fix proxy to https issue

update version code
2026-04-04 06:16:59 +08:00 · 2023-09-27 14:05:25 +08:00 · 2023-09-27 14:02:12 +08:00 · 2023-09-27 12:03:22 +08:00 · 2023-09-27 12:01:29 +08:00 · 2023-09-26 13:13:10 +08:00
27 changed files with 769 additions and 709 deletions
--- a/3
+++ b/3
@@ -4,7 +4,8 @@ export GOOS=linux
 export GOARCH=amd64
 build: frps-panel
-	cp ./config/frps-panel.ini ./bin/frps-panel.ini
+	cp ./config/frps-panel.toml ./bin/frps-panel.toml
 	cp ./config/frps-tokens.toml ./bin/frps-tokens.toml
 	cp -r ./assets/ ./bin/assets/
 frps-panel:
--- a/Makefile.cross-compiles
+++ b/Makefile.cross-compiles
@@ -5,7 +5,8 @@ package: copy
 	sh ./package.sh
 copy: build
-	cp ./config/frps-panel.ini ./release/frps-panel.ini
+	cp ./config/frps-panel.toml ./release/frps-panel.toml
 	cp ./config/frps-tokens.toml ./release/frps-tokens.toml
 	cp -r ./assets/ ./release/assets/
 build:
--- a/README.md
+++ b/README.md
@@ -36,62 +36,60 @@ frp version >= v0.31.0
 ### Usage
-1. Create file `frps-panel.ini` including all support usernames and tokens.
+1. Create file `frps-panel.toml` including common config.
-```ini
+```toml
 #frps-panel.toml
 [common]
-;plugin listen ip
+# frps panel config info
-plugin_addr = 127.0.0.1
+plugin_addr = "127.0.0.1"
 ;plugin listen port
 plugin_port = 7200
-;the username of manage ui,optional
+#admin_user = "admin"
-admin_user  = admin
+#admin_pwd = "admin"
-;the password of manage ui,optional
+# specified login state keep time
 admin_pwd   = admin
 ;specified login state keep time in seconds.0 - before the browser completely exit, don't need to re-login,greater than 0: when Idle time exceeds this value,you should re-login
 admin_keep_time = 0
-; enable tls
+# enable tls
 tls_mode = false
-; tls_cert_file = cert.crt
+# tls_cert_file = "cert.crt"
-; tls_key_file = cert.key
+# tls_key_file = "cert.key"
-; frp dashboard info
+# frp dashboard info
-dashboard_addr = 127.0.0.1
+dashboard_addr = "127.0.0.1"
 dashboard_port = 7500
-dashboard_user = admin
+dashboard_user = "admin"
-dashboard_pwd  = admin
+dashboard_pwd = "admin"
 [users]
 ;user user1 with meta_token 123
 user1 = 123
 ;user user2 with meta_token abc
 user2 = abc
 [ports]
 ;user1 can only use ports 8080,9090 to 9010 ,other ports will fail to create proxy (frpc can normally startup)
 user1=8080,9090-9010
 [domains]
 ;user1 can only use domain web01.user1.com ,other domain will fail to create proxy (frpc can normally startup)
 user1=web01.user1.com
 [subdomains]
 ;user1 can only use subdomain web01 ,other subdomain will fail to create proxy (frpc can normally startup)
 user1=web01
 [disabled]
 ;user2 is disabled,when frpc use this user to connect with frps,if frpc is not startup,it cannot startup,if it's already startup,it will always show error logs on console
 user2 = disable
 ```
-   One user each line. Username and token are split by `=`.
+2. Create file `frps-tokens.toml` to save users,it should be the same place with `frps-panel.toml`.this file will auto create by system.
-2. Run frps-panel:
+```toml
 #frps-tokens.toml
 [tokens]
   [tokens.user1]
      user = "user1"
      token = "token1"
      comment = "user1 with token1"
      ports = [8080, "10000-10200"]
      domains = ["web01.domain.com", "web02.domain.com"]
      subdomains = ["web01", "web02"]
      enable = true
   [tokens.user2]
      user = "user2"
      token = "token2"
      comment = "user2 with token2"
      ports = [9080]
      domains = ["web11.domain.com", "web12.domain.com"]
      subdomains = ["web11", "web12"]
      enable = false
 ```
   `./frps-panel -c ./frps-panel.ini`
-3. Register plugin in frps.
+3. Run frps-panel:
   `./frps-panel -c ./frps-panel.toml`
 4. Register plugin in frps.
 ```ini
 # frps.ini
@@ -105,7 +103,7 @@ path = /handler
 ops = Login,NewWorkConn,NewUserConn,NewProxy,Ping
 ```
-4. Specify username and meta_token in frpc configure file.
+5. Specify username and meta_token in frpc configure file.
   For user1:
@@ -139,7 +137,7 @@ local_port = 22
 remote_port = 6000
 ```
-5. Manage your users in browser via: http://127.0.0.1:7200 or https://127.0.0.1:7200
+6. Manage your users in browser via: http://127.0.0.1:7200 or https://127.0.0.1:7200
 ## Run as service
@@ -155,8 +153,8 @@ Wants = network.target
 [Service]
 Type = simple
-# config of frps-panel.ini,you should change the file path
+# config of frps-panel.toml,you should change the file path
-Environment=FRPS_PANEL_OPTS="-c /root/frps-panel/frps-panel.ini"
+Environment=FRPS_PANEL_OPTS="-c /root/frps-panel/frps-panel.toml"
 # command of run frps-panel,you should change the file path
 ExecStart = /root/frps-panel/frps-panel $FRPS_PANEL_OPTS
--- a/README_zh.md
+++ b/README_zh.md
@@ -37,63 +37,59 @@ frps-panel 会以一个单独的进程运行，并接收 frps 发送过来的 HT
 ### 使用示例
-1. 创建 `frps-panel.ini` 文件，内容为所有支持的用户名和 token。
+1. 创建 `frps-panel.toml` 文件，内容为基础配置。
-```ini
+```toml
 # frps-panel.toml
 [common]
-;插件监听地址
+# frps panel config info
-;如果上面配置中 tls_mode = true, 则把plugin_addr的值改为 https://127.0.0.1:7200
+plugin_addr = "127.0.0.1"
 plugin_addr = 127.0.0.1
 ;插件端口
 plugin_port = 7200
-;插件管理页面账号,可选
+#admin_user = "admin"
-admin_user  = admin
+#admin_pwd = "admin"
-;插件管理页面密码,与账号一起进行鉴权,可选
+# specified login state keep time
 admin_pwd   = admin
 ;登录状态空闲时间(秒):0-浏览器完全退出前不用重新登录,大于0-空闲超过此时间则需要重新登录.
 admin_keep_time = 0
-; frps 面板页面是否启用https访问,如果为true,则只能通过https访问
+# enable tls
 tls_mode = false
-; tls_cert_file = cert.crt
+# tls_cert_file = "cert.crt"
-; tls_key_file = cert.key
+# tls_key_file = "cert.key"
-; frp服务器的看板页面信息，必须配置，且与frp服务器一致，否则无法获取服务器信息
+# frp dashboard info
-dashboard_addr = 127.0.0.1
+dashboard_addr = "127.0.0.1"
 dashboard_port = 7500
-dashboard_user = admin
+dashboard_user = "admin"
-dashboard_pwd  = admin
+dashboard_pwd = "admin"
 [users]
 ;user1的meta_token为123
 user1 = 123
 ;user2的meta_token为abc
 user2 = abc
 [ports]
 ;user1只能使用8080,9090到9010端口,其他端口则建立连接时返回失败(不影响客户端启动)
 user1=8080,9090-9010
 [domains]
 ;user1只能使用web01.yyy.zzz域名,配置了其他域名则建立连接时返回失败(不影响客户端启动)
 user1=web01.user1.com
 [subdomains]
 ;user1只能使用web01.xxx.yyy.zzz域名,配置了其他三级域名则建立连接时返回失败(不影响客户端启动)
 user1=web01
 [disabled]
 ;user2被禁用,frpc使用此账户与frps通信时,如果未启动则无法启动,如果已启动,则会一直打印错误日志
 user2 = disable
 ```
-    每一个用户占一行，用户名和 token 之间以 `=` 号分隔。
+2. 创建`frps-tokens.toml`文件，其内容为系统中的用户，该文件位置和`frps-panel.toml`相同。如不创建此文件，在增加用户时会自动创建。
-2. 运行 frps-panel，指定监听地址以及 token 存储文件路径。
+```toml
 #frps-tokens.toml
 [tokens]
   [tokens.user1]
      user = "user1"
      token = "token1"
      comment = "user1 with token1"
      ports = [8080, "10000-10200"]
      domains = ["web01.domain.com", "web02.domain.com"]
      subdomains = ["web01", "web02"]
      enable = true
   [tokens.user2]
      user = "user2"
      token = "token2"
      comment = "user2 with token2"
      ports = [9080]
      domains = ["web11.domain.com", "web12.domain.com"]
      subdomains = ["web11", "web12"]
      enable = false
 ```
-    `./frps-panel -c ./frps-panel.ini`
+3. 运行 frps-panel，指定配置文件路径。
-3. 在 frps 的配置文件中注册插件，并启动。
+    `./frps-panel -c ./frps-panel.toml`
 4. 在 frps 的配置文件中注册插件，并启动。
 ```ini
 # frps.ini
@@ -106,7 +102,7 @@ path = /handler
 ops = Login,NewWorkConn,NewUserConn,NewProxy,Ping
 ```
-4. 在 frpc 中指定用户名，在 meta 中指定 token，用户名以及 `meta_token` 的内容需要和之前创建的 token 文件匹配。
+5. 在 frpc 中指定用户名，在 meta 中指定 token，用户名以及 `meta_token` 的内容需要和之前创建的 token 文件匹配。
    user1 的配置:
@@ -140,7 +136,7 @@ local_port = 22
 remote_port = 6000
 ```
-5.浏览器中输入地址: http://127.0.0.1:7200 或 https://127.0.0.1:7200 进入管理页面进行用户管理
+6.浏览器中输入地址: http://127.0.0.1:7200 或 https://127.0.0.1:7200 进入管理页面进行用户管理
 ## 以服务的形式运行
@@ -156,8 +152,8 @@ Wants = network.target
 [Service]
 Type = simple
-# 启动frps-panel的配置文件路径，需修改为您的frps-panel.ini的路径
+# 启动frps-panel的配置文件路径，需修改为您的frps-panel.toml的路径
-Environment=FRPS_PANEL_OPTS="-c /root/frps-panel/frps-panel.ini"
+Environment=FRPS_PANEL_OPTS="-c /root/frps-panel/frps-panel.toml"
 # 启动frps-panel的命令，需修改为您的frps-panel的安装路径
 ExecStart = /root/frps-panel/frps-panel $FRPS_PANEL_OPTS
--- a/assets/lang/en.json
+++ b/assets/lang/en.json
@@ -29,6 +29,7 @@
  "Other error": "Other error",
  "Param error": "Param error",
  "User exist": "User exist",
  "User not exist": "User not exist",
  "User format error": "User cannot be empty or include space char. It only allowed alphanumeric and underline.",
  "Token format error": "Token cannot be empty or include space char. It allow include those special char: _!@#$%^&*()",
  "Please check at least one user": "Please Check at least one user",
--- a/assets/lang/zh.json
+++ b/assets/lang/zh.json
@@ -29,6 +29,7 @@
  "Other error": "其他异常",
  "Param error": "参数异常",
  "User exist": "用户已经存在",
  "User not exist": "用户不存在",
  "User format error": "用户不能为空或包含空格。只允许英文数字、字母、下划线",
  "Token format error": "Token不能为空或包含空格。允许的特殊符号：_!@#$%^&*()",
  "Please check at least one user": "请选中需要操作的用户",
--- a/assets/static/css/color.css
+++ b/assets/static/css/color.css
@@ -1,3 +1,7 @@
 ::-webkit-scrollbar-thumb {
    background: rgba(199, 199, 199, 0.8);
 }
 .layui-bg-blue {
    background-color: #58b7ff !important;
 }
@@ -29,6 +33,10 @@
    border-color: #ff5722 !important;
 }
 .layui-laypage a:hover {
    color: #409eff;
 }
 .layui-laypage .layui-laypage-curr .layui-laypage-em {
    background-color: #409eff;
 }
@@ -46,6 +54,14 @@
    border-color: #79bbff;
 }
 .layui-form-checkbox[lay-skin=primary] > .layui-icon-indeterminate:before {
    background-color: #79bbff;
 }
 .layui-form-checkbox[lay-skin=primary] > .layui-icon-indeterminate {
    border-color: #79bbff;
 }
 .layui-form-checked[lay-skin=primary] > i {
    background-color: #409eff;
    border-color: #409eff !important;
@@ -63,6 +79,11 @@
    border-color: #79bbff;
 }
 .layui-table-checked.layui-table-click,
 .layui-table-checked.layui-table-hover {
    background-color: #d9ecff;
 }
 .layui-nav-tree .layui-nav-child dd.layui-this,
 .layui-nav-tree .layui-nav-child dd.layui-this a,
 .layui-nav-tree .layui-this,
@@ -119,6 +140,10 @@ section.proxy-list .proxy-info .layui-row .layui-row > div:first-child {
 }
@media (prefers-color-scheme: dark) {
    ::-webkit-scrollbar-thumb {
        background: rgba(107, 107, 107, 0.8);
    }
    .login-title,
    .login-title a {
        color: #99a9bf !important;
@@ -151,6 +176,10 @@ section.proxy-list .proxy-info .layui-row .layui-row > div:first-child {
        box-shadow: none;
    }
    .layui-laypage a:hover {
        color: #4f80a1;
    }
    .layui-laypage .layui-laypage-curr .layui-laypage-em {
        background-color: #4f80a1;
    }
@@ -173,6 +202,14 @@ section.proxy-list .proxy-info .layui-row .layui-row > div:first-child {
        border-color: #5f5f60;
    }
    .layui-form-checkbox[lay-skin=primary] > .layui-icon-indeterminate:before {
        background-color: #5f5f60;
    }
    .layui-form-checkbox[lay-skin=primary] > .layui-icon-indeterminate {
        border-color: #5f5f60;
    }
    .layui-form-checked[lay-skin=primary] > i {
        background-color: #484849;
        border-color: #484849 !important;
@@ -190,6 +227,11 @@ section.proxy-list .proxy-info .layui-row .layui-row > div:first-child {
        border-color: #5f5f60;
    }
    .layui-table-checked.layui-table-click,
    .layui-table-checked.layui-table-hover {
        background-color: #5f5f60;
    }
    .layui-nav-tree .layui-nav-child dd.layui-this,
    .layui-nav-tree .layui-nav-child dd.layui-this a,
    .layui-nav-tree .layui-this,
--- a/assets/static/css/index.css
+++ b/assets/static/css/index.css
@@ -1,3 +1,13 @@
 ::-webkit-scrollbar {
    width: 8px;
    height: 8px;
 }
 ::-webkit-scrollbar-thumb {
    border-radius: 4px;
    transition: 0.3s ease-in-out;
 }
 html, body {
    padding: 0;
    word-break: break-all;
--- a/assets/static/js/index-user-list.js
+++ b/assets/static/js/index-user-list.js
@@ -97,7 +97,7 @@ var loadUserList = (function ($) {
        }
        return {
            valid: valid,
-            trim: username
+            trim: username.trim()
        };
    }
@@ -129,7 +129,7 @@ var loadUserList = (function ($) {
        }
        return {
            valid: valid,
-            trim: comment.replace(/[\n\t\r]/g, '')
+            trim: comment.trim().replace(/[\n\t\r]/g, '')
        };
    }
@@ -184,7 +184,7 @@ var loadUserList = (function ($) {
        if (domains.trim() !== '') {
            try {
                domains.split(',').forEach(function (domain) {
-                    if (!/^(?=^.{3,255}$)[a-zA-Z0-9][-a-zA-Z0-9]{0,62}(\.[a-zA-Z0-9][-a-zA-Z0-9]{0,62}){1,3}$/.test(domain.trim())) {
+                    if (!/^([a-zA-Z0-9]+(-[a-zA-Z0-9]+)*\.)+[a-zA-Z]{2,}$/.test(domain.trim())) {
                        valid = false;
                        throw 'break';
                    }
@@ -209,7 +209,7 @@ var loadUserList = (function ($) {
        if (subdomains.trim() !== '') {
            try {
                subdomains.split(',').forEach(function (subdomain) {
-                    if (!/^[a-zA-z0-9][a-zA-Z0-9-]{0,19}$/.test(subdomain.trim())) {
+                    if (!/^[a-zA-z0-9][a-zA-z0-9-]{0,19}$/.test(subdomain.trim())) {
                        valid = false;
                        throw 'break';
                    }
@@ -251,7 +251,9 @@ var loadUserList = (function ($) {
            where: {},
            dataType: 'json',
            editTrigger: 'dblclick',
-            page: navigator.language.indexOf("zh") !== -1,
+            page: {
                layout: navigator.language.indexOf("zh") === -1 ? ['first', 'prev', 'next', 'last'] : ['prev', 'page', 'next', 'skip', 'count', 'limit']
            },
            toolbar: '#userListToolbarTemplate',
            defaultToolbar: false,
            cols: [[
@@ -263,27 +265,35 @@ var loadUserList = (function ($) {
                {field: 'domains', title: i18n['AllowedDomains'], sort: true, edit: 'textarea'},
                {field: 'subdomains', title: i18n['AllowedSubdomains'], sort: true, edit: 'textarea'},
                {
-                    field: 'status',
+                    field: 'enable',
                    title: i18n['Status'],
                    width: 100,
-                    templet: '<span>{{d.status? "' + i18n['Enable'] + '":"' + i18n['Disable'] + '"}}</span>',
+                    templet: '<span>{{d.enable? "' + i18n['Enable'] + '":"' + i18n['Disable'] + '"}}</span>',
                    sort: true
                },
                {title: i18n['Operation'], width: 150, toolbar: '#userListOperationTemplate'}
-            ]]
+            ]],
            parseData: function (res) {
                res.data.forEach(function (data) {
                    data.ports = data.ports.join(',');
                    data.domains = data.domains.join(',');
                    data.subdomains = data.subdomains.join(',');
                });
            }
        });
        bindFormEvent();
    }
    /**
-     * bind event of layui.form
+     * bind event of {{@link layui.form}}
     */
    function bindFormEvent() {
        layui.table.on('edit(tokenTable)', function (obj) {
            var field = obj.field;
            var value = obj.value;
            var oldValue = obj.oldValue;
            var before = $.extend(true, {}, obj.data);
            var after = $.extend(true, {}, obj.data);
            var verifyMsg = false;
@@ -344,30 +354,60 @@ var loadUserList = (function ($) {
                after.subdomains = value;
            }
            before.ports = before.ports.split(',')
            before.domains = before.domains.split(',')
            before.subdomains = before.subdomains.split(',')
            after.ports = after.ports.split(',')
            after.domains = after.domains.split(',')
            after.subdomains = after.subdomains.split(',')
            update(before, after);
        });
        layui.table.on('toolbar(tokenTable)', function (obj) {
            var id = obj.config.id;
            var checkStatus = layui.table.checkStatus(id);
            var data = checkStatus.data;
            data.forEach(function (temp) {
                temp.ports = temp.ports.split(',')
                temp.ports.forEach(function (port, index) {
                    if (/^\d+$/.test(String(port))) {
                        temp.ports[index] = parseInt(String(port));
                    }
                });
                temp.domains = temp.domains.split(',')
                temp.subdomains = temp.subdomains.split(',')
            });
            switch (obj.event) {
                case 'add':
                    addPopup();
                    break
                case 'remove':
-                    batchRemovePopup(checkStatus.data);
+                    batchRemovePopup(data);
                    break
                case 'disable':
-                    batchDisablePopup(checkStatus.data);
+                    batchDisablePopup(data);
                    break
                case 'enable':
-                    batchEnablePopup(checkStatus.data);
+                    batchEnablePopup(data);
                    break
            }
        });
        layui.table.on('tool(tokenTable)', function (obj) {
            var data = obj.data;
            data.ports = data.ports.split(',')
            data.ports.forEach(function (port, index) {
                if (/^\d+$/.test(String(port))) {
                    data.ports[index] = parseInt(String(port));
                }
            });
            data.domains = data.domains.split(',')
            data.subdomains = data.subdomains.split(',')
            switch (obj.event) {
                case 'remove':
                    removePopup(data);
@@ -406,7 +446,22 @@ var loadUserList = (function ($) {
            btn: [i18n['Confirm'], i18n['Cancel']],
            btn1: function (index) {
                if (layui.form.validate('#addUserForm')) {
-                    add(layui.form.val('addUserForm'), index);
+                    var formData = layui.form.val('addUserForm');
                    if (formData.ports != null) {
                        formData.ports = formData.ports.split(',')
                        formData.ports.forEach(function (port, index) {
                            if (/^\d+$/.test(String(port))) {
                                formData.ports[index] = parseInt(String(port));
                            }
                        })
                    }
                    if (formData.domains != null) {
                        formData.domains = formData.domains.split(',')
                    }
                    if (formData.subdomains != null) {
                        formData.subdomains = formData.subdomains.split(',')
                    }
                    add(formData, index);
                }
            },
            btn2: function (index) {
@@ -417,7 +472,7 @@ var loadUserList = (function ($) {
    /**
     * add user action
-     * @param data {{user:string, token:string, comment:string, status:boolean, ports:string, domains:string, subdomains:string}} user data
+     * @param data {{user:string, token:string, comment:string, enable:boolean, ports:[string|number], domains:[string], subdomains:[string]}} user data
     * @param index popup index
     */
    function add(data, index) {
@@ -446,10 +501,20 @@ var loadUserList = (function ($) {
    /**
     * update user action
-     * @param before {{user:string, token:string, comment:string, status:boolean, ports:string, domains:string, subdomains:string}} data before update
+     * @param before {{user:string, token:string, comment:string, enable:boolean, ports:[string|number], domains:[string], subdomains:[string]}} data before update
-     * @param after {{user:string, token:string, comment:string, status:boolean, ports:string, domains:string, subdomains:string}} data after update
+     * @param after {{user:string, token:string, comment:string, enable:boolean, ports:[string|number], domains:[string], subdomains:[string]}} data after update
     */
    function update(before, after) {
        before.ports.forEach(function (port, index) {
            if (/^\d+$/.test(String(port))) {
                before.ports[index] = parseInt(String(port));
            }
        });
        after.ports.forEach(function (port, index) {
            if (/^\d+$/.test(String(port)) && typeof port === "string") {
                after.ports[index] = parseInt(String(port));
            }
        });
        var loading = layui.layer.load();
        $.ajax({
            url: '/update',
@@ -474,7 +539,7 @@ var loadUserList = (function ($) {
    /**
     * batch remove user popup
-     * @param data {[{user:string, token:string, comment:string, status:boolean, ports:string, domains:string, subdomains:string}]} user data list
+     * @param data {[{user:string, token:string, comment:string, enable:boolean, ports:[string|number], domains:[string], subdomains:[string]}]} user data list
     */
    function batchRemovePopup(data) {
        if (data.length === 0) {
@@ -491,7 +556,7 @@ var loadUserList = (function ($) {
    /**
     * batch disable user popup
-     * @param data {[{user:string, token:string, comment:string, status:boolean, ports:string, domains:string, subdomains:string}]} user data list
+     * @param data {[{user:string, token:string, comment:string, enable:boolean, ports:[string|number], domains:[string], subdomains:[string]}]} user data list
     */
    function batchDisablePopup(data) {
        if (data.length === 0) {
@@ -508,7 +573,7 @@ var loadUserList = (function ($) {
    /**
     * batch enable user popup
-     * @param data {[{user:string, token:string, comment:string, status:boolean, ports:string, domains:string, subdomains:string}]} user data list
+     * @param data {[{user:string, token:string, comment:string, enable:boolean, ports:[string|number], domains:[string], subdomains:[string]}]} user data list
     */
    function batchEnablePopup(data) {
        if (data.length === 0) {
@@ -525,7 +590,7 @@ var loadUserList = (function ($) {
    /**
     * remove one user popup
-     * @param data {{user:string, token:string, comment:string, status:boolean, ports:string, domains:string, subdomains:string}} user data
+     * @param data {{user:string, token:string, comment:string, enable:boolean, ports:[string|number], domains:[string], subdomains:[string]}} user data
     */
    function removePopup(data) {
        layui.layer.confirm(i18n['ConfirmRemoveUser'], {
@@ -538,7 +603,7 @@ var loadUserList = (function ($) {
    /**
     * disable one user popup
-     * @param data {{user:string, token:string, comment:string, status:boolean, ports:string, domains:string, subdomains:string}} user data
+     * @param data {{user:string, token:string, comment:string, enable:boolean, ports:[string|number], domains:[string], subdomains:[string]}} user data
     */
    function disablePopup(data) {
        layui.layer.confirm(i18n['ConfirmDisableUser'], {
@@ -551,7 +616,7 @@ var loadUserList = (function ($) {
    /**
     * enable one user popup
-     * @param data {{user:string, token:string, comment:string, status:boolean, ports:string, domains:string, subdomains:string}} user data
+     * @param data {{user:string, token:string, comment:string, enable:boolean, ports:[string|number], domains:[string], subdomains:[string]}} user data
     */
    function enablePopup(data) {
        layui.layer.confirm(i18n['ConfirmEnableUser'], {
@@ -565,7 +630,7 @@ var loadUserList = (function ($) {
    /**
     * operate actions
     * @param type {apiType} action type
-     * @param data {[{user:string, token:string, comment:string, status:boolean, ports:string, domains:string, subdomains:string}]} user data list
+     * @param data {[{user:string, token:string, comment:string, enable:boolean, ports:[string|number], domains:[string], subdomains:[string]}]} user data list
     * @param index popup index
     */
    function operate(type, data, index) {
@@ -629,11 +694,21 @@ var loadUserList = (function ($) {
        else if (result.code === 2)
            reason = i18n['UserExist'];
        else if (result.code === 3)
-            reason = i18n['ParamError'];
+            reason = i18n['UserNotExist'];
        else if (result.code === 4)
-            reason = i18n['UserFormatError'];
+            reason = i18n['ParamError'];
        else if (result.code === 5)
            reason = i18n['UserFormatError'];
        else if (result.code === 6)
            reason = i18n['TokenFormatError'];
        else if (result.code === 7)
            reason = i18n['CommentInvalid'];
        else if (result.code === 8)
            reason = i18n['PortsInvalid'];
        else if (result.code === 9)
            reason = i18n['DomainsInvalid'];
        else if (result.code === 10)
            reason = i18n['SubdomainsInvalid'];
        layui.layer.msg(i18n['OperateFailed'] + ',' + reason)
    }
--- a/assets/templates/index.html
+++ b/assets/templates/index.html
@@ -1,18 +1,18 @@
 <!DOCTYPE html>
-<html lang="">
+<html lang="en">
 <head>
    <title>${ .FrpsPanel }</title>
-    <link rel="stylesheet" href="./static/lib/layui/css/layui.css">
+    <link rel="stylesheet" href="./static/lib/layui/css/layui.css?v=${ .version }">
-    <link rel="stylesheet" href="./static/css/layui-theme-dark.css">
+    <link rel="stylesheet" href="./static/css/layui-theme-dark.css?v=${ .version }">
-    <link rel="stylesheet" href="./static/css/index.css">
+    <link rel="stylesheet" href="./static/css/index.css?v=${ .version }">
-    <link rel="stylesheet" href="./static/css/color.css">
+    <link rel="stylesheet" href="./static/css/color.css?v=${ .version }">
-    <script src="./static/lib/layui/layui.js"></script>
+    <script src="./static/lib/layui/layui.js?v=${ .version }"></script>
-    <script src="./static/lib/echarts.min.js"></script>
+    <script src="./static/lib/echarts.min.js?v=${ .version }"></script>
-    <script src="./static/lib/filesize.min.js"></script>
+    <script src="./static/lib/filesize.min.js?v=${ .version }"></script>
-    <script src="./static/js/index-server-info.js"></script>
+    <script src="./static/js/index-server-info.js?v=${ .version }"></script>
-    <script src="./static/js/index-user-list.js"></script>
+    <script src="./static/js/index-user-list.js?v=${ .version }"></script>
-    <script src="./static/js/index-proxy-list.js"></script>
+    <script src="./static/js/index-proxy-list.js?v=${ .version }"></script>
-    <script src="./static/js/index.js"></script>
+    <script src="./static/js/index.js?v=${ .version }"></script>
    <style>
        section.user-list .layui-table-cell:empty::after {
            content: '${ .NotLimit }';
@@ -214,7 +214,7 @@
 <script type="text/html" id="userListOperationTemplate">
    <div class="layui-clear-space">
        <a class="layui-btn layui-btn-xs" lay-event="remove">${ .Remove }</a>
-        {{# if (d.status) { }}
+        {{# if (d.enable) { }}
        <a class="layui-btn layui-btn-xs" lay-event="disable">${ .Disable }</a>
        {{# } else { }}
        <a class="layui-btn layui-btn-xs" lay-event="enable">${ .Enable }</a>
--- a/assets/templates/login.html
+++ b/assets/templates/login.html
@@ -2,12 +2,12 @@
 <html lang="">
 <head>
    <title>Login</title>
-    <link rel="stylesheet" href="./static/lib/layui/css/layui.css">
+    <link rel="stylesheet" href="./static/lib/layui/css/layui.css?v=${ .version }">
-    <link rel="stylesheet" href="./static/css/layui-theme-dark.css">
+    <link rel="stylesheet" href="./static/css/layui-theme-dark.css?v=${ .version }">
-    <link rel="stylesheet" href="./static/css/color.css">
+    <link rel="stylesheet" href="./static/css/color.css?v=${ .version }">
-    <link rel="stylesheet" href="./static/css/login.css">
+    <link rel="stylesheet" href="./static/css/login.css?v=${ .version }">
-    <script src="./static/lib/layui/layui.js"></script>
+    <script src="./static/lib/layui/layui.js?v=${ .version }"></script>
-    <script src="./static/js/login.js"></script>
+    <script src="./static/js/login.js?v=${ .version }"></script>
 </head>
 <body>
 <div class="login-title">
--- a/cmd/frps-panel/cmd.go
+++ b/cmd/frps-panel/cmd.go
@@ -4,16 +4,15 @@ import (
 	"errors"
 	"frps-panel/pkg/server"
 	"frps-panel/pkg/server/controller"
 	"github.com/BurntSushi/toml"
 	"github.com/spf13/cobra"
 	"gopkg.in/ini.v1"
 	"io/fs"
 	"log"
 	"os"
 	"path/filepath"
 	"strings"
 )
-const version = "1.6.0"
+const version = "1.7.2"
 var (
 	showVersion bool
@@ -22,7 +21,7 @@ var (
 func init() {
 	rootCmd.PersistentFlags().BoolVarP(&showVersion, "version", "v", false, "version of frps-panel")
-	rootCmd.PersistentFlags().StringVarP(&configFile, "config", "c", "./frps-panel.ini", "config file of frps-panel")
+	rootCmd.PersistentFlags().StringVarP(&configFile, "config", "c", "./frps-panel.toml", "config file of frps-panel")
 }
 var rootCmd = &cobra.Command{
@@ -40,7 +39,10 @@ var rootCmd = &cobra.Command{
 		}
 		rootDir := filepath.Dir(executable)
-		config, tls, err := ParseConfigFile(configFile)
+		configDir := filepath.Dir(configFile)
 		tokensFile := filepath.Join(configDir, "frps-tokens.toml")
 		config, tls, err := parseConfigFile(configFile, tokensFile)
 		if err != nil {
 			log.Printf("fail to start frps-panel : %v", err)
 			return err
@@ -68,188 +70,47 @@ func Execute() {
 	}
 }
-func ParseConfigFile(file string) (controller.HandleController, server.TLS, error) {
+func parseConfigFile(configFile, tokensFile string) (controller.HandleController, server.TLS, error) {
-	common := controller.CommonInfo{}
+	var common controller.Common
-	users := make(map[string]controller.TokenInfo)
+	var tokens controller.Tokens
-	ports := make(map[string][]string)
+	_, err := toml.DecodeFile(configFile, &common)
-	domains := make(map[string][]string)
+	if err != nil {
-	subdomains := make(map[string][]string)
+		log.Fatalf("decode config file %v error: %v", configFile, err)
 	tls := server.TLS{
 		Enable:   false,
 		Protocol: "HTTP",
 	}
-	iniFile, err := ini.LoadSources(ini.LoadOptions{
+	_, err = toml.DecodeFile(tokensFile, &tokens)
 		Insensitive:         false,
 		InsensitiveSections: false,
 		InsensitiveKeys:     false,
 		IgnoreInlineComment: true,
 		AllowBooleanKeys:    true,
 	}, file)
 	if err != nil {
-		var pathError *fs.PathError
+		if errors.Is(err, os.ErrNotExist) {
-		if errors.As(err, &pathError) {
+			tokens = controller.Tokens{Tokens: make(map[string]controller.TokenInfo)}
 			log.Printf("token file %s not found", file)
 		} else {
-			log.Printf("fail to parse token file %s : %v", file, err)
+			log.Fatalf("decode token file %v error: %v", tokensFile, err)
 		}
 		return controller.HandleController{
 			CommonInfo: common,
 			Tokens:     nil,
 			Ports:      nil,
 			Domains:    nil,
 			Subdomains: nil,
 			IniFile:    iniFile,
 		}, tls, err
 	}
-	commonSection, err := iniFile.GetSection("common")
+	common.Common.DashboardTls = strings.HasPrefix(strings.ToLower(common.Common.DashboardAddr), "https://")
 	if err != nil {
 		log.Printf("fail to get [common] section from file %s : %v", file, err)
 		return controller.HandleController{
 			CommonInfo: common,
 			Tokens:     nil,
 			Ports:      nil,
 			Domains:    nil,
 			Subdomains: nil,
 			IniFile:    iniFile,
 		}, tls, err
 	}
 	common.PluginAddr = commonSection.Key("plugin_addr").MustString("0.0.0.0")
 	common.PluginPort = commonSection.Key("plugin_port").MustInt(7200)
 	common.User = commonSection.Key("admin_user").Value()
 	common.Pwd = commonSection.Key("admin_pwd").Value()
 	common.KeepTime = commonSection.Key("admin_keep_time").MustInt(0)
 	common.DashboardAddr = commonSection.Key("dashboard_addr").MustString("127.0.0.1")
 	common.DashboardPort = commonSection.Key("dashboard_port").MustInt(7500)
 	common.DashboardUser = commonSection.Key("dashboard_user").Value()
 	common.DashboardPwd = commonSection.Key("dashboard_pwd").Value()
 	common.DashboardTLS = strings.HasPrefix(strings.ToLower(common.DashboardAddr), "https://")
-	if common.KeepTime < 0 {
+	tls := server.TLS{
-		common.KeepTime = 0
+		Enable:   common.Common.TlsMode,
 		Protocol: "HTTP",
 		Cert:     common.Common.TlsCertFile,
 		Key:      common.Common.TlsKeyFile,
 	}
 	tls.Enable = commonSection.Key("tls_mode").MustBool(false)
 	tls.Cert = commonSection.Key("tls_cert_file").MustString("")
 	tls.Key = commonSection.Key("tls_key_file").MustString("")
 	if tls.Enable {
 		tls.Protocol = "HTTPS"
-	}
+
-	if tls.Enable && (strings.TrimSpace(tls.Cert) == "" || strings.TrimSpace(tls.Key) == "") {
+		if strings.TrimSpace(tls.Cert) == "" || strings.TrimSpace(tls.Key) == "" {
 			tls.Enable = false
 			tls.Protocol = "HTTP"
 			log.Printf("fail to enable tls: tls cert or key not exist, use http as default.")
 		}
 	portsSection, err := iniFile.GetSection("ports")
 	if err != nil {
 		log.Printf("fail to get [ports] section from file %s : %v", file, err)
 		return controller.HandleController{
 			CommonInfo: common,
 			Tokens:     nil,
 			Ports:      nil,
 			Domains:    nil,
 			Subdomains: nil,
 			IniFile:    iniFile,
 		}, tls, err
 	}
 	for _, key := range portsSection.Keys() {
 		user := key.Name()
 		value := key.Value()
 		port := strings.Split(controller.TrimAllSpaceReg.ReplaceAllString(value, ""), ",")
 		ports[user] = port
 	}
 	domainsSection, err := iniFile.GetSection("domains")
 	if err != nil {
 		log.Printf("fail to get [domains] section from file %s : %v", file, err)
 	return controller.HandleController{
-			CommonInfo: common,
+		CommonInfo: common.Common,
-			Tokens:     nil,
+		Tokens:     tokens.Tokens,
 			Ports:      nil,
 			Domains:    nil,
 			Subdomains: nil,
 			IniFile:    iniFile,
 		}, tls, err
 	}
 	for _, key := range domainsSection.Keys() {
 		user := key.Name()
 		value := key.Value()
 		domain := strings.Split(controller.TrimAllSpaceReg.ReplaceAllString(value, ""), ",")
 		domains[user] = domain
 	}
 	subdomainsSection, err := iniFile.GetSection("subdomains")
 	if err != nil {
 		log.Printf("fail to get [subdomains] section from file %s : %v", file, err)
 		return controller.HandleController{
 			CommonInfo: common,
 			Tokens:     nil,
 			Ports:      nil,
 			Domains:    nil,
 			Subdomains: nil,
 			IniFile:    iniFile,
 		}, tls, err
 	}
 	for _, key := range subdomainsSection.Keys() {
 		user := key.Name()
 		value := key.Value()
 		subdomain := strings.Split(controller.TrimAllSpaceReg.ReplaceAllString(value, ""), ",")
 		subdomains[user] = subdomain
 	}
 	usersSection, err := iniFile.GetSection("users")
 	if err != nil {
 		log.Printf("fail to get [users] section from file %s : %v", file, err)
 		return controller.HandleController{
 			CommonInfo: common,
 			Tokens:     nil,
 			Ports:      nil,
 			Domains:    nil,
 			Subdomains: nil,
 			IniFile:    iniFile,
 		}, tls, err
 	}
 	disabledSection, err := iniFile.GetSection("disabled")
 	if err != nil {
 		log.Printf("fail to get [disabled] section from file %s : %v", file, err)
 		return controller.HandleController{
 			CommonInfo: common,
 			Tokens:     nil,
 			Ports:      nil,
 			Domains:    nil,
 			Subdomains: nil,
 			IniFile:    iniFile,
 		}, tls, err
 	}
 	keys := usersSection.Keys()
 	for _, key := range keys {
 		comment, found := strings.CutPrefix(key.Comment, ";")
 		if !found {
 			comment, found = strings.CutPrefix(comment, "#")
 		}
 		token := controller.TokenInfo{
 			User:       key.Name(),
 			Token:      key.Value(),
 			Comment:    comment,
 			Ports:      strings.Join(ports[key.Name()], ","),
 			Domains:    strings.Join(domains[key.Name()], ","),
 			Subdomains: strings.Join(subdomains[key.Name()], ","),
 			Status:     !(disabledSection.HasKey(key.Name()) && disabledSection.Key(key.Name()).Value() == "disable"),
 		}
 		users[token.User] = token
 	}
 	return controller.HandleController{
 		CommonInfo: common,
 		Tokens:     users,
 		Ports:      ports,
 		Domains:    domains,
 		Subdomains: subdomains,
 		ConfigFile: configFile,
 		IniFile:    iniFile,
 		Version:    version,
 		ConfigFile: configFile,
 		TokensFile: tokensFile,
 	}, tls, nil
 }
--- a/config/cert.crt
+++ b/config/cert.crt
@@ -1,46 +0,0 @@
 -----BEGIN CERTIFICATE-----
 MIIDwDCCAqigAwIBAgIIYb+7dG3vm+swDQYJKoZIhvcNAQELBQAwejELMAkGA1UE
 BhMCQ04xFzAVBgNVBAoTDktleU1hbmFnZXIub3JnMTEwLwYDVQQLEyhLZXlNYW5h
 Z2VyIFRlc3QgUm9vdCAtIEZvciBUZXN0IFVzZSBPbmx5MR8wHQYDVQQDExZLZXlN
 YW5hZ2VyIFRlc3QgUlNBIENBMB4XDTIzMDkxMTA5NTY0NloXDTI0MDkxMTA5NTY0
 NlowJjELMAkGA1UEBhMCQ04xFzAVBgNVBAMTDmxvY2FsaG9zdDo3MjAwMIIBIjAN
 BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqp/BNnNx4OGqJHNLN0GX8MDUO4PI
 WJ9rq6by65i2RXd4t51yyOH68l/TNmfCXcUQ91SvBBD+P2dK2gkZOlprDOS3tO+G
 sCTAAEf/tv1+N2ZqDUPKwaIH60seDJd2a3A97KtfySFVrCUrlTeB/tPL5XMBFwTT
 xPvfV6RULAaK6lJGdrM9/k/vYfneE+ZY5Bo1b7kaqZLOz9LW3icarPGcFDIes/Lu
 d3sCbpjza0bAKFy594vIdwqjRY4OHdubwXV3wV/AxgA0tQNyYADFwa3YeSvBsfFq
 PortWOAYKrg86RJJ8ilQumNiEs6FSYnSatbjMkKh7q9EerJf/exlW1IzDQIDAQAB
 o4GdMIGaMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
 BQUHAwIwHQYDVR0OBBYEFJFGsaMxKCw1E2r2NC+PxdiI4p/VMB8GA1UdIwQYMBaA
 FIBNaqqKRqtaWv5Us+XACf5jiY2rMCkGA1UdEQQiMCCCDmxvY2FsaG9zdDo3MjAw
 gg4xMjcuMC4wLjE6NzIwMDANBgkqhkiG9w0BAQsFAAOCAQEAhuNAScvlzJKL4aAm
 bPl6Yru85GZZk+QmL8tICT9rxfq5L/5RhZXuTIqBDLB+ETHq5yQdiUJTphMpq2i3
 UZUzSMkUFokLROKWaENJz82RWYPUGNLqUO7vTIy2HGd4qOYjWDlHba7d9UIRTcKx
 1pd4rqXRTka1rprmoBcSNgcFDcKmctgliOPFqa9V89xrWSznahNqRqdkvbzuuHFz
 oZHKsTBzZ65Mk/E5+EdOYgEPg4kBfBMP7LXabUYCON1ArekRUHS1QJ0yCrzDpUxu
 0XnFTHaoBtP2o7tqmRQk78/8UkqOkz8241p2Tl8n3YZDiJbrv6okTPe+c/m9xD37
 2kwdDg==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIID2jCCAsKgAwIBAgIIcAbJXpLHgDkwDQYJKoZIhvcNAQELBQAwezELMAkGA1UE
 BhMCQ04xFzAVBgNVBAoTDktleU1hbmFnZXIub3JnMTEwLwYDVQQLEyhLZXlNYW5h
 Z2VyIFRlc3QgUm9vdCAtIEZvciBUZXN0IFVzZSBPbmx5MSAwHgYDVQQDExdLZXlN
 YW5hZ2VyIFRlc3QgUm9vdCBDQTAeFw0yMzA5MTEwOTEzNTFaFw0zMzA5MTEwOTEz
 NTFaMHoxCzAJBgNVBAYTAkNOMRcwFQYDVQQKEw5LZXlNYW5hZ2VyLm9yZzExMC8G
 A1UECxMoS2V5TWFuYWdlciBUZXN0IFJvb3QgLSBGb3IgVGVzdCBVc2UgT25seTEf
 MB0GA1UEAxMWS2V5TWFuYWdlciBUZXN0IFJTQSBDQTCCASIwDQYJKoZIhvcNAQEB
 BQADggEPADCCAQoCggEBANfE1y7r94k5LeDncCnOfjItWXWWuNAzJFXsd0620cON
 5jXCYfVGdRqPkpHtLml1OiMtnSyxxqIASCsxn+puvXPy12FJkTq8D5GtuuLk/8oI
 iiGvFTbVR1C63ZwYQ/MOjMbmlICNVNFYDZfPbALLaZbvtd2q9xc/bq0zd9P6cfW4
 GKZyGNwmrNukUtXkIdPIaUiNRiseHwwyR//bJh9GFhCw5jpVK5bnDT1PZYFKww0J
 qv5kA9fCY/Xm635MfRsvNI+2RMOBhKgblWGmDCaJMOglgyao3AVK8ajrNrlAoTHC
 9Lcm4dQc2p0KUVfRitLio2ANKM3oh8q2qHPFrAnvjzcCAwEAAaNjMGEwDgYDVR0P
 AQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFIBNaqqKRqtaWv5U
 s+XACf5jiY2rMB8GA1UdIwQYMBaAFEOl8mT1ZXKyUe00w/jyQQKMYUQAMA0GCSqG
 SIb3DQEBCwUAA4IBAQCouCabkdzZKiGMKlrCE0y/eDNqBUwdERWD+Xrxhm/K13bg
 gJJXZsWWr2/iumbWkc3N9W5J2gyFc+iO79VrVMzlq2Kfbhy5XY5gioC8n1BL4FPs
 lmOGtO/8NubZhjTVrE/wH2iDcC9vfE5EAM/axnQXA1DjuEhyRnZe40lTXnA37vc1
 f0hizePrPiMNpzJLZ9kj9pvOYRc7h+Oe04fz+iG5iSlJ/s4y81o0oOJkDLatfveC
 +L2ZqbiagZTsBYiL68Y612n7UDH2tUpyE6hCxYlNb+hCMFLakRHfp/IHcz6oHxvV
 kyJ5FwVvwn9fy4QOi/NsfASdb4AnyqRkJKNSlqWw
 -----END CERTIFICATE-----
--- a/config/cert.key
+++ b/config/cert.key
@@ -1,27 +0,0 @@
 -----BEGIN RSA PRIVATE KEY-----
 MIIEowIBAAKCAQEAqp/BNnNx4OGqJHNLN0GX8MDUO4PIWJ9rq6by65i2RXd4t51y
 yOH68l/TNmfCXcUQ91SvBBD+P2dK2gkZOlprDOS3tO+GsCTAAEf/tv1+N2ZqDUPK
 waIH60seDJd2a3A97KtfySFVrCUrlTeB/tPL5XMBFwTTxPvfV6RULAaK6lJGdrM9
 /k/vYfneE+ZY5Bo1b7kaqZLOz9LW3icarPGcFDIes/Lud3sCbpjza0bAKFy594vI
 dwqjRY4OHdubwXV3wV/AxgA0tQNyYADFwa3YeSvBsfFqPortWOAYKrg86RJJ8ilQ
 umNiEs6FSYnSatbjMkKh7q9EerJf/exlW1IzDQIDAQABAoIBAFcIGBEDQAI6eYQQ
 PzyXO751TYxyAv6Zit1K0jw0cDzs3Omj6UnoYw3ArUbiFDWqcKYITyGe3WFP+dFP
 tMucFWDFRaOITkaI6Fr8XsZjdT8jAVN00faFBM8TSOeZVrEk1qFjJP+9/ipJ53o8
 jxWByU5npBWuw6qF432b98dhKvisW5Uu1hw8z935ld7uk3nF2mWAxzrTq8GE+Mn5
 Ic0yDmxnd/6rgUuAVtfGMDsKCks7P0J4bvxIG8fDnWh40SwNffrlHZ1Fz/yqJCCl
 tzkbQnX7lp4JGq1NkubgIchQ5pJzoqzWSShr72tyipjpTBIKDWT6TMapp0Y+veJX
 jl4fXs0CgYEA2kBFyO+/BSjOLmlftvos1YqrJD9eSy9ydSY9jRF/6qX1AWbbmH2c
 rIN+kLeQtoFP87BMpMU1qDhmqbXx+WLaMYU0RTB8oNhriUbXE2hs7ndGm/FS8yzu
 wG0xHBT8Bm8WA/5/bmFbjUCA7eSKYczYrHFd/aaf5HKGtGFJx8jz4t8CgYEAyCKm
 vqJ1WGK2Ql/hN1Gw3/rmyzgPqMgfq0gi7cQ3bRY/txK5vWHcDQdIywpxmmMWpkzy
 UX3m9hMb2ao01riFngIhBJslong0ExLSv50bi9evCAL0dZCQFPaBCgjNoMRjofGq
 SE0fJMDEOqcEt2fEAH8Fa4FUw9MKAypV++H7s5MCgYEA1gZpaN8Sp/CYIJNdNYao
 KNDPe8BYq8pfp9pUSd57XpRYa4N+nU+xMMvSdgBNfWvaB9M/leV+9PQ6WPr/y9vQ
 tPc3hxJBZUpWSkyZ5YJmMIPvTkWdXrMVfsaVfkBl1bliEZClTo1SxnYW+TNBMR88
 6/5QecnIyrI0vvcY7z51TGkCgYB8CpYEc5Z9WHkUPG7PJY+V0uE2tSFnf9m5BDW5
 3jJoJzEIW8/JJB0J6ijgxzFP+fgwzGInxfvfKkrJpqenKaiPHUyvmSVDRHMqGzGJ
 12saSmzOb15qe1YB2CJ0QK6J5Q7HcYwT0dDqq5szqw7OSb7+e7u1POx3jpaXDadL
 PW4OhwKBgHcZWsXJUaKesNJbeGeRKmQHooSdrE69gika1HU7GYmTV3JwvAFrHSNF
 EGMMTmWc6nTh63ADO/f+dpAoJVOQM/OhEVVyfvlByLEFeieGegwyREWVYajW+6Dt
 Ztrafmyvn+r3yhWN9g+p1yQTeVLw23ir9cYhP8OqnL4d89c3o+r3
 -----END RSA PRIVATE KEY-----
--- a/config/frps-panel.ini
+++ b/config/frps-panel.ini
@@ -1,36 +0,0 @@
 ; basic options
 [common]
 ; frps panel config info
 plugin_addr = 127.0.0.1
 plugin_port = 7200
 admin_user = admin
 admin_pwd = admin
 ; specified login state keep time
 admin_keep_time = 0
 ; enable tls
 tls_mode = false
 ; tls_cert_file = cert.crt
 ; tls_key_file = cert.key
 ; frp dashboard info
 dashboard_addr = 127.0.0.1
 dashboard_port = 7500
 dashboard_user = admin
 dashboard_pwd = admin
 ; user tokens
 [users]
 user1 = token1
 ; user been disabled
 [disabled]
 ; user allowed ports. it will be used when a new proxy connect on
 [ports]
 ; user allowed domains. it will be used when a new proxy connect on
 [domains]
 ; user allowed subdomains. it will be used when a new proxy connect on
 [subdomains]
--- a/config/frps-panel.toml
+++ b/config/frps-panel.toml
@@ -0,0 +1,21 @@
 # basic options
 [common]
 # frps panel config info
 plugin_addr = "127.0.0.1"
 plugin_port = 7200
 #admin_user = "admin"
 #admin_pwd = "admin"
 # specified login state keep time
 admin_keep_time = 0
 # enable tls
 tls_mode = false
 #tls_cert_file = "cert.crt"
 #tls_key_file = "cert.key"
 # frp dashboard info
 dashboard_addr = "127.0.0.1"
 dashboard_port = 7500
 dashboard_user = "admin"
 dashboard_pwd = "admin"
--- a/config/frps-tokens.toml
+++ b/config/frps-tokens.toml
@@ -0,0 +1,17 @@
 [tokens]
    [tokens.user1]
        user = "user1"
        token = "token1"
        comment = "user1 with token1"
        ports = [8080, "10000-10200"]
        domains = ["web01.domain.com", "web02.domain.com"]
        subdomains = ["web01", "web02"]
        enable = false
    [tokens.user2]
        user = "user2"
        token = "token2"
        comment = "user2 with token2"
        ports = [9080]
        domains = ["web11.domain.com", "web12.domain.com"]
        subdomains = ["web11", "web12"]
        enable = false
--- a/go.mod
+++ b/go.mod
@@ -3,11 +3,13 @@ module frps-panel
 go 1.21
 require (
 	github.com/BurntSushi/toml v1.0.0
 	github.com/fatedier/frp v0.34.1
 	github.com/gin-contrib/i18n v1.0.0
 	github.com/gin-contrib/sessions v0.0.5
 	github.com/gin-gonic/gin v1.9.1
 	github.com/spf13/cobra v0.0.3
-	gopkg.in/ini.v1 v1.67.0
+	golang.org/x/text v0.11.0
 )
 require (
@@ -17,7 +19,6 @@ require (
 	github.com/fatedier/beego v0.0.0-20171024143340-6c6a4f5bd5eb // indirect
 	github.com/fatedier/golib v0.1.1-0.20200901083111-1f870741e185 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.2 // indirect
 	github.com/gin-contrib/sessions v0.0.5 // indirect
 	github.com/gin-contrib/sse v0.1.0 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
@@ -42,7 +43,6 @@ require (
 	golang.org/x/crypto v0.11.0 // indirect
 	golang.org/x/net v0.12.0 // indirect
 	golang.org/x/sys v0.10.0 // indirect
 	golang.org/x/text v0.11.0 // indirect
 	google.golang.org/protobuf v1.31.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
--- a/go.sum
+++ b/go.sum
@@ -301,8 +301,6 @@ gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogR
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
 gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
 gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA=
 gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
 gopkg.in/square/go-jose.v2 v2.4.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
 gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
--- a/package.sh
+++ b/package.sh
@@ -13,7 +13,7 @@ for binFile in $list
      newBinFile=${newBinFile%%.exe*}
    fi
    cp "$binFile" "$tmpFile"
-    zip -r "$newBinFile-$version".zip "$tmpFile" frps-panel.ini assets -x "*.git*" "*.idea*" "*.DS_Store" "*.contentFlavour"
+    zip -r "$newBinFile-$version".zip "$tmpFile" frps-panel.toml frps-tokens.toml assets -x "*.git*" "*.idea*" "*.DS_Store" "*.contentFlavour"
    rm -rf "$binFile" "$tmpFile"
  done
-  rm -rf frps-panel.ini assets
+  rm -rf frps-panel.toml frps-tokens.toml assets
--- a/pkg/server/controller/authorizer.go
+++ b/pkg/server/controller/authorizer.go
@@ -12,7 +12,7 @@ import (
 func (c *HandleController) BasicAuth() gin.HandlerFunc {
 	return func(context *gin.Context) {
-		if strings.TrimSpace(c.CommonInfo.User) == "" || strings.TrimSpace(c.CommonInfo.Pwd) == "" {
+		if trimString(c.CommonInfo.AdminUser) == "" || trimString(c.CommonInfo.AdminPwd) == "" {
 			if context.Request.RequestURI == LoginUrl {
 				context.Redirect(http.StatusTemporaryRedirect, LoginSuccessUrl)
 			}
@@ -23,19 +23,19 @@ func (c *HandleController) BasicAuth() gin.HandlerFunc {
 		auth := session.Get(AuthName)
 		if auth != nil {
-			if c.CommonInfo.KeepTime > 0 {
+			if c.CommonInfo.AdminKeepTime > 0 {
 				cookie, _ := context.Request.Cookie(SessionName)
 				if cookie != nil {
 					//important thx https://blog.csdn.net/zhanghongxia8285/article/details/107321838/
-					cookie.Expires = time.Now().Add(time.Second * time.Duration(c.CommonInfo.KeepTime))
+					cookie.Expires = time.Now().Add(time.Second * time.Duration(c.CommonInfo.AdminKeepTime))
 					http.SetCookie(context.Writer, cookie)
 				}
 			}
 			username, password, _ := parseBasicAuth(fmt.Sprintf("%v", auth))
-			usernameMatch := username == c.CommonInfo.User
+			usernameMatch := username == c.CommonInfo.AdminUser
-			passwordMatch := password == c.CommonInfo.Pwd
+			passwordMatch := password == c.CommonInfo.AdminPwd
 			if usernameMatch && passwordMatch {
 				context.Next()
@@ -54,14 +54,14 @@ func (c *HandleController) BasicAuth() gin.HandlerFunc {
 }
 func (c *HandleController) LoginAuth(username, password string, context *gin.Context) bool {
-	if strings.TrimSpace(c.CommonInfo.User) == "" || strings.TrimSpace(c.CommonInfo.Pwd) == "" {
+	if trimString(c.CommonInfo.AdminUser) == "" || trimString(c.CommonInfo.AdminPwd) == "" {
 		return true
 	}
 	session := sessions.Default(context)
 	sessionAuth := session.Get(AuthName)
-	internalAuth := encodeBasicAuth(c.CommonInfo.User, c.CommonInfo.Pwd)
+	internalAuth := encodeBasicAuth(c.CommonInfo.AdminUser, c.CommonInfo.AdminPwd)
 	if sessionAuth == internalAuth {
 		return true
--- a/pkg/server/controller/controller.go
+++ b/pkg/server/controller/controller.go
@@ -121,7 +121,7 @@ func (c *HandleController) MakeIndexFunc() func(context *gin.Context) {
 	return func(context *gin.Context) {
 		context.HTML(http.StatusOK, "index.html", gin.H{
 			"version":                      c.Version,
-			"showExit":                     strings.TrimSpace(c.CommonInfo.User) != "" && strings.TrimSpace(c.CommonInfo.Pwd) != "",
+			"showExit":                     trimString(c.CommonInfo.AdminUser) != "" && trimString(c.CommonInfo.AdminPwd) != "",
 			"FrpsPanel":                    ginI18n.MustGetMessage(context, "Frps Panel"),
 			"User":                         ginI18n.MustGetMessage(context, "User"),
 			"Token":                        ginI18n.MustGetMessage(context, "Token"),
@@ -204,6 +204,7 @@ func (c *HandleController) MakeLangFunc() func(context *gin.Context) {
 			"OperateError":          ginI18n.MustGetMessage(context, "Operate error"),
 			"OperateFailed":         ginI18n.MustGetMessage(context, "Operate failed"),
 			"UserExist":             ginI18n.MustGetMessage(context, "User exist"),
 			"UserNotExist":          ginI18n.MustGetMessage(context, "User not exist"),
 			"UserFormatError":       ginI18n.MustGetMessage(context, "User format error"),
 			"TokenFormatError":      ginI18n.MustGetMessage(context, "Token format error"),
 			"ShouldCheckUser":       ginI18n.MustGetMessage(context, "Please check at least one user"),
@@ -218,6 +219,7 @@ func (c *HandleController) MakeLangFunc() func(context *gin.Context) {
 			"SubdomainsInvalid":     ginI18n.MustGetMessage(context, "Subdomains is invalid"),
 			"CommentInvalid":        ginI18n.MustGetMessage(context, "Comment is invalid"),
 			"ParamError":            ginI18n.MustGetMessage(context, "Param error"),
 			"OtherError":            ginI18n.MustGetMessage(context, "Other error"),
 			"Name":                  ginI18n.MustGetMessage(context, "Name"),
 			"Port":                  ginI18n.MustGetMessage(context, "Port"),
 			"Connections":           ginI18n.MustGetMessage(context, "Connections"),
@@ -285,34 +287,10 @@ func (c *HandleController) MakeQueryTokensFunc() func(context *gin.Context) {
 	}
 }
 func filter(main TokenInfo, sub TokenInfo) bool {
 	replaceSpaceUser := TrimAllSpaceReg.ReplaceAllString(sub.User, "")
 	if len(replaceSpaceUser) != 0 {
 		if !strings.Contains(main.User, replaceSpaceUser) {
 			return false
 		}
 	}
 	replaceSpaceToken := TrimAllSpaceReg.ReplaceAllString(sub.Token, "")
 	if len(replaceSpaceToken) != 0 {
 		if !strings.Contains(main.Token, replaceSpaceToken) {
 			return false
 		}
 	}
 	replaceSpaceComment := TrimAllSpaceReg.ReplaceAllString(sub.Comment, "")
 	if len(replaceSpaceComment) != 0 {
 		if !strings.Contains(main.Comment, replaceSpaceComment) {
 			return false
 		}
 	}
 	return true
 }
 func (c *HandleController) MakeAddTokenFunc() func(context *gin.Context) {
 	return func(context *gin.Context) {
 		info := TokenInfo{
-			Status: true,
+			Enable: true,
 		}
 		response := OperationResponse{
 			Success: true,
@@ -321,72 +299,34 @@ func (c *HandleController) MakeAddTokenFunc() func(context *gin.Context) {
 		}
 		err := context.BindJSON(&info)
 		if err != nil {
 			log.Printf("user add failed, param error : %v", err)
 			response.Success = false
 			response.Code = ParamError
-			response.Message = "user add failed, param error "
+			response.Message = fmt.Sprintf("user add failed, param error : %v", err)
 			log.Printf(response.Message)
 			context.JSON(http.StatusOK, &response)
 			return
 		}
-		if !UserFormatReg.MatchString(info.User) {
+
-			log.Printf("user add failed, user format error")
+		result := c.verifyToken(info, TOKEN_ADD)
-			response.Success = false
+
-			response.Code = UserFormatError
+		if !result.Success {
-			response.Message = fmt.Sprintf("user add failed, user format error")
+			context.JSON(http.StatusOK, &result)
 			context.JSON(http.StatusOK, &response)
 			return
 		}
-		if _, exist := c.Tokens[info.User]; exist {
+
-			log.Printf("user add failed, user [%v] exist", info.User)
+		info.Comment = cleanString(info.Comment)
-			response.Success = false
+		info.Ports = cleanPorts(info.Ports)
-			response.Code = UserExist
+		info.Domains = cleanStrings(info.Domains)
-			response.Message = fmt.Sprintf("user add failed, user [%s] exist ", info.User)
+		info.Subdomains = cleanStrings(info.Subdomains)
-			context.JSON(http.StatusOK, &response)
+
 			return
 		}
 		if !TokenFormatReg.MatchString(info.Token) {
 			log.Printf("user add failed, token format error")
 			response.Success = false
 			response.Code = TokenFormatError
 			response.Message = fmt.Sprintf("user add failed, token format error")
 			context.JSON(http.StatusOK, &response)
 			return
 		}
 		replaceSpaceToken := TrimAllSpaceReg.ReplaceAllString(info.Token, "")
 		info.Token = replaceSpaceToken
 		c.Tokens[info.User] = info
-		usersSection, _ := c.IniFile.GetSection("users")
+		err = c.saveToken()
 		key, err := usersSection.NewKey(info.User, info.Token)
 		key.Comment = info.Comment
 		replaceSpacePorts := TrimAllSpaceReg.ReplaceAllString(info.Ports, "")
 		if len(replaceSpacePorts) != 0 {
 			portsSection, _ := c.IniFile.GetSection("ports")
 			key, err = portsSection.NewKey(info.User, replaceSpacePorts)
 			key.Comment = fmt.Sprintf("user %s allowed ports", info.User)
 		}
 		replaceSpaceDomains := TrimAllSpaceReg.ReplaceAllString(info.Domains, "")
 		if len(replaceSpaceDomains) != 0 {
 			domainsSection, _ := c.IniFile.GetSection("domains")
 			key, err = domainsSection.NewKey(info.User, replaceSpaceDomains)
 			key.Comment = fmt.Sprintf("user %s allowed domains", info.User)
 		}
 		replaceSpaceSubdomains := TrimAllSpaceReg.ReplaceAllString(info.Subdomains, "")
 		if len(replaceSpaceSubdomains) != 0 {
 			subdomainsSection, _ := c.IniFile.GetSection("subdomains")
 			key, err = subdomainsSection.NewKey(info.User, replaceSpaceSubdomains)
 			key.Comment = fmt.Sprintf("user %s allowed subdomains", info.User)
 		}
 		err = c.IniFile.SaveTo(c.ConfigFile)
 		if err != nil {
 			log.Printf("add failed, error : %v", err)
 			response.Success = false
 			response.Code = SaveError
-			response.Message = "user add failed"
+			response.Message = fmt.Sprintf("user add failed, error : %v", err)
 			log.Printf(response.Message)
 			context.JSON(http.StatusOK, &response)
 			return
 		}
@@ -405,88 +345,46 @@ func (c *HandleController) MakeUpdateTokensFunc() func(context *gin.Context) {
 		update := TokenUpdate{}
 		err := context.BindJSON(&update)
 		if err != nil {
 			log.Printf("update failed, param error : %v", err)
 			response.Success = false
 			response.Code = ParamError
-			response.Message = "user update failed, param error "
+			response.Message = fmt.Sprintf("update failed, param error : %v", err)
 			log.Printf(response.Message)
 			context.JSON(http.StatusOK, &response)
 			return
 		}
 		after := update.After
 		before := update.Before
 		after := update.After
-		usersSection, _ := c.IniFile.GetSection("users")
+		if before.User != after.User {
 		key, err := usersSection.GetKey(before.User)
 		comment := TrimBreakLineReg.ReplaceAllString(after.Comment, "")
 		after.Comment = comment
 		key.Comment = comment
 		if !TokenFormatReg.MatchString(after.Token) {
 			log.Printf("update failed, token format error")
 			response.Success = false
-			response.Code = TokenFormatError
+			response.Code = ParamError
-			response.Message = "user update failed, token format error "
+			response.Message = fmt.Sprintf("update failed, user should be same : before -> %v, after -> %v", before.User, after.User)
 			log.Printf(response.Message)
 			context.JSON(http.StatusOK, &response)
 			return
 		}
 		replaceSpaceToken := TrimAllSpaceReg.ReplaceAllString(after.Token, "")
 		after.Token = replaceSpaceToken
 		key.SetValue(replaceSpaceToken)
-		if before.Ports != after.Ports {
+		result := c.verifyToken(after, TOKEN_UPDATE)
-			portsSection, _ := c.IniFile.GetSection("ports")
+
-			replaceSpacePorts := TrimAllSpaceReg.ReplaceAllString(after.Ports, "")
+		if !result.Success {
-			after.Ports = replaceSpacePorts
+			context.JSON(http.StatusOK, &result)
-			ports := strings.Split(replaceSpacePorts, ",")
+			return
 			if len(replaceSpacePorts) != 0 {
 				key, err = portsSection.NewKey(after.User, replaceSpacePorts)
 				key.Comment = fmt.Sprintf("user %s allowed ports", after.User)
 				c.Ports[after.User] = ports
 			} else {
 				portsSection.DeleteKey(after.User)
 				delete(c.Ports, after.User)
 			}
 		}
-		if before.Domains != after.Domains {
+		after.Comment = cleanString(after.Comment)
-			domainsSection, _ := c.IniFile.GetSection("domains")
+		after.Ports = cleanPorts(after.Ports)
-			replaceSpaceDomains := TrimAllSpaceReg.ReplaceAllString(after.Domains, "")
+		after.Domains = cleanStrings(after.Domains)
-			after.Domains = replaceSpaceDomains
+		after.Subdomains = cleanStrings(after.Subdomains)
 			domains := strings.Split(replaceSpaceDomains, ",")
 			if len(replaceSpaceDomains) != 0 {
 				key, err = domainsSection.NewKey(after.User, replaceSpaceDomains)
 				key.Comment = fmt.Sprintf("user %s allowed domains", after.User)
 				c.Domains[after.User] = domains
 			} else {
 				domainsSection.DeleteKey(after.User)
 				delete(c.Domains, after.User)
 			}
 		}
 		if before.Subdomains != after.Subdomains {
 			subdomainsSection, _ := c.IniFile.GetSection("subdomains")
 			replaceSpaceSubdomains := TrimAllSpaceReg.ReplaceAllString(after.Subdomains, "")
 			after.Subdomains = replaceSpaceSubdomains
 			subdomains := strings.Split(replaceSpaceSubdomains, ",")
 			if len(replaceSpaceSubdomains) != 0 {
 				key, err = subdomainsSection.NewKey(after.User, replaceSpaceSubdomains)
 				key.Comment = fmt.Sprintf("user %s allowed subdomains", after.User)
 				c.Subdomains[after.User] = subdomains
 			} else {
 				subdomainsSection.DeleteKey(after.User)
 				delete(c.Subdomains, after.User)
 			}
 		}
 		c.Tokens[after.User] = after
-		err = c.IniFile.SaveTo(c.ConfigFile)
+		err = c.saveToken()
 		if err != nil {
 			log.Printf("user update failed, error : %v", err)
 			response.Success = false
 			response.Code = SaveError
-			response.Message = "user update failed"
+			response.Message = fmt.Sprintf("user update failed, error : %v", err)
 			log.Printf(response.Message)
 			context.JSON(http.StatusOK, &response)
 			return
 		}
@@ -505,44 +403,33 @@ func (c *HandleController) MakeRemoveTokensFunc() func(context *gin.Context) {
 		remove := TokenRemove{}
 		err := context.BindJSON(&remove)
 		if err != nil {
 			log.Printf("user remove failed, param error : %v", err)
 			response.Success = false
 			response.Code = ParamError
-			response.Message = "user remove failed, param error "
+			response.Message = fmt.Sprintf("user remove failed, param error : %v", err)
 			log.Printf(response.Message)
 			context.JSON(http.StatusOK, &response)
 			return
 		}
-		usersSection, _ := c.IniFile.GetSection("users")
+		for _, user := range remove.Users {
 			result := c.verifyToken(user, TOKEN_REMOVE)
 			if !result.Success {
 				context.JSON(http.StatusOK, &result)
 				return
 			}
 		}
 		for _, user := range remove.Users {
 			delete(c.Tokens, user.User)
 			usersSection.DeleteKey(user.User)
 		}
-		portsSection, _ := c.IniFile.GetSection("ports")
+		err = c.saveToken()
 		for _, user := range remove.Users {
 			delete(c.Ports, user.User)
 			portsSection.DeleteKey(user.User)
 		}
 		domainsSection, _ := c.IniFile.GetSection("domains")
 		for _, user := range remove.Users {
 			delete(c.Domains, user.User)
 			domainsSection.DeleteKey(user.User)
 		}
 		subdomainsSection, _ := c.IniFile.GetSection("subdomains")
 		for _, user := range remove.Users {
 			delete(c.Subdomains, user.User)
 			subdomainsSection.DeleteKey(user.User)
 		}
 		err = c.IniFile.SaveTo(c.ConfigFile)
 		if err != nil {
 			log.Printf("user remove failed, error : %v", err)
 			response.Success = false
 			response.Code = SaveError
-			response.Message = "user remove failed"
+			response.Message = fmt.Sprintf("user update failed, error : %v", err)
 			log.Printf(response.Message)
 			context.JSON(http.StatusOK, &response)
 			return
 		}
@@ -561,38 +448,36 @@ func (c *HandleController) MakeDisableTokensFunc() func(context *gin.Context) {
 		disable := TokenDisable{}
 		err := context.BindJSON(&disable)
 		if err != nil {
 			log.Printf("disable failed, param error : %v", err)
 			response.Success = false
 			response.Code = ParamError
-			response.Message = "disable failed, param error "
+			response.Message = fmt.Sprintf("disable failed, param error : %v", err)
 			log.Printf(response.Message)
 			context.JSON(http.StatusOK, &response)
 			return
 		}
 		section, _ := c.IniFile.GetSection("disabled")
 		for _, user := range disable.Users {
-			section.DeleteKey(user.User)
+			result := c.verifyToken(user, TOKEN_DISABLE)
-			token := c.Tokens[user.User]
+
-			token.Status = false
+			if !result.Success {
-			c.Tokens[user.User] = token
+				context.JSON(http.StatusOK, &result)
 			key, err := section.NewKey(user.User, "disable")
 			if err != nil {
 				log.Printf("disable failed, error : %v", err)
 				response.Success = false
 				response.Code = SaveError
 				response.Message = "disable failed"
 				context.JSON(http.StatusOK, &response)
 				return
 			}
 			key.Comment = fmt.Sprintf("disable user '%s'", user.User)
 		}
-		err = c.IniFile.SaveTo(c.ConfigFile)
+		for _, user := range disable.Users {
 			token := c.Tokens[user.User]
 			token.Enable = false
 			c.Tokens[user.User] = token
 		}
 		err = c.saveToken()
 		if err != nil {
 			log.Printf("disable failed, error : %v", err)
 			response.Success = false
 			response.Code = SaveError
-			response.Message = "disable failed"
+			response.Message = fmt.Sprintf("disable failed, error : %v", err)
 			log.Printf(response.Message)
 			context.JSON(http.StatusOK, &response)
 			return
 		}
@@ -611,23 +496,31 @@ func (c *HandleController) MakeEnableTokensFunc() func(context *gin.Context) {
 		enable := TokenEnable{}
 		err := context.BindJSON(&enable)
 		if err != nil {
 			log.Printf("enable failed, param error : %v", err)
 			response.Success = false
 			response.Code = ParamError
-			response.Message = "enable failed, param error "
+			response.Message = fmt.Sprintf("enable failed, param error : %v", err)
 			log.Printf(response.Message)
 			context.JSON(http.StatusOK, &response)
 			return
 		}
 		section, _ := c.IniFile.GetSection("disabled")
 		for _, user := range enable.Users {
-			section.DeleteKey(user.User)
+			result := c.verifyToken(user, TOKEN_ENABLE)
 			if !result.Success {
 				context.JSON(http.StatusOK, &result)
 				return
 			}
 		}
 		for _, user := range enable.Users {
 			token := c.Tokens[user.User]
-			token.Status = true
+			token.Enable = true
 			c.Tokens[user.User] = token
 		}
-		err = c.IniFile.SaveTo(c.ConfigFile)
+		err = c.saveToken()
 		if err != nil {
 			log.Printf("enable failed, error : %v", err)
 			response.Success = false
@@ -646,7 +539,7 @@ func (c *HandleController) MakeProxyFunc() func(context *gin.Context) {
 		var client *http.Client
 		var protocol string
-		if c.CommonInfo.DashboardTLS {
+		if c.CommonInfo.DashboardTls {
 			client = &http.Client{
 				Transport: &http.Transport{
 					TLSClientConfig: &tls.Config{
@@ -663,11 +556,14 @@ func (c *HandleController) MakeProxyFunc() func(context *gin.Context) {
 		res := ProxyResponse{}
 		host := c.CommonInfo.DashboardAddr
 		port := c.CommonInfo.DashboardPort
 		host, _ = strings.CutPrefix(host, protocol)
 		requestUrl := protocol + host + ":" + strconv.Itoa(port) + context.Param("serverApi")
 		request, _ := http.NewRequest("GET", requestUrl, nil)
 		username := c.CommonInfo.DashboardUser
 		password := c.CommonInfo.DashboardPwd
-		if len(strings.TrimSpace(username)) != 0 && len(strings.TrimSpace(password)) != 0 {
+		if trimString(username) != "" && trimString(password) != "" {
 			request.SetBasicAuth(username, password)
 			log.Printf("Proxy to %s", requestUrl)
 		}
@@ -693,10 +589,14 @@ func (c *HandleController) MakeProxyFunc() func(context *gin.Context) {
 			if res.Code == http.StatusOK {
 				res.Success = true
 				res.Data = string(body)
-				res.Message = "Proxy to " + requestUrl + " success"
+				res.Message = fmt.Sprintf("Proxy to %s success", requestUrl)
 			} else {
 				res.Success = false
-				res.Message = "Proxy to " + requestUrl + " error: " + string(body)
+				if res.Code == http.StatusNotFound {
 					res.Message = fmt.Sprintf("Proxy to %s error: url not found", requestUrl)
 				} else {
 					res.Message = fmt.Sprintf("Proxy to %s error: %s", requestUrl, string(body))
 				}
 			}
 		}
 		log.Printf(res.Message)
--- a/pkg/server/controller/handler.go
+++ b/pkg/server/controller/handler.go
@@ -50,7 +50,7 @@ func (c *HandleController) JudgeToken(user string, token string) plugin.Response
 		res.Reject = true
 		res.RejectReason = "user or meta token can not be empty"
 	} else if info, exist := c.Tokens[user]; exist {
-		if !info.Status {
+		if !info.Enable {
 			res.Reject = true
 			res.RejectReason = fmt.Sprintf("user [%s] is disabled", user)
 		} else {
@@ -77,8 +77,7 @@ func (c *HandleController) JudgePort(content *plugin.NewProxyContent) plugin.Res
 		"tcp", "tcpmux", "udp", "http", "https",
 	}
 	proxyType := content.ProxyType
-
+	if stringContains(proxyType, supportProxyTypes) {
 	if StringIndexOf(proxyType, supportProxyTypes) == -1 {
 		log.Printf("proxy type [%v] not support, plugin do nothing", proxyType)
 		res.Unchange = true
 		return res
@@ -92,20 +91,21 @@ func (c *HandleController) JudgePort(content *plugin.NewProxyContent) plugin.Res
 	portAllowed := true
 	if proxyType == "tcp" || proxyType == "udp" {
 		portAllowed = false
-		if _, exist := c.Ports[user]; exist {
+		if token, exist := c.Tokens[user]; exist {
-			for _, port := range c.Ports[user] {
+			for _, port := range token.Ports {
-				if strings.Contains(port, "-") {
+				if str, ok := port.(string); ok {
-					allowedRanges := strings.Split(port, "-")
+					if strings.Contains(str, "-") {
 						allowedRanges := strings.Split(str, "-")
 						if len(allowedRanges) != 2 {
 							portErr = fmt.Errorf("user [%v] port range [%v] format error", user, port)
 							break
 						}
-					start, err := strconv.Atoi(strings.TrimSpace(allowedRanges[0]))
+						start, err := strconv.Atoi(trimString(allowedRanges[0]))
 						if err != nil {
 							portErr = fmt.Errorf("user [%v] port rang [%v] start port [%v] is not a number", user, port, allowedRanges[0])
 							break
 						}
-					end, err := strconv.Atoi(strings.TrimSpace(allowedRanges[1]))
+						end, err := strconv.Atoi(trimString(allowedRanges[1]))
 						if err != nil {
 							portErr = fmt.Errorf("user [%v] port rang [%v] end port [%v] is not a number", user, port, allowedRanges[0])
 							break
@@ -115,7 +115,7 @@ func (c *HandleController) JudgePort(content *plugin.NewProxyContent) plugin.Res
 							break
 						}
 					} else {
-					allowed, err := strconv.Atoi(port)
+						allowed, err := strconv.Atoi(str)
 						if err != nil {
 							portErr = fmt.Errorf("user [%v] allowed port [%v] is not a number", user, port)
 						}
@@ -124,6 +124,14 @@ func (c *HandleController) JudgePort(content *plugin.NewProxyContent) plugin.Res
 							break
 						}
 					}
 				} else {
 					allowed := port
 					if allowed == userPort {
 						portAllowed = true
 						break
 					}
 				}
 			}
 		} else {
 			portAllowed = true
@@ -139,9 +147,9 @@ func (c *HandleController) JudgePort(content *plugin.NewProxyContent) plugin.Res
 	domainAllowed := true
 	if proxyType == "http" || proxyType == "https" || proxyType == "tcpmux" {
 		if portAllowed {
-			if _, exist := c.Domains[user]; exist {
+			if token, exist := c.Tokens[user]; exist {
 				for _, userDomain := range userDomains {
-					if StringIndexOf(userDomain, c.Domains[user]) == -1 {
+					if stringContains(userDomain, token.Domains) {
 						domainAllowed = false
 						break
 					}
@@ -158,8 +166,8 @@ func (c *HandleController) JudgePort(content *plugin.NewProxyContent) plugin.Res
 	if proxyType == "http" || proxyType == "https" {
 		subdomainAllowed = false
 		if portAllowed && domainAllowed {
-			if _, exist := c.Subdomains[user]; exist {
+			if token, exist := c.Tokens[user]; exist {
-				for _, subdomain := range c.Subdomains[user] {
+				for _, subdomain := range token.Subdomains {
 					if subdomain == userSubdomain {
 						subdomainAllowed = true
 						break
@@ -183,12 +191,3 @@ func (c *HandleController) JudgePort(content *plugin.NewProxyContent) plugin.Res
 	}
 	return res
 }
 func StringIndexOf(element string, data []string) int {
 	for k, v := range data {
 		if element == v {
 			return k
 		}
 	}
 	return -1
 }
--- a/pkg/server/controller/register.go
+++ b/pkg/server/controller/register.go
@@ -2,7 +2,6 @@ package controller
 import (
 	"github.com/gin-gonic/gin"
 	"gopkg.in/ini.v1"
 	"os"
 	"path/filepath"
 )
@@ -10,12 +9,9 @@ import (
 type HandleController struct {
 	CommonInfo CommonInfo
 	Tokens     map[string]TokenInfo
 	Ports      map[string][]string
 	Domains    map[string][]string
 	Subdomains map[string][]string
 	ConfigFile string
 	IniFile    *ini.File
 	Version    string
 	ConfigFile string
 	TokensFile string
 }
 func NewHandleController(config *HandleController) *HandleController {
@@ -39,7 +35,7 @@ func (c *HandleController) Register(rootDir string, engine *gin.Engine) {
 	engine.GET(LogoutUrl, c.MakeLogoutFunc())
 	var group *gin.RouterGroup
-	if len(c.CommonInfo.User) != 0 {
+	if len(c.CommonInfo.AdminUser) != 0 {
 		//group = engine.Group("/", gin.BasicAuthForRealm(gin.Accounts{
 		//	c.CommonInfo.User: c.CommonInfo.Pwd,
 		//}, "Restricted"))
--- a/pkg/server/controller/utils.go
+++ b/pkg/server/controller/utils.go
@@ -0,0 +1,222 @@
 package controller
 import (
 	"fmt"
 	"github.com/BurntSushi/toml"
 	"log"
 	"os"
 	"strings"
 )
 func filter(main TokenInfo, sub TokenInfo) bool {
 	replaceSpaceUser := trimAllSpace.ReplaceAllString(sub.User, "")
 	if len(replaceSpaceUser) != 0 {
 		if !strings.Contains(main.User, replaceSpaceUser) {
 			return false
 		}
 	}
 	replaceSpaceToken := trimAllSpace.ReplaceAllString(sub.Token, "")
 	if len(replaceSpaceToken) != 0 {
 		if !strings.Contains(main.Token, replaceSpaceToken) {
 			return false
 		}
 	}
 	replaceSpaceComment := trimAllSpace.ReplaceAllString(sub.Comment, "")
 	if len(replaceSpaceComment) != 0 {
 		if !strings.Contains(main.Comment, replaceSpaceComment) {
 			return false
 		}
 	}
 	return true
 }
 func trimString(str string) string {
 	return strings.TrimSpace(str)
 }
 func (c *HandleController) verifyToken(token TokenInfo, operate int) OperationResponse {
 	response := OperationResponse{
 		Success: true,
 		Code:    Success,
 		Message: "operate success",
 	}
 	var (
 		validateExist      = false
 		validateNotExist   = false
 		validateUser       = false
 		validateToken      = false
 		validateComment    = false
 		validatePorts      = false
 		validateDomains    = false
 		validateSubdomains = false
 	)
 	if operate == TOKEN_ADD {
 		validateExist = true
 		validateUser = true
 		validateToken = true
 		validateComment = true
 		validatePorts = true
 		validateDomains = true
 		validateSubdomains = true
 	} else if operate == TOKEN_UPDATE {
 		validateNotExist = true
 		validateUser = true
 		validateToken = true
 		validateComment = true
 		validatePorts = true
 		validateDomains = true
 		validateSubdomains = true
 	} else if operate == TOKEN_ENABLE || operate == TOKEN_DISABLE || operate == TOKEN_REMOVE {
 		validateNotExist = true
 	}
 	if validateUser && !userFormat.MatchString(token.User) {
 		response.Success = false
 		response.Code = UserFormatError
 		response.Message = fmt.Sprintf("operate failed, user [%s] format error", token.User)
 		log.Printf(response.Message)
 		return response
 	}
 	if validateExist {
 		if _, exist := c.Tokens[token.User]; exist {
 			response.Success = false
 			response.Code = UserExist
 			response.Message = fmt.Sprintf("operate failed, user [%s] exist ", token.User)
 			log.Printf(response.Message)
 			return response
 		}
 	}
 	if validateNotExist {
 		if _, exist := c.Tokens[token.User]; !exist {
 			response.Success = false
 			response.Code = UserNotExist
 			response.Message = fmt.Sprintf("operate failed, user [%s] not exist ", token.User)
 			log.Printf(response.Message)
 			return response
 		}
 	}
 	if validateToken && !tokenFormat.MatchString(token.Token) {
 		response.Success = false
 		response.Code = TokenFormatError
 		response.Message = fmt.Sprintf("operate failed, token [%s] format error", token.Token)
 		log.Printf(response.Message)
 		return response
 	}
 	trimmedComment := trimString(token.Comment)
 	if validateComment && trimmedComment != "" && commentFormat.MatchString(trimmedComment) {
 		response.Success = false
 		response.Code = CommentFormatError
 		response.Message = fmt.Sprintf("operate failed, comment [%s] format error", token.Comment)
 		log.Printf(response.Message)
 		return response
 	}
 	if validatePorts {
 		for _, port := range token.Ports {
 			if str, ok := port.(string); ok {
 				trimmedPort := trimString(str)
 				if trimmedPort != "" && !portsFormatSingle.MatchString(trimmedPort) && !portsFormatRange.MatchString(trimmedPort) {
 					response.Success = false
 					response.Code = PortsFormatError
 					response.Message = fmt.Sprintf("operate failed, ports [%v] format error", token.Ports)
 					log.Printf(response.Message)
 					return response
 				}
 			}
 		}
 	}
 	if validateDomains {
 		for _, domain := range token.Domains {
 			trimmedDomain := trimString(domain)
 			if trimmedDomain != "" && !domainFormat.MatchString(trimmedDomain) {
 				response.Success = false
 				response.Code = DomainsFormatError
 				response.Message = fmt.Sprintf("operate failed, domains [%v] format error", token.Domains)
 				log.Printf(response.Message)
 				return response
 			}
 		}
 	}
 	if validateSubdomains {
 		for _, subdomain := range token.Subdomains {
 			trimmedSubdomain := trimString(subdomain)
 			if trimmedSubdomain != "" && !subdomainFormat.MatchString(trimmedSubdomain) {
 				response.Success = false
 				response.Code = SubdomainsFormatError
 				response.Message = fmt.Sprintf("operate failed, subdomains [%v] format error", token.Subdomains)
 				log.Printf(response.Message)
 				return response
 			}
 		}
 	}
 	return response
 }
 func cleanPorts(ports []any) []any {
 	cleanedPorts := make([]any, len(ports))
 	for i, port := range ports {
 		if str, ok := port.(string); ok {
 			cleanedPorts[i] = cleanString(str)
 		} else {
 			//float64, for JSON numbers
 			cleanedPorts[i] = int(port.(float64))
 		}
 	}
 	return cleanedPorts
 }
 func cleanStrings(originalStrings []string) []string {
 	cleanedStrings := make([]string, len(originalStrings))
 	for i, str := range originalStrings {
 		cleanedStrings[i] = cleanString(str)
 	}
 	return cleanedStrings
 }
 func cleanString(originalString string) string {
 	return trimString(originalString)
 }
 func stringContains(element string, data []string) bool {
 	for _, v := range data {
 		if element == v {
 			return true
 		}
 	}
 	return false
 }
 func tokensList(tokens map[string]TokenInfo) Tokens {
 	return Tokens{
 		tokens,
 	}
 }
 func (c *HandleController) saveToken() error {
 	tokenFile, err := os.Create(c.TokensFile)
 	if err != nil {
 		log.Printf("error to crate file %v: %v", c.TokensFile, err)
 	}
 	encoder := toml.NewEncoder(tokenFile)
 	encoder.Indent = "    "
 	if err = encoder.Encode(tokensList(c.Tokens)); err != nil {
 		log.Printf("error to encode tokens: %v", err)
 	}
 	if err = tokenFile.Close(); err != nil {
 		log.Printf("error to close file %v: %v", c.TokensFile, err)
 	}
 	return err
 }
--- a/pkg/server/controller/variables.go
+++ b/pkg/server/controller/variables.go
@@ -5,14 +5,29 @@ import (
 )
 const (
-	Success          = 0
+	Success int = iota
-	ParamError       = 1
+	ParamError
-	UserExist        = 2
+	UserExist
-	SaveError        = 3
+	UserNotExist
-	UserFormatError  = 4
+	SaveError
-	TokenFormatError = 5
+	UserFormatError
-	FrpServerError   = 6
+	TokenFormatError
 	CommentFormatError
 	PortsFormatError
 	DomainsFormatError
 	SubdomainsFormatError
 	FrpServerError
 )
 const (
 	TOKEN_ADD int = iota
 	TOKEN_UPDATE
 	TOKEN_REMOVE
 	TOKEN_ENABLE
 	TOKEN_DISABLE
 )
 const (
 	SessionName      = "GOSESSION"
 	AuthName         = "_PANEL_AUTH"
 	LoginUrl         = "/login"
@@ -22,10 +37,14 @@ const (
 )
 var (
-	UserFormatReg    = regexp.MustCompile("^\\w+$")
+	userFormat        = regexp.MustCompile("^\\w+$")
-	TokenFormatReg   = regexp.MustCompile("^[\\w!@#$%^&*()]+$")
+	tokenFormat       = regexp.MustCompile("^[\\w!@#$%^&*()]+$")
-	TrimAllSpaceReg  = regexp.MustCompile("[\\n\\t\\r\\s]")
+	commentFormat     = regexp.MustCompile("[\\n\\t\\r]")
-	TrimBreakLineReg = regexp.MustCompile("[\\n\\t\\r]")
+	portsFormatSingle = regexp.MustCompile("^\\s*\\d{1,5}\\s*$")
 	portsFormatRange  = regexp.MustCompile("^\\s*\\d{1,5}\\s*-\\s*\\d{1,5}\\s*$")
 	domainFormat      = regexp.MustCompile("^([a-zA-Z0-9]+(-[a-zA-Z0-9]+)*\\.)+[a-zA-Z]{2,}$")
 	subdomainFormat   = regexp.MustCompile("^[a-zA-z0-9-]{1,20}$")
 	trimAllSpace      = regexp.MustCompile("[\\n\\t\\r\\s]")
 )
 type Response struct {
@@ -37,27 +56,38 @@ type HTTPError struct {
 	Err  error
 }
 type Common struct {
 	Common CommonInfo
 }
 type CommonInfo struct {
-	PluginAddr    string
+	PluginAddr    string `toml:"plugin_addr"`
-	PluginPort    int
+	PluginPort    int    `toml:"plugin_port"`
-	User          string
+	AdminUser     string `toml:"admin_user"`
-	Pwd           string
+	AdminPwd      string `toml:"admin_pwd"`
-	KeepTime      int
+	AdminKeepTime int    `toml:"admin_keep_time"`
-	DashboardTLS  bool
+	TlsMode       bool   `toml:"tls_mode"`
-	DashboardAddr string
+	TlsCertFile   string `toml:"tls_cert_file"`
-	DashboardPort int
+	TlsKeyFile    string `toml:"tls_key_file"`
-	DashboardUser string
+	DashboardAddr string `toml:"dashboard_addr"`
-	DashboardPwd  string
+	DashboardPort int    `toml:"dashboard_port"`
 	DashboardUser string `toml:"dashboard_user"`
 	DashboardPwd  string `toml:"dashboard_pwd"`
 	DashboardTls  bool
 }
 type Tokens struct {
 	Tokens map[string]TokenInfo `toml:"tokens"`
 }
 type TokenInfo struct {
-	User       string `json:"user" form:"user"`
+	User       string   `toml:"user" json:"user" form:"user"`
-	Token      string `json:"token" form:"token"`
+	Token      string   `toml:"token" json:"token" form:"token"`
-	Comment    string `json:"comment" form:"comment"`
+	Comment    string   `toml:"comment" json:"comment" form:"comment"`
-	Ports      string `json:"ports" from:"ports"`
+	Ports      []any    `toml:"ports" json:"ports" from:"ports"`
-	Domains    string `json:"domains" from:"domains"`
+	Domains    []string `toml:"domains" json:"domains" from:"domains"`
-	Subdomains string `json:"subdomains" from:"subdomains"`
+	Subdomains []string `toml:"subdomains" json:"subdomains" from:"subdomains"`
-	Status     bool   `json:"status" form:"status"`
+	Enable     bool     `toml:"enable" json:"enable" form:"enable"`
 }
 type TokenResponse struct {
--- a/pkg/server/server.go
+++ b/pkg/server/server.go
@@ -175,11 +175,11 @@ func (s *Server) initHTTPServer() error {
 	engine := gin.New()
 	authStore := cookie.NewStore([]byte("frps-panel"))
 	authStore.Options(sessions.Options{
-		Secure:   true,
+		Secure:   false,
 		HttpOnly: false,
-		SameSite: 4,
+		SameSite: http.SameSiteDefaultMode,
 		Path:     "/",
-		MaxAge:   s.cfg.CommonInfo.KeepTime,
+		MaxAge:   s.cfg.CommonInfo.AdminKeepTime,
 	})
 	engine.Use(sessions.Sessions(controller.SessionName, authStore))
 	engine.Use(GinI18nLocalize(s.rootDir))
Author	SHA1	Message	Date
yanghuanglin	4a714dcd0e	fix proxy to https issue	2023-09-27 14:05:25 +08:00
yanghuanglin	43d3ef275e	fix proxy to https issue	2023-09-27 14:02:12 +08:00
yanghuanglin	d581a65002	update version code	2023-09-27 12:03:22 +08:00
yanghuanglin	f6d2362f48	fix dashboard_addr https issue	2023-09-27 12:01:29 +08:00
yanghuanglin	53ba8780ff	update version code	2023-09-26 13:13:10 +08:00
yanghuanglin	0dc6d9bc12	solve http login issue	2023-09-26 13:11:38 +08:00
yanghuanglin	a8165c9b93	Merge remote-tracking branch 'origin/main'	2023-09-26 10:44:12 +08:00
yanghuanglin	bd83acef45	update readme	2023-09-26 10:44:01 +08:00
杨黄林	b18d06d83d	remove cert	2023-09-26 00:39:24 +08:00
杨黄林	eef4390878	Merge remote-tracking branch 'origin/main'	2023-09-25 22:59:33 +08:00
杨黄林	621893872d	update page color	2023-09-25 22:59:23 +08:00
yanghuanglin	8d61054332	update tips	2023-09-22 15:33:05 +08:00
yanghuanglin	7cf43c869a	update tip	2023-09-22 15:31:17 +08:00
yanghuanglin	70bddc6c1b	customize scrollbar background color	2023-09-21 15:00:36 +08:00
yanghuanglin	db0a36fc00	update 404 tips	2023-09-20 14:58:41 +08:00
杨黄林	32ced78da4	update config	2023-09-17 11:57:19 +08:00
杨黄林	8b574adfe6	fix tls cert not exist issue	2023-09-17 11:56:37 +08:00
杨黄林	6d787693dc	update makefile and package.sh	2023-09-17 11:41:12 +08:00
杨黄林	e8de396f6c	add token file config as example	2023-09-17 11:35:54 +08:00
杨黄林	59af75a785	update readme; optimize logic code;	2023-09-17 11:35:06 +08:00
杨黄林	7c30c6d150	completely save config with toml format	2023-09-17 01:35:42 +08:00
yanghuanglin	2f79a5d093	preliminary write tokens to config with toml	2023-09-16 13:53:53 +08:00
yanghuanglin	856bb3e27b	success write tokens to config with toml (not finish)	2023-09-15 19:09:20 +08:00
杨黄林	7e09934024	change config from ini to toml (processing)	2023-09-14 23:29:42 +08:00
yanghuanglin	e2d276c4fc	start to config with toml (not finish)	2023-09-14 18:36:35 +08:00