feat: fix /signup parameter issue

feat: Add Invitation Code to Generate Invitation Link (#2666 )
Add auto-population of invitation fields in the registration page based on the invitation code in the link
2025-07-22 01:33:50 +08:00 · 2024-02-03 10:00:47 +08:00 · 2024-02-02 21:12:56 +08:00 · 2024-02-02 10:23:17 +08:00 · 2024-02-01 23:06:12 +08:00 · 2024-02-01 17:50:22 +08:00
101 changed files with 900 additions and 141 deletions
--- a/authz/authz.go
+++ b/authz/authz.go
@ -80,6 +80,7 @@ p, *, *, *, /.well-known/jwks, *, *
 p, *, *, GET, /api/get-saml-login, *, *
 p, *, *, POST, /api/acs, *, *
 p, *, *, GET, /api/saml/metadata, *, *
+p, *, *, *, /api/saml/redirect, *, *
 p, *, *, *, /cas, *, *
 p, *, *, *, /scim, *, *
 p, *, *, *, /api/webauthn, *, *
@ -95,6 +96,7 @@ p, *, *, GET, /api/get-organization-names, *, *
 p, *, *, GET, /api/get-all-objects, *, *
 p, *, *, GET, /api/get-all-actions, *, *
 p, *, *, GET, /api/get-all-roles, *, *
+p, *, *, GET, /api/get-invitation-info, *, *
 `

 		sa := stringadapter.NewAdapter(ruleText)
--- a/controllers/account.go
+++ b/controllers/account.go
@ -93,6 +93,10 @@ func (c *ApiController) Signup() {
 		c.ResponseError(err.Error())
 		return
 	}
+	if application == nil {
+		c.ResponseError(fmt.Sprintf(c.T("auth:The application: %s does not exist")), authForm.Application)
+		return
+	}

 	if !application.EnableSignUp {
 		c.ResponseError(c.T("account:The application does not allow to sign up new account"))
@ -111,6 +115,16 @@ func (c *ApiController) Signup() {
 		return
 	}

+	invitation, msg := object.CheckInvitationCode(application, organization, &authForm, c.GetAcceptLanguage())
+	if msg != "" {
+		c.ResponseError(msg)
+		return
+	}
+	invitationName := ""
+	if invitation != nil {
+		invitationName = invitation.Name
+	}
+
 	if application.IsSignupItemVisible("Email") && application.GetSignupItemRule("Email") != "No verification" && authForm.Email != "" {
 		checkResult := object.CheckVerificationCode(authForm.Email, authForm.EmailCode, c.GetAcceptLanguage())
 		if checkResult.Code != object.VerificationSuccess {
@ -179,6 +193,8 @@ func (c *ApiController) Signup() {
 		SignupApplication: application.Name,
 		Properties:        map[string]string{},
 		Karma:             0,
+		Invitation:        invitationName,
+		InvitationCode:    authForm.InvitationCode,
 	}

 	if len(organization.Tags) > 0 {
@ -213,6 +229,15 @@ func (c *ApiController) Signup() {
 		return
 	}

+	if invitation != nil {
+		invitation.UsedCount += 1
+		_, err := object.UpdateInvitation(invitation.GetId(), invitation, c.GetAcceptLanguage())
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+	}
+
 	if application.HasPromptPage() && user.Type == "normal-user" {
 		// The prompt page needs the user to be signed in
 		c.SetSessionUsername(user.GetId())
--- a/controllers/application.go
+++ b/controllers/application.go
@ -139,6 +139,10 @@ func (c *ApiController) GetUserApplication() {
 		c.ResponseError(err.Error())
 		return
 	}
+	if application == nil {
+		c.ResponseError(fmt.Sprintf(c.T("general:The organization: %s should have one application at least"), user.Owner))
+		return
+	}

 	c.ResponseOk(object.GetMaskedApplication(application, userId))
 }
--- a/controllers/auth.go
+++ b/controllers/auth.go
@ -19,7 +19,7 @@ import (
 	"encoding/json"
 	"encoding/xml"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"net/http"
 	"net/url"
 	"strconv"
@ -912,7 +912,7 @@ func (c *ApiController) HandleSamlLogin() {
 	samlResponse = url.QueryEscape(samlResponse)
 	targetUrl := fmt.Sprintf("%s?relayState=%s&samlResponse=%s",
 		slice[4], relayState, samlResponse)
-	c.Redirect(targetUrl, 303)
+	c.Redirect(targetUrl, http.StatusSeeOther)
 }

 // HandleOfficialAccountEvent ...
@ -921,7 +921,7 @@ func (c *ApiController) HandleSamlLogin() {
 // @router /webhook [POST]
 // @Success 200 {object} object.Userinfo The Response object
 func (c *ApiController) HandleOfficialAccountEvent() {
-	respBytes, err := ioutil.ReadAll(c.Ctx.Request.Body)
+	respBytes, err := io.ReadAll(c.Ctx.Request.Body)
 	if err != nil {
 		c.ResponseError(err.Error())
 		return
--- a/controllers/casbin_api.go
+++ b/controllers/casbin_api.go
@ -121,6 +121,10 @@ func (c *ApiController) Enforce() {
 		}
 	} else if owner != "" {
 		permissions, err = object.GetPermissions(owner)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
 	} else {
 		c.ResponseError(c.T("general:Missing parameter"))
 		return
@ -235,6 +239,10 @@ func (c *ApiController) BatchEnforce() {
 		}
 	} else if owner != "" {
 		permissions, err = object.GetPermissions(owner)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
 	} else {
 		c.ResponseError(c.T("general:Missing parameter"))
 		return
--- a/controllers/invitation.go
+++ b/controllers/invitation.go
@ -84,6 +84,32 @@ func (c *ApiController) GetInvitation() {
 	c.ResponseOk(invitation)
 }

+// GetInvitationCodeInfo
+// @Title GetInvitationCodeInfo
+// @Tag Invitation API
+// @Description get invitation code information
+// @Param   code     query    string  true        "Invitation code"
+// @Success 200 {object} object.Invitation The Response object
+// @router /get-invitation-info [get]
+func (c *ApiController) GetInvitationCodeInfo() {
+	code := c.Input().Get("code")
+	applicationId := c.Input().Get("applicationId")
+
+	application, err := object.GetApplication(applicationId)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	invitation, msg := object.GetInvitationByCode(code, application.Organization, c.GetAcceptLanguage())
+	if msg != "" {
+		c.ResponseError(msg)
+		return
+	}
+
+	c.ResponseOk(object.GetMaskedInvitation(invitation))
+}
+
 // UpdateInvitation
 // @Title UpdateInvitation
 // @Tag Invitation API
@ -102,7 +128,7 @@ func (c *ApiController) UpdateInvitation() {
 		return
 	}

-	c.Data["json"] = wrapActionResponse(object.UpdateInvitation(id, &invitation))
+	c.Data["json"] = wrapActionResponse(object.UpdateInvitation(id, &invitation, c.GetAcceptLanguage()))
 	c.ServeJSON()
 }

@ -121,7 +147,7 @@ func (c *ApiController) AddInvitation() {
 		return
 	}

-	c.Data["json"] = wrapActionResponse(object.AddInvitation(&invitation))
+	c.Data["json"] = wrapActionResponse(object.AddInvitation(&invitation, c.GetAcceptLanguage()))
 	c.ServeJSON()
 }

--- a/controllers/saml.go
+++ b/controllers/saml.go
@ -16,6 +16,7 @@ package controllers

 import (
 	"fmt"
+	"net/http"

 	"github.com/casdoor/casdoor/object"
 )
@ -34,7 +35,13 @@ func (c *ApiController) GetSamlMeta() {
 		return
 	}

-	metadata, err := object.GetSamlMeta(application, host)
+	enablePostBinding, err := c.GetBool("enablePostBinding", false)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	metadata, err := object.GetSamlMeta(application, host, enablePostBinding)
 	if err != nil {
 		c.ResponseError(err.Error())
 		return
@ -43,3 +50,17 @@ func (c *ApiController) GetSamlMeta() {
 	c.Data["xml"] = metadata
 	c.ServeXML()
 }
+
+func (c *ApiController) HandleSamlRedirect() {
+	host := c.Ctx.Request.Host
+
+	owner := c.Ctx.Input.Param(":owner")
+	application := c.Ctx.Input.Param(":application")
+
+	relayState := c.Input().Get("RelayState")
+	samlRequest := c.Input().Get("SAMLRequest")
+
+	targetURL := object.GetSamlRedirectAddress(owner, application, relayState, samlRequest, host)
+
+	c.Redirect(targetURL, http.StatusSeeOther)
+}
--- a/controllers/system_info.go
+++ b/controllers/system_info.go
@ -47,6 +47,11 @@ func (c *ApiController) GetSystemInfo() {
 // @router /get-version-info [get]
 func (c *ApiController) GetVersionInfo() {
 	versionInfo, err := util.GetVersionInfo()
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
 	if versionInfo.Version != "" {
 		c.ResponseOk(versionInfo)
 		return
--- a/controllers/token.go
+++ b/controllers/token.go
@ -271,6 +271,14 @@ func (c *ApiController) RefreshToken() {
 	c.ServeJSON()
 }

+func (c *ApiController) ResponseTokenError(errorMsg string) {
+	c.Data["json"] = &object.TokenError{
+		Error: errorMsg,
+	}
+	c.SetTokenErrorHttpStatus()
+	c.ServeJSON()
+}
+
 // IntrospectToken
 // @Title IntrospectToken
 // @Tag Login API
@ -293,40 +301,33 @@ func (c *ApiController) IntrospectToken() {
 		clientId = c.Input().Get("client_id")
 		clientSecret = c.Input().Get("client_secret")
 		if clientId == "" || clientSecret == "" {
-			c.ResponseError(c.T("token:Empty clientId or clientSecret"))
-			c.Data["json"] = &object.TokenError{
-				Error: object.InvalidRequest,
-			}
-			c.SetTokenErrorHttpStatus()
-			c.ServeJSON()
+			c.ResponseTokenError(object.InvalidRequest)
 			return
 		}
 	}
+
 	application, err := object.GetApplicationByClientId(clientId)
 	if err != nil {
-		c.ResponseError(err.Error())
+		c.ResponseTokenError(err.Error())
 		return
 	}

 	if application == nil || application.ClientSecret != clientSecret {
-		c.ResponseError(c.T("token:Invalid application or wrong clientSecret"))
-		c.Data["json"] = &object.TokenError{
-			Error: object.InvalidClient,
-		}
-		c.SetTokenErrorHttpStatus()
-		return
-	}
-	token, err := object.GetTokenByTokenAndApplication(tokenValue, application.Name)
-	if err != nil {
-		c.ResponseError(err.Error())
+		c.ResponseTokenError(c.T("token:Invalid application or wrong clientSecret"))
 		return
 	}

+	token, err := object.GetTokenByTokenValue(tokenValue)
+	if err != nil {
+		c.ResponseTokenError(err.Error())
+		return
+	}
 	if token == nil {
 		c.Data["json"] = &object.IntrospectionResponse{Active: false}
 		c.ServeJSON()
 		return
 	}
+
 	jwtToken, err := object.ParseJwtTokenByApplication(tokenValue, application)
 	if err != nil || jwtToken.Valid() != nil {
 		// and token revoked case. but we not implement
--- a/cred/manager.go
+++ b/cred/manager.go
@ -24,6 +24,8 @@ func GetCredManager(passwordType string) CredManager {
 		return NewPlainCredManager()
 	} else if passwordType == "salt" {
 		return NewSha256SaltCredManager()
+	} else if passwordType == "sha512-salt" {
+		return NewSha512SaltCredManager()
 	} else if passwordType == "md5-salt" {
 		return NewMd5UserSaltCredManager()
 	} else if passwordType == "bcrypt" {
--- a/cred/sha512-salt.go
+++ b/cred/sha512-salt.go
@ -0,0 +1,50 @@
+// Copyright 2024 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package cred
+
+import (
+	"crypto/sha512"
+	"encoding/hex"
+)
+
+type Sha512SaltCredManager struct{}
+
+func getSha512(data []byte) []byte {
+	hash := sha512.Sum512(data)
+	return hash[:]
+}
+
+func getSha512HexDigest(s string) string {
+	b := getSha512([]byte(s))
+	res := hex.EncodeToString(b)
+	return res
+}
+
+func NewSha512SaltCredManager() *Sha512SaltCredManager {
+	cm := &Sha512SaltCredManager{}
+	return cm
+}
+
+func (cm *Sha512SaltCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
+	res := getSha512HexDigest(password)
+	if organizationSalt != "" {
+		res = getSha512HexDigest(res + organizationSalt)
+	}
+	return res
+}
+
+func (cm *Sha512SaltCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, userSalt string, organizationSalt string) bool {
+	return hashedPwd == cm.GetHashedPassword(plainPwd, userSalt, organizationSalt)
+}
--- a/i18n/locales/ar/data.json
+++ b/i18n/locales/ar/data.json
@ -30,6 +30,7 @@
  },
  "check": {
    "Affiliation cannot be blank": "Affiliation cannot be blank",
+    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
    "DisplayName cannot be blank": "DisplayName cannot be blank",
    "DisplayName is not valid real name": "DisplayName is not valid real name",
    "Email already exists": "Email already exists",
@ -38,7 +39,9 @@
    "Empty username.": "Empty username.",
    "FirstName cannot be blank": "FirstName cannot be blank",
    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
    "LDAP user name or password incorrect": "LDAP user name or password incorrect",
    "LastName cannot be blank": "LastName cannot be blank",
    "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@ -46,10 +49,15 @@
    "Phone already exists": "Phone already exists",
    "Phone cannot be empty": "Phone cannot be empty",
    "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
    "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
    "Username cannot contain white spaces": "Username cannot contain white spaces",
--- a/i18n/locales/de/data.json
+++ b/i18n/locales/de/data.json
@ -30,6 +30,7 @@
  },
  "check": {
    "Affiliation cannot be blank": "Zugehörigkeit darf nicht leer sein",
+    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
    "DisplayName cannot be blank": "Anzeigename kann nicht leer sein",
    "DisplayName is not valid real name": "DisplayName ist kein gültiger Vorname",
    "Email already exists": "E-Mail existiert bereits",
@ -38,7 +39,9 @@
    "Empty username.": "Leerer Benutzername.",
    "FirstName cannot be blank": "Vorname darf nicht leer sein",
    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
    "LDAP user name or password incorrect": "Ldap Benutzername oder Passwort falsch",
    "LastName cannot be blank": "Nachname darf nicht leer sein",
    "Multiple accounts with same uid, please check your ldap server": "Mehrere Konten mit derselben uid, bitte überprüfen Sie Ihren LDAP-Server",
@ -46,10 +49,15 @@
    "Phone already exists": "Telefon existiert bereits",
    "Phone cannot be empty": "Das Telefon darf nicht leer sein",
    "Phone number is invalid": "Die Telefonnummer ist ungültig",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
    "Session outdated, please login again": "Sitzung abgelaufen, bitte erneut anmelden",
+    "The invitation code has already been used": "The invitation code has already been used",
    "The user is forbidden to sign in, please contact the administrator": "Dem Benutzer ist der Zugang verboten, bitte kontaktieren Sie den Administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "Der Benutzername darf nur alphanumerische Zeichen, Unterstriche oder Bindestriche enthalten, keine aufeinanderfolgenden Bindestriche oder Unterstriche haben und darf nicht mit einem Bindestrich oder Unterstrich beginnen oder enden.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Benutzername existiert bereits",
    "Username cannot be an email address": "Benutzername kann keine E-Mail-Adresse sein",
    "Username cannot contain white spaces": "Benutzername darf keine Leerzeichen enthalten",
--- a/i18n/locales/en/data.json
+++ b/i18n/locales/en/data.json
@ -30,6 +30,7 @@
  },
  "check": {
    "Affiliation cannot be blank": "Affiliation cannot be blank",
+    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
    "DisplayName cannot be blank": "DisplayName cannot be blank",
    "DisplayName is not valid real name": "DisplayName is not valid real name",
    "Email already exists": "Email already exists",
@ -38,7 +39,9 @@
    "Empty username.": "Empty username.",
    "FirstName cannot be blank": "FirstName cannot be blank",
    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
    "LDAP user name or password incorrect": "LDAP user name or password incorrect",
    "LastName cannot be blank": "LastName cannot be blank",
    "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@ -46,10 +49,15 @@
    "Phone already exists": "Phone already exists",
    "Phone cannot be empty": "Phone cannot be empty",
    "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
    "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
    "Username cannot contain white spaces": "Username cannot contain white spaces",
--- a/i18n/locales/es/data.json
+++ b/i18n/locales/es/data.json
@ -30,6 +30,7 @@
  },
  "check": {
    "Affiliation cannot be blank": "Afiliación no puede estar en blanco",
+    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
    "DisplayName cannot be blank": "El nombre de visualización no puede estar en blanco",
    "DisplayName is not valid real name": "El nombre de pantalla no es un nombre real válido",
    "Email already exists": "El correo electrónico ya existe",
@ -38,7 +39,9 @@
    "Empty username.": "Nombre de usuario vacío.",
    "FirstName cannot be blank": "El nombre no puede estar en blanco",
    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
    "LDAP user name or password incorrect": "Nombre de usuario o contraseña de Ldap incorrectos",
    "LastName cannot be blank": "El apellido no puede estar en blanco",
    "Multiple accounts with same uid, please check your ldap server": "Cuentas múltiples con el mismo uid, por favor revise su servidor ldap",
@ -46,10 +49,15 @@
    "Phone already exists": "El teléfono ya existe",
    "Phone cannot be empty": "Teléfono no puede estar vacío",
    "Phone number is invalid": "El número de teléfono no es válido",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
    "Session outdated, please login again": "Sesión expirada, por favor vuelva a iniciar sesión",
+    "The invitation code has already been used": "The invitation code has already been used",
    "The user is forbidden to sign in, please contact the administrator": "El usuario no está autorizado a iniciar sesión, por favor contacte al administrador",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "El nombre de usuario solo puede contener caracteres alfanuméricos, guiones bajos o guiones, no puede tener guiones o subrayados consecutivos, y no puede comenzar ni terminar con un guión o subrayado.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "El nombre de usuario ya existe",
    "Username cannot be an email address": "Nombre de usuario no puede ser una dirección de correo electrónico",
    "Username cannot contain white spaces": "Nombre de usuario no puede contener espacios en blanco",
--- a/i18n/locales/fa/data.json
+++ b/i18n/locales/fa/data.json
@ -30,6 +30,7 @@
  },
  "check": {
    "Affiliation cannot be blank": "Affiliation cannot be blank",
+    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
    "DisplayName cannot be blank": "DisplayName cannot be blank",
    "DisplayName is not valid real name": "DisplayName is not valid real name",
    "Email already exists": "Email already exists",
@ -38,7 +39,9 @@
    "Empty username.": "Empty username.",
    "FirstName cannot be blank": "FirstName cannot be blank",
    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
    "LDAP user name or password incorrect": "LDAP user name or password incorrect",
    "LastName cannot be blank": "LastName cannot be blank",
    "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@ -46,10 +49,15 @@
    "Phone already exists": "Phone already exists",
    "Phone cannot be empty": "Phone cannot be empty",
    "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
    "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
    "Username cannot contain white spaces": "Username cannot contain white spaces",
--- a/i18n/locales/fi/data.json
+++ b/i18n/locales/fi/data.json
@ -30,6 +30,7 @@
  },
  "check": {
    "Affiliation cannot be blank": "Affiliation cannot be blank",
+    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
    "DisplayName cannot be blank": "DisplayName cannot be blank",
    "DisplayName is not valid real name": "DisplayName is not valid real name",
    "Email already exists": "Email already exists",
@ -38,7 +39,9 @@
    "Empty username.": "Empty username.",
    "FirstName cannot be blank": "FirstName cannot be blank",
    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
    "LDAP user name or password incorrect": "LDAP user name or password incorrect",
    "LastName cannot be blank": "LastName cannot be blank",
    "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@ -46,10 +49,15 @@
    "Phone already exists": "Phone already exists",
    "Phone cannot be empty": "Phone cannot be empty",
    "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
    "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
    "Username cannot contain white spaces": "Username cannot contain white spaces",
--- a/i18n/locales/fr/data.json
+++ b/i18n/locales/fr/data.json
@ -30,6 +30,7 @@
  },
  "check": {
    "Affiliation cannot be blank": "Affiliation ne peut pas être vide",
+    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
    "DisplayName cannot be blank": "Le nom d'affichage ne peut pas être vide",
    "DisplayName is not valid real name": "DisplayName n'est pas un nom réel valide",
    "Email already exists": "E-mail déjà existant",
@ -38,7 +39,9 @@
    "Empty username.": "Nom d'utilisateur vide.",
    "FirstName cannot be blank": "Le prénom ne peut pas être laissé vide",
    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
    "LDAP user name or password incorrect": "Nom d'utilisateur ou mot de passe LDAP incorrect",
    "LastName cannot be blank": "Le nom de famille ne peut pas être vide",
    "Multiple accounts with same uid, please check your ldap server": "Plusieurs comptes avec le même identifiant d'utilisateur, veuillez vérifier votre serveur LDAP",
@ -46,10 +49,15 @@
    "Phone already exists": "Le téléphone existe déjà",
    "Phone cannot be empty": "Le téléphone ne peut pas être vide",
    "Phone number is invalid": "Le numéro de téléphone est invalide",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
    "Session outdated, please login again": "Session expirée, veuillez vous connecter à nouveau",
+    "The invitation code has already been used": "The invitation code has already been used",
    "The user is forbidden to sign in, please contact the administrator": "L'utilisateur est interdit de se connecter, veuillez contacter l'administrateur",
    "The user: %s doesn't exist in LDAP server": "L'utilisateur %s n'existe pas sur le serveur LDAP",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "Le nom d'utilisateur ne peut contenir que des caractères alphanumériques, des traits soulignés ou des tirets, ne peut pas avoir de tirets ou de traits soulignés consécutifs et ne peut pas commencer ou se terminer par un tiret ou un trait souligné.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Nom d'utilisateur existe déjà",
    "Username cannot be an email address": "Nom d'utilisateur ne peut pas être une adresse e-mail",
    "Username cannot contain white spaces": "Nom d'utilisateur ne peut pas contenir d'espaces blancs",
--- a/i18n/locales/he/data.json
+++ b/i18n/locales/he/data.json
@ -30,6 +30,7 @@
  },
  "check": {
    "Affiliation cannot be blank": "Affiliation cannot be blank",
+    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
    "DisplayName cannot be blank": "DisplayName cannot be blank",
    "DisplayName is not valid real name": "DisplayName is not valid real name",
    "Email already exists": "Email already exists",
@ -38,7 +39,9 @@
    "Empty username.": "Empty username.",
    "FirstName cannot be blank": "FirstName cannot be blank",
    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
    "LDAP user name or password incorrect": "LDAP user name or password incorrect",
    "LastName cannot be blank": "LastName cannot be blank",
    "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@ -46,10 +49,15 @@
    "Phone already exists": "Phone already exists",
    "Phone cannot be empty": "Phone cannot be empty",
    "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
    "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
    "Username cannot contain white spaces": "Username cannot contain white spaces",
--- a/i18n/locales/id/data.json
+++ b/i18n/locales/id/data.json
@ -30,6 +30,7 @@
  },
  "check": {
    "Affiliation cannot be blank": "Keterkaitan tidak boleh kosong",
+    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
    "DisplayName cannot be blank": "Nama Pengguna tidak boleh kosong",
    "DisplayName is not valid real name": "DisplayName bukanlah nama asli yang valid",
    "Email already exists": "Email sudah ada",
@ -38,7 +39,9 @@
    "Empty username.": "Nama pengguna kosong.",
    "FirstName cannot be blank": "Nama depan tidak boleh kosong",
    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
    "LDAP user name or password incorrect": "Nama pengguna atau kata sandi Ldap salah",
    "LastName cannot be blank": "Nama belakang tidak boleh kosong",
    "Multiple accounts with same uid, please check your ldap server": "Beberapa akun dengan uid yang sama, harap periksa server ldap Anda",
@ -46,10 +49,15 @@
    "Phone already exists": "Telepon sudah ada",
    "Phone cannot be empty": "Telepon tidak boleh kosong",
    "Phone number is invalid": "Nomor telepon tidak valid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
    "Session outdated, please login again": "Sesi kedaluwarsa, silakan masuk lagi",
+    "The invitation code has already been used": "The invitation code has already been used",
    "The user is forbidden to sign in, please contact the administrator": "Pengguna dilarang masuk, silakan hubungi administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "Nama pengguna hanya bisa menggunakan karakter alfanumerik, garis bawah atau tanda hubung, tidak boleh memiliki dua tanda hubung atau garis bawah berurutan, dan tidak boleh diawali atau diakhiri dengan tanda hubung atau garis bawah.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Nama pengguna sudah ada",
    "Username cannot be an email address": "Username tidak bisa menjadi alamat email",
    "Username cannot contain white spaces": "Username tidak boleh mengandung spasi",
--- a/i18n/locales/it/data.json
+++ b/i18n/locales/it/data.json
@ -30,6 +30,7 @@
  },
  "check": {
    "Affiliation cannot be blank": "Affiliation cannot be blank",
+    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
    "DisplayName cannot be blank": "DisplayName cannot be blank",
    "DisplayName is not valid real name": "DisplayName is not valid real name",
    "Email already exists": "Email already exists",
@ -38,7 +39,9 @@
    "Empty username.": "Empty username.",
    "FirstName cannot be blank": "FirstName cannot be blank",
    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
    "LDAP user name or password incorrect": "LDAP user name or password incorrect",
    "LastName cannot be blank": "LastName cannot be blank",
    "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@ -46,10 +49,15 @@
    "Phone already exists": "Phone already exists",
    "Phone cannot be empty": "Phone cannot be empty",
    "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
    "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
    "Username cannot contain white spaces": "Username cannot contain white spaces",
--- a/i18n/locales/ja/data.json
+++ b/i18n/locales/ja/data.json
@ -30,6 +30,7 @@
  },
  "check": {
    "Affiliation cannot be blank": "所属は空白にできません",
+    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
    "DisplayName cannot be blank": "表示名は空白にできません",
    "DisplayName is not valid real name": "表示名は有効な実名ではありません",
    "Email already exists": "メールは既に存在します",
@ -38,7 +39,9 @@
    "Empty username.": "空のユーザー名。",
    "FirstName cannot be blank": "ファーストネームは空白にできません",
    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
    "LDAP user name or password incorrect": "Ldapのユーザー名またはパスワードが間違っています",
    "LastName cannot be blank": "姓は空白にできません",
    "Multiple accounts with same uid, please check your ldap server": "同じuidを持つ複数のアカウントがあります。あなたのLDAPサーバーを確認してください",
@ -46,10 +49,15 @@
    "Phone already exists": "電話はすでに存在しています",
    "Phone cannot be empty": "電話は空っぽにできません",
    "Phone number is invalid": "電話番号が無効です",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
    "Session outdated, please login again": "セッションが期限切れになりました。再度ログインしてください",
+    "The invitation code has already been used": "The invitation code has already been used",
    "The user is forbidden to sign in, please contact the administrator": "ユーザーはサインインできません。管理者に連絡してください",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "ユーザー名には英数字、アンダースコア、ハイフンしか含めることができません。連続したハイフンまたはアンダースコアは不可であり、ハイフンまたはアンダースコアで始まるまたは終わることもできません。",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "ユーザー名はすでに存在しています",
    "Username cannot be an email address": "ユーザー名には電子メールアドレスを使用できません",
    "Username cannot contain white spaces": "ユーザ名にはスペースを含めることはできません",
--- a/i18n/locales/kk/data.json
+++ b/i18n/locales/kk/data.json
@ -30,6 +30,7 @@
  },
  "check": {
    "Affiliation cannot be blank": "Affiliation cannot be blank",
+    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
    "DisplayName cannot be blank": "DisplayName cannot be blank",
    "DisplayName is not valid real name": "DisplayName is not valid real name",
    "Email already exists": "Email already exists",
@ -38,7 +39,9 @@
    "Empty username.": "Empty username.",
    "FirstName cannot be blank": "FirstName cannot be blank",
    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
    "LDAP user name or password incorrect": "LDAP user name or password incorrect",
    "LastName cannot be blank": "LastName cannot be blank",
    "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@ -46,10 +49,15 @@
    "Phone already exists": "Phone already exists",
    "Phone cannot be empty": "Phone cannot be empty",
    "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
    "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
    "Username cannot contain white spaces": "Username cannot contain white spaces",
--- a/i18n/locales/ko/data.json
+++ b/i18n/locales/ko/data.json
@ -30,6 +30,7 @@
  },
  "check": {
    "Affiliation cannot be blank": "소속은 비워 둘 수 없습니다",
+    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
    "DisplayName cannot be blank": "DisplayName는 비어 있을 수 없습니다",
    "DisplayName is not valid real name": "DisplayName는 유효한 실제 이름이 아닙니다",
    "Email already exists": "이메일이 이미 존재합니다",
@ -38,7 +39,9 @@
    "Empty username.": "빈 사용자 이름.",
    "FirstName cannot be blank": "이름은 공백일 수 없습니다",
    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
    "LDAP user name or password incorrect": "LDAP 사용자 이름 또는 암호가 잘못되었습니다",
    "LastName cannot be blank": "성은 비어 있을 수 없습니다",
    "Multiple accounts with same uid, please check your ldap server": "동일한 UID를 가진 여러 계정이 있습니다. LDAP 서버를 확인해주세요",
@ -46,10 +49,15 @@
    "Phone already exists": "전화기는 이미 존재합니다",
    "Phone cannot be empty": "전화는 비워 둘 수 없습니다",
    "Phone number is invalid": "전화번호가 유효하지 않습니다",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
    "Session outdated, please login again": "세션이 만료되었습니다. 다시 로그인해주세요",
+    "The invitation code has already been used": "The invitation code has already been used",
    "The user is forbidden to sign in, please contact the administrator": "사용자는 로그인이 금지되어 있습니다. 관리자에게 문의하십시오",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "사용자 이름은 알파벳, 숫자, 밑줄 또는 하이픈만 포함할 수 있으며, 연속된 하이픈 또는 밑줄을 가질 수 없으며, 하이픈 또는 밑줄로 시작하거나 끝날 수 없습니다.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "사용자 이름이 이미 존재합니다",
    "Username cannot be an email address": "사용자 이름은 이메일 주소가 될 수 없습니다",
    "Username cannot contain white spaces": "사용자 이름에는 공백이 포함될 수 없습니다",
--- a/i18n/locales/ms/data.json
+++ b/i18n/locales/ms/data.json
@ -30,6 +30,7 @@
  },
  "check": {
    "Affiliation cannot be blank": "Affiliation cannot be blank",
+    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
    "DisplayName cannot be blank": "DisplayName cannot be blank",
    "DisplayName is not valid real name": "DisplayName is not valid real name",
    "Email already exists": "Email already exists",
@ -38,7 +39,9 @@
    "Empty username.": "Empty username.",
    "FirstName cannot be blank": "FirstName cannot be blank",
    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
    "LDAP user name or password incorrect": "LDAP user name or password incorrect",
    "LastName cannot be blank": "LastName cannot be blank",
    "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@ -46,10 +49,15 @@
    "Phone already exists": "Phone already exists",
    "Phone cannot be empty": "Phone cannot be empty",
    "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
    "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
    "Username cannot contain white spaces": "Username cannot contain white spaces",
--- a/i18n/locales/nl/data.json
+++ b/i18n/locales/nl/data.json
@ -30,6 +30,7 @@
  },
  "check": {
    "Affiliation cannot be blank": "Affiliation cannot be blank",
+    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
    "DisplayName cannot be blank": "DisplayName cannot be blank",
    "DisplayName is not valid real name": "DisplayName is not valid real name",
    "Email already exists": "Email already exists",
@ -38,7 +39,9 @@
    "Empty username.": "Empty username.",
    "FirstName cannot be blank": "FirstName cannot be blank",
    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
    "LDAP user name or password incorrect": "LDAP user name or password incorrect",
    "LastName cannot be blank": "LastName cannot be blank",
    "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@ -46,10 +49,15 @@
    "Phone already exists": "Phone already exists",
    "Phone cannot be empty": "Phone cannot be empty",
    "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
    "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
    "Username cannot contain white spaces": "Username cannot contain white spaces",
--- a/i18n/locales/pl/data.json
+++ b/i18n/locales/pl/data.json
@ -30,6 +30,7 @@
  },
  "check": {
    "Affiliation cannot be blank": "Affiliation cannot be blank",
+    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
    "DisplayName cannot be blank": "DisplayName cannot be blank",
    "DisplayName is not valid real name": "DisplayName is not valid real name",
    "Email already exists": "Email already exists",
@ -38,7 +39,9 @@
    "Empty username.": "Empty username.",
    "FirstName cannot be blank": "FirstName cannot be blank",
    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
    "LDAP user name or password incorrect": "LDAP user name or password incorrect",
    "LastName cannot be blank": "LastName cannot be blank",
    "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@ -46,10 +49,15 @@
    "Phone already exists": "Phone already exists",
    "Phone cannot be empty": "Phone cannot be empty",
    "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
    "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
    "Username cannot contain white spaces": "Username cannot contain white spaces",
--- a/i18n/locales/pt/data.json
+++ b/i18n/locales/pt/data.json
@ -30,6 +30,7 @@
  },
  "check": {
    "Affiliation cannot be blank": "Affiliation cannot be blank",
+    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
    "DisplayName cannot be blank": "DisplayName cannot be blank",
    "DisplayName is not valid real name": "DisplayName is not valid real name",
    "Email already exists": "Email already exists",
@ -38,7 +39,9 @@
    "Empty username.": "Empty username.",
    "FirstName cannot be blank": "FirstName cannot be blank",
    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
    "LDAP user name or password incorrect": "LDAP user name or password incorrect",
    "LastName cannot be blank": "LastName cannot be blank",
    "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@ -46,10 +49,15 @@
    "Phone already exists": "Phone already exists",
    "Phone cannot be empty": "Phone cannot be empty",
    "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
    "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
    "Username cannot contain white spaces": "Username cannot contain white spaces",
--- a/i18n/locales/ru/data.json
+++ b/i18n/locales/ru/data.json
@ -30,6 +30,7 @@
  },
  "check": {
    "Affiliation cannot be blank": "Принадлежность не может быть пустым значением",
+    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
    "DisplayName cannot be blank": "Имя отображения не может быть пустым",
    "DisplayName is not valid real name": "DisplayName не является действительным именем",
    "Email already exists": "Электронная почта уже существует",
@ -38,7 +39,9 @@
    "Empty username.": "Пустое имя пользователя.",
    "FirstName cannot be blank": "Имя не может быть пустым",
    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
    "LDAP user name or password incorrect": "Неправильное имя пользователя или пароль Ldap",
    "LastName cannot be blank": "Фамилия не может быть пустой",
    "Multiple accounts with same uid, please check your ldap server": "Множественные учетные записи с тем же UID. Пожалуйста, проверьте свой сервер LDAP",
@ -46,10 +49,15 @@
    "Phone already exists": "Телефон уже существует",
    "Phone cannot be empty": "Телефон не может быть пустым",
    "Phone number is invalid": "Номер телефона является недействительным",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
    "Session outdated, please login again": "Сессия устарела, пожалуйста, войдите снова",
+    "The invitation code has already been used": "The invitation code has already been used",
    "The user is forbidden to sign in, please contact the administrator": "Пользователю запрещен вход, пожалуйста, обратитесь к администратору",
    "The user: %s doesn't exist in LDAP server": "Пользователь %s не существует на LDAP сервере",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "Имя пользователя может состоять только из буквенно-цифровых символов, нижних подчеркиваний или дефисов, не может содержать последовательные дефисы или подчеркивания, а также не может начинаться или заканчиваться на дефис или подчеркивание.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Имя пользователя уже существует",
    "Username cannot be an email address": "Имя пользователя не может быть адресом электронной почты",
    "Username cannot contain white spaces": "Имя пользователя не может содержать пробелы",
--- a/i18n/locales/sv/data.json
+++ b/i18n/locales/sv/data.json
@ -30,6 +30,7 @@
  },
  "check": {
    "Affiliation cannot be blank": "Affiliation cannot be blank",
+    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
    "DisplayName cannot be blank": "DisplayName cannot be blank",
    "DisplayName is not valid real name": "DisplayName is not valid real name",
    "Email already exists": "Email already exists",
@ -38,7 +39,9 @@
    "Empty username.": "Empty username.",
    "FirstName cannot be blank": "FirstName cannot be blank",
    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
    "LDAP user name or password incorrect": "LDAP user name or password incorrect",
    "LastName cannot be blank": "LastName cannot be blank",
    "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@ -46,10 +49,15 @@
    "Phone already exists": "Phone already exists",
    "Phone cannot be empty": "Phone cannot be empty",
    "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
    "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
    "Username cannot contain white spaces": "Username cannot contain white spaces",
--- a/i18n/locales/tr/data.json
+++ b/i18n/locales/tr/data.json
@ -30,6 +30,7 @@
  },
  "check": {
    "Affiliation cannot be blank": "Affiliation cannot be blank",
+    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
    "DisplayName cannot be blank": "DisplayName cannot be blank",
    "DisplayName is not valid real name": "DisplayName is not valid real name",
    "Email already exists": "Email already exists",
@ -38,7 +39,9 @@
    "Empty username.": "Empty username.",
    "FirstName cannot be blank": "FirstName cannot be blank",
    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
    "LDAP user name or password incorrect": "LDAP user name or password incorrect",
    "LastName cannot be blank": "LastName cannot be blank",
    "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@ -46,10 +49,15 @@
    "Phone already exists": "Telefon numarası zaten mevcut",
    "Phone cannot be empty": "Telefon numarası boş olamaz",
    "Phone number is invalid": "Telefon numarası geçersiz",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
    "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Kullanıcı adı zaten var",
    "Username cannot be an email address": "Kullanıcı adı bir e-mail adresi olamaz",
    "Username cannot contain white spaces": "Kullanıcı adı boşluk karakteri içeremez",
--- a/i18n/locales/uk/data.json
+++ b/i18n/locales/uk/data.json
@ -30,6 +30,7 @@
  },
  "check": {
    "Affiliation cannot be blank": "Affiliation cannot be blank",
+    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
    "DisplayName cannot be blank": "DisplayName cannot be blank",
    "DisplayName is not valid real name": "DisplayName is not valid real name",
    "Email already exists": "Email already exists",
@ -38,7 +39,9 @@
    "Empty username.": "Empty username.",
    "FirstName cannot be blank": "FirstName cannot be blank",
    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
    "LDAP user name or password incorrect": "LDAP user name or password incorrect",
    "LastName cannot be blank": "LastName cannot be blank",
    "Multiple accounts with same uid, please check your ldap server": "Multiple accounts with same uid, please check your ldap server",
@ -46,10 +49,15 @@
    "Phone already exists": "Phone already exists",
    "Phone cannot be empty": "Phone cannot be empty",
    "Phone number is invalid": "Phone number is invalid",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
    "Session outdated, please login again": "Session outdated, please login again",
+    "The invitation code has already been used": "The invitation code has already been used",
    "The user is forbidden to sign in, please contact the administrator": "The user is forbidden to sign in, please contact the administrator",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Username already exists",
    "Username cannot be an email address": "Username cannot be an email address",
    "Username cannot contain white spaces": "Username cannot contain white spaces",
--- a/i18n/locales/vi/data.json
+++ b/i18n/locales/vi/data.json
@ -30,6 +30,7 @@
  },
  "check": {
    "Affiliation cannot be blank": "Tình trạng liên kết không thể để trống",
+    "Default code does not match the code's matching rules": "Default code does not match the code's matching rules",
    "DisplayName cannot be blank": "Tên hiển thị không thể để trống",
    "DisplayName is not valid real name": "DisplayName không phải là tên thật hợp lệ",
    "Email already exists": "Email đã tồn tại",
@ -38,7 +39,9 @@
    "Empty username.": "Tên đăng nhập trống.",
    "FirstName cannot be blank": "Tên không được để trống",
    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "Invitation code exhausted",
    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "Invitation code suspended",
    "LDAP user name or password incorrect": "Tên người dùng hoặc mật khẩu Ldap không chính xác",
    "LastName cannot be blank": "Họ không thể để trống",
    "Multiple accounts with same uid, please check your ldap server": "Nhiều tài khoản với cùng một uid, vui lòng kiểm tra máy chủ ldap của bạn",
@ -46,10 +49,15 @@
    "Phone already exists": "Điện thoại đã tồn tại",
    "Phone cannot be empty": "Điện thoại không thể để trống",
    "Phone number is invalid": "Số điện thoại không hợp lệ",
+    "Please register using the email corresponding to the invitation code": "Please register using the email corresponding to the invitation code",
+    "Please register using the phone  corresponding to the invitation code": "Please register using the phone  corresponding to the invitation code",
+    "Please register using the username corresponding to the invitation code": "Please register using the username corresponding to the invitation code",
    "Session outdated, please login again": "Phiên làm việc hết hạn, vui lòng đăng nhập lại",
+    "The invitation code has already been used": "The invitation code has already been used",
    "The user is forbidden to sign in, please contact the administrator": "Người dùng bị cấm đăng nhập, vui lòng liên hệ với quản trị viên",
    "The user: %s doesn't exist in LDAP server": "The user: %s doesn't exist in LDAP server",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "Tên người dùng chỉ có thể chứa các ký tự chữ và số, gạch dưới hoặc gạch ngang, không được có hai ký tự gạch dưới hoặc gạch ngang liền kề và không được bắt đầu hoặc kết thúc bằng dấu gạch dưới hoặc gạch ngang.",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"",
    "Username already exists": "Tên đăng nhập đã tồn tại",
    "Username cannot be an email address": "Tên người dùng không thể là địa chỉ email",
    "Username cannot contain white spaces": "Tên người dùng không thể chứa khoảng trắng",
--- a/i18n/locales/zh/data.json
+++ b/i18n/locales/zh/data.json
@ -30,6 +30,7 @@
  },
  "check": {
    "Affiliation cannot be blank": "工作单位不可为空",
+    "Default code does not match the code's matching rules": "邀请码默认值和邀请码规则不匹配",
    "DisplayName cannot be blank": "显示名称不可为空",
    "DisplayName is not valid real name": "显示名称必须是真实姓名",
    "Email already exists": "该邮箱已存在",
@ -38,7 +39,9 @@
    "Empty username.": "用户名不可为空",
    "FirstName cannot be blank": "名不可以为空",
    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code exhausted": "邀请码使用次数已耗尽",
    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code suspended": "邀请码已被禁止使用",
    "LDAP user name or password incorrect": "LDAP密码错误",
    "LastName cannot be blank": "姓不可以为空",
    "Multiple accounts with same uid, please check your ldap server": "多个帐户具有相同的uid，请检查您的 LDAP 服务器",
@ -46,10 +49,15 @@
    "Phone already exists": "该手机号已存在",
    "Phone cannot be empty": "手机号不可为空",
    "Phone number is invalid": "无效手机号",
+    "Please register using the email corresponding to the invitation code": "请使用邀请码关联的邮箱注册",
+    "Please register using the phone  corresponding to the invitation code": "请使用邀请码关联的手机号注册",
+    "Please register using the username corresponding to the invitation code": "请使用邀请码关联的用户名注册",
    "Session outdated, please login again": "会话已过期，请重新登录",
+    "The invitation code has already been used": "邀请码已被使用",
    "The user is forbidden to sign in, please contact the administrator": "该用户被禁止登录，请联系管理员",
    "The user: %s doesn't exist in LDAP server": "用户: %s 在LDAP服务器中未找到",
    "The username may only contain alphanumeric characters, underlines or hyphens, cannot have consecutive hyphens or underlines, and cannot begin or end with a hyphen or underline.": "用户名只能包含字母数字字符、下划线或连字符，不能有连续的连字符或下划线，也不能以连字符或下划线开头或结尾",
+    "The value \\\"%s\\\" for signup field \\\"%s\\\" doesn't match the signup item regex of the application \\\"%s\\\"": "值\\\"%s\\\"在注册字段\\\"%s\\\"中与应用\\\"%s\\\"的注册项正则表达式不匹配",
    "Username already exists": "用户名已存在",
    "Username cannot be an email address": "用户名不可以是邮箱地址",
    "Username cannot contain white spaces": "用户名禁止包含空格",
--- a/idp/wechat.go
+++ b/idp/wechat.go
@ -20,7 +20,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net/http"
 	"net/url"
 	"strings"
@ -218,7 +217,7 @@ func GetWechatOfficialAccountAccessToken(clientId string, clientSecret string) (
 	}
 	defer resp.Body.Close()

-	respBytes, err := ioutil.ReadAll(resp.Body)
+	respBytes, err := io.ReadAll(resp.Body)
 	if err != nil {
 		return "", err
 	}
@ -255,7 +254,7 @@ func GetWechatOfficialAccountQRCode(clientId string, clientSecret string) (strin
 	}
 	defer resp.Body.Close()

-	respBytes, err := ioutil.ReadAll(resp.Body)
+	respBytes, err := io.ReadAll(resp.Body)
 	if err != nil {
 		return "", err
 	}
--- a/object/adapter.go
+++ b/object/adapter.go
@ -37,7 +37,7 @@ type Adapter struct {
 	Host         string `xorm:"varchar(100)" json:"host"`
 	Port         int    `json:"port"`
 	User         string `xorm:"varchar(100)" json:"user"`
-	Password     string `xorm:"varchar(100)" json:"password"`
+	Password     string `xorm:"varchar(150)" json:"password"`
 	Database     string `xorm:"varchar(100)" json:"database"`

 	*xormadapter.Adapter `xorm:"-" json:"-"`
--- a/object/application.go
+++ b/object/application.go
@ -52,31 +52,32 @@ type Application struct {
 	Name        string `xorm:"varchar(100) notnull pk" json:"name"`
 	CreatedTime string `xorm:"varchar(100)" json:"createdTime"`

-	DisplayName         string          `xorm:"varchar(100)" json:"displayName"`
-	Logo                string          `xorm:"varchar(200)" json:"logo"`
-	HomepageUrl         string          `xorm:"varchar(100)" json:"homepageUrl"`
-	Description         string          `xorm:"varchar(100)" json:"description"`
-	Organization        string          `xorm:"varchar(100)" json:"organization"`
-	Cert                string          `xorm:"varchar(100)" json:"cert"`
-	EnablePassword      bool            `json:"enablePassword"`
-	EnableSignUp        bool            `json:"enableSignUp"`
-	EnableSigninSession bool            `json:"enableSigninSession"`
-	EnableAutoSignin    bool            `json:"enableAutoSignin"`
-	EnableCodeSignin    bool            `json:"enableCodeSignin"`
-	EnableSamlCompress  bool            `json:"enableSamlCompress"`
-	EnableSamlC14n10    bool            `json:"enableSamlC14n10"`
-	EnableWebAuthn      bool            `json:"enableWebAuthn"`
-	EnableLinkWithEmail bool            `json:"enableLinkWithEmail"`
-	OrgChoiceMode       string          `json:"orgChoiceMode"`
-	SamlReplyUrl        string          `xorm:"varchar(100)" json:"samlReplyUrl"`
-	Providers           []*ProviderItem `xorm:"mediumtext" json:"providers"`
-	SigninMethods       []*SigninMethod `xorm:"varchar(2000)" json:"signinMethods"`
-	SignupItems         []*SignupItem   `xorm:"varchar(2000)" json:"signupItems"`
-	GrantTypes          []string        `xorm:"varchar(1000)" json:"grantTypes"`
-	OrganizationObj     *Organization   `xorm:"-" json:"organizationObj"`
-	CertPublicKey       string          `xorm:"-" json:"certPublicKey"`
-	Tags                []string        `xorm:"mediumtext" json:"tags"`
-	SamlAttributes      []*SamlItem     `xorm:"varchar(1000)" json:"samlAttributes"`
+	DisplayName           string          `xorm:"varchar(100)" json:"displayName"`
+	Logo                  string          `xorm:"varchar(200)" json:"logo"`
+	HomepageUrl           string          `xorm:"varchar(100)" json:"homepageUrl"`
+	Description           string          `xorm:"varchar(100)" json:"description"`
+	Organization          string          `xorm:"varchar(100)" json:"organization"`
+	Cert                  string          `xorm:"varchar(100)" json:"cert"`
+	EnablePassword        bool            `json:"enablePassword"`
+	EnableSignUp          bool            `json:"enableSignUp"`
+	EnableSigninSession   bool            `json:"enableSigninSession"`
+	EnableAutoSignin      bool            `json:"enableAutoSignin"`
+	EnableCodeSignin      bool            `json:"enableCodeSignin"`
+	EnableSamlCompress    bool            `json:"enableSamlCompress"`
+	EnableSamlC14n10      bool            `json:"enableSamlC14n10"`
+	EnableSamlPostBinding bool            `json:"enableSamlPostBinding"`
+	EnableWebAuthn        bool            `json:"enableWebAuthn"`
+	EnableLinkWithEmail   bool            `json:"enableLinkWithEmail"`
+	OrgChoiceMode         string          `json:"orgChoiceMode"`
+	SamlReplyUrl          string          `xorm:"varchar(100)" json:"samlReplyUrl"`
+	Providers             []*ProviderItem `xorm:"mediumtext" json:"providers"`
+	SigninMethods         []*SigninMethod `xorm:"varchar(2000)" json:"signinMethods"`
+	SignupItems           []*SignupItem   `xorm:"varchar(2000)" json:"signupItems"`
+	GrantTypes            []string        `xorm:"varchar(1000)" json:"grantTypes"`
+	OrganizationObj       *Organization   `xorm:"-" json:"organizationObj"`
+	CertPublicKey         string          `xorm:"-" json:"certPublicKey"`
+	Tags                  []string        `xorm:"mediumtext" json:"tags"`
+	SamlAttributes        []*SamlItem     `xorm:"varchar(1000)" json:"samlAttributes"`

 	ClientId             string     `xorm:"varchar(100)" json:"clientId"`
 	ClientSecret         string     `xorm:"varchar(100)" json:"clientSecret"`
--- a/object/cert.go~
+++ b/object/cert.go~
--- a/object/check.go
+++ b/object/check.go
@ -152,6 +152,47 @@ func CheckUserSignup(application *Application, organization *Organization, authF
 	return ""
 }

+func CheckInvitationCode(application *Application, organization *Organization, authForm *form.AuthForm, lang string) (*Invitation, string) {
+	if authForm.InvitationCode == "" {
+		if application.IsSignupItemRequired("Invitation code") {
+			return nil, i18n.Translate(lang, "check:Invitation code cannot be blank")
+		} else {
+			return nil, ""
+		}
+	}
+
+	invitations, err := GetInvitations(organization.Name)
+	if err != nil {
+		return nil, err.Error()
+	}
+	errMsg := ""
+	for _, invitation := range invitations {
+		if invitation.Application != application.Name && invitation.Application != "All" {
+			continue
+		}
+		if isValid, msg := invitation.IsInvitationCodeValid(application, authForm.InvitationCode, authForm.Username, authForm.Email, authForm.Phone, lang); isValid {
+			return invitation, msg
+		} else if msg != "" && errMsg == "" {
+			errMsg = msg
+		}
+	}
+
+	if errMsg != "" {
+		return nil, errMsg
+	} else {
+		return nil, i18n.Translate(lang, "check:Invitation code is invalid")
+	}
+}
+
+func CheckInvitationDefaultCode(code string, defaultCode string, lang string) error {
+	if matched, err := util.IsInvitationCodeMatch(code, defaultCode); err != nil {
+		return err
+	} else if !matched {
+		return fmt.Errorf(i18n.Translate(lang, "check:Default code does not match the code's matching rules"))
+	}
+	return nil
+}
+
 func checkSigninErrorTimes(user *User, lang string) error {
 	failedSigninLimit, failedSigninFrozenTime, err := GetFailedSigninConfigByUser(user)
 	if err != nil {
@ -282,7 +323,7 @@ func checkLdapUserPassword(user *User, password string, lang string) error {
 		}
 		return fmt.Errorf(i18n.Translate(lang, "check:LDAP user name or password incorrect"))
 	}
-	return nil
+	return resetUserSigninErrorTimes(user)
 }

 func CheckUserPassword(organization string, username string, password string, lang string, options ...bool) (*User, error) {
--- a/object/invitation.go
+++ b/object/invitation.go
@ -17,6 +17,7 @@ package object
 import (
 	"fmt"

+	"github.com/casdoor/casdoor/i18n"
 	"github.com/casdoor/casdoor/util"
 	"github.com/xorm-io/core"
 )
@ -28,7 +29,8 @@ type Invitation struct {
 	UpdatedTime string `xorm:"varchar(100)" json:"updatedTime"`
 	DisplayName string `xorm:"varchar(100)" json:"displayName"`

-	Code      string `xorm:"varchar(100)" json:"code"`
+	Code      string `xorm:"varchar(100) index" json:"code"`
+	IsRegexp  bool   `json:"isRegexp"`
 	Quota     int    `json:"quota"`
 	UsedCount int    `json:"usedCount"`

@ -38,6 +40,7 @@ type Invitation struct {
 	Phone       string `xorm:"varchar(100)" json:"phone"`

 	SignupGroup string `xorm:"varchar(100)" json:"signupGroup"`
+	DefaultCode string `xorm:"varchar(100)" json:"defaultCode"`

 	State string `xorm:"varchar(100)" json:"state"`
 }
@ -91,7 +94,45 @@ func GetInvitation(id string) (*Invitation, error) {
 	return getInvitation(owner, name)
 }

-func UpdateInvitation(id string, invitation *Invitation) (bool, error) {
+func GetInvitationByCode(code string, organizationName string, lang string) (*Invitation, string) {
+	invitations, err := GetInvitations(organizationName)
+	if err != nil {
+		return nil, err.Error()
+	}
+	errMsg := ""
+	for _, invitation := range invitations {
+		if isValid, msg := invitation.SimpleCheckInvitationCode(code, lang); isValid {
+			return invitation, msg
+		} else if msg != "" && errMsg == "" {
+			errMsg = msg
+		}
+	}
+
+	if errMsg != "" {
+		return nil, errMsg
+	} else {
+		return nil, i18n.Translate(lang, "check:Invitation code is invalid")
+	}
+}
+
+func GetMaskedInvitation(invitation *Invitation) *Invitation {
+	if invitation == nil {
+		return nil
+	}
+
+	invitation.CreatedTime = ""
+	invitation.UpdatedTime = ""
+	invitation.Code = "***"
+	invitation.DefaultCode = "***"
+	invitation.IsRegexp = false
+	invitation.Quota = -1
+	invitation.UsedCount = -1
+	invitation.SignupGroup = ""
+
+	return invitation
+}
+
+func UpdateInvitation(id string, invitation *Invitation, lang string) (bool, error) {
 	owner, name := util.GetOwnerAndNameFromId(id)
 	if p, err := getInvitation(owner, name); err != nil {
 		return false, err
@ -99,6 +140,17 @@ func UpdateInvitation(id string, invitation *Invitation) (bool, error) {
 		return false, nil
 	}

+	if isRegexp, err := util.IsRegexp(invitation.Code); err != nil {
+		return false, err
+	} else {
+		invitation.IsRegexp = isRegexp
+	}
+
+	err := CheckInvitationDefaultCode(invitation.Code, invitation.DefaultCode, lang)
+	if err != nil {
+		return false, err
+	}
+
 	affected, err := ormer.Engine.ID(core.PK{owner, name}).AllCols().Update(invitation)
 	if err != nil {
 		return false, err
@ -107,7 +159,18 @@ func UpdateInvitation(id string, invitation *Invitation) (bool, error) {
 	return affected != 0, nil
 }

-func AddInvitation(invitation *Invitation) (bool, error) {
+func AddInvitation(invitation *Invitation, lang string) (bool, error) {
+	if isRegexp, err := util.IsRegexp(invitation.Code); err != nil {
+		return false, err
+	} else {
+		invitation.IsRegexp = isRegexp
+	}
+
+	err := CheckInvitationDefaultCode(invitation.Code, invitation.DefaultCode, lang)
+	if err != nil {
+		return false, err
+	}
+
 	affected, err := ormer.Engine.Insert(invitation)
 	if err != nil {
 		return false, err
@ -132,3 +195,43 @@ func (invitation *Invitation) GetId() string {
 func VerifyInvitation(id string) (payment *Payment, attachInfo map[string]interface{}, err error) {
 	return nil, nil, fmt.Errorf("the invitation: %s does not exist", id)
 }
+
+func (invitation *Invitation) SimpleCheckInvitationCode(invitationCode string, lang string) (bool, string) {
+	if matched, err := util.IsInvitationCodeMatch(invitation.Code, invitationCode); err != nil {
+		return false, err.Error()
+	} else if !matched {
+		return false, ""
+	}
+
+	if invitation.State != "Active" {
+		return false, i18n.Translate(lang, "check:Invitation code suspended")
+	}
+	if invitation.UsedCount >= invitation.Quota {
+		return false, i18n.Translate(lang, "check:Invitation code exhausted")
+	}
+
+	// Determine whether the invitation code is in the form of a regular expression other than pure numbers and letters
+	if invitation.IsRegexp {
+		user, _ := GetUserByInvitationCode(invitation.Owner, invitationCode)
+		if user != nil {
+			return false, i18n.Translate(lang, "check:The invitation code has already been used")
+		}
+	}
+	return true, ""
+}
+
+func (invitation *Invitation) IsInvitationCodeValid(application *Application, invitationCode string, username string, email string, phone string, lang string) (bool, string) {
+	if isValid, msg := invitation.SimpleCheckInvitationCode(invitationCode, lang); !isValid {
+		return false, msg
+	}
+	if application.IsSignupItemRequired("Username") && invitation.Username != "" && invitation.Username != username {
+		return false, i18n.Translate(lang, "check:Please register using the username corresponding to the invitation code")
+	}
+	if application.IsSignupItemRequired("Email") && invitation.Email != "" && invitation.Email != email {
+		return false, i18n.Translate(lang, "check:Please register using the email corresponding to the invitation code")
+	}
+	if application.IsSignupItemRequired("Phone") && invitation.Phone != "" && invitation.Phone != phone {
+		return false, i18n.Translate(lang, "check:Please register using the phone  corresponding to the invitation code")
+	}
+	return true, ""
+}
--- a/object/mfa_sms.go
+++ b/object/mfa_sms.go
@ -35,10 +35,7 @@ type SmsMfa struct {
 func (mfa *SmsMfa) Initiate(ctx *context.Context, userId string) (*MfaProps, error) {
 	recoveryCode := uuid.NewString()

-	err := ctx.Input.CruSession.Set(MfaRecoveryCodesSession, []string{recoveryCode})
-	if err != nil {
-		return nil, err
-	}
+	ctx.Output.Session(MfaRecoveryCodesSession, []string{recoveryCode})

 	mfaProps := MfaProps{
 		MfaType:       mfa.Config.MfaType,
--- a/object/mfa_totp.go
+++ b/object/mfa_totp.go
@ -55,16 +55,10 @@ func (mfa *TotpMfa) Initiate(ctx *context.Context, userId string) (*MfaProps, er
 		return nil, err
 	}

-	err = ctx.Input.CruSession.Set(MfaTotpSecretSession, key.Secret())
-	if err != nil {
-		return nil, err
-	}
+	ctx.Output.Session(MfaTotpSecretSession, key.Secret())

 	recoveryCode := uuid.NewString()
-	err = ctx.Input.CruSession.Set(MfaRecoveryCodesSession, []string{recoveryCode})
-	if err != nil {
-		return nil, err
-	}
+	ctx.Output.Session(MfaRecoveryCodesSession, []string{recoveryCode})

 	mfaProps := MfaProps{
 		MfaType:       mfa.Config.MfaType,
--- a/object/saml_idp.go
+++ b/object/saml_idp.go
@ -198,7 +198,7 @@ type Attribute struct {
 	Values       []string `xml:"AttributeValue"`
 }

-func GetSamlMeta(application *Application, host string) (*IdpEntityDescriptor, error) {
+func GetSamlMeta(application *Application, host string, enablePostBinding bool) (*IdpEntityDescriptor, error) {
 	cert, err := getCertByApplication(application)
 	if err != nil {
 		return nil, err
@ -217,6 +217,13 @@ func GetSamlMeta(application *Application, host string) (*IdpEntityDescriptor, e

 	originFrontend, originBackend := getOriginFromHost(host)

+	idpLocation := ""
+	if enablePostBinding {
+		idpLocation = fmt.Sprintf("%s/api/saml/redirect/%s/%s", originBackend, application.Owner, application.Name)
+	} else {
+		idpLocation = fmt.Sprintf("%s/login/saml/authorize/%s/%s", originFrontend, application.Owner, application.Name)
+	}
+
 	d := IdpEntityDescriptor{
 		XMLName: xml.Name{
 			Local: "md:EntityDescriptor",
@ -248,7 +255,7 @@ func GetSamlMeta(application *Application, host string) (*IdpEntityDescriptor, e
 			},
 			SingleSignOnService: SingleSignOnService{
 				Binding:  "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect",
-				Location: fmt.Sprintf("%s/login/saml/authorize/%s/%s", originFrontend, application.Owner, application.Name),
+				Location: idpLocation,
 			},
 			ProtocolSupportEnumeration: "urn:oasis:names:tc:SAML:2.0:protocol",
 		},
@ -442,3 +449,8 @@ func NewSamlResponse11(user *User, requestID string, host string) *etree.Element

 	return samlResponse
 }
+
+func GetSamlRedirectAddress(owner string, application string, relayState string, samlRequest string, host string) string {
+	originF, _ := getOriginFromHost(host)
+	return fmt.Sprintf("%s/login/saml/authorize/%s/%s?relayState=%s&samlRequest=%s", originF, owner, application, relayState, samlRequest)
+}
--- a/object/sms.go
+++ b/object/sms.go
@ -27,7 +27,7 @@ func getSmsClient(provider *Provider) (sender.SmsClient, error) {
 	if provider.Type == sender.HuaweiCloud || provider.Type == sender.AzureACS {
 		client, err = sender.NewSmsClient(provider.Type, provider.ClientId, provider.ClientSecret, provider.SignName, provider.TemplateCode, provider.ProviderUrl, provider.AppId)
 	} else if provider.Type == "Custom HTTP SMS" {
-		client, err = newHttpSmsClient(provider.Endpoint, provider.Method, provider.Title)
+		client, err = newHttpSmsClient(provider.Endpoint, provider.Method, provider.Title, provider.TemplateCode)
 	} else {
 		client, err = sender.NewSmsClient(provider.Type, provider.ClientId, provider.ClientSecret, provider.SignName, provider.TemplateCode, provider.AppId)
 	}
--- a/object/sms_custom_http.go
+++ b/object/sms_custom_http.go
@ -27,20 +27,26 @@ type HttpSmsClient struct {
 	endpoint  string
 	method    string
 	paramName string
+	template  string
 }

-func newHttpSmsClient(endpoint string, method string, paramName string) (*HttpSmsClient, error) {
+func newHttpSmsClient(endpoint, method, paramName, template string) (*HttpSmsClient, error) {
+	if template == "" {
+		template = "%s"
+	}
 	client := &HttpSmsClient{
 		endpoint:  endpoint,
 		method:    method,
 		paramName: paramName,
+		template:  template,
 	}
 	return client, nil
 }

 func (c *HttpSmsClient) SendMessage(param map[string]string, targetPhoneNumber ...string) error {
 	phoneNumber := targetPhoneNumber[0]
-	content := param["code"]
+	code := param["code"]
+	content := fmt.Sprintf(c.template, code)

 	var req *http.Request
 	var err error
--- a/object/syncer.go
+++ b/object/syncer.go
@ -43,7 +43,7 @@ type Syncer struct {
 	Host             string         `xorm:"varchar(100)" json:"host"`
 	Port             int            `json:"port"`
 	User             string         `xorm:"varchar(100)" json:"user"`
-	Password         string         `xorm:"varchar(100)" json:"password"`
+	Password         string         `xorm:"varchar(150)" json:"password"`
 	Database         string         `xorm:"varchar(100)" json:"database"`
 	Table            string         `xorm:"varchar(100)" json:"table"`
 	TableColumns     []*TableColumn `xorm:"mediumtext" json:"tableColumns"`
--- a/object/syncer_util.go
+++ b/object/syncer_util.go
@ -93,6 +93,8 @@ func (syncer *Syncer) setUserByKeyValue(user *User, key string, value string) {
 		user.CreatedTime = value
 	case "UpdatedTime":
 		user.UpdatedTime = value
+	case "DeletedTime":
+		user.DeletedTime = value
 	case "Id":
 		user.Id = value
 	case "Type":
@ -266,6 +268,7 @@ func (syncer *Syncer) getMapFromOriginalUser(user *OriginalUser) map[string]stri
 	m["Name"] = user.Name
 	m["CreatedTime"] = user.CreatedTime
 	m["UpdatedTime"] = user.UpdatedTime
+	m["DeletedTime"] = user.DeletedTime
 	m["Id"] = user.Id
 	m["Type"] = user.Type
 	m["Password"] = user.Password
--- a/object/token.go
+++ b/object/token.go
@ -186,6 +186,26 @@ func GetTokenByRefreshToken(refreshToken string) (*Token, error) {
 	return &token, nil
 }

+func GetTokenByTokenValue(tokenValue string) (*Token, error) {
+	token, err := GetTokenByAccessToken(tokenValue)
+	if err != nil {
+		return nil, err
+	}
+	if token != nil {
+		return token, nil
+	}
+
+	token, err = GetTokenByRefreshToken(tokenValue)
+	if err != nil {
+		return nil, err
+	}
+	if token != nil {
+		return token, nil
+	}
+
+	return nil, nil
+}
+
 func updateUsedByCode(token *Token) bool {
 	affected, err := ormer.Engine.Where("code=?", token.Code).Cols("code_is_used").Update(token)
 	if err != nil {
@ -283,20 +303,6 @@ func ExpireTokenByAccessToken(accessToken string) (bool, *Application, *Token, e
 	return affected != 0, application, token, nil
 }

-func GetTokenByTokenAndApplication(token string, application string) (*Token, error) {
-	tokenResult := Token{}
-	existed, err := ormer.Engine.Where("(refresh_token = ? or access_token = ? ) and application = ?", token, token, application).Get(&tokenResult)
-	if err != nil {
-		return nil, err
-	}
-
-	if !existed {
-		return nil, nil
-	}
-
-	return &tokenResult, nil
-}
-
 func CheckOAuthLogin(clientId string, responseType string, redirectUri string, scope string, state string, lang string) (string, *Application, error) {
 	if responseType != "code" && responseType != "token" && responseType != "id_token" {
 		return fmt.Sprintf(i18n.Translate(lang, "token:Grant_type: %s is not supported in this application"), responseType), nil, nil
--- a/object/token_jwt.go
+++ b/object/token_jwt.go
@ -40,7 +40,7 @@ type UserShort struct {
 	DisplayName string `xorm:"varchar(100)" json:"displayName"`
 	Avatar      string `xorm:"varchar(500)" json:"avatar"`
 	Email       string `xorm:"varchar(100) index" json:"email"`
-	Phone       string `xorm:"varchar(20) index" json:"phone"`
+	Phone       string `xorm:"varchar(100) index" json:"phone"`
 }

 type UserWithoutThirdIdp struct {
@ -48,10 +48,11 @@ type UserWithoutThirdIdp struct {
 	Name        string `xorm:"varchar(100) notnull pk" json:"name"`
 	CreatedTime string `xorm:"varchar(100) index" json:"createdTime"`
 	UpdatedTime string `xorm:"varchar(100)" json:"updatedTime"`
+	DeletedTime string `xorm:"varchar(100)" json:"deletedTime"`

 	Id                string   `xorm:"varchar(100) index" json:"id"`
 	Type              string   `xorm:"varchar(100)" json:"type"`
-	Password          string   `xorm:"varchar(100)" json:"password"`
+	Password          string   `xorm:"varchar(150)" json:"password"`
 	PasswordSalt      string   `xorm:"varchar(100)" json:"passwordSalt"`
 	PasswordType      string   `xorm:"varchar(100)" json:"passwordType"`
 	DisplayName       string   `xorm:"varchar(100)" json:"displayName"`
@ -62,7 +63,7 @@ type UserWithoutThirdIdp struct {
 	PermanentAvatar   string   `xorm:"varchar(500)" json:"permanentAvatar"`
 	Email             string   `xorm:"varchar(100) index" json:"email"`
 	EmailVerified     bool     `json:"emailVerified"`
-	Phone             string   `xorm:"varchar(20) index" json:"phone"`
+	Phone             string   `xorm:"varchar(100) index" json:"phone"`
 	CountryCode       string   `xorm:"varchar(6)" json:"countryCode"`
 	Region            string   `xorm:"varchar(100)" json:"region"`
 	Location          string   `xorm:"varchar(100)" json:"location"`
@ -167,6 +168,7 @@ func getUserWithoutThirdIdp(user *User) *UserWithoutThirdIdp {
 		Name:        user.Name,
 		CreatedTime: user.CreatedTime,
 		UpdatedTime: user.UpdatedTime,
+		DeletedTime: user.DeletedTime,

 		Id:                user.Id,
 		Type:              user.Type,
--- a/object/user.go
+++ b/object/user.go
@ -49,11 +49,12 @@ type User struct {
 	Name        string `xorm:"varchar(100) notnull pk" json:"name"`
 	CreatedTime string `xorm:"varchar(100) index" json:"createdTime"`
 	UpdatedTime string `xorm:"varchar(100)" json:"updatedTime"`
+	DeletedTime string `xorm:"varchar(100)" json:"deletedTime"`

 	Id                string   `xorm:"varchar(100) index" json:"id"`
 	ExternalId        string   `xorm:"varchar(100) index" json:"externalId"`
 	Type              string   `xorm:"varchar(100)" json:"type"`
-	Password          string   `xorm:"varchar(100)" json:"password"`
+	Password          string   `xorm:"varchar(150)" json:"password"`
 	PasswordSalt      string   `xorm:"varchar(100)" json:"passwordSalt"`
 	PasswordType      string   `xorm:"varchar(100)" json:"passwordType"`
 	DisplayName       string   `xorm:"varchar(100)" json:"displayName"`
@ -64,7 +65,7 @@ type User struct {
 	PermanentAvatar   string   `xorm:"varchar(500)" json:"permanentAvatar"`
 	Email             string   `xorm:"varchar(100) index" json:"email"`
 	EmailVerified     bool     `json:"emailVerified"`
-	Phone             string   `xorm:"varchar(20) index" json:"phone"`
+	Phone             string   `xorm:"varchar(100) index" json:"phone"`
 	CountryCode       string   `xorm:"varchar(6)" json:"countryCode"`
 	Region            string   `xorm:"varchar(100)" json:"region"`
 	Location          string   `xorm:"varchar(100)" json:"location"`
@ -183,6 +184,8 @@ type User struct {
 	MfaPhoneEnabled     bool                  `json:"mfaPhoneEnabled"`
 	MfaEmailEnabled     bool                  `json:"mfaEmailEnabled"`
 	MultiFactorAuths    []*MfaProps           `xorm:"-" json:"multiFactorAuths,omitempty"`
+	Invitation          string                `xorm:"varchar(100) index" json:"invitation"`
+	InvitationCode      string                `xorm:"varchar(100) index" json:"invitationCode"`

 	Ldap       string            `xorm:"ldap varchar(100)" json:"ldap"`
 	Properties map[string]string `json:"properties"`
@ -496,6 +499,24 @@ func GetUserByUserIdOnly(userId string) (*User, error) {
 	}
 }

+func GetUserByInvitationCode(owner string, invitationCode string) (*User, error) {
+	if owner == "" || invitationCode == "" {
+		return nil, nil
+	}
+
+	user := User{Owner: owner, InvitationCode: invitationCode}
+	existed, err := ormer.Engine.Get(&user)
+	if err != nil {
+		return nil, err
+	}
+
+	if existed {
+		return &user, nil
+	} else {
+		return nil, nil
+	}
+}
+
 func GetUserByAccessKey(accessKey string) (*User, error) {
 	if accessKey == "" {
 		return nil, nil
@ -619,7 +640,7 @@ func UpdateUser(id string, user *User, columns []string, isAdmin bool) (bool, er
 	if len(columns) == 0 {
 		columns = []string{
 			"owner", "display_name", "avatar", "first_name", "last_name",
-			"location", "address", "country_code", "region", "language", "affiliation", "title", "homepage", "bio", "tag", "language", "gender", "birthday", "education", "score", "karma", "ranking", "signup_application",
+			"location", "address", "country_code", "region", "language", "affiliation", "title", "id_card_type", "id_card", "homepage", "bio", "tag", "language", "gender", "birthday", "education", "score", "karma", "ranking", "signup_application",
 			"is_admin", "is_forbidden", "is_deleted", "hash", "is_default_avatar", "properties", "webauthnCredentials", "managedAccounts",
 			"signin_wrong_times", "last_signin_wrong_time", "groups", "access_key", "access_secret",
 			"github", "google", "qq", "wechat", "facebook", "dingtalk", "weibo", "gitee", "linkedin", "wecom", "lark", "gitlab", "adfs",
@ -638,6 +659,10 @@ func UpdateUser(id string, user *User, columns []string, isAdmin bool) (bool, er
 	columns = append(columns, "updated_time")
 	user.UpdatedTime = util.GetCurrentTime()

+	if len(user.DeletedTime) > 0 {
+		columns = append(columns, "deleted_time")
+	}
+
 	if util.ContainsString(columns, "groups") {
 		_, err := userEnforcer.UpdateGroupsForUser(user.GetId(), user.Groups)
 		if err != nil {
--- a/object/user_upload.go
+++ b/object/user_upload.go
@ -134,6 +134,7 @@ func UploadUsers(owner string, path string) (bool, error) {
 			LastSigninIp:      parseLineItem(&line, 38),
 			Ldap:              "",
 			Properties:        map[string]string{},
+			DeletedTime:       parseLineItem(&line, 39),
 		}

 		if _, ok := oldUserMap[user.GetId()]; !ok {
--- a/routers/authz_filter.go
+++ b/routers/authz_filter.go
@ -164,6 +164,10 @@ func getUrlPath(urlPath string) string {
 		return "/api/webauthn"
 	}

+	if strings.HasPrefix(urlPath, "/api/saml/redirect") {
+		return "/api/saml/redirect"
+	}
+
 	return urlPath
 }

--- a/routers/router.go
+++ b/routers/router.go
@ -60,6 +60,7 @@ func initAPI() {
 	beego.Router("/api/get-saml-login", &controllers.ApiController{}, "GET:GetSamlLogin")
 	beego.Router("/api/acs", &controllers.ApiController{}, "POST:HandleSamlLogin")
 	beego.Router("/api/saml/metadata", &controllers.ApiController{}, "GET:GetSamlMeta")
+	beego.Router("/api/saml/redirect/:owner/:application", &controllers.ApiController{}, "*:HandleSamlRedirect")
 	beego.Router("/api/webhook", &controllers.ApiController{}, "POST:HandleOfficialAccountEvent")
 	beego.Router("/api/get-webhook-event", &controllers.ApiController{}, "GET:GetWebhookEventType")
 	beego.Router("/api/get-captcha-status", &controllers.ApiController{}, "GET:GetCaptchaStatus")
@ -93,6 +94,7 @@ func initAPI() {

 	beego.Router("/api/get-invitations", &controllers.ApiController{}, "GET:GetInvitations")
 	beego.Router("/api/get-invitation", &controllers.ApiController{}, "GET:GetInvitation")
+	beego.Router("/api/get-invitation-info", &controllers.ApiController{}, "GET:GetInvitationCodeInfo")
 	beego.Router("/api/update-invitation", &controllers.ApiController{}, "POST:UpdateInvitation")
 	beego.Router("/api/add-invitation", &controllers.ApiController{}, "POST:AddInvitation")
 	beego.Router("/api/delete-invitation", &controllers.ApiController{}, "POST:DeleteInvitation")
--- a/swagger/swagger.json
+++ b/swagger/swagger.json
@ -5592,6 +5592,9 @@
                "enableSamlCompress": {
                    "type": "boolean"
                },
+                "enableSamlPostBinding": {
+                    "type": "boolean"
+                },
                "enableSignUp": {
                    "type": "boolean"
                },
@ -7446,6 +7449,9 @@
                "displayName": {
                    "type": "string"
                },
+                "deletedTime": {
+                    "type": "string"
+                },
                "douyin": {
                    "type": "string"
                },
--- a/swagger/swagger.yml
+++ b/swagger/swagger.yml
@ -4900,6 +4900,8 @@ definitions:
        type: string
      deezer:
        type: string
+      deletedTime:
+        type: string
      digitalocean:
        type: string
      dingtalk:
--- a/util/json.go
+++ b/util/json.go
@ -14,7 +14,10 @@

 package util

-import "encoding/json"
+import (
+	"encoding/json"
+	"reflect"
+)

 func StructToJson(v interface{}) string {
 	data, err := json.Marshal(v)
@ -37,3 +40,30 @@ func StructToJsonFormatted(v interface{}) string {
 func JsonToStruct(data string, v interface{}) error {
 	return json.Unmarshal([]byte(data), v)
 }
+
+func TryJsonToAnonymousStruct(j string) (interface{}, error) {
+	var data map[string]interface{}
+	if err := json.Unmarshal([]byte(j), &data); err != nil {
+		return nil, err
+	}
+
+	// Create a slice of StructFields
+	fields := make([]reflect.StructField, 0, len(data))
+	for k, v := range data {
+		fields = append(fields, reflect.StructField{
+			Name: k,
+			Type: reflect.TypeOf(v),
+		})
+	}
+
+	// Create the struct type
+	t := reflect.StructOf(fields)
+
+	// Unmarshal again, this time to the new struct type
+	val := reflect.New(t)
+	i := val.Interface()
+	if err := json.Unmarshal([]byte(j), &i); err != nil {
+		return nil, err
+	}
+	return i, nil
+}
--- a/util/path.go
+++ b/util/path.go
@ -16,7 +16,6 @@ package util

 import (
 	"fmt"
-	"io/ioutil"
 	"net/url"
 	"os"
 	"path/filepath"
@ -40,7 +39,7 @@ func GetPath(path string) string {
 func ListFiles(path string) []string {
 	res := []string{}

-	files, err := ioutil.ReadDir(path)
+	files, err := os.ReadDir(path)
 	if err != nil {
 		panic(err)
 	}
--- a/util/setting.go
+++ b/util/setting.go
@ -14,10 +14,10 @@

 package util

-import "io/ioutil"
+import "os"

 func GetUploadXlsxPath(fileId string) string {
-	file, err := ioutil.TempFile("", fileId)
+	file, err := os.CreateTemp("", fileId)
 	if err != nil {
 		panic(err)
 	}
--- a/util/string.go
+++ b/util/string.go
@ -324,9 +324,16 @@ func GetUsernameFromEmail(email string) string {
 }

 func StringToInterfaceArray(array []string) []interface{} {
-	var interfaceArray []interface{}
-	for _, v := range array {
-		interfaceArray = append(interfaceArray, v)
+	var (
+		interfaceArray []interface{}
+		elem           interface{}
+	)
+	for _, elem = range array {
+		jStruct, err := TryJsonToAnonymousStruct(elem.(string))
+		if err == nil {
+			elem = jStruct
+		}
+		interfaceArray = append(interfaceArray, elem)
 	}
 	return interfaceArray
 }
--- a/util/system.go
+++ b/util/system.go
@ -119,6 +119,9 @@ func GetVersionInfo() (*VersionInfo, error) {
 	}

 	cIter, err := r.Log(&git.LogOptions{From: ref.Hash()})
+	if err != nil {
+		return res, err
+	}

 	commitOffset := 0
 	version := ""
--- a/util/system_test.go
+++ b/util/system_test.go
@ -70,6 +70,9 @@ func TestGetVersion(t *testing.T) {

 	testHash := plumbing.NewHash("f8bc87eb4e5ba3256424cf14aafe0549f812f1cf")
 	cIter, err := r.Log(&git.LogOptions{From: testHash})
+	if err != nil {
+		t.Log(err)
+	}

 	aheadCnt := 0
 	releaseVersion := ""
--- a/util/validation.go
+++ b/util/validation.go
@ -18,6 +18,7 @@ import (
 	"fmt"
 	"net/mail"
 	"regexp"
+	"strings"

 	"github.com/nyaruka/phonenumbers"
 )
@ -53,6 +54,23 @@ func IsPhoneAllowInRegin(countryCode string, allowRegions []string) bool {
 	return ContainsString(allowRegions, countryCode)
 }

+func IsRegexp(s string) (bool, error) {
+	if _, err := regexp.Compile(s); err != nil {
+		return false, err
+	}
+	return regexp.QuoteMeta(s) != s, nil
+}
+
+func IsInvitationCodeMatch(pattern string, invitationCode string) (bool, error) {
+	if !strings.HasPrefix(pattern, "^") {
+		pattern = "^" + pattern
+	}
+	if !strings.HasSuffix(pattern, "$") {
+		pattern = pattern + "$"
+	}
+	return regexp.MatchString(pattern, invitationCode)
+}
+
 func GetE164Number(phone string, countryCode string) (string, bool) {
 	phoneNumber, _ := phonenumbers.Parse(phone, countryCode)
 	return phonenumbers.Format(phoneNumber, phonenumbers.E164), phonenumbers.IsValidNumber(phoneNumber)
--- a/web/src/App.js
+++ b/web/src/App.js
@ -735,7 +735,9 @@ class App extends Component {
                  account={this.state.account}
                  theme={this.state.themeData}
                  onLoginSuccess={(redirectUrl) => {
-                    localStorage.setItem("mfaRedirectUrl", redirectUrl);
+                    if (redirectUrl) {
+                      localStorage.setItem("mfaRedirectUrl", redirectUrl);
+                    }
                    this.getAccount();
                  }}
                  onUpdateAccount={(account) => this.onUpdateAccount(account)}
--- a/web/src/ApplicationEditPage.js
+++ b/web/src/ApplicationEditPage.js
@ -116,7 +116,6 @@ class ApplicationEditPage extends React.Component {
    this.getApplication();
    this.getOrganizations();
    this.getProviders();
-    this.getSamlMetadata();
  }

  getApplication() {
@ -146,6 +145,8 @@ class ApplicationEditPage extends React.Component {
        });

        this.getCerts(application.organization);
+
+        this.getSamlMetadata(application.enableSamlPostBinding);
      });
  }

@ -186,8 +187,8 @@ class ApplicationEditPage extends React.Component {
      });
  }

-  getSamlMetadata() {
-    ApplicationBackend.getSamlMetadata("admin", this.state.applicationName)
+  getSamlMetadata(checked) {
+    ApplicationBackend.getSamlMetadata("admin", this.state.applicationName, checked)
      .then((data) => {
        this.setState({
          samlMetadata: data,
@ -663,6 +664,17 @@ class ApplicationEditPage extends React.Component {
            }} />
          </Col>
        </Row>
+        <Row style={{marginTop: "20px"}} >
+          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 19 : 2}>
+            {Setting.getLabel(i18next.t("application:Enable SAML POST binding"), i18next.t("application:Enable SAML POST binding - Tooltip"))} :
+          </Col>
+          <Col span={1} >
+            <Switch checked={this.state.application.enableSamlPostBinding} onChange={checked => {
+              this.updateApplicationField("enableSamlPostBinding", checked);
+              this.getSamlMetadata(checked);
+            }} />
+          </Col>
+        </Row>
        <Row style={{marginTop: "20px"}} >
          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
            {Setting.getLabel(i18next.t("general:SAML attributes"), i18next.t("general:SAML attributes - Tooltip"))} :
@ -688,7 +700,7 @@ class ApplicationEditPage extends React.Component {
            />
            <br />
            <Button style={{marginBottom: "10px"}} type="primary" shape="round" icon={<CopyOutlined />} onClick={() => {
-              copy(`${window.location.origin}/api/saml/metadata?application=admin/${encodeURIComponent(this.state.applicationName)}`);
+              copy(`${window.location.origin}/api/saml/metadata?application=admin/${encodeURIComponent(this.state.applicationName)}&post=${this.state.application.enableSamlPostBinding}`);
              Setting.showMessage("success", i18next.t("general:Copied to clipboard successfully"));
            }}
            >
--- a/web/src/InvitationEditPage.js
+++ b/web/src/InvitationEditPage.js
@ -19,6 +19,7 @@ import * as OrganizationBackend from "./backend/OrganizationBackend";
 import * as ApplicationBackend from "./backend/ApplicationBackend";
 import * as Setting from "./Setting";
 import i18next from "i18next";
+import copy from "copy-to-clipboard";

 const {Option} = Select;

@ -99,6 +100,18 @@ class InvitationEditPage extends React.Component {
          {this.state.mode === "add" ? i18next.t("invitation:New Invitation") : i18next.t("invitation:Edit Invitation")}&nbsp;&nbsp;&nbsp;&nbsp;
          <Button onClick={() => this.submitInvitationEdit(false)}>{i18next.t("general:Save")}</Button>
          <Button style={{marginLeft: "20px"}} type="primary" onClick={() => this.submitInvitationEdit(true)}>{i18next.t("general:Save & Exit")}</Button>
+          <Button style={{marginLeft: "20px"}} onClick={() => {
+            let defaultApplication;
+            if (this.state.invitation.owner === "built-in") {
+              defaultApplication = "app-built-in";
+            } else {
+              defaultApplication = Setting.getArrayItem(this.state.organizations, "name", this.state.invitation.owner).defaultApplication;
+            }
+            copy(`${window.location.origin}/signup/${defaultApplication}?invitationCode=${this.state.invitation?.defaultCode}`);
+            Setting.showMessage("success", i18next.t("general:Copied to clipboard successfully"));
+          }}>
+            {i18next.t("application:Copy signup page URL")}
+          </Button>
          {this.state.mode === "add" ? <Button style={{marginLeft: "20px"}} onClick={() => this.deleteInvitation()}>{i18next.t("general:Cancel")}</Button> : null}
        </div>
      } style={(Setting.isMobile()) ? {margin: "5px"} : {}} type="inner">
@ -107,7 +120,7 @@ class InvitationEditPage extends React.Component {
            {Setting.getLabel(i18next.t("general:Organization"), i18next.t("general:Organization - Tooltip"))} :
          </Col>
          <Col span={22} >
-            <Select virtual={false} style={{width: "100%"}} disabled={!Setting.isAdminUser(this.props.account) || isCreatedByPlan} value={this.state.invitation.owner} onChange={(value => {this.updateInvitationField("owner", value);})}>
+            <Select virtual={false} style={{width: "100%"}} disabled={!Setting.isAdminUser(this.props.account) || isCreatedByPlan} value={this.state.invitation.owner} onChange={(value => {this.updateInvitationField("owner", value); this.getApplicationsByOrganization(value);})}>
              {
                this.state.organizations.map((organization, index) => <Option key={index} value={organization.name}>{organization.name}</Option>)
              }
@ -140,10 +153,24 @@ class InvitationEditPage extends React.Component {
          </Col>
          <Col span={22} >
            <Input value={this.state.invitation.code} onChange={e => {
+              const regex = /[^a-zA-Z0-9]/;
+              if (!regex.test(e.target.value)) {
+                this.updateInvitationField("defaultCode", e.target.value);
+              }
              this.updateInvitationField("code", e.target.value);
            }} />
          </Col>
        </Row>
+        <Row style={{marginTop: "20px"}} >
+          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+            {Setting.getLabel(i18next.t("invitation:Default code"), i18next.t("invitation:Default code - Tooltip"))} :
+          </Col>
+          <Col span={22} >
+            <Input value={this.state.invitation.defaultCode} onChange={e => {
+              this.updateInvitationField("defaultCode", e.target.value);
+            }} />
+          </Col>
+        </Row>
        <Row style={{marginTop: "20px"}} >
          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
            {Setting.getLabel(i18next.t("invitation:Quota"), i18next.t("invitation:Quota - Tooltip"))} :
@ -171,8 +198,10 @@ class InvitationEditPage extends React.Component {
          <Col span={22} >
            <Select virtual={false} style={{width: "100%"}} value={this.state.invitation.application}
              onChange={(value => {this.updateInvitationField("application", value);})}
-              options={this.state.applications.map((application) => Setting.getOption(application.name, application.name))
-              } />
+              options={[
+                {label: "All", value: i18next.t("general:All")},
+                ...this.state.applications.map((application) => Setting.getOption(application.name, application.name)),
+              ]} />
          </Col>
        </Row>
        <Row style={{marginTop: "20px"}} >
@ -272,6 +301,18 @@ class InvitationEditPage extends React.Component {
        <div style={{marginTop: "20px", marginLeft: "40px"}}>
          <Button size="large" onClick={() => this.submitInvitationEdit(false)}>{i18next.t("general:Save")}</Button>
          <Button style={{marginLeft: "20px"}} type="primary" size="large" onClick={() => this.submitInvitationEdit(true)}>{i18next.t("general:Save & Exit")}</Button>
+          <Button style={{marginLeft: "20px"}} size="large" onClick={() => {
+            let defaultApplication;
+            if (this.state.invitation.owner === "built-in") {
+              defaultApplication = "app-built-in";
+            } else {
+              defaultApplication = Setting.getArrayItem(this.state.organizations, "name", this.state.invitation.owner).defaultApplication;
+            }
+            copy(`${window.location.origin}/signup/${defaultApplication}?invitationCode=${this.state.invitation?.defaultCode}`);
+            Setting.showMessage("success", i18next.t("general:Copied to clipboard successfully"));
+          }}>
+            {i18next.t("application:Copy signup page URL")}
+          </Button>
          {this.state.mode === "add" ? <Button style={{marginLeft: "20px"}} size="large" onClick={() => this.deleteInvitation()}>{i18next.t("general:Cancel")}</Button> : null}
        </div>
      </div>
--- a/web/src/InvitationListPage.js
+++ b/web/src/InvitationListPage.js
@ -22,22 +22,23 @@ import * as InvitationBackend from "./backend/InvitationBackend";
 import i18next from "i18next";
 import BaseListPage from "./BaseListPage";
 import PopconfirmModal from "./common/modal/PopconfirmModal";
-import copy from "copy-to-clipboard";

 class InvitationListPage extends BaseListPage {
  newInvitation() {
    const randomName = Setting.getRandomName();
    const owner = Setting.getRequestOrganization(this.props.account);
+    const code = Math.random().toString(36).slice(-10);
    return {
      owner: owner,
      name: `invitation_${randomName}`,
      createdTime: moment().format(),
      updatedTime: moment().format(),
      displayName: `New Invitation - ${randomName}`,
-      code: Math.random().toString(36).slice(-10),
+      code: code,
+      defaultCode: code,
      quota: 1,
      usedCount: 0,
-      application: "",
+      application: "All",
      username: "",
      email: "",
      phone: "",
@ -225,17 +226,11 @@ class InvitationListPage extends BaseListPage {
        title: i18next.t("general:Action"),
        dataIndex: "",
        key: "op",
-        width: "350px",
+        width: "180px",
        fixed: (Setting.isMobile()) ? "false" : "right",
        render: (text, record, index) => {
          return (
            <div>
-              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} onClick={() => {
-                copy(`${window.location.origin}/login/${record.owner}?invitation_code=${record.code}`);
-                Setting.showMessage("success", i18next.t("general:Copied to clipboard successfully"));
-              }}>
-                {i18next.t("application:Copy signup page URL")}
-              </Button>
              <Button style={{marginTop: "10px", marginBottom: "10px", marginRight: "10px"}} type="primary" onClick={() => this.props.history.push(`/invitations/${record.owner}/${record.name}`)}>{i18next.t("general:Edit")}</Button>
              <PopconfirmModal
                title={i18next.t("general:Sure to delete") + `: ${record.name} ?`}
--- a/web/src/OrganizationEditPage.js
+++ b/web/src/OrganizationEditPage.js
@ -184,7 +184,7 @@ class OrganizationEditPage extends React.Component {
          </Col>
          <Col span={22} >
            <Select virtual={false} style={{width: "100%"}} value={this.state.organization.passwordType} onChange={(value => {this.updateOrganizationField("passwordType", value);})}
-              options={["plain", "salt", "md5-salt", "bcrypt", "pbkdf2-salt", "argon2id"].map(item => Setting.getOption(item, item))}
+              options={["plain", "salt", "sha512-salt", "md5-salt", "bcrypt", "pbkdf2-salt", "argon2id"].map(item => Setting.getOption(item, item))}
            />
          </Col>
        </Row>
--- a/web/src/ProviderEditPage.js
+++ b/web/src/ProviderEditPage.js
@ -1041,7 +1041,7 @@ class ProviderEditPage extends React.Component {
                </Row>
                )
              }
-              {["Custom HTTP SMS", "Infobip SMS"].includes(this.state.provider.type) ?
+              {["Infobip SMS"].includes(this.state.provider.type) ?
                null :
                (<Row style={{marginTop: "20px"}} >
                  <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
--- a/web/src/Setting.js
+++ b/web/src/Setting.js
@ -1448,7 +1448,7 @@ export function getFriendlyUserName(account) {
 }

 export function getUserCommonFields() {
-  return ["Owner", "Name", "CreatedTime", "UpdatedTime", "Id", "Type", "Password", "PasswordSalt", "DisplayName", "FirstName", "LastName", "Avatar", "PermanentAvatar",
+  return ["Owner", "Name", "CreatedTime", "UpdatedTime", "DeletedTime", "Id", "Type", "Password", "PasswordSalt", "DisplayName", "FirstName", "LastName", "Avatar", "PermanentAvatar",
    "Email", "EmailVerified", "Phone", "Location", "Address", "Affiliation", "Title", "IdCardType", "IdCard", "Homepage", "Bio", "Tag", "Region",
    "Language", "Gender", "Birthday", "Education", "Score", "Ranking", "IsDefaultAvatar", "IsOnline", "IsAdmin", "IsForbidden", "IsDeleted", "CreatedIp",
    "PreferredMfaType", "TotpSecret", "SignupApplication"];
--- a/web/src/UserEditPage.js
+++ b/web/src/UserEditPage.js
@ -27,6 +27,7 @@ import * as ApplicationBackend from "./backend/ApplicationBackend";
 import PasswordModal from "./common/modal/PasswordModal";
 import ResetModal from "./common/modal/ResetModal";
 import AffiliationSelect from "./common/select/AffiliationSelect";
+import moment from "moment";
 import OAuthWidget from "./common/OAuthWidget";
 import SamlWidget from "./common/SamlWidget";
 import RegionSelect from "./common/select/RegionSelect";
@ -122,6 +123,17 @@ class UserEditPage extends React.Component {
        this.setState({
          applications: res.data || [],
        });
+
+        const applications = res.data;
+        if (this.state.user) {
+          if (this.state.user.signupApplication === "" || applications.filter(application => application.name === this.state.user.signupApplication).length === 0) {
+            if (applications.length > 0) {
+              this.updateUserField("signupApplication", applications[0].name);
+            } else {
+              this.updateUserField("signupApplication", "");
+            }
+          }
+        }
      });
  }

@ -858,6 +870,7 @@ class UserEditPage extends React.Component {
          <Col span={(Setting.isMobile()) ? 22 : 2} >
            <Switch checked={this.state.user.isDeleted} onChange={checked => {
              this.updateUserField("isDeleted", checked);
+              this.updateUserField("deletedTime", checked ? moment().format() : "");
            }} />
          </Col>
        </Row>
@ -890,11 +903,9 @@ class UserEditPage extends React.Component {
                      </Space>
                      {item.enabled ? (
                        <Space>
-                          {item.enabled ?
-                            <Tag icon={<CheckCircleOutlined />} color="success">
-                              {i18next.t("general:Enabled")}
-                            </Tag> : null
-                          }
+                          <Tag icon={<CheckCircleOutlined />} color="success">
+                            {i18next.t("general:Enabled")}
+                          </Tag>
                          {item.isPreferred ?
                            <Tag icon={<CheckCircleOutlined />} color="blue" style={{marginRight: 20}} >
                              {i18next.t("mfa:preferred")}
@ -916,18 +927,23 @@ class UserEditPage extends React.Component {
                              {i18next.t("mfa:Set preferred")}
                            </Button>
                          }
+                          {this.isSelf() ? <Button type={"default"} onClick={() => {
+                            this.props.history.push(`/mfa/setup?mfaType=${item.mfaType}`);
+                          }}>
+                            {i18next.t("general:Edit")}
+                          </Button> : null}
                        </Space>
                      ) :
                        <Space>
-                          {item.mfaType !== TotpMfaType && Setting.isAdminUser(this.props.account) && window.location.href.indexOf("/users") !== -1 ?
+                          {item.mfaType !== TotpMfaType && Setting.isLocalAdminUser(this.props.account) && !this.isSelf() ?
                            <EnableMfaModal user={this.state.user} mfaType={item.mfaType} onSuccess={() => {
                              this.getUser();
                            }} /> : null}
-                          <Button type={"default"} onClick={() => {
+                          {this.isSelf() ? <Button type={"default"} onClick={() => {
                            this.props.history.push(`/mfa/setup?mfaType=${item.mfaType}`);
                          }}>
                            {i18next.t("mfa:Setup")}
-                          </Button>
+                          </Button> : null}
                        </Space>}
                    </List.Item>
                  )}
--- a/web/src/UserListPage.js
+++ b/web/src/UserListPage.js
@ -70,7 +70,7 @@ class UserListPage extends BaseListPage {
      password: "123",
      passwordSalt: "",
      displayName: `New User - ${randomName}`,
-      avatar: `${Setting.StaticBaseUrl}/img/casbin.svg`,
+      avatar: this.state.organization.defaultAvatar ?? `${Setting.StaticBaseUrl}/img/casbin.svg`,
      email: `${randomName}@example.com`,
      phone: Setting.getRandomNumber(),
      countryCode: this.state.organization.countryCodes?.length > 0 ? this.state.organization.countryCodes[0] : "",
--- a/web/src/WebhookEditPage.js
+++ b/web/src/WebhookEditPage.js
@ -62,6 +62,7 @@ const userTemplate = {
  "name": "admin",
  "createdTime": "2020-07-16T21:46:52+08:00",
  "updatedTime": "",
+  "deletedTime": "",
  "id": "9eb20f79-3bb5-4e74-99ac-39e3b9a171e8",
  "type": "normal-user",
  "password": "***",
--- a/web/src/auth/MfaSetupPage.js
+++ b/web/src/auth/MfaSetupPage.js
@ -98,7 +98,7 @@ class MfaSetupPage extends React.Component {

  renderMfaTypeSwitch() {
    const renderSmsLink = () => {
-      if (this.state.mfaType === SmsMfaType || this.props.account.mfaPhoneEnabled) {
+      if (this.state.mfaType === SmsMfaType) {
        return null;
      }
      return (<Button type={"link"} onClick={() => {
@ -112,7 +112,7 @@ class MfaSetupPage extends React.Component {
    };

    const renderEmailLink = () => {
-      if (this.state.mfaType === EmailMfaType || this.props.account.mfaEmailEnabled) {
+      if (this.state.mfaType === EmailMfaType) {
        return null;
      }
      return (<Button type={"link"} onClick={() => {
@ -126,7 +126,7 @@ class MfaSetupPage extends React.Component {
    };

    const renderTotpLink = () => {
-      if (this.state.mfaType === TotpMfaType || this.props.account.totpSecret !== "") {
+      if (this.state.mfaType === TotpMfaType) {
        return null;
      }
      return (<Button type={"link"} onClick={() => {
@ -191,7 +191,9 @@ class MfaSetupPage extends React.Component {
          onSuccess={() => {
            Setting.showMessage("success", i18next.t("general:Enabled successfully"));
            this.props.onfinish();
-            if (localStorage.getItem("mfaRedirectUrl") !== null) {
+
+            const mfaRedirectUrl = localStorage.getItem("mfaRedirectUrl");
+            if (mfaRedirectUrl !== undefined && mfaRedirectUrl !== null) {
              Setting.goToLink(localStorage.getItem("mfaRedirectUrl"));
              localStorage.removeItem("mfaRedirectUrl");
            } else {
--- a/web/src/auth/SignupPage.js
+++ b/web/src/auth/SignupPage.js
@ -29,6 +29,7 @@ import LanguageSelect from "../common/select/LanguageSelect";
 import {withRouter} from "react-router-dom";
 import {CountryCodeSelect} from "../common/select/CountryCodeSelect";
 import * as PasswordChecker from "../common/PasswordChecker";
+import * as InvitationBackend from "../backend/InvitationBackend";

 const formItemLayout = {
  labelCol: {
@ -93,6 +94,15 @@ class SignupPage extends React.Component {
    if (this.getApplicationObj() === undefined) {
      if (this.state.applicationName !== null) {
        this.getApplication(this.state.applicationName);
+
+        const sp = new URLSearchParams(window.location.search);
+        if (sp.has("invitationCode")) {
+          const invitationCode = sp.get("invitationCode");
+          this.setState({invitationCode: invitationCode});
+          if (invitationCode !== "") {
+            this.getInvitationCodeInfo(invitationCode, "admin/" + this.state.applicationName);
+          }
+        }
      } else if (oAuthParams !== null) {
        this.getApplicationLogin(oAuthParams);
      } else {
@ -133,6 +143,17 @@ class SignupPage extends React.Component {
      });
  }

+  getInvitationCodeInfo(invitationCode, application) {
+    InvitationBackend.getInvitationCodeInfo(invitationCode, application)
+      .then((res) => {
+        if (res.status === "error") {
+          Setting.showMessage("error", res.msg);
+          return;
+        }
+        this.setState({invitation: res.data});
+      });
+  }
+
  getResultPath(application, signupParams) {
    if (signupParams?.plan && signupParams?.pricing) {
      // the prompt page needs the user to be signed in, so for paid-user sign up, just go to buy-plan page
@ -235,7 +256,7 @@ class SignupPage extends React.Component {
            },
          ]}
        >
-          <Input placeholder={signupItem.placeholder} />
+          <Input placeholder={signupItem.placeholder} disabled={this.state.invitation !== undefined && this.state.invitation.username !== ""} />
        </Form.Item>
      );
    } else if (signupItem.name === "Display name") {
@ -363,7 +384,7 @@ class SignupPage extends React.Component {
              },
            ]}
          >
-            <Input placeholder={signupItem.placeholder} onChange={e => this.setState({email: e.target.value})} />
+            <Input placeholder={signupItem.placeholder} disabled={this.state.invitation !== undefined && this.state.invitation.email !== ""} onChange={e => this.setState({email: e.target.value})} />
          </Form.Item>
          {
            signupItem.rule !== "No verification" &&
@ -434,6 +455,7 @@ class SignupPage extends React.Component {
                <Input
                  placeholder={signupItem.placeholder}
                  style={{width: "65%"}}
+                  disabled={this.state.invitation !== undefined && this.state.invitation.phone !== ""}
                  onChange={e => this.setState({phone: e.target.value})}
                />
              </Form.Item>
@ -524,7 +546,7 @@ class SignupPage extends React.Component {
            },
          ]}
        >
-          <Input placeholder={signupItem.placeholder} />
+          <Input placeholder={signupItem.placeholder} disabled={this.state.invitation !== undefined && this.state.invitation !== ""} />
        </Form.Item>
      );
    } else if (signupItem.name === "Agreement") {
@ -554,6 +576,20 @@ class SignupPage extends React.Component {
        </Result>
      );
    }
+    if (this.state.invitation !== undefined) {
+      if (this.state.invitation.username !== "") {
+        this.form.current?.setFieldValue("username", this.state.invitation.username);
+      }
+      if (this.state.invitation.email !== "") {
+        this.form.current?.setFieldValue("email", this.state.invitation.email);
+      }
+      if (this.state.invitation.phone !== "") {
+        this.form.current?.setFieldValue("phone", this.state.invitation.phone);
+      }
+      if (this.state.invitationCode !== "") {
+        this.form.current?.setFieldValue("invitationCode", this.state.invitationCode);
+      }
+    }
    return (
      <Form
        {...formItemLayout}
--- a/web/src/auth/mfa/MfaVerifyTotpForm.js
+++ b/web/src/auth/mfa/MfaVerifyTotpForm.js
@ -51,6 +51,7 @@ export const MfaVerifyTotpForm = ({mfaProps, onFinish}) => {
          style={{marginTop: 24}}
          prefix={<UserOutlined />}
          placeholder={i18next.t("mfa:Passcode")}
+          autoComplete="off"
        />
      </Form.Item>
      <Form.Item>
--- a/web/src/backend/ApplicationBackend.js
+++ b/web/src/backend/ApplicationBackend.js
@ -89,8 +89,8 @@ export function deleteApplication(application) {
  }).then(res => res.json());
 }

-export function getSamlMetadata(owner, name) {
-  return fetch(`${Setting.ServerUrl}/api/saml/metadata?application=${owner}/${encodeURIComponent(name)}`, {
+export function getSamlMetadata(owner, name, enablePostBinding) {
+  return fetch(`${Setting.ServerUrl}/api/saml/metadata?application=${owner}/${encodeURIComponent(name)}&enablePostBinding=${enablePostBinding}`, {
    method: "GET",
    credentials: "include",
    headers: {
--- a/web/src/backend/InvitationBackend.js
+++ b/web/src/backend/InvitationBackend.js
@ -34,6 +34,16 @@ export function getInvitation(owner, name) {
  }).then(res => res.json());
 }

+export function getInvitationCodeInfo(code, applicationName) {
+  return fetch(`${Setting.ServerUrl}/api/get-invitation-info?code=${code}&applicationId=${encodeURIComponent(applicationName)}`, {
+    method: "GET",
+    credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
+  }).then(res => res.json());
+}
+
 export function updateInvitation(owner, name, invitation) {
  const newInvitation = Setting.deepCopy(invitation);
  return fetch(`${Setting.ServerUrl}/api/update-invitation?id=${owner}/${encodeURIComponent(name)}`, {
--- a/web/src/common/SendCodeInput.js
+++ b/web/src/common/SendCodeInput.js
@ -70,6 +70,7 @@ export const SendCodeInput = ({value, disabled, textBefore, onChange, onButtonCl
          </Button>
        }
        onSearch={() => setVisible(true)}
+        autoComplete="one-time-code"
      />
      <CaptchaModal
        owner={application.owner}
--- a/web/src/locales/ar/data.json
+++ b/web/src/locales/ar/data.json
@ -388,6 +388,8 @@
  "invitation": {
    "Code": "Code",
    "Code - Tooltip": "Code - Tooltip",
+    "Default code": "Default code",
+    "Default code - Tooltip": "When the invitation code is a regular expression, please enter the invitation code that matches the regular expression rule as the default invitation code for the invitation link",
    "Edit Invitation": "Edit Invitation",
    "New Invitation": "New Invitation",
    "Quota": "Quota",
--- a/web/src/locales/de/data.json
+++ b/web/src/locales/de/data.json
@ -388,6 +388,8 @@
  "invitation": {
    "Code": "Code",
    "Code - Tooltip": "Code - Tooltip",
+    "Default code": "Default code",
+    "Default code - Tooltip": "When the invitation code is a regular expression, please enter the invitation code that matches the regular expression rule as the default invitation code for the invitation link",
    "Edit Invitation": "Edit Invitation",
    "New Invitation": "New Invitation",
    "Quota": "Quota",
--- a/web/src/locales/en/data.json
+++ b/web/src/locales/en/data.json
@ -36,6 +36,8 @@
    "Enable SAML C14N10 - Tooltip": "Use C14N10 instead of C14N11 in SAML",
    "Enable SAML compression": "Enable SAML compression",
    "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
+    "Enable SAML POST binding": "Enable SAML POST binding",
+    "Enable SAML POST binding - Tooltip": "The HTTP POST binding uses input fields in a HTML form to send SAML messages, Enable when your SP use it",
    "Enable side panel": "Enable side panel",
    "Enable signin session - Tooltip": "Whether Casdoor maintains a session after logging into Casdoor from the application",
    "Enable signup": "Enable signup",
@ -388,6 +390,8 @@
  "invitation": {
    "Code": "Code",
    "Code - Tooltip": "Can be a single string as an invitation code, or a regular expression. All strings matching the regular expression are valid invitation codes",
+    "Default code": "Default code",
+    "Default code - Tooltip": "When the invitation code is a regular expression, please enter the invitation code that matches the regular expression rule as the default invitation code for the invitation link",
    "Edit Invitation": "Edit Invitation",
    "New Invitation": "New Invitation",
    "Quota": "Quota",
--- a/web/src/locales/es/data.json
+++ b/web/src/locales/es/data.json
@ -388,6 +388,8 @@
  "invitation": {
    "Code": "Code",
    "Code - Tooltip": "Code - Tooltip",
+    "Default code": "Default code",
+    "Default code - Tooltip": "When the invitation code is a regular expression, please enter the invitation code that matches the regular expression rule as the default invitation code for the invitation link",
    "Edit Invitation": "Edit Invitation",
    "New Invitation": "New Invitation",
    "Quota": "Quota",
--- a/web/src/locales/fa/data.json
+++ b/web/src/locales/fa/data.json
@ -388,6 +388,8 @@
  "invitation": {
    "Code": "Code",
    "Code - Tooltip": "Code - Tooltip",
+    "Default code": "Default code",
+    "Default code - Tooltip": "When the invitation code is a regular expression, please enter the invitation code that matches the regular expression rule as the default invitation code for the invitation link",
    "Edit Invitation": "Edit Invitation",
    "New Invitation": "New Invitation",
    "Quota": "Quota",
--- a/web/src/locales/fi/data.json
+++ b/web/src/locales/fi/data.json
@ -388,6 +388,8 @@
  "invitation": {
    "Code": "Code",
    "Code - Tooltip": "Code - Tooltip",
+    "Default code": "Default code",
+    "Default code - Tooltip": "When the invitation code is a regular expression, please enter the invitation code that matches the regular expression rule as the default invitation code for the invitation link",
    "Edit Invitation": "Edit Invitation",
    "New Invitation": "New Invitation",
    "Quota": "Quota",
--- a/web/src/locales/fr/data.json
+++ b/web/src/locales/fr/data.json
@ -388,6 +388,8 @@
  "invitation": {
    "Code": "Code",
    "Code - Tooltip": "Code - Tooltip",
+    "Default code": "Default code",
+    "Default code - Tooltip": "When the invitation code is a regular expression, please enter the invitation code that matches the regular expression rule as the default invitation code for the invitation link",
    "Edit Invitation": "Edit Invitation",
    "New Invitation": "New Invitation",
    "Quota": "Quota",
--- a/web/src/locales/he/data.json
+++ b/web/src/locales/he/data.json
@ -388,6 +388,8 @@
  "invitation": {
    "Code": "Code",
    "Code - Tooltip": "Code - Tooltip",
+    "Default code": "Default code",
+    "Default code - Tooltip": "When the invitation code is a regular expression, please enter the invitation code that matches the regular expression rule as the default invitation code for the invitation link",
    "Edit Invitation": "Edit Invitation",
    "New Invitation": "New Invitation",
    "Quota": "Quota",
--- a/web/src/locales/id/data.json
+++ b/web/src/locales/id/data.json
@ -388,6 +388,8 @@
  "invitation": {
    "Code": "Code",
    "Code - Tooltip": "Code - Tooltip",
+    "Default code": "Default code",
+    "Default code - Tooltip": "When the invitation code is a regular expression, please enter the invitation code that matches the regular expression rule as the default invitation code for the invitation link",
    "Edit Invitation": "Edit Invitation",
    "New Invitation": "New Invitation",
    "Quota": "Quota",
--- a/web/src/locales/it/data.json
+++ b/web/src/locales/it/data.json
@ -388,6 +388,8 @@
  "invitation": {
    "Code": "Code",
    "Code - Tooltip": "Code - Tooltip",
+    "Default code": "Default code",
+    "Default code - Tooltip": "When the invitation code is a regular expression, please enter the invitation code that matches the regular expression rule as the default invitation code for the invitation link",
    "Edit Invitation": "Edit Invitation",
    "New Invitation": "New Invitation",
    "Quota": "Quota",
--- a/web/src/locales/ja/data.json
+++ b/web/src/locales/ja/data.json
@ -388,6 +388,8 @@
  "invitation": {
    "Code": "Code",
    "Code - Tooltip": "Code - Tooltip",
+    "Default code": "Default code",
+    "Default code - Tooltip": "When the invitation code is a regular expression, please enter the invitation code that matches the regular expression rule as the default invitation code for the invitation link",
    "Edit Invitation": "Edit Invitation",
    "New Invitation": "New Invitation",
    "Quota": "Quota",
--- a/web/src/locales/kk/data.json
+++ b/web/src/locales/kk/data.json
@ -388,6 +388,8 @@
  "invitation": {
    "Code": "Code",
    "Code - Tooltip": "Code - Tooltip",
+    "Default code": "Default code",
+    "Default code - Tooltip": "When the invitation code is a regular expression, please enter the invitation code that matches the regular expression rule as the default invitation code for the invitation link",
    "Edit Invitation": "Edit Invitation",
    "New Invitation": "New Invitation",
    "Quota": "Quota",
--- a/web/src/locales/ko/data.json
+++ b/web/src/locales/ko/data.json
@ -388,6 +388,8 @@
  "invitation": {
    "Code": "Code",
    "Code - Tooltip": "Code - Tooltip",
+    "Default code": "Default code",
+    "Default code - Tooltip": "When the invitation code is a regular expression, please enter the invitation code that matches the regular expression rule as the default invitation code for the invitation link",
    "Edit Invitation": "Edit Invitation",
    "New Invitation": "New Invitation",
    "Quota": "Quota",
--- a/web/src/locales/ms/data.json
+++ b/web/src/locales/ms/data.json
@ -388,6 +388,8 @@
  "invitation": {
    "Code": "Code",
    "Code - Tooltip": "Code - Tooltip",
+    "Default code": "Default code",
+    "Default code - Tooltip": "When the invitation code is a regular expression, please enter the invitation code that matches the regular expression rule as the default invitation code for the invitation link",
    "Edit Invitation": "Edit Invitation",
    "New Invitation": "New Invitation",
    "Quota": "Quota",
--- a/web/src/locales/nl/data.json
+++ b/web/src/locales/nl/data.json
@ -388,6 +388,8 @@
  "invitation": {
    "Code": "Code",
    "Code - Tooltip": "Code - Tooltip",
+    "Default code": "Default code",
+    "Default code - Tooltip": "When the invitation code is a regular expression, please enter the invitation code that matches the regular expression rule as the default invitation code for the invitation link",
    "Edit Invitation": "Edit Invitation",
    "New Invitation": "New Invitation",
    "Quota": "Quota",
--- a/web/src/locales/pl/data.json
+++ b/web/src/locales/pl/data.json
@ -388,6 +388,8 @@
  "invitation": {
    "Code": "Code",
    "Code - Tooltip": "Code - Tooltip",
+    "Default code": "Default code",
+    "Default code - Tooltip": "When the invitation code is a regular expression, please enter the invitation code that matches the regular expression rule as the default invitation code for the invitation link",
    "Edit Invitation": "Edit Invitation",
    "New Invitation": "New Invitation",
    "Quota": "Quota",
--- a/web/src/locales/pt/data.json
+++ b/web/src/locales/pt/data.json
@ -388,6 +388,8 @@
  "invitation": {
    "Code": "Code",
    "Code - Tooltip": "Code - Tooltip",
+    "Default code": "Default code",
+    "Default code - Tooltip": "When the invitation code is a regular expression, please enter the invitation code that matches the regular expression rule as the default invitation code for the invitation link",
    "Edit Invitation": "Edit Invitation",
    "New Invitation": "New Invitation",
    "Quota": "Quota",
--- a/web/src/locales/ru/data.json
+++ b/web/src/locales/ru/data.json
@ -388,6 +388,8 @@
  "invitation": {
    "Code": "Code",
    "Code - Tooltip": "Code - Tooltip",
+    "Default code": "Default code",
+    "Default code - Tooltip": "When the invitation code is a regular expression, please enter the invitation code that matches the regular expression rule as the default invitation code for the invitation link",
    "Edit Invitation": "Edit Invitation",
    "New Invitation": "New Invitation",
    "Quota": "Quota",
--- a/web/src/locales/sv/data.json
+++ b/web/src/locales/sv/data.json
@ -388,6 +388,8 @@
  "invitation": {
    "Code": "Code",
    "Code - Tooltip": "Code - Tooltip",
+    "Default code": "Default code",
+    "Default code - Tooltip": "When the invitation code is a regular expression, please enter the invitation code that matches the regular expression rule as the default invitation code for the invitation link",
    "Edit Invitation": "Edit Invitation",
    "New Invitation": "New Invitation",
    "Quota": "Quota",
--- a/web/src/locales/tr/data.json
+++ b/web/src/locales/tr/data.json
@ -388,6 +388,8 @@
  "invitation": {
    "Code": "Code",
    "Code - Tooltip": "Code - Tooltip",
+    "Default code": "Default code",
+    "Default code - Tooltip": "When the invitation code is a regular expression, please enter the invitation code that matches the regular expression rule as the default invitation code for the invitation link",
    "Edit Invitation": "Edit Invitation",
    "New Invitation": "New Invitation",
    "Quota": "Quota",
--- a/web/src/locales/uk/data.json
+++ b/web/src/locales/uk/data.json
@ -388,6 +388,8 @@
  "invitation": {
    "Code": "Code",
    "Code - Tooltip": "Code - Tooltip",
+    "Default code": "Default code",
+    "Default code - Tooltip": "When the invitation code is a regular expression, please enter the invitation code that matches the regular expression rule as the default invitation code for the invitation link",
    "Edit Invitation": "Edit Invitation",
    "New Invitation": "New Invitation",
    "Quota": "Quota",
--- a/web/src/locales/vi/data.json
+++ b/web/src/locales/vi/data.json
@ -388,6 +388,8 @@
  "invitation": {
    "Code": "Code",
    "Code - Tooltip": "Code - Tooltip",
+    "Default code": "Default code",
+    "Default code - Tooltip": "When the invitation code is a regular expression, please enter the invitation code that matches the regular expression rule as the default invitation code for the invitation link",
    "Edit Invitation": "Edit Invitation",
    "New Invitation": "New Invitation",
    "Quota": "Quota",
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Yang Luo	901867e8bb	feat: fix /signup parameter issue	2024-02-03 10:00:47 +08:00
HGZ-20	b7be1943fa	feat: Add Invitation Code to Generate Invitation Link (#2666 ) Add auto-population of invitation fields in the registration page based on the invitation code in the link	2024-02-02 21:12:56 +08:00
Yaodong Yu	bbbda1982f	feat: fix missing MFA session issue (#2667 )	2024-02-02 10:23:17 +08:00
dacongda	e593f5be5b	fix: improve code format (#2665 ) * feat: replace io/ioutils pacakage with io/os package * fix: add missing error handling	2024-02-01 23:06:12 +08:00
Dmitri Aleksandrov	0918757e85	feat: add template support for Custom HTTP SMS provider (#2662 )	2024-02-01 17:50:22 +08:00
dacongda	ce0d45a70b	feat: support SAML POST binding (#2661 ) * fix: support saml http post binding * fix: support saml http post binding * fix: support saml post binding sp	2024-02-01 17:28:56 +08:00
Konstantin	c4096788b2	feat: ABAC support for /api/enforce endpoint (#2660 )	2024-01-31 23:14:55 +08:00
dacongda	523186f895	feat: Support sha512 password encryption algorithm (#2657 ) * add sha512 encryption support for password * fead: add sha512 encryption support for password	2024-01-31 00:06:06 +08:00
Satinder Singh	ef373ca736	feat: add deletedTime to user (#2652 )	2024-01-30 23:18:32 +08:00
Yang Luo	721a681ff1	fix: improve error handling in GetUserApplication()	2024-01-30 21:40:39 +08:00
Yang Luo	8b1c4b0c75	feat: make phone field longer to 100	2024-01-30 19:06:18 +08:00
Yang Luo	540f22f8bd	feat: refactor GetTokenByTokenValue()	2024-01-29 10:03:33 +08:00
Yang Luo	79f81f1356	Improve error handling in IntrospectToken()	2024-01-29 09:58:40 +08:00
Yaodong Yu	4e145f71b5	feat: improve MFA UI and jump URL (#2647 ) * fix: mfa UI * fix: mfa UI	2024-01-28 16:46:35 +08:00
Yang Luo	104f975a2f	fix: fix wrong org issue for user's "signupApplication"	2024-01-28 01:51:03 +08:00
Yang Luo	71bb400559	feat: support using org's defaultAvatar when adding user in web UI	2024-01-28 01:07:20 +08:00
Yang Luo	93c3c78d42	feat: support "id_card" in UpdateUser()	2024-01-26 08:23:55 +08:00
Zhang Zhe	dd51bbbabf	feat: fix autoComplete for MFA passcode and SMS code (#2642 ) * update: mfa autoComplete="off" * Update SendCodeInput.js --------- Co-authored-by: hsluoyz <hsluoyz@qq.com>	2024-01-23 19:52:16 +08:00
HGZ-20	5318519bf8	fix: fix bug in LDAP user login error count (#2636 ) Fix the issue where the login error count is not reset to 0 after a successful LDAP user login.	2024-01-22 13:42:11 +08:00
HGZ-20	d7c40459c0	feat: implement the enforcement for new invitation page (#2628 ) Added new invitation code implementation	2024-01-22 02:25:13 +08:00