltip");
+      }
+    } else if (provider.category === "SMS") {
+      if (provider.type === "Tencent Cloud SMS") {
        text = i18next.t("provider:App ID");
        tooltip = i18next.t("provider:App ID - Tooltip");
-    } else if (this.state.provider.type === "WeCom" && this.state.provider.subType === "Internal") {
-      text = i18next.t("provider:Agent ID");
-      tooltip = i18next.t("provider:Agent ID - Tooltip");
-    } else if (this.state.provider.type === "Infoflow") {
-      text = i18next.t("provider:Agent ID");
-      tooltip = i18next.t("provider:Agent ID - Tooltip");
-    } else if (this.state.provider.category === "SMS" && this.state.provider.type === "Volc Engine SMS") {
+      } else if (provider.type === "Volc Engine SMS") {
        text = i18next.t("provider:SMS account");
        tooltip = i18next.t("provider:SMS account - Tooltip");
-    } else if (this.state.provider.category === "SMS" && this.state.provider.type === "Huawei Cloud SMS") {
+      } else if (provider.type === "Huawei Cloud SMS") {
        text = i18next.t("provider:Channel No.");
        tooltip = i18next.t("provider:Channel No. - Tooltip");
-    } else if (this.state.provider.category === "Email" && this.state.provider.type === "SUBMAIL") {
+      }
+    } else if (provider.category === "Email") {
+      if (provider.type === "SUBMAIL") {
        text = i18next.t("provider:App ID");
        tooltip = i18next.t("provider:App ID - Tooltip");
-    } else {
-      return null;
+      }
    }

-    return <Row style={{marginTop: "20px"}} >
+    if (text === "" && tooltip === "") {
+      return null;
+    } else {
+      return (
+        <Row style={{marginTop: "20px"}} >
          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
            {Setting.getLabel(text, tooltip)} :
          </Col>
          <Col span={22} >
-        <Input value={this.state.provider.appId} onChange={e => {
+            <Input value={provider.appId} onChange={e => {
              this.updateProviderField("appId", e.target.value);
            }} />
          </Col>
-    </Row>;
+        </Row>
+      );
+    }
  }

  loadSamlConfiguration() {
@ -404,7 +418,7 @@ class ProviderEditPage extends React.Component {
            <React.Fragment>
              <Row style={{marginTop: "20px"}} >
                <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
-                  {this.getClientIdLabel()}
+                  {this.getClientIdLabel(this.state.provider)}
                </Col>
                <Col span={22} >
                  <Input value={this.state.provider.clientId} onChange={e => {
@ -414,7 +428,7 @@ class ProviderEditPage extends React.Component {
              </Row>
              <Row style={{marginTop: "20px"}} >
                <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
-                  {this.getClientSecretLabel()}
+                  {this.getClientSecretLabel(this.state.provider)}
                </Col>
                <Col span={22} >
                  <Input value={this.state.provider.clientSecret} onChange={e => {
@ -584,7 +598,7 @@ class ProviderEditPage extends React.Component {
              </Row>
              <Row style={{marginTop: "20px"}} >
                <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
-                  {Setting.getLabel(i18next.t("provider:Email Title"), i18next.t("provider:Email Title - Tooltip"))} :
+                  {Setting.getLabel(i18next.t("provider:Email title"), i18next.t("provider:Email title - Tooltip"))} :
                </Col>
                <Col span={22} >
                  <Input value={this.state.provider.title} onChange={e => {
@ -594,7 +608,7 @@ class ProviderEditPage extends React.Component {
              </Row>
              <Row style={{marginTop: "20px"}} >
                <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
-                  {Setting.getLabel(i18next.t("provider:Email Content"), i18next.t("provider:Email Content - Tooltip"))} :
+                  {Setting.getLabel(i18next.t("provider:Email content"), i18next.t("provider:Email content - Tooltip"))} :
                </Col>
                <Col span={22} >
                  <TextArea autoSize={{minRows: 3, maxRows: 100}} value={this.state.provider.content} onChange={e => {
@ -617,7 +631,7 @@ class ProviderEditPage extends React.Component {
                <Button style={{marginLeft: "10px", marginBottom: "5px"}} type="primary"
                  disabled={!Setting.isValidEmail(this.state.provider.receiver)}
                  onClick={() => ProviderEditTestEmail.sendTestEmail(this.state.provider, this.state.provider.receiver)} >
-                  {i18next.t("provider:Send Test Email")}
+                  {i18next.t("provider:Send Testing Email")}
                </Button>
              </Row>
            </React.Fragment>
@ -647,6 +661,36 @@ class ProviderEditPage extends React.Component {
                  }} />
                </Col>
              </Row>
+              <Row style={{marginTop: "20px"}} >
+                <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+                  {Setting.getLabel(i18next.t("provider:SMS Test"), i18next.t("provider:SMS Test - Tooltip"))} :
+                </Col>
+                <Col span={4} >
+                  <Input.Group compact>
+                    <CountryCodeSelect
+                      style={{width: "30%"}}
+                      value={this.state.provider.content}
+                      onChange={(value) => {
+                        this.updateProviderField("content", value);
+                      }}
+                      countryCodes={this.props.account.organization.countryCodes}
+                    />
+                    <Input value={this.state.provider.receiver}
+                      style={{width: "70%"}}
+                      placeholder = {i18next.t("user:Input your phone number")}
+                      onChange={e => {
+                        this.updateProviderField("receiver", e.target.value);
+                      }} />
+                  </Input.Group>
+                </Col>
+                <Col span={2} >
+                  <Button style={{marginLeft: "10px", marginBottom: "5px"}} type="primary"
+                    disabled={!Setting.isValidPhone(this.state.provider.receiver)}
+                    onClick={() => ProviderEditTestSms.sendTestSms(this.state.provider, "+" + Setting.getCountryCode(this.state.provider.content) + this.state.provider.receiver)} >
+                    {i18next.t("provider:Send Testing SMS")}
+                  </Button>
+                </Col>
+              </Row>
            </React.Fragment>
          ) : this.state.provider.category === "SAML" ? (
            <React.Fragment>
@ -750,7 +794,7 @@ class ProviderEditPage extends React.Component {
            </React.Fragment>
          ) : null
        }
-        {this.getAppIdRow()}
+        {this.getAppIdRow(this.state.provider)}
        <Row style={{marginTop: "20px"}} >
          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
            {Setting.getLabel(i18next.t("provider:Provider URL"), i18next.t("provider:Provider URL - Tooltip"))} :
@ -769,17 +813,17 @@ class ProviderEditPage extends React.Component {
              </Col>
              <Col span={22} >
                <CaptchaPreview
+                  owner={this.state.provider.owner}
+                  name={this.state.provider.name}
                  provider={this.state.provider}
                  providerName={this.state.providerName}
-                  clientSecret={this.state.provider.clientSecret}
                  captchaType={this.state.provider.type}
                  subType={this.state.provider.subType}
-                  owner={this.state.provider.owner}
                  clientId={this.state.provider.clientId}
-                  name={this.state.provider.name}
-                  providerUrl={this.state.provider.providerUrl}
+                  clientSecret={this.state.provider.clientSecret}
                  clientId2={this.state.provider.clientId2}
                  clientSecret2={this.state.provider.clientSecret2}
+                  providerUrl={this.state.provider.providerUrl}
                />
              </Col>
            </Row>
--- a/web/src/ProviderListPage.js
+++ b/web/src/ProviderListPage.js
@ -14,13 +14,14 @@

 import React from "react";
 import {Link} from "react-router-dom";
-import {Button, Popconfirm, Table} from "antd";
+import {Button, Table} from "antd";
 import moment from "moment";
 import * as Setting from "./Setting";
 import * as ProviderBackend from "./backend/ProviderBackend";
 import * as Provider from "./auth/Provider";
 import i18next from "i18next";
 import BaseListPage from "./BaseListPage";
+import PopconfirmModal from "./PopconfirmModal";

 class ProviderListPage extends BaseListPage {
  constructor(props) {
@ -206,12 +207,11 @@ class ProviderListPage extends BaseListPage {
          return (
            <div>
              <Button disabled={!Setting.isAdminUser(this.props.account) && (record.owner !== this.props.account.owner)} style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} type="primary" onClick={() => this.props.history.push(`/providers/${record.owner}/${record.name}`)}>{i18next.t("general:Edit")}</Button>
-              <Popconfirm
-                title={`Sure to delete provider: ${record.name} ?`}
+              <PopconfirmModal
+                title={i18next.t("general:Sure to delete") + `: ${record.name} ?`}
                onConfirm={() => this.deleteProvider(index)}
              >
-                <Button disabled={!Setting.isAdminUser(this.props.account) && (record.owner !== this.props.account.owner)} style={{marginBottom: "10px"}} type="primary" danger>{i18next.t("general:Delete")}</Button>
-              </Popconfirm>
+              </PopconfirmModal>
            </div>
          );
        },
@ -267,7 +267,7 @@ class ProviderListPage extends BaseListPage {
            searchedColumn: params.searchedColumn,
          });
        } else {
-          if (res.msg.includes("Unauthorized")) {
+          if (Setting.isResponseDenied(res)) {
            this.setState({
              loading: false,
              isAuthorized: false,
--- a/web/src/ResetModal.js
+++ b/web/src/ResetModal.js
@ -25,7 +25,7 @@ export const ResetModal = (props) => {
  const [confirmLoading, setConfirmLoading] = React.useState(false);
  const [dest, setDest] = React.useState("");
  const [code, setCode] = React.useState("");
-  const {buttonText, destType, application} = props;
+  const {buttonText, destType, application, countryCode} = props;

  const showModal = () => {
    setVisible(true);
@ -87,7 +87,7 @@ export const ResetModal = (props) => {
          <Row style={{width: "100%", marginBottom: "20px"}}>
            <Input
              addonBefore={destType === "email" ? i18next.t("user:New Email") : i18next.t("user:New phone")}
-              prefix={destType === "email" ? <MailOutlined /> : <PhoneOutlined />}
+              prefix={destType === "email" ? <React.Fragment><MailOutlined />&nbsp;&nbsp;</React.Fragment> : (<React.Fragment><PhoneOutlined />&nbsp;&nbsp;{countryCode !== "" ? "+" : null}{Setting.getCountryCode(countryCode)}&nbsp;</React.Fragment>)}
              placeholder={placeholder}
              onChange={e => setDest(e.target.value)}
            />
--- a/web/src/ResourceListPage.js
+++ b/web/src/ResourceListPage.js
@ -13,7 +13,7 @@
 // limitations under the License.

 import React from "react";
-import {Button, Popconfirm, Table, Upload} from "antd";
+import {Button, Table, Upload} from "antd";
 import {UploadOutlined} from "@ant-design/icons";
 import copy from "copy-to-clipboard";
 import * as Setting from "./Setting";
@ -21,6 +21,7 @@ import * as ResourceBackend from "./backend/ResourceBackend";
 import i18next from "i18next";
 import {Link} from "react-router-dom";
 import BaseListPage from "./BaseListPage";
+import PopconfirmModal from "./PopconfirmModal";

 class ResourceListPage extends BaseListPage {
  constructor(props) {
@ -244,15 +245,13 @@ class ResourceListPage extends BaseListPage {
        render: (text, record, index) => {
          return (
            <div>
-              {/* <Button style={{marginTop: '10px', marginBottom: '10px', marginRight: '10px'}} type="primary" onClick={() => this.props.history.push(`/resources/${record.name}`)}>{i18next.t("general:Edit")}</Button>*/}
-              <Popconfirm
-                title={`Sure to delete resource: ${record.name} ?`}
+              <PopconfirmModal
+                title={i18next.t("general:Sure to delete") + `: ${record.name} ?`}
                onConfirm={() => this.deleteResource(index)}
                okText={i18next.t("user:OK")}
                cancelText={i18next.t("user:Cancel")}
              >
-                <Button type="primary" danger>{i18next.t("general:Delete")}</Button>
-              </Popconfirm>
+              </PopconfirmModal>
            </div>
          );
        },
--- a/web/src/RoleListPage.js
+++ b/web/src/RoleListPage.js
@ -14,12 +14,13 @@

 import React from "react";
 import {Link} from "react-router-dom";
-import {Button, Popconfirm, Switch, Table} from "antd";
+import {Button, Switch, Table} from "antd";
 import moment from "moment";
 import * as Setting from "./Setting";
 import * as RoleBackend from "./backend/RoleBackend";
 import i18next from "i18next";
 import BaseListPage from "./BaseListPage";
+import PopconfirmModal from "./PopconfirmModal";

 class RoleListPage extends BaseListPage {
  newRole() {
@ -82,7 +83,7 @@ class RoleListPage extends BaseListPage {
        ...this.getColumnSearchProps("name"),
        render: (text, record, index) => {
          return (
-            <Link to={`/roles/${text}`}>
+            <Link to={`/roles/${record.owner}/${record.name}`}>
              {text}
            </Link>
          );
@ -175,12 +176,11 @@ class RoleListPage extends BaseListPage {
          return (
            <div>
              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} type="primary" onClick={() => this.props.history.push(`/roles/${record.owner}/${record.name}`)}>{i18next.t("general:Edit")}</Button>
-              <Popconfirm
-                title={`Sure to delete role: ${record.name} ?`}
+              <PopconfirmModal
+                title={i18next.t("general:Sure to delete") + `: ${record.name} ?`}
                onConfirm={() => this.deleteRole(index)}
              >
-                <Button style={{marginBottom: "10px"}} type="primary" danger>{i18next.t("general:Delete")}</Button>
-              </Popconfirm>
+              </PopconfirmModal>
            </div>
          );
        },
@ -232,7 +232,7 @@ class RoleListPage extends BaseListPage {
            searchedColumn: params.searchedColumn,
          });
        } else {
-          if (res.msg.includes("Unauthorized")) {
+          if (Setting.isResponseDenied(res)) {
            this.setState({
              loading: false,
              isAuthorized: false,
--- a/web/src/SelectLanguageBox.js
+++ b/web/src/SelectLanguageBox.js
@ -18,16 +18,6 @@ import {Dropdown} from "antd";
 import "./App.less";
 import {GlobalOutlined} from "@ant-design/icons";

-export const Countries = [{label: "English", key: "en", country: "US", alt: "English"},
-  {label: "简体中文", key: "zh", country: "CN", alt: "简体中文"},
-  {label: "Español", key: "es", country: "ES", alt: "Español"},
-  {label: "Français", key: "fr", country: "FR", alt: "Français"},
-  {label: "Deutsch", key: "de", country: "DE", alt: "Deutsch"},
-  {label: "日本語", key: "ja", country: "JP", alt: "日本語"},
-  {label: "한국어", key: "ko", country: "KR", alt: "한국어"},
-  {label: "Русский", key: "ru", country: "RU", alt: "Русский"},
-];
-
 function flagIcon(country, alt) {
  return (
    <img width={24} alt={alt} src={`${Setting.StaticBaseUrl}/flag-icons/${country}.svg`} />
@ -39,15 +29,15 @@ class SelectLanguageBox extends React.Component {
    super(props);
    this.state = {
      classes: props,
-      languages: props.languages ?? ["en", "zh", "es", "fr", "de", "ja", "ko", "ru"],
+      languages: props.languages ?? Setting.Countries.map(item => item.key),
    };

-    Countries.forEach((country) => {
+    Setting.Countries.forEach((country) => {
      new Image().src = `${Setting.StaticBaseUrl}/flag-icons/${country.country}.svg`;
    });
  }

-  items = Countries.map((country) => Setting.getItem(country.label, country.key, flagIcon(country.country, country.alt)));
+  items = Setting.Countries.map((country) => Setting.getItem(country.label, country.key, flagIcon(country.country, country.alt)));

  getOrganizationLanguages(languages) {
    const select = [];
--- a/web/src/SelectRegionBox.js
+++ b/web/src/SelectRegionBox.js
@ -41,17 +41,15 @@ class SelectRegionBox extends React.Component {
        defaultValue={this.props.defaultValue || undefined}
        placeholder="Please select country/region"
        onChange={(value => {this.onChange(value);})}
-        filterOption={(input, option) =>
-          (option?.label ?? "").toLowerCase().includes(input.toLowerCase())
-        }
+        filterOption={(input, option) => (option?.label ?? "").toLowerCase().includes(input.toLowerCase())}
        filterSort={(optionA, optionB) =>
          (optionA?.label ?? "").toLowerCase().localeCompare((optionB?.label ?? "").toLowerCase())
        }
      >
        {
-          Setting.getCountryNames().map((item) => (
+          Setting.getCountryCodeData().map((item) => (
            <Option key={item.code} value={item.code} label={`${item.name} (${item.code})`} >
-              <img src={`${Setting.StaticBaseUrl}/flag-icons/${item.code}.svg`} alt={item.name} height={20} style={{marginRight: 10}} />
+              {Setting.getCountryImage(item)}
              {`${item.name} (${item.code})`}
            </Option>
          ))
--- a/web/src/SessionListPage.js
+++ b/web/src/SessionListPage.js
@ -16,9 +16,10 @@ import BaseListPage from "./BaseListPage";
 import * as Setting from "./Setting";
 import i18next from "i18next";
 import {Link} from "react-router-dom";
-import {Button, Popconfirm, Table, Tag} from "antd";
+import {Table, Tag} from "antd";
 import React from "react";
 import * as SessionBackend from "./backend/SessionBackend";
+import PopconfirmModal from "./PopconfirmModal";

 class SessionListPage extends BaseListPage {

@ -97,12 +98,11 @@ class SessionListPage extends BaseListPage {
        render: (text, record, index) => {
          return (
            <div>
-              <Popconfirm
-                title={`Sure to delete session: ${record.name} ?`}
+              <PopconfirmModal
+                title={i18next.t("general:Sure to delete") + `: ${record.name} ?`}
                onConfirm={() => this.deleteSession(index)}
              >
-                <Button style={{marginBottom: "10px"}} type="primary" danger>{i18next.t("general:Delete")}</Button>
-              </Popconfirm>
+              </PopconfirmModal>
            </div>
          );
        },
@ -148,7 +148,7 @@ class SessionListPage extends BaseListPage {
            searchedColumn: params.searchedColumn,
          });
        } else {
-          if (res.msg.includes("Unauthorized")) {
+          if (Setting.isResponseDenied(res)) {
            this.setState({
              loading: false,
              isAuthorized: false,
--- a/web/src/Setting.js
+++ b/web/src/Setting.js
@ -14,7 +14,7 @@

 import React from "react";
 import {Link} from "react-router-dom";
-import {Checkbox, Form, Modal, Tag, Tooltip, message, theme} from "antd";
+import {Checkbox, Form, Modal, Select, Tag, Tooltip, message, theme} from "antd";
 import {QuestionCircleTwoTone} from "@ant-design/icons";
 import {isMobile as isMobileDevice} from "react-device-detect";
 import "./i18n";
@ -23,13 +23,27 @@ import copy from "copy-to-clipboard";
 import {authConfig} from "./auth/Auth";
 import {Helmet} from "react-helmet";
 import * as Conf from "./Conf";
+import * as phoneNumber from "libphonenumber-js";
 import * as path from "path-browserify";

+const {Option} = Select;
+
 export const ServerUrl = "";

 // export const StaticBaseUrl = "https://cdn.jsdelivr.net/gh/casbin/static";
 export const StaticBaseUrl = "https://cdn.casbin.org";

+export const Countries = [{label: "English", key: "en", country: "US", alt: "English"},
+  {label: "中文", key: "zh", country: "CN", alt: "中文"},
+  {label: "Español", key: "es", country: "ES", alt: "Español"},
+  {label: "Français", key: "fr", country: "FR", alt: "Français"},
+  {label: "Deutsch", key: "de", country: "DE", alt: "Deutsch"},
+  {label: "日本語", key: "ja", country: "JP", alt: "日本語"},
+  {label: "한국어", key: "ko", country: "KR", alt: "한국어"},
+  {label: "Русский", key: "ru", country: "RU", alt: "Русский"},
+  {label: "TiếngViệt", key: "vi", country: "VI", alt: "TiếngViệt"},
+];
+
 export function getThemeData(organization, application) {
  if (application?.themeData?.isEnabled) {
    return application.themeData;
@ -80,13 +94,17 @@ export const OtherProviderInfo = {
      url: "https://www.huaweicloud.com/product/msgsms.html",
    },
    "Twilio SMS": {
-      logo: `${StaticBaseUrl}/img/social_twilio.png`,
+      logo: `${StaticBaseUrl}/img/social_twilio.svg`,
      url: "https://www.twilio.com/messaging",
    },
    "SmsBao SMS": {
      logo: `${StaticBaseUrl}/img/social_smsbao.png`,
      url: "https://www.smsbao.com/",
    },
+    "SUBMAIL SMS": {
+      logo: `${StaticBaseUrl}/img/social_submail.svg`,
+      url: "https://www.mysubmail.com",
+    },
    "Mock SMS": {
      logo: `${StaticBaseUrl}/img/social_default.png`,
      url: "",
@ -188,18 +206,49 @@ export const OtherProviderInfo = {
  },
 };

-export function getCountriesData() {
+export function initCountries() {
  const countries = require("i18n-iso-countries");
  countries.registerLocale(require("i18n-iso-countries/langs/" + getLanguage() + ".json"));
  return countries;
 }

-export function getCountryNames() {
-  const data = getCountriesData().getNames(getLanguage(), {select: "official"});
+export function getCountryCode(country) {
+  if (phoneNumber.isSupportedCountry(country)) {
+    return phoneNumber.getCountryCallingCode(country);
+  }
+  return "";
+}

-  return Object.entries(data).map(items => {
-    return {code: items[0], name: items[1]};
-  });
+export function getCountryCodeData(countryCodes = phoneNumber.getCountries()) {
+  return countryCodes?.map((countryCode) => {
+    if (phoneNumber.isSupportedCountry(countryCode)) {
+      const name = initCountries().getName(countryCode, getLanguage());
+      return {
+        code: countryCode,
+        name: name || "",
+        phone: phoneNumber.getCountryCallingCode(countryCode),
+      };
+    }
+  }).filter(item => item.name !== "")
+    .sort((a, b) => a.phone - b.phone);
+}
+
+export function getCountryCodeOption(country) {
+  return (
+    <Option key={country.code} value={country.code} label={`+${country.phone}`} text={`${country.name}, ${country.code}, ${country.phone}`} >
+      <div style={{display: "flex", justifyContent: "space-between", marginRight: "10px"}}>
+        <div>
+          {getCountryImage(country)}
+          {`${country.name}`}
+        </div>
+        {`+${country.phone}`}
+      </div>
+    </Option>
+  );
+}
+
+export function getCountryImage(country) {
+  return <img src={`${StaticBaseUrl}/flag-icons/${country.code}.svg`} alt={country.name} height={20} style={{marginRight: 10}} />;
 }

 export function initServerUrl() {
@ -238,6 +287,13 @@ export function isProviderVisible(providerItem) {
  return true;
 }

+export function isResponseDenied(data) {
+  if (data.msg === "Unauthorized operation" || data.msg === "未授权的操作") {
+    return true;
+  }
+  return false;
+}
+
 export function isProviderVisibleForSignUp(providerItem) {
  if (providerItem.canSignUp === false) {
    return false;
@ -299,16 +355,16 @@ export function isValidEmail(email) {
  return emailRegex.test(email);
 }

-export function isValidPhone(phone) {
-  return phone !== "";
+export function isValidPhone(phone, countryCode = "") {
+  if (countryCode !== "" && countryCode !== "CN") {
+    return phoneNumber.isValidPhoneNumber(phone, countryCode);
+  }

-  // if (phone === "") {
-  //   return false;
-  // }
-  //
-  // // https://learnku.com/articles/31543, `^s*$` filter empty email individually.
-  // const phoneRegex = /^\s*$|^1(3\d|4[5-9]|5[0-35-9]|6[2567]|7[0-8]|8\d|9[0-35-9])\d{8}$/;
-  // return phoneRegex.test(phone);
+  // https://learnku.com/articles/31543, `^s*$` filter empty email individually.
+  const phoneCnRegex = /^1(3\d|4[5-9]|5[0-35-9]|6[2567]|7[0-8]|8\d|9[0-35-9])\d{8}$/;
+  const phoneRegex = /[0-9]{4,15}$/;
+
+  return countryCode === "CN" ? phoneCnRegex.test(phone) : phoneRegex.test(phone);
 }

 export function isValidInvoiceTitle(invoiceTitle) {
@ -835,6 +891,7 @@ export function getProviderTypeOptions(category) {
        {id: "Huawei Cloud SMS", name: "Huawei Cloud SMS"},
        {id: "Twilio SMS", name: "Twilio SMS"},
        {id: "SmsBao SMS", name: "SmsBao SMS"},
+        {id: "SUBMAIL SMS", name: "SUBMAIL SMS"},
      ]
    );
  } else if (category === "Storage") {
--- a/web/src/SyncerListPage.js
+++ b/web/src/SyncerListPage.js
@ -14,12 +14,13 @@

 import React from "react";
 import {Link} from "react-router-dom";
-import {Button, Popconfirm, Switch, Table} from "antd";
+import {Button, Switch, Table} from "antd";
 import moment from "moment";
 import * as Setting from "./Setting";
 import * as SyncerBackend from "./backend/SyncerBackend";
 import i18next from "i18next";
 import BaseListPage from "./BaseListPage";
+import PopconfirmModal from "./PopconfirmModal";

 class SyncerListPage extends BaseListPage {
  newSyncer() {
@ -232,12 +233,11 @@ class SyncerListPage extends BaseListPage {
            <div>
              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} type="primary" onClick={() => this.runSyncer(index)}>{i18next.t("general:Sync")}</Button>
              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} onClick={() => this.props.history.push(`/syncers/${record.name}`)}>{i18next.t("general:Edit")}</Button>
-              <Popconfirm
-                title={`Sure to delete syncer: ${record.name} ?`}
+              <PopconfirmModal
+                title={i18next.t("general:Sure to delete") + `: ${record.name} ?`}
                onConfirm={() => this.deleteSyncer(index)}
              >
-                <Button style={{marginBottom: "10px"}} type="primary" danger>{i18next.t("general:Delete")}</Button>
-              </Popconfirm>
+              </PopconfirmModal>
            </div>
          );
        },
@ -289,7 +289,7 @@ class SyncerListPage extends BaseListPage {
            searchedColumn: params.searchedColumn,
          });
        } else {
-          if (res.msg.includes("Unauthorized")) {
+          if (Setting.isResponseDenied(res)) {
            this.setState({
              loading: false,
              isAuthorized: false,
--- a/web/src/SystemInfo.js
+++ b/web/src/SystemInfo.js
@ -23,31 +23,24 @@ class SystemInfo extends React.Component {
  constructor(props) {
    super(props);
    this.state = {
-      cpuUsage: [],
-      memUsed: 0,
-      memTotal: 0,
-      latestVersion: undefined,
+      systemInfo: {cpuUsage: [], memoryUsed: 0, memoryTotal: 0},
+      versionInfo: {},
      intervalId: null,
-      href: "",
      loading: true,
    };
  }

  UNSAFE_componentWillMount() {
-    SystemBackend.getSystemInfo(this.props.account?.owner, this.props.account?.name).then(res => {
+    SystemBackend.getSystemInfo().then(res => {
      this.setState({
-        cpuUsage: res.cpu_usage,
-        memUsed: res.memory_used,
-        memTotal: res.memory_total,
+        systemInfo: res.data,
        loading: false,
      });

      const id = setInterval(() => {
-        SystemBackend.getSystemInfo(this.props.account?.owner, this.props.account?.name).then(res => {
+        SystemBackend.getSystemInfo().then(res => {
          this.setState({
-            cpuUsage: res.cpu_usage,
-            memUsed: res.memory_used,
-            memTotal: res.memory_total,
+            systemInfo: res.data,
          });
        }).catch(error => {
          Setting.showMessage("error", `System info failed to get: ${error}`);
@ -58,12 +51,12 @@ class SystemInfo extends React.Component {
      Setting.showMessage("error", `System info failed to get: ${error}`);
    });

-    SystemBackend.getGitHubLatestReleaseVersion().then(res => {
-      const href = res && res.length >= 8 ? `https://github.com/casdoor/casdoor/commit/${res}` : "";
-      const versionText = res && res.length >= 8 ? res.substring(0, 8) : i18next.t("system:Unknown Version");
-      this.setState({latestVersion: versionText, href: href});
+    SystemBackend.getVersionInfo().then(res => {
+      this.setState({
+        versionInfo: res.data,
+      });
    }).catch(err => {
-      Setting.showMessage("error", `get latest commit version failed: ${err}`);
+      Setting.showMessage("error", `Version info failed to get: ${err}`);
    });
  }

@ -74,21 +67,25 @@ class SystemInfo extends React.Component {
  }

  render() {
-    const CPUInfo = this.state.cpuUsage?.length > 0 ?
-      this.state.cpuUsage.map((usage, i) => {
+    const cpuUi = this.state.systemInfo.cpuUsage?.length <= 0 ? i18next.t("system:Get CPU Usage Failed") :
+      this.state.systemInfo.cpuUsage.map((usage, i) => {
        return (
          <Progress key={i} percent={Number(usage.toFixed(1))} />
        );
-      }) : i18next.t("system:Get CPU Usage Failed");
+      });

-    const MemInfo = (
-      this.state.memUsed && this.state.memTotal && this.state.memTotal !== 0 ?
+    const memUi = this.state.systemInfo.memoryUsed && this.state.systemInfo.memoryTotal && this.state.systemInfo.memoryTotal <= 0 ? i18next.t("system:Get Memory Usage Failed") :
      <div>
-          {Setting.getFriendlyFileSize(this.state.memUsed)} / {Setting.getFriendlyFileSize(this.state.memTotal)}
+        {Setting.getFriendlyFileSize(this.state.systemInfo.memoryUsed)} / {Setting.getFriendlyFileSize(this.state.systemInfo.memoryTotal)}
        <br /> <br />
-          <Progress type="circle" percent={Number((Number(this.state.memUsed) / Number(this.state.memTotal) * 100).toFixed(2))} />
-        </div> : i18next.t("system:Get Memory Usage Failed")
-    );
+        <Progress type="circle" percent={Number((Number(this.state.systemInfo.memoryUsed) / Number(this.state.systemInfo.memoryTotal) * 100).toFixed(2))} />
+      </div>;
+
+    const link = this.state.versionInfo?.version !== "" ? `https://github.com/casdoor/casdoor/releases/tag/${this.state.versionInfo?.version}` : "";
+    let versionText = this.state.versionInfo?.version !== "" ? this.state.versionInfo?.version : i18next.t("system:Unknown Version");
+    if (this.state.versionInfo?.commitOffset > 0) {
+      versionText += ` (ahead+${this.state.versionInfo?.commitOffset})`;
+    }

    if (!Setting.isMobile()) {
      return (
@ -98,25 +95,25 @@ class SystemInfo extends React.Component {
            <Row gutter={[10, 10]}>
              <Col span={12}>
                <Card title={i18next.t("system:CPU Usage")} bordered={true} style={{textAlign: "center", height: "100%"}}>
-                  {this.state.loading ? <Spin size="large" /> : CPUInfo}
+                  {this.state.loading ? <Spin size="large" /> : cpuUi}
                </Card>
              </Col>
              <Col span={12}>
                <Card title={i18next.t("system:Memory Usage")} bordered={true} style={{textAlign: "center", height: "100%"}}>
-                  {this.state.loading ? <Spin size="large" /> : MemInfo}
+                  {this.state.loading ? <Spin size="large" /> : memUi}
                </Card>
              </Col>
            </Row>
            <Divider />
            <Card title={i18next.t("system:About Casdoor")} bordered={true} style={{textAlign: "center"}}>
              <div>{i18next.t("system:An Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML and CAS")}</div>
-              GitHub: <a href="https://github.com/casdoor/casdoor">casdoor</a>
+              GitHub: <a target="_blank" rel="noreferrer" href="https://github.com/casdoor/casdoor">Casdoor</a>
              <br />
-              {i18next.t("system:Version")}: <a href={this.state.href}>{this.state.latestVersion}</a>
+              {i18next.t("system:Version")}: <a target="_blank" rel="noreferrer" href={link}>{versionText}</a>
              <br />
-              {i18next.t("system:Official Website")}: <a href="https://casdoor.org/">casdoor.org</a>
+              {i18next.t("system:Official Website")}: <a target="_blank" rel="noreferrer" href="https://casdoor.org">https://casdoor.org</a>
              <br />
-              {i18next.t("system:Community")}: <a href="https://casdoor.org/#:~:text=Casdoor%20API-,Community,-GitHub">contact us</a>
+              {i18next.t("system:Community")}: <a target="_blank" rel="noreferrer" href="https://casdoor.org/#:~:text=Casdoor%20API-,Community,-GitHub">Get in Touch!</a>
            </Card>
          </Col>
          <Col span={6}></Col>
@ -127,24 +124,24 @@ class SystemInfo extends React.Component {
        <Row gutter={[16, 0]}>
          <Col span={24}>
            <Card title={i18next.t("system:CPU Usage")} bordered={true} style={{textAlign: "center", width: "100%"}}>
-              {this.state.loading ? <Spin size="large" /> : CPUInfo}
+              {this.state.loading ? <Spin size="large" /> : cpuUi}
            </Card>
          </Col>
          <Col span={24}>
            <Card title={i18next.t("system:Memory Usage")} bordered={true} style={{textAlign: "center", width: "100%"}}>
-              {this.state.loading ? <Spin size="large" /> : MemInfo}
+              {this.state.loading ? <Spin size="large" /> : memUi}
            </Card>
          </Col>
          <Col span={24}>
            <Card title={i18next.t("system:About Casdoor")} bordered={true} style={{textAlign: "center"}}>
              <div>{i18next.t("system:An Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML and CAS")}</div>
-              GitHub: <a href="https://github.com/casdoor/casdoor">casdoor</a>
+              GitHub: <a target="_blank" rel="noreferrer" href="https://github.com/casdoor/casdoor">Casdoor</a>
              <br />
-              {i18next.t("system:Version")}: <a href={this.state.href}>{this.state.latestVersion}</a>
+              {i18next.t("system:Version")}: <a target="_blank" rel="noreferrer" href={link}>{versionText}</a>
              <br />
-              {i18next.t("system:Official Website")}: <a href="https://casdoor.org/">casdoor.org</a>
+              {i18next.t("system:Official Website")}: <a target="_blank" rel="noreferrer" href="https://casdoor.org">https://casdoor.org</a>
              <br />
-              {i18next.t("system:Community")}: <a href="https://casdoor.org/#:~:text=Casdoor%20API-,Community,-GitHub">contact us</a>
+              {i18next.t("system:Community")}: <a target="_blank" rel="noreferrer" href="https://casdoor.org/#:~:text=Casdoor%20API-,Community,-GitHub">Get in Touch!</a>
            </Card>
          </Col>
        </Row>
--- a/web/src/TestEmailWidget.js
+++ b/web/src/TestEmailWidget.js
@ -19,7 +19,7 @@ export function sendTestEmail(provider, email) {
  testEmailProvider(provider, email)
    .then((res) => {
      if (res.status === "ok") {
-        Setting.showMessage("success", "Successfully send email");
+        Setting.showMessage("success", `${i18next.t("provider:Email sent successfully")}`);
      } else {
        Setting.showMessage("error", res.msg);
      }
@ -33,7 +33,7 @@ export function connectSmtpServer(provider) {
  testEmailProvider(provider)
    .then((res) => {
      if (res.status === "ok") {
-        Setting.showMessage("success", "Successfully connecting smtp server");
+        Setting.showMessage("success", "provider:SMTP connected successfully");
      } else {
        Setting.showMessage("error", res.msg);
      }
--- a/web/src/TestSmsWidget.js
+++ b/web/src/TestSmsWidget.js
@ -0,0 +1,43 @@
+// Copyright 2023 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import * as Setting from "./Setting";
+import i18next from "i18next";
+
+export function sendTestSms(provider, phone) {
+  testSmsProvider(provider, phone)
+    .then((res) => {
+      if (res.status === "ok") {
+        Setting.showMessage("success", `${i18next.t("provider:SMS sent successfully")}`);
+      } else {
+        Setting.showMessage("error", res.msg);
+      }
+    })
+    .catch(error => {
+      Setting.showMessage("error", `${i18next.t("general:Failed to connect to server")}: ${error}`);
+    });
+}
+
+function testSmsProvider(provider, phone = "") {
+  const SmsForm = {
+    content: "123456",
+    receivers: [phone],
+  };
+
+  return fetch(`${Setting.ServerUrl}/api/send-sms?provider=` + provider.name, {
+    method: "POST",
+    credentials: "include",
+    body: JSON.stringify(SmsForm),
+  }).then(res => res.json());
+}
--- a/web/src/TokenListPage.js
+++ b/web/src/TokenListPage.js
@ -14,12 +14,13 @@

 import React from "react";
 import {Link} from "react-router-dom";
-import {Button, Popconfirm, Table} from "antd";
+import {Button, Table} from "antd";
 import moment from "moment";
 import * as Setting from "./Setting";
 import * as TokenBackend from "./backend/TokenBackend";
 import i18next from "i18next";
 import BaseListPage from "./BaseListPage";
+import PopconfirmModal from "./PopconfirmModal";

 class TokenListPage extends BaseListPage {
  newToken() {
@ -201,12 +202,11 @@ class TokenListPage extends BaseListPage {
          return (
            <div>
              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} type="primary" onClick={() => this.props.history.push(`/tokens/${record.name}`)}>{i18next.t("general:Edit")}</Button>
-              <Popconfirm
-                title={`Sure to delete token: ${record.name} ?`}
+              <PopconfirmModal
+                title={i18next.t("general:Sure to delete") + `: ${record.name} ?`}
                onConfirm={() => this.deleteToken(index)}
              >
-                <Button style={{marginBottom: "10px"}} type="primary" danger>{i18next.t("general:Delete")}</Button>
-              </Popconfirm>
+              </PopconfirmModal>
            </div>
          );
        },
@ -254,7 +254,7 @@ class TokenListPage extends BaseListPage {
            searchedColumn: params.searchedColumn,
          });
        } else {
-          if (res.msg.includes("Unauthorized")) {
+          if (Setting.isResponseDenied(res)) {
            this.setState({
              loading: false,
              isAuthorized: false,
--- a/web/src/UserEditPage.js
+++ b/web/src/UserEditPage.js
@ -29,6 +29,7 @@ import SelectRegionBox from "./SelectRegionBox";
 import WebAuthnCredentialTable from "./WebauthnCredentialTable";
 import ManagedAccountTable from "./ManagedAccountTable";
 import PropertyTable from "./propertyTable";
+import {CountryCodeSelect} from "./common/CountryCodeSelect";

 const {Option} = Select;

@ -137,6 +138,10 @@ class UserEditPage extends React.Component {
    return this.isSelf() || Setting.isAdminUser(this.props.account);
  }

+  getCountryCode() {
+    return this.props.account.countryCode;
+  }
+
  renderAccountItem(accountItem) {
    if (!accountItem.visible) {
      return null;
@ -284,21 +289,16 @@ class UserEditPage extends React.Component {
            {Setting.getLabel(i18next.t("general:Email"), i18next.t("general:Email - Tooltip"))} :
          </Col>
          <Col style={{paddingRight: "20px"}} span={11} >
-            {Setting.isLocalAdminUser(this.props.account) ?
-              (<Input value={this.state.user.email}
-                disabled={disabled}
+            <Input
+              value={this.state.user.email}
+              style={{width: "280Px"}}
+              disabled={!Setting.isLocalAdminUser(this.props.account) ? true : disabled}
              onChange={e => {
                this.updateUserField("email", e.target.value);
-                }} />) :
-              (<Select virtual={false} value={this.state.user.email}
-                options={[Setting.getItem(this.state.user.email, this.state.user.email)]}
-                disabled={disabled}
-                onChange={e => {
-                  this.updateUserField("email", e.target.value);
-                }} />)
-            }
+              }}
+            />
          </Col>
-          <Col span={11} >
+          <Col span={Setting.isMobile() ? 22 : 11} >
            {/* backend auto get the current user, so admin can not edit. Just self can reset*/}
            {this.isSelf() ? <ResetModal application={this.state.application} disabled={disabled} buttonText={i18next.t("user:Reset Email...")} destType={"email"} /> : null}
          </Col>
@ -307,25 +307,30 @@ class UserEditPage extends React.Component {
    } else if (accountItem.name === "Phone") {
      return (
        <Row style={{marginTop: "20px"}} >
-          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+          <Col style={{marginTop: "5px"}} span={Setting.isMobile() ? 22 : 2}>
            {Setting.getLabel(i18next.t("general:Phone"), i18next.t("general:Phone - Tooltip"))} :
          </Col>
          <Col style={{paddingRight: "20px"}} span={11} >
-            {Setting.isLocalAdminUser(this.props.account) ?
-              <Input value={this.state.user.phone} addonBefore={`+${this.state.application?.organizationObj.phonePrefix}`}
-                disabled={disabled}
+            <Input.Group compact style={{width: "280Px"}}>
+              <CountryCodeSelect
+                style={{width: "30%"}}
+                // disabled={!Setting.isLocalAdminUser(this.props.account) ? true : disabled}
+                value={this.state.user.countryCode}
+                onChange={(value) => {
+                  this.updateUserField("countryCode", value);
+                }}
+                countryCodes={this.state.application?.organizationObj.countryCodes}
+              />
+              <Input value={this.state.user.phone}
+                style={{width: "70%"}}
+                disabled={!Setting.isLocalAdminUser(this.props.account) ? true : disabled}
                onChange={e => {
                  this.updateUserField("phone", e.target.value);
-                }} /> :
-              (<Select virtual={false} value={`+${this.state.application?.organizationObj.phonePrefix} ${this.state.user.phone}`}
-                options={[Setting.getItem(`+${this.state.application?.organizationObj.phonePrefix} ${this.state.user.phone}`, this.state.user.phone)]}
-                disabled={disabled}
-                onChange={e => {
-                  this.updateUserField("phone", e.target.value);
-                }} />)}
+                }} />
+            </Input.Group>
          </Col>
-          <Col span={11} >
-            {this.isSelf() ? (<ResetModal application={this.state.application} disabled={disabled} buttonText={i18next.t("user:Reset Phone...")} destType={"phone"} />) : null}
+          <Col span={Setting.isMobile() ? 24 : 11} >
+            {this.isSelf() ? (<ResetModal application={this.state.application} countryCode={this.getCountryCode()} disabled={disabled} buttonText={i18next.t("user:Reset Phone...")} destType={"phone"} />) : null}
          </Col>
        </Row>
      );
--- a/web/src/UserListPage.js
+++ b/web/src/UserListPage.js
@ -14,7 +14,7 @@

 import React from "react";
 import {Link} from "react-router-dom";
-import {Button, Popconfirm, Switch, Table, Upload} from "antd";
+import {Button, Switch, Table, Upload} from "antd";
 import {UploadOutlined} from "@ant-design/icons";
 import moment from "moment";
 import * as OrganizationBackend from "./backend/OrganizationBackend";
@ -22,6 +22,7 @@ import * as Setting from "./Setting";
 import * as UserBackend from "./backend/UserBackend";
 import i18next from "i18next";
 import BaseListPage from "./BaseListPage";
+import PopconfirmModal from "./PopconfirmModal";

 class UserListPage extends BaseListPage {
  constructor(props) {
@ -49,6 +50,7 @@ class UserListPage extends BaseListPage {
      avatar: `${Setting.StaticBaseUrl}/img/casbin.svg`,
      email: `${randomName}@example.com`,
      phone: Setting.getRandomNumber(),
+      countryCode: this.state.organization.countryCodes?.length > 0 ? this.state.organization.countryCodes[0] : "",
      address: [],
      affiliation: "Example Inc.",
      tag: "staff",
@ -261,7 +263,7 @@ class UserListPage extends BaseListPage {
        sorter: true,
        ...this.getColumnSearchProps("region"),
        render: (text, record, index) => {
-          return Setting.getCountriesData().getName(record.region, Setting.getLanguage(), {select: "official"});
+          return Setting.initCountries().getName(record.region, Setting.getLanguage(), {select: "official"});
        },
      },
      {
@ -340,13 +342,12 @@ class UserListPage extends BaseListPage {
          return (
            <div>
              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} type="primary" onClick={() => this.props.history.push(`/users/${record.owner}/${record.name}`)}>{i18next.t("general:Edit")}</Button>
-              <Popconfirm
-                title={`Sure to delete user: ${record.name} ?`}
+              <PopconfirmModal
+                title={i18next.t("general:Sure to delete") + `: ${record.name} ?`}
                onConfirm={() => this.deleteUser(index)}
                disabled={disabled}
              >
-                <Button disabled={disabled} style={{marginBottom: "10px"}} type="primary" danger>{i18next.t("general:Delete")}</Button>
-              </Popconfirm>
+              </PopconfirmModal>
            </div>
          );
        },
@ -383,7 +384,7 @@ class UserListPage extends BaseListPage {
    const field = params.searchedColumn, value = params.searchText;
    const sortField = params.sortField, sortOrder = params.sortOrder;
    this.setState({loading: true});
-    if (this.state.organizationName === undefined) {
+    if (this.props.match.params.organizationName === undefined) {
      (Setting.isAdminUser(this.props.account) ? UserBackend.getGlobalUsers(params.pagination.current, params.pagination.pageSize, field, value, sortField, sortOrder) : UserBackend.getUsers(this.props.account.owner, params.pagination.current, params.pagination.pageSize, field, value, sortField, sortOrder))
        .then((res) => {
          if (res.status === "ok") {
@ -403,7 +404,7 @@ class UserListPage extends BaseListPage {
              this.getOrganization(users[0].owner);
            }
          } else {
-            if (res.msg.includes("Unauthorized")) {
+            if (Setting.isResponseDenied(res)) {
              this.setState({
                loading: false,
                isAuthorized: false,
@ -412,7 +413,7 @@ class UserListPage extends BaseListPage {
          }
        });
    } else {
-      UserBackend.getUsers(this.state.organizationName, params.pagination.current, params.pagination.pageSize, field, value, sortField, sortOrder)
+      UserBackend.getUsers(this.props.match.params.organizationName, params.pagination.current, params.pagination.pageSize, field, value, sortField, sortOrder)
        .then((res) => {
          if (res.status === "ok") {
            this.setState({
@ -431,7 +432,7 @@ class UserListPage extends BaseListPage {
              this.getOrganization(users[0].owner);
            }
          } else {
-            if (res.msg.includes("Unauthorized")) {
+            if (Setting.isResponseDenied(res)) {
              this.setState({
                loading: false,
                isAuthorized: false,
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
hsluoyz	aba17e2bc1	feat: revert PR: "fix: disable cookie for static files" (#1666 ) This reverts commit `312412ffe4`.	2023-03-17 17:27:12 +08:00
wht	dd939b5c7e	feat: improve tooltips and i18n for frontend (#1645 ) * feat: Add english tooltips * fix: add untranslated tooltips	2023-03-16 14:53:58 +08:00
Gucheng Wang	eeba21bf0d	Support acme-challenge	2023-03-16 00:25:03 +08:00
Gucheng Wang	5e47406e09	Enable CORS for "OPTIONS" request	2023-03-16 00:24:18 +08:00
Yaodong Yu	fd883a3211	feat: improve verification error translation (#1660 )	2023-03-15 23:44:38 +08:00
mos	312412ffe4	fix: disable cookie for static files (#1656 ) Co-authored-by: chenjpu <bing.chen@hgcitech.com>	2023-03-15 22:09:10 +08:00
Yaodong Yu	295a69c5f7	feat: support LDAP with SSL/TLS enabled (#1655 )	2023-03-15 11:12:31 +08:00
Yaodong Yu	a8a8f39963	feat: use GetUserCount to optimize login performance (#1653 )	2023-03-14 14:38:39 +08:00
Yaodong Yu	90f8eba02d	feat: can send Aliyun test SMS now (#1651 )	2023-03-13 17:48:58 +08:00
Yaodong Yu	2cca1c9136	feat: refactor LDAP backend code and improve frontend operation (#1640 ) * refactor: simplify ldap backend code and improve frontend operation * chore: add skipCi tag in sync_test.go * fix: ui	2023-03-12 11:12:51 +08:00
Gucheng Wang	c2eebd61a1	Add TestStartSyncJob()	2023-03-12 05:38:39 +08:00
Gucheng Wang	59566f61d7	Refactor sync code	2023-03-12 05:10:23 +08:00
Gucheng Wang	7e4c9c91cd	improve sending text	2023-03-10 22:35:47 +08:00
Gucheng Wang	430ee616db	fix user list shows all users bug	2023-03-10 21:59:57 +08:00
aiden	2e3a323528	feat: Dingtalk provider supports fetching organization email (#1636 ) * feat(dingtalk): try to get email from corp app * chore: format codes * chore: format codes (#1) * Delete .fleet directory * fix: fix syntax errors * Update dingtalk.go * style: fmt codes with gofumpt --------- Co-authored-by: aidenlu <aiden_lu@wochacha.com>	2023-03-10 21:47:54 +08:00
Gucheng Wang	09e8408a3d	Fix Popconfirm text	2023-03-10 19:17:53 +08:00
陈温鹏	2998bbf4b9	fix: Put Popconfirm into a React component. (#1638 ) * add "Sure to delete" to i18n(#1569) * fix: add sure to delete to i18n * fix: Put Popconfirm into a React component.	2023-03-10 19:16:08 +08:00
imp2002	404382f2e0	feat: fix incompatibility css inset when Safari version <=14.1 (#1635 )	2023-03-09 22:01:39 +08:00
Gucheng Wang	71db1f62a9	Fix DingTalk oauth link	2023-03-09 21:11:16 +08:00
Gucheng Wang	07dc6bf7cd	Refactor sysinfo page	2023-03-09 17:17:12 +08:00
longxu0509	2de3f6772d	fix: add aheadCnt in sysinfo (#1632 ) * feat: add sync module to bi-sync mysql * feat: fix the delay problem * feat: fix go mod * feat: fix the varchar(100) parse error * fix: fix go.mod space inconsistency * fix: fix go.mod space inconsistency * fix: use sql builder instead of concatenation * fix: remove serverId * fix: fix file is not `gofumpt`-ed (gofumpt) error * feat: add mysql bi-sync * feat: fix some data inconsistency problems * feat: add function atuo get server uuid * fix: encapsulate the struct to optimize the code * fix: fix incorrect Casdoor version in system info page * fix: fix incorrect root path * Update sysytem_test.go * feat: add aheadCnt means that the commit is ahead of version several times --------- Co-authored-by: hsluoyz <hsluoyz@qq.com>	2023-03-09 16:07:13 +08:00
longxu0509	3f623570fd	feat: fix incorrect Casdoor version in system info page (#1631 ) * feat: add sync module to bi-sync mysql * feat: fix the delay problem * feat: fix go mod * feat: fix the varchar(100) parse error * fix: fix go.mod space inconsistency * fix: fix go.mod space inconsistency * fix: use sql builder instead of concatenation * fix: remove serverId * fix: fix file is not `gofumpt`-ed (gofumpt) error * feat: add mysql bi-sync * feat: fix some data inconsistency problems * feat: add function atuo get server uuid * fix: encapsulate the struct to optimize the code * fix: fix incorrect Casdoor version in system info page * fix: fix incorrect root path * Update sysytem_test.go --------- Co-authored-by: hsluoyz <hsluoyz@qq.com>	2023-03-09 13:28:23 +08:00
Yaodong Yu	a5dfe54a33	feat: fix LDAP page crash (#1630 )	2023-03-08 21:31:55 +08:00
陈温鹏	7c4a6fea02	fix: add "sure to delete" to i18n (#1627 ) * add "Sure to delete" to i18n(#1569) * fix: add sure to delete to i18n	2023-03-07 22:38:48 +08:00
imp2002	ff4af6bb4e	feat: remove ID field in enforcement (#1623 )	2023-03-07 16:04:07 +08:00
Gucheng Wang	5bdede5596	Use go-webauthn/webauthn	2023-03-07 13:49:04 +08:00
wht	ed052b0e6a	feat: add support for SUBMAIL sms (#1621 ) * feat: add support for SUBMAIL sms * fix: add SUBMAIL SMS icon	2023-03-06 21:23:45 +08:00
Yaodong Yu	16b1d0e1f0	fix: handle aliyun captcha error (#1624 )	2023-03-06 21:23:03 +08:00
longxu0509	fea2a8cdbe	feat: add bi-sync module (#1617 ) * feat: add sync module to bi-sync mysql * feat: fix the delay problem * feat: fix go mod * feat: fix the varchar(100) parse error * fix: fix go.mod space inconsistency * fix: fix go.mod space inconsistency * fix: use sql builder instead of concatenation * fix: remove serverId * fix: fix file is not `gofumpt`-ed (gofumpt) error * feat: add mysql bi-sync * feat: fix some data inconsistency problems * feat: add function atuo get server uuid * fix: encapsulate the struct to optimize the code	2023-03-06 11:39:41 +08:00
Gucheng Wang	9d55238cef	Fix code issue	2023-03-06 00:33:26 +08:00
Yaodong Yu	8427d63872	feat: fix empty value of countryCode for signup (#1620 )	2023-03-05 21:52:40 +08:00
Yaodong Yu	e8a7b7ee9c	feat: support all captcha for login (#1619 ) * refactor: captcha modal * feat: support all captcha when login * chore: improve i18 in loginPage.js	2023-03-05 20:31:46 +08:00
Gucheng Wang	f8bc87eb4e	Fix i18n error	2023-03-04 00:13:29 +08:00
Gucheng Wang	3e6ef9e666	Fix forget page i18n	2023-03-03 23:55:48 +08:00
Gucheng Wang	ef3d323f63	Improve SMS code	2023-03-03 22:44:22 +08:00
wht	aad9201b24	feat: add SMS test feature (#1606 ) * feat: add SMS test * fix: Add missing translation * fix: Delete redundant information * fix: remove unnecessary field * Update sms.go --------- Co-authored-by: hsluoyz <hsluoyz@qq.com>	2023-03-03 22:15:02 +08:00
Gucheng Wang	46f090361e	Improve init_data json	2023-03-03 21:32:06 +08:00
fengxsong	1ae6adff8e	fix(secure): remove user list from roles and permissions field to avoid leaking userlist (#1614 ) * fix(secure): remove user list from roles and permissions field to avoid leaking userlist Signed-off-by: fengxsong <fengxsong@outlook.com> * Update permission.go * Update role.go --------- Signed-off-by: fengxsong <fengxsong@outlook.com> Co-authored-by: hsluoyz <hsluoyz@qq.com>	2023-03-03 18:18:41 +08:00
Zayn Xie	59c95ca8a0	feat: fix ID parsing bug when calling api/logout (#1611 ) Co-authored-by: Zayn Xie <84443886+xiaoniuren99@users.noreply.github.com>	2023-03-03 14:26:31 +08:00
Gucheng Wang	ca1b5feb78	Improve default captcha UI	2023-03-02 22:04:37 +08:00
Gucheng Wang	e50c832ff9	Fix login width	2023-03-02 20:49:13 +08:00
Yaodong Yu	8696b08db2	fix: empty countryCode of current account causes crash (#1603 ) * fix: empty countryCode of current account cause crush * Update UserEditPage.js --------- Co-authored-by: hsluoyz <hsluoyz@qq.com>	2023-03-01 22:09:48 +08:00
fengxsong	d21ae8a478	feat: support making configs in values.yaml (#1595 ) Signed-off-by: fengxsong <fengxsong@outlook.com>	2023-03-01 20:17:04 +08:00
Zayn Xie	db401b2046	ci: add migration ci test (#1600 ) * feat: add migration ci test * feat: add migration ci test * feat: add migration ci test --------- Co-authored-by: Zayn Xie <84443886+xiaoniuren99@users.noreply.github.com>	2023-03-01 17:30:08 +08:00
Shenyz	7181489da0	fix: OIDC Userinfo API response for scope profile (#1598 )	2023-03-01 16:56:39 +08:00
Yaodong Yu	e21087aa50	feat: refactor reset password api and forgetPage.js (#1601 )	2023-03-01 15:57:42 +08:00
longxu0509	b38f2218a3	feat: add basic MySQL sync functionality (#1575 ) * feat: add sync module to bi-sync mysql * feat: fix the delay problem * feat: fix go mod * feat: fix the varchar(100) parse error * fix: fix go.mod space inconsistency * fix: fix go.mod space inconsistency * fix: use sql builder instead of concatenation * fix: remove serverId * fix: fix file is not `gofumpt`-ed (gofumpt) error	2023-02-28 16:48:06 +08:00
Yaodong Yu	afd3c4ed25	fix: fix bug form country code init error (#1591 )	2023-02-27 22:07:28 +08:00
Yaodong Yu	5caceb4ae2	feat: fix bug that signup country code is undefined (#1590 ) * feat: fix signup country code is undefined * refactor: valid phone number in CN	2023-02-27 20:10:59 +08:00
Gucheng Wang	f5672357e6	fix resetting phone bug	2023-02-25 15:46:54 +08:00
Gucheng Wang	181e7c8c7d	Refactor out getCountryCodeOption()	2023-02-25 15:25:47 +08:00
Gucheng Wang	36c5a9d09b	Sort country list	2023-02-25 15:08:08 +08:00
Gucheng Wang	9acb3c499e	Can search country code	2023-02-25 14:57:23 +08:00
Gucheng Wang	0e9a3b0f30	don't update provider in preview	2023-02-25 12:31:08 +08:00
Gucheng Wang	d104a292e7	fix normal user phone edit control	2023-02-25 11:47:34 +08:00
Gucheng Wang	8fbd5b1a74	disable demo prompt for get-organizations API	2023-02-25 11:01:48 +08:00
Gucheng Wang	f5a05ac534	improve application homepage	2023-02-25 10:50:50 +08:00
Gucheng Wang	05fade1d05	fix role list link error	2023-02-25 09:39:19 +08:00
Gucheng Wang	8aefa02036	fix message length	2023-02-25 08:36:24 +08:00
Yaodong Yu	3b6ec3e7c4	feat: improve saml idp err message (#1584 )	2023-02-24 21:20:57 +08:00
Yang Luo	910816c7a3	Fix bug in GetLanguage()	2023-02-24 20:17:23 +08:00
Yaodong Yu	412a8b5da7	fix: init name is inconsistent with frontend (#1583 )	2023-02-24 14:28:34 +08:00
Yaodong Yu	8ebd16a14e	feat: fix resetting email and phone bug (#1579 )	2023-02-23 18:06:13 +08:00
Gucheng Wang	44ec854465	Refactor getClientIdLabel() and getClientSecretLabel()	2023-02-23 17:57:46 +08:00
imp2002	26e87b0d98	feat: fix compatibility with lower version browsers like Chrome 87 (#1578 )	2023-02-22 20:57:57 +08:00
Gucheng Wang	7e0ea0b8d9	Fix missing accountItem crash bug	2023-02-22 12:16:05 +08:00
Gucheng Wang	ace8e9da06	Refactor getAppIdRow()	2023-02-22 12:10:55 +08:00
Yaodong Yu	aac8714d72	feat: handle aliyun SMS response error (#1577 )	2023-02-21 20:08:23 +08:00
Yaodong Yu	e71e41b343	feat: fix captcha none type bug (#1572 )	2023-02-19 16:56:51 +08:00
Yang Luo	6131286cbd	Add getBuiltInAccountItems()	2023-02-19 09:45:06 +08:00
Yang Luo	3bda8fb9dc	Remove Migrator_1_245_0_PR_1557	2023-02-19 09:38:57 +08:00
github-actions[bot]	11f55a474c	refactor: New Crowdin translations (#1440 ) * refactor: New Crowdin translations by Github Action * refactor: New Crowdin Backend translations by Github Action --------- Co-authored-by: Crowdin Bot <support+bot@crowdin.com>	2023-02-18 23:46:44 +08:00
Yang Luo	4806e76cf6	Fix demo mode default login	2023-02-18 23:43:22 +08:00
Yang Luo	edbd3d4018	Add i18n banner	2023-02-18 18:09:43 +08:00
Yang Luo	3f0a741e6c	Improve i18n languages	2023-02-18 17:35:36 +08:00
Yang Luo	d273fdd670	Use username as saml:NameID	2023-02-18 16:42:45 +08:00
Yang Luo	3ae81716b9	Fix getLdaps() GET	2023-02-18 16:27:47 +08:00
Yang Luo	3a70f4e788	Add Setting.isResponseDenied()	2023-02-18 16:21:12 +08:00
Yang Luo	842d4865b2	Fix router error message's i18n	2023-02-18 16:11:23 +08:00
imp2002	19fb7273bb	fix: detect access denied by response message for demo mode (#1565 ) fix: detect access denied by response message for demo mode	2023-02-18 12:12:54 +08:00
Yaodong Yu	943bd82731	feat: fix migrator_1_245_0_PR_1557.go (#1564 )	2023-02-18 10:58:14 +08:00
Yaodong Yu	f2f962b893	fix: refactor functions and code (#1559 )	2023-02-18 09:31:58 +08:00
Yaodong Yu	eb72c9f273	feat: support multiple country codes for sending SMS (#1557 ) * feat: support multiple country code * feat: improve UI * feat: migrate accountItem * fix: Aliyun compatible * fix: phone validate * fix: typo	2023-02-16 22:53:28 +08:00
Yang Luo	4605938f8e	Refactor FetchFilter.js code	2023-02-16 22:50:08 +08:00