feat: Support metamask mobile login (#2844)

* feat: set themeType through URL parameter

* Update App.js

---------

Co-authored-by: Eric Luo <hsluoyz@qq.com>

authz/authz.go

@@ -98,6 +98,7 @@ p, *, *, GET, /api/get-all-objects, *, *
 p, *, *, GET, /api/get-all-actions, *, *
 p, *, *, GET, /api/get-all-roles, *, *
 p, *, *, GET, /api/get-invitation-info, *, *
+p, *, *, GET, /api/faceid-signin-begin, *, *
 `
 
 		sa := stringadapter.NewAdapter(ruleText)

controllers/account.go

@@ -44,6 +44,8 @@ type Response struct {
 }
 
 type Captcha struct {
+	Owner         string `json:"owner"`
+	Name          string `json:"name"`
 	Type          string `json:"type"`
 	AppKey        string `json:"appKey"`
 	Scene         string `json:"scene"`
@@ -271,10 +273,8 @@ func (c *ApiController) Signup() {
 		return
 	}
 
-	record := object.NewRecord(c.Ctx)
-	record.Organization = application.Organization
-	record.User = user.Name
-	util.SafeGoroutine(func() { object.AddRecord(record) })
+	c.Ctx.Input.SetParam("recordUserId", user.GetId())
+	c.Ctx.Input.SetParam("recordSignup", "true")
 
 	userId := user.GetId()
 	util.LogInfo(c.Ctx, "API: [%s] is signed up as new user", userId)
@@ -307,6 +307,7 @@ func (c *ApiController) Logout() {
 		}
 
 		c.ClearUserSession()
+		c.ClearTokenSession()
 		owner, username := util.GetOwnerAndNameFromId(user)
 		_, err := object.DeleteSessionId(util.GetSessionId(owner, username, object.CasdoorApplication), c.Ctx.Input.CruSession.SessionID())
 		if err != nil {
@@ -353,6 +354,7 @@ func (c *ApiController) Logout() {
 		}
 
 		c.ClearUserSession()
+		c.ClearTokenSession()
 		// TODO https://github.com/casdoor/casdoor/pull/1494#discussion_r1095675265
 		owner, username := util.GetOwnerAndNameFromId(user)
 
@@ -433,6 +435,17 @@ func (c *ApiController) GetAccount() {
 		return
 	}
 
+	accessToken := c.GetSessionToken()
+	if accessToken == "" {
+		accessToken, err = object.GetAccessTokenByUser(user, c.Ctx.Request.Host)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+		c.SetSessionToken(accessToken)
+	}
+	u.AccessToken = accessToken
+
 	resp := Response{
 		Status: "ok",
 		Sub:    user.Id,
@@ -519,10 +532,12 @@ func (c *ApiController) GetCaptcha() {
 				return
 			}
 
-			c.ResponseOk(Captcha{Type: captchaProvider.Type, CaptchaId: id, CaptchaImage: img})
+			c.ResponseOk(Captcha{Owner: captchaProvider.Owner, Name: captchaProvider.Name, Type: captchaProvider.Type, CaptchaId: id, CaptchaImage: img})
 			return
 		} else if captchaProvider.Type != "" {
 			c.ResponseOk(Captcha{
+				Owner:         captchaProvider.Owner,
+				Name:          captchaProvider.Name,
 				Type:          captchaProvider.Type,
 				SubType:       captchaProvider.SubType,
 				ClientId:      captchaProvider.ClientId,

controllers/auth.go

@@ -508,10 +508,7 @@ func (c *ApiController) Login() {
 
 			resp = c.HandleLoggedIn(application, user, &authForm)
 
-			record := object.NewRecord(c.Ctx)
-			record.Organization = application.Organization
-			record.User = user.Name
-			util.SafeGoroutine(func() { object.AddRecord(record) })
+			c.Ctx.Input.SetParam("recordUserId", user.GetId())
 		}
 	} else if authForm.Provider != "" {
 		var application *object.Application
@@ -632,10 +629,7 @@ func (c *ApiController) Login() {
 				}
 				resp = c.HandleLoggedIn(application, user, &authForm)
 
-				record := object.NewRecord(c.Ctx)
-				record.Organization = application.Organization
-				record.User = user.Name
-				util.SafeGoroutine(func() { object.AddRecord(record) })
+				c.Ctx.Input.SetParam("recordUserId", user.GetId())
 			} else if provider.Category == "OAuth" || provider.Category == "Web3" {
 				// Sign up via OAuth
 				if application.EnableLinkWithEmail {
@@ -768,16 +762,8 @@ func (c *ApiController) Login() {
 
 				resp = c.HandleLoggedIn(application, user, &authForm)
 
-				record := object.NewRecord(c.Ctx)
-				record.Organization = application.Organization
-				record.User = user.Name
-				util.SafeGoroutine(func() { object.AddRecord(record) })
-
-				record2 := object.NewRecord(c.Ctx)
-				record2.Action = "signup"
-				record2.Organization = application.Organization
-				record2.User = user.Name
-				util.SafeGoroutine(func() { object.AddRecord(record2) })
+				c.Ctx.Input.SetParam("recordUserId", user.GetId())
+				c.Ctx.Input.SetParam("recordSignup", "true")
 			} else if provider.Category == "SAML" {
 				// TODO: since we get the user info from SAML response, we can try to create the user
 				resp = &Response{Status: "error", Msg: fmt.Sprintf(c.T("general:The user: %s doesn't exist"), util.GetId(application.Organization, userInfo.Id))}
@@ -879,10 +865,7 @@ func (c *ApiController) Login() {
 		resp = c.HandleLoggedIn(application, user, &authForm)
 		c.setMfaUserSession("")
 
-		record := object.NewRecord(c.Ctx)
-		record.Organization = application.Organization
-		record.User = user.Name
-		util.SafeGoroutine(func() { object.AddRecord(record) })
+		c.Ctx.Input.SetParam("recordUserId", user.GetId())
 	} else {
 		if c.GetSessionUsername() != "" {
 			// user already signed in to Casdoor, so let the user click the avatar button to do the quick sign-in
@@ -901,10 +884,7 @@ func (c *ApiController) Login() {
 			user := c.getCurrentUser()
 			resp = c.HandleLoggedIn(application, user, &authForm)
 
-			record := object.NewRecord(c.Ctx)
-			record.Organization = application.Organization
-			record.User = user.Name
-			util.SafeGoroutine(func() { object.AddRecord(record) })
+			c.Ctx.Input.SetParam("recordUserId", user.GetId())
 		} else {
 			c.ResponseError(fmt.Sprintf(c.T("auth:Unknown authentication type (not password or provider), form = %s"), util.StructToJson(authForm)))
 			return

controllers/base.go

@@ -122,6 +122,15 @@ func (c *ApiController) GetSessionUsername() string {
 	return user.(string)
 }
 
+func (c *ApiController) GetSessionToken() string {
+	accessToken := c.GetSession("accessToken")
+	if accessToken == nil {
+		return ""
+	}
+
+	return accessToken.(string)
+}
+
 func (c *ApiController) GetSessionApplication() *object.Application {
 	clientId := c.GetSession("aud")
 	if clientId == nil {
@@ -141,6 +150,10 @@ func (c *ApiController) ClearUserSession() {
 	c.SetSessionData(nil)
 }
 
+func (c *ApiController) ClearTokenSession() {
+	c.SetSessionToken("")
+}
+
 func (c *ApiController) GetSessionOidc() (string, string) {
 	sessionData := c.GetSessionData()
 	if sessionData != nil &&
@@ -167,6 +180,10 @@ func (c *ApiController) SetSessionUsername(user string) {
 	c.SetSession("username", user)
 }
 
+func (c *ApiController) SetSessionToken(accessToken string) {
+	c.SetSession("accessToken", accessToken)
+}
+
 // GetSessionData ...
 func (c *ApiController) GetSessionData() *SessionData {
 	session := c.GetSession("SessionData")

controllers/cert.go

@@ -68,7 +68,7 @@ func (c *ApiController) GetCerts() {
 // GetGlobalCerts
 // @Title GetGlobalCerts
 // @Tag Cert API
-// @Description get globle certs
+// @Description get global certs
 // @Success 200 {array} object.Cert The Response object
 // @router /get-global-certs [get]
 func (c *ApiController) GetGlobalCerts() {

controllers/face.go

@@ -0,0 +1,55 @@
+// Copyright 2024 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Casdoor will expose its providers as services to SDK
+// We are going to implement those services as APIs here
+
+package controllers
+
+import (
+	"fmt"
+
+	"github.com/casdoor/casdoor/object"
+	"github.com/casdoor/casdoor/util"
+)
+
+// FaceIDSigninBegin
+// @Title FaceIDSigninBegin
+// @Tag Login API
+// @Description FaceId Login Flow 1st stage
+// @Param   owner     query    string  true        "owner"
+// @Param   name     query    string  true        "name"
+// @Success 200 {object} controllers.Response The Response object
+// @router /faceid-signin-begin [get]
+func (c *ApiController) FaceIDSigninBegin() {
+	userOwner := c.Input().Get("owner")
+	userName := c.Input().Get("name")
+
+	user, err := object.GetUserByFields(userOwner, userName)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+	if user == nil {
+		c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), util.GetId(userOwner, userName)))
+		return
+	}
+
+	if len(user.FaceIds) == 0 {
+		c.ResponseError(c.T("check:Face data does not exist, cannot log in"))
+		return
+	}
+
+	c.ResponseOk()
+}

controllers/group.go

@@ -43,13 +43,20 @@ func (c *ApiController) GetGroups() {
 		if err != nil {
 			c.ResponseError(err.Error())
 			return
-		} else {
-			if withTree == "true" {
-				c.ResponseOk(object.ConvertToTreeData(groups, owner))
-				return
-			}
-			c.ResponseOk(groups)
 		}
+
+		err = object.ExtendGroupsWithUsers(groups)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+
+		if withTree == "true" {
+			c.ResponseOk(object.ConvertToTreeData(groups, owner))
+			return
+		}
+
+		c.ResponseOk(groups)
 	} else {
 		limit := util.ParseInt(limit)
 		count, err := object.GetGroupCount(owner, field, value)
@@ -64,6 +71,12 @@ func (c *ApiController) GetGroups() {
 			c.ResponseError(err.Error())
 			return
 		} else {
+			err = object.ExtendGroupsWithUsers(groups)
+			if err != nil {
+				c.ResponseError(err.Error())
+				return
+			}
+
 			c.ResponseOk(groups, paginator.Nums())
 		}
 	}
@@ -84,6 +97,13 @@ func (c *ApiController) GetGroup() {
 		c.ResponseError(err.Error())
 		return
 	}
+
+	err = object.ExtendGroupWithUsers(group)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
 	c.ResponseOk(group)
 }
 

controllers/record.go

@@ -85,6 +85,11 @@ func (c *ApiController) GetRecords() {
 // @Success 200 {object} object.Record The Response object
 // @router /get-records-filter [post]
 func (c *ApiController) GetRecordsByFilter() {
+	_, ok := c.RequireAdmin()
+	if !ok {
+		return
+	}
+
 	body := string(c.Ctx.Input.RequestBody)
 
 	record := &casvisorsdk.Record{}

controllers/service.go

@@ -125,9 +125,11 @@ func (c *ApiController) SendEmail() {
 				return
 			}
 
+			userString := "Hi"
 			if user != nil {
-				content = strings.Replace(content, "%{user.friendlyName}", user.GetFriendlyName(), 1)
+				userString = user.GetFriendlyName()
 			}
+			content = strings.Replace(content, "%{user.friendlyName}", userString, 1)
 		}
 	}
 

controllers/token.go

@@ -164,6 +164,7 @@ func (c *ApiController) GetOAuthToken() {
 	code := c.Input().Get("code")
 	verifier := c.Input().Get("code_verifier")
 	scope := c.Input().Get("scope")
+	nonce := c.Input().Get("nonce")
 	username := c.Input().Get("username")
 	password := c.Input().Get("password")
 	tag := c.Input().Get("tag")
@@ -197,6 +198,9 @@ func (c *ApiController) GetOAuthToken() {
 			if scope == "" {
 				scope = tokenRequest.Scope
 			}
+			if nonce == "" {
+				nonce = tokenRequest.Nonce
+			}
 			if username == "" {
 				username = tokenRequest.Username
 			}
@@ -216,7 +220,7 @@ func (c *ApiController) GetOAuthToken() {
 	}
 
 	host := c.Ctx.Request.Host
-	token, err := object.GetOAuthToken(grantType, clientId, clientSecret, code, verifier, scope, username, password, host, refreshToken, tag, avatar, c.GetAcceptLanguage())
+	token, err := object.GetOAuthToken(grantType, clientId, clientSecret, code, verifier, scope, nonce, username, password, host, refreshToken, tag, avatar, c.GetAcceptLanguage())
 	if err != nil {
 		c.ResponseError(err.Error())
 		return
@@ -317,7 +321,8 @@ func (c *ApiController) IntrospectToken() {
 		return
 	}
 
-	token, err := object.GetTokenByTokenValue(tokenValue)
+	tokenTypeHint := c.Input().Get("token_type_hint")
+	token, err := object.GetTokenByTokenValue(tokenValue, tokenTypeHint)
 	if err != nil {
 		c.ResponseTokenError(err.Error())
 		return

controllers/types.go

@@ -21,6 +21,7 @@ type TokenRequest struct {
 	Code         string `json:"code"`
 	Verifier     string `json:"code_verifier"`
 	Scope        string `json:"scope"`
+	Nonce        string `json:"nonce"`
 	Username     string `json:"username"`
 	Password     string `json:"password"`
 	Tag          string `json:"tag"`

controllers/util.go

@@ -127,6 +127,12 @@ func (c *ApiController) RequireAdmin() (string, bool) {
 	if user.Owner == "built-in" {
 		return "", true
 	}
+
+	if !user.IsAdmin {
+		c.ResponseError(c.T("general:this operation requires administrator to perform"))
+		return "", false
+	}
+
 	return user.Owner, true
 }
 

controllers/verification.go

@@ -20,6 +20,7 @@ import (
 	"fmt"
 	"strings"
 
+	"github.com/beego/beego/utils/pagination"
 	"github.com/casdoor/casdoor/captcha"
 	"github.com/casdoor/casdoor/form"
 	"github.com/casdoor/casdoor/object"
@@ -35,6 +36,90 @@ const (
 	MfaAuthVerification  = "mfaAuth"
 )
 
+// GetVerifications
+// @Title GetVerifications
+// @Tag Verification API
+// @Description get payments
+// @Param   owner     query    string  true        "The owner of payments"
+// @Success 200 {array} object.Verification The Response object
+// @router /get-payments [get]
+func (c *ApiController) GetVerifications() {
+	owner := c.Input().Get("owner")
+	limit := c.Input().Get("pageSize")
+	page := c.Input().Get("p")
+	field := c.Input().Get("field")
+	value := c.Input().Get("value")
+	sortField := c.Input().Get("sortField")
+	sortOrder := c.Input().Get("sortOrder")
+
+	if limit == "" || page == "" {
+		payments, err := object.GetVerifications(owner)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+
+		c.ResponseOk(payments)
+	} else {
+		limit := util.ParseInt(limit)
+		count, err := object.GetVerificationCount(owner, field, value)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+
+		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		payments, err := object.GetPaginationVerifications(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+
+		c.ResponseOk(payments, paginator.Nums())
+	}
+}
+
+// GetUserVerifications
+// @Title GetUserVerifications
+// @Tag Verification API
+// @Description get payments for a user
+// @Param   owner     query    string  true        "The owner of payments"
+// @Param   organization    query   string  true   "The organization of the user"
+// @Param   user    query   string  true           "The username of the user"
+// @Success 200 {array} object.Verification The Response object
+// @router /get-user-payments [get]
+func (c *ApiController) GetUserVerifications() {
+	owner := c.Input().Get("owner")
+	user := c.Input().Get("user")
+
+	payments, err := object.GetUserVerifications(owner, user)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	c.ResponseOk(payments)
+}
+
+// GetVerification
+// @Title GetVerification
+// @Tag Verification API
+// @Description get payment
+// @Param   id     query    string  true        "The id ( owner/name ) of the payment"
+// @Success 200 {object} object.Verification The Response object
+// @router /get-payment [get]
+func (c *ApiController) GetVerification() {
+	id := c.Input().Get("id")
+
+	payment, err := object.GetVerification(id)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	c.ResponseOk(payment)
+}
+
 // SendVerificationCode ...
 // @Title SendVerificationCode
 // @Tag Verification API

go.mod

@@ -14,15 +14,16 @@ require (
 	github.com/casdoor/notify v0.45.0
 	github.com/casdoor/oss v1.6.0
 	github.com/casdoor/xorm-adapter/v3 v3.1.0
-	github.com/casvisor/casvisor-go-sdk v1.1.0
+	github.com/casvisor/casvisor-go-sdk v1.3.0
 	github.com/dchest/captcha v0.0.0-20200903113550-03f5f0333e1f
 	github.com/denisenkom/go-mssqldb v0.9.0
 	github.com/elazarl/go-bindata-assetfs v1.0.1 // indirect
 	github.com/elimity-com/scim v0.0.0-20230426070224-941a5eac92f3
+	github.com/ethereum/go-ethereum v1.13.14
 	github.com/fogleman/gg v1.3.0
 	github.com/forestmgy/ldapserver v1.1.0
 	github.com/go-asn1-ber/asn1-ber v1.5.5
-	github.com/go-git/go-git/v5 v5.6.0
+	github.com/go-git/go-git/v5 v5.11.0
 	github.com/go-ldap/ldap/v3 v3.4.6
 	github.com/go-mysql-org/go-mysql v1.7.0
 	github.com/go-pay/gopay v1.5.72
@@ -32,14 +33,14 @@ require (
 	github.com/golang-jwt/jwt/v4 v4.5.0
 	github.com/google/uuid v1.4.0
 	github.com/json-iterator/go v1.1.12
-	github.com/lestrrat-go/jwx v1.2.21
+	github.com/lestrrat-go/jwx v1.2.29
 	github.com/lib/pq v1.10.9
 	github.com/lor00x/goldap v0.0.0-20180618054307-a546dffdd1a3
-	github.com/markbates/goth v1.78.0
+	github.com/markbates/goth v1.79.0
 	github.com/mitchellh/mapstructure v1.5.0
 	github.com/nyaruka/phonenumbers v1.1.5
 	github.com/pquerna/otp v1.4.0
-	github.com/prometheus/client_golang v1.11.1
+	github.com/prometheus/client_golang v1.12.0
 	github.com/prometheus/client_model v0.4.0
 	github.com/qiangmzsx/string-adapter/v2 v2.1.0
 	github.com/robfig/cron/v3 v3.0.1
@@ -49,19 +50,18 @@ require (
 	github.com/shirou/gopsutil v3.21.11+incompatible
 	github.com/siddontang/go-log v0.0.0-20190221022429-1e957dd83bed
 	github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e
-	github.com/stretchr/testify v1.8.4
+	github.com/stretchr/testify v1.9.0
 	github.com/stripe/stripe-go/v74 v74.29.0
 	github.com/tealeg/xlsx v1.0.5
 	github.com/thanhpk/randstr v1.0.4
 	github.com/tidwall/pretty v1.2.1 // indirect
-	github.com/tklauser/go-sysconf v0.3.10 // indirect
 	github.com/xorm-io/builder v0.3.13
 	github.com/xorm-io/core v0.7.4
 	github.com/xorm-io/xorm v1.1.6
 	github.com/yusufpapurcu/wmi v1.2.2 // indirect
-	golang.org/x/crypto v0.19.0
-	golang.org/x/net v0.17.0
-	golang.org/x/oauth2 v0.13.0
+	golang.org/x/crypto v0.21.0
+	golang.org/x/net v0.21.0
+	golang.org/x/oauth2 v0.17.0
 	google.golang.org/api v0.150.0
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/square/go-jose.v2 v2.6.0

i18n/locales/ar/data.json

@@ -18,6 +18,7 @@
     "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
     "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
     "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
+    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The organization: %s does not exist": "The organization: %s does not exist",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
@@ -38,6 +39,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email is invalid": "Email is invalid",
     "Empty username.": "Empty username.",
+    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
+    "Face data mismatch": "Face data mismatch",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
     "Invitation code exhausted": "Invitation code exhausted",

i18n/locales/de/data.json

@@ -18,6 +18,7 @@
     "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
     "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
     "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
+    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
     "The login method: login with password is not enabled for the application": "Die Anmeldeart \"Anmeldung mit Passwort\" ist für die Anwendung nicht aktiviert",
     "The organization: %s does not exist": "The organization: %s does not exist",
     "The provider: %s is not enabled for the application": "Der Anbieter: %s ist nicht für die Anwendung aktiviert",
@@ -38,6 +39,8 @@
     "Email cannot be empty": "E-Mail darf nicht leer sein",
     "Email is invalid": "E-Mail ist ungültig",
     "Empty username.": "Leerer Benutzername.",
+    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
+    "Face data mismatch": "Face data mismatch",
     "FirstName cannot be blank": "Vorname darf nicht leer sein",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
     "Invitation code exhausted": "Invitation code exhausted",

i18n/locales/en/data.json

@@ -18,6 +18,7 @@
     "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
     "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
     "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
+    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The organization: %s does not exist": "The organization: %s does not exist",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
@@ -38,6 +39,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email is invalid": "Email is invalid",
     "Empty username.": "Empty username.",
+    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
+    "Face data mismatch": "Face data mismatch",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
     "Invitation code exhausted": "Invitation code exhausted",

i18n/locales/es/data.json

@@ -18,6 +18,7 @@
     "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
     "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
     "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
+    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
     "The login method: login with password is not enabled for the application": "El método de inicio de sesión: inicio de sesión con contraseña no está habilitado para la aplicación",
     "The organization: %s does not exist": "The organization: %s does not exist",
     "The provider: %s is not enabled for the application": "El proveedor: %s no está habilitado para la aplicación",
@@ -38,6 +39,8 @@
     "Email cannot be empty": "El correo electrónico no puede estar vacío",
     "Email is invalid": "El correo electrónico no es válido",
     "Empty username.": "Nombre de usuario vacío.",
+    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
+    "Face data mismatch": "Face data mismatch",
     "FirstName cannot be blank": "El nombre no puede estar en blanco",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
     "Invitation code exhausted": "Invitation code exhausted",

i18n/locales/fa/data.json

@@ -18,6 +18,7 @@
     "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
     "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
     "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
+    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The organization: %s does not exist": "The organization: %s does not exist",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
@@ -38,6 +39,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email is invalid": "Email is invalid",
     "Empty username.": "Empty username.",
+    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
+    "Face data mismatch": "Face data mismatch",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
     "Invitation code exhausted": "Invitation code exhausted",

i18n/locales/fi/data.json

@@ -18,6 +18,7 @@
     "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
     "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
     "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
+    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The organization: %s does not exist": "The organization: %s does not exist",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
@@ -38,6 +39,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email is invalid": "Email is invalid",
     "Empty username.": "Empty username.",
+    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
+    "Face data mismatch": "Face data mismatch",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
     "Invitation code exhausted": "Invitation code exhausted",

i18n/locales/fr/data.json

@@ -18,6 +18,7 @@
     "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
     "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
     "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
+    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
     "The login method: login with password is not enabled for the application": "La méthode de connexion : connexion avec mot de passe n'est pas activée pour l'application",
     "The organization: %s does not exist": "The organization: %s does not exist",
     "The provider: %s is not enabled for the application": "Le fournisseur :%s n'est pas activé pour l'application",
@@ -38,6 +39,8 @@
     "Email cannot be empty": "L'e-mail ne peut pas être vide",
     "Email is invalid": "L'adresse e-mail est invalide",
     "Empty username.": "Nom d'utilisateur vide.",
+    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
+    "Face data mismatch": "Face data mismatch",
     "FirstName cannot be blank": "Le prénom ne peut pas être laissé vide",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
     "Invitation code exhausted": "Invitation code exhausted",

i18n/locales/he/data.json

@@ -18,6 +18,7 @@
     "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
     "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
     "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
+    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The organization: %s does not exist": "The organization: %s does not exist",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
@@ -38,6 +39,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email is invalid": "Email is invalid",
     "Empty username.": "Empty username.",
+    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
+    "Face data mismatch": "Face data mismatch",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
     "Invitation code exhausted": "Invitation code exhausted",

i18n/locales/id/data.json

@@ -18,6 +18,7 @@
     "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
     "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
     "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
+    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
     "The login method: login with password is not enabled for the application": "Metode login: login dengan kata sandi tidak diaktifkan untuk aplikasi tersebut",
     "The organization: %s does not exist": "The organization: %s does not exist",
     "The provider: %s is not enabled for the application": "Penyedia: %s tidak diaktifkan untuk aplikasi ini",
@@ -38,6 +39,8 @@
     "Email cannot be empty": "Email tidak boleh kosong",
     "Email is invalid": "Email tidak valid",
     "Empty username.": "Nama pengguna kosong.",
+    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
+    "Face data mismatch": "Face data mismatch",
     "FirstName cannot be blank": "Nama depan tidak boleh kosong",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
     "Invitation code exhausted": "Invitation code exhausted",

i18n/locales/it/data.json

@@ -18,6 +18,7 @@
     "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
     "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
     "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
+    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The organization: %s does not exist": "The organization: %s does not exist",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
@@ -38,6 +39,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email is invalid": "Email is invalid",
     "Empty username.": "Empty username.",
+    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
+    "Face data mismatch": "Face data mismatch",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
     "Invitation code exhausted": "Invitation code exhausted",

i18n/locales/ja/data.json

@@ -18,6 +18,7 @@
     "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
     "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
     "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
+    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
     "The login method: login with password is not enabled for the application": "ログイン方法：パスワードでのログインはアプリケーションで有効になっていません",
     "The organization: %s does not exist": "The organization: %s does not exist",
     "The provider: %s is not enabled for the application": "プロバイダー：%sはアプリケーションでは有効化されていません",
@@ -38,6 +39,8 @@
     "Email cannot be empty": "メールが空白にできません",
     "Email is invalid": "電子メールは無効です",
     "Empty username.": "空のユーザー名。",
+    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
+    "Face data mismatch": "Face data mismatch",
     "FirstName cannot be blank": "ファーストネームは空白にできません",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
     "Invitation code exhausted": "Invitation code exhausted",

i18n/locales/kk/data.json

@@ -18,6 +18,7 @@
     "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
     "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
     "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
+    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The organization: %s does not exist": "The organization: %s does not exist",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
@@ -38,6 +39,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email is invalid": "Email is invalid",
     "Empty username.": "Empty username.",
+    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
+    "Face data mismatch": "Face data mismatch",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
     "Invitation code exhausted": "Invitation code exhausted",

i18n/locales/ko/data.json

@@ -18,6 +18,7 @@
     "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
     "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
     "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
+    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
     "The login method: login with password is not enabled for the application": "어플리케이션에서는 암호를 사용한 로그인 방법이 활성화되어 있지 않습니다",
     "The organization: %s does not exist": "The organization: %s does not exist",
     "The provider: %s is not enabled for the application": "제공자 %s은(는) 응용 프로그램에서 활성화되어 있지 않습니다",
@@ -38,6 +39,8 @@
     "Email cannot be empty": "이메일은 비어 있을 수 없습니다",
     "Email is invalid": "이메일이 유효하지 않습니다",
     "Empty username.": "빈 사용자 이름.",
+    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
+    "Face data mismatch": "Face data mismatch",
     "FirstName cannot be blank": "이름은 공백일 수 없습니다",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
     "Invitation code exhausted": "Invitation code exhausted",

i18n/locales/ms/data.json

@@ -18,6 +18,7 @@
     "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
     "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
     "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
+    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The organization: %s does not exist": "The organization: %s does not exist",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
@@ -38,6 +39,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email is invalid": "Email is invalid",
     "Empty username.": "Empty username.",
+    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
+    "Face data mismatch": "Face data mismatch",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
     "Invitation code exhausted": "Invitation code exhausted",

i18n/locales/nl/data.json

@@ -18,6 +18,7 @@
     "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
     "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
     "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
+    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The organization: %s does not exist": "The organization: %s does not exist",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
@@ -38,6 +39,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email is invalid": "Email is invalid",
     "Empty username.": "Empty username.",
+    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
+    "Face data mismatch": "Face data mismatch",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
     "Invitation code exhausted": "Invitation code exhausted",

i18n/locales/pl/data.json

@@ -18,6 +18,7 @@
     "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
     "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
     "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
+    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The organization: %s does not exist": "The organization: %s does not exist",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
@@ -38,6 +39,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email is invalid": "Email is invalid",
     "Empty username.": "Empty username.",
+    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
+    "Face data mismatch": "Face data mismatch",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
     "Invitation code exhausted": "Invitation code exhausted",

i18n/locales/pt/data.json

@@ -18,6 +18,7 @@
     "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
     "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
     "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
+    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The organization: %s does not exist": "The organization: %s does not exist",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
@@ -38,6 +39,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email is invalid": "Email is invalid",
     "Empty username.": "Empty username.",
+    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
+    "Face data mismatch": "Face data mismatch",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
     "Invitation code exhausted": "Invitation code exhausted",

i18n/locales/ru/data.json

@@ -18,6 +18,7 @@
     "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
     "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
     "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
+    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
     "The login method: login with password is not enabled for the application": "Метод входа: вход с паролем не включен для приложения",
     "The organization: %s does not exist": "The organization: %s does not exist",
     "The provider: %s is not enabled for the application": "Провайдер: %s не включен для приложения",
@@ -38,6 +39,8 @@
     "Email cannot be empty": "Электронная почта не может быть пустой",
     "Email is invalid": "Адрес электронной почты недействительный",
     "Empty username.": "Пустое имя пользователя.",
+    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
+    "Face data mismatch": "Face data mismatch",
     "FirstName cannot be blank": "Имя не может быть пустым",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
     "Invitation code exhausted": "Invitation code exhausted",

i18n/locales/sv/data.json

@@ -18,6 +18,7 @@
     "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
     "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
     "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
+    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The organization: %s does not exist": "The organization: %s does not exist",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
@@ -38,6 +39,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email is invalid": "Email is invalid",
     "Empty username.": "Empty username.",
+    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
+    "Face data mismatch": "Face data mismatch",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
     "Invitation code exhausted": "Invitation code exhausted",

i18n/locales/tr/data.json

@@ -18,6 +18,7 @@
     "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
     "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
     "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
+    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The organization: %s does not exist": "The organization: %s does not exist",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
@@ -38,6 +39,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email is invalid": "Email is invalid",
     "Empty username.": "Empty username.",
+    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
+    "Face data mismatch": "Face data mismatch",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
     "Invitation code exhausted": "Invitation code exhausted",

i18n/locales/uk/data.json

@@ -18,6 +18,7 @@
     "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
     "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
     "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
+    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
     "The login method: login with password is not enabled for the application": "The login method: login with password is not enabled for the application",
     "The organization: %s does not exist": "The organization: %s does not exist",
     "The provider: %s is not enabled for the application": "The provider: %s is not enabled for the application",
@@ -38,6 +39,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email is invalid": "Email is invalid",
     "Empty username.": "Empty username.",
+    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
+    "Face data mismatch": "Face data mismatch",
     "FirstName cannot be blank": "FirstName cannot be blank",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
     "Invitation code exhausted": "Invitation code exhausted",

i18n/locales/vi/data.json

@@ -18,6 +18,7 @@
     "The login method: login with LDAP is not enabled for the application": "The login method: login with LDAP is not enabled for the application",
     "The login method: login with SMS is not enabled for the application": "The login method: login with SMS is not enabled for the application",
     "The login method: login with email is not enabled for the application": "The login method: login with email is not enabled for the application",
+    "The login method: login with face is not enabled for the application": "The login method: login with face is not enabled for the application",
     "The login method: login with password is not enabled for the application": "Phương thức đăng nhập: đăng nhập bằng mật khẩu không được kích hoạt cho ứng dụng",
     "The organization: %s does not exist": "The organization: %s does not exist",
     "The provider: %s is not enabled for the application": "Nhà cung cấp: %s không được kích hoạt cho ứng dụng",
@@ -38,6 +39,8 @@
     "Email cannot be empty": "Email không thể để trống",
     "Email is invalid": "Địa chỉ email không hợp lệ",
     "Empty username.": "Tên đăng nhập trống.",
+    "Face data does not exist, cannot log in": "Face data does not exist, cannot log in",
+    "Face data mismatch": "Face data mismatch",
     "FirstName cannot be blank": "Tên không được để trống",
     "Invitation code cannot be blank": "Invitation code cannot be blank",
     "Invitation code exhausted": "Invitation code exhausted",

i18n/locales/zh/data.json

@@ -18,6 +18,7 @@
     "The login method: login with LDAP is not enabled for the application": "该应用禁止采用LDAP登录方式",
     "The login method: login with SMS is not enabled for the application": "该应用禁止采用短信登录方式",
     "The login method: login with email is not enabled for the application": "该应用禁止采用邮箱登录方式",
+    "The login method: login with face is not enabled for the application": "该应用禁止采用人脸登录",
     "The login method: login with password is not enabled for the application": "该应用禁止采用密码登录方式",
     "The organization: %s does not exist": "组织: %s 不存在",
     "The provider: %s is not enabled for the application": "该应用的提供商: %s未被启用",
@@ -38,6 +39,8 @@
     "Email cannot be empty": "邮箱不可为空",
     "Email is invalid": "无效邮箱",
     "Empty username.": "用户名不可为空",
+    "Face data does not exist, cannot log in": "未录入人脸数据，无法登录",
+    "Face data mismatch": "人脸不匹配",
     "FirstName cannot be blank": "名不可以为空",
     "Invitation code cannot be blank": "邀请码不能为空",
     "Invitation code exhausted": "邀请码使用次数已耗尽",

idp/custom.go

@@ -98,11 +98,19 @@ func (idp *CustomIdProvider) GetUserInfo(token *oauth2.Token) (*UserInfo, error)
 		return nil, err
 	}
 
+	requiredFields := []string{"id", "username", "displayName"}
+	for _, field := range requiredFields {
+		_, ok := idp.UserMapping[field]
+		if !ok {
+			return nil, fmt.Errorf("cannot find %s in userMapping, please check your configuration in custom provider", field)
+		}
+	}
+
 	// map user info
 	for k, v := range idp.UserMapping {
 		_, ok := dataMap[v]
 		if !ok {
-			return nil, fmt.Errorf("cannot find %s in user from castom provider", v)
+			return nil, fmt.Errorf("cannot find %s in user from custom provider", v)
 		}
 		dataMap[k] = dataMap[v]
 	}

idp/metamask.go

@@ -15,15 +15,43 @@
 package idp
 
 import (
+	"encoding/hex"
 	"encoding/json"
 	"errors"
 	"fmt"
 	"net/http"
+	"strings"
 	"time"
 
+	"github.com/ethereum/go-ethereum/crypto"
+
 	"golang.org/x/oauth2"
 )
 
+type EIP712Message struct {
+	Domain struct {
+		ChainId string `json:"chainId"`
+		Name    string `json:"name"`
+		Version string `json:"version"`
+	} `json:"domain"`
+	Message struct {
+		Prompt   string `json:"prompt"`
+		Nonce    string `json:"nonce"`
+		CreateAt string `json:"createAt"`
+	} `json:"message"`
+	PrimaryType string `json:"primaryType"`
+	Types       struct {
+		EIP712Domain []struct {
+			Name string `json:"name"`
+			Type string `json:"type"`
+		} `json:"EIP712Domain"`
+		AuthRequest []struct {
+			Name string `json:"name"`
+			Type string `json:"type"`
+		} `json:"AuthRequest"`
+	} `json:"types"`
+}
+
 type MetaMaskIdProvider struct {
 	Client *http.Client
 }
@@ -42,6 +70,15 @@ func (idp *MetaMaskIdProvider) GetToken(code string) (*oauth2.Token, error) {
 	if err := json.Unmarshal([]byte(code), &web3AuthToken); err != nil {
 		return nil, err
 	}
+	valid, err := VerifySignature(web3AuthToken.Address, web3AuthToken.TypedData, web3AuthToken.Signature)
+	if err != nil {
+		return nil, err
+	}
+
+	if !valid {
+		return nil, fmt.Errorf("invalid signature")
+	}
+
 	token := &oauth2.Token{
 		AccessToken: web3AuthToken.Signature,
 		TokenType:   "Bearer",
@@ -68,3 +105,43 @@ func (idp *MetaMaskIdProvider) GetUserInfo(token *oauth2.Token) (*UserInfo, erro
 	}
 	return userInfo, nil
 }
+
+func VerifySignature(userAddress string, originalMessage string, signatureHex string) (bool, error) {
+	var eip712Mes EIP712Message
+	err := json.Unmarshal([]byte(originalMessage), &eip712Mes)
+	if err != nil {
+		return false, fmt.Errorf("invalid signature (Error parsing JSON)")
+	}
+
+	createAtTime, err := time.Parse("2006/1/2 15:04:05", eip712Mes.Message.CreateAt)
+	currentTime := time.Now()
+	if createAtTime.Before(currentTime.Add(-1*time.Minute)) && createAtTime.After(currentTime) {
+		return false, fmt.Errorf("invalid signature (signature does not meet time requirements)")
+	}
+
+	if !strings.HasPrefix(signatureHex, "0x") {
+		signatureHex = "0x" + signatureHex
+	}
+
+	signatureBytes, err := hex.DecodeString(signatureHex[2:])
+	if err != nil {
+		return false, err
+	}
+
+	if signatureBytes[64] != 27 && signatureBytes[64] != 28 {
+		return false, fmt.Errorf("invalid signature (incorrect recovery id)")
+	}
+	signatureBytes[64] -= 27
+
+	msg := fmt.Sprintf("\x19Ethereum Signed Message:\n%d%s", len([]byte(originalMessage)), []byte(originalMessage))
+	hash := crypto.Keccak256Hash([]byte(msg))
+
+	pubKey, err := crypto.SigToPub(hash.Bytes(), signatureBytes)
+	if err != nil {
+		return false, err
+	}
+
+	recoveredAddr := crypto.PubkeyToAddress(*pubKey)
+
+	return strings.EqualFold(recoveredAddr.Hex(), userAddress), nil
+}

init_data.json.template

@@ -110,6 +110,11 @@
           "name": "WebAuthn",
           "displayName": "WebAuthn",
           "rule": "None"
+        },
+        {
+          "name": "Face ID",
+          "displayName": "Face ID",
+          "rule": "None"
         }
       ],
       "signupItems": [
@@ -179,8 +184,10 @@
         "refresh_token"
       ],
       "redirectUris": [
-        ""
+        "http://localhost:9000/callback"
       ],
+      "tokenFormat": "JWT",
+      "tokenFields": [],
       "expireInHours": 168,
       "failedSigninLimit": 5,
       "failedSigninFrozenTime": 15

main.go

@@ -59,6 +59,7 @@ func main() {
 	beego.InsertFilter("*", beego.BeforeRouter, routers.ApiFilter)
 	beego.InsertFilter("*", beego.BeforeRouter, routers.PrometheusFilter)
 	beego.InsertFilter("*", beego.BeforeRouter, routers.RecordMessage)
+	beego.InsertFilter("*", beego.AfterExec, routers.AfterRecordMessage, false)
 
 	beego.BConfig.WebConfig.Session.SessionOn = true
 	beego.BConfig.WebConfig.Session.SessionName = "casdoor_session_id"

object/application.go

@@ -311,6 +311,9 @@ func extendApplicationWithSigninMethods(application *Application) (err error) {
 			signinMethod := &SigninMethod{Name: "WebAuthn", DisplayName: "WebAuthn", Rule: "None"}
 			application.SigninMethods = append(application.SigninMethods, signinMethod)
 		}
+
+		signinMethod := &SigninMethod{Name: "Face ID", DisplayName: "Face ID", Rule: "None"}
+		application.SigninMethods = append(application.SigninMethods, signinMethod)
 	}
 
 	if len(application.SigninMethods) == 0 {

object/group.go

@@ -17,6 +17,7 @@ package object
 import (
 	"errors"
 	"fmt"
+	"sync"
 
 	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/util"
@@ -30,13 +31,13 @@ type Group struct {
 	CreatedTime string `xorm:"varchar(100)" json:"createdTime"`
 	UpdatedTime string `xorm:"varchar(100)" json:"updatedTime"`
 
-	DisplayName  string  `xorm:"varchar(100)" json:"displayName"`
-	Manager      string  `xorm:"varchar(100)" json:"manager"`
-	ContactEmail string  `xorm:"varchar(100)" json:"contactEmail"`
-	Type         string  `xorm:"varchar(100)" json:"type"`
-	ParentId     string  `xorm:"varchar(100)" json:"parentId"`
-	IsTopGroup   bool    `xorm:"bool" json:"isTopGroup"`
-	Users        []*User `xorm:"-" json:"users"`
+	DisplayName  string   `xorm:"varchar(100)" json:"displayName"`
+	Manager      string   `xorm:"varchar(100)" json:"manager"`
+	ContactEmail string   `xorm:"varchar(100)" json:"contactEmail"`
+	Type         string   `xorm:"varchar(100)" json:"type"`
+	ParentId     string   `xorm:"varchar(100)" json:"parentId"`
+	IsTopGroup   bool     `xorm:"bool" json:"isTopGroup"`
+	Users        []string `xorm:"-" json:"users"`
 
 	Title    string   `json:"title,omitempty"`
 	Key      string   `json:"key,omitempty"`
@@ -288,6 +289,55 @@ func GetGroupUsers(groupId string) ([]*User, error) {
 	return users, nil
 }
 
+func ExtendGroupWithUsers(group *Group) error {
+	if group == nil {
+		return nil
+	}
+
+	users, err := GetUsers(group.Owner)
+	if err != nil {
+		return err
+	}
+
+	groupId := group.GetId()
+	userIds := []string{}
+	for _, user := range users {
+		if util.InSlice(user.Groups, groupId) {
+			userIds = append(userIds, user.GetId())
+		}
+	}
+
+	group.Users = userIds
+	return nil
+}
+
+func ExtendGroupsWithUsers(groups []*Group) error {
+	var wg sync.WaitGroup
+	errChan := make(chan error, len(groups))
+
+	for _, group := range groups {
+		wg.Add(1)
+		go func(group *Group) {
+			defer wg.Done()
+			err := ExtendGroupWithUsers(group)
+			if err != nil {
+				errChan <- err
+			}
+		}(group)
+	}
+
+	wg.Wait()
+	close(errChan)
+
+	for err := range errChan {
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
 func GroupChangeTrigger(oldName, newName string) error {
 	session := ormer.Engine.NewSession()
 	defer session.Close()

object/init.go

@@ -184,6 +184,7 @@ func initBuiltInApplication() {
 			{Name: "Password", DisplayName: "Password", Rule: "All"},
 			{Name: "Verification code", DisplayName: "Verification code", Rule: "All"},
 			{Name: "WebAuthn", DisplayName: "WebAuthn", Rule: "None"},
+			{Name: "Face ID", DisplayName: "Face ID", Rule: "None"},
 		},
 		SignupItems: []*SignupItem{
 			{Name: "ID", Visible: false, Required: true, Prompted: false, Rule: "Random"},
@@ -197,6 +198,7 @@ func initBuiltInApplication() {
 		},
 		Tags:          []string{},
 		RedirectUris:  []string{},
+		TokenFormat:   "JWT",
 		TokenFields:   []string{},
 		ExpireInHours: 168,
 		FormOffset:    2,

object/record.go

@@ -15,6 +15,7 @@
 package object
 
 import (
+	"encoding/json"
 	"fmt"
 	"strings"
 
@@ -34,7 +35,12 @@ type Record struct {
 	casvisorsdk.Record
 }
 
-func NewRecord(ctx *context.Context) *casvisorsdk.Record {
+type Response struct {
+	Status string `json:"status"`
+	Msg    string `json:"msg"`
+}
+
+func NewRecord(ctx *context.Context) (*casvisorsdk.Record, error) {
 	ip := strings.Replace(util.GetIPFromRequest(ctx.Request), ": ", "", -1)
 	action := strings.Replace(ctx.Request.URL.Path, "/api/", "", -1)
 	requestUri := util.FilterQuery(ctx.Request.RequestURI, []string{"accessToken"})
@@ -47,6 +53,17 @@ func NewRecord(ctx *context.Context) *casvisorsdk.Record {
 		object = string(ctx.Input.RequestBody)
 	}
 
+	respBytes, err := json.Marshal(ctx.Input.Data()["json"])
+	if err != nil {
+		return nil, err
+	}
+
+	var resp Response
+	err = json.Unmarshal(respBytes, &resp)
+	if err != nil {
+		return nil, err
+	}
+
 	language := ctx.Request.Header.Get("Accept-Language")
 	if len(language) > 2 {
 		language = language[0:2]
@@ -63,9 +80,10 @@ func NewRecord(ctx *context.Context) *casvisorsdk.Record {
 		Action:      action,
 		Language:    languageCode,
 		Object:      object,
+		Response:    fmt.Sprintf("{status:\"%s\", msg:\"%s\"}", resp.Status, resp.Msg),
 		IsTriggered: false,
 	}
-	return &record
+	return &record, nil
 }
 
 func AddRecord(record *casvisorsdk.Record) bool {
@@ -122,6 +140,12 @@ func GetRecords() ([]*casvisorsdk.Record, error) {
 
 func GetPaginationRecords(offset, limit int, field, value, sortField, sortOrder string, filterRecord *casvisorsdk.Record) ([]*casvisorsdk.Record, error) {
 	records := []*casvisorsdk.Record{}
+
+	if sortField == "" || sortOrder == "" {
+		sortField = "id"
+		sortOrder = "descend"
+	}
+
 	session := GetSession("", offset, limit, field, value, sortField, sortOrder)
 	err := session.Find(&records, filterRecord)
 	if err != nil {
@@ -141,6 +165,25 @@ func GetRecordsByField(record *casvisorsdk.Record) ([]*casvisorsdk.Record, error
 	return records, nil
 }
 
+func CopyRecord(record *casvisorsdk.Record) *casvisorsdk.Record {
+	res := &casvisorsdk.Record{
+		Owner:        record.Owner,
+		Name:         record.Name,
+		CreatedTime:  record.CreatedTime,
+		Organization: record.Organization,
+		ClientIp:     record.ClientIp,
+		User:         record.User,
+		Method:       record.Method,
+		RequestUri:   record.RequestUri,
+		Action:       record.Action,
+		Language:     record.Language,
+		Object:       record.Object,
+		Response:     record.Response,
+		IsTriggered:  record.IsTriggered,
+	}
+	return res
+}
+
 func getFilteredWebhooks(webhooks []*Webhook, organization string, action string) []*Webhook {
 	res := []*Webhook{}
 	for _, webhook := range webhooks {

object/token.go

@@ -137,21 +137,24 @@ func GetTokenByRefreshToken(refreshToken string) (*Token, error) {
 	return &token, nil
 }
 
-func GetTokenByTokenValue(tokenValue string) (*Token, error) {
-	token, err := GetTokenByAccessToken(tokenValue)
-	if err != nil {
-		return nil, err
-	}
-	if token != nil {
-		return token, nil
-	}
-
-	token, err = GetTokenByRefreshToken(tokenValue)
-	if err != nil {
-		return nil, err
-	}
-	if token != nil {
-		return token, nil
+func GetTokenByTokenValue(tokenValue, tokenTypeHint string) (*Token, error) {
+	switch tokenTypeHint {
+	case "access_token":
+		token, err := GetTokenByAccessToken(tokenValue)
+		if err != nil {
+			return nil, err
+		}
+		if token != nil {
+			return token, nil
+		}
+	case "refresh_token":
+		token, err := GetTokenByRefreshToken(tokenValue)
+		if err != nil {
+			return nil, err
+		}
+		if token != nil {
+			return token, nil
+		}
 	}
 
 	return nil, nil

object/token_cas.go

@@ -261,7 +261,7 @@ func GetValidationBySaml(samlRequest string, host string) (string, string, error
 
 	ok, _, service, userId := GetCasTokenByTicket(ticket)
 	if !ok {
-		return "", "", fmt.Errorf("ticket %s found", ticket)
+		return "", "", fmt.Errorf("the CAS token for ticket %s is not found", ticket)
 	}
 
 	user, err := GetUser(userId)
@@ -270,7 +270,7 @@ func GetValidationBySaml(samlRequest string, host string) (string, string, error
 	}
 
 	if user == nil {
-		return "", "", fmt.Errorf("user %s found", userId)
+		return "", "", fmt.Errorf("the user %s is not found", userId)
 	}
 
 	application, err := GetApplicationByUser(user)
@@ -279,7 +279,7 @@ func GetValidationBySaml(samlRequest string, host string) (string, string, error
 	}
 
 	if application == nil {
-		return "", "", fmt.Errorf("application for user %s found", userId)
+		return "", "", fmt.Errorf("the application for user %s is not found", userId)
 	}
 
 	samlResponse, err := NewSamlResponse11(user, request.RequestID, host)

object/token_jwt.go

@@ -359,6 +359,10 @@ func generateJwtToken(application *Application, user *User, nonce string, scope
 	var token *jwt.Token
 	var refreshToken *jwt.Token
 
+	if application.TokenFormat == "" {
+		application.TokenFormat = "JWT"
+	}
+
 	// the JWT token length in "JWT-Empty" mode will be very short, as User object only has two properties: owner and name
 	if application.TokenFormat == "JWT" {
 		claimsWithoutThirdIdp := getClaimsWithoutThirdIdp(claims)

object/token_oauth.go

@@ -189,7 +189,7 @@ func GetOAuthCode(userId string, clientId string, responseType string, redirectU
 	}, nil
 }
 
-func GetOAuthToken(grantType string, clientId string, clientSecret string, code string, verifier string, scope string, username string, password string, host string, refreshToken string, tag string, avatar string, lang string) (interface{}, error) {
+func GetOAuthToken(grantType string, clientId string, clientSecret string, code string, verifier string, scope string, nonce string, username string, password string, host string, refreshToken string, tag string, avatar string, lang string) (interface{}, error) {
 	application, err := GetApplicationByClientId(clientId)
 	if err != nil {
 		return nil, err
@@ -220,6 +220,8 @@ func GetOAuthToken(grantType string, clientId string, clientSecret string, code
 		token, tokenError, err = GetPasswordToken(application, username, password, scope, host)
 	case "client_credentials": // Client Credentials Grant
 		token, tokenError, err = GetClientCredentialsToken(application, clientSecret, scope, host)
+	case "token", "id_token": // Implicit Grant
+		token, tokenError, err = GetImplicitToken(application, username, scope, nonce, host)
 	case "refresh_token":
 		refreshToken2, err := RefreshToken(grantType, refreshToken, scope, clientId, clientSecret, host)
 		if err != nil {
@@ -582,6 +584,33 @@ func GetClientCredentialsToken(application *Application, clientSecret string, sc
 	return token, nil, nil
 }
 
+// GetImplicitToken
+// Implicit flow
+func GetImplicitToken(application *Application, username string, scope string, nonce string, host string) (*Token, *TokenError, error) {
+	user, err := GetUserByFields(application.Organization, username)
+	if err != nil {
+		return nil, nil, err
+	}
+	if user == nil {
+		return nil, &TokenError{
+			Error:            InvalidGrant,
+			ErrorDescription: "the user does not exist",
+		}, nil
+	}
+	if user.IsForbidden {
+		return nil, &TokenError{
+			Error:            InvalidGrant,
+			ErrorDescription: "the user is forbidden to sign in, please contact the administrator",
+		}, nil
+	}
+
+	token, err := GetTokenByUser(application, user, scope, nonce, host)
+	if err != nil {
+		return nil, nil, err
+	}
+	return token, nil, nil
+}
+
 // GetTokenByUser
 // Implicit flow
 func GetTokenByUser(application *Application, user *User, scope string, nonce string, host string) (*Token, error) {
@@ -715,7 +744,7 @@ func GetWechatMiniProgramToken(application *Application, code string, host strin
 		Code:         session.SessionKey, // a trick, because miniprogram does not use the code, so use the code field to save the session_key
 		AccessToken:  accessToken,
 		RefreshToken: refreshToken,
-		ExpiresIn:    application.ExpireInHours * 60,
+		ExpiresIn:    application.ExpireInHours * hourSeconds,
 		Scope:        "",
 		TokenType:    "Bearer",
 		CodeIsUsed:   true,
@@ -726,3 +755,20 @@ func GetWechatMiniProgramToken(application *Application, code string, host strin
 	}
 	return token, nil, nil
 }
+
+func GetAccessTokenByUser(user *User, host string) (string, error) {
+	application, err := GetApplicationByUser(user)
+	if err != nil {
+		return "", err
+	}
+	if application == nil {
+		return "", fmt.Errorf("the application for user %s is not found", user.Id)
+	}
+
+	token, err := GetTokenByUser(application, user, "profile", "", host)
+	if err != nil {
+		return "", err
+	}
+
+	return token.AccessToken, nil
+}

object/user.go

@@ -98,6 +98,7 @@ type User struct {
 	PreHash           string   `xorm:"varchar(100)" json:"preHash"`
 	AccessKey         string   `xorm:"varchar(100)" json:"accessKey"`
 	AccessSecret      string   `xorm:"varchar(100)" json:"accessSecret"`
+	AccessToken       string   `xorm:"mediumtext" json:"accessToken"`
 
 	CreatedIp      string `xorm:"varchar(100)" json:"createdIp"`
 	LastSigninTime string `xorm:"varchar(100)" json:"lastSigninTime"`

object/verification.go

@@ -50,13 +50,13 @@ type VerificationRecord struct {
 	Name        string `xorm:"varchar(100) notnull pk" json:"name"`
 	CreatedTime string `xorm:"varchar(100)" json:"createdTime"`
 
-	RemoteAddr string `xorm:"varchar(100)"`
-	Type       string `xorm:"varchar(10)"`
-	User       string `xorm:"varchar(100) notnull"`
-	Provider   string `xorm:"varchar(100) notnull"`
-	Receiver   string `xorm:"varchar(100) notnull"`
-	Code       string `xorm:"varchar(10) notnull"`
-	Time       int64  `xorm:"notnull"`
+	RemoteAddr string `xorm:"varchar(100)" json:"remoteAddr"`
+	Type       string `xorm:"varchar(10)" json:"type"`
+	User       string `xorm:"varchar(100) notnull" json:"user"`
+	Provider   string `xorm:"varchar(100) notnull" json:"provider"`
+	Receiver   string `xorm:"varchar(100) index notnull" json:"receiver"`
+	Code       string `xorm:"varchar(10) notnull" json:"code"`
+	Time       int64  `xorm:"notnull" json:"time"`
 	IsUsed     bool
 }
 
@@ -92,9 +92,12 @@ func SendVerificationCodeToEmail(organization *Organization, user *User, provide
 
 	// "You have requested a verification code at Casdoor. Here is your code: %s, please enter in 5 minutes."
 	content := strings.Replace(provider.Content, "%s", code, 1)
+
+	userString := "Hi"
 	if user != nil {
-		content = strings.Replace(content, "%{user.friendlyName}", user.GetFriendlyName(), 1)
+		userString = user.GetFriendlyName()
 	}
+	content = strings.Replace(content, "%{user.friendlyName}", userString, 1)
 
 	err := IsAllowSend(user, remoteAddr, provider.Category)
 	if err != nil {
@@ -184,17 +187,20 @@ func CheckVerificationCode(dest string, code string, lang string) (*VerifyResult
 		return nil, err
 	}
 	if record == nil {
-		return &VerifyResult{noRecordError, i18n.Translate(lang, "verification:Code has not been sent yet!")}, nil
+		return &VerifyResult{noRecordError, i18n.Translate(lang, "verification:The verification code has not been sent yet, or has already been used!")}, nil
 	}
 
-	timeout, err := conf.GetConfigInt64("verificationCodeTimeout")
+	timeoutInMinutes, err := conf.GetConfigInt64("verificationCodeTimeout")
 	if err != nil {
 		return nil, err
 	}
 
 	now := time.Now().Unix()
-	if now-record.Time > timeout*60 {
-		return &VerifyResult{timeoutError, fmt.Sprintf(i18n.Translate(lang, "verification:You should verify your code in %d min!"), timeout)}, nil
+	if now-record.Time > timeoutInMinutes*60*10 {
+		return &VerifyResult{noRecordError, i18n.Translate(lang, "verification:The verification code has not been sent yet!")}, nil
+	}
+	if now-record.Time > timeoutInMinutes*60 {
+		return &VerifyResult{timeoutError, fmt.Sprintf(i18n.Translate(lang, "verification:You should verify your code in %d min!"), timeoutInMinutes)}, nil
 	}
 
 	if record.Code != code {
@@ -278,3 +284,62 @@ func getRandomCode(length int) string {
 	}
 	return string(result)
 }
+
+func GetVerificationCount(owner, field, value string) (int64, error) {
+	session := GetSession(owner, -1, -1, field, value, "", "")
+	return session.Count(&VerificationRecord{Owner: owner})
+}
+
+func GetVerifications(owner string) ([]*VerificationRecord, error) {
+	verifications := []*VerificationRecord{}
+	err := ormer.Engine.Desc("created_time").Find(&verifications, &VerificationRecord{Owner: owner})
+	if err != nil {
+		return nil, err
+	}
+
+	return verifications, nil
+}
+
+func GetUserVerifications(owner, user string) ([]*VerificationRecord, error) {
+	verifications := []*VerificationRecord{}
+	err := ormer.Engine.Desc("created_time").Find(&verifications, &VerificationRecord{Owner: owner, User: user})
+	if err != nil {
+		return nil, err
+	}
+
+	return verifications, nil
+}
+
+func GetPaginationVerifications(owner string, offset, limit int, field, value, sortField, sortOrder string) ([]*VerificationRecord, error) {
+	verifications := []*VerificationRecord{}
+	session := GetSession(owner, offset, limit, field, value, sortField, sortOrder)
+	err := session.Find(&verifications, &VerificationRecord{Owner: owner})
+	if err != nil {
+		return nil, err
+	}
+
+	return verifications, nil
+}
+
+func getVerification(owner string, name string) (*VerificationRecord, error) {
+	if owner == "" || name == "" {
+		return nil, nil
+	}
+
+	verification := VerificationRecord{Owner: owner, Name: name}
+	existed, err := ormer.Engine.Get(&verification)
+	if err != nil {
+		return nil, err
+	}
+
+	if existed {
+		return &verification, nil
+	} else {
+		return nil, nil
+	}
+}
+
+func GetVerification(id string) (*VerificationRecord, error) {
+	owner, name := util.GetOwnerAndNameFromId(id)
+	return getVerification(owner, name)
+}

routers/authz_filter.go

@@ -20,6 +20,8 @@ import (
 	"net/http"
 	"strings"
 
+	"github.com/casdoor/casdoor/object"
+
 	"github.com/beego/beego/context"
 	"github.com/casdoor/casdoor/authz"
 	"github.com/casdoor/casdoor/util"
@@ -66,10 +68,18 @@ func getObject(ctx *context.Context) (string, string) {
 	path := ctx.Request.URL.Path
 
 	if method == http.MethodGet {
-		if ctx.Request.URL.Path == "/api/get-policies" && ctx.Input.Query("id") == "/" {
-			adapterId := ctx.Input.Query("adapterId")
-			if adapterId != "" {
-				return util.GetOwnerAndNameFromIdNoCheck(adapterId)
+		if ctx.Request.URL.Path == "/api/get-policies" {
+			if ctx.Input.Query("id") == "/" {
+				adapterId := ctx.Input.Query("adapterId")
+				if adapterId != "" {
+					return util.GetOwnerAndNameFromIdNoCheck(adapterId)
+				}
+			} else {
+				// query == "?id=built-in/admin"
+				id := ctx.Input.Query("id")
+				if id != "" {
+					return util.GetOwnerAndNameFromIdNoCheck(id)
+				}
 			}
 		}
 
@@ -203,5 +213,17 @@ func ApiFilter(ctx *context.Context) {
 
 	if !isAllowed {
 		denyRequest(ctx)
+		record, err := object.NewRecord(ctx)
+		if err != nil {
+			return
+		}
+
+		record.Organization = subOwner
+		record.User = subName // auth:Unauthorized operation
+		record.Response = fmt.Sprintf("{status:\"error\", msg:\"%s\"}", T(ctx, "auth:Unauthorized operation"))
+
+		util.SafeGoroutine(func() {
+			object.AddRecord(record)
+		})
 	}
 }

routers/record.go

@@ -15,9 +15,12 @@
 package routers
 
 import (
+	"fmt"
+
 	"github.com/beego/beego/context"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
+	"github.com/casvisor/casvisor-go-sdk/casvisorsdk"
 )
 
 func getUser(ctx *context.Context) (username string) {
@@ -60,12 +63,49 @@ func RecordMessage(ctx *context.Context) {
 		return
 	}
 
-	record := object.NewRecord(ctx)
-
 	userId := getUser(ctx)
+
+	ctx.Input.SetParam("recordUserId", userId)
+}
+
+func AfterRecordMessage(ctx *context.Context) {
+	record, err := object.NewRecord(ctx)
+	if err != nil {
+		fmt.Printf("AfterRecordMessage() error: %s\n", err.Error())
+		return
+	}
+
+	userId := ctx.Input.Params()["recordUserId"]
 	if userId != "" {
 		record.Organization, record.User = util.GetOwnerAndNameFromId(userId)
 	}
 
-	util.SafeGoroutine(func() { object.AddRecord(record) })
+	var record2 *casvisorsdk.Record
+	recordSignup := ctx.Input.Params()["recordSignup"]
+	if recordSignup == "true" {
+		record2 = object.CopyRecord(record)
+		record2.Action = "new-user"
+
+		var user *object.User
+		user, err = object.GetUser(userId)
+		if err != nil {
+			fmt.Printf("AfterRecordMessage() error: %s\n", err.Error())
+			return
+		}
+		if user == nil {
+			err = fmt.Errorf("the user: %s is not found", userId)
+			fmt.Printf("AfterRecordMessage() error: %s\n", err.Error())
+			return
+		}
+
+		record2.Object = util.StructToJson(user)
+	}
+
+	util.SafeGoroutine(func() {
+		object.AddRecord(record)
+
+		if record2 != nil {
+			object.AddRecord(record2)
+		}
+	})
 }

routers/router.go

@@ -255,6 +255,7 @@ func initAPI() {
 	beego.Router("/api/verify-captcha", &controllers.ApiController{}, "POST:VerifyCaptcha")
 	beego.Router("/api/reset-email-or-phone", &controllers.ApiController{}, "POST:ResetEmailOrPhone")
 	beego.Router("/api/get-captcha", &controllers.ApiController{}, "GET:GetCaptcha")
+	beego.Router("/api/get-verifications", &controllers.ApiController{}, "GET:GetVerifications")
 
 	beego.Router("/api/get-ldap-users", &controllers.ApiController{}, "GET:GetLdapUsers")
 	beego.Router("/api/get-ldaps", &controllers.ApiController{}, "GET:GetLdaps")
@@ -300,4 +301,6 @@ func initAPI() {
 	beego.Router("/cas/:organization/:application/samlValidate", &controllers.RootController{}, "POST:SamlValidate")
 
 	beego.Router("/scim/*", &controllers.RootController{}, "*:HandleScim")
+
+	beego.Router("/api/faceid-signin-begin", &controllers.ApiController{}, "GET:FaceIDSigninBegin")
 }

util/validation.go

@@ -85,9 +85,6 @@ func GetCountryCode(prefix string, phone string) (string, error) {
 	if err != nil {
 		return "", err
 	}
-	if err != nil {
-		return "", err
-	}
 
 	countryCode := phonenumbers.GetRegionCodeForNumber(phoneNumber)
 	if countryCode == "" {

web/craco.config.js

@@ -93,6 +93,7 @@ module.exports = {
           "buffer": false,
           "crypto": false,
           "os": false,
+          "fs": false,
         },
       }
     },

web/package.json

@@ -10,6 +10,7 @@
     "@ctrl/tinycolor": "^3.5.0",
     "@emotion/react": "^11.10.5",
     "@metamask/eth-sig-util": "^6.0.0",
+    "@metamask/sdk-react": "^0.18.0",
     "@web3-onboard/coinbase": "^2.2.5",
     "@web3-onboard/core": "^2.20.5",
     "@web3-onboard/frontier": "^2.0.4",
@@ -51,8 +52,7 @@
     "react-metamask-avatar": "^1.2.1",
     "react-router-dom": "^5.3.3",
     "react-scripts": "5.0.1",
-    "react-social-login-buttons": "^3.4.0",
-    "react-webcam": "^7.2.0"
+    "react-social-login-buttons": "^3.4.0"
   },
   "scripts": {
     "start": "cross-env PORT=7001 craco start",

web/src/App.js

@@ -41,6 +41,7 @@ setTwoToneColor("rgb(87,52,211)");
 class App extends Component {
   constructor(props) {
     super(props);
+    this.setThemeAlgorithm();
     let storageThemeAlgorithm = [];
     try {
       storageThemeAlgorithm = localStorage.getItem("themeAlgorithm") ? JSON.parse(localStorage.getItem("themeAlgorithm")) : ["default"];
@@ -51,6 +52,7 @@ class App extends Component {
       classes: props,
       selectedMenuKey: 0,
       account: undefined,
+      accessToken: undefined,
       uri: null,
       themeAlgorithm: storageThemeAlgorithm,
       themeData: Conf.ThemeDefault,
@@ -156,6 +158,15 @@ class App extends Component {
     return Setting.getLogo(themes);
   }
 
+  setThemeAlgorithm() {
+    const currentUrl = window.location.href;
+    const url = new URL(currentUrl);
+    const themeType = url.searchParams.get("theme");
+    if (themeType === "dark" || themeType === "default") {
+      localStorage.setItem("themeAlgorithm", JSON.stringify([themeType]));
+    }
+  }
+
   setLanguage(account) {
     const language = account?.language;
     if (language !== null && language !== "" && language !== i18next.language) {
@@ -228,9 +239,11 @@ class App extends Component {
     AuthBackend.getAccount(query)
       .then((res) => {
         let account = null;
+        let accessToken = null;
         if (res.status === "ok") {
           account = res.data;
           account.organization = res.data2;
+          accessToken = res.data.accessToken;
 
           this.setLanguage(account);
           this.setTheme(Setting.getThemeData(account.organization), Conf.InitThemeAlgorithm);
@@ -242,6 +255,7 @@ class App extends Component {
 
         this.setState({
           account: account,
+          accessToken: accessToken,
         });
       });
   }
@@ -256,6 +270,7 @@ class App extends Component {
     return (
       <React.Fragment>
         {!this.state.account ? null : <div style={{display: "none"}} id="CasdoorApplicationName" value={this.state.account.signupApplication} />}
+        {!this.state.account ? null : <div style={{display: "none"}} id="CasdoorAccessToken" value={this.state.accessToken} />}
         <Footer id="footer" style={
           {
             textAlign: "center",

web/src/ApplicationEditPage.js

@@ -456,6 +456,10 @@ class ApplicationEditPage extends React.Component {
           </Col>
           <Col span={1} >
             <Switch checked={this.state.application.enableSigninSession} onChange={checked => {
+              if (!checked) {
+                this.updateApplicationField("enableAutoSignin", false);
+              }
+
               this.updateApplicationField("enableSigninSession", checked);
             }} />
           </Col>
@@ -466,6 +470,11 @@ class ApplicationEditPage extends React.Component {
           </Col>
           <Col span={1} >
             <Switch checked={this.state.application.enableAutoSignin} onChange={checked => {
+              if (!this.state.application.enableSigninSession && checked) {
+                Setting.showMessage("error", i18next.t("application:Please enable \"Signin session\" first before enabling \"Auto signin\""));
+                return;
+              }
+
               this.updateApplicationField("enableAutoSignin", checked);
             }} />
           </Col>

web/src/ApplicationListPage.js

@@ -50,6 +50,7 @@ class ApplicationListPage extends BaseListPage {
         {name: "Password", displayName: "Password", rule: "All"},
         {name: "Verification code", displayName: "Verification code", rule: "All"},
         {name: "WebAuthn", displayName: "WebAuthn", rule: "None"},
+        {name: "Face ID", displayName: "Face ID", rule: "None"},
       ],
       signupItems: [
         {name: "ID", visible: false, required: true, rule: "Random"},

web/src/EntryPage.js

@@ -71,7 +71,9 @@ class EntryPage extends React.Component {
       this.props.updataThemeData(themeData);
       this.props.updateApplication(application);
 
-      localStorage.setItem("applicationName", application.name);
+      if (application) {
+        localStorage.setItem("applicationName", application.name);
+      }
     };
 
     const onUpdatePricing = (pricing) => {

web/src/GroupEditPage.js

@@ -177,6 +177,16 @@ class GroupEditPage extends React.Component {
               )} />
           </Col>
         </Row>
+        <Row style={{marginTop: "20px"}} >
+          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+            {Setting.getLabel(i18next.t("general:Users"), i18next.t("general:Users - Tooltip"))} :
+          </Col>
+          <Col style={{marginTop: "5px"}} span={22} >
+            {
+              Setting.getTags(this.state.group.users, "users")
+            }
+          </Col>
+        </Row>
         <Row style={{marginTop: "20px"}} >
           <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 19 : 2}>
             {Setting.getLabel(i18next.t("general:Is enabled"), i18next.t("general:Is enabled - Tooltip"))} :

web/src/GroupListPage.js

@@ -195,6 +195,17 @@ class GroupListPage extends BaseListPage {
           </Link>;
         },
       },
+      {
+        title: i18next.t("general:Users"),
+        dataIndex: "users",
+        key: "users",
+        // width: "200px",
+        sorter: true,
+        ...this.getColumnSearchProps("users"),
+        render: (text, record, index) => {
+          return Setting.getTags(text, "users");
+        },
+      },
       {
         title: i18next.t("general:Action"),
         dataIndex: "",

web/src/ManagementPage.js

@@ -34,8 +34,8 @@ import OrganizationListPage from "./OrganizationListPage";
 import OrganizationEditPage from "./OrganizationEditPage";
 import UserListPage from "./UserListPage";
 import GroupTreePage from "./GroupTreePage";
-import GroupListPage from "./GroupList";
-import GroupEditPage from "./GroupEdit";
+import GroupListPage from "./GroupListPage";
+import GroupEditPage from "./GroupEditPage";
 import UserEditPage from "./UserEditPage";
 import InvitationListPage from "./InvitationListPage";
 import InvitationEditPage from "./InvitationEditPage";
@@ -92,6 +92,7 @@ import * as AuthBackend from "./auth/AuthBackend";
 import {clearWeb3AuthToken} from "./auth/Web3Auth";
 import TransactionListPage from "./TransactionListPage";
 import TransactionEditPage from "./TransactionEditPage";
+import VerificationListPage from "./VerificationListPage";
 
 function ManagementPage(props) {
 
@@ -293,6 +294,7 @@ function ManagementPage(props) {
         Conf.CasvisorUrl ? Setting.getItem(<a target="_blank" rel="noreferrer" href={Conf.CasvisorUrl}>{i18next.t("general:Records")}</a>, "/records")
           : Setting.getItem(<Link to="/records">{i18next.t("general:Records")}</Link>, "/records"),
         Setting.getItem(<Link to="/tokens">{i18next.t("general:Tokens")}</Link>, "/tokens"),
+        Setting.getItem(<Link to="/verifications">{i18next.t("general:Verifications")}</Link>, "/verifications"),
       ]));
 
       res.push(Setting.getItem(<Link style={{color: textColor}} to="/products">{i18next.t("general:Business & Payments")}</Link>, "/business", <DollarTwoTone twoToneColor={twoToneColor} />, [
@@ -360,6 +362,7 @@ function ManagementPage(props) {
         <Route exact path="/resources" render={(props) => renderLoginIfNotLoggedIn(<ResourceListPage account={account} {...props} />)} />
         <Route exact path="/certs" render={(props) => renderLoginIfNotLoggedIn(<CertListPage account={account} {...props} />)} />
         <Route exact path="/certs/:organizationName/:certName" render={(props) => renderLoginIfNotLoggedIn(<CertEditPage account={account} {...props} />)} />
+        <Route exact path="/verifications" render={(props) => renderLoginIfNotLoggedIn(<VerificationListPage account={account} {...props} />)} />
         <Route exact path="/roles" render={(props) => renderLoginIfNotLoggedIn(<RoleListPage account={account} {...props} />)} />
         <Route exact path="/roles/:organizationName/:roleName" render={(props) => renderLoginIfNotLoggedIn(<RoleEditPage account={account} {...props} />)} />
         <Route exact path="/permissions" render={(props) => renderLoginIfNotLoggedIn(<PermissionListPage account={account} {...props} />)} />

web/src/ProviderEditPage.js

@@ -40,6 +40,14 @@ require("codemirror/mode/css/css");
 const {Option} = Select;
 const {TextArea} = Input;
 
+const defaultUserMapping = {
+  id: "id",
+  username: "username",
+  displayName: "displayName",
+  email: "email",
+  avatarUrl: "avatarUrl",
+};
+
 class ProviderEditPage extends React.Component {
   constructor(props) {
     super(props);
@@ -70,7 +78,7 @@ class ProviderEditPage extends React.Component {
 
         if (res.status === "ok") {
           const provider = res.data;
-          provider.userMapping = provider.userMapping || {};
+          provider.userMapping = provider.userMapping || defaultUserMapping;
           this.setState({
             provider: provider,
           });
@@ -141,8 +149,16 @@ class ProviderEditPage extends React.Component {
   }
 
   updateUserMappingField(key, value) {
+    const requiredKeys = ["id", "username", "displayName"];
     const provider = this.state.provider;
+
+    if (value === "" && requiredKeys.includes(key)) {
+      Setting.showMessage("error", i18next.t("provider:This field is required"));
+      return;
+    }
+
     provider.userMapping[key] = value;
+
     this.setState({
       provider: provider,
     });
@@ -1321,6 +1337,20 @@ class ProviderEditPage extends React.Component {
             </Row>
           ) : null
         }
+        {
+          this.state.provider.type === "MetaMask" ? (
+            <Row style={{marginTop: "20px"}} >
+              <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+                {Setting.getLabel(i18next.t("provider:Signature messages"), i18next.t("provider:Signature messages - Tooltip"))} :
+              </Col>
+              <Col span={22}>
+                <Input value={this.state.provider.metadata} onChange={e => {
+                  this.updateProviderField("metadata", e.target.value);
+                }} />
+              </Col>
+            </Row>
+          ) : null
+        }
         <Row style={{marginTop: "20px"}} >
           <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
             {Setting.getLabel(i18next.t("provider:Provider URL"), i18next.t("provider:Provider URL - Tooltip"))} :

web/src/RecordListPage.js

@@ -65,7 +65,7 @@ class RecordListPage extends BaseListPage {
         title: i18next.t("general:Client IP"),
         dataIndex: "clientIp",
         key: "clientIp",
-        width: "150px",
+        width: "100px",
         sorter: true,
         ...this.getColumnSearchProps("clientIp"),
         render: (text, record, index) => {
@@ -80,7 +80,7 @@ class RecordListPage extends BaseListPage {
         title: i18next.t("general:Timestamp"),
         dataIndex: "createdTime",
         key: "createdTime",
-        width: "180px",
+        width: "150px",
         sorter: true,
         render: (text, record, index) => {
           return Setting.getFormattedDate(text);
@@ -105,7 +105,7 @@ class RecordListPage extends BaseListPage {
         title: i18next.t("general:User"),
         dataIndex: "user",
         key: "user",
-        width: "120px",
+        width: "100px",
         sorter: true,
         ...this.getColumnSearchProps("user"),
         render: (text, record, index) => {
@@ -151,6 +151,22 @@ class RecordListPage extends BaseListPage {
         sorter: true,
         ...this.getColumnSearchProps("language"),
       },
+      {
+        title: i18next.t("record:Response"),
+        dataIndex: "response",
+        key: "response",
+        width: "90px",
+        sorter: true,
+        ...this.getColumnSearchProps("response"),
+      },
+      {
+        title: i18next.t("record:Object"),
+        dataIndex: "object",
+        key: "object",
+        width: "90px",
+        sorter: true,
+        ...this.getColumnSearchProps("object"),
+      },
       {
         title: i18next.t("general:Action"),
         dataIndex: "action",
@@ -171,7 +187,7 @@ class RecordListPage extends BaseListPage {
         sorter: true,
         fixed: (Setting.isMobile()) ? "false" : "right",
         render: (text, record, index) => {
-          if (!["signup", "login", "logout", "update-user"].includes(record.action)) {
+          if (!["signup", "login", "logout", "update-user", "new-user"].includes(record.action)) {
             return null;
           }
 

web/src/UserEditPage.js

@@ -980,11 +980,11 @@ class UserEditPage extends React.Component {
       return (
         <Row style={{marginTop: "20px"}} >
           <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
-            {Setting.getLabel(i18next.t("user:Face ids"), i18next.t("user:Face ids"))} :
+            {Setting.getLabel(i18next.t("user:Face IDs"), i18next.t("user:Face IDs"))} :
           </Col>
           <Col span={22} >
             <FaceIdTable
-              title={i18next.t("user:Face ids")}
+              title={i18next.t("user:Face IDs")}
               table={this.state.user.faceIds}
               onUpdateTable={(table) => {this.updateUserField("faceIds", table);}}
             />

web/src/VerificationListPage.js

@@ -0,0 +1,187 @@
+// Copyright 2024 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import BaseListPage from "./BaseListPage";
+import * as Setting from "./Setting";
+import moment from "moment/moment";
+import * as VerificationBackend from "./backend/VerificationBackend";
+import i18next from "i18next";
+import {Link} from "react-router-dom";
+import React from "react";
+import {Table} from "antd";
+
+class VerificationListPage extends BaseListPage {
+  newVerification() {
+    const randomName = Setting.getRandomName();
+
+    return {
+      owner: "admin",
+      name: `Verification_${randomName}`,
+      createdTime: moment().format(),
+    };
+  }
+
+  renderTable(verifications) {
+    const columns = [
+      {
+        title: i18next.t("general:Name"),
+        dataIndex: "name",
+        key: "name",
+        width: "150px",
+        fixed: "left",
+        sorter: true,
+        ...this.getColumnSearchProps("name"),
+        render: (text, record, index) => {
+          return (
+            <Link to={`/syncers/${text}`}>
+              {text}
+            </Link>
+          );
+        },
+      },
+      {
+        title: i18next.t("provider:Type"),
+        dataIndex: "type",
+        key: "type",
+        width: "120px",
+        sorter: true,
+        ...this.getColumnSearchProps("type"),
+      },
+      {
+        title: i18next.t("general:User"),
+        dataIndex: "user",
+        key: "user",
+        width: "120px",
+        sorter: true,
+        ...this.getColumnSearchProps("user"),
+        render: (text, record, index) => {
+          return (
+            <Link to={`/users/${record.owner}/${text}`}>
+              {text}
+            </Link>
+          );
+        },
+      },
+      {
+        title: i18next.t("general:Provider"),
+        dataIndex: "provider",
+        key: "provider",
+        width: "150px",
+        sorter: true,
+        ...this.getColumnSearchProps("provider"),
+        render: (text, record, index) => {
+          return (
+            <Link to={`/providers/${record.owner}/${text}`}>
+              {text}
+            </Link>
+          );
+        },
+      },
+      {
+        title: i18next.t("verification:Receiver"),
+        dataIndex: "receiver",
+        key: "receiver",
+        width: "120px",
+        sorter: true,
+        ...this.getColumnSearchProps("receiver"),
+      },
+      {
+        title: i18next.t("login:Verification code"),
+        dataIndex: "code",
+        key: "code",
+        width: "120px",
+        sorter: true,
+        ...this.getColumnSearchProps("code"),
+      },
+      {
+        title: i18next.t("general:Timestamp"),
+        dataIndex: "time",
+        key: "time",
+        width: "160px",
+        sorter: true,
+        render: (text, record, index) => {
+          return Setting.getFormattedDate(text * 1000);
+        },
+      },
+      {
+        title: i18next.t("general:Created time"),
+        dataIndex: "createdTime",
+        key: "createdTime",
+        width: "160px",
+        sorter: true,
+        render: (text, record, index) => {
+          return Setting.getFormattedDate(text);
+        },
+      },
+    ];
+
+    const paginationProps = {
+      total: this.state.pagination.total,
+      showQuickJumper: true,
+      showSizeChanger: true,
+      showTotal: () => i18next.t("general:{total} in total").replace("{total}", this.state.pagination.total),
+    };
+
+    return (
+      <div>
+        <Table scroll={{x: "max-content"}} columns={columns} dataSource={verifications} rowKey={(record) => `${record.owner}/${record.name}`} size="middle" bordered pagination={paginationProps}
+          title={() => (
+            <div>
+              {i18next.t("general:Verifications")}&nbsp;&nbsp;&nbsp;&nbsp;
+            </div>
+          )}
+          loading={this.state.loading}
+          onChange={this.handleTableChange}
+        />
+      </div>
+    );
+  }
+
+  fetch = (params = {}) => {
+    let field = params.searchedColumn, value = params.searchText;
+    const sortField = params.sortField, sortOrder = params.sortOrder;
+    if (params.type !== undefined && params.type !== null) {
+      field = "type";
+      value = params.type;
+    }
+    this.setState({loading: true});
+    VerificationBackend.getVerifications("admin", Setting.isDefaultOrganizationSelected(this.props.account) ? "" : Setting.getRequestOrganization(this.props.account), params.pagination.current, params.pagination.pageSize, field, value, sortField, sortOrder)
+      .then((res) => {
+        this.setState({
+          loading: false,
+        });
+        if (res.status === "ok") {
+          this.setState({
+            data: res.data,
+            pagination: {
+              ...params.pagination,
+              total: res.data2,
+            },
+            searchText: params.searchText,
+            searchedColumn: params.searchedColumn,
+          });
+        } else {
+          if (Setting.isResponseDenied(res)) {
+            this.setState({
+              isAuthorized: false,
+            });
+          } else {
+            Setting.showMessage("error", res.msg);
+          }
+        }
+      });
+  };
+}
+
+export default VerificationListPage;

web/src/WebhookEditPage.js

@@ -275,7 +275,7 @@ class WebhookEditPage extends React.Component {
               }} >
               {
                 (
-                  ["signup", "login", "logout"].concat(this.getApiPaths()).map((option, index) => {
+                  ["signup", "login", "logout", "new-user"].concat(this.getApiPaths()).map((option, index) => {
                     return (
                       <Option key={option} value={option}>{option}</Option>
                     );

web/src/auth/LoginPage.js

@@ -346,10 +346,28 @@ class LoginPage extends React.Component {
       return;
     }
     if (this.state.loginMethod === "faceId") {
-      this.setState({
-        openFaceRecognitionModal: true,
-        values: values,
-      });
+      let username = this.state.username;
+      if (username === null || username === "") {
+        username = values["username"];
+      }
+      const application = this.getApplicationObj();
+      fetch(`${Setting.ServerUrl}/api/faceid-signin-begin?owner=${application.organization}&name=${username}`, {
+        method: "GET",
+        credentials: "include",
+        headers: {
+          "Accept-Language": Setting.getAcceptLanguage(),
+        },
+      }).then(res => res.json())
+        .then((res) => {
+          if (res.status === "error") {
+            Setting.showMessage("error", res.msg);
+            return;
+          }
+          this.setState({
+            openFaceRecognitionModal: true,
+            values: values,
+          });
+        });
       return;
     }
     if (this.state.loginMethod === "password" || this.state.loginMethod === "ldap") {
@@ -666,7 +684,8 @@ class LoginPage extends React.Component {
           >
             {
               this.state.loginMethod === "webAuthn" ? i18next.t("login:Sign in with WebAuthn") :
-                i18next.t("login:Sign In")
+                this.state.loginMethod === "faceId" ? i18next.t("login:Sign in with Face ID") :
+                  i18next.t("login:Sign In")
             }
           </Button>
           {
@@ -1066,7 +1085,12 @@ class LoginPage extends React.Component {
     application?.signinMethods?.forEach((signinMethod) => {
       const item = itemsMap.get(generateItemKey(signinMethod.name, signinMethod.rule));
       if (item) {
-        const label = signinMethod.name === signinMethod.displayName ? item.label : signinMethod.displayName;
+        let label = signinMethod.name === signinMethod.displayName ? item.label : signinMethod.displayName;
+
+        if (application?.signinMethods?.length >= 4 && label === "Verification code") {
+          label = "Code";
+        }
+
         items.push({label: label, key: item.key});
       }
     });
@@ -1149,7 +1173,7 @@ class LoginPage extends React.Component {
     };
 
     return (
-      <div style={{height: 300}}>
+      <div style={{height: 300, minWidth: 320}}>
         {renderChoiceBox()}
       </div>
     );

web/src/auth/MetaMaskLoginButton.js

@@ -0,0 +1,107 @@
+// Copyright 2024 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import {getAuthUrl} from "./Provider";
+import {getProviderLogoURL, goToLink, showMessage} from "../Setting";
+import i18next from "i18next";
+import {
+  generateNonce,
+  getWeb3AuthTokenKey,
+  setWeb3AuthToken
+} from "./Web3Auth";
+import {useSDK} from "@metamask/sdk-react";
+import React, {useEffect} from "react";
+
+export function MetaMaskLoginButton(props) {
+  const {application, web3Provider, method, width, margin} = props;
+  const {sdk, chainId, account} = useSDK();
+  const [typedData, setTypedData] = React.useState("");
+  const [nonce, setNonce] = React.useState("");
+  const [signature, setSignature] = React.useState();
+
+  useEffect(() => {
+    if (account && signature) {
+      const date = new Date();
+
+      const token = {
+        address: account,
+        nonce: nonce,
+        createAt: Math.floor(date.getTime() / 1000),
+        typedData: typedData,
+        signature: signature,
+      };
+      setWeb3AuthToken(token);
+
+      const redirectUri = `${getAuthUrl(application, web3Provider, method)}&web3AuthTokenKey=${getWeb3AuthTokenKey(account)}`;
+      goToLink(redirectUri);
+    }
+  }, [account, signature]);
+
+  const handleConnectAndSign = async() => {
+    try {
+      terminate();
+
+      const date = new Date();
+
+      const nonce = generateNonce();
+      setNonce(nonce);
+
+      const prompt = web3Provider?.metadata === "" ? "Casdoor: In order to authenticate to this website, sign this request and your public address will be sent to the server in a verifiable way." : web3Provider.metadata;
+      const typedData = JSON.stringify({
+        domain: {
+          chainId: chainId,
+          name: "Casdoor",
+          version: "1",
+        },
+        message: {
+          prompt: `${prompt}`,
+          nonce: nonce,
+          createAt: `${date.toLocaleString()}`,
+        },
+        primaryType: "AuthRequest",
+        types: {
+          EIP712Domain: [
+            {name: "name", type: "string"},
+            {name: "version", type: "string"},
+            {name: "chainId", type: "uint256"},
+          ],
+          AuthRequest: [
+            {name: "prompt", type: "string"},
+            {name: "nonce", type: "string"},
+            {name: "createAt", type: "string"},
+          ],
+        },
+      });
+      setTypedData(typedData);
+
+      const sig = await sdk.connectAndSign({msg: typedData});
+      setSignature(sig);
+    } catch (err) {
+      showMessage("error", `${i18next.t("login:Failed to obtain MetaMask authorization")}: ${err.message}`);
+    }
+  };
+
+  const terminate = () => {
+    sdk?.terminate();
+  };
+
+  return (
+    <a key={web3Provider.displayName} onClick={handleConnectAndSign}>
+      <img width={width} height={width} src={getProviderLogoURL(web3Provider)} alt={web3Provider.displayName}
+        className="provider-img" style={{margin: margin}} />
+    </a>
+  );
+}
+
+export default MetaMaskLoginButton;

web/src/auth/ProviderButton.js

@@ -43,6 +43,8 @@ import DouyinLoginButton from "./DouyinLoginButton";
 import LoginButton from "./LoginButton";
 import * as AuthBackend from "./AuthBackend";
 import {WechatOfficialAccountModal} from "./Util";
+import {MetaMaskProvider} from "@metamask/sdk-react";
+import MetaMaskLoginButton from "./MetaMaskLoginButton";
 
 function getSigninButton(provider) {
   const text = i18next.t("login:Sign in with {type}").replace("{type}", provider.displayName !== "" ? provider.displayName : provider.type);
@@ -160,11 +162,36 @@ export function renderProviderLogo(provider, application, width, margin, size, l
         </a>
       );
     } else if (provider.category === "Web3") {
-      return (
-        <a key={provider.displayName} onClick={() => goToWeb3Url(application, provider, "signup")}>
-          <img width={width} height={width} src={getProviderLogoURL(provider)} alt={provider.displayName} className="provider-img" style={{margin: margin}} />
-        </a>
-      );
+      if (provider.type === "MetaMask") {
+        return (
+          <MetaMaskProvider
+            debug={false}
+            sdkOptions={{
+              communicationServerUrl: process.env.REACT_APP_COMM_SERVER_URL,
+              checkInstallationImmediately: false, // This will automatically connect to MetaMask on page load
+              dappMetadata: {
+                name: "Casdoor",
+                url: window.location.protocol + "//" + window.location.host,
+              },
+            }}
+          >
+            <MetaMaskLoginButton
+              application={application}
+              web3Provider={provider}
+              method={"signup"}
+              width={width}
+              margin={margin}
+            />
+          </MetaMaskProvider>
+        );
+      } else {
+        return (
+          <a key={provider.displayName} onClick={() => goToWeb3Url(application, provider, "signup")}>
+            <img width={width} height={width} src={getProviderLogoURL(provider)} alt={provider.displayName}
+              className="provider-img" style={{margin: margin}} />
+          </a>
+        );
+      }
     }
   } else if (provider.type === "Custom") {
     // style definition

web/src/auth/SignupPage.js

@@ -13,7 +13,7 @@
 // limitations under the License.
 
 import React from "react";
-import {Button, Form, Input, Result} from "antd";
+import {Button, Form, Input, Radio, Result, Row} from "antd";
 import * as Setting from "../Setting";
 import * as AuthBackend from "./AuthBackend";
 import * as ProviderButton from "./ProviderButton";
@@ -71,6 +71,7 @@ class SignupPage extends React.Component {
       applicationName: (props.applicationName ?? props.match?.params?.applicationName) ?? null,
       email: "",
       phone: "",
+      emailOrPhoneMode: "",
       countryCode: "",
       emailCode: "",
       phoneCode: "",
@@ -360,130 +361,176 @@ class SignupPage extends React.Component {
           <RegionSelect onChange={(value) => {this.setState({region: value});}} />
         </Form.Item>
       );
-    } else if (signupItem.name === "Email") {
-      return (
-        <React.Fragment>
-          <Form.Item
-            name="email"
-            label={signupItem.label ? signupItem.label : i18next.t("general:Email")}
-            rules={[
-              {
-                required: required,
-                message: i18next.t("signup:Please input your Email!"),
-              },
-              {
-                validator: (_, value) => {
-                  if (this.state.email !== "" && !Setting.isValidEmail(this.state.email)) {
-                    this.setState({validEmail: false});
-                    return Promise.reject(i18next.t("signup:The input is not valid Email!"));
-                  }
-
-                  this.setState({validEmail: true});
-                  return Promise.resolve();
-                },
-              },
-            ]}
-          >
-            <Input placeholder={signupItem.placeholder} disabled={this.state.invitation !== undefined && this.state.invitation.email !== ""} onChange={e => this.setState({email: e.target.value})} />
-          </Form.Item>
-          {
-            signupItem.rule !== "No verification" &&
+    } else if (signupItem.name === "Email" || signupItem.name === "Phone" || signupItem.name === "Email or Phone" || signupItem.name === "Phone or Email") {
+      const renderEmailItem = () => {
+        return (
+          <React.Fragment>
             <Form.Item
-              name="emailCode"
-              label={signupItem.label ? signupItem.label : i18next.t("code:Email code")}
-              rules={[{
-                required: required,
-                message: i18next.t("code:Please input your verification code!"),
-              }]}
-            >
-              <SendCodeInput
-                disabled={!this.state.validEmail}
-                method={"signup"}
-                onButtonClickArgs={[this.state.email, "email", Setting.getApplicationName(application)]}
-                application={application}
-              />
-            </Form.Item>
-          }
-        </React.Fragment>
-      );
-    } else if (signupItem.name === "Phone") {
-      return (
-        <React.Fragment>
-          <Form.Item label={signupItem.label ? signupItem.label : i18next.t("general:Phone")} required={required}>
-            <Input.Group compact>
-              <Form.Item
-                name="countryCode"
-                noStyle
-                rules={[
-                  {
-                    required: required,
-                    message: i18next.t("signup:Please select your country code!"),
-                  },
-                ]}
-              >
-                <CountryCodeSelect
-                  style={{width: "35%"}}
-                  countryCodes={this.getApplicationObj().organizationObj.countryCodes}
-                />
-              </Form.Item>
-              <Form.Item
-                name="phone"
-                dependencies={["countryCode"]}
-                noStyle
-                rules={[
-                  {
-                    required: required,
-                    message: i18next.t("signup:Please input your phone number!"),
-                  },
-                  ({getFieldValue}) => ({
-                    validator: (_, value) => {
-                      if (!required && !value) {
-                        return Promise.resolve();
-                      }
-
-                      if (value && !Setting.isValidPhone(value, getFieldValue("countryCode"))) {
-                        this.setState({validPhone: false});
-                        return Promise.reject(i18next.t("signup:The input is not valid Phone!"));
-                      }
-
-                      this.setState({validPhone: true});
-                      return Promise.resolve();
-                    },
-                  }),
-                ]}
-              >
-                <Input
-                  placeholder={signupItem.placeholder}
-                  style={{width: "65%"}}
-                  disabled={this.state.invitation !== undefined && this.state.invitation.phone !== ""}
-                  onChange={e => this.setState({phone: e.target.value})}
-                />
-              </Form.Item>
-            </Input.Group>
-          </Form.Item>
-          {
-            signupItem.rule !== "No verification" &&
-            <Form.Item
-              name="phoneCode"
-              label={signupItem.label ? signupItem.label : i18next.t("code:Phone code")}
+              name="email"
+              label={signupItem.label ? signupItem.label : i18next.t("general:Email")}
               rules={[
                 {
                   required: required,
-                  message: i18next.t("code:Please input your phone verification code!"),
+                  message: i18next.t("signup:Please input your Email!"),
+                },
+                {
+                  validator: (_, value) => {
+                    if (this.state.email !== "" && !Setting.isValidEmail(this.state.email)) {
+                      this.setState({validEmail: false});
+                      return Promise.reject(i18next.t("signup:The input is not valid Email!"));
+                    }
+
+                    this.setState({validEmail: true});
+                    return Promise.resolve();
+                  },
                 },
               ]}
             >
-              <SendCodeInput
-                disabled={!this.state.validPhone}
-                method={"signup"}
-                onButtonClickArgs={[this.state.phone, "phone", Setting.getApplicationName(application)]}
-                application={application}
-                countryCode={this.form.current?.getFieldValue("countryCode")}
-              />
+              <Input placeholder={signupItem.placeholder} disabled={this.state.invitation !== undefined && this.state.invitation.email !== ""} onChange={e => this.setState({email: e.target.value})} />
             </Form.Item>
-          }
-        </React.Fragment>
-      );
+            {
+              signupItem.rule !== "No verification" &&
+              <Form.Item
+                name="emailCode"
+                label={signupItem.label ? signupItem.label : i18next.t("code:Email code")}
+                rules={[{
+                  required: required,
+                  message: i18next.t("code:Please input your verification code!"),
+                }]}
+              >
+                <SendCodeInput
+                  disabled={!this.state.validEmail}
+                  method={"signup"}
+                  onButtonClickArgs={[this.state.email, "email", Setting.getApplicationName(application)]}
+                  application={application}
+                />
+              </Form.Item>
+            }
+          </React.Fragment>
+        );
+      };
+
+      const renderPhoneItem = () => {
+        return (
+          <React.Fragment>
+            <Form.Item label={signupItem.label ? signupItem.label : i18next.t("general:Phone")} required={required}>
+              <Input.Group compact>
+                <Form.Item
+                  name="countryCode"
+                  noStyle
+                  rules={[
+                    {
+                      required: required,
+                      message: i18next.t("signup:Please select your country code!"),
+                    },
+                  ]}
+                >
+                  <CountryCodeSelect
+                    style={{width: "35%"}}
+                    countryCodes={this.getApplicationObj().organizationObj.countryCodes}
+                  />
+                </Form.Item>
+                <Form.Item
+                  name="phone"
+                  dependencies={["countryCode"]}
+                  noStyle
+                  rules={[
+                    {
+                      required: required,
+                      message: i18next.t("signup:Please input your phone number!"),
+                    },
+                    ({getFieldValue}) => ({
+                      validator: (_, value) => {
+                        if (!required && !value) {
+                          return Promise.resolve();
+                        }
+
+                        if (value && !Setting.isValidPhone(value, getFieldValue("countryCode"))) {
+                          this.setState({validPhone: false});
+                          return Promise.reject(i18next.t("signup:The input is not valid Phone!"));
+                        }
+
+                        this.setState({validPhone: true});
+                        return Promise.resolve();
+                      },
+                    }),
+                  ]}
+                >
+                  <Input
+                    placeholder={signupItem.placeholder}
+                    style={{width: "65%"}}
+                    disabled={this.state.invitation !== undefined && this.state.invitation.phone !== ""}
+                    onChange={e => this.setState({phone: e.target.value})}
+                  />
+                </Form.Item>
+              </Input.Group>
+            </Form.Item>
+            {
+              signupItem.rule !== "No verification" &&
+              <Form.Item
+                name="phoneCode"
+                label={signupItem.label ? signupItem.label : i18next.t("code:Phone code")}
+                rules={[
+                  {
+                    required: required,
+                    message: i18next.t("code:Please input your phone verification code!"),
+                  },
+                ]}
+              >
+                <SendCodeInput
+                  disabled={!this.state.validPhone}
+                  method={"signup"}
+                  onButtonClickArgs={[this.state.phone, "phone", Setting.getApplicationName(application)]}
+                  application={application}
+                  countryCode={this.form.current?.getFieldValue("countryCode")}
+                />
+              </Form.Item>
+            }
+          </React.Fragment>
+        );
+      };
+
+      if (signupItem.name === "Email") {
+        return renderEmailItem();
+      } else if (signupItem.name === "Phone") {
+        return renderPhoneItem();
+      } else if (signupItem.name === "Email or Phone" || signupItem.name === "Phone or Email") {
+        let emailOrPhoneMode = this.state.emailOrPhoneMode;
+        if (emailOrPhoneMode === "") {
+          emailOrPhoneMode = signupItem.name === "Email or Phone" ? "Email" : "Phone";
+        }
+
+        return (
+          <React.Fragment>
+            <Row style={{marginTop: "30px", marginBottom: "20px"}} >
+              <Radio.Group style={{width: "400px"}} buttonStyle="solid" onChange={e => {
+                this.setState({
+                  emailOrPhoneMode: e.target.value,
+                });
+              }} value={emailOrPhoneMode}>
+                {
+                  signupItem.name === "Email or Phone" ? (
+                    <React.Fragment>
+                      <Radio.Button value={"Email"}>{i18next.t("general:Email")}</Radio.Button>
+                      <Radio.Button value={"Phone"}>{i18next.t("general:Phone")}</Radio.Button>
+                    </React.Fragment>
+                  ) : (
+                    <React.Fragment>
+                      <Radio.Button value={"Phone"}>{i18next.t("general:Phone")}</Radio.Button>
+                      <Radio.Button value={"Email"}>{i18next.t("general:Email")}</Radio.Button>
+                    </React.Fragment>
+                  )
+                }
+              </Radio.Group>
+            </Row>
+            {
+              emailOrPhoneMode === "Email" ? renderEmailItem() : renderPhoneItem()
+            }
+          </React.Fragment>
+        );
+      } else {
+        return null;
+      }
     } else if (signupItem.name === "Password") {
       return (
         <Form.Item

web/src/backend/VerificationBackend.js

@@ -0,0 +1,35 @@
+// Copyright 2024 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import * as Setting from "../Setting";
+
+export function getVerifications(owner, organization, page = "", pageSize = "", field = "", value = "", sortField = "", sortOrder = "") {
+  return fetch(`${Setting.ServerUrl}/api/get-verifications?owner=${owner}&p=${page}&pageSize=${pageSize}&field=${field}&value=${value}&sortField=${sortField}&sortOrder=${sortOrder}`, {
+    method: "GET",
+    credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
+  }).then(res => res.json());
+}
+
+export function getVerification(owner, name) {
+  return fetch(`${Setting.ServerUrl}/api/get-verification?id=${owner}/${encodeURIComponent(name)}`, {
+    method: "GET",
+    credentials: "include",
+    headers: {
+      "Accept-Language": Setting.getAcceptLanguage(),
+    },
+  }).then(res => res.json());
+}

web/src/common/modal/FaceRecognitionModal.js

@@ -14,17 +14,18 @@
 
 import * as faceapi from "face-api.js";
 import React, {useState} from "react";
-import Webcam from "react-webcam";
 import {Button, Modal, Progress, Spin, message} from "antd";
 import i18next from "i18next";
 
 const FaceRecognitionModal = (props) => {
   const {visible, onOk, onCancel} = props;
   const [modelsLoaded, setModelsLoaded] = React.useState(false);
+  const [isCameraCaptured, setIsCameraCaptured] = useState(false);
 
-  const webcamRef = React.useRef();
+  const videoRef = React.useRef();
   const canvasRef = React.useRef();
   const detection = React.useRef(null);
+  const mediaStreamRef = React.useRef(null);
   const [percent, setPercent] = useState(0);
 
   React.useEffect(() => {
@@ -51,26 +52,58 @@ const FaceRecognitionModal = (props) => {
   React.useEffect(() => {
     if (visible) {
       setPercent(0);
-      if (modelsLoaded && webcamRef.current?.video) {
-        handleStreamVideo(null);
+      if (modelsLoaded) {
+        navigator.mediaDevices
+          .getUserMedia({video: {facingMode: "user"}})
+          .then((stream) => {
+            mediaStreamRef.current = stream;
+            setIsCameraCaptured(true);
+          }).catch((error) => {
+            handleCameraError(error);
+          });
       }
     } else {
       clearInterval(detection.current);
       detection.current = null;
+      setIsCameraCaptured(false);
     }
     return () => {
       clearInterval(detection.current);
       detection.current = null;
+      setIsCameraCaptured(false);
     };
-  }, [visible]);
+  }, [visible, modelsLoaded]);
 
-  const handleStreamVideo = (e) => {
+  React.useEffect(() => {
+    if (isCameraCaptured) {
+      let count = 0;
+      const interval = setInterval(() => {
+        count++;
+        if (videoRef.current) {
+          videoRef.current.srcObject = mediaStreamRef.current;
+          videoRef.current.play();
+          clearInterval(interval);
+        }
+        if (count >= 30) {
+          clearInterval(interval);
+          onCancel();
+        }
+      }, 100);
+    } else {
+      mediaStreamRef.current?.getTracks().forEach(track => track.stop());
+      if (videoRef.current) {
+        videoRef.current.srcObject = null;
+      }
+    }
+  }, [isCameraCaptured]);
+
+  const handleStreamVideo = () => {
     let count = 0;
     let goodCount = 0;
     if (!detection.current) {
       detection.current = setInterval(async() => {
-        if (modelsLoaded && webcamRef.current?.video && visible) {
-          const faces = await faceapi.detectAllFaces(webcamRef.current.video, new faceapi.TinyFaceDetectorOptions()).withFaceLandmarks().withFaceDescriptors();
+        if (modelsLoaded && videoRef.current && visible) {
+          const faces = await faceapi.detectAllFaces(videoRef.current, new faceapi.TinyFaceDetectorOptions()).withFaceLandmarks().withFaceDescriptors();
 
           count++;
           if (count % 50 === 0) {
@@ -98,8 +131,21 @@ const FaceRecognitionModal = (props) => {
     }
   };
 
-  const handleCameraError = () => {
-    message.error(i18next.t("login:There was a problem accessing the WEBCAM. Grant permission and reload the page."));
+  const handleCameraError = (error) => {
+    onCancel();
+    if (error instanceof DOMException) {
+      if (error.name === "NotFoundError" || error.name === "DevicesNotFoundError") {
+        message.error(i18next.t("login:Please ensure that you have a camera device for facial recognition"));
+      } else if (error.name === "NotAllowedError" || error.name === "PermissionDeniedError") {
+        message.error(i18next.t("login:Please provide permission to access the camera"));
+      } else if (error.name === "NotReadableError" || error.name === "TrackStartError") {
+        message.error(i18next.t("login:The camera is currently in use by another webpage"));
+      } else if (error.name === "TypeError") {
+        message.error(i18next.t("login:Please load the webpage using HTTPS, otherwise the camera cannot be accessed"));
+      } else {
+        message.error(error.message);
+      }
+    }
   };
 
   return (
@@ -107,7 +153,8 @@ const FaceRecognitionModal = (props) => {
       <Modal
         closable={false}
         maskClosable={false}
-        open={visible}
+        destroyOnClose={true}
+        open={visible && isCameraCaptured}
         title={i18next.t("login:Face Recognition")}
         width={350}
         footer={[
@@ -121,11 +168,9 @@ const FaceRecognitionModal = (props) => {
           {
             modelsLoaded ?
               <div style={{display: "flex", justifyContent: "center", alignContent: "center"}}>
-                <Webcam
-                  ref={webcamRef}
-                  videoConstraints={{facingMode: "user"}}
-                  onUserMedia={handleStreamVideo}
-                  onUserMediaError={handleCameraError}
+                <video
+                  ref={videoRef}
+                  onPlay={handleStreamVideo}
                   style={{
                     borderRadius: "50%",
                     height: "220px",
@@ -133,7 +178,7 @@ const FaceRecognitionModal = (props) => {
                     width: "220px",
                     objectFit: "cover",
                   }}
-                ></Webcam>
+                ></video>
                 <div style={{
                   position: "absolute",
                   width: "240px",

web/src/locales/ar/data.json

@@ -181,6 +181,7 @@
     "Adapter - Tooltip": "Table name of the policy store",
     "Adapters": "Adapters",
     "Add": "Add",
+    "Add Face Id": "Add Face Id",
     "Add custom item": "Add custom item",
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
@@ -234,6 +235,7 @@
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
     "Enforcers": "Enforcers",
+    "FaceIdData": "FaceIdData",
     "Failed to add": "Failed to add",
     "Failed to connect to server": "Failed to connect to server",
     "Failed to delete": "Failed to delete",
@@ -390,6 +392,7 @@
     "User type - Tooltip": "Tags that the user belongs to, defaulting to \"normal-user\"",
     "Users": "Users",
     "Users under all organizations": "Users under all organizations",
+    "Verifications": "Verifications",
     "Webhooks": "Webhooks",
     "You can only select one physical group": "You can only select one physical group",
     "empty": "empty",
@@ -460,6 +463,9 @@
     "Continue with": "Continue with",
     "Email": "Email",
     "Email or phone": "Email or phone",
+    "Face ID": "Face ID",
+    "Face Recognition": "Face Recognition",
+    "Face recognition failed": "Face recognition failed",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Forgot password?",
@@ -469,9 +475,12 @@
     "Logging out...": "Logging out...",
     "Login button": "Login button",
     "MetaMask plugin not detected": "MetaMask plugin not detected",
+    "Model loading failure": "Model loading failure",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
     "Phone": "Phone",
+    "Please ensure sufficient lighting and align your face in the center of the recognition box": "Please ensure sufficient lighting and align your face in the center of the recognition box",
+    "Please ensure that you have a camera device for facial recognition": "Please ensure that you have a camera device for facial recognition",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
     "Please input your Email!": "Please input your Email!",
     "Please input your LDAP username!": "Please input your LDAP username!",
@@ -479,15 +488,19 @@
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
+    "Please load the webpage using HTTPS, otherwise the camera cannot be accessed": "Please load the webpage using HTTPS, otherwise the camera cannot be accessed",
+    "Please provide permission to access the camera": "Please provide permission to access the camera",
     "Please select an organization": "Please select an organization",
     "Please select an organization to sign in": "Please select an organization to sign in",
     "Please type an organization to sign in": "Please type an organization to sign in",
     "Redirecting, please wait.": "Redirecting, please wait.",
     "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
     "Sign in with WebAuthn": "Sign in with WebAuthn",
     "Sign in with {type}": "Sign in with {type}",
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
+    "The camera is currently in use by another webpage": "The camera is currently in use by another webpage",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
     "The input is not valid Email!": "The input is not valid Email!",
     "The input is not valid phone number!": "The input is not valid phone number!",
@@ -858,6 +871,7 @@
     "Test Email - Tooltip": "Email address to receive test mails",
     "Test SMTP Connection": "Test SMTP Connection",
     "Third-party": "Third-party",
+    "This field is required": "This field is required",
     "Token URL": "Token URL",
     "Token URL - Tooltip": "Token URL",
     "Type": "Type",
@@ -877,7 +891,9 @@
     "admin (Shared)": "admin (Shared)"
   },
   "record": {
-    "Is triggered": "Is triggered"
+    "Is triggered": "Is triggered",
+    "Object": "Object",
+    "Response": "Response"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1069,6 +1085,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email/phone reset successfully": "Email/phone reset successfully",
     "Empty input!": "Empty input!",
+    "Face ID": "Face ID",
+    "Face IDs": "Face IDs",
     "Gender": "Gender",
     "Gender - Tooltip": "Gender - Tooltip",
     "Homepage": "Homepage",
@@ -1146,6 +1164,9 @@
     "WebAuthn credentials": "WebAuthn credentials",
     "input password": "input password"
   },
+  "verification": {
+    "Receiver": "Receiver"
+  },
   "webhook": {
     "Content type": "Content type",
     "Content type - Tooltip": "Content type",

web/src/locales/de/data.json

@@ -181,6 +181,7 @@
     "Adapter - Tooltip": "Tabellenname des Policy Stores",
     "Adapters": "Adapter",
     "Add": "Hinzufügen",
+    "Add Face Id": "Add Face Id",
     "Add custom item": "Add custom item",
     "Admin": "Admin",
     "Affiliation URL": "Zugehörigkeits-URL",
@@ -234,6 +235,7 @@
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
     "Enforcers": "Enforcers",
+    "FaceIdData": "FaceIdData",
     "Failed to add": "Fehler beim hinzufügen",
     "Failed to connect to server": "Die Verbindung zum Server konnte nicht hergestellt werden",
     "Failed to delete": "Konnte nicht gelöscht werden",
@@ -390,6 +392,7 @@
     "User type - Tooltip": "Tags, denen der Benutzer angehört, standardmäßig auf \"normaler Benutzer\" festgelegt",
     "Users": "Benutzer",
     "Users under all organizations": "Benutzer unter allen Organisationen",
+    "Verifications": "Verifications",
     "Webhooks": "Webhooks",
     "You can only select one physical group": "You can only select one physical group",
     "empty": "leere",
@@ -460,6 +463,9 @@
     "Continue with": "Weitermachen mit",
     "Email": "Email",
     "Email or phone": "E-Mail oder Telefon",
+    "Face ID": "Face ID",
+    "Face Recognition": "Face Recognition",
+    "Face recognition failed": "Face recognition failed",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Passwort vergessen?",
@@ -469,9 +475,12 @@
     "Logging out...": "Ausloggen...",
     "Login button": "Login button",
     "MetaMask plugin not detected": "MetaMask plugin not detected",
+    "Model loading failure": "Model loading failure",
     "No account?": "Kein Konto?",
     "Or sign in with another account": "Oder mit einem anderen Konto anmelden",
     "Phone": "Phone",
+    "Please ensure sufficient lighting and align your face in the center of the recognition box": "Please ensure sufficient lighting and align your face in the center of the recognition box",
+    "Please ensure that you have a camera device for facial recognition": "Please ensure that you have a camera device for facial recognition",
     "Please input your Email or Phone!": "Bitte geben Sie Ihre E-Mail oder Telefonnummer ein!",
     "Please input your Email!": "Please input your Email!",
     "Please input your LDAP username!": "Please input your LDAP username!",
@@ -479,15 +488,19 @@
     "Please input your code!": "Bitte geben Sie Ihren Code ein!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Bitte geben Sie Ihr Passwort ein!",
+    "Please load the webpage using HTTPS, otherwise the camera cannot be accessed": "Please load the webpage using HTTPS, otherwise the camera cannot be accessed",
+    "Please provide permission to access the camera": "Please provide permission to access the camera",
     "Please select an organization": "Please select an organization",
     "Please select an organization to sign in": "Please select an organization to sign in",
     "Please type an organization to sign in": "Please type an organization to sign in",
     "Redirecting, please wait.": "Umleitung, bitte warten.",
     "Sign In": "Anmelden",
+    "Sign in with Face ID": "Sign in with Face ID",
     "Sign in with WebAuthn": "Melden Sie sich mit WebAuthn an",
     "Sign in with {type}": "Melden Sie sich mit {type} an",
     "Signing in...": "Anmelden...",
     "Successfully logged in with WebAuthn credentials": "Erfolgreich mit WebAuthn-Anmeldeinformationen angemeldet",
+    "The camera is currently in use by another webpage": "The camera is currently in use by another webpage",
     "The input is not valid Email or phone number!": "Die Eingabe ist keine gültige E-Mail-Adresse oder Telefonnummer!",
     "The input is not valid Email!": "The input is not valid Email!",
     "The input is not valid phone number!": "The input is not valid phone number!",
@@ -858,6 +871,7 @@
     "Test Email - Tooltip": "E-Mail-Adresse zum Empfangen von Test-E-Mails",
     "Test SMTP Connection": "Testen Sie die SMTP-Verbindung",
     "Third-party": "Third-party",
+    "This field is required": "This field is required",
     "Token URL": "Token-URL",
     "Token URL - Tooltip": "Token-URL",
     "Type": "Typ",
@@ -877,7 +891,9 @@
     "admin (Shared)": "admin (Gemeinsam)"
   },
   "record": {
-    "Is triggered": "Is triggered"
+    "Is triggered": "Is triggered",
+    "Object": "Object",
+    "Response": "Response"
   },
   "resource": {
     "Copy Link": "Kopiere den Link",
@@ -1069,6 +1085,8 @@
     "Email cannot be empty": "E-Mail darf nicht leer sein",
     "Email/phone reset successfully": "E-Mail-/Telefon-Zurücksetzung erfolgreich durchgeführt",
     "Empty input!": "Leere Eingabe!",
+    "Face ID": "Face ID",
+    "Face IDs": "Face IDs",
     "Gender": "Gender",
     "Gender - Tooltip": "Gender - Tooltip",
     "Homepage": "Startseite des Benutzers",
@@ -1146,6 +1164,9 @@
     "WebAuthn credentials": "WebAuthn-Anmeldeinformationen",
     "input password": "Eingabe des Passworts"
   },
+  "verification": {
+    "Receiver": "Receiver"
+  },
   "webhook": {
     "Content type": "Content-Type",
     "Content type - Tooltip": "Inhaltstyp",

web/src/locales/en/data.json

@@ -181,6 +181,7 @@
     "Adapter - Tooltip": "Table name of the policy store",
     "Adapters": "Adapters",
     "Add": "Add",
+    "Add Face Id": "Add Face Id",
     "Add custom item": "Add custom item",
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
@@ -234,6 +235,7 @@
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
     "Enforcers": "Enforcers",
+    "FaceIdData": "FaceIdData",
     "Failed to add": "Failed to add",
     "Failed to connect to server": "Failed to connect to server",
     "Failed to delete": "Failed to delete",
@@ -390,6 +392,7 @@
     "User type - Tooltip": "Tags that the user belongs to, defaulting to \"normal-user\"",
     "Users": "Users",
     "Users under all organizations": "Users under all organizations",
+    "Verifications": "Verifications",
     "Webhooks": "Webhooks",
     "You can only select one physical group": "You can only select one physical group",
     "empty": "empty",
@@ -460,6 +463,9 @@
     "Continue with": "Continue with",
     "Email": "Email",
     "Email or phone": "Email or phone",
+    "Face ID": "Face ID",
+    "Face Recognition": "Face Recognition",
+    "Face recognition failed": "Face recognition failed",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Forgot password?",
@@ -469,9 +475,12 @@
     "Logging out...": "Logging out...",
     "Login button": "Login button",
     "MetaMask plugin not detected": "MetaMask plugin not detected",
+    "Model loading failure": "Model loading failure",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
     "Phone": "Phone",
+    "Please ensure sufficient lighting and align your face in the center of the recognition box": "Please ensure sufficient lighting and align your face in the center of the recognition box",
+    "Please ensure that you have a camera device for facial recognition": "Please ensure that you have a camera device for facial recognition",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
     "Please input your Email!": "Please input your Email!",
     "Please input your LDAP username!": "Please input your LDAP username!",
@@ -479,15 +488,19 @@
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
+    "Please load the webpage using HTTPS, otherwise the camera cannot be accessed": "Please load the webpage using HTTPS, otherwise the camera cannot be accessed",
+    "Please provide permission to access the camera": "Please provide permission to access the camera",
     "Please select an organization": "Please select an organization",
     "Please select an organization to sign in": "Please select an organization to sign in",
     "Please type an organization to sign in": "Please type an organization to sign in",
     "Redirecting, please wait.": "Redirecting, please wait.",
     "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
     "Sign in with WebAuthn": "Sign in with WebAuthn",
     "Sign in with {type}": "Sign in with {type}",
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
+    "The camera is currently in use by another webpage": "The camera is currently in use by another webpage",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
     "The input is not valid Email!": "The input is not valid Email!",
     "The input is not valid phone number!": "The input is not valid phone number!",
@@ -858,6 +871,7 @@
     "Test Email - Tooltip": "Email address to receive test mails",
     "Test SMTP Connection": "Test SMTP Connection",
     "Third-party": "Third-party",
+    "This field is required": "This field is required",
     "Token URL": "Token URL",
     "Token URL - Tooltip": "Token URL",
     "Type": "Type",
@@ -877,7 +891,9 @@
     "admin (Shared)": "admin (Shared)"
   },
   "record": {
-    "Is triggered": "Is triggered"
+    "Is triggered": "Is triggered",
+    "Object": "Object",
+    "Response": "Response"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1069,6 +1085,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email/phone reset successfully": "Email/phone reset successfully",
     "Empty input!": "Empty input!",
+    "Face ID": "Face ID",
+    "Face IDs": "Face IDs",
     "Gender": "Gender",
     "Gender - Tooltip": "Gender - Tooltip",
     "Homepage": "Homepage",
@@ -1146,6 +1164,9 @@
     "WebAuthn credentials": "WebAuthn credentials",
     "input password": "input password"
   },
+  "verification": {
+    "Receiver": "Receiver"
+  },
   "webhook": {
     "Content type": "Content type",
     "Content type - Tooltip": "Content type",

web/src/locales/es/data.json

@@ -181,6 +181,7 @@
     "Adapter - Tooltip": "Nombre de la tabla de la tienda de políticas",
     "Adapters": "Adaptadores",
     "Add": "Añadir",
+    "Add Face Id": "Add Face Id",
     "Add custom item": "Add custom item",
     "Admin": "Admin",
     "Affiliation URL": "URL de afiliación",
@@ -234,6 +235,7 @@
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
     "Enforcers": "Enforcers",
+    "FaceIdData": "FaceIdData",
     "Failed to add": "No se pudo agregar",
     "Failed to connect to server": "No se pudo conectar al servidor",
     "Failed to delete": "No se pudo eliminar",
@@ -390,6 +392,7 @@
     "User type - Tooltip": "Etiquetas a las que el usuario pertenece, con una configuración predeterminada en \"usuario-normal\"",
     "Users": "Usuarios",
     "Users under all organizations": "Usuarios bajo todas las organizaciones",
+    "Verifications": "Verifications",
     "Webhooks": "Webhooks",
     "You can only select one physical group": "You can only select one physical group",
     "empty": "vacío",
@@ -460,6 +463,9 @@
     "Continue with": "Continúe con",
     "Email": "Email",
     "Email or phone": "Correo electrónico o teléfono",
+    "Face ID": "Face ID",
+    "Face Recognition": "Face Recognition",
+    "Face recognition failed": "Face recognition failed",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "¿Olvidaste tu contraseña?",
@@ -469,9 +475,12 @@
     "Logging out...": "Cerrando sesión...",
     "Login button": "Login button",
     "MetaMask plugin not detected": "MetaMask plugin not detected",
+    "Model loading failure": "Model loading failure",
     "No account?": "¿No tienes cuenta?",
     "Or sign in with another account": "O inicia sesión con otra cuenta",
     "Phone": "Phone",
+    "Please ensure sufficient lighting and align your face in the center of the recognition box": "Please ensure sufficient lighting and align your face in the center of the recognition box",
+    "Please ensure that you have a camera device for facial recognition": "Please ensure that you have a camera device for facial recognition",
     "Please input your Email or Phone!": "¡Por favor introduzca su correo electrónico o teléfono!",
     "Please input your Email!": "Please input your Email!",
     "Please input your LDAP username!": "Please input your LDAP username!",
@@ -479,15 +488,19 @@
     "Please input your code!": "¡Por favor ingrese su código!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "¡Ingrese su contraseña, por favor!",
+    "Please load the webpage using HTTPS, otherwise the camera cannot be accessed": "Please load the webpage using HTTPS, otherwise the camera cannot be accessed",
+    "Please provide permission to access the camera": "Please provide permission to access the camera",
     "Please select an organization": "Please select an organization",
     "Please select an organization to sign in": "Please select an organization to sign in",
     "Please type an organization to sign in": "Please type an organization to sign in",
     "Redirecting, please wait.": "Redirigiendo, por favor espera.",
     "Sign In": "Iniciar sesión",
+    "Sign in with Face ID": "Sign in with Face ID",
     "Sign in with WebAuthn": "Iniciar sesión con WebAuthn",
     "Sign in with {type}": "Inicia sesión con {tipo}",
     "Signing in...": "Iniciando sesión...",
     "Successfully logged in with WebAuthn credentials": "Inició sesión correctamente con las credenciales de WebAuthn",
+    "The camera is currently in use by another webpage": "The camera is currently in use by another webpage",
     "The input is not valid Email or phone number!": "¡La entrada no es un correo electrónico o número de teléfono válido!",
     "The input is not valid Email!": "The input is not valid Email!",
     "The input is not valid phone number!": "The input is not valid phone number!",
@@ -858,6 +871,7 @@
     "Test Email - Tooltip": "Dirección de correo electrónico para recibir mensajes de prueba",
     "Test SMTP Connection": "Prueba de conexión SMTP",
     "Third-party": "Third-party",
+    "This field is required": "This field is required",
     "Token URL": "Token URL",
     "Token URL - Tooltip": "URL de token",
     "Type": "Tipo",
@@ -877,7 +891,9 @@
     "admin (Shared)": "administrador (compartido)"
   },
   "record": {
-    "Is triggered": "Is triggered"
+    "Is triggered": "Is triggered",
+    "Object": "Object",
+    "Response": "Response"
   },
   "resource": {
     "Copy Link": "Copiar enlace",
@@ -1069,6 +1085,8 @@
     "Email cannot be empty": "El correo electrónico no puede estar vacío",
     "Email/phone reset successfully": "Restablecimiento de correo electrónico/teléfono exitoso",
     "Empty input!": "¡Entrada vacía!",
+    "Face ID": "Face ID",
+    "Face IDs": "Face IDs",
     "Gender": "Gender",
     "Gender - Tooltip": "Gender - Tooltip",
     "Homepage": "Página de inicio del usuario",
@@ -1146,6 +1164,9 @@
     "WebAuthn credentials": "Credenciales de WebAuthn",
     "input password": "Ingresar contraseña"
   },
+  "verification": {
+    "Receiver": "Receiver"
+  },
   "webhook": {
     "Content type": "Tipo de contenido",
     "Content type - Tooltip": "Tipo de contenido",

web/src/locales/fa/data.json

@@ -181,6 +181,7 @@
     "Adapter - Tooltip": "Table name of the policy store",
     "Adapters": "Adapters",
     "Add": "Add",
+    "Add Face Id": "Add Face Id",
     "Add custom item": "Add custom item",
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
@@ -234,6 +235,7 @@
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
     "Enforcers": "Enforcers",
+    "FaceIdData": "FaceIdData",
     "Failed to add": "Failed to add",
     "Failed to connect to server": "Failed to connect to server",
     "Failed to delete": "Failed to delete",
@@ -390,6 +392,7 @@
     "User type - Tooltip": "Tags that the user belongs to, defaulting to \"normal-user\"",
     "Users": "Users",
     "Users under all organizations": "Users under all organizations",
+    "Verifications": "Verifications",
     "Webhooks": "Webhooks",
     "You can only select one physical group": "You can only select one physical group",
     "empty": "empty",
@@ -460,6 +463,9 @@
     "Continue with": "Continue with",
     "Email": "Email",
     "Email or phone": "Email or phone",
+    "Face ID": "Face ID",
+    "Face Recognition": "Face Recognition",
+    "Face recognition failed": "Face recognition failed",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Forgot password?",
@@ -469,9 +475,12 @@
     "Logging out...": "Logging out...",
     "Login button": "Login button",
     "MetaMask plugin not detected": "MetaMask plugin not detected",
+    "Model loading failure": "Model loading failure",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
     "Phone": "Phone",
+    "Please ensure sufficient lighting and align your face in the center of the recognition box": "Please ensure sufficient lighting and align your face in the center of the recognition box",
+    "Please ensure that you have a camera device for facial recognition": "Please ensure that you have a camera device for facial recognition",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
     "Please input your Email!": "Please input your Email!",
     "Please input your LDAP username!": "Please input your LDAP username!",
@@ -479,15 +488,19 @@
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
+    "Please load the webpage using HTTPS, otherwise the camera cannot be accessed": "Please load the webpage using HTTPS, otherwise the camera cannot be accessed",
+    "Please provide permission to access the camera": "Please provide permission to access the camera",
     "Please select an organization": "Please select an organization",
     "Please select an organization to sign in": "Please select an organization to sign in",
     "Please type an organization to sign in": "Please type an organization to sign in",
     "Redirecting, please wait.": "Redirecting, please wait.",
     "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
     "Sign in with WebAuthn": "Sign in with WebAuthn",
     "Sign in with {type}": "Sign in with {type}",
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
+    "The camera is currently in use by another webpage": "The camera is currently in use by another webpage",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
     "The input is not valid Email!": "The input is not valid Email!",
     "The input is not valid phone number!": "The input is not valid phone number!",
@@ -858,6 +871,7 @@
     "Test Email - Tooltip": "Email address to receive test mails",
     "Test SMTP Connection": "Test SMTP Connection",
     "Third-party": "Third-party",
+    "This field is required": "This field is required",
     "Token URL": "Token URL",
     "Token URL - Tooltip": "Token URL",
     "Type": "Type",
@@ -877,7 +891,9 @@
     "admin (Shared)": "admin (Shared)"
   },
   "record": {
-    "Is triggered": "Is triggered"
+    "Is triggered": "Is triggered",
+    "Object": "Object",
+    "Response": "Response"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1069,6 +1085,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email/phone reset successfully": "Email/phone reset successfully",
     "Empty input!": "Empty input!",
+    "Face ID": "Face ID",
+    "Face IDs": "Face IDs",
     "Gender": "Gender",
     "Gender - Tooltip": "Gender - Tooltip",
     "Homepage": "Homepage",
@@ -1146,6 +1164,9 @@
     "WebAuthn credentials": "WebAuthn credentials",
     "input password": "input password"
   },
+  "verification": {
+    "Receiver": "Receiver"
+  },
   "webhook": {
     "Content type": "Content type",
     "Content type - Tooltip": "Content type",

web/src/locales/fi/data.json

@@ -181,6 +181,7 @@
     "Adapter - Tooltip": "Table name of the policy store",
     "Adapters": "Adapters",
     "Add": "Add",
+    "Add Face Id": "Add Face Id",
     "Add custom item": "Add custom item",
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
@@ -234,6 +235,7 @@
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
     "Enforcers": "Enforcers",
+    "FaceIdData": "FaceIdData",
     "Failed to add": "Failed to add",
     "Failed to connect to server": "Failed to connect to server",
     "Failed to delete": "Failed to delete",
@@ -390,6 +392,7 @@
     "User type - Tooltip": "Tags that the user belongs to, defaulting to \"normal-user\"",
     "Users": "Users",
     "Users under all organizations": "Users under all organizations",
+    "Verifications": "Verifications",
     "Webhooks": "Webhooks",
     "You can only select one physical group": "You can only select one physical group",
     "empty": "empty",
@@ -460,6 +463,9 @@
     "Continue with": "Continue with",
     "Email": "Email",
     "Email or phone": "Email or phone",
+    "Face ID": "Face ID",
+    "Face Recognition": "Face Recognition",
+    "Face recognition failed": "Face recognition failed",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Forgot password?",
@@ -469,9 +475,12 @@
     "Logging out...": "Logging out...",
     "Login button": "Login button",
     "MetaMask plugin not detected": "MetaMask plugin not detected",
+    "Model loading failure": "Model loading failure",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
     "Phone": "Phone",
+    "Please ensure sufficient lighting and align your face in the center of the recognition box": "Please ensure sufficient lighting and align your face in the center of the recognition box",
+    "Please ensure that you have a camera device for facial recognition": "Please ensure that you have a camera device for facial recognition",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
     "Please input your Email!": "Please input your Email!",
     "Please input your LDAP username!": "Please input your LDAP username!",
@@ -479,15 +488,19 @@
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
+    "Please load the webpage using HTTPS, otherwise the camera cannot be accessed": "Please load the webpage using HTTPS, otherwise the camera cannot be accessed",
+    "Please provide permission to access the camera": "Please provide permission to access the camera",
     "Please select an organization": "Please select an organization",
     "Please select an organization to sign in": "Please select an organization to sign in",
     "Please type an organization to sign in": "Please type an organization to sign in",
     "Redirecting, please wait.": "Redirecting, please wait.",
     "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
     "Sign in with WebAuthn": "Sign in with WebAuthn",
     "Sign in with {type}": "Sign in with {type}",
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
+    "The camera is currently in use by another webpage": "The camera is currently in use by another webpage",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
     "The input is not valid Email!": "The input is not valid Email!",
     "The input is not valid phone number!": "The input is not valid phone number!",
@@ -858,6 +871,7 @@
     "Test Email - Tooltip": "Email address to receive test mails",
     "Test SMTP Connection": "Test SMTP Connection",
     "Third-party": "Third-party",
+    "This field is required": "This field is required",
     "Token URL": "Token URL",
     "Token URL - Tooltip": "Token URL",
     "Type": "Type",
@@ -877,7 +891,9 @@
     "admin (Shared)": "admin (Shared)"
   },
   "record": {
-    "Is triggered": "Is triggered"
+    "Is triggered": "Is triggered",
+    "Object": "Object",
+    "Response": "Response"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1069,6 +1085,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email/phone reset successfully": "Email/phone reset successfully",
     "Empty input!": "Empty input!",
+    "Face ID": "Face ID",
+    "Face IDs": "Face IDs",
     "Gender": "Gender",
     "Gender - Tooltip": "Gender - Tooltip",
     "Homepage": "Homepage",
@@ -1146,6 +1164,9 @@
     "WebAuthn credentials": "WebAuthn credentials",
     "input password": "input password"
   },
+  "verification": {
+    "Receiver": "Receiver"
+  },
   "webhook": {
     "Content type": "Content type",
     "Content type - Tooltip": "Content type",

web/src/locales/fr/data.json

@@ -181,6 +181,7 @@
     "Adapter - Tooltip": "Nom de la table du magasin de règle",
     "Adapters": "Adaptateurs",
     "Add": "Ajouter",
+    "Add Face Id": "Add Face Id",
     "Add custom item": "Add custom item",
     "Admin": "Administration",
     "Affiliation URL": "URL d'affiliation",
@@ -234,6 +235,7 @@
     "Enabled": "Activé",
     "Enabled successfully": "Activé avec succès",
     "Enforcers": "Exécuteurs",
+    "FaceIdData": "FaceIdData",
     "Failed to add": "Échec d'ajout",
     "Failed to connect to server": "Échec de la connexion au serveur",
     "Failed to delete": "Échec de la suppression",
@@ -390,6 +392,7 @@
     "User type - Tooltip": "Étiquettes associées au compte, avec une valeur par défaut \"normal-user\"",
     "Users": "Comptes",
     "Users under all organizations": "Comptes sous toutes les organisations",
+    "Verifications": "Verifications",
     "Webhooks": "Crochets web",
     "You can only select one physical group": "Vous ne pouvez sélectionner qu'un seul groupe physique",
     "empty": "vide",
@@ -460,6 +463,9 @@
     "Continue with": "Continuer avec",
     "Email": "Email",
     "Email or phone": "Email ou téléphone",
+    "Face ID": "Face ID",
+    "Face Recognition": "Face Recognition",
+    "Face recognition failed": "Face recognition failed",
     "Failed to obtain MetaMask authorization": "Échec de l'obtention de l'autorisation MetaMask",
     "Failed to obtain Web3-Onboard authorization": "Échec de l'obtention de l'autorisation MetaMask",
     "Forgot password?": "Mot de passe oublié ?",
@@ -469,9 +475,12 @@
     "Logging out...": "Déconnexion...",
     "Login button": "Login button",
     "MetaMask plugin not detected": "Le plugin MetaMask n'a pas été détecté",
+    "Model loading failure": "Model loading failure",
     "No account?": "Pas de compte ?",
     "Or sign in with another account": "Ou connectez-vous avec un autre compte",
     "Phone": "Phone",
+    "Please ensure sufficient lighting and align your face in the center of the recognition box": "Please ensure sufficient lighting and align your face in the center of the recognition box",
+    "Please ensure that you have a camera device for facial recognition": "Please ensure that you have a camera device for facial recognition",
     "Please input your Email or Phone!": "Veuillez saisir votre adresse e-mail ou votre numéro de téléphone !",
     "Please input your Email!": "Please input your Email!",
     "Please input your LDAP username!": "Please input your LDAP username!",
@@ -479,15 +488,19 @@
     "Please input your code!": "Veuillez saisir votre code !",
     "Please input your organization name!": "Veuillez saisir le nom de votre organisation !",
     "Please input your password!": "Veuillez saisir votre mot de passe !",
+    "Please load the webpage using HTTPS, otherwise the camera cannot be accessed": "Please load the webpage using HTTPS, otherwise the camera cannot be accessed",
+    "Please provide permission to access the camera": "Please provide permission to access the camera",
     "Please select an organization": "Veuillez sélectionner une organisation",
     "Please select an organization to sign in": "Veuillez choisir une organisation pour vous connecter",
     "Please type an organization to sign in": "Veuillez entrer une organisation pour vous connecter",
     "Redirecting, please wait.": "Redirection en cours, veuillez patienter.",
     "Sign In": "Se connecter",
+    "Sign in with Face ID": "Sign in with Face ID",
     "Sign in with WebAuthn": "Connectez-vous avec WebAuthn",
     "Sign in with {type}": "Connectez-vous avec {type}",
     "Signing in...": "Connexion en cours...",
     "Successfully logged in with WebAuthn credentials": "Connexion avec les identifiants WebAuthn réussie",
+    "The camera is currently in use by another webpage": "The camera is currently in use by another webpage",
     "The input is not valid Email or phone number!": "L'entrée n'est pas une adresse e-mail ou un numéro de téléphone valide !",
     "The input is not valid Email!": "The input is not valid Email!",
     "The input is not valid phone number!": "The input is not valid phone number!",
@@ -858,6 +871,7 @@
     "Test Email - Tooltip": "Adresse e-mail pour recevoir des courriels de test",
     "Test SMTP Connection": "Test de connexion SMTP",
     "Third-party": "Tierce partie",
+    "This field is required": "This field is required",
     "Token URL": "URL de jeton",
     "Token URL - Tooltip": "URL de jeton",
     "Type": "Type de texte",
@@ -877,7 +891,9 @@
     "admin (Shared)": "admin (Partagé)"
   },
   "record": {
-    "Is triggered": "Is triggered"
+    "Is triggered": "Is triggered",
+    "Object": "Object",
+    "Response": "Response"
   },
   "resource": {
     "Copy Link": "Copier le lien",
@@ -1069,6 +1085,8 @@
     "Email cannot be empty": "Le champ e-mail doit être rempli",
     "Email/phone reset successfully": "E-mail ou téléphone réinitialisé avec succès",
     "Empty input!": "Champ vide !",
+    "Face ID": "Face ID",
+    "Face IDs": "Face IDs",
     "Gender": "Genre",
     "Gender - Tooltip": "Genre - Infobulle",
     "Homepage": "Site web",
@@ -1146,6 +1164,9 @@
     "WebAuthn credentials": "Identifiants WebAuthn",
     "input password": "saisir le mot de passe"
   },
+  "verification": {
+    "Receiver": "Receiver"
+  },
   "webhook": {
     "Content type": "Type de contenu",
     "Content type - Tooltip": "Type de contenu",

web/src/locales/he/data.json

@@ -181,6 +181,7 @@
     "Adapter - Tooltip": "Table name of the policy store",
     "Adapters": "Adapters",
     "Add": "Add",
+    "Add Face Id": "Add Face Id",
     "Add custom item": "Add custom item",
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
@@ -234,6 +235,7 @@
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
     "Enforcers": "Enforcers",
+    "FaceIdData": "FaceIdData",
     "Failed to add": "Failed to add",
     "Failed to connect to server": "Failed to connect to server",
     "Failed to delete": "Failed to delete",
@@ -390,6 +392,7 @@
     "User type - Tooltip": "Tags that the user belongs to, defaulting to \"normal-user\"",
     "Users": "Users",
     "Users under all organizations": "Users under all organizations",
+    "Verifications": "Verifications",
     "Webhooks": "Webhooks",
     "You can only select one physical group": "You can only select one physical group",
     "empty": "empty",
@@ -460,6 +463,9 @@
     "Continue with": "Continue with",
     "Email": "Email",
     "Email or phone": "Email or phone",
+    "Face ID": "Face ID",
+    "Face Recognition": "Face Recognition",
+    "Face recognition failed": "Face recognition failed",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Forgot password?",
@@ -469,9 +475,12 @@
     "Logging out...": "Logging out...",
     "Login button": "Login button",
     "MetaMask plugin not detected": "MetaMask plugin not detected",
+    "Model loading failure": "Model loading failure",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
     "Phone": "Phone",
+    "Please ensure sufficient lighting and align your face in the center of the recognition box": "Please ensure sufficient lighting and align your face in the center of the recognition box",
+    "Please ensure that you have a camera device for facial recognition": "Please ensure that you have a camera device for facial recognition",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
     "Please input your Email!": "Please input your Email!",
     "Please input your LDAP username!": "Please input your LDAP username!",
@@ -479,15 +488,19 @@
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
+    "Please load the webpage using HTTPS, otherwise the camera cannot be accessed": "Please load the webpage using HTTPS, otherwise the camera cannot be accessed",
+    "Please provide permission to access the camera": "Please provide permission to access the camera",
     "Please select an organization": "Please select an organization",
     "Please select an organization to sign in": "Please select an organization to sign in",
     "Please type an organization to sign in": "Please type an organization to sign in",
     "Redirecting, please wait.": "Redirecting, please wait.",
     "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
     "Sign in with WebAuthn": "Sign in with WebAuthn",
     "Sign in with {type}": "Sign in with {type}",
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
+    "The camera is currently in use by another webpage": "The camera is currently in use by another webpage",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
     "The input is not valid Email!": "The input is not valid Email!",
     "The input is not valid phone number!": "The input is not valid phone number!",
@@ -858,6 +871,7 @@
     "Test Email - Tooltip": "Email address to receive test mails",
     "Test SMTP Connection": "Test SMTP Connection",
     "Third-party": "Third-party",
+    "This field is required": "This field is required",
     "Token URL": "Token URL",
     "Token URL - Tooltip": "Token URL",
     "Type": "Type",
@@ -877,7 +891,9 @@
     "admin (Shared)": "admin (Shared)"
   },
   "record": {
-    "Is triggered": "Is triggered"
+    "Is triggered": "Is triggered",
+    "Object": "Object",
+    "Response": "Response"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1069,6 +1085,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email/phone reset successfully": "Email/phone reset successfully",
     "Empty input!": "Empty input!",
+    "Face ID": "Face ID",
+    "Face IDs": "Face IDs",
     "Gender": "Gender",
     "Gender - Tooltip": "Gender - Tooltip",
     "Homepage": "Homepage",
@@ -1146,6 +1164,9 @@
     "WebAuthn credentials": "WebAuthn credentials",
     "input password": "input password"
   },
+  "verification": {
+    "Receiver": "Receiver"
+  },
   "webhook": {
     "Content type": "Content type",
     "Content type - Tooltip": "Content type",

web/src/locales/id/data.json

@@ -181,6 +181,7 @@
     "Adapter - Tooltip": "Nama tabel dari penyimpanan kebijakan",
     "Adapters": "Adaptor",
     "Add": "Tambahkan",
+    "Add Face Id": "Add Face Id",
     "Add custom item": "Add custom item",
     "Admin": "Admin",
     "Affiliation URL": "URL Afiliasi",
@@ -234,6 +235,7 @@
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
     "Enforcers": "Enforcers",
+    "FaceIdData": "FaceIdData",
     "Failed to add": "Gagal menambahkan",
     "Failed to connect to server": "Gagal terhubung ke server",
     "Failed to delete": "Gagal menghapus",
@@ -390,6 +392,7 @@
     "User type - Tooltip": "Tag yang dimiliki oleh pengguna, defaultnya adalah \"normal-user\"",
     "Users": "Pengguna-pengguna",
     "Users under all organizations": "Pengguna di bawah semua organisasi",
+    "Verifications": "Verifications",
     "Webhooks": "Webhooks",
     "You can only select one physical group": "You can only select one physical group",
     "empty": "kosong",
@@ -460,6 +463,9 @@
     "Continue with": "Lanjutkan dengan",
     "Email": "Email",
     "Email or phone": "Email atau telepon",
+    "Face ID": "Face ID",
+    "Face Recognition": "Face Recognition",
+    "Face recognition failed": "Face recognition failed",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Lupa kata sandi?",
@@ -469,9 +475,12 @@
     "Logging out...": "Keluar...",
     "Login button": "Login button",
     "MetaMask plugin not detected": "MetaMask plugin not detected",
+    "Model loading failure": "Model loading failure",
     "No account?": "Tidak memiliki akun?",
     "Or sign in with another account": "Atau masuk dengan akun lain",
     "Phone": "Phone",
+    "Please ensure sufficient lighting and align your face in the center of the recognition box": "Please ensure sufficient lighting and align your face in the center of the recognition box",
+    "Please ensure that you have a camera device for facial recognition": "Please ensure that you have a camera device for facial recognition",
     "Please input your Email or Phone!": "Silahkan masukkan email atau nomor telepon Anda!",
     "Please input your Email!": "Please input your Email!",
     "Please input your LDAP username!": "Please input your LDAP username!",
@@ -479,15 +488,19 @@
     "Please input your code!": "Silakan masukkan kode Anda!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Masukkan kata sandi Anda!",
+    "Please load the webpage using HTTPS, otherwise the camera cannot be accessed": "Please load the webpage using HTTPS, otherwise the camera cannot be accessed",
+    "Please provide permission to access the camera": "Please provide permission to access the camera",
     "Please select an organization": "Please select an organization",
     "Please select an organization to sign in": "Please select an organization to sign in",
     "Please type an organization to sign in": "Please type an organization to sign in",
     "Redirecting, please wait.": "Mengalihkan, harap tunggu.",
     "Sign In": "Masuk",
+    "Sign in with Face ID": "Sign in with Face ID",
     "Sign in with WebAuthn": "Masuk dengan WebAuthn",
     "Sign in with {type}": "Masuk dengan {type}",
     "Signing in...": "Masuk...",
     "Successfully logged in with WebAuthn credentials": "Berhasil masuk dengan kredensial WebAuthn",
+    "The camera is currently in use by another webpage": "The camera is currently in use by another webpage",
     "The input is not valid Email or phone number!": "Input yang Anda masukkan tidak valid, tidak sesuai dengan Email atau nomor telepon!",
     "The input is not valid Email!": "The input is not valid Email!",
     "The input is not valid phone number!": "The input is not valid phone number!",
@@ -858,6 +871,7 @@
     "Test Email - Tooltip": "Alamat email untuk menerima email percobaan",
     "Test SMTP Connection": "Tes Koneksi SMTP",
     "Third-party": "Third-party",
+    "This field is required": "This field is required",
     "Token URL": "Token URL: Tautan Token",
     "Token URL - Tooltip": "Token URL: URL Token",
     "Type": "Jenis",
@@ -877,7 +891,9 @@
     "admin (Shared)": "Admin (Berbagi)"
   },
   "record": {
-    "Is triggered": "Is triggered"
+    "Is triggered": "Is triggered",
+    "Object": "Object",
+    "Response": "Response"
   },
   "resource": {
     "Copy Link": "Salin Tautan",
@@ -1069,6 +1085,8 @@
     "Email cannot be empty": "Email tidak boleh kosong",
     "Email/phone reset successfully": "Email/telepon berhasil diatur ulang",
     "Empty input!": "Masukan kosong!",
+    "Face ID": "Face ID",
+    "Face IDs": "Face IDs",
     "Gender": "Gender",
     "Gender - Tooltip": "Gender - Tooltip",
     "Homepage": "Homepage",
@@ -1146,6 +1164,9 @@
     "WebAuthn credentials": "Kredensial WebAuthn",
     "input password": "masukkan kata sandi"
   },
+  "verification": {
+    "Receiver": "Receiver"
+  },
   "webhook": {
     "Content type": "Jenis konten",
     "Content type - Tooltip": "Tipe konten",

web/src/locales/it/data.json

@@ -181,6 +181,7 @@
     "Adapter - Tooltip": "Table name of the policy store",
     "Adapters": "Adapters",
     "Add": "Add",
+    "Add Face Id": "Add Face Id",
     "Add custom item": "Add custom item",
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
@@ -234,6 +235,7 @@
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
     "Enforcers": "Enforcers",
+    "FaceIdData": "FaceIdData",
     "Failed to add": "Failed to add",
     "Failed to connect to server": "Failed to connect to server",
     "Failed to delete": "Failed to delete",
@@ -390,6 +392,7 @@
     "User type - Tooltip": "Tags that the user belongs to, defaulting to \"normal-user\"",
     "Users": "Users",
     "Users under all organizations": "Users under all organizations",
+    "Verifications": "Verifications",
     "Webhooks": "Webhooks",
     "You can only select one physical group": "You can only select one physical group",
     "empty": "empty",
@@ -460,6 +463,9 @@
     "Continue with": "Continue with",
     "Email": "Email",
     "Email or phone": "Email or phone",
+    "Face ID": "Face ID",
+    "Face Recognition": "Face Recognition",
+    "Face recognition failed": "Face recognition failed",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Forgot password?",
@@ -469,9 +475,12 @@
     "Logging out...": "Logging out...",
     "Login button": "Login button",
     "MetaMask plugin not detected": "MetaMask plugin not detected",
+    "Model loading failure": "Model loading failure",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
     "Phone": "Phone",
+    "Please ensure sufficient lighting and align your face in the center of the recognition box": "Please ensure sufficient lighting and align your face in the center of the recognition box",
+    "Please ensure that you have a camera device for facial recognition": "Please ensure that you have a camera device for facial recognition",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
     "Please input your Email!": "Please input your Email!",
     "Please input your LDAP username!": "Please input your LDAP username!",
@@ -479,15 +488,19 @@
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
+    "Please load the webpage using HTTPS, otherwise the camera cannot be accessed": "Please load the webpage using HTTPS, otherwise the camera cannot be accessed",
+    "Please provide permission to access the camera": "Please provide permission to access the camera",
     "Please select an organization": "Please select an organization",
     "Please select an organization to sign in": "Please select an organization to sign in",
     "Please type an organization to sign in": "Please type an organization to sign in",
     "Redirecting, please wait.": "Redirecting, please wait.",
     "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
     "Sign in with WebAuthn": "Sign in with WebAuthn",
     "Sign in with {type}": "Sign in with {type}",
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
+    "The camera is currently in use by another webpage": "The camera is currently in use by another webpage",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
     "The input is not valid Email!": "The input is not valid Email!",
     "The input is not valid phone number!": "The input is not valid phone number!",
@@ -858,6 +871,7 @@
     "Test Email - Tooltip": "Email address to receive test mails",
     "Test SMTP Connection": "Test SMTP Connection",
     "Third-party": "Third-party",
+    "This field is required": "This field is required",
     "Token URL": "Token URL",
     "Token URL - Tooltip": "Token URL",
     "Type": "Type",
@@ -877,7 +891,9 @@
     "admin (Shared)": "admin (Shared)"
   },
   "record": {
-    "Is triggered": "Is triggered"
+    "Is triggered": "Is triggered",
+    "Object": "Object",
+    "Response": "Response"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1069,6 +1085,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email/phone reset successfully": "Email/phone reset successfully",
     "Empty input!": "Empty input!",
+    "Face ID": "Face ID",
+    "Face IDs": "Face IDs",
     "Gender": "Gender",
     "Gender - Tooltip": "Gender - Tooltip",
     "Homepage": "Homepage",
@@ -1146,6 +1164,9 @@
     "WebAuthn credentials": "WebAuthn credentials",
     "input password": "input password"
   },
+  "verification": {
+    "Receiver": "Receiver"
+  },
   "webhook": {
     "Content type": "Content type",
     "Content type - Tooltip": "Content type",

web/src/locales/ja/data.json

@@ -181,6 +181,7 @@
     "Adapter - Tooltip": "ポリシー・ストアのテーブル名",
     "Adapters": "アダプター",
     "Add": "追加",
+    "Add Face Id": "Add Face Id",
     "Add custom item": "Add custom item",
     "Admin": "Admin",
     "Affiliation URL": "所属するURL",
@@ -234,6 +235,7 @@
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
     "Enforcers": "Enforcers",
+    "FaceIdData": "FaceIdData",
     "Failed to add": "追加できませんでした",
     "Failed to connect to server": "サーバーに接続できませんでした",
     "Failed to delete": "削除に失敗しました",
@@ -390,6 +392,7 @@
     "User type - Tooltip": "ユーザーが属するタグは、デフォルトでは「通常ユーザー」となります",
     "Users": "ユーザー",
     "Users under all organizations": "すべての組織のユーザー",
+    "Verifications": "Verifications",
     "Webhooks": "Webhooks",
     "You can only select one physical group": "You can only select one physical group",
     "empty": "空",
@@ -460,6 +463,9 @@
     "Continue with": "続ける",
     "Email": "Email",
     "Email or phone": "メールまたは電話",
+    "Face ID": "Face ID",
+    "Face Recognition": "Face Recognition",
+    "Face recognition failed": "Face recognition failed",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "パスワードを忘れましたか？",
@@ -469,9 +475,12 @@
     "Logging out...": "ログアウト中...",
     "Login button": "Login button",
     "MetaMask plugin not detected": "MetaMask plugin not detected",
+    "Model loading failure": "Model loading failure",
     "No account?": "アカウントがありませんか？",
     "Or sign in with another account": "別のアカウントでサインインする",
     "Phone": "Phone",
+    "Please ensure sufficient lighting and align your face in the center of the recognition box": "Please ensure sufficient lighting and align your face in the center of the recognition box",
+    "Please ensure that you have a camera device for facial recognition": "Please ensure that you have a camera device for facial recognition",
     "Please input your Email or Phone!": "あなたのメールアドレスまたは電話番号を入力してください！",
     "Please input your Email!": "Please input your Email!",
     "Please input your LDAP username!": "Please input your LDAP username!",
@@ -479,15 +488,19 @@
     "Please input your code!": "あなたのコードを入力してください！",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "パスワードを入力してください！",
+    "Please load the webpage using HTTPS, otherwise the camera cannot be accessed": "Please load the webpage using HTTPS, otherwise the camera cannot be accessed",
+    "Please provide permission to access the camera": "Please provide permission to access the camera",
     "Please select an organization": "Please select an organization",
     "Please select an organization to sign in": "Please select an organization to sign in",
     "Please type an organization to sign in": "Please type an organization to sign in",
     "Redirecting, please wait.": "リダイレクト中、お待ちください。",
     "Sign In": "サインイン",
+    "Sign in with Face ID": "Sign in with Face ID",
     "Sign in with WebAuthn": "WebAuthnでサインインしてください",
     "Sign in with {type}": "{type}でサインインしてください",
     "Signing in...": "サインイン中...",
     "Successfully logged in with WebAuthn credentials": "WebAuthnの認証情報で正常にログインしました",
+    "The camera is currently in use by another webpage": "The camera is currently in use by another webpage",
     "The input is not valid Email or phone number!": "入力されたのは有効なメールアドレスまたは電話番号ではありません",
     "The input is not valid Email!": "The input is not valid Email!",
     "The input is not valid phone number!": "The input is not valid phone number!",
@@ -858,6 +871,7 @@
     "Test Email - Tooltip": "テストメールを受け取るためのメールアドレス",
     "Test SMTP Connection": "SMTP接続をテストする",
     "Third-party": "Third-party",
+    "This field is required": "This field is required",
     "Token URL": "トークンのURL",
     "Token URL - Tooltip": "トークンURL",
     "Type": "タイプ",
@@ -877,7 +891,9 @@
     "admin (Shared)": "管理者（共有）"
   },
   "record": {
-    "Is triggered": "Is triggered"
+    "Is triggered": "Is triggered",
+    "Object": "Object",
+    "Response": "Response"
   },
   "resource": {
     "Copy Link": "コピー リンク",
@@ -1069,6 +1085,8 @@
     "Email cannot be empty": "電子メールは空にできません",
     "Email/phone reset successfully": "メール/電話のリセットが成功しました",
     "Empty input!": "空の入力！",
+    "Face ID": "Face ID",
+    "Face IDs": "Face IDs",
     "Gender": "Gender",
     "Gender - Tooltip": "Gender - Tooltip",
     "Homepage": "ユーザーのホームページ",
@@ -1146,6 +1164,9 @@
     "WebAuthn credentials": "WebAuthnの資格情報",
     "input password": "パスワードを入力してください"
   },
+  "verification": {
+    "Receiver": "Receiver"
+  },
   "webhook": {
     "Content type": "コンテンツタイプ",
     "Content type - Tooltip": "コンテンツタイプ",

web/src/locales/kk/data.json

@@ -181,6 +181,7 @@
     "Adapter - Tooltip": "Table name of the policy store",
     "Adapters": "Adapters",
     "Add": "Add",
+    "Add Face Id": "Add Face Id",
     "Add custom item": "Add custom item",
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
@@ -234,6 +235,7 @@
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
     "Enforcers": "Enforcers",
+    "FaceIdData": "FaceIdData",
     "Failed to add": "Failed to add",
     "Failed to connect to server": "Failed to connect to server",
     "Failed to delete": "Failed to delete",
@@ -390,6 +392,7 @@
     "User type - Tooltip": "Tags that the user belongs to, defaulting to \"normal-user\"",
     "Users": "Users",
     "Users under all organizations": "Users under all organizations",
+    "Verifications": "Verifications",
     "Webhooks": "Webhooks",
     "You can only select one physical group": "You can only select one physical group",
     "empty": "empty",
@@ -460,6 +463,9 @@
     "Continue with": "Continue with",
     "Email": "Email",
     "Email or phone": "Email or phone",
+    "Face ID": "Face ID",
+    "Face Recognition": "Face Recognition",
+    "Face recognition failed": "Face recognition failed",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Forgot password?",
@@ -469,9 +475,12 @@
     "Logging out...": "Logging out...",
     "Login button": "Login button",
     "MetaMask plugin not detected": "MetaMask plugin not detected",
+    "Model loading failure": "Model loading failure",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
     "Phone": "Phone",
+    "Please ensure sufficient lighting and align your face in the center of the recognition box": "Please ensure sufficient lighting and align your face in the center of the recognition box",
+    "Please ensure that you have a camera device for facial recognition": "Please ensure that you have a camera device for facial recognition",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
     "Please input your Email!": "Please input your Email!",
     "Please input your LDAP username!": "Please input your LDAP username!",
@@ -479,15 +488,19 @@
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
+    "Please load the webpage using HTTPS, otherwise the camera cannot be accessed": "Please load the webpage using HTTPS, otherwise the camera cannot be accessed",
+    "Please provide permission to access the camera": "Please provide permission to access the camera",
     "Please select an organization": "Please select an organization",
     "Please select an organization to sign in": "Please select an organization to sign in",
     "Please type an organization to sign in": "Please type an organization to sign in",
     "Redirecting, please wait.": "Redirecting, please wait.",
     "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
     "Sign in with WebAuthn": "Sign in with WebAuthn",
     "Sign in with {type}": "Sign in with {type}",
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
+    "The camera is currently in use by another webpage": "The camera is currently in use by another webpage",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
     "The input is not valid Email!": "The input is not valid Email!",
     "The input is not valid phone number!": "The input is not valid phone number!",
@@ -858,6 +871,7 @@
     "Test Email - Tooltip": "Email address to receive test mails",
     "Test SMTP Connection": "Test SMTP Connection",
     "Third-party": "Third-party",
+    "This field is required": "This field is required",
     "Token URL": "Token URL",
     "Token URL - Tooltip": "Token URL",
     "Type": "Type",
@@ -877,7 +891,9 @@
     "admin (Shared)": "admin (Shared)"
   },
   "record": {
-    "Is triggered": "Is triggered"
+    "Is triggered": "Is triggered",
+    "Object": "Object",
+    "Response": "Response"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1069,6 +1085,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email/phone reset successfully": "Email/phone reset successfully",
     "Empty input!": "Empty input!",
+    "Face ID": "Face ID",
+    "Face IDs": "Face IDs",
     "Gender": "Gender",
     "Gender - Tooltip": "Gender - Tooltip",
     "Homepage": "Homepage",
@@ -1146,6 +1164,9 @@
     "WebAuthn credentials": "WebAuthn credentials",
     "input password": "input password"
   },
+  "verification": {
+    "Receiver": "Receiver"
+  },
   "webhook": {
     "Content type": "Content type",
     "Content type - Tooltip": "Content type",

web/src/locales/ko/data.json

@@ -181,6 +181,7 @@
     "Adapter - Tooltip": "정책 저장소의 테이블 이름",
     "Adapters": "어댑터",
     "Add": "추가하다",
+    "Add Face Id": "Add Face Id",
     "Add custom item": "Add custom item",
     "Admin": "Admin",
     "Affiliation URL": "소속 URL",
@@ -234,6 +235,7 @@
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
     "Enforcers": "Enforcers",
+    "FaceIdData": "FaceIdData",
     "Failed to add": "추가하지 못했습니다",
     "Failed to connect to server": "서버에 연결하지 못했습니다",
     "Failed to delete": "삭제에 실패했습니다",
@@ -390,6 +392,7 @@
     "User type - Tooltip": "사용자가 속한 태그는 기본적으로 \"보통 사용자\"로 설정됩니다",
     "Users": "사용자",
     "Users under all organizations": "모든 조직의 사용자",
+    "Verifications": "Verifications",
     "Webhooks": "Webhooks",
     "You can only select one physical group": "You can only select one physical group",
     "empty": "빈",
@@ -460,6 +463,9 @@
     "Continue with": "계속하다",
     "Email": "Email",
     "Email or phone": "이메일 또는 전화",
+    "Face ID": "Face ID",
+    "Face Recognition": "Face Recognition",
+    "Face recognition failed": "Face recognition failed",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "비밀번호를 잊으셨나요?",
@@ -469,9 +475,12 @@
     "Logging out...": "로그아웃 중...",
     "Login button": "Login button",
     "MetaMask plugin not detected": "MetaMask plugin not detected",
+    "Model loading failure": "Model loading failure",
     "No account?": "계정이 없나요?",
     "Or sign in with another account": "다른 계정으로 로그인하세요",
     "Phone": "Phone",
+    "Please ensure sufficient lighting and align your face in the center of the recognition box": "Please ensure sufficient lighting and align your face in the center of the recognition box",
+    "Please ensure that you have a camera device for facial recognition": "Please ensure that you have a camera device for facial recognition",
     "Please input your Email or Phone!": "이메일 또는 전화번호를 입력해주세요!",
     "Please input your Email!": "Please input your Email!",
     "Please input your LDAP username!": "Please input your LDAP username!",
@@ -479,15 +488,19 @@
     "Please input your code!": "코드를 입력해주세요!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "비밀번호를 입력해주세요!",
+    "Please load the webpage using HTTPS, otherwise the camera cannot be accessed": "Please load the webpage using HTTPS, otherwise the camera cannot be accessed",
+    "Please provide permission to access the camera": "Please provide permission to access the camera",
     "Please select an organization": "Please select an organization",
     "Please select an organization to sign in": "Please select an organization to sign in",
     "Please type an organization to sign in": "Please type an organization to sign in",
     "Redirecting, please wait.": "리디렉팅 중입니다. 잠시 기다려주세요.",
     "Sign In": "로그인",
+    "Sign in with Face ID": "Sign in with Face ID",
     "Sign in with WebAuthn": "WebAuthn으로 로그인하세요",
     "Sign in with {type}": "{type}로 로그인하세요",
     "Signing in...": "로그인 중...",
     "Successfully logged in with WebAuthn credentials": "WebAuthn 자격 증명으로 로그인 성공적으로 수행했습니다",
+    "The camera is currently in use by another webpage": "The camera is currently in use by another webpage",
     "The input is not valid Email or phone number!": "입력한 값은 유효한 이메일 또는 전화번호가 아닙니다!",
     "The input is not valid Email!": "The input is not valid Email!",
     "The input is not valid phone number!": "The input is not valid phone number!",
@@ -858,6 +871,7 @@
     "Test Email - Tooltip": "테스트 메일을 받을 이메일 주소",
     "Test SMTP Connection": "테스트 SMTP 연결",
     "Third-party": "Third-party",
+    "This field is required": "This field is required",
     "Token URL": "토큰 URL",
     "Token URL - Tooltip": "토큰 URL",
     "Type": "타입",
@@ -877,7 +891,9 @@
     "admin (Shared)": "관리자 (공유)"
   },
   "record": {
-    "Is triggered": "Is triggered"
+    "Is triggered": "Is triggered",
+    "Object": "Object",
+    "Response": "Response"
   },
   "resource": {
     "Copy Link": "링크 복사하기",
@@ -1069,6 +1085,8 @@
     "Email cannot be empty": "이메일은 비어 있을 수 없습니다",
     "Email/phone reset successfully": "이메일/전화 초기화가 성공적으로 완료되었습니다",
     "Empty input!": "빈 입력!",
+    "Face ID": "Face ID",
+    "Face IDs": "Face IDs",
     "Gender": "Gender",
     "Gender - Tooltip": "Gender - Tooltip",
     "Homepage": "사용자의 홈페이지",
@@ -1146,6 +1164,9 @@
     "WebAuthn credentials": "웹 인증 자격증명",
     "input password": "비밀번호를 입력해주세요"
   },
+  "verification": {
+    "Receiver": "Receiver"
+  },
   "webhook": {
     "Content type": "콘텐츠 유형",
     "Content type - Tooltip": "콘텐츠 유형",

web/src/locales/ms/data.json

@@ -181,6 +181,7 @@
     "Adapter - Tooltip": "Table name of the policy store",
     "Adapters": "Adapters",
     "Add": "Add",
+    "Add Face Id": "Add Face Id",
     "Add custom item": "Add custom item",
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
@@ -234,6 +235,7 @@
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
     "Enforcers": "Enforcers",
+    "FaceIdData": "FaceIdData",
     "Failed to add": "Failed to add",
     "Failed to connect to server": "Failed to connect to server",
     "Failed to delete": "Failed to delete",
@@ -390,6 +392,7 @@
     "User type - Tooltip": "Tags that the user belongs to, defaulting to \"normal-user\"",
     "Users": "Users",
     "Users under all organizations": "Users under all organizations",
+    "Verifications": "Verifications",
     "Webhooks": "Webhooks",
     "You can only select one physical group": "You can only select one physical group",
     "empty": "empty",
@@ -460,6 +463,9 @@
     "Continue with": "Continue with",
     "Email": "Email",
     "Email or phone": "Email or phone",
+    "Face ID": "Face ID",
+    "Face Recognition": "Face Recognition",
+    "Face recognition failed": "Face recognition failed",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Forgot password?",
@@ -469,9 +475,12 @@
     "Logging out...": "Logging out...",
     "Login button": "Login button",
     "MetaMask plugin not detected": "MetaMask plugin not detected",
+    "Model loading failure": "Model loading failure",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
     "Phone": "Phone",
+    "Please ensure sufficient lighting and align your face in the center of the recognition box": "Please ensure sufficient lighting and align your face in the center of the recognition box",
+    "Please ensure that you have a camera device for facial recognition": "Please ensure that you have a camera device for facial recognition",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
     "Please input your Email!": "Please input your Email!",
     "Please input your LDAP username!": "Please input your LDAP username!",
@@ -479,15 +488,19 @@
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
+    "Please load the webpage using HTTPS, otherwise the camera cannot be accessed": "Please load the webpage using HTTPS, otherwise the camera cannot be accessed",
+    "Please provide permission to access the camera": "Please provide permission to access the camera",
     "Please select an organization": "Please select an organization",
     "Please select an organization to sign in": "Please select an organization to sign in",
     "Please type an organization to sign in": "Please type an organization to sign in",
     "Redirecting, please wait.": "Redirecting, please wait.",
     "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
     "Sign in with WebAuthn": "Sign in with WebAuthn",
     "Sign in with {type}": "Sign in with {type}",
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
+    "The camera is currently in use by another webpage": "The camera is currently in use by another webpage",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
     "The input is not valid Email!": "The input is not valid Email!",
     "The input is not valid phone number!": "The input is not valid phone number!",
@@ -858,6 +871,7 @@
     "Test Email - Tooltip": "Email address to receive test mails",
     "Test SMTP Connection": "Test SMTP Connection",
     "Third-party": "Third-party",
+    "This field is required": "This field is required",
     "Token URL": "Token URL",
     "Token URL - Tooltip": "Token URL",
     "Type": "Type",
@@ -877,7 +891,9 @@
     "admin (Shared)": "admin (Shared)"
   },
   "record": {
-    "Is triggered": "Is triggered"
+    "Is triggered": "Is triggered",
+    "Object": "Object",
+    "Response": "Response"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1069,6 +1085,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email/phone reset successfully": "Email/phone reset successfully",
     "Empty input!": "Empty input!",
+    "Face ID": "Face ID",
+    "Face IDs": "Face IDs",
     "Gender": "Gender",
     "Gender - Tooltip": "Gender - Tooltip",
     "Homepage": "Homepage",
@@ -1146,6 +1164,9 @@
     "WebAuthn credentials": "WebAuthn credentials",
     "input password": "input password"
   },
+  "verification": {
+    "Receiver": "Receiver"
+  },
   "webhook": {
     "Content type": "Content type",
     "Content type - Tooltip": "Content type",

web/src/locales/nl/data.json

@@ -181,6 +181,7 @@
     "Adapter - Tooltip": "Table name of the policy store",
     "Adapters": "Adapters",
     "Add": "Add",
+    "Add Face Id": "Add Face Id",
     "Add custom item": "Add custom item",
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
@@ -234,6 +235,7 @@
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
     "Enforcers": "Enforcers",
+    "FaceIdData": "FaceIdData",
     "Failed to add": "Failed to add",
     "Failed to connect to server": "Failed to connect to server",
     "Failed to delete": "Failed to delete",
@@ -390,6 +392,7 @@
     "User type - Tooltip": "Tags that the user belongs to, defaulting to \"normal-user\"",
     "Users": "Users",
     "Users under all organizations": "Users under all organizations",
+    "Verifications": "Verifications",
     "Webhooks": "Webhooks",
     "You can only select one physical group": "You can only select one physical group",
     "empty": "empty",
@@ -460,6 +463,9 @@
     "Continue with": "Continue with",
     "Email": "Email",
     "Email or phone": "Email or phone",
+    "Face ID": "Face ID",
+    "Face Recognition": "Face Recognition",
+    "Face recognition failed": "Face recognition failed",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Forgot password?",
@@ -469,9 +475,12 @@
     "Logging out...": "Logging out...",
     "Login button": "Login button",
     "MetaMask plugin not detected": "MetaMask plugin not detected",
+    "Model loading failure": "Model loading failure",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
     "Phone": "Phone",
+    "Please ensure sufficient lighting and align your face in the center of the recognition box": "Please ensure sufficient lighting and align your face in the center of the recognition box",
+    "Please ensure that you have a camera device for facial recognition": "Please ensure that you have a camera device for facial recognition",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
     "Please input your Email!": "Please input your Email!",
     "Please input your LDAP username!": "Please input your LDAP username!",
@@ -479,15 +488,19 @@
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
+    "Please load the webpage using HTTPS, otherwise the camera cannot be accessed": "Please load the webpage using HTTPS, otherwise the camera cannot be accessed",
+    "Please provide permission to access the camera": "Please provide permission to access the camera",
     "Please select an organization": "Please select an organization",
     "Please select an organization to sign in": "Please select an organization to sign in",
     "Please type an organization to sign in": "Please type an organization to sign in",
     "Redirecting, please wait.": "Redirecting, please wait.",
     "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
     "Sign in with WebAuthn": "Sign in with WebAuthn",
     "Sign in with {type}": "Sign in with {type}",
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
+    "The camera is currently in use by another webpage": "The camera is currently in use by another webpage",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
     "The input is not valid Email!": "The input is not valid Email!",
     "The input is not valid phone number!": "The input is not valid phone number!",
@@ -858,6 +871,7 @@
     "Test Email - Tooltip": "Email address to receive test mails",
     "Test SMTP Connection": "Test SMTP Connection",
     "Third-party": "Third-party",
+    "This field is required": "This field is required",
     "Token URL": "Token URL",
     "Token URL - Tooltip": "Token URL",
     "Type": "Type",
@@ -877,7 +891,9 @@
     "admin (Shared)": "admin (Shared)"
   },
   "record": {
-    "Is triggered": "Is triggered"
+    "Is triggered": "Is triggered",
+    "Object": "Object",
+    "Response": "Response"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1069,6 +1085,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email/phone reset successfully": "Email/phone reset successfully",
     "Empty input!": "Empty input!",
+    "Face ID": "Face ID",
+    "Face IDs": "Face IDs",
     "Gender": "Gender",
     "Gender - Tooltip": "Gender - Tooltip",
     "Homepage": "Homepage",
@@ -1146,6 +1164,9 @@
     "WebAuthn credentials": "WebAuthn credentials",
     "input password": "input password"
   },
+  "verification": {
+    "Receiver": "Receiver"
+  },
   "webhook": {
     "Content type": "Content type",
     "Content type - Tooltip": "Content type",

web/src/locales/pl/data.json

@@ -181,6 +181,7 @@
     "Adapter - Tooltip": "Table name of the policy store",
     "Adapters": "Adapters",
     "Add": "Add",
+    "Add Face Id": "Add Face Id",
     "Add custom item": "Add custom item",
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
@@ -234,6 +235,7 @@
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
     "Enforcers": "Enforcers",
+    "FaceIdData": "FaceIdData",
     "Failed to add": "Failed to add",
     "Failed to connect to server": "Failed to connect to server",
     "Failed to delete": "Failed to delete",
@@ -390,6 +392,7 @@
     "User type - Tooltip": "Tags that the user belongs to, defaulting to \"normal-user\"",
     "Users": "Users",
     "Users under all organizations": "Users under all organizations",
+    "Verifications": "Verifications",
     "Webhooks": "Webhooks",
     "You can only select one physical group": "You can only select one physical group",
     "empty": "empty",
@@ -460,6 +463,9 @@
     "Continue with": "Continue with",
     "Email": "Email",
     "Email or phone": "Email or phone",
+    "Face ID": "Face ID",
+    "Face Recognition": "Face Recognition",
+    "Face recognition failed": "Face recognition failed",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Forgot password?",
@@ -469,9 +475,12 @@
     "Logging out...": "Logging out...",
     "Login button": "Login button",
     "MetaMask plugin not detected": "MetaMask plugin not detected",
+    "Model loading failure": "Model loading failure",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
     "Phone": "Phone",
+    "Please ensure sufficient lighting and align your face in the center of the recognition box": "Please ensure sufficient lighting and align your face in the center of the recognition box",
+    "Please ensure that you have a camera device for facial recognition": "Please ensure that you have a camera device for facial recognition",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
     "Please input your Email!": "Please input your Email!",
     "Please input your LDAP username!": "Please input your LDAP username!",
@@ -479,15 +488,19 @@
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
+    "Please load the webpage using HTTPS, otherwise the camera cannot be accessed": "Please load the webpage using HTTPS, otherwise the camera cannot be accessed",
+    "Please provide permission to access the camera": "Please provide permission to access the camera",
     "Please select an organization": "Please select an organization",
     "Please select an organization to sign in": "Please select an organization to sign in",
     "Please type an organization to sign in": "Please type an organization to sign in",
     "Redirecting, please wait.": "Redirecting, please wait.",
     "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
     "Sign in with WebAuthn": "Sign in with WebAuthn",
     "Sign in with {type}": "Sign in with {type}",
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
+    "The camera is currently in use by another webpage": "The camera is currently in use by another webpage",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
     "The input is not valid Email!": "The input is not valid Email!",
     "The input is not valid phone number!": "The input is not valid phone number!",
@@ -858,6 +871,7 @@
     "Test Email - Tooltip": "Email address to receive test mails",
     "Test SMTP Connection": "Test SMTP Connection",
     "Third-party": "Third-party",
+    "This field is required": "This field is required",
     "Token URL": "Token URL",
     "Token URL - Tooltip": "Token URL",
     "Type": "Type",
@@ -877,7 +891,9 @@
     "admin (Shared)": "admin (Shared)"
   },
   "record": {
-    "Is triggered": "Is triggered"
+    "Is triggered": "Is triggered",
+    "Object": "Object",
+    "Response": "Response"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1069,6 +1085,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email/phone reset successfully": "Email/phone reset successfully",
     "Empty input!": "Empty input!",
+    "Face ID": "Face ID",
+    "Face IDs": "Face IDs",
     "Gender": "Gender",
     "Gender - Tooltip": "Gender - Tooltip",
     "Homepage": "Homepage",
@@ -1146,6 +1164,9 @@
     "WebAuthn credentials": "WebAuthn credentials",
     "input password": "input password"
   },
+  "verification": {
+    "Receiver": "Receiver"
+  },
   "webhook": {
     "Content type": "Content type",
     "Content type - Tooltip": "Content type",

web/src/locales/pt/data.json

@@ -181,6 +181,7 @@
     "Adapter - Tooltip": "Nome da tabela do armazenamento de políticas",
     "Adapters": "Adaptadores",
     "Add": "Adicionar",
+    "Add Face Id": "Add Face Id",
     "Add custom item": "Add custom item",
     "Admin": "Admin",
     "Affiliation URL": "URL da Afiliação",
@@ -234,6 +235,7 @@
     "Enabled": "Habilitado",
     "Enabled successfully": "Habilitado com sucesso",
     "Enforcers": "Enforcers",
+    "FaceIdData": "FaceIdData",
     "Failed to add": "Falha ao adicionar",
     "Failed to connect to server": "Falha ao conectar ao servidor",
     "Failed to delete": "Falha ao excluir",
@@ -390,6 +392,7 @@
     "User type - Tooltip": "Tags às quais o usuário pertence, com valor padrão de \"usuário-normal\"",
     "Users": "Usuários",
     "Users under all organizations": "Usuários em todas as organizações",
+    "Verifications": "Verifications",
     "Webhooks": "Webhooks",
     "You can only select one physical group": "You can only select one physical group",
     "empty": "vazio",
@@ -460,6 +463,9 @@
     "Continue with": "Continuar com",
     "Email": "Email",
     "Email or phone": "Email ou telefone",
+    "Face ID": "Face ID",
+    "Face Recognition": "Face Recognition",
+    "Face recognition failed": "Face recognition failed",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Esqueceu a senha?",
@@ -469,9 +475,12 @@
     "Logging out...": "Saindo...",
     "Login button": "Login button",
     "MetaMask plugin not detected": "MetaMask plugin not detected",
+    "Model loading failure": "Model loading failure",
     "No account?": "Não possui uma conta?",
     "Or sign in with another account": "Ou entre com outra conta",
     "Phone": "Phone",
+    "Please ensure sufficient lighting and align your face in the center of the recognition box": "Please ensure sufficient lighting and align your face in the center of the recognition box",
+    "Please ensure that you have a camera device for facial recognition": "Please ensure that you have a camera device for facial recognition",
     "Please input your Email or Phone!": "Por favor, informe seu email ou telefone!",
     "Please input your Email!": "Please input your Email!",
     "Please input your LDAP username!": "Please input your LDAP username!",
@@ -479,15 +488,19 @@
     "Please input your code!": "Por favor, informe o código!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Por favor, informe sua senha!",
+    "Please load the webpage using HTTPS, otherwise the camera cannot be accessed": "Please load the webpage using HTTPS, otherwise the camera cannot be accessed",
+    "Please provide permission to access the camera": "Please provide permission to access the camera",
     "Please select an organization": "Please select an organization",
     "Please select an organization to sign in": "Please select an organization to sign in",
     "Please type an organization to sign in": "Please type an organization to sign in",
     "Redirecting, please wait.": "Redirecionando, por favor aguarde.",
     "Sign In": "Entrar",
+    "Sign in with Face ID": "Sign in with Face ID",
     "Sign in with WebAuthn": "Entrar com WebAuthn",
     "Sign in with {type}": "Entrar com {type}",
     "Signing in...": "Entrando...",
     "Successfully logged in with WebAuthn credentials": "Logado com sucesso usando credenciais WebAuthn",
+    "The camera is currently in use by another webpage": "The camera is currently in use by another webpage",
     "The input is not valid Email or phone number!": "O valor inserido não é um email ou número de telefone válido!",
     "The input is not valid Email!": "The input is not valid Email!",
     "The input is not valid phone number!": "The input is not valid phone number!",
@@ -858,6 +871,7 @@
     "Test Email - Tooltip": "Endereço de e-mail para receber e-mails de teste",
     "Test SMTP Connection": "Testar Conexão SMTP",
     "Third-party": "Terceiros",
+    "This field is required": "This field is required",
     "Token URL": "URL do Token",
     "Token URL - Tooltip": "URL do Token",
     "Type": "Tipo",
@@ -877,7 +891,9 @@
     "admin (Shared)": "admin (Compartilhado)"
   },
   "record": {
-    "Is triggered": "Is triggered"
+    "Is triggered": "Is triggered",
+    "Object": "Object",
+    "Response": "Response"
   },
   "resource": {
     "Copy Link": "Copiar Link",
@@ -1069,6 +1085,8 @@
     "Email cannot be empty": "O e-mail não pode ficar em branco",
     "Email/phone reset successfully": "Redefinição de e-mail/telefone com sucesso",
     "Empty input!": "Entrada vazia!",
+    "Face ID": "Face ID",
+    "Face IDs": "Face IDs",
     "Gender": "Gênero",
     "Gender - Tooltip": "Gênero - Tooltip",
     "Homepage": "Página inicial",
@@ -1146,6 +1164,9 @@
     "WebAuthn credentials": "Credenciais WebAuthn",
     "input password": "Digite a senha"
   },
+  "verification": {
+    "Receiver": "Receiver"
+  },
   "webhook": {
     "Content type": "Tipo de conteúdo",
     "Content type - Tooltip": "Tipo de conteúdo",

web/src/locales/ru/data.json

@@ -181,6 +181,7 @@
     "Adapter - Tooltip": "Имя таблицы хранилища политик",
     "Adapters": "Адаптеры",
     "Add": "Добавить",
+    "Add Face Id": "Add Face Id",
     "Add custom item": "Add custom item",
     "Admin": "Admin",
     "Affiliation URL": "URL принадлежности",
@@ -234,6 +235,7 @@
     "Enabled": "Включено",
     "Enabled successfully": "Успешно включено",
     "Enforcers": "Контролёры доступа",
+    "FaceIdData": "FaceIdData",
     "Failed to add": "Не удалось добавить",
     "Failed to connect to server": "Не удалось подключиться к серверу",
     "Failed to delete": "Не удалось удалить",
@@ -390,6 +392,7 @@
     "User type - Tooltip": "Теги, к которым принадлежит пользователь, по умолчанию \"обычный пользователь\"",
     "Users": "Пользователи",
     "Users under all organizations": "Пользователи всех организаций",
+    "Verifications": "Verifications",
     "Webhooks": "Вебхуки",
     "You can only select one physical group": "You can only select one physical group",
     "empty": "пустые",
@@ -460,6 +463,9 @@
     "Continue with": "Продолжайте с",
     "Email": "Email",
     "Email or phone": "Электронная почта или телефон",
+    "Face ID": "Face ID",
+    "Face Recognition": "Face Recognition",
+    "Face recognition failed": "Face recognition failed",
     "Failed to obtain MetaMask authorization": "Не удалось получить авторизацию MetaMask",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Забыли пароль?",
@@ -469,9 +475,12 @@
     "Logging out...": "Выход...",
     "Login button": "Login button",
     "MetaMask plugin not detected": "MetaMask plugin not detected",
+    "Model loading failure": "Model loading failure",
     "No account?": "Нет аккаунта?",
     "Or sign in with another account": "Или войти с другой учетной записью",
     "Phone": "Phone",
+    "Please ensure sufficient lighting and align your face in the center of the recognition box": "Please ensure sufficient lighting and align your face in the center of the recognition box",
+    "Please ensure that you have a camera device for facial recognition": "Please ensure that you have a camera device for facial recognition",
     "Please input your Email or Phone!": "Пожалуйста, введите свой адрес электронной почты или номер телефона!",
     "Please input your Email!": "Please input your Email!",
     "Please input your LDAP username!": "Please input your LDAP username!",
@@ -479,15 +488,19 @@
     "Please input your code!": "Пожалуйста, введите свой код!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Пожалуйста, введите свой пароль!",
+    "Please load the webpage using HTTPS, otherwise the camera cannot be accessed": "Please load the webpage using HTTPS, otherwise the camera cannot be accessed",
+    "Please provide permission to access the camera": "Please provide permission to access the camera",
     "Please select an organization": "Please select an organization",
     "Please select an organization to sign in": "Please select an organization to sign in",
     "Please type an organization to sign in": "Please type an organization to sign in",
     "Redirecting, please wait.": "Перенаправление, пожалуйста, подождите.",
     "Sign In": "Войти",
+    "Sign in with Face ID": "Sign in with Face ID",
     "Sign in with WebAuthn": "Войти с помощью WebAuthn",
     "Sign in with {type}": "Войти с помощью {type}",
     "Signing in...": "Вход в систему...",
     "Successfully logged in with WebAuthn credentials": "Успешный вход с учетными данными WebAuthn",
+    "The camera is currently in use by another webpage": "The camera is currently in use by another webpage",
     "The input is not valid Email or phone number!": "Ввод не является действительным адресом электронной почты или телефонным номером!",
     "The input is not valid Email!": "The input is not valid Email!",
     "The input is not valid phone number!": "The input is not valid phone number!",
@@ -858,6 +871,7 @@
     "Test Email - Tooltip": "Адрес электронной почты для получения тестовых писем",
     "Test SMTP Connection": "Тестирование соединения SMTP",
     "Third-party": "Third-party",
+    "This field is required": "This field is required",
     "Token URL": "Токен URL (URL-адрес маркера)",
     "Token URL - Tooltip": "Токен URL",
     "Type": "Тип",
@@ -877,7 +891,9 @@
     "admin (Shared)": "администратор (общий)"
   },
   "record": {
-    "Is triggered": "Is triggered"
+    "Is triggered": "Is triggered",
+    "Object": "Object",
+    "Response": "Response"
   },
   "resource": {
     "Copy Link": "Копировать ссылку",
@@ -1069,6 +1085,8 @@
     "Email cannot be empty": "Email не может быть пустым",
     "Email/phone reset successfully": "Электронная почта / номер телефона успешно сброшены",
     "Empty input!": "Пустой ввод!",
+    "Face ID": "Face ID",
+    "Face IDs": "Face IDs",
     "Gender": "Gender",
     "Gender - Tooltip": "Gender - Tooltip",
     "Homepage": "Главная страница пользователя",
@@ -1146,6 +1164,9 @@
     "WebAuthn credentials": "WebAuthn удостоверения",
     "input password": "введите пароль"
   },
+  "verification": {
+    "Receiver": "Receiver"
+  },
   "webhook": {
     "Content type": "Тип содержания",
     "Content type - Tooltip": "Тип содержимого",

web/src/locales/sv/data.json

@@ -181,6 +181,7 @@
     "Adapter - Tooltip": "Table name of the policy store",
     "Adapters": "Adapters",
     "Add": "Add",
+    "Add Face Id": "Add Face Id",
     "Add custom item": "Add custom item",
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
@@ -234,6 +235,7 @@
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
     "Enforcers": "Enforcers",
+    "FaceIdData": "FaceIdData",
     "Failed to add": "Failed to add",
     "Failed to connect to server": "Failed to connect to server",
     "Failed to delete": "Failed to delete",
@@ -390,6 +392,7 @@
     "User type - Tooltip": "Tags that the user belongs to, defaulting to \"normal-user\"",
     "Users": "Users",
     "Users under all organizations": "Users under all organizations",
+    "Verifications": "Verifications",
     "Webhooks": "Webhooks",
     "You can only select one physical group": "You can only select one physical group",
     "empty": "empty",
@@ -460,6 +463,9 @@
     "Continue with": "Continue with",
     "Email": "Email",
     "Email or phone": "Email or phone",
+    "Face ID": "Face ID",
+    "Face Recognition": "Face Recognition",
+    "Face recognition failed": "Face recognition failed",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Forgot password?",
@@ -469,9 +475,12 @@
     "Logging out...": "Logging out...",
     "Login button": "Login button",
     "MetaMask plugin not detected": "MetaMask plugin not detected",
+    "Model loading failure": "Model loading failure",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
     "Phone": "Phone",
+    "Please ensure sufficient lighting and align your face in the center of the recognition box": "Please ensure sufficient lighting and align your face in the center of the recognition box",
+    "Please ensure that you have a camera device for facial recognition": "Please ensure that you have a camera device for facial recognition",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
     "Please input your Email!": "Please input your Email!",
     "Please input your LDAP username!": "Please input your LDAP username!",
@@ -479,15 +488,19 @@
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
+    "Please load the webpage using HTTPS, otherwise the camera cannot be accessed": "Please load the webpage using HTTPS, otherwise the camera cannot be accessed",
+    "Please provide permission to access the camera": "Please provide permission to access the camera",
     "Please select an organization": "Please select an organization",
     "Please select an organization to sign in": "Please select an organization to sign in",
     "Please type an organization to sign in": "Please type an organization to sign in",
     "Redirecting, please wait.": "Redirecting, please wait.",
     "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
     "Sign in with WebAuthn": "Sign in with WebAuthn",
     "Sign in with {type}": "Sign in with {type}",
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
+    "The camera is currently in use by another webpage": "The camera is currently in use by another webpage",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
     "The input is not valid Email!": "The input is not valid Email!",
     "The input is not valid phone number!": "The input is not valid phone number!",
@@ -858,6 +871,7 @@
     "Test Email - Tooltip": "Email address to receive test mails",
     "Test SMTP Connection": "Test SMTP Connection",
     "Third-party": "Third-party",
+    "This field is required": "This field is required",
     "Token URL": "Token URL",
     "Token URL - Tooltip": "Token URL",
     "Type": "Type",
@@ -877,7 +891,9 @@
     "admin (Shared)": "admin (Shared)"
   },
   "record": {
-    "Is triggered": "Is triggered"
+    "Is triggered": "Is triggered",
+    "Object": "Object",
+    "Response": "Response"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1069,6 +1085,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email/phone reset successfully": "Email/phone reset successfully",
     "Empty input!": "Empty input!",
+    "Face ID": "Face ID",
+    "Face IDs": "Face IDs",
     "Gender": "Gender",
     "Gender - Tooltip": "Gender - Tooltip",
     "Homepage": "Homepage",
@@ -1146,6 +1164,9 @@
     "WebAuthn credentials": "WebAuthn credentials",
     "input password": "input password"
   },
+  "verification": {
+    "Receiver": "Receiver"
+  },
   "webhook": {
     "Content type": "Content type",
     "Content type - Tooltip": "Content type",

web/src/locales/tr/data.json

@@ -181,6 +181,7 @@
     "Adapter - Tooltip": "Table name of the policy store",
     "Adapters": "Adapters",
     "Add": "Ekle",
+    "Add Face Id": "Add Face Id",
     "Add custom item": "Add custom item",
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
@@ -234,6 +235,7 @@
     "Enabled": "Etkin",
     "Enabled successfully": "Başarıyla etkinleştirildi",
     "Enforcers": "Enforcers",
+    "FaceIdData": "FaceIdData",
     "Failed to add": "Ekleme başarısız oldu.",
     "Failed to connect to server": "Sunucuya bağlanılamıyor",
     "Failed to delete": "Silme başarısız oldu",
@@ -390,6 +392,7 @@
     "User type - Tooltip": "Tags that the user belongs to, defaulting to \"normal-user\"",
     "Users": "Kullanıcılar",
     "Users under all organizations": "Users under all organizations",
+    "Verifications": "Verifications",
     "Webhooks": "Webhooks",
     "You can only select one physical group": "You can only select one physical group",
     "empty": "empty",
@@ -460,6 +463,9 @@
     "Continue with": "İle devam et",
     "Email": "E-Posta",
     "Email or phone": "E-posta veya telefon",
+    "Face ID": "Face ID",
+    "Face Recognition": "Face Recognition",
+    "Face recognition failed": "Face recognition failed",
     "Failed to obtain MetaMask authorization": "Metamask yetkilendirmesi başarısız",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Şifrenizi mi unuttunuz?",
@@ -469,9 +475,12 @@
     "Logging out...": "Çıkış yapılıyor...",
     "Login button": "Login button",
     "MetaMask plugin not detected": "Metamask plugin-in bulunamadı",
+    "Model loading failure": "Model loading failure",
     "No account?": "Hesabınız yok mu?",
     "Or sign in with another account": "Veya başka bir hesapla giriş yapın",
     "Phone": "Telefon",
+    "Please ensure sufficient lighting and align your face in the center of the recognition box": "Please ensure sufficient lighting and align your face in the center of the recognition box",
+    "Please ensure that you have a camera device for facial recognition": "Please ensure that you have a camera device for facial recognition",
     "Please input your Email or Phone!": "Lütfen Telefon numaranızı ya da E-Posta adresinizi giriniz!",
     "Please input your Email!": "Eposta adresinizi girin!",
     "Please input your LDAP username!": "Please input your LDAP username!",
@@ -479,15 +488,19 @@
     "Please input your code!": "Lütfen size gönderilen kodu girin!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Lütfen şifrenizi girin!",
+    "Please load the webpage using HTTPS, otherwise the camera cannot be accessed": "Please load the webpage using HTTPS, otherwise the camera cannot be accessed",
+    "Please provide permission to access the camera": "Please provide permission to access the camera",
     "Please select an organization": "Please select an organization",
     "Please select an organization to sign in": "Please select an organization to sign in",
     "Please type an organization to sign in": "Please type an organization to sign in",
     "Redirecting, please wait.": "Yönlendiriliyor, lütfen bekleyiniz.",
     "Sign In": "Oturum aç",
+    "Sign in with Face ID": "Sign in with Face ID",
     "Sign in with WebAuthn": "Sign in with WebAuthn",
     "Sign in with {type}": "{type} ile giriş yap",
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
+    "The camera is currently in use by another webpage": "The camera is currently in use by another webpage",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
     "The input is not valid Email!": "The input is not valid Email!",
     "The input is not valid phone number!": "The input is not valid phone number!",
@@ -858,6 +871,7 @@
     "Test Email - Tooltip": "Email address to receive test mails",
     "Test SMTP Connection": "Test SMTP Connection",
     "Third-party": "Third-party",
+    "This field is required": "This field is required",
     "Token URL": "Token URL",
     "Token URL - Tooltip": "Token URL",
     "Type": "Type",
@@ -877,7 +891,9 @@
     "admin (Shared)": "admin (Shared)"
   },
   "record": {
-    "Is triggered": "Is triggered"
+    "Is triggered": "Is triggered",
+    "Object": "Object",
+    "Response": "Response"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1069,6 +1085,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email/phone reset successfully": "Email/phone reset successfully",
     "Empty input!": "Empty input!",
+    "Face ID": "Face ID",
+    "Face IDs": "Face IDs",
     "Gender": "Gender",
     "Gender - Tooltip": "Gender - Tooltip",
     "Homepage": "Homepage",
@@ -1146,6 +1164,9 @@
     "WebAuthn credentials": "WebAuthn credentials",
     "input password": "şifreyi girin"
   },
+  "verification": {
+    "Receiver": "Receiver"
+  },
   "webhook": {
     "Content type": "Content type",
     "Content type - Tooltip": "Content type",

web/src/locales/uk/data.json

@@ -181,6 +181,7 @@
     "Adapter - Tooltip": "Table name of the policy store",
     "Adapters": "Adapters",
     "Add": "Add",
+    "Add Face Id": "Add Face Id",
     "Add custom item": "Add custom item",
     "Admin": "Admin",
     "Affiliation URL": "Affiliation URL",
@@ -234,6 +235,7 @@
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
     "Enforcers": "Enforcers",
+    "FaceIdData": "FaceIdData",
     "Failed to add": "Failed to add",
     "Failed to connect to server": "Failed to connect to server",
     "Failed to delete": "Failed to delete",
@@ -390,6 +392,7 @@
     "User type - Tooltip": "Tags that the user belongs to, defaulting to \"normal-user\"",
     "Users": "Users",
     "Users under all organizations": "Users under all organizations",
+    "Verifications": "Verifications",
     "Webhooks": "Webhooks",
     "You can only select one physical group": "You can only select one physical group",
     "empty": "empty",
@@ -460,6 +463,9 @@
     "Continue with": "Continue with",
     "Email": "Email",
     "Email or phone": "Email or phone",
+    "Face ID": "Face ID",
+    "Face Recognition": "Face Recognition",
+    "Face recognition failed": "Face recognition failed",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Forgot password?",
@@ -469,9 +475,12 @@
     "Logging out...": "Logging out...",
     "Login button": "Login button",
     "MetaMask plugin not detected": "MetaMask plugin not detected",
+    "Model loading failure": "Model loading failure",
     "No account?": "No account?",
     "Or sign in with another account": "Or sign in with another account",
     "Phone": "Phone",
+    "Please ensure sufficient lighting and align your face in the center of the recognition box": "Please ensure sufficient lighting and align your face in the center of the recognition box",
+    "Please ensure that you have a camera device for facial recognition": "Please ensure that you have a camera device for facial recognition",
     "Please input your Email or Phone!": "Please input your Email or Phone!",
     "Please input your Email!": "Please input your Email!",
     "Please input your LDAP username!": "Please input your LDAP username!",
@@ -479,15 +488,19 @@
     "Please input your code!": "Please input your code!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Please input your password!",
+    "Please load the webpage using HTTPS, otherwise the camera cannot be accessed": "Please load the webpage using HTTPS, otherwise the camera cannot be accessed",
+    "Please provide permission to access the camera": "Please provide permission to access the camera",
     "Please select an organization": "Please select an organization",
     "Please select an organization to sign in": "Please select an organization to sign in",
     "Please type an organization to sign in": "Please type an organization to sign in",
     "Redirecting, please wait.": "Redirecting, please wait.",
     "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
     "Sign in with WebAuthn": "Sign in with WebAuthn",
     "Sign in with {type}": "Sign in with {type}",
     "Signing in...": "Signing in...",
     "Successfully logged in with WebAuthn credentials": "Successfully logged in with WebAuthn credentials",
+    "The camera is currently in use by another webpage": "The camera is currently in use by another webpage",
     "The input is not valid Email or phone number!": "The input is not valid Email or phone number!",
     "The input is not valid Email!": "The input is not valid Email!",
     "The input is not valid phone number!": "The input is not valid phone number!",
@@ -858,6 +871,7 @@
     "Test Email - Tooltip": "Email address to receive test mails",
     "Test SMTP Connection": "Test SMTP Connection",
     "Third-party": "Third-party",
+    "This field is required": "This field is required",
     "Token URL": "Token URL",
     "Token URL - Tooltip": "Token URL",
     "Type": "Type",
@@ -877,7 +891,9 @@
     "admin (Shared)": "admin (Shared)"
   },
   "record": {
-    "Is triggered": "Is triggered"
+    "Is triggered": "Is triggered",
+    "Object": "Object",
+    "Response": "Response"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1069,6 +1085,8 @@
     "Email cannot be empty": "Email cannot be empty",
     "Email/phone reset successfully": "Email/phone reset successfully",
     "Empty input!": "Empty input!",
+    "Face ID": "Face ID",
+    "Face IDs": "Face IDs",
     "Gender": "Gender",
     "Gender - Tooltip": "Gender - Tooltip",
     "Homepage": "Homepage",
@@ -1146,6 +1164,9 @@
     "WebAuthn credentials": "WebAuthn credentials",
     "input password": "input password"
   },
+  "verification": {
+    "Receiver": "Receiver"
+  },
   "webhook": {
     "Content type": "Content type",
     "Content type - Tooltip": "Content type",

web/src/locales/vi/data.json

@@ -181,6 +181,7 @@
     "Adapter - Tooltip": "Tên bảng của kho lưu trữ chính sách",
     "Adapters": "Bộ chuyển đổi",
     "Add": "Tạo mới",
+    "Add Face Id": "Add Face Id",
     "Add custom item": "Add custom item",
     "Admin": "Admin",
     "Affiliation URL": "Đường dẫn liên kết liên kết",
@@ -234,6 +235,7 @@
     "Enabled": "Enabled",
     "Enabled successfully": "Enabled successfully",
     "Enforcers": "Enforcers",
+    "FaceIdData": "FaceIdData",
     "Failed to add": "Không thể thêm được",
     "Failed to connect to server": "Không thể kết nối đến máy chủ",
     "Failed to delete": "Không thể xoá",
@@ -390,6 +392,7 @@
     "User type - Tooltip": "Các thẻ mà người dùng thuộc vào, mặc định là \"người dùng bình thường\"",
     "Users": "Người dùng",
     "Users under all organizations": "Người dùng trong tất cả các tổ chức",
+    "Verifications": "Verifications",
     "Webhooks": "Webhooks",
     "You can only select one physical group": "You can only select one physical group",
     "empty": "trống",
@@ -460,6 +463,9 @@
     "Continue with": "Tiếp tục với",
     "Email": "Email",
     "Email or phone": "Email hoặc điện thoại",
+    "Face ID": "Face ID",
+    "Face Recognition": "Face Recognition",
+    "Face recognition failed": "Face recognition failed",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Quên mật khẩu?",
@@ -469,9 +475,12 @@
     "Logging out...": "Đăng xuất ...",
     "Login button": "Login button",
     "MetaMask plugin not detected": "MetaMask plugin not detected",
+    "Model loading failure": "Model loading failure",
     "No account?": "Không có tài khoản?",
     "Or sign in with another account": "Hoặc đăng nhập bằng tài khoản khác",
     "Phone": "Phone",
+    "Please ensure sufficient lighting and align your face in the center of the recognition box": "Please ensure sufficient lighting and align your face in the center of the recognition box",
+    "Please ensure that you have a camera device for facial recognition": "Please ensure that you have a camera device for facial recognition",
     "Please input your Email or Phone!": "Vui lòng nhập địa chỉ Email hoặc số điện thoại của bạn!",
     "Please input your Email!": "Please input your Email!",
     "Please input your LDAP username!": "Please input your LDAP username!",
@@ -479,15 +488,19 @@
     "Please input your code!": "Vui lòng nhập mã của bạn!",
     "Please input your organization name!": "Please input your organization name!",
     "Please input your password!": "Vui lòng nhập mật khẩu của bạn!",
+    "Please load the webpage using HTTPS, otherwise the camera cannot be accessed": "Please load the webpage using HTTPS, otherwise the camera cannot be accessed",
+    "Please provide permission to access the camera": "Please provide permission to access the camera",
     "Please select an organization": "Please select an organization",
     "Please select an organization to sign in": "Please select an organization to sign in",
     "Please type an organization to sign in": "Please type an organization to sign in",
     "Redirecting, please wait.": "Đang chuyển hướng, vui lòng đợi.",
     "Sign In": "Đăng nhập",
+    "Sign in with Face ID": "Sign in with Face ID",
     "Sign in with WebAuthn": "Đăng nhập với WebAuthn",
     "Sign in with {type}": "Đăng nhập bằng {type}",
     "Signing in...": "Đăng nhập...",
     "Successfully logged in with WebAuthn credentials": "Đã đăng nhập thành công với thông tin WebAuthn",
+    "The camera is currently in use by another webpage": "The camera is currently in use by another webpage",
     "The input is not valid Email or phone number!": "Đầu vào không phải là địa chỉ Email hoặc số điện thoại hợp lệ!",
     "The input is not valid Email!": "The input is not valid Email!",
     "The input is not valid phone number!": "The input is not valid phone number!",
@@ -858,6 +871,7 @@
     "Test Email - Tooltip": "Địa chỉ email để nhận thư kiểm tra",
     "Test SMTP Connection": "Kiểm tra kết nối SMTP",
     "Third-party": "Bên thứ ba",
+    "This field is required": "This field is required",
     "Token URL": "Đường dẫn mã thông báo",
     "Token URL - Tooltip": "Địa chỉ của mã thông báo",
     "Type": "Kiểu",
@@ -877,7 +891,9 @@
     "admin (Shared)": "quản trị viên (Chung)"
   },
   "record": {
-    "Is triggered": "Is triggered"
+    "Is triggered": "Is triggered",
+    "Object": "Object",
+    "Response": "Response"
   },
   "resource": {
     "Copy Link": "Sao chép liên kết",
@@ -1069,6 +1085,8 @@
     "Email cannot be empty": "Email không được để trống",
     "Email/phone reset successfully": "Đặt lại email/điện thoại thành công",
     "Empty input!": "Đầu vào trống!",
+    "Face ID": "Face ID",
+    "Face IDs": "Face IDs",
     "Gender": "Gender",
     "Gender - Tooltip": "Gender - Tooltip",
     "Homepage": "Trang chủ của người dùng",
@@ -1146,6 +1164,9 @@
     "WebAuthn credentials": "Chứng chỉ WebAuthn",
     "input password": "Nhập mật khẩu"
   },
+  "verification": {
+    "Receiver": "Receiver"
+  },
   "webhook": {
     "Content type": "Loại nội dung",
     "Content type - Tooltip": "Loại nội dung",

web/src/locales/zh/data.json

@@ -181,6 +181,7 @@
     "Adapter - Tooltip": "策略存储的表名",
     "Adapters": "Casbin适配器",
     "Add": "添加",
+    "Add Face Id": "添加人脸",
     "Add custom item": "添加自定义项",
     "Admin": "管理工具",
     "Affiliation URL": "工作单位URL",
@@ -234,6 +235,7 @@
     "Enabled": "已开启",
     "Enabled successfully": "启用成功",
     "Enforcers": "Casbin执行器",
+    "FaceIdData": "人脸数据",
     "Failed to add": "添加失败",
     "Failed to connect to server": "连接服务器失败",
     "Failed to delete": "删除失败",
@@ -390,6 +392,7 @@
     "User type - Tooltip": "用户所属的标签，默认为\"normal-user\"",
     "Users": "用户",
     "Users under all organizations": "所有组织里的用户",
+    "Verifications": "验证",
     "Webhooks": "Webhooks",
     "You can only select one physical group": "只能选择一个实体组",
     "empty": "无",
@@ -460,6 +463,9 @@
     "Continue with": "使用以下账号继续",
     "Email": "Email",
     "Email or phone": "Email或手机号",
+    "Face ID": "Face ID",
+    "Face Recognition": "人脸识别",
+    "Face recognition failed": "人脸识别失败",
     "Failed to obtain MetaMask authorization": "获取MetaMask授权失败",
     "Failed to obtain Web3-Onboard authorization": "获取 Web3-Onboard 授权失败",
     "Forgot password?": "忘记密码？",
@@ -469,9 +475,12 @@
     "Logging out...": "正在退出登录...",
     "Login button": "登录按钮",
     "MetaMask plugin not detected": "未检测到MetaMask插件",
+    "Model loading failure": "人脸识别模型加载失败",
     "No account?": "没有账号？",
     "Or sign in with another account": "或者，登录其他账号",
     "Phone": "手机号",
+    "Please ensure sufficient lighting and align your face in the center of the recognition box": "请保证环境光线充足，并将人脸置于识别框中心位置",
+    "Please ensure that you have a camera device for facial recognition": "请检查是否有可用的摄像头设备以进行人脸识别",
     "Please input your Email or Phone!": "请输入您的Email或手机号!",
     "Please input your Email!": "请输入您的Email!",
     "Please input your LDAP username!": "请输入您的LDAP用户名!",
@@ -479,15 +488,19 @@
     "Please input your code!": "请输入您的验证码！",
     "Please input your organization name!": "请输入组织的名字!",
     "Please input your password!": "请输入您的密码！",
+    "Please load the webpage using HTTPS, otherwise the camera cannot be accessed": "请使用HTTPS加载网页，否则无法使用摄像头",
+    "Please provide permission to access the camera": "请打开摄像头访问权限",
     "Please select an organization": "请选择一个组织",
     "Please select an organization to sign in": "请选择要登录的组织",
     "Please type an organization to sign in": "请输入要登录的组织",
     "Redirecting, please wait.": "正在跳转, 请稍等.",
     "Sign In": "登录",
+    "Sign in with Face ID": "人脸登录",
     "Sign in with WebAuthn": "WebAuthn登录",
     "Sign in with {type}": "{type}登录",
     "Signing in...": "正在登录...",
     "Successfully logged in with WebAuthn credentials": "成功使用WebAuthn证书登录",
+    "The camera is currently in use by another webpage": "摄像头被占用，无法使用",
     "The input is not valid Email or phone number!": "您输入的电子邮箱格式或手机号有误！",
     "The input is not valid Email!": "您输入的电子邮箱格式有误!",
     "The input is not valid phone number!": "您输入的手机号有误!",
@@ -858,6 +871,7 @@
     "Test Email - Tooltip": "接收测试邮件的Email邮箱",
     "Test SMTP Connection": "测试SMTP连接",
     "Third-party": "第三方",
+    "This field is required": "此字段是必需的",
     "Token URL": "Token URL",
     "Token URL - Tooltip": "自定义OAuth的Token URL",
     "Type": "类型",
@@ -877,7 +891,9 @@
     "admin (Shared)": "admin（共享）"
   },
   "record": {
-    "Is triggered": "是否触发"
+    "Is triggered": "是否触发",
+    "Object": "实体",
+    "Response": "响应"
   },
   "resource": {
     "Copy Link": "复制链接",
@@ -1069,6 +1085,8 @@
     "Email cannot be empty": "邮箱不能为空",
     "Email/phone reset successfully": "邮箱或手机号重置成功",
     "Empty input!": "输入为空！",
+    "Face ID": "Face ID",
+    "Face IDs": "Face IDs",
     "Gender": "性别",
     "Gender - Tooltip": "性别 - Tooltip",
     "Homepage": "个人主页",
@@ -1146,6 +1164,9 @@
     "WebAuthn credentials": "WebAuthn凭据",
     "input password": "输入密码"
   },
+  "verification": {
+    "Receiver": "接收者"
+  },
   "webhook": {
     "Content type": "内容类型",
     "Content type - Tooltip": "内容类型",

web/src/table/FaceIdTable.js

@@ -96,7 +96,7 @@ class FaceIdTable extends React.Component {
       <Table scroll={{x: "max-content"}} columns={columns} dataSource={this.props.table} size="middle" bordered pagination={false}
         title={() => (
           <div>
-            {i18next.t("user:Face ids")}&nbsp;&nbsp;&nbsp;&nbsp;
+            {i18next.t("user:Face IDs")}&nbsp;&nbsp;&nbsp;&nbsp;
             <Button disabled={this.props.table?.length >= 5} style={{marginRight: "5px"}} type="primary" size="small" onClick={() => this.setState({openFaceRecognitionModal: true})}>
               {i18next.t("general:Add Face Id")}
             </Button>