feat: fix issue that admin cannot enable MFA for user (#2702 )

feat: show domain field for MinIO storage provider
Fix SigninTable issue
2025-07-15 04:13:49 +08:00 · 2024-02-14 23:29:04 +08:00 · 2024-02-14 13:54:17 +08:00 · 2024-02-14 12:20:03 +08:00 · 2024-02-14 12:10:30 +08:00 · 2024-02-14 09:45:21 +08:00
68 changed files with 1823 additions and 514 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -127,7 +127,7 @@ jobs:
  release-and-push:
    name: Release And Push
    runs-on: ubuntu-latest
-    if: github.repository == 'casbin/casdoor' && github.event_name == 'push'
+    if: github.repository == 'casdoor/casdoor' && github.event_name == 'push'
    needs: [ frontend, backend, linter, e2e ]
    steps:
      - name: Checkout
@ -182,14 +182,14 @@ jobs:

      - name: Log in to Docker Hub
        uses: docker/login-action@v1
-        if: github.repository == 'casbin/casdoor' && github.event_name == 'push' && steps.should_push.outputs.push=='true'
+        if: github.repository == 'casdoor/casdoor' && github.event_name == 'push' && steps.should_push.outputs.push=='true'
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_PASSWORD }}

      - name: Push to Docker Hub
        uses: docker/build-push-action@v3
-        if: github.repository == 'casbin/casdoor' && github.event_name == 'push' && steps.should_push.outputs.push=='true'
+        if: github.repository == 'casdoor/casdoor' && github.event_name == 'push' && steps.should_push.outputs.push=='true'
        with:
          context: .
          target: STANDARD
@ -199,7 +199,7 @@ jobs:

      - name: Push All In One Version to Docker Hub
        uses: docker/build-push-action@v3
-        if: github.repository == 'casbin/casdoor' && github.event_name == 'push' && steps.should_push.outputs.push=='true'
+        if: github.repository == 'casdoor/casdoor' && github.event_name == 'push' && steps.should_push.outputs.push=='true'
        with:
          context: .
          target: ALLINONE
--- a/.github/workflows/sync.yml
+++ b/.github/workflows/sync.yml
@ -7,7 +7,7 @@ on:
 jobs:
  synchronize-with-crowdin:
    runs-on: ubuntu-latest
-    if: github.repository == 'casbin/casdoor' && github.event_name == 'push'
+    if: github.repository == 'casdoor/casdoor' && github.event_name == 'push'
    steps:

    - name: Checkout
--- a/README.md
+++ b/README.md
@ -87,8 +87,7 @@ https://casdoor.org/docs/category/integrations
 ## How to contact?

 - Discord: https://discord.gg/5rPsrAzK7S
- Forum: https://forum.casbin.com
- Contact: https://tawk.to/chat/623352fea34c2456412b8c51/1fuc7od6e
+- Contact: https://casdoor.org/help

 ## Contribute

--- a/authz/authz.go
+++ b/authz/authz.go
@ -51,7 +51,8 @@ p, *, *, GET, /api/get-account, *, *
 p, *, *, GET, /api/userinfo, *, *
 p, *, *, GET, /api/user, *, *
 p, *, *, GET, /api/health, *, *
-p, *, *, POST, /api/webhook, *, *
+p, *, *, *, /api/webhook, *, *
+p, *, *, GET, /api/get-qrcode, *, *
 p, *, *, GET, /api/get-webhook-event, *, *
 p, *, *, GET, /api/get-captcha-status, *, *
 p, *, *, *, /api/login/oauth, *, *
@ -152,7 +153,7 @@ func IsAllowed(subOwner string, subName string, method string, urlPath string, o

 func isAllowedInDemoMode(subOwner string, subName string, method string, urlPath string, objOwner string, objName string) bool {
 	if method == "POST" {
-		if strings.HasPrefix(urlPath, "/api/login") || urlPath == "/api/logout" || urlPath == "/api/signup" || urlPath == "/api/callback" || urlPath == "/api/send-verification-code" || urlPath == "/api/send-email" || urlPath == "/api/verify-captcha" || urlPath == "/api/verify-code" || urlPath == "/api/check-user-password" || strings.HasPrefix(urlPath, "/api/mfa/") {
+		if strings.HasPrefix(urlPath, "/api/login") || urlPath == "/api/logout" || urlPath == "/api/signup" || urlPath == "/api/callback" || urlPath == "/api/send-verification-code" || urlPath == "/api/send-email" || urlPath == "/api/verify-captcha" || urlPath == "/api/verify-code" || urlPath == "/api/check-user-password" || strings.HasPrefix(urlPath, "/api/mfa/") || urlPath == "/api/webhook" || urlPath == "/api/get-qrcode" {
 			return true
 		} else if urlPath == "/api/update-user" {
 			// Allow ordinary users to update their own information
--- a/conf/conf.go
+++ b/conf/conf.go
@ -71,7 +71,10 @@ func GetConfigInt64(key string) (int64, error) {

 func GetConfigDataSourceName() string {
 	dataSourceName := GetConfigString("dataSourceName")
+	return ReplaceDataSourceNameByDocker(dataSourceName)
+}

+func ReplaceDataSourceNameByDocker(dataSourceName string) string {
 	runningInDocker := os.Getenv("RUNNING_IN_DOCKER")
 	if runningInDocker == "true" {
 		// https://stackoverflow.com/questions/48546124/what-is-linux-equivalent-of-host-docker-internal
@ -81,7 +84,6 @@ func GetConfigDataSourceName() string {
 			dataSourceName = strings.ReplaceAll(dataSourceName, "localhost", "host.docker.internal")
 		}
 	}
-
 	return dataSourceName
 }

@ -108,13 +110,3 @@ func GetConfigBatchSize() int {
 	}
 	return res
 }
-
-func GetConfigRealDataSourceName(driverName string) string {
-	var dataSourceName string
-	if driverName != "mysql" {
-		dataSourceName = GetConfigDataSourceName()
-	} else {
-		dataSourceName = GetConfigDataSourceName() + GetConfigString("dbName")
-	}
-	return dataSourceName
-}
--- a/controllers/account.go
+++ b/controllers/account.go
@ -94,7 +94,7 @@ func (c *ApiController) Signup() {
 		return
 	}
 	if application == nil {
-		c.ResponseError(fmt.Sprintf(c.T("auth:The application: %s does not exist")), authForm.Application)
+		c.ResponseError(fmt.Sprintf(c.T("auth:The application: %s does not exist"), authForm.Application))
 		return
 	}

@ -110,7 +110,7 @@ func (c *ApiController) Signup() {
 	}

 	if organization == nil {
-		c.ResponseError(fmt.Sprintf(c.T("auth:The organization: %s does not exist")), authForm.Organization)
+		c.ResponseError(fmt.Sprintf(c.T("auth:The organization: %s does not exist"), authForm.Organization))
 		return
 	}

--- a/controllers/auth.go
+++ b/controllers/auth.go
@ -24,7 +24,6 @@ import (
 	"net/url"
 	"strconv"
 	"strings"
-	"sync"

 	"github.com/casdoor/casdoor/captcha"
 	"github.com/casdoor/casdoor/conf"
@ -37,11 +36,6 @@ import (
 	"golang.org/x/oauth2"
 )

-var (
-	wechatScanType string
-	lock           sync.RWMutex
-)
-
 func codeToResponse(code *object.Code) *Response {
 	if code.Code == "" {
 		return &Response{Status: "error", Msg: code.Message, Data: code.Code}
@ -896,6 +890,7 @@ func (c *ApiController) GetSamlLogin() {
 	authURL, method, err := object.GenerateSamlRequest(providerId, relayState, c.Ctx.Request.Host, c.GetAcceptLanguage())
 	if err != nil {
 		c.ResponseError(err.Error())
+		return
 	}
 	c.ResponseOk(authURL, method)
 }
@ -906,6 +901,7 @@ func (c *ApiController) HandleSamlLogin() {
 	decode, err := base64.StdEncoding.DecodeString(relayState)
 	if err != nil {
 		c.ResponseError(err.Error())
+		return
 	}
 	slice := strings.Split(string(decode), "&")
 	relayState = url.QueryEscape(relayState)
@ -919,49 +915,112 @@ func (c *ApiController) HandleSamlLogin() {
 // @Tag System API
 // @Title HandleOfficialAccountEvent
 // @router /webhook [POST]
-// @Success 200 {object} object.Userinfo The Response object
+// @Success 200 {object} controllers.Response The Response object
 func (c *ApiController) HandleOfficialAccountEvent() {
+	if c.Ctx.Request.Method == "GET" {
+		s := c.Ctx.Request.FormValue("echostr")
+		echostr, _ := strconv.Atoi(s)
+		c.SetData(echostr)
+		c.ServeJSON()
+		return
+	}
 	respBytes, err := io.ReadAll(c.Ctx.Request.Body)
 	if err != nil {
 		c.ResponseError(err.Error())
 		return
 	}
-
+	signature := c.Input().Get("signature")
+	timestamp := c.Input().Get("timestamp")
+	nonce := c.Input().Get("nonce")
 	var data struct {
-		MsgType  string `xml:"MsgType"`
-		Event    string `xml:"Event"`
-		EventKey string `xml:"EventKey"`
+		MsgType      string `xml:"MsgType"`
+		Event        string `xml:"Event"`
+		EventKey     string `xml:"EventKey"`
+		FromUserName string `xml:"FromUserName"`
+		Ticket       string `xml:"Ticket"`
 	}
 	err = xml.Unmarshal(respBytes, &data)
 	if err != nil {
 		c.ResponseError(err.Error())
 		return
 	}
-
-	lock.Lock()
-	defer lock.Unlock()
-	if data.EventKey != "" {
-		wechatScanType = data.Event
+	if strings.ToUpper(data.Event) != "SCAN" && strings.ToUpper(data.Event) != "SUBSCRIBE" {
 		c.Ctx.WriteString("")
+		return
 	}
+	if data.Ticket == "" {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	providerId := data.EventKey
+	provider, err := object.GetProvider(providerId)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+	if data.Ticket == "" {
+		c.ResponseError("empty ticket")
+		return
+	}
+	if !idp.VerifyWechatSignature(provider.Content, nonce, timestamp, signature) {
+		c.ResponseError("invalid signature")
+		return
+	}
+
+	idp.Lock.Lock()
+	if idp.WechatCacheMap == nil {
+		idp.WechatCacheMap = make(map[string]idp.WechatCacheMapValue)
+	}
+	idp.WechatCacheMap[data.Ticket] = idp.WechatCacheMapValue{
+		IsScanned:     true,
+		WechatUnionId: data.FromUserName,
+	}
+	idp.Lock.Unlock()
+
+	c.Ctx.WriteString("")
 }

 // GetWebhookEventType ...
 // @Tag System API
 // @Title GetWebhookEventType
 // @router /get-webhook-event [GET]
-// @Success 200 {object} object.Userinfo The Response object
+// @Param   ticket     query    string  true        "The eventId of QRCode"
+// @Success 200 {object} controllers.Response The Response object
 func (c *ApiController) GetWebhookEventType() {
-	lock.Lock()
-	defer lock.Unlock()
-	resp := &Response{
-		Status: "ok",
-		Msg:    "",
-		Data:   wechatScanType,
+	ticket := c.Input().Get("ticket")
+
+	idp.Lock.RLock()
+	_, ok := idp.WechatCacheMap[ticket]
+	idp.Lock.RUnlock()
+	if !ok {
+		c.ResponseError("ticket not found")
+		return
 	}
-	c.Data["json"] = resp
-	wechatScanType = ""
-	c.ServeJSON()
+
+	c.ResponseOk("SCAN", ticket)
+}
+
+// GetQRCode
+// @Tag System API
+// @Title GetWechatQRCode
+// @router /get-qrcode [GET]
+// @Param   id     query    string  true        "The id ( owner/name ) of provider"
+// @Success 200 {object} controllers.Response The Response object
+func (c *ApiController) GetQRCode() {
+	providerId := c.Input().Get("id")
+	provider, err := object.GetProvider(providerId)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+	code, ticket, err := idp.GetWechatOfficialAccountQRCode(provider.ClientId2, provider.ClientSecret2, providerId)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	c.ResponseOk(code, ticket)
 }

 // GetCaptchaStatus
--- a/controllers/mfa.go
+++ b/controllers/mfa.go
@ -19,6 +19,14 @@ import (

 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
+	"github.com/google/uuid"
+)
+
+const (
+	MfaRecoveryCodesSession = "mfa_recovery_codes"
+	MfaCountryCodeSession   = "mfa_country_code"
+	MfaDestSession          = "mfa_dest"
+	MfaTotpSecretSession    = "mfa_totp_secret"
 )

 // MfaSetupInitiate
@ -57,12 +65,20 @@ func (c *ApiController) MfaSetupInitiate() {
 		return
 	}

-	mfaProps, err := MfaUtil.Initiate(c.Ctx, user.GetId())
+	mfaProps, err := MfaUtil.Initiate(user.GetId())
 	if err != nil {
 		c.ResponseError(err.Error())
 		return
 	}

+	recoveryCode := uuid.NewString()
+	c.SetSession(MfaRecoveryCodesSession, recoveryCode)
+	if mfaType == object.TotpType {
+		c.SetSession(MfaTotpSecretSession, mfaProps.Secret)
+	}
+
+	mfaProps.RecoveryCodes = []string{recoveryCode}
+
 	resp := mfaProps
 	c.ResponseOk(resp)
 }
@ -83,13 +99,46 @@ func (c *ApiController) MfaSetupVerify() {
 		c.ResponseError("missing auth type or passcode")
 		return
 	}
-	mfaUtil := object.GetMfaUtil(mfaType, nil)
+
+	config := &object.MfaProps{
+		MfaType: mfaType,
+	}
+	if mfaType == object.TotpType {
+		secret := c.GetSession(MfaTotpSecretSession)
+		if secret == nil {
+			c.ResponseError("totp secret is missing")
+			return
+		}
+		config.Secret = secret.(string)
+	} else if mfaType == object.SmsType {
+		dest := c.GetSession(MfaDestSession)
+		if dest == nil {
+			c.ResponseError("destination is missing")
+			return
+		}
+		config.Secret = dest.(string)
+		countryCode := c.GetSession(MfaCountryCodeSession)
+		if countryCode == nil {
+			c.ResponseError("country code is missing")
+			return
+		}
+		config.CountryCode = countryCode.(string)
+	} else if mfaType == object.EmailType {
+		dest := c.GetSession(MfaDestSession)
+		if dest == nil {
+			c.ResponseError("destination is missing")
+			return
+		}
+		config.Secret = dest.(string)
+	}
+
+	mfaUtil := object.GetMfaUtil(mfaType, config)
 	if mfaUtil == nil {
 		c.ResponseError("Invalid multi-factor authentication type")
 		return
 	}

-	err := mfaUtil.SetupVerify(c.Ctx, passcode)
+	err := mfaUtil.SetupVerify(passcode)
 	if err != nil {
 		c.ResponseError(err.Error())
 	} else {
@ -122,18 +171,69 @@ func (c *ApiController) MfaSetupEnable() {
 		return
 	}

-	mfaUtil := object.GetMfaUtil(mfaType, nil)
+	config := &object.MfaProps{
+		MfaType: mfaType,
+	}
+
+	if mfaType == object.TotpType {
+		secret := c.GetSession(MfaTotpSecretSession)
+		if secret == nil {
+			c.ResponseError("totp secret is missing")
+			return
+		}
+		config.Secret = secret.(string)
+	} else if mfaType == object.EmailType {
+		if user.Email == "" {
+			dest := c.GetSession(MfaDestSession)
+			if dest == nil {
+				c.ResponseError("destination is missing")
+				return
+			}
+			user.Email = dest.(string)
+		}
+	} else if mfaType == object.SmsType {
+		if user.Phone == "" {
+			dest := c.GetSession(MfaDestSession)
+			if dest == nil {
+				c.ResponseError("destination is missing")
+				return
+			}
+			user.Phone = dest.(string)
+			countryCode := c.GetSession(MfaCountryCodeSession)
+			if countryCode == nil {
+				c.ResponseError("country code is missing")
+				return
+			}
+			user.CountryCode = countryCode.(string)
+		}
+	}
+	recoveryCodes := c.GetSession(MfaRecoveryCodesSession)
+	if recoveryCodes == nil {
+		c.ResponseError("recovery codes is missing")
+		return
+	}
+	config.RecoveryCodes = []string{recoveryCodes.(string)}
+
+	mfaUtil := object.GetMfaUtil(mfaType, config)
 	if mfaUtil == nil {
 		c.ResponseError("Invalid multi-factor authentication type")
 		return
 	}

-	err = mfaUtil.Enable(c.Ctx, user)
+	err = mfaUtil.Enable(user)
 	if err != nil {
 		c.ResponseError(err.Error())
 		return
 	}

+	c.DelSession(MfaRecoveryCodesSession)
+	if mfaType == object.TotpType {
+		c.DelSession(MfaTotpSecretSession)
+	} else {
+		c.DelSession(MfaCountryCodeSession)
+		c.DelSession(MfaDestSession)
+	}
+
 	c.ResponseOk(http.StatusText(http.StatusOK))
 }

--- a/controllers/user.go
+++ b/controllers/user.go
@ -156,6 +156,10 @@ func (c *ApiController) GetUser() {
 			c.ResponseError(err.Error())
 			return
 		}
+		if userFromUserId == nil {
+			c.ResponseOk(nil)
+			return
+		}

 		id = util.GetId(userFromUserId.Owner, userFromUserId.Name)
 	}
--- a/controllers/verification.go
+++ b/controllers/verification.go
@ -161,7 +161,7 @@ func (c *ApiController) SendVerificationCode() {
 				vform.Dest = mfaProps.Secret
 			}
 		} else if vform.Method == MfaSetupVerification {
-			c.SetSession(object.MfaDestSession, vform.Dest)
+			c.SetSession(MfaDestSession, vform.Dest)
 		}

 		provider, err := application.GetEmailProvider()
@ -198,8 +198,8 @@ func (c *ApiController) SendVerificationCode() {
 			}

 			if vform.Method == MfaSetupVerification {
-				c.SetSession(object.MfaCountryCodeSession, vform.CountryCode)
-				c.SetSession(object.MfaDestSession, vform.Dest)
+				c.SetSession(MfaCountryCodeSession, vform.CountryCode)
+				c.SetSession(MfaDestSession, vform.Dest)
 			}
 		} else if vform.Method == MfaAuthVerification {
 			mfaProps := user.GetPreferredMfaProps(false)
--- a/i18n/locales/zh/data.json
+++ b/i18n/locales/zh/data.json
@ -38,9 +38,9 @@
    "Email is invalid": "无效邮箱",
    "Empty username.": "用户名不可为空",
    "FirstName cannot be blank": "名不可以为空",
-    "Invitation code cannot be blank": "Invitation code cannot be blank",
+    "Invitation code cannot be blank": "邀请码不能为空",
    "Invitation code exhausted": "邀请码使用次数已耗尽",
-    "Invitation code is invalid": "Invitation code is invalid",
+    "Invitation code is invalid": "邀请码无效",
    "Invitation code suspended": "邀请码已被禁止使用",
    "LDAP user name or password incorrect": "LDAP密码错误",
    "LastName cannot be blank": "姓不可以为空",
--- a/idp/adfs.go
+++ b/idp/adfs.go
@ -121,6 +121,9 @@ func (idp *AdfsIdProvider) GetUserInfo(token *oauth2.Token) (*UserInfo, error) {
 		return nil, err
 	}
 	body, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return nil, err
+	}
 	var respKeys struct {
 		Keys []interface{} `json:"keys"`
 	}
--- a/idp/goth.go
+++ b/idp/goth.go
@ -75,6 +75,7 @@ import (
 	"github.com/markbates/goth/providers/twitterv2"
 	"github.com/markbates/goth/providers/typetalk"
 	"github.com/markbates/goth/providers/uber"
+	"github.com/markbates/goth/providers/vk"
 	"github.com/markbates/goth/providers/wepay"
 	"github.com/markbates/goth/providers/xero"
 	"github.com/markbates/goth/providers/yahoo"
@ -371,6 +372,11 @@ func NewGothIdProvider(providerType string, clientId string, clientSecret string
 			Provider: uber.New(clientId, clientSecret, redirectUrl),
 			Session:  &uber.Session{},
 		}
+	case "VK":
+		idp = GothIdProvider{
+			Provider: vk.New(clientId, clientSecret, redirectUrl),
+			Session:  &vk.Session{},
+		}
 	case "Wepay":
 		idp = GothIdProvider{
 			Provider: wepay.New(clientId, clientSecret, redirectUrl),
--- a/idp/wechat.go
+++ b/idp/wechat.go
@ -16,24 +16,38 @@ package idp

 import (
 	"bytes"
+	"crypto/sha1"
 	"encoding/base64"
+	"encoding/hex"
 	"encoding/json"
 	"fmt"
 	"io"
 	"net/http"
 	"net/url"
+	"sort"
 	"strings"
+	"sync"
 	"time"

 	"github.com/skip2/go-qrcode"
 	"golang.org/x/oauth2"
 )

+var (
+	WechatCacheMap map[string]WechatCacheMapValue
+	Lock           sync.RWMutex
+)
+
 type WeChatIdProvider struct {
 	Client *http.Client
 	Config *oauth2.Config
 }

+type WechatCacheMapValue struct {
+	IsScanned     bool
+	WechatUnionId string
+}
+
 func NewWeChatIdProvider(clientId string, clientSecret string, redirectUrl string) *WeChatIdProvider {
 	idp := &WeChatIdProvider{}

@ -76,6 +90,15 @@ type WechatAccessToken struct {
 // GetToken use code get access_token (*operation of getting code ought to be done in front)
 // get more detail via: https://developers.weixin.qq.com/doc/oplatform/Website_App/WeChat_Login/Wechat_Login.html
 func (idp *WeChatIdProvider) GetToken(code string) (*oauth2.Token, error) {
+	if strings.HasPrefix(code, "wechat_oa:") {
+		token := oauth2.Token{
+			AccessToken: code,
+			TokenType:   "WeChatAccessToken",
+			Expiry:      time.Time{},
+		}
+		return &token, nil
+	}
+
 	params := url.Values{}
 	params.Add("grant_type", "authorization_code")
 	params.Add("appid", idp.Config.ClientID)
@ -156,6 +179,29 @@ type WechatUserInfo struct {
 func (idp *WeChatIdProvider) GetUserInfo(token *oauth2.Token) (*UserInfo, error) {
 	var wechatUserInfo WechatUserInfo
 	accessToken := token.AccessToken
+
+	if strings.HasPrefix(accessToken, "wechat_oa:") {
+		Lock.RLock()
+		mapValue, ok := WechatCacheMap[accessToken[10:]]
+		Lock.RUnlock()
+
+		if !ok || mapValue.WechatUnionId == "" {
+			return nil, fmt.Errorf("error ticket")
+		}
+
+		Lock.Lock()
+		delete(WechatCacheMap, accessToken[10:])
+		Lock.Unlock()
+
+		userInfo := UserInfo{
+			Id:          mapValue.WechatUnionId,
+			Username:    "wx_user_" + mapValue.WechatUnionId,
+			DisplayName: "wx_user_" + mapValue.WechatUnionId,
+			AvatarUrl:   "",
+		}
+		return &userInfo, nil
+	}
+
 	openid := token.Extra("Openid")

 	userInfoUrl := fmt.Sprintf("https://api.weixin.qq.com/sns/userinfo?access_token=%s&openid=%s", accessToken, openid)
@ -203,60 +249,70 @@ func BuildWechatOpenIdKey(appId string) string {
 	return fmt.Sprintf("wechat_openid_%s", appId)
 }

-func GetWechatOfficialAccountAccessToken(clientId string, clientSecret string) (string, error) {
+func GetWechatOfficialAccountAccessToken(clientId string, clientSecret string) (string, string, error) {
 	accessTokenUrl := fmt.Sprintf("https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=%s&secret=%s", clientId, clientSecret)
 	request, err := http.NewRequest("GET", accessTokenUrl, nil)
 	if err != nil {
-		return "", err
+		return "", "", err
 	}

 	client := new(http.Client)
 	resp, err := client.Do(request)
 	if err != nil {
-		return "", err
+		return "", "", err
 	}
 	defer resp.Body.Close()

 	respBytes, err := io.ReadAll(resp.Body)
 	if err != nil {
-		return "", err
+		return "", "", err
 	}

 	var data struct {
 		ExpireIn    int    `json:"expires_in"`
 		AccessToken string `json:"access_token"`
+		ErrCode     int    `json:"errcode"`
+		Errmsg      string `json:"errmsg"`
 	}
 	err = json.Unmarshal(respBytes, &data)
 	if err != nil {
-		return "", err
+		return "", "", err
 	}

-	return data.AccessToken, nil
+	return data.AccessToken, data.Errmsg, nil
 }

-func GetWechatOfficialAccountQRCode(clientId string, clientSecret string) (string, error) {
-	accessToken, err := GetWechatOfficialAccountAccessToken(clientId, clientSecret)
+func GetWechatOfficialAccountQRCode(clientId string, clientSecret string, providerId string) (string, string, error) {
+	accessToken, errMsg, err := GetWechatOfficialAccountAccessToken(clientId, clientSecret)
+	if err != nil {
+		return "", "", err
+	}
+
+	if errMsg != "" {
+		return "", "", fmt.Errorf("Fail to fetch WeChat QRcode: %s", errMsg)
+	}
+
 	client := new(http.Client)

 	weChatEndpoint := "https://api.weixin.qq.com/cgi-bin/qrcode/create"
 	qrCodeUrl := fmt.Sprintf("%s?access_token=%s", weChatEndpoint, accessToken)
-	params := `{"action_name": "QR_LIMIT_STR_SCENE", "action_info": {"scene": {"scene_str": "test"}}}`
+	params := fmt.Sprintf(`{"expire_seconds": 3600, "action_name": "QR_STR_SCENE", "action_info": {"scene": {"scene_str": "%s"}}}`, providerId)

 	bodyData := bytes.NewReader([]byte(params))
 	requeset, err := http.NewRequest("POST", qrCodeUrl, bodyData)
 	if err != nil {
-		return "", err
+		return "", "", err
 	}

 	resp, err := client.Do(requeset)
 	if err != nil {
-		return "", err
+		return "", "", err
 	}
 	defer resp.Body.Close()

 	respBytes, err := io.ReadAll(resp.Body)
 	if err != nil {
-		return "", err
+		return "", "", err
 	}
 	var data struct {
 		Ticket        string `json:"ticket"`
@ -265,11 +321,26 @@ func GetWechatOfficialAccountQRCode(clientId string, clientSecret string) (strin
 	}
 	err = json.Unmarshal(respBytes, &data)
 	if err != nil {
-		return "", err
+		return "", "", err
 	}

 	var png []byte
 	png, err = qrcode.Encode(data.URL, qrcode.Medium, 256)
 	base64Image := base64.StdEncoding.EncodeToString(png)
-	return base64Image, nil
+	return base64Image, data.Ticket, nil
+}
+
+func VerifyWechatSignature(token string, nonce string, timestamp string, signature string) bool {
+	// verify the signature
+	tmpArr := sort.StringSlice{token, timestamp, nonce}
+	sort.Sort(tmpArr)
+
+	tmpStr := ""
+	for _, str := range tmpArr {
+		tmpStr = tmpStr + str
+	}
+
+	b := sha1.Sum([]byte(tmpStr))
+	res := hex.EncodeToString(b[:])
+	return res == signature
 }
--- a/init_data.json.template
+++ b/init_data.json.template
@ -146,7 +146,8 @@
      "isForbidden": false,
      "isDeleted": false,
      "signupApplication": "",
-      "createdIp": ""
+      "createdIp": "",
+      "groups": []
    }
  ],
  "providers": [
@ -349,5 +350,74 @@
      "owner": "",
      "url": ""
    }
+  ],
+  "groups": [
+    {
+        "owner": "",
+        "name":"",
+        "displayName": "",
+        "manager": "",
+        "contactEmail": "",
+        "type": "",
+        "parent_id": "",
+        "isTopGroup": true,
+        "title": "",
+        "key": "",
+        "children": "",
+        "isEnabled": true
+    }
+  ],
+  "adapters": [
+    {
+        "owner": "",
+        "name": "",
+        "table": "",
+        "useSameDb": true,
+        "type": "",
+        "databaseType": "",
+        "database": "",
+        "host": "",
+        "port": 0,
+        "user": "",
+        "password": "",
+    }
+  ],
+  "enforcers": [
+    {
+        "owner": "",
+        "name": "",
+        "displayName": "",
+        "description": "",
+        "model": "",
+        "adapter": "",
+        "enforcer": ""
+    }
+  ],
+  "plans": [
+    {
+        "owner": "",
+        "name": "",
+        "displayName": "",
+        "description": "",
+        "price": 0,
+        "currency": "",
+        "period": "",
+        "product": "",
+        "paymentProviders": [],
+        "isEnabled": true,
+        "role", ""
+    }
+  ],
+  "pricings": [
+    {
+        "owner": "",
+        "name": "",
+        "displayName": "",
+        "description": "",
+        "plans": [],
+        "isEnabled": true,
+        "trialDuration": 0,
+        "application": "",
+    }
  ]
 }
--- a/main.go
+++ b/main.go
@ -36,12 +36,12 @@ func main() {
 	object.CreateTables()

 	object.InitDb()
-	object.InitFromFile()
 	object.InitDefaultStorageProvider()
 	object.InitLdapAutoSynchronizer()
 	proxy.InitHttpClient()
 	authz.InitApi()
 	object.InitUserManager()
+	object.InitFromFile()
 	object.InitCasvisorConfig()

 	util.SafeGoroutine(func() { object.RunSyncUsersJob() })
--- a/object/adapter.go
+++ b/object/adapter.go
@ -178,6 +178,7 @@ func (adapter *Adapter) InitAdapter() error {
 		dataSourceName = strings.ReplaceAll(dataSourceName, "dbi.", "db.")
 	}

+	dataSourceName = conf.ReplaceDataSourceNameByDocker(dataSourceName)
 	engine, err := xorm.NewEngine(driverName, dataSourceName)
 	if err != nil {
 		return err
--- a/object/application.go
+++ b/object/application.go
@ -19,7 +19,6 @@ import (
 	"regexp"
 	"strings"

-	"github.com/casdoor/casdoor/idp"
 	"github.com/casdoor/casdoor/util"
 	"github.com/xorm-io/core"
 )
@ -41,6 +40,15 @@ type SignupItem struct {
 	Rule        string `json:"rule"`
 }

+type SigninItem struct {
+	Name        string `json:"name"`
+	Visible     bool   `json:"visible"`
+	Label       string `json:"label"`
+	Placeholder string `json:"placeholder"`
+	Rule        string `json:"rule"`
+	IsCustom    bool   `json:"isCustom"`
+}
+
 type SamlItem struct {
 	Name       string `json:"name"`
 	NameFormat string `json:"nameFormat"`
@ -73,6 +81,7 @@ type Application struct {
 	Providers             []*ProviderItem `xorm:"mediumtext" json:"providers"`
 	SigninMethods         []*SigninMethod `xorm:"varchar(2000)" json:"signinMethods"`
 	SignupItems           []*SignupItem   `xorm:"varchar(2000)" json:"signupItems"`
+	SigninItems           []*SigninItem   `xorm:"mediumtext" json:"signinItems"`
 	GrantTypes            []string        `xorm:"varchar(1000)" json:"grantTypes"`
 	OrganizationObj       *Organization   `xorm:"-" json:"organizationObj"`
 	CertPublicKey         string          `xorm:"-" json:"certPublicKey"`
@ -164,15 +173,6 @@ func getProviderMap(owner string) (m map[string]*Provider, err error) {

 	m = map[string]*Provider{}
 	for _, provider := range providers {
-		// Get QRCode only once
-		if provider.Type == "WeChat" && provider.DisableSsl && provider.Content == "" {
-			provider.Content, err = idp.GetWechatOfficialAccountQRCode(provider.ClientId2, provider.ClientSecret2)
-			if err != nil {
-				return
-			}
-			UpdateProvider(provider.Owner+"/"+provider.Name, provider)
-		}
-
 		m[provider.Name] = GetMaskedProvider(provider, true)
 	}

@ -200,6 +200,100 @@ func extendApplicationWithOrg(application *Application) (err error) {
 	return
 }

+func extendApplicationWithSigninItems(application *Application) (err error) {
+	if len(application.SigninItems) == 0 {
+		signinItem := &SigninItem{
+			Name:        "Back button",
+			Visible:     true,
+			Label:       "\n<style>\n  .back-button {\n      top: 65px;\n      left: 15px;\n      position: absolute;\n  }\n</style>\n",
+			Placeholder: "",
+			Rule:        "None",
+		}
+		application.SigninItems = append(application.SigninItems, signinItem)
+		signinItem = &SigninItem{
+			Name:        "Languages",
+			Visible:     true,
+			Label:       "\n<style>\n  .login-languages {\n      top: 55px;\n      right: 5px;\n      position: absolute;\n  }\n</style>\n",
+			Placeholder: "",
+			Rule:        "None",
+		}
+		application.SigninItems = append(application.SigninItems, signinItem)
+		signinItem = &SigninItem{
+			Name:        "Logo",
+			Visible:     true,
+			Label:       "\n<style>\n  .login-logo-box {\n  }\n<style>\n",
+			Placeholder: "",
+			Rule:        "None",
+		}
+		application.SigninItems = append(application.SigninItems, signinItem)
+		signinItem = &SigninItem{
+			Name:        "Signin methods",
+			Visible:     true,
+			Label:       "\n<style>\n  .signin-methods {\n  }\n<style>\n",
+			Placeholder: "",
+			Rule:        "None",
+		}
+		application.SigninItems = append(application.SigninItems, signinItem)
+		signinItem = &SigninItem{
+			Name:        "Username",
+			Visible:     true,
+			Label:       "\n<style>\n  .login-username {\n  }\n<style>\n",
+			Placeholder: "",
+			Rule:        "None",
+		}
+		application.SigninItems = append(application.SigninItems, signinItem)
+		signinItem = &SigninItem{
+			Name:        "Password",
+			Visible:     true,
+			Label:       "\n<style>\n  .login-password {\n  }\n<style>\n",
+			Placeholder: "",
+			Rule:        "None",
+		}
+		application.SigninItems = append(application.SigninItems, signinItem)
+		signinItem = &SigninItem{
+			Name:        "Agreement",
+			Visible:     true,
+			Label:       "\n<style>\n  .login-agreement {\n  }\n<style>\n",
+			Placeholder: "",
+			Rule:        "None",
+		}
+		application.SigninItems = append(application.SigninItems, signinItem)
+		signinItem = &SigninItem{
+			Name:        "Forgot password?",
+			Visible:     true,
+			Label:       "\n<style>\n  .login-forget-password {\n    display: inline-flex;\n    justify-content: space-between;\n    width: 320px;\n    margin-bottom: 25px;\n  }\n<style>\n",
+			Placeholder: "",
+			Rule:        "None",
+		}
+		application.SigninItems = append(application.SigninItems, signinItem)
+		signinItem = &SigninItem{
+			Name:        "Login button",
+			Visible:     true,
+			Label:       "\n<style>\n  .login-button-box {\n    margin-bottom: 5px;\n  }\n  .login-button {\n    width: 100%;\n  }\n<style>\n",
+			Placeholder: "",
+			Rule:        "None",
+		}
+		application.SigninItems = append(application.SigninItems, signinItem)
+		signinItem = &SigninItem{
+			Name:        "Signup link",
+			Visible:     true,
+			Label:       "\n<style>\n  .login-signup-link {\n    margin-bottom: 24px;\n    display: flex;\n    justify-content: end;\n}\n<style>\n",
+			Placeholder: "",
+			Rule:        "None",
+		}
+		application.SigninItems = append(application.SigninItems, signinItem)
+		signinItem = &SigninItem{
+			Name:        "Providers",
+			Visible:     true,
+			Label:       "\n<style>\n  .provider-img {\n      width: 30px;\n      margin: 5px;\n  }\n  .provider-big-img {\n      margin-bottom: 10px;\n  }\n</style>\n",
+			Placeholder: "",
+			Rule:        "None",
+		}
+		application.SigninItems = append(application.SigninItems, signinItem)
+	}
+	return
+}
+
 func extendApplicationWithSigninMethods(application *Application) (err error) {
 	if len(application.SigninMethods) == 0 {
 		if application.EnablePassword {
@ -250,6 +344,10 @@ func getApplication(owner string, name string) (*Application, error) {
 		if err != nil {
 			return nil, err
 		}
+		err = extendApplicationWithSigninItems(&application)
+		if err != nil {
+			return nil, err
+		}

 		return &application, nil
 	} else {
@ -280,6 +378,11 @@ func GetApplicationByOrganizationName(organization string) (*Application, error)
 			return nil, err
 		}

+		err = extendApplicationWithSigninItems(&application)
+		if err != nil {
+			return nil, err
+		}
+
 		return &application, nil
 	} else {
 		return nil, nil
@ -332,6 +435,11 @@ func GetApplicationByClientId(clientId string) (*Application, error) {
 			return nil, err
 		}

+		err = extendApplicationWithSigninItems(&application)
+		if err != nil {
+			return nil, err
+		}
+
 		return &application, nil
 	} else {
 		return nil, nil
--- a/object/init_data.go
+++ b/object/init_data.go
@ -35,6 +35,11 @@ type InitData struct {
 	Syncers       []*Syncer       `json:"syncers"`
 	Tokens        []*Token        `json:"tokens"`
 	Webhooks      []*Webhook      `json:"webhooks"`
+	Groups        []*Group        `json:"groups"`
+	Adapters      []*Adapter      `json:"adapters"`
+	Enforcers     []*Enforcer     `json:"enforcers"`
+	Plans         []*Plan         `json:"plans"`
+	Pricings      []*Pricing      `json:"pricings"`
 }

 func InitFromFile() {
@ -94,6 +99,21 @@ func InitFromFile() {
 		for _, webhook := range initData.Webhooks {
 			initDefinedWebhook(webhook)
 		}
+		for _, group := range initData.Groups {
+			initDefinedGroup(group)
+		}
+		for _, adapter := range initData.Adapters {
+			initDefinedAdapter(adapter)
+		}
+		for _, enforcer := range initData.Enforcers {
+			initDefinedEnforcer(enforcer)
+		}
+		for _, plan := range initData.Plans {
+			initDefinedPlan(plan)
+		}
+		for _, pricing := range initData.Pricings {
+			initDefinedPricing(pricing)
+		}
 	}
 }

@ -120,6 +140,11 @@ func readInitDataFromFile(filePath string) (*InitData, error) {
 		Syncers:       []*Syncer{},
 		Tokens:        []*Token{},
 		Webhooks:      []*Webhook{},
+		Groups:        []*Group{},
+		Adapters:      []*Adapter{},
+		Enforcers:     []*Enforcer{},
+		Plans:         []*Plan{},
+		Pricings:      []*Pricing{},
 	}
 	err := util.JsonToStruct(s, data)
 	if err != nil {
@ -190,7 +215,16 @@ func readInitDataFromFile(filePath string) (*InitData, error) {
 			webhook.Headers = []*Header{}
 		}
 	}
-
+	for _, plan := range data.Plans {
+		if plan.PaymentProviders == nil {
+			plan.PaymentProviders = []string{}
+		}
+	}
+	for _, pricing := range data.Pricings {
+		if pricing.Plans == nil {
+			pricing.Plans = []string{}
+		}
+	}
 	return data, nil
 }

@ -434,3 +468,78 @@ func initDefinedWebhook(webhook *Webhook) {
 		panic(err)
 	}
 }
+
+func initDefinedGroup(group *Group) {
+	existed, err := getGroup(group.Owner, group.Name)
+	if err != nil {
+		panic(err)
+	}
+	if existed != nil {
+		return
+	}
+	group.CreatedTime = util.GetCurrentTime()
+	_, err = AddGroup(group)
+	if err != nil {
+		panic(err)
+	}
+}
+
+func initDefinedAdapter(adapter *Adapter) {
+	existed, err := getAdapter(adapter.Owner, adapter.Name)
+	if err != nil {
+		panic(err)
+	}
+	if existed != nil {
+		return
+	}
+	adapter.CreatedTime = util.GetCurrentTime()
+	_, err = AddAdapter(adapter)
+	if err != nil {
+		panic(err)
+	}
+}
+
+func initDefinedEnforcer(enforcer *Enforcer) {
+	existed, err := getEnforcer(enforcer.Owner, enforcer.Name)
+	if err != nil {
+		panic(err)
+	}
+	if existed != nil {
+		return
+	}
+	enforcer.CreatedTime = util.GetCurrentTime()
+	_, err = AddEnforcer(enforcer)
+	if err != nil {
+		panic(err)
+	}
+}
+
+func initDefinedPlan(plan *Plan) {
+	existed, err := getPlan(plan.Owner, plan.Name)
+	if err != nil {
+		panic(err)
+	}
+	if existed != nil {
+		return
+	}
+	plan.CreatedTime = util.GetCurrentTime()
+	_, err = AddPlan(plan)
+	if err != nil {
+		panic(err)
+	}
+}
+
+func initDefinedPricing(pricing *Pricing) {
+	existed, err := getPlan(pricing.Owner, pricing.Name)
+	if err != nil {
+		panic(err)
+	}
+	if existed != nil {
+		return
+	}
+	pricing.CreatedTime = util.GetCurrentTime()
+	_, err = AddPricing(pricing)
+	if err != nil {
+		panic(err)
+	}
+}
--- a/object/init_data_dump.go
+++ b/object/init_data_dump.go
@ -96,6 +96,31 @@ func writeInitDataToFile(filePath string) error {
 		return err
 	}

+	groups, err := GetGroups("")
+	if err != nil {
+		return err
+	}
+
+	adapters, err := GetAdapters("")
+	if err != nil {
+		return err
+	}
+
+	enforcers, err := GetEnforcers("")
+	if err != nil {
+		return err
+	}
+
+	plans, err := GetPlans("")
+	if err != nil {
+		return err
+	}
+
+	pricings, err := GetPricings("")
+	if err != nil {
+		return err
+	}
+
 	data := &InitData{
 		Organizations: organizations,
 		Applications:  applications,
@ -112,6 +137,11 @@ func writeInitDataToFile(filePath string) error {
 		Syncers:       syncers,
 		Tokens:        tokens,
 		Webhooks:      webhooks,
+		Groups:        groups,
+		Adapters:      adapters,
+		Enforcers:     enforcers,
+		Plans:         plans,
+		Pricings:      pricings,
 	}

 	text := util.StructToJsonFormatted(data)
--- a/object/mfa.go
+++ b/object/mfa.go
@ -18,12 +18,8 @@ import (
 	"fmt"

 	"github.com/casdoor/casdoor/util"
-
-	"github.com/beego/beego/context"
 )

-const MfaRecoveryCodesSession = "mfa_recovery_codes"
-
 type MfaProps struct {
 	Enabled       bool     `json:"enabled"`
 	IsPreferred   bool     `json:"isPreferred"`
@ -35,9 +31,9 @@ type MfaProps struct {
 }

 type MfaInterface interface {
-	Initiate(ctx *context.Context, userId string) (*MfaProps, error)
-	SetupVerify(ctx *context.Context, passcode string) error
-	Enable(ctx *context.Context, user *User) error
+	Initiate(userId string) (*MfaProps, error)
+	SetupVerify(passcode string) error
+	Enable(user *User) error
 	Verify(passcode string) error
 }

--- a/object/mfa_sms.go
+++ b/object/mfa_sms.go
@ -16,87 +16,46 @@ package object

 import (
 	"errors"
-	"fmt"

-	"github.com/beego/beego/context"
 	"github.com/casdoor/casdoor/util"
-	"github.com/google/uuid"
-)
-
-const (
-	MfaCountryCodeSession = "mfa_country_code"
-	MfaDestSession        = "mfa_dest"
 )

 type SmsMfa struct {
-	Config *MfaProps
+	*MfaProps
 }

-func (mfa *SmsMfa) Initiate(ctx *context.Context, userId string) (*MfaProps, error) {
-	recoveryCode := uuid.NewString()
-
-	ctx.Output.Session(MfaRecoveryCodesSession, []string{recoveryCode})
-
+func (mfa *SmsMfa) Initiate(userId string) (*MfaProps, error) {
 	mfaProps := MfaProps{
-		MfaType:       mfa.Config.MfaType,
-		RecoveryCodes: []string{recoveryCode},
+		MfaType: mfa.MfaType,
 	}
 	return &mfaProps, nil
 }

-func (mfa *SmsMfa) SetupVerify(ctx *context.Context, passCode string) error {
-	destSession := ctx.Input.CruSession.Get(MfaDestSession)
-	if destSession == nil {
-		return errors.New("dest session is missing")
-	}
-	dest := destSession.(string)
-
-	if !util.IsEmailValid(dest) {
-		countryCodeSession := ctx.Input.CruSession.Get(MfaCountryCodeSession)
-		if countryCodeSession == nil {
-			return errors.New("country code is missing")
-		}
-		countryCode := countryCodeSession.(string)
-
-		dest, _ = util.GetE164Number(dest, countryCode)
+func (mfa *SmsMfa) SetupVerify(passCode string) error {
+	if !util.IsEmailValid(mfa.Secret) {
+		mfa.Secret, _ = util.GetE164Number(mfa.Secret, mfa.CountryCode)
 	}

-	if result := CheckVerificationCode(dest, passCode, "en"); result.Code != VerificationSuccess {
+	if result := CheckVerificationCode(mfa.Secret, passCode, "en"); result.Code != VerificationSuccess {
 		return errors.New(result.Msg)
 	}
 	return nil
 }

-func (mfa *SmsMfa) Enable(ctx *context.Context, user *User) error {
-	recoveryCodes := ctx.Input.CruSession.Get(MfaRecoveryCodesSession).([]string)
-	if len(recoveryCodes) == 0 {
-		return fmt.Errorf("recovery codes is missing")
-	}
-
+func (mfa *SmsMfa) Enable(user *User) error {
 	columns := []string{"recovery_codes", "preferred_mfa_type"}

-	user.RecoveryCodes = append(user.RecoveryCodes, recoveryCodes...)
+	user.RecoveryCodes = append(user.RecoveryCodes, mfa.RecoveryCodes...)
 	if user.PreferredMfaType == "" {
-		user.PreferredMfaType = mfa.Config.MfaType
+		user.PreferredMfaType = mfa.MfaType
 	}

-	if mfa.Config.MfaType == SmsType {
+	if mfa.MfaType == SmsType {
 		user.MfaPhoneEnabled = true
-		columns = append(columns, "mfa_phone_enabled")
-
-		if user.Phone == "" {
-			user.Phone = ctx.Input.CruSession.Get(MfaDestSession).(string)
-			user.CountryCode = ctx.Input.CruSession.Get(MfaCountryCodeSession).(string)
-			columns = append(columns, "phone", "country_code")
-		}
-	} else if mfa.Config.MfaType == EmailType {
+		columns = append(columns, "mfa_phone_enabled", "phone", "country_code")
+	} else if mfa.MfaType == EmailType {
 		user.MfaEmailEnabled = true
-		columns = append(columns, "mfa_email_enabled")
-
-		if user.Email == "" {
-			user.Email = ctx.Input.CruSession.Get(MfaDestSession).(string)
-			columns = append(columns, "email")
-		}
+		columns = append(columns, "mfa_email_enabled", "email")
 	}

 	_, err := UpdateUser(user.GetId(), user, columns, false)
@ -104,18 +63,14 @@ func (mfa *SmsMfa) Enable(ctx *context.Context, user *User) error {
 		return err
 	}

-	ctx.Input.CruSession.Delete(MfaRecoveryCodesSession)
-	ctx.Input.CruSession.Delete(MfaDestSession)
-	ctx.Input.CruSession.Delete(MfaCountryCodeSession)
-
 	return nil
 }

 func (mfa *SmsMfa) Verify(passCode string) error {
-	if !util.IsEmailValid(mfa.Config.Secret) {
-		mfa.Config.Secret, _ = util.GetE164Number(mfa.Config.Secret, mfa.Config.CountryCode)
+	if !util.IsEmailValid(mfa.Secret) {
+		mfa.Secret, _ = util.GetE164Number(mfa.Secret, mfa.CountryCode)
 	}
-	if result := CheckVerificationCode(mfa.Config.Secret, passCode, "en"); result.Code != VerificationSuccess {
+	if result := CheckVerificationCode(mfa.Secret, passCode, "en"); result.Code != VerificationSuccess {
 		return errors.New(result.Msg)
 	}
 	return nil
@ -128,7 +83,7 @@ func NewSmsMfaUtil(config *MfaProps) *SmsMfa {
 		}
 	}
 	return &SmsMfa{
-		Config: config,
+		config,
 	}
 }

@ -139,6 +94,6 @@ func NewEmailMfaUtil(config *MfaProps) *SmsMfa {
 		}
 	}
 	return &SmsMfa{
-		Config: config,
+		config,
 	}
 }
--- a/object/mfa_totp.go
+++ b/object/mfa_totp.go
@ -16,28 +16,24 @@ package object

 import (
 	"errors"
-	"fmt"
 	"time"

-	"github.com/beego/beego/context"
-	"github.com/google/uuid"
 	"github.com/pquerna/otp"
 	"github.com/pquerna/otp/totp"
 )

 const (
-	MfaTotpSecretSession   = "mfa_totp_secret"
 	MfaTotpPeriodInSeconds = 30
 )

 type TotpMfa struct {
-	Config     *MfaProps
+	*MfaProps
 	period     uint
 	secretSize uint
 	digits     otp.Digits
 }

-func (mfa *TotpMfa) Initiate(ctx *context.Context, userId string) (*MfaProps, error) {
+func (mfa *TotpMfa) Initiate(userId string) (*MfaProps, error) {
 	//issuer := beego.AppConfig.String("appname")
 	//if issuer == "" {
 	//	issuer = "casdoor"
@ -55,27 +51,16 @@ func (mfa *TotpMfa) Initiate(ctx *context.Context, userId string) (*MfaProps, er
 		return nil, err
 	}

-	ctx.Output.Session(MfaTotpSecretSession, key.Secret())
-
-	recoveryCode := uuid.NewString()
-	ctx.Output.Session(MfaRecoveryCodesSession, []string{recoveryCode})
-
 	mfaProps := MfaProps{
-		MfaType:       mfa.Config.MfaType,
-		RecoveryCodes: []string{recoveryCode},
-		Secret:        key.Secret(),
-		URL:           key.URL(),
+		MfaType: mfa.MfaType,
+		Secret:  key.Secret(),
+		URL:     key.URL(),
 	}
 	return &mfaProps, nil
 }

-func (mfa *TotpMfa) SetupVerify(ctx *context.Context, passcode string) error {
-	secret := ctx.Input.CruSession.Get(MfaTotpSecretSession)
-	if secret == nil {
-		return errors.New("totp secret is missing")
-	}
-
-	result, err := totp.ValidateCustom(passcode, secret.(string), time.Now().UTC(), totp.ValidateOpts{
+func (mfa *TotpMfa) SetupVerify(passcode string) error {
+	result, err := totp.ValidateCustom(passcode, mfa.Secret, time.Now().UTC(), totp.ValidateOpts{
 		Period:    MfaTotpPeriodInSeconds,
 		Skew:      1,
 		Digits:    otp.DigitsSix,
@ -92,22 +77,13 @@ func (mfa *TotpMfa) SetupVerify(ctx *context.Context, passcode string) error {
 	}
 }

-func (mfa *TotpMfa) Enable(ctx *context.Context, user *User) error {
-	recoveryCodes := ctx.Input.CruSession.Get(MfaRecoveryCodesSession).([]string)
-	if len(recoveryCodes) == 0 {
-		return fmt.Errorf("recovery codes is missing")
-	}
-	secret := ctx.Input.CruSession.Get(MfaTotpSecretSession).(string)
-	if secret == "" {
-		return fmt.Errorf("totp secret is missing")
-	}
-
+func (mfa *TotpMfa) Enable(user *User) error {
 	columns := []string{"recovery_codes", "preferred_mfa_type", "totp_secret"}

-	user.RecoveryCodes = append(user.RecoveryCodes, recoveryCodes...)
-	user.TotpSecret = secret
+	user.RecoveryCodes = append(user.RecoveryCodes, mfa.RecoveryCodes...)
+	user.TotpSecret = mfa.Secret
 	if user.PreferredMfaType == "" {
-		user.PreferredMfaType = mfa.Config.MfaType
+		user.PreferredMfaType = mfa.MfaType
 	}

 	_, err := updateUser(user.GetId(), user, columns)
@ -115,14 +91,11 @@ func (mfa *TotpMfa) Enable(ctx *context.Context, user *User) error {
 		return err
 	}

-	ctx.Input.CruSession.Delete(MfaRecoveryCodesSession)
-	ctx.Input.CruSession.Delete(MfaTotpSecretSession)
-
 	return nil
 }

 func (mfa *TotpMfa) Verify(passcode string) error {
-	result, err := totp.ValidateCustom(passcode, mfa.Config.Secret, time.Now().UTC(), totp.ValidateOpts{
+	result, err := totp.ValidateCustom(passcode, mfa.Secret, time.Now().UTC(), totp.ValidateOpts{
 		Period:    MfaTotpPeriodInSeconds,
 		Skew:      1,
 		Digits:    otp.DigitsSix,
@ -147,7 +120,7 @@ func NewTotpMfaUtil(config *MfaProps) *TotpMfa {
 	}

 	return &TotpMfa{
-		Config:     config,
+		MfaProps:   config,
 		period:     MfaTotpPeriodInSeconds,
 		secretSize: 20,
 		digits:     otp.DigitsSix,
--- a/object/organization.go
+++ b/object/organization.go
@ -342,6 +342,11 @@ func GetDefaultApplication(id string) (*Application, error) {
 		return nil, err
 	}

+	err = extendApplicationWithSigninItems(defaultApplication)
+	if err != nil {
+		return nil, err
+	}
+
 	return defaultApplication, nil
 }

--- a/object/provider.go
+++ b/object/provider.go
@ -312,8 +312,6 @@ func GetPaymentProvider(p *Provider) (pp.PaymentProvider, error) {
 	} else {
 		return nil, fmt.Errorf("the payment provider type: %s is not supported", p.Type)
 	}
-
-	return nil, nil
 }

 func (p *Provider) GetId() string {
--- a/object/record.go
+++ b/object/record.go
@ -116,7 +116,7 @@ func getFilteredWebhooks(webhooks []*Webhook, action string) []*Webhook {
 }

 func SendWebhooks(record *casvisorsdk.Record) error {
-	webhooks, err := getWebhooksByOrganization(record.Organization)
+	webhooks, err := getWebhooksByOrganization("")
 	if err != nil {
 		return err
 	}
--- a/object/user.go
+++ b/object/user.go
@ -793,6 +793,13 @@ func AddUser(user *User) (bool, error) {
 	}
 	user.Ranking = int(count + 1)

+	if user.Groups != nil && len(user.Groups) > 0 {
+		_, err = userEnforcer.UpdateGroupsForUser(user.GetId(), user.Groups)
+		if err != nil {
+			return false, err
+		}
+	}
+
 	affected, err := ormer.Engine.Insert(user)
 	if err != nil {
 		return false, err
@ -822,6 +829,13 @@ func AddUsers(users []*User) (bool, error) {
 		if err != nil {
 			return false, err
 		}
+
+		if user.Groups != nil && len(user.Groups) > 0 {
+			_, err = userEnforcer.UpdateGroupsForUser(user.GetId(), user.Groups)
+			if err != nil {
+				return false, err
+			}
+		}
 	}

 	affected, err := ormer.Engine.Insert(users)
--- a/object/user_avatar.go
+++ b/object/user_avatar.go
@ -41,11 +41,7 @@ func downloadImage(client *http.Client, url string) (*bytes.Buffer, string, erro

 	if resp.StatusCode != http.StatusOK {
 		fmt.Printf("downloadImage() error for url [%s]: %s\n", url, resp.Status)
-		if resp.StatusCode == 404 {
-			return nil, "", nil
-		} else {
-			return nil, "", fmt.Errorf("failed to download gravatar image: %s", resp.Status)
-		}
+		return nil, "", nil
 	}

 	// Get the content type and determine the file extension
--- a/object/user_enforcer.go
+++ b/object/user_enforcer.go
@ -1,10 +1,12 @@
 package object

 import (
+	errors2 "errors"
 	"fmt"

-	"github.com/casbin/casbin/v2"
 	"github.com/casbin/casbin/v2/errors"
+
+	"github.com/casbin/casbin/v2"
 	"github.com/casdoor/casdoor/util"
 )

@ -87,7 +89,7 @@ func (e *UserGroupEnforcer) GetAllUsersByGroup(group string) ([]string, error) {

 	users, err := e.enforcer.GetUsersForRole(GetGroupWithPrefix(group))
 	if err != nil {
-		if err == errors.ErrNameNotFound {
+		if errors2.Is(err, errors.ErrNameNotFound) {
 			return []string{}, nil
 		}
 		return nil, err
--- a/routers/authz_filter.go
+++ b/routers/authz_filter.go
@ -73,10 +73,12 @@ func getObject(ctx *context.Context) (string, string) {
 			}
 		}

-		// query == "?id=built-in/admin"
-		id := ctx.Input.Query("id")
-		if id != "" {
-			return util.GetOwnerAndNameFromIdNoCheck(id)
+		if !(strings.HasPrefix(ctx.Request.URL.Path, "/api/get-") && strings.HasSuffix(ctx.Request.URL.Path, "s")) {
+			// query == "?id=built-in/admin"
+			id := ctx.Input.Query("id")
+			if id != "" {
+				return util.GetOwnerAndNameFromIdNoCheck(id)
+			}
 		}

 		owner := ctx.Input.Query("owner")
--- a/routers/router.go
+++ b/routers/router.go
@ -61,7 +61,8 @@ func initAPI() {
 	beego.Router("/api/acs", &controllers.ApiController{}, "POST:HandleSamlLogin")
 	beego.Router("/api/saml/metadata", &controllers.ApiController{}, "GET:GetSamlMeta")
 	beego.Router("/api/saml/redirect/:owner/:application", &controllers.ApiController{}, "*:HandleSamlRedirect")
-	beego.Router("/api/webhook", &controllers.ApiController{}, "POST:HandleOfficialAccountEvent")
+	beego.Router("/api/webhook", &controllers.ApiController{}, "*:HandleOfficialAccountEvent")
+	beego.Router("/api/get-qrcode", &controllers.ApiController{}, "GET:GetQRCode")
 	beego.Router("/api/get-webhook-event", &controllers.ApiController{}, "GET:GetWebhookEventType")
 	beego.Router("/api/get-captcha-status", &controllers.ApiController{}, "GET:GetCaptchaStatus")
 	beego.Router("/api/callback", &controllers.ApiController{}, "POST:Callback")
--- a/util/validation.go
+++ b/util/validation.go
@ -34,7 +34,7 @@ func init() {
 	rePhone, _ = regexp.Compile(`(\d{3})\d*(\d{4})`)
 	ReWhiteSpace, _ = regexp.Compile(`\s`)
 	ReFieldWhiteList, _ = regexp.Compile(`^[A-Za-z0-9]+$`)
-	ReUserName, _ = regexp.Compile("^[a-zA-Z0-9]+((?:-[a-zA-Z0-9]+)|(?:_[a-zA-Z0-9]+))*$")
+	ReUserName, _ = regexp.Compile("^[a-zA-Z0-9]+([-._][a-zA-Z0-9]+)*$")
 }

 func IsEmailValid(email string) bool {
--- a/web/src/ApplicationEditPage.js
+++ b/web/src/ApplicationEditPage.js
@ -36,6 +36,7 @@ import ThemeEditor from "./common/theme/ThemeEditor";

 import {Controlled as CodeMirror} from "react-codemirror2";
 import "codemirror/lib/codemirror.css";
+import SigninTable from "./table/SigninTable";

 require("codemirror/theme/material-darker.css");
 require("codemirror/mode/htmlmixed/htmlmixed");
@ -864,6 +865,24 @@ class ApplicationEditPage extends React.Component {
            }
          </Col>
        </Row>
+        {
+          <React.Fragment>
+            <Row style={{marginTop: "20px"}} >
+              <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+                {Setting.getLabel(i18next.t("application:Signin items"), i18next.t("application:Signin items - Tooltip"))} :
+              </Col>
+              <Col span={22} >
+                <SigninTable
+                  title={i18next.t("application:Signin items")}
+                  table={this.state.application.signinItems}
+                  onUpdateTable={(value) => {
+                    this.updateApplicationField("signinItems", value);
+                  }}
+                />
+              </Col>
+            </Row>
+          </React.Fragment>
+        }
        {
          !this.state.application.enableSignUp ? null : (
            <React.Fragment>
--- a/web/src/ProviderEditPage.js
+++ b/web/src/ProviderEditPage.js
@ -13,7 +13,7 @@
 // limitations under the License.

 import React from "react";
-import {Button, Card, Checkbox, Col, Input, InputNumber, Row, Select, Switch} from "antd";
+import {Button, Card, Checkbox, Col, Input, InputNumber, Radio, Row, Select, Switch} from "antd";
 import {LinkOutlined} from "@ant-design/icons";
 import * as ProviderBackend from "./backend/ProviderBackend";
 import * as OrganizationBackend from "./backend/OrganizationBackend";
@ -118,7 +118,23 @@ class ProviderEditPage extends React.Component {
      provider["cert"] = "";
      this.getCerts(value);
    }
+
    provider[key] = value;
+
+    if (provider["type"] === "WeChat") {
+      if (!provider["clientId"]) {
+        provider["signName"] = "media";
+        provider["disableSsl"] = true;
+      }
+      if (!provider["clientId2"]) {
+        provider["signName"] = "open";
+        provider["disableSsl"] = false;
+      }
+      if (!provider["disableSsl"]) {
+        provider["signName"] = "open";
+      }
+    }
+
    this.setState({
      provider: provider,
    });
@ -756,16 +772,44 @@ class ProviderEditPage extends React.Component {
        }
        {
          this.state.provider.type !== "WeChat" ? null : (
-            <Row style={{marginTop: "20px"}} >
-              <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
-                {Setting.getLabel(i18next.t("provider:Enable QR code"), i18next.t("provider:Enable QR code - Tooltip"))} :
-              </Col>
-              <Col span={1} >
-                <Switch checked={this.state.provider.disableSsl} onChange={checked => {
-                  this.updateProviderField("disableSsl", checked);
-                }} />
-              </Col>
-            </Row>
+            <React.Fragment>
+              <Row style={{marginTop: "20px"}} >
+                <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+                  {Setting.getLabel(i18next.t("provider:Use WeChat Media Platform in PC"), i18next.t("provider:Use WeChat Media Platform in PC - Tooltip"))} :
+                </Col>
+                <Col span={1} >
+                  <Switch disabled={!this.state.provider.clientId} checked={this.state.provider.disableSsl} onChange={checked => {
+                    this.updateProviderField("disableSsl", checked);
+                  }} />
+                </Col>
+              </Row>
+              <Row style={{marginTop: "20px"}} >
+                <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+                  {Setting.getLabel(i18next.t("token:Access token"), i18next.t("token:Access token - Tooltip"))} :
+                </Col>
+                <Col span={22} >
+                  <Input value={this.state.provider.content} disabled={!this.state.provider.disableSsl || !this.state.provider.clientId2} onChange={e => {
+                    this.updateProviderField("content", e.target.value);
+                  }} />
+                </Col>
+              </Row>
+              <Row style={{marginTop: "20px"}} >
+                <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+                  {Setting.getLabel(i18next.t("provider:Follow-up action"), i18next.t("provider:Follow-up action - Tooltip"))} :
+                </Col>
+                <Col>
+                  <Radio.Group value={this.state.provider.signName}
+                    disabled={!this.state.provider.disableSsl || !this.state.provider.clientId || !this.state.provider.clientId2}
+                    buttonStyle="solid"
+                    onChange={e => {
+                      this.updateProviderField("signName", e.target.value);
+                    }}>
+                    <Radio.Button value="open">{i18next.t("provider:Use WeChat Open Platform to login")}</Radio.Button>
+                    <Radio.Button value="media">{i18next.t("provider:Use WeChat Media Platform to login")}</Radio.Button>
+                  </Radio.Group>
+                </Col>
+              </Row>
+            </React.Fragment>
          )
        }
        {
@ -832,7 +876,7 @@ class ProviderEditPage extends React.Component {
                </Col>
              </Row>
            )}
-            {["Custom HTTP SMS", "MinIO", "Google Cloud Storage", "Qiniu Cloud Kodo", "Synology"].includes(this.state.provider.type) ? null : (
+            {["Custom HTTP SMS", "Google Cloud Storage", "Qiniu Cloud Kodo", "Synology"].includes(this.state.provider.type) ? null : (
              <Row style={{marginTop: "20px"}} >
                <Col style={{marginTop: "5px"}} span={2}>
                  {Setting.getLabel(i18next.t("provider:Domain"), i18next.t("provider:Domain - Tooltip"))} :
--- a/web/src/Setting.js
+++ b/web/src/Setting.js
@ -1164,7 +1164,7 @@ export function getLoginLink(application) {
  let url;
  if (application === null) {
    url = null;
-  } else if (!isPasswordEnabled(application) && window.location.pathname.includes("/auto-signup/oauth/authorize")) {
+  } else if (window.location.pathname.includes("/auto-signup/oauth/authorize")) {
    url = window.location.href.replace("/auto-signup/oauth/authorize", "/login/oauth/authorize");
  } else if (authConfig.appName === application.name) {
    url = "/login";
@ -1176,11 +1176,6 @@ export function getLoginLink(application) {
  return url;
 }

-export function renderLoginLink(application, text) {
-  const url = getLoginLink(application);
-  return renderLink(url, text, null);
-}
-
 export function redirectToLoginPage(application, history) {
  const loginLink = getLoginLink(application);
  if (loginLink.startsWith("http://") || loginLink.startsWith("https://")) {
@ -1205,7 +1200,7 @@ function renderLink(url, text, onClick) {
    );
  } else if (url.startsWith("http")) {
    return (
-      <a target="_blank" rel="noopener noreferrer" style={{float: "right"}} href={url} onClick={() => {
+      <a style={{float: "right"}} href={url} onClick={() => {
        if (onClick !== null) {
          onClick();
        }
@ -1220,7 +1215,7 @@ export function renderSignupLink(application, text) {
  let url;
  if (application === null) {
    url = null;
-  } else if (!isPasswordEnabled(application) && window.location.pathname.includes("/login/oauth/authorize")) {
+  } else if (window.location.pathname.includes("/login/oauth/authorize")) {
    url = window.location.href.replace("/login/oauth/authorize", "/auto-signup/oauth/authorize");
  } else if (authConfig.appName === application.name) {
    url = "/signup";
@ -1253,7 +1248,11 @@ export function renderForgetLink(application, text) {
    }
  }

-  return renderLink(url, text, null);
+  const storeSigninUrl = () => {
+    sessionStorage.setItem("signinUrl", window.location.href);
+  };
+
+  return renderLink(url, text, storeSigninUrl);
 }

 export function renderHelmet(application) {
--- a/web/src/auth/AuthBackend.js
+++ b/web/src/auth/AuthBackend.js
@ -135,8 +135,18 @@ export function loginWithSaml(values, param) {
  }).then(res => res.json());
 }

-export function getWechatMessageEvent() {
-  return fetch(`${Setting.ServerUrl}/api/get-webhook-event`, {
+export function getWechatMessageEvent(ticket) {
+  return fetch(`${Setting.ServerUrl}/api/get-webhook-event?ticket=${ticket}`, {
+    method: "GET",
+    credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
+  }).then(res => res.json());
+}
+
+export function getWechatQRCode(providerId) {
+  return fetch(`${Setting.ServerUrl}/api/get-qrcode?id=${providerId}`, {
    method: "GET",
    credentials: "include",
    headers: {
--- a/web/src/auth/ForgetPage.js
+++ b/web/src/auth/ForgetPage.js
@ -47,6 +47,7 @@ class ForgetPage extends React.Component {

    this.form = React.createRef();
  }
+
  componentDidMount() {
    if (this.getApplicationObj() === undefined) {
      if (this.state.applicationName !== undefined) {
@ -153,7 +154,12 @@ class ForgetPage extends React.Component {
    values.userOwner = this.getApplicationObj()?.organizationObj.name;
    UserBackend.setPassword(values.userOwner, values.username, "", values?.newPassword, this.state.code).then(res => {
      if (res.status === "ok") {
-        Setting.redirectToLoginPage(this.getApplicationObj(), this.props.history);
+        const linkInStorage = sessionStorage.getItem("signinUrl");
+        if (linkInStorage !== null && linkInStorage !== "") {
+          Setting.goToLink(linkInStorage);
+        } else {
+          Setting.redirectToLoginPage(this.getApplicationObj(), this.props.history);
+        }
      } else {
        Setting.showMessage("error", res.msg);
      }
--- a/web/src/auth/LoginPage.js
+++ b/web/src/auth/LoginPage.js
@ -13,7 +13,7 @@
 // limitations under the License.

 import React from "react";
-import {Button, Checkbox, Col, Form, Input, Result, Row, Spin, Tabs} from "antd";
+import {Button, Checkbox, Col, Form, Input, Result, Spin, Tabs} from "antd";
 import {ArrowLeftOutlined, LockOutlined, UserOutlined} from "@ant-design/icons";
 import {withRouter} from "react-router-dom";
 import * as UserWebauthnBackend from "../backend/UserWebauthnBackend";
@ -32,11 +32,11 @@ import i18next from "i18next";
 import CustomGithubCorner from "../common/CustomGithubCorner";
 import {SendCodeInput} from "../common/SendCodeInput";
 import LanguageSelect from "../common/select/LanguageSelect";
-import {CaptchaModal} from "../common/modal/CaptchaModal";
-import {CaptchaRule} from "../common/modal/CaptchaModal";
+import {CaptchaModal, CaptchaRule} from "../common/modal/CaptchaModal";
 import RedirectForm from "../common/RedirectForm";
 import {MfaAuthVerifyForm, NextMfa, RequiredMfa} from "./mfa/MfaAuthVerifyForm";
 import {GoogleOneTapLoginVirtualButton} from "./GoogleLoginButton";
+
 class LoginPage extends React.Component {
  constructor(props) {
    super(props);
@ -494,6 +494,200 @@ class LoginPage extends React.Component {
    return null;
  }

+  renderFormItem(application, signinItem) {
+    if (!signinItem.visible && signinItem.name !== "ForgetPassword") {
+      return null;
+    }
+
+    if (signinItem.name === "Logo") {
+      return (
+        <div className="login-logo-box">
+          <div dangerouslySetInnerHTML={{__html: signinItem.label}} />
+          {
+            Setting.renderHelmet(application)
+          }
+          {
+            Setting.renderLogo(application)
+          }
+        </div>
+      );
+    } else if (signinItem.name === "Back button") {
+      return (
+        <div>
+          <div dangerouslySetInnerHTML={{__html: signinItem.label}} />
+          {
+            this.renderBackButton()
+          }
+        </div>
+      );
+    } else if (signinItem.name === "Languages") {
+      return (
+        <div className="login-languages">
+          <div dangerouslySetInnerHTML={{__html: signinItem.label}} />
+          <LanguageSelect languages={application.organizationObj.languages} />
+        </div>
+      );
+    } else if (signinItem.name === "Signin methods") {
+      return (
+        <div>
+          <div dangerouslySetInnerHTML={{__html: signinItem.label}} />
+          {this.renderMethodChoiceBox()}
+        </div>
+      )
+      ;
+    } else if (signinItem.name === "Username") {
+      return (
+        <div className="login-username">
+          <div dangerouslySetInnerHTML={{__html: signinItem.label}} />
+          <Form.Item
+            name="username"
+            rules={[
+              {
+                required: true,
+                message: () => {
+                  switch (this.state.loginMethod) {
+                  case "verificationCodeEmail":
+                    return i18next.t("login:Please input your Email!");
+                  case "verificationCodePhone":
+                    return i18next.t("login:Please input your Phone!");
+                  case "ldap":
+                    return i18next.t("login:Please input your LDAP username!");
+                  default:
+                    return i18next.t("login:Please input your Email or Phone!");
+                  }
+                },
+              },
+              {
+                validator: (_, value) => {
+                  if (value === "") {
+                    return Promise.resolve();
+                  }
+
+                  if (this.state.loginMethod === "verificationCode") {
+                    if (!Setting.isValidEmail(value) && !Setting.isValidPhone(value)) {
+                      this.setState({validEmailOrPhone: false});
+                      return Promise.reject(i18next.t("login:The input is not valid Email or phone number!"));
+                    }
+
+                    if (Setting.isValidEmail(value)) {
+                      this.setState({validEmail: true});
+                    } else {
+                      this.setState({validEmail: false});
+                    }
+                  } else if (this.state.loginMethod === "verificationCodeEmail") {
+                    if (!Setting.isValidEmail(value)) {
+                      this.setState({validEmail: false});
+                      this.setState({validEmailOrPhone: false});
+                      return Promise.reject(i18next.t("login:The input is not valid Email!"));
+                    } else {
+                      this.setState({validEmail: true});
+                    }
+                  } else if (this.state.loginMethod === "verificationCodePhone") {
+                    if (!Setting.isValidPhone(value)) {
+                      this.setState({validEmailOrPhone: false});
+                      return Promise.reject(i18next.t("login:The input is not valid phone number!"));
+                    }
+                  }
+
+                  this.setState({validEmailOrPhone: true});
+                  return Promise.resolve();
+                },
+              },
+            ]}
+          >
+
+            <Input
+              id="input"
+              prefix={<UserOutlined className="site-form-item-icon" />}
+              placeholder={this.getPlaceholder()}
+              onChange={e => {
+                this.setState({
+                  username: e.target.value,
+                });
+              }}
+            />
+          </Form.Item>
+        </div>
+      );
+    } else if (signinItem.name === "Password") {
+      return (
+        <div>
+          <div dangerouslySetInnerHTML={{__html: signinItem.label}} />
+          {this.renderPasswordOrCodeInput()}
+        </div>
+      );
+    } else if (signinItem.name === "Forgot password?") {
+      return (
+        <div>
+          <div dangerouslySetInnerHTML={{__html: signinItem.label}} />
+          <div className="login-forget-password">
+            <Form.Item name="autoSignin" valuePropName="checked" noStyle>
+              <Checkbox style={{float: "left"}}>
+                {i18next.t("login:Auto sign in")}
+              </Checkbox>
+            </Form.Item>
+            {
+              signinItem.visible ? Setting.renderForgetLink(application, i18next.t("login:Forgot password?")) : null
+            }
+          </div>
+        </div>
+      );
+    } else if (signinItem.name === "Agreement") {
+      return AgreementModal.isAgreementRequired(application) ? AgreementModal.renderAgreementFormItem(application, true, {}, this) : null;
+    } else if (signinItem.name === "Login button") {
+      return (
+        <Form.Item className="login-button-box">
+          <div dangerouslySetInnerHTML={{__html: signinItem.label}} />
+          <Button
+            type="primary"
+            htmlType="submit"
+            className="login-button"
+          >
+            {
+              this.state.loginMethod === "webAuthn" ? i18next.t("login:Sign in with WebAuthn") :
+                i18next.t("login:Sign In")
+            }
+          </Button>
+          {
+            this.renderCaptchaModal(application)
+          }
+        </Form.Item>
+      );
+    } else if (signinItem.name === "Providers") {
+      const showForm = Setting.isPasswordEnabled(application) || Setting.isCodeSigninEnabled(application) || Setting.isWebAuthnEnabled(application) || Setting.isLdapEnabled(application);
+      if (signinItem.rule === "None" || signinItem.rule === "") {
+        signinItem.rule = showForm ? "small" : "big";
+      }
+
+      return (
+        <div>
+          <div dangerouslySetInnerHTML={{__html: signinItem.label}} />
+          <Form.Item>
+            {
+              application.providers.filter(providerItem => this.isProviderVisible(providerItem)).map(providerItem => {
+                return ProviderButton.renderProviderLogo(providerItem.provider, application, null, null, signinItem.rule, this.props.location);
+              })
+            }
+            {
+              this.renderOtherFormProvider(application)
+            }
+          </Form.Item>
+        </div>
+      );
+    } else if (signinItem.name.startsWith("Text ") || signinItem?.isCustom) {
+      return (
+        <div dangerouslySetInnerHTML={{__html: signinItem.label}} />
+      );
+    } else if (signinItem.name === "Signup link") {
+      return (
+        <div style={{width: "100%"}} className="login-signup-link">
+          <div dangerouslySetInnerHTML={{__html: signinItem.label}} />
+          {this.renderFooter(application)}
+        </div>
+      );
+    }
+  }
+
  renderForm(application) {
    if (this.state.msg !== null) {
      return Util.renderMessage(this.state.msg);
@ -569,116 +763,10 @@ class LoginPage extends React.Component {
            ]}
          >
          </Form.Item>
-          {this.renderMethodChoiceBox()}
-          <Row style={{minHeight: 130, alignItems: "center"}}>
-            <Col span={24}>
-              <Form.Item
-                name="username"
-                rules={[
-                  {
-                    required: true,
-                    message: () => {
-                      switch (this.state.loginMethod) {
-                      case "verificationCodeEmail": return i18next.t("login:Please input your Email!");
-                      case "verificationCodePhone": return i18next.t("login:Please input your Phone!");
-                      case "ldap": return i18next.t("login:Please input your LDAP username!");
-                      default: return i18next.t("login:Please input your Email or Phone!");
-                      }
-                    },
-                  },
-                  {
-                    validator: (_, value) => {
-                      if (value === "") {
-                        return Promise.resolve();
-                      }

-                      if (this.state.loginMethod === "verificationCode") {
-                        if (!Setting.isValidEmail(value) && !Setting.isValidPhone(value)) {
-                          this.setState({validEmailOrPhone: false});
-                          return Promise.reject(i18next.t("login:The input is not valid Email or phone number!"));
-                        }
-
-                        if (Setting.isValidEmail(value)) {
-                          this.setState({validEmail: true});
-                        } else {
-                          this.setState({validEmail: false});
-                        }
-                      } else if (this.state.loginMethod === "verificationCodeEmail") {
-                        if (!Setting.isValidEmail(value)) {
-                          this.setState({validEmail: false});
-                          this.setState({validEmailOrPhone: false});
-                          return Promise.reject(i18next.t("login:The input is not valid Email!"));
-                        } else {
-                          this.setState({validEmail: true});
-                        }
-                      } else if (this.state.loginMethod === "verificationCodePhone") {
-                        if (!Setting.isValidPhone(value)) {
-                          this.setState({validEmailOrPhone: false});
-                          return Promise.reject(i18next.t("login:The input is not valid phone number!"));
-                        }
-                      }
-
-                      this.setState({validEmailOrPhone: true});
-                      return Promise.resolve();
-                    },
-                  },
-                ]}
-              >
-                <Input
-                  id="input"
-                  prefix={<UserOutlined className="site-form-item-icon" />}
-                  placeholder={this.getPlaceholder()}
-                  onChange={e => {
-                    this.setState({
-                      username: e.target.value,
-                    });
-                  }}
-                />
-              </Form.Item>
-            </Col>
-            {
-              this.renderPasswordOrCodeInput()
-            }
-          </Row>
-          <div style={{display: "inline-flex", justifyContent: "space-between", width: "320px", marginBottom: AgreementModal.isAgreementRequired(application) ? "5px" : "25px"}}>
-            <Form.Item name="autoSignin" valuePropName="checked" noStyle>
-              <Checkbox style={{float: "left"}}>
-                {i18next.t("login:Auto sign in")}
-              </Checkbox>
-            </Form.Item>
-            {
-              Setting.renderForgetLink(application, i18next.t("login:Forgot password?"))
-            }
-          </div>
-          {AgreementModal.isAgreementRequired(application) ? AgreementModal.renderAgreementFormItem(application, true, {}, this) : null}
-          <Form.Item>
-            <Button
-              type="primary"
-              htmlType="submit"
-              style={{width: "100%", marginBottom: "5px"}}
-            >
-              {
-                this.state.loginMethod === "webAuthn" ? i18next.t("login:Sign in with WebAuthn") :
-                  i18next.t("login:Sign In")
-              }
-            </Button>
-            {
-              this.renderCaptchaModal(application)
-            }
-            {
-              this.renderFooter(application)
-            }
-          </Form.Item>
-          <Form.Item>
-            {
-              application.providers.filter(providerItem => this.isProviderVisible(providerItem)).map(providerItem => {
-                return ProviderButton.renderProviderLogo(providerItem.provider, application, 30, 5, "small", this.props.location);
-              })
-            }
-            {
-              this.renderOtherFormProvider(application)
-            }
-          </Form.Item>
+          {
+            application.signinItems?.map(signinItem => this.renderFormItem(application, signinItem))
+          }
        </Form>
      );
    } else {
@ -695,19 +783,8 @@ class LoginPage extends React.Component {
          </div>
          <br />
          {
-            application.providers?.filter(providerItem => this.isProviderVisible(providerItem)).map(providerItem => {
-              return ProviderButton.renderProviderLogo(providerItem.provider, application, 40, 10, "big", this.props.location);
-            })
+            application?.signinItems.map(signinItem => signinItem.name === "Providers" || signinItem.name === "Signup link" ? this.renderFormItem(application, signinItem) : null)
          }
-          {
-            this.renderOtherFormProvider(application)
-          }
-          <div>
-            <br />
-            {
-              this.renderFooter(application)
-            }
-          </div>
        </div>
      );
    }
@ -760,7 +837,7 @@ class LoginPage extends React.Component {

  renderFooter(application) {
    return (
-      <span style={{float: "right"}}>
+      <div>
        {
          !application.enableSignUp ? null : (
            <React.Fragment>
@ -771,7 +848,7 @@ class LoginPage extends React.Component {
            </React.Fragment>
          )
        }
-      </span>
+      </div>
    );
  }

@ -889,33 +966,37 @@ class LoginPage extends React.Component {
    if (this.state.loginMethod === "password" || this.state.loginMethod === "ldap") {
      return (
        <Col span={24}>
-          <Form.Item
-            name="password"
-            rules={[{required: true, message: i18next.t("login:Please input your password!")}]}
-          >
-            <Input.Password
-              prefix={<LockOutlined className="site-form-item-icon" />}
-              type="password"
-              placeholder={i18next.t("general:Password")}
-              disabled={this.state.loginMethod === "password" ? !Setting.isPasswordEnabled(application) : !Setting.isLdapEnabled(application)}
-            />
-          </Form.Item>
+          <div className="login-password">
+            <Form.Item
+              name="password"
+              rules={[{required: true, message: i18next.t("login:Please input your password!")}]}
+            >
+              <Input.Password
+                prefix={<LockOutlined className="site-form-item-icon" />}
+                type="password"
+                placeholder={i18next.t("general:Password")}
+                disabled={this.state.loginMethod === "password" ? !Setting.isPasswordEnabled(application) : !Setting.isLdapEnabled(application)}
+              />
+            </Form.Item>
+          </div>
        </Col>
      );
    } else if (this.state.loginMethod?.includes("verificationCode")) {
      return (
        <Col span={24}>
-          <Form.Item
-            name="code"
-            rules={[{required: true, message: i18next.t("login:Please input your code!")}]}
-          >
-            <SendCodeInput
-              disabled={this.state.username?.length === 0 || !this.state.validEmailOrPhone}
-              method={"login"}
-              onButtonClickArgs={[this.state.username, this.state.validEmail ? "email" : "phone", Setting.getApplicationName(application)]}
-              application={application}
-            />
-          </Form.Item>
+          <div className="login-password">
+            <Form.Item
+              name="code"
+              rules={[{required: true, message: i18next.t("login:Please input your code!")}]}
+            >
+              <SendCodeInput
+                disabled={this.state.username?.length === 0 || !this.state.validEmailOrPhone}
+                method={"login"}
+                onButtonClickArgs={[this.state.username, this.state.validEmail ? "email" : "phone", Setting.getApplicationName(application)]}
+                application={application}
+              />
+            </Form.Item>
+          </div>
        </Col>
      );
    } else {
@ -952,7 +1033,7 @@ class LoginPage extends React.Component {
    if (items.length > 1) {
      return (
        <div>
-          <Tabs items={items} size={"small"} defaultActiveKey={this.getDefaultLoginMethod(application)} onChange={(key) => {
+          <Tabs className="signin-methods" items={items} size={"small"} defaultActiveKey={this.getDefaultLoginMethod(application)} onChange={(key) => {
            this.setState({loginMethod: key});
          }} centered>
          </Tabs>
@ -1047,10 +1128,10 @@ class LoginPage extends React.Component {
  }

  renderBackButton() {
-    if (this.state.orgChoiceMode === "None") {
+    if (this.state.orgChoiceMode === "None" || this.props.preview === "auto") {
      return (
        <Button type="text" size="large" icon={<ArrowLeftOutlined />}
-          style={{top: "65px", left: "15px", position: "absolute"}}
+          className="back-button"
          onClick={() => history.back()}>
        </Button>
      );
@ -1099,16 +1180,6 @@ class LoginPage extends React.Component {
            <div className="login-form">
              <div>
                <div>
-                  {
-                    Setting.renderHelmet(application)
-                  }
-                  {
-                    Setting.renderLogo(application)
-                  }
-                  {
-                    this.renderBackButton()
-                  }
-                  <LanguageSelect languages={application.organizationObj.languages} style={{top: "55px", right: "5px", position: "absolute"}} />
                  {
                    this.renderLoginPanel(application)
                  }
--- a/web/src/auth/MfaSetupPage.js
+++ b/web/src/auth/MfaSetupPage.js
@ -13,7 +13,7 @@
 // limitations under the License.

 import React from "react";
-import {Button, Col, Result, Row, Steps} from "antd";
+import {Button, Col, Result, Row, Spin, Steps} from "antd";
 import {withRouter} from "react-router-dom";
 import * as ApplicationBackend from "../backend/ApplicationBackend";
 import * as Setting from "../Setting";
@ -42,13 +42,20 @@ class MfaSetupPage extends React.Component {
      mfaProps: null,
      mfaType: params.get("mfaType") ?? SmsMfaType,
      isPromptPage: props.isPromptPage || location.state?.from !== undefined,
+      loading: false,
    };
  }

  componentDidMount() {
    this.getApplication();
    if (this.state.current === 1) {
-      this.initMfaProps();
+      this.setState({
+        loading: true,
+      });
+
+      setTimeout(() => {
+        this.initMfaProps();
+      }, 200);
    }
  }

@ -85,6 +92,7 @@ class MfaSetupPage extends React.Component {
      if (res.status === "ok") {
        this.setState({
          mfaProps: res.data,
+          loading: false,
        });
      } else {
        Setting.showMessage("error", i18next.t("mfa:Failed to initiate MFA"));
@ -231,15 +239,17 @@ class MfaSetupPage extends React.Component {
              <p style={{textAlign: "center", fontSize: "16px", marginTop: "10px"}}>{i18next.t("mfa:Each time you sign in to your Account, you'll need your password and a authentication code")}</p>
            </Col>
          </Row>
-          <Steps current={this.state.current}
-            items={[
-              {title: i18next.t("mfa:Verify Password"), icon: <UserOutlined />},
-              {title: i18next.t("mfa:Verify Code"), icon: <KeyOutlined />},
-              {title: i18next.t("general:Enable"), icon: <CheckOutlined />},
-            ]}
-            style={{width: "90%", maxWidth: "500px", margin: "auto", marginTop: "50px",
-            }} >
-          </Steps>
+          <Spin spinning={this.state.loading}>
+            <Steps current={this.state.current}
+              items={[
+                {title: i18next.t("mfa:Verify Password"), icon: <UserOutlined />},
+                {title: i18next.t("mfa:Verify Code"), icon: <KeyOutlined />},
+                {title: i18next.t("general:Enable"), icon: <CheckOutlined />},
+              ]}
+              style={{width: "90%", maxWidth: "500px", margin: "auto", marginTop: "50px",
+              }} >
+            </Steps>
+          </Spin>
        </Col>
        <Col span={24} style={{display: "flex", justifyContent: "center"}}>
          <div style={{marginTop: "10px", textAlign: "center"}}>
--- a/web/src/auth/Provider.js
+++ b/web/src/auth/Provider.js
@ -377,7 +377,7 @@ export function getProviderLogoWidget(provider) {
  }
 }

-export function getAuthUrl(application, provider, method) {
+export function getAuthUrl(application, provider, method, code) {
  if (application === null || provider === null) {
    return "";
  }
@ -418,6 +418,9 @@ export function getAuthUrl(application, provider, method) {
    if (navigator.userAgent.includes("MicroMessenger")) {
      return `${authInfo[provider.type].mpEndpoint}?appid=${provider.clientId2}&redirect_uri=${redirectUri}&state=${state}&scope=${authInfo[provider.type].mpScope}&response_type=code#wechat_redirect`;
    } else {
+      if (provider.clientId2 && provider?.disableSsl && provider?.signName === "media") {
+        return `${window.location.origin}/callback?state=${state}&code=${"wechat_oa:" + code}`;
+      }
      return `${endpoint}?appid=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}#wechat_redirect`;
    }
  } else if (provider.type === "WeCom") {
--- a/web/src/auth/ProviderButton.js
+++ b/web/src/auth/ProviderButton.js
@ -43,6 +43,7 @@ import OktaLoginButton from "./OktaLoginButton";
 import DouyinLoginButton from "./DouyinLoginButton";
 import LoginButton from "./LoginButton";
 import * as AuthBackend from "./AuthBackend";
+import * as Setting from "../Setting";
 import {getEvent} from "./Util";
 import {Modal} from "antd";

@ -132,43 +133,52 @@ export function goToWeb3Url(application, provider, method) {
 export function renderProviderLogo(provider, application, width, margin, size, location) {
  if (size === "small") {
    if (provider.category === "OAuth") {
-      if (provider.type === "WeChat" && provider.clientId2 !== "" && provider.clientSecret2 !== "" && provider.content !== "" && provider.disableSsl === true && !navigator.userAgent.includes("MicroMessenger")) {
+      if (provider.type === "WeChat" && provider.clientId2 !== "" && provider.clientSecret2 !== "" && provider.disableSsl === true && !navigator.userAgent.includes("MicroMessenger")) {
        const info = async() => {
-          const t1 = setInterval(await getEvent, 1000, application, provider);
-          {Modal.info({
-            title: i18next.t("provider:Please use WeChat and scan the QR code to sign in"),
-            content: (
-              <div>
-                <img width={256} height={256} src = {"data:image/png;base64," + provider.content} alt="Wechat QR code" style={{margin: margin}} />
-              </div>
-            ),
-            onOk() {
-              window.clearInterval(t1);
-            },
-          });}
+          AuthBackend.getWechatQRCode(`${provider.owner}/${provider.name}`).then(
+            async res => {
+              if (res.status !== "ok") {
+                Setting.showMessage("error", res?.msg);
+                return;
+              }
+
+              const t1 = setInterval(await getEvent, 1000, application, provider, res.data2);
+              {Modal.info({
+                title: i18next.t("provider:Please use WeChat to scan the QR code and follow the official account for sign in"),
+                content: (
+                  <div style={{marginRight: "34px"}}>
+                    <img src = {"data:image/png;base64," + res.data} alt="Wechat QR code" style={{width: "100%"}} />
+                  </div>
+                ),
+                onOk() {
+                  window.clearInterval(t1);
+                },
+              });}
+            }
+          );
        };
        return (
          <a key={provider.displayName} >
-            <img width={width} height={width} src={getProviderLogoURL(provider)} alt={provider.displayName} style={{margin: margin}} onClick={info} />
+            <img width={width} height={width} src={getProviderLogoURL(provider)} alt={provider.displayName} className="provider-img" style={{margin: margin}} onClick={info} />
          </a>
        );
      } else {
        return (
          <a key={provider.displayName} href={Provider.getAuthUrl(application, provider, "signup")}>
-            <img width={width} height={width} src={getProviderLogoURL(provider)} alt={provider.displayName} style={{margin: margin}} />
+            <img width={width} height={width} src={getProviderLogoURL(provider)} alt={provider.displayName} className="provider-img" style={{margin: margin}} />
          </a>
        );
      }
    } else if (provider.category === "SAML") {
      return (
        <a key={provider.displayName} onClick={() => goToSamlUrl(provider, location)}>
-          <img width={width} height={width} src={getProviderLogoURL(provider)} alt={provider.displayName} style={{margin: margin}} />
+          <img width={width} height={width} src={getProviderLogoURL(provider)} alt={provider.displayName} className="provider-img" style={{margin: margin}} />
        </a>
      );
    } else if (provider.category === "Web3") {
      return (
        <a key={provider.displayName} onClick={() => goToWeb3Url(application, provider, "signup")}>
-          <img width={width} height={width} src={getProviderLogoURL(provider)} alt={provider.displayName} style={{margin: margin}} />
+          <img width={width} height={width} src={getProviderLogoURL(provider)} alt={provider.displayName} className="provider-img" style={{margin: margin}} />
        </a>
      );
    }
@ -183,7 +193,7 @@ export function renderProviderLogo(provider, application, width, margin, size, l
      return (
        <a key={provider.displayName} href={Provider.getAuthUrl(application, provider, "signup")} style={customAStyle}>
          <button style={customButtonStyle}>
-            <img width={26} src={getProviderLogoURL(provider)} alt={provider.displayName} style={customImgStyle} />
+            <img width={26} src={getProviderLogoURL(provider)} alt={provider.displayName} className="provider-img" style={customImgStyle} />
            <span style={customSpanStyle}>{text}</span>
          </button>
        </a>
@ -192,7 +202,7 @@ export function renderProviderLogo(provider, application, width, margin, size, l
      return (
        <a key={provider.displayName} onClick={() => goToSamlUrl(provider, location)} style={customAStyle}>
          <button style={customButtonStyle}>
-            <img width={26} src={getProviderLogoURL(provider)} alt={provider.displayName} style={customImgStyle} />
+            <img width={26} src={getProviderLogoURL(provider)} alt={provider.displayName} className="provider-img" style={customImgStyle} />
            <span style={customSpanStyle}>{text}</span>
          </button>
        </a>
@ -202,7 +212,7 @@ export function renderProviderLogo(provider, application, width, margin, size, l
    // big button, for disable password signin
    if (provider.category === "SAML") {
      return (
-        <div key={provider.displayName} style={{marginBottom: "10px"}}>
+        <div key={provider.displayName} className="provider-big-img">
          <a onClick={() => goToSamlUrl(provider, location)}>
            {
              getSigninButton(provider)
@ -212,7 +222,7 @@ export function renderProviderLogo(provider, application, width, margin, size, l
      );
    } else if (provider.category === "Web3") {
      return (
-        <div key={provider.displayName} style={{marginBottom: "10px"}}>
+        <div key={provider.displayName} className="provider-big-img">
          <a onClick={() => goToWeb3Url(application, provider, "signup")}>
            {
              getSigninButton(provider)
@ -222,7 +232,7 @@ export function renderProviderLogo(provider, application, width, margin, size, l
      );
    } else {
      return (
-        <div key={provider.displayName} style={{marginBottom: "10px"}}>
+        <div key={provider.displayName} className="provider-big-img">
          <a href={Provider.getAuthUrl(application, provider, "signup")}>
            {
              getSigninButton(provider)
--- a/web/src/auth/Util.js
+++ b/web/src/auth/Util.js
@ -188,11 +188,12 @@ export function getQueryParamsFromState(state) {
  }
 }

-export function getEvent(application, provider) {
-  getWechatMessageEvent()
+export function getEvent(application, provider, ticket) {
+  getWechatMessageEvent(ticket)
    .then(res => {
      if (res.data === "SCAN" || res.data === "subscribe") {
-        Setting.goToLink(Provider.getAuthUrl(application, provider, "signup"));
+        const code = res?.data2;
+        Setting.goToLink(Provider.getAuthUrl(application, provider, "signup", code));
      }
    });
 }
--- a/web/src/common/modal/AgreementModal.js
+++ b/web/src/common/modal/AgreementModal.js
@ -81,6 +81,7 @@ export function renderAgreementFormItem(application, required, layout, ths) {
      name="agreement"
      key="agreement"
      valuePropName="checked"
+      className="login-agreement"
      rules={[
        {
          required: required,
--- a/web/src/locales/ar/data.json
+++ b/web/src/locales/ar/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "When a logged-in session exists in Casdoor, it is automatically used for application-side login",
    "Background URL": "Background URL",
    "Background URL - Tooltip": "URL of the background image used in the login page",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Center",
    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
@ -34,6 +36,8 @@
    "Enable Email linking - Tooltip": "When using 3rd-party providers to log in, if there is a user in the organization with the same Email, the 3rd-party login method will be automatically associated with that user",
    "Enable SAML C14N10": "Enable SAML C14N10",
    "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
+    "Enable SAML POST binding": "Enable SAML POST binding",
+    "Enable SAML POST binding - Tooltip": "The HTTP POST binding uses input fields in a HTML form to send SAML messages, Enable when your SP use it",
    "Enable SAML compression": "Enable SAML compression",
    "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
    "Enable side panel": "Enable side panel",
@ -93,11 +97,14 @@
    "Sign Up Error": "Sign Up Error",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
    "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account",
    "Token expire": "Token expire",
@ -167,6 +174,7 @@
    "Adapter - Tooltip": "Table name of the policy store",
    "Adapters": "Adapters",
    "Add": "Add",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Affiliation URL",
    "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
@ -325,6 +333,7 @@
    "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
    "Signup application": "Signup application",
    "Signup application - Tooltip": "Which application the user registered through when they signed up",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Sorry, the page you visited does not exist.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Sorry, the user you visited does not exist or you are not authorized to access this user.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Sorry, you do not have permission to access this page or logged in status invalid.",
@ -429,6 +438,7 @@
  },
  "login": {
    "Auto sign in": "Auto sign in",
+    "Back button": "Back button",
    "Continue with": "Continue with",
    "Email": "Email",
    "Email or phone": "Email or phone",
@ -439,6 +449,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Loading",
    "Logging out...": "Logging out...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "No account?",
    "Or sign in with another account": "Or sign in with another account",
@ -723,11 +734,11 @@
    "Email content - Tooltip": "Content of the Email",
    "Email title": "Email title",
    "Email title - Tooltip": "Title of the email",
-    "Enable QR code": "Enable QR code",
-    "Enable QR code - Tooltip": "Whether to allow scanning QR code to login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "Email address of \"From\"",
    "From name": "From name",
@ -755,7 +766,7 @@
    "Parse metadata successfully": "Parse metadata successfully",
    "Path prefix": "Path prefix",
    "Path prefix - Tooltip": "Bucket path prefix for object storage",
-    "Please use WeChat and scan the QR code to sign in": "Please use WeChat and scan the QR code to sign in",
+    "Please use WeChat to scan the QR code and follow the official account for sign in": "Please use WeChat to scan the QR code and follow the official account for sign in",
    "Port": "Port",
    "Port - Tooltip": "Make sure the port is open",
    "Private Key": "Private Key",
@ -833,6 +844,10 @@
    "Token URL - Tooltip": "Token URL",
    "Type": "Type",
    "Type - Tooltip": "Select a type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
--- a/web/src/locales/de/data.json
+++ b/web/src/locales/de/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "Wenn eine angemeldete Session in Casdoor vorhanden ist, wird diese automatisch für die Anmeldung auf Anwendungsebene verwendet",
    "Background URL": "Background-URL",
    "Background URL - Tooltip": "URL des Hintergrundbildes, das auf der Anmeldeseite angezeigt wird",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Zentrum",
    "Copy SAML metadata URL": "SAML-Metadaten-URL kopieren",
    "Copy prompt page URL": "URL der Prompt-Seite kopieren",
@ -34,6 +36,8 @@
    "Enable Email linking - Tooltip": "Bei der Verwendung von Drittanbietern zur Anmeldung wird, wenn es in der Organisation einen Benutzer mit der gleichen E-Mail gibt, automatisch die Drittanbieter-Anmelde-Methode mit diesem Benutzer verbunden",
    "Enable SAML C14N10": "Enable SAML C14N10",
    "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
+    "Enable SAML POST binding": "Enable SAML POST binding",
+    "Enable SAML POST binding - Tooltip": "The HTTP POST binding uses input fields in a HTML form to send SAML messages, Enable when your SP use it",
    "Enable SAML compression": "Aktivieren Sie SAML-Komprimierung",
    "Enable SAML compression - Tooltip": "Ob SAML-Antwortnachrichten komprimiert werden sollen, wenn Casdoor als SAML-IdP verwendet wird",
    "Enable side panel": "Sidepanel aktivieren",
@ -93,11 +97,14 @@
    "Sign Up Error": "Registrierungsfehler",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Anmeldesession",
    "Signup items": "Registrierungs Items",
    "Signup items - Tooltip": "Items, die Benutzer ausfüllen müssen, wenn sie neue Konten registrieren",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "Die Anwendung erlaubt es nicht, ein neues Konto zu registrieren",
    "Token expire": "Token läuft ab",
@ -167,6 +174,7 @@
    "Adapter - Tooltip": "Tabellenname des Policy Stores",
    "Adapters": "Adapter",
    "Add": "Hinzufügen",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Zugehörigkeits-URL",
    "Affiliation URL - Tooltip": "Die Homepage-URL für die Zugehörigkeit",
@ -325,6 +333,7 @@
    "Signup URL - Tooltip": "Benutzerdefinierte URL für die Registrierungsseite. Wenn nicht festgelegt, wird die standardmäßige Casdoor-Registrierungsseite verwendet. Wenn sie festgelegt wird, werden die Registrierungslinks auf verschiedenen Casdoor-Seiten auf diese URL umgeleitet",
    "Signup application": "Anmeldeanwendung",
    "Signup application - Tooltip": "Durch welche Anwendung hat sich der Benutzer angemeldet, als er sich registriert hat?",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Entschuldigung, die von Ihnen besuchte Seite existiert nicht.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Entschuldigung, der von Ihnen besuchte Benutzer existiert nicht oder Sie sind nicht autorisiert, auf diesen Benutzer zuzugreifen.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Es tut uns leid, aber Sie haben keine Berechtigung, auf diese Seite zuzugreifen, oder Sie sind nicht angemeldet.",
@ -429,6 +438,7 @@
  },
  "login": {
    "Auto sign in": "Automatische Anmeldung",
+    "Back button": "Back button",
    "Continue with": "Weitermachen mit",
    "Email": "Email",
    "Email or phone": "E-Mail oder Telefon",
@ -439,6 +449,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Laden",
    "Logging out...": "Ausloggen...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "Kein Konto?",
    "Or sign in with another account": "Oder mit einem anderen Konto anmelden",
@ -723,11 +734,11 @@
    "Email content - Tooltip": "Inhalt der E-Mail",
    "Email title": "Email-Titel",
    "Email title - Tooltip": "Betreff der E-Mail",
-    "Enable QR code": "QR-Code aktivieren",
-    "Enable QR code - Tooltip": "Ob das Scannen von QR-Codes zum Einloggen aktiviert werden soll",
    "Endpoint": "Endpunkt",
    "Endpoint (Intranet)": "Endpunkt (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "From address - Tooltip",
    "From name": "From name",
@ -755,7 +766,7 @@
    "Parse metadata successfully": "Metadaten erfolgreich analysiert",
    "Path prefix": "Pfadpräfix",
    "Path prefix - Tooltip": "Bucket-Pfad-Präfix für Objektspeicher",
-    "Please use WeChat and scan the QR code to sign in": "Bitte verwenden Sie WeChat und scanne den QR-Code ein, um dich anzumelden",
+    "Please use WeChat to scan the QR code and follow the official account for sign in": "Please use WeChat to scan the QR code and follow the official account for sign in",
    "Port": "Hafen",
    "Port - Tooltip": "Stellen Sie sicher, dass der Port offen ist",
    "Private Key": "Private Key",
@ -833,6 +844,10 @@
    "Token URL - Tooltip": "Token-URL",
    "Type": "Typ",
    "Type - Tooltip": "Wählen Sie einen Typ aus",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
--- a/web/src/locales/en/data.json
+++ b/web/src/locales/en/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "When a logged-in session exists in Casdoor, it is automatically used for application-side login",
    "Background URL": "Background URL",
    "Background URL - Tooltip": "URL of the background image used in the login page",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Center",
    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
@ -34,10 +36,10 @@
    "Enable Email linking - Tooltip": "When using 3rd-party providers to log in, if there is a user in the organization with the same Email, the 3rd-party login method will be automatically associated with that user",
    "Enable SAML C14N10": "Enable SAML C14N10",
    "Enable SAML C14N10 - Tooltip": "Use C14N10 instead of C14N11 in SAML",
-    "Enable SAML compression": "Enable SAML compression",
-    "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
    "Enable SAML POST binding": "Enable SAML POST binding",
    "Enable SAML POST binding - Tooltip": "The HTTP POST binding uses input fields in a HTML form to send SAML messages, Enable when your SP use it",
+    "Enable SAML compression": "Enable SAML compression",
+    "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
    "Enable side panel": "Enable side panel",
    "Enable signin session - Tooltip": "Whether Casdoor maintains a session after logging into Casdoor from the application",
    "Enable signup": "Enable signup",
@ -95,11 +97,14 @@
    "Sign Up Error": "Sign Up Error",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Items for users to fill in when signing up",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
    "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account",
    "Token expire": "Token expire",
@ -169,6 +174,7 @@
    "Adapter - Tooltip": "Table name of the policy store",
    "Adapters": "Adapters",
    "Add": "Add",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Affiliation URL",
    "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
@ -327,6 +333,7 @@
    "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
    "Signup application": "Signup application",
    "Signup application - Tooltip": "Which application the user registered through when they signed up",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Sorry, the page you visited does not exist.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Sorry, the user you visited does not exist or you are not authorized to access this user.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Sorry, you do not have permission to access this page or logged in status invalid.",
@ -431,6 +438,7 @@
  },
  "login": {
    "Auto sign in": "Auto sign in",
+    "Back button": "Back button",
    "Continue with": "Continue with",
    "Email": "Email",
    "Email or phone": "Email or phone",
@ -441,6 +449,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Loading",
    "Logging out...": "Logging out...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "No account?",
    "Or sign in with another account": "Or sign in with another account",
@ -725,11 +734,11 @@
    "Email content - Tooltip": "Content of the Email",
    "Email title": "Email title",
    "Email title - Tooltip": "Title of the email",
-    "Enable QR code": "Enable QR code",
-    "Enable QR code - Tooltip": "Whether to allow scanning QR code to login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "Email address of \"From\"",
    "From name": "From name",
@ -757,7 +766,7 @@
    "Parse metadata successfully": "Parse metadata successfully",
    "Path prefix": "Path prefix",
    "Path prefix - Tooltip": "Bucket path prefix for object storage",
-    "Please use WeChat and scan the QR code to sign in": "Please use WeChat and scan the QR code to sign in",
+    "Please use WeChat to scan the QR code and follow the official account for sign in": "Please use WeChat to scan the QR code and follow the official account for sign in",
    "Port": "Port",
    "Port - Tooltip": "Make sure the port is open",
    "Private Key": "Private Key",
@ -835,6 +844,10 @@
    "Token URL - Tooltip": "Token URL",
    "Type": "Type",
    "Type - Tooltip": "Select a type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow",
    "User mapping": "User mapping",
--- a/web/src/locales/es/data.json
+++ b/web/src/locales/es/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "Cuando existe una sesión iniciada en Casdoor, se utiliza automáticamente para el inicio de sesión del lado de la aplicación",
    "Background URL": "URL de fondo",
    "Background URL - Tooltip": "URL de la imagen de fondo utilizada en la página de inicio de sesión",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Centro",
    "Copy SAML metadata URL": "Copia la URL de metadatos SAML",
    "Copy prompt page URL": "Copiar URL de la página del prompt",
@ -34,6 +36,8 @@
    "Enable Email linking - Tooltip": "Cuando se utilizan proveedores externos de inicio de sesión, si hay un usuario en la organización con el mismo correo electrónico, el método de inicio de sesión externo se asociará automáticamente con ese usuario",
    "Enable SAML C14N10": "Enable SAML C14N10",
    "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
+    "Enable SAML POST binding": "Enable SAML POST binding",
+    "Enable SAML POST binding - Tooltip": "The HTTP POST binding uses input fields in a HTML form to send SAML messages, Enable when your SP use it",
    "Enable SAML compression": "Activar la compresión SAML",
    "Enable SAML compression - Tooltip": "Si comprimir o no los mensajes de respuesta SAML cuando se utiliza Casdoor como proveedor de identidad SAML",
    "Enable side panel": "Habilitar panel lateral",
@ -93,11 +97,14 @@
    "Sign Up Error": "Error de registro",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Sesión de inicio de sesión",
    "Signup items": "Artículos de registro",
    "Signup items - Tooltip": "Elementos para que los usuarios los completen al registrar nuevas cuentas",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "La aplicación no permite registrarse una cuenta nueva",
    "Token expire": "Token expirado",
@ -167,6 +174,7 @@
    "Adapter - Tooltip": "Nombre de la tabla de la tienda de políticas",
    "Adapters": "Adaptadores",
    "Add": "Añadir",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "URL de afiliación",
    "Affiliation URL - Tooltip": "La URL de la página de inicio para la afiliación",
@ -325,6 +333,7 @@
    "Signup URL - Tooltip": "URL personalizado para la página de registro. Si no se establece, se usará la página de registro predeterminada de Casdoor. Cuando se establece, los enlaces de registro en varias páginas de Casdoor redirigirán a esta URL",
    "Signup application": "Solicitud de registro",
    "Signup application - Tooltip": "¿A través de qué aplicación se registró el usuario cuando se inscribió?",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Lo siento, la página que visitaste no existe.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Lo siento, el usuario que visitaste no existe o no estás autorizado a acceder a este usuario.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Lo siento, no tiene permiso para acceder a esta página o su estado de inicio de sesión es inválido.",
@ -429,6 +438,7 @@
  },
  "login": {
    "Auto sign in": "Inicio de sesión automático",
+    "Back button": "Back button",
    "Continue with": "Continúe con",
    "Email": "Email",
    "Email or phone": "Correo electrónico o teléfono",
@ -439,6 +449,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Cargando",
    "Logging out...": "Cerrando sesión...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "¿No tienes cuenta?",
    "Or sign in with another account": "O inicia sesión con otra cuenta",
@ -723,11 +734,11 @@
    "Email content - Tooltip": "Contenido del correo electrónico",
    "Email title": "Título del correo electrónico",
    "Email title - Tooltip": "Título del correo electrónico",
-    "Enable QR code": "Habilitar código QR",
-    "Enable QR code - Tooltip": "Si permitir el escaneo de códigos QR para acceder",
    "Endpoint": "Punto final",
    "Endpoint (Intranet)": "Punto final (intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "From address - Tooltip",
    "From name": "From name",
@ -755,7 +766,7 @@
    "Parse metadata successfully": "Analizar los metadatos con éxito",
    "Path prefix": "Prefijo de ruta",
    "Path prefix - Tooltip": "Prefijo de ruta de cubo para almacenamiento de objetos",
-    "Please use WeChat and scan the QR code to sign in": "Por favor, utiliza WeChat y escanea el código QR para iniciar sesión",
+    "Please use WeChat to scan the QR code and follow the official account for sign in": "Please use WeChat to scan the QR code and follow the official account for sign in",
    "Port": "Puerto",
    "Port - Tooltip": "Asegúrate de que el puerto esté abierto",
    "Private Key": "Private Key",
@ -833,6 +844,10 @@
    "Token URL - Tooltip": "URL de token",
    "Type": "Tipo",
    "Type - Tooltip": "Seleccionar un tipo",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
--- a/web/src/locales/fa/data.json
+++ b/web/src/locales/fa/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "When a logged-in session exists in Casdoor, it is automatically used for application-side login",
    "Background URL": "Background URL",
    "Background URL - Tooltip": "URL of the background image used in the login page",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Center",
    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
@ -34,6 +36,8 @@
    "Enable Email linking - Tooltip": "When using 3rd-party providers to log in, if there is a user in the organization with the same Email, the 3rd-party login method will be automatically associated with that user",
    "Enable SAML C14N10": "Enable SAML C14N10",
    "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
+    "Enable SAML POST binding": "Enable SAML POST binding",
+    "Enable SAML POST binding - Tooltip": "The HTTP POST binding uses input fields in a HTML form to send SAML messages, Enable when your SP use it",
    "Enable SAML compression": "Enable SAML compression",
    "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
    "Enable side panel": "Enable side panel",
@ -93,11 +97,14 @@
    "Sign Up Error": "Sign Up Error",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
    "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account",
    "Token expire": "Token expire",
@ -167,6 +174,7 @@
    "Adapter - Tooltip": "Table name of the policy store",
    "Adapters": "Adapters",
    "Add": "Add",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Affiliation URL",
    "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
@ -325,6 +333,7 @@
    "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
    "Signup application": "Signup application",
    "Signup application - Tooltip": "Which application the user registered through when they signed up",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Sorry, the page you visited does not exist.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Sorry, the user you visited does not exist or you are not authorized to access this user.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Sorry, you do not have permission to access this page or logged in status invalid.",
@ -429,6 +438,7 @@
  },
  "login": {
    "Auto sign in": "Auto sign in",
+    "Back button": "Back button",
    "Continue with": "Continue with",
    "Email": "Email",
    "Email or phone": "Email or phone",
@ -439,6 +449,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Loading",
    "Logging out...": "Logging out...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "No account?",
    "Or sign in with another account": "Or sign in with another account",
@ -723,11 +734,11 @@
    "Email content - Tooltip": "Content of the Email",
    "Email title": "Email title",
    "Email title - Tooltip": "Title of the email",
-    "Enable QR code": "Enable QR code",
-    "Enable QR code - Tooltip": "Whether to allow scanning QR code to login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "Email address of \"From\"",
    "From name": "From name",
@ -755,7 +766,7 @@
    "Parse metadata successfully": "Parse metadata successfully",
    "Path prefix": "Path prefix",
    "Path prefix - Tooltip": "Bucket path prefix for object storage",
-    "Please use WeChat and scan the QR code to sign in": "Please use WeChat and scan the QR code to sign in",
+    "Please use WeChat to scan the QR code and follow the official account for sign in": "Please use WeChat to scan the QR code and follow the official account for sign in",
    "Port": "Port",
    "Port - Tooltip": "Make sure the port is open",
    "Private Key": "Private Key",
@ -833,6 +844,10 @@
    "Token URL - Tooltip": "Token URL",
    "Type": "Type",
    "Type - Tooltip": "Select a type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
--- a/web/src/locales/fi/data.json
+++ b/web/src/locales/fi/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "When a logged-in session exists in Casdoor, it is automatically used for application-side login",
    "Background URL": "Background URL",
    "Background URL - Tooltip": "URL of the background image used in the login page",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Center",
    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
@ -34,6 +36,8 @@
    "Enable Email linking - Tooltip": "When using 3rd-party providers to log in, if there is a user in the organization with the same Email, the 3rd-party login method will be automatically associated with that user",
    "Enable SAML C14N10": "Enable SAML C14N10",
    "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
+    "Enable SAML POST binding": "Enable SAML POST binding",
+    "Enable SAML POST binding - Tooltip": "The HTTP POST binding uses input fields in a HTML form to send SAML messages, Enable when your SP use it",
    "Enable SAML compression": "Enable SAML compression",
    "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
    "Enable side panel": "Enable side panel",
@ -93,11 +97,14 @@
    "Sign Up Error": "Sign Up Error",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
    "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account",
    "Token expire": "Token expire",
@ -167,6 +174,7 @@
    "Adapter - Tooltip": "Table name of the policy store",
    "Adapters": "Adapters",
    "Add": "Add",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Affiliation URL",
    "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
@ -325,6 +333,7 @@
    "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
    "Signup application": "Signup application",
    "Signup application - Tooltip": "Which application the user registered through when they signed up",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Sorry, the page you visited does not exist.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Sorry, the user you visited does not exist or you are not authorized to access this user.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Sorry, you do not have permission to access this page or logged in status invalid.",
@ -429,6 +438,7 @@
  },
  "login": {
    "Auto sign in": "Auto sign in",
+    "Back button": "Back button",
    "Continue with": "Continue with",
    "Email": "Email",
    "Email or phone": "Email or phone",
@ -439,6 +449,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Loading",
    "Logging out...": "Logging out...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "No account?",
    "Or sign in with another account": "Or sign in with another account",
@ -723,11 +734,11 @@
    "Email content - Tooltip": "Content of the Email",
    "Email title": "Email title",
    "Email title - Tooltip": "Title of the email",
-    "Enable QR code": "Enable QR code",
-    "Enable QR code - Tooltip": "Whether to allow scanning QR code to login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "Email address of \"From\"",
    "From name": "From name",
@ -755,7 +766,7 @@
    "Parse metadata successfully": "Parse metadata successfully",
    "Path prefix": "Path prefix",
    "Path prefix - Tooltip": "Bucket path prefix for object storage",
-    "Please use WeChat and scan the QR code to sign in": "Please use WeChat and scan the QR code to sign in",
+    "Please use WeChat to scan the QR code and follow the official account for sign in": "Please use WeChat to scan the QR code and follow the official account for sign in",
    "Port": "Port",
    "Port - Tooltip": "Make sure the port is open",
    "Private Key": "Private Key",
@ -833,6 +844,10 @@
    "Token URL - Tooltip": "Token URL",
    "Type": "Type",
    "Type - Tooltip": "Select a type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
--- a/web/src/locales/fr/data.json
+++ b/web/src/locales/fr/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "Lorsqu'une session connectée existe dans Casdoor, elle est automatiquement utilisée pour la connexion côté application",
    "Background URL": "URL de fond",
    "Background URL - Tooltip": "L'URL de l'image d'arrière-plan utilisée sur la page de connexion",
+    "Big icon": "Big icon",
    "Binding providers": "Fournisseurs liés",
+    "CSS style": "CSS style",
    "Center": "Centré",
    "Copy SAML metadata URL": "Copiez l'URL de métadonnées SAML",
    "Copy prompt page URL": "Copier l'URL de la page de l'invite",
@ -34,6 +36,8 @@
    "Enable Email linking - Tooltip": "Lorsqu'un fournisseur tiers est utilisé pour se connecter, si un compte existe dans l'organisation avec la même adresse e-mail, la méthode de connexion tierce sera automatiquement associée à ce compte",
    "Enable SAML C14N10": "Enable SAML C14N10",
    "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
+    "Enable SAML POST binding": "Enable SAML POST binding",
+    "Enable SAML POST binding - Tooltip": "The HTTP POST binding uses input fields in a HTML form to send SAML messages, Enable when your SP use it",
    "Enable SAML compression": "Activer la compression SAML",
    "Enable SAML compression - Tooltip": "Compresser ou non les messages de réponse SAML lorsque Casdoor est utilisé en tant que fournisseur d'identité SAML",
    "Enable side panel": "Activer le panneau latéral",
@ -93,11 +97,14 @@
    "Sign Up Error": "Erreur d'inscription",
    "Signin": "Connexion",
    "Signin (Default True)": "Connexion (Vrai par défaut)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Session de connexion",
    "Signup items": "Champs d'inscription",
    "Signup items - Tooltip": "Champs à remplir lors de l'enregistrement de nouveaux comptes",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Seuls les comptes ayant leur étiquette listée dans les étiquettes de l'application peuvent se connecter",
    "The application does not allow to sign up new account": "L'application ne permet pas de créer un nouveau compte",
    "Token expire": "Expiration du jeton",
@ -167,6 +174,7 @@
    "Adapter - Tooltip": "Nom de la table du magasin de règle",
    "Adapters": "Adaptateurs",
    "Add": "Ajouter",
+    "Add custom item": "Add custom item",
    "Admin": "Administration",
    "Affiliation URL": "URL d'affiliation",
    "Affiliation URL - Tooltip": "URL du site web de l'affiliation",
@ -325,6 +333,7 @@
    "Signup URL - Tooltip": "URL personnalisée pour la page d'inscription. Si elle n'est pas définie, la page d'inscription par défaut de Casdoor utilisée. Lorsqu'elle est définie, les liens d'inscription sur les différentes pages de Casdoor redirigeront vers cette URL",
    "Signup application": "Application d'inscription",
    "Signup application - Tooltip": "L'application utilisée lors de la création du compte",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Désolé, la page que vous avez visitée n'existe pas.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Désolé, le compte que vous avez visité n'existe pas ou vous n'êtes pas autorisé à accéder à ce compte.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Désolé, vous n'avez pas la permission d'accéder à cette page ou votre statut de connexion est invalide.",
@ -429,6 +438,7 @@
  },
  "login": {
    "Auto sign in": "Connexion automatique",
+    "Back button": "Back button",
    "Continue with": "Continuer avec",
    "Email": "Email",
    "Email or phone": "Email ou téléphone",
@ -439,6 +449,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Chargement",
    "Logging out...": "Déconnexion...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "Le plugin MetaMask n'a pas été détecté",
    "No account?": "Pas de compte ?",
    "Or sign in with another account": "Ou connectez-vous avec un autre compte",
@ -723,11 +734,11 @@
    "Email content - Tooltip": "Contenu de l'e-mail",
    "Email title": "Titre de l'email",
    "Email title - Tooltip": "Titre de l'email",
-    "Enable QR code": "Activer le code QR",
-    "Enable QR code - Tooltip": "Permettre de scanner un QR code pour se connecter",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (intranet)",
    "Endpoint - Tooltip": "Endpoint - Infobulle",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "Adresse de l'expéditeur",
    "From address - Tooltip": "L'adresse e-mail affichée comme expéditeur dans les e-mails envoyés",
    "From name": "Nom de l'expéditeur",
@ -755,7 +766,7 @@
    "Parse metadata successfully": "Parcourir les métadonnées avec succès",
    "Path prefix": "Préfixe de chemin",
    "Path prefix - Tooltip": "Préfixe de chemin de seau pour le stockage d'objet",
-    "Please use WeChat and scan the QR code to sign in": "Veuillez utiliser WeChat et scanner le code QR pour vous connecter",
+    "Please use WeChat to scan the QR code and follow the official account for sign in": "Please use WeChat to scan the QR code and follow the official account for sign in",
    "Port": "Port",
    "Port - Tooltip": "Assurez-vous que le port est ouvert",
    "Private Key": "Clé privée",
@ -833,6 +844,10 @@
    "Token URL - Tooltip": "URL de jeton",
    "Type": "Type de texte",
    "Type - Tooltip": "Sélectionnez un type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "Association de compte",
--- a/web/src/locales/he/data.json
+++ b/web/src/locales/he/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "When a logged-in session exists in Casdoor, it is automatically used for application-side login",
    "Background URL": "Background URL",
    "Background URL - Tooltip": "URL of the background image used in the login page",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Center",
    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
@ -34,6 +36,8 @@
    "Enable Email linking - Tooltip": "When using 3rd-party providers to log in, if there is a user in the organization with the same Email, the 3rd-party login method will be automatically associated with that user",
    "Enable SAML C14N10": "Enable SAML C14N10",
    "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
+    "Enable SAML POST binding": "Enable SAML POST binding",
+    "Enable SAML POST binding - Tooltip": "The HTTP POST binding uses input fields in a HTML form to send SAML messages, Enable when your SP use it",
    "Enable SAML compression": "Enable SAML compression",
    "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
    "Enable side panel": "Enable side panel",
@ -93,11 +97,14 @@
    "Sign Up Error": "Sign Up Error",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
    "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account",
    "Token expire": "Token expire",
@ -167,6 +174,7 @@
    "Adapter - Tooltip": "Table name of the policy store",
    "Adapters": "Adapters",
    "Add": "Add",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Affiliation URL",
    "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
@ -325,6 +333,7 @@
    "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
    "Signup application": "Signup application",
    "Signup application - Tooltip": "Which application the user registered through when they signed up",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Sorry, the page you visited does not exist.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Sorry, the user you visited does not exist or you are not authorized to access this user.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Sorry, you do not have permission to access this page or logged in status invalid.",
@ -429,6 +438,7 @@
  },
  "login": {
    "Auto sign in": "Auto sign in",
+    "Back button": "Back button",
    "Continue with": "Continue with",
    "Email": "Email",
    "Email or phone": "Email or phone",
@ -439,6 +449,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Loading",
    "Logging out...": "Logging out...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "No account?",
    "Or sign in with another account": "Or sign in with another account",
@ -723,11 +734,11 @@
    "Email content - Tooltip": "Content of the Email",
    "Email title": "Email title",
    "Email title - Tooltip": "Title of the email",
-    "Enable QR code": "Enable QR code",
-    "Enable QR code - Tooltip": "Whether to allow scanning QR code to login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "Email address of \"From\"",
    "From name": "From name",
@ -755,7 +766,7 @@
    "Parse metadata successfully": "Parse metadata successfully",
    "Path prefix": "Path prefix",
    "Path prefix - Tooltip": "Bucket path prefix for object storage",
-    "Please use WeChat and scan the QR code to sign in": "Please use WeChat and scan the QR code to sign in",
+    "Please use WeChat to scan the QR code and follow the official account for sign in": "Please use WeChat to scan the QR code and follow the official account for sign in",
    "Port": "Port",
    "Port - Tooltip": "Make sure the port is open",
    "Private Key": "Private Key",
@ -833,6 +844,10 @@
    "Token URL - Tooltip": "Token URL",
    "Type": "Type",
    "Type - Tooltip": "Select a type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
--- a/web/src/locales/id/data.json
+++ b/web/src/locales/id/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "Ketika sesi masuk yang terdaftar ada di Casdoor, secara otomatis digunakan untuk masuk ke sisi aplikasi",
    "Background URL": "URL latar belakang",
    "Background URL - Tooltip": "URL dari gambar latar belakang yang digunakan di halaman login",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "pusat",
    "Copy SAML metadata URL": "Salin URL metadata SAML",
    "Copy prompt page URL": "Salin URL halaman prompt",
@ -34,6 +36,8 @@
    "Enable Email linking - Tooltip": "Ketika menggunakan penyedia layanan pihak ketiga untuk masuk, jika ada pengguna di organisasi dengan email yang sama, metode login pihak ketiga akan secara otomatis terhubung dengan pengguna tersebut",
    "Enable SAML C14N10": "Enable SAML C14N10",
    "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
+    "Enable SAML POST binding": "Enable SAML POST binding",
+    "Enable SAML POST binding - Tooltip": "The HTTP POST binding uses input fields in a HTML form to send SAML messages, Enable when your SP use it",
    "Enable SAML compression": "Aktifkan kompresi SAML",
    "Enable SAML compression - Tooltip": "Apakah pesan respons SAML harus dikompres saat Casdoor digunakan sebagai SAML idp?",
    "Enable side panel": "Aktifkan panel samping",
@ -93,11 +97,14 @@
    "Sign Up Error": "Kesalahan Pendaftaran",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Sesi masuk",
    "Signup items": "Item pendaftaran",
    "Signup items - Tooltip": "Item-item yang harus diisi pengguna saat mendaftar untuk akun baru",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "Aplikasi tidak memperbolehkan untuk mendaftar akun baru",
    "Token expire": "Token kadaluarsa",
@ -167,6 +174,7 @@
    "Adapter - Tooltip": "Nama tabel dari penyimpanan kebijakan",
    "Adapters": "Adaptor",
    "Add": "Tambahkan",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "URL Afiliasi",
    "Affiliation URL - Tooltip": "URL halaman depan untuk afiliasi",
@ -325,6 +333,7 @@
    "Signup URL - Tooltip": "URL kustom untuk halaman pendaftaran. Jika tidak diatur, halaman pendaftaran Casdoor default akan digunakan. Ketika diatur, tautan pendaftaran pada berbagai halaman Casdoor akan dialihkan ke URL ini",
    "Signup application": "Pendaftaran aplikasi",
    "Signup application - Tooltip": "Melalui aplikasi mana pengguna mendaftar saat mereka mendaftar",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Maaf, halaman yang Anda kunjungi tidak ada.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Maaf, pengguna yang Anda kunjungi tidak ada atau Anda tidak diizinkan untuk mengakses pengguna ini.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Maaf, Anda tidak memiliki izin untuk mengakses halaman ini atau status masuk tidak valid.",
@ -429,6 +438,7 @@
  },
  "login": {
    "Auto sign in": "Masuk otomatis",
+    "Back button": "Back button",
    "Continue with": "Lanjutkan dengan",
    "Email": "Email",
    "Email or phone": "Email atau telepon",
@ -439,6 +449,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Memuat",
    "Logging out...": "Keluar...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "Tidak memiliki akun?",
    "Or sign in with another account": "Atau masuk dengan akun lain",
@ -723,11 +734,11 @@
    "Email content - Tooltip": "Isi Email",
    "Email title": "Judul Email",
    "Email title - Tooltip": "Judul email",
-    "Enable QR code": "Aktifkan kode QR",
-    "Enable QR code - Tooltip": "Apakah diizinkan untuk memindai kode QR untuk masuk?",
    "Endpoint": "Titik akhir",
    "Endpoint (Intranet)": "Titik Akhir (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "From address - Tooltip",
    "From name": "From name",
@ -755,7 +766,7 @@
    "Parse metadata successfully": "Berhasil mem-parse metadata",
    "Path prefix": "Awalan jalur",
    "Path prefix - Tooltip": "Awalan path ember untuk penyimpanan objek dalam bucket",
-    "Please use WeChat and scan the QR code to sign in": "Silakan gunakan WeChat dan pindai kode QR untuk masuk",
+    "Please use WeChat to scan the QR code and follow the official account for sign in": "Please use WeChat to scan the QR code and follow the official account for sign in",
    "Port": "Pelabuhan",
    "Port - Tooltip": "Pastikan port terbuka",
    "Private Key": "Private Key",
@ -833,6 +844,10 @@
    "Token URL - Tooltip": "Token URL: URL Token",
    "Type": "Jenis",
    "Type - Tooltip": "Pilih tipe",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
--- a/web/src/locales/it/data.json
+++ b/web/src/locales/it/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "Quando una sessione esiste in Casdoor, viene utilizzata automaticamente per il login lato applicazione",
    "Background URL": "Background URL",
    "Background URL - Tooltip": "URL of the background image used in the login page",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Center",
    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
@ -34,6 +36,8 @@
    "Enable Email linking - Tooltip": "When using 3rd-party providers to log in, if there is a user in the organization with the same Email, the 3rd-party login method will be automatically associated with that user",
    "Enable SAML C14N10": "Enable SAML C14N10",
    "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
+    "Enable SAML POST binding": "Enable SAML POST binding",
+    "Enable SAML POST binding - Tooltip": "The HTTP POST binding uses input fields in a HTML form to send SAML messages, Enable when your SP use it",
    "Enable SAML compression": "Enable SAML compression",
    "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
    "Enable side panel": "Enable side panel",
@ -93,11 +97,14 @@
    "Sign Up Error": "Sign Up Error",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
    "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account",
    "Token expire": "Token expire",
@ -167,6 +174,7 @@
    "Adapter - Tooltip": "Table name of the policy store",
    "Adapters": "Adapters",
    "Add": "Add",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Affiliation URL",
    "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
@ -325,6 +333,7 @@
    "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
    "Signup application": "Signup application",
    "Signup application - Tooltip": "Which application the user registered through when they signed up",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Sorry, the page you visited does not exist.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Sorry, the user you visited does not exist or you are not authorized to access this user.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Sorry, you do not have permission to access this page or logged in status invalid.",
@ -429,6 +438,7 @@
  },
  "login": {
    "Auto sign in": "Auto sign in",
+    "Back button": "Back button",
    "Continue with": "Continue with",
    "Email": "Email",
    "Email or phone": "Email or phone",
@ -439,6 +449,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Loading",
    "Logging out...": "Logging out...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "No account?",
    "Or sign in with another account": "Or sign in with another account",
@ -723,11 +734,11 @@
    "Email content - Tooltip": "Content of the Email",
    "Email title": "Email title",
    "Email title - Tooltip": "Title of the email",
-    "Enable QR code": "Enable QR code",
-    "Enable QR code - Tooltip": "Whether to allow scanning QR code to login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "Email address of \"From\"",
    "From name": "From name",
@ -755,7 +766,7 @@
    "Parse metadata successfully": "Parse metadata successfully",
    "Path prefix": "Path prefix",
    "Path prefix - Tooltip": "Bucket path prefix for object storage",
-    "Please use WeChat and scan the QR code to sign in": "Please use WeChat and scan the QR code to sign in",
+    "Please use WeChat to scan the QR code and follow the official account for sign in": "Please use WeChat to scan the QR code and follow the official account for sign in",
    "Port": "Port",
    "Port - Tooltip": "Make sure the port is open",
    "Private Key": "Private Key",
@ -833,6 +844,10 @@
    "Token URL - Tooltip": "Token URL",
    "Type": "Type",
    "Type - Tooltip": "Select a type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
--- a/web/src/locales/ja/data.json
+++ b/web/src/locales/ja/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "Casdoorにログインセッションが存在する場合、アプリケーション側のログインに自動的に使用されます",
    "Background URL": "背景URL",
    "Background URL - Tooltip": "ログインページで使用される背景画像のURL",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "センター",
    "Copy SAML metadata URL": "SAMLメタデータのURLをコピーしてください",
    "Copy prompt page URL": "プロンプトページのURLをコピーしてください",
@ -34,6 +36,8 @@
    "Enable Email linking - Tooltip": "組織内に同じメールアドレスを持つユーザーがいる場合、サードパーティのログイン方法は自動的にそのユーザーに関連付けられます",
    "Enable SAML C14N10": "Enable SAML C14N10",
    "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
+    "Enable SAML POST binding": "Enable SAML POST binding",
+    "Enable SAML POST binding - Tooltip": "The HTTP POST binding uses input fields in a HTML form to send SAML messages, Enable when your SP use it",
    "Enable SAML compression": "SAMLの圧縮を有効にする",
    "Enable SAML compression - Tooltip": "CasdoorをSAML IdPとして使用する場合、SAMLレスポンスメッセージを圧縮するかどうか。圧縮する: 圧縮するかどうか。圧縮しない: 圧縮しないかどうか",
    "Enable side panel": "サイドパネルを有効にする",
@ -93,11 +97,14 @@
    "Sign Up Error": "サインアップエラー",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "サインインセッション",
    "Signup items": "サインアップアイテム",
    "Signup items - Tooltip": "新しいアカウントを登録する際にユーザーが入力するアイテム",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "アプリケーションでは新しいアカウントの登録ができません",
    "Token expire": "トークンの有効期限が切れました",
@ -167,6 +174,7 @@
    "Adapter - Tooltip": "ポリシー・ストアのテーブル名",
    "Adapters": "アダプター",
    "Add": "追加",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "所属するURL",
    "Affiliation URL - Tooltip": "所属先のホームページURL",
@ -325,6 +333,7 @@
    "Signup URL - Tooltip": "登録ページのカスタムURL。設定されていない場合、デフォルトのCasdoor登録ページが使用されます。設定された場合、Casdoorのさまざまなページの登録リンクはこのURLにリダイレクトされます",
    "Signup application": "サインアップ申請書",
    "Signup application - Tooltip": "ユーザーが登録した際に、どのアプリケーションを使用しましたか？",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "申し訳ありませんが、ご訪問いただいたページは存在しません。",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "すみません、あなたが訪問したユーザーは存在しないか、またはそのユーザーにアクセスする権限がありません。",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "申し訳ありませんが、このページにアクセスする権限がありません、またはログイン状態が無効です。",
@ -429,6 +438,7 @@
  },
  "login": {
    "Auto sign in": "自動サインイン",
+    "Back button": "Back button",
    "Continue with": "続ける",
    "Email": "Email",
    "Email or phone": "メールまたは電話",
@ -439,6 +449,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "ローディング",
    "Logging out...": "ログアウト中...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "アカウントがありませんか？",
    "Or sign in with another account": "別のアカウントでサインインする",
@ -723,11 +734,11 @@
    "Email content - Tooltip": "メールの内容",
    "Email title": "電子メールのタイトル",
    "Email title - Tooltip": "メールのタイトル",
-    "Enable QR code": "QRコードを有効にする",
-    "Enable QR code - Tooltip": "ログインするためにQRコードをスキャンすることを許可するかどうか",
    "Endpoint": "エンドポイント",
    "Endpoint (Intranet)": "エンドポイント（イントラネット）",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "From address - Tooltip",
    "From name": "From name",
@ -755,7 +766,7 @@
    "Parse metadata successfully": "メタデータを正常に解析しました",
    "Path prefix": "パスプレフィックス",
    "Path prefix - Tooltip": "オブジェクトストレージのバケットパスプレフィックス",
-    "Please use WeChat and scan the QR code to sign in": "WeChatを使用し、QRコードをスキャンしてサインインしてください",
+    "Please use WeChat to scan the QR code and follow the official account for sign in": "Please use WeChat to scan the QR code and follow the official account for sign in",
    "Port": "ポート",
    "Port - Tooltip": "ポートが開いていることを確認してください",
    "Private Key": "Private Key",
@ -833,6 +844,10 @@
    "Token URL - Tooltip": "トークンURL",
    "Type": "タイプ",
    "Type - Tooltip": "タイプを選択してください",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
--- a/web/src/locales/kk/data.json
+++ b/web/src/locales/kk/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "When a logged-in session exists in Casdoor, it is automatically used for application-side login",
    "Background URL": "Background URL",
    "Background URL - Tooltip": "URL of the background image used in the login page",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Center",
    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
@ -34,6 +36,8 @@
    "Enable Email linking - Tooltip": "When using 3rd-party providers to log in, if there is a user in the organization with the same Email, the 3rd-party login method will be automatically associated with that user",
    "Enable SAML C14N10": "Enable SAML C14N10",
    "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
+    "Enable SAML POST binding": "Enable SAML POST binding",
+    "Enable SAML POST binding - Tooltip": "The HTTP POST binding uses input fields in a HTML form to send SAML messages, Enable when your SP use it",
    "Enable SAML compression": "Enable SAML compression",
    "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
    "Enable side panel": "Enable side panel",
@ -93,11 +97,14 @@
    "Sign Up Error": "Sign Up Error",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
    "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account",
    "Token expire": "Token expire",
@ -167,6 +174,7 @@
    "Adapter - Tooltip": "Table name of the policy store",
    "Adapters": "Adapters",
    "Add": "Add",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Affiliation URL",
    "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
@ -325,6 +333,7 @@
    "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
    "Signup application": "Signup application",
    "Signup application - Tooltip": "Which application the user registered through when they signed up",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Sorry, the page you visited does not exist.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Sorry, the user you visited does not exist or you are not authorized to access this user.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Sorry, you do not have permission to access this page or logged in status invalid.",
@ -429,6 +438,7 @@
  },
  "login": {
    "Auto sign in": "Auto sign in",
+    "Back button": "Back button",
    "Continue with": "Continue with",
    "Email": "Email",
    "Email or phone": "Email or phone",
@ -439,6 +449,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Loading",
    "Logging out...": "Logging out...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "No account?",
    "Or sign in with another account": "Or sign in with another account",
@ -723,11 +734,11 @@
    "Email content - Tooltip": "Content of the Email",
    "Email title": "Email title",
    "Email title - Tooltip": "Title of the email",
-    "Enable QR code": "Enable QR code",
-    "Enable QR code - Tooltip": "Whether to allow scanning QR code to login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "Email address of \"From\"",
    "From name": "From name",
@ -755,7 +766,7 @@
    "Parse metadata successfully": "Parse metadata successfully",
    "Path prefix": "Path prefix",
    "Path prefix - Tooltip": "Bucket path prefix for object storage",
-    "Please use WeChat and scan the QR code to sign in": "Please use WeChat and scan the QR code to sign in",
+    "Please use WeChat to scan the QR code and follow the official account for sign in": "Please use WeChat to scan the QR code and follow the official account for sign in",
    "Port": "Port",
    "Port - Tooltip": "Make sure the port is open",
    "Private Key": "Private Key",
@ -833,6 +844,10 @@
    "Token URL - Tooltip": "Token URL",
    "Type": "Type",
    "Type - Tooltip": "Select a type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
--- a/web/src/locales/ko/data.json
+++ b/web/src/locales/ko/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "카스도어에 로그인된 세션이 존재할 때, 애플리케이션 쪽 로그인에 자동으로 사용됩니다",
    "Background URL": "배경 URL",
    "Background URL - Tooltip": "로그인 페이지에서 사용된 배경 이미지의 URL",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "중앙",
    "Copy SAML metadata URL": "SAML 메타데이터 URL 복사",
    "Copy prompt page URL": "프롬프트 페이지 URL을 복사하세요",
@ -34,6 +36,8 @@
    "Enable Email linking - Tooltip": "3rd-party 로그인 공급자를 사용할 때, 만약 조직 내에 동일한 이메일을 사용하는 사용자가 있다면, 3rd-party 로그인 방법은 자동으로 해당 사용자와 연동됩니다",
    "Enable SAML C14N10": "Enable SAML C14N10",
    "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
+    "Enable SAML POST binding": "Enable SAML POST binding",
+    "Enable SAML POST binding - Tooltip": "The HTTP POST binding uses input fields in a HTML form to send SAML messages, Enable when your SP use it",
    "Enable SAML compression": "SAML 압축 사용 가능하게 설정하기",
    "Enable SAML compression - Tooltip": "카스도어가 SAML idp로 사용될 때 SAML 응답 메시지를 압축할 것인지 여부",
    "Enable side panel": "측면 패널 활성화",
@ -93,11 +97,14 @@
    "Sign Up Error": "가입 오류",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "로그인 세션",
    "Signup items": "가입 항목",
    "Signup items - Tooltip": "새로운 계정 등록시 사용자가 작성해야하는 항목들",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "이 어플리케이션은 새 계정 등록을 허용하지 않습니다",
    "Token expire": "토큰 만료",
@ -167,6 +174,7 @@
    "Adapter - Tooltip": "정책 저장소의 테이블 이름",
    "Adapters": "어댑터",
    "Add": "추가하다",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "소속 URL",
    "Affiliation URL - Tooltip": "소속 홈페이지 URL",
@ -233,7 +241,7 @@
    "Found some texts still not translated? Please help us translate at": "아직 번역되지 않은 텍스트가 있나요? 번역에 도움을 주실 수 있나요?",
    "Go to enable": "Go to enable",
    "Go to writable demo site?": "쓰기 가능한 데모 사이트로 이동하시겠습니까?",
-    "Groups": "Groups",
+    "Groups": "그룹",
    "Groups - Tooltip": "Groups - Tooltip",
    "Home": "집",
    "Home - Tooltip": "어플리케이션 홈 페이지",
@ -270,9 +278,9 @@
    "None": "None",
    "OAuth providers": "OAuth 공급자",
    "OK": "예",
-    "Organization": "조직화",
+    "Organization": "조직",
    "Organization - Tooltip": "각 사용자와 애플리케이션은 테넌트나 사용자 풀과 유사한 개념으로, 조직에 속합니다",
-    "Organizations": "조직들",
+    "Organizations": "조직",
    "Password": "비밀번호",
    "Password - Tooltip": "비밀번호가 올바른지 확인하세요",
    "Password complexity options": "Password complexity options",
@ -325,6 +333,7 @@
    "Signup URL - Tooltip": "등록 페이지를 위한 사용자 정의 URL입니다. 설정되지 않은 경우 기본 Casdoor 등록 페이지가 사용됩니다. 설정하면 Casdoor의 다양한 페이지에서 등록 링크가 이 URL로 리디렉션됩니다",
    "Signup application": "가입 양식",
    "Signup application - Tooltip": "사용자가 가입할 때 등록한 어플리케이션은 무엇인가요?",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "죄송합니다. 방문하신 페이지는 존재하지 않습니다.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "죄송합니다. 방문하신 사용자가 존재하지 않거나 사용자에게 접근할 권한이 없습니다.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "죄송합니다. 이 페이지에 접근할 권한이 없거나 로그인 상태가 유효하지 않습니다.",
@ -361,7 +370,7 @@
    "User containers": "사용자 풀",
    "User type": "사용자 유형",
    "User type - Tooltip": "사용자가 속한 태그는 기본적으로 \"보통 사용자\"로 설정됩니다",
-    "Users": "사용자들",
+    "Users": "사용자",
    "Users under all organizations": "모든 조직의 사용자",
    "Webhooks": "Webhooks",
    "You can only select one physical group": "You can only select one physical group",
@ -429,6 +438,7 @@
  },
  "login": {
    "Auto sign in": "자동 로그인",
+    "Back button": "Back button",
    "Continue with": "계속하다",
    "Email": "Email",
    "Email or phone": "이메일 또는 전화",
@ -439,6 +449,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "로딩 중입니다",
    "Logging out...": "로그아웃 중...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "계정이 없나요?",
    "Or sign in with another account": "다른 계정으로 로그인하세요",
@ -523,7 +534,7 @@
    "Is profile public - Tooltip": "닫힌 후에는 전역 관리자 또는 동일한 조직의 사용자만 사용자 프로필 페이지에 액세스할 수 있습니다",
    "Modify rule": "규칙 수정",
    "New Organization": "새로운 조직",
-    "Optional": "Optional",
+    "Optional": "선택사항",
    "Prompt": "Prompt",
    "Required": "Required",
    "Soft deletion": "소프트 삭제",
@ -723,11 +734,11 @@
    "Email content - Tooltip": "이메일 내용",
    "Email title": "이메일 제목",
    "Email title - Tooltip": "이메일 제목",
-    "Enable QR code": "QR 코드 활성화",
-    "Enable QR code - Tooltip": "QR 코드를 스캔해서 로그인할 수 있는지 여부",
    "Endpoint": "엔드포인트",
    "Endpoint (Intranet)": "엔드포인트 (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "From address - Tooltip",
    "From name": "From name",
@ -755,7 +766,7 @@
    "Parse metadata successfully": "메타데이터를 성공적으로 분석했습니다",
    "Path prefix": "경로 접두어",
    "Path prefix - Tooltip": "객체 저장소에 대한 버킷 경로 접두어",
-    "Please use WeChat and scan the QR code to sign in": "WeChat를 사용하시고 QR 코드를 스캔하여 로그인해주세요",
+    "Please use WeChat to scan the QR code and follow the official account for sign in": "Please use WeChat to scan the QR code and follow the official account for sign in",
    "Port": "포트",
    "Port - Tooltip": "포트가 열려 있는지 확인하세요",
    "Private Key": "Private Key",
@ -833,6 +844,10 @@
    "Token URL - Tooltip": "토큰 URL",
    "Type": "타입",
    "Type - Tooltip": "유형을 선택하세요",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
@ -856,7 +871,7 @@
    "New Role": "새로운 역할",
    "Sub domains": "하위 도메인",
    "Sub domains - Tooltip": "현재 역할에 포함된 도메인",
-    "Sub groups": "Sub groups",
+    "Sub groups": "하위 그룹",
    "Sub groups - Tooltip": "Sub groups - Tooltip",
    "Sub roles": "서브 역할",
    "Sub roles - Tooltip": "현재 역할에 포함된 역할",
--- a/web/src/locales/ms/data.json
+++ b/web/src/locales/ms/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "When a logged-in session exists in Casdoor, it is automatically used for application-side login",
    "Background URL": "Background URL",
    "Background URL - Tooltip": "URL of the background image used in the login page",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Center",
    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
@ -34,6 +36,8 @@
    "Enable Email linking - Tooltip": "When using 3rd-party providers to log in, if there is a user in the organization with the same Email, the 3rd-party login method will be automatically associated with that user",
    "Enable SAML C14N10": "Enable SAML C14N10",
    "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
+    "Enable SAML POST binding": "Enable SAML POST binding",
+    "Enable SAML POST binding - Tooltip": "The HTTP POST binding uses input fields in a HTML form to send SAML messages, Enable when your SP use it",
    "Enable SAML compression": "Enable SAML compression",
    "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
    "Enable side panel": "Enable side panel",
@ -93,11 +97,14 @@
    "Sign Up Error": "Sign Up Error",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
    "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account",
    "Token expire": "Token expire",
@ -167,6 +174,7 @@
    "Adapter - Tooltip": "Table name of the policy store",
    "Adapters": "Adapters",
    "Add": "Add",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Affiliation URL",
    "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
@ -325,6 +333,7 @@
    "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
    "Signup application": "Signup application",
    "Signup application - Tooltip": "Which application the user registered through when they signed up",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Sorry, the page you visited does not exist.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Sorry, the user you visited does not exist or you are not authorized to access this user.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Sorry, you do not have permission to access this page or logged in status invalid.",
@ -429,6 +438,7 @@
  },
  "login": {
    "Auto sign in": "Auto sign in",
+    "Back button": "Back button",
    "Continue with": "Continue with",
    "Email": "Email",
    "Email or phone": "Email or phone",
@ -439,6 +449,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Loading",
    "Logging out...": "Logging out...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "No account?",
    "Or sign in with another account": "Or sign in with another account",
@ -723,11 +734,11 @@
    "Email content - Tooltip": "Content of the Email",
    "Email title": "Email title",
    "Email title - Tooltip": "Title of the email",
-    "Enable QR code": "Enable QR code",
-    "Enable QR code - Tooltip": "Whether to allow scanning QR code to login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "Email address of \"From\"",
    "From name": "From name",
@ -755,7 +766,7 @@
    "Parse metadata successfully": "Parse metadata successfully",
    "Path prefix": "Path prefix",
    "Path prefix - Tooltip": "Bucket path prefix for object storage",
-    "Please use WeChat and scan the QR code to sign in": "Please use WeChat and scan the QR code to sign in",
+    "Please use WeChat to scan the QR code and follow the official account for sign in": "Please use WeChat to scan the QR code and follow the official account for sign in",
    "Port": "Port",
    "Port - Tooltip": "Make sure the port is open",
    "Private Key": "Private Key",
@ -833,6 +844,10 @@
    "Token URL - Tooltip": "Token URL",
    "Type": "Type",
    "Type - Tooltip": "Select a type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
--- a/web/src/locales/nl/data.json
+++ b/web/src/locales/nl/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "When a logged-in session exists in Casdoor, it is automatically used for application-side login",
    "Background URL": "Background URL",
    "Background URL - Tooltip": "URL of the background image used in the login page",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Center",
    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
@ -34,6 +36,8 @@
    "Enable Email linking - Tooltip": "When using 3rd-party providers to log in, if there is a user in the organization with the same Email, the 3rd-party login method will be automatically associated with that user",
    "Enable SAML C14N10": "Enable SAML C14N10",
    "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
+    "Enable SAML POST binding": "Enable SAML POST binding",
+    "Enable SAML POST binding - Tooltip": "The HTTP POST binding uses input fields in a HTML form to send SAML messages, Enable when your SP use it",
    "Enable SAML compression": "Enable SAML compression",
    "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
    "Enable side panel": "Enable side panel",
@ -93,11 +97,14 @@
    "Sign Up Error": "Sign Up Error",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
    "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account",
    "Token expire": "Token expire",
@ -167,6 +174,7 @@
    "Adapter - Tooltip": "Table name of the policy store",
    "Adapters": "Adapters",
    "Add": "Add",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Affiliation URL",
    "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
@ -325,6 +333,7 @@
    "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
    "Signup application": "Signup application",
    "Signup application - Tooltip": "Which application the user registered through when they signed up",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Sorry, the page you visited does not exist.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Sorry, the user you visited does not exist or you are not authorized to access this user.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Sorry, you do not have permission to access this page or logged in status invalid.",
@ -429,6 +438,7 @@
  },
  "login": {
    "Auto sign in": "Auto sign in",
+    "Back button": "Back button",
    "Continue with": "Continue with",
    "Email": "Email",
    "Email or phone": "Email or phone",
@ -439,6 +449,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Loading",
    "Logging out...": "Logging out...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "No account?",
    "Or sign in with another account": "Or sign in with another account",
@ -723,11 +734,11 @@
    "Email content - Tooltip": "Content of the Email",
    "Email title": "Email title",
    "Email title - Tooltip": "Title of the email",
-    "Enable QR code": "Enable QR code",
-    "Enable QR code - Tooltip": "Whether to allow scanning QR code to login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "Email address of \"From\"",
    "From name": "From name",
@ -755,7 +766,7 @@
    "Parse metadata successfully": "Parse metadata successfully",
    "Path prefix": "Path prefix",
    "Path prefix - Tooltip": "Bucket path prefix for object storage",
-    "Please use WeChat and scan the QR code to sign in": "Please use WeChat and scan the QR code to sign in",
+    "Please use WeChat to scan the QR code and follow the official account for sign in": "Please use WeChat to scan the QR code and follow the official account for sign in",
    "Port": "Port",
    "Port - Tooltip": "Make sure the port is open",
    "Private Key": "Private Key",
@ -833,6 +844,10 @@
    "Token URL - Tooltip": "Token URL",
    "Type": "Type",
    "Type - Tooltip": "Select a type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
--- a/web/src/locales/pl/data.json
+++ b/web/src/locales/pl/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "When a logged-in session exists in Casdoor, it is automatically used for application-side login",
    "Background URL": "Background URL",
    "Background URL - Tooltip": "URL of the background image used in the login page",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Center",
    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
@ -34,6 +36,8 @@
    "Enable Email linking - Tooltip": "When using 3rd-party providers to log in, if there is a user in the organization with the same Email, the 3rd-party login method will be automatically associated with that user",
    "Enable SAML C14N10": "Enable SAML C14N10",
    "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
+    "Enable SAML POST binding": "Enable SAML POST binding",
+    "Enable SAML POST binding - Tooltip": "The HTTP POST binding uses input fields in a HTML form to send SAML messages, Enable when your SP use it",
    "Enable SAML compression": "Enable SAML compression",
    "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
    "Enable side panel": "Enable side panel",
@ -93,11 +97,14 @@
    "Sign Up Error": "Sign Up Error",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
    "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account",
    "Token expire": "Token expire",
@ -167,6 +174,7 @@
    "Adapter - Tooltip": "Table name of the policy store",
    "Adapters": "Adapters",
    "Add": "Add",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Affiliation URL",
    "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
@ -325,6 +333,7 @@
    "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
    "Signup application": "Signup application",
    "Signup application - Tooltip": "Which application the user registered through when they signed up",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Sorry, the page you visited does not exist.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Sorry, the user you visited does not exist or you are not authorized to access this user.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Sorry, you do not have permission to access this page or logged in status invalid.",
@ -429,6 +438,7 @@
  },
  "login": {
    "Auto sign in": "Auto sign in",
+    "Back button": "Back button",
    "Continue with": "Continue with",
    "Email": "Email",
    "Email or phone": "Email or phone",
@ -439,6 +449,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Loading",
    "Logging out...": "Logging out...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "No account?",
    "Or sign in with another account": "Or sign in with another account",
@ -723,11 +734,11 @@
    "Email content - Tooltip": "Content of the Email",
    "Email title": "Email title",
    "Email title - Tooltip": "Title of the email",
-    "Enable QR code": "Enable QR code",
-    "Enable QR code - Tooltip": "Whether to allow scanning QR code to login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "Email address of \"From\"",
    "From name": "From name",
@ -755,7 +766,7 @@
    "Parse metadata successfully": "Parse metadata successfully",
    "Path prefix": "Path prefix",
    "Path prefix - Tooltip": "Bucket path prefix for object storage",
-    "Please use WeChat and scan the QR code to sign in": "Please use WeChat and scan the QR code to sign in",
+    "Please use WeChat to scan the QR code and follow the official account for sign in": "Please use WeChat to scan the QR code and follow the official account for sign in",
    "Port": "Port",
    "Port - Tooltip": "Make sure the port is open",
    "Private Key": "Private Key",
@ -833,6 +844,10 @@
    "Token URL - Tooltip": "Token URL",
    "Type": "Type",
    "Type - Tooltip": "Select a type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
--- a/web/src/locales/pt/data.json
+++ b/web/src/locales/pt/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "Quando uma sessão logada existe no Casdoor, ela é automaticamente usada para o login no lado da aplicação",
    "Background URL": "URL de Fundo",
    "Background URL - Tooltip": "URL da imagem de fundo usada na página de login",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Centro",
    "Copy SAML metadata URL": "Copiar URL de metadados SAML",
    "Copy prompt page URL": "Copiar URL da página de prompt",
@ -34,6 +36,8 @@
    "Enable Email linking - Tooltip": "Ao usar provedores de terceiros para fazer login, se houver um usuário na organização com o mesmo e-mail, o método de login de terceiros será automaticamente associado a esse usuário",
    "Enable SAML C14N10": "Enable SAML C14N10",
    "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
+    "Enable SAML POST binding": "Enable SAML POST binding",
+    "Enable SAML POST binding - Tooltip": "The HTTP POST binding uses input fields in a HTML form to send SAML messages, Enable when your SP use it",
    "Enable SAML compression": "Ativar compressão SAML",
    "Enable SAML compression - Tooltip": "Se deve comprimir as mensagens de resposta SAML quando o Casdoor é usado como provedor de identidade SAML",
    "Enable side panel": "Ativar painel lateral",
@ -93,11 +97,14 @@
    "Sign Up Error": "Erro ao Registrar",
    "Signin": "Login",
    "Signin (Default True)": "Login (Padrão Verdadeiro)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Sessão de login",
    "Signup items": "Itens de registro",
    "Signup items - Tooltip": "Itens para os usuários preencherem ao registrar novas contas",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Apenas usuários com a tag listada nas tags do aplicativo podem acessar",
    "The application does not allow to sign up new account": "A aplicação não permite o registro de novas contas",
    "Token expire": "Expiração do Token",
@ -167,6 +174,7 @@
    "Adapter - Tooltip": "Nome da tabela do armazenamento de políticas",
    "Adapters": "Adaptadores",
    "Add": "Adicionar",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "URL da Afiliação",
    "Affiliation URL - Tooltip": "A URL da página inicial para a afiliação",
@ -325,6 +333,7 @@
    "Signup URL - Tooltip": "URL personalizada para a página de registro. Se não definido, será usada a página padrão de registro do Casdoor. Quando definido, os links de registro em várias páginas do Casdoor serão redirecionados para esta URL",
    "Signup application": "Aplicativo de registro",
    "Signup application - Tooltip": "Qual aplicativo o usuário usou para se registrar quando se inscreveu",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Desculpe, a página que você visitou não existe.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Desculpe, o usuário que você visitou não existe ou você não está autorizado a acessar este usuário.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Desculpe, você não tem permissão para acessar esta página ou o status de login é inválido.",
@ -429,6 +438,7 @@
  },
  "login": {
    "Auto sign in": "Entrar automaticamente",
+    "Back button": "Back button",
    "Continue with": "Continuar com",
    "Email": "Email",
    "Email or phone": "Email ou telefone",
@ -439,6 +449,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Carregando",
    "Logging out...": "Saindo...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "Não possui uma conta?",
    "Or sign in with another account": "Ou entre com outra conta",
@ -723,11 +734,11 @@
    "Email content - Tooltip": "Conteúdo do e-mail",
    "Email title": "Título do e-mail",
    "Email title - Tooltip": "Título do e-mail",
-    "Enable QR code": "Habilitar código QR",
-    "Enable QR code - Tooltip": "Se permite escanear código QR para fazer login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "Endereço do remetente",
    "From address - Tooltip": "Endereço de e-mail do remetente",
    "From name": "Nome do remetente",
@ -755,7 +766,7 @@
    "Parse metadata successfully": "Metadados analisados com sucesso",
    "Path prefix": "Prefixo do caminho",
    "Path prefix - Tooltip": "Prefixo do caminho do bucket para armazenamento de objetos",
-    "Please use WeChat and scan the QR code to sign in": "Por favor, use o WeChat e escaneie o código QR para fazer login",
+    "Please use WeChat to scan the QR code and follow the official account for sign in": "Please use WeChat to scan the QR code and follow the official account for sign in",
    "Port": "Porta",
    "Port - Tooltip": "Certifique-se de que a porta esteja aberta",
    "Private Key": "Private Key",
@ -833,6 +844,10 @@
    "Token URL - Tooltip": "URL do Token",
    "Type": "Tipo",
    "Type - Tooltip": "Selecione um tipo",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
--- a/web/src/locales/ru/data.json
+++ b/web/src/locales/ru/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "Когда существует активная сессия входа в Casdoor, она автоматически используется для входа на стороне приложения",
    "Background URL": "Фоновый URL",
    "Background URL - Tooltip": "URL фонового изображения, используемого на странице входа",
+    "Big icon": "Big icon",
    "Binding providers": "Связанные провайдеры",
+    "CSS style": "CSS style",
    "Center": "Центр",
    "Copy SAML metadata URL": "Скопируйте URL метаданных SAML",
    "Copy prompt page URL": "Скопируйте URL страницы предложения",
@ -34,6 +36,8 @@
    "Enable Email linking - Tooltip": "При использовании сторонних провайдеров для входа, если в организации есть пользователь с такой же электронной почтой, то способ входа через стороннего провайдера автоматически будет связан с этим пользователем",
    "Enable SAML C14N10": "Enable SAML C14N10",
    "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
+    "Enable SAML POST binding": "Enable SAML POST binding",
+    "Enable SAML POST binding - Tooltip": "The HTTP POST binding uses input fields in a HTML form to send SAML messages, Enable when your SP use it",
    "Enable SAML compression": "Включите сжатие SAML",
    "Enable SAML compression - Tooltip": "Нужно ли сжимать сообщения ответа SAML при использовании Casdoor в качестве SAML-идентификатора",
    "Enable side panel": "Включить боковую панель",
@ -93,11 +97,14 @@
    "Sign Up Error": "Ошибка при регистрации",
    "Signin": "Регистрация",
    "Signin (Default True)": "Регистрация (отмечено по умолчанию)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Сессия входа в систему",
    "Signup items": "Элементы регистрации",
    "Signup items - Tooltip": "Элементы, которые пользователи должны заполнить при регистрации новых аккаунтов",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Только пользователи с тегом, указанным в тегах приложения могут войти в систему",
    "The application does not allow to sign up new account": "Приложение не позволяет зарегистрироваться новому аккаунту",
    "Token expire": "Срок действия токена истекает",
@ -167,6 +174,7 @@
    "Adapter - Tooltip": "Имя таблицы хранилища политик",
    "Adapters": "Адаптеры",
    "Add": "Добавить",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "URL принадлежности",
    "Affiliation URL - Tooltip": "URL домашней страницы для аффилированности",
@ -325,6 +333,7 @@
    "Signup URL - Tooltip": "Пользовательский URL для страницы регистрации. Если не установлен, будет использоваться стандартная страница регистрации Casdoor. При установке ссылки на регистрацию на различных страницах Casdoor будут перенаправлены на этот URL",
    "Signup application": "Заявка на регистрацию",
    "Signup application - Tooltip": "На какое приложение пользователь зарегистрировался при регистрации?",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Извините, страница, которую вы посетили, не существует.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Извините, такого пользователя не существует или у вас нет прав для доступа к данному пользователю.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "К сожалению, у вас нет разрешения на доступ к этой странице или ваш статус входа недействителен.",
@ -429,6 +438,7 @@
  },
  "login": {
    "Auto sign in": "Автоматическая авторизация",
+    "Back button": "Back button",
    "Continue with": "Продолжайте с",
    "Email": "Email",
    "Email or phone": "Электронная почта или телефон",
@ -439,6 +449,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Загрузка",
    "Logging out...": "Выход...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "Нет аккаунта?",
    "Or sign in with another account": "Или войти с другой учетной записью",
@ -723,11 +734,11 @@
    "Email content - Tooltip": "Содержание электронной почты",
    "Email title": "Заголовок электронного письма",
    "Email title - Tooltip": "Заголовок электронной почты",
-    "Enable QR code": "Включить QR-код",
-    "Enable QR code - Tooltip": "Разрешить ли сканирование QR-кода для входа в систему",
    "Endpoint": "Конечная точка",
    "Endpoint (Intranet)": "Конечная точка (интранет)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "From address - Tooltip",
    "From name": "From name",
@ -755,7 +766,7 @@
    "Parse metadata successfully": "Успешно обработана метаданные",
    "Path prefix": "Префикс пути",
    "Path prefix - Tooltip": "Префикс пути ведра для хранилища объектов",
-    "Please use WeChat and scan the QR code to sign in": "Пожалуйста, используйте WeChat и отсканируйте QR-код для входа в систему",
+    "Please use WeChat to scan the QR code and follow the official account for sign in": "Please use WeChat to scan the QR code and follow the official account for sign in",
    "Port": "Порт",
    "Port - Tooltip": "Убедитесь, что порт открыт",
    "Private Key": "Private Key",
@ -833,6 +844,10 @@
    "Token URL - Tooltip": "Токен URL",
    "Type": "Тип",
    "Type - Tooltip": "Выберите тип",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
--- a/web/src/locales/sv/data.json
+++ b/web/src/locales/sv/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "When a logged-in session exists in Casdoor, it is automatically used for application-side login",
    "Background URL": "Background URL",
    "Background URL - Tooltip": "URL of the background image used in the login page",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Center",
    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
@ -34,6 +36,8 @@
    "Enable Email linking - Tooltip": "When using 3rd-party providers to log in, if there is a user in the organization with the same Email, the 3rd-party login method will be automatically associated with that user",
    "Enable SAML C14N10": "Enable SAML C14N10",
    "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
+    "Enable SAML POST binding": "Enable SAML POST binding",
+    "Enable SAML POST binding - Tooltip": "The HTTP POST binding uses input fields in a HTML form to send SAML messages, Enable when your SP use it",
    "Enable SAML compression": "Enable SAML compression",
    "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
    "Enable side panel": "Enable side panel",
@ -93,11 +97,14 @@
    "Sign Up Error": "Sign Up Error",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
    "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account",
    "Token expire": "Token expire",
@ -167,6 +174,7 @@
    "Adapter - Tooltip": "Table name of the policy store",
    "Adapters": "Adapters",
    "Add": "Add",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Affiliation URL",
    "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
@ -325,6 +333,7 @@
    "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
    "Signup application": "Signup application",
    "Signup application - Tooltip": "Which application the user registered through when they signed up",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Sorry, the page you visited does not exist.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Sorry, the user you visited does not exist or you are not authorized to access this user.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Sorry, you do not have permission to access this page or logged in status invalid.",
@ -429,6 +438,7 @@
  },
  "login": {
    "Auto sign in": "Auto sign in",
+    "Back button": "Back button",
    "Continue with": "Continue with",
    "Email": "Email",
    "Email or phone": "Email or phone",
@ -439,6 +449,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Loading",
    "Logging out...": "Logging out...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "No account?",
    "Or sign in with another account": "Or sign in with another account",
@ -723,11 +734,11 @@
    "Email content - Tooltip": "Content of the Email",
    "Email title": "Email title",
    "Email title - Tooltip": "Title of the email",
-    "Enable QR code": "Enable QR code",
-    "Enable QR code - Tooltip": "Whether to allow scanning QR code to login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "Email address of \"From\"",
    "From name": "From name",
@ -755,7 +766,7 @@
    "Parse metadata successfully": "Parse metadata successfully",
    "Path prefix": "Path prefix",
    "Path prefix - Tooltip": "Bucket path prefix for object storage",
-    "Please use WeChat and scan the QR code to sign in": "Please use WeChat and scan the QR code to sign in",
+    "Please use WeChat to scan the QR code and follow the official account for sign in": "Please use WeChat to scan the QR code and follow the official account for sign in",
    "Port": "Port",
    "Port - Tooltip": "Make sure the port is open",
    "Private Key": "Private Key",
@ -833,6 +844,10 @@
    "Token URL - Tooltip": "Token URL",
    "Type": "Type",
    "Type - Tooltip": "Select a type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
--- a/web/src/locales/tr/data.json
+++ b/web/src/locales/tr/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "Varolan oturum ile giriş yap",
    "Background URL": "Arkaplan Resim URL",
    "Background URL - Tooltip": "Login sayfası için arkaplan resmi url'i",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Ortala",
    "Copy SAML metadata URL": "SAML Metadata URL'ini kopyala",
    "Copy prompt page URL": "Prompt Page URL 'ini kopyala",
@ -34,6 +36,8 @@
    "Enable Email linking - Tooltip": "When using 3rd-party providers to log in, if there is a user in the organization with the same Email, the 3rd-party login method will be automatically associated with that user",
    "Enable SAML C14N10": "Enable SAML C14N10",
    "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
+    "Enable SAML POST binding": "Enable SAML POST binding",
+    "Enable SAML POST binding - Tooltip": "The HTTP POST binding uses input fields in a HTML form to send SAML messages, Enable when your SP use it",
    "Enable SAML compression": "Enable SAML compression",
    "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
    "Enable side panel": "Enable side panel",
@ -93,11 +97,14 @@
    "Sign Up Error": "Sign Up Error",
    "Signin": "Giriş yap",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
    "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account",
    "Token expire": "Token expire",
@ -167,6 +174,7 @@
    "Adapter - Tooltip": "Table name of the policy store",
    "Adapters": "Adapters",
    "Add": "Ekle",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Affiliation URL",
    "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
@ -325,6 +333,7 @@
    "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
    "Signup application": "Signup application",
    "Signup application - Tooltip": "Which application the user registered through when they signed up",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Sorry, the page you visited does not exist.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Sorry, the user you visited does not exist or you are not authorized to access this user.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Sorry, you do not have permission to access this page or logged in status invalid.",
@ -429,6 +438,7 @@
  },
  "login": {
    "Auto sign in": "Otomatik Oturum Aç",
+    "Back button": "Back button",
    "Continue with": "İle devam et",
    "Email": "E-Posta",
    "Email or phone": "E-posta veya telefon",
@ -439,6 +449,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Yükleniyor",
    "Logging out...": "Çıkış yapılıyor...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "Metamask plugin-in bulunamadı",
    "No account?": "Hesabınız yok mu?",
    "Or sign in with another account": "Veya başka bir hesapla giriş yapın",
@ -723,11 +734,11 @@
    "Email content - Tooltip": "Content of the Email",
    "Email title": "Email title",
    "Email title - Tooltip": "Title of the email",
-    "Enable QR code": "Enable QR code",
-    "Enable QR code - Tooltip": "Whether to allow scanning QR code to login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "Email address of \"From\"",
    "From name": "From name",
@ -755,7 +766,7 @@
    "Parse metadata successfully": "Parse metadata successfully",
    "Path prefix": "Path prefix",
    "Path prefix - Tooltip": "Bucket path prefix for object storage",
-    "Please use WeChat and scan the QR code to sign in": "Please use WeChat and scan the QR code to sign in",
+    "Please use WeChat to scan the QR code and follow the official account for sign in": "Please use WeChat to scan the QR code and follow the official account for sign in",
    "Port": "Port",
    "Port - Tooltip": "Make sure the port is open",
    "Private Key": "Private Key",
@ -833,6 +844,10 @@
    "Token URL - Tooltip": "Token URL",
    "Type": "Type",
    "Type - Tooltip": "Select a type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
--- a/web/src/locales/uk/data.json
+++ b/web/src/locales/uk/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "When a logged-in session exists in Casdoor, it is automatically used for application-side login",
    "Background URL": "Background URL",
    "Background URL - Tooltip": "URL of the background image used in the login page",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Center",
    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
@ -34,6 +36,8 @@
    "Enable Email linking - Tooltip": "When using 3rd-party providers to log in, if there is a user in the organization with the same Email, the 3rd-party login method will be automatically associated with that user",
    "Enable SAML C14N10": "Enable SAML C14N10",
    "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
+    "Enable SAML POST binding": "Enable SAML POST binding",
+    "Enable SAML POST binding - Tooltip": "The HTTP POST binding uses input fields in a HTML form to send SAML messages, Enable when your SP use it",
    "Enable SAML compression": "Enable SAML compression",
    "Enable SAML compression - Tooltip": "Whether to compress SAML response messages when Casdoor is used as SAML idp",
    "Enable side panel": "Enable side panel",
@ -93,11 +97,14 @@
    "Sign Up Error": "Sign Up Error",
    "Signin": "Signin",
    "Signin (Default True)": "Signin (Default True)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
    "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "The application does not allow to sign up new account",
    "Token expire": "Token expire",
@ -167,6 +174,7 @@
    "Adapter - Tooltip": "Table name of the policy store",
    "Adapters": "Adapters",
    "Add": "Add",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Affiliation URL",
    "Affiliation URL - Tooltip": "The homepage URL for the affiliation",
@ -325,6 +333,7 @@
    "Signup URL - Tooltip": "Custom URL for the registration page. If not set, the default Casdoor registration page will be used. When set, the registration links on various Casdoor pages will redirect to this URL",
    "Signup application": "Signup application",
    "Signup application - Tooltip": "Which application the user registered through when they signed up",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Sorry, the page you visited does not exist.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Sorry, the user you visited does not exist or you are not authorized to access this user.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Sorry, you do not have permission to access this page or logged in status invalid.",
@ -429,6 +438,7 @@
  },
  "login": {
    "Auto sign in": "Auto sign in",
+    "Back button": "Back button",
    "Continue with": "Continue with",
    "Email": "Email",
    "Email or phone": "Email or phone",
@ -439,6 +449,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Loading",
    "Logging out...": "Logging out...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "No account?",
    "Or sign in with another account": "Or sign in with another account",
@ -723,11 +734,11 @@
    "Email content - Tooltip": "Content of the Email",
    "Email title": "Email title",
    "Email title - Tooltip": "Title of the email",
-    "Enable QR code": "Enable QR code",
-    "Enable QR code - Tooltip": "Whether to allow scanning QR code to login",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "Email address of \"From\"",
    "From name": "From name",
@ -755,7 +766,7 @@
    "Parse metadata successfully": "Parse metadata successfully",
    "Path prefix": "Path prefix",
    "Path prefix - Tooltip": "Bucket path prefix for object storage",
-    "Please use WeChat and scan the QR code to sign in": "Please use WeChat and scan the QR code to sign in",
+    "Please use WeChat to scan the QR code and follow the official account for sign in": "Please use WeChat to scan the QR code and follow the official account for sign in",
    "Port": "Port",
    "Port - Tooltip": "Make sure the port is open",
    "Private Key": "Private Key",
@ -833,6 +844,10 @@
    "Token URL - Tooltip": "Token URL",
    "Type": "Type",
    "Type - Tooltip": "Select a type",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
--- a/web/src/locales/vi/data.json
+++ b/web/src/locales/vi/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "Khi một phiên đăng nhập đã được tạo trong Casdoor, nó sẽ tự động được sử dụng để đăng nhập tại ứng dụng",
    "Background URL": "URL nền",
    "Background URL - Tooltip": "Đường dẫn URL của hình ảnh nền được sử dụng trong trang đăng nhập",
+    "Big icon": "Big icon",
    "Binding providers": "Binding providers",
+    "CSS style": "CSS style",
    "Center": "Trung tâm",
    "Copy SAML metadata URL": "Sao chép URL siêu dữ liệu SAML",
    "Copy prompt page URL": "Sao chép URL của trang nhắc nhở",
@ -34,6 +36,8 @@
    "Enable Email linking - Tooltip": "Khi sử dụng nhà cung cấp bên thứ ba để đăng nhập, nếu có người dùng trong tổ chức có cùng địa chỉ Email, phương pháp đăng nhập bên thứ ba sẽ tự động được liên kết với người dùng đó",
    "Enable SAML C14N10": "Enable SAML C14N10",
    "Enable SAML C14N10 - Tooltip": "Enable SAML C14N10 - Tooltip",
+    "Enable SAML POST binding": "Enable SAML POST binding",
+    "Enable SAML POST binding - Tooltip": "The HTTP POST binding uses input fields in a HTML form to send SAML messages, Enable when your SP use it",
    "Enable SAML compression": "Cho phép nén SAML",
    "Enable SAML compression - Tooltip": "Liệu có nén các thông điệp phản hồi SAML khi Casdoor được sử dụng làm SAML idp không?",
    "Enable side panel": "Cho phép bên thanh phẩm",
@ -93,11 +97,14 @@
    "Sign Up Error": "Lỗi đăng ký",
    "Signin": "Đăng nhập",
    "Signin (Default True)": "Đăng nhập (Mặc định đúng)",
+    "Signin items": "Signin items",
+    "Signin items - Tooltip": "Signin items - Tooltip",
    "Signin methods": "Signin methods",
    "Signin methods - Tooltip": "Signin methods - Tooltip",
    "Signin session": "Phiên đăng nhập",
    "Signup items": "Các mục đăng ký",
    "Signup items - Tooltip": "Các thông tin cần được người dùng điền khi đăng ký tài khoản mới",
+    "Small icon": "Small icon",
    "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
    "The application does not allow to sign up new account": "Ứng dụng không cho phép đăng ký tài khoản mới",
    "Token expire": "Mã thông báo hết hạn",
@ -167,6 +174,7 @@
    "Adapter - Tooltip": "Tên bảng của kho lưu trữ chính sách",
    "Adapters": "Bộ chuyển đổi",
    "Add": "Tạo mới",
+    "Add custom item": "Add custom item",
    "Admin": "Admin",
    "Affiliation URL": "Đường dẫn liên kết liên kết",
    "Affiliation URL - Tooltip": "Đường dẫn URL trang chủ của liên kết",
@ -325,6 +333,7 @@
    "Signup URL - Tooltip": "Đường dẫn tùy chỉnh cho trang đăng ký. Nếu không được thiết lập, trang đăng ký mặc định của Casdoor sẽ được sử dụng. Khi được thiết lập, các liên kết đăng ký trên các trang Casdoor khác sẽ được chuyển hướng đến URL này",
    "Signup application": "Đăng ký ứng dụng",
    "Signup application - Tooltip": "Người dùng đã đăng ký thông qua ứng dụng nào khi họ đăng ký?",
+    "Signup link": "Signup link",
    "Sorry, the page you visited does not exist.": "Xin lỗi, trang web bạn truy cập không tồn tại.",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "Xin lỗi, người dùng mà bạn đã ghé thăm không tồn tại hoặc bạn không có quyền truy cập vào người dùng này.",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "Xin lỗi, bạn không có quyền truy cập trang này hoặc trạng thái đăng nhập không hợp lệ.",
@ -429,6 +438,7 @@
  },
  "login": {
    "Auto sign in": "Tự động đăng nhập",
+    "Back button": "Back button",
    "Continue with": "Tiếp tục với",
    "Email": "Email",
    "Email or phone": "Email hoặc điện thoại",
@ -439,6 +449,7 @@
    "LDAP username, Email or phone": "LDAP username, Email or phone",
    "Loading": "Đang tải",
    "Logging out...": "Đăng xuất ...",
+    "Login button": "Login button",
    "MetaMask plugin not detected": "MetaMask plugin not detected",
    "No account?": "Không có tài khoản?",
    "Or sign in with another account": "Hoặc đăng nhập bằng tài khoản khác",
@ -723,11 +734,11 @@
    "Email content - Tooltip": "Nội dung của Email",
    "Email title": "Tiêu đề email",
    "Email title - Tooltip": "Tiêu đề của email",
-    "Enable QR code": "Kích hoạt mã QR",
-    "Enable QR code - Tooltip": "Cho phép quét mã QR để đăng nhập",
    "Endpoint": "Điểm cuối",
    "Endpoint (Intranet)": "Điểm kết thúc (mạng nội bộ)",
    "Endpoint - Tooltip": "Endpoint - Tooltip",
+    "Follow-up action": "Follow-up action",
+    "Follow-up action - Tooltip": "If you choose \"Use WeChat Open Platform to login\", users need to login on the WeChat Open Platform after following the wechat official account.",
    "From address": "From address",
    "From address - Tooltip": "From address - Tooltip",
    "From name": "From name",
@ -755,7 +766,7 @@
    "Parse metadata successfully": "Phân tích siêu dữ liệu thành công",
    "Path prefix": "Tiền tố đường dẫn",
    "Path prefix - Tooltip": "Tiền tố đường dẫn thùng chứa cho lưu trữ đối tượng",
-    "Please use WeChat and scan the QR code to sign in": "Vui lòng sử dụng WeChat và quét mã QR để đăng nhập",
+    "Please use WeChat to scan the QR code and follow the official account for sign in": "Please use WeChat to scan the QR code and follow the official account for sign in",
    "Port": "Cảng",
    "Port - Tooltip": "Chắc chắn rằng cổng đang mở",
    "Private Key": "Private Key",
@ -833,6 +844,10 @@
    "Token URL - Tooltip": "Địa chỉ của mã thông báo",
    "Type": "Kiểu",
    "Type - Tooltip": "Chọn loại",
+    "Use WeChat Media Platform in PC": "Use WeChat Media Platform in PC",
+    "Use WeChat Media Platform in PC - Tooltip": "Whether to allow scanning WeChat Media Platform QR code to login",
+    "Use WeChat Media Platform to login": "Use WeChat Media Platform to login",
+    "Use WeChat Open Platform to login": "Use WeChat Open Platform to login",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow - Tooltip",
    "User mapping": "User mapping",
--- a/web/src/locales/zh/data.json
+++ b/web/src/locales/zh/data.json
@ -22,7 +22,9 @@
    "Auto signin - Tooltip": "当Casdoor存在已登录会话时，自动采用该会话进行应用端的登录",
    "Background URL": "背景图URL",
    "Background URL - Tooltip": "登录页背景图的链接",
+    "Big icon": "大图标",
    "Binding providers": "绑定提供商",
+    "CSS style": "CSS样式",
    "Center": "居中",
    "Copy SAML metadata URL": "复制SAML元数据URL",
    "Copy prompt page URL": "复制提醒页面URL",
@ -34,10 +36,10 @@
    "Enable Email linking - Tooltip": "使用第三方授权登录时，如果组织中存在与授权用户邮箱相同的用户，会自动关联该第三方登录方式到该用户",
    "Enable SAML C14N10": "启用SAML C14N10",
    "Enable SAML C14N10 - Tooltip": "在SAML协议里使用C14N10，而不是C14N11",
-    "Enable SAML compression": "压缩SAML响应",
-    "Enable SAML compression - Tooltip": "Casdoor作为SAML IdP时，是否压缩SAML响应信息",
    "Enable SAML POST binding": "启用SAML POST Binding",
    "Enable SAML POST binding - Tooltip": "HTTP POST绑定使用HTML表单中的输入字段发送SAML消息，当SP使用它时启用",
+    "Enable SAML compression": "压缩SAML响应",
+    "Enable SAML compression - Tooltip": "Casdoor作为SAML IdP时，是否压缩SAML响应信息",
    "Enable side panel": "启用侧面板",
    "Enable signin session - Tooltip": "从应用登录Casdoor后，Casdoor是否保持会话",
    "Enable signup": "启用注册",
@ -95,11 +97,14 @@
    "Sign Up Error": "注册错误",
    "Signin": "登录",
    "Signin (Default True)": "登录 (默认同意)",
+    "Signin items": "登录项",
+    "Signin items - Tooltip": "用户登陆时需要填写的项目",
    "Signin methods": "登录方式",
    "Signin methods - Tooltip": "添加允许用户登录的方式，默认所有方式均可登录",
    "Signin session": "保持登录会话",
    "Signup items": "注册项",
    "Signup items - Tooltip": "注册用户注册时需要填写的项目",
+    "Small icon": "小图标",
    "Tags - Tooltip": "用户的标签在应用的标签集合中时，用户才可以登录该应用",
    "The application does not allow to sign up new account": "该应用不允许注册新账户",
    "Token expire": "Access Token过期",
@ -169,6 +174,7 @@
    "Adapter - Tooltip": "策略存储的表名",
    "Adapters": "Casbin适配器",
    "Add": "添加",
+    "Add custom item": "添加自定义项",
    "Admin": "管理工具",
    "Affiliation URL": "工作单位URL",
    "Affiliation URL - Tooltip": "工作单位的官网URL",
@ -327,6 +333,7 @@
    "Signup URL - Tooltip": "自定义注册页面的URL，不设置时采用Casdoor默认的注册页面，设置后Casdoor各类页面的注册链接会跳转到该URL",
    "Signup application": "注册应用",
    "Signup application - Tooltip": "用户注册时通过哪个应用注册的",
+    "Signup link": "注册链接",
    "Sorry, the page you visited does not exist.": "抱歉，您访问的页面不存在",
    "Sorry, the user you visited does not exist or you are not authorized to access this user.": "抱歉，您访问的用户不存在或您无权访问该用户",
    "Sorry, you do not have permission to access this page or logged in status invalid.": "抱歉，您无权访问该页面或登录状态失效",
@ -431,6 +438,7 @@
  },
  "login": {
    "Auto sign in": "下次自动登录",
+    "Back button": "返回按钮",
    "Continue with": "使用以下账号继续",
    "Email": "Email",
    "Email or phone": "Email或手机号",
@ -441,6 +449,7 @@
    "LDAP username, Email or phone": "LDAP用户名, Email或手机号",
    "Loading": "加载中",
    "Logging out...": "正在退出登录...",
+    "Login button": "登录按钮",
    "MetaMask plugin not detected": "未检测到MetaMask插件",
    "No account?": "没有账号？",
    "Or sign in with another account": "或者，登录其他账号",
@ -725,11 +734,11 @@
    "Email content - Tooltip": "邮件内容",
    "Email title": "邮件标题",
    "Email title - Tooltip": "邮件标题",
-    "Enable QR code": "扫码登录",
-    "Enable QR code - Tooltip": "是否允许扫描二维码登录",
    "Endpoint": "地域节点 (外网)",
    "Endpoint (Intranet)": "地域节点 (内网)",
    "Endpoint - Tooltip": "端点 - 工具提示",
+    "Follow-up action": "后继动作",
+    "Follow-up action - Tooltip": "如果你选择“使用微信开放平台进行登录”，用户在扫描二维码并关注公众号后需要在微信开放平台进行登录",
    "From address": "发件人地址",
    "From address - Tooltip": "邮件里发件人的邮箱地址",
    "From name": "发件人名称",
@ -757,7 +766,7 @@
    "Parse metadata successfully": "解析元数据成功",
    "Path prefix": "路径前缀",
    "Path prefix - Tooltip": "对象存储的Bucket路径前缀",
-    "Please use WeChat and scan the QR code to sign in": "请使用微信扫描二维码登录",
+    "Please use WeChat to scan the QR code and follow the official account for sign in": "请使用微信扫描二维码并关注公众号登录",
    "Port": "端口",
    "Port - Tooltip": "请确保端口号打开",
    "Private Key": "私钥",
@ -835,6 +844,10 @@
    "Token URL - Tooltip": "自定义OAuth的Token URL",
    "Type": "类型",
    "Type - Tooltip": "类型",
+    "Use WeChat Media Platform in PC": "在PC端使用微信公众平台",
+    "Use WeChat Media Platform in PC - Tooltip": "是否使用微信公众平台的二维码进行登录",
+    "Use WeChat Media Platform to login": "使用微信公众平台进行登录",
+    "Use WeChat Open Platform to login": "使用微信开放平台进行登录",
    "User flow": "User flow",
    "User flow - Tooltip": "User flow",
    "User mapping": "用户映射",
--- a/web/src/table/SigninMethodTable.js
+++ b/web/src/table/SigninMethodTable.js
@ -163,7 +163,7 @@ class SigninMethodTable extends React.Component {
                <Button style={{marginRight: "5px"}} disabled={index === table.length - 1} icon={<DownOutlined />} size="small" onClick={() => this.downRow(table, index)} />
              </Tooltip>
              <Tooltip placement="topLeft" title={i18next.t("general:Delete")}>
-                <Button icon={<DeleteOutlined />} size="small" disabled={table.length <= 1} onClick={() => this.deleteRow(items, table, index)} />
+                <Button icon={<DeleteOutlined />} size="small" onClick={() => this.deleteRow(items, table, index)} />
              </Tooltip>
            </div>
          );
--- a/web/src/table/SigninTable.js
+++ b/web/src/table/SigninTable.js
@ -0,0 +1,299 @@
+// Copyright 2024 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import React from "react";
+import {DeleteOutlined, DownOutlined, UpOutlined} from "@ant-design/icons";
+import {Button, Col, Input, Popover, Row, Select, Space, Switch, Table, Tooltip} from "antd";
+import * as Setting from "../Setting";
+import i18next from "i18next";
+
+import {Controlled as CodeMirror} from "react-codemirror2";
+import "codemirror/lib/codemirror.css";
+
+require("codemirror/theme/material-darker.css");
+require("codemirror/mode/htmlmixed/htmlmixed");
+
+const {Option} = Select;
+
+class SigninTable extends React.Component {
+  constructor(props) {
+    super(props);
+    this.state = {
+      classes: props,
+    };
+  }
+
+  updateTable(table) {
+    this.props.onUpdateTable(table);
+  }
+
+  updateField(table, index, key, value) {
+    table[index][key] = value;
+    this.updateTable(table);
+  }
+
+  addRow(table) {
+    const row = {name: Setting.getNewRowNameForTable(table, "Please select a signin item"), visible: true, required: true, rule: "None"};
+    if (table === undefined) {
+      table = [];
+    }
+    table = Setting.addRow(table, row);
+    this.updateTable(table);
+  }
+
+  addCustomRow(table) {
+    const randomName = "Text " + Date.now().toString();
+    const row = {name: Setting.getNewRowNameForTable(table, randomName), visible: true, isCustom: true};
+    if (table === undefined) {
+      table = [];
+    }
+    table = Setting.addRow(table, row);
+    this.updateTable(table);
+  }
+
+  deleteRow(table, i) {
+    table = Setting.deleteRow(table, i);
+    this.updateTable(table);
+  }
+
+  upRow(table, i) {
+    table = Setting.swapRow(table, i - 1, i);
+    this.updateTable(table);
+  }
+
+  downRow(table, i) {
+    table = Setting.swapRow(table, i, i + 1);
+    this.updateTable(table);
+  }
+
+  renderTable(table) {
+    table = table ?? [];
+    const columns = [
+      {
+        title: i18next.t("general:Name"),
+        dataIndex: "name",
+        key: "name",
+        render: (text, record, index) => {
+          if (record.isCustom) {
+            return <Input style={{width: "100%"}}
+              value={text} onPressEnter={e => {
+                this.updateField(table, index, "name", e.target.value);
+              }} disabled>
+            </Input>;
+          }
+
+          const items = [
+            {name: "Signin methods", displayName: i18next.t("application:Signin methods")},
+            {name: "Logo", displayName: i18next.t("general:Logo")},
+            {name: "Back button", displayName: i18next.t("login:Back button")},
+            {name: "Languages", displayName: i18next.t("general:Languages")},
+            {name: "Username", displayName: i18next.t("signup:Username")},
+            {name: "Password", displayName: i18next.t("general:Password")},
+            {name: "Providers", displayName: i18next.t("general:Providers")},
+            {name: "Agreement", displayName: i18next.t("signup:Agreement")},
+            {name: "Forgot password?", displayName: i18next.t("login:Forgot password?")},
+            {name: "Login button", displayName: i18next.t("login:Login button")},
+            {name: "Signup link", displayName: i18next.t("general:Signup link")},
+          ];
+
+          const getItemDisplayName = (text) => {
+            const item = items.filter(item => item.name === text);
+            if (item.length === 0) {
+              return "";
+            }
+            return item[0].displayName;
+          };
+
+          return (
+            <Select virtual={false} style={{width: "100%"}}
+              value={getItemDisplayName(text)}
+              onChange={value => {
+                this.updateField(table, index, "name", value);
+              }} >
+              {
+                Setting.getDeduplicatedArray(items, table, "name").map((item, index) => <Option key={index} value={item.name}>{item.displayName}</Option>)
+              }
+            </Select>
+          );
+        },
+      },
+      {
+        title: i18next.t("organization:Visible"),
+        dataIndex: "visible",
+        key: "visible",
+        width: "120px",
+        render: (text, record, index) => {
+          if (record.name === "ID") {
+            return null;
+          }
+
+          return (
+            <Switch checked={text} onChange={checked => {
+              this.updateField(table, index, "visible", checked);
+              if (!checked) {
+                this.updateField(table, index, "required", false);
+              } else {
+                this.updateField(table, index, "required", true);
+              }
+            }} />
+          );
+        },
+      },
+      {
+        title: i18next.t("signup:Label HTML"),
+        dataIndex: "label",
+        key: "label",
+        width: "200px",
+        render: (text, record, index) => {
+          if (record.name.startsWith("Text ") || record?.isCustom) {
+            return (
+              <Popover placement="right" content={
+                <div style={{width: "900px", height: "300px"}} >
+                  <CodeMirror value={text}
+                    options={{mode: "htmlmixed", theme: "material-darker"}}
+                    onBeforeChange={(editor, data, value) => {
+                      this.updateField(table, index, "label", value);
+                    }}
+                  />
+                </div>
+              } title={i18next.t("signup:Label HTML")} trigger="click">
+                <Input value={text} style={{marginBottom: "10px"}} onChange={e => {
+                  this.updateField(table, index, "label", e.target.value);
+                }} />
+              </Popover>
+            );
+          }
+          return null;
+        },
+      },
+      {
+        title: i18next.t("application:Form CSS"),
+        dataIndex: "label",
+        key: "label",
+        width: "200px",
+        render: (text, record, index) => {
+          if (!record.name.startsWith("Text ") && !record?.isCustom) {
+            return (
+              <Popover placement="right" content={
+                <div style={{width: "900px", height: "300px"}} >
+                  <CodeMirror value={text}
+                    options={{mode: "htmlmixed", theme: "material-darker"}}
+                    onBeforeChange={(editor, data, value) => {
+                      this.updateField(table, index, "label", value);
+                    }}
+                  />
+                </div>
+              } title={i18next.t("application:CSS style")} trigger="click">
+                <Input value={text} onChange={e => {
+                  this.updateField(table, index, "label", e.target.value);
+                }} />
+              </Popover>
+            );
+          }
+
+          return null;
+        },
+      },
+      {
+        title: i18next.t("signup:Placeholder"),
+        dataIndex: "placeholder",
+        key: "placeholder",
+        width: "200px",
+        render: (text, record, index) => {
+          if (record.name !== "Username" && record.name !== "Password") {
+            return null;
+          }
+
+          return (
+            <Input value={text} onChange={e => {
+              this.updateField(table, index, "placeholder", e.target.value);
+            }} />
+          );
+        },
+      },
+      {
+        title: i18next.t("application:Rule"),
+        dataIndex: "rule",
+        key: "rule",
+        width: "155px",
+        render: (text, record, index) => {
+          let options = [];
+          if (record.name === "Providers") {
+            options = [
+              {id: "big", name: i18next.t("application:Big icon")},
+              {id: "small", name: i18next.t("application:Small icon")},
+            ];
+          }
+          if (options.length === 0) {
+            return null;
+          }
+
+          return (
+            <Select virtual={false} style={{width: "100%"}} value={text} onChange={(value => {
+              this.updateField(table, index, "rule", value);
+            })} options={options.map(item => Setting.getOption(item.name, item.id))} />
+          );
+        },
+      },
+      {
+        title: i18next.t("general:Action"),
+        key: "action",
+        width: "100px",
+        render: (text, record, index) => {
+          return (
+            <div>
+              <Tooltip placement="bottomLeft" title={i18next.t("general:Up")}>
+                <Button style={{marginRight: "5px"}} disabled={index === 0} icon={<UpOutlined />} size="small" onClick={() => this.upRow(table, index)} />
+              </Tooltip>
+              <Tooltip placement="topLeft" title={i18next.t("general:Down")}>
+                <Button style={{marginRight: "5px"}} disabled={index === table.length - 1} icon={<DownOutlined />} size="small" onClick={() => this.downRow(table, index)} />
+              </Tooltip>
+              <Tooltip placement="topLeft" title={i18next.t("general:Delete")}>
+                <Button icon={<DeleteOutlined />} size="small" onClick={() => this.deleteRow(table, index)} />
+              </Tooltip>
+            </div>
+          );
+        },
+      },
+    ];
+
+    return (
+      <Table scroll={{x: "max-content"}} rowKey="name" columns={columns} dataSource={table} size="middle" bordered pagination={false}
+        title={() => (
+          <Space>
+            {this.props.title}
+            <Button style={{marginRight: "5px"}} type="primary" size="small" onClick={() => this.addRow(table)}>{i18next.t("general:Add")}</Button>
+            <Button style={{marginRight: "5px"}} type="primary" size="small" onClick={() => this.addCustomRow(table)}>{i18next.t("general:Add custom item")}</Button>
+          </Space>
+        )}
+      />
+    );
+  }
+
+  render() {
+    return (
+      <div>
+        <Row style={{marginTop: "20px"}} >
+          <Col span={24}>
+            {
+              this.renderTable(this.props.table)
+            }
+          </Col>
+        </Row>
+      </div>
+    );
+  }
+}
+
+export default SigninTable;
Author	SHA1	Message	Date
Yaodong Yu	f35a5f9a47	feat: fix issue that admin cannot enable MFA for user (#2702 )	2024-02-14 23:29:04 +08:00
Yang Luo	7481b229a4	feat: show domain field for MinIO storage provider	2024-02-14 13:54:17 +08:00
Yang Luo	39e485ae82	Fix SigninTable issue	2024-02-14 12:20:03 +08:00
Yang Luo	764c64e67c	Fix SigninTable CSS	2024-02-14 12:10:30 +08:00
Yang Luo	e755a7331d	Fix renderLink()	2024-02-14 09:45:21 +08:00
hsluoyz	6d9d595f86	fix: Revert "fix: fix display bug in SigninTable" (#2700 ) This reverts commit `d52058d2ae`.	2024-02-14 09:44:42 +08:00
DacongDA	d52058d2ae	fix: fix display bug in SigninTable (#2698 ) * fix: fix display bug in SigninTable * fix: fix code bug * feat: improve code format * feat: improve code format	2024-02-14 09:26:51 +08:00
Yang Luo	bcfbfc6947	Support "signinUrl" in forget page	2024-02-14 02:36:52 +08:00
Yang Luo	75699c4a26	feat: improve code in getObject()	2024-02-13 23:50:21 +08:00
DacongDA	3e8bfb52a8	feat: add signin items table (#2695 ) * feat: add signin items table * fix:unable to login * feat: improve code format * fix: fix display err on signup link * feat: improve display of sign up link	2024-02-13 23:12:40 +08:00
Yaodong Yu	bbbd857a45	fix: fix bug that failed to run initApi adapter in docker (#2696 )	2024-02-13 23:12:25 +08:00
Andrey	498900df76	feat: allow dot in the username (like john.smith) (#2692 )	2024-02-12 20:52:17 +08:00
Dmitri Aleksandrov	7e3c1a6581	fix: improve goth code (#2693 ) Signed-off-by: Dmitrii Aleksandrov <goodmobiledevices@gmail.com>	2024-02-12 20:51:58 +08:00
github-actions[bot]	6e28043dba	refactor: New Crowdin translations (#2648 ) * refactor: New Crowdin translations by Github Action * refactor: New Crowdin Backend translations by Github Action --------- Co-authored-by: Crowdin Bot <support+bot@crowdin.com>	2024-02-12 18:54:31 +08:00
Yang Luo	cb200687dc	feat: fix GetUserByUserId() API crash issue	2024-02-12 18:51:55 +08:00
Lars Lehtonen	23bb0ee450	feat: fix error handling in AdfsIdProvider (#2687 )	2024-02-10 15:38:38 +08:00
Yang Luo	117259dfc5	ci: fix repo name in CI	2024-02-10 15:38:17 +08:00
DacongDA	e71d0476f0	feat: support data initialization for groups, adapters, enforcers, plans and pricings (#2685 )	2024-02-08 20:46:40 +08:00
Yang Luo	b5d26767b2	docs: improve README	2024-02-08 00:02:31 +08:00
DacongDA	5c4e22288e	feat: improve error handling and code format (#2682 ) * feat: improve error process and code format * feat: improve error process and code format	2024-02-07 20:55:33 +08:00
Satinder Singh	3ac4be64b8	fix: error msg for invalid org & app names in signup (#2679 )	2024-02-07 08:53:50 +08:00
DacongDA	97db54b6b9	feat: full support for wechat official account login (#2677 ) * feat: full support for wechat official account login * feat: improve provider edit page * fix: improve i18n format	2024-02-07 00:00:10 +08:00
Yang Luo	3a19d4c7c8	fix: do not filter webhooks by org	2024-02-06 20:33:11 +08:00
Yaodong Yu	a60be2b2ab	feat: refactor MFA code and fix no-session bug (#2676 ) * refactor: refactor mfa * refactor: refactor mfa * refactor: refactor mfa * lint * chore: reduce wait time	2024-02-06 20:17:59 +08:00
Yang Luo	06ef97a080	feat: can delete the whole SigninMethodTable	2024-02-06 16:43:16 +08:00
dacongda	167c1b0f1b	feat: fix bug in WeChat OA login (#2674 ) * fix: fix the problem of Wechat Official Account login * fix: fix code format problem * fix: add error display and fix the code format problem * fix: i18n problem and code format	2024-02-05 21:38:12 +08:00