docs: add note about requiring conf and resources directories (or specifying paths via -c and RUSTDESK_API_GIN_RESOURCES_PATH) when running without docker (#311 )

feat(user): add remark field to User model and form (#307 )
feat: Update database version constant to 264
2025-07-09 09:43:56 +08:00 · 2025-07-08 12:14:46 +08:00 · 2025-07-08 12:13:31 +08:00 · 2025-07-04 14:30:07 +08:00 · 2025-07-04 14:27:47 +08:00 · 2025-06-24 17:23:36 +08:00
171 changed files with 103210 additions and 88659 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -55,30 +55,44 @@ jobs:
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - uses: actions/checkout@v4
        with:
          repository: lejianwen/rustdesk-api-web
          path: rustdesk-api-web
          ref: master
      - name: Set up Go environment
        uses: actions/setup-go@v4
        with:
-          go-version: '1.22'  # 选择 Go 版本
+          go-version: '1.23'  # 选择 Go 版本
      - name: Set up npm
        uses: actions/setup-node@v2
        with:
          node-version: '20'
      - name: build rustdesk-api-web
        working-directory: rustdesk-api-web
        run: |
          git clone ${{ env.WEBCLIENT_SOURCE_LOCATION }}
          cd rustdesk-api-web
          npm install
          npm run build
-          mkdir ../resources/admin/ -p
+          mkdir -p ../resources/admin/
          cp -ar dist/* ../resources/admin/
      - name: tidy
        run: go mod tidy
      - name: Get tag version
        run: |
          TAG_VERSION="${GITHUB_REF##*/}"
          VERSION="${TAG_VERSION#v}" 
          echo "VERSION=$VERSION" >> $GITHUB_ENV
      - name: Write version to resources/version
        run:  echo $VERSION > resources/version
      - name: swag
        run: |
          go install github.com/swaggo/swag/cmd/swag@latest
@@ -96,15 +110,17 @@ jobs:
          if [ "${{ matrix.job.goos }}" = "windows" ]; then
            sudo apt-get install gcc-mingw-w64-x86-64 zip -y
            GOOS=${{ matrix.job.goos }} GOARCH=${{ matrix.job.platform }} CC=x86_64-w64-mingw32-gcc CGO_LDFLAGS="-static" CGO_ENABLED=1 go build -ldflags "-s -w" -o ./release/apimain.exe ./cmd/apimain.go
            echo @echo off > release/start.bat
            echo cmd /c \"%~dp0apimain.exe\" >> release/start.bat
            zip -r ${{ matrix.job.goos}}-${{ matrix.job.platform }}.${{matrix.job.file_ext}} ./release
          else
            if [ "${{ matrix.job.platform }}" = "arm64" ]; then
-                wget https://musl.cc/aarch64-linux-musl-cross.tgz
+                wget https://musl.ljw.red/aarch64-linux-musl-cross.tgz
                tar -xf aarch64-linux-musl-cross.tgz
                export PATH=$PATH:$PWD/aarch64-linux-musl-cross/bin
                GOOS=${{ matrix.job.goos }} GOARCH=${{ matrix.job.platform }} CC=aarch64-linux-musl-gcc CGO_LDFLAGS="-static" CGO_ENABLED=1 go build -ldflags "-s -w" -o ./release/apimain ./cmd/apimain.go
            elif [ "${{ matrix.job.platform }}" = "armv7l" ]; then
-                wget https://musl.cc/armv7l-linux-musleabihf-cross.tgz
+                wget https://musl.ljw.red/armv7l-linux-musleabihf-cross.tgz
                tar -xf armv7l-linux-musleabihf-cross.tgz
                export PATH=$PATH:$PWD/armv7l-linux-musleabihf-cross/bin
                GOOS=${{ matrix.job.goos }} GOARCH=arm GOARM=7 CC=armv7l-linux-musleabihf-gcc CGO_LDFLAGS="-static" CGO_ENABLED=1 go build -ldflags "-s -w" -o ./release/apimain ./cmd/apimain.go
@@ -121,15 +137,94 @@ jobs:
          name: rustdesk-api-${{ matrix.job.goos }}-${{ matrix.job.platform }}
          path: |
            ${{ matrix.job.goos}}-${{ matrix.job.platform }}.${{matrix.job.file_ext}}
      - name: Upload to GitHub Release
        uses: softprops/action-gh-release@v2
        with:
          files: |
            ${{ matrix.job.goos}}-${{ matrix.job.platform }}.${{matrix.job.file_ext}}
        #          tag_name: ${{ env.LATEST_TAG }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - name: Generate Changelog
        if: startsWith(github.ref, 'refs/tags/') && github.event_name == 'push'
        run: npx changelogithub # or changelogithub@0.12 if ensure the stable result
        env:
          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
  deb-package:
    name: debian package - ${{ matrix.job.platform }}
    needs: build
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        job:
          - { platform: "amd64", goos: "linux", debian_platform: "amd64", crossbuild_package: ""}
          - { platform: "arm64", goos: "linux", debian_platform: "arm64", crossbuild_package: "crossbuild-essential-arm64" }
          - { platform: "armv7l", goos: "linux", debian_platform: "armhf", crossbuild_package: "crossbuild-essential-armhf" }
    steps:
      - name: Checkout
        uses: actions/checkout@v3
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v2
      - name: Create packaging env
        run: |
          sudo apt update
          DEBIAN_FRONTEND=noninteractive sudo apt install -y devscripts build-essential debhelper pkg-config ${{ matrix.job.crossbuild_package }}
          mkdir -p debian-build/${{ matrix.job.platform }}/bin
      - name: Get tag version
        id: get_tag
        run: |
          TAG_VERSION="${GITHUB_REF##*/}"
          VERSION="${TAG_VERSION#v}" 
          echo "TAG_VERSION=$TAG_VERSION" >> $GITHUB_ENV
          echo "VERSION=$VERSION" >> $GITHUB_ENV
      - name: Update changelog
        run: |
          DATE=$(date -R)
          sed -i "1i rustdesk-api-server (${VERSION}) stable; urgency=medium\n\n  * Automatically generated release for version ${VERSION}.\n\n -- GitHub Actions <actions@github.com>  ${DATE}\n" debian/changelog
      - name: Download binaries
        uses: actions/download-artifact@v4
        with:
          name: rustdesk-api-${{ matrix.job.goos }}-${{ matrix.job.platform }}
          path: .
      - name: Unzip binaries
        run: |
          mkdir -p ${{ matrix.job.platform }}
          tar -xzf ${{ matrix.job.goos }}-${{ matrix.job.platform }}.tar.gz -C ${{ matrix.job.platform }}
      - name: Build package for ${{ matrix.job.platform }} arch
        run: |
          mv ${{ matrix.job.platform }}/release/apimain debian-build/${{ matrix.job.platform }}/bin/rustdesk-api 
          mv ${{ matrix.job.platform }}/release/resources/admin resources
          chmod -v a+x debian-build/${{ matrix.job.platform }}/bin/*
          mkdir -p data
          cp -vr debian systemd conf data resources runtime debian-build/${{ matrix.job.platform }}/
          cat debian/control.tpl | sed 's/{{ ARCH }}/${{ matrix.job.debian_platform }}/' > debian-build/${{ matrix.job.platform }}/debian/control
          cd debian-build/${{ matrix.job.platform }}/
          debuild -i -us -uc -b -a${{ matrix.job.debian_platform}}
      - name: Upload artifact
        uses: actions/upload-artifact@v4
        with:
          name: rustdesk-api-${{ matrix.job.debian_platform }}
          path: |
            debian-build/*.deb
      - name: Create Release
        uses: softprops/action-gh-release@v2
        with:
          files: |
            debian-build/rustdesk-api-server_*_${{ matrix.job.debian_platform }}.deb
  docker:
    name: Push Docker Image
    needs: build
@@ -191,7 +286,6 @@ jobs:
        run: |
          mkdir -p ${{ matrix.job.platform }}
          tar -xzf ${{ matrix.job.goos }}-${{ matrix.job.platform }}.tar.gz -C ${{ matrix.job.platform }}
          file ${{ matrix.job.platform }}/apimain
      - name: Build and push Docker image to Docker Hub ${{ matrix.job.platform }}
        if: ${{ env.SKIP_DOCKER_HUB == 'false' }}  # Only run this step if SKIP_DOCKER_HUB is false
@@ -209,6 +303,21 @@ jobs:
            ${{ env.DOCKERHUB_IMAGE_NAMESPACE }}/rustdesk-api:${{ env.TAG }}-${{ matrix.job.platform }}
          labels: ${{ steps.meta.outputs.labels }}
      - name: Build and push Docker Full S6 image to Docker Hub ${{ matrix.job.platform }}
        if: ${{ env.SKIP_DOCKER_HUB == 'false' }}  # Only run this step if SKIP_DOCKER_HUB is false
        uses: docker/build-push-action@v5
        with:
          context: "."
          file: ./Dockerfile_full_s6
          platforms: ${{ matrix.job.docker_platform }}
          push: true
          provenance: false
          build-args: |
            BUILDARCH=${{ matrix.job.platform }}
          tags: |
            ${{ env.DOCKERHUB_IMAGE_NAMESPACE }}/rustdesk-api:full-s6-${{ matrix.job.platform }}
          labels: ${{ steps.meta.outputs.labels }}
      - name: Build and push Docker image to GHCR ${{ matrix.job.platform }}
        if: ${{ env.SKIP_GHCR == 'false' }}  # Only run this step if SKIP_GHCR is false
        uses: docker/build-push-action@v5
@@ -225,6 +334,21 @@ jobs:
            ghcr.io/${{ env.GHCR_IMAGE_NAMESPACE }}/rustdesk-api:${{ env.TAG }}-${{ matrix.job.platform }}
          labels: ${{ steps.meta.outputs.labels }}
      - name: Build and push Docker Full S6 image to GHCR ${{ matrix.job.platform }}
        if: ${{ env.SKIP_GHCR == 'false' }}  # Only run this step if SKIP_GHCR is false
        uses: docker/build-push-action@v5
        with:
          context: "."
          file: ./Dockerfile
          platforms: ${{ matrix.job.docker_platform }}
          push: true
          provenance: false
          build-args: |
            BUILDARCH=${{ matrix.job.platform }}
          tags: |
            ghcr.io/${{ env.GHCR_IMAGE_NAMESPACE }}/rustdesk-api:full-s6-${{ matrix.job.platform }}
          labels: ${{ steps.meta.outputs.labels }}
  #
  docker-manifest:
    name: Push Docker Manifest
@@ -257,7 +381,7 @@ jobs:
      - name: Create and push manifest Docker Hub (:version)
        if: ${{ env.SKIP_DOCKER_HUB == 'false' }}
-        uses: Noelware/docker-manifest-action@master
+        uses: Noelware/docker-manifest-action@v0.2.3
        with:
          base-image: ${{ env.BASE_IMAGE_NAMESPACE }}/rustdesk-api:${{ env.TAG }}
          extra-images: ${{ env.DOCKERHUB_IMAGE_NAMESPACE }}/rustdesk-api:${{ env.TAG }}-amd64,
@@ -267,7 +391,7 @@ jobs:
      - name: Create and push manifest GHCR (:version)
        if: ${{ env.SKIP_GHCR == 'false' }}
-        uses: Noelware/docker-manifest-action@master
+        uses: Noelware/docker-manifest-action@v0.2.3
        with:
          base-image: ghcr.io/${{ env.BASE_IMAGE_NAMESPACE }}/rustdesk-api:${{ env.TAG }}
          extra-images: ghcr.io/${{ env.GHCR_IMAGE_NAMESPACE }}/rustdesk-api:${{ env.TAG }}-amd64,
@@ -278,7 +402,7 @@ jobs:
      - name: Create and push manifest Docker Hub (:latest)
        if: ${{ env.SKIP_DOCKER_HUB == 'false' }}
-        uses: Noelware/docker-manifest-action@master
+        uses: Noelware/docker-manifest-action@v0.2.3
        with:
          base-image: ${{ env.BASE_IMAGE_NAMESPACE }}/rustdesk-api:latest
          extra-images: ${{ env.DOCKERHUB_IMAGE_NAMESPACE }}/rustdesk-api:latest-amd64,
@@ -288,11 +412,33 @@ jobs:
      - name: Create and push manifest GHCR (:latest)
        if: ${{ env.SKIP_GHCR == 'false' }}
-        uses: Noelware/docker-manifest-action@master
+        uses: Noelware/docker-manifest-action@v0.2.3
        with:
          base-image: ghcr.io/${{ env.BASE_IMAGE_NAMESPACE }}/rustdesk-api:latest
          extra-images: ghcr.io/${{ env.GHCR_IMAGE_NAMESPACE }}/rustdesk-api:latest-amd64,
            ghcr.io/${{ env.GHCR_IMAGE_NAMESPACE }}/rustdesk-api:latest-armv7l,
            ghcr.io/${{ env.GHCR_IMAGE_NAMESPACE }}/rustdesk-api:latest-arm64
          push: true
          amend: true
      - name: Create and push Full S6 manifest Docker Hub (:version)
        if: ${{ env.SKIP_DOCKER_HUB == 'false' }}
        uses: Noelware/docker-manifest-action@v0.2.3
        with:
          base-image: ${{ env.BASE_IMAGE_NAMESPACE }}/rustdesk-api:full-s6
          extra-images: ${{ env.DOCKERHUB_IMAGE_NAMESPACE }}/rustdesk-api:full-s6-amd64,
            ${{ env.DOCKERHUB_IMAGE_NAMESPACE }}/rustdesk-api:full-s6-armv7l,
            ${{ env.DOCKERHUB_IMAGE_NAMESPACE }}/rustdesk-api:full-s6-arm64
          push: true
          amend: true
      - name: Create and push Full S6 manifest GHCR (:latest)
        if: ${{ env.SKIP_GHCR == 'false' }}
        uses: Noelware/docker-manifest-action@v0.2.3
        with:
          base-image: ghcr.io/${{ env.BASE_IMAGE_NAMESPACE }}/rustdesk-api:full-s6
          extra-images: ghcr.io/${{ env.GHCR_IMAGE_NAMESPACE }}/rustdesk-api:full-s6-amd64,
            ghcr.io/${{ env.GHCR_IMAGE_NAMESPACE }}/rustdesk-api:full-s6-armv7l,
            ghcr.io/${{ env.GHCR_IMAGE_NAMESPACE }}/rustdesk-api:full-s6-arm64
          push: true
          amend: true
--- a/.github/workflows/build_test.yml
+++ b/.github/workflows/build_test.yml
@@ -52,24 +52,28 @@ jobs:
      - name: Checkout code
        uses: actions/checkout@v4
      - uses: actions/checkout@v4
        with:
          repository: lejianwen/rustdesk-api-web
          path: rustdesk-api-web
          ref: master
      - name: Set up Go environment
        uses: actions/setup-go@v4
        with:
-          go-version: '1.22'  # 选择 Go 版本
+          go-version: '1.23'  # 选择 Go 版本
      - name: Set up npm
        uses: actions/setup-node@v2
        with:
          node-version: '20'
      - name: build rustdesk-api-web
        working-directory: rustdesk-api-web
        run: |
          git clone ${{ env.WEBCLIENT_SOURCE_LOCATION }}
          cd rustdesk-api-web
          npm install
          npm run build
-          mkdir ../resources/admin/ -p
+          mkdir -p ../resources/admin/
          cp -ar dist/* ../resources/admin/
      - name: tidy
@@ -92,15 +96,17 @@ jobs:
          if [ "${{ matrix.job.goos }}" = "windows" ]; then
            sudo apt-get install gcc-mingw-w64-x86-64 zip -y
            GOOS=${{ matrix.job.goos }} GOARCH=${{ matrix.job.platform }} CC=x86_64-w64-mingw32-gcc CGO_LDFLAGS="-static" CGO_ENABLED=1 go build -ldflags "-s -w" -o ./release/apimain.exe ./cmd/apimain.go
            echo @echo off > release/start.bat
            echo cmd /c \"%~dp0apimain.exe\" >> release/start.bat
            zip -r ${{ matrix.job.goos}}-${{ matrix.job.platform }}.${{matrix.job.file_ext}} ./release
          else
            if [ "${{ matrix.job.platform }}" = "arm64" ]; then
-                wget https://musl.cc/aarch64-linux-musl-cross.tgz
+                wget https://musl.ljw.red/aarch64-linux-musl-cross.tgz
                tar -xf aarch64-linux-musl-cross.tgz
                export PATH=$PATH:$PWD/aarch64-linux-musl-cross/bin
                GOOS=${{ matrix.job.goos }} GOARCH=${{ matrix.job.platform }} CC=aarch64-linux-musl-gcc CGO_LDFLAGS="-static" CGO_ENABLED=1 go build -ldflags "-s -w" -o ./release/apimain ./cmd/apimain.go
            elif [ "${{ matrix.job.platform }}" = "armv7l" ]; then
-                wget https://musl.cc/armv7l-linux-musleabihf-cross.tgz
+                wget https://musl.ljw.red/armv7l-linux-musleabihf-cross.tgz
                tar -xf armv7l-linux-musleabihf-cross.tgz
                export PATH=$PATH:$PWD/armv7l-linux-musleabihf-cross/bin
                GOOS=${{ matrix.job.goos }} GOARCH=arm GOARM=7 CC=armv7l-linux-musleabihf-gcc CGO_LDFLAGS="-static" CGO_ENABLED=1 go build -ldflags "-s -w" -o ./release/apimain ./cmd/apimain.go
@@ -117,6 +123,7 @@ jobs:
          name: rustdesk-api-${{ matrix.job.goos }}-${{ matrix.job.platform }}
          path: |
            ${{ matrix.job.goos}}-${{ matrix.job.platform }}.${{matrix.job.file_ext}}
      - name: Upload to GitHub Release
        uses: softprops/action-gh-release@v2
        with:
@@ -126,6 +133,66 @@ jobs:
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  deb-package:
    name: debian package - ${{ matrix.job.platform }}
    needs: build
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        job:
          - { platform: "amd64", goos: "linux", debian_platform: "amd64", crossbuild_package: ""}
          - { platform: "arm64", goos: "linux", debian_platform: "arm64", crossbuild_package: "crossbuild-essential-arm64" }
          - { platform: "armv7l", goos: "linux", debian_platform: "armhf", crossbuild_package: "crossbuild-essential-armhf" }
    steps:
      - name: Checkout
        uses: actions/checkout@v3
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v2
      - name: Create packaging env
        run: |
          sudo apt update
          DEBIAN_FRONTEND=noninteractive sudo apt install -y devscripts build-essential debhelper pkg-config ${{ matrix.job.crossbuild_package }}
          mkdir -p debian-build/${{ matrix.job.platform }}/bin
      - name: Download binaries
        uses: actions/download-artifact@v4
        with:
          name: rustdesk-api-${{ matrix.job.goos }}-${{ matrix.job.platform }}
          path: .
      - name: Unzip binaries
        run: |
          mkdir -p ${{ matrix.job.platform }}
          tar -xzf ${{ matrix.job.goos }}-${{ matrix.job.platform }}.tar.gz -C ${{ matrix.job.platform }}
      - name: Build package for ${{ matrix.job.platform }} arch
        run: |
          mv ${{ matrix.job.platform }}/release/apimain debian-build/${{ matrix.job.platform }}/bin/rustdesk-api 
          chmod -v a+x debian-build/${{ matrix.job.platform }}/bin/*
          mkdir -p data
          cp -vr debian systemd conf data resources runtime debian-build/${{ matrix.job.platform }}/
          cat debian/control.tpl | sed 's/{{ ARCH }}/${{ matrix.job.debian_platform }}/' > debian-build/${{ matrix.job.platform }}/debian/control
          cd debian-build/${{ matrix.job.platform }}/
          debuild -i -us -uc -b -a${{ matrix.job.debian_platform}}
      - name: Upload artifact
        uses: actions/upload-artifact@v4
        with:
          name: rustdesk-api-${{ matrix.job.debian_platform }}
          path: |
            debian-build/*.deb
      - name: Upload to GitHub Release
        uses: softprops/action-gh-release@v2
        with:
          tag_name: test
          files: |
            debian-build/rustdesk-api-server_*_${{ matrix.job.debian_platform }}.deb
  docker:
    name: Push Docker Image
    needs: build
@@ -187,7 +254,6 @@ jobs:
        run: |
          mkdir -p ${{ matrix.job.platform }}
          tar -xzf ${{ matrix.job.goos }}-${{ matrix.job.platform }}.tar.gz -C ${{ matrix.job.platform }}
          file ${{ matrix.job.platform }}/apimain
      - name: Build and push Docker image to Docker Hub ${{ matrix.job.platform }}
        if: ${{ env.SKIP_DOCKER_HUB == 'false' }}  # Only run this step if SKIP_DOCKER_HUB is false
@@ -251,7 +317,7 @@ jobs:
      - name: Create and push manifest Docker Hub (:version)
        if: ${{ env.SKIP_DOCKER_HUB == 'false' }}
-        uses: Noelware/docker-manifest-action@master
+        uses: Noelware/docker-manifest-action@v0.2.3
        with:
          base-image: ${{ env.BASE_IMAGE_NAMESPACE }}/rustdesk-api:${{ env.TAG }}
          extra-images: ${{ env.DOCKERHUB_IMAGE_NAMESPACE }}/rustdesk-api:${{ env.TAG }}-amd64,
@@ -261,7 +327,7 @@ jobs:
      - name: Create and push manifest GHCR (:version)
        if: ${{ env.SKIP_GHCR == 'false' }}
-        uses: Noelware/docker-manifest-action@master
+        uses: Noelware/docker-manifest-action@v0.2.3
        with:
          base-image: ghcr.io/${{ env.BASE_IMAGE_NAMESPACE }}/rustdesk-api:${{ env.TAG }}
          extra-images: ghcr.io/${{ env.GHCR_IMAGE_NAMESPACE }}/rustdesk-api:${{ env.TAG }}-amd64,
--- a/.gitignore
+++ b/.gitignore
@@ -1,13 +1,8 @@
 .idea
 runtime/*
 !runtime
 !runtime/cache
 !runtime/cache/.gitkeep
 go.sum
-resources/*
+resources/admin
 !resources/public/upload/.gitignore
 !resources/web
 !resources/web2
 !resources/i18n
 release
-data
+data/rustdeskapi.db
--- a/3
+++ b/3
@@ -2,9 +2,8 @@ FROM alpine
 ARG BUILDARCH
 WORKDIR /app
-RUN apk add --no-cache tzdata file
+RUN apk add --no-cache tzdata
 COPY ./${BUILDARCH}/release /app/
 RUN file /app/apimain
 VOLUME /app/data
 EXPOSE 21114
--- a/Dockerfile.dev
+++ b/Dockerfile.dev
@@ -42,11 +42,11 @@ RUN if [ "$COUNTRY" = "CN" ] ; then \
    fi && \
    apk update && apk add --no-cache git
-ARG FREONTEND_GIT_REPO=https://github.com/lejianwen/rustdesk-api-web.git
+ARG FRONTEND_GIT_REPO=https://github.com/lejianwen/rustdesk-api-web.git
 ARG FRONTEND_GIT_BRANCH=master
 # Clone the frontend repository
-RUN git clone -b $FRONTEND_GIT_BRANCH $FREONTEND_GIT_REPO .
+RUN git clone -b $FRONTEND_GIT_BRANCH $FRONTEND_GIT_REPO .
 # Install required tools without caching index to minimize image size
 RUN if [ "$COUNTRY" = "CN" ] ; then \
@@ -91,4 +91,4 @@ VOLUME /app/data
 EXPOSE 21114
 # Define the command to run the application
-CMD ["./apimain"]
+CMD ["./apimain"]
--- a/38
+++ b/38
@@ -0,0 +1,38 @@
 FROM rustdesk/rustdesk-server-s6:latest AS server
 FROM alpine
 ARG BUILDARCH
 WORKDIR /app
 RUN apk add --no-cache tzdata
 COPY ./${BUILDARCH}/release /app/
 COPY --from=server /init /init
 COPY --from=server /etc/s6-overlay /etc/s6-overlay
 COPY --from=server /package /package
 COPY --from=server /usr/bin/healthcheck.sh /usr/bin/healthcheck.sh
 COPY --from=server /usr/bin/hbbr /usr/bin/hbbr
 COPY --from=server /usr/bin/hbbs /usr/bin/hbbs
 COPY --from=server /usr/bin/rustdesk-utils /usr/bin/rustdesk-utils
 COPY --from=server /command /command
 RUN \
  mkdir -p /etc/s6-overlay/s6-rc.d/api && \
  echo -e "key-secret\nhbbs" > /etc/s6-overlay/s6-rc.d/api/dependencies && \
  echo "longrun" > /etc/s6-overlay/s6-rc.d/api/type && \
  echo "#!/command/with-contenv sh" > /etc/s6-overlay/s6-rc.d/api/run && \
  echo "cd /app" >> /etc/s6-overlay/s6-rc.d/api/run && \
  echo "./apimain" >> /etc/s6-overlay/s6-rc.d/api/run && \
  touch /etc/s6-overlay/s6-rc.d/user/contents.d/api && \
  echo "/package/admin/s6/command/s6-svstat /run/s6-rc/servicedirs/api || exit 1" >> /usr/bin/healthcheck.sh && \
  ln -s /run /var/run
 ENV RELAY=relay.example.com
 ENV ENCRYPTED_ONLY=0
 VOLUME /data
 VOLUME /app/data
 EXPOSE 21114 21115 21116 21116/udp 21117 21118 21119
 ENTRYPOINT ["/init"]
--- a/README.md
+++ b/README.md
@@ -4,11 +4,12 @@
 本项目使用 Go 实现了 RustDesk 的 API，并包含了 Web Admin 和 Web 客户端。RustDesk 是一个远程桌面软件，提供了自托管的解决方案。
- <div align=center>
+<div align=center>
 <img src="https://img.shields.io/badge/golang-1.22-blue"/>
 <img src="https://img.shields.io/badge/gin-v1.9.0-lightBlue"/>
 <img src="https://img.shields.io/badge/gorm-v1.25.7-green"/>
 <img src="https://img.shields.io/badge/swag-v1.16.3-yellow"/>
 <img src="https://goreportcard.com/badge/github.com/lejianwen/rustdesk-api/v2"/>
 <img src="https://github.com/lejianwen/rustdesk-api/actions/workflows/build.yml/badge.svg"/>
 </div>
@@ -19,7 +20,10 @@
    - 登录
    - 地址簿
    - 群组
-    - 授权登录，支持`github`, `google` 和 `OIDC` 登录，支持`web后台`授权登录
+    - 授权登录
      - 支持`github`, `google` 和 `OIDC` 登录，
      - 支持`web后台`授权登录
      - 支持`LDAP`(AD和OpenLDAP已测试), 如果API Server配置了LDAP
    - i18n
 - Web Admin
    - 用户管理
@@ -28,12 +32,14 @@
    - 标签管理
    - 群组管理
    - Oauth 管理
    - 配置LDAP, 配置文件或者环境变量
    - 登录日志
    - 链接日志
    - 文件传输日志
    - 快速使用web client
    - i18n
    - 通过 web client 分享给游客
    - server控制(一些官方的简单的指令 [WIKI](https://github.com/lejianwen/rustdesk-api/wiki/Rustdesk-Command))
 - Web Client
    - 自动获取API server
    - 自动获取ID服务器和KEY
@@ -43,112 +49,79 @@
 - CLI
    - 重置管理员密码
 ## 使用前准备
 ### [Rustdesk](https://github.com/rustdesk/rustdesk)
 #### PC客户端使用的是 ***1.3.0***，经测试 ***1.2.6+*** 都可以
 #### 关于PC端链接超时或者链接不上的问题以及解决方案
 ##### 链接不上或者超时
 因为server端相对于客户端落后版本，server不会响应客户端的`secure_tcp`请求，所以客户端超时。
 相关代码代码位置在`https://github.com/rustdesk/rustdesk/blob/master/src/client.rs#L322`
  ```rust
    if !key.is_empty() && !token.is_empty() {
    // mainly for the security of token
    allow_err!(secure_tcp(&mut socket, key).await);
    }
  ```
  可看到当`key`和`token`都不为空时，会调用`secure_tcp`，但是server端不会响应，所以客户端超时
  `secure_tcp` 代码位置在 `https://github.com/rustdesk/rustdesk/blob/master/src/common.rs#L1203`
 ##### 4种解决方案
 1. server端指定key。
    - 优点：简单
    - 缺点：链接不是加密的
       ```bash
       hbbs -r <relay-server-ip[:port]> -k <key>
       hbbr -k <key>
       ```
       比如
       ```bash
         hbbs -r <relay-server-ip[:port]> -k abc1234567
         hbbr -k abc1234567
       ```
 2. server端使用系统生成的key，或者自定义的密钥对，但如果client已登录，链接时容易超时或者链接不上，可以退出登录后再链接就可以了，webclient可以不用退出登录
    - 优点：链接加密
    - 缺点：操作麻烦
 3. server端使用系统生成的key，或者自定义的密钥对，fork官方客户端的代码将`secure_tcp`修改成直接返回，然后通过`Github Actions`编译，下载编译后的客户端。
 参考[官方文档](https://rustdesk.com/docs/en/dev/build/all/)
    - 优点：链接加密，可以自定义客户端一些功能，编译后直接可用
    - 缺点：需要自己fork代码，编译，有点难度
 4. 使用[我fork的代码](https://github.com/lejianwen/rustdesk)，已经修改了`secure_tcp`，可以直接下载使用，[下载地址](https://github.com/lejianwen/rustdesk/releases)
    - 优点：代码改动可查看，`Github Actions`编译，链接加密，直接下载使用
    - 缺点：可能跟不上官方版本更新
 ***对链接加密要求不高的可以使用`1`，对链接加密要求高的可以使用`3`或`4`***
 ## 功能
 ### API 服务 
 基本实现了PC端基础的接口。支持Personal版本接口，可以通过配置文件`rustdesk.personal`或环境变量`RUSTDESK_API_RUSTDESK_PERSONAL`来控制是否启用
-#### 登录
+<table>
-
+    <tr>
- 添加了`github`, `google` 以及`OIDC`授权登录，需要在后台配置好就可以用了，具体可看后台OAuth配置
+      <td width="50%" align="center" colspan="2"><b>登录</b></td>
- 添加了web后台授权登录,点击后直接登录后台就自动登录客户端了
+    </tr>
-
+    <tr>
-![pc_login](docs/pc_login.png)
+        <td width="50%" align="center" colspan="2"><img src="docs/pc_login.png"></td>
-
+    </tr>
-#### 地址簿
+     <tr>
-
+      <td width="50%" align="center"><b>地址簿</b></td>
-![pc_ab](docs/pc_ab.png)
+      <td width="50%" align="center"><b>群组</b></td>
-
+    </tr>
-#### 群组
+    <tr>
-群组分为`共享组`和`普通组`，共享组中所有人都能看到小组成员的设备，普通组只有管理员能看到所有小组成员的设备
+        <td width="50%" align="center"><img src="docs/pc_ab.png"></td>
-
+        <td width="50%" align="center"><img src="docs/pc_gr.png"></td>
-![pc_gr](docs/pc_gr.png)
+    </tr>
 </table>
 ### Web Admin:
 * 使用前后端分离，提供用户友好的管理界面，主要用来管理和展示。前端代码在[rustdesk-api-web](https://github.com/lejianwen/rustdesk-api-web)
-* 后台访问地址是`http://<your server>[:port]/_admin/`初次安装管理员为用户名密码为`admin` `admin`，请即时更改密码
+* 后台访问地址是`http://<your server>[:port]/_admin/`
 * 初次安装管理员为用户名为`admin`，密码将在控制台打印，可以通过[命令行](#CLI)更改密码
  ![img.png](./docs/init_admin_pwd.png)
 1. 管理员界面
   ![web_admin](docs/web_admin.png)
 2. 普通用户界面
   ![web_user](docs/web_admin_user.png)
   右上角可以更改密码,可以切换语言，可以切换`白天/黑夜`模式
   ![web_resetpwd](docs/web_resetpwd.png)
-3. 分组可以自定义，方便管理，暂时支持两种类型: `共享组` 和 `普通组`
+3. 每个用户可以多个地址簿，也可以将地址簿共享给其他用户
-   ![web_admin_gr](docs/web_admin_gr.png)
+4. 分组可以自定义，方便管理，暂时支持两种类型: `共享组` 和 `普通组`
-4. 可以直接打开webclient，方便使用；也可以分享给游客，游客可以直接通过webclient远程到设备
+5. 可以直接打开webclient，方便使用；也可以分享给游客，游客可以直接通过webclient远程到设备
-
+6. Oauth,支持了`Github`, `Google` 以及 `OIDC`, 需要创建一个`OAuth App`，然后配置到后台
   ![web_webclient](docs/admin_webclient.png)
 5. Oauth,支持了`Github`, `Google` 以及 `OIDC`, 需要创建一个`OAuth App`，然后配置到后台
   ![web_admin_oauth](docs/web_admin_oauth.png)
    - 对于`Google` 和 `Github`, `Issuer` 和 `Scopes`不需要填写.
    - 对于`OIDC`, `Issuer`是必须的。`Scopes`是可选的，默认为 `openid,profile,email`. 确保可以获取 `sub`,`email` 和`preferred_username`
    - `github oauth app`在`Settings`->`Developer settings`->`OAuth Apps`->`New OAuth App`
      中创建,地址 [https://github.com/settings/developers](https://github.com/settings/developers)
    - `Authorization callback URL`填写`http://<your server[:port]>/api/oauth/callback`
      ，比如`http://127.0.0.1:21114/api/oauth/callback`
 7. 登录日志
 8. 链接日志
 9. 文件传输日志
 10. server控制
  - `简易模式`,已经界面化了一些简单的指令，可以直接在后台执行
    ![rustdesk_command_simple](./docs/rustdesk_command_simple.png)
  - `高级模式`,直接在后台执行指令
      * 可以官方指令
      * 可以添加自定义指令
      * 可以执行自定义指令
 11. **LDAP 支持**, 当在API Server上设置了LDAP(已测试AD和LDAP),可以通过LDAP中的用户信息进行登录 https://github.com/lejianwen/rustdesk-api/issues/114 ,如果LDAP验证失败，返回本地用户
 ### Web Client:
 1. 如果已经登录了后台，web client将自动直接登录
 2. 如果没登录后台，点击右上角登录即可，api server已经自动配置好了
   ![webclient_conf](docs/webclient_conf.png)
 3. 登录后，会自动同步ID服务器和KEY
 4. 登录后，会将地址簿自动保存到web client中，方便使用
 5. 现已支持`v2 Preview`，访问路径是`/webclient2`
   ![webclientv2](./docs/webclientv2.png)
-6. `v2 preview` 部署 
+6. `v2 preview` 部署，参考[WIKI](https://github.com/lejianwen/rustdesk-api/wiki)
-   - 如果是通过`443`端口的`https`部署，必须配置反向代理，可以参考[官方文档](https://rustdesk.com/docs/en/self-host/rustdesk-server-pro/faq/#8-add-websocket-secure-wss-support-for-the-id-server-and-relay-server-to-enable-secure-communication-for-the-web-client)
+
   - 如果是`http`或者其他的`https`端口部署，则和`v1`一样，配置好`21118`,`21119`即可
   - 更多参考[Web-Client-V2-Preview-Document](https://github.com/lejianwen/rustdesk-api/wiki/Web-Client-V2-Preview-Document)
 ### 自动化文档: 使用 Swag 生成 API 文档，方便开发者理解和使用 API。
@@ -157,6 +130,7 @@
   ![api_swag](docs/api_swag.png)
 ### CLI
 ```bash
 # 查看帮助
 ./apimain -h
@@ -171,78 +145,57 @@
 ### 相关配置
 * [配置文件](./conf/config.yaml)
 * 参考`conf/config.yaml`配置文件，修改相关配置。
 * 如果`gorm.type`是`sqlite`，则不需要配置mysql相关配置。
 * 语言如果不设置默认为`zh-CN`
 ```yaml
 lang: "en"
 app:
  web-client: 1  # 1:启用 0:禁用
  register: false #是否开启注册
 gin:
  api-addr: "0.0.0.0:21114"
  mode: "release"
  resources-path: 'resources'
  trust-proxy: ""
 gorm:
  type: "sqlite"
  max-idle-conns: 10
  max-open-conns: 100
 mysql:
  username: "root"
  password: "111111"
  addr: "192.168.1.66:3308"
  dbname: "rustdesk"
 rustdesk:
  id-server: "192.168.1.66:21116"
  relay-server: "192.168.1.66:21117"
  api-server: "http://192.168.1.66:21114"
  key: "123456789"
  personal: 1
 logger:
  path: "./runtime/log.txt"
  level: "warn" #trace,debug,info,warn,error,fatal
  report-caller: true
 proxy:
  enable: false
  host: ""
 ```
 ### 环境变量
-变量名前缀是`RUSTDESK_API`，环境变量如果存在将覆盖配置文件中的配置
+环境变量和配置文件`conf/config.yaml`中的配置一一对应，变量名前缀是`RUSTDESK_API`
 下面表格并未全部列出，可以参考`conf/config.yaml`中的配置。
-| 变量名                                | 说明                                                      | 示例                           |
+| 变量名                                                    | 说明                                                                             | 示例                           |
-|------------------------------------|---------------------------------------------------------|------------------------------|
+|--------------------------------------------------------|--------------------------------------------------------------------------------|------------------------------|
-| TZ                                 | 时区                                                      | Asia/Shanghai                |
+| TZ                                                     | 时区                                                                             | Asia/Shanghai                |
-| RUSTDESK_API_LANG                  | 语言                                                      | `en`,`zh-CN`                 |
+| RUSTDESK_API_LANG                                      | 语言                                                                             | `en`,`zh-CN`                 |
-| RUSTDESK_API_APP_WEB_CLIENT        | 是否启用web-client; 1:启用,0:不启用; 默认启用                        | 1                            |
+| RUSTDESK_API_APP_WEB_CLIENT                            | 是否启用web-client; 1:启用,0:不启用; 默认启用                                               | 1                            |
-| RUSTDESK_API_APP_REGISTER          | 是否开启注册; `true`, `false`  默认`false`                      | `false`                      |
+| RUSTDESK_API_APP_REGISTER                              | 是否开启注册; `true`, `false`  默认`false`                                             | `false`                      |
-| -----ADMIN配置-----                  | ----------                                              | ----------                   |
+| RUSTDESK_API_APP_SHOW_SWAGGER                          | 是否可见swagger文档;`1`显示，`0`不显示，默认`0`不显示                                            | `1`                          |
-| RUSTDESK_API_ADMIN_TITLE           | 后台标题                                                    | `RustDesk Api Admin`         |
+| RUSTDESK_API_APP_TOKEN_EXPIRE                          | token有效时长                                                                      | `168h`                       |
-| RUSTDESK_API_ADMIN_HELLO           | 后台欢迎语，可以使用`html`                                        |                              |
+| RUSTDESK_API_APP_DISABLE_PWD_LOGIN                     | 是否禁用密码登录;  `true`, `false`  默认`false`                                          | `false`                      |
-| RUSTDESK_API_ADMIN_HELLO_FILE      | 后台欢迎语文件，如果内容多，使用文件更方便。<br>会覆盖`RUSTDESK_API_ADMIN_HELLO` | `./conf/admin/hello.html`    |
+| RUSTDESK_API_APP_REGISTER_STATUS                       | 注册用户默认状态; 1 启用，2 禁用, 默认 1                                                      | `1`                          |
-| -----GIN配置-----                    | ----------                                              | ----------                   |
+| RUSTDESK_API_APP_CAPTCHA_THRESHOLD                     | 验证码触发次数; -1 不启用， 0 一直启用， >0 登录错误次数后启用 ;默认 `3`                                  | `3`                          |
-| RUSTDESK_API_GIN_TRUST_PROXY       | 信任的代理IP列表，以`,`分割，默认信任所有                                 | 192.168.1.2,192.168.1.3      |
+| RUSTDESK_API_APP_BAN_THRESHOLD                         | 封禁IP触发次数; 0 不启用, >0 登录错误次数后封禁IP; 默认 `0`                                        | `0`                          |
-| -----------GORM配置----------------  | ------------------------------------                    | ---------------------------  |
+| -----ADMIN配置-----                                      | ----------                                                                     | ----------                   |
-| RUSTDESK_API_GORM_TYPE             | 数据库类型sqlite或者mysql，默认sqlite                             | sqlite                       |
+| RUSTDESK_API_ADMIN_TITLE                               | 后台标题                                                                           | `RustDesk Api Admin`         |
-| RUSTDESK_API_GORM_MAX_IDLE_CONNS   | 数据库最大空闲连接数                                              | 10                           |
+| RUSTDESK_API_ADMIN_HELLO                               | 后台欢迎语，可以使用`html`                                                               |                              |
-| RUSTDESK_API_GORM_MAX_OPEN_CONNS   | 数据库最大打开连接数                                              | 100                          |
+| RUSTDESK_API_ADMIN_HELLO_FILE                          | 后台欢迎语文件，如果内容多，使用文件更方便。<br>会覆盖`RUSTDESK_API_ADMIN_HELLO`                        | `./conf/admin/hello.html`    |
-| RUSTDESK_API_RUSTDESK_PERSONAL     | 是否启用个人版API， 1:启用,0:不启用； 默认启用                            | 1                            |
+| -----GIN配置-----                                        | ----------                                                                     | ----------                   |
-| -----MYSQL配置-----                  | ----------                                              | ----------                   |
+| RUSTDESK_API_GIN_TRUST_PROXY                           | 信任的代理IP列表，以`,`分割，默认信任所有                                                        | 192.168.1.2,192.168.1.3      |
-| RUSTDESK_API_MYSQL_USERNAME        | mysql用户名                                                | root                         |
+| -----GORM配置-----                                       | ----------                                                                     | ---------------------------  |
-| RUSTDESK_API_MYSQL_PASSWORD        | mysql密码                                                 | 111111                       |
+| RUSTDESK_API_GORM_TYPE                                 | 数据库类型sqlite或者mysql，默认sqlite                                                    | sqlite                       |
-| RUSTDESK_API_MYSQL_ADDR            | mysql地址                                                 | 192.168.1.66:3306            |
+| RUSTDESK_API_GORM_MAX_IDLE_CONNS                       | 数据库最大空闲连接数                                                                     | 10                           |
-| RUSTDESK_API_MYSQL_DBNAME          | mysql数据库名                                               | rustdesk                     |
+| RUSTDESK_API_GORM_MAX_OPEN_CONNS                       | 数据库最大打开连接数                                                                     | 100                          |
-| -----RUSTDESK配置-----               | ---------------                                         | ----------                   |
+| RUSTDESK_API_RUSTDESK_PERSONAL                         | 是否启用个人版API， 1:启用,0:不启用； 默认启用                                                   | 1                            |
-| RUSTDESK_API_RUSTDESK_ID_SERVER    | Rustdesk的id服务器地址                                        | 192.168.1.66:21116           |
+| -----MYSQL配置-----                                      | ----------                                                                     | ----------                   |
-| RUSTDESK_API_RUSTDESK_RELAY_SERVER | Rustdesk的relay服务器地址                                     | 192.168.1.66:21117           |
+| RUSTDESK_API_MYSQL_USERNAME                            | mysql用户名                                                                       | root                         |
-| RUSTDESK_API_RUSTDESK_API_SERVER   | Rustdesk的api服务器地址                                       | http://192.168.1.66:21114    |
+| RUSTDESK_API_MYSQL_PASSWORD                            | mysql密码                                                                        | 111111                       |
-| RUSTDESK_API_RUSTDESK_KEY          | Rustdesk的key                                            | 123456789                    |
+| RUSTDESK_API_MYSQL_ADDR                                | mysql地址                                                                        | 192.168.1.66:3306            |
-| RUSTDESK_API_RUSTDESK_KEY_FILE     | Rustdesk存放key的文件                                        | `./conf/data/id_ed25519.pub` |
+| RUSTDESK_API_MYSQL_DBNAME                              | mysql数据库名                                                                      | rustdesk                     |
-| ----PROXY配置-----                   | ---------------                                         | ----------                   |
+| -----RUSTDESK配置-----                                   | ----------                                                                     | ----------                   |
-| RUSTDESK_API_PROXY_ENABLE          | 是否启用代理:`false`, `true`                                  | `false`                      |
+| RUSTDESK_API_RUSTDESK_ID_SERVER                        | Rustdesk的id服务器地址                                                               | 192.168.1.66:21116           |
-| RUSTDESK_API_PROXY_HOST            | 代理地址                                                    | `http://127.0.0.1:1080`      |
+| RUSTDESK_API_RUSTDESK_RELAY_SERVER                     | Rustdesk的relay服务器地址                                                            | 192.168.1.66:21117           |
 | RUSTDESK_API_RUSTDESK_API_SERVER                       | Rustdesk的api服务器地址                                                              | http://192.168.1.66:21114    |
 | RUSTDESK_API_RUSTDESK_KEY                              | Rustdesk的key                                                                   | 123456789                    |
 | RUSTDESK_API_RUSTDESK_KEY_FILE                         | Rustdesk存放key的文件                                                               | `./conf/data/id_ed25519.pub` |
 | RUSTDESK_API_RUSTDESK_WEBCLIENT<br/>_MAGIC_QUERYONLINE | Web client v2 中是否启用新的在线状态查询方法; `1`:启用,`0`:不启用,默认不启用                            | `0`                          |
 | RUSTDESK_API_RUSTDESK_WS_HOST                          | 自定义Websocket Host                                                              | `wss://192.168.1.123:1234`   |
 | ----PROXY配置-----                                       | ----------                                                                     | ----------                   |
 | RUSTDESK_API_PROXY_ENABLE                              | 是否启用代理:`false`, `true`                                                         | `false`                      |
 | RUSTDESK_API_PROXY_HOST                                | 代理地址                                                                           | `http://127.0.0.1:1080`      |
 | ----JWT配置----                                          | --------                                                                       | --------                     |
 | RUSTDESK_API_JWT_KEY                                   | 自定义JWT KEY,为空则不启用JWT<br/>如果没使用`lejianwen/rustdesk-server`中的`MUST_LOGIN`，建议设置为空 |                              |
 | RUSTDESK_API_JWT_EXPIRE_DURATION                       | JWT有效时间                                                                        | `168h`                       |
 ### 运行
@@ -263,7 +216,7 @@ proxy:
    lejianwen/rustdesk-api
    ```
-2. 使用`docker compose`，参考[wiki](https://github.com/lejianwen/rustdesk-api/wiki)
+2. 使用`docker compose`，参考[WIKI](https://github.com/lejianwen/rustdesk-api/wiki)
 #### 下载release直接运行
@@ -302,13 +255,73 @@ proxy:
    #或者使用generate_api.go生成api并运行
    go generate generate_api.go
    ```
   > 注意：使用 `go run` 或编译后的二进制时，当前目录下必须存在 `conf` 和 `resources`
   > 目录。如果在其他目录运行，可通过 `-c` 和环境变量
   > `RUSTDESK_API_GIN_RESOURCES_PATH` 指定绝对路径，例如：
   > ```bash
   > RUSTDESK_API_GIN_RESOURCES_PATH=/opt/rustdesk-api/resources ./apimain -c /opt/rustdesk-api/conf/config.yaml
   > ```
 5. 编译，如果想自己编译,先cd到项目根目录，然后windows下直接运行`build.bat`,linux下运行`build.sh`,编译后会在`release`
   目录下生成对应的可执行文件。直接运行编译后的可执行文件即可。
 6. 打开浏览器访问`http://<your server[:port]>/_admin/`，默认用户名密码为`admin`，请及时更改密码。
 #### 使用`lejianwen/server-s6`镜像运行
 - 已解决链接超时问题
 - 可以强制登录后才能发起链接
 - github https://github.com/lejianwen/rustdesk-server
 ```yaml
 networks:
   rustdesk-net:
     external: false
 services:
   rustdesk:
     ports:
       - 21114:21114
       - 21115:21115
       - 21116:21116
       - 21116:21116/udp
       - 21117:21117
       - 21118:21118
       - 21119:21119
     image: lejianwen/rustdesk-server-s6:latest
     environment:
       - RELAY=<relay_server[:port]>
       - ENCRYPTED_ONLY=1
       - MUST_LOGIN=N
       - TZ=Asia/Shanghai
       - RUSTDESK_API_RUSTDESK_ID_SERVER=<id_server[:21116]>
       - RUSTDESK_API_RUSTDESK_RELAY_SERVER=<relay_server[:21117]>
       - RUSTDESK_API_RUSTDESK_API_SERVER=http://<api_server[:21114]>
       - RUSTDESK_API_KEY_FILE=/data/id_ed25519.pub
       - RUSTDESK_API_JWT_KEY=xxxxxx # jwt key
     volumes:
       - /data/rustdesk/server:/data
       - /data/rustdesk/api:/app/data #将数据库挂载
     networks:
       - rustdesk-net
     restart: unless-stopped
 ```
 ## 其他
 - [WIKI](https://github.com/lejianwen/rustdesk-api/wiki)
 - [链接超时问题](https://github.com/lejianwen/rustdesk-api/issues/92)
 - [修改客户端ID](https://github.com/abdullah-erturk/RustDesk-ID-Changer)
- [webclient来源](https://hub.docker.com/r/keyurbhole/flutter_web_desk)
+- [webclient来源](https://hub.docker.com/r/keyurbhole/flutter_web_desk)
 ## 鸣谢
 感谢所有做过贡献的人!
 <a href="https://github.com/lejianwen/rustdesk-api/graphs/contributors">
  <img src="https://contrib.rocks/image?repo=lejianwen/rustdesk-api" />
 </a>
 ## 感谢你的支持！如果这个项目对你有帮助，请点个⭐️鼓励一下，谢谢！
--- a/README_EN.md
+++ b/README_EN.md
@@ -8,6 +8,7 @@ desktop software that provides self-hosted solutions.
 <img src="https://img.shields.io/badge/gin-v1.9.0-lightBlue"/>
 <img src="https://img.shields.io/badge/gorm-v1.25.7-green"/>
 <img src="https://img.shields.io/badge/swag-v1.16.3-yellow"/>
 <img src="https://goreportcard.com/badge/github.com/lejianwen/rustdesk-api/v2"/>
 <img src="https://github.com/lejianwen/rustdesk-api/actions/workflows/build.yml/badge.svg"/>
 </div>
@@ -18,7 +19,10 @@ desktop software that provides self-hosted solutions.
    - Login
    - Address Book
    - Groups
-    - Authorized login, supports `GitHub`, `Google` and `OIDC` login, supports `web admin` authorized login
+    - Authorized login, 
      - supports `GitHub`, `Google` and `OIDC` login, 
      - supports `web admin` authorized login, 
      - supports LDAP(test AD and openladp) if API Server config
    - i18n
 - Web Admin
    - User Management
@@ -27,12 +31,14 @@ desktop software that provides self-hosted solutions.
    - Tag Management
    - Group Management
    - OAuth Management
    - LDAP Config by config file or ENV
    - Login Logs
    - Connection Logs
    - File Transfer Logs
    - Quick access to web client
    - i18n
    - Share to guest by web client
    - Server control (some simple official commands [WIKI](https://github.com/lejianwen/rustdesk-api/wiki/Rustdesk-Command))
 - Web Client
    - Automatically obtain API server
    - Automatically obtain ID server and KEY
@@ -40,120 +46,81 @@ desktop software that provides self-hosted solutions.
    - Visitors are remotely to the device via a temporary sharing link
 - CLI
    - Reset admin password
 ## Prerequisites
 ### [Rustdesk](https://github.com/rustdesk/rustdesk)
 #### The PC client uses version ***1.3.0***, and versions ***1.2.6+*** have been tested to work.
 #### Solutions for PC client connection timeout or connection issues
 ##### Connection issues or timeouts
 Because the server version lags behind the client version, the server does not respond to the client's `secure_tcp` request, causing the client to timeout.
  Relevant code can be found at `https://github.com/rustdesk/rustdesk/blob/master/src/client.rs#L322`
  ```rust
    if !key.is_empty() && !token.is_empty() {
    // mainly for the security of token
    allow_err!(secure_tcp(&mut socket, key).await);
    }
  ```
 As seen, when both `key` and `token` are not empty, `secure_tcp` is called, but the server does not respond, causing the client to timeout.
 The `secure_tcp` code is located at `https://github.com/rustdesk/rustdesk/blob/master/src/common.rs#L1203`
 ##### Four Solutions
 1. Specify the key on the server.
    - Advantage: Simple
    - Disadvantage: The connection is not encrypted
       ```bash
       hbbs -r <relay-server-ip[:port]> -k <key>
       hbbr -k <key>
       ```
      For example
       ```bash
         hbbs -r <relay-server-ip[:port]> -k abc1234567
         hbbr -k abc1234567
       ```
 2. Use a system-generated key or a custom key pair on the server. If the client is already logged in, it may timeout or fail to connect. Logging out and reconnecting usually resolves the issue, and the web client does not need to log out.
    - Advantage: Encrypted connection
    - Disadvantage: Complicated operation
 3. Use a system-generated key or a custom key pair on the server, fork the official client code to modify `secure_tcp` to return directly, then compile using `Github Actions` and download the compiled client.
   Refer to [official documentation](https://rustdesk.com/docs/en/dev/build/all/)
    - Advantage: Encrypted connection, customizable client features, ready to use after compilation
    - Disadvantage: Requires forking code and compiling, which can be challenging
 4. Use [my forked code](https://github.com/lejianwen/rustdesk), which has already modified `secure_tcp`. You can download and use it directly from [here](https://github.com/lejianwen/rustdesk/releases)
    - Advantage: Code changes are viewable, compiled with `Github Actions`, encrypted connection, ready to use
    - Disadvantage: May not keep up with official version updates
 ***If encryption is not a high priority, use `1`. If encryption is important, use `3` or `4`.***
 ## Overview
 ### API Service
 Basic implementation of the PC client's primary interfaces.Supports the Personal version api, which can be enabled by configuring the `rustdesk.personal` file or the `RUSTDESK_API_RUSTDESK_PERSONAL` environment variable.
-#### Login
+<table>
-
+    <tr>
- Added `GitHub`, `Google` and `OIDC` login, which can be used after configuration in the admin panel. See the OAuth
+      <td width="50%" align="center" colspan="2"><b>Login</b></td>
-  configuration section for details.
+    </tr>
- Added authorization login for the web admin panel.
+    <tr>
-
+        <td width="50%" align="center" colspan="2"><img src="docs/en_img/pc_login.png"></td>
-![pc_login](docs/en_img/pc_login.png)
+    </tr>
-
+     <tr>
-#### Address Book
+      <td width="50%" align="center"><b>Address Book</b></td>
-
+      <td width="50%" align="center"><b>Groups</b></td>
-![pc_ab](docs/en_img/pc_ab.png)
+    </tr>
-
+    <tr>
-#### Groups
+        <td width="50%" align="center"><img src="docs/en_img/pc_ab.png"></td>
-Groups are divided into `shared groups` and `regular groups`. In shared groups, everyone can see the peers of all group members, while in regular groups, only administrators can see all members' peers.
+        <td width="50%" align="center"><img src="docs/en_img/pc_gr.png"></td>
-
+    </tr>
-![pc_gr](docs/en_img/pc_gr.png)
+</table>
 ### Web Admin
 * The frontend and backend are separated to provide a user-friendly management interface, primarily for managing and
 displaying data.Frontend code is available at [rustdesk-api-web](https://github.com/lejianwen/rustdesk-api-web)
-* Admin panel URL: `http://<your server[:port]>/_admin/`. The default username and password for the initial
+* Admin panel URL: `http://<your server[:port]>/_admin/`
-installation are `admin` `admin`, please change the password immediately.
+* For the initial installation, the admin username is `admin`, and the password will be printed in the console. You can change the password via the [command line](#CLI).
  ![img.png](./docs/init_admin_pwd.png)
 1. Admin interface:
   ![web_admin](docs/en_img/web_admin.png)
 2. Regular user interface:
   ![web_user](docs/en_img/web_admin_user.png)
   In the top right corner, you can change the password, switch languages, and toggle between `day/night` mode.
-   ![web_resetpwd](docs/en_img/web_resetpwd.png)
+3. Each user can have multiple address books, which can also be shared with other users.
-3. Groups can be customized for easy management. Currently, two types are supported: `shared group` and `regular group`.
+4. Groups can be customized for easy management. Currently, two types are supported: `shared group` and `regular group`.
-   ![web_admin_gr](docs/en_img/web_admin_gr.png)
+5. You can directly launch the client or open the web client for convenience; you can also share it with guests, who can remotely access the device via the web client.
-4. You can directly launch the client or open the web client for convenience; you can also share it with guests, who can remotely access the device via the web client.
+6. OAuth support: Currently, `GitHub`, `Google` and `OIDC`  are supported. You need to create an `OAuth App` and configure it in
   ![web_webclient](docs/en_img/admin_webclient.png)
 5. OAuth support: Currently, `GitHub`, `Google` and `OIDC`  are supported. You need to create an `OAuth App` and configure it in
   the admin panel.
   ![web_admin_oauth](docs/en_img/web_admin_oauth.png)
    - For `Google` and `Github`, you don't need to fill the `Issuer` and `Scpoes`
    - For `OIDC`, you must set the `Issuer`. And `Scopes` is optional which default is `openid,email,profile`, please make sure this `Oauth App` can access `sub`, `email` and `preferred_username`
    - Create a `GitHub OAuth App`
      at `Settings` -> `Developer settings` -> `OAuth Apps` -> `New OAuth App` [here](https://github.com/settings/developers).
    - Set the `Authorization callback URL` to `http://<your server[:port]>/api/oauth/callback`,
      e.g., `http://127.0.0.1:21114/api/oauth/callback`.
 7. Login logs
 8. Connection logs
 9. File transfer logs
 10. Server control
  - `Simple mode`, some simple commands have been GUI-ized and can be executed directly in the backend
    ![rustdesk_command_simple](./docs/en_img/rustdesk_command_simple.png)
  - `Advanced mode`, commands can be executed directly in the backend
    * Official commands can be used
    * Custom commands can be added
    * Custom commands can be executed
 11. **LDAP Support**, When you setup the LDAP(test for OpenLDAP and AD), you can login with the LDAP's user. https://github.com/lejianwen/rustdesk-api/issues/114 , if LDAP fail fallback local user
 ### Web Client:
 1. If you're already logged into the admin panel, the web client will log in automatically.
 2. If you're not logged in, simply click the login button in the top right corner, and the API server will be
   pre-configured.
   ![webclient_conf](docs/webclient_conf.png)
 3. After logging in, the ID server and key will be automatically synced.
 4. The address book will also be automatically saved to the web client for convenient use.
 5. Now supports `v2 Preview`, accessible at `/webclient2`
   ![webclientv2](./docs/webclientv2.png)
-6. `v2 preview` deployment
+6. `v2 preview` deployment, [WIKI](https://github.com/lejianwen/rustdesk-api/wiki)
   - If deploying via `https` on port `443`, you must configure a reverse proxy. Refer to the [official documentation](https://rustdesk.com/docs/en/self-host/rustdesk-server-pro/faq/#8-add-websocket-secure-wss-support-for-the-id-server-and-relay-server-to-enable-secure-communication-for-the-web-client)
   - If deploying via `http` or other `https` ports, configure `21118` and `21119` as with `v1`
   - More [Web-Client-V2-Preview-Document](https://github.com/lejianwen/rustdesk-api/wiki/Web-Client-V2-Preview-Document)
 ### Automated Documentation : API documentation is generated using Swag, making it easier for developers to understand and use the API.
@@ -176,78 +143,59 @@ installation are `admin` `admin`, please change the password immediately.
 ### Configuration
 * [Config File](./conf/config.yaml)
 * Modify the configuration in `conf/config.yaml`. 
 * If `gorm.type` is set to `sqlite`, MySQL-related configurations are not required.
 * Language support: `en` and `zh-CN` are supported. The default is `zh-CN`.
 ```yaml
 lang: "en"
 app:
  web-client: 1  # web client route 1:open 0:close  
  register: false #register enable
 gin:
  api-addr: "0.0.0.0:21114"
  mode: "release"
  resources-path: 'resources'
  trust-proxy: ""
 gorm:
  type: "sqlite"
  max-idle-conns: 10
  max-open-conns: 100
 mysql:
  username: "root"
  password: "111111"
  addr: "192.168.1.66:3308"
  dbname: "rustdesk"
 rustdesk:
  id-server: "192.168.1.66:21116"
  relay-server: "192.168.1.66:21117"
  api-server: "http://192.168.1.66:21114"
  key: "123456789"
  personal: 1
 logger:
  path: "./runtime/log.txt"
  level: "warn" #trace,debug,info,warn,error,fatal
  report-caller: true
 proxy:
  enable: false
  host: ""
 ```
 ### Environment Variables
-The prefix for variable names is `RUSTDESK_API`. If environment variables exist, they will override the configurations in the configuration file.
+The environment variables correspond one-to-one with the configurations in the `conf/config.yaml` file. The prefix for variable names is `RUSTDESK_API`.
 The table below does not list all configurations. Please refer to the configurations in `conf/config.yaml`.
-| Variable Name                      | Description                                                             | Example                       |
+| Variable Name                                          | Description                                                                                                                                         | Example                       |
-|------------------------------------|-------------------------------------------------------------------------|-------------------------------|
+|--------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------|
-| TZ                                 | timezone                                                                | Asia/Shanghai                 |
+| TZ                                                     | timezone                                                                                                                                            | Asia/Shanghai                 |
-| RUSTDESK_API_LANG                  | Language                                                                | `en`,`zh-CN`                  |
+| RUSTDESK_API_LANG                                      | Language                                                                                                                                            | `en`,`zh-CN`                  |
-| RUSTDESK_API_APP_WEB_CLIENT        | web client on/off; 1: on, 0 off, deault 1                               | 1                             |
+| RUSTDESK_API_APP_WEB_CLIENT                            | web client on/off; 1: on, 0 off, default: 1                                                                                                         | 1                             |
-| RUSTDESK_API_APP_REGISTER          | register enable; `true`, `false`; default:`false`                       | `false`                       |
+| RUSTDESK_API_APP_REGISTER                              | register enable; `true`, `false`; default:`false`                                                                                                   | `false`                       |
-| ----- ADMIN Configuration-----     | ----------                                                              | ----------                    |
+| RUSTDESK_API_APP_SHOW_SWAGGER                          | swagger visible; 1: yes, 0: no; default: 0                                                                                                          | `0`                           |
-| RUSTDESK_API_ADMIN_TITLE           | Admin Title                                                             | `RustDesk Api Admin`          |
+| RUSTDESK_API_APP_TOKEN_EXPIRE                          | token expire duration                                                                                                                               | `168h`                        |
-| RUSTDESK_API_ADMIN_HELLO           | Admin welcome message, you can use `html`                               |                               |
+| RUSTDESK_API_APP_DISABLE_PWD_LOGIN                     | disable password login                                                                                                                              | `false`                       |
-| RUSTDESK_API_ADMIN_HELLO_FILE      | Admin welcome message file,<br>will override `RUSTDESK_API_ADMIN_HELLO` | `./conf/admin/hello.html`     |
+| RUSTDESK_API_APP_REGISTER_STATUS                       | register user default status ; 1 enabled , 2 disabled ; default 1                                                                                   | `1`                           |
-| ----- GIN Configuration -----      | ---------------------------------------                                 | ----------------------------- |
+| RUSTDESK_API_APP_CAPTCHA_THRESHOLD                     | captcha threshold; -1 disabled, 0 always enable, >0 threshold  ;default `3`                                                                         | `3`                           |
-| RUSTDESK_API_GIN_TRUST_PROXY       | Trusted proxy IPs, separated by commas.                                 | 192.168.1.2,192.168.1.3       |
+| RUSTDESK_API_APP_BAN_THRESHOLD                         | ban ip threshold; 0 disabled, >0 threshold ; default `0`
-| ----- GORM Configuration -----     | ---------------------------------------                                 | ----------------------------- |
+                                               | `0`                           |
-| RUSTDESK_API_GORM_TYPE             | Database type (`sqlite` or `mysql`). Default is `sqlite`.               | sqlite                        |
+| ----- ADMIN Configuration-----                         | ----------                                                                                                                                          | ----------                    |
-| RUSTDESK_API_GORM_MAX_IDLE_CONNS   | Maximum idle connections                                                | 10                            |
+| RUSTDESK_API_ADMIN_TITLE                               | Admin Title                                                                                                                                         | `RustDesk Api Admin`          |
-| RUSTDESK_API_GORM_MAX_OPEN_CONNS   | Maximum open connections                                                | 100                           |
+| RUSTDESK_API_ADMIN_HELLO                               | Admin welcome message, you can use `html`                                                                                                           |                               |
-| RUSTDESK_API_RUSTDESK_PERSONAL     | Open Personal Api 1:Enable,0:Disable                                    | 1                             |
+| RUSTDESK_API_ADMIN_HELLO_FILE                          | Admin welcome message file,<br>will override `RUSTDESK_API_ADMIN_HELLO`                                                                             | `./conf/admin/hello.html`     |
-| ----- MYSQL Configuration -----    | ---------------------------------------                                 | ----------------------------- |
+| ----- GIN Configuration -----                          | ---------------------------------------                                                                                                             | ----------------------------- |
-| RUSTDESK_API_MYSQL_USERNAME        | MySQL username                                                          | root                          |
+| RUSTDESK_API_GIN_TRUST_PROXY                           | Trusted proxy IPs, separated by commas.                                                                                                             | 192.168.1.2,192.168.1.3       |
-| RUSTDESK_API_MYSQL_PASSWORD        | MySQL password                                                          | 111111                        |
+| ----- GORM Configuration -----                         | ---------------------------------------                                                                                                             | ----------------------------- |
-| RUSTDESK_API_MYSQL_ADDR            | MySQL address                                                           | 192.168.1.66:3306             |
+| RUSTDESK_API_GORM_TYPE                                 | Database type (`sqlite` or `mysql`). Default is `sqlite`.                                                                                           | sqlite                        |
-| RUSTDESK_API_MYSQL_DBNAME          | MySQL database name                                                     | rustdesk                      |
+| RUSTDESK_API_GORM_MAX_IDLE_CONNS                       | Maximum idle connections                                                                                                                            | 10                            |
-| ----- RUSTDESK Configuration ----- | ---------------------------------------                                 | ----------------------------- |
+| RUSTDESK_API_GORM_MAX_OPEN_CONNS                       | Maximum open connections                                                                                                                            | 100                           |
-| RUSTDESK_API_RUSTDESK_ID_SERVER    | Rustdesk ID server address                                              | 192.168.1.66:21116            |
+| RUSTDESK_API_RUSTDESK_PERSONAL                         | Open Personal Api 1:Enable,0:Disable                                                                                                                | 1                             |
-| RUSTDESK_API_RUSTDESK_RELAY_SERVER | Rustdesk relay server address                                           | 192.168.1.66:21117            |
+| ----- MYSQL Configuration -----                        | ---------------------------------------                                                                                                             | ----------------------------- |
-| RUSTDESK_API_RUSTDESK_API_SERVER   | Rustdesk API server address                                             | http://192.168.1.66:21114     |
+| RUSTDESK_API_MYSQL_USERNAME                            | MySQL username                                                                                                                                      | root                          |
-| RUSTDESK_API_RUSTDESK_KEY          | Rustdesk key                                                            | 123456789                     |
+| RUSTDESK_API_MYSQL_PASSWORD                            | MySQL password                                                                                                                                      | 111111                        |
-| RUSTDESK_API_RUSTDESK_KEY_FILE     | Rustdesk存放key的文件                                                        | `./conf/data/id_ed25519.pub`  |
+| RUSTDESK_API_MYSQL_ADDR                                | MySQL address                                                                                                                                       | 192.168.1.66:3306             |
-| ---- PROXY -----                   | ---------------                                                         | ----------                    |
+| RUSTDESK_API_MYSQL_DBNAME                              | MySQL database name                                                                                                                                 | rustdesk                      |
-| RUSTDESK_API_PROXY_ENABLE          | proxy_enable :`false`, `true`                                           | `false`                       |
+| ----- RUSTDESK Configuration -----                     | ---------------------------------------                                                                                                             | ----------------------------- |
-| RUSTDESK_API_PROXY_HOST            | proxy_host                                                              | `http://127.0.0.1:1080`       |
+| RUSTDESK_API_RUSTDESK_ID_SERVER                        | Rustdesk ID server address                                                                                                                          | 192.168.1.66:21116            |
 | RUSTDESK_API_RUSTDESK_RELAY_SERVER                     | Rustdesk relay server address                                                                                                                       | 192.168.1.66:21117            |
 | RUSTDESK_API_RUSTDESK_API_SERVER                       | Rustdesk API server address                                                                                                                         | http://192.168.1.66:21114     |
 | RUSTDESK_API_RUSTDESK_KEY                              | Rustdesk key                                                                                                                                        | 123456789                     |
 | RUSTDESK_API_RUSTDESK_KEY_FILE                         | Rustdesk key file                                                                                                                                   | `./conf/data/id_ed25519.pub`  |
 | RUSTDESK_API_RUSTDESK<br/>_WEBCLIENT_MAGIC_QUERYONLINE | New online query method is enabled in the web client v2; '1': Enabled, '0': Disabled, not enabled by default                                        | `0`                           |
 | RUSTDESK_API_RUSTDESK_WS_HOST                          | Custom Websocket Host                                                                                                                               | `wss://192.168.1.123:1234`    |
 | ---- PROXY -----                                       | ---------------                                                                                                                                     | ----------                    |
 | RUSTDESK_API_PROXY_ENABLE                              | proxy_enable :`false`, `true`                                                                                                                       | `false`                       |
 | RUSTDESK_API_PROXY_HOST                                | proxy_host                                                                                                                                          | `http://127.0.0.1:1080`       |
 | ----JWT----                                            | --------                                                                                                                                            | --------                      |
 | RUSTDESK_API_JWT_KEY                                   | Custom JWT KEY, if empty JWT is not enabled.<br/>If `MUST_LOGIN` from `lejianwen/rustdesk-server` is not used, it is recommended to leave it empty. |                               |
 | RUSTDESK_API_JWT_EXPIRE_DURATION                       | JWT expire duration                                                                                                                                 | `168h`                        |
 ### Installation Steps
@@ -267,7 +215,7 @@ The prefix for variable names is `RUSTDESK_API`. If environment variables exist,
    lejianwen/rustdesk-api
    ```
-2. Using `docker-compose`,look [wiki](https://github.com/lejianwen/rustdesk-api/wiki)
+2. Using `docker-compose`,look [WIKI](https://github.com/lejianwen/rustdesk-api/wiki)
 #### Running from Release
@@ -304,10 +252,17 @@ Download the release from [release](https://github.com/lejianwen/rustdesk-api/re
 4. Run:
    ```bash
    # Run directly
-    go run cmd/apimain.go
+   go run cmd/apimain.go
-    # Or generate and run the API using generate_api.go
+   # Or generate and run the API using generate_api.go
-    go generate generate_api.go
+   go generate generate_api.go
-    ```
+   ```
   > **Note:** When using `go run` or the compiled binary, the `conf` and `resources`
   > directories must exist relative to the current working directory. If you run
   > the program from another location, specify absolute paths with `-c` and the
   > `RUSTDESK_API_GIN_RESOURCES_PATH` environment variable. Example:
   > ```bash
   > RUSTDESK_API_GIN_RESOURCES_PATH=/opt/rustdesk-api/resources ./apimain -c /opt/rustdesk-api/conf/config.yaml
   > ```
 5. To compile, change to the project root directory. For Windows, run `build.bat`, and for Linux, run `build.sh`. After
   compiling, the corresponding executables will be generated in the `release` directory. Run the compiled executables
@@ -316,8 +271,58 @@ Download the release from [release](https://github.com/lejianwen/rustdesk-api/re
 6. Open your browser and visit `http://<your server[:port]>/_admin/`, with default credentials `admin admin`. Please
   change the password promptly.
 #### Running with my forked server-s6 image
 - Connection timeout issue resolved
 - Can enforce login before initiating a connection
 - github https://github.com/lejianwen/rustdesk-server
 ```yaml
 networks:
   rustdesk-net:
     external: false
 services:
   rustdesk:
     ports:
       - 21114:21114
       - 21115:21115
       - 21116:21116
       - 21116:21116/udp
       - 21117:21117
       - 21118:21118
       - 21119:21119
     image: lejianwen/rustdesk-server-s6:latest
     environment:
       - RELAY=<relay_server[:port]>
       - ENCRYPTED_ONLY=1
       - MUST_LOGIN=N
       - TZ=Asia/Shanghai
       - RUSTDESK_API_RUSTDESK_ID_SERVER=<id_server[:21116]>
       - RUSTDESK_API_RUSTDESK_RELAY_SERVER=<relay_server[:21117]>
       - RUSTDESK_API_RUSTDESK_API_SERVER=http://<api_server[:21114]>
       - RUSTDESK_API_KEY_FILE=/data/id_ed25519.pub
       - RUSTDESK_API_JWT_KEY=xxxxxx # jwt key
     volumes:
       - /data/rustdesk/server:/data
       - /data/rustdesk/api:/app/data #将数据库挂载
     networks:
       - rustdesk-net
     restart: unless-stopped
 ```
 ## Others
 - [WIKI](https://github.com/lejianwen/rustdesk-api/wiki)
 - [Connection Timeout](https://github.com/lejianwen/rustdesk-api/issues/92)
 - [Change client ID](https://github.com/abdullah-erturk/RustDesk-ID-Changer)
- [Web client source](https://hub.docker.com/r/keyurbhole/flutter_web_desk)
+- [Web client source](https://hub.docker.com/r/keyurbhole/flutter_web_desk)
 ## Acknowledgements
 Thanks to everyone who contributed!
 <a href="https://github.com/lejianwen/rustdesk-api/graphs/contributors">
  <img src="https://contrib.rocks/image?repo=lejianwen/rustdesk-api" />
 </a>
 ## Thanks for your support! If you find this project useful, please give it a ⭐️. Thank you!
--- a/cmd/apimain.go
+++ b/cmd/apimain.go
@@ -1,24 +1,30 @@
 package main
 import (
 	"Gwen/config"
 	"Gwen/global"
 	"Gwen/http"
 	"Gwen/lib/cache"
 	"Gwen/lib/lock"
 	"Gwen/lib/logger"
 	"Gwen/lib/orm"
 	"Gwen/lib/upload"
 	"Gwen/model"
 	"Gwen/service"
 	"fmt"
 	"github.com/go-redis/redis/v8"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
 	"github.com/spf13/cobra"
 	"os"
 	"strconv"
 	"time"
 	"github.com/go-redis/redis/v8"
 	"github.com/lejianwen/rustdesk-api/v2/config"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http"
 	"github.com/lejianwen/rustdesk-api/v2/lib/cache"
 	"github.com/lejianwen/rustdesk-api/v2/lib/jwt"
 	"github.com/lejianwen/rustdesk-api/v2/lib/lock"
 	"github.com/lejianwen/rustdesk-api/v2/lib/logger"
 	"github.com/lejianwen/rustdesk-api/v2/lib/orm"
 	"github.com/lejianwen/rustdesk-api/v2/lib/upload"
 	"github.com/lejianwen/rustdesk-api/v2/model"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"github.com/lejianwen/rustdesk-api/v2/utils"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
 	"github.com/spf13/cobra"
 )
 const DatabaseVersion = 264
 // @title 管理系统API
 // @version 1.0
 // @description 接口
@@ -37,7 +43,7 @@ var rootCmd = &cobra.Command{
 		InitGlobal()
 	},
 	Run: func(cmd *cobra.Command, args []string) {
-		//gin
+		global.Logger.Info("API SERVER START")
 		http.ApiInit()
 	},
 }
@@ -50,12 +56,16 @@ var resetPwdCmd = &cobra.Command{
 	Run: func(cmd *cobra.Command, args []string) {
 		pwd := args[0]
 		admin := service.AllService.UserService.InfoById(1)
-		err := service.AllService.UserService.UpdatePassword(admin, pwd)
+		if admin.Id == 0 {
-		if err != nil {
+			global.Logger.Warn("user not found! ")
 			fmt.Printf("reset password fail! %v \n", err)
 			return
 		}
-		fmt.Printf("reset password success! \n")
+		err := service.AllService.UserService.UpdatePassword(admin, pwd)
 		if err != nil {
 			global.Logger.Error("reset password fail! ", err)
 			return
 		}
 		global.Logger.Info("reset password success! ")
 	},
 }
 var resetUserPwdCmd = &cobra.Command{
@@ -68,20 +78,24 @@ var resetUserPwdCmd = &cobra.Command{
 		pwd := args[1]
 		uid, err := strconv.Atoi(userId)
 		if err != nil {
-			fmt.Printf("userId must be int! \n")
+			global.Logger.Warn("userId must be int!")
 			return
 		}
 		if uid <= 0 {
-			fmt.Printf("userId must be greater than 0! \n")
+			global.Logger.Warn("userId must be greater than 0! ")
 			return
 		}
 		u := service.AllService.UserService.InfoById(uint(uid))
-		err = service.AllService.UserService.UpdatePassword(u, pwd)
+		if u.Id == 0 {
-		if err != nil {
+			global.Logger.Warn("user not found! ")
 			fmt.Printf("reset password fail! %v \n", err)
 			return
 		}
-		fmt.Printf("reset password success! \n")
+		err = service.AllService.UserService.UpdatePassword(u, pwd)
 		if err != nil {
 			global.Logger.Warn("reset password fail! ", err)
 			return
 		}
 		global.Logger.Info("reset password success!")
 	},
 }
@@ -91,7 +105,7 @@ func init() {
 }
 func main() {
 	if err := rootCmd.Execute(); err != nil {
-		fmt.Println(err)
+		global.Logger.Error(err)
 		os.Exit(1)
 	}
 }
@@ -100,9 +114,6 @@ func InitGlobal() {
 	//配置解析
 	global.Viper = config.Init(&global.Config, global.ConfigPath)
 	//从配置文件中加载密钥
 	config.LoadKeyFile(&global.Config.Rustdesk)
 	//日志
 	global.Logger = logger.New(&logger.Config{
 		Path:         global.Config.Logger.Path,
@@ -133,20 +144,41 @@ func InitGlobal() {
 	}
 	//gorm
 	if global.Config.Gorm.Type == config.TypeMysql {
-		dns := global.Config.Mysql.Username + ":" + global.Config.Mysql.Password + "@(" + global.Config.Mysql.Addr + ")/" + global.Config.Mysql.Dbname + "?charset=utf8mb4&parseTime=True&loc=Local"
+
 		dsn := fmt.Sprintf("%s:%s@(%s)/%s?charset=utf8mb4&parseTime=True&loc=Local",
 			global.Config.Mysql.Username,
 			global.Config.Mysql.Password,
 			global.Config.Mysql.Addr,
 			global.Config.Mysql.Dbname,
 		)
 		global.DB = orm.NewMysql(&orm.MysqlConfig{
-			Dns:          dns,
+			Dsn:          dsn,
 			MaxIdleConns: global.Config.Gorm.MaxIdleConns,
 			MaxOpenConns: global.Config.Gorm.MaxOpenConns,
-		})
+		}, global.Logger)
 	} else if global.Config.Gorm.Type == config.TypePostgresql {
 		dsn := fmt.Sprintf("host=%s port=%s user=%s password=%s dbname=%s sslmode=%s TimeZone=%s",
 			global.Config.Postgresql.Host,
 			global.Config.Postgresql.Port,
 			global.Config.Postgresql.User,
 			global.Config.Postgresql.Password,
 			global.Config.Postgresql.Dbname,
 			global.Config.Postgresql.Sslmode,
 			global.Config.Postgresql.TimeZone,
 		)
 		global.DB = orm.NewPostgresql(&orm.PostgresqlConfig{
 			Dsn:          dsn,
 			MaxIdleConns: global.Config.Gorm.MaxIdleConns,
 			MaxOpenConns: global.Config.Gorm.MaxOpenConns,
 		}, global.Logger)
 	} else {
 		//sqlite
 		global.DB = orm.NewSqlite(&orm.SqliteConfig{
 			MaxIdleConns: global.Config.Gorm.MaxIdleConns,
 			MaxOpenConns: global.Config.Gorm.MaxOpenConns,
-		})
+		}, global.Logger)
 	}
 	DatabaseAutoUpdate()
 	//validator
 	global.ApiInitValidator()
@@ -163,43 +195,60 @@ func InitGlobal() {
 	//jwt
 	//fmt.Println(global.Config.Jwt.PrivateKey)
-	//global.Jwt = jwt.NewJwt(global.Config.Jwt.PrivateKey, global.Config.Jwt.ExpireDuration*time.Second)
+	global.Jwt = jwt.NewJwt(global.Config.Jwt.Key, global.Config.Jwt.ExpireDuration)
 	//locker
 	global.Lock = lock.NewLocal()
 	//service
 	service.New(&global.Config, global.DB, global.Logger, global.Jwt, global.Lock)
 	global.LoginLimiter = utils.NewLoginLimiter(utils.SecurityPolicy{
 		CaptchaThreshold: global.Config.App.CaptchaThreshold,
 		BanThreshold:     global.Config.App.BanThreshold,
 		AttemptsWindow:   10 * time.Minute,
 		BanDuration:      30 * time.Minute,
 	})
 	global.LoginLimiter.RegisterProvider(utils.B64StringCaptchaProvider{})
 	DatabaseAutoUpdate()
 }
 func DatabaseAutoUpdate() {
-	version := 246
+	version := DatabaseVersion
 	db := global.DB
 	if global.Config.Gorm.Type == config.TypeMysql {
 		//检查存不存在数据库，不存在则创建
 		dbName := db.Migrator().CurrentDatabase()
 		fmt.Println("dbName", dbName)
 		if dbName == "" {
 			dbName = global.Config.Mysql.Dbname
 			// 移除 DSN 中的数据库名称，以便初始连接时不指定数据库
-			dsnWithoutDB := global.Config.Mysql.Username + ":" + global.Config.Mysql.Password + "@(" + global.Config.Mysql.Addr + ")/?charset=utf8mb4&parseTime=True&loc=Local"
+			dsnWithoutDB := fmt.Sprintf("%s:%s@(%s)/%s?charset=utf8mb4&parseTime=True&loc=Local",
 				global.Config.Mysql.Username,
 				global.Config.Mysql.Password,
 				global.Config.Mysql.Addr,
 				"",
 			)
 			//新链接
 			dbWithoutDB := orm.NewMysql(&orm.MysqlConfig{
-				Dns: dsnWithoutDB,
+				Dsn: dsnWithoutDB,
-			})
+			}, global.Logger)
 			// 获取底层的 *sql.DB 对象，并确保在程序退出时关闭连接
 			sqlDBWithoutDB, err := dbWithoutDB.DB()
 			if err != nil {
-				fmt.Printf("获取底层 *sql.DB 对象失败: %v\n", err)
+				global.Logger.Errorf("获取底层 *sql.DB 对象失败: %v", err)
 				return
 			}
 			defer func() {
 				if err := sqlDBWithoutDB.Close(); err != nil {
-					fmt.Printf("关闭连接失败: %v\n", err)
+					global.Logger.Errorf("关闭连接失败: %v", err)
 				}
 			}()
 			err = dbWithoutDB.Exec("CREATE DATABASE IF NOT EXISTS " + dbName + " DEFAULT CHARSET utf8mb4").Error
 			if err != nil {
-				fmt.Println(err)
+				global.Logger.Error(err)
 				return
 			}
 		}
@@ -214,6 +263,7 @@ func DatabaseAutoUpdate() {
 		if v.Version < uint(version) {
 			Migrate(uint(version))
 		}
 		// 245迁移
 		if v.Version < 245 {
 			//oauths 表的 oauth_type 字段设置为 op同样的值
@@ -236,7 +286,7 @@ func DatabaseAutoUpdate() {
 }
 func Migrate(version uint) {
-	fmt.Println("migrating....", version)
+	global.Logger.Info("Migrating....", version)
 	err := global.DB.AutoMigrate(
 		&model.Version{},
 		&model.User{},
@@ -253,9 +303,11 @@ func Migrate(version uint) {
 		&model.AuditFile{},
 		&model.AddressBookCollection{},
 		&model.AddressBookCollectionRule{},
 		&model.ServerCmd{},
 		&model.DeviceGroup{},
 	)
 	if err != nil {
-		fmt.Println("migrate err :=>", err)
+		global.Logger.Error("migrate err :=>", err)
 	}
 	global.DB.Create(&model.Version{Version: version})
 	//如果是初次则创建一个默认用户
@@ -289,7 +341,15 @@ func Migrate(version uint) {
 			IsAdmin:  &is_admin,
 			GroupId:  1,
 		}
-		admin.Password = service.AllService.UserService.EncryptPassword("admin")
+
 		// 生成随机密码
 		pwd := utils.RandomString(8)
 		global.Logger.Info("Admin Password Is: ", pwd)
 		var err error
 		admin.Password, err = utils.EncryptPassword(pwd)
 		if err != nil {
 			global.Logger.Fatalf("failed to generate admin password: %v", err)
 		}
 		global.DB.Create(admin)
 	}
--- a/conf/admin/hello.html
+++ b/conf/admin/hello.html
@@ -1 +1 @@
-👏👏👏 你好 <strong>{{username}}</strong>, 欢迎使用 <a href='https://github.com/lejianwen/rustdesk-api' target='_blank'>RustDesk Api Admin</a>
+### 👏👏👏 你好 ***{{username}}***， 欢迎使用 [RustDesk API](https://github.com/lejianwen/rustdesk-api)
--- a/conf/config.yaml
+++ b/conf/config.yaml
@@ -2,10 +2,21 @@ lang: "zh-CN"
 app:
  web-client: 1  # 1:启用 0:禁用
  register: false #是否开启注册
  register-status: 1 # 注册用户默认状态 1:启用 2:禁用
  captcha-threshold: 3 #   <0:disabled, 0 always, >0:enabled
  ban-threshold: 0 # 0:disabled, >0:enabled
  show-swagger: 0 # 1:启用 0:禁用
  token-expire: 168h
  web-sso: true #web auth sso
  disable-pwd-login: false #禁用密码登录
 admin:
-  title: "RustDesk Api Admin"
+  title: "RustDesk API Admin"
  hello-file: "./conf/admin/hello.html"  #优先使用file
  hello: ""
  # ID Server and Relay Server ports https://github.com/lejianwen/rustdesk-api/issues/257
  id-server-port: 21116  # ID Server port (for server cmd)
  relay-server-port: 21117 # ID Server port (for server cmd)
 gin:
  api-addr: "0.0.0.0:21114"
  mode: "release" #release,debug,test
@@ -20,37 +31,53 @@ mysql:
  password: ""
  addr: ""
  dbname: ""
 postgresql:
  host: "127.0.0.1"
  port: "5432"
  user: ""
  password: ""
  dbname: "postgres"
  sslmode: "disable" # disable, require, verify-ca, verify-full
  time-zone: "Asia/Shanghai" # Time zone for PostgreSQL connection
 rustdesk:
  id-server: "192.168.1.66:21116"
  relay-server: "192.168.1.66:21117"
  api-server: "http://127.0.0.1:21114"
  key: ""
-  key-file: "./conf/data/id_ed25519.pub"
+  key-file: "/data/id_ed25519.pub"
  personal: 1
  webclient-magic-queryonline: 0
  ws-host: ""  #eg: wss://192.168.1.3:4443
 logger:
  path: "./runtime/log.txt"
-  level: "warn" #trace,debug,info,warn,error,fatal
+  level: "info" #trace,debug,info,warn,error,fatal
  report-caller: true
 proxy:
  enable: false
  host: "http://127.0.0.1:1080"
 redis:
  addr: "127.0.0.1:6379"
  password: ""
  db: 0
 cache:
  type: "file"
  file-dir: "./runtime/cache"
  redis-addr: "127.0.0.1:6379"
  redis-pwd: ""
  redis-db: 0
 oss:
  access-key-id: ""
  access-key-secret: ""
  host: ""
  callback-url: ""
  expire-time: 30
  max-byte: 10240
 jwt:
-  private-key: "./conf/jwt_pri.pem"
+  key: ""
-  expire-duration: 360000
+  expire-duration: 168h
 ldap:
  enable: false
  url: "ldap://ldap.example.com:389"
  tls-ca-file: ""
  tls-verify: false
  base-dn: "dc=example,dc=com"
  bind-dn: "cn=admin,dc=example,dc=com"
  bind-password: "password"
  user:
    base-dn: "ou=users,dc=example,dc=com"
    enable-attr: ""       #The attribute name of the user for enabling, in AD it is "userAccountControl", empty means no enable attribute, all users are enabled
    enable-attr-value: "" # The value of the enable attribute when the user is enabled. If you are using AD, just set random value, it will be ignored.
    filter: "(cn=*)"
    username: "uid"       # The attribute name of the user for usernamem if you are using AD, it should be "sAMAccountName"
    email: "mail"
    first-name: "givenName"
    last-name: "sn"
    sync: false         # If true, the user will be synchronized to the database when the user logs in. If false, the user will be synchronized to the database when the user be created.
    admin-group: "cn=admin,dc=example,dc=com" # The group name of the admin group, if the user is in this group, the user will be an admin.
--- a/config/config.go
+++ b/config/config.go
@@ -2,9 +2,9 @@ package config
 import (
 	"fmt"
 	"github.com/fsnotify/fsnotify"
 	"github.com/spf13/viper"
 	"strings"
 	"time"
 )
 const (
@@ -14,32 +14,52 @@ const (
 )
 type App struct {
-	WebClient int  `mapstructure:"web-client"`
+	WebClient        int           `mapstructure:"web-client"`
-	Register  bool `mapstructure:"register"`
+	Register         bool          `mapstructure:"register"`
 	RegisterStatus   int           `mapstructure:"register-status"`
 	ShowSwagger      int           `mapstructure:"show-swagger"`
 	TokenExpire      time.Duration `mapstructure:"token-expire"`
 	WebSso           bool          `mapstructure:"web-sso"`
 	DisablePwdLogin  bool          `mapstructure:"disable-pwd-login"`
 	CaptchaThreshold int           `mapstructure:"captcha-threshold"`
 	BanThreshold     int           `mapstructure:"ban-threshold"`
 }
 type Admin struct {
-	Title     string `mapstructure:"title"`
+	Title           string `mapstructure:"title"`
-	Hello     string `mapstructure:"hello"`
+	Hello           string `mapstructure:"hello"`
-	HelloFile string `mapstructure:"hello-file"`
+	HelloFile       string `mapstructure:"hello-file"`
 	IdServerPort    int    `mapstructure:"id-server-port"`
 	RelayServerPort int    `mapstructure:"relay-server-port"`
 }
 type Config struct {
-	Lang     string `mapstructure:"lang"`
+	Lang       string `mapstructure:"lang"`
-	App      App
+	App        App
-	Admin    Admin
+	Admin      Admin
-	Gorm     Gorm
+	Gorm       Gorm
-	Mysql    Mysql
+	Mysql      Mysql
-	Gin      Gin
+	Postgresql Postgresql
-	Logger   Logger
+	Gin        Gin
-	Redis    Redis
+	Logger     Logger
-	Cache    Cache
+	Redis      Redis
-	Oss      Oss
+	Cache      Cache
-	Jwt      Jwt
+	Oss        Oss
-	Rustdesk Rustdesk
+	Jwt        Jwt
-	Proxy    Proxy
+	Rustdesk   Rustdesk
 	Proxy      Proxy
 	Ldap       Ldap
 }
 func (a *Admin) Init() {
 	if a.IdServerPort == 0 {
 		a.IdServerPort = DefaultIdServerPort
 	}
 	if a.RelayServerPort == 0 {
 		a.RelayServerPort = DefaultRelayServerPort
 	}
 }
 // Init 初始化配置
-func Init(rowVal interface{}, path string) *viper.Viper {
+func Init(rowVal *Config, path string) *viper.Viper {
 	if path == "" {
 		path = DefaultConfig
 	}
@@ -53,18 +73,26 @@ func Init(rowVal interface{}, path string) *viper.Viper {
 	if err != nil {
 		panic(fmt.Errorf("Fatal error config file: %s \n", err))
 	}
-	v.WatchConfig()
+	/*
-	v.OnConfigChange(func(e fsnotify.Event) {
+		v.WatchConfig()
 		//配置文件修改监听
 		fmt.Println("config file changed:", e.Name)
 		if err2 := v.Unmarshal(rowVal); err2 != nil {
 			fmt.Println(err2)
 		}
 	})
 	if err := v.Unmarshal(rowVal); err != nil {
 		fmt.Println(err)
 	}
 			//监听配置修改没什么必要
 			v.OnConfigChange(func(e fsnotify.Event) {
 				//配置文件修改监听
 				fmt.Println("config file changed:", e.Name)
 				if err2 := v.Unmarshal(rowVal); err2 != nil {
 					fmt.Println(err2)
 				}
 				rowVal.Rustdesk.LoadKeyFile()
 				rowVal.Rustdesk.ParsePort()
 			})
 	*/
 	if err := v.Unmarshal(rowVal); err != nil {
 		panic(fmt.Errorf("Fatal error config: %s \n", err))
 	}
 	rowVal.Rustdesk.LoadKeyFile()
 	rowVal.Admin.Init()
 	return v
 }
--- a/config/gorm.go
+++ b/config/gorm.go
@@ -1,8 +1,9 @@
 package config
 const (
-	TypeSqlite = "sqlite"
+	TypeSqlite     = "sqlite"
-	TypeMysql  = "mysql"
+	TypeMysql      = "mysql"
 	TypePostgresql = "postgresql"
 )
 type Gorm struct {
@@ -17,3 +18,13 @@ type Mysql struct {
 	Password string `mapstructure:"password"`
 	Dbname   string `mapstructure:"dbname"`
 }
 type Postgresql struct {
 	Host     string `mapstructure:"host"`
 	Port     string `mapstructure:"port"`
 	User     string `mapstructure:"user"`
 	Password string `mapstructure:"password"`
 	Dbname   string `mapstructure:"dbname"`
 	Sslmode  string `mapstructure:"sslmode"`   // "disable", "require", "verify-ca", "verify-full"
 	TimeZone string `mapstructure:"time-zone"` // e.g., "Asia/Shanghai"
 }
--- a/config/jwt.go
+++ b/config/jwt.go
@@ -3,6 +3,6 @@ package config
 import "time"
 type Jwt struct {
-	PrivateKey     string        `mapstructure:"private-key"`
+	Key            string        `mapstructure:"key"`
 	ExpireDuration time.Duration `mapstructure:"expire-duration"`
 }
--- a/config/ldap.go
+++ b/config/ldap.go
@@ -0,0 +1,36 @@
 package config
 type LdapUser struct {
 	BaseDn          string `mapstructure:"base-dn"`           // The base DN of the user for searching
 	EnableAttr      string `mapstructure:"enable-attr"`       // The attribute name of the user for enabling, in AD it is "userAccountControl", empty means no enable attribute, all users are enabled
 	EnableAttrValue string `mapstructure:"enable-attr-value"` // The value of the enable attribute when the user is enabled. If you are using AD, just leave it random str, it will be ignored.
 	Filter          string `mapstructure:"filter"`
 	Username        string `mapstructure:"username"`
 	Email           string `mapstructure:"email"`
 	FirstName       string `mapstructure:"first-name"`
 	LastName        string `mapstructure:"last-name"`
 	Sync            bool   `mapstructure:"sync"`        // Will sync the user's information to the internal database
 	AdminGroup      string `mapstructure:"admin-group"` // Which group is the admin group
 }
 // type LdapGroup struct {
 // 	BaseDn 		string            `mapstructure:"base-dn"` // The base DN of the group for searching
 // 	Name        string            `mapstructure:"name"`    // The attribute name of the group
 // 	Filter      string            `mapstructure:"filter"`
 // 	Admin       string            `mapstructure:"admin"`   // Which group is the admin group
 // 	Member      string            `mapstructure:"member"`  // How to get the member of the group: member, uniqueMember, or memberOf (default: member)
 // 	Mode        string            `mapstructure:"mode"`
 // 	Map         map[string]string `mapstructure:"map"`     // If mode is "map", map the LDAP group to the internal group
 // }
 type Ldap struct {
 	Enable       bool     `mapstructure:"enable"`
 	Url          string   `mapstructure:"url"`
 	TlsCaFile    string   `mapstructure:"tls-ca-file"`
 	TlsVerify    bool     `mapstructure:"tls-verify"`
 	BaseDn       string   `mapstructure:"base-dn"`
 	BindDn       string   `mapstructure:"bind-dn"`
 	BindPassword string   `mapstructure:"bind-password"`
 	User         LdapUser `mapstructure:"user"`
 	// Group        LdapGroup `mapstructure:"group"`
 }
--- a/config/oauth.go
+++ b/config/oauth.go
@@ -3,18 +3,20 @@ package config
 type GithubOauth struct {
 	ClientId     string `mapstructure:"client-id"`
 	ClientSecret string `mapstructure:"client-secret"`
 	RedirectUrl  string `mapstructure:"redirect-url"`
 }
 type GoogleOauth struct {
 	ClientId     string `mapstructure:"client-id"`
 	ClientSecret string `mapstructure:"client-secret"`
 	RedirectUrl  string `mapstructure:"redirect-url"`
 }
 type OidcOauth struct {
 	Issuer       string `mapstructure:"issuer"`
 	ClientId     string `mapstructure:"client-id"`
 	ClientSecret string `mapstructure:"client-secret"`
-	RedirectUrl  string `mapstructure:"redirect-url"`
+}
-}
+
 type LinuxdoOauth struct {
 	ClientId     string `mapstructure:"client-id"`
 	ClientSecret string `mapstructure:"client-secret"`
 }
--- a/config/rustdesk.go
+++ b/config/rustdesk.go
@@ -4,27 +4,37 @@ import (
 	"os"
 )
 const (
 	DefaultIdServerPort    = 21116
 	DefaultRelayServerPort = 21117
 )
 type Rustdesk struct {
-	IdServer    string `mapstructure:"id-server"`
+	IdServer        string `mapstructure:"id-server"`
-	RelayServer string `mapstructure:"relay-server"`
+	IdServerPort    int    `mapstructure:"-"`
-	ApiServer   string `mapstructure:"api-server"`
+	RelayServer     string `mapstructure:"relay-server"`
-	Key         string `mapstructure:"key"`
+	RelayServerPort int    `mapstructure:"-"`
-	KeyFile     string `mapstructure:"key-file"`
+	ApiServer       string `mapstructure:"api-server"`
-	Personal    int    `mapstructure:"personal"`
+	Key             string `mapstructure:"key"`
 	KeyFile         string `mapstructure:"key-file"`
 	Personal        int    `mapstructure:"personal"`
 	//webclient-magic-queryonline
 	WebclientMagicQueryonline int    `mapstructure:"webclient-magic-queryonline"`
 	WsHost                    string `mapstructure:"ws-host"`
 }
-func LoadKeyFile(rustdesk *Rustdesk) {
+func (rd *Rustdesk) LoadKeyFile() {
 	// Load key file
-	if rustdesk.Key != "" {
+	if rd.Key != "" {
 		return
 	}
-	if rustdesk.KeyFile != "" {
+	if rd.KeyFile != "" {
 		// Load key from file
-		b, err := os.ReadFile(rustdesk.KeyFile)
+		b, err := os.ReadFile(rd.KeyFile)
 		if err != nil {
 			return
 		}
-		rustdesk.Key = string(b)
+		rd.Key = string(b)
 		return
 	}
 }
--- a/conf/jwt_pri.pem
+++ b/conf/jwt_pri.pem
--- a/debian/changelog
+++ b/debian/changelog
@@ -0,0 +1,5 @@
 rustdesk-api-server (1.3.6) UNRELEASED; urgency=medium
  * Update the version to 1.3.6 to match the client.
 -- rustdesk-api <ymwlpoolc@qq.com>  Tue, 24 Dec 2024 13:48:34 +0800
--- a/debian/compat
+++ b/debian/compat
@@ -0,0 +1 @@
 10
--- a/debian/control.tpl
+++ b/debian/control.tpl
@@ -0,0 +1,13 @@
 Source: rustdesk-api-server
 Section: net
 Priority: optional
 Maintainer: ymwl <ymwlpoolc@qq.com>
 Build-Depends: debhelper (>= 10), pkg-config
 Standards-Version: 4.5.0
 Homepage: https://github.com/lejianwen/rustdesk-api/
 Package: rustdesk-api-server
 Architecture: {{ ARCH }}
 Depends: systemd ${misc:Depends}
 Description: RustDesk api server
 RustDesk api server, it is free and open source.
--- a/debian/copyright
+++ b/debian/copyright
@@ -0,0 +1,21 @@
 MIT License
 Copyright (c) 2024-present Lejianwen and contributors
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
 in the Software without restriction, including without limitation the rights
 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 copies of the Software, and to permit persons to whom the Software is
 furnished to do so, subject to the following conditions:
 The above copyright notice and this permission notice shall be included in all
 copies or substantial portions of the Software.
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
--- a/debian/rules
+++ b/debian/rules
@@ -0,0 +1,6 @@
 #!/usr/bin/make -f
 %:
 	dh $@
 override_dh_builddeb:
 	dh_builddeb -- -Zgzip
--- a/debian/rustdesk-api-server.install
+++ b/debian/rustdesk-api-server.install
@@ -0,0 +1,6 @@
 bin/rustdesk-api usr/bin
 systemd/rustdesk-api.service lib/systemd/system
 conf var/lib/rustdesk-api
 data var/lib/rustdesk-api
 resources var/lib/rustdesk-api
 runtime var/lib/rustdesk-api
--- a/debian/rustdesk-api-server.postinst
+++ b/debian/rustdesk-api-server.postinst
@@ -0,0 +1,28 @@
 #!/bin/sh
 set -e
 SERVICE=rustdesk-api.service
 if [ "$1" = "configure" ]; then
    mkdir -p /var/log/rustdesk-api
 fi
 case "$1" in
    configure|abort-upgrade|abort-deconfigure|abort-remove)
      mkdir -p /var/lib/rustdesk-api/
 	  deb-systemd-helper unmask "${SERVICE}" >/dev/null || true
 	  if deb-systemd-helper --quiet was-enabled "${SERVICE}"; then
 		deb-systemd-invoke enable "${SERVICE}" >/dev/null || true
 	  else
 		deb-systemd-invoke update-state "${SERVICE}" >/dev/null || true
 	  fi
 	  systemctl --system daemon-reload >/dev/null || true
 	  if [ -n "$2" ]; then
 		deb-systemd-invoke restart "${SERVICE}" >/dev/null || true
 	  else
 		deb-systemd-invoke start "${SERVICE}" >/dev/null || true
 	  fi
    ;;
 esac
 exit 0
--- a/debian/rustdesk-api-server.postrm
+++ b/debian/rustdesk-api-server.postrm
@@ -0,0 +1,18 @@
 #!/bin/sh
 set -e
 SERVICE=rustdesk-api.service
 systemctl --system daemon-reload >/dev/null || true
 if [ "$1" = "purge" ]; then
 	rm -rf /var/log/rustdesk-api/rustdesk-api.*
 	deb-systemd-helper purge "${SERVICE}" >/dev/null || true
 	deb-systemd-helper unmask "${SERVICE}" >/dev/null || true
 fi
 if [ "$1" = "remove" ]; then
 	deb-systemd-helper mask "${SERVICE}" >/dev/null || true
 fi
 exit 0
--- a/debian/rustdesk-api-server.prerm
+++ b/debian/rustdesk-api-server.prerm
@@ -0,0 +1,13 @@
 #!/bin/sh
 set -e
 SERVICE=rustdesk-api.service
 case "$1" in
    remove|deconfigure)
 	  deb-systemd-invoke stop "${SERVICE}" >/dev/null || true
 	  deb-systemd-invoke disable "${SERVICE}" >/dev/null || true
 	;;
 esac
 exit 0
--- a/debian/source/format
+++ b/debian/source/format
@@ -0,0 +1 @@
 3.0 (native)
--- a/docker-compose-dev.yaml
+++ b/docker-compose-dev.yaml
@@ -5,7 +5,7 @@ services:
      dockerfile: Dockerfile.dev
      args:
        COUNTRY: CN
-        FREONTEND_GIT_REPO: https://github.com/lejianwen/rustdesk-api-web.git
+        FRONTEND_GIT_REPO: https://github.com/lejianwen/rustdesk-api-web.git
        FRONTEND_GIT_BRANCH: master
    # image: lejianwen/rustdesk-api
    container_name: rustdesk-api
@@ -21,4 +21,4 @@ services:
      - ./data/rustdesk/api:/app/data #将数据库挂载出来方便备份
      - ./conf:/app/conf # config
      # - ./resources:/app/resources # 静态资源
-    restart: unless-stopped
+    restart: unless-stopped
--- a/docs/admin/admin_docs.go
+++ b/docs/admin/admin_docs.go
--- a/docs/admin/admin_swagger.json
+++ b/docs/admin/admin_swagger.json
--- a/docs/admin/admin_swagger.yaml
+++ b/docs/admin/admin_swagger.yaml
--- a/docs/admin_webclient.png
+++ b/docs/admin_webclient.png
--- a/docs/api/api_docs.go
+++ b/docs/api/api_docs.go
@@ -653,40 +653,6 @@ const docTemplateapi = `{
                }
            }
        },
        "/api": {
            "get": {
                "security": [
                    {
                        "token": []
                    }
                ],
                "description": "用户信息",
                "consumes": [
                    "application/json"
                ],
                "produces": [
                    "application/json"
                ],
                "tags": [
                    "用户"
                ],
                "summary": "用户信息",
                "responses": {
                    "200": {
                        "description": "OK",
                        "schema": {
                            "$ref": "#/definitions/api.UserPayload"
                        }
                    },
                    "500": {
                        "description": "Internal Server Error",
                        "schema": {
                            "$ref": "#/definitions/response.Response"
                        }
                    }
                }
            }
        },
        "/audit/conn": {
            "post": {
                "description": "审计连接",
@@ -767,6 +733,100 @@ const docTemplateapi = `{
                }
            }
        },
        "/currentUser": {
            "get": {
                "security": [
                    {
                        "token": []
                    }
                ],
                "description": "用户信息",
                "consumes": [
                    "application/json"
                ],
                "produces": [
                    "application/json"
                ],
                "tags": [
                    "用户"
                ],
                "summary": "用户信息",
                "responses": {
                    "200": {
                        "description": "OK",
                        "schema": {
                            "$ref": "#/definitions/api.UserPayload"
                        }
                    },
                    "500": {
                        "description": "Internal Server Error",
                        "schema": {
                            "$ref": "#/definitions/response.Response"
                        }
                    }
                }
            }
        },
        "/device-group/accessible": {
            "get": {
                "security": [
                    {
                        "BearerAuth": []
                    }
                ],
                "description": "机器",
                "consumes": [
                    "application/json"
                ],
                "produces": [
                    "application/json"
                ],
                "tags": [
                    "群组"
                ],
                "summary": "设备",
                "parameters": [
                    {
                        "type": "integer",
                        "description": "页码",
                        "name": "page",
                        "in": "query"
                    },
                    {
                        "type": "integer",
                        "description": "每页数量",
                        "name": "pageSize",
                        "in": "query"
                    },
                    {
                        "type": "integer",
                        "description": "状态",
                        "name": "status",
                        "in": "query"
                    },
                    {
                        "type": "string",
                        "description": "accessible",
                        "name": "accessible",
                        "in": "query"
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK",
                        "schema": {
                            "$ref": "#/definitions/response.DataResponse"
                        }
                    },
                    "500": {
                        "description": "Internal Server Error",
                        "schema": {
                            "$ref": "#/definitions/response.Response"
                        }
                    }
                }
            }
        },
        "/heartbeat": {
            "post": {
                "description": "心跳",
@@ -1148,7 +1208,7 @@ const docTemplateapi = `{
                    "application/json"
                ],
                "tags": [
-                    "地址"
+                    "System"
                ],
                "summary": "提交系统信息",
                "parameters": [
@@ -1178,14 +1238,9 @@ const docTemplateapi = `{
                }
            }
        },
-        "/tags": {
+        "/sysinfo_ver": {
            "post": {
-                "security": [
+                "description": "获取系统版本信息",
                    {
                        "BearerAuth": []
                    }
                ],
                "description": "标签",
                "consumes": [
                    "application/json"
                ],
@@ -1193,17 +1248,14 @@ const docTemplateapi = `{
                    "application/json"
                ],
                "tags": [
-                    "地址"
+                    "System"
                ],
-                "summary": "标签",
+                "summary": "获取系统版本信息",
                "responses": {
                    "200": {
                        "description": "OK",
                        "schema": {
-                            "type": "array",
+                            "type": "string"
                            "items": {
                                "$ref": "#/definitions/model.Tag"
                            }
                        }
                    },
                    "500": {
@@ -1289,6 +1341,35 @@ const docTemplateapi = `{
                    }
                }
            }
        },
        "/version": {
            "get": {
                "description": "版本",
                "consumes": [
                    "application/json"
                ],
                "produces": [
                    "application/json"
                ],
                "tags": [
                    "首页"
                ],
                "summary": "版本",
                "responses": {
                    "200": {
                        "description": "OK",
                        "schema": {
                            "$ref": "#/definitions/response.Response"
                        }
                    },
                    "500": {
                        "description": "Internal Server Error",
                        "schema": {
                            "$ref": "#/definitions/response.Response"
                        }
                    }
                }
            }
        }
    },
    "definitions": {
--- a/docs/api/api_swagger.json
+++ b/docs/api/api_swagger.json
@@ -646,40 +646,6 @@
                }
            }
        },
        "/api": {
            "get": {
                "security": [
                    {
                        "token": []
                    }
                ],
                "description": "用户信息",
                "consumes": [
                    "application/json"
                ],
                "produces": [
                    "application/json"
                ],
                "tags": [
                    "用户"
                ],
                "summary": "用户信息",
                "responses": {
                    "200": {
                        "description": "OK",
                        "schema": {
                            "$ref": "#/definitions/api.UserPayload"
                        }
                    },
                    "500": {
                        "description": "Internal Server Error",
                        "schema": {
                            "$ref": "#/definitions/response.Response"
                        }
                    }
                }
            }
        },
        "/audit/conn": {
            "post": {
                "description": "审计连接",
@@ -760,6 +726,100 @@
                }
            }
        },
        "/currentUser": {
            "get": {
                "security": [
                    {
                        "token": []
                    }
                ],
                "description": "用户信息",
                "consumes": [
                    "application/json"
                ],
                "produces": [
                    "application/json"
                ],
                "tags": [
                    "用户"
                ],
                "summary": "用户信息",
                "responses": {
                    "200": {
                        "description": "OK",
                        "schema": {
                            "$ref": "#/definitions/api.UserPayload"
                        }
                    },
                    "500": {
                        "description": "Internal Server Error",
                        "schema": {
                            "$ref": "#/definitions/response.Response"
                        }
                    }
                }
            }
        },
        "/device-group/accessible": {
            "get": {
                "security": [
                    {
                        "BearerAuth": []
                    }
                ],
                "description": "机器",
                "consumes": [
                    "application/json"
                ],
                "produces": [
                    "application/json"
                ],
                "tags": [
                    "群组"
                ],
                "summary": "设备",
                "parameters": [
                    {
                        "type": "integer",
                        "description": "页码",
                        "name": "page",
                        "in": "query"
                    },
                    {
                        "type": "integer",
                        "description": "每页数量",
                        "name": "pageSize",
                        "in": "query"
                    },
                    {
                        "type": "integer",
                        "description": "状态",
                        "name": "status",
                        "in": "query"
                    },
                    {
                        "type": "string",
                        "description": "accessible",
                        "name": "accessible",
                        "in": "query"
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK",
                        "schema": {
                            "$ref": "#/definitions/response.DataResponse"
                        }
                    },
                    "500": {
                        "description": "Internal Server Error",
                        "schema": {
                            "$ref": "#/definitions/response.Response"
                        }
                    }
                }
            }
        },
        "/heartbeat": {
            "post": {
                "description": "心跳",
@@ -1141,7 +1201,7 @@
                    "application/json"
                ],
                "tags": [
-                    "地址"
+                    "System"
                ],
                "summary": "提交系统信息",
                "parameters": [
@@ -1171,14 +1231,9 @@
                }
            }
        },
-        "/tags": {
+        "/sysinfo_ver": {
            "post": {
-                "security": [
+                "description": "获取系统版本信息",
                    {
                        "BearerAuth": []
                    }
                ],
                "description": "标签",
                "consumes": [
                    "application/json"
                ],
@@ -1186,17 +1241,14 @@
                    "application/json"
                ],
                "tags": [
-                    "地址"
+                    "System"
                ],
-                "summary": "标签",
+                "summary": "获取系统版本信息",
                "responses": {
                    "200": {
                        "description": "OK",
                        "schema": {
-                            "type": "array",
+                            "type": "string"
                            "items": {
                                "$ref": "#/definitions/model.Tag"
                            }
                        }
                    },
                    "500": {
@@ -1282,6 +1334,35 @@
                    }
                }
            }
        },
        "/version": {
            "get": {
                "description": "版本",
                "consumes": [
                    "application/json"
                ],
                "produces": [
                    "application/json"
                ],
                "tags": [
                    "首页"
                ],
                "summary": "版本",
                "responses": {
                    "200": {
                        "description": "OK",
                        "schema": {
                            "$ref": "#/definitions/response.Response"
                        }
                    },
                    "500": {
                        "description": "Internal Server Error",
                        "schema": {
                            "$ref": "#/definitions/response.Response"
                        }
                    }
                }
            }
        }
    },
    "definitions": {
--- a/docs/api/api_swagger.yaml
+++ b/docs/api/api_swagger.yaml
@@ -598,27 +598,6 @@ paths:
      summary: 标签
      tags:
      - 地址[Personal]
  /api:
    get:
      consumes:
      - application/json
      description: 用户信息
      produces:
      - application/json
      responses:
        "200":
          description: OK
          schema:
            $ref: '#/definitions/api.UserPayload'
        "500":
          description: Internal Server Error
          schema:
            $ref: '#/definitions/response.Response'
      security:
      - token: []
      summary: 用户信息
      tags:
      - 用户
  /audit/conn:
    post:
      consumes:
@@ -671,6 +650,65 @@ paths:
      summary: 审计文件
      tags:
      - 审计
  /currentUser:
    get:
      consumes:
      - application/json
      description: 用户信息
      produces:
      - application/json
      responses:
        "200":
          description: OK
          schema:
            $ref: '#/definitions/api.UserPayload'
        "500":
          description: Internal Server Error
          schema:
            $ref: '#/definitions/response.Response'
      security:
      - token: []
      summary: 用户信息
      tags:
      - 用户
  /device-group/accessible:
    get:
      consumes:
      - application/json
      description: 机器
      parameters:
      - description: 页码
        in: query
        name: page
        type: integer
      - description: 每页数量
        in: query
        name: pageSize
        type: integer
      - description: 状态
        in: query
        name: status
        type: integer
      - description: accessible
        in: query
        name: accessible
        type: string
      produces:
      - application/json
      responses:
        "200":
          description: OK
          schema:
            $ref: '#/definitions/response.DataResponse'
        "500":
          description: Internal Server Error
          schema:
            $ref: '#/definitions/response.Response'
      security:
      - BearerAuth: []
      summary: 设备
      tags:
      - 群组
  /heartbeat:
    post:
      consumes:
@@ -935,30 +973,26 @@ paths:
            $ref: '#/definitions/response.ErrorResponse'
      summary: 提交系统信息
      tags:
-      - 地址
+      - System
-  /tags:
+  /sysinfo_ver:
    post:
      consumes:
      - application/json
-      description: 标签
+      description: 获取系统版本信息
      produces:
      - application/json
      responses:
        "200":
          description: OK
          schema:
-            items:
+            type: string
              $ref: '#/definitions/model.Tag'
            type: array
        "500":
          description: Internal Server Error
          schema:
            $ref: '#/definitions/response.ErrorResponse'
-      security:
+      summary: 获取系统版本信息
      - BearerAuth: []
      summary: 标签
      tags:
-      - 地址
+      - System
  /users:
    get:
      consumes:
@@ -1004,6 +1038,25 @@ paths:
      summary: 用户列表
      tags:
      - 群组
  /version:
    get:
      consumes:
      - application/json
      description: 版本
      produces:
      - application/json
      responses:
        "200":
          description: OK
          schema:
            $ref: '#/definitions/response.Response'
        "500":
          description: Internal Server Error
          schema:
            $ref: '#/definitions/response.Response'
      summary: 版本
      tags:
      - 首页
 securityDefinitions:
  BearerAuth:
    in: header
--- a/docs/en_img/admin_webclient.png
+++ b/docs/en_img/admin_webclient.png
--- a/docs/en_img/rustdesk_command_advance.png
+++ b/docs/en_img/rustdesk_command_advance.png
--- a/docs/en_img/rustdesk_command_simple.png
+++ b/docs/en_img/rustdesk_command_simple.png
--- a/docs/en_img/web_admin.png
+++ b/docs/en_img/web_admin.png
--- a/docs/en_img/web_admin_oauth.png
+++ b/docs/en_img/web_admin_oauth.png
--- a/docs/en_img/web_admin_user.png
+++ b/docs/en_img/web_admin_user.png
--- a/docs/en_img/web_resetpwd.png
+++ b/docs/en_img/web_resetpwd.png
--- a/docs/init_admin_pwd.png
+++ b/docs/init_admin_pwd.png
--- a/docs/rustdesk_command_advance.png
+++ b/docs/rustdesk_command_advance.png
--- a/docs/rustdesk_command_simple.png
+++ b/docs/rustdesk_command_simple.png
--- a/docs/web_admin.png
+++ b/docs/web_admin.png
--- a/docs/web_admin_user.png
+++ b/docs/web_admin_user.png
--- a/docs/web_resetpwd.png
+++ b/docs/web_resetpwd.png
--- a/docs/webclient_conf.png
+++ b/docs/webclient_conf.png
--- a/generate_api.go
+++ b/generate_api.go
@@ -1,4 +1,4 @@
-package Gwen
+package main
 //go:generate swag init -g cmd/apimain.go --output docs/api --instanceName api --exclude http/controller/admin
 //go:generate swag init -g cmd/apimain.go --output docs/admin --instanceName admin --exclude http/controller/api
--- a/generate_run.go
+++ b/generate_run.go
@@ -1,3 +1,3 @@
-package Gwen
+package main
 //go:generate go run cmd/apimain.go
--- a/global/apiValidator.go
+++ b/global/apiValidator.go
@@ -4,16 +4,20 @@ import (
 	"github.com/gin-gonic/gin"
 	"github.com/go-playground/locales/en"
 	"github.com/go-playground/locales/es"
 	"github.com/go-playground/locales/fr"
 	"github.com/go-playground/locales/ko"
 	"github.com/go-playground/locales/ru"
 	"github.com/go-playground/locales/zh_Hans_CN"
-
+	"github.com/go-playground/locales/zh_Hant"
 	ut "github.com/go-playground/universal-translator"
 	"github.com/go-playground/validator/v10"
 	en_translations "github.com/go-playground/validator/v10/translations/en"
 	es_translations "github.com/go-playground/validator/v10/translations/es"
 	fr_translations "github.com/go-playground/validator/v10/translations/fr"
 	ko_translations "github.com/go-playground/validator/v10/translations/ko"
 	ru_translations "github.com/go-playground/validator/v10/translations/ru"
 	zh_translations "github.com/go-playground/validator/v10/translations/zh"
 	zh_tw_translations "github.com/go-playground/validator/v10/translations/zh_tw"
 	"reflect"
 )
@@ -26,14 +30,18 @@ func ApiInitValidator() {
 	koT := ko.New()
 	ruT := ru.New()
 	esT := es.New()
 	frT := fr.New()
 	zhTwT := zh_Hant.New()
-	uni := ut.New(enT, cn, koT, ruT, esT)
+	uni := ut.New(enT, cn, koT, ruT, esT, frT, zhTwT)
 	enTrans, _ := uni.GetTranslator("en")
 	zhTrans, _ := uni.GetTranslator("zh_Hans_CN")
 	koTrans, _ := uni.GetTranslator("ko")
 	ruTrans, _ := uni.GetTranslator("ru")
 	esTrans, _ := uni.GetTranslator("es")
 	frTrans, _ := uni.GetTranslator("fr")
 	zhTwTrans, _ := uni.GetTranslator("zh_Hant")
 	err := zh_translations.RegisterDefaultTranslations(validate, zhTrans)
 	if err != nil {
@@ -44,8 +52,7 @@ func ApiInitValidator() {
 		panic(err)
 	}
-	//validate没有ko的翻译，使用zh的翻译
+	err = ko_translations.RegisterDefaultTranslations(validate, koTrans)
 	err = zh_translations.RegisterDefaultTranslations(validate, koTrans)
 	if err != nil {
 		panic(err)
 	}
@@ -57,6 +64,14 @@ func ApiInitValidator() {
 	if err != nil {
 		panic(err)
 	}
 	err = fr_translations.RegisterDefaultTranslations(validate, frTrans)
 	if err != nil {
 		panic(err)
 	}
 	err = zh_tw_translations.RegisterDefaultTranslations(validate, zhTwTrans)
 	if err != nil {
 		panic(err)
 	}
 	validate.RegisterTagNameFunc(func(field reflect.StructField) string {
 		label := field.Tag.Get("label")
@@ -117,6 +132,13 @@ func getTranslatorForLang(lang string) ut.Translator {
 	case "zh":
 		trans, _ := Validator.UT.GetTranslator("zh_Hans_CN")
 		return trans
 	case "zh_TW":
 		fallthrough
 	case "zh-TW":
 		fallthrough
 	case "zh-tw":
 		trans, _ := Validator.UT.GetTranslator("zh_Hant")
 		return trans
 	case "ko":
 		trans, _ := Validator.UT.GetTranslator("ko")
 		return trans
@@ -126,6 +148,9 @@ func getTranslatorForLang(lang string) ut.Translator {
 	case "es":
 		trans, _ := Validator.UT.GetTranslator("es")
 		return trans
 	case "fr":
 		trans, _ := Validator.UT.GetTranslator("fr")
 		return trans
 	case "en":
 		fallthrough
 	default:
--- a/global/global.go
+++ b/global/global.go
@@ -1,15 +1,16 @@
 package global
 import (
 	"Gwen/config"
 	"Gwen/lib/cache"
 	"Gwen/lib/jwt"
 	"Gwen/lib/lock"
 	"Gwen/lib/upload"
 	"github.com/gin-gonic/gin"
 	ut "github.com/go-playground/universal-translator"
 	"github.com/go-playground/validator/v10"
 	"github.com/go-redis/redis/v8"
 	"github.com/lejianwen/rustdesk-api/v2/config"
 	"github.com/lejianwen/rustdesk-api/v2/lib/cache"
 	"github.com/lejianwen/rustdesk-api/v2/lib/jwt"
 	"github.com/lejianwen/rustdesk-api/v2/lib/lock"
 	"github.com/lejianwen/rustdesk-api/v2/lib/upload"
 	"github.com/lejianwen/rustdesk-api/v2/utils"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
 	"github.com/sirupsen/logrus"
 	"github.com/spf13/viper"
@@ -31,8 +32,9 @@ var (
 		ValidStruct func(*gin.Context, interface{}) []string
 		ValidVar    func(ctx *gin.Context, field interface{}, tag string) []string
 	}
-	Oss       *upload.Oss
+	Oss          *upload.Oss
-	Jwt       *jwt.Jwt
+	Jwt          *jwt.Jwt
-	Lock      lock.Locker
+	Lock         lock.Locker
-	Localizer func(lang string) *i18n.Localizer
+	Localizer    func(lang string) *i18n.Localizer
 	LoginLimiter *utils.LoginLimiter
 )
--- a/global/i18n.go
+++ b/global/i18n.go
@@ -15,7 +15,6 @@ func InitI18n() {
 	fileInfos, err := os.ReadDir(dir)
 	if err != nil {
 		panic(err)
 		return
 	}
 	for _, fileInfo := range fileInfos {
 		//如果文件名不是.toml结尾
--- a/go.mod
+++ b/go.mod
@@ -1,19 +1,23 @@
-module Gwen
+module github.com/lejianwen/rustdesk-api/v2
-go 1.22
+go 1.23
 toolchain go1.23.10
 require (
 	github.com/BurntSushi/toml v1.3.2
 	github.com/antonfisher/nested-logrus-formatter v1.3.1
-	github.com/fsnotify/fsnotify v1.5.1
+	github.com/coreos/go-oidc/v3 v3.12.0
 	github.com/fvbock/endless v0.0.0-20170109170031-447134032cb6
 	github.com/gin-gonic/gin v1.9.0
 	github.com/go-ldap/ldap/v3 v3.4.10
 	github.com/go-playground/locales v0.14.1
 	github.com/go-playground/universal-translator v0.18.1
-	github.com/go-playground/validator/v10 v10.11.2
+	github.com/go-playground/validator/v10 v10.26.0
 	github.com/go-redis/redis/v8 v8.11.4
 	github.com/golang-jwt/jwt/v5 v5.2.1
-	github.com/google/uuid v1.1.2
+	github.com/google/uuid v1.6.0
 	github.com/mojocn/base64Captcha v1.3.6
 	github.com/nicksnyder/go-i18n/v2 v2.4.0
 	github.com/sirupsen/logrus v1.8.1
 	github.com/spf13/cobra v1.8.1
@@ -22,13 +26,15 @@ require (
 	github.com/swaggo/gin-swagger v1.6.0
 	github.com/swaggo/swag v1.16.3
 	golang.org/x/oauth2 v0.23.0
-	golang.org/x/text v0.18.0
+	golang.org/x/text v0.22.0
 	gorm.io/driver/mysql v1.5.7
 	gorm.io/driver/postgres v1.6.0
 	gorm.io/driver/sqlite v1.5.6
-	gorm.io/gorm v1.25.7
+	gorm.io/gorm v1.25.10
 )
 require (
 	github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 // indirect
 	github.com/KyleBanks/depth v1.2.1 // indirect
 	github.com/PuerkitoBio/purell v1.1.1 // indirect
 	github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
@@ -36,21 +42,30 @@ require (
 	github.com/cespare/xxhash/v2 v2.1.2 // indirect
 	github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect
 	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
 	github.com/fsnotify/fsnotify v1.5.1 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.8 // indirect
 	github.com/gin-contrib/sse v0.1.0 // indirect
 	github.com/go-asn1-ber/asn1-ber v1.5.7 // indirect
 	github.com/go-jose/go-jose/v4 v4.0.2 // indirect
 	github.com/go-openapi/jsonpointer v0.19.5 // indirect
 	github.com/go-openapi/jsonreference v0.19.6 // indirect
 	github.com/go-openapi/spec v0.20.4 // indirect
 	github.com/go-openapi/swag v0.19.15 // indirect
 	github.com/go-sql-driver/mysql v1.7.0 // indirect
 	github.com/goccy/go-json v0.10.0 // indirect
 	github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/jackc/pgpassfile v1.0.0 // indirect
 	github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect
 	github.com/jackc/pgx/v5 v5.6.0 // indirect
 	github.com/jackc/puddle/v2 v2.2.2 // indirect
 	github.com/jinzhu/inflection v1.0.0 // indirect
 	github.com/jinzhu/now v1.1.5 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/klauspost/cpuid/v2 v2.0.9 // indirect
-	github.com/leodido/go-urn v1.2.1 // indirect
+	github.com/leodido/go-urn v1.4.0 // indirect
 	github.com/magiconair/properties v1.8.5 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/mattn/go-isatty v0.0.17 // indirect
@@ -60,6 +75,7 @@ require (
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/pelletier/go-toml v1.9.4 // indirect
 	github.com/pelletier/go-toml/v2 v2.0.6 // indirect
 	github.com/rogpeppe/go-internal v1.14.1 // indirect
 	github.com/spf13/afero v1.6.0 // indirect
 	github.com/spf13/cast v1.4.1 // indirect
 	github.com/spf13/jwalterweatherman v1.1.0 // indirect
@@ -68,10 +84,12 @@ require (
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
 	github.com/ugorji/go/codec v1.2.9 // indirect
 	golang.org/x/arch v0.0.0-20210923205945-b76863e36670 // indirect
-	golang.org/x/crypto v0.23.0 // indirect
+	golang.org/x/crypto v0.33.0 // indirect
-	golang.org/x/net v0.25.0 // indirect
+	golang.org/x/image v0.13.0 // indirect
-	golang.org/x/sys v0.25.0 // indirect
+	golang.org/x/net v0.34.0 // indirect
-	golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect
+	golang.org/x/sync v0.11.0 // indirect
 	golang.org/x/sys v0.30.0 // indirect
 	golang.org/x/tools v0.26.0 // indirect
 	google.golang.org/protobuf v1.33.0 // indirect
 	gopkg.in/ini.v1 v1.63.2 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
--- a/http/controller/admin/addressBook.go
+++ b/http/controller/admin/addressBook.go
@@ -1,14 +1,13 @@
 package admin
 import (
 	"Gwen/global"
 	"Gwen/http/request/admin"
 	"Gwen/http/response"
 	"Gwen/model"
 	"Gwen/service"
 	"encoding/json"
 	_ "encoding/json"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 	"strconv"
 )
@@ -31,11 +30,6 @@ func (ct *AddressBook) Detail(c *gin.Context) {
 	id := c.Param("id")
 	iid, _ := strconv.Atoi(id)
 	t := service.AllService.AddressBookService.InfoByRowId(uint(iid))
 	u := service.AllService.UserService.CurUser(c)
 	if !service.AllService.UserService.IsAdmin(u) && t.UserId != u.Id {
 		response.Fail(c, 101, response.TranslateMsg(c, "NoAccess"))
 		return
 	}
 	if t.RowId > 0 {
 		response.Success(c, t)
 		return
@@ -67,9 +61,9 @@ func (ct *AddressBook) Create(c *gin.Context) {
 		return
 	}
 	t := f.ToAddressBook()
-	u := service.AllService.UserService.CurUser(c)
+	if t.UserId == 0 {
-	if !service.AllService.UserService.IsAdmin(u) || t.UserId == 0 {
+		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
-		t.UserId = u.Id
+		return
 	}
 	if t.CollectionId > 0 && !service.AllService.AddressBookService.CheckCollectionOwner(t.UserId, t.CollectionId) {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
@@ -99,7 +93,7 @@ func (ct *AddressBook) Create(c *gin.Context) {
 // @Param body body admin.AddressBookForm true "地址簿信息"
 // @Success 200 {object} response.Response{data=model.AddressBook}
 // @Failure 500 {object} response.Response
-// @Router /admin/address_book/create [post]
+// @Router /admin/address_book/batchCreate [post]
 // @Security token
 func (ct *AddressBook) BatchCreate(c *gin.Context) {
 	f := &admin.AddressBookForm{}
@@ -112,9 +106,21 @@ func (ct *AddressBook) BatchCreate(c *gin.Context) {
 		response.Fail(c, 101, errList[0])
 		return
 	}
 	ul := len(f.UserIds)
 	if ul == 0 {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
 		return
 	}
 	if ul > 1 {
 		//多用户置空标签
 		f.Tags = []string{}
 		//多用户只能创建到默认地址簿
 		f.CollectionId = 0
 	}
 	//创建标签
-	for _, fu := range f.UserIds {
+	/*for _, fu := range f.UserIds {
 		if fu == 0 {
 			continue
 		}
@@ -127,13 +133,13 @@ func (ct *AddressBook) BatchCreate(c *gin.Context) {
 				})
 			}
 		}
-	}
+	}*/
 	ts := f.ToAddressBooks()
 	for _, t := range ts {
 		if t.UserId == 0 {
 			continue
 		}
-		ex := service.AllService.AddressBookService.InfoByUserIdAndId(t.UserId, t.Id)
+		ex := service.AllService.AddressBookService.InfoByUserIdAndIdAndCid(t.UserId, t.Id, t.CollectionId)
 		if ex.RowId == 0 {
 			service.AllService.AddressBookService.Create(t)
 		}
@@ -162,10 +168,6 @@ func (ct *AddressBook) List(c *gin.Context) {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	if !service.AllService.UserService.IsAdmin(u) || query.IsMy == 1 {
 		query.UserId = int(u.Id)
 	}
 	res := service.AllService.AddressBookService.List(query.Page, query.PageSize, func(tx *gorm.DB) {
 		tx.Preload("Collection", func(txc *gorm.DB) *gorm.DB {
 			return txc.Select("id,name")
@@ -191,11 +193,6 @@ func (ct *AddressBook) List(c *gin.Context) {
 	for _, ab := range res.AddressBooks {
 		abCIds = append(abCIds, ab.CollectionId)
 	}
 	//获取地址簿名称
 	//cRes := service.AllService.AddressBookService.ListCollection(1, 999, func(tx *gorm.DB) {
 	//		tx.Where("id in ?", abCIds)
 	//})
 	//
 	response.Success(c, res)
 }
@@ -222,15 +219,15 @@ func (ct *AddressBook) Update(c *gin.Context) {
 		return
 	}
 	if f.RowId == 0 {
-		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
+		response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 		return
 	}
 	ex := service.AllService.AddressBookService.InfoByRowId(f.RowId)
 	if ex.RowId == 0 {
 		response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 		return
 	}
 	t := f.ToAddressBook()
 	u := service.AllService.UserService.CurUser(c)
 	if !service.AllService.UserService.IsAdmin(u) && t.UserId != u.Id {
 		response.Fail(c, 101, response.TranslateMsg(c, "NoAccess"))
 		return
 	}
 	if t.CollectionId > 0 && !service.AllService.AddressBookService.CheckCollectionOwner(t.UserId, t.CollectionId) {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
 		return
@@ -271,21 +268,12 @@ func (ct *AddressBook) Delete(c *gin.Context) {
 		response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 		return
 	}
-	u := service.AllService.UserService.CurUser(c)
+	err := service.AllService.AddressBookService.Delete(t)
-	if !service.AllService.UserService.IsAdmin(u) && t.UserId != u.Id {
+	if err == nil {
-		response.Fail(c, 101, response.TranslateMsg(c, "NoAccess"))
+		response.Success(c, nil)
 		return
 	}
-	if u.Id > 0 {
+	response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed")+err.Error())
 		err := service.AllService.AddressBookService.Delete(t)
 		if err == nil {
 			response.Success(c, nil)
 			return
 		}
 		response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed")+err.Error())
 		return
 	}
 	response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 }
 // ShareByWebClient
@@ -372,27 +360,3 @@ func (ct *AddressBook) BatchCreateFromPeers(c *gin.Context) {
 	}
 	response.Success(c, nil)
 }
 func (ct *AddressBook) BatchUpdateTags(c *gin.Context) {
 	f := &admin.BatchUpdateTagsForm{}
 	if err := c.ShouldBindJSON(f); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	abs := service.AllService.AddressBookService.List(1, 999, func(tx *gorm.DB) {
 		tx.Where("row_id in ?", f.RowIds)
 		tx.Where("user_id = ?", u.Id)
 	})
 	if abs.Total == 0 {
 		response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 		return
 	}
 	err := service.AllService.AddressBookService.BatchUpdateTags(abs.AddressBooks, f.Tags)
 	if err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed")+err.Error())
 		return
 	}
 	response.Success(c, nil)
 }
--- a/http/controller/admin/addressBookCollection.go
+++ b/http/controller/admin/addressBookCollection.go
@@ -1,12 +1,12 @@
 package admin
 import (
 	"Gwen/global"
 	"Gwen/http/request/admin"
 	"Gwen/http/response"
 	"Gwen/model"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/model"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 	"strconv"
 )
@@ -29,11 +29,6 @@ func (abc *AddressBookCollection) Detail(c *gin.Context) {
 	id := c.Param("id")
 	iid, _ := strconv.Atoi(id)
 	t := service.AllService.AddressBookService.CollectionInfoById(uint(iid))
 	u := service.AllService.UserService.CurUser(c)
 	if !service.AllService.UserService.IsAdmin(u) && t.UserId != u.Id {
 		response.Fail(c, 101, response.TranslateMsg(c, "NoAccess"))
 		return
 	}
 	if t.Id > 0 {
 		response.Success(c, t)
 		return
@@ -64,12 +59,11 @@ func (abc *AddressBookCollection) Create(c *gin.Context) {
 		response.Fail(c, 101, errList[0])
 		return
 	}
-	//t := f.ToAddressBookCollection()
+	if f.UserId == 0 {
-	t := f
+		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
-	u := service.AllService.UserService.CurUser(c)
+		return
 	if !service.AllService.UserService.IsAdmin(u) || t.UserId == 0 {
 		t.UserId = u.Id
 	}
 	t := f
 	err := service.AllService.AddressBookService.CreateCollection(t)
 	if err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed")+err.Error())
@@ -98,10 +92,6 @@ func (abc *AddressBookCollection) List(c *gin.Context) {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	if !service.AllService.UserService.IsAdmin(u) || query.IsMy == 1 {
 		query.UserId = int(u.Id)
 	}
 	res := service.AllService.AddressBookService.ListCollection(query.Page, query.PageSize, func(tx *gorm.DB) {
 		if query.UserId > 0 {
 			tx.Where("user_id = ?", query.UserId)
@@ -137,11 +127,6 @@ func (abc *AddressBookCollection) Update(c *gin.Context) {
 		return
 	}
 	t := f //f.ToAddressBookCollection()
 	u := service.AllService.UserService.CurUser(c)
 	if !service.AllService.UserService.IsAdmin(u) && t.UserId != u.Id {
 		response.Fail(c, 101, response.TranslateMsg(c, "NoAccess"))
 		return
 	}
 	err := service.AllService.AddressBookService.UpdateCollection(t)
 	if err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed")+err.Error())
@@ -173,20 +158,15 @@ func (abc *AddressBookCollection) Delete(c *gin.Context) {
 		response.Fail(c, 101, errList[0])
 		return
 	}
-	t := service.AllService.AddressBookService.CollectionInfoById(f.Id)
+	ex := service.AllService.AddressBookService.CollectionInfoById(f.Id)
-	u := service.AllService.UserService.CurUser(c)
+	if ex.Id == 0 {
-	if !service.AllService.UserService.IsAdmin(u) && t.UserId != u.Id {
+		response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 		response.Fail(c, 101, response.TranslateMsg(c, "NoAccess"))
 		return
 	}
-	if u.Id > 0 {
+	err := service.AllService.AddressBookService.DeleteCollection(ex)
-		err := service.AllService.AddressBookService.DeleteCollection(t)
+	if err == nil {
-		if err == nil {
+		response.Success(c, nil)
 			response.Success(c, nil)
 			return
 		}
 		response.Fail(c, 101, err.Error())
 		return
 	}
-	response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
+	response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed")+err.Error())
 }
--- a/http/controller/admin/addressBookCollectionRule.go
+++ b/http/controller/admin/addressBookCollectionRule.go
@@ -1,12 +1,12 @@
 package admin
 import (
 	"Gwen/global"
 	"Gwen/http/request/admin"
 	"Gwen/http/response"
 	"Gwen/model"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/model"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 	"strconv"
 )
@@ -35,10 +35,6 @@ func (abcr *AddressBookCollectionRule) List(c *gin.Context) {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	if !service.AllService.UserService.IsAdmin(u) || query.IsMy == 1 {
 		query.UserId = int(u.Id)
 	}
 	res := service.AllService.AddressBookService.ListRules(query.Page, query.PageSize, func(tx *gorm.DB) {
 		if query.UserId > 0 {
@@ -66,17 +62,11 @@ func (abcr *AddressBookCollectionRule) Detail(c *gin.Context) {
 	id := c.Param("id")
 	iid, _ := strconv.Atoi(id)
 	t := service.AllService.AddressBookService.RuleInfoById(uint(iid))
 	u := service.AllService.UserService.CurUser(c)
 	if !service.AllService.UserService.IsAdmin(u) && t.UserId != u.Id {
 		response.Fail(c, 101, response.TranslateMsg(c, "NoAccess"))
 		return
 	}
 	if t.Id > 0 {
 		response.Success(c, t)
 		return
 	}
 	response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 	return
 }
 // Create 创建地址簿规则
@@ -105,13 +95,8 @@ func (abcr *AddressBookCollectionRule) Create(c *gin.Context) {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
 		return
 	}
 	//t := f.ToAddressBookCollection()
 	t := f
-	u := service.AllService.UserService.CurUser(c)
+	msg, res := abcr.CheckForm(t)
 	if t.UserId == 0 {
 		t.UserId = u.Id
 	}
 	msg, res := abcr.CheckForm(u, t)
 	if !res {
 		response.Fail(c, 101, response.TranslateMsg(c, msg))
 		return
@@ -124,9 +109,9 @@ func (abcr *AddressBookCollectionRule) Create(c *gin.Context) {
 	response.Success(c, nil)
 }
-func (abcr *AddressBookCollectionRule) CheckForm(u *model.User, t *model.AddressBookCollectionRule) (string, bool) {
+func (abcr *AddressBookCollectionRule) CheckForm(t *model.AddressBookCollectionRule) (string, bool) {
-	if !service.AllService.UserService.IsAdmin(u) && t.UserId != u.Id {
+	if t.UserId == 0 {
-		return "NoAccess", false
+		return "ParamsError", false
 	}
 	if t.CollectionId > 0 && !service.AllService.AddressBookService.CheckCollectionOwner(t.UserId, t.CollectionId) {
 		return "ParamsError", false
@@ -135,21 +120,13 @@ func (abcr *AddressBookCollectionRule) CheckForm(u *model.User, t *model.Address
 	//check to_id
 	if t.Type == model.ShareAddressBookRuleTypePersonal {
 		if t.ToId == t.UserId {
-			return "ParamsError", false
+			return "CannotShareToSelf", false
 		}
 		tou := service.AllService.UserService.InfoById(t.ToId)
 		if tou.Id == 0 {
 			return "ItemNotFound", false
 		}
 		//非管理员不能分享给非本组织用户
 		if tou.GroupId != u.GroupId && !service.AllService.UserService.IsAdmin(u) {
 			return "NoAccess", false
 		}
 	} else if t.Type == model.ShareAddressBookRuleTypeGroup {
 		if t.ToId != u.GroupId && !service.AllService.UserService.IsAdmin(u) {
 			return "NoAccess", false
 		}
 		tog := service.AllService.GroupService.InfoById(t.ToId)
 		if tog.Id == 0 {
 			return "ItemNotFound", false
@@ -158,7 +135,7 @@ func (abcr *AddressBookCollectionRule) CheckForm(u *model.User, t *model.Address
 		return "ParamsError", false
 	}
 	// 重复检查
-	ex := service.AllService.AddressBookService.RulePersonalInfoByToIdAndCid(t.ToId, t.CollectionId)
+	ex := service.AllService.AddressBookService.RuleInfoByToIdAndCid(t.Type, t.ToId, t.CollectionId)
 	if t.Id == 0 && ex.Id > 0 {
 		return "ItemExists", false
 	}
@@ -194,9 +171,8 @@ func (abcr *AddressBookCollectionRule) Update(c *gin.Context) {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
 		return
 	}
-	t := f //f.ToAddressBookCollection()
+	t := f
-	u := service.AllService.UserService.CurUser(c)
+	msg, res := abcr.CheckForm(t)
 	msg, res := abcr.CheckForm(u, t)
 	if !res {
 		response.Fail(c, 101, response.TranslateMsg(c, msg))
 		return
@@ -232,20 +208,15 @@ func (abcr *AddressBookCollectionRule) Delete(c *gin.Context) {
 		response.Fail(c, 101, errList[0])
 		return
 	}
-	t := service.AllService.AddressBookService.RuleInfoById(f.Id)
+	ex := service.AllService.AddressBookService.RuleInfoById(f.Id)
-	u := service.AllService.UserService.CurUser(c)
+	if ex.Id == 0 {
-	if !service.AllService.UserService.IsAdmin(u) && t.UserId != u.Id {
+		response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 		response.Fail(c, 101, response.TranslateMsg(c, "NoAccess"))
 		return
 	}
-	if t.Id > 0 {
+	err := service.AllService.AddressBookService.DeleteRule(ex)
-		err := service.AllService.AddressBookService.DeleteRule(t)
+	if err == nil {
-		if err == nil {
+		response.Success(c, nil)
 			response.Success(c, nil)
 			return
 		}
 		response.Fail(c, 101, err.Error())
 		return
 	}
-	response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
+	response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed")+err.Error())
 }
--- a/http/controller/admin/audit.go
+++ b/http/controller/admin/audit.go
@@ -1,12 +1,12 @@
 package admin
 import (
 	"Gwen/global"
 	"Gwen/http/request/admin"
 	"Gwen/http/response"
 	"Gwen/model"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/model"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 )
--- a/http/controller/admin/config.go
+++ b/http/controller/admin/config.go
@@ -1,10 +1,11 @@
 package admin
 import (
 	"Gwen/global"
 	"Gwen/http/response"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/model"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"os"
 	"strings"
 )
@@ -60,13 +61,30 @@ func (co *Config) AppConfig(c *gin.Context) {
 // @Security token
 func (co *Config) AdminConfig(c *gin.Context) {
-	u := service.AllService.UserService.CurUser(c)
+	u := &model.User{}
 	token := c.GetHeader("api-token")
 	if token != "" {
 		u, _ = service.AllService.UserService.InfoByAccessToken(token)
 		if !service.AllService.UserService.CheckUserEnable(u) {
 			u.Id = 0
 		}
 	}
 	if u.Id == 0 {
 		response.Success(c, &gin.H{
 			"title": global.Config.Admin.Title,
 		})
 		return
 	}
 	hello := global.Config.Admin.Hello
-	helloFile := global.Config.Admin.HelloFile
+	if hello == "" {
-	if helloFile != "" {
+		helloFile := global.Config.Admin.HelloFile
-		b, err := os.ReadFile(helloFile)
+		if helloFile != "" {
-		if err == nil && len(b) > 0 {
+			b, err := os.ReadFile(helloFile)
-			hello = string(b)
+			if err == nil && len(b) > 0 {
 				hello = string(b)
 			}
 		}
 	}
--- a/http/controller/admin/deviceGroup.go
+++ b/http/controller/admin/deviceGroup.go
@@ -0,0 +1,160 @@
 package admin
 import (
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"strconv"
 )
 type DeviceGroup struct {
 }
 // Detail 设备群组
 // @Tags 设备群组
 // @Summary 设备群组详情
 // @Description 设备群组详情
 // @Accept  json
 // @Produce  json
 // @Param id path int true "ID"
 // @Success 200 {object} response.Response{data=model.Group}
 // @Failure 500 {object} response.Response
 // @Router /admin/device_group/detail/{id} [get]
 // @Security token
 func (ct *DeviceGroup) Detail(c *gin.Context) {
 	id := c.Param("id")
 	iid, _ := strconv.Atoi(id)
 	u := service.AllService.GroupService.DeviceGroupInfoById(uint(iid))
 	if u.Id > 0 {
 		response.Success(c, u)
 		return
 	}
 	response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 	return
 }
 // Create 创建设备群组
 // @Tags 设备群组
 // @Summary 创建设备群组
 // @Description 创建设备群组
 // @Accept  json
 // @Produce  json
 // @Param body body admin.DeviceGroupForm true "设备群组信息"
 // @Success 200 {object} response.Response{data=model.DeviceGroup}
 // @Failure 500 {object} response.Response
 // @Router /admin/device_group/create [post]
 // @Security token
 func (ct *DeviceGroup) Create(c *gin.Context) {
 	f := &admin.DeviceGroupForm{}
 	if err := c.ShouldBindJSON(f); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	errList := global.Validator.ValidStruct(c, f)
 	if len(errList) > 0 {
 		response.Fail(c, 101, errList[0])
 		return
 	}
 	u := f.ToDeviceGroup()
 	err := service.AllService.GroupService.DeviceGroupCreate(u)
 	if err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed")+err.Error())
 		return
 	}
 	response.Success(c, nil)
 }
 // List 列表
 // @Tags 群组
 // @Summary 群组列表
 // @Description 群组列表
 // @Accept  json
 // @Produce  json
 // @Param page query int false "页码"
 // @Param page_size query int false "页大小"
 // @Success 200 {object} response.Response{data=model.GroupList}
 // @Failure 500 {object} response.Response
 // @Router /admin/device_group/list [get]
 // @Security token
 func (ct *DeviceGroup) List(c *gin.Context) {
 	query := &admin.PageQuery{}
 	if err := c.ShouldBindQuery(query); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	res := service.AllService.GroupService.DeviceGroupList(query.Page, query.PageSize, nil)
 	response.Success(c, res)
 }
 // Update 编辑
 // @Tags 设备群组
 // @Summary 设备群组编辑
 // @Description 设备群组编辑
 // @Accept  json
 // @Produce  json
 // @Param body body admin.DeviceGroupForm true "群组信息"
 // @Success 200 {object} response.Response{data=model.Group}
 // @Failure 500 {object} response.Response
 // @Router /admin/device_group/update [post]
 // @Security token
 func (ct *DeviceGroup) Update(c *gin.Context) {
 	f := &admin.DeviceGroupForm{}
 	if err := c.ShouldBindJSON(f); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	if f.Id == 0 {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
 		return
 	}
 	errList := global.Validator.ValidStruct(c, f)
 	if len(errList) > 0 {
 		response.Fail(c, 101, errList[0])
 		return
 	}
 	u := f.ToDeviceGroup()
 	err := service.AllService.GroupService.DeviceGroupUpdate(u)
 	if err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed")+err.Error())
 		return
 	}
 	response.Success(c, nil)
 }
 // Delete 删除
 // @Tags 设备群组
 // @Summary 设备群组删除
 // @Description 设备群组删除
 // @Accept  json
 // @Produce  json
 // @Param body body admin.DeviceGroupForm true "群组信息"
 // @Success 200 {object} response.Response
 // @Failure 500 {object} response.Response
 // @Router /admin/device_group/delete [post]
 // @Security token
 func (ct *DeviceGroup) Delete(c *gin.Context) {
 	f := &admin.DeviceGroupForm{}
 	if err := c.ShouldBindJSON(f); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	id := f.Id
 	errList := global.Validator.ValidVar(c, id, "required,gt=0")
 	if len(errList) > 0 {
 		response.Fail(c, 101, errList[0])
 		return
 	}
 	u := service.AllService.GroupService.DeviceGroupInfoById(f.Id)
 	if u.Id > 0 {
 		err := service.AllService.GroupService.DeviceGroupDelete(u)
 		if err == nil {
 			response.Success(c, nil)
 			return
 		}
 		response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed")+err.Error())
 		return
 	}
 	response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 }
--- a/http/controller/admin/file.go
+++ b/http/controller/admin/file.go
@@ -1,11 +1,11 @@
 package admin
 import (
 	"Gwen/global"
 	"Gwen/http/response"
 	"Gwen/lib/upload"
 	"fmt"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/lib/upload"
 	"os"
 	"time"
 )
@@ -38,7 +38,7 @@ func (f *File) Notify(c *gin.Context) {
 	res := global.Oss.Verify(c.Request)
 	if !res {
-		response.Fail(c, 101, "权限错误")
+		response.Fail(c, 101, response.TranslateMsg(c, "NoAccess"))
 		return
 	}
 	fm := &FileBack{}
--- a/http/controller/admin/group.go
+++ b/http/controller/admin/group.go
@@ -1,11 +1,11 @@
 package admin
 import (
 	"Gwen/global"
 	"Gwen/http/request/admin"
 	"Gwen/http/response"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"strconv"
 )
--- a/http/controller/admin/login.go
+++ b/http/controller/admin/login.go
@@ -1,16 +1,17 @@
 package admin
 import (
 	"Gwen/global"
 	"Gwen/http/controller/api"
 	"Gwen/http/request/admin"
 	apiReq "Gwen/http/request/api"
 	"Gwen/http/response"
 	adResp "Gwen/http/response/admin"
 	"Gwen/model"
 	"Gwen/service"
 	"fmt"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/controller/api"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
 	apiReq "github.com/lejianwen/rustdesk-api/v2/http/request/api"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	adResp "github.com/lejianwen/rustdesk-api/v2/http/response/admin"
 	"github.com/lejianwen/rustdesk-api/v2/model"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 )
 type Login struct {
@@ -28,25 +29,60 @@ type Login struct {
 // @Router /admin/login [post]
 // @Security token
 func (ct *Login) Login(c *gin.Context) {
 	if global.Config.App.DisablePwdLogin {
 		response.Fail(c, 101, response.TranslateMsg(c, "PwdLoginDisabled"))
 		return
 	}
 	// 检查登录限制
 	loginLimiter := global.LoginLimiter
 	clientIp := c.ClientIP()
 	_, needCaptcha := loginLimiter.CheckSecurityStatus(clientIp)
 	f := &admin.Login{}
 	err := c.ShouldBindJSON(f)
 	if err != nil {
-		global.Logger.Warn(fmt.Sprintf("Login Fail: %s %s %s", "ParamsError", c.RemoteIP(), c.ClientIP()))
+		loginLimiter.RecordFailedAttempt(clientIp)
 		global.Logger.Warn(fmt.Sprintf("Login Fail: %s %s %s", "ParamsError", c.RemoteIP(), clientIp))
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	errList := global.Validator.ValidStruct(c, f)
 	if len(errList) > 0 {
-		global.Logger.Warn(fmt.Sprintf("Login Fail: %s %s %s", "ParamsError", c.RemoteIP(), c.ClientIP()))
+		loginLimiter.RecordFailedAttempt(clientIp)
 		global.Logger.Warn(fmt.Sprintf("Login Fail: %s %s %s", "ParamsError", c.RemoteIP(), clientIp))
 		response.Fail(c, 101, errList[0])
 		return
 	}
 	// 检查是否需要验证码
 	if needCaptcha {
 		if f.CaptchaId == "" || f.Captcha == "" || !loginLimiter.VerifyCaptcha(f.CaptchaId, f.Captcha) {
 			response.Fail(c, 101, response.TranslateMsg(c, "CaptchaError"))
 			return
 		}
 	}
 	u := service.AllService.UserService.InfoByUsernamePassword(f.Username, f.Password)
 	if u.Id == 0 {
-		global.Logger.Warn(fmt.Sprintf("Login Fail: %s %s %s", "UsernameOrPasswordError", c.RemoteIP(), c.ClientIP()))
+		global.Logger.Warn(fmt.Sprintf("Login Fail: %s %s %s", "UsernameOrPasswordError", c.RemoteIP(), clientIp))
-		response.Fail(c, 101, response.TranslateMsg(c, "UsernameOrPasswordError"))
+		loginLimiter.RecordFailedAttempt(clientIp)
 		if _, needCaptcha = loginLimiter.CheckSecurityStatus(clientIp); needCaptcha {
 			response.Fail(c, 110, response.TranslateMsg(c, "UsernameOrPasswordError"))
 		} else {
 			response.Fail(c, 101, response.TranslateMsg(c, "UsernameOrPasswordError"))
 		}
 		return
 	}
 	if !service.AllService.UserService.CheckUserEnable(u) {
 		if needCaptcha {
 			response.Fail(c, 110, response.TranslateMsg(c, "UserDisabled"))
 			return
 		}
 		response.Fail(c, 101, response.TranslateMsg(c, "UserDisabled"))
 		return
 	}
@@ -54,13 +90,44 @@ func (ct *Login) Login(c *gin.Context) {
 		UserId:   u.Id,
 		Client:   model.LoginLogClientWebAdmin,
 		Uuid:     "", //must be empty
-		Ip:       c.ClientIP(),
+		Ip:       clientIp,
 		Type:     model.LoginLogTypeAccount,
 		Platform: f.Platform,
 	})
 	// 登录成功，清除登录限制
 	loginLimiter.RemoveAttempts(clientIp)
 	responseLoginSuccess(c, u, ut.Token)
 }
 func (ct *Login) Captcha(c *gin.Context) {
 	loginLimiter := global.LoginLimiter
 	clientIp := c.ClientIP()
 	banned, needCaptcha := loginLimiter.CheckSecurityStatus(clientIp)
 	if banned {
 		response.Fail(c, 101, response.TranslateMsg(c, "LoginBanned"))
 		return
 	}
 	if !needCaptcha {
 		response.Fail(c, 101, response.TranslateMsg(c, "NoCaptchaRequired"))
 		return
 	}
 	err, captcha := loginLimiter.RequireCaptcha()
 	if err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "CaptchaError")+err.Error())
 		return
 	}
 	err, b64 := loginLimiter.DrawCaptcha(captcha.Content)
 	if err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "CaptchaError")+err.Error())
 		return
 	}
 	response.Success(c, gin.H{
 		"captcha": gin.H{
 			"id":  captcha.Id,
 			"b64": b64,
 		},
 	})
 }
 // Logout 登出
 // @Tags 登录
@@ -90,10 +157,18 @@ func (ct *Login) Logout(c *gin.Context) {
 // @Failure 500 {object} response.ErrorResponse
 // @Router /admin/login-options [post]
 func (ct *Login) LoginOptions(c *gin.Context) {
 	loginLimiter := global.LoginLimiter
 	clientIp := c.ClientIP()
 	banned, needCaptcha := loginLimiter.CheckSecurityStatus(clientIp)
 	if banned {
 		response.Fail(c, 101, response.TranslateMsg(c, "LoginBanned"))
 		return
 	}
 	ops := service.AllService.OauthService.GetOauthProviders()
 	response.Success(c, gin.H{
-		"ops":      ops,
+		"ops":          ops,
-		"register": global.Config.App.Register,
+		"register":     global.Config.App.Register,
 		"need_captcha": needCaptcha,
 	})
 }
@@ -114,13 +189,13 @@ func (ct *Login) OidcAuth(c *gin.Context) {
 		return
 	}
-	err, code, url := service.AllService.OauthService.BeginAuth(f.Op)
+	err, state, verifier, nonce, url := service.AllService.OauthService.BeginAuth(c, f.Op)
 	if err != nil {
 		response.Error(c, response.TranslateMsg(c, err.Error()))
 		return
 	}
-	service.AllService.OauthService.SetOauthCache(code, &service.OauthCacheItem{
+	service.AllService.OauthService.SetOauthCache(state, &service.OauthCacheItem{
 		Action:     service.OauthActionTypeLogin,
 		Op:         f.Op,
 		Id:         f.Id,
@@ -128,10 +203,12 @@ func (ct *Login) OidcAuth(c *gin.Context) {
 		// DeviceOs: ct.Platform(c),
 		DeviceOs: f.DeviceInfo.Os,
 		Uuid:     f.Uuid,
 		Verifier: verifier,
 		Nonce:    nonce,
 	}, 5*60)
 	response.Success(c, gin.H{
-		"code": code,
+		"code": state,
 		"url":  url,
 	})
 }
@@ -154,11 +231,10 @@ func (ct *Login) OidcAuthQuery(c *gin.Context) {
 	responseLoginSuccess(c, u, ut.Token)
 }
 func responseLoginSuccess(c *gin.Context, u *model.User, token string) {
 	lp := &adResp.LoginPayload{}
 	lp.FromUser(u)
 	lp.Token = token
 	lp.RouteNames = service.AllService.UserService.RouteNames(u)
 	response.Success(c, lp)
-}
+}
--- a/http/controller/admin/loginLog.go
+++ b/http/controller/admin/loginLog.go
@@ -1,12 +1,12 @@
 package admin
 import (
 	"Gwen/global"
 	"Gwen/http/request/admin"
 	"Gwen/http/response"
 	"Gwen/model"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/model"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 	"strconv"
 )
@@ -56,10 +56,6 @@ func (ct *LoginLog) List(c *gin.Context) {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	if !service.AllService.UserService.IsAdmin(u) || query.IsMy == 1 {
 		query.UserId = int(u.Id)
 	}
 	res := service.AllService.LoginLogService.List(query.Page, query.PageSize, func(tx *gorm.DB) {
 		if query.UserId > 0 {
 			tx.Where("user_id = ?", query.UserId)
@@ -93,21 +89,16 @@ func (ct *LoginLog) Delete(c *gin.Context) {
 		return
 	}
 	l := service.AllService.LoginLogService.InfoById(f.Id)
-	u := service.AllService.UserService.CurUser(c)
+	if l.Id == 0 {
-	if !service.AllService.UserService.IsAdmin(u) && l.UserId != u.Id {
+		response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 		response.Fail(c, 101, response.TranslateMsg(c, "NoAccess"))
 		return
 	}
-	if l.Id > 0 {
+	err := service.AllService.LoginLogService.Delete(l)
-		err := service.AllService.LoginLogService.Delete(l)
+	if err == nil {
-		if err == nil {
+		response.Success(c, nil)
 			response.Success(c, nil)
 			return
 		}
 		response.Fail(c, 101, err.Error())
 		return
 	}
-	response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
+	response.Fail(c, 101, err.Error())
 }
 // BatchDelete 删除
@@ -119,7 +110,7 @@ func (ct *LoginLog) Delete(c *gin.Context) {
 // @Param body body admin.LoginLogIds true "登录日志"
 // @Success 200 {object} response.Response
 // @Failure 500 {object} response.Response
-// @Router /admin/login_log/delete [post]
+// @Router /admin/login_log/batchDelete [post]
 // @Security token
 func (ct *LoginLog) BatchDelete(c *gin.Context) {
 	f := &admin.LoginLogIds{}
--- a/http/controller/admin/my/addressBook.go
+++ b/http/controller/admin/my/addressBook.go
@@ -1,16 +1,204 @@
 package my
 import (
 	"Gwen/http/request/admin"
 	"Gwen/http/response"
 	"Gwen/service"
 	"encoding/json"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 )
 type AddressBook struct{}
 // List 列表
 // @Tags 我的地址簿
 // @Summary 地址簿列表
 // @Description 地址簿列表
 // @Accept  json
 // @Produce  json
 // @Param page query int false "页码"
 // @Param page_size query int false "页大小"
 // @Param user_id query int false "用户id"
 // @Success 200 {object} response.Response{data=model.AddressBookList}
 // @Failure 500 {object} response.Response
 // @Router /admin/my/address_book/list [get]
 // @Security token
 func (ct *AddressBook) List(c *gin.Context) {
 	query := &admin.AddressBookQuery{}
 	if err := c.ShouldBindQuery(query); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	query.UserId = int(u.Id)
 	res := service.AllService.AddressBookService.List(query.Page, query.PageSize, func(tx *gorm.DB) {
 		//预加载地址簿名称
 		tx.Preload("Collection", func(txc *gorm.DB) *gorm.DB {
 			return txc.Select("id,name")
 		})
 		if query.Id != "" {
 			tx.Where("id like ?", "%"+query.Id+"%")
 		}
 		tx.Where("user_id = ?", query.UserId)
 		if query.Username != "" {
 			tx.Where("username like ?", "%"+query.Username+"%")
 		}
 		if query.Hostname != "" {
 			tx.Where("hostname like ?", "%"+query.Hostname+"%")
 		}
 		if query.CollectionId != nil && *query.CollectionId >= 0 {
 			tx.Where("collection_id = ?", query.CollectionId)
 		}
 	})
 	abCIds := make([]uint, 0)
 	for _, ab := range res.AddressBooks {
 		abCIds = append(abCIds, ab.CollectionId)
 	}
 	response.Success(c, res)
 }
 // Create 创建地址簿
 // @Tags 我的地址簿
 // @Summary 创建地址簿
 // @Description 创建地址簿
 // @Accept  json
 // @Produce  json
 // @Param body body admin.AddressBookForm true "地址簿信息"
 // @Success 200 {object} response.Response{data=model.AddressBook}
 // @Failure 500 {object} response.Response
 // @Router /admin/my/address_book/create [post]
 // @Security token
 func (ct *AddressBook) Create(c *gin.Context) {
 	f := &admin.AddressBookForm{}
 	if err := c.ShouldBindJSON(f); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	errList := global.Validator.ValidStruct(c, f)
 	if len(errList) > 0 {
 		response.Fail(c, 101, errList[0])
 		return
 	}
 	t := f.ToAddressBook()
 	u := service.AllService.UserService.CurUser(c)
 	t.UserId = u.Id
 	if t.CollectionId > 0 && !service.AllService.AddressBookService.CheckCollectionOwner(t.UserId, t.CollectionId) {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
 		return
 	}
 	ex := service.AllService.AddressBookService.InfoByUserIdAndIdAndCid(t.UserId, t.Id, t.CollectionId)
 	if ex.RowId > 0 {
 		response.Fail(c, 101, response.TranslateMsg(c, "ItemExists"))
 		return
 	}
 	err := service.AllService.AddressBookService.Create(t)
 	if err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed")+err.Error())
 		return
 	}
 	response.Success(c, nil)
 }
 // Update 编辑
 // @Tags 我的地址簿
 // @Summary 地址簿编辑
 // @Description 地址簿编辑
 // @Accept  json
 // @Produce  json
 // @Param body body admin.AddressBookForm true "地址簿信息"
 // @Success 200 {object} response.Response{data=model.AddressBook}
 // @Failure 500 {object} response.Response
 // @Router /admin/my/address_book/update [post]
 // @Security token
 func (ct *AddressBook) Update(c *gin.Context) {
 	f := &admin.AddressBookForm{}
 	if err := c.ShouldBindJSON(f); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	errList := global.Validator.ValidStruct(c, f)
 	if len(errList) > 0 {
 		response.Fail(c, 101, errList[0])
 		return
 	}
 	if f.RowId == 0 {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	if f.UserId != u.Id {
 		response.Fail(c, 101, response.TranslateMsg(c, "NoAccess"))
 		return
 	}
 	ex := service.AllService.AddressBookService.InfoByRowId(f.RowId)
 	if ex.RowId == 0 {
 		response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 		return
 	}
 	if ex.UserId != u.Id {
 		response.Fail(c, 101, response.TranslateMsg(c, "NoAccess"))
 		return
 	}
 	t := f.ToAddressBook()
 	if t.CollectionId > 0 && !service.AllService.AddressBookService.CheckCollectionOwner(t.UserId, t.CollectionId) {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
 		return
 	}
 	err := service.AllService.AddressBookService.UpdateAll(t)
 	if err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed")+err.Error())
 		return
 	}
 	response.Success(c, nil)
 }
 // Delete 删除
 // @Tags 我的地址簿
 // @Summary 地址簿删除
 // @Description 地址簿删除
 // @Accept  json
 // @Produce  json
 // @Param body body admin.AddressBookForm true "地址簿信息"
 // @Success 200 {object} response.Response
 // @Failure 500 {object} response.Response
 // @Router /admin/my/address_book/delete [post]
 // @Security token
 func (ct *AddressBook) Delete(c *gin.Context) {
 	f := &admin.AddressBookForm{}
 	if err := c.ShouldBindJSON(f); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	id := f.RowId
 	errList := global.Validator.ValidVar(c, id, "required,gt=0")
 	if len(errList) > 0 {
 		response.Fail(c, 101, errList[0])
 		return
 	}
 	ex := service.AllService.AddressBookService.InfoByRowId(f.RowId)
 	if ex.RowId == 0 {
 		response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	if ex.UserId != u.Id {
 		response.Fail(c, 101, response.TranslateMsg(c, "NoAccess"))
 		return
 	}
 	err := service.AllService.AddressBookService.Delete(ex)
 	if err == nil {
 		response.Success(c, nil)
 		return
 	}
 	response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed")+err.Error())
 	return
 }
 func (ct *AddressBook) BatchCreateFromPeers(c *gin.Context) {
 	f := &admin.BatchCreateFromPeersForm{}
 	if err := c.ShouldBindJSON(f); err != nil {
@@ -57,3 +245,27 @@ func (ct *AddressBook) BatchCreateFromPeers(c *gin.Context) {
 	}
 	response.Success(c, nil)
 }
 func (ct *AddressBook) BatchUpdateTags(c *gin.Context) {
 	f := &admin.BatchUpdateTagsForm{}
 	if err := c.ShouldBindJSON(f); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	abs := service.AllService.AddressBookService.List(1, 999, func(tx *gorm.DB) {
 		tx.Where("row_id in ?", f.RowIds)
 		tx.Where("user_id = ?", u.Id)
 	})
 	if abs.Total == 0 {
 		response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 		return
 	}
 	err := service.AllService.AddressBookService.BatchUpdateTags(abs.AddressBooks, f.Tags)
 	if err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed")+err.Error())
 		return
 	}
 	response.Success(c, nil)
 }
--- a/http/controller/admin/my/addressBookCollection.go
+++ b/http/controller/admin/my/addressBookCollection.go
@@ -0,0 +1,162 @@
 package my
 import (
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/model"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 )
 type AddressBookCollection struct {
 }
 // Create 创建地址簿名称
 // @Tags 我的地址簿名称
 // @Summary 创建地址簿名称
 // @Description 创建地址簿名称
 // @Accept  json
 // @Produce  json
 // @Param body body model.AddressBookCollection true "地址簿名称信息"
 // @Success 200 {object} response.Response{data=model.AddressBookCollection}
 // @Failure 500 {object} response.Response
 // @Router /admin/my/address_book_collection/create [post]
 // @Security token
 func (abc *AddressBookCollection) Create(c *gin.Context) {
 	f := &model.AddressBookCollection{}
 	if err := c.ShouldBindJSON(f); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	errList := global.Validator.ValidStruct(c, f)
 	if len(errList) > 0 {
 		response.Fail(c, 101, errList[0])
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	f.UserId = u.Id
 	err := service.AllService.AddressBookService.CreateCollection(f)
 	if err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed")+err.Error())
 		return
 	}
 	response.Success(c, nil)
 }
 // List 列表
 // @Tags 我的地址簿名称
 // @Summary 地址簿名称列表
 // @Description 地址簿名称列表
 // @Accept  json
 // @Produce  json
 // @Param page query int false "页码"
 // @Param page_size query int false "页大小"
 // @Success 200 {object} response.Response{data=model.AddressBookCollectionList}
 // @Failure 500 {object} response.Response
 // @Router /admin/my/address_book_collection/list [get]
 // @Security token
 func (abc *AddressBookCollection) List(c *gin.Context) {
 	query := &admin.AddressBookCollectionQuery{}
 	if err := c.ShouldBindQuery(query); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	query.UserId = int(u.Id)
 	res := service.AllService.AddressBookService.ListCollection(query.Page, query.PageSize, func(tx *gorm.DB) {
 		tx.Where("user_id = ?", query.UserId)
 	})
 	response.Success(c, res)
 }
 // Update 编辑
 // @Tags 我的地址簿名称
 // @Summary 地址簿名称编辑
 // @Description 地址簿名称编辑
 // @Accept  json
 // @Produce  json
 // @Param body body model.AddressBookCollection true "地址簿名称信息"
 // @Success 200 {object} response.Response{data=model.AddressBookCollection}
 // @Failure 500 {object} response.Response
 // @Router /admin/my/address_book_collection/update [post]
 // @Security token
 func (abc *AddressBookCollection) Update(c *gin.Context) {
 	f := &model.AddressBookCollection{}
 	if err := c.ShouldBindJSON(f); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	errList := global.Validator.ValidStruct(c, f)
 	if len(errList) > 0 {
 		response.Fail(c, 101, errList[0])
 		return
 	}
 	if f.Id == 0 {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	if f.UserId != u.Id {
 		response.Fail(c, 101, response.TranslateMsg(c, "NoAccess"))
 		return
 	}
 	ex := service.AllService.AddressBookService.CollectionInfoById(f.Id)
 	if ex.Id == 0 {
 		response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 		return
 	}
 	if ex.UserId != u.Id {
 		response.Fail(c, 101, response.TranslateMsg(c, "NoAccess"))
 		return
 	}
 	err := service.AllService.AddressBookService.UpdateCollection(f)
 	if err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed")+err.Error())
 		return
 	}
 	response.Success(c, nil)
 }
 // Delete 删除
 // @Tags 我的地址簿名称
 // @Summary 地址簿名称删除
 // @Description 地址簿名称删除
 // @Accept  json
 // @Produce  json
 // @Param body body model.AddressBookCollection true "地址簿名称信息"
 // @Success 200 {object} response.Response
 // @Failure 500 {object} response.Response
 // @Router /admin/my/address_book_collection/delete [post]
 // @Security token
 func (abc *AddressBookCollection) Delete(c *gin.Context) {
 	f := &model.AddressBookCollection{}
 	if err := c.ShouldBindJSON(f); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	id := f.Id
 	errList := global.Validator.ValidVar(c, id, "required,gt=0")
 	if len(errList) > 0 {
 		response.Fail(c, 101, errList[0])
 		return
 	}
 	ex := service.AllService.AddressBookService.CollectionInfoById(f.Id)
 	if ex.Id == 0 {
 		response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	if ex.UserId != u.Id {
 		response.Fail(c, 101, response.TranslateMsg(c, "NoAccess"))
 		return
 	}
 	err := service.AllService.AddressBookService.DeleteCollection(ex)
 	if err == nil {
 		response.Success(c, nil)
 		return
 	}
 	response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed")+err.Error())
 }
--- a/http/controller/admin/my/addressBookCollectionRule.go
+++ b/http/controller/admin/my/addressBookCollectionRule.go
@@ -0,0 +1,228 @@
 package my
 import (
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/model"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 )
 type AddressBookCollectionRule struct {
 }
 // List 列表
 // @Tags 我的地址簿规则
 // @Summary 地址簿规则列表
 // @Description 地址簿规则列表
 // @Accept  json
 // @Produce  json
 // @Param page query int false "页码"
 // @Param page_size query int false "页大小"
 // @Param is_my query int false "是否是我的"
 // @Param user_id query int false "用户id"
 // @Param collection_id query int false "地址簿集合id"
 // @Success 200 {object} response.Response{data=model.AddressBookCollectionList}
 // @Failure 500 {object} response.Response
 // @Router /admin/my/address_book_collection_rule/list [get]
 // @Security token
 func (abcr *AddressBookCollectionRule) List(c *gin.Context) {
 	query := &admin.AddressBookCollectionRuleQuery{}
 	if err := c.ShouldBindQuery(query); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	query.UserId = int(u.Id)
 	res := service.AllService.AddressBookService.ListRules(query.Page, query.PageSize, func(tx *gorm.DB) {
 		tx.Where("user_id = ?", query.UserId)
 		if query.CollectionId > 0 {
 			tx.Where("collection_id = ?", query.CollectionId)
 		}
 	})
 	response.Success(c, res)
 }
 // Create 创建地址簿规则
 // @Tags 我的地址簿规则
 // @Summary 创建地址簿规则
 // @Description 创建地址簿规则
 // @Accept  json
 // @Produce  json
 // @Param body body model.AddressBookCollectionRule true "地址簿规则信息"
 // @Success 200 {object} response.Response{data=model.AddressBookCollection}
 // @Failure 500 {object} response.Response
 // @Router /admin/my/address_book_collection_rule/create [post]
 // @Security token
 func (abcr *AddressBookCollectionRule) Create(c *gin.Context) {
 	f := &model.AddressBookCollectionRule{}
 	if err := c.ShouldBindJSON(f); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	errList := global.Validator.ValidStruct(c, f)
 	if len(errList) > 0 {
 		response.Fail(c, 101, errList[0])
 		return
 	}
 	if f.Type != model.ShareAddressBookRuleTypePersonal && f.Type != model.ShareAddressBookRuleTypeGroup {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
 		return
 	}
 	//t := f.ToAddressBookCollection()
 	t := f
 	u := service.AllService.UserService.CurUser(c)
 	t.UserId = u.Id
 	msg, res := abcr.CheckForm(u, t)
 	if !res {
 		response.Fail(c, 101, response.TranslateMsg(c, msg))
 		return
 	}
 	err := service.AllService.AddressBookService.CreateRule(t)
 	if err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed")+err.Error())
 		return
 	}
 	response.Success(c, nil)
 }
 func (abcr *AddressBookCollectionRule) CheckForm(u *model.User, t *model.AddressBookCollectionRule) (string, bool) {
 	if t.UserId != u.Id {
 		return "NoAccess", false
 	}
 	if t.CollectionId > 0 && !service.AllService.AddressBookService.CheckCollectionOwner(t.UserId, t.CollectionId) {
 		return "ParamsError", false
 	}
 	//check to_id
 	if t.Type == model.ShareAddressBookRuleTypePersonal {
 		if t.ToId == t.UserId {
 			return "CannotShareToSelf", false
 		}
 		tou := service.AllService.UserService.InfoById(t.ToId)
 		if tou.Id == 0 {
 			return "ItemNotFound", false
 		}
 		//非管理员不能分享给非本组织用户
 		//if tou.GroupId != u.GroupId {
 		//	return "NoAccess", false
 		//}
 	} else if t.Type == model.ShareAddressBookRuleTypeGroup {
 		//非管理员不能分享给其他组
 		//if t.ToId != u.GroupId {
 		//	return "NoAccess", false
 		//}
 		tog := service.AllService.GroupService.InfoById(t.ToId)
 		if tog.Id == 0 {
 			return "ItemNotFound", false
 		}
 	} else {
 		return "ParamsError", false
 	}
 	// 重复检查
 	ex := service.AllService.AddressBookService.RuleInfoByToIdAndCid(t.Type, t.ToId, t.CollectionId)
 	if t.Id == 0 && ex.Id > 0 {
 		return "ItemExists", false
 	}
 	if t.Id > 0 && ex.Id > 0 && t.Id != ex.Id {
 		return "ItemExists", false
 	}
 	return "", true
 }
 // Update 编辑
 // @Tags 我的地址簿规则
 // @Summary 地址簿规则编辑
 // @Description 地址簿规则编辑
 // @Accept  json
 // @Produce  json
 // @Param body body model.AddressBookCollectionRule true "地址簿规则信息"
 // @Success 200 {object} response.Response{data=model.AddressBookCollection}
 // @Failure 500 {object} response.Response
 // @Router /admin/my/address_book_collection_rule/update [post]
 // @Security token
 func (abcr *AddressBookCollectionRule) Update(c *gin.Context) {
 	f := &model.AddressBookCollectionRule{}
 	if err := c.ShouldBindJSON(f); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	errList := global.Validator.ValidStruct(c, f)
 	if len(errList) > 0 {
 		response.Fail(c, 101, errList[0])
 		return
 	}
 	if f.Id == 0 {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	ex := service.AllService.AddressBookService.RuleInfoById(f.Id)
 	if ex.Id == 0 {
 		response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 		return
 	}
 	if ex.UserId != u.Id {
 		response.Fail(c, 101, response.TranslateMsg(c, "NoAccess"))
 		return
 	}
 	t := f
 	msg, res := abcr.CheckForm(u, t)
 	if !res {
 		response.Fail(c, 101, response.TranslateMsg(c, msg))
 		return
 	}
 	err := service.AllService.AddressBookService.UpdateRule(t)
 	if err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed")+err.Error())
 		return
 	}
 	response.Success(c, nil)
 }
 // Delete 删除
 // @Tags 我的地址簿规则
 // @Summary 地址簿规则删除
 // @Description 地址簿规则删除
 // @Accept  json
 // @Produce  json
 // @Param body body model.AddressBookCollectionRule true "地址簿规则信息"
 // @Success 200 {object} response.Response
 // @Failure 500 {object} response.Response
 // @Router /admin/my/address_book_collection_rule/delete [post]
 // @Security token
 func (abcr *AddressBookCollectionRule) Delete(c *gin.Context) {
 	f := &model.AddressBookCollectionRule{}
 	if err := c.ShouldBindJSON(f); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	id := f.Id
 	errList := global.Validator.ValidVar(c, id, "required,gt=0")
 	if len(errList) > 0 {
 		response.Fail(c, 101, errList[0])
 		return
 	}
 	ex := service.AllService.AddressBookService.RuleInfoById(f.Id)
 	if ex.Id == 0 {
 		response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	if ex.UserId != u.Id {
 		response.Fail(c, 101, response.TranslateMsg(c, "NoAccess"))
 		return
 	}
 	err := service.AllService.AddressBookService.DeleteRule(ex)
 	if err == nil {
 		response.Success(c, nil)
 		return
 	}
 	response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed")+err.Error())
 }
--- a/http/controller/admin/my/loginLog.go
+++ b/http/controller/admin/my/loginLog.go
@@ -0,0 +1,113 @@
 package my
 import (
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/model"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 )
 type LoginLog struct {
 }
 // List 列表
 // @Tags 我的登录日志
 // @Summary 登录日志列表
 // @Description 登录日志列表
 // @Accept  json
 // @Produce  json
 // @Param page query int false "页码"
 // @Param page_size query int false "页大小"
 // @Param user_id query int false "用户ID"
 // @Success 200 {object} response.Response{data=model.LoginLogList}
 // @Failure 500 {object} response.Response
 // @Router /admin/my/login_log/list [get]
 // @Security token
 func (ct *LoginLog) List(c *gin.Context) {
 	query := &admin.LoginLogQuery{}
 	if err := c.ShouldBindQuery(query); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	res := service.AllService.LoginLogService.List(query.Page, query.PageSize, func(tx *gorm.DB) {
 		tx.Where("user_id = ? and is_deleted = ?", u.Id, model.IsDeletedNo)
 		tx.Order("id desc")
 	})
 	response.Success(c, res)
 }
 // Delete 删除
 // @Tags 我的登录日志
 // @Summary 登录日志删除
 // @Description 登录日志删除
 // @Accept  json
 // @Produce  json
 // @Param body body model.LoginLog true "登录日志信息"
 // @Success 200 {object} response.Response
 // @Failure 500 {object} response.Response
 // @Router /admin/my/login_log/delete [post]
 // @Security token
 func (ct *LoginLog) Delete(c *gin.Context) {
 	f := &model.LoginLog{}
 	if err := c.ShouldBindJSON(f); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	id := f.Id
 	errList := global.Validator.ValidVar(c, id, "required,gt=0")
 	if len(errList) > 0 {
 		response.Fail(c, 101, errList[0])
 		return
 	}
 	l := service.AllService.LoginLogService.InfoById(f.Id)
 	if l.Id == 0 || l.IsDeleted == model.IsDeletedYes {
 		response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	if l.UserId != u.Id {
 		response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 		return
 	}
 	err := service.AllService.LoginLogService.SoftDelete(l)
 	if err == nil {
 		response.Success(c, nil)
 		return
 	}
 	response.Fail(c, 101, err.Error())
 }
 // BatchDelete 删除
 // @Tags 我的登录日志
 // @Summary 登录日志批量删除
 // @Description 登录日志批量删除
 // @Accept  json
 // @Produce  json
 // @Param body body admin.LoginLogIds true "登录日志"
 // @Success 200 {object} response.Response
 // @Failure 500 {object} response.Response
 // @Router /admin/my/login_log/batchDelete [post]
 // @Security token
 func (ct *LoginLog) BatchDelete(c *gin.Context) {
 	f := &admin.LoginLogIds{}
 	if err := c.ShouldBindJSON(f); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	if len(f.Ids) == 0 {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	err := service.AllService.LoginLogService.BatchSoftDelete(u.Id, f.Ids)
 	if err == nil {
 		response.Success(c, nil)
 		return
 	}
 	response.Fail(c, 101, err.Error())
 	return
 }
--- a/http/controller/admin/my/peer.go
+++ b/http/controller/admin/my/peer.go
@@ -0,0 +1,59 @@
 package my
 import (
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 	"time"
 )
 type Peer struct {
 }
 // List 列表
 // @Tags 我的设备
 // @Summary 设备列表
 // @Description 设备列表
 // @Accept  json
 // @Produce  json
 // @Param page query int false "页码"
 // @Param page_size query int false "页大小"
 // @Param time_ago query int false "时间"
 // @Param id query string false "ID"
 // @Param hostname query string false "主机名"
 // @Param uuids query string false "uuids 用逗号分隔"
 // @Success 200 {object} response.Response{data=model.PeerList}
 // @Failure 500 {object} response.Response
 // @Router /admin/my/peer/list [get]
 // @Security token
 func (ct *Peer) List(c *gin.Context) {
 	query := &admin.PeerQuery{}
 	if err := c.ShouldBindQuery(query); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	res := service.AllService.PeerService.List(query.Page, query.PageSize, func(tx *gorm.DB) {
 		tx.Where("user_id = ?", u.Id)
 		if query.TimeAgo > 0 {
 			lt := time.Now().Unix() - int64(query.TimeAgo)
 			tx.Where("last_online_time < ?", lt)
 		}
 		if query.TimeAgo < 0 {
 			lt := time.Now().Unix() + int64(query.TimeAgo)
 			tx.Where("last_online_time > ?", lt)
 		}
 		if query.Id != "" {
 			tx.Where("id like ?", "%"+query.Id+"%")
 		}
 		if query.Hostname != "" {
 			tx.Where("hostname like ?", "%"+query.Hostname+"%")
 		}
 		if query.Uuids != "" {
 			tx.Where("uuid in (?)", query.Uuids)
 		}
 	})
 	response.Success(c, res)
 }
--- a/http/controller/admin/my/shareRecord.go
+++ b/http/controller/admin/my/shareRecord.go
@@ -1,11 +1,11 @@
 package my
 import (
 	"Gwen/global"
 	"Gwen/http/request/admin"
 	"Gwen/http/response"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 )
@@ -13,7 +13,7 @@ type ShareRecord struct {
 }
 // List 分享记录列表
-// @Tags 我的
+// @Tags 我的分享记录
 // @Summary 分享记录列表
 // @Description 分享记录列表
 // @Accept  json
@@ -38,7 +38,7 @@ func (sr *ShareRecord) List(c *gin.Context) {
 }
 // Delete 分享记录删除
-// @Tags 我的
+// @Tags 我的分享记录
 // @Summary 分享记录删除
 // @Description 分享记录删除
 // @Accept  json
--- a/http/controller/admin/my/tag.go
+++ b/http/controller/admin/my/tag.go
@@ -0,0 +1,176 @@
 package my
 import (
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 )
 type Tag struct{}
 // List 列表
 // @Tags 我的标签
 // @Summary 标签列表
 // @Description 标签列表
 // @Accept  json
 // @Produce  json
 // @Param page query int false "页码"
 // @Param page_size query int false "页大小"
 // @Param is_my query int false "是否是我的"
 // @Param user_id query int false "用户id"
 // @Success 200 {object} response.Response{data=model.TagList}
 // @Failure 500 {object} response.Response
 // @Router /admin/my/tag/list [get]
 // @Security token
 func (ct *Tag) List(c *gin.Context) {
 	query := &admin.TagQuery{}
 	if err := c.ShouldBindQuery(query); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	query.UserId = int(u.Id)
 	res := service.AllService.TagService.List(query.Page, query.PageSize, func(tx *gorm.DB) {
 		tx.Preload("Collection", func(txc *gorm.DB) *gorm.DB {
 			return txc.Select("id,name")
 		})
 		tx.Where("user_id = ?", query.UserId)
 		if query.CollectionId != nil && *query.CollectionId >= 0 {
 			tx.Where("collection_id = ?", query.CollectionId)
 		}
 	})
 	response.Success(c, res)
 }
 // Create 创建标签
 // @Tags 我的标签
 // @Summary 创建标签
 // @Description 创建标签
 // @Accept  json
 // @Produce  json
 // @Param body body admin.TagForm true "标签信息"
 // @Success 200 {object} response.Response{data=model.Tag}
 // @Failure 500 {object} response.Response
 // @Router /admin/my/tag/create [post]
 // @Security token
 func (ct *Tag) Create(c *gin.Context) {
 	f := &admin.TagForm{}
 	if err := c.ShouldBindJSON(f); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	errList := global.Validator.ValidStruct(c, f)
 	if len(errList) > 0 {
 		response.Fail(c, 101, errList[0])
 		return
 	}
 	t := f.ToTag()
 	u := service.AllService.UserService.CurUser(c)
 	t.UserId = u.Id
 	err := service.AllService.TagService.Create(t)
 	if err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed")+err.Error())
 		return
 	}
 	response.Success(c, nil)
 }
 // Update 编辑
 // @Tags 我的标签
 // @Summary 标签编辑
 // @Description 标签编辑
 // @Accept  json
 // @Produce  json
 // @Param body body admin.TagForm true "标签信息"
 // @Success 200 {object} response.Response{data=model.Tag}
 // @Failure 500 {object} response.Response
 // @Router /admin/my/tag/update [post]
 // @Security token
 func (ct *Tag) Update(c *gin.Context) {
 	f := &admin.TagForm{}
 	if err := c.ShouldBindJSON(f); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	errList := global.Validator.ValidStruct(c, f)
 	if len(errList) > 0 {
 		response.Fail(c, 101, errList[0])
 		return
 	}
 	if f.Id == 0 {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	if f.UserId != u.Id {
 		response.Fail(c, 101, response.TranslateMsg(c, "NoAccess"))
 		return
 	}
 	ex := service.AllService.TagService.InfoById(f.Id)
 	if ex.Id == 0 {
 		response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 		return
 	}
 	if ex.UserId != u.Id {
 		response.Fail(c, 101, response.TranslateMsg(c, "NoAccess"))
 		return
 	}
 	t := f.ToTag()
 	if t.CollectionId > 0 && !service.AllService.AddressBookService.CheckCollectionOwner(t.UserId, t.CollectionId) {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
 		return
 	}
 	err := service.AllService.TagService.Update(t)
 	if err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed")+err.Error())
 		return
 	}
 	response.Success(c, nil)
 }
 // Delete 删除
 // @Tags 标签
 // @Summary 标签删除
 // @Description 标签删除
 // @Accept  json
 // @Produce  json
 // @Param body body admin.TagForm true "标签信息"
 // @Success 200 {object} response.Response
 // @Failure 500 {object} response.Response
 // @Router /admin/my/tag/delete [post]
 // @Security token
 func (ct *Tag) Delete(c *gin.Context) {
 	f := &admin.TagForm{}
 	if err := c.ShouldBindJSON(f); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	id := f.Id
 	errList := global.Validator.ValidVar(c, id, "required,gt=0")
 	if len(errList) > 0 {
 		response.Fail(c, 101, errList[0])
 		return
 	}
 	ex := service.AllService.TagService.InfoById(f.Id)
 	if ex.Id == 0 {
 		response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	if ex.UserId != u.Id {
 		response.Fail(c, 101, response.TranslateMsg(c, "NoAccess"))
 		return
 	}
 	err := service.AllService.TagService.Delete(ex)
 	if err == nil {
 		response.Success(c, nil)
 		return
 	}
 	response.Fail(c, 101, err.Error())
 	return
 }
--- a/http/controller/admin/oauth.go
+++ b/http/controller/admin/oauth.go
@@ -1,13 +1,14 @@
 package admin
 import (
 	"Gwen/global"
 	"Gwen/http/request/admin"
 	adminReq "Gwen/http/request/admin"
 	"Gwen/http/response"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	"strconv"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
 	adminReq "github.com/lejianwen/rustdesk-api/v2/http/request/admin"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 )
 type Oauth struct {
@@ -43,20 +44,22 @@ func (o *Oauth) ToBind(c *gin.Context) {
 		return
 	}
-	err, code, url := service.AllService.OauthService.BeginAuth(f.Op)
+	err, state, verifier, nonce, url := service.AllService.OauthService.BeginAuth(c, f.Op)
 	if err != nil {
 		response.Error(c, response.TranslateMsg(c, err.Error()))
 		return
 	}
-	service.AllService.OauthService.SetOauthCache(code, &service.OauthCacheItem{
+	service.AllService.OauthService.SetOauthCache(state, &service.OauthCacheItem{
-		Action: service.OauthActionTypeBind,
+		Action:   service.OauthActionTypeBind,
-		Op:     f.Op,
+		Op:       f.Op,
-		UserId: u.Id,
+		UserId:   u.Id,
 		Verifier: verifier,
 		Nonce:    nonce,
 	}, 5*60)
 	response.Success(c, gin.H{
-		"code": code,
+		"code": state,
 		"url":  url,
 	})
 }
@@ -66,16 +69,16 @@ func (o *Oauth) Confirm(c *gin.Context) {
 	j := &adminReq.OauthConfirmForm{}
 	err := c.ShouldBindJSON(j)
 	if err != nil {
-		response.Fail(c, 101, "参数错误"+err.Error())
+		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	if j.Code == "" {
-		response.Fail(c, 101, "参数错误: code 不存在")
+		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
 		return
 	}
 	v := service.AllService.OauthService.GetOauthCache(j.Code)
 	if v == nil {
-		response.Fail(c, 101, "授权已过期")
+		response.Fail(c, 101, response.TranslateMsg(c, "OauthExpired"))
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
--- a/http/controller/admin/peer.go
+++ b/http/controller/admin/peer.go
@@ -1,11 +1,11 @@
 package admin
 import (
 	"Gwen/global"
 	"Gwen/http/request/admin"
 	"Gwen/http/response"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 	"strconv"
 	"time"
@@ -108,6 +108,12 @@ func (ct *Peer) List(c *gin.Context) {
 		if query.Uuids != "" {
 			tx.Where("uuid in (?)", query.Uuids)
 		}
 		if query.Username != "" {
 			tx.Where("username like ?", "%"+query.Username+"%")
 		}
 		if query.Ip != "" {
 			tx.Where("last_online_ip like ?", "%"+query.Ip+"%")
 		}
 	})
 	response.Success(c, res)
 }
--- a/http/controller/admin/rustdesk.go
+++ b/http/controller/admin/rustdesk.go
@@ -1,46 +1,137 @@
 package admin
 import (
 	"Gwen/global"
 	"Gwen/http/response"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/model"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 )
 type Rustdesk struct {
 }
-// ServerConfig RUSTDESK服务配置
+type RustdeskCmd struct {
-// @Tags ADMIN
+	Cmd    string `json:"cmd"`
-// @Summary RUSTDESK服务配置
+	Option string `json:"option"`
-// @Description 服务配置,给webclient提供api-server
+	Target string `json:"target"`
 // @Accept  json
 // @Produce  json
 // @Success 200 {object} response.Response
 // @Failure 500 {object} response.Response
 // @Router /admin/server-config [get]
 // @Security token
 func (r *Rustdesk) ServerConfig(c *gin.Context) {
 	cf := &response.ServerConfigResponse{
 		IdServer:    global.Config.Rustdesk.IdServer,
 		Key:         global.Config.Rustdesk.Key,
 		RelayServer: global.Config.Rustdesk.RelayServer,
 		ApiServer:   global.Config.Rustdesk.ApiServer,
 	}
 	response.Success(c, cf)
 }
-// AppConfig APP服务配置
+func (r *Rustdesk) CmdList(c *gin.Context) {
-// @Tags ADMIN
+	q := &admin.PageQuery{}
-// @Summary APP服务配置
+	if err := c.ShouldBindQuery(q); err != nil {
-// @Description APP服务配置
+		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
-// @Accept  json
+		return
-// @Produce  json
+	}
-// @Success 200 {object} response.Response
+	res := service.AllService.ServerCmdService.List(q.Page, 9999)
-// @Failure 500 {object} response.Response
+	//在列表前添加系统命令
-// @Router /admin/app-config [get]
+	list := make([]*model.ServerCmd, 0)
-// @Security token
+	list = append(list, model.SysIdServerCmds...)
-func (r *Rustdesk) AppConfig(c *gin.Context) {
+	list = append(list, model.SysRelayServerCmds...)
-	response.Success(c, &gin.H{
+	list = append(list, res.ServerCmds...)
-		"web_client": global.Config.App.WebClient,
+	res.ServerCmds = list
-	})
+	response.Success(c, res)
 }
 func (r *Rustdesk) CmdDelete(c *gin.Context) {
 	f := &model.ServerCmd{}
 	if err := c.ShouldBindJSON(f); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	if f.Id == 0 {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
 		return
 	}
 	ex := service.AllService.ServerCmdService.Info(f.Id)
 	if ex.Id == 0 {
 		response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 		return
 	}
 	err := service.AllService.ServerCmdService.Delete(ex)
 	if err != nil {
 		response.Fail(c, 101, err.Error())
 		return
 	}
 	response.Success(c, nil)
 }
 func (r *Rustdesk) CmdCreate(c *gin.Context) {
 	f := &model.ServerCmd{}
 	if err := c.ShouldBindJSON(f); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	errList := global.Validator.ValidStruct(c, f)
 	if len(errList) > 0 {
 		response.Fail(c, 101, errList[0])
 		return
 	}
 	err := service.AllService.ServerCmdService.Create(f)
 	if err != nil {
 		response.Fail(c, 101, err.Error())
 		return
 	}
 	response.Success(c, nil)
 }
 func (r *Rustdesk) CmdUpdate(c *gin.Context) {
 	f := &model.ServerCmd{}
 	if err := c.ShouldBindJSON(f); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	errList := global.Validator.ValidStruct(c, f)
 	if len(errList) > 0 {
 		response.Fail(c, 101, errList[0])
 		return
 	}
 	ex := service.AllService.ServerCmdService.Info(f.Id)
 	if ex.Id == 0 {
 		response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 		return
 	}
 	err := service.AllService.ServerCmdService.Update(f)
 	if err != nil {
 		response.Fail(c, 101, err.Error())
 		return
 	}
 	response.Success(c, nil)
 }
 func (r *Rustdesk) SendCmd(c *gin.Context) {
 	rc := &RustdeskCmd{}
 	if err := c.ShouldBindJSON(rc); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	if rc.Cmd == "" {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
 		return
 	}
 	if rc.Target == "" {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
 		return
 	}
 	if rc.Target != model.ServerCmdTargetIdServer && rc.Target != model.ServerCmdTargetRelayServer {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
 		return
 	}
 	port := 0
 	switch rc.Target {
 	case model.ServerCmdTargetIdServer:
 		port = global.Config.Admin.IdServerPort - 1
 	case model.ServerCmdTargetRelayServer:
 		port = global.Config.Admin.RelayServerPort
 	}
 	res, err := service.AllService.ServerCmdService.SendCmd(port, rc.Cmd, rc.Option)
 	if err != nil {
 		response.Fail(c, 101, err.Error())
 		return
 	}
 	response.Success(c, res)
 }
--- a/http/controller/admin/shareRecord.go
+++ b/http/controller/admin/shareRecord.go
@@ -1,11 +1,11 @@
 package admin
 import (
 	"Gwen/global"
 	"Gwen/http/request/admin"
 	"Gwen/http/response"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 )
--- a/http/controller/admin/tag.go
+++ b/http/controller/admin/tag.go
@@ -1,11 +1,11 @@
 package admin
 import (
 	"Gwen/global"
 	"Gwen/http/request/admin"
 	"Gwen/http/response"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 	"strconv"
 )
@@ -64,9 +64,9 @@ func (ct *Tag) Create(c *gin.Context) {
 		return
 	}
 	t := f.ToTag()
-	u := service.AllService.UserService.CurUser(c)
+	if t.UserId == 0 {
-	if !service.AllService.UserService.IsAdmin(u) || t.UserId == 0 {
+		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
-		t.UserId = u.Id
+		return
 	}
 	err := service.AllService.TagService.Create(t)
 	if err != nil {
@@ -96,10 +96,6 @@ func (ct *Tag) List(c *gin.Context) {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	if !service.AllService.UserService.IsAdmin(u) || query.IsMy == 1 {
 		query.UserId = int(u.Id)
 	}
 	res := service.AllService.TagService.List(query.Page, query.PageSize, func(tx *gorm.DB) {
 		tx.Preload("Collection", func(txc *gorm.DB) *gorm.DB {
 			return txc.Select("id,name")
@@ -140,12 +136,12 @@ func (ct *Tag) Update(c *gin.Context) {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError"))
 		return
 	}
-	t := f.ToTag()
+	ex := service.AllService.TagService.InfoById(f.Id)
-	u := service.AllService.UserService.CurUser(c)
+	if ex.Id == 0 {
-	if !service.AllService.UserService.IsAdmin(u) && t.UserId != u.Id {
+		response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 		response.Fail(c, 101, response.TranslateMsg(c, "NoAccess"))
 		return
 	}
 	t := f.ToTag()
 	err := service.AllService.TagService.Update(t)
 	if err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed")+err.Error())
@@ -177,20 +173,15 @@ func (ct *Tag) Delete(c *gin.Context) {
 		response.Fail(c, 101, errList[0])
 		return
 	}
-	t := service.AllService.TagService.InfoById(f.Id)
+	ex := service.AllService.TagService.InfoById(f.Id)
-	u := service.AllService.UserService.CurUser(c)
+	if ex.Id == 0 {
-	if !service.AllService.UserService.IsAdmin(u) && t.UserId != u.Id {
+		response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
 		response.Fail(c, 101, response.TranslateMsg(c, "NoAccess"))
 		return
 	}
-	if u.Id > 0 {
+	err := service.AllService.TagService.Delete(ex)
-		err := service.AllService.TagService.Delete(t)
+	if err == nil {
-		if err == nil {
+		response.Success(c, nil)
 			response.Success(c, nil)
 			return
 		}
 		response.Fail(c, 101, err.Error())
 		return
 	}
-	response.Fail(c, 101, response.TranslateMsg(c, "ItemNotFound"))
+	response.Fail(c, 101, err.Error())
 }
--- a/http/controller/admin/user.go
+++ b/http/controller/admin/user.go
@@ -1,16 +1,16 @@
 package admin
 import (
 	"Gwen/global"
 	"Gwen/http/request/admin"
 	"Gwen/http/response"
 	adResp "Gwen/http/response/admin"
 	"Gwen/model"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	adResp "github.com/lejianwen/rustdesk-api/v2/http/response/admin"
 	"github.com/lejianwen/rustdesk-api/v2/model"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"github.com/lejianwen/rustdesk-api/v2/utils"
 	"gorm.io/gorm"
 	"strconv"
 	"time"
 )
 type User struct {
@@ -244,11 +244,10 @@ func (ct *User) ChangeCurPwd(c *gin.Context) {
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
-	// If the password is not empty, the old password is verified
+	// Verify the old password only when the account already has one set
 	// otherwise, the old password is not verified
 	if !service.AllService.UserService.IsPasswordEmptyByUser(u) {
-		oldPwd := service.AllService.UserService.EncryptPassword(f.OldPassword)
+		ok, _, err := utils.VerifyPassword(u.Password, f.OldPassword)
-		if u.Password != oldPwd {
+		if err != nil || !ok {
 			response.Fail(c, 101, response.TranslateMsg(c, "OldPasswordError"))
 			return
 		}
@@ -295,79 +294,14 @@ func (ct *User) MyOauth(c *gin.Context) {
 	response.Success(c, res)
 }
 // MyPeer 列表
 // @Tags 设备
 // @Summary 我的设备列表
 // @Description 我的设备列表
 // @Accept  json
 // @Produce  json
 // @Param page query int false "页码"
 // @Param page_size query int false "页大小"
 // @Param time_ago query int false "时间"
 // @Param id query string false "ID"
 // @Param hostname query string false "主机名"
 // @Param uuids query string false "uuids 用逗号分隔"
 // @Success 200 {object} response.Response{data=model.PeerList}
 // @Failure 500 {object} response.Response
 // @Router /admin/user/myPeer [get]
 // @Security token
 func (ct *User) MyPeer(c *gin.Context) {
 	query := &admin.PeerQuery{}
 	if err := c.ShouldBindQuery(query); err != nil {
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
 	u := service.AllService.UserService.CurUser(c)
 	res := service.AllService.PeerService.ListFilterByUserId(query.Page, query.PageSize, func(tx *gorm.DB) {
 		if query.TimeAgo > 0 {
 			lt := time.Now().Unix() - int64(query.TimeAgo)
 			tx.Where("last_online_time < ?", lt)
 		}
 		if query.TimeAgo < 0 {
 			lt := time.Now().Unix() + int64(query.TimeAgo)
 			tx.Where("last_online_time > ?", lt)
 		}
 		if query.Id != "" {
 			tx.Where("id like ?", "%"+query.Id+"%")
 		}
 		if query.Hostname != "" {
 			tx.Where("hostname like ?", "%"+query.Hostname+"%")
 		}
 		if query.Uuids != "" {
 			tx.Where("uuid in (?)", query.Uuids)
 		}
 	}, u.Id)
 	response.Success(c, res)
 }
 // groupUsers
 func (ct *User) GroupUsers(c *gin.Context) {
-	q := &admin.GroupUsersQuery{}
+	aG := service.AllService.GroupService.List(1, 999, nil)
-	if err := c.ShouldBindJSON(q); err != nil {
+	aU := service.AllService.UserService.List(1, 9999, nil)
-		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
+	response.Success(c, gin.H{
-		return
+		"groups": aG.Groups,
-	}
+		"users":  aU.Users,
 	u := service.AllService.UserService.CurUser(c)
 	gid := u.GroupId
 	uid := u.Id
 	if service.AllService.UserService.IsAdmin(u) && q.UserId > 0 {
 		nu := service.AllService.UserService.InfoById(q.UserId)
 		gid = nu.GroupId
 		uid = q.UserId
 	}
 	res := service.AllService.UserService.List(1, 999, func(tx *gorm.DB) {
 		tx.Where("group_id = ?", gid)
 	})
 	var data []*adResp.GroupUsersPayload
 	for _, _u := range res.Users {
 		gup := &adResp.GroupUsersPayload{}
 		gup.FromUser(_u)
 		if _u.Id == uid {
 			gup.Status = 0
 		}
 		data = append(data, gup)
 	}
 	response.Success(c, data)
 }
 // Register
@@ -386,11 +320,22 @@ func (ct *User) Register(c *gin.Context) {
 		response.Fail(c, 101, errList[0])
 		return
 	}
-	u := service.AllService.UserService.Register(f.Username, f.Email, f.Password)
+	regStatus := model.StatusCode(global.Config.App.RegisterStatus)
 	// 注册状态可能未配置，默认启用
 	if regStatus != model.COMMON_STATUS_DISABLED && regStatus != model.COMMON_STATUS_ENABLE {
 		regStatus = model.COMMON_STATUS_ENABLE
 	}
 	u := service.AllService.UserService.Register(f.Username, f.Email, f.Password, regStatus)
 	if u == nil || u.Id == 0 {
 		response.Fail(c, 101, response.TranslateMsg(c, "OperationFailed"))
 		return
 	}
 	if regStatus == model.COMMON_STATUS_DISABLED {
 		// 需要管理员审核
 		response.Fail(c, 101, response.TranslateMsg(c, "RegisterSuccessWaitAdminConfirm"))
 		return
 	}
 	// 注册成功后自动登录
 	ut := service.AllService.UserService.Login(u, &model.LoginLog{
 		UserId: u.Id,
--- a/http/controller/admin/userToken.go
+++ b/http/controller/admin/userToken.go
@@ -1,12 +1,12 @@
 package admin
 import (
 	"Gwen/global"
 	"Gwen/http/request/admin"
 	"Gwen/http/response"
 	"Gwen/model"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/model"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 )
--- a/http/controller/api/ab.go
+++ b/http/controller/api/ab.go
@@ -1,16 +1,16 @@
 package api
 import (
 	"Gwen/global"
 	requstform "Gwen/http/request/api"
 	"Gwen/http/response"
 	"Gwen/http/response/api"
 	"Gwen/model"
 	"Gwen/service"
 	"Gwen/utils"
 	"encoding/json"
 	"errors"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	requstform "github.com/lejianwen/rustdesk-api/v2/http/request/api"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/http/response/api"
 	"github.com/lejianwen/rustdesk-api/v2/model"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"github.com/lejianwen/rustdesk-api/v2/utils"
 	"net/http"
 	"strconv"
 	"strings"
@@ -32,8 +32,8 @@ type Ab struct {
 func (a *Ab) Ab(c *gin.Context) {
 	user := service.AllService.UserService.CurUser(c)
-	al := service.AllService.AddressBookService.ListByUserId(user.Id, 1, 1000)
+	al := service.AllService.AddressBookService.ListByUserIdAndCollectionId(user.Id, 0, 1, 1000)
-	tags := service.AllService.TagService.ListByUserId(user.Id)
+	tags := service.AllService.TagService.ListByUserIdAndCollectionId(user.Id, 0)
 	tagColors := map[string]uint{}
 	//将tags中的name转成一个以逗号分割的字符串
@@ -98,23 +98,6 @@ func (a *Ab) UpAb(c *gin.Context) {
 	c.JSON(http.StatusOK, nil)
 }
 // Tags
 // @Tags 地址
 // @Summary 标签
 // @Description 标签
 // @Accept  json
 // @Produce  json
 // @Success 200 {object} []model.Tag
 // @Failure 500 {object} response.ErrorResponse
 // @Router /tags [post]
 // @Security BearerAuth
 func (a *Ab) Tags(c *gin.Context) {
 	user := service.AllService.UserService.CurUser(c)
 	tags := service.AllService.TagService.ListByUserId(user.Id)
 	c.JSON(http.StatusOK, tags.Tags)
 }
 // PTags
 // @Tags 地址[Personal]
 // @Summary 标签
--- a/http/controller/api/audit.go
+++ b/http/controller/api/audit.go
@@ -1,12 +1,12 @@
 package api
 import (
 	request "Gwen/http/request/api"
 	"Gwen/http/response"
 	"Gwen/model"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	"github.com/gin-gonic/gin/binding"
 	request "github.com/lejianwen/rustdesk-api/v2/http/request/api"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/model"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"time"
 )
--- a/http/controller/api/group.go
+++ b/http/controller/api/group.go
@@ -1,12 +1,12 @@
 package api
 import (
 	apiReq "Gwen/http/request/api"
 	"Gwen/http/response"
 	apiResp "Gwen/http/response/api"
 	"Gwen/model"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	apiReq "github.com/lejianwen/rustdesk-api/v2/http/request/api"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	apiResp "github.com/lejianwen/rustdesk-api/v2/http/response/api"
 	"github.com/lejianwen/rustdesk-api/v2/model"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"net/http"
 )
@@ -45,7 +45,7 @@ func (g *Group) Users(c *gin.Context) {
 		userList = service.AllService.UserService.ListByGroupId(u.GroupId, q.Page, q.PageSize)
 	}
-	var data []*apiResp.UserPayload
+	data := make([]*apiResp.UserPayload, 0, len(userList.Users))
 	for _, user := range userList.Users {
 		up := &apiResp.UserPayload{}
 		up.FromUser(user)
@@ -88,21 +88,30 @@ func (g *Group) Peers(c *gin.Context) {
 		users = service.AllService.UserService.ListIdAndNameByGroupId(u.GroupId)
 	}
-	namesById := make(map[uint]string)
+	namesById := make(map[uint]string, len(users))
-	userIds := make([]uint, 0)
+	userIds := make([]uint, 0, len(users))
 	for _, user := range users {
 		namesById[user.Id] = user.Username
 		userIds = append(userIds, user.Id)
 	}
 	dGroupNameById := make(map[uint]string)
 	allGroup := service.AllService.GroupService.DeviceGroupList(1, 999, nil)
 	for _, group := range allGroup.DeviceGroups {
 		dGroupNameById[group.Id] = group.Name
 	}
 	peerList := service.AllService.PeerService.ListByUserIds(userIds, q.Page, q.PageSize)
-	var data []*apiResp.GroupPeerPayload
+	data := make([]*apiResp.GroupPeerPayload, 0, len(peerList.Peers))
 	for _, peer := range peerList.Peers {
 		uname, ok := namesById[peer.UserId]
 		if !ok {
 			uname = ""
 		}
 		dGroupName, ok2 := dGroupNameById[peer.GroupId]
 		if !ok2 {
 			dGroupName = ""
 		}
 		pp := &apiResp.GroupPeerPayload{}
-		pp.FromPeer(peer, uname)
+		pp.FromPeer(peer, uname, dGroupName)
 		data = append(data, pp)
 	}
@@ -111,3 +120,31 @@ func (g *Group) Peers(c *gin.Context) {
 		Data:  data,
 	})
 }
 // Device
 // @Tags 群组
 // @Summary 设备
 // @Description 机器
 // @Accept  json
 // @Produce  json
 // @Param page query int false "页码"
 // @Param pageSize query int false "每页数量"
 // @Param status query int false "状态"
 // @Param accessible query string false "accessible"
 // @Success 200 {object} response.DataResponse
 // @Failure 500 {object} response.Response
 // @Router /device-group/accessible [get]
 // @Security BearerAuth
 func (g *Group) Device(c *gin.Context) {
 	u := service.AllService.UserService.CurUser(c)
 	if !service.AllService.UserService.IsAdmin(u) {
 		response.Error(c, "Permission denied")
 		return
 	}
 	allGroup := service.AllService.GroupService.DeviceGroupList(1, 999, nil)
 	c.JSON(http.StatusOK, response.DataResponse{
 		Total: 0,
 		Data:  allGroup.DeviceGroups,
 	})
 }
--- a/http/controller/api/index.go
+++ b/http/controller/api/index.go
@@ -1,11 +1,11 @@
 package api
 import (
 	requstform "Gwen/http/request/api"
 	"Gwen/http/response"
 	"Gwen/model"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	requstform "github.com/lejianwen/rustdesk-api/v2/http/request/api"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/model"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"net/http"
 	"time"
 )
@@ -55,9 +55,27 @@ func (i *Index) Heartbeat(c *gin.Context) {
 		return
 	}
 	//如果在40s以内则不更新
-	if time.Now().Unix()-peer.LastOnlineTime > 40 {
+	if time.Now().Unix()-peer.LastOnlineTime >= 30 {
 		upp := &model.Peer{RowId: peer.RowId, LastOnlineTime: time.Now().Unix(), LastOnlineIp: c.ClientIP()}
 		service.AllService.PeerService.Update(upp)
 	}
 	c.JSON(http.StatusOK, gin.H{})
 }
 // Version 版本
 // @Tags 首页
 // @Summary 版本
 // @Description 版本
 // @Accept  json
 // @Produce  json
 // @Success 200 {object} response.Response
 // @Failure 500 {object} response.Response
 // @Router /version [get]
 func (i *Index) Version(c *gin.Context) {
 	//读取resources/version文件
 	v := service.AllService.AppService.GetAppVersion()
 	response.Success(
 		c,
 		v,
 	)
 }
--- a/http/controller/api/login.go
+++ b/http/controller/api/login.go
@@ -1,15 +1,15 @@
 package api
 import (
 	"Gwen/global"
 	"Gwen/http/request/api"
 	"Gwen/http/response"
 	apiResp "Gwen/http/response/api"
 	"Gwen/model"
 	"Gwen/service"
 	"encoding/json"
 	"fmt"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/api"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	apiResp "github.com/lejianwen/rustdesk-api/v2/http/response/api"
 	"github.com/lejianwen/rustdesk-api/v2/model"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"net/http"
 )
@@ -27,10 +27,20 @@ type Login struct {
 // @Failure 500 {object} response.ErrorResponse
 // @Router /login [post]
 func (l *Login) Login(c *gin.Context) {
 	if global.Config.App.DisablePwdLogin {
 		response.Error(c, response.TranslateMsg(c, "PwdLoginDisabled"))
 		return
 	}
 	// 检查登录限制
 	loginLimiter := global.LoginLimiter
 	clientIp := c.ClientIP()
 	f := &api.LoginForm{}
 	err := c.ShouldBindJSON(f)
 	//fmt.Println(f)
 	if err != nil {
 		loginLimiter.RecordFailedAttempt(clientIp)
 		global.Logger.Warn(fmt.Sprintf("Login Fail: %s %s %s", "ParamsError", c.RemoteIP(), c.ClientIP()))
 		response.Error(c, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
@@ -38,6 +48,7 @@ func (l *Login) Login(c *gin.Context) {
 	errList := global.Validator.ValidStruct(c, f)
 	if len(errList) > 0 {
 		loginLimiter.RecordFailedAttempt(clientIp)
 		global.Logger.Warn(fmt.Sprintf("Login Fail: %s %s %s", "ParamsError", c.RemoteIP(), c.ClientIP()))
 		response.Error(c, errList[0])
 		return
@@ -46,11 +57,17 @@ func (l *Login) Login(c *gin.Context) {
 	u := service.AllService.UserService.InfoByUsernamePassword(f.Username, f.Password)
 	if u.Id == 0 {
 		loginLimiter.RecordFailedAttempt(clientIp)
 		global.Logger.Warn(fmt.Sprintf("Login Fail: %s %s %s", "UsernameOrPasswordError", c.RemoteIP(), c.ClientIP()))
 		response.Error(c, response.TranslateMsg(c, "UsernameOrPasswordError"))
 		return
 	}
 	if !service.AllService.UserService.CheckUserEnable(u) {
 		response.Error(c, response.TranslateMsg(c, "UserDisabled"))
 		return
 	}
 	//根据refer判断是webclient还是app
 	ref := c.GetHeader("referer")
 	if ref != "" {
@@ -85,7 +102,9 @@ func (l *Login) Login(c *gin.Context) {
 // @Router /login-options [get]
 func (l *Login) LoginOptions(c *gin.Context) {
 	ops := service.AllService.OauthService.GetOauthProviders()
-	ops = append(ops, model.OauthTypeWebauth)
+	if global.Config.App.WebSso {
 		ops = append(ops, model.OauthTypeWebauth)
 	}
 	var oidcItems []map[string]string
 	for _, v := range ops {
 		oidcItems = append(oidcItems, map[string]string{"name": v})
--- a/http/controller/api/ouath.go
+++ b/http/controller/api/ouath.go
@@ -1,14 +1,17 @@
 package api
 import (
 	"Gwen/global"
 	"Gwen/http/request/api"
 	"Gwen/http/response"
 	apiResp "Gwen/http/response/api"
 	"Gwen/model"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	"net/http"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/request/api"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	apiResp "github.com/lejianwen/rustdesk-api/v2/http/response/api"
 	"github.com/lejianwen/rustdesk-api/v2/model"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"github.com/lejianwen/rustdesk-api/v2/utils"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
 )
 type Oauth struct {
@@ -32,15 +35,14 @@ func (o *Oauth) OidcAuth(c *gin.Context) {
 	}
 	oauthService := service.AllService.OauthService
-	var code string
+
-	var url string
+	err, state, verifier, nonce, url := oauthService.BeginAuth(c, f.Op)
 	err, code, url = oauthService.BeginAuth(f.Op)
 	if err != nil {
 		response.Error(c, response.TranslateMsg(c, err.Error()))
 		return
 	}
-	service.AllService.OauthService.SetOauthCache(code, &service.OauthCacheItem{
+	service.AllService.OauthService.SetOauthCache(state, &service.OauthCacheItem{
 		Action:     service.OauthActionTypeLogin,
 		Id:         f.Id,
 		Op:         f.Op,
@@ -48,10 +50,12 @@ func (o *Oauth) OidcAuth(c *gin.Context) {
 		DeviceName: f.DeviceInfo.Name,
 		DeviceOs:   f.DeviceInfo.Os,
 		DeviceType: f.DeviceInfo.Type,
 		Verifier:   verifier,
 		Nonce:      nonce,
 	}, 5*60)
 	//fmt.Println("code url", code, url)
 	c.JSON(http.StatusOK, gin.H{
-		"code": code,
+		"code": state,
 		"url":  url,
 	})
 }
@@ -143,7 +147,10 @@ func (o *Oauth) OidcAuthQuery(c *gin.Context) {
 func (o *Oauth) OauthCallback(c *gin.Context) {
 	state := c.Query("state")
 	if state == "" {
-		c.String(http.StatusInternalServerError, response.TranslateParamMsg(c, "ParamIsEmpty", "state"))
+		c.HTML(http.StatusOK, "oauth_fail.html", gin.H{
 			"message":     "ParamIsEmpty",
 			"sub_message": "state",
 		})
 		return
 	}
 	cacheKey := state
@@ -151,17 +158,24 @@ func (o *Oauth) OauthCallback(c *gin.Context) {
 	//从缓存中获取
 	oauthCache := oauthService.GetOauthCache(cacheKey)
 	if oauthCache == nil {
-		c.String(http.StatusInternalServerError, response.TranslateMsg(c, "OauthExpired"))
+		c.HTML(http.StatusOK, "oauth_fail.html", gin.H{
 			"message": "OauthExpired",
 		})
 		return
 	}
 	nonce := oauthCache.Nonce
 	op := oauthCache.Op
 	action := oauthCache.Action
 	verifier := oauthCache.Verifier
 	var user *model.User
 	// 获取用户信息
 	code := c.Query("code")
-	err, oauthUser := oauthService.Callback(code, op)
+	err, oauthUser := oauthService.Callback(c, code, verifier, op, nonce)
 	if err != nil {
-		c.String(http.StatusInternalServerError, response.TranslateMsg(c, "OauthFailed")+response.TranslateMsg(c, err.Error()))
+		c.HTML(http.StatusOK, "oauth_fail.html", gin.H{
 			"message":     "OauthFailed",
 			"sub_message": err.Error(),
 		})
 		return
 	}
 	userId := oauthCache.UserId
@@ -172,28 +186,38 @@ func (o *Oauth) OauthCallback(c *gin.Context) {
 		// 检查此openid是否已经绑定过
 		utr := oauthService.UserThirdInfo(op, openid)
 		if utr.UserId > 0 {
-			c.String(http.StatusInternalServerError, response.TranslateMsg(c, "OauthHasBindOtherUser"))
+			c.HTML(http.StatusOK, "oauth_fail.html", gin.H{
 				"message": "OauthHasBindOtherUser",
 			})
 			return
 		}
 		//绑定
 		user = service.AllService.UserService.InfoById(userId)
 		if user == nil {
-			c.String(http.StatusInternalServerError, response.TranslateMsg(c, "ItemNotFound"))
+			c.HTML(http.StatusOK, "oauth_fail.html", gin.H{
 				"message": "ItemNotFound",
 			})
 			return
 		}
 		//绑定
 		err := oauthService.BindOauthUser(userId, oauthUser, op)
 		if err != nil {
-			c.String(http.StatusInternalServerError, response.TranslateMsg(c, "BindFail"))
+			c.HTML(http.StatusOK, "oauth_fail.html", gin.H{
 				"message": "BindFail",
 			})
 			return
 		}
-		c.String(http.StatusOK, response.TranslateMsg(c, "BindSuccess"))
+		c.HTML(http.StatusOK, "oauth_success.html", gin.H{
 			"message": "BindSuccess",
 		})
 		return
 	} else if action == service.OauthActionTypeLogin {
 		//登录
 		if userId != 0 {
-			c.String(http.StatusInternalServerError, response.TranslateMsg(c, "OauthHasBeenSuccess"))
+			c.HTML(http.StatusOK, "oauth_fail.html", gin.H{
 				"message": "OauthHasBeenSuccess",
 			})
 			return
 		}
 		user = service.AllService.UserService.InfoByOauthId(op, openid)
@@ -202,15 +226,16 @@ func (o *Oauth) OauthCallback(c *gin.Context) {
 			if !*oauthConfig.AutoRegister {
 				//c.String(http.StatusInternalServerError, "还未绑定用户，请先绑定")
 				oauthCache.UpdateFromOauthUser(oauthUser)
-				url := global.Config.Rustdesk.ApiServer + "/_admin/#/oauth/bind/" + cacheKey
+				c.Redirect(http.StatusFound, "/_admin/#/oauth/bind/"+cacheKey)
 				c.Redirect(http.StatusFound, url)
 				return
 			}
 			//自动注册
 			err, user = service.AllService.UserService.RegisterByOauth(oauthUser, op)
 			if err != nil {
-				c.String(http.StatusInternalServerError, response.TranslateMsg(c, err.Error()))
+				c.HTML(http.StatusOK, "oauth_fail.html", gin.H{
 					"message": err.Error(),
 				})
 				return
 			}
 		}
@@ -226,15 +251,54 @@ func (o *Oauth) OauthCallback(c *gin.Context) {
 				Type:     model.LoginLogTypeOauth,
 				Platform: oauthService.DeviceOs,
 			})*/
-			url := global.Config.Rustdesk.ApiServer + "/_admin/#/"
+			c.Redirect(http.StatusFound, "/_admin/#/")
 			c.Redirect(http.StatusFound, url)
 			return
 		}
-		c.String(http.StatusOK, response.TranslateMsg(c, "OauthSuccess"))
+		c.HTML(http.StatusOK, "oauth_success.html", gin.H{
 			"message": "OauthSuccess",
 		})
 		return
 	} else {
-		c.String(http.StatusInternalServerError, response.TranslateMsg(c, "ParamsError"))
+		c.HTML(http.StatusOK, "oauth_fail.html", gin.H{
 			"message": "ParamsError",
 		})
 		return
 	}
 }
 type MessageParams struct {
 	Lang  string `json:"lang" form:"lang"`
 	Title string `json:"title" form:"title"`
 	Msg   string `json:"msg" form:"msg"`
 }
 func (o *Oauth) Message(c *gin.Context) {
 	mp := &MessageParams{}
 	if err := c.ShouldBindQuery(mp); err != nil {
 		return
 	}
 	localizer := global.Localizer(mp.Lang)
 	res := ""
 	if mp.Title != "" {
 		title, err := localizer.LocalizeMessage(&i18n.Message{
 			ID: mp.Title,
 		})
 		if err == nil {
 			res = utils.StringConcat(";title='", title, "';")
 		}
 	}
 	if mp.Msg != "" {
 		msg, err := localizer.LocalizeMessage(&i18n.Message{
 			ID: mp.Msg,
 		})
 		if err == nil {
 			res = utils.StringConcat(res, "msg = '", msg, "';")
 		}
 	}
 	//返回js内容
 	c.Header("Content-Type", "application/javascript")
 	c.String(http.StatusOK, res)
 }
--- a/http/controller/api/peer.go
+++ b/http/controller/api/peer.go
@@ -1,11 +1,12 @@
 package api
 import (
-	requstform "Gwen/http/request/api"
+	"fmt"
 	"Gwen/http/response"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	"github.com/gin-gonic/gin/binding"
 	requstform "github.com/lejianwen/rustdesk-api/v2/http/request/api"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"net/http"
 )
@@ -13,7 +14,7 @@ type Peer struct {
 }
 // SysInfo
-// @Tags 地址
+// @Tags System
 // @Summary 提交系统信息
 // @Description 提交系统信息
 // @Accept  json
@@ -30,7 +31,7 @@ func (p *Peer) SysInfo(c *gin.Context) {
 		return
 	}
 	fpe := f.ToPeer()
-	pe := service.AllService.PeerService.FindById(f.Id)
+	pe := service.AllService.PeerService.FindByUuid(f.Uuid)
 	if pe.RowId == 0 {
 		pe = f.ToPeer()
 		pe.UserId = service.AllService.UserService.FindLatestUserIdFromLoginLogByUuid(pe.Uuid)
@@ -56,3 +57,20 @@ func (p *Peer) SysInfo(c *gin.Context) {
 	//直接响应文本
 	c.String(http.StatusOK, "SYSINFO_UPDATED")
 }
 // SysInfoVer
 // @Tags System
 // @Summary 获取系统版本信息
 // @Description 获取系统版本信息
 // @Accept  json
 // @Produce  json
 // @Success 200 {string} string ""
 // @Failure 500 {object} response.ErrorResponse
 // @Router /sysinfo_ver [post]
 func (p *Peer) SysInfoVer(c *gin.Context) {
 	//读取resources/version文件
 	v := service.AllService.AppService.GetAppVersion()
 	// 加上启动时间，方便client上传信息
 	v = fmt.Sprintf("%s\n%s", v, service.AllService.AppService.GetStartTime())
 	c.String(http.StatusOK, v)
 }
--- a/http/controller/api/user.go
+++ b/http/controller/api/user.go
@@ -1,9 +1,9 @@
 package api
 import (
 	apiResp "Gwen/http/response/api"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	apiResp "github.com/lejianwen/rustdesk-api/v2/http/response/api"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"net/http"
 )
@@ -34,7 +34,7 @@ type User struct {
 // @Produce  json
 // @Success 200 {object} apiResp.UserPayload
 // @Failure 500 {object} response.Response
-// @Router /api [get]
+// @Router /currentUser [get]
 // @Security token
 func (u *User) Info(c *gin.Context) {
 	user := service.AllService.UserService.CurUser(c)
--- a/http/controller/api/webClient.go
+++ b/http/controller/api/webClient.go
@@ -1,11 +1,11 @@
 package api
 import (
 	"Gwen/global"
 	"Gwen/http/response"
 	"Gwen/http/response/api"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/http/response/api"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 	"time"
 )
@@ -26,7 +26,7 @@ func (i *WebClient) ServerConfig(c *gin.Context) {
 	u := service.AllService.UserService.CurUser(c)
 	peers := map[string]*api.WebClientPeerPayload{}
-	abs := service.AllService.AddressBookService.ListByUserId(u.Id, 1, 100)
+	abs := service.AllService.AddressBookService.ListByUserIdAndCollectionId(u.Id, 0, 1, 100)
 	for _, ab := range abs.AddressBooks {
 		pp := &api.WebClientPeerPayload{}
 		pp.FromAddressBook(ab)
@@ -64,12 +64,15 @@ func (i *WebClient) SharedPeer(c *gin.Context) {
 		response.Fail(c, 101, "share not found")
 		return
 	}
-	//判断是否过期,created_at + expire > now
+	if sr.Expire != 0 {
-	ca := time.Time(sr.CreatedAt)
+		//判断是否过期,created_at + expire > now
-	if ca.Add(time.Second * time.Duration(sr.Expire)).Before(time.Now()) {
+		ca := time.Time(sr.CreatedAt)
-		response.Fail(c, 101, "share expired")
+		if ca.Add(time.Second * time.Duration(sr.Expire)).Before(time.Now()) {
-		return
+			response.Fail(c, 101, "share expired")
 			return
 		}
 	}
 	ab := service.AllService.AddressBookService.InfoByUserIdAndId(sr.UserId, sr.PeerId)
 	if ab.RowId == 0 {
 		response.Fail(c, 101, "peer not found")
--- a/http/controller/web/index.go
+++ b/http/controller/web/index.go
@@ -1,8 +1,9 @@
 package web
 import (
-	"Gwen/global"
+	"fmt"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 )
 type Index struct {
@@ -14,11 +15,21 @@ func (i *Index) Index(c *gin.Context) {
 func (i *Index) ConfigJs(c *gin.Context) {
 	apiServer := global.Config.Rustdesk.ApiServer
 	magicQueryonline := global.Config.Rustdesk.WebclientMagicQueryonline
 	tmp := fmt.Sprintf(`localStorage.setItem('api-server', '%v');
 const ws2_prefix = 'wc-';
 localStorage.setItem(ws2_prefix+'api-server', '%v');
-	tmp := `
+window.webclient_magic_queryonline = %d;
-localStorage.setItem('api-server', "` + apiServer + `")
+window.ws_host = '%v';
-const ws2_prefix = 'wc-'
+`, apiServer, apiServer, magicQueryonline, global.Config.Rustdesk.WsHost)
-localStorage.setItem(ws2_prefix+'api-server', "` + apiServer + `")
+	//	tmp := `
-`
+	//localStorage.setItem('api-server', "` + apiServer + `")
 	//const ws2_prefix = 'wc-'
 	//localStorage.setItem(ws2_prefix+'api-server', "` + apiServer + `")
 	//
 	//window.webclient_magic_queryonline = ` + magicQueryonline + ``
 	c.Header("Content-Type", "application/javascript")
 	c.String(200, tmp)
 }
--- a/http/http.go
+++ b/http/http.go
@@ -1,10 +1,10 @@
 package http
 import (
 	"Gwen/global"
 	"Gwen/http/middleware"
 	"Gwen/http/router"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/middleware"
 	"github.com/lejianwen/rustdesk-api/v2/http/router"
 	"github.com/sirupsen/logrus"
 	"net/http"
 	"strings"
@@ -33,7 +33,7 @@ func ApiInit() {
 	g.NoRoute(func(c *gin.Context) {
 		c.String(http.StatusNotFound, "404 not found")
 	})
-	g.Use(middleware.Logger(), gin.Recovery())
+	g.Use(middleware.Logger(), middleware.Limiter(), gin.Recovery())
 	router.WebInit(g)
 	router.Init(g)
 	router.ApiInit(g)
--- a/http/middleware/admin.go
+++ b/http/middleware/admin.go
@@ -1,25 +1,33 @@
 package middleware
 import (
 	"Gwen/http/response"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 )
-// AdminAuth 后台权限验证中间件
+// BackendUserAuth 后台权限验证中间件
-func AdminAuth() gin.HandlerFunc {
+func BackendUserAuth() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		//测试先关闭
 		token := c.GetHeader("api-token")
 		if token == "" {
-			response.Fail(c, 403, "请先登录")
+			response.Fail(c, 403, response.TranslateMsg(c, "NeedLogin"))
 			c.Abort()
 			return
 		}
 		user, ut := service.AllService.UserService.InfoByAccessToken(token)
 		if user.Id == 0 {
-			response.Fail(c, 403, "请先登录")
+			response.Fail(c, 403, response.TranslateMsg(c, "NeedLogin"))
 			c.Abort()
 			return
 		}
 		if !service.AllService.UserService.CheckUserEnable(user) {
 			c.JSON(401, gin.H{
 				"error": "Unauthorized",
 			})
 			c.Abort()
 			return
 		}
--- a/http/middleware/admin_privilege.go
+++ b/http/middleware/admin_privilege.go
@@ -1,9 +1,9 @@
 package middleware
 import (
 	"Gwen/http/response"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 )
 // AdminPrivilege ...
@@ -12,7 +12,7 @@ func AdminPrivilege() gin.HandlerFunc {
 		u := service.AllService.UserService.CurUser(c)
 		if !service.AllService.UserService.IsAdmin(u) {
-			response.Fail(c, 403, "无权限")
+			response.Fail(c, 403, response.TranslateMsg(c, "NoAccess"))
 			c.Abort()
 			return
 		}
--- a/http/middleware/jwt.go
+++ b/http/middleware/jwt.go
@@ -1,10 +1,10 @@
 package middleware
 import (
 	"Gwen/global"
 	"Gwen/http/response"
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 )
 func JwtAuth() gin.HandlerFunc {
@@ -12,18 +12,18 @@ func JwtAuth() gin.HandlerFunc {
 		//测试先关闭
 		token := c.GetHeader("api-token")
 		if token == "" {
-			response.Fail(c, 403, "请先登录")
+			response.Fail(c, 403, response.TranslateMsg(c, "NeedLogin"))
 			c.Abort()
 			return
 		}
 		uid, err := global.Jwt.ParseToken(token)
 		if err != nil {
-			response.Fail(c, 403, "请先登录")
+			response.Fail(c, 403, response.TranslateMsg(c, "NeedLogin"))
 			c.Abort()
 			return
 		}
 		if uid == 0 {
-			response.Fail(c, 403, "请先登录")
+			response.Fail(c, 403, response.TranslateMsg(c, "NeedLogin"))
 			c.Abort()
 			return
 		}
@@ -34,12 +34,12 @@ func JwtAuth() gin.HandlerFunc {
 		//	Username: "测试用户",
 		//}
 		if user.Id == 0 {
-			response.Fail(c, 403, "请先登录")
+			response.Fail(c, 403, response.TranslateMsg(c, "NeedLogin"))
 			c.Abort()
 			return
 		}
 		if !service.AllService.UserService.CheckUserEnable(user) {
-			response.Fail(c, 101, "你已被禁用")
+			response.Fail(c, 101, response.TranslateMsg(c, "Banned"))
 			c.Abort()
 			return
 		}
--- a/http/middleware/limiter.go
+++ b/http/middleware/limiter.go
@@ -0,0 +1,22 @@
 package middleware
 import (
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/http/response"
 	"net/http"
 )
 func Limiter() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		loginLimiter := global.LoginLimiter
 		clientIp := c.ClientIP()
 		banned, _ := loginLimiter.CheckSecurityStatus(clientIp)
 		if banned {
 			response.Fail(c, http.StatusLocked, response.TranslateMsg(c, "Banned"))
 			c.Abort()
 			return
 		}
 		c.Next()
 	}
 }
--- a/http/middleware/logger.go
+++ b/http/middleware/logger.go
@@ -1,8 +1,8 @@
 package middleware
 import (
 	"Gwen/global"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/sirupsen/logrus"
 )
--- a/http/middleware/rustauth.go
+++ b/http/middleware/rustauth.go
@@ -1,8 +1,9 @@
 package middleware
 import (
 	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/lejianwen/rustdesk-api/v2/service"
 )
 func RustAuth() gin.HandlerFunc {
@@ -27,7 +28,21 @@ func RustAuth() gin.HandlerFunc {
 		//提取token，格式是Bearer {token}
 		//这里只是简单的提取
 		token = token[7:]
 		//验证token
 		//检查是否设置了jwt key
 		if len(global.Jwt.Key) > 0 {
 			uid, _ := service.AllService.UserService.VerifyJWT(token)
 			if uid == 0 {
 				c.JSON(401, gin.H{
 					"error": "Unauthorized",
 				})
 				c.Abort()
 				return
 			}
 		}
 		user, ut := service.AllService.UserService.InfoByAccessToken(token)
 		if user.Id == 0 {
 			c.JSON(401, gin.H{
@@ -38,7 +53,7 @@ func RustAuth() gin.HandlerFunc {
 		}
 		if !service.AllService.UserService.CheckUserEnable(user) {
 			c.JSON(401, gin.H{
-				"error": "账号已被禁用",
+				"error": "Unauthorized",
 			})
 			c.Abort()
 			return
--- a/http/request/admin/addressBook.go
+++ b/http/request/admin/addressBook.go
@@ -1,8 +1,8 @@
 package admin
 import (
 	"Gwen/model"
 	"encoding/json"
 	"github.com/lejianwen/rustdesk-api/v2/model"
 )
 type AddressBookForm struct {
--- a/http/request/admin/group.go
+++ b/http/request/admin/group.go
@@ -1,6 +1,6 @@
 package admin
-import "Gwen/model"
+import "github.com/lejianwen/rustdesk-api/v2/model"
 type GroupForm struct {
 	Id   uint   `json:"id"`
@@ -22,3 +22,15 @@ func (gf *GroupForm) ToGroup() *model.Group {
 	group.Type = gf.Type
 	return group
 }
 type DeviceGroupForm struct {
 	Id   uint   `json:"id"`
 	Name string `json:"name" validate:"required"`
 }
 func (gf *DeviceGroupForm) ToDeviceGroup() *model.DeviceGroup {
 	group := &model.DeviceGroup{}
 	group.Id = gf.Id
 	group.Name = gf.Name
 	return group
 }
--- a/http/request/admin/login.go
+++ b/http/request/admin/login.go
@@ -1,9 +1,11 @@
 package admin
 type Login struct {
-	Username string `json:"username" validate:"required" label:"用户名"`
+	Username  string `json:"username" validate:"required" label:"用户名"`
-	Password string `json:"password,omitempty" validate:"required" label:"密码"`
+	Password  string `json:"password,omitempty" validate:"required" label:"密码"`
-	Platform string `json:"platform" label:"平台"`
+	Platform  string `json:"platform" label:"平台"`
 	Captcha   string `json:"captcha,omitempty" label:"验证码"`
 	CaptchaId string `json:"captcha_id,omitempty"`
 }
 type LoginLogQuery struct {
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Plynksiy Nikita	65f0a9e3cf	docs: add note about requiring conf and resources directories (or specifying paths via -c and RUSTDESK_API_GIN_RESOURCES_PATH) when running without docker (#311 )	2025-07-09 09:43:56 +08:00
lejianwen	77836a4e56	feat(user): add remark field to User model and form (#307 )	2025-07-08 12:14:46 +08:00
lejianwen	09f8316bf1	feat: Update database version constant to 264	2025-07-08 12:13:31 +08:00
k3-cat	c52706e621	feat: Improve oauth redirect (#303 ) * fix: redirects after oauth can potentially misalign with server's actually hostname * feat: remove `RedirectURL` from oauth config, as it should checked by provider rather than client * feat: align oauth endpoint with the hostname in requests	2025-07-04 14:30:07 +08:00
k3-cat	17dcff4f43	feat: better autorenewal (#305 )	2025-07-04 14:27:47 +08:00
Plynksiy Nikita	0b39c4e104	feat(password): Password hashing with bcrypt (#290 ) * feat(password): add configurable password hashing with md5 and bcrypt * docs: add password hashing algorithm configuration (bcrypt/md5) * feat(password): better bcrypt fallback and minor refactoring * feat(password): handle errors in password encryption and verification * feat(password): remove password hashing algorithm configuration	2025-06-24 17:23:36 +08:00
Plynksiy Nikita	ee176b314e	feat: Use crypto/rand for secure random string generation (#293 )	2025-06-18 20:47:24 +08:00
Plynksiy Nikita	1ffc9c4a5b	fix: correct typo in build arg FRONTEND_GIT_REPO (#292 )	2025-06-18 20:42:13 +08:00
Plynksiy Nikita	1257246552	feat(i18n): replace hardcoded messages with translated strings (#289 )	2025-06-17 09:05:10 +08:00
lejianwen	2948eaaa5c	chore: Update Go version to 1.23 in build configurations	2025-06-16 15:41:16 +08:00
lejianwen	8641ba5c0c	docs: Update swagger docs	2025-06-16 12:31:48 +08:00
lejianwen	60b7a18fe7	feat: Add PostgreSQL support and refactor MySQL DSN handling (#284 )	2025-06-16 12:26:08 +08:00
lejianwen	ca068816ae	feat: Add start time in /api/sysinfover	2025-06-16 12:23:48 +08:00
lejianwen	06648d9a6c	fix(admin): Use admin-hello first (#274) (#255)	2025-06-15 15:33:12 +08:00
puyujian	8a8abd5163	feat(oauth): 支持linux.do登录 (#280 ) * 支持linux.do登录 * 修正	2025-06-15 15:32:20 +08:00
lejianwen	97f98cd6ce	chore: update download links for musl cross-compilers	2025-06-05 12:14:17 +08:00
lejianwen	51f2920661	fix: Init sqlite fail(#266 )	2025-06-04 09:31:43 +08:00
lejianwen	7a5d141ce8	fix(server): Port custom (#257 )	2025-05-30 12:27:37 +08:00
lejianwen	3cef02a0bb	fix(webclient): Peer online status	2025-05-29 18:51:37 +08:00
lejianwen	46a7ecc1ba	fix: Captcha some problem when users login with same ip	2025-05-27 17:36:20 +08:00
lejianwen	4d2b037f5e	docs: Readme	2025-05-25 17:44:29 +08:00
lejianwen	323364b24e	feat(register): Register status can be set (#223 )	2025-05-25 17:03:13 +08:00
lejianwen	f19109cdf8	feat(login): Captcha upgrade and add the function to ban IP addresses (#250 )	2025-05-25 16:52:58 +08:00
Tao Chen	527260d60a	fix: dn should be case-insensitive (#250 )	2025-05-21 09:07:08 +08:00
lejianwen	46bb44f0ab	fix(webclient): DefaultIdServerPort undefined (#238 )	2025-05-16 20:14:36 +08:00
lejianwen	2f1380f24a	fix(webclient): Remove license warning (#235 )	2025-05-13 13:11:19 +08:00
lejianwen	ece3328e94	feat(webclient): Web client to 1.4.0	2025-05-12 20:16:08 +08:00
lejianwen	fdd26d87be	fix: PageSize (#225 )	2025-05-06 19:08:18 +08:00
lejianwen	2ade0dda42	chore: Noelware/docker-manifest-action	2025-04-25 16:20:36 +08:00
lejianwen	a87ae5cf65	chore: Noelware/docker-manifest-action	2025-04-25 14:34:45 +08:00
lejianwen	fe7b8b53a6	style: Oauth page languages	2025-04-24 21:52:43 +08:00
lejianwen	b929f3efdb	style: Remove useless configurations	2025-04-15 10:52:46 +08:00
lejianwen	f847fc076f	fix: Low case (#149 )	2025-04-15 10:46:21 +08:00
lejianwen	60d0a701ce	fix: Share pwd	2025-04-15 10:09:56 +08:00
lejianwen	0dedaf6824	feat: Peer share to group	2025-04-14 19:12:40 +08:00
lejianwen	ab231b3fed	feat: Add SysInfoVer endpoint and AppService for version retrieval	2025-04-07 16:38:21 +08:00
lejianwen	e7f28cca36	fix: Update peer based on the UUID (#180 )	2025-04-02 09:50:16 +08:00
lejianwen	505e8aac4b	feat: Add Korean translations validator (#168 )	2025-04-02 09:42:29 +08:00
lejianwen	746e2a6052	fix: Get Uuids	2025-03-15 21:02:47 +08:00
lejianwen	dc03d5d83d	style: Update peer last online time logic (#173 )	2025-03-15 21:02:08 +08:00
lejianwen	b770ab178d	feat(admin): Add filter by ip and username (#172 )	2025-03-15 19:49:49 +08:00
Tao Chen	fd7e022e88	fix: rm varify password accidentally (#176 )	2025-03-15 19:40:02 +08:00
lejianwen	ac5df6826b	fix: Init database err (#166 )	2025-03-04 18:14:25 +08:00
lejianwen	91908859bc	docs: Readme	2025-03-04 16:30:12 +08:00
lejianwen	9c8822f857	fix: templates	2025-03-04 16:14:34 +08:00
lejianwen	9709da7fb6	style(webclient): ws-host	2025-03-04 15:48:25 +08:00
lejianwen	1852f10131	feat(config): add ws-host configuration (#156 )	2025-03-04 15:43:25 +08:00
Tao Chen	77d7b43e21	fix: Fix/ldap tls (#162 ) * optimize and fix tls of LDAP * fix	2025-03-02 22:59:01 +08:00
lejianwen	7410b539a0	style(service): refactor global dependencies to use local variables	2025-02-26 19:15:38 +08:00
lejianwen	0403d71502	feat(oauth): Oauth nonce (#148 )	2025-02-26 16:36:53 +08:00
lejianwen	2af1d93a7d	feat(oauth): Oauth callback page beautification (#115 )	2025-02-25 13:51:49 +08:00
lejianwen	76281ad761	feat(api): Add device group for 1.3.8	2025-02-23 21:35:42 +08:00
lejianwen	d1ec9b4916	feat(api): Add /device-group/accessible for 1.3.8	2025-02-23 15:32:44 +08:00
lejianwen	448e7460a9	style(oidc): Oidc style	2025-02-21 09:49:41 +08:00
lejianwen	ee0cbabffc	fix(admin): Admin hello	2025-02-20 19:37:34 +08:00
lejianwen	d6a5af890a	style: No need exec sql on version 261	2025-02-20 19:22:22 +08:00
lejianwen	dc313441e5	fix: Js content-type	2025-02-19 16:04:03 +08:00
Tao Chen	c75320f4f4	feat(oidc): add pkce (#150 )	2025-02-19 09:31:25 +08:00
lejianwen	c788f78416	docs: Readme	2025-02-17 10:59:38 +08:00
lejianwen	49cf954d4a	fix(config)!: Token expire time (#145 ) 将配置中的过期时间单位统一为time.Duration，可以设置为`h`,`m`,`s`	2025-02-17 10:49:59 +08:00
lejianwen	014e3db54f	docs: Readme	2025-02-16 21:06:55 +08:00
lejianwen	6d9c245c81	fix(webclient): port	2025-02-16 14:17:37 +08:00
lejianwen	7fa9b79f31	fix(webclient): port	2025-02-16 14:11:36 +08:00
lejianwen	c7f3d13b7f	fix(webclient): port	2025-02-16 13:33:06 +08:00
lejianwen	46f08a89d2	feat: Login by pwd can be disable --- Closes: #141	2025-02-16 13:06:45 +08:00
lejianwen	0dcfedb4dc	fix(webclient)!: Webclient path is `/ws/(relay\|id)` (#73 #143 #140 ) Webclient 的反代引发了很多问题，现在将在HTTPS下的path固定为`/ws/(relay\|id)` --- Closes: #143 #140	2025-02-16 12:41:32 +08:00
lejianwen	918bf85a2d	style: middleware name	2025-02-12 22:09:52 +08:00
lejianwen	99db5f7190	fix(admin): Admin web title	2025-02-12 21:10:07 +08:00
lejianwen	18eff791b2	style: Module name	2025-02-12 19:46:39 +08:00
lejianwen	624dcacac5	style: generate	2025-02-12 16:56:41 +08:00
lejianwen	878d5fd27c	style: Remove generate	2025-02-12 16:25:04 +08:00
lejianwen	4b893ce0e8	docs: Docs	2025-02-12 16:14:51 +08:00
lejianwen	472524f836	style: Module name	2025-02-12 16:07:51 +08:00
lejianwen	dbf8b23b15	fix: Config watchConfig (#135 ) --- Closes: #135	2025-02-10 10:13:34 +08:00
lejianwen	79a5dd53ae	fix: User disabled can not work (#133 ) --- Closes: #133	2025-02-10 10:13:15 +08:00
Tao Chen	8a5b20685c	fix: When OIDC and LDAP work togethar (#132 #134 ) * fix OIDC create user if LDAP enable * `newUser.GroupId = 1` for ldap * fix	2025-02-10 10:08:49 +08:00
lejianwen	5a9c972de0	docs: Readme	2025-02-09 21:13:01 +08:00
Tao Chen	fc0e67122d	docs: add LDAP info (#130 )	2025-02-09 19:36:31 +08:00
lejianwen	eb642f66ca	docs: Readme	2025-02-07 18:14:12 +08:00
lejianwen	8cac15f7dd	style: Log time	2025-02-07 17:57:28 +08:00
lejianwen	5011e2b7c1	feat: Web sso env (#125 )	2025-02-07 17:52:40 +08:00
lejianwen	b0008143b1	docs: Up readme	2025-02-07 17:52:40 +08:00
lejianwen	a3c3ab5a72	style: Up conf	2025-02-07 17:52:40 +08:00
lejianwen	3a16269215	docs: Up readme	2025-02-07 17:52:40 +08:00
lejianwen	151145b0c3	feat: Random Initial Password for Admin (#117 )	2025-02-07 17:52:39 +08:00
lejianwen	9c794e9d4b	fix(build): Fix no admin in deb (#119 #120 )	2025-02-03 13:29:35 +08:00
lejianwen	01f697d279	fix(api): Add Default Token Expire (#113 )	2025-02-03 13:18:08 +08:00
lejianwen	6cdc37333b	style: webclient	2025-02-03 00:01:10 +08:00
Tao Chen	ae32915565	feat(ldap): Add LDAP * rename: Admin to AdminGroup * update * cleanup * tmp save group mapping * add enableControl(not-test) * verify username exist before create(for LDAP) * add getAllGroupsDn() * rename * adminGroup * enable TLS Verify * init for ldap --------- Co-authored-by: Tao Chen <iamtaochen@outlook.com>	2025-02-02 23:59:52 +08:00
lejianwen	f49457dc5b	feat(webclient): Up to 1.3.7	2025-01-21 19:12:28 +08:00
lejianwen	d9e2e247ea	feat(api): Add api token expire Resolves #109	2025-01-21 18:23:28 +08:00
lejianwen	c6f2f2f150	feat(api): Add api/version Resolves #110	2025-01-20 20:04:22 +08:00
lejianwen	56b9c66cb8	docs: Up Swagger docs	2025-01-20 19:35:47 +08:00
lejianwen	5d8a0d0e1f	style: Add Start Tips	2025-01-20 13:12:45 +08:00
lejianwen	f4cb9beda5	fix(api): Change tag to alphabetical sorting Fixes: #108	2025-01-20 13:07:41 +08:00
lejianwen	b66fc3c06d	fix(docs): Api Route doc	2025-01-19 13:10:43 +08:00
lejianwen	ab2e1a9236	feat(i18n): Add ZH_TW	2025-01-19 13:10:19 +08:00
Jia-Bin	ab77b400a1	Add Traditional Chinese	2025-01-18 23:04:39 +08:00
lejianwen	eb7ab63563	docs: Up readme	2025-01-16 22:01:23 +08:00
lejianwen	4cf7d01622	docs: Up readme	2025-01-16 21:59:46 +08:00
lejianwen	a876078a9c	feat(server): Rustdesk Id Server Port & Relay Server Port #104	2025-01-16 20:57:00 +08:00
lejianwen	495f2ae3c6	refactor(config): Up Config Load	2025-01-16 20:40:42 +08:00
lejianwen	4e6d11baf0	docs: Up readme	2025-01-15 21:56:04 +08:00
lejianwen	a951b982b3	fix: Jwt	2025-01-15 20:26:26 +08:00
lejianwen	a33be66504	docs: Up readme	2025-01-15 20:09:08 +08:00
lejianwen	f41b9d5887	feat!: Add JWT - `RUSTDESK_API_JWT_KEY`如果设置，将会启用JWT，token自动续期功能将失效 - 此功能是为了server端校验token的合法性	2025-01-15 19:25:28 +08:00
lejianwen	3c608463e6	docs: Up readme	2025-01-12 23:12:00 +08:00
lejianwen	eeffbe124a	docs: Up readme	2025-01-12 21:35:34 +08:00
lejianwen	d7f2d54faa	feat(server): Add Rustdesk Relay Server Commands	2025-01-04 20:49:44 +08:00
lejianwen	7db4b03634	style(server): fmt print to log	2025-01-02 21:49:37 +08:00
lejianwen	77760a681a	docs: Up readme	2025-01-02 17:03:07 +08:00
lejianwen	f9c1447ceb	fix: Fix Dockerfile_full_s6	2024-12-31 23:33:17 +08:00
lejianwen	fb749c1902	fix(server): Fix Rustdesk Sys Command	2024-12-31 23:29:05 +08:00
lejianwen	240c44aa07	feat(server): Add Rustdesk Command And add build full s6 image for rustdesk command	2024-12-31 23:16:15 +08:00
lejianwen	92cd8642c8	docs(readme): Up readme Connection timeout issues move to #92	2024-12-30 13:36:57 +08:00
lejianwen	89d90cf919	docs(readme): Up readme Connection timeout issues move to #92	2024-12-30 13:35:06 +08:00
lejianwen	920c6b6d8b	docs(readme): Up readme Connection timeout issues move to #92	2024-12-30 13:33:11 +08:00
lejianwen	1dd4df3a1c	chore(buildTest): add start.bat to run on windows	2024-12-27 20:13:55 +08:00
lejianwen	c7d44cc253	fix(build): add start.bat to run on windows(#89 )	2024-12-27 20:09:08 +08:00
lejianwen	5082ab1893	refactor(admin): Move Admin Web Route to user model	2024-12-27 19:27:33 +08:00
lejianwen	e8b2425222	feat(admin): Add My Login log	2024-12-27 19:25:59 +08:00
lejianwen	09d12cefd8	feat(admin): Support Markdown to welcome msg	2024-12-25 19:21:50 +08:00
lejianwen	5f1166965d	fix(api): Get ab list when personal is disabled (#86 )	2024-12-25 19:04:42 +08:00
lejianwen	0dbab182e9	fix(webclient): share fail when expire is 0 Closes: #88	2024-12-25 15:01:03 +08:00
lejianwen	512f3f99fd	fix(build): fix build_test.yml	2024-12-25 14:06:29 +08:00
lejianwen	6fb4fad705	fix(build): up build.yml to build deb	2024-12-25 13:20:12 +08:00
lejianwen	fa92529e9b	chore(build): up build.yml to build deb	2024-12-25 12:57:11 +08:00
Follow the wind	d6c6051a6c	feat(build): 添加构建deb包相关基础 (#87 ) * 添加构建deb包相关基础 * 补齐工作流，等待验证 * 修复构建时没有创建的data目录保障deb包构建 * 修复其余架构deb包构建中的依赖错误 * 修复：由于小改工作流导致写错架构的问题 * 修复拼写错误导致的目录错误 * 添加上传工件，和发布rel工作流，完成相关事务 --------- Co-authored-by: ymwl <ymwlpoolc@qq.com>	2024-12-25 12:28:51 +08:00
lejianwen	ce063bd3ac	feat(webclient): v1.3.5 -> v1.3.6	2024-12-24 10:25:47 +08:00
lejianwen	4468894dfb	chore(changelog): up build.yml to generate changelog	2024-12-22 14:14:51 +08:00
lejianwen	8b00b919ad	chore(changelog): up build.yml to generate changelog	2024-12-22 14:04:23 +08:00
乐	64f4a6dfac	feat(i18n): Merge pull request #85 from jimmyGALLAND/trans-fr add locale french	2024-12-22 13:57:56 +08:00
jimmyGALLAND	6faa5153b6	add locale french	2024-12-21 22:56:48 +01:00
lejianwen	a771b1e9b0	fix(webclient): remove console.log when query online by new	2024-12-21 21:49:03 +08:00
lejianwen	7750f9c54d	chore(changelog): up build.yml to add changelog	2024-12-21 21:39:11 +08:00
lejianwen	b2d24ee67b	docs(webclient): up readme	2024-12-21 21:31:54 +08:00
lejianwen	589a2a5123	feat(webclient): add new query_online function There may be a loss of performance Therefore, it is not enabled by default	2024-12-21 21:15:06 +08:00
lejianwen	184d3d357d	optimize add ab from peer #84	2024-12-20 11:11:32 +08:00
lejianwen	50b3d85270	up docs and readme	2024-12-18 14:28:06 +08:00
lejianwen	09fdd34ba3	fix captcha	2024-12-18 13:51:06 +08:00
lejianwen	bba10261c5	fix captcha	2024-12-18 13:36:01 +08:00
lejianwen	46bfe54097	add show-swagger config #83	2024-12-18 12:50:09 +08:00
lejianwen	503e7a307e	up docs	2024-12-18 12:44:06 +08:00
lejianwen	821b0a6faf	add captcha #82	2024-12-18 12:43:55 +08:00
lejianwen	d60fdff179	split my from admin	2024-12-17 21:41:56 +08:00
		`@@ -1 +1 @@`
			`👏👏👏 你好 <strong>{{username}}</strong>, 欢迎使用 <a href='https://github.com/lejianwen/rustdesk-api' target='_blank'>RustDesk Api Admin</a>`				`### 👏👏👏 你好 *{{username}}*，欢迎使用 [RustDesk API](https://github.com/lejianwen/rustdesk-api)`
`@@ -1,3 +1,3 @@`
	`package Gwen`	`package main`

	`//go:generate go run cmd/apimain.go`	`//go:generate go run cmd/apimain.go`