feat: Revert "feat: fix cannot create "/files" folder issue in local file storage provider in Docker" (#2997 )

This reverts commit e228045e37.
feat: fix cannot create "/files" folder issue in local file storage provider in Docker (#2994 )
2025-07-21 16:13:50 +08:00 · 2024-06-06 11:09:02 +08:00 · 2024-06-06 10:49:56 +08:00 · 2024-06-04 13:32:13 +08:00 · 2024-06-04 01:34:36 +08:00 · 2024-06-02 01:00:55 +08:00
44 changed files with 192 additions and 58 deletions
--- a/controllers/auth.go
+++ b/controllers/auth.go
@ -117,7 +117,7 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
 	if form.Type == ResponseTypeLogin {
 		c.SetSessionUsername(userId)
 		util.LogInfo(c.Ctx, "API: [%s] signed in", userId)
-		resp = &Response{Status: "ok", Msg: "", Data: userId}
+		resp = &Response{Status: "ok", Msg: "", Data: userId, Data2: user.NeedUpdatePassword}
 	} else if form.Type == ResponseTypeCode {
 		clientId := c.Input().Get("clientId")
 		responseType := c.Input().Get("responseType")
@ -139,7 +139,7 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
 		}

 		resp = codeToResponse(code)
-
+		resp.Data2 = user.NeedUpdatePassword
 		if application.EnableSigninSession || application.HasPromptPage() {
 			// The prompt page needs the user to be signed in
 			c.SetSessionUsername(userId)
@ -152,6 +152,8 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
 			nonce := c.Input().Get("nonce")
 			token, _ := object.GetTokenByUser(application, user, scope, nonce, c.Ctx.Request.Host)
 			resp = tokenToResponse(token)
+
+			resp.Data2 = user.NeedUpdatePassword
 		}
 	} else if form.Type == ResponseTypeSaml { // saml flow
 		res, redirectUrl, method, err := object.GetSamlResponse(application, user, form.SamlRequest, c.Ctx.Request.Host)
@ -159,7 +161,7 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
 			c.ResponseError(err.Error(), nil)
 			return
 		}
-		resp = &Response{Status: "ok", Msg: "", Data: res, Data2: map[string]string{"redirectUrl": redirectUrl, "method": method}}
+		resp = &Response{Status: "ok", Msg: "", Data: res, Data2: map[string]interface{}{"redirectUrl": redirectUrl, "method": method, "needUpdatePassword": user.NeedUpdatePassword}}

 		if application.EnableSigninSession || application.HasPromptPage() {
 			// The prompt page needs the user to be signed in
--- a/controllers/service.go
+++ b/controllers/service.go
@ -27,11 +27,12 @@ import (
 )

 type EmailForm struct {
-	Title     string   `json:"title"`
-	Content   string   `json:"content"`
-	Sender    string   `json:"sender"`
-	Receivers []string `json:"receivers"`
-	Provider  string   `json:"provider"`
+	Title          string          `json:"title"`
+	Content        string          `json:"content"`
+	Sender         string          `json:"sender"`
+	Receivers      []string        `json:"receivers"`
+	Provider       string          `json:"provider"`
+	ProviderObject object.Provider `json:"providerObject"`
 }

 type SmsForm struct {
@ -74,7 +75,6 @@ func (c *ApiController) SendEmail() {
 			c.ResponseError(err.Error())
 			return
 		}
-
 	} else {
 		// called by Casdoor SDK via Client ID & Client Secret, so the used Email provider will be the application' Email provider or the default Email provider
 		provider, err = c.GetProviderFromContext("Email")
@ -84,6 +84,13 @@ func (c *ApiController) SendEmail() {
 		}
 	}

+	if emailForm.ProviderObject.Name != "" {
+		if emailForm.ProviderObject.ClientSecret == "***" {
+			emailForm.ProviderObject.ClientSecret = provider.ClientSecret
+		}
+		provider = &emailForm.ProviderObject
+	}
+
 	// when receiver is the reserved keyword: "TestSmtpServer", it means to test the SMTP server instead of sending a real Email
 	if len(emailForm.Receivers) == 1 && emailForm.Receivers[0] == "TestSmtpServer" {
 		err = object.DailSmtpServer(provider)
--- a/controllers/user.go
+++ b/controllers/user.go
@ -509,8 +509,21 @@ func (c *ApiController) SetPassword() {
 		return
 	}

+	organization, err := object.GetOrganizationByUser(targetUser)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+	if organization == nil {
+		c.ResponseError(fmt.Sprintf(c.T("the organization: %s is not found"), targetUser.Owner))
+		return
+	}
+
 	targetUser.Password = newPassword
-	_, err = object.SetUserField(targetUser, "password", targetUser.Password)
+	targetUser.UpdateUserPassword(organization)
+	targetUser.NeedUpdatePassword = false
+
+	_, err = object.UpdateUser(userId, targetUser, []string{"password", "need_update_password", "password_type"}, false)
 	if err != nil {
 		c.ResponseError(err.Error())
 		return
--- a/go.mod
+++ b/go.mod
@ -9,7 +9,7 @@ require (
 	github.com/beego/beego v1.12.12
 	github.com/beevik/etree v1.1.0
 	github.com/casbin/casbin/v2 v2.77.2
-	github.com/casdoor/go-sms-sender v0.23.0
+	github.com/casdoor/go-sms-sender v0.24.0
 	github.com/casdoor/gomail/v2 v2.0.1
 	github.com/casdoor/notify v0.45.0
 	github.com/casdoor/oss v1.6.0
--- a/go.sum
+++ b/go.sum
@ -1085,8 +1085,8 @@ github.com/casbin/casbin/v2 v2.77.2 h1:yQinn/w9x8AswiwqwtrXz93VU48R1aYTXdHEx4RI3
 github.com/casbin/casbin/v2 v2.77.2/go.mod h1:mzGx0hYW9/ksOSpw3wNjk3NRAroq5VMFYUQ6G43iGPk=
 github.com/casdoor/go-reddit/v2 v2.1.0 h1:kIbfdJ7AA7H0uTQ8s0q4GGZqSS5V9wVE74RrXyD9XPs=
 github.com/casdoor/go-reddit/v2 v2.1.0/go.mod h1:eagkvwlZ4Hcsuc/uQsLHYEulz5jN65SVSwV/AIE7zsc=
-github.com/casdoor/go-sms-sender v0.23.0 h1:N8+By4JNwyilEcx7cp0QGOepafefM88VwV+o3UEFZio=
-github.com/casdoor/go-sms-sender v0.23.0/go.mod h1:bOm4H8/YfJmEHjBatEVQFOnAf0OOn1B0Wi5B7zDhws0=
+github.com/casdoor/go-sms-sender v0.24.0 h1:LNLsce3EG/87I3JS6UiajF3LlQmdIiCgebEu0IE4wSM=
+github.com/casdoor/go-sms-sender v0.24.0/go.mod h1:bOm4H8/YfJmEHjBatEVQFOnAf0OOn1B0Wi5B7zDhws0=
 github.com/casdoor/gomail/v2 v2.0.1 h1:J+FG6x80s9e5lBHUn8Sv0Y56mud34KiWih5YdmudR/w=
 github.com/casdoor/gomail/v2 v2.0.1/go.mod h1:VnGPslEAtpix5FjHisR/WKB1qvZDBaujbikxDe9d+2Q=
 github.com/casdoor/notify v0.45.0 h1:OlaFvcQFjGOgA4mRx07M8AH1gvb5xNo21mcqrVGlLgk=
--- a/object/sms.go
+++ b/object/sms.go
@ -48,7 +48,7 @@ func SendSms(provider *Provider, content string, phoneNumbers ...string) error {
 		if provider.AppId != "" {
 			phoneNumbers = append([]string{provider.AppId}, phoneNumbers...)
 		}
-	} else if provider.Type == sender.Aliyun || provider.Type == sender.SendCloud {
+	} else if provider.Type == sender.Aliyun {
 		for i, number := range phoneNumbers {
 			phoneNumbers[i] = strings.TrimPrefix(number, "+86")
 		}
--- a/object/syncer_util.go
+++ b/object/syncer_util.go
@ -169,6 +169,12 @@ func (syncer *Syncer) setUserByKeyValue(user *User, key string, value string) {
 		user.TotpSecret = value
 	case "SignupApplication":
 		user.SignupApplication = value
+	case "MfaPhoneEnabled":
+		user.MfaPhoneEnabled = util.ParseBool(value)
+	case "MfaEmailEnabled":
+		user.MfaEmailEnabled = util.ParseBool(value)
+	case "RecoveryCodes":
+		user.RecoveryCodes = strings.Split(value, ",")
 	}
 }

@ -303,6 +309,9 @@ func (syncer *Syncer) getMapFromOriginalUser(user *OriginalUser) map[string]stri
 	m["PreferredMfaType"] = user.PreferredMfaType
 	m["TotpSecret"] = user.TotpSecret
 	m["SignupApplication"] = user.SignupApplication
+	m["MfaPhoneEnabled"] = util.BoolToString(user.MfaPhoneEnabled)
+	m["MfaEmailEnabled"] = util.BoolToString(user.MfaEmailEnabled)
+	m["RecoveryCodes"] = strings.Join(user.RecoveryCodes, ",")

 	m2 := map[string]string{}
 	for _, tableColumn := range syncer.TableColumns {
--- a/object/user.go
+++ b/object/user.go
@ -203,7 +203,8 @@ type User struct {
 	LastSigninWrongTime string `xorm:"varchar(100)" json:"lastSigninWrongTime"`
 	SigninWrongTimes    int    `json:"signinWrongTimes"`

-	ManagedAccounts []ManagedAccount `xorm:"managedAccounts blob" json:"managedAccounts"`
+	ManagedAccounts    []ManagedAccount `xorm:"managedAccounts blob" json:"managedAccounts"`
+	NeedUpdatePassword bool             `json:"needUpdatePassword"`
 }

 type Userinfo struct {
@ -682,7 +683,7 @@ func UpdateUser(id string, user *User, columns []string, isAdmin bool) (bool, er
 			"eveonline", "fitbit", "gitea", "heroku", "influxcloud", "instagram", "intercom", "kakao", "lastfm", "mailru", "meetup",
 			"microsoftonline", "naver", "nextcloud", "onedrive", "oura", "patreon", "paypal", "salesforce", "shopify", "soundcloud",
 			"spotify", "strava", "stripe", "type", "tiktok", "tumblr", "twitch", "twitter", "typetalk", "uber", "vk", "wepay", "xero", "yahoo",
-			"yammer", "yandex", "zoom", "custom",
+			"yammer", "yandex", "zoom", "custom", "need_update_password",
 		}
 	}
 	if isAdmin {
--- a/object/user_util.go
+++ b/object/user_util.go
@ -411,6 +411,10 @@ func CheckPermissionForUpdateUser(oldUser, newUser *User, isAdmin bool, lang str
 		item := GetAccountItemByName("Is deleted", organization)
 		itemsChanged = append(itemsChanged, item)
 	}
+	if oldUser.NeedUpdatePassword != newUser.NeedUpdatePassword {
+		item := GetAccountItemByName("Need update password", organization)
+		itemsChanged = append(itemsChanged, item)
+	}

 	if oldUser.Score != newUser.Score {
 		item := GetAccountItemByName("Score", organization)
--- a/web/src/App.js
+++ b/web/src/App.js
@ -414,6 +414,7 @@ class App extends Component {
            <Layout id="parent-area">
              <ManagementPage
                account={this.state.account}
+                application={this.state.application}
                uri={this.state.uri}
                themeData={this.state.themeData}
                themeAlgorithm={this.state.themeAlgorithm}
--- a/web/src/EntryPage.js
+++ b/web/src/EntryPage.js
@ -108,8 +108,8 @@ class EntryPage extends React.Component {
            <Route exact path="/signup/oauth/authorize" render={(props) => <SignupPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />} />
            <Route exact path="/login/oauth/authorize" render={(props) => <LoginPage {...this.props} application={this.state.application} type={"code"} mode={"signin"} onUpdateApplication={onUpdateApplication} {...props} />} />
            <Route exact path="/login/saml/authorize/:owner/:applicationName" render={(props) => <LoginPage {...this.props} application={this.state.application} type={"saml"} mode={"signin"} onUpdateApplication={onUpdateApplication} {...props} />} />
-            <Route exact path="/forget" render={(props) => this.renderHomeIfLoggedIn(<SelfForgetPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
-            <Route exact path="/forget/:applicationName" render={(props) => this.renderHomeIfLoggedIn(<ForgetPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
+            <Route exact path="/forget" render={(props) => <SelfForgetPage {...this.props} account={this.props.account} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />} />
+            <Route exact path="/forget/:applicationName" render={(props) => <ForgetPage {...this.props} account={this.props.account} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />} />
            <Route exact path="/prompt" render={(props) => this.renderLoginIfNotLoggedIn(<PromptPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
            <Route exact path="/prompt/:applicationName" render={(props) => this.renderLoginIfNotLoggedIn(<PromptPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
            <Route exact path="/result" render={(props) => this.renderHomeIfLoggedIn(<ResultPage {...this.props} application={this.state.application} onUpdateApplication={onUpdateApplication} {...props} />)} />
--- a/web/src/ManagementPage.js
+++ b/web/src/ManagementPage.js
@ -328,6 +328,8 @@ function ManagementPage(props) {
      return <Redirect to="/login" />;
    } else if (props.account === undefined) {
      return null;
+    } else if (props.account.needUpdatePassword) {
+      return <Redirect to={"/forget/" + props.application.name} />;
    } else {
      return component;
    }
--- a/web/src/ProviderEditPage.js
+++ b/web/src/ProviderEditPage.js
@ -209,8 +209,6 @@ class ProviderEditPage extends React.Component {
        return Setting.getLabel(i18next.t("provider:Public key"), i18next.t("provider:Public key - Tooltip"));
      } else if (provider.type === "Msg91 SMS" || provider.type === "Infobip SMS" || provider.type === "OSON SMS") {
        return Setting.getLabel(i18next.t("provider:Sender Id"), i18next.t("provider:Sender Id - Tooltip"));
-      } else if (provider.type === "SendCloud SMS") {
-        return "SMS_USER";
      } else {
        return Setting.getLabel(i18next.t("provider:Client ID"), i18next.t("provider:Client ID - Tooltip"));
      }
@ -262,8 +260,6 @@ class ProviderEditPage extends React.Component {
        return Setting.getLabel(i18next.t("provider:Auth Key"), i18next.t("provider:Auth Key - Tooltip"));
      } else if (provider.type === "Infobip SMS") {
        return Setting.getLabel(i18next.t("provider:Api Key"), i18next.t("provider:Api Key - Tooltip"));
-      } else if (provider.type === "SendCloud SMS") {
-        return "SMS_KEY";
      } else {
        return Setting.getLabel(i18next.t("provider:Client secret"), i18next.t("provider:Client secret - Tooltip"));
      }
@ -1107,7 +1103,7 @@ class ProviderEditPage extends React.Component {
            </React.Fragment>
          ) : this.state.provider.category === "SMS" ? (
            <React.Fragment>
-              {["Custom HTTP SMS", "Twilio SMS", "Amazon SNS", "Azure ACS", "Msg91 SMS", "Infobip SMS", "SendCloud SMS"].includes(this.state.provider.type) ?
+              {["Custom HTTP SMS", "Twilio SMS", "Amazon SNS", "Azure ACS", "Msg91 SMS", "Infobip SMS"].includes(this.state.provider.type) ?
                null :
                (<Row style={{marginTop: "20px"}} >
                  <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
--- a/web/src/Setting.js
+++ b/web/src/Setting.js
@ -139,10 +139,6 @@ export const OtherProviderInfo = {
      logo: `${StaticBaseUrl}/img/social_twilio.svg`,
      url: "https://www.twilio.com/messaging",
    },
-    "SendCloud SMS": {
-      logo: `${StaticBaseUrl}/img/sms_sendcloud.png`,
-      url: "https://www.sendcloud.net/",
-    },
    "SmsBao SMS": {
      logo: `${StaticBaseUrl}/img/social_smsbao.png`,
      url: "https://www.smsbao.com/",
@ -1043,7 +1039,6 @@ export function getProviderTypeOptions(category) {
        {id: "Huawei Cloud SMS", name: "Huawei Cloud SMS"},
        {id: "UCloud SMS", name: "UCloud SMS"},
        {id: "Twilio SMS", name: "Twilio SMS"},
-        {id: "SendCloud SMS", name: "SendCloud SMS"},
        {id: "SmsBao SMS", name: "SmsBao SMS"},
        {id: "SUBMAIL SMS", name: "SUBMAIL SMS"},
        {id: "Msg91 SMS", name: "Msg91 SMS"},
@ -1468,7 +1463,7 @@ export function getUserCommonFields() {
  return ["Owner", "Name", "CreatedTime", "UpdatedTime", "DeletedTime", "Id", "Type", "Password", "PasswordSalt", "DisplayName", "FirstName", "LastName", "Avatar", "PermanentAvatar",
    "Email", "EmailVerified", "Phone", "Location", "Address", "Affiliation", "Title", "IdCardType", "IdCard", "Homepage", "Bio", "Tag", "Region",
    "Language", "Gender", "Birthday", "Education", "Score", "Ranking", "IsDefaultAvatar", "IsOnline", "IsAdmin", "IsForbidden", "IsDeleted", "CreatedIp",
-    "PreferredMfaType", "TotpSecret", "SignupApplication"];
+    "PreferredMfaType", "TotpSecret", "SignupApplication", "RecoveryCodes", "MfaPhoneEnabled", "MfaEmailEnabled"];
 }

 export function getDefaultFooterContent() {
--- a/web/src/UserEditPage.js
+++ b/web/src/UserEditPage.js
@ -1026,6 +1026,19 @@ class UserEditPage extends React.Component {
          </Col>
        </Row>
      );
+    } else if (accountItem.name === "Need update password") {
+      return (
+        <Row style={{marginTop: "20px"}} >
+          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+            {Setting.getLabel(i18next.t("user:Need update password"), i18next.t("user:Need update password - Tooltip"))} :
+          </Col>
+          <Col span={(Setting.isMobile()) ? 22 : 2} >
+            <Switch disabled={(!this.state.user.phone) && (!this.state.user.email) && (!this.state.user.mfaProps)} checked={this.state.user.needUpdatePassword} onChange={checked => {
+              this.updateUserField("needUpdatePassword", checked);
+            }} />
+          </Col>
+        </Row>
+      );
    }
  }

--- a/web/src/auth/AuthCallback.js
+++ b/web/src/auth/AuthCallback.js
@ -153,21 +153,37 @@ class AuthCallback extends React.Component {
    // OAuth
    const oAuthParams = Util.getOAuthGetParameters(innerParams);
    const concatChar = oAuthParams?.redirectUri?.includes("?") ? "&" : "?";
+    const signinUrl = localStorage.getItem("signinUrl");
+
    AuthBackend.login(body, oAuthParams)
      .then((res) => {
        if (res.status === "ok") {
          const responseType = this.getResponseType();
          if (responseType === "login") {
+            if (res.data2) {
+              sessionStorage.setItem("signinUrl", signinUrl);
+              Setting.goToLinkSoft(this, `/forget/${applicationName}`);
+              return;
+            }
            Setting.showMessage("success", "Logged in successfully");
            // Setting.goToLinkSoft(this, "/");
-
            const link = Setting.getFromLink();
            Setting.goToLink(link);
          } else if (responseType === "code") {
+            if (res.data2) {
+              sessionStorage.setItem("signinUrl", signinUrl);
+              Setting.goToLinkSoft(this, `/forget/${applicationName}`);
+              return;
+            }
            const code = res.data;
            Setting.goToLink(`${oAuthParams.redirectUri}${concatChar}code=${code}&state=${oAuthParams.state}`);
            // Setting.showMessage("success", `Authorization code: ${res.data}`);
          } else if (responseType === "token" || responseType === "id_token") {
+            if (res.data2) {
+              sessionStorage.setItem("signinUrl", signinUrl);
+              Setting.goToLinkSoft(this, `/forget/${applicationName}`);
+              return;
+            }
            const token = res.data;
            Setting.goToLink(`${oAuthParams.redirectUri}${concatChar}${responseType}=${token}&state=${oAuthParams.state}&token_type=bearer`);
          } else if (responseType === "link") {
@ -181,6 +197,11 @@ class AuthCallback extends React.Component {
                relayState: oAuthParams.relayState,
              });
            } else {
+              if (res.data2.needUpdatePassword) {
+                sessionStorage.setItem("signinUrl", signinUrl);
+                Setting.goToLinkSoft(this, `/forget/${applicationName}`);
+                return;
+              }
              const SAMLResponse = res.data;
              const redirectUri = res.data2.redirectUrl;
              Setting.goToLink(`${redirectUri}?SAMLResponse=${encodeURIComponent(SAMLResponse)}&RelayState=${oAuthParams.relayState}`);
--- a/web/src/auth/ForgetPage.js
+++ b/web/src/auth/ForgetPage.js
@ -35,8 +35,8 @@ class ForgetPage extends React.Component {
      classes: props,
      applicationName: props.applicationName ?? props.match.params?.applicationName,
      msg: null,
-      name: "",
-      username: "",
+      name: props.account ? props.account.name : "",
+      username: props.account ? props.account.name : "",
      phone: "",
      email: "",
      dest: "",
@ -44,7 +44,6 @@ class ForgetPage extends React.Component {
      verifyType: "", // "email", "phone"
      current: 0,
    };
-
    this.form = React.createRef();
  }

@ -205,6 +204,7 @@ class ForgetPage extends React.Component {
            initialValues={{
              application: application.name,
              organization: application.organization,
+              username: this.state.name,
            }}
            style={{width: "300px"}}
            size="large"
@ -488,7 +488,7 @@ class ForgetPage extends React.Component {
              <Row>
                <Col span={24}>
                  <div style={{textAlign: "center", fontSize: "28px"}}>
-                    {i18next.t("forget:Retrieve password")}
+                    {i18next.t("forget:Reset password")}
                  </div>
                </Col>
              </Row>
--- a/web/src/auth/LoginPage.js
+++ b/web/src/auth/LoginPage.js
@ -68,6 +68,8 @@ class LoginPage extends React.Component {
      this.state.applicationName = props.match?.params?.casApplicationName;
    }

+    localStorage.setItem("signinUrl", window.location.href);
+
    this.form = React.createRef();
  }

@ -300,6 +302,12 @@ class LoginPage extends React.Component {
      return;
    }

+    if (resp.data2) {
+      sessionStorage.setItem("signinUrl", window.location.href);
+      Setting.goToLinkSoft(ths, `/forget/${application.name}`);
+      return;
+    }
+
    if (Setting.hasPromptPage(application)) {
      AuthBackend.getAccount()
        .then((res) => {
@ -442,15 +450,27 @@ class LoginPage extends React.Component {
            const responseType = values["type"];

            if (responseType === "login") {
+              if (res.data2) {
+                sessionStorage.setItem("signinUrl", window.location.href);
+                Setting.goToLink(this, `/forget/${this.state.applicationName}`);
+              }
              Setting.showMessage("success", i18next.t("application:Logged in successfully"));
              this.props.onLoginSuccess();
            } else if (responseType === "code") {
              this.postCodeLoginAction(res);
            } else if (responseType === "token" || responseType === "id_token") {
+              if (res.data2) {
+                sessionStorage.setItem("signinUrl", window.location.href);
+                Setting.goToLink(this, `/forget/${this.state.applicationName}`);
+              }
              const amendatoryResponseType = responseType === "token" ? "access_token" : responseType;
              const accessToken = res.data;
              Setting.goToLink(`${oAuthParams.redirectUri}#${amendatoryResponseType}=${accessToken}&state=${oAuthParams.state}&token_type=bearer`);
            } else if (responseType === "saml") {
+              if (res.data2.needUpdatePassword) {
+                sessionStorage.setItem("signinUrl", window.location.href);
+                Setting.goToLink(this, `/forget/${this.state.applicationName}`);
+              }
              if (res.data2.method === "POST") {
                this.setState({
                  samlResponse: res.data,
--- a/web/src/auth/Provider.js
+++ b/web/src/auth/Provider.js
@ -399,7 +399,7 @@ export function getAuthUrl(application, provider, method, code) {
    scope += "+https://www.googleapis.com/auth/user.phonenumbers.read";
  }

-  if (provider.type === "Google" || provider.type === "GitHub" || provider.type === "QQ" || provider.type === "Facebook"
+  if (provider.type === "Google" || provider.type === "GitHub" || provider.type === "Facebook"
    || provider.type === "Weibo" || provider.type === "Gitee" || provider.type === "LinkedIn" || provider.type === "GitLab" || provider.type === "AzureAD"
    || provider.type === "Slack" || provider.type === "Line" || provider.type === "Amazon" || provider.type === "Auth0" || provider.type === "BattleNet"
    || provider.type === "Bitbucket" || provider.type === "Box" || provider.type === "CloudFoundry" || provider.type === "Dailymotion"
@ -411,6 +411,8 @@ export function getAuthUrl(application, provider, method, code) {
    || provider.type === "Twitch" || provider.type === "Typetalk" || provider.type === "Uber" || provider.type === "VK" || provider.type === "Wepay"
    || provider.type === "Xero" || provider.type === "Yahoo" || provider.type === "Yammer" || provider.type === "Yandex" || provider.type === "Zoom") {
    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}`;
+  } else if (provider.type === "QQ") {
+    return `${endpoint}?response_type=code&client_id=${provider.clientId}&redirect_uri=${encodeURIComponent(redirectUri)}&state=${encodeURIComponent(state)}&scope=${encodeURIComponent(scope)}`;
  } else if (provider.type === "AzureADB2C") {
    return `https://${provider.domain}.b2clogin.com/${provider.domain}.onmicrosoft.com/${provider.appId}/oauth2/v2.0/authorize?client_id=${provider.clientId}&nonce=defaultNonce&redirect_uri=${encodeURIComponent(redirectUri)}&scope=${scope}&response_type=code&state=${state}&prompt=login`;
  } else if (provider.type === "DingTalk") {
--- a/web/src/common/TestEmailWidget.js
+++ b/web/src/common/TestEmailWidget.js
@ -50,6 +50,7 @@ function testEmailProvider(provider, email = "") {
    sender: provider.displayName,
    receivers: email === "" ? ["TestSmtpServer"] : [email],
    provider: provider.name,
+    providerObject: provider,
  };

  return fetch(`${Setting.ServerUrl}/api/send-email`, {
--- a/web/src/locales/ar/data.json
+++ b/web/src/locales/ar/data.json
@ -166,7 +166,7 @@
    "Next Step": "Next Step",
    "Please input your username!": "Please input your username!",
    "Reset": "Reset",
-    "Retrieve password": "Retrieve password",
+    "Reset password": "Reset password",
    "Unknown forget type": "Unknown forget type",
    "Verify": "Verify"
  },
@ -1130,6 +1130,8 @@
    "Managed accounts": "Managed accounts",
    "Modify password...": "Modify password...",
    "Multi-factor authentication": "Multi-factor authentication",
+    "Need update password": "Need update password",
+    "Need update password - Tooltip": "Force user update password after login",
    "New Email": "New Email",
    "New Password": "New Password",
    "New User": "New User",
--- a/web/src/locales/de/data.json
+++ b/web/src/locales/de/data.json
@ -166,7 +166,7 @@
    "Next Step": "Nächster Schritt",
    "Please input your username!": "Bitte gib deinen Benutzernamen ein!",
    "Reset": "Zurücksetzen",
-    "Retrieve password": "Passwort abrufen",
+    "Reset password": "Passwort abrufen",
    "Unknown forget type": "Unbekannter Vergesslichkeitstyp",
    "Verify": "überprüfen"
  },
@ -1130,6 +1130,8 @@
    "Managed accounts": "Verwaltete Konten",
    "Modify password...": "Passwort ändern...",
    "Multi-factor authentication": "Multi-factor authentication",
+    "Need update password": "Need update password",
+    "Need update password - Tooltip": "Force user update password after login",
    "New Email": "Neue E-Mail",
    "New Password": "Neues Passwort",
    "New User": "Neuer Benutzer",
--- a/web/src/locales/en/data.json
+++ b/web/src/locales/en/data.json
@ -166,7 +166,7 @@
    "Next Step": "Next Step",
    "Please input your username!": "Please input your username!",
    "Reset": "Reset",
-    "Retrieve password": "Retrieve password",
+    "Reset password": "Reset password",
    "Unknown forget type": "Unknown forget type",
    "Verify": "Verify"
  },
@ -1130,6 +1130,8 @@
    "Managed accounts": "Managed accounts",
    "Modify password...": "Modify password...",
    "Multi-factor authentication": "Multi-factor authentication",
+    "Need update password": "Need update password",
+    "Need update password - Tooltip": "Force user update password after login",
    "New Email": "New Email",
    "New Password": "New Password",
    "New User": "New User",
--- a/web/src/locales/es/data.json
+++ b/web/src/locales/es/data.json
@ -166,7 +166,7 @@
    "Next Step": "Siguiente paso",
    "Please input your username!": "¡Por favor, ingrese su nombre de usuario!",
    "Reset": "Restablecer",
-    "Retrieve password": "Recuperar contraseña",
+    "Reset password": "Reset password",
    "Unknown forget type": "Tipo de olvido desconocido",
    "Verify": "Verificar"
  },
@ -1130,6 +1130,8 @@
    "Managed accounts": "Cuentas gestionadas",
    "Modify password...": "Modificar contraseña...",
    "Multi-factor authentication": "Multi-factor authentication",
+    "Need update password": "Need update password",
+    "Need update password - Tooltip": "Force user update password after login",
    "New Email": "Nuevo correo electrónico",
    "New Password": "Nueva contraseña",
    "New User": "Nuevo Usuario",
--- a/web/src/locales/fa/data.json
+++ b/web/src/locales/fa/data.json
@ -166,7 +166,7 @@
    "Next Step": "Next Step",
    "Please input your username!": "Please input your username!",
    "Reset": "Reset",
-    "Retrieve password": "Retrieve password",
+    "Reset password": "Reset password",
    "Unknown forget type": "Unknown forget type",
    "Verify": "Verify"
  },
@ -1130,6 +1130,8 @@
    "Managed accounts": "Managed accounts",
    "Modify password...": "Modify password...",
    "Multi-factor authentication": "Multi-factor authentication",
+    "Need update password": "Need update password",
+    "Need update password - Tooltip": "Force user update password after login",
    "New Email": "New Email",
    "New Password": "New Password",
    "New User": "New User",
--- a/web/src/locales/fi/data.json
+++ b/web/src/locales/fi/data.json
@ -166,7 +166,7 @@
    "Next Step": "Next Step",
    "Please input your username!": "Please input your username!",
    "Reset": "Reset",
-    "Retrieve password": "Retrieve password",
+    "Reset password": "Reset password",
    "Unknown forget type": "Unknown forget type",
    "Verify": "Verify"
  },
@ -1130,6 +1130,8 @@
    "Managed accounts": "Managed accounts",
    "Modify password...": "Modify password...",
    "Multi-factor authentication": "Multi-factor authentication",
+    "Need update password": "Need update password",
+    "Need update password - Tooltip": "Force user update password after login",
    "New Email": "New Email",
    "New Password": "New Password",
    "New User": "New User",
--- a/web/src/locales/fr/data.json
+++ b/web/src/locales/fr/data.json
@ -166,7 +166,7 @@
    "Next Step": "Étape suivante",
    "Please input your username!": "Veuillez saisir votre identifiant !",
    "Reset": "Réinitialiser",
-    "Retrieve password": "Récupérer le mot de passe",
+    "Reset password": "Récupérer le mot de passe",
    "Unknown forget type": "Type d'oubli inconnu",
    "Verify": "Vérifier"
  },
@ -1130,6 +1130,8 @@
    "Managed accounts": "Comptes gérés",
    "Modify password...": "Modifier le mot de passe...",
    "Multi-factor authentication": "Authentification multifacteur",
+    "Need update password": "Need update password",
+    "Need update password - Tooltip": "Force user update password after login",
    "New Email": "Nouvelle adresse e-mail",
    "New Password": "Nouveau mot de passe",
    "New User": "Nouveau compte",
--- a/web/src/locales/he/data.json
+++ b/web/src/locales/he/data.json
@ -166,7 +166,7 @@
    "Next Step": "Next Step",
    "Please input your username!": "Please input your username!",
    "Reset": "Reset",
-    "Retrieve password": "Retrieve password",
+    "Reset password": "Reset password",
    "Unknown forget type": "Unknown forget type",
    "Verify": "Verify"
  },
@ -1130,6 +1130,8 @@
    "Managed accounts": "Managed accounts",
    "Modify password...": "Modify password...",
    "Multi-factor authentication": "Multi-factor authentication",
+    "Need update password": "Need update password",
+    "Need update password - Tooltip": "Force user update password after login",
    "New Email": "New Email",
    "New Password": "New Password",
    "New User": "New User",
--- a/web/src/locales/id/data.json
+++ b/web/src/locales/id/data.json
@ -166,7 +166,7 @@
    "Next Step": "Langkah selanjutnya",
    "Please input your username!": "Silakan masukkan nama pengguna Anda!",
    "Reset": "Menyetel-ulang",
-    "Retrieve password": "Mengambil password",
+    "Reset password": "Mengambil password",
    "Unknown forget type": "Tipe yang tidak diketahui terlupakan",
    "Verify": "Memverifikasi"
  },
@ -1130,6 +1130,8 @@
    "Managed accounts": "Akun yang dikelola",
    "Modify password...": "Mengubah kata sandi...",
    "Multi-factor authentication": "Multi-factor authentication",
+    "Need update password": "Need update password",
+    "Need update password - Tooltip": "Force user update password after login",
    "New Email": "Email baru",
    "New Password": "Kata Sandi Baru",
    "New User": "Pengguna Baru",
--- a/web/src/locales/it/data.json
+++ b/web/src/locales/it/data.json
@ -166,7 +166,7 @@
    "Next Step": "Next Step",
    "Please input your username!": "Please input your username!",
    "Reset": "Reset",
-    "Retrieve password": "Retrieve password",
+    "Reset password": "Reset password",
    "Unknown forget type": "Unknown forget type",
    "Verify": "Verify"
  },
@ -1130,6 +1130,8 @@
    "Managed accounts": "Managed accounts",
    "Modify password...": "Modify password...",
    "Multi-factor authentication": "Multi-factor authentication",
+    "Need update password": "Need update password",
+    "Need update password - Tooltip": "Force user update password after login",
    "New Email": "New Email",
    "New Password": "New Password",
    "New User": "New User",
--- a/web/src/locales/ja/data.json
+++ b/web/src/locales/ja/data.json
@ -166,7 +166,7 @@
    "Next Step": "次のステップ",
    "Please input your username!": "ユーザー名を入力してください！",
    "Reset": "リセット",
-    "Retrieve password": "パスワードの取得",
+    "Reset password": "パスワードの取得",
    "Unknown forget type": "未知の忘却タイプ",
    "Verify": "検証"
  },
@ -1130,6 +1130,8 @@
    "Managed accounts": "管理アカウント",
    "Modify password...": "パスワードを変更する...",
    "Multi-factor authentication": "Multi-factor authentication",
+    "Need update password": "Need update password",
+    "Need update password - Tooltip": "Force user update password after login",
    "New Email": "新しいメール",
    "New Password": "新しいパスワード",
    "New User": "新しいユーザー",
--- a/web/src/locales/kk/data.json
+++ b/web/src/locales/kk/data.json
@ -166,7 +166,7 @@
    "Next Step": "Next Step",
    "Please input your username!": "Please input your username!",
    "Reset": "Reset",
-    "Retrieve password": "Retrieve password",
+    "Reset password": "Reset password",
    "Unknown forget type": "Unknown forget type",
    "Verify": "Verify"
  },
@ -1130,6 +1130,8 @@
    "Managed accounts": "Managed accounts",
    "Modify password...": "Modify password...",
    "Multi-factor authentication": "Multi-factor authentication",
+    "Need update password": "Need update password",
+    "Need update password - Tooltip": "Force user update password after login",
    "New Email": "New Email",
    "New Password": "New Password",
    "New User": "New User",
--- a/web/src/locales/ko/data.json
+++ b/web/src/locales/ko/data.json
@ -166,7 +166,7 @@
    "Next Step": "다음 단계",
    "Please input your username!": "사용자 이름을 입력하세요!",
    "Reset": "리셋",
-    "Retrieve password": "비밀번호를 복구하세요",
+    "Reset password": "비밀번호를 복구하세요",
    "Unknown forget type": "미지의 잊혀진 유형",
    "Verify": "검증하다"
  },
@ -1130,6 +1130,8 @@
    "Managed accounts": "관리 계정",
    "Modify password...": "비밀번호 수정하기...",
    "Multi-factor authentication": "Multi-factor authentication",
+    "Need update password": "Need update password",
+    "Need update password - Tooltip": "Force user update password after login",
    "New Email": "새 이메일",
    "New Password": "새로운 비밀번호",
    "New User": "새로운 사용자",
--- a/web/src/locales/ms/data.json
+++ b/web/src/locales/ms/data.json
@ -166,7 +166,7 @@
    "Next Step": "Next Step",
    "Please input your username!": "Please input your username!",
    "Reset": "Reset",
-    "Retrieve password": "Retrieve password",
+    "Reset password": "Reset password",
    "Unknown forget type": "Unknown forget type",
    "Verify": "Verify"
  },
@ -1130,6 +1130,8 @@
    "Managed accounts": "Managed accounts",
    "Modify password...": "Modify password...",
    "Multi-factor authentication": "Multi-factor authentication",
+    "Need update password": "Need update password",
+    "Need update password - Tooltip": "Force user update password after login",
    "New Email": "New Email",
    "New Password": "New Password",
    "New User": "New User",
--- a/web/src/locales/nl/data.json
+++ b/web/src/locales/nl/data.json
@ -166,7 +166,7 @@
    "Next Step": "Next Step",
    "Please input your username!": "Please input your username!",
    "Reset": "Reset",
-    "Retrieve password": "Retrieve password",
+    "Reset password": "Reset password",
    "Unknown forget type": "Unknown forget type",
    "Verify": "Verify"
  },
@ -1130,6 +1130,8 @@
    "Managed accounts": "Managed accounts",
    "Modify password...": "Modify password...",
    "Multi-factor authentication": "Multi-factor authentication",
+    "Need update password": "Need update password",
+    "Need update password - Tooltip": "Force user update password after login",
    "New Email": "New Email",
    "New Password": "New Password",
    "New User": "New User",
--- a/web/src/locales/pl/data.json
+++ b/web/src/locales/pl/data.json
@ -166,7 +166,7 @@
    "Next Step": "Next Step",
    "Please input your username!": "Please input your username!",
    "Reset": "Reset",
-    "Retrieve password": "Retrieve password",
+    "Reset password": "Reset password",
    "Unknown forget type": "Unknown forget type",
    "Verify": "Verify"
  },
@ -1130,6 +1130,8 @@
    "Managed accounts": "Managed accounts",
    "Modify password...": "Modify password...",
    "Multi-factor authentication": "Multi-factor authentication",
+    "Need update password": "Need update password",
+    "Need update password - Tooltip": "Force user update password after login",
    "New Email": "New Email",
    "New Password": "New Password",
    "New User": "New User",
--- a/web/src/locales/pt/data.json
+++ b/web/src/locales/pt/data.json
@ -166,7 +166,7 @@
    "Next Step": "Próxima Etapa",
    "Please input your username!": "Por favor, insira seu nome de usuário!",
    "Reset": "Redefinir",
-    "Retrieve password": "Recuperar senha",
+    "Reset password": "Recuperar senha",
    "Unknown forget type": "Tipo de recuperação desconhecido",
    "Verify": "Verificar"
  },
@ -1130,6 +1130,8 @@
    "Managed accounts": "Contas gerenciadas",
    "Modify password...": "Modificar senha...",
    "Multi-factor authentication": "Autenticação de vários fatores",
+    "Need update password": "Need update password",
+    "Need update password - Tooltip": "Force user update password after login",
    "New Email": "Novo E-mail",
    "New Password": "Nova Senha",
    "New User": "Novo Usuário",
--- a/web/src/locales/ru/data.json
+++ b/web/src/locales/ru/data.json
@ -166,7 +166,7 @@
    "Next Step": "Следующий шаг",
    "Please input your username!": "Пожалуйста, введите своё имя пользователя!",
    "Reset": "Сбросить",
-    "Retrieve password": "Восстановить пароль",
+    "Reset password": "Восстановить пароль",
    "Unknown forget type": "Неизвестный забытый тип",
    "Verify": "Проверить"
  },
@ -1130,6 +1130,8 @@
    "Managed accounts": "Управляемые аккаунты",
    "Modify password...": "Изменить пароль...",
    "Multi-factor authentication": "Multi-factor authentication",
+    "Need update password": "Need update password",
+    "Need update password - Tooltip": "Force user update password after login",
    "New Email": "Новое электронное письмо",
    "New Password": "Новый пароль",
    "New User": "Новый пользователь",
--- a/web/src/locales/sv/data.json
+++ b/web/src/locales/sv/data.json
@ -166,7 +166,7 @@
    "Next Step": "Next Step",
    "Please input your username!": "Please input your username!",
    "Reset": "Reset",
-    "Retrieve password": "Retrieve password",
+    "Reset password": "Reset password",
    "Unknown forget type": "Unknown forget type",
    "Verify": "Verify"
  },
@ -1130,6 +1130,8 @@
    "Managed accounts": "Managed accounts",
    "Modify password...": "Modify password...",
    "Multi-factor authentication": "Multi-factor authentication",
+    "Need update password": "Need update password",
+    "Need update password - Tooltip": "Force user update password after login",
    "New Email": "New Email",
    "New Password": "New Password",
    "New User": "New User",
--- a/web/src/locales/tr/data.json
+++ b/web/src/locales/tr/data.json
@ -166,7 +166,7 @@
    "Next Step": "Sonraki adım",
    "Please input your username!": "Lütfen kullanıcı adınızı girin",
    "Reset": "Sıfırla",
-    "Retrieve password": "Şifre kurtar",
+    "Reset password": "Şifre kurtar",
    "Unknown forget type": "Unknown forget type",
    "Verify": "Doğrula"
  },
@ -1130,6 +1130,8 @@
    "Managed accounts": "Managed accounts",
    "Modify password...": "Modify password...",
    "Multi-factor authentication": "Multi-factor authentication",
+    "Need update password": "Need update password",
+    "Need update password - Tooltip": "Force user update password after login",
    "New Email": "New Email",
    "New Password": "New Password",
    "New User": "New User",
--- a/web/src/locales/uk/data.json
+++ b/web/src/locales/uk/data.json
@ -166,7 +166,7 @@
    "Next Step": "Наступний крок",
    "Please input your username!": "Будь ласка, введіть своє ім'я користувача!",
    "Reset": "Скинути",
-    "Retrieve password": "Отримати пароль",
+    "Reset password": "Отримати пароль",
    "Unknown forget type": "Невідомий забутий тип",
    "Verify": "Підтвердити"
  },
@ -1130,6 +1130,8 @@
    "Managed accounts": "Керовані облікові записи",
    "Modify password...": "Змінити пароль...",
    "Multi-factor authentication": "Багатофакторна аутентифікація",
+    "Need update password": "Need update password",
+    "Need update password - Tooltip": "Force user update password after login",
    "New Email": "Нова електронна пошта",
    "New Password": "Новий пароль",
    "New User": "Новий користувач",
--- a/web/src/locales/vi/data.json
+++ b/web/src/locales/vi/data.json
@ -166,7 +166,7 @@
    "Next Step": "Bước tiếp theo",
    "Please input your username!": "Vui lòng nhập tên đăng nhập của bạn!",
    "Reset": "Đặt lại",
-    "Retrieve password": "Truy xuất mật khẩu",
+    "Reset password": "Truy xuất mật khẩu",
    "Unknown forget type": "Loại quên chưa biết",
    "Verify": "Xác thực"
  },
@ -1130,6 +1130,8 @@
    "Managed accounts": "Quản lý tài khoản",
    "Modify password...": "Sửa đổi mật khẩu...",
    "Multi-factor authentication": "Multi-factor authentication",
+    "Need update password": "Need update password",
+    "Need update password - Tooltip": "Force user update password after login",
    "New Email": "Email mới",
    "New Password": "Mật khẩu mới",
    "New User": "Người dùng mới",
--- a/web/src/locales/zh/data.json
+++ b/web/src/locales/zh/data.json
@ -166,7 +166,7 @@
    "Next Step": "下一步",
    "Please input your username!": "请输入您的用户名！",
    "Reset": "重置",
-    "Retrieve password": "找回密码",
+    "Reset password": "重置密码",
    "Unknown forget type": "未知的忘记密码类型",
    "Verify": "验证"
  },
@ -1130,6 +1130,8 @@
    "Managed accounts": "托管账户",
    "Modify password...": "编辑密码...",
    "Multi-factor authentication": "多因素认证",
+    "Need update password": "需要更新密码",
+    "Need update password - Tooltip": "强制用户在登录后更新密码",
    "New Email": "新邮箱",
    "New Password": "新密码",
    "New User": "添加用户",
--- a/web/src/table/AccountTable.js
+++ b/web/src/table/AccountTable.js
@ -102,6 +102,7 @@ class AccountTable extends React.Component {
      {name: "Is admin", label: i18next.t("user:Is admin")},
      {name: "Is forbidden", label: i18next.t("user:Is forbidden")},
      {name: "Is deleted", label: i18next.t("user:Is deleted")},
+      {name: "Need update password", label: i18next.t("user:Need update password")},
      {name: "Multi-factor authentication", label: i18next.t("user:Multi-factor authentication")},
      {name: "WebAuthn credentials", label: i18next.t("user:WebAuthn credentials")},
      {name: "Managed accounts", label: i18next.t("user:Managed accounts")},
Author	SHA1	Message	Date
Yang Luo	93b0f52f26	feat: Revert "feat: fix cannot create "/files" folder issue in local file storage provider in Docker" (#2997 ) This reverts commit `e228045e37`.	2024-06-06 11:09:02 +08:00
DacongDA	e228045e37	feat: fix cannot create "/files" folder issue in local file storage provider in Docker (#2994 )	2024-06-06 10:49:56 +08:00
DacongDA	6b8c24e1f0	feat: fix password not encrypted issue in SetPassword() API (#2990 ) * fix: fix password not encrypted in set password and password type not changed * Update user.go --------- Co-authored-by: Yang Luo <hsluoyz@qq.com>	2024-06-04 13:32:13 +08:00
DacongDA	8a79bb64dd	feat: test SMTP connection with browser parameters (#2986 )	2024-06-04 01:34:36 +08:00
DacongDA	e5f9aab28f	feat: support resetting password on first login (#2980 ) * feat: support reset password in first login * feat: disable needUpdatePassword when user haven't email and phone and mfa	2024-06-02 01:00:55 +08:00
Yang Luo	7d05b69aac	feat: remove useless code	2024-05-28 20:33:55 +08:00
DacongDA	868e66e866	feat: fix QQ login error when using mobile browser (#2971 )	2024-05-27 01:07:15 +08:00
Husile	40ad3c9234	feat: support MFA fields in syncer (#2966 ) * feat:add fields of sync-database * feat:add fields of sync-database	2024-05-27 01:06:59 +08:00