feat: fix update application failed for permissions with the same name (#2579)

* fixed: update application failed where have two same permission in different organization

* Update application.go

---------

Co-authored-by: hsluoyz <hsluoyz@qq.com>

authz/authz.go

@@ -150,7 +150,7 @@ func IsAllowed(subOwner string, subName string, method string, urlPath string, o
 
 func isAllowedInDemoMode(subOwner string, subName string, method string, urlPath string, objOwner string, objName string) bool {
 	if method == "POST" {
-		if strings.HasPrefix(urlPath, "/api/login") || urlPath == "/api/logout" || urlPath == "/api/signup" || urlPath == "/api/callback" || urlPath == "/api/send-verification-code" || urlPath == "/api/send-email" || urlPath == "/api/verify-captcha" {
+		if strings.HasPrefix(urlPath, "/api/login") || urlPath == "/api/logout" || urlPath == "/api/signup" || urlPath == "/api/callback" || urlPath == "/api/send-verification-code" || urlPath == "/api/send-email" || urlPath == "/api/verify-captcha" || urlPath == "/api/check-user-password" || strings.HasPrefix(urlPath, "/api/mfa/") {
 			return true
 		} else if urlPath == "/api/update-user" {
 			// Allow ordinary users to update their own information

controllers/account.go

@@ -56,6 +56,17 @@ type Captcha struct {
 	SubType       string `json:"subType"`
 }
 
+// this API is used by "Api URL" of Flarum's FoF Passport plugin
+// https://github.com/FriendsOfFlarum/passport
+type LaravelResponse struct {
+	Id              string `json:"id"`
+	Name            string `json:"name"`
+	Email           string `json:"email"`
+	EmailVerifiedAt string `json:"email_verified_at"`
+	CreatedAt       string `json:"created_at"`
+	UpdatedAt       string `json:"updated_at"`
+}
+
 // Signup
 // @Tag Login API
 // @Title Signup
@@ -418,7 +429,7 @@ func (c *ApiController) GetUserinfo() {
 // @Title UserInfo2
 // @Tag Account API
 // @Description return Laravel compatible user information according to OAuth 2.0
-// @Success 200 {object} LaravelResponse The Response object
+// @Success 200 {object} controllers.LaravelResponse The Response object
 // @router /user [get]
 func (c *ApiController) GetUserinfo2() {
 	user, ok := c.RequireSignedInUser()
@@ -426,17 +437,6 @@ func (c *ApiController) GetUserinfo2() {
 		return
 	}
 
-	// this API is used by "Api URL" of Flarum's FoF Passport plugin
-	// https://github.com/FriendsOfFlarum/passport
-	type LaravelResponse struct {
-		Id              string `json:"id"`
-		Name            string `json:"name"`
-		Email           string `json:"email"`
-		EmailVerifiedAt string `json:"email_verified_at"`
-		CreatedAt       string `json:"created_at"`
-		UpdatedAt       string `json:"updated_at"`
-	}
-
 	response := LaravelResponse{
 		Id:              user.Id,
 		Name:            user.Name,

controllers/auth.go

@@ -222,7 +222,7 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
 // @Param   redirectUri    query    string  true        "redirect uri"
 // @Param   scope    query    string  true        "scope"
 // @Param   state    query    string  true        "state"
-// @Success 200 {object}  Response The Response object
+// @Success 200 {object} controllers.Response The Response object
 // @router /get-app-login [get]
 func (c *ApiController) GetApplicationLogin() {
 	clientId := c.Input().Get("clientId")
@@ -342,7 +342,28 @@ func (c *ApiController) Login() {
 				return
 			}
 
+			var application *object.Application
+			application, err = object.GetApplication(fmt.Sprintf("admin/%s", authForm.Application))
+			if err != nil {
+				c.ResponseError(err.Error(), nil)
+				return
+			}
+
+			if application == nil {
+				c.ResponseError(fmt.Sprintf(c.T("auth:The application: %s does not exist"), authForm.Application))
+				return
+			}
+
 			verificationCodeType := object.GetVerifyType(authForm.Username)
+			if verificationCodeType == object.VerifyTypeEmail && !application.IsCodeSigninViaEmailEnabled() {
+				c.ResponseError(c.T("auth:The login method: login with email is not enabled for the application"))
+				return
+			}
+			if verificationCodeType == object.VerifyTypePhone && !application.IsCodeSigninViaSmsEnabled() {
+				c.ResponseError(c.T("auth:The login method: login with SMS is not enabled for the application"))
+				return
+			}
+
 			var checkDest string
 			if verificationCodeType == object.VerifyTypePhone {
 				authForm.CountryCode = user.GetCountryCode(authForm.CountryCode)
@@ -378,7 +399,7 @@ func (c *ApiController) Login() {
 				c.ResponseError(fmt.Sprintf(c.T("auth:The application: %s does not exist"), authForm.Application))
 				return
 			}
-			if !application.EnablePassword {
+			if !application.IsPasswordEnabled() {
 				c.ResponseError(c.T("auth:The login method: login with password is not enabled for the application"))
 				return
 			}

controllers/casbin_api.go

@@ -26,10 +26,11 @@ import (
 // @Title Enforce
 // @Tag Enforce API
 // @Description Call Casbin Enforce API
-// @Param   body    body   object.CasbinRequest  true   "Casbin request"
+// @Param   body    body   []string  true   "Casbin request"
 // @Param   permissionId    query   string  false   "permission id"
 // @Param   modelId    query   string  false   "model id"
 // @Param   resourceId    query   string  false   "resource id"
+// @Param   owner    query   string  false   "owner"
 // @Success 200 {object} controllers.Response The Response object
 // @router /enforce [post]
 func (c *ApiController) Enforce() {
@@ -37,13 +38,14 @@ func (c *ApiController) Enforce() {
 	modelId := c.Input().Get("modelId")
 	resourceId := c.Input().Get("resourceId")
 	enforcerId := c.Input().Get("enforcerId")
+	owner := c.Input().Get("owner")
 
 	if len(c.Ctx.Input.RequestBody) == 0 {
 		c.ResponseError("The request body should not be empty")
 		return
 	}
 
-	var request object.CasbinRequest
+	var request []string
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &request)
 	if err != nil {
 		c.ResponseError(err.Error())
@@ -60,7 +62,10 @@ func (c *ApiController) Enforce() {
 		res := []bool{}
 		keyRes := []string{}
 
-		enforceResult, err := enforcer.Enforce(request...)
+		// type transformation
+		interfaceRequest := util.StringToInterfaceArray(request)
+
+		enforceResult, err := enforcer.Enforce(interfaceRequest...)
 		if err != nil {
 			c.ResponseError(err.Error())
 			return
@@ -87,7 +92,7 @@ func (c *ApiController) Enforce() {
 		res := []bool{}
 		keyRes := []string{}
 
-		enforceResult, err := object.Enforce(permission, &request)
+		enforceResult, err := object.Enforce(permission, request)
 		if err != nil {
 			c.ResponseError(err.Error())
 			return
@@ -114,6 +119,8 @@ func (c *ApiController) Enforce() {
 			c.ResponseError(err.Error())
 			return
 		}
+	} else if owner != "" {
+		permissions, err = object.GetPermissions(owner)
 	} else {
 		c.ResponseError(c.T("general:Missing parameter"))
 		return
@@ -129,7 +136,7 @@ func (c *ApiController) Enforce() {
 			return
 		}
 
-		enforceResult, err := object.Enforce(firstPermission, &request, permissionIds...)
+		enforceResult, err := object.Enforce(firstPermission, request, permissionIds...)
 		if err != nil {
 			c.ResponseError(err.Error())
 			return
@@ -146,17 +153,19 @@ func (c *ApiController) Enforce() {
 // @Title BatchEnforce
 // @Tag Enforce API
 // @Description Call Casbin BatchEnforce API
-// @Param   body    body   object.CasbinRequest  true   "array of casbin requests"
+// @Param   body    body   []string  true   "array of casbin requests"
 // @Param   permissionId    query   string  false   "permission id"
 // @Param   modelId    query   string  false   "model id"
+// @Param   owner    query   string  false   "owner"
 // @Success 200 {object} controllers.Response The Response object
 // @router /batch-enforce [post]
 func (c *ApiController) BatchEnforce() {
 	permissionId := c.Input().Get("permissionId")
 	modelId := c.Input().Get("modelId")
 	enforcerId := c.Input().Get("enforcerId")
+	owner := c.Input().Get("owner")
 
-	var requests []object.CasbinRequest
+	var requests [][]string
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &requests)
 	if err != nil {
 		c.ResponseError(err.Error())
@@ -173,7 +182,10 @@ func (c *ApiController) BatchEnforce() {
 		res := [][]bool{}
 		keyRes := []string{}
 
-		enforceResult, err := enforcer.BatchEnforce(requests)
+		// type transformation
+		interfaceRequests := util.StringToInterfaceArray2d(requests)
+
+		enforceResult, err := enforcer.BatchEnforce(interfaceRequests)
 		if err != nil {
 			c.ResponseError(err.Error())
 			return
@@ -200,7 +212,7 @@ func (c *ApiController) BatchEnforce() {
 		res := [][]bool{}
 		keyRes := []string{}
 
-		enforceResult, err := object.BatchEnforce(permission, &requests)
+		enforceResult, err := object.BatchEnforce(permission, requests)
 		if err != nil {
 			c.ResponseError(err.Error())
 			return
@@ -221,6 +233,8 @@ func (c *ApiController) BatchEnforce() {
 			c.ResponseError(err.Error())
 			return
 		}
+	} else if owner != "" {
+		permissions, err = object.GetPermissions(owner)
 	} else {
 		c.ResponseError(c.T("general:Missing parameter"))
 		return
@@ -236,7 +250,7 @@ func (c *ApiController) BatchEnforce() {
 			return
 		}
 
-		enforceResult, err := object.BatchEnforce(firstPermission, &requests, permissionIds...)
+		enforceResult, err := object.BatchEnforce(firstPermission, requests, permissionIds...)
 		if err != nil {
 			c.ResponseError(err.Error())
 			return

controllers/enforcer.go

@@ -138,7 +138,7 @@ func (c *ApiController) AddEnforcer() {
 // @Title DeleteEnforcer
 // @Tag Enforcer API
 // @Description delete enforcer
-// @Param   body    body    object.Enforce  true      "The enforcer object"
+// @Param   body    body    object.Enforcer  true      "The enforcer object"
 // @Success 200 {object} object.Enforcer
 // @router /delete-enforcer [post]
 func (c *ApiController) DeleteEnforcer() {

controllers/invitation.go

@@ -0,0 +1,164 @@
+// Copyright 2023 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package controllers
+
+import (
+	"encoding/json"
+
+	"github.com/beego/beego/utils/pagination"
+	"github.com/casdoor/casdoor/object"
+	"github.com/casdoor/casdoor/util"
+)
+
+// GetInvitations
+// @Title GetInvitations
+// @Tag Invitation API
+// @Description get invitations
+// @Param   owner     query    string  true        "The owner of invitations"
+// @Success 200 {array} object.Invitation The Response object
+// @router /get-invitations [get]
+func (c *ApiController) GetInvitations() {
+	owner := c.Input().Get("owner")
+	limit := c.Input().Get("pageSize")
+	page := c.Input().Get("p")
+	field := c.Input().Get("field")
+	value := c.Input().Get("value")
+	sortField := c.Input().Get("sortField")
+	sortOrder := c.Input().Get("sortOrder")
+
+	if limit == "" || page == "" {
+		invitations, err := object.GetInvitations(owner)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+
+		c.ResponseOk(invitations)
+	} else {
+		limit := util.ParseInt(limit)
+		count, err := object.GetInvitationCount(owner, field, value)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+
+		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		invitations, err := object.GetPaginationInvitations(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+
+		c.ResponseOk(invitations, paginator.Nums())
+	}
+}
+
+// GetInvitation
+// @Title GetInvitation
+// @Tag Invitation API
+// @Description get invitation
+// @Param   id     query    string  true        "The id ( owner/name ) of the invitation"
+// @Success 200 {object} object.Invitation The Response object
+// @router /get-invitation [get]
+func (c *ApiController) GetInvitation() {
+	id := c.Input().Get("id")
+
+	invitation, err := object.GetInvitation(id)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	c.ResponseOk(invitation)
+}
+
+// UpdateInvitation
+// @Title UpdateInvitation
+// @Tag Invitation API
+// @Description update invitation
+// @Param   id     query    string  true        "The id ( owner/name ) of the invitation"
+// @Param   body    body   object.Invitation  true        "The details of the invitation"
+// @Success 200 {object} controllers.Response The Response object
+// @router /update-invitation [post]
+func (c *ApiController) UpdateInvitation() {
+	id := c.Input().Get("id")
+
+	var invitation object.Invitation
+	err := json.Unmarshal(c.Ctx.Input.RequestBody, &invitation)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	c.Data["json"] = wrapActionResponse(object.UpdateInvitation(id, &invitation))
+	c.ServeJSON()
+}
+
+// AddInvitation
+// @Title AddInvitation
+// @Tag Invitation API
+// @Description add invitation
+// @Param   body    body   object.Invitation  true        "The details of the invitation"
+// @Success 200 {object} controllers.Response The Response object
+// @router /add-invitation [post]
+func (c *ApiController) AddInvitation() {
+	var invitation object.Invitation
+	err := json.Unmarshal(c.Ctx.Input.RequestBody, &invitation)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	c.Data["json"] = wrapActionResponse(object.AddInvitation(&invitation))
+	c.ServeJSON()
+}
+
+// DeleteInvitation
+// @Title DeleteInvitation
+// @Tag Invitation API
+// @Description delete invitation
+// @Param   body    body   object.Invitation  true        "The details of the invitation"
+// @Success 200 {object} controllers.Response The Response object
+// @router /delete-invitation [post]
+func (c *ApiController) DeleteInvitation() {
+	var invitation object.Invitation
+	err := json.Unmarshal(c.Ctx.Input.RequestBody, &invitation)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	c.Data["json"] = wrapActionResponse(object.DeleteInvitation(&invitation))
+	c.ServeJSON()
+}
+
+// VerifyInvitation
+// @Title VerifyInvitation
+// @Tag Invitation API
+// @Description verify invitation
+// @Param   id     query    string  true        "The id ( owner/name ) of the invitation"
+// @Success 200 {object} controllers.Response The Response object
+// @router /verify-invitation [get]
+func (c *ApiController) VerifyInvitation() {
+	id := c.Input().Get("id")
+
+	payment, attachInfo, err := object.VerifyInvitation(id)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	c.ResponseOk(payment, attachInfo)
+}

controllers/ldap.go

@@ -42,7 +42,7 @@ type LdapSyncResp struct {
 // @Tag Account API
 // @Description get ldap users
 // Param	id	string	true	"id"
-// @Success 200 {object} LdapResp The Response object
+// @Success 200 {object} controllers.LdapResp The Response object
 // @router /get-ldap-users [get]
 func (c *ApiController) GetLdapUsers() {
 	id := c.Input().Get("id")
@@ -250,7 +250,7 @@ func (c *ApiController) DeleteLdap() {
 // @Tag Account API
 // @Description sync ldap users
 // @Param	id	query	string		true	"id"
-// @Success 200 {object} LdapSyncResp The Response object
+// @Success 200 {object} controllers.LdapSyncResp The Response object
 // @router /sync-ldap-users [post]
 func (c *ApiController) SyncLdapUsers() {
 	id := c.Input().Get("id")

controllers/mfa.go

@@ -73,7 +73,7 @@ func (c *ApiController) MfaSetupInitiate() {
 // @Description setup verify totp
 // @param	secret		form	string	true	"MFA secret"
 // @param	passcode	form 	string 	true	"MFA passcode"
-// @Success 200 {object}  Response object
+// @Success 200 {object} controllers.Response The Response object
 // @router /mfa/setup/verify [post]
 func (c *ApiController) MfaSetupVerify() {
 	mfaType := c.Ctx.Request.Form.Get("mfaType")
@@ -104,7 +104,7 @@ func (c *ApiController) MfaSetupVerify() {
 // @param owner	form	string	true	"owner of user"
 // @param name	form	string	true	"name of user"
 // @param type	form	string	true	"MFA auth type"
-// @Success 200 {object}  Response object
+// @Success 200 {object} controllers.Response The Response object
 // @router /mfa/setup/enable [post]
 func (c *ApiController) MfaSetupEnable() {
 	owner := c.Ctx.Request.Form.Get("owner")
@@ -143,7 +143,7 @@ func (c *ApiController) MfaSetupEnable() {
 // @Description: Delete MFA
 // @param owner	form	string	true	"owner of user"
 // @param name	form	string	true	"name of user"
-// @Success 200 {object}  Response object
+// @Success 200 {object} controllers.Response The Response object
 // @router /delete-mfa/ [post]
 func (c *ApiController) DeleteMfa() {
 	owner := c.Ctx.Request.Form.Get("owner")
@@ -176,7 +176,7 @@ func (c *ApiController) DeleteMfa() {
 // @param owner	form	string	true	"owner of user"
 // @param name	form	string	true	"name of user"
 // @param id	form	string	true	"id of user's MFA props"
-// @Success 200 {object}  Response object
+// @Success 200 {object} controllers.Response The Response object
 // @router /set-preferred-mfa [post]
 func (c *ApiController) SetPreferredMfa() {
 	mfaType := c.Ctx.Request.Form.Get("mfaType")

controllers/organization.go

@@ -178,7 +178,7 @@ func (c *ApiController) DeleteOrganization() {
 // @Tag Organization API
 // @Description get default application
 // @Param   id     query    string  true        "organization id"
-// @Success 200 {object}  Response The Response object
+// @Success 200 {object} controllers.Response The Response object
 // @router /get-default-application [get]
 func (c *ApiController) GetDefaultApplication() {
 	userId := c.GetSessionUsername()

controllers/service.go

@@ -51,9 +51,14 @@ type NotificationForm struct {
 // @Param   clientId    query    string  true        "The clientId of the application"
 // @Param   clientSecret    query    string  true    "The clientSecret of the application"
 // @Param   from    body   controllers.EmailForm    true         "Details of the email request"
-// @Success 200 {object}  Response object
+// @Success 200 {object} controllers.Response The Response object
 // @router /api/send-email [post]
 func (c *ApiController) SendEmail() {
+	user, ok := c.RequireSignedInUser()
+	if !ok {
+		return
+	}
+
 	var emailForm EmailForm
 
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &emailForm)
@@ -108,8 +113,13 @@ func (c *ApiController) SendEmail() {
 	}
 
 	code := "123456"
+
 	// "You have requested a verification code at Casdoor. Here is your code: %s, please enter in 5 minutes."
-	content := fmt.Sprintf(emailForm.Content, code)
+	content := strings.Replace(provider.Content, "%s", code, 1)
+	if user != nil {
+		content = strings.Replace(content, "%{user.friendlyName}", user.GetFriendlyName(), 1)
+	}
+
 	for _, receiver := range emailForm.Receivers {
 		err = object.SendEmail(provider, emailForm.Title, content, receiver, emailForm.Sender)
 		if err != nil {
@@ -128,7 +138,7 @@ func (c *ApiController) SendEmail() {
 // @Param   clientId    query    string  true        "The clientId of the application"
 // @Param   clientSecret    query    string  true    "The clientSecret of the application"
 // @Param   from    body   controllers.SmsForm    true           "Details of the sms request"
-// @Success 200 {object}  Response object
+// @Success 200 {object} controllers.Response The Response object
 // @router /api/send-sms [post]
 func (c *ApiController) SendSms() {
 	provider, err := c.GetProviderFromContext("SMS")
@@ -166,7 +176,7 @@ func (c *ApiController) SendSms() {
 // @Tag Service API
 // @Description This API is not for Casdoor frontend to call, it is for Casdoor SDKs.
 // @Param   from    body   controllers.NotificationForm    true         "Details of the notification request"
-// @Success 200 {object}  Response object
+// @Success 200 {object} controllers.Response The Response object
 // @router /api/send-notification [post]
 func (c *ApiController) SendNotification() {
 	provider, err := c.GetProviderFromContext("Notification")

go.mod

@@ -4,7 +4,6 @@ go 1.16
 
 require (
 	github.com/Masterminds/squirrel v1.5.3
-	github.com/RobotsAndPencils/go-saml v0.0.0-20170520135329-fb13cb52a46b
 	github.com/alexedwards/argon2id v0.0.0-20211130144151-3585854a6387
 	github.com/aws/aws-sdk-go v1.45.5
 	github.com/beego/beego v1.12.12
@@ -33,13 +32,11 @@ require (
 	github.com/golang-jwt/jwt/v4 v4.5.0
 	github.com/google/uuid v1.4.0
 	github.com/json-iterator/go v1.1.12
-	github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0 // indirect
 	github.com/lestrrat-go/jwx v1.2.21
 	github.com/lib/pq v1.10.9
 	github.com/lor00x/goldap v0.0.0-20180618054307-a546dffdd1a3
 	github.com/markbates/goth v1.75.2
 	github.com/mitchellh/mapstructure v1.5.0
-	github.com/nu7hatch/gouuid v0.0.0-20131221200532-179d4d0c4d8d // indirect
 	github.com/nyaruka/phonenumbers v1.1.5
 	github.com/pquerna/otp v1.4.0
 	github.com/prometheus/client_golang v1.11.1

go.sum

@@ -962,8 +962,6 @@ github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v
 github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
 github.com/ProtonMail/go-crypto v0.0.0-20221026131551-cf6655e29de4 h1:ra2OtmuW0AE5csawV4YXMNGNQQXvLRps3z2Z59OPO+I=
 github.com/ProtonMail/go-crypto v0.0.0-20221026131551-cf6655e29de4/go.mod h1:UBYPn8k0D56RtnR8RFQMjmh4KrZzWJ5o7Z9SYjossQ8=
-github.com/RobotsAndPencils/go-saml v0.0.0-20170520135329-fb13cb52a46b h1:EgJ6N2S0h1WfFIjU5/VVHWbMSVYXAluop97Qxpr/lfQ=
-github.com/RobotsAndPencils/go-saml v0.0.0-20170520135329-fb13cb52a46b/go.mod h1:3SAoF0F5EbcOuBD5WT9nYkbIJieBS84cUQXADbXeBsU=
 github.com/RocketChat/Rocket.Chat.Go.SDK v0.0.0-20221121042443-a3fd332d56d9 h1:vuu1KBsr6l7XU3CHsWESP/4B1SNd+VZkrgeFZsUXrsY=
 github.com/RocketChat/Rocket.Chat.Go.SDK v0.0.0-20221121042443-a3fd332d56d9/go.mod h1:rjP7sIipbZcagro/6TCk6X0ZeFT2eyudH5+fve/cbBA=
 github.com/SherClockHolmes/webpush-go v1.2.0 h1:sGv0/ZWCvb1HUH+izLqrb2i68HuqD/0Y+AmGQfyqKJA=
@@ -1588,8 +1586,6 @@ github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7V
 github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM=
 github.com/jung-kurt/gofpdf v1.0.0/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes=
 github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes=
-github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0 h1:iQTw/8FWTuc7uiaSepXwyf3o52HaUYcV+Tu66S3F5GA=
-github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0/go.mod h1:1NbS8ALrpOvjt0rHPNLyCIeMtbizbir8U//inJ+zuB8=
 github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs=
 github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
 github.com/kevinburke/go-types v0.0.0-20210723172823-2deba1f80ba7/go.mod h1:/Pk5i/SqYdYv1cie5wGwoZ4P6TpgMi+Yf58mtJSHdOw=
@@ -1734,8 +1730,6 @@ github.com/nats-io/nkeys v0.3.0/go.mod h1:gvUNGjVcM2IPr5rCsRsC6Wb3Hr2CQAm08dsxtV
 github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c=
 github.com/nbio/st v0.0.0-20140626010706-e9e8d9816f32/go.mod h1:9wM+0iRr9ahx58uYLpLIr5fm8diHn0JbqRycJi6w0Ms=
 github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
-github.com/nu7hatch/gouuid v0.0.0-20131221200532-179d4d0c4d8d h1:VhgPp6v9qf9Agr/56bj7Y/xa04UccTW04VP0Qed4vnQ=
-github.com/nu7hatch/gouuid v0.0.0-20131221200532-179d4d0c4d8d/go.mod h1:YUTz3bUH2ZwIWBy3CJBeOBEugqcmXREj14T+iG/4k4U=
 github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
 github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE=
 github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU=

i18n/locales/ar/data.json

@@ -15,6 +15,8 @@
     "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)",
     "The application: %s does not exist": "The application: %s does not exist",
+    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
+    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
     "Unauthorized operation": "Unauthorized operation",

i18n/locales/de/data.json

@@ -15,6 +15,8 @@
     "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "Das Konto für den Anbieter %s und Benutzernamen %s (%s) existiert nicht und es ist nicht erlaubt, ein neues Konto anzumelden. Bitte wenden Sie sich an Ihren IT-Support",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "Das Konto für den Anbieter %s und Benutzernamen %s (%s) ist bereits mit einem anderen Konto verknüpft: %s (%s)",
     "The application: %s does not exist": "Die Anwendung: %s existiert nicht",
+    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
+    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
     "The login method: login with password is not enabled for the application": "Die Anmeldeart \"Anmeldung mit Passwort\" ist für die Anwendung nicht aktiviert",
     "The provider: %s is not enabled for the application": "Der Anbieter: %s ist nicht für die Anwendung aktiviert",
     "Unauthorized operation": "Nicht autorisierte Operation",

i18n/locales/en/data.json

@@ -15,6 +15,8 @@
     "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)",
     "The application: %s does not exist": "The application: %s does not exist",
+    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
+    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
     "Unauthorized operation": "Unauthorized operation",

i18n/locales/es/data.json

@@ -15,6 +15,8 @@
     "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "La cuenta para el proveedor: %s y el nombre de usuario: %s (%s) no existe y no se permite registrarse como una nueva cuenta, por favor contacte a su soporte de TI",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "La cuenta para proveedor: %s y nombre de usuario: %s (%s) ya está vinculada a otra cuenta: %s (%s)",
     "The application: %s does not exist": "La aplicación: %s no existe",
+    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
+    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
     "The login method: login with password is not enabled for the application": "El método de inicio de sesión: inicio de sesión con contraseña no está habilitado para la aplicación",
     "The provider: %s is not enabled for the application": "El proveedor: %s no está habilitado para la aplicación",
     "Unauthorized operation": "Operación no autorizada",

i18n/locales/fa/data.json

@@ -15,6 +15,8 @@
     "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)",
     "The application: %s does not exist": "The application: %s does not exist",
+    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
+    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
     "Unauthorized operation": "Unauthorized operation",

i18n/locales/fi/data.json

@@ -15,6 +15,8 @@
     "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)",
     "The application: %s does not exist": "The application: %s does not exist",
+    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
+    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
     "Unauthorized operation": "Unauthorized operation",

i18n/locales/fr/data.json

@@ -15,6 +15,8 @@
     "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "Le compte pour le fournisseur : %s et le nom d'utilisateur : %s (%s) n'existe pas et n'est pas autorisé à s'inscrire comme nouveau compte, veuillez contacter votre support informatique",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "Le compte du fournisseur : %s et le nom d'utilisateur : %s (%s) sont déjà liés à un autre compte : %s (%s)",
     "The application: %s does not exist": "L'application : %s n'existe pas",
+    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
+    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
     "The login method: login with password is not enabled for the application": "La méthode de connexion : connexion avec mot de passe n'est pas activée pour l'application",
     "The provider: %s is not enabled for the application": "Le fournisseur :%s n'est pas activé pour l'application",
     "Unauthorized operation": "Opération non autorisée",

i18n/locales/he/data.json

@@ -15,6 +15,8 @@
     "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)",
     "The application: %s does not exist": "The application: %s does not exist",
+    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
+    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
     "Unauthorized operation": "Unauthorized operation",

i18n/locales/id/data.json

@@ -15,6 +15,8 @@
     "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "Akun untuk penyedia: %s dan nama pengguna: %s (%s) tidak ada dan tidak diizinkan untuk mendaftar sebagai akun baru, silakan hubungi dukungan IT Anda",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "Akun untuk provider: %s dan username: %s (%s) sudah terhubung dengan akun lain: %s (%s)",
     "The application: %s does not exist": "Aplikasi: %s tidak ada",
+    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
+    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
     "The login method: login with password is not enabled for the application": "Metode login: login dengan kata sandi tidak diaktifkan untuk aplikasi tersebut",
     "The provider: %s is not enabled for the application": "Penyedia: %s tidak diaktifkan untuk aplikasi ini",
     "Unauthorized operation": "Operasi tidak sah",

i18n/locales/it/data.json

@@ -15,6 +15,8 @@
     "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)",
     "The application: %s does not exist": "The application: %s does not exist",
+    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
+    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
     "Unauthorized operation": "Unauthorized operation",

i18n/locales/ja/data.json

@@ -15,6 +15,8 @@
     "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "プロバイダー名：%sとユーザー名：%s（%s）のアカウントは存在しません。新しいアカウントとしてサインアップすることはできません。 ITサポートに連絡してください",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "プロバイダのアカウント：%s とユーザー名：%s (%s) は既に別のアカウント：%s (%s) にリンクされています",
     "The application: %s does not exist": "アプリケーション: %sは存在しません",
+    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
+    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
     "The login method: login with password is not enabled for the application": "ログイン方法：パスワードでのログインはアプリケーションで有効になっていません",
     "The provider: %s is not enabled for the application": "プロバイダー：%sはアプリケーションでは有効化されていません",
     "Unauthorized operation": "不正操作",

i18n/locales/kk/data.json

@@ -15,6 +15,8 @@
     "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)",
     "The application: %s does not exist": "The application: %s does not exist",
+    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
+    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
     "Unauthorized operation": "Unauthorized operation",

i18n/locales/ko/data.json

@@ -15,6 +15,8 @@
     "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "공급자 계정 %s과 사용자 이름 %s (%s)는 존재하지 않으며 새 계정으로 등록할 수 없습니다. IT 지원팀에 문의하십시오",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "공급자 계정 %s과 사용자 이름 %s(%s)는 이미 다른 계정 %s(%s)에 연결되어 있습니다",
     "The application: %s does not exist": "해당 애플리케이션(%s)이 존재하지 않습니다",
+    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
+    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
     "The login method: login with password is not enabled for the application": "어플리케이션에서는 암호를 사용한 로그인 방법이 활성화되어 있지 않습니다",
     "The provider: %s is not enabled for the application": "제공자 %s은(는) 응용 프로그램에서 활성화되어 있지 않습니다",
     "Unauthorized operation": "무단 조작",

i18n/locales/ms/data.json

@@ -15,6 +15,8 @@
     "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)",
     "The application: %s does not exist": "The application: %s does not exist",
+    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
+    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
     "Unauthorized operation": "Unauthorized operation",

i18n/locales/nl/data.json

@@ -15,6 +15,8 @@
     "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)",
     "The application: %s does not exist": "The application: %s does not exist",
+    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
+    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
     "Unauthorized operation": "Unauthorized operation",

i18n/locales/pl/data.json

@@ -15,6 +15,8 @@
     "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)",
     "The application: %s does not exist": "The application: %s does not exist",
+    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
+    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
     "Unauthorized operation": "Unauthorized operation",

i18n/locales/pt/data.json

@@ -15,6 +15,8 @@
     "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)",
     "The application: %s does not exist": "The application: %s does not exist",
+    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
+    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
     "Unauthorized operation": "Unauthorized operation",

i18n/locales/ru/data.json

@@ -15,6 +15,8 @@
     "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "Аккаунт для провайдера: %s и имя пользователя: %s (%s) не существует и не может быть зарегистрирован как новый аккаунт. Пожалуйста, обратитесь в службу поддержки IT",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "Аккаунт поставщика: %s и имя пользователя: %s (%s) уже связаны с другим аккаунтом: %s (%s)",
     "The application: %s does not exist": "Приложение: %s не существует",
+    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
+    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
     "The login method: login with password is not enabled for the application": "Метод входа: вход с паролем не включен для приложения",
     "The provider: %s is not enabled for the application": "Провайдер: %s не включен для приложения",
     "Unauthorized operation": "Несанкционированная операция",

i18n/locales/sv/data.json

@@ -15,6 +15,8 @@
     "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)",
     "The application: %s does not exist": "The application: %s does not exist",
+    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
+    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
     "Unauthorized operation": "Unauthorized operation",

i18n/locales/tr/data.json

@@ -15,6 +15,8 @@
     "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)",
     "The application: %s does not exist": "The application: %s does not exist",
+    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
+    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
     "Unauthorized operation": "Unauthorized operation",

i18n/locales/uk/data.json

@@ -15,6 +15,8 @@
     "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)",
     "The application: %s does not exist": "The application: %s does not exist",
+    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
+    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
     "Unauthorized operation": "Unauthorized operation",

i18n/locales/vi/data.json

@@ -15,6 +15,8 @@
     "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "Tài khoản cho nhà cung cấp: %s và tên người dùng: %s (%s) không tồn tại và không được phép đăng ký như một tài khoản mới, vui lòng liên hệ với bộ phận hỗ trợ công nghệ thông tin của bạn",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "Tài khoản cho nhà cung cấp: %s và tên người dùng: %s (%s) đã được liên kết với tài khoản khác: %s (%s)",
     "The application: %s does not exist": "Ứng dụng: %s không tồn tại",
+    "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
+    "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
     "The login method: login with password is not enabled for the application": "Phương thức đăng nhập: đăng nhập bằng mật khẩu không được kích hoạt cho ứng dụng",
     "The provider: %s is not enabled for the application": "Nhà cung cấp: %s không được kích hoạt cho ứng dụng",
     "Unauthorized operation": "Hoạt động không được ủy quyền",

i18n/locales/zh/data.json

@@ -15,6 +15,8 @@
     "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "提供商账户: %s 与用户名: %s (%s) 不存在且 不允许注册新账户, 请联系IT支持",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "提供商账户: %s与用户名: %s (%s)已经与其他账户绑定: %s (%s)",
     "The application: %s does not exist": "应用%s不存在",
+    "The login method: login with SMS is not enabled for the application": "该应用禁止采用短信登录方式",
+    "The login method: login with email is not enabled for the application": "该应用禁止采用邮箱登录方式",
     "The login method: login with password is not enabled for the application": "该应用禁止采用密码登录方式",
     "The provider: %s is not enabled for the application": "该应用的提供商: %s未被启用",
     "Unauthorized operation": "未授权的操作",

init_data.json.template

@@ -45,6 +45,23 @@
           "alertType": "None"
         }
       ],
+      "signinMethods": [
+        {
+          "name": "Password",
+          "displayName": "Password",
+          "rule": "None",
+        },
+        {
+          "name": "Verification code",
+          "displayName": "Verification code",
+          "rule": "All",
+        },
+        {
+          "name": "WebAuthn",
+          "displayName": "WebAuthn",
+          "rule": "None",
+        },
+      ],
       "signupItems": [
         {
           "name": "ID",

ldap/server.go

@@ -18,6 +18,7 @@ import (
 	"fmt"
 	"hash/fnv"
 	"log"
+	"strings"
 
 	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/object"
@@ -49,7 +50,17 @@ func handleBind(w ldap.ResponseWriter, m *ldap.Message) {
 	res := ldap.NewBindResponse(ldap.LDAPResultSuccess)
 
 	if r.AuthenticationChoice() == "simple" {
-		bindUsername, bindOrg, err := getNameAndOrgFromDN(string(r.Name()))
+		bindDN := string(r.Name())
+		bindPassword := string(r.AuthenticationSimple())
+
+		if bindDN == "" && bindPassword == "" {
+			res.SetResultCode(ldap.LDAPResultInappropriateAuthentication)
+			res.SetDiagnosticMessage("Anonymous bind disallowed")
+			w.Write(res)
+			return
+		}
+
+		bindUsername, bindOrg, err := getNameAndOrgFromDN(bindDN)
 		if err != nil {
 			log.Printf("getNameAndOrgFromDN() error: %s", err.Error())
 			res.SetResultCode(ldap.LDAPResultInvalidDNSyntax)
@@ -58,7 +69,6 @@ func handleBind(w ldap.ResponseWriter, m *ldap.Message) {
 			return
 		}
 
-		bindPassword := string(r.AuthenticationSimple())
 		bindUser, err := object.CheckUserPassword(bindOrg, bindUsername, bindPassword, "en")
 		if err != nil {
 			log.Printf("Bind failed User=%s, Pass=%#v, ErrMsg=%s", string(r.Name()), r.Authentication(), err)
@@ -93,7 +103,46 @@ func handleSearch(w ldap.ResponseWriter, m *ldap.Message) {
 	}
 
 	r := m.GetSearchRequest()
-	if r.FilterString() == "(objectClass=*)" {
+
+	// case insensitive match
+	if strings.EqualFold(r.FilterString(), "(objectClass=*)") {
+		if len(r.Attributes()) == 0 {
+			w.Write(res)
+			return
+		}
+		first_attr := string(r.Attributes()[0])
+
+		if string(r.BaseObject()) == "" {
+			// handle special search requests
+
+			if first_attr == "namingContexts" {
+				orgs, code := GetFilteredOrganizations(m)
+				if code != ldap.LDAPResultSuccess {
+					res.SetResultCode(code)
+					w.Write(res)
+					return
+				}
+				e := ldap.NewSearchResultEntry(string(r.BaseObject()))
+				dnlist := make([]message.AttributeValue, len(orgs))
+				for i, org := range orgs {
+					dnlist[i] = message.AttributeValue(fmt.Sprintf("ou=%s", org.Name))
+				}
+				e.AddAttribute("namingContexts", dnlist...)
+				w.Write(e)
+			} else if first_attr == "subschemaSubentry" {
+				e := ldap.NewSearchResultEntry(string(r.BaseObject()))
+				e.AddAttribute("subschemaSubentry", message.AttributeValue("cn=Subschema"))
+				w.Write(e)
+			}
+		} else if strings.EqualFold(first_attr, "objectclasses") && string(r.BaseObject()) == "cn=Subschema" {
+			e := ldap.NewSearchResultEntry(string(r.BaseObject()))
+			e.AddAttribute("objectClasses", []message.AttributeValue{
+				"( 1.3.6.1.1.1.2.0 NAME 'posixAccount' DESC 'Abstraction of an account with POSIX attributes' SUP top AUXILIARY MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory ) MAY ( userPassword $ loginShell $ gecos $ description ) )",
+				"( 1.3.6.1.1.1.2.2 NAME 'posixGroup' DESC 'Abstraction of a group of accounts' SUP top STRUCTURAL MUST ( cn $ gidNumber ) MAY ( userPassword $ memberUid $ description ) )",
+			}...)
+			w.Write(e)
+		}
+
 		w.Write(res)
 		return
 	}
@@ -106,38 +155,72 @@ func handleSearch(w ldap.ResponseWriter, m *ldap.Message) {
 	default:
 	}
 
-	users, code := GetFilteredUsers(m)
-	if code != ldap.LDAPResultSuccess {
-		res.SetResultCode(code)
-		w.Write(res)
-		return
-	}
-
-	for _, user := range users {
-		dn := fmt.Sprintf("uid=%s,cn=%s,%s", user.Id, user.Name, string(r.BaseObject()))
-		e := ldap.NewSearchResultEntry(dn)
-		uidNumberStr := fmt.Sprintf("%v", hash(user.Name))
-		e.AddAttribute("uidNumber", message.AttributeValue(uidNumberStr))
-		e.AddAttribute("gidNumber", message.AttributeValue(uidNumberStr))
-		e.AddAttribute("homeDirectory", message.AttributeValue("/home/"+user.Name))
-		e.AddAttribute("cn", message.AttributeValue(user.Name))
-		e.AddAttribute("uid", message.AttributeValue(user.Id))
-		attrs := r.Attributes()
-		for _, attr := range attrs {
-			if string(attr) == "*" {
-				attrs = AdditionalLdapAttributes
-				break
-			}
-		}
-		for _, attr := range attrs {
-			e.AddAttribute(message.AttributeDescription(attr), getAttribute(string(attr), user))
-			if string(attr) == "cn" {
-				e.AddAttribute(message.AttributeDescription(attr), getAttribute("title", user))
-			}
+	objectClass := searchFilterForEquality(r.Filter(), "objectClass", "posixAccount", "posixGroup")
+	switch objectClass {
+	case "posixAccount":
+		users, code := GetFilteredUsers(m)
+		if code != ldap.LDAPResultSuccess {
+			res.SetResultCode(code)
+			w.Write(res)
+			return
 		}
 
-		w.Write(e)
+		// log.Printf("Handling posixAccount filter=%s", r.FilterString())
+		for _, user := range users {
+			dn := fmt.Sprintf("uid=%s,cn=users,%s", user.Name, string(r.BaseObject()))
+			e := ldap.NewSearchResultEntry(dn)
+			attrs := r.Attributes()
+			for _, attr := range attrs {
+				if string(attr) == "*" {
+					attrs = AdditionalLdapUserAttributes
+					break
+				}
+			}
+			for _, attr := range attrs {
+				if strings.HasSuffix(string(attr), ";binary") {
+					// unsupported: userCertificate;binary
+					continue
+				}
+				field, ok := ldapUserAttributesMapping.CaseInsensitiveGet(string(attr))
+				if ok {
+					e.AddAttribute(message.AttributeDescription(attr), field.GetAttributeValues(user)...)
+				}
+			}
+			w.Write(e)
+		}
+
+	case "posixGroup":
+		// log.Printf("Handling posixGroup filter=%s", r.FilterString())
+		groups, code := GetFilteredGroups(m)
+		if code != ldap.LDAPResultSuccess {
+			res.SetResultCode(code)
+			w.Write(res)
+			return
+		}
+
+		for _, group := range groups {
+			dn := fmt.Sprintf("cn=%s,cn=groups,%s", group.Name, string(r.BaseObject()))
+			e := ldap.NewSearchResultEntry(dn)
+			attrs := r.Attributes()
+			for _, attr := range attrs {
+				if string(attr) == "*" {
+					attrs = AdditionalLdapGroupAttributes
+					break
+				}
+			}
+			for _, attr := range attrs {
+				field, ok := ldapGroupAttributesMapping.CaseInsensitiveGet(string(attr))
+				if ok {
+					e.AddAttribute(message.AttributeDescription(attr), field.GetAttributeValues(group)...)
+				}
+			}
+			w.Write(e)
+		}
+
+	case "":
+		log.Printf("Unmatched search request. filter=%s", r.FilterString())
 	}
+
 	w.Write(res)
 }
 

ldap/util.go

@@ -18,6 +18,7 @@ import (
 	"fmt"
 	"log"
 	"strings"
+	"time"
 
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
@@ -28,65 +29,259 @@ import (
 	"github.com/xorm-io/builder"
 )
 
-type AttributeMapper func(user *object.User) message.AttributeValue
+type V = message.AttributeValue
 
-type FieldRelation struct {
+type UserAttributeMapper func(user *object.User) []V
+
+type UserFieldRelation struct {
 	userField     string
+	ldapField     string
 	notSearchable bool
 	hideOnStarOp  bool
-	fieldMapper   AttributeMapper
+	fieldMapper   UserAttributeMapper
+	constantValue []V
 }
 
-func (rel FieldRelation) GetField() (string, error) {
+func (rel UserFieldRelation) GetField() (string, error) {
 	if rel.notSearchable {
 		return "", fmt.Errorf("attribute %s not supported", rel.userField)
 	}
 	return rel.userField, nil
 }
 
-func (rel FieldRelation) GetAttributeValue(user *object.User) message.AttributeValue {
+func (rel UserFieldRelation) GetAttributeValues(user *object.User) []V {
+	if rel.constantValue != nil && rel.fieldMapper == nil {
+		return rel.constantValue
+	}
 	return rel.fieldMapper(user)
 }
 
-var ldapAttributesMapping = map[string]FieldRelation{
-	"cn": {userField: "name", hideOnStarOp: true, fieldMapper: func(user *object.User) message.AttributeValue {
-		return message.AttributeValue(user.Name)
-	}},
-	"uid": {userField: "name", hideOnStarOp: true, fieldMapper: func(user *object.User) message.AttributeValue {
-		return message.AttributeValue(user.Name)
-	}},
-	"displayname": {userField: "displayName", fieldMapper: func(user *object.User) message.AttributeValue {
-		return message.AttributeValue(user.DisplayName)
-	}},
-	"email": {userField: "email", fieldMapper: func(user *object.User) message.AttributeValue {
-		return message.AttributeValue(user.Email)
-	}},
-	"mail": {userField: "email", fieldMapper: func(user *object.User) message.AttributeValue {
-		return message.AttributeValue(user.Email)
-	}},
-	"mobile": {userField: "phone", fieldMapper: func(user *object.User) message.AttributeValue {
-		return message.AttributeValue(user.Phone)
-	}},
-	"title": {userField: "tag", fieldMapper: func(user *object.User) message.AttributeValue {
-		return message.AttributeValue(user.Tag)
-	}},
-	"userPassword": {
-		userField:     "userPassword",
-		notSearchable: true,
-		fieldMapper: func(user *object.User) message.AttributeValue {
-			return message.AttributeValue(getUserPasswordWithType(user))
-		},
-	},
+type UserFieldRelationMap map[string]UserFieldRelation
+
+func (m UserFieldRelationMap) CaseInsensitiveGet(key string) (UserFieldRelation, bool) {
+	lowerKey := strings.ToLower(key)
+	ret, ok := m[lowerKey]
+	return ret, ok
 }
 
-var AdditionalLdapAttributes []message.LDAPString
+type GroupAttributeMapper func(group *object.Group) []V
+
+type GroupFieldRelation struct {
+	groupField    string
+	ldapField     string
+	notSearchable bool
+	hideOnStarOp  bool
+	fieldMapper   GroupAttributeMapper
+	constantValue []V
+}
+
+func (rel GroupFieldRelation) GetField() (string, error) {
+	if rel.notSearchable {
+		return "", fmt.Errorf("attribute %s not supported", rel.groupField)
+	}
+	return rel.groupField, nil
+}
+
+func (rel GroupFieldRelation) GetAttributeValues(group *object.Group) []V {
+	if rel.constantValue != nil && rel.fieldMapper == nil {
+		return rel.constantValue
+	}
+	return rel.fieldMapper(group)
+}
+
+type GroupFieldRelationMap map[string]GroupFieldRelation
+
+func (m GroupFieldRelationMap) CaseInsensitiveGet(key string) (GroupFieldRelation, bool) {
+	lowerKey := strings.ToLower(key)
+	ret, ok := m[lowerKey]
+	return ret, ok
+}
+
+var ldapUserAttributesMapping = UserFieldRelationMap{
+	"cn": {ldapField: "cn", userField: "name", hideOnStarOp: true, fieldMapper: func(user *object.User) []V {
+		return []V{V(user.Name)}
+	}},
+	"uid": {ldapField: "uid", userField: "name", hideOnStarOp: true, fieldMapper: func(user *object.User) []V {
+		return []V{V(user.Name)}
+	}},
+	"displayname": {ldapField: "displayName", userField: "displayName", fieldMapper: func(user *object.User) []V {
+		return []V{V(user.DisplayName)}
+	}},
+	"email": {ldapField: "email", userField: "email", fieldMapper: func(user *object.User) []V {
+		return []V{V(user.Email)}
+	}},
+	"mail": {ldapField: "mail", userField: "email", fieldMapper: func(user *object.User) []V {
+		return []V{V(user.Email)}
+	}},
+	"mobile": {ldapField: "mobile", userField: "phone", fieldMapper: func(user *object.User) []V {
+		return []V{V(user.Phone)}
+	}},
+	"telephonenumber": {ldapField: "telephoneNumber", userField: "phone", fieldMapper: func(user *object.User) []V {
+		return []V{V(user.Phone)}
+	}},
+	"postaladdress": {ldapField: "postalAddress", userField: "address", fieldMapper: func(user *object.User) []V {
+		return []V{V(strings.Join(user.Address, " "))}
+	}},
+	"title": {ldapField: "title", userField: "title", fieldMapper: func(user *object.User) []V {
+		return []V{V(user.Title)}
+	}},
+	"gecos": {ldapField: "gecos", userField: "displayName", fieldMapper: func(user *object.User) []V {
+		return []V{V(user.DisplayName)}
+	}},
+	"description": {ldapField: "description", userField: "displayName", fieldMapper: func(user *object.User) []V {
+		return []V{V(user.DisplayName)}
+	}},
+	"logindisabled": {ldapField: "loginDisabled", userField: "isForbidden", fieldMapper: func(user *object.User) []V {
+		if user.IsForbidden {
+			return []V{V("1")}
+		} else {
+			return []V{V("0")}
+		}
+	}},
+	"userpassword": {
+		ldapField:     "userPassword",
+		userField:     "userPassword",
+		notSearchable: true,
+		fieldMapper: func(user *object.User) []V {
+			return []V{V(getUserPasswordWithType(user))}
+		},
+	},
+	"uidnumber": {ldapField: "uidNumber", notSearchable: true, fieldMapper: func(user *object.User) []V {
+		return []V{V(fmt.Sprintf("%v", hash(user.Name)))}
+	}},
+	"gidnumber": {ldapField: "gidNumber", notSearchable: true, fieldMapper: func(user *object.User) []V {
+		if len(user.Groups) == 0 {
+			return []V{V("")}
+		}
+		group, err := object.GetGroup(user.Groups[0])
+		if err != nil {
+			log.Printf("gidnumber object.GetGroup error: %s", err)
+			return []V{V("")}
+		}
+		return []V{V(fmt.Sprintf("%v", hash(group.Name)))}
+	}},
+	"homedirectory": {ldapField: "homeDirectory", notSearchable: true, fieldMapper: func(user *object.User) []V {
+		return []V{V("/home/" + user.Name)}
+	}},
+	"loginshell": {ldapField: "loginShell", notSearchable: true, fieldMapper: func(user *object.User) []V {
+		if user.IsForbidden || user.IsDeleted {
+			return []V{V("/sbin/nologin")}
+		} else {
+			return []V{V("/bin/bash")}
+		}
+	}},
+	"shadowlastchange": {ldapField: "shadowLastChange", notSearchable: true, fieldMapper: func(user *object.User) []V {
+		// "this attribute specifies number of days between January 1, 1970, and the date that the password was last modified"
+		updatedTime, err := time.Parse(time.RFC3339, user.UpdatedTime)
+		if err != nil {
+			log.Printf("shadowlastchange time.Parse error: %s", err)
+			updatedTime = time.Now()
+		}
+		return []V{V(fmt.Sprint(updatedTime.Unix() / 86400))}
+	}},
+	"pwdchangedtime": {ldapField: "pwdChangedTime", notSearchable: true, fieldMapper: func(user *object.User) []V {
+		updatedTime, err := time.Parse(time.RFC3339, user.UpdatedTime)
+		if err != nil {
+			log.Printf("pwdchangedtime time.Parse error: %s", err)
+			updatedTime = time.Now()
+		}
+		return []V{V(updatedTime.UTC().Format("20060102030405Z"))}
+	}},
+	"shadowmin":     {ldapField: "shadowMin", notSearchable: true, constantValue: []V{V("0")}},
+	"shadowmax":     {ldapField: "shadowMax", notSearchable: true, constantValue: []V{V("99999")}},
+	"shadowwarning": {ldapField: "shadowWarning", notSearchable: true, constantValue: []V{V("7")}},
+	"shadowexpire": {ldapField: "shadowExpire", notSearchable: true, fieldMapper: func(user *object.User) []V {
+		if user.IsForbidden {
+			return []V{V("1")}
+		} else {
+			return []V{V("-1")}
+		}
+	}},
+	"shadowinactive": {ldapField: "shadowInactive", notSearchable: true, constantValue: []V{V("0")}},
+	"shadowflag":     {ldapField: "shadowFlag", notSearchable: true, constantValue: []V{V("0")}},
+	"memberof": {ldapField: "memberOf", notSearchable: true, fieldMapper: func(user *object.User) []V {
+		var groupdn []V
+		for _, groupId := range user.Groups {
+			group, err := object.GetGroup(groupId)
+			if err != nil {
+				log.Printf("memberOf object.GetGroup error: %s", err)
+				continue
+			}
+			groupdn = append(groupdn, V(fmt.Sprintf("cn=%s,cn=groups,ou=%s", group.Name, group.Owner)))
+		}
+		return groupdn
+	}},
+	"objectclass": {ldapField: "objectClass", notSearchable: true, constantValue: []V{
+		V("top"),
+		V("posixAccount"),
+		V("shadowAccount"),
+		V("person"),
+		V("organizationalPerson"),
+		V("inetOrgPerson"),
+		V("apple-user"),
+		V("sambaSamAccount"),
+		V("sambaIdmapEntry"),
+		V("extensibleObject"),
+	}},
+}
+
+var ldapGroupAttributesMapping = GroupFieldRelationMap{
+	"cn": {ldapField: "cn", hideOnStarOp: true, fieldMapper: func(group *object.Group) []V {
+		return []V{V(group.Name)}
+	}},
+	"gidnumber": {ldapField: "gidNumber", hideOnStarOp: true, fieldMapper: func(group *object.Group) []V {
+		return []V{V(fmt.Sprintf("%v", hash(group.Name)))}
+	}},
+	"member": {ldapField: "member", fieldMapper: func(group *object.Group) []V {
+		users, err := object.GetGroupUsers(group.GetId())
+		if err != nil {
+			log.Printf("member object.GetGroupUsers error: %s", err)
+			return []V{V("")}
+		}
+		var members []V
+		for _, user := range users {
+			members = append(members, V(fmt.Sprintf("uid=%s,cn=users,ou=%s", user.Name, user.Owner)))
+		}
+		return members
+	}},
+	"memberuid": {ldapField: "memberUid", fieldMapper: func(group *object.Group) []V {
+		users, err := object.GetGroupUsers(group.GetId())
+		if err != nil {
+			log.Printf("member object.GetGroupUsers error: %s", err)
+			return []V{V("")}
+		}
+		var members []message.AttributeValue
+		for _, user := range users {
+			members = append(members, message.AttributeValue(user.Name))
+		}
+		return members
+	}},
+	"description": {ldapField: "description", hideOnStarOp: true, fieldMapper: func(group *object.Group) []V {
+		return []V{V(group.DisplayName)}
+	}},
+	"objectclass": {ldapField: "objectClass", hideOnStarOp: true, constantValue: []V{
+		V("top"),
+		V("posixGroup"),
+	}},
+}
+
+var (
+	AdditionalLdapUserAttributes  []message.LDAPString
+	AdditionalLdapGroupAttributes []message.LDAPString
+)
 
 func init() {
-	for k, v := range ldapAttributesMapping {
+	for _, v := range ldapUserAttributesMapping {
 		if v.hideOnStarOp {
 			continue
 		}
-		AdditionalLdapAttributes = append(AdditionalLdapAttributes, message.LDAPString(k))
+		AdditionalLdapUserAttributes = append(AdditionalLdapUserAttributes, message.LDAPString(v.ldapField))
+	}
+	for _, v := range ldapGroupAttributesMapping {
+		if v.hideOnStarOp {
+			continue
+		}
+		AdditionalLdapGroupAttributes = append(AdditionalLdapGroupAttributes, message.LDAPString(v.ldapField))
 	}
 }
 
@@ -307,6 +502,52 @@ func GetFilteredUsers(m *ldap.Message) (filteredUsers []*object.User, code int)
 	}
 }
 
+func GetFilteredOrganizations(m *ldap.Message) ([]*object.Organization, int) {
+	if m.Client.IsGlobalAdmin {
+		organizations, err := object.GetOrganizations("")
+		if err != nil {
+			panic(err)
+		}
+		return organizations, ldap.LDAPResultSuccess
+	} else if m.Client.IsOrgAdmin {
+		requestUserId := util.GetId(m.Client.OrgName, m.Client.UserName)
+		user, err := object.GetUser(requestUserId)
+		if err != nil {
+			panic(err)
+		}
+		organization, err := object.GetOrganizationByUser(user)
+		if err != nil {
+			panic(err)
+		}
+		return []*object.Organization{organization}, ldap.LDAPResultSuccess
+	} else {
+		return nil, ldap.LDAPResultInsufficientAccessRights
+	}
+}
+
+func GetFilteredGroups(m *ldap.Message) ([]*object.Group, int) {
+	if m.Client.IsGlobalAdmin {
+		groups, err := object.GetGroups("")
+		if err != nil {
+			panic(err)
+		}
+		return groups, ldap.LDAPResultSuccess
+	} else if m.Client.IsOrgAdmin {
+		requestUserId := util.GetId(m.Client.OrgName, m.Client.UserName)
+		user, err := object.GetUser(requestUserId)
+		if err != nil {
+			panic(err)
+		}
+		groups, err := object.GetGroups(user.Owner)
+		if err != nil {
+			panic(err)
+		}
+		return groups, ldap.LDAPResultSuccess
+	} else {
+		return nil, ldap.LDAPResultInsufficientAccessRights
+	}
+}
+
 // get user password with hash type prefix
 // TODO not handle salt yet
 // @return {md5}5f4dcc3b5aa765d61d8327deb882cf99
@@ -330,18 +571,49 @@ func getUserPasswordWithType(user *object.User) string {
 	return fmt.Sprintf("{%s}%s", prefix, user.Password)
 }
 
-func getAttribute(attributeName string, user *object.User) message.AttributeValue {
-	v, ok := ldapAttributesMapping[attributeName]
-	if !ok {
-		return ""
-	}
-	return v.GetAttributeValue(user)
-}
-
 func getUserFieldFromAttribute(attributeName string) (string, error) {
-	v, ok := ldapAttributesMapping[attributeName]
+	v, ok := ldapUserAttributesMapping.CaseInsensitiveGet(attributeName)
 	if !ok {
 		return "", fmt.Errorf("attribute %s not supported", attributeName)
 	}
 	return v.GetField()
 }
+
+func searchFilterForEquality(filter message.Filter, desc string, values ...string) string {
+	switch f := filter.(type) {
+	case message.FilterAnd:
+		for _, child := range f {
+			if val := searchFilterForEquality(child, desc, values...); val != "" {
+				return val
+			}
+		}
+	case message.FilterOr:
+		for _, child := range f {
+			if val := searchFilterForEquality(child, desc, values...); val != "" {
+				return val
+			}
+		}
+	case message.FilterNot:
+		return searchFilterForEquality(f.Filter, desc, values...)
+	case message.FilterSubstrings:
+		// Handle FilterSubstrings case if needed
+	case message.FilterEqualityMatch:
+		if strings.EqualFold(string(f.AttributeDesc()), desc) {
+			for _, value := range values {
+				if val := string(f.AssertionValue()); val == value {
+					return val
+				}
+			}
+		}
+	case message.FilterGreaterOrEqual:
+		// Handle FilterGreaterOrEqual case if needed
+	case message.FilterLessOrEqual:
+		// Handle FilterLessOrEqual case if needed
+	case message.FilterPresent:
+		// Handle FilterPresent case if needed
+	case message.FilterApproxMatch:
+		// Handle FilterApproxMatch case if needed
+	}
+
+	return ""
+}

object/application.go

@@ -24,6 +24,12 @@ import (
 	"github.com/xorm-io/core"
 )
 
+type SigninMethod struct {
+	Name        string `xorm:"varchar(100) notnull pk" json:"name"`
+	DisplayName string `xorm:"varchar(100)" json:"displayName"`
+	Rule        string `json:"rule"`
+}
+
 type SignupItem struct {
 	Name        string `json:"name"`
 	Visible     bool   `json:"visible"`
@@ -63,6 +69,7 @@ type Application struct {
 	OrgChoiceMode       string          `json:"orgChoiceMode"`
 	SamlReplyUrl        string          `xorm:"varchar(100)" json:"samlReplyUrl"`
 	Providers           []*ProviderItem `xorm:"mediumtext" json:"providers"`
+	SigninMethods       []*SigninMethod `xorm:"varchar(2000)" json:"signinMethods"`
 	SignupItems         []*SignupItem   `xorm:"varchar(2000)" json:"signupItems"`
 	GrantTypes          []string        `xorm:"varchar(1000)" json:"grantTypes"`
 	OrganizationObj     *Organization   `xorm:"-" json:"organizationObj"`
@@ -191,6 +198,30 @@ func extendApplicationWithOrg(application *Application) (err error) {
 	return
 }
 
+func extendApplicationWithSigninMethods(application *Application) (err error) {
+	if len(application.SigninMethods) == 0 {
+		if application.EnablePassword {
+			signinMethod := &SigninMethod{Name: "Password", DisplayName: "Password", Rule: "None"}
+			application.SigninMethods = append(application.SigninMethods, signinMethod)
+		}
+		if application.EnableCodeSignin {
+			signinMethod := &SigninMethod{Name: "Verification code", DisplayName: "Verification code", Rule: "All"}
+			application.SigninMethods = append(application.SigninMethods, signinMethod)
+		}
+		if application.EnableWebAuthn {
+			signinMethod := &SigninMethod{Name: "WebAuthn", DisplayName: "WebAuthn", Rule: "None"}
+			application.SigninMethods = append(application.SigninMethods, signinMethod)
+		}
+	}
+
+	if len(application.SigninMethods) == 0 {
+		signinMethod := &SigninMethod{Name: "Password", DisplayName: "Password", Rule: "None"}
+		application.SigninMethods = append(application.SigninMethods, signinMethod)
+	}
+
+	return
+}
+
 func getApplication(owner string, name string) (*Application, error) {
 	if owner == "" || name == "" {
 		return nil, nil
@@ -213,6 +244,11 @@ func getApplication(owner string, name string) (*Application, error) {
 			return nil, err
 		}
 
+		err = extendApplicationWithSigninMethods(&application)
+		if err != nil {
+			return nil, err
+		}
+
 		return &application, nil
 	} else {
 		return nil, nil
@@ -237,6 +273,11 @@ func GetApplicationByOrganizationName(organization string) (*Application, error)
 			return nil, err
 		}
 
+		err = extendApplicationWithSigninMethods(&application)
+		if err != nil {
+			return nil, err
+		}
+
 		return &application, nil
 	} else {
 		return nil, nil
@@ -284,6 +325,11 @@ func GetApplicationByClientId(clientId string) (*Application, error) {
 			return nil, err
 		}
 
+		err = extendApplicationWithSigninMethods(&application)
+		if err != nil {
+			return nil, err
+		}
+
 		return &application, nil
 	} else {
 		return nil, nil
@@ -485,6 +531,45 @@ func (application *Application) IsRedirectUriValid(redirectUri string) bool {
 	return false
 }
 
+func (application *Application) IsPasswordEnabled() bool {
+	if len(application.SigninMethods) == 0 {
+		return application.EnablePassword
+	} else {
+		for _, signinMethod := range application.SigninMethods {
+			if signinMethod.Name == "Password" {
+				return true
+			}
+		}
+		return false
+	}
+}
+
+func (application *Application) IsCodeSigninViaEmailEnabled() bool {
+	if len(application.SigninMethods) == 0 {
+		return application.EnableCodeSignin
+	} else {
+		for _, signinMethod := range application.SigninMethods {
+			if signinMethod.Name == "Verification code" && signinMethod.Rule != "Phone only" {
+				return true
+			}
+		}
+		return false
+	}
+}
+
+func (application *Application) IsCodeSigninViaSmsEnabled() bool {
+	if len(application.SigninMethods) == 0 {
+		return application.EnableCodeSignin
+	} else {
+		for _, signinMethod := range application.SigninMethods {
+			if signinMethod.Name == "Verification code" && signinMethod.Rule != "Email only" {
+				return true
+			}
+		}
+		return false
+	}
+}
+
 func IsOriginAllowed(origin string) (bool, error) {
 	applications, err := GetApplications("")
 	if err != nil {
@@ -579,7 +664,7 @@ func applicationChangeTrigger(oldName string, newName string) error {
 			}
 		}
 		permissions[i].Resources = permissionResoureces
-		_, err = session.Where("name=?", permissions[i].Name).Update(permissions[i])
+		_, err = session.Where("owner=?", permissions[i].Owner).Where("name=?", permissions[i].Name).Update(permissions[i])
 		if err != nil {
 			return err
 		}

object/group.go

@@ -18,6 +18,7 @@ import (
 	"errors"
 	"fmt"
 
+	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/util"
 	"github.com/xorm-io/builder"
 	"github.com/xorm-io/core"
@@ -224,7 +225,8 @@ func GetGroupUserCount(groupId string, field, value string) (int64, error) {
 	if field == "" && value == "" {
 		return int64(len(names)), nil
 	} else {
-		return ormer.Engine.Table("user").
+		tableNamePrefix := conf.GetConfigString("tableNamePrefix")
+		return ormer.Engine.Table(tableNamePrefix+"user").
 			Where("owner = ?", owner).In("name", names).
 			And(fmt.Sprintf("user.%s like ?", util.CamelToSnakeCase(field)), "%"+value+"%").
 			Count()
@@ -239,7 +241,8 @@ func GetPaginationGroupUsers(groupId string, offset, limit int, field, value, so
 		return nil, err
 	}
 
-	session := ormer.Engine.Table("user").
+	tableNamePrefix := conf.GetConfigString("tableNamePrefix")
+	session := ormer.Engine.Table(tableNamePrefix+"user").
 		Where("owner = ?", owner).In("name", names)
 
 	if offset != -1 && limit != -1 {

object/init.go

@@ -180,6 +180,11 @@ func initBuiltInApplication() {
 		Providers: []*ProviderItem{
 			{Name: "provider_captcha_default", CanSignUp: false, CanSignIn: false, CanUnlink: false, Prompted: false, SignupGroup: "", Rule: "None", Provider: nil},
 		},
+		SigninMethods: []*SigninMethod{
+			{Name: "Password", DisplayName: "Password", Rule: "None"},
+			{Name: "Verification code", DisplayName: "Verification code", Rule: "All"},
+			{Name: "WebAuthn", DisplayName: "WebAuthn", Rule: "None"},
+		},
 		SignupItems: []*SignupItem{
 			{Name: "ID", Visible: false, Required: true, Prompted: false, Rule: "Random"},
 			{Name: "Username", Visible: true, Required: true, Prompted: false, Rule: "None"},

object/init_data.go

@@ -136,6 +136,9 @@ func readInitDataFromFile(filePath string) (*InitData, error) {
 		if application.Providers == nil {
 			application.Providers = []*ProviderItem{}
 		}
+		if application.SigninMethods == nil {
+			application.SigninMethods = []*SigninMethod{}
+		}
 		if application.SignupItems == nil {
 			application.SignupItems = []*SignupItem{}
 		}

object/invitation.go

@@ -0,0 +1,134 @@
+// Copyright 2023 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package object
+
+import (
+	"fmt"
+
+	"github.com/casdoor/casdoor/util"
+	"github.com/xorm-io/core"
+)
+
+type Invitation struct {
+	Owner       string `xorm:"varchar(100) notnull pk" json:"owner"`
+	Name        string `xorm:"varchar(100) notnull pk" json:"name"`
+	CreatedTime string `xorm:"varchar(100)" json:"createdTime"`
+	UpdatedTime string `xorm:"varchar(100)" json:"updatedTime"`
+	DisplayName string `xorm:"varchar(100)" json:"displayName"`
+
+	Code      string `xorm:"varchar(100)" json:"code"`
+	Quota     int    `json:"quota"`
+	UsedCount int    `json:"usedCount"`
+
+	Application string `xorm:"varchar(100)" json:"application"`
+	Username    string `xorm:"varchar(100)" json:"username"`
+	Email       string `xorm:"varchar(100)" json:"email"`
+	Phone       string `xorm:"varchar(100)" json:"phone"`
+
+	SignupGroup string `xorm:"varchar(100)" json:"signupGroup"`
+
+	State string `xorm:"varchar(100)" json:"state"`
+}
+
+func GetInvitationCount(owner, field, value string) (int64, error) {
+	session := GetSession(owner, -1, -1, field, value, "", "")
+	return session.Count(&Invitation{})
+}
+
+func GetInvitations(owner string) ([]*Invitation, error) {
+	invitations := []*Invitation{}
+	err := ormer.Engine.Desc("created_time").Find(&invitations, &Invitation{Owner: owner})
+	if err != nil {
+		return invitations, err
+	}
+
+	return invitations, nil
+}
+
+func GetPaginationInvitations(owner string, offset, limit int, field, value, sortField, sortOrder string) ([]*Invitation, error) {
+	invitations := []*Invitation{}
+	session := GetSession(owner, offset, limit, field, value, sortField, sortOrder)
+	err := session.Find(&invitations)
+	if err != nil {
+		return invitations, err
+	}
+
+	return invitations, nil
+}
+
+func getInvitation(owner string, name string) (*Invitation, error) {
+	if owner == "" || name == "" {
+		return nil, nil
+	}
+
+	invitation := Invitation{Owner: owner, Name: name}
+	existed, err := ormer.Engine.Get(&invitation)
+	if err != nil {
+		return &invitation, nil
+	}
+
+	if existed {
+		return &invitation, nil
+	} else {
+		return nil, nil
+	}
+}
+
+func GetInvitation(id string) (*Invitation, error) {
+	owner, name := util.GetOwnerAndNameFromId(id)
+	return getInvitation(owner, name)
+}
+
+func UpdateInvitation(id string, invitation *Invitation) (bool, error) {
+	owner, name := util.GetOwnerAndNameFromId(id)
+	if p, err := getInvitation(owner, name); err != nil {
+		return false, err
+	} else if p == nil {
+		return false, nil
+	}
+
+	affected, err := ormer.Engine.ID(core.PK{owner, name}).AllCols().Update(invitation)
+	if err != nil {
+		return false, err
+	}
+
+	return affected != 0, nil
+}
+
+func AddInvitation(invitation *Invitation) (bool, error) {
+	affected, err := ormer.Engine.Insert(invitation)
+	if err != nil {
+		return false, err
+	}
+
+	return affected != 0, nil
+}
+
+func DeleteInvitation(invitation *Invitation) (bool, error) {
+	affected, err := ormer.Engine.ID(core.PK{invitation.Owner, invitation.Name}).Delete(&Invitation{})
+	if err != nil {
+		return false, err
+	}
+
+	return affected != 0, nil
+}
+
+func (invitation *Invitation) GetId() string {
+	return fmt.Sprintf("%s/%s", invitation.Owner, invitation.Name)
+}
+
+func VerifyInvitation(id string) (payment *Payment, attachInfo map[string]interface{}, err error) {
+	return nil, nil, fmt.Errorf("the invitation: %s does not exist", id)
+}

object/ldap_conn.go

@@ -19,6 +19,7 @@ import (
 	"fmt"
 	"strings"
 
+	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/util"
 	goldap "github.com/go-ldap/ldap/v3"
 	"github.com/thanhpk/randstr"
@@ -356,7 +357,8 @@ func SyncLdapUsers(owner string, syncUsers []LdapUser, ldapId string) (existUser
 func GetExistUuids(owner string, uuids []string) ([]string, error) {
 	var existUuids []string
 
-	err := ormer.Engine.Table("user").Where("owner = ?", owner).Cols("ldap").
+	tableNamePrefix := conf.GetConfigString("tableNamePrefix")
+	err := ormer.Engine.Table(tableNamePrefix+"user").Where("owner = ?", owner).Cols("ldap").
 		In("ldap", uuids).Select("DISTINCT ldap").Find(&existUuids)
 	if err != nil {
 		return existUuids, err

object/ormer.go

@@ -234,12 +234,37 @@ func (a *Ormer) createTable() {
 		panic(err)
 	}
 
+	err = a.Engine.Sync2(new(Group))
+	if err != nil {
+		panic(err)
+	}
+
 	err = a.Engine.Sync2(new(User))
 	if err != nil {
 		panic(err)
 	}
 
-	err = a.Engine.Sync2(new(Group))
+	err = a.Engine.Sync2(new(Invitation))
+	if err != nil {
+		panic(err)
+	}
+
+	err = a.Engine.Sync2(new(Application))
+	if err != nil {
+		panic(err)
+	}
+
+	err = a.Engine.Sync2(new(Provider))
+	if err != nil {
+		panic(err)
+	}
+
+	err = a.Engine.Sync2(new(Resource))
+	if err != nil {
+		panic(err)
+	}
+
+	err = a.Engine.Sync2(new(Cert))
 	if err != nil {
 		panic(err)
 	}
@@ -269,17 +294,7 @@ func (a *Ormer) createTable() {
 		panic(err)
 	}
 
-	err = a.Engine.Sync2(new(Provider))
-	if err != nil {
-		panic(err)
-	}
-
-	err = a.Engine.Sync2(new(Application))
-	if err != nil {
-		panic(err)
-	}
-
-	err = a.Engine.Sync2(new(Resource))
+	err = a.Engine.Sync2(new(Session))
 	if err != nil {
 		panic(err)
 	}
@@ -289,26 +304,6 @@ func (a *Ormer) createTable() {
 		panic(err)
 	}
 
-	err = a.Engine.Sync2(new(VerificationRecord))
-	if err != nil {
-		panic(err)
-	}
-
-	err = a.Engine.Sync2(new(Webhook))
-	if err != nil {
-		panic(err)
-	}
-
-	err = a.Engine.Sync2(new(Syncer))
-	if err != nil {
-		panic(err)
-	}
-
-	err = a.Engine.Sync2(new(Cert))
-	if err != nil {
-		panic(err)
-	}
-
 	err = a.Engine.Sync2(new(Product))
 	if err != nil {
 		panic(err)
@@ -319,6 +314,36 @@ func (a *Ormer) createTable() {
 		panic(err)
 	}
 
+	err = a.Engine.Sync2(new(Plan))
+	if err != nil {
+		panic(err)
+	}
+
+	err = a.Engine.Sync2(new(Pricing))
+	if err != nil {
+		panic(err)
+	}
+
+	err = a.Engine.Sync2(new(Subscription))
+	if err != nil {
+		panic(err)
+	}
+
+	err = a.Engine.Sync2(new(Syncer))
+	if err != nil {
+		panic(err)
+	}
+
+	err = a.Engine.Sync2(new(Webhook))
+	if err != nil {
+		panic(err)
+	}
+
+	err = a.Engine.Sync2(new(VerificationRecord))
+	if err != nil {
+		panic(err)
+	}
+
 	err = a.Engine.Sync2(new(Ldap))
 	if err != nil {
 		panic(err)
@@ -333,24 +358,4 @@ func (a *Ormer) createTable() {
 	if err != nil {
 		panic(err)
 	}
-
-	err = a.Engine.Sync2(new(Session))
-	if err != nil {
-		panic(err)
-	}
-
-	err = a.Engine.Sync2(new(Subscription))
-	if err != nil {
-		panic(err)
-	}
-
-	err = a.Engine.Sync2(new(Plan))
-	if err != nil {
-		panic(err)
-	}
-
-	err = a.Engine.Sync2(new(Pricing))
-	if err != nil {
-		panic(err)
-	}
 }

object/permission_enforcer.go

@@ -284,24 +284,28 @@ func removeGroupingPolicies(permission *Permission) error {
 	return nil
 }
 
-type CasbinRequest = []interface{}
-
-func Enforce(permission *Permission, request *CasbinRequest, permissionIds ...string) (bool, error) {
+func Enforce(permission *Permission, request []string, permissionIds ...string) (bool, error) {
 	enforcer, err := getPermissionEnforcer(permission, permissionIds...)
 	if err != nil {
 		return false, err
 	}
 
-	return enforcer.Enforce(*request...)
+	// type transformation
+	interfaceRequest := util.StringToInterfaceArray(request)
+
+	return enforcer.Enforce(interfaceRequest...)
 }
 
-func BatchEnforce(permission *Permission, requests *[]CasbinRequest, permissionIds ...string) ([]bool, error) {
+func BatchEnforce(permission *Permission, requests [][]string, permissionIds ...string) ([]bool, error) {
 	enforcer, err := getPermissionEnforcer(permission, permissionIds...)
 	if err != nil {
 		return nil, err
 	}
 
-	return enforcer.BatchEnforce(*requests)
+	// type transformation
+	interfaceRequests := util.StringToInterfaceArray2d(requests)
+
+	return enforcer.BatchEnforce(interfaceRequests)
 }
 
 func getAllValues(userId string, fn func(enforcer *casbin.Enforcer) []string) ([]string, error) {

object/provider.go

@@ -52,7 +52,7 @@ type Provider struct {
 	Port       int    `json:"port"`
 	DisableSsl bool   `json:"disableSsl"` // If the provider type is WeChat, DisableSsl means EnableQRCode
 	Title      string `xorm:"varchar(100)" json:"title"`
-	Content    string `xorm:"varchar(1000)" json:"content"` // If provider type is WeChat, Content means QRCode string by Base64 encoding
+	Content    string `xorm:"varchar(2000)" json:"content"` // If provider type is WeChat, Content means QRCode string by Base64 encoding
 	Receiver   string `xorm:"varchar(100)" json:"receiver"`
 
 	RegionId     string `xorm:"varchar(100)" json:"regionId"`

object/saml_idp.go

@@ -28,10 +28,10 @@ import (
 	"io"
 	"time"
 
-	"github.com/RobotsAndPencils/go-saml"
 	"github.com/beevik/etree"
 	"github.com/golang-jwt/jwt/v4"
 	"github.com/google/uuid"
+	saml "github.com/russellhaering/gosaml2"
 	dsig "github.com/russellhaering/goxmldsig"
 )
 
@@ -283,15 +283,15 @@ func GetSamlResponse(application *Application, user *User, samlRequest string, h
 		}
 	}
 
-	var authnRequest saml.AuthnRequest
+	var authnRequest saml.AuthNRequest
 	err = xml.Unmarshal(buffer.Bytes(), &authnRequest)
 	if err != nil {
 		return "", "", method, fmt.Errorf("err: Failed to unmarshal AuthnRequest, please check the SAML request. %s", err.Error())
 	}
 
 	// verify samlRequest
-	if isValid := application.IsRedirectUriValid(authnRequest.Issuer.Url); !isValid {
-		return "", "", method, fmt.Errorf("err: Issuer URI: %s doesn't exist in the allowed Redirect URI list", authnRequest.Issuer.Url)
+	if isValid := application.IsRedirectUriValid(authnRequest.Issuer); !isValid {
+		return "", "", method, fmt.Errorf("err: Issuer URI: %s doesn't exist in the allowed Redirect URI list", authnRequest.Issuer)
 	}
 
 	// get certificate string
@@ -317,7 +317,7 @@ func GetSamlResponse(application *Application, user *User, samlRequest string, h
 
 	_, originBackend := getOriginFromHost(host)
 	// build signedResponse
-	samlResponse, _ := NewSamlResponse(application, user, originBackend, certificate, authnRequest.AssertionConsumerServiceURL, authnRequest.Issuer.Url, authnRequest.ID, application.RedirectUris)
+	samlResponse, _ := NewSamlResponse(application, user, originBackend, certificate, authnRequest.AssertionConsumerServiceURL, authnRequest.Issuer, authnRequest.ID, application.RedirectUris)
 	randomKeyStore := &X509Key{
 		PrivateKey:      cert.PrivateKey,
 		X509Certificate: certificate,

object/storage.go

@@ -72,6 +72,10 @@ func GetTruncatedPath(provider *Provider, fullFilePath string, limit int) string
 }
 
 func GetUploadFileUrl(provider *Provider, fullFilePath string, hasTimestamp bool) (string, string) {
+	if provider.Domain != "" && !strings.HasPrefix(provider.Domain, "http://") && !strings.HasPrefix(provider.Domain, "https://") {
+		provider.Domain = fmt.Sprintf("https://%s", provider.Domain)
+	}
+
 	escapedPath := util.UrlJoin(provider.PathPrefix, fullFilePath)
 	objectKey := util.UrlJoin(util.GetUrlPath(provider.Domain), escapedPath)
 
@@ -79,9 +83,6 @@ func GetUploadFileUrl(provider *Provider, fullFilePath string, hasTimestamp bool
 	if provider.Type != "Local File System" {
 		// provider.Domain = "https://cdn.casbin.com/casdoor/"
 		host = util.GetUrlHost(provider.Domain)
-		if !strings.HasPrefix(host, "http://") && !strings.HasPrefix(host, "https://") {
-			host = fmt.Sprintf("https://%s", host)
-		}
 	} else {
 		// provider.Domain = "http://localhost:8000" or "https://door.casdoor.com"
 		host = util.UrlJoin(provider.Domain, "/files")
@@ -90,9 +91,12 @@ func GetUploadFileUrl(provider *Provider, fullFilePath string, hasTimestamp bool
 		host = util.UrlJoin(host, provider.Bucket)
 	}
 
-	fileUrl := util.UrlJoin(host, escapePath(objectKey))
+	fileUrl := ""
+	if host != "" {
+		fileUrl = util.UrlJoin(host, escapePath(objectKey))
+	}
 
-	if hasTimestamp {
+	if fileUrl != "" && hasTimestamp {
 		fileUrl = fmt.Sprintf("%s?t=%s", fileUrl, util.GetCurrentUnixTime())
 	}
 

object/syncer_sync.go

@@ -54,6 +54,15 @@ func (syncer *Syncer) syncUsers() error {
 	var affiliationMap map[int]string
 	if syncer.AffiliationTable != "" {
 		_, affiliationMap, err = syncer.getAffiliationMap()
+		if err != nil {
+			line := fmt.Sprintf("[%s] %s\n", util.GetCurrentTime(), err.Error())
+			_, err2 := updateSyncerErrorText(syncer, line)
+			if err2 != nil {
+				panic(err2)
+			}
+
+			return err
+		}
 	}
 
 	key := syncer.getKey()

object/user.go

@@ -867,7 +867,8 @@ func GetUserInfo(user *User, scope string, aud string, host string) *Userinfo {
 	}
 	if strings.Contains(scope, "email") {
 		resp.Email = user.Email
-		resp.EmailVerified = user.EmailVerified
+		// resp.EmailVerified = user.EmailVerified
+		resp.EmailVerified = true
 	}
 	if strings.Contains(scope, "address") {
 		resp.Address = user.Location
@@ -886,6 +887,18 @@ func (user *User) GetId() string {
 	return fmt.Sprintf("%s/%s", user.Owner, user.Name)
 }
 
+func (user *User) GetFriendlyName() string {
+	if user.FirstName != "" && user.LastName != "" {
+		return fmt.Sprintf("%s, %s", user.FirstName, user.LastName)
+	} else if user.DisplayName != "" {
+		return user.DisplayName
+	} else if user.Name != "" {
+		return user.Name
+	} else {
+		return user.Id
+	}
+}
+
 func isUserIdGlobalAdmin(userId string) bool {
 	return strings.HasPrefix(userId, "built-in/") || strings.HasPrefix(userId, "app/")
 }

object/verification.go

@@ -89,7 +89,10 @@ func SendVerificationCodeToEmail(organization *Organization, user *User, provide
 	}
 
 	// "You have requested a verification code at Casdoor. Here is your code: %s, please enter in 5 minutes."
-	content := fmt.Sprintf(provider.Content, code)
+	content := strings.Replace(provider.Content, "%s", code, 1)
+	if user != nil {
+		content = strings.Replace(content, "%{user.friendlyName}", user.GetFriendlyName(), 1)
+	}
 
 	if err := IsAllowSend(user, remoteAddr, provider.Category); err != nil {
 		return err

routers/router.go

@@ -73,6 +73,12 @@ func initAPI() {
 	beego.Router("/api/get-default-application", &controllers.ApiController{}, "GET:GetDefaultApplication")
 	beego.Router("/api/get-organization-names", &controllers.ApiController{}, "GET:GetOrganizationNames")
 
+	beego.Router("/api/get-groups", &controllers.ApiController{}, "GET:GetGroups")
+	beego.Router("/api/get-group", &controllers.ApiController{}, "GET:GetGroup")
+	beego.Router("/api/update-group", &controllers.ApiController{}, "POST:UpdateGroup")
+	beego.Router("/api/add-group", &controllers.ApiController{}, "POST:AddGroup")
+	beego.Router("/api/delete-group", &controllers.ApiController{}, "POST:DeleteGroup")
+
 	beego.Router("/api/get-global-users", &controllers.ApiController{}, "GET:GetGlobalUsers")
 	beego.Router("/api/get-users", &controllers.ApiController{}, "GET:GetUsers")
 	beego.Router("/api/get-sorted-users", &controllers.ApiController{}, "GET:GetSortedUsers")
@@ -85,11 +91,41 @@ func initAPI() {
 	beego.Router("/api/upload-users", &controllers.ApiController{}, "POST:UploadUsers")
 	beego.Router("/api/remove-user-from-group", &controllers.ApiController{}, "POST:RemoveUserFromGroup")
 
-	beego.Router("/api/get-groups", &controllers.ApiController{}, "GET:GetGroups")
-	beego.Router("/api/get-group", &controllers.ApiController{}, "GET:GetGroup")
-	beego.Router("/api/update-group", &controllers.ApiController{}, "POST:UpdateGroup")
-	beego.Router("/api/add-group", &controllers.ApiController{}, "POST:AddGroup")
-	beego.Router("/api/delete-group", &controllers.ApiController{}, "POST:DeleteGroup")
+	beego.Router("/api/get-invitations", &controllers.ApiController{}, "GET:GetInvitations")
+	beego.Router("/api/get-invitation", &controllers.ApiController{}, "GET:GetInvitation")
+	beego.Router("/api/update-invitation", &controllers.ApiController{}, "POST:UpdateInvitation")
+	beego.Router("/api/add-invitation", &controllers.ApiController{}, "POST:AddInvitation")
+	beego.Router("/api/delete-invitation", &controllers.ApiController{}, "POST:DeleteInvitation")
+	beego.Router("/api/verify-invitation", &controllers.ApiController{}, "GET:VerifyInvitation")
+
+	beego.Router("/api/get-applications", &controllers.ApiController{}, "GET:GetApplications")
+	beego.Router("/api/get-application", &controllers.ApiController{}, "GET:GetApplication")
+	beego.Router("/api/get-user-application", &controllers.ApiController{}, "GET:GetUserApplication")
+	beego.Router("/api/get-organization-applications", &controllers.ApiController{}, "GET:GetOrganizationApplications")
+	beego.Router("/api/update-application", &controllers.ApiController{}, "POST:UpdateApplication")
+	beego.Router("/api/add-application", &controllers.ApiController{}, "POST:AddApplication")
+	beego.Router("/api/delete-application", &controllers.ApiController{}, "POST:DeleteApplication")
+
+	beego.Router("/api/get-providers", &controllers.ApiController{}, "GET:GetProviders")
+	beego.Router("/api/get-provider", &controllers.ApiController{}, "GET:GetProvider")
+	beego.Router("/api/get-global-providers", &controllers.ApiController{}, "GET:GetGlobalProviders")
+	beego.Router("/api/update-provider", &controllers.ApiController{}, "POST:UpdateProvider")
+	beego.Router("/api/add-provider", &controllers.ApiController{}, "POST:AddProvider")
+	beego.Router("/api/delete-provider", &controllers.ApiController{}, "POST:DeleteProvider")
+
+	beego.Router("/api/get-resources", &controllers.ApiController{}, "GET:GetResources")
+	beego.Router("/api/get-resource", &controllers.ApiController{}, "GET:GetResource")
+	beego.Router("/api/update-resource", &controllers.ApiController{}, "POST:UpdateResource")
+	beego.Router("/api/add-resource", &controllers.ApiController{}, "POST:AddResource")
+	beego.Router("/api/delete-resource", &controllers.ApiController{}, "POST:DeleteResource")
+	beego.Router("/api/upload-resource", &controllers.ApiController{}, "POST:UploadResource")
+
+	beego.Router("/api/get-certs", &controllers.ApiController{}, "GET:GetCerts")
+	beego.Router("/api/get-global-certs", &controllers.ApiController{}, "GET:GetGlobalCerts")
+	beego.Router("/api/get-cert", &controllers.ApiController{}, "GET:GetCert")
+	beego.Router("/api/update-cert", &controllers.ApiController{}, "POST:UpdateCert")
+	beego.Router("/api/add-cert", &controllers.ApiController{}, "POST:AddCert")
+	beego.Router("/api/delete-cert", &controllers.ApiController{}, "POST:DeleteCert")
 
 	beego.Router("/api/get-roles", &controllers.ApiController{}, "GET:GetRoles")
 	beego.Router("/api/get-role", &controllers.ApiController{}, "GET:GetRole")
@@ -107,12 +143,6 @@ func initAPI() {
 	beego.Router("/api/delete-permission", &controllers.ApiController{}, "POST:DeletePermission")
 	beego.Router("/api/upload-permissions", &controllers.ApiController{}, "POST:UploadPermissions")
 
-	beego.Router("/api/enforce", &controllers.ApiController{}, "POST:Enforce")
-	beego.Router("/api/batch-enforce", &controllers.ApiController{}, "POST:BatchEnforce")
-	beego.Router("/api/get-all-objects", &controllers.ApiController{}, "GET:GetAllObjects")
-	beego.Router("/api/get-all-actions", &controllers.ApiController{}, "GET:GetAllActions")
-	beego.Router("/api/get-all-roles", &controllers.ApiController{}, "GET:GetAllRoles")
-
 	beego.Router("/api/get-models", &controllers.ApiController{}, "GET:GetModels")
 	beego.Router("/api/get-model", &controllers.ApiController{}, "GET:GetModel")
 	beego.Router("/api/update-model", &controllers.ApiController{}, "POST:UpdateModel")
@@ -135,53 +165,11 @@ func initAPI() {
 	beego.Router("/api/add-enforcer", &controllers.ApiController{}, "POST:AddEnforcer")
 	beego.Router("/api/delete-enforcer", &controllers.ApiController{}, "POST:DeleteEnforcer")
 
-	beego.Router("/api/set-password", &controllers.ApiController{}, "POST:SetPassword")
-	beego.Router("/api/check-user-password", &controllers.ApiController{}, "POST:CheckUserPassword")
-	beego.Router("/api/get-email-and-phone", &controllers.ApiController{}, "GET:GetEmailAndPhone")
-	beego.Router("/api/send-verification-code", &controllers.ApiController{}, "POST:SendVerificationCode")
-	beego.Router("/api/verify-code", &controllers.ApiController{}, "POST:VerifyCode")
-	beego.Router("/api/verify-captcha", &controllers.ApiController{}, "POST:VerifyCaptcha")
-	beego.Router("/api/reset-email-or-phone", &controllers.ApiController{}, "POST:ResetEmailOrPhone")
-	beego.Router("/api/get-captcha", &controllers.ApiController{}, "GET:GetCaptcha")
-
-	beego.Router("/api/get-ldap-users", &controllers.ApiController{}, "GET:GetLdapUsers")
-	beego.Router("/api/get-ldaps", &controllers.ApiController{}, "GET:GetLdaps")
-	beego.Router("/api/get-ldap", &controllers.ApiController{}, "GET:GetLdap")
-	beego.Router("/api/add-ldap", &controllers.ApiController{}, "POST:AddLdap")
-	beego.Router("/api/update-ldap", &controllers.ApiController{}, "POST:UpdateLdap")
-	beego.Router("/api/delete-ldap", &controllers.ApiController{}, "POST:DeleteLdap")
-	beego.Router("/api/sync-ldap-users", &controllers.ApiController{}, "POST:SyncLdapUsers")
-
-	beego.Router("/api/get-providers", &controllers.ApiController{}, "GET:GetProviders")
-	beego.Router("/api/get-provider", &controllers.ApiController{}, "GET:GetProvider")
-	beego.Router("/api/get-global-providers", &controllers.ApiController{}, "GET:GetGlobalProviders")
-	beego.Router("/api/update-provider", &controllers.ApiController{}, "POST:UpdateProvider")
-	beego.Router("/api/add-provider", &controllers.ApiController{}, "POST:AddProvider")
-	beego.Router("/api/delete-provider", &controllers.ApiController{}, "POST:DeleteProvider")
-
-	beego.Router("/api/get-applications", &controllers.ApiController{}, "GET:GetApplications")
-	beego.Router("/api/get-application", &controllers.ApiController{}, "GET:GetApplication")
-	beego.Router("/api/get-user-application", &controllers.ApiController{}, "GET:GetUserApplication")
-	beego.Router("/api/get-organization-applications", &controllers.ApiController{}, "GET:GetOrganizationApplications")
-	beego.Router("/api/update-application", &controllers.ApiController{}, "POST:UpdateApplication")
-	beego.Router("/api/add-application", &controllers.ApiController{}, "POST:AddApplication")
-	beego.Router("/api/delete-application", &controllers.ApiController{}, "POST:DeleteApplication")
-
-	beego.Router("/api/get-resources", &controllers.ApiController{}, "GET:GetResources")
-	beego.Router("/api/get-resource", &controllers.ApiController{}, "GET:GetResource")
-	beego.Router("/api/update-resource", &controllers.ApiController{}, "POST:UpdateResource")
-	beego.Router("/api/add-resource", &controllers.ApiController{}, "POST:AddResource")
-	beego.Router("/api/delete-resource", &controllers.ApiController{}, "POST:DeleteResource")
-	beego.Router("/api/upload-resource", &controllers.ApiController{}, "POST:UploadResource")
-
-	beego.Router("/api/get-tokens", &controllers.ApiController{}, "GET:GetTokens")
-	beego.Router("/api/get-token", &controllers.ApiController{}, "GET:GetToken")
-	beego.Router("/api/update-token", &controllers.ApiController{}, "POST:UpdateToken")
-	beego.Router("/api/add-token", &controllers.ApiController{}, "POST:AddToken")
-	beego.Router("/api/delete-token", &controllers.ApiController{}, "POST:DeleteToken")
-	beego.Router("/api/login/oauth/access_token", &controllers.ApiController{}, "POST:GetOAuthToken")
-	beego.Router("/api/login/oauth/refresh_token", &controllers.ApiController{}, "POST:RefreshToken")
-	beego.Router("/api/login/oauth/introspect", &controllers.ApiController{}, "POST:IntrospectToken")
+	beego.Router("/api/enforce", &controllers.ApiController{}, "POST:Enforce")
+	beego.Router("/api/batch-enforce", &controllers.ApiController{}, "POST:BatchEnforce")
+	beego.Router("/api/get-all-objects", &controllers.ApiController{}, "GET:GetAllObjects")
+	beego.Router("/api/get-all-actions", &controllers.ApiController{}, "GET:GetAllActions")
+	beego.Router("/api/get-all-roles", &controllers.ApiController{}, "GET:GetAllRoles")
 
 	beego.Router("/api/get-sessions", &controllers.ApiController{}, "GET:GetSessions")
 	beego.Router("/api/get-session", &controllers.ApiController{}, "GET:GetSingleSession")
@@ -190,43 +178,11 @@ func initAPI() {
 	beego.Router("/api/delete-session", &controllers.ApiController{}, "POST:DeleteSession")
 	beego.Router("/api/is-session-duplicated", &controllers.ApiController{}, "GET:IsSessionDuplicated")
 
-	beego.Router("/api/get-webhooks", &controllers.ApiController{}, "GET:GetWebhooks")
-	beego.Router("/api/get-webhook", &controllers.ApiController{}, "GET:GetWebhook")
-	beego.Router("/api/update-webhook", &controllers.ApiController{}, "POST:UpdateWebhook")
-	beego.Router("/api/add-webhook", &controllers.ApiController{}, "POST:AddWebhook")
-	beego.Router("/api/delete-webhook", &controllers.ApiController{}, "POST:DeleteWebhook")
-
-	beego.Router("/api/get-syncers", &controllers.ApiController{}, "GET:GetSyncers")
-	beego.Router("/api/get-syncer", &controllers.ApiController{}, "GET:GetSyncer")
-	beego.Router("/api/update-syncer", &controllers.ApiController{}, "POST:UpdateSyncer")
-	beego.Router("/api/add-syncer", &controllers.ApiController{}, "POST:AddSyncer")
-	beego.Router("/api/delete-syncer", &controllers.ApiController{}, "POST:DeleteSyncer")
-	beego.Router("/api/run-syncer", &controllers.ApiController{}, "GET:RunSyncer")
-
-	beego.Router("/api/get-certs", &controllers.ApiController{}, "GET:GetCerts")
-	beego.Router("/api/get-global-certs", &controllers.ApiController{}, "GET:GetGlobalCerts")
-	beego.Router("/api/get-cert", &controllers.ApiController{}, "GET:GetCert")
-	beego.Router("/api/update-cert", &controllers.ApiController{}, "POST:UpdateCert")
-	beego.Router("/api/add-cert", &controllers.ApiController{}, "POST:AddCert")
-	beego.Router("/api/delete-cert", &controllers.ApiController{}, "POST:DeleteCert")
-
-	beego.Router("/api/get-subscriptions", &controllers.ApiController{}, "GET:GetSubscriptions")
-	beego.Router("/api/get-subscription", &controllers.ApiController{}, "GET:GetSubscription")
-	beego.Router("/api/update-subscription", &controllers.ApiController{}, "POST:UpdateSubscription")
-	beego.Router("/api/add-subscription", &controllers.ApiController{}, "POST:AddSubscription")
-	beego.Router("/api/delete-subscription", &controllers.ApiController{}, "POST:DeleteSubscription")
-
-	beego.Router("/api/get-plans", &controllers.ApiController{}, "GET:GetPlans")
-	beego.Router("/api/get-plan", &controllers.ApiController{}, "GET:GetPlan")
-	beego.Router("/api/update-plan", &controllers.ApiController{}, "POST:UpdatePlan")
-	beego.Router("/api/add-plan", &controllers.ApiController{}, "POST:AddPlan")
-	beego.Router("/api/delete-plan", &controllers.ApiController{}, "POST:DeletePlan")
-
-	beego.Router("/api/get-pricings", &controllers.ApiController{}, "GET:GetPricings")
-	beego.Router("/api/get-pricing", &controllers.ApiController{}, "GET:GetPricing")
-	beego.Router("/api/update-pricing", &controllers.ApiController{}, "POST:UpdatePricing")
-	beego.Router("/api/add-pricing", &controllers.ApiController{}, "POST:AddPricing")
-	beego.Router("/api/delete-pricing", &controllers.ApiController{}, "POST:DeletePricing")
+	beego.Router("/api/get-tokens", &controllers.ApiController{}, "GET:GetTokens")
+	beego.Router("/api/get-token", &controllers.ApiController{}, "GET:GetToken")
+	beego.Router("/api/update-token", &controllers.ApiController{}, "POST:UpdateToken")
+	beego.Router("/api/add-token", &controllers.ApiController{}, "POST:AddToken")
+	beego.Router("/api/delete-token", &controllers.ApiController{}, "POST:DeleteToken")
 
 	beego.Router("/api/get-products", &controllers.ApiController{}, "GET:GetProducts")
 	beego.Router("/api/get-product", &controllers.ApiController{}, "GET:GetProduct")
@@ -244,6 +200,64 @@ func initAPI() {
 	beego.Router("/api/notify-payment/?:owner/?:payment", &controllers.ApiController{}, "POST:NotifyPayment")
 	beego.Router("/api/invoice-payment", &controllers.ApiController{}, "POST:InvoicePayment")
 
+	beego.Router("/api/get-plans", &controllers.ApiController{}, "GET:GetPlans")
+	beego.Router("/api/get-plan", &controllers.ApiController{}, "GET:GetPlan")
+	beego.Router("/api/update-plan", &controllers.ApiController{}, "POST:UpdatePlan")
+	beego.Router("/api/add-plan", &controllers.ApiController{}, "POST:AddPlan")
+	beego.Router("/api/delete-plan", &controllers.ApiController{}, "POST:DeletePlan")
+
+	beego.Router("/api/get-pricings", &controllers.ApiController{}, "GET:GetPricings")
+	beego.Router("/api/get-pricing", &controllers.ApiController{}, "GET:GetPricing")
+	beego.Router("/api/update-pricing", &controllers.ApiController{}, "POST:UpdatePricing")
+	beego.Router("/api/add-pricing", &controllers.ApiController{}, "POST:AddPricing")
+	beego.Router("/api/delete-pricing", &controllers.ApiController{}, "POST:DeletePricing")
+
+	beego.Router("/api/get-subscriptions", &controllers.ApiController{}, "GET:GetSubscriptions")
+	beego.Router("/api/get-subscription", &controllers.ApiController{}, "GET:GetSubscription")
+	beego.Router("/api/update-subscription", &controllers.ApiController{}, "POST:UpdateSubscription")
+	beego.Router("/api/add-subscription", &controllers.ApiController{}, "POST:AddSubscription")
+	beego.Router("/api/delete-subscription", &controllers.ApiController{}, "POST:DeleteSubscription")
+
+	beego.Router("/api/get-system-info", &controllers.ApiController{}, "GET:GetSystemInfo")
+	beego.Router("/api/get-version-info", &controllers.ApiController{}, "GET:GetVersionInfo")
+	beego.Router("/api/health", &controllers.ApiController{}, "GET:Health")
+	beego.Router("/api/get-prometheus-info", &controllers.ApiController{}, "GET:GetPrometheusInfo")
+	beego.Handler("/api/metrics", promhttp.Handler())
+
+	beego.Router("/api/get-syncers", &controllers.ApiController{}, "GET:GetSyncers")
+	beego.Router("/api/get-syncer", &controllers.ApiController{}, "GET:GetSyncer")
+	beego.Router("/api/update-syncer", &controllers.ApiController{}, "POST:UpdateSyncer")
+	beego.Router("/api/add-syncer", &controllers.ApiController{}, "POST:AddSyncer")
+	beego.Router("/api/delete-syncer", &controllers.ApiController{}, "POST:DeleteSyncer")
+	beego.Router("/api/run-syncer", &controllers.ApiController{}, "GET:RunSyncer")
+
+	beego.Router("/api/get-webhooks", &controllers.ApiController{}, "GET:GetWebhooks")
+	beego.Router("/api/get-webhook", &controllers.ApiController{}, "GET:GetWebhook")
+	beego.Router("/api/update-webhook", &controllers.ApiController{}, "POST:UpdateWebhook")
+	beego.Router("/api/add-webhook", &controllers.ApiController{}, "POST:AddWebhook")
+	beego.Router("/api/delete-webhook", &controllers.ApiController{}, "POST:DeleteWebhook")
+
+	beego.Router("/api/set-password", &controllers.ApiController{}, "POST:SetPassword")
+	beego.Router("/api/check-user-password", &controllers.ApiController{}, "POST:CheckUserPassword")
+	beego.Router("/api/get-email-and-phone", &controllers.ApiController{}, "GET:GetEmailAndPhone")
+	beego.Router("/api/send-verification-code", &controllers.ApiController{}, "POST:SendVerificationCode")
+	beego.Router("/api/verify-code", &controllers.ApiController{}, "POST:VerifyCode")
+	beego.Router("/api/verify-captcha", &controllers.ApiController{}, "POST:VerifyCaptcha")
+	beego.Router("/api/reset-email-or-phone", &controllers.ApiController{}, "POST:ResetEmailOrPhone")
+	beego.Router("/api/get-captcha", &controllers.ApiController{}, "GET:GetCaptcha")
+
+	beego.Router("/api/get-ldap-users", &controllers.ApiController{}, "GET:GetLdapUsers")
+	beego.Router("/api/get-ldaps", &controllers.ApiController{}, "GET:GetLdaps")
+	beego.Router("/api/get-ldap", &controllers.ApiController{}, "GET:GetLdap")
+	beego.Router("/api/add-ldap", &controllers.ApiController{}, "POST:AddLdap")
+	beego.Router("/api/update-ldap", &controllers.ApiController{}, "POST:UpdateLdap")
+	beego.Router("/api/delete-ldap", &controllers.ApiController{}, "POST:DeleteLdap")
+	beego.Router("/api/sync-ldap-users", &controllers.ApiController{}, "POST:SyncLdapUsers")
+
+	beego.Router("/api/login/oauth/access_token", &controllers.ApiController{}, "POST:GetOAuthToken")
+	beego.Router("/api/login/oauth/refresh_token", &controllers.ApiController{}, "POST:RefreshToken")
+	beego.Router("/api/login/oauth/introspect", &controllers.ApiController{}, "POST:IntrospectToken")
+
 	beego.Router("/api/send-email", &controllers.ApiController{}, "POST:SendEmail")
 	beego.Router("/api/send-sms", &controllers.ApiController{}, "POST:SendSms")
 	beego.Router("/api/send-notification", &controllers.ApiController{}, "POST:SendNotification")
@@ -259,13 +273,6 @@ func initAPI() {
 	beego.Router("/api/delete-mfa", &controllers.ApiController{}, "POST:DeleteMfa")
 	beego.Router("/api/set-preferred-mfa", &controllers.ApiController{}, "POST:SetPreferredMfa")
 
-	beego.Router("/api/get-system-info", &controllers.ApiController{}, "GET:GetSystemInfo")
-	beego.Router("/api/get-version-info", &controllers.ApiController{}, "GET:GetVersionInfo")
-	beego.Router("/api/health", &controllers.ApiController{}, "GET:Health")
-	beego.Router("/api/get-prometheus-info", &controllers.ApiController{}, "GET:GetPrometheusInfo")
-
-	beego.Handler("/api/metrics", promhttp.Handler())
-
 	beego.Router("/.well-known/openid-configuration", &controllers.RootController{}, "GET:GetOidcDiscovery")
 	beego.Router("/.well-known/jwks", &controllers.RootController{}, "*:GetJwks")
 

swagger/swagger.json

@@ -811,9 +811,9 @@
                 ],
                 "responses": {
                     "200": {
-                        "description": "object",
+                        "description": "The Response object",
                         "schema": {
-                            "$ref": "#/definitions/Response"
+                            "$ref": "#/definitions/controllers.Response"
                         }
                     }
                 }
@@ -839,9 +839,9 @@
                 ],
                 "responses": {
                     "200": {
-                        "description": "object",
+                        "description": "The Response object",
                         "schema": {
-                            "$ref": "#/definitions/Response"
+                            "$ref": "#/definitions/controllers.Response"
                         }
                     }
                 }
@@ -881,9 +881,9 @@
                 ],
                 "responses": {
                     "200": {
-                        "description": "object",
+                        "description": "The Response object",
                         "schema": {
-                            "$ref": "#/definitions/Response"
+                            "$ref": "#/definitions/controllers.Response"
                         }
                     }
                 }
@@ -935,7 +935,10 @@
                         "description": "array of casbin requests",
                         "required": true,
                         "schema": {
-                            "$ref": "#/definitions/object.CasbinRequest"
+                            "type": "array",
+                            "items": {
+                                "type": "string"
+                            }
                         }
                     },
                     {
@@ -1108,7 +1111,7 @@
                         "description": "The enforcer object",
                         "required": true,
                         "schema": {
-                            "$ref": "#/definitions/object.Enforce"
+                            "$ref": "#/definitions/object.Enforcer"
                         }
                     }
                 ],
@@ -1187,9 +1190,9 @@
                 "operationId": "ApiController.DeleteMfa",
                 "responses": {
                     "200": {
-                        "description": "object",
+                        "description": "The Response object",
                         "schema": {
-                            "$ref": "#/definitions/Response"
+                            "$ref": "#/definitions/controllers.Response"
                         }
                     }
                 }
@@ -1657,7 +1660,10 @@
                         "description": "Casbin request",
                         "required": true,
                         "schema": {
-                            "$ref": "#/definitions/object.CasbinRequest"
+                            "type": "array",
+                            "items": {
+                                "type": "string"
+                            }
                         }
                     },
                     {
@@ -1809,7 +1815,7 @@
                     "200": {
                         "description": "The Response object",
                         "schema": {
-                            "$ref": "#/definitions/Response"
+                            "$ref": "#/definitions/controllers.Response"
                         }
                     }
                 }
@@ -1962,7 +1968,7 @@
                     "200": {
                         "description": "The Response object",
                         "schema": {
-                            "$ref": "#/definitions/Response"
+                            "$ref": "#/definitions/controllers.Response"
                         }
                     }
                 }
@@ -2208,7 +2214,7 @@
                     "200": {
                         "description": "The Response object",
                         "schema": {
-                            "$ref": "#/definitions/LdapResp"
+                            "$ref": "#/definitions/controllers.LdapResp"
                         }
                     }
                 }
@@ -3826,9 +3832,9 @@
                 "operationId": "ApiController.MfaSetupEnable",
                 "responses": {
                     "200": {
-                        "description": "object",
+                        "description": "The Response object",
                         "schema": {
-                            "$ref": "#/definitions/Response"
+                            "$ref": "#/definitions/controllers.Response"
                         }
                     }
                 }
@@ -3860,9 +3866,9 @@
                 "operationId": "ApiController.MfaSetupVerify",
                 "responses": {
                     "200": {
-                        "description": "object",
+                        "description": "The Response object",
                         "schema": {
-                            "$ref": "#/definitions/Response"
+                            "$ref": "#/definitions/controllers.Response"
                         }
                     }
                 }
@@ -3996,9 +4002,9 @@
                 "operationId": "ApiController.SetPreferredMfa",
                 "responses": {
                     "200": {
-                        "description": "object",
+                        "description": "The Response object",
                         "schema": {
-                            "$ref": "#/definitions/Response"
+                            "$ref": "#/definitions/controllers.Response"
                         }
                     }
                 }
@@ -4057,7 +4063,7 @@
                     "200": {
                         "description": "The Response object",
                         "schema": {
-                            "$ref": "#/definitions/LdapSyncResp"
+                            "$ref": "#/definitions/controllers.LdapSyncResp"
                         }
                     }
                 }
@@ -4925,7 +4931,7 @@
                     "200": {
                         "description": "The Response object",
                         "schema": {
-                            "$ref": "#/definitions/LaravelResponse"
+                            "$ref": "#/definitions/controllers.LaravelResponse"
                         }
                     }
                 }
@@ -5131,22 +5137,6 @@
         }
     },
     "definitions": {
-        "LaravelResponse": {
-            "title": "LaravelResponse",
-            "type": "object"
-        },
-        "LdapResp": {
-            "title": "LdapResp",
-            "type": "object"
-        },
-        "LdapSyncResp": {
-            "title": "LdapSyncResp",
-            "type": "object"
-        },
-        "Response": {
-            "title": "Response",
-            "type": "object"
-        },
         "casbin.Enforcer": {
             "title": "Enforcer",
             "type": "object"
@@ -5179,6 +5169,66 @@
                 }
             }
         },
+        "controllers.LaravelResponse": {
+            "title": "LaravelResponse",
+            "type": "object",
+            "properties": {
+                "created_at": {
+                    "type": "string"
+                },
+                "email": {
+                    "type": "string"
+                },
+                "email_verified_at": {
+                    "type": "string"
+                },
+                "id": {
+                    "type": "string"
+                },
+                "name": {
+                    "type": "string"
+                },
+                "updated_at": {
+                    "type": "string"
+                }
+            }
+        },
+        "controllers.LdapResp": {
+            "title": "LdapResp",
+            "type": "object",
+            "properties": {
+                "existUuids": {
+                    "type": "array",
+                    "items": {
+                        "type": "string"
+                    }
+                },
+                "users": {
+                    "type": "array",
+                    "items": {
+                        "$ref": "#/definitions/object.LdapUser"
+                    }
+                }
+            }
+        },
+        "controllers.LdapSyncResp": {
+            "title": "LdapSyncResp",
+            "type": "object",
+            "properties": {
+                "exist": {
+                    "type": "array",
+                    "items": {
+                        "$ref": "#/definitions/object.LdapUser"
+                    }
+                },
+                "failed": {
+                    "type": "array",
+                    "items": {
+                        "$ref": "#/definitions/object.LdapUser"
+                    }
+                }
+            }
+        },
         "controllers.NotificationForm": {
             "title": "NotificationForm",
             "type": "object",
@@ -5236,10 +5286,6 @@
                 }
             }
         },
-        "jose.JSONWebKey": {
-            "title": "JSONWebKey",
-            "type": "object"
-        },
         "model.Model": {
             "title": "Model",
             "type": "object"
@@ -5368,6 +5414,14 @@
                     "type": "integer",
                     "format": "int64"
                 },
+                "failedSigninLimit": {
+                    "type": "integer",
+                    "format": "int64"
+                },
+                "failedSigninfrozenTime": {
+                    "type": "integer",
+                    "format": "int64"
+                },
                 "forgetUrl": {
                     "type": "string"
                 },
@@ -5480,12 +5534,6 @@
                 }
             }
         },
-        "object.CasbinRequest": {
-            "title": "CasbinRequest",
-            "type": "array",
-            "items": {
-            }
-        },
         "object.Cert": {
             "title": "Cert",
             "type": "object",
@@ -5527,10 +5575,6 @@
                 }
             }
         },
-        "object.Enforce": {
-            "title": "Enforce",
-            "type": "object"
-        },
         "object.Enforcer": {
             "title": "Enforcer",
             "type": "object",
@@ -5771,6 +5815,66 @@
                 }
             }
         },
+        "object.LdapUser": {
+            "title": "LdapUser",
+            "type": "object",
+            "properties": {
+                "EmailAddress": {
+                    "type": "string"
+                },
+                "Mail": {
+                    "type": "string"
+                },
+                "MobileTelephoneNumber": {
+                    "type": "string"
+                },
+                "PostalAddress": {
+                    "type": "string"
+                },
+                "RegisteredAddress": {
+                    "type": "string"
+                },
+                "TelephoneNumber": {
+                    "type": "string"
+                },
+                "address": {
+                    "type": "string"
+                },
+                "cn": {
+                    "type": "string"
+                },
+                "displayName": {
+                    "type": "string"
+                },
+                "email": {
+                    "type": "string"
+                },
+                "gidNumber": {
+                    "type": "string"
+                },
+                "groupId": {
+                    "type": "string"
+                },
+                "memberOf": {
+                    "type": "string"
+                },
+                "mobile": {
+                    "type": "string"
+                },
+                "uid": {
+                    "type": "string"
+                },
+                "uidNumber": {
+                    "type": "string"
+                },
+                "userPrincipalName": {
+                    "type": "string"
+                },
+                "uuid": {
+                    "type": "string"
+                }
+            }
+        },
         "object.ManagedAccount": {
             "title": "ManagedAccount",
             "type": "object",
@@ -7529,22 +7633,6 @@
             ],
             "example": "Paid"
         },
-        "protocol.CredentialAssertion": {
-            "title": "CredentialAssertion",
-            "type": "object"
-        },
-        "protocol.CredentialAssertionResponse": {
-            "title": "CredentialAssertionResponse",
-            "type": "object"
-        },
-        "protocol.CredentialCreation": {
-            "title": "CredentialCreation",
-            "type": "object"
-        },
-        "protocol.CredentialCreationResponse": {
-            "title": "CredentialCreationResponse",
-            "type": "object"
-        },
         "util.SystemInfo": {
             "title": "SystemInfo",
             "type": "object",

swagger/swagger.yml

@@ -525,9 +525,9 @@ paths:
           $ref: '#/definitions/controllers.EmailForm'
       responses:
         "200":
-          description: object
+          description: The Response object
           schema:
-            $ref: '#/definitions/Response'
+            $ref: '#/definitions/controllers.Response'
   /api/api/send-notification:
     post:
       tags:
@@ -543,9 +543,9 @@ paths:
           $ref: '#/definitions/controllers.NotificationForm'
       responses:
         "200":
-          description: object
+          description: The Response object
           schema:
-            $ref: '#/definitions/Response'
+            $ref: '#/definitions/controllers.Response'
   /api/api/send-sms:
     post:
       tags:
@@ -571,9 +571,9 @@ paths:
           $ref: '#/definitions/controllers.SmsForm'
       responses:
         "200":
-          description: object
+          description: The Response object
           schema:
-            $ref: '#/definitions/Response'
+            $ref: '#/definitions/controllers.Response'
   /api/api/verify-code:
     post:
       tags:
@@ -606,7 +606,9 @@ paths:
         description: array of casbin requests
         required: true
         schema:
-          $ref: '#/definitions/object.CasbinRequest'
+          type: array
+          items:
+            type: string
       - in: query
         name: permissionId
         description: permission id
@@ -718,7 +720,7 @@ paths:
         description: The enforcer object
         required: true
         schema:
-          $ref: '#/definitions/object.Enforce'
+          $ref: '#/definitions/object.Enforcer'
       responses:
         "200":
           description: ""
@@ -768,9 +770,9 @@ paths:
       operationId: ApiController.DeleteMfa
       responses:
         "200":
-          description: object
+          description: The Response object
           schema:
-            $ref: '#/definitions/Response'
+            $ref: '#/definitions/controllers.Response'
   /api/delete-model:
     post:
       tags:
@@ -1071,7 +1073,9 @@ paths:
         description: Casbin request
         required: true
         schema:
-          $ref: '#/definitions/object.CasbinRequest'
+          type: array
+          items:
+            type: string
       - in: query
         name: permissionId
         description: permission id
@@ -1172,7 +1176,7 @@ paths:
         "200":
           description: The Response object
           schema:
-            $ref: '#/definitions/Response'
+            $ref: '#/definitions/controllers.Response'
   /api/get-application:
     get:
       tags:
@@ -1272,7 +1276,7 @@ paths:
         "200":
           description: The Response object
           schema:
-            $ref: '#/definitions/Response'
+            $ref: '#/definitions/controllers.Response'
   /api/get-email-and-phone:
     get:
       tags:
@@ -1433,7 +1437,7 @@ paths:
         "200":
           description: The Response object
           schema:
-            $ref: '#/definitions/LdapResp'
+            $ref: '#/definitions/controllers.LdapResp'
   /api/get-ldaps:
     get:
       tags:
@@ -2496,9 +2500,9 @@ paths:
       operationId: ApiController.MfaSetupEnable
       responses:
         "200":
-          description: object
+          description: The Response object
           schema:
-            $ref: '#/definitions/Response'
+            $ref: '#/definitions/controllers.Response'
   /api/mfa/setup/initiate:
     post:
       tags:
@@ -2518,9 +2522,9 @@ paths:
       operationId: ApiController.MfaSetupVerify
       responses:
         "200":
-          description: object
+          description: The Response object
           schema:
-            $ref: '#/definitions/Response'
+            $ref: '#/definitions/controllers.Response'
   /api/notify-payment:
     post:
       tags:
@@ -2607,9 +2611,9 @@ paths:
       operationId: ApiController.SetPreferredMfa
       responses:
         "200":
-          description: object
+          description: The Response object
           schema:
-            $ref: '#/definitions/Response'
+            $ref: '#/definitions/controllers.Response'
   /api/signup:
     post:
       tags:
@@ -2648,7 +2652,7 @@ paths:
         "200":
           description: The Response object
           schema:
-            $ref: '#/definitions/LdapSyncResp'
+            $ref: '#/definitions/controllers.LdapSyncResp'
   /api/unlink:
     post:
       tags:
@@ -3219,7 +3223,7 @@ paths:
         "200":
           description: The Response object
           schema:
-            $ref: '#/definitions/LaravelResponse'
+            $ref: '#/definitions/controllers.LaravelResponse'
   /api/userinfo:
     get:
       tags:
@@ -3351,18 +3355,6 @@ paths:
           schema:
             $ref: '#/definitions/object.TokenError'
 definitions:
-  LaravelResponse:
-    title: LaravelResponse
-    type: object
-  LdapResp:
-    title: LdapResp
-    type: object
-  LdapSyncResp:
-    title: LdapSyncResp
-    type: object
-  Response:
-    title: Response
-    type: object
   casbin.Enforcer:
     title: Enforcer
     type: object
@@ -3385,6 +3377,46 @@ definitions:
         type: string
       title:
         type: string
+  controllers.LaravelResponse:
+    title: LaravelResponse
+    type: object
+    properties:
+      created_at:
+        type: string
+      email:
+        type: string
+      email_verified_at:
+        type: string
+      id:
+        type: string
+      name:
+        type: string
+      updated_at:
+        type: string
+  controllers.LdapResp:
+    title: LdapResp
+    type: object
+    properties:
+      existUuids:
+        type: array
+        items:
+          type: string
+      users:
+        type: array
+        items:
+          $ref: '#/definitions/object.LdapUser'
+  controllers.LdapSyncResp:
+    title: LdapSyncResp
+    type: object
+    properties:
+      exist:
+        type: array
+        items:
+          $ref: '#/definitions/object.LdapUser'
+      failed:
+        type: array
+        items:
+          $ref: '#/definitions/object.LdapUser'
   controllers.NotificationForm:
     title: NotificationForm
     type: object
@@ -3514,6 +3546,12 @@ definitions:
       expireInHours:
         type: integer
         format: int64
+      failedSigninLimit:
+        type: integer
+        format: int64
+      failedSigninfrozenTime:
+        type: integer
+        format: int64
       forgetUrl:
         type: string
       formBackgroundUrl:
@@ -3588,11 +3626,6 @@ definitions:
         $ref: '#/definitions/object.ThemeData'
       tokenFormat:
         type: string
-  object.CasbinRequest:
-    title: CasbinRequest
-    type: array
-    items:
-      $ref: '#/definitions/object.CasbinRequest'
   object.Cert:
     title: Cert
     type: object
@@ -3621,9 +3654,6 @@ definitions:
         type: string
       type:
         type: string
-  object.Enforce:
-    title: Enforce
-    type: object
   object.Enforcer:
     title: Enforcer
     type: object
@@ -3786,6 +3816,46 @@ definitions:
         type: string
       username:
         type: string
+  object.LdapUser:
+    title: LdapUser
+    type: object
+    properties:
+      EmailAddress:
+        type: string
+      Mail:
+        type: string
+      MobileTelephoneNumber:
+        type: string
+      PostalAddress:
+        type: string
+      RegisteredAddress:
+        type: string
+      TelephoneNumber:
+        type: string
+      address:
+        type: string
+      cn:
+        type: string
+      displayName:
+        type: string
+      email:
+        type: string
+      gidNumber:
+        type: string
+      groupId:
+        type: string
+      memberOf:
+        type: string
+      mobile:
+        type: string
+      uid:
+        type: string
+      uidNumber:
+        type: string
+      userPrincipalName:
+        type: string
+      uuid:
+        type: string
   object.ManagedAccount:
     title: ManagedAccount
     type: object

util/path.go

@@ -72,7 +72,15 @@ func GetUrlPath(urlString string) string {
 }
 
 func GetUrlHost(urlString string) string {
-	u, _ := url.Parse(urlString)
+	if urlString == "" {
+		return ""
+	}
+
+	u, err := url.Parse(urlString)
+	if err != nil {
+		return err.Error()
+	}
+
 	return fmt.Sprintf("%s://%s", u.Scheme, u.Host)
 }
 

util/string.go

@@ -322,3 +322,23 @@ func GetUsernameFromEmail(email string) string {
 		return tokens[0]
 	}
 }
+
+func StringToInterfaceArray(array []string) []interface{} {
+	var interfaceArray []interface{}
+	for _, v := range array {
+		interfaceArray = append(interfaceArray, v)
+	}
+	return interfaceArray
+}
+
+func StringToInterfaceArray2d(arrays [][]string) [][]interface{} {
+	var interfaceArrays [][]interface{}
+	for _, req := range arrays {
+		var interfaceArray []interface{}
+		for _, r := range req {
+			interfaceArray = append(interfaceArray, r)
+		}
+		interfaceArrays = append(interfaceArrays, interfaceArray)
+	}
+	return interfaceArrays
+}

web/src/App.js

@@ -15,62 +15,64 @@
 import React, {Component} from "react";
 import "./App.less";
 import {Helmet} from "react-helmet";
-import Dashboard from "./basic/Dashboard";
-import ShortcutsPage from "./basic/ShortcutsPage";
 import * as Setting from "./Setting";
 import {StyleProvider, legacyLogicalPropertiesTransformer} from "@ant-design/cssinjs";
 import {AppstoreTwoTone, BarsOutlined, DeploymentUnitOutlined, DollarTwoTone, DownOutlined, GithubOutlined, HomeTwoTone, InfoCircleFilled, LockTwoTone, LogoutOutlined, SafetyCertificateTwoTone, SettingOutlined, SettingTwoTone, ShareAltOutlined, WalletTwoTone} from "@ant-design/icons";
 import {Alert, Avatar, Button, Card, ConfigProvider, Drawer, Dropdown, FloatButton, Layout, Menu, Result, Tooltip} from "antd";
 import {Link, Redirect, Route, Switch, withRouter} from "react-router-dom";
+import AccountPage from "./account/AccountPage";
+import Dashboard from "./basic/Dashboard";
+import ShortcutsPage from "./basic/ShortcutsPage";
+import AppListPage from "./basic/AppListPage";
 import OrganizationListPage from "./OrganizationListPage";
 import OrganizationEditPage from "./OrganizationEditPage";
+import GroupEditPage from "./GroupEdit";
+import GroupListPage from "./GroupList";
+import GroupTreePage from "./GroupTreePage";
 import UserListPage from "./UserListPage";
 import UserEditPage from "./UserEditPage";
+import InvitationListPage from "./InvitationListPage";
+import InvitationEditPage from "./InvitationEditPage";
+import ApplicationListPage from "./ApplicationListPage";
+import ApplicationEditPage from "./ApplicationEditPage";
+import ProviderListPage from "./ProviderListPage";
+import ProviderEditPage from "./ProviderEditPage";
+import ResourceListPage from "./ResourceListPage";
+import CertListPage from "./CertListPage";
+import CertEditPage from "./CertEditPage";
 import RoleListPage from "./RoleListPage";
 import RoleEditPage from "./RoleEditPage";
 import PermissionListPage from "./PermissionListPage";
 import PermissionEditPage from "./PermissionEditPage";
+import ModelListPage from "./ModelListPage";
+import ModelEditPage from "./ModelEditPage";
+import AdapterListPage from "./AdapterListPage";
+import AdapterEditPage from "./AdapterEditPage";
 import EnforcerEditPage from "./EnforcerEditPage";
 import EnforcerListPage from "./EnforcerListPage";
-import GroupTreePage from "./GroupTreePage";
-import GroupEditPage from "./GroupEdit";
-import GroupListPage from "./GroupList";
-import ProviderListPage from "./ProviderListPage";
-import ProviderEditPage from "./ProviderEditPage";
-import ApplicationListPage from "./ApplicationListPage";
-import ApplicationEditPage from "./ApplicationEditPage";
-import ResourceListPage from "./ResourceListPage";
-import LdapEditPage from "./LdapEditPage";
-import LdapSyncPage from "./LdapSyncPage";
+import SessionListPage from "./SessionListPage";
 import TokenListPage from "./TokenListPage";
 import TokenEditPage from "./TokenEditPage";
-import WebhookListPage from "./WebhookListPage";
-import WebhookEditPage from "./WebhookEditPage";
-import SyncerListPage from "./SyncerListPage";
-import SyncerEditPage from "./SyncerEditPage";
-import CertListPage from "./CertListPage";
-import CertEditPage from "./CertEditPage";
-import SubscriptionListPage from "./SubscriptionListPage";
-import SubscriptionEditPage from "./SubscriptionEditPage";
-import PricingListPage from "./PricingListPage";
-import PricingEditPage from "./PricingEditPage";
-import PlanListPage from "./PlanListPage";
-import PlanEditPage from "./PlanEditPage";
 import ProductListPage from "./ProductListPage";
 import ProductEditPage from "./ProductEditPage";
 import ProductBuyPage from "./ProductBuyPage";
 import PaymentListPage from "./PaymentListPage";
 import PaymentEditPage from "./PaymentEditPage";
 import PaymentResultPage from "./PaymentResultPage";
-import ModelListPage from "./ModelListPage";
-import ModelEditPage from "./ModelEditPage";
-import AdapterListPage from "./AdapterListPage";
-import AdapterEditPage from "./AdapterEditPage";
-import SessionListPage from "./SessionListPage";
-import MfaSetupPage from "./auth/MfaSetupPage";
+import PricingListPage from "./PricingListPage";
+import PricingEditPage from "./PricingEditPage";
+import PlanListPage from "./PlanListPage";
+import PlanEditPage from "./PlanEditPage";
+import SubscriptionListPage from "./SubscriptionListPage";
+import SubscriptionEditPage from "./SubscriptionEditPage";
 import SystemInfo from "./SystemInfo";
-import AccountPage from "./account/AccountPage";
-import AppListPage from "./basic/AppListPage";
+import SyncerListPage from "./SyncerListPage";
+import SyncerEditPage from "./SyncerEditPage";
+import WebhookListPage from "./WebhookListPage";
+import WebhookEditPage from "./WebhookEditPage";
+import LdapEditPage from "./LdapEditPage";
+import LdapSyncPage from "./LdapSyncPage";
+import MfaSetupPage from "./auth/MfaSetupPage";
 import CustomGithubCorner from "./common/CustomGithubCorner";
 import * as Conf from "./Conf";
 
@@ -153,7 +155,7 @@ class App extends Component {
     });
     if (uri === "/" || uri.includes("/shortcuts") || uri.includes("/apps")) {
       this.setState({selectedMenuKey: "/home"});
-    } else if (uri.includes("/organizations") || uri.includes("/trees") || uri.includes("/users") || uri.includes("/groups")) {
+    } else if (uri.includes("/organizations") || uri.includes("/trees") || uri.includes("/groups") || uri.includes("/users") || uri.includes("/invitations")) {
       this.setState({selectedMenuKey: "/orgs"});
     } else if (uri.includes("/applications") || uri.includes("/providers") || uri.includes("/resources") || uri.includes("/certs")) {
       this.setState({selectedMenuKey: "/identity"});
@@ -390,7 +392,7 @@ class App extends Component {
             </div>
           </Tooltip>
           <OpenTour />
-          {Setting.isAdminUser(this.state.account) && !Setting.isMobile() &&
+          {Setting.isAdminUser(this.state.account) && !Setting.isMobile() && (this.state.uri.indexOf("/trees") === -1) &&
             <OrganizationSelect
               initValue={Setting.getOrganization()}
               withAll={true}
@@ -434,6 +436,7 @@ class App extends Component {
         Setting.getItem(<Link to="/organizations">{i18next.t("general:Organizations")}</Link>, "/organizations"),
         Setting.getItem(<Link to="/groups">{i18next.t("general:Groups")}</Link>, "/groups"),
         Setting.getItem(<Link to="/users">{i18next.t("general:Users")}</Link>, "/users"),
+        Setting.getItem(<Link to="/invitations">{i18next.t("general:Invitations")}</Link>, "/invitations"),
       ]));
 
       res.push(Setting.getItem(<Link style={{color: "black"}} to="/applications">{i18next.t("general:Identity")}</Link>, "/identity", <LockTwoTone />, [
@@ -514,48 +517,49 @@ class App extends Component {
         <Route exact path="/groups/:organizationName/:groupName" render={(props) => this.renderLoginIfNotLoggedIn(<GroupEditPage account={this.state.account} {...props} />)} />
         <Route exact path="/users" render={(props) => this.renderLoginIfNotLoggedIn(<UserListPage account={this.state.account} {...props} />)} />
         <Route exact path="/users/:organizationName/:userName" render={(props) => <UserEditPage account={this.state.account} {...props} />} />
+        <Route exact path="/invitations" render={(props) => this.renderLoginIfNotLoggedIn(<InvitationListPage account={this.state.account} {...props} />)} />
+        <Route exact path="/invitations/:organizationName/:invitationName" render={(props) => this.renderLoginIfNotLoggedIn(<InvitationEditPage account={this.state.account} {...props} />)} />
+        <Route exact path="/applications" render={(props) => this.renderLoginIfNotLoggedIn(<ApplicationListPage account={this.state.account} {...props} />)} />
+        <Route exact path="/applications/:organizationName/:applicationName" render={(props) => this.renderLoginIfNotLoggedIn(<ApplicationEditPage account={this.state.account} {...props} />)} />
+        <Route exact path="/providers" render={(props) => this.renderLoginIfNotLoggedIn(<ProviderListPage account={this.state.account} {...props} />)} />
+        <Route exact path="/providers/:organizationName/:providerName" render={(props) => this.renderLoginIfNotLoggedIn(<ProviderEditPage account={this.state.account} {...props} />)} />
+        <Route exact path="/resources" render={(props) => this.renderLoginIfNotLoggedIn(<ResourceListPage account={this.state.account} {...props} />)} />
+        <Route exact path="/certs" render={(props) => this.renderLoginIfNotLoggedIn(<CertListPage account={this.state.account} {...props} />)} />
+        <Route exact path="/certs/:organizationName/:certName" render={(props) => this.renderLoginIfNotLoggedIn(<CertEditPage account={this.state.account} {...props} />)} />
         <Route exact path="/roles" render={(props) => this.renderLoginIfNotLoggedIn(<RoleListPage account={this.state.account} {...props} />)} />
         <Route exact path="/roles/:organizationName/:roleName" render={(props) => this.renderLoginIfNotLoggedIn(<RoleEditPage account={this.state.account} {...props} />)} />
         <Route exact path="/permissions" render={(props) => this.renderLoginIfNotLoggedIn(<PermissionListPage account={this.state.account} {...props} />)} />
         <Route exact path="/permissions/:organizationName/:permissionName" render={(props) => this.renderLoginIfNotLoggedIn(<PermissionEditPage account={this.state.account} {...props} />)} />
         <Route exact path="/models" render={(props) => this.renderLoginIfNotLoggedIn(<ModelListPage account={this.state.account} {...props} />)} />
         <Route exact path="/models/:organizationName/:modelName" render={(props) => this.renderLoginIfNotLoggedIn(<ModelEditPage account={this.state.account} {...props} />)} />
-        <Route exact path="/enforcers" render={(props) => this.renderLoginIfNotLoggedIn(<EnforcerListPage account={this.state.account} {...props} />)} />
-        <Route exact path="/enforcers/:organizationName/:enforcerName" render={(props) => this.renderLoginIfNotLoggedIn(<EnforcerEditPage account={this.state.account} {...props} />)} />
         <Route exact path="/adapters" render={(props) => this.renderLoginIfNotLoggedIn(<AdapterListPage account={this.state.account} {...props} />)} />
         <Route exact path="/adapters/:organizationName/:adapterName" render={(props) => this.renderLoginIfNotLoggedIn(<AdapterEditPage account={this.state.account} {...props} />)} />
-        <Route exact path="/providers" render={(props) => this.renderLoginIfNotLoggedIn(<ProviderListPage account={this.state.account} {...props} />)} />
-        <Route exact path="/providers/:organizationName/:providerName" render={(props) => this.renderLoginIfNotLoggedIn(<ProviderEditPage account={this.state.account} {...props} />)} />
-        <Route exact path="/applications" render={(props) => this.renderLoginIfNotLoggedIn(<ApplicationListPage account={this.state.account} {...props} />)} />
-        <Route exact path="/applications/:organizationName/:applicationName" render={(props) => this.renderLoginIfNotLoggedIn(<ApplicationEditPage account={this.state.account} {...props} />)} />
-        <Route exact path="/resources" render={(props) => this.renderLoginIfNotLoggedIn(<ResourceListPage account={this.state.account} {...props} />)} />
-        {/* <Route exact path="/resources/:resourceName" render={(props) => this.renderLoginIfNotLoggedIn(<ResourceEditPage account={this.state.account} {...props} />)}/>*/}
-        <Route exact path="/ldap/:organizationName/:ldapId" render={(props) => this.renderLoginIfNotLoggedIn(<LdapEditPage account={this.state.account} {...props} />)} />
-        <Route exact path="/ldap/sync/:organizationName/:ldapId" render={(props) => this.renderLoginIfNotLoggedIn(<LdapSyncPage account={this.state.account} {...props} />)} />
-        <Route exact path="/tokens" render={(props) => this.renderLoginIfNotLoggedIn(<TokenListPage account={this.state.account} {...props} />)} />
+        <Route exact path="/enforcers" render={(props) => this.renderLoginIfNotLoggedIn(<EnforcerListPage account={this.state.account} {...props} />)} />
+        <Route exact path="/enforcers/:organizationName/:enforcerName" render={(props) => this.renderLoginIfNotLoggedIn(<EnforcerEditPage account={this.state.account} {...props} />)} />
         <Route exact path="/sessions" render={(props) => this.renderLoginIfNotLoggedIn(<SessionListPage account={this.state.account} {...props} />)} />
+        <Route exact path="/tokens" render={(props) => this.renderLoginIfNotLoggedIn(<TokenListPage account={this.state.account} {...props} />)} />
         <Route exact path="/tokens/:tokenName" render={(props) => this.renderLoginIfNotLoggedIn(<TokenEditPage account={this.state.account} {...props} />)} />
-        <Route exact path="/webhooks" render={(props) => this.renderLoginIfNotLoggedIn(<WebhookListPage account={this.state.account} {...props} />)} />
-        <Route exact path="/webhooks/:webhookName" render={(props) => this.renderLoginIfNotLoggedIn(<WebhookEditPage account={this.state.account} {...props} />)} />
-        <Route exact path="/syncers" render={(props) => this.renderLoginIfNotLoggedIn(<SyncerListPage account={this.state.account} {...props} />)} />
-        <Route exact path="/syncers/:syncerName" render={(props) => this.renderLoginIfNotLoggedIn(<SyncerEditPage account={this.state.account} {...props} />)} />
-        <Route exact path="/certs" render={(props) => this.renderLoginIfNotLoggedIn(<CertListPage account={this.state.account} {...props} />)} />
-        <Route exact path="/certs/:organizationName/:certName" render={(props) => this.renderLoginIfNotLoggedIn(<CertEditPage account={this.state.account} {...props} />)} />
-        <Route exact path="/plans" render={(props) => this.renderLoginIfNotLoggedIn(<PlanListPage account={this.state.account} {...props} />)} />
-        <Route exact path="/plans/:organizationName/:planName" render={(props) => this.renderLoginIfNotLoggedIn(<PlanEditPage account={this.state.account} {...props} />)} />
-        <Route exact path="/pricings" render={(props) => this.renderLoginIfNotLoggedIn(<PricingListPage account={this.state.account} {...props} />)} />
-        <Route exact path="/pricings/:organizationName/:pricingName" render={(props) => this.renderLoginIfNotLoggedIn(<PricingEditPage account={this.state.account} {...props} />)} />
-        <Route exact path="/subscriptions" render={(props) => this.renderLoginIfNotLoggedIn(<SubscriptionListPage account={this.state.account} {...props} />)} />
-        <Route exact path="/subscriptions/:organizationName/:subscriptionName" render={(props) => this.renderLoginIfNotLoggedIn(<SubscriptionEditPage account={this.state.account} {...props} />)} />
         <Route exact path="/products" render={(props) => this.renderLoginIfNotLoggedIn(<ProductListPage account={this.state.account} {...props} />)} />
         <Route exact path="/products/:organizationName/:productName" render={(props) => this.renderLoginIfNotLoggedIn(<ProductEditPage account={this.state.account} {...props} />)} />
         <Route exact path="/products/:organizationName/:productName/buy" render={(props) => this.renderLoginIfNotLoggedIn(<ProductBuyPage account={this.state.account} {...props} />)} />
         <Route exact path="/payments" render={(props) => this.renderLoginIfNotLoggedIn(<PaymentListPage account={this.state.account} {...props} />)} />
         <Route exact path="/payments/:organizationName/:paymentName" render={(props) => this.renderLoginIfNotLoggedIn(<PaymentEditPage account={this.state.account} {...props} />)} />
         <Route exact path="/payments/:organizationName/:paymentName/result" render={(props) => this.renderLoginIfNotLoggedIn(<PaymentResultPage account={this.state.account} {...props} />)} />
+        <Route exact path="/plans" render={(props) => this.renderLoginIfNotLoggedIn(<PlanListPage account={this.state.account} {...props} />)} />
+        <Route exact path="/plans/:organizationName/:planName" render={(props) => this.renderLoginIfNotLoggedIn(<PlanEditPage account={this.state.account} {...props} />)} />
+        <Route exact path="/pricings" render={(props) => this.renderLoginIfNotLoggedIn(<PricingListPage account={this.state.account} {...props} />)} />
+        <Route exact path="/pricings/:organizationName/:pricingName" render={(props) => this.renderLoginIfNotLoggedIn(<PricingEditPage account={this.state.account} {...props} />)} />
+        <Route exact path="/subscriptions" render={(props) => this.renderLoginIfNotLoggedIn(<SubscriptionListPage account={this.state.account} {...props} />)} />
+        <Route exact path="/subscriptions/:organizationName/:subscriptionName" render={(props) => this.renderLoginIfNotLoggedIn(<SubscriptionEditPage account={this.state.account} {...props} />)} />
+        <Route exact path="/sysinfo" render={(props) => this.renderLoginIfNotLoggedIn(<SystemInfo account={this.state.account} {...props} />)} />
+        <Route exact path="/syncers" render={(props) => this.renderLoginIfNotLoggedIn(<SyncerListPage account={this.state.account} {...props} />)} />
+        <Route exact path="/syncers/:syncerName" render={(props) => this.renderLoginIfNotLoggedIn(<SyncerEditPage account={this.state.account} {...props} />)} />
+        <Route exact path="/webhooks" render={(props) => this.renderLoginIfNotLoggedIn(<WebhookListPage account={this.state.account} {...props} />)} />
+        <Route exact path="/webhooks/:webhookName" render={(props) => this.renderLoginIfNotLoggedIn(<WebhookEditPage account={this.state.account} {...props} />)} />
+        <Route exact path="/ldap/:organizationName/:ldapId" render={(props) => this.renderLoginIfNotLoggedIn(<LdapEditPage account={this.state.account} {...props} />)} />
+        <Route exact path="/ldap/sync/:organizationName/:ldapId" render={(props) => this.renderLoginIfNotLoggedIn(<LdapSyncPage account={this.state.account} {...props} />)} />
         <Route exact path="/mfa/setup" render={(props) => this.renderLoginIfNotLoggedIn(<MfaSetupPage account={this.state.account} onfinish={() => this.setState({requiredEnableMfa: false})} {...props} />)} />
         <Route exact path="/.well-known/openid-configuration" render={(props) => <OdicDiscoveryPage />} />
-        <Route exact path="/sysinfo" render={(props) => this.renderLoginIfNotLoggedIn(<SystemInfo account={this.state.account} {...props} />)} />
         <Route path="" render={() => <Result status="404" title="404 NOT FOUND" subTitle={i18next.t("general:Sorry, the page you visited does not exist.")}
           extra={<a href="/"><Button type="primary">{i18next.t("general:Back Home")}</Button></a>} />} />
       </Switch>

web/src/ApplicationEditPage.js

@@ -27,6 +27,7 @@ import LoginPage from "./auth/LoginPage";
 import i18next from "i18next";
 import UrlTable from "./table/UrlTable";
 import ProviderTable from "./table/ProviderTable";
+import SigninTable from "./table/SigninTable";
 import SignupTable from "./table/SignupTable";
 import SamlAttributeTable from "./table/SamlAttributeTable";
 import PromptPage from "./auth/PromptPage";
@@ -429,16 +430,6 @@ class ApplicationEditPage extends React.Component {
             }} />
           </Col>
         </Row>
-        <Row style={{marginTop: "20px"}} >
-          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 19 : 2}>
-            {Setting.getLabel(i18next.t("application:Enable password"), i18next.t("application:Enable password - Tooltip"))} :
-          </Col>
-          <Col span={1} >
-            <Switch checked={this.state.application.enablePassword} onChange={checked => {
-              this.updateApplicationField("enablePassword", checked);
-            }} />
-          </Col>
-        </Row>
         <Row style={{marginTop: "20px"}} >
           <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 19 : 2}>
             {Setting.getLabel(i18next.t("application:Enable signup"), i18next.t("application:Enable signup - Tooltip"))} :
@@ -469,26 +460,6 @@ class ApplicationEditPage extends React.Component {
             }} />
           </Col>
         </Row>
-        <Row style={{marginTop: "20px"}} >
-          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 19 : 2}>
-            {Setting.getLabel(i18next.t("application:Enable code signin"), i18next.t("application:Enable code signin - Tooltip"))} :
-          </Col>
-          <Col span={1} >
-            <Switch checked={this.state.application.enableCodeSignin} onChange={checked => {
-              this.updateApplicationField("enableCodeSignin", checked);
-            }} />
-          </Col>
-        </Row>
-        <Row style={{marginTop: "20px"}} >
-          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 19 : 2}>
-            {Setting.getLabel(i18next.t("application:Enable WebAuthn signin"), i18next.t("application:Enable WebAuthn signin - Tooltip"))} :
-          </Col>
-          <Col span={1} >
-            <Switch checked={this.state.application.enableWebAuthn} onChange={checked => {
-              this.updateApplicationField("enableWebAuthn", checked);
-            }} />
-          </Col>
-        </Row>
         <Row style={{marginTop: "20px"}} >
           <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 19 : 2}>
             {Setting.getLabel(i18next.t("application:Enable Email linking"), i18next.t("application:Enable Email linking - Tooltip"))} :
@@ -499,6 +470,20 @@ class ApplicationEditPage extends React.Component {
             }} />
           </Col>
         </Row>
+        <Row style={{marginTop: "20px"}} >
+          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+            {Setting.getLabel(i18next.t("application:Signin methods"), i18next.t("application:Signin methods - Tooltip"))} :
+          </Col>
+          <Col span={22} >
+            <SigninTable
+              title={i18next.t("application:Signin methods")}
+              table={this.state.application.signinMethods}
+              onUpdateTable={(value) => {
+                this.updateApplicationField("signinMethods", value);
+              }}
+            />
+          </Col>
+        </Row>
         <Row style={{marginTop: "20px"}} >
           <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
             {Setting.getLabel(i18next.t("application:Org choice mode"), i18next.t("application:Org choice mode - Tooltip"))} :
@@ -950,7 +935,7 @@ class ApplicationEditPage extends React.Component {
 
     const signInUrl = `/login/oauth/authorize?client_id=${this.state.application.clientId}&response_type=code&redirect_uri=${redirectUri}&scope=read&state=casdoor`;
     const maskStyle = {position: "absolute", top: "0px", left: "0px", zIndex: 10, height: "97%", width: "100%", background: "rgba(0,0,0,0.4)"};
-    if (!this.state.application.enablePassword) {
+    if (!Setting.isPasswordEnabled(this.state.application)) {
       signUpUrl = signInUrl.replace("/login/oauth/authorize", "/signup/oauth/authorize");
     }
 
@@ -974,7 +959,7 @@ class ApplicationEditPage extends React.Component {
           }}>
             <div style={{position: "relative", width: previewWidth, border: "1px solid rgb(217,217,217)", boxShadow: "10px 10px 5px #888888", overflow: "auto"}}>
               {
-                this.state.application.enablePassword ? (
+                Setting.isPasswordEnabled(this.state.application) ? (
                   <div className="loginBackground" style={{backgroundImage: `url(${this.state.application?.formBackgroundUrl})`, overflow: "auto"}}>
                     <SignupPage application={this.state.application} preview = "auto" />
                   </div>
@@ -1049,6 +1034,7 @@ class ApplicationEditPage extends React.Component {
   submitApplicationEdit(exitAfterSave) {
     const application = Setting.deepCopy(this.state.application);
     application.providers = application.providers?.filter(provider => this.state.providers.map(provider => provider.name).includes(provider.name));
+    application.signinMethods = application.signinMethods?.filter(signinMethod => ["Password", "Verification code", "WebAuthn"].includes(signinMethod.name));
 
     ApplicationBackend.updateApplication("admin", this.state.applicationName, application)
       .then((res) => {

web/src/ApplicationListPage.js

@@ -46,6 +46,11 @@ class ApplicationListPage extends BaseListPage {
       providers: [
         {name: "provider_captcha_default", canSignUp: false, canSignIn: false, canUnlink: false, prompted: false, signupGroup: "", rule: ""},
       ],
+      SigninMethods: [
+        {name: "Password", displayName: "Password", rule: "None"},
+        {name: "Verification code", displayName: "Verification code", rule: "All"},
+        {name: "WebAuthn", displayName: "WebAuthn", rule: "None"},
+      ],
       signupItems: [
         {name: "ID", visible: false, required: true, rule: "Random"},
         {name: "Username", visible: true, required: true, rule: "None"},

web/src/BaseListPage.js

@@ -25,6 +25,7 @@ class BaseListPage extends React.Component {
     super(props);
     this.state = {
       classes: props,
+      organizationName: this.props.match?.params.organizationName || Setting.getRequestOrganization(this.props.account),
       data: [],
       pagination: {
         current: 1,
@@ -39,6 +40,10 @@ class BaseListPage extends React.Component {
   }
 
   handleOrganizationChange = () => {
+    this.setState({
+      organizationName: this.props.match?.params.organizationName || Setting.getRequestOrganization(this.props.account),
+    });
+
     const {pagination} = this.state;
     this.fetch({pagination});
   };

web/src/InvitationEditPage.js

@@ -0,0 +1,282 @@
+// Copyright 2023 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import React from "react";
+import {Button, Card, Col, Input, InputNumber, Row, Select} from "antd";
+import * as InvitationBackend from "./backend/InvitationBackend";
+import * as OrganizationBackend from "./backend/OrganizationBackend";
+import * as ApplicationBackend from "./backend/ApplicationBackend";
+import * as Setting from "./Setting";
+import i18next from "i18next";
+
+const {Option} = Select;
+
+class InvitationEditPage extends React.Component {
+  constructor(props) {
+    super(props);
+    this.state = {
+      classes: props,
+      organizationName: props.organizationName !== undefined ? props.organizationName : props.match.params.organizationName,
+      invitationName: props.match.params.invitationName,
+      invitation: null,
+      organizations: [],
+      applications: [],
+      mode: props.location.mode !== undefined ? props.location.mode : "edit",
+    };
+  }
+
+  UNSAFE_componentWillMount() {
+    this.getInvitation();
+    this.getOrganizations();
+    this.getApplicationsByOrganization(this.state.organizationName);
+  }
+
+  getInvitation() {
+    InvitationBackend.getInvitation(this.state.organizationName, this.state.invitationName)
+      .then((res) => {
+        if (res.data === null) {
+          this.props.history.push("/404");
+          return;
+        }
+
+        this.setState({
+          invitation: res.data,
+        });
+      });
+  }
+
+  getOrganizations() {
+    OrganizationBackend.getOrganizations("admin")
+      .then((res) => {
+        this.setState({
+          organizations: res.data || [],
+        });
+      });
+  }
+
+  getApplicationsByOrganization(organizationName) {
+    ApplicationBackend.getApplicationsByOrganization("admin", organizationName)
+      .then((res) => {
+        this.setState({
+          applications: res.data || [],
+        });
+      });
+  }
+
+  parseInvitationField(key, value) {
+    if ([""].includes(key)) {
+      value = Setting.myParseInt(value);
+    }
+    return value;
+  }
+
+  updateInvitationField(key, value) {
+    value = this.parseInvitationField(key, value);
+
+    const invitation = this.state.invitation;
+    invitation[key] = value;
+    this.setState({
+      invitation: invitation,
+    });
+  }
+
+  renderInvitation() {
+    const isCreatedByPlan = this.state.invitation.tag === "auto_created_invitation_for_plan";
+    return (
+      <Card size="small" title={
+        <div>
+          {this.state.mode === "add" ? i18next.t("invitation:New Invitation") : i18next.t("invitation:Edit Invitation")}&nbsp;&nbsp;&nbsp;&nbsp;
+          <Button onClick={() => this.submitInvitationEdit(false)}>{i18next.t("general:Save")}</Button>
+          <Button style={{marginLeft: "20px"}} type="primary" onClick={() => this.submitInvitationEdit(true)}>{i18next.t("general:Save & Exit")}</Button>
+          {this.state.mode === "add" ? <Button style={{marginLeft: "20px"}} onClick={() => this.deleteInvitation()}>{i18next.t("general:Cancel")}</Button> : null}
+        </div>
+      } style={(Setting.isMobile()) ? {margin: "5px"} : {}} type="inner">
+        <Row style={{marginTop: "10px"}} >
+          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+            {Setting.getLabel(i18next.t("general:Organization"), i18next.t("general:Organization - Tooltip"))} :
+          </Col>
+          <Col span={22} >
+            <Select virtual={false} style={{width: "100%"}} disabled={!Setting.isAdminUser(this.props.account) || isCreatedByPlan} value={this.state.invitation.owner} onChange={(value => {this.updateInvitationField("owner", value);})}>
+              {
+                this.state.organizations.map((organization, index) => <Option key={index} value={organization.name}>{organization.name}</Option>)
+              }
+            </Select>
+          </Col>
+        </Row>
+        <Row style={{marginTop: "20px"}} >
+          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+            {Setting.getLabel(i18next.t("general:Name"), i18next.t("general:Name - Tooltip"))} :
+          </Col>
+          <Col span={22} >
+            <Input value={this.state.invitation.name} disabled={isCreatedByPlan} onChange={e => {
+              this.updateInvitationField("name", e.target.value);
+            }} />
+          </Col>
+        </Row>
+        <Row style={{marginTop: "20px"}} >
+          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+            {Setting.getLabel(i18next.t("general:Display name"), i18next.t("general:Display name - Tooltip"))} :
+          </Col>
+          <Col span={22} >
+            <Input value={this.state.invitation.displayName} onChange={e => {
+              this.updateInvitationField("displayName", e.target.value);
+            }} />
+          </Col>
+        </Row>
+        <Row style={{marginTop: "20px"}} >
+          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+            {Setting.getLabel(i18next.t("invitation:Code"), i18next.t("invitation:Code - Tooltip"))} :
+          </Col>
+          <Col span={22} >
+            <Input value={this.state.invitation.code} onChange={e => {
+              this.updateInvitationField("code", e.target.value);
+            }} />
+          </Col>
+        </Row>
+        <Row style={{marginTop: "20px"}} >
+          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+            {Setting.getLabel(i18next.t("invitation:Quota"), i18next.t("invitation:Quota - Tooltip"))} :
+          </Col>
+          <Col span={22} >
+            <InputNumber min={0} value={this.state.invitation.quota} onChange={value => {
+              this.updateInvitationField("quota", value);
+            }} />
+          </Col>
+        </Row>
+        <Row style={{marginTop: "20px"}} >
+          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+            {Setting.getLabel(i18next.t("invitation:Used count"), i18next.t("invitation:Used count - Tooltip"))} :
+          </Col>
+          <Col span={22} >
+            <InputNumber min={0} max={this.state.invitation.quota} value={this.state.invitation.usedCount} onChange={value => {
+              this.updateInvitationField("usedCount", value);
+            }} />
+          </Col>
+        </Row>
+        <Row style={{marginTop: "20px"}} >
+          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+            {Setting.getLabel(i18next.t("general:Application"), i18next.t("general:Application - Tooltip"))} :
+          </Col>
+          <Col span={22} >
+            <Select virtual={false} style={{width: "100%"}} value={this.state.invitation.application}
+              onChange={(value => {this.updateInvitationField("application", value);})}
+              options={this.state.applications.map((application) => Setting.getOption(application.name, application.name))
+              } />
+          </Col>
+        </Row>
+        <Row style={{marginTop: "20px"}} >
+          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+            {Setting.getLabel(i18next.t("signup:Username"), i18next.t("signup:Username - Tooltip"))} :
+          </Col>
+          <Col span={22} >
+            <Input value={this.state.invitation.username} onChange={e => {
+              this.updateInvitationField("username", e.target.value);
+            }} />
+          </Col>
+        </Row>
+        <Row style={{marginTop: "20px"}} >
+          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+            {Setting.getLabel(i18next.t("general:Email"), i18next.t("general:Email - Tooltip"))} :
+          </Col>
+          <Col span={22} >
+            <Input value={this.state.invitation.email} onChange={e => {
+              this.updateInvitationField("email", e.target.value);
+            }} />
+          </Col>
+        </Row>
+        <Row style={{marginTop: "20px"}} >
+          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+            {Setting.getLabel(i18next.t("general:Phone"), i18next.t("general:Phone - Tooltip"))} :
+          </Col>
+          <Col span={22} >
+            <Input value={this.state.invitation.phone} onChange={e => {
+              this.updateInvitationField("phone", e.target.value);
+            }} />
+          </Col>
+        </Row>
+        <Row style={{marginTop: "20px"}} >
+          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+            {Setting.getLabel(i18next.t("general:State"), i18next.t("general:State - Tooltip"))} :
+          </Col>
+          <Col span={22} >
+            <Select virtual={false} style={{width: "100%"}} value={this.state.invitation.state} onChange={(value => {
+              this.updateInvitationField("state", value);
+            })}
+            options={[
+              {value: "Active", name: i18next.t("subscription:Active")},
+              {value: "Suspended", name: i18next.t("subscription:Suspended")},
+            ].map((item) => Setting.getOption(item.name, item.value))}
+            />
+          </Col>
+        </Row>
+      </Card>
+    );
+  }
+
+  submitInvitationEdit(exitAfterSave) {
+    const invitation = Setting.deepCopy(this.state.invitation);
+    InvitationBackend.updateInvitation(this.state.organizationName, this.state.invitationName, invitation)
+      .then((res) => {
+        if (res.status === "ok") {
+          Setting.showMessage("success", i18next.t("general:Successfully saved"));
+          this.setState({
+            invitationName: this.state.invitation.name,
+          });
+
+          if (exitAfterSave) {
+            this.props.history.push("/invitations");
+          } else {
+            this.props.history.push(`/invitations/${this.state.invitation.owner}/${this.state.invitation.name}`);
+          }
+        } else {
+          Setting.showMessage("error", `${i18next.t("general:Failed to save")}: ${res.msg}`);
+          this.updateInvitationField("name", this.state.invitationName);
+        }
+      })
+      .catch(error => {
+        Setting.showMessage("error", `${i18next.t("general:Failed to connect to server")}: ${error}`);
+      });
+  }
+
+  deleteInvitation() {
+    InvitationBackend.deleteInvitation(this.state.invitation)
+      .then((res) => {
+        if (res.status === "ok") {
+          this.props.history.push("/invitations");
+        } else {
+          Setting.showMessage("error", `${i18next.t("general:Failed to delete")}: ${res.msg}`);
+        }
+      })
+      .catch(error => {
+        Setting.showMessage("error", `${i18next.t("general:Failed to connect to server")}: ${error}`);
+      });
+  }
+
+  render() {
+    return (
+      <div>
+        {
+          this.state.invitation !== null ? this.renderInvitation() : null
+        }
+        <div style={{marginTop: "20px", marginLeft: "40px"}}>
+          <Button size="large" onClick={() => this.submitInvitationEdit(false)}>{i18next.t("general:Save")}</Button>
+          <Button style={{marginLeft: "20px"}} type="primary" size="large" onClick={() => this.submitInvitationEdit(true)}>{i18next.t("general:Save & Exit")}</Button>
+          {this.state.mode === "add" ? <Button style={{marginLeft: "20px"}} size="large" onClick={() => this.deleteInvitation()}>{i18next.t("general:Cancel")}</Button> : null}
+        </div>
+      </div>
+    );
+  }
+}
+
+export default InvitationEditPage;

web/src/InvitationListPage.js

@@ -0,0 +1,310 @@
+// Copyright 2023 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import React from "react";
+import {Link} from "react-router-dom";
+import {Button, Table} from "antd";
+import {MinusCircleOutlined, SyncOutlined} from "@ant-design/icons";
+import moment from "moment";
+import * as Setting from "./Setting";
+import * as InvitationBackend from "./backend/InvitationBackend";
+import i18next from "i18next";
+import BaseListPage from "./BaseListPage";
+import PopconfirmModal from "./common/modal/PopconfirmModal";
+import copy from "copy-to-clipboard";
+
+class InvitationListPage extends BaseListPage {
+  newInvitation() {
+    const randomName = Setting.getRandomName();
+    const owner = Setting.getRequestOrganization(this.props.account);
+    return {
+      owner: owner,
+      name: `invitation_${randomName}`,
+      createdTime: moment().format(),
+      updatedTime: moment().format(),
+      displayName: `New Invitation - ${randomName}`,
+      code: Math.random().toString(36).slice(-10),
+      quota: 1,
+      usedCount: 0,
+      application: "",
+      username: "",
+      email: "",
+      phone: "",
+      signupGroup: "",
+      state: "Active",
+    };
+  }
+
+  addInvitation() {
+    const newInvitation = this.newInvitation();
+    InvitationBackend.addInvitation(newInvitation)
+      .then((res) => {
+        if (res.status === "ok") {
+          this.props.history.push({pathname: `/invitations/${newInvitation.owner}/${newInvitation.name}`, mode: "add"});
+          Setting.showMessage("success", i18next.t("general:Successfully added"));
+        } else {
+          Setting.showMessage("error", `${i18next.t("general:Failed to add")}: ${res.msg}`);
+        }
+      })
+      .catch(error => {
+        Setting.showMessage("error", `${i18next.t("general:Failed to connect to server")}: ${error}`);
+      });
+  }
+
+  deleteInvitation(i) {
+    InvitationBackend.deleteInvitation(this.state.data[i])
+      .then((res) => {
+        if (res.status === "ok") {
+          Setting.showMessage("success", i18next.t("general:Successfully deleted"));
+          this.setState({
+            data: Setting.deleteRow(this.state.data, i),
+            pagination: {total: this.state.pagination.total - 1},
+          });
+        } else {
+          Setting.showMessage("error", `${i18next.t("general:Failed to delete")}: ${res.msg}`);
+        }
+      })
+      .catch(error => {
+        Setting.showMessage("error", `${i18next.t("general:Failed to connect to server")}: ${error}`);
+      });
+  }
+
+  renderTable(invitations) {
+    const columns = [
+      {
+        title: i18next.t("general:Name"),
+        dataIndex: "name",
+        key: "name",
+        width: "140px",
+        fixed: "left",
+        sorter: true,
+        ...this.getColumnSearchProps("name"),
+        render: (text, record, index) => {
+          return (
+            <Link to={`/invitations/${record.owner}/${text}`}>
+              {text}
+            </Link>
+          );
+        },
+      },
+      {
+        title: i18next.t("general:Organization"),
+        dataIndex: "owner",
+        key: "owner",
+        width: "150px",
+        sorter: true,
+        ...this.getColumnSearchProps("owner"),
+        render: (text, record, index) => {
+          return (
+            <Link to={`/organizations/${text}`}>
+              {text}
+            </Link>
+          );
+        },
+      },
+      // {
+      //   title: i18next.t("general:Created time"),
+      //   dataIndex: "createdTime",
+      //   key: "createdTime",
+      //   width: "160px",
+      //   sorter: true,
+      //   render: (text, record, index) => {
+      //     return Setting.getFormattedDate(text);
+      //   },
+      // },
+      {
+        title: i18next.t("general:Updated time"),
+        dataIndex: "updatedTime",
+        key: "updatedTime",
+        width: "160px",
+        sorter: true,
+        render: (text, record, index) => {
+          return Setting.getFormattedDate(text);
+        },
+      },
+      {
+        title: i18next.t("general:Display name"),
+        dataIndex: "displayName",
+        key: "displayName",
+        width: "170px",
+        sorter: true,
+        ...this.getColumnSearchProps("displayName"),
+      },
+      {
+        title: i18next.t("invitation:Code"),
+        dataIndex: "code",
+        key: "code",
+        width: "160px",
+        sorter: true,
+        ...this.getColumnSearchProps("code"),
+      },
+      {
+        title: i18next.t("invitation:Quota"),
+        dataIndex: "quota",
+        key: "quota",
+        width: "120px",
+        sorter: true,
+        ...this.getColumnSearchProps("quota"),
+      },
+      {
+        title: i18next.t("invitation:Used count"),
+        dataIndex: "usedCount",
+        key: "usedCount",
+        width: "130px",
+        sorter: true,
+        ...this.getColumnSearchProps("usedCount"),
+      },
+      {
+        title: i18next.t("general:Application"),
+        dataIndex: "application",
+        key: "application",
+        width: "170px",
+        sorter: true,
+        ...this.getColumnSearchProps("application"),
+        render: (text, record, index) => {
+          return (
+            <Link to={`/applications/${record.owner}/${text}`}>
+              {text}
+            </Link>
+          );
+        },
+      },
+      {
+        title: i18next.t("general:Email"),
+        dataIndex: "email",
+        key: "email",
+        width: "160px",
+        sorter: true,
+        ...this.getColumnSearchProps("email"),
+        render: (text, record, index) => {
+          return (
+            <a href={`mailto:${text}`}>
+              {text}
+            </a>
+          );
+        },
+      },
+      {
+        title: i18next.t("general:Phone"),
+        dataIndex: "phone",
+        key: "phone",
+        width: "120px",
+        sorter: true,
+        ...this.getColumnSearchProps("phone"),
+      },
+      {
+        title: i18next.t("general:State"),
+        dataIndex: "state",
+        key: "state",
+        width: "120px",
+        sorter: true,
+        ...this.getColumnSearchProps("state"),
+        render: (text, record, index) => {
+          switch (text) {
+          case "Active":
+            return Setting.getTag("success", i18next.t("subscription:Active"), <SyncOutlined spin />);
+          case "Suspended":
+            return Setting.getTag("default", i18next.t("subscription:Suspended"), <MinusCircleOutlined />);
+          default:
+            return null;
+          }
+        },
+      },
+      {
+        title: i18next.t("general:Action"),
+        dataIndex: "",
+        key: "op",
+        width: "350px",
+        fixed: (Setting.isMobile()) ? "false" : "right",
+        render: (text, record, index) => {
+          return (
+            <div>
+              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} onClick={() => {
+                copy(`${window.location.origin}/login/${record.owner}?invitation_code=${record.code}`);
+                Setting.showMessage("success", i18next.t("general:Copied to clipboard successfully"));
+              }}>
+                {i18next.t("application:Copy signup page URL")}
+              </Button>
+              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} type="primary" onClick={() => this.props.history.push(`/invitations/${record.owner}/${record.name}`)}>{i18next.t("general:Edit")}</Button>
+              <PopconfirmModal
+                title={i18next.t("general:Sure to delete") + `: ${record.name} ?`}
+                onConfirm={() => this.deleteInvitation(index)}
+              >
+              </PopconfirmModal>
+            </div>
+          );
+        },
+      },
+    ];
+
+    const paginationProps = {
+      total: this.state.pagination.total,
+      showQuickJumper: true,
+      showSizeChanger: true,
+      showTotal: () => i18next.t("general:{total} in total").replace("{total}", this.state.pagination.total),
+    };
+
+    return (
+      <div>
+        <Table scroll={{x: "max-content"}} columns={columns} dataSource={invitations} rowKey={(record) => `${record.owner}/${record.name}`} size="middle" bordered pagination={paginationProps}
+          title={() => (
+            <div>
+              {i18next.t("general:Invitations")}&nbsp;&nbsp;&nbsp;&nbsp;
+              <Button type="primary" size="small" onClick={this.addInvitation.bind(this)}>{i18next.t("general:Add")}</Button>
+            </div>
+          )}
+          loading={this.state.loading}
+          onChange={this.handleTableChange}
+        />
+      </div>
+    );
+  }
+
+  fetch = (params = {}) => {
+    let field = params.searchedColumn, value = params.searchText;
+    const sortField = params.sortField, sortOrder = params.sortOrder;
+    if (params.type !== undefined && params.type !== null) {
+      field = "type";
+      value = params.type;
+    }
+    this.setState({loading: true});
+    InvitationBackend.getInvitations(Setting.isDefaultOrganizationSelected(this.props.account) ? "" : Setting.getRequestOrganization(this.props.account), params.pagination.current, params.pagination.pageSize, field, value, sortField, sortOrder)
+      .then((res) => {
+        this.setState({
+          loading: false,
+        });
+        if (res.status === "ok") {
+          this.setState({
+            data: res.data,
+            pagination: {
+              ...params.pagination,
+              total: res.data2,
+            },
+            searchText: params.searchText,
+            searchedColumn: params.searchedColumn,
+          });
+        } else {
+          if (Setting.isResponseDenied(res)) {
+            this.setState({
+              isAuthorized: false,
+            });
+          } else {
+            Setting.showMessage("error", res.msg);
+          }
+        }
+      });
+  };
+}
+
+export default InvitationListPage;

web/src/PricingEditPage.js

@@ -32,7 +32,6 @@ class PricingEditPage extends React.Component {
       organizationName: props.organizationName !== undefined ? props.organizationName : props.match.params.organizationName,
       pricingName: props.match.params.pricingName,
       organizations: [],
-      application: null,
       applications: [],
       pricing: null,
       plans: [],

web/src/ProviderEditPage.js

@@ -29,6 +29,14 @@ import {CaptchaPreview} from "./common/CaptchaPreview";
 import {CountryCodeSelect} from "./common/select/CountryCodeSelect";
 import * as Web3Auth from "./auth/Web3Auth";
 
+import {Controlled as CodeMirror} from "react-codemirror2";
+import "codemirror/lib/codemirror.css";
+
+require("codemirror/theme/material-darker.css");
+require("codemirror/mode/htmlmixed/htmlmixed");
+require("codemirror/mode/xml/xml");
+require("codemirror/mode/css/css");
+
 const {Option} = Select;
 const {TextArea} = Input;
 
@@ -480,7 +488,7 @@ class ProviderEditPage extends React.Component {
                 this.updateProviderField("port", 465);
                 this.updateProviderField("disableSsl", false);
                 this.updateProviderField("title", "Casdoor Verification Code");
-                this.updateProviderField("content", "You have requested a verification code at Casdoor. Here is your code: %s, please enter in 5 minutes.");
+                this.updateProviderField("content", Setting.getDefaultHtmlEmailContent());
                 this.updateProviderField("receiver", this.props.account.email);
               } else if (value === "SMS") {
                 this.updateProviderField("type", "Twilio SMS");
@@ -966,22 +974,47 @@ class ProviderEditPage extends React.Component {
                   {Setting.getLabel(i18next.t("provider:Email content"), i18next.t("provider:Email content - Tooltip"))} :
                 </Col>
                 <Col span={22} >
-                  <TextArea autoSize={{minRows: 3, maxRows: 100}} value={this.state.provider.content} onChange={e => {
-                    this.updateProviderField("content", e.target.value);
-                  }} />
+                  <Row style={{marginTop: "20px"}} >
+                    <Button style={{marginLeft: "10px", marginBottom: "5px"}} onClick={() => this.updateProviderField("content", "You have requested a verification code at Casdoor. Here is your code: %s, please enter in 5 minutes.")} >
+                      {i18next.t("provider:Reset to Default Text")}
+                    </Button>
+                    <Button style={{marginLeft: "10px", marginBottom: "5px"}} type="primary" onClick={() => this.updateProviderField("content", Setting.getDefaultHtmlEmailContent())} >
+                      {i18next.t("provider:Reset to Default HTML")}
+                    </Button>
+                  </Row>
+                  <Row>
+                    <Col span={Setting.isMobile() ? 22 : 11}>
+                      <div style={{height: "300px", margin: "10px"}}>
+                        <CodeMirror
+                          value={this.state.provider.content}
+                          options={{mode: "htmlmixed", theme: "material-darker"}}
+                          onBeforeChange={(editor, data, value) => {
+                            this.updateProviderField("content", value);
+                          }}
+                        />
+                      </div>
+                    </Col>
+                    <Col span={1} />
+                    <Col span={Setting.isMobile() ? 22 : 11}>
+                      <div style={{margin: "10px"}}>
+                        <div dangerouslySetInnerHTML={{__html: this.state.provider.content.replace("%s", "123456").replace("%{user.friendlyName}", Setting.getFriendlyUserName(this.props.account))}} />
+                      </div>
+                    </Col>
+                  </Row>
                 </Col>
               </Row>
-              <Row style={{marginTop: "20px"}} >
+              <Row style={{marginTop: "20px"}}>
                 <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
                   {Setting.getLabel(i18next.t("provider:Test Email"), i18next.t("provider:Test Email - Tooltip"))} :
                 </Col>
-                <Col span={4} >
-                  <Input value={this.state.provider.receiver} placeholder = {i18next.t("user:Input your email")} onChange={e => {
-                    this.updateProviderField("receiver", e.target.value);
-                  }} />
+                <Col span={4}>
+                  <Input value={this.state.provider.receiver} placeholder={i18next.t("user:Input your email")}
+                    onChange={e => {
+                      this.updateProviderField("receiver", e.target.value);
+                    }} />
                 </Col>
                 {["Azure ACS"].includes(this.state.provider.type) ? null : (
-                  <Button style={{marginLeft: "10px", marginBottom: "5px"}} type="primary" onClick={() => ProviderEditTestEmail.connectSmtpServer(this.state.provider)} >
+                  <Button style={{marginLeft: "10px", marginBottom: "5px"}} onClick={() => ProviderEditTestEmail.connectSmtpServer(this.state.provider)} >
                     {i18next.t("provider:Test SMTP Connection")}
                   </Button>
                 )}

web/src/Setting.js

@@ -1131,11 +1131,35 @@ export function renderLogo(application) {
   }
 }
 
+export function isPasswordEnabled(application) {
+  if (application) {
+    return application.signinMethods.filter(item => item.name === "Password").length > 0;
+  } else {
+    return false;
+  }
+}
+
+export function isCodeSigninEnabled(application) {
+  if (application) {
+    return application.signinMethods.filter(item => item.name === "Verification code").length > 0;
+  } else {
+    return false;
+  }
+}
+
+export function isWebAuthnEnabled(application) {
+  if (application) {
+    return application.signinMethods.filter(item => item.name === "WebAuthn").length > 0;
+  } else {
+    return false;
+  }
+}
+
 export function getLoginLink(application) {
   let url;
   if (application === null) {
     url = null;
-  } else if (!application.enablePassword && window.location.pathname.includes("/auto-signup/oauth/authorize")) {
+  } else if (!isPasswordEnabled(application) && window.location.pathname.includes("/auto-signup/oauth/authorize")) {
     url = window.location.href.replace("/auto-signup/oauth/authorize", "/login/oauth/authorize");
   } else if (authConfig.appName === application.name) {
     url = "/login";
@@ -1191,7 +1215,7 @@ export function renderSignupLink(application, text) {
   let url;
   if (application === null) {
     url = null;
-  } else if (!application.enablePassword && window.location.pathname.includes("/login/oauth/authorize")) {
+  } else if (!isPasswordEnabled(application) && window.location.pathname.includes("/login/oauth/authorize")) {
     url = window.location.href.replace("/login/oauth/authorize", "/auto-signup/oauth/authorize");
   } else if (authConfig.appName === application.name) {
     url = "/signup";
@@ -1405,3 +1429,53 @@ export function getCurrencySymbol(currency) {
     return currency;
   }
 }
+
+export function getFriendlyUserName(account) {
+  if (account.firstName !== "" && account.lastName !== "") {
+    return `${account.firstName}, ${account.lastName}`;
+  } else if (account.displayName !== "") {
+    return account.displayName;
+  } else if (account.name !== "") {
+    return account.name;
+  } else {
+    return account.id;
+  }
+}
+
+export function getDefaultHtmlEmailContent() {
+  return `<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>Verification Code Email</title>
+<style>
+    body { font-family: Arial, sans-serif; }
+    .email-container { width: 600px; margin: 0 auto; }
+    .header { text-align: center; }
+    .code { font-size: 24px; margin: 20px 0; text-align: center; }
+    .footer { font-size: 12px; text-align: center; margin-top: 50px; }
+    .footer a { color: #000; text-decoration: none; }
+</style>
+</head>
+<body>
+<div class="email-container">
+  <div class="header">
+        <h3>Casbin Organization</h3>
+        <img src="https://cdn.casbin.org/img/casdoor-logo_1185x256.png" alt="Casdoor Logo" width="300">
+    </div>
+    <p><strong>%{user.friendlyName}</strong>, here is your verification code</p>
+    <p>Use this code for your transaction. It's valid for 5 minutes</p>
+    <div class="code">
+        %s
+    </div>
+    <p>Thanks</p>
+    <p>Casbin Team</p>
+    <hr>
+    <div class="footer">
+        <p>Casdoor is a brand operated by Casbin organization. For more info please refer to <a href="https://casdoor.org">https://casdoor.org</a></p>
+    </div>
+</div>
+</body>
+</html>`;
+}

web/src/UserListPage.js

@@ -30,7 +30,6 @@ class UserListPage extends BaseListPage {
     super(props);
     this.state = {
       ...this.state,
-      organizationName: this.props.organizationName ?? this.props.match?.params.organizationName ?? this.props.account.owner,
       organization: null,
     };
   }
@@ -62,7 +61,7 @@ class UserListPage extends BaseListPage {
 
   newUser() {
     const randomName = Setting.getRandomName();
-    const owner = Setting.isDefaultOrganizationSelected(this.props.account) ? this.state.organizationName : Setting.getRequestOrganization(this.props.account);
+    const owner = (Setting.isDefaultOrganizationSelected(this.props.account) || this.props.groupName) ? this.state.organizationName : Setting.getRequestOrganization(this.props.account);
     return {
       owner: owner,
       name: `user_${randomName}`,
@@ -85,7 +84,7 @@ class UserListPage extends BaseListPage {
       score: this.state.organization.initScore,
       isDeleted: false,
       properties: {},
-      signupApplication: "app-built-in",
+      signupApplication: this.state.organization.defaultApplication,
     };
   }
 

web/src/auth/LoginPage.js

@@ -201,19 +201,33 @@ class LoginPage extends React.Component {
   }
 
   getDefaultLoginMethod(application) {
-    if (application?.enablePassword) {
-      return "password";
-    }
-    if (application?.enableCodeSignin) {
-      return "verificationCode";
-    }
-    if (application?.enableWebAuthn) {
-      return "webAuthn";
+    if (application?.signinMethods.length > 0) {
+      switch (application?.signinMethods[0].name) {
+      case "Password": return "password";
+      case "Verification code": {
+        switch (application?.signinMethods[0].rule) {
+        case "All": return "verificationCode"; // All
+        case "Email only": return "verificationCodeEmail";
+        case "Phone only": return "verificationCodePhone";
+        }
+        break;
+      }
+      case "WebAuthn": return "webAuthn";
+      }
     }
 
     return "password";
   }
 
+  getPlaceholder() {
+    switch (this.state.loginMethod) {
+    case "verificationCode": return i18next.t("login:Email or phone");
+    case "verificationCodeEmail": return i18next.t("login:Email");
+    case "verificationCodePhone": return i18next.t("login:Phone");
+    default: return i18next.t("login:username, Email or phone");
+    }
+  }
+
   onUpdateAccount(account) {
     this.props.onUpdateAccount(account);
   }
@@ -487,7 +501,7 @@ class LoginPage extends React.Component {
       );
     }
 
-    const showForm = application.enablePassword || application.enableCodeSignin || application.enableWebAuthn;
+    const showForm = Setting.isPasswordEnabled(application) || Setting.isCodeSigninEnabled(application) || Setting.isWebAuthnEnabled(application);
     if (showForm) {
       let loginWidth = 320;
       if (Setting.getLanguage() === "fr") {
@@ -546,7 +560,13 @@ class LoginPage extends React.Component {
                 rules={[
                   {
                     required: true,
-                    message: i18next.t("login:Please input your Email or Phone!"),
+                    message: () => {
+                      switch (this.state.loginMethod) {
+                      case "verificationCodeEmail": return i18next.t("login:Please input your Email!");
+                      case "verificationCodePhone": return i18next.t("login:Please input your Phone!");
+                      default: return i18next.t("login:Please input your Email or Phone!");
+                      }
+                    },
                   },
                   {
                     validator: (_, value) => {
@@ -561,6 +581,19 @@ class LoginPage extends React.Component {
                         } else {
                           this.setState({validEmail: false});
                         }
+                      } else if (this.state.loginMethod === "verificationCodeEmail") {
+                        if (!Setting.isValidEmail(value)) {
+                          this.setState({validEmail: false});
+                          this.setState({validEmailOrPhone: false});
+                          return Promise.reject(i18next.t("login:The input is not valid Email!"));
+                        } else {
+                          this.setState({validEmail: true});
+                        }
+                      } else if (this.state.loginMethod === "verificationCodePhone") {
+                        if (!Setting.isValidPhone(value)) {
+                          this.setState({validEmailOrPhone: false});
+                          return Promise.reject(i18next.t("login:The input is not valid phone number!"));
+                        }
                       }
 
                       this.setState({validEmailOrPhone: true});
@@ -572,7 +605,7 @@ class LoginPage extends React.Component {
                 <Input
                   id="input"
                   prefix={<UserOutlined className="site-form-item-icon" />}
-                  placeholder={(this.state.loginMethod === "verificationCode") ? i18next.t("login:Email or phone") : i18next.t("login:username, Email or phone")}
+                  placeholder={this.getPlaceholder()}
                   onChange={e => {
                     this.setState({
                       username: e.target.value,
@@ -842,12 +875,12 @@ class LoginPage extends React.Component {
               prefix={<LockOutlined className="site-form-item-icon" />}
               type="password"
               placeholder={i18next.t("general:Password")}
-              disabled={!application.enablePassword}
+              disabled={!Setting.isPasswordEnabled(application)}
             />
           </Form.Item>
         </Col>
       );
-    } else if (this.state.loginMethod === "verificationCode") {
+    } else if (this.state.loginMethod?.includes("verificationCode")) {
       return (
         <Col span={24}>
           <Form.Item
@@ -871,9 +904,26 @@ class LoginPage extends React.Component {
   renderMethodChoiceBox() {
     const application = this.getApplicationObj();
     const items = [];
-    application.enablePassword ? items.push({label: i18next.t("general:Password"), key: "password"}) : null;
-    application.enableCodeSignin ? items.push({label: i18next.t("login:Verification code"), key: "verificationCode"}) : null;
-    application.enableWebAuthn ? items.push({label: i18next.t("login:WebAuthn"), key: "webAuthn"}) : null;
+
+    const generateItemKey = (name, rule) => {
+      return `${name}-${rule}`;
+    };
+
+    const itemsMap = new Map([
+      [generateItemKey("Password", "None"), {label: i18next.t("general:Password"), key: "password"}],
+      [generateItemKey("Verification code", "All"), {label: i18next.t("login:Verification code"), key: "verificationCode"}],
+      [generateItemKey("Verification code", "Email only"), {label: i18next.t("login:Verification code"), key: "verificationCodeEmail"}],
+      [generateItemKey("Verification code", "Phone only"), {label: i18next.t("login:Verification code"), key: "verificationCodePhone"}],
+      [generateItemKey("WebAuthn", "None"), {label: i18next.t("login:WebAuthn"), key: "webAuthn"}],
+    ]);
+
+    application?.signinMethods.forEach((signinMethod) => {
+      const item = itemsMap.get(generateItemKey(signinMethod.name, signinMethod.rule));
+      if (item) {
+        const label = signinMethod.name === signinMethod.displayName ? item.label : signinMethod.displayName;
+        items.push({label: label, key: item.key});
+      }
+    });
 
     if (items.length > 1) {
       return (
@@ -1003,7 +1053,7 @@ class LoginPage extends React.Component {
     }
 
     const visibleOAuthProviderItems = (application.providers === null) ? [] : application.providers.filter(providerItem => this.isProviderVisible(providerItem));
-    if (this.props.preview !== "auto" && !application.enablePassword && !application.enableCodeSignin && !application.enableWebAuthn && visibleOAuthProviderItems.length === 1) {
+    if (this.props.preview !== "auto" && !Setting.isPasswordEnabled(application) && !Setting.isCodeSigninEnabled(application) && !Setting.isWebAuthnEnabled(application) && visibleOAuthProviderItems.length === 1) {
       Setting.goToLink(Provider.getAuthUrl(application, visibleOAuthProviderItems[0].provider, "signup"));
       return (
         <div style={{display: "flex", justifyContent: "center", alignItems: "center", width: "100%"}}>

web/src/backend/InvitationBackend.js

@@ -0,0 +1,81 @@
+// Copyright 2023 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import * as Setting from "../Setting";
+
+export function getInvitations(owner, page = "", pageSize = "", field = "", value = "", sortField = "", sortOrder = "") {
+  return fetch(`${Setting.ServerUrl}/api/get-invitations?owner=${owner}&p=${page}&pageSize=${pageSize}&field=${field}&value=${value}&sortField=${sortField}&sortOrder=${sortOrder}`, {
+    method: "GET",
+    credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
+  }).then(res => res.json());
+}
+
+export function getInvitation(owner, name) {
+  return fetch(`${Setting.ServerUrl}/api/get-invitation?id=${owner}/${encodeURIComponent(name)}`, {
+    method: "GET",
+    credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
+  }).then(res => res.json());
+}
+
+export function updateInvitation(owner, name, invitation) {
+  const newInvitation = Setting.deepCopy(invitation);
+  return fetch(`${Setting.ServerUrl}/api/update-invitation?id=${owner}/${encodeURIComponent(name)}`, {
+    method: "POST",
+    credentials: "include",
+    body: JSON.stringify(newInvitation),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
+  }).then(res => res.json());
+}
+
+export function addInvitation(invitation) {
+  const newInvitation = Setting.deepCopy(invitation);
+  return fetch(`${Setting.ServerUrl}/api/add-invitation`, {
+    method: "POST",
+    credentials: "include",
+    body: JSON.stringify(newInvitation),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
+  }).then(res => res.json());
+}
+
+export function deleteInvitation(invitation) {
+  const newInvitation = Setting.deepCopy(invitation);
+  return fetch(`${Setting.ServerUrl}/api/delete-invitation`, {
+    method: "POST",
+    credentials: "include",
+    body: JSON.stringify(newInvitation),
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
+  }).then(res => res.json());
+}
+
+export function verifyInvitation(owner, name) {
+  return fetch(`${Setting.ServerUrl}/api/verify-invitation?id=${owner}/${encodeURIComponent(name)}`, {
+    method: "GET",
+    credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
+  }).then(res => res.json());
+}

web/src/common/TestEmailWidget.js

@@ -33,7 +33,7 @@ export function connectSmtpServer(provider) {
   testEmailProvider(provider)
     .then((res) => {
       if (res.status === "ok") {
-        Setting.showMessage("success", "provider:SMTP connected successfully");
+        Setting.showMessage("success", i18next.t("provider:SMTP connected successfully"));
       } else {
         Setting.showMessage("error", res.msg);
       }

web/src/locales/ar/data.json

@@ -36,12 +36,6 @@
     "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
     "Enable SAML compression": "Enable SAML compression",
     "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
-    "Enable WebAuthn signin": "Enable WebAuthn signin",
-    "Enable WebAuthn signin - Tooltip": "Whether to allow users to login with WebAuthn",
-    "Enable code signin": "Enable code signin",
-    "Enable code signin - Tooltip": "Whether to allow users to login with phone or Email verification code",
-    "Enable password": "Enable password",
-    "Enable password - Tooltip": "Whether to allow users to login with password",
     "Enable side panel": "Enable side panel",
     "Enable signin session - Tooltip": "Whether Casdoor maintains a session after logging into Casdoor from the application",
     "Enable signup": "Enable signup",
@@ -100,6 +94,8 @@
     "Sign Up Error": "Sign Up Error",
     "Signin": "Signin",
     "Signin (Default True)": "Signin (Default True)",
+    "Signin methods": "Signin methods",
+    "Signin methods - Tooltip": "Signin methods - Tooltip",
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
@@ -173,6 +169,7 @@
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
     "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
+    "All": "All",
     "Application": "Application",
     "Application - Tooltip": "Application - Tooltip",
     "Applications": "Applications",
@@ -214,6 +211,7 @@
     "Edit": "Edit",
     "Email": "Email",
     "Email - Tooltip": "Valid email address",
+    "Email only": "Email only",
     "Enable": "Enable",
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
@@ -242,6 +240,7 @@
     "ID": "ID",
     "ID - Tooltip": "Unique random string",
     "Identity": "Identity",
+    "Invitations": "Invitations",
     "Is enabled": "Is enabled",
     "Is enabled - Tooltip": "Set whether it can use",
     "LDAPs": "LDAPs",
@@ -287,6 +286,7 @@
     "Permissions - Tooltip": "Permissions owned by this user",
     "Phone": "Phone",
     "Phone - Tooltip": "Phone number",
+    "Phone only": "Phone only",
     "Plan": "Plan",
     "Plan - Tooltip": "Plan - Tooltip",
     "Plans": "Plans",
@@ -383,6 +383,16 @@
     "Past 30 Days": "Past 30 Days",
     "Total users": "Total users"
   },
+  "invitation": {
+    "Code": "Code",
+    "Code - Tooltip": "Code - Tooltip",
+    "Edit Invitation": "Edit Invitation",
+    "New Invitation": "New Invitation",
+    "Quota": "Quota",
+    "Quota - Tooltip": "Quota - Tooltip",
+    "Used count": "Used count",
+    "Used count - Tooltip": "Used count - Tooltip"
+  },
   "ldap": {
     "Admin": "Admin",
     "Admin - Tooltip": "CN or ID of the LDAP server administrator",
@@ -416,6 +426,7 @@
   "login": {
     "Auto sign in": "Auto sign in",
     "Continue with": "Continue with",
+    "Email": "Email",
     "Email or phone": "Email or phone",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
@@ -425,7 +436,10 @@
     "MetaMask plugin not detected": "MetaMask plugin not detected",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
+    "Phone": "Phone",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
+    "Please input your Email!": "Please input your Email!",
+    "Please input your Phone!": "Please input your Phone!",
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
@@ -439,6 +453,8 @@
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
+    "The input is not valid Email!": "The input is not valid Email!",
+    "The input is not valid phone number!": "The input is not valid phone number!",
     "To access": "To access",
     "Verification code": "Verification code",
     "WebAuthn": "WebAuthn",
@@ -751,11 +767,14 @@
     "Region endpoint for Internet": "Region endpoint for Internet",
     "Region endpoint for Intranet": "Region endpoint for Intranet",
     "Required": "Required",
+    "Reset to Default HTML": "Reset to Default HTML",
+    "Reset to Default Text": "Reset to Default Text",
     "SAML 2.0 Endpoint (HTTP)": "SAML 2.0 Endpoint (HTTP)",
     "SMS Test": "SMS Test",
     "SMS Test - Tooltip": "Phone number for sending test SMS",
     "SMS account": "SMS account",
     "SMS account - Tooltip": "SMS account",
+    "SMTP connected successfully": "SMTP connected successfully",
     "SP ACS URL": "SP ACS URL",
     "SP ACS URL - Tooltip": "SP ACS URL",
     "SP Entity ID": "SP Entity ID",

web/src/locales/de/data.json

@@ -36,12 +36,6 @@
     "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
     "Enable SAML compression": "Aktivieren Sie SAML-Komprimierung",
     "Enable SAML compression - Tooltip": "Ob SAML-Antwortnachrichten komprimiert werden sollen, wenn Casdoor als SAML-IdP verwendet wird",
-    "Enable WebAuthn signin": "Anmeldung mit WebAuthn aktivieren",
-    "Enable WebAuthn signin - Tooltip": "Ob Benutzern erlaubt werden soll, sich mit WebAuthn anzumelden",
-    "Enable code signin": "Code Anmeldung aktivieren",
-    "Enable code signin - Tooltip": "Ob Benutzern erlaubt werden soll, sich mit einem Telefon- oder E-Mail-Bestätigungscode anzumelden",
-    "Enable password": "Passwort aktivieren",
-    "Enable password - Tooltip": "Ob Benutzern erlaubt werden soll, sich mit einem Passwort anzumelden",
     "Enable side panel": "Sidepanel aktivieren",
     "Enable signin session - Tooltip": "Ob Casdoor eine Sitzung aufrechterhält, nachdem man sich von der Anwendung aus bei Casdoor angemeldet hat",
     "Enable signup": "Registrierung aktivieren",
@@ -100,6 +94,8 @@
     "Sign Up Error": "Registrierungsfehler",
     "Signin": "Signin",
     "Signin (Default True)": "Signin (Default True)",
+    "Signin methods": "Signin methods",
+    "Signin methods - Tooltip": "Signin methods - Tooltip",
     "Signin session": "Anmeldesession",
     "Signup items": "Registrierungs Items",
     "Signup items - Tooltip": "Items, die Benutzer ausfüllen müssen, wenn sie neue Konten registrieren",
@@ -173,6 +169,7 @@
     "Admin": "Admin",
     "Affiliation URL": "Zugehörigkeits-URL",
     "Affiliation URL - Tooltip": "Die Homepage-URL für die Zugehörigkeit",
+    "All": "All",
     "Application": "Applikation",
     "Application - Tooltip": "Application - Tooltip",
     "Applications": "Anwendungen",
@@ -214,6 +211,7 @@
     "Edit": "Bearbeiten",
     "Email": "E-Mail",
     "Email - Tooltip": "Gültige E-Mail-Adresse",
+    "Email only": "Email only",
     "Enable": "Enable",
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
@@ -242,6 +240,7 @@
     "ID": "ID",
     "ID - Tooltip": "Einzigartiger Zufallsstring",
     "Identity": "Identity",
+    "Invitations": "Invitations",
     "Is enabled": "Ist aktiviert",
     "Is enabled - Tooltip": "Festlegen, ob es verwendet werden kann",
     "LDAPs": "LDAPs",
@@ -287,6 +286,7 @@
     "Permissions - Tooltip": "Berechtigungen, die diesem Benutzer gehören",
     "Phone": "Telefon",
     "Phone - Tooltip": "Telefonnummer",
+    "Phone only": "Phone only",
     "Plan": "Plan",
     "Plan - Tooltip": "Plan - Tooltip",
     "Plans": "Pläne",
@@ -383,6 +383,16 @@
     "Past 30 Days": "Past 30 Days",
     "Total users": "Total users"
   },
+  "invitation": {
+    "Code": "Code",
+    "Code - Tooltip": "Code - Tooltip",
+    "Edit Invitation": "Edit Invitation",
+    "New Invitation": "New Invitation",
+    "Quota": "Quota",
+    "Quota - Tooltip": "Quota - Tooltip",
+    "Used count": "Used count",
+    "Used count - Tooltip": "Used count - Tooltip"
+  },
   "ldap": {
     "Admin": "Admin",
     "Admin - Tooltip": "CN oder ID des LDAP-Serveradministrators",
@@ -416,6 +426,7 @@
   "login": {
     "Auto sign in": "Automatische Anmeldung",
     "Continue with": "Weitermachen mit",
+    "Email": "Email",
     "Email or phone": "E-Mail oder Telefon",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
@@ -425,7 +436,10 @@
     "MetaMask plugin not detected": "MetaMask plugin not detected",
     "No account?": "Kein Konto?",
     "Or sign in with another account": "Oder mit einem anderen Konto anmelden",
+    "Phone": "Phone",
     "Please input your Email or Phone!": "Bitte geben Sie Ihre E-Mail oder Telefonnummer ein!",
+    "Please input your Email!": "Please input your Email!",
+    "Please input your Phone!": "Please input your Phone!",
     "Please input your code!": "Bitte geben Sie Ihren Code ein!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Bitte geben Sie Ihr Passwort ein!",
@@ -439,6 +453,8 @@
     "Signing in...": "Anmelden...",
     "Successfully logged in with WebAuthn credentials": "Erfolgreich mit WebAuthn-Anmeldeinformationen angemeldet",
     "The input is not valid Email or phone number!": "Die Eingabe ist keine gültige E-Mail-Adresse oder Telefonnummer!",
+    "The input is not valid Email!": "The input is not valid Email!",
+    "The input is not valid phone number!": "The input is not valid phone number!",
     "To access": "Zum Zugriff",
     "Verification code": "Verifizierungscode",
     "WebAuthn": "WebAuthn",
@@ -751,11 +767,14 @@
     "Region endpoint for Internet": "Regionsendpunkt für das Internet",
     "Region endpoint for Intranet": "Regionales Endpunkt für Intranet",
     "Required": "Benötigt",
+    "Reset to Default HTML": "Reset to Default HTML",
+    "Reset to Default Text": "Reset to Default Text",
     "SAML 2.0 Endpoint (HTTP)": "SAML 2.0 Endpunkt (HTTP)",
     "SMS Test": "SMS-Test",
     "SMS Test - Tooltip": "Telefonnummer für den Versand von Test-SMS",
     "SMS account": "SMS-Konto",
     "SMS account - Tooltip": "SMS-Konto",
+    "SMTP connected successfully": "SMTP connected successfully",
     "SP ACS URL": "SP-ACS-URL",
     "SP ACS URL - Tooltip": "SP ACS URL - Tooltip",
     "SP Entity ID": "SP-Entitäts-ID",

web/src/locales/en/data.json

@@ -36,12 +36,6 @@
     "Enable SAML C14N10 - Tooltip": "Use C14N10 instead of C14N11 in SAML",
     "Enable SAML compression": "Enable SAML compression",
     "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
-    "Enable WebAuthn signin": "Enable WebAuthn signin",
-    "Enable WebAuthn signin - Tooltip": "Whether to allow users to login with WebAuthn",
-    "Enable code signin": "Enable code signin",
-    "Enable code signin - Tooltip": "Whether to allow users to login with phone or Email verification code",
-    "Enable password": "Enable password",
-    "Enable password - Tooltip": "Whether to allow users to login with password",
     "Enable side panel": "Enable side panel",
     "Enable signin session - Tooltip": "Whether Casdoor maintains a session after logging into Casdoor from the application",
     "Enable signup": "Enable signup",
@@ -100,6 +94,8 @@
     "Sign Up Error": "Sign Up Error",
     "Signin": "Signin",
     "Signin (Default True)": "Signin (Default True)",
+    "Signin methods": "Signin methods",
+    "Signin methods - Tooltip": "Signin methods - Tooltip",
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
@@ -173,6 +169,7 @@
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
     "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
+    "All": "All",
     "Application": "Application",
     "Application - Tooltip": "Application - Tooltip",
     "Applications": "Applications",
@@ -214,6 +211,7 @@
     "Edit": "Edit",
     "Email": "Email",
     "Email - Tooltip": "Valid email address",
+    "Email only": "Email only",
     "Enable": "Enable",
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
@@ -242,6 +240,7 @@
     "ID": "ID",
     "ID - Tooltip": "Unique random string",
     "Identity": "Identity",
+    "Invitations": "Invitations",
     "Is enabled": "Is enabled",
     "Is enabled - Tooltip": "Set whether it can use",
     "LDAPs": "LDAPs",
@@ -287,6 +286,7 @@
     "Permissions - Tooltip": "Permissions owned by this user",
     "Phone": "Phone",
     "Phone - Tooltip": "Phone number",
+    "Phone only": "Phone only",
     "Plan": "Plan",
     "Plan - Tooltip": "Plan - Tooltip",
     "Plans": "Plans",
@@ -383,6 +383,16 @@
     "Past 30 Days": "Past 30 Days",
     "Total users": "Total users"
   },
+  "invitation": {
+    "Code": "Code",
+    "Code - Tooltip": "Can be a single string as an invitation code, or a regular expression. All strings matching the regular expression are valid invitation codes",
+    "Edit Invitation": "Edit Invitation",
+    "New Invitation": "New Invitation",
+    "Quota": "Quota",
+    "Quota - Tooltip": "The maximum number of users that can register using this invitation code",
+    "Used count": "Used count",
+    "Used count - Tooltip": "The number of times this invitation code has been used"
+  },
   "ldap": {
     "Admin": "Admin",
     "Admin - Tooltip": "CN or ID of the LDAP server administrator",
@@ -416,6 +426,7 @@
   "login": {
     "Auto sign in": "Auto sign in",
     "Continue with": "Continue with",
+    "Email": "Email",
     "Email or phone": "Email or phone",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
@@ -425,7 +436,10 @@
     "MetaMask plugin not detected": "MetaMask plugin not detected",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
+    "Phone": "Phone",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
+    "Please input your Email!": "Please input your Email!",
+    "Please input your Phone!": "Please input your Phone!",
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
@@ -439,6 +453,8 @@
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
+    "The input is not valid Email!": "The input is not valid Email!",
+    "The input is not valid phone number!": "The input is not valid phone number!",
     "To access": "To access",
     "Verification code": "Verification code",
     "WebAuthn": "WebAuthn",
@@ -751,11 +767,14 @@
     "Region endpoint for Internet": "Region endpoint for Internet",
     "Region endpoint for Intranet": "Region endpoint for Intranet",
     "Required": "Required",
+    "Reset to Default HTML": "Reset to Default HTML",
+    "Reset to Default Text": "Reset to Default Text",
     "SAML 2.0 Endpoint (HTTP)": "SAML 2.0 Endpoint (HTTP)",
     "SMS Test": "SMS Test",
     "SMS Test - Tooltip": "Phone number for sending test SMS",
     "SMS account": "SMS account",
     "SMS account - Tooltip": "SMS account",
+    "SMTP connected successfully": "SMTP connected successfully",
     "SP ACS URL": "SP ACS URL",
     "SP ACS URL - Tooltip": "SP ACS URL",
     "SP Entity ID": "SP Entity ID",

web/src/locales/es/data.json

@@ -36,12 +36,6 @@
     "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
     "Enable SAML compression": "Activar la compresión SAML",
     "Enable SAML compression - Tooltip": "Si comprimir o no los mensajes de respuesta SAML cuando se utiliza Casdoor como proveedor de identidad SAML",
-    "Enable WebAuthn signin": "Permite iniciar sesión con WebAuthn",
-    "Enable WebAuthn signin - Tooltip": "Si permitir a los usuarios iniciar sesión con WebAuthn",
-    "Enable code signin": "Habilitar la firma de código",
-    "Enable code signin - Tooltip": "Si permitir que los usuarios inicien sesión con código de verificación de teléfono o correo electrónico",
-    "Enable password": "Habilitar contraseña",
-    "Enable password - Tooltip": "Si permitir que los usuarios inicien sesión con contraseña",
     "Enable side panel": "Habilitar panel lateral",
     "Enable signin session - Tooltip": "Si Casdoor mantiene una sesión después de iniciar sesión en Casdoor desde la aplicación",
     "Enable signup": "Habilitar registro",
@@ -100,6 +94,8 @@
     "Sign Up Error": "Error de registro",
     "Signin": "Signin",
     "Signin (Default True)": "Signin (Default True)",
+    "Signin methods": "Signin methods",
+    "Signin methods - Tooltip": "Signin methods - Tooltip",
     "Signin session": "Sesión de inicio de sesión",
     "Signup items": "Artículos de registro",
     "Signup items - Tooltip": "Elementos para que los usuarios los completen al registrar nuevas cuentas",
@@ -173,6 +169,7 @@
     "Admin": "Admin",
     "Affiliation URL": "URL de afiliación",
     "Affiliation URL - Tooltip": "La URL de la página de inicio para la afiliación",
+    "All": "All",
     "Application": "Aplicación",
     "Application - Tooltip": "Application - Tooltip",
     "Applications": "Aplicaciones",
@@ -214,6 +211,7 @@
     "Edit": "Editar",
     "Email": "Correo electrónico",
     "Email - Tooltip": "Dirección de correo electrónico válida",
+    "Email only": "Email only",
     "Enable": "Enable",
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
@@ -242,6 +240,7 @@
     "ID": "identificación",
     "ID - Tooltip": "Cadena aleatoria única",
     "Identity": "Identity",
+    "Invitations": "Invitations",
     "Is enabled": "Está habilitado",
     "Is enabled - Tooltip": "Establecer si se puede usar",
     "LDAPs": "LDAPs (Secure LDAP)",
@@ -287,6 +286,7 @@
     "Permissions - Tooltip": "Permisos propiedad de este usuario",
     "Phone": "Teléfono",
     "Phone - Tooltip": "Número de teléfono",
+    "Phone only": "Phone only",
     "Plan": "Plan",
     "Plan - Tooltip": "Plan - Tooltip",
     "Plans": "Planes",
@@ -383,6 +383,16 @@
     "Past 30 Days": "Past 30 Days",
     "Total users": "Total users"
   },
+  "invitation": {
+    "Code": "Code",
+    "Code - Tooltip": "Code - Tooltip",
+    "Edit Invitation": "Edit Invitation",
+    "New Invitation": "New Invitation",
+    "Quota": "Quota",
+    "Quota - Tooltip": "Quota - Tooltip",
+    "Used count": "Used count",
+    "Used count - Tooltip": "Used count - Tooltip"
+  },
   "ldap": {
     "Admin": "Administrador",
     "Admin - Tooltip": "CN o ID del administrador del servidor LDAP",
@@ -416,6 +426,7 @@
   "login": {
     "Auto sign in": "Inicio de sesión automático",
     "Continue with": "Continúe con",
+    "Email": "Email",
     "Email or phone": "Correo electrónico o teléfono",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
@@ -425,7 +436,10 @@
     "MetaMask plugin not detected": "MetaMask plugin not detected",
     "No account?": "¿No tienes cuenta?",
     "Or sign in with another account": "O inicia sesión con otra cuenta",
+    "Phone": "Phone",
     "Please input your Email or Phone!": "¡Por favor introduzca su correo electrónico o teléfono!",
+    "Please input your Email!": "Please input your Email!",
+    "Please input your Phone!": "Please input your Phone!",
     "Please input your code!": "¡Por favor ingrese su código!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "¡Ingrese su contraseña, por favor!",
@@ -439,6 +453,8 @@
     "Signing in...": "Iniciando sesión...",
     "Successfully logged in with WebAuthn credentials": "Inició sesión correctamente con las credenciales de WebAuthn",
     "The input is not valid Email or phone number!": "¡La entrada no es un correo electrónico o número de teléfono válido!",
+    "The input is not valid Email!": "The input is not valid Email!",
+    "The input is not valid phone number!": "The input is not valid phone number!",
     "To access": "para acceder",
     "Verification code": "Código de verificación",
     "WebAuthn": "WebAuthn (Autenticación Web)",
@@ -751,11 +767,14 @@
     "Region endpoint for Internet": "Punto final de la región para Internet",
     "Region endpoint for Intranet": "Punto final de región para Intranet",
     "Required": "Requerido",
+    "Reset to Default HTML": "Reset to Default HTML",
+    "Reset to Default Text": "Reset to Default Text",
     "SAML 2.0 Endpoint (HTTP)": "Punto final de SAML 2.0 (HTTP)",
     "SMS Test": "Prueba de SMS",
     "SMS Test - Tooltip": "Número de teléfono para enviar mensajes de texto de prueba",
     "SMS account": "Cuenta de SMS",
     "SMS account - Tooltip": "Cuenta de SMS",
+    "SMTP connected successfully": "SMTP connected successfully",
     "SP ACS URL": "SP ACS URL",
     "SP ACS URL - Tooltip": "URL del ACS de SP",
     "SP Entity ID": "ID de entidad SP",

web/src/locales/fa/data.json

@@ -36,12 +36,6 @@
     "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
     "Enable SAML compression": "Enable SAML compression",
     "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
-    "Enable WebAuthn signin": "Enable WebAuthn signin",
-    "Enable WebAuthn signin - Tooltip": "Whether to allow users to login with WebAuthn",
-    "Enable code signin": "Enable code signin",
-    "Enable code signin - Tooltip": "Whether to allow users to login with phone or Email verification code",
-    "Enable password": "Enable password",
-    "Enable password - Tooltip": "Whether to allow users to login with password",
     "Enable side panel": "Enable side panel",
     "Enable signin session - Tooltip": "Whether Casdoor maintains a session after logging into Casdoor from the application",
     "Enable signup": "Enable signup",
@@ -100,6 +94,8 @@
     "Sign Up Error": "Sign Up Error",
     "Signin": "Signin",
     "Signin (Default True)": "Signin (Default True)",
+    "Signin methods": "Signin methods",
+    "Signin methods - Tooltip": "Signin methods - Tooltip",
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
@@ -173,6 +169,7 @@
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
     "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
+    "All": "All",
     "Application": "Application",
     "Application - Tooltip": "Application - Tooltip",
     "Applications": "Applications",
@@ -214,6 +211,7 @@
     "Edit": "Edit",
     "Email": "Email",
     "Email - Tooltip": "Valid email address",
+    "Email only": "Email only",
     "Enable": "Enable",
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
@@ -242,6 +240,7 @@
     "ID": "ID",
     "ID - Tooltip": "Unique random string",
     "Identity": "Identity",
+    "Invitations": "Invitations",
     "Is enabled": "Is enabled",
     "Is enabled - Tooltip": "Set whether it can use",
     "LDAPs": "LDAPs",
@@ -287,6 +286,7 @@
     "Permissions - Tooltip": "Permissions owned by this user",
     "Phone": "Phone",
     "Phone - Tooltip": "Phone number",
+    "Phone only": "Phone only",
     "Plan": "Plan",
     "Plan - Tooltip": "Plan - Tooltip",
     "Plans": "Plans",
@@ -383,6 +383,16 @@
     "Past 30 Days": "Past 30 Days",
     "Total users": "Total users"
   },
+  "invitation": {
+    "Code": "Code",
+    "Code - Tooltip": "Code - Tooltip",
+    "Edit Invitation": "Edit Invitation",
+    "New Invitation": "New Invitation",
+    "Quota": "Quota",
+    "Quota - Tooltip": "Quota - Tooltip",
+    "Used count": "Used count",
+    "Used count - Tooltip": "Used count - Tooltip"
+  },
   "ldap": {
     "Admin": "Admin",
     "Admin - Tooltip": "CN or ID of the LDAP server administrator",
@@ -416,6 +426,7 @@
   "login": {
     "Auto sign in": "Auto sign in",
     "Continue with": "Continue with",
+    "Email": "Email",
     "Email or phone": "Email or phone",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
@@ -425,7 +436,10 @@
     "MetaMask plugin not detected": "MetaMask plugin not detected",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
+    "Phone": "Phone",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
+    "Please input your Email!": "Please input your Email!",
+    "Please input your Phone!": "Please input your Phone!",
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
@@ -439,6 +453,8 @@
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
+    "The input is not valid Email!": "The input is not valid Email!",
+    "The input is not valid phone number!": "The input is not valid phone number!",
     "To access": "To access",
     "Verification code": "Verification code",
     "WebAuthn": "WebAuthn",
@@ -751,11 +767,14 @@
     "Region endpoint for Internet": "Region endpoint for Internet",
     "Region endpoint for Intranet": "Region endpoint for Intranet",
     "Required": "Required",
+    "Reset to Default HTML": "Reset to Default HTML",
+    "Reset to Default Text": "Reset to Default Text",
     "SAML 2.0 Endpoint (HTTP)": "SAML 2.0 Endpoint (HTTP)",
     "SMS Test": "SMS Test",
     "SMS Test - Tooltip": "Phone number for sending test SMS",
     "SMS account": "SMS account",
     "SMS account - Tooltip": "SMS account",
+    "SMTP connected successfully": "SMTP connected successfully",
     "SP ACS URL": "SP ACS URL",
     "SP ACS URL - Tooltip": "SP ACS URL",
     "SP Entity ID": "SP Entity ID",

web/src/locales/fi/data.json

@@ -36,12 +36,6 @@
     "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
     "Enable SAML compression": "Enable SAML compression",
     "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
-    "Enable WebAuthn signin": "Enable WebAuthn signin",
-    "Enable WebAuthn signin - Tooltip": "Whether to allow users to login with WebAuthn",
-    "Enable code signin": "Enable code signin",
-    "Enable code signin - Tooltip": "Whether to allow users to login with phone or Email verification code",
-    "Enable password": "Enable password",
-    "Enable password - Tooltip": "Whether to allow users to login with password",
     "Enable side panel": "Enable side panel",
     "Enable signin session - Tooltip": "Whether Casdoor maintains a session after logging into Casdoor from the application",
     "Enable signup": "Enable signup",
@@ -100,6 +94,8 @@
     "Sign Up Error": "Sign Up Error",
     "Signin": "Signin",
     "Signin (Default True)": "Signin (Default True)",
+    "Signin methods": "Signin methods",
+    "Signin methods - Tooltip": "Signin methods - Tooltip",
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
@@ -173,6 +169,7 @@
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
     "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
+    "All": "All",
     "Application": "Application",
     "Application - Tooltip": "Application - Tooltip",
     "Applications": "Applications",
@@ -214,6 +211,7 @@
     "Edit": "Edit",
     "Email": "Email",
     "Email - Tooltip": "Valid email address",
+    "Email only": "Email only",
     "Enable": "Enable",
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
@@ -242,6 +240,7 @@
     "ID": "ID",
     "ID - Tooltip": "Unique random string",
     "Identity": "Identity",
+    "Invitations": "Invitations",
     "Is enabled": "Is enabled",
     "Is enabled - Tooltip": "Set whether it can use",
     "LDAPs": "LDAPs",
@@ -287,6 +286,7 @@
     "Permissions - Tooltip": "Permissions owned by this user",
     "Phone": "Phone",
     "Phone - Tooltip": "Phone number",
+    "Phone only": "Phone only",
     "Plan": "Plan",
     "Plan - Tooltip": "Plan - Tooltip",
     "Plans": "Plans",
@@ -383,6 +383,16 @@
     "Past 30 Days": "Past 30 Days",
     "Total users": "Total users"
   },
+  "invitation": {
+    "Code": "Code",
+    "Code - Tooltip": "Code - Tooltip",
+    "Edit Invitation": "Edit Invitation",
+    "New Invitation": "New Invitation",
+    "Quota": "Quota",
+    "Quota - Tooltip": "Quota - Tooltip",
+    "Used count": "Used count",
+    "Used count - Tooltip": "Used count - Tooltip"
+  },
   "ldap": {
     "Admin": "Admin",
     "Admin - Tooltip": "CN or ID of the LDAP server administrator",
@@ -416,6 +426,7 @@
   "login": {
     "Auto sign in": "Auto sign in",
     "Continue with": "Continue with",
+    "Email": "Email",
     "Email or phone": "Email or phone",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
@@ -425,7 +436,10 @@
     "MetaMask plugin not detected": "MetaMask plugin not detected",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
+    "Phone": "Phone",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
+    "Please input your Email!": "Please input your Email!",
+    "Please input your Phone!": "Please input your Phone!",
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
@@ -439,6 +453,8 @@
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
+    "The input is not valid Email!": "The input is not valid Email!",
+    "The input is not valid phone number!": "The input is not valid phone number!",
     "To access": "To access",
     "Verification code": "Verification code",
     "WebAuthn": "WebAuthn",
@@ -751,11 +767,14 @@
     "Region endpoint for Internet": "Region endpoint for Internet",
     "Region endpoint for Intranet": "Region endpoint for Intranet",
     "Required": "Required",
+    "Reset to Default HTML": "Reset to Default HTML",
+    "Reset to Default Text": "Reset to Default Text",
     "SAML 2.0 Endpoint (HTTP)": "SAML 2.0 Endpoint (HTTP)",
     "SMS Test": "SMS Test",
     "SMS Test - Tooltip": "Phone number for sending test SMS",
     "SMS account": "SMS account",
     "SMS account - Tooltip": "SMS account",
+    "SMTP connected successfully": "SMTP connected successfully",
     "SP ACS URL": "SP ACS URL",
     "SP ACS URL - Tooltip": "SP ACS URL",
     "SP Entity ID": "SP Entity ID",

web/src/locales/fr/data.json

@@ -36,12 +36,6 @@
     "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
     "Enable SAML compression": "Activer la compression SAML",
     "Enable SAML compression - Tooltip": "Compresser ou non les messages de réponse SAML lorsque Casdoor est utilisé en tant que fournisseur d'identité SAML",
-    "Enable WebAuthn signin": "Autoriser la connexion via WebAuthn",
-    "Enable WebAuthn signin - Tooltip": "Permettre la connexion avec WebAuthn",
-    "Enable code signin": "Autoriser la connexion avec un code",
-    "Enable code signin - Tooltip": "Permettre la connexion avec un code de vérification par téléphone ou par e-mail",
-    "Enable password": "Activer le mot de passe",
-    "Enable password - Tooltip": "Permettre la connecter avec un mot de passe",
     "Enable side panel": "Activer le panneau latéral",
     "Enable signin session - Tooltip": "Conserver une session après la connexion à Casdoor à partir de l'application",
     "Enable signup": "Activer l'inscription",
@@ -100,6 +94,8 @@
     "Sign Up Error": "Erreur d'inscription",
     "Signin": "Connexion",
     "Signin (Default True)": "Connexion (Vrai par défaut)",
+    "Signin methods": "Signin methods",
+    "Signin methods - Tooltip": "Signin methods - Tooltip",
     "Signin session": "Session de connexion",
     "Signup items": "Champs d'inscription",
     "Signup items - Tooltip": "Champs à remplir lors de l'enregistrement de nouveaux comptes",
@@ -173,6 +169,7 @@
     "Admin": "Administration",
     "Affiliation URL": "URL d'affiliation",
     "Affiliation URL - Tooltip": "URL du site web de l'affiliation",
+    "All": "All",
     "Application": "Application",
     "Application - Tooltip": "Application - Info-bulle",
     "Applications": "Applications",
@@ -214,6 +211,7 @@
     "Edit": "Modifier",
     "Email": "E-mail",
     "Email - Tooltip": "Adresse e-mail valide",
+    "Email only": "Email only",
     "Enable": "Activer",
     "Enabled": "Activé",
     "Enabled successfully": "Activé avec succès",
@@ -242,6 +240,7 @@
     "ID": "ID",
     "ID - Tooltip": "Chaîne unique aléatoire",
     "Identity": "Identité",
+    "Invitations": "Invitations",
     "Is enabled": "Est activé",
     "Is enabled - Tooltip": "Définir s'il peut être utilisé",
     "LDAPs": "LDAPs",
@@ -287,6 +286,7 @@
     "Permissions - Tooltip": "Permissions détenues par ce compte",
     "Phone": "Téléphone",
     "Phone - Tooltip": "Numéro de téléphone",
+    "Phone only": "Phone only",
     "Plan": "Offre",
     "Plan - Tooltip": "Offre - Infobulle",
     "Plans": "Offres",
@@ -383,6 +383,16 @@
     "Past 30 Days": "30 derniers jours",
     "Total users": "Nombre total de comptes"
   },
+  "invitation": {
+    "Code": "Code",
+    "Code - Tooltip": "Code - Tooltip",
+    "Edit Invitation": "Edit Invitation",
+    "New Invitation": "New Invitation",
+    "Quota": "Quota",
+    "Quota - Tooltip": "Quota - Tooltip",
+    "Used count": "Used count",
+    "Used count - Tooltip": "Used count - Tooltip"
+  },
   "ldap": {
     "Admin": "Compte d'administration",
     "Admin - Tooltip": "CN ou ID du compte d'administration du serveur LDAP",
@@ -416,6 +426,7 @@
   "login": {
     "Auto sign in": "Connexion automatique",
     "Continue with": "Continuer avec",
+    "Email": "Email",
     "Email or phone": "Email ou téléphone",
     "Failed to obtain MetaMask authorization": "Échec de l'obtention de l'autorisation MetaMask",
     "Failed to obtain Web3-Onboard authorization": "Échec de l'obtention de l'autorisation MetaMask",
@@ -425,7 +436,10 @@
     "MetaMask plugin not detected": "Le plugin MetaMask n'a pas été détecté",
     "No account?": "Pas de compte ?",
     "Or sign in with another account": "Ou connectez-vous avec un autre compte",
+    "Phone": "Phone",
     "Please input your Email or Phone!": "Veuillez saisir votre adresse e-mail ou votre numéro de téléphone !",
+    "Please input your Email!": "Please input your Email!",
+    "Please input your Phone!": "Please input your Phone!",
     "Please input your code!": "Veuillez saisir votre code !",
     "Please input your organization name!": "Veuillez saisir le nom de votre organisation !",
     "Please input your password!": "Veuillez saisir votre mot de passe !",
@@ -439,6 +453,8 @@
     "Signing in...": "Connexion en cours...",
     "Successfully logged in with WebAuthn credentials": "Connexion avec les identifiants WebAuthn réussie",
     "The input is not valid Email or phone number!": "L'entrée n'est pas une adresse e-mail ou un numéro de téléphone valide !",
+    "The input is not valid Email!": "The input is not valid Email!",
+    "The input is not valid phone number!": "The input is not valid phone number!",
     "To access": "Pour accéder à",
     "Verification code": "Code de vérification",
     "WebAuthn": "WebAuthn",
@@ -751,11 +767,14 @@
     "Region endpoint for Internet": "Endpoint de zone géographique pour Internet",
     "Region endpoint for Intranet": "Endpoint de zone géographique pour Internet",
     "Required": "Requis",
+    "Reset to Default HTML": "Reset to Default HTML",
+    "Reset to Default Text": "Reset to Default Text",
     "SAML 2.0 Endpoint (HTTP)": "Endpoint SAML 2.0 (HTTP)",
     "SMS Test": "Test SMS",
     "SMS Test - Tooltip": "Numéro de téléphone pour l'envoi de SMS de test",
     "SMS account": "compte SMS",
     "SMS account - Tooltip": "Compte SMS",
+    "SMTP connected successfully": "SMTP connected successfully",
     "SP ACS URL": "URL du SP ACS",
     "SP ACS URL - Tooltip": "URL de l'ACS du fournisseur de service",
     "SP Entity ID": "Identifiant d'entité SP",

web/src/locales/he/data.json

@@ -36,12 +36,6 @@
     "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
     "Enable SAML compression": "Enable SAML compression",
     "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
-    "Enable WebAuthn signin": "Enable WebAuthn signin",
-    "Enable WebAuthn signin - Tooltip": "Whether to allow users to login with WebAuthn",
-    "Enable code signin": "Enable code signin",
-    "Enable code signin - Tooltip": "Whether to allow users to login with phone or Email verification code",
-    "Enable password": "Enable password",
-    "Enable password - Tooltip": "Whether to allow users to login with password",
     "Enable side panel": "Enable side panel",
     "Enable signin session - Tooltip": "Whether Casdoor maintains a session after logging into Casdoor from the application",
     "Enable signup": "Enable signup",
@@ -100,6 +94,8 @@
     "Sign Up Error": "Sign Up Error",
     "Signin": "Signin",
     "Signin (Default True)": "Signin (Default True)",
+    "Signin methods": "Signin methods",
+    "Signin methods - Tooltip": "Signin methods - Tooltip",
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
@@ -173,6 +169,7 @@
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
     "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
+    "All": "All",
     "Application": "Application",
     "Application - Tooltip": "Application - Tooltip",
     "Applications": "Applications",
@@ -214,6 +211,7 @@
     "Edit": "Edit",
     "Email": "Email",
     "Email - Tooltip": "Valid email address",
+    "Email only": "Email only",
     "Enable": "Enable",
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
@@ -242,6 +240,7 @@
     "ID": "ID",
     "ID - Tooltip": "Unique random string",
     "Identity": "Identity",
+    "Invitations": "Invitations",
     "Is enabled": "Is enabled",
     "Is enabled - Tooltip": "Set whether it can use",
     "LDAPs": "LDAPs",
@@ -287,6 +286,7 @@
     "Permissions - Tooltip": "Permissions owned by this user",
     "Phone": "Phone",
     "Phone - Tooltip": "Phone number",
+    "Phone only": "Phone only",
     "Plan": "Plan",
     "Plan - Tooltip": "Plan - Tooltip",
     "Plans": "Plans",
@@ -383,6 +383,16 @@
     "Past 30 Days": "Past 30 Days",
     "Total users": "Total users"
   },
+  "invitation": {
+    "Code": "Code",
+    "Code - Tooltip": "Code - Tooltip",
+    "Edit Invitation": "Edit Invitation",
+    "New Invitation": "New Invitation",
+    "Quota": "Quota",
+    "Quota - Tooltip": "Quota - Tooltip",
+    "Used count": "Used count",
+    "Used count - Tooltip": "Used count - Tooltip"
+  },
   "ldap": {
     "Admin": "Admin",
     "Admin - Tooltip": "CN or ID of the LDAP server administrator",
@@ -416,6 +426,7 @@
   "login": {
     "Auto sign in": "Auto sign in",
     "Continue with": "Continue with",
+    "Email": "Email",
     "Email or phone": "Email or phone",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
@@ -425,7 +436,10 @@
     "MetaMask plugin not detected": "MetaMask plugin not detected",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
+    "Phone": "Phone",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
+    "Please input your Email!": "Please input your Email!",
+    "Please input your Phone!": "Please input your Phone!",
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
@@ -439,6 +453,8 @@
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
+    "The input is not valid Email!": "The input is not valid Email!",
+    "The input is not valid phone number!": "The input is not valid phone number!",
     "To access": "To access",
     "Verification code": "Verification code",
     "WebAuthn": "WebAuthn",
@@ -751,11 +767,14 @@
     "Region endpoint for Internet": "Region endpoint for Internet",
     "Region endpoint for Intranet": "Region endpoint for Intranet",
     "Required": "Required",
+    "Reset to Default HTML": "Reset to Default HTML",
+    "Reset to Default Text": "Reset to Default Text",
     "SAML 2.0 Endpoint (HTTP)": "SAML 2.0 Endpoint (HTTP)",
     "SMS Test": "SMS Test",
     "SMS Test - Tooltip": "Phone number for sending test SMS",
     "SMS account": "SMS account",
     "SMS account - Tooltip": "SMS account",
+    "SMTP connected successfully": "SMTP connected successfully",
     "SP ACS URL": "SP ACS URL",
     "SP ACS URL - Tooltip": "SP ACS URL",
     "SP Entity ID": "SP Entity ID",

web/src/locales/id/data.json

@@ -36,12 +36,6 @@
     "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
     "Enable SAML compression": "Aktifkan kompresi SAML",
     "Enable SAML compression - Tooltip": "Apakah pesan respons SAML harus dikompres saat Casdoor digunakan sebagai SAML idp?",
-    "Enable WebAuthn signin": "Aktifkan masuk WebAuthn",
-    "Enable WebAuthn signin - Tooltip": "Apakah mengizinkan pengguna untuk masuk dengan WebAuthn",
-    "Enable code signin": "Aktifkan tanda tangan kode",
-    "Enable code signin - Tooltip": "Apakah mengizinkan pengguna untuk login dengan kode verifikasi telepon atau email",
-    "Enable password": "Aktifkan kata sandi",
-    "Enable password - Tooltip": "Apakah harus memperbolehkan pengguna untuk masuk dengan kata sandi",
     "Enable side panel": "Aktifkan panel samping",
     "Enable signin session - Tooltip": "Apakah Casdoor mempertahankan sesi setelah login ke Casdoor dari aplikasi",
     "Enable signup": "Aktifkan pendaftaran",
@@ -100,6 +94,8 @@
     "Sign Up Error": "Kesalahan Pendaftaran",
     "Signin": "Signin",
     "Signin (Default True)": "Signin (Default True)",
+    "Signin methods": "Signin methods",
+    "Signin methods - Tooltip": "Signin methods - Tooltip",
     "Signin session": "Sesi masuk",
     "Signup items": "Item pendaftaran",
     "Signup items - Tooltip": "Item-item yang harus diisi pengguna saat mendaftar untuk akun baru",
@@ -173,6 +169,7 @@
     "Admin": "Admin",
     "Affiliation URL": "URL Afiliasi",
     "Affiliation URL - Tooltip": "URL halaman depan untuk afiliasi",
+    "All": "All",
     "Application": "Aplikasi",
     "Application - Tooltip": "Application - Tooltip",
     "Applications": "Aplikasi",
@@ -214,6 +211,7 @@
     "Edit": "Mengedit",
     "Email": "Email",
     "Email - Tooltip": "Alamat email yang valid",
+    "Email only": "Email only",
     "Enable": "Enable",
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
@@ -242,6 +240,7 @@
     "ID": "ID",
     "ID - Tooltip": "Karakter acak unik",
     "Identity": "Identity",
+    "Invitations": "Invitations",
     "Is enabled": "Diaktifkan",
     "Is enabled - Tooltip": "Atur apakah itu dapat digunakan",
     "LDAPs": "LDAPs",
@@ -287,6 +286,7 @@
     "Permissions - Tooltip": "Izin dimiliki oleh pengguna ini",
     "Phone": "Telepon",
     "Phone - Tooltip": "Nomor telepon",
+    "Phone only": "Phone only",
     "Plan": "Plan",
     "Plan - Tooltip": "Plan - Tooltip",
     "Plans": "Rencana",
@@ -383,6 +383,16 @@
     "Past 30 Days": "Past 30 Days",
     "Total users": "Total users"
   },
+  "invitation": {
+    "Code": "Code",
+    "Code - Tooltip": "Code - Tooltip",
+    "Edit Invitation": "Edit Invitation",
+    "New Invitation": "New Invitation",
+    "Quota": "Quota",
+    "Quota - Tooltip": "Quota - Tooltip",
+    "Used count": "Used count",
+    "Used count - Tooltip": "Used count - Tooltip"
+  },
   "ldap": {
     "Admin": "Admin",
     "Admin - Tooltip": "CN atau ID dari administrator server LDAP",
@@ -416,6 +426,7 @@
   "login": {
     "Auto sign in": "Masuk otomatis",
     "Continue with": "Lanjutkan dengan",
+    "Email": "Email",
     "Email or phone": "Email atau telepon",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
@@ -425,7 +436,10 @@
     "MetaMask plugin not detected": "MetaMask plugin not detected",
     "No account?": "Tidak memiliki akun?",
     "Or sign in with another account": "Atau masuk dengan akun lain",
+    "Phone": "Phone",
     "Please input your Email or Phone!": "Silahkan masukkan email atau nomor telepon Anda!",
+    "Please input your Email!": "Please input your Email!",
+    "Please input your Phone!": "Please input your Phone!",
     "Please input your code!": "Silakan masukkan kode Anda!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Masukkan kata sandi Anda!",
@@ -439,6 +453,8 @@
     "Signing in...": "Masuk...",
     "Successfully logged in with WebAuthn credentials": "Berhasil masuk dengan kredensial WebAuthn",
     "The input is not valid Email or phone number!": "Input yang Anda masukkan tidak valid, tidak sesuai dengan Email atau nomor telepon!",
+    "The input is not valid Email!": "The input is not valid Email!",
+    "The input is not valid phone number!": "The input is not valid phone number!",
     "To access": "Untuk mengakses",
     "Verification code": "Kode verifikasi",
     "WebAuthn": "WebAuthn",
@@ -751,11 +767,14 @@
     "Region endpoint for Internet": "Titik akhir wilayah untuk Internet",
     "Region endpoint for Intranet": "Titik akhir wilayah untuk Intranet",
     "Required": "Dibutuhkan",
+    "Reset to Default HTML": "Reset to Default HTML",
+    "Reset to Default Text": "Reset to Default Text",
     "SAML 2.0 Endpoint (HTTP)": "Titik akhir SAML 2.0 (HTTP)",
     "SMS Test": "Pengujian SMS",
     "SMS Test - Tooltip": "Nomor telepon untuk mengirim SMS uji",
     "SMS account": "akun SMS",
     "SMS account - Tooltip": "Akun SMS",
+    "SMTP connected successfully": "SMTP connected successfully",
     "SP ACS URL": "SP ACS URL",
     "SP ACS URL - Tooltip": "SP ACS URL",
     "SP Entity ID": "Identitas Entitas SP",

web/src/locales/it/data.json

@@ -36,12 +36,6 @@
     "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
     "Enable SAML compression": "Enable SAML compression",
     "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
-    "Enable WebAuthn signin": "Enable WebAuthn signin",
-    "Enable WebAuthn signin - Tooltip": "Whether to allow users to login with WebAuthn",
-    "Enable code signin": "Enable code signin",
-    "Enable code signin - Tooltip": "Whether to allow users to login with phone or Email verification code",
-    "Enable password": "Enable password",
-    "Enable password - Tooltip": "Whether to allow users to login with password",
     "Enable side panel": "Enable side panel",
     "Enable signin session - Tooltip": "Whether Casdoor maintains a session after logging into Casdoor from the application",
     "Enable signup": "Enable signup",
@@ -100,6 +94,8 @@
     "Sign Up Error": "Sign Up Error",
     "Signin": "Signin",
     "Signin (Default True)": "Signin (Default True)",
+    "Signin methods": "Signin methods",
+    "Signin methods - Tooltip": "Signin methods - Tooltip",
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
@@ -173,6 +169,7 @@
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
     "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
+    "All": "All",
     "Application": "Application",
     "Application - Tooltip": "Application - Tooltip",
     "Applications": "Applications",
@@ -214,6 +211,7 @@
     "Edit": "Edit",
     "Email": "Email",
     "Email - Tooltip": "Valid email address",
+    "Email only": "Email only",
     "Enable": "Enable",
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
@@ -242,6 +240,7 @@
     "ID": "ID",
     "ID - Tooltip": "Unique random string",
     "Identity": "Identity",
+    "Invitations": "Invitations",
     "Is enabled": "Is enabled",
     "Is enabled - Tooltip": "Set whether it can use",
     "LDAPs": "LDAPs",
@@ -287,6 +286,7 @@
     "Permissions - Tooltip": "Permissions owned by this user",
     "Phone": "Phone",
     "Phone - Tooltip": "Phone number",
+    "Phone only": "Phone only",
     "Plan": "Plan",
     "Plan - Tooltip": "Plan - Tooltip",
     "Plans": "Plans",
@@ -383,6 +383,16 @@
     "Past 30 Days": "Past 30 Days",
     "Total users": "Total users"
   },
+  "invitation": {
+    "Code": "Code",
+    "Code - Tooltip": "Code - Tooltip",
+    "Edit Invitation": "Edit Invitation",
+    "New Invitation": "New Invitation",
+    "Quota": "Quota",
+    "Quota - Tooltip": "Quota - Tooltip",
+    "Used count": "Used count",
+    "Used count - Tooltip": "Used count - Tooltip"
+  },
   "ldap": {
     "Admin": "Admin",
     "Admin - Tooltip": "CN or ID of the LDAP server administrator",
@@ -416,6 +426,7 @@
   "login": {
     "Auto sign in": "Auto sign in",
     "Continue with": "Continue with",
+    "Email": "Email",
     "Email or phone": "Email or phone",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
@@ -425,7 +436,10 @@
     "MetaMask plugin not detected": "MetaMask plugin not detected",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
+    "Phone": "Phone",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
+    "Please input your Email!": "Please input your Email!",
+    "Please input your Phone!": "Please input your Phone!",
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
@@ -439,6 +453,8 @@
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
+    "The input is not valid Email!": "The input is not valid Email!",
+    "The input is not valid phone number!": "The input is not valid phone number!",
     "To access": "To access",
     "Verification code": "Verification code",
     "WebAuthn": "WebAuthn",
@@ -751,11 +767,14 @@
     "Region endpoint for Internet": "Region endpoint for Internet",
     "Region endpoint for Intranet": "Region endpoint for Intranet",
     "Required": "Required",
+    "Reset to Default HTML": "Reset to Default HTML",
+    "Reset to Default Text": "Reset to Default Text",
     "SAML 2.0 Endpoint (HTTP)": "SAML 2.0 Endpoint (HTTP)",
     "SMS Test": "SMS Test",
     "SMS Test - Tooltip": "Phone number for sending test SMS",
     "SMS account": "SMS account",
     "SMS account - Tooltip": "SMS account",
+    "SMTP connected successfully": "SMTP connected successfully",
     "SP ACS URL": "SP ACS URL",
     "SP ACS URL - Tooltip": "SP ACS URL",
     "SP Entity ID": "SP Entity ID",

web/src/locales/ja/data.json

@@ -36,12 +36,6 @@
     "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
     "Enable SAML compression": "SAMLの圧縮を有効にする",
     "Enable SAML compression - Tooltip": "CasdoorをSAML IdPとして使用する場合、SAMLレスポンスメッセージを圧縮するかどうか。圧縮する: 圧縮するかどうか。圧縮しない: 圧縮しないかどうか",
-    "Enable WebAuthn signin": "WebAuthnのサインインを可能にする",
-    "Enable WebAuthn signin - Tooltip": "WebAuthnでのユーザーログインを許可するかどうか",
-    "Enable code signin": "コード署名の有効化",
-    "Enable code signin - Tooltip": "ユーザーが電話番号やメールの確認コードでログインできるかどうかを許可するかどうか",
-    "Enable password": "パスワードを有効にする",
-    "Enable password - Tooltip": "パスワードでのユーザーログインを許可するかどうか",
     "Enable side panel": "サイドパネルを有効にする",
     "Enable signin session - Tooltip": "アプリケーションから Casdoor にログイン後、Casdoor がセッションを維持しているかどうか",
     "Enable signup": "サインアップを有効にする",
@@ -100,6 +94,8 @@
     "Sign Up Error": "サインアップエラー",
     "Signin": "Signin",
     "Signin (Default True)": "Signin (Default True)",
+    "Signin methods": "Signin methods",
+    "Signin methods - Tooltip": "Signin methods - Tooltip",
     "Signin session": "サインインセッション",
     "Signup items": "サインアップアイテム",
     "Signup items - Tooltip": "新しいアカウントを登録する際にユーザーが入力するアイテム",
@@ -173,6 +169,7 @@
     "Admin": "Admin",
     "Affiliation URL": "所属するURL",
     "Affiliation URL - Tooltip": "所属先のホームページURL",
+    "All": "All",
     "Application": "アプリケーション",
     "Application - Tooltip": "Application - Tooltip",
     "Applications": "アプリケーション",
@@ -214,6 +211,7 @@
     "Edit": "編集",
     "Email": "電子メール",
     "Email - Tooltip": "有効な電子メールアドレス",
+    "Email only": "Email only",
     "Enable": "Enable",
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
@@ -242,6 +240,7 @@
     "ID": "ID",
     "ID - Tooltip": "ユニークなランダム文字列",
     "Identity": "Identity",
+    "Invitations": "Invitations",
     "Is enabled": "可能になっています",
     "Is enabled - Tooltip": "使用可能かどうかを設定してください",
     "LDAPs": "LDAP",
@@ -287,6 +286,7 @@
     "Permissions - Tooltip": "このユーザーが所有する権限",
     "Phone": "電話",
     "Phone - Tooltip": "電話番号",
+    "Phone only": "Phone only",
     "Plan": "Plan",
     "Plan - Tooltip": "Plan - Tooltip",
     "Plans": "プラン",
@@ -383,6 +383,16 @@
     "Past 30 Days": "Past 30 Days",
     "Total users": "Total users"
   },
+  "invitation": {
+    "Code": "Code",
+    "Code - Tooltip": "Code - Tooltip",
+    "Edit Invitation": "Edit Invitation",
+    "New Invitation": "New Invitation",
+    "Quota": "Quota",
+    "Quota - Tooltip": "Quota - Tooltip",
+    "Used count": "Used count",
+    "Used count - Tooltip": "Used count - Tooltip"
+  },
   "ldap": {
     "Admin": "管理者",
     "Admin - Tooltip": "LDAPサーバー管理者のCNまたはID",
@@ -416,6 +426,7 @@
   "login": {
     "Auto sign in": "自動サインイン",
     "Continue with": "続ける",
+    "Email": "Email",
     "Email or phone": "メールまたは電話",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
@@ -425,7 +436,10 @@
     "MetaMask plugin not detected": "MetaMask plugin not detected",
     "No account?": "アカウントがありませんか？",
     "Or sign in with another account": "別のアカウントでサインインする",
+    "Phone": "Phone",
     "Please input your Email or Phone!": "あなたのメールアドレスまたは電話番号を入力してください！",
+    "Please input your Email!": "Please input your Email!",
+    "Please input your Phone!": "Please input your Phone!",
     "Please input your code!": "あなたのコードを入力してください！",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "パスワードを入力してください！",
@@ -439,6 +453,8 @@
     "Signing in...": "サインイン中...",
     "Successfully logged in with WebAuthn credentials": "WebAuthnの認証情報で正常にログインしました",
     "The input is not valid Email or phone number!": "入力されたのは有効なメールアドレスまたは電話番号ではありません",
+    "The input is not valid Email!": "The input is not valid Email!",
+    "The input is not valid phone number!": "The input is not valid phone number!",
     "To access": "アクセスする",
     "Verification code": "確認コード",
     "WebAuthn": "WebAuthn",
@@ -751,11 +767,14 @@
     "Region endpoint for Internet": "インターネットのリージョンエンドポイント",
     "Region endpoint for Intranet": "Intranetの地域エンドポイント",
     "Required": "必要です",
+    "Reset to Default HTML": "Reset to Default HTML",
+    "Reset to Default Text": "Reset to Default Text",
     "SAML 2.0 Endpoint (HTTP)": "SAML 2.0 エンドポイント（HTTP）",
     "SMS Test": "SMSテスト",
     "SMS Test - Tooltip": "テストSMSの送信先電話番号",
     "SMS account": "SMSアカウント",
     "SMS account - Tooltip": "SMSアカウント",
+    "SMTP connected successfully": "SMTP connected successfully",
     "SP ACS URL": "SP ACS URL",
     "SP ACS URL - Tooltip": "SP ACS URL - ツールチップ",
     "SP Entity ID": "SPエンティティID",

web/src/locales/kk/data.json

@@ -36,12 +36,6 @@
     "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
     "Enable SAML compression": "Enable SAML compression",
     "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
-    "Enable WebAuthn signin": "Enable WebAuthn signin",
-    "Enable WebAuthn signin - Tooltip": "Whether to allow users to login with WebAuthn",
-    "Enable code signin": "Enable code signin",
-    "Enable code signin - Tooltip": "Whether to allow users to login with phone or Email verification code",
-    "Enable password": "Enable password",
-    "Enable password - Tooltip": "Whether to allow users to login with password",
     "Enable side panel": "Enable side panel",
     "Enable signin session - Tooltip": "Whether Casdoor maintains a session after logging into Casdoor from the application",
     "Enable signup": "Enable signup",
@@ -100,6 +94,8 @@
     "Sign Up Error": "Sign Up Error",
     "Signin": "Signin",
     "Signin (Default True)": "Signin (Default True)",
+    "Signin methods": "Signin methods",
+    "Signin methods - Tooltip": "Signin methods - Tooltip",
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
@@ -173,6 +169,7 @@
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
     "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
+    "All": "All",
     "Application": "Application",
     "Application - Tooltip": "Application - Tooltip",
     "Applications": "Applications",
@@ -214,6 +211,7 @@
     "Edit": "Edit",
     "Email": "Email",
     "Email - Tooltip": "Valid email address",
+    "Email only": "Email only",
     "Enable": "Enable",
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
@@ -242,6 +240,7 @@
     "ID": "ID",
     "ID - Tooltip": "Unique random string",
     "Identity": "Identity",
+    "Invitations": "Invitations",
     "Is enabled": "Is enabled",
     "Is enabled - Tooltip": "Set whether it can use",
     "LDAPs": "LDAPs",
@@ -287,6 +286,7 @@
     "Permissions - Tooltip": "Permissions owned by this user",
     "Phone": "Phone",
     "Phone - Tooltip": "Phone number",
+    "Phone only": "Phone only",
     "Plan": "Plan",
     "Plan - Tooltip": "Plan - Tooltip",
     "Plans": "Plans",
@@ -383,6 +383,16 @@
     "Past 30 Days": "Past 30 Days",
     "Total users": "Total users"
   },
+  "invitation": {
+    "Code": "Code",
+    "Code - Tooltip": "Code - Tooltip",
+    "Edit Invitation": "Edit Invitation",
+    "New Invitation": "New Invitation",
+    "Quota": "Quota",
+    "Quota - Tooltip": "Quota - Tooltip",
+    "Used count": "Used count",
+    "Used count - Tooltip": "Used count - Tooltip"
+  },
   "ldap": {
     "Admin": "Admin",
     "Admin - Tooltip": "CN or ID of the LDAP server administrator",
@@ -416,6 +426,7 @@
   "login": {
     "Auto sign in": "Auto sign in",
     "Continue with": "Continue with",
+    "Email": "Email",
     "Email or phone": "Email or phone",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
@@ -425,7 +436,10 @@
     "MetaMask plugin not detected": "MetaMask plugin not detected",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
+    "Phone": "Phone",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
+    "Please input your Email!": "Please input your Email!",
+    "Please input your Phone!": "Please input your Phone!",
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
@@ -439,6 +453,8 @@
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
+    "The input is not valid Email!": "The input is not valid Email!",
+    "The input is not valid phone number!": "The input is not valid phone number!",
     "To access": "To access",
     "Verification code": "Verification code",
     "WebAuthn": "WebAuthn",
@@ -751,11 +767,14 @@
     "Region endpoint for Internet": "Region endpoint for Internet",
     "Region endpoint for Intranet": "Region endpoint for Intranet",
     "Required": "Required",
+    "Reset to Default HTML": "Reset to Default HTML",
+    "Reset to Default Text": "Reset to Default Text",
     "SAML 2.0 Endpoint (HTTP)": "SAML 2.0 Endpoint (HTTP)",
     "SMS Test": "SMS Test",
     "SMS Test - Tooltip": "Phone number for sending test SMS",
     "SMS account": "SMS account",
     "SMS account - Tooltip": "SMS account",
+    "SMTP connected successfully": "SMTP connected successfully",
     "SP ACS URL": "SP ACS URL",
     "SP ACS URL - Tooltip": "SP ACS URL",
     "SP Entity ID": "SP Entity ID",

web/src/locales/ko/data.json

@@ -36,12 +36,6 @@
     "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
     "Enable SAML compression": "SAML 압축 사용 가능하게 설정하기",
     "Enable SAML compression - Tooltip": "카스도어가 SAML idp로 사용될 때 SAML 응답 메시지를 압축할 것인지 여부",
-    "Enable WebAuthn signin": "WebAuthn 로그인 기능 활성화",
-    "Enable WebAuthn signin - Tooltip": "웹 인증을 사용하여 사용자가 로그인할 수 있는지 여부",
-    "Enable code signin": "코드 서명 활성화",
-    "Enable code signin - Tooltip": "사용자가 전화번호 또는 이메일 인증 코드로 로그인하는 것을 허용할지 여부",
-    "Enable password": "비밀번호 사용 활성화",
-    "Enable password - Tooltip": "비밀번호로 로그인하도록 사용자에게 허용할지 여부",
     "Enable side panel": "측면 패널 활성화",
     "Enable signin session - Tooltip": "애플리케이션에서 Casdoor에 로그인 한 후 Casdoor가 세션을 유지하는 지 여부",
     "Enable signup": "가입 가능하게 만들기",
@@ -100,6 +94,8 @@
     "Sign Up Error": "가입 오류",
     "Signin": "Signin",
     "Signin (Default True)": "Signin (Default True)",
+    "Signin methods": "Signin methods",
+    "Signin methods - Tooltip": "Signin methods - Tooltip",
     "Signin session": "로그인 세션",
     "Signup items": "가입 항목",
     "Signup items - Tooltip": "새로운 계정 등록시 사용자가 작성해야하는 항목들",
@@ -173,6 +169,7 @@
     "Admin": "Admin",
     "Affiliation URL": "소속 URL",
     "Affiliation URL - Tooltip": "소속 홈페이지 URL",
+    "All": "All",
     "Application": "응용 프로그램",
     "Application - Tooltip": "Application - Tooltip",
     "Applications": "응용 프로그램",
@@ -214,6 +211,7 @@
     "Edit": "편집",
     "Email": "이메일",
     "Email - Tooltip": "유효한 이메일 주소",
+    "Email only": "Email only",
     "Enable": "Enable",
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
@@ -242,6 +240,7 @@
     "ID": "ID",
     "ID - Tooltip": "유일한 랜덤 문자열",
     "Identity": "Identity",
+    "Invitations": "Invitations",
     "Is enabled": "활성화됩니다",
     "Is enabled - Tooltip": "사용 가능한 지 여부를 설정하세요",
     "LDAPs": "LDAPs",
@@ -287,6 +286,7 @@
     "Permissions - Tooltip": "이 사용자가 소유한 권한",
     "Phone": "전화기",
     "Phone - Tooltip": "전화 번호",
+    "Phone only": "Phone only",
     "Plan": "Plan",
     "Plan - Tooltip": "Plan - Tooltip",
     "Plans": "플랜",
@@ -383,6 +383,16 @@
     "Past 30 Days": "Past 30 Days",
     "Total users": "Total users"
   },
+  "invitation": {
+    "Code": "Code",
+    "Code - Tooltip": "Code - Tooltip",
+    "Edit Invitation": "Edit Invitation",
+    "New Invitation": "New Invitation",
+    "Quota": "Quota",
+    "Quota - Tooltip": "Quota - Tooltip",
+    "Used count": "Used count",
+    "Used count - Tooltip": "Used count - Tooltip"
+  },
   "ldap": {
     "Admin": "Admin",
     "Admin - Tooltip": "LDAP 서버 관리자의 CN 또는 ID",
@@ -416,6 +426,7 @@
   "login": {
     "Auto sign in": "자동 로그인",
     "Continue with": "계속하다",
+    "Email": "Email",
     "Email or phone": "이메일 또는 전화",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
@@ -425,7 +436,10 @@
     "MetaMask plugin not detected": "MetaMask plugin not detected",
     "No account?": "계정이 없나요?",
     "Or sign in with another account": "다른 계정으로 로그인하세요",
+    "Phone": "Phone",
     "Please input your Email or Phone!": "이메일 또는 전화번호를 입력해주세요!",
+    "Please input your Email!": "Please input your Email!",
+    "Please input your Phone!": "Please input your Phone!",
     "Please input your code!": "코드를 입력해주세요!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "비밀번호를 입력해주세요!",
@@ -439,6 +453,8 @@
     "Signing in...": "로그인 중...",
     "Successfully logged in with WebAuthn credentials": "WebAuthn 자격 증명으로 로그인 성공적으로 수행했습니다",
     "The input is not valid Email or phone number!": "입력한 값은 유효한 이메일 또는 전화번호가 아닙니다!",
+    "The input is not valid Email!": "The input is not valid Email!",
+    "The input is not valid phone number!": "The input is not valid phone number!",
     "To access": "접근하다",
     "Verification code": "인증 코드",
     "WebAuthn": "WebAuthn",
@@ -751,11 +767,14 @@
     "Region endpoint for Internet": "인터넷 지역 엔드포인트",
     "Region endpoint for Intranet": "인트라넷의 지역 엔드포인트",
     "Required": "필요한",
+    "Reset to Default HTML": "Reset to Default HTML",
+    "Reset to Default Text": "Reset to Default Text",
     "SAML 2.0 Endpoint (HTTP)": "SAML 2.0 엔드포인트 (HTTP)",
     "SMS Test": "SMS 테스트",
     "SMS Test - Tooltip": "테스트 SMS를 보내는 전화번호",
     "SMS account": "SMS 계정",
     "SMS account - Tooltip": "SMS 계정",
+    "SMTP connected successfully": "SMTP connected successfully",
     "SP ACS URL": "SP ACS URL",
     "SP ACS URL - Tooltip": "SP ACS URL - Tooltip",
     "SP Entity ID": "SP 개체 ID",

web/src/locales/ms/data.json

@@ -36,12 +36,6 @@
     "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
     "Enable SAML compression": "Enable SAML compression",
     "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
-    "Enable WebAuthn signin": "Enable WebAuthn signin",
-    "Enable WebAuthn signin - Tooltip": "Whether to allow users to login with WebAuthn",
-    "Enable code signin": "Enable code signin",
-    "Enable code signin - Tooltip": "Whether to allow users to login with phone or Email verification code",
-    "Enable password": "Enable password",
-    "Enable password - Tooltip": "Whether to allow users to login with password",
     "Enable side panel": "Enable side panel",
     "Enable signin session - Tooltip": "Whether Casdoor maintains a session after logging into Casdoor from the application",
     "Enable signup": "Enable signup",
@@ -100,6 +94,8 @@
     "Sign Up Error": "Sign Up Error",
     "Signin": "Signin",
     "Signin (Default True)": "Signin (Default True)",
+    "Signin methods": "Signin methods",
+    "Signin methods - Tooltip": "Signin methods - Tooltip",
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
@@ -173,6 +169,7 @@
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
     "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
+    "All": "All",
     "Application": "Application",
     "Application - Tooltip": "Application - Tooltip",
     "Applications": "Applications",
@@ -214,6 +211,7 @@
     "Edit": "Edit",
     "Email": "Email",
     "Email - Tooltip": "Valid email address",
+    "Email only": "Email only",
     "Enable": "Enable",
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
@@ -242,6 +240,7 @@
     "ID": "ID",
     "ID - Tooltip": "Unique random string",
     "Identity": "Identity",
+    "Invitations": "Invitations",
     "Is enabled": "Is enabled",
     "Is enabled - Tooltip": "Set whether it can use",
     "LDAPs": "LDAPs",
@@ -287,6 +286,7 @@
     "Permissions - Tooltip": "Permissions owned by this user",
     "Phone": "Phone",
     "Phone - Tooltip": "Phone number",
+    "Phone only": "Phone only",
     "Plan": "Plan",
     "Plan - Tooltip": "Plan - Tooltip",
     "Plans": "Plans",
@@ -383,6 +383,16 @@
     "Past 30 Days": "Past 30 Days",
     "Total users": "Total users"
   },
+  "invitation": {
+    "Code": "Code",
+    "Code - Tooltip": "Code - Tooltip",
+    "Edit Invitation": "Edit Invitation",
+    "New Invitation": "New Invitation",
+    "Quota": "Quota",
+    "Quota - Tooltip": "Quota - Tooltip",
+    "Used count": "Used count",
+    "Used count - Tooltip": "Used count - Tooltip"
+  },
   "ldap": {
     "Admin": "Admin",
     "Admin - Tooltip": "CN or ID of the LDAP server administrator",
@@ -416,6 +426,7 @@
   "login": {
     "Auto sign in": "Auto sign in",
     "Continue with": "Continue with",
+    "Email": "Email",
     "Email or phone": "Email or phone",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
@@ -425,7 +436,10 @@
     "MetaMask plugin not detected": "MetaMask plugin not detected",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
+    "Phone": "Phone",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
+    "Please input your Email!": "Please input your Email!",
+    "Please input your Phone!": "Please input your Phone!",
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
@@ -439,6 +453,8 @@
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
+    "The input is not valid Email!": "The input is not valid Email!",
+    "The input is not valid phone number!": "The input is not valid phone number!",
     "To access": "To access",
     "Verification code": "Verification code",
     "WebAuthn": "WebAuthn",
@@ -751,11 +767,14 @@
     "Region endpoint for Internet": "Region endpoint for Internet",
     "Region endpoint for Intranet": "Region endpoint for Intranet",
     "Required": "Required",
+    "Reset to Default HTML": "Reset to Default HTML",
+    "Reset to Default Text": "Reset to Default Text",
     "SAML 2.0 Endpoint (HTTP)": "SAML 2.0 Endpoint (HTTP)",
     "SMS Test": "SMS Test",
     "SMS Test - Tooltip": "Phone number for sending test SMS",
     "SMS account": "SMS account",
     "SMS account - Tooltip": "SMS account",
+    "SMTP connected successfully": "SMTP connected successfully",
     "SP ACS URL": "SP ACS URL",
     "SP ACS URL - Tooltip": "SP ACS URL",
     "SP Entity ID": "SP Entity ID",

web/src/locales/nl/data.json

@@ -36,12 +36,6 @@
     "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
     "Enable SAML compression": "Enable SAML compression",
     "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
-    "Enable WebAuthn signin": "Enable WebAuthn signin",
-    "Enable WebAuthn signin - Tooltip": "Whether to allow users to login with WebAuthn",
-    "Enable code signin": "Enable code signin",
-    "Enable code signin - Tooltip": "Whether to allow users to login with phone or Email verification code",
-    "Enable password": "Enable password",
-    "Enable password - Tooltip": "Whether to allow users to login with password",
     "Enable side panel": "Enable side panel",
     "Enable signin session - Tooltip": "Whether Casdoor maintains a session after logging into Casdoor from the application",
     "Enable signup": "Enable signup",
@@ -100,6 +94,8 @@
     "Sign Up Error": "Sign Up Error",
     "Signin": "Signin",
     "Signin (Default True)": "Signin (Default True)",
+    "Signin methods": "Signin methods",
+    "Signin methods - Tooltip": "Signin methods - Tooltip",
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
@@ -173,6 +169,7 @@
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
     "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
+    "All": "All",
     "Application": "Application",
     "Application - Tooltip": "Application - Tooltip",
     "Applications": "Applications",
@@ -214,6 +211,7 @@
     "Edit": "Edit",
     "Email": "Email",
     "Email - Tooltip": "Valid email address",
+    "Email only": "Email only",
     "Enable": "Enable",
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
@@ -242,6 +240,7 @@
     "ID": "ID",
     "ID - Tooltip": "Unique random string",
     "Identity": "Identity",
+    "Invitations": "Invitations",
     "Is enabled": "Is enabled",
     "Is enabled - Tooltip": "Set whether it can use",
     "LDAPs": "LDAPs",
@@ -287,6 +286,7 @@
     "Permissions - Tooltip": "Permissions owned by this user",
     "Phone": "Phone",
     "Phone - Tooltip": "Phone number",
+    "Phone only": "Phone only",
     "Plan": "Plan",
     "Plan - Tooltip": "Plan - Tooltip",
     "Plans": "Plans",
@@ -383,6 +383,16 @@
     "Past 30 Days": "Past 30 Days",
     "Total users": "Total users"
   },
+  "invitation": {
+    "Code": "Code",
+    "Code - Tooltip": "Code - Tooltip",
+    "Edit Invitation": "Edit Invitation",
+    "New Invitation": "New Invitation",
+    "Quota": "Quota",
+    "Quota - Tooltip": "Quota - Tooltip",
+    "Used count": "Used count",
+    "Used count - Tooltip": "Used count - Tooltip"
+  },
   "ldap": {
     "Admin": "Admin",
     "Admin - Tooltip": "CN or ID of the LDAP server administrator",
@@ -416,6 +426,7 @@
   "login": {
     "Auto sign in": "Auto sign in",
     "Continue with": "Continue with",
+    "Email": "Email",
     "Email or phone": "Email or phone",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
@@ -425,7 +436,10 @@
     "MetaMask plugin not detected": "MetaMask plugin not detected",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
+    "Phone": "Phone",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
+    "Please input your Email!": "Please input your Email!",
+    "Please input your Phone!": "Please input your Phone!",
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
@@ -439,6 +453,8 @@
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
+    "The input is not valid Email!": "The input is not valid Email!",
+    "The input is not valid phone number!": "The input is not valid phone number!",
     "To access": "To access",
     "Verification code": "Verification code",
     "WebAuthn": "WebAuthn",
@@ -751,11 +767,14 @@
     "Region endpoint for Internet": "Region endpoint for Internet",
     "Region endpoint for Intranet": "Region endpoint for Intranet",
     "Required": "Required",
+    "Reset to Default HTML": "Reset to Default HTML",
+    "Reset to Default Text": "Reset to Default Text",
     "SAML 2.0 Endpoint (HTTP)": "SAML 2.0 Endpoint (HTTP)",
     "SMS Test": "SMS Test",
     "SMS Test - Tooltip": "Phone number for sending test SMS",
     "SMS account": "SMS account",
     "SMS account - Tooltip": "SMS account",
+    "SMTP connected successfully": "SMTP connected successfully",
     "SP ACS URL": "SP ACS URL",
     "SP ACS URL - Tooltip": "SP ACS URL",
     "SP Entity ID": "SP Entity ID",

web/src/locales/pl/data.json

@@ -36,12 +36,6 @@
     "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
     "Enable SAML compression": "Enable SAML compression",
     "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
-    "Enable WebAuthn signin": "Enable WebAuthn signin",
-    "Enable WebAuthn signin - Tooltip": "Whether to allow users to login with WebAuthn",
-    "Enable code signin": "Enable code signin",
-    "Enable code signin - Tooltip": "Whether to allow users to login with phone or Email verification code",
-    "Enable password": "Enable password",
-    "Enable password - Tooltip": "Whether to allow users to login with password",
     "Enable side panel": "Enable side panel",
     "Enable signin session - Tooltip": "Whether Casdoor maintains a session after logging into Casdoor from the application",
     "Enable signup": "Enable signup",
@@ -100,6 +94,8 @@
     "Sign Up Error": "Sign Up Error",
     "Signin": "Signin",
     "Signin (Default True)": "Signin (Default True)",
+    "Signin methods": "Signin methods",
+    "Signin methods - Tooltip": "Signin methods - Tooltip",
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
@@ -173,6 +169,7 @@
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
     "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
+    "All": "All",
     "Application": "Application",
     "Application - Tooltip": "Application - Tooltip",
     "Applications": "Applications",
@@ -214,6 +211,7 @@
     "Edit": "Edit",
     "Email": "Email",
     "Email - Tooltip": "Valid email address",
+    "Email only": "Email only",
     "Enable": "Enable",
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
@@ -242,6 +240,7 @@
     "ID": "ID",
     "ID - Tooltip": "Unique random string",
     "Identity": "Identity",
+    "Invitations": "Invitations",
     "Is enabled": "Is enabled",
     "Is enabled - Tooltip": "Set whether it can use",
     "LDAPs": "LDAPs",
@@ -287,6 +286,7 @@
     "Permissions - Tooltip": "Permissions owned by this user",
     "Phone": "Phone",
     "Phone - Tooltip": "Phone number",
+    "Phone only": "Phone only",
     "Plan": "Plan",
     "Plan - Tooltip": "Plan - Tooltip",
     "Plans": "Plans",
@@ -383,6 +383,16 @@
     "Past 30 Days": "Past 30 Days",
     "Total users": "Total users"
   },
+  "invitation": {
+    "Code": "Code",
+    "Code - Tooltip": "Code - Tooltip",
+    "Edit Invitation": "Edit Invitation",
+    "New Invitation": "New Invitation",
+    "Quota": "Quota",
+    "Quota - Tooltip": "Quota - Tooltip",
+    "Used count": "Used count",
+    "Used count - Tooltip": "Used count - Tooltip"
+  },
   "ldap": {
     "Admin": "Admin",
     "Admin - Tooltip": "CN or ID of the LDAP server administrator",
@@ -416,6 +426,7 @@
   "login": {
     "Auto sign in": "Auto sign in",
     "Continue with": "Continue with",
+    "Email": "Email",
     "Email or phone": "Email or phone",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
@@ -425,7 +436,10 @@
     "MetaMask plugin not detected": "MetaMask plugin not detected",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
+    "Phone": "Phone",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
+    "Please input your Email!": "Please input your Email!",
+    "Please input your Phone!": "Please input your Phone!",
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
@@ -439,6 +453,8 @@
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
+    "The input is not valid Email!": "The input is not valid Email!",
+    "The input is not valid phone number!": "The input is not valid phone number!",
     "To access": "To access",
     "Verification code": "Verification code",
     "WebAuthn": "WebAuthn",
@@ -751,11 +767,14 @@
     "Region endpoint for Internet": "Region endpoint for Internet",
     "Region endpoint for Intranet": "Region endpoint for Intranet",
     "Required": "Required",
+    "Reset to Default HTML": "Reset to Default HTML",
+    "Reset to Default Text": "Reset to Default Text",
     "SAML 2.0 Endpoint (HTTP)": "SAML 2.0 Endpoint (HTTP)",
     "SMS Test": "SMS Test",
     "SMS Test - Tooltip": "Phone number for sending test SMS",
     "SMS account": "SMS account",
     "SMS account - Tooltip": "SMS account",
+    "SMTP connected successfully": "SMTP connected successfully",
     "SP ACS URL": "SP ACS URL",
     "SP ACS URL - Tooltip": "SP ACS URL",
     "SP Entity ID": "SP Entity ID",

web/src/locales/pt/data.json

@@ -36,12 +36,6 @@
     "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
     "Enable SAML compression": "Ativar compressão SAML",
     "Enable SAML compression - Tooltip": "Se deve comprimir as mensagens de resposta SAML quando o Casdoor é usado como provedor de identidade SAML",
-    "Enable WebAuthn signin": "Ativar login WebAuthn",
-    "Enable WebAuthn signin - Tooltip": "Se permite que os usuários façam login com WebAuthn",
-    "Enable code signin": "Ativar login com código",
-    "Enable code signin - Tooltip": "Se permite que os usuários façam login com código de verificação de telefone ou e-mail",
-    "Enable password": "Ativar senha",
-    "Enable password - Tooltip": "Se permite que os usuários façam login com senha",
     "Enable side panel": "Ativar painel lateral",
     "Enable signin session - Tooltip": "Se o Casdoor mantém uma sessão depois de fazer login no Casdoor a partir da aplicação",
     "Enable signup": "Ativar registro",
@@ -100,6 +94,8 @@
     "Sign Up Error": "Erro ao Registrar",
     "Signin": "Login",
     "Signin (Default True)": "Login (Padrão Verdadeiro)",
+    "Signin methods": "Signin methods",
+    "Signin methods - Tooltip": "Signin methods - Tooltip",
     "Signin session": "Sessão de login",
     "Signup items": "Itens de registro",
     "Signup items - Tooltip": "Itens para os usuários preencherem ao registrar novas contas",
@@ -173,6 +169,7 @@
     "Admin": "Admin",
     "Affiliation URL": "URL da Afiliação",
     "Affiliation URL - Tooltip": "A URL da página inicial para a afiliação",
+    "All": "All",
     "Application": "Aplicação",
     "Application - Tooltip": "Application - Tooltip",
     "Applications": "Aplicações",
@@ -214,6 +211,7 @@
     "Edit": "Editar",
     "Email": "E-mail",
     "Email - Tooltip": "Endereço de e-mail válido",
+    "Email only": "Email only",
     "Enable": "Habilitar",
     "Enabled": "Habilitado",
     "Enabled successfully": "Habilitado com sucesso",
@@ -242,6 +240,7 @@
     "ID": "ID",
     "ID - Tooltip": "String única aleatória",
     "Identity": "Identity",
+    "Invitations": "Invitations",
     "Is enabled": "Está habilitado",
     "Is enabled - Tooltip": "Define se está habilitado",
     "LDAPs": "LDAPs",
@@ -287,6 +286,7 @@
     "Permissions - Tooltip": "Permissões pertencentes a este usuário",
     "Phone": "Telefone",
     "Phone - Tooltip": "Número de telefone",
+    "Phone only": "Phone only",
     "Plan": "Plan",
     "Plan - Tooltip": "Plan - Tooltip",
     "Plans": "Kế hoạch",
@@ -383,6 +383,16 @@
     "Past 30 Days": "Past 30 Days",
     "Total users": "Total users"
   },
+  "invitation": {
+    "Code": "Code",
+    "Code - Tooltip": "Code - Tooltip",
+    "Edit Invitation": "Edit Invitation",
+    "New Invitation": "New Invitation",
+    "Quota": "Quota",
+    "Quota - Tooltip": "Quota - Tooltip",
+    "Used count": "Used count",
+    "Used count - Tooltip": "Used count - Tooltip"
+  },
   "ldap": {
     "Admin": "Administrador",
     "Admin - Tooltip": "CN ou ID do administrador do servidor LDAP",
@@ -416,6 +426,7 @@
   "login": {
     "Auto sign in": "Entrar automaticamente",
     "Continue with": "Continuar com",
+    "Email": "Email",
     "Email or phone": "Email ou telefone",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
@@ -425,7 +436,10 @@
     "MetaMask plugin not detected": "MetaMask plugin not detected",
     "No account?": "Não possui uma conta?",
     "Or sign in with another account": "Ou entre com outra conta",
+    "Phone": "Phone",
     "Please input your Email or Phone!": "Por favor, informe seu email ou telefone!",
+    "Please input your Email!": "Please input your Email!",
+    "Please input your Phone!": "Please input your Phone!",
     "Please input your code!": "Por favor, informe o código!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Por favor, informe sua senha!",
@@ -439,6 +453,8 @@
     "Signing in...": "Entrando...",
     "Successfully logged in with WebAuthn credentials": "Logado com sucesso usando credenciais WebAuthn",
     "The input is not valid Email or phone number!": "O valor inserido não é um email ou número de telefone válido!",
+    "The input is not valid Email!": "The input is not valid Email!",
+    "The input is not valid phone number!": "The input is not valid phone number!",
     "To access": "Para acessar",
     "Verification code": "Código de verificação",
     "WebAuthn": "WebAuthn",
@@ -751,11 +767,14 @@
     "Region endpoint for Internet": "Endpoint da região para a Internet",
     "Region endpoint for Intranet": "Endpoint da região para Intranet",
     "Required": "Obrigatório",
+    "Reset to Default HTML": "Reset to Default HTML",
+    "Reset to Default Text": "Reset to Default Text",
     "SAML 2.0 Endpoint (HTTP)": "Ponto de extremidade SAML 2.0 (HTTP)",
     "SMS Test": "Teste de SMS",
     "SMS Test - Tooltip": "Número de telefone para enviar SMS de teste",
     "SMS account": "Conta SMS",
     "SMS account - Tooltip": "Conta SMS",
+    "SMTP connected successfully": "SMTP connected successfully",
     "SP ACS URL": "URL SP ACS",
     "SP ACS URL - Tooltip": "URL SP ACS",
     "SP Entity ID": "ID da Entidade SP",

web/src/locales/ru/data.json

@@ -36,12 +36,6 @@
     "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
     "Enable SAML compression": "Включите сжатие SAML",
     "Enable SAML compression - Tooltip": "Нужно ли сжимать сообщения ответа SAML при использовании Casdoor в качестве SAML-идентификатора",
-    "Enable WebAuthn signin": "Активировать вход в систему с помощью WebAuthn",
-    "Enable WebAuthn signin - Tooltip": "Разрешить ли пользователям входить с помощью WebAuthn",
-    "Enable code signin": "Включить подпись кода",
-    "Enable code signin - Tooltip": "Разрешить пользователям входить с помощью кода подтверждения телефона или электронной почты?",
-    "Enable password": "Активировать пароль",
-    "Enable password - Tooltip": "Разрешить пользователям входить в систему с помощью пароля",
     "Enable side panel": "Включить боковую панель",
     "Enable signin session - Tooltip": "Будет ли сохранена сессия в Casdoor после входа в него из приложения?",
     "Enable signup": "Включить регистрацию",
@@ -100,6 +94,8 @@
     "Sign Up Error": "Ошибка при регистрации",
     "Signin": "Signin",
     "Signin (Default True)": "Signin (Default True)",
+    "Signin methods": "Signin methods",
+    "Signin methods - Tooltip": "Signin methods - Tooltip",
     "Signin session": "Сессия входа в систему",
     "Signup items": "Элементы регистрации",
     "Signup items - Tooltip": "Элементы, которые пользователи должны заполнить при регистрации новых аккаунтов",
@@ -173,6 +169,7 @@
     "Admin": "Admin",
     "Affiliation URL": "URL принадлежности",
     "Affiliation URL - Tooltip": "URL домашней страницы для аффилированности",
+    "All": "All",
     "Application": "Приложение",
     "Application - Tooltip": "Application - Tooltip",
     "Applications": "Приложения",
@@ -214,6 +211,7 @@
     "Edit": "Редактировать",
     "Email": "Электронная почта",
     "Email - Tooltip": "Действительный адрес электронной почты",
+    "Email only": "Email only",
     "Enable": "Enable",
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
@@ -242,6 +240,7 @@
     "ID": "ID",
     "ID - Tooltip": "Уникальная случайная строка",
     "Identity": "Identity",
+    "Invitations": "Invitations",
     "Is enabled": "Включен",
     "Is enabled - Tooltip": "Установить, может ли использоваться",
     "LDAPs": "LDAPы",
@@ -287,6 +286,7 @@
     "Permissions - Tooltip": "Разрешения, принадлежащие этому пользователю",
     "Phone": "Телефон",
     "Phone - Tooltip": "Номер телефона",
+    "Phone only": "Phone only",
     "Plan": "Plan",
     "Plan - Tooltip": "Plan - Tooltip",
     "Plans": "Планы",
@@ -383,6 +383,16 @@
     "Past 30 Days": "Past 30 Days",
     "Total users": "Total users"
   },
+  "invitation": {
+    "Code": "Code",
+    "Code - Tooltip": "Code - Tooltip",
+    "Edit Invitation": "Edit Invitation",
+    "New Invitation": "New Invitation",
+    "Quota": "Quota",
+    "Quota - Tooltip": "Quota - Tooltip",
+    "Used count": "Used count",
+    "Used count - Tooltip": "Used count - Tooltip"
+  },
   "ldap": {
     "Admin": "Админ",
     "Admin - Tooltip": "CN или ID администратора сервера LDAP",
@@ -416,6 +426,7 @@
   "login": {
     "Auto sign in": "Автоматическая авторизация",
     "Continue with": "Продолжайте с",
+    "Email": "Email",
     "Email or phone": "Электронная почта или телефон",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
@@ -425,7 +436,10 @@
     "MetaMask plugin not detected": "MetaMask plugin not detected",
     "No account?": "Нет аккаунта?",
     "Or sign in with another account": "Или войти с другой учетной записью",
+    "Phone": "Phone",
     "Please input your Email or Phone!": "Пожалуйста, введите свой адрес электронной почты или номер телефона!",
+    "Please input your Email!": "Please input your Email!",
+    "Please input your Phone!": "Please input your Phone!",
     "Please input your code!": "Пожалуйста, введите свой код!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Пожалуйста, введите свой пароль!",
@@ -439,6 +453,8 @@
     "Signing in...": "Вход в систему...",
     "Successfully logged in with WebAuthn credentials": "Успешный вход с учетными данными WebAuthn",
     "The input is not valid Email or phone number!": "Ввод не является действительным адресом электронной почты или телефонным номером!",
+    "The input is not valid Email!": "The input is not valid Email!",
+    "The input is not valid phone number!": "The input is not valid phone number!",
     "To access": "Для доступа",
     "Verification code": "Код подтверждения",
     "WebAuthn": "WebAuthn",
@@ -751,11 +767,14 @@
     "Region endpoint for Internet": "Региональный конечная точка для Интернета",
     "Region endpoint for Intranet": "Региональный конечный пункт для интранета",
     "Required": "Требуется",
+    "Reset to Default HTML": "Reset to Default HTML",
+    "Reset to Default Text": "Reset to Default Text",
     "SAML 2.0 Endpoint (HTTP)": "Конечная точка SAML 2.0 (HTTP)",
     "SMS Test": "СМС тест",
     "SMS Test - Tooltip": "Номер телефона для отправки тестовых SMS сообщений",
     "SMS account": "СМС-аккаунт",
     "SMS account - Tooltip": "СМС-аккаунт",
+    "SMTP connected successfully": "SMTP connected successfully",
     "SP ACS URL": "SP ACS URL",
     "SP ACS URL - Tooltip": "SP ACS URL - Подсказка",
     "SP Entity ID": "Идентификатор сущности SP",

web/src/locales/sv/data.json

@@ -36,12 +36,6 @@
     "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
     "Enable SAML compression": "Enable SAML compression",
     "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
-    "Enable WebAuthn signin": "Enable WebAuthn signin",
-    "Enable WebAuthn signin - Tooltip": "Whether to allow users to login with WebAuthn",
-    "Enable code signin": "Enable code signin",
-    "Enable code signin - Tooltip": "Whether to allow users to login with phone or Email verification code",
-    "Enable password": "Enable password",
-    "Enable password - Tooltip": "Whether to allow users to login with password",
     "Enable side panel": "Enable side panel",
     "Enable signin session - Tooltip": "Whether Casdoor maintains a session after logging into Casdoor from the application",
     "Enable signup": "Enable signup",
@@ -100,6 +94,8 @@
     "Sign Up Error": "Sign Up Error",
     "Signin": "Signin",
     "Signin (Default True)": "Signin (Default True)",
+    "Signin methods": "Signin methods",
+    "Signin methods - Tooltip": "Signin methods - Tooltip",
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
@@ -173,6 +169,7 @@
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
     "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
+    "All": "All",
     "Application": "Application",
     "Application - Tooltip": "Application - Tooltip",
     "Applications": "Applications",
@@ -214,6 +211,7 @@
     "Edit": "Edit",
     "Email": "Email",
     "Email - Tooltip": "Valid email address",
+    "Email only": "Email only",
     "Enable": "Enable",
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
@@ -242,6 +240,7 @@
     "ID": "ID",
     "ID - Tooltip": "Unique random string",
     "Identity": "Identity",
+    "Invitations": "Invitations",
     "Is enabled": "Is enabled",
     "Is enabled - Tooltip": "Set whether it can use",
     "LDAPs": "LDAPs",
@@ -287,6 +286,7 @@
     "Permissions - Tooltip": "Permissions owned by this user",
     "Phone": "Phone",
     "Phone - Tooltip": "Phone number",
+    "Phone only": "Phone only",
     "Plan": "Plan",
     "Plan - Tooltip": "Plan - Tooltip",
     "Plans": "Plans",
@@ -383,6 +383,16 @@
     "Past 30 Days": "Past 30 Days",
     "Total users": "Total users"
   },
+  "invitation": {
+    "Code": "Code",
+    "Code - Tooltip": "Code - Tooltip",
+    "Edit Invitation": "Edit Invitation",
+    "New Invitation": "New Invitation",
+    "Quota": "Quota",
+    "Quota - Tooltip": "Quota - Tooltip",
+    "Used count": "Used count",
+    "Used count - Tooltip": "Used count - Tooltip"
+  },
   "ldap": {
     "Admin": "Admin",
     "Admin - Tooltip": "CN or ID of the LDAP server administrator",
@@ -416,6 +426,7 @@
   "login": {
     "Auto sign in": "Auto sign in",
     "Continue with": "Continue with",
+    "Email": "Email",
     "Email or phone": "Email or phone",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
@@ -425,7 +436,10 @@
     "MetaMask plugin not detected": "MetaMask plugin not detected",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
+    "Phone": "Phone",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
+    "Please input your Email!": "Please input your Email!",
+    "Please input your Phone!": "Please input your Phone!",
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
@@ -439,6 +453,8 @@
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
+    "The input is not valid Email!": "The input is not valid Email!",
+    "The input is not valid phone number!": "The input is not valid phone number!",
     "To access": "To access",
     "Verification code": "Verification code",
     "WebAuthn": "WebAuthn",
@@ -751,11 +767,14 @@
     "Region endpoint for Internet": "Region endpoint for Internet",
     "Region endpoint for Intranet": "Region endpoint for Intranet",
     "Required": "Required",
+    "Reset to Default HTML": "Reset to Default HTML",
+    "Reset to Default Text": "Reset to Default Text",
     "SAML 2.0 Endpoint (HTTP)": "SAML 2.0 Endpoint (HTTP)",
     "SMS Test": "SMS Test",
     "SMS Test - Tooltip": "Phone number for sending test SMS",
     "SMS account": "SMS account",
     "SMS account - Tooltip": "SMS account",
+    "SMTP connected successfully": "SMTP connected successfully",
     "SP ACS URL": "SP ACS URL",
     "SP ACS URL - Tooltip": "SP ACS URL",
     "SP Entity ID": "SP Entity ID",

web/src/locales/tr/data.json

@@ -36,12 +36,6 @@
     "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
     "Enable SAML compression": "Enable SAML compression",
     "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
-    "Enable WebAuthn signin": "Enable WebAuthn signin",
-    "Enable WebAuthn signin - Tooltip": "Whether to allow users to login with WebAuthn",
-    "Enable code signin": "Enable code signin",
-    "Enable code signin - Tooltip": "Whether to allow users to login with phone or Email verification code",
-    "Enable password": "Enable password",
-    "Enable password - Tooltip": "Whether to allow users to login with password",
     "Enable side panel": "Enable side panel",
     "Enable signin session - Tooltip": "Whether Casdoor maintains a session after logging into Casdoor from the application",
     "Enable signup": "Enable signup",
@@ -100,6 +94,8 @@
     "Sign Up Error": "Sign Up Error",
     "Signin": "Signin",
     "Signin (Default True)": "Signin (Default True)",
+    "Signin methods": "Signin methods",
+    "Signin methods - Tooltip": "Signin methods - Tooltip",
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
@@ -173,6 +169,7 @@
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
     "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
+    "All": "All",
     "Application": "Application",
     "Application - Tooltip": "Application - Tooltip",
     "Applications": "Applications",
@@ -214,6 +211,7 @@
     "Edit": "Edit",
     "Email": "Email",
     "Email - Tooltip": "Valid email address",
+    "Email only": "Email only",
     "Enable": "Enable",
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
@@ -242,6 +240,7 @@
     "ID": "ID",
     "ID - Tooltip": "Unique random string",
     "Identity": "Identity",
+    "Invitations": "Invitations",
     "Is enabled": "Is enabled",
     "Is enabled - Tooltip": "Set whether it can use",
     "LDAPs": "LDAPs",
@@ -287,6 +286,7 @@
     "Permissions - Tooltip": "Permissions owned by this user",
     "Phone": "Phone",
     "Phone - Tooltip": "Phone number",
+    "Phone only": "Phone only",
     "Plan": "Plan",
     "Plan - Tooltip": "Plan - Tooltip",
     "Plans": "Plans",
@@ -383,6 +383,16 @@
     "Past 30 Days": "Past 30 Days",
     "Total users": "Total users"
   },
+  "invitation": {
+    "Code": "Code",
+    "Code - Tooltip": "Code - Tooltip",
+    "Edit Invitation": "Edit Invitation",
+    "New Invitation": "New Invitation",
+    "Quota": "Quota",
+    "Quota - Tooltip": "Quota - Tooltip",
+    "Used count": "Used count",
+    "Used count - Tooltip": "Used count - Tooltip"
+  },
   "ldap": {
     "Admin": "Admin",
     "Admin - Tooltip": "CN or ID of the LDAP server administrator",
@@ -416,6 +426,7 @@
   "login": {
     "Auto sign in": "Auto sign in",
     "Continue with": "Continue with",
+    "Email": "Email",
     "Email or phone": "Email or phone",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
@@ -425,7 +436,10 @@
     "MetaMask plugin not detected": "MetaMask plugin not detected",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
+    "Phone": "Phone",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
+    "Please input your Email!": "Please input your Email!",
+    "Please input your Phone!": "Please input your Phone!",
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
@@ -439,6 +453,8 @@
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
+    "The input is not valid Email!": "The input is not valid Email!",
+    "The input is not valid phone number!": "The input is not valid phone number!",
     "To access": "To access",
     "Verification code": "Verification code",
     "WebAuthn": "WebAuthn",
@@ -751,11 +767,14 @@
     "Region endpoint for Internet": "Region endpoint for Internet",
     "Region endpoint for Intranet": "Region endpoint for Intranet",
     "Required": "Required",
+    "Reset to Default HTML": "Reset to Default HTML",
+    "Reset to Default Text": "Reset to Default Text",
     "SAML 2.0 Endpoint (HTTP)": "SAML 2.0 Endpoint (HTTP)",
     "SMS Test": "SMS Test",
     "SMS Test - Tooltip": "Phone number for sending test SMS",
     "SMS account": "SMS account",
     "SMS account - Tooltip": "SMS account",
+    "SMTP connected successfully": "SMTP connected successfully",
     "SP ACS URL": "SP ACS URL",
     "SP ACS URL - Tooltip": "SP ACS URL",
     "SP Entity ID": "SP Entity ID",

web/src/locales/uk/data.json

@@ -36,12 +36,6 @@
     "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
     "Enable SAML compression": "Enable SAML compression",
     "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
-    "Enable WebAuthn signin": "Enable WebAuthn signin",
-    "Enable WebAuthn signin - Tooltip": "Whether to allow users to login with WebAuthn",
-    "Enable code signin": "Enable code signin",
-    "Enable code signin - Tooltip": "Whether to allow users to login with phone or Email verification code",
-    "Enable password": "Enable password",
-    "Enable password - Tooltip": "Whether to allow users to login with password",
     "Enable side panel": "Enable side panel",
     "Enable signin session - Tooltip": "Whether Casdoor maintains a session after logging into Casdoor from the application",
     "Enable signup": "Enable signup",
@@ -100,6 +94,8 @@
     "Sign Up Error": "Sign Up Error",
     "Signin": "Signin",
     "Signin (Default True)": "Signin (Default True)",
+    "Signin methods": "Signin methods",
+    "Signin methods - Tooltip": "Signin methods - Tooltip",
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
@@ -173,6 +169,7 @@
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
     "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
+    "All": "All",
     "Application": "Application",
     "Application - Tooltip": "Application - Tooltip",
     "Applications": "Applications",
@@ -214,6 +211,7 @@
     "Edit": "Edit",
     "Email": "Email",
     "Email - Tooltip": "Valid email address",
+    "Email only": "Email only",
     "Enable": "Enable",
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
@@ -242,6 +240,7 @@
     "ID": "ID",
     "ID - Tooltip": "Unique random string",
     "Identity": "Identity",
+    "Invitations": "Invitations",
     "Is enabled": "Is enabled",
     "Is enabled - Tooltip": "Set whether it can use",
     "LDAPs": "LDAPs",
@@ -287,6 +286,7 @@
     "Permissions - Tooltip": "Permissions owned by this user",
     "Phone": "Phone",
     "Phone - Tooltip": "Phone number",
+    "Phone only": "Phone only",
     "Plan": "Plan",
     "Plan - Tooltip": "Plan - Tooltip",
     "Plans": "Plans",
@@ -383,6 +383,16 @@
     "Past 30 Days": "Past 30 Days",
     "Total users": "Total users"
   },
+  "invitation": {
+    "Code": "Code",
+    "Code - Tooltip": "Code - Tooltip",
+    "Edit Invitation": "Edit Invitation",
+    "New Invitation": "New Invitation",
+    "Quota": "Quota",
+    "Quota - Tooltip": "Quota - Tooltip",
+    "Used count": "Used count",
+    "Used count - Tooltip": "Used count - Tooltip"
+  },
   "ldap": {
     "Admin": "Admin",
     "Admin - Tooltip": "CN or ID of the LDAP server administrator",
@@ -416,6 +426,7 @@
   "login": {
     "Auto sign in": "Auto sign in",
     "Continue with": "Continue with",
+    "Email": "Email",
     "Email or phone": "Email or phone",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
@@ -425,7 +436,10 @@
     "MetaMask plugin not detected": "MetaMask plugin not detected",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
+    "Phone": "Phone",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
+    "Please input your Email!": "Please input your Email!",
+    "Please input your Phone!": "Please input your Phone!",
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
@@ -439,6 +453,8 @@
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
+    "The input is not valid Email!": "The input is not valid Email!",
+    "The input is not valid phone number!": "The input is not valid phone number!",
     "To access": "To access",
     "Verification code": "Verification code",
     "WebAuthn": "WebAuthn",
@@ -751,11 +767,14 @@
     "Region endpoint for Internet": "Region endpoint for Internet",
     "Region endpoint for Intranet": "Region endpoint for Intranet",
     "Required": "Required",
+    "Reset to Default HTML": "Reset to Default HTML",
+    "Reset to Default Text": "Reset to Default Text",
     "SAML 2.0 Endpoint (HTTP)": "SAML 2.0 Endpoint (HTTP)",
     "SMS Test": "SMS Test",
     "SMS Test - Tooltip": "Phone number for sending test SMS",
     "SMS account": "SMS account",
     "SMS account - Tooltip": "SMS account",
+    "SMTP connected successfully": "SMTP connected successfully",
     "SP ACS URL": "SP ACS URL",
     "SP ACS URL - Tooltip": "SP ACS URL",
     "SP Entity ID": "SP Entity ID",

web/src/locales/vi/data.json

@@ -36,12 +36,6 @@
     "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
     "Enable SAML compression": "Cho phép nén SAML",
     "Enable SAML compression - Tooltip": "Liệu có nén các thông điệp phản hồi SAML khi Casdoor được sử dụng làm SAML idp không?",
-    "Enable WebAuthn signin": "Kích hoạt đăng nhập bằng WebAuthn",
-    "Enable WebAuthn signin - Tooltip": "Có nên cho phép người dùng đăng nhập bằng WebAuthn không?",
-    "Enable code signin": "Cho phép đăng nhập mã",
-    "Enable code signin - Tooltip": "Liệu có nên cho phép người dùng đăng nhập bằng mã xác minh điện thoại hoặc Email không?",
-    "Enable password": "Cho phép mật khẩu",
-    "Enable password - Tooltip": "Có nên cho phép người dùng đăng nhập bằng mật khẩu không?",
     "Enable side panel": "Cho phép bên thanh phẩm",
     "Enable signin session - Tooltip": "Có phải Casdoor duy trì phiên sau khi đăng nhập vào Casdoor từ ứng dụng không?",
     "Enable signup": "Kích hoạt đăng ký",
@@ -100,6 +94,8 @@
     "Sign Up Error": "Lỗi đăng ký",
     "Signin": "Đăng nhập",
     "Signin (Default True)": "Đăng nhập (Mặc định đúng)",
+    "Signin methods": "Signin methods",
+    "Signin methods - Tooltip": "Signin methods - Tooltip",
     "Signin session": "Phiên đăng nhập",
     "Signup items": "Các mục đăng ký",
     "Signup items - Tooltip": "Các thông tin cần được người dùng điền khi đăng ký tài khoản mới",
@@ -173,6 +169,7 @@
     "Admin": "Admin",
     "Affiliation URL": "Đường dẫn liên kết liên kết",
     "Affiliation URL - Tooltip": "Đường dẫn URL trang chủ của liên kết",
+    "All": "All",
     "Application": "Ứng dụng",
     "Application - Tooltip": "Application - Tooltip",
     "Applications": "Ứng dụng",
@@ -214,6 +211,7 @@
     "Edit": "Sửa",
     "Email": "Email: Thư điện tử",
     "Email - Tooltip": "Địa chỉ email hợp lệ",
+    "Email only": "Email only",
     "Enable": "Enable",
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
@@ -242,6 +240,7 @@
     "ID": "ID",
     "ID - Tooltip": "Chuỗi ngẫu nhiên độc nhất",
     "Identity": "Identity",
+    "Invitations": "Invitations",
     "Is enabled": "Đã được kích hoạt",
     "Is enabled - Tooltip": "Đặt liệu nó có thể sử dụng hay không",
     "LDAPs": "LDAPs",
@@ -287,6 +286,7 @@
     "Permissions - Tooltip": "Quyền sở hữu của người dùng này",
     "Phone": "Điện thoại",
     "Phone - Tooltip": "Số điện thoại",
+    "Phone only": "Phone only",
     "Plan": "Plan",
     "Plan - Tooltip": "Plan - Tooltip",
     "Plans": "Kế hoạch",
@@ -383,6 +383,16 @@
     "Past 30 Days": "Past 30 Days",
     "Total users": "Total users"
   },
+  "invitation": {
+    "Code": "Code",
+    "Code - Tooltip": "Code - Tooltip",
+    "Edit Invitation": "Edit Invitation",
+    "New Invitation": "New Invitation",
+    "Quota": "Quota",
+    "Quota - Tooltip": "Quota - Tooltip",
+    "Used count": "Used count",
+    "Used count - Tooltip": "Used count - Tooltip"
+  },
   "ldap": {
     "Admin": "Quản trị",
     "Admin - Tooltip": "CN hoặc ID của quản trị viên máy chủ LDAP",
@@ -416,6 +426,7 @@
   "login": {
     "Auto sign in": "Tự động đăng nhập",
     "Continue with": "Tiếp tục với",
+    "Email": "Email",
     "Email or phone": "Email hoặc điện thoại",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
@@ -425,7 +436,10 @@
     "MetaMask plugin not detected": "MetaMask plugin not detected",
     "No account?": "Không có tài khoản?",
     "Or sign in with another account": "Hoặc đăng nhập bằng tài khoản khác",
+    "Phone": "Phone",
     "Please input your Email or Phone!": "Vui lòng nhập địa chỉ Email hoặc số điện thoại của bạn!",
+    "Please input your Email!": "Please input your Email!",
+    "Please input your Phone!": "Please input your Phone!",
     "Please input your code!": "Vui lòng nhập mã của bạn!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Vui lòng nhập mật khẩu của bạn!",
@@ -439,6 +453,8 @@
     "Signing in...": "Đăng nhập...",
     "Successfully logged in with WebAuthn credentials": "Đã đăng nhập thành công với thông tin WebAuthn",
     "The input is not valid Email or phone number!": "Đầu vào không phải là địa chỉ Email hoặc số điện thoại hợp lệ!",
+    "The input is not valid Email!": "The input is not valid Email!",
+    "The input is not valid phone number!": "The input is not valid phone number!",
     "To access": "Để truy cập",
     "Verification code": "Mã xác thực",
     "WebAuthn": "WebAuthn",
@@ -751,11 +767,14 @@
     "Region endpoint for Internet": "Điểm cuối khu vực cho Internet",
     "Region endpoint for Intranet": "Điểm cuối khu vực cho mạng nội bộ",
     "Required": "Yêu cầu",
+    "Reset to Default HTML": "Reset to Default HTML",
+    "Reset to Default Text": "Reset to Default Text",
     "SAML 2.0 Endpoint (HTTP)": "Điểm cuối SAML 2.0 (HTTP)",
     "SMS Test": "Kiểm tra SMS",
     "SMS Test - Tooltip": "Số điện thoại để gửi tin nhắn kiểm tra",
     "SMS account": "Tài khoản SMS",
     "SMS account - Tooltip": "Tài khoản SMS",
+    "SMTP connected successfully": "SMTP connected successfully",
     "SP ACS URL": "SP ACC URL",
     "SP ACS URL - Tooltip": "SP ACS URL - Tooltip",
     "SP Entity ID": "SP Entity ID: Định danh thực thể SP",

web/src/locales/zh/data.json

@@ -36,12 +36,6 @@
     "Enable SAML C14N10 - Tooltip": "在SAML协议里使用C14N10，而不是C14N11",
     "Enable SAML compression": "压缩SAML响应",
     "Enable SAML compression - Tooltip": "Casdoor作为SAML IdP时，是否压缩SAML响应信息",
-    "Enable WebAuthn signin": "启用WebAuthn登录",
-    "Enable WebAuthn signin - Tooltip": "是否支持用户在登录页面通过WebAuthn方式登录",
-    "Enable code signin": "启用验证码登录",
-    "Enable code signin - Tooltip": "是否允许用手机或邮箱验证码登录",
-    "Enable password": "开启密码",
-    "Enable password - Tooltip": "是否允许密码登录",
     "Enable side panel": "启用侧面板",
     "Enable signin session - Tooltip": "从应用登录Casdoor后，Casdoor是否保持会话",
     "Enable signup": "启用注册",
@@ -100,6 +94,8 @@
     "Sign Up Error": "注册错误",
     "Signin": "登录",
     "Signin (Default True)": "登录 (默认同意)",
+    "Signin methods": "登录方式",
+    "Signin methods - Tooltip": "添加允许用户登录的方式，默认所有方式均可登录",
     "Signin session": "保持登录会话",
     "Signup items": "注册项",
     "Signup items - Tooltip": "注册用户注册时需要填写的项目",
@@ -173,6 +169,7 @@
     "Admin": "管理工具",
     "Affiliation URL": "工作单位URL",
     "Affiliation URL - Tooltip": "工作单位的官网URL",
+    "All": "全部允许",
     "Application": "应用",
     "Application - Tooltip": "应用",
     "Applications": "应用",
@@ -214,6 +211,7 @@
     "Edit": "编辑",
     "Email": "电子邮箱",
     "Email - Tooltip": "合法的电子邮件地址",
+    "Email only": "仅支持邮件",
     "Enable": "启用",
     "Enabled": "已开启",
     "Enabled successfully": "启用成功",
@@ -242,6 +240,7 @@
     "ID": "ID",
     "ID - Tooltip": "唯一的随机字符串",
     "Identity": "身份认证",
+    "Invitations": "邀请码",
     "Is enabled": "已启用",
     "Is enabled - Tooltip": "是否启用",
     "LDAPs": "LDAP",
@@ -287,6 +286,7 @@
     "Permissions - Tooltip": "该用户所拥有的权限",
     "Phone": "手机号",
     "Phone - Tooltip": "手机号",
+    "Phone only": "仅支持手机号",
     "Plan": "计划",
     "Plan - Tooltip": "订阅里的计划",
     "Plans": "计划",
@@ -383,6 +383,16 @@
     "Past 30 Days": "过去 30 天",
     "Total users": "用户总数"
   },
+  "invitation": {
+    "Code": "邀请码",
+    "Code - Tooltip": "可以是一个单独的字符串作为邀请码，也可以是正则表达式，所有符合正则表达式的字符串都是合法的邀请码",
+    "Edit Invitation": "编辑邀请码",
+    "New Invitation": "新建邀请码",
+    "Quota": "配额",
+    "Quota - Tooltip": "该邀请码最多能注册多少个用户",
+    "Used count": "已使用个数",
+    "Used count - Tooltip": "该邀请码已使用次数"
+  },
   "ldap": {
     "Admin": "管理员",
     "Admin - Tooltip": "LDAP服务器管理员的CN或ID",
@@ -416,6 +426,7 @@
   "login": {
     "Auto sign in": "下次自动登录",
     "Continue with": "使用以下账号继续",
+    "Email": "Email",
     "Email or phone": "Email或手机号",
     "Failed to obtain MetaMask authorization": "获取MetaMask授权失败",
     "Failed to obtain Web3-Onboard authorization": "获取 Web3-Onboard 授权失败",
@@ -425,7 +436,10 @@
     "MetaMask plugin not detected": "未检测到MetaMask插件",
     "No account?": "没有账号？",
     "Or sign in with another account": "或者，登录其他账号",
+    "Phone": "手机号",
     "Please input your Email or Phone!": "请输入您的Email或手机号!",
+    "Please input your Email!": "请输入您的Email!",
+    "Please input your Phone!": "请输入您的手机号!",
     "Please input your code!": "请输入您的验证码！",
     "Please input your organization name!": "请输入组织的名字!",
     "Please input your password!": "请输入您的密码！",
@@ -439,6 +453,8 @@
     "Signing in...": "正在登录...",
     "Successfully logged in with WebAuthn credentials": "成功使用WebAuthn证书登录",
     "The input is not valid Email or phone number!": "您输入的电子邮箱格式或手机号有误！",
+    "The input is not valid Email!": "您输入的电子邮箱格式有误!",
+    "The input is not valid phone number!": "您输入的手机号有误!",
     "To access": "访问",
     "Verification code": "验证码",
     "WebAuthn": "Web身份验证",
@@ -751,11 +767,14 @@
     "Region endpoint for Internet": "地域节点 (外网)",
     "Region endpoint for Intranet": "地域节点 (内网)",
     "Required": "是否必填项",
+    "Reset to Default HTML": "重置为默认HTML",
+    "Reset to Default Text": "重置为默认纯文本",
     "SAML 2.0 Endpoint (HTTP)": "SAML 2.0 端点 (HTTP)",
     "SMS Test": "测试短信配置",
     "SMS Test - Tooltip": "请输入测试手机号",
     "SMS account": "短信账户",
     "SMS account - Tooltip": "SMS account - Tooltip",
+    "SMTP connected successfully": "SMTP连接成功",
     "SP ACS URL": "SP ACS 网址",
     "SP ACS URL - Tooltip": "SP ACS URL - 工具提示",
     "SP Entity ID": "SP 实体 ID",

web/src/table/SigninTable.js

@@ -0,0 +1,195 @@
+// Copyright 2023 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import React from "react";
+import {DeleteOutlined, DownOutlined, UpOutlined} from "@ant-design/icons";
+import {Button, Col, Input, Row, Select, Table, Tooltip} from "antd";
+import * as Setting from "../Setting";
+import i18next from "i18next";
+
+const {Option} = Select;
+
+class SigninTable extends React.Component {
+  constructor(props) {
+    super(props);
+    this.state = {
+      classes: props,
+    };
+  }
+
+  updateTable(table) {
+    this.props.onUpdateTable(table);
+  }
+
+  updateField(table, index, key, value) {
+    table[index][key] = value;
+    this.updateTable(table);
+  }
+
+  addRow(table) {
+    const row = {
+      name: Setting.getNewRowNameForTable(table, "Please select a signin method"),
+      displayName: "",
+      rule: "None",
+    };
+    if (table === undefined) {
+      table = [];
+    }
+    table = Setting.addRow(table, row);
+    this.updateTable(table);
+  }
+
+  deleteRow(items, table, i) {
+    table = Setting.deleteRow(table, i);
+    this.updateTable(table);
+  }
+
+  upRow(table, i) {
+    table = Setting.swapRow(table, i - 1, i);
+    this.updateTable(table);
+  }
+
+  downRow(table, i) {
+    table = Setting.swapRow(table, i, i + 1);
+    this.updateTable(table);
+  }
+
+  renderTable(table) {
+    const items = [
+      {name: "Password", displayName: i18next.t("general:Password")},
+      {name: "Verification code", displayName: i18next.t("login:Verification code")},
+      {name: "WebAuthn", displayName: i18next.t("login:WebAuthn")},
+    ];
+    const columns = [
+      {
+        title: i18next.t("general:Name"),
+        dataIndex: "name",
+        key: "name",
+        render: (text, record, index) => {
+          const getItemDisplayName = (text) => {
+            const item = items.filter(item => item.name === text);
+            if (item.length === 0) {
+              return "";
+            }
+            return item[0].displayName;
+          };
+
+          return (
+            <Select virtual={false} style={{width: "100%"}}
+              value={getItemDisplayName(text)}
+              onChange={value => {
+                this.updateField(table, index, "name", value);
+                this.updateField(table, index, "displayName", value);
+                if (value === "Verification code") {
+                  this.updateField(table, index, "rule", "All");
+                } else {
+                  this.updateField(table, index, "rule", "None");
+                }
+              }} >
+              {
+                Setting.getDeduplicatedArray(items, table, "name").map((item, index) => <Option key={index} value={item.name}>{item.displayName}</Option>)
+              }
+            </Select>
+          );
+        },
+      },
+      {
+        title: i18next.t("general:Display name"),
+        dataIndex: "displayName",
+        key: "displayName",
+        width: "300px",
+        render: (text, record, index) => {
+          return (
+            <Input value={text} onChange={e => {
+              this.updateField(table, index, "displayName", e.target.value);
+            }} />
+          );
+        },
+      },
+      {
+        title: i18next.t("application:Rule"),
+        dataIndex: "rule",
+        key: "rule",
+        width: "155px",
+        render: (text, record, index) => {
+          let options = [];
+          if (record.name === "Verification code") {
+            options = [
+              {id: "All", name: i18next.t("general:All")},
+              {id: "Email only", name: i18next.t("general:Email only")},
+              {id: "Phone only", name: i18next.t("general:Phone only")},
+            ];
+          }
+
+          if (options.length === 0) {
+            return null;
+          }
+
+          return (
+            <Select virtual={false} style={{width: "100%"}} value={text} onChange={(value => {
+              this.updateField(table, index, "rule", value);
+            })} options={options.map(item => Setting.getOption(item.name, item.id))} />
+          );
+        },
+      },
+      {
+        title: i18next.t("general:Action"),
+        key: "action",
+        width: "100px",
+        render: (text, record, index) => {
+          return (
+            <div>
+              <Tooltip placement="bottomLeft" title={i18next.t("general:Up")}>
+                <Button style={{marginRight: "5px"}} disabled={index === 0} icon={<UpOutlined />} size="small" onClick={() => this.upRow(table, index)} />
+              </Tooltip>
+              <Tooltip placement="topLeft" title={i18next.t("general:Down")}>
+                <Button style={{marginRight: "5px"}} disabled={index === table.length - 1} icon={<DownOutlined />} size="small" onClick={() => this.downRow(table, index)} />
+              </Tooltip>
+              <Tooltip placement="topLeft" title={i18next.t("general:Delete")}>
+                <Button icon={<DeleteOutlined />} size="small" disabled={Setting.getDeduplicatedArray(items, table, "name").length >= items.length - 1} onClick={() => this.deleteRow(items, table, index)} />
+              </Tooltip>
+            </div>
+          );
+        },
+      },
+    ];
+
+    return (
+      <Table scroll={{x: "max-content"}} rowKey="name" columns={columns} dataSource={table} size="middle" bordered pagination={false}
+        title={() => (
+          <div>
+            {this.props.title}&nbsp;&nbsp;&nbsp;&nbsp;
+            <Button style={{marginRight: "5px"}} type="primary" size="small" disabled={Setting.getDeduplicatedArray(items, table, "name").length === 0} onClick={() => this.addRow(table)}>{i18next.t("general:Add")}</Button>
+          </div>
+        )}
+      />
+    );
+  }
+
+  render() {
+    return (
+      <div>
+        <Row style={{marginTop: "20px"}}>
+          <Col span={24}>
+            {
+              this.renderTable(this.props.table)
+            }
+          </Col>
+        </Row>
+      </div>
+    );
+  }
+}
+
+export default SigninTable;