feat: update dependencies (aws-sdk-go, go-git, goth and go-jose) to latest (#4729)

.github/workflows/build.yml

@@ -44,6 +44,12 @@ jobs:
           cache-dependency-path: ./web/yarn.lock
       - run: yarn install && CI=false yarn run build
         working-directory: ./web
+      - name: Upload build artifacts
+        if: github.repository == 'casdoor/casdoor' && github.event_name == 'push'
+        uses: actions/upload-artifact@v4
+        with:
+          name: frontend-build-${{ github.run_id }}
+          path: ./web/build
 
   backend:
     name: Back-end
@@ -146,39 +152,95 @@ jobs:
           name: cypress-videos
           path: ./web/cypress/videos
 
-  release-and-push:
-    name: Release And Push
+  tag-release:
+    name: Create Tag
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      issues: write
     if: github.repository == 'casdoor/casdoor' && github.event_name == 'push'
     needs: [ frontend, backend, linter, e2e ]
+    outputs:
+      new-release-published: ${{ steps.semantic.outputs.new_release_published }}
+      new-release-version: ${{ steps.semantic.outputs.new_release_version }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Create Tag with Semantic Release
+        id: semantic
+        uses: cycjimmy/semantic-release-action@v4
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  github-release:
+    name: GitHub Release
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      issues: write
+    if: github.repository == 'casdoor/casdoor' && github.event_name == 'push' && needs.tag-release.outputs.new-release-published == 'true'
+    needs: [ tag-release ]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Free disk space
+        uses: jlumbroso/free-disk-space@v1.3.1
+        with:
+          tool-cache: false
+          android: true
+          dotnet: true
+          haskell: true
+          large-packages: true
+          swap-storage: true
+
+      - name: Download frontend build artifacts
+        uses: actions/download-artifact@v4
+        with:
+          name: frontend-build-${{ github.run_id }}
+          path: ./web/build
+
+      - name: Prepare Go caches
+        run: |
+          echo "GOMODCACHE=$RUNNER_TEMP/gomod" >> $GITHUB_ENV
+          echo "GOCACHE=$RUNNER_TEMP/gocache" >> $GITHUB_ENV
+          go clean -cache -modcache -testcache -fuzzcache
+
+      - name: Run GoReleaser
+        uses: goreleaser/goreleaser-action@v6
+        with:
+          distribution: goreleaser
+          version: '~> v2'
+          args: release --clean
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  docker-release:
+    name: Docker Release
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      issues: write
+    if: github.repository == 'casdoor/casdoor' && github.event_name == 'push' && needs.tag-release.outputs.new-release-published == 'true'
+    needs: [ tag-release ]
     steps:
       - name: Checkout
         uses: actions/checkout@v3
         with:
           fetch-depth: -1
-      - name: Setup Node.js
-        uses: actions/setup-node@v3
-        with:
-          node-version: 20
 
       - name: Fetch Previous version
         id: get-previous-tag
         uses: actions-ecosystem/action-get-latest-tag@v1.6.0
 
-      - name: Release
-        run: yarn global add semantic-release@17.4.4 && semantic-release
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Fetch Current version
-        id: get-current-tag
-        uses: actions-ecosystem/action-get-latest-tag@v1.6.0
-
       - name: Decide Should_Push Or Not
         id: should_push
         run: |
           old_version=${{steps.get-previous-tag.outputs.tag}}
-          new_version=${{steps.get-current-tag.outputs.tag }}
+          new_version=${{ needs.tag-release.outputs.new-release-version }}
 
           old_array=(${old_version//\./ })
           new_array=(${new_version//\./ })
@@ -217,7 +279,7 @@ jobs:
           target: STANDARD
           platforms: linux/amd64,linux/arm64
           push: true
-          tags: casbin/casdoor:${{steps.get-current-tag.outputs.tag }},casbin/casdoor:latest
+          tags: casbin/casdoor:${{ needs.tag-release.outputs.new-release-version }},casbin/casdoor:latest
 
       - name: Push All In One Version to Docker Hub
         uses: docker/build-push-action@v3
@@ -227,7 +289,7 @@ jobs:
           target: ALLINONE
           platforms: linux/amd64,linux/arm64
           push: true
-          tags: casbin/casdoor-all-in-one:${{steps.get-current-tag.outputs.tag }},casbin/casdoor-all-in-one:latest
+          tags: casbin/casdoor-all-in-one:${{ needs.tag-release.outputs.new-release-version }},casbin/casdoor-all-in-one:latest
 
       - uses: actions/checkout@v3
         if: steps.should_push.outputs.push=='true'
@@ -240,8 +302,8 @@ jobs:
         if: steps.should_push.outputs.push=='true'
         run: |
           # Set the appVersion and version of the chart to the current tag
-          sed -i "s/appVersion: .*/appVersion: ${{steps.get-current-tag.outputs.tag }}/g" ./charts/casdoor/Chart.yaml
-          sed -i "s/version: .*/version: ${{steps.get-current-tag.outputs.tag }}/g" ./charts/casdoor/Chart.yaml
+          sed -i "s/appVersion: .*/appVersion: ${{ needs.tag-release.outputs.new-release-version }}/g" ./charts/casdoor/Chart.yaml
+          sed -i "s/version: .*/version: ${{ needs.tag-release.outputs.new-release-version }}/g" ./charts/casdoor/Chart.yaml
 
           REGISTRY=oci://registry-1.docker.io/casbin
           cd charts/casdoor
@@ -255,6 +317,6 @@ jobs:
           git config --global user.name "casbin-bot"
           git config --global user.email "bot@casbin.org"
           git add Chart.yaml index.yaml
-          git commit -m "chore(helm): bump helm charts appVersion to ${{steps.get-current-tag.outputs.tag }}"
-          git tag ${{steps.get-current-tag.outputs.tag }}
+          git commit -m "chore(helm): bump helm charts appVersion to ${{ needs.tag-release.outputs.new-release-version }}"
+          git tag ${{ needs.tag-release.outputs.new-release-version }}
           git push origin HEAD:master --follow-tags

.goreleaser.yaml

@@ -0,0 +1,54 @@
+# This is an example .goreleaser.yml file with some sensible defaults.
+# Make sure to check the documentation at https://goreleaser.com
+
+# The lines below are called `modelines`. See `:help modeline`
+# Feel free to remove those if you don't want/need to use them.
+# yaml-language-server: $schema=https://goreleaser.com/static/schema.json
+# vim: set ts=2 sw=2 tw=0 fo=cnqoj
+
+version: 2
+
+before:
+  hooks:
+    # You may remove this if you don't use go modules.
+    - go mod tidy
+    # you may remove this if you don't need go generate
+    #- go generate ./...
+
+builds:
+  - env:
+      - CGO_ENABLED=0
+    goos:
+      - linux
+      - windows
+      - darwin
+    goarch:
+      - amd64
+      - arm64
+
+archives:
+  - format: tar.gz
+    # this name template makes the OS and Arch compatible with the results of `uname`.
+    name_template: >-
+      {{ .ProjectName }}_
+      {{- title .Os }}_
+      {{- if eq .Arch "amd64" }}x86_64
+      {{- else if eq .Arch "386" }}i386
+      {{- else }}{{ .Arch }}{{ end }}
+      {{- if .Arm }}v{{ .Arm }}{{ end }}
+    # use zip for windows archives
+    format_overrides:
+      - goos: windows
+        format: zip
+    files:
+      - src: 'web/build'
+        dst: './web/build'
+      - src: 'conf/app.conf'
+        dst: './conf/app.conf'
+
+changelog:
+  sort: asc
+  filters:
+    exclude:
+      - "^docs:"
+      - "^test:"

conf/conf.go

@@ -21,7 +21,7 @@ import (
 	"strconv"
 	"strings"
 
-	"github.com/beego/beego"
+	"github.com/beego/beego/v2/server/web"
 )
 
 func init() {
@@ -29,7 +29,7 @@ func init() {
 	presetConfigItems := []string{"httpport", "appname"}
 	for _, key := range presetConfigItems {
 		if value, ok := os.LookupEnv(key); ok {
-			err := beego.AppConfig.Set(key, value)
+			err := web.AppConfig.Set(key, value)
 			if err != nil {
 				panic(err)
 			}
@@ -42,12 +42,13 @@ func GetConfigString(key string) string {
 		return value
 	}
 
-	res := beego.AppConfig.String(key)
+	res, _ := web.AppConfig.String(key)
 	if res == "" {
 		if key == "staticBaseUrl" {
 			res = "https://cdn.casbin.org"
 		} else if key == "logConfig" {
-			res = fmt.Sprintf("{\"filename\": \"logs/%s.log\", \"maxdays\":99999, \"perm\":\"0770\"}", beego.AppConfig.String("appname"))
+			appname, _ := web.AppConfig.String("appname")
+			res = fmt.Sprintf("{\"filename\": \"logs/%s.log\", \"maxdays\":99999, \"perm\":\"0770\"}", appname)
 		}
 	}
 

conf/conf_quota.go

@@ -17,7 +17,7 @@ package conf
 import (
 	"encoding/json"
 
-	"github.com/beego/beego"
+	"github.com/beego/beego/v2/server/web"
 )
 
 type Quota struct {
@@ -34,7 +34,7 @@ func init() {
 }
 
 func initQuota() {
-	res := beego.AppConfig.String("quota")
+	res, _ := web.AppConfig.String("quota")
 	if res != "" {
 		err := json.Unmarshal([]byte(res), quota)
 		if err != nil {

conf/conf_test.go

@@ -18,7 +18,7 @@ import (
 	"os"
 	"testing"
 
-	"github.com/beego/beego"
+	"github.com/beego/beego/v2/server/web"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -38,7 +38,7 @@ func TestGetConfString(t *testing.T) {
 	os.Setenv("appname", "casbin")
 	os.Setenv("key", "value")
 
-	err := beego.LoadAppConfig("ini", "app.conf")
+	err := web.LoadAppConfig("ini", "app.conf")
 	assert.Nil(t, err)
 
 	for _, scenery := range scenarios {
@@ -62,7 +62,7 @@ func TestGetConfInt(t *testing.T) {
 	// do some set up job
 	os.Setenv("httpport", "8001")
 
-	err := beego.LoadAppConfig("ini", "app.conf")
+	err := web.LoadAppConfig("ini", "app.conf")
 	assert.Nil(t, err)
 
 	for _, scenery := range scenarios {
@@ -83,7 +83,7 @@ func TestGetConfBool(t *testing.T) {
 		{"Should be return false", "copyrequestbody", true},
 	}
 
-	err := beego.LoadAppConfig("ini", "app.conf")
+	err := web.LoadAppConfig("ini", "app.conf")
 	assert.Nil(t, err)
 	for _, scenery := range scenarios {
 		t.Run(scenery.description, func(t *testing.T) {
@@ -102,7 +102,7 @@ func TestGetConfigQuota(t *testing.T) {
 		{"default", &Quota{-1, -1, -1, -1}},
 	}
 
-	err := beego.LoadAppConfig("ini", "app.conf")
+	err := web.LoadAppConfig("ini", "app.conf")
 	assert.Nil(t, err)
 	for _, scenery := range scenarios {
 		quota := GetConfigQuota()
@@ -118,7 +118,7 @@ func TestGetConfigLogs(t *testing.T) {
 		{"Default log config", `{"adapter":"file", "filename": "logs/casdoor.log", "maxdays":99999, "perm":"0770"}`},
 	}
 
-	err := beego.LoadAppConfig("ini", "app.conf")
+	err := web.LoadAppConfig("ini", "app.conf")
 	assert.Nil(t, err)
 	for _, scenery := range scenarios {
 		quota := GetConfigString("logConfig")

controllers/account.go

@@ -15,6 +15,7 @@
 package controllers
 
 import (
+	"context"
 	"encoding/json"
 	"fmt"
 	"net/http"
@@ -345,7 +346,7 @@ func (c *ApiController) Logout() {
 			c.ResponseError(err.Error())
 			return
 		}
-		_, err = object.DeleteSessionId(util.GetSessionId(owner, username, object.CasdoorApplication), c.Ctx.Input.CruSession.SessionID())
+		_, err = object.DeleteSessionId(util.GetSessionId(owner, username, object.CasdoorApplication), c.Ctx.Input.CruSession.SessionID(context.Background()))
 		if err != nil {
 			c.ResponseError(err.Error())
 			return
@@ -398,7 +399,7 @@ func (c *ApiController) Logout() {
 			return
 		}
 
-		_, err = object.DeleteSessionId(util.GetSessionId(owner, username, object.CasdoorApplication), c.Ctx.Input.CruSession.SessionID())
+		_, err = object.DeleteSessionId(util.GetSessionId(owner, username, object.CasdoorApplication), c.Ctx.Input.CruSession.SessionID(context.Background()))
 		if err != nil {
 			c.ResponseError(err.Error())
 			return
@@ -431,7 +432,8 @@ func (c *ApiController) Logout() {
 // SsoLogout
 // @Title SsoLogout
 // @Tag Login API
-// @Description logout the current user from all applications
+// @Description logout the current user from all applications or current session only
+// @Param   logoutAll   query    string  false     "Whether to logout from all sessions. Accepted values: 'true', '1', or empty (default: true). Any other value means false."
 // @Success 200 {object} controllers.Response The Response object
 // @router /sso-logout [get,post]
 func (c *ApiController) SsoLogout() {
@@ -442,6 +444,11 @@ func (c *ApiController) SsoLogout() {
 		return
 	}
 
+	// Check if user wants to logout from all sessions or just current session
+	// Default is true for backward compatibility
+	logoutAll := c.Ctx.Input.Query("logoutAll")
+	logoutAllSessions := logoutAll == "" || logoutAll == "true" || logoutAll == "1"
+
 	c.ClearUserSession()
 	c.ClearTokenSession()
 	owner, username, err := util.GetOwnerAndNameFromIdWithError(user)
@@ -449,37 +456,62 @@ func (c *ApiController) SsoLogout() {
 		c.ResponseError(err.Error())
 		return
 	}
-	_, err = object.DeleteSessionId(util.GetSessionId(owner, username, object.CasdoorApplication), c.Ctx.Input.CruSession.SessionID())
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	_, err = object.ExpireTokenByUser(owner, username)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
-	}
-
-	sessions, err := object.GetUserSessions(owner, username)
+
+	currentSessionId := c.Ctx.Input.CruSession.SessionID(context.Background())
+	_, err = object.DeleteSessionId(util.GetSessionId(owner, username, object.CasdoorApplication), currentSessionId)
 	if err != nil {
 		c.ResponseError(err.Error())
 		return
 	}
 
+	var tokens []*object.Token
 	var sessionIds []string
-	for _, session := range sessions {
-		sessionIds = append(sessionIds, session.SessionId...)
-	}
-	object.DeleteBeegoSession(sessionIds)
 
-	_, err = object.DeleteAllUserSessions(owner, username)
-	if err != nil {
-		c.ResponseError(err.Error())
-		return
+	if logoutAllSessions {
+		// Logout from all sessions: expire all tokens and delete all sessions
+		// Get tokens before expiring them (for session-level logout notification)
+		tokens, err = object.GetTokensByUser(owner, username)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+
+		_, err = object.ExpireTokenByUser(owner, username)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+
+		sessions, err := object.GetUserSessions(owner, username)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+
+		for _, session := range sessions {
+			sessionIds = append(sessionIds, session.SessionId...)
+		}
+		object.DeleteBeegoSession(sessionIds)
+
+		_, err = object.DeleteAllUserSessions(owner, username)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+
+		util.LogInfo(c.Ctx, "API: [%s] logged out from all applications", user)
+	} else {
+		// Logout from current session only
+		sessionIds = []string{currentSessionId}
+
+		// Only delete the current session's Beego session
+		object.DeleteBeegoSession(sessionIds)
+
+		util.LogInfo(c.Ctx, "API: [%s] logged out from current session", user)
 	}
 
 	// Send SSO logout notifications to all notification providers in the user's signup application
+	// Now includes session-level information for targeted logout
 	userObj, err := object.GetUser(user)
 	if err != nil {
 		c.ResponseError(err.Error())
@@ -487,15 +519,13 @@ func (c *ApiController) SsoLogout() {
 	}
 
 	if userObj != nil {
-		err = object.SendSsoLogoutNotifications(userObj)
+		err = object.SendSsoLogoutNotifications(userObj, sessionIds, tokens)
 		if err != nil {
 			c.ResponseError(err.Error())
 			return
 		}
 	}
 
-	util.LogInfo(c.Ctx, "API: [%s] logged out from all applications", user)
-
 	c.ResponseOk()
 }
 
@@ -512,7 +542,7 @@ func (c *ApiController) GetAccount() {
 		return
 	}
 
-	managedAccounts := c.Input().Get("managedAccounts")
+	managedAccounts := c.Ctx.Input.Query("managedAccounts")
 	if managedAccounts == "1" {
 		user, err = object.ExtendManagedAccountsWithUser(user)
 		if err != nil {
@@ -630,8 +660,8 @@ func (c *ApiController) GetUserinfo2() {
 // @router /get-captcha [get]
 // @Success 200 {object} object.Userinfo The Response object
 func (c *ApiController) GetCaptcha() {
-	applicationId := c.Input().Get("applicationId")
-	isCurrentProvider := c.Input().Get("isCurrentProvider")
+	applicationId := c.Ctx.Input.Query("applicationId")
+	isCurrentProvider := c.Ctx.Input.Query("isCurrentProvider")
 
 	captchaProvider, err := object.GetCaptchaProviderByApplication(applicationId, isCurrentProvider, c.GetAcceptLanguage())
 	if err != nil {

controllers/adapter.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -30,13 +30,13 @@ import (
 // @Success 200 {array} object.Adapter The Response object
 // @router /get-adapters [get]
 func (c *ApiController) GetAdapters() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
 
 	if limit == "" || page == "" {
 		adapters, err := object.GetAdapters(owner)
@@ -54,7 +54,7 @@ func (c *ApiController) GetAdapters() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		adapters, err := object.GetPaginationAdapters(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -73,7 +73,7 @@ func (c *ApiController) GetAdapters() {
 // @Success 200 {object} object.Adapter The Response object
 // @router /get-adapter [get]
 func (c *ApiController) GetAdapter() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	adapter, err := object.GetAdapter(id)
 	if err != nil {
@@ -93,7 +93,7 @@ func (c *ApiController) GetAdapter() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /update-adapter [post]
 func (c *ApiController) UpdateAdapter() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var adapter object.Adapter
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &adapter)

controllers/application.go

@@ -18,7 +18,7 @@ import (
 	"encoding/json"
 	"fmt"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -32,14 +32,14 @@ import (
 // @router /get-applications [get]
 func (c *ApiController) GetApplications() {
 	userId := c.GetSessionUsername()
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-	organization := c.Input().Get("organization")
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
+	organization := c.Ctx.Input.Query("organization")
 	var err error
 	if limit == "" || page == "" {
 		var applications []*object.Application
@@ -61,7 +61,7 @@ func (c *ApiController) GetApplications() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		application, err := object.GetPaginationApplications(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -82,7 +82,7 @@ func (c *ApiController) GetApplications() {
 // @router /get-application [get]
 func (c *ApiController) GetApplication() {
 	userId := c.GetSessionUsername()
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	application, err := object.GetApplication(id)
 	if err != nil {
@@ -90,7 +90,7 @@ func (c *ApiController) GetApplication() {
 		return
 	}
 
-	if c.Input().Get("withKey") != "" && application != nil && application.Cert != "" {
+	if c.Ctx.Input.Query("withKey") != "" && application != nil && application.Cert != "" {
 		cert, err := object.GetCert(util.GetId(application.Owner, application.Cert))
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -125,7 +125,7 @@ func (c *ApiController) GetApplication() {
 // @router /get-user-application [get]
 func (c *ApiController) GetUserApplication() {
 	userId := c.GetSessionUsername()
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	user, err := object.GetUser(id)
 	if err != nil {
@@ -159,14 +159,14 @@ func (c *ApiController) GetUserApplication() {
 // @router /get-organization-applications [get]
 func (c *ApiController) GetOrganizationApplications() {
 	userId := c.GetSessionUsername()
-	organization := c.Input().Get("organization")
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	organization := c.Ctx.Input.Query("organization")
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
 
 	if organization == "" {
 		c.ResponseError(c.T("general:Missing parameter") + ": organization")
@@ -196,7 +196,7 @@ func (c *ApiController) GetOrganizationApplications() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		applications, err := object.GetPaginationOrganizationApplications(owner, organization, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -223,7 +223,7 @@ func (c *ApiController) GetOrganizationApplications() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /update-application [post]
 func (c *ApiController) UpdateApplication() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var application object.Application
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &application)

controllers/auth.go

@@ -15,6 +15,7 @@
 package controllers
 
 import (
+	"context"
 	"encoding/base64"
 	"encoding/json"
 	"encoding/xml"
@@ -27,7 +28,7 @@ import (
 	"strings"
 	"time"
 
-	"github.com/beego/beego"
+	"github.com/beego/beego/v2/server/web"
 	"github.com/casdoor/casdoor/captcha"
 	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/form"
@@ -151,14 +152,14 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
 		util.LogInfo(c.Ctx, "API: [%s] signed in", userId)
 		resp = &Response{Status: "ok", Msg: "", Data: userId, Data3: user.NeedUpdatePassword}
 	} else if form.Type == ResponseTypeCode {
-		clientId := c.Input().Get("clientId")
-		responseType := c.Input().Get("responseType")
-		redirectUri := c.Input().Get("redirectUri")
-		scope := c.Input().Get("scope")
-		state := c.Input().Get("state")
-		nonce := c.Input().Get("nonce")
-		challengeMethod := c.Input().Get("code_challenge_method")
-		codeChallenge := c.Input().Get("code_challenge")
+		clientId := c.Ctx.Input.Query("clientId")
+		responseType := c.Ctx.Input.Query("responseType")
+		redirectUri := c.Ctx.Input.Query("redirectUri")
+		scope := c.Ctx.Input.Query("scope")
+		state := c.Ctx.Input.Query("state")
+		nonce := c.Ctx.Input.Query("nonce")
+		challengeMethod := c.Ctx.Input.Query("code_challenge_method")
+		codeChallenge := c.Ctx.Input.Query("code_challenge")
 
 		if challengeMethod != "S256" && challengeMethod != "null" && challengeMethod != "" {
 			c.ResponseError(c.T("auth:Challenge method should be S256"))
@@ -180,8 +181,8 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
 		if !object.IsGrantTypeValid(form.Type, application.GrantTypes) {
 			resp = &Response{Status: "error", Msg: fmt.Sprintf("error: grant_type: %s is not supported in this application", form.Type), Data: ""}
 		} else {
-			scope := c.Input().Get("scope")
-			nonce := c.Input().Get("nonce")
+			scope := c.Ctx.Input.Query("scope")
+			nonce := c.Ctx.Input.Query("nonce")
 			token, _ := object.GetTokenByUser(application, user, scope, nonce, c.Ctx.Request.Host)
 			resp = tokenToResponse(token)
 
@@ -227,7 +228,7 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
 		}
 	} else if form.Type == ResponseTypeCas {
 		// not oauth but CAS SSO protocol
-		service := c.Input().Get("service")
+		service := c.Ctx.Input.Query("service")
 		resp = wrapErrorResponse(nil)
 		if service != "" {
 			st, err := object.GenerateCasToken(userId, service)
@@ -246,9 +247,18 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
 		resp = wrapErrorResponse(fmt.Errorf("unknown response type: %s", form.Type))
 	}
 
-	// if user did not check auto signin
-	if resp.Status == "ok" && !form.AutoSignin {
-		c.setExpireForSession()
+	// For all successful logins, set the session expiration; if auto signin is not checked, cap it at 24 hours.
+	if resp.Status == "ok" {
+		expireInHours := application.CookieExpireInHours
+
+		if expireInHours == 0 {
+			expireInHours = 720
+		}
+
+		if !form.AutoSignin && expireInHours > 24 {
+			expireInHours = 24
+		}
+		c.setExpireForSession(expireInHours)
 	}
 
 	if application.EnableExclusiveSignin {
@@ -260,7 +270,7 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
 
 		for _, session := range sessions {
 			for _, sid := range session.SessionId {
-				err := beego.GlobalSessions.GetProvider().SessionDestroy(sid)
+				err := web.GlobalSessions.GetProvider().SessionDestroy(context.Background(), sid)
 				if err != nil {
 					c.ResponseError(err.Error(), nil)
 					return
@@ -274,7 +284,7 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
 			Owner:       user.Owner,
 			Name:        user.Name,
 			Application: application.Name,
-			SessionId:   []string{c.Ctx.Input.CruSession.SessionID()},
+			SessionId:   []string{c.Ctx.Input.CruSession.SessionID(context.Background())},
 
 			ExclusiveSignin: application.EnableExclusiveSignin,
 		})
@@ -299,14 +309,14 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
 // @Success 200 {object} controllers.Response The Response object
 // @router /get-app-login [get]
 func (c *ApiController) GetApplicationLogin() {
-	clientId := c.Input().Get("clientId")
-	responseType := c.Input().Get("responseType")
-	redirectUri := c.Input().Get("redirectUri")
-	scope := c.Input().Get("scope")
-	state := c.Input().Get("state")
-	id := c.Input().Get("id")
-	loginType := c.Input().Get("type")
-	userCode := c.Input().Get("userCode")
+	clientId := c.Ctx.Input.Query("clientId")
+	responseType := c.Ctx.Input.Query("responseType")
+	redirectUri := c.Ctx.Input.Query("redirectUri")
+	scope := c.Ctx.Input.Query("scope")
+	state := c.Ctx.Input.Query("state")
+	id := c.Ctx.Input.Query("id")
+	loginType := c.Ctx.Input.Query("type")
+	userCode := c.Ctx.Input.Query("userCode")
 
 	var application *object.Application
 	var msg string
@@ -417,7 +427,7 @@ func checkMfaEnable(c *ApiController, user *object.User, organization *object.Or
 		}
 		if len(mfaAllowList) >= 1 {
 			c.SetSession("verificationCodeType", verificationType)
-			c.Ctx.Input.CruSession.SessionRelease(c.Ctx.ResponseWriter)
+			c.Ctx.Input.CruSession.SessionRelease(context.Background(), c.Ctx.ResponseWriter)
 			c.ResponseOk(object.NextMfa, mfaAllowList)
 			return true
 		}
@@ -1147,8 +1157,8 @@ func (c *ApiController) Login() {
 }
 
 func (c *ApiController) GetSamlLogin() {
-	providerId := c.Input().Get("id")
-	relayState := c.Input().Get("relayState")
+	providerId := c.Ctx.Input.Query("id")
+	relayState := c.Ctx.Input.Query("relayState")
 	authURL, method, err := object.GenerateSamlRequest(providerId, relayState, c.Ctx.Request.Host, c.GetAcceptLanguage())
 	if err != nil {
 		c.ResponseError(err.Error())
@@ -1158,8 +1168,8 @@ func (c *ApiController) GetSamlLogin() {
 }
 
 func (c *ApiController) HandleSamlLogin() {
-	relayState := c.Input().Get("RelayState")
-	samlResponse := c.Input().Get("SAMLResponse")
+	relayState := c.Ctx.Input.Query("RelayState")
+	samlResponse := c.Ctx.Input.Query("SAMLResponse")
 	decode, err := base64.StdEncoding.DecodeString(relayState)
 	if err != nil {
 		c.ResponseError(err.Error())
@@ -1191,9 +1201,9 @@ func (c *ApiController) HandleOfficialAccountEvent() {
 		c.ResponseError(err.Error())
 		return
 	}
-	signature := c.Input().Get("signature")
-	timestamp := c.Input().Get("timestamp")
-	nonce := c.Input().Get("nonce")
+	signature := c.Ctx.Input.Query("signature")
+	timestamp := c.Ctx.Input.Query("timestamp")
+	nonce := c.Ctx.Input.Query("nonce")
 	var data struct {
 		MsgType      string `xml:"MsgType"`
 		Event        string `xml:"Event"`
@@ -1251,7 +1261,7 @@ func (c *ApiController) HandleOfficialAccountEvent() {
 // @Param   ticket     query    string  true        "The eventId of QRCode"
 // @Success 200 {object} controllers.Response The Response object
 func (c *ApiController) GetWebhookEventType() {
-	ticket := c.Input().Get("ticket")
+	ticket := c.Ctx.Input.Query("ticket")
 
 	idp.Lock.RLock()
 	_, ok := idp.WechatCacheMap[ticket]
@@ -1271,7 +1281,7 @@ func (c *ApiController) GetWebhookEventType() {
 // @Param   id     query    string  true        "The id ( owner/name ) of provider"
 // @Success 200 {object} controllers.Response The Response object
 func (c *ApiController) GetQRCode() {
-	providerId := c.Input().Get("id")
+	providerId := c.Ctx.Input.Query("id")
 	provider, err := object.GetProvider(providerId)
 	if err != nil {
 		c.ResponseError(err.Error())
@@ -1299,9 +1309,9 @@ func (c *ApiController) GetQRCode() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /get-captcha-status [get]
 func (c *ApiController) GetCaptchaStatus() {
-	organization := c.Input().Get("organization")
-	userId := c.Input().Get("userId")
-	applicationName := c.Input().Get("application")
+	organization := c.Ctx.Input.Query("organization")
+	userId := c.Ctx.Input.Query("userId")
+	applicationName := c.Ctx.Input.Query("application")
 
 	application, err := object.GetApplication(fmt.Sprintf("admin/%s", applicationName))
 	if err != nil {
@@ -1344,8 +1354,8 @@ func (c *ApiController) Callback() {
 // @router /device-auth [post]
 // @Success 200 {object} object.DeviceAuthResponse The Response object
 func (c *ApiController) DeviceAuth() {
-	clientId := c.Input().Get("client_id")
-	scope := c.Input().Get("scope")
+	clientId := c.Ctx.Input.Query("client_id")
+	scope := c.Ctx.Input.Query("scope")
 	application, err := object.GetApplicationByClientId(clientId)
 	if err != nil {
 		c.Data["json"] = object.TokenError{

controllers/base.go

@@ -15,11 +15,12 @@
 package controllers
 
 import (
+	"context"
 	"strings"
 	"time"
 
-	"github.com/beego/beego"
-	"github.com/beego/beego/logs"
+	"github.com/beego/beego/v2/core/logs"
+	"github.com/beego/beego/v2/server/web"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -27,7 +28,7 @@ import (
 // ApiController
 // controller for handlers under /api uri
 type ApiController struct {
-	beego.Controller
+	web.Controller
 }
 
 // RootController
@@ -168,6 +169,7 @@ func (c *ApiController) GetSessionApplication() *object.Application {
 func (c *ApiController) ClearUserSession() {
 	c.SetSessionUsername("")
 	c.SetSessionData(nil)
+	_ = c.SessionRegenerateID()
 }
 
 func (c *ApiController) ClearTokenSession() {
@@ -236,16 +238,19 @@ func (c *ApiController) setMfaUserSession(userId string) {
 }
 
 func (c *ApiController) getMfaUserSession() string {
-	userId := c.Ctx.Input.CruSession.Get(object.MfaSessionUserId)
+	userId := c.Ctx.Input.CruSession.Get(context.Background(), object.MfaSessionUserId)
 	if userId == nil {
 		return ""
 	}
 	return userId.(string)
 }
 
-func (c *ApiController) setExpireForSession() {
+func (c *ApiController) setExpireForSession(cookieExpireInHours int64) {
 	timestamp := time.Now().Unix()
-	timestamp += 3600 * 24
+	if cookieExpireInHours == 0 {
+		cookieExpireInHours = 720
+	}
+	timestamp += 3600 * cookieExpireInHours
 	c.SetSessionData(&SessionData{
 		ExpireTime: timestamp,
 	})

controllers/cas.go

@@ -41,8 +41,8 @@ func queryUnescape(service string) string {
 }
 
 func (c *RootController) CasValidate() {
-	ticket := c.Input().Get("ticket")
-	service := c.Input().Get("service")
+	ticket := c.Ctx.Input.Query("ticket")
+	service := c.Ctx.Input.Query("service")
 	c.Ctx.Output.Header("Content-Type", "text/html; charset=utf-8")
 	if service == "" || ticket == "" {
 		c.Ctx.Output.Body([]byte("no\n"))
@@ -60,8 +60,8 @@ func (c *RootController) CasValidate() {
 }
 
 func (c *RootController) CasServiceValidate() {
-	ticket := c.Input().Get("ticket")
-	format := c.Input().Get("format")
+	ticket := c.Ctx.Input.Query("ticket")
+	format := c.Ctx.Input.Query("format")
 	if !strings.HasPrefix(ticket, "ST") {
 		c.sendCasAuthenticationResponseErr(InvalidTicket, fmt.Sprintf("Ticket %s not recognized", ticket), format)
 	}
@@ -75,8 +75,8 @@ func (c *RootController) CasProxyValidate() {
 }
 
 func (c *RootController) CasP3ServiceValidate() {
-	ticket := c.Input().Get("ticket")
-	format := c.Input().Get("format")
+	ticket := c.Ctx.Input.Query("ticket")
+	format := c.Ctx.Input.Query("format")
 	if !strings.HasPrefix(ticket, "ST") {
 		c.sendCasAuthenticationResponseErr(InvalidTicket, fmt.Sprintf("Ticket %s not recognized", ticket), format)
 	}
@@ -84,10 +84,10 @@ func (c *RootController) CasP3ServiceValidate() {
 }
 
 func (c *RootController) CasP3ProxyValidate() {
-	ticket := c.Input().Get("ticket")
-	format := c.Input().Get("format")
-	service := c.Input().Get("service")
-	pgtUrl := c.Input().Get("pgtUrl")
+	ticket := c.Ctx.Input.Query("ticket")
+	format := c.Ctx.Input.Query("format")
+	service := c.Ctx.Input.Query("service")
+	pgtUrl := c.Ctx.Input.Query("pgtUrl")
 
 	serviceResponse := object.CasServiceResponse{
 		Xmlns: "http://www.yale.edu/tp/cas",
@@ -161,9 +161,9 @@ func (c *RootController) CasP3ProxyValidate() {
 }
 
 func (c *RootController) CasProxy() {
-	pgt := c.Input().Get("pgt")
-	targetService := c.Input().Get("targetService")
-	format := c.Input().Get("format")
+	pgt := c.Ctx.Input.Query("pgt")
+	targetService := c.Ctx.Input.Query("targetService")
+	format := c.Ctx.Input.Query("format")
 	if pgt == "" || targetService == "" {
 		c.sendCasProxyResponseErr(InvalidRequest, "pgt and targetService must exist", format)
 		return
@@ -200,7 +200,7 @@ func (c *RootController) CasProxy() {
 
 func (c *RootController) SamlValidate() {
 	c.Ctx.Output.Header("Content-Type", "text/xml; charset=utf-8")
-	target := c.Input().Get("TARGET")
+	target := c.Ctx.Input.Query("TARGET")
 	body := c.Ctx.Input.RequestBody
 	envelopRequest := struct {
 		XMLName xml.Name `xml:"Envelope"`

controllers/casbin_api.go

@@ -34,11 +34,11 @@ import (
 // @Success 200 {object} controllers.Response The Response object
 // @router /enforce [post]
 func (c *ApiController) Enforce() {
-	permissionId := c.Input().Get("permissionId")
-	modelId := c.Input().Get("modelId")
-	resourceId := c.Input().Get("resourceId")
-	enforcerId := c.Input().Get("enforcerId")
-	owner := c.Input().Get("owner")
+	permissionId := c.Ctx.Input.Query("permissionId")
+	modelId := c.Ctx.Input.Query("modelId")
+	resourceId := c.Ctx.Input.Query("resourceId")
+	enforcerId := c.Ctx.Input.Query("enforcerId")
+	owner := c.Ctx.Input.Query("owner")
 
 	params := []string{permissionId, modelId, resourceId, enforcerId, owner}
 	nonEmpty := 0
@@ -180,10 +180,10 @@ func (c *ApiController) Enforce() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /batch-enforce [post]
 func (c *ApiController) BatchEnforce() {
-	permissionId := c.Input().Get("permissionId")
-	modelId := c.Input().Get("modelId")
-	enforcerId := c.Input().Get("enforcerId")
-	owner := c.Input().Get("owner")
+	permissionId := c.Ctx.Input.Query("permissionId")
+	modelId := c.Ctx.Input.Query("modelId")
+	enforcerId := c.Ctx.Input.Query("enforcerId")
+	owner := c.Ctx.Input.Query("owner")
 
 	params := []string{permissionId, modelId, enforcerId, owner}
 	nonEmpty := 0
@@ -304,7 +304,7 @@ func (c *ApiController) BatchEnforce() {
 }
 
 func (c *ApiController) GetAllObjects() {
-	userId := c.Input().Get("userId")
+	userId := c.Ctx.Input.Query("userId")
 	if userId == "" {
 		userId = c.GetSessionUsername()
 		if userId == "" {
@@ -323,7 +323,7 @@ func (c *ApiController) GetAllObjects() {
 }
 
 func (c *ApiController) GetAllActions() {
-	userId := c.Input().Get("userId")
+	userId := c.Ctx.Input.Query("userId")
 	if userId == "" {
 		userId = c.GetSessionUsername()
 		if userId == "" {
@@ -342,7 +342,7 @@ func (c *ApiController) GetAllActions() {
 }
 
 func (c *ApiController) GetAllRoles() {
-	userId := c.Input().Get("userId")
+	userId := c.Ctx.Input.Query("userId")
 	if userId == "" {
 		userId = c.GetSessionUsername()
 		if userId == "" {

controllers/casbin_cli_api.go

@@ -169,8 +169,8 @@ func (c *ApiController) RunCasbinCommand() {
 		return
 	}
 
-	language := c.Input().Get("language")
-	argString := c.Input().Get("args")
+	language := c.Ctx.Input.Query("language")
+	argString := c.Ctx.Input.Query("args")
 
 	if language == "" {
 		language = "go"
@@ -262,10 +262,10 @@ func (c *ApiController) RunCasbinCommand() {
 // @Param hash string The SHA-256 hash string
 // @Return error Returns error if validation fails, nil if successful
 func validateIdentifier(c *ApiController) error {
-	language := c.Input().Get("language")
-	args := c.Input().Get("args")
-	hash := c.Input().Get("m")
-	timestamp := c.Input().Get("t")
+	language := c.Ctx.Input.Query("language")
+	args := c.Ctx.Input.Query("args")
+	hash := c.Ctx.Input.Query("m")
+	timestamp := c.Ctx.Input.Query("t")
 
 	if hash == "" || timestamp == "" || language == "" || args == "" {
 		return fmt.Errorf("invalid identifier")

controllers/cert.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -30,13 +30,13 @@ import (
 // @Success 200 {array} object.Cert The Response object
 // @router /get-certs [get]
 func (c *ApiController) GetCerts() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
 
 	if limit == "" || page == "" {
 		certs, err := object.GetMaskedCerts(object.GetCerts(owner))
@@ -54,7 +54,7 @@ func (c *ApiController) GetCerts() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		certs, err := object.GetMaskedCerts(object.GetPaginationCerts(owner, paginator.Offset(), limit, field, value, sortField, sortOrder))
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -72,12 +72,12 @@ func (c *ApiController) GetCerts() {
 // @Success 200 {array} object.Cert The Response object
 // @router /get-global-certs [get]
 func (c *ApiController) GetGlobalCerts() {
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
 
 	if limit == "" || page == "" {
 		certs, err := object.GetMaskedCerts(object.GetGlobalCerts())
@@ -95,7 +95,7 @@ func (c *ApiController) GetGlobalCerts() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		certs, err := object.GetMaskedCerts(object.GetPaginationGlobalCerts(paginator.Offset(), limit, field, value, sortField, sortOrder))
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -114,7 +114,7 @@ func (c *ApiController) GetGlobalCerts() {
 // @Success 200 {object} object.Cert The Response object
 // @router /get-cert [get]
 func (c *ApiController) GetCert() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 	cert, err := object.GetCert(id)
 	if err != nil {
 		c.ResponseError(err.Error())
@@ -133,7 +133,7 @@ func (c *ApiController) GetCert() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /update-cert [post]
 func (c *ApiController) UpdateCert() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var cert object.Cert
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &cert)

controllers/cli_downloader.go

@@ -15,7 +15,7 @@ import (
 	"strings"
 	"time"
 
-	"github.com/beego/beego"
+	"github.com/beego/beego/v2/server/web"
 	"github.com/casdoor/casdoor/proxy"
 	"github.com/casdoor/casdoor/util"
 )
@@ -446,13 +446,13 @@ func downloadCLI() error {
 // @Success 200 {object} controllers.Response The Response object
 // @router /refresh-engines [post]
 func (c *ApiController) RefreshEngines() {
-	if !beego.AppConfig.DefaultBool("isDemoMode", false) {
+	if !web.AppConfig.DefaultBool("isDemoMode", false) {
 		c.ResponseError("refresh engines is only available in demo mode")
 		return
 	}
 
-	hash := c.Input().Get("m")
-	timestamp := c.Input().Get("t")
+	hash := c.Ctx.Input.Query("m")
+	timestamp := c.Ctx.Input.Query("t")
 
 	if hash == "" || timestamp == "" {
 		c.ResponseError("invalid identifier")
@@ -498,7 +498,7 @@ func (c *ApiController) RefreshEngines() {
 // @Title ScheduleCLIUpdater
 // @Description Start periodic CLI update scheduler
 func ScheduleCLIUpdater() {
-	if !beego.AppConfig.DefaultBool("isDemoMode", false) {
+	if !web.AppConfig.DefaultBool("isDemoMode", false) {
 		return
 	}
 
@@ -526,7 +526,7 @@ func DownloadCLI() error {
 // @Title InitCLIDownloader
 // @Description Initialize CLI downloader and start update scheduler
 func InitCLIDownloader() {
-	if !beego.AppConfig.DefaultBool("isDemoMode", false) {
+	if !web.AppConfig.DefaultBool("isDemoMode", false) {
 		return
 	}
 

controllers/enforcer.go

@@ -18,7 +18,7 @@ import (
 	"encoding/json"
 	"fmt"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 	xormadapter "github.com/casdoor/xorm-adapter/v3"
@@ -32,13 +32,13 @@ import (
 // @Success 200 {array} object.Enforcer
 // @router /get-enforcers [get]
 func (c *ApiController) GetEnforcers() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
 
 	if limit == "" || page == "" {
 		enforcers, err := object.GetEnforcers(owner)
@@ -56,7 +56,7 @@ func (c *ApiController) GetEnforcers() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		enforcers, err := object.GetPaginationEnforcers(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -75,8 +75,8 @@ func (c *ApiController) GetEnforcers() {
 // @Success 200 {object} object.Enforcer
 // @router /get-enforcer [get]
 func (c *ApiController) GetEnforcer() {
-	id := c.Input().Get("id")
-	loadModelCfg := c.Input().Get("loadModelCfg")
+	id := c.Ctx.Input.Query("id")
+	loadModelCfg := c.Ctx.Input.Query("loadModelCfg")
 
 	enforcer, err := object.GetEnforcer(id)
 	if err != nil {
@@ -105,7 +105,7 @@ func (c *ApiController) GetEnforcer() {
 // @Success 200 {object} object.Enforcer
 // @router /update-enforcer [post]
 func (c *ApiController) UpdateEnforcer() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	enforcer := object.Enforcer{}
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &enforcer)
@@ -165,8 +165,8 @@ func (c *ApiController) DeleteEnforcer() {
 // @Success 200 {array} xormadapter.CasbinRule
 // @router /get-policies [get]
 func (c *ApiController) GetPolicies() {
-	id := c.Input().Get("id")
-	adapterId := c.Input().Get("adapterId")
+	id := c.Ctx.Input.Query("id")
+	adapterId := c.Ctx.Input.Query("adapterId")
 
 	if adapterId != "" {
 		adapter, err := object.GetAdapter(adapterId)
@@ -207,7 +207,7 @@ func (c *ApiController) GetPolicies() {
 // @Success 200 {array} xormadapter.CasbinRule
 // @router /get-filtered-policies [post]
 func (c *ApiController) GetFilteredPolicies() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var filters []object.Filter
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &filters)
@@ -234,7 +234,7 @@ func (c *ApiController) GetFilteredPolicies() {
 // @Success 200 {object} Response
 // @router /update-policy [post]
 func (c *ApiController) UpdatePolicy() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var policies []xormadapter.CasbinRule
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &policies)
@@ -261,7 +261,7 @@ func (c *ApiController) UpdatePolicy() {
 // @Success 200 {object} Response
 // @router /add-policy [post]
 func (c *ApiController) AddPolicy() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var policy xormadapter.CasbinRule
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &policy)
@@ -288,7 +288,7 @@ func (c *ApiController) AddPolicy() {
 // @Success 200 {object} Response
 // @router /remove-policy [post]
 func (c *ApiController) RemovePolicy() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var policy xormadapter.CasbinRule
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &policy)

controllers/face.go

@@ -33,8 +33,8 @@ import (
 // @Success 200 {object} controllers.Response The Response object
 // @router /faceid-signin-begin [get]
 func (c *ApiController) FaceIDSigninBegin() {
-	userOwner := c.Input().Get("owner")
-	userName := c.Input().Get("name")
+	userOwner := c.Ctx.Input.Query("owner")
+	userName := c.Ctx.Input.Query("name")
 
 	user, err := object.GetUserByFields(userOwner, userName)
 	if err != nil {

controllers/form.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -46,13 +46,13 @@ func (c *ApiController) GetGlobalForms() {
 // @Success 200 {array} object.Form The Response object
 // @router /get-forms [get]
 func (c *ApiController) GetForms() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
 
 	if limit == "" || page == "" {
 		forms, err := object.GetForms(owner)
@@ -70,7 +70,7 @@ func (c *ApiController) GetForms() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		forms, err := object.GetPaginationForms(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -88,7 +88,7 @@ func (c *ApiController) GetForms() {
 // @Success 200 {object} object.Form The Response object
 // @router /get-form [get]
 func (c *ApiController) GetForm() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	form, err := object.GetForm(id)
 	if err != nil {
@@ -108,7 +108,7 @@ func (c *ApiController) GetForm() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /update-form [post]
 func (c *ApiController) UpdateForm() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var form object.Form
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &form)

controllers/get-dashboard.go

@@ -23,7 +23,7 @@ import "github.com/casdoor/casdoor/object"
 // @Success 200 {object} controllers.Response The Response object
 // @router /get-dashboard [get]
 func (c *ApiController) GetDashboard() {
-	owner := c.Input().Get("owner")
+	owner := c.Ctx.Input.Query("owner")
 
 	data, err := object.GetDashboard(owner)
 	if err != nil {

controllers/group.go

@@ -17,7 +17,7 @@ import (
 	"encoding/json"
 	"fmt"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -30,14 +30,14 @@ import (
 // @Success 200 {array} object.Group The Response object
 // @router /get-groups [get]
 func (c *ApiController) GetGroups() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-	withTree := c.Input().Get("withTree")
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
+	withTree := c.Ctx.Input.Query("withTree")
 
 	if limit == "" || page == "" {
 		groups, err := object.GetGroups(owner)
@@ -66,7 +66,7 @@ func (c *ApiController) GetGroups() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		groups, err := object.GetPaginationGroups(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -109,7 +109,7 @@ func (c *ApiController) GetGroups() {
 // @Success 200 {object} object.Group The Response object
 // @router /get-group [get]
 func (c *ApiController) GetGroup() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	group, err := object.GetGroup(id)
 	if err != nil {
@@ -135,7 +135,7 @@ func (c *ApiController) GetGroup() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /update-group [post]
 func (c *ApiController) UpdateGroup() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var group object.Group
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &group)

controllers/invitation.go

@@ -19,7 +19,7 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -32,13 +32,13 @@ import (
 // @Success 200 {array} object.Invitation The Response object
 // @router /get-invitations [get]
 func (c *ApiController) GetInvitations() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
 
 	if limit == "" || page == "" {
 		invitations, err := object.GetInvitations(owner)
@@ -56,7 +56,7 @@ func (c *ApiController) GetInvitations() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		invitations, err := object.GetPaginationInvitations(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -75,7 +75,7 @@ func (c *ApiController) GetInvitations() {
 // @Success 200 {object} object.Invitation The Response object
 // @router /get-invitation [get]
 func (c *ApiController) GetInvitation() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	invitation, err := object.GetInvitation(id)
 	if err != nil {
@@ -94,8 +94,8 @@ func (c *ApiController) GetInvitation() {
 // @Success 200 {object} object.Invitation The Response object
 // @router /get-invitation-info [get]
 func (c *ApiController) GetInvitationCodeInfo() {
-	code := c.Input().Get("code")
-	applicationId := c.Input().Get("applicationId")
+	code := c.Ctx.Input.Query("code")
+	applicationId := c.Ctx.Input.Query("applicationId")
 
 	application, err := object.GetApplication(applicationId)
 	if err != nil {
@@ -125,7 +125,7 @@ func (c *ApiController) GetInvitationCodeInfo() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /update-invitation [post]
 func (c *ApiController) UpdateInvitation() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var invitation object.Invitation
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &invitation)
@@ -184,7 +184,7 @@ func (c *ApiController) DeleteInvitation() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /verify-invitation [get]
 func (c *ApiController) VerifyInvitation() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	payment, attachInfo, err := object.VerifyInvitation(id)
 	if err != nil {
@@ -204,7 +204,7 @@ func (c *ApiController) VerifyInvitation() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /send-invitation [post]
 func (c *ApiController) SendInvitation() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var destinations []string
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &destinations)

controllers/ldap.go

@@ -46,7 +46,7 @@ type LdapSyncResp struct {
 // @Success 200 {object} controllers.LdapResp The Response object
 // @router /get-ldap-users [get]
 func (c *ApiController) GetLdapUsers() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	_, ldapId, err := util.GetOwnerAndNameFromIdWithError(id)
 	if err != nil {
@@ -114,7 +114,7 @@ func (c *ApiController) GetLdapUsers() {
 // @Success 200 {array} object.Ldap The Response object
 // @router /get-ldaps [get]
 func (c *ApiController) GetLdaps() {
-	owner := c.Input().Get("owner")
+	owner := c.Ctx.Input.Query("owner")
 
 	c.ResponseOk(object.GetMaskedLdaps(object.GetLdaps(owner)))
 }
@@ -127,7 +127,7 @@ func (c *ApiController) GetLdaps() {
 // @Success 200 {object} object.Ldap The Response object
 // @router /get-ldap [get]
 func (c *ApiController) GetLdap() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	if util.IsStringsEmpty(id) {
 		c.ResponseError(c.T("general:Missing parameter"))
@@ -266,7 +266,7 @@ func (c *ApiController) DeleteLdap() {
 // @Success 200 {object} controllers.LdapSyncResp The Response object
 // @router /sync-ldap-users [post]
 func (c *ApiController) SyncLdapUsers() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	owner, ldapId, err := util.GetOwnerAndNameFromIdWithError(id)
 	if err != nil {

controllers/model.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -30,13 +30,13 @@ import (
 // @Success 200 {array} object.Model The Response object
 // @router /get-models [get]
 func (c *ApiController) GetModels() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
 
 	if limit == "" || page == "" {
 		models, err := object.GetModels(owner)
@@ -54,7 +54,7 @@ func (c *ApiController) GetModels() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		models, err := object.GetPaginationModels(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -73,7 +73,7 @@ func (c *ApiController) GetModels() {
 // @Success 200 {object} object.Model The Response object
 // @router /get-model [get]
 func (c *ApiController) GetModel() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	model, err := object.GetModel(id)
 	if err != nil {
@@ -93,7 +93,7 @@ func (c *ApiController) GetModel() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /update-model [post]
 func (c *ApiController) UpdateModel() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var model object.Model
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &model)

controllers/oidc_discovery.go

@@ -85,11 +85,12 @@ func (c *RootController) GetJwksByApplication() {
 // @Success 200 {object} object.WebFinger
 // @router /.well-known/webfinger [get]
 func (c *RootController) GetWebFinger() {
-	resource := c.Input().Get("resource")
+	resource := c.Ctx.Input.Query("resource")
 	rels := []string{}
 	host := c.Ctx.Request.Host
 
-	for key, value := range c.Input() {
+	inputs, _ := c.Input()
+	for key, value := range inputs {
 		if strings.HasPrefix(key, "rel") {
 			rels = append(rels, value...)
 		}
@@ -115,11 +116,12 @@ func (c *RootController) GetWebFinger() {
 // @router /.well-known/:application/webfinger [get]
 func (c *RootController) GetWebFingerByApplication() {
 	application := c.Ctx.Input.Param(":application")
-	resource := c.Input().Get("resource")
+	resource := c.Ctx.Input.Query("resource")
 	rels := []string{}
 	host := c.Ctx.Request.Host
 
-	for key, value := range c.Input() {
+	inputs, _ := c.Input()
+	for key, value := range inputs {
 		if strings.HasPrefix(key, "rel") {
 			rels = append(rels, value...)
 		}

controllers/order.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -30,13 +30,13 @@ import (
 // @Success 200 {array} object.Order The Response object
 // @router /get-orders [get]
 func (c *ApiController) GetOrders() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
 
 	if limit == "" || page == "" {
 		orders, err := object.GetOrders(owner)
@@ -54,7 +54,7 @@ func (c *ApiController) GetOrders() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		orders, err := object.GetPaginationOrders(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -74,8 +74,8 @@ func (c *ApiController) GetOrders() {
 // @Success 200 {array} object.Order The Response object
 // @router /get-user-orders [get]
 func (c *ApiController) GetUserOrders() {
-	owner := c.Input().Get("owner")
-	user := c.Input().Get("user")
+	owner := c.Ctx.Input.Query("owner")
+	user := c.Ctx.Input.Query("user")
 
 	orders, err := object.GetUserOrders(owner, user)
 	if err != nil {
@@ -94,7 +94,7 @@ func (c *ApiController) GetUserOrders() {
 // @Success 200 {object} object.Order The Response object
 // @router /get-order [get]
 func (c *ApiController) GetOrder() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	order, err := object.GetOrder(id)
 	if err != nil {
@@ -114,7 +114,7 @@ func (c *ApiController) GetOrder() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /update-order [post]
 func (c *ApiController) UpdateOrder() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var order object.Order
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &order)

controllers/order_pay.go

@@ -34,11 +34,11 @@ import (
 // @Success 200 {object} object.Order The Response object
 // @router /place-order [post]
 func (c *ApiController) PlaceOrder() {
-	productId := c.Input().Get("productId")
-	pricingName := c.Input().Get("pricingName")
-	planName := c.Input().Get("planName")
-	customPriceStr := c.Input().Get("customPrice")
-	paidUserName := c.Input().Get("userName")
+	productId := c.Ctx.Input.Query("productId")
+	pricingName := c.Ctx.Input.Query("pricingName")
+	planName := c.Ctx.Input.Query("planName")
+	customPriceStr := c.Ctx.Input.Query("customPrice")
+	paidUserName := c.Ctx.Input.Query("userName")
 
 	if productId == "" {
 		c.ResponseError(c.T("general:ProductId is required"))
@@ -107,10 +107,10 @@ func (c *ApiController) PlaceOrder() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /pay-order [post]
 func (c *ApiController) PayOrder() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 	host := c.Ctx.Request.Host
-	providerName := c.Input().Get("providerName")
-	paymentEnv := c.Input().Get("paymentEnv")
+	providerName := c.Ctx.Input.Query("providerName")
+	paymentEnv := c.Ctx.Input.Query("paymentEnv")
 
 	order, err := object.GetOrder(id)
 	if err != nil {
@@ -146,7 +146,7 @@ func (c *ApiController) PayOrder() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /cancel-order [post]
 func (c *ApiController) CancelOrder() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 	order, err := object.GetOrder(id)
 	if err != nil {
 		c.ResponseError(err.Error())

controllers/organization.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -30,14 +30,14 @@ import (
 // @Success 200 {array} object.Organization The Response object
 // @router /get-organizations [get]
 func (c *ApiController) GetOrganizations() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-	organizationName := c.Input().Get("organizationName")
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
+	organizationName := c.Ctx.Input.Query("organizationName")
 
 	isGlobalAdmin := c.IsGlobalAdmin()
 	if limit == "" || page == "" {
@@ -71,7 +71,7 @@ func (c *ApiController) GetOrganizations() {
 				return
 			}
 
-			paginator := pagination.SetPaginator(c.Ctx, limit, count)
+			paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 			organizations, err := object.GetMaskedOrganizations(object.GetPaginationOrganizations(owner, organizationName, paginator.Offset(), limit, field, value, sortField, sortOrder))
 			if err != nil {
 				c.ResponseError(err.Error())
@@ -91,7 +91,7 @@ func (c *ApiController) GetOrganizations() {
 // @Success 200 {object} object.Organization The Response object
 // @router /get-organization [get]
 func (c *ApiController) GetOrganization() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 	organization, err := object.GetMaskedOrganization(object.GetOrganization(id))
 	if err != nil {
 		c.ResponseError(err.Error())
@@ -114,7 +114,7 @@ func (c *ApiController) GetOrganization() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /update-organization [post]
 func (c *ApiController) UpdateOrganization() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var organization object.Organization
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &organization)
@@ -205,7 +205,7 @@ func (c *ApiController) DeleteOrganization() {
 // @router /get-default-application [get]
 func (c *ApiController) GetDefaultApplication() {
 	userId := c.GetSessionUsername()
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	application, err := object.GetDefaultApplication(id)
 	if err != nil {
@@ -225,7 +225,7 @@ func (c *ApiController) GetDefaultApplication() {
 // @Success 200 {array} object.Organization The Response object
 // @router /get-organization-names [get]
 func (c *ApiController) GetOrganizationNames() {
-	owner := c.Input().Get("owner")
+	owner := c.Ctx.Input.Query("owner")
 	organizationNames, err := object.GetOrganizationsByFields(owner, []string{"name", "display_name"}...)
 	if err != nil {
 		c.ResponseError(err.Error())

controllers/payment.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -30,13 +30,13 @@ import (
 // @Success 200 {array} object.Payment The Response object
 // @router /get-payments [get]
 func (c *ApiController) GetPayments() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
 
 	if limit == "" || page == "" {
 		payments, err := object.GetPayments(owner)
@@ -54,7 +54,7 @@ func (c *ApiController) GetPayments() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		payments, err := object.GetPaginationPayments(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -75,8 +75,8 @@ func (c *ApiController) GetPayments() {
 // @Success 200 {array} object.Payment The Response object
 // @router /get-user-payments [get]
 func (c *ApiController) GetUserPayments() {
-	owner := c.Input().Get("owner")
-	user := c.Input().Get("user")
+	owner := c.Ctx.Input.Query("owner")
+	user := c.Ctx.Input.Query("user")
 
 	payments, err := object.GetUserPayments(owner, user)
 	if err != nil {
@@ -95,7 +95,7 @@ func (c *ApiController) GetUserPayments() {
 // @Success 200 {object} object.Payment The Response object
 // @router /get-payment [get]
 func (c *ApiController) GetPayment() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	payment, err := object.GetPayment(id)
 	if err != nil {
@@ -115,7 +115,7 @@ func (c *ApiController) GetPayment() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /update-payment [post]
 func (c *ApiController) UpdatePayment() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var payment object.Payment
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &payment)
@@ -196,7 +196,7 @@ func (c *ApiController) NotifyPayment() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /invoice-payment [post]
 func (c *ApiController) InvoicePayment() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	payment, err := object.GetPayment(id)
 	if err != nil {

controllers/permission.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -30,13 +30,13 @@ import (
 // @Success 200 {array} object.Permission The Response object
 // @router /get-permissions [get]
 func (c *ApiController) GetPermissions() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
 
 	if limit == "" || page == "" {
 		permissions, err := object.GetPermissions(owner)
@@ -54,7 +54,7 @@ func (c *ApiController) GetPermissions() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		permissions, err := object.GetPaginationPermissions(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -94,7 +94,7 @@ func (c *ApiController) GetPermissionsBySubmitter() {
 // @Success 200 {array} object.Permission The Response object
 // @router /get-permissions-by-role [get]
 func (c *ApiController) GetPermissionsByRole() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 	permissions, err := object.GetPermissionsByRole(id)
 	if err != nil {
 		c.ResponseError(err.Error())
@@ -112,7 +112,7 @@ func (c *ApiController) GetPermissionsByRole() {
 // @Success 200 {object} object.Permission The Response object
 // @router /get-permission [get]
 func (c *ApiController) GetPermission() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	permission, err := object.GetPermission(id)
 	if err != nil {
@@ -132,7 +132,7 @@ func (c *ApiController) GetPermission() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /update-permission [post]
 func (c *ApiController) UpdatePermission() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var permission object.Permission
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &permission)

controllers/plan.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -30,13 +30,13 @@ import (
 // @Success 200 {array} object.Plan The Response object
 // @router /get-plans [get]
 func (c *ApiController) GetPlans() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
 
 	if limit == "" || page == "" {
 		plans, err := object.GetPlans(owner)
@@ -54,7 +54,7 @@ func (c *ApiController) GetPlans() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		plan, err := object.GetPaginatedPlans(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -74,8 +74,8 @@ func (c *ApiController) GetPlans() {
 // @Success 200 {object} object.Plan The Response object
 // @router /get-plan [get]
 func (c *ApiController) GetPlan() {
-	id := c.Input().Get("id")
-	includeOption := c.Input().Get("includeOption") == "true"
+	id := c.Ctx.Input.Query("id")
+	includeOption := c.Ctx.Input.Query("includeOption") == "true"
 
 	plan, err := object.GetPlan(id)
 	if err != nil {
@@ -107,7 +107,7 @@ func (c *ApiController) GetPlan() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /update-plan [post]
 func (c *ApiController) UpdatePlan() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 	owner := util.GetOwnerFromId(id)
 	var plan object.Plan
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &plan)

controllers/pricing.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -30,13 +30,13 @@ import (
 // @Success 200 {array} object.Pricing The Response object
 // @router /get-pricings [get]
 func (c *ApiController) GetPricings() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
 
 	if limit == "" || page == "" {
 		pricings, err := object.GetPricings(owner)
@@ -54,7 +54,7 @@ func (c *ApiController) GetPricings() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		pricing, err := object.GetPaginatedPricings(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -73,7 +73,7 @@ func (c *ApiController) GetPricings() {
 // @Success 200 {object} object.Pricing The Response object
 // @router /get-pricing [get]
 func (c *ApiController) GetPricing() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	pricing, err := object.GetPricing(id)
 	if err != nil {
@@ -93,7 +93,7 @@ func (c *ApiController) GetPricing() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /update-pricing [post]
 func (c *ApiController) UpdatePricing() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var pricing object.Pricing
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &pricing)

controllers/product.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -30,13 +30,13 @@ import (
 // @Success 200 {array} object.Product The Response object
 // @router /get-products [get]
 func (c *ApiController) GetProducts() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
 
 	if limit == "" || page == "" {
 		products, err := object.GetProducts(owner)
@@ -54,7 +54,7 @@ func (c *ApiController) GetProducts() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		products, err := object.GetPaginationProducts(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -73,7 +73,7 @@ func (c *ApiController) GetProducts() {
 // @Success 200 {object} object.Product The Response object
 // @router /get-product [get]
 func (c *ApiController) GetProduct() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	product, err := object.GetProduct(id)
 	if err != nil {
@@ -99,7 +99,7 @@ func (c *ApiController) GetProduct() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /update-product [post]
 func (c *ApiController) UpdateProduct() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var product object.Product
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &product)

controllers/provider.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -30,13 +30,13 @@ import (
 // @Success 200 {array} object.Provider The Response object
 // @router /get-providers [get]
 func (c *ApiController) GetProviders() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
 
 	ok, isMaskEnabled := c.IsMaskedEnabled()
 	if !ok {
@@ -59,7 +59,7 @@ func (c *ApiController) GetProviders() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		paginationProviders, err := object.GetPaginationProviders(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -78,12 +78,12 @@ func (c *ApiController) GetProviders() {
 // @Success 200 {array} object.Provider The Response object
 // @router /get-global-providers [get]
 func (c *ApiController) GetGlobalProviders() {
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
 
 	ok, isMaskEnabled := c.IsMaskedEnabled()
 	if !ok {
@@ -106,7 +106,7 @@ func (c *ApiController) GetGlobalProviders() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		paginationGlobalProviders, err := object.GetPaginationGlobalProviders(paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -126,7 +126,7 @@ func (c *ApiController) GetGlobalProviders() {
 // @Success 200 {object} object.Provider The Response object
 // @router /get-provider [get]
 func (c *ApiController) GetProvider() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	ok, isMaskEnabled := c.IsMaskedEnabled()
 	if !ok {
@@ -164,7 +164,7 @@ func (c *ApiController) requireProviderPermission(provider *object.Provider) boo
 // @Success 200 {object} controllers.Response The Response object
 // @router /update-provider [post]
 func (c *ApiController) UpdateProvider() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var provider object.Provider
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &provider)

controllers/record.go

@@ -19,7 +19,7 @@ import (
 
 	"github.com/casvisor/casvisor-go-sdk/casvisorsdk"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -38,13 +38,13 @@ func (c *ApiController) GetRecords() {
 		return
 	}
 
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-	organizationName := c.Input().Get("organizationName")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
+	organizationName := c.Ctx.Input.Query("organizationName")
 
 	if limit == "" || page == "" {
 		records, err := object.GetRecords()
@@ -66,7 +66,7 @@ func (c *ApiController) GetRecords() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		records, err := object.GetPaginationRecords(paginator.Offset(), limit, field, value, sortField, sortOrder, filterRecord)
 		if err != nil {
 			c.ResponseError(err.Error())

controllers/resource.go

@@ -24,7 +24,7 @@ import (
 	"path/filepath"
 	"strings"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -44,14 +44,14 @@ import (
 // @Success		200 		{array} 	object.Resource 	The Response object
 // @router /get-resources [get]
 func (c *ApiController) GetResources() {
-	owner := c.Input().Get("owner")
-	user := c.Input().Get("user")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	owner := c.Ctx.Input.Query("owner")
+	user := c.Ctx.Input.Query("user")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
 
 	isOrgAdmin, ok := c.IsOrgAdmin()
 	if !ok {
@@ -93,7 +93,7 @@ func (c *ApiController) GetResources() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		resources, err := object.GetPaginationResources(owner, user, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -112,7 +112,7 @@ func (c *ApiController) GetResources() {
 // @Success 	200			{object}	object.Resource		The Response object
 // @router /get-resource [get]
 func (c *ApiController) GetResource() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	resource, err := object.GetResource(id)
 	if err != nil {
@@ -132,7 +132,7 @@ func (c *ApiController) GetResource() {
 // @Success 	200			{object}	controllers.Response					Success or error
 // @router /update-resource [post]
 func (c *ApiController) UpdateResource() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var resource object.Resource
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &resource)
@@ -178,9 +178,11 @@ func (c *ApiController) DeleteResource() {
 	}
 
 	if resource.Provider != "" {
-		c.Input().Set("provider", resource.Provider)
+		inputs, _ := c.Input()
+		inputs.Set("provider", resource.Provider)
 	}
-	c.Input().Set("fullFilePath", resource.Name)
+	inputs, _ := c.Input()
+	inputs.Set("fullFilePath", resource.Name)
 	provider, err := c.GetProviderFromContext("Storage")
 	if err != nil {
 		c.ResponseError(err.Error())
@@ -188,7 +190,7 @@ func (c *ApiController) DeleteResource() {
 	}
 	_, resource.Name = refineFullFilePath(resource.Name)
 
-	tag := c.Input().Get("tag")
+	tag := c.Ctx.Input.Query("tag")
 	if tag == "Direct" {
 		resource.Name = path.Join(provider.PathPrefix, resource.Name)
 	}
@@ -218,14 +220,14 @@ func (c *ApiController) DeleteResource() {
 // @Success   200             {object}  object.Resource  	FileUrl, objectKey
 // @router /upload-resource [post]
 func (c *ApiController) UploadResource() {
-	owner := c.Input().Get("owner")
-	username := c.Input().Get("user")
-	application := c.Input().Get("application")
-	tag := c.Input().Get("tag")
-	parent := c.Input().Get("parent")
-	fullFilePath := c.Input().Get("fullFilePath")
-	createdTime := c.Input().Get("createdTime")
-	description := c.Input().Get("description")
+	owner := c.Ctx.Input.Query("owner")
+	username := c.Ctx.Input.Query("user")
+	application := c.Ctx.Input.Query("application")
+	tag := c.Ctx.Input.Query("tag")
+	parent := c.Ctx.Input.Query("parent")
+	fullFilePath := c.Ctx.Input.Query("fullFilePath")
+	createdTime := c.Ctx.Input.Query("createdTime")
+	description := c.Ctx.Input.Query("description")
 
 	file, header, err := c.GetFile("file")
 	if err != nil {

controllers/role.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -30,13 +30,13 @@ import (
 // @Success 200 {array} object.Role The Response object
 // @router /get-roles [get]
 func (c *ApiController) GetRoles() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
 
 	if limit == "" || page == "" {
 		roles, err := object.GetRoles(owner)
@@ -54,7 +54,7 @@ func (c *ApiController) GetRoles() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		roles, err := object.GetPaginationRoles(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -73,7 +73,7 @@ func (c *ApiController) GetRoles() {
 // @Success 200 {object} object.Role The Response object
 // @router /get-role [get]
 func (c *ApiController) GetRole() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	role, err := object.GetRole(id)
 	if err != nil {
@@ -93,7 +93,7 @@ func (c *ApiController) GetRole() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /update-role [post]
 func (c *ApiController) UpdateRole() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var role object.Role
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &role)

controllers/saml.go

@@ -23,7 +23,7 @@ import (
 
 func (c *ApiController) GetSamlMeta() {
 	host := c.Ctx.Request.Host
-	paramApp := c.Input().Get("application")
+	paramApp := c.Ctx.Input.Query("application")
 	application, err := object.GetApplication(paramApp)
 	if err != nil {
 		c.ResponseError(err.Error())
@@ -57,10 +57,10 @@ func (c *ApiController) HandleSamlRedirect() {
 	owner := c.Ctx.Input.Param(":owner")
 	application := c.Ctx.Input.Param(":application")
 
-	relayState := c.Input().Get("RelayState")
-	samlRequest := c.Input().Get("SAMLRequest")
-	username := c.Input().Get("username")
-	loginHint := c.Input().Get("login_hint")
+	relayState := c.Ctx.Input.Query("RelayState")
+	samlRequest := c.Ctx.Input.Query("SAMLRequest")
+	username := c.Ctx.Input.Query("username")
+	loginHint := c.Ctx.Input.Query("login_hint")
 
 	targetURL := object.GetSamlRedirectAddress(owner, application, relayState, samlRequest, host, username, loginHint)
 

controllers/session.go

@@ -15,9 +15,11 @@
 package controllers
 
 import (
+	"context"
 	"encoding/json"
+	"fmt"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -30,13 +32,13 @@ import (
 // @Success 200 {array} string The Response object
 // @router /get-sessions [get]
 func (c *ApiController) GetSessions() {
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-	owner := c.Input().Get("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
+	owner := c.Ctx.Input.Query("owner")
 
 	if limit == "" || page == "" {
 		sessions, err := object.GetSessions(owner)
@@ -53,7 +55,7 @@ func (c *ApiController) GetSessions() {
 			c.ResponseError(err.Error())
 			return
 		}
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		sessions, err := object.GetPaginationSessions(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -72,7 +74,7 @@ func (c *ApiController) GetSessions() {
 // @Success 200 {array} string The Response object
 // @router /get-session [get]
 func (c *ApiController) GetSingleSession() {
-	id := c.Input().Get("sessionPkId")
+	id := c.Ctx.Input.Query("sessionPkId")
 
 	session, err := object.GetSingleSession(id)
 	if err != nil {
@@ -136,7 +138,21 @@ func (c *ApiController) DeleteSession() {
 		return
 	}
 
-	c.Data["json"] = wrapActionResponse(object.DeleteSession(util.GetSessionId(session.Owner, session.Name, session.Application)))
+	curSessionId := c.Ctx.Input.CruSession.SessionID(context.Background())
+
+	sessionId := c.Ctx.Input.Query("sessionId")
+	if curSessionId == sessionId && sessionId != "" {
+		c.ResponseError(fmt.Sprintf(c.T("session:session id %s is the current session and cannot be deleted"), curSessionId))
+		return
+	}
+
+	if sessionId != "" {
+		c.Data["json"] = wrapActionResponse(object.DeleteSessionId(util.GetSessionId(session.Owner, session.Name, session.Application), sessionId))
+		c.ServeJSON()
+		return
+	}
+
+	c.Data["json"] = wrapActionResponse(object.DeleteSession(util.GetSessionId(session.Owner, session.Name, session.Application), curSessionId))
 	c.ServeJSON()
 }
 
@@ -149,8 +165,8 @@ func (c *ApiController) DeleteSession() {
 // @Success 200 {array} string The Response object
 // @router /is-session-duplicated [get]
 func (c *ApiController) IsSessionDuplicated() {
-	id := c.Input().Get("sessionPkId")
-	sessionId := c.Input().Get("sessionId")
+	id := c.Ctx.Input.Query("sessionPkId")
+	sessionId := c.Ctx.Input.Query("sessionId")
 
 	isUserSessionDuplicated, err := object.IsSessionDuplicated(id, sessionId)
 	if err != nil {

controllers/subscription.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -30,13 +30,13 @@ import (
 // @Success 200 {array} object.Subscription The Response object
 // @router /get-subscriptions [get]
 func (c *ApiController) GetSubscriptions() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
 
 	if limit == "" || page == "" {
 		subscriptions, err := object.GetSubscriptions(owner)
@@ -54,7 +54,7 @@ func (c *ApiController) GetSubscriptions() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		subscription, err := object.GetPaginationSubscriptions(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -73,7 +73,7 @@ func (c *ApiController) GetSubscriptions() {
 // @Success 200 {object} object.Subscription The Response object
 // @router /get-subscription [get]
 func (c *ApiController) GetSubscription() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	subscription, err := object.GetSubscription(id)
 	if err != nil {
@@ -93,7 +93,7 @@ func (c *ApiController) GetSubscription() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /update-subscription [post]
 func (c *ApiController) UpdateSubscription() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var subscription object.Subscription
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &subscription)

controllers/syncer.go

@@ -18,7 +18,7 @@ import (
 	"encoding/json"
 	"fmt"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -31,14 +31,14 @@ import (
 // @Success 200 {array} object.Syncer The Response object
 // @router /get-syncers [get]
 func (c *ApiController) GetSyncers() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-	organization := c.Input().Get("organization")
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
+	organization := c.Ctx.Input.Query("organization")
 
 	if limit == "" || page == "" {
 		syncers, err := object.GetMaskedSyncers(object.GetOrganizationSyncers(owner, organization))
@@ -56,7 +56,7 @@ func (c *ApiController) GetSyncers() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		syncers, err := object.GetMaskedSyncers(object.GetPaginationSyncers(owner, organization, paginator.Offset(), limit, field, value, sortField, sortOrder))
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -75,7 +75,7 @@ func (c *ApiController) GetSyncers() {
 // @Success 200 {object} object.Syncer The Response object
 // @router /get-syncer [get]
 func (c *ApiController) GetSyncer() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	syncer, err := object.GetMaskedSyncer(object.GetSyncer(id))
 	if err != nil {
@@ -95,7 +95,7 @@ func (c *ApiController) GetSyncer() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /update-syncer [post]
 func (c *ApiController) UpdateSyncer() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var syncer object.Syncer
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &syncer)
@@ -154,7 +154,7 @@ func (c *ApiController) DeleteSyncer() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /run-syncer [get]
 func (c *ApiController) RunSyncer() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 	syncer, err := object.GetSyncer(id)
 	if err != nil {
 		c.ResponseError(err.Error())

controllers/ticket.go

@@ -0,0 +1,271 @@
+// Copyright 2024 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package controllers
+
+import (
+	"encoding/json"
+
+	"github.com/beego/beego/v2/core/utils/pagination"
+	"github.com/casdoor/casdoor/object"
+	"github.com/casdoor/casdoor/util"
+)
+
+// GetTickets
+// @Title GetTickets
+// @Tag Ticket API
+// @Description get tickets
+// @Param   owner     query    string  true        "The owner of tickets"
+// @Success 200 {array} object.Ticket The Response object
+// @router /get-tickets [get]
+func (c *ApiController) GetTickets() {
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
+
+	user := c.getCurrentUser()
+	isAdmin := c.IsAdmin()
+
+	var tickets []*object.Ticket
+	var err error
+
+	if limit == "" || page == "" {
+		if isAdmin {
+			tickets, err = object.GetTickets(owner)
+		} else {
+			tickets, err = object.GetUserTickets(owner, user.GetId())
+		}
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+
+		c.ResponseOk(tickets)
+	} else {
+		limit := util.ParseInt(limit)
+		var count int64
+
+		if isAdmin {
+			count, err = object.GetTicketCount(owner, field, value)
+		} else {
+			// For non-admin users, only show their own tickets
+			tickets, err = object.GetUserTickets(owner, user.GetId())
+			if err != nil {
+				c.ResponseError(err.Error())
+				return
+			}
+			count = int64(len(tickets))
+		}
+
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
+
+		if isAdmin {
+			tickets, err = object.GetPaginationTickets(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
+		}
+
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+
+		c.ResponseOk(tickets, paginator.Nums())
+	}
+}
+
+// GetTicket
+// @Title GetTicket
+// @Tag Ticket API
+// @Description get ticket
+// @Param   id     query    string  true        "The id ( owner/name ) of the ticket"
+// @Success 200 {object} object.Ticket The Response object
+// @router /get-ticket [get]
+func (c *ApiController) GetTicket() {
+	id := c.Ctx.Input.Query("id")
+
+	ticket, err := object.GetTicket(id)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	// Check permission: user can only view their own tickets unless they are admin
+	user := c.getCurrentUser()
+	isAdmin := c.IsAdmin()
+
+	if ticket != nil && !isAdmin && ticket.User != user.GetId() {
+		c.ResponseError(c.T("auth:Unauthorized operation"))
+		return
+	}
+
+	c.ResponseOk(ticket)
+}
+
+// UpdateTicket
+// @Title UpdateTicket
+// @Tag Ticket API
+// @Description update ticket
+// @Param   id     query    string  true        "The id ( owner/name ) of the ticket"
+// @Param   body    body   object.Ticket  true        "The details of the ticket"
+// @Success 200 {object} controllers.Response The Response object
+// @router /update-ticket [post]
+func (c *ApiController) UpdateTicket() {
+	id := c.Ctx.Input.Query("id")
+
+	var ticket object.Ticket
+	err := json.Unmarshal(c.Ctx.Input.RequestBody, &ticket)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	// Check permission
+	user := c.getCurrentUser()
+	isAdmin := c.IsAdmin()
+
+	existingTicket, err := object.GetTicket(id)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	if existingTicket == nil {
+		c.ResponseError(c.T("ticket:Ticket not found"))
+		return
+	}
+
+	// Normal users can only close their own tickets
+	if !isAdmin {
+		if existingTicket.User != user.GetId() {
+			c.ResponseError(c.T("auth:Unauthorized operation"))
+			return
+		}
+		// Normal users can only change state to "Closed"
+		if ticket.State != "Closed" && ticket.State != existingTicket.State {
+			c.ResponseError(c.T("auth:Unauthorized operation"))
+			return
+		}
+		// Preserve original fields that users shouldn't modify
+		ticket.Owner = existingTicket.Owner
+		ticket.Name = existingTicket.Name
+		ticket.User = existingTicket.User
+		ticket.CreatedTime = existingTicket.CreatedTime
+	}
+
+	c.Data["json"] = wrapActionResponse(object.UpdateTicket(id, &ticket))
+	c.ServeJSON()
+}
+
+// AddTicket
+// @Title AddTicket
+// @Tag Ticket API
+// @Description add ticket
+// @Param   body    body   object.Ticket  true        "The details of the ticket"
+// @Success 200 {object} controllers.Response The Response object
+// @router /add-ticket [post]
+func (c *ApiController) AddTicket() {
+	var ticket object.Ticket
+	err := json.Unmarshal(c.Ctx.Input.RequestBody, &ticket)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	// Set the user field to the current user
+	user := c.getCurrentUser()
+	ticket.User = user.GetId()
+
+	c.Data["json"] = wrapActionResponse(object.AddTicket(&ticket))
+	c.ServeJSON()
+}
+
+// DeleteTicket
+// @Title DeleteTicket
+// @Tag Ticket API
+// @Description delete ticket
+// @Param   body    body   object.Ticket  true        "The details of the ticket"
+// @Success 200 {object} controllers.Response The Response object
+// @router /delete-ticket [post]
+func (c *ApiController) DeleteTicket() {
+	var ticket object.Ticket
+	err := json.Unmarshal(c.Ctx.Input.RequestBody, &ticket)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	// Only admins can delete tickets
+	if !c.IsAdmin() {
+		c.ResponseError(c.T("auth:Unauthorized operation"))
+		return
+	}
+
+	c.Data["json"] = wrapActionResponse(object.DeleteTicket(&ticket))
+	c.ServeJSON()
+}
+
+// AddTicketMessage
+// @Title AddTicketMessage
+// @Tag Ticket API
+// @Description add a message to a ticket
+// @Param   id     query    string  true        "The id ( owner/name ) of the ticket"
+// @Param   body    body   object.TicketMessage  true        "The message to add"
+// @Success 200 {object} controllers.Response The Response object
+// @router /add-ticket-message [post]
+func (c *ApiController) AddTicketMessage() {
+	id := c.Ctx.Input.Query("id")
+
+	var message object.TicketMessage
+	err := json.Unmarshal(c.Ctx.Input.RequestBody, &message)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	// Check permission
+	user := c.getCurrentUser()
+	isAdmin := c.IsAdmin()
+
+	ticket, err := object.GetTicket(id)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	if ticket == nil {
+		c.ResponseError(c.T("ticket:Ticket not found"))
+		return
+	}
+
+	// Users can only add messages to their own tickets, admins can add to any ticket
+	if !isAdmin && ticket.User != user.GetId() {
+		c.ResponseError(c.T("auth:Unauthorized operation"))
+		return
+	}
+
+	// Set the author and admin flag
+	message.Author = user.GetId()
+	message.IsAdmin = isAdmin
+
+	c.Data["json"] = wrapActionResponse(object.AddTicketMessage(id, &message))
+	c.ServeJSON()
+}

controllers/token.go

@@ -19,7 +19,7 @@ import (
 	"fmt"
 	"time"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -34,14 +34,14 @@ import (
 // @Success 200 {array} object.Token The Response object
 // @router /get-tokens [get]
 func (c *ApiController) GetTokens() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-	organization := c.Input().Get("organization")
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
+	organization := c.Ctx.Input.Query("organization")
 	if limit == "" || page == "" {
 		token, err := object.GetTokens(owner, organization)
 		if err != nil {
@@ -58,7 +58,7 @@ func (c *ApiController) GetTokens() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		tokens, err := object.GetPaginationTokens(owner, organization, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -77,7 +77,7 @@ func (c *ApiController) GetTokens() {
 // @Success 200 {object} object.Token The Response object
 // @router /get-token [get]
 func (c *ApiController) GetToken() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 	token, err := object.GetToken(id)
 	if err != nil {
 		c.ResponseError(err.Error())
@@ -96,7 +96,7 @@ func (c *ApiController) GetToken() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /update-token [post]
 func (c *ApiController) UpdateToken() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var token object.Token
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &token)
@@ -160,19 +160,19 @@ func (c *ApiController) DeleteToken() {
 // @Success 401 {object} object.TokenError The Response object
 // @router /login/oauth/access_token [post]
 func (c *ApiController) GetOAuthToken() {
-	clientId := c.Input().Get("client_id")
-	clientSecret := c.Input().Get("client_secret")
-	grantType := c.Input().Get("grant_type")
-	code := c.Input().Get("code")
-	verifier := c.Input().Get("code_verifier")
-	scope := c.Input().Get("scope")
-	nonce := c.Input().Get("nonce")
-	username := c.Input().Get("username")
-	password := c.Input().Get("password")
-	tag := c.Input().Get("tag")
-	avatar := c.Input().Get("avatar")
-	refreshToken := c.Input().Get("refresh_token")
-	deviceCode := c.Input().Get("device_code")
+	clientId := c.Ctx.Input.Query("client_id")
+	clientSecret := c.Ctx.Input.Query("client_secret")
+	grantType := c.Ctx.Input.Query("grant_type")
+	code := c.Ctx.Input.Query("code")
+	verifier := c.Ctx.Input.Query("code_verifier")
+	scope := c.Ctx.Input.Query("scope")
+	nonce := c.Ctx.Input.Query("nonce")
+	username := c.Ctx.Input.Query("username")
+	password := c.Ctx.Input.Query("password")
+	tag := c.Ctx.Input.Query("tag")
+	avatar := c.Ctx.Input.Query("avatar")
+	refreshToken := c.Ctx.Input.Query("refresh_token")
+	deviceCode := c.Ctx.Input.Query("device_code")
 
 	if clientId == "" && clientSecret == "" {
 		clientId, clientSecret, _ = c.Ctx.Request.BasicAuth()
@@ -288,11 +288,11 @@ func (c *ApiController) GetOAuthToken() {
 // @Success 401 {object} object.TokenError The Response object
 // @router /login/oauth/refresh_token [post]
 func (c *ApiController) RefreshToken() {
-	grantType := c.Input().Get("grant_type")
-	refreshToken := c.Input().Get("refresh_token")
-	scope := c.Input().Get("scope")
-	clientId := c.Input().Get("client_id")
-	clientSecret := c.Input().Get("client_secret")
+	grantType := c.Ctx.Input.Query("grant_type")
+	refreshToken := c.Ctx.Input.Query("refresh_token")
+	scope := c.Ctx.Input.Query("scope")
+	clientId := c.Ctx.Input.Query("client_id")
+	clientSecret := c.Ctx.Input.Query("client_secret")
 	host := c.Ctx.Request.Host
 
 	if clientId == "" {
@@ -342,11 +342,11 @@ func (c *ApiController) ResponseTokenError(errorMsg string) {
 // @Success 401 {object} object.TokenError The Response object
 // @router /login/oauth/introspect [post]
 func (c *ApiController) IntrospectToken() {
-	tokenValue := c.Input().Get("token")
+	tokenValue := c.Ctx.Input.Query("token")
 	clientId, clientSecret, ok := c.Ctx.Request.BasicAuth()
 	if !ok {
-		clientId = c.Input().Get("client_id")
-		clientSecret = c.Input().Get("client_secret")
+		clientId = c.Ctx.Input.Query("client_id")
+		clientSecret = c.Ctx.Input.Query("client_secret")
 		if clientId == "" || clientSecret == "" {
 			c.ResponseTokenError(object.InvalidRequest)
 			return
@@ -369,7 +369,7 @@ func (c *ApiController) IntrospectToken() {
 		c.ServeJSON()
 	}
 
-	tokenTypeHint := c.Input().Get("token_type_hint")
+	tokenTypeHint := c.Ctx.Input.Query("token_type_hint")
 	var token *object.Token
 	if tokenTypeHint != "" {
 		token, err = object.GetTokenByTokenValue(tokenValue, tokenTypeHint)

controllers/transaction.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -30,13 +30,13 @@ import (
 // @Success 200 {array} object.Transaction The Response object
 // @router /get-transactions [get]
 func (c *ApiController) GetTransactions() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
 
 	if limit == "" || page == "" {
 		var transactions []*object.Transaction
@@ -86,7 +86,7 @@ func (c *ApiController) GetTransactions() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		transactions, err := object.GetPaginationTransactions(owner, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -105,7 +105,7 @@ func (c *ApiController) GetTransactions() {
 // @Success 200 {object} object.Transaction The Response object
 // @router /get-transaction [get]
 func (c *ApiController) GetTransaction() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	transaction, err := object.GetTransaction(id)
 	if err != nil {
@@ -146,7 +146,7 @@ func (c *ApiController) GetTransaction() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /update-transaction [post]
 func (c *ApiController) UpdateTransaction() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var transaction object.Transaction
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &transaction)
@@ -175,7 +175,7 @@ func (c *ApiController) AddTransaction() {
 		return
 	}
 
-	dryRunParam := c.Input().Get("dryRun")
+	dryRunParam := c.Ctx.Input.Query("dryRun")
 	dryRun := dryRunParam != ""
 
 	affected, transactionId, err := object.AddTransaction(&transaction, c.GetAcceptLanguage(), dryRun)

controllers/user.go

@@ -19,7 +19,7 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
@@ -32,12 +32,12 @@ import (
 // @Success 200 {array} object.User The Response object
 // @router /get-global-users [get]
 func (c *ApiController) GetGlobalUsers() {
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
 
 	if limit == "" || page == "" {
 		users, err := object.GetMaskedUsers(object.GetGlobalUsers())
@@ -55,7 +55,7 @@ func (c *ApiController) GetGlobalUsers() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		users, err := object.GetPaginationGlobalUsers(paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -80,14 +80,14 @@ func (c *ApiController) GetGlobalUsers() {
 // @Success 200 {array} object.User The Response object
 // @router /get-users [get]
 func (c *ApiController) GetUsers() {
-	owner := c.Input().Get("owner")
-	groupName := c.Input().Get("groupName")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	owner := c.Ctx.Input.Query("owner")
+	groupName := c.Ctx.Input.Query("groupName")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
 
 	if limit == "" || page == "" {
 		if groupName != "" {
@@ -115,7 +115,7 @@ func (c *ApiController) GetUsers() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		users, err := object.GetPaginationUsers(owner, paginator.Offset(), limit, field, value, sortField, sortOrder, groupName)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -144,11 +144,11 @@ func (c *ApiController) GetUsers() {
 // @Success 200 {object} object.User The Response object
 // @router /get-user [get]
 func (c *ApiController) GetUser() {
-	id := c.Input().Get("id")
-	email := c.Input().Get("email")
-	phone := c.Input().Get("phone")
-	userId := c.Input().Get("userId")
-	owner := c.Input().Get("owner")
+	id := c.Ctx.Input.Query("id")
+	email := c.Ctx.Input.Query("email")
+	phone := c.Ctx.Input.Query("phone")
+	userId := c.Ctx.Input.Query("userId")
+	owner := c.Ctx.Input.Query("owner")
 	var err error
 	var userFromUserId *object.User
 	if userId != "" && owner != "" {
@@ -259,10 +259,10 @@ func (c *ApiController) GetUser() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /update-user [post]
 func (c *ApiController) UpdateUser() {
-	id := c.Input().Get("id")
-	userId := c.Input().Get("userId")
-	owner := c.Input().Get("owner")
-	columnsStr := c.Input().Get("columns")
+	id := c.Ctx.Input.Query("id")
+	userId := c.Ctx.Input.Query("userId")
+	owner := c.Ctx.Input.Query("owner")
+	columnsStr := c.Ctx.Input.Query("columns")
 
 	var user object.User
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &user)
@@ -336,7 +336,7 @@ func (c *ApiController) UpdateUser() {
 	}
 
 	isAdmin := c.IsAdmin()
-	allowDisplayNameEmpty := c.Input().Get("allowEmpty") != ""
+	allowDisplayNameEmpty := c.Ctx.Input.Query("allowEmpty") != ""
 	if pass, err := object.CheckPermissionForUpdateUser(oldUser, &user, isAdmin, allowDisplayNameEmpty, c.GetAcceptLanguage()); !pass {
 		c.ResponseError(err)
 		return
@@ -690,9 +690,9 @@ func (c *ApiController) CheckUserPassword() {
 // @Success 200 {array} object.User The Response object
 // @router /get-sorted-users [get]
 func (c *ApiController) GetSortedUsers() {
-	owner := c.Input().Get("owner")
-	sorter := c.Input().Get("sorter")
-	limit := util.ParseInt(c.Input().Get("limit"))
+	owner := c.Ctx.Input.Query("owner")
+	sorter := c.Ctx.Input.Query("sorter")
+	limit := util.ParseInt(c.Ctx.Input.Query("limit"))
 
 	users, err := object.GetMaskedUsers(object.GetSortedUsers(owner, sorter, limit))
 	if err != nil {
@@ -712,8 +712,8 @@ func (c *ApiController) GetSortedUsers() {
 // @Success 200 {int} int The count of filtered users for an organization
 // @router /get-user-count [get]
 func (c *ApiController) GetUserCount() {
-	owner := c.Input().Get("owner")
-	isOnline := c.Input().Get("isOnline")
+	owner := c.Ctx.Input.Query("owner")
+	isOnline := c.Ctx.Input.Query("isOnline")
 
 	var count int64
 	var err error
@@ -788,9 +788,9 @@ func (c *ApiController) RemoveUserFromGroup() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /verify-identification [post]
 func (c *ApiController) VerifyIdentification() {
-	owner := c.Input().Get("owner")
-	name := c.Input().Get("name")
-	providerName := c.Input().Get("provider")
+	owner := c.Ctx.Input.Query("owner")
+	name := c.Ctx.Input.Query("name")
+	providerName := c.Ctx.Input.Query("provider")
 
 	// If user not specified, use logged-in user
 	if owner == "" || name == "" {

controllers/util.go

@@ -106,7 +106,7 @@ func (c *ApiController) RequireSignedInUser() (*object.User, bool) {
 	}
 
 	if object.IsAppUser(userId) {
-		tmpUserId := c.Input().Get("userId")
+		tmpUserId := c.Ctx.Input.Query("userId")
 		if tmpUserId != "" {
 			userId = tmpUserId
 		}
@@ -172,7 +172,7 @@ func (c *ApiController) IsOrgAdmin() (bool, bool) {
 // IsMaskedEnabled ...
 func (c *ApiController) IsMaskedEnabled() (bool, bool) {
 	isMaskEnabled := true
-	withSecret := c.Input().Get("withSecret")
+	withSecret := c.Ctx.Input.Query("withSecret")
 	if withSecret == "1" {
 		isMaskEnabled = false
 
@@ -202,14 +202,14 @@ func refineFullFilePath(fullFilePath string) (string, string) {
 }
 
 func (c *ApiController) GetProviderFromContext(category string) (*object.Provider, error) {
-	providerName := c.Input().Get("provider")
+	providerName := c.Ctx.Input.Query("provider")
 	if providerName == "" {
-		field := c.Input().Get("field")
-		value := c.Input().Get("value")
+		field := c.Ctx.Input.Query("field")
+		value := c.Ctx.Input.Query("value")
 		if field == "provider" && value != "" {
 			providerName = value
 		} else {
-			fullFilePath := c.Input().Get("fullFilePath")
+			fullFilePath := c.Ctx.Input.Query("fullFilePath")
 			providerName, _ = refineFullFilePath(fullFilePath)
 		}
 	}

controllers/verification.go

@@ -20,7 +20,7 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/captcha"
 	"github.com/casdoor/casdoor/form"
 	"github.com/casdoor/casdoor/object"
@@ -49,14 +49,14 @@ func (c *ApiController) GetVerifications() {
 		return
 	}
 
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
 
-	owner := c.Input().Get("owner")
+	owner := c.Ctx.Input.Query("owner")
 	// For global admin with organizationName parameter, use it to filter
 	// For org admin, use their organization
 	if c.IsGlobalAdmin() && owner != "" {
@@ -79,7 +79,7 @@ func (c *ApiController) GetVerifications() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 		payments, err := object.GetPaginationVerifications(organization, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
 			c.ResponseError(err.Error())
@@ -100,8 +100,8 @@ func (c *ApiController) GetVerifications() {
 // @Success 200 {array} object.Verification The Response object
 // @router /get-user-payments [get]
 func (c *ApiController) GetUserVerifications() {
-	owner := c.Input().Get("owner")
-	user := c.Input().Get("user")
+	owner := c.Ctx.Input.Query("owner")
+	user := c.Ctx.Input.Query("user")
 
 	payments, err := object.GetUserVerifications(owner, user)
 	if err != nil {
@@ -120,7 +120,7 @@ func (c *ApiController) GetUserVerifications() {
 // @Success 200 {object} object.Verification The Response object
 // @router /get-payment [get]
 func (c *ApiController) GetVerification() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	payment, err := object.GetVerification(id)
 	if err != nil {

controllers/webauthn.go

@@ -126,8 +126,8 @@ func (c *ApiController) WebAuthnSigninBegin() {
 		return
 	}
 
-	userOwner := c.Input().Get("owner")
-	userName := c.Input().Get("name")
+	userOwner := c.Ctx.Input.Query("owner")
+	userName := c.Ctx.Input.Query("name")
 
 	var options *protocol.CredentialAssertion
 	var sessionData *webauthn.SessionData
@@ -171,8 +171,8 @@ func (c *ApiController) WebAuthnSigninBegin() {
 // @Success 200 {object} controllers.Response "The Response object"
 // @router /webauthn/signin/finish [post]
 func (c *ApiController) WebAuthnSigninFinish() {
-	responseType := c.Input().Get("responseType")
-	clientId := c.Input().Get("clientId")
+	responseType := c.Ctx.Input.Query("responseType")
+	clientId := c.Ctx.Input.Query("clientId")
 	webauthnObj, err := object.GetWebAuthnObject(c.Ctx.Request.Host)
 	if err != nil {
 		c.ResponseError(err.Error())

controllers/webhook.go

@@ -17,7 +17,7 @@ package controllers
 import (
 	"encoding/json"
 
-	"github.com/beego/beego/utils/pagination"
+	"github.com/beego/beego/v2/core/utils/pagination"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )
@@ -31,14 +31,14 @@ import (
 // @router /get-webhooks [get]
 // @Security test_apiKey
 func (c *ApiController) GetWebhooks() {
-	owner := c.Input().Get("owner")
-	limit := c.Input().Get("pageSize")
-	page := c.Input().Get("p")
-	field := c.Input().Get("field")
-	value := c.Input().Get("value")
-	sortField := c.Input().Get("sortField")
-	sortOrder := c.Input().Get("sortOrder")
-	organization := c.Input().Get("organization")
+	owner := c.Ctx.Input.Query("owner")
+	limit := c.Ctx.Input.Query("pageSize")
+	page := c.Ctx.Input.Query("p")
+	field := c.Ctx.Input.Query("field")
+	value := c.Ctx.Input.Query("value")
+	sortField := c.Ctx.Input.Query("sortField")
+	sortOrder := c.Ctx.Input.Query("sortOrder")
+	organization := c.Ctx.Input.Query("organization")
 
 	if limit == "" || page == "" {
 		webhooks, err := object.GetWebhooks(owner, organization)
@@ -56,7 +56,7 @@ func (c *ApiController) GetWebhooks() {
 			return
 		}
 
-		paginator := pagination.SetPaginator(c.Ctx, limit, count)
+		paginator := pagination.NewPaginator(c.Ctx.Request, limit, count)
 
 		webhooks, err := object.GetPaginationWebhooks(owner, organization, paginator.Offset(), limit, field, value, sortField, sortOrder)
 		if err != nil {
@@ -76,7 +76,7 @@ func (c *ApiController) GetWebhooks() {
 // @Success 200 {object} object.Webhook The Response object
 // @router /get-webhook [get]
 func (c *ApiController) GetWebhook() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	webhook, err := object.GetWebhook(id)
 	if err != nil {
@@ -96,7 +96,7 @@ func (c *ApiController) GetWebhook() {
 // @Success 200 {object} controllers.Response The Response object
 // @router /update-webhook [post]
 func (c *ApiController) UpdateWebhook() {
-	id := c.Input().Get("id")
+	id := c.Ctx.Input.Query("id")
 
 	var webhook object.Webhook
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &webhook)

go.mod

@@ -6,6 +6,7 @@ require (
 	github.com/Masterminds/squirrel v1.5.3
 	github.com/NdoleStudio/lemonsqueezy-go v1.2.4
 	github.com/PaddleHQ/paddle-go-sdk v1.0.0
+	github.com/adyen/adyen-go-api-library/v11 v11.0.0
 	github.com/alexedwards/argon2id v0.0.0-20211130144151-3585854a6387
 	github.com/alibabacloud-go/cloudauth-20190307/v3 v3.9.2
 	github.com/alibabacloud-go/darabonba-openapi/v2 v2.1.4
@@ -13,14 +14,14 @@ require (
 	github.com/alibabacloud-go/openapi-util v0.1.0
 	github.com/alibabacloud-go/tea v1.3.2
 	github.com/alibabacloud-go/tea-utils/v2 v2.0.7
-	github.com/aws/aws-sdk-go v1.45.5
-	github.com/beego/beego v1.12.12
+	github.com/aws/aws-sdk-go-v2/service/s3 v1.95.0
+	github.com/beego/beego/v2 v2.3.8
 	github.com/beevik/etree v1.1.0
 	github.com/casbin/casbin/v2 v2.77.2
 	github.com/casdoor/go-sms-sender v0.25.0
 	github.com/casdoor/gomail/v2 v2.2.0
 	github.com/casdoor/ldapserver v1.2.0
-	github.com/casdoor/notify v1.0.1
+	github.com/casdoor/notify2 v1.6.0
 	github.com/casdoor/oss v1.8.0
 	github.com/casdoor/xorm-adapter/v3 v3.1.0
 	github.com/casvisor/casvisor-go-sdk v1.4.0
@@ -29,12 +30,13 @@ require (
 	github.com/elimity-com/scim v0.0.0-20230426070224-941a5eac92f3
 	github.com/fogleman/gg v1.3.0
 	github.com/go-asn1-ber/asn1-ber v1.5.5
-	github.com/go-git/go-git/v5 v5.13.0
+	github.com/go-git/go-git/v5 v5.16.3
+	github.com/go-jose/go-jose/v4 v4.1.2
 	github.com/go-ldap/ldap/v3 v3.4.6
 	github.com/go-mysql-org/go-mysql v1.7.0
 	github.com/go-pay/gopay v1.5.115
 	github.com/go-pay/util v0.0.4
-	github.com/go-sql-driver/mysql v1.6.0
+	github.com/go-sql-driver/mysql v1.8.1
 	github.com/go-telegram-bot-api/telegram-bot-api v4.6.4+incompatible
 	github.com/go-webauthn/webauthn v0.10.2
 	github.com/golang-jwt/jwt/v5 v5.2.2
@@ -43,18 +45,18 @@ require (
 	github.com/lestrrat-go/jwx v1.2.29
 	github.com/lib/pq v1.10.9
 	github.com/lor00x/goldap v0.0.0-20180618054307-a546dffdd1a3
-	github.com/markbates/goth v1.79.0
+	github.com/markbates/goth v1.82.0
 	github.com/mitchellh/mapstructure v1.5.0
 	github.com/nyaruka/phonenumbers v1.2.2
 	github.com/polarsource/polar-go v0.12.0
 	github.com/pquerna/otp v1.4.0
-	github.com/prometheus/client_golang v1.11.1
-	github.com/prometheus/client_model v0.4.0
+	github.com/prometheus/client_golang v1.19.0
+	github.com/prometheus/client_model v0.6.0
 	github.com/qiangmzsx/string-adapter/v2 v2.1.0
 	github.com/robfig/cron/v3 v3.0.1
 	github.com/russellhaering/gosaml2 v0.9.0
 	github.com/russellhaering/goxmldsig v1.2.0
-	github.com/sendgrid/sendgrid-go v3.14.0+incompatible
+	github.com/sendgrid/sendgrid-go v3.16.0+incompatible
 	github.com/shirou/gopsutil v3.21.11+incompatible
 	github.com/siddontang/go-log v0.0.0-20190221022429-1e957dd83bed
 	github.com/stretchr/testify v1.11.1
@@ -64,33 +66,39 @@ require (
 	github.com/xorm-io/builder v0.3.13
 	github.com/xorm-io/core v0.7.4
 	github.com/xorm-io/xorm v1.1.6
-	golang.org/x/crypto v0.39.0
-	golang.org/x/net v0.40.0
-	golang.org/x/oauth2 v0.17.0
-	golang.org/x/text v0.26.0
-	google.golang.org/api v0.150.0
-	gopkg.in/square/go-jose.v2 v2.6.0
+	golang.org/x/crypto v0.40.0
+	golang.org/x/net v0.41.0
+	golang.org/x/oauth2 v0.27.0
+	golang.org/x/text v0.27.0
+	google.golang.org/api v0.215.0
 	layeh.com/radius v0.0.0-20231213012653-1006025d24f8
-	maunium.net/go/mautrix v0.16.0
+	maunium.net/go/mautrix v0.22.1
 	modernc.org/sqlite v1.18.2
 )
 
 require (
-	cloud.google.com/go v0.110.8 // indirect
-	cloud.google.com/go/compute v1.23.1 // indirect
-	cloud.google.com/go/compute/metadata v0.2.3 // indirect
-	cloud.google.com/go/iam v1.1.3 // indirect
-	cloud.google.com/go/storage v1.35.1 // indirect
+	cel.dev/expr v0.18.0 // indirect
+	cloud.google.com/go v0.116.0 // indirect
+	cloud.google.com/go/auth v0.13.0 // indirect
+	cloud.google.com/go/auth/oauth2adapt v0.2.6 // indirect
+	cloud.google.com/go/compute/metadata v0.6.0 // indirect
+	cloud.google.com/go/iam v1.2.2 // indirect
+	cloud.google.com/go/monitoring v1.21.2 // indirect
+	cloud.google.com/go/storage v1.47.0 // indirect
 	dario.cat/mergo v1.0.0 // indirect
+	filippo.io/edwards25519 v1.1.0 // indirect
 	github.com/Azure/azure-pipeline-go v0.2.3 // indirect
 	github.com/Azure/azure-storage-blob-go v0.15.0 // indirect
 	github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 // indirect
 	github.com/BurntSushi/toml v0.3.1 // indirect
+	github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.25.0 // indirect
+	github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric v0.49.0 // indirect
+	github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping v0.49.0 // indirect
 	github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible // indirect
-	github.com/Microsoft/go-winio v0.6.1 // indirect
-	github.com/ProtonMail/go-crypto v1.1.3 // indirect
-	github.com/RocketChat/Rocket.Chat.Go.SDK v0.0.0-20221121042443-a3fd332d56d9 // indirect
-	github.com/SherClockHolmes/webpush-go v1.2.0 // indirect
+	github.com/Microsoft/go-winio v0.6.2 // indirect
+	github.com/ProtonMail/go-crypto v1.1.6 // indirect
+	github.com/RocketChat/Rocket.Chat.Go.SDK v0.0.0-20240116134246-a8cbe886bab0 // indirect
+	github.com/SherClockHolmes/webpush-go v1.4.0 // indirect
 	github.com/alibabacloud-go/alibabacloud-gateway-spi v0.0.5 // indirect
 	github.com/alibabacloud-go/darabonba-number v1.0.4 // indirect
 	github.com/alibabacloud-go/debug v1.0.1 // indirect
@@ -106,34 +114,43 @@ require (
 	github.com/aliyun/credentials-go v1.3.10 // indirect
 	github.com/apistd/uni-go-sdk v0.0.2 // indirect
 	github.com/atc0005/go-teams-notify/v2 v2.13.0 // indirect
+	github.com/aws/aws-sdk-go v1.45.5 // indirect
+	github.com/aws/smithy-go v1.24.0 // indirect
 	github.com/baidubce/bce-sdk-go v0.9.156 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
-	github.com/blinkbean/dingtalk v0.0.0-20210905093040-7d935c0f7e19 // indirect
-	github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc // indirect
-	github.com/bwmarrin/discordgo v0.27.1 // indirect
+	github.com/blinkbean/dingtalk v1.1.3 // indirect
+	github.com/boombuler/barcode v1.0.1 // indirect
+	github.com/bwmarrin/discordgo v0.28.1 // indirect
+	github.com/caarlos0/go-reddit/v3 v3.0.1 // indirect
 	github.com/casdoor/casdoor-go-sdk v0.50.0 // indirect
-	github.com/casdoor/go-reddit/v2 v2.1.0 // indirect
-	github.com/cenkalti/backoff/v4 v4.1.3 // indirect
-	github.com/cespare/xxhash/v2 v2.2.0 // indirect
+	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
+	github.com/census-instrumentation/opencensus-proto v0.4.1 // indirect
+	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/clbanning/mxj/v2 v2.7.0 // indirect
-	github.com/cloudflare/circl v1.3.7 // indirect
+	github.com/cloudflare/circl v1.6.1 // indirect
+	github.com/cncf/xds/go v0.0.0-20240905190251-b4127c9b8d78 // indirect
 	github.com/cschomburg/go-pushbullet v0.0.0-20171206132031-67759df45fbb // indirect
-	github.com/cyphar/filepath-securejoin v0.2.5 // indirect
+	github.com/cyphar/filepath-securejoin v0.4.1 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 // indirect
-	github.com/dghubble/oauth1 v0.7.2 // indirect
-	github.com/dghubble/sling v1.4.0 // indirect
+	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 // indirect
+	github.com/dghubble/oauth1 v0.7.3 // indirect
+	github.com/dghubble/sling v1.4.2 // indirect
+	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
 	github.com/di-wu/parser v0.2.2 // indirect
 	github.com/di-wu/xsd-datetime v1.0.0 // indirect
 	github.com/drswork/go-twitter v0.0.0-20221107160839-dea1b6ed53d7 // indirect
-	github.com/elazarl/go-bindata-assetfs v1.0.1 // indirect
 	github.com/emirpasic/gods v1.18.1 // indirect
+	github.com/envoyproxy/go-control-plane v0.13.1 // indirect
+	github.com/envoyproxy/protoc-gen-validate v1.1.0 // indirect
+	github.com/felixge/httpsnoop v1.0.4 // indirect
 	github.com/fxamacker/cbor/v2 v2.6.0 // indirect
 	github.com/ggicci/httpin v0.19.0 // indirect
 	github.com/ggicci/owl v0.8.2 // indirect
 	github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
-	github.com/go-git/go-billy/v5 v5.6.0 // indirect
-	github.com/go-lark/lark v1.9.0 // indirect
+	github.com/go-git/go-billy/v5 v5.6.2 // indirect
+	github.com/go-lark/lark v1.15.1 // indirect
+	github.com/go-logr/logr v1.4.2 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-ole/go-ole v1.2.6 // indirect
 	github.com/go-pay/crypto v0.0.1 // indirect
 	github.com/go-pay/errgroup v0.0.3 // indirect
@@ -141,23 +158,20 @@ require (
 	github.com/go-pay/xlog v0.0.3 // indirect
 	github.com/go-pay/xtime v0.0.2 // indirect
 	github.com/go-webauthn/x v0.1.9 // indirect
-	github.com/goccy/go-json v0.10.2 // indirect
-	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
+	github.com/goccy/go-json v0.10.3 // indirect
 	github.com/golang-jwt/jwt/v4 v4.5.2 // indirect
 	github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe // indirect
 	github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0 // indirect
-	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
+	github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect
 	github.com/golang/mock v1.6.0 // indirect
-	github.com/golang/protobuf v1.5.3 // indirect
 	github.com/golang/snappy v0.0.4 // indirect
-	github.com/gomodule/redigo v2.0.0+incompatible // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/google/go-tpm v0.9.0 // indirect
-	github.com/google/s2a-go v0.1.7 // indirect
-	github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
-	github.com/googleapis/gax-go/v2 v2.12.0 // indirect
-	github.com/gorilla/websocket v1.5.0 // indirect
-	github.com/gregdel/pushover v1.2.1 // indirect
+	github.com/google/s2a-go v0.1.8 // indirect
+	github.com/googleapis/enterprise-certificate-proxy v0.3.4 // indirect
+	github.com/googleapis/gax-go/v2 v2.14.1 // indirect
+	github.com/gorilla/websocket v1.5.3 // indirect
+	github.com/gregdel/pushover v1.3.1 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
 	github.com/hashicorp/golang-lru v0.5.4 // indirect
 	github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
@@ -168,7 +182,7 @@ require (
 	github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect
 	github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect
 	github.com/lestrrat-go/backoff/v2 v2.0.8 // indirect
-	github.com/lestrrat-go/blackmagic v1.0.2 // indirect
+	github.com/lestrrat-go/blackmagic v1.0.4 // indirect
 	github.com/lestrrat-go/httpcc v1.0.1 // indirect
 	github.com/lestrrat-go/iter v1.0.2 // indirect
 	github.com/lestrrat-go/option v1.0.1 // indirect
@@ -178,7 +192,6 @@ require (
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-ieproxy v0.0.1 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
-	github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect
 	github.com/mileusna/viber v1.0.1 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
@@ -187,14 +200,16 @@ require (
 	github.com/pingcap/errors v0.11.5-0.20210425183316-da1aaba5fb63 // indirect
 	github.com/pingcap/log v0.0.0-20210625125904-98ed8e2eb1c7 // indirect
 	github.com/pingcap/tidb/parser v0.0.0-20221126021158-6b02a5d8ba7d // indirect
-	github.com/pjbgf/sha1cd v0.3.0 // indirect
+	github.com/pjbgf/sha1cd v0.3.2 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
+	github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
-	github.com/prometheus/common v0.30.0 // indirect
-	github.com/prometheus/procfs v0.7.3 // indirect
+	github.com/prometheus/common v0.48.0 // indirect
+	github.com/prometheus/procfs v0.12.0 // indirect
 	github.com/qiniu/go-sdk/v7 v7.12.1 // indirect
+	github.com/redis/go-redis/v9 v9.5.5 // indirect
 	github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0 // indirect
-	github.com/rs/zerolog v1.30.0 // indirect
+	github.com/rs/zerolog v1.33.0 // indirect
 	github.com/scim2/filter-parser/v2 v2.2.0 // indirect
 	github.com/sendgrid/rest v2.6.9+incompatible // indirect
 	github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect
@@ -202,15 +217,15 @@ require (
 	github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24 // indirect
 	github.com/siddontang/go v0.0.0-20180604090527-bdc77568d726 // indirect
 	github.com/sirupsen/logrus v1.9.3 // indirect
-	github.com/skeema/knownhosts v1.3.0 // indirect
-	github.com/slack-go/slack v0.12.3 // indirect
+	github.com/skeema/knownhosts v1.3.1 // indirect
+	github.com/slack-go/slack v0.15.0 // indirect
 	github.com/spyzhov/ajson v0.8.0 // indirect
 	github.com/stretchr/objx v0.5.2 // indirect
 	github.com/syndtr/goleveldb v1.0.0 // indirect
 	github.com/technoweenie/multipartstreamer v1.0.1 // indirect
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.744 // indirect
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/sms v1.0.744 // indirect
-	github.com/tidwall/gjson v1.16.0 // indirect
+	github.com/tidwall/gjson v1.18.0 // indirect
 	github.com/tidwall/match v1.1.1 // indirect
 	github.com/tidwall/pretty v1.2.1 // indirect
 	github.com/tidwall/sjson v1.2.5 // indirect
@@ -224,39 +239,44 @@ require (
 	github.com/x448/float16 v0.8.4 // indirect
 	github.com/xanzy/ssh-agent v0.3.3 // indirect
 	github.com/yusufpapurcu/wmi v1.2.2 // indirect
-	go.mau.fi/util v0.0.0-20230805171708-199bf3eec776 // indirect
+	go.mau.fi/util v0.8.3 // indirect
 	go.opencensus.io v0.24.0 // indirect
+	go.opentelemetry.io/contrib/detectors/gcp v1.32.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.57.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.57.0 // indirect
+	go.opentelemetry.io/otel v1.32.0 // indirect
+	go.opentelemetry.io/otel/metric v1.32.0 // indirect
+	go.opentelemetry.io/otel/sdk v1.32.0 // indirect
+	go.opentelemetry.io/otel/sdk/metric v1.32.0 // indirect
+	go.opentelemetry.io/otel/trace v1.32.0 // indirect
 	go.uber.org/atomic v1.9.0 // indirect
 	go.uber.org/multierr v1.7.0 // indirect
 	go.uber.org/zap v1.19.1 // indirect
-	golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect
-	golang.org/x/image v0.0.0-20190802002840-cff245a6509b // indirect
+	golang.org/x/exp v0.0.0-20241215155358-4a5509556b9e // indirect
+	golang.org/x/image v0.0.0-20220302094943-723b81ca9867 // indirect
 	golang.org/x/mod v0.25.0 // indirect
-	golang.org/x/sync v0.15.0 // indirect
-	golang.org/x/sys v0.33.0 // indirect
-	golang.org/x/time v0.3.0 // indirect
-	golang.org/x/tools v0.33.0 // indirect
-	golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
-	google.golang.org/appengine v1.6.8 // indirect
-	google.golang.org/genproto v0.0.0-20231016165738-49dd2c1f3d0b // indirect
-	google.golang.org/genproto/googleapis/api v0.0.0-20231016165738-49dd2c1f3d0b // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20231030173426-d783a09b4405 // indirect
-	google.golang.org/grpc v1.59.0 // indirect
-	google.golang.org/protobuf v1.33.0 // indirect
+	golang.org/x/sync v0.16.0 // indirect
+	golang.org/x/sys v0.34.0 // indirect
+	golang.org/x/time v0.8.0 // indirect
+	golang.org/x/tools v0.34.0 // indirect
+	google.golang.org/genproto v0.0.0-20241118233622-e639e219e697 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20241209162323-e6fa225c2576 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20241223144023-3abc09e42ca8 // indirect
+	google.golang.org/grpc v1.68.0 // indirect
+	google.golang.org/grpc/stats/opentelemetry v0.0.0-20241028142157-ada6787961b3 // indirect
+	google.golang.org/protobuf v1.36.1 // indirect
 	gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
-	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	lukechampine.com/uint128 v1.1.1 // indirect
-	maunium.net/go/maulogger/v2 v2.4.1 // indirect
+	lukechampine.com/uint128 v1.2.0 // indirect
 	modernc.org/cc/v3 v3.37.0 // indirect
 	modernc.org/ccgo/v3 v3.16.9 // indirect
 	modernc.org/libc v1.18.0 // indirect
 	modernc.org/mathutil v1.5.0 // indirect
 	modernc.org/memory v1.3.0 // indirect
-	modernc.org/opt v0.1.1 // indirect
+	modernc.org/opt v0.1.3 // indirect
 	modernc.org/strutil v1.1.3 // indirect
 	modernc.org/token v1.0.1 // indirect
 )

i18n/generate.go

@@ -141,10 +141,26 @@ func parseAllWords(category string) *I18nData {
 	return &data
 }
 
+// copyI18nData creates a deep copy of an I18nData structure to prevent shared reference issues
+// between language translations. This ensures each language starts with fresh English defaults
+// rather than inheriting values from previously processed languages.
+func copyI18nData(src *I18nData) *I18nData {
+	dst := I18nData{}
+	for namespace, pairs := range *src {
+		dst[namespace] = make(map[string]string)
+		for key, value := range pairs {
+			dst[namespace][key] = value
+		}
+	}
+	return &dst
+}
+
 func applyToOtherLanguage(category string, language string, newData *I18nData) {
 	oldData := readI18nFile(category, language)
 	println(oldData)
 
-	applyData(newData, oldData)
-	writeI18nFile(category, language, newData)
+	// Create a copy of newData to avoid modifying the shared data across languages
+	dataCopy := copyI18nData(newData)
+	applyData(dataCopy, oldData)
+	writeI18nFile(category, language, dataCopy)
 }

idp/custom.go

@@ -90,6 +90,7 @@ type CustomUserInfo struct {
 	DisplayName string `mapstructure:"displayName"`
 	Email       string `mapstructure:"email"`
 	AvatarUrl   string `mapstructure:"avatarUrl"`
+	Phone       string `mapstructure:"phone"`
 }
 
 func (idp *CustomIdProvider) GetUserInfo(token *oauth2.Token) (*UserInfo, error) {
@@ -153,6 +154,7 @@ func (idp *CustomIdProvider) GetUserInfo(token *oauth2.Token) (*UserInfo, error)
 		Username:    customUserinfo.Username,
 		DisplayName: customUserinfo.DisplayName,
 		Email:       customUserinfo.Email,
+		Phone:       customUserinfo.Phone,
 		AvatarUrl:   customUserinfo.AvatarUrl,
 	}
 	return userInfo, nil

ldap/util.go

@@ -281,7 +281,7 @@ func GetFilteredUsers(m *ldap.Message) (filteredUsers []*object.User, code int)
 			}
 			return filteredUsers, ldap.LDAPResultSuccess
 		}
-		if m.Client.IsGlobalAdmin || org == m.Client.OrgName {
+		if m.Client.IsGlobalAdmin || (m.Client.IsOrgAdmin && org == m.Client.OrgName) {
 			filteredUsers, err = object.GetUsersWithFilter(org, buildSafeCondition(r.Filter()))
 			if err != nil {
 				panic(err)
@@ -349,7 +349,7 @@ func GetFilteredGroups(m *ldap.Message, baseDN string, filterStr string) ([]*obj
 			if err != nil {
 				panic(err)
 			}
-		} else if m.Client.IsGlobalAdmin || org == m.Client.OrgName {
+		} else if m.Client.IsGlobalAdmin || (m.Client.IsOrgAdmin && org == m.Client.OrgName) {
 			groups, err = object.GetGroups(org)
 			if err != nil {
 				panic(err)

main.go

@@ -18,9 +18,9 @@ import (
 	"encoding/json"
 	"fmt"
 
-	"github.com/beego/beego"
-	"github.com/beego/beego/logs"
-	_ "github.com/beego/beego/session/redis"
+	"github.com/beego/beego/v2/core/logs"
+	"github.com/beego/beego/v2/server/web"
+	_ "github.com/beego/beego/v2/server/web/session/redis"
 	"github.com/casdoor/casdoor/authz"
 	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/controllers"
@@ -33,6 +33,20 @@ import (
 )
 
 func main() {
+	web.BConfig.WebConfig.Session.SessionOn = true
+	web.BConfig.WebConfig.Session.SessionName = "casdoor_session_id"
+	if conf.GetConfigString("redisEndpoint") == "" {
+		web.BConfig.WebConfig.Session.SessionProvider = "file"
+		web.BConfig.WebConfig.Session.SessionProviderConfig = "./tmp"
+	} else {
+		web.BConfig.WebConfig.Session.SessionProvider = "redis"
+		web.BConfig.WebConfig.Session.SessionProviderConfig = conf.GetConfigString("redisEndpoint")
+	}
+	web.BConfig.WebConfig.Session.SessionCookieLifeTime = 3600 * 24 * 30
+	web.BConfig.WebConfig.Session.SessionGCMaxLifetime = 3600 * 24 * 30
+	// web.BConfig.WebConfig.Session.SessionCookieSameSite = http.SameSiteNoneMode
+
+	routers.InitAPI()
 	object.InitFlag()
 	object.InitAdapter()
 	object.CreateTables()
@@ -62,35 +76,22 @@ func main() {
 	util.SafeGoroutine(func() { object.RunSyncUsersJob() })
 	util.SafeGoroutine(func() { controllers.InitCLIDownloader() })
 
-	// beego.DelStaticPath("/static")
-	// beego.SetStaticPath("/static", "web/build/static")
+	// web.DelStaticPath("/static")
+	// web.SetStaticPath("/static", "web/build/static")
 
-	beego.BConfig.WebConfig.DirectoryIndex = true
-	beego.SetStaticPath("/swagger", "swagger")
-	beego.SetStaticPath("/files", "files")
+	web.BConfig.WebConfig.DirectoryIndex = true
+	web.SetStaticPath("/swagger", "swagger")
+	web.SetStaticPath("/files", "files")
 	// https://studygolang.com/articles/2303
-	beego.InsertFilter("*", beego.BeforeRouter, routers.StaticFilter)
-	beego.InsertFilter("*", beego.BeforeRouter, routers.AutoSigninFilter)
-	beego.InsertFilter("*", beego.BeforeRouter, routers.CorsFilter)
-	beego.InsertFilter("*", beego.BeforeRouter, routers.TimeoutFilter)
-	beego.InsertFilter("*", beego.BeforeRouter, routers.ApiFilter)
-	beego.InsertFilter("*", beego.BeforeRouter, routers.PrometheusFilter)
-	beego.InsertFilter("*", beego.BeforeRouter, routers.RecordMessage)
-	beego.InsertFilter("*", beego.BeforeRouter, routers.FieldValidationFilter)
-	beego.InsertFilter("*", beego.AfterExec, routers.AfterRecordMessage, false)
-
-	beego.BConfig.WebConfig.Session.SessionOn = true
-	beego.BConfig.WebConfig.Session.SessionName = "casdoor_session_id"
-	if conf.GetConfigString("redisEndpoint") == "" {
-		beego.BConfig.WebConfig.Session.SessionProvider = "file"
-		beego.BConfig.WebConfig.Session.SessionProviderConfig = "./tmp"
-	} else {
-		beego.BConfig.WebConfig.Session.SessionProvider = "redis"
-		beego.BConfig.WebConfig.Session.SessionProviderConfig = conf.GetConfigString("redisEndpoint")
-	}
-	beego.BConfig.WebConfig.Session.SessionCookieLifeTime = 3600 * 24 * 30
-	beego.BConfig.WebConfig.Session.SessionGCMaxLifetime = 3600 * 24 * 30
-	// beego.BConfig.WebConfig.Session.SessionCookieSameSite = http.SameSiteNoneMode
+	web.InsertFilter("*", web.BeforeRouter, routers.StaticFilter)
+	web.InsertFilter("*", web.BeforeRouter, routers.AutoSigninFilter)
+	web.InsertFilter("*", web.BeforeRouter, routers.CorsFilter)
+	web.InsertFilter("*", web.BeforeRouter, routers.TimeoutFilter)
+	web.InsertFilter("*", web.BeforeRouter, routers.ApiFilter)
+	web.InsertFilter("*", web.BeforeRouter, routers.PrometheusFilter)
+	web.InsertFilter("*", web.BeforeRouter, routers.RecordMessage)
+	web.InsertFilter("*", web.BeforeRouter, routers.FieldValidationFilter)
+	web.InsertFilter("*", web.AfterExec, routers.AfterRecordMessage, web.WithReturnOnOutput(false))
 
 	var logAdapter string
 	logConfigMap := make(map[string]interface{})
@@ -112,7 +113,7 @@ func main() {
 		panic(err)
 	}
 
-	port := beego.AppConfig.DefaultInt("httpport", 8000)
+	port := web.AppConfig.DefaultInt("httpport", 8000)
 	// logs.SetLevel(logs.LevelInformational)
 	logs.SetLogFuncCall(false)
 
@@ -125,5 +126,5 @@ func main() {
 	go radius.StartRadiusServer()
 	go object.ClearThroughputPerSecond()
 
-	beego.Run(fmt.Sprintf(":%v", port))
+	web.Run(fmt.Sprintf(":%v", port))
 }

notification/bark.go

@@ -15,8 +15,8 @@
 package notification
 
 import (
-	"github.com/casdoor/notify"
-	"github.com/casdoor/notify/service/bark"
+	"github.com/casdoor/notify2"
+	"github.com/casdoor/notify2/service/bark"
 )
 
 func NewBarkProvider(deviceKey string) (notify.Notifier, error) {

notification/cucloud.go

@@ -15,8 +15,8 @@
 package notification
 
 import (
-	"github.com/casdoor/notify"
-	"github.com/casdoor/notify/service/cucloud"
+	notify "github.com/casdoor/notify2"
+	"github.com/casdoor/notify2/service/cucloud"
 )
 
 func NewCucloudProvider(accessKey, secretKey, topicName, messageTitle, cloudRegionCode, accountId, notifyType string) (notify.Notifier, error) {

notification/dingtalk.go

@@ -15,8 +15,8 @@
 package notification
 
 import (
-	"github.com/casdoor/notify"
-	"github.com/casdoor/notify/service/dingding"
+	notify "github.com/casdoor/notify2"
+	"github.com/casdoor/notify2/service/dingding"
 )
 
 func NewDingTalkProvider(token string, secret string) (notify.Notifier, error) {

notification/discord.go

@@ -16,8 +16,8 @@ package notification
 
 import (
 	"github.com/casdoor/casdoor/proxy"
-	"github.com/casdoor/notify"
-	"github.com/casdoor/notify/service/discord"
+	notify "github.com/casdoor/notify2"
+	"github.com/casdoor/notify2/service/discord"
 )
 
 func NewDiscordProvider(token string, channelId string) (*notify.Notify, error) {

notification/google_chat.go

@@ -18,8 +18,8 @@ import (
 	"context"
 	"strings"
 
-	"github.com/casdoor/notify"
-	"github.com/casdoor/notify/service/googlechat"
+	notify "github.com/casdoor/notify2"
+	"github.com/casdoor/notify2/service/googlechat"
 	"google.golang.org/api/chat/v1"
 	"google.golang.org/api/option"
 )

notification/lark.go

@@ -15,8 +15,8 @@
 package notification
 
 import (
-	"github.com/casdoor/notify"
-	"github.com/casdoor/notify/service/lark"
+	notify "github.com/casdoor/notify2"
+	"github.com/casdoor/notify2/service/lark"
 )
 
 func NewLarkProvider(webhookURL string) (notify.Notifier, error) {

notification/line.go

@@ -16,8 +16,8 @@ package notification
 
 import (
 	"github.com/casdoor/casdoor/proxy"
-	"github.com/casdoor/notify"
-	"github.com/casdoor/notify/service/line"
+	notify "github.com/casdoor/notify2"
+	"github.com/casdoor/notify2/service/line"
 )
 
 func NewLineProvider(channelSecret string, accessToken string, receiver string) (*notify.Notify, error) {

notification/matrix.go

@@ -16,8 +16,8 @@ package notification
 
 import (
 	"github.com/casdoor/casdoor/proxy"
-	"github.com/casdoor/notify"
-	"github.com/casdoor/notify/service/matrix"
+	notify "github.com/casdoor/notify2"
+	"github.com/casdoor/notify2/service/matrix"
 	"maunium.net/go/mautrix/id"
 )
 

notification/microsoft_teams.go

@@ -15,8 +15,8 @@
 package notification
 
 import (
-	"github.com/casdoor/notify"
-	"github.com/casdoor/notify/service/msteams"
+	notify "github.com/casdoor/notify2"
+	"github.com/casdoor/notify2/service/msteams"
 )
 
 func NewMicrosoftTeamsProvider(webhookURL string) (notify.Notifier, error) {

notification/provider.go

@@ -14,7 +14,7 @@
 
 package notification
 
-import "github.com/casdoor/notify"
+import notify "github.com/casdoor/notify2"
 
 func GetNotificationProvider(typ string, clientId string, clientSecret string, clientId2 string, clientSecret2 string, appId string, receiver string, method string, title string, metaData string, regionId string) (notify.Notifier, error) {
 	if typ == "Telegram" {

notification/pushbullet.go

@@ -15,8 +15,8 @@
 package notification
 
 import (
-	"github.com/casdoor/notify"
-	"github.com/casdoor/notify/service/pushbullet"
+	notify "github.com/casdoor/notify2"
+	"github.com/casdoor/notify2/service/pushbullet"
 )
 
 func NewPushbulletProvider(apiToken string, deviceNickname string) (notify.Notifier, error) {

notification/pushover.go

@@ -15,8 +15,8 @@
 package notification
 
 import (
-	"github.com/casdoor/notify"
-	"github.com/casdoor/notify/service/pushover"
+	notify "github.com/casdoor/notify2"
+	"github.com/casdoor/notify2/service/pushover"
 )
 
 func NewPushoverProvider(appToken string, recipientID string) (notify.Notifier, error) {

notification/reddit.go

@@ -15,8 +15,8 @@
 package notification
 
 import (
-	"github.com/casdoor/notify"
-	"github.com/casdoor/notify/service/reddit"
+	notify "github.com/casdoor/notify2"
+	"github.com/casdoor/notify2/service/reddit"
 )
 
 func NewRedditProvider(clientId string, clientSecret string, username string, password string, recipient string) (notify.Notifier, error) {

notification/rocket_chat.go

@@ -18,8 +18,8 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/casdoor/notify"
-	"github.com/casdoor/notify/service/rocketchat"
+	notify "github.com/casdoor/notify2"
+	"github.com/casdoor/notify2/service/rocketchat"
 )
 
 func NewRocketChatProvider(clientId string, clientSecret string, endpoint string, channelName string) (notify.Notifier, error) {

notification/slack.go

@@ -15,8 +15,8 @@
 package notification
 
 import (
-	"github.com/casdoor/notify"
-	"github.com/casdoor/notify/service/slack"
+	notify "github.com/casdoor/notify2"
+	"github.com/casdoor/notify2/service/slack"
 )
 
 func NewSlackProvider(apiToken string, channelID string) (*notify.Notify, error) {

notification/telegram.go

@@ -18,8 +18,8 @@ import (
 	"strconv"
 
 	"github.com/casdoor/casdoor/proxy"
-	"github.com/casdoor/notify"
-	"github.com/casdoor/notify/service/telegram"
+	notify "github.com/casdoor/notify2"
+	"github.com/casdoor/notify2/service/telegram"
 	api "github.com/go-telegram-bot-api/telegram-bot-api"
 )
 

notification/twitter.go

@@ -16,8 +16,8 @@ package notification
 
 import (
 	"github.com/casdoor/casdoor/proxy"
-	"github.com/casdoor/notify"
-	"github.com/casdoor/notify/service/twitter"
+	notify "github.com/casdoor/notify2"
+	"github.com/casdoor/notify2/service/twitter"
 )
 
 func NewTwitterProvider(consumerKey string, consumerSecret string, accessToken string, accessTokenSecret string, twitterId string) (*notify.Notify, error) {

notification/viber.go

@@ -15,8 +15,8 @@
 package notification
 
 import (
-	"github.com/casdoor/notify"
-	"github.com/casdoor/notify/service/viber"
+	notify "github.com/casdoor/notify2"
+	"github.com/casdoor/notify2/service/viber"
 )
 
 func NewViberProvider(senderName string, appKey string, webhookURL string, receiverId string) (notify.Notifier, error) {

notification/webpush.go

@@ -15,8 +15,8 @@
 package notification
 
 import (
-	"github.com/casdoor/notify"
-	"github.com/casdoor/notify/service/webpush"
+	notify "github.com/casdoor/notify2"
+	"github.com/casdoor/notify2/service/webpush"
 )
 
 func NewWebpushProvider(publicKey string, privateKey string, endpoint string) (*notify.Notify, error) {

notification/wecom.go

@@ -22,7 +22,7 @@ import (
 	"net/http"
 	"time"
 
-	"github.com/casdoor/notify"
+	notify "github.com/casdoor/notify2"
 )
 
 // wecomService encapsulates the WeCom webhook client

object/application.go

@@ -121,6 +121,7 @@ type Application struct {
 	TokenAttributes         []*JwtItem `xorm:"mediumtext" json:"tokenAttributes"`
 	ExpireInHours           float64    `json:"expireInHours"`
 	RefreshExpireInHours    float64    `json:"refreshExpireInHours"`
+	CookieExpireInHours     int64      `json:"cookieExpireInHours"`
 	SignupUrl               string     `xorm:"varchar(200)" json:"signupUrl"`
 	SigninUrl               string     `xorm:"varchar(200)" json:"signinUrl"`
 	ForgetUrl               string     `xorm:"varchar(200)" json:"forgetUrl"`
@@ -771,6 +772,9 @@ func (application *Application) IsRedirectUriValid(redirectUri string) bool {
 	}
 
 	for _, targetUri := range application.RedirectUris {
+		if targetUri == "" {
+			continue
+		}
 		targetUriRegex := regexp.MustCompile(targetUri)
 		if targetUriRegex.MatchString(redirectUri) || strings.Contains(redirectUri, targetUri) {
 			return true

object/check.go

@@ -292,7 +292,20 @@ func CheckPasswordComplexity(user *User, password string, lang string) string {
 	return CheckPasswordComplexityByOrg(organization, password, lang)
 }
 
-func CheckLdapUserPassword(user *User, password string, lang string) error {
+func CheckLdapUserPassword(user *User, password string, lang string, options ...bool) error {
+	enableCaptcha := false
+	if len(options) > 0 {
+		enableCaptcha = options[0]
+	}
+
+	// check the login error times
+	if !enableCaptcha {
+		err := checkSigninErrorTimes(user, lang)
+		if err != nil {
+			return err
+		}
+	}
+
 	ldaps, err := GetLdaps(user.Owner)
 	if err != nil {
 		return err
@@ -340,7 +353,7 @@ func CheckLdapUserPassword(user *User, password string, lang string) error {
 		if !hit {
 			return fmt.Errorf("user not exist")
 		}
-		return fmt.Errorf(i18n.Translate(lang, "check:LDAP user name or password incorrect"))
+		return recordSigninErrorInfo(user, lang, enableCaptcha)
 	}
 	return resetUserSigninErrorTimes(user)
 }
@@ -383,22 +396,14 @@ func CheckUserPassword(organization string, username string, password string, la
 			return nil, fmt.Errorf(i18n.Translate(lang, "check:password or code is incorrect"))
 		}
 
-		// check the login error times
-		if !enableCaptcha {
-			err = checkSigninErrorTimes(user, lang)
-			if err != nil {
-				return nil, err
-			}
-		}
-
 		// only for LDAP users
-		err = CheckLdapUserPassword(user, password, lang)
+		err = CheckLdapUserPassword(user, password, lang, enableCaptcha)
 		if err != nil {
 			if err.Error() == "user not exist" {
 				return nil, fmt.Errorf(i18n.Translate(lang, "check:The user: %s doesn't exist in LDAP server"), username)
 			}
 
-			return nil, recordSigninErrorInfo(user, lang, enableCaptcha)
+			return nil, err
 		}
 	} else {
 		err = CheckPassword(user, password, lang, enableCaptcha)

object/init.go

@@ -214,6 +214,8 @@ func initBuiltInApplication() {
 		TokenFields:   []string{},
 		ExpireInHours: 168,
 		FormOffset:    2,
+
+		CookieExpireInHours: 720,
 	}
 	_, err = AddApplication(application)
 	if err != nil {

object/ldap_autosync.go

@@ -5,7 +5,7 @@ import (
 	"sync"
 	"time"
 
-	"github.com/beego/beego/logs"
+	"github.com/beego/beego/v2/core/logs"
 	"github.com/casdoor/casdoor/util"
 )
 

object/notification.go

@@ -18,9 +18,12 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"strings"
+	"time"
 
 	"github.com/casdoor/casdoor/notification"
-	"github.com/casdoor/notify"
+	"github.com/casdoor/casdoor/util"
+	notify "github.com/casdoor/notify2"
 )
 
 func getNotificationClient(provider *Provider) (notify.Notifier, error) {
@@ -43,9 +46,55 @@ func SendNotification(provider *Provider, content string) error {
 	return err
 }
 
+// SsoLogoutNotification represents the structure of a session-level SSO logout notification
+// This includes session information and a signature for authentication
+type SsoLogoutNotification struct {
+	// User information
+	Owner       string `json:"owner"`
+	Name        string `json:"name"`
+	DisplayName string `json:"displayName"`
+	Email       string `json:"email"`
+	Phone       string `json:"phone"`
+	Id          string `json:"id"`
+
+	// Event type
+	Event string `json:"event"`
+
+	// Session-level information for targeted logout
+	SessionIds        []string `json:"sessionIds"`        // List of session IDs being logged out
+	AccessTokenHashes []string `json:"accessTokenHashes"` // Hashes of access tokens being expired
+
+	// Authentication fields to prevent malicious logout requests
+	Nonce     string `json:"nonce"`     // Random nonce for replay protection
+	Timestamp int64  `json:"timestamp"` // Unix timestamp of the notification
+	Signature string `json:"signature"` // HMAC-SHA256 signature for verification
+}
+
+// GetTokensByUser retrieves all tokens for a specific user
+func GetTokensByUser(owner, username string) ([]*Token, error) {
+	tokens := []*Token{}
+	err := ormer.Engine.Where("organization = ? and user = ?", owner, username).Find(&tokens)
+	if err != nil {
+		return nil, err
+	}
+	return tokens, nil
+}
+
+// generateLogoutSignature generates an HMAC-SHA256 signature for the logout notification
+// The signature is computed over the critical fields to prevent tampering
+func generateLogoutSignature(clientSecret string, owner string, name string, nonce string, timestamp int64, sessionIds []string, accessTokenHashes []string) string {
+	// Create a deterministic string from all fields that need to be verified
+	// Use strings.Join to avoid trailing separators and improve performance
+	sessionIdsStr := strings.Join(sessionIds, ",")
+	tokenHashesStr := strings.Join(accessTokenHashes, ",")
+
+	data := fmt.Sprintf("%s|%s|%s|%d|%s|%s", owner, name, nonce, timestamp, sessionIdsStr, tokenHashesStr)
+	return util.GetHmacSha256(clientSecret, data)
+}
+
 // SendSsoLogoutNotifications sends logout notifications to all notification providers
 // configured in the user's signup application
-func SendSsoLogoutNotifications(user *User) error {
+func SendSsoLogoutNotifications(user *User, sessionIds []string, tokens []*Token) error {
 	if user == nil {
 		return nil
 	}
@@ -56,7 +105,7 @@ func SendSsoLogoutNotifications(user *User) error {
 	}
 
 	// Get the user's signup application
-	application, err := GetApplication(user.SignupApplication)
+	application, err := GetApplicationByUser(user)
 	if err != nil {
 		return fmt.Errorf("failed to get signup application: %w", err)
 	}
@@ -65,22 +114,50 @@ func SendSsoLogoutNotifications(user *User) error {
 		return fmt.Errorf("signup application not found: %s", user.SignupApplication)
 	}
 
-	// Prepare sanitized user data for notification
-	// Only include safe, non-sensitive fields
-	sanitizedData := map[string]interface{}{
-		"owner":       user.Owner,
-		"name":        user.Name,
-		"displayName": user.DisplayName,
-		"email":       user.Email,
-		"phone":       user.Phone,
-		"id":          user.Id,
-		"event":       "sso-logout",
+	// Extract access token hashes from tokens
+	accessTokenHashes := make([]string, 0, len(tokens))
+	for _, token := range tokens {
+		if token.AccessTokenHash != "" {
+			accessTokenHashes = append(accessTokenHashes, token.AccessTokenHash)
+		}
 	}
-	userData, err := json.Marshal(sanitizedData)
+
+	// Generate nonce and timestamp for replay protection
+	nonce := util.GenerateId()
+	timestamp := time.Now().Unix()
+
+	// Generate signature using the application's client secret
+	signature := generateLogoutSignature(
+		application.ClientSecret,
+		user.Owner,
+		user.Name,
+		nonce,
+		timestamp,
+		sessionIds,
+		accessTokenHashes,
+	)
+
+	// Prepare the notification data
+	notificationObj := SsoLogoutNotification{
+		Owner:             user.Owner,
+		Name:              user.Name,
+		DisplayName:       user.DisplayName,
+		Email:             user.Email,
+		Phone:             user.Phone,
+		Id:                user.Id,
+		Event:             "sso-logout",
+		SessionIds:        sessionIds,
+		AccessTokenHashes: accessTokenHashes,
+		Nonce:             nonce,
+		Timestamp:         timestamp,
+		Signature:         signature,
+	}
+
+	notificationData, err := json.Marshal(notificationObj)
 	if err != nil {
 		return fmt.Errorf("failed to marshal user data: %w", err)
 	}
-	content := string(userData)
+	content := string(notificationData)
 
 	// Send notifications to all notification providers in the signup application
 	for _, providerItem := range application.Providers {
@@ -102,3 +179,18 @@ func SendSsoLogoutNotifications(user *User) error {
 
 	return nil
 }
+
+// VerifySsoLogoutSignature verifies the signature of an SSO logout notification
+// This should be called by applications receiving logout notifications
+func VerifySsoLogoutSignature(clientSecret string, notification *SsoLogoutNotification) bool {
+	expectedSignature := generateLogoutSignature(
+		clientSecret,
+		notification.Owner,
+		notification.Name,
+		notification.Nonce,
+		notification.Timestamp,
+		notification.SessionIds,
+		notification.AccessTokenHashes,
+	)
+	return notification.Signature == expectedSignature
+}

object/notification_test.go

@@ -0,0 +1,154 @@
+// Copyright 2024 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package object
+
+import (
+	"testing"
+)
+
+func TestGenerateLogoutSignature(t *testing.T) {
+	// Test that the signature generation is deterministic
+	clientSecret := "test-secret-key"
+	owner := "test-org"
+	name := "test-user"
+	nonce := "test-nonce-123"
+	timestamp := int64(1699900000)
+	sessionIds := []string{"session-1", "session-2"}
+	accessTokenHashes := []string{"hash-1", "hash-2"}
+
+	sig1 := generateLogoutSignature(clientSecret, owner, name, nonce, timestamp, sessionIds, accessTokenHashes)
+	sig2 := generateLogoutSignature(clientSecret, owner, name, nonce, timestamp, sessionIds, accessTokenHashes)
+
+	if sig1 != sig2 {
+		t.Errorf("Signature should be deterministic, got %s and %s", sig1, sig2)
+	}
+
+	// Test that different inputs produce different signatures
+	sig3 := generateLogoutSignature(clientSecret, owner, "different-user", nonce, timestamp, sessionIds, accessTokenHashes)
+	if sig1 == sig3 {
+		t.Error("Different inputs should produce different signatures")
+	}
+
+	// Test with different client secret
+	sig4 := generateLogoutSignature("different-secret", owner, name, nonce, timestamp, sessionIds, accessTokenHashes)
+	if sig1 == sig4 {
+		t.Error("Different client secrets should produce different signatures")
+	}
+}
+
+func TestVerifySsoLogoutSignature(t *testing.T) {
+	clientSecret := "test-secret-key"
+	owner := "test-org"
+	name := "test-user"
+	nonce := "test-nonce-123"
+	timestamp := int64(1699900000)
+	sessionIds := []string{"session-1", "session-2"}
+	accessTokenHashes := []string{"hash-1", "hash-2"}
+
+	// Generate a valid signature
+	signature := generateLogoutSignature(clientSecret, owner, name, nonce, timestamp, sessionIds, accessTokenHashes)
+
+	// Create a notification with the valid signature
+	notification := &SsoLogoutNotification{
+		Owner:             owner,
+		Name:              name,
+		Nonce:             nonce,
+		Timestamp:         timestamp,
+		SessionIds:        sessionIds,
+		AccessTokenHashes: accessTokenHashes,
+		Signature:         signature,
+	}
+
+	// Verify with correct secret
+	if !VerifySsoLogoutSignature(clientSecret, notification) {
+		t.Error("Valid signature should be verified successfully")
+	}
+
+	// Verify with wrong secret
+	if VerifySsoLogoutSignature("wrong-secret", notification) {
+		t.Error("Invalid signature should not be verified")
+	}
+
+	// Verify with tampered data
+	tamperedNotification := &SsoLogoutNotification{
+		Owner:             owner,
+		Name:              "tampered-user", // Changed
+		Nonce:             nonce,
+		Timestamp:         timestamp,
+		SessionIds:        sessionIds,
+		AccessTokenHashes: accessTokenHashes,
+		Signature:         signature, // Same signature
+	}
+	if VerifySsoLogoutSignature(clientSecret, tamperedNotification) {
+		t.Error("Tampered notification should not be verified")
+	}
+}
+
+func TestSsoLogoutNotificationStructure(t *testing.T) {
+	notification := SsoLogoutNotification{
+		Owner:             "test-org",
+		Name:              "test-user",
+		DisplayName:       "Test User",
+		Email:             "test@example.com",
+		Phone:             "+1234567890",
+		Id:                "user-123",
+		Event:             "sso-logout",
+		SessionIds:        []string{"session-1", "session-2"},
+		AccessTokenHashes: []string{"hash-1", "hash-2"},
+		Nonce:             "nonce-123",
+		Timestamp:         1699900000,
+		Signature:         "sig-123",
+	}
+
+	// Verify all fields are set correctly
+	if notification.Owner != "test-org" {
+		t.Errorf("Owner mismatch, got %s", notification.Owner)
+	}
+	if notification.Name != "test-user" {
+		t.Errorf("Name mismatch, got %s", notification.Name)
+	}
+	if notification.Event != "sso-logout" {
+		t.Errorf("Event mismatch, got %s", notification.Event)
+	}
+	if len(notification.SessionIds) != 2 {
+		t.Errorf("SessionIds count mismatch, got %d", len(notification.SessionIds))
+	}
+	if len(notification.AccessTokenHashes) != 2 {
+		t.Errorf("AccessTokenHashes count mismatch, got %d", len(notification.AccessTokenHashes))
+	}
+}
+
+func TestGenerateLogoutSignatureWithEmptyArrays(t *testing.T) {
+	clientSecret := "test-secret-key"
+	owner := "test-org"
+	name := "test-user"
+	nonce := "test-nonce-123"
+	timestamp := int64(1699900000)
+
+	// Test with empty session IDs and token hashes
+	sig1 := generateLogoutSignature(clientSecret, owner, name, nonce, timestamp, []string{}, []string{})
+	sig2 := generateLogoutSignature(clientSecret, owner, name, nonce, timestamp, nil, nil)
+
+	// Empty slice and nil should produce the same signature
+	if sig1 != sig2 {
+		t.Errorf("Empty slice and nil should produce the same signature, got %s and %s", sig1, sig2)
+	}
+
+	// Should be different from non-empty arrays
+	sig3 := generateLogoutSignature(clientSecret, owner, name, nonce, timestamp, []string{"session-1"}, []string{"hash-1"})
+	if sig1 == sig3 {
+		t.Error("Empty arrays should produce different signature from non-empty arrays")
+	}
+}

object/oidc_discovery.go

@@ -23,7 +23,7 @@ import (
 
 	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/util"
-	"gopkg.in/square/go-jose.v2"
+	"github.com/go-jose/go-jose/v4"
 )
 
 type OidcDiscovery struct {
@@ -140,7 +140,7 @@ func GetOidcDiscovery(host string, applicationName string) OidcDiscovery {
 		IntrospectionEndpoint:                  fmt.Sprintf("%s/api/login/oauth/introspect", originBackend),
 		ResponseTypesSupported:                 []string{"code", "token", "id_token", "code token", "code id_token", "token id_token", "code token id_token", "none"},
 		ResponseModesSupported:                 []string{"query", "fragment", "form_post"},
-		GrantTypesSupported:                    []string{"password", "authorization_code"},
+		GrantTypesSupported:                    []string{"authorization_code", "implicit", "password", "client_credentials", "refresh_token", "urn:ietf:params:oauth:grant-type:device_code"},
 		SubjectTypesSupported:                  []string{"public"},
 		IdTokenSigningAlgValuesSupported:       []string{"RS256", "RS512", "ES256", "ES384", "ES512"},
 		ScopesSupported:                        []string{"openid", "email", "profile", "address", "phone", "offline_access"},

object/order_pay.go

@@ -210,7 +210,6 @@ func PayOrder(providerName, host, paymentEnv string, order *Order) (payment *Pay
 		ProductName:        product.Name,
 		ProductDisplayName: product.DisplayName,
 		Detail:             product.Detail,
-		Tag:                product.Tag,
 		Currency:           order.Currency,
 		Price:              order.Price,
 		IsRecharge:         product.IsRecharge,
@@ -227,54 +226,42 @@ func PayOrder(providerName, host, paymentEnv string, order *Order) (payment *Pay
 		Owner:       payment.Owner,
 		Name:        payment.Name,
 		CreatedTime: util.GetCurrentTime(),
-		DisplayName: payment.DisplayName,
-		Application: owner,
+		Application: user.SignupApplication,
 		Domain:      "",
 		Amount:      payment.Price,
 		Currency:    order.Currency,
 		Payment:     payment.Name,
-		State:       pp.PaymentStateCreated,
+		Type:        provider.Category,
+		Subtype:     provider.Type,
+		Provider:    provider.Name,
+		User:        payment.User,
+		Tag:         "User",
+		State:       string(pp.PaymentStateCreated),
 	}
 
+	var rechargeTransaction *Transaction
+
 	if product.IsRecharge {
-		transaction.Category = "Recharge"
-		transaction.Type = ""
-		transaction.Subtype = ""
-		transaction.Provider = ""
-		transaction.Tag = "User"
-		transaction.User = payment.User
-		transaction.State = pp.PaymentStatePaid
-	} else {
-		transaction.Category = ""
-		transaction.Type = provider.Category
-		transaction.Subtype = provider.Type
-		transaction.Provider = provider.Name
-		transaction.Tag = product.Tag
-		transaction.User = payment.User
+		rechargeTransaction = &Transaction{
+			Owner:       payment.Owner,
+			CreatedTime: util.GetCurrentTime(),
+			Application: owner,
+			Amount:      payment.Price,
+			Currency:    order.Currency,
+			Payment:     payment.Name,
+			Category:    "Recharge",
+			Tag:         "User",
+			User:        payment.User,
+			State:       string(pp.PaymentStateCreated),
+		}
 	}
 
-	if provider.Type == "Dummy" {
+	if provider.Type == "Dummy" || provider.Type == "Balance" {
 		payment.State = pp.PaymentStatePaid
-		currency := payment.Currency
-		if currency == "" {
-			currency = "USD"
+		transaction.State = string(pp.PaymentStatePaid)
+		if product.IsRecharge {
+			rechargeTransaction.State = string(pp.PaymentStatePaid)
 		}
-		err = UpdateUserBalance(user.Owner, user.Name, payment.Price, currency, "en")
-		if err != nil {
-			return nil, nil, err
-		}
-	} else if provider.Type == "Balance" {
-		convertedPrice := ConvertCurrency(order.Price, order.Currency, user.BalanceCurrency)
-		if convertedPrice > user.Balance {
-			return nil, nil, fmt.Errorf("insufficient user balance")
-		}
-		transaction.Amount = -transaction.Amount
-		err = UpdateUserBalance(user.Owner, user.Name, -convertedPrice, user.BalanceCurrency, "en")
-		if err != nil {
-			return nil, nil, err
-		}
-		payment.State = pp.PaymentStatePaid
-		transaction.State = pp.PaymentStatePaid
 	}
 
 	affected, err := AddPayment(payment)
@@ -286,14 +273,24 @@ func PayOrder(providerName, host, paymentEnv string, order *Order) (payment *Pay
 		return nil, nil, fmt.Errorf("failed to add payment: %s", util.StructToJson(payment))
 	}
 
-	if product.IsRecharge || provider.Type == "Balance" {
-		affected, _, err = AddTransaction(transaction, "en", false)
+	if provider.Type == "Balance" {
+		affected, err = AddInternalPaymentTransaction(transaction, "en")
 		if err != nil {
 			return nil, nil, err
 		}
 		if !affected {
 			return nil, nil, fmt.Errorf("failed to add transaction: %s", util.StructToJson(transaction))
 		}
+
+		if product.IsRecharge {
+			affected, err := AddInternalPaymentTransaction(rechargeTransaction, "en")
+			if err != nil {
+				return nil, nil, err
+			}
+			if !affected {
+				return nil, nil, fmt.Errorf("failed to add recharge transaction: %s", util.StructToJson(rechargeTransaction))
+			}
+		}
 	}
 
 	order.Payment = payment.Name

object/ormer.go

@@ -25,7 +25,7 @@ import (
 
 	"github.com/casvisor/casvisor-go-sdk/casvisorsdk"
 
-	"github.com/beego/beego"
+	"github.com/beego/beego/v2/server/web"
 	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/util"
 	xormadapter "github.com/casdoor/xorm-adapter/v3"
@@ -73,12 +73,12 @@ func GetExportFilePath() string {
 }
 
 func InitConfig() {
-	err := beego.LoadAppConfig("ini", "../conf/app.conf")
+	err := web.LoadAppConfig("ini", "../conf/app.conf")
 	if err != nil {
 		panic(err)
 	}
 
-	beego.BConfig.WebConfig.Session.SessionOn = true
+	web.BConfig.WebConfig.Session.SessionOn = true
 
 	InitAdapter()
 	CreateTables()
@@ -448,4 +448,9 @@ func (a *Ormer) createTable() {
 	if err != nil {
 		panic(err)
 	}
+
+	err = a.Engine.Sync2(new(Ticket))
+	if err != nil {
+		panic(err)
+	}
 }

object/payment.go

@@ -35,7 +35,6 @@ type Payment struct {
 	ProductName        string  `xorm:"varchar(100)" json:"productName"`
 	ProductDisplayName string  `xorm:"varchar(100)" json:"productDisplayName"`
 	Detail             string  `xorm:"varchar(255)" json:"detail"`
-	Tag                string  `xorm:"varchar(100)" json:"tag"`
 	Currency           string  `xorm:"varchar(100)" json:"currency"`
 	Price              float64 `json:"price"`
 	IsRecharge         bool    `xorm:"bool" json:"isRecharge"`
@@ -239,7 +238,7 @@ func NotifyPayment(body []byte, owner string, paymentName string) (*Payment, err
 		}
 
 		if transaction != nil {
-			transaction.State = payment.State
+			transaction.State = string(payment.State)
 			_, err = UpdateTransaction(transaction.GetId(), transaction, "en")
 			if err != nil {
 				return nil, err

object/provider.go

@@ -19,7 +19,7 @@ import (
 	"regexp"
 	"strings"
 
-	"github.com/beego/beego/context"
+	"github.com/beego/beego/v2/server/web/context"
 	"github.com/casdoor/casdoor/i18n"
 	"github.com/casdoor/casdoor/idp"
 	"github.com/casdoor/casdoor/idv"
@@ -370,6 +370,12 @@ func GetPaymentProvider(p *Provider) (pp.PaymentProvider, error) {
 			return nil, err
 		}
 		return pp, nil
+	} else if typ == "Adyen" {
+		pp, err := pp.NewAdyenPaymentProvider(p.ClientSecret, p.ClientId2)
+		if err != nil {
+			return nil, err
+		}
+		return pp, nil
 	} else {
 		return nil, fmt.Errorf("the payment provider type: %s is not supported", p.Type)
 	}
@@ -414,6 +420,12 @@ func GetCaptchaProviderByApplication(applicationId, isCurrentProvider, lang stri
 			continue
 		}
 		if provider.Provider.Category == "Captcha" {
+			// For CAPTCHA providers, "None" means disabled (don't show CAPTCHA at all)
+			// This is different from SMS/Email providers where "None" is treated as "All"
+			// CAPTCHA Rule options are: "None" (disabled), "Dynamic", "Always", "Internet-Only"
+			if provider.Rule == "None" || provider.Rule == "" {
+				return nil, nil
+			}
 			return GetCaptchaProviderByOwnerName(util.GetId(provider.Provider.Owner, provider.Provider.Name), lang)
 		}
 	}

object/record.go

@@ -20,7 +20,7 @@ import (
 	"regexp"
 	"strings"
 
-	"github.com/beego/beego/context"
+	"github.com/beego/beego/v2/server/web/context"
 	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/util"
 	"github.com/casvisor/casvisor-go-sdk/casvisorsdk"

object/session.go

@@ -15,9 +15,11 @@
 package object
 
 import (
+	"context"
 	"fmt"
+	"slices"
 
-	"github.com/beego/beego"
+	"github.com/beego/beego/v2/server/web"
 	"github.com/casdoor/casdoor/util"
 	"github.com/xorm-io/core"
 )
@@ -165,7 +167,7 @@ func AddSession(session *Session) (bool, error) {
 	}
 }
 
-func DeleteSession(id string) (bool, error) {
+func DeleteSession(id, curSessionId string) (bool, error) {
 	owner, name, application := util.GetOwnerAndNameAndOtherFromId(id)
 	if owner == CasdoorOrganization && application == CasdoorApplication {
 		session, err := GetSingleSession(id)
@@ -173,9 +175,15 @@ func DeleteSession(id string) (bool, error) {
 			return false, err
 		}
 
-		if session != nil {
-			DeleteBeegoSession(session.SessionId)
+		if session == nil {
+			return false, fmt.Errorf("session is nil")
 		}
+
+		if slices.Contains(session.SessionId, curSessionId) {
+			return false, fmt.Errorf("session:session id %s is the current session and cannot be deleted", curSessionId)
+		}
+
+		DeleteBeegoSession(session.SessionId)
 	}
 
 	affected, err := ormer.Engine.ID(core.PK{owner, name, application}).Delete(&Session{})
@@ -211,7 +219,7 @@ func DeleteSessionId(id string, sessionId string) (bool, error) {
 
 	session.SessionId = util.DeleteVal(session.SessionId, sessionId)
 	if len(session.SessionId) == 0 {
-		return DeleteSession(id)
+		return DeleteSession(id, "")
 	} else {
 		return UpdateSession(id, session)
 	}
@@ -219,7 +227,7 @@ func DeleteSessionId(id string, sessionId string) (bool, error) {
 
 func DeleteBeegoSession(sessionIds []string) {
 	for _, sessionId := range sessionIds {
-		err := beego.GlobalSessions.GetProvider().SessionDestroy(sessionId)
+		err := web.GlobalSessions.GetProvider().SessionDestroy(context.Background(), sessionId)
 		if err != nil {
 			return
 		}

object/syncer_util.go

@@ -31,6 +31,46 @@ type Credential struct {
 	Salt  string `json:"salt"`
 }
 
+// Helper function to unmarshal JSON string into a target interface
+func unmarshalJSON(value string, target interface{}) error {
+	if value == "" {
+		return nil
+	}
+	return json.Unmarshal([]byte(value), target)
+}
+
+// Helper function to marshal data to JSON string
+func marshalToJSONString(data interface{}) string {
+	if data == nil {
+		return ""
+	}
+
+	v := reflect.ValueOf(data)
+	// Check if the value is valid and can be nil
+	if !v.IsValid() {
+		return ""
+	}
+
+	// Check if it's a nillable type (pointer, slice, map, channel, function, interface) and is nil
+	switch v.Kind() {
+	case reflect.Ptr, reflect.Slice, reflect.Map, reflect.Chan, reflect.Func, reflect.Interface:
+		if v.IsNil() {
+			return ""
+		}
+	}
+
+	// Check if it's a slice and if so, check if it's empty
+	// Return empty string for empty slices to indicate "no data" for syncer purposes
+	if v.Kind() == reflect.Slice && v.Len() == 0 {
+		return ""
+	}
+
+	if jsonData, err := json.Marshal(data); err == nil {
+		return string(jsonData)
+	}
+	return ""
+}
+
 func (syncer *Syncer) getFullAvatarUrl(avatar string) string {
 	if syncer.AvatarBaseUrl == "" {
 		return avatar
@@ -185,6 +225,62 @@ func (syncer *Syncer) setUserByKeyValue(user *User, key string, value string) {
 		user.MfaEmailEnabled = util.ParseBool(value)
 	case "RecoveryCodes":
 		user.RecoveryCodes = strings.Split(value, ",")
+	case "ExternalId":
+		user.ExternalId = value
+	case "PasswordType":
+		user.PasswordType = value
+	case "AvatarType":
+		user.AvatarType = value
+	case "CountryCode":
+		user.CountryCode = value
+	case "RealName":
+		user.RealName = value
+	case "IsVerified":
+		user.IsVerified = util.ParseBool(value)
+	case "MfaRadiusEnabled":
+		user.MfaRadiusEnabled = util.ParseBool(value)
+	case "MfaRadiusUsername":
+		user.MfaRadiusUsername = value
+	case "MfaRadiusProvider":
+		user.MfaRadiusProvider = value
+	case "MfaPushEnabled":
+		user.MfaPushEnabled = util.ParseBool(value)
+	case "MfaPushReceiver":
+		user.MfaPushReceiver = value
+	case "MfaPushProvider":
+		user.MfaPushProvider = value
+	case "Invitation":
+		user.Invitation = value
+	case "InvitationCode":
+		user.InvitationCode = value
+	case "Ldap":
+		user.Ldap = value
+	case "LastSigninTime":
+		user.LastSigninTime = value
+	case "LastSigninIp":
+		user.LastSigninIp = value
+	case "LastChangePasswordTime":
+		user.LastChangePasswordTime = value
+	case "LastSigninWrongTime":
+		user.LastSigninWrongTime = value
+	case "SigninWrongTimes":
+		user.SigninWrongTimes = util.ParseInt(value)
+	case "NeedUpdatePassword":
+		user.NeedUpdatePassword = util.ParseBool(value)
+	case "IpWhitelist":
+		user.IpWhitelist = value
+	case "MfaRememberDeadline":
+		user.MfaRememberDeadline = value
+	case "WebauthnCredentials":
+		_ = unmarshalJSON(value, &user.WebauthnCredentials)
+	case "FaceIds":
+		_ = unmarshalJSON(value, &user.FaceIds)
+	case "ManagedAccounts":
+		_ = unmarshalJSON(value, &user.ManagedAccounts)
+	case "MfaAccounts":
+		_ = unmarshalJSON(value, &user.MfaAccounts)
+	case "MfaItems":
+		_ = unmarshalJSON(value, &user.MfaItems)
 	}
 }
 
@@ -322,6 +418,34 @@ func (syncer *Syncer) getMapFromOriginalUser(user *OriginalUser) map[string]stri
 	m["MfaPhoneEnabled"] = util.BoolToString(user.MfaPhoneEnabled)
 	m["MfaEmailEnabled"] = util.BoolToString(user.MfaEmailEnabled)
 	m["RecoveryCodes"] = strings.Join(user.RecoveryCodes, ",")
+	m["ExternalId"] = user.ExternalId
+	m["PasswordType"] = user.PasswordType
+	m["AvatarType"] = user.AvatarType
+	m["CountryCode"] = user.CountryCode
+	m["RealName"] = user.RealName
+	m["IsVerified"] = util.BoolToString(user.IsVerified)
+	m["MfaRadiusEnabled"] = util.BoolToString(user.MfaRadiusEnabled)
+	m["MfaRadiusUsername"] = user.MfaRadiusUsername
+	m["MfaRadiusProvider"] = user.MfaRadiusProvider
+	m["MfaPushEnabled"] = util.BoolToString(user.MfaPushEnabled)
+	m["MfaPushReceiver"] = user.MfaPushReceiver
+	m["MfaPushProvider"] = user.MfaPushProvider
+	m["Invitation"] = user.Invitation
+	m["InvitationCode"] = user.InvitationCode
+	m["Ldap"] = user.Ldap
+	m["LastSigninTime"] = user.LastSigninTime
+	m["LastSigninIp"] = user.LastSigninIp
+	m["LastChangePasswordTime"] = user.LastChangePasswordTime
+	m["LastSigninWrongTime"] = user.LastSigninWrongTime
+	m["SigninWrongTimes"] = strconv.Itoa(user.SigninWrongTimes)
+	m["NeedUpdatePassword"] = util.BoolToString(user.NeedUpdatePassword)
+	m["IpWhitelist"] = user.IpWhitelist
+	m["MfaRememberDeadline"] = user.MfaRememberDeadline
+	m["WebauthnCredentials"] = marshalToJSONString(user.WebauthnCredentials)
+	m["FaceIds"] = marshalToJSONString(user.FaceIds)
+	m["ManagedAccounts"] = marshalToJSONString(user.ManagedAccounts)
+	m["MfaAccounts"] = marshalToJSONString(user.MfaAccounts)
+	m["MfaItems"] = marshalToJSONString(user.MfaItems)
 
 	m2 := map[string]string{}
 	for _, tableColumn := range syncer.TableColumns {

object/ticket.go

@@ -0,0 +1,162 @@
+// Copyright 2024 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package object
+
+import (
+	"fmt"
+
+	"github.com/casdoor/casdoor/util"
+	"github.com/xorm-io/core"
+)
+
+type TicketMessage struct {
+	Author    string `json:"author"`
+	Text      string `json:"text"`
+	Timestamp string `json:"timestamp"`
+	IsAdmin   bool   `json:"isAdmin"`
+}
+
+type Ticket struct {
+	Owner       string           `xorm:"varchar(100) notnull pk" json:"owner"`
+	Name        string           `xorm:"varchar(100) notnull pk" json:"name"`
+	CreatedTime string           `xorm:"varchar(100)" json:"createdTime"`
+	UpdatedTime string           `xorm:"varchar(100)" json:"updatedTime"`
+	DisplayName string           `xorm:"varchar(100)" json:"displayName"`
+	User        string           `xorm:"varchar(100) index" json:"user"`
+	Title       string           `xorm:"varchar(200)" json:"title"`
+	Content     string           `xorm:"mediumtext" json:"content"`
+	State       string           `xorm:"varchar(50)" json:"state"`
+	Messages    []*TicketMessage `xorm:"mediumtext json" json:"messages"`
+}
+
+func GetTicketCount(owner, field, value string) (int64, error) {
+	session := GetSession(owner, -1, -1, field, value, "", "")
+	return session.Count(&Ticket{})
+}
+
+func GetTickets(owner string) ([]*Ticket, error) {
+	tickets := []*Ticket{}
+	err := ormer.Engine.Desc("created_time").Find(&tickets, &Ticket{Owner: owner})
+	if err != nil {
+		return tickets, err
+	}
+
+	return tickets, nil
+}
+
+func GetPaginationTickets(owner string, offset, limit int, field, value, sortField, sortOrder string) ([]*Ticket, error) {
+	tickets := []*Ticket{}
+	session := GetSession(owner, offset, limit, field, value, sortField, sortOrder)
+	err := session.Find(&tickets)
+	if err != nil {
+		return tickets, err
+	}
+
+	return tickets, nil
+}
+
+func GetUserTickets(owner, user string) ([]*Ticket, error) {
+	tickets := []*Ticket{}
+	err := ormer.Engine.Desc("created_time").Find(&tickets, &Ticket{Owner: owner, User: user})
+	if err != nil {
+		return tickets, err
+	}
+
+	return tickets, nil
+}
+
+func getTicket(owner string, name string) (*Ticket, error) {
+	if owner == "" || name == "" {
+		return nil, nil
+	}
+
+	ticket := Ticket{Owner: owner, Name: name}
+	existed, err := ormer.Engine.Get(&ticket)
+	if err != nil {
+		return &ticket, err
+	}
+
+	if existed {
+		return &ticket, nil
+	}
+
+	return nil, nil
+}
+
+func GetTicket(id string) (*Ticket, error) {
+	owner, name, err := util.GetOwnerAndNameFromIdWithError(id)
+	if err != nil {
+		return nil, err
+	}
+	return getTicket(owner, name)
+}
+
+func UpdateTicket(id string, ticket *Ticket) (bool, error) {
+	owner, name, err := util.GetOwnerAndNameFromIdWithError(id)
+	if err != nil {
+		return false, err
+	}
+	if t, err := getTicket(owner, name); err != nil {
+		return false, err
+	} else if t == nil {
+		return false, nil
+	}
+
+	affected, err := ormer.Engine.ID(core.PK{owner, name}).AllCols().Update(ticket)
+	if err != nil {
+		return false, err
+	}
+
+	return affected != 0, nil
+}
+
+func AddTicket(ticket *Ticket) (bool, error) {
+	affected, err := ormer.Engine.Insert(ticket)
+	if err != nil {
+		return false, err
+	}
+
+	return affected != 0, nil
+}
+
+func DeleteTicket(ticket *Ticket) (bool, error) {
+	affected, err := ormer.Engine.ID(core.PK{ticket.Owner, ticket.Name}).Delete(&Ticket{})
+	if err != nil {
+		return false, err
+	}
+
+	return affected != 0, nil
+}
+
+func (ticket *Ticket) GetId() string {
+	return fmt.Sprintf("%s/%s", ticket.Owner, ticket.Name)
+}
+
+func AddTicketMessage(id string, message *TicketMessage) (bool, error) {
+	ticket, err := GetTicket(id)
+	if err != nil {
+		return false, err
+	}
+	if ticket == nil {
+		return false, fmt.Errorf("ticket not found: %s", id)
+	}
+
+	if ticket.Messages == nil {
+		ticket.Messages = []*TicketMessage{}
+	}
+
+	ticket.Messages = append(ticket.Messages, message)
+	return UpdateTicket(id, ticket)
+}

object/transaction.go

@@ -19,7 +19,6 @@ import (
 	"strings"
 
 	"github.com/casdoor/casdoor/i18n"
-	"github.com/casdoor/casdoor/pp"
 	"github.com/casdoor/casdoor/util"
 	"github.com/xorm-io/core"
 )
@@ -44,7 +43,7 @@ type Transaction struct {
 
 	Payment string `xorm:"varchar(100)" json:"payment"`
 
-	State pp.PaymentState `xorm:"varchar(100)" json:"state"`
+	State string `xorm:"varchar(100)" json:"state"`
 }
 
 func GetTransactionCount(owner, field, value string) (int64, error) {
@@ -144,6 +143,7 @@ func UpdateTransaction(id string, transaction *Transaction, lang string) (bool,
 func AddTransaction(transaction *Transaction, lang string, dryRun bool) (bool, string, error) {
 	transactionId := strings.ReplaceAll(util.GenerateId(), "-", "")
 	transaction.Name = transactionId
+	transaction.DisplayName = transactionId
 
 	// In dry run mode, only validate without making changes
 	if dryRun {
@@ -169,6 +169,30 @@ func AddTransaction(transaction *Transaction, lang string, dryRun bool) (bool, s
 	return affected != 0, transactionId, nil
 }
 
+func AddInternalPaymentTransaction(transaction *Transaction, lang string) (bool, error) {
+	transactionId := strings.ReplaceAll(util.GenerateId(), "-", "")
+	transaction.Name = transactionId
+	transaction.DisplayName = transactionId
+
+	// Validate balance impact first
+	if err := validateBalanceForTransaction(transaction, transaction.Amount, lang); err != nil {
+		return false, err
+	}
+
+	affected, err := ormer.Engine.Insert(transaction)
+	if err != nil {
+		return false, err
+	}
+
+	if affected != 0 {
+		if err := updateBalanceForTransaction(transaction, transaction.Amount, lang); err != nil {
+			return false, err
+		}
+	}
+
+	return affected != 0, nil
+}
+
 func DeleteTransaction(transaction *Transaction, lang string) (bool, error) {
 	// Revert balance changes before deleting
 	if err := updateBalanceForTransaction(transaction, -transaction.Amount, lang); err != nil {

object/user.go

@@ -1146,7 +1146,7 @@ func deleteUser(user *User) (bool, error) {
 
 func DeleteUser(user *User) (bool, error) {
 	// Forced offline the user first
-	_, err := DeleteSession(util.GetSessionId(user.Owner, user.Name, CasdoorApplication))
+	_, err := DeleteSession(util.GetSessionId(user.Owner, user.Name, CasdoorApplication), "")
 	if err != nil {
 		return false, err
 	}

pp/adyen.go

@@ -0,0 +1,166 @@
+// Copyright 2025 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package pp
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/adyen/adyen-go-api-library/v11/src/adyen"
+	"github.com/adyen/adyen-go-api-library/v11/src/checkout"
+	"github.com/adyen/adyen-go-api-library/v11/src/common"
+	"github.com/casdoor/casdoor/conf"
+)
+
+type AdyenPaymentProvider struct {
+	Client          *adyen.APIClient
+	MerchantAccount string
+}
+
+func NewAdyenPaymentProvider(apiKey string, merchantAccount string) (*AdyenPaymentProvider, error) {
+	config := common.Config{
+		ApiKey:      apiKey,
+		Environment: common.TestEnv,
+	}
+
+	if conf.GetConfigString("runmode") == "prod" {
+		config.Environment = common.LiveEnv
+	}
+
+	client := adyen.NewClient(&config)
+
+	pp := &AdyenPaymentProvider{
+		Client:          client,
+		MerchantAccount: merchantAccount,
+	}
+	return pp, nil
+}
+
+func (pp *AdyenPaymentProvider) Pay(r *PayReq) (*PayResp, error) {
+	ctx := context.Background()
+
+	// Store product info in metadata for later retrieval
+	description := joinAttachString([]string{r.ProductName, r.ProductDisplayName, r.ProviderName})
+
+	// Convert price to amount in minor units (cents)
+	amountValue := priceFloat64ToInt64(r.Price)
+
+	// Create payment session request
+	sessionReq := checkout.CreateCheckoutSessionRequest{
+		Amount: checkout.Amount{
+			Currency: r.Currency,
+			Value:    amountValue,
+		},
+		MerchantAccount: pp.MerchantAccount,
+		Reference:       r.PaymentName,
+		ReturnUrl:       r.ReturnUrl,
+		Metadata: &map[string]string{
+			"payment_name":        r.PaymentName,
+			"product_description": description,
+		},
+	}
+
+	service := pp.Client.Checkout()
+	req := service.PaymentsApi.SessionsInput()
+	req = req.CreateCheckoutSessionRequest(sessionReq)
+
+	res, httpRes, err := service.PaymentsApi.Sessions(ctx, req)
+	if err != nil {
+		return nil, err
+	}
+	if httpRes.StatusCode != 200 && httpRes.StatusCode != 201 {
+		return nil, fmt.Errorf("adyen session creation failed with status: %d", httpRes.StatusCode)
+	}
+
+	payUrl := ""
+	if res.Url != nil {
+		payUrl = *res.Url
+	}
+
+	payResp := &PayResp{
+		PayUrl:  payUrl,
+		OrderId: res.Id,
+	}
+	return payResp, nil
+}
+
+func (pp *AdyenPaymentProvider) Notify(body []byte, orderId string) (*NotifyResult, error) {
+	ctx := context.Background()
+
+	// Get payment session result using session ID
+	service := pp.Client.Checkout()
+	req := service.PaymentsApi.GetResultOfPaymentSessionInput(orderId)
+
+	res, httpRes, err := service.PaymentsApi.GetResultOfPaymentSession(ctx, req)
+	if err != nil {
+		return nil, err
+	}
+	if httpRes.StatusCode != 200 {
+		return nil, fmt.Errorf("adyen session result request failed with status: %d", httpRes.StatusCode)
+	}
+
+	notifyResult := &NotifyResult{
+		OrderId: orderId,
+	}
+
+	// Map Adyen session status to payment state
+	if res.Status != nil {
+		switch *res.Status {
+		case "completed":
+			notifyResult.PaymentStatus = PaymentStatePaid
+		case "paymentPending", "active":
+			notifyResult.PaymentStatus = PaymentStateCreated
+			return notifyResult, nil
+		case "canceled":
+			notifyResult.PaymentStatus = PaymentStateCanceled
+			notifyResult.NotifyMessage = "Payment cancelled"
+			return notifyResult, nil
+		case "refused":
+			notifyResult.PaymentStatus = PaymentStateError
+			notifyResult.NotifyMessage = "Payment refused"
+			return notifyResult, nil
+		case "expired":
+			notifyResult.PaymentStatus = PaymentStateTimeout
+			notifyResult.NotifyMessage = "Session expired"
+			return notifyResult, nil
+		default:
+			notifyResult.PaymentStatus = PaymentStateError
+			notifyResult.NotifyMessage = fmt.Sprintf("unexpected adyen session status: %s", *res.Status)
+			return notifyResult, nil
+		}
+	}
+
+	// Note: SessionResultResponse doesn't include detailed payment information like
+	// amount, currency, or metadata. This information is stored when the payment is
+	// created and retrieved from the database based on orderId (session ID).
+	// The payment name, product details, price, and currency will be populated
+	// by the calling code from the stored payment record.
+
+	return notifyResult, nil
+}
+
+func (pp *AdyenPaymentProvider) GetInvoice(paymentName string, personName string, personIdCard string, personEmail string, personPhone string, invoiceType string, invoiceTitle string, invoiceTaxId string) (string, error) {
+	// Adyen does not provide a direct API for invoice generation
+	// Invoicing should be handled separately through Adyen's merchant portal or third-party systems
+	return "", nil
+}
+
+func (pp *AdyenPaymentProvider) GetResponseError(err error) string {
+	if err == nil {
+		return "success"
+	}
+	// Return the error message for better debugging
+	return fmt.Sprintf("fail: %s", err.Error())
+}

routers/authz_filter.go

@@ -15,14 +15,18 @@
 package routers
 
 import (
+	stdcontext "context"
 	"encoding/json"
 	"fmt"
 	"net/http"
 	"strings"
+	"time"
 
+	"github.com/beego/beego/v2/core/logs"
+	"github.com/casdoor/casdoor/controllers"
 	"github.com/casdoor/casdoor/object"
 
-	"github.com/beego/beego/context"
+	"github.com/beego/beego/v2/server/web/context"
 	"github.com/casdoor/casdoor/authz"
 	"github.com/casdoor/casdoor/util"
 )
@@ -48,6 +52,33 @@ func getUsername(ctx *context.Context) (username string) {
 	if username == "" {
 		username, _ = getUsernameByKeys(ctx)
 	}
+
+	session := ctx.Input.Session("SessionData")
+	if session == nil {
+		return
+	}
+
+	sessionData := &controllers.SessionData{}
+	err := util.JsonToStruct(session.(string), sessionData)
+	if err != nil {
+		logs.Error("GetSessionData failed, error: %s", err)
+		return ""
+	}
+
+	if sessionData.ExpireTime != 0 &&
+		sessionData.ExpireTime < time.Now().Unix() {
+		err = ctx.Input.CruSession.Set(stdcontext.Background(), "username", "")
+		if err != nil {
+			logs.Error("Failed to clear expired session, error: %s", err)
+			return ""
+		}
+		err = ctx.Input.CruSession.Delete(stdcontext.Background(), "SessionData")
+		if err != nil {
+			logs.Error("Failed to clear expired session, error: %s", err)
+		}
+		return ""
+	}
+
 	return
 }
 

routers/auto_signin_filter.go

@@ -18,7 +18,7 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/beego/beego/context"
+	"github.com/beego/beego/v2/server/web/context"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )

routers/base.go

@@ -15,12 +15,13 @@
 package routers
 
 import (
+	stdcontext "context"
 	"fmt"
 	"net"
 	"net/url"
 	"strings"
 
-	"github.com/beego/beego/context"
+	"github.com/beego/beego/v2/server/web/context"
 	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/i18n"
 	"github.com/casdoor/casdoor/object"
@@ -110,7 +111,7 @@ func getUsernameByKeys(ctx *context.Context) (string, error) {
 }
 
 func getSessionUser(ctx *context.Context) string {
-	user := ctx.Input.CruSession.Get("username")
+	user := ctx.Input.CruSession.Get(stdcontext.Background(), "username")
 	if user == nil {
 		return ""
 	}
@@ -119,34 +120,34 @@ func getSessionUser(ctx *context.Context) string {
 }
 
 func setSessionUser(ctx *context.Context, user string) {
-	err := ctx.Input.CruSession.Set("username", user)
+	err := ctx.Input.CruSession.Set(stdcontext.Background(), "username", user)
 	if err != nil {
 		panic(err)
 	}
 
 	// https://github.com/beego/beego/issues/3445#issuecomment-455411915
-	ctx.Input.CruSession.SessionRelease(ctx.ResponseWriter)
+	ctx.Input.CruSession.SessionRelease(stdcontext.Background(), ctx.ResponseWriter)
 }
 
 func setSessionExpire(ctx *context.Context, ExpireTime int64) {
 	SessionData := struct{ ExpireTime int64 }{ExpireTime: ExpireTime}
-	err := ctx.Input.CruSession.Set("SessionData", util.StructToJson(SessionData))
+	err := ctx.Input.CruSession.Set(stdcontext.Background(), "SessionData", util.StructToJson(SessionData))
 	if err != nil {
 		panic(err)
 	}
-	ctx.Input.CruSession.SessionRelease(ctx.ResponseWriter)
+	ctx.Input.CruSession.SessionRelease(stdcontext.Background(), ctx.ResponseWriter)
 }
 
 func setSessionOidc(ctx *context.Context, scope string, aud string) {
-	err := ctx.Input.CruSession.Set("scope", scope)
+	err := ctx.Input.CruSession.Set(stdcontext.Background(), "scope", scope)
 	if err != nil {
 		panic(err)
 	}
-	err = ctx.Input.CruSession.Set("aud", aud)
+	err = ctx.Input.CruSession.Set(stdcontext.Background(), "aud", aud)
 	if err != nil {
 		panic(err)
 	}
-	ctx.Input.CruSession.SessionRelease(ctx.ResponseWriter)
+	ctx.Input.CruSession.SessionRelease(stdcontext.Background(), ctx.ResponseWriter)
 }
 
 func parseBearerToken(ctx *context.Context) string {

routers/cors_filter.go

@@ -17,7 +17,7 @@ package routers
 import (
 	"net/http"
 
-	"github.com/beego/beego/context"
+	"github.com/beego/beego/v2/server/web/context"
 	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"

routers/field_validation_filter.go

@@ -20,7 +20,7 @@ import (
 	"io"
 	"strings"
 
-	"github.com/beego/beego/context"
+	"github.com/beego/beego/v2/server/web/context"
 )
 
 var forbiddenChars = `/?:#&%=+;`

routers/prometheus_filter.go

@@ -5,7 +5,7 @@ import (
 	"strings"
 	"time"
 
-	"github.com/beego/beego/context"
+	"github.com/beego/beego/v2/server/web/context"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 )

routers/record.go

@@ -17,7 +17,7 @@ package routers
 import (
 	"fmt"
 
-	"github.com/beego/beego/context"
+	"github.com/beego/beego/v2/server/web/context"
 	"github.com/casdoor/casdoor/object"
 	"github.com/casdoor/casdoor/util"
 	"github.com/casvisor/casvisor-go-sdk/casvisorsdk"

routers/router.go

@@ -24,311 +24,314 @@
 package routers
 
 import (
-	"github.com/beego/beego"
+	"github.com/beego/beego/v2/server/web"
 	"github.com/casdoor/casdoor/controllers"
 )
 
-func init() {
-	initAPI()
-}
-
-func initAPI() {
-	ns := beego.NewNamespace("/",
-		beego.NSNamespace("/api",
-			beego.NSInclude(
+func InitAPI() {
+	ns := web.NewNamespace("/",
+		web.NSNamespace("/api",
+			web.NSInclude(
 				&controllers.ApiController{},
 			),
 		),
-		beego.NSNamespace("",
-			beego.NSInclude(
+		web.NSNamespace("",
+			web.NSInclude(
 				&controllers.RootController{},
 			),
 		),
 	)
-	beego.AddNamespace(ns)
+	web.AddNamespace(ns)
 
-	beego.Router("/api/signup", &controllers.ApiController{}, "POST:Signup")
-	beego.Router("/api/login", &controllers.ApiController{}, "POST:Login")
-	beego.Router("/api/get-app-login", &controllers.ApiController{}, "GET:GetApplicationLogin")
-	beego.Router("/api/get-dashboard", &controllers.ApiController{}, "GET:GetDashboard")
-	beego.Router("/api/logout", &controllers.ApiController{}, "GET,POST:Logout")
-	beego.Router("/api/sso-logout", &controllers.ApiController{}, "GET,POST:SsoLogout")
-	beego.Router("/api/get-account", &controllers.ApiController{}, "GET:GetAccount")
-	beego.Router("/api/userinfo", &controllers.ApiController{}, "GET:GetUserinfo")
-	beego.Router("/api/user", &controllers.ApiController{}, "GET:GetUserinfo2")
-	beego.Router("/api/unlink", &controllers.ApiController{}, "POST:Unlink")
-	beego.Router("/api/get-saml-login", &controllers.ApiController{}, "GET:GetSamlLogin")
-	beego.Router("/api/acs", &controllers.ApiController{}, "POST:HandleSamlLogin")
-	beego.Router("/api/saml/metadata", &controllers.ApiController{}, "GET:GetSamlMeta")
-	beego.Router("/api/saml/redirect/:owner/:application", &controllers.ApiController{}, "*:HandleSamlRedirect")
-	beego.Router("/api/webhook", &controllers.ApiController{}, "*:HandleOfficialAccountEvent")
-	beego.Router("/api/get-qrcode", &controllers.ApiController{}, "GET:GetQRCode")
-	beego.Router("/api/get-webhook-event", &controllers.ApiController{}, "GET:GetWebhookEventType")
-	beego.Router("/api/get-captcha-status", &controllers.ApiController{}, "GET:GetCaptchaStatus")
-	beego.Router("/api/callback", &controllers.ApiController{}, "POST:Callback")
-	beego.Router("/api/device-auth", &controllers.ApiController{}, "POST:DeviceAuth")
+	web.Router("/api/signup", &controllers.ApiController{}, "POST:Signup")
+	web.Router("/api/login", &controllers.ApiController{}, "POST:Login")
+	web.Router("/api/get-app-login", &controllers.ApiController{}, "GET:GetApplicationLogin")
+	web.Router("/api/get-dashboard", &controllers.ApiController{}, "GET:GetDashboard")
+	web.Router("/api/logout", &controllers.ApiController{}, "GET,POST:Logout")
+	web.Router("/api/sso-logout", &controllers.ApiController{}, "GET,POST:SsoLogout")
+	web.Router("/api/get-account", &controllers.ApiController{}, "GET:GetAccount")
+	web.Router("/api/userinfo", &controllers.ApiController{}, "GET:GetUserinfo")
+	web.Router("/api/user", &controllers.ApiController{}, "GET:GetUserinfo2")
+	web.Router("/api/unlink", &controllers.ApiController{}, "POST:Unlink")
+	web.Router("/api/get-saml-login", &controllers.ApiController{}, "GET:GetSamlLogin")
+	web.Router("/api/acs", &controllers.ApiController{}, "POST:HandleSamlLogin")
+	web.Router("/api/saml/metadata", &controllers.ApiController{}, "GET:GetSamlMeta")
+	web.Router("/api/saml/redirect/:owner/:application", &controllers.ApiController{}, "*:HandleSamlRedirect")
+	web.Router("/api/webhook", &controllers.ApiController{}, "*:HandleOfficialAccountEvent")
+	web.Router("/api/get-qrcode", &controllers.ApiController{}, "GET:GetQRCode")
+	web.Router("/api/get-webhook-event", &controllers.ApiController{}, "GET:GetWebhookEventType")
+	web.Router("/api/get-captcha-status", &controllers.ApiController{}, "GET:GetCaptchaStatus")
+	web.Router("/api/callback", &controllers.ApiController{}, "POST:Callback")
+	web.Router("/api/device-auth", &controllers.ApiController{}, "POST:DeviceAuth")
 
-	beego.Router("/api/get-organizations", &controllers.ApiController{}, "GET:GetOrganizations")
-	beego.Router("/api/get-organization", &controllers.ApiController{}, "GET:GetOrganization")
-	beego.Router("/api/update-organization", &controllers.ApiController{}, "POST:UpdateOrganization")
-	beego.Router("/api/add-organization", &controllers.ApiController{}, "POST:AddOrganization")
-	beego.Router("/api/delete-organization", &controllers.ApiController{}, "POST:DeleteOrganization")
-	beego.Router("/api/get-default-application", &controllers.ApiController{}, "GET:GetDefaultApplication")
-	beego.Router("/api/get-organization-names", &controllers.ApiController{}, "GET:GetOrganizationNames")
+	web.Router("/api/get-organizations", &controllers.ApiController{}, "GET:GetOrganizations")
+	web.Router("/api/get-organization", &controllers.ApiController{}, "GET:GetOrganization")
+	web.Router("/api/update-organization", &controllers.ApiController{}, "POST:UpdateOrganization")
+	web.Router("/api/add-organization", &controllers.ApiController{}, "POST:AddOrganization")
+	web.Router("/api/delete-organization", &controllers.ApiController{}, "POST:DeleteOrganization")
+	web.Router("/api/get-default-application", &controllers.ApiController{}, "GET:GetDefaultApplication")
+	web.Router("/api/get-organization-names", &controllers.ApiController{}, "GET:GetOrganizationNames")
 
-	beego.Router("/api/get-groups", &controllers.ApiController{}, "GET:GetGroups")
-	beego.Router("/api/get-group", &controllers.ApiController{}, "GET:GetGroup")
-	beego.Router("/api/update-group", &controllers.ApiController{}, "POST:UpdateGroup")
-	beego.Router("/api/add-group", &controllers.ApiController{}, "POST:AddGroup")
-	beego.Router("/api/delete-group", &controllers.ApiController{}, "POST:DeleteGroup")
-	beego.Router("/api/upload-groups", &controllers.ApiController{}, "POST:UploadGroups")
+	web.Router("/api/get-groups", &controllers.ApiController{}, "GET:GetGroups")
+	web.Router("/api/get-group", &controllers.ApiController{}, "GET:GetGroup")
+	web.Router("/api/update-group", &controllers.ApiController{}, "POST:UpdateGroup")
+	web.Router("/api/add-group", &controllers.ApiController{}, "POST:AddGroup")
+	web.Router("/api/delete-group", &controllers.ApiController{}, "POST:DeleteGroup")
+	web.Router("/api/upload-groups", &controllers.ApiController{}, "POST:UploadGroups")
 
-	beego.Router("/api/get-global-users", &controllers.ApiController{}, "GET:GetGlobalUsers")
-	beego.Router("/api/get-users", &controllers.ApiController{}, "GET:GetUsers")
-	beego.Router("/api/get-sorted-users", &controllers.ApiController{}, "GET:GetSortedUsers")
-	beego.Router("/api/get-user-count", &controllers.ApiController{}, "GET:GetUserCount")
-	beego.Router("/api/get-user", &controllers.ApiController{}, "GET:GetUser")
-	beego.Router("/api/update-user", &controllers.ApiController{}, "POST:UpdateUser")
-	beego.Router("/api/add-user-keys", &controllers.ApiController{}, "POST:AddUserKeys")
-	beego.Router("/api/add-user", &controllers.ApiController{}, "POST:AddUser")
-	beego.Router("/api/delete-user", &controllers.ApiController{}, "POST:DeleteUser")
-	beego.Router("/api/upload-users", &controllers.ApiController{}, "POST:UploadUsers")
-	beego.Router("/api/remove-user-from-group", &controllers.ApiController{}, "POST:RemoveUserFromGroup")
-	beego.Router("/api/verify-identification", &controllers.ApiController{}, "POST:VerifyIdentification")
+	web.Router("/api/get-global-users", &controllers.ApiController{}, "GET:GetGlobalUsers")
+	web.Router("/api/get-users", &controllers.ApiController{}, "GET:GetUsers")
+	web.Router("/api/get-sorted-users", &controllers.ApiController{}, "GET:GetSortedUsers")
+	web.Router("/api/get-user-count", &controllers.ApiController{}, "GET:GetUserCount")
+	web.Router("/api/get-user", &controllers.ApiController{}, "GET:GetUser")
+	web.Router("/api/update-user", &controllers.ApiController{}, "POST:UpdateUser")
+	web.Router("/api/add-user-keys", &controllers.ApiController{}, "POST:AddUserKeys")
+	web.Router("/api/add-user", &controllers.ApiController{}, "POST:AddUser")
+	web.Router("/api/delete-user", &controllers.ApiController{}, "POST:DeleteUser")
+	web.Router("/api/upload-users", &controllers.ApiController{}, "POST:UploadUsers")
+	web.Router("/api/remove-user-from-group", &controllers.ApiController{}, "POST:RemoveUserFromGroup")
+	web.Router("/api/verify-identification", &controllers.ApiController{}, "POST:VerifyIdentification")
 
-	beego.Router("/api/get-invitations", &controllers.ApiController{}, "GET:GetInvitations")
-	beego.Router("/api/get-invitation", &controllers.ApiController{}, "GET:GetInvitation")
-	beego.Router("/api/get-invitation-info", &controllers.ApiController{}, "GET:GetInvitationCodeInfo")
-	beego.Router("/api/update-invitation", &controllers.ApiController{}, "POST:UpdateInvitation")
-	beego.Router("/api/add-invitation", &controllers.ApiController{}, "POST:AddInvitation")
-	beego.Router("/api/delete-invitation", &controllers.ApiController{}, "POST:DeleteInvitation")
-	beego.Router("/api/verify-invitation", &controllers.ApiController{}, "GET:VerifyInvitation")
-	beego.Router("/api/send-invitation", &controllers.ApiController{}, "POST:SendInvitation")
+	web.Router("/api/get-invitations", &controllers.ApiController{}, "GET:GetInvitations")
+	web.Router("/api/get-invitation", &controllers.ApiController{}, "GET:GetInvitation")
+	web.Router("/api/get-invitation-info", &controllers.ApiController{}, "GET:GetInvitationCodeInfo")
+	web.Router("/api/update-invitation", &controllers.ApiController{}, "POST:UpdateInvitation")
+	web.Router("/api/add-invitation", &controllers.ApiController{}, "POST:AddInvitation")
+	web.Router("/api/delete-invitation", &controllers.ApiController{}, "POST:DeleteInvitation")
+	web.Router("/api/verify-invitation", &controllers.ApiController{}, "GET:VerifyInvitation")
+	web.Router("/api/send-invitation", &controllers.ApiController{}, "POST:SendInvitation")
 
-	beego.Router("/api/get-applications", &controllers.ApiController{}, "GET:GetApplications")
-	beego.Router("/api/get-application", &controllers.ApiController{}, "GET:GetApplication")
-	beego.Router("/api/get-user-application", &controllers.ApiController{}, "GET:GetUserApplication")
-	beego.Router("/api/get-organization-applications", &controllers.ApiController{}, "GET:GetOrganizationApplications")
-	beego.Router("/api/update-application", &controllers.ApiController{}, "POST:UpdateApplication")
-	beego.Router("/api/add-application", &controllers.ApiController{}, "POST:AddApplication")
-	beego.Router("/api/delete-application", &controllers.ApiController{}, "POST:DeleteApplication")
+	web.Router("/api/get-applications", &controllers.ApiController{}, "GET:GetApplications")
+	web.Router("/api/get-application", &controllers.ApiController{}, "GET:GetApplication")
+	web.Router("/api/get-user-application", &controllers.ApiController{}, "GET:GetUserApplication")
+	web.Router("/api/get-organization-applications", &controllers.ApiController{}, "GET:GetOrganizationApplications")
+	web.Router("/api/update-application", &controllers.ApiController{}, "POST:UpdateApplication")
+	web.Router("/api/add-application", &controllers.ApiController{}, "POST:AddApplication")
+	web.Router("/api/delete-application", &controllers.ApiController{}, "POST:DeleteApplication")
 
-	beego.Router("/api/get-providers", &controllers.ApiController{}, "GET:GetProviders")
-	beego.Router("/api/get-provider", &controllers.ApiController{}, "GET:GetProvider")
-	beego.Router("/api/get-global-providers", &controllers.ApiController{}, "GET:GetGlobalProviders")
-	beego.Router("/api/update-provider", &controllers.ApiController{}, "POST:UpdateProvider")
-	beego.Router("/api/add-provider", &controllers.ApiController{}, "POST:AddProvider")
-	beego.Router("/api/delete-provider", &controllers.ApiController{}, "POST:DeleteProvider")
+	web.Router("/api/get-providers", &controllers.ApiController{}, "GET:GetProviders")
+	web.Router("/api/get-provider", &controllers.ApiController{}, "GET:GetProvider")
+	web.Router("/api/get-global-providers", &controllers.ApiController{}, "GET:GetGlobalProviders")
+	web.Router("/api/update-provider", &controllers.ApiController{}, "POST:UpdateProvider")
+	web.Router("/api/add-provider", &controllers.ApiController{}, "POST:AddProvider")
+	web.Router("/api/delete-provider", &controllers.ApiController{}, "POST:DeleteProvider")
 
-	beego.Router("/api/get-resources", &controllers.ApiController{}, "GET:GetResources")
-	beego.Router("/api/get-resource", &controllers.ApiController{}, "GET:GetResource")
-	beego.Router("/api/update-resource", &controllers.ApiController{}, "POST:UpdateResource")
-	beego.Router("/api/add-resource", &controllers.ApiController{}, "POST:AddResource")
-	beego.Router("/api/delete-resource", &controllers.ApiController{}, "POST:DeleteResource")
-	beego.Router("/api/upload-resource", &controllers.ApiController{}, "POST:UploadResource")
+	web.Router("/api/get-resources", &controllers.ApiController{}, "GET:GetResources")
+	web.Router("/api/get-resource", &controllers.ApiController{}, "GET:GetResource")
+	web.Router("/api/update-resource", &controllers.ApiController{}, "POST:UpdateResource")
+	web.Router("/api/add-resource", &controllers.ApiController{}, "POST:AddResource")
+	web.Router("/api/delete-resource", &controllers.ApiController{}, "POST:DeleteResource")
+	web.Router("/api/upload-resource", &controllers.ApiController{}, "POST:UploadResource")
 
-	beego.Router("/api/get-certs", &controllers.ApiController{}, "GET:GetCerts")
-	beego.Router("/api/get-global-certs", &controllers.ApiController{}, "GET:GetGlobalCerts")
-	beego.Router("/api/get-cert", &controllers.ApiController{}, "GET:GetCert")
-	beego.Router("/api/update-cert", &controllers.ApiController{}, "POST:UpdateCert")
-	beego.Router("/api/add-cert", &controllers.ApiController{}, "POST:AddCert")
-	beego.Router("/api/delete-cert", &controllers.ApiController{}, "POST:DeleteCert")
+	web.Router("/api/get-certs", &controllers.ApiController{}, "GET:GetCerts")
+	web.Router("/api/get-global-certs", &controllers.ApiController{}, "GET:GetGlobalCerts")
+	web.Router("/api/get-cert", &controllers.ApiController{}, "GET:GetCert")
+	web.Router("/api/update-cert", &controllers.ApiController{}, "POST:UpdateCert")
+	web.Router("/api/add-cert", &controllers.ApiController{}, "POST:AddCert")
+	web.Router("/api/delete-cert", &controllers.ApiController{}, "POST:DeleteCert")
 
-	beego.Router("/api/get-roles", &controllers.ApiController{}, "GET:GetRoles")
-	beego.Router("/api/get-role", &controllers.ApiController{}, "GET:GetRole")
-	beego.Router("/api/update-role", &controllers.ApiController{}, "POST:UpdateRole")
-	beego.Router("/api/add-role", &controllers.ApiController{}, "POST:AddRole")
-	beego.Router("/api/delete-role", &controllers.ApiController{}, "POST:DeleteRole")
-	beego.Router("/api/upload-roles", &controllers.ApiController{}, "POST:UploadRoles")
+	web.Router("/api/get-roles", &controllers.ApiController{}, "GET:GetRoles")
+	web.Router("/api/get-role", &controllers.ApiController{}, "GET:GetRole")
+	web.Router("/api/update-role", &controllers.ApiController{}, "POST:UpdateRole")
+	web.Router("/api/add-role", &controllers.ApiController{}, "POST:AddRole")
+	web.Router("/api/delete-role", &controllers.ApiController{}, "POST:DeleteRole")
+	web.Router("/api/upload-roles", &controllers.ApiController{}, "POST:UploadRoles")
 
-	beego.Router("/api/get-permissions", &controllers.ApiController{}, "GET:GetPermissions")
-	beego.Router("/api/get-permissions-by-submitter", &controllers.ApiController{}, "GET:GetPermissionsBySubmitter")
-	beego.Router("/api/get-permissions-by-role", &controllers.ApiController{}, "GET:GetPermissionsByRole")
-	beego.Router("/api/get-permission", &controllers.ApiController{}, "GET:GetPermission")
-	beego.Router("/api/update-permission", &controllers.ApiController{}, "POST:UpdatePermission")
-	beego.Router("/api/add-permission", &controllers.ApiController{}, "POST:AddPermission")
-	beego.Router("/api/delete-permission", &controllers.ApiController{}, "POST:DeletePermission")
-	beego.Router("/api/upload-permissions", &controllers.ApiController{}, "POST:UploadPermissions")
+	web.Router("/api/get-permissions", &controllers.ApiController{}, "GET:GetPermissions")
+	web.Router("/api/get-permissions-by-submitter", &controllers.ApiController{}, "GET:GetPermissionsBySubmitter")
+	web.Router("/api/get-permissions-by-role", &controllers.ApiController{}, "GET:GetPermissionsByRole")
+	web.Router("/api/get-permission", &controllers.ApiController{}, "GET:GetPermission")
+	web.Router("/api/update-permission", &controllers.ApiController{}, "POST:UpdatePermission")
+	web.Router("/api/add-permission", &controllers.ApiController{}, "POST:AddPermission")
+	web.Router("/api/delete-permission", &controllers.ApiController{}, "POST:DeletePermission")
+	web.Router("/api/upload-permissions", &controllers.ApiController{}, "POST:UploadPermissions")
 
-	beego.Router("/api/get-models", &controllers.ApiController{}, "GET:GetModels")
-	beego.Router("/api/get-model", &controllers.ApiController{}, "GET:GetModel")
-	beego.Router("/api/update-model", &controllers.ApiController{}, "POST:UpdateModel")
-	beego.Router("/api/add-model", &controllers.ApiController{}, "POST:AddModel")
-	beego.Router("/api/delete-model", &controllers.ApiController{}, "POST:DeleteModel")
+	web.Router("/api/get-models", &controllers.ApiController{}, "GET:GetModels")
+	web.Router("/api/get-model", &controllers.ApiController{}, "GET:GetModel")
+	web.Router("/api/update-model", &controllers.ApiController{}, "POST:UpdateModel")
+	web.Router("/api/add-model", &controllers.ApiController{}, "POST:AddModel")
+	web.Router("/api/delete-model", &controllers.ApiController{}, "POST:DeleteModel")
 
-	beego.Router("/api/get-adapters", &controllers.ApiController{}, "GET:GetAdapters")
-	beego.Router("/api/get-adapter", &controllers.ApiController{}, "GET:GetAdapter")
-	beego.Router("/api/update-adapter", &controllers.ApiController{}, "POST:UpdateAdapter")
-	beego.Router("/api/add-adapter", &controllers.ApiController{}, "POST:AddAdapter")
-	beego.Router("/api/delete-adapter", &controllers.ApiController{}, "POST:DeleteAdapter")
-	beego.Router("/api/get-policies", &controllers.ApiController{}, "GET:GetPolicies")
-	beego.Router("/api/get-filtered-policies", &controllers.ApiController{}, "POST:GetFilteredPolicies")
-	beego.Router("/api/update-policy", &controllers.ApiController{}, "POST:UpdatePolicy")
-	beego.Router("/api/add-policy", &controllers.ApiController{}, "POST:AddPolicy")
-	beego.Router("/api/remove-policy", &controllers.ApiController{}, "POST:RemovePolicy")
+	web.Router("/api/get-adapters", &controllers.ApiController{}, "GET:GetAdapters")
+	web.Router("/api/get-adapter", &controllers.ApiController{}, "GET:GetAdapter")
+	web.Router("/api/update-adapter", &controllers.ApiController{}, "POST:UpdateAdapter")
+	web.Router("/api/add-adapter", &controllers.ApiController{}, "POST:AddAdapter")
+	web.Router("/api/delete-adapter", &controllers.ApiController{}, "POST:DeleteAdapter")
+	web.Router("/api/get-policies", &controllers.ApiController{}, "GET:GetPolicies")
+	web.Router("/api/get-filtered-policies", &controllers.ApiController{}, "POST:GetFilteredPolicies")
+	web.Router("/api/update-policy", &controllers.ApiController{}, "POST:UpdatePolicy")
+	web.Router("/api/add-policy", &controllers.ApiController{}, "POST:AddPolicy")
+	web.Router("/api/remove-policy", &controllers.ApiController{}, "POST:RemovePolicy")
 
-	beego.Router("/api/get-enforcers", &controllers.ApiController{}, "GET:GetEnforcers")
-	beego.Router("/api/get-enforcer", &controllers.ApiController{}, "GET:GetEnforcer")
-	beego.Router("/api/update-enforcer", &controllers.ApiController{}, "POST:UpdateEnforcer")
-	beego.Router("/api/add-enforcer", &controllers.ApiController{}, "POST:AddEnforcer")
-	beego.Router("/api/delete-enforcer", &controllers.ApiController{}, "POST:DeleteEnforcer")
+	web.Router("/api/get-enforcers", &controllers.ApiController{}, "GET:GetEnforcers")
+	web.Router("/api/get-enforcer", &controllers.ApiController{}, "GET:GetEnforcer")
+	web.Router("/api/update-enforcer", &controllers.ApiController{}, "POST:UpdateEnforcer")
+	web.Router("/api/add-enforcer", &controllers.ApiController{}, "POST:AddEnforcer")
+	web.Router("/api/delete-enforcer", &controllers.ApiController{}, "POST:DeleteEnforcer")
 
-	beego.Router("/api/enforce", &controllers.ApiController{}, "POST:Enforce")
-	beego.Router("/api/batch-enforce", &controllers.ApiController{}, "POST:BatchEnforce")
-	beego.Router("/api/get-all-objects", &controllers.ApiController{}, "GET:GetAllObjects")
-	beego.Router("/api/get-all-actions", &controllers.ApiController{}, "GET:GetAllActions")
-	beego.Router("/api/get-all-roles", &controllers.ApiController{}, "GET:GetAllRoles")
+	web.Router("/api/enforce", &controllers.ApiController{}, "POST:Enforce")
+	web.Router("/api/batch-enforce", &controllers.ApiController{}, "POST:BatchEnforce")
+	web.Router("/api/get-all-objects", &controllers.ApiController{}, "GET:GetAllObjects")
+	web.Router("/api/get-all-actions", &controllers.ApiController{}, "GET:GetAllActions")
+	web.Router("/api/get-all-roles", &controllers.ApiController{}, "GET:GetAllRoles")
 
-	beego.Router("/api/run-casbin-command", &controllers.ApiController{}, "GET:RunCasbinCommand")
-	beego.Router("/api/refresh-engines", &controllers.ApiController{}, "POST:RefreshEngines")
+	web.Router("/api/run-casbin-command", &controllers.ApiController{}, "GET:RunCasbinCommand")
+	web.Router("/api/refresh-engines", &controllers.ApiController{}, "POST:RefreshEngines")
 
-	beego.Router("/api/get-sessions", &controllers.ApiController{}, "GET:GetSessions")
-	beego.Router("/api/get-session", &controllers.ApiController{}, "GET:GetSingleSession")
-	beego.Router("/api/update-session", &controllers.ApiController{}, "POST:UpdateSession")
-	beego.Router("/api/add-session", &controllers.ApiController{}, "POST:AddSession")
-	beego.Router("/api/delete-session", &controllers.ApiController{}, "POST:DeleteSession")
-	beego.Router("/api/is-session-duplicated", &controllers.ApiController{}, "GET:IsSessionDuplicated")
+	web.Router("/api/get-sessions", &controllers.ApiController{}, "GET:GetSessions")
+	web.Router("/api/get-session", &controllers.ApiController{}, "GET:GetSingleSession")
+	web.Router("/api/update-session", &controllers.ApiController{}, "POST:UpdateSession")
+	web.Router("/api/add-session", &controllers.ApiController{}, "POST:AddSession")
+	web.Router("/api/delete-session", &controllers.ApiController{}, "POST:DeleteSession")
+	web.Router("/api/is-session-duplicated", &controllers.ApiController{}, "GET:IsSessionDuplicated")
 
-	beego.Router("/api/get-tokens", &controllers.ApiController{}, "GET:GetTokens")
-	beego.Router("/api/get-token", &controllers.ApiController{}, "GET:GetToken")
-	beego.Router("/api/update-token", &controllers.ApiController{}, "POST:UpdateToken")
-	beego.Router("/api/add-token", &controllers.ApiController{}, "POST:AddToken")
-	beego.Router("/api/delete-token", &controllers.ApiController{}, "POST:DeleteToken")
+	web.Router("/api/get-tokens", &controllers.ApiController{}, "GET:GetTokens")
+	web.Router("/api/get-token", &controllers.ApiController{}, "GET:GetToken")
+	web.Router("/api/update-token", &controllers.ApiController{}, "POST:UpdateToken")
+	web.Router("/api/add-token", &controllers.ApiController{}, "POST:AddToken")
+	web.Router("/api/delete-token", &controllers.ApiController{}, "POST:DeleteToken")
 
-	beego.Router("/api/get-products", &controllers.ApiController{}, "GET:GetProducts")
-	beego.Router("/api/get-product", &controllers.ApiController{}, "GET:GetProduct")
-	beego.Router("/api/update-product", &controllers.ApiController{}, "POST:UpdateProduct")
-	beego.Router("/api/add-product", &controllers.ApiController{}, "POST:AddProduct")
-	beego.Router("/api/delete-product", &controllers.ApiController{}, "POST:DeleteProduct")
+	web.Router("/api/get-products", &controllers.ApiController{}, "GET:GetProducts")
+	web.Router("/api/get-product", &controllers.ApiController{}, "GET:GetProduct")
+	web.Router("/api/update-product", &controllers.ApiController{}, "POST:UpdateProduct")
+	web.Router("/api/add-product", &controllers.ApiController{}, "POST:AddProduct")
+	web.Router("/api/delete-product", &controllers.ApiController{}, "POST:DeleteProduct")
 
-	beego.Router("/api/get-orders", &controllers.ApiController{}, "GET:GetOrders")
-	beego.Router("/api/get-user-orders", &controllers.ApiController{}, "GET:GetUserOrders")
-	beego.Router("/api/get-order", &controllers.ApiController{}, "GET:GetOrder")
-	beego.Router("/api/update-order", &controllers.ApiController{}, "POST:UpdateOrder")
-	beego.Router("/api/add-order", &controllers.ApiController{}, "POST:AddOrder")
-	beego.Router("/api/delete-order", &controllers.ApiController{}, "POST:DeleteOrder")
-	beego.Router("/api/place-order", &controllers.ApiController{}, "POST:PlaceOrder")
-	beego.Router("/api/cancel-order", &controllers.ApiController{}, "POST:CancelOrder")
-	beego.Router("/api/pay-order", &controllers.ApiController{}, "POST:PayOrder")
+	web.Router("/api/get-orders", &controllers.ApiController{}, "GET:GetOrders")
+	web.Router("/api/get-user-orders", &controllers.ApiController{}, "GET:GetUserOrders")
+	web.Router("/api/get-order", &controllers.ApiController{}, "GET:GetOrder")
+	web.Router("/api/update-order", &controllers.ApiController{}, "POST:UpdateOrder")
+	web.Router("/api/add-order", &controllers.ApiController{}, "POST:AddOrder")
+	web.Router("/api/delete-order", &controllers.ApiController{}, "POST:DeleteOrder")
+	web.Router("/api/place-order", &controllers.ApiController{}, "POST:PlaceOrder")
+	web.Router("/api/cancel-order", &controllers.ApiController{}, "POST:CancelOrder")
+	web.Router("/api/pay-order", &controllers.ApiController{}, "POST:PayOrder")
 
-	beego.Router("/api/get-payments", &controllers.ApiController{}, "GET:GetPayments")
-	beego.Router("/api/get-user-payments", &controllers.ApiController{}, "GET:GetUserPayments")
-	beego.Router("/api/get-payment", &controllers.ApiController{}, "GET:GetPayment")
-	beego.Router("/api/update-payment", &controllers.ApiController{}, "POST:UpdatePayment")
-	beego.Router("/api/add-payment", &controllers.ApiController{}, "POST:AddPayment")
-	beego.Router("/api/delete-payment", &controllers.ApiController{}, "POST:DeletePayment")
-	beego.Router("/api/notify-payment/?:owner/?:payment", &controllers.ApiController{}, "POST:NotifyPayment")
-	beego.Router("/api/invoice-payment", &controllers.ApiController{}, "POST:InvoicePayment")
+	web.Router("/api/get-payments", &controllers.ApiController{}, "GET:GetPayments")
+	web.Router("/api/get-user-payments", &controllers.ApiController{}, "GET:GetUserPayments")
+	web.Router("/api/get-payment", &controllers.ApiController{}, "GET:GetPayment")
+	web.Router("/api/update-payment", &controllers.ApiController{}, "POST:UpdatePayment")
+	web.Router("/api/add-payment", &controllers.ApiController{}, "POST:AddPayment")
+	web.Router("/api/delete-payment", &controllers.ApiController{}, "POST:DeletePayment")
+	web.Router("/api/notify-payment/?:owner/?:payment", &controllers.ApiController{}, "POST:NotifyPayment")
+	web.Router("/api/invoice-payment", &controllers.ApiController{}, "POST:InvoicePayment")
 
-	beego.Router("/api/get-plans", &controllers.ApiController{}, "GET:GetPlans")
-	beego.Router("/api/get-plan", &controllers.ApiController{}, "GET:GetPlan")
-	beego.Router("/api/update-plan", &controllers.ApiController{}, "POST:UpdatePlan")
-	beego.Router("/api/add-plan", &controllers.ApiController{}, "POST:AddPlan")
-	beego.Router("/api/delete-plan", &controllers.ApiController{}, "POST:DeletePlan")
+	web.Router("/api/get-plans", &controllers.ApiController{}, "GET:GetPlans")
+	web.Router("/api/get-plan", &controllers.ApiController{}, "GET:GetPlan")
+	web.Router("/api/update-plan", &controllers.ApiController{}, "POST:UpdatePlan")
+	web.Router("/api/add-plan", &controllers.ApiController{}, "POST:AddPlan")
+	web.Router("/api/delete-plan", &controllers.ApiController{}, "POST:DeletePlan")
 
-	beego.Router("/api/get-pricings", &controllers.ApiController{}, "GET:GetPricings")
-	beego.Router("/api/get-pricing", &controllers.ApiController{}, "GET:GetPricing")
-	beego.Router("/api/update-pricing", &controllers.ApiController{}, "POST:UpdatePricing")
-	beego.Router("/api/add-pricing", &controllers.ApiController{}, "POST:AddPricing")
-	beego.Router("/api/delete-pricing", &controllers.ApiController{}, "POST:DeletePricing")
+	web.Router("/api/get-pricings", &controllers.ApiController{}, "GET:GetPricings")
+	web.Router("/api/get-pricing", &controllers.ApiController{}, "GET:GetPricing")
+	web.Router("/api/update-pricing", &controllers.ApiController{}, "POST:UpdatePricing")
+	web.Router("/api/add-pricing", &controllers.ApiController{}, "POST:AddPricing")
+	web.Router("/api/delete-pricing", &controllers.ApiController{}, "POST:DeletePricing")
 
-	beego.Router("/api/get-subscriptions", &controllers.ApiController{}, "GET:GetSubscriptions")
-	beego.Router("/api/get-subscription", &controllers.ApiController{}, "GET:GetSubscription")
-	beego.Router("/api/update-subscription", &controllers.ApiController{}, "POST:UpdateSubscription")
-	beego.Router("/api/add-subscription", &controllers.ApiController{}, "POST:AddSubscription")
-	beego.Router("/api/delete-subscription", &controllers.ApiController{}, "POST:DeleteSubscription")
+	web.Router("/api/get-subscriptions", &controllers.ApiController{}, "GET:GetSubscriptions")
+	web.Router("/api/get-subscription", &controllers.ApiController{}, "GET:GetSubscription")
+	web.Router("/api/update-subscription", &controllers.ApiController{}, "POST:UpdateSubscription")
+	web.Router("/api/add-subscription", &controllers.ApiController{}, "POST:AddSubscription")
+	web.Router("/api/delete-subscription", &controllers.ApiController{}, "POST:DeleteSubscription")
 
-	beego.Router("/api/get-transactions", &controllers.ApiController{}, "GET:GetTransactions")
-	beego.Router("/api/get-transaction", &controllers.ApiController{}, "GET:GetTransaction")
-	beego.Router("/api/update-transaction", &controllers.ApiController{}, "POST:UpdateTransaction")
-	beego.Router("/api/add-transaction", &controllers.ApiController{}, "POST:AddTransaction")
-	beego.Router("/api/delete-transaction", &controllers.ApiController{}, "POST:DeleteTransaction")
+	web.Router("/api/get-transactions", &controllers.ApiController{}, "GET:GetTransactions")
+	web.Router("/api/get-transaction", &controllers.ApiController{}, "GET:GetTransaction")
+	web.Router("/api/update-transaction", &controllers.ApiController{}, "POST:UpdateTransaction")
+	web.Router("/api/add-transaction", &controllers.ApiController{}, "POST:AddTransaction")
+	web.Router("/api/delete-transaction", &controllers.ApiController{}, "POST:DeleteTransaction")
 
-	beego.Router("/api/get-system-info", &controllers.ApiController{}, "GET:GetSystemInfo")
-	beego.Router("/api/get-version-info", &controllers.ApiController{}, "GET:GetVersionInfo")
-	beego.Router("/api/health", &controllers.ApiController{}, "GET:Health")
-	beego.Router("/api/get-prometheus-info", &controllers.ApiController{}, "GET:GetPrometheusInfo")
-	beego.Router("/api/metrics", &controllers.ApiController{}, "GET:GetMetrics")
+	web.Router("/api/get-system-info", &controllers.ApiController{}, "GET:GetSystemInfo")
+	web.Router("/api/get-version-info", &controllers.ApiController{}, "GET:GetVersionInfo")
+	web.Router("/api/health", &controllers.ApiController{}, "GET:Health")
+	web.Router("/api/get-prometheus-info", &controllers.ApiController{}, "GET:GetPrometheusInfo")
+	web.Router("/api/metrics", &controllers.ApiController{}, "GET:GetMetrics")
 
-	beego.Router("/api/get-global-forms", &controllers.ApiController{}, "GET:GetGlobalForms")
-	beego.Router("/api/get-forms", &controllers.ApiController{}, "GET:GetForms")
-	beego.Router("/api/get-form", &controllers.ApiController{}, "GET:GetForm")
-	beego.Router("/api/update-form", &controllers.ApiController{}, "POST:UpdateForm")
-	beego.Router("/api/add-form", &controllers.ApiController{}, "POST:AddForm")
-	beego.Router("/api/delete-form", &controllers.ApiController{}, "POST:DeleteForm")
+	web.Router("/api/get-global-forms", &controllers.ApiController{}, "GET:GetGlobalForms")
+	web.Router("/api/get-forms", &controllers.ApiController{}, "GET:GetForms")
+	web.Router("/api/get-form", &controllers.ApiController{}, "GET:GetForm")
+	web.Router("/api/update-form", &controllers.ApiController{}, "POST:UpdateForm")
+	web.Router("/api/add-form", &controllers.ApiController{}, "POST:AddForm")
+	web.Router("/api/delete-form", &controllers.ApiController{}, "POST:DeleteForm")
 
-	beego.Router("/api/get-syncers", &controllers.ApiController{}, "GET:GetSyncers")
-	beego.Router("/api/get-syncer", &controllers.ApiController{}, "GET:GetSyncer")
-	beego.Router("/api/update-syncer", &controllers.ApiController{}, "POST:UpdateSyncer")
-	beego.Router("/api/add-syncer", &controllers.ApiController{}, "POST:AddSyncer")
-	beego.Router("/api/delete-syncer", &controllers.ApiController{}, "POST:DeleteSyncer")
-	beego.Router("/api/run-syncer", &controllers.ApiController{}, "GET:RunSyncer")
-	beego.Router("/api/test-syncer-db", &controllers.ApiController{}, "POST:TestSyncerDb")
+	web.Router("/api/get-syncers", &controllers.ApiController{}, "GET:GetSyncers")
+	web.Router("/api/get-syncer", &controllers.ApiController{}, "GET:GetSyncer")
+	web.Router("/api/update-syncer", &controllers.ApiController{}, "POST:UpdateSyncer")
+	web.Router("/api/add-syncer", &controllers.ApiController{}, "POST:AddSyncer")
+	web.Router("/api/delete-syncer", &controllers.ApiController{}, "POST:DeleteSyncer")
+	web.Router("/api/run-syncer", &controllers.ApiController{}, "GET:RunSyncer")
+	web.Router("/api/test-syncer-db", &controllers.ApiController{}, "POST:TestSyncerDb")
 
-	beego.Router("/api/get-webhooks", &controllers.ApiController{}, "GET:GetWebhooks")
-	beego.Router("/api/get-webhook", &controllers.ApiController{}, "GET:GetWebhook")
-	beego.Router("/api/update-webhook", &controllers.ApiController{}, "POST:UpdateWebhook")
-	beego.Router("/api/add-webhook", &controllers.ApiController{}, "POST:AddWebhook")
-	beego.Router("/api/delete-webhook", &controllers.ApiController{}, "POST:DeleteWebhook")
+	web.Router("/api/get-webhooks", &controllers.ApiController{}, "GET:GetWebhooks")
+	web.Router("/api/get-webhook", &controllers.ApiController{}, "GET:GetWebhook")
+	web.Router("/api/update-webhook", &controllers.ApiController{}, "POST:UpdateWebhook")
+	web.Router("/api/add-webhook", &controllers.ApiController{}, "POST:AddWebhook")
+	web.Router("/api/delete-webhook", &controllers.ApiController{}, "POST:DeleteWebhook")
 
-	beego.Router("/api/set-password", &controllers.ApiController{}, "POST:SetPassword")
-	beego.Router("/api/check-user-password", &controllers.ApiController{}, "POST:CheckUserPassword")
-	beego.Router("/api/get-email-and-phone", &controllers.ApiController{}, "GET:GetEmailAndPhone")
-	beego.Router("/api/send-verification-code", &controllers.ApiController{}, "POST:SendVerificationCode")
-	beego.Router("/api/verify-code", &controllers.ApiController{}, "POST:VerifyCode")
-	beego.Router("/api/verify-captcha", &controllers.ApiController{}, "POST:VerifyCaptcha")
-	beego.Router("/api/reset-email-or-phone", &controllers.ApiController{}, "POST:ResetEmailOrPhone")
-	beego.Router("/api/get-captcha", &controllers.ApiController{}, "GET:GetCaptcha")
-	beego.Router("/api/get-verifications", &controllers.ApiController{}, "GET:GetVerifications")
+	web.Router("/api/get-tickets", &controllers.ApiController{}, "GET:GetTickets")
+	web.Router("/api/get-ticket", &controllers.ApiController{}, "GET:GetTicket")
+	web.Router("/api/update-ticket", &controllers.ApiController{}, "POST:UpdateTicket")
+	web.Router("/api/add-ticket", &controllers.ApiController{}, "POST:AddTicket")
+	web.Router("/api/delete-ticket", &controllers.ApiController{}, "POST:DeleteTicket")
+	web.Router("/api/add-ticket-message", &controllers.ApiController{}, "POST:AddTicketMessage")
 
-	beego.Router("/api/get-ldap-users", &controllers.ApiController{}, "GET:GetLdapUsers")
-	beego.Router("/api/get-ldaps", &controllers.ApiController{}, "GET:GetLdaps")
-	beego.Router("/api/get-ldap", &controllers.ApiController{}, "GET:GetLdap")
-	beego.Router("/api/add-ldap", &controllers.ApiController{}, "POST:AddLdap")
-	beego.Router("/api/update-ldap", &controllers.ApiController{}, "POST:UpdateLdap")
-	beego.Router("/api/delete-ldap", &controllers.ApiController{}, "POST:DeleteLdap")
-	beego.Router("/api/sync-ldap-users", &controllers.ApiController{}, "POST:SyncLdapUsers")
+	web.Router("/api/set-password", &controllers.ApiController{}, "POST:SetPassword")
+	web.Router("/api/check-user-password", &controllers.ApiController{}, "POST:CheckUserPassword")
+	web.Router("/api/get-email-and-phone", &controllers.ApiController{}, "GET:GetEmailAndPhone")
+	web.Router("/api/send-verification-code", &controllers.ApiController{}, "POST:SendVerificationCode")
+	web.Router("/api/verify-code", &controllers.ApiController{}, "POST:VerifyCode")
+	web.Router("/api/verify-captcha", &controllers.ApiController{}, "POST:VerifyCaptcha")
+	web.Router("/api/reset-email-or-phone", &controllers.ApiController{}, "POST:ResetEmailOrPhone")
+	web.Router("/api/get-captcha", &controllers.ApiController{}, "GET:GetCaptcha")
+	web.Router("/api/get-verifications", &controllers.ApiController{}, "GET:GetVerifications")
 
-	beego.Router("/api/login/oauth/access_token", &controllers.ApiController{}, "POST:GetOAuthToken")
-	beego.Router("/api/login/oauth/refresh_token", &controllers.ApiController{}, "POST:RefreshToken")
-	beego.Router("/api/login/oauth/introspect", &controllers.ApiController{}, "POST:IntrospectToken")
+	web.Router("/api/get-ldap-users", &controllers.ApiController{}, "GET:GetLdapUsers")
+	web.Router("/api/get-ldaps", &controllers.ApiController{}, "GET:GetLdaps")
+	web.Router("/api/get-ldap", &controllers.ApiController{}, "GET:GetLdap")
+	web.Router("/api/add-ldap", &controllers.ApiController{}, "POST:AddLdap")
+	web.Router("/api/update-ldap", &controllers.ApiController{}, "POST:UpdateLdap")
+	web.Router("/api/delete-ldap", &controllers.ApiController{}, "POST:DeleteLdap")
+	web.Router("/api/sync-ldap-users", &controllers.ApiController{}, "POST:SyncLdapUsers")
 
-	beego.Router("/api/get-records", &controllers.ApiController{}, "GET:GetRecords")
-	beego.Router("/api/get-records-filter", &controllers.ApiController{}, "POST:GetRecordsByFilter")
-	beego.Router("/api/add-record", &controllers.ApiController{}, "POST:AddRecord")
+	web.Router("/api/login/oauth/access_token", &controllers.ApiController{}, "POST:GetOAuthToken")
+	web.Router("/api/login/oauth/refresh_token", &controllers.ApiController{}, "POST:RefreshToken")
+	web.Router("/api/login/oauth/introspect", &controllers.ApiController{}, "POST:IntrospectToken")
 
-	beego.Router("/api/send-email", &controllers.ApiController{}, "POST:SendEmail")
-	beego.Router("/api/send-sms", &controllers.ApiController{}, "POST:SendSms")
-	beego.Router("/api/send-notification", &controllers.ApiController{}, "POST:SendNotification")
+	web.Router("/api/get-records", &controllers.ApiController{}, "GET:GetRecords")
+	web.Router("/api/get-records-filter", &controllers.ApiController{}, "POST:GetRecordsByFilter")
+	web.Router("/api/add-record", &controllers.ApiController{}, "POST:AddRecord")
 
-	beego.Router("/api/webauthn/signup/begin", &controllers.ApiController{}, "GET:WebAuthnSignupBegin")
-	beego.Router("/api/webauthn/signup/finish", &controllers.ApiController{}, "POST:WebAuthnSignupFinish")
-	beego.Router("/api/webauthn/signin/begin", &controllers.ApiController{}, "GET:WebAuthnSigninBegin")
-	beego.Router("/api/webauthn/signin/finish", &controllers.ApiController{}, "POST:WebAuthnSigninFinish")
+	web.Router("/api/send-email", &controllers.ApiController{}, "POST:SendEmail")
+	web.Router("/api/send-sms", &controllers.ApiController{}, "POST:SendSms")
+	web.Router("/api/send-notification", &controllers.ApiController{}, "POST:SendNotification")
 
-	beego.Router("/api/mfa/setup/initiate", &controllers.ApiController{}, "POST:MfaSetupInitiate")
-	beego.Router("/api/mfa/setup/verify", &controllers.ApiController{}, "POST:MfaSetupVerify")
-	beego.Router("/api/mfa/setup/enable", &controllers.ApiController{}, "POST:MfaSetupEnable")
-	beego.Router("/api/delete-mfa", &controllers.ApiController{}, "POST:DeleteMfa")
-	beego.Router("/api/set-preferred-mfa", &controllers.ApiController{}, "POST:SetPreferredMfa")
+	web.Router("/api/webauthn/signup/begin", &controllers.ApiController{}, "GET:WebAuthnSignupBegin")
+	web.Router("/api/webauthn/signup/finish", &controllers.ApiController{}, "POST:WebAuthnSignupFinish")
+	web.Router("/api/webauthn/signin/begin", &controllers.ApiController{}, "GET:WebAuthnSigninBegin")
+	web.Router("/api/webauthn/signin/finish", &controllers.ApiController{}, "POST:WebAuthnSigninFinish")
 
-	beego.Router("/.well-known/openid-configuration", &controllers.RootController{}, "GET:GetOidcDiscovery")
-	beego.Router("/.well-known/:application/openid-configuration", &controllers.RootController{}, "GET:GetOidcDiscoveryByApplication")
-	beego.Router("/.well-known/jwks", &controllers.RootController{}, "*:GetJwks")
-	beego.Router("/.well-known/:application/jwks", &controllers.RootController{}, "*:GetJwksByApplication")
-	beego.Router("/.well-known/webfinger", &controllers.RootController{}, "GET:GetWebFinger")
-	beego.Router("/.well-known/:application/webfinger", &controllers.RootController{}, "GET:GetWebFingerByApplication")
+	web.Router("/api/mfa/setup/initiate", &controllers.ApiController{}, "POST:MfaSetupInitiate")
+	web.Router("/api/mfa/setup/verify", &controllers.ApiController{}, "POST:MfaSetupVerify")
+	web.Router("/api/mfa/setup/enable", &controllers.ApiController{}, "POST:MfaSetupEnable")
+	web.Router("/api/delete-mfa", &controllers.ApiController{}, "POST:DeleteMfa")
+	web.Router("/api/set-preferred-mfa", &controllers.ApiController{}, "POST:SetPreferredMfa")
 
-	beego.Router("/cas/:organization/:application/serviceValidate", &controllers.RootController{}, "GET:CasServiceValidate")
-	beego.Router("/cas/:organization/:application/proxyValidate", &controllers.RootController{}, "GET:CasProxyValidate")
-	beego.Router("/cas/:organization/:application/proxy", &controllers.RootController{}, "GET:CasProxy")
-	beego.Router("/cas/:organization/:application/validate", &controllers.RootController{}, "GET:CasValidate")
+	web.Router("/.well-known/openid-configuration", &controllers.RootController{}, "GET:GetOidcDiscovery")
+	web.Router("/.well-known/:application/openid-configuration", &controllers.RootController{}, "GET:GetOidcDiscoveryByApplication")
+	web.Router("/.well-known/jwks", &controllers.RootController{}, "*:GetJwks")
+	web.Router("/.well-known/:application/jwks", &controllers.RootController{}, "*:GetJwksByApplication")
+	web.Router("/.well-known/webfinger", &controllers.RootController{}, "GET:GetWebFinger")
+	web.Router("/.well-known/:application/webfinger", &controllers.RootController{}, "GET:GetWebFingerByApplication")
 
-	beego.Router("/cas/:organization/:application/p3/serviceValidate", &controllers.RootController{}, "GET:CasP3ServiceValidate")
-	beego.Router("/cas/:organization/:application/p3/proxyValidate", &controllers.RootController{}, "GET:CasP3ProxyValidate")
-	beego.Router("/cas/:organization/:application/samlValidate", &controllers.RootController{}, "POST:SamlValidate")
+	web.Router("/cas/:organization/:application/serviceValidate", &controllers.RootController{}, "GET:CasServiceValidate")
+	web.Router("/cas/:organization/:application/proxyValidate", &controllers.RootController{}, "GET:CasProxyValidate")
+	web.Router("/cas/:organization/:application/proxy", &controllers.RootController{}, "GET:CasProxy")
+	web.Router("/cas/:organization/:application/validate", &controllers.RootController{}, "GET:CasValidate")
 
-	beego.Router("/scim/*", &controllers.RootController{}, "*:HandleScim")
+	web.Router("/cas/:organization/:application/p3/serviceValidate", &controllers.RootController{}, "GET:CasP3ServiceValidate")
+	web.Router("/cas/:organization/:application/p3/proxyValidate", &controllers.RootController{}, "GET:CasP3ProxyValidate")
+	web.Router("/cas/:organization/:application/samlValidate", &controllers.RootController{}, "POST:SamlValidate")
 
-	beego.Router("/api/faceid-signin-begin", &controllers.ApiController{}, "GET:FaceIDSigninBegin")
+	web.Router("/scim/*", &controllers.RootController{}, "*:HandleScim")
+
+	web.Router("/api/faceid-signin-begin", &controllers.ApiController{}, "GET:FaceIDSigninBegin")
 }