fix(deps): update module golang.org/x/image to v0.11.0 (#5044 )

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
fix(deps): update module golang.org/x/crypto to v0.12.0 [skip ci] (#5043 )
2023-08-21 15:01:11 +08:00 · 2023-08-21 14:43:59 +08:00 · 2023-08-21 14:43:07 +08:00 · 2023-08-20 13:10:01 +08:00 · 2023-08-20 13:08:57 +08:00 · 2023-08-19 14:20:55 +08:00
55 changed files with 1783 additions and 697 deletions
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@ -3,7 +3,7 @@
 github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
 patreon: # Replace with a single Patreon username
 open_collective: # Replace with a single Open Collective username
-ko_fi: # Replace with a single Ko-fi username
+ko_fi: xhofe # Replace with a single Ko-fi username
 tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
 community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
 liberapay: # Replace with a single Liberapay username
--- a/.github/ISSUE_TEMPLATE/bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yml
@ -22,8 +22,8 @@ body:
            I'm sure there are no duplicate issues or discussions.
            我确定没有重复的issue或讨论。
        - label: |
-            I'm sure it's due to `AList` and not something else(such as `Dependencies` or `Operational`).
-            我确定是`AList`的问题，而不是其他原因（例如`依赖`或`操作`）。
+            I'm sure it's due to `AList` and not something else(such as [Network](https://alist.nn.ci/faq/howto.html#tls-handshake-timeout-read-connection-reset-by-peer-dns-lookup-failed-connect-connection-refused-client-timeout-exceeded-while-awaiting-headers-no-such-host) ,`Dependencies` or `Operational`).
+            我确定是`AList`的问题，而不是其他原因（例如[网络](https://alist.nn.ci/zh/faq/howto.html#tls-handshake-timeout-read-connection-reset-by-peer-dns-lookup-failed-connect-connection-refused-client-timeout-exceeded-while-awaiting-headers-no-such-host)，`依赖`或`操作`）。
        - label: |
            I'm sure this issue is not fixed in the latest version.
            我确定这个问题在最新版本中没有被修复。
--- a/.github/workflows/issue_question.yml
+++ b/.github/workflows/issue_question.yml
@ -10,7 +10,7 @@ jobs:
    if: github.event.label.name == 'question'
    steps:
      - name: Create comment
-        uses: actions-cool/issues-helper@v3.5.1
+        uses: actions-cool/issues-helper@v3.5.2
        with:
          actions: 'create-comment'
          token: ${{ secrets.GITHUB_TOKEN }}
--- a/cmd/storage.go
+++ b/cmd/storage.go
@ -4,8 +4,14 @@ Copyright © 2023 NAME HERE <EMAIL ADDRESS>
 package cmd

 import (
+	"os"
+	"strconv"
+
 	"github.com/alist-org/alist/v3/internal/db"
 	"github.com/alist-org/alist/v3/pkg/utils"
+	"github.com/charmbracelet/bubbles/table"
+	tea "github.com/charmbracelet/bubbletea"
+	"github.com/charmbracelet/lipgloss"
 	"github.com/spf13/cobra"
 )

@ -15,31 +21,134 @@ var storageCmd = &cobra.Command{
 	Short: "Manage storage",
 }

-func init() {
-	var mountPath string
-	var disable = &cobra.Command{
-		Use:   "disable",
-		Short: "Disable a storage",
-		Run: func(cmd *cobra.Command, args []string) {
-			Init()
-			storage, err := db.GetStorageByMountPath(mountPath)
+var disableStorageCmd = &cobra.Command{
+	Use:   "disable",
+	Short: "Disable a storage",
+	Run: func(cmd *cobra.Command, args []string) {
+		if len(args) < 1 {
+			utils.Log.Errorf("mount path is required")
+			return
+		}
+		mountPath := args[0]
+		Init()
+		storage, err := db.GetStorageByMountPath(mountPath)
+		if err != nil {
+			utils.Log.Errorf("failed to query storage: %+v", err)
+		} else {
+			storage.Disabled = true
+			err = db.UpdateStorage(storage)
 			if err != nil {
-				utils.Log.Errorf("failed to query storage: %+v", err)
+				utils.Log.Errorf("failed to update storage: %+v", err)
 			} else {
-				storage.Disabled = true
-				err = db.UpdateStorage(storage)
-				if err != nil {
-					utils.Log.Errorf("failed to update storage: %+v", err)
-				} else {
-					utils.Log.Infof("Storage with mount path [%s] have been disabled", mountPath)
-				}
+				utils.Log.Infof("Storage with mount path [%s] have been disabled", mountPath)
 			}
-		},
-	}
-	disable.Flags().StringVarP(&mountPath, "mount-path", "m", "", "The mountPath of storage")
-	RootCmd.AddCommand(storageCmd)
-	storageCmd.AddCommand(disable)
+		}
+	},
+}

+var baseStyle = lipgloss.NewStyle().
+	BorderStyle(lipgloss.NormalBorder()).
+	BorderForeground(lipgloss.Color("240"))
+
+type model struct {
+	table table.Model
+}
+
+func (m model) Init() tea.Cmd { return nil }
+
+func (m model) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
+	var cmd tea.Cmd
+	switch msg := msg.(type) {
+	case tea.KeyMsg:
+		switch msg.String() {
+		case "esc":
+			if m.table.Focused() {
+				m.table.Blur()
+			} else {
+				m.table.Focus()
+			}
+		case "q", "ctrl+c":
+			return m, tea.Quit
+			//case "enter":
+			//	return m, tea.Batch(
+			//		tea.Printf("Let's go to %s!", m.table.SelectedRow()[1]),
+			//	)
+		}
+	}
+	m.table, cmd = m.table.Update(msg)
+	return m, cmd
+}
+
+func (m model) View() string {
+	return baseStyle.Render(m.table.View()) + "\n"
+}
+
+var storageTableHeight int
+var listStorageCmd = &cobra.Command{
+	Use:   "list",
+	Short: "List all storages",
+	Run: func(cmd *cobra.Command, args []string) {
+		Init()
+		storages, _, err := db.GetStorages(1, -1)
+		if err != nil {
+			utils.Log.Errorf("failed to query storages: %+v", err)
+		} else {
+			utils.Log.Infof("Found %d storages", len(storages))
+			columns := []table.Column{
+				{Title: "ID", Width: 4},
+				{Title: "Driver", Width: 16},
+				{Title: "Mount Path", Width: 30},
+				{Title: "Enabled", Width: 7},
+			}
+
+			var rows []table.Row
+			for i := range storages {
+				storage := storages[i]
+				enabled := "true"
+				if storage.Disabled {
+					enabled = "false"
+				}
+				rows = append(rows, table.Row{
+					strconv.Itoa(int(storage.ID)),
+					storage.Driver,
+					storage.MountPath,
+					enabled,
+				})
+			}
+			t := table.New(
+				table.WithColumns(columns),
+				table.WithRows(rows),
+				table.WithFocused(true),
+				table.WithHeight(storageTableHeight),
+			)
+
+			s := table.DefaultStyles()
+			s.Header = s.Header.
+				BorderStyle(lipgloss.NormalBorder()).
+				BorderForeground(lipgloss.Color("240")).
+				BorderBottom(true).
+				Bold(false)
+			s.Selected = s.Selected.
+				Foreground(lipgloss.Color("229")).
+				Background(lipgloss.Color("57")).
+				Bold(false)
+			t.SetStyles(s)
+
+			m := model{t}
+			if _, err := tea.NewProgram(m).Run(); err != nil {
+				utils.Log.Errorf("failed to run program: %+v", err)
+				os.Exit(1)
+			}
+		}
+	},
+}
+
+func init() {
+
+	RootCmd.AddCommand(storageCmd)
+	storageCmd.AddCommand(disableStorageCmd)
+	storageCmd.AddCommand(listStorageCmd)
+	storageCmd.PersistentFlags().IntVarP(&storageTableHeight, "height", "H", 10, "Table height")
 	// Here you will define your flags and configuration settings.

 	// Cobra supports Persistent Flags which will work for this command
--- a/drivers/189pc/driver.go
+++ b/drivers/189pc/driver.go
@ -3,6 +3,7 @@ package _189pc
 import (
 	"context"
 	"net/http"
+	"strconv"
 	"strings"
 	"time"

@ -24,6 +25,8 @@ type Cloud189PC struct {

 	loginParam *LoginParam
 	tokenInfo  *AppSessionResp
+
+	uploadThread int
 }

 func (y *Cloud189PC) Config() driver.Config {
@ -44,6 +47,12 @@ func (y *Cloud189PC) Init(ctx context.Context) (err error) {
 		y.FamilyID = ""
 	}

+	// 限制上传线程数
+	y.uploadThread, _ = strconv.Atoi(y.UploadThread)
+	if y.uploadThread < 1 || y.uploadThread > 32 {
+		y.uploadThread, y.UploadThread = 3, "3"
+	}
+
 	// 初始化请求客户端
 	if y.client == nil {
 		y.client = base.NewRestyClient().SetHeaders(map[string]string{
--- a/drivers/189pc/help.go
+++ b/drivers/189pc/help.go
@ -160,9 +160,8 @@ func toDesc(o string) string {
 func ParseHttpHeader(str string) map[string]string {
 	header := make(map[string]string)
 	for _, value := range strings.Split(str, "&") {
-		i := strings.Index(value, "=")
-		if i > 0 {
-			header[strings.TrimSpace(value[0:i])] = strings.TrimSpace(value[i+1:])
+		if k, v, found := strings.Cut(value, "="); found {
+			header[k] = v
 		}
 	}
 	return header
--- a/drivers/189pc/meta.go
+++ b/drivers/189pc/meta.go
@ -15,6 +15,7 @@ type Addition struct {
 	Type           string `json:"type" type:"select" options:"personal,family" default:"personal"`
 	FamilyID       string `json:"family_id"`
 	UploadMethod   string `json:"upload_method" type:"select" options:"stream,rapid,old" default:"stream"`
+	UploadThread   string `json:"upload_thread" default:"3" help:"1<=thread<=32"`
 	NoUseOcr       bool   `json:"no_use_ocr"`
 }

--- a/drivers/189pc/types.go
+++ b/drivers/189pc/types.go
@ -239,14 +239,25 @@ type InitMultiUploadResp struct {
 	} `json:"data"`
 }
 type UploadUrlsResp struct {
-	Code       string          `json:"code"`
-	UploadUrls map[string]Part `json:"uploadUrls"`
+	Code string                    `json:"code"`
+	Data map[string]UploadUrlsData `json:"uploadUrls"`
 }
-type Part struct {
+type UploadUrlsData struct {
 	RequestURL    string `json:"requestURL"`
 	RequestHeader string `json:"requestHeader"`
 }

+type UploadUrlInfo struct {
+	PartNumber int
+	Headers    map[string]string
+	UploadUrlsData
+}
+
+type UploadProgress struct {
+	UploadInfo  InitMultiUploadResp
+	UploadParts []string
+}
+
 /* 第二种上传方式 */
 type CreateUploadFileResp struct {
 	// 上传文件请求ID
--- a/drivers/189pc/utils.go
+++ b/drivers/189pc/utils.go
@ -15,6 +15,8 @@ import (
 	"net/url"
 	"os"
 	"regexp"
+	"sort"
+	"strconv"
 	"strings"
 	"time"

@ -24,6 +26,7 @@ import (
 	"github.com/alist-org/alist/v3/internal/model"
 	"github.com/alist-org/alist/v3/internal/op"
 	"github.com/alist-org/alist/v3/internal/setting"
+	"github.com/alist-org/alist/v3/pkg/errgroup"
 	"github.com/alist-org/alist/v3/pkg/utils"

 	"github.com/avast/retry-go"
@ -436,14 +439,18 @@ func (y *Cloud189PC) refreshSession() (err error) {
 // 普通上传
 // 无法上传大小为0的文件
 func (y *Cloud189PC) StreamUpload(ctx context.Context, dstDir model.Obj, file model.FileStreamer, up driver.UpdateProgress) (model.Obj, error) {
-	var DEFAULT = partSize(file.GetSize())
-	var count = int(math.Ceil(float64(file.GetSize()) / float64(DEFAULT)))
+	var sliceSize = partSize(file.GetSize())
+	count := int(math.Ceil(float64(file.GetSize()) / float64(sliceSize)))
+	lastPartSize := file.GetSize() % sliceSize
+	if file.GetSize() > 0 && lastPartSize == 0 {
+		lastPartSize = sliceSize
+	}

 	params := Params{
 		"parentFolderId": dstDir.GetID(),
 		"fileName":       url.QueryEscape(file.GetName()),
 		"fileSize":       fmt.Sprint(file.GetSize()),
-		"sliceSize":      fmt.Sprint(DEFAULT),
+		"sliceSize":      fmt.Sprint(sliceSize),
 		"lazyCheck":      "1",
 	}

@ -465,61 +472,59 @@ func (y *Cloud189PC) StreamUpload(ctx context.Context, dstDir model.Obj, file mo
 		return nil, err
 	}

+	threadG, upCtx := errgroup.NewGroupWithContext(ctx, y.uploadThread,
+		retry.Attempts(3),
+		retry.Delay(time.Second),
+		retry.DelayType(retry.BackOffDelay))
+
 	fileMd5 := md5.New()
 	silceMd5 := md5.New()
 	silceMd5Hexs := make([]string, 0, count)
-	byteData := bytes.NewBuffer(make([]byte, DEFAULT))
+
 	for i := 1; i <= count; i++ {
-		if utils.IsCanceled(ctx) {
-			return nil, ctx.Err()
+		if utils.IsCanceled(upCtx) {
+			break
+		}
+
+		byteData := make([]byte, sliceSize)
+		if i == count {
+			byteData = byteData[:lastPartSize]
 		}

 		// 读取块
-		byteData.Reset()
 		silceMd5.Reset()
-		_, err := io.CopyN(io.MultiWriter(fileMd5, silceMd5, byteData), file, DEFAULT)
-		if err != io.EOF && err != io.ErrUnexpectedEOF && err != nil {
+		if _, err := io.ReadFull(io.TeeReader(file, io.MultiWriter(fileMd5, silceMd5)), byteData); err != io.EOF && err != nil {
 			return nil, err
 		}

 		// 计算块md5并进行hex和base64编码
 		md5Bytes := silceMd5.Sum(nil)
 		silceMd5Hexs = append(silceMd5Hexs, strings.ToUpper(hex.EncodeToString(md5Bytes)))
-		silceMd5Base64 := base64.StdEncoding.EncodeToString(md5Bytes)
+		partInfo := fmt.Sprintf("%d-%s", i, base64.StdEncoding.EncodeToString(md5Bytes))

-		// 获取上传链接
-		var uploadUrl UploadUrlsResp
-		_, err = y.request(fullUrl+"/getMultiUploadUrls", http.MethodGet,
-			func(req *resty.Request) {
-				req.SetContext(ctx)
-			}, Params{
-				"partInfo":     fmt.Sprintf("%d-%s", i, silceMd5Base64),
-				"uploadFileId": initMultiUpload.Data.UploadFileID,
-			}, &uploadUrl)
-		if err != nil {
-			return nil, err
-		}
+		threadG.Go(func(ctx context.Context) error {
+			uploadUrls, err := y.GetMultiUploadUrls(ctx, initMultiUpload.Data.UploadFileID, partInfo)
+			if err != nil {
+				return err
+			}

-		// 开始上传
-		uploadData := uploadUrl.UploadUrls[fmt.Sprint("partNumber_", i)]
-
-		err = retry.Do(func() error {
-			_, err := y.put(ctx, uploadData.RequestURL, ParseHttpHeader(uploadData.RequestHeader), false, bytes.NewReader(byteData.Bytes()))
-			return err
-		},
-			retry.Context(ctx),
-			retry.Attempts(3),
-			retry.Delay(time.Second),
-			retry.MaxDelay(5*time.Second))
-		if err != nil {
-			return nil, err
-		}
-		up(int(i * 100 / count))
+			// step.4 上传切片
+			uploadUrl := uploadUrls[0]
+			_, err = y.put(ctx, uploadUrl.RequestURL, uploadUrl.Headers, false, bytes.NewReader(byteData))
+			if err != nil {
+				return err
+			}
+			up(int(threadG.Success()) * 100 / count)
+			return nil
+		})
+	}
+	if err = threadG.Wait(); err != nil {
+		return nil, err
 	}

 	fileMd5Hex := strings.ToUpper(hex.EncodeToString(fileMd5.Sum(nil)))
 	sliceMd5Hex := fileMd5Hex
-	if file.GetSize() > DEFAULT {
+	if file.GetSize() > sliceSize {
 		sliceMd5Hex = strings.ToUpper(utils.GetMD5EncodeStr(strings.Join(silceMd5Hexs, "\n")))
 	}

@ -554,112 +559,132 @@ func (y *Cloud189PC) FastUpload(ctx context.Context, dstDir model.Obj, file mode
 		_ = os.Remove(tempFile.Name())
 	}()

-	var DEFAULT = partSize(file.GetSize())
-	count := int(math.Ceil(float64(file.GetSize()) / float64(DEFAULT)))
+	var sliceSize = partSize(file.GetSize())
+	count := int(math.Ceil(float64(file.GetSize()) / float64(sliceSize)))
+	lastSliceSize := file.GetSize() % sliceSize
+	if file.GetSize() > 0 && lastSliceSize == 0 {
+		lastSliceSize = sliceSize
+	}

-	// 优先计算所需信息
+	//step.1 优先计算所需信息
+	byteSize := sliceSize
 	fileMd5 := md5.New()
 	silceMd5 := md5.New()
 	silceMd5Hexs := make([]string, 0, count)
-	silceMd5Base64s := make([]string, 0, count)
+	partInfos := make([]string, 0, count)
 	for i := 1; i <= count; i++ {
 		if utils.IsCanceled(ctx) {
 			return nil, ctx.Err()
 		}

+		if i == count {
+			byteSize = lastSliceSize
+		}
+
 		silceMd5.Reset()
-		if _, err := io.CopyN(io.MultiWriter(fileMd5, silceMd5), tempFile, DEFAULT); err != nil && err != io.EOF && err != io.ErrUnexpectedEOF {
+		if _, err := io.CopyN(io.MultiWriter(fileMd5, silceMd5), tempFile, byteSize); err != nil && err != io.EOF {
 			return nil, err
 		}
 		md5Byte := silceMd5.Sum(nil)
 		silceMd5Hexs = append(silceMd5Hexs, strings.ToUpper(hex.EncodeToString(md5Byte)))
-		silceMd5Base64s = append(silceMd5Base64s, fmt.Sprint(i, "-", base64.StdEncoding.EncodeToString(md5Byte)))
-	}
-	if _, err = tempFile.Seek(0, io.SeekStart); err != nil {
-		return nil, err
+		partInfos = append(partInfos, fmt.Sprint(i, "-", base64.StdEncoding.EncodeToString(md5Byte)))
 	}

 	fileMd5Hex := strings.ToUpper(hex.EncodeToString(fileMd5.Sum(nil)))
 	sliceMd5Hex := fileMd5Hex
-	if file.GetSize() > DEFAULT {
+	if file.GetSize() > sliceSize {
 		sliceMd5Hex = strings.ToUpper(utils.GetMD5EncodeStr(strings.Join(silceMd5Hexs, "\n")))
 	}

-	// 检测是否支持快传
-	params := Params{
-		"parentFolderId": dstDir.GetID(),
-		"fileName":       url.QueryEscape(file.GetName()),
-		"fileSize":       fmt.Sprint(file.GetSize()),
-		"fileMd5":        fileMd5Hex,
-		"sliceSize":      fmt.Sprint(DEFAULT),
-		"sliceMd5":       sliceMd5Hex,
-	}
-
 	fullUrl := UPLOAD_URL
 	if y.isFamily() {
-		params.Set("familyId", y.FamilyID)
 		fullUrl += "/family"
 	} else {
 		//params.Set("extend", `{"opScene":"1","relativepath":"","rootfolderid":""}`)
 		fullUrl += "/person"
 	}

-	var uploadInfo InitMultiUploadResp
-	_, err = y.request(fullUrl+"/initMultiUpload", http.MethodGet, func(req *resty.Request) {
-		req.SetContext(ctx)
-	}, params, &uploadInfo)
-	if err != nil {
-		return nil, err
-	}
-
-	// 网盘中不存在该文件，开始上传
-	if uploadInfo.Data.FileDataExists != 1 {
-		var uploadUrls UploadUrlsResp
-		_, err = y.request(fullUrl+"/getMultiUploadUrls", http.MethodGet,
-			func(req *resty.Request) {
-				req.SetContext(ctx)
-			}, Params{
-				"uploadFileId": uploadInfo.Data.UploadFileID,
-				"partInfo":     strings.Join(silceMd5Base64s, ","),
-			}, &uploadUrls)
+	// 尝试恢复进度
+	uploadProgress, ok := base.GetUploadProgress[*UploadProgress](y, y.tokenInfo.SessionKey, fileMd5Hex)
+	if !ok {
+		//step.2 预上传
+		params := Params{
+			"parentFolderId": dstDir.GetID(),
+			"fileName":       url.QueryEscape(file.GetName()),
+			"fileSize":       fmt.Sprint(file.GetSize()),
+			"fileMd5":        fileMd5Hex,
+			"sliceSize":      fmt.Sprint(sliceSize),
+			"sliceMd5":       sliceMd5Hex,
+		}
+		if y.isFamily() {
+			params.Set("familyId", y.FamilyID)
+		}
+		var uploadInfo InitMultiUploadResp
+		_, err = y.request(fullUrl+"/initMultiUpload", http.MethodGet, func(req *resty.Request) {
+			req.SetContext(ctx)
+		}, params, &uploadInfo)
 		if err != nil {
 			return nil, err
 		}
-
-		buf := make([]byte, DEFAULT)
-		for i := 1; i <= count; i++ {
-			if utils.IsCanceled(ctx) {
-				return nil, ctx.Err()
-			}
-
-			n, err := io.ReadFull(tempFile, buf)
-			if err != nil && err != io.EOF && err != io.ErrUnexpectedEOF {
-				return nil, err
-			}
-			uploadData := uploadUrls.UploadUrls[fmt.Sprint("partNumber_", i)]
-			err = retry.Do(func() error {
-				_, err := y.put(ctx, uploadData.RequestURL, ParseHttpHeader(uploadData.RequestHeader), false, bytes.NewReader(buf[:n]))
-				return err
-			},
-				retry.Context(ctx),
-				retry.Attempts(3),
-				retry.Delay(time.Second),
-				retry.MaxDelay(5*time.Second))
-			if err != nil {
-				return nil, err
-			}
-
-			up(int(i * 100 / count))
+		uploadProgress = &UploadProgress{
+			UploadInfo:  uploadInfo,
+			UploadParts: partInfos,
 		}
 	}

-	// 提交
+	uploadInfo := uploadProgress.UploadInfo.Data
+	// 网盘中不存在该文件，开始上传
+	if uploadInfo.FileDataExists != 1 {
+		threadG, upCtx := errgroup.NewGroupWithContext(ctx, y.uploadThread,
+			retry.Attempts(3),
+			retry.Delay(time.Second),
+			retry.DelayType(retry.BackOffDelay))
+		for i, uploadPart := range uploadProgress.UploadParts {
+			if utils.IsCanceled(upCtx) {
+				break
+			}
+
+			i, uploadPart := i, uploadPart
+			threadG.Go(func(ctx context.Context) error {
+				// step.3 获取上传链接
+				uploadUrls, err := y.GetMultiUploadUrls(ctx, uploadInfo.UploadFileID, uploadPart)
+				if err != nil {
+					return err
+				}
+				uploadUrl := uploadUrls[0]
+
+				byteSize, offset := sliceSize, int64(uploadUrl.PartNumber-1)*sliceSize
+				if uploadUrl.PartNumber == count {
+					byteSize = lastSliceSize
+				}
+
+				// step.4 上传切片
+				_, err = y.put(ctx, uploadUrl.RequestURL, uploadUrl.Headers, false, io.NewSectionReader(tempFile, offset, byteSize))
+				if err != nil {
+					return err
+				}
+
+				up(int(threadG.Success()) * 100 / len(uploadUrls))
+				uploadProgress.UploadParts[i] = ""
+				return nil
+			})
+		}
+		if err = threadG.Wait(); err != nil {
+			if errors.Is(err, context.Canceled) {
+				uploadProgress.UploadParts = utils.SliceFilter(uploadProgress.UploadParts, func(s string) bool { return s != "" })
+				base.SaveUploadProgress(y, uploadProgress, y.tokenInfo.SessionKey, fileMd5Hex)
+			}
+			return nil, err
+		}
+	}
+
+	// step.5 提交
 	var resp CommitMultiUploadFileResp
 	_, err = y.request(fullUrl+"/commitMultiUploadFile", http.MethodGet,
 		func(req *resty.Request) {
 			req.SetContext(ctx)
 		}, Params{
-			"uploadFileId": uploadInfo.Data.UploadFileID,
+			"uploadFileId": uploadInfo.UploadFileID,
 			"isLog":        "0",
 			"opertype":     "3",
 		}, &resp)
@ -669,6 +694,51 @@ func (y *Cloud189PC) FastUpload(ctx context.Context, dstDir model.Obj, file mode
 	return resp.toFile(), nil
 }

+// 获取上传切片信息
+// 对http body有大小限制，分片信息太多会出错
+func (y *Cloud189PC) GetMultiUploadUrls(ctx context.Context, uploadFileId string, partInfo ...string) ([]UploadUrlInfo, error) {
+	fullUrl := UPLOAD_URL
+	if y.isFamily() {
+		fullUrl += "/family"
+	} else {
+		fullUrl += "/person"
+	}
+
+	var uploadUrlsResp UploadUrlsResp
+	_, err := y.request(fullUrl+"/getMultiUploadUrls", http.MethodGet,
+		func(req *resty.Request) {
+			req.SetContext(ctx)
+		}, Params{
+			"uploadFileId": uploadFileId,
+			"partInfo":     strings.Join(partInfo, ","),
+		}, &uploadUrlsResp)
+	if err != nil {
+		return nil, err
+	}
+	uploadUrls := uploadUrlsResp.Data
+
+	if len(uploadUrls) != len(partInfo) {
+		return nil, fmt.Errorf("uploadUrls get error, due to get length %d, real length %d", len(partInfo), len(uploadUrls))
+	}
+
+	uploadUrlInfos := make([]UploadUrlInfo, 0, len(uploadUrls))
+	for k, uploadUrl := range uploadUrls {
+		partNumber, err := strconv.Atoi(strings.TrimPrefix(k, "partNumber_"))
+		if err != nil {
+			return nil, err
+		}
+		uploadUrlInfos = append(uploadUrlInfos, UploadUrlInfo{
+			PartNumber:     partNumber,
+			Headers:        ParseHttpHeader(uploadUrl.RequestHeader),
+			UploadUrlsData: uploadUrl,
+		})
+	}
+	sort.Slice(uploadUrlInfos, func(i, j int) bool {
+		return uploadUrlInfos[i].PartNumber < uploadUrlInfos[j].PartNumber
+	})
+	return uploadUrlInfos, nil
+}
+
 // 旧版本上传，家庭云不支持覆盖
 func (y *Cloud189PC) OldUpload(ctx context.Context, dstDir model.Obj, file model.FileStreamer, up driver.UpdateProgress) (model.Obj, error) {
 	// 需要获取完整文件md5,必须支持 io.Seek
--- a/drivers/aliyundrive_open/driver.go
+++ b/drivers/aliyundrive_open/driver.go
@ -107,7 +107,9 @@ func (d *AliyundriveOpen) Link(ctx context.Context, file model.Obj, args model.L
 	return d.limitLink(ctx, file)
 }

-func (d *AliyundriveOpen) MakeDir(ctx context.Context, parentDir model.Obj, dirName string) error {
+func (d *AliyundriveOpen) MakeDir(ctx context.Context, parentDir model.Obj, dirName string) (model.Obj, error) {
+	nowTime, _ := getNowTime()
+	newDir := File{CreatedAt: nowTime, UpdatedAt: nowTime}
 	_, err := d.request("/adrive/v1.0/openFile/create", http.MethodPost, func(req *resty.Request) {
 		req.SetBody(base.Json{
 			"drive_id":        d.DriveId,
@ -115,12 +117,16 @@ func (d *AliyundriveOpen) MakeDir(ctx context.Context, parentDir model.Obj, dirN
 			"name":            dirName,
 			"type":            "folder",
 			"check_name_mode": "refuse",
-		})
+		}).SetResult(&newDir)
 	})
-	return err
+	if err != nil {
+		return nil, err
+	}
+	return fileToObj(newDir), nil
 }

-func (d *AliyundriveOpen) Move(ctx context.Context, srcObj, dstDir model.Obj) error {
+func (d *AliyundriveOpen) Move(ctx context.Context, srcObj, dstDir model.Obj) (model.Obj, error) {
+	var resp MoveOrCopyResp
 	_, err := d.request("/adrive/v1.0/openFile/move", http.MethodPost, func(req *resty.Request) {
 		req.SetBody(base.Json{
 			"drive_id":          d.DriveId,
@ -128,20 +134,36 @@ func (d *AliyundriveOpen) Move(ctx context.Context, srcObj, dstDir model.Obj) er
 			"to_parent_file_id": dstDir.GetID(),
 			"check_name_mode":   "refuse", // optional:ignore,auto_rename,refuse
 			//"new_name":          "newName", // The new name to use when a file of the same name exists
-		})
+		}).SetResult(&resp)
 	})
-	return err
+	if err != nil {
+		return nil, err
+	}
+	if resp.Exist {
+		return nil, errors.New("existence of files with the same name")
+	}
+
+	if srcObj, ok := srcObj.(*model.ObjThumb); ok {
+		srcObj.ID = resp.FileID
+		srcObj.Modified = time.Now()
+		return srcObj, nil
+	}
+	return nil, nil
 }

-func (d *AliyundriveOpen) Rename(ctx context.Context, srcObj model.Obj, newName string) error {
+func (d *AliyundriveOpen) Rename(ctx context.Context, srcObj model.Obj, newName string) (model.Obj, error) {
+	var newFile File
 	_, err := d.request("/adrive/v1.0/openFile/update", http.MethodPost, func(req *resty.Request) {
 		req.SetBody(base.Json{
 			"drive_id": d.DriveId,
 			"file_id":  srcObj.GetID(),
 			"name":     newName,
-		})
+		}).SetResult(&newFile)
 	})
-	return err
+	if err != nil {
+		return nil, err
+	}
+	return fileToObj(newFile), nil
 }

 func (d *AliyundriveOpen) Copy(ctx context.Context, srcObj, dstDir model.Obj) error {
@ -170,7 +192,7 @@ func (d *AliyundriveOpen) Remove(ctx context.Context, obj model.Obj) error {
 	return err
 }

-func (d *AliyundriveOpen) Put(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) error {
+func (d *AliyundriveOpen) Put(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) (model.Obj, error) {
 	return d.upload(ctx, dstDir, stream, up)
 }

@ -199,3 +221,7 @@ func (d *AliyundriveOpen) Other(ctx context.Context, args model.OtherArgs) (inte
 }

 var _ driver.Driver = (*AliyundriveOpen)(nil)
+var _ driver.MkdirResult = (*AliyundriveOpen)(nil)
+var _ driver.MoveResult = (*AliyundriveOpen)(nil)
+var _ driver.RenameResult = (*AliyundriveOpen)(nil)
+var _ driver.PutResult = (*AliyundriveOpen)(nil)
--- a/drivers/aliyundrive_open/types.go
+++ b/drivers/aliyundrive_open/types.go
@ -17,22 +17,28 @@ type Files struct {
 }

 type File struct {
-	DriveId       string     `json:"drive_id"`
-	FileId        string     `json:"file_id"`
-	ParentFileId  string     `json:"parent_file_id"`
-	Name          string     `json:"name"`
-	Size          int64      `json:"size"`
-	FileExtension string     `json:"file_extension"`
-	ContentHash   string     `json:"content_hash"`
-	Category      string     `json:"category"`
-	Type          string     `json:"type"`
-	Thumbnail     string     `json:"thumbnail"`
-	Url           string     `json:"url"`
-	CreatedAt     *time.Time `json:"created_at"`
-	UpdatedAt     time.Time  `json:"updated_at"`
+	DriveId       string    `json:"drive_id"`
+	FileId        string    `json:"file_id"`
+	ParentFileId  string    `json:"parent_file_id"`
+	Name          string    `json:"name"`
+	Size          int64     `json:"size"`
+	FileExtension string    `json:"file_extension"`
+	ContentHash   string    `json:"content_hash"`
+	Category      string    `json:"category"`
+	Type          string    `json:"type"`
+	Thumbnail     string    `json:"thumbnail"`
+	Url           string    `json:"url"`
+	CreatedAt     time.Time `json:"created_at"`
+	UpdatedAt     time.Time `json:"updated_at"`
+
+	// create only
+	FileName string `json:"file_name"`
 }

 func fileToObj(f File) *model.ObjThumb {
+	if f.Name == "" {
+		f.Name = f.FileName
+	}
 	return &model.ObjThumb{
 		Object: model.Object{
 			ID:       f.FileId,
@ -67,3 +73,9 @@ type CreateResp struct {
 	RapidUpload  bool       `json:"rapid_upload"`
 	PartInfoList []PartInfo `json:"part_info_list"`
 }
+
+type MoveOrCopyResp struct {
+	Exist   bool   `json:"exist"`
+	DriveID string `json:"drive_id"`
+	FileID  string `json:"file_id"`
+}
--- a/drivers/aliyundrive_open/upload.go
+++ b/drivers/aliyundrive_open/upload.go
@ -19,6 +19,7 @@ import (
 	"github.com/alist-org/alist/v3/internal/driver"
 	"github.com/alist-org/alist/v3/internal/model"
 	"github.com/alist-org/alist/v3/pkg/utils"
+	"github.com/avast/retry-go"
 	"github.com/go-resty/resty/v2"
 	log "github.com/sirupsen/logrus"
 )
@ -65,73 +66,40 @@ func (d *AliyundriveOpen) getUploadUrl(count int, fileId, uploadId string) ([]Pa
 	return resp.PartInfoList, err
 }

-func (d *AliyundriveOpen) uploadPart(ctx context.Context, i, count int, reader *utils.MultiReadable, resp *CreateResp, retry bool) error {
-	partInfo := resp.PartInfoList[i-1]
+func (d *AliyundriveOpen) uploadPart(ctx context.Context, r io.Reader, partInfo PartInfo) error {
 	uploadUrl := partInfo.UploadUrl
 	if d.InternalUpload {
 		uploadUrl = strings.ReplaceAll(uploadUrl, "https://cn-beijing-data.aliyundrive.net/", "http://ccp-bj29-bj-1592982087.oss-cn-beijing-internal.aliyuncs.com/")
 	}
-	req, err := http.NewRequest("PUT", uploadUrl, reader)
+	req, err := http.NewRequestWithContext(ctx, "PUT", uploadUrl, r)
 	if err != nil {
 		return err
 	}
-	req = req.WithContext(ctx)
 	res, err := base.HttpClient.Do(req)
 	if err != nil {
-		if retry {
-			reader.Reset()
-			return d.uploadPart(ctx, i, count, reader, resp, false)
-		}
 		return err
 	}
 	res.Body.Close()
-	if retry && res.StatusCode == http.StatusForbidden {
-		resp.PartInfoList, err = d.getUploadUrl(count, resp.FileId, resp.UploadId)
-		if err != nil {
-			return err
-		}
-		reader.Reset()
-		return d.uploadPart(ctx, i, count, reader, resp, false)
-	}
 	if res.StatusCode != http.StatusOK && res.StatusCode != http.StatusConflict {
 		return fmt.Errorf("upload status: %d", res.StatusCode)
 	}
 	return nil
 }

-func (d *AliyundriveOpen) normalUpload(ctx context.Context, stream model.FileStreamer, up driver.UpdateProgress, createResp CreateResp, count int, partSize int64) error {
-	log.Debugf("[aliyundive_open] normal upload")
-	// 2. upload
-	preTime := time.Now()
-	for i := 1; i <= len(createResp.PartInfoList); i++ {
-		if utils.IsCanceled(ctx) {
-			return ctx.Err()
-		}
-		err := d.uploadPart(ctx, i, count, utils.NewMultiReadable(io.LimitReader(stream, partSize)), &createResp, true)
-		if err != nil {
-			return err
-		}
-		if count > 0 {
-			up(i * 100 / count)
-		}
-		// refresh upload url if 50 minutes passed
-		if time.Since(preTime) > 50*time.Minute {
-			createResp.PartInfoList, err = d.getUploadUrl(count, createResp.FileId, createResp.UploadId)
-			if err != nil {
-				return err
-			}
-			preTime = time.Now()
-		}
-	}
+func (d *AliyundriveOpen) completeUpload(fileId, uploadId string) (model.Obj, error) {
 	// 3. complete
+	var newFile File
 	_, err := d.request("/adrive/v1.0/openFile/complete", http.MethodPost, func(req *resty.Request) {
 		req.SetBody(base.Json{
 			"drive_id":  d.DriveId,
-			"file_id":   createResp.FileId,
-			"upload_id": createResp.UploadId,
-		})
+			"file_id":   fileId,
+			"upload_id": uploadId,
+		}).SetResult(&newFile)
 	})
-	return err
+	if err != nil {
+		return nil, err
+	}
+	return fileToObj(newFile), nil
 }

 type ProofRange struct {
@ -172,7 +140,7 @@ func (d *AliyundriveOpen) calProofCode(file *os.File, fileSize int64) (string, e
 	return base64.StdEncoding.EncodeToString(buf), nil
 }

-func (d *AliyundriveOpen) upload(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) error {
+func (d *AliyundriveOpen) upload(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) (model.Obj, error) {
 	// 1. create
 	// Part Size Unit: Bytes, Default: 20MB,
 	// Maximum number of slices 10,000, ≈195.3125GB
@ -194,14 +162,14 @@ func (d *AliyundriveOpen) upload(ctx context.Context, dstDir model.Obj, stream m
 		buf := bytes.NewBuffer(make([]byte, 0, 1024))
 		_, err := io.CopyN(buf, stream, 1024)
 		if err != nil {
-			return err
+			return nil, err
 		}
 		createData["size"] = stream.GetSize()
 		createData["pre_hash"] = utils.GetSHA1Encode(buf.Bytes())
 		// if support seek, seek to start
 		if localFile, ok := stream.(io.Seeker); ok {
 			if _, err := localFile.Seek(0, io.SeekStart); err != nil {
-				return err
+				return nil, err
 			}
 		} else {
 			// Put spliced head back to stream
@ -220,13 +188,13 @@ func (d *AliyundriveOpen) upload(ctx context.Context, dstDir model.Obj, stream m
 	})
 	if err != nil {
 		if e.Code != "PreHashMatched" || !rapidUpload {
-			return err
+			return nil, err
 		}
 		log.Debugf("[aliyundrive_open] pre_hash matched, start rapid upload")
 		// convert to local file
 		file, err := utils.CreateTempFile(stream, stream.GetSize())
 		if err != nil {
-			return err
+			return nil, err
 		}
 		_ = stream.GetReadCloser().Close()
 		stream.SetReadCloser(file)
@ -234,35 +202,62 @@ func (d *AliyundriveOpen) upload(ctx context.Context, dstDir model.Obj, stream m
 		h := sha1.New()
 		_, err = io.Copy(h, file)
 		if err != nil {
-			return err
+			return nil, err
 		}
 		delete(createData, "pre_hash")
 		createData["proof_version"] = "v1"
 		createData["content_hash_name"] = "sha1"
 		createData["content_hash"] = hex.EncodeToString(h.Sum(nil))
-		// seek to start
-		if _, err = file.Seek(0, io.SeekStart); err != nil {
-			return err
-		}
 		createData["proof_code"], err = d.calProofCode(file, stream.GetSize())
 		if err != nil {
-			return fmt.Errorf("cal proof code error: %s", err.Error())
+			return nil, fmt.Errorf("cal proof code error: %s", err.Error())
 		}
 		_, err = d.request("/adrive/v1.0/openFile/create", http.MethodPost, func(req *resty.Request) {
 			req.SetBody(createData).SetResult(&createResp)
 		})
 		if err != nil {
-			return err
+			return nil, err
 		}
-		if createResp.RapidUpload {
-			log.Debugf("[aliyundrive_open] rapid upload success, file id: %s", createResp.FileId)
-			return nil
-		}
-		// failed to rapid upload, try normal upload
+		// seek to start
 		if _, err = file.Seek(0, io.SeekStart); err != nil {
-			return err
+			return nil, err
 		}
 	}
+
+	if !createResp.RapidUpload {
+		// 2. upload
+		log.Debugf("[aliyundive_open] normal upload")
+
+		preTime := time.Now()
+		for i := 0; i < len(createResp.PartInfoList); i++ {
+			if utils.IsCanceled(ctx) {
+				return nil, ctx.Err()
+			}
+			// refresh upload url if 50 minutes passed
+			if time.Since(preTime) > 50*time.Minute {
+				createResp.PartInfoList, err = d.getUploadUrl(count, createResp.FileId, createResp.UploadId)
+				if err != nil {
+					return nil, err
+				}
+				preTime = time.Now()
+			}
+			rd := utils.NewMultiReadable(io.LimitReader(stream, partSize))
+			err = retry.Do(func() error {
+				rd.Reset()
+				return d.uploadPart(ctx, rd, createResp.PartInfoList[i])
+			},
+				retry.Attempts(3),
+				retry.DelayType(retry.BackOffDelay),
+				retry.Delay(time.Second))
+			if err != nil {
+				return nil, err
+			}
+		}
+	} else {
+		log.Debugf("[aliyundrive_open] rapid upload success, file id: %s", createResp.FileId)
+	}
+
 	log.Debugf("[aliyundrive_open] create file success, resp: %+v", createResp)
-	return d.normalUpload(ctx, stream, up, createResp, count, partSize)
+	// 3. complete
+	return d.completeUpload(createResp.FileId, createResp.UploadId)
 }
--- a/drivers/aliyundrive_open/util.go
+++ b/drivers/aliyundrive_open/util.go
@ -2,9 +2,12 @@ package aliyundrive_open

 import (
 	"context"
+	"encoding/base64"
 	"errors"
 	"fmt"
 	"net/http"
+	"strings"
+	"time"

 	"github.com/alist-org/alist/v3/drivers/base"
 	"github.com/alist-org/alist/v3/internal/op"
@ -15,7 +18,7 @@ import (

 // do others that not defined in Driver interface

-func (d *AliyundriveOpen) refreshToken() error {
+func (d *AliyundriveOpen) _refreshToken() (string, string, error) {
 	url := d.base + "/oauth/access_token"
 	if d.OauthTokenURL != "" && d.ClientID == "" {
 		url = d.OauthTokenURL
@ -34,16 +37,56 @@ func (d *AliyundriveOpen) refreshToken() error {
 		SetError(&e).
 		Post(url)
 	if err != nil {
-		return err
+		return "", "", err
 	}
 	log.Debugf("[ali_open] refresh token response: %s", res.String())
 	if e.Code != "" {
-		return fmt.Errorf("failed to refresh token: %s", e.Message)
+		return "", "", fmt.Errorf("failed to refresh token: %s", e.Message)
 	}
 	refresh, access := utils.Json.Get(res.Body(), "refresh_token").ToString(), utils.Json.Get(res.Body(), "access_token").ToString()
 	if refresh == "" {
-		return errors.New("failed to refresh token: refresh token is empty")
+		return "", "", errors.New("failed to refresh token: refresh token is empty")
 	}
+	curSub, err := getSub(d.RefreshToken)
+	if err != nil {
+		return "", "", err
+	}
+	newSub, err := getSub(refresh)
+	if err != nil {
+		return "", "", err
+	}
+	if curSub != newSub {
+		return "", "", errors.New("failed to refresh token: sub not match")
+	}
+	return refresh, access, nil
+}
+
+func getSub(token string) (string, error) {
+	segments := strings.Split(token, ".")
+	if len(segments) != 3 {
+		return "", errors.New("not a jwt token because of invalid segments")
+	}
+	bs, err := base64.RawStdEncoding.DecodeString(segments[1])
+	if err != nil {
+		return "", errors.New("failed to decode jwt token")
+	}
+	return utils.Json.Get(bs, "sub").ToString(), nil
+}
+
+func (d *AliyundriveOpen) refreshToken() error {
+	refresh, access, err := d._refreshToken()
+	for i := 0; i < 3; i++ {
+		if err == nil {
+			break
+		} else {
+			log.Errorf("[ali_open] failed to refresh token: %s", err)
+		}
+		refresh, access, err = d._refreshToken()
+	}
+	if err != nil {
+		return err
+	}
+	log.Infof("[ali_open] toekn exchange: %s -> %s", d.RefreshToken, refresh)
 	d.RefreshToken, d.AccessToken = refresh, access
 	op.MustSaveDriverStorage(d)
 	return nil
@ -127,3 +170,9 @@ func (d *AliyundriveOpen) getFiles(ctx context.Context, fileId string) ([]File,
 	}
 	return res, nil
 }
+
+func getNowTime() (time.Time, string) {
+	nowTime := time.Now()
+	nowTimeStr := nowTime.Format("2006-01-02T15:04:05.000Z")
+	return nowTime, nowTimeStr
+}
--- a/drivers/baidu_netdisk/driver.go
+++ b/drivers/baidu_netdisk/driver.go
@ -4,28 +4,33 @@ import (
 	"context"
 	"crypto/md5"
 	"encoding/hex"
+	"errors"
 	"fmt"
+	"io"
+	"math"
+	"net/url"
+	"os"
+	stdpath "path"
+	"strconv"
+	"time"
+
 	"github.com/alist-org/alist/v3/drivers/base"
 	"github.com/alist-org/alist/v3/internal/driver"
 	"github.com/alist-org/alist/v3/internal/errs"
 	"github.com/alist-org/alist/v3/internal/model"
+	"github.com/alist-org/alist/v3/pkg/errgroup"
 	"github.com/alist-org/alist/v3/pkg/utils"
 	"github.com/avast/retry-go"
 	log "github.com/sirupsen/logrus"
-	"io"
-	"math"
-	"os"
-	stdpath "path"
-	"strconv"
-	"strings"
 )

 type BaiduNetdisk struct {
 	model.Storage
 	Addition
+
+	uploadThread int
 }

-const BaiduFileAPI = "https://d.pcs.baidu.com/rest/2.0/pcs/superfile2"
 const DefaultSliceSize int64 = 4 * 1024 * 1024

 func (d *BaiduNetdisk) Config() driver.Config {
@ -37,6 +42,15 @@ func (d *BaiduNetdisk) GetAddition() driver.Additional {
 }

 func (d *BaiduNetdisk) Init(ctx context.Context) error {
+	d.uploadThread, _ = strconv.Atoi(d.UploadThread)
+	if d.uploadThread < 1 || d.uploadThread > 32 {
+		d.uploadThread, d.UploadThread = 3, "3"
+	}
+
+	if _, err := url.Parse(d.UploadAPI); d.UploadAPI == "" || err != nil {
+		d.UploadAPI = "https://d.pcs.baidu.com"
+	}
+
 	res, err := d.get("/xpan/nas", map[string]string{
 		"method": "uinfo",
 	}, nil)
@ -65,12 +79,16 @@ func (d *BaiduNetdisk) Link(ctx context.Context, file model.Obj, args model.Link
 	return d.linkOfficial(file, args)
 }

-func (d *BaiduNetdisk) MakeDir(ctx context.Context, parentDir model.Obj, dirName string) error {
-	_, err := d.create(stdpath.Join(parentDir.GetPath(), dirName), 0, 1, "", "")
-	return err
+func (d *BaiduNetdisk) MakeDir(ctx context.Context, parentDir model.Obj, dirName string) (model.Obj, error) {
+	var newDir File
+	_, err := d.create(stdpath.Join(parentDir.GetPath(), dirName), 0, 1, "", "", &newDir)
+	if err != nil {
+		return nil, err
+	}
+	return fileToObj(newDir), nil
 }

-func (d *BaiduNetdisk) Move(ctx context.Context, srcObj, dstDir model.Obj) error {
+func (d *BaiduNetdisk) Move(ctx context.Context, srcObj, dstDir model.Obj) (model.Obj, error) {
 	data := []base.Json{
 		{
 			"path":    srcObj.GetPath(),
@ -79,10 +97,18 @@ func (d *BaiduNetdisk) Move(ctx context.Context, srcObj, dstDir model.Obj) error
 		},
 	}
 	_, err := d.manage("move", data)
-	return err
+	if err != nil {
+		return nil, err
+	}
+	if srcObj, ok := srcObj.(*model.ObjThumb); ok {
+		srcObj.SetPath(stdpath.Join(dstDir.GetPath(), srcObj.GetName()))
+		srcObj.Modified = time.Now()
+		return srcObj, nil
+	}
+	return nil, nil
 }

-func (d *BaiduNetdisk) Rename(ctx context.Context, srcObj model.Obj, newName string) error {
+func (d *BaiduNetdisk) Rename(ctx context.Context, srcObj model.Obj, newName string) (model.Obj, error) {
 	data := []base.Json{
 		{
 			"path":    srcObj.GetPath(),
@ -90,7 +116,17 @@ func (d *BaiduNetdisk) Rename(ctx context.Context, srcObj model.Obj, newName str
 		},
 	}
 	_, err := d.manage("rename", data)
-	return err
+	if err != nil {
+		return nil, err
+	}
+
+	if srcObj, ok := srcObj.(*model.ObjThumb); ok {
+		srcObj.SetPath(stdpath.Join(stdpath.Dir(srcObj.GetPath()), newName))
+		srcObj.Name = newName
+		srcObj.Modified = time.Now()
+		return srcObj, nil
+	}
+	return nil, nil
 }

 func (d *BaiduNetdisk) Copy(ctx context.Context, srcObj, dstDir model.Obj) error {
@ -111,118 +147,134 @@ func (d *BaiduNetdisk) Remove(ctx context.Context, obj model.Obj) error {
 	return err
 }

-func (d *BaiduNetdisk) Put(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) error {
-	streamSize := stream.GetSize()
-
+func (d *BaiduNetdisk) Put(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) (model.Obj, error) {
 	tempFile, err := utils.CreateTempFile(stream.GetReadCloser(), stream.GetSize())
 	if err != nil {
-		return err
+		return nil, err
 	}
 	defer func() {
 		_ = tempFile.Close()
 		_ = os.Remove(tempFile.Name())
 	}()

-	count := int(math.Ceil(float64(streamSize) / float64(DefaultSliceSize)))
+	streamSize := stream.GetSize()
+	count := int(math.Max(math.Ceil(float64(streamSize)/float64(DefaultSliceSize)), 1))
+	lastBlockSize := streamSize % DefaultSliceSize
+	if streamSize > 0 && lastBlockSize == 0 {
+		lastBlockSize = DefaultSliceSize
+	}
+
 	//cal md5 for first 256k data
 	const SliceSize int64 = 256 * 1024
 	// cal md5
-	h1 := md5.New()
-	h2 := md5.New()
-	blockList := make([]string, 0)
-	contentMd5 := ""
-	sliceMd5 := ""
-	left := streamSize
-	for i := 0; i < count; i++ {
-		byteSize := DefaultSliceSize
-		if left < DefaultSliceSize {
-			byteSize = left
+	blockList := make([]string, 0, count)
+	byteSize := DefaultSliceSize
+	fileMd5H := md5.New()
+	sliceMd5H := md5.New()
+	sliceMd5H2 := md5.New()
+	slicemd5H2Write := utils.LimitWriter(sliceMd5H2, SliceSize)
+
+	for i := 1; i <= count; i++ {
+		if utils.IsCanceled(ctx) {
+			return nil, ctx.Err()
 		}
-		left -= byteSize
-		_, err = io.Copy(io.MultiWriter(h1, h2), io.LimitReader(tempFile, byteSize))
-		if err != nil {
-			return err
+		if i == count {
+			byteSize = lastBlockSize
 		}
-		blockList = append(blockList, fmt.Sprintf("\"%s\"", hex.EncodeToString(h2.Sum(nil))))
-		h2.Reset()
-	}
-	contentMd5 = hex.EncodeToString(h1.Sum(nil))
-	_, err = tempFile.Seek(0, io.SeekStart)
-	if err != nil {
-		return err
-	}
-	if streamSize <= SliceSize {
-		sliceMd5 = contentMd5
-	} else {
-		sliceData := make([]byte, SliceSize)
-		_, err = io.ReadFull(tempFile, sliceData)
-		if err != nil {
-			return err
+		_, err := io.CopyN(io.MultiWriter(fileMd5H, sliceMd5H, slicemd5H2Write), tempFile, byteSize)
+		if err != nil && err != io.EOF {
+			return nil, err
 		}
-		h2.Write(sliceData)
-		sliceMd5 = hex.EncodeToString(h2.Sum(nil))
+		blockList = append(blockList, hex.EncodeToString(sliceMd5H.Sum(nil)))
+		sliceMd5H.Reset()
 	}
+	contentMd5 := hex.EncodeToString(fileMd5H.Sum(nil))
+	sliceMd5 := hex.EncodeToString(sliceMd5H2.Sum(nil))
+	blockListStr, _ := utils.Json.MarshalToString(blockList)
+
 	rawPath := stdpath.Join(dstDir.GetPath(), stream.GetName())
 	path := encodeURIComponent(rawPath)
-	block_list_str := fmt.Sprintf("[%s]", strings.Join(blockList, ","))
-	data := fmt.Sprintf("path=%s&size=%d&isdir=0&autoinit=1&block_list=%s&content-md5=%s&slice-md5=%s",
-		path, streamSize,
-		block_list_str,
-		contentMd5, sliceMd5)
-	params := map[string]string{
-		"method": "precreate",
-	}
-	log.Debugf("[baidu_netdisk] precreate data: %s", data)
-	var precreateResp PrecreateResp
-	_, err = d.post("/xpan/file", params, data, &precreateResp)
-	if err != nil {
-		return err
-	}
-	log.Debugf("%+v", precreateResp)
-	if precreateResp.ReturnType == 2 {
-		//rapid upload, since got md5 match from baidu server
-		return nil
-	}
-	params = map[string]string{
-		"method":       "upload",
-		"access_token": d.AccessToken,
-		"type":         "tmpfile",
-		"path":         path,
-		"uploadid":     precreateResp.Uploadid,
-	}

-	var offset int64 = 0
-	for i, partseq := range precreateResp.BlockList {
-		params["partseq"] = strconv.Itoa(partseq)
-		byteSize := int64(math.Min(float64(streamSize-offset), float64(DefaultSliceSize)))
-		err := retry.Do(func() error {
-			return d.uploadSlice(ctx, &params, stream.GetName(), tempFile, offset, byteSize)
-		},
-			retry.Context(ctx),
-			retry.Attempts(3))
+	// step.1 预上传
+	// 尝试获取之前的进度
+	precreateResp, ok := base.GetUploadProgress[*PrecreateResp](d, d.AccessToken, contentMd5)
+	if !ok {
+		data := fmt.Sprintf("path=%s&size=%d&isdir=0&autoinit=1&rtype=3&block_list=%s&content-md5=%s&slice-md5=%s",
+			path, streamSize,
+			blockListStr,
+			contentMd5, sliceMd5)
+		params := map[string]string{
+			"method": "precreate",
+		}
+		log.Debugf("[baidu_netdisk] precreate data: %s", data)
+		_, err = d.post("/xpan/file", params, data, &precreateResp)
 		if err != nil {
-			return err
+			return nil, err
 		}
-		offset += byteSize
-
-		if len(precreateResp.BlockList) > 0 {
-			up(i * 100 / len(precreateResp.BlockList))
+		log.Debugf("%+v", precreateResp)
+		if precreateResp.ReturnType == 2 {
+			//rapid upload, since got md5 match from baidu server
+			if err != nil {
+				return nil, err
+			}
+			return fileToObj(precreateResp.File), nil
 		}
 	}
-	_, err = d.create(rawPath, streamSize, 0, precreateResp.Uploadid, block_list_str)
-	return err
-}
-func (d *BaiduNetdisk) uploadSlice(ctx context.Context, params *map[string]string, fileName string, file *os.File, offset int64, byteSize int64) error {
-	_, err := file.Seek(offset, io.SeekStart)
+	// step.2 上传分片
+	threadG, upCtx := errgroup.NewGroupWithContext(ctx, d.uploadThread,
+		retry.Attempts(3),
+		retry.Delay(time.Second),
+		retry.DelayType(retry.BackOffDelay))
+	for i, partseq := range precreateResp.BlockList {
+		if utils.IsCanceled(upCtx) {
+			break
+		}
+
+		i, partseq, offset, byteSize := i, partseq, int64(partseq)*DefaultSliceSize, DefaultSliceSize
+		if partseq+1 == count {
+			byteSize = lastBlockSize
+		}
+		threadG.Go(func(ctx context.Context) error {
+			params := map[string]string{
+				"method":       "upload",
+				"access_token": d.AccessToken,
+				"type":         "tmpfile",
+				"path":         path,
+				"uploadid":     precreateResp.Uploadid,
+				"partseq":      strconv.Itoa(partseq),
+			}
+			err := d.uploadSlice(ctx, params, stream.GetName(), io.NewSectionReader(tempFile, offset, byteSize))
+			if err != nil {
+				return err
+			}
+			up(int(threadG.Success()) * 100 / len(precreateResp.BlockList))
+			precreateResp.BlockList[i] = -1
+			return nil
+		})
+	}
+	if err = threadG.Wait(); err != nil {
+		// 如果属于用户主动取消，则保存上传进度
+		if errors.Is(err, context.Canceled) {
+			precreateResp.BlockList = utils.SliceFilter(precreateResp.BlockList, func(s int) bool { return s >= 0 })
+			base.SaveUploadProgress(d, precreateResp, d.AccessToken, contentMd5)
+		}
+		return nil, err
+	}
+
+	// step.3 创建文件
+	var newFile File
+	_, err = d.create(rawPath, streamSize, 0, precreateResp.Uploadid, blockListStr, &newFile)
 	if err != nil {
-		return err
+		return nil, err
 	}
-
+	return fileToObj(newFile), nil
+}
+func (d *BaiduNetdisk) uploadSlice(ctx context.Context, params map[string]string, fileName string, file io.Reader) error {
 	res, err := base.RestyClient.R().
 		SetContext(ctx).
-		SetQueryParams(*params).
-		SetFileReader("file", fileName, io.LimitReader(file, byteSize)).
-		Post(BaiduFileAPI)
+		SetQueryParams(params).
+		SetFileReader("file", fileName, file).
+		Post(d.UploadAPI + "/rest/2.0/pcs/superfile2")
 	if err != nil {
 		return err
 	}
--- a/drivers/baidu_netdisk/meta.go
+++ b/drivers/baidu_netdisk/meta.go
@ -15,6 +15,8 @@ type Addition struct {
 	ClientSecret   string `json:"client_secret" required:"true" default:"jXiFMOPVPCWlO2M5CwWQzffpNPaGTRBG"`
 	CustomCrackUA  string `json:"custom_crack_ua" required:"true" default:"netdisk"`
 	AccessToken    string
+	UploadThread   string `json:"upload_thread" default:"3" help:"1<=thread<=32"`
+	UploadAPI      string `json:"upload_api" default:"https://d.pcs.baidu.com"`
 }

 var config = driver.Config{
--- a/drivers/baidu_netdisk/types.go
+++ b/drivers/baidu_netdisk/types.go
@ -1,6 +1,7 @@
 package baidu_netdisk

 import (
+	"path"
 	"strconv"
 	"time"

@ -17,10 +18,8 @@ type File struct {
 	//OwnerType    int    `json:"owner_type"`
 	//Category     int    `json:"category"`
 	//RealCategory string `json:"real_category"`
-	FsId        int64 `json:"fs_id"`
-	ServerMtime int64 `json:"server_mtime"`
+	FsId int64 `json:"fs_id"`
 	//OperId      int   `json:"oper_id"`
-	//ServerCtime int   `json:"server_ctime"`
 	Thumbs struct {
 		//Icon string `json:"icon"`
 		Url3 string `json:"url3"`
@ -28,25 +27,41 @@ type File struct {
 		//Url1 string `json:"url1"`
 	} `json:"thumbs"`
 	//Wpfile         int    `json:"wpfile"`
-	//LocalMtime     int    `json:"local_mtime"`
+
 	Size int64 `json:"size"`
 	//ExtentTinyint7 int    `json:"extent_tinyint7"`
 	Path string `json:"path"`
 	//Share          int    `json:"share"`
-	//ServerAtime    int    `json:"server_atime"`
 	//Pl             int    `json:"pl"`
-	//LocalCtime     int    `json:"local_ctime"`
 	ServerFilename string `json:"server_filename"`
-	//Md5            string `json:"md5"`
+	Md5            string `json:"md5"`
 	//OwnerId        int    `json:"owner_id"`
 	//Unlist int `json:"unlist"`
 	Isdir int `json:"isdir"`
+
+	// list resp
+	//ServerCtime int64   `json:"server_ctime"`
+	ServerMtime int64 `json:"server_mtime"`
+	//ServerAtime    int64    `json:"server_atime"`
+	//LocalCtime     int64    `json:"local_ctime"`
+	//LocalMtime     int64    `json:"local_mtime"`
+
+	// only create and precreate resp
+	Ctime int64 `json:"ctime"`
+	Mtime int64 `json:"mtime"`
 }

 func fileToObj(f File) *model.ObjThumb {
+	if f.ServerFilename == "" {
+		f.ServerFilename = path.Base(f.Path)
+	}
+	if f.ServerMtime == 0 {
+		f.ServerMtime = int64(f.Mtime)
+	}
 	return &model.ObjThumb{
 		Object: model.Object{
 			ID:       strconv.FormatInt(f.FsId, 10),
+			Path:     f.Path,
 			Name:     f.ServerFilename,
 			Size:     f.Size,
 			Modified: time.Unix(f.ServerMtime, 0),
@ -154,10 +169,15 @@ type DownloadResp2 struct {
 }

 type PrecreateResp struct {
-	Path       string `json:"path"`
-	Uploadid   string `json:"uploadid"`
-	ReturnType int    `json:"return_type"`
-	BlockList  []int  `json:"block_list"`
-	Errno      int    `json:"errno"`
-	RequestId  int64  `json:"request_id"`
+	Errno      int   `json:"errno"`
+	RequestId  int64 `json:"request_id"`
+	ReturnType int   `json:"return_type"`
+
+	// return_type=1
+	Path      string `json:"path"`
+	Uploadid  string `json:"uploadid"`
+	BlockList []int  `json:"block_list"`
+
+	// return_type=2
+	File File `json:"info"`
 }
--- a/drivers/baidu_netdisk/util.go
+++ b/drivers/baidu_netdisk/util.go
@ -2,17 +2,18 @@ package baidu_netdisk

 import (
 	"fmt"
-	"github.com/avast/retry-go"
 	"net/http"
 	"net/url"
 	"strconv"
 	"strings"
+	"time"

 	"github.com/alist-org/alist/v3/drivers/base"
 	"github.com/alist-org/alist/v3/internal/errs"
 	"github.com/alist-org/alist/v3/internal/model"
 	"github.com/alist-org/alist/v3/internal/op"
 	"github.com/alist-org/alist/v3/pkg/utils"
+	"github.com/avast/retry-go"
 	"github.com/go-resty/resty/v2"
 	log "github.com/sirupsen/logrus"
 )
@ -76,12 +77,20 @@ func (d *BaiduNetdisk) request(furl string, method string, callback base.ReqCall
 					return err2
 				}
 			}
-			return fmt.Errorf("req: [%s] ,errno: %d, refer to https://pan.baidu.com/union/doc/", furl, errno)
+
+			err2 := fmt.Errorf("req: [%s] ,errno: %d, refer to https://pan.baidu.com/union/doc/", furl, errno)
+			if !utils.SliceContains([]int{2}, errno) {
+				err2 = retry.Unrecoverable(err2)
+			}
+			return err2
 		}
 		result = res.Body()
 		return nil
 	},
-		retry.Attempts(3))
+		retry.LastErrorOnly(true),
+		retry.Attempts(5),
+		retry.Delay(time.Second),
+		retry.DelayType(retry.BackOffDelay))
 	return result, err
 }

@ -179,20 +188,17 @@ func (d *BaiduNetdisk) linkCrack(file model.Obj, args model.LinkArgs) (*model.Li
 	}, nil
 }

-func (d *BaiduNetdisk) manage(opera string, filelist interface{}) ([]byte, error) {
+func (d *BaiduNetdisk) manage(opera string, filelist any) ([]byte, error) {
 	params := map[string]string{
 		"method": "filemanager",
 		"opera":  opera,
 	}
-	marshal, err := utils.Json.Marshal(filelist)
-	if err != nil {
-		return nil, err
-	}
-	data := fmt.Sprintf("async=0&filelist=%s&ondup=newcopy", string(marshal))
+	marshal, _ := utils.Json.MarshalToString(filelist)
+	data := fmt.Sprintf("async=0&filelist=%s&ondup=fail", marshal)
 	return d.post("/xpan/file", params, data, nil)
 }

-func (d *BaiduNetdisk) create(path string, size int64, isdir int, uploadid, block_list string) ([]byte, error) {
+func (d *BaiduNetdisk) create(path string, size int64, isdir int, uploadid, block_list string, resp any) ([]byte, error) {
 	params := map[string]string{
 		"method": "create",
 	}
@ -200,7 +206,7 @@ func (d *BaiduNetdisk) create(path string, size int64, isdir int, uploadid, bloc
 	if uploadid != "" {
 		data += fmt.Sprintf("&uploadid=%s&block_list=%s", uploadid, block_list)
 	}
-	return d.post("/xpan/file", params, data, nil)
+	return d.post("/xpan/file", params, data, resp)
 }

 func encodeURIComponent(str string) string {
--- a/drivers/baidu_photo/driver.go
+++ b/drivers/baidu_photo/driver.go
@ -4,6 +4,7 @@ import (
 	"context"
 	"crypto/md5"
 	"encoding/hex"
+	"errors"
 	"fmt"
 	"io"
 	"math"
@ -11,11 +12,15 @@ import (
 	"regexp"
 	"strconv"
 	"strings"
+	"time"

+	"github.com/alist-org/alist/v3/drivers/base"
 	"github.com/alist-org/alist/v3/internal/driver"
 	"github.com/alist-org/alist/v3/internal/errs"
 	"github.com/alist-org/alist/v3/internal/model"
+	"github.com/alist-org/alist/v3/pkg/errgroup"
 	"github.com/alist-org/alist/v3/pkg/utils"
+	"github.com/avast/retry-go"
 	"github.com/go-resty/resty/v2"
 )

@ -26,6 +31,8 @@ type BaiduPhoto struct {
 	AccessToken string
 	Uk          int64
 	root        model.Obj
+
+	uploadThread int
 }

 func (d *BaiduPhoto) Config() driver.Config {
@ -37,6 +44,11 @@ func (d *BaiduPhoto) GetAddition() driver.Additional {
 }

 func (d *BaiduPhoto) Init(ctx context.Context) error {
+	d.uploadThread, _ = strconv.Atoi(d.UploadThread)
+	if d.uploadThread < 1 || d.uploadThread > 32 {
+		d.uploadThread, d.UploadThread = 3, "3"
+	}
+
 	if err := d.refreshToken(); err != nil {
 		return err
 	}
@ -211,6 +223,11 @@ func (d *BaiduPhoto) Remove(ctx context.Context, obj model.Obj) error {
 }

 func (d *BaiduPhoto) Put(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) (model.Obj, error) {
+	// 不支持大小为0的文件
+	if stream.GetSize() == 0 {
+		return nil, fmt.Errorf("file size cannot be zero")
+	}
+
 	// 需要获取完整文件md5,必须支持 io.Seek
 	tempFile, err := utils.CreateTempFile(stream.GetReadCloser(), stream.GetSize())
 	if err != nil {
@ -221,35 +238,43 @@ func (d *BaiduPhoto) Put(ctx context.Context, dstDir model.Obj, stream model.Fil
 		_ = os.Remove(tempFile.Name())
 	}()

-	// 计算需要的数据
-	const DEFAULT = 1 << 22
-	const SliceSize = 1 << 18
-	count := int(math.Ceil(float64(stream.GetSize()) / float64(DEFAULT)))
+	const DEFAULT int64 = 1 << 22
+	const SliceSize int64 = 1 << 18

+	// 计算需要的数据
+	streamSize := stream.GetSize()
+	count := int(math.Ceil(float64(streamSize) / float64(DEFAULT)))
+	lastBlockSize := streamSize % DEFAULT
+	if lastBlockSize == 0 {
+		lastBlockSize = DEFAULT
+	}
+
+	// step.1 计算MD5
 	sliceMD5List := make([]string, 0, count)
-	fileMd5 := md5.New()
-	sliceMd5 := md5.New()
-	sliceMd52 := md5.New()
-	slicemd52Write := utils.LimitWriter(sliceMd52, SliceSize)
+	byteSize := int64(DEFAULT)
+	fileMd5H := md5.New()
+	sliceMd5H := md5.New()
+	sliceMd5H2 := md5.New()
+	slicemd5H2Write := utils.LimitWriter(sliceMd5H2, SliceSize)
 	for i := 1; i <= count; i++ {
 		if utils.IsCanceled(ctx) {
 			return nil, ctx.Err()
 		}
-
-		_, err := io.CopyN(io.MultiWriter(fileMd5, sliceMd5, slicemd52Write), tempFile, DEFAULT)
-		if err != nil && err != io.EOF && err != io.ErrUnexpectedEOF {
+		if i == count {
+			byteSize = lastBlockSize
+		}
+		_, err := io.CopyN(io.MultiWriter(fileMd5H, sliceMd5H, slicemd5H2Write), tempFile, byteSize)
+		if err != nil && err != io.EOF {
 			return nil, err
 		}
-		sliceMD5List = append(sliceMD5List, hex.EncodeToString(sliceMd5.Sum(nil)))
-		sliceMd5.Reset()
+		sliceMD5List = append(sliceMD5List, hex.EncodeToString(sliceMd5H.Sum(nil)))
+		sliceMd5H.Reset()
 	}
-	if _, err = tempFile.Seek(0, io.SeekStart); err != nil {
-		return nil, err
-	}
-	content_md5 := hex.EncodeToString(fileMd5.Sum(nil))
-	slice_md5 := hex.EncodeToString(sliceMd52.Sum(nil))
+	contentMd5 := hex.EncodeToString(fileMd5H.Sum(nil))
+	sliceMd5 := hex.EncodeToString(sliceMd5H2.Sum(nil))
+	blockListStr, _ := utils.Json.MarshalToString(sliceMD5List)

-	// 开始执行上传
+	// step.2 预上传
 	params := map[string]string{
 		"autoinit":    "1",
 		"isdir":       "0",
@ -257,46 +282,69 @@ func (d *BaiduPhoto) Put(ctx context.Context, dstDir model.Obj, stream model.Fil
 		"ctype":       "11",
 		"path":        fmt.Sprintf("/%s", stream.GetName()),
 		"size":        fmt.Sprint(stream.GetSize()),
-		"slice-md5":   slice_md5,
-		"content-md5": content_md5,
-		"block_list":  MustString(utils.Json.MarshalToString(sliceMD5List)),
+		"slice-md5":   sliceMd5,
+		"content-md5": contentMd5,
+		"block_list":  blockListStr,
 	}

-	// 预上传
-	var precreateResp PrecreateResp
-	_, err = d.Post(FILE_API_URL_V1+"/precreate", func(r *resty.Request) {
-		r.SetContext(ctx)
-		r.SetFormData(params)
-	}, &precreateResp)
-	if err != nil {
-		return nil, err
+	// 尝试获取之前的进度
+	precreateResp, ok := base.GetUploadProgress[*PrecreateResp](d, d.AccessToken, contentMd5)
+	if !ok {
+		_, err = d.Post(FILE_API_URL_V1+"/precreate", func(r *resty.Request) {
+			r.SetContext(ctx)
+			r.SetFormData(params)
+		}, &precreateResp)
+		if err != nil {
+			return nil, err
+		}
 	}

 	switch precreateResp.ReturnType {
-	case 1: // 上传文件
-		uploadParams := map[string]string{
-			"method":   "upload",
-			"path":     params["path"],
-			"uploadid": precreateResp.UploadID,
-		}
+	case 1: //step.3 上传文件切片
+		threadG, upCtx := errgroup.NewGroupWithContext(ctx, d.uploadThread,
+			retry.Attempts(3),
+			retry.Delay(time.Second),
+			retry.DelayType(retry.BackOffDelay))
+		for i, partseq := range precreateResp.BlockList {
+			if utils.IsCanceled(upCtx) {
+				break
+			}

-		for i := 0; i < count; i++ {
-			if utils.IsCanceled(ctx) {
-				return nil, ctx.Err()
+			i, partseq, offset, byteSize := i, partseq, int64(partseq)*DEFAULT, DEFAULT
+			if partseq+1 == count {
+				byteSize = lastBlockSize
 			}
-			uploadParams["partseq"] = fmt.Sprint(i)
-			_, err = d.Post("https://c3.pcs.baidu.com/rest/2.0/pcs/superfile2", func(r *resty.Request) {
-				r.SetContext(ctx)
-				r.SetQueryParams(uploadParams)
-				r.SetFileReader("file", stream.GetName(), io.LimitReader(tempFile, DEFAULT))
-			}, nil)
-			if err != nil {
-				return nil, err
+
+			threadG.Go(func(ctx context.Context) error {
+				uploadParams := map[string]string{
+					"method":   "upload",
+					"path":     params["path"],
+					"partseq":  fmt.Sprint(partseq),
+					"uploadid": precreateResp.UploadID,
+				}
+
+				_, err = d.Post("https://c3.pcs.baidu.com/rest/2.0/pcs/superfile2", func(r *resty.Request) {
+					r.SetContext(ctx)
+					r.SetQueryParams(uploadParams)
+					r.SetFileReader("file", stream.GetName(), io.NewSectionReader(tempFile, offset, byteSize))
+				}, nil)
+				if err != nil {
+					return err
+				}
+				up(int(threadG.Success()) * 100 / len(precreateResp.BlockList))
+				precreateResp.BlockList[i] = -1
+				return nil
+			})
+		}
+		if err = threadG.Wait(); err != nil {
+			if errors.Is(err, context.Canceled) {
+				precreateResp.BlockList = utils.SliceFilter(precreateResp.BlockList, func(s int) bool { return s >= 0 })
+				base.SaveUploadProgress(d, precreateResp, d.AccessToken, contentMd5)
 			}
-			up(i * 100 / count)
+			return nil, err
 		}
 		fallthrough
-	case 2: // 创建文件
+	case 2: //step.4 创建文件
 		params["uploadid"] = precreateResp.UploadID
 		_, err = d.Post(FILE_API_URL_V1+"/create", func(r *resty.Request) {
 			r.SetContext(ctx)
@ -306,7 +354,7 @@ func (d *BaiduPhoto) Put(ctx context.Context, dstDir model.Obj, stream model.Fil
 			return nil, err
 		}
 		fallthrough
-	case 3: // 增加到相册
+	case 3: //step.5 增加到相册
 		rootfile := precreateResp.Data.toFile()
 		if album, ok := dstDir.(*Album); ok {
 			return d.AddAlbumFile(ctx, album, rootfile)
--- a/drivers/baidu_photo/meta.go
+++ b/drivers/baidu_photo/meta.go
@ -13,6 +13,7 @@ type Addition struct {
 	DeleteOrigin bool   `json:"delete_origin"`
 	ClientID     string `json:"client_id" required:"true" default:"iYCeC9g08h5vuP9UqvPHKKSVrKFXGa1v"`
 	ClientSecret string `json:"client_secret" required:"true" default:"jXiFMOPVPCWlO2M5CwWQzffpNPaGTRBG"`
+	UploadThread string `json:"upload_thread" default:"3" help:"1<=thread<=32"`
 }

 var config = driver.Config{
--- a/drivers/baidu_photo/types.go
+++ b/drivers/baidu_photo/types.go
@ -160,9 +160,9 @@ type (
 		CreateFileResp

 		//不存在返回
-		Path      string  `json:"path"`
-		UploadID  string  `json:"uploadid"`
-		Blocklist []int64 `json:"block_list"`
+		Path      string `json:"path"`
+		UploadID  string `json:"uploadid"`
+		BlockList []int  `json:"block_list"`
 	}
 )

--- a/drivers/base/upload.go
+++ b/drivers/base/upload.go
@ -0,0 +1,31 @@
+package base
+
+import (
+	"fmt"
+	"strings"
+	"time"
+
+	"github.com/Xhofe/go-cache"
+	"github.com/alist-org/alist/v3/internal/driver"
+)
+
+// storage upload progress, for upload recovery
+var UploadStateCache = cache.NewMemCache(cache.WithShards[any](32))
+
+// Save upload progress for 20 minutes
+func SaveUploadProgress(driver driver.Driver, state any, keys ...string) bool {
+	return UploadStateCache.Set(
+		fmt.Sprint(driver.Config().Name, "-upload-", strings.Join(keys, "-")),
+		state,
+		cache.WithEx[any](time.Minute*20))
+}
+
+// An upload progress can only be made by one process alone,
+// so here you need to get it and then delete it.
+func GetUploadProgress[T any](driver driver.Driver, keys ...string) (state T, ok bool) {
+	v, ok := UploadStateCache.GetDel(fmt.Sprint(driver.Config().Name, "-upload-", strings.Join(keys, "-")))
+	if ok {
+		state, ok = v.(T)
+	}
+	return
+}
--- a/drivers/cloudreve/meta.go
+++ b/drivers/cloudreve/meta.go
@ -13,6 +13,7 @@ type Addition struct {
 	Username string `json:"username"`
 	Password string `json:"password"`
 	Cookie   string `json:"cookie"`
+	CustomUA string `json:"custom_ua"`
 }

 var config = driver.Config{
--- a/drivers/cloudreve/util.go
+++ b/drivers/cloudreve/util.go
@ -22,15 +22,18 @@ const loginPath = "/user/session"

 func (d *Cloudreve) request(method string, path string, callback base.ReqCallback, out interface{}) error {
 	u := d.Address + "/api/v3" + path
+	ua := d.CustomUA
+	if ua == "" {
+		ua = base.UserAgent
+	}
 	req := base.RestyClient.R()
 	req.SetHeaders(map[string]string{
 		"Cookie":     "cloudreve-session=" + d.Cookie,
 		"Accept":     "application/json, text/plain, */*",
-		"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36",
+		"User-Agent": ua,
 	})

 	var r Resp
-
 	req.SetResult(&r)

 	if callback != nil {
--- a/drivers/crypt/util.go
+++ b/drivers/crypt/util.go
@ -13,7 +13,7 @@ import (
 )

 func RequestRangedHttp(r *http.Request, link *model.Link, offset, length int64) (*http.Response, error) {
-	header := net.ProcessHeader(&http.Header{}, &link.Header)
+	header := net.ProcessHeader(http.Header{}, link.Header)
 	header = http_range.ApplyRangeToHttpHeader(http_range.Range{Start: offset, Length: length}, header)

 	return net.RequestHttp("GET", header, link.URL)
--- a/drivers/lanzou/help.go
+++ b/drivers/lanzou/help.go
@ -125,6 +125,83 @@ func findJSVarFunc(key, data string) string {
 	return values[1]
 }

+var findFunction = regexp.MustCompile(`(?ims)^function[^{]+`)
+var findFunctionAll = regexp.MustCompile(`(?is)function[^{]+`)
+
+// 查找所有方法位置
+func findJSFunctionIndex(data string, all bool) [][2]int {
+	findFunction := findFunction
+	if all {
+		findFunction = findFunctionAll
+	}
+
+	indexs := findFunction.FindAllStringIndex(data, -1)
+	fIndexs := make([][2]int, 0, len(indexs))
+
+	for _, index := range indexs {
+		if len(index) != 2 {
+			continue
+		}
+		count, data := 0, data[index[1]:]
+		for ii, v := range data {
+			if v == ' ' && count == 0 {
+				continue
+			}
+			if v == '{' {
+				count++
+			}
+
+			if v == '}' {
+				count--
+			}
+			if count == 0 {
+				fIndexs = append(fIndexs, [2]int{index[0], index[1] + ii + 1})
+				break
+			}
+		}
+	}
+	return fIndexs
+}
+
+// 删除JS全局方法
+func removeJSGlobalFunction(html string) string {
+	indexs := findJSFunctionIndex(html, false)
+	block := make([]string, len(indexs))
+	for i, next := len(indexs)-1, len(html); i >= 0; i-- {
+		index := indexs[i]
+		block[i] = html[index[1]:next]
+		next = index[0]
+	}
+	return strings.Join(block, "")
+}
+
+// 根据名称获取方法
+func getJSFunctionByName(html string, name string) (string, error) {
+	indexs := findJSFunctionIndex(html, true)
+	for _, index := range indexs {
+		data := html[index[0]:index[1]]
+		if regexp.MustCompile(`function\s+` + name + `[()\s]+{`).MatchString(data) {
+			return data, nil
+		}
+	}
+	return "", fmt.Errorf("not find %s function", name)
+}
+
+// 解析html中的JSON,选择最长的数据
+func htmlJsonToMap2(html string) (map[string]string, error) {
+	datas := findDataReg.FindAllStringSubmatch(html, -1)
+	var sData string
+	for _, data := range datas {
+		if len(datas) > 0 && len(data[1]) > len(sData) {
+			sData = data[1]
+		}
+	}
+	if sData == "" {
+		return nil, fmt.Errorf("not find data")
+	}
+	return jsonToMap(sData, html), nil
+}
+
 // 解析html中的JSON
 func htmlJsonToMap(html string) (map[string]string, error) {
 	datas := findDataReg.FindStringSubmatch(html)
--- a/drivers/lanzou/util.go
+++ b/drivers/lanzou/util.go
@ -346,7 +346,11 @@ func (d *LanZou) getFilesByShareUrl(shareID, pwd string, sharePageData string) (

 	// 需要密码
 	if strings.Contains(sharePageData, "pwdload") || strings.Contains(sharePageData, "passwddiv") {
-		param, err := htmlFormToMap(sharePageData)
+		sharePageData, err := getJSFunctionByName(sharePageData, "down_p")
+		if err != nil {
+			return nil, err
+		}
+		param, err := htmlJsonToMap(sharePageData)
 		if err != nil {
 			return nil, err
 		}
@ -370,8 +374,7 @@ func (d *LanZou) getFilesByShareUrl(shareID, pwd string, sharePageData string) (
 		if err != nil {
 			return nil, err
 		}
-		nextPageData := RemoveNotes(string(data))
-
+		nextPageData := removeJSGlobalFunction(RemoveNotes(string(data)))
 		param, err = htmlJsonToMap(nextPageData)
 		if err != nil {
 			return nil, err
--- a/drivers/local/driver.go
+++ b/drivers/local/driver.go
@ -5,6 +5,7 @@ import (
 	"context"
 	"errors"
 	"fmt"
+	"io"
 	"io/fs"
 	"net/http"
 	"os"
@ -180,7 +181,15 @@ func (d *Local) Link(ctx context.Context, file model.Obj, args model.LinkArgs) (
 		if err != nil {
 			return nil, err
 		}
-		link.ReadSeekCloser = open
+		link.ReadSeekCloser = struct {
+			io.Reader
+			io.Seeker
+			io.Closer
+		}{
+			Reader: open,
+			Seeker: open,
+			Closer: open,
+		}
 	}
 	return &link, nil
 }
--- a/drivers/mopan/driver.go
+++ b/drivers/mopan/driver.go
@ -7,12 +7,14 @@ import (
 	"io"
 	"net/http"
 	"os"
+	"strconv"
 	"time"

 	"github.com/alist-org/alist/v3/drivers/base"
 	"github.com/alist-org/alist/v3/internal/driver"
 	"github.com/alist-org/alist/v3/internal/model"
 	"github.com/alist-org/alist/v3/internal/op"
+	"github.com/alist-org/alist/v3/pkg/errgroup"
 	"github.com/alist-org/alist/v3/pkg/utils"
 	"github.com/avast/retry-go"
 	"github.com/foxxorcat/mopan-sdk-go"
@ -23,7 +25,8 @@ type MoPan struct {
 	Addition
 	client *mopan.MoClient

-	userID string
+	userID       string
+	uploadThread int
 }

 func (d *MoPan) Config() driver.Config {
@ -35,6 +38,10 @@ func (d *MoPan) GetAddition() driver.Additional {
 }

 func (d *MoPan) Init(ctx context.Context) error {
+	d.uploadThread, _ = strconv.Atoi(d.UploadThread)
+	if d.uploadThread < 1 || d.uploadThread > 32 {
+		d.uploadThread, d.UploadThread = 3, "3"
+	}
 	login := func() error {
 		data, err := d.client.Login(d.Phone, d.Password)
 		if err != nil {
@ -49,7 +56,7 @@ func (d *MoPan) Init(ctx context.Context) error {
 		d.userID = info.UserID
 		return nil
 	}
-	d.client = mopan.NewMoClient().
+	d.client = mopan.NewMoClientWithRestyClient(base.NewRestyClient()).
 		SetRestyClient(base.RestyClient).
 		SetOnAuthorizationExpired(func(_ error) error {
 			err := login()
@ -221,59 +228,80 @@ func (d *MoPan) Put(ctx context.Context, dstDir model.Obj, stream model.FileStre
 		_ = os.Remove(file.Name())
 	}()

-	initUpdload, err := d.client.InitMultiUpload(ctx, mopan.UpdloadFileParam{
+	// step.1
+	uploadPartData, err := mopan.InitUploadPartData(ctx, mopan.UpdloadFileParam{
 		ParentFolderId: dstDir.GetID(),
 		FileName:       stream.GetName(),
 		FileSize:       stream.GetSize(),
 		File:           file,
-	}, mopan.WarpParamOption(
-		mopan.ParamOptionShareFile(d.CloudID),
-	))
+	})
 	if err != nil {
 		return nil, err
 	}

-	if !initUpdload.FileDataExists {
-		parts, err := d.client.GetAllMultiUploadUrls(initUpdload.UploadFileID, initUpdload.PartInfo)
+	// 尝试恢复进度
+	initUpdload, ok := base.GetUploadProgress[*mopan.InitMultiUploadData](d, d.client.Authorization, uploadPartData.FileMd5)
+	if !ok {
+		// step.2
+		initUpdload, err = d.client.InitMultiUpload(ctx, *uploadPartData, mopan.WarpParamOption(
+			mopan.ParamOptionShareFile(d.CloudID),
+		))
 		if err != nil {
 			return nil, err
 		}
-		d.client.CloudDiskStartBusiness()
+	}
+
+	if !initUpdload.FileDataExists {
+		fmt.Println(d.client.CloudDiskStartBusiness())
+
+		threadG, upCtx := errgroup.NewGroupWithContext(ctx, d.uploadThread,
+			retry.Attempts(3),
+			retry.Delay(time.Second),
+			retry.DelayType(retry.BackOffDelay))
+
+		// step.3
+		parts, err := d.client.GetAllMultiUploadUrls(initUpdload.UploadFileID, initUpdload.PartInfos)
+		if err != nil {
+			return nil, err
+		}
+
 		for i, part := range parts {
-			if utils.IsCanceled(ctx) {
-				return nil, ctx.Err()
+			if utils.IsCanceled(upCtx) {
+				break
+			}
+			i, part, byteSize := i, part, initUpdload.PartSize
+			if part.PartNumber == uploadPartData.PartTotal {
+				byteSize = initUpdload.LastPartSize
 			}

-			err := retry.Do(func() error {
-				if _, err := file.Seek(int64(part.PartNumber-1)*int64(initUpdload.PartSize), io.SeekStart); err != nil {
-					return retry.Unrecoverable(err)
-				}
-
-				req, err := part.NewRequest(ctx, io.LimitReader(file, int64(initUpdload.PartSize)))
+			// step.4
+			threadG.Go(func(ctx context.Context) error {
+				req, err := part.NewRequest(ctx, io.NewSectionReader(file, int64(part.PartNumber-1)*initUpdload.PartSize, byteSize))
 				if err != nil {
 					return err
 				}
-
 				resp, err := base.HttpClient.Do(req)
 				if err != nil {
 					return err
 				}
-
+				resp.Body.Close()
 				if resp.StatusCode != http.StatusOK {
 					return fmt.Errorf("upload err,code=%d", resp.StatusCode)
 				}
+				up(100 * int(threadG.Success()) / len(parts))
+				initUpdload.PartInfos[i] = ""
 				return nil
-			},
-				retry.Context(ctx),
-				retry.Attempts(3),
-				retry.Delay(time.Second),
-				retry.MaxDelay(5*time.Second))
-			if err != nil {
-				return nil, err
+			})
+		}
+		if err = threadG.Wait(); err != nil {
+			if errors.Is(err, context.Canceled) {
+				initUpdload.PartInfos = utils.SliceFilter(initUpdload.PartInfos, func(s string) bool { return s != "" })
+				base.SaveUploadProgress(d, initUpdload, d.client.Authorization, uploadPartData.FileMd5)
 			}
-			up(100 * (i + 1) / len(parts))
+			return nil, err
 		}
 	}
+	//step.5
 	uFile, err := d.client.CommitMultiUploadFile(initUpdload.UploadFileID, nil)
 	if err != nil {
 		return nil, err
--- a/drivers/mopan/meta.go
+++ b/drivers/mopan/meta.go
@ -17,6 +17,8 @@ type Addition struct {
 	OrderDirection string `json:"order_direction" type:"select" options:"asc,desc" default:"asc"`

 	DeviceInfo string `json:"device_info"`
+
+	UploadThread string `json:"upload_thread" default:"3" help:"1<=thread<=32"`
 }

 func (a *Addition) GetRootId() string {
@ -24,7 +26,7 @@ func (a *Addition) GetRootId() string {
 }

 var config = driver.Config{
-	Name:        "MoPan",
+	Name: "MoPan",
 	// DefaultRoot: "root, / or other",
 	CheckStatus: true,
 	Alert:       "warning|This network disk may store your password in clear text. Please set your password carefully",
--- a/drivers/weiyun/driver.go
+++ b/drivers/weiyun/driver.go
@ -2,11 +2,12 @@ package weiyun

 import (
 	"context"
+	"fmt"
 	"io"
 	"math"
 	"net/http"
 	"os"
-	"sync"
+	"strconv"
 	"time"

 	"github.com/alist-org/alist/v3/drivers/base"
@ -15,7 +16,9 @@ import (
 	"github.com/alist-org/alist/v3/internal/model"
 	"github.com/alist-org/alist/v3/internal/op"
 	"github.com/alist-org/alist/v3/pkg/cron"
+	"github.com/alist-org/alist/v3/pkg/errgroup"
 	"github.com/alist-org/alist/v3/pkg/utils"
+	"github.com/avast/retry-go"
 	weiyunsdkgo "github.com/foxxorcat/weiyun-sdk-go"
 )

@ -26,6 +29,8 @@ type WeiYun struct {
 	client     *weiyunsdkgo.WeiYunClient
 	cron       *cron.Cron
 	rootFolder *Folder
+
+	uploadThread int
 }

 func (d *WeiYun) Config() driver.Config {
@ -37,7 +42,13 @@ func (d *WeiYun) GetAddition() driver.Additional {
 }

 func (d *WeiYun) Init(ctx context.Context) error {
-	d.client = weiyunsdkgo.NewWeiYunClientWithRestyClient(base.RestyClient)
+	// 限制上传线程数
+	d.uploadThread, _ = strconv.Atoi(d.UploadThread)
+	if d.uploadThread < 4 || d.uploadThread > 32 {
+		d.uploadThread, d.UploadThread = 4, "4"
+	}
+
+	d.client = weiyunsdkgo.NewWeiYunClientWithRestyClient(base.NewRestyClient())
 	err := d.client.SetCookiesStr(d.Cookies).RefreshCtoken()
 	if err != nil {
 		return err
@ -77,6 +88,10 @@ func (d *WeiYun) Init(ctx context.Context) error {
 	if err != nil {
 		return err
 	}
+	if len(folders) == 0 {
+		return fmt.Errorf("invalid directory ID")
+	}
+
 	folder := folders[len(folders)-1]
 	d.rootFolder = &Folder{
 		PFolder: &Folder{
@ -187,6 +202,7 @@ func (d *WeiYun) MakeDir(ctx context.Context, parentDir model.Obj, dirName strin
 }

 func (d *WeiYun) Move(ctx context.Context, srcObj, dstDir model.Obj) (model.Obj, error) {
+	// TODO: 默认策略为重命名，使用缓存可能出现冲突。微云app也有这个冲突，不知道腾讯怎么搞的
 	if dstDir, ok := dstDir.(*Folder); ok {
 		dstParam := weiyunsdkgo.FolderParam{
 			PdirKey: dstDir.GetPKey(),
@ -204,7 +220,6 @@ func (d *WeiYun) Move(ctx context.Context, srcObj, dstDir model.Obj) (model.Obj,
 			if err != nil {
 				return nil, err
 			}
-
 			return &File{
 				PFolder: dstDir,
 				File:    srcObj.File,
@ -219,7 +234,6 @@ func (d *WeiYun) Move(ctx context.Context, srcObj, dstDir model.Obj) (model.Obj,
 			if err != nil {
 				return nil, err
 			}
-
 			return &Folder{
 				PFolder: dstDir,
 				Folder:  srcObj.Folder,
@ -271,7 +285,6 @@ func (d *WeiYun) Rename(ctx context.Context, srcObj model.Obj, newName string) (
 }

 func (d *WeiYun) Copy(ctx context.Context, srcObj, dstDir model.Obj) error {
-	// TODO copy obj, optional
 	return errs.NotImplement
 }

@ -292,7 +305,6 @@ func (d *WeiYun) Remove(ctx context.Context, obj model.Obj) error {
 			DirName:  obj.GetName(),
 		})
 	}
-	// TODO remove obj, optional
 	return errs.NotSupport
 }

@ -325,35 +337,44 @@ func (d *WeiYun) Put(ctx context.Context, dstDir model.Obj, stream model.FileStr

 		// fast upload
 		if !preData.FileExist {
-			// step 2.
-			upCtx, cancel := context.WithCancelCause(ctx)
-			var wg sync.WaitGroup
+			// step.2 增加上传通道
+			if len(preData.ChannelList) < d.uploadThread {
+				newCh, err := d.client.AddUploadChannel(len(preData.ChannelList), d.uploadThread, preData.UploadAuthData)
+				if err != nil {
+					return nil, err
+				}
+				preData.ChannelList = append(preData.ChannelList, newCh.AddChannels...)
+			}
+			// step.3 上传
+			threadG, upCtx := errgroup.NewGroupWithContext(ctx, len(preData.ChannelList),
+				retry.Attempts(3),
+				retry.Delay(time.Second),
+				retry.DelayType(retry.BackOffDelay))
+
 			for _, channel := range preData.ChannelList {
-				wg.Add(1)
-				go func(channel weiyunsdkgo.UploadChannelData) {
-					defer wg.Done()
-					if utils.IsCanceled(upCtx) {
-						return
-					}
+				if utils.IsCanceled(upCtx) {
+					break
+				}
+
+				var channel = channel
+				threadG.Go(func(ctx context.Context) error {
 					for {
 						channel.Len = int(math.Min(float64(stream.GetSize()-channel.Offset), float64(channel.Len)))
 						upData, err := d.client.UploadFile(upCtx, channel, preData.UploadAuthData,
 							io.NewSectionReader(file, channel.Offset, int64(channel.Len)))
 						if err != nil {
-							cancel(err)
-							return
+							return err
 						}
 						// 上传完成
 						if upData.UploadState != 1 {
-							return
+							return nil
 						}
 						channel = upData.Channel
 					}
-				}(channel)
+				})
 			}
-			wg.Wait()
-			if utils.IsCanceled(upCtx) {
-				return nil, context.Cause(upCtx)
+			if err = threadG.Wait(); err != nil {
+				return nil, err
 			}
 		}

--- a/drivers/weiyun/meta.go
+++ b/drivers/weiyun/meta.go
@ -10,6 +10,7 @@ type Addition struct {
 	Cookies        string `json:"cookies" required:"true"`
 	OrderBy        string `json:"order_by" type:"select" options:"name,size,updated_at" default:"name"`
 	OrderDirection string `json:"order_direction" type:"select" options:"asc,desc" default:"asc"`
+	UploadThread   string `json:"upload_thread" default:"4" help:"4<=thread<=32"`
 }

 var config = driver.Config{
--- a/go.mod
+++ b/go.mod
@ -3,23 +3,27 @@ module github.com/alist-org/alist/v3
 go 1.20

 require (
-	github.com/SheltonZhu/115driver v1.0.14
+	github.com/SheltonZhu/115driver v1.0.15
 	github.com/Xhofe/go-cache v0.0.0-20220723083548-714439c8af9a
 	github.com/Xhofe/rateg v0.0.0-20230728072201-251a4e1adad4
 	github.com/Xhofe/wopan-sdk-go v0.1.1
 	github.com/avast/retry-go v3.0.0+incompatible
-	github.com/aws/aws-sdk-go v1.44.316
+	github.com/aws/aws-sdk-go v1.44.327
 	github.com/blevesearch/bleve/v2 v2.3.9
 	github.com/caarlos0/env/v9 v9.0.0
+	github.com/charmbracelet/bubbles v0.16.1
+	github.com/charmbracelet/bubbletea v0.24.2
+	github.com/charmbracelet/lipgloss v0.7.1
 	github.com/coreos/go-oidc v2.2.1+incompatible
-	github.com/deckarep/golang-set/v2 v2.3.0
+	github.com/deckarep/golang-set/v2 v2.3.1
 	github.com/disintegration/imaging v1.6.2
 	github.com/dustinxie/ecc v0.0.0-20210511000915-959544187564
-	github.com/foxxorcat/mopan-sdk-go v0.1.1
-	github.com/foxxorcat/weiyun-sdk-go v0.1.1
+	github.com/foxxorcat/mopan-sdk-go v0.1.3
+	github.com/foxxorcat/weiyun-sdk-go v0.1.2
 	github.com/gin-contrib/cors v1.4.0
 	github.com/gin-gonic/gin v1.9.1
 	github.com/go-resty/resty/v2 v2.7.0
+	github.com/go-webauthn/webauthn v0.8.6
 	github.com/golang-jwt/jwt/v4 v4.5.0
 	github.com/google/uuid v1.3.0
 	github.com/gorilla/websocket v1.5.0
@ -36,13 +40,13 @@ require (
 	github.com/sirupsen/logrus v1.9.3
 	github.com/spf13/cobra v1.7.0
 	github.com/t3rm1n4l/go-mega v0.0.0-20230228171823-a01a2cda13ca
-	github.com/u2takey/ffmpeg-go v0.4.1
+	github.com/u2takey/ffmpeg-go v0.5.0
 	github.com/upyun/go-sdk/v3 v3.0.4
-	github.com/winfsp/cgofuse v1.5.1-0.20221118130120-84c0898ad2e0
-	golang.org/x/crypto v0.11.0
-	golang.org/x/exp v0.0.0-20230801115018-d63ba01acd4b
-	golang.org/x/image v0.10.0
-	golang.org/x/net v0.13.0
+	github.com/winfsp/cgofuse v1.5.1-0.20230130140708-f87f5db493b5
+	golang.org/x/crypto v0.12.0
+	golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63
+	golang.org/x/image v0.11.0
+	golang.org/x/net v0.14.0
 	golang.org/x/oauth2 v0.10.0
 	gorm.io/driver/mysql v1.4.7
 	gorm.io/driver/postgres v1.4.8
@ -59,6 +63,7 @@ require (
 	github.com/aead/ecdh v0.2.0 // indirect
 	github.com/aliyun/aliyun-oss-go-sdk v2.2.5+incompatible // indirect
 	github.com/andreburgaud/crypt2go v1.1.0 // indirect
+	github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
 	github.com/benbjohnson/clock v1.3.0 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/bits-and-blooms/bitset v1.2.0 // indirect
@ -82,9 +87,11 @@ require (
 	github.com/bytedance/sonic v1.9.1 // indirect
 	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect
+	github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81 // indirect
 	github.com/coreos/go-semver v0.3.1 // indirect
 	github.com/crackcomm/go-gitignore v0.0.0-20170627025303-887ab5e44cc3 // indirect
 	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.1.0 // indirect
+	github.com/fxamacker/cbor/v2 v2.4.0 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.2 // indirect
 	github.com/gaoyb7/115drive-webdav v0.1.8 // indirect
 	github.com/geoffgarside/ber v1.1.0 // indirect
@ -95,15 +102,18 @@ require (
 	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/go-playground/validator/v10 v10.14.0 // indirect
 	github.com/go-sql-driver/mysql v1.7.0 // indirect
+	github.com/go-webauthn/x v0.1.4 // indirect
 	github.com/goccy/go-json v0.10.2 // indirect
+	github.com/golang-jwt/jwt/v5 v5.0.0 // indirect
 	github.com/golang/geo v0.0.0-20210211234256-740aa86cb551 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
 	github.com/golang/snappy v0.0.4 // indirect
+	github.com/google/go-tpm v0.9.0 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/ipfs/boxo v0.8.0 // indirect
-	github.com/ipfs/go-cid v0.4.0 // indirect
+	github.com/ipfs/go-cid v0.4.1 // indirect
 	github.com/jackc/pgpassfile v1.0.0 // indirect
 	github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a // indirect
 	github.com/jackc/pgx/v5 v5.3.0 // indirect
@ -116,22 +126,30 @@ require (
 	github.com/leodido/go-urn v1.2.4 // indirect
 	github.com/libp2p/go-buffer-pool v0.1.0 // indirect
 	github.com/libp2p/go-flow-metrics v0.1.0 // indirect
-	github.com/libp2p/go-libp2p v0.26.3 // indirect
+	github.com/libp2p/go-libp2p v0.27.8 // indirect
+	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
 	github.com/lufia/plan9stats v0.0.0-20230326075908-cb1d2100619a // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.19 // indirect
+	github.com/mattn/go-localereader v0.0.1 // indirect
+	github.com/mattn/go-runewidth v0.0.14 // indirect
 	github.com/mattn/go-sqlite3 v1.14.15 // indirect
 	github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
 	github.com/minio/sha256-simd v1.0.0 // indirect
 	github.com/mitchellh/go-homedir v1.1.0 // indirect
+	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/mr-tron/base58 v1.2.0 // indirect
 	github.com/mschoch/smat v0.2.0 // indirect
+	github.com/muesli/ansi v0.0.0-20211018074035-2e021307bc4b // indirect
+	github.com/muesli/cancelreader v0.2.2 // indirect
+	github.com/muesli/reflow v0.3.0 // indirect
+	github.com/muesli/termenv v0.15.1 // indirect
 	github.com/multiformats/go-base32 v0.1.0 // indirect
 	github.com/multiformats/go-base36 v0.2.0 // indirect
-	github.com/multiformats/go-multiaddr v0.8.0 // indirect
-	github.com/multiformats/go-multibase v0.1.1 // indirect
+	github.com/multiformats/go-multiaddr v0.9.0 // indirect
+	github.com/multiformats/go-multibase v0.2.0 // indirect
 	github.com/multiformats/go-multicodec v0.8.1 // indirect
 	github.com/multiformats/go-multihash v0.2.1 // indirect
 	github.com/multiformats/go-multistream v0.4.1 // indirect
@ -147,6 +165,7 @@ require (
 	github.com/prometheus/common v0.44.0 // indirect
 	github.com/prometheus/procfs v0.11.1 // indirect
 	github.com/rfjakob/eme v1.1.2 // indirect
+	github.com/rivo/uniseg v0.4.4 // indirect
 	github.com/shirou/gopsutil/v3 v3.23.7 // indirect
 	github.com/shoenig/go-m1cpu v0.1.6 // indirect
 	github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e // indirect
@ -157,13 +176,14 @@ require (
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
 	github.com/u2takey/go-utils v0.3.1 // indirect
 	github.com/ugorji/go/codec v1.2.11 // indirect
+	github.com/x448/float16 v0.8.4 // indirect
 	github.com/yusufpapurcu/wmi v1.2.3 // indirect
 	go.etcd.io/bbolt v1.3.7 // indirect
 	golang.org/x/arch v0.3.0 // indirect
 	golang.org/x/sync v0.3.0 // indirect
-	golang.org/x/sys v0.10.0 // indirect
-	golang.org/x/term v0.10.0 // indirect
-	golang.org/x/text v0.11.0 // indirect
+	golang.org/x/sys v0.11.0 // indirect
+	golang.org/x/term v0.11.0 // indirect
+	golang.org/x/text v0.12.0 // indirect
 	golang.org/x/time v0.3.0 // indirect
 	google.golang.org/api v0.134.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
--- a/go.sum
+++ b/go.sum
@ -10,6 +10,8 @@ github.com/RoaringBitmap/roaring v1.2.3 h1:yqreLINqIrX22ErkKI0vY47/ivtJr6n+kMhVO
 github.com/RoaringBitmap/roaring v1.2.3/go.mod h1:plvDsJQpxOC5bw8LRteu/MLWHsHez/3y6cubLI4/1yE=
 github.com/SheltonZhu/115driver v1.0.14 h1:uW3dl8J9KDMw+3gPxQdhTysoGhw0/uI1484GT9xhfU4=
 github.com/SheltonZhu/115driver v1.0.14/go.mod h1:00ixivHH5HqDj4S7kAWbkuUrjtsJTxc7cGv5RMw3RVs=
+github.com/SheltonZhu/115driver v1.0.15 h1:RRvgXvXEzvrPwkRno0CUIg7ucEphbsfwct2mQxfNOdQ=
+github.com/SheltonZhu/115driver v1.0.15/go.mod h1:e3fPOBANbH/FsTya8FquJwOR3ErhCQgEab3q6CVY2k4=
 github.com/Unknwon/goconfig v1.0.0 h1:9IAu/BYbSLQi8puFjUQApZTxIHqSwrj5d8vpP8vTq4A=
 github.com/Xhofe/go-cache v0.0.0-20220723083548-714439c8af9a h1:RenIAa2q4H8UcS/cqmwdT1WCWIAH5aumP8m8RpbqVsE=
 github.com/Xhofe/go-cache v0.0.0-20220723083548-714439c8af9a/go.mod h1:sSBbaOg90XwWKtpT56kVujF0bIeVITnPlssLclogS04=
@ -30,6 +32,10 @@ github.com/avast/retry-go v3.0.0+incompatible/go.mod h1:XtSnn+n/sHqQIpZ10K1qAevB
 github.com/aws/aws-sdk-go v1.38.20/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro=
 github.com/aws/aws-sdk-go v1.44.316 h1:UC3alCEyzj2XU13ZFGIOHW3yjCNLGTIGVauyetl9fwE=
 github.com/aws/aws-sdk-go v1.44.316/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
+github.com/aws/aws-sdk-go v1.44.327 h1:ZS8oO4+7MOBLhkdwIhgtVeDzCeWOlTfKJS7EgggbIEY=
+github.com/aws/aws-sdk-go v1.44.327/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
+github.com/aymanbagabas/go-osc52/v2 v2.0.1 h1:HwpRHbFMcZLEVr42D4p7XBqjyuxQH5SMiErDT4WkJ2k=
+github.com/aymanbagabas/go-osc52/v2 v2.0.1/go.mod h1:uYgXzlJ7ZpABp8OJ+exZzJJhRNQ2ASbcXHWsFqH8hp8=
 github.com/benbjohnson/clock v1.3.0 h1:ip6w0uFQkncKQ979AypyG0ER7mqUSBdKLOgAle/AT8A=
 github.com/benbjohnson/clock v1.3.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
 github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
@ -77,12 +83,21 @@ github.com/bytedance/sonic v1.9.1 h1:6iJ6NqdoxCDr6mbY8h18oSO+cShGSMRGCEo7F2h0x8s
 github.com/bytedance/sonic v1.9.1/go.mod h1:i736AoUSYt75HyZLoJW9ERYxcy6eaN6h4BZXU064P/U=
 github.com/caarlos0/env/v9 v9.0.0 h1:SI6JNsOA+y5gj9njpgybykATIylrRMklbs5ch6wO6pc=
 github.com/caarlos0/env/v9 v9.0.0/go.mod h1:ye5mlCVMYh6tZ+vCgrs/B95sj88cg5Tlnc0XIzgZ020=
+github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
 github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
 github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
+github.com/charmbracelet/bubbles v0.16.1 h1:6uzpAAaT9ZqKssntbvZMlksWHruQLNxg49H5WdeuYSY=
+github.com/charmbracelet/bubbles v0.16.1/go.mod h1:2QCp9LFlEsBQMvIYERr7Ww2H2bA7xen1idUDIzm/+Xc=
+github.com/charmbracelet/bubbletea v0.24.2 h1:uaQIKx9Ai6Gdh5zpTbGiWpytMU+CfsPp06RaW2cx/SY=
+github.com/charmbracelet/bubbletea v0.24.2/go.mod h1:XdrNrV4J8GiyshTtx3DNuYkR1FDaJmO3l2nejekbsgg=
+github.com/charmbracelet/lipgloss v0.7.1 h1:17WMwi7N1b1rVWOjMT+rCh7sQkvDU75B2hbZpc5Kc1E=
+github.com/charmbracelet/lipgloss v0.7.1/go.mod h1:yG0k3giv8Qj8edTCbbg6AlQ5e8KNWpFujkNawKNhE2c=
 github.com/cheekybits/is v0.0.0-20150225183255-68e9c0620927 h1:SKI1/fuSdodxmNNyVBR8d7X/HuLnRpvvFO0AgyQk764=
 github.com/chenzhuoyu/base64x v0.0.0-20211019084208-fb5309c8db06/go.mod h1:DH46F32mSOjUmXrMHnKwZdA8wcEefY7UVqBKYGjpdQY=
 github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 h1:qSGYFH7+jGhDF8vLC+iwCD4WpbV1EBDSzWkJODFLams=
 github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311/go.mod h1:b583jCggY9gE99b6G5LEC39OIiVsWj+R97kbl5odCEk=
+github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81 h1:q2hJAaP1k2wIvVRd/hEHD7lacgqrCPS+k8g1MndzfWY=
+github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81/go.mod h1:YynlIjWYF8myEu6sdkwKIvGQq+cOckRm6So2avqoYAk=
 github.com/coreos/go-oidc v2.2.1+incompatible h1:mh48q/BqXqgjVHpy2ZY7WnWAbenxRjsz9N1i1YxjHAk=
 github.com/coreos/go-oidc v2.2.1+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc=
 github.com/coreos/go-semver v0.3.1 h1:yi21YpKnrx1gt5R+la8n5WgS0kCrsPp33dmEyHReZr4=
@ -96,6 +111,8 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/deckarep/golang-set/v2 v2.3.0 h1:qs18EKUfHm2X9fA50Mr/M5hccg2tNnVqsiBImnyDs0g=
 github.com/deckarep/golang-set/v2 v2.3.0/go.mod h1:VAky9rY/yGXJOLEDv3OMci+7wtDpOF4IN+y82NBOac4=
+github.com/deckarep/golang-set/v2 v2.3.1 h1:vjmkvJt/IV27WXPyYQpAh4bRyWJc5Y435D17XQ9QU5A=
+github.com/deckarep/golang-set/v2 v2.3.1/go.mod h1:VAky9rY/yGXJOLEDv3OMci+7wtDpOF4IN+y82NBOac4=
 github.com/decred/dcrd/crypto/blake256 v1.0.0 h1:/8DMNYp9SGi5f0w7uCm6d6M4OU2rGFK09Y2A4Xv7EE0=
 github.com/decred/dcrd/dcrec/secp256k1/v4 v4.1.0 h1:HbphB4TFFXpv7MNrT52FGrrgVXF1owhMVTHFZIlnvd4=
 github.com/decred/dcrd/dcrec/secp256k1/v4 v4.1.0/go.mod h1:DZGJHZMqrU4JJqFAWUS2UO1+lbSKsdiOoYi9Zzey7Fc=
@ -103,11 +120,13 @@ github.com/disintegration/imaging v1.6.2 h1:w1LecBlG2Lnp8B3jk5zSuNqd7b4DXhcjwek1
 github.com/disintegration/imaging v1.6.2/go.mod h1:44/5580QXChDfwIclfc/PCwrr44amcmDAg8hxG0Ewe4=
 github.com/dustinxie/ecc v0.0.0-20210511000915-959544187564 h1:I6KUy4CI6hHjqnyJLNCEi7YHVMkwwtfSr2k9splgdSM=
 github.com/dustinxie/ecc v0.0.0-20210511000915-959544187564/go.mod h1:yekO+3ZShy19S+bsmnERmznGy9Rfg6dWWWpiGJjNAz8=
-github.com/foxxorcat/mopan-sdk-go v0.1.1 h1:JYMeCu4PFpqgHapvOz4jPMT7CxR6Yebu3aWkgGMDeIU=
-github.com/foxxorcat/mopan-sdk-go v0.1.1/go.mod h1:LpBPmwezjQNyhaNo3HGzgFtQbhvxmF5ZybSVuKi7OVA=
-github.com/foxxorcat/weiyun-sdk-go v0.1.1 h1:m4qcJk0adr+bpM4es2zCqP3jhMEwEPyTMGICsamygEQ=
-github.com/foxxorcat/weiyun-sdk-go v0.1.1/go.mod h1:AKsLFuWhWlClpGrg1zxTdMejugZEZtmhIuElAk3W83s=
+github.com/foxxorcat/mopan-sdk-go v0.1.3 h1:6ww0ulyLDh6neXZBqUM2PDbxQ6lfdkQbr0FCh9BTY0Y=
+github.com/foxxorcat/mopan-sdk-go v0.1.3/go.mod h1:iWHA2JFhzmKR28ySp1ON0g6DjLaYtvb5jhTqPVTDW9A=
+github.com/foxxorcat/weiyun-sdk-go v0.1.2 h1:waRWIBmjL9GCcndJ8HvOYrrVB4hhoPYzRrn3I/Cnzqw=
+github.com/foxxorcat/weiyun-sdk-go v0.1.2/go.mod h1:AKsLFuWhWlClpGrg1zxTdMejugZEZtmhIuElAk3W83s=
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
+github.com/fxamacker/cbor/v2 v2.4.0 h1:ri0ArlOR+5XunOP8CRUowT0pSJOwhW098ZCUyskZD88=
+github.com/fxamacker/cbor/v2 v2.4.0/go.mod h1:TA1xS00nchWmaBnEIxPSE5oHLuJBAVvqrtAnWBwBCVo=
 github.com/gabriel-vasile/mimetype v1.4.2 h1:w5qFW6JKBz9Y393Y4q372O9A7cUSequkh1Q7OhCmWKU=
 github.com/gabriel-vasile/mimetype v1.4.2/go.mod h1:zApsH/mKG4w07erKIaJPFiX0Tsq9BFQgN3qGY5GnNgA=
 github.com/gaoyb7/115drive-webdav v0.1.8 h1:EJt4PSmcbvBY4KUh2zSo5p6fN9LZFNkIzuKejipubVw=
@ -123,6 +142,7 @@ github.com/gin-gonic/gin v1.9.1 h1:4idEAncQnU5cB7BeOkPtxjfCSye0AAm1R0RVIqJ+Jmg=
 github.com/gin-gonic/gin v1.9.1/go.mod h1:hPrL7YrpYKXt5YId3A/Tnip5kqbEAP+KLuI3SUcPTeU=
 github.com/go-chi/chi/v5 v5.0.10 h1:rLz5avzKpjqxrYwXNfmjkrYYXOyLJd37pz53UFHC6vk=
 github.com/go-chi/chi/v5 v5.0.10/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
+github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs=
 github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas=
 github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY=
 github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
@ -142,15 +162,22 @@ github.com/go-resty/resty/v2 v2.7.0 h1:me+K9p3uhSmXtrBZ4k9jcEAfJmuC8IivWHwaLZwPr
 github.com/go-resty/resty/v2 v2.7.0/go.mod h1:9PWDzw47qPphMRFfhsyk0NnSgvluHcljSMVIq3w7q0I=
 github.com/go-sql-driver/mysql v1.7.0 h1:ueSltNNllEqE3qcWBTD0iQd3IpL/6U+mJxLkazJ7YPc=
 github.com/go-sql-driver/mysql v1.7.0/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
+github.com/go-webauthn/webauthn v0.8.6 h1:bKMtL1qzd2WTFkf1mFTVbreYrwn7dsYmEPjTq6QN90E=
+github.com/go-webauthn/webauthn v0.8.6/go.mod h1:emwVLMCI5yx9evTTvr0r+aOZCdWJqMfbRhF0MufyUog=
+github.com/go-webauthn/x v0.1.4 h1:sGmIFhcY70l6k7JIDfnjVBiAAFEssga5lXIUXe0GtAs=
+github.com/go-webauthn/x v0.1.4/go.mod h1:75Ug0oK6KYpANh5hDOanfDI+dvPWHk788naJVG/37H8=
 github.com/goccy/go-json v0.9.7/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
 github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU=
 github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
 github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
 github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
 github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
+github.com/golang-jwt/jwt/v5 v5.0.0 h1:1n1XNM9hk7O9mnQoNBGolZvzebBQ7p93ULHRc28XJUE=
+github.com/golang-jwt/jwt/v5 v5.0.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
 github.com/golang/geo v0.0.0-20210211234256-740aa86cb551 h1:gtexQ/VGyN+VVFRXSFiguSNcXmS6rkKT+X7FdIrTtfo=
 github.com/golang/geo v0.0.0-20210211234256-740aa86cb551/go.mod h1:QZ0nwyI2jOfgRAoBvP+ab5aRr7c9x7lhGEJrKvBwjWI=
 github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
+github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
@ -162,6 +189,8 @@ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
 github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
 github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/go-tpm v0.9.0 h1:sQF6YqWMi+SCXpsmS3fd21oPy/vSddwZry4JnmltHVk=
+github.com/google/go-tpm v0.9.0/go.mod h1:FkNVkc6C+IsvDI9Jw1OveJmxGZUUaKxtrpOS47QWKfU=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/google/s2a-go v0.1.4 h1:1kZ/sQM3srePvKs3tXAvQzo66XfcReoqFpIpIccE7Oc=
 github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
@ -183,8 +212,8 @@ github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2
 github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
 github.com/ipfs/boxo v0.8.0 h1:UdjAJmHzQHo/j3g3b1bAcAXCj/GM6iTwvSlBDvPBNBs=
 github.com/ipfs/boxo v0.8.0/go.mod h1:RIsi4CnTyQ7AUsNn5gXljJYZlQrHBMnJp94p73liFiA=
-github.com/ipfs/go-cid v0.4.0 h1:a4pdZq0sx6ZSxbCizebnKiMCx/xI/aBBFlB73IgH4rA=
-github.com/ipfs/go-cid v0.4.0/go.mod h1:uQHwDeX4c6CtyrFwdqyhpNcxVewur1M7l7fNU7LKwZk=
+github.com/ipfs/go-cid v0.4.1 h1:A/T3qGvxi4kpKWWcPC/PgbvDA2bjVLO7n4UeVwnbs/s=
+github.com/ipfs/go-cid v0.4.1/go.mod h1:uQHwDeX4c6CtyrFwdqyhpNcxVewur1M7l7fNU7LKwZk=
 github.com/ipfs/go-ipfs-api v0.6.1 h1:nK5oeFOdMh1ogT+GCOcyBFOOcFGNuudSb1rg9YDyAKE=
 github.com/ipfs/go-ipfs-api v0.6.1/go.mod h1:8pl+ZMF2LX42szbqGbpOBEiI1/rYaImvTvJtG0g+rL4=
 github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM=
@ -205,9 +234,11 @@ github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9Y
 github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
 github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8=
 github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U=
+github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4=
 github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
 github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
 github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
+github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM=
 github.com/jzelinskie/whirlpool v0.0.0-20201016144138-0675e54bb004 h1:G+9t9cEtnC9jFiTxyptEKuNIAbiN5ZCQzX2a74lj3xg=
 github.com/jzelinskie/whirlpool v0.0.0-20201016144138-0675e54bb004/go.mod h1:KmHnJWQrgEvbuy0vcvj00gtMqbvNn1L+3YUZLK/B92c=
 github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00=
@ -233,8 +264,10 @@ github.com/libp2p/go-buffer-pool v0.1.0 h1:oK4mSFcQz7cTQIfqbe4MIj9gLW+mnanjyFtc6
 github.com/libp2p/go-buffer-pool v0.1.0/go.mod h1:N+vh8gMqimBzdKkSMVuydVDq+UV5QTWy5HSiZacSbPg=
 github.com/libp2p/go-flow-metrics v0.1.0 h1:0iPhMI8PskQwzh57jB9WxIuIOQ0r+15PChFGkx3Q3WM=
 github.com/libp2p/go-flow-metrics v0.1.0/go.mod h1:4Xi8MX8wj5aWNDAZttg6UPmc0ZrnFNsMtpsYUClFtro=
-github.com/libp2p/go-libp2p v0.26.3 h1:6g/psubqwdaBqNNoidbRKSTBEYgaOuKBhHl8Q5tO+PM=
-github.com/libp2p/go-libp2p v0.26.3/go.mod h1:x75BN32YbwuY0Awm2Uix4d4KOz+/4piInkp4Wr3yOo8=
+github.com/libp2p/go-libp2p v0.27.8 h1:IX5x/4yKwyPQeVS2AXHZ3J4YATM9oHBGH1gBc23jBAI=
+github.com/libp2p/go-libp2p v0.27.8/go.mod h1:eCFFtd0s5i/EVKR7+5Ki8bM7qwkNW3TPTTSSW9sz8NE=
+github.com/lucasb-eyer/go-colorful v1.2.0 h1:1nnpGOrhyZZuNyfu1QjKiUICQ74+3FNCN69Aj6K7nkY=
+github.com/lucasb-eyer/go-colorful v1.2.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0=
 github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0/go.mod h1:zJYVVT2jmtg6P3p1VtQj7WsuWi/y4VnjVBn7F8KPB3I=
 github.com/lufia/plan9stats v0.0.0-20230326075908-cb1d2100619a h1:N9zuLhTvBSRt0gWSiJswwQ2HqDmtX/ZCDJURnKUt1Ik=
 github.com/lufia/plan9stats v0.0.0-20230326075908-cb1d2100619a/go.mod h1:JKx41uQRwqlTZabZc+kILPrO/3jlKnQ2Z8b7YiVw5cE=
@ -246,14 +279,22 @@ github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27k
 github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
 github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA=
 github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
+github.com/mattn/go-localereader v0.0.1 h1:ygSAOl7ZXTx4RdPYinUpg6W99U8jWvWi9Ye2JC/oIi4=
+github.com/mattn/go-localereader v0.0.1/go.mod h1:8fBrzywKY7BI3czFoHkuzRoWE9C+EiG4R1k4Cjx5p88=
+github.com/mattn/go-runewidth v0.0.12/go.mod h1:RAqKPSqVFrSLVXbA8x7dzmKdmGzieGRCM46jaSJTDAk=
+github.com/mattn/go-runewidth v0.0.14 h1:+xnbZSEeDbOIg5/mE6JF0w6n9duR1l3/WmbinWVwUuU=
+github.com/mattn/go-runewidth v0.0.14/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
 github.com/mattn/go-sqlite3 v1.14.15 h1:vfoHhTN1af61xCRSWzFIWzx2YskyMTwHLrExkBOjvxI=
 github.com/mattn/go-sqlite3 v1.14.15/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg=
 github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo=
 github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4=
+github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1/go.mod h1:pD8RvIylQ358TN4wwqatJ8rNavkEINozVn9DtGI3dfQ=
 github.com/minio/sha256-simd v1.0.0 h1:v1ta+49hkWZyvaKwrQB8elexRqm6Y0aMLjCNsrYxo6g=
 github.com/minio/sha256-simd v1.0.0/go.mod h1:OuYzVNI5vcoYIAmbIvHPl3N3jUzVedXbKy5RFepssQM=
 github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
 github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
+github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
+github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
@ -265,14 +306,22 @@ github.com/mr-tron/base58 v1.2.0 h1:T/HDJBh4ZCPbU39/+c3rRvE0uKBQlU27+QI8LJ4t64o=
 github.com/mr-tron/base58 v1.2.0/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc=
 github.com/mschoch/smat v0.2.0 h1:8imxQsjDm8yFEAVBe7azKmKSgzSkZXDuKkSq9374khM=
 github.com/mschoch/smat v0.2.0/go.mod h1:kc9mz7DoBKqDyiRL7VZN8KvXQMWeTaVnttLRXOlotKw=
+github.com/muesli/ansi v0.0.0-20211018074035-2e021307bc4b h1:1XF24mVaiu7u+CFywTdcDo2ie1pzzhwjt6RHqzpMU34=
+github.com/muesli/ansi v0.0.0-20211018074035-2e021307bc4b/go.mod h1:fQuZ0gauxyBcmsdE3ZT4NasjaRdxmbCS0jRHsrWu3Ho=
+github.com/muesli/cancelreader v0.2.2 h1:3I4Kt4BQjOR54NavqnDogx/MIoWBFa0StPA8ELUXHmA=
+github.com/muesli/cancelreader v0.2.2/go.mod h1:3XuTXfFS2VjM+HTLZY9Ak0l6eUKfijIfMUZ4EgX0QYo=
+github.com/muesli/reflow v0.3.0 h1:IFsN6K9NfGtjeggFP+68I4chLZV2yIKsXJFNZ+eWh6s=
+github.com/muesli/reflow v0.3.0/go.mod h1:pbwTDkVPibjO2kyvBQRBxTWEEGDGq0FlB1BIKtnHY/8=
+github.com/muesli/termenv v0.15.1 h1:UzuTb/+hhlBugQz28rpzey4ZuKcZ03MeKsoG7IJZIxs=
+github.com/muesli/termenv v0.15.1/go.mod h1:HeAQPTzpfs016yGtA4g00CsdYnVLJvxsS4ANqrZs2sQ=
 github.com/multiformats/go-base32 v0.1.0 h1:pVx9xoSPqEIQG8o+UbAe7DNi51oej1NtK+aGkbLYxPE=
 github.com/multiformats/go-base32 v0.1.0/go.mod h1:Kj3tFY6zNr+ABYMqeUNeGvkIC/UYgtWibDcT0rExnbI=
 github.com/multiformats/go-base36 v0.2.0 h1:lFsAbNOGeKtuKozrtBsAkSVhv1p9D0/qedU9rQyccr0=
 github.com/multiformats/go-base36 v0.2.0/go.mod h1:qvnKE++v+2MWCfePClUEjE78Z7P2a1UV0xHgWc0hkp4=
-github.com/multiformats/go-multiaddr v0.8.0 h1:aqjksEcqK+iD/Foe1RRFsGZh8+XFiGo7FgUCZlpv3LU=
-github.com/multiformats/go-multiaddr v0.8.0/go.mod h1:Fs50eBDWvZu+l3/9S6xAE7ZYj6yhxlvaVZjakWN7xRs=
-github.com/multiformats/go-multibase v0.1.1 h1:3ASCDsuLX8+j4kx58qnJ4YFq/JWTJpCyDW27ztsVTOI=
-github.com/multiformats/go-multibase v0.1.1/go.mod h1:ZEjHE+IsUrgp5mhlEAYjMtZwK1k4haNkcaPg9aoe1a8=
+github.com/multiformats/go-multiaddr v0.9.0 h1:3h4V1LHIk5w4hJHekMKWALPXErDfz/sggzwC/NcqbDQ=
+github.com/multiformats/go-multiaddr v0.9.0/go.mod h1:mI67Lb1EeTOYb8GQfL/7wpIZwc46ElrvzhYnoJOmTT0=
+github.com/multiformats/go-multibase v0.2.0 h1:isdYCVLvksgWlMW9OZRYJEa9pZETFivncJHmHnnd87g=
+github.com/multiformats/go-multibase v0.2.0/go.mod h1:bFBZX4lKCA/2lyOFSAoKH5SS6oPyjtnzK/XTFDPkNuk=
 github.com/multiformats/go-multicodec v0.8.1 h1:ycepHwavHafh3grIbR1jIXnKCsFm0fqsfEOsJ8NtKE8=
 github.com/multiformats/go-multicodec v0.8.1/go.mod h1:L3QTQvMIaVBkXOXXtVmYE+LI16i14xuaojr/H7Ai54k=
 github.com/multiformats/go-multihash v0.2.1 h1:aem8ZT0VA2nCHHk7bPJ1BjUbHNciqZC/d16Vve9l108=
@ -281,6 +330,7 @@ github.com/multiformats/go-multistream v0.4.1 h1:rFy0Iiyn3YT0asivDUIR05leAdwZq3d
 github.com/multiformats/go-multistream v0.4.1/go.mod h1:Mz5eykRVAjJWckE2U78c6xqdtyNUEhKSM0Lwar2p77Q=
 github.com/multiformats/go-varint v0.0.7 h1:sWSGR+f/eu5ABZA2ZpYKBILXTTs9JWpdEM/nEGOHFS8=
 github.com/multiformats/go-varint v0.0.7/go.mod h1:r8PUYw/fD/SjBCiKOoDlGF6QawOELpZAu9eioSos/OU=
+github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
 github.com/natefinch/lumberjack v2.0.0+incompatible h1:4QJd3OLAMgj7ph+yZTuX13Ld4UpgHp07nNdFX7mqFfM=
 github.com/natefinch/lumberjack v2.0.0+incompatible/go.mod h1:Wi9p2TTF5DG5oU+6YfsmYQpsTIOm0B1VNzQg9Mw6nPk=
 github.com/ncw/swift/v2 v2.0.2 h1:jx282pcAKFhmoZBSdMcCRFn9VWkoBIRsCpe+yZq7vEk=
@ -321,6 +371,10 @@ github.com/rclone/rclone v1.63.1 h1:iITCUNBfAXnguHjRPFq+w/gGIW0L0las78h4H5CH2Ms=
 github.com/rclone/rclone v1.63.1/go.mod h1:eUQaKsf1wJfHKB0RDoM8RaPAeRB2eI/Qw+Vc9Ho5FGM=
 github.com/rfjakob/eme v1.1.2 h1:SxziR8msSOElPayZNFfQw4Tjx/Sbaeeh3eRvrHVMUs4=
 github.com/rfjakob/eme v1.1.2/go.mod h1:cVvpasglm/G3ngEfcfT/Wt0GwhkuO32pf/poW6Nyk1k=
+github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
+github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
+github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis=
+github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
 github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
 github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE=
 github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
@ -372,6 +426,8 @@ github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS
 github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08=
 github.com/u2takey/ffmpeg-go v0.4.1 h1:l5ClIwL3N2LaH1zF3xivb3kP2HW95eyG5xhHE1JdZ9Y=
 github.com/u2takey/ffmpeg-go v0.4.1/go.mod h1:ruZWkvC1FEiUNjmROowOAps3ZcWxEiOpFoHCvk97kGc=
+github.com/u2takey/ffmpeg-go v0.5.0 h1:r7d86XuL7uLWJ5mzSeQ03uvjfIhiJYvsRAJFCW4uklU=
+github.com/u2takey/ffmpeg-go v0.5.0/go.mod h1:ruZWkvC1FEiUNjmROowOAps3ZcWxEiOpFoHCvk97kGc=
 github.com/u2takey/go-utils v0.3.1 h1:TaQTgmEZZeDHQFYfd+AdUT1cT4QJgJn/XVPELhHw4ys=
 github.com/u2takey/go-utils v0.3.1/go.mod h1:6e+v5vEZ/6gu12w/DC2ixZdZtCrNokVxD0JUklcqdCs=
 github.com/ugorji/go v1.2.7/go.mod h1:nF9osbDWLy6bDVv/Rtoh6QgnvNDpmCalQV5urGCCS6M=
@ -383,6 +439,10 @@ github.com/upyun/go-sdk/v3 v3.0.4/go.mod h1:P/SnuuwhrIgAVRd/ZpzDWqCsBAf/oHg7Uggb
 github.com/valyala/fastjson v1.6.3 h1:tAKFnnwmeMGPbwJ7IwxcTPCNr3uIzoIj3/Fh90ra4xc=
 github.com/winfsp/cgofuse v1.5.1-0.20221118130120-84c0898ad2e0 h1:j3un8DqYvvAOqKI5OPz+/RRVhDFipbPKI4t2Uk5RBJw=
 github.com/winfsp/cgofuse v1.5.1-0.20221118130120-84c0898ad2e0/go.mod h1:uxjoF2jEYT3+x+vC2KJddEGdk/LU8pRowXmyVMHSV5I=
+github.com/winfsp/cgofuse v1.5.1-0.20230130140708-f87f5db493b5 h1:jxZvjx8Ve5sOXorZG0KzTxbp0Cr1n3FEegfmyd9br1k=
+github.com/winfsp/cgofuse v1.5.1-0.20230130140708-f87f5db493b5/go.mod h1:uxjoF2jEYT3+x+vC2KJddEGdk/LU8pRowXmyVMHSV5I=
+github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
+github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
 github.com/yusufpapurcu/wmi v1.2.3 h1:E1ctvB7uKFMOJw3fdOW32DwGE9I7t++CRUEMKvFoFiw=
 github.com/yusufpapurcu/wmi v1.2.3/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0=
@ -405,11 +465,17 @@ golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw
 golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58=
 golang.org/x/crypto v0.11.0 h1:6Ewdq3tDic1mg5xRO4milcWCfMVQhI4NkqWWvqejpuA=
 golang.org/x/crypto v0.11.0/go.mod h1:xgJhtzW8F9jGdVFWZESrid1U1bjeNy4zgy5cRr/CIio=
+golang.org/x/crypto v0.12.0 h1:tFM/ta59kqch6LlvYnPa0yx5a83cL2nHflFhYKvv9Yk=
+golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw=
 golang.org/x/exp v0.0.0-20230801115018-d63ba01acd4b h1:r+vk0EmXNmekl0S0BascoeeoHk/L7wmaW2QF90K+kYI=
 golang.org/x/exp v0.0.0-20230801115018-d63ba01acd4b/go.mod h1:FXUEEKJgO7OQYeo8N01OfiKP8RXMtf6e8aTskBGqWdc=
+golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63 h1:m64FZMko/V45gv0bNmrNYoDEq8U5YUhetc9cBWKS1TQ=
+golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63/go.mod h1:0v4NqG35kSWCMzLaMeX+IQrlSnVE/bqGSyC2cz/9Le8=
 golang.org/x/image v0.0.0-20191009234506-e7c1f5e7dbb8/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
 golang.org/x/image v0.10.0 h1:gXjUUtwtx5yOE0VKWq1CH4IJAClq4UGgUA3i+rpON9M=
 golang.org/x/image v0.10.0/go.mod h1:jtrku+n79PfroUbvDdeUWMAI+heR786BofxrbiSF+J0=
+golang.org/x/image v0.11.0 h1:ds2RoQvBvYTiJkwpSFDwCcDFNX7DqjL2WsUgTNk0Ooo=
+golang.org/x/image v0.11.0/go.mod h1:bglhjqbqVuEb9e9+eNR45Jfu7D+T4Qan+NhQk8Ck2P8=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
 golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
@ -424,6 +490,8 @@ golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco=
 golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.13.0 h1:Nvo8UFsZ8X3BhAC9699Z1j7XQ3rsZnUUm7jfBEk1ueY=
 golang.org/x/net v0.13.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA=
+golang.org/x/net v0.14.0 h1:BONx9s002vGdD9umnlX1Po8vOZmrgH34qlHcD1MfK14=
+golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI=
 golang.org/x/oauth2 v0.10.0 h1:zHCpF2Khkwy4mMB4bv0U37YtJdTGW8jI0glAApi0Kh8=
 golang.org/x/oauth2 v0.10.0/go.mod h1:kTpgurOux7LqtuxjuyZa4Gj2gdezIt/jQtGnNFfypQI=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@ -456,12 +524,16 @@ golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.10.0 h1:SqMFp9UcQJZa+pmYuAKjd9xq1f0j5rLcDIk0mj4qAsA=
 golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM=
+golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
 golang.org/x/term v0.10.0 h1:3R7pNqamzBraeqj/Tj8qt1aQ2HpmlC+Cx/qL/7hn4/c=
 golang.org/x/term v0.10.0/go.mod h1:lpqdcUyK/oCiQxvxVrppt5ggO2KCZ5QblwqPnfZ6d5o=
+golang.org/x/term v0.11.0 h1:F9tnn/DA/Im8nCwm+fX+1/eBwi4qFjRT++MhtVC4ZX0=
+golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
@ -471,6 +543,8 @@ golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/text v0.11.0 h1:LAntKIrcmeSKERyiOh0XMV39LXS8IE9UL2yP7+f5ij4=
 golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
+golang.org/x/text v0.12.0 h1:k+n5B8goJNdU7hSvEtMUz3d1Q6D/XW4COJSJR6fN0mc=
+golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20220722155302-e5dcc9cfc0b9/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4=
--- a/internal/authn/authn.go
+++ b/internal/authn/authn.go
@ -0,0 +1,25 @@
+package authn
+
+import (
+	"net/http"
+	"net/url"
+
+	"github.com/alist-org/alist/v3/internal/conf"
+	"github.com/alist-org/alist/v3/internal/setting"
+	"github.com/alist-org/alist/v3/server/common"
+	"github.com/go-webauthn/webauthn/webauthn"
+)
+
+func NewAuthnInstance(r *http.Request) (*webauthn.WebAuthn, error) {
+	siteUrl, err := url.Parse(common.GetApiUrl(r))
+	if err != nil {
+		return nil, err
+	}
+	return webauthn.New(&webauthn.Config{
+		RPDisplayName: setting.GetStr(conf.SiteTitle),
+		RPID:          siteUrl.Hostname(),
+		//RPOrigin:      siteUrl.String(),
+		RPOrigins: []string{siteUrl.String()},
+		// RPOrigin: "http://localhost:5173"
+	})
+}
--- a/internal/bootstrap/data/setting.go
+++ b/internal/bootstrap/data/setting.go
@ -139,6 +139,7 @@ func InitialSettings() []model.SettingItem {
 		{Key: conf.OcrApi, Value: "https://api.nn.ci/ocr/file/json", Type: conf.TypeString, Group: model.GLOBAL},
 		{Key: conf.FilenameCharMapping, Value: `{"/": "|"}`, Type: conf.TypeText, Group: model.GLOBAL},
 		{Key: conf.ForwardDirectLinkParams, Value: "false", Type: conf.TypeBool, Group: model.GLOBAL},
+		{Key: conf.WebauthnLoginEnabled, Value: "false", Type: conf.TypeBool, Group: model.GLOBAL, Flag: model.PUBLIC},

 		// aria2 settings
 		{Key: conf.Aria2Uri, Value: "http://localhost:6800/jsonrpc", Type: conf.TypeString, Group: model.ARIA2, Flag: model.PRIVATE},
--- a/internal/conf/config.go
+++ b/internal/conf/config.go
@ -83,8 +83,8 @@ func DefaultConfig() *Config {
 		Log: LogConfig{
 			Enable:     true,
 			Name:       logPath,
-			MaxSize:    10,
-			MaxBackups: 5,
+			MaxSize:    50,
+			MaxBackups: 30,
 			MaxAge:     28,
 		},
 		MaxConnections:        0,
--- a/internal/conf/const.go
+++ b/internal/conf/const.go
@ -41,6 +41,7 @@ const (
 	OcrApi                  = "ocr_api"
 	FilenameCharMapping     = "filename_char_mapping"
 	ForwardDirectLinkParams = "forward_direct_link_params"
+	WebauthnLoginEnabled = "webauthn_login_enabled"

 	// index
 	SearchIndex     = "search_index"
--- a/internal/db/db.go
+++ b/internal/db/db.go
@ -29,5 +29,5 @@ func AutoMigrate(dst ...interface{}) error {
 }

 func GetDb() *gorm.DB {
-	return db;
+	return db
 }
--- a/internal/db/user.go
+++ b/internal/db/user.go
@ -1,7 +1,11 @@
 package db

 import (
+	"encoding/base64"
+
 	"github.com/alist-org/alist/v3/internal/model"
+	"github.com/alist-org/alist/v3/pkg/utils"
+	"github.com/go-webauthn/webauthn/webauthn"
 	"github.com/pkg/errors"
 )

@ -59,3 +63,40 @@ func GetUsers(pageIndex, pageSize int) (users []model.User, count int64, err err
 func DeleteUserById(id uint) error {
 	return errors.WithStack(db.Delete(&model.User{}, id).Error)
 }
+
+func UpdateAuthn(userID uint, authn string) error {
+	return db.Model(&model.User{ID: userID}).Update("authn", authn).Error
+}
+
+func RegisterAuthn(u *model.User, credential *webauthn.Credential) error {
+	if u == nil {
+		return errors.New("user is nil")
+	}
+	exists := u.WebAuthnCredentials()
+	if credential != nil {
+		exists = append(exists, *credential)
+	}
+	res, err := utils.Json.Marshal(exists)
+	if err != nil {
+		return err
+	}
+	return UpdateAuthn(u.ID, string(res))
+}
+
+func RemoveAuthn(u *model.User, id string) error {
+	exists := u.WebAuthnCredentials()
+	for i := 0; i < len(exists); i++ {
+		idEncoded := base64.StdEncoding.EncodeToString(exists[i].ID)
+		if idEncoded == id {
+			exists[len(exists)-1], exists[i] = exists[i], exists[len(exists)-1]
+			exists = exists[:len(exists)-1]
+			break
+		}
+	}
+
+	res, err := utils.Json.Marshal(exists)
+	if err != nil {
+		return err
+	}
+	return UpdateAuthn(u.ID, string(res))
+}
--- a/internal/fs/copy.go
+++ b/internal/fs/copy.go
@ -94,7 +94,7 @@ func copyFileBetween2Storages(tsk *task.Task[uint64], srcStorage, dstStorage dri
 	if err != nil {
 		return errors.WithMessagef(err, "failed get [%s] link", srcFilePath)
 	}
-	stream, err := getFileStreamFromLink(srcFile, link)
+	stream, err := getFileStreamFromLink(tsk.Ctx, srcFile, link)
 	if err != nil {
 		return errors.WithMessagef(err, "failed get [%s] stream", srcFilePath)
 	}
--- a/internal/fs/util.go
+++ b/internal/fs/util.go
@ -1,18 +1,21 @@
 package fs

 import (
-	"github.com/alist-org/alist/v3/pkg/http_range"
+	"context"
 	"io"
 	"net/http"
 	"strings"

+	"github.com/alist-org/alist/v3/internal/net"
+	"github.com/alist-org/alist/v3/pkg/http_range"
+
 	"github.com/alist-org/alist/v3/internal/model"
 	"github.com/alist-org/alist/v3/pkg/utils"
 	"github.com/alist-org/alist/v3/server/common"
 	"github.com/pkg/errors"
 )

-func getFileStreamFromLink(file model.Obj, link *model.Link) (*model.FileStream, error) {
+func getFileStreamFromLink(ctx context.Context, file model.Obj, link *model.Link) (*model.FileStream, error) {
 	var rc io.ReadCloser
 	var err error
 	mimetype := utils.GetMimeType(file.GetName())
@ -23,6 +26,21 @@ func getFileStreamFromLink(file model.Obj, link *model.Link) (*model.FileStream,
 		}
 	} else if link.ReadSeekCloser != nil {
 		rc = link.ReadSeekCloser
+	} else if link.Concurrency != 0 || link.PartSize != 0 {
+		down := net.NewDownloader(func(d *net.Downloader) {
+			d.Concurrency = link.Concurrency
+			d.PartSize = link.PartSize
+		})
+		req := &net.HttpRequestParams{
+			URL:       link.URL,
+			Range:     http_range.Range{Length: -1},
+			Size:      file.GetSize(),
+			HeaderRef: link.Header,
+		}
+		rc, err = down.Download(ctx, req)
+		if err != nil {
+			return nil, err
+		}
 	} else {
 		//TODO: add accelerator
 		req, err := http.NewRequest(http.MethodGet, link.URL, nil)
--- a/internal/model/args.go
+++ b/internal/model/args.go
@ -1,11 +1,12 @@
 package model

 import (
-	"github.com/alist-org/alist/v3/pkg/http_range"
-	"github.com/alist-org/alist/v3/pkg/utils"
 	"io"
 	"net/http"
 	"time"
+
+	"github.com/alist-org/alist/v3/pkg/http_range"
+	"github.com/alist-org/alist/v3/pkg/utils"
 )

 type ListArgs struct {
@ -23,14 +24,14 @@ type LinkArgs struct {
 type Link struct {
 	URL             string            `json:"url"`
 	Header          http.Header       `json:"header"` // needed header (for url) or response header(for data or writer)
-	RangeReadCloser RangeReadCloser   // recommended way
-	ReadSeekCloser  io.ReadSeekCloser // best for local,smb.. file system, which exposes ReadSeekCloser
+	RangeReadCloser RangeReadCloser   `json:"-"`      // recommended way
+	ReadSeekCloser  io.ReadSeekCloser `json:"-"`      // best for local,smb... file system, which exposes ReadSeekCloser

 	Expiration *time.Duration // local cache expire Duration
-	IPCacheKey bool           // add ip to cache key
+	IPCacheKey bool           `json:"-"` // add ip to cache key
 	//for accelerating request, use multi-thread downloading
-	Concurrency int
-	PartSize    int
+	Concurrency int `json:"concurrency"`
+	PartSize    int `json:"part_size"`
 }

 type OtherArgs struct {
--- a/internal/model/user.go
+++ b/internal/model/user.go
@ -1,11 +1,14 @@
 package model

 import (
+	"encoding/binary"
+	"encoding/json"
 	"fmt"

 	"github.com/alist-org/alist/v3/internal/errs"
 	"github.com/alist-org/alist/v3/pkg/utils"
 	"github.com/alist-org/alist/v3/pkg/utils/random"
+	"github.com/go-webauthn/webauthn/webauthn"
 	"github.com/pkg/errors"
 )

@ -21,10 +24,10 @@ type User struct {
 	ID       uint   `json:"id" gorm:"primaryKey"`                      // unique key
 	Username string `json:"username" gorm:"unique" binding:"required"` // username
 	PwdHash  string `json:"-"`                                         // password hash
-	Salt     string // unique salt
-	Password string `json:"password"`  // password
-	BasePath string `json:"base_path"` // base path
-	Role     int    `json:"role"`      // user's role
+	Salt     string `json:"-"`                                         // unique salt
+	Password string `json:"password"`                                  // password
+	BasePath string `json:"base_path"`                                 // base path
+	Role     int    `json:"role"`                                      // user's role
 	Disabled bool   `json:"disabled"`
 	// Determine permissions by bit
 	//   0: can see hidden files
@ -41,6 +44,7 @@ type User struct {
 	Permission int32  `json:"permission"`
 	OtpSecret  string `json:"-"`
 	SsoID      string `json:"sso_id"` // unique by sso platform
+	Authn      string `gorm:"type:text" json:"-"`
 }

 func (u *User) IsGuest() bool {
@ -130,3 +134,30 @@ func HashPwd(static string, salt string) string {
 func TwoHashPwd(password string, salt string) string {
 	return HashPwd(StaticHash(password), salt)
 }
+
+func (u *User) WebAuthnID() []byte {
+	bs := make([]byte, 8)
+	binary.LittleEndian.PutUint64(bs, uint64(u.ID))
+	return bs
+}
+
+func (u *User) WebAuthnName() string {
+	return u.Username
+}
+
+func (u *User) WebAuthnDisplayName() string {
+	return u.Username
+}
+
+func (u *User) WebAuthnCredentials() []webauthn.Credential {
+	var res []webauthn.Credential
+	err := json.Unmarshal([]byte(u.Authn), &res)
+	if err != nil {
+		fmt.Println(err)
+	}
+	return res
+}
+
+func (u *User) WebAuthnIcon() string {
+	return "https://alist.nn.ci/logo.svg"
+}
--- a/internal/net/request.go
+++ b/internal/net/request.go
@ -1,11 +1,9 @@
 package net

 import (
+	"bytes"
 	"context"
 	"fmt"
-	"github.com/alist-org/alist/v3/pkg/http_range"
-	"github.com/aws/aws-sdk-go/aws/awsutil"
-	log "github.com/sirupsen/logrus"
 	"io"
 	"math"
 	"net/http"
@ -13,6 +11,10 @@ import (
 	"strings"
 	"sync"
 	"time"
+
+	"github.com/alist-org/alist/v3/pkg/http_range"
+	"github.com/aws/aws-sdk-go/aws/awsutil"
+	log "github.com/sirupsen/logrus"
 )

 // DefaultDownloadPartSize is the default range of bytes to get at a time when
@ -60,7 +62,7 @@ func NewDownloader(options ...func(*Downloader)) *Downloader {
 // cache some data, then return Reader with assembled data
 // Supports range, do not support unknown FileSize, and will fail if FileSize is incorrect
 // memory usage is at about Concurrency*PartSize, use this wisely
-func (d Downloader) Download(ctx context.Context, p *HttpRequestParams) (readCloser *io.ReadCloser, err error) {
+func (d Downloader) Download(ctx context.Context, p *HttpRequestParams) (readCloser io.ReadCloser, err error) {

 	var finalP HttpRequestParams
 	awsutil.Copy(&finalP, p)
@ -107,7 +109,7 @@ type downloader struct {
 }

 // download performs the implementation of the object download across ranged GETs.
-func (d *downloader) download() (*io.ReadCloser, error) {
+func (d *downloader) download() (io.ReadCloser, error) {
 	d.ctx, d.cancel = context.WithCancel(d.ctx)

 	pos := d.params.Range.Start
@ -133,7 +135,7 @@ func (d *downloader) download() (*io.ReadCloser, error) {
 		if err != nil {
 			return nil, err
 		}
-		return &resp.Body, nil
+		return resp.Body, nil
 	}

 	// workers
@ -152,7 +154,7 @@ func (d *downloader) download() (*io.ReadCloser, error) {
 	var rc io.ReadCloser = NewMultiReadCloser(d.chunks[0].buf, d.interrupt, d.finishBuf)

 	// Return error
-	return &rc, d.err
+	return rc, d.err
 }
 func (d *downloader) sendChunkTask() *chunk {
 	ch := &d.chunks[d.nextChunk]
@ -201,7 +203,6 @@ func (d *downloader) downloadPart() {
 	//defer d.wg.Done()
 	for {
 		c, ok := <-d.chunkChannel
-		log.Debugf("downloadPart tried to get chunk")
 		if !ok {
 			break
 		}
@ -210,7 +211,7 @@ func (d *downloader) downloadPart() {
 			// of download producer.
 			continue
 		}
-
+		log.Debugf("downloadPart tried to get chunk")
 		if err := d.downloadChunk(&c); err != nil {
 			d.setErr(err)
 		}
@ -219,7 +220,7 @@ func (d *downloader) downloadPart() {

 // downloadChunk downloads the chunk
 func (d *downloader) downloadChunk(ch *chunk) error {
-	log.Debugf("start new chunk %+v buffer_id =%d", ch, ch.buf.buffer.id)
+	log.Debugf("start new chunk %+v buffer_id =%d", ch, ch.id)
 	var n int64
 	var err error
 	params := d.getParamsFromChunk(ch)
@ -261,6 +262,7 @@ func (d *downloader) tryDownloadChunk(params *HttpRequestParams, ch *chunk) (int
 	if err != nil {
 		return 0, err
 	}
+	defer resp.Body.Close()
 	//only check file size on the first task
 	if ch.id == 0 {
 		err = d.checkTotalBytes(resp)
@ -278,7 +280,6 @@ func (d *downloader) tryDownloadChunk(params *HttpRequestParams, ch *chunk) (int
 		err = fmt.Errorf("chunk download size incorrect, expected=%d, got=%d", ch.size, n)
 		return n, &errReadingBody{err: err}
 	}
-	defer resp.Body.Close()

 	return n, nil
 }
@ -384,7 +385,7 @@ type HttpRequestParams struct {
 	URL string
 	//only want data within this range
 	Range     http_range.Range
-	HeaderRef *http.Header
+	HeaderRef http.Header
 	//total file size
 	Size int64
 }
@ -401,13 +402,8 @@ func (e *errReadingBody) Unwrap() error {
 }

 type MultiReadCloser struct {
-	io.ReadCloser
-
-	//total int //total bufArr
-	//wPos    int //current reader wPos
 	cfg    *cfg
 	closer closerFunc
-	//getBuf getBufFunc
 	finish finishBufFUnc
 }

@ -448,99 +444,26 @@ func (mr MultiReadCloser) Close() error {
 	return mr.closer()
 }

-type Buffer struct {
-	data []byte
-	wPos int //writer position
-	id   int
-	rPos int //reader position
-	lock sync.Mutex
-
-	once   bool     //combined use with notify & lock, to get notify once
-	notify chan int // notifies new writes
-}
-
-func (buf *Buffer) Write(p []byte) (n int, err error) {
-	inSize := len(p)
-	if inSize == 0 {
-		return 0, nil
-	}
-
-	if inSize > len(buf.data)-buf.wPos {
-		return 0, fmt.Errorf("exceeding buffer max size,inSize=%d ,buf.data.len=%d , buf.wPos=%d",
-			inSize, len(buf.data), buf.wPos)
-	}
-	copy(buf.data[buf.wPos:], p)
-	buf.wPos += inSize
-
-	//give read a notice if once==true
-	buf.lock.Lock()
-	if buf.once == true {
-		buf.notify <- inSize //struct{}{}
-	}
-	buf.once = false
-	buf.lock.Unlock()
-
-	return inSize, nil
-}
-
-func (buf *Buffer) getPos() (n int) {
-	return buf.wPos
-}
-func (buf *Buffer) reset() {
-	buf.wPos = 0
-	buf.rPos = 0
-}
-
-// waitTillNewWrite notify caller that new write happens
-func (buf *Buffer) waitTillNewWrite(pos int) error {
-	//log.Debugf("waitTillNewWrite, current wPos=%d", pos)
-	var err error
-
-	//defer buffer.lock.Unlock()
-	if pos >= len(buf.data) {
-		err = fmt.Errorf("there will not be any new write")
-	} else if pos > buf.wPos {
-		err = fmt.Errorf("illegal read position")
-	} else if pos == buf.wPos {
-		buf.lock.Lock()
-		buf.once = true
-		//buffer.wg1.Add(1)
-		buf.lock.Unlock()
-		//wait for write
-		log.Debugf("waitTillNewWrite wait for notify")
-		writes := <-buf.notify
-		log.Debugf("waitTillNewWrite got new write from notify, last writes:%+v", writes)
-		//if pos >= buf.wPos {
-		//	//wrote 0 bytes
-		//	return fmt.Errorf("write has error")
-		//}
-		return nil
-	}
-	//only case: wPos < buffer.wPos
-	return err
-}
-
 type Buf struct {
-	buffer *Buffer // Buffer we read from
-	size   int     //expected size
+	buffer *bytes.Buffer
+	size   int //expected size
 	ctx    context.Context
+	off    int
+	rw     sync.RWMutex
+	notify chan struct{}
 }

 // NewBuf is a buffer that can have 1 read & 1 write at the same time.
 // when read is faster write, immediately feed data to read after written
 func NewBuf(ctx context.Context, maxSize int, id int) *Buf {
 	d := make([]byte, maxSize)
-	buffer := &Buffer{data: d, id: id, notify: make(chan int)}
-	buffer.reset()
-	return &Buf{ctx: ctx, buffer: buffer, size: maxSize}
+	return &Buf{ctx: ctx, buffer: bytes.NewBuffer(d), size: maxSize, notify: make(chan struct{})}

 }
 func (br *Buf) Reset(size int) {
-	br.buffer.reset()
+	br.buffer.Reset()
 	br.size = size
-}
-func (br *Buf) GetId() int {
-	return br.buffer.id
+	br.off = 0
 }

 func (br *Buf) Read(p []byte) (n int, err error) {
@ -550,48 +473,49 @@ func (br *Buf) Read(p []byte) (n int, err error) {
 	if len(p) == 0 {
 		return 0, nil
 	}
-	if br.buffer.rPos == br.size {
+	if br.off >= br.size {
 		return 0, io.EOF
 	}
-	//persist buffer position as another thread is keep increasing it
-	bufPos := br.buffer.getPos()
-	outSize := bufPos - br.buffer.rPos
-
-	if outSize == 0 {
-		//var wg sync.WaitGroup
-		err := br.waitTillNewWrite(br.buffer.rPos)
-		if err != nil {
-			return 0, err
-		}
-		bufPos = br.buffer.getPos()
-		outSize = bufPos - br.buffer.rPos
+	br.rw.RLock()
+	n, err = br.buffer.Read(p)
+	br.rw.RUnlock()
+	if err == nil {
+		br.off += n
+		return n, err
 	}
-
-	if len(p) < outSize {
-		// p is not big enough
-		outSize = len(p)
+	if err != io.EOF {
+		return n, err
 	}
-	copy(p, br.buffer.data[br.buffer.rPos:br.buffer.rPos+outSize])
-	br.buffer.rPos += outSize
-	if br.buffer.rPos == br.size {
-		err = io.EOF
+	if n != 0 {
+		br.off += n
+		return n, nil
+	}
+	// n==0, err==io.EOF
+	// wait for new write for 200ms
+	select {
+	case <-br.ctx.Done():
+		return 0, br.ctx.Err()
+	case <-br.notify:
+		return 0, nil
+	case <-time.After(time.Millisecond * 200):
+		return 0, nil
 	}
-
-	return outSize, err
-}
-
-// waitTillNewWrite is expensive, since we just checked that no new data, wait 0.2s
-func (br *Buf) waitTillNewWrite(pos int) error {
-	time.Sleep(200 * time.Millisecond)
-	return br.buffer.waitTillNewWrite(br.buffer.rPos)
 }

 func (br *Buf) Write(p []byte) (n int, err error) {
 	if err := br.ctx.Err(); err != nil {
 		return 0, err
 	}
-	return br.buffer.Write(p)
+	br.rw.Lock()
+	defer br.rw.Unlock()
+	n, err = br.buffer.Write(p)
+	select {
+	case br.notify <- struct{}{}:
+	default:
+	}
+	return
 }
+
 func (br *Buf) Close() {
-	close(br.buffer.notify)
+	close(br.notify)
 }
--- a/internal/net/request_test.go
+++ b/internal/net/request_test.go
@ -7,14 +7,15 @@ import (
 	"bytes"
 	"context"
 	"fmt"
-	"github.com/alist-org/alist/v3/pkg/http_range"
-	"github.com/sirupsen/logrus"
-	"golang.org/x/exp/slices"
 	"io"
 	"io/ioutil"
 	"net/http"
 	"sync"
 	"testing"
+
+	"github.com/alist-org/alist/v3/pkg/http_range"
+	"github.com/sirupsen/logrus"
+	"golang.org/x/exp/slices"
 )

 var buf22MB = make([]byte, 1024*1024*22)
@ -55,7 +56,7 @@ func TestDownloadOrder(t *testing.T) {
 	if err != nil {
 		t.Fatalf("expect no error, got %v", err)
 	}
-	resultBuf, err := io.ReadAll(*readCloser)
+	resultBuf, err := io.ReadAll(readCloser)
 	if err != nil {
 		t.Fatalf("expect no error, got %v", err)
 	}
@ -111,7 +112,7 @@ func TestDownloadSingle(t *testing.T) {
 	if err != nil {
 		t.Fatalf("expect no error, got %v", err)
 	}
-	resultBuf, err := io.ReadAll(*readCloser)
+	resultBuf, err := io.ReadAll(readCloser)
 	if err != nil {
 		t.Fatalf("expect no error, got %v", err)
 	}
--- a/internal/net/serve.go
+++ b/internal/net/serve.go
@ -2,13 +2,6 @@ package net

 import (
 	"fmt"
-	"github.com/alist-org/alist/v3/drivers/base"
-	"github.com/alist-org/alist/v3/internal/conf"
-	"github.com/alist-org/alist/v3/internal/model"
-	"github.com/alist-org/alist/v3/pkg/http_range"
-	"github.com/alist-org/alist/v3/pkg/utils"
-	"github.com/pkg/errors"
-	log "github.com/sirupsen/logrus"
 	"io"
 	"mime"
 	"mime/multipart"
@ -18,6 +11,14 @@ import (
 	"strings"
 	"sync"
 	"time"
+
+	"github.com/alist-org/alist/v3/drivers/base"
+	"github.com/alist-org/alist/v3/internal/conf"
+	"github.com/alist-org/alist/v3/internal/model"
+	"github.com/alist-org/alist/v3/pkg/http_range"
+	"github.com/alist-org/alist/v3/pkg/utils"
+	"github.com/pkg/errors"
+	log "github.com/sirupsen/logrus"
 )

 //this file is inspired by GO_SDK net.http.ServeContent
@ -109,7 +110,7 @@ func ServeHTTP(w http.ResponseWriter, r *http.Request, name string, modTime time
 	}
 	switch {
 	case len(ranges) == 0:
-		reader, err := RangeReaderFunc(http_range.Range{0, -1})
+		reader, err := RangeReaderFunc(http_range.Range{Length: -1})
 		if err != nil {
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
@ -191,37 +192,33 @@ func ServeHTTP(w http.ResponseWriter, r *http.Request, name string, modTime time
 	}
 	//defer sendContent.Close()
 }
-func ProcessHeader(origin, override *http.Header) *http.Header {
+func ProcessHeader(origin, override http.Header) http.Header {
 	result := http.Header{}
 	// client header
-	for h, val := range *origin {
+	for h, val := range origin {
 		if utils.SliceContains(conf.SlicesMap[conf.ProxyIgnoreHeaders], strings.ToLower(h)) {
 			continue
 		}
 		result[h] = val
 	}
 	// needed header
-	for h, val := range *override {
+	for h, val := range override {
 		result[h] = val
 	}
-	return &result
+	return result
 }

 // RequestHttp deal with Header properly then send the request
-func RequestHttp(httpMethod string, headerOverride *http.Header, URL string) (*http.Response, error) {
+func RequestHttp(httpMethod string, headerOverride http.Header, URL string) (*http.Response, error) {
 	req, err := http.NewRequest(httpMethod, URL, nil)
 	if err != nil {
 		return nil, err
 	}
-	req.Header = *headerOverride
-	log.Debugln("request Header: ", req.Header)
-	log.Debugln("request URL: ", URL)
+	req.Header = headerOverride
 	res, err := HttpClient().Do(req)
 	if err != nil {
 		return nil, err
 	}
-	log.Debugf("response status: %d", res.StatusCode)
-	log.Debugln("response Header: ", res.Header)
 	// TODO clean header with blocklist or passlist
 	res.Header.Del("set-cookie")
 	if res.StatusCode >= 400 {
@ -230,7 +227,6 @@ func RequestHttp(httpMethod string, headerOverride *http.Header, URL string) (*h
 		log.Debugln(msg)
 		return res, errors.New(msg)
 	}
-
 	return res, nil
 }

--- a/pkg/errgroup/errgroup.go
+++ b/pkg/errgroup/errgroup.go
@ -0,0 +1,93 @@
+package errgroup
+
+import (
+	"context"
+	"fmt"
+	"sync"
+	"sync/atomic"
+
+	"github.com/avast/retry-go"
+)
+
+type token struct{}
+type Group struct {
+	cancel func(error)
+	ctx    context.Context
+	opts   []retry.Option
+
+	success uint64
+
+	wg  sync.WaitGroup
+	sem chan token
+}
+
+func NewGroupWithContext(ctx context.Context, limit int, retryOpts ...retry.Option) (*Group, context.Context) {
+	ctx, cancel := context.WithCancelCause(ctx)
+	return (&Group{cancel: cancel, ctx: ctx, opts: append(retryOpts, retry.Context(ctx))}).SetLimit(limit), ctx
+}
+
+func (g *Group) done() {
+	if g.sem != nil {
+		<-g.sem
+	}
+	g.wg.Done()
+	atomic.AddUint64(&g.success, 1)
+}
+
+func (g *Group) Wait() error {
+	g.wg.Wait()
+	return context.Cause(g.ctx)
+}
+
+func (g *Group) Go(f func(ctx context.Context) error) {
+	if g.sem != nil {
+		g.sem <- token{}
+	}
+
+	g.wg.Add(1)
+	go func() {
+		defer g.done()
+		if err := retry.Do(func() error { return f(g.ctx) }, g.opts...); err != nil {
+			g.cancel(err)
+		}
+	}()
+}
+
+func (g *Group) TryGo(f func(ctx context.Context) error) bool {
+	if g.sem != nil {
+		select {
+		case g.sem <- token{}:
+		default:
+			return false
+		}
+	}
+
+	g.wg.Add(1)
+	go func() {
+		defer g.done()
+		if err := retry.Do(func() error { return f(g.ctx) }, g.opts...); err != nil {
+			g.cancel(err)
+		}
+	}()
+	return true
+}
+
+func (g *Group) SetLimit(n int) *Group {
+	if len(g.sem) != 0 {
+		panic(fmt.Errorf("errgroup: modify limit while %v goroutines in the group are still active", len(g.sem)))
+	}
+	if n > 0 {
+		g.sem = make(chan token, n)
+	} else {
+		g.sem = nil
+	}
+	return g
+}
+
+func (g *Group) Success() uint64 {
+	return atomic.LoadUint64(&g.success)
+}
+
+func (g *Group) Err() error {
+	return context.Cause(g.ctx)
+}
--- a/pkg/http_range/range.go
+++ b/pkg/http_range/range.go
@ -109,21 +109,16 @@ func ParseRange(s string, size int64) ([]Range, error) { // nolint:gocognit

 func (r Range) MimeHeader(contentType string, size int64) textproto.MIMEHeader {
 	return textproto.MIMEHeader{
-		"Content-Range": {r.contentRange(size)},
+		"Content-Range": {r.ContentRange(size)},
 		"Content-Type":  {contentType},
 	}
 }

-// for http response header
-func (r Range) contentRange(size int64) string {
-	return fmt.Sprintf("bytes %d-%d/%d", r.Start, r.Start+r.Length-1, size)
-}
-
 // ApplyRangeToHttpHeader for http request header
-func ApplyRangeToHttpHeader(p Range, headerRef *http.Header) *http.Header {
+func ApplyRangeToHttpHeader(p Range, headerRef http.Header) http.Header {
 	header := headerRef
 	if header == nil {
-		header = &http.Header{}
+		header = http.Header{}
 	}
 	if p.Start == 0 && p.Length < 0 {
 		header.Del("Range")
--- a/pkg/utils/file.go
+++ b/pkg/utils/file.go
@ -2,7 +2,6 @@ package utils

 import (
 	"fmt"
-	"github.com/alist-org/alist/v3/internal/errs"
 	"io"
 	"mime"
 	"os"
@ -10,6 +9,8 @@ import (
 	"path/filepath"
 	"strings"

+	"github.com/alist-org/alist/v3/internal/errs"
+
 	"github.com/alist-org/alist/v3/internal/conf"
 	log "github.com/sirupsen/logrus"
 )
@ -127,7 +128,7 @@ func CreateTempFile(r io.ReadCloser, size int64) (*os.File, error) {
 	}
 	if size != 0 && readBytes != size {
 		_ = os.Remove(f.Name())
-		return nil, errs.NewErr(err, "CreateTempFile failed, incoming stream actual size= %s, expect = %s ", readBytes, size)
+		return nil, errs.NewErr(err, "CreateTempFile failed, incoming stream actual size= %d, expect = %d ", readBytes, size)
 	}
 	_, err = f.Seek(0, io.SeekStart)
 	if err != nil {
--- a/pkg/utils/io.go
+++ b/pkg/utils/io.go
@ -4,9 +4,10 @@ import (
 	"bytes"
 	"context"
 	"fmt"
-	log "github.com/sirupsen/logrus"
 	"io"
 	"time"
+
+	log "github.com/sirupsen/logrus"
 )

 // here is some syntaxic sugar inspired by the Tomas Senart's video,
@ -47,31 +48,23 @@ func CopyWithCtx(ctx context.Context, out io.Writer, in io.Reader, size int64, p

 type limitWriter struct {
 	w     io.Writer
-	count int64
 	limit int64
 }

-func (l limitWriter) Write(p []byte) (n int, err error) {
-	wn := int(l.limit - l.count)
-	if wn > len(p) {
-		wn = len(p)
-	}
-	if wn > 0 {
-		if n, err = l.w.Write(p[:wn]); err != nil {
-			return
-		}
-		if n < wn {
-			err = io.ErrShortWrite
+func (l *limitWriter) Write(p []byte) (n int, err error) {
+	lp := len(p)
+	if l.limit > 0 {
+		if int64(lp) > l.limit {
+			p = p[:l.limit]
 		}
+		l.limit -= int64(len(p))
+		_, err = l.w.Write(p)
 	}
-	if err == nil {
-		n = len(p)
-	}
-	return
+	return lp, err
 }

-func LimitWriter(w io.Writer, size int64) io.Writer {
-	return &limitWriter{w: w, limit: size}
+func LimitWriter(w io.Writer, limit int64) io.Writer {
+	return &limitWriter{w: w, limit: limit}
 }

 type ReadCloser struct {
--- a/pkg/utils/slice.go
+++ b/pkg/utils/slice.go
@ -69,3 +69,13 @@ func SliceMeet[T1, T2 any](arr []T1, v T2, meet func(item T1, v T2) bool) bool {
 	}
 	return false
 }
+
+func SliceFilter[T any](arr []T, filter func(src T) bool) []T {
+	res := make([]T, 0, len(arr))
+	for _, src := range arr {
+		if filter(src) {
+			res = append(res, src)
+		}
+	}
+	return res
+}
--- a/server/common/proxy.go
+++ b/server/common/proxy.go
@ -3,16 +3,17 @@ package common
 import (
 	"context"
 	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"sync"
+
 	"github.com/alist-org/alist/v3/drivers/base"
 	"github.com/alist-org/alist/v3/internal/model"
 	"github.com/alist-org/alist/v3/internal/net"
 	"github.com/alist-org/alist/v3/pkg/http_range"
 	"github.com/alist-org/alist/v3/pkg/utils"
 	"github.com/pkg/errors"
-	"io"
-	"net/http"
-	"net/url"
-	"sync"
 )

 func HttpClient() *http.Client {
@ -52,7 +53,7 @@ func Proxy(w http.ResponseWriter, r *http.Request, link *model.Link, file model.
 		size := file.GetSize()
 		//var finalClosers model.Closers
 		finalClosers := utils.NewClosers()
-		header := net.ProcessHeader(&r.Header, &link.Header)
+		header := net.ProcessHeader(r.Header, link.Header)
 		rangeReader := func(httpRange http_range.Range) (io.ReadCloser, error) {
 			down := net.NewDownloader(func(d *net.Downloader) {
 				d.Concurrency = link.Concurrency
@ -65,15 +66,15 @@ func Proxy(w http.ResponseWriter, r *http.Request, link *model.Link, file model.
 				HeaderRef: header,
 			}
 			rc, err := down.Download(context.Background(), req)
-			finalClosers.Add(*rc)
-			return *rc, err
+			finalClosers.Add(rc)
+			return rc, err
 		}
 		net.ServeHTTP(w, r, file.GetName(), file.ModTime(), file.GetSize(), rangeReader)
 		defer finalClosers.Close()
 		return nil
 	} else {
 		//transparent proxy
-		header := net.ProcessHeader(&r.Header, &link.Header)
+		header := net.ProcessHeader(r.Header, link.Header)
 		res, err := net.RequestHttp(r.Method, header, link.URL)
 		if err != nil {
 			return err
--- a/server/handles/webauthn.go
+++ b/server/handles/webauthn.go
@ -0,0 +1,217 @@
+package handles
+
+import (
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+
+	"github.com/alist-org/alist/v3/internal/authn"
+	"github.com/alist-org/alist/v3/internal/conf"
+	"github.com/alist-org/alist/v3/internal/db"
+	"github.com/alist-org/alist/v3/internal/model"
+	"github.com/alist-org/alist/v3/internal/op"
+	"github.com/alist-org/alist/v3/internal/setting"
+	"github.com/alist-org/alist/v3/server/common"
+	"github.com/gin-gonic/gin"
+	"github.com/go-webauthn/webauthn/webauthn"
+)
+
+func BeginAuthnLogin(c *gin.Context) {
+	enabled := setting.GetBool(conf.WebauthnLoginEnabled)
+	if !enabled {
+		common.ErrorStrResp(c, "WebAuthn is not enabled", 403)
+		return
+	}
+	username := c.Query("username")
+	if username == "" {
+		common.ErrorStrResp(c, "empty or no username provided", 400)
+		return
+	}
+	user, err := db.GetUserByName(username)
+	if err != nil {
+		common.ErrorResp(c, err, 400)
+		return
+	}
+	authnInstance, err := authn.NewAuthnInstance(c.Request)
+	if err != nil {
+		common.ErrorResp(c, err, 400)
+		return
+	}
+
+	options, sessionData, err := authnInstance.BeginLogin(user)
+
+	if err != nil {
+		common.ErrorResp(c, err, 400)
+		return
+	}
+	val, err := json.Marshal(sessionData)
+	if err != nil {
+		common.ErrorResp(c, err, 400)
+		return
+	}
+	common.SuccessResp(c, gin.H{
+		"options": options,
+		"session": val,
+	})
+}
+
+func FinishAuthnLogin(c *gin.Context) {
+	enabled := setting.GetBool(conf.WebauthnLoginEnabled)
+	if !enabled {
+		common.ErrorStrResp(c, "WebAuthn is not enabled", 403)
+		return
+	}
+	username := c.Query("username")
+	user, err := db.GetUserByName(username)
+	if err != nil {
+		common.ErrorResp(c, err, 400)
+		return
+	}
+
+	sessionDataString := c.GetHeader("session")
+
+	authnInstance, err := authn.NewAuthnInstance(c.Request)
+	if err != nil {
+		common.ErrorResp(c, err, 400)
+		return
+	}
+	sessionDataBytes, err := base64.StdEncoding.DecodeString(sessionDataString)
+	if err != nil {
+		common.ErrorResp(c, err, 400)
+		return
+	}
+
+	var sessionData webauthn.SessionData
+	if err := json.Unmarshal(sessionDataBytes, &sessionData); err != nil {
+		common.ErrorResp(c, err, 400)
+		return
+	}
+
+	_, err = authnInstance.FinishLogin(user, sessionData, c.Request)
+
+	if err != nil {
+		common.ErrorResp(c, err, 400)
+		return
+	}
+
+	token, err := common.GenerateToken(user.Username)
+	if err != nil {
+		common.ErrorResp(c, err, 400, true)
+		return
+	}
+	common.SuccessResp(c, gin.H{"token": token})
+}
+
+func BeginAuthnRegistration(c *gin.Context) {
+	enabled := setting.GetBool(conf.WebauthnLoginEnabled)
+	if !enabled {
+		common.ErrorStrResp(c, "WebAuthn is not enabled", 403)
+		return
+	}
+	user := c.MustGet("user").(*model.User)
+
+	authnInstance, err := authn.NewAuthnInstance(c.Request)
+	if err != nil {
+		common.ErrorResp(c, err, 400)
+	}
+
+	options, sessionData, err := authnInstance.BeginRegistration(user)
+
+	if err != nil {
+		common.ErrorResp(c, err, 400)
+	}
+
+	val, err := json.Marshal(sessionData)
+	if err != nil {
+		common.ErrorResp(c, err, 400)
+	}
+
+	common.SuccessResp(c, gin.H{
+		"options": options,
+		"session": val,
+	})
+}
+
+func FinishAuthnRegistration(c *gin.Context) {
+	enabled := setting.GetBool(conf.WebauthnLoginEnabled)
+	if !enabled {
+		common.ErrorStrResp(c, "WebAuthn is not enabled", 403)
+		return
+	}
+	user := c.MustGet("user").(*model.User)
+	sessionDataString := c.GetHeader("Session")
+
+	authnInstance, err := authn.NewAuthnInstance(c.Request)
+	if err != nil {
+		common.ErrorResp(c, err, 400)
+		return
+	}
+
+	sessionDataBytes, err := base64.StdEncoding.DecodeString(sessionDataString)
+	if err != nil {
+		common.ErrorResp(c, err, 400)
+		return
+	}
+
+	var sessionData webauthn.SessionData
+	if err := json.Unmarshal(sessionDataBytes, &sessionData); err != nil {
+		common.ErrorResp(c, err, 400)
+		return
+	}
+
+	credential, err := authnInstance.FinishRegistration(user, sessionData, c.Request)
+
+	if err != nil {
+		common.ErrorResp(c, err, 400)
+		return
+	}
+	err = db.RegisterAuthn(user, credential)
+	if err != nil {
+		common.ErrorResp(c, err, 400)
+		return
+	}
+	err = op.DelUserCache(user.Username)
+	if err != nil {
+		common.ErrorResp(c, err, 400)
+		return
+	}
+	common.SuccessResp(c, "Registered Successfully")
+}
+
+func DeleteAuthnLogin(c *gin.Context) {
+	user := c.MustGet("user").(*model.User)
+	type DeleteAuthnReq struct {
+		ID string `json:"id"`
+	}
+	var req DeleteAuthnReq
+	err := c.ShouldBind(&req)
+	if err != nil {
+		common.ErrorResp(c, err, 400)
+		return
+	}
+	err = db.RemoveAuthn(user, req.ID)
+	err = op.DelUserCache(user.Username)
+	if err != nil {
+		common.ErrorResp(c, err, 400)
+		return
+	}
+	common.SuccessResp(c, "Deleted Successfully")
+}
+
+func GetAuthnCredentials(c *gin.Context) {
+	type WebAuthnCredentials struct {
+		ID          []byte `json:"id"`
+		FingerPrint string `json:"fingerprint"`
+	}
+	user := c.MustGet("user").(*model.User)
+	credentials := user.WebAuthnCredentials()
+	res := make([]WebAuthnCredentials, 0, len(credentials))
+	for _, v := range credentials {
+		credential := WebAuthnCredentials{
+			ID:          v.ID,
+			FingerPrint: fmt.Sprintf("% X", v.Authenticator.AAGUID),
+		}
+		res = append(res, credential)
+	}
+	common.SuccessResp(c, res)
+}
--- a/server/middlewares/auth.go
+++ b/server/middlewares/auth.go
@ -67,6 +67,54 @@ func Auth(c *gin.Context) {
 	c.Next()
 }

+func Authn(c *gin.Context) {
+	token := c.GetHeader("Authorization")
+	if subtle.ConstantTimeCompare([]byte(token), []byte(setting.GetStr(conf.Token))) == 1 {
+		admin, err := op.GetAdmin()
+		if err != nil {
+			common.ErrorResp(c, err, 500)
+			c.Abort()
+			return
+		}
+		c.Set("user", admin)
+		log.Debugf("use admin token: %+v", admin)
+		c.Next()
+		return
+	}
+	if token == "" {
+		guest, err := op.GetGuest()
+		if err != nil {
+			common.ErrorResp(c, err, 500)
+			c.Abort()
+			return
+		}
+		c.Set("user", guest)
+		log.Debugf("use empty token: %+v", guest)
+		c.Next()
+		return
+	}
+	userClaims, err := common.ParseToken(token)
+	if err != nil {
+		common.ErrorResp(c, err, 401)
+		c.Abort()
+		return
+	}
+	user, err := op.GetUserByName(userClaims.Username)
+	if err != nil {
+		common.ErrorResp(c, err, 401)
+		c.Abort()
+		return
+	}
+	if user.Disabled {
+		common.ErrorStrResp(c, "Current user is disabled, replace please", 401)
+		c.Abort()
+		return
+	}
+	c.Set("user", user)
+	log.Debugf("use login token: %+v", user)
+	c.Next()
+}
+
 func AuthAdmin(c *gin.Context) {
 	user := c.MustGet("user").(*model.User)
 	if !user.IsAdmin() {
--- a/server/router.go
+++ b/server/router.go
@ -44,6 +44,7 @@ func Init(e *gin.Engine) {

 	api := g.Group("/api")
 	auth := api.Group("", middlewares.Auth)
+	webauthn := api.Group("/authn", middlewares.Authn)

 	api.POST("/auth/login", handles.Login)
 	api.POST("/auth/login/hash", handles.LoginHash)
@ -52,10 +53,18 @@ func Init(e *gin.Engine) {
 	auth.POST("/auth/2fa/generate", handles.Generate2FA)
 	auth.POST("/auth/2fa/verify", handles.Verify2FA)

-	// github auth
+	// auth
 	api.GET("/auth/sso", handles.SSOLoginRedirect)
 	api.GET("/auth/sso_callback", handles.SSOLoginCallback)

+	//webauthn
+	webauthn.GET("/webauthn_begin_registration", handles.BeginAuthnRegistration)
+	webauthn.POST("/webauthn_finish_registration", handles.FinishAuthnRegistration)
+	webauthn.GET("/webauthn_begin_login", handles.BeginAuthnLogin)
+	webauthn.POST("/webauthn_finish_login", handles.FinishAuthnLogin)
+	webauthn.POST("/delete_authn", handles.DeleteAuthnLogin)
+	webauthn.GET("/getcredentials", handles.GetAuthnCredentials)
+
 	// no need auth
 	public := api.Group("/public")
 	public.Any("/settings", handles.PublicSettings)
Author	SHA1	Message	Date
renovate[bot]	8c3337b88b	fix(deps): update module golang.org/x/image to v0.11.0 (#5044 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-08-21 15:01:11 +08:00
renovate[bot]	7238243664	fix(deps): update module golang.org/x/crypto to v0.12.0 [skip ci] (#5043 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-08-21 14:43:59 +08:00
renovate[bot]	ba2b15ab24	fix(deps): update module golang.org/x/net to v0.14.0 [skip ci] (#5051 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-08-21 14:43:07 +08:00
renovate[bot]	28dc8822b7	fix(deps): update module github.com/u2takey/ffmpeg-go to v0.5.0 [skip ci] (#5042 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-08-20 13:10:01 +08:00
foxxorcat	358c5055e9	fix(lanzou): download not find file sgin (close #5046 in #5048 )	2023-08-20 13:08:57 +08:00
renovate[bot]	b6cd40e6d3	chore(deps): update actions-cool/issues-helper action to v3.5.2 [skip ci] (#5033 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-08-19 14:20:55 +08:00
renovate[bot]	7d96d8070d	fix(deps): update github.com/winfsp/cgofuse digest to f87f5db [skip ci] (#4908 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-08-19 14:19:30 +08:00
renovate[bot]	d482fb5f26	fix(deps): update module github.com/aws/aws-sdk-go to v1.44.327 [skip ci] (#4395 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-08-19 14:18:08 +08:00
renovate[bot]	60402ce1fc	fix(deps): update module github.com/deckarep/golang-set/v2 to v2.3.1 [skip ci] (#4925 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-08-19 14:15:22 +08:00
Andy Hsu	1e3950c847	fix: copy tasks using multi-thread downloader can't be canceled (#5028 ) #4981 related	2023-08-19 14:06:59 +08:00
renovate[bot]	ed550594da	fix(deps): update golang.org/x/exp digest to d852ddb (#4910 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-08-18 19:34:38 +08:00
Andy Hsu	3bbae29f93	feat(cloudreve): add custom user-agent (close #5020 )	2023-08-17 19:41:21 +08:00
renovate[bot]	3b74f8cd9a	fix(deps): update module github.com/sheltonzhu/115driver to v1.0.15 (#4926 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-08-17 15:33:46 +08:00
Andy Hsu	e9bdb91e01	fix: ignore salt on marshal `model.User`	2023-08-16 13:31:15 +08:00
itsHenry	1aa024ed6b	feat: support webauthn login (#4945 ) * feat: support webauthn login * manually merge * fix: clear user cache after updating authn * decrease db size of Authn * change authn type to text * simplify code structure --------- Co-authored-by: Andy Hsu <i@nn.ci>	2023-08-14 22:54:38 +08:00
Andy Hsu	13e8d36e1a	fix(aliyundrive_open): use `RawStdEncoding` for base64	2023-08-13 20:52:38 +08:00
Andy Hsu	5606c23768	perf(copy): use multi-thread downloader (close #5000 )	2023-08-13 15:31:49 +08:00
dependabot[bot]	0b675d6c02	chore(deps): bump github.com/libp2p/go-libp2p to 0.27.8 (#4978 ) Bumps [github.com/libp2p/go-libp2p](https://github.com/libp2p/go-libp2p) from 0.26.3 to 0.27.8. - [Release notes](https://github.com/libp2p/go-libp2p/releases) - [Changelog](https://github.com/libp2p/go-libp2p/blob/master/CHANGELOG.md) - [Commits](https://github.com/libp2p/go-libp2p/compare/v0.26.3...v0.27.8) --- updated-dependencies: - dependency-name: github.com/libp2p/go-libp2p dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-08-11 22:57:42 +08:00
foxxorcat	c1db3a36ad	feat: upload progress recovery (#4987 ) * feat(189pc):upload progress recovery * fix:some err * feat(baidu_netdisk,baidu_photo):upload progress recovery * feat(mopan):upload progress recovery * feat(baidu_netdisk):custom upload api	2023-08-11 14:23:30 +08:00
Andy Hsu	c59dbb4f9e	fix(local): files get deleted when copied to other storage (close #4983 )	2023-08-10 16:42:09 +08:00
foxxorcat	df6b306fce	perf(drivers): fs operations and cache (#4965 ) * perf(baidu_photo):multi-thread upload * perf(baidu_netdisk):multi-thread upload and cache optimization * fix:LimitWriter * fix(weiyun):only one login is allowed * feat(189pc):multi threaded upload * feat(baidu_netdisk):multi threaded upload * feat(baidu_photo):multi threaded upload * feat(weiyun):multi threaded upload * perf(aliyundriver_open):optimize upload code and optimize cache * fix(weiyun):invalid directory ID * fix(baidu_netdisk):modified time * fix(baidu_netdisk,baidu_photo):upload slice error * perf(baidu_netdisk):cancel unnecessary retries * fix(limitWriter):must return a non-nil error if it returns n < len(p) * fix(aliyundrive_open):Name and Filename only use one * perf(mopan):multi-thread upload	2023-08-09 16:13:09 +08:00
Andy Hsu	9d45718e5f	fix: `model.Link` marshal error (close #4971 ) ignore unsupported filed of `model.Link`	2023-08-09 14:04:31 +08:00
Andy Hsu	b91ed7a78a	fix(aliyundrive_open): retry refresh token if sub not match	2023-08-08 22:08:05 +08:00
Andy Hsu	95386d777b	feat(aliyundrive_open): record token exchange	2023-08-08 20:38:13 +08:00
Andy Hsu	635809c376	feat(cmd): list all storages command (close #4960 )	2023-08-08 16:15:45 +08:00
Andy Hsu	af6bb2a6aa	docs: ignore `network` reason for bug report [skip ci]	2023-08-08 14:54:32 +08:00