feat: fix autoComplete for MFA passcode and SMS code (#2642)

* update: mfa autoComplete="off"

* Update SendCodeInput.js

---------

Co-authored-by: hsluoyz <hsluoyz@qq.com>

.github/workflows/build.yml

@@ -217,13 +217,9 @@ jobs:
       - name: Update Helm Chart
         if: steps.should_push.outputs.push=='true'
         run: |
-          # Set the appVersion of the chart to the current tag
+          # Set the appVersion and version of the chart to the current tag
           sed -i "s/appVersion: .*/appVersion: ${{steps.get-current-tag.outputs.tag }}/g" ./charts/casdoor/Chart.yaml
-
+          sed -i "s/version: .*/version: ${{steps.get-current-tag.outputs.tag }}/g" ./charts/casdoor/Chart.yaml
-          # increase the patch version of the chart
-          currentChartVersion=$(cat ./charts/casdoor/Chart.yaml | grep ^version | awk '{print $2}')
-          newChartVersion=$(echo $currentChartVersion | awk -F. -v OFS=. '{$NF++;print}')
-          sed -i "s/version: .*/version: $newChartVersion/g" ./charts/casdoor/Chart.yaml
 
           REGISTRY=oci://registry-1.docker.io/casbin
           cd charts/casdoor
@@ -235,7 +231,8 @@ jobs:
 
           # Commit and push the changes back to the repository
           git config --global user.name "casbin-bot"
-          git config --global user.email "casbin-bot@github.com"
+          git config --global user.email "bot@casbin.org"
           git add Chart.yaml index.yaml
           git commit -m "chore(helm): bump helm charts appVersion to ${{steps.get-current-tag.outputs.tag }}"
-          git push origin HEAD:master
+          git tag ${{steps.get-current-tag.outputs.tag }}
+          git push origin HEAD:master --follow-tags

README.md

@@ -69,6 +69,7 @@ https://casdoor.org
 
 - By source code: https://casdoor.org/docs/basic/server-installation
 - By Docker: https://casdoor.org/docs/basic/try-with-docker
+- By Kubernetes Helm: https://casdoor.org/docs/basic/try-with-helm
 
 ## How to connect to Casdoor?
 

authz/authz.go

@@ -150,7 +150,7 @@ func IsAllowed(subOwner string, subName string, method string, urlPath string, o
 
 func isAllowedInDemoMode(subOwner string, subName string, method string, urlPath string, objOwner string, objName string) bool {
 	if method == "POST" {
-		if strings.HasPrefix(urlPath, "/api/login") || urlPath == "/api/logout" || urlPath == "/api/signup" || urlPath == "/api/callback" || urlPath == "/api/send-verification-code" || urlPath == "/api/send-email" || urlPath == "/api/verify-captcha" || urlPath == "/api/check-user-password" || strings.HasPrefix(urlPath, "/api/mfa/") {
+		if strings.HasPrefix(urlPath, "/api/login") || urlPath == "/api/logout" || urlPath == "/api/signup" || urlPath == "/api/callback" || urlPath == "/api/send-verification-code" || urlPath == "/api/send-email" || urlPath == "/api/verify-captcha" || urlPath == "/api/verify-code" || urlPath == "/api/check-user-password" || strings.HasPrefix(urlPath, "/api/mfa/") {
 			return true
 		} else if urlPath == "/api/update-user" {
 			// Allow ordinary users to update their own information

controllers/account.go

@@ -111,6 +111,16 @@ func (c *ApiController) Signup() {
 		return
 	}
 
+	invitation, msg := object.CheckInvitationCode(application, organization, &authForm, c.GetAcceptLanguage())
+	if msg != "" {
+		c.ResponseError(msg)
+		return
+	}
+	invitationName := ""
+	if invitation != nil {
+		invitationName = invitation.Name
+	}
+
 	if application.IsSignupItemVisible("Email") && application.GetSignupItemRule("Email") != "No verification" && authForm.Email != "" {
 		checkResult := object.CheckVerificationCode(authForm.Email, authForm.EmailCode, c.GetAcceptLanguage())
 		if checkResult.Code != object.VerificationSuccess {
@@ -179,6 +189,8 @@ func (c *ApiController) Signup() {
 		SignupApplication: application.Name,
 		Properties:        map[string]string{},
 		Karma:             0,
+		Invitation:        invitationName,
+		InvitationCode:    authForm.InvitationCode,
 	}
 
 	if len(organization.Tags) > 0 {
@@ -213,6 +225,15 @@ func (c *ApiController) Signup() {
 		return
 	}
 
+	if invitation != nil {
+		invitation.UsedCount += 1
+		_, err := object.UpdateInvitation(invitation.GetId(), invitation)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+	}
+
 	if application.HasPromptPage() && user.Type == "normal-user" {
 		// The prompt page needs the user to be signed in
 		c.SetSessionUsername(user.GetId())
@@ -453,7 +474,7 @@ func (c *ApiController) GetUserinfo2() {
 // GetCaptcha ...
 // @Tag Login API
 // @Title GetCaptcha
-// @router /api/get-captcha [get]
+// @router /get-captcha [get]
 // @Success 200 {object} object.Userinfo The Response object
 func (c *ApiController) GetCaptcha() {
 	applicationId := c.Input().Get("applicationId")

controllers/application.go

@@ -110,14 +110,6 @@ func (c *ApiController) GetApplication() {
 		}
 	}
 
-	// 0 as an initialization value, corresponding to the default configuration parameters
-	if application.FailedSigninLimit == 0 {
-		application.FailedSigninLimit = object.DefaultFailedSigninLimit
-	}
-	if application.FailedSigninfrozenTime == 0 {
-		application.FailedSigninfrozenTime = object.DefaultFailedSigninfrozenTime
-	}
-
 	c.ResponseOk(object.GetMaskedApplication(application, userId))
 }
 

controllers/auth.go

@@ -916,9 +916,9 @@ func (c *ApiController) HandleSamlLogin() {
 }
 
 // HandleOfficialAccountEvent ...
-// @Tag HandleOfficialAccountEvent API
+// @Tag System API
 // @Title HandleOfficialAccountEvent
-// @router /api/webhook [POST]
+// @router /webhook [POST]
 // @Success 200 {object} object.Userinfo The Response object
 func (c *ApiController) HandleOfficialAccountEvent() {
 	respBytes, err := ioutil.ReadAll(c.Ctx.Request.Body)
@@ -947,9 +947,9 @@ func (c *ApiController) HandleOfficialAccountEvent() {
 }
 
 // GetWebhookEventType ...
-// @Tag GetWebhookEventType API
+// @Tag System API
 // @Title GetWebhookEventType
-// @router /api/get-webhook-event [GET]
+// @router /get-webhook-event [GET]
 // @Success 200 {object} object.Userinfo The Response object
 func (c *ApiController) GetWebhookEventType() {
 	lock.Lock()
@@ -970,26 +970,30 @@ func (c *ApiController) GetWebhookEventType() {
 // @Description Get Login Error Counts
 // @Param   id     query    string  true        "The id ( owner/name ) of user"
 // @Success 200 {object} controllers.Response The Response object
-// @router /api/get-captcha-status [get]
+// @router /get-captcha-status [get]
 func (c *ApiController) GetCaptchaStatus() {
 	organization := c.Input().Get("organization")
-	userId := c.Input().Get("user_id")
+	userId := c.Input().Get("userId")
 	user, err := object.GetUserByFields(organization, userId)
 	if err != nil {
 		c.ResponseError(err.Error())
 		return
 	}
 
-	failedSigninLimit, _, err := object.GetFailedSigninConfigByUser(user)
+	captchaEnabled := false
-	if err != nil {
+	if user != nil {
-		c.ResponseError(err.Error())
+		var failedSigninLimit int
-		return
+		failedSigninLimit, _, err = object.GetFailedSigninConfigByUser(user)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+
+		if user.SigninWrongTimes >= failedSigninLimit {
+			captchaEnabled = true
+		}
 	}
 
-	var captchaEnabled bool
-	if user != nil && user.SigninWrongTimes >= failedSigninLimit {
-		captchaEnabled = true
-	}
 	c.ResponseOk(captchaEnabled)
 }
 
@@ -997,7 +1001,7 @@ func (c *ApiController) GetCaptchaStatus() {
 // @Title Callback
 // @Tag Callback API
 // @Description Get Login Error Counts
-// @router /api/Callback [post]
+// @router /Callback [post]
 // @Success 200 {object} object.Userinfo The Response object
 func (c *ApiController) Callback() {
 	code := c.GetString("code")

controllers/casbin_api.go

@@ -24,7 +24,7 @@ import (
 
 // Enforce
 // @Title Enforce
-// @Tag Enforce API
+// @Tag Enforcer API
 // @Description Call Casbin Enforce API
 // @Param   body    body   []string  true   "Casbin request"
 // @Param   permissionId    query   string  false   "permission id"
@@ -151,7 +151,7 @@ func (c *ApiController) Enforce() {
 
 // BatchEnforce
 // @Title BatchEnforce
-// @Tag Enforce API
+// @Tag Enforcer API
 // @Description Call Casbin BatchEnforce API
 // @Param   body    body   []string  true   "array of casbin requests"
 // @Param   permissionId    query   string  false   "permission id"
@@ -264,10 +264,13 @@ func (c *ApiController) BatchEnforce() {
 }
 
 func (c *ApiController) GetAllObjects() {
-	userId := c.GetSessionUsername()
+	userId := c.Input().Get("userId")
 	if userId == "" {
-		c.ResponseError(c.T("general:Please login first"))
+		userId = c.GetSessionUsername()
-		return
+		if userId == "" {
+			c.ResponseError(c.T("general:Please login first"))
+			return
+		}
 	}
 
 	objects, err := object.GetAllObjects(userId)
@@ -280,10 +283,13 @@ func (c *ApiController) GetAllObjects() {
 }
 
 func (c *ApiController) GetAllActions() {
-	userId := c.GetSessionUsername()
+	userId := c.Input().Get("userId")
 	if userId == "" {
-		c.ResponseError(c.T("general:Please login first"))
+		userId = c.GetSessionUsername()
-		return
+		if userId == "" {
+			c.ResponseError(c.T("general:Please login first"))
+			return
+		}
 	}
 
 	actions, err := object.GetAllActions(userId)
@@ -296,10 +302,13 @@ func (c *ApiController) GetAllActions() {
 }
 
 func (c *ApiController) GetAllRoles() {
-	userId := c.GetSessionUsername()
+	userId := c.Input().Get("userId")
 	if userId == "" {
-		c.ResponseError(c.T("general:Please login first"))
+		userId = c.GetSessionUsername()
-		return
+		if userId == "" {
+			c.ResponseError(c.T("general:Please login first"))
+			return
+		}
 	}
 
 	roles, err := object.GetAllRoles(userId)

controllers/cert.go

@@ -39,13 +39,13 @@ func (c *ApiController) GetCerts() {
 	sortOrder := c.Input().Get("sortOrder")
 
 	if limit == "" || page == "" {
-		maskedCerts, err := object.GetMaskedCerts(object.GetCerts(owner))
+		certs, err := object.GetMaskedCerts(object.GetCerts(owner))
 		if err != nil {
 			c.ResponseError(err.Error())
 			return
 		}
 
-		c.ResponseOk(maskedCerts)
+		c.ResponseOk(certs)
 	} else {
 		limit := util.ParseInt(limit)
 		count, err := object.GetCertCount(owner, field, value)
@@ -80,13 +80,13 @@ func (c *ApiController) GetGlobalCerts() {
 	sortOrder := c.Input().Get("sortOrder")
 
 	if limit == "" || page == "" {
-		maskedCerts, err := object.GetMaskedCerts(object.GetGlobalCerts())
+		certs, err := object.GetMaskedCerts(object.GetGlobalCerts())
 		if err != nil {
 			c.ResponseError(err.Error())
 			return
 		}
 
-		c.ResponseOk(maskedCerts)
+		c.ResponseOk(certs)
 	} else {
 		limit := util.ParseInt(limit)
 		count, err := object.GetGlobalCertsCount(field, value)

controllers/get-dashboard.go

@@ -18,7 +18,7 @@ import "github.com/casdoor/casdoor/object"
 
 // GetDashboard
 // @Title GetDashboard
-// @Tag GetDashboard API
+// @Tag System API
 // @Description get information of dashboard
 // @Success 200 {object} controllers.Response The Response object
 // @router /get-dashboard [get]

controllers/organization.go

@@ -41,13 +41,12 @@ func (c *ApiController) GetOrganizations() {
 
 	isGlobalAdmin := c.IsGlobalAdmin()
 	if limit == "" || page == "" {
-		var maskedOrganizations []*object.Organization
+		var organizations []*object.Organization
 		var err error
-
 		if isGlobalAdmin {
-			maskedOrganizations, err = object.GetMaskedOrganizations(object.GetOrganizations(owner))
+			organizations, err = object.GetMaskedOrganizations(object.GetOrganizations(owner))
 		} else {
-			maskedOrganizations, err = object.GetMaskedOrganizations(object.GetOrganizations(owner, c.getCurrentUser().Owner))
+			organizations, err = object.GetMaskedOrganizations(object.GetOrganizations(owner, c.getCurrentUser().Owner))
 		}
 
 		if err != nil {
@@ -55,15 +54,15 @@ func (c *ApiController) GetOrganizations() {
 			return
 		}
 
-		c.ResponseOk(maskedOrganizations)
+		c.ResponseOk(organizations)
 	} else {
 		if !isGlobalAdmin {
-			maskedOrganizations, err := object.GetMaskedOrganizations(object.GetOrganizations(owner, c.getCurrentUser().Owner))
+			organizations, err := object.GetMaskedOrganizations(object.GetOrganizations(owner, c.getCurrentUser().Owner))
 			if err != nil {
 				c.ResponseError(err.Error())
 				return
 			}
-			c.ResponseOk(maskedOrganizations)
+			c.ResponseOk(organizations)
 		} else {
 			limit := util.ParseInt(limit)
 			count, err := object.GetOrganizationCount(owner, field, value)
@@ -93,13 +92,13 @@ func (c *ApiController) GetOrganizations() {
 // @router /get-organization [get]
 func (c *ApiController) GetOrganization() {
 	id := c.Input().Get("id")
-	maskedOrganization, err := object.GetMaskedOrganization(object.GetOrganization(id))
+	organization, err := object.GetMaskedOrganization(object.GetOrganization(id))
 	if err != nil {
 		c.ResponseError(err.Error())
 		return
 	}
 
-	c.ResponseOk(maskedOrganization)
+	c.ResponseOk(organization)
 }
 
 // UpdateOrganization ...
@@ -190,8 +189,8 @@ func (c *ApiController) GetDefaultApplication() {
 		return
 	}
 
-	maskedApplication := object.GetMaskedApplication(application, userId)
+	application = object.GetMaskedApplication(application, userId)
-	c.ResponseOk(maskedApplication)
+	c.ResponseOk(application)
 }
 
 // GetOrganizationNames ...

controllers/prometheus.go

@@ -20,7 +20,7 @@ import (
 
 // GetPrometheusInfo
 // @Title GetPrometheusInfo
-// @Tag Prometheus API
+// @Tag System API
 // @Description get Prometheus Info
 // @Success 200 {object} object.PrometheusInfo The Response object
 // @router /get-prometheus-info [get]

controllers/service.go

@@ -52,7 +52,7 @@ type NotificationForm struct {
 // @Param   clientSecret    query    string  true    "The clientSecret of the application"
 // @Param   from    body   controllers.EmailForm    true         "Details of the email request"
 // @Success 200 {object} controllers.Response The Response object
-// @router /api/send-email [post]
+// @router /send-email [post]
 func (c *ApiController) SendEmail() {
 	userId, ok := c.RequireSignedIn()
 	if !ok {
@@ -148,7 +148,7 @@ func (c *ApiController) SendEmail() {
 // @Param   clientSecret    query    string  true    "The clientSecret of the application"
 // @Param   from    body   controllers.SmsForm    true           "Details of the sms request"
 // @Success 200 {object} controllers.Response The Response object
-// @router /api/send-sms [post]
+// @router /send-sms [post]
 func (c *ApiController) SendSms() {
 	provider, err := c.GetProviderFromContext("SMS")
 	if err != nil {
@@ -186,7 +186,7 @@ func (c *ApiController) SendSms() {
 // @Description This API is not for Casdoor frontend to call, it is for Casdoor SDKs.
 // @Param   from    body   controllers.NotificationForm    true         "Details of the notification request"
 // @Success 200 {object} controllers.Response The Response object
-// @router /api/send-notification [post]
+// @router /send-notification [post]
 func (c *ApiController) SendNotification() {
 	provider, err := c.GetProviderFromContext("Notification")
 	if err != nil {

controllers/syncer.go

@@ -40,13 +40,13 @@ func (c *ApiController) GetSyncers() {
 	organization := c.Input().Get("organization")
 
 	if limit == "" || page == "" {
-		organizationSyncers, err := object.GetOrganizationSyncers(owner, organization)
+		syncers, err := object.GetMaskedSyncers(object.GetOrganizationSyncers(owner, organization))
 		if err != nil {
 			c.ResponseError(err.Error())
 			return
 		}
 
-		c.ResponseOk(organizationSyncers)
+		c.ResponseOk(syncers)
 	} else {
 		limit := util.ParseInt(limit)
 		count, err := object.GetSyncerCount(owner, organization, field, value)
@@ -56,7 +56,7 @@ func (c *ApiController) GetSyncers() {
 		}
 
 		paginator := pagination.SetPaginator(c.Ctx, limit, count)
-		syncers, err := object.GetPaginationSyncers(owner, organization, paginator.Offset(), limit, field, value, sortField, sortOrder)
+		syncers, err := object.GetMaskedSyncers(object.GetPaginationSyncers(owner, organization, paginator.Offset(), limit, field, value, sortField, sortOrder))
 		if err != nil {
 			c.ResponseError(err.Error())
 			return
@@ -76,7 +76,7 @@ func (c *ApiController) GetSyncers() {
 func (c *ApiController) GetSyncer() {
 	id := c.Input().Get("id")
 
-	syncer, err := object.GetSyncer(id)
+	syncer, err := object.GetMaskedSyncer(object.GetSyncer(id))
 	if err != nil {
 		c.ResponseError(err.Error())
 		return

controllers/token.go

@@ -156,7 +156,7 @@ func (c *ApiController) DeleteToken() {
 // @Success 200 {object} object.TokenWrapper The Response object
 // @Success 400 {object} object.TokenError The Response object
 // @Success 401 {object} object.TokenError The Response object
-// @router api/login/oauth/access_token [post]
+// @router /login/oauth/access_token [post]
 func (c *ApiController) GetOAuthToken() {
 	clientId := c.Input().Get("client_id")
 	clientSecret := c.Input().Get("client_secret")
@@ -273,6 +273,7 @@ func (c *ApiController) RefreshToken() {
 
 // IntrospectToken
 // @Title IntrospectToken
+// @Tag Login API
 // @Description The introspection endpoint is an OAuth 2.0 endpoint that takes a
 // parameter representing an OAuth 2.0 token and returns a JSON document
 // representing the meta information surrounding the

controllers/user.go

@@ -39,13 +39,13 @@ func (c *ApiController) GetGlobalUsers() {
 	sortOrder := c.Input().Get("sortOrder")
 
 	if limit == "" || page == "" {
-		maskedUsers, err := object.GetMaskedUsers(object.GetGlobalUsers())
+		users, err := object.GetMaskedUsers(object.GetGlobalUsers())
 		if err != nil {
 			c.ResponseError(err.Error())
 			return
 		}
 
-		c.ResponseOk(maskedUsers)
+		c.ResponseOk(users)
 	} else {
 		limit := util.ParseInt(limit)
 		count, err := object.GetGlobalUserCount(field, value)
@@ -90,22 +90,22 @@ func (c *ApiController) GetUsers() {
 
 	if limit == "" || page == "" {
 		if groupName != "" {
-			maskedUsers, err := object.GetMaskedUsers(object.GetGroupUsers(util.GetId(owner, groupName)))
+			users, err := object.GetMaskedUsers(object.GetGroupUsers(util.GetId(owner, groupName)))
 			if err != nil {
 				c.ResponseError(err.Error())
 				return
 			}
-			c.ResponseOk(maskedUsers)
+			c.ResponseOk(users)
 			return
 		}
 
-		maskedUsers, err := object.GetMaskedUsers(object.GetUsers(owner))
+		users, err := object.GetMaskedUsers(object.GetUsers(owner))
 		if err != nil {
 			c.ResponseError(err.Error())
 			return
 		}
 
-		c.ResponseOk(maskedUsers)
+		c.ResponseOk(users)
 	} else {
 		limit := util.ParseInt(limit)
 		count, err := object.GetUserCount(owner, field, value, groupName)
@@ -175,26 +175,6 @@ func (c *ApiController) GetUser() {
 			owner = util.GetOwnerFromId(id)
 		}
 
-		var organization *object.Organization
-		organization, err = object.GetOrganization(util.GetId("admin", owner))
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-		if organization == nil {
-			c.ResponseError(fmt.Sprintf("the organization: %s is not found", owner))
-			return
-		}
-
-		if !organization.IsProfilePublic {
-			requestUserId := c.GetSessionUsername()
-			hasPermission, err := object.CheckUserPermission(requestUserId, id, false, c.GetAcceptLanguage())
-			if !hasPermission {
-				c.ResponseError(err.Error())
-				return
-			}
-		}
-
 		switch {
 		case email != "":
 			user, err = object.GetUserByEmail(owner, email)
@@ -212,6 +192,29 @@ func (c *ApiController) GetUser() {
 		return
 	}
 
+	if user != nil {
+		var organization *object.Organization
+		organization, err = object.GetOrganizationByUser(user)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+		if organization == nil {
+			c.ResponseError(fmt.Sprintf("the organization: %s is not found", owner))
+			return
+		}
+
+		if !organization.IsProfilePublic {
+			requestUserId := c.GetSessionUsername()
+			var hasPermission bool
+			hasPermission, err = object.CheckUserPermission(requestUserId, user.GetId(), false, c.GetAcceptLanguage())
+			if !hasPermission {
+				c.ResponseError(err.Error())
+				return
+			}
+		}
+	}
+
 	if user != nil {
 		user.MultiFactorAuths = object.GetAllMfaProps(user, true)
 	}
@@ -223,13 +226,13 @@ func (c *ApiController) GetUser() {
 	}
 
 	isAdminOrSelf := c.IsAdminOrSelf(user)
-	maskedUser, err := object.GetMaskedUser(user, isAdminOrSelf)
+	user, err = object.GetMaskedUser(user, isAdminOrSelf)
 	if err != nil {
 		c.ResponseError(err.Error())
 		return
 	}
 
-	c.ResponseOk(maskedUser)
+	c.ResponseOk(user)
 }
 
 // UpdateUser
@@ -541,13 +544,13 @@ func (c *ApiController) GetSortedUsers() {
 	sorter := c.Input().Get("sorter")
 	limit := util.ParseInt(c.Input().Get("limit"))
 
-	maskedUsers, err := object.GetMaskedUsers(object.GetSortedUsers(owner, sorter, limit))
+	users, err := object.GetMaskedUsers(object.GetSortedUsers(owner, sorter, limit))
 	if err != nil {
 		c.ResponseError(err.Error())
 		return
 	}
 
-	c.ResponseOk(maskedUsers)
+	c.ResponseOk(users)
 }
 
 // GetUserCount

controllers/verification.go

@@ -109,6 +109,15 @@ func (c *ApiController) SendVerificationCode() {
 			c.ResponseError(err.Error())
 			return
 		}
+		if user == nil || user.IsDeleted {
+			c.ResponseError(c.T("verification:the user does not exist, please sign up first"))
+			return
+		}
+
+		if user.IsForbidden {
+			c.ResponseError(c.T("check:The user is forbidden to sign in, please contact the administrator"))
+			return
+		}
 	}
 
 	// mfaUserSession != "", means method is MfaAuthVerification
@@ -272,7 +281,7 @@ func (c *ApiController) VerifyCaptcha() {
 // ResetEmailOrPhone ...
 // @Tag Account API
 // @Title ResetEmailOrPhone
-// @router /api/reset-email-or-phone [post]
+// @router /reset-email-or-phone [post]
 // @Success 200 {object} object.Userinfo The Response object
 func (c *ApiController) ResetEmailOrPhone() {
 	user, ok := c.RequireSignedInUser()
@@ -367,7 +376,7 @@ func (c *ApiController) ResetEmailOrPhone() {
 // VerifyCode
 // @Tag Verification API
 // @Title VerifyCode
-// @router /api/verify-code [post]
+// @router /verify-code [post]
 // @Success 200 {object} object.Userinfo The Response object
 func (c *ApiController) VerifyCode() {
 	var authForm form.AuthForm

form/auth.go

@@ -14,6 +14,8 @@
 
 package form
 
+import "reflect"
+
 type AuthForm struct {
 	Type         string `json:"type"`
 	SigninMethod string `json:"signinMethod"`
@@ -60,3 +62,13 @@ type AuthForm struct {
 	Plan    string `json:"plan"`
 	Pricing string `json:"pricing"`
 }
+
+func GetAuthFormFieldValue(form *AuthForm, fieldName string) (bool, string) {
+	val := reflect.ValueOf(*form)
+	fieldValue := val.FieldByName(fieldName)
+
+	if fieldValue.IsValid() && fieldValue.Kind() == reflect.String {
+		return true, fieldValue.String()
+	}
+	return false, ""
+}

go.mod

@@ -12,7 +12,7 @@ require (
 	github.com/casdoor/go-sms-sender v0.19.0
 	github.com/casdoor/gomail/v2 v2.0.1
 	github.com/casdoor/notify v0.45.0
-	github.com/casdoor/oss v1.4.1
+	github.com/casdoor/oss v1.5.0
 	github.com/casdoor/xorm-adapter/v3 v3.1.0
 	github.com/casvisor/casvisor-go-sdk v1.0.3
 	github.com/dchest/captcha v0.0.0-20200903113550-03f5f0333e1f
@@ -35,7 +35,7 @@ require (
 	github.com/lestrrat-go/jwx v1.2.21
 	github.com/lib/pq v1.10.9
 	github.com/lor00x/goldap v0.0.0-20180618054307-a546dffdd1a3
-	github.com/markbates/goth v1.75.2
+	github.com/markbates/goth v1.78.0
 	github.com/mitchellh/mapstructure v1.5.0
 	github.com/nyaruka/phonenumbers v1.1.5
 	github.com/pquerna/otp v1.4.0

go.sum

@@ -1089,8 +1089,8 @@ github.com/casdoor/gomail/v2 v2.0.1 h1:J+FG6x80s9e5lBHUn8Sv0Y56mud34KiWih5YdmudR
 github.com/casdoor/gomail/v2 v2.0.1/go.mod h1:VnGPslEAtpix5FjHisR/WKB1qvZDBaujbikxDe9d+2Q=
 github.com/casdoor/notify v0.45.0 h1:OlaFvcQFjGOgA4mRx07M8AH1gvb5xNo21mcqrVGlLgk=
 github.com/casdoor/notify v0.45.0/go.mod h1:wNHQu0tiDROMBIvz0j3Om3Lhd5yZ+AIfnFb8MYb8OLQ=
-github.com/casdoor/oss v1.4.1 h1:/P2JCyGzB2TtpJ3LocKocI1VAme2YdvVau2wpMQGt7I=
+github.com/casdoor/oss v1.5.0 h1:mi1htaXR5fynskDry1S3wk+Dd2nRY1z1pVcnGsqMqP4=
-github.com/casdoor/oss v1.4.1/go.mod h1:rJAWA0hLhtu94t6IRpotLUkXO1NWMASirywQYaGizJE=
+github.com/casdoor/oss v1.5.0/go.mod h1:rJAWA0hLhtu94t6IRpotLUkXO1NWMASirywQYaGizJE=
 github.com/casdoor/xorm-adapter/v3 v3.1.0 h1:NodWayRtSLVSeCvL9H3Hc61k0G17KhV9IymTCNfh3kk=
 github.com/casdoor/xorm-adapter/v3 v3.1.0/go.mod h1:4WTcUw+bTgBylGHeGHzTtBvuTXRS23dtwzFLl9tsgFM=
 github.com/casvisor/casvisor-go-sdk v1.0.3 h1:TKJQWKnhtznEBhzLPEdNsp7nJK2GgdD8JsB0lFPMW7U=
@@ -1657,8 +1657,8 @@ github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czP
 github.com/mailgun/mailgun-go/v4 v4.11.0/go.mod h1:L9s941Lgk7iB3TgywTPz074pK2Ekkg4kgbnAaAyJ2z8=
 github.com/markbates/going v1.0.0 h1:DQw0ZP7NbNlFGcKbcE/IVSOAFzScxRtLpd0rLMzLhq0=
 github.com/markbates/going v1.0.0/go.mod h1:I6mnB4BPnEeqo85ynXIx1ZFLLbtiLHNXVgWeFO9OGOA=
-github.com/markbates/goth v1.75.2 h1:C7KloBMMk50JyXaHhzfqWYLW6+bDcSVIvUGHXneLWro=
+github.com/markbates/goth v1.78.0 h1:7VEIFDycJp9deyVv3YraGBPdD0ZYQW93Y3Aw1eVP3BY=
-github.com/markbates/goth v1.75.2/go.mod h1:X6xdNgpapSENS0O35iTBBcMHoJDQDfI9bJl+APCkYMc=
+github.com/markbates/goth v1.78.0/go.mod h1:X6xdNgpapSENS0O35iTBBcMHoJDQDfI9bJl+APCkYMc=
 github.com/matryer/is v1.2.0 h1:92UTHpy8CDwaJ08GqLDzhhuixiBUUD1p3AU6PHddz4A=
 github.com/matryer/is v1.2.0/go.mod h1:2fLPjFQM9rhQ15aVEtbuwhJinnOqrmgXPNdZsdwlWXA=
 github.com/mattermost/xml-roundtrip-validator v0.1.0 h1:RXbVD2UAl7A7nOTR4u7E3ILa4IbtvKBHw64LDsmu9hU=

i18n/locales/ar/data.json

@@ -38,7 +38,9 @@
     "Empty username.": "Empty username.",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
     "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
     "LDAP user name or password incorrect": "LDAP user name or password incorrect",
     "LastName cannot be blank": "LastName cannot be blank",
     "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@@ -46,10 +48,15 @@
     "Phone already exists": "Phone already exists",
     "Phone cannot be empty": "Phone cannot be empty",
     "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
     "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
     "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
     "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
     "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
     "Username already exists": "Username already exists",
     "Username cannot be an email address": "Username cannot be an email address",
     "Username cannot contain white spaces": "Username cannot contain white spaces",

i18n/locales/de/data.json

@@ -38,7 +38,9 @@
     "Empty username.": "Leerer Benutzername.",
     "FirstName cannot be blank": "Vorname darf nicht leer sein",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
     "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
     "LDAP user name or password incorrect": "Ldap Benutzername oder Passwort falsch",
     "LastName cannot be blank": "Nachname darf nicht leer sein",
     "Multiple accounts with same uid, please check your ldap server": "Mehrere Konten mit derselben uid, bitte überprüfen Sie Ihren LDAP-Server",
@@ -46,10 +48,15 @@
     "Phone already exists": "Telefon existiert bereits",
     "Phone cannot be empty": "Das Telefon darf nicht leer sein",
     "Phone number is invalid": "Die Telefonnummer ist ungültig",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
     "Session outdated, please login again": "Sitzung abgelaufen, bitte erneut anmelden",
+    "The invitation code has already been used": "The invitation code has already been used",
     "The user is forbidden to sign in, please contact the administrator": "Dem Benutzer ist der Zugang verboten, bitte kontaktieren Sie den Administrator",
     "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
     "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "Der Benutzername darf nur alphanumerische Zeichen, Unterstriche oder Bindestriche enthalten, keine aufeinanderfolgenden Bindestriche oder Unterstriche haben und darf nicht mit einem Bindestrich oder Unterstrich beginnen oder enden.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
     "Username already exists": "Benutzername existiert bereits",
     "Username cannot be an email address": "Benutzername kann keine E-Mail-Adresse sein",
     "Username cannot contain white spaces": "Benutzername darf keine Leerzeichen enthalten",

i18n/locales/en/data.json

@@ -38,7 +38,9 @@
     "Empty username.": "Empty username.",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
     "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
     "LDAP user name or password incorrect": "LDAP user name or password incorrect",
     "LastName cannot be blank": "LastName cannot be blank",
     "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@@ -46,10 +48,15 @@
     "Phone already exists": "Phone already exists",
     "Phone cannot be empty": "Phone cannot be empty",
     "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
     "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
     "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
     "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
     "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
     "Username already exists": "Username already exists",
     "Username cannot be an email address": "Username cannot be an email address",
     "Username cannot contain white spaces": "Username cannot contain white spaces",

i18n/locales/es/data.json

@@ -38,7 +38,9 @@
     "Empty username.": "Nombre de usuario vacío.",
     "FirstName cannot be blank": "El nombre no puede estar en blanco",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
     "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
     "LDAP user name or password incorrect": "Nombre de usuario o contraseña de Ldap incorrectos",
     "LastName cannot be blank": "El apellido no puede estar en blanco",
     "Multiple accounts with same uid, please check your ldap server": "Cuentas múltiples con el mismo uid, por favor revise su servidor ldap",
@@ -46,10 +48,15 @@
     "Phone already exists": "El teléfono ya existe",
     "Phone cannot be empty": "Teléfono no puede estar vacío",
     "Phone number is invalid": "El número de teléfono no es válido",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
     "Session outdated, please login again": "Sesión expirada, por favor vuelva a iniciar sesión",
+    "The invitation code has already been used": "The invitation code has already been used",
     "The user is forbidden to sign in, please contact the administrator": "El usuario no está autorizado a iniciar sesión, por favor contacte al administrador",
     "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
     "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "El nombre de usuario solo puede contener caracteres alfanuméricos, guiones bajos o guiones, no puede tener guiones o subrayados consecutivos, y no puede comenzar ni terminar con un guión o subrayado.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
     "Username already exists": "El nombre de usuario ya existe",
     "Username cannot be an email address": "Nombre de usuario no puede ser una dirección de correo electrónico",
     "Username cannot contain white spaces": "Nombre de usuario no puede contener espacios en blanco",

i18n/locales/fa/data.json

@@ -38,7 +38,9 @@
     "Empty username.": "Empty username.",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
     "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
     "LDAP user name or password incorrect": "LDAP user name or password incorrect",
     "LastName cannot be blank": "LastName cannot be blank",
     "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@@ -46,10 +48,15 @@
     "Phone already exists": "Phone already exists",
     "Phone cannot be empty": "Phone cannot be empty",
     "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
     "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
     "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
     "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
     "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
     "Username already exists": "Username already exists",
     "Username cannot be an email address": "Username cannot be an email address",
     "Username cannot contain white spaces": "Username cannot contain white spaces",

i18n/locales/fi/data.json

@@ -38,7 +38,9 @@
     "Empty username.": "Empty username.",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
     "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
     "LDAP user name or password incorrect": "LDAP user name or password incorrect",
     "LastName cannot be blank": "LastName cannot be blank",
     "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@@ -46,10 +48,15 @@
     "Phone already exists": "Phone already exists",
     "Phone cannot be empty": "Phone cannot be empty",
     "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
     "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
     "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
     "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
     "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
     "Username already exists": "Username already exists",
     "Username cannot be an email address": "Username cannot be an email address",
     "Username cannot contain white spaces": "Username cannot contain white spaces",

i18n/locales/fr/data.json

@@ -38,7 +38,9 @@
     "Empty username.": "Nom d'utilisateur vide.",
     "FirstName cannot be blank": "Le prénom ne peut pas être laissé vide",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
     "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
     "LDAP user name or password incorrect": "Nom d'utilisateur ou mot de passe LDAP incorrect",
     "LastName cannot be blank": "Le nom de famille ne peut pas être vide",
     "Multiple accounts with same uid, please check your ldap server": "Plusieurs comptes avec le même identifiant d'utilisateur, veuillez vérifier votre serveur LDAP",
@@ -46,10 +48,15 @@
     "Phone already exists": "Le téléphone existe déjà",
     "Phone cannot be empty": "Le téléphone ne peut pas être vide",
     "Phone number is invalid": "Le numéro de téléphone est invalide",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
     "Session outdated, please login again": "Session expirée, veuillez vous connecter à nouveau",
+    "The invitation code has already been used": "The invitation code has already been used",
     "The user is forbidden to sign in, please contact the administrator": "L'utilisateur est interdit de se connecter, veuillez contacter l'administrateur",
     "The user: %s doesn't exist in LDAP server": "L'utilisateur %s n'existe pas sur le serveur LDAP",
     "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "Le nom d'utilisateur ne peut contenir que des caractères alphanumériques, des traits soulignés ou des tirets, ne peut pas avoir de tirets ou de traits soulignés consécutifs et ne peut pas commencer ou se terminer par un tiret ou un trait souligné.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
     "Username already exists": "Nom d'utilisateur existe déjà",
     "Username cannot be an email address": "Nom d'utilisateur ne peut pas être une adresse e-mail",
     "Username cannot contain white spaces": "Nom d'utilisateur ne peut pas contenir d'espaces blancs",

i18n/locales/he/data.json

@@ -38,7 +38,9 @@
     "Empty username.": "Empty username.",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
     "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
     "LDAP user name or password incorrect": "LDAP user name or password incorrect",
     "LastName cannot be blank": "LastName cannot be blank",
     "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@@ -46,10 +48,15 @@
     "Phone already exists": "Phone already exists",
     "Phone cannot be empty": "Phone cannot be empty",
     "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
     "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
     "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
     "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
     "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
     "Username already exists": "Username already exists",
     "Username cannot be an email address": "Username cannot be an email address",
     "Username cannot contain white spaces": "Username cannot contain white spaces",

i18n/locales/id/data.json

@@ -38,7 +38,9 @@
     "Empty username.": "Nama pengguna kosong.",
     "FirstName cannot be blank": "Nama depan tidak boleh kosong",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
     "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
     "LDAP user name or password incorrect": "Nama pengguna atau kata sandi Ldap salah",
     "LastName cannot be blank": "Nama belakang tidak boleh kosong",
     "Multiple accounts with same uid, please check your ldap server": "Beberapa akun dengan uid yang sama, harap periksa server ldap Anda",
@@ -46,10 +48,15 @@
     "Phone already exists": "Telepon sudah ada",
     "Phone cannot be empty": "Telepon tidak boleh kosong",
     "Phone number is invalid": "Nomor telepon tidak valid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
     "Session outdated, please login again": "Sesi kedaluwarsa, silakan masuk lagi",
+    "The invitation code has already been used": "The invitation code has already been used",
     "The user is forbidden to sign in, please contact the administrator": "Pengguna dilarang masuk, silakan hubungi administrator",
     "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
     "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "Nama pengguna hanya bisa menggunakan karakter alfanumerik, garis bawah atau tanda hubung, tidak boleh memiliki dua tanda hubung atau garis bawah berurutan, dan tidak boleh diawali atau diakhiri dengan tanda hubung atau garis bawah.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
     "Username already exists": "Nama pengguna sudah ada",
     "Username cannot be an email address": "Username tidak bisa menjadi alamat email",
     "Username cannot contain white spaces": "Username tidak boleh mengandung spasi",

i18n/locales/it/data.json

@@ -38,7 +38,9 @@
     "Empty username.": "Empty username.",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
     "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
     "LDAP user name or password incorrect": "LDAP user name or password incorrect",
     "LastName cannot be blank": "LastName cannot be blank",
     "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@@ -46,10 +48,15 @@
     "Phone already exists": "Phone already exists",
     "Phone cannot be empty": "Phone cannot be empty",
     "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
     "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
     "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
     "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
     "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
     "Username already exists": "Username already exists",
     "Username cannot be an email address": "Username cannot be an email address",
     "Username cannot contain white spaces": "Username cannot contain white spaces",

i18n/locales/ja/data.json

@@ -38,7 +38,9 @@
     "Empty username.": "空のユーザー名。",
     "FirstName cannot be blank": "ファーストネームは空白にできません",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
     "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
     "LDAP user name or password incorrect": "Ldapのユーザー名またはパスワードが間違っています",
     "LastName cannot be blank": "姓は空白にできません",
     "Multiple accounts with same uid, please check your ldap server": "同じuidを持つ複数のアカウントがあります。あなたのLDAPサーバーを確認してください",
@@ -46,10 +48,15 @@
     "Phone already exists": "電話はすでに存在しています",
     "Phone cannot be empty": "電話は空っぽにできません",
     "Phone number is invalid": "電話番号が無効です",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
     "Session outdated, please login again": "セッションが期限切れになりました。再度ログインしてください",
+    "The invitation code has already been used": "The invitation code has already been used",
     "The user is forbidden to sign in, please contact the administrator": "ユーザーはサインインできません。管理者に連絡してください",
     "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
     "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "ユーザー名には英数字、アンダースコア、ハイフンしか含めることができません。連続したハイフンまたはアンダースコアは不可であり、ハイフンまたはアンダースコアで始まるまたは終わることもできません。",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
     "Username already exists": "ユーザー名はすでに存在しています",
     "Username cannot be an email address": "ユーザー名には電子メールアドレスを使用できません",
     "Username cannot contain white spaces": "ユーザ名にはスペースを含めることはできません",

i18n/locales/kk/data.json

@@ -38,7 +38,9 @@
     "Empty username.": "Empty username.",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
     "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
     "LDAP user name or password incorrect": "LDAP user name or password incorrect",
     "LastName cannot be blank": "LastName cannot be blank",
     "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@@ -46,10 +48,15 @@
     "Phone already exists": "Phone already exists",
     "Phone cannot be empty": "Phone cannot be empty",
     "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
     "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
     "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
     "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
     "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
     "Username already exists": "Username already exists",
     "Username cannot be an email address": "Username cannot be an email address",
     "Username cannot contain white spaces": "Username cannot contain white spaces",

i18n/locales/ko/data.json

@@ -38,7 +38,9 @@
     "Empty username.": "빈 사용자 이름.",
     "FirstName cannot be blank": "이름은 공백일 수 없습니다",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
     "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
     "LDAP user name or password incorrect": "LDAP 사용자 이름 또는 암호가 잘못되었습니다",
     "LastName cannot be blank": "성은 비어 있을 수 없습니다",
     "Multiple accounts with same uid, please check your ldap server": "동일한 UID를 가진 여러 계정이 있습니다. LDAP 서버를 확인해주세요",
@@ -46,10 +48,15 @@
     "Phone already exists": "전화기는 이미 존재합니다",
     "Phone cannot be empty": "전화는 비워 둘 수 없습니다",
     "Phone number is invalid": "전화번호가 유효하지 않습니다",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
     "Session outdated, please login again": "세션이 만료되었습니다. 다시 로그인해주세요",
+    "The invitation code has already been used": "The invitation code has already been used",
     "The user is forbidden to sign in, please contact the administrator": "사용자는 로그인이 금지되어 있습니다. 관리자에게 문의하십시오",
     "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
     "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "사용자 이름은 알파벳, 숫자, 밑줄 또는 하이픈만 포함할 수 있으며, 연속된 하이픈 또는 밑줄을 가질 수 없으며, 하이픈 또는 밑줄로 시작하거나 끝날 수 없습니다.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
     "Username already exists": "사용자 이름이 이미 존재합니다",
     "Username cannot be an email address": "사용자 이름은 이메일 주소가 될 수 없습니다",
     "Username cannot contain white spaces": "사용자 이름에는 공백이 포함될 수 없습니다",

i18n/locales/ms/data.json

@@ -38,7 +38,9 @@
     "Empty username.": "Empty username.",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
     "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
     "LDAP user name or password incorrect": "LDAP user name or password incorrect",
     "LastName cannot be blank": "LastName cannot be blank",
     "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@@ -46,10 +48,15 @@
     "Phone already exists": "Phone already exists",
     "Phone cannot be empty": "Phone cannot be empty",
     "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
     "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
     "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
     "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
     "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
     "Username already exists": "Username already exists",
     "Username cannot be an email address": "Username cannot be an email address",
     "Username cannot contain white spaces": "Username cannot contain white spaces",

i18n/locales/nl/data.json

@@ -38,7 +38,9 @@
     "Empty username.": "Empty username.",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
     "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
     "LDAP user name or password incorrect": "LDAP user name or password incorrect",
     "LastName cannot be blank": "LastName cannot be blank",
     "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@@ -46,10 +48,15 @@
     "Phone already exists": "Phone already exists",
     "Phone cannot be empty": "Phone cannot be empty",
     "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
     "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
     "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
     "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
     "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
     "Username already exists": "Username already exists",
     "Username cannot be an email address": "Username cannot be an email address",
     "Username cannot contain white spaces": "Username cannot contain white spaces",

i18n/locales/pl/data.json

@@ -38,7 +38,9 @@
     "Empty username.": "Empty username.",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
     "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
     "LDAP user name or password incorrect": "LDAP user name or password incorrect",
     "LastName cannot be blank": "LastName cannot be blank",
     "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@@ -46,10 +48,15 @@
     "Phone already exists": "Phone already exists",
     "Phone cannot be empty": "Phone cannot be empty",
     "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
     "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
     "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
     "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
     "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
     "Username already exists": "Username already exists",
     "Username cannot be an email address": "Username cannot be an email address",
     "Username cannot contain white spaces": "Username cannot contain white spaces",

i18n/locales/pt/data.json

@@ -1,18 +1,18 @@
 {
   "account": {
-    "Failed to add user": "Failed to add user",
+    "Failed to add user": "Falha ao adicionar usuário",
-    "Get init score failed, error: %w": "Get init score failed, error: %w",
+    "Get init score failed, error: %w": "Obter pontuação inicial falhou, erro: %w",
-    "Please sign out first": "Please sign out first",
+    "Please sign out first": "Por favor, saia da sessão primeiro",
-    "The application does not allow to sign up new account": "The application does not allow to sign up new account"
+    "The application does not allow to sign up new account": "O aplicativo não permite a criação de uma nova conta"
   },
   "auth": {
-    "Challenge method should be S256": "Challenge method should be S256",
+    "Challenge method should be S256": "Método de desafio deve ser S256",
-    "Failed to create user, user information is invalid: %s": "Failed to create user, user information is invalid: %s",
+    "Failed to create user, user information is invalid: %s": "Falha ao criar usuário, informação do usuário inválida: %s",
-    "Failed to login in: %s": "Failed to login in: %s",
+    "Failed to login in: %s": "Falha ao entrar em: %s",
-    "Invalid token": "Invalid token",
+    "Invalid token": "Token inválido",
-    "State expected: %s, but got: %s": "State expected: %s, but got: %s",
+    "State expected: %s, but got: %s": "Estado esperado: %s, mas recebeu: %s",
-    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up",
+    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account via %%s, please use another way to sign up": "A conta para o provedor: %s e nome de usuário: %s (%s) não existe e não é permitido inscrever-se como uma nova conta via %%s, por favor, use outra forma de se inscrever",
-    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support",
+    "The account for provider: %s and username: %s (%s) does not exist and is not allowed to sign up as new account, please contact your IT support": "A conta para o provedor: %s e nome de usuário: %s (%s) não existe e não é permitido inscrever-se como uma nova conta entre em contato com seu suporte de TI",
     "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)": "The account for provider: %s and username: %s (%s) is already linked to another account: %s (%s)",
     "The application: %s does not exist": "The application: %s does not exist",
     "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
@@ -38,7 +38,9 @@
     "Empty username.": "Empty username.",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
     "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
     "LDAP user name or password incorrect": "LDAP user name or password incorrect",
     "LastName cannot be blank": "LastName cannot be blank",
     "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@@ -46,19 +48,24 @@
     "Phone already exists": "Phone already exists",
     "Phone cannot be empty": "Phone cannot be empty",
     "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
     "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
     "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
     "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
     "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
     "Username already exists": "Username already exists",
     "Username cannot be an email address": "Username cannot be an email address",
     "Username cannot contain white spaces": "Username cannot contain white spaces",
-    "Username cannot start with a digit": "Username cannot start with a digit",
+    "Username cannot start with a digit": "O nome de usuário não pode começar com um dígito",
-    "Username is too long (maximum is 39 characters).": "Username is too long (maximum is 39 characters).",
+    "Username is too long (maximum is 39 characters).": "Nome de usuário é muito longo (máximo é 39 caracteres).",
-    "Username must have at least 2 characters": "Username must have at least 2 characters",
+    "Username must have at least 2 characters": "Nome de usuário deve ter pelo menos 2 caracteres",
     "You have entered the wrong password or code too many times, please wait for %d minutes and try again": "You have entered the wrong password or code too many times, please wait for %d minutes and try again",
     "Your region is not allow to signup by phone": "Your region is not allow to signup by phone",
-    "password or code is incorrect": "password or code is incorrect",
+    "password or code is incorrect": "senha ou código incorreto",
     "password or code is incorrect, you have %d remaining chances": "password or code is incorrect, you have %d remaining chances",
     "unsupported password type: %s": "unsupported password type: %s"
   },
@@ -82,15 +89,15 @@
   },
   "organization": {
     "Only admin can modify the %s.": "Only admin can modify the %s.",
-    "The %s is immutable.": "The %s is immutable.",
+    "The %s is immutable.": "O %s é imutável.",
-    "Unknown modify rule %s.": "Unknown modify rule %s."
+    "Unknown modify rule %s.": "Regra de modificação %s desconhecida."
   },
   "provider": {
-    "Invalid application id": "Invalid application id",
+    "Invalid application id": "Id do aplicativo inválido",
-    "the provider: %s does not exist": "the provider: %s does not exist"
+    "the provider: %s does not exist": "o provedor: %s não existe"
   },
   "resource": {
-    "User is nil for tag: avatar": "User is nil for tag: avatar",
+    "User is nil for tag: avatar": "Usuário é nulo para tag: avatar",
     "Username or fullFilePath is empty: username = %s, fullFilePath = %s": "Username or fullFilePath is empty: username = %s, fullFilePath = %s"
   },
   "saml": {
@@ -109,19 +116,19 @@
     "The provider type: %s is not supported": "The provider type: %s is not supported"
   },
   "token": {
-    "Empty clientId or clientSecret": "Empty clientId or clientSecret",
+    "Empty clientId or clientSecret": "ClientId ou clientSecret vazio",
     "Grant_type: %s is not supported in this application": "Grant_type: %s is not supported in this application",
-    "Invalid application or wrong clientSecret": "Invalid application or wrong clientSecret",
+    "Invalid application or wrong clientSecret": "Aplicativo inválido ou clientSecret errado",
-    "Invalid client_id": "Invalid client_id",
+    "Invalid client_id": "client_id inválido",
-    "Redirect URI: %s doesn't exist in the allowed Redirect URI list": "Redirect URI: %s doesn't exist in the allowed Redirect URI list",
+    "Redirect URI: %s doesn't exist in the allowed Redirect URI list": "URI de redirecionamento: %s não existe na lista de URI de redirecionamento permitida",
-    "Token not found, invalid accessToken": "Token not found, invalid accessToken"
+    "Token not found, invalid accessToken": "Token não encontrado, token de acesso inválido"
   },
   "user": {
-    "Display name cannot be empty": "Display name cannot be empty",
+    "Display name cannot be empty": "Nome de exibição não pode ser vazio",
     "New password cannot contain blank space.": "New password cannot contain blank space."
   },
   "user_upload": {
-    "Failed to import users": "Failed to import users"
+    "Failed to import users": "Falha ao importar usuários"
   },
   "util": {
     "No application is found for userId: %s": "No application is found for userId: %s",

i18n/locales/ru/data.json

@@ -6,7 +6,7 @@
     "The application does not allow to sign up new account": "Приложение не позволяет зарегистрироваться новому аккаунту"
   },
   "auth": {
-    "Challenge method should be S256": "Метод испытаний должен быть S256",
+    "Challenge method should be S256": "Метод проверки должен быть S256",
     "Failed to create user, user information is invalid: %s": "Не удалось создать пользователя, информация о пользователе недействительна: %s",
     "Failed to login in: %s": "Не удалось войти в систему: %s",
     "Invalid token": "Недействительный токен",
@@ -22,7 +22,7 @@
     "The provider: %s is not enabled for the application": "Провайдер: %s не включен для приложения",
     "Unauthorized operation": "Несанкционированная операция",
     "Unknown authentication type (not password or provider), form = %s": "Неизвестный тип аутентификации (не пароль и не провайдер), форма = %s",
-    "User's tag: %s is not listed in the application's tags": "User's tag: %s is not listed in the application's tags",
+    "User's tag: %s is not listed in the application's tags": "Тег пользователя: %s не указан в тэгах приложения",
     "paid-user %s does not have active or pending subscription and the application: %s does not have default pricing": "paid-user %s does not have active or pending subscription and the application: %s does not have default pricing"
   },
   "cas": {
@@ -38,7 +38,9 @@
     "Empty username.": "Пустое имя пользователя.",
     "FirstName cannot be blank": "Имя не может быть пустым",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
     "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
     "LDAP user name or password incorrect": "Неправильное имя пользователя или пароль Ldap",
     "LastName cannot be blank": "Фамилия не может быть пустой",
     "Multiple accounts with same uid, please check your ldap server": "Множественные учетные записи с тем же UID. Пожалуйста, проверьте свой сервер LDAP",
@@ -46,10 +48,15 @@
     "Phone already exists": "Телефон уже существует",
     "Phone cannot be empty": "Телефон не может быть пустым",
     "Phone number is invalid": "Номер телефона является недействительным",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
     "Session outdated, please login again": "Сессия устарела, пожалуйста, войдите снова",
+    "The invitation code has already been used": "The invitation code has already been used",
     "The user is forbidden to sign in, please contact the administrator": "Пользователю запрещен вход, пожалуйста, обратитесь к администратору",
-    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
+    "The user: %s doesn't exist in LDAP server": "Пользователь %s не существует на LDAP сервере",
     "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "Имя пользователя может состоять только из буквенно-цифровых символов, нижних подчеркиваний или дефисов, не может содержать последовательные дефисы или подчеркивания, а также не может начинаться или заканчиваться на дефис или подчеркивание.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
     "Username already exists": "Имя пользователя уже существует",
     "Username cannot be an email address": "Имя пользователя не может быть адресом электронной почты",
     "Username cannot contain white spaces": "Имя пользователя не может содержать пробелы",
@@ -58,7 +65,7 @@
     "Username must have at least 2 characters": "Имя пользователя должно содержать не менее 2 символов",
     "You have entered the wrong password or code too many times, please wait for %d minutes and try again": "Вы ввели неправильный пароль или код слишком много раз, пожалуйста, подождите %d минут и попробуйте снова",
     "Your region is not allow to signup by phone": "Ваш регион не разрешает регистрацию по телефону",
-    "password or code is incorrect": "password or code is incorrect",
+    "password or code is incorrect": "неправильный пароль или код",
     "password or code is incorrect, you have %d remaining chances": "Неправильный пароль или код, у вас осталось %d попыток",
     "unsupported password type: %s": "неподдерживаемый тип пароля: %s"
   },
@@ -66,8 +73,8 @@
     "Missing parameter": "Отсутствующий параметр",
     "Please login first": "Пожалуйста, сначала войдите в систему",
     "The user: %s doesn't exist": "Пользователь %s не существует",
-    "don't support captchaProvider: ": "не поддерживайте captchaProvider:",
+    "don't support captchaProvider: ": "неподдерживаемый captchaProvider: ",
-    "this operation is not allowed in demo mode": "this operation is not allowed in demo mode"
+    "this operation is not allowed in demo mode": "эта операция не разрешена в демо-режиме"
   },
   "ldap": {
     "Ldap server exist": "LDAP-сервер существует"
@@ -106,7 +113,7 @@
   },
   "storage": {
     "The objectKey: %s is not allowed": "Объект «objectKey: %s» не разрешен",
-    "The provider type: %s is not supported": "Тип поставщика: %s не поддерживается"
+    "The provider type: %s is not supported": "Тип провайдера: %s не поддерживается"
   },
   "token": {
     "Empty clientId or clientSecret": "Пустой идентификатор клиента или секрет клиента",
@@ -125,7 +132,7 @@
   },
   "util": {
     "No application is found for userId: %s": "Не найдено заявки для пользователя с идентификатором: %s",
-    "No provider for category: %s is found for application: %s": "Нет поставщика для категории: %s для приложения: %s",
+    "No provider for category: %s is found for application: %s": "Нет провайдера для категории: %s для приложения: %s",
     "The provider: %s is not found": "Поставщик: %s не найден"
   },
   "verification": {

i18n/locales/sv/data.json

@@ -38,7 +38,9 @@
     "Empty username.": "Empty username.",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
     "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
     "LDAP user name or password incorrect": "LDAP user name or password incorrect",
     "LastName cannot be blank": "LastName cannot be blank",
     "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@@ -46,10 +48,15 @@
     "Phone already exists": "Phone already exists",
     "Phone cannot be empty": "Phone cannot be empty",
     "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
     "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
     "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
     "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
     "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
     "Username already exists": "Username already exists",
     "Username cannot be an email address": "Username cannot be an email address",
     "Username cannot contain white spaces": "Username cannot contain white spaces",

i18n/locales/tr/data.json

@@ -38,27 +38,34 @@
     "Empty username.": "Empty username.",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
     "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
     "LDAP user name or password incorrect": "LDAP user name or password incorrect",
     "LastName cannot be blank": "LastName cannot be blank",
     "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
     "Organization does not exist": "Organization does not exist",
-    "Phone already exists": "Phone already exists",
+    "Phone already exists": "Telefon numarası zaten mevcut",
-    "Phone cannot be empty": "Phone cannot be empty",
+    "Phone cannot be empty": "Telefon numarası boş olamaz",
-    "Phone number is invalid": "Phone number is invalid",
+    "Phone number is invalid": "Telefon numarası geçersiz",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
     "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
     "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
     "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
     "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
-    "Username already exists": "Username already exists",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
-    "Username cannot be an email address": "Username cannot be an email address",
+    "Username already exists": "Kullanıcı adı zaten var",
-    "Username cannot contain white spaces": "Username cannot contain white spaces",
+    "Username cannot be an email address": "Kullanıcı adı bir e-mail adresi olamaz",
-    "Username cannot start with a digit": "Username cannot start with a digit",
+    "Username cannot contain white spaces": "Kullanıcı adı boşluk karakteri içeremez",
-    "Username is too long (maximum is 39 characters).": "Username is too long (maximum is 39 characters).",
+    "Username cannot start with a digit": "Kullanıcı adı rakamla başlayamaz",
-    "Username must have at least 2 characters": "Username must have at least 2 characters",
+    "Username is too long (maximum is 39 characters).": "Kullanıcı adı çok uzun (en fazla 39 karakter olmalı).",
-    "You have entered the wrong password or code too many times, please wait for %d minutes and try again": "You have entered the wrong password or code too many times, please wait for %d minutes and try again",
+    "Username must have at least 2 characters": "Kullanıcı adı en az iki karakterden oluşmalı",
+    "You have entered the wrong password or code too many times, please wait for %d minutes and try again": "Çok fazla hatalı şifre denemesi yaptınız.  %d dakika kadar bekleyip yeniden giriş yapmayı deneyebilirsiniz.",
     "Your region is not allow to signup by phone": "Your region is not allow to signup by phone",
-    "password or code is incorrect": "password or code is incorrect",
+    "password or code is incorrect": "şifre veya kod hatalı",
     "password or code is incorrect, you have %d remaining chances": "password or code is incorrect, you have %d remaining chances",
     "unsupported password type: %s": "unsupported password type: %s"
   },
@@ -117,8 +124,8 @@
     "Token not found, invalid accessToken": "Token not found, invalid accessToken"
   },
   "user": {
-    "Display name cannot be empty": "Display name cannot be empty",
+    "Display name cannot be empty": "Görünen ad boş olamaz",
-    "New password cannot contain blank space.": "New password cannot contain blank space."
+    "New password cannot contain blank space.": "Yeni şifreniz boşluk karakteri içeremez."
   },
   "user_upload": {
     "Failed to import users": "Failed to import users"
@@ -131,7 +138,7 @@
   "verification": {
     "Code has not been sent yet!": "Code has not been sent yet!",
     "Invalid captcha provider.": "Invalid captcha provider.",
-    "Phone number is invalid in your region %s": "Phone number is invalid in your region %s",
+    "Phone number is invalid in your region %s": "Telefon numaranızın bulunduğu bölgeye hizmet veremiyoruz",
     "Turing test failed.": "Turing test failed.",
     "Unable to get the email modify rule.": "Unable to get the email modify rule.",
     "Unable to get the phone modify rule.": "Unable to get the phone modify rule.",

i18n/locales/uk/data.json

@@ -38,7 +38,9 @@
     "Empty username.": "Empty username.",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
     "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
     "LDAP user name or password incorrect": "LDAP user name or password incorrect",
     "LastName cannot be blank": "LastName cannot be blank",
     "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@@ -46,10 +48,15 @@
     "Phone already exists": "Phone already exists",
     "Phone cannot be empty": "Phone cannot be empty",
     "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
     "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
     "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
     "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
     "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
     "Username already exists": "Username already exists",
     "Username cannot be an email address": "Username cannot be an email address",
     "Username cannot contain white spaces": "Username cannot contain white spaces",

i18n/locales/vi/data.json

@@ -38,7 +38,9 @@
     "Empty username.": "Tên đăng nhập trống.",
     "FirstName cannot be blank": "Tên không được để trống",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
     "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
     "LDAP user name or password incorrect": "Tên người dùng hoặc mật khẩu Ldap không chính xác",
     "LastName cannot be blank": "Họ không thể để trống",
     "Multiple accounts with same uid, please check your ldap server": "Nhiều tài khoản với cùng một uid, vui lòng kiểm tra máy chủ ldap của bạn",
@@ -46,10 +48,15 @@
     "Phone already exists": "Điện thoại đã tồn tại",
     "Phone cannot be empty": "Điện thoại không thể để trống",
     "Phone number is invalid": "Số điện thoại không hợp lệ",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
     "Session outdated, please login again": "Phiên làm việc hết hạn, vui lòng đăng nhập lại",
+    "The invitation code has already been used": "The invitation code has already been used",
     "The user is forbidden to sign in, please contact the administrator": "Người dùng bị cấm đăng nhập, vui lòng liên hệ với quản trị viên",
     "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
     "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "Tên người dùng chỉ có thể chứa các ký tự chữ và số, gạch dưới hoặc gạch ngang, không được có hai ký tự gạch dưới hoặc gạch ngang liền kề và không được bắt đầu hoặc kết thúc bằng dấu gạch dưới hoặc gạch ngang.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
     "Username already exists": "Tên đăng nhập đã tồn tại",
     "Username cannot be an email address": "Tên người dùng không thể là địa chỉ email",
     "Username cannot contain white spaces": "Tên người dùng không thể chứa khoảng trắng",

i18n/locales/zh/data.json

@@ -38,7 +38,9 @@
     "Empty username.": "用户名不可为空",
     "FirstName cannot be blank": "名不可以为空",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "邀请码使用次数已耗尽",
     "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "邀请码已被禁止使用",
     "LDAP user name or password incorrect": "LDAP密码错误",
     "LastName cannot be blank": "姓不可以为空",
     "Multiple accounts with same uid, please check your ldap server": "多个帐户具有相同的uid，请检查您的 LDAP 服务器",
@@ -46,10 +48,15 @@
     "Phone already exists": "该手机号已存在",
     "Phone cannot be empty": "手机号不可为空",
     "Phone number is invalid": "无效手机号",
+    "Please register using the email corresponding to the invitation code": "请使用邀请码关联的邮箱注册",
+    "Please register using the phone  corresponding to the invitation code": "请使用邀请码关联的手机号注册",
+    "Please register using the username corresponding to the invitation code": "请使用邀请码关联的用户名注册",
     "Session outdated, please login again": "会话已过期，请重新登录",
+    "The invitation code has already been used": "邀请码已被使用",
     "The user is forbidden to sign in, please contact the administrator": "该用户被禁止登录，请联系管理员",
     "The user: %s doesn't exist in LDAP server": "用户: %s 在LDAP服务器中未找到",
     "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "用户名只能包含字母数字字符、下划线或连字符，不能有连续的连字符或下划线，也不能以连字符或下划线开头或结尾",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "值\\\"%s\\\"在注册字段\\\"%s\\\"中与应用\\\"%s\\\"的注册项正则表达式不匹配",
     "Username already exists": "用户名已存在",
     "Username cannot be an email address": "用户名不可以是邮箱地址",
     "Username cannot contain white spaces": "用户名禁止包含空格",

idp/lark.go

@@ -16,6 +16,7 @@ package idp
 
 import (
 	"encoding/json"
+	"fmt"
 	"io"
 	"net/http"
 	"strings"
@@ -82,13 +83,22 @@ func (idp *LarkIdProvider) GetToken(code string) (*oauth2.Token, error) {
 		AppID     string `json:"app_id"`
 		AppSecret string `json:"app_secret"`
 	}{idp.Config.ClientID, idp.Config.ClientSecret}
+
 	data, err := idp.postWithBody(params, idp.Config.Endpoint.TokenURL)
+	if err != nil {
+		return nil, err
+	}
 
 	appToken := &LarkAccessToken{}
-	if err = json.Unmarshal(data, appToken); err != nil || appToken.Code != 0 {
+	err = json.Unmarshal(data, appToken)
+	if err != nil {
 		return nil, err
 	}
 
+	if appToken.Code != 0 {
+		return nil, fmt.Errorf("GetToken() error, appToken.Code: %d, appToken.Msg: %s", appToken.Code, appToken.Msg)
+	}
+
 	t := &oauth2.Token{
 		AccessToken: appToken.TenantAccessToken,
 		TokenType:   "Bearer",
@@ -98,7 +108,6 @@ func (idp *LarkIdProvider) GetToken(code string) (*oauth2.Token, error) {
 	raw := make(map[string]interface{})
 	raw["code"] = code
 	t = t.WithExtra(raw)
-
 	return t, nil
 }
 
@@ -159,11 +168,17 @@ func (idp *LarkIdProvider) GetUserInfo(token *oauth2.Token) (*UserInfo, error) {
 		GrantType string `json:"grant_type"`
 		Code      string `json:"code"`
 	}{"authorization_code", token.Extra("code").(string)}
-	data, _ := json.Marshal(body)
+
+	data, err := json.Marshal(body)
+	if err != nil {
+		return nil, err
+	}
+
 	req, err := http.NewRequest("POST", "https://open.feishu.cn/open-apis/authen/v1/access_token", strings.NewReader(string(data)))
 	if err != nil {
 		return nil, err
 	}
+
 	req.Header.Set("Content-Type", "application/json;charset=UTF-8")
 	req.Header.Set("Authorization", "Bearer "+token.AccessToken)
 
@@ -171,6 +186,7 @@ func (idp *LarkIdProvider) GetUserInfo(token *oauth2.Token) (*UserInfo, error) {
 	if err != nil {
 		return nil, err
 	}
+
 	defer resp.Body.Close()
 	data, err = io.ReadAll(resp.Body)
 	if err != nil {
@@ -178,7 +194,8 @@ func (idp *LarkIdProvider) GetUserInfo(token *oauth2.Token) (*UserInfo, error) {
 	}
 
 	var larkUserInfo LarkUserInfo
-	if err = json.Unmarshal(data, &larkUserInfo); err != nil {
+	err = json.Unmarshal(data, &larkUserInfo)
+	if err != nil {
 		return nil, err
 	}
 
@@ -189,7 +206,6 @@ func (idp *LarkIdProvider) GetUserInfo(token *oauth2.Token) (*UserInfo, error) {
 		Email:       larkUserInfo.Data.Email,
 		AvatarUrl:   larkUserInfo.Data.AvatarUrl,
 	}
-
 	return &userInfo, nil
 }
 
@@ -198,21 +214,23 @@ func (idp *LarkIdProvider) postWithBody(body interface{}, url string) ([]byte, e
 	if err != nil {
 		return nil, err
 	}
+
 	r := strings.NewReader(string(bs))
 	resp, err := idp.Client.Post(url, "application/json;charset=UTF-8", r)
 	if err != nil {
 		return nil, err
 	}
+
 	data, err := io.ReadAll(resp.Body)
 	if err != nil {
 		return nil, err
 	}
+
 	defer func(Body io.ReadCloser) {
 		err := Body.Close()
 		if err != nil {
 			return
 		}
 	}(resp.Body)
-
 	return data, nil
 }

idp/provider.go

@@ -119,6 +119,8 @@ func GetIdProvider(idpInfo *ProviderInfo, redirectUrl string) (IdProvider, error
 		return NewMetaMaskIdProvider(), nil
 	case "Web3Onboard":
 		return NewWeb3OnboardIdProvider(), nil
+	case "Twitter":
+		return NewTwitterIdProvider(idpInfo.ClientId, idpInfo.ClientSecret, redirectUrl), nil
 	default:
 		if isGothSupport(idpInfo.Type) {
 			return NewGothIdProvider(idpInfo.Type, idpInfo.ClientId, idpInfo.ClientSecret, idpInfo.ClientId2, idpInfo.ClientSecret2, redirectUrl, idpInfo.HostUrl)
@@ -171,7 +173,6 @@ var gothList = []string{
 	"TikTok",
 	"Tumblr",
 	"Twitch",
-	"Twitter",
 	"Typetalk",
 	"Uber",
 	"VK",

idp/twitter.go

@@ -0,0 +1,190 @@
+// Copyright 2021 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package idp
+
+import (
+	"bytes"
+	"encoding/base64"
+	"encoding/json"
+	"io"
+	"net/http"
+	"net/url"
+	"strings"
+	"time"
+
+	"golang.org/x/oauth2"
+)
+
+type TwitterIdProvider struct {
+	Client *http.Client
+	Config *oauth2.Config
+}
+
+func NewTwitterIdProvider(clientId string, clientSecret string, redirectUrl string) *TwitterIdProvider {
+	idp := &TwitterIdProvider{}
+
+	config := idp.getConfig(clientId, clientSecret, redirectUrl)
+	idp.Config = config
+
+	return idp
+}
+
+func (idp *TwitterIdProvider) SetHttpClient(client *http.Client) {
+	idp.Client = client
+}
+
+// getConfig return a point of Config, which describes a typical 3-legged OAuth2 flow
+func (idp *TwitterIdProvider) getConfig(clientId string, clientSecret string, redirectUrl string) *oauth2.Config {
+	endpoint := oauth2.Endpoint{
+		TokenURL: "https://api.twitter.com/2/oauth2/token",
+	}
+
+	config := &oauth2.Config{
+		Scopes:       []string{"users.read", "tweet.read"},
+		Endpoint:     endpoint,
+		ClientID:     clientId,
+		ClientSecret: clientSecret,
+		RedirectURL:  redirectUrl,
+	}
+
+	return config
+}
+
+type TwitterAccessToken struct {
+	AccessToken string `json:"access_token"` // Interface call credentials
+	TokenType   string `json:"token_type"`   // Access token type
+	ExpiresIn   int64  `json:"expires_in"`   // access_token interface call credential timeout time, unit (seconds)
+}
+
+type TwitterCheckToken struct {
+	Data TwitterUserInfo `json:"data"`
+}
+
+// TwitterCheckTokenData
+// Get more detail via: https://developers.Twitter.com/docs/Twitter-login/guides/advanced/manual-flow#checktoken
+type TwitterCheckTokenData struct {
+	UserId string `json:"user_id"`
+}
+
+// GetToken use code get access_token (*operation of getting code ought to be done in front)
+// get more detail via: https://developers.Twitter.com/docs/Twitter-login/guides/advanced/manual-flow#confirm
+func (idp *TwitterIdProvider) GetToken(code string) (*oauth2.Token, error) {
+	params := url.Values{}
+	// params.Add("client_id", idp.Config.ClientID)
+	params.Add("redirect_uri", idp.Config.RedirectURL)
+	params.Add("code_verifier", "casdoor-verifier")
+	params.Add("code", code)
+	params.Add("grant_type", "authorization_code")
+	req, err := http.NewRequest("POST", "https://api.twitter.com/2/oauth2/token", strings.NewReader(params.Encode()))
+	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
+	e := base64.StdEncoding.EncodeToString([]byte(idp.Config.ClientID + ":" + idp.Config.ClientSecret))
+	req.Header.Add("Authorization", "Basic "+e)
+	accessTokenResp, err := idp.GetUrlResp(req)
+	var TwitterAccessToken TwitterAccessToken
+	if err = json.Unmarshal([]byte(accessTokenResp), &TwitterAccessToken); err != nil {
+		return nil, err
+	}
+
+	token := oauth2.Token{
+		AccessToken: TwitterAccessToken.AccessToken,
+		TokenType:   TwitterAccessToken.TokenType,
+		Expiry:      time.Time{},
+	}
+
+	return &token, nil
+}
+
+//{
+//    "id": "123456789",
+//    "name": "Example Name",
+//    "name_format": "{first} {last}",
+//    "picture": {
+//        "data": {
+//            "height": 50,
+//            "is_silhouette": false,
+//            "url": "https://example.com",
+//            "width": 50
+//        }
+//    },
+//    "email": "test@example.com"
+//}
+
+type TwitterUserInfo struct {
+	Id       string   `json:"id"`       // The app user's App-Scoped User ID. This ID is unique to the app and cannot be used by other apps.
+	Name     string   `json:"name"`     // The person's full name.
+	UserName string   `json:"username"` // The person's name formatted to correctly handle Chinese, Japanese, or Korean ordering.
+	Picture  struct { // The person's profile picture.
+		Data struct { // This struct is different as https://developers.Twitter.com/docs/graph-api/reference/user/picture/
+			Height       int    `json:"height"`
+			IsSilhouette bool   `json:"is_silhouette"`
+			Url          string `json:"url"`
+			Width        int    `json:"width"`
+		} `json:"data"`
+	} `json:"picture"`
+	Email string `json:"email"` // The User's primary email address listed on their profile. This field will not be returned if no valid email address is available.
+}
+
+// GetUserInfo use TwitterAccessToken gotten before return TwitterUserInfo
+// get more detail via: https://developers.Twitter.com/docs/graph-api/reference/user
+func (idp *TwitterIdProvider) GetUserInfo(token *oauth2.Token) (*UserInfo, error) {
+	var TwitterUserInfo TwitterUserInfo
+	// accessToken := token.AccessToken
+
+	req, err := http.NewRequest("GET", "https://api.twitter.com/2/users/me", nil)
+	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
+	req.Header.Add("Authorization", "Bearer "+token.AccessToken)
+	// req.URL.Query().Set("user.fields", "profile_image_url")
+	// userIdUrl := fmt.Sprintf("https://graph.Twitter.com/me?access_token=%s", accessToken)
+	userIdResp, err := idp.GetUrlResp(req)
+	if err != nil {
+		return nil, err
+	}
+	empTwitterCheckToken := &TwitterCheckToken{}
+	if err = json.Unmarshal([]byte(userIdResp), &empTwitterCheckToken); err != nil {
+		return nil, err
+	}
+	TwitterUserInfo = empTwitterCheckToken.Data
+
+	userInfo := UserInfo{
+		Id:          TwitterUserInfo.Id,
+		Username:    TwitterUserInfo.UserName,
+		DisplayName: TwitterUserInfo.Name,
+		Email:       TwitterUserInfo.Email,
+		AvatarUrl:   TwitterUserInfo.Picture.Data.Url,
+	}
+	return &userInfo, nil
+}
+
+func (idp *TwitterIdProvider) GetUrlResp(url *http.Request) (string, error) {
+	resp, err := idp.Client.Do(url)
+	if err != nil {
+		return "", err
+	}
+
+	defer func(Body io.ReadCloser) {
+		err := Body.Close()
+		if err != nil {
+			return
+		}
+	}(resp.Body)
+
+	buf := new(bytes.Buffer)
+	_, err = buf.ReadFrom(resp.Body)
+	if err != nil {
+		return "", err
+	}
+
+	return buf.String(), nil
+}

init_data.json.template

@@ -123,7 +123,7 @@
       "redirectUris": [""],
       "expireInHours": 168,
       "failedSigninLimit": 5,
-      "failedSigninfrozenTime": 15
+      "failedSigninFrozenTime": 15
     }
   ],
   "users": [

ldap/server.go

@@ -18,7 +18,6 @@ import (
 	"fmt"
 	"hash/fnv"
 	"log"
-	"strings"
 
 	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/object"
@@ -50,17 +49,7 @@ func handleBind(w ldap.ResponseWriter, m *ldap.Message) {
 	res := ldap.NewBindResponse(ldap.LDAPResultSuccess)
 
 	if r.AuthenticationChoice() == "simple" {
-		bindDN := string(r.Name())
+		bindUsername, bindOrg, err := getNameAndOrgFromDN(string(r.Name()))
-		bindPassword := string(r.AuthenticationSimple())
-
-		if bindDN == "" && bindPassword == "" {
-			res.SetResultCode(ldap.LDAPResultInappropriateAuthentication)
-			res.SetDiagnosticMessage("Anonymous bind disallowed")
-			w.Write(res)
-			return
-		}
-
-		bindUsername, bindOrg, err := getNameAndOrgFromDN(bindDN)
 		if err != nil {
 			log.Printf("getNameAndOrgFromDN() error: %s", err.Error())
 			res.SetResultCode(ldap.LDAPResultInvalidDNSyntax)
@@ -69,6 +58,7 @@ func handleBind(w ldap.ResponseWriter, m *ldap.Message) {
 			return
 		}
 
+		bindPassword := string(r.AuthenticationSimple())
 		bindUser, err := object.CheckUserPassword(bindOrg, bindUsername, bindPassword, "en")
 		if err != nil {
 			log.Printf("Bind failed User=%s, Pass=%#v, ErrMsg=%s", string(r.Name()), r.Authentication(), err)
@@ -103,46 +93,7 @@ func handleSearch(w ldap.ResponseWriter, m *ldap.Message) {
 	}
 
 	r := m.GetSearchRequest()
-
+	if r.FilterString() == "(objectClass=*)" {
-	// case insensitive match
-	if strings.EqualFold(r.FilterString(), "(objectClass=*)") {
-		if len(r.Attributes()) == 0 {
-			w.Write(res)
-			return
-		}
-		first_attr := string(r.Attributes()[0])
-
-		if string(r.BaseObject()) == "" {
-			// handle special search requests
-
-			if first_attr == "namingContexts" {
-				orgs, code := GetFilteredOrganizations(m)
-				if code != ldap.LDAPResultSuccess {
-					res.SetResultCode(code)
-					w.Write(res)
-					return
-				}
-				e := ldap.NewSearchResultEntry(string(r.BaseObject()))
-				dnlist := make([]message.AttributeValue, len(orgs))
-				for i, org := range orgs {
-					dnlist[i] = message.AttributeValue(fmt.Sprintf("ou=%s", org.Name))
-				}
-				e.AddAttribute("namingContexts", dnlist...)
-				w.Write(e)
-			} else if first_attr == "subschemaSubentry" {
-				e := ldap.NewSearchResultEntry(string(r.BaseObject()))
-				e.AddAttribute("subschemaSubentry", message.AttributeValue("cn=Subschema"))
-				w.Write(e)
-			}
-		} else if strings.EqualFold(first_attr, "objectclasses") && string(r.BaseObject()) == "cn=Subschema" {
-			e := ldap.NewSearchResultEntry(string(r.BaseObject()))
-			e.AddAttribute("objectClasses", []message.AttributeValue{
-				"( 1.3.6.1.1.1.2.0 NAME 'posixAccount' DESC 'Abstraction of an account with POSIX attributes' SUP top AUXILIARY MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory ) MAY ( userPassword $ loginShell $ gecos $ description ) )",
-				"( 1.3.6.1.1.1.2.2 NAME 'posixGroup' DESC 'Abstraction of a group of accounts' SUP top STRUCTURAL MUST ( cn $ gidNumber ) MAY ( userPassword $ memberUid $ description ) )",
-			}...)
-			w.Write(e)
-		}
-
 		w.Write(res)
 		return
 	}
@@ -155,72 +106,38 @@ func handleSearch(w ldap.ResponseWriter, m *ldap.Message) {
 	default:
 	}
 
-	objectClass := searchFilterForEquality(r.Filter(), "objectClass", "posixAccount", "posixGroup")
+	users, code := GetFilteredUsers(m)
-	switch objectClass {
+	if code != ldap.LDAPResultSuccess {
-	case "posixAccount":
+		res.SetResultCode(code)
-		users, code := GetFilteredUsers(m)
+		w.Write(res)
-		if code != ldap.LDAPResultSuccess {
+		return
-			res.SetResultCode(code)
-			w.Write(res)
-			return
-		}
-
-		// log.Printf("Handling posixAccount filter=%s", r.FilterString())
-		for _, user := range users {
-			dn := fmt.Sprintf("uid=%s,cn=users,%s", user.Name, string(r.BaseObject()))
-			e := ldap.NewSearchResultEntry(dn)
-			attrs := r.Attributes()
-			for _, attr := range attrs {
-				if string(attr) == "*" {
-					attrs = AdditionalLdapUserAttributes
-					break
-				}
-			}
-			for _, attr := range attrs {
-				if strings.HasSuffix(string(attr), ";binary") {
-					// unsupported: userCertificate;binary
-					continue
-				}
-				field, ok := ldapUserAttributesMapping.CaseInsensitiveGet(string(attr))
-				if ok {
-					e.AddAttribute(message.AttributeDescription(attr), field.GetAttributeValues(user)...)
-				}
-			}
-			w.Write(e)
-		}
-
-	case "posixGroup":
-		// log.Printf("Handling posixGroup filter=%s", r.FilterString())
-		groups, code := GetFilteredGroups(m)
-		if code != ldap.LDAPResultSuccess {
-			res.SetResultCode(code)
-			w.Write(res)
-			return
-		}
-
-		for _, group := range groups {
-			dn := fmt.Sprintf("cn=%s,cn=groups,%s", group.Name, string(r.BaseObject()))
-			e := ldap.NewSearchResultEntry(dn)
-			attrs := r.Attributes()
-			for _, attr := range attrs {
-				if string(attr) == "*" {
-					attrs = AdditionalLdapGroupAttributes
-					break
-				}
-			}
-			for _, attr := range attrs {
-				field, ok := ldapGroupAttributesMapping.CaseInsensitiveGet(string(attr))
-				if ok {
-					e.AddAttribute(message.AttributeDescription(attr), field.GetAttributeValues(group)...)
-				}
-			}
-			w.Write(e)
-		}
-
-	case "":
-		log.Printf("Unmatched search request. filter=%s", r.FilterString())
 	}
 
+	for _, user := range users {
+		dn := fmt.Sprintf("uid=%s,cn=%s,%s", user.Id, user.Name, string(r.BaseObject()))
+		e := ldap.NewSearchResultEntry(dn)
+		uidNumberStr := fmt.Sprintf("%v", hash(user.Name))
+		e.AddAttribute("uidNumber", message.AttributeValue(uidNumberStr))
+		e.AddAttribute("gidNumber", message.AttributeValue(uidNumberStr))
+		e.AddAttribute("homeDirectory", message.AttributeValue("/home/"+user.Name))
+		e.AddAttribute("cn", message.AttributeValue(user.Name))
+		e.AddAttribute("uid", message.AttributeValue(user.Id))
+		attrs := r.Attributes()
+		for _, attr := range attrs {
+			if string(attr) == "*" {
+				attrs = AdditionalLdapAttributes
+				break
+			}
+		}
+		for _, attr := range attrs {
+			e.AddAttribute(message.AttributeDescription(attr), getAttribute(string(attr), user))
+			if string(attr) == "cn" {
+				e.AddAttribute(message.AttributeDescription(attr), getAttribute("title", user))
+			}
+		}
+
+		w.Write(e)
+	}
 	w.Write(res)
 }
 

ldap/util.go

@@ -18,7 +18,6 @@ import (
 	"fmt"
 	"log"
 	"strings"
-	"time"
 
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
@@ -29,259 +28,65 @@ import (
 	"github.com/xorm-io/builder"
 )
 
-type V = message.AttributeValue
+type AttributeMapper func(user *object.User) message.AttributeValue
 
-type UserAttributeMapper func(user *object.User) []V
+type FieldRelation struct {
-
-type UserFieldRelation struct {
 	userField     string
-	ldapField     string
 	notSearchable bool
 	hideOnStarOp  bool
-	fieldMapper   UserAttributeMapper
+	fieldMapper   AttributeMapper
-	constantValue []V
 }
 
-func (rel UserFieldRelation) GetField() (string, error) {
+func (rel FieldRelation) GetField() (string, error) {
 	if rel.notSearchable {
 		return "", fmt.Errorf("attribute %s not supported", rel.userField)
 	}
 	return rel.userField, nil
 }
 
-func (rel UserFieldRelation) GetAttributeValues(user *object.User) []V {
+func (rel FieldRelation) GetAttributeValue(user *object.User) message.AttributeValue {
-	if rel.constantValue != nil && rel.fieldMapper == nil {
-		return rel.constantValue
-	}
 	return rel.fieldMapper(user)
 }
 
-type UserFieldRelationMap map[string]UserFieldRelation
+var ldapAttributesMapping = map[string]FieldRelation{
-
+	"cn": {userField: "name", hideOnStarOp: true, fieldMapper: func(user *object.User) message.AttributeValue {
-func (m UserFieldRelationMap) CaseInsensitiveGet(key string) (UserFieldRelation, bool) {
+		return message.AttributeValue(user.Name)
-	lowerKey := strings.ToLower(key)
-	ret, ok := m[lowerKey]
-	return ret, ok
-}
-
-type GroupAttributeMapper func(group *object.Group) []V
-
-type GroupFieldRelation struct {
-	groupField    string
-	ldapField     string
-	notSearchable bool
-	hideOnStarOp  bool
-	fieldMapper   GroupAttributeMapper
-	constantValue []V
-}
-
-func (rel GroupFieldRelation) GetField() (string, error) {
-	if rel.notSearchable {
-		return "", fmt.Errorf("attribute %s not supported", rel.groupField)
-	}
-	return rel.groupField, nil
-}
-
-func (rel GroupFieldRelation) GetAttributeValues(group *object.Group) []V {
-	if rel.constantValue != nil && rel.fieldMapper == nil {
-		return rel.constantValue
-	}
-	return rel.fieldMapper(group)
-}
-
-type GroupFieldRelationMap map[string]GroupFieldRelation
-
-func (m GroupFieldRelationMap) CaseInsensitiveGet(key string) (GroupFieldRelation, bool) {
-	lowerKey := strings.ToLower(key)
-	ret, ok := m[lowerKey]
-	return ret, ok
-}
-
-var ldapUserAttributesMapping = UserFieldRelationMap{
-	"cn": {ldapField: "cn", userField: "name", hideOnStarOp: true, fieldMapper: func(user *object.User) []V {
-		return []V{V(user.Name)}
 	}},
-	"uid": {ldapField: "uid", userField: "name", hideOnStarOp: true, fieldMapper: func(user *object.User) []V {
+	"uid": {userField: "name", hideOnStarOp: true, fieldMapper: func(user *object.User) message.AttributeValue {
-		return []V{V(user.Name)}
+		return message.AttributeValue(user.Name)
 	}},
-	"displayname": {ldapField: "displayName", userField: "displayName", fieldMapper: func(user *object.User) []V {
+	"displayname": {userField: "displayName", fieldMapper: func(user *object.User) message.AttributeValue {
-		return []V{V(user.DisplayName)}
+		return message.AttributeValue(user.DisplayName)
 	}},
-	"email": {ldapField: "email", userField: "email", fieldMapper: func(user *object.User) []V {
+	"email": {userField: "email", fieldMapper: func(user *object.User) message.AttributeValue {
-		return []V{V(user.Email)}
+		return message.AttributeValue(user.Email)
 	}},
-	"mail": {ldapField: "mail", userField: "email", fieldMapper: func(user *object.User) []V {
+	"mail": {userField: "email", fieldMapper: func(user *object.User) message.AttributeValue {
-		return []V{V(user.Email)}
+		return message.AttributeValue(user.Email)
 	}},
-	"mobile": {ldapField: "mobile", userField: "phone", fieldMapper: func(user *object.User) []V {
+	"mobile": {userField: "phone", fieldMapper: func(user *object.User) message.AttributeValue {
-		return []V{V(user.Phone)}
+		return message.AttributeValue(user.Phone)
 	}},
-	"telephonenumber": {ldapField: "telephoneNumber", userField: "phone", fieldMapper: func(user *object.User) []V {
+	"title": {userField: "tag", fieldMapper: func(user *object.User) message.AttributeValue {
-		return []V{V(user.Phone)}
+		return message.AttributeValue(user.Tag)
 	}},
-	"postaladdress": {ldapField: "postalAddress", userField: "address", fieldMapper: func(user *object.User) []V {
+	"userPassword": {
-		return []V{V(strings.Join(user.Address, " "))}
-	}},
-	"title": {ldapField: "title", userField: "title", fieldMapper: func(user *object.User) []V {
-		return []V{V(user.Title)}
-	}},
-	"gecos": {ldapField: "gecos", userField: "displayName", fieldMapper: func(user *object.User) []V {
-		return []V{V(user.DisplayName)}
-	}},
-	"description": {ldapField: "description", userField: "displayName", fieldMapper: func(user *object.User) []V {
-		return []V{V(user.DisplayName)}
-	}},
-	"logindisabled": {ldapField: "loginDisabled", userField: "isForbidden", fieldMapper: func(user *object.User) []V {
-		if user.IsForbidden {
-			return []V{V("1")}
-		} else {
-			return []V{V("0")}
-		}
-	}},
-	"userpassword": {
-		ldapField:     "userPassword",
 		userField:     "userPassword",
 		notSearchable: true,
-		fieldMapper: func(user *object.User) []V {
+		fieldMapper: func(user *object.User) message.AttributeValue {
-			return []V{V(getUserPasswordWithType(user))}
+			return message.AttributeValue(getUserPasswordWithType(user))
 		},
 	},
-	"uidnumber": {ldapField: "uidNumber", notSearchable: true, fieldMapper: func(user *object.User) []V {
-		return []V{V(fmt.Sprintf("%v", hash(user.Name)))}
-	}},
-	"gidnumber": {ldapField: "gidNumber", notSearchable: true, fieldMapper: func(user *object.User) []V {
-		if len(user.Groups) == 0 {
-			return []V{V("")}
-		}
-		group, err := object.GetGroup(user.Groups[0])
-		if err != nil {
-			log.Printf("gidnumber object.GetGroup error: %s", err)
-			return []V{V("")}
-		}
-		return []V{V(fmt.Sprintf("%v", hash(group.Name)))}
-	}},
-	"homedirectory": {ldapField: "homeDirectory", notSearchable: true, fieldMapper: func(user *object.User) []V {
-		return []V{V("/home/" + user.Name)}
-	}},
-	"loginshell": {ldapField: "loginShell", notSearchable: true, fieldMapper: func(user *object.User) []V {
-		if user.IsForbidden || user.IsDeleted {
-			return []V{V("/sbin/nologin")}
-		} else {
-			return []V{V("/bin/bash")}
-		}
-	}},
-	"shadowlastchange": {ldapField: "shadowLastChange", notSearchable: true, fieldMapper: func(user *object.User) []V {
-		// "this attribute specifies number of days between January 1, 1970, and the date that the password was last modified"
-		updatedTime, err := time.Parse(time.RFC3339, user.UpdatedTime)
-		if err != nil {
-			log.Printf("shadowlastchange time.Parse error: %s", err)
-			updatedTime = time.Now()
-		}
-		return []V{V(fmt.Sprint(updatedTime.Unix() / 86400))}
-	}},
-	"pwdchangedtime": {ldapField: "pwdChangedTime", notSearchable: true, fieldMapper: func(user *object.User) []V {
-		updatedTime, err := time.Parse(time.RFC3339, user.UpdatedTime)
-		if err != nil {
-			log.Printf("pwdchangedtime time.Parse error: %s", err)
-			updatedTime = time.Now()
-		}
-		return []V{V(updatedTime.UTC().Format("20060102030405Z"))}
-	}},
-	"shadowmin":     {ldapField: "shadowMin", notSearchable: true, constantValue: []V{V("0")}},
-	"shadowmax":     {ldapField: "shadowMax", notSearchable: true, constantValue: []V{V("99999")}},
-	"shadowwarning": {ldapField: "shadowWarning", notSearchable: true, constantValue: []V{V("7")}},
-	"shadowexpire": {ldapField: "shadowExpire", notSearchable: true, fieldMapper: func(user *object.User) []V {
-		if user.IsForbidden {
-			return []V{V("1")}
-		} else {
-			return []V{V("-1")}
-		}
-	}},
-	"shadowinactive": {ldapField: "shadowInactive", notSearchable: true, constantValue: []V{V("0")}},
-	"shadowflag":     {ldapField: "shadowFlag", notSearchable: true, constantValue: []V{V("0")}},
-	"memberof": {ldapField: "memberOf", notSearchable: true, fieldMapper: func(user *object.User) []V {
-		var groupdn []V
-		for _, groupId := range user.Groups {
-			group, err := object.GetGroup(groupId)
-			if err != nil {
-				log.Printf("memberOf object.GetGroup error: %s", err)
-				continue
-			}
-			groupdn = append(groupdn, V(fmt.Sprintf("cn=%s,cn=groups,ou=%s", group.Name, group.Owner)))
-		}
-		return groupdn
-	}},
-	"objectclass": {ldapField: "objectClass", notSearchable: true, constantValue: []V{
-		V("top"),
-		V("posixAccount"),
-		V("shadowAccount"),
-		V("person"),
-		V("organizationalPerson"),
-		V("inetOrgPerson"),
-		V("apple-user"),
-		V("sambaSamAccount"),
-		V("sambaIdmapEntry"),
-		V("extensibleObject"),
-	}},
 }
 
-var ldapGroupAttributesMapping = GroupFieldRelationMap{
+var AdditionalLdapAttributes []message.LDAPString
-	"cn": {ldapField: "cn", hideOnStarOp: true, fieldMapper: func(group *object.Group) []V {
-		return []V{V(group.Name)}
-	}},
-	"gidnumber": {ldapField: "gidNumber", hideOnStarOp: true, fieldMapper: func(group *object.Group) []V {
-		return []V{V(fmt.Sprintf("%v", hash(group.Name)))}
-	}},
-	"member": {ldapField: "member", fieldMapper: func(group *object.Group) []V {
-		users, err := object.GetGroupUsers(group.GetId())
-		if err != nil {
-			log.Printf("member object.GetGroupUsers error: %s", err)
-			return []V{V("")}
-		}
-		var members []V
-		for _, user := range users {
-			members = append(members, V(fmt.Sprintf("uid=%s,cn=users,ou=%s", user.Name, user.Owner)))
-		}
-		return members
-	}},
-	"memberuid": {ldapField: "memberUid", fieldMapper: func(group *object.Group) []V {
-		users, err := object.GetGroupUsers(group.GetId())
-		if err != nil {
-			log.Printf("member object.GetGroupUsers error: %s", err)
-			return []V{V("")}
-		}
-		var members []message.AttributeValue
-		for _, user := range users {
-			members = append(members, message.AttributeValue(user.Name))
-		}
-		return members
-	}},
-	"description": {ldapField: "description", hideOnStarOp: true, fieldMapper: func(group *object.Group) []V {
-		return []V{V(group.DisplayName)}
-	}},
-	"objectclass": {ldapField: "objectClass", hideOnStarOp: true, constantValue: []V{
-		V("top"),
-		V("posixGroup"),
-	}},
-}
-
-var (
-	AdditionalLdapUserAttributes  []message.LDAPString
-	AdditionalLdapGroupAttributes []message.LDAPString
-)
 
 func init() {
-	for _, v := range ldapUserAttributesMapping {
+	for k, v := range ldapAttributesMapping {
 		if v.hideOnStarOp {
 			continue
 		}
-		AdditionalLdapUserAttributes = append(AdditionalLdapUserAttributes, message.LDAPString(v.ldapField))
+		AdditionalLdapAttributes = append(AdditionalLdapAttributes, message.LDAPString(k))
-	}
-	for _, v := range ldapGroupAttributesMapping {
-		if v.hideOnStarOp {
-			continue
-		}
-		AdditionalLdapGroupAttributes = append(AdditionalLdapGroupAttributes, message.LDAPString(v.ldapField))
 	}
 }
 
@@ -502,52 +307,6 @@ func GetFilteredUsers(m *ldap.Message) (filteredUsers []*object.User, code int)
 	}
 }
 
-func GetFilteredOrganizations(m *ldap.Message) ([]*object.Organization, int) {
-	if m.Client.IsGlobalAdmin {
-		organizations, err := object.GetOrganizations("")
-		if err != nil {
-			panic(err)
-		}
-		return organizations, ldap.LDAPResultSuccess
-	} else if m.Client.IsOrgAdmin {
-		requestUserId := util.GetId(m.Client.OrgName, m.Client.UserName)
-		user, err := object.GetUser(requestUserId)
-		if err != nil {
-			panic(err)
-		}
-		organization, err := object.GetOrganizationByUser(user)
-		if err != nil {
-			panic(err)
-		}
-		return []*object.Organization{organization}, ldap.LDAPResultSuccess
-	} else {
-		return nil, ldap.LDAPResultInsufficientAccessRights
-	}
-}
-
-func GetFilteredGroups(m *ldap.Message) ([]*object.Group, int) {
-	if m.Client.IsGlobalAdmin {
-		groups, err := object.GetGroups("")
-		if err != nil {
-			panic(err)
-		}
-		return groups, ldap.LDAPResultSuccess
-	} else if m.Client.IsOrgAdmin {
-		requestUserId := util.GetId(m.Client.OrgName, m.Client.UserName)
-		user, err := object.GetUser(requestUserId)
-		if err != nil {
-			panic(err)
-		}
-		groups, err := object.GetGroups(user.Owner)
-		if err != nil {
-			panic(err)
-		}
-		return groups, ldap.LDAPResultSuccess
-	} else {
-		return nil, ldap.LDAPResultInsufficientAccessRights
-	}
-}
-
 // get user password with hash type prefix
 // TODO not handle salt yet
 // @return {md5}5f4dcc3b5aa765d61d8327deb882cf99
@@ -571,49 +330,18 @@ func getUserPasswordWithType(user *object.User) string {
 	return fmt.Sprintf("{%s}%s", prefix, user.Password)
 }
 
+func getAttribute(attributeName string, user *object.User) message.AttributeValue {
+	v, ok := ldapAttributesMapping[attributeName]
+	if !ok {
+		return ""
+	}
+	return v.GetAttributeValue(user)
+}
+
 func getUserFieldFromAttribute(attributeName string) (string, error) {
-	v, ok := ldapUserAttributesMapping.CaseInsensitiveGet(attributeName)
+	v, ok := ldapAttributesMapping[attributeName]
 	if !ok {
 		return "", fmt.Errorf("attribute %s not supported", attributeName)
 	}
 	return v.GetField()
 }
-
-func searchFilterForEquality(filter message.Filter, desc string, values ...string) string {
-	switch f := filter.(type) {
-	case message.FilterAnd:
-		for _, child := range f {
-			if val := searchFilterForEquality(child, desc, values...); val != "" {
-				return val
-			}
-		}
-	case message.FilterOr:
-		for _, child := range f {
-			if val := searchFilterForEquality(child, desc, values...); val != "" {
-				return val
-			}
-		}
-	case message.FilterNot:
-		return searchFilterForEquality(f.Filter, desc, values...)
-	case message.FilterSubstrings:
-		// Handle FilterSubstrings case if needed
-	case message.FilterEqualityMatch:
-		if strings.EqualFold(string(f.AttributeDesc()), desc) {
-			for _, value := range values {
-				if val := string(f.AssertionValue()); val == value {
-					return val
-				}
-			}
-		}
-	case message.FilterGreaterOrEqual:
-		// Handle FilterGreaterOrEqual case if needed
-	case message.FilterLessOrEqual:
-		// Handle FilterLessOrEqual case if needed
-	case message.FilterPresent:
-		// Handle FilterPresent case if needed
-	case message.FilterApproxMatch:
-		// Handle FilterApproxMatch case if needed
-	}
-
-	return ""
-}

object/application.go

@@ -37,12 +37,13 @@ type SignupItem struct {
 	Prompted    bool   `json:"prompted"`
 	Label       string `json:"label"`
 	Placeholder string `json:"placeholder"`
+	Regex       string `json:"regex"`
 	Rule        string `json:"rule"`
 }
 
 type SamlItem struct {
 	Name       string `json:"name"`
-	NameFormat string `json:"nameformat"`
+	NameFormat string `json:"nameFormat"`
 	Value      string `json:"value"`
 }
 
@@ -75,7 +76,6 @@ type Application struct {
 	OrganizationObj     *Organization   `xorm:"-" json:"organizationObj"`
 	CertPublicKey       string          `xorm:"-" json:"certPublicKey"`
 	Tags                []string        `xorm:"mediumtext" json:"tags"`
-	InvitationCodes     []string        `xorm:"varchar(200)" json:"invitationCodes"`
 	SamlAttributes      []*SamlItem     `xorm:"varchar(1000)" json:"samlAttributes"`
 
 	ClientId             string     `xorm:"varchar(100)" json:"clientId"`
@@ -100,7 +100,7 @@ type Application struct {
 	FormBackgroundUrl    string     `xorm:"varchar(200)" json:"formBackgroundUrl"`
 
 	FailedSigninLimit      int `json:"failedSigninLimit"`
-	FailedSigninfrozenTime int `json:"failedSigninfrozenTime"`
+	FailedSigninFrozenTime int `json:"failedSigninFrozenTime"`
 }
 
 func GetApplicationCount(owner, field, value string) (int64, error) {
@@ -347,6 +347,17 @@ func GetMaskedApplication(application *Application, userId string) *Application
 		return nil
 	}
 
+	if application.TokenFields == nil {
+		application.TokenFields = []string{}
+	}
+
+	if application.FailedSigninLimit == 0 {
+		application.FailedSigninLimit = DefaultFailedSigninLimit
+	}
+	if application.FailedSigninFrozenTime == 0 {
+		application.FailedSigninFrozenTime = DefaultFailedSigninFrozenTime
+	}
+
 	if userId != "" {
 		if isUserIdGlobalAdmin(userId) {
 			return application
@@ -380,10 +391,6 @@ func GetMaskedApplication(application *Application, userId string) *Application
 		}
 	}
 
-	if application.InvitationCodes != nil {
-		application.InvitationCodes = []string{"***"}
-	}
-
 	return application
 }
 

object/check.go

@@ -16,6 +16,7 @@ package object
 
 import (
 	"fmt"
+	"regexp"
 	"strings"
 	"time"
 	"unicode"
@@ -28,94 +29,93 @@ import (
 )
 
 const (
-	DefaultFailedSigninLimit = 5
+	DefaultFailedSigninLimit      = 5
-	// DefaultFailedSigninfrozenTime The unit of frozen time is minutes
+	DefaultFailedSigninFrozenTime = 15
-	DefaultFailedSigninfrozenTime = 15
 )
 
-func CheckUserSignup(application *Application, organization *Organization, form *form.AuthForm, lang string) string {
+func CheckUserSignup(application *Application, organization *Organization, authForm *form.AuthForm, lang string) string {
 	if organization == nil {
 		return i18n.Translate(lang, "check:Organization does not exist")
 	}
 
 	if application.IsSignupItemVisible("Username") {
-		if len(form.Username) <= 1 {
+		if len(authForm.Username) <= 1 {
 			return i18n.Translate(lang, "check:Username must have at least 2 characters")
 		}
-		if unicode.IsDigit(rune(form.Username[0])) {
+		if unicode.IsDigit(rune(authForm.Username[0])) {
 			return i18n.Translate(lang, "check:Username cannot start with a digit")
 		}
-		if util.IsEmailValid(form.Username) {
+		if util.IsEmailValid(authForm.Username) {
 			return i18n.Translate(lang, "check:Username cannot be an email address")
 		}
-		if util.ReWhiteSpace.MatchString(form.Username) {
+		if util.ReWhiteSpace.MatchString(authForm.Username) {
 			return i18n.Translate(lang, "check:Username cannot contain white spaces")
 		}
 
-		if msg := CheckUsername(form.Username, lang); msg != "" {
+		if msg := CheckUsername(authForm.Username, lang); msg != "" {
 			return msg
 		}
 
-		if HasUserByField(organization.Name, "name", form.Username) {
+		if HasUserByField(organization.Name, "name", authForm.Username) {
 			return i18n.Translate(lang, "check:Username already exists")
 		}
-		if HasUserByField(organization.Name, "email", form.Email) {
+		if HasUserByField(organization.Name, "email", authForm.Email) {
 			return i18n.Translate(lang, "check:Email already exists")
 		}
-		if HasUserByField(organization.Name, "phone", form.Phone) {
+		if HasUserByField(organization.Name, "phone", authForm.Phone) {
 			return i18n.Translate(lang, "check:Phone already exists")
 		}
 	}
 
 	if application.IsSignupItemVisible("Password") {
-		msg := CheckPasswordComplexityByOrg(organization, form.Password)
+		msg := CheckPasswordComplexityByOrg(organization, authForm.Password)
 		if msg != "" {
 			return msg
 		}
 	}
 
 	if application.IsSignupItemVisible("Email") {
-		if form.Email == "" {
+		if authForm.Email == "" {
 			if application.IsSignupItemRequired("Email") {
 				return i18n.Translate(lang, "check:Email cannot be empty")
 			}
 		} else {
-			if HasUserByField(organization.Name, "email", form.Email) {
+			if HasUserByField(organization.Name, "email", authForm.Email) {
 				return i18n.Translate(lang, "check:Email already exists")
-			} else if !util.IsEmailValid(form.Email) {
+			} else if !util.IsEmailValid(authForm.Email) {
 				return i18n.Translate(lang, "check:Email is invalid")
 			}
 		}
 	}
 
 	if application.IsSignupItemVisible("Phone") {
-		if form.Phone == "" {
+		if authForm.Phone == "" {
 			if application.IsSignupItemRequired("Phone") {
 				return i18n.Translate(lang, "check:Phone cannot be empty")
 			}
 		} else {
-			if HasUserByField(organization.Name, "phone", form.Phone) {
+			if HasUserByField(organization.Name, "phone", authForm.Phone) {
 				return i18n.Translate(lang, "check:Phone already exists")
-			} else if !util.IsPhoneAllowInRegin(form.CountryCode, organization.CountryCodes) {
+			} else if !util.IsPhoneAllowInRegin(authForm.CountryCode, organization.CountryCodes) {
 				return i18n.Translate(lang, "check:Your region is not allow to signup by phone")
-			} else if !util.IsPhoneValid(form.Phone, form.CountryCode) {
+			} else if !util.IsPhoneValid(authForm.Phone, authForm.CountryCode) {
 				return i18n.Translate(lang, "check:Phone number is invalid")
 			}
 		}
 	}
 
 	if application.IsSignupItemVisible("Display name") {
-		if application.GetSignupItemRule("Display name") == "First, last" && (form.FirstName != "" || form.LastName != "") {
+		if application.GetSignupItemRule("Display name") == "First, last" && (authForm.FirstName != "" || authForm.LastName != "") {
-			if form.FirstName == "" {
+			if authForm.FirstName == "" {
 				return i18n.Translate(lang, "check:FirstName cannot be blank")
-			} else if form.LastName == "" {
+			} else if authForm.LastName == "" {
 				return i18n.Translate(lang, "check:LastName cannot be blank")
 			}
 		} else {
-			if form.Name == "" {
+			if authForm.Name == "" {
 				return i18n.Translate(lang, "check:DisplayName cannot be blank")
 			} else if application.GetSignupItemRule("Display name") == "Real name" {
-				if !isValidRealName(form.Name) {
+				if !isValidRealName(authForm.Name) {
 					return i18n.Translate(lang, "check:DisplayName is not valid real name")
 				}
 			}
@@ -123,28 +123,69 @@ func CheckUserSignup(application *Application, organization *Organization, form
 	}
 
 	if application.IsSignupItemVisible("Affiliation") {
-		if form.Affiliation == "" {
+		if authForm.Affiliation == "" {
 			return i18n.Translate(lang, "check:Affiliation cannot be blank")
 		}
 	}
 
-	if len(application.InvitationCodes) > 0 {
+	for _, signupItem := range application.SignupItems {
-		if form.InvitationCode == "" {
+		if signupItem.Regex == "" {
-			if application.IsSignupItemRequired("Invitation code") {
+			continue
-				return i18n.Translate(lang, "check:Invitation code cannot be blank")
+		}
-			}
+
-		} else {
+		isString, value := form.GetAuthFormFieldValue(authForm, signupItem.Name)
-			if !util.InSlice(application.InvitationCodes, form.InvitationCode) {
+		if !isString {
-				return i18n.Translate(lang, "check:Invitation code is invalid")
+			continue
-			}
+		}
+
+		regexSignupItem, err := regexp.Compile(signupItem.Regex)
+		if err != nil {
+			return err.Error()
+		}
+
+		matched := regexSignupItem.MatchString(value)
+		if !matched {
+			return fmt.Sprintf(i18n.Translate(lang, "check:The value \"%s\" for signup field \"%s\" doesn't match the signup item regex of the application \"%s\""), value, signupItem.Name, application.Name)
 		}
 	}
 
 	return ""
 }
 
+func CheckInvitationCode(application *Application, organization *Organization, authForm *form.AuthForm, lang string) (*Invitation, string) {
+	if authForm.InvitationCode == "" {
+		if application.IsSignupItemRequired("Invitation code") {
+			return nil, i18n.Translate(lang, "check:Invitation code cannot be blank")
+		} else {
+			return nil, ""
+		}
+	}
+
+	invitations, err := GetInvitations(organization.Name)
+	if err != nil {
+		return nil, err.Error()
+	}
+	errMsg := ""
+	for _, invitation := range invitations {
+		if invitation.Application != application.Name && invitation.Application != "All" {
+			continue
+		}
+		if isValid, msg := invitation.IsInvitationCodeValid(application, authForm.InvitationCode, authForm.Username, authForm.Email, authForm.Phone, lang); isValid {
+			return invitation, msg
+		} else if msg != "" && errMsg == "" {
+			errMsg = msg
+		}
+	}
+
+	if errMsg != "" {
+		return nil, errMsg
+	} else {
+		return nil, i18n.Translate(lang, "check:Invitation code is invalid")
+	}
+}
+
 func checkSigninErrorTimes(user *User, lang string) error {
-	failedSigninLimit, failedSigninfrozenTime, err := GetFailedSigninConfigByUser(user)
+	failedSigninLimit, failedSigninFrozenTime, err := GetFailedSigninConfigByUser(user)
 	if err != nil {
 		return err
 	}
@@ -152,7 +193,7 @@ func checkSigninErrorTimes(user *User, lang string) error {
 	if user.SigninWrongTimes >= failedSigninLimit {
 		lastSignWrongTime, _ := time.Parse(time.RFC3339, user.LastSigninWrongTime)
 		passedTime := time.Now().UTC().Sub(lastSignWrongTime)
-		minutes := failedSigninfrozenTime - int(passedTime.Minutes())
+		minutes := failedSigninFrozenTime - int(passedTime.Minutes())
 
 		// deny the login if the error times is greater than the limit and the last login time is less than the duration
 		if minutes > 0 {
@@ -273,7 +314,7 @@ func checkLdapUserPassword(user *User, password string, lang string) error {
 		}
 		return fmt.Errorf(i18n.Translate(lang, "check:LDAP user name or password incorrect"))
 	}
-	return nil
+	return resetUserSigninErrorTimes(user)
 }
 
 func CheckUserPassword(organization string, username string, password string, lang string, options ...bool) (*User, error) {
@@ -509,12 +550,11 @@ func CheckToEnableCaptcha(application *Application, organization, username strin
 					return false, err
 				}
 
-				var failedSigninLimit int
+				failedSigninLimit := application.FailedSigninLimit
-				if application.FailedSigninLimit == 0 {
+				if failedSigninLimit == 0 {
-					failedSigninLimit = 5
+					failedSigninLimit = DefaultFailedSigninLimit
-				} else {
-					failedSigninLimit = application.FailedSigninLimit
 				}
+
 				return user != nil && user.SigninWrongTimes >= failedSigninLimit, nil
 			}
 			return providerItem.Rule == "Always", nil

object/check_password_complexity.go

@@ -24,7 +24,7 @@ var (
 	regexLowerCase = regexp.MustCompile(`[a-z]`)
 	regexUpperCase = regexp.MustCompile(`[A-Z]`)
 	regexDigit     = regexp.MustCompile(`\d`)
-	regexSpecial   = regexp.MustCompile(`[!@#$%^&*]`)
+	regexSpecial   = regexp.MustCompile("[!-/:-@[-`{-~]")
 )
 
 func isValidOption_AtLeast6(password string) string {

object/check_util.go

@@ -52,18 +52,18 @@ func GetFailedSigninConfigByUser(user *User) (int, int, error) {
 	if err != nil {
 		return 0, 0, err
 	}
-	failedSigninLimit := application.FailedSigninLimit
-	failedSigninfrozenTime := application.FailedSigninfrozenTime
 
-	// 0 as an initialization value, corresponding to the default configuration parameters
+	failedSigninLimit := application.FailedSigninLimit
 	if failedSigninLimit == 0 {
 		failedSigninLimit = DefaultFailedSigninLimit
 	}
-	if failedSigninfrozenTime == 0 {
+
-		failedSigninfrozenTime = DefaultFailedSigninfrozenTime
+	failedSigninFrozenTime := application.FailedSigninFrozenTime
+	if failedSigninFrozenTime == 0 {
+		failedSigninFrozenTime = DefaultFailedSigninFrozenTime
 	}
 
-	return failedSigninLimit, failedSigninfrozenTime, nil
+	return failedSigninLimit, failedSigninFrozenTime, nil
 }
 
 func recordSigninErrorInfo(user *User, lang string, options ...bool) error {
@@ -72,7 +72,7 @@ func recordSigninErrorInfo(user *User, lang string, options ...bool) error {
 		enableCaptcha = options[0]
 	}
 
-	failedSigninLimit, failedSigninfrozenTime, errSignin := GetFailedSigninConfigByUser(user)
+	failedSigninLimit, failedSigninFrozenTime, errSignin := GetFailedSigninConfigByUser(user)
 	if errSignin != nil {
 		return errSignin
 	}
@@ -101,5 +101,5 @@ func recordSigninErrorInfo(user *User, lang string, options ...bool) error {
 	}
 
 	// don't show the chance error message if the user has no chance left
-	return fmt.Errorf(i18n.Translate(lang, "check:You have entered the wrong password or code too many times, please wait for %d minutes and try again"), failedSigninfrozenTime)
+	return fmt.Errorf(i18n.Translate(lang, "check:You have entered the wrong password or code too many times, please wait for %d minutes and try again"), failedSigninFrozenTime)
 }

object/init.go

@@ -181,7 +181,7 @@ func initBuiltInApplication() {
 			{Name: "provider_captcha_default", CanSignUp: false, CanSignIn: false, CanUnlink: false, Prompted: false, SignupGroup: "", Rule: "None", Provider: nil},
 		},
 		SigninMethods: []*SigninMethod{
-			{Name: "Password", DisplayName: "Password", Rule: "None"},
+			{Name: "Password", DisplayName: "Password", Rule: "All"},
 			{Name: "Verification code", DisplayName: "Verification code", Rule: "All"},
 			{Name: "WebAuthn", DisplayName: "WebAuthn", Rule: "None"},
 		},

object/invitation.go

@@ -17,6 +17,7 @@ package object
 import (
 	"fmt"
 
+	"github.com/casdoor/casdoor/i18n"
 	"github.com/casdoor/casdoor/util"
 	"github.com/xorm-io/core"
 )
@@ -28,7 +29,8 @@ type Invitation struct {
 	UpdatedTime string `xorm:"varchar(100)" json:"updatedTime"`
 	DisplayName string `xorm:"varchar(100)" json:"displayName"`
 
-	Code      string `xorm:"varchar(100)" json:"code"`
+	Code      string `xorm:"varchar(100) index" json:"code"`
+	IsRegexp  bool   `json:"isRegexp"`
 	Quota     int    `json:"quota"`
 	UsedCount int    `json:"usedCount"`
 
@@ -99,6 +101,12 @@ func UpdateInvitation(id string, invitation *Invitation) (bool, error) {
 		return false, nil
 	}
 
+	if isRegexp, err := util.IsRegexp(invitation.Code); err != nil {
+		return false, err
+	} else {
+		invitation.IsRegexp = isRegexp
+	}
+
 	affected, err := ormer.Engine.ID(core.PK{owner, name}).AllCols().Update(invitation)
 	if err != nil {
 		return false, err
@@ -108,6 +116,12 @@ func UpdateInvitation(id string, invitation *Invitation) (bool, error) {
 }
 
 func AddInvitation(invitation *Invitation) (bool, error) {
+	if isRegexp, err := util.IsRegexp(invitation.Code); err != nil {
+		return false, err
+	} else {
+		invitation.IsRegexp = isRegexp
+	}
+
 	affected, err := ormer.Engine.Insert(invitation)
 	if err != nil {
 		return false, err
@@ -132,3 +146,36 @@ func (invitation *Invitation) GetId() string {
 func VerifyInvitation(id string) (payment *Payment, attachInfo map[string]interface{}, err error) {
 	return nil, nil, fmt.Errorf("the invitation: %s does not exist", id)
 }
+
+func (invitation *Invitation) IsInvitationCodeValid(application *Application, invitationCode string, username string, email string, phone string, lang string) (bool, string) {
+	if matched, err := util.IsInvitationCodeMatch(invitation.Code, invitationCode); err != nil {
+		return false, err.Error()
+	} else if !matched {
+		return false, ""
+	}
+
+	if invitation.State != "Active" {
+		return false, i18n.Translate(lang, "check:Invitation code suspended")
+	}
+	if invitation.UsedCount >= invitation.Quota {
+		return false, i18n.Translate(lang, "check:Invitation code exhausted")
+	}
+	if application.IsSignupItemRequired("Username") && invitation.Username != "" && invitation.Username != username {
+		return false, i18n.Translate(lang, "check:Please register using the username corresponding to the invitation code")
+	}
+	if application.IsSignupItemRequired("Email") && invitation.Email != "" && invitation.Email != email {
+		return false, i18n.Translate(lang, "check:Please register using the email corresponding to the invitation code")
+	}
+	if application.IsSignupItemRequired("Phone") && invitation.Phone != "" && invitation.Phone != phone {
+		return false, i18n.Translate(lang, "check:Please register using the phone  corresponding to the invitation code")
+	}
+
+	// Determine whether the invitation code is in the form of a regular expression other than pure numbers and letters
+	if invitation.IsRegexp {
+		user, _ := GetUserByInvitationCode(invitation.Owner, invitationCode)
+		if user != nil {
+			return false, i18n.Translate(lang, "check:The invitation code has already been used")
+		}
+	}
+	return true, ""
+}

object/permission_enforcer.go

@@ -308,7 +308,7 @@ func BatchEnforce(permission *Permission, requests [][]string, permissionIds ...
 	return enforcer.BatchEnforce(interfaceRequests)
 }
 
-func getAllValues(userId string, fn func(enforcer *casbin.Enforcer) []string) ([]string, error) {
+func getEnforcers(userId string) ([]*casbin.Enforcer, error) {
 	permissions, _, err := getPermissionsAndRolesByUser(userId)
 	if err != nil {
 		return nil, err
@@ -320,7 +320,8 @@ func getAllValues(userId string, fn func(enforcer *casbin.Enforcer) []string) ([
 	}
 
 	for _, role := range allRoles {
-		permissionsByRole, err := GetPermissionsByRole(role)
+		var permissionsByRole []*Permission
+		permissionsByRole, err = GetPermissionsByRole(role)
 		if err != nil {
 			return nil, err
 		}
@@ -328,29 +329,45 @@ func getAllValues(userId string, fn func(enforcer *casbin.Enforcer) []string) ([
 		permissions = append(permissions, permissionsByRole...)
 	}
 
-	var values []string
+	var enforcers []*casbin.Enforcer
 	for _, permission := range permissions {
-		enforcer, err := getPermissionEnforcer(permission)
+		var enforcer *casbin.Enforcer
+		enforcer, err = getPermissionEnforcer(permission)
 		if err != nil {
 			return nil, err
 		}
 
-		values = append(values, fn(enforcer)...)
+		enforcers = append(enforcers, enforcer)
 	}
-
+	return enforcers, nil
-	return values, nil
 }
 
 func GetAllObjects(userId string) ([]string, error) {
-	return getAllValues(userId, func(enforcer *casbin.Enforcer) []string {
+	enforcers, err := getEnforcers(userId)
-		return enforcer.GetAllObjects()
+	if err != nil {
-	})
+		return nil, err
+	}
+
+	res := []string{}
+	for _, enforcer := range enforcers {
+		items := enforcer.GetAllObjects()
+		res = append(res, items...)
+	}
+	return res, nil
 }
 
 func GetAllActions(userId string) ([]string, error) {
-	return getAllValues(userId, func(enforcer *casbin.Enforcer) []string {
+	enforcers, err := getEnforcers(userId)
-		return enforcer.GetAllActions()
+	if err != nil {
-	})
+		return nil, err
+	}
+
+	res := []string{}
+	for _, enforcer := range enforcers {
+		items := enforcer.GetAllObjects()
+		res = append(res, items...)
+	}
+	return res, nil
 }
 
 func GetAllRoles(userId string) ([]string, error) {

object/role.go

@@ -266,10 +266,9 @@ func (role *Role) GetId() string {
 }
 
 func getRolesByUserInternal(userId string) ([]*Role, error) {
-	roles := []*Role{}
 	user, err := GetUser(userId)
 	if err != nil {
-		return roles, err
+		return nil, err
 	}
 	if user == nil {
 		return nil, fmt.Errorf("The user: %s doesn't exist", userId)
@@ -280,9 +279,10 @@ func getRolesByUserInternal(userId string) ([]*Role, error) {
 		query = query.Or("r.groups like ?", fmt.Sprintf("%%%s%%", group))
 	}
 
+	roles := []*Role{}
 	err = query.Find(&roles)
 	if err != nil {
-		return roles, err
+		return nil, err
 	}
 
 	res := []*Role{}
@@ -291,14 +291,13 @@ func getRolesByUserInternal(userId string) ([]*Role, error) {
 			res = append(res, role)
 		}
 	}
-
 	return res, nil
 }
 
 func getRolesByUser(userId string) ([]*Role, error) {
 	roles, err := getRolesByUserInternal(userId)
 	if err != nil {
-		return roles, err
+		return nil, err
 	}
 
 	allRolesIds := []string{}
@@ -379,15 +378,11 @@ func GetMaskedRoles(roles []*Role) []*Role {
 
 // GetAncestorRoles returns a list of roles that contain the given roleIds
 func GetAncestorRoles(roleIds ...string) ([]*Role, error) {
-	var (
-		result  = []*Role{}
-		roleMap = make(map[string]*Role)
-		visited = make(map[string]bool)
-	)
 	if len(roleIds) == 0 {
-		return result, nil
+		return []*Role{}, nil
 	}
 
+	visited := map[string]bool{}
 	for _, roleId := range roleIds {
 		visited[roleId] = true
 	}
@@ -399,25 +394,26 @@ func GetAncestorRoles(roleIds ...string) ([]*Role, error) {
 		return nil, err
 	}
 
+	roleMap := map[string]*Role{}
 	for _, r := range allRoles {
 		roleMap[r.GetId()] = r
 	}
 
-	// Second, find all the roles that contain father roles
+	// find all the roles that contain father roles
+	res := []*Role{}
 	for _, r := range allRoles {
 		isContain, ok := visited[r.GetId()]
 		if isContain {
-			result = append(result, r)
+			res = append(res, r)
 		} else if !ok {
 			rId := r.GetId()
 			visited[rId] = containsRole(r, roleMap, visited, roleIds...)
 			if visited[rId] {
-				result = append(result, r)
+				res = append(res, r)
 			}
 		}
 	}
-
+	return res, nil
-	return result, nil
 }
 
 // containsRole is a helper function to check if a roles is related to any role in the given list roles

object/syncer.go

@@ -116,22 +116,35 @@ func GetSyncer(id string) (*Syncer, error) {
 	return getSyncer(owner, name)
 }
 
-func GetMaskedSyncer(syncer *Syncer) *Syncer {
+func GetMaskedSyncer(syncer *Syncer, errs ...error) (*Syncer, error) {
+	if len(errs) > 0 && errs[0] != nil {
+		return nil, errs[0]
+	}
+
 	if syncer == nil {
-		return nil
+		return nil, nil
 	}
 
 	if syncer.Password != "" {
 		syncer.Password = "***"
 	}
-	return syncer
+	return syncer, nil
 }
 
-func GetMaskedSyncers(syncers []*Syncer) []*Syncer {
+func GetMaskedSyncers(syncers []*Syncer, errs ...error) ([]*Syncer, error) {
-	for _, syncer := range syncers {
+	if len(errs) > 0 && errs[0] != nil {
-		syncer = GetMaskedSyncer(syncer)
+		return nil, errs[0]
 	}
-	return syncers
+
+	var err error
+	for _, syncer := range syncers {
+		syncer, err = GetMaskedSyncer(syncer)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	return syncers, nil
 }
 
 func UpdateSyncer(id string, syncer *Syncer) (bool, error) {

object/user.go

@@ -183,6 +183,8 @@ type User struct {
 	MfaPhoneEnabled     bool                  `json:"mfaPhoneEnabled"`
 	MfaEmailEnabled     bool                  `json:"mfaEmailEnabled"`
 	MultiFactorAuths    []*MfaProps           `xorm:"-" json:"multiFactorAuths,omitempty"`
+	Invitation          string                `xorm:"varchar(100) index" json:"invitation"`
+	InvitationCode      string                `xorm:"varchar(100) index" json:"invitationCode"`
 
 	Ldap       string            `xorm:"ldap varchar(100)" json:"ldap"`
 	Properties map[string]string `json:"properties"`
@@ -496,6 +498,24 @@ func GetUserByUserIdOnly(userId string) (*User, error) {
 	}
 }
 
+func GetUserByInvitationCode(owner string, invitationCode string) (*User, error) {
+	if owner == "" || invitationCode == "" {
+		return nil, nil
+	}
+
+	user := User{Owner: owner, InvitationCode: invitationCode}
+	existed, err := ormer.Engine.Get(&user)
+	if err != nil {
+		return nil, err
+	}
+
+	if existed {
+		return &user, nil
+	} else {
+		return nil, nil
+	}
+}
+
 func GetUserByAccessKey(accessKey string) (*User, error) {
 	if accessKey == "" {
 		return nil, nil

routers/cors_filter.go

@@ -24,16 +24,18 @@ import (
 )
 
 const (
-	headerOrigin       = "Origin"
+	headerOrigin           = "Origin"
-	headerAllowOrigin  = "Access-Control-Allow-Origin"
+	headerAllowOrigin      = "Access-Control-Allow-Origin"
-	headerAllowMethods = "Access-Control-Allow-Methods"
+	headerAllowMethods     = "Access-Control-Allow-Methods"
-	headerAllowHeaders = "Access-Control-Allow-Headers"
+	headerAllowHeaders     = "Access-Control-Allow-Headers"
+	headerAllowCredentials = "Access-Control-Allow-Credentials"
 )
 
 func setCorsHeaders(ctx *context.Context, origin string) {
 	ctx.Output.Header(headerAllowOrigin, origin)
 	ctx.Output.Header(headerAllowMethods, "POST, GET, OPTIONS, DELETE")
 	ctx.Output.Header(headerAllowHeaders, "Content-Type, Authorization")
+	ctx.Output.Header(headerAllowCredentials, "true")
 
 	if ctx.Input.Method() == "OPTIONS" {
 		ctx.ResponseWriter.WriteHeader(http.StatusOK)

routers/router.go

@@ -13,7 +13,7 @@
 // limitations under the License.
 
 // Package routers
-// @APIVersion 1.376.1
+// @APIVersion 1.503.0
 // @Title Casdoor RESTful API
 // @Description Swagger Docs of Casdoor Backend API
 // @Contact casbin@googlegroups.com

storage/storage.go

@@ -34,6 +34,8 @@ func GetStorageProvider(providerType string, clientId string, clientSecret strin
 		return NewQiniuCloudKodoStorageProvider(clientId, clientSecret, region, bucket, endpoint)
 	case "Google Cloud Storage":
 		return NewGoogleCloudStorageProvider(clientSecret, bucket, endpoint)
+	case "Synology":
+		return NewSynologyNasStorageProvider(clientId, clientSecret, endpoint)
 	}
 
 	return nil

storage/synology_nas.go

@@ -0,0 +1,31 @@
+// Copyright 2023 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package storage
+
+import (
+	"github.com/casdoor/oss"
+	"github.com/casdoor/oss/synology"
+)
+
+func NewSynologyNasStorageProvider(clientId string, clientSecret string, endpoint string) oss.StorageInterface {
+	sp := synology.New(&synology.Config{
+		AccessID:     clientId,
+		AccessKey:    clientSecret,
+		Endpoint:     endpoint,
+		SharedFolder: "/home",
+	})
+
+	return sp
+}

swagger/swagger.yml

@@ -2,7 +2,7 @@ swagger: "2.0"
 info:
   title: Casdoor RESTful API
   description: Swagger Docs of Casdoor Backend API
-  version: 1.376.1
+  version: 1.503.0
   contact:
     email: casbin@googlegroups.com
 basePath: /
@@ -31,6 +31,17 @@ paths:
           description: ""
           schema:
             $ref: '#/definitions/object.OidcDiscovery'
+  /api/Callback:
+    post:
+      tags:
+      - Callback API
+      description: Get Login Error Counts
+      operationId: ApiController.Callback
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/object.Userinfo'
   /api/add-adapter:
     post:
       tags:
@@ -121,6 +132,24 @@ paths:
           description: The Response object
           schema:
             $ref: '#/definitions/controllers.Response'
+  /api/add-invitation:
+    post:
+      tags:
+      - Invitation API
+      description: add invitation
+      operationId: ApiController.AddInvitation
+      parameters:
+      - in: body
+        name: body
+        description: The details of the invitation
+        required: true
+        schema:
+          $ref: '#/definitions/object.Invitation'
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/controllers.Response'
   /api/add-ldap:
     post:
       tags:
@@ -442,162 +471,10 @@ paths:
           description: The Response object
           schema:
             $ref: '#/definitions/controllers.Response'
-  /api/api/Callback:
-    post:
-      tags:
-      - Callback API
-      description: Get Login Error Counts
-      operationId: ApiController.Callback
-      responses:
-        "200":
-          description: The Response object
-          schema:
-            $ref: '#/definitions/object.Userinfo'
-  /api/api/get-captcha:
-    get:
-      tags:
-      - Login API
-      operationId: ApiController.GetCaptcha
-      responses:
-        "200":
-          description: The Response object
-          schema:
-            $ref: '#/definitions/object.Userinfo'
-  /api/api/get-captcha-status:
-    get:
-      tags:
-      - Token API
-      description: Get Login Error Counts
-      operationId: ApiController.GetCaptchaStatus
-      parameters:
-      - in: query
-        name: id
-        description: The id ( owner/name ) of user
-        required: true
-        type: string
-      responses:
-        "200":
-          description: The Response object
-          schema:
-            $ref: '#/definitions/controllers.Response'
-  /api/api/get-webhook-event:
-    get:
-      tags:
-      - GetWebhookEventType API
-      operationId: ApiController.GetWebhookEventType
-      responses:
-        "200":
-          description: The Response object
-          schema:
-            $ref: '#/definitions/object.Userinfo'
-  /api/api/reset-email-or-phone:
-    post:
-      tags:
-      - Account API
-      operationId: ApiController.ResetEmailOrPhone
-      responses:
-        "200":
-          description: The Response object
-          schema:
-            $ref: '#/definitions/object.Userinfo'
-  /api/api/send-email:
-    post:
-      tags:
-      - Service API
-      description: This API is not for Casdoor frontend to call, it is for Casdoor SDKs.
-      operationId: ApiController.SendEmail
-      parameters:
-      - in: query
-        name: clientId
-        description: The clientId of the application
-        required: true
-        type: string
-      - in: query
-        name: clientSecret
-        description: The clientSecret of the application
-        required: true
-        type: string
-      - in: body
-        name: from
-        description: Details of the email request
-        required: true
-        schema:
-          $ref: '#/definitions/controllers.EmailForm'
-      responses:
-        "200":
-          description: The Response object
-          schema:
-            $ref: '#/definitions/controllers.Response'
-  /api/api/send-notification:
-    post:
-      tags:
-      - Service API
-      description: This API is not for Casdoor frontend to call, it is for Casdoor SDKs.
-      operationId: ApiController.SendNotification
-      parameters:
-      - in: body
-        name: from
-        description: Details of the notification request
-        required: true
-        schema:
-          $ref: '#/definitions/controllers.NotificationForm'
-      responses:
-        "200":
-          description: The Response object
-          schema:
-            $ref: '#/definitions/controllers.Response'
-  /api/api/send-sms:
-    post:
-      tags:
-      - Service API
-      description: This API is not for Casdoor frontend to call, it is for Casdoor SDKs.
-      operationId: ApiController.SendSms
-      parameters:
-      - in: query
-        name: clientId
-        description: The clientId of the application
-        required: true
-        type: string
-      - in: query
-        name: clientSecret
-        description: The clientSecret of the application
-        required: true
-        type: string
-      - in: body
-        name: from
-        description: Details of the sms request
-        required: true
-        schema:
-          $ref: '#/definitions/controllers.SmsForm'
-      responses:
-        "200":
-          description: The Response object
-          schema:
-            $ref: '#/definitions/controllers.Response'
-  /api/api/verify-code:
-    post:
-      tags:
-      - Verification API
-      operationId: ApiController.VerifyCode
-      responses:
-        "200":
-          description: The Response object
-          schema:
-            $ref: '#/definitions/object.Userinfo'
-  /api/api/webhook:
-    post:
-      tags:
-      - HandleOfficialAccountEvent API
-      operationId: ApiController.HandleOfficialAccountEvent
-      responses:
-        "200":
-          description: The Response object
-          schema:
-            $ref: '#/definitions/object.Userinfo'
   /api/batch-enforce:
     post:
       tags:
-      - Enforce API
+      - Enforcer API
       description: Call Casbin BatchEnforce API
       operationId: ApiController.BatchEnforce
       parameters:
@@ -617,6 +494,10 @@ paths:
         name: modelId
         description: model id
         type: string
+      - in: query
+        name: owner
+        description: owner
+        type: string
       responses:
         "200":
           description: The Response object
@@ -744,6 +625,24 @@ paths:
           description: The Response object
           schema:
             $ref: '#/definitions/controllers.Response'
+  /api/delete-invitation:
+    post:
+      tags:
+      - Invitation API
+      description: delete invitation
+      operationId: ApiController.DeleteInvitation
+      parameters:
+      - in: body
+        name: body
+        description: The details of the invitation
+        required: true
+        schema:
+          $ref: '#/definitions/object.Invitation'
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/controllers.Response'
   /api/delete-ldap:
     post:
       tags:
@@ -1064,7 +963,7 @@ paths:
   /api/enforce:
     post:
       tags:
-      - Enforce API
+      - Enforcer API
       description: Call Casbin Enforce API
       operationId: ApiController.Enforce
       parameters:
@@ -1088,6 +987,10 @@ paths:
         name: resourceId
         description: resource id
         type: string
+      - in: query
+        name: owner
+        description: owner
+        type: string
       responses:
         "200":
           description: The Response object
@@ -1213,6 +1116,33 @@ paths:
             type: array
             items:
               $ref: '#/definitions/object.Application'
+  /api/get-captcha:
+    get:
+      tags:
+      - Login API
+      operationId: ApiController.GetCaptcha
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/object.Userinfo'
+  /api/get-captcha-status:
+    get:
+      tags:
+      - Token API
+      description: Get Login Error Counts
+      operationId: ApiController.GetCaptchaStatus
+      parameters:
+      - in: query
+        name: id
+        description: The id ( owner/name ) of user
+        required: true
+        type: string
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/controllers.Response'
   /api/get-cert:
     get:
       tags:
@@ -1252,7 +1182,7 @@ paths:
   /api/get-dashboard:
     get:
       tags:
-      - GetDashboard API
+      - System API
       description: get information of dashboard
       operationId: ApiController.GetDashboard
       responses:
@@ -1410,6 +1340,42 @@ paths:
             type: array
             items:
               $ref: '#/definitions/object.Group'
+  /api/get-invitation:
+    get:
+      tags:
+      - Invitation API
+      description: get invitation
+      operationId: ApiController.GetInvitation
+      parameters:
+      - in: query
+        name: id
+        description: The id ( owner/name ) of the invitation
+        required: true
+        type: string
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/object.Invitation'
+  /api/get-invitations:
+    get:
+      tags:
+      - Invitation API
+      description: get invitations
+      operationId: ApiController.GetInvitations
+      parameters:
+      - in: query
+        name: owner
+        description: The owner of invitations
+        required: true
+        type: string
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            type: array
+            items:
+              $ref: '#/definitions/object.Invitation'
   /api/get-ldap:
     get:
       tags:
@@ -1785,7 +1751,7 @@ paths:
   /api/get-prometheus-info:
     get:
       tags:
-      - Prometheus API
+      - System API
       description: get Prometheus Info
       operationId: ApiController.GetPrometheusInfo
       responses:
@@ -2269,6 +2235,16 @@ paths:
           description: The Response object
           schema:
             $ref: '#/definitions/object.Webhook'
+  /api/get-webhook-event:
+    get:
+      tags:
+      - System API
+      operationId: ApiController.GetWebhookEventType
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/object.Userinfo'
   /api/get-webhooks:
     get:
       tags:
@@ -2396,8 +2372,50 @@ paths:
           description: The Response object
           schema:
             $ref: '#/definitions/controllers.Response'
+  /api/login/oauth/access_token:
+    post:
+      tags:
+      - Token API
+      description: get OAuth access token
+      operationId: ApiController.GetOAuthToken
+      parameters:
+      - in: query
+        name: grant_type
+        description: OAuth grant type
+        required: true
+        type: string
+      - in: query
+        name: client_id
+        description: OAuth client id
+        required: true
+        type: string
+      - in: query
+        name: client_secret
+        description: OAuth client secret
+        required: true
+        type: string
+      - in: query
+        name: code
+        description: OAuth code
+        required: true
+        type: string
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/object.TokenWrapper'
+        "400":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/object.TokenError'
+        "401":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/object.TokenError'
   /api/login/oauth/introspect:
     post:
+      tags:
+      - Login API
       description: The introspection endpoint is an OAuth 2.0 endpoint that takes a
       operationId: ApiController.IntrospectToken
       parameters:
@@ -2543,6 +2561,16 @@ paths:
           description: The Response object
           schema:
             $ref: '#/definitions/controllers.Response'
+  /api/reset-email-or-phone:
+    post:
+      tags:
+      - Account API
+      operationId: ApiController.ResetEmailOrPhone
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/object.Userinfo'
   /api/run-syncer:
     get:
       tags:
@@ -2561,6 +2589,80 @@ paths:
           description: The Response object
           schema:
             $ref: '#/definitions/controllers.Response'
+  /api/send-email:
+    post:
+      tags:
+      - Service API
+      description: This API is not for Casdoor frontend to call, it is for Casdoor SDKs.
+      operationId: ApiController.SendEmail
+      parameters:
+      - in: query
+        name: clientId
+        description: The clientId of the application
+        required: true
+        type: string
+      - in: query
+        name: clientSecret
+        description: The clientSecret of the application
+        required: true
+        type: string
+      - in: body
+        name: from
+        description: Details of the email request
+        required: true
+        schema:
+          $ref: '#/definitions/controllers.EmailForm'
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/controllers.Response'
+  /api/send-notification:
+    post:
+      tags:
+      - Service API
+      description: This API is not for Casdoor frontend to call, it is for Casdoor SDKs.
+      operationId: ApiController.SendNotification
+      parameters:
+      - in: body
+        name: from
+        description: Details of the notification request
+        required: true
+        schema:
+          $ref: '#/definitions/controllers.NotificationForm'
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/controllers.Response'
+  /api/send-sms:
+    post:
+      tags:
+      - Service API
+      description: This API is not for Casdoor frontend to call, it is for Casdoor SDKs.
+      operationId: ApiController.SendSms
+      parameters:
+      - in: query
+        name: clientId
+        description: The clientId of the application
+        required: true
+        type: string
+      - in: query
+        name: clientSecret
+        description: The clientSecret of the application
+        required: true
+        type: string
+      - in: body
+        name: from
+        description: Details of the sms request
+        required: true
+        schema:
+          $ref: '#/definitions/controllers.SmsForm'
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/controllers.Response'
   /api/send-verification-code:
     post:
       tags:
@@ -2778,6 +2880,29 @@ paths:
           description: The Response object
           schema:
             $ref: '#/definitions/controllers.Response'
+  /api/update-invitation:
+    post:
+      tags:
+      - Invitation API
+      description: update invitation
+      operationId: ApiController.UpdateInvitation
+      parameters:
+      - in: query
+        name: id
+        description: The id ( owner/name ) of the invitation
+        required: true
+        type: string
+      - in: body
+        name: body
+        description: The details of the invitation
+        required: true
+        schema:
+          $ref: '#/definitions/object.Invitation'
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/controllers.Response'
   /api/update-ldap:
     post:
       tags:
@@ -3245,6 +3370,33 @@ paths:
           description: The Response object
           schema:
             $ref: '#/definitions/object.Userinfo'
+  /api/verify-code:
+    post:
+      tags:
+      - Verification API
+      operationId: ApiController.VerifyCode
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/object.Userinfo'
+  /api/verify-invitation:
+    get:
+      tags:
+      - Invitation API
+      description: verify invitation
+      operationId: ApiController.VerifyInvitation
+      parameters:
+      - in: query
+        name: id
+        description: The id ( owner/name ) of the invitation
+        required: true
+        type: string
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/controllers.Response'
   /api/webauthn/signin/begin:
     get:
       tags:
@@ -3314,46 +3466,16 @@ paths:
           description: '"The Response object"'
           schema:
             $ref: '#/definitions/controllers.Response'
-  /apiapi/login/oauth/access_token:
+  /api/webhook:
     post:
       tags:
-      - Token API
+      - System API
-      description: get OAuth access token
+      operationId: ApiController.HandleOfficialAccountEvent
-      operationId: ApiController.GetOAuthToken
-      parameters:
-      - in: query
-        name: grant_type
-        description: OAuth grant type
-        required: true
-        type: string
-      - in: query
-        name: client_id
-        description: OAuth client id
-        required: true
-        type: string
-      - in: query
-        name: client_secret
-        description: OAuth client secret
-        required: true
-        type: string
-      - in: query
-        name: code
-        description: OAuth code
-        required: true
-        type: string
       responses:
         "200":
           description: The Response object
           schema:
-            $ref: '#/definitions/object.TokenWrapper'
+            $ref: '#/definitions/object.Userinfo'
-        "400":
-          description: The Response object
-          schema:
-            $ref: '#/definitions/object.TokenError'
-        "401":
-          description: The Response object
-          schema:
-            $ref: '#/definitions/object.TokenError'
 definitions:
   casbin.Enforcer:
     title: Enforcer
@@ -3546,10 +3668,10 @@ definitions:
       expireInHours:
         type: integer
         format: int64
-      failedSigninLimit:
+      failedSigninFrozenTime:
         type: integer
         format: int64
-      failedSigninfrozenTime:
+      failedSigninLimit:
         type: integer
         format: int64
       forgetUrl:
@@ -3606,6 +3728,10 @@ definitions:
         type: string
       signinHtml:
         type: string
+      signinMethods:
+        type: array
+        items:
+          $ref: '#/definitions/object.SigninMethod'
       signinUrl:
         type: string
       signupHtml:
@@ -3624,6 +3750,10 @@ definitions:
         type: string
       themeData:
         $ref: '#/definitions/object.ThemeData'
+      tokenFields:
+        type: array
+        items:
+          type: string
       tokenFormat:
         type: string
   object.Cert:
@@ -3780,6 +3910,40 @@ definitions:
         type: string
       username:
         type: string
+  object.Invitation:
+    title: Invitation
+    type: object
+    properties:
+      application:
+        type: string
+      code:
+        type: string
+      createdTime:
+        type: string
+      displayName:
+        type: string
+      email:
+        type: string
+      name:
+        type: string
+      owner:
+        type: string
+      phone:
+        type: string
+      quota:
+        type: integer
+        format: int64
+      signupGroup:
+        type: string
+      state:
+        type: string
+      updatedTime:
+        type: string
+      usedCount:
+        type: integer
+        format: int64
+      username:
+        type: string
   object.Ldap:
     title: Ldap
     type: object
@@ -4451,10 +4615,20 @@ definitions:
     properties:
       name:
         type: string
-      nameformat:
+      nameFormat:
         type: string
       value:
         type: string
+  object.SigninMethod:
+    title: SigninMethod
+    type: object
+    properties:
+      displayName:
+        type: string
+      name:
+        type: string
+      rule:
+        type: string
   object.SignupItem:
     title: SignupItem
     type: object
@@ -4467,6 +4641,8 @@ definitions:
         type: string
       prompted:
         type: boolean
+      regex:
+        type: string
       required:
         type: boolean
       rule:

util/validation.go

@@ -18,6 +18,7 @@ import (
 	"fmt"
 	"net/mail"
 	"regexp"
+	"strings"
 
 	"github.com/nyaruka/phonenumbers"
 )
@@ -53,6 +54,23 @@ func IsPhoneAllowInRegin(countryCode string, allowRegions []string) bool {
 	return ContainsString(allowRegions, countryCode)
 }
 
+func IsRegexp(s string) (bool, error) {
+	if _, err := regexp.Compile(s); err != nil {
+		return false, err
+	}
+	return regexp.QuoteMeta(s) != s, nil
+}
+
+func IsInvitationCodeMatch(pattern string, invitationCode string) (bool, error) {
+	if !strings.HasPrefix(pattern, "^") {
+		pattern = "^" + pattern
+	}
+	if !strings.HasSuffix(pattern, "$") {
+		pattern = pattern + "$"
+	}
+	return regexp.MatchString(pattern, invitationCode)
+}
+
 func GetE164Number(phone string, countryCode string) (string, bool) {
 	phoneNumber, _ := phonenumbers.Parse(phone, countryCode)
 	return phonenumbers.Format(phoneNumber, phonenumbers.E164), phonenumbers.IsValidNumber(phoneNumber)

web/src/App.js

@@ -368,7 +368,11 @@ class App extends Component {
     if (this.state.account === undefined) {
       return null;
     } else if (this.state.account === null) {
-      return null;
+      return (
+        <React.Fragment>
+          <LanguageSelect />
+        </React.Fragment>
+      );
     } else {
       return (
         <React.Fragment>

web/src/ApplicationEditPage.js

@@ -13,7 +13,7 @@
 // limitations under the License.
 
 import React from "react";
-import {Button, Card, Col, ConfigProvider, Input, InputNumber, List, Popover, Radio, Result, Row, Select, Space, Switch, Upload} from "antd";
+import {Button, Card, Col, ConfigProvider, Input, InputNumber, Popover, Radio, Result, Row, Select, Switch, Upload} from "antd";
 import {CopyOutlined, LinkOutlined, UploadOutlined} from "@ant-design/icons";
 import * as ApplicationBackend from "./backend/ApplicationBackend";
 import * as CertBackend from "./backend/CertBackend";
@@ -27,7 +27,7 @@ import LoginPage from "./auth/LoginPage";
 import i18next from "i18next";
 import UrlTable from "./table/UrlTable";
 import ProviderTable from "./table/ProviderTable";
-import SigninTable from "./table/SigninTable";
+import SigninMethodTable from "./table/SigninMethodTable";
 import SignupTable from "./table/SignupTable";
 import SamlAttributeTable from "./table/SamlAttributeTable";
 import PromptPage from "./auth/PromptPage";
@@ -141,10 +141,6 @@ class ApplicationEditPage extends React.Component {
           application.tags = [];
         }
 
-        if (application.invitationCodes === null) {
-          application.invitationCodes = [];
-        }
-
         this.setState({
           application: application,
         });
@@ -437,8 +433,8 @@ class ApplicationEditPage extends React.Component {
             {Setting.getLabel(i18next.t("application:Failed signin frozen time"), i18next.t("application:Failed signin frozen time - Tooltip"))} :
           </Col>
           <Col span={22} >
-            <InputNumber style={{width: "150px"}} value={this.state.application.failedSigninfrozenTime} min={1} step={1} precision={0} addonAfter="Minutes" onChange={value => {
+            <InputNumber style={{width: "150px"}} value={this.state.application.failedSigninFrozenTime} min={1} step={1} precision={0} addonAfter="Minutes" onChange={value => {
-              this.updateApplicationField("failedSigninfrozenTime", value);
+              this.updateApplicationField("failedSigninFrozenTime", value);
             }} />
           </Col>
         </Row>
@@ -487,7 +483,7 @@ class ApplicationEditPage extends React.Component {
             {Setting.getLabel(i18next.t("application:Signin methods"), i18next.t("application:Signin methods - Tooltip"))} :
           </Col>
           <Col span={22} >
-            <SigninTable
+            <SigninMethodTable
               title={i18next.t("application:Signin methods")}
               table={this.state.application.signinMethods}
               onUpdateTable={(value) => {
@@ -797,7 +793,7 @@ class ApplicationEditPage extends React.Component {
           </Col>
           <Col span={22} >
             <Row style={{marginTop: "20px"}} >
-              <Radio.Group onChange={e => {this.updateApplicationField("formOffset", e.target.value);}} value={this.state.application.formOffset}>
+              <Radio.Group buttonStyle="solid" onChange={e => {this.updateApplicationField("formOffset", e.target.value);}} value={this.state.application.formOffset}>
                 <Radio.Button value={1}>{i18next.t("application:Left")}</Radio.Button>
                 <Radio.Button value={2}>{i18next.t("application:Center")}</Radio.Button>
                 <Radio.Button value={3}>{i18next.t("application:Right")}</Radio.Button>
@@ -837,7 +833,7 @@ class ApplicationEditPage extends React.Component {
           </Col>
           <Col span={22} style={{marginTop: "5px"}}>
             <Row>
-              <Radio.Group value={this.state.application.themeData?.isEnabled ?? false} onChange={e => {
+              <Radio.Group buttonStyle="solid" value={this.state.application.themeData?.isEnabled ?? false} onChange={e => {
                 const {_, ...theme} = this.state.application.themeData ?? {...Conf.ThemeDefault, isEnabled: false};
                 this.updateApplicationField("themeData", {...theme, isEnabled: e.target.value});
               }} >
@@ -873,52 +869,6 @@ class ApplicationEditPage extends React.Component {
                   />
                 </Col>
               </Row>
-              <Row style={{marginTop: "20px"}} >
-                <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
-                  {Setting.getLabel(i18next.t("application:Invitation code"), i18next.t("application:Invitation code - Tooltip"))} :
-                </Col>
-                <Col span={22} >
-                  <List
-                    header={
-                      <Button type="primary" onClick={() => {
-                        this.updateApplicationField("invitationCodes", Setting.addRow(this.state.application.invitationCodes, Setting.getRandomName()));
-                      }
-                      }>
-                        {i18next.t("general:Add")}
-                      </Button>
-                    }
-                    dataSource={this.state.application.invitationCodes.map(code => {
-                      return {code: code};
-                    })}
-                    renderItem={(item, index) => (
-                      <List.Item key={index}>
-                        <Space>
-                          <Input value={item.code} onChange={e => {
-                            const invitationCodes = [...this.state.application.invitationCodes];
-                            invitationCodes[index] = e.target.value;
-                            this.updateApplicationField("invitationCodes", invitationCodes);
-                          }} />
-                        </Space>
-                        <Space>
-                          <Button icon={<CopyOutlined />} onClick={() => {
-                            copy(item.code);
-                            Setting.showMessage("success", i18next.t("general:Copied to clipboard successfully"));
-                          }
-                          }>
-                            {i18next.t("general:Copy")}
-                          </Button>
-                          <Button type="primary" danger onClick={() => {
-                            this.updateApplicationField("invitationCodes", this.state.application.invitationCodes.filter(code => code !== item.code));
-                          }
-                          }>
-                            {i18next.t("general:Delete")}
-                          </Button>
-                        </Space>
-                      </List.Item>
-                    )}
-                  />
-                </Col>
-              </Row>
             </React.Fragment>
           )
         }

web/src/InvitationEditPage.js

@@ -107,7 +107,7 @@ class InvitationEditPage extends React.Component {
             {Setting.getLabel(i18next.t("general:Organization"), i18next.t("general:Organization - Tooltip"))} :
           </Col>
           <Col span={22} >
-            <Select virtual={false} style={{width: "100%"}} disabled={!Setting.isAdminUser(this.props.account) || isCreatedByPlan} value={this.state.invitation.owner} onChange={(value => {this.updateInvitationField("owner", value);})}>
+            <Select virtual={false} style={{width: "100%"}} disabled={!Setting.isAdminUser(this.props.account) || isCreatedByPlan} value={this.state.invitation.owner} onChange={(value => {this.updateInvitationField("owner", value); this.getApplicationsByOrganization(value);})}>
               {
                 this.state.organizations.map((organization, index) => <Option key={index} value={organization.name}>{organization.name}</Option>)
               }
@@ -171,8 +171,10 @@ class InvitationEditPage extends React.Component {
           <Col span={22} >
             <Select virtual={false} style={{width: "100%"}} value={this.state.invitation.application}
               onChange={(value => {this.updateInvitationField("application", value);})}
-              options={this.state.applications.map((application) => Setting.getOption(application.name, application.name))
+              options={[
-              } />
+                {label: "All", value: i18next.t("general:All")},
+                ...this.state.applications.map((application) => Setting.getOption(application.name, application.name)),
+              ]} />
           </Col>
         </Row>
         <Row style={{marginTop: "20px"}} >

web/src/InvitationListPage.js

@@ -37,7 +37,7 @@ class InvitationListPage extends BaseListPage {
       code: Math.random().toString(36).slice(-10),
       quota: 1,
       usedCount: 0,
-      application: "",
+      application: "All",
       username: "",
       email: "",
       phone: "",

web/src/OrganizationEditPage.js

@@ -393,7 +393,7 @@ class OrganizationEditPage extends React.Component {
           </Col>
           <Col span={22} style={{marginTop: "5px"}}>
             <Row>
-              <Radio.Group value={this.state.organization.themeData?.isEnabled ?? false} onChange={e => {
+              <Radio.Group buttonStyle="solid" value={this.state.organization.themeData?.isEnabled ?? false} onChange={e => {
                 const {_, ...theme} = this.state.organization.themeData ?? {...Conf.ThemeDefault, isEnabled: false};
                 this.updateOrganizationField("themeData", {...theme, isEnabled: e.target.value});
               }} >

web/src/ProviderEditPage.js

@@ -796,7 +796,7 @@ class ProviderEditPage extends React.Component {
                 </Col>
               </Row>
             )}
-            {["Custom HTTP SMS", "Local File System", "MinIO", "Tencent Cloud COS", "Google Cloud Storage", "Qiniu Cloud Kodo"].includes(this.state.provider.type) ? null : (
+            {["Custom HTTP SMS", "Local File System", "MinIO", "Tencent Cloud COS", "Google Cloud Storage", "Qiniu Cloud Kodo", "Synology"].includes(this.state.provider.type) ? null : (
               <Row style={{marginTop: "20px"}} >
                 <Col style={{marginTop: "5px"}} span={2}>
                   {Setting.getLabel(i18next.t("provider:Endpoint (Intranet)"), i18next.t("provider:Region endpoint for Intranet"))} :
@@ -832,7 +832,7 @@ class ProviderEditPage extends React.Component {
                 </Col>
               </Row>
             )}
-            {["Custom HTTP SMS", "MinIO", "Google Cloud Storage", "Qiniu Cloud Kodo"].includes(this.state.provider.type) ? null : (
+            {["Custom HTTP SMS", "MinIO", "Google Cloud Storage", "Qiniu Cloud Kodo", "Synology"].includes(this.state.provider.type) ? null : (
               <Row style={{marginTop: "20px"}} >
                 <Col style={{marginTop: "5px"}} span={2}>
                   {Setting.getLabel(i18next.t("provider:Domain"), i18next.t("provider:Domain - Tooltip"))} :

web/src/Setting.js

@@ -207,6 +207,10 @@ export const OtherProviderInfo = {
       logo: `${StaticBaseUrl}/img/social_google_cloud.png`,
       url: "https://cloud.google.com/storage",
     },
+    "Synology": {
+      logo: `${StaticBaseUrl}/img/social_synology.png`,
+      url: "https://www.synology.com/en-global/dsm/feature/file_sharing",
+    },
   },
   SAML: {
     "Aliyun IDaaS": {
@@ -1024,6 +1028,7 @@ export function getProviderTypeOptions(category) {
         {id: "Azure Blob", name: "Azure Blob"},
         {id: "Qiniu Cloud Kodo", name: "Qiniu Cloud Kodo"},
         {id: "Google Cloud Storage", name: "Google Cloud Storage"},
+        {id: "Synology", name: "Synology"},
       ]
     );
   } else if (category === "SAML") {
@@ -1131,36 +1136,28 @@ export function renderLogo(application) {
   }
 }
 
-export function isPasswordEnabled(application) {
+function isSigninMethodEnabled(application, signinMethod) {
-  if (application) {
+  if (application && application.signinMethods) {
-    return application.signinMethods.filter(item => item.name === "Password").length > 0;
+    return application.signinMethods.filter(item => item.name === signinMethod).length > 0;
   } else {
     return false;
   }
 }
 
+export function isPasswordEnabled(application) {
+  return isSigninMethodEnabled(application, "Password");
+}
+
 export function isCodeSigninEnabled(application) {
-  if (application) {
+  return isSigninMethodEnabled(application, "Verification code");
-    return application.signinMethods.filter(item => item.name === "Verification code").length > 0;
-  } else {
-    return false;
-  }
 }
 
 export function isWebAuthnEnabled(application) {
-  if (application) {
+  return isSigninMethodEnabled(application, "WebAuthn");
-    return application.signinMethods.filter(item => item.name === "WebAuthn").length > 0;
-  } else {
-    return false;
-  }
 }
 
 export function isLdapEnabled(application) {
-  if (application) {
+  return isSigninMethodEnabled(application, "LDAP");
-    return application.signinMethods.filter(item => item.name === "LDAP").length > 0;
-  } else {
-    return false;
-  }
 }
 
 export function getLoginLink(application) {

web/src/UserEditPage.js

@@ -991,12 +991,14 @@ class UserEditPage extends React.Component {
   renderUser() {
     return (
       <Card size="small" title={
-        <div>
+        (this.props.account === null) ? i18next.t("user:User Profile") : (
-          {this.state.mode === "add" ? i18next.t("user:New User") : i18next.t("user:Edit User")}&nbsp;&nbsp;&nbsp;&nbsp;
+          <div>
-          <Button onClick={() => this.submitUserEdit(false)}>{i18next.t("general:Save")}</Button>
+            {this.state.mode === "add" ? i18next.t("user:New User") : i18next.t("user:Edit User")}&nbsp;&nbsp;&nbsp;&nbsp;
-          <Button style={{marginLeft: "20px"}} type="primary" onClick={() => this.submitUserEdit(true)}>{i18next.t("general:Save & Exit")}</Button>
+            <Button onClick={() => this.submitUserEdit(false)}>{i18next.t("general:Save")}</Button>
-          {this.state.mode === "add" ? <Button style={{marginLeft: "20px"}} onClick={() => this.deleteUser()}>{i18next.t("general:Cancel")}</Button> : null}
+            <Button style={{marginLeft: "20px"}} type="primary" onClick={() => this.submitUserEdit(true)}>{i18next.t("general:Save & Exit")}</Button>
-        </div>
+            {this.state.mode === "add" ? <Button style={{marginLeft: "20px"}} onClick={() => this.deleteUser()}>{i18next.t("general:Cancel")}</Button> : null}
+          </div>
+        )
       } style={(Setting.isMobile()) ? {margin: "5px"} : {}} type="inner">
         {
           this.getUserOrganization()?.accountItems?.map(accountItem => {
@@ -1054,7 +1056,11 @@ class UserEditPage extends React.Component {
               if (userListUrl !== null) {
                 this.props.history.push(userListUrl);
               } else {
-                this.props.history.push("/users");
+                if (Setting.isLocalAdminUser(this.props.account)) {
+                  this.props.history.push("/users");
+                } else {
+                  this.props.history.push("/");
+                }
               }
             } else {
               this.props.history.push(`/users/${this.state.user.owner}/${this.state.user.name}`);
@@ -1111,7 +1117,7 @@ class UserEditPage extends React.Component {
           )
         }
         {
-          this.state.user === null ? null :
+          (this.state.user === null || this.props.account === null) ? null :
             <div style={{marginTop: "20px", marginLeft: "40px"}}>
               <Button size="large" onClick={() => this.submitUserEdit(false)}>{i18next.t("general:Save")}</Button>
               <Button style={{marginLeft: "20px"}} type="primary" size="large" onClick={() => this.submitUserEdit(true)}>{i18next.t("general:Save & Exit")}</Button>

web/src/auth/AuthBackend.js

@@ -146,7 +146,7 @@ export function getWechatMessageEvent() {
 }
 
 export function getCaptchaStatus(values) {
-  return fetch(`${Setting.ServerUrl}/api/get-captcha-status?organization=${values["organization"]}&user_id=${values["username"]}`, {
+  return fetch(`${Setting.ServerUrl}/api/get-captcha-status?organization=${values["organization"]}&userId=${values["username"]}`, {
     method: "GET",
     credentials: "include",
     headers: {

web/src/auth/LoginPage.js

@@ -201,7 +201,7 @@ class LoginPage extends React.Component {
   }
 
   getDefaultLoginMethod(application) {
-    if (application?.signinMethods.length > 0) {
+    if (application?.signinMethods?.length > 0) {
       switch (application?.signinMethods[0].name) {
       case "Password": return "password";
       case "Verification code": {
@@ -588,6 +588,10 @@ class LoginPage extends React.Component {
                   },
                   {
                     validator: (_, value) => {
+                      if (value === "") {
+                        return Promise.resolve();
+                      }
+
                       if (this.state.loginMethod === "verificationCode") {
                         if (!Setting.isValidEmail(value) && !Setting.isValidPhone(value)) {
                           this.setState({validEmailOrPhone: false});
@@ -937,7 +941,7 @@ class LoginPage extends React.Component {
       [generateItemKey("LDAP", "None"), {label: i18next.t("login:LDAP"), key: "ldap"}],
     ]);
 
-    application?.signinMethods.forEach((signinMethod) => {
+    application?.signinMethods?.forEach((signinMethod) => {
       const item = itemsMap.get(generateItemKey(signinMethod.name, signinMethod.rule));
       if (item) {
         const label = signinMethod.name === signinMethod.displayName ? item.label : signinMethod.displayName;

web/src/auth/Provider.js

@@ -282,7 +282,7 @@ const authInfo = {
     endpoint: "https://id.twitch.tv/oauth2/authorize",
   },
   Twitter: {
-    scope: "users.read",
+    scope: "users.read%20tweet.read",
     endpoint: "https://twitter.com/i/oauth2/authorize",
   },
   Typetalk: {

web/src/auth/mfa/MfaVerifyTotpForm.js

@@ -51,6 +51,7 @@ export const MfaVerifyTotpForm = ({mfaProps, onFinish}) => {
           style={{marginTop: 24}}
           prefix={<UserOutlined />}
           placeholder={i18next.t("mfa:Passcode")}
+          autoComplete="off"
         />
       </Form.Item>
       <Form.Item>

web/src/common/PasswordChecker.js

@@ -37,7 +37,7 @@ function isValidOption_Aa123(password) {
 }
 
 function isValidOption_SpecialChar(password) {
-  const regex = /^(?=.*[!@#$%^&*]).+$/;
+  const regex = /^(?=.*[!-/:-@[-`{-~]).+$/;
   if (!regex.test(password)) {
     return i18next.t("user:The password must contain at least one special character");
   }

web/src/common/SendCodeInput.js

@@ -70,6 +70,7 @@ export const SendCodeInput = ({value, disabled, textBefore, onChange, onButtonCl
           </Button>
         }
         onSearch={() => setVisible(true)}
+        autoComplete="one-time-code"
       />
       <CaptchaModal
         owner={application.owner}

web/src/locales/ar/data.json

@@ -61,7 +61,6 @@
     "Incremental": "Incremental",
     "Input": "Input",
     "Invitation code": "Invitation code",
-    "Invitation code - Tooltip": "Invitation code - Tooltip",
     "Left": "Left",
     "Logged in successfully": "Logged in successfully",
     "Logged out successfully": "Logged out successfully",
@@ -192,7 +191,6 @@
     "Close": "Close",
     "Confirm": "Confirm",
     "Copied to clipboard successfully": "Copied to clipboard successfully",
-    "Copy": "Copy",
     "Created time": "Created time",
     "Custom": "Custom",
     "Dashboard": "Dashboard",
@@ -267,6 +265,7 @@
     "Models": "Models",
     "Name": "Name",
     "Name - Tooltip": "Unique, string-based ID",
+    "Name format": "Name format",
     "Non-LDAP": "Non-LDAP",
     "None": "None",
     "OAuth providers": "OAuth providers",
@@ -887,6 +886,7 @@
     "Please input your real name!": "Please input your real name!",
     "Please select your country code!": "Please select your country code!",
     "Please select your country/region!": "Please select your country/region!",
+    "Regex": "Regex",
     "Terms of Use": "Terms of Use",
     "Terms of Use - Tooltip": "Terms of use that users need to read and agree to during registration",
     "Text 1": "Text 1",
@@ -1053,8 +1053,6 @@
     "Managed accounts": "Managed accounts",
     "Modify password...": "Modify password...",
     "Multi-factor authentication": "Multi-factor authentication",
-    "Name": "Name",
-    "Name format": "Name format",
     "New Email": "New Email",
     "New Password": "New Password",
     "New User": "New User",
@@ -1092,7 +1090,7 @@
     "Upload ID card front picture": "Upload ID card front picture",
     "Upload ID card with person picture": "Upload ID card with person picture",
     "Upload a photo": "Upload a photo",
-    "Value": "Value",
+    "User Profile": "User Profile",
     "Values": "Values",
     "Verification code sent": "Verification code sent",
     "WebAuthn credentials": "WebAuthn credentials",

web/src/locales/de/data.json

@@ -61,7 +61,6 @@
     "Incremental": "Incremental",
     "Input": "Input",
     "Invitation code": "Invitation code",
-    "Invitation code - Tooltip": "Invitation code - Tooltip",
     "Left": "Links",
     "Logged in successfully": "Erfolgreich eingeloggt",
     "Logged out successfully": "Erfolgreich ausgeloggt",
@@ -192,7 +191,6 @@
     "Close": "Schließen",
     "Confirm": "Confirm",
     "Copied to clipboard successfully": "Copied to clipboard successfully",
-    "Copy": "Copy",
     "Created time": "Erstellte Zeit",
     "Custom": "Custom",
     "Dashboard": "Dashboard",
@@ -267,6 +265,7 @@
     "Models": "Modelle",
     "Name": "Name",
     "Name - Tooltip": "Eindeutige, auf Strings basierende ID",
+    "Name format": "Name format",
     "Non-LDAP": "Non-LDAP",
     "None": "None",
     "OAuth providers": "OAuth-Provider",
@@ -887,6 +886,7 @@
     "Please input your real name!": "Bitte geben Sie Ihren richtigen Namen ein!",
     "Please select your country code!": "Bitte wählen Sie Ihren Ländercode aus!",
     "Please select your country/region!": "Bitte wählen Sie Ihr Land/Ihre Region aus!",
+    "Regex": "Regex",
     "Terms of Use": "Nutzungsbedingungen",
     "Terms of Use - Tooltip": "Nutzungsbedingungen, die Benutzer während der Registrierung lesen und akzeptieren müssen",
     "Text 1": "Text 1",
@@ -1053,8 +1053,6 @@
     "Managed accounts": "Verwaltete Konten",
     "Modify password...": "Passwort ändern...",
     "Multi-factor authentication": "Multi-factor authentication",
-    "Name": "Name",
-    "Name format": "Name format",
     "New Email": "Neue E-Mail",
     "New Password": "Neues Passwort",
     "New User": "Neuer Benutzer",
@@ -1092,7 +1090,7 @@
     "Upload ID card front picture": "Upload ID card front picture",
     "Upload ID card with person picture": "Upload ID card with person picture",
     "Upload a photo": "Lade ein Foto hoch",
-    "Value": "Value",
+    "User Profile": "User Profile",
     "Values": "Werte",
     "Verification code sent": "Bestätigungscode gesendet",
     "WebAuthn credentials": "WebAuthn-Anmeldeinformationen",

web/src/locales/en/data.json

@@ -61,7 +61,6 @@
     "Incremental": "Incremental",
     "Input": "Input",
     "Invitation code": "Invitation code",
-    "Invitation code - Tooltip": "Invitation code - Tooltip",
     "Left": "Left",
     "Logged in successfully": "Logged in successfully",
     "Logged out successfully": "Logged out successfully",
@@ -192,7 +191,6 @@
     "Close": "Close",
     "Confirm": "Confirm",
     "Copied to clipboard successfully": "Copied to clipboard successfully",
-    "Copy": "Copy",
     "Created time": "Created time",
     "Custom": "Custom",
     "Dashboard": "Dashboard",
@@ -267,6 +265,7 @@
     "Models": "Models",
     "Name": "Name",
     "Name - Tooltip": "Unique, string-based ID",
+    "Name format": "Name format",
     "Non-LDAP": "Non-LDAP",
     "None": "None",
     "OAuth providers": "OAuth providers",
@@ -887,6 +886,7 @@
     "Please input your real name!": "Please input your real name!",
     "Please select your country code!": "Please select your country code!",
     "Please select your country/region!": "Please select your country/region!",
+    "Regex": "Regex",
     "Terms of Use": "Terms of Use",
     "Terms of Use - Tooltip": "Terms of use that users need to read and agree to during registration",
     "Text 1": "Text 1",
@@ -1053,8 +1053,6 @@
     "Managed accounts": "Managed accounts",
     "Modify password...": "Modify password...",
     "Multi-factor authentication": "Multi-factor authentication",
-    "Name": "Name",
-    "Name format": "Name format",
     "New Email": "New Email",
     "New Password": "New Password",
     "New User": "New User",
@@ -1092,7 +1090,7 @@
     "Upload ID card front picture": "Upload ID card front picture",
     "Upload ID card with person picture": "Upload ID card with person picture",
     "Upload a photo": "Upload a photo",
-    "Value": "Value",
+    "User Profile": "User Profile",
     "Values": "Values",
     "Verification code sent": "Verification code sent",
     "WebAuthn credentials": "WebAuthn credentials",

web/src/locales/es/data.json

@@ -61,7 +61,6 @@
     "Incremental": "Incremental",
     "Input": "Input",
     "Invitation code": "Invitation code",
-    "Invitation code - Tooltip": "Invitation code - Tooltip",
     "Left": "Izquierda",
     "Logged in successfully": "Acceso satisfactorio",
     "Logged out successfully": "Cerró sesión exitosamente",
@@ -192,7 +191,6 @@
     "Close": "Cerca",
     "Confirm": "Confirm",
     "Copied to clipboard successfully": "Copied to clipboard successfully",
-    "Copy": "Copy",
     "Created time": "Tiempo creado",
     "Custom": "Custom",
     "Dashboard": "Dashboard",
@@ -267,6 +265,7 @@
     "Models": "Modelos",
     "Name": "Nombre",
     "Name - Tooltip": "ID único basado en cadenas",
+    "Name format": "Name format",
     "Non-LDAP": "Non-LDAP",
     "None": "None",
     "OAuth providers": "Proveedores de OAuth",
@@ -887,6 +886,7 @@
     "Please input your real name!": "¡Por favor, ingresa tu nombre real!",
     "Please select your country code!": "¡Por favor seleccione su código de país!",
     "Please select your country/region!": "¡Por favor seleccione su país/región!",
+    "Regex": "Regex",
     "Terms of Use": "Términos de uso",
     "Terms of Use - Tooltip": "Términos de uso que los usuarios necesitan leer y aceptar durante el registro",
     "Text 1": "Text 1",
@@ -1053,8 +1053,6 @@
     "Managed accounts": "Cuentas gestionadas",
     "Modify password...": "Modificar contraseña...",
     "Multi-factor authentication": "Multi-factor authentication",
-    "Name": "Name",
-    "Name format": "Name format",
     "New Email": "Nuevo correo electrónico",
     "New Password": "Nueva contraseña",
     "New User": "Nuevo Usuario",
@@ -1092,7 +1090,7 @@
     "Upload ID card front picture": "Upload ID card front picture",
     "Upload ID card with person picture": "Upload ID card with person picture",
     "Upload a photo": "Subir una foto",
-    "Value": "Value",
+    "User Profile": "User Profile",
     "Values": "Valores",
     "Verification code sent": "Código de verificación enviado",
     "WebAuthn credentials": "Credenciales de WebAuthn",

web/src/locales/fa/data.json

@@ -1,11 +1,11 @@
 {
   "account": {
-    "Logout": "Logout",
+    "Logout": "خروج",
-    "My Account": "My Account",
+    "My Account": "حساب من",
-    "Sign Up": "Sign Up"
+    "Sign Up": "ثبت نام"
   },
   "adapter": {
-    "Duplicated policy rules": "Duplicated policy rules",
+    "Duplicated policy rules": "قوانین تکراری",
     "Edit Adapter": "Edit Adapter",
     "Failed to sync policies": "Failed to sync policies",
     "New Adapter": "New Adapter",
@@ -17,7 +17,7 @@
     "Use same DB - Tooltip": "Use same DB - Tooltip"
   },
   "application": {
-    "Always": "Always",
+    "Always": "هميشه",
     "Auto signin": "Auto signin",
     "Auto signin - Tooltip": "When a logged-in session exists in Casdoor, it is automatically used for application-side login",
     "Background URL": "Background URL",
@@ -61,7 +61,6 @@
     "Incremental": "Incremental",
     "Input": "Input",
     "Invitation code": "Invitation code",
-    "Invitation code - Tooltip": "Invitation code - Tooltip",
     "Left": "Left",
     "Logged in successfully": "Logged in successfully",
     "Logged out successfully": "Logged out successfully",
@@ -192,7 +191,6 @@
     "Close": "Close",
     "Confirm": "Confirm",
     "Copied to clipboard successfully": "Copied to clipboard successfully",
-    "Copy": "Copy",
     "Created time": "Created time",
     "Custom": "Custom",
     "Dashboard": "Dashboard",
@@ -267,6 +265,7 @@
     "Models": "Models",
     "Name": "Name",
     "Name - Tooltip": "Unique, string-based ID",
+    "Name format": "Name format",
     "Non-LDAP": "Non-LDAP",
     "None": "None",
     "OAuth providers": "OAuth providers",
@@ -887,6 +886,7 @@
     "Please input your real name!": "Please input your real name!",
     "Please select your country code!": "Please select your country code!",
     "Please select your country/region!": "Please select your country/region!",
+    "Regex": "Regex",
     "Terms of Use": "Terms of Use",
     "Terms of Use - Tooltip": "Terms of use that users need to read and agree to during registration",
     "Text 1": "Text 1",
@@ -1053,8 +1053,6 @@
     "Managed accounts": "Managed accounts",
     "Modify password...": "Modify password...",
     "Multi-factor authentication": "Multi-factor authentication",
-    "Name": "Name",
-    "Name format": "Name format",
     "New Email": "New Email",
     "New Password": "New Password",
     "New User": "New User",
@@ -1092,7 +1090,7 @@
     "Upload ID card front picture": "Upload ID card front picture",
     "Upload ID card with person picture": "Upload ID card with person picture",
     "Upload a photo": "Upload a photo",
-    "Value": "Value",
+    "User Profile": "User Profile",
     "Values": "Values",
     "Verification code sent": "Verification code sent",
     "WebAuthn credentials": "WebAuthn credentials",

web/src/locales/fi/data.json

@@ -61,7 +61,6 @@
     "Incremental": "Incremental",
     "Input": "Input",
     "Invitation code": "Invitation code",
-    "Invitation code - Tooltip": "Invitation code - Tooltip",
     "Left": "Left",
     "Logged in successfully": "Logged in successfully",
     "Logged out successfully": "Logged out successfully",
@@ -192,7 +191,6 @@
     "Close": "Close",
     "Confirm": "Confirm",
     "Copied to clipboard successfully": "Copied to clipboard successfully",
-    "Copy": "Copy",
     "Created time": "Created time",
     "Custom": "Custom",
     "Dashboard": "Dashboard",
@@ -267,6 +265,7 @@
     "Models": "Models",
     "Name": "Name",
     "Name - Tooltip": "Unique, string-based ID",
+    "Name format": "Name format",
     "Non-LDAP": "Non-LDAP",
     "None": "None",
     "OAuth providers": "OAuth providers",
@@ -887,6 +886,7 @@
     "Please input your real name!": "Please input your real name!",
     "Please select your country code!": "Please select your country code!",
     "Please select your country/region!": "Please select your country/region!",
+    "Regex": "Regex",
     "Terms of Use": "Terms of Use",
     "Terms of Use - Tooltip": "Terms of use that users need to read and agree to during registration",
     "Text 1": "Text 1",
@@ -1053,8 +1053,6 @@
     "Managed accounts": "Managed accounts",
     "Modify password...": "Modify password...",
     "Multi-factor authentication": "Multi-factor authentication",
-    "Name": "Name",
-    "Name format": "Name format",
     "New Email": "New Email",
     "New Password": "New Password",
     "New User": "New User",
@@ -1092,7 +1090,7 @@
     "Upload ID card front picture": "Upload ID card front picture",
     "Upload ID card with person picture": "Upload ID card with person picture",
     "Upload a photo": "Upload a photo",
-    "Value": "Value",
+    "User Profile": "User Profile",
     "Values": "Values",
     "Verification code sent": "Verification code sent",
     "WebAuthn credentials": "WebAuthn credentials",

web/src/locales/fr/data.json

@@ -61,7 +61,6 @@
     "Incremental": "Incrémentale",
     "Input": "Saisie",
     "Invitation code": "Code d'invitation",
-    "Invitation code - Tooltip": "Code d'invitation - infobulle",
     "Left": "Gauche",
     "Logged in successfully": "Connexion réussie",
     "Logged out successfully": "Déconnexion réussie",
@@ -192,7 +191,6 @@
     "Close": "Fermer",
     "Confirm": "Confirmer",
     "Copied to clipboard successfully": "Copied to clipboard successfully",
-    "Copy": "Copier",
     "Created time": "Date de création",
     "Custom": "Personnalisée",
     "Dashboard": "Tableau de bord",
@@ -267,6 +265,7 @@
     "Models": "Modèles",
     "Name": "Nom",
     "Name - Tooltip": "Identifiant unique à base de chaîne",
+    "Name format": "Name format",
     "Non-LDAP": "Non-LDAP",
     "None": "Aucun",
     "OAuth providers": "Fournisseurs OAuth",
@@ -887,6 +886,7 @@
     "Please input your real name!": "Veuillez saisir votre nom complet !",
     "Please select your country code!": "Sélectionnez votre code de pays, s'il vous plaît !",
     "Please select your country/region!": "Veuillez sélectionner votre pays/région !",
+    "Regex": "Regex",
     "Terms of Use": "Conditions d'utilisation",
     "Terms of Use - Tooltip": "Conditions d'utilisation qui doivent être lus acceptés lors de l'enregistrement du compte",
     "Text 1": "Text 1",
@@ -1053,8 +1053,6 @@
     "Managed accounts": "Comptes gérés",
     "Modify password...": "Modifier le mot de passe...",
     "Multi-factor authentication": "Authentification multifacteur",
-    "Name": "Name",
-    "Name format": "Name format",
     "New Email": "Nouvelle adresse e-mail",
     "New Password": "Nouveau mot de passe",
     "New User": "Nouveau compte",
@@ -1092,7 +1090,7 @@
     "Upload ID card front picture": "Télécharger une photo de l'endroit de la pièce d'identité",
     "Upload ID card with person picture": "Télécharger une photo la pièce d'identité avec une personne",
     "Upload a photo": "Télécharger une photo",
-    "Value": "Value",
+    "User Profile": "User Profile",
     "Values": "Valeurs",
     "Verification code sent": "Code de vérification envoyé",
     "WebAuthn credentials": "Identifiants WebAuthn",

web/src/locales/he/data.json

@@ -61,7 +61,6 @@
     "Incremental": "Incremental",
     "Input": "Input",
     "Invitation code": "Invitation code",
-    "Invitation code - Tooltip": "Invitation code - Tooltip",
     "Left": "Left",
     "Logged in successfully": "Logged in successfully",
     "Logged out successfully": "Logged out successfully",
@@ -192,7 +191,6 @@
     "Close": "Close",
     "Confirm": "Confirm",
     "Copied to clipboard successfully": "Copied to clipboard successfully",
-    "Copy": "Copy",
     "Created time": "Created time",
     "Custom": "Custom",
     "Dashboard": "Dashboard",
@@ -267,6 +265,7 @@
     "Models": "Models",
     "Name": "Name",
     "Name - Tooltip": "Unique, string-based ID",
+    "Name format": "Name format",
     "Non-LDAP": "Non-LDAP",
     "None": "None",
     "OAuth providers": "OAuth providers",
@@ -887,6 +886,7 @@
     "Please input your real name!": "Please input your real name!",
     "Please select your country code!": "Please select your country code!",
     "Please select your country/region!": "Please select your country/region!",
+    "Regex": "Regex",
     "Terms of Use": "Terms of Use",
     "Terms of Use - Tooltip": "Terms of use that users need to read and agree to during registration",
     "Text 1": "Text 1",
@@ -1053,8 +1053,6 @@
     "Managed accounts": "Managed accounts",
     "Modify password...": "Modify password...",
     "Multi-factor authentication": "Multi-factor authentication",
-    "Name": "Name",
-    "Name format": "Name format",
     "New Email": "New Email",
     "New Password": "New Password",
     "New User": "New User",
@@ -1092,7 +1090,7 @@
     "Upload ID card front picture": "Upload ID card front picture",
     "Upload ID card with person picture": "Upload ID card with person picture",
     "Upload a photo": "Upload a photo",
-    "Value": "Value",
+    "User Profile": "User Profile",
     "Values": "Values",
     "Verification code sent": "Verification code sent",
     "WebAuthn credentials": "WebAuthn credentials",

web/src/locales/id/data.json

@@ -61,7 +61,6 @@
     "Incremental": "Incremental",
     "Input": "Input",
     "Invitation code": "Invitation code",
-    "Invitation code - Tooltip": "Invitation code - Tooltip",
     "Left": "Kiri",
     "Logged in successfully": "Berhasil masuk",
     "Logged out successfully": "Berhasil keluar dari sistem",
@@ -192,7 +191,6 @@
     "Close": "Tutup",
     "Confirm": "Confirm",
     "Copied to clipboard successfully": "Copied to clipboard successfully",
-    "Copy": "Copy",
     "Created time": "Waktu dibuat",
     "Custom": "Custom",
     "Dashboard": "Dashboard",
@@ -267,6 +265,7 @@
     "Models": "Model-model",
     "Name": "Nama",
     "Name - Tooltip": "ID unik berbasis string",
+    "Name format": "Name format",
     "Non-LDAP": "Non-LDAP",
     "None": "None",
     "OAuth providers": "Penyedia OAuth",
@@ -887,6 +886,7 @@
     "Please input your real name!": "Silakan masukkan nama asli Anda!",
     "Please select your country code!": "Tolong pilih kode negara Anda!",
     "Please select your country/region!": "Silakan pilih negara/region Anda!",
+    "Regex": "Regex",
     "Terms of Use": "Syarat Penggunaan",
     "Terms of Use - Tooltip": "Syarat penggunaan yang harus dibaca dan disetujui oleh pengguna selama proses registrasi",
     "Text 1": "Text 1",
@@ -1053,8 +1053,6 @@
     "Managed accounts": "Akun yang dikelola",
     "Modify password...": "Mengubah kata sandi...",
     "Multi-factor authentication": "Multi-factor authentication",
-    "Name": "Name",
-    "Name format": "Name format",
     "New Email": "Email baru",
     "New Password": "Kata Sandi Baru",
     "New User": "Pengguna Baru",
@@ -1092,7 +1090,7 @@
     "Upload ID card front picture": "Upload ID card front picture",
     "Upload ID card with person picture": "Upload ID card with person picture",
     "Upload a photo": "Unggah foto",
-    "Value": "Value",
+    "User Profile": "User Profile",
     "Values": "Nilai-nilai",
     "Verification code sent": "Kode verifikasi telah dikirim",
     "WebAuthn credentials": "Kredensial WebAuthn",

web/src/locales/it/data.json

@@ -61,7 +61,6 @@
     "Incremental": "Incremental",
     "Input": "Input",
     "Invitation code": "Invitation code",
-    "Invitation code - Tooltip": "Invitation code - Tooltip",
     "Left": "Left",
     "Logged in successfully": "Logged in successfully",
     "Logged out successfully": "Logged out successfully",
@@ -192,7 +191,6 @@
     "Close": "Close",
     "Confirm": "Confirm",
     "Copied to clipboard successfully": "Copied to clipboard successfully",
-    "Copy": "Copy",
     "Created time": "Created time",
     "Custom": "Custom",
     "Dashboard": "Dashboard",
@@ -267,6 +265,7 @@
     "Models": "Models",
     "Name": "Name",
     "Name - Tooltip": "Unique, string-based ID",
+    "Name format": "Name format",
     "Non-LDAP": "Non-LDAP",
     "None": "None",
     "OAuth providers": "OAuth providers",
@@ -887,6 +886,7 @@
     "Please input your real name!": "Please input your real name!",
     "Please select your country code!": "Please select your country code!",
     "Please select your country/region!": "Please select your country/region!",
+    "Regex": "Regex",
     "Terms of Use": "Terms of Use",
     "Terms of Use - Tooltip": "Terms of use that users need to read and agree to during registration",
     "Text 1": "Text 1",
@@ -1053,8 +1053,6 @@
     "Managed accounts": "Managed accounts",
     "Modify password...": "Modify password...",
     "Multi-factor authentication": "Multi-factor authentication",
-    "Name": "Name",
-    "Name format": "Name format",
     "New Email": "New Email",
     "New Password": "New Password",
     "New User": "New User",
@@ -1092,7 +1090,7 @@
     "Upload ID card front picture": "Upload ID card front picture",
     "Upload ID card with person picture": "Upload ID card with person picture",
     "Upload a photo": "Upload a photo",
-    "Value": "Value",
+    "User Profile": "User Profile",
     "Values": "Values",
     "Verification code sent": "Verification code sent",
     "WebAuthn credentials": "WebAuthn credentials",

web/src/locales/ja/data.json

@@ -61,7 +61,6 @@
     "Incremental": "Incremental",
     "Input": "Input",
     "Invitation code": "Invitation code",
-    "Invitation code - Tooltip": "Invitation code - Tooltip",
     "Left": "左",
     "Logged in successfully": "正常にログインしました",
     "Logged out successfully": "正常にログアウトしました",
@@ -192,7 +191,6 @@
     "Close": "閉じる",
     "Confirm": "Confirm",
     "Copied to clipboard successfully": "Copied to clipboard successfully",
-    "Copy": "Copy",
     "Created time": "作成された時間",
     "Custom": "Custom",
     "Dashboard": "Dashboard",
@@ -267,6 +265,7 @@
     "Models": "モデル",
     "Name": "名前",
     "Name - Tooltip": "ユニークで文字列ベースのID",
+    "Name format": "Name format",
     "Non-LDAP": "Non-LDAP",
     "None": "None",
     "OAuth providers": "OAuthプロバイダー",
@@ -887,6 +886,7 @@
     "Please input your real name!": "正しい名前を入力してください！",
     "Please select your country code!": "あなたの国コードを選択してください！",
     "Please select your country/region!": "あなたの国/地域を選択してください！",
+    "Regex": "Regex",
     "Terms of Use": "利用規約",
     "Terms of Use - Tooltip": "ユーザーが登録する際に読んで同意する必要がある利用規約",
     "Text 1": "Text 1",
@@ -1053,8 +1053,6 @@
     "Managed accounts": "管理アカウント",
     "Modify password...": "パスワードを変更する...",
     "Multi-factor authentication": "Multi-factor authentication",
-    "Name": "Name",
-    "Name format": "Name format",
     "New Email": "新しいメール",
     "New Password": "新しいパスワード",
     "New User": "新しいユーザー",
@@ -1092,7 +1090,7 @@
     "Upload ID card front picture": "Upload ID card front picture",
     "Upload ID card with person picture": "Upload ID card with person picture",
     "Upload a photo": "写真をアップロードしてください",
-    "Value": "Value",
+    "User Profile": "User Profile",
     "Values": "価値観",
     "Verification code sent": "確認コードを送信しました",
     "WebAuthn credentials": "WebAuthnの資格情報",

web/src/locales/kk/data.json

@@ -61,7 +61,6 @@
     "Incremental": "Incremental",
     "Input": "Input",
     "Invitation code": "Invitation code",
-    "Invitation code - Tooltip": "Invitation code - Tooltip",
     "Left": "Left",
     "Logged in successfully": "Logged in successfully",
     "Logged out successfully": "Logged out successfully",
@@ -192,7 +191,6 @@
     "Close": "Close",
     "Confirm": "Confirm",
     "Copied to clipboard successfully": "Copied to clipboard successfully",
-    "Copy": "Copy",
     "Created time": "Created time",
     "Custom": "Custom",
     "Dashboard": "Dashboard",
@@ -267,6 +265,7 @@
     "Models": "Models",
     "Name": "Name",
     "Name - Tooltip": "Unique, string-based ID",
+    "Name format": "Name format",
     "Non-LDAP": "Non-LDAP",
     "None": "None",
     "OAuth providers": "OAuth providers",
@@ -887,6 +886,7 @@
     "Please input your real name!": "Please input your real name!",
     "Please select your country code!": "Please select your country code!",
     "Please select your country/region!": "Please select your country/region!",
+    "Regex": "Regex",
     "Terms of Use": "Terms of Use",
     "Terms of Use - Tooltip": "Terms of use that users need to read and agree to during registration",
     "Text 1": "Text 1",
@@ -1053,8 +1053,6 @@
     "Managed accounts": "Managed accounts",
     "Modify password...": "Modify password...",
     "Multi-factor authentication": "Multi-factor authentication",
-    "Name": "Name",
-    "Name format": "Name format",
     "New Email": "New Email",
     "New Password": "New Password",
     "New User": "New User",
@@ -1092,7 +1090,7 @@
     "Upload ID card front picture": "Upload ID card front picture",
     "Upload ID card with person picture": "Upload ID card with person picture",
     "Upload a photo": "Upload a photo",
-    "Value": "Value",
+    "User Profile": "User Profile",
     "Values": "Values",
     "Verification code sent": "Verification code sent",
     "WebAuthn credentials": "WebAuthn credentials",

web/src/locales/ko/data.json

@@ -61,7 +61,6 @@
     "Incremental": "Incremental",
     "Input": "Input",
     "Invitation code": "Invitation code",
-    "Invitation code - Tooltip": "Invitation code - Tooltip",
     "Left": "왼쪽",
     "Logged in successfully": "성공적으로 로그인했습니다",
     "Logged out successfully": "로그아웃이 성공적으로 되었습니다",
@@ -192,7 +191,6 @@
     "Close": "닫다",
     "Confirm": "Confirm",
     "Copied to clipboard successfully": "Copied to clipboard successfully",
-    "Copy": "Copy",
     "Created time": "작성한 시간",
     "Custom": "Custom",
     "Dashboard": "Dashboard",
@@ -267,6 +265,7 @@
     "Models": "모델들",
     "Name": "이름",
     "Name - Tooltip": "고유한 문자열 기반 ID",
+    "Name format": "Name format",
     "Non-LDAP": "Non-LDAP",
     "None": "None",
     "OAuth providers": "OAuth 공급자",
@@ -887,6 +886,7 @@
     "Please input your real name!": "진짜 이름을 입력해주세요!",
     "Please select your country code!": "국가 코드를 선택해 주세요!",
     "Please select your country/region!": "국가 / 지역을 선택해주세요!",
+    "Regex": "Regex",
     "Terms of Use": "사용 약관",
     "Terms of Use - Tooltip": "등록 중 사용자가 읽어야 하고 동의해야하는 이용 약관",
     "Text 1": "Text 1",
@@ -1053,8 +1053,6 @@
     "Managed accounts": "관리 계정",
     "Modify password...": "비밀번호 수정하기...",
     "Multi-factor authentication": "Multi-factor authentication",
-    "Name": "Name",
-    "Name format": "Name format",
     "New Email": "새 이메일",
     "New Password": "새로운 비밀번호",
     "New User": "새로운 사용자",
@@ -1092,7 +1090,7 @@
     "Upload ID card front picture": "Upload ID card front picture",
     "Upload ID card with person picture": "Upload ID card with person picture",
     "Upload a photo": "사진을 업로드하세요",
-    "Value": "Value",
+    "User Profile": "User Profile",
     "Values": "가치들",
     "Verification code sent": "인증 코드가 전송되었습니다",
     "WebAuthn credentials": "웹 인증 자격증명",

web/src/locales/ms/data.json

@@ -61,7 +61,6 @@
     "Incremental": "Incremental",
     "Input": "Input",
     "Invitation code": "Invitation code",
-    "Invitation code - Tooltip": "Invitation code - Tooltip",
     "Left": "Left",
     "Logged in successfully": "Logged in successfully",
     "Logged out successfully": "Logged out successfully",
@@ -192,7 +191,6 @@
     "Close": "Close",
     "Confirm": "Confirm",
     "Copied to clipboard successfully": "Copied to clipboard successfully",
-    "Copy": "Copy",
     "Created time": "Created time",
     "Custom": "Custom",
     "Dashboard": "Dashboard",
@@ -267,6 +265,7 @@
     "Models": "Models",
     "Name": "Name",
     "Name - Tooltip": "Unique, string-based ID",
+    "Name format": "Name format",
     "Non-LDAP": "Non-LDAP",
     "None": "None",
     "OAuth providers": "OAuth providers",
@@ -887,6 +886,7 @@
     "Please input your real name!": "Please input your real name!",
     "Please select your country code!": "Please select your country code!",
     "Please select your country/region!": "Please select your country/region!",
+    "Regex": "Regex",
     "Terms of Use": "Terms of Use",
     "Terms of Use - Tooltip": "Terms of use that users need to read and agree to during registration",
     "Text 1": "Text 1",
@@ -1053,8 +1053,6 @@
     "Managed accounts": "Managed accounts",
     "Modify password...": "Modify password...",
     "Multi-factor authentication": "Multi-factor authentication",
-    "Name": "Name",
-    "Name format": "Name format",
     "New Email": "New Email",
     "New Password": "New Password",
     "New User": "New User",
@@ -1092,7 +1090,7 @@
     "Upload ID card front picture": "Upload ID card front picture",
     "Upload ID card with person picture": "Upload ID card with person picture",
     "Upload a photo": "Upload a photo",
-    "Value": "Value",
+    "User Profile": "User Profile",
     "Values": "Values",
     "Verification code sent": "Verification code sent",
     "WebAuthn credentials": "WebAuthn credentials",

web/src/locales/nl/data.json

@@ -61,7 +61,6 @@
     "Incremental": "Incremental",
     "Input": "Input",
     "Invitation code": "Invitation code",
-    "Invitation code - Tooltip": "Invitation code - Tooltip",
     "Left": "Left",
     "Logged in successfully": "Logged in successfully",
     "Logged out successfully": "Logged out successfully",
@@ -192,7 +191,6 @@
     "Close": "Close",
     "Confirm": "Confirm",
     "Copied to clipboard successfully": "Copied to clipboard successfully",
-    "Copy": "Copy",
     "Created time": "Created time",
     "Custom": "Custom",
     "Dashboard": "Dashboard",
@@ -267,6 +265,7 @@
     "Models": "Models",
     "Name": "Name",
     "Name - Tooltip": "Unique, string-based ID",
+    "Name format": "Name format",
     "Non-LDAP": "Non-LDAP",
     "None": "None",
     "OAuth providers": "OAuth providers",
@@ -887,6 +886,7 @@
     "Please input your real name!": "Please input your real name!",
     "Please select your country code!": "Please select your country code!",
     "Please select your country/region!": "Please select your country/region!",
+    "Regex": "Regex",
     "Terms of Use": "Terms of Use",
     "Terms of Use - Tooltip": "Terms of use that users need to read and agree to during registration",
     "Text 1": "Text 1",
@@ -1053,8 +1053,6 @@
     "Managed accounts": "Managed accounts",
     "Modify password...": "Modify password...",
     "Multi-factor authentication": "Multi-factor authentication",
-    "Name": "Name",
-    "Name format": "Name format",
     "New Email": "New Email",
     "New Password": "New Password",
     "New User": "New User",
@@ -1092,7 +1090,7 @@
     "Upload ID card front picture": "Upload ID card front picture",
     "Upload ID card with person picture": "Upload ID card with person picture",
     "Upload a photo": "Upload a photo",
-    "Value": "Value",
+    "User Profile": "User Profile",
     "Values": "Values",
     "Verification code sent": "Verification code sent",
     "WebAuthn credentials": "WebAuthn credentials",

web/src/locales/pl/data.json

@@ -61,7 +61,6 @@
     "Incremental": "Incremental",
     "Input": "Input",
     "Invitation code": "Invitation code",
-    "Invitation code - Tooltip": "Invitation code - Tooltip",
     "Left": "Left",
     "Logged in successfully": "Logged in successfully",
     "Logged out successfully": "Logged out successfully",
@@ -192,7 +191,6 @@
     "Close": "Close",
     "Confirm": "Confirm",
     "Copied to clipboard successfully": "Copied to clipboard successfully",
-    "Copy": "Copy",
     "Created time": "Created time",
     "Custom": "Custom",
     "Dashboard": "Dashboard",
@@ -267,6 +265,7 @@
     "Models": "Models",
     "Name": "Name",
     "Name - Tooltip": "Unique, string-based ID",
+    "Name format": "Name format",
     "Non-LDAP": "Non-LDAP",
     "None": "None",
     "OAuth providers": "OAuth providers",
@@ -887,6 +886,7 @@
     "Please input your real name!": "Please input your real name!",
     "Please select your country code!": "Please select your country code!",
     "Please select your country/region!": "Please select your country/region!",
+    "Regex": "Regex",
     "Terms of Use": "Terms of Use",
     "Terms of Use - Tooltip": "Terms of use that users need to read and agree to during registration",
     "Text 1": "Text 1",
@@ -1053,8 +1053,6 @@
     "Managed accounts": "Managed accounts",
     "Modify password...": "Modify password...",
     "Multi-factor authentication": "Multi-factor authentication",
-    "Name": "Name",
-    "Name format": "Name format",
     "New Email": "New Email",
     "New Password": "New Password",
     "New User": "New User",
@@ -1092,7 +1090,7 @@
     "Upload ID card front picture": "Upload ID card front picture",
     "Upload ID card with person picture": "Upload ID card with person picture",
     "Upload a photo": "Upload a photo",
-    "Value": "Value",
+    "User Profile": "User Profile",
     "Values": "Values",
     "Verification code sent": "Verification code sent",
     "WebAuthn credentials": "WebAuthn credentials",

web/src/locales/pt/data.json

@@ -60,8 +60,7 @@
     "Grant types - Tooltip": "Selecione quais tipos de concessão são permitidos no protocolo OAuth",
     "Incremental": "Incremental",
     "Input": "Input",
-    "Invitation code": "Invitation code",
+    "Invitation code": "Código de convite",
-    "Invitation code - Tooltip": "Invitation code - Tooltip",
     "Left": "Esquerda",
     "Logged in successfully": "Login realizado com sucesso",
     "Logged out successfully": "Logout realizado com sucesso",
@@ -69,8 +68,8 @@
     "No verification": "Sem verificação",
     "Normal": "Normal",
     "Only signup": "Apenas registro",
-    "Org choice mode": "Org choice mode",
+    "Org choice mode": "Modo de escolha Org",
-    "Org choice mode - Tooltip": "Org choice mode - Tooltip",
+    "Org choice mode - Tooltip": "Modo de escolha Org - Dica",
     "Please input your application!": "Por favor, insira o nome da sua aplicação!",
     "Please input your organization!": "Por favor, insira o nome da sua organização!",
     "Please select a HTML file": "Por favor, selecione um arquivo HTML",
@@ -87,7 +86,7 @@
     "SAML metadata": "Metadados do SAML",
     "SAML metadata - Tooltip": "Os metadados do protocolo SAML",
     "SAML reply URL": "URL de resposta do SAML",
-    "Select": "Select",
+    "Select": "Selecione",
     "Side panel HTML": "HTML do painel lateral",
     "Side panel HTML - Edit": "Editar HTML do painel lateral",
     "Side panel HTML - Tooltip": "Personalize o código HTML para o painel lateral da página de login",
@@ -99,7 +98,7 @@
     "Signin session": "Sessão de login",
     "Signup items": "Itens de registro",
     "Signup items - Tooltip": "Itens para os usuários preencherem ao registrar novas contas",
-    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
+    "Tags - Tooltip": "Apenas usuários com a tag listada nas tags do aplicativo podem acessar",
     "The application does not allow to sign up new account": "A aplicação não permite o registro de novas contas",
     "Token expire": "Expiração do Token",
     "Token expire - Tooltip": "Tempo de expiração do token de acesso",
@@ -142,8 +141,8 @@
     "Submit and complete": "Enviar e concluir"
   },
   "enforcer": {
-    "Edit Enforcer": "Edit Enforcer",
+    "Edit Enforcer": "Editar Executor",
-    "New Enforcer": "New Enforcer"
+    "New Enforcer": "Novo Executor"
   },
   "forget": {
     "Account": "Conta",
@@ -157,9 +156,9 @@
     "Verify": "Verificar"
   },
   "general": {
-    "API key": "API key",
+    "API key": "Chave da API",
-    "API key - Tooltip": "API key - Tooltip",
+    "API key - Tooltip": "Chave da API - Tooltip",
-    "Access key": "Access key",
+    "Access key": "Chave de acesso",
     "Access key - Tooltip": "Access key - Tooltip",
     "Access secret": "Access secret",
     "Access secret - Tooltip": "Access secret - Tooltip",
@@ -177,12 +176,12 @@
     "Applications": "Aplicações",
     "Applications that require authentication": "Aplicações que requerem autenticação",
     "Apps": "Apps",
-    "Authorization": "Authorization",
+    "Authorization": "Autorização",
-    "Avatar": "Avatar",
+    "Avatar": "Imagem de Perfil",
     "Avatar - Tooltip": "Imagem de avatar pública do usuário",
     "Back": "Voltar",
     "Back Home": "Voltar para a Página Inicial",
-    "Business & Payments": "Business & Payments",
+    "Business & Payments": "Negócios & Pagamentos",
     "Cancel": "Cancelar",
     "Captcha": "Captcha",
     "Cert": "Certificado",
@@ -190,23 +189,22 @@
     "Certs": "Certificados",
     "Click to Upload": "Clique para Enviar",
     "Close": "Fechar",
-    "Confirm": "Confirm",
+    "Confirm": "Confirmar",
-    "Copied to clipboard successfully": "Copied to clipboard successfully",
+    "Copied to clipboard successfully": "Copiado para a área de transferência com sucesso",
-    "Copy": "Copy",
     "Created time": "Hora de Criação",
-    "Custom": "Custom",
+    "Custom": "Personalizar",
-    "Dashboard": "Dashboard",
+    "Dashboard": "Painel",
-    "Default": "Default",
+    "Default": "Padrão",
     "Default application": "Aplicação padrão",
     "Default application - Tooltip": "Aplicação padrão para usuários registrados diretamente na página da organização",
     "Default avatar": "Avatar padrão",
     "Default avatar - Tooltip": "Avatar padrão usado quando usuários recém-registrados não definem uma imagem de avatar",
-    "Default password": "Default password",
+    "Default password": "Senha padrão",
     "Default password - Tooltip": "Default password - Tooltip",
     "Delete": "Excluir",
     "Description": "Descrição",
     "Description - Tooltip": "Informações de descrição detalhadas para referência, o Casdoor em si não irá utilizá-las",
-    "Disable": "Disable",
+    "Disable": "Desativar",
     "Display name": "Nome de exibição",
     "Display name - Tooltip": "Um nome amigável e facilmente legível exibido publicamente na interface do usuário",
     "Down": "Descer",
@@ -225,7 +223,7 @@
     "Failed to get TermsOfUse URL": "Failed to get TermsOfUse URL",
     "Failed to remove": "Failed to remove",
     "Failed to save": "Falha ao salvar",
-    "Failed to sync": "Failed to sync",
+    "Failed to sync": "Falha ao sincronizar",
     "Failed to verify": "Falha ao verificar",
     "Favicon": "Favicon",
     "Favicon - Tooltip": "URL do ícone de favicon usado em todas as páginas do Casdoor da organização",
@@ -233,15 +231,15 @@
     "Forget URL": "URL de Esqueci a Senha",
     "Forget URL - Tooltip": "URL personalizada para a página de \"Esqueci a senha\". Se não definido, será usada a página padrão de \"Esqueci a senha\" do Casdoor. Quando definido, o link de \"Esqueci a senha\" na página de login será redirecionado para esta URL",
     "Found some texts still not translated? Please help us translate at": "Encontrou algum texto ainda não traduzido? Ajude-nos a traduzir em",
-    "Go to enable": "Go to enable",
+    "Go to enable": "Vá para habilitar",
     "Go to writable demo site?": "Acessar o site de demonstração gravável?",
-    "Groups": "Groups",
+    "Groups": "Grupos",
     "Groups - Tooltip": "Groups - Tooltip",
     "Home": "Página Inicial",
     "Home - Tooltip": "Página inicial do aplicativo",
     "ID": "ID",
     "ID - Tooltip": "String única aleatória",
-    "Identity": "Identity",
+    "Identity": "Identidade",
     "Invitations": "Invitations",
     "Is enabled": "Está habilitado",
     "Is enabled - Tooltip": "Define se está habilitado",
@@ -267,6 +265,7 @@
     "Models": "Modelos",
     "Name": "Nome",
     "Name - Tooltip": "ID único em formato de string",
+    "Name format": "Name format",
     "Non-LDAP": "Non-LDAP",
     "None": "None",
     "OAuth providers": "Provedores OAuth",
@@ -342,7 +341,7 @@
     "Supported country codes - Tooltip": "Códigos de país suportados pela organização. Esses códigos podem ser selecionados como prefixo ao enviar códigos de verificação SMS",
     "Sure to delete": "Tem certeza que deseja excluir",
     "Sure to disable": "Sure to disable",
-    "Sure to remove": "Sure to remove",
+    "Sure to remove": "Tem certeza que deseja excluir",
     "Swagger": "Swagger",
     "Sync": "Sincronizar",
     "Syncers": "Sincronizadores",
@@ -350,7 +349,7 @@
     "There was a problem signing you in..": "Ocorreu um problema ao fazer o login.",
     "This is a read-only demo site!": "Este é um site de demonstração apenas para leitura!",
     "Tokens": "Tokens",
-    "Type": "Type",
+    "Type": "Tipo",
     "Type - Tooltip": "Type - Tooltip",
     "URL": "URL",
     "URL - Tooltip": "Link da URL",
@@ -358,7 +357,7 @@
     "Updated time": "Hora de Atualização",
     "User": "Usuário",
     "User - Tooltip": "Certifique-se de que o nome de usuário esteja correto",
-    "User Management": "User Management",
+    "User Management": "Gerenciamento Usuários",
     "User containers": "Pools de Usuários",
     "User type": "Tipo de Usuário",
     "User type - Tooltip": "Tags às quais o usuário pertence, com valor padrão de \"usuário-normal\"",
@@ -367,7 +366,7 @@
     "Webhooks": "Webhooks",
     "You can only select one physical group": "You can only select one physical group",
     "empty": "vazio",
-    "remove": "remove",
+    "remove": "remover",
     "{total} in total": "{total} no total"
   },
   "group": {
@@ -472,15 +471,15 @@
     "Enable multi-factor authentication": "Enable multi-factor authentication",
     "Failed to get application": "Failed to get application",
     "Failed to initiate MFA": "Failed to initiate MFA",
-    "Have problems?": "Have problems?",
+    "Have problems?": "Tem problemas?",
-    "Multi-factor authentication": "Multi-factor authentication",
+    "Multi-factor authentication": "Autenticação de vários fatores",
-    "Multi-factor authentication - Tooltip ": "Multi-factor authentication - Tooltip ",
+    "Multi-factor authentication - Tooltip ": "Autenticação de múltiplos fatores - Tooltip ",
     "Multi-factor authentication description": "Multi-factor authentication description",
     "Multi-factor methods": "Multi-factor methods",
     "Multi-factor recover": "Multi-factor recover",
     "Multi-factor recover description": "Multi-factor recover description",
     "Or copy the secret to your Authenticator App": "Or copy the secret to your Authenticator App",
-    "Passcode": "Passcode",
+    "Passcode": "Código de acesso",
     "Please bind your email first, the system will automatically uses the mail for multi-factor authentication": "Please bind your email first, the system will automatically uses the mail for multi-factor authentication",
     "Please bind your phone first, the system automatically uses the phone for multi-factor authentication": "Please bind your phone first, the system automatically uses the phone for multi-factor authentication",
     "Please confirm the information below": "Please confirm the information below",
@@ -887,6 +886,7 @@
     "Please input your real name!": "Por favor, insira seu nome real!",
     "Please select your country code!": "Por favor, selecione o código do seu país!",
     "Please select your country/region!": "Por favor, selecione seu país/região!",
+    "Regex": "Regex",
     "Terms of Use": "Termos de Uso",
     "Terms of Use - Tooltip": "Termos de uso que os usuários precisam ler e concordar durante o registro",
     "Text 1": "Text 1",
@@ -1053,8 +1053,6 @@
     "Managed accounts": "Contas gerenciadas",
     "Modify password...": "Modificar senha...",
     "Multi-factor authentication": "Autenticação de vários fatores",
-    "Name": "Name",
-    "Name format": "Name format",
     "New Email": "Novo E-mail",
     "New Password": "Nova Senha",
     "New User": "Novo Usuário",
@@ -1092,7 +1090,7 @@
     "Upload ID card front picture": "Upload ID card front picture",
     "Upload ID card with person picture": "Upload ID card with person picture",
     "Upload a photo": "Enviar uma foto",
-    "Value": "Value",
+    "User Profile": "User Profile",
     "Values": "Valores",
     "Verification code sent": "Código de verificação enviado",
     "WebAuthn credentials": "Credenciais WebAuthn",

web/src/locales/ru/data.json

@@ -11,7 +11,7 @@
     "New Adapter": "Новый адаптер",
     "Policies": "Политика",
     "Policies - Tooltip": "Правила политики Casbin",
-    "Rule type": "Rule type",
+    "Rule type": "Тип правила",
     "Sync policies successfully": "Успешно синхронизированы политики",
     "Use same DB": "Use same DB",
     "Use same DB - Tooltip": "Use same DB - Tooltip"
@@ -22,13 +22,13 @@
     "Auto signin - Tooltip": "Когда существует активная сессия входа в Casdoor, она автоматически используется для входа на стороне приложения",
     "Background URL": "Фоновый URL",
     "Background URL - Tooltip": "URL фонового изображения, используемого на странице входа",
-    "Binding providers": "Binding providers",
+    "Binding providers": "Связанные провайдеры",
     "Center": "Центр",
     "Copy SAML metadata URL": "Скопируйте URL метаданных SAML",
     "Copy prompt page URL": "Скопируйте URL страницы предложения",
     "Copy signin page URL": "Скопируйте URL-адрес страницы входа",
     "Copy signup page URL": "Скопируйте URL страницы регистрации",
-    "Dynamic": "Dynamic",
+    "Dynamic": "Динамическое",
     "Edit Application": "Изменить приложение",
     "Enable Email linking": "Включить связывание электронной почты",
     "Enable Email linking - Tooltip": "При использовании сторонних провайдеров для входа, если в организации есть пользователь с такой же электронной почтой, то способ входа через стороннего провайдера автоматически будет связан с этим пользователем",
@@ -46,36 +46,35 @@
     "Failed signin limit - Tooltip": "Failed signin limit - Tooltip",
     "Failed to sign in": "Не удалось войти в систему",
     "File uploaded successfully": "Файл успешно загружен",
-    "First, last": "First, last",
+    "First, last": "Имя, Фамилия",
     "Follow organization theme": "Cледуйте теме организации",
     "Form CSS": "Форма CSS",
     "Form CSS - Edit": "Форма CSS - Редактирование",
     "Form CSS - Tooltip": "CSS-оформление форм регистрации, входа и восстановления пароля (например, добавление границ и теней)",
-    "Form CSS Mobile": "Form CSS Mobile",
+    "Form CSS Mobile": "CSS формы для мобильных",
-    "Form CSS Mobile - Edit": "Form CSS Mobile - Edit",
+    "Form CSS Mobile - Edit": "CSS формы для мобильный - редактировать",
-    "Form CSS Mobile - Tooltip": "Form CSS Mobile - Tooltip",
+    "Form CSS Mobile - Tooltip": "Редактирование CSS кода для мобильных устройств",
     "Form position": "Позиция формы",
     "Form position - Tooltip": "Местоположение форм регистрации, входа и восстановления пароля",
     "Grant types": "Типы грантов",
     "Grant types - Tooltip": "Выберите, какие типы грантов разрешены в протоколе OAuth",
-    "Incremental": "Incremental",
+    "Incremental": "Последовательный",
     "Input": "Input",
-    "Invitation code": "Invitation code",
+    "Invitation code": "Код приглашения",
-    "Invitation code - Tooltip": "Invitation code - Tooltip",
     "Left": "Левый",
     "Logged in successfully": "Успешный вход в систему",
     "Logged out successfully": "Успешный выход из системы",
     "New Application": "Новое приложение",
-    "No verification": "No verification",
+    "No verification": "Нет верификации",
-    "Normal": "Normal",
+    "Normal": "Обычный",
-    "Only signup": "Only signup",
+    "Only signup": "Только при регистрации",
-    "Org choice mode": "Org choice mode",
+    "Org choice mode": "Режим выбора организации",
-    "Org choice mode - Tooltip": "Org choice mode - Tooltip",
+    "Org choice mode - Tooltip": "Выбор режима выбора организации пользователем",
     "Please input your application!": "Пожалуйста, введите свою заявку!",
     "Please input your organization!": "Пожалуйста, введите название вашей организации!",
     "Please select a HTML file": "Пожалуйста, выберите файл HTML",
-    "Random": "Random",
+    "Random": "Случайный",
-    "Real name": "Real name",
+    "Real name": "Полное имя",
     "Redirect URL": "Перенаправление URL",
     "Redirect URL (Assertion Consumer Service POST Binding URL) - Tooltip": "Перенаправление URL (адрес сервиса потребителя утверждения POST-связывание)",
     "Redirect URLs": "Перенаправление URL-адресов",
@@ -87,19 +86,19 @@
     "SAML metadata": "Метаданные SAML",
     "SAML metadata - Tooltip": "Метаданные протокола SAML",
     "SAML reply URL": "URL ответа SAML",
-    "Select": "Select",
+    "Select": "Выбрать",
     "Side panel HTML": "Боковая панель HTML",
     "Side panel HTML - Edit": "Боковая панель HTML - Редактировать",
     "Side panel HTML - Tooltip": "Настроить HTML-код для боковой панели страницы входа в систему",
     "Sign Up Error": "Ошибка при регистрации",
-    "Signin": "Signin",
+    "Signin": "Регистрация",
-    "Signin (Default True)": "Signin (Default True)",
+    "Signin (Default True)": "Регистрация (отмечено по умолчанию)",
     "Signin methods": "Signin methods",
     "Signin methods - Tooltip": "Signin methods - Tooltip",
     "Signin session": "Сессия входа в систему",
     "Signup items": "Элементы регистрации",
     "Signup items - Tooltip": "Элементы, которые пользователи должны заполнить при регистрации новых аккаунтов",
-    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
+    "Tags - Tooltip": "Только пользователи с тегом, указанным в тегах приложения могут войти в систему",
     "The application does not allow to sign up new account": "Приложение не позволяет зарегистрироваться новому аккаунту",
     "Token expire": "Срок действия токена истекает",
     "Token expire - Tooltip": "Время истечения токена доступа",
@@ -142,11 +141,11 @@
     "Submit and complete": "Отправить и завершить"
   },
   "enforcer": {
-    "Edit Enforcer": "Edit Enforcer",
+    "Edit Enforcer": "Редактировать контролёра доступа",
-    "New Enforcer": "New Enforcer"
+    "New Enforcer": "Новый контролёр доступа"
   },
   "forget": {
-    "Account": "Счет",
+    "Account": "Аккаунт",
     "Change Password": "Изменить пароль",
     "Choose email or phone": "Выберите электронную почту или телефон",
     "Next Step": "Следующий шаг",
@@ -157,7 +156,7 @@
     "Verify": "Проверить"
   },
   "general": {
-    "API key": "API key",
+    "API key": "ключ API",
     "API key - Tooltip": "API key - Tooltip",
     "Access key": "Access key",
     "Access key - Tooltip": "Access key - Tooltip",
@@ -176,13 +175,13 @@
     "Application - Tooltip": "Application - Tooltip",
     "Applications": "Приложения",
     "Applications that require authentication": "Приложения, которые требуют аутентификации",
-    "Apps": "Apps",
+    "Apps": "Приложения",
-    "Authorization": "Authorization",
+    "Authorization": "Авторизация",
     "Avatar": "Аватар",
     "Avatar - Tooltip": "Публичное изображение аватара пользователя",
-    "Back": "Back",
+    "Back": "Назад",
     "Back Home": "Домой",
-    "Business & Payments": "Business & Payments",
+    "Business & Payments": "Бизнес и Платежи",
     "Cancel": "Отменить",
     "Captcha": "Капча",
     "Cert": "Сертификат",
@@ -190,13 +189,12 @@
     "Certs": "сертификаты",
     "Click to Upload": "Нажмите, чтобы загрузить",
     "Close": "Близко",
-    "Confirm": "Confirm",
+    "Confirm": "Подтвердить",
     "Copied to clipboard successfully": "Copied to clipboard successfully",
-    "Copy": "Copy",
     "Created time": "Созданное время",
     "Custom": "Custom",
-    "Dashboard": "Dashboard",
+    "Dashboard": "Панель мониторинга",
-    "Default": "Default",
+    "Default": "По умолчанию",
     "Default application": "Приложение по умолчанию",
     "Default application - Tooltip": "По умолчанию приложение для пользователей, зарегистрированных непосредственно со страницы организации",
     "Default avatar": "Стандартный аватар",
@@ -206,7 +204,7 @@
     "Delete": "Удалить",
     "Description": "Описание",
     "Description - Tooltip": "Подробная описательная информация для справки, Casdoor сам не будет использовать ее",
-    "Disable": "Disable",
+    "Disable": "Выключить",
     "Display name": "Отображаемое имя",
     "Display name - Tooltip": "Понятное для пользователя имя, легко читаемое и отображаемое публично в пользовательском интерфейсе (UI)",
     "Down": "вниз",
@@ -214,10 +212,10 @@
     "Email": "Электронная почта",
     "Email - Tooltip": "Действительный адрес электронной почты",
     "Email only": "Email only",
-    "Enable": "Enable",
+    "Enable": "Включить",
-    "Enabled": "Enabled",
+    "Enabled": "Включено",
-    "Enabled successfully": "Enabled successfully",
+    "Enabled successfully": "Успешно включено",
-    "Enforcers": "Enforcers",
+    "Enforcers": "Контролёры доступа",
     "Failed to add": "Не удалось добавить",
     "Failed to connect to server": "Не удалось подключиться к серверу",
     "Failed to delete": "Не удалось удалить",
@@ -235,7 +233,7 @@
     "Found some texts still not translated? Please help us translate at": "Нашли некоторые тексты, которые еще не переведены? Пожалуйста, помогите нам перевести на",
     "Go to enable": "Go to enable",
     "Go to writable demo site?": "Перейти на демонстрационный сайт для записи данных?",
-    "Groups": "Groups",
+    "Groups": "Группы",
     "Groups - Tooltip": "Groups - Tooltip",
     "Home": "Дом",
     "Home - Tooltip": "Главная страница приложения",
@@ -267,6 +265,7 @@
     "Models": "Модели",
     "Name": "Имя",
     "Name - Tooltip": "Уникальный идентификатор на основе строки",
+    "Name format": "Name format",
     "Non-LDAP": "Non-LDAP",
     "None": "None",
     "OAuth providers": "Провайдеры OAuth",
@@ -290,7 +289,7 @@
     "Phone": "Телефон",
     "Phone - Tooltip": "Номер телефона",
     "Phone only": "Phone only",
-    "Plan": "Plan",
+    "Plan": "План",
     "Plan - Tooltip": "Plan - Tooltip",
     "Plans": "Планы",
     "Plans - Tooltip": "Plans - Tooltip",
@@ -307,7 +306,7 @@
     "Real name": "Реальное имя",
     "Records": "Записи",
     "Resources": "Ресурсы",
-    "Role": "Role",
+    "Role": "Роль",
     "Role - Tooltip": "Role - Tooltip",
     "Roles": "Роли",
     "Roles - Tooltip": "Роли, к которым принадлежит пользователь",
@@ -347,7 +346,7 @@
     "Sync": "Синхронизация",
     "Syncers": "Синкеры",
     "System Info": "Системная информация",
-    "There was a problem signing you in..": "There was a problem signing you in..",
+    "There was a problem signing you in..": "Возникла проблема с регистрацией..",
     "This is a read-only demo site!": "Это демонстрационный сайт только для чтения!",
     "Tokens": "Токены",
     "Type": "Type",
@@ -413,7 +412,7 @@
     "Filter fields - Tooltip": "Filter fields - Tooltip",
     "Group ID": "Идентификатор группы",
     "Last Sync": "Последняя синхронизация",
-    "Search Filter": "Search Filter",
+    "Search Filter": "Фильтр поиска",
     "Search Filter - Tooltip": "Search Filter - Tooltip",
     "Server": "Сервер",
     "Server host": "Хост сервера",
@@ -431,7 +430,7 @@
     "Continue with": "Продолжайте с",
     "Email": "Email",
     "Email or phone": "Электронная почта или телефон",
-    "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
+    "Failed to obtain MetaMask authorization": "Не удалось получить авторизацию MetaMask",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Забыли пароль?",
     "LDAP": "LDAP",
@@ -468,12 +467,12 @@
     "username, Email or phone": "имя пользователя, электронная почта или телефон"
   },
   "mfa": {
-    "Each time you sign in to your Account, you'll need your password and a authentication code": "Each time you sign in to your Account, you'll need your password and a authentication code",
+    "Each time you sign in to your Account, you'll need your password and a authentication code": "Каждый раз, когда вы входите в свою учетную запись, вам нужен ваш пароль и код проверки подлинности",
-    "Enable multi-factor authentication": "Enable multi-factor authentication",
+    "Enable multi-factor authentication": "Включить многофакторную аутентификацию",
-    "Failed to get application": "Failed to get application",
+    "Failed to get application": "Не удалось загрузить приложение",
     "Failed to initiate MFA": "Failed to initiate MFA",
-    "Have problems?": "Have problems?",
+    "Have problems?": "Возникли проблемы?",
-    "Multi-factor authentication": "Multi-factor authentication",
+    "Multi-factor authentication": "Многофакторная аутентификация",
     "Multi-factor authentication - Tooltip ": "Multi-factor authentication - Tooltip ",
     "Multi-factor authentication description": "Multi-factor authentication description",
     "Multi-factor methods": "Multi-factor methods",
@@ -493,15 +492,15 @@
     "To ensure the security of your account, it is recommended that you enable multi-factor authentication": "To ensure the security of your account, it is recommended that you enable multi-factor authentication",
     "To ensure the security of your account, it is required to enable multi-factor authentication": "To ensure the security of your account, it is required to enable multi-factor authentication",
     "Use Authenticator App": "Use Authenticator App",
-    "Use Email": "Use Email",
+    "Use Email": "Использовать электронную почту",
-    "Use SMS": "Use SMS",
+    "Use SMS": "Использовать SMS",
-    "Use SMS verification code": "Use SMS verification code",
+    "Use SMS verification code": "Использовать SMS код для проверки",
-    "Use a recovery code": "Use a recovery code",
+    "Use a recovery code": "Использовать код восстановления",
-    "Verification failed": "Verification failed",
+    "Verification failed": "Проверка не удалась",
     "Verify Code": "Verify Code",
     "Verify Password": "Verify Password",
-    "Your email is": "Your email is",
+    "Your email is": "Ваш email",
-    "Your phone is": "Your phone is",
+    "Your phone is": "Ваш телефон",
     "preferred": "preferred"
   },
   "model": {
@@ -522,7 +521,7 @@
     "Is profile public - Tooltip": "После закрытия страницы профиля, только глобальные администраторы или пользователи из той же организации могут получить к ней доступ",
     "Modify rule": "Изменить правило",
     "New Organization": "Новая организация",
-    "Optional": "Optional",
+    "Optional": "Опционально",
     "Prompt": "Prompt",
     "Required": "Required",
     "Soft deletion": "Мягкое удаление",
@@ -887,6 +886,7 @@
     "Please input your real name!": "Пожалуйста, введите своё настоящее имя!",
     "Please select your country code!": "Пожалуйста, выберите код своей страны!",
     "Please select your country/region!": "Пожалуйста, выберите свою страну / регион!",
+    "Regex": "Regex",
     "Terms of Use": "Условия использования",
     "Terms of Use - Tooltip": "Условия использования, которые пользователи должны прочитать и согласиться с ними при регистрации",
     "Text 1": "Text 1",
@@ -1050,11 +1050,9 @@
     "Link": "Ссылка",
     "Location": "Местоположение",
     "Location - Tooltip": "Город проживания",
-    "Managed accounts": "Управляемые счета",
+    "Managed accounts": "Управляемые аккаунты",
     "Modify password...": "Изменить пароль...",
     "Multi-factor authentication": "Multi-factor authentication",
-    "Name": "Name",
-    "Name format": "Name format",
     "New Email": "Новое электронное письмо",
     "New Password": "Новый пароль",
     "New User": "Новый пользователь",
@@ -1092,7 +1090,7 @@
     "Upload ID card front picture": "Upload ID card front picture",
     "Upload ID card with person picture": "Upload ID card with person picture",
     "Upload a photo": "Загрузить фото",
-    "Value": "Value",
+    "User Profile": "User Profile",
     "Values": "Значения",
     "Verification code sent": "Код подтверждения отправлен",
     "WebAuthn credentials": "WebAuthn удостоверения",

web/src/locales/sv/data.json

@@ -61,7 +61,6 @@
     "Incremental": "Incremental",
     "Input": "Input",
     "Invitation code": "Invitation code",
-    "Invitation code - Tooltip": "Invitation code - Tooltip",
     "Left": "Left",
     "Logged in successfully": "Logged in successfully",
     "Logged out successfully": "Logged out successfully",
@@ -192,7 +191,6 @@
     "Close": "Close",
     "Confirm": "Confirm",
     "Copied to clipboard successfully": "Copied to clipboard successfully",
-    "Copy": "Copy",
     "Created time": "Created time",
     "Custom": "Custom",
     "Dashboard": "Dashboard",
@@ -267,6 +265,7 @@
     "Models": "Models",
     "Name": "Name",
     "Name - Tooltip": "Unique, string-based ID",
+    "Name format": "Name format",
     "Non-LDAP": "Non-LDAP",
     "None": "None",
     "OAuth providers": "OAuth providers",
@@ -887,6 +886,7 @@
     "Please input your real name!": "Please input your real name!",
     "Please select your country code!": "Please select your country code!",
     "Please select your country/region!": "Please select your country/region!",
+    "Regex": "Regex",
     "Terms of Use": "Terms of Use",
     "Terms of Use - Tooltip": "Terms of use that users need to read and agree to during registration",
     "Text 1": "Text 1",
@@ -1053,8 +1053,6 @@
     "Managed accounts": "Managed accounts",
     "Modify password...": "Modify password...",
     "Multi-factor authentication": "Multi-factor authentication",
-    "Name": "Name",
-    "Name format": "Name format",
     "New Email": "New Email",
     "New Password": "New Password",
     "New User": "New User",
@@ -1092,7 +1090,7 @@
     "Upload ID card front picture": "Upload ID card front picture",
     "Upload ID card with person picture": "Upload ID card with person picture",
     "Upload a photo": "Upload a photo",
-    "Value": "Value",
+    "User Profile": "User Profile",
     "Values": "Values",
     "Verification code sent": "Verification code sent",
     "WebAuthn credentials": "WebAuthn credentials",

web/src/locales/tr/data.json

@@ -1,8 +1,8 @@
 {
   "account": {
-    "Logout": "Logout",
+    "Logout": "Oturumu kapat",
-    "My Account": "My Account",
+    "My Account": "Hesabım",
-    "Sign Up": "Sign Up"
+    "Sign Up": "Üye Ol"
   },
   "adapter": {
     "Duplicated policy rules": "Duplicated policy rules",
@@ -17,20 +17,20 @@
     "Use same DB - Tooltip": "Use same DB - Tooltip"
   },
   "application": {
-    "Always": "Always",
+    "Always": "Her zaman",
-    "Auto signin": "Auto signin",
+    "Auto signin": "Beni hatırla",
-    "Auto signin - Tooltip": "When a logged-in session exists in Casdoor, it is automatically used for application-side login",
+    "Auto signin - Tooltip": "Varolan oturum ile giriş yap",
-    "Background URL": "Background URL",
+    "Background URL": "Arkaplan Resim URL",
-    "Background URL - Tooltip": "URL of the background image used in the login page",
+    "Background URL - Tooltip": "Login sayfası için arkaplan resmi url'i",
     "Binding providers": "Binding providers",
-    "Center": "Center",
+    "Center": "Ortala",
-    "Copy SAML metadata URL": "Copy SAML metadata URL",
+    "Copy SAML metadata URL": "SAML Metadata URL'ini kopyala",
-    "Copy prompt page URL": "Copy prompt page URL",
+    "Copy prompt page URL": "Prompt Page URL 'ini kopyala",
-    "Copy signin page URL": "Copy signin page URL",
+    "Copy signin page URL": "Giriş sayfası URL 'ini kopyala",
-    "Copy signup page URL": "Copy signup page URL",
+    "Copy signup page URL": "Kayıt sayfası URL 'ini kopyala",
-    "Dynamic": "Dynamic",
+    "Dynamic": "Dinamik",
-    "Edit Application": "Edit Application",
+    "Edit Application": "Uygulamayı düzenle",
-    "Enable Email linking": "Enable Email linking",
+    "Enable Email linking": "Eposta bağlantısı aktif",
     "Enable Email linking - Tooltip": "When using 3rd-party providers to log in, if there is a user in the organization with the same Email, the 3rd-party login method will be automatically associated with that user",
     "Enable SAML C14N10": "Enable SAML C14N10",
     "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
@@ -46,7 +46,7 @@
     "Failed signin limit - Tooltip": "Failed signin limit - Tooltip",
     "Failed to sign in": "Failed to sign in",
     "File uploaded successfully": "File uploaded successfully",
-    "First, last": "First, last",
+    "First, last": "Adı, Soyadı",
     "Follow organization theme": "Follow organization theme",
     "Form CSS": "Form CSS",
     "Form CSS - Edit": "Form CSS - Edit",
@@ -60,11 +60,10 @@
     "Grant types - Tooltip": "Select which grant types are allowed in the OAuth protocol",
     "Incremental": "Incremental",
     "Input": "Input",
-    "Invitation code": "Invitation code",
+    "Invitation code": "Davet Kodu",
-    "Invitation code - Tooltip": "Invitation code - Tooltip",
+    "Left": "Sol",
-    "Left": "Left",
+    "Logged in successfully": "Başarıyla giriş yapıldı",
-    "Logged in successfully": "Logged in successfully",
+    "Logged out successfully": "Başarıyla çıkış yapıldı",
-    "Logged out successfully": "Logged out successfully",
     "New Application": "New Application",
     "No verification": "No verification",
     "Normal": "Normal",
@@ -75,24 +74,24 @@
     "Please input your organization!": "Please input your organization!",
     "Please select a HTML file": "Please select a HTML file",
     "Random": "Random",
-    "Real name": "Real name",
+    "Real name": "Gerçek isim",
-    "Redirect URL": "Redirect URL",
+    "Redirect URL": "Yönlendirme URL'si",
     "Redirect URL (Assertion Consumer Service POST Binding URL) - Tooltip": "Redirect URL (Assertion Consumer Service POST Binding URL)",
-    "Redirect URLs": "Redirect URLs",
+    "Redirect URLs": "Yönlendirme URL'leri",
-    "Redirect URLs - Tooltip": "Allowed redirect URL list, supporting regular expression matching; URLs not in the list will fail to redirect",
+    "Redirect URLs - Tooltip": "Kabul edilen yönlendirme URL listesi, düzenli ifadeleri (regexp) kullanabilirsiniz. Eğer url bu lşistede yoksa hata sayfasına yönlendirilirsiniz",
     "Refresh token expire": "Refresh token expire",
     "Refresh token expire - Tooltip": "Refresh token expiration time",
-    "Right": "Right",
+    "Right": "Sağ",
     "Rule": "Rule",
     "SAML metadata": "SAML metadata",
     "SAML metadata - Tooltip": "The metadata of SAML protocol",
     "SAML reply URL": "SAML reply URL",
-    "Select": "Select",
+    "Select": "Seç",
     "Side panel HTML": "Side panel HTML",
     "Side panel HTML - Edit": "Side panel HTML - Edit",
     "Side panel HTML - Tooltip": "Customize the HTML code for the side panel of the login page",
     "Sign Up Error": "Sign Up Error",
-    "Signin": "Signin",
+    "Signin": "Giriş yap",
     "Signin (Default True)": "Signin (Default True)",
     "Signin methods": "Signin methods",
     "Signin methods - Tooltip": "Signin methods - Tooltip",
@@ -131,30 +130,30 @@
   },
   "code": {
     "Code you received": "Code you received",
-    "Email code": "Email code",
+    "Email code": "E-posta doğrulama kodu",
     "Empty code": "Empty code",
-    "Enter your code": "Enter your code",
+    "Enter your code": "Size gönderilen code 'u giriniz",
     "Phone code": "Phone code",
-    "Please input your phone verification code!": "Please input your phone verification code!",
+    "Please input your phone verification code!": "Lütfen telefonunuza gönderilen doğrulama kodunu girin!",
-    "Please input your verification code!": "Please input your verification code!",
+    "Please input your verification code!": "Lütfen doğrulama kodunu girin.",
-    "Send Code": "Send Code",
+    "Send Code": "Kodu gönder",
-    "Sending": "Sending",
+    "Sending": "Gönderiliyor",
-    "Submit and complete": "Submit and complete"
+    "Submit and complete": "Gönder ve Tamamla"
   },
   "enforcer": {
     "Edit Enforcer": "Edit Enforcer",
     "New Enforcer": "New Enforcer"
   },
   "forget": {
-    "Account": "Account",
+    "Account": "Hesap",
-    "Change Password": "Change Password",
+    "Change Password": "Parola Değiştir",
     "Choose email or phone": "Choose email or phone",
-    "Next Step": "Next Step",
+    "Next Step": "Sonraki adım",
-    "Please input your username!": "Please input your username!",
+    "Please input your username!": "Lütfen kullanıcı adınızı girin",
-    "Reset": "Reset",
+    "Reset": "Sıfırla",
-    "Retrieve password": "Retrieve password",
+    "Retrieve password": "Şifre kurtar",
     "Unknown forget type": "Unknown forget type",
-    "Verify": "Verify"
+    "Verify": "Doğrula"
   },
   "general": {
     "API key": "API key",
@@ -167,69 +166,68 @@
     "Adapter": "Adapter",
     "Adapter - Tooltip": "Table name of the policy store",
     "Adapters": "Adapters",
-    "Add": "Add",
+    "Add": "Ekle",
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
     "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
-    "All": "All",
+    "All": "Tümü",
     "Application": "Application",
     "Application - Tooltip": "Application - Tooltip",
     "Applications": "Applications",
     "Applications that require authentication": "Applications that require authentication",
     "Apps": "Apps",
     "Authorization": "Authorization",
-    "Avatar": "Avatar",
+    "Avatar": "Profil Resmi",
     "Avatar - Tooltip": "Public avatar image for the user",
-    "Back": "Back",
+    "Back": "Geri",
-    "Back Home": "Back Home",
+    "Back Home": "Ana sayfaya geri dön",
     "Business & Payments": "Business & Payments",
-    "Cancel": "Cancel",
+    "Cancel": "Vazgeç",
     "Captcha": "Captcha",
     "Cert": "Cert",
     "Cert - Tooltip": "The public key certificate that needs to be verified by the client SDK corresponding to this application",
     "Certs": "Certs",
-    "Click to Upload": "Click to Upload",
+    "Click to Upload": "Yüklemek için tıklayın",
-    "Close": "Close",
+    "Close": "Kapat",
-    "Confirm": "Confirm",
+    "Confirm": "Onayla",
-    "Copied to clipboard successfully": "Copied to clipboard successfully",
+    "Copied to clipboard successfully": "Başarıyla kopyalandı",
-    "Copy": "Copy",
+    "Created time": "Oluşturma zamanı",
-    "Created time": "Created time",
+    "Custom": "Özel",
-    "Custom": "Custom",
+    "Dashboard": "Gösterge Paneli",
-    "Dashboard": "Dashboard",
+    "Default": "Varsayılan",
-    "Default": "Default",
+    "Default application": "Varsayılan Uygulama",
-    "Default application": "Default application",
     "Default application - Tooltip": "Default application for users registered directly from the organization page",
     "Default avatar": "Default avatar",
     "Default avatar - Tooltip": "Default avatar used when newly registered users do not set an avatar image",
     "Default password": "Default password",
     "Default password - Tooltip": "Default password - Tooltip",
-    "Delete": "Delete",
+    "Delete": "Sil",
-    "Description": "Description",
+    "Description": "Açıklama",
     "Description - Tooltip": "Detailed description information for reference, Casdoor itself will not use it",
-    "Disable": "Disable",
+    "Disable": "Devre dışı bırak",
-    "Display name": "Display name",
+    "Display name": "Görünen isim",
     "Display name - Tooltip": "A user-friendly, easily readable name displayed publicly in the UI",
-    "Down": "Down",
+    "Down": "Aşağı",
-    "Edit": "Edit",
+    "Edit": "Düzenle",
-    "Email": "Email",
+    "Email": "E-Posta",
-    "Email - Tooltip": "Valid email address",
+    "Email - Tooltip": "Geçerli e-posta adresi",
-    "Email only": "Email only",
+    "Email only": "Sadece eposta",
-    "Enable": "Enable",
+    "Enable": "Etkinleştir",
-    "Enabled": "Enabled",
+    "Enabled": "Etkin",
-    "Enabled successfully": "Enabled successfully",
+    "Enabled successfully": "Başarıyla etkinleştirildi",
     "Enforcers": "Enforcers",
-    "Failed to add": "Failed to add",
+    "Failed to add": "Ekleme başarısız oldu.",
-    "Failed to connect to server": "Failed to connect to server",
+    "Failed to connect to server": "Sunucuya bağlanılamıyor",
-    "Failed to delete": "Failed to delete",
+    "Failed to delete": "Silme başarısız oldu",
     "Failed to enable": "Failed to enable",
     "Failed to get TermsOfUse URL": "Failed to get TermsOfUse URL",
     "Failed to remove": "Failed to remove",
     "Failed to save": "Failed to save",
     "Failed to sync": "Failed to sync",
-    "Failed to verify": "Failed to verify",
+    "Failed to verify": "Doğrulama başarısız oldu",
     "Favicon": "Favicon",
     "Favicon - Tooltip": "Favicon icon URL used in all Casdoor pages of the organization",
-    "First name": "First name",
+    "First name": "İsim",
     "Forget URL": "Forget URL",
     "Forget URL - Tooltip": "Custom URL for the \"Forget password\" page. If not set, the default Casdoor \"Forget password\" page will be used. When set, the \"Forget password\" link on the login page will redirect to this URL",
     "Found some texts still not translated? Please help us translate at": "Found some texts still not translated? Please help us translate at",
@@ -237,20 +235,20 @@
     "Go to writable demo site?": "Go to writable demo site?",
     "Groups": "Groups",
     "Groups - Tooltip": "Groups - Tooltip",
-    "Home": "Home",
+    "Home": "Ana sayfa",
     "Home - Tooltip": "Home page of the application",
     "ID": "ID",
     "ID - Tooltip": "Unique random string",
     "Identity": "Identity",
-    "Invitations": "Invitations",
+    "Invitations": "Davetler",
-    "Is enabled": "Is enabled",
+    "Is enabled": "Aktif Mi?",
     "Is enabled - Tooltip": "Set whether it can use",
     "LDAPs": "LDAPs",
     "LDAPs - Tooltip": "LDAP servers",
-    "Languages": "Languages",
+    "Languages": "Diller",
-    "Languages - Tooltip": "Available languages",
+    "Languages - Tooltip": "Kullanılabilir diller",
-    "Last name": "Last name",
+    "Last name": "Soyisim",
-    "Later": "Later",
+    "Later": "Sonra",
     "Logging & Auditing": "Logging & Auditing",
     "Logo": "Logo",
     "Logo - Tooltip": "Icons that the application presents to the outside world",
@@ -265,31 +263,32 @@
     "Model": "Model",
     "Model - Tooltip": "Casbin access control model",
     "Models": "Models",
-    "Name": "Name",
+    "Name": "Ad",
     "Name - Tooltip": "Unique, string-based ID",
+    "Name format": "Name format",
     "Non-LDAP": "Non-LDAP",
     "None": "None",
     "OAuth providers": "OAuth providers",
-    "OK": "OK",
+    "OK": "Tamam",
     "Organization": "Organization",
     "Organization - Tooltip": "Similar to concepts such as tenants or user pools, each user and application belongs to an organization",
     "Organizations": "Organizations",
-    "Password": "Password",
+    "Password": "Şifre",
-    "Password - Tooltip": "Make sure the password is correct",
+    "Password - Tooltip": "Şifrenizin doğru olduğundan emin olun",
-    "Password complexity options": "Password complexity options",
+    "Password complexity options": "Şifre karmaşıklık seçenekleri",
     "Password complexity options - Tooltip": "Different combinations of password complexity options",
     "Password salt": "Password salt",
     "Password salt - Tooltip": "Random parameter used for password encryption",
     "Password type": "Password type",
     "Password type - Tooltip": "Storage format of passwords in the database",
-    "Payment": "Payment",
+    "Payment": "Ödeme",
     "Payment - Tooltip": "Payment - Tooltip",
-    "Payments": "Payments",
+    "Payments": "Ödemeler",
     "Permissions": "Permissions",
     "Permissions - Tooltip": "Permissions owned by this user",
-    "Phone": "Phone",
+    "Phone": "Telefon",
-    "Phone - Tooltip": "Phone number",
+    "Phone - Tooltip": "Telefon numarası",
-    "Phone only": "Phone only",
+    "Phone only": "Sadece telefon",
     "Plan": "Plan",
     "Plan - Tooltip": "Plan - Tooltip",
     "Plans": "Plans",
@@ -304,7 +303,7 @@
     "Provider - Tooltip": "Payment providers to be configured, including PayPal, Alipay, WeChat Pay, etc.",
     "Providers": "Providers",
     "Providers - Tooltip": "Providers to be configured, including 3rd-party login, object storage, verification code, etc.",
-    "Real name": "Real name",
+    "Real name": "Gerçek isim",
     "Records": "Records",
     "Resources": "Resources",
     "Role": "Role",
@@ -315,14 +314,14 @@
     "Root cert - Tooltip": "Root cert - Tooltip",
     "SAML attributes": "SAML attributes",
     "SAML attributes - Tooltip": "SAML attributes - Tooltip",
-    "Save": "Save",
+    "Save": "Kaydet",
-    "Save & Exit": "Save & Exit",
+    "Save & Exit": "Kaydet ve Çık",
-    "Session ID": "Session ID",
+    "Session ID": "Oturum ID",
-    "Sessions": "Sessions",
+    "Sessions": "Oturumlar",
-    "Shortcuts": "Shortcuts",
+    "Shortcuts": "Kısayollar",
     "Signin URL": "Signin URL",
     "Signin URL - Tooltip": "Custom URL for the login page. If not set, the default Casdoor login page will be used. When set, the login links on various Casdoor pages will redirect to this URL",
-    "Signup URL": "Signup URL",
+    "Signup URL": "Kayıt URL",
     "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
     "Signup application": "Signup application",
     "Signup application - Tooltip": "Which application the user registered through when they signed up",
@@ -332,37 +331,37 @@
     "State": "State",
     "State - Tooltip": "State",
     "Subscriptions": "Subscriptions",
-    "Successfully added": "Successfully added",
+    "Successfully added": "Başarıyla eklendi",
-    "Successfully deleted": "Successfully deleted",
+    "Successfully deleted": "Başarıyla silindi",
-    "Successfully removed": "Successfully removed",
+    "Successfully removed": "Başarıyla kaldırıldı",
-    "Successfully saved": "Successfully saved",
+    "Successfully saved": "Başarıyla kaydedildi",
-    "Successfully sent": "Successfully sent",
+    "Successfully sent": "Başarıyla gönderildi",
-    "Successfully synced": "Successfully synced",
+    "Successfully synced": "Başarılı olarak eşitlendi",
-    "Supported country codes": "Supported country codes",
+    "Supported country codes": "Desteklenen ülke kodları",
     "Supported country codes - Tooltip": "Country codes supported by the organization. These codes can be selected as a prefix when sending SMS verification codes",
-    "Sure to delete": "Sure to delete",
+    "Sure to delete": "Silmek istediğinize emin misiniz?",
-    "Sure to disable": "Sure to disable",
+    "Sure to disable": "Pasif yapmak istediğinize emin misiniz?",
-    "Sure to remove": "Sure to remove",
+    "Sure to remove": "Kaldırmak istediğinize emin misiniz",
     "Swagger": "Swagger",
-    "Sync": "Sync",
+    "Sync": "Senkronizasyon",
     "Syncers": "Syncers",
-    "System Info": "System Info",
+    "System Info": "Sistem Bilgisi",
-    "There was a problem signing you in..": "There was a problem signing you in..",
+    "There was a problem signing you in..": "Oturumunuz açılırken bir sorun oluştu..",
-    "This is a read-only demo site!": "This is a read-only demo site!",
+    "This is a read-only demo site!": "Bu site sadece görüntüleme amaçlıdır!",
     "Tokens": "Tokens",
     "Type": "Type",
     "Type - Tooltip": "Type - Tooltip",
     "URL": "URL",
     "URL - Tooltip": "URL link",
-    "Up": "Up",
+    "Up": "Yukarı",
-    "Updated time": "Updated time",
+    "Updated time": "Güncelleme Zamanı",
-    "User": "User",
+    "User": "Kullanıcı",
-    "User - Tooltip": "Make sure the username is correct",
+    "User - Tooltip": "Kullanıcı adının doğru olduğundan emin olun",
-    "User Management": "User Management",
+    "User Management": "Kullanıcı Yönetimi",
     "User containers": "User pools",
     "User type": "User type",
     "User type - Tooltip": "Tags that the user belongs to, defaulting to \"normal-user\"",
-    "Users": "Users",
+    "Users": "Kullanıcılar",
     "Users under all organizations": "Users under all organizations",
     "Webhooks": "Webhooks",
     "You can only select one physical group": "You can only select one physical group",
@@ -427,35 +426,35 @@
     "unsynced": "unsynced"
   },
   "login": {
-    "Auto sign in": "Auto sign in",
+    "Auto sign in": "Otomatik Oturum Aç",
-    "Continue with": "Continue with",
+    "Continue with": "İle devam et",
-    "Email": "Email",
+    "Email": "E-Posta",
-    "Email or phone": "Email or phone",
+    "Email or phone": "E-posta veya telefon",
-    "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
+    "Failed to obtain MetaMask authorization": "Metamask yetkilendirmesi başarısız",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
-    "Forgot password?": "Forgot password?",
+    "Forgot password?": "Şifrenizi mi unuttunuz?",
     "LDAP": "LDAP",
     "LDAP username, Email or phone": "LDAP username, Email or phone",
-    "Loading": "Loading",
+    "Loading": "Yükleniyor",
-    "Logging out...": "Logging out...",
+    "Logging out...": "Çıkış yapılıyor...",
-    "MetaMask plugin not detected": "MetaMask plugin not detected",
+    "MetaMask plugin not detected": "Metamask plugin-in bulunamadı",
-    "No account?": "No account?",
+    "No account?": "Hesabınız yok mu?",
-    "Or sign in with another account": "Or sign in with another account",
+    "Or sign in with another account": "Veya başka bir hesapla giriş yapın",
-    "Phone": "Phone",
+    "Phone": "Telefon",
-    "Please input your Email or Phone!": "Please input your Email or Phone!",
+    "Please input your Email or Phone!": "Lütfen Telefon numaranızı ya da E-Posta adresinizi giriniz!",
-    "Please input your Email!": "Please input your Email!",
+    "Please input your Email!": "Eposta adresinizi girin!",
     "Please input your LDAP username!": "Please input your LDAP username!",
-    "Please input your Phone!": "Please input your Phone!",
+    "Please input your Phone!": "Lütfen telefon numaranızı girin!",
-    "Please input your code!": "Please input your code!",
+    "Please input your code!": "Lütfen size gönderilen kodu girin!",
     "Please input your organization name!": "Please input your organization name!",
-    "Please input your password!": "Please input your password!",
+    "Please input your password!": "Lütfen şifrenizi girin!",
     "Please select an organization": "Please select an organization",
     "Please select an organization to sign in": "Please select an organization to sign in",
     "Please type an organization to sign in": "Please type an organization to sign in",
-    "Redirecting, please wait.": "Redirecting, please wait.",
+    "Redirecting, please wait.": "Yönlendiriliyor, lütfen bekleyiniz.",
-    "Sign In": "Sign In",
+    "Sign In": "Oturum aç",
     "Sign in with WebAuthn": "Sign in with WebAuthn",
-    "Sign in with {type}": "Sign in with {type}",
+    "Sign in with {type}": "{type} ile giriş yap",
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
@@ -464,8 +463,8 @@
     "To access": "To access",
     "Verification code": "Verification code",
     "WebAuthn": "WebAuthn",
-    "sign up now": "sign up now",
+    "sign up now": "hemen kaydolun",
-    "username, Email or phone": "username, Email or phone"
+    "username, Email or phone": "kullanıcı adınız, Eposta adresiniz ve telefon numaranız"
   },
   "mfa": {
     "Each time you sign in to your Account, you'll need your password and a authentication code": "Each time you sign in to your Account, you'll need your password and a authentication code",
@@ -479,33 +478,33 @@
     "Multi-factor methods": "Multi-factor methods",
     "Multi-factor recover": "Multi-factor recover",
     "Multi-factor recover description": "Multi-factor recover description",
-    "Or copy the secret to your Authenticator App": "Or copy the secret to your Authenticator App",
+    "Or copy the secret to your Authenticator App": "Veya kod 'u Authenticator uygulamasından kopyalayın",
-    "Passcode": "Passcode",
+    "Passcode": "Parola",
     "Please bind your email first, the system will automatically uses the mail for multi-factor authentication": "Please bind your email first, the system will automatically uses the mail for multi-factor authentication",
     "Please bind your phone first, the system automatically uses the phone for multi-factor authentication": "Please bind your phone first, the system automatically uses the phone for multi-factor authentication",
-    "Please confirm the information below": "Please confirm the information below",
+    "Please confirm the information below": "Lütfen aşağıdaki bilgileri doğrulayın",
-    "Please save this recovery code. Once your device cannot provide an authentication code, you can reset mfa authentication by this recovery code": "Please save this recovery code. Once your device cannot provide an authentication code, you can reset mfa authentication by this recovery code",
+    "Please save this recovery code. Once your device cannot provide an authentication code, you can reset mfa authentication by this recovery code": "Lütfen bu kurtarma kodlarını kaydedin. Cihazınızdan yetkilendirme kodları oluşturamazsanız bu kodları kullanarak sorunu çözebilirsiniz",
     "Protect your account with Multi-factor authentication": "Protect your account with Multi-factor authentication",
-    "Recovery code": "Recovery code",
+    "Recovery code": "Kurtarma kodu",
-    "Scan the QR code with your Authenticator App": "Scan the QR code with your Authenticator App",
+    "Scan the QR code with your Authenticator App": "Bu QR kodunu kimlik doğrulama uygulamanızla tarayın",
     "Set preferred": "Set preferred",
     "Setup": "Setup",
     "To ensure the security of your account, it is recommended that you enable multi-factor authentication": "To ensure the security of your account, it is recommended that you enable multi-factor authentication",
     "To ensure the security of your account, it is required to enable multi-factor authentication": "To ensure the security of your account, it is required to enable multi-factor authentication",
-    "Use Authenticator App": "Use Authenticator App",
+    "Use Authenticator App": "Kimlik Doğrulama Uygulamasını kullan",
-    "Use Email": "Use Email",
+    "Use Email": "E-posta Kullan",
-    "Use SMS": "Use SMS",
+    "Use SMS": "SMS kullan",
-    "Use SMS verification code": "Use SMS verification code",
+    "Use SMS verification code": "SMS doğrulama kodunu kullan",
-    "Use a recovery code": "Use a recovery code",
+    "Use a recovery code": "Kurtarma kodu kullan",
-    "Verification failed": "Verification failed",
+    "Verification failed": "Doğrulama başarısız",
-    "Verify Code": "Verify Code",
+    "Verify Code": "Kodu doğrula",
-    "Verify Password": "Verify Password",
+    "Verify Password": "Parolayı Doğrula",
-    "Your email is": "Your email is",
+    "Your email is": "E-postanız",
-    "Your phone is": "Your phone is",
+    "Your phone is": "Telefon numaranız",
-    "preferred": "preferred"
+    "preferred": "tercih edilen"
   },
   "model": {
-    "Edit Model": "Edit Model",
+    "Edit Model": "Modeli Düzenle",
     "Model text": "Model text",
     "Model text - Tooltip": "Casbin access control model, including built-in models like ACL, RBAC, ABAC, RESTful, etc. You can also create custom models. For more information, please visit the Casbin website",
     "New Model": "New Model"
@@ -513,7 +512,7 @@
   "organization": {
     "Account items": "Account items",
     "Account items - Tooltip": "Items in the Personal settings page",
-    "All": "All",
+    "All": "Tümü",
     "Edit Organization": "Edit Organization",
     "Follow global theme": "Follow global theme",
     "Init score": "Init score",
@@ -524,14 +523,14 @@
     "New Organization": "New Organization",
     "Optional": "Optional",
     "Prompt": "Prompt",
-    "Required": "Required",
+    "Required": "Gerekli",
     "Soft deletion": "Soft deletion",
     "Soft deletion - Tooltip": "When enabled, deleting users will not completely remove them from the database. Instead, they will be marked as deleted",
     "Tags": "Tags",
     "Tags - Tooltip": "Collection of tags available for users to choose from",
     "View rule": "View rule",
-    "Visible": "Visible",
+    "Visible": "Görünür",
-    "Website URL": "Website URL",
+    "Website URL": "Web Sitesi URL'si",
     "Website URL - Tooltip": "The homepage URL of the organization. This field is not used in Casdoor"
   },
   "payment": {
@@ -557,14 +556,14 @@
     "Issue Invoice": "Issue Invoice",
     "Message": "Message",
     "Message - Tooltip": "Payment processing result message",
-    "New Payment": "New Payment",
+    "New Payment": "Yeni Ödeme",
     "Person Email": "Person Email",
-    "Person Email - Tooltip": "Email of the payer",
+    "Person Email - Tooltip": "Ödeyenin e-posta adresi",
-    "Person ID card": "Person ID card",
+    "Person ID card": "Kimlik kartı",
-    "Person ID card - Tooltip": "ID card number of the payer",
+    "Person ID card - Tooltip": "Ödeyenin kimlik numarası",
-    "Person name": "Person name",
+    "Person name": "Kişi Adı",
-    "Person name - Tooltip": "Real name of the payer",
+    "Person name - Tooltip": "Ödeyenin gerçek adı",
-    "Person phone": "Person phone",
+    "Person phone": "Kişi telefonu",
     "Person phone - Tooltip": "The phone number of the payer",
     "Please carefully check your invoice information. Once the invoice is issued, it cannot be withdrawn or modified.": "Please carefully check your invoice information. Once the invoice is issued, it cannot be withdrawn or modified.",
     "Please click the below button to return to the original website": "Please click the below button to return to the original website",
@@ -587,11 +586,11 @@
     "Actions": "Actions",
     "Actions - Tooltip": "Allowed actions",
     "Admin": "Admin",
-    "Allow": "Allow",
+    "Allow": "İzin ver",
     "Approve time": "Approve time",
     "Approve time - Tooltip": "The time of approval for this permission",
-    "Approved": "Approved",
+    "Approved": "Onaylandı",
-    "Approver": "Approver",
+    "Approver": "Onaylayan",
     "Approver - Tooltip": "The person who approved the permission",
     "Deny": "Deny",
     "Edit Permission": "Edit Permission",
@@ -624,7 +623,7 @@
     "Edit Pricing": "Edit Pricing",
     "Failed to get plans": "Failed to get plans",
     "Free": "Free",
-    "Getting started": "Getting started",
+    "Getting started": "Başlarken",
     "New Pricing": "New Pricing",
     "Trial duration": "Trial duration",
     "Trial duration - Tooltip": "Trial duration period",
@@ -863,32 +862,33 @@
     "Sub users - Tooltip": "Users included in the current role"
   },
   "signup": {
-    "Accept": "Accept",
+    "Accept": "Kabul Et",
     "Agreement": "Agreement",
-    "Confirm": "Confirm",
+    "Confirm": "Şifre doğrula",
     "Decline": "Decline",
-    "Have account?": "Have account?",
+    "Have account?": "Zaten bir hesabınız var mı?",
     "Label": "Label",
     "Label HTML": "Label HTML",
     "Placeholder": "Placeholder",
-    "Please accept the agreement!": "Please accept the agreement!",
+    "Please accept the agreement!": "Lütfen, kullanım koşullarını kabul ediniz",
     "Please click the below button to sign in": "Please click the below button to sign in",
-    "Please confirm your password!": "Please confirm your password!",
+    "Please confirm your password!": "Lütfen parolanızı doğrulayın!",
     "Please input the correct ID card number!": "Please input the correct ID card number!",
-    "Please input your Email!": "Please input your Email!",
+    "Please input your Email!": "Eposta adresinizi girin!",
     "Please input your ID card number!": "Please input your ID card number!",
     "Please input your address!": "Please input your address!",
     "Please input your affiliation!": "Please input your affiliation!",
-    "Please input your display name!": "Please input your display name!",
+    "Please input your display name!": "Lütfen adınızı girin.",
     "Please input your first name!": "Please input your first name!",
     "Please input your invitation code!": "Please input your invitation code!",
     "Please input your last name!": "Please input your last name!",
-    "Please input your phone number!": "Please input your phone number!",
+    "Please input your phone number!": "Lütfen telefon numaranızı girin!",
     "Please input your real name!": "Please input your real name!",
     "Please select your country code!": "Please select your country code!",
     "Please select your country/region!": "Please select your country/region!",
-    "Terms of Use": "Terms of Use",
+    "Regex": "Regex",
-    "Terms of Use - Tooltip": "Terms of use that users need to read and agree to during registration",
+    "Terms of Use": "Kullanım Koşulları",
+    "Terms of Use - Tooltip": "Kayıt olabilmek için kullanım koşullarını okuyup, kabul etmelisiniz",
     "Text 1": "Text 1",
     "Text 2": "Text 2",
     "Text 3": "Text 3",
@@ -897,12 +897,12 @@
     "The input is not invoice Tax ID!": "The input is not invoice Tax ID!",
     "The input is not invoice title!": "The input is not invoice title!",
     "The input is not valid Email!": "The input is not valid Email!",
-    "The input is not valid Phone!": "The input is not valid Phone!",
+    "The input is not valid Phone!": "Geçersiz telefon numarası!",
-    "Username": "Username",
+    "Username": "Kullanıcı Adı",
     "Username - Tooltip": "Username - Tooltip",
     "Your account has been created!": "Your account has been created!",
     "Your confirmed password is inconsistent with the password!": "Your confirmed password is inconsistent with the password!",
-    "sign in now": "sign in now"
+    "sign in now": "şimdi giriş yap"
   },
   "subscription": {
     "Active": "Active",
@@ -1009,8 +1009,8 @@
     "Bio - Tooltip": "Self introduction of the user",
     "Birthday": "Birthday",
     "Birthday - Tooltip": "Birthday - Tooltip",
-    "Captcha Verify Failed": "Captcha Verify Failed",
+    "Captcha Verify Failed": "Captcha doğrulaması hatalı",
-    "Captcha Verify Success": "Captcha Verify Success",
+    "Captcha Verify Success": "Captcha doğrulaması başarılı",
     "Country code": "Country code",
     "Country/Region": "Country/Region",
     "Country/Region - Tooltip": "Country or region",
@@ -1053,23 +1053,21 @@
     "Managed accounts": "Managed accounts",
     "Modify password...": "Modify password...",
     "Multi-factor authentication": "Multi-factor authentication",
-    "Name": "Name",
-    "Name format": "Name format",
     "New Email": "New Email",
     "New Password": "New Password",
     "New User": "New User",
     "New phone": "New phone",
     "Old Password": "Old Password",
     "Password set successfully": "Password set successfully",
-    "Phone cannot be empty": "Phone cannot be empty",
+    "Phone cannot be empty": "Telefon numarası boş olamaz",
     "Please select avatar from resources": "Please select avatar from resources",
     "Properties": "Properties",
     "Properties - Tooltip": "Properties of the user",
     "Ranking": "Ranking",
     "Ranking - Tooltip": "Ranking - Tooltip",
     "Re-enter New": "Re-enter New",
-    "Reset Email...": "Reset Email...",
+    "Reset Email...": "E-Posta adresini sıfırla...",
-    "Reset Phone...": "Reset Phone...",
+    "Reset Phone...": "Telefon numarasınız sıfırla...",
     "Score": "Score",
     "Score - Tooltip": "Score - Tooltip",
     "Select a photo...": "Select a photo...",
@@ -1078,25 +1076,25 @@
     "Set password...": "Set password...",
     "Tag": "Tag",
     "Tag - Tooltip": "Tag of the user",
-    "The password must contain at least one special character": "The password must contain at least one special character",
+    "The password must contain at least one special character": "Şifreniz en az bir özel karakter içermelidir.",
-    "The password must contain at least one uppercase letter, one lowercase letter and one digit": "The password must contain at least one uppercase letter, one lowercase letter and one digit",
+    "The password must contain at least one uppercase letter, one lowercase letter and one digit": "Şifreniz en az bir büyük harf, bir küçük harf ve en az bir rakam içermelidir",
-    "The password must have at least 6 characters": "The password must have at least 6 characters",
+    "The password must have at least 6 characters": "Şifreniz en az 6 karakterden oluşmalıdır",
-    "The password must have at least 8 characters": "The password must have at least 8 characters",
+    "The password must have at least 8 characters": "Şifreniz en az 8 karakterden oluşmalıdır",
-    "The password must not contain any repeated characters": "The password must not contain any repeated characters",
+    "The password must not contain any repeated characters": "Şifreniz tekrar eden karakterler içermemelidir",
     "Title": "Title",
     "Title - Tooltip": "Position in the affiliation",
-    "Two passwords you typed do not match.": "Two passwords you typed do not match.",
+    "Two passwords you typed do not match.": "İki şifre birbiri ile eşleşmiyor.",
     "Unlink": "Unlink",
     "Upload (.xlsx)": "Upload (.xlsx)",
     "Upload ID card back picture": "Upload ID card back picture",
     "Upload ID card front picture": "Upload ID card front picture",
     "Upload ID card with person picture": "Upload ID card with person picture",
     "Upload a photo": "Upload a photo",
-    "Value": "Value",
+    "User Profile": "User Profile",
     "Values": "Values",
     "Verification code sent": "Verification code sent",
     "WebAuthn credentials": "WebAuthn credentials",
-    "input password": "input password"
+    "input password": "şifreyi girin"
   },
   "webhook": {
     "Content type": "Content type",

web/src/locales/uk/data.json

@@ -61,7 +61,6 @@
     "Incremental": "Incremental",
     "Input": "Input",
     "Invitation code": "Invitation code",
-    "Invitation code - Tooltip": "Invitation code - Tooltip",
     "Left": "Left",
     "Logged in successfully": "Logged in successfully",
     "Logged out successfully": "Logged out successfully",
@@ -192,7 +191,6 @@
     "Close": "Close",
     "Confirm": "Confirm",
     "Copied to clipboard successfully": "Copied to clipboard successfully",
-    "Copy": "Copy",
     "Created time": "Created time",
     "Custom": "Custom",
     "Dashboard": "Dashboard",
@@ -267,6 +265,7 @@
     "Models": "Models",
     "Name": "Name",
     "Name - Tooltip": "Unique, string-based ID",
+    "Name format": "Name format",
     "Non-LDAP": "Non-LDAP",
     "None": "None",
     "OAuth providers": "OAuth providers",
@@ -887,6 +886,7 @@
     "Please input your real name!": "Please input your real name!",
     "Please select your country code!": "Please select your country code!",
     "Please select your country/region!": "Please select your country/region!",
+    "Regex": "Regex",
     "Terms of Use": "Terms of Use",
     "Terms of Use - Tooltip": "Terms of use that users need to read and agree to during registration",
     "Text 1": "Text 1",
@@ -1053,8 +1053,6 @@
     "Managed accounts": "Managed accounts",
     "Modify password...": "Modify password...",
     "Multi-factor authentication": "Multi-factor authentication",
-    "Name": "Name",
-    "Name format": "Name format",
     "New Email": "New Email",
     "New Password": "New Password",
     "New User": "New User",
@@ -1092,7 +1090,7 @@
     "Upload ID card front picture": "Upload ID card front picture",
     "Upload ID card with person picture": "Upload ID card with person picture",
     "Upload a photo": "Upload a photo",
-    "Value": "Value",
+    "User Profile": "User Profile",
     "Values": "Values",
     "Verification code sent": "Verification code sent",
     "WebAuthn credentials": "WebAuthn credentials",