fix: missed update user's password

ci: mark non-prerelease when upload assets
feat: rehash password with a unique salt for each user
2023-08-07 18:51:54 +08:00 · 2023-08-07 16:23:36 +08:00 · 2023-08-07 15:46:19 +08:00 · 2023-08-07 14:38:50 +08:00 · 2023-08-07 13:49:23 +08:00 · 2023-08-07 13:44:28 +08:00
157 changed files with 7303 additions and 1588 deletions
--- a/.github/ISSUE_TEMPLATE/bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yml
@ -7,28 +7,44 @@ body:
      value: |
        Thanks for taking the time to fill out this bug report, please **confirm that your issue is not a duplicate issue and not because of your operation or version issues**
        感谢您花时间填写此错误报告，请**务必确认您的issue不是重复的且不是因为您的操作或版本问题**
+
  - type: checkboxes
    attributes:
      label: Please make sure of the following things
-      description: You may select more than one, even select all.
+      description: |
+        You must check all the following, otherwise your issue may be closed directly. Or you can go to the [discussions](https://github.com/alist-org/alist/discussions)
+        您必须勾选以下所有内容，否则您的issue可能会被直接关闭。或者您可以去[讨论区](https://github.com/alist-org/alist/discussions)
      options:
-        - label: I have read the [documentation](https://alist.nn.ci).
-        - label: I'm sure there are no duplicate issues or discussions.
-        - label: I'm sure it's due to `alist` and not something else(such as `Dependencies` or `Operational`).
-        - label: I'm sure I'm using the latest version
+        - label: |
+            I have read the [documentation](https://alist.nn.ci).
+            我已经阅读了[文档](https://alist.nn.ci)。
+        - label: |
+            I'm sure there are no duplicate issues or discussions.
+            我确定没有重复的issue或讨论。
+        - label: |
+            I'm sure it's due to `AList` and not something else(such as `Dependencies` or `Operational`).
+            我确定是`AList`的问题，而不是其他原因（例如`依赖`或`操作`）。
+        - label: |
+            I'm sure this issue is not fixed in the latest version.
+            我确定这个问题在最新版本中没有被修复。
+
  - type: input
    id: version
    attributes:
-      label: Alist Version / Alist 版本
-      description: What version of our software are you running?
-      placeholder: v2.0.0
+      label: AList Version / AList 版本
+      description: |
+        What version of our software are you running? Do not use `latest` or `master` as an answer.
+        您使用的是哪个版本的软件？请不要使用`latest`或`master`作为答案。
+      placeholder: v3.xx.xx
    validations:
      required: true
  - type: input
    id: driver
    attributes:
      label: Driver used / 使用的存储驱动
-      description: What storage driver are you using?
+      description: |
+        What storage driver are you using?
+        您使用的是哪个存储驱动？
      placeholder: "for example: Onedrive"
    validations:
      required: true
@ -47,6 +63,15 @@ body:
        请提供能复现此问题的链接，请知悉如果不提供它你的issue可能会被直接关闭。
    validations:
      required: true
+  - type: textarea
+    id: config
+    attributes:
+      label: Config / 配置
+      description: |
+        Please provide the configuration file of your `AList` application and take a screenshot of the relevant storage configuration. (hide privacy field)
+        请提供您的`AList`应用的配置文件，并截图相关存储配置。(隐藏隐私字段)
+    validations:
+      required: true
  - type: textarea
    id: logs
    attributes:
--- a/.github/stale.yml
+++ b/.github/stale.yml
@ -1,7 +1,7 @@
 # Number of days of inactivity before an issue becomes stale
 daysUntilStale: 44
 # Number of days of inactivity before a stale issue is closed
-daysUntilClose: 10
+daysUntilClose: 20
 # Issues with these labels will never be considered stale
 exemptLabels:
  - accepted
--- a/.github/workflows/auto_lang.yml
+++ b/.github/workflows/auto_lang.yml
@ -53,8 +53,8 @@ jobs:
        run: |
          cd alist-web
          git add .
-          git config --local user.email "i@nn.ci"
-          git config --local user.name "Andy Hsu"
+          git config --local user.email "bot@nn.ci"
+          git config --local user.name "IlaBot"
          git commit -m "chore: auto update i18n file" -a 2>/dev/null || :
          cd ..

--- a/.github/workflows/build_docker.yml
+++ b/.github/workflows/build_docker.yml
@ -53,8 +53,8 @@ jobs:

      - name: Commit
        run: |
-          git config --local user.email "i@nn.ci"
-          git config --local user.name "Noah Hsu"
+          git config --local user.email "bot@nn.ci"
+          git config --local user.name "IlaBot"
          git commit --allow-empty -m "Trigger build for ${{ github.sha }}"

      - name: Push commit
--- a/.github/workflows/issue_close_stale.yml
+++ b/.github/workflows/issue_close_stale.yml
@ -18,4 +18,4 @@ jobs:
          inactive-day: 8
          close-reason: 'not_planned'
          body: |
-            Hello @${{ github.event.issue.user.login }}, this issue was closed due to inactive more than 52 days. You can reopen or recreate it if you think it should continue.
+            Hello @${{ github.event.issue.user.login }}, this issue was closed due to inactive more than 52 days. You can reopen or recreate it if you think it should continue. Thank you for your contributions again.
--- a/.github/workflows/issue_question.yml
+++ b/.github/workflows/issue_question.yml
@ -10,7 +10,7 @@ jobs:
    if: github.event.label.name == 'question'
    steps:
      - name: Create comment
-        uses: actions-cool/issues-helper@v3.4.0
+        uses: actions-cool/issues-helper@v3.5.1
        with:
          actions: 'create-comment'
          token: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/workflows/issue_rm_working.yml
+++ b/.github/workflows/issue_rm_working.yml
@ -0,0 +1,17 @@
+name: Remove working label when issue closed
+
+on:
+  issues:
+    types: [closed]
+
+jobs:
+  rm-working:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Remove working label
+        uses: actions-cool/issues-helper@v3
+        with:
+          actions: 'remove-labels'
+          token: ${{ secrets.GITHUB_TOKEN }}
+          issue-number: ${{ github.event.issue.number }}
+          labels: 'working'
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -41,17 +41,11 @@ jobs:
        run: |
          bash build.sh release

-      - name: Release latest
-        uses: irongut/EditRelease@v1.2.0
-        with:
-          token: ${{ secrets.MY_TOKEN }}
-          id: ${{ github.event.release.id }}
-          prerelease: false
-
      - name: Upload assets
        uses: softprops/action-gh-release@v1
        with:
          files: build/compress/*
+          prerelease: false

  release_desktop:
    needs: release
@ -68,8 +62,8 @@ jobs:

      - name: Add tag
        run: |
-          git config --local user.email "i@nn.ci"
-          git config --local user.name "Andy Hsu"
+          git config --local user.email "bot@nn.ci"
+          git config --local user.name "IlaBot"
          version=$(wget -qO- -t1 -T2 "https://api.github.com/repos/alist-org/alist/releases/latest" | grep "tag_name" | head -n 1 | awk -F ":" '{print $2}' | sed 's/\"//g;s/,//g;s/ //g')
          git tag -a $version -m "release $version"

--- a/.github/workflows/release_docker.yml
+++ b/.github/workflows/release_docker.yml
@ -56,8 +56,8 @@ jobs:

      - name: Add tag
        run: |
-          git config --local user.email "i@nn.ci"
-          git config --local user.name "Andy Hsu"
+          git config --local user.email "bot@nn.ci"
+          git config --local user.name "IlaBot"
          git tag -a ${{ github.ref_name }} -m "release ${{ github.ref_name }}"

      - name: Push tags
--- a/.github/workflows/release_linux_musl_arm.yml
+++ b/.github/workflows/release_linux_musl_arm.yml
@ -0,0 +1,34 @@
+name: release_linux_musl_arm
+
+on:
+  release:
+    types: [ published ]
+
+jobs:
+  release_arm:
+    strategy:
+      matrix:
+        platform: [ ubuntu-latest ]
+        go-version: [ '1.20' ]
+    name: Release
+    runs-on: ${{ matrix.platform }}
+    steps:
+
+      - name: Setup Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: ${{ matrix.go-version }}
+
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Build
+        run: |
+          bash build.sh release linux_musl_arm
+
+      - name: Upload assets
+        uses: softprops/action-gh-release@v1
+        with:
+          files: build/compress/*
--- a/.gitignore
+++ b/.gitignore
@ -29,3 +29,5 @@ output/
 /daemon/
 /public/dist/*
 /!public/dist/README.md
+
+.VSCodeCounter
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -7,7 +7,7 @@
 Prerequisites:

 - [git](https://git-scm.com)
- [Go 1.19+](https://golang.org/doc/install)
+- [Go 1.20+](https://golang.org/doc/install)
 - [gcc](https://gcc.gnu.org/)
 - [nodejs](https://nodejs.org/)

--- a/2
+++ b/2
@ -14,5 +14,5 @@ COPY entrypoint.sh /entrypoint.sh
 RUN apk add --no-cache bash ca-certificates su-exec tzdata; \
    chmod +x /entrypoint.sh
 ENV PUID=0 PGID=0 UMASK=022
-EXPOSE 5244
+EXPOSE 5244 5245
 CMD [ "/entrypoint.sh" ]
--- a/README.md
+++ b/README.md
@ -39,7 +39,7 @@

 ---

-English | [中文](./README_cn.md) | [Contributing](./CONTRIBUTING.md) | [CODE_OF_CONDUCT](./CODE_OF_CONDUCT.md)
+English | [中文](./README_cn.md)| [日本語](./README_ja.md) | [Contributing](./CONTRIBUTING.md) | [CODE_OF_CONDUCT](./CODE_OF_CONDUCT.md)

 ## Features

@ -73,6 +73,7 @@ English | [中文](./README_cn.md) | [Contributing](./CONTRIBUTING.md) | [CODE_O
    - [x] SMB
    - [x] [115](https://115.com/)
    - [X] Cloudreve
+    - [x] [Dropbox](https://www.dropbox.com/)
 - [x] Easy to deploy and out-of-the-box
 - [x] File preview (PDF, markdown, code, plain text, ...)
 - [x] Image preview in gallery mode
@ -90,6 +91,7 @@ English | [中文](./README_cn.md) | [Contributing](./CONTRIBUTING.md) | [CODE_O
 - [x] Web upload(Can allow visitors to upload), delete, mkdir, rename, move and copy
 - [x] Offline download
 - [x] Copy files between two storage
+- [x] Multi-thread downloading acceleration for single-thread download/stream

 ## Document

@ -110,8 +112,8 @@ https://alist.nn.ci/guide/sponsor.html

 ### Special sponsors

- [找资源 - 阿里云盘资源搜索引擎](https://zhaoziyuan.la/)
- [KinhDown 百度云盘不限速下载！永久免费！已稳定运行3年！非常可靠！Q群 -> 786799372](https://kinhdown.com)
+- [亚洲云 - 高防服务器|服务器租用|福州高防|广东电信|香港服务器|美国服务器|海外服务器 - 国内靠谱的企业级云计算服务提供商](https://www.asiayun.com/aff/QQCOOQKZ) (sponsored Chinese API server)
+- [找资源 - 阿里云盘资源搜索引擎](https://zhaoziyuan.pw/)
 - [JetBrains: Essential tools for software developers and teams](https://www.jetbrains.com/)

 ## Contributors
--- a/README_cn.md
+++ b/README_cn.md
@ -39,7 +39,7 @@

 ---

-[English](./README.md) | 中文 | [Contributing](./CONTRIBUTING.md) | [CODE_OF_CONDUCT](./CODE_OF_CONDUCT.md)
+[English](./README.md) | 中文 | [日本語](./README_ja.md) | [Contributing](./CONTRIBUTING.md) | [CODE_OF_CONDUCT](./CODE_OF_CONDUCT.md)

 ## 功能

@ -72,6 +72,7 @@
    - [x] SMB
    - [x] [115](https://115.com/)
    - [X] Cloudreve
+    - [x] [Dropbox](https://www.dropbox.com/)
 - [x] 部署方便，开箱即用
 - [x] 文件预览（PDF、markdown、代码、纯文本……）
 - [x] 画廊模式下的图像预览
@ -89,6 +90,7 @@
 - [x] 网页上传(可以允许访客上传)，删除，新建文件夹，重命名，移动，复制
 - [x] 离线下载
 - [x] 跨存储复制文件
+- [x] 单线程下载/串流的多线程下载加速

 ## 文档

@ -108,8 +110,8 @@ AList 是一个开源软件，如果你碰巧喜欢这个项目，并希望我

 ### 特别赞助

- [找资源 - 阿里云盘资源搜索引擎](https://zhaoziyuan.la/)
- [KinhDown 百度云盘不限速下载！永久免费！已稳定运行3年！非常可靠！Q群 -> 786799372](https://kinhdown.com)
+- [亚洲云 - 高防服务器|服务器租用|福州高防|广东电信|香港服务器|美国服务器|海外服务器 - 国内靠谱的企业级云计算服务提供商](https://www.asiayun.com/aff/QQCOOQKZ) (国内API服务器赞助)
+- [找资源 - 阿里云盘资源搜索引擎](https://zhaoziyuan.pw/)
 - [JetBrains: Essential tools for software developers and teams](https://www.jetbrains.com/)

 ## 贡献者
--- a/README_ja.md
+++ b/README_ja.md
@ -0,0 +1,138 @@
+<div align="center">
+  <a href="https://alist.nn.ci"><img height="100px" alt="logo" src="https://cdn.jsdelivr.net/gh/alist-org/logo@main/logo.svg"/></a>
+  <p><em>🗂️Gin と Solidjs による、複数のストレージをサポートするファイルリストプログラム。</em></p>
+<div>
+  <a href="https://goreportcard.com/report/github.com/alist-org/alist/v3">
+    <img src="https://goreportcard.com/badge/github.com/alist-org/alist/v3" alt="latest version" />
+  </a>
+  <a href="https://github.com/Xhofe/alist/blob/main/LICENSE">
+    <img src="https://img.shields.io/github/license/Xhofe/alist" alt="License" />
+  </a>
+  <a href="https://github.com/Xhofe/alist/actions?query=workflow%3ABuild">
+    <img src="https://img.shields.io/github/actions/workflow/status/Xhofe/alist/build.yml?branch=main" alt="Build status" />
+  </a>
+  <a href="https://github.com/Xhofe/alist/releases">
+    <img src="https://img.shields.io/github/release/Xhofe/alist" alt="latest version" />
+  </a>
+  <a title="Crowdin" target="_blank" href="https://crwd.in/alist">
+    <img src="https://badges.crowdin.net/alist/localized.svg">
+  </a>
+</div>
+<div>
+  <a href="https://github.com/Xhofe/alist/discussions">
+    <img src="https://img.shields.io/github/discussions/Xhofe/alist?color=%23ED8936" alt="discussions" />
+  </a>
+  <a href="https://discord.gg/F4ymsH4xv2">
+    <img src="https://img.shields.io/discord/1018870125102895134?logo=discord" alt="discussions" />
+  </a>
+  <a href="https://github.com/Xhofe/alist/releases">
+    <img src="https://img.shields.io/github/downloads/Xhofe/alist/total?color=%239F7AEA&logo=github" alt="Downloads" />
+  </a>
+  <a href="https://hub.docker.com/r/xhofe/alist">
+    <img src="https://img.shields.io/docker/pulls/xhofe/alist?color=%2348BB78&logo=docker&label=pulls" alt="Downloads" />
+  </a>
+  <a href="https://alist.nn.ci/guide/sponsor.html">
+    <img src="https://img.shields.io/badge/%24-sponsor-F87171.svg" alt="sponsor" />
+  </a>
+</div>
+</div>
+
+---
+
+[English](./README.md) | [中文](./README_cn.md) | 日本語 | [Contributing](./CONTRIBUTING.md) | [CODE_OF_CONDUCT](./CODE_OF_CONDUCT.md)
+
+## 特徴
+
+- [x] マルチストレージ
+    - [x] ローカルストレージ
+    - [x] [Aliyundrive](https://www.aliyundrive.com/)
+    - [x] OneDrive / Sharepoint ([グローバル](https://www.office.com/), [cn](https://portal.partner.microsoftonline.cn),de,us)
+    - [x] [189cloud](https://cloud.189.cn) (Personal, Family)
+    - [x] [GoogleDrive](https://drive.google.com/)
+    - [x] [123pan](https://www.123pan.com/)
+    - [x] FTP / SFTP
+    - [x] [PikPak](https://www.mypikpak.com/)
+    - [x] [S3](https://aws.amazon.com/s3/)
+    - [x] [Seafile](https://seafile.com/)
+    - [x] [UPYUN Storage Service](https://www.upyun.com/products/file-storage)
+    - [x] WebDav(Support OneDrive/SharePoint without API)
+    - [x] Teambition([China](https://www.teambition.com/ ),[International](https://us.teambition.com/ ))
+    - [x] [Mediatrack](https://www.mediatrack.cn/)
+    - [x] [139yun](https://yun.139.com/) (Personal, Family)
+    - [x] [YandexDisk](https://disk.yandex.com/)
+    - [x] [BaiduNetdisk](http://pan.baidu.com/)
+    - [x] [Terabox](https://www.terabox.com/main)
+    - [x] [UC](https://drive.uc.cn)
+    - [x] [Quark](https://pan.quark.cn)
+    - [x] [Thunder](https://pan.xunlei.com)
+    - [x] [Lanzou](https://www.lanzou.com/)
+    - [x] [Aliyundrive share](https://www.aliyundrive.com/)
+    - [x] [Google photo](https://photos.google.com/)
+    - [x] [Mega.nz](https://mega.nz)
+    - [x] [Baidu photo](https://photo.baidu.com/)
+    - [x] SMB
+    - [x] [115](https://115.com/)
+    - [X] Cloudreve
+    - [x] [Dropbox](https://www.dropbox.com/)
+- [x] デプロイが簡単で、すぐに使える
+- [x] ファイルプレビュー (PDF, マークダウン, コード, プレーンテキスト, ...)
+- [x] ギャラリーモードでの画像プレビュー
+- [x] ビデオとオーディオのプレビュー、歌詞と字幕のサポート
+- [x] Office ドキュメントのプレビュー (docx, pptx, xlsx, ...)
+- [x] `README.md` のプレビューレンダリング
+- [x] ファイルのパーマリンクコピーと直接ダウンロード
+- [x] ダークモード
+- [x] 国際化
+- [x] 保護されたルート (パスワード保護と認証)
+- [x] WebDav (詳細は https://alist.nn.ci/guide/webdav.html を参照)
+- [x] [Docker デプロイ](https://hub.docker.com/r/xhofe/alist)
+- [x] Cloudflare ワーカープロキシ
+- [x] ファイル/フォルダパッケージのダウンロード
+- [x] ウェブアップロード(訪問者にアップロードを許可できる), 削除, mkdir, 名前変更, 移動, コピー
+- [x] オフラインダウンロード
+- [x] 二つのストレージ間でファイルをコピー
+- [x] シングルスレッドのダウンロード/ストリーム向けのマルチスレッド ダウンロード アクセラレーション
+
+## ドキュメント
+
+<https://alist.nn.ci/>
+
+## デモ
+
+<https://al.nn.ci>
+
+## ディスカッション
+
+一般的なご質問は[ディスカッションフォーラム](https://github.com/Xhofe/alist/discussions)をご利用ください。**問題はバグレポートと機能リクエストのみです。**
+
+## スポンサー
+
+AList はオープンソースのソフトウェアです。もしあなたがこのプロジェクトを気に入ってくださり、続けて欲しいと思ってくださるなら、ぜひスポンサーになってくださるか、1口でも寄付をしてくださるようご検討ください！すべての愛とサポートに感謝します:
+https://alist.nn.ci/guide/sponsor.html
+
+### スペシャルスポンサー
+
+- [亚洲云 - 高防服务器|服务器租用|福州高防|广东电信|香港服务器|美国服务器|海外服务器 - 国内靠谱的企业级云计算服务提供商](https://www.asiayun.com/aff/QQCOOQKZ) (sponsored Chinese API server)
+- [找资源 - 阿里云盘资源搜索引擎](https://zhaoziyuan.pw/)
+- [JetBrains: Essential tools for software developers and teams](https://www.jetbrains.com/)
+
+## コントリビューター
+
+これらの素晴らしい人々に感謝します:
+
+[![Contributors](http://contributors.nn.ci/api?repo=alist-org/alist&repo=alist-org/alist-web&repo=alist-org/docs)](https://github.com/alist-org/alist/graphs/contributors)
+
+## ライセンス
+
+`AList` は AGPL-3.0 ライセンスの下でライセンスされたオープンソースソフトウェアです。
+
+## 免責事項
+- このプログラムはフリーでオープンソースのプロジェクトです。ネットワークディスク上でファイルを共有するように設計されており、golang のダウンロードや学習に便利です。利用にあたっては関連法規を遵守し、悪用しないようお願いします;
+- このプログラムは、公式インターフェースの動作を破壊することなく、公式 sdk/インターフェースを呼び出すことで実装されています;
+- このプログラムは、302リダイレクト/トラフィック転送のみを行い、いかなるユーザーデータも傍受、保存、改ざんしません;
+- このプログラムを使用する前に、アカウントの禁止、ダウンロード速度の制限など、対応するリスクを理解し、負担する必要があります;
+- もし侵害があれば、[メール](mailto:i@nn.ci)で私に連絡してください。
+
+---
+
+> [@Blog](https://nn.ci/) · [@GitHub](https://github.com/Xhofe) · [@TelegramGroup](https://t.me/alist_chat) · [@Discord](https://discord.gg/F4ymsH4xv2)
--- a/build.sh
+++ b/build.sh
@ -54,11 +54,30 @@ BuildWinArm64() {

 BuildDev() {
  rm -rf .git/
-  xgo -targets=linux/amd64,windows/amd64,darwin/amd64 -out "$appName" -ldflags="$ldflags" -tags=jsoniter .
  mkdir -p "dist"
+  muslflags="--extldflags '-static -fpic' $ldflags"
+  BASE="https://musl.nn.ci/"
+  FILES=(x86_64-linux-musl-cross aarch64-linux-musl-cross)
+  for i in "${FILES[@]}"; do
+    url="${BASE}${i}.tgz"
+    curl -L -o "${i}.tgz" "${url}"
+    sudo tar xf "${i}.tgz" --strip-components 1 -C /usr/local
+  done
+  OS_ARCHES=(linux-musl-amd64 linux-musl-arm64)
+  CGO_ARGS=(x86_64-linux-musl-gcc aarch64-linux-musl-gcc)
+  for i in "${!OS_ARCHES[@]}"; do
+    os_arch=${OS_ARCHES[$i]}
+    cgo_cc=${CGO_ARGS[$i]}
+    echo building for ${os_arch}
+    export GOOS=${os_arch%%-*}
+    export GOARCH=${os_arch##*-}
+    export CC=${cgo_cc}
+    export CGO_ENABLED=1
+    go build -o ./dist/$appName-$os_arch -ldflags="$muslflags" -tags=jsoniter .
+  done
+  xgo -targets=windows/amd64,darwin/amd64 -out "$appName" -ldflags="$ldflags" -tags=jsoniter .
  mv alist-* dist
  cd dist
-  upx -9 ./alist-linux*
  cp ./alist-windows-amd64.exe ./alist-windows-amd64-upx.exe
  upx -9 ./alist-windows-amd64-upx.exe
  find . -type f -print0 | xargs -0 md5sum >md5.txt
@ -74,14 +93,15 @@ BuildRelease() {
  mkdir -p "build"
  muslflags="--extldflags '-static -fpic' $ldflags"
  BASE="https://musl.nn.ci/"
-  FILES=(x86_64-linux-musl-cross aarch64-linux-musl-cross arm-linux-musleabihf-cross mips-linux-musl-cross mips64-linux-musl-cross mips64el-linux-musl-cross mipsel-linux-musl-cross powerpc64le-linux-musl-cross s390x-linux-musl-cross)
+  FILES=(x86_64-linux-musl-cross aarch64-linux-musl-cross mips-linux-musl-cross mips64-linux-musl-cross mips64el-linux-musl-cross mipsel-linux-musl-cross powerpc64le-linux-musl-cross s390x-linux-musl-cross)
  for i in "${FILES[@]}"; do
    url="${BASE}${i}.tgz"
    curl -L -o "${i}.tgz" "${url}"
    sudo tar xf "${i}.tgz" --strip-components 1 -C /usr/local
+    rm -f "${i}.tgz"
  done
-  OS_ARCHES=(linux-musl-amd64 linux-musl-arm64 linux-musl-arm linux-musl-mips linux-musl-mips64 linux-musl-mips64le linux-musl-mipsle linux-musl-ppc64le linux-musl-s390x)
-  CGO_ARGS=(x86_64-linux-musl-gcc aarch64-linux-musl-gcc arm-linux-musleabihf-gcc mips-linux-musl-gcc mips64-linux-musl-gcc mips64el-linux-musl-gcc mipsel-linux-musl-gcc powerpc64le-linux-musl-gcc s390x-linux-musl-gcc)
+  OS_ARCHES=(linux-musl-amd64 linux-musl-arm64 linux-musl-mips linux-musl-mips64 linux-musl-mips64le linux-musl-mipsle linux-musl-ppc64le linux-musl-s390x)
+  CGO_ARGS=(x86_64-linux-musl-gcc aarch64-linux-musl-gcc mips-linux-musl-gcc mips64-linux-musl-gcc mips64el-linux-musl-gcc mipsel-linux-musl-gcc powerpc64le-linux-musl-gcc s390x-linux-musl-gcc)
  for i in "${!OS_ARCHES[@]}"; do
    os_arch=${OS_ARCHES[$i]}
    cgo_cc=${CGO_ARGS[$i]}
@ -101,6 +121,39 @@ BuildRelease() {
  mv alist-* build
 }

+BuildReleaseLinuxMuslArm() {
+  rm -rf .git/
+  mkdir -p "build"
+  muslflags="--extldflags '-static -fpic' $ldflags"
+  BASE="https://musl.nn.ci/"
+#  FILES=(arm-linux-musleabi-cross arm-linux-musleabihf-cross armeb-linux-musleabi-cross armeb-linux-musleabihf-cross armel-linux-musleabi-cross armel-linux-musleabihf-cross armv5l-linux-musleabi-cross armv5l-linux-musleabihf-cross armv6-linux-musleabi-cross armv6-linux-musleabihf-cross armv7l-linux-musleabihf-cross armv7m-linux-musleabi-cross armv7r-linux-musleabihf-cross)
+  FILES=(arm-linux-musleabi-cross arm-linux-musleabihf-cross armel-linux-musleabi-cross armel-linux-musleabihf-cross armv5l-linux-musleabi-cross armv5l-linux-musleabihf-cross armv6-linux-musleabi-cross armv6-linux-musleabihf-cross armv7l-linux-musleabihf-cross armv7m-linux-musleabi-cross armv7r-linux-musleabihf-cross)
+  for i in "${FILES[@]}"; do
+    url="${BASE}${i}.tgz"
+    curl -L -o "${i}.tgz" "${url}"
+    sudo tar xf "${i}.tgz" --strip-components 1 -C /usr/local
+    rm -f "${i}.tgz"
+  done
+#  OS_ARCHES=(linux-musleabi-arm linux-musleabihf-arm linux-musleabi-armeb linux-musleabihf-armeb linux-musleabi-armel linux-musleabihf-armel linux-musleabi-armv5l linux-musleabihf-armv5l linux-musleabi-armv6 linux-musleabihf-armv6 linux-musleabihf-armv7l linux-musleabi-armv7m linux-musleabihf-armv7r)
+#  CGO_ARGS=(arm-linux-musleabi-gcc arm-linux-musleabihf-gcc armeb-linux-musleabi-gcc armeb-linux-musleabihf-gcc armel-linux-musleabi-gcc armel-linux-musleabihf-gcc armv5l-linux-musleabi-gcc armv5l-linux-musleabihf-gcc armv6-linux-musleabi-gcc armv6-linux-musleabihf-gcc armv7l-linux-musleabihf-gcc armv7m-linux-musleabi-gcc armv7r-linux-musleabihf-gcc)
+#  GOARMS=('' '' '' '' '' '' '5' '5' '6' '6' '7' '7' '7')
+  OS_ARCHES=(linux-musleabi-arm linux-musleabihf-arm linux-musleabi-armel linux-musleabihf-armel linux-musleabi-armv5l linux-musleabihf-armv5l linux-musleabi-armv6 linux-musleabihf-armv6 linux-musleabihf-armv7l linux-musleabi-armv7m linux-musleabihf-armv7r)
+  CGO_ARGS=(arm-linux-musleabi-gcc arm-linux-musleabihf-gcc armel-linux-musleabi-gcc armel-linux-musleabihf-gcc armv5l-linux-musleabi-gcc armv5l-linux-musleabihf-gcc armv6-linux-musleabi-gcc armv6-linux-musleabihf-gcc armv7l-linux-musleabihf-gcc armv7m-linux-musleabi-gcc armv7r-linux-musleabihf-gcc)
+  GOARMS=('' '' '' '' '5' '5' '6' '6' '7' '7' '7')
+  for i in "${!OS_ARCHES[@]}"; do
+    os_arch=${OS_ARCHES[$i]}
+    cgo_cc=${CGO_ARGS[$i]}
+    arm=${GOARMS[$i]}
+    echo building for ${os_arch}
+    export GOOS=linux
+    export GOARCH=arm
+    export CC=${cgo_cc}
+    export CGO_ENABLED=1
+    export GOARM=${arm}
+    go build -o ./build/$appName-$os_arch -ldflags="$muslflags" -tags=jsoniter .
+  done
+}
+
 MakeRelease() {
  cd build
  mkdir compress
@ -120,8 +173,8 @@ MakeRelease() {
    rm -f alist.exe
  done
  cd compress
-  find . -type f -print0 | xargs -0 md5sum >md5.txt
-  cat md5.txt
+  find . -type f -print0 | xargs -0 md5sum >"$1"
+  cat "$1"
  cd ../..
 }

@ -136,9 +189,12 @@ elif [ "$1" = "release" ]; then
  FetchWebRelease
  if [ "$2" = "docker" ]; then
    BuildDocker
+  elif [ "$2" = "linux_musl_arm" ]; then
+    BuildReleaseLinuxMuslArm
+    MakeRelease "md5-linux-musl-arm.txt"
  else
    BuildRelease
-    MakeRelease
+    MakeRelease "md5.txt"
  fi
 else
  echo -e "Parameter error"
--- a/cmd/admin.go
+++ b/cmd/admin.go
@ -4,30 +4,87 @@ Copyright © 2022 NAME HERE <EMAIL ADDRESS>
 package cmd

 import (
+	"github.com/alist-org/alist/v3/internal/conf"
 	"github.com/alist-org/alist/v3/internal/op"
+	"github.com/alist-org/alist/v3/internal/setting"
 	"github.com/alist-org/alist/v3/pkg/utils"
+	"github.com/alist-org/alist/v3/pkg/utils/random"
 	"github.com/spf13/cobra"
 )

-// PasswordCmd represents the password command
-var PasswordCmd = &cobra.Command{
+// AdminCmd represents the password command
+var AdminCmd = &cobra.Command{
 	Use:     "admin",
 	Aliases: []string{"password"},
-	Short:   "Show admin user's info",
+	Short:   "Show admin user's info and some operations about admin user's password",
 	Run: func(cmd *cobra.Command, args []string) {
 		Init()
 		admin, err := op.GetAdmin()
 		if err != nil {
 			utils.Log.Errorf("failed get admin user: %+v", err)
 		} else {
-			utils.Log.Infof("admin user's info: \nusername: %s\npassword: %s", admin.Username, admin.Password)
+			utils.Log.Infof("Admin user's username: %s", admin.Username)
+			utils.Log.Infof("The password can only be output at the first startup, and then stored as a hash value, which cannot be reversed")
+			utils.Log.Infof("You can reset the password with a random string by running [alist admin random]")
+			utils.Log.Infof("You can also set a new password by running [alist admin set NEW_PASSWORD]")
 		}
 	},
 }

-func init() {
-	RootCmd.AddCommand(PasswordCmd)
+var RandomPasswordCmd = &cobra.Command{
+	Use:   "random",
+	Short: "Reset admin user's password to a random string",
+	Run: func(cmd *cobra.Command, args []string) {
+		newPwd := random.String(8)
+		setAdminPassword(newPwd)
+	},
+}

+var SetPasswordCmd = &cobra.Command{
+	Use:   "set",
+	Short: "Set admin user's password",
+	Run: func(cmd *cobra.Command, args []string) {
+		if len(args) == 0 {
+			utils.Log.Errorf("Please enter the new password")
+			return
+		}
+		setAdminPassword(args[0])
+	},
+}
+
+var ShowTokenCmd = &cobra.Command{
+	Use:   "token",
+	Short: "Show admin token",
+	Run: func(cmd *cobra.Command, args []string) {
+		Init()
+		token := setting.GetStr(conf.Token)
+		utils.Log.Infof("Admin token: %s", token)
+	},
+}
+
+func setAdminPassword(pwd string) {
+	Init()
+	admin, err := op.GetAdmin()
+	if err != nil {
+		utils.Log.Errorf("failed get admin user: %+v", err)
+		return
+	}
+	admin.SetPassword(pwd)
+	if err := op.UpdateUser(admin); err != nil {
+		utils.Log.Errorf("failed update admin user: %+v", err)
+		return
+	}
+	utils.Log.Infof("admin user has been updated:")
+	utils.Log.Infof("username: %s", admin.Username)
+	utils.Log.Infof("password: %s", pwd)
+	DelAdminCacheOnline()
+}
+
+func init() {
+	RootCmd.AddCommand(AdminCmd)
+	AdminCmd.AddCommand(RandomPasswordCmd)
+	AdminCmd.AddCommand(SetPasswordCmd)
+	AdminCmd.AddCommand(ShowTokenCmd)
 	// Here you will define your flags and configuration settings.

 	// Cobra supports Persistent Flags which will work for this command
--- a/cmd/cancel2FA.go
+++ b/cmd/cancel2FA.go
@ -24,6 +24,7 @@ var Cancel2FACmd = &cobra.Command{
 				utils.Log.Errorf("failed to cancel 2FA: %+v", err)
 			} else {
 				utils.Log.Info("2FA canceled")
+				DelAdminCacheOnline()
 			}
 		}
 	},
--- a/cmd/root.go
+++ b/cmd/root.go
@ -24,7 +24,7 @@ func Execute() {
 }

 func init() {
-	RootCmd.PersistentFlags().StringVar(&flags.DataDir, "data", "data", "config file")
+	RootCmd.PersistentFlags().StringVar(&flags.DataDir, "data", "data", "data folder")
 	RootCmd.PersistentFlags().BoolVar(&flags.Debug, "debug", false, "start with debug mode")
 	RootCmd.PersistentFlags().BoolVar(&flags.NoPrefix, "no-prefix", false, "disable env prefix")
 	RootCmd.PersistentFlags().BoolVar(&flags.Dev, "dev", false, "start with dev mode")
--- a/cmd/server.go
+++ b/cmd/server.go
@ -3,9 +3,12 @@ package cmd
 import (
 	"context"
 	"fmt"
+	"net"
 	"net/http"
 	"os"
 	"os/signal"
+	"strconv"
+	"sync"
 	"syscall"
 	"time"

@ -28,6 +31,10 @@ var ServerCmd = &cobra.Command{
 the address is defined in config file`,
 	Run: func(cmd *cobra.Command, args []string) {
 		Init()
+		if conf.Conf.DelayedStart != 0 {
+			utils.Log.Infof("delayed start for %d seconds", conf.Conf.DelayedStart)
+			time.Sleep(time.Duration(conf.Conf.DelayedStart) * time.Second)
+		}
 		bootstrap.InitAria2()
 		bootstrap.InitQbittorrent()
 		bootstrap.LoadStorages()
@ -37,42 +44,95 @@ the address is defined in config file`,
 		r := gin.New()
 		r.Use(gin.LoggerWithWriter(log.StandardLogger().Out), gin.RecoveryWithWriter(log.StandardLogger().Out))
 		server.Init(r)
-		base := fmt.Sprintf("%s:%d", conf.Conf.Address, conf.Conf.Port)
-		utils.Log.Infof("start server @ %s", base)
-		srv := &http.Server{Addr: base, Handler: r}
-		go func() {
-			var err error
-			if conf.Conf.Scheme.Https {
-				//err = r.RunTLS(base, conf.Conf.Scheme.CertFile, conf.Conf.Scheme.KeyFile)
-				err = srv.ListenAndServeTLS(conf.Conf.Scheme.CertFile, conf.Conf.Scheme.KeyFile)
-			} else {
-				err = srv.ListenAndServe()
-			}
-			if err != nil && err != http.ErrServerClosed {
-				utils.Log.Fatalf("failed to start: %s", err.Error())
-			}
-		}()
+		var httpSrv, httpsSrv, unixSrv *http.Server
+		if conf.Conf.Scheme.HttpPort != -1 {
+			httpBase := fmt.Sprintf("%s:%d", conf.Conf.Scheme.Address, conf.Conf.Scheme.HttpPort)
+			utils.Log.Infof("start HTTP server @ %s", httpBase)
+			httpSrv = &http.Server{Addr: httpBase, Handler: r}
+			go func() {
+				err := httpSrv.ListenAndServe()
+				if err != nil && err != http.ErrServerClosed {
+					utils.Log.Fatalf("failed to start http: %s", err.Error())
+				}
+			}()
+		}
+		if conf.Conf.Scheme.HttpsPort != -1 {
+			httpsBase := fmt.Sprintf("%s:%d", conf.Conf.Scheme.Address, conf.Conf.Scheme.HttpsPort)
+			utils.Log.Infof("start HTTPS server @ %s", httpsBase)
+			httpsSrv = &http.Server{Addr: httpsBase, Handler: r}
+			go func() {
+				err := httpsSrv.ListenAndServeTLS(conf.Conf.Scheme.CertFile, conf.Conf.Scheme.KeyFile)
+				if err != nil && err != http.ErrServerClosed {
+					utils.Log.Fatalf("failed to start https: %s", err.Error())
+				}
+			}()
+		}
+		if conf.Conf.Scheme.UnixFile != "" {
+			utils.Log.Infof("start unix server @ %s", conf.Conf.Scheme.UnixFile)
+			unixSrv = &http.Server{Handler: r}
+			go func() {
+				listener, err := net.Listen("unix", conf.Conf.Scheme.UnixFile)
+				if err != nil {
+					utils.Log.Fatalf("failed to listen unix: %+v", err)
+				}
+				// set socket file permission
+				mode, err := strconv.ParseUint(conf.Conf.Scheme.UnixFilePerm, 8, 32)
+				if err != nil {
+					utils.Log.Errorf("failed to parse socket file permission: %+v", err)
+				} else {
+					err = os.Chmod(conf.Conf.Scheme.UnixFile, os.FileMode(mode))
+					if err != nil {
+						utils.Log.Errorf("failed to chmod socket file: %+v", err)
+					}
+				}
+				err = unixSrv.Serve(listener)
+				if err != nil && err != http.ErrServerClosed {
+					utils.Log.Fatalf("failed to start unix: %s", err.Error())
+				}
+			}()
+		}
 		// Wait for interrupt signal to gracefully shutdown the server with
-		// a timeout of 5 seconds.
-		quit := make(chan os.Signal)
+		// a timeout of 1 second.
+		quit := make(chan os.Signal, 1)
 		// kill (no param) default send syscanll.SIGTERM
 		// kill -2 is syscall.SIGINT
 		// kill -9 is syscall. SIGKILL but can"t be catch, so don't need add it
 		signal.Notify(quit, syscall.SIGINT, syscall.SIGTERM)
 		<-quit
-		utils.Log.Println("Shutdown Server ...")
+		utils.Log.Println("Shutdown server...")

 		ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second)
 		defer cancel()
-		if err := srv.Shutdown(ctx); err != nil {
-			utils.Log.Fatal("Server Shutdown:", err)
+		var wg sync.WaitGroup
+		if conf.Conf.Scheme.HttpPort != -1 {
+			wg.Add(1)
+			go func() {
+				defer wg.Done()
+				if err := httpSrv.Shutdown(ctx); err != nil {
+					utils.Log.Fatal("HTTP server shutdown err: ", err)
+				}
+			}()
 		}
-		// catching ctx.Done(). timeout of 3 seconds.
-		select {
-		case <-ctx.Done():
-			utils.Log.Println("timeout of 1 seconds.")
+		if conf.Conf.Scheme.HttpsPort != -1 {
+			wg.Add(1)
+			go func() {
+				defer wg.Done()
+				if err := httpsSrv.Shutdown(ctx); err != nil {
+					utils.Log.Fatal("HTTPS server shutdown err: ", err)
+				}
+			}()
 		}
-		utils.Log.Println("Server exiting")
+		if conf.Conf.Scheme.UnixFile != "" {
+			wg.Add(1)
+			go func() {
+				defer wg.Done()
+				if err := unixSrv.Shutdown(ctx); err != nil {
+					utils.Log.Fatal("Unix server shutdown err: ", err)
+				}
+			}()
+		}
+		wg.Wait()
+		utils.Log.Println("Server exit")
 	},
 }

--- a/cmd/user.go
+++ b/cmd/user.go
@ -0,0 +1,52 @@
+package cmd
+
+import (
+	"crypto/tls"
+	"fmt"
+	"time"
+
+	"github.com/alist-org/alist/v3/internal/conf"
+	"github.com/alist-org/alist/v3/internal/op"
+	"github.com/alist-org/alist/v3/internal/setting"
+	"github.com/alist-org/alist/v3/pkg/utils"
+	"github.com/go-resty/resty/v2"
+)
+
+func DelAdminCacheOnline() {
+	admin, err := op.GetAdmin()
+	if err != nil {
+		utils.Log.Errorf("[del_admin_cache] get admin error: %+v", err)
+		return
+	}
+	DelUserCacheOnline(admin.Username)
+}
+
+func DelUserCacheOnline(username string) {
+	client := resty.New().SetTimeout(1 * time.Second).SetTLSClientConfig(&tls.Config{InsecureSkipVerify: conf.Conf.TlsInsecureSkipVerify})
+	token := setting.GetStr(conf.Token)
+	port := conf.Conf.Scheme.HttpPort
+	u := fmt.Sprintf("http://localhost:%d/api/admin/user/del_cache", port)
+	if port == -1 {
+		if conf.Conf.Scheme.HttpsPort == -1 {
+			utils.Log.Warnf("[del_user_cache] no open port")
+			return
+		}
+		u = fmt.Sprintf("https://localhost:%d/api/admin/user/del_cache", conf.Conf.Scheme.HttpsPort)
+	}
+	res, err := client.R().SetHeader("Authorization", token).SetQueryParam("username", username).Post(u)
+	if err != nil {
+		utils.Log.Warnf("[del_user_cache_online] failed: %+v", err)
+		return
+	}
+	if res.StatusCode() != 200 {
+		utils.Log.Warnf("[del_user_cache_online] failed: %+v", res.String())
+		return
+	}
+	code := utils.Json.Get(res.Body(), "code").ToInt()
+	msg := utils.Json.Get(res.Body(), "message").ToString()
+	if code != 200 {
+		utils.Log.Errorf("[del_user_cache_online] error: %s", msg)
+		return
+	}
+	utils.Log.Debugf("[del_user_cache_online] del user [%s] cache success", username)
+}
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -6,6 +6,7 @@ services:
      - '/etc/alist:/opt/alist/data'
    ports:
      - '5244:5244'
+      - '5245:5245'
    environment:
      - PUID=0
      - PGID=0
--- a/drivers/115/driver.go
+++ b/drivers/115/driver.go
@ -83,7 +83,7 @@ func (d *Pan115) Remove(ctx context.Context, obj model.Obj) error {
 }

 func (d *Pan115) Put(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) error {
-	tempFile, err := utils.CreateTempFile(stream.GetReadCloser())
+	tempFile, err := utils.CreateTempFile(stream.GetReadCloser(), stream.GetSize())
 	if err != nil {
 		return err
 	}
--- a/drivers/115/util.go
+++ b/drivers/115/util.go
@ -1,10 +1,11 @@
 package _115

 import (
+	"crypto/tls"
 	"fmt"

 	"github.com/SheltonZhu/115driver/pkg/driver"
-	"github.com/alist-org/alist/v3/drivers/base"
+	"github.com/alist-org/alist/v3/internal/conf"
 	"github.com/pkg/errors"
 )

@ -14,9 +15,11 @@ func (d *Pan115) login() error {
 	var err error
 	opts := []driver.Option{
 		driver.UA(UserAgent),
+		func(c *driver.Pan115Client) {
+			c.Client.SetTLSClientConfig(&tls.Config{InsecureSkipVerify: conf.Conf.TlsInsecureSkipVerify})
+		},
 	}
 	d.client = driver.New(opts...)
-	d.client.SetHttpClient(base.HttpClient)
 	cr := &driver.Credential{}
 	if d.Addition.QRCodeToken != "" {
 		s := &driver.QRCodeSession{
--- a/drivers/123/driver.go
+++ b/drivers/123/driver.go
@ -1,11 +1,9 @@
 package _123

 import (
-	"bytes"
 	"context"
 	"crypto/md5"
 	"encoding/base64"
-	"encoding/binary"
 	"encoding/hex"
 	"fmt"
 	"io"
@ -45,6 +43,9 @@ func (d *Pan123) Init(ctx context.Context) error {
 }

 func (d *Pan123) Drop(ctx context.Context) error {
+	_, _ = d.request(Logout, http.MethodPost, func(req *resty.Request) {
+		req.SetBody(base.Json{})
+	}, nil)
 	return nil
 }

@ -98,7 +99,7 @@ func (d *Pan123) Link(ctx context.Context, file model.Obj, args model.LinkArgs)
 		}
 		u_ := u.String()
 		log.Debug("download url: ", u_)
-		res, err := base.NoRedirectClient.R().Get(u_)
+		res, err := base.NoRedirectClient.R().SetHeader("Referer", "https://www.123pan.com/").Get(u_)
 		if err != nil {
 			return nil, err
 		}
@ -109,9 +110,12 @@ func (d *Pan123) Link(ctx context.Context, file model.Obj, args model.LinkArgs)
 		log.Debugln("res code: ", res.StatusCode())
 		if res.StatusCode() == 302 {
 			link.URL = res.Header().Get("location")
-		} else if res.StatusCode() == 200 {
+		} else if res.StatusCode() < 300 {
 			link.URL = utils.Json.Get(res.Body(), "data", "redirect_url").ToString()
 		}
+		link.Header = http.Header{
+			"Referer": []string{"https://www.123pan.com/"},
+		}
 		return &link, nil
 	} else {
 		return nil, fmt.Errorf("can't convert obj")
@ -177,40 +181,23 @@ func (d *Pan123) Remove(ctx context.Context, obj model.Obj) error {
 }

 func (d *Pan123) Put(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) error {
-	const DEFAULT int64 = 10485760
-	var uploadFile io.Reader
+	// const DEFAULT int64 = 10485760
 	h := md5.New()
-	if d.StreamUpload && stream.GetSize() > DEFAULT {
-		// 只计算前10MIB
-		buf := bytes.NewBuffer(make([]byte, 0, DEFAULT))
-		if n, err := io.CopyN(io.MultiWriter(buf, h), stream, DEFAULT); err != io.EOF && n == 0 {
-			return err
-		}
-		// 增加额外参数防止MD5碰撞
-		h.Write([]byte(stream.GetName()))
-		num := make([]byte, 8)
-		binary.BigEndian.PutUint64(num, uint64(stream.GetSize()))
-		h.Write(num)
-		// 拼装
-		uploadFile = io.MultiReader(buf, stream)
-	} else {
-		// 计算完整文件MD5
-		tempFile, err := utils.CreateTempFile(stream.GetReadCloser())
-		if err != nil {
-			return err
-		}
-		defer func() {
-			_ = tempFile.Close()
-			_ = os.Remove(tempFile.Name())
-		}()
-		if _, err = io.Copy(h, tempFile); err != nil {
-			return err
-		}
-		_, err = tempFile.Seek(0, io.SeekStart)
-		if err != nil {
-			return err
-		}
-		uploadFile = tempFile
+	// need to calculate md5 of the full content
+	tempFile, err := utils.CreateTempFile(stream.GetReadCloser(), stream.GetSize())
+	if err != nil {
+		return err
+	}
+	defer func() {
+		_ = tempFile.Close()
+		_ = os.Remove(tempFile.Name())
+	}()
+	if _, err = io.Copy(h, tempFile); err != nil {
+		return err
+	}
+	_, err = tempFile.Seek(0, io.SeekStart)
+	if err != nil {
+		return err
 	}
 	etag := hex.EncodeToString(h.Sum(nil))
 	data := base.Json{
@ -234,7 +221,8 @@ func (d *Pan123) Put(ctx context.Context, dstDir model.Obj, stream model.FileStr
 		return nil
 	}
 	if resp.Data.AccessKeyId == "" || resp.Data.SecretAccessKey == "" || resp.Data.SessionToken == "" {
-		err = d.newUpload(ctx, &resp, stream, uploadFile, up)
+		err = d.newUpload(ctx, &resp, stream, tempFile, up)
+		return err
 	} else {
 		cfg := &aws.Config{
 			Credentials:      credentials.NewStaticCredentials(resp.Data.AccessKeyId, resp.Data.SecretAccessKey, resp.Data.SessionToken),
@ -250,7 +238,7 @@ func (d *Pan123) Put(ctx context.Context, dstDir model.Obj, stream model.FileStr
 		input := &s3manager.UploadInput{
 			Bucket: &resp.Data.Bucket,
 			Key:    &resp.Data.Key,
-			Body:   uploadFile,
+			Body:   tempFile,
 		}
 		_, err = uploader.UploadWithContext(ctx, input)
 	}
--- a/drivers/123/meta.go
+++ b/drivers/123/meta.go
@ -11,7 +11,6 @@ type Addition struct {
 	driver.RootID
 	OrderBy        string `json:"order_by" type:"select" options:"file_name,size,update_at" default:"file_name"`
 	OrderDirection string `json:"order_direction" type:"select" options:"asc,desc" default:"asc"`
-	StreamUpload   bool   `json:"stream_upload"`
 	AccessToken    string
 }

--- a/drivers/123/types.go
+++ b/drivers/123/types.go
@ -1,7 +1,10 @@
 package _123

 import (
+	"net/url"
+	"path"
 	"strconv"
+	"strings"
 	"time"

 	"github.com/alist-org/alist/v3/internal/model"
@ -42,7 +45,30 @@ func (f File) GetID() string {
 	return strconv.FormatInt(f.FileId, 10)
 }

+func (f File) Thumb() string {
+	if f.DownloadUrl == "" {
+		return ""
+	}
+	du, err := url.Parse(f.DownloadUrl)
+	if err != nil {
+		return ""
+	}
+	du.Path = strings.TrimSuffix(du.Path, "_24_24") + "_70_70"
+	query := du.Query()
+	query.Set("w", "70")
+	query.Set("h", "70")
+	if !query.Has("type") {
+		query.Set("type", strings.TrimPrefix(path.Base(f.FileName), "."))
+	}
+	if !query.Has("trade_key") {
+		query.Set("trade_key", "123pan-thumbnail")
+	}
+	du.RawQuery = query.Encode()
+	return du.String()
+}
+
 var _ model.Obj = (*File)(nil)
+var _ model.Thumb = (*File)(nil)

 //func (f File) Thumb() string {
 //
--- a/drivers/123/upload.go
+++ b/drivers/123/upload.go
@ -34,25 +34,53 @@ func (d *Pan123) getS3PreSignedUrls(ctx context.Context, upReq *UploadResp, star
 	return &s3PreSignedUrls, nil
 }

-func (d *Pan123) completeS3(ctx context.Context, upReq *UploadResp) error {
+func (d *Pan123) getS3Auth(ctx context.Context, upReq *UploadResp, start, end int) (*S3PreSignedURLs, error) {
 	data := base.Json{
+		"StorageNode":     upReq.Data.StorageNode,
+		"bucket":          upReq.Data.Bucket,
+		"key":             upReq.Data.Key,
+		"partNumberEnd":   end,
+		"partNumberStart": start,
+		"uploadId":        upReq.Data.UploadId,
+	}
+	var s3PreSignedUrls S3PreSignedURLs
+	_, err := d.request(S3Auth, http.MethodPost, func(req *resty.Request) {
+		req.SetBody(data).SetContext(ctx)
+	}, &s3PreSignedUrls)
+	if err != nil {
+		return nil, err
+	}
+	return &s3PreSignedUrls, nil
+}
+
+func (d *Pan123) completeS3(ctx context.Context, upReq *UploadResp, file model.FileStreamer, isMultipart bool) error {
+	data := base.Json{
+		"StorageNode": upReq.Data.StorageNode,
 		"bucket":      upReq.Data.Bucket,
+		"fileId":      upReq.Data.FileId,
+		"fileSize":    file.GetSize(),
+		"isMultipart": isMultipart,
 		"key":         upReq.Data.Key,
 		"uploadId":    upReq.Data.UploadId,
-		"StorageNode": upReq.Data.StorageNode,
 	}
-	_, err := d.request(S3Complete, http.MethodPost, func(req *resty.Request) {
+	_, err := d.request(UploadCompleteV2, http.MethodPost, func(req *resty.Request) {
 		req.SetBody(data).SetContext(ctx)
 	}, nil)
 	return err
 }

 func (d *Pan123) newUpload(ctx context.Context, upReq *UploadResp, file model.FileStreamer, reader io.Reader, up driver.UpdateProgress) error {
-	chunkSize := int64(1024 * 1024 * 5)
+	chunkSize := int64(1024 * 1024 * 16)
 	// fetch s3 pre signed urls
 	chunkCount := int(math.Ceil(float64(file.GetSize()) / float64(chunkSize)))
-	// upload 10 chunks each batch
-	batchSize := 10
+	// only 1 batch is allowed
+	isMultipart := chunkCount > 1
+	batchSize := 1
+	getS3UploadUrl := d.getS3Auth
+	if isMultipart {
+		batchSize = 10
+		getS3UploadUrl = d.getS3PreSignedUrls
+	}
 	for i := 1; i <= chunkCount; i += batchSize {
 		if utils.IsCanceled(ctx) {
 			return ctx.Err()
@ -62,7 +90,7 @@ func (d *Pan123) newUpload(ctx context.Context, upReq *UploadResp, file model.Fi
 		if end > chunkCount+1 {
 			end = chunkCount + 1
 		}
-		s3PreSignedUrls, err := d.getS3PreSignedUrls(ctx, upReq, start, end)
+		s3PreSignedUrls, err := getS3UploadUrl(ctx, upReq, start, end)
 		if err != nil {
 			return err
 		}
@ -75,7 +103,7 @@ func (d *Pan123) newUpload(ctx context.Context, upReq *UploadResp, file model.Fi
 			if j == chunkCount {
 				curSize = file.GetSize() - (int64(chunkCount)-1)*chunkSize
 			}
-			err = d.uploadS3Chunk(ctx, upReq, s3PreSignedUrls, j, end, io.LimitReader(reader, chunkSize), curSize, false)
+			err = d.uploadS3Chunk(ctx, upReq, s3PreSignedUrls, j, end, io.LimitReader(reader, chunkSize), curSize, false, getS3UploadUrl)
 			if err != nil {
 				return err
 			}
@ -83,10 +111,10 @@ func (d *Pan123) newUpload(ctx context.Context, upReq *UploadResp, file model.Fi
 		}
 	}
 	// complete s3 upload
-	return d.completeS3(ctx, upReq)
+	return d.completeS3(ctx, upReq, file, chunkCount > 1)
 }

-func (d *Pan123) uploadS3Chunk(ctx context.Context, upReq *UploadResp, s3PreSignedUrls *S3PreSignedURLs, cur, end int, reader io.Reader, curSize int64, retry bool) error {
+func (d *Pan123) uploadS3Chunk(ctx context.Context, upReq *UploadResp, s3PreSignedUrls *S3PreSignedURLs, cur, end int, reader io.Reader, curSize int64, retry bool, getS3UploadUrl func(ctx context.Context, upReq *UploadResp, start int, end int) (*S3PreSignedURLs, error)) error {
 	uploadUrl := s3PreSignedUrls.Data.PreSignedUrls[strconv.Itoa(cur)]
 	if uploadUrl == "" {
 		return fmt.Errorf("upload url is empty, s3PreSignedUrls: %+v", s3PreSignedUrls)
@ -108,13 +136,13 @@ func (d *Pan123) uploadS3Chunk(ctx context.Context, upReq *UploadResp, s3PreSign
 			return fmt.Errorf("upload s3 chunk %d failed, status code: %d", cur, res.StatusCode)
 		}
 		// refresh s3 pre signed urls
-		newS3PreSignedUrls, err := d.getS3PreSignedUrls(ctx, upReq, cur, end)
+		newS3PreSignedUrls, err := getS3UploadUrl(ctx, upReq, cur, end)
 		if err != nil {
 			return err
 		}
 		s3PreSignedUrls.Data.PreSignedUrls = newS3PreSignedUrls.Data.PreSignedUrls
 		// retry
-		return d.uploadS3Chunk(ctx, upReq, s3PreSignedUrls, cur, end, reader, curSize, true)
+		return d.uploadS3Chunk(ctx, upReq, s3PreSignedUrls, cur, end, reader, curSize, true, getS3UploadUrl)
 	}
 	if res.StatusCode != http.StatusOK {
 		body, err := io.ReadAll(res.Body)
--- a/drivers/123/util.go
+++ b/drivers/123/util.go
@ -15,19 +15,26 @@ import (
 // do others that not defined in Driver interface

 const (
-	API             = "https://www.123pan.com/b/api"
-	SignIn          = API + "/user/sign_in"
-	UserInfo        = API + "/user/info"
-	FileList        = API + "/file/list/new"
-	DownloadInfo    = "https://www.123pan.com/a/api/file/download_info"
-	Mkdir           = API + "/file/upload_request"
-	Move            = API + "/file/mod_pid"
-	Rename          = API + "/file/rename"
-	Trash           = API + "/file/trash"
-	UploadRequest   = API + "/file/upload_request"
-	UploadComplete  = API + "/file/upload_complete"
-	S3PreSignedUrls = API + "/file/s3_repare_upload_parts_batch"
-	S3Complete      = API + "/file/s3_complete_multipart_upload"
+	Api              = "https://www.123pan.com/api"
+	AApi             = "https://www.123pan.com/a/api"
+	BApi             = "https://www.123pan.com/b/api"
+	MainApi          = Api
+	SignIn           = MainApi + "/user/sign_in"
+	Logout           = MainApi + "/user/logout"
+	UserInfo         = MainApi + "/user/info"
+	FileList         = MainApi + "/file/list/new"
+	DownloadInfo     = MainApi + "/file/download_info"
+	Mkdir            = MainApi + "/file/upload_request"
+	Move             = MainApi + "/file/mod_pid"
+	Rename           = MainApi + "/file/rename"
+	Trash            = MainApi + "/file/trash"
+	UploadRequest    = MainApi + "/file/upload_request"
+	UploadComplete   = MainApi + "/file/upload_complete"
+	S3PreSignedUrls  = MainApi + "/file/s3_repare_upload_parts_batch"
+	S3Auth           = MainApi + "/file/s3_upload_object/auth"
+	UploadCompleteV2 = MainApi + "/file/upload_complete/v2"
+	S3Complete       = MainApi + "/file/s3_complete_multipart_upload"
+	//AuthKeySalt      = "8-8D$sL8gPjom7bk#cY"
 )

 func (d *Pan123) login() error {
@ -42,9 +49,18 @@ func (d *Pan123) login() error {
 		body = base.Json{
 			"passport": d.Username,
 			"password": d.Password,
+			"remember": true,
 		}
 	}
 	res, err := base.RestyClient.R().
+		SetHeaders(map[string]string{
+			"origin":      "https://www.123pan.com",
+			"referer":     "https://www.123pan.com/",
+			"user-agent":  "Dart/2.19(dart:io)",
+			"platform":    "android",
+			"app-version": "36",
+			//"user-agent":  base.UserAgent,
+		}).
 		SetBody(body).Post(SignIn)
 	if err != nil {
 		return err
@ -57,13 +73,30 @@ func (d *Pan123) login() error {
 	return err
 }

+//func authKey(reqUrl string) (*string, error) {
+//	reqURL, err := url.Parse(reqUrl)
+//	if err != nil {
+//		return nil, err
+//	}
+//
+//	nowUnix := time.Now().Unix()
+//	random := rand.Intn(0x989680)
+//
+//	p4 := fmt.Sprintf("%d|%d|%s|%s|%s|%s", nowUnix, random, reqURL.Path, "web", "3", AuthKeySalt)
+//	authKey := fmt.Sprintf("%d-%d-%x", nowUnix, random, md5.Sum([]byte(p4)))
+//	return &authKey, nil
+//}
+
 func (d *Pan123) request(url string, method string, callback base.ReqCallback, resp interface{}) ([]byte, error) {
 	req := base.RestyClient.R()
 	req.SetHeaders(map[string]string{
 		"origin":        "https://www.123pan.com",
+		"referer":       "https://www.123pan.com/",
 		"authorization": "Bearer " + d.AccessToken,
-		"platform":      "web",
-		"app-version":   "1.2",
+		"user-agent":    "Dart/2.19(dart:io)",
+		"platform":      "android",
+		"app-version":   "36",
+		//"user-agent":    base.UserAgent,
 	})
 	if callback != nil {
 		callback(req)
@ -71,6 +104,11 @@ func (d *Pan123) request(url string, method string, callback base.ReqCallback, r
 	if resp != nil {
 		req.SetResult(resp)
 	}
+	//authKey, err := authKey(url)
+	//if err != nil {
+	//	return nil, err
+	//}
+	//req.SetQueryParam("auth-key", *authKey)
 	res, err := req.Execute(method, url)
 	if err != nil {
 		return nil, err
--- a/drivers/123_share/driver.go
+++ b/drivers/123_share/driver.go
@ -0,0 +1,149 @@
+package _123Share
+
+import (
+	"context"
+	"encoding/base64"
+	"fmt"
+	"net/http"
+	"net/url"
+
+	"github.com/alist-org/alist/v3/drivers/base"
+	"github.com/alist-org/alist/v3/internal/driver"
+	"github.com/alist-org/alist/v3/internal/errs"
+	"github.com/alist-org/alist/v3/internal/model"
+	"github.com/alist-org/alist/v3/pkg/utils"
+	"github.com/go-resty/resty/v2"
+	log "github.com/sirupsen/logrus"
+)
+
+type Pan123Share struct {
+	model.Storage
+	Addition
+}
+
+func (d *Pan123Share) Config() driver.Config {
+	return config
+}
+
+func (d *Pan123Share) GetAddition() driver.Additional {
+	return &d.Addition
+}
+
+func (d *Pan123Share) Init(ctx context.Context) error {
+	// TODO login / refresh token
+	//op.MustSaveDriverStorage(d)
+	return nil
+}
+
+func (d *Pan123Share) Drop(ctx context.Context) error {
+	return nil
+}
+
+func (d *Pan123Share) List(ctx context.Context, dir model.Obj, args model.ListArgs) ([]model.Obj, error) {
+	// TODO return the files list, required
+	files, err := d.getFiles(dir.GetID())
+	if err != nil {
+		return nil, err
+	}
+	return utils.SliceConvert(files, func(src File) (model.Obj, error) {
+		return src, nil
+	})
+}
+
+func (d *Pan123Share) Link(ctx context.Context, file model.Obj, args model.LinkArgs) (*model.Link, error) {
+	// TODO return link of file, required
+	if f, ok := file.(File); ok {
+		//var resp DownResp
+		var headers map[string]string
+		if !utils.IsLocalIPAddr(args.IP) {
+			headers = map[string]string{
+				//"X-Real-IP":       "1.1.1.1",
+				"X-Forwarded-For": args.IP,
+			}
+		}
+		data := base.Json{
+			"shareKey":  d.ShareKey,
+			"SharePwd":  d.SharePwd,
+			"etag":      f.Etag,
+			"fileId":    f.FileId,
+			"s3keyFlag": f.S3KeyFlag,
+			"size":      f.Size,
+		}
+		resp, err := d.request(DownloadInfo, http.MethodPost, func(req *resty.Request) {
+			req.SetBody(data).SetHeaders(headers)
+		}, nil)
+		if err != nil {
+			return nil, err
+		}
+		downloadUrl := utils.Json.Get(resp, "data", "DownloadURL").ToString()
+		u, err := url.Parse(downloadUrl)
+		if err != nil {
+			return nil, err
+		}
+		nu := u.Query().Get("params")
+		if nu != "" {
+			du, _ := base64.StdEncoding.DecodeString(nu)
+			u, err = url.Parse(string(du))
+			if err != nil {
+				return nil, err
+			}
+		}
+		u_ := u.String()
+		log.Debug("download url: ", u_)
+		res, err := base.NoRedirectClient.R().SetHeader("Referer", "https://www.123pan.com/").Get(u_)
+		if err != nil {
+			return nil, err
+		}
+		log.Debug(res.String())
+		link := model.Link{
+			URL: u_,
+		}
+		log.Debugln("res code: ", res.StatusCode())
+		if res.StatusCode() == 302 {
+			link.URL = res.Header().Get("location")
+		} else if res.StatusCode() < 300 {
+			link.URL = utils.Json.Get(res.Body(), "data", "redirect_url").ToString()
+		}
+		link.Header = http.Header{
+			"Referer": []string{"https://www.123pan.com/"},
+		}
+		return &link, nil
+	}
+	return nil, fmt.Errorf("can't convert obj")
+}
+
+func (d *Pan123Share) MakeDir(ctx context.Context, parentDir model.Obj, dirName string) error {
+	// TODO create folder, optional
+	return errs.NotSupport
+}
+
+func (d *Pan123Share) Move(ctx context.Context, srcObj, dstDir model.Obj) error {
+	// TODO move obj, optional
+	return errs.NotSupport
+}
+
+func (d *Pan123Share) Rename(ctx context.Context, srcObj model.Obj, newName string) error {
+	// TODO rename obj, optional
+	return errs.NotSupport
+}
+
+func (d *Pan123Share) Copy(ctx context.Context, srcObj, dstDir model.Obj) error {
+	// TODO copy obj, optional
+	return errs.NotSupport
+}
+
+func (d *Pan123Share) Remove(ctx context.Context, obj model.Obj) error {
+	// TODO remove obj, optional
+	return errs.NotSupport
+}
+
+func (d *Pan123Share) Put(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) error {
+	// TODO upload file, optional
+	return errs.NotSupport
+}
+
+//func (d *Pan123Share) Other(ctx context.Context, args model.OtherArgs) (interface{}, error) {
+//	return nil, errs.NotSupport
+//}
+
+var _ driver.Driver = (*Pan123Share)(nil)
--- a/drivers/123_share/meta.go
+++ b/drivers/123_share/meta.go
@ -0,0 +1,34 @@
+package _123Share
+
+import (
+	"github.com/alist-org/alist/v3/internal/driver"
+	"github.com/alist-org/alist/v3/internal/op"
+)
+
+type Addition struct {
+	ShareKey string `json:"sharekey" required:"true"`
+	SharePwd string `json:"sharepassword" required:"true"`
+	driver.RootID
+	OrderBy        string `json:"order_by" type:"select" options:"file_name,size,update_at" default:"file_name"`
+	OrderDirection string `json:"order_direction" type:"select" options:"asc,desc" default:"asc"`
+}
+
+var config = driver.Config{
+	Name:              "123PanShare",
+	LocalSort:         true,
+	OnlyLocal:         false,
+	OnlyProxy:         false,
+	NoCache:           false,
+	NoUpload:          true,
+	NeedMs:            false,
+	DefaultRoot:       "0",
+	CheckStatus:       false,
+	Alert:             "",
+	NoOverwriteUpload: false,
+}
+
+func init() {
+	op.RegisterDriver(func() driver.Driver {
+		return &Pan123Share{}
+	})
+}
--- a/drivers/123_share/types.go
+++ b/drivers/123_share/types.go
@ -0,0 +1,91 @@
+package _123Share
+
+import (
+	"net/url"
+	"path"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/alist-org/alist/v3/internal/model"
+)
+
+type File struct {
+	FileName    string    `json:"FileName"`
+	Size        int64     `json:"Size"`
+	UpdateAt    time.Time `json:"UpdateAt"`
+	FileId      int64     `json:"FileId"`
+	Type        int       `json:"Type"`
+	Etag        string    `json:"Etag"`
+	S3KeyFlag   string    `json:"S3KeyFlag"`
+	DownloadUrl string    `json:"DownloadUrl"`
+}
+
+func (f File) GetPath() string {
+	return ""
+}
+
+func (f File) GetSize() int64 {
+	return f.Size
+}
+
+func (f File) GetName() string {
+	return f.FileName
+}
+
+func (f File) ModTime() time.Time {
+	return f.UpdateAt
+}
+
+func (f File) IsDir() bool {
+	return f.Type == 1
+}
+
+func (f File) GetID() string {
+	return strconv.FormatInt(f.FileId, 10)
+}
+
+func (f File) Thumb() string {
+	if f.DownloadUrl == "" {
+		return ""
+	}
+	du, err := url.Parse(f.DownloadUrl)
+	if err != nil {
+		return ""
+	}
+	du.Path = strings.TrimSuffix(du.Path, "_24_24") + "_70_70"
+	query := du.Query()
+	query.Set("w", "70")
+	query.Set("h", "70")
+	if !query.Has("type") {
+		query.Set("type", strings.TrimPrefix(path.Base(f.FileName), "."))
+	}
+	if !query.Has("trade_key") {
+		query.Set("trade_key", "123pan-thumbnail")
+	}
+	du.RawQuery = query.Encode()
+	return du.String()
+}
+
+var _ model.Obj = (*File)(nil)
+var _ model.Thumb = (*File)(nil)
+
+//func (f File) Thumb() string {
+//
+//}
+//var _ model.Thumb = (*File)(nil)
+
+type Files struct {
+	//BaseResp
+	Data struct {
+		InfoList []File `json:"InfoList"`
+		Next     string `json:"Next"`
+	} `json:"data"`
+}
+
+//type DownResp struct {
+//	//BaseResp
+//	Data struct {
+//		DownloadUrl string `json:"DownloadUrl"`
+//	} `json:"data"`
+//}
--- a/drivers/123_share/util.go
+++ b/drivers/123_share/util.go
@ -0,0 +1,81 @@
+package _123Share
+
+import (
+	"errors"
+	"net/http"
+	"strconv"
+
+	"github.com/alist-org/alist/v3/drivers/base"
+	"github.com/alist-org/alist/v3/pkg/utils"
+	"github.com/go-resty/resty/v2"
+	jsoniter "github.com/json-iterator/go"
+)
+
+const (
+	Api          = "https://www.123pan.com/api"
+	AApi         = "https://www.123pan.com/a/api"
+	BApi         = "https://www.123pan.com/b/api"
+	MainApi      = Api
+	FileList     = MainApi + "/share/get"
+	DownloadInfo = MainApi + "/share/download/info"
+	//AuthKeySalt      = "8-8D$sL8gPjom7bk#cY"
+)
+
+func (d *Pan123Share) request(url string, method string, callback base.ReqCallback, resp interface{}) ([]byte, error) {
+	req := base.RestyClient.R()
+	req.SetHeaders(map[string]string{
+		"origin":      "https://www.123pan.com",
+		"referer":     "https://www.123pan.com/",
+		"user-agent":  "Dart/2.19(dart:io)",
+		"platform":    "android",
+		"app-version": "36",
+	})
+	if callback != nil {
+		callback(req)
+	}
+	if resp != nil {
+		req.SetResult(resp)
+	}
+	res, err := req.Execute(method, url)
+	if err != nil {
+		return nil, err
+	}
+	body := res.Body()
+	code := utils.Json.Get(body, "code").ToInt()
+	if code != 0 {
+		return nil, errors.New(jsoniter.Get(body, "message").ToString())
+	}
+	return body, nil
+}
+
+func (d *Pan123Share) getFiles(parentId string) ([]File, error) {
+	page := 1
+	res := make([]File, 0)
+	for {
+		var resp Files
+		query := map[string]string{
+			"limit":          "100",
+			"next":           "0",
+			"orderBy":        d.OrderBy,
+			"orderDirection": d.OrderDirection,
+			"parentFileId":   parentId,
+			"Page":           strconv.Itoa(page),
+			"shareKey":       d.ShareKey,
+			"SharePwd":       d.SharePwd,
+		}
+		_, err := d.request(FileList, http.MethodGet, func(req *resty.Request) {
+			req.SetQueryParams(query)
+		}, &resp)
+		if err != nil {
+			return nil, err
+		}
+		page++
+		res = append(res, resp.Data.InfoList...)
+		if len(resp.Data.InfoList) == 0 || resp.Data.Next == "-1" {
+			break
+		}
+	}
+	return res, nil
+}
+
+// do others that not defined in Driver interface
--- a/drivers/139/driver.go
+++ b/drivers/139/driver.go
@ -2,10 +2,12 @@ package _139

 import (
 	"context"
+	"encoding/base64"
 	"fmt"
 	"io"
 	"net/http"
 	"strconv"
+	"strings"

 	"github.com/alist-org/alist/v3/drivers/base"
 	"github.com/alist-org/alist/v3/internal/driver"
@ -18,6 +20,7 @@ import (
 type Yun139 struct {
 	model.Storage
 	Addition
+	Account string
 }

 func (d *Yun139) Config() driver.Config {
@ -29,7 +32,20 @@ func (d *Yun139) GetAddition() driver.Additional {
 }

 func (d *Yun139) Init(ctx context.Context) error {
-	_, err := d.post("/orchestration/personalCloud/user/v1.0/qryUserExternInfo", base.Json{
+	if d.Authorization == "" {
+		return fmt.Errorf("authorization is empty")
+	}
+	decode, err := base64.StdEncoding.DecodeString(d.Authorization)
+	if err != nil {
+		return err
+	}
+	decodeStr := string(decode)
+	splits := strings.Split(decodeStr, ":")
+	if len(splits) < 2 {
+		return fmt.Errorf("authorization is invalid, splits < 2")
+	}
+	d.Account = splits[1]
+	_, err = d.post("/orchestration/personalCloud/user/v1.0/qryUserExternInfo", base.Json{
 		"qryUserExternInfoReq": base.Json{
 			"commonAccountInfo": base.Json{
 				"account":     d.Account,
@ -284,6 +300,9 @@ func (d *Yun139) Put(ctx context.Context, dstDir model.Obj, stream model.FileStr

 	var partSize = getPartSize(stream.GetSize())
 	part := (stream.GetSize() + partSize - 1) / partSize
+	if part == 0 {
+		part = 1
+	}
 	for i := int64(0); i < part; i++ {
 		if utils.IsCanceled(ctx) {
 			return ctx.Err()
@ -315,13 +334,11 @@ func (d *Yun139) Put(ctx context.Context, dstDir model.Obj, stream model.FileStr
 		if err != nil {
 			return err
 		}
+		_ = res.Body.Close()
 		log.Debugf("%+v", res)
-
 		if res.StatusCode != http.StatusOK {
 			return fmt.Errorf("unexpected status code: %d", res.StatusCode)
 		}
-
-		res.Body.Close()
 	}

 	return nil
--- a/drivers/139/meta.go
+++ b/drivers/139/meta.go
@ -6,8 +6,8 @@ import (
 )

 type Addition struct {
-	Account string `json:"account" required:"true"`
-	Cookie  string `json:"cookie" type:"text" required:"true"`
+	//Account       string `json:"account" required:"true"`
+	Authorization string `json:"authorization" type:"text" required:"true"`
 	driver.RootID
 	Type    string `json:"type" type:"select" options:"personal,family" default:"personal"`
 	CloudID string `json:"cloud_id"`
--- a/drivers/139/util.go
+++ b/drivers/139/util.go
@ -42,8 +42,8 @@ func calSign(body, ts, randStr string) string {
 	sort.Strings(strs)
 	body = strings.Join(strs, "")
 	body = base64.StdEncoding.EncodeToString([]byte(body))
-	res := utils.GetMD5Encode(body) + utils.GetMD5Encode(ts+":"+randStr)
-	res = strings.ToUpper(utils.GetMD5Encode(res))
+	res := utils.GetMD5EncodeStr(body) + utils.GetMD5EncodeStr(ts+":"+randStr)
+	res = strings.ToUpper(utils.GetMD5EncodeStr(res))
 	return res
 }

@ -72,7 +72,7 @@ func (d *Yun139) request(pathname string, method string, callback base.ReqCallba
 	req.SetHeaders(map[string]string{
 		"Accept":         "application/json, text/plain, */*",
 		"CMS-DEVICE":     "default",
-		"Cookie":         d.Cookie,
+		"Authorization":  "Basic " + d.Authorization,
 		"mcloud-channel": "1000101",
 		"mcloud-client":  "10701",
 		//"mcloud-route": "001",
--- a/drivers/189/util.go
+++ b/drivers/189/util.go
@ -385,7 +385,7 @@ func (d *Cloud189) newUpload(ctx context.Context, dstDir model.Obj, file model.F
 	fileMd5 := hex.EncodeToString(md5Sum.Sum(nil))
 	sliceMd5 := fileMd5
 	if file.GetSize() > DEFAULT {
-		sliceMd5 = utils.GetMD5Encode(strings.Join(md5s, "\n"))
+		sliceMd5 = utils.GetMD5EncodeStr(strings.Join(md5s, "\n"))
 	}
 	res, err = d.uploadRequest("/person/commitMultiUploadFile", map[string]string{
 		"uploadFileId": uploadFileId,
--- a/drivers/189pc/driver.go
+++ b/drivers/189pc/driver.go
@ -4,9 +4,11 @@ import (
 	"context"
 	"net/http"
 	"strings"
+	"time"

 	"github.com/alist-org/alist/v3/drivers/base"
 	"github.com/alist-org/alist/v3/internal/driver"
+	"github.com/alist-org/alist/v3/internal/errs"
 	"github.com/alist-org/alist/v3/internal/model"
 	"github.com/alist-org/alist/v3/pkg/utils"
 	"github.com/go-resty/resty/v2"
@ -51,7 +53,7 @@ func (y *Cloud189PC) Init(ctx context.Context) (err error) {
 	}

 	// 避免重复登陆
-	identity := utils.GetMD5Encode(y.Username + y.Password)
+	identity := utils.GetMD5EncodeStr(y.Username + y.Password)
 	if !y.isLogin() || y.identity != identity {
 		y.identity = identity
 		if err = y.login(); err != nil {
@ -135,13 +137,14 @@ func (y *Cloud189PC) Link(ctx context.Context, file model.Obj, args model.LinkAr
 	return like, nil
 }

-func (y *Cloud189PC) MakeDir(ctx context.Context, parentDir model.Obj, dirName string) error {
+func (y *Cloud189PC) MakeDir(ctx context.Context, parentDir model.Obj, dirName string) (model.Obj, error) {
 	fullUrl := API_URL
 	if y.isFamily() {
 		fullUrl += "/family/file"
 	}
 	fullUrl += "/createFolder.action"

+	var newFolder Cloud189Folder
 	_, err := y.post(fullUrl, func(req *resty.Request) {
 		req.SetContext(ctx)
 		req.SetQueryParams(map[string]string{
@ -158,11 +161,15 @@ func (y *Cloud189PC) MakeDir(ctx context.Context, parentDir model.Obj, dirName s
 				"parentFolderId": parentDir.GetID(),
 			})
 		}
-	}, nil)
-	return err
+	}, &newFolder)
+	if err != nil {
+		return nil, err
+	}
+	return &newFolder, nil
 }

-func (y *Cloud189PC) Move(ctx context.Context, srcObj, dstDir model.Obj) error {
+func (y *Cloud189PC) Move(ctx context.Context, srcObj, dstDir model.Obj) (model.Obj, error) {
+	var resp CreateBatchTaskResp
 	_, err := y.post(API_URL+"/batch/createBatchTask.action", func(req *resty.Request) {
 		req.SetContext(ctx)
 		req.SetFormData(map[string]string{
@ -182,11 +189,17 @@ func (y *Cloud189PC) Move(ctx context.Context, srcObj, dstDir model.Obj) error {
 				"familyId": y.FamilyID,
 			})
 		}
-	}, nil)
-	return err
+	}, &resp)
+	if err != nil {
+		return nil, err
+	}
+	if err = y.WaitBatchTask("MOVE", resp.TaskID, time.Millisecond*400); err != nil {
+		return nil, err
+	}
+	return srcObj, nil
 }

-func (y *Cloud189PC) Rename(ctx context.Context, srcObj model.Obj, newName string) error {
+func (y *Cloud189PC) Rename(ctx context.Context, srcObj model.Obj, newName string) (model.Obj, error) {
 	queryParam := make(map[string]string)
 	fullUrl := API_URL
 	method := http.MethodPost
@ -195,23 +208,34 @@ func (y *Cloud189PC) Rename(ctx context.Context, srcObj model.Obj, newName strin
 		method = http.MethodGet
 		queryParam["familyId"] = y.FamilyID
 	}
-	if srcObj.IsDir() {
-		fullUrl += "/renameFolder.action"
-		queryParam["folderId"] = srcObj.GetID()
-		queryParam["destFolderName"] = newName
-	} else {
+
+	var newObj model.Obj
+	switch f := srcObj.(type) {
+	case *Cloud189File:
 		fullUrl += "/renameFile.action"
 		queryParam["fileId"] = srcObj.GetID()
 		queryParam["destFileName"] = newName
+		newObj = &Cloud189File{Icon: f.Icon} // 复用预览
+	case *Cloud189Folder:
+		fullUrl += "/renameFolder.action"
+		queryParam["folderId"] = srcObj.GetID()
+		queryParam["destFolderName"] = newName
+		newObj = &Cloud189Folder{}
+	default:
+		return nil, errs.NotSupport
 	}
+
 	_, err := y.request(fullUrl, method, func(req *resty.Request) {
-		req.SetContext(ctx)
-		req.SetQueryParams(queryParam)
-	}, nil, nil)
-	return err
+		req.SetContext(ctx).SetQueryParams(queryParam)
+	}, nil, newObj)
+	if err != nil {
+		return nil, err
+	}
+	return newObj, nil
 }

 func (y *Cloud189PC) Copy(ctx context.Context, srcObj, dstDir model.Obj) error {
+	var resp CreateBatchTaskResp
 	_, err := y.post(API_URL+"/batch/createBatchTask.action", func(req *resty.Request) {
 		req.SetContext(ctx)
 		req.SetFormData(map[string]string{
@ -232,11 +256,15 @@ func (y *Cloud189PC) Copy(ctx context.Context, srcObj, dstDir model.Obj) error {
 				"familyId": y.FamilyID,
 			})
 		}
-	}, nil)
-	return err
+	}, &resp)
+	if err != nil {
+		return err
+	}
+	return y.WaitBatchTask("COPY", resp.TaskID, time.Second)
 }

 func (y *Cloud189PC) Remove(ctx context.Context, obj model.Obj) error {
+	var resp CreateBatchTaskResp
 	_, err := y.post(API_URL+"/batch/createBatchTask.action", func(req *resty.Request) {
 		req.SetContext(ctx)
 		req.SetFormData(map[string]string{
@ -256,19 +284,26 @@ func (y *Cloud189PC) Remove(ctx context.Context, obj model.Obj) error {
 				"familyId": y.FamilyID,
 			})
 		}
-	}, nil)
-	return err
+	}, &resp)
+	if err != nil {
+		return err
+	}
+	// 批量任务数量限制，过快会导致无法删除
+	return y.WaitBatchTask("DELETE", resp.TaskID, time.Millisecond*200)
 }

-func (y *Cloud189PC) Put(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) error {
+func (y *Cloud189PC) Put(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) (model.Obj, error) {
 	switch y.UploadMethod {
-	case "stream":
-		return y.CommonUpload(ctx, dstDir, stream, up)
 	case "old":
 		return y.OldUpload(ctx, dstDir, stream, up)
 	case "rapid":
 		return y.FastUpload(ctx, dstDir, stream, up)
+	case "stream":
+		if stream.GetSize() == 0 {
+			return y.FastUpload(ctx, dstDir, stream, up)
+		}
+		fallthrough
 	default:
-		return y.CommonUpload(ctx, dstDir, stream, up)
+		return y.StreamUpload(ctx, dstDir, stream, up)
 	}
 }
--- a/drivers/189pc/help.go
+++ b/drivers/189pc/help.go
@ -10,6 +10,7 @@ import (
 	"crypto/x509"
 	"encoding/hex"
 	"encoding/pem"
+	"encoding/xml"
 	"fmt"
 	"math"
 	"net/http"
@ -83,6 +84,55 @@ func MustParseTime(str string) *time.Time {
 	return &lastOpTime
 }

+type Time time.Time
+
+func (t *Time) UnmarshalJSON(b []byte) error { return t.Unmarshal(b) }
+func (t *Time) UnmarshalXML(e *xml.Decoder, ee xml.StartElement) error {
+	b, err := e.Token()
+	if err != nil {
+		return err
+	}
+	if b, ok := b.(xml.CharData); ok {
+		if err = t.Unmarshal(b); err != nil {
+			return err
+		}
+	}
+	return e.Skip()
+}
+func (t *Time) Unmarshal(b []byte) error {
+	bs := strings.Trim(string(b), "\"")
+	var v time.Time
+	var err error
+	for _, f := range []string{"2006-01-02 15:04:05 -07", "Jan 2, 2006 15:04:05 PM -07"} {
+		v, err = time.ParseInLocation(f, bs+" +08", time.Local)
+		if err == nil {
+			break
+		}
+	}
+	*t = Time(v)
+	return err
+}
+
+type String string
+
+func (t *String) UnmarshalJSON(b []byte) error { return t.Unmarshal(b) }
+func (t *String) UnmarshalXML(e *xml.Decoder, ee xml.StartElement) error {
+	b, err := e.Token()
+	if err != nil {
+		return err
+	}
+	if b, ok := b.(xml.CharData); ok {
+		if err = t.Unmarshal(b); err != nil {
+			return err
+		}
+	}
+	return e.Skip()
+}
+func (s *String) Unmarshal(b []byte) error {
+	*s = String(bytes.Trim(b, "\""))
+	return nil
+}
+
 func toFamilyOrderBy(o string) string {
 	switch o {
 	case "filename":
@ -122,10 +172,6 @@ func MustString(str string, err error) string {
 	return str
 }

-func MustToBytes(b []byte, err error) []byte {
-	return b
-}
-
 func BoolToNumber(b bool) int {
 	if b {
 		return 1
--- a/drivers/189pc/types.go
+++ b/drivers/189pc/types.go
@ -151,8 +151,13 @@ type FamilyInfoResp struct {
 /*文件部分*/
 // 文件
 type Cloud189File struct {
-	CreateDate string `json:"createDate"`
-	FileCata   int64  `json:"fileCata"`
+	ID   String `json:"id"`
+	Name string `json:"name"`
+	Size int64  `json:"size"`
+	Md5  string `json:"md5"`
+
+	LastOpTime Time `json:"lastOpTime"`
+	CreateDate Time `json:"createDate"`
 	Icon       struct {
 		//iconOption 5
 		SmallUrl string `json:"smallUrl"`
@ -162,62 +167,44 @@ type Cloud189File struct {
 		Max600    string `json:"max600"`
 		MediumURL string `json:"mediumUrl"`
 	} `json:"icon"`
-	ID          int64  `json:"id"`
-	LastOpTime  string `json:"lastOpTime"`
-	Md5         string `json:"md5"`
-	MediaType   int    `json:"mediaType"`
-	Name        string `json:"name"`
-	Orientation int64  `json:"orientation"`
-	Rev         string `json:"rev"`
-	Size        int64  `json:"size"`
-	StarLabel   int64  `json:"starLabel"`

-	parseTime *time.Time
+	// Orientation int64  `json:"orientation"`
+	// FileCata   int64  `json:"fileCata"`
+	// MediaType   int    `json:"mediaType"`
+	// Rev         string `json:"rev"`
+	// StarLabel   int64  `json:"starLabel"`
 }

-func (c *Cloud189File) GetSize() int64  { return c.Size }
-func (c *Cloud189File) GetName() string { return c.Name }
-func (c *Cloud189File) ModTime() time.Time {
-	if c.parseTime == nil {
-		c.parseTime = MustParseTime(c.LastOpTime)
-	}
-	return *c.parseTime
-}
-func (c *Cloud189File) IsDir() bool     { return false }
-func (c *Cloud189File) GetID() string   { return fmt.Sprint(c.ID) }
-func (c *Cloud189File) GetPath() string { return "" }
-func (c *Cloud189File) Thumb() string   { return c.Icon.SmallUrl }
+func (c *Cloud189File) GetSize() int64     { return c.Size }
+func (c *Cloud189File) GetName() string    { return c.Name }
+func (c *Cloud189File) ModTime() time.Time { return time.Time(c.LastOpTime) }
+func (c *Cloud189File) IsDir() bool        { return false }
+func (c *Cloud189File) GetID() string      { return string(c.ID) }
+func (c *Cloud189File) GetPath() string    { return "" }
+func (c *Cloud189File) Thumb() string      { return c.Icon.SmallUrl }

 // 文件夹
 type Cloud189Folder struct {
-	ID       int64  `json:"id"`
+	ID       String `json:"id"`
 	ParentID int64  `json:"parentId"`
 	Name     string `json:"name"`

-	FileCata  int64 `json:"fileCata"`
-	FileCount int64 `json:"fileCount"`
+	LastOpTime Time `json:"lastOpTime"`
+	CreateDate Time `json:"createDate"`

-	LastOpTime string `json:"lastOpTime"`
-	CreateDate string `json:"createDate"`
-
-	FileListSize int64  `json:"fileListSize"`
-	Rev          string `json:"rev"`
-	StarLabel    int64  `json:"starLabel"`
-
-	parseTime *time.Time
+	// FileListSize int64 `json:"fileListSize"`
+	// FileCount int64 `json:"fileCount"`
+	// FileCata  int64 `json:"fileCata"`
+	// Rev          string `json:"rev"`
+	// StarLabel    int64  `json:"starLabel"`
 }

-func (c *Cloud189Folder) GetSize() int64  { return 0 }
-func (c *Cloud189Folder) GetName() string { return c.Name }
-func (c *Cloud189Folder) ModTime() time.Time {
-	if c.parseTime == nil {
-		c.parseTime = MustParseTime(c.LastOpTime)
-	}
-	return *c.parseTime
-}
-func (c *Cloud189Folder) IsDir() bool     { return true }
-func (c *Cloud189Folder) GetID() string   { return fmt.Sprint(c.ID) }
-func (c *Cloud189Folder) GetPath() string { return "" }
+func (c *Cloud189Folder) GetSize() int64     { return 0 }
+func (c *Cloud189Folder) GetName() string    { return c.Name }
+func (c *Cloud189Folder) ModTime() time.Time { return time.Time(c.LastOpTime) }
+func (c *Cloud189Folder) IsDir() bool        { return true }
+func (c *Cloud189Folder) GetID() string      { return string(c.ID) }
+func (c *Cloud189Folder) GetPath() string    { return "" }

 type Cloud189FilesResp struct {
 	//ResCode    int    `json:"res_code"`
@ -284,15 +271,60 @@ func (r *GetUploadFileStatusResp) GetSize() int64 {
 	return r.DataSize + r.Size
 }

-type CommitUploadFileResp struct {
+type CommitMultiUploadFileResp struct {
+	File struct {
+		UserFileID String `json:"userFileId"`
+		FileName   string `json:"fileName"`
+		FileSize   int64  `json:"fileSize"`
+		FileMd5    string `json:"fileMd5"`
+		CreateDate Time   `json:"createDate"`
+	} `json:"file"`
+}
+
+func (f *CommitMultiUploadFileResp) toFile() *Cloud189File {
+	return &Cloud189File{
+		ID:         f.File.UserFileID,
+		Name:       f.File.FileName,
+		Size:       f.File.FileSize,
+		Md5:        f.File.FileMd5,
+		LastOpTime: f.File.CreateDate,
+		CreateDate: f.File.CreateDate,
+	}
+}
+
+type OldCommitUploadFileResp struct {
 	XMLName    xml.Name `xml:"file"`
-	Id         string   `xml:"id"`
+	ID         String   `xml:"id"`
 	Name       string   `xml:"name"`
-	Size       string   `xml:"size"`
+	Size       int64    `xml:"size"`
 	Md5        string   `xml:"md5"`
-	CreateDate string   `xml:"createDate"`
-	Rev        string   `xml:"rev"`
-	UserId     string   `xml:"userId"`
+	CreateDate Time     `xml:"createDate"`
+}
+
+func (f *OldCommitUploadFileResp) toFile() *Cloud189File {
+	return &Cloud189File{
+		ID:         f.ID,
+		Name:       f.Name,
+		Size:       f.Size,
+		Md5:        f.Md5,
+		CreateDate: f.CreateDate,
+		LastOpTime: f.CreateDate,
+	}
+}
+
+type CreateBatchTaskResp struct {
+	TaskID string `json:"taskId"`
+}
+
+type BatchTaskStateResp struct {
+	FailedCount         int     `json:"failedCount"`
+	Process             int     `json:"process"`
+	SkipCount           int     `json:"skipCount"`
+	SubTaskCount        int     `json:"subTaskCount"`
+	SuccessedCount      int     `json:"successedCount"`
+	SuccessedFileIDList []int64 `json:"successedFileIdList"`
+	TaskID              string  `json:"taskId"`
+	TaskStatus          int     `json:"taskStatus"` //1 初始化 2 存在冲突 3 执行中，4 完成
 }

 /* query 加密参数*/
--- a/drivers/189pc/utils.go
+++ b/drivers/189pc/utils.go
@ -268,7 +268,7 @@ func (y *Cloud189PC) login() (err error) {
 			"validateCode": y.VCode,
 			"captchaToken": param.CaptchaToken,
 			"returnUrl":    RETURN_URL,
-			"mailSuffix":   "@189.cn",
+			// "mailSuffix":   "@189.cn",
 			"dynamicCheck": "FALSE",
 			"clientType":   CLIENT_TYPE,
 			"cb_SaveName":  "1",
@ -352,6 +352,7 @@ func (y *Cloud189PC) initLoginParam() error {

 	// 判断是否需要验证码
 	resp, err := y.client.R().
+		SetHeader("REQID", param.ReqId).
 		SetFormData(map[string]string{
 			"appKey":      APP_ID,
 			"accountType": ACCOUNT_TYPE,
@ -433,7 +434,8 @@ func (y *Cloud189PC) refreshSession() (err error) {
 }

 // 普通上传
-func (y *Cloud189PC) CommonUpload(ctx context.Context, dstDir model.Obj, file model.FileStreamer, up driver.UpdateProgress) (err error) {
+// 无法上传大小为0的文件
+func (y *Cloud189PC) StreamUpload(ctx context.Context, dstDir model.Obj, file model.FileStreamer, up driver.UpdateProgress) (model.Obj, error) {
 	var DEFAULT = partSize(file.GetSize())
 	var count = int(math.Ceil(float64(file.GetSize()) / float64(DEFAULT)))

@ -456,11 +458,11 @@ func (y *Cloud189PC) CommonUpload(ctx context.Context, dstDir model.Obj, file mo

 	// 初始化上传
 	var initMultiUpload InitMultiUploadResp
-	_, err = y.request(fullUrl+"/initMultiUpload", http.MethodGet, func(req *resty.Request) {
+	_, err := y.request(fullUrl+"/initMultiUpload", http.MethodGet, func(req *resty.Request) {
 		req.SetContext(ctx)
 	}, params, &initMultiUpload)
 	if err != nil {
-		return err
+		return nil, err
 	}

 	fileMd5 := md5.New()
@ -469,7 +471,7 @@ func (y *Cloud189PC) CommonUpload(ctx context.Context, dstDir model.Obj, file mo
 	byteData := bytes.NewBuffer(make([]byte, DEFAULT))
 	for i := 1; i <= count; i++ {
 		if utils.IsCanceled(ctx) {
-			return ctx.Err()
+			return nil, ctx.Err()
 		}

 		// 读取块
@ -477,7 +479,7 @@ func (y *Cloud189PC) CommonUpload(ctx context.Context, dstDir model.Obj, file mo
 		silceMd5.Reset()
 		_, err := io.CopyN(io.MultiWriter(fileMd5, silceMd5, byteData), file, DEFAULT)
 		if err != io.EOF && err != io.ErrUnexpectedEOF && err != nil {
-			return err
+			return nil, err
 		}

 		// 计算块md5并进行hex和base64编码
@ -495,7 +497,7 @@ func (y *Cloud189PC) CommonUpload(ctx context.Context, dstDir model.Obj, file mo
 				"uploadFileId": initMultiUpload.Data.UploadFileID,
 			}, &uploadUrl)
 		if err != nil {
-			return err
+			return nil, err
 		}

 		// 开始上传
@ -510,7 +512,7 @@ func (y *Cloud189PC) CommonUpload(ctx context.Context, dstDir model.Obj, file mo
 			retry.Delay(time.Second),
 			retry.MaxDelay(5*time.Second))
 		if err != nil {
-			return err
+			return nil, err
 		}
 		up(int(i * 100 / count))
 	}
@ -518,10 +520,11 @@ func (y *Cloud189PC) CommonUpload(ctx context.Context, dstDir model.Obj, file mo
 	fileMd5Hex := strings.ToUpper(hex.EncodeToString(fileMd5.Sum(nil)))
 	sliceMd5Hex := fileMd5Hex
 	if file.GetSize() > DEFAULT {
-		sliceMd5Hex = strings.ToUpper(utils.GetMD5Encode(strings.Join(silceMd5Hexs, "\n")))
+		sliceMd5Hex = strings.ToUpper(utils.GetMD5EncodeStr(strings.Join(silceMd5Hexs, "\n")))
 	}

 	// 提交上传
+	var resp CommitMultiUploadFileResp
 	_, err = y.request(fullUrl+"/commitMultiUploadFile", http.MethodGet,
 		func(req *resty.Request) {
 			req.SetContext(ctx)
@ -532,16 +535,19 @@ func (y *Cloud189PC) CommonUpload(ctx context.Context, dstDir model.Obj, file mo
 			"lazyCheck":    "1",
 			"isLog":        "0",
 			"opertype":     "3",
-		}, nil)
-	return err
+		}, &resp)
+	if err != nil {
+		return nil, err
+	}
+	return resp.toFile(), nil
 }

 // 快传
-func (y *Cloud189PC) FastUpload(ctx context.Context, dstDir model.Obj, file model.FileStreamer, up driver.UpdateProgress) (err error) {
+func (y *Cloud189PC) FastUpload(ctx context.Context, dstDir model.Obj, file model.FileStreamer, up driver.UpdateProgress) (model.Obj, error) {
 	// 需要获取完整文件md5,必须支持 io.Seek
-	tempFile, err := utils.CreateTempFile(file.GetReadCloser())
+	tempFile, err := utils.CreateTempFile(file.GetReadCloser(), file.GetSize())
 	if err != nil {
-		return err
+		return nil, err
 	}
 	defer func() {
 		_ = tempFile.Close()
@ -558,25 +564,25 @@ func (y *Cloud189PC) FastUpload(ctx context.Context, dstDir model.Obj, file mode
 	silceMd5Base64s := make([]string, 0, count)
 	for i := 1; i <= count; i++ {
 		if utils.IsCanceled(ctx) {
-			return ctx.Err()
+			return nil, ctx.Err()
 		}

 		silceMd5.Reset()
 		if _, err := io.CopyN(io.MultiWriter(fileMd5, silceMd5), tempFile, DEFAULT); err != nil && err != io.EOF && err != io.ErrUnexpectedEOF {
-			return err
+			return nil, err
 		}
 		md5Byte := silceMd5.Sum(nil)
 		silceMd5Hexs = append(silceMd5Hexs, strings.ToUpper(hex.EncodeToString(md5Byte)))
 		silceMd5Base64s = append(silceMd5Base64s, fmt.Sprint(i, "-", base64.StdEncoding.EncodeToString(md5Byte)))
 	}
 	if _, err = tempFile.Seek(0, io.SeekStart); err != nil {
-		return err
+		return nil, err
 	}

 	fileMd5Hex := strings.ToUpper(hex.EncodeToString(fileMd5.Sum(nil)))
 	sliceMd5Hex := fileMd5Hex
 	if file.GetSize() > DEFAULT {
-		sliceMd5Hex = strings.ToUpper(utils.GetMD5Encode(strings.Join(silceMd5Hexs, "\n")))
+		sliceMd5Hex = strings.ToUpper(utils.GetMD5EncodeStr(strings.Join(silceMd5Hexs, "\n")))
 	}

 	// 检测是否支持快传
@ -603,7 +609,7 @@ func (y *Cloud189PC) FastUpload(ctx context.Context, dstDir model.Obj, file mode
 		req.SetContext(ctx)
 	}, params, &uploadInfo)
 	if err != nil {
-		return err
+		return nil, err
 	}

 	// 网盘中不存在该文件，开始上传
@ -617,18 +623,18 @@ func (y *Cloud189PC) FastUpload(ctx context.Context, dstDir model.Obj, file mode
 				"partInfo":     strings.Join(silceMd5Base64s, ","),
 			}, &uploadUrls)
 		if err != nil {
-			return err
+			return nil, err
 		}

 		buf := make([]byte, DEFAULT)
 		for i := 1; i <= count; i++ {
 			if utils.IsCanceled(ctx) {
-				return ctx.Err()
+				return nil, ctx.Err()
 			}

 			n, err := io.ReadFull(tempFile, buf)
 			if err != nil && err != io.EOF && err != io.ErrUnexpectedEOF {
-				return err
+				return nil, err
 			}
 			uploadData := uploadUrls.UploadUrls[fmt.Sprint("partNumber_", i)]
 			err = retry.Do(func() error {
@ -640,7 +646,7 @@ func (y *Cloud189PC) FastUpload(ctx context.Context, dstDir model.Obj, file mode
 				retry.Delay(time.Second),
 				retry.MaxDelay(5*time.Second))
 			if err != nil {
-				return err
+				return nil, err
 			}

 			up(int(i * 100 / count))
@ -648,6 +654,7 @@ func (y *Cloud189PC) FastUpload(ctx context.Context, dstDir model.Obj, file mode
 	}

 	// 提交
+	var resp CommitMultiUploadFileResp
 	_, err = y.request(fullUrl+"/commitMultiUploadFile", http.MethodGet,
 		func(req *resty.Request) {
 			req.SetContext(ctx)
@ -655,15 +662,19 @@ func (y *Cloud189PC) FastUpload(ctx context.Context, dstDir model.Obj, file mode
 			"uploadFileId": uploadInfo.Data.UploadFileID,
 			"isLog":        "0",
 			"opertype":     "3",
-		}, nil)
-	return err
+		}, &resp)
+	if err != nil {
+		return nil, err
+	}
+	return resp.toFile(), nil
 }

-func (y *Cloud189PC) OldUpload(ctx context.Context, dstDir model.Obj, file model.FileStreamer, up driver.UpdateProgress) (err error) {
+// 旧版本上传，家庭云不支持覆盖
+func (y *Cloud189PC) OldUpload(ctx context.Context, dstDir model.Obj, file model.FileStreamer, up driver.UpdateProgress) (model.Obj, error) {
 	// 需要获取完整文件md5,必须支持 io.Seek
-	tempFile, err := utils.CreateTempFile(file.GetReadCloser())
+	tempFile, err := utils.CreateTempFile(file.GetReadCloser(), file.GetSize())
 	if err != nil {
-		return err
+		return nil, err
 	}
 	defer func() {
 		_ = tempFile.Close()
@ -673,10 +684,10 @@ func (y *Cloud189PC) OldUpload(ctx context.Context, dstDir model.Obj, file model
 	// 计算md5
 	fileMd5 := md5.New()
 	if _, err := io.Copy(fileMd5, tempFile); err != nil {
-		return err
+		return nil, err
 	}
 	if _, err = tempFile.Seek(0, io.SeekStart); err != nil {
-		return err
+		return nil, err
 	}
 	fileMd5Hex := strings.ToUpper(hex.EncodeToString(fileMd5.Sum(nil)))

@ -717,14 +728,14 @@ func (y *Cloud189PC) OldUpload(ctx context.Context, dstDir model.Obj, file model
 	}, &uploadInfo)

 	if err != nil {
-		return err
+		return nil, err
 	}

 	// 网盘中不存在该文件，开始上传
 	status := GetUploadFileStatusResp{CreateUploadFileResp: uploadInfo}
 	for status.Size < file.GetSize() && status.FileDataExists != 1 {
 		if utils.IsCanceled(ctx) {
-			return ctx.Err()
+			return nil, ctx.Err()
 		}

 		header := map[string]string{
@ -741,7 +752,7 @@ func (y *Cloud189PC) OldUpload(ctx context.Context, dstDir model.Obj, file model

 		_, err := y.put(ctx, status.FileUploadUrl, header, true, io.NopCloser(tempFile))
 		if err, ok := err.(*RespErr); ok && err.Code != "InputStreamReadError" {
-			return err
+			return nil, err
 		}

 		// 获取断点状态
@ -759,17 +770,17 @@ func (y *Cloud189PC) OldUpload(ctx context.Context, dstDir model.Obj, file model
 			}
 		}, &status)
 		if err != nil {
-			return err
+			return nil, err
 		}

 		if _, err := tempFile.Seek(status.GetSize(), io.SeekStart); err != nil {
-			return err
+			return nil, err
 		}
 		up(int(status.Size / file.GetSize()))
 	}

 	// 提交
-	var resp CommitUploadFileResp
+	var resp OldCommitUploadFileResp
 	_, err = y.post(status.FileCommitUrl, func(req *resty.Request) {
 		req.SetContext(ctx)
 		if y.isFamily() {
@ -787,7 +798,10 @@ func (y *Cloud189PC) OldUpload(ctx context.Context, dstDir model.Obj, file model
 			})
 		}
 	}, &resp)
-	return err
+	if err != nil {
+		return nil, err
+	}
+	return resp.toFile(), nil
 }

 func (y *Cloud189PC) isFamily() bool {
@ -828,3 +842,33 @@ func (y *Cloud189PC) getFamilyID() (string, error) {
 	}
 	return fmt.Sprint(infos[0].FamilyID), nil
 }
+
+func (y *Cloud189PC) CheckBatchTask(aType string, taskID string) (*BatchTaskStateResp, error) {
+	var resp BatchTaskStateResp
+	_, err := y.post(API_URL+"/batch/checkBatchTask.action", func(req *resty.Request) {
+		req.SetFormData(map[string]string{
+			"type":   aType,
+			"taskId": taskID,
+		})
+	}, &resp)
+	if err != nil {
+		return nil, err
+	}
+	return &resp, nil
+}
+
+func (y *Cloud189PC) WaitBatchTask(aType string, taskID string, t time.Duration) error {
+	for {
+		state, err := y.CheckBatchTask(aType, taskID)
+		if err != nil {
+			return err
+		}
+		switch state.TaskStatus {
+		case 2:
+			return errors.New("there is a conflict with the target object")
+		case 4:
+			return nil
+		}
+		time.Sleep(t)
+	}
+}
--- a/drivers/aliyundrive/driver.go
+++ b/drivers/aliyundrive/driver.go
@ -67,7 +67,7 @@ func (d *AliDrive) Init(ctx context.Context) error {
 		return nil
 	}
 	// init deviceID
-	deviceID := utils.GetSHA256Encode(d.UserID)
+	deviceID := utils.GetSHA256Encode([]byte(d.UserID))
 	// init privateKey
 	privateKey, _ := NewPrivateKeyFromHex(deviceID)
 	state := State{
@ -193,7 +193,7 @@ func (d *AliDrive) Put(ctx context.Context, dstDir model.Obj, stream model.FileS
 	if d.RapidUpload {
 		buf := bytes.NewBuffer(make([]byte, 0, 1024))
 		io.CopyN(buf, file, 1024)
-		reqBody["pre_hash"] = utils.GetSHA1Encode(buf.String())
+		reqBody["pre_hash"] = utils.GetSHA1Encode(buf.Bytes())
 		if localFile != nil {
 			if _, err := localFile.Seek(0, io.SeekStart); err != nil {
 				return err
@ -259,7 +259,7 @@ func (d *AliDrive) Put(ctx context.Context, dstDir model.Obj, stream model.FileS
 			(t.file.slice(o.toNumber(), Math.min(o.plus(8).toNumber(), t.file.size)))
 		*/
 		buf := make([]byte, 8)
-		r, _ := new(big.Int).SetString(utils.GetMD5Encode(d.AccessToken)[:16], 16)
+		r, _ := new(big.Int).SetString(utils.GetMD5EncodeStr(d.AccessToken)[:16], 16)
 		i := new(big.Int).SetInt64(file.GetSize())
 		o := new(big.Int).SetInt64(0)
 		if file.GetSize() > 0 {
--- a/drivers/aliyundrive_open/driver.go
+++ b/drivers/aliyundrive_open/driver.go
@ -2,11 +2,12 @@ package aliyundrive_open

 import (
 	"context"
-	"io"
-	"math"
+	"errors"
+	"fmt"
 	"net/http"
 	"time"

+	"github.com/Xhofe/rateg"
 	"github.com/alist-org/alist/v3/drivers/base"
 	"github.com/alist-org/alist/v3/internal/driver"
 	"github.com/alist-org/alist/v3/internal/errs"
@ -22,7 +23,7 @@ type AliyundriveOpen struct {

 	DriveId string

-	limitList func(ctx context.Context, dir model.Obj) ([]model.Obj, error)
+	limitList func(ctx context.Context, data base.Json) (*Files, error)
 	limitLink func(ctx context.Context, file model.Obj) (*model.Link, error)
 }

@ -35,13 +36,25 @@ func (d *AliyundriveOpen) GetAddition() driver.Additional {
 }

 func (d *AliyundriveOpen) Init(ctx context.Context) error {
+	if d.LIVPDownloadFormat == "" {
+		d.LIVPDownloadFormat = "jpeg"
+	}
+	if d.DriveType == "" {
+		d.DriveType = "default"
+	}
 	res, err := d.request("/adrive/v1.0/user/getDriveInfo", http.MethodPost, nil)
 	if err != nil {
 		return err
 	}
-	d.DriveId = utils.Json.Get(res, "default_drive_id").ToString()
-	d.limitList = utils.LimitRateCtx(d.list, time.Second/4)
-	d.limitLink = utils.LimitRateCtx(d.link, time.Second)
+	d.DriveId = utils.Json.Get(res, d.DriveType+"_drive_id").ToString()
+	d.limitList = rateg.LimitFnCtx(d.list, rateg.LimitFnOption{
+		Limit:  4,
+		Bucket: 1,
+	})
+	d.limitLink = rateg.LimitFnCtx(d.link, rateg.LimitFnOption{
+		Limit:  1,
+		Bucket: 1,
+	})
 	return nil
 }

@ -49,8 +62,11 @@ func (d *AliyundriveOpen) Drop(ctx context.Context) error {
 	return nil
 }

-func (d *AliyundriveOpen) list(ctx context.Context, dir model.Obj) ([]model.Obj, error) {
-	files, err := d.getFiles(dir.GetID())
+func (d *AliyundriveOpen) List(ctx context.Context, dir model.Obj, args model.ListArgs) ([]model.Obj, error) {
+	if d.limitList == nil {
+		return nil, fmt.Errorf("driver not init")
+	}
+	files, err := d.getFiles(ctx, dir.GetID())
 	if err != nil {
 		return nil, err
 	}
@ -59,10 +75,6 @@ func (d *AliyundriveOpen) list(ctx context.Context, dir model.Obj) ([]model.Obj,
 	})
 }

-func (d *AliyundriveOpen) List(ctx context.Context, dir model.Obj, args model.ListArgs) ([]model.Obj, error) {
-	return d.limitList(ctx, dir)
-}
-
 func (d *AliyundriveOpen) link(ctx context.Context, file model.Obj) (*model.Link, error) {
 	res, err := d.request("/adrive/v1.0/openFile/getDownloadUrl", http.MethodPost, func(req *resty.Request) {
 		req.SetBody(base.Json{
@ -75,6 +87,12 @@ func (d *AliyundriveOpen) link(ctx context.Context, file model.Obj) (*model.Link
 		return nil, err
 	}
 	url := utils.Json.Get(res, "url").ToString()
+	if url == "" {
+		if utils.Ext(file.GetName()) != "livp" {
+			return nil, errors.New("get download url failed: " + string(res))
+		}
+		url = utils.Json.Get(res, "streamsUrl", d.LIVPDownloadFormat).ToString()
+	}
 	exp := time.Hour
 	return &model.Link{
 		URL:        url,
@ -83,6 +101,9 @@ func (d *AliyundriveOpen) link(ctx context.Context, file model.Obj) (*model.Link
 }

 func (d *AliyundriveOpen) Link(ctx context.Context, file model.Obj, args model.LinkArgs) (*model.Link, error) {
+	if d.limitLink == nil {
+		return nil, fmt.Errorf("driver not init")
+	}
 	return d.limitLink(ctx, file)
 }

@ -150,59 +171,7 @@ func (d *AliyundriveOpen) Remove(ctx context.Context, obj model.Obj) error {
 }

 func (d *AliyundriveOpen) Put(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) error {
-	// rapid_upload is not currently supported
-	// 1. create
-	const DEFAULT int64 = 20971520
-	createData := base.Json{
-		"drive_id":        d.DriveId,
-		"parent_file_id":  dstDir.GetID(),
-		"name":            stream.GetName(),
-		"type":            "file",
-		"check_name_mode": "ignore",
-	}
-	count := 1
-	if stream.GetSize() > DEFAULT {
-		count = int(math.Ceil(float64(stream.GetSize()) / float64(DEFAULT)))
-		createData["part_info_list"] = makePartInfos(count)
-	}
-	var createResp CreateResp
-	_, err := d.request("/adrive/v1.0/openFile/create", http.MethodPost, func(req *resty.Request) {
-		req.SetBody(createData).SetResult(&createResp)
-	})
-	if err != nil {
-		return err
-	}
-	// 2. upload
-	preTime := time.Now()
-	for i := 1; i <= len(createResp.PartInfoList); i++ {
-		if utils.IsCanceled(ctx) {
-			return ctx.Err()
-		}
-		err = d.uploadPart(ctx, i, count, utils.NewMultiReadable(io.LimitReader(stream, DEFAULT)), &createResp, true)
-		if err != nil {
-			return err
-		}
-		if count > 0 {
-			up(i * 100 / count)
-		}
-		// refresh upload url if 50 minutes passed
-		if time.Since(preTime) > 50*time.Minute {
-			createResp.PartInfoList, err = d.getUploadUrl(count, createResp.FileId, createResp.UploadId)
-			if err != nil {
-				return err
-			}
-			preTime = time.Now()
-		}
-	}
-	// 3. complete
-	_, err = d.request("/adrive/v1.0/openFile/complete", http.MethodPost, func(req *resty.Request) {
-		req.SetBody(base.Json{
-			"drive_id":  d.DriveId,
-			"file_id":   createResp.FileId,
-			"upload_id": createResp.UploadId,
-		})
-	})
-	return err
+	return d.upload(ctx, dstDir, stream, up)
 }

 func (d *AliyundriveOpen) Other(ctx context.Context, args model.OtherArgs) (interface{}, error) {
--- a/drivers/aliyundrive_open/meta.go
+++ b/drivers/aliyundrive_open/meta.go
@ -6,16 +6,19 @@ import (
 )

 type Addition struct {
+	DriveType string `json:"drive_type" type:"select" options:"default,resource,backup" default:"default"`
 	driver.RootID
-	RefreshToken   string `json:"refresh_token" required:"true"`
-	OrderBy        string `json:"order_by" type:"select" options:"name,size,updated_at,created_at"`
-	OrderDirection string `json:"order_direction" type:"select" options:"ASC,DESC"`
-	OauthTokenURL  string `json:"oauth_token_url" default:"https://api.nn.ci/alist/ali_open/token"`
-	ClientID       string `json:"client_id" required:"false" help:"Keep it empty if you don't have one"`
-	ClientSecret   string `json:"client_secret" required:"false" help:"Keep it empty if you don't have one"`
-	RemoveWay      string `json:"remove_way" required:"true" type:"select" options:"trash,delete"`
-	InternalUpload bool   `json:"internal_upload" help:"If you are using Aliyun ECS is located in Beijing, you can turn it on to boost the upload speed"`
-	AccessToken    string
+	RefreshToken       string `json:"refresh_token" required:"true"`
+	OrderBy            string `json:"order_by" type:"select" options:"name,size,updated_at,created_at"`
+	OrderDirection     string `json:"order_direction" type:"select" options:"ASC,DESC"`
+	OauthTokenURL      string `json:"oauth_token_url" default:"https://api.xhofe.top/alist/ali_open/token"`
+	ClientID           string `json:"client_id" required:"false" help:"Keep it empty if you don't have one"`
+	ClientSecret       string `json:"client_secret" required:"false" help:"Keep it empty if you don't have one"`
+	RemoveWay          string `json:"remove_way" required:"true" type:"select" options:"trash,delete"`
+	RapidUpload        bool   `json:"rapid_upload" help:"If you enable this option, the file will be uploaded to the server first, so the progress will be incorrect"`
+	InternalUpload     bool   `json:"internal_upload" help:"If you are using Aliyun ECS is located in Beijing, you can turn it on to boost the upload speed"`
+	LIVPDownloadFormat string `json:"livp_download_format" type:"select" options:"jpeg,mov" default:"jpeg"`
+	AccessToken        string
 }

 var config = driver.Config{
--- a/drivers/aliyundrive_open/upload.go
+++ b/drivers/aliyundrive_open/upload.go
@ -0,0 +1,268 @@
+package aliyundrive_open
+
+import (
+	"bytes"
+	"context"
+	"crypto/sha1"
+	"encoding/base64"
+	"encoding/hex"
+	"fmt"
+	"io"
+	"math"
+	"net/http"
+	"os"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/alist-org/alist/v3/drivers/base"
+	"github.com/alist-org/alist/v3/internal/driver"
+	"github.com/alist-org/alist/v3/internal/model"
+	"github.com/alist-org/alist/v3/pkg/utils"
+	"github.com/go-resty/resty/v2"
+	log "github.com/sirupsen/logrus"
+)
+
+func makePartInfos(size int) []base.Json {
+	partInfoList := make([]base.Json, size)
+	for i := 0; i < size; i++ {
+		partInfoList[i] = base.Json{"part_number": 1 + i}
+	}
+	return partInfoList
+}
+
+func calPartSize(fileSize int64) int64 {
+	var partSize int64 = 20 * 1024 * 1024
+	if fileSize > partSize {
+		if fileSize > 1*1024*1024*1024*1024 { // file Size over 1TB
+			partSize = 5 * 1024 * 1024 * 1024 // file part size 5GB
+		} else if fileSize > 768*1024*1024*1024 { // over 768GB
+			partSize = 109951163 // ≈ 104.8576MB, split 1TB into 10,000 part
+		} else if fileSize > 512*1024*1024*1024 { // over 512GB
+			partSize = 82463373 // ≈ 78.6432MB
+		} else if fileSize > 384*1024*1024*1024 { // over 384GB
+			partSize = 54975582 // ≈ 52.4288MB
+		} else if fileSize > 256*1024*1024*1024 { // over 256GB
+			partSize = 41231687 // ≈ 39.3216MB
+		} else if fileSize > 128*1024*1024*1024 { // over 128GB
+			partSize = 27487791 // ≈ 26.2144MB
+		}
+	}
+	return partSize
+}
+
+func (d *AliyundriveOpen) getUploadUrl(count int, fileId, uploadId string) ([]PartInfo, error) {
+	partInfoList := makePartInfos(count)
+	var resp CreateResp
+	_, err := d.request("/adrive/v1.0/openFile/getUploadUrl", http.MethodPost, func(req *resty.Request) {
+		req.SetBody(base.Json{
+			"drive_id":       d.DriveId,
+			"file_id":        fileId,
+			"part_info_list": partInfoList,
+			"upload_id":      uploadId,
+		}).SetResult(&resp)
+	})
+	return resp.PartInfoList, err
+}
+
+func (d *AliyundriveOpen) uploadPart(ctx context.Context, i, count int, reader *utils.MultiReadable, resp *CreateResp, retry bool) error {
+	partInfo := resp.PartInfoList[i-1]
+	uploadUrl := partInfo.UploadUrl
+	if d.InternalUpload {
+		uploadUrl = strings.ReplaceAll(uploadUrl, "https://cn-beijing-data.aliyundrive.net/", "http://ccp-bj29-bj-1592982087.oss-cn-beijing-internal.aliyuncs.com/")
+	}
+	req, err := http.NewRequest("PUT", uploadUrl, reader)
+	if err != nil {
+		return err
+	}
+	req = req.WithContext(ctx)
+	res, err := base.HttpClient.Do(req)
+	if err != nil {
+		if retry {
+			reader.Reset()
+			return d.uploadPart(ctx, i, count, reader, resp, false)
+		}
+		return err
+	}
+	res.Body.Close()
+	if retry && res.StatusCode == http.StatusForbidden {
+		resp.PartInfoList, err = d.getUploadUrl(count, resp.FileId, resp.UploadId)
+		if err != nil {
+			return err
+		}
+		reader.Reset()
+		return d.uploadPart(ctx, i, count, reader, resp, false)
+	}
+	if res.StatusCode != http.StatusOK && res.StatusCode != http.StatusConflict {
+		return fmt.Errorf("upload status: %d", res.StatusCode)
+	}
+	return nil
+}
+
+func (d *AliyundriveOpen) normalUpload(ctx context.Context, stream model.FileStreamer, up driver.UpdateProgress, createResp CreateResp, count int, partSize int64) error {
+	log.Debugf("[aliyundive_open] normal upload")
+	// 2. upload
+	preTime := time.Now()
+	for i := 1; i <= len(createResp.PartInfoList); i++ {
+		if utils.IsCanceled(ctx) {
+			return ctx.Err()
+		}
+		err := d.uploadPart(ctx, i, count, utils.NewMultiReadable(io.LimitReader(stream, partSize)), &createResp, true)
+		if err != nil {
+			return err
+		}
+		if count > 0 {
+			up(i * 100 / count)
+		}
+		// refresh upload url if 50 minutes passed
+		if time.Since(preTime) > 50*time.Minute {
+			createResp.PartInfoList, err = d.getUploadUrl(count, createResp.FileId, createResp.UploadId)
+			if err != nil {
+				return err
+			}
+			preTime = time.Now()
+		}
+	}
+	// 3. complete
+	_, err := d.request("/adrive/v1.0/openFile/complete", http.MethodPost, func(req *resty.Request) {
+		req.SetBody(base.Json{
+			"drive_id":  d.DriveId,
+			"file_id":   createResp.FileId,
+			"upload_id": createResp.UploadId,
+		})
+	})
+	return err
+}
+
+type ProofRange struct {
+	Start int64
+	End   int64
+}
+
+func getProofRange(input string, size int64) (*ProofRange, error) {
+	if size == 0 {
+		return &ProofRange{}, nil
+	}
+	tmpStr := utils.GetMD5EncodeStr(input)[0:16]
+	tmpInt, err := strconv.ParseUint(tmpStr, 16, 64)
+	if err != nil {
+		return nil, err
+	}
+	index := tmpInt % uint64(size)
+	pr := &ProofRange{
+		Start: int64(index),
+		End:   int64(index) + 8,
+	}
+	if pr.End >= size {
+		pr.End = size
+	}
+	return pr, nil
+}
+
+func (d *AliyundriveOpen) calProofCode(file *os.File, fileSize int64) (string, error) {
+	proofRange, err := getProofRange(d.AccessToken, fileSize)
+	if err != nil {
+		return "", err
+	}
+	buf := make([]byte, proofRange.End-proofRange.Start)
+	_, err = file.ReadAt(buf, proofRange.Start)
+	if err != nil {
+		return "", err
+	}
+	return base64.StdEncoding.EncodeToString(buf), nil
+}
+
+func (d *AliyundriveOpen) upload(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) error {
+	// 1. create
+	// Part Size Unit: Bytes, Default: 20MB,
+	// Maximum number of slices 10,000, ≈195.3125GB
+	var partSize = calPartSize(stream.GetSize())
+	createData := base.Json{
+		"drive_id":        d.DriveId,
+		"parent_file_id":  dstDir.GetID(),
+		"name":            stream.GetName(),
+		"type":            "file",
+		"check_name_mode": "ignore",
+	}
+	count := int(math.Ceil(float64(stream.GetSize()) / float64(partSize)))
+	createData["part_info_list"] = makePartInfos(count)
+	// rapid upload
+	rapidUpload := stream.GetSize() > 100*1024 && d.RapidUpload
+	if rapidUpload {
+		log.Debugf("[aliyundrive_open] start cal pre_hash")
+		// read 1024 bytes to calculate pre hash
+		buf := bytes.NewBuffer(make([]byte, 0, 1024))
+		_, err := io.CopyN(buf, stream, 1024)
+		if err != nil {
+			return err
+		}
+		createData["size"] = stream.GetSize()
+		createData["pre_hash"] = utils.GetSHA1Encode(buf.Bytes())
+		// if support seek, seek to start
+		if localFile, ok := stream.(io.Seeker); ok {
+			if _, err := localFile.Seek(0, io.SeekStart); err != nil {
+				return err
+			}
+		} else {
+			// Put spliced head back to stream
+			stream.SetReadCloser(struct {
+				io.Reader
+				io.Closer
+			}{
+				Reader: io.MultiReader(buf, stream.GetReadCloser()),
+				Closer: stream.GetReadCloser(),
+			})
+		}
+	}
+	var createResp CreateResp
+	_, err, e := d.requestReturnErrResp("/adrive/v1.0/openFile/create", http.MethodPost, func(req *resty.Request) {
+		req.SetBody(createData).SetResult(&createResp)
+	})
+	if err != nil {
+		if e.Code != "PreHashMatched" || !rapidUpload {
+			return err
+		}
+		log.Debugf("[aliyundrive_open] pre_hash matched, start rapid upload")
+		// convert to local file
+		file, err := utils.CreateTempFile(stream, stream.GetSize())
+		if err != nil {
+			return err
+		}
+		_ = stream.GetReadCloser().Close()
+		stream.SetReadCloser(file)
+		// calculate full hash
+		h := sha1.New()
+		_, err = io.Copy(h, file)
+		if err != nil {
+			return err
+		}
+		delete(createData, "pre_hash")
+		createData["proof_version"] = "v1"
+		createData["content_hash_name"] = "sha1"
+		createData["content_hash"] = hex.EncodeToString(h.Sum(nil))
+		// seek to start
+		if _, err = file.Seek(0, io.SeekStart); err != nil {
+			return err
+		}
+		createData["proof_code"], err = d.calProofCode(file, stream.GetSize())
+		if err != nil {
+			return fmt.Errorf("cal proof code error: %s", err.Error())
+		}
+		_, err = d.request("/adrive/v1.0/openFile/create", http.MethodPost, func(req *resty.Request) {
+			req.SetBody(createData).SetResult(&createResp)
+		})
+		if err != nil {
+			return err
+		}
+		if createResp.RapidUpload {
+			log.Debugf("[aliyundrive_open] rapid upload success, file id: %s", createResp.FileId)
+			return nil
+		}
+		// failed to rapid upload, try normal upload
+		if _, err = file.Seek(0, io.SeekStart); err != nil {
+			return err
+		}
+	}
+	log.Debugf("[aliyundrive_open] create file success, resp: %+v", createResp)
+	return d.normalUpload(ctx, stream, up, createResp, count, partSize)
+}
--- a/drivers/aliyundrive_open/util.go
+++ b/drivers/aliyundrive_open/util.go
@ -5,12 +5,12 @@ import (
 	"errors"
 	"fmt"
 	"net/http"
-	"strings"

 	"github.com/alist-org/alist/v3/drivers/base"
 	"github.com/alist-org/alist/v3/internal/op"
 	"github.com/alist-org/alist/v3/pkg/utils"
 	"github.com/go-resty/resty/v2"
+	log "github.com/sirupsen/logrus"
 )

 // do others that not defined in Driver interface
@ -20,9 +20,9 @@ func (d *AliyundriveOpen) refreshToken() error {
 	if d.OauthTokenURL != "" && d.ClientID == "" {
 		url = d.OauthTokenURL
 	}
-	var resp base.TokenResp
+	//var resp base.TokenResp
 	var e ErrResp
-	_, err := base.RestyClient.R().
+	res, err := base.RestyClient.R().
 		ForceContentType("application/json").
 		SetBody(base.Json{
 			"client_id":     d.ClientID,
@ -30,24 +30,31 @@ func (d *AliyundriveOpen) refreshToken() error {
 			"grant_type":    "refresh_token",
 			"refresh_token": d.RefreshToken,
 		}).
-		SetResult(&resp).
+		//SetResult(&resp).
 		SetError(&e).
 		Post(url)
 	if err != nil {
 		return err
 	}
+	log.Debugf("[ali_open] refresh token response: %s", res.String())
 	if e.Code != "" {
 		return fmt.Errorf("failed to refresh token: %s", e.Message)
 	}
-	if resp.RefreshToken == "" {
+	refresh, access := utils.Json.Get(res.Body(), "refresh_token").ToString(), utils.Json.Get(res.Body(), "access_token").ToString()
+	if refresh == "" {
 		return errors.New("failed to refresh token: refresh token is empty")
 	}
-	d.RefreshToken, d.AccessToken = resp.RefreshToken, resp.AccessToken
+	d.RefreshToken, d.AccessToken = refresh, access
 	op.MustSaveDriverStorage(d)
 	return nil
 }

 func (d *AliyundriveOpen) request(uri, method string, callback base.ReqCallback, retry ...bool) ([]byte, error) {
+	b, err, _ := d.requestReturnErrResp(uri, method, callback, retry...)
+	return b, err
+}
+
+func (d *AliyundriveOpen) requestReturnErrResp(uri, method string, callback base.ReqCallback, retry ...bool) ([]byte, error, *ErrResp) {
 	req := base.RestyClient.R()
 	// TODO check whether access_token is expired
 	req.SetHeader("Authorization", "Bearer "+d.AccessToken)
@ -61,30 +68,43 @@ func (d *AliyundriveOpen) request(uri, method string, callback base.ReqCallback,
 	req.SetError(&e)
 	res, err := req.Execute(method, d.base+uri)
 	if err != nil {
-		return nil, err
+		if res != nil {
+			log.Errorf("[aliyundrive_open] request error: %s", res.String())
+		}
+		return nil, err, nil
 	}
 	isRetry := len(retry) > 0 && retry[0]
 	if e.Code != "" {
 		if !isRetry && (utils.SliceContains([]string{"AccessTokenInvalid", "AccessTokenExpired", "I400JD"}, e.Code) || d.AccessToken == "") {
 			err = d.refreshToken()
 			if err != nil {
-				return nil, err
+				return nil, err, nil
 			}
-			return d.request(uri, method, callback, true)
+			return d.requestReturnErrResp(uri, method, callback, true)
 		}
-		return nil, fmt.Errorf("%s:%s", e.Code, e.Message)
+		return nil, fmt.Errorf("%s:%s", e.Code, e.Message), &e
 	}
-	return res.Body(), nil
+	return res.Body(), nil, nil
 }

-func (d *AliyundriveOpen) getFiles(fileId string) ([]File, error) {
+func (d *AliyundriveOpen) list(ctx context.Context, data base.Json) (*Files, error) {
+	var resp Files
+	_, err := d.request("/adrive/v1.0/openFile/list", http.MethodPost, func(req *resty.Request) {
+		req.SetBody(data).SetResult(&resp)
+	})
+	if err != nil {
+		return nil, err
+	}
+	return &resp, nil
+}
+
+func (d *AliyundriveOpen) getFiles(ctx context.Context, fileId string) ([]File, error) {
 	marker := "first"
 	res := make([]File, 0)
 	for marker != "" {
 		if marker == "first" {
 			marker = ""
 		}
-		var resp Files
 		data := base.Json{
 			"drive_id":        d.DriveId,
 			"limit":           200,
@ -98,9 +118,7 @@ func (d *AliyundriveOpen) getFiles(fileId string) ([]File, error) {
 			//"video_thumbnail_width": 480,
 			//"image_thumbnail_width": 480,
 		}
-		_, err := d.request("/adrive/v1.0/openFile/list", http.MethodPost, func(req *resty.Request) {
-			req.SetBody(data).SetResult(&resp)
-		})
+		resp, err := d.limitList(ctx, data)
 		if err != nil {
 			return nil, err
 		}
@ -109,59 +127,3 @@ func (d *AliyundriveOpen) getFiles(fileId string) ([]File, error) {
 	}
 	return res, nil
 }
-
-func makePartInfos(size int) []base.Json {
-	partInfoList := make([]base.Json, size)
-	for i := 0; i < size; i++ {
-		partInfoList[i] = base.Json{"part_number": 1 + i}
-	}
-	return partInfoList
-}
-
-func (d *AliyundriveOpen) getUploadUrl(count int, fileId, uploadId string) ([]PartInfo, error) {
-	partInfoList := makePartInfos(count)
-	var resp CreateResp
-	_, err := d.request("/adrive/v1.0/openFile/getUploadUrl", http.MethodPost, func(req *resty.Request) {
-		req.SetBody(base.Json{
-			"drive_id":       d.DriveId,
-			"file_id":        fileId,
-			"part_info_list": partInfoList,
-			"upload_id":      uploadId,
-		}).SetResult(&resp)
-	})
-	return resp.PartInfoList, err
-}
-
-func (d *AliyundriveOpen) uploadPart(ctx context.Context, i, count int, reader *utils.MultiReadable, resp *CreateResp, retry bool) error {
-	partInfo := resp.PartInfoList[i-1]
-	uploadUrl := partInfo.UploadUrl
-	if d.InternalUpload {
-		uploadUrl = strings.ReplaceAll(uploadUrl, "https://cn-beijing-data.aliyundrive.net/", "http://ccp-bj29-bj-1592982087.oss-cn-beijing-internal.aliyuncs.com/")
-	}
-	req, err := http.NewRequest("PUT", uploadUrl, reader)
-	if err != nil {
-		return err
-	}
-	req = req.WithContext(ctx)
-	res, err := base.HttpClient.Do(req)
-	if err != nil {
-		if retry {
-			reader.Reset()
-			return d.uploadPart(ctx, i, count, reader, resp, false)
-		}
-		return err
-	}
-	res.Body.Close()
-	if retry && res.StatusCode == http.StatusForbidden {
-		resp.PartInfoList, err = d.getUploadUrl(count, resp.FileId, resp.UploadId)
-		if err != nil {
-			return err
-		}
-		reader.Reset()
-		return d.uploadPart(ctx, i, count, reader, resp, false)
-	}
-	if res.StatusCode != http.StatusOK && res.StatusCode != http.StatusConflict {
-		return fmt.Errorf("upload status: %d", res.StatusCode)
-	}
-	return nil
-}
--- a/drivers/aliyundrive_share/driver.go
+++ b/drivers/aliyundrive_share/driver.go
@ -2,9 +2,11 @@ package aliyundrive_share

 import (
 	"context"
+	"fmt"
 	"net/http"
 	"time"

+	"github.com/Xhofe/rateg"
 	"github.com/alist-org/alist/v3/drivers/base"
 	"github.com/alist-org/alist/v3/internal/driver"
 	"github.com/alist-org/alist/v3/internal/errs"
@ -22,6 +24,9 @@ type AliyundriveShare struct {
 	ShareToken  string
 	DriveId     string
 	cron        *cron.Cron
+
+	limitList func(ctx context.Context, dir model.Obj) ([]model.Obj, error)
+	limitLink func(ctx context.Context, file model.Obj) (*model.Link, error)
 }

 func (d *AliyundriveShare) Config() driver.Config {
@ -48,6 +53,14 @@ func (d *AliyundriveShare) Init(ctx context.Context) error {
 			log.Errorf("%+v", err)
 		}
 	})
+	d.limitList = rateg.LimitFnCtx(d.list, rateg.LimitFnOption{
+		Limit:  4,
+		Bucket: 1,
+	})
+	d.limitLink = rateg.LimitFnCtx(d.link, rateg.LimitFnOption{
+		Limit:  1,
+		Bucket: 1,
+	})
 	return nil
 }

@ -60,6 +73,13 @@ func (d *AliyundriveShare) Drop(ctx context.Context) error {
 }

 func (d *AliyundriveShare) List(ctx context.Context, dir model.Obj, args model.ListArgs) ([]model.Obj, error) {
+	if d.limitList == nil {
+		return nil, fmt.Errorf("driver not init")
+	}
+	return d.limitList(ctx, dir)
+}
+
+func (d *AliyundriveShare) list(ctx context.Context, dir model.Obj) ([]model.Obj, error) {
 	files, err := d.getFiles(dir.GetID())
 	if err != nil {
 		return nil, err
@ -70,6 +90,13 @@ func (d *AliyundriveShare) List(ctx context.Context, dir model.Obj, args model.L
 }

 func (d *AliyundriveShare) Link(ctx context.Context, file model.Obj, args model.LinkArgs) (*model.Link, error) {
+	if d.limitLink == nil {
+		return nil, fmt.Errorf("driver not init")
+	}
+	return d.limitLink(ctx, file)
+}
+
+func (d *AliyundriveShare) link(ctx context.Context, file model.Obj) (*model.Link, error) {
 	data := base.Json{
 		"drive_id": d.DriveId,
 		"file_id":  file.GetID(),
@ -79,7 +106,7 @@ func (d *AliyundriveShare) Link(ctx context.Context, file model.Obj, args model.
 	}
 	var resp ShareLinkResp
 	_, err := d.request("https://api.aliyundrive.com/v2/file/get_share_link_download_url", http.MethodPost, func(req *resty.Request) {
-		req.SetBody(data).SetResult(&resp)
+		req.SetHeader(CanaryHeaderKey, CanaryHeaderValue).SetBody(data).SetResult(&resp)
 	})
 	if err != nil {
 		return nil, err
--- a/drivers/aliyundrive_share/util.go
+++ b/drivers/aliyundrive_share/util.go
@ -9,6 +9,12 @@ import (
 	log "github.com/sirupsen/logrus"
 )

+const (
+	// CanaryHeaderKey CanaryHeaderValue for lifting rate limit restrictions
+	CanaryHeaderKey   = "X-Canary"
+	CanaryHeaderValue = "client=web,app=share,version=v2.3.1"
+)
+
 func (d *AliyundriveShare) refreshToken() error {
 	url := "https://auth.aliyundrive.com/v2/account/token"
 	var resp base.TokenResp
@ -58,6 +64,7 @@ func (d *AliyundriveShare) request(url, method string, callback base.ReqCallback
 		SetError(&e).
 		SetHeader("content-type", "application/json").
 		SetHeader("Authorization", "Bearer\t"+d.AccessToken).
+		SetHeader(CanaryHeaderKey, CanaryHeaderValue).
 		SetHeader("x-share-token", d.ShareToken)
 	if callback != nil {
 		callback(req)
@ -91,7 +98,7 @@ func (d *AliyundriveShare) getFiles(fileId string) ([]File, error) {
 	data := base.Json{
 		"image_thumbnail_process": "image/resize,w_160/format,jpeg",
 		"image_url_process":       "image/resize,w_1920/format,jpeg",
-		"limit":                   100,
+		"limit":                   200,
 		"order_by":                d.OrderBy,
 		"order_direction":         d.OrderDirection,
 		"parent_file_id":          fileId,
@ -107,6 +114,7 @@ func (d *AliyundriveShare) getFiles(fileId string) ([]File, error) {
 		var resp ListResp
 		res, err := base.RestyClient.R().
 			SetHeader("x-share-token", d.ShareToken).
+			SetHeader(CanaryHeaderKey, CanaryHeaderValue).
 			SetResult(&resp).SetError(&e).SetBody(data).
 			Post("https://api.aliyundrive.com/adrive/v3/file/list")
 		if err != nil {
--- a/drivers/all.go
+++ b/drivers/all.go
@ -3,6 +3,7 @@ package drivers
 import (
 	_ "github.com/alist-org/alist/v3/drivers/115"
 	_ "github.com/alist-org/alist/v3/drivers/123"
+	_ "github.com/alist-org/alist/v3/drivers/123_share"
 	_ "github.com/alist-org/alist/v3/drivers/139"
 	_ "github.com/alist-org/alist/v3/drivers/189"
 	_ "github.com/alist-org/alist/v3/drivers/189pc"
@ -16,6 +17,8 @@ import (
 	_ "github.com/alist-org/alist/v3/drivers/baidu_photo"
 	_ "github.com/alist-org/alist/v3/drivers/baidu_share"
 	_ "github.com/alist-org/alist/v3/drivers/cloudreve"
+	_ "github.com/alist-org/alist/v3/drivers/crypt"
+	_ "github.com/alist-org/alist/v3/drivers/dropbox"
 	_ "github.com/alist-org/alist/v3/drivers/ftp"
 	_ "github.com/alist-org/alist/v3/drivers/google_drive"
 	_ "github.com/alist-org/alist/v3/drivers/google_photo"
@ -24,6 +27,7 @@ import (
 	_ "github.com/alist-org/alist/v3/drivers/local"
 	_ "github.com/alist-org/alist/v3/drivers/mediatrack"
 	_ "github.com/alist-org/alist/v3/drivers/mega"
+	_ "github.com/alist-org/alist/v3/drivers/mopan"
 	_ "github.com/alist-org/alist/v3/drivers/onedrive"
 	_ "github.com/alist-org/alist/v3/drivers/onedrive_app"
 	_ "github.com/alist-org/alist/v3/drivers/pikpak"
@ -41,6 +45,8 @@ import (
 	_ "github.com/alist-org/alist/v3/drivers/uss"
 	_ "github.com/alist-org/alist/v3/drivers/virtual"
 	_ "github.com/alist-org/alist/v3/drivers/webdav"
+	_ "github.com/alist-org/alist/v3/drivers/weiyun"
+	_ "github.com/alist-org/alist/v3/drivers/wopan"
 	_ "github.com/alist-org/alist/v3/drivers/yandex_disk"
 )

--- a/drivers/baidu_netdisk/driver.go
+++ b/drivers/baidu_netdisk/driver.go
@ -1,31 +1,33 @@
 package baidu_netdisk

 import (
-	"bytes"
 	"context"
 	"crypto/md5"
 	"encoding/hex"
 	"fmt"
+	"github.com/alist-org/alist/v3/drivers/base"
+	"github.com/alist-org/alist/v3/internal/driver"
+	"github.com/alist-org/alist/v3/internal/errs"
+	"github.com/alist-org/alist/v3/internal/model"
+	"github.com/alist-org/alist/v3/pkg/utils"
+	"github.com/avast/retry-go"
+	log "github.com/sirupsen/logrus"
 	"io"
 	"math"
 	"os"
 	stdpath "path"
 	"strconv"
 	"strings"
-
-	"github.com/alist-org/alist/v3/drivers/base"
-	"github.com/alist-org/alist/v3/internal/driver"
-	"github.com/alist-org/alist/v3/internal/model"
-	"github.com/alist-org/alist/v3/pkg/utils"
-	log "github.com/sirupsen/logrus"
 )

 type BaiduNetdisk struct {
 	model.Storage
 	Addition
-	AccessToken string
 }

+const BaiduFileAPI = "https://d.pcs.baidu.com/rest/2.0/pcs/superfile2"
+const DefaultSliceSize int64 = 4 * 1024 * 1024
+
 func (d *BaiduNetdisk) Config() driver.Config {
 	return config
 }
@ -35,7 +37,11 @@ func (d *BaiduNetdisk) GetAddition() driver.Additional {
 }

 func (d *BaiduNetdisk) Init(ctx context.Context) error {
-	return d.refreshToken()
+	res, err := d.get("/xpan/nas", map[string]string{
+		"method": "uinfo",
+	}, nil)
+	log.Debugf("[baidu] get uinfo: %s", string(res))
+	return err
 }

 func (d *BaiduNetdisk) Drop(ctx context.Context) error {
@ -106,7 +112,9 @@ func (d *BaiduNetdisk) Remove(ctx context.Context, obj model.Obj) error {
 }

 func (d *BaiduNetdisk) Put(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) error {
-	tempFile, err := utils.CreateTempFile(stream.GetReadCloser())
+	streamSize := stream.GetSize()
+
+	tempFile, err := utils.CreateTempFile(stream.GetReadCloser(), stream.GetSize())
 	if err != nil {
 		return err
 	}
@ -114,43 +122,37 @@ func (d *BaiduNetdisk) Put(ctx context.Context, dstDir model.Obj, stream model.F
 		_ = tempFile.Close()
 		_ = os.Remove(tempFile.Name())
 	}()
-	var Default int64 = 4 * 1024 * 1024
-	defaultByteData := make([]byte, Default)
-	count := int(math.Ceil(float64(stream.GetSize()) / float64(Default)))
-	var SliceSize int64 = 256 * 1024
+
+	count := int(math.Ceil(float64(streamSize) / float64(DefaultSliceSize)))
+	//cal md5 for first 256k data
+	const SliceSize int64 = 256 * 1024
 	// cal md5
 	h1 := md5.New()
 	h2 := md5.New()
-	block_list := make([]string, 0)
-	content_md5 := ""
-	slice_md5 := ""
-	left := stream.GetSize()
+	blockList := make([]string, 0)
+	contentMd5 := ""
+	sliceMd5 := ""
+	left := streamSize
 	for i := 0; i < count; i++ {
-		byteSize := Default
-		var byteData []byte
-		if left < Default {
+		byteSize := DefaultSliceSize
+		if left < DefaultSliceSize {
 			byteSize = left
-			byteData = make([]byte, byteSize)
-		} else {
-			byteData = defaultByteData
 		}
 		left -= byteSize
-		_, err = io.ReadFull(tempFile, byteData)
+		_, err = io.Copy(io.MultiWriter(h1, h2), io.LimitReader(tempFile, byteSize))
 		if err != nil {
 			return err
 		}
-		h1.Write(byteData)
-		h2.Write(byteData)
-		block_list = append(block_list, fmt.Sprintf("\"%s\"", hex.EncodeToString(h2.Sum(nil))))
+		blockList = append(blockList, fmt.Sprintf("\"%s\"", hex.EncodeToString(h2.Sum(nil))))
 		h2.Reset()
 	}
-	content_md5 = hex.EncodeToString(h1.Sum(nil))
+	contentMd5 = hex.EncodeToString(h1.Sum(nil))
 	_, err = tempFile.Seek(0, io.SeekStart)
 	if err != nil {
 		return err
 	}
-	if stream.GetSize() <= SliceSize {
-		slice_md5 = content_md5
+	if streamSize <= SliceSize {
+		sliceMd5 = contentMd5
 	} else {
 		sliceData := make([]byte, SliceSize)
 		_, err = io.ReadFull(tempFile, sliceData)
@ -158,22 +160,19 @@ func (d *BaiduNetdisk) Put(ctx context.Context, dstDir model.Obj, stream model.F
 			return err
 		}
 		h2.Write(sliceData)
-		slice_md5 = hex.EncodeToString(h2.Sum(nil))
-		_, err = tempFile.Seek(0, io.SeekStart)
-		if err != nil {
-			return err
-		}
+		sliceMd5 = hex.EncodeToString(h2.Sum(nil))
 	}
 	rawPath := stdpath.Join(dstDir.GetPath(), stream.GetName())
 	path := encodeURIComponent(rawPath)
-	block_list_str := fmt.Sprintf("[%s]", strings.Join(block_list, ","))
+	block_list_str := fmt.Sprintf("[%s]", strings.Join(blockList, ","))
 	data := fmt.Sprintf("path=%s&size=%d&isdir=0&autoinit=1&block_list=%s&content-md5=%s&slice-md5=%s",
-		path, stream.GetSize(),
+		path, streamSize,
 		block_list_str,
-		content_md5, slice_md5)
+		contentMd5, sliceMd5)
 	params := map[string]string{
 		"method": "precreate",
 	}
+	log.Debugf("[baidu_netdisk] precreate data: %s", data)
 	var precreateResp PrecreateResp
 	_, err = d.post("/xpan/file", params, data, &precreateResp)
 	if err != nil {
@ -181,6 +180,7 @@ func (d *BaiduNetdisk) Put(ctx context.Context, dstDir model.Obj, stream model.F
 	}
 	log.Debugf("%+v", precreateResp)
 	if precreateResp.ReturnType == 2 {
+		//rapid upload, since got md5 match from baidu server
 		return nil
 	}
 	params = map[string]string{
@ -190,41 +190,49 @@ func (d *BaiduNetdisk) Put(ctx context.Context, dstDir model.Obj, stream model.F
 		"path":         path,
 		"uploadid":     precreateResp.Uploadid,
 	}
-	left = stream.GetSize()
+
+	var offset int64 = 0
 	for i, partseq := range precreateResp.BlockList {
-		if utils.IsCanceled(ctx) {
-			return ctx.Err()
-		}
-		byteSize := Default
-		var byteData []byte
-		if left < Default {
-			byteSize = left
-			byteData = make([]byte, byteSize)
-		} else {
-			byteData = defaultByteData
-		}
-		left -= byteSize
-		_, err = io.ReadFull(tempFile, byteData)
-		if err != nil {
-			return err
-		}
-		u := "https://d.pcs.baidu.com/rest/2.0/pcs/superfile2"
 		params["partseq"] = strconv.Itoa(partseq)
-		res, err := base.RestyClient.R().
-			SetContext(ctx).
-			SetQueryParams(params).
-			SetFileReader("file", stream.GetName(), bytes.NewReader(byteData)).
-			Post(u)
+		byteSize := int64(math.Min(float64(streamSize-offset), float64(DefaultSliceSize)))
+		err := retry.Do(func() error {
+			return d.uploadSlice(ctx, &params, stream.GetName(), tempFile, offset, byteSize)
+		},
+			retry.Context(ctx),
+			retry.Attempts(3))
 		if err != nil {
 			return err
 		}
-		log.Debugln(res.String())
+		offset += byteSize
+
 		if len(precreateResp.BlockList) > 0 {
 			up(i * 100 / len(precreateResp.BlockList))
 		}
 	}
-	_, err = d.create(rawPath, stream.GetSize(), 0, precreateResp.Uploadid, block_list_str)
+	_, err = d.create(rawPath, streamSize, 0, precreateResp.Uploadid, block_list_str)
 	return err
 }
+func (d *BaiduNetdisk) uploadSlice(ctx context.Context, params *map[string]string, fileName string, file *os.File, offset int64, byteSize int64) error {
+	_, err := file.Seek(offset, io.SeekStart)
+	if err != nil {
+		return err
+	}
+
+	res, err := base.RestyClient.R().
+		SetContext(ctx).
+		SetQueryParams(*params).
+		SetFileReader("file", fileName, io.LimitReader(file, byteSize)).
+		Post(BaiduFileAPI)
+	if err != nil {
+		return err
+	}
+	log.Debugln(res.RawResponse.Status + res.String())
+	errCode := utils.Json.Get(res.Body(), "error_code").ToInt()
+	errNo := utils.Json.Get(res.Body(), "errno").ToInt()
+	if errCode != 0 || errNo != 0 {
+		return errs.NewErr(errs.StreamIncomplete, "error in uploading to baidu, will retry. response=%s", res.String())
+	}
+	return nil
+}

 var _ driver.Driver = (*BaiduNetdisk)(nil)
--- a/drivers/baidu_netdisk/meta.go
+++ b/drivers/baidu_netdisk/meta.go
@ -13,6 +13,8 @@ type Addition struct {
 	DownloadAPI    string `json:"download_api" type:"select" options:"official,crack" default:"official"`
 	ClientID       string `json:"client_id" required:"true" default:"iYCeC9g08h5vuP9UqvPHKKSVrKFXGa1v"`
 	ClientSecret   string `json:"client_secret" required:"true" default:"jXiFMOPVPCWlO2M5CwWQzffpNPaGTRBG"`
+	CustomCrackUA  string `json:"custom_crack_ua" required:"true" default:"netdisk"`
+	AccessToken    string
 }

 var config = driver.Config{
--- a/drivers/baidu_netdisk/util.go
+++ b/drivers/baidu_netdisk/util.go
@ -2,6 +2,7 @@ package baidu_netdisk

 import (
 	"fmt"
+	"github.com/avast/retry-go"
 	"net/http"
 	"net/url"
 	"strconv"
@ -13,6 +14,7 @@ import (
 	"github.com/alist-org/alist/v3/internal/op"
 	"github.com/alist-org/alist/v3/pkg/utils"
 	"github.com/go-resty/resty/v2"
+	log "github.com/sirupsen/logrus"
 )

 // do others that not defined in Driver interface
@ -50,30 +52,37 @@ func (d *BaiduNetdisk) _refreshToken() error {
 }

 func (d *BaiduNetdisk) request(furl string, method string, callback base.ReqCallback, resp interface{}) ([]byte, error) {
-	req := base.RestyClient.R()
-	req.SetQueryParam("access_token", d.AccessToken)
-	if callback != nil {
-		callback(req)
-	}
-	if resp != nil {
-		req.SetResult(resp)
-	}
-	res, err := req.Execute(method, furl)
-	if err != nil {
-		return nil, err
-	}
-	errno := utils.Json.Get(res.Body(), "errno").ToInt()
-	if errno != 0 {
-		if errno == -6 {
-			err = d.refreshToken()
-			if err != nil {
-				return nil, err
-			}
-			return d.request(furl, method, callback, resp)
+	var result []byte
+	err := retry.Do(func() error {
+		req := base.RestyClient.R()
+		req.SetQueryParam("access_token", d.AccessToken)
+		if callback != nil {
+			callback(req)
 		}
-		return nil, fmt.Errorf("errno: %d, refer to https://pan.baidu.com/union/doc/", errno)
-	}
-	return res.Body(), nil
+		if resp != nil {
+			req.SetResult(resp)
+		}
+		res, err := req.Execute(method, furl)
+		if err != nil {
+			return err
+		}
+		log.Debugf("[baidu_netdisk] req: %s, resp: %s", furl, res.String())
+		errno := utils.Json.Get(res.Body(), "errno").ToInt()
+		if errno != 0 {
+			if utils.SliceContains([]int{111, -6}, errno) {
+				log.Info("refreshing baidu_netdisk token.")
+				err2 := d.refreshToken()
+				if err2 != nil {
+					return err2
+				}
+			}
+			return fmt.Errorf("req: [%s] ,errno: %d, refer to https://pan.baidu.com/union/doc/", furl, errno)
+		}
+		result = res.Body()
+		return nil
+	},
+		retry.Attempts(3))
+	return result, err
 }

 func (d *BaiduNetdisk) get(pathname string, params map[string]string, resp interface{}) ([]byte, error) {
@ -154,7 +163,7 @@ func (d *BaiduNetdisk) linkCrack(file model.Obj, args model.LinkArgs) (*model.Li
 		"target": fmt.Sprintf("[\"%s\"]", file.GetPath()),
 		"dlink":  "1",
 		"web":    "5",
-		//"origin": "dlna",
+		"origin": "dlna",
 	}
 	_, err := d.request("https://pan.baidu.com/api/filemetas", http.MethodGet, func(req *resty.Request) {
 		req.SetQueryParams(param)
@ -165,7 +174,7 @@ func (d *BaiduNetdisk) linkCrack(file model.Obj, args model.LinkArgs) (*model.Li
 	return &model.Link{
 		URL: resp.Info[0].Dlink,
 		Header: http.Header{
-			"User-Agent": []string{"netdisk"},
+			"User-Agent": []string{d.CustomCrackUA},
 		},
 	}, nil
 }
--- a/drivers/baidu_photo/driver.go
+++ b/drivers/baidu_photo/driver.go
@ -126,7 +126,13 @@ func (d *BaiduPhoto) Link(ctx context.Context, file model.Obj, args model.LinkAr
 	case *File:
 		return d.linkFile(ctx, file, args)
 	case *AlbumFile:
-		return d.linkAlbum(ctx, file, args)
+		f, err := d.CopyAlbumFile(ctx, file)
+		if err != nil {
+			return nil, err
+		}
+		return d.linkFile(ctx, f, args)
+		// 有概率无法获取到链接
+		//return d.linkAlbum(ctx, file, args)
 	}
 	return nil, errs.NotFile
 }
@ -169,9 +175,9 @@ func (d *BaiduPhoto) Copy(ctx context.Context, srcObj, dstDir model.Obj) (model.
 }

 func (d *BaiduPhoto) Move(ctx context.Context, srcObj, dstDir model.Obj) (model.Obj, error) {
-	// 仅支持相册之间移动
 	if file, ok := srcObj.(*AlbumFile); ok {
-		if _, ok := dstDir.(*Album); ok {
+		switch dstDir.(type) {
+		case *Album, *Root: // albumfile -> root -> album or albumfile -> root
 			newObj, err := d.Copy(ctx, srcObj, dstDir)
 			if err != nil {
 				return nil, err
@ -206,7 +212,7 @@ func (d *BaiduPhoto) Remove(ctx context.Context, obj model.Obj) error {

 func (d *BaiduPhoto) Put(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) (model.Obj, error) {
 	// 需要获取完整文件md5,必须支持 io.Seek
-	tempFile, err := utils.CreateTempFile(stream.GetReadCloser())
+	tempFile, err := utils.CreateTempFile(stream.GetReadCloser(), stream.GetSize())
 	if err != nil {
 		return nil, err
 	}
--- a/drivers/baidu_photo/help.go
+++ b/drivers/baidu_photo/help.go
@ -69,3 +69,10 @@ func renameAlbum(album *Album, newName string) *Album {
 		Mtime:      time.Now().Unix(),
 	}
 }
+
+func BoolToIntStr(b bool) string {
+	if b {
+		return "1"
+	}
+	return "0"
+}
--- a/drivers/baidu_photo/meta.go
+++ b/drivers/baidu_photo/meta.go
@ -10,6 +10,7 @@ type Addition struct {
 	ShowType     string `json:"show_type" type:"select" options:"root,root_only_album,root_only_file" default:"root"`
 	AlbumID      string `json:"album_id"`
 	//AlbumPassword string `json:"album_password"`
+	DeleteOrigin bool   `json:"delete_origin"`
 	ClientID     string `json:"client_id" required:"true" default:"iYCeC9g08h5vuP9UqvPHKKSVrKFXGa1v"`
 	ClientSecret string `json:"client_secret" required:"true" default:"jXiFMOPVPCWlO2M5CwWQzffpNPaGTRBG"`
 }
--- a/drivers/baidu_photo/utils.go
+++ b/drivers/baidu_photo/utils.go
@ -21,7 +21,7 @@ const (
 	FILE_API_URL_V2 = API_URL + "/file/v2"
 )

-func (d *BaiduPhoto) Request(furl string, method string, callback base.ReqCallback, resp interface{}) ([]byte, error) {
+func (d *BaiduPhoto) Request(furl string, method string, callback base.ReqCallback, resp interface{}) (*resty.Response, error) {
 	req := base.RestyClient.R().
 		SetQueryParam("access_token", d.AccessToken)
 	if callback != nil {
@ -52,9 +52,17 @@ func (d *BaiduPhoto) Request(furl string, method string, callback base.ReqCallba
 	default:
 		return nil, fmt.Errorf("errno: %d, refer to https://photo.baidu.com/union/doc", erron)
 	}
-	return res.Body(), nil
+	return res, nil
 }

+//func (d *BaiduPhoto) Request(furl string, method string, callback base.ReqCallback, resp interface{}) ([]byte, error) {
+//	res, err := d.request(furl, method, callback, resp)
+//	if err != nil {
+//		return nil, err
+//	}
+//	return res.Body(), nil
+//}
+
 func (d *BaiduPhoto) refreshToken() error {
 	u := "https://openapi.baidu.com/oauth/2.0/token"
 	var resp base.TokenResp
@ -79,11 +87,11 @@ func (d *BaiduPhoto) refreshToken() error {
 	return nil
 }

-func (d *BaiduPhoto) Get(furl string, callback base.ReqCallback, resp interface{}) ([]byte, error) {
+func (d *BaiduPhoto) Get(furl string, callback base.ReqCallback, resp interface{}) (*resty.Response, error) {
 	return d.Request(furl, http.MethodGet, callback, resp)
 }

-func (d *BaiduPhoto) Post(furl string, callback base.ReqCallback, resp interface{}) ([]byte, error) {
+func (d *BaiduPhoto) Post(furl string, callback base.ReqCallback, resp interface{}) (*resty.Response, error) {
 	return d.Request(furl, http.MethodPost, callback, resp)
 }

@ -223,7 +231,7 @@ func (d *BaiduPhoto) DeleteAlbum(ctx context.Context, album *Album) error {
 		r.SetFormData(map[string]string{
 			"album_id":            album.AlbumID,
 			"tid":                 fmt.Sprint(album.Tid),
-			"delete_origin_image": "0", // 是否删除原图 0 不删除 1 删除
+			"delete_origin_image": BoolToIntStr(d.DeleteOrigin), // 是否删除原图 0 不删除 1 删除
 		})
 	}, nil)
 	return err
@ -237,7 +245,7 @@ func (d *BaiduPhoto) DeleteAlbumFile(ctx context.Context, file *AlbumFile) error
 			"album_id":   fmt.Sprint(file.AlbumID),
 			"tid":        fmt.Sprint(file.Tid),
 			"list":       fmt.Sprintf(`[{"fsid":%d,"uk":%d}]`, file.Fsid, file.Uk),
-			"del_origin": "0", // 是否删除原图 0 不删除 1 删除
+			"del_origin": BoolToIntStr(d.DeleteOrigin), // 是否删除原图 0 不删除 1 删除
 		})
 	}, nil)
 	return err
@ -391,6 +399,49 @@ func (d *BaiduPhoto) linkFile(ctx context.Context, file *File, args model.LinkAr
 	return link, nil
 }

+/*func (d *BaiduPhoto) linkStreamAlbum(ctx context.Context, file *AlbumFile) (*model.Link, error) {
+	return &model.Link{
+		Header: http.Header{},
+		Writer: func(w io.Writer) error {
+			res, err := d.Get(ALBUM_API_URL+"/streaming", func(r *resty.Request) {
+				r.SetContext(ctx)
+				r.SetQueryParams(map[string]string{
+					"fsid":     fmt.Sprint(file.Fsid),
+					"album_id": file.AlbumID,
+					"tid":      fmt.Sprint(file.Tid),
+					"uk":       fmt.Sprint(file.Uk),
+				}).SetDoNotParseResponse(true)
+			}, nil)
+			if err != nil {
+				return err
+			}
+			defer res.RawBody().Close()
+			_, err = io.Copy(w, res.RawBody())
+			return err
+		},
+	}, nil
+}*/
+
+/*func (d *BaiduPhoto) linkStream(ctx context.Context, file *File) (*model.Link, error) {
+	return &model.Link{
+		Header: http.Header{},
+		Writer: func(w io.Writer) error {
+			res, err := d.Get(FILE_API_URL_V1+"/streaming", func(r *resty.Request) {
+				r.SetContext(ctx)
+				r.SetQueryParams(map[string]string{
+					"fsid": fmt.Sprint(file.Fsid),
+				}).SetDoNotParseResponse(true)
+			}, nil)
+			if err != nil {
+				return err
+			}
+			defer res.RawBody().Close()
+			_, err = io.Copy(w, res.RawBody())
+			return err
+		},
+	}, nil
+}*/
+
 // 获取uk
 func (d *BaiduPhoto) uInfo() (*UInfo, error) {
 	var info UInfo
--- a/drivers/base/client.go
+++ b/drivers/base/client.go
@ -42,6 +42,7 @@ func NewHttpClient() *http.Client {
 	return &http.Client{
 		Timeout: time.Hour * 48,
 		Transport: &http.Transport{
+			Proxy:           http.ProxyFromEnvironment,
 			TLSClientConfig: &tls.Config{InsecureSkipVerify: conf.Conf.TlsInsecureSkipVerify},
 		},
 	}
--- a/drivers/base/util.go
+++ b/drivers/base/util.go
@ -1,30 +1 @@
 package base
-
-import (
-	"io"
-	"net/http"
-	"strconv"
-
-	"github.com/alist-org/alist/v3/internal/model"
-	"github.com/alist-org/alist/v3/pkg/http_range"
-	"github.com/alist-org/alist/v3/pkg/utils"
-)
-
-func HandleRange(link *model.Link, file io.ReadSeekCloser, header http.Header, size int64) {
-	if header.Get("Range") != "" {
-		r, err := http_range.ParseRange(header.Get("Range"), size)
-		if err == nil && len(r) > 0 {
-			_, err := file.Seek(r[0].Start, io.SeekStart)
-			if err == nil {
-				link.Data = utils.NewLimitReadCloser(file, func() error {
-					return file.Close()
-				}, r[0].Length)
-				link.Status = http.StatusPartialContent
-				link.Header = http.Header{
-					"Content-Range":  []string{r[0].ContentRange(size)},
-					"Content-Length": []string{strconv.FormatInt(r[0].Length, 10)},
-				}
-			}
-		}
-	}
-}
--- a/drivers/crypt/driver.go
+++ b/drivers/crypt/driver.go
@ -0,0 +1,411 @@
+package crypt
+
+import (
+	"context"
+	"fmt"
+	"io"
+	"net/http"
+	stdpath "path"
+	"regexp"
+	"strings"
+
+	"github.com/alist-org/alist/v3/internal/driver"
+	"github.com/alist-org/alist/v3/internal/errs"
+	"github.com/alist-org/alist/v3/internal/fs"
+	"github.com/alist-org/alist/v3/internal/model"
+	"github.com/alist-org/alist/v3/internal/net"
+	"github.com/alist-org/alist/v3/internal/op"
+	"github.com/alist-org/alist/v3/pkg/http_range"
+	"github.com/alist-org/alist/v3/pkg/utils"
+	rcCrypt "github.com/rclone/rclone/backend/crypt"
+	"github.com/rclone/rclone/fs/config/configmap"
+	"github.com/rclone/rclone/fs/config/obscure"
+	log "github.com/sirupsen/logrus"
+)
+
+type Crypt struct {
+	model.Storage
+	Addition
+	cipher        *rcCrypt.Cipher
+	remoteStorage driver.Driver
+}
+
+const obfuscatedPrefix = "___Obfuscated___"
+
+func (d *Crypt) Config() driver.Config {
+	return config
+}
+
+func (d *Crypt) GetAddition() driver.Additional {
+	return &d.Addition
+}
+
+func (d *Crypt) Init(ctx context.Context) error {
+	//obfuscate credentials if it's updated or just created
+	err := d.updateObfusParm(&d.Password)
+	if err != nil {
+		return fmt.Errorf("failed to obfuscate password: %w", err)
+	}
+	err = d.updateObfusParm(&d.Salt)
+	if err != nil {
+		return fmt.Errorf("failed to obfuscate salt: %w", err)
+	}
+
+	isCryptExt := regexp.MustCompile(`^[.][A-Za-z0-9-_]{2,}$`).MatchString
+	if !isCryptExt(d.EncryptedSuffix) {
+		return fmt.Errorf("EncryptedSuffix is Illegal")
+	}
+
+	op.MustSaveDriverStorage(d)
+
+	//need remote storage exist
+	storage, err := fs.GetStorage(d.RemotePath, &fs.GetStoragesArgs{})
+	if err != nil {
+		return fmt.Errorf("can't find remote storage: %w", err)
+	}
+	d.remoteStorage = storage
+
+	p, _ := strings.CutPrefix(d.Password, obfuscatedPrefix)
+	p2, _ := strings.CutPrefix(d.Salt, obfuscatedPrefix)
+	config := configmap.Simple{
+		"password":                  p,
+		"password2":                 p2,
+		"filename_encryption":       d.FileNameEnc,
+		"directory_name_encryption": d.DirNameEnc,
+		"filename_encoding":         "base64",
+		"suffix":                    d.EncryptedSuffix,
+		"pass_bad_blocks":           "",
+	}
+	c, err := rcCrypt.NewCipher(config)
+	if err != nil {
+		return fmt.Errorf("failed to create Cipher: %w", err)
+	}
+	d.cipher = c
+
+	//c, err := rcCrypt.newCipher(rcCrypt.NameEncryptionStandard, "", "", true, nil)
+	return nil
+}
+
+func (d *Crypt) updateObfusParm(str *string) error {
+	temp := *str
+	if !strings.HasPrefix(temp, obfuscatedPrefix) {
+		temp, err := obscure.Obscure(temp)
+		if err != nil {
+			return err
+		}
+		temp = obfuscatedPrefix + temp
+		*str = temp
+	}
+	return nil
+}
+
+func (d *Crypt) Drop(ctx context.Context) error {
+	return nil
+}
+
+func (d *Crypt) List(ctx context.Context, dir model.Obj, args model.ListArgs) ([]model.Obj, error) {
+	path := dir.GetPath()
+	//return d.list(ctx, d.RemotePath, path)
+	//remoteFull
+
+	objs, err := fs.List(ctx, d.getPathForRemote(path, true), &fs.ListArgs{NoLog: true})
+	// the obj must implement the model.SetPath interface
+	// return objs, err
+	if err != nil {
+		return nil, err
+	}
+
+	var result []model.Obj
+	for _, obj := range objs {
+		if obj.IsDir() {
+			name, err := d.cipher.DecryptDirName(obj.GetName())
+			if err != nil {
+				//filter illegal files
+				continue
+			}
+			objRes := model.Object{
+				Name:     name,
+				Size:     0,
+				Modified: obj.ModTime(),
+				IsFolder: obj.IsDir(),
+			}
+			result = append(result, &objRes)
+		} else {
+			thumb, ok := model.GetThumb(obj)
+			size, err := d.cipher.DecryptedSize(obj.GetSize())
+			if err != nil {
+				//filter illegal files
+				continue
+			}
+			name, err := d.cipher.DecryptFileName(obj.GetName())
+			if err != nil {
+				//filter illegal files
+				continue
+			}
+			objRes := model.Object{
+				Name:     name,
+				Size:     size,
+				Modified: obj.ModTime(),
+				IsFolder: obj.IsDir(),
+			}
+			if !ok {
+				result = append(result, &objRes)
+			} else {
+				objWithThumb := model.ObjThumb{
+					Object: objRes,
+					Thumbnail: model.Thumbnail{
+						Thumbnail: thumb,
+					},
+				}
+				result = append(result, &objWithThumb)
+			}
+		}
+	}
+
+	return result, nil
+}
+
+func (d *Crypt) Get(ctx context.Context, path string) (model.Obj, error) {
+	if utils.PathEqual(path, "/") {
+		return &model.Object{
+			Name:     "Root",
+			IsFolder: true,
+			Path:     "/",
+		}, nil
+	}
+	remoteFullPath := ""
+	var remoteObj model.Obj
+	var err, err2 error
+	firstTryIsFolder, secondTry := guessPath(path)
+	remoteFullPath = d.getPathForRemote(path, firstTryIsFolder)
+	remoteObj, err = fs.Get(ctx, remoteFullPath, &fs.GetArgs{NoLog: true})
+	if err != nil {
+		if errs.IsObjectNotFound(err) && secondTry {
+			//try the opposite
+			remoteFullPath = d.getPathForRemote(path, !firstTryIsFolder)
+			remoteObj, err2 = fs.Get(ctx, remoteFullPath, &fs.GetArgs{NoLog: true})
+			if err2 != nil {
+				return nil, err2
+			}
+		} else {
+			return nil, err
+		}
+	}
+	var size int64 = 0
+	name := ""
+	if !remoteObj.IsDir() {
+		size, err = d.cipher.DecryptedSize(remoteObj.GetSize())
+		if err != nil {
+			log.Warnf("DecryptedSize failed for %s ,will use original size, err:%s", path, err)
+			size = remoteObj.GetSize()
+		}
+		name, err = d.cipher.DecryptFileName(remoteObj.GetName())
+		if err != nil {
+			log.Warnf("DecryptFileName failed for %s ,will use original name, err:%s", path, err)
+			name = remoteObj.GetName()
+		}
+	} else {
+		name, err = d.cipher.DecryptDirName(remoteObj.GetName())
+		if err != nil {
+			log.Warnf("DecryptDirName failed for %s ,will use original name, err:%s", path, err)
+			name = remoteObj.GetName()
+		}
+	}
+	obj := &model.Object{
+		Path:     path,
+		Name:     name,
+		Size:     size,
+		Modified: remoteObj.ModTime(),
+		IsFolder: remoteObj.IsDir(),
+	}
+	return obj, nil
+	//return nil, errs.ObjectNotFound
+}
+
+func (d *Crypt) Link(ctx context.Context, file model.Obj, args model.LinkArgs) (*model.Link, error) {
+	dstDirActualPath, err := d.getActualPathForRemote(file.GetPath(), false)
+	if err != nil {
+		return nil, fmt.Errorf("failed to convert path to remote path: %w", err)
+	}
+	remoteLink, remoteFile, err := op.Link(ctx, d.remoteStorage, dstDirActualPath, args)
+	if err != nil {
+		return nil, err
+	}
+
+	if remoteLink.RangeReadCloser.RangeReader == nil && remoteLink.ReadSeekCloser == nil && len(remoteLink.URL) == 0 {
+		return nil, fmt.Errorf("the remote storage driver need to be enhanced to support encrytion")
+	}
+	remoteFileSize := remoteFile.GetSize()
+	remoteClosers := utils.NewClosers()
+	rangeReaderFunc := func(ctx context.Context, underlyingOffset, underlyingLength int64) (io.ReadCloser, error) {
+		length := underlyingLength
+		if underlyingLength >= 0 && underlyingOffset+underlyingLength >= remoteFileSize {
+			length = -1
+		}
+		if remoteLink.RangeReadCloser.RangeReader != nil {
+			//remoteRangeReader, err :=
+			remoteReader, err := remoteLink.RangeReadCloser.RangeReader(http_range.Range{Start: underlyingOffset, Length: length})
+			remoteClosers.Add(remoteLink.RangeReadCloser.Closers)
+			if err != nil {
+				return nil, err
+			}
+			return remoteReader, nil
+		}
+		if remoteLink.ReadSeekCloser != nil {
+			_, err := remoteLink.ReadSeekCloser.Seek(underlyingOffset, io.SeekStart)
+			if err != nil {
+				return nil, err
+			}
+			//remoteClosers.Add(remoteLink.ReadSeekCloser)
+			//keep reuse same ReadSeekCloser and close at last.
+			return io.NopCloser(remoteLink.ReadSeekCloser), nil
+		}
+		if len(remoteLink.URL) > 0 {
+			rangedRemoteLink := &model.Link{
+				URL:    remoteLink.URL,
+				Header: remoteLink.Header,
+			}
+			response, err := RequestRangedHttp(args.HttpReq, rangedRemoteLink, underlyingOffset, length)
+			//remoteClosers.Add(response.Body)
+			if err != nil {
+				return nil, fmt.Errorf("remote storage http request failure,status: %d err:%s", response.StatusCode, err)
+			}
+			if underlyingOffset == 0 && length == -1 || response.StatusCode == http.StatusPartialContent {
+				return response.Body, nil
+			} else if response.StatusCode == http.StatusOK {
+				log.Warnf("remote http server not supporting range request, expect low perfromace!")
+				readCloser, err := net.GetRangedHttpReader(response.Body, underlyingOffset, length)
+				if err != nil {
+					return nil, err
+				}
+				return readCloser, nil
+			}
+
+			return response.Body, nil
+		}
+		//if remoteLink.Data != nil {
+		//	log.Warnf("remote storage not supporting range request, expect low perfromace!")
+		//	readCloser, err := net.GetRangedHttpReader(remoteLink.Data, underlyingOffset, length)
+		//	remoteCloser = remoteLink.Data
+		//	if err != nil {
+		//		return nil, err
+		//	}
+		//	return readCloser, nil
+		//}
+		return nil, errs.NotSupport
+
+	}
+	resultRangeReader := func(httpRange http_range.Range) (io.ReadCloser, error) {
+		readSeeker, err := d.cipher.DecryptDataSeek(ctx, rangeReaderFunc, httpRange.Start, httpRange.Length)
+		if err != nil {
+			return nil, err
+		}
+		return readSeeker, nil
+	}
+
+	resultRangeReadCloser := &model.RangeReadCloser{RangeReader: resultRangeReader, Closers: remoteClosers}
+	resultLink := &model.Link{
+		Header:          remoteLink.Header,
+		RangeReadCloser: *resultRangeReadCloser,
+		Expiration:      remoteLink.Expiration,
+	}
+
+	return resultLink, nil
+
+}
+
+func (d *Crypt) MakeDir(ctx context.Context, parentDir model.Obj, dirName string) error {
+	dstDirActualPath, err := d.getActualPathForRemote(parentDir.GetPath(), true)
+	if err != nil {
+		return fmt.Errorf("failed to convert path to remote path: %w", err)
+	}
+	dir := d.cipher.EncryptDirName(dirName)
+	return op.MakeDir(ctx, d.remoteStorage, stdpath.Join(dstDirActualPath, dir))
+}
+
+func (d *Crypt) Move(ctx context.Context, srcObj, dstDir model.Obj) error {
+	srcRemoteActualPath, err := d.getActualPathForRemote(srcObj.GetPath(), srcObj.IsDir())
+	if err != nil {
+		return fmt.Errorf("failed to convert path to remote path: %w", err)
+	}
+	dstRemoteActualPath, err := d.getActualPathForRemote(dstDir.GetPath(), dstDir.IsDir())
+	if err != nil {
+		return fmt.Errorf("failed to convert path to remote path: %w", err)
+	}
+	return op.Move(ctx, d.remoteStorage, srcRemoteActualPath, dstRemoteActualPath)
+}
+
+func (d *Crypt) Rename(ctx context.Context, srcObj model.Obj, newName string) error {
+	remoteActualPath, err := d.getActualPathForRemote(srcObj.GetPath(), srcObj.IsDir())
+	if err != nil {
+		return fmt.Errorf("failed to convert path to remote path: %w", err)
+	}
+	var newEncryptedName string
+	if srcObj.IsDir() {
+		newEncryptedName = d.cipher.EncryptDirName(newName)
+	} else {
+		newEncryptedName = d.cipher.EncryptFileName(newName)
+	}
+	return op.Rename(ctx, d.remoteStorage, remoteActualPath, newEncryptedName)
+}
+
+func (d *Crypt) Copy(ctx context.Context, srcObj, dstDir model.Obj) error {
+	srcRemoteActualPath, err := d.getActualPathForRemote(srcObj.GetPath(), srcObj.IsDir())
+	if err != nil {
+		return fmt.Errorf("failed to convert path to remote path: %w", err)
+	}
+	dstRemoteActualPath, err := d.getActualPathForRemote(dstDir.GetPath(), dstDir.IsDir())
+	if err != nil {
+		return fmt.Errorf("failed to convert path to remote path: %w", err)
+	}
+	return op.Copy(ctx, d.remoteStorage, srcRemoteActualPath, dstRemoteActualPath)
+
+}
+
+func (d *Crypt) Remove(ctx context.Context, obj model.Obj) error {
+	remoteActualPath, err := d.getActualPathForRemote(obj.GetPath(), obj.IsDir())
+	if err != nil {
+		return fmt.Errorf("failed to convert path to remote path: %w", err)
+	}
+	return op.Remove(ctx, d.remoteStorage, remoteActualPath)
+}
+
+func (d *Crypt) Put(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) error {
+	dstDirActualPath, err := d.getActualPathForRemote(dstDir.GetPath(), true)
+	if err != nil {
+		return fmt.Errorf("failed to convert path to remote path: %w", err)
+	}
+
+	in := stream.GetReadCloser()
+	// Encrypt the data into wrappedIn
+	wrappedIn, err := d.cipher.EncryptData(in)
+	if err != nil {
+		return fmt.Errorf("failed to EncryptData: %w", err)
+	}
+
+	streamOut := &model.FileStream{
+		Obj: &model.Object{
+			ID:       stream.GetID(),
+			Path:     stream.GetPath(),
+			Name:     d.cipher.EncryptFileName(stream.GetName()),
+			Size:     d.cipher.EncryptedSize(stream.GetSize()),
+			Modified: stream.ModTime(),
+			IsFolder: stream.IsDir(),
+		},
+		ReadCloser:   io.NopCloser(wrappedIn),
+		Mimetype:     "application/octet-stream",
+		WebPutAsTask: stream.NeedStore(),
+		Old:          stream.GetOld(),
+	}
+	err = op.Put(ctx, d.remoteStorage, dstDirActualPath, streamOut, up, false)
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+//func (d *Safe) Other(ctx context.Context, args model.OtherArgs) (interface{}, error) {
+//	return nil, errs.NotSupport
+//}
+
+var _ driver.Driver = (*Crypt)(nil)
--- a/drivers/crypt/meta.go
+++ b/drivers/crypt/meta.go
@ -0,0 +1,47 @@
+package crypt
+
+import (
+	"github.com/alist-org/alist/v3/internal/driver"
+	"github.com/alist-org/alist/v3/internal/op"
+)
+
+type Addition struct {
+	// Usually one of two
+	//driver.RootPath
+	//driver.RootID
+	// define other
+
+	FileNameEnc string `json:"filename_encryption" type:"select" required:"true" options:"off,standard,obfuscate" default:"off"`
+	DirNameEnc  string `json:"directory_name_encryption" type:"select" required:"true" options:"false,true" default:"false"`
+	RemotePath  string `json:"remote_path" required:"true" help:"This is where the encrypted data stores"`
+
+	Password        string `json:"password" required:"true" confidential:"true" help:"the main password"`
+	Salt            string `json:"salt" confidential:"true"  help:"If you don't know what is salt, treat it as a second password'. Optional but recommended"`
+	EncryptedSuffix string `json:"encrypted_suffix" required:"true" default:".bin" help:"encrypted files will have this suffix"`
+}
+
+/*// inMemory contains decrypted confidential info and other temp data. will not persist these info anywhere
+type inMemory struct {
+	password string
+	salt     string
+}*/
+
+var config = driver.Config{
+	Name:              "Crypt",
+	LocalSort:         true,
+	OnlyLocal:         false,
+	OnlyProxy:         true,
+	NoCache:           true,
+	NoUpload:          false,
+	NeedMs:            false,
+	DefaultRoot:       "/",
+	CheckStatus:       false,
+	Alert:             "",
+	NoOverwriteUpload: false,
+}
+
+func init() {
+	op.RegisterDriver(func() driver.Driver {
+		return &Crypt{}
+	})
+}
--- a/drivers/crypt/types.go
+++ b/drivers/crypt/types.go
@ -0,0 +1 @@
+package crypt
--- a/drivers/crypt/util.go
+++ b/drivers/crypt/util.go
@ -0,0 +1,55 @@
+package crypt
+
+import (
+	"net/http"
+	stdpath "path"
+	"path/filepath"
+	"strings"
+
+	"github.com/alist-org/alist/v3/internal/model"
+	"github.com/alist-org/alist/v3/internal/net"
+	"github.com/alist-org/alist/v3/internal/op"
+	"github.com/alist-org/alist/v3/pkg/http_range"
+)
+
+func RequestRangedHttp(r *http.Request, link *model.Link, offset, length int64) (*http.Response, error) {
+	header := net.ProcessHeader(&http.Header{}, &link.Header)
+	header = http_range.ApplyRangeToHttpHeader(http_range.Range{Start: offset, Length: length}, header)
+
+	return net.RequestHttp("GET", header, link.URL)
+}
+
+// will give the best guessing based on the path
+func guessPath(path string) (isFolder, secondTry bool) {
+	if strings.HasSuffix(path, "/") {
+		//confirmed a folder
+		return true, false
+	}
+	lastSlash := strings.LastIndex(path, "/")
+	if strings.Index(path[lastSlash:], ".") < 0 {
+		//no dot, try folder then try file
+		return true, true
+	}
+	return false, true
+}
+
+func (d *Crypt) getPathForRemote(path string, isFolder bool) (remoteFullPath string) {
+	if isFolder && !strings.HasSuffix(path, "/") {
+		path = path + "/"
+	}
+	dir, fileName := filepath.Split(path)
+
+	remoteDir := d.cipher.EncryptDirName(dir)
+	remoteFileName := ""
+	if len(strings.TrimSpace(fileName)) > 0 {
+		remoteFileName = d.cipher.EncryptFileName(fileName)
+	}
+	return stdpath.Join(d.RemotePath, remoteDir, remoteFileName)
+
+}
+
+// actual path is used for internal only. any link for user should come from remoteFullPath
+func (d *Crypt) getActualPathForRemote(path string, isFolder bool) (string, error) {
+	_, remoteActualPath, err := op.GetStorageAndActualPath(d.getPathForRemote(path, isFolder))
+	return remoteActualPath, err
+}
--- a/drivers/dropbox/driver.go
+++ b/drivers/dropbox/driver.go
@ -0,0 +1,222 @@
+package dropbox
+
+import (
+	"context"
+	"fmt"
+	"io"
+	"math"
+	"net/http"
+	"time"
+
+	"github.com/alist-org/alist/v3/drivers/base"
+	"github.com/alist-org/alist/v3/internal/driver"
+	"github.com/alist-org/alist/v3/internal/model"
+	"github.com/alist-org/alist/v3/pkg/utils"
+	"github.com/go-resty/resty/v2"
+	log "github.com/sirupsen/logrus"
+)
+
+type Dropbox struct {
+	model.Storage
+	Addition
+	base        string
+	contentBase string
+}
+
+func (d *Dropbox) Config() driver.Config {
+	return config
+}
+
+func (d *Dropbox) GetAddition() driver.Additional {
+	return &d.Addition
+}
+
+func (d *Dropbox) Init(ctx context.Context) error {
+	query := "foo"
+	res, err := d.request("/2/check/user", http.MethodPost, func(req *resty.Request) {
+		req.SetBody(base.Json{
+			"query": query,
+		})
+	})
+	if err != nil {
+		return err
+	}
+	result := utils.Json.Get(res, "result").ToString()
+	if result != query {
+		return fmt.Errorf("failed to check user: %s", string(res))
+	}
+	return nil
+}
+
+func (d *Dropbox) Drop(ctx context.Context) error {
+	return nil
+}
+
+func (d *Dropbox) List(ctx context.Context, dir model.Obj, args model.ListArgs) ([]model.Obj, error) {
+	files, err := d.getFiles(ctx, dir.GetPath())
+	if err != nil {
+		return nil, err
+	}
+	return utils.SliceConvert(files, func(src File) (model.Obj, error) {
+		return fileToObj(src), nil
+	})
+}
+
+func (d *Dropbox) Link(ctx context.Context, file model.Obj, args model.LinkArgs) (*model.Link, error) {
+	res, err := d.request("/2/files/get_temporary_link", http.MethodPost, func(req *resty.Request) {
+		req.SetContext(ctx).SetBody(base.Json{
+			"path": file.GetPath(),
+		})
+	})
+	if err != nil {
+		return nil, err
+	}
+	url := utils.Json.Get(res, "link").ToString()
+	exp := time.Hour
+	return &model.Link{
+		URL:        url,
+		Expiration: &exp,
+	}, nil
+}
+
+func (d *Dropbox) MakeDir(ctx context.Context, parentDir model.Obj, dirName string) error {
+	_, err := d.request("/2/files/create_folder_v2", http.MethodPost, func(req *resty.Request) {
+		req.SetContext(ctx).SetBody(base.Json{
+			"autorename": false,
+			"path":       parentDir.GetPath() + "/" + dirName,
+		})
+	})
+	return err
+}
+
+func (d *Dropbox) Move(ctx context.Context, srcObj, dstDir model.Obj) error {
+	toPath := dstDir.GetPath() + "/" + srcObj.GetName()
+
+	_, err := d.request("/2/files/move_v2", http.MethodPost, func(req *resty.Request) {
+		req.SetContext(ctx).SetBody(base.Json{
+			"allow_ownership_transfer": false,
+			"allow_shared_folder":      false,
+			"autorename":               false,
+			"from_path":                srcObj.GetID(),
+			"to_path":                  toPath,
+		})
+	})
+	return err
+}
+
+func (d *Dropbox) Rename(ctx context.Context, srcObj model.Obj, newName string) error {
+	path := srcObj.GetPath()
+	fileName := srcObj.GetName()
+	toPath := path[:len(path)-len(fileName)] + newName
+
+	_, err := d.request("/2/files/move_v2", http.MethodPost, func(req *resty.Request) {
+		req.SetContext(ctx).SetBody(base.Json{
+			"allow_ownership_transfer": false,
+			"allow_shared_folder":      false,
+			"autorename":               false,
+			"from_path":                srcObj.GetID(),
+			"to_path":                  toPath,
+		})
+	})
+	return err
+}
+
+func (d *Dropbox) Copy(ctx context.Context, srcObj, dstDir model.Obj) error {
+	toPath := dstDir.GetPath() + "/" + srcObj.GetName()
+	_, err := d.request("/2/files/copy_v2", http.MethodPost, func(req *resty.Request) {
+		req.SetContext(ctx).SetBody(base.Json{
+			"allow_ownership_transfer": false,
+			"allow_shared_folder":      false,
+			"autorename":               false,
+			"from_path":                srcObj.GetID(),
+			"to_path":                  toPath,
+		})
+	})
+	return err
+}
+
+func (d *Dropbox) Remove(ctx context.Context, obj model.Obj) error {
+	uri := "/2/files/delete_v2"
+	_, err := d.request(uri, http.MethodPost, func(req *resty.Request) {
+		req.SetContext(ctx).SetBody(base.Json{
+			"path": obj.GetID(),
+		})
+	})
+	return err
+}
+
+func (d *Dropbox) Put(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) error {
+	// 1. start
+	sessionId, err := d.startUploadSession(ctx)
+	if err != nil {
+		return err
+	}
+
+	// 2.append
+	// A single request should not upload more than 150 MB, and each call must be multiple of 4MB  (except for last call)
+	const PartSize = 20971520
+	count := 1
+	if stream.GetSize() > PartSize {
+		count = int(math.Ceil(float64(stream.GetSize()) / float64(PartSize)))
+	}
+	offset := int64(0)
+
+	for i := 0; i < count; i++ {
+		if utils.IsCanceled(ctx) {
+			return ctx.Err()
+		}
+
+		start := i * PartSize
+		byteSize := stream.GetSize() - int64(start)
+		if byteSize > PartSize {
+			byteSize = PartSize
+		}
+
+		url := d.contentBase + "/2/files/upload_session/append_v2"
+		reader := io.LimitReader(stream, PartSize)
+		req, err := http.NewRequest(http.MethodPost, url, reader)
+		if err != nil {
+			log.Errorf("failed to update file when append to upload session, err: %+v", err)
+			return err
+		}
+		req = req.WithContext(ctx)
+		req.Header.Set("Content-Type", "application/octet-stream")
+		req.Header.Set("Authorization", "Bearer "+d.AccessToken)
+
+		args := UploadAppendArgs{
+			Close: false,
+			Cursor: UploadCursor{
+				Offset:    offset,
+				SessionID: sessionId,
+			},
+		}
+		argsJson, err := utils.Json.MarshalToString(args)
+		if err != nil {
+			return err
+		}
+		req.Header.Set("Dropbox-API-Arg", argsJson)
+
+		res, err := base.HttpClient.Do(req)
+		if err != nil {
+			return err
+		}
+		_ = res.Body.Close()
+
+		if count > 0 {
+			up((i + 1) * 100 / count)
+		}
+
+		offset += byteSize
+
+	}
+	// 3.finish
+	toPath := dstDir.GetPath() + "/" + stream.GetName()
+	err2 := d.finishUploadSession(ctx, toPath, offset, sessionId)
+	if err2 != nil {
+		return err2
+	}
+
+	return err
+}
+
+var _ driver.Driver = (*Dropbox)(nil)
--- a/drivers/dropbox/meta.go
+++ b/drivers/dropbox/meta.go
@ -0,0 +1,42 @@
+package dropbox
+
+import (
+	"github.com/alist-org/alist/v3/internal/driver"
+	"github.com/alist-org/alist/v3/internal/op"
+)
+
+const (
+	DefaultClientID = "76lrwrklhdn1icb"
+)
+
+type Addition struct {
+	RefreshToken string `json:"refresh_token" required:"true"`
+	driver.RootPath
+
+	OauthTokenURL string `json:"oauth_token_url" default:"https://api.xhofe.top/alist/dropbox/token"`
+	ClientID      string `json:"client_id" required:"false" help:"Keep it empty if you don't have one"`
+	ClientSecret  string `json:"client_secret" required:"false" help:"Keep it empty if you don't have one"`
+
+	AccessToken string
+}
+
+var config = driver.Config{
+	Name:              "Dropbox",
+	LocalSort:         false,
+	OnlyLocal:         false,
+	OnlyProxy:         false,
+	NoCache:           false,
+	NoUpload:          false,
+	NeedMs:            false,
+	DefaultRoot:       "",
+	NoOverwriteUpload: true,
+}
+
+func init() {
+	op.RegisterDriver(func() driver.Driver {
+		return &Dropbox{
+			base:        "https://api.dropboxapi.com",
+			contentBase: "https://content.dropboxapi.com",
+		}
+	})
+}
--- a/drivers/dropbox/types.go
+++ b/drivers/dropbox/types.go
@ -0,0 +1,79 @@
+package dropbox
+
+import (
+	"github.com/alist-org/alist/v3/internal/model"
+	"time"
+)
+
+type TokenResp struct {
+	AccessToken string `json:"access_token"`
+	TokenType   string `json:"token_type"`
+	ExpiresIn   int    `json:"expires_in"`
+}
+
+type ErrorResp struct {
+	Error struct {
+		Tag string `json:".tag"`
+	} `json:"error"`
+	ErrorSummary string `json:"error_summary"`
+}
+
+type RefreshTokenErrorResp struct {
+	Error            string `json:"error"`
+	ErrorDescription string `json:"error_description"`
+}
+
+type File struct {
+	Tag            string    `json:".tag"`
+	Name           string    `json:"name"`
+	PathLower      string    `json:"path_lower"`
+	PathDisplay    string    `json:"path_display"`
+	ID             string    `json:"id"`
+	ClientModified time.Time `json:"client_modified"`
+	ServerModified time.Time `json:"server_modified"`
+	Rev            string    `json:"rev"`
+	Size           int       `json:"size"`
+	IsDownloadable bool      `json:"is_downloadable"`
+	ContentHash    string    `json:"content_hash"`
+}
+
+type ListResp struct {
+	Entries []File `json:"entries"`
+	Cursor  string `json:"cursor"`
+	HasMore bool   `json:"has_more"`
+}
+
+type UploadCursor struct {
+	Offset    int64  `json:"offset"`
+	SessionID string `json:"session_id"`
+}
+
+type UploadAppendArgs struct {
+	Close  bool         `json:"close"`
+	Cursor UploadCursor `json:"cursor"`
+}
+
+type UploadFinishArgs struct {
+	Commit struct {
+		Autorename     bool   `json:"autorename"`
+		Mode           string `json:"mode"`
+		Mute           bool   `json:"mute"`
+		Path           string `json:"path"`
+		StrictConflict bool   `json:"strict_conflict"`
+	} `json:"commit"`
+	Cursor UploadCursor `json:"cursor"`
+}
+
+func fileToObj(f File) *model.ObjThumb {
+	return &model.ObjThumb{
+		Object: model.Object{
+			ID:       f.ID,
+			Path:     f.PathDisplay,
+			Name:     f.Name,
+			Size:     int64(f.Size),
+			Modified: f.ServerModified,
+			IsFolder: f.Tag == "folder",
+		},
+		Thumbnail: model.Thumbnail{},
+	}
+}
--- a/drivers/dropbox/util.go
+++ b/drivers/dropbox/util.go
@ -0,0 +1,199 @@
+package dropbox
+
+import (
+	"context"
+	"fmt"
+	"io"
+	"net/http"
+	"strings"
+
+	"github.com/alist-org/alist/v3/drivers/base"
+	"github.com/alist-org/alist/v3/internal/op"
+	"github.com/alist-org/alist/v3/pkg/utils"
+	"github.com/go-resty/resty/v2"
+	log "github.com/sirupsen/logrus"
+)
+
+func (d *Dropbox) refreshToken() error {
+	url := d.base + "/oauth2/token"
+	if utils.SliceContains([]string{"", DefaultClientID}, d.ClientID) {
+		url = d.OauthTokenURL
+	}
+	var tokenResp TokenResp
+	resp, err := base.RestyClient.R().
+		//ForceContentType("application/x-www-form-urlencoded").
+		//SetBasicAuth(d.ClientID, d.ClientSecret).
+		SetFormData(map[string]string{
+			"grant_type":    "refresh_token",
+			"refresh_token": d.RefreshToken,
+			"client_id":     d.ClientID,
+			"client_secret": d.ClientSecret,
+		}).
+		Post(url)
+	if err != nil {
+		return err
+	}
+	log.Debugf("[dropbox] refresh token response: %s", resp.String())
+	if resp.StatusCode() != 200 {
+		return fmt.Errorf("failed to refresh token: %s", resp.String())
+	}
+	_ = utils.Json.UnmarshalFromString(resp.String(), &tokenResp)
+	d.AccessToken = tokenResp.AccessToken
+	op.MustSaveDriverStorage(d)
+	return nil
+}
+
+func (d *Dropbox) request(uri, method string, callback base.ReqCallback, retry ...bool) ([]byte, error) {
+	req := base.RestyClient.R()
+	req.SetHeader("Authorization", "Bearer "+d.AccessToken)
+	if method == http.MethodPost {
+		req.SetHeader("Content-Type", "application/json")
+	}
+	if callback != nil {
+		callback(req)
+	}
+	var e ErrorResp
+	req.SetError(&e)
+	res, err := req.Execute(method, d.base+uri)
+	if err != nil {
+		return nil, err
+	}
+	log.Debugf("[dropbox] request (%s) response: %s", uri, res.String())
+	isRetry := len(retry) > 0 && retry[0]
+	if res.StatusCode() != 200 {
+		body := res.String()
+		if !isRetry && (utils.SliceMeet([]string{"expired_access_token", "invalid_access_token", "authorization"}, body,
+			func(item string, v string) bool {
+				return strings.Contains(v, item)
+			}) || d.AccessToken == "") {
+			err = d.refreshToken()
+			if err != nil {
+				return nil, err
+			}
+			return d.request(uri, method, callback, true)
+		}
+		return nil, fmt.Errorf("%s:%s", e.Error, e.ErrorSummary)
+	}
+	return res.Body(), nil
+}
+
+func (d *Dropbox) list(ctx context.Context, data base.Json, isContinue bool) (*ListResp, error) {
+	var resp ListResp
+	uri := "/2/files/list_folder"
+	if isContinue {
+		uri += "/continue"
+	}
+	_, err := d.request(uri, http.MethodPost, func(req *resty.Request) {
+		req.SetContext(ctx).SetBody(data).SetResult(&resp)
+	})
+	if err != nil {
+		return nil, err
+	}
+	return &resp, nil
+}
+
+func (d *Dropbox) getFiles(ctx context.Context, path string) ([]File, error) {
+	hasMore := true
+	var marker string
+	res := make([]File, 0)
+
+	data := base.Json{
+		"include_deleted":                     false,
+		"include_has_explicit_shared_members": false,
+		"include_mounted_folders":             false,
+		"include_non_downloadable_files":      false,
+		"limit":                               2000,
+		"path":                                path,
+		"recursive":                           false,
+	}
+	resp, err := d.list(ctx, data, false)
+	if err != nil {
+		return nil, err
+	}
+	marker = resp.Cursor
+	hasMore = resp.HasMore
+	res = append(res, resp.Entries...)
+
+	for hasMore {
+		data := base.Json{
+			"cursor": marker,
+		}
+		resp, err := d.list(ctx, data, true)
+		if err != nil {
+			return nil, err
+		}
+		marker = resp.Cursor
+		hasMore = resp.HasMore
+		res = append(res, resp.Entries...)
+	}
+	return res, nil
+}
+
+func (d *Dropbox) finishUploadSession(ctx context.Context, toPath string, offset int64, sessionId string) error {
+	url := d.contentBase + "/2/files/upload_session/finish"
+	req, err := http.NewRequest(http.MethodPost, url, nil)
+	if err != nil {
+		return err
+	}
+	req = req.WithContext(ctx)
+	req.Header.Set("Content-Type", "application/octet-stream")
+	req.Header.Set("Authorization", "Bearer "+d.AccessToken)
+
+	uploadFinishArgs := UploadFinishArgs{
+		Commit: struct {
+			Autorename     bool   `json:"autorename"`
+			Mode           string `json:"mode"`
+			Mute           bool   `json:"mute"`
+			Path           string `json:"path"`
+			StrictConflict bool   `json:"strict_conflict"`
+		}{
+			Autorename:     true,
+			Mode:           "add",
+			Mute:           false,
+			Path:           toPath,
+			StrictConflict: false,
+		},
+		Cursor: UploadCursor{
+			Offset:    offset,
+			SessionID: sessionId,
+		},
+	}
+
+	argsJson, err := utils.Json.MarshalToString(uploadFinishArgs)
+	if err != nil {
+		return err
+	}
+	req.Header.Set("Dropbox-API-Arg", argsJson)
+
+	res, err := base.HttpClient.Do(req)
+	if err != nil {
+		log.Errorf("failed to update file when finish session, err: %+v", err)
+		return err
+	}
+	_ = res.Body.Close()
+	return nil
+}
+
+func (d *Dropbox) startUploadSession(ctx context.Context) (string, error) {
+	url := d.contentBase + "/2/files/upload_session/start"
+	req, err := http.NewRequest(http.MethodPost, url, nil)
+	if err != nil {
+		return "", err
+	}
+	req = req.WithContext(ctx)
+	req.Header.Set("Content-Type", "application/octet-stream")
+	req.Header.Set("Authorization", "Bearer "+d.AccessToken)
+	req.Header.Set("Dropbox-API-Arg", "{\"close\":false}")
+
+	res, err := base.HttpClient.Do(req)
+	if err != nil {
+		log.Errorf("failed to update file when start session, err: %+v", err)
+		return "", err
+	}
+
+	body, err := io.ReadAll(res.Body)
+	sessionId := utils.Json.Get(body, "session_id").ToString()
+
+	_ = res.Body.Close()
+	return sessionId, nil
+}
--- a/drivers/ftp/driver.go
+++ b/drivers/ftp/driver.go
@ -4,7 +4,6 @@ import (
 	"context"
 	stdpath "path"

-	"github.com/alist-org/alist/v3/drivers/base"
 	"github.com/alist-org/alist/v3/internal/driver"
 	"github.com/alist-org/alist/v3/internal/errs"
 	"github.com/alist-org/alist/v3/internal/model"
@ -67,9 +66,8 @@ func (d *FTP) Link(ctx context.Context, file model.Obj, args model.LinkArgs) (*m

 	r := NewFTPFileReader(d.conn, file.GetPath())
 	link := &model.Link{
-		Data: r,
+		ReadSeekCloser: r,
 	}
-	base.HandleRange(link, r, args.Header, file.GetSize())
 	return link, nil
 }

--- a/drivers/lanzou/driver.go
+++ b/drivers/lanzou/driver.go
@ -2,9 +2,7 @@ package lanzou

 import (
 	"context"
-	"fmt"
 	"net/http"
-	"regexp"

 	"github.com/alist-org/alist/v3/drivers/base"
 	"github.com/alist-org/alist/v3/internal/driver"
@ -19,6 +17,8 @@ type LanZou struct {
 	model.Storage
 	uid string
 	vei string
+
+	flag int32
 }

 func (d *LanZou) Config() driver.Config {
@ -30,16 +30,18 @@ func (d *LanZou) GetAddition() driver.Additional {
 }

 func (d *LanZou) Init(ctx context.Context) (err error) {
-	if d.IsCookie() {
+	switch d.Type {
+	case "account":
+		_, err := d.Login()
+		if err != nil {
+			return err
+		}
+		fallthrough
+	case "cookie":
 		if d.RootFolderID == "" {
 			d.RootFolderID = "-1"
 		}
-		ylogin := regexp.MustCompile("ylogin=(.*?);").FindStringSubmatch(d.Cookie)
-		if len(ylogin) < 2 {
-			return fmt.Errorf("cookie does not contain ylogin")
-		}
-		d.uid = ylogin[1]
-		d.vei, err = d.getVei()
+		d.vei, d.uid, err = d.getVeiAndUid()
 	}
 	return
 }
@ -51,7 +53,7 @@ func (d *LanZou) Drop(ctx context.Context) error {

 // 获取的大小和时间不准确
 func (d *LanZou) List(ctx context.Context, dir model.Obj, args model.ListArgs) ([]model.Obj, error) {
-	if d.IsCookie() {
+	if d.IsCookie() || d.IsAccount() {
 		return d.GetAllFiles(dir.GetID())
 	} else {
 		return d.GetFileOrFolderByShareUrl(dir.GetID(), d.SharePassword)
@ -119,7 +121,7 @@ func (d *LanZou) Link(ctx context.Context, file model.Obj, args model.LinkArgs)
 }

 func (d *LanZou) MakeDir(ctx context.Context, parentDir model.Obj, dirName string) (model.Obj, error) {
-	if d.IsCookie() {
+	if d.IsCookie() || d.IsAccount() {
 		data, err := d.doupload(func(req *resty.Request) {
 			req.SetContext(ctx)
 			req.SetFormData(map[string]string{
@ -137,11 +139,11 @@ func (d *LanZou) MakeDir(ctx context.Context, parentDir model.Obj, dirName strin
 			FolID: utils.Json.Get(data, "text").ToString(),
 		}, nil
 	}
-	return nil, errs.NotImplement
+	return nil, errs.NotSupport
 }

 func (d *LanZou) Move(ctx context.Context, srcObj, dstDir model.Obj) (model.Obj, error) {
-	if d.IsCookie() {
+	if d.IsCookie() || d.IsAccount() {
 		if !srcObj.IsDir() {
 			_, err := d.doupload(func(req *resty.Request) {
 				req.SetContext(ctx)
@ -157,11 +159,11 @@ func (d *LanZou) Move(ctx context.Context, srcObj, dstDir model.Obj) (model.Obj,
 			return srcObj, nil
 		}
 	}
-	return nil, errs.NotImplement
+	return nil, errs.NotSupport
 }

 func (d *LanZou) Rename(ctx context.Context, srcObj model.Obj, newName string) (model.Obj, error) {
-	if d.IsCookie() {
+	if d.IsCookie() || d.IsAccount() {
 		if !srcObj.IsDir() {
 			_, err := d.doupload(func(req *resty.Request) {
 				req.SetContext(ctx)
@ -179,11 +181,11 @@ func (d *LanZou) Rename(ctx context.Context, srcObj model.Obj, newName string) (
 			return srcObj, nil
 		}
 	}
-	return nil, errs.NotImplement
+	return nil, errs.NotSupport
 }

 func (d *LanZou) Remove(ctx context.Context, obj model.Obj) error {
-	if d.IsCookie() {
+	if d.IsCookie() || d.IsAccount() {
 		_, err := d.doupload(func(req *resty.Request) {
 			req.SetContext(ctx)
 			if obj.IsDir() {
@ -200,13 +202,13 @@ func (d *LanZou) Remove(ctx context.Context, obj model.Obj) error {
 		}, nil)
 		return err
 	}
-	return errs.NotImplement
+	return errs.NotSupport
 }

 func (d *LanZou) Put(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) (model.Obj, error) {
-	if d.IsCookie() {
+	if d.IsCookie() || d.IsAccount() {
 		var resp RespText[[]FileOrFolder]
-		_, err := d._post(d.BaseUrl+"/fileup.php", func(req *resty.Request) {
+		_, err := d._post(d.BaseUrl+"/html5up.php", func(req *resty.Request) {
 			req.SetFormData(map[string]string{
 				"task":           "1",
 				"vie":            "2",
@ -221,5 +223,5 @@ func (d *LanZou) Put(ctx context.Context, dstDir model.Obj, stream model.FileStr
 		}
 		return &resp.Text[0], nil
 	}
-	return nil, errs.NotImplement
+	return nil, errs.NotSupport
 }
--- a/drivers/lanzou/help.go
+++ b/drivers/lanzou/help.go
@ -3,6 +3,7 @@ package lanzou
 import (
 	"bytes"
 	"fmt"
+	"net/http"
 	"regexp"
 	"strconv"
 	"strings"
@ -190,3 +191,14 @@ func GetExpirationTime(url string) (etime time.Duration) {
 	etime = time.Duration(timestamp-time.Now().Unix()) * time.Second
 	return
 }
+
+func CookieToString(cookies []*http.Cookie) string {
+	if cookies == nil {
+		return ""
+	}
+	cookieStrings := make([]string, len(cookies))
+	for i, cookie := range cookies {
+		cookieStrings[i] = cookie.Name + "=" + cookie.Value
+	}
+	return strings.Join(cookieStrings, ";")
+}
--- a/drivers/lanzou/meta.go
+++ b/drivers/lanzou/meta.go
@ -6,8 +6,13 @@ import (
 )

 type Addition struct {
-	Type   string `json:"type" type:"select" options:"cookie,url" default:"cookie"`
-	Cookie string `json:"cookie" required:"true" help:"about 15 days valid, ignore if shareUrl is used"`
+	Type string `json:"type" type:"select" options:"account,cookie,url" default:"cookie"`
+
+	Account  string `json:"account"`
+	Password string `json:"password"`
+
+	Cookie string `json:"cookie" help:"about 15 days valid, ignore if shareUrl is used"`
+
 	driver.RootID
 	SharePassword  string `json:"share_password"`
 	BaseUrl        string `json:"baseUrl" required:"true" default:"https://pc.woozooo.com" help:"basic URL for file operation"`
@ -19,6 +24,10 @@ func (a *Addition) IsCookie() bool {
 	return a.Type == "cookie"
 }

+func (a *Addition) IsAccount() bool {
+	return a.Type == "account"
+}
+
 var config = driver.Config{
 	Name:        "Lanzou",
 	LocalSort:   true,
--- a/drivers/lanzou/types.go
+++ b/drivers/lanzou/types.go
@ -8,6 +8,7 @@ import (

 var ErrFileShareCancel = errors.New("file sharing cancellation")
 var ErrFileNotExist = errors.New("file does not exist")
+var ErrCookieExpiration = errors.New("cookie expiration")

 type RespText[T any] struct {
 	Text T `json:"text"`
--- a/drivers/lanzou/util.go
+++ b/drivers/lanzou/util.go
@ -5,13 +5,16 @@ import (
 	"fmt"
 	"net/http"
 	"regexp"
+	"runtime"
 	"strconv"
 	"strings"
 	"sync"
+	"sync/atomic"
 	"time"

 	"github.com/alist-org/alist/v3/drivers/base"
 	"github.com/alist-org/alist/v3/internal/model"
+	"github.com/alist-org/alist/v3/internal/op"
 	"github.com/alist-org/alist/v3/pkg/utils"
 	"github.com/go-resty/resty/v2"
 	log "github.com/sirupsen/logrus"
@ -37,7 +40,24 @@ func (d *LanZou) get(url string, callback base.ReqCallback) ([]byte, error) {
 }

 func (d *LanZou) post(url string, callback base.ReqCallback, resp interface{}) ([]byte, error) {
-	return d._post(url, callback, resp, false)
+	data, err := d._post(url, callback, resp, false)
+	if err == ErrCookieExpiration && d.IsAccount() {
+		if atomic.CompareAndSwapInt32(&d.flag, 0, 1) {
+			_, err2 := d.Login()
+			atomic.SwapInt32(&d.flag, 0)
+			if err2 != nil {
+				err = errors.Join(err, err2)
+				d.Status = err.Error()
+				op.MustSaveDriverStorage(d)
+				return data, err
+			}
+		}
+		for atomic.LoadInt32(&d.flag) != 0 {
+			runtime.Gosched()
+		}
+		return d._post(url, callback, resp, false)
+	}
+	return data, err
 }

 func (d *LanZou) _post(url string, callback base.ReqCallback, resp interface{}, up bool) ([]byte, error) {
@ -49,10 +69,12 @@ func (d *LanZou) _post(url string, callback base.ReqCallback, resp interface{},
 			}
 			return false
 		})
-		callback(req)
+		if callback != nil {
+			callback(req)
+		}
 	}, up)
 	if err != nil {
-		return nil, err
+		return data, err
 	}
 	switch utils.Json.Get(data, "zt").ToInt() {
 	case 1, 2, 4:
@ -61,12 +83,14 @@ func (d *LanZou) _post(url string, callback base.ReqCallback, resp interface{},
 			utils.Json.Unmarshal(data, resp)
 		}
 		return data, nil
+	case 9: // 登录过期
+		return data, ErrCookieExpiration
 	default:
 		info := utils.Json.Get(data, "inf").ToString()
 		if info == "" {
 			info = utils.Json.Get(data, "info").ToString()
 		}
-		return nil, fmt.Errorf(info)
+		return data, fmt.Errorf(info)
 	}
 }

@ -101,6 +125,28 @@ func (d *LanZou) request(url string, method string, callback base.ReqCallback, u
 	return res.Body(), err
 }

+func (d *LanZou) Login() ([]*http.Cookie, error) {
+	resp, err := base.NewRestyClient().SetRedirectPolicy(resty.NoRedirectPolicy()).
+		R().SetFormData(map[string]string{
+		"task":         "3",
+		"uid":          d.Account,
+		"pwd":          d.Password,
+		"setSessionId": "",
+		"setSig":       "",
+		"setScene":     "",
+		"setTocen":     "",
+		"formhash":     "",
+	}).Post("https://up.woozooo.com/mlogin.php")
+	if err != nil {
+		return nil, err
+	}
+	if utils.Json.Get(resp.Body(), "zt").ToInt() != 1 {
+		return nil, fmt.Errorf("login err: %s", resp.Body())
+	}
+	d.Cookie = CookieToString(resp.Cookies())
+	return resp.Cookies(), nil
+}
+
 /*
 通过cookie获取数据
 */
@ -451,21 +497,32 @@ func (d *LanZou) getFileRealInfo(downURL string) (*int64, *time.Time) {
 	return &size, &time
 }

-func (d *LanZou) getVei() (string, error) {
-	resp, err := d.get("https://pc.woozooo.com/mydisk.php", func(req *resty.Request) {
+func (d *LanZou) getVeiAndUid() (vei string, uid string, err error) {
+	var resp []byte
+	resp, err = d.get("https://pc.woozooo.com/mydisk.php", func(req *resty.Request) {
 		req.SetQueryParams(map[string]string{
 			"item":   "files",
 			"action": "index",
-			"u":      d.uid,
 		})
 	})
 	if err != nil {
-		return "", err
+		return
 	}
+	// uid
+	uids := regexp.MustCompile(`uid=([^'"&;]+)`).FindStringSubmatch(string(resp))
+	if len(uids) < 2 {
+		err = fmt.Errorf("uid variable not find")
+		return
+	}
+	uid = uids[1]
+
+	// vei
 	html := RemoveNotes(string(resp))
 	data, err := htmlJsonToMap(html)
 	if err != nil {
-		return "", err
+		return
 	}
-	return data["vei"], nil
+	vei = data["vei"]
+
+	return
 }
--- a/drivers/local/driver.go
+++ b/drivers/local/driver.go
@ -1,10 +1,11 @@
 package local

 import (
+	"bytes"
 	"context"
 	"errors"
 	"fmt"
-	"io"
+	"io/fs"
 	"net/http"
 	"os"
 	stdpath "path"
@ -80,36 +81,54 @@ func (d *Local) List(ctx context.Context, dir model.Obj, args model.ListArgs) ([
 		if !d.ShowHidden && strings.HasPrefix(f.Name(), ".") {
 			continue
 		}
-		thumb := ""
-		if d.Thumbnail {
-			typeName := utils.GetFileType(f.Name())
-			if typeName == conf.IMAGE || typeName == conf.VIDEO {
-				thumb = common.GetApiUrl(nil) + stdpath.Join("/d", args.ReqPath, f.Name())
-				thumb = utils.EncodePath(thumb, true)
-				thumb += "?type=thumb&sign=" + sign.Sign(stdpath.Join(args.ReqPath, f.Name()))
-			}
-		}
-		isFolder := f.IsDir() || isSymlinkDir(f, fullPath)
-		var size int64
-		if !isFolder {
-			size = f.Size()
-		}
-		file := model.ObjThumb{
-			Object: model.Object{
-				Path:     filepath.Join(dir.GetPath(), f.Name()),
-				Name:     f.Name(),
-				Modified: f.ModTime(),
-				Size:     size,
-				IsFolder: isFolder,
-			},
-			Thumbnail: model.Thumbnail{
-				Thumbnail: thumb,
-			},
-		}
-		files = append(files, &file)
+		file := d.FileInfoToObj(f, args.ReqPath, fullPath)
+		files = append(files, file)
 	}
 	return files, nil
 }
+func (d *Local) FileInfoToObj(f fs.FileInfo, reqPath string, fullPath string) model.Obj {
+	thumb := ""
+	if d.Thumbnail {
+		typeName := utils.GetFileType(f.Name())
+		if typeName == conf.IMAGE || typeName == conf.VIDEO {
+			thumb = common.GetApiUrl(nil) + stdpath.Join("/d", reqPath, f.Name())
+			thumb = utils.EncodePath(thumb, true)
+			thumb += "?type=thumb&sign=" + sign.Sign(stdpath.Join(reqPath, f.Name()))
+		}
+	}
+	isFolder := f.IsDir() || isSymlinkDir(f, fullPath)
+	var size int64
+	if !isFolder {
+		size = f.Size()
+	}
+	file := model.ObjThumb{
+		Object: model.Object{
+			Path:     filepath.Join(fullPath, f.Name()),
+			Name:     f.Name(),
+			Modified: f.ModTime(),
+			Size:     size,
+			IsFolder: isFolder,
+		},
+		Thumbnail: model.Thumbnail{
+			Thumbnail: thumb,
+		},
+	}
+	return &file
+
+}
+func (d *Local) GetMeta(ctx context.Context, path string) (model.Obj, error) {
+	f, err := os.Stat(path)
+	if err != nil {
+		return nil, err
+	}
+	file := d.FileInfoToObj(f, path, path)
+	//h := "123123"
+	//if s, ok := f.(model.SetHash); ok && file.GetHash() == ("","")  {
+	//	s.SetHash(h,"SHA1")
+	//}
+	return file, nil
+
+}

 func (d *Local) Get(ctx context.Context, path string) (model.Obj, error) {
 	path = filepath.Join(d.GetRootPath(), path)
@ -147,13 +166,21 @@ func (d *Local) Link(ctx context.Context, file model.Obj, args model.LinkArgs) (
 			"Content-Type": []string{"image/png"},
 		}
 		if thumbPath != nil {
-			link.FilePath = thumbPath
+			open, err := os.Open(*thumbPath)
+			if err != nil {
+				return nil, err
+			}
+			link.ReadSeekCloser = open
 		} else {
-			link.Data = io.NopCloser(buf)
-			link.Header.Set("Content-Length", strconv.Itoa(buf.Len()))
+			link.ReadSeekCloser = utils.ReadSeekerNopCloser(bytes.NewReader(buf.Bytes()))
+			//link.Header.Set("Content-Length", strconv.Itoa(buf.Len()))
 		}
 	} else {
-		link.FilePath = &fullPath
+		open, err := os.Open(fullPath)
+		if err != nil {
+			return nil, err
+		}
+		link.ReadSeekCloser = open
 	}
 	return &link, nil
 }
--- a/drivers/local/util.go
+++ b/drivers/local/util.go
@ -64,7 +64,7 @@ func readDir(dirname string) ([]fs.FileInfo, error) {
 func (d *Local) getThumb(file model.Obj) (*bytes.Buffer, *string, error) {
 	fullPath := file.GetPath()
 	thumbPrefix := "alist_thumb_"
-	thumbName := thumbPrefix + utils.GetMD5Encode(fullPath) + ".png"
+	thumbName := thumbPrefix + utils.GetMD5EncodeStr(fullPath) + ".png"
 	if d.ThumbCacheFolder != "" {
 		// skip if the file is a thumbnail
 		if strings.HasPrefix(file.GetName(), thumbPrefix) {
@ -91,7 +91,7 @@ func (d *Local) getThumb(file model.Obj) (*bytes.Buffer, *string, error) {
 		srcBuf = imgBuf
 	}

-	image, err := imaging.Decode(srcBuf)
+	image, err := imaging.Decode(srcBuf, imaging.AutoOrientation(true))
 	if err != nil {
 		return nil, nil, err
 	}
--- a/drivers/mediatrack/driver.go
+++ b/drivers/mediatrack/driver.go
@ -181,7 +181,7 @@ func (d *MediaTrack) Put(ctx context.Context, dstDir model.Obj, stream model.Fil
 	if err != nil {
 		return err
 	}
-	tempFile, err := utils.CreateTempFile(stream.GetReadCloser())
+	tempFile, err := utils.CreateTempFile(stream.GetReadCloser(), stream.GetSize())
 	if err != nil {
 		return err
 	}
--- a/drivers/mega/driver.go
+++ b/drivers/mega/driver.go
@ -4,7 +4,10 @@ import (
 	"context"
 	"errors"
 	"fmt"
+	"github.com/alist-org/alist/v3/pkg/http_range"
+	"github.com/rclone/rclone/lib/readers"
 	"io"
+	"time"

 	"github.com/alist-org/alist/v3/internal/driver"
 	"github.com/alist-org/alist/v3/internal/errs"
@ -64,51 +67,41 @@ func (d *Mega) GetRoot(ctx context.Context) (model.Obj, error) {

 func (d *Mega) Link(ctx context.Context, file model.Obj, args model.LinkArgs) (*model.Link, error) {
 	if node, ok := file.(*MegaNode); ok {
-		//link, err := d.c.Link(node.Node, true)
+
+		//down, err := d.c.NewDownload(node.Node)
 		//if err != nil {
-		//	return nil, err
+		//	return nil, fmt.Errorf("open download file failed: %w", err)
 		//}
-		//return &model.Link{URL: link}, nil
-		down, err := d.c.NewDownload(node.Node)
-		if err != nil {
-			return nil, err
-		}
-		//u := down.GetResourceUrl()
-		//u = strings.Replace(u, "http", "https", 1)
-		//return &model.Link{URL: u}, nil
-		r, w := io.Pipe()
-		go func() {
-			defer func() {
-				_ = recover()
-			}()
-			log.Debugf("chunk size: %d", down.Chunks())
-			var (
-				chunk []byte
-				err   error
-			)
-			for id := 0; id < down.Chunks(); id++ {
-				chunk, err = down.DownloadChunk(id)
-				if err != nil {
-					log.Errorf("mega down: %+v", err)
-					break
-				}
-				log.Debugf("id: %d,len: %d", id, len(chunk))
-				//_, _, err = down.ChunkLocation(id)
-				//if err != nil {
-				//	log.Errorf("mega down: %+v", err)
-				//	return
-				//}
-				//_, err = c.Write(chunk)
-				if _, err = w.Write(chunk); err != nil {
-					break
-				}
+
+		size := file.GetSize()
+		var finalClosers utils.Closers
+		resultRangeReader := func(httpRange http_range.Range) (io.ReadCloser, error) {
+			length := httpRange.Length
+			if httpRange.Length >= 0 && httpRange.Start+httpRange.Length >= size {
+				length = -1
 			}
-			err = w.CloseWithError(err)
+			var down *mega.Download
+			err := utils.Retry(3, time.Second, func() (err error) {
+				down, err = d.c.NewDownload(node.Node)
+				return err
+			})
 			if err != nil {
-				log.Errorf("mega down: %+v", err)
+				return nil, fmt.Errorf("open download file failed: %w", err)
 			}
-		}()
-		return &model.Link{Data: r}, nil
+			oo := &openObject{
+				ctx:  ctx,
+				d:    down,
+				skip: httpRange.Start,
+			}
+			finalClosers.Add(oo)
+
+			return readers.NewLimitedReadCloser(oo, length), nil
+		}
+		resultRangeReadCloser := &model.RangeReadCloser{RangeReader: resultRangeReader, Closers: &finalClosers}
+		resultLink := &model.Link{
+			RangeReadCloser: *resultRangeReadCloser,
+		}
+		return resultLink, nil
 	}
 	return nil, fmt.Errorf("unable to convert dir to mega node")
 }
--- a/drivers/mega/util.go
+++ b/drivers/mega/util.go
@ -1,3 +1,92 @@
 package mega

+import (
+	"context"
+	"fmt"
+	"github.com/alist-org/alist/v3/pkg/utils"
+	"github.com/t3rm1n4l/go-mega"
+	"io"
+	"sync"
+	"time"
+)
+
 // do others that not defined in Driver interface
+// openObject represents a download in progress
+type openObject struct {
+	ctx    context.Context
+	mu     sync.Mutex
+	d      *mega.Download
+	id     int
+	skip   int64
+	chunk  []byte
+	closed bool
+}
+
+// get the next chunk
+func (oo *openObject) getChunk(ctx context.Context) (err error) {
+	if oo.id >= oo.d.Chunks() {
+		return io.EOF
+	}
+	var chunk []byte
+	err = utils.Retry(3, time.Second, func() (err error) {
+		chunk, err = oo.d.DownloadChunk(oo.id)
+		return err
+	})
+	if err != nil {
+		return err
+	}
+	oo.id++
+	oo.chunk = chunk
+	return nil
+}
+
+// Read reads up to len(p) bytes into p.
+func (oo *openObject) Read(p []byte) (n int, err error) {
+	oo.mu.Lock()
+	defer oo.mu.Unlock()
+	if oo.closed {
+		return 0, fmt.Errorf("read on closed file")
+	}
+	// Skip data at the start if requested
+	for oo.skip > 0 {
+		_, size, err := oo.d.ChunkLocation(oo.id)
+		if err != nil {
+			return 0, err
+		}
+		if oo.skip < int64(size) {
+			break
+		}
+		oo.id++
+		oo.skip -= int64(size)
+	}
+	if len(oo.chunk) == 0 {
+		err = oo.getChunk(oo.ctx)
+		if err != nil {
+			return 0, err
+		}
+		if oo.skip > 0 {
+			oo.chunk = oo.chunk[oo.skip:]
+			oo.skip = 0
+		}
+	}
+	n = copy(p, oo.chunk)
+	oo.chunk = oo.chunk[n:]
+	return n, nil
+}
+
+// Close closed the file - MAC errors are reported here
+func (oo *openObject) Close() (err error) {
+	oo.mu.Lock()
+	defer oo.mu.Unlock()
+	if oo.closed {
+		return nil
+	}
+	err = utils.Retry(3, 500*time.Millisecond, func() (err error) {
+		return oo.d.Finish()
+	})
+	if err != nil {
+		return fmt.Errorf("failed to finish download: %w", err)
+	}
+	oo.closed = true
+	return nil
+}
--- a/drivers/mopan/driver.go
+++ b/drivers/mopan/driver.go
@ -0,0 +1,295 @@
+package mopan
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"io"
+	"net/http"
+	"os"
+	"time"
+
+	"github.com/alist-org/alist/v3/drivers/base"
+	"github.com/alist-org/alist/v3/internal/driver"
+	"github.com/alist-org/alist/v3/internal/model"
+	"github.com/alist-org/alist/v3/internal/op"
+	"github.com/alist-org/alist/v3/pkg/utils"
+	"github.com/avast/retry-go"
+	"github.com/foxxorcat/mopan-sdk-go"
+)
+
+type MoPan struct {
+	model.Storage
+	Addition
+	client *mopan.MoClient
+
+	userID string
+}
+
+func (d *MoPan) Config() driver.Config {
+	return config
+}
+
+func (d *MoPan) GetAddition() driver.Additional {
+	return &d.Addition
+}
+
+func (d *MoPan) Init(ctx context.Context) error {
+	login := func() error {
+		data, err := d.client.Login(d.Phone, d.Password)
+		if err != nil {
+			return err
+		}
+		d.client.SetAuthorization(data.Token)
+
+		info, err := d.client.GetUserInfo()
+		if err != nil {
+			return err
+		}
+		d.userID = info.UserID
+		return nil
+	}
+	d.client = mopan.NewMoClient().
+		SetRestyClient(base.RestyClient).
+		SetOnAuthorizationExpired(func(_ error) error {
+			err := login()
+			if err != nil {
+				d.Status = err.Error()
+				op.MustSaveDriverStorage(d)
+			}
+			return err
+		}).SetDeviceInfo(d.DeviceInfo)
+	d.DeviceInfo = d.client.GetDeviceInfo()
+	return login()
+}
+
+func (d *MoPan) Drop(ctx context.Context) error {
+	d.client = nil
+	d.userID = ""
+	return nil
+}
+
+func (d *MoPan) List(ctx context.Context, dir model.Obj, args model.ListArgs) ([]model.Obj, error) {
+	var files []model.Obj
+	for page := 1; ; page++ {
+		data, err := d.client.QueryFiles(dir.GetID(), page, mopan.WarpParamOption(
+			func(j mopan.Json) {
+				j["orderBy"] = d.OrderBy
+				j["descending"] = d.OrderDirection == "desc"
+			},
+			mopan.ParamOptionShareFile(d.CloudID),
+		))
+		if err != nil {
+			return nil, err
+		}
+
+		if len(data.FileListAO.FileList)+len(data.FileListAO.FolderList) == 0 {
+			break
+		}
+
+		files = append(files, utils.MustSliceConvert(data.FileListAO.FolderList, folderToObj)...)
+		files = append(files, utils.MustSliceConvert(data.FileListAO.FileList, fileToObj)...)
+	}
+	return files, nil
+}
+
+func (d *MoPan) Link(ctx context.Context, file model.Obj, args model.LinkArgs) (*model.Link, error) {
+	data, err := d.client.GetFileDownloadUrl(file.GetID(), mopan.WarpParamOption(mopan.ParamOptionShareFile(d.CloudID)))
+	if err != nil {
+		return nil, err
+	}
+
+	return &model.Link{
+		URL: data.DownloadUrl,
+	}, nil
+}
+
+func (d *MoPan) MakeDir(ctx context.Context, parentDir model.Obj, dirName string) (model.Obj, error) {
+	f, err := d.client.CreateFolder(dirName, parentDir.GetID(), mopan.WarpParamOption(
+		mopan.ParamOptionShareFile(d.CloudID),
+	))
+	if err != nil {
+		return nil, err
+	}
+	return folderToObj(*f), nil
+}
+
+func (d *MoPan) Move(ctx context.Context, srcObj, dstDir model.Obj) (model.Obj, error) {
+	return d.newTask(srcObj, dstDir, mopan.TASK_MOVE)
+}
+
+func (d *MoPan) Rename(ctx context.Context, srcObj model.Obj, newName string) (model.Obj, error) {
+	if srcObj.IsDir() {
+		_, err := d.client.RenameFolder(srcObj.GetID(), newName, mopan.WarpParamOption(
+			mopan.ParamOptionShareFile(d.CloudID),
+		))
+		if err != nil {
+			return nil, err
+		}
+	} else {
+		_, err := d.client.RenameFile(srcObj.GetID(), newName, mopan.WarpParamOption(
+			mopan.ParamOptionShareFile(d.CloudID),
+		))
+		if err != nil {
+			return nil, err
+		}
+	}
+	return CloneObj(srcObj, srcObj.GetID(), newName), nil
+}
+
+func (d *MoPan) Copy(ctx context.Context, srcObj, dstDir model.Obj) (model.Obj, error) {
+	return d.newTask(srcObj, dstDir, mopan.TASK_COPY)
+}
+
+func (d *MoPan) newTask(srcObj, dstDir model.Obj, taskType mopan.TaskType) (model.Obj, error) {
+	param := mopan.TaskParam{
+		UserOrCloudID:       d.userID,
+		Source:              1,
+		TaskType:            taskType,
+		TargetSource:        1,
+		TargetUserOrCloudID: d.userID,
+		TargetType:          1,
+		TargetFolderID:      dstDir.GetID(),
+		TaskStatusDetailDTOList: []mopan.TaskFileParam{
+			{
+				FileID:   srcObj.GetID(),
+				IsFolder: srcObj.IsDir(),
+				FileName: srcObj.GetName(),
+			},
+		},
+	}
+	if d.CloudID != "" {
+		param.UserOrCloudID = d.CloudID
+		param.Source = 2
+		param.TargetSource = 2
+		param.TargetUserOrCloudID = d.CloudID
+	}
+
+	task, err := d.client.AddBatchTask(param)
+	if err != nil {
+		return nil, err
+	}
+
+	for count := 0; count < 5; count++ {
+		stat, err := d.client.CheckBatchTask(mopan.TaskCheckParam{
+			TaskId:              task.TaskIDList[0],
+			TaskType:            task.TaskType,
+			TargetType:          1,
+			TargetFolderID:      task.TargetFolderID,
+			TargetSource:        param.TargetSource,
+			TargetUserOrCloudID: param.TargetUserOrCloudID,
+		})
+		if err != nil {
+			return nil, err
+		}
+
+		switch stat.TaskStatus {
+		case 2:
+			if err := d.client.CancelBatchTask(stat.TaskID, task.TaskType); err != nil {
+				return nil, err
+			}
+			return nil, errors.New("file name conflict")
+		case 4:
+			if task.TaskType == mopan.TASK_MOVE {
+				return CloneObj(srcObj, srcObj.GetID(), srcObj.GetName()), nil
+			}
+			return CloneObj(srcObj, stat.SuccessedFileIDList[0], srcObj.GetName()), nil
+		}
+		time.Sleep(time.Second)
+	}
+	return nil, nil
+}
+
+func (d *MoPan) Remove(ctx context.Context, obj model.Obj) error {
+	_, err := d.client.DeleteToRecycle([]mopan.TaskFileParam{
+		{
+			FileID:   obj.GetID(),
+			IsFolder: obj.IsDir(),
+			FileName: obj.GetName(),
+		},
+	}, mopan.WarpParamOption(mopan.ParamOptionShareFile(d.CloudID)))
+	return err
+}
+
+func (d *MoPan) Put(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) (model.Obj, error) {
+	file, err := utils.CreateTempFile(stream, stream.GetSize())
+	if err != nil {
+		return nil, err
+	}
+	defer func() {
+		_ = file.Close()
+		_ = os.Remove(file.Name())
+	}()
+
+	initUpdload, err := d.client.InitMultiUpload(ctx, mopan.UpdloadFileParam{
+		ParentFolderId: dstDir.GetID(),
+		FileName:       stream.GetName(),
+		FileSize:       stream.GetSize(),
+		File:           file,
+	}, mopan.WarpParamOption(
+		mopan.ParamOptionShareFile(d.CloudID),
+	))
+	if err != nil {
+		return nil, err
+	}
+
+	if !initUpdload.FileDataExists {
+		parts, err := d.client.GetAllMultiUploadUrls(initUpdload.UploadFileID, initUpdload.PartInfo)
+		if err != nil {
+			return nil, err
+		}
+		d.client.CloudDiskStartBusiness()
+		for i, part := range parts {
+			if utils.IsCanceled(ctx) {
+				return nil, ctx.Err()
+			}
+
+			err := retry.Do(func() error {
+				if _, err := file.Seek(int64(part.PartNumber-1)*int64(initUpdload.PartSize), io.SeekStart); err != nil {
+					return retry.Unrecoverable(err)
+				}
+
+				req, err := part.NewRequest(ctx, io.LimitReader(file, int64(initUpdload.PartSize)))
+				if err != nil {
+					return err
+				}
+
+				resp, err := base.HttpClient.Do(req)
+				if err != nil {
+					return err
+				}
+
+				if resp.StatusCode != http.StatusOK {
+					return fmt.Errorf("upload err,code=%d", resp.StatusCode)
+				}
+				return nil
+			},
+				retry.Context(ctx),
+				retry.Attempts(3),
+				retry.Delay(time.Second),
+				retry.MaxDelay(5*time.Second))
+			if err != nil {
+				return nil, err
+			}
+			up(100 * (i + 1) / len(parts))
+		}
+	}
+	uFile, err := d.client.CommitMultiUploadFile(initUpdload.UploadFileID, nil)
+	if err != nil {
+		return nil, err
+	}
+	return &model.Object{
+		ID:       uFile.UserFileID,
+		Name:     uFile.FileName,
+		Size:     int64(uFile.FileSize),
+		Modified: time.Time(uFile.CreateDate),
+	}, nil
+}
+
+var _ driver.Driver = (*MoPan)(nil)
+var _ driver.MkdirResult = (*MoPan)(nil)
+var _ driver.MoveResult = (*MoPan)(nil)
+var _ driver.RenameResult = (*MoPan)(nil)
+var _ driver.Remove = (*MoPan)(nil)
+var _ driver.CopyResult = (*MoPan)(nil)
+var _ driver.PutResult = (*MoPan)(nil)
--- a/drivers/mopan/meta.go
+++ b/drivers/mopan/meta.go
@ -0,0 +1,37 @@
+package mopan
+
+import (
+	"github.com/alist-org/alist/v3/internal/driver"
+	"github.com/alist-org/alist/v3/internal/op"
+)
+
+type Addition struct {
+	Phone    string `json:"phone" required:"true"`
+	Password string `json:"password" required:"true"`
+
+	RootFolderID string `json:"root_folder_id" default:"-11" required:"true" help:"be careful when using the -11 value, some operations may cause system errors"`
+
+	CloudID string `json:"cloud_id"`
+
+	OrderBy        string `json:"order_by" type:"select" options:"filename,filesize,lastOpTime" default:"filename"`
+	OrderDirection string `json:"order_direction" type:"select" options:"asc,desc" default:"asc"`
+
+	DeviceInfo string `json:"device_info"`
+}
+
+func (a *Addition) GetRootId() string {
+	return a.RootFolderID
+}
+
+var config = driver.Config{
+	Name:        "MoPan",
+	// DefaultRoot: "root, / or other",
+	CheckStatus: true,
+	Alert:       "warning|This network disk may store your password in clear text. Please set your password carefully",
+}
+
+func init() {
+	op.RegisterDriver(func() driver.Driver {
+		return &MoPan{}
+	})
+}
--- a/drivers/mopan/types.go
+++ b/drivers/mopan/types.go
@ -0,0 +1 @@
+package mopan
--- a/drivers/mopan/util.go
+++ b/drivers/mopan/util.go
@ -0,0 +1,58 @@
+package mopan
+
+import (
+	"time"
+
+	"github.com/alist-org/alist/v3/internal/model"
+	"github.com/foxxorcat/mopan-sdk-go"
+)
+
+func fileToObj(f mopan.File) model.Obj {
+	return &model.ObjThumb{
+		Object: model.Object{
+			ID:       string(f.ID),
+			Name:     f.Name,
+			Size:     int64(f.Size),
+			Modified: time.Time(f.LastOpTime),
+		},
+		Thumbnail: model.Thumbnail{
+			Thumbnail: f.Icon.SmallURL,
+		},
+	}
+}
+
+func folderToObj(f mopan.Folder) model.Obj {
+	return &model.Object{
+		ID:       string(f.ID),
+		Name:     f.Name,
+		Modified: time.Time(f.LastOpTime),
+		IsFolder: true,
+	}
+}
+
+func CloneObj(o model.Obj, newID, newName string) model.Obj {
+	if o.IsDir() {
+		return &model.Object{
+			ID:       newID,
+			Name:     newName,
+			IsFolder: true,
+			Modified: o.ModTime(),
+		}
+	}
+
+	thumb := ""
+	if o, ok := o.(model.Thumb); ok {
+		thumb = o.Thumb()
+	}
+	return &model.ObjThumb{
+		Object: model.Object{
+			ID:       newID,
+			Name:     newName,
+			Size:     o.GetSize(),
+			Modified: o.ModTime(),
+		},
+		Thumbnail: model.Thumbnail{
+			Thumbnail: thumb,
+		},
+	}
+}
--- a/drivers/pikpak/driver.go
+++ b/drivers/pikpak/driver.go
@ -2,8 +2,6 @@ package pikpak

 import (
 	"context"
-	"crypto/sha1"
-	"encoding/hex"
 	"fmt"
 	"io"
 	"net/http"
@ -19,7 +17,6 @@ import (
 	"github.com/aws/aws-sdk-go/aws/session"
 	"github.com/aws/aws-sdk-go/service/s3/s3manager"
 	"github.com/go-resty/resty/v2"
-	jsoniter "github.com/json-iterator/go"
 	log "github.com/sirupsen/logrus"
 )

@ -66,7 +63,7 @@ func (d *PikPak) Link(ctx context.Context, file model.Obj, args model.LinkArgs)
 	link := model.Link{
 		URL: resp.WebContentLink,
 	}
-	if len(resp.Medias) > 0 && resp.Medias[0].Link.Url != "" {
+	if !d.DisableMediaLink && len(resp.Medias) > 0 && resp.Medias[0].Link.Url != "" {
 		log.Debugln("use media link")
 		link.URL = resp.Medias[0].Link.Url
 	}
@ -127,7 +124,7 @@ func (d *PikPak) Remove(ctx context.Context, obj model.Obj) error {
 }

 func (d *PikPak) Put(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) error {
-	tempFile, err := utils.CreateTempFile(stream.GetReadCloser())
+	tempFile, err := utils.CreateTempFile(stream.GetReadCloser(), stream.GetSize())
 	if err != nil {
 		return err
 	}
@ -135,9 +132,8 @@ func (d *PikPak) Put(ctx context.Context, dstDir model.Obj, stream model.FileStr
 		_ = tempFile.Close()
 		_ = os.Remove(tempFile.Name())
 	}()
-	// cal sha1
-	s := sha1.New()
-	_, err = io.Copy(s, tempFile)
+	// cal gcid
+	sha1Str, err := getGcid(tempFile, stream.GetSize())
 	if err != nil {
 		return err
 	}
@ -145,37 +141,33 @@ func (d *PikPak) Put(ctx context.Context, dstDir model.Obj, stream model.FileStr
 	if err != nil {
 		return err
 	}
-	sha1Str := hex.EncodeToString(s.Sum(nil))
-	data := base.Json{
-		"kind":        "drive#file",
-		"name":        stream.GetName(),
-		"size":        stream.GetSize(),
-		"hash":        strings.ToUpper(sha1Str),
-		"upload_type": "UPLOAD_TYPE_RESUMABLE",
-		"objProvider": base.Json{"provider": "UPLOAD_TYPE_UNKNOWN"},
-		"parent_id":   dstDir.GetID(),
-	}
+	var resp UploadTaskData
 	res, err := d.request("https://api-drive.mypikpak.com/drive/v1/files", http.MethodPost, func(req *resty.Request) {
-		req.SetBody(data)
-	}, nil)
+		req.SetBody(base.Json{
+			"kind":        "drive#file",
+			"name":        stream.GetName(),
+			"size":        stream.GetSize(),
+			"hash":        strings.ToUpper(sha1Str),
+			"upload_type": "UPLOAD_TYPE_RESUMABLE",
+			"objProvider": base.Json{"provider": "UPLOAD_TYPE_UNKNOWN"},
+			"parent_id":   dstDir.GetID(),
+			"folder_type": "NORMAL",
+		})
+	}, &resp)
 	if err != nil {
 		return err
 	}
-	if stream.GetSize() == 0 {
+
+	// 秒传成功
+	if resp.Resumable == nil {
 		log.Debugln(string(res))
 		return nil
 	}
-	params := jsoniter.Get(res, "resumable").Get("params")
-	endpoint := params.Get("endpoint").ToString()
-	endpointS := strings.Split(endpoint, ".")
-	endpoint = strings.Join(endpointS[1:], ".")
-	accessKeyId := params.Get("access_key_id").ToString()
-	accessKeySecret := params.Get("access_key_secret").ToString()
-	securityToken := params.Get("security_token").ToString()
-	key := params.Get("key").ToString()
-	bucket := params.Get("bucket").ToString()
+
+	params := resp.Resumable.Params
+	endpoint := strings.Join(strings.Split(params.Endpoint, ".")[1:], ".")
 	cfg := &aws.Config{
-		Credentials: credentials.NewStaticCredentials(accessKeyId, accessKeySecret, securityToken),
+		Credentials: credentials.NewStaticCredentials(params.AccessKeyID, params.AccessKeySecret, params.SecurityToken),
 		Region:      aws.String("pikpak"),
 		Endpoint:    &endpoint,
 	}
@ -185,8 +177,8 @@ func (d *PikPak) Put(ctx context.Context, dstDir model.Obj, stream model.FileStr
 	}
 	uploader := s3manager.NewUploader(ss)
 	input := &s3manager.UploadInput{
-		Bucket: &bucket,
-		Key:    &key,
+		Bucket: &params.Bucket,
+		Key:    &params.Key,
 		Body:   tempFile,
 	}
 	_, err = uploader.UploadWithContext(ctx, input)
--- a/drivers/pikpak/meta.go
+++ b/drivers/pikpak/meta.go
@ -7,8 +7,9 @@ import (

 type Addition struct {
 	driver.RootID
-	Username string `json:"username" required:"true"`
-	Password string `json:"password" required:"true"`
+	Username         string `json:"username" required:"true"`
+	Password         string `json:"password" required:"true"`
+	DisableMediaLink bool   `json:"disable_media_link"`
 }

 var config = driver.Config{
--- a/drivers/pikpak/types.go
+++ b/drivers/pikpak/types.go
@ -73,3 +73,23 @@ type Media struct {
 	IsVisible      bool          `json:"is_visible"`
 	Category       string        `json:"category"`
 }
+
+type UploadTaskData struct {
+	UploadType string `json:"upload_type"`
+	//UPLOAD_TYPE_RESUMABLE
+	Resumable *struct {
+		Kind   string `json:"kind"`
+		Params struct {
+			AccessKeyID     string    `json:"access_key_id"`
+			AccessKeySecret string    `json:"access_key_secret"`
+			Bucket          string    `json:"bucket"`
+			Endpoint        string    `json:"endpoint"`
+			Expiration      time.Time `json:"expiration"`
+			Key             string    `json:"key"`
+			SecurityToken   string    `json:"security_token"`
+		} `json:"params"`
+		Provider string `json:"provider"`
+	} `json:"resumable"`
+
+	File File `json:"file"`
+}
--- a/drivers/pikpak/util.go
+++ b/drivers/pikpak/util.go
@ -1,7 +1,10 @@
 package pikpak

 import (
+	"crypto/sha1"
+	"encoding/hex"
 	"errors"
+	"io"
 	"net/http"

 	"github.com/alist-org/alist/v3/drivers/base"
@ -123,3 +126,28 @@ func (d *PikPak) getFiles(id string) ([]File, error) {
 	}
 	return res, nil
 }
+
+func getGcid(r io.Reader, size int64) (string, error) {
+	calcBlockSize := func(j int64) int64 {
+		var psize int64 = 0x40000
+		for float64(j)/float64(psize) > 0x200 && psize < 0x200000 {
+			psize = psize << 1
+		}
+		return psize
+	}
+
+	hash1 := sha1.New()
+	hash2 := sha1.New()
+	readSize := calcBlockSize(size)
+	for {
+		hash2.Reset()
+		if n, err := io.CopyN(hash2, r, readSize); err != nil && n == 0 {
+			if err != io.EOF {
+				return "", err
+			}
+			break
+		}
+		hash1.Write(hash2.Sum(nil))
+	}
+	return hex.EncodeToString(hash1.Sum(nil)), nil
+}
--- a/drivers/quark_uc/driver.go
+++ b/drivers/quark_uc/driver.go
@ -5,18 +5,15 @@ import (
 	"crypto/md5"
 	"crypto/sha1"
 	"encoding/hex"
-	"fmt"
 	"io"
 	"net/http"
 	"os"
-	"strconv"
 	"time"

 	"github.com/alist-org/alist/v3/drivers/base"
 	"github.com/alist-org/alist/v3/internal/driver"
 	"github.com/alist-org/alist/v3/internal/errs"
 	"github.com/alist-org/alist/v3/internal/model"
-	"github.com/alist-org/alist/v3/pkg/http_range"
 	"github.com/alist-org/alist/v3/pkg/utils"
 	"github.com/go-resty/resty/v2"
 	log "github.com/sirupsen/logrus"
@ -69,62 +66,17 @@ func (d *QuarkOrUC) Link(ctx context.Context, file model.Obj, args model.LinkArg
 	if err != nil {
 		return nil, err
 	}
-	u := resp.Data[0].DownloadUrl
-	start, end := int64(0), file.GetSize()
-	link := model.Link{
-		Header: http.Header{},
-	}
-	if rg := args.Header.Get("Range"); rg != "" {
-		parseRange, err := http_range.ParseRange(rg, file.GetSize())
-		if err != nil {
-			return nil, err
-		}
-		start, end = parseRange[0].Start, parseRange[0].Start+parseRange[0].Length
-		link.Header.Set("Content-Range", parseRange[0].ContentRange(file.GetSize()))
-		link.Header.Set("Content-Length", strconv.FormatInt(parseRange[0].Length, 10))
-		link.Status = http.StatusPartialContent
-	} else {
-		link.Header.Set("Content-Length", strconv.FormatInt(file.GetSize(), 10))
-		link.Status = http.StatusOK
-	}
-	link.Writer = func(w io.Writer) error {
-		// request 10 MB at a time
-		chunkSize := int64(10 * 1024 * 1024)
-		for start < end {
-			_end := start + chunkSize
-			if _end > end {
-				_end = end
-			}
-			_range := "bytes=" + strconv.FormatInt(start, 10) + "-" + strconv.FormatInt(_end-1, 10)
-			start = _end
-			err = func() error {
-				req, err := http.NewRequest(http.MethodGet, u, nil)
-				if err != nil {
-					return err
-				}
-				req.Header.Set("Range", _range)
-				req.Header.Set("User-Agent", ua)
-				req.Header.Set("Cookie", d.Cookie)
-				req.Header.Set("Referer", d.conf.referer)
-				resp, err := base.HttpClient.Do(req)
-				if err != nil {
-					return err
-				}
-				defer resp.Body.Close()
-				if resp.StatusCode != http.StatusPartialContent {
-					return fmt.Errorf("unexpected status code: %d", resp.StatusCode)
-				}
-				_, err = io.Copy(w, resp.Body)
-				return err
-			}()
-			if err != nil {
-				return err
-			}

-		}
-		return nil
-	}
-	return &link, nil
+	return &model.Link{
+		URL: resp.Data[0].DownloadUrl,
+		Header: http.Header{
+			"Cookie":     []string{d.Cookie},
+			"Referer":    []string{d.conf.referer},
+			"User-Agent": []string{ua},
+		},
+		Concurrency: 2,
+		PartSize:    10 * 1024 * 1024,
+	}, nil
 }

 func (d *QuarkOrUC) MakeDir(ctx context.Context, parentDir model.Obj, dirName string) error {
@ -184,7 +136,7 @@ func (d *QuarkOrUC) Remove(ctx context.Context, obj model.Obj) error {
 }

 func (d *QuarkOrUC) Put(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) error {
-	tempFile, err := utils.CreateTempFile(stream.GetReadCloser())
+	tempFile, err := utils.CreateTempFile(stream.GetReadCloser(), stream.GetSize())
 	if err != nil {
 		return err
 	}
--- a/drivers/s3/driver.go
+++ b/drivers/s3/driver.go
@ -53,15 +53,18 @@ func (d *S3) Drop(ctx context.Context) error {

 func (d *S3) List(ctx context.Context, dir model.Obj, args model.ListArgs) ([]model.Obj, error) {
 	if d.ListObjectVersion == "v2" {
-		return d.listV2(dir.GetPath())
+		return d.listV2(dir.GetPath(), args)
 	}
-	return d.listV1(dir.GetPath())
+	return d.listV1(dir.GetPath(), args)
 }

 func (d *S3) Link(ctx context.Context, file model.Obj, args model.LinkArgs) (*model.Link, error) {
 	path := getKey(file.GetPath(), false)
 	filename := stdpath.Base(path)
-	disposition := fmt.Sprintf(`attachment; filename="%s"; filename*=UTF-8''%s`, filename, url.PathEscape(filename))
+	disposition := fmt.Sprintf(`attachment; filename*=UTF-8''%s`, url.PathEscape(filename))
+	if d.AddFilenameToDisposition {
+		disposition = fmt.Sprintf(`attachment; filename="%s"; filename*=UTF-8''%s`, filename, url.PathEscape(filename))
+	}
 	input := &s3.GetObjectInput{
 		Bucket: &d.Bucket,
 		Key:    &path,
--- a/drivers/s3/meta.go
+++ b/drivers/s3/meta.go
@ -7,17 +7,19 @@ import (

 type Addition struct {
 	driver.RootPath
-	Bucket            string `json:"bucket" required:"true"`
-	Endpoint          string `json:"endpoint" required:"true"`
-	Region            string `json:"region"`
-	AccessKeyID       string `json:"access_key_id" required:"true"`
-	SecretAccessKey   string `json:"secret_access_key" required:"true"`
-	CustomHost        string `json:"custom_host"`
-	SignURLExpire     int    `json:"sign_url_expire" type:"number" default:"4"`
-	Placeholder       string `json:"placeholder"`
-	ForcePathStyle    bool   `json:"force_path_style"`
-	ListObjectVersion string `json:"list_object_version" type:"select" options:"v1,v2" default:"v1"`
-	RemoveBucket      bool   `json:"remove_bucket" help:"Remove bucket name from path when using custom host."`
+	Bucket                   string `json:"bucket" required:"true"`
+	Endpoint                 string `json:"endpoint" required:"true"`
+	Region                   string `json:"region"`
+	AccessKeyID              string `json:"access_key_id" required:"true"`
+	SecretAccessKey          string `json:"secret_access_key" required:"true"`
+	SessionToken             string `json:"session_token"`
+	CustomHost               string `json:"custom_host"`
+	SignURLExpire            int    `json:"sign_url_expire" type:"number" default:"4"`
+	Placeholder              string `json:"placeholder"`
+	ForcePathStyle           bool   `json:"force_path_style"`
+	ListObjectVersion        string `json:"list_object_version" type:"select" options:"v1,v2" default:"v1"`
+	RemoveBucket             bool   `json:"remove_bucket" help:"Remove bucket name from path when using custom host."`
+	AddFilenameToDisposition bool   `json:"add_filename_to_disposition" help:"Add filename to Content-Disposition header."`
 }

 var config = driver.Config{
--- a/drivers/s3/util.go
+++ b/drivers/s3/util.go
@ -22,7 +22,7 @@ import (

 func (d *S3) initSession() error {
 	cfg := &aws.Config{
-		Credentials:      credentials.NewStaticCredentials(d.AccessKeyID, d.SecretAccessKey, ""),
+		Credentials:      credentials.NewStaticCredentials(d.AccessKeyID, d.SecretAccessKey, d.SessionToken),
 		Region:           &d.Region,
 		Endpoint:         &d.Endpoint,
 		S3ForcePathStyle: aws.Bool(d.ForcePathStyle),
@ -69,7 +69,7 @@ func getPlaceholderName(placeholder string) string {
 	return placeholder
 }

-func (d *S3) listV1(prefix string) ([]model.Obj, error) {
+func (d *S3) listV1(prefix string, args model.ListArgs) ([]model.Obj, error) {
 	prefix = getKey(prefix, true)
 	log.Debugf("list: %s", prefix)
 	files := make([]model.Obj, 0)
@ -97,7 +97,7 @@ func (d *S3) listV1(prefix string) ([]model.Obj, error) {
 		}
 		for _, object := range listObjectsResult.Contents {
 			name := path.Base(*object.Key)
-			if name == getPlaceholderName(d.Placeholder) || name == d.Placeholder {
+			if !args.S3ShowPlaceholder && (name == getPlaceholderName(d.Placeholder) || name == d.Placeholder) {
 				continue
 			}
 			file := model.Object{
@ -120,7 +120,7 @@ func (d *S3) listV1(prefix string) ([]model.Obj, error) {
 	return files, nil
 }

-func (d *S3) listV2(prefix string) ([]model.Obj, error) {
+func (d *S3) listV2(prefix string, args model.ListArgs) ([]model.Obj, error) {
 	prefix = getKey(prefix, true)
 	files := make([]model.Obj, 0)
 	var continuationToken, startAfter *string
@ -152,7 +152,7 @@ func (d *S3) listV2(prefix string) ([]model.Obj, error) {
 				continue
 			}
 			name := path.Base(*object.Key)
-			if name == getPlaceholderName(d.Placeholder) || name == d.Placeholder {
+			if !args.S3ShowPlaceholder && (name == getPlaceholderName(d.Placeholder) || name == d.Placeholder) {
 				continue
 			}
 			file := model.Object{
@ -198,7 +198,7 @@ func (d *S3) copyFile(ctx context.Context, src string, dst string) error {
 }

 func (d *S3) copyDir(ctx context.Context, src string, dst string) error {
-	objs, err := op.List(ctx, d, src, model.ListArgs{})
+	objs, err := op.List(ctx, d, src, model.ListArgs{S3ShowPlaceholder: true})
 	if err != nil {
 		return err
 	}
--- a/drivers/sftp/driver.go
+++ b/drivers/sftp/driver.go
@ -5,12 +5,12 @@ import (
 	"os"
 	"path"

-	"github.com/alist-org/alist/v3/drivers/base"
 	"github.com/alist-org/alist/v3/internal/driver"
 	"github.com/alist-org/alist/v3/internal/errs"
 	"github.com/alist-org/alist/v3/internal/model"
 	"github.com/alist-org/alist/v3/pkg/utils"
 	"github.com/pkg/sftp"
+	log "github.com/sirupsen/logrus"
 )

 type SFTP struct {
@ -39,13 +39,15 @@ func (d *SFTP) Drop(ctx context.Context) error {
 }

 func (d *SFTP) List(ctx context.Context, dir model.Obj, args model.ListArgs) ([]model.Obj, error) {
+	log.Debugf("[sftp] list dir: %s", dir.GetPath())
 	files, err := d.client.ReadDir(dir.GetPath())
 	if err != nil {
 		return nil, err
 	}
-	return utils.SliceConvert(files, func(src os.FileInfo) (model.Obj, error) {
-		return fileToObj(src), nil
+	objs, err := utils.SliceConvert(files, func(src os.FileInfo) (model.Obj, error) {
+		return d.fileToObj(src, dir.GetPath())
 	})
+	return objs, err
 }

 func (d *SFTP) Link(ctx context.Context, file model.Obj, args model.LinkArgs) (*model.Link, error) {
@ -54,9 +56,8 @@ func (d *SFTP) Link(ctx context.Context, file model.Obj, args model.LinkArgs) (*
 		return nil, err
 	}
 	link := &model.Link{
-		Data: remoteFile,
+		ReadSeekCloser: remoteFile,
 	}
-	base.HandleRange(link, remoteFile, args.Header, file.GetSize())
 	return link, nil
 }

--- a/drivers/sftp/types.go
+++ b/drivers/sftp/types.go
@ -2,15 +2,44 @@ package sftp

 import (
 	"os"
+	stdpath "path"
+	"strings"

 	"github.com/alist-org/alist/v3/internal/model"
+	log "github.com/sirupsen/logrus"
 )

-func fileToObj(f os.FileInfo) model.Obj {
-	return &model.Object{
-		Name:     f.Name(),
-		Size:     f.Size(),
-		Modified: f.ModTime(),
-		IsFolder: f.IsDir(),
+func (d *SFTP) fileToObj(f os.FileInfo, dir string) (model.Obj, error) {
+	symlink := f.Mode()&os.ModeSymlink != 0
+	if !symlink {
+		return &model.Object{
+			Name:     f.Name(),
+			Size:     f.Size(),
+			Modified: f.ModTime(),
+			IsFolder: f.IsDir(),
+		}, nil
 	}
+	path := stdpath.Join(dir, f.Name())
+	// set target path
+	target, err := d.client.ReadLink(path)
+	if err != nil {
+		return nil, err
+	}
+	if !strings.HasPrefix(target, "/") {
+		target = stdpath.Join(dir, target)
+	}
+	_f, err := d.client.Stat(target)
+	if err != nil {
+		return nil, err
+	}
+	// set basic info
+	obj := &model.Object{
+		Name:     f.Name(),
+		Size:     _f.Size(),
+		Modified: _f.ModTime(),
+		IsFolder: _f.IsDir(),
+		Path:     target,
+	}
+	log.Debugf("[sftp] obj: %+v, is symlink: %v", obj, symlink)
+	return obj, nil
 }
--- a/drivers/smb/driver.go
+++ b/drivers/smb/driver.go
@ -6,7 +6,6 @@ import (
 	"path/filepath"
 	"strings"

-	"github.com/alist-org/alist/v3/drivers/base"
 	"github.com/alist-org/alist/v3/internal/driver"
 	"github.com/alist-org/alist/v3/internal/model"
 	"github.com/alist-org/alist/v3/pkg/utils"
@ -80,9 +79,8 @@ func (d *SMB) Link(ctx context.Context, file model.Obj, args model.LinkArgs) (*m
 		return nil, err
 	}
 	link := &model.Link{
-		Data: remoteFile,
+		ReadSeekCloser: remoteFile,
 	}
-	base.HandleRange(link, remoteFile, args.Header, file.GetSize())
 	d.updateLastConnTime()
 	return link, nil
 }
--- a/drivers/terabox/driver.go
+++ b/drivers/terabox/driver.go
@ -116,7 +116,7 @@ func (d *Terabox) Remove(ctx context.Context, obj model.Obj) error {
 }

 func (d *Terabox) Put(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) error {
-	tempFile, err := utils.CreateTempFile(stream.GetReadCloser())
+	tempFile, err := utils.CreateTempFile(stream.GetReadCloser(), stream.GetSize())
 	if err != nil {
 		return err
 	}
--- a/drivers/terabox/util.go
+++ b/drivers/terabox/util.go
@ -3,15 +3,16 @@ package terbox
 import (
 	"encoding/base64"
 	"fmt"
-	"github.com/alist-org/alist/v3/drivers/base"
-	"github.com/alist-org/alist/v3/internal/model"
-	"github.com/alist-org/alist/v3/pkg/utils"
-	"github.com/go-resty/resty/v2"
 	"net/http"
 	"net/url"
 	"strconv"
 	"strings"
 	"time"
+
+	"github.com/alist-org/alist/v3/drivers/base"
+	"github.com/alist-org/alist/v3/internal/model"
+	"github.com/alist-org/alist/v3/pkg/utils"
+	"github.com/go-resty/resty/v2"
 )

 func (d *Terabox) request(furl string, method string, callback base.ReqCallback, resp interface{}) ([]byte, error) {
@ -139,6 +140,11 @@ func (d *Terabox) linkOfficial(file model.Obj, args model.LinkArgs) (*model.Link
 	if err != nil {
 		return nil, err
 	}
+
+	if len(resp.Dlink) == 0 {
+		return nil, fmt.Errorf("fid %s no dlink found, errno: %d", file.GetID(), resp.Errno)
+	}
+
 	res, err := base.NoRedirectClient.R().SetHeader("Cookie", d.Cookie).SetHeader("User-Agent", base.UserAgent).Get(resp.Dlink[0].Dlink)
 	if err != nil {
 		return nil, err
--- a/drivers/thunder/driver.go
+++ b/drivers/thunder/driver.go
@ -3,7 +3,9 @@ package thunder
 import (
 	"context"
 	"fmt"
+	"io"
 	"net/http"
+	"os"
 	"strings"

 	"github.com/alist-org/alist/v3/drivers/base"
@ -54,7 +56,7 @@ func (x *Thunder) Init(ctx context.Context) (err error) {
 					"j",
 					"4scKJNdd7F27Hv7tbt",
 				},
-				DeviceID:          utils.GetMD5Encode(x.Username + x.Password),
+				DeviceID:          utils.GetMD5EncodeStr(x.Username + x.Password),
 				ClientID:          "Xp6vsxz_7IYVw2BB",
 				ClientSecret:      "Xp6vsy4tN9toTVdMSpomVdXpRmES",
 				ClientVersion:     "7.51.0.8196",
@ -135,7 +137,7 @@ func (x *ThunderExpert) Init(ctx context.Context) (err error) {

 				DeviceID: func() string {
 					if len(x.DeviceID) != 32 {
-						return utils.GetMD5Encode(x.DeviceID)
+						return utils.GetMD5EncodeStr(x.DeviceID)
 					}
 					return x.DeviceID
 				}(),
@ -331,15 +333,32 @@ func (xc *XunLeiCommon) Remove(ctx context.Context, obj model.Obj) error {
 }

 func (xc *XunLeiCommon) Put(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) error {
+	tempFile, err := utils.CreateTempFile(stream.GetReadCloser(), stream.GetSize())
+	if err != nil {
+		return err
+	}
+	defer func() {
+		_ = tempFile.Close()
+		_ = os.Remove(tempFile.Name())
+	}()
+
+	gcid, err := getGcid(tempFile, stream.GetSize())
+	if err != nil {
+		return err
+	}
+	if _, err := tempFile.Seek(0, io.SeekStart); err != nil {
+		return err
+	}
+
 	var resp UploadTaskResponse
-	_, err := xc.Request(FILE_API_URL, http.MethodPost, func(r *resty.Request) {
+	_, err = xc.Request(FILE_API_URL, http.MethodPost, func(r *resty.Request) {
 		r.SetContext(ctx)
 		r.SetBody(&base.Json{
 			"kind":        FILE,
 			"parent_id":   dstDir.GetID(),
 			"name":        stream.GetName(),
 			"size":        stream.GetSize(),
-			"hash":        "1CF254FBC456E1B012CD45C546636AA62CF8350E",
+			"hash":        gcid,
 			"upload_type": UPLOAD_TYPE_RESUMABLE,
 		})
 	}, &resp)
@ -362,7 +381,7 @@ func (xc *XunLeiCommon) Put(ctx context.Context, dstDir model.Obj, stream model.
 			Bucket:  aws.String(param.Bucket),
 			Key:     aws.String(param.Key),
 			Expires: aws.Time(param.Expiration),
-			Body:    stream,
+			Body:    tempFile,
 		})
 		return err
 	}
--- a/drivers/thunder/meta.go
+++ b/drivers/thunder/meta.go
@ -78,7 +78,7 @@ type Addition struct {

 // 登录特征,用于判断是否重新登录
 func (i *Addition) GetIdentity() string {
-	return utils.GetMD5Encode(i.Username + i.Password)
+	return utils.GetMD5EncodeStr(i.Username + i.Password)
 }

 var config = driver.Config{
--- a/drivers/thunder/util.go
+++ b/drivers/thunder/util.go
@ -1,7 +1,10 @@
 package thunder

 import (
+	"crypto/sha1"
+	"encoding/hex"
 	"fmt"
+	"io"
 	"net/http"
 	"regexp"
 	"time"
@ -97,7 +100,7 @@ func (c *Common) GetCaptchaSign() (timestamp, sign string) {
 	timestamp = fmt.Sprint(time.Now().UnixMilli())
 	str := fmt.Sprint(c.ClientID, c.ClientVersion, c.PackageName, c.DeviceID, timestamp)
 	for _, algorithm := range c.Algorithms {
-		str = utils.GetMD5Encode(str + algorithm)
+		str = utils.GetMD5EncodeStr(str + algorithm)
 	}
 	sign = "1." + str
 	return
@ -171,3 +174,29 @@ func (c *Common) Request(url, method string, callback base.ReqCallback, resp int

 	return res.Body(), nil
 }
+
+// 计算文件Gcid
+func getGcid(r io.Reader, size int64) (string, error) {
+	calcBlockSize := func(j int64) int64 {
+		var psize int64 = 0x40000
+		for float64(j)/float64(psize) > 0x200 && psize < 0x200000 {
+			psize = psize << 1
+		}
+		return psize
+	}
+
+	hash1 := sha1.New()
+	hash2 := sha1.New()
+	readSize := calcBlockSize(size)
+	for {
+		hash2.Reset()
+		if n, err := io.CopyN(hash2, r, readSize); err != nil && n == 0 {
+			if err != io.EOF {
+				return "", err
+			}
+			break
+		}
+		hash1.Write(hash2.Sum(nil))
+	}
+	return hex.EncodeToString(hash1.Sum(nil)), nil
+}
--- a/drivers/uss/driver.go
+++ b/drivers/uss/driver.go
@ -81,7 +81,7 @@ func (d *USS) Link(ctx context.Context, file model.Obj, args model.LinkArgs) (*m
 	expireAt := time.Now().Add(downExp).Unix()
 	upd := url.QueryEscape(path.Base(file.GetPath()))
 	signStr := strings.Join([]string{d.OperatorPassword, fmt.Sprint(expireAt), fmt.Sprintf("/%s", key)}, "&")
-	upt := utils.GetMD5Encode(signStr)[12:20] + fmt.Sprint(expireAt)
+	upt := utils.GetMD5EncodeStr(signStr)[12:20] + fmt.Sprint(expireAt)
 	link := fmt.Sprintf("%s?_upd=%s&_upt=%s", u, upd, upt)
 	return &model.Link{URL: link}, nil
 }
--- a/drivers/virtual/driver.go
+++ b/drivers/virtual/driver.go
@ -52,9 +52,18 @@ func (d *Virtual) List(ctx context.Context, dir model.Obj, args model.ListArgs)
 	return res, nil
 }

+type nopReadSeekCloser struct {
+	io.Reader
+}
+
+func (nopReadSeekCloser) Seek(offset int64, whence int) (int64, error) {
+	return offset, nil
+}
+func (nopReadSeekCloser) Close() error { return nil }
+
 func (d *Virtual) Link(ctx context.Context, file model.Obj, args model.LinkArgs) (*model.Link, error) {
 	return &model.Link{
-		Data: io.NopCloser(io.LimitReader(random.Rand, file.GetSize())),
+		ReadSeekCloser: nopReadSeekCloser{io.LimitReader(random.Rand, file.GetSize())},
 	}, nil
 }

--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Andy Hsu	a797494aa3	fix: missed update user's password	2023-08-07 18:51:54 +08:00
Andy Hsu	353dd7f796	ci: mark `non-prerelease` when upload assets	2023-08-07 16:23:36 +08:00
Andy Hsu	1c00d64952	feat: rehash password with a unique salt for each user	2023-08-07 15:46:19 +08:00
Andy Hsu	ff5cf3f4fa	feat: allow use token to access `WebDAV`	2023-08-07 14:38:50 +08:00
Andy Hsu	5b6b2f427a	feat(cmd): add show token command	2023-08-07 13:49:23 +08:00
Sean	7877184bee	feat(baidu_netdisk): add retry to most operations (close #4863 in #4939 )	2023-08-07 13:44:28 +08:00
Andy Hsu	e9cb37122e	chore(cmd): change come output for admin command	2023-08-06 23:02:22 +08:00
Andy Hsu	a425392a2b	feat(cmd): set or random new password for admin	2023-08-06 22:34:02 +08:00
Andy Hsu	75acbcc115	perf: sha256 for user's password (close #3552 )	2023-08-06 22:09:17 +08:00
Andy Hsu	30415cefbe	perf: delete user cache after cancel `2FA`	2023-08-06 20:47:58 +08:00
panici	1d06a0019f	feat(search): paging and scope (close #4381 in #4930 ) Co-authored-by: Andy Hsu <i@nn.ci>	2023-08-06 15:13:23 +08:00
Andy Hsu	3686075a7f	ci: change auto commit user [skip ci]	2023-08-05 16:32:06 +08:00
Andy Hsu	6c1c7e5cc0	fix(wopan): missing `familyID` on mkdir (close #4927 )	2023-08-04 22:26:56 +08:00
Andy Hsu	c4f901b201	fix: undeclared identifier `kIOMainPortDefault` on darwin/arm64	2023-08-04 21:23:58 +08:00
Andy Hsu	4b7acb1389	feat(ci): add multiple ARM targets prebuilt (close #4243 )	2023-08-04 20:57:56 +08:00
Sean	15b7169df4	perf: multi-thread downloader, `Content-Disposition` (#4921 ) general: enhance multi-thread downloader with cancelable context, immediately stop all stream processes when canceled; feat(crypt): improve stream closing; general: fix the bug of downloading files becomes previewing stream on modern browsers; Co-authored-by: Sean He <866155+seanhe26@users.noreply.github.com> Co-authored-by: Andy Hsu <i@nn.ci>	2023-08-04 15:29:54 +08:00
Andy Hsu	861948bcf3	revert: "ci: auto gofmt for pull request" [skip ci] This reverts commit `8b353da0d2`.	2023-08-04 13:25:23 +08:00
Bnq Dzj	e5ffd39cf2	feat: add 123Pan Share driver (close #4853 in #4898 ) Co-authored-by: Andy Hsu <i@nn.ci>	2023-08-03 15:01:43 +08:00
Andy Hsu	8b353da0d2	ci: auto gofmt for pull request [skip ci]	2023-08-03 14:49:22 +08:00
foxxorcat	49bde82426	perf(189pc): empty file upload and cache optimization (#4913 ) - login captcha error - cache optimization - upload empty file	2023-08-03 14:08:40 +08:00
foxxorcat	3e285aaec4	feat: add `weiyun` support (close #4802 in #4883 ) Co-authored-by: Andy Hsu <i@nn.ci>	2023-08-02 21:39:59 +08:00
Andy Hsu	355fc576b1	issue: add config to bug report template [skip ci]	2023-08-02 21:05:50 +08:00
Andy Hsu	a69d72aa20	feat(aliyundrive_open): support resource drive (close #4889 )	2023-08-02 15:50:01 +08:00
renovate[bot]	e5d123c5d3	fix(deps): update module golang.org/x/image to v0.10.0 [skip ci] (#4902 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-08-02 15:38:10 +08:00
renovate[bot]	220eb33f88	fix(deps): update module golang.org/x/net to v0.13.0 [skip ci] (#4903 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-08-02 15:16:39 +08:00
Andy Hsu	5238850036	docs: sync README [skip ci]	2023-08-02 15:15:48 +08:00
renovate[bot]	81ac963567	fix(deps): update module github.com/ipfs/go-ipfs-api to v0.6.1 [skip ci] (#4882 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-08-02 15:01:25 +08:00
Sean	3c21a9a520	feat: Crypt driver, improve http/webdav handling (#4884 ) this PR has several enhancements, fixes, and features: - [x] Crypt: a transparent encryption driver. Anyone can easily, and safely store encrypted data on the remote storage provider. Consider your data is safely stored in the safe, and the storage provider can only see the safe, but not your data. - [x] Optional: compatible with [Rclone Crypt](https://rclone.org/crypt/). More ways to manipulate the encrypted data. - [x] directory and filename encryption - [x] server-side encryption mode (server encrypts & decrypts all data, all data flows thru the server) - [x] obfuscate sensitive information internally - [x] introduced a server memory-cached multi-thread downloader. - [x] Driver: Quark enabled this feature, faster load in any single thread scenario. e.g. media player directly playing from the link, now it's faster. - [x] general improvement on HTTP/WebDAV stream processing & header handling & response handling - [x] Driver: Mega driver support ranged http header - [x] Driver: Quark fix bug of not closing HTTP request to Quark server while user end has closed connection to alist ## Crypt, a transparent Encrypt/Decrypt Driver. (Rclone Crypt compatible) e.g. Crypt mount path -> /vault Crypt remote path -> /ali/encrypted Aliyun mount paht -> /ali when the user uploads a.jpg to /vault, the data will be encrypted and saved to /ali/encrypted/xxxxx. And when the user wants to access a.jpg, it's automatically decrypted, and the user can do anything with it. Since it's Rclone Crypt compatible, users can download /ali/encrypted/xxxxx and decrypt it with rclone crypt tool. Or the user can mount this folder using rclone, then mount the decrypted folder in Linux... NB. Some breaking changes is made to make it follow global standard, e.g. processing the HTTP header properly. close #4679 close #4827 Co-authored-by: Sean He <866155+seanhe26@users.noreply.github.com> Co-authored-by: Andy Hsu <i@nn.ci>	2023-08-02 14:40:36 +08:00
Andy Hsu	1dc1dd1f07	feat(aliyundrive_open): support `livp` format file download (close #4890 )	2023-08-01 21:50:25 +08:00
foxxorcat	c9ea9bce81	feat(lanzou): support login with account (close #4880 in #4885 )	2023-08-01 19:44:57 +08:00
foxxorcat	9f08353d31	feat(baidu_photo): optional delete album origin file (close #4872 in #4875 )	2023-07-31 18:29:45 +08:00
Andy Hsu	ce0c3626c2	ci: remove `working` label on issue closed	2023-07-31 16:54:00 +08:00
foxxorcat	06f46206db	fix(baidu_photo): album download (close #4603 in #4871 ) Co-authored-by: Andy Hsu <i@nn.ci>	2023-07-31 16:27:16 +08:00
Andy Hsu	579f0c06af	ci: delete file after decompression fix: no space left on device	2023-07-30 18:25:52 +08:00
Andy Hsu	b12d92acc9	perf(baidu_netdisk): optimize memory allocate	2023-07-29 17:12:43 +08:00
Andy Hsu	e700ce15e5	fix: missed progress in upload task	2023-07-29 17:09:26 +08:00
renovate[bot]	7dbef7d559	chore(deps): update actions-cool/issues-helper action to v3.5.1 (#4855 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-07-28 16:16:42 +08:00
Andy Hsu	7e9cdd8b07	fix(aliyundrive_open): fail limit on concurrently call (#4851 )	2023-07-28 15:55:39 +08:00
meozky	cee6bc6b5d	fix(terabox): slice out of range (close #4858 in #4860 )	2023-07-28 15:52:20 +08:00
Andy Hsu	cfd23c05b4	fix(139): upload empty file (close #4711 )	2023-07-27 19:26:22 +08:00
Andy Hsu	0c1acd72ca	fix: link cache not deleted after overwriting file (close #4852 )	2023-07-27 19:07:53 +08:00
Andy Hsu	e2ca06dcca	docs: update go version	2023-07-27 18:32:33 +08:00
Andy Hsu	0828fd787d	chore: update placeholder of version in `bug_report` issue template	2023-07-27 18:31:16 +08:00
Andy Hsu	2e23ea68d4	fix(aliyundrive_open): increase limit interval (close #4851 )	2023-07-27 18:26:11 +08:00
Bnq Dzj	4afa822bec	fix(123): Use APP-side API (close #4834 in #4856 )	2023-07-27 15:51:59 +08:00
Andy Hsu	f2ca9b40db	fix(qbittorrent): incorrect field type (close #4843 )	2023-07-25 13:31:41 +08:00
Andy Hsu	4c2535cb22	fix(115): `user-agent` lost on upload (close #4831 )	2023-07-23 15:18:33 +08:00
Andy Hsu	d4ea8787c9	fix(123): upload file size that less than 16 MB (close #4816 )	2023-07-21 14:35:18 +08:00
Rui Tang	a4de04528a	fix(123): `auth-key` verification (close #4811 in #4814 ) Co-authored-by: Andy Hsu <i@nn.ci>	2023-07-21 14:33:45 +08:00
renovate[bot]	f60aae7499	chore(deps): update actions-cool/issues-helper action to v3.5.0 (#4801 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-07-21 13:55:16 +08:00
WintBit	de8f9e9eee	feat: SSO auto register (close #4692 in #4795 ) Co-authored-by: Andy Hsu <i@nn.ci>	2023-07-20 16:30:30 +08:00
Ikko Eltociear Ashimine	cace9db12f	docs: add Japanese README [skip ci] (#4798 )	2023-07-19 14:05:41 +08:00
Andy Hsu	ec2fb82836	chore: update special sponsors [skip ci]	2023-07-18 15:26:03 +08:00
Andy Hsu	afcfbf02ea	chore: go mod tidy	2023-07-16 15:12:38 +08:00
renovate[bot]	cad04e07dd	fix(deps): update module github.com/blevesearch/bleve/v2 to v2.3.9 [skip ci] (#4750 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-07-16 15:06:49 +08:00
renovate[bot]	30f732138c	fix(deps): update module github.com/sirupsen/logrus to v1.9.3 [skip ci] (#4668 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-07-16 15:06:16 +08:00
renovate[bot]	04034bd03b	fix(deps): update module github.com/jlaffaye/ftp to v0.2.0 [skip ci] (#4455 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-07-16 15:05:46 +08:00
Andy Hsu	6ec9a8d4c7	fix(aliyundrive_open): the temp file is not delete (close #4777 )	2023-07-16 15:01:22 +08:00
Andy Hsu	3f7882b467	feat(aliyundrive_open): rapid upload (close #4766 )	2023-07-15 19:33:46 +08:00
Andy Hsu	a4511c1963	refactor: change hash function	2023-07-15 16:29:44 +08:00
Andy Hsu	9d1f122717	fix(local): thumbnail rotated if exist orientation tag (close #4749 )	2023-07-15 14:31:03 +08:00
Andy Hsu	5dd73d80d8	fix(123): remove stream upload method (close #4772 )	2023-07-14 19:12:18 +08:00
Andy Hsu	fce872bc1b	feat(123): thumbnail support (#3953 )	2023-07-14 14:43:40 +08:00
Andy Hsu	df6c4c80c2	fix(123): update app-version (close #4758 )	2023-07-14 14:17:29 +08:00
Andy Hsu	d2ff040cf8	feat(s3): add `SessionToken` field (close #4761 )	2023-07-13 15:58:19 +08:00
foxxorcat	a31af209cc	fix(pikpak): hash calculation and fast upload judgment (#4745 fix #1081 )	2023-07-11 22:19:21 +08:00
Andy Hsu	3f8b3da52b	feat(server): add `HEAD` method support (close #4740 )	2023-07-11 13:47:49 +08:00
Andy Hsu	6887f14ec6	feat(pikpak): allow disable media link (close #4735 )	2023-07-11 13:40:58 +08:00
Andy Hsu	3e0de5eaac	fix(deps): adapt module github.com/caarlos0/env/v9 (#4728 )	2023-07-10 22:06:50 +08:00
Andy Hsu	61101a60f4	fix(s3): unable to copy empty folder (close #4620 )	2023-07-10 14:55:19 +08:00
foxxorcat	3529023bf9	fix(mopan): size field type(close #4734 in #4736 )	2023-07-10 14:25:27 +08:00
renovate[bot]	d1d1a089a4	fix(deps): update module github.com/caarlos0/env/v7 to v9 (#4728 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-07-09 18:15:04 +08:00
Andy Hsu	fa66358b1e	fix(sftp): read target obj of symlink file (close #4713 )	2023-07-09 14:42:57 +08:00
Andy Hsu	2b533e4b91	feat: allow customize perm of unix file (close #4709 )	2023-07-08 20:17:05 +08:00
renovate[bot]	d3530a8d80	fix(deps): update module golang.org/x/image to v0.9.0 (#4725 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-07-08 19:21:15 +08:00
renovate[bot]	6052eb3512	fix(deps): update module golang.org/x/oauth2 to v0.10.0 (#4522 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-07-08 15:44:42 +08:00
Andy Hsu	d17f7f7cad	fix(123): judge status on get redirect_url (close #4718 )	2023-07-07 19:55:37 +08:00
Andy Hsu	8bdc67ec3d	fix(webdav): return 404 if error happened on `handlePropfind`	2023-07-05 13:52:21 +08:00
Andy Hsu	4fabc27366	fix(aliyundrive_open): panic if driver not init	2023-07-05 13:51:46 +08:00
Andy Hsu	e4c7b0f17c	fix: https port is not effective	2023-07-05 13:02:52 +08:00
Andy Hsu	5e8bfb017e	fix(123): add `Referer` to request (close #4631 )	2023-07-04 18:36:46 +08:00
Andy Hsu	7d20a01dba	feat!: support listen to the unix (close #4671 ) Starting from this commit, the HTTP server related config all move to the scheme	2023-07-04 17:56:02 +08:00
Andy Hsu	59dbf4496f	feat(offline_download): try to init client if not ready (close #4674 )	2023-07-03 22:57:42 +08:00
vickunwu	12f40608e6	fix(oidc): use TOTP as state verification to replace the static 'state' parameter (#4665 )	2023-07-03 22:41:08 +08:00
Andy Hsu	89832c296f	fix: judge can proxy with ext (close #4688 )	2023-07-03 20:41:37 +08:00
foxxorcat	f09bb88846	fix(thunder): upload issues (close #4663 in #4667 )	2023-06-29 13:21:30 +08:00
foxxorcat	c518f59528	feat: add `MoPan` driver (close #4325 in #4659 ) Co-authored-by: Andy Hsu <i@nn.ci>	2023-06-28 14:53:43 +08:00
walloo	e9c74f9959	fix: regexp rename error (close #4644 in #4653 ) Co-authored-by: Andy Hsu <i@nn.ci>	2023-06-26 15:15:57 +08:00
wenmig	21b8e7f6e5	fix(aliyundrive_share): add limit rate and lift rate limit restrictions (#4587 )	2023-06-26 14:49:21 +08:00
Andy Hsu	2ae9cd8634	fix(dropbox): failed get link in #4639 close `cfee536b96 (commitcomment-119404554)`	2023-06-25 17:07:31 +08:00
wenmig	cfee536b96	feat: add Dropbox driver (#4639 close #4590 ) Co-authored-by: Andy Hsu <i@nn.ci>	2023-06-23 17:36:40 +08:00
william	1c8fe3b24c	fix(aliyundrive_open): adaptive part size adjustment (#4609 ) Co-authored-by: Andy Hsu <i@nn.ci>	2023-06-23 14:25:30 +08:00
Andy Hsu	84e23c397d	fix(baidu_netdisk): rollback #3652 (close #4628 )	2023-06-21 18:37:25 +08:00
Andy Hsu	f7baec2e65	feat: add `WoPan` driver (close #4541 )	2023-06-17 20:20:00 +08:00
wenmig	378bab32f1	chore(aliyundrive_share): increase the `limit` of the list api (#4588 )	2023-06-17 20:10:34 +08:00
Andy Hsu	6cd8151cad	fix(aliyundrive_open): change default `oauth_token_url`	2023-06-16 15:03:27 +08:00
Andy Hsu	541449e10f	docs: add special sponsor [skip ci]	2023-06-14 05:42:21 +08:00
Andy Hsu	ca5a53fc24	fix(aliyundrive_open): `openFile/list` rate limit	2023-06-11 18:18:09 +08:00
BoYanZh	f646d2a699	feat!: listen to both http & https (#4536 ) Co-authored-by: Andy Hsu <i@nn.ci>	2023-06-11 18:17:37 +08:00
Andy Hsu	363e036bf0	chore: fix typo [skip ci]	2023-06-10 22:25:35 +08:00
Andy Hsu	e23f00f349	fix(139): avoid panic due to `Authorization` for emptiness	2023-06-10 00:12:04 +08:00
Andy Hsu	9600267bda	ci: add linux-musl-amd64/arm64 to dev build	2023-06-09 23:43:52 +08:00
Andy Hsu	a66b0e0151	feat(139): auto extract account from `Authorization`	2023-06-09 23:41:41 +08:00
Andy Hsu	3bfa00d5d2	fix(189pc): add `REQID` header	2023-06-09 23:33:12 +08:00
Andy Hsu	6cbd2532cc	fix(139): modify the authentication mode	2023-06-09 23:02:02 +08:00
hunshcn	47976af0d3	feat: set `ProxyFromEnvironment` for default http client (#4546 )	2023-06-09 22:08:54 +08:00
Andy Hsu	4dca52be85	fix(s3): optional add filename to disposition (close #4538 )	2023-06-06 22:47:27 +08:00
Andy Hsu	62bb09300d	chore: fix typo [skip ci]	2023-06-06 19:34:10 +08:00
Andy Hsu	f9e067abec	feat: support delayed start (#4532 )	2023-06-05 16:00:31 +08:00
Andy Hsu	1e62666406	feat(baidu_netdisk): allow custom crack ua	2023-06-04 15:57:41 +08:00
Andy Hsu	0e0cdf15ef	chore: change `daysUntilClose` [skip ci]	2023-06-03 21:15:52 +08:00
Andy Hsu	b124fdc092	perf(baidu): avoid refreshing the token on every startup	2023-06-02 18:31:42 +08:00
renovate[bot]	5141b3c165	fix(deps): update module github.com/gin-gonic/gin to v1.9.1 [security] [skip ci] (#4521 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-06-02 18:31:14 +08:00
Mg Pig	881d6e271e	feat: add OIDC single sign-on (#4496 ) close #3914 close #4315	2023-06-02 18:22:07 +08:00