feat: use lowercase username when isUsernameLowered is enabled (#2952)

* feat: auto trim username during login and lowercase when isUsernameLowered enabled in conf

* fix: fix linter error

* fix: fix linter error

* fix: fix linter error

controllers/base.go

@@ -73,7 +73,7 @@ func (c *ApiController) IsAdminOrSelf(user2 *object.User) bool {
 
 func (c *ApiController) isGlobalAdmin() (bool, *object.User) {
 	username := c.GetSessionUsername()
-	if strings.HasPrefix(username, "app/") {
+	if object.IsAppUser(username) {
 		// e.g., "app/app-casnode"
 		return true, nil
 	}

controllers/service.go

@@ -120,7 +120,7 @@ func (c *ApiController) SendEmail() {
 	// "You have requested a verification code at Casdoor. Here is your code: %s, please enter in 5 minutes."
 	content = strings.Replace(content, "%s", code, 1)
 	userString := "Hi"
-	if !strings.HasPrefix(userId, "app/") {
+	if !object.IsAppUser(userId) {
 		var user *object.User
 		user, err = object.GetUser(userId)
 		if err != nil {

controllers/user.go

@@ -20,6 +20,7 @@ import (
 	"strings"
 
 	"github.com/beego/beego/utils/pagination"
+	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -293,6 +294,11 @@ func (c *ApiController) UpdateUser() {
 		return
 	}
 
+	isUsernameLowered := conf.GetConfigBool("isUsernameLowered")
+	if isUsernameLowered {
+		user.Name = strings.ToLower(user.Name)
+	}
+
 	isAdmin := c.IsAdmin()
 	if pass, err := object.CheckPermissionForUpdateUser(oldUser, &user, isAdmin, c.GetAcceptLanguage()); !pass {
 		c.ResponseError(err)

controllers/util.go

@@ -96,7 +96,7 @@ func (c *ApiController) RequireSignedInUser() (*object.User, bool) {
 		return nil, false
 	}
 
-	if strings.HasPrefix(userId, "app/") {
+	if object.IsAppUser(userId) {
 		tmpUserId := c.Input().Get("userId")
 		if tmpUserId != "" {
 			userId = tmpUserId
@@ -142,7 +142,7 @@ func (c *ApiController) IsOrgAdmin() (bool, bool) {
 		return false, true
 	}
 
-	if strings.HasPrefix(userId, "app/") {
+	if object.IsAppUser(userId) {
 		return true, true
 	}
 

controllers/verification.go

@@ -295,7 +295,7 @@ func (c *ApiController) SendVerificationCode() {
 			vform.CountryCode = mfaProps.CountryCode
 		}
 
-		provider, err = application.GetSmsProvider(vform.Method)
+		provider, err = application.GetSmsProvider(vform.Method, vform.CountryCode)
 		if err != nil {
 			c.ResponseError(err.Error())
 			return

go.mod

@@ -9,12 +9,12 @@ require (
 	github.com/beego/beego v1.12.12
 	github.com/beevik/etree v1.1.0
 	github.com/casbin/casbin/v2 v2.77.2
-	github.com/casdoor/go-sms-sender v0.20.0
+	github.com/casdoor/go-sms-sender v0.23.0
 	github.com/casdoor/gomail/v2 v2.0.1
 	github.com/casdoor/notify v0.45.0
 	github.com/casdoor/oss v1.6.0
 	github.com/casdoor/xorm-adapter/v3 v3.1.0
-	github.com/casvisor/casvisor-go-sdk v1.3.0
+	github.com/casvisor/casvisor-go-sdk v1.4.0
 	github.com/dchest/captcha v0.0.0-20200903113550-03f5f0333e1f
 	github.com/denisenkom/go-mssqldb v0.9.0
 	github.com/elazarl/go-bindata-assetfs v1.0.1 // indirect
@@ -45,7 +45,7 @@ require (
 	github.com/robfig/cron/v3 v3.0.1
 	github.com/russellhaering/gosaml2 v0.9.0
 	github.com/russellhaering/goxmldsig v1.2.0
-	github.com/sendgrid/sendgrid-go v3.14.0+incompatible // indirect
+	github.com/sendgrid/sendgrid-go v3.14.0+incompatible
 	github.com/shiena/ansicolor v0.0.0-20200904210342-c7312218db18 // indirect
 	github.com/shirou/gopsutil v3.21.11+incompatible
 	github.com/siddontang/go-log v0.0.0-20190221022429-1e957dd83bed

go.sum

@@ -1003,6 +1003,8 @@ github.com/apache/arrow/go/v10 v10.0.1/go.mod h1:YvhnlEePVnBS4+0z3fhPfUy7W1Ikj0I
 github.com/apache/arrow/go/v11 v11.0.0/go.mod h1:Eg5OsL5H+e299f7u5ssuXsuHQVEGC4xei5aX110hRiI=
 github.com/apache/arrow/go/v12 v12.0.0/go.mod h1:d+tV/eHZZ7Dz7RPrFKtPK02tpr+c9/PEd/zm8mDS9Vg=
 github.com/apache/thrift v0.16.0/go.mod h1:PHK3hniurgQaNMZYaCLEqXKsYK8upmhPbmdP2FXSqgU=
+github.com/apistd/uni-go-sdk v0.0.2 h1:7kqETCOz/rz8AQU55XGzxDFGoFeMgeZL5fGwvxKBZrc=
+github.com/apistd/uni-go-sdk v0.0.2/go.mod h1:eIqYos4IbHgE/rB75r05ypNLahooEMJCrbjXq322b74=
 github.com/appleboy/go-fcm v0.1.5/go.mod h1:MSxZ4LqGRsnywOjnlXJXMqbjZrG4vf+0oHitfC9HRH0=
 github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o=
 github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
@@ -1083,8 +1085,8 @@ github.com/casbin/casbin/v2 v2.77.2 h1:yQinn/w9x8AswiwqwtrXz93VU48R1aYTXdHEx4RI3
 github.com/casbin/casbin/v2 v2.77.2/go.mod h1:mzGx0hYW9/ksOSpw3wNjk3NRAroq5VMFYUQ6G43iGPk=
 github.com/casdoor/go-reddit/v2 v2.1.0 h1:kIbfdJ7AA7H0uTQ8s0q4GGZqSS5V9wVE74RrXyD9XPs=
 github.com/casdoor/go-reddit/v2 v2.1.0/go.mod h1:eagkvwlZ4Hcsuc/uQsLHYEulz5jN65SVSwV/AIE7zsc=
-github.com/casdoor/go-sms-sender v0.20.0 h1:yLbCakV04DzzehhgBklOrSeCFjMwpfKBeemz9b+Y8OM=
-github.com/casdoor/go-sms-sender v0.20.0/go.mod h1:cQs7qqohMJBgIVZebOCB8ko09naG1vzFJEH59VNIscs=
+github.com/casdoor/go-sms-sender v0.23.0 h1:N8+By4JNwyilEcx7cp0QGOepafefM88VwV+o3UEFZio=
+github.com/casdoor/go-sms-sender v0.23.0/go.mod h1:bOm4H8/YfJmEHjBatEVQFOnAf0OOn1B0Wi5B7zDhws0=
 github.com/casdoor/gomail/v2 v2.0.1 h1:J+FG6x80s9e5lBHUn8Sv0Y56mud34KiWih5YdmudR/w=
 github.com/casdoor/gomail/v2 v2.0.1/go.mod h1:VnGPslEAtpix5FjHisR/WKB1qvZDBaujbikxDe9d+2Q=
 github.com/casdoor/notify v0.45.0 h1:OlaFvcQFjGOgA4mRx07M8AH1gvb5xNo21mcqrVGlLgk=
@@ -1093,8 +1095,8 @@ github.com/casdoor/oss v1.6.0 h1:IOWrGLJ+VO82qS796eaRnzFPPA1Sn3cotYTi7O/VIlQ=
 github.com/casdoor/oss v1.6.0/go.mod h1:rJAWA0hLhtu94t6IRpotLUkXO1NWMASirywQYaGizJE=
 github.com/casdoor/xorm-adapter/v3 v3.1.0 h1:NodWayRtSLVSeCvL9H3Hc61k0G17KhV9IymTCNfh3kk=
 github.com/casdoor/xorm-adapter/v3 v3.1.0/go.mod h1:4WTcUw+bTgBylGHeGHzTtBvuTXRS23dtwzFLl9tsgFM=
-github.com/casvisor/casvisor-go-sdk v1.3.0 h1:HVgm2g3lWpNX2wBNidzR743QY4O5kAjLUJ9tS2juO8g=
-github.com/casvisor/casvisor-go-sdk v1.3.0/go.mod h1:frnNtH5GA0wxzAQLyZxxfL0RSsSub9GQPi2Ybe86ocE=
+github.com/casvisor/casvisor-go-sdk v1.4.0 h1:hbZEGGJ1cwdHFAxeXrMoNw6yha6Oyg2F0qQhBNCN/dg=
+github.com/casvisor/casvisor-go-sdk v1.4.0/go.mod h1:frnNtH5GA0wxzAQLyZxxfL0RSsSub9GQPi2Ybe86ocE=
 github.com/cenkalti/backoff/v4 v4.1.1/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw=
 github.com/cenkalti/backoff/v4 v4.1.2/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw=
 github.com/cenkalti/backoff/v4 v4.1.3 h1:cFAlzYUlVYDysBEH2T5hyJZMh3+5+WCBvSnK6Q8UtC4=

object/application.go

@@ -209,7 +209,7 @@ func extendApplicationWithSigninItems(application *Application) (err error) {
 		signinItem := &SigninItem{
 			Name:        "Back button",
 			Visible:     true,
-			Label:       ".back-button {\n      top: 65px;\n      left: 15px;\n      position: absolute;\n}",
+			Label:       ".back-button {\n      top: 65px;\n      left: 15px;\n      position: absolute;\n}\n.back-inner-button{}",
 			Placeholder: "",
 			Rule:        "None",
 		}
@@ -405,8 +405,8 @@ func GetApplicationByUser(user *User) (*Application, error) {
 }
 
 func GetApplicationByUserId(userId string) (application *Application, err error) {
-	owner, name := util.GetOwnerAndNameFromId(userId)
-	if owner == "app" {
+	_, name := util.GetOwnerAndNameFromId(userId)
+	if IsAppUser(userId) {
 		application, err = getApplication("admin", name)
 		return
 	}
@@ -670,11 +670,7 @@ func AddApplication(application *Application) (bool, error) {
 	return affected != 0, nil
 }
 
-func DeleteApplication(application *Application) (bool, error) {
-	if application.Name == "app-built-in" {
-		return false, nil
-	}
-
+func deleteApplication(application *Application) (bool, error) {
 	affected, err := ormer.Engine.ID(core.PK{application.Owner, application.Name}).Delete(&Application{})
 	if err != nil {
 		return false, err
@@ -683,6 +679,14 @@ func DeleteApplication(application *Application) (bool, error) {
 	return affected != 0, nil
 }
 
+func DeleteApplication(application *Application) (bool, error) {
+	if application.Name == "app-built-in" {
+		return false, nil
+	}
+
+	return deleteApplication(application)
+}
+
 func (application *Application) GetId() string {
 	return fmt.Sprintf("%s/%s", application.Owner, application.Name)
 }

object/application_item.go

@@ -38,7 +38,20 @@ func (application *Application) GetProviderByCategory(category string) (*Provide
 	return nil, nil
 }
 
-func (application *Application) GetProviderByCategoryAndRule(category string, method string) (*Provider, error) {
+func isProviderItemCountryCodeMatched(providerItem *ProviderItem, countryCode string) bool {
+	if len(providerItem.CountryCodes) == 0 {
+		return true
+	}
+
+	for _, countryCode2 := range providerItem.CountryCodes {
+		if countryCode2 == "" || countryCode2 == "All" || countryCode2 == "all" || countryCode2 == countryCode {
+			return true
+		}
+	}
+	return false
+}
+
+func (application *Application) GetProviderByCategoryAndRule(category string, method string, countryCode string) (*Provider, error) {
 	providers, err := GetProviders(application.Organization)
 	if err != nil {
 		return nil, err
@@ -54,7 +67,13 @@ func (application *Application) GetProviderByCategoryAndRule(category string, me
 	}
 
 	for _, providerItem := range application.Providers {
-		if providerItem.Rule == method || (providerItem.Rule == "all" || providerItem.Rule == "" || providerItem.Rule == "None") {
+		if providerItem.Provider != nil && providerItem.Provider.Category == "SMS" {
+			if !isProviderItemCountryCodeMatched(providerItem, countryCode) {
+				continue
+			}
+		}
+
+		if providerItem.Rule == method || providerItem.Rule == "" || providerItem.Rule == "All" || providerItem.Rule == "all" || providerItem.Rule == "None" {
 			if provider, ok := m[providerItem.Name]; ok {
 				return provider, nil
 			}
@@ -65,11 +84,11 @@ func (application *Application) GetProviderByCategoryAndRule(category string, me
 }
 
 func (application *Application) GetEmailProvider(method string) (*Provider, error) {
-	return application.GetProviderByCategoryAndRule("Email", method)
+	return application.GetProviderByCategoryAndRule("Email", method, "All")
 }
 
-func (application *Application) GetSmsProvider(method string) (*Provider, error) {
-	return application.GetProviderByCategoryAndRule("SMS", method)
+func (application *Application) GetSmsProvider(method string, countryCode string) (*Provider, error) {
+	return application.GetProviderByCategoryAndRule("SMS", method, countryCode)
 }
 
 func (application *Application) GetStorageProvider() (*Provider, error) {

object/check.go

@@ -410,7 +410,7 @@ func CheckUserPermission(requestUserId, userId string, strict bool, lang string)
 	}
 
 	hasPermission := false
-	if strings.HasPrefix(requestUserId, "app/") {
+	if IsAppUser(requestUserId) {
 		hasPermission = true
 	} else {
 		requestUser, err := GetUser(requestUserId)

object/group.go

@@ -154,6 +154,15 @@ func AddGroups(groups []*Group) (bool, error) {
 	return affected != 0, nil
 }
 
+func deleteGroup(group *Group) (bool, error) {
+	affected, err := ormer.Engine.ID(core.PK{group.Owner, group.Name}).Delete(&Group{})
+	if err != nil {
+		return false, err
+	}
+
+	return affected != 0, nil
+}
+
 func DeleteGroup(group *Group) (bool, error) {
 	_, err := ormer.Engine.Get(group)
 	if err != nil {
@@ -172,12 +181,7 @@ func DeleteGroup(group *Group) (bool, error) {
 		return false, errors.New("group has users")
 	}
 
-	affected, err := ormer.Engine.ID(core.PK{group.Owner, group.Name}).Delete(&Group{})
-	if err != nil {
-		return false, err
-	}
-
-	return affected != 0, nil
+	return deleteGroup(group)
 }
 
 func checkGroupName(name string) error {

object/init.go

@@ -409,7 +409,7 @@ func initBuiltInPermission() {
 		Groups:       []string{},
 		Roles:        []string{},
 		Domains:      []string{},
-		Model:        "model-built-in",
+		Model:        "user-model-built-in",
 		Adapter:      "",
 		ResourceType: "Application",
 		Resources:    []string{"app-built-in"},

object/init_data.go

@@ -266,7 +266,13 @@ func initDefinedOrganization(organization *Organization) {
 	}
 
 	if existed != nil {
-		return
+		affected, err := deleteOrganization(organization)
+		if err != nil {
+			panic(err)
+		}
+		if !affected {
+			panic("Fail to delete organization")
+		}
 	}
 	organization.CreatedTime = util.GetCurrentTime()
 	organization.AccountItems = getBuiltInAccountItems()
@@ -284,7 +290,13 @@ func initDefinedApplication(application *Application) {
 	}
 
 	if existed != nil {
-		return
+		affected, err := deleteApplication(application)
+		if err != nil {
+			panic(err)
+		}
+		if !affected {
+			panic("Fail to delete application")
+		}
 	}
 	application.CreatedTime = util.GetCurrentTime()
 	_, err = AddApplication(application)
@@ -299,7 +311,13 @@ func initDefinedUser(user *User) {
 		panic(err)
 	}
 	if existed != nil {
-		return
+		affected, err := deleteUser(user)
+		if err != nil {
+			panic(err)
+		}
+		if !affected {
+			panic("Fail to delete user")
+		}
 	}
 	user.CreatedTime = util.GetCurrentTime()
 	user.Id = util.GenerateId()
@@ -319,7 +337,13 @@ func initDefinedCert(cert *Cert) {
 	}
 
 	if existed != nil {
-		return
+		affected, err := DeleteCert(cert)
+		if err != nil {
+			panic(err)
+		}
+		if !affected {
+			panic("Fail to delete cert")
+		}
 	}
 	cert.CreatedTime = util.GetCurrentTime()
 	_, err = AddCert(cert)
@@ -335,7 +359,13 @@ func initDefinedLdap(ldap *Ldap) {
 	}
 
 	if existed != nil {
-		return
+		affected, err := DeleteLdap(ldap)
+		if err != nil {
+			panic(err)
+		}
+		if !affected {
+			panic("Fail to delete ldap")
+		}
 	}
 	_, err = AddLdap(ldap)
 	if err != nil {
@@ -350,7 +380,13 @@ func initDefinedProvider(provider *Provider) {
 	}
 
 	if existed != nil {
-		return
+		affected, err := DeleteProvider(provider)
+		if err != nil {
+			panic(err)
+		}
+		if !affected {
+			panic("Fail to delete provider")
+		}
 	}
 	_, err = AddProvider(provider)
 	if err != nil {
@@ -365,7 +401,13 @@ func initDefinedModel(model *Model) {
 	}
 
 	if existed != nil {
-		return
+		affected, err := DeleteModel(model)
+		if err != nil {
+			panic(err)
+		}
+		if !affected {
+			panic("Fail to delete provider")
+		}
 	}
 	model.CreatedTime = util.GetCurrentTime()
 	_, err = AddModel(model)
@@ -381,7 +423,13 @@ func initDefinedPermission(permission *Permission) {
 	}
 
 	if existed != nil {
-		return
+		affected, err := deletePermission(permission)
+		if err != nil {
+			panic(err)
+		}
+		if !affected {
+			panic("Fail to delete permission")
+		}
 	}
 	permission.CreatedTime = util.GetCurrentTime()
 	_, err = AddPermission(permission)
@@ -397,7 +445,13 @@ func initDefinedPayment(payment *Payment) {
 	}
 
 	if existed != nil {
-		return
+		affected, err := DeletePayment(payment)
+		if err != nil {
+			panic(err)
+		}
+		if !affected {
+			panic("Fail to delete payment")
+		}
 	}
 	payment.CreatedTime = util.GetCurrentTime()
 	_, err = AddPayment(payment)
@@ -413,7 +467,13 @@ func initDefinedProduct(product *Product) {
 	}
 
 	if existed != nil {
-		return
+		affected, err := DeleteProduct(product)
+		if err != nil {
+			panic(err)
+		}
+		if !affected {
+			panic("Fail to delete product")
+		}
 	}
 	product.CreatedTime = util.GetCurrentTime()
 	_, err = AddProduct(product)
@@ -429,7 +489,13 @@ func initDefinedResource(resource *Resource) {
 	}
 
 	if existed != nil {
-		return
+		affected, err := DeleteResource(resource)
+		if err != nil {
+			panic(err)
+		}
+		if !affected {
+			panic("Fail to delete resource")
+		}
 	}
 	resource.CreatedTime = util.GetCurrentTime()
 	_, err = AddResource(resource)
@@ -445,7 +511,13 @@ func initDefinedRole(role *Role) {
 	}
 
 	if existed != nil {
-		return
+		affected, err := deleteRole(role)
+		if err != nil {
+			panic(err)
+		}
+		if !affected {
+			panic("Fail to delete role")
+		}
 	}
 	role.CreatedTime = util.GetCurrentTime()
 	_, err = AddRole(role)
@@ -461,7 +533,13 @@ func initDefinedSyncer(syncer *Syncer) {
 	}
 
 	if existed != nil {
-		return
+		affected, err := DeleteSyncer(syncer)
+		if err != nil {
+			panic(err)
+		}
+		if !affected {
+			panic("Fail to delete role")
+		}
 	}
 	syncer.CreatedTime = util.GetCurrentTime()
 	_, err = AddSyncer(syncer)
@@ -477,7 +555,13 @@ func initDefinedToken(token *Token) {
 	}
 
 	if existed != nil {
-		return
+		affected, err := DeleteToken(token)
+		if err != nil {
+			panic(err)
+		}
+		if !affected {
+			panic("Fail to delete token")
+		}
 	}
 	token.CreatedTime = util.GetCurrentTime()
 	_, err = AddToken(token)
@@ -493,7 +577,13 @@ func initDefinedWebhook(webhook *Webhook) {
 	}
 
 	if existed != nil {
-		return
+		affected, err := DeleteWebhook(webhook)
+		if err != nil {
+			panic(err)
+		}
+		if !affected {
+			panic("Fail to delete webhook")
+		}
 	}
 	webhook.CreatedTime = util.GetCurrentTime()
 	_, err = AddWebhook(webhook)
@@ -508,7 +598,13 @@ func initDefinedGroup(group *Group) {
 		panic(err)
 	}
 	if existed != nil {
-		return
+		affected, err := deleteGroup(group)
+		if err != nil {
+			panic(err)
+		}
+		if !affected {
+			panic("Fail to delete group")
+		}
 	}
 	group.CreatedTime = util.GetCurrentTime()
 	_, err = AddGroup(group)
@@ -523,7 +619,13 @@ func initDefinedAdapter(adapter *Adapter) {
 		panic(err)
 	}
 	if existed != nil {
-		return
+		affected, err := DeleteAdapter(adapter)
+		if err != nil {
+			panic(err)
+		}
+		if !affected {
+			panic("Fail to delete adapter")
+		}
 	}
 	adapter.CreatedTime = util.GetCurrentTime()
 	_, err = AddAdapter(adapter)
@@ -538,7 +640,13 @@ func initDefinedEnforcer(enforcer *Enforcer) {
 		panic(err)
 	}
 	if existed != nil {
-		return
+		affected, err := DeleteEnforcer(enforcer)
+		if err != nil {
+			panic(err)
+		}
+		if !affected {
+			panic("Fail to delete enforcer")
+		}
 	}
 	enforcer.CreatedTime = util.GetCurrentTime()
 	_, err = AddEnforcer(enforcer)
@@ -553,7 +661,13 @@ func initDefinedPlan(plan *Plan) {
 		panic(err)
 	}
 	if existed != nil {
-		return
+		affected, err := DeletePlan(plan)
+		if err != nil {
+			panic(err)
+		}
+		if !affected {
+			panic("Fail to delete plan")
+		}
 	}
 	plan.CreatedTime = util.GetCurrentTime()
 	_, err = AddPlan(plan)
@@ -563,12 +677,18 @@ func initDefinedPlan(plan *Plan) {
 }
 
 func initDefinedPricing(pricing *Pricing) {
-	existed, err := getPlan(pricing.Owner, pricing.Name)
+	existed, err := getPricing(pricing.Owner, pricing.Name)
 	if err != nil {
 		panic(err)
 	}
 	if existed != nil {
-		return
+		affected, err := DeletePricing(pricing)
+		if err != nil {
+			panic(err)
+		}
+		if !affected {
+			panic("Fail to delete pricing")
+		}
 	}
 	pricing.CreatedTime = util.GetCurrentTime()
 	_, err = AddPricing(pricing)
@@ -583,7 +703,13 @@ func initDefinedInvitation(invitation *Invitation) {
 		panic(err)
 	}
 	if existed != nil {
-		return
+		affected, err := DeleteInvitation(invitation)
+		if err != nil {
+			panic(err)
+		}
+		if !affected {
+			panic("Fail to delete invitation")
+		}
 	}
 	invitation.CreatedTime = util.GetCurrentTime()
 	_, err = AddInvitation(invitation, "en")
@@ -593,6 +719,7 @@ func initDefinedInvitation(invitation *Invitation) {
 }
 
 func initDefinedRecord(record *casvisorsdk.Record) {
+	record.Id = 0
 	record.CreatedTime = util.GetCurrentTime()
 	_ = AddRecord(record)
 }
@@ -611,7 +738,13 @@ func initDefinedSubscription(subscription *Subscription) {
 		panic(err)
 	}
 	if existed != nil {
-		return
+		affected, err := DeleteSubscription(subscription)
+		if err != nil {
+			panic(err)
+		}
+		if !affected {
+			panic("Fail to delete subscription")
+		}
 	}
 	subscription.CreatedTime = util.GetCurrentTime()
 	_, err = AddSubscription(subscription)
@@ -626,7 +759,13 @@ func initDefinedTransaction(transaction *Transaction) {
 		panic(err)
 	}
 	if existed != nil {
-		return
+		affected, err := DeleteTransaction(transaction)
+		if err != nil {
+			panic(err)
+		}
+		if !affected {
+			panic("Fail to delete transaction")
+		}
 	}
 	transaction.CreatedTime = util.GetCurrentTime()
 	_, err = AddTransaction(transaction)

object/organization.go

@@ -241,11 +241,7 @@ func AddOrganization(organization *Organization) (bool, error) {
 	return affected != 0, nil
 }
 
-func DeleteOrganization(organization *Organization) (bool, error) {
-	if organization.Name == "built-in" {
-		return false, nil
-	}
-
+func deleteOrganization(organization *Organization) (bool, error) {
 	affected, err := ormer.Engine.ID(core.PK{organization.Owner, organization.Name}).Delete(&Organization{})
 	if err != nil {
 		return false, err
@@ -254,6 +250,14 @@ func DeleteOrganization(organization *Organization) (bool, error) {
 	return affected != 0, nil
 }
 
+func DeleteOrganization(organization *Organization) (bool, error) {
+	if organization.Name == "built-in" {
+		return false, nil
+	}
+
+	return deleteOrganization(organization)
+}
+
 func GetOrganizationByUser(user *User) (*Organization, error) {
 	if user == nil {
 		return nil, nil

object/permission.go

@@ -286,13 +286,22 @@ func AddPermissionsInBatch(permissions []*Permission) (bool, error) {
 	return affected, nil
 }
 
-func DeletePermission(permission *Permission) (bool, error) {
+func deletePermission(permission *Permission) (bool, error) {
 	affected, err := ormer.Engine.ID(core.PK{permission.Owner, permission.Name}).Delete(&Permission{})
 	if err != nil {
 		return false, err
 	}
 
-	if affected != 0 {
+	return affected != 0, nil
+}
+
+func DeletePermission(permission *Permission) (bool, error) {
+	affected, err := deletePermission(permission)
+	if err != nil {
+		return false, err
+	}
+
+	if affected {
 		err = removeGroupingPolicies(permission)
 		if err != nil {
 			return false, err
@@ -314,7 +323,7 @@ func DeletePermission(permission *Permission) (bool, error) {
 		}
 	}
 
-	return affected != 0, nil
+	return affected, nil
 }
 
 func getPermissionsByUser(userId string) ([]*Permission, error) {

object/plan.go

@@ -133,7 +133,7 @@ func AddPlan(plan *Plan) (bool, error) {
 }
 
 func DeletePlan(plan *Plan) (bool, error) {
-	affected, err := ormer.Engine.ID(core.PK{plan.Owner, plan.Name}).Delete(plan)
+	affected, err := ormer.Engine.ID(core.PK{plan.Owner, plan.Name}).Delete(Plan{})
 	if err != nil {
 		return false, err
 	}

object/pricing.go

@@ -140,7 +140,7 @@ func AddPricing(pricing *Pricing) (bool, error) {
 }
 
 func DeletePricing(pricing *Pricing) (bool, error) {
-	affected, err := ormer.Engine.ID(core.PK{pricing.Owner, pricing.Name}).Delete(pricing)
+	affected, err := ormer.Engine.ID(core.PK{pricing.Owner, pricing.Name}).Delete(Pricing{})
 	if err != nil {
 		return false, err
 	}

object/provider_item.go

@@ -18,13 +18,14 @@ type ProviderItem struct {
 	Owner string `json:"owner"`
 	Name  string `json:"name"`
 
-	CanSignUp   bool      `json:"canSignUp"`
-	CanSignIn   bool      `json:"canSignIn"`
-	CanUnlink   bool      `json:"canUnlink"`
-	Prompted    bool      `json:"prompted"`
-	SignupGroup string    `json:"signupGroup"`
-	Rule        string    `json:"rule"`
-	Provider    *Provider `json:"provider"`
+	CanSignUp    bool      `json:"canSignUp"`
+	CanSignIn    bool      `json:"canSignIn"`
+	CanUnlink    bool      `json:"canUnlink"`
+	CountryCodes []string  `json:"countryCodes"`
+	Prompted     bool      `json:"prompted"`
+	SignupGroup  string    `json:"signupGroup"`
+	Rule         string    `json:"rule"`
+	Provider     *Provider `json:"provider"`
 }
 
 func (application *Application) GetProviderItem(providerName string) *ProviderItem {

object/record.go

@@ -17,6 +17,7 @@ package object
 import (
 	"encoding/json"
 	"fmt"
+	"regexp"
 	"strings"
 
 	"github.com/beego/beego/context"
@@ -25,10 +26,14 @@ import (
 	"github.com/casvisor/casvisor-go-sdk/casvisorsdk"
 )
 
-var logPostOnly bool
+var (
+	logPostOnly   bool
+	passwordRegex *regexp.Regexp
+)
 
 func init() {
 	logPostOnly = conf.GetConfigBool("logPostOnly")
+	passwordRegex = regexp.MustCompile("\"password\":\".+\"")
 }
 
 type Record struct {
@@ -40,6 +45,10 @@ type Response struct {
 	Msg    string `json:"msg"`
 }
 
+func maskPassword(recordString string) string {
+	return passwordRegex.ReplaceAllString(recordString, "\"password\":\"***\"")
+}
+
 func NewRecord(ctx *context.Context) (*casvisorsdk.Record, error) {
 	ip := strings.Replace(util.GetIPFromRequest(ctx.Request), ": ", "", -1)
 	action := strings.Replace(ctx.Request.URL.Path, "/api/", "", -1)
@@ -51,6 +60,7 @@ func NewRecord(ctx *context.Context) (*casvisorsdk.Record, error) {
 	object := ""
 	if ctx.Input.RequestBody != nil && len(ctx.Input.RequestBody) != 0 {
 		object = string(ctx.Input.RequestBody)
+		object = maskPassword(object)
 	}
 
 	respBytes, err := json.Marshal(ctx.Input.Data()["json"])
@@ -80,12 +90,18 @@ func NewRecord(ctx *context.Context) (*casvisorsdk.Record, error) {
 		Action:      action,
 		Language:    languageCode,
 		Object:      object,
+		StatusCode:  200,
 		Response:    fmt.Sprintf("{status:\"%s\", msg:\"%s\"}", resp.Status, resp.Msg),
 		IsTriggered: false,
 	}
 	return &record, nil
 }
 
+func addRecord(record *casvisorsdk.Record) (int64, error) {
+	affected, err := ormer.Engine.Insert(record)
+	return affected, err
+}
+
 func AddRecord(record *casvisorsdk.Record) bool {
 	if logPostOnly {
 		if record.Method == "GET" {
@@ -98,6 +114,7 @@ func AddRecord(record *casvisorsdk.Record) bool {
 	}
 
 	record.Owner = record.Organization
+	record.Object = maskPassword(record.Object)
 
 	errWebhook := SendWebhooks(record)
 	if errWebhook == nil {
@@ -107,7 +124,7 @@ func AddRecord(record *casvisorsdk.Record) bool {
 	}
 
 	if casvisorsdk.GetClient() == nil {
-		affected, err := ormer.Engine.Insert(record)
+		affected, err := addRecord(record)
 		if err != nil {
 			panic(err)
 		}
@@ -212,6 +229,40 @@ func getFilteredWebhooks(webhooks []*Webhook, organization string, action string
 	return res
 }
 
+func addWebhookRecord(webhook *Webhook, record *casvisorsdk.Record, statusCode int, respBody string, sendError error) error {
+	if statusCode == 200 {
+		return nil
+	}
+
+	if len(respBody) > 300 {
+		respBody = respBody[0:300]
+	}
+
+	webhookRecord := &casvisorsdk.Record{
+		Owner:        record.Owner,
+		Name:         util.GenerateId(),
+		CreatedTime:  util.GetCurrentTime(),
+		Organization: record.Organization,
+		User:         record.User,
+
+		Method:      webhook.Method,
+		Action:      "send-webhook",
+		RequestUri:  webhook.Url,
+		StatusCode:  statusCode,
+		Response:    respBody,
+		Language:    record.Language,
+		IsTriggered: false,
+	}
+
+	if sendError != nil {
+		webhookRecord.Response = sendError.Error()
+	}
+
+	_, err := addRecord(webhookRecord)
+
+	return err
+}
+
 func SendWebhooks(record *casvisorsdk.Record) error {
 	webhooks, err := getWebhooksByOrganization("")
 	if err != nil {
@@ -236,11 +287,16 @@ func SendWebhooks(record *casvisorsdk.Record) error {
 			}
 		}
 
-		err = sendWebhook(webhook, record, user)
+		statusCode, respBody, err := sendWebhook(webhook, record, user)
 		if err != nil {
 			errs = append(errs, err)
-			continue
 		}
+
+		err = addWebhookRecord(webhook, record, statusCode, respBody, err)
+		if err != nil {
+			errs = append(errs, err)
+		}
+
 	}
 
 	if len(errs) > 0 {

object/role.go

@@ -238,6 +238,15 @@ func AddRolesInBatch(roles []*Role) bool {
 	return affected
 }
 
+func deleteRole(role *Role) (bool, error) {
+	affected, err := ormer.Engine.ID(core.PK{role.Owner, role.Name}).Delete(&Role{})
+	if err != nil {
+		return false, err
+	}
+
+	return affected != 0, nil
+}
+
 func DeleteRole(role *Role) (bool, error) {
 	roleId := role.GetId()
 	permissions, err := GetPermissionsByRole(roleId)
@@ -253,12 +262,7 @@ func DeleteRole(role *Role) (bool, error) {
 		}
 	}
 
-	affected, err := ormer.Engine.ID(core.PK{role.Owner, role.Name}).Delete(&Role{})
-	if err != nil {
-		return false, err
-	}
-
-	return affected != 0, nil
+	return deleteRole(role)
 }
 
 func (role *Role) GetId() string {

object/sms.go

@@ -48,7 +48,7 @@ func SendSms(provider *Provider, content string, phoneNumbers ...string) error {
 		if provider.AppId != "" {
 			phoneNumbers = append([]string{provider.AppId}, phoneNumbers...)
 		}
-	} else if provider.Type == sender.Aliyun {
+	} else if provider.Type == sender.Aliyun || provider.Type == sender.SendCloud {
 		for i, number := range phoneNumbers {
 			phoneNumbers[i] = strings.TrimPrefix(number, "+86")
 		}

object/syncer.go

@@ -155,7 +155,8 @@ func GetMaskedSyncers(syncers []*Syncer, errs ...error) ([]*Syncer, error) {
 
 func UpdateSyncer(id string, syncer *Syncer) (bool, error) {
 	owner, name := util.GetOwnerAndNameFromId(id)
-	if s, err := getSyncer(owner, name); err != nil {
+	s, err := getSyncer(owner, name)
+	if err != nil {
 		return false, err
 	} else if s == nil {
 		return false, nil
@@ -163,7 +164,7 @@ func UpdateSyncer(id string, syncer *Syncer) (bool, error) {
 
 	session := ormer.Engine.ID(core.PK{owner, name}).AllCols()
 	if syncer.Password == "***" {
-		session.Omit("password")
+		syncer.Password = s.Password
 	}
 	affected, err := session.Update(syncer)
 	if err != nil {

object/syncer_sync.go

@@ -142,9 +142,11 @@ func (syncer *Syncer) syncUsers() error {
 		}
 	}
 
-	_, err = AddUsersInBatch(newUsers)
-	if err != nil {
-		return err
+	if len(newUsers) != 0 {
+		_, err = AddUsersInBatch(newUsers)
+		if err != nil {
+			return err
+		}
 	}
 
 	if !syncer.IsReadOnly {

object/user.go

@@ -877,6 +877,7 @@ func AddUsers(users []*User) (bool, error) {
 			}
 		}
 
+		user.Name = strings.TrimSpace(user.Name)
 		if isUsernameLowered {
 			user.Name = strings.ToLower(user.Name)
 		}
@@ -919,6 +920,15 @@ func AddUsersInBatch(users []*User) (bool, error) {
 	return affected, nil
 }
 
+func deleteUser(user *User) (bool, error) {
+	affected, err := ormer.Engine.ID(core.PK{user.Owner, user.Name}).Delete(&User{})
+	if err != nil {
+		return false, err
+	}
+
+	return affected != 0, nil
+}
+
 func DeleteUser(user *User) (bool, error) {
 	// Forced offline the user first
 	_, err := DeleteSession(util.GetSessionId(user.Owner, user.Name, CasdoorApplication))
@@ -926,12 +936,7 @@ func DeleteUser(user *User) (bool, error) {
 		return false, err
 	}
 
-	affected, err := ormer.Engine.ID(core.PK{user.Owner, user.Name}).Delete(&User{})
-	if err != nil {
-		return false, err
-	}
-
-	return affected != 0, nil
+	return deleteUser(user)
 }
 
 func GetUserInfo(user *User, scope string, aud string, host string) (*Userinfo, error) {
@@ -1003,7 +1008,7 @@ func (user *User) GetFriendlyName() string {
 }
 
 func isUserIdGlobalAdmin(userId string) bool {
-	return strings.HasPrefix(userId, "built-in/") || strings.HasPrefix(userId, "app/")
+	return strings.HasPrefix(userId, "built-in/") || IsAppUser(userId)
 }
 
 func ExtendUserWithRolesAndPermissions(user *User) (err error) {

object/user_util.go

@@ -21,12 +21,11 @@ import (
 	"regexp"
 	"strings"
 
+	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/i18n"
-
-	jsoniter "github.com/json-iterator/go"
-
 	"github.com/casdoor/casdoor/idp"
 	"github.com/casdoor/casdoor/util"
+	jsoniter "github.com/json-iterator/go"
 	"github.com/xorm-io/core"
 )
 
@@ -57,6 +56,13 @@ func HasUserByField(organizationName string, field string, value string) bool {
 }
 
 func GetUserByFields(organization string, field string) (*User, error) {
+	isUsernameLowered := conf.GetConfigBool("isUsernameLowered")
+	if isUsernameLowered {
+		field = strings.ToLower(field)
+	}
+
+	field = strings.TrimSpace(field)
+
 	// check username
 	user, err := GetUserByField(organization, "name", field)
 	if err != nil || user != nil {
@@ -464,3 +470,10 @@ func (user *User) IsAdminUser() bool {
 
 	return user.IsAdmin || user.IsGlobalAdmin()
 }
+
+func IsAppUser(userId string) bool {
+	if strings.HasPrefix(userId, "app/") {
+		return true
+	}
+	return false
+}

object/webhook_util.go

@@ -15,6 +15,7 @@
 package object
 
 import (
+	"io"
 	"net/http"
 	"strings"
 
@@ -22,7 +23,7 @@ import (
 	"github.com/casvisor/casvisor-go-sdk/casvisorsdk"
 )
 
-func sendWebhook(webhook *Webhook, record *casvisorsdk.Record, extendedUser *User) error {
+func sendWebhook(webhook *Webhook, record *casvisorsdk.Record, extendedUser *User) (int, string, error) {
 	client := &http.Client{}
 
 	type RecordEx struct {
@@ -38,7 +39,7 @@ func sendWebhook(webhook *Webhook, record *casvisorsdk.Record, extendedUser *Use
 
 	req, err := http.NewRequest(webhook.Method, webhook.Url, body)
 	if err != nil {
-		return err
+		return 0, "", err
 	}
 
 	req.Header.Set("Content-Type", webhook.ContentType)
@@ -47,6 +48,15 @@ func sendWebhook(webhook *Webhook, record *casvisorsdk.Record, extendedUser *Use
 		req.Header.Set(header.Name, header.Value)
 	}
 
-	_, err = client.Do(req)
-	return err
+	resp, err := client.Do(req)
+	if err != nil {
+		return 0, "", err
+	}
+
+	defer resp.Body.Close()
+	bodyBytes, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return 0, "", err
+	}
+	return resp.StatusCode, string(bodyBytes), err
 }

routers/static_filter.go

@@ -59,7 +59,7 @@ func fastAutoSignin(ctx *context.Context) (string, error) {
 	scope := ctx.Input.Query("scope")
 	state := ctx.Input.Query("state")
 	nonce := ""
-	codeChallenge := ""
+	codeChallenge := ctx.Input.Query("code_challenge")
 	if clientId == "" || responseType != "code" || redirectUri == "" {
 		return "", nil
 	}

web/src/ProductEditPage.js

@@ -41,7 +41,7 @@ class ProductEditPage extends React.Component {
   UNSAFE_componentWillMount() {
     this.getProduct();
     this.getOrganizations();
-    this.getPaymentProviders();
+    this.getPaymentProviders(this.state.organizationName);
   }
 
   getProduct() {
@@ -67,8 +67,8 @@ class ProductEditPage extends React.Component {
       });
   }
 
-  getPaymentProviders() {
-    ProviderBackend.getProviders(this.props.account.owner)
+  getPaymentProviders(organizationName) {
+    ProviderBackend.getProviders(organizationName)
       .then((res) => {
         if (res.status === "ok") {
           this.setState({

web/src/ProviderEditPage.js

@@ -209,6 +209,8 @@ class ProviderEditPage extends React.Component {
         return Setting.getLabel(i18next.t("provider:Public key"), i18next.t("provider:Public key - Tooltip"));
       } else if (provider.type === "Msg91 SMS" || provider.type === "Infobip SMS" || provider.type === "OSON SMS") {
         return Setting.getLabel(i18next.t("provider:Sender Id"), i18next.t("provider:Sender Id - Tooltip"));
+      } else if (provider.type === "SendCloud SMS") {
+        return "SMS_USER";
       } else {
         return Setting.getLabel(i18next.t("provider:Client ID"), i18next.t("provider:Client ID - Tooltip"));
       }
@@ -260,6 +262,8 @@ class ProviderEditPage extends React.Component {
         return Setting.getLabel(i18next.t("provider:Auth Key"), i18next.t("provider:Auth Key - Tooltip"));
       } else if (provider.type === "Infobip SMS") {
         return Setting.getLabel(i18next.t("provider:Api Key"), i18next.t("provider:Api Key - Tooltip"));
+      } else if (provider.type === "SendCloud SMS") {
+        return "SMS_KEY";
       } else {
         return Setting.getLabel(i18next.t("provider:Client secret"), i18next.t("provider:Client secret - Tooltip"));
       }
@@ -1089,7 +1093,7 @@ class ProviderEditPage extends React.Component {
             </React.Fragment>
           ) : this.state.provider.category === "SMS" ? (
             <React.Fragment>
-              {["Custom HTTP SMS", "Twilio SMS", "Amazon SNS", "Azure ACS", "Msg91 SMS", "Infobip SMS"].includes(this.state.provider.type) ?
+              {["Custom HTTP SMS", "Twilio SMS", "Amazon SNS", "Azure ACS", "Msg91 SMS", "Infobip SMS", "SendCloud SMS"].includes(this.state.provider.type) ?
                 null :
                 (<Row style={{marginTop: "20px"}} >
                   <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>

web/src/RecordListPage.js

@@ -151,6 +151,14 @@ class RecordListPage extends BaseListPage {
         sorter: true,
         ...this.getColumnSearchProps("language"),
       },
+      {
+        title: i18next.t("record:Status code"),
+        dataIndex: "statusCode",
+        key: "statusCode",
+        width: "90px",
+        sorter: true,
+        ...this.getColumnSearchProps("statusCode"),
+      },
       {
         title: i18next.t("record:Response"),
         dataIndex: "response",

web/src/Setting.js

@@ -139,6 +139,10 @@ export const OtherProviderInfo = {
       logo: `${StaticBaseUrl}/img/social_twilio.svg`,
       url: "https://www.twilio.com/messaging",
     },
+    "SendCloud SMS": {
+      logo: `${StaticBaseUrl}/img/sms_sendcloud.png`,
+      url: "https://www.sendcloud.net/",
+    },
     "SmsBao SMS": {
       logo: `${StaticBaseUrl}/img/social_smsbao.png`,
       url: "https://www.smsbao.com/",
@@ -1039,6 +1043,7 @@ export function getProviderTypeOptions(category) {
         {id: "Huawei Cloud SMS", name: "Huawei Cloud SMS"},
         {id: "UCloud SMS", name: "UCloud SMS"},
         {id: "Twilio SMS", name: "Twilio SMS"},
+        {id: "SendCloud SMS", name: "SendCloud SMS"},
         {id: "SmsBao SMS", name: "SmsBao SMS"},
         {id: "SUBMAIL SMS", name: "SUBMAIL SMS"},
         {id: "Msg91 SMS", name: "Msg91 SMS"},

web/src/auth/LoginPage.js

@@ -543,7 +543,7 @@ class LoginPage extends React.Component {
       );
     } else if (signinItem.name === "Back button") {
       return (
-        <div>
+        <div className="back-button">
           <div dangerouslySetInnerHTML={{__html: ("<style>" + signinItem.label?.replaceAll("<style>", "").replaceAll("</style>", "") + "</style>")}} />
           {
             this.renderBackButton()
@@ -840,7 +840,7 @@ class LoginPage extends React.Component {
                 {application.displayName}
               </span>
             </a>
-              :
+            :
           </div>
           <br />
           {
@@ -1199,8 +1199,7 @@ class LoginPage extends React.Component {
   renderBackButton() {
     if (this.state.orgChoiceMode === "None" || this.props.preview === "auto") {
       return (
-        <Button type="text" size="large" icon={<ArrowLeftOutlined />}
-          className="back-button"
+        <Button className="back-inner-button" type="text" size="large" icon={<ArrowLeftOutlined />}
           onClick={() => history.back()}>
         </Button>
       );

web/src/auth/ProviderButton.js

@@ -172,23 +172,23 @@ export function renderProviderLogo(provider, application, width, margin, size, l
     const customAStyle = {display: "block", height: "55px", color: "#000"};
     const customButtonStyle = {display: "flex", alignItems: "center", width: "calc(100% - 10px)", height: "50px", margin: "5px", padding: "0 10px", backgroundColor: "transparent", boxShadow: "0px 1px 3px rgba(0,0,0,0.5)", border: "0px", borderRadius: "3px", cursor: "pointer"};
     const customImgStyle = {justfyContent: "space-between"};
-    const customSpanStyle = {textAlign: "center", lineHeight: "50px", width: "100%", fontSize: "19px"};
+    const customSpanStyle = {textAlign: "center", width: "100%", fontSize: "19px"};
     if (provider.category === "OAuth") {
       return (
         <a key={provider.displayName} href={Provider.getAuthUrl(application, provider, "signup")} style={customAStyle}>
-          <button style={customButtonStyle}>
+          <div style={customButtonStyle}>
             <img width={26} src={getProviderLogoURL(provider)} alt={provider.displayName} className="provider-img" style={customImgStyle} />
             <span style={customSpanStyle}>{text}</span>
-          </button>
+          </div>
         </a>
       );
     } else if (provider.category === "SAML") {
       return (
         <a key={provider.displayName} onClick={() => goToSamlUrl(provider, location)} style={customAStyle}>
-          <button style={customButtonStyle}>
+          <div style={customButtonStyle}>
             <img width={26} src={getProviderLogoURL(provider)} alt={provider.displayName} className="provider-img" style={customImgStyle} />
             <span style={customSpanStyle}>{text}</span>
-          </button>
+          </div>
         </a>
       );
     }

web/src/common/select/CountryCodeSelect.js

@@ -13,11 +13,14 @@
 // limitations under the License.
 
 import {Select} from "antd";
+import i18next from "i18next";
 import * as Setting from "../../Setting";
 import React from "react";
 
+const {Option} = Select;
+
 export const CountryCodeSelect = (props) => {
-  const {onChange, style, disabled, initValue} = props;
+  const {onChange, style, disabled, initValue, mode} = props;
   const countryCodes = props.countryCodes ?? [];
   const [value, setValue] = React.useState("");
 
@@ -42,11 +45,19 @@ export const CountryCodeSelect = (props) => {
       style={style}
       disabled={disabled}
       value={value}
+      mode={mode}
       dropdownMatchSelectWidth={false}
       optionLabelProp={"label"}
       onChange={handleOnChange}
       filterOption={(input, option) => (option?.text ?? "").toLowerCase().includes(input.toLowerCase())}
     >
+      {
+        props.hasDefault ? (<Option key={"All"} value={"All"} label={i18next.t("organization:All")} text={"organization:All"} >
+          <div style={{display: "flex", justifyContent: "space-between", marginRight: "10px"}}>
+            {i18next.t("organization:All")}
+          </div>
+        </Option>) : null
+      }
       {
         Setting.getCountryCodeData(countryCodes).map((country) => Setting.getCountryCodeOption(country))
       }

web/src/locales/ar/data.json

@@ -897,7 +897,8 @@
   "record": {
     "Is triggered": "Is triggered",
     "Object": "Object",
-    "Response": "Response"
+    "Response": "Response",
+    "Status code": "Status code"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1171,6 +1172,7 @@
     "input password": "input password"
   },
   "verification": {
+    "Is used": "Is used",
     "Receiver": "Receiver"
   },
   "webhook": {

web/src/locales/de/data.json

@@ -897,7 +897,8 @@
   "record": {
     "Is triggered": "Is triggered",
     "Object": "Object",
-    "Response": "Response"
+    "Response": "Response",
+    "Status code": "Status code"
   },
   "resource": {
     "Copy Link": "Kopiere den Link",
@@ -1171,6 +1172,7 @@
     "input password": "Eingabe des Passworts"
   },
   "verification": {
+    "Is used": "Is used",
     "Receiver": "Receiver"
   },
   "webhook": {

web/src/locales/en/data.json

@@ -897,7 +897,8 @@
   "record": {
     "Is triggered": "Is triggered",
     "Object": "Object",
-    "Response": "Response"
+    "Response": "Response",
+    "Status code": "Status code"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1171,6 +1172,7 @@
     "input password": "input password"
   },
   "verification": {
+    "Is used": "Is used",
     "Receiver": "Receiver"
   },
   "webhook": {

web/src/locales/es/data.json

@@ -897,7 +897,8 @@
   "record": {
     "Is triggered": "Is triggered",
     "Object": "Object",
-    "Response": "Response"
+    "Response": "Response",
+    "Status code": "Status code"
   },
   "resource": {
     "Copy Link": "Copiar enlace",
@@ -1171,6 +1172,7 @@
     "input password": "Ingresar contraseña"
   },
   "verification": {
+    "Is used": "Is used",
     "Receiver": "Receiver"
   },
   "webhook": {

web/src/locales/fa/data.json

@@ -897,7 +897,8 @@
   "record": {
     "Is triggered": "Is triggered",
     "Object": "Object",
-    "Response": "Response"
+    "Response": "Response",
+    "Status code": "Status code"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1171,6 +1172,7 @@
     "input password": "input password"
   },
   "verification": {
+    "Is used": "Is used",
     "Receiver": "Receiver"
   },
   "webhook": {

web/src/locales/fi/data.json

@@ -897,7 +897,8 @@
   "record": {
     "Is triggered": "Is triggered",
     "Object": "Object",
-    "Response": "Response"
+    "Response": "Response",
+    "Status code": "Status code"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1171,6 +1172,7 @@
     "input password": "input password"
   },
   "verification": {
+    "Is used": "Is used",
     "Receiver": "Receiver"
   },
   "webhook": {

web/src/locales/fr/data.json

@@ -897,7 +897,8 @@
   "record": {
     "Is triggered": "Is triggered",
     "Object": "Object",
-    "Response": "Response"
+    "Response": "Response",
+    "Status code": "Status code"
   },
   "resource": {
     "Copy Link": "Copier le lien",
@@ -1171,6 +1172,7 @@
     "input password": "saisir le mot de passe"
   },
   "verification": {
+    "Is used": "Is used",
     "Receiver": "Receiver"
   },
   "webhook": {

web/src/locales/he/data.json

@@ -897,7 +897,8 @@
   "record": {
     "Is triggered": "Is triggered",
     "Object": "Object",
-    "Response": "Response"
+    "Response": "Response",
+    "Status code": "Status code"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1171,6 +1172,7 @@
     "input password": "input password"
   },
   "verification": {
+    "Is used": "Is used",
     "Receiver": "Receiver"
   },
   "webhook": {

web/src/locales/id/data.json

@@ -897,7 +897,8 @@
   "record": {
     "Is triggered": "Is triggered",
     "Object": "Object",
-    "Response": "Response"
+    "Response": "Response",
+    "Status code": "Status code"
   },
   "resource": {
     "Copy Link": "Salin Tautan",
@@ -1171,6 +1172,7 @@
     "input password": "masukkan kata sandi"
   },
   "verification": {
+    "Is used": "Is used",
     "Receiver": "Receiver"
   },
   "webhook": {

web/src/locales/it/data.json

@@ -897,7 +897,8 @@
   "record": {
     "Is triggered": "Is triggered",
     "Object": "Object",
-    "Response": "Response"
+    "Response": "Response",
+    "Status code": "Status code"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1171,6 +1172,7 @@
     "input password": "input password"
   },
   "verification": {
+    "Is used": "Is used",
     "Receiver": "Receiver"
   },
   "webhook": {

web/src/locales/ja/data.json

@@ -897,7 +897,8 @@
   "record": {
     "Is triggered": "Is triggered",
     "Object": "Object",
-    "Response": "Response"
+    "Response": "Response",
+    "Status code": "Status code"
   },
   "resource": {
     "Copy Link": "コピー リンク",
@@ -1171,6 +1172,7 @@
     "input password": "パスワードを入力してください"
   },
   "verification": {
+    "Is used": "Is used",
     "Receiver": "Receiver"
   },
   "webhook": {

web/src/locales/kk/data.json

@@ -897,7 +897,8 @@
   "record": {
     "Is triggered": "Is triggered",
     "Object": "Object",
-    "Response": "Response"
+    "Response": "Response",
+    "Status code": "Status code"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1171,6 +1172,7 @@
     "input password": "input password"
   },
   "verification": {
+    "Is used": "Is used",
     "Receiver": "Receiver"
   },
   "webhook": {

web/src/locales/ko/data.json

@@ -897,7 +897,8 @@
   "record": {
     "Is triggered": "Is triggered",
     "Object": "Object",
-    "Response": "Response"
+    "Response": "Response",
+    "Status code": "Status code"
   },
   "resource": {
     "Copy Link": "링크 복사하기",
@@ -1171,6 +1172,7 @@
     "input password": "비밀번호를 입력해주세요"
   },
   "verification": {
+    "Is used": "Is used",
     "Receiver": "Receiver"
   },
   "webhook": {

web/src/locales/ms/data.json

@@ -897,7 +897,8 @@
   "record": {
     "Is triggered": "Is triggered",
     "Object": "Object",
-    "Response": "Response"
+    "Response": "Response",
+    "Status code": "Status code"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1171,6 +1172,7 @@
     "input password": "input password"
   },
   "verification": {
+    "Is used": "Is used",
     "Receiver": "Receiver"
   },
   "webhook": {

web/src/locales/nl/data.json

@@ -897,7 +897,8 @@
   "record": {
     "Is triggered": "Is triggered",
     "Object": "Object",
-    "Response": "Response"
+    "Response": "Response",
+    "Status code": "Status code"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1171,6 +1172,7 @@
     "input password": "input password"
   },
   "verification": {
+    "Is used": "Is used",
     "Receiver": "Receiver"
   },
   "webhook": {

web/src/locales/pl/data.json

@@ -897,7 +897,8 @@
   "record": {
     "Is triggered": "Is triggered",
     "Object": "Object",
-    "Response": "Response"
+    "Response": "Response",
+    "Status code": "Status code"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1171,6 +1172,7 @@
     "input password": "input password"
   },
   "verification": {
+    "Is used": "Is used",
     "Receiver": "Receiver"
   },
   "webhook": {

web/src/locales/pt/data.json

@@ -897,7 +897,8 @@
   "record": {
     "Is triggered": "Is triggered",
     "Object": "Object",
-    "Response": "Response"
+    "Response": "Response",
+    "Status code": "Status code"
   },
   "resource": {
     "Copy Link": "Copiar Link",
@@ -1171,6 +1172,7 @@
     "input password": "Digite a senha"
   },
   "verification": {
+    "Is used": "Is used",
     "Receiver": "Receiver"
   },
   "webhook": {

web/src/locales/ru/data.json

@@ -897,7 +897,8 @@
   "record": {
     "Is triggered": "Is triggered",
     "Object": "Object",
-    "Response": "Response"
+    "Response": "Response",
+    "Status code": "Status code"
   },
   "resource": {
     "Copy Link": "Копировать ссылку",
@@ -1171,6 +1172,7 @@
     "input password": "введите пароль"
   },
   "verification": {
+    "Is used": "Is used",
     "Receiver": "Receiver"
   },
   "webhook": {

web/src/locales/sv/data.json

@@ -897,7 +897,8 @@
   "record": {
     "Is triggered": "Is triggered",
     "Object": "Object",
-    "Response": "Response"
+    "Response": "Response",
+    "Status code": "Status code"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1171,6 +1172,7 @@
     "input password": "input password"
   },
   "verification": {
+    "Is used": "Is used",
     "Receiver": "Receiver"
   },
   "webhook": {

web/src/locales/tr/data.json

@@ -897,7 +897,8 @@
   "record": {
     "Is triggered": "Is triggered",
     "Object": "Object",
-    "Response": "Response"
+    "Response": "Response",
+    "Status code": "Status code"
   },
   "resource": {
     "Copy Link": "Copy Link",
@@ -1171,6 +1172,7 @@
     "input password": "şifreyi girin"
   },
   "verification": {
+    "Is used": "Is used",
     "Receiver": "Receiver"
   },
   "webhook": {

web/src/locales/uk/data.json

@@ -80,6 +80,7 @@
     "Only signup": "Тільки реєстрація",
     "Org choice mode": "Режим вибору організації",
     "Org choice mode - Tooltip": "Режим вибору організації – підказка",
+    "Please enable \\\"Signin session\\\" first before enabling \\\"Auto signin\\\"": "Please enable \\\"Signin session\\\" first before enabling \\\"Auto signin\\\"",
     "Please input your application!": "Будь ласка, введіть свою заявку!",
     "Please input your organization!": "Будь ласка, введіть вашу організацію!",
     "Please select a HTML file": "Виберіть файл HTML",
@@ -229,6 +230,7 @@
     "Email": "Електронна пошта",
     "Email - Tooltip": "Дійсна електронна пошта",
     "Email only": "Лише електронна пошта",
+    "Email or Phone": "Email or Phone",
     "Enable": "Увімкнути",
     "Enable dark logo": "Увімкнути темний логотип",
     "Enable dark logo - Tooltip": "Увімкнути темний логотип",
@@ -311,6 +313,7 @@
     "Phone": "Телефон",
     "Phone - Tooltip": "Номер телефону",
     "Phone only": "Тільки телефон",
+    "Phone or Email": "Phone or Email",
     "Plan": "План",
     "Plan - Tooltip": "План – підказка",
     "Plans": "Плани",
@@ -391,6 +394,7 @@
     "User type": "Тип користувача",
     "User type - Tooltip": "Теги, до яких належить користувач, за умовчанням \"звичайний користувач\"",
     "Users": "Користувачі",
+    "Users - Tooltip": "Users - Tooltip",
     "Users under all organizations": "Користувачі в усіх організаціях",
     "Verifications": "Перевірки",
     "Webhooks": "Веб-хуки",
@@ -473,7 +477,6 @@
     "LDAP username, Email or phone": "Ім’я користувача LDAP, електронна пошта або телефон",
     "Loading": "Завантаження",
     "Logging out...": "Вихід...",
-    "Login button": "Кнопка входу",
     "MetaMask plugin not detected": "Плагін MetaMask не виявлено",
     "Model loading failure": "Помилка завантаження моделі",
     "No account?": "Немає облікового запису?",
@@ -498,6 +501,7 @@
     "Sign in with Face ID": "Увійдіть за допомогою Face ID",
     "Sign in with WebAuthn": "Увійдіть за допомогою WebAuthn",
     "Sign in with {type}": "Увійдіть за допомогою {type}",
+    "Signin button": "Signin button",
     "Signing in...": "Вхід...",
     "Successfully logged in with WebAuthn credentials": "Успішно ввійшли за допомогою облікових даних WebAuthn",
     "The camera is currently in use by another webpage": "Камера зараз використовується іншою веб-сторінкою",
@@ -893,7 +897,8 @@
   "record": {
     "Is triggered": "Спрацьовує",
     "Object": "Об'єкт",
-    "Response": "Відповідь"
+    "Response": "Відповідь",
+    "Status code": "Status code"
   },
   "resource": {
     "Copy Link": "Копіювати посилання",
@@ -941,6 +946,7 @@
     "Please select your country code!": "Виберіть код країни!",
     "Please select your country/region!": "Виберіть свою країну/регіон!",
     "Regex": "Регулярний вираз",
+    "Signup button": "Signup button",
     "Terms of Use": "Умови використання",
     "Terms of Use - Tooltip": "Умови використання, з якими користувачі повинні ознайомитися та погодитися під час реєстрації",
     "Text 1": "Текст 1",
@@ -1162,9 +1168,11 @@
     "Values": "Цінності",
     "Verification code sent": "Код підтвердження надіслано",
     "WebAuthn credentials": "Облікові дані WebAuthn",
+    "You have changed the username, please save your change first before modifying the password": "You have changed the username, please save your change first before modifying the password",
     "input password": "введіть пароль"
   },
   "verification": {
+    "Is used": "Is used",
     "Receiver": "Приймач"
   },
   "webhook": {

web/src/locales/vi/data.json

@@ -897,7 +897,8 @@
   "record": {
     "Is triggered": "Is triggered",
     "Object": "Object",
-    "Response": "Response"
+    "Response": "Response",
+    "Status code": "Status code"
   },
   "resource": {
     "Copy Link": "Sao chép liên kết",
@@ -1171,6 +1172,7 @@
     "input password": "Nhập mật khẩu"
   },
   "verification": {
+    "Is used": "Is used",
     "Receiver": "Receiver"
   },
   "webhook": {

web/src/locales/zh/data.json

@@ -897,7 +897,8 @@
   "record": {
     "Is triggered": "是否触发",
     "Object": "实体",
-    "Response": "响应"
+    "Response": "响应",
+    "Status code": "状态码"
   },
   "resource": {
     "Copy Link": "复制链接",
@@ -1171,6 +1172,7 @@
     "input password": "输入密码"
   },
   "verification": {
+    "Is used": "已使用",
     "Receiver": "接收者"
   },
   "webhook": {

web/src/table/ProviderTable.js

@@ -15,6 +15,7 @@
 import React from "react";
 import {DeleteOutlined, DownOutlined, UpOutlined} from "@ant-design/icons";
 import {Button, Col, Input, Row, Select, Switch, Table, Tooltip} from "antd";
+import {CountryCodeSelect} from "../common/select/CountryCodeSelect";
 import * as Setting from "../Setting";
 import i18next from "i18next";
 import * as Provider from "../auth/Provider";
@@ -29,6 +30,10 @@ class ProviderTable extends React.Component {
     };
   }
 
+  getUserOrganization() {
+    return this.props.application?.organizationObj;
+  }
+
   updateTable(table) {
     this.props.onUpdateTable(table);
   }
@@ -79,7 +84,7 @@ class ProviderTable extends React.Component {
 
                 // If the provider is email or SMS, set the rule to "all" instead of the default "None"
                 if (provider.category === "Email" || provider.category === "SMS") {
-                  this.updateField(table, index, "rule", "all");
+                  this.updateField(table, index, "rule", "All");
                 }
               }} >
               {
@@ -109,6 +114,30 @@ class ProviderTable extends React.Component {
           return Provider.getProviderLogoWidget(provider);
         },
       },
+      {
+        title: i18next.t("user:Country/Region"),
+        dataIndex: "countryCodes",
+        key: "countryCodes",
+        width: "140px",
+        render: (text, record, index) => {
+          if (record.provider?.category !== "SMS") {
+            return null;
+          }
+
+          return (
+            <CountryCodeSelect
+              style={{width: "100%"}}
+              hasDefault={true}
+              mode={"multiple"}
+              initValue={text ? text : ["All"]}
+              onChange={(value) => {
+                this.updateField(table, index, "countryCodes", value);
+              }}
+              countryCodes={this.getUserOrganization()?.countryCodes}
+            />
+          );
+        },
+      },
       {
         title: i18next.t("provider:Can signup"),
         dataIndex: "canSignUp",
@@ -198,7 +227,7 @@ class ProviderTable extends React.Component {
         title: i18next.t("application:Rule"),
         dataIndex: "rule",
         key: "rule",
-        width: "120px",
+        width: "160px",
         render: (text, record, index) => {
           if (record.provider?.type === "Google") {
             if (text === "None") {
@@ -230,12 +259,12 @@ class ProviderTable extends React.Component {
             );
           } else if (record.provider?.category === "SMS" || record.provider?.category === "Email") {
             if (text === "None") {
-              text = "all";
+              text = "All";
             }
             return (
               <Select virtual={false} style={{width: "100%"}}
                 value={text}
-                defaultValue="all"
+                defaultValue="All"
                 onChange={value => {
                   this.updateField(table, index, "rule", value);
                 }}>

web/src/table/SigninMethodTable.js

@@ -164,7 +164,7 @@ class SigninMethodTable extends React.Component {
                 <Button style={{marginRight: "5px"}} disabled={index === table.length - 1} icon={<DownOutlined />} size="small" onClick={() => this.downRow(table, index)} />
               </Tooltip>
               <Tooltip placement="topLeft" title={i18next.t("general:Delete")}>
-                <Button icon={<DeleteOutlined />} size="small" onClick={() => this.deleteRow(items, table, index)} />
+                <Button disabled={table.length <= 1} icon={<DeleteOutlined />} size="small" onClick={() => this.deleteRow(items, table, index)} />
               </Tooltip>
             </div>
           );

web/src/table/SigninTable.js

@@ -26,6 +26,20 @@ require("codemirror/mode/htmlmixed/htmlmixed");
 
 const {Option} = Select;
 
+export const SigninTableDefaultCssMap = {
+  "Back button": ".back-button {\n      top: 65px;\n      left: 15px;\n      position: absolute;\n}\n.back-inner-button{}",
+  "Languages": ".login-languages {\n    top: 55px;\n    right: 5px;\n    position: absolute;\n}",
+  "Logo": ".login-logo-box {}",
+  "Signin methods": ".signin-methods {}",
+  "Username": ".login-username {}\n.login-username-input{}",
+  "Password": ".login-password {}\n.login-password-input{}",
+  "Agreement": ".login-agreement {}",
+  "Forgot password?": ".login-forget-password {\n    display: inline-flex;\n    justify-content: space-between;\n    width: 320px;\n    margin-bottom: 25px;\n}",
+  "Login button": ".login-button-box {\n    margin-bottom: 5px;\n}\n.login-button {\n    width: 100%;\n}",
+  "Signup link": ".login-signup-link {\n    margin-bottom: 24px;\n    display: flex;\n    justify-content: end;\n}",
+  "Providers": ".provider-img {\n      width: 30px;\n      margin: 5px;\n}\n.provider-big-img {\n      margin-bottom: 10px;\n}",
+};
+
 class SigninTable extends React.Component {
   constructor(props) {
     super(props);
@@ -120,6 +134,7 @@ class SigninTable extends React.Component {
               value={getItemDisplayName(text)}
               onChange={value => {
                 this.updateField(table, index, "name", value);
+                this.updateField(table, index, "label", SigninTableDefaultCssMap[value]);
               }} >
               {
                 Setting.getDeduplicatedArray(items, table, "name").map((item, index) => <Option key={index} value={item.name}>{item.displayName}</Option>)