fix(admin): Admin hello

将配置中的过期时间单位统一为time.Duration，可以设置为`h`,`m`,`s`

README.md

@@ -4,12 +4,12 @@
 
 本项目使用 Go 实现了 RustDesk 的 API，并包含了 Web Admin 和 Web 客户端。RustDesk 是一个远程桌面软件，提供了自托管的解决方案。
 
- <div align=center>
+<div align=center>
 <img src="https://img.shields.io/badge/golang-1.22-blue"/>
 <img src="https://img.shields.io/badge/gin-v1.9.0-lightBlue"/>
 <img src="https://img.shields.io/badge/gorm-v1.25.7-green"/>
 <img src="https://img.shields.io/badge/swag-v1.16.3-yellow"/>
-<img src="https://img.shields.io/badge/i18n-7-green"/>
+<img src="https://goreportcard.com/badge/github.com/lejianwen/rustdesk-api/v2"/>
 <img src="https://github.com/lejianwen/rustdesk-api/actions/workflows/build.yml/badge.svg"/>
 </div>
 
@@ -156,6 +156,9 @@ app:
   web-client: 1  # 1:启用 0:禁用
   register: false #是否开启注册
   show-swagger: 0 #是否显示swagger文档
+  web-sso: true #是否显示web sso
+  token-expire: 168h #token有效时长
+  disable-pwd-login: false #是否禁用密码登录
 gin:
   api-addr: "0.0.0.0:21114"
   mode: "release"
@@ -185,7 +188,7 @@ proxy:
   host: ""
 jwt:
   key: ""
-  expire-duration: 360000
+  expire-duration: 168h
 ldap:
   enable: false
   url: "ldap://ldap.example.com:389"
@@ -220,7 +223,8 @@ ldap:
 | RUSTDESK_API_APP_WEB_CLIENT                            | 是否启用web-client; 1:启用,0:不启用; 默认启用                                               | 1                            |
 | RUSTDESK_API_APP_REGISTER                              | 是否开启注册; `true`, `false`  默认`false`                                             | `false`                      |
 | RUSTDESK_API_APP_SHOW_SWAGGER                          | 是否可见swagger文档;`1`显示，`0`不显示，默认`0`不显示                                            | `1`                          |
-| RUSTDESK_API_APP_TOKEN_EXPIRE                          | token有效时长（秒）                                                                   | `3600`                       |
+| RUSTDESK_API_APP_TOKEN_EXPIRE                          | token有效时长                                                                      | `168h`                       |
+| RUSTDESK_API_APP_DISABLE_PWD_LOGIN                     | 是否禁用密码登录;  `true`, `false`  默认`false`                                          | `false`                      |
 | -----ADMIN配置-----                                      | ----------                                                                     | ----------                   |
 | RUSTDESK_API_ADMIN_TITLE                               | 后台标题                                                                           | `RustDesk Api Admin`         |
 | RUSTDESK_API_ADMIN_HELLO                               | 后台欢迎语，可以使用`html`                                                               |                              |
@@ -249,7 +253,7 @@ ldap:
 | RUSTDESK_API_PROXY_HOST                                | 代理地址                                                                           | `http://127.0.0.1:1080`      |
 | ----JWT配置----                                          | --------                                                                       | --------                     |
 | RUSTDESK_API_JWT_KEY                                   | 自定义JWT KEY,为空则不启用JWT<br/>如果没使用`lejianwen/rustdesk-server`中的`MUST_LOGIN`，建议设置为空 |                              |
-| RUSTDESK_API_JWT_EXPIRE_DURATION                       | JWT有效时间                                                                        | 360000                       |
+| RUSTDESK_API_JWT_EXPIRE_DURATION                       | JWT有效时间                                                                        | `168h`                       |
 
 
 ### 运行

README_EN.md

@@ -8,7 +8,7 @@ desktop software that provides self-hosted solutions.
 <img src="https://img.shields.io/badge/gin-v1.9.0-lightBlue"/>
 <img src="https://img.shields.io/badge/gorm-v1.25.7-green"/>
 <img src="https://img.shields.io/badge/swag-v1.16.3-yellow"/>
-<img src="https://img.shields.io/badge/i18n-7-green"/>
+<img src="https://goreportcard.com/badge/github.com/lejianwen/rustdesk-api/v2"/>
 <img src="https://github.com/lejianwen/rustdesk-api/actions/workflows/build.yml/badge.svg"/>
 </div>
 
@@ -155,6 +155,9 @@ app:
   web-client: 1  # web client route 1:open 0:close  
   register: false #register enable
   show-swagger: 0 #show swagger 1:open 0:close
+  web-sso: true #web sso
+  token-expire: 168h #token expire duration
+  disable-pwd-login: false #disable password login
 gin:
   api-addr: "0.0.0.0:21114"
   mode: "release"
@@ -212,43 +215,44 @@ ldap:
 The environment variables correspond one-to-one with the configurations in the `conf/config.yaml` file. The prefix for variable names is `RUSTDESK_API`.
 The table below does not list all configurations. Please refer to the configurations in `conf/config.yaml`.
 
-| Variable Name                                     | Description                                                                                                                                          | Example                       |
+| Variable Name                                          | Description                                                                                                                                         | Example                       |
-|---------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------|
+|--------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------|
-| TZ                                                | timezone                                                                                                                                             | Asia/Shanghai                 |
+| TZ                                                     | timezone                                                                                                                                            | Asia/Shanghai                 |
-| RUSTDESK_API_LANG                                 | Language                                                                                                                                             | `en`,`zh-CN`                  |
+| RUSTDESK_API_LANG                                      | Language                                                                                                                                            | `en`,`zh-CN`                  |
-| RUSTDESK_API_APP_WEB_CLIENT                       | web client on/off; 1: on, 0 off, default: 1                                                                                                          | 1                             |
+| RUSTDESK_API_APP_WEB_CLIENT                            | web client on/off; 1: on, 0 off, default: 1                                                                                                         | 1                             |
-| RUSTDESK_API_APP_REGISTER                         | register enable; `true`, `false`; default:`false`                                                                                                    | `false`                       |
+| RUSTDESK_API_APP_REGISTER                              | register enable; `true`, `false`; default:`false`                                                                                                   | `false`                       |
-| RUSTDESK_API_APP_SHOW_SWAGGER                     | swagger visible; 1: yes, 0: no; default: 0                                                                                                           | `0`                           |
+| RUSTDESK_API_APP_SHOW_SWAGGER                          | swagger visible; 1: yes, 0: no; default: 0                                                                                                          | `0`                           |
-| RUSTDESK_API_APP_TOKEN_EXPIRE                     | token expire duration(second)                                                                                                                        | `3600`                        |
+| RUSTDESK_API_APP_TOKEN_EXPIRE                          | token expire duration                                                                                                                               | `168h`                        |
-| ----- ADMIN Configuration-----                    | ----------                                                                                                                                           | ----------                    |
+| RUSTDESK_API_APP_DISABLE_PWD_LOGIN                     | disable password login                                                                                                                              | `false`                       |
-| RUSTDESK_API_ADMIN_TITLE                          | Admin Title                                                                                                                                          | `RustDesk Api Admin`          |
+| ----- ADMIN Configuration-----                         | ----------                                                                                                                                          | ----------                    |
-| RUSTDESK_API_ADMIN_HELLO                          | Admin welcome message, you can use `html`                                                                                                            |                               |
+| RUSTDESK_API_ADMIN_TITLE                               | Admin Title                                                                                                                                         | `RustDesk Api Admin`          |
-| RUSTDESK_API_ADMIN_HELLO_FILE                     | Admin welcome message file,<br>will override `RUSTDESK_API_ADMIN_HELLO`                                                                              | `./conf/admin/hello.html`     |
+| RUSTDESK_API_ADMIN_HELLO                               | Admin welcome message, you can use `html`                                                                                                           |                               |
-| ----- GIN Configuration -----                     | ---------------------------------------                                                                                                              | ----------------------------- |
+| RUSTDESK_API_ADMIN_HELLO_FILE                          | Admin welcome message file,<br>will override `RUSTDESK_API_ADMIN_HELLO`                                                                             | `./conf/admin/hello.html`     |
-| RUSTDESK_API_GIN_TRUST_PROXY                      | Trusted proxy IPs, separated by commas.                                                                                                              | 192.168.1.2,192.168.1.3       |
+| ----- GIN Configuration -----                          | ---------------------------------------                                                                                                             | ----------------------------- |
-| ----- GORM Configuration -----                    | ---------------------------------------                                                                                                              | ----------------------------- |
+| RUSTDESK_API_GIN_TRUST_PROXY                           | Trusted proxy IPs, separated by commas.                                                                                                             | 192.168.1.2,192.168.1.3       |
-| RUSTDESK_API_GORM_TYPE                            | Database type (`sqlite` or `mysql`). Default is `sqlite`.                                                                                            | sqlite                        |
+| ----- GORM Configuration -----                         | ---------------------------------------                                                                                                             | ----------------------------- |
-| RUSTDESK_API_GORM_MAX_IDLE_CONNS                  | Maximum idle connections                                                                                                                             | 10                            |
+| RUSTDESK_API_GORM_TYPE                                 | Database type (`sqlite` or `mysql`). Default is `sqlite`.                                                                                           | sqlite                        |
-| RUSTDESK_API_GORM_MAX_OPEN_CONNS                  | Maximum open connections                                                                                                                             | 100                           |
+| RUSTDESK_API_GORM_MAX_IDLE_CONNS                       | Maximum idle connections                                                                                                                            | 10                            |
-| RUSTDESK_API_RUSTDESK_PERSONAL                    | Open Personal Api 1:Enable,0:Disable                                                                                                                 | 1                             |
+| RUSTDESK_API_GORM_MAX_OPEN_CONNS                       | Maximum open connections                                                                                                                            | 100                           |
-| ----- MYSQL Configuration -----                   | ---------------------------------------                                                                                                              | ----------------------------- |
+| RUSTDESK_API_RUSTDESK_PERSONAL                         | Open Personal Api 1:Enable,0:Disable                                                                                                                | 1                             |
-| RUSTDESK_API_MYSQL_USERNAME                       | MySQL username                                                                                                                                       | root                          |
+| ----- MYSQL Configuration -----                        | ---------------------------------------                                                                                                             | ----------------------------- |
-| RUSTDESK_API_MYSQL_PASSWORD                       | MySQL password                                                                                                                                       | 111111                        |
+| RUSTDESK_API_MYSQL_USERNAME                            | MySQL username                                                                                                                                      | root                          |
-| RUSTDESK_API_MYSQL_ADDR                           | MySQL address                                                                                                                                        | 192.168.1.66:3306             |
+| RUSTDESK_API_MYSQL_PASSWORD                            | MySQL password                                                                                                                                      | 111111                        |
-| RUSTDESK_API_MYSQL_DBNAME                         | MySQL database name                                                                                                                                  | rustdesk                      |
+| RUSTDESK_API_MYSQL_ADDR                                | MySQL address                                                                                                                                       | 192.168.1.66:3306             |
-| ----- RUSTDESK Configuration -----                | ---------------------------------------                                                                                                              | ----------------------------- |
+| RUSTDESK_API_MYSQL_DBNAME                              | MySQL database name                                                                                                                                 | rustdesk                      |
-| RUSTDESK_API_RUSTDESK_ID_SERVER                   | Rustdesk ID server address                                                                                                                           | 192.168.1.66:21116            |
+| ----- RUSTDESK Configuration -----                     | ---------------------------------------                                                                                                             | ----------------------------- |
-| RUSTDESK_API_RUSTDESK_RELAY_SERVER                | Rustdesk relay server address                                                                                                                        | 192.168.1.66:21117            |
+| RUSTDESK_API_RUSTDESK_ID_SERVER                        | Rustdesk ID server address                                                                                                                          | 192.168.1.66:21116            |
-| RUSTDESK_API_RUSTDESK_API_SERVER                  | Rustdesk API server address                                                                                                                          | http://192.168.1.66:21114     |
+| RUSTDESK_API_RUSTDESK_RELAY_SERVER                     | Rustdesk relay server address                                                                                                                       | 192.168.1.66:21117            |
-| RUSTDESK_API_RUSTDESK_KEY                         | Rustdesk key                                                                                                                                         | 123456789                     |
+| RUSTDESK_API_RUSTDESK_API_SERVER                       | Rustdesk API server address                                                                                                                         | http://192.168.1.66:21114     |
-| RUSTDESK_API_RUSTDESK_KEY_FILE                    | Rustdesk key file                                                                                                                                    | `./conf/data/id_ed25519.pub`  |
+| RUSTDESK_API_RUSTDESK_KEY                              | Rustdesk key                                                                                                                                        | 123456789                     |
-| RUSTDESK_API_RUSTDESK<br/>_WEBCLIENT_MAGIC_QUERYONLINE | New online query method is enabled in the web client v2; '1': Enabled, '0': Disabled, not enabled by default                                         | `0`                           |
+| RUSTDESK_API_RUSTDESK_KEY_FILE                         | Rustdesk key file                                                                                                                                   | `./conf/data/id_ed25519.pub`  |
-| ---- PROXY -----                                  | ---------------                                                                                                                                      | ----------                    |
+| RUSTDESK_API_RUSTDESK<br/>_WEBCLIENT_MAGIC_QUERYONLINE | New online query method is enabled in the web client v2; '1': Enabled, '0': Disabled, not enabled by default                                        | `0`                           |
-| RUSTDESK_API_PROXY_ENABLE                         | proxy_enable :`false`, `true`                                                                                                                        | `false`                       |
+| ---- PROXY -----                                       | ---------------                                                                                                                                     | ----------                    |
-| RUSTDESK_API_PROXY_HOST                           | proxy_host                                                                                                                                           | `http://127.0.0.1:1080`       |
+| RUSTDESK_API_PROXY_ENABLE                              | proxy_enable :`false`, `true`                                                                                                                       | `false`                       |
-| ----JWT----                                       | --------                                                                                                                                             | --------                      |
+| RUSTDESK_API_PROXY_HOST                                | proxy_host                                                                                                                                          | `http://127.0.0.1:1080`       |
-| RUSTDESK_API_JWT_KEY                              | Custom JWT KEY, if empty JWT is not enabled.<br/>If `MUST_LOGIN` from `lejianwen/rustdesk-server` is not used, it is recommended to leave it empty.  |                               |
+| ----JWT----                                            | --------                                                                                                                                            | --------                      |
-| RUSTDESK_API_JWT_EXPIRE_DURATION                  | JWT expire duration                                                                                                                                  | 360000                        |
+| RUSTDESK_API_JWT_KEY                                   | Custom JWT KEY, if empty JWT is not enabled.<br/>If `MUST_LOGIN` from `lejianwen/rustdesk-server` is not used, it is recommended to leave it empty. |                               |
+| RUSTDESK_API_JWT_EXPIRE_DURATION                       | JWT expire duration                                                                                                                                 | `168h`                        |
 
 ### Installation Steps
 

cmd/apimain.go

@@ -1,24 +1,23 @@
 package main
 
 import (
-	"Gwen/config"
-	"Gwen/global"
-	"Gwen/http"
-	"Gwen/lib/cache"
-	"Gwen/lib/jwt"
-	"Gwen/lib/lock"
-	"Gwen/lib/logger"
-	"Gwen/lib/orm"
-	"Gwen/lib/upload"
-	"Gwen/model"
-	"Gwen/service"
-	"Gwen/utils"
 	"github.com/go-redis/redis/v8"
+	"github.com/lejianwen/rustdesk-api/v2/config"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http"
+	"github.com/lejianwen/rustdesk-api/v2/lib/cache"
+	"github.com/lejianwen/rustdesk-api/v2/lib/jwt"
+	"github.com/lejianwen/rustdesk-api/v2/lib/lock"
+	"github.com/lejianwen/rustdesk-api/v2/lib/logger"
+	"github.com/lejianwen/rustdesk-api/v2/lib/orm"
+	"github.com/lejianwen/rustdesk-api/v2/lib/upload"
+	"github.com/lejianwen/rustdesk-api/v2/model"
+	"github.com/lejianwen/rustdesk-api/v2/service"
+	"github.com/lejianwen/rustdesk-api/v2/utils"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
 	"github.com/spf13/cobra"
 	"os"
 	"strconv"
-	"time"
 )
 
 // @title 管理系统API
@@ -162,13 +161,12 @@ func InitGlobal() {
 
 	//jwt
 	//fmt.Println(global.Config.Jwt.PrivateKey)
-	global.Jwt = jwt.NewJwt(global.Config.Jwt.Key, global.Config.Jwt.ExpireDuration*time.Second)
+	global.Jwt = jwt.NewJwt(global.Config.Jwt.Key, global.Config.Jwt.ExpireDuration)
-
 	//locker
 	global.Lock = lock.NewLocal()
 }
 func DatabaseAutoUpdate() {
-	version := 260
+	version := 261
 
 	db := global.DB
 
@@ -186,12 +184,12 @@ func DatabaseAutoUpdate() {
 			// 获取底层的 *sql.DB 对象，并确保在程序退出时关闭连接
 			sqlDBWithoutDB, err := dbWithoutDB.DB()
 			if err != nil {
-				global.Logger.Error("获取底层 *sql.DB 对象失败: %v\n", err)
+				global.Logger.Errorf("获取底层 *sql.DB 对象失败: %v", err)
 				return
 			}
 			defer func() {
 				if err := sqlDBWithoutDB.Close(); err != nil {
-					global.Logger.Error("关闭连接失败: %v\n", err)
+					global.Logger.Errorf("关闭连接失败: %v", err)
 				}
 			}()
 
@@ -212,6 +210,7 @@ func DatabaseAutoUpdate() {
 		if v.Version < uint(version) {
 			Migrate(uint(version))
 		}
+
 		// 245迁移
 		if v.Version < 245 {
 			//oauths 表的 oauth_type 字段设置为 op同样的值
@@ -234,7 +233,7 @@ func DatabaseAutoUpdate() {
 
 }
 func Migrate(version uint) {
-	global.Logger.Info("migrating....", version)
+	global.Logger.Info("Migrating....", version)
 	err := global.DB.AutoMigrate(
 		&model.Version{},
 		&model.User{},

conf/admin/hello.html

@@ -1 +1 @@
-### 👏👏👏 你好 ***{{username}}***， 欢迎使用 [RustDesk Api](https://github.com/lejianwen/rustdesk-api)
+### 👏👏👏 你好 ***{{username}}***， 欢迎使用 [RustDesk API](https://github.com/lejianwen/rustdesk-api)

conf/config.yaml

@@ -3,8 +3,9 @@ app:
   web-client: 1  # 1:启用 0:禁用
   register: false #是否开启注册
   show-swagger: 0 # 1:启用 0:禁用
-  token-expire: 360000
+  token-expire: 168h
   web-sso: true #web auth sso
+  disable-pwd-login: false #禁用密码登录
 admin:
   title: "RustDesk Api Admin"
   hello-file: "./conf/admin/hello.html"  #优先使用file
@@ -40,7 +41,7 @@ proxy:
   host: "http://127.0.0.1:1080"
 jwt:
   key: ""
-  expire-duration: 360000
+  expire-duration: 168h
 ldap:
   enable: false
   url: "ldap://ldap.example.com:389"

config/config.go

@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"github.com/spf13/viper"
 	"strings"
+	"time"
 )
 
 const (
@@ -13,11 +14,12 @@ const (
 )
 
 type App struct {
-	WebClient   int  `mapstructure:"web-client"`
+	WebClient       int           `mapstructure:"web-client"`
-	Register    bool `mapstructure:"register"`
+	Register        bool          `mapstructure:"register"`
-	ShowSwagger int  `mapstructure:"show-swagger"`
+	ShowSwagger     int           `mapstructure:"show-swagger"`
-	TokenExpire int  `mapstructure:"token-expire"`
+	TokenExpire     time.Duration `mapstructure:"token-expire"`
-	WebSso      bool `mapstructure:"web-sso"`
+	WebSso          bool          `mapstructure:"web-sso"`
+	DisablePwdLogin bool          `mapstructure:"disable-pwd-login"`
 }
 type Admin struct {
 	Title     string `mapstructure:"title"`
@@ -72,7 +74,7 @@ func Init(rowVal *Config, path string) *viper.Viper {
 			})
 	*/
 	if err := v.Unmarshal(rowVal); err != nil {
-		fmt.Println(err)
+		panic(fmt.Errorf("Fatal error config: %s \n", err))
 	}
 	rowVal.Rustdesk.LoadKeyFile()
 	rowVal.Rustdesk.ParsePort()

config/ldap.go

@@ -1,16 +1,16 @@
 package config
 
 type LdapUser struct {
-	BaseDn 	   		string `mapstructure:"base-dn"` 				// The base DN of the user for searching
+	BaseDn          string `mapstructure:"base-dn"`           // The base DN of the user for searching
-	EnableAttr 		string `mapstructure:"enable-attr"` 			// The attribute name of the user for enabling, in AD it is "userAccountControl", empty means no enable attribute, all users are enabled
+	EnableAttr      string `mapstructure:"enable-attr"`       // The attribute name of the user for enabling, in AD it is "userAccountControl", empty means no enable attribute, all users are enabled
-	EnableAttrValue string `mapstructure:"enable-attr-value"` 		// The value of the enable attribute when the user is enabled. If you are using AD, just leave it random str, it will be ignored.
+	EnableAttrValue string `mapstructure:"enable-attr-value"` // The value of the enable attribute when the user is enabled. If you are using AD, just leave it random str, it will be ignored.
-	Filter     		string `mapstructure:"filter"`
+	Filter          string `mapstructure:"filter"`
-	Username   		string `mapstructure:"username"`
+	Username        string `mapstructure:"username"`
-	Email      		string `mapstructure:"email"`
+	Email           string `mapstructure:"email"`
-	FirstName  		string `mapstructure:"first-name"`
+	FirstName       string `mapstructure:"first-name"`
-	LastName   		string `mapstructure:"last-name"`
+	LastName        string `mapstructure:"last-name"`
-	Sync       		bool   `mapstructure:"sync"` 				// Will sync the user's information to the internal database
+	Sync            bool   `mapstructure:"sync"`        // Will sync the user's information to the internal database
-	AdminGroup      string `mapstructure:"admin-group"` 	    // Which group is the admin group
+	AdminGroup      string `mapstructure:"admin-group"` // Which group is the admin group
 }
 
 // type LdapGroup struct {
@@ -24,13 +24,13 @@ type LdapUser struct {
 // }
 
 type Ldap struct {
-	Enable       bool      `mapstructure:"enable"`
+	Enable       bool     `mapstructure:"enable"`
-	Url          string    `mapstructure:"url"`
+	Url          string   `mapstructure:"url"`
-	TLS          bool      `mapstructure:"tls"`
+	TLS          bool     `mapstructure:"tls"`
-	TlsVerify 	 bool      `mapstructure:"tls-verify"`
+	TlsVerify    bool     `mapstructure:"tls-verify"`
-	BaseDn       string    `mapstructure:"base-dn"`
+	BaseDn       string   `mapstructure:"base-dn"`
-	BindDn       string    `mapstructure:"bind-dn"`
+	BindDn       string   `mapstructure:"bind-dn"`
-	BindPassword string    `mapstructure:"bind-password"`
+	BindPassword string   `mapstructure:"bind-password"`
-	User         LdapUser  `mapstructure:"user"`
+	User         LdapUser `mapstructure:"user"`
 	// Group        LdapGroup `mapstructure:"group"`
 }

docs/admin/admin_docs.go

@@ -1783,7 +1783,7 @@ const docTemplateadmin = `{
                         "in": "body",
                         "required": true,
                         "schema": {
-                            "$ref": "#/definitions/Gwen_http_request_admin.Login"
+                            "$ref": "#/definitions/github_com_lejianwen_rustdesk-api_http_request_admin.Login"
                         }
                     }
                 ],
@@ -5104,27 +5104,6 @@ const docTemplateadmin = `{
         }
     },
     "definitions": {
-        "Gwen_http_request_admin.Login": {
-            "type": "object",
-            "required": [
-                "password",
-                "username"
-            ],
-            "properties": {
-                "captcha": {
-                    "type": "string"
-                },
-                "password": {
-                    "type": "string"
-                },
-                "platform": {
-                    "type": "string"
-                },
-                "username": {
-                    "type": "string"
-                }
-            }
-        },
         "admin.AddressBookForm": {
             "type": "object",
             "required": [
@@ -5542,6 +5521,27 @@ const docTemplateadmin = `{
                 }
             }
         },
+        "github_com_lejianwen_rustdesk-api_http_request_admin.Login": {
+            "type": "object",
+            "required": [
+                "password",
+                "username"
+            ],
+            "properties": {
+                "captcha": {
+                    "type": "string"
+                },
+                "password": {
+                    "type": "string"
+                },
+                "platform": {
+                    "type": "string"
+                },
+                "username": {
+                    "type": "string"
+                }
+            }
+        },
         "model.AddressBook": {
             "type": "object",
             "properties": {

docs/admin/admin_swagger.json

@@ -1776,7 +1776,7 @@
                         "in": "body",
                         "required": true,
                         "schema": {
-                            "$ref": "#/definitions/Gwen_http_request_admin.Login"
+                            "$ref": "#/definitions/github_com_lejianwen_rustdesk-api_http_request_admin.Login"
                         }
                     }
                 ],
@@ -5097,27 +5097,6 @@
         }
     },
     "definitions": {
-        "Gwen_http_request_admin.Login": {
-            "type": "object",
-            "required": [
-                "password",
-                "username"
-            ],
-            "properties": {
-                "captcha": {
-                    "type": "string"
-                },
-                "password": {
-                    "type": "string"
-                },
-                "platform": {
-                    "type": "string"
-                },
-                "username": {
-                    "type": "string"
-                }
-            }
-        },
         "admin.AddressBookForm": {
             "type": "object",
             "required": [
@@ -5535,6 +5514,27 @@
                 }
             }
         },
+        "github_com_lejianwen_rustdesk-api_http_request_admin.Login": {
+            "type": "object",
+            "required": [
+                "password",
+                "username"
+            ],
+            "properties": {
+                "captcha": {
+                    "type": "string"
+                },
+                "password": {
+                    "type": "string"
+                },
+                "platform": {
+                    "type": "string"
+                },
+                "username": {
+                    "type": "string"
+                }
+            }
+        },
         "model.AddressBook": {
             "type": "object",
             "properties": {

docs/admin/admin_swagger.yaml

@@ -1,19 +1,5 @@
 basePath: /api
 definitions:
-  Gwen_http_request_admin.Login:
-    properties:
-      captcha:
-        type: string
-      password:
-        type: string
-      platform:
-        type: string
-      username:
-        type: string
-    required:
-    - password
-    - username
-    type: object
   admin.AddressBookForm:
     properties:
       alias:
@@ -292,6 +278,20 @@ definitions:
     required:
     - ids
     type: object
+  github_com_lejianwen_rustdesk-api_http_request_admin.Login:
+    properties:
+      captcha:
+        type: string
+      password:
+        type: string
+      platform:
+        type: string
+      username:
+        type: string
+    required:
+    - password
+    - username
+    type: object
   model.AddressBook:
     properties:
       alias:
@@ -1830,7 +1830,7 @@ paths:
         name: body
         required: true
         schema:
-          $ref: '#/definitions/Gwen_http_request_admin.Login'
+          $ref: '#/definitions/github_com_lejianwen_rustdesk-api_http_request_admin.Login'
       produces:
       - application/json
       responses:

generate_api.go

@@ -1,4 +1,4 @@
-package Gwen
+package main
 
 //go:generate swag init -g cmd/apimain.go --output docs/api --instanceName api --exclude http/controller/admin
 //go:generate swag init -g cmd/apimain.go --output docs/admin --instanceName admin --exclude http/controller/api

generate_run.go

@@ -1,3 +1,3 @@
-package Gwen
+package main
 
 //go:generate go run cmd/apimain.go

global/global.go

@@ -1,15 +1,15 @@
 package global
 
 import (
-	"Gwen/config"
-	"Gwen/lib/cache"
-	"Gwen/lib/jwt"
-	"Gwen/lib/lock"
-	"Gwen/lib/upload"
 	"github.com/gin-gonic/gin"
 	ut "github.com/go-playground/universal-translator"
 	"github.com/go-playground/validator/v10"
 	"github.com/go-redis/redis/v8"
+	"github.com/lejianwen/rustdesk-api/v2/config"
+	"github.com/lejianwen/rustdesk-api/v2/lib/cache"
+	"github.com/lejianwen/rustdesk-api/v2/lib/jwt"
+	"github.com/lejianwen/rustdesk-api/v2/lib/lock"
+	"github.com/lejianwen/rustdesk-api/v2/lib/upload"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
 	"github.com/sirupsen/logrus"
 	"github.com/spf13/viper"

global/i18n.go

@@ -15,7 +15,6 @@ func InitI18n() {
 	fileInfos, err := os.ReadDir(dir)
 	if err != nil {
 		panic(err)
-		return
 	}
 	for _, fileInfo := range fileInfos {
 		//如果文件名不是.toml结尾

go.mod

@@ -1,4 +1,4 @@
-module Gwen
+module github.com/lejianwen/rustdesk-api/v2
 
 go 1.22
 

http/controller/admin/addressBook.go

@@ -1,13 +1,13 @@
 package admin
 
 import (
-	"Gwen/global"
-	"Gwen/http/request/admin"
-	"Gwen/http/response"
-	"Gwen/service"
 	"encoding/json"
 	_ "encoding/json"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 	"strconv"
 )

http/controller/admin/addressBookCollection.go

@@ -1,12 +1,12 @@
 package admin
 
 import (
-	"Gwen/global"
-	"Gwen/http/request/admin"
-	"Gwen/http/response"
-	"Gwen/model"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/model"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 	"strconv"
 )

http/controller/admin/addressBookCollectionRule.go

@@ -1,12 +1,12 @@
 package admin
 
 import (
-	"Gwen/global"
-	"Gwen/http/request/admin"
-	"Gwen/http/response"
-	"Gwen/model"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/model"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 	"strconv"
 )

http/controller/admin/audit.go

@@ -1,12 +1,12 @@
 package admin
 
 import (
-	"Gwen/global"
-	"Gwen/http/request/admin"
-	"Gwen/http/response"
-	"Gwen/model"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/model"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 )
 

http/controller/admin/config.go

@@ -1,10 +1,11 @@
 package admin
 
 import (
-	"Gwen/global"
-	"Gwen/http/response"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/model"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"os"
 	"strings"
 )
@@ -60,7 +61,22 @@ func (co *Config) AppConfig(c *gin.Context) {
 // @Security token
 func (co *Config) AdminConfig(c *gin.Context) {
 
-	u := service.AllService.UserService.CurUser(c)
+	u := &model.User{}
+	token := c.GetHeader("api-token")
+	if token != "" {
+		u, _ = service.AllService.UserService.InfoByAccessToken(token)
+		if !service.AllService.UserService.CheckUserEnable(u) {
+			u.Id = 0
+		}
+	}
+
+	if u.Id == 0 {
+		response.Success(c, &gin.H{
+			"title": global.Config.Admin.Title,
+		})
+		return
+	}
+
 	hello := global.Config.Admin.Hello
 	helloFile := global.Config.Admin.HelloFile
 	if helloFile != "" {

http/controller/admin/file.go

@@ -1,11 +1,11 @@
 package admin
 
 import (
-	"Gwen/global"
-	"Gwen/http/response"
-	"Gwen/lib/upload"
 	"fmt"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/lib/upload"
 	"os"
 	"time"
 )

http/controller/admin/group.go

@@ -1,11 +1,11 @@
 package admin
 
 import (
-	"Gwen/global"
-	"Gwen/http/request/admin"
-	"Gwen/http/response"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"strconv"
 )
 

http/controller/admin/login.go

@@ -1,16 +1,16 @@
 package admin
 
 import (
-	"Gwen/global"
-	"Gwen/http/controller/api"
-	"Gwen/http/request/admin"
-	apiReq "Gwen/http/request/api"
-	"Gwen/http/response"
-	adResp "Gwen/http/response/admin"
-	"Gwen/model"
-	"Gwen/service"
 	"fmt"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/controller/api"
+	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
+	apiReq "github.com/lejianwen/rustdesk-api/v2/http/request/api"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	adResp "github.com/lejianwen/rustdesk-api/v2/http/response/admin"
+	"github.com/lejianwen/rustdesk-api/v2/model"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"github.com/mojocn/base64Captcha"
 	"sync"
 	"time"
@@ -152,6 +152,10 @@ var loginLimiter = NewLoginLimiter(3, 5*time.Minute)
 // @Router /admin/login [post]
 // @Security token
 func (ct *Login) Login(c *gin.Context) {
+	if global.Config.App.DisablePwdLogin {
+		response.Fail(c, 101, response.TranslateMsg(c, "PwdLoginDisabled"))
+		return
+	}
 	f := &admin.Login{}
 	err := c.ShouldBindJSON(f)
 	clientIp := c.ClientIP()
@@ -279,13 +283,13 @@ func (ct *Login) OidcAuth(c *gin.Context) {
 		return
 	}
 
-	err, code, url := service.AllService.OauthService.BeginAuth(f.Op)
+	err, state, verifier, url := service.AllService.OauthService.BeginAuth(f.Op)
 	if err != nil {
 		response.Error(c, response.TranslateMsg(c, err.Error()))
 		return
 	}
 
-	service.AllService.OauthService.SetOauthCache(code, &service.OauthCacheItem{
+	service.AllService.OauthService.SetOauthCache(state, &service.OauthCacheItem{
 		Action:     service.OauthActionTypeLogin,
 		Op:         f.Op,
 		Id:         f.Id,
@@ -293,10 +297,11 @@ func (ct *Login) OidcAuth(c *gin.Context) {
 		// DeviceOs: ct.Platform(c),
 		DeviceOs: f.DeviceInfo.Os,
 		Uuid:     f.Uuid,
+		Verifier: verifier,
 	}, 5*60)
 
 	response.Success(c, gin.H{
-		"code": code,
+		"code": state,
 		"url":  url,
 	})
 }

http/controller/admin/loginLog.go

@@ -1,12 +1,12 @@
 package admin
 
 import (
-	"Gwen/global"
-	"Gwen/http/request/admin"
-	"Gwen/http/response"
-	"Gwen/model"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/model"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 	"strconv"
 )

http/controller/admin/my/addressBook.go

@@ -1,12 +1,12 @@
 package my
 
 import (
-	"Gwen/global"
-	"Gwen/http/request/admin"
-	"Gwen/http/response"
-	"Gwen/service"
 	"encoding/json"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 )
 

http/controller/admin/my/addressBookCollection.go

@@ -1,12 +1,12 @@
 package my
 
 import (
-	"Gwen/global"
-	"Gwen/http/request/admin"
-	"Gwen/http/response"
-	"Gwen/model"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/model"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 )
 

http/controller/admin/my/addressBookCollectionRule.go

@@ -1,12 +1,12 @@
 package my
 
 import (
-	"Gwen/global"
-	"Gwen/http/request/admin"
-	"Gwen/http/response"
-	"Gwen/model"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/model"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 )
 

http/controller/admin/my/loginLog.go

@@ -1,12 +1,12 @@
 package my
 
 import (
-	"Gwen/global"
-	"Gwen/http/request/admin"
-	"Gwen/http/response"
-	"Gwen/model"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/model"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 )
 

http/controller/admin/my/peer.go

@@ -1,10 +1,10 @@
 package my
 
 import (
-	"Gwen/http/request/admin"
-	"Gwen/http/response"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 	"time"
 )

http/controller/admin/my/shareRecord.go

@@ -1,11 +1,11 @@
 package my
 
 import (
-	"Gwen/global"
-	"Gwen/http/request/admin"
-	"Gwen/http/response"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 )
 

http/controller/admin/my/tag.go

@@ -1,11 +1,11 @@
 package my
 
 import (
-	"Gwen/global"
-	"Gwen/http/request/admin"
-	"Gwen/http/response"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 )
 

http/controller/admin/oauth.go

@@ -1,12 +1,12 @@
 package admin
 
 import (
-	"Gwen/global"
-	"Gwen/http/request/admin"
-	adminReq "Gwen/http/request/admin"
-	"Gwen/http/response"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
+	adminReq "github.com/lejianwen/rustdesk-api/v2/http/request/admin"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"strconv"
 )
 
@@ -43,20 +43,21 @@ func (o *Oauth) ToBind(c *gin.Context) {
 		return
 	}
 
-	err, code, url := service.AllService.OauthService.BeginAuth(f.Op)
+	err, state, verifier, url := service.AllService.OauthService.BeginAuth(f.Op)
 	if err != nil {
 		response.Error(c, response.TranslateMsg(c, err.Error()))
 		return
 	}
 
-	service.AllService.OauthService.SetOauthCache(code, &service.OauthCacheItem{
+	service.AllService.OauthService.SetOauthCache(state, &service.OauthCacheItem{
 		Action: service.OauthActionTypeBind,
-		Op:     f.Op,
+		Op:     	f.Op,
-		UserId: u.Id,
+		UserId: 	u.Id,
+		Verifier: 	verifier,
 	}, 5*60)
 
 	response.Success(c, gin.H{
-		"code": code,
+		"code": state,
 		"url":  url,
 	})
 }

http/controller/admin/peer.go

@@ -1,11 +1,11 @@
 package admin
 
 import (
-	"Gwen/global"
-	"Gwen/http/request/admin"
-	"Gwen/http/response"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 	"strconv"
 	"time"

http/controller/admin/rustdesk.go

@@ -1,12 +1,12 @@
 package admin
 
 import (
-	"Gwen/global"
-	"Gwen/http/request/admin"
-	"Gwen/http/response"
-	"Gwen/model"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/model"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 )
 
 type Rustdesk struct {

http/controller/admin/shareRecord.go

@@ -1,11 +1,11 @@
 package admin
 
 import (
-	"Gwen/global"
-	"Gwen/http/request/admin"
-	"Gwen/http/response"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 )
 

http/controller/admin/tag.go

@@ -1,11 +1,11 @@
 package admin
 
 import (
-	"Gwen/global"
-	"Gwen/http/request/admin"
-	"Gwen/http/response"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 	"strconv"
 )

http/controller/admin/user.go

@@ -1,13 +1,13 @@
 package admin
 
 import (
-	"Gwen/global"
-	"Gwen/http/request/admin"
-	"Gwen/http/response"
-	adResp "Gwen/http/response/admin"
-	"Gwen/model"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	adResp "github.com/lejianwen/rustdesk-api/v2/http/response/admin"
+	"github.com/lejianwen/rustdesk-api/v2/model"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 	"strconv"
 )

http/controller/admin/userToken.go

@@ -1,12 +1,12 @@
 package admin
 
 import (
-	"Gwen/global"
-	"Gwen/http/request/admin"
-	"Gwen/http/response"
-	"Gwen/model"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/request/admin"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/model"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"gorm.io/gorm"
 )
 

http/controller/api/ab.go

@@ -1,16 +1,16 @@
 package api
 
 import (
-	"Gwen/global"
-	requstform "Gwen/http/request/api"
-	"Gwen/http/response"
-	"Gwen/http/response/api"
-	"Gwen/model"
-	"Gwen/service"
-	"Gwen/utils"
 	"encoding/json"
 	"errors"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	requstform "github.com/lejianwen/rustdesk-api/v2/http/request/api"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/http/response/api"
+	"github.com/lejianwen/rustdesk-api/v2/model"
+	"github.com/lejianwen/rustdesk-api/v2/service"
+	"github.com/lejianwen/rustdesk-api/v2/utils"
 	"net/http"
 	"strconv"
 	"strings"

http/controller/api/audit.go

@@ -1,12 +1,12 @@
 package api
 
 import (
-	request "Gwen/http/request/api"
-	"Gwen/http/response"
-	"Gwen/model"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	"github.com/gin-gonic/gin/binding"
+	request "github.com/lejianwen/rustdesk-api/v2/http/request/api"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/model"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"time"
 )
 

http/controller/api/group.go

@@ -1,12 +1,12 @@
 package api
 
 import (
-	apiReq "Gwen/http/request/api"
-	"Gwen/http/response"
-	apiResp "Gwen/http/response/api"
-	"Gwen/model"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	apiReq "github.com/lejianwen/rustdesk-api/v2/http/request/api"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	apiResp "github.com/lejianwen/rustdesk-api/v2/http/response/api"
+	"github.com/lejianwen/rustdesk-api/v2/model"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"net/http"
 )
 

http/controller/api/index.go

@@ -1,11 +1,11 @@
 package api
 
 import (
-	requstform "Gwen/http/request/api"
-	"Gwen/http/response"
-	"Gwen/model"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	requstform "github.com/lejianwen/rustdesk-api/v2/http/request/api"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/model"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"net/http"
 	"os"
 	"time"

http/controller/api/login.go

@@ -1,15 +1,15 @@
 package api
 
 import (
-	"Gwen/global"
-	"Gwen/http/request/api"
-	"Gwen/http/response"
-	apiResp "Gwen/http/response/api"
-	"Gwen/model"
-	"Gwen/service"
 	"encoding/json"
 	"fmt"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/request/api"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	apiResp "github.com/lejianwen/rustdesk-api/v2/http/response/api"
+	"github.com/lejianwen/rustdesk-api/v2/model"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"net/http"
 )
 
@@ -27,6 +27,10 @@ type Login struct {
 // @Failure 500 {object} response.ErrorResponse
 // @Router /login [post]
 func (l *Login) Login(c *gin.Context) {
+	if global.Config.App.DisablePwdLogin {
+		response.Error(c, response.TranslateMsg(c, "PwdLoginDisabled"))
+		return
+	}
 	f := &api.LoginForm{}
 	err := c.ShouldBindJSON(f)
 	//fmt.Println(f)

http/controller/api/ouath.go

@@ -1,13 +1,13 @@
 package api
 
 import (
-	"Gwen/global"
-	"Gwen/http/request/api"
-	"Gwen/http/response"
-	apiResp "Gwen/http/response/api"
-	"Gwen/model"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/request/api"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	apiResp "github.com/lejianwen/rustdesk-api/v2/http/response/api"
+	"github.com/lejianwen/rustdesk-api/v2/model"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"net/http"
 )
 
@@ -32,15 +32,16 @@ func (o *Oauth) OidcAuth(c *gin.Context) {
 	}
 
 	oauthService := service.AllService.OauthService
-	var code string
+	var state string
 	var url string
-	err, code, url = oauthService.BeginAuth(f.Op)
+	var verifier string
+	err, state, verifier, url = oauthService.BeginAuth(f.Op)
 	if err != nil {
 		response.Error(c, response.TranslateMsg(c, err.Error()))
 		return
 	}
 
-	service.AllService.OauthService.SetOauthCache(code, &service.OauthCacheItem{
+	service.AllService.OauthService.SetOauthCache(state, &service.OauthCacheItem{
 		Action:     service.OauthActionTypeLogin,
 		Id:         f.Id,
 		Op:         f.Op,
@@ -48,10 +49,11 @@ func (o *Oauth) OidcAuth(c *gin.Context) {
 		DeviceName: f.DeviceInfo.Name,
 		DeviceOs:   f.DeviceInfo.Os,
 		DeviceType: f.DeviceInfo.Type,
+		Verifier:   verifier,
 	}, 5*60)
 	//fmt.Println("code url", code, url)
 	c.JSON(http.StatusOK, gin.H{
-		"code": code,
+		"code": state,
 		"url":  url,
 	})
 }
@@ -156,10 +158,11 @@ func (o *Oauth) OauthCallback(c *gin.Context) {
 	}
 	op := oauthCache.Op
 	action := oauthCache.Action
+	verifier := oauthCache.Verifier
 	var user *model.User
 	// 获取用户信息
 	code := c.Query("code")
-	err, oauthUser := oauthService.Callback(code, op)
+	err, oauthUser := oauthService.Callback(code, verifier, op)
 	if err != nil {
 		c.String(http.StatusInternalServerError, response.TranslateMsg(c, "OauthFailed")+response.TranslateMsg(c, err.Error()))
 		return

http/controller/api/peer.go

@@ -1,11 +1,11 @@
 package api
 
 import (
-	requstform "Gwen/http/request/api"
-	"Gwen/http/response"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
 	"github.com/gin-gonic/gin/binding"
+	requstform "github.com/lejianwen/rustdesk-api/v2/http/request/api"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"net/http"
 )
 

http/controller/api/user.go

@@ -1,9 +1,9 @@
 package api
 
 import (
-	apiResp "Gwen/http/response/api"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	apiResp "github.com/lejianwen/rustdesk-api/v2/http/response/api"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"net/http"
 )
 

http/controller/api/webClient.go

@@ -1,11 +1,11 @@
 package api
 
 import (
-	"Gwen/global"
-	"Gwen/http/response"
-	"Gwen/http/response/api"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/http/response/api"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 	"time"
 )
 

http/controller/web/index.go

@@ -1,8 +1,8 @@
 package web
 
 import (
-	"Gwen/global"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
 	"strconv"
 )
 
@@ -23,5 +23,6 @@ localStorage.setItem(ws2_prefix+'api-server', "` + apiServer + `")
 
 window.webclient_magic_queryonline = ` + magicQueryonline + ``
 
+	c.Header("Content-Type", "application/javascript")
 	c.String(200, tmp)
 }

http/http.go

@@ -1,10 +1,10 @@
 package http
 
 import (
-	"Gwen/global"
-	"Gwen/http/middleware"
-	"Gwen/http/router"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/middleware"
+	"github.com/lejianwen/rustdesk-api/v2/http/router"
 	"github.com/sirupsen/logrus"
 	"net/http"
 	"strings"

http/middleware/admin.go

@@ -1,13 +1,13 @@
 package middleware
 
 import (
-	"Gwen/http/response"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 )
 
-// AdminAuth 后台权限验证中间件
+// BackendUserAuth 后台权限验证中间件
-func AdminAuth() gin.HandlerFunc {
+func BackendUserAuth() gin.HandlerFunc {
 	return func(c *gin.Context) {
 
 		//测试先关闭

http/middleware/admin_privilege.go

@@ -1,9 +1,9 @@
 package middleware
 
 import (
-	"Gwen/http/response"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 )
 
 // AdminPrivilege ...

http/middleware/jwt.go

@@ -1,10 +1,10 @@
 package middleware
 
 import (
-	"Gwen/global"
-	"Gwen/http/response"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/response"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 )
 
 func JwtAuth() gin.HandlerFunc {

http/middleware/logger.go

@@ -1,8 +1,8 @@
 package middleware
 
 import (
-	"Gwen/global"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/sirupsen/logrus"
 )
 

http/middleware/rustauth.go

@@ -1,9 +1,9 @@
 package middleware
 
 import (
-	"Gwen/global"
-	"Gwen/service"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/service"
 )
 
 func RustAuth() gin.HandlerFunc {

http/request/admin/addressBook.go

@@ -1,8 +1,8 @@
 package admin
 
 import (
-	"Gwen/model"
 	"encoding/json"
+	"github.com/lejianwen/rustdesk-api/v2/model"
 )
 
 type AddressBookForm struct {

http/request/admin/group.go

@@ -1,6 +1,6 @@
 package admin
 
-import "Gwen/model"
+import "github.com/lejianwen/rustdesk-api/v2/model"
 
 type GroupForm struct {
 	Id   uint   `json:"id"`

http/request/admin/oauth.go

@@ -1,7 +1,7 @@
 package admin
 
 import (
-	"Gwen/model"
+	"github.com/lejianwen/rustdesk-api/v2/model"
 )
 
 type BindOauthForm struct {
@@ -15,27 +15,31 @@ type UnBindOauthForm struct {
 	Op string `json:"op" binding:"required"`
 }
 type OauthForm struct {
-	Id           uint   			`json:"id"`
+	Id           uint   `json:"id"`
-	Op           string 			`json:"op" validate:"omitempty"`
+	Op           string `json:"op" validate:"omitempty"`
-	OauthType    string 			`json:"oauth_type" validate:"required"`
+	OauthType    string `json:"oauth_type" validate:"required"`
-	Issuer	     string 			`json:"issuer" validate:"omitempty,url"`
+	Issuer       string `json:"issuer" validate:"omitempty,url"`
-	Scopes	   	 string 			`json:"scopes" validate:"omitempty"`
+	Scopes       string `json:"scopes" validate:"omitempty"`
-	ClientId     string 			`json:"client_id" validate:"required"`
+	ClientId     string `json:"client_id" validate:"required"`
-	ClientSecret string 			`json:"client_secret" validate:"required"`
+	ClientSecret string `json:"client_secret" validate:"required"`
-	RedirectUrl  string 			`json:"redirect_url" validate:"required"`
+	RedirectUrl  string `json:"redirect_url" validate:"required"`
-	AutoRegister *bool  			`json:"auto_register"`
+	AutoRegister *bool  `json:"auto_register"`
+	PkceEnable   *bool  `json:"pkce_enable"`
+	PkceMethod   string `json:"pkce_method"`
 }
 
 func (of *OauthForm) ToOauth() *model.Oauth {
 	oa := &model.Oauth{
 		Op:           of.Op,
-		OauthType:	  of.OauthType,
+		OauthType:    of.OauthType,
 		ClientId:     of.ClientId,
 		ClientSecret: of.ClientSecret,
 		RedirectUrl:  of.RedirectUrl,
 		AutoRegister: of.AutoRegister,
 		Issuer:       of.Issuer,
 		Scopes:       of.Scopes,
+		PkceEnable:   of.PkceEnable,
+		PkceMethod:   of.PkceMethod,
 	}
 	oa.Id = of.Id
 	return oa

http/request/admin/peer.go

@@ -1,6 +1,6 @@
 package admin
 
-import "Gwen/model"
+import "github.com/lejianwen/rustdesk-api/v2/model"
 
 type PeerForm struct {
 	RowId    uint   `json:"row_id" `

http/request/admin/tag.go

@@ -1,6 +1,6 @@
 package admin
 
-import "Gwen/model"
+import "github.com/lejianwen/rustdesk-api/v2/model"
 
 type TagForm struct {
 	Id           uint   `json:"id"`

http/request/admin/user.go

@@ -1,7 +1,7 @@
 package admin
 
 import (
-	"Gwen/model"
+	"github.com/lejianwen/rustdesk-api/v2/model"
 )
 
 type UserForm struct {

http/request/api/audit.go

@@ -1,9 +1,9 @@
 package api
 
 import (
-	"Gwen/global"
-	"Gwen/model"
 	"encoding/json"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/model"
 	"strconv"
 )
 

http/request/api/peer.go

@@ -1,6 +1,6 @@
 package api
 
-import "Gwen/model"
+import "github.com/lejianwen/rustdesk-api/v2/model"
 
 type AddressBookFormData struct {
 	Tags      []string             `json:"tags"`

http/response/admin/user.go

@@ -1,6 +1,6 @@
 package admin
 
-import "Gwen/model"
+import "github.com/lejianwen/rustdesk-api/v2/model"
 
 type LoginPayload struct {
 	Username   string   `json:"username"`

http/response/api/ab.go

@@ -1,6 +1,6 @@
 package api
 
-import "Gwen/model"
+import "github.com/lejianwen/rustdesk-api/v2/model"
 
 type AbList struct {
 	Peers     []*model.AddressBook `json:"peers,omitempty"`

http/response/api/peer.go

@@ -1,6 +1,6 @@
 package api
 
-import "Gwen/model"
+import "github.com/lejianwen/rustdesk-api/v2/model"
 
 /*
 GroupPeerPayload

http/response/api/user.go

@@ -1,6 +1,6 @@
 package api
 
-import "Gwen/model"
+import "github.com/lejianwen/rustdesk-api/v2/model"
 
 /*
 	pub enum UserStatus {

http/response/api/webClient.go

@@ -1,7 +1,7 @@
 package api
 
 import (
-	"Gwen/model"
+	"github.com/lejianwen/rustdesk-api/v2/model"
 	"time"
 )
 

http/response/response.go

@@ -1,9 +1,9 @@
 package response
 
 import (
-	"Gwen/global"
 	"fmt"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
 	"net/http"
 )

http/router/admin.go

@@ -1,12 +1,12 @@
 package router
 
 import (
-	_ "Gwen/docs/admin"
-	"Gwen/global"
-	"Gwen/http/controller/admin"
-	"Gwen/http/controller/admin/my"
-	"Gwen/http/middleware"
 	"github.com/gin-gonic/gin"
+	_ "github.com/lejianwen/rustdesk-api/v2/docs/admin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/controller/admin"
+	"github.com/lejianwen/rustdesk-api/v2/http/controller/admin/my"
+	"github.com/lejianwen/rustdesk-api/v2/http/middleware"
 	swaggerFiles "github.com/swaggo/files"
 	ginSwagger "github.com/swaggo/gin-swagger"
 )
@@ -22,7 +22,10 @@ func Init(g *gin.Engine) {
 	adg := g.Group("/api/admin")
 	LoginBind(adg)
 	adg.POST("/user/register", (&admin.User{}).Register)
-	adg.Use(middleware.AdminAuth())
+
+	ConfigBind(adg)
+
+	adg.Use(middleware.BackendUserAuth())
 	//FileBind(adg)
 	UserBind(adg)
 	GroupBind(adg)
@@ -35,7 +38,6 @@ func Init(g *gin.Engine) {
 	AddressBookCollectionBind(adg)
 	AddressBookCollectionRuleBind(adg)
 	UserTokenBind(adg)
-	ConfigBind(adg)
 
 	//deprecated by ConfigBind
 	//rs := &admin.Rustdesk{}
@@ -221,9 +223,13 @@ func UserTokenBind(rg *gin.RouterGroup) {
 func ConfigBind(rg *gin.RouterGroup) {
 	aR := rg.Group("/config")
 	rs := &admin.Config{}
+
+	aR.GET("/admin", rs.AdminConfig)
+
+	aR.Use(middleware.BackendUserAuth())
 	aR.GET("/server", rs.ServerConfig)
 	aR.GET("/app", rs.AppConfig)
-	aR.GET("/admin", rs.AdminConfig)
+
 }
 
 /*

http/router/api.go

@@ -1,11 +1,11 @@
 package router
 
 import (
-	_ "Gwen/docs/api"
-	"Gwen/global"
-	"Gwen/http/controller/api"
-	"Gwen/http/middleware"
 	"github.com/gin-gonic/gin"
+	_ "github.com/lejianwen/rustdesk-api/v2/docs/api"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/controller/api"
+	"github.com/lejianwen/rustdesk-api/v2/http/middleware"
 	swaggerFiles "github.com/swaggo/files"
 	ginSwagger "github.com/swaggo/gin-swagger"
 	"net/http"

http/router/router.go

@@ -1,9 +1,9 @@
 package router
 
 import (
-	"Gwen/global"
-	"Gwen/http/controller/web"
 	"github.com/gin-gonic/gin"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/http/controller/web"
 	"net/http"
 )
 

lib/orm/mysql.go

@@ -1,8 +1,8 @@
 package orm
 
 import (
-	"Gwen/global"
 	"fmt"
+	"github.com/lejianwen/rustdesk-api/v2/global"
 	"gorm.io/driver/mysql"
 	"gorm.io/gorm"
 	"gorm.io/gorm/logger"

lib/orm/sqlite.go

@@ -1,8 +1,8 @@
 package orm
 
 import (
-	"Gwen/global"
 	"fmt"
+	"github.com/lejianwen/rustdesk-api/v2/global"
 	"gorm.io/driver/sqlite"
 	"gorm.io/gorm"
 	"gorm.io/gorm/logger"

model/addressBook.go

@@ -1,6 +1,6 @@
 package model
 
-import "Gwen/model/custom_types"
+import "github.com/lejianwen/rustdesk-api/v2/model/custom_types"
 
 // final String id;
 // String hash; // personal ab hash password

model/model.go

@@ -1,7 +1,7 @@
 package model
 
 import (
-	"Gwen/model/custom_types"
+	"github.com/lejianwen/rustdesk-api/v2/model/custom_types"
 )
 
 type StatusCode int

model/oauth.go

@@ -14,6 +14,8 @@ const (
 	OauthTypeGoogle  string = "google"
 	OauthTypeOidc    string = "oidc"
 	OauthTypeWebauth string = "webauth"
+	PKCEMethodS256   string = "S256"
+	PKCEMethodPlain  string = "plain"
 )
 
 // Validate the oauth type
@@ -41,6 +43,8 @@ type Oauth struct {
 	AutoRegister *bool  `json:"auto_register"`
 	Scopes       string `json:"scopes"`
 	Issuer       string `json:"issuer"`
+	PkceEnable	 *bool  `json:"pkce_enable"`
+	PkceMethod	 string `json:"pkce_method"`
 	TimeModel
 }
 
@@ -68,6 +72,13 @@ func (oa *Oauth) FormatOauthInfo() error {
 	if oauthType == OauthTypeGoogle && issuer == "" {
 		oa.Issuer = IssuerGoogle
 	}
+	if oa.PkceEnable == nil {
+		oa.PkceEnable = new(bool)
+		*oa.PkceEnable = false
+	}
+	if oa.PkceMethod == "" {
+		oa.PkceMethod = PKCEMethodS256
+	}
 	return nil
 }
 

model/userToken.go

@@ -2,11 +2,11 @@ package model
 
 type UserToken struct {
 	IdModel
-	UserId    	uint   `json:"user_id" gorm:"default:0;not null;index"`
+	UserId     uint   `json:"user_id" gorm:"default:0;not null;index"`
-	DeviceUuid 	string `json:"device_uuid" gorm:"default:'';omitempty;"`
+	DeviceUuid string `json:"device_uuid" gorm:"default:'';omitempty;"`
-	DeviceId	string `json:"device_id" gorm:"default:'';omitempty;"`
+	DeviceId   string `json:"device_id" gorm:"default:'';omitempty;"`
-	Token     	string `json:"token" gorm:"default:'';not null;index"`
+	Token      string `json:"token" gorm:"default:'';not null;index"`
-	ExpiredAt 	int64  `json:"expired_at" gorm:"default:0;not null;"`
+	ExpiredAt  int64  `json:"expired_at" gorm:"default:0;not null;"`
 	TimeModel
 }
 

resources/i18n/en.toml

@@ -133,3 +133,8 @@ other = "Captcha required."
 description = "Captcha error."
 one = "Captcha error."
 other = "Captcha error."
+
+[PwdLoginDisabled]
+description = "Password login disabled."
+one = "Password login disabled."
+other = "Password login disabled."

resources/i18n/es.toml

@@ -142,3 +142,8 @@ other = "Captcha requerido."
 description = "Captcha error."
 one = "Error de captcha."
 other = "Error de captcha."
+
+[PwdLoginDisabled]
+description = "Password login disabled."
+one = "Inicio de sesión con contraseña deshabilitado."
+other = "Inicio de sesión con contraseña deshabilitado."

resources/i18n/fr.toml

@@ -142,3 +142,8 @@ other = "Captcha requis."
 description = "Captcha error."
 one = "Erreur de captcha."
 other = "Erreur de captcha."
+
+[PwdLoginDisabled]
+description = "Password login disabled."
+one = "Connexion par mot de passe désactivée."
+other = "Connexion par mot de passe désactivée."

resources/i18n/ko.toml

@@ -136,3 +136,8 @@ other = "Captcha가 필요합니다."
 description = "Captcha error."
 one = "Captcha 오류."
 other = "Captcha 오류."
+
+[PwdLoginDisabled]
+description = "Password login disabled."
+one = "비밀번호 로그인이 비활성화되었습니다."
+other = "비밀번호 로그인이 비활성화되었습니다."

resources/i18n/ru.toml

@@ -142,3 +142,8 @@ other = "Требуется капча."
 description = "Captcha error."
 one = "Ошибка капчи."
 other = "Ошибка капчи."
+
+[PwdLoginDisabled]
+description = "Password login disabled."
+one = "Вход по паролю отключен."
+other = "Вход по паролю отключен."

resources/i18n/zh_CN.toml

@@ -135,3 +135,8 @@ other = "需要验证码。"
 description = "Captcha error."
 one = "验证码错误。"
 other = "验证码错误。"
+
+[PwdLoginDisabled]
+description = "Password login disabled."
+one = "密码登录已禁用。"
+other = "密码登录已禁用。"

resources/i18n/zh_TW.toml

@@ -135,3 +135,8 @@ other = "需要驗證碼。"
 description = "Captcha error."
 one = "驗證碼錯誤。"
 other = "驗證碼錯誤。"
+
+[PwdLoginDisabled]
+description = "Password login disabled."
+one = "密碼登錄已禁用。"
+other = "密碼登錄已禁用。"

resources/web2/js/dist/index.js

@@ -11090,16 +11090,24 @@ function R4(u = !1) {
 function getUriFromRs(uri, isRelay = false, roffset = 0) {
     const p = isHttps() ? "wss://" : "ws://"
     const [domain, uriport] = uri.split(":")
-    if (isHttps() && (!uriport)) {
+    if (!isHttps()) {
-        return p + domain + "/ws/" + (isRelay ? "relay" : "id");
+        // http 直接走端口
+        if (uriport) {
+            const port = parseInt(uriport)
+            return p + domain + ":" + (port + (isRelay ? roffset || 3 : 2))
+        }
+        return p + domain + ":" + (defaultIdServerPort + (isRelay ? 3 : 2))
     }
-    if (uriport) {
+    // https 分情况
-        const port = parseInt(uriport);
+    if (!window.location.port) {
-        uri = domain + ":" + (port + (isRelay ? roffset || 3 : 2))
+        // 443
-    } else uri += ":" + (defaultIdServerPort + (isRelay ? 3 : 2));
+        return p + domain + "/ws/" + (isRelay ? "relay" : "id")
-    return p + uri
+    }
+    // 非443
+    return p + domain + ":" + window.location.port + "/ws/" + (isRelay ? "relay" : "id")
 }
 
+
 function isHttps() {
     return window.location.protocol === "https:"
 }

service/addressBook.go

@@ -1,10 +1,10 @@
 package service
 
 import (
-	"Gwen/global"
-	"Gwen/model"
 	"encoding/json"
 	"github.com/google/uuid"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/model"
 	"gorm.io/gorm"
 	"strings"
 )

service/audit.go

@@ -1,8 +1,8 @@
 package service
 
 import (
-	"Gwen/global"
+	"github.com/lejianwen/rustdesk-api/v2/global"
-	"Gwen/model"
+	"github.com/lejianwen/rustdesk-api/v2/model"
 	"gorm.io/gorm"
 )
 

service/group.go

@@ -1,8 +1,8 @@
 package service
 
 import (
-	"Gwen/global"
+	"github.com/lejianwen/rustdesk-api/v2/global"
-	"Gwen/model"
+	"github.com/lejianwen/rustdesk-api/v2/model"
 	"gorm.io/gorm"
 )
 

service/ldap.go

@@ -9,9 +9,9 @@ import (
 
 	"github.com/go-ldap/ldap/v3"
 
-	"Gwen/config"
+	"github.com/lejianwen/rustdesk-api/v2/config"
-	"Gwen/global"
+	"github.com/lejianwen/rustdesk-api/v2/global"
-	"Gwen/model"
+	"github.com/lejianwen/rustdesk-api/v2/model"
 )
 
 var (

service/loginLog.go

@@ -1,8 +1,8 @@
 package service
 
 import (
-	"Gwen/global"
+	"github.com/lejianwen/rustdesk-api/v2/global"
-	"Gwen/model"
+	"github.com/lejianwen/rustdesk-api/v2/model"
 	"gorm.io/gorm"
 )
 

service/oauth.go

@@ -1,12 +1,12 @@
 package service
 
 import (
-	"Gwen/global"
-	"Gwen/model"
-	"Gwen/utils"
 	"context"
 	"encoding/json"
 	"errors"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/model"
+	"github.com/lejianwen/rustdesk-api/v2/utils"
 	"golang.org/x/oauth2"
 	"golang.org/x/oauth2/github"
 	// "golang.org/x/oauth2/google"
@@ -45,6 +45,7 @@ type OauthCacheItem struct {
 	Username   string `json:"username"`
 	Name       string `json:"name"`
 	Email      string `json:"email"`
+	Verifier   string `json:"verifier"`  // used for oauth pkce
 }
 
 func (oci *OauthCacheItem) ToOauthUser() *model.OauthUser {
@@ -92,19 +93,32 @@ func (os *OauthService) DeleteOauthCache(key string) {
 	OauthCache.Delete(key)
 }
 
-func (os *OauthService) BeginAuth(op string) (error error, code, url string) {
+func (os *OauthService) BeginAuth(op string) (error error, state, verifier, url string) {
-	code = utils.RandomString(10) + strconv.FormatInt(time.Now().Unix(), 10)
+	state = utils.RandomString(10) + strconv.FormatInt(time.Now().Unix(), 10)
+	verifier = ""
 	if op == string(model.OauthTypeWebauth) {
-		url = global.Config.Rustdesk.ApiServer + "/_admin/#/oauth/" + code
+		url = global.Config.Rustdesk.ApiServer + "/_admin/#/oauth/" + state
 		//url = "http://localhost:8888/_admin/#/oauth/" + code
-		return nil, code, url
+		return nil, state, verifier, url
 	}
-	err, _, oauthConfig := os.GetOauthConfig(op)
+	err, oauthInfo, oauthConfig := os.GetOauthConfig(op)
 	if err == nil {
-		return err, code, oauthConfig.AuthCodeURL(code)
+		extras := make([]oauth2.AuthCodeOption, 0, 3)
+		if oauthInfo.PkceEnable != nil && *oauthInfo.PkceEnable {
+			extras = append(extras, oauth2.AccessTypeOffline)
+			verifier = oauth2.GenerateVerifier()
+			switch oauthInfo.PkceMethod {
+			case model.PKCEMethodS256:
+				extras = append(extras, oauth2.S256ChallengeOption(verifier))
+			case model.PKCEMethodPlain:
+				// oauth2 does not have a plain challenge option, so we add it manually
+				extras = append(extras, oauth2.SetAuthURLParam("code_challenge_method", "plain"), oauth2.SetAuthURLParam("code_challenge", verifier))
+			}
+		}
+		return err, state, verifier, oauthConfig.AuthCodeURL(state, extras...)
 	}
 
-	return err, code, ""
+	return err, state, verifier, ""
 }
 
 // Method to fetch OIDC configuration dynamically
@@ -207,15 +221,20 @@ func getHTTPClientWithProxy() *http.Client {
 	return http.DefaultClient
 }
 
-func (os *OauthService) callbackBase(oauthConfig *oauth2.Config, code string, userEndpoint string, userData interface{}) (err error, client *http.Client) {
+func (os *OauthService) callbackBase(oauthConfig *oauth2.Config, code string, verifier string, userEndpoint string, userData interface{}) (err error, client *http.Client) {
 
 	// 设置代理客户端
 	httpClient := getHTTPClientWithProxy()
 	ctx := context.WithValue(context.Background(), oauth2.HTTPClient, httpClient)
 
+	var exchangeOpts []oauth2.AuthCodeOption
+	if verifier != "" {
+		exchangeOpts = []oauth2.AuthCodeOption{oauth2.VerifierOption(verifier)}
+	}
+
 	// 使用 code 换取 token
 	var token *oauth2.Token
-	token, err = oauthConfig.Exchange(ctx, code)
+	token, err = oauthConfig.Exchange(ctx, code, exchangeOpts...)
 	if err != nil {
 		global.Logger.Warn("oauthConfig.Exchange() failed: ", err)
 		return errors.New("GetOauthTokenError"), nil
@@ -244,9 +263,9 @@ func (os *OauthService) callbackBase(oauthConfig *oauth2.Config, code string, us
 }
 
 // githubCallback github回调
-func (os *OauthService) githubCallback(oauthConfig *oauth2.Config, code string) (error, *model.OauthUser) {
+func (os *OauthService) githubCallback(oauthConfig *oauth2.Config, code string, verifier string) (error, *model.OauthUser) {
 	var user = &model.GithubUser{}
-	err, client := os.callbackBase(oauthConfig, code, model.UserEndpointGithub, user)
+	err, client := os.callbackBase(oauthConfig, code, verifier, model.UserEndpointGithub, user)
 	if err != nil {
 		return err, nil
 	}
@@ -258,16 +277,16 @@ func (os *OauthService) githubCallback(oauthConfig *oauth2.Config, code string)
 }
 
 // oidcCallback oidc回调, 通过code获取用户信息
-func (os *OauthService) oidcCallback(oauthConfig *oauth2.Config, code string, userInfoEndpoint string) (error, *model.OauthUser) {
+func (os *OauthService) oidcCallback(oauthConfig *oauth2.Config, code string, verifier string, userInfoEndpoint string) (error, *model.OauthUser) {
 	var user = &model.OidcUser{}
-	if err, _ := os.callbackBase(oauthConfig, code, userInfoEndpoint, user); err != nil {
+	if err, _ := os.callbackBase(oauthConfig, code, verifier, userInfoEndpoint, user); err != nil {
 		return err, nil
 	}
 	return nil, user.ToOauthUser()
 }
 
 // Callback: Get user information by code and op(Oauth provider)
-func (os *OauthService) Callback(code string, op string) (err error, oauthUser *model.OauthUser) {
+func (os *OauthService) Callback(code, verifier, op string) (err error, oauthUser *model.OauthUser) {
 	var oauthInfo *model.Oauth
 	var oauthConfig *oauth2.Config
 	err, oauthInfo, oauthConfig = os.GetOauthConfig(op)
@@ -278,13 +297,13 @@ func (os *OauthService) Callback(code string, op string) (err error, oauthUser *
 	oauthType := oauthInfo.OauthType
 	switch oauthType {
 	case model.OauthTypeGithub:
-		err, oauthUser = os.githubCallback(oauthConfig, code)
+		err, oauthUser = os.githubCallback(oauthConfig, code, verifier)
 	case model.OauthTypeOidc, model.OauthTypeGoogle:
 		err, endpoint := os.FetchOidcEndpoint(oauthInfo.Issuer)
 		if err != nil {
 			return err, nil
 		}
-		err, oauthUser = os.oidcCallback(oauthConfig, code, endpoint.UserInfo)
+		err, oauthUser = os.oidcCallback(oauthConfig, code, verifier, endpoint.UserInfo)
 	default:
 		return errors.New("unsupported OAuth type"), nil
 	}

service/peer.go

@@ -1,8 +1,8 @@
 package service
 
 import (
-	"Gwen/global"
+	"github.com/lejianwen/rustdesk-api/v2/global"
-	"Gwen/model"
+	"github.com/lejianwen/rustdesk-api/v2/model"
 	"gorm.io/gorm"
 )
 

service/serverCmd.go

@@ -1,9 +1,9 @@
 package service
 
 import (
-	"Gwen/global"
-	"Gwen/model"
 	"fmt"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/model"
 	"net"
 	"time"
 )

service/service.go

@@ -1,7 +1,7 @@
 package service
 
 import (
-	"Gwen/model"
+	"github.com/lejianwen/rustdesk-api/v2/model"
 	"gorm.io/gorm"
 )
 

service/shareRecord.go

@@ -1,8 +1,8 @@
 package service
 
 import (
-	"Gwen/global"
+	"github.com/lejianwen/rustdesk-api/v2/global"
-	"Gwen/model"
+	"github.com/lejianwen/rustdesk-api/v2/model"
 	"gorm.io/gorm"
 )
 

service/tag.go

@@ -1,8 +1,8 @@
 package service
 
 import (
-	"Gwen/global"
+	"github.com/lejianwen/rustdesk-api/v2/global"
-	"Gwen/model"
+	"github.com/lejianwen/rustdesk-api/v2/model"
 	"gorm.io/gorm"
 )
 

service/user.go

@@ -1,10 +1,10 @@
 package service
 
 import (
-	"Gwen/global"
-	"Gwen/model"
-	"Gwen/utils"
 	"errors"
+	"github.com/lejianwen/rustdesk-api/v2/global"
+	"github.com/lejianwen/rustdesk-api/v2/model"
+	"github.com/lejianwen/rustdesk-api/v2/utils"
 	"math/rand"
 	"strconv"
 	"strings"
@@ -52,7 +52,7 @@ func (us *UserService) InfoByUsernamePassword(username, password string) *model.
 		if err == nil {
 			return u
 		}
-		global.Logger.Error("LDAP authentication failed, %v", err)
+		global.Logger.Errorf("LDAP authentication failed, %v", err)
 		global.Logger.Warn("Fallback to local database")
 	}
 	u := &model.User{}
@@ -280,7 +280,7 @@ func (us *UserService) UpdatePassword(u *model.User, password string) error {
 
 // IsAdmin 是否管理员
 func (us *UserService) IsAdmin(u *model.User) bool {
-	return *u.IsAdmin
+	return u != nil && *u.IsAdmin
 }
 
 // RouteNames
@@ -476,9 +476,10 @@ func (us *UserService) getAdminUserCount() int64 {
 func (us *UserService) UserTokenExpireTimestamp() int64 {
 	exp := global.Config.App.TokenExpire
 	if exp == 0 {
-		exp = 3600 * 24 * 7
+		//默认七天
+		exp = 604800
 	}
-	return time.Now().Add(time.Second * time.Duration(exp)).Unix()
+	return time.Now().Add(exp).Unix()
 }
 
 func (us *UserService) RefreshAccessToken(ut *model.UserToken) {