refactor

2025-11-01 19:32:37 +08:00 · 2024-08-20 17:46:22 +08:00
parent deef8162b1
commit 6c9a8cc4be
92 changed files with 539 additions and 5350 deletions
--- a/backend/pkg/server/auth/acl/acl.go
+++ b/backend/pkg/server/auth/acl/acl.go
--- a/backend/pkg/server/auth/acl/itsdangrous.go
+++ b/backend/pkg/server/auth/acl/itsdangrous.go
--- a/backend/pkg/server/auth/acl/login.go
+++ b/backend/pkg/server/auth/acl/login.go
@@ -8,8 +8,8 @@ import (
 	"encoding/json"
 	"fmt"
-	"github.com/veops/oneterm/pkg/conf"
+	"github.com/veops/oneterm/conf"
-	"github.com/veops/oneterm/pkg/server/remote"
+	"github.com/veops/oneterm/remote"
 )
 func LoginByPassword(ctx context.Context, username string, password string) (cookie string, err error) {
--- a/backend/pkg/server/auth/acl/perm.go
+++ b/backend/pkg/server/auth/acl/perm.go
@@ -8,7 +8,7 @@ import (
 	"github.com/gin-gonic/gin"
 	"github.com/samber/lo"
-	"github.com/veops/oneterm/pkg/conf"
+	"github.com/veops/oneterm/conf"
 )
 func GetSessionFromCtx(ctx *gin.Context) (res *Session, err error) {
--- a/backend/pkg/server/auth/acl/resource.go
+++ b/backend/pkg/server/auth/acl/resource.go
@@ -6,8 +6,8 @@ import (
 	"github.com/spf13/cast"
-	"github.com/veops/oneterm/pkg/conf"
+	"github.com/veops/oneterm/conf"
-	"github.com/veops/oneterm/pkg/server/remote"
+	"github.com/veops/oneterm/remote"
 )
 func AddResource(ctx context.Context, uid int, resourceTypeId string, name string) (res *Resource, err error) {
--- a/backend/pkg/server/auth/acl/role.go
+++ b/backend/pkg/server/auth/acl/role.go
@@ -7,8 +7,8 @@ import (
 	"github.com/spf13/cast"
 	"golang.org/x/sync/errgroup"
-	"github.com/veops/oneterm/pkg/conf"
+	"github.com/veops/oneterm/conf"
-	"github.com/veops/oneterm/pkg/server/remote"
+	"github.com/veops/oneterm/remote"
 )
 func GetRoleResources(ctx context.Context, rid int, resourceTypeId string) (res []*Resource, err error) {
--- a/backend/api/api.go
+++ b/backend/api/api.go
@@ -0,0 +1,133 @@
 package api
 import (
 	"context"
 	"net/http"
 	"github.com/gin-gonic/gin"
 	"go.uber.org/zap"
 	"github.com/veops/oneterm/api/controller"
 	"github.com/veops/oneterm/logger"
 )
 var (
 	ctx, cancel = context.WithCancel(context.Background())
 	srv         = &http.Server{}
 )
 func RunApi() error {
 	c := controller.Controller{}
 	r := gin.New()
 	r.SetTrustedProxies([]string{"0.0.0.0/0", "::/0"})
 	r.MaxMultipartMemory = 128 << 20
 	r.Use(gin.Recovery(), ginLogger())
 	v1 := r.Group("/api/oneterm/v1", auth())
 	{
 		account := v1.Group("account")
 		{
 			account.POST("", c.CreateAccount)
 			account.DELETE("/:id", c.DeleteAccount)
 			account.PUT("/:id", c.UpdateAccount)
 			account.GET("", c.GetAccounts)
 		}
 		asset := v1.Group("asset")
 		{
 			asset.POST("", c.CreateAsset)
 			asset.DELETE("/:id", c.DeleteAsset)
 			asset.PUT("/:id", c.UpdateAsset)
 			asset.GET("", c.GetAssets)
 		}
 		node := v1.Group("node")
 		{
 			node.POST("", c.CreateNode)
 			node.DELETE("/:id", c.DeleteNode)
 			node.PUT("/:id", c.UpdateNode)
 			node.GET("", c.GetNodes)
 		}
 		publicKey := v1.Group("public_key")
 		{
 			publicKey.POST("", c.CreatePublicKey)
 			publicKey.DELETE("/:id", c.DeletePublicKey)
 			publicKey.PUT("/:id", c.UpdatePublicKey)
 			publicKey.GET("", c.GetPublicKeys)
 		}
 		gateway := v1.Group("gateway")
 		{
 			gateway.POST("", c.CreateGateway)
 			gateway.DELETE("/:id", c.DeleteGateway)
 			gateway.PUT("/:id", c.UpdateGateway)
 			gateway.GET("", c.GetGateways)
 		}
 		stat := v1.Group("stat")
 		{
 			stat.GET("assettype", c.StatAssetType)
 			stat.GET("count", c.StatCount)
 			stat.GET("count/ofuser", c.StatCountOfUser)
 			stat.GET("account", c.StatAccount)
 			stat.GET("asset", c.StatAsset)
 			stat.GET("rank/ofuser", c.StatRankOfUser)
 		}
 		command := v1.Group("command")
 		{
 			command.POST("", c.CreateCommand)
 			command.DELETE("/:id", c.DeleteCommand)
 			command.PUT("/:id", c.UpdateCommand)
 			command.GET("", c.GetCommands)
 		}
 		session := v1.Group("session")
 		{
 			session.GET("", c.GetSessions)
 			session.GET("/:session_id/cmd", c.GetSessionCmds)
 			session.GET("/option/asset", c.GetSessionOptionAsset)
 			session.GET("/option/clientip", c.GetSessionOptionClientIp)
 			session.GET("/replay/:session_id", c.GetSessionReplay)
 			session.POST("/replay/:session_id", c.CreateSessionReplay)
 			session.POST("", c.UpsertSession)
 			session.POST("/cmd", c.CreateSessionCmd)
 		}
 		connect := v1.Group("connect")
 		{
 			connect.POST("/:asset_id/:account_id/:protocol", c.Connect)
 			connect.GET("/:session_id", c.Connecting)
 			connect.GET("/monitor/:session_id", c.ConnectMonitor)
 			connect.POST("/close/:session_id", c.ConnectClose)
 		}
 		file := v1.Group("file")
 		{
 			file.GET("/history", c.GetFileHistory)
 			file.GET("/ls/:asset_id/:account_id", c.FileLS)
 			file.POST("/mkdir/:asset_id/:account_id", c.FileMkdir)
 			file.POST("/upload/:asset_id/:account_id", c.FileUpload)
 			file.GET("/download/:asset_id/:account_id", c.FileDownload)
 		}
 		history := v1.Group("history")
 		{
 			history.GET("", c.GetHistories)
 			history.GET("/type/mapping", c.GetHistoryTypeMapping)
 		}
 	}
 	srv.Addr = ":8888"
 	srv.Handler = r
 	err := srv.ListenAndServe()
 	if err != nil {
 		logger.L().Fatal("start http failed", zap.Error(err))
 	}
 	return err
 }
 func StopApi() {
 	defer cancel()
 	srv.Shutdown(ctx)
 }
--- a/backend/pkg/server/controller/account.go
+++ b/backend/pkg/server/controller/account.go
@@ -11,11 +11,11 @@ import (
 	"golang.org/x/crypto/ssh"
 	"gorm.io/gorm"
-	"github.com/veops/oneterm/pkg/conf"
+	"github.com/veops/oneterm/acl"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
+	"github.com/veops/oneterm/conf"
-	"github.com/veops/oneterm/pkg/server/model"
+	mysql "github.com/veops/oneterm/db"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	"github.com/veops/oneterm/model"
-	"github.com/veops/oneterm/pkg/util"
+	"github.com/veops/oneterm/util"
 )
 var (
@@ -61,13 +61,6 @@ var (
 				d.AssetCount = m[d.Id]
 			}
 		},
 		func(ctx *gin.Context, data []*model.Account) {
 			for _, d := range data {
 				d.Password = lo.Ternary(!cast.ToBool(ctx.Query("info")) || ctx.GetHeader("X-Token") == conf.Cfg.SshServer.Xtoken, util.DecryptAES(d.Password), "")
 				d.Pk = lo.Ternary(!cast.ToBool(ctx.Query("info")) || ctx.GetHeader("X-Token") == conf.Cfg.SshServer.Xtoken, util.DecryptAES(d.Pk), "")
 				d.Phrase = lo.Ternary(!cast.ToBool(ctx.Query("info")) || ctx.GetHeader("X-Token") == conf.Cfg.SshServer.Xtoken, util.DecryptAES(d.Phrase), "")
 			}
 		},
 	}
 	accountDcs = []deleteCheck{
 		func(ctx *gin.Context, id int) {
@@ -137,7 +130,7 @@ func (c *Controller) GetAccounts(ctx *gin.Context) {
 	info := cast.ToBool(ctx.Query("info"))
 	db := mysql.DB.Model(&model.Account{})
-	db = filterEqual(ctx, db, "id","type")
+	db = filterEqual(ctx, db, "id", "type")
 	db = filterLike(ctx, db, "name")
 	db = filterSearch(ctx, db, "name", "account")
 	if q, ok := ctx.GetQuery("ids"); ok {
--- a/backend/pkg/server/controller/asset.go
+++ b/backend/pkg/server/controller/asset.go
@@ -10,12 +10,12 @@ import (
 	"github.com/spf13/cast"
 	"go.uber.org/zap"
-	"github.com/veops/oneterm/pkg/conf"
+	"github.com/veops/oneterm/acl"
-	"github.com/veops/oneterm/pkg/logger"
+	"github.com/veops/oneterm/conf"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
+	mysql "github.com/veops/oneterm/db"
-	"github.com/veops/oneterm/pkg/server/model"
+	"github.com/veops/oneterm/logger"
-	"github.com/veops/oneterm/pkg/server/schedule/connectable"
+	"github.com/veops/oneterm/model"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	"github.com/veops/oneterm/schedule"
 )
 var (
@@ -31,7 +31,7 @@ var (
 func (c *Controller) CreateAsset(ctx *gin.Context) {
 	asset := &model.Asset{}
 	doCreate(ctx, true, asset, conf.RESOURCE_ASSET)
-	connectable.CheckUpdate(asset.Id)
+	schedule.CheckUpdate(asset.Id)
 }
 // DeleteAsset godoc
@@ -53,7 +53,7 @@ func (c *Controller) DeleteAsset(ctx *gin.Context) {
 //	@Router		/asset/:id [put]
 func (c *Controller) UpdateAsset(ctx *gin.Context) {
 	doUpdate(ctx, true, &model.Asset{})
-	connectable.CheckUpdate(cast.ToInt(ctx.Param("id")))
+	schedule.CheckUpdate(cast.ToInt(ctx.Param("id")))
 }
 // GetAssets godoc
@@ -84,7 +84,7 @@ func (c *Controller) GetAssets(ctx *gin.Context) {
 	if q, ok := ctx.GetQuery("parent_id"); ok {
 		parentIds, err := handleParentId(cast.ToInt(q))
 		if err != nil {
-			logger.L.Error("parent id found failed", zap.Error(err))
+			logger.L().Error("parent id found failed", zap.Error(err))
 			return
 		}
 		db = db.Where("parent_id IN ?", parentIds)
@@ -163,7 +163,7 @@ func assetPostHookCount(ctx *gin.Context, data []*model.Asset) {
 		Model(nodes).
 		Find(&nodes).
 		Error; err != nil {
-		logger.L.Error("asset posthookfailed", zap.Error(err))
+		logger.L().Error("asset posthookfailed", zap.Error(err))
 		return
 	}
 	g := make(map[int][]model.Pair[int, string])
--- a/backend/pkg/server/controller/authorization.go
+++ b/backend/pkg/server/controller/authorization.go
@@ -14,11 +14,11 @@ import (
 	"golang.org/x/sync/errgroup"
 	"gorm.io/gorm"
-	"github.com/veops/oneterm/pkg/conf"
+	"github.com/veops/oneterm/acl"
-	"github.com/veops/oneterm/pkg/logger"
+	"github.com/veops/oneterm/conf"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
+	mysql "github.com/veops/oneterm/db"
-	"github.com/veops/oneterm/pkg/server/model"
+	"github.com/veops/oneterm/logger"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	"github.com/veops/oneterm/model"
 )
 func HandleAuthorization(currentUser *acl.Session, tx *gorm.DB, action int, old, new *model.Asset) (err error) {
@@ -158,7 +158,7 @@ func HasAuthorization(ctx *gin.Context) (ok bool) {
 	currentUser, _ := acl.GetSessionFromCtx(ctx)
 	rs, err := acl.GetRoleResources(ctx, currentUser.Acl.Rid, conf.RESOURCE_AUTHORIZATION)
 	if err != nil {
-		logger.L.Error("check authorization failed", zap.Error(err))
+		logger.L().Error("check authorization failed", zap.Error(err))
 		return
 	}
 	k := fmt.Sprintf("%d-%d", ctx.Param("asset_id"), ctx.Param("account_id"))
--- a/backend/pkg/server/controller/command.go
+++ b/backend/pkg/server/controller/command.go
@@ -11,10 +11,10 @@ import (
 	"github.com/spf13/cast"
 	"gorm.io/gorm"
-	"github.com/veops/oneterm/pkg/conf"
+	"github.com/veops/oneterm/acl"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
+	"github.com/veops/oneterm/conf"
-	"github.com/veops/oneterm/pkg/server/model"
+	mysql "github.com/veops/oneterm/db"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	"github.com/veops/oneterm/model"
 )
 var (
--- a/backend/pkg/server/controller/config.go
+++ b/backend/pkg/server/controller/config.go
@@ -8,9 +8,9 @@ import (
 	"github.com/spf13/cast"
 	"gorm.io/gorm"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
+	"github.com/veops/oneterm/acl"
-	"github.com/veops/oneterm/pkg/server/model"
+	mysql "github.com/veops/oneterm/db"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	"github.com/veops/oneterm/model"
 )
 // PostConfig godoc
--- a/backend/pkg/server/controller/connect.go
+++ b/backend/pkg/server/controller/connect.go
@@ -24,15 +24,15 @@ import (
 	"golang.org/x/sync/errgroup"
 	"gorm.io/gorm"
-	"github.com/veops/oneterm/pkg/conf"
+	"github.com/veops/oneterm/acl"
-	myi18n "github.com/veops/oneterm/pkg/i18n"
+	"github.com/veops/oneterm/api/guacd"
-	"github.com/veops/oneterm/pkg/logger"
+	"github.com/veops/oneterm/conf"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
+	mysql "github.com/veops/oneterm/db"
-	gsession "github.com/veops/oneterm/pkg/server/global/session"
+	myi18n "github.com/veops/oneterm/i18n"
-	"github.com/veops/oneterm/pkg/server/guacd"
+	"github.com/veops/oneterm/logger"
-	"github.com/veops/oneterm/pkg/server/model"
+	"github.com/veops/oneterm/model"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	gsession "github.com/veops/oneterm/session"
-	"github.com/veops/oneterm/pkg/util"
+	"github.com/veops/oneterm/util"
 )
 var (
@@ -100,10 +100,10 @@ func handleSsh(ctx *gin.Context, ws *websocket.Conn, session *gsession.Session)
 				ws.WriteMessage(websocket.TextMessage, out)
 				writeToMonitors(session.Monitors, out)
 				err := fmt.Errorf("colse by admin %s", closeBy)
-				logger.L.Warn(err.Error())
+				logger.L().Warn(err.Error())
 				return err
 			case err := <-chs.ErrChan:
-				logger.L.Error("server disconnected", zap.Error(err))
+				logger.L().Error("server disconnected", zap.Error(err))
 				return err
 			case in := <-chs.InChan:
 				rt := in[0]
@@ -149,7 +149,7 @@ func handleGuacd(ctx *gin.Context, ws *websocket.Conn, session *gsession.Session
 			case closeBy := <-chs.CloseChan:
 				return &ApiError{Code: ErrAdminClose, Data: map[string]any{"admin": closeBy}}
 			case err := <-chs.ErrChan:
-				logger.L.Error("disconnected", zap.Error(err))
+				logger.L().Error("disconnected", zap.Error(err))
 				return err
 			case <-tk.C:
 				if mysql.DB.Model(asset).Where("id = ?", session.AssetId).First(asset).Error != nil {
@@ -217,17 +217,17 @@ func (c *Controller) Connect(ctx *gin.Context) {
 		}
 		go connectGuacd(ctx, asset, protocol, chs)
 	default:
-		logger.L.Error("wrong protocol " + protocol)
+		logger.L().Error("wrong protocol " + protocol)
 	}
 	if err := <-chs.ErrChan; err != nil {
-		logger.L.Error("failed to connect", zap.Error(err))
+		logger.L().Error("failed to connect", zap.Error(err))
 		ctx.AbortWithError(http.StatusInternalServerError, &ApiError{Code: ErrConnectServer, Data: map[string]any{"err": err}})
 		return
 	}
 	resp = <-chs.RespChan
 	if resp.Code != 0 {
-		logger.L.Error("failed to connect", zap.Any("resp", *resp))
+		logger.L().Error("failed to connect", zap.Any("resp", *resp))
 		ctx.AbortWithError(http.StatusInternalServerError, &ApiError{Code: ErrConnectServer, Data: map[string]any{"err": resp.Message}})
 		return
 	}
@@ -260,7 +260,7 @@ func readWsMsg(ctx context.Context, ws *websocket.Conn, session *gsession.Sessio
 				return err
 			}
 			if len(msg) <= 0 {
-				logger.L.Warn("websocket msg length is zero")
+				logger.L().Warn("websocket msg length is zero")
 				continue
 			}
 			switch t {
@@ -322,14 +322,14 @@ func connectSsh(ctx *gin.Context, req *gsession.SshReq, chs *gsession.SessionCha
 	}
 	conn, err := ssh.Dial("tcp", fmt.Sprintf("%s:%d", conf.Cfg.SshServer.Ip, conf.Cfg.SshServer.Port), cfg)
 	if err != nil {
-		logger.L.Error("ssh tcp dail failed", zap.Error(err))
+		logger.L().Error("ssh tcp dail failed", zap.Error(err))
 		return
 	}
 	defer conn.Close()
 	sess, err := conn.NewSession()
 	if err != nil {
-		logger.L.Error("ssh session create failed", zap.Error(err))
+		logger.L().Error("ssh session create failed", zap.Error(err))
 		return
 	}
 	defer sess.Close()
@@ -345,21 +345,21 @@ func connectSsh(ctx *gin.Context, req *gsession.SshReq, chs *gsession.SessionCha
 		ssh.TTY_OP_OSPEED: 14400,
 	}
 	if err = sess.RequestPty("xterm", h, w, modes); err != nil {
-		logger.L.Error("ssh request pty failed", zap.Error(err))
+		logger.L().Error("ssh request pty failed", zap.Error(err))
 		return
 	}
 	if err = sess.Shell(); err != nil {
-		logger.L.Error("ssh start shell failed", zap.Error(err))
+		logger.L().Error("ssh start shell failed", zap.Error(err))
 		return
 	}
 	bs, err := json.Marshal(req)
 	if err != nil {
-		logger.L.Error("ssh req marshal failed", zap.Error(err))
+		logger.L().Error("ssh req marshal failed", zap.Error(err))
 		return
 	}
 	if _, err = chs.Win.Write(append(bs, '\r')); err != nil {
-		logger.L.Error("ssh req", zap.Error(err), zap.String("req content", string(bs)))
+		logger.L().Error("ssh req", zap.Error(err), zap.String("req content", string(bs)))
 		return
 	}
@@ -367,12 +367,12 @@ func connectSsh(ctx *gin.Context, req *gsession.SshReq, chs *gsession.SessionCha
 	line, err := buf.ReadBytes('\r')
 	if err != nil {
-		logger.L.Error("ssh read bytes failed", zap.Error(err))
+		logger.L().Error("ssh read bytes failed", zap.Error(err))
 		return
 	}
 	resp := &gsession.ServerResp{}
 	if err = json.Unmarshal([]byte(line)[0:len(line)-1], resp); err != nil {
-		logger.L.Error("ssh resp", zap.Error(err), zap.String("resp content", string(line)))
+		logger.L().Error("ssh resp", zap.Error(err), zap.String("resp content", string(line)))
 		return
 	}
@@ -395,7 +395,7 @@ func connectSsh(ctx *gin.Context, req *gsession.SshReq, chs *gsession.SessionCha
 					return nil
 				}
 				if err != nil {
-					logger.L.Debug("buf ReadRune failed", zap.Error(err))
+					logger.L().Debug("buf ReadRune failed", zap.Error(err))
 					return err
 				}
 				if size <= 0 || rn == utf8.RuneError {
@@ -416,7 +416,7 @@ func connectSsh(ctx *gin.Context, req *gsession.SshReq, chs *gsession.SessionCha
 			case err = <-waitCh:
 				return err
 			case <-chs.AwayChan:
-				logger.L.Debug("doSsh away")
+				logger.L().Debug("doSsh away")
 				return fmt.Errorf("away")
 			case s := <-chs.WindowChan:
 				wh := strings.Split(s, ",")
@@ -429,13 +429,13 @@ func connectSsh(ctx *gin.Context, req *gsession.SshReq, chs *gsession.SessionCha
 					continue
 				}
 				if err := sess.WindowChange(h, w); err != nil {
-					logger.L.Warn("reset window size failed", zap.Error(err))
+					logger.L().Warn("reset window size failed", zap.Error(err))
 				}
 			}
 		}
 	})
 	if err = g.Wait(); err != nil {
-		logger.L.Warn("doSsh stopped", zap.Error(err))
+		logger.L().Warn("doSsh stopped", zap.Error(err))
 	}
 	return
@@ -452,12 +452,12 @@ func connectGuacd(ctx *gin.Context, asset *model.Asset, protocol string, chs *gs
 	account, gateway := &model.Account{}, &model.Gateway{}
 	if err = mysql.DB.Model(&account).Where("id = ?", ctx.Param("account_id")).First(account).Error; err != nil {
-		logger.L.Error("find account failed", zap.Error(err))
+		logger.L().Error("find account failed", zap.Error(err))
 		return
 	}
 	if asset.GatewayId != 0 {
 		if err = mysql.DB.Model(&gateway).Where("id = ?", asset.GatewayId).First(gateway).Error; err != nil {
-			logger.L.Error("find gateway failed", zap.Error(err))
+			logger.L().Error("find gateway failed", zap.Error(err))
 			return
 		}
 		gateway.Password = util.DecryptAES(gateway.Password)
@@ -467,7 +467,7 @@ func connectGuacd(ctx *gin.Context, asset *model.Asset, protocol string, chs *gs
 	t, err := guacd.NewTunnel("", w, h, dpi, protocol, asset, account, gateway)
 	if err != nil {
-		logger.L.Error("guacd tunnel failed", zap.Error(err))
+		logger.L().Error("guacd tunnel failed", zap.Error(err))
 		return
 	}
@@ -513,7 +513,7 @@ func connectGuacd(ctx *gin.Context, asset *model.Asset, protocol string, chs *gs
 					return nil
 				}
 				if err != nil {
-					logger.L.Debug("read instruction failed", zap.Error(err))
+					logger.L().Debug("read instruction failed", zap.Error(err))
 					return err
 				}
 				if len(p) <= 0 {
@@ -530,7 +530,7 @@ func connectGuacd(ctx *gin.Context, asset *model.Asset, protocol string, chs *gs
 			session.Status = model.SESSIONSTATUS_OFFLINE
 			session.ClosedAt = lo.ToPtr(time.Now())
 			if err = gsession.HandleUpsertSession(ctx, session); err != nil {
-				logger.L.Error("offline guacd session failed", zap.Error(err))
+				logger.L().Error("offline guacd session failed", zap.Error(err))
 				return
 			}
 		}()
@@ -546,7 +546,7 @@ func connectGuacd(ctx *gin.Context, asset *model.Asset, protocol string, chs *gs
 		}
 	})
 	if err = g.Wait(); err != nil {
-		logger.L.Warn("doGuacd stopped", zap.Error(err))
+		logger.L().Warn("doGuacd stopped", zap.Error(err))
 	}
 }
@@ -655,7 +655,7 @@ func (c *Controller) ConnectMonitor(ctx *gin.Context) {
 			default:
 				_, p, err := ws.ReadMessage()
 				if err != nil {
-					logger.L.Warn("end monitor", zap.Error(err))
+					logger.L().Warn("end monitor", zap.Error(err))
 					return err
 				}
 				if !session.IsSsh() {
@@ -671,7 +671,7 @@ func (c *Controller) ConnectMonitor(ctx *gin.Context) {
 func monitSsh(ctx *gin.Context, session *gsession.Session, chs *gsession.SessionChans) (err error) {
 	req := newSshReq(ctx, model.SESSIONACTION_MONITOR)
 	req.SessionId = session.SessionId
-	logger.L.Debug("connect to monitor client", zap.String("sessionId", session.SessionId))
+	logger.L().Debug("connect to monitor client", zap.String("sessionId", session.SessionId))
 	go connectSsh(ctx, req, chs)
 	if err = <-chs.ErrChan; err != nil {
 		err = &ApiError{Code: ErrConnectServer, Data: map[string]any{"err": err}}
@@ -691,10 +691,10 @@ func monitSsh(ctx *gin.Context, session *gsession.Session, chs *gsession.Session
 				return nil
 			case closeBy := <-chs.CloseChan:
 				writeToMonitors(session.Monitors, []byte("\r\n \033[31m closed by admin"))
-				logger.L.Warn("close by admin", zap.String("username", closeBy))
+				logger.L().Warn("close by admin", zap.String("username", closeBy))
 				return nil
 			case err := <-chs.ErrChan:
-				logger.L.Error("ssh connection failed", zap.Error(err))
+				logger.L().Error("ssh connection failed", zap.Error(err))
 				return err
 			case out := <-chs.OutChan:
 				chs.Buf.Write(out)
@@ -705,7 +705,7 @@ func monitSsh(ctx *gin.Context, session *gsession.Session, chs *gsession.Session
 	})
 	if err = g.Wait(); err != nil {
-		logger.L.Warn("monit ssh stopped", zap.Error(err))
+		logger.L().Warn("monit ssh stopped", zap.Error(err))
 	}
 	return
@@ -720,7 +720,7 @@ func monitGuacd(ctx *gin.Context, connectionId string, chs *gsession.SessionChan
 	t, err := guacd.NewTunnel(connectionId, w, h, dpi, ":", nil, nil, nil)
 	if err != nil {
-		logger.L.Error("guacd tunnel failed", zap.Error(err))
+		logger.L().Error("guacd tunnel failed", zap.Error(err))
 		return
 	}
@@ -733,7 +733,7 @@ func monitGuacd(ctx *gin.Context, connectionId string, chs *gsession.SessionChan
 			default:
 				p, err := t.Read()
 				if err != nil {
-					logger.L.Debug("read instruction failed", zap.Error(err))
+					logger.L().Debug("read instruction failed", zap.Error(err))
 					return err
 				}
 				if len(p) <= 0 {
@@ -749,10 +749,10 @@ func monitGuacd(ctx *gin.Context, connectionId string, chs *gsession.SessionChan
 			case closeBy := <-chs.CloseChan:
 				err := fmt.Errorf("colse by admin %s", closeBy)
 				ws.WriteMessage(websocket.TextMessage, guacd.NewInstruction("disconnect", err.Error()).Bytes())
-				logger.L.Warn(err.Error())
+				logger.L().Warn(err.Error())
 				return err
 			case err := <-chs.ErrChan:
-				logger.L.Error("disconnected", zap.Error(err))
+				logger.L().Error("disconnected", zap.Error(err))
 				return err
 			case out := <-chs.OutChan:
 				ws.WriteMessage(websocket.TextMessage, out)
@@ -762,7 +762,7 @@ func monitGuacd(ctx *gin.Context, connectionId string, chs *gsession.SessionChan
 		}
 	})
 	if err = g.Wait(); err != nil {
-		logger.L.Warn("monit guacd stopped", zap.Error(err))
+		logger.L().Warn("monit guacd stopped", zap.Error(err))
 	}
 	return
@@ -796,7 +796,7 @@ func (c *Controller) ConnectClose(ctx *gin.Context) {
 		return
 	}
-	logger.L.Info("closing...", zap.String("sessionId", session.SessionId), zap.Int("type", session.SessionType))
+	logger.L().Info("closing...", zap.String("sessionId", session.SessionId), zap.Int("type", session.SessionType))
 	defer offlineSession(ctx, session.SessionId, currentUser.GetUserName())
 	if session.IsSsh() {
 		chs := makeChans()
@@ -822,7 +822,7 @@ func (c *Controller) ConnectClose(ctx *gin.Context) {
 }
 func offlineSession(ctx *gin.Context, sessionId string, closer string) {
-	logger.L.Debug("offline", zap.String("session_id", sessionId), zap.String("closer", closer))
+	logger.L().Debug("offline", zap.String("session_id", sessionId), zap.String("closer", closer))
 	defer gsession.GetOnlineSession().Delete(sessionId)
 	v, ok := gsession.GetOnlineSession().Load(sessionId)
 	if ok {
@@ -911,7 +911,7 @@ func handleError(ctx *gin.Context, session *gsession.Session, err error, ws *web
 	if err == nil {
 		return
 	}
-	logger.L.Debug("", zap.String("session_id", session.SessionId), zap.Error(err))
+	logger.L().Debug("", zap.String("session_id", session.SessionId), zap.Error(err))
 	ae, ok := err.(*ApiError)
 	if !ok {
 		return
--- a/backend/pkg/server/controller/controller.go
+++ b/backend/pkg/server/controller/controller.go
@@ -14,10 +14,10 @@ import (
 	"golang.org/x/sync/errgroup"
 	"gorm.io/gorm"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
+	"github.com/veops/oneterm/acl"
-	"github.com/veops/oneterm/pkg/server/model"
+	mysql "github.com/veops/oneterm/db"
-	"github.com/veops/oneterm/pkg/server/remote"
+	"github.com/veops/oneterm/model"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	"github.com/veops/oneterm/remote"
 )
 var (
--- a/backend/pkg/server/controller/errors.go
+++ b/backend/pkg/server/controller/errors.go
@@ -7,8 +7,7 @@ import (
 	"github.com/gin-gonic/gin"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
-	"github.com/veops/oneterm/pkg/conf"
+	myi18n "github.com/veops/oneterm/i18n"
 	myi18n "github.com/veops/oneterm/pkg/i18n"
 )
 const (
@@ -82,7 +81,7 @@ func (ae *ApiError) Message(localizer *i18n.Localizer) (msg string) {
 func (ae *ApiError) MessageWithCtx(ctx *gin.Context) string {
 	lang := ctx.PostForm("lang")
 	accept := ctx.GetHeader("Accept-Language")
-	localizer := i18n.NewLocalizer(conf.Bundle, lang, accept)
+	localizer := i18n.NewLocalizer(myi18n.Bundle, lang, accept)
 	return ae.Message(localizer)
 }
--- a/backend/pkg/server/controller/file.go
+++ b/backend/pkg/server/controller/file.go
@@ -13,11 +13,11 @@ import (
 	"github.com/spf13/cast"
 	"go.uber.org/zap"
-	"github.com/veops/oneterm/pkg/logger"
+	"github.com/veops/oneterm/acl"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
+	"github.com/veops/oneterm/api/file"
-	"github.com/veops/oneterm/pkg/server/global/file"
+	mysql "github.com/veops/oneterm/db"
-	"github.com/veops/oneterm/pkg/server/model"
+	"github.com/veops/oneterm/logger"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	"github.com/veops/oneterm/model"
 )
 // GetFileHistory godoc
@@ -126,7 +126,7 @@ func (c *Controller) FileMkdir(ctx *gin.Context) {
 		Dir:       ctx.Query("dir"),
 	}
 	if err = mysql.DB.Model(h).Create(h).Error; err != nil {
-		logger.L.Error("record mkdir failed", zap.Error(err), zap.Any("history", h))
+		logger.L().Error("record mkdir failed", zap.Error(err), zap.Any("history", h))
 	}
 	ctx.JSON(http.StatusOK, defaultHttpResponse)
 }
@@ -184,7 +184,7 @@ func (c *Controller) FileUpload(ctx *gin.Context) {
 		Filename:  fh.Filename,
 	}
 	if err = mysql.DB.Model(h).Create(h).Error; err != nil {
-		logger.L.Error("record upload failed", zap.Error(err), zap.Any("history", h))
+		logger.L().Error("record upload failed", zap.Error(err), zap.Any("history", h))
 	}
 	ctx.JSON(http.StatusOK, defaultHttpResponse)
@@ -238,6 +238,6 @@ func (c *Controller) FileDownload(ctx *gin.Context) {
 	}
 	if err = mysql.DB.Model(h).Create(h).Error; err != nil {
-		logger.L.Error("record download failed", zap.Error(err), zap.Any("history", h))
+		logger.L().Error("record download failed", zap.Error(err), zap.Any("history", h))
 	}
 }
--- a/backend/pkg/server/controller/gateway.go
+++ b/backend/pkg/server/controller/gateway.go
@@ -11,11 +11,11 @@ import (
 	"golang.org/x/crypto/ssh"
 	"gorm.io/gorm"
-	"github.com/veops/oneterm/pkg/conf"
+	"github.com/veops/oneterm/acl"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
+	"github.com/veops/oneterm/conf"
-	"github.com/veops/oneterm/pkg/server/model"
+	mysql "github.com/veops/oneterm/db"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	"github.com/veops/oneterm/model"
-	"github.com/veops/oneterm/pkg/util"
+	"github.com/veops/oneterm/util"
 )
 var (
@@ -60,13 +60,6 @@ var (
 				d.AssetCount = m[d.Id]
 			}
 		},
 		func(ctx *gin.Context, data []*model.Gateway) {
 			for _, d := range data {
 				d.Password = lo.Ternary(!cast.ToBool(ctx.Query("info")) || ctx.GetHeader("X-Token") == conf.Cfg.SshServer.Xtoken, util.DecryptAES(d.Password), "")
 				d.Pk = lo.Ternary(!cast.ToBool(ctx.Query("info")) || ctx.GetHeader("X-Token") == conf.Cfg.SshServer.Xtoken, util.DecryptAES(d.Pk), "")
 				d.Phrase = lo.Ternary(!cast.ToBool(ctx.Query("info")) || ctx.GetHeader("X-Token") == conf.Cfg.SshServer.Xtoken, util.DecryptAES(d.Phrase), "")
 			}
 		},
 	}
 	gatewayDcs = []deleteCheck{
 		func(ctx *gin.Context, id int) {
--- a/backend/pkg/server/controller/history.go
+++ b/backend/pkg/server/controller/history.go
@@ -6,10 +6,9 @@ import (
 	"github.com/gin-gonic/gin"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
-	"github.com/veops/oneterm/pkg/conf"
+	mysql "github.com/veops/oneterm/db"
-	myi18n "github.com/veops/oneterm/pkg/i18n"
+	myi18n "github.com/veops/oneterm/i18n"
-	"github.com/veops/oneterm/pkg/server/model"
+	"github.com/veops/oneterm/model"
 	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
 )
 // GetHistories godoc
@@ -46,7 +45,7 @@ func (c *Controller) GetHistories(ctx *gin.Context) {
 func (c *Controller) GetHistoryTypeMapping(ctx *gin.Context) {
 	lang := ctx.PostForm("lang")
 	accept := ctx.GetHeader("Accept-Language")
-	localizer := i18n.NewLocalizer(conf.Bundle, lang, accept)
+	localizer := i18n.NewLocalizer(myi18n.Bundle, lang, accept)
 	cfg := &i18n.LocalizeConfig{}
 	key2msg := map[string]*i18n.Message{
 		"account":    myi18n.MsgTypeMappingAccount,
--- a/backend/pkg/server/controller/node.go
+++ b/backend/pkg/server/controller/node.go
@@ -11,10 +11,10 @@ import (
 	"go.uber.org/zap"
 	"gorm.io/gorm"
-	"github.com/veops/oneterm/pkg/logger"
+	"github.com/veops/oneterm/acl"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
+	mysql "github.com/veops/oneterm/db"
-	"github.com/veops/oneterm/pkg/server/model"
+	"github.com/veops/oneterm/logger"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	"github.com/veops/oneterm/model"
 )
 var (
@@ -142,12 +142,12 @@ func nodePostHookCountAsset(ctx *gin.Context, data []*model.Node) {
 		db = db.Where("id IN ?", ids)
 	}
 	if err := db.Find(&assets).Error; err != nil {
-		logger.L.Error("node posthookfailed asset count", zap.Error(err))
+		logger.L().Error("node posthookfailed asset count", zap.Error(err))
 		return
 	}
 	nodes := make([]*model.NodeIdPid, 0)
 	if err := mysql.DB.Model(&model.Node{}).Find(&nodes).Error; err != nil {
-		logger.L.Error("node posthookfailed node", zap.Error(err))
+		logger.L().Error("node posthookfailed node", zap.Error(err))
 		return
 	}
 	m := make(map[int]int64)
@@ -179,7 +179,7 @@ func nodePostHookHasChild(ctx *gin.Context, data []*model.Node) {
 		Where("parent_id IN ?", lo.Map(data, func(n *model.Node, _ int) int { return n.Id })).
 		Pluck("parent_id", &ps).
 		Error; err != nil {
-		logger.L.Error("node posthookfailed has child", zap.Error(err))
+		logger.L().Error("node posthookfailed has child", zap.Error(err))
 		return
 	}
 	pm := lo.SliceToMap(ps, func(pid int) (int, bool) { return pid, true })
--- a/backend/pkg/server/controller/publicKey.go
+++ b/backend/pkg/server/controller/publicKey.go
@@ -8,10 +8,10 @@ import (
 	"github.com/gin-gonic/gin"
 	"golang.org/x/crypto/ssh"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
+	"github.com/veops/oneterm/acl"
-	"github.com/veops/oneterm/pkg/server/model"
+	mysql "github.com/veops/oneterm/db"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	"github.com/veops/oneterm/model"
-	"github.com/veops/oneterm/pkg/util"
+	"github.com/veops/oneterm/util"
 )
 var (
--- a/backend/pkg/server/controller/session.go
+++ b/backend/pkg/server/controller/session.go
@@ -12,11 +12,11 @@ import (
 	"github.com/samber/lo"
 	"go.uber.org/zap"
-	"github.com/veops/oneterm/pkg/logger"
+	"github.com/veops/oneterm/acl"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
+	mysql "github.com/veops/oneterm/db"
-	gsession "github.com/veops/oneterm/pkg/server/global/session"
+	"github.com/veops/oneterm/logger"
-	"github.com/veops/oneterm/pkg/server/model"
+	"github.com/veops/oneterm/model"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	gsession "github.com/veops/oneterm/session"
 )
 var (
@@ -34,7 +34,7 @@ var (
 				Group("session_id").
 				Find(&post).
 				Error; err != nil {
-				logger.L.Error("gateway posthookfailed", zap.Error(err))
+				logger.L().Error("gateway posthookfailed", zap.Error(err))
 				return
 			}
 			m := lo.SliceToMap(post, func(p *model.CmdCount) (string, int64) { return p.SessionId, p.Count })
@@ -68,7 +68,7 @@ func (c *Controller) UpsertSession(ctx *gin.Context) {
 		return
 	}
 	if err := gsession.HandleUpsertSession(ctx, data); err != nil {
-		logger.L.Error("upsert session failed", zap.Error(err))
+		logger.L().Error("upsert session failed", zap.Error(err))
 		ctx.AbortWithError(http.StatusInternalServerError, &ApiError{Code: ErrInternal, Data: map[string]any{"err": err}})
 	}
--- a/backend/pkg/server/controller/stat.go
+++ b/backend/pkg/server/controller/stat.go
@@ -10,10 +10,10 @@ import (
 	"github.com/samber/lo"
 	"golang.org/x/sync/errgroup"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
+	"github.com/veops/oneterm/acl"
-	"github.com/veops/oneterm/pkg/server/model"
+	redis "github.com/veops/oneterm/cache"
-	"github.com/veops/oneterm/pkg/server/storage/cache/redis"
+	mysql "github.com/veops/oneterm/db"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	"github.com/veops/oneterm/model"
 )
 // StatAssetType godoc
--- a/backend/pkg/server/global/file/file.go
+++ b/backend/pkg/server/global/file/file.go
@@ -11,10 +11,10 @@ import (
 	"github.com/spf13/cast"
 	"golang.org/x/crypto/ssh"
-	ggateway "github.com/veops/oneterm/pkg/server/global/gateway"
+	mysql "github.com/veops/oneterm/db"
-	"github.com/veops/oneterm/pkg/server/model"
+	ggateway "github.com/veops/oneterm/gateway"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	"github.com/veops/oneterm/model"
-	"github.com/veops/oneterm/pkg/util"
+	"github.com/veops/oneterm/util"
 )
 var (
--- a/backend/pkg/server/guacd/conn.go
+++ b/backend/pkg/server/guacd/conn.go
@@ -10,11 +10,11 @@ import (
 	"github.com/google/uuid"
 	"github.com/samber/lo"
 	"github.com/spf13/cast"
-	"github.com/veops/oneterm/pkg/conf"
+	"github.com/veops/oneterm/conf"
-	"github.com/veops/oneterm/pkg/logger"
+	ggateway "github.com/veops/oneterm/gateway"
-	ggateway "github.com/veops/oneterm/pkg/server/global/gateway"
+	"github.com/veops/oneterm/logger"
-	"github.com/veops/oneterm/pkg/server/model"
+	"github.com/veops/oneterm/model"
-	"github.com/veops/oneterm/pkg/util"
+	"github.com/veops/oneterm/util"
 )
 const (
@@ -214,6 +214,6 @@ func (t *Tunnel) Close() {
 }
 func (t *Tunnel) Disconnect() {
-	logger.L.Debug("client disconnect")
+	logger.L().Debug("client disconnect")
 	t.WriteInstruction(NewInstruction("disconnect"))
 }
--- a/backend/pkg/server/guacd/instruction.go
+++ b/backend/pkg/server/guacd/instruction.go
--- a/backend/api/middleware.go
+++ b/backend/api/middleware.go
@@ -0,0 +1,55 @@
 package api
 import (
 	"encoding/json"
 	"net/http"
 	"time"
 	"github.com/gin-gonic/gin"
 	"go.uber.org/zap"
 	"github.com/veops/oneterm/acl"
 	"github.com/veops/oneterm/conf"
 	"github.com/veops/oneterm/logger"
 )
 func ginLogger() gin.HandlerFunc {
 	return func(ctx *gin.Context) {
 		start := time.Now()
 		ctx.Next()
 		cost := time.Since(start)
 		logger.L().Info(ctx.Request.URL.String(),
 			zap.String("method", ctx.Request.Method),
 			zap.Int("status", ctx.Writer.Status()),
 			zap.String("ip", ctx.ClientIP()),
 			zap.Duration("cost", cost),
 		)
 	}
 }
 func auth() gin.HandlerFunc {
 	return func(ctx *gin.Context) {
 		session := &acl.Session{}
 		sess, err := ctx.Cookie("session")
 		if err == nil && sess != "" {
 			s := acl.NewSignature(conf.Cfg.SecretKey, "cookie-session", "", "hmac", nil, nil)
 			content, err := s.Unsign(sess)
 			if err != nil {
 				ctx.AbortWithStatus(http.StatusUnauthorized)
 				return
 			}
 			err = json.Unmarshal(content, &session)
 			if err != nil {
 				ctx.AbortWithStatus(http.StatusUnauthorized)
 				return
 			}
 			ctx.Set("session", session)
 		}
 		ctx.Next()
 	}
 }
--- a/backend/pkg/server/storage/cache/redis/redis.go
+++ b/backend/pkg/server/storage/cache/redis/redis.go
@@ -6,8 +6,10 @@ import (
 	"time"
 	"github.com/redis/go-redis/v9"
 	"go.uber.org/zap"
-	"github.com/veops/oneterm/pkg/conf"
+	"github.com/veops/oneterm/conf"
 	"github.com/veops/oneterm/logger"
 )
 var (
@@ -15,28 +17,16 @@ var (
 	RC *redis.Client
 )
-func Init(cfg *conf.RedisConfig) (err error) {
+func init() {
 	if cfg == nil {
 		return
 	}
 	ctx := context.Background()
 	readTimeout := time.Duration(30) * time.Second
 	writeTimeout := time.Duration(30) * time.Second
 	RC = redis.NewClient(&redis.Options{
-		Addr:         cfg.Addr,
+		Addr:     conf.Cfg.Redis.Addr,
-		DB:           cfg.Db,
+		Password: conf.Cfg.Redis.Password,
 		Password:     cfg.Password,
 		PoolSize:     cfg.PoolSize,
 		MaxIdleConns: cfg.MaxIdle,
 		ReadTimeout:  readTimeout,
 		WriteTimeout: writeTimeout,
 	})
-	if _, err = RC.Ping(ctx).Result(); err != nil {
+	if _, err := RC.Ping(ctx).Result(); err != nil {
-		return err
+		logger.L().Fatal("ping redis failed", zap.Error(err))
 	}
 	return nil
 }
 func Get(ctx context.Context, key string, dst any) (err error) {
--- a/backend/cmd/api/api.go
+++ b/backend/cmd/api/api.go
@@ -1,17 +0,0 @@
 package main
 import (
 	"fmt"
 	"os"
 	"github.com/veops/oneterm/cmd/api/app"
 )
 func main() {
 	command := app.NewServerCommand()
 	if err := command.Execute(); err != nil {
 		fmt.Println(err)
 		os.Exit(1)
 	}
 }
--- a/backend/cmd/api/app/api.go
+++ b/backend/cmd/api/app/api.go
@@ -1,137 +0,0 @@
 // Package app
 package app
 import (
 	"context"
 	"fmt"
 	"os"
 	"os/signal"
 	"syscall"
 	"github.com/gin-gonic/gin"
 	"github.com/oklog/run"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 	"github.com/veops/oneterm/pkg/conf"
 	"github.com/veops/oneterm/pkg/logger"
 	gsession "github.com/veops/oneterm/pkg/server/global/session"
 	"github.com/veops/oneterm/pkg/server/router"
 	"github.com/veops/oneterm/pkg/server/schedule/cmdb"
 	"github.com/veops/oneterm/pkg/server/schedule/connectable"
 	"github.com/veops/oneterm/pkg/server/storage/cache/local"
 	"github.com/veops/oneterm/pkg/server/storage/cache/redis"
 	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
 )
 const (
 	componentServer = "./server"
 )
 var (
 	configFilePath string
 )
 var cmdRun = &cobra.Command{
 	Use:     "run",
 	Example: fmt.Sprintf("%s run -c apps", componentServer),
 	Short:   "run",
 	Long:    `a run test`,
 	Args:    cobra.MinimumNArgs(0),
 	Run: func(cmd *cobra.Command, args []string) {
 		Run()
 		os.Exit(0)
 	},
 }
 func NewServerCommand() *cobra.Command {
 	command := &cobra.Command{
 		Use: componentServer,
 	}
 	cmdRun.PersistentFlags().StringVarP(&configFilePath, "config", "c", "./", "config path")
 	command.AddCommand(cmdRun)
 	return command
 }
 func Run() {
 	parseConfig(configFilePath)
 	gr := run.Group{}
 	ctx, logCancel := context.WithCancel(context.Background())
 	if err := logger.Init(ctx, conf.Cfg.Log); err != nil {
 		fmt.Println("err init failed", err)
 		os.Exit(1)
 	}
 	if err := mysql.Init(conf.Cfg.Mysql); err != nil {
 		logger.L.Error("mysql init failed: " + err.Error())
 		os.Exit(1)
 	}
 	if err := redis.Init(conf.Cfg.Redis); err != nil {
 		logger.L.Error("redis init failed: " + err.Error())
 		os.Exit(1)
 	}
 	if err := local.Init(); err != nil {
 		logger.L.Error("local init failed: " + err.Error())
 		os.Exit(1)
 	}
 	if err := gsession.Init(); err != nil {
 		logger.L.Error("local init failed: " + err.Error())
 		os.Exit(1)
 	}
 	{
 		// Termination handler.
 		term := make(chan os.Signal, 1)
 		signal.Notify(term, os.Interrupt, syscall.SIGTERM)
 		gr.Add(
 			func() error {
 				<-term
 				logger.L.Warn("Received SIGTERM, exiting gracefully...")
 				return nil
 			},
 			func(err error) {},
 		)
 	}
 	{
 		cancel := make(chan struct{})
 		gr.Add(func() error {
 			gin.SetMode(conf.Cfg.Mode)
 			srv := router.Server(conf.Cfg)
 			router.GracefulExit(srv, cancel)
 			return nil
 		}, func(err error) {
 			close(cancel)
 		})
 		gr.Add(cmdb.Run, cmdb.Stop)
 		gr.Add(connectable.Run, connectable.Stop)
 	}
 	if err := gr.Run(); err != nil {
 		logger.L.Error(err.Error())
 	}
 	logger.L.Info("exiting")
 	logCancel()
 }
 func parseConfig(filePath string) {
 	viper.SetConfigName("config")
 	viper.SetConfigType("yaml")
 	viper.AddConfigPath(filePath)
 	viper.AddConfigPath(".")
 	err := viper.ReadInConfig()
 	if err != nil { // Handle errors reading the config file
 		panic(fmt.Errorf("fatal error config file: %s", err))
 	}
 	if err = viper.Unmarshal(&conf.Cfg); err != nil {
 		panic(fmt.Sprintf("parse config from config.yaml failed:%s", err))
 	}
 }
--- a/backend/cmd/ssh/app/ssh.go
+++ b/backend/cmd/ssh/app/ssh.go
@@ -1,137 +0,0 @@
 package app
 import (
 	"context"
 	"fmt"
 	"os"
 	"os/signal"
 	"syscall"
 	"github.com/mitchellh/mapstructure"
 	"github.com/oklog/run"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 	"github.com/veops/oneterm/pkg/conf"
 	"github.com/veops/oneterm/pkg/logger"
 	sshproto "github.com/veops/oneterm/pkg/proto/ssh"
 	cfg "github.com/veops/oneterm/pkg/proto/ssh/config"
 	"github.com/veops/oneterm/pkg/proto/ssh/handler"
 )
 const (
 	componentServer = "./server"
 )
 var (
 	configFilePath string
 )
 var cmdRun = &cobra.Command{
 	Use:     "ssh",
 	Example: fmt.Sprintf("%s ssh -c apps", componentServer),
 	Short:   "run",
 	Long:    `a run test`,
 	Args:    cobra.MinimumNArgs(0),
 	Run: func(cmd *cobra.Command, args []string) {
 		Run()
 		os.Exit(0)
 	},
 }
 func NewServerCommand() *cobra.Command {
 	command := &cobra.Command{
 		Use: componentServer,
 	}
 	cmdRun.PersistentFlags().StringVarP(&configFilePath, "config", "c", "./", "config path")
 	command.AddCommand(cmdRun)
 	return command
 }
 func Run() {
 	parseConfig(configFilePath)
 	gr := run.Group{}
 	ctx, logCancel := context.WithCancel(context.Background())
 	if err := logger.Init(ctx, conf.Cfg.Log); err != nil {
 		fmt.Println("err init failed", err)
 		os.Exit(1)
 	}
 	handler.I18nInit(conf.Cfg.I18nDir)
 	{
 		// Termination handler.
 		term := make(chan os.Signal, 1)
 		signal.Notify(term, os.Interrupt, syscall.SIGTERM)
 		gr.Add(
 			func() error {
 				<-term
 				logger.L.Warn("Received SIGTERM, exiting gracefully...")
 				return nil
 			},
 			func(err error) {},
 		)
 	}
 	{
 		cancel := make(chan struct{})
 		gr.Add(func() error {
 			_ = sshproto.Run(fmt.Sprintf("%s:%d", cfg.SSHConfig.Ip, cfg.SSHConfig.Port),
 				cfg.SSHConfig.Api,
 				cfg.SSHConfig.Token,
 				cfg.SSHConfig.PrivateKeyPath,
 				conf.Cfg.SecretKey)
 			<-cancel
 			return nil
 		}, func(err error) {
 			close(cancel)
 		})
 	}
 	if err := gr.Run(); err != nil {
 		logger.L.Error(err.Error())
 	}
 	logger.L.Info("exiting")
 	logCancel()
 }
 func parseConfig(filePath string) {
 	viper.SetConfigName("config")
 	viper.SetConfigType("yaml")
 	viper.AddConfigPath(filePath)
 	viper.AddConfigPath(".")
 	err := viper.ReadInConfig()
 	if err != nil { // Handle errors reading the config file
 		panic(fmt.Errorf("fatal error config file: %s", err))
 	}
 	if err = viper.Unmarshal(&conf.Cfg); err != nil {
 		panic(fmt.Sprintf("parse config from config.yaml failed:%s", err))
 	}
 	if sc, ok := conf.Cfg.Protocols["ssh"]; ok {
 		er := mapstructure.Decode(sc, &cfg.SSHConfig)
 		if er != nil {
 			panic(er)
 		}
 		switch v := sc.(type) {
 		case map[string]interface{}:
 			if v1, ok := v["ip"]; ok {
 				cfg.SSHConfig.Ip = v1.(string)
 			} else {
 				cfg.SSHConfig.Ip = "127.0.0.1"
 			}
 			if v1, ok := v["port"]; ok {
 				cfg.SSHConfig.Port = v1.(int)
 			} else {
 				cfg.SSHConfig.Port = 45622
 			}
 			//cfg.SSHConfig.Api = fmt.Sprintf("%v", v["api"])
 			//cfg.SSHConfig.Token = fmt.Sprintf("%v", v["token"])
 			//cfg.SSHConfig.WebUser = v["webUser"]
 		}
 	}
 }
--- a/backend/cmd/ssh/config.example.yaml
+++ b/backend/cmd/ssh/config.example.yaml
@@ -1,12 +0,0 @@
 protocols:
  ssh:
    api: oneterm-api:8080
    ip: '0.0.0.0'
    port: 2222
    webUser: "test"
    webToken: "135790"
    privateKeyPath: /root/.ssh/id_ed25519
 i18nDir: ./translate
--- a/backend/cmd/ssh/ssh.go
+++ b/backend/cmd/ssh/ssh.go
@@ -1,17 +0,0 @@
 package main
 import (
 	"fmt"
 	"os"
 	"github.com/veops/oneterm/cmd/ssh/app"
 )
 func main() {
 	command := app.NewServerCommand()
 	if err := command.Execute(); err != nil {
 		fmt.Println(err)
 		os.Exit(1)
 	}
 }
--- a/backend/pkg/conf/conf.go
+++ b/backend/pkg/conf/conf.go
@@ -1,27 +1,11 @@
 package conf
 import (
-	"fmt"
+	"github.com/spf13/pflag"
 	"github.com/BurntSushi/toml"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
 	"golang.org/x/text/language"
 )
 var (
 	Bundle = i18n.NewBundle(language.English)
 )
 func init() {
-	Bundle.RegisterUnmarshalFunc("toml", toml.Unmarshal)
+	pflag.Parse()
 	_, err := Bundle.LoadMessageFile("./translate/active.en.toml")
 	if err != nil {
 		fmt.Println("load i18n message failed", err)
 	}
 	_, err = Bundle.LoadMessageFile("./translate/active.zh.toml")
 	if err != nil {
 		fmt.Println("load i18n message failed", err)
 	}
 }
 const (
@@ -35,11 +19,11 @@ const (
 var (
 	Cfg = &ConfigYaml{
 		Mode: "debug",
-		Http: &HttpConfig{
+		Http: HttpConfig{
 			Host: "0.0.0.0",
 			Port: 80,
 		},
-		Log: &LogConfig{
+		Log: LogConfig{
 			Level:         "info",
 			MaxSize:       100, // megabytes
 			MaxBackups:    5,
@@ -48,12 +32,11 @@ var (
 			Path:          "app.log",
 			ConsoleEnable: true,
 		},
-		Auth: &Auth{
+		Auth: Auth{
 			Custom: map[string]string{},
 		},
-		Cmdb:      &Cmdb{},
+		Cmdb:   Cmdb{},
-		Worker:    &Worker{},
+		Worker: Worker{},
 		Protocols: map[string]any{},
 	}
 )
@@ -64,10 +47,7 @@ type HttpConfig struct {
 type RedisConfig struct {
 	Addr     string `yaml:"addr"`
 	Db       int    `yaml:"db"`
 	Password string `yaml:"password"`
 	MaxIdle  int    `yaml:"maxIdle"`
 	PoolSize int    `yaml:"poolSize"`
 }
 type MysqlConfig struct {
@@ -137,20 +117,18 @@ type Guacd struct {
 }
 type ConfigYaml struct {
-	Mode      string         `yaml:"mode"`
+	Mode      string      `yaml:"mode"`
-	Http      *HttpConfig    `yaml:"http"`
+	I18nDir   string      `yaml:"i18nDir"`
-	Log       *LogConfig     `yaml:"log"`
+	Log       LogConfig   `yaml:"log"`
-	Redis     *RedisConfig   `yaml:"redis"`
+	Redis     RedisConfig `yaml:"redis"`
-	Mysql     *MysqlConfig   `yaml:"mysql"`
+	Mysql     MysqlConfig `yaml:"mysql"`
-	Auth      *Auth          `yaml:"auth"`
+	Guacd     Guacd       `yaml:"guacd"`
-	SecretKey string         `yaml:"secretKey"`
+	Http      HttpConfig  `yaml:"http"`
-	Cmdb      *Cmdb          `yaml:"cmdb"`
+	Ssh       SshServer   `yaml:"ssh"`
-	Worker    *Worker        `yaml:"worker"`
+	Auth      Auth        `yaml:"auth"`
-	SshServer *SshServer     `yaml:"sshServer"`
+	SecretKey string      `yaml:"secretKey"`
-	Guacd     *Guacd         `yaml:"guacd"`
+	Cmdb      Cmdb        `yaml:"cmdb"`
-	Protocols map[string]any `yaml:"protocols"`
+	Worker    Worker      `yaml:"worker"`
 	I18nDir string `yaml:"i18nDir"`
 }
 func GetResourceTypeName(key string) (val string) {
--- a/backend/cmd/api/config.example.yaml
+++ b/backend/cmd/api/config.example.yaml
@@ -2,7 +2,16 @@ mode: debug
 http:
  ip: 0.0.0.0
-  port: 8080
+  port: 8888
 ssh:
  ip: 0.0.0.0
  port: 2222
 guacd:
  ip: oneterm-guacd
  port: 4822
  gateway: oneterm-api 
 mysql:
  ip: mysql
@@ -11,15 +20,13 @@ mysql:
  password: root
 redis:
-  addr: myredis:6379
+  addr: redis:6379
  password: root
 log:
  level: debug
  path: app.log
  format: json
  maxSize: 1
  # consoleEnable Whether to enable outputting logs to the console as the sametime
  consoleEnable: true
 auth:
@@ -50,14 +57,4 @@ worker:
  key: acl key
  secret: acl secret
 sshServer:
  ip: 127.0.0.1
  port: 2222
  account: test
  password: 135790
  xtoken: 123456
 guacd:
  ip: oneterm-guacd
  port: 4822
  gateway: oneterm-api 
--- a/backend/db/mysql.go
+++ b/backend/db/mysql.go
@@ -0,0 +1,25 @@
 package mysql
 import (
 	"fmt"
 	"go.uber.org/zap"
 	"gorm.io/driver/mysql"
 	"gorm.io/gorm"
 	"github.com/veops/oneterm/conf"
 	"github.com/veops/oneterm/logger"
 )
 var (
 	DB *gorm.DB
 )
 func init() {
 	var err error
 	dsn := fmt.Sprintf("%s:%s@tcp(%s:%s)/oneterm?charset=utf8mb4&parseTime=True&loc=Local",
 		conf.Cfg.Mysql.User, conf.Cfg.Mysql.Password, conf.Cfg.Mysql.Ip, conf.Cfg.Mysql.Port)
 	if DB, err = gorm.Open(mysql.Open(dsn), &gorm.Config{}); err != nil {
 		logger.L().Fatal("init mysql failed", zap.Error(err))
 	}
 }
--- a/backend/pkg/server/global/gateway/gateway.go
+++ b/backend/pkg/server/global/gateway/gateway.go
@@ -10,9 +10,9 @@ import (
 	"go.uber.org/zap"
 	"golang.org/x/crypto/ssh"
-	"github.com/veops/oneterm/pkg/conf"
+	"github.com/veops/oneterm/conf"
-	"github.com/veops/oneterm/pkg/logger"
+	"github.com/veops/oneterm/logger"
-	"github.com/veops/oneterm/pkg/server/model"
+	"github.com/veops/oneterm/model"
 )
 var (
@@ -45,19 +45,19 @@ func (gt *GatewayTunnel) Open() (err error) {
 	defer close(gt.Chan)
 	go func() {
 		<-time.After(time.Second * 5)
-		logger.L.Debug("timeout 5 second close listener", zap.String("sessionId", gt.SessionId))
+		logger.L().Debug("timeout 5 second close listener", zap.String("sessionId", gt.SessionId))
 		gt.listener.Close()
 	}()
 	gt.LocalConn, err = gt.listener.Accept()
 	if err != nil {
-		logger.L.Error("accept failed", zap.String("sessionId", gt.SessionId), zap.Error(err))
+		logger.L().Error("accept failed", zap.String("sessionId", gt.SessionId), zap.Error(err))
 		return err
 	}
 	remoteAddr := fmt.Sprintf("%s:%d", gt.RemoteIp, gt.RemotePort)
 	gt.RemoteConn, err = manager.sshClients[gt.GatewayId].Dial("tcp", remoteAddr)
 	if err != nil {
-		logger.L.Error("dial remote failed", zap.String("sessionId", gt.SessionId), zap.Error(err))
+		logger.L().Error("dial remote failed", zap.String("sessionId", gt.SessionId), zap.Error(err))
 		return err
 	}
@@ -120,7 +120,7 @@ func (gm *GateWayManager) Open(sessionId, remoteIp string, remotePort int, gatew
 		Chan:       make(chan struct{}),
 	}
 	gm.gateways[sessionId] = g
-	logger.L.Debug("opening gateway", zap.Any("sessionId", sessionId))
+	logger.L().Debug("opening gateway", zap.Any("sessionId", sessionId))
 	go g.Open()
 	return
--- a/backend/pkg/i18n/message.go
+++ b/backend/pkg/i18n/message.go
@@ -1,179 +1,198 @@
 package i18n
 import (
-	goi18n "github.com/nicksnyder/go-i18n/v2/i18n"
+	"fmt"
 	"github.com/BurntSushi/toml"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
 	"golang.org/x/text/language"
 )
 var (
 	Bundle = i18n.NewBundle(language.English)
 	langs  = []string{"en", "zh"}
 )
 func init() {
 	Bundle.RegisterUnmarshalFunc("toml", toml.Unmarshal)
 	for _, lang := range langs {
 		_, err := Bundle.LoadMessageFile(fmt.Sprintf("./translate/active.%s.toml", lang))
 		if err != nil {
 			fmt.Println("load i18n message failed", err)
 		}
 	}
 }
 var (
 	// errors
-	MsgBadRequest = &goi18n.Message{
+	MsgBadRequest = &i18n.Message{
 		ID:    "MsgBadRequest",
 		One:   "Bad Request: {{.err}}",
 		Other: "Bad Request: {{.err}}",
 	}
-	MsgInvalidArguemnt = &goi18n.Message{
+	MsgInvalidArguemnt = &i18n.Message{
 		ID:    "MsgArgumentError",
 		One:   "Bad Request: Argument is invalid, {{.err}}",
 		Other: "Bad Request: Argument is invalid, {{.err}}",
 	}
-	MsgDupName = &goi18n.Message{
+	MsgDupName = &i18n.Message{
 		ID:    "MsgDupName",
 		One:   "Bad Request: {{.name}} is duplicate",
 		Other: "Bad Request: {{.name}} is duplicate",
 	}
-	MsgHasChild = &goi18n.Message{
+	MsgHasChild = &i18n.Message{
 		ID:    "MsgHasChild",
 		One:   "Bad Request: This folder has sub folder or assert, cannot be deleted",
 		Other: "Bad Request: This folder has sub folder or assert, cannot be deleted",
 	}
-	MsgHasDepdency = &goi18n.Message{
+	MsgHasDepdency = &i18n.Message{
 		ID:    "MsgHasDepdency",
 		One:   "Bad Request: Asset {{.name}} dependens on this, cannot be deleted",
 		Other: "Bad Request: Asset {{.name}} dependens on this, cannot be deleted",
 	}
-	MsgNoPerm = &goi18n.Message{
+	MsgNoPerm = &i18n.Message{
 		ID:    "MsgNoPerm",
 		One:   "Bad Request: You do not have {{.perm}} permission",
 		Other: "Bad Request: You do not have {{.perm}} permission",
 	}
-	MsgRemoteClient = &goi18n.Message{
+	MsgRemoteClient = &i18n.Message{
 		ID:    "MsgRemote",
 		One:   "Bad Request: {{.message}}",
 		Other: "Bad Request: {{.message}}",
 	}
-	MsgWrongPk = &goi18n.Message{
+	MsgWrongPk = &i18n.Message{
 		ID:    "MsgWrongPk",
 		One:   "Bad Request: Invalid SSH public key",
 		Other: "Bad Request: Invalid SSH public key",
 	}
-	MsgWrongMac = &goi18n.Message{
+	MsgWrongMac = &i18n.Message{
 		ID:    "MsgWrongMac",
 		One:   "Bad Request: Invalid Mac address",
 		Other: "Bad Request: Invalid Mac address",
 	}
-	MsgInvalidSessionId = &goi18n.Message{
+	MsgInvalidSessionId = &i18n.Message{
 		ID:    "MsgInvalidSessionId",
 		One:   "Bad Request: Invalid session id {{.sessionId}}",
 		Other: "Bad Request: Invalid session id {{.sessionId}}",
 	}
-	MsgSessionEnd = &goi18n.Message{
+	MsgSessionEnd = &i18n.Message{
 		ID:    "MsgSessionEnd",
 		One:   "\n----------Session {{.sessionId}} has been ended----------\n",
 		Other: "\n----------Session {{.sessionId}} has been ended----------\n",
 	}
-	MsgLoginError = &goi18n.Message{
+	MsgLoginError = &i18n.Message{
 		ID:    "MsgLoginError",
 		One:   "Bad Request: Invalid account",
 		Other: "Bad Request: Invalid account",
 	}
-	MsgAccessTime = &goi18n.Message{
+	MsgAccessTime = &i18n.Message{
 		ID:    "MsgAccessTime",
 		One:   "Bad Request: current time is not allowed to access",
 		Other: "Bad Request: current time is not allowed to access",
 	}
-	MsgIdleTimeout = &goi18n.Message{
+	MsgIdleTimeout = &i18n.Message{
 		ID:    "MsgIdleTimeout",
 		One:   "Bad Request: idle timeout more than {{.second}} seconds",
 		Other: "Bad Request: idle timeout more than {{.second}} seconds",
 	}
 	//
-	MsgInternalError = &goi18n.Message{
+	MsgInternalError = &i18n.Message{
 		ID:    "MsgInternalError",
 		One:   "Server Error: {{.err}}",
 		Other: "Server Error: {{.err}}",
 	}
-	MsgRemoteServer = &goi18n.Message{
+	MsgRemoteServer = &i18n.Message{
 		ID:    "MsgRemoteServer",
 		One:   "Server Error: {{.message}}",
 		Other: "Server Error: {{.message}}",
 	}
-	MsgLoadSession = &goi18n.Message{
+	MsgLoadSession = &i18n.Message{
 		ID:    "MsgLoadSession",
 		One:   "Load Session Faild",
 		Other: "Load Session Faild",
 	}
-	MsgConnectServer = &goi18n.Message{
+	MsgConnectServer = &i18n.Message{
 		ID:    "MsgConnectServer",
 		One:   "Connect Server Error",
 		Other: "Connect Server Error",
 	}
-	MsgAdminClose = &goi18n.Message{
+	MsgAdminClose = &i18n.Message{
 		ID:    "MsgAdminClose",
 		One:   "Sessoin has been closed by admin {{.admin}}",
 		Other: "Sessoin has been closed by admin {{.admin}}",
 	}
 	// others
-	MsgTypeMappingAccount = &goi18n.Message{
+	MsgTypeMappingAccount = &i18n.Message{
 		ID:    "MsgTypeMappingAccount",
 		One:   "Account",
 		Other: "Account",
 	}
-	MsgTypeMappingAsset = &goi18n.Message{
+	MsgTypeMappingAsset = &i18n.Message{
 		ID:    "MsgTypeMappingAsset",
 		One:   "Asset",
 		Other: "Asset",
 	}
-	MsgTypeMappingCommand = &goi18n.Message{
+	MsgTypeMappingCommand = &i18n.Message{
 		ID:    "MsgTypeMappingCommand",
 		One:   "Command",
 		Other: "Command",
 	}
-	MsgTypeMappingGateway = &goi18n.Message{
+	MsgTypeMappingGateway = &i18n.Message{
 		ID:    "MsgTypeMappingGateway",
 		One:   "Gateway",
 		Other: "Gateway",
 	}
-	MsgTypeMappingNode = &goi18n.Message{
+	MsgTypeMappingNode = &i18n.Message{
 		ID:    "MsgTypeMappingNode",
 		One:   "Node",
 		Other: "Node",
 	}
-	MsgTypeMappingPublicKey = &goi18n.Message{
+	MsgTypeMappingPublicKey = &i18n.Message{
 		ID:    "MsgTypeMappingPublicKey",
 		One:   "Public Key",
 		Other: "Public Key",
 	}
 	// SSH
-	MsgSshShowAssetResults = &goi18n.Message{
+	MsgSshShowAssetResults = &i18n.Message{
 		ID:    "MsgSshShowAssetResults",
 		One:   "Total host count is:\033[0;32m {{.Count}} \033[0m \r\n{{.Msg}}\r\n",
 		Other: "Total host count is:\033[0;32m {{.Count}} \033[0m \r\n{{.Msg}}\r\n",
 	}
-	MsgSshAccountLoginError = &goi18n.Message{
+	MsgSshAccountLoginError = &i18n.Message{
 		ID: "MsgSshAccountLoginError",
 		One: "\x1b[1;30;32m failed login \x1b[0m \x1b[1;30;3m {{.User}}\x1b[0m\n" +
 			"\x1b[0;33m you need to choose asset again \u001B[0m\n",
 		Other: "\x1b[1;30;32m failed login \x1b[0m \x1b[1;30;3m {{.User}}\x1b[0m\n" +
 			"\x1b[0;33m you need to choose asset again \u001B[0m\n",
 	}
-	MsgSshNoAssetPermission = &goi18n.Message{
+	MsgSshNoAssetPermission = &i18n.Message{
 		ID:    "MsgSshNoAssetPermission",
 		One:   "\r\n\u001B[0;33mNo permission for[0m:\033[0;31m {{.Host}} \033[0m\r\n",
 		Other: "\r\n\u001B[0;33mNo permission for[0m:\033[0;31m {{.Host}} \033[0m\r\n",
 	}
-	MsgSshNoMatchingAsset = &goi18n.Message{
+	MsgSshNoMatchingAsset = &i18n.Message{
 		ID:    "MsgSshNoMatchingAsset",
 		One:   "\x1b[0;33mNo matching asset for :\x1b[0m  \x1b[0;94m{{.Host}} \x1b[0m\r\n",
 		Other: "\x1b[0;33mNo matching asset for :\x1b[0m  \x1b[0;94m{{.Host}} \x1b[0m\r\n",
 	}
-	MsgSshNoSshAccessMethod = &goi18n.Message{
+	MsgSshNoSshAccessMethod = &i18n.Message{
 		ID:    "MsgSshNoSshAccessMethod",
 		One:   "No ssh access method for :\033[0;31m {{.Host}} \033[0m\r\n",
 		Other: "No ssh access method for :\033[0;31m {{.Host}} \033[0m\r\n",
 	}
-	MsgSshNoSshAccountForAsset = &goi18n.Message{
+	MsgSshNoSshAccountForAsset = &i18n.Message{
 		ID:    "MsgSshNoSshAccountForAsset",
 		One:   "No ssh account for :\033[0;31m {{.Host}} \033[0m\r\n",
 		Other: "No ssh account for :\033[0;31m {{.Host}} \033[0m\r\n",
 	}
-	MsgSshMultiSshAccountForAsset = &goi18n.Message{
+	MsgSshMultiSshAccountForAsset = &i18n.Message{
 		ID:    "MsgSshMultiSshAccountForAsset",
 		One:   "choose account: \n\033[0;31m {{.Accounts}} \033[0m\n",
 		Other: "choose account: \n\033[0;31m {{.Accounts}} \033[0m\n",
 	}
-	MsgSshWelcome = &goi18n.Message{
+	MsgSshWelcome = &i18n.Message{
 		ID: "MsgSshWelcomeMsg",
 		One: "\x1b[0;47m Welcome: {{.User}} \x1b[0m\r\n" +
 			" \x1b[1;30;32m /s \x1b[0m to switch language between english and 中文\r\n" +
@@ -188,24 +207,24 @@ var (
 			"\x1b[1;30;32m /q \x1b[0m to exit\r\n" +
 			"\x1b[1;30;32m /? \x1b[0m for help\r\n",
 	}
-	MsgSshCommandRefused = &goi18n.Message{
+	MsgSshCommandRefused = &i18n.Message{
 		ID:    "MsgSshCommandRefused",
 		One:   "\x1b[0;31m you have no permission to execute command: \x1b[0m  \x1b[0;33m{{.Command}} \x1b[0m\r\n",
 		Other: "\x1b[0;31m you have no permission to execute command: \x1b[0m  \x1b[0;33m{{.Command}} \x1b[0m\r\n",
 	}
-	MsgSShHostIdleTimeout = &goi18n.Message{
+	MsgSShHostIdleTimeout = &i18n.Message{
 		ID:    "MsgSShHostIdleTimeout",
 		One:   "\r\n\x1b[0;31m disconnect since idle more than\x1b[0m \x1b[0;33m {{.Idle}} \x1b[0m\r\n",
 		Other: "\r\n\x1b[0;31m disconnect since idle more than\x1b[0m \x1b[0;33m {{.Idle}} \x1b[0m\r\n",
 	}
-	MsgSshAccessRefusedInTimespan = &goi18n.Message{
+	MsgSshAccessRefusedInTimespan = &i18n.Message{
 		ID:    "MsgSshAccessRefusedInTimespan",
 		One:   "\r\n\x1b[0;31m disconnect since current time is not allowed \x1b[0m\r\n",
 		Other: "\r\n\x1b[0;31m disconnect since current time is not allowed \x1b[0m\r\n",
 	}
-	MsgSShWelcomeForHelp = &goi18n.Message{
+	MsgSShWelcomeForHelp = &i18n.Message{
 		ID:    "MsgSShWelcomeForHelp",
 		One:   "\x1b[31;47m Welcome: {{.User}}",
 		Other: "\x1b[31;47m Welcome: {{.User}}",
--- a/backend/pkg/i18n/translate/active.en.toml
+++ b/backend/pkg/i18n/translate/active.en.toml
--- a/backend/pkg/i18n/translate/active.zh.toml
+++ b/backend/pkg/i18n/translate/active.zh.toml
--- a/backend/pkg/i18n/translate/translate.zh.toml
+++ b/backend/pkg/i18n/translate/translate.zh.toml
--- a/backend/logger/logger.go
+++ b/backend/logger/logger.go
@@ -0,0 +1,53 @@
 package logger
 import (
 	"os"
 	"go.uber.org/zap"
 	"go.uber.org/zap/zapcore"
 	"gopkg.in/natefinch/lumberjack.v2"
 	"github.com/veops/oneterm/conf"
 )
 func init() {
 	level := zapcore.DebugLevel
 	switch conf.Cfg.Log.Level {
 	case "error":
 		level = zapcore.ErrorLevel
 	case "warn":
 		level = zapcore.WarnLevel
 	case "info":
 		level = zapcore.InfoLevel
 	case "debug":
 		level = zapcore.DebugLevel
 	}
 	fw := &lumberjack.Logger{
 		Filename:   "logs/oneterm.log",
 		MaxSize:    0,
 		MaxBackups: 0,
 		MaxAge:     15,
 		LocalTime:  false,
 		Compress:   false,
 	}
 	cfg := zap.NewProductionEncoderConfig()
 	cfg.EncodeTime = zapcore.TimeEncoderOfLayout("2006-01-02 15:04:05.000")
 	encoder := zapcore.NewConsoleEncoder(cfg)
 	cores := []zapcore.Core{zapcore.NewCore(
 		encoder,
 		zapcore.AddSync(fw),
 		level,
 	)}
 	if conf.Cfg.Log.ConsoleEnable {
 		cores = append(cores, zapcore.NewCore(
 			encoder,
 			zapcore.AddSync(zapcore.Lock(os.Stderr)),
 			level,
 		))
 	}
 	zap.ReplaceGlobals(zap.New(zapcore.NewTee(cores...)))
 }
 func L() *zap.Logger {
 	return zap.L()
 }
--- a/backend/main.go
+++ b/backend/main.go
@@ -0,0 +1,8 @@
 package main
 import "github.com/spf13/pflag"
 func main() {
 	path := pflag.StringP("config", "c", "config.yaml", "config path")
 }
--- a/backend/pkg/server/model/account.go
+++ b/backend/pkg/server/model/account.go
--- a/backend/pkg/server/model/asset.go
+++ b/backend/pkg/server/model/asset.go
--- a/backend/pkg/server/model/authorization.go
+++ b/backend/pkg/server/model/authorization.go
--- a/backend/pkg/server/model/command.go
+++ b/backend/pkg/server/model/command.go
--- a/backend/pkg/server/model/config.go
+++ b/backend/pkg/server/model/config.go
--- a/backend/pkg/server/model/fileHistory.go
+++ b/backend/pkg/server/model/fileHistory.go
--- a/backend/pkg/server/model/gateway.go
+++ b/backend/pkg/server/model/gateway.go
--- a/backend/pkg/server/model/history.go
+++ b/backend/pkg/server/model/history.go
--- a/backend/pkg/server/model/model.go
+++ b/backend/pkg/server/model/model.go
--- a/backend/pkg/server/model/node.go
+++ b/backend/pkg/server/model/node.go
--- a/backend/pkg/server/model/publicKey.go
+++ b/backend/pkg/server/model/publicKey.go
--- a/backend/pkg/server/model/session.go
+++ b/backend/pkg/server/model/session.go
--- a/backend/pkg/server/model/stat.go
+++ b/backend/pkg/server/model/stat.go
--- a/backend/pkg/logger/logger.go
+++ b/backend/pkg/logger/logger.go
@@ -1,93 +0,0 @@
 package logger
 import (
 	"context"
 	"fmt"
 	"os"
 	"strings"
 	"go.uber.org/zap"
 	"go.uber.org/zap/zapcore"
 	"gopkg.in/natefinch/lumberjack.v2"
 	"github.com/veops/oneterm/pkg/conf"
 )
 var (
 	L           *zap.Logger
 	AtomicLevel = zap.NewAtomicLevel()
 )
 func Init(ctx context.Context, cfg *conf.LogConfig) (err error) {
 	err = initLogger(cfg)
 	if err != nil {
 		return
 	}
 	L = zap.L()
 	go func() {
 		<-ctx.Done()
 		err = L.Sync()
 		if err != nil {
 			fmt.Println(err)
 		}
 	}()
 	return nil
 }
 func getEncoder(format string) zapcore.Encoder {
 	encodeConfig := zap.NewProductionEncoderConfig()
 	encodeConfig.EncodeTime = zapcore.ISO8601TimeEncoder
 	encodeConfig.TimeKey = "time"
 	encodeConfig.EncodeLevel = zapcore.CapitalLevelEncoder
 	encodeConfig.EncodeCaller = zapcore.ShortCallerEncoder
 	if strings.ToUpper(format) == "JSON" {
 		return zapcore.NewJSONEncoder(encodeConfig)
 	} else {
 		encodeConfig.EncodeLevel = zapcore.CapitalColorLevelEncoder
 		return zapcore.NewConsoleEncoder(encodeConfig)
 	}
 }
 func getLogWriter(cfg *conf.LogConfig) zapcore.Core {
 	var cores []zapcore.Core
 	if cfg.Path != "" {
 		logRotate := &lumberjack.Logger{
 			Filename:   cfg.Path,
 			MaxSize:    cfg.MaxSize,
 			MaxBackups: cfg.MaxBackups,
 			MaxAge:     cfg.MaxAge,
 			Compress:   cfg.Compress,
 		}
 		fileEncoder := getEncoder(cfg.Format)
 		cores = append(cores, zapcore.NewCore(fileEncoder, zapcore.AddSync(logRotate), AtomicLevel))
 	}
 	if cfg.ConsoleEnable {
 		consoleEncoder := getEncoder("console")
 		cores = append(cores, zapcore.NewCore(consoleEncoder, zapcore.Lock(os.Stdout), AtomicLevel))
 	}
 	return zapcore.NewTee(cores...)
 }
 func initLogger(cfg *conf.LogConfig) (err error) {
 	level, err := zap.ParseAtomicLevel(cfg.Level)
 	if err != nil {
 		return err
 	}
 	AtomicLevel.SetLevel(level.Level())
 	core := getLogWriter(cfg)
 	logger := zap.New(core, zap.AddCaller())
 	zap.ReplaceGlobals(logger)
 	return
 }
--- a/backend/pkg/proto/ssh/api/api.go
+++ b/backend/pkg/proto/ssh/api/api.go
@@ -1,20 +0,0 @@
 package api
 type Authentication interface {
 	Authenticate() (token string, err error)
 }
 type Asset interface {
 	Groups() (any, error)
 	Lists() (any, error)
 }
 type Audit interface {
 	NewSession(data any) error
 }
 type Core interface {
 	Authentication
 	Audit
 	Asset
 }
--- a/backend/pkg/proto/ssh/api/asset.go
+++ b/backend/pkg/proto/ssh/api/asset.go
@@ -1,196 +0,0 @@
 package api
 import (
 	"fmt"
 	"strings"
 	"time"
 	"github.com/go-resty/resty/v2"
 	cfg "github.com/veops/oneterm/pkg/proto/ssh/config"
 	"github.com/veops/oneterm/pkg/server/controller"
 	"github.com/veops/oneterm/pkg/server/model"
 	"github.com/veops/oneterm/pkg/util"
 )
 type AssetCore struct {
 	Api    string
 	XToken string
 }
 func NewAssetServer(Api, token string) *AssetCore {
 	return &AssetCore{
 		Api:    Api,
 		XToken: token,
 	}
 }
 func (a *AssetCore) Groups() (res any, err error) {
 	return res, err
 }
 func (a *AssetCore) Lists(cookie, search string, id int) (res *controller.ListData, err error) {
 	client := resty.New()
 	var (
 		data *controller.HttpResponse
 	)
 	params := map[string]string{
 		"page_index": "1",
 		"page_size":  "-1",
 		"info":       "true",
 	}
 	if strings.TrimSpace(search) != "" {
 		params["search"] = search
 	}
 	if id > 0 {
 		params["id"] = fmt.Sprintf("%d", id)
 	}
 	resp, err := client.R().
 		SetQueryParams(params).
 		SetHeader("Cookie", cookie).
 		SetHeader("X-Token", a.XToken).
 		SetResult(&data).
 		Get(strings.TrimSuffix(a.Api, "/") + assetUrl)
 	if err != nil {
 		return res, fmt.Errorf("api request error:%v", err.Error())
 	}
 	if resp.StatusCode() != 200 {
 		return res, fmt.Errorf("auth code: %d %v", resp.StatusCode(), string(resp.Body()))
 	}
 	if data.Code != 0 {
 		return res, fmt.Errorf(data.Message)
 	}
 	err = util.DecodeStruct(&res, data.Data)
 	return
 }
 func (a *AssetCore) AllAssets() (res []*model.Asset, err error) {
 	params := map[string]string{
 		"page_index": "1",
 		"page_size":  "-1",
 	}
 	resp, err := request(resty.MethodGet,
 		a.Api+assetTotalUrl,
 		map[string]string{"X-Token": a.XToken}, params, nil)
 	if resp != nil {
 		for _, v := range resp.List {
 			var v1 model.Asset
 			_ = util.DecodeStruct(&v1, v)
 			res = append(res, &v1)
 		}
 	}
 	return
 }
 func (a *AssetCore) HasPermission(data *model.AccessAuth) bool {
 	now := time.Now()
 	in := true
 	if (data.Start != nil && now.Before(*data.Start)) || (data.End != nil && now.After(*data.End)) {
 		in = false
 	}
 	if !in {
 		return false
 	}
 	in = false
 	has := false
 	week, hm := now.Weekday(), now.Format("15:04")
 	for _, r := range data.Ranges {
 		has = has || len(r.Times) > 0
 		if (r.Week+1)%7 == int(week) {
 			for _, str := range r.Times {
 				ss := strings.Split(str, "~")
 				in = in || (len(ss) >= 2 && hm >= ss[0] && hm <= ss[1])
 			}
 		}
 	}
 	return !has || in == data.Allow
 }
 func (a *AssetCore) Gateway(cookie string, id int) (res *model.Gateway, err error) {
 	params := map[string]string{
 		"page_index": "1",
 		"page_size":  "1",
 		"info":       "true",
 	}
 	if id > 0 {
 		params["id"] = fmt.Sprintf("%d", id)
 	}
 	data, err := request(resty.MethodGet,
 		fmt.Sprintf("%s%s", strings.TrimSuffix(cfg.SSHConfig.Api, "/"), gatewayUrl),
 		map[string]string{
 			"Cookie":  cookie,
 			"X-Token": cfg.SSHConfig.Token,
 		}, params, nil)
 	if err != nil {
 		return
 	}
 	var r1 controller.ListData
 	err = util.DecodeStruct(&r1, data)
 	if err != nil {
 		return
 	}
 	if len(r1.List) == 0 {
 		err = fmt.Errorf("not found gateway for %d", id)
 		return
 	}
 	err = util.DecodeStruct(&res, r1.List[0])
 	return
 }
 func (a *AssetCore) Commands(cookie string) (res []*model.Command, err error) {
 	params := map[string]string{
 		"page_index": "1",
 		"page_size":  "-1",
 		"info":       "true",
 	}
 	data, err := request(resty.MethodGet,
 		fmt.Sprintf("%s%s", strings.TrimSuffix(cfg.SSHConfig.Api, "/"), commandUrl),
 		map[string]string{
 			"Cookie":  cookie,
 			"X-Token": cfg.SSHConfig.Token,
 		}, params, nil)
 	if err != nil {
 		return
 	}
 	var r1 controller.ListData
 	err = util.DecodeStruct(&r1, data)
 	if err != nil {
 		return
 	}
 	err = util.DecodeStruct(&res, r1.List)
 	return
 }
 func (a *AssetCore) Config(cookie string) (res *model.Config, err error) {
 	params := map[string]string{
 		"info": "true",
 	}
 	data := &controller.HttpResponse{}
 	_, err = resty.New().R().
 		SetQueryParams(params).
 		SetHeaders(map[string]string{
 			"Cookie":  cookie,
 			"X-Token": cfg.SSHConfig.Token,
 		}).
 		SetResult(data).
 		Get(strings.TrimSuffix(a.Api, "/") + configUrl)
 	if err != nil {
 		return
 	}
 	err = util.DecodeStruct(&res, data.Data)
 	return
 }
 func (a *AssetCore) ChangeState(data map[int]map[string]any) error {
 	_, err := request(resty.MethodPut,
 		strings.TrimSuffix(a.Api, "/")+assetUpdateState,
 		map[string]string{
 			"X-Token": cfg.SSHConfig.Token,
 		}, nil, data)
 	return err
 }
--- a/backend/pkg/proto/ssh/api/audit.go
+++ b/backend/pkg/proto/ssh/api/audit.go
@@ -1,105 +0,0 @@
 package api
 import (
 	"fmt"
 	"regexp"
 	"strings"
 	"github.com/go-resty/resty/v2"
 	"go.uber.org/zap"
 	"github.com/veops/oneterm/pkg/logger"
 	cfg "github.com/veops/oneterm/pkg/proto/ssh/config"
 	"github.com/veops/oneterm/pkg/server/controller"
 	"github.com/veops/oneterm/pkg/util"
 )
 type AuditCore struct {
 	Api    string
 	XToken string
 }
 func NewAuditServer(Api, token string) *Auth {
 	return &Auth{
 		Api:    Api,
 		XToken: token,
 	}
 }
 type CommandLevel int
 const (
 	CommandLevelNormal = iota + 1
 	CommandLevelReject
 )
 func (a *AuditCore) NewSession(data any) error {
 	_, err := request(resty.MethodPost,
 		fmt.Sprintf("%s%s", strings.TrimSuffix(cfg.SSHConfig.Api, "/"), sessionUrl),
 		map[string]string{
 			"X-Token": cfg.SSHConfig.Token,
 		}, nil, data)
 	return err
 }
 func (a *AuditCore) AddCommand(data any) {
 	_, err := request(resty.MethodPost,
 		fmt.Sprintf("%s%s", strings.TrimSuffix(cfg.SSHConfig.Api, "/"), sessionCmdUrl),
 		map[string]string{
 			"X-Token":      cfg.SSHConfig.Token,
 			"Content-Type": "application/json",
 		}, nil, data)
 	if err != nil {
 		logger.L.Error(err.Error())
 	}
 }
 func AddReplay(sessionId string, data any) error {
 	_, err := request(resty.MethodPost,
 		fmt.Sprintf("%s%s/%s", strings.TrimSuffix(cfg.SSHConfig.Api, "/"), replayUrl, sessionId),
 		map[string]string{
 			"X-Token": cfg.SSHConfig.Token,
 		}, nil, data)
 	return err
 }
 func AddReplayFile(sessionId, filePath string) (err error) {
 	var response *controller.HttpResponse
 	r, er := resty.New().R().SetFile("replay.cast", filePath).
 		SetHeader("X-Token", cfg.SSHConfig.Token).
 		SetHeader("Content-Type", "application/json").
 		SetBody(map[string]any{
 			"session_id": sessionId,
 			"body":       "",
 		}).SetResult(&response).Post(fmt.Sprintf("%s%s/%s", strings.TrimSuffix(cfg.SSHConfig.Api, "/"), replayFileUrl, sessionId))
 	if er != nil {
 		err = er
 		return err
 	}
 	if r.StatusCode() != 200 {
 		err = fmt.Errorf("auth code: %d: %s", r.StatusCode(), r.String())
 		return
 	}
 	if response.Code != 0 {
 		err = fmt.Errorf(response.Message)
 		return
 	}
 	err = util.DecodeStruct(&response, response.Data)
 	return err
 }
 func GetCommandLevel(command string, commands []string) CommandLevel {
 	for _, v := range commands {
 		pattern, err := regexp.Compile(v)
 		if err != nil {
 			logger.L.Warn(err.Error(), zap.String("module", ""))
 			continue
 		}
 		if pattern.MatchString(command) {
 			return CommandLevelReject
 		}
 	}
 	return CommandLevelNormal
 }
--- a/backend/pkg/proto/ssh/api/auth.go
+++ b/backend/pkg/proto/ssh/api/auth.go
@@ -1,169 +0,0 @@
 package api
 import (
 	"encoding/json"
 	"fmt"
 	"strings"
 	"time"
 	"github.com/go-resty/resty/v2"
 	"github.com/veops/oneterm/pkg/server/auth/acl"
 	"github.com/veops/oneterm/pkg/server/controller"
 	"github.com/veops/oneterm/pkg/server/model"
 	"github.com/veops/oneterm/pkg/util"
 )
 type Auth struct {
 	Username  string
 	Password  string
 	PublicKey string
 	Api       string
 	XToken    string
 	SecretKey string
 }
 func NewAuthServer(username, password, publicKey, Api, token, secretKey string) *Auth {
 	return &Auth{
 		Username:  username,
 		Password:  password,
 		PublicKey: publicKey,
 		Api:       Api,
 		XToken:    token,
 		SecretKey: secretKey,
 	}
 }
 func (a *Auth) Authenticate() (token string, err error) {
 	client := resty.New()
 	var (
 		method int8
 		data   *controller.HttpResponse
 	)
 	if a.Password != "" {
 		method = 1
 	} else if a.PublicKey != "" {
 		method = 2
 	} else {
 		return "", fmt.Errorf("no password or publicKey")
 	}
 	resp, err := client.R().
 		SetHeader("X-Token", a.XToken).
 		SetHeader("Content-Type", "application/json").
 		SetBody(map[string]interface{}{
 			"method":   method,
 			"password": a.Password,
 			"pk":       a.PublicKey,
 			"username": a.Username,
 		}).
 		SetResult(&data).
 		Post(strings.TrimSuffix(a.Api, "/") + authUrl)
 	if err != nil {
 		return "", fmt.Errorf("api request error:%v", err.Error())
 	}
 	if resp.StatusCode() != 200 {
 		return "", fmt.Errorf("%s", string(resp.Body()))
 	}
 	if data.Code != 0 {
 		return "", fmt.Errorf(data.Message)
 	}
 	return data.Data.(map[string]any)["cookie"].(string), nil
 }
 func (a *Auth) AccountInfo(token string, uid int, name string) (account *model.Account, err error) {
 	data := map[string]string{"info": "true"}
 	if uid > 0 {
 		data["id"] = fmt.Sprintf("%d", uid)
 	}
 	if name != "" {
 		data["name"] = name
 	}
 	res, err := request(resty.MethodGet,
 		fmt.Sprintf("%s%s", strings.TrimSuffix(a.Api, "/"), accountUrl),
 		map[string]string{
 			"Cookie":  token,
 			"X-Token": a.XToken,
 		}, data, nil)
 	if err != nil {
 		return
 	}
 	if res.Count == 0 {
 		err = fmt.Errorf("no account found for %v", uid)
 		return
 	}
 	err = util.DecodeStruct(&account, res.List[0])
 	return
 }
 func (a *Auth) Accounts(token string) (account []*model.Account, err error) {
 	res, err := request(resty.MethodGet,
 		fmt.Sprintf("%s%s", strings.TrimSuffix(a.Api, "/"), accountUrl),
 		map[string]string{
 			"Cookie":  token,
 			"X-Token": a.XToken,
 		}, map[string]string{"info": "true"}, nil)
 	if err != nil {
 		return
 	}
 	if res.Count == 0 {
 		err = fmt.Errorf("no account found")
 		return
 	}
 	err = util.DecodeStruct(&account, res.List)
 	return
 }
 func request(method, path string, headers map[string]string, param map[string]string,
 	body any) (res *controller.ListData, err error) {
 	client := resty.New().SetTimeout(time.Second * 15).R()
 	if param != nil {
 		client = client.SetQueryParams(param)
 	}
 	for k, v := range headers {
 		client = client.SetHeader(k, v)
 	}
 	if body != nil {
 		client = client.SetBody(body)
 	}
 	var response *controller.HttpResponse
 	client = client.SetResult(&response)
 	r, err := client.Execute(method, path)
 	if err != nil {
 		err = fmt.Errorf("api request error:%v", err.Error())
 		return
 	}
 	if r.StatusCode() != 200 {
 		err = fmt.Errorf("auth code: %d: %s", r.StatusCode(), r.String())
 		return
 	}
 	if response.Code != 0 {
 		err = fmt.Errorf(response.Message)
 		return
 	}
 	err = util.DecodeStruct(&res, response.Data)
 	return res, err
 }
 func (a *Auth) AclInfo(sess string) (aclInfo *acl.Acl, er error) {
 	session := acl.Session{}
 	for _, v := range strings.Split(sess, ";") {
 		if strings.HasPrefix(strings.TrimSpace(v), "session=") {
 			sess = strings.TrimPrefix(strings.TrimSpace(v), "session=")
 		}
 	}
 	s := acl.NewSignature(a.SecretKey, "cookie-session", "", "hmac", nil, nil)
 	content, err := s.Unsign(sess)
 	if err != nil {
 		er = err
 		return
 	}
 	err = json.Unmarshal(content, &session)
 	if err != nil {
 		return aclInfo, err
 	}
 	return &session.Acl, nil
 }
--- a/backend/pkg/proto/ssh/api/onterm.go
+++ b/backend/pkg/proto/ssh/api/onterm.go
@@ -1,20 +0,0 @@
 package api
 import (
 	gossh "github.com/gliderlabs/ssh"
 )
 type CoreInstance struct {
 	Auth    *Auth
 	Asset   *AssetCore
 	Session *gossh.Session
 	Audit   *AuditCore
 }
 func NewCoreInstance(apiHost, token, secretKey string) *CoreInstance {
 	coreInstance := &CoreInstance{
 		Auth:  NewAuthServer("", "", "", apiHost, token, secretKey),
 		Asset: NewAssetServer(apiHost, token),
 	}
 	return coreInstance
 }
--- a/backend/pkg/proto/ssh/api/var.go
+++ b/backend/pkg/proto/ssh/api/var.go
@@ -1,23 +0,0 @@
 package api
 const (
 	// auth
 	authUrl = "/public_key/auth"
 	// asset
 	assetUrl         = "/asset"
 	gatewayUrl       = "/gateway"
 	commandUrl       = "/command"
 	configUrl        = "/config"
 	assetTotalUrl    = "/asset/query_by_server"
 	assetUpdateState = "/asset/update_by_server"
 	// account
 	accountUrl = "/account"
 	// audit
 	sessionUrl    = "/session"
 	replayUrl     = "/session/replay"
 	replayFileUrl = "/session/replay"
 	sessionCmdUrl = "/session/cmd"
 )
--- a/backend/pkg/proto/ssh/client/parse.go
+++ b/backend/pkg/proto/ssh/client/parse.go
@@ -1,67 +0,0 @@
 package client
 import (
 	"bytes"
 	"sync"
 )
 type Parser struct {
 	lock         sync.Mutex
 	vimState     bool
 	commandState bool
 }
 var (
 	enterMarks = [][]byte{
 		[]byte("\x1b[?1049h"),
 		[]byte("\x1b[?1048h"),
 		[]byte("\x1b[?1047h"),
 		[]byte("\x1b[?47h"),
 	}
 	exitMarks = [][]byte{
 		[]byte("\x1b[?1049l"),
 		[]byte("\x1b[?1048l"),
 		[]byte("\x1b[?1047l"),
 		[]byte("\x1b[?47l"),
 	}
 	screenMarks = [][]byte{
 		{0x1b, 0x5b, 0x4b, 0x0d, 0x0a},
 		{0x1b, 0x5b, 0x34, 0x6c},
 	}
 )
 func (p *Parser) State(b []byte) bool {
 	if !p.vimState && IsEditEnterMode(b) {
 		if !isNewScreen(b) {
 			p.vimState = true
 			p.commandState = false
 		}
 	}
 	if p.vimState && IsEditExitMode(b) {
 		p.vimState = false
 		p.commandState = true
 	}
 	return p.vimState
 }
 func isNewScreen(p []byte) bool {
 	return matchMark(p, screenMarks)
 }
 func IsEditEnterMode(p []byte) bool {
 	return matchMark(p, enterMarks)
 }
 func IsEditExitMode(p []byte) bool {
 	return matchMark(p, exitMarks)
 }
 func matchMark(p []byte, marks [][]byte) bool {
 	for _, item := range marks {
 		if bytes.Contains(p, item) {
 			return true
 		}
 	}
 	return false
 }
--- a/backend/pkg/proto/ssh/client/ssh.go
+++ b/backend/pkg/proto/ssh/client/ssh.go
@@ -1,343 +0,0 @@
 package client
 import (
 	"fmt"
 	"io"
 	"net"
 	"strings"
 	"sync"
 	"time"
 	gossh "github.com/gliderlabs/ssh"
 	"github.com/google/uuid"
 	gssh "golang.org/x/crypto/ssh"
 	"github.com/veops/oneterm/pkg/logger"
 	"github.com/veops/oneterm/pkg/proto/ssh/record"
 	"github.com/veops/oneterm/pkg/server/model"
 )
 type Connection struct {
 	Session *gssh.Session
 	Stdin   io.Writer
 	Stdout  io.Reader
 	SessionId string
 	Record    record.Record
 	Commands  []byte
 	AssetId   int
 	AccountId int
 	Gateway   *model.Gateway
 	Parser *Parser
 	GateWayCloseChan chan struct{}
 	Exit             chan struct{}
 }
 type GatewayClient struct {
 	client     *gssh.Client
 	targetAddr string
 }
 var (
 	GatewayListener    net.Listener
 	GatewayConnections sync.Map
 )
 func NewSSHClientConfig(user string, account *model.Account) (*gssh.ClientConfig, error) {
 	am, er := authMethod(account)
 	if er != nil {
 		return nil, er
 	}
 	sshConfig := &gssh.ClientConfig{
 		Timeout: time.Second * 5,
 		User:    user,
 		Auth: []gssh.AuthMethod{
 			am,
 		},
 		HostKeyCallback: gssh.InsecureIgnoreHostKey(), // 不验证服务器的HostKey
 	}
 	return sshConfig, nil
 }
 func authMethod(account *model.Account) (gssh.AuthMethod, error) {
 	switch account.AccountType {
 	case model.AUTHMETHOD_PASSWORD:
 		return gssh.Password(account.Password), nil
 	case model.AUTHMETHOD_PUBLICKEY:
 		if account.Phrase == "" {
 			pk, err := gssh.ParsePrivateKey([]byte(account.Pk))
 			if err != nil {
 				return nil, err
 			}
 			return gssh.PublicKeys(pk), nil
 		} else {
 			pk, err := gssh.ParsePrivateKeyWithPassphrase([]byte(account.Pk), []byte(account.Phrase))
 			if err != nil {
 				return nil, err
 			}
 			return gssh.PublicKeys(pk), nil
 		}
 	default:
 		return nil, fmt.Errorf("invalid authmethod %d", account.AccountType)
 	}
 }
 // publicKeyBytes
 // path: ~/.ssh/id_ed25519
 //func publicKeyBytes(path string) error {
 //	pbk, err := os.ReadFile(path)
 //	publicKey, err := gossh.ParsePublicKey(pbk)
 //	if err != nil {
 //		return err
 //	}
 //	gossh.PublicKeyAuth(func(ctx gossh.Context, key gossh.PublicKey) bool {
 //		return gossh.KeysEqual(key, publicKey)
 //	})
 //	return nil
 //}
 func NewSShSession(con *gssh.Client, pty gossh.Pty, gatewayCloseChan chan struct{}) (conn *Connection, err error) {
 	sess, er := con.NewSession()
 	if er != nil {
 		err = er
 		return
 	}
 	modes := gssh.TerminalModes{
 		gssh.ECHO:          1,
 		gssh.TTY_OP_ISPEED: 14400,
 		gssh.TTY_OP_OSPEED: 14400,
 	}
 	if err = sess.RequestPty("xterm", pty.Window.Height, pty.Window.Width, modes); err != nil {
 		return
 	}
 	stdin, err := sess.StdinPipe()
 	if err != nil {
 		return
 	}
 	stdout, err := sess.StdoutPipe()
 	if err != nil {
 		return
 	}
 	if err := sess.Shell(); err != nil {
 		_ = sess.Close()
 	}
 	conn = &Connection{
 		Stdin:            stdin,
 		Stdout:           stdout,
 		Session:          sess,
 		SessionId:        uuid.NewString(),
 		GateWayCloseChan: gatewayCloseChan,
 		Exit:             make(chan struct{}),
 	}
 	conn.Record, err = record.NewAsciinema(conn.SessionId, pty)
 	conn.Parser = &Parser{
 		vimState:     false,
 		commandState: true,
 		lock:         sync.Mutex{},
 	}
 	return
 }
 // NewSShClient1
 // =====================================================do not edit=============================================
 func NewSShClient(addr string, account *model.Account, gateway *model.Gateway) (cli *gssh.Client, gatewayCloseChan chan struct{}, err error) {
 	sshConf, err := NewSSHClientConfig(account.Account, account)
 	if err != nil {
 		return
 	}
 	tmp := strings.Split(strings.TrimSpace(addr), ":")
 	if len(tmp) != 2 {
 		tmp = append(tmp, "22")
 	}
 	addr = strings.Join(tmp, ":")
 	if gateway != nil {
 		gatewayCloseChan = make(chan struct{})
 		gatewayConf, er := NewSSHClientConfig(gateway.Account,
 			&model.Account{AccountType: gateway.AccountType, Account: gateway.Account,
 				Password: gateway.Password, Pk: gateway.Pk, Phrase: gateway.Phrase})
 		if er != nil {
 			err = fmt.Errorf("gateway is not available %w", er)
 			return
 		}
 		gatewayCli, er := gssh.Dial("tcp", fmt.Sprintf("%s:%d", gateway.Host, gateway.Port), gatewayConf)
 		if er != nil {
 			err = fmt.Errorf("gateway is not available %w", er)
 			return
 		}
 		//hostname, er := os.Hostname()
 		//if er != nil {
 		//	err = fmt.Errorf("gateway is not available %w", er)
 		//	return
 		//}
 		targetAddr := addr
 		//addr = fmt.Sprintf("%s:%d", hostname, port)
 		port, er := GetAvailablePort()
 		addr = fmt.Sprintf("127.0.0.1:%d", port)
 		listener, er := net.Listen("tcp", addr)
 		if er != nil {
 			err = fmt.Errorf("gateway is not available %w", er)
 			return
 		}
 		var accept bool
 		go func() {
 			for {
 				select {
 				case <-gatewayCloseChan:
 					return
 				default:
 					if accept {
 						continue
 					}
 					lc, err := listener.Accept()
 					if err != nil {
 						return
 					}
 					gatewayConn, err := gatewayCli.Dial("tcp", targetAddr)
 					if err != nil {
 						return
 					}
 					go func() {
 						_, _ = io.Copy(lc, gatewayConn)
 					}()
 					go func() {
 						_, _ = io.Copy(gatewayConn, lc)
 					}()
 					accept = true
 				}
 			}
 		}()
 	}
 	cli, err = gssh.Dial("tcp", addr, sshConf)
 	return
 }
 func ResizeSshClient(sess *gssh.Session, h, w int) {
 	err := sess.WindowChange(h, w)
 	if err != nil {
 		logger.L.Warn(err.Error())
 		return
 	}
 }
 func GetAvailablePort() (int, error) {
 	addr, err := net.ResolveTCPAddr("tcp", "localhost:0")
 	if err != nil {
 		return 0, err
 	}
 	l, err := net.ListenTCP("tcp", addr)
 	if err != nil {
 		return 0, err
 	}
 	defer func(l *net.TCPListener) {
 		_ = l.Close()
 	}(l)
 	return l.Addr().(*net.TCPAddr).Port, nil
 }
 func AcquireGatewayListener() (string, error) {
 	if GatewayListener == nil {
 		port, err := GetAvailablePort()
 		if err != nil {
 			return "", fmt.Errorf("get available port failed:%s", err.Error())
 		}
 		addr := fmt.Sprintf("127.0.0.1:%d", port)
 		listener, er := net.Listen("tcp", addr)
 		if er != nil {
 			return "", fmt.Errorf("listen tcp %s failed: %s", addr, er.Error())
 		}
 		GatewayListener = listener
 		ListenGateway()
 	}
 	return GatewayListener.Addr().String(), nil
 }
 // func NewSShClient1(addr string, account *model.Account, gateway *model.Gateway) (cli *gssh.Client, gatewayCloseChan chan struct{}, err error) {
 // 	password, pubkey := account.Password, ""
 // 	if account.AccountType == model.AUTHMETHOD_PUBLICKEY {
 // 		password, pubkey = pubkey, password
 // 	}
 // 	sshConf, err := NewSSHClientConfig(account.Account, password, pubkey)
 // 	if err != nil {
 // 		return
 // 	}
 // 	tmp := strings.Split(strings.TrimSpace(addr), ":")
 // 	if len(tmp) != 2 {
 // 		tmp = append(tmp, "22")
 // 	}
 // 	addr = strings.Join(tmp, ":")
 // 	if gateway != nil {
 // 		gatewayCloseChan = make(chan struct{})
 // 		gatewayConf, er := NewSSHClientConfig(gateway.Account, gateway.Password, "")
 // 		if er != nil {
 // 			err = fmt.Errorf("gateway is not available %w", er)
 // 			return
 // 		}
 // 		gatewayCli, er := gssh.Dial("tcp", fmt.Sprintf("%s:%d", gateway.Host, gateway.Port), gatewayConf)
 // 		if er != nil {
 // 			err = fmt.Errorf("gateway is not available %w", er)
 // 			return
 // 		}
 // 		if gatewayAddr, er := AcquireGatewayListener(); er != nil {
 // 			err = er
 // 			return
 // 		} else {
 // 			fmt.Println("dial.........", gatewayAddr, sshConf)
 // 			//c, er := net.DialTimeout("tcp", gatewayAddr, time.Second*5)
 // 			//fmt.Println(c, er)
 // 			cli, err = gssh.Dial("tcp", gatewayAddr, sshConf)
 // 			if err != nil {
 // 				return
 // 			}
 // 			fmt.Println("store.......")
 // 			GatewayConnections.Store(cli.LocalAddr().String(), GatewayClient{client: gatewayCli, targetAddr: addr})
 // 			fmt.Println("endd dial...", err)
 // 		}
 // 	} else {
 // 		cli, err = gssh.Dial("tcp", addr, sshConf)
 // 	}
 // 	return
 // }
 func ListenGateway() {
 	go func() {
 		for {
 			conn, err := GatewayListener.Accept()
 			if err != nil {
 				logger.L.Warn(err.Error())
 				return
 			}
 			if v, ok := GatewayConnections.Load(conn.RemoteAddr().String()); ok {
 				cli := v.(GatewayClient)
 				gatewayConn, err := cli.client.Dial("tcp", cli.targetAddr)
 				if err != nil {
 					logger.L.Warn(err.Error())
 					break
 				}
 				go func() {
 					_, _ = io.Copy(conn, gatewayConn)
 				}()
 				go func() {
 					_, _ = io.Copy(gatewayConn, conn)
 				}()
 			}
 		}
 	}()
 }
--- a/backend/pkg/proto/ssh/config/config.go
+++ b/backend/pkg/proto/ssh/config/config.go
@@ -1,28 +0,0 @@
 package config
 import (
 	"sync"
 )
 type Config struct {
 	Api   string `yaml:"api"`
 	Token string `yaml:"token"`
 	Ip   string `yaml:"ip"`
 	Port int    `yaml:"port"`
 	WebUser  string `yaml:"webUser"`
 	WebToken string `yaml:"webToken"`
 	RecordFilePath string `yaml:"recordFilePath"`
 	PrivateKeyPath string `yaml:"privateKeyPath"`
 	PlainMode bool `yaml:"plainMode"`
 }
 var (
 	SSHConfig        Config
 	TotalMonitors    = sync.Map{}
 	TotalHostSession = sync.Map{}
 	Assets           = sync.Map{}
 )
--- a/backend/pkg/proto/ssh/handler/handlers.go
+++ b/backend/pkg/proto/ssh/handler/handlers.go
@@ -1,125 +0,0 @@
 package handler
 import (
 	"io"
 	"os"
 	"strings"
 	"time"
 	gossh "github.com/gliderlabs/ssh"
 	gssh "golang.org/x/crypto/ssh"
 	"github.com/veops/oneterm/pkg/logger"
 	"github.com/veops/oneterm/pkg/proto/ssh/api"
 	cfg "github.com/veops/oneterm/pkg/proto/ssh/config"
 	"github.com/veops/oneterm/pkg/server/model"
 )
 type sshdServer struct {
 	Core *api.CoreInstance
 }
 func Init(address, apiHost, token, privateKeyPath, secretKey string) (*gossh.Server, error) {
 	sshd := NewSshdServer(apiHost, token, secretKey)
 	s := &gossh.Server{
 		Addr:             address,
 		Handler:          sshd.HomeHandler,
 		PasswordHandler:  sshd.PasswordHandler,
 		PublicKeyHandler: sshd.PublicKeyHandler,
 		IdleTimeout:      time.Hour*2 + time.Minute,
 	}
 	for _, v := range hostPrivateKeys(privateKeyPath) {
 		singer, er := gssh.ParsePrivateKey(v)
 		if er != nil {
 			continue
 		}
 		s.AddHostKey(singer)
 	}
 	return s, nil
 }
 func hostPrivateKeys(privateKeyPath string) [][]byte {
 	var res [][]byte
 	if privateKeyPath == "" {
 		homeDir, er := os.UserHomeDir()
 		if er != nil {
 			logger.L.Error(er.Error())
 		}
 		privateKeyPath = homeDir + "/.ssh/id_ed25519"
 	}
 	privateKey, err := os.ReadFile(privateKeyPath)
 	if err != nil {
 		logger.L.Error(err.Error())
 		return res
 	}
 	return [][]byte{privateKey}
 }
 func NewSshdServer(apiHost, token, secretKey string) *sshdServer {
 	s := &sshdServer{
 		Core: api.NewCoreInstance(apiHost, token, secretKey),
 	}
 	return s
 }
 func (s *sshdServer) PasswordHandler(ctx gossh.Context, password string) bool {
 	if password == "" {
 		return false
 	}
 	if ctx.User() == cfg.SSHConfig.WebUser && password == cfg.SSHConfig.WebToken {
 		ctx.SetValue("sshType", model.SESSIONTYPE_WEB)
 		return true
 	}
 	ctx.SetValue("sshType", model.SESSIONTYPE_CLIENT)
 	s.Core.Auth.Username = ctx.User()
 	s.Core.Auth.Password = password
 	s.Core.Auth.PublicKey = ""
 	return s.Auth(ctx)
 }
 func (s *sshdServer) PublicKeyHandler(ctx gossh.Context, key gossh.PublicKey) bool {
 	authorizedKey := gssh.MarshalAuthorizedKey(key)
 	s.Core.Auth.PublicKey = strings.TrimSpace(string(authorizedKey))
 	if s.Core.Auth.PublicKey == "" {
 		return false
 	}
 	s.Core.Auth.Username = ctx.User()
 	s.Core.Auth.Password = ""
 	if ctx.Value("sshType") == nil {
 		ctx.SetValue("sshType", model.SESSIONTYPE_CLIENT)
 	}
 	return s.Auth(ctx)
 }
 func (s *sshdServer) Auth(ctx gossh.Context) bool {
 	cookie, err := s.Core.Auth.Authenticate()
 	if err != nil || cookie == "" {
 		return false
 	}
 	ctx.SetValue("cookie", cookie)
 	return true
 }
 func (s *sshdServer) HomeHandler(gs gossh.Session) {
 	if py, winChan, isPty := gs.Pty(); isPty {
 		if py.Window.Height == 0 {
 			py.Window.Height = 24
 		}
 		interactiveSrv := NewInteractiveHandler(gs, s, py)
 		go interactiveSrv.WatchWinSize(winChan)
 		interactiveSrv.Schedule(&py)
 	} else {
 		if _, err := io.WriteString(gs, "不是PTY请求.\n"); err != nil {
 			logger.L.Error(err.Error())
 		}
 		err := gs.Exit(1)
 		if err != nil {
 			logger.L.Error(err.Error())
 		}
 		return
 	}
 }
--- a/backend/pkg/proto/ssh/handler/interactive.go
+++ b/backend/pkg/proto/ssh/handler/interactive.go
@@ -1,801 +0,0 @@
 // Package handler
 /**
 Copyright (c) The Authors.
 * @Author: feng.xiang
 * @Date: 2023/12/13 09:50
 * @Desc:
 */
 package handler
 import (
 	"bytes"
 	"encoding/json"
 	"fmt"
 	"io"
 	"net"
 	"strings"
 	"sync"
 	"time"
 	"github.com/BurntSushi/toml"
 	"github.com/c-bata/go-prompt"
 	"github.com/chzyer/readline"
 	gossh "github.com/gliderlabs/ssh"
 	"github.com/mattn/go-runewidth"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
 	"github.com/olekukonko/tablewriter"
 	"github.com/patrickmn/go-cache"
 	"github.com/spf13/cast"
 	"github.com/veops/go-ansiterm"
 	"go.uber.org/zap"
 	"golang.org/x/crypto/ssh"
 	"golang.org/x/text/language"
 	myi18n "github.com/veops/oneterm/pkg/i18n"
 	"github.com/veops/oneterm/pkg/logger"
 	"github.com/veops/oneterm/pkg/proto/ssh/client"
 	"github.com/veops/oneterm/pkg/proto/ssh/config"
 	gsession "github.com/veops/oneterm/pkg/server/global/session"
 	"github.com/veops/oneterm/pkg/server/model"
 	"github.com/veops/oneterm/pkg/util"
 )
 type InteractiveHandler struct {
 	Locker *sync.RWMutex
 	Session gossh.Session
 	//Term      *term.Terminal
 	Term      *readline.Instance
 	Prompt    *prompt.Prompt
 	Localizer *i18n.Localizer
 	SshType   int
 	pty       *gossh.Pty
 	Sshd     *sshdServer
 	Pty      gossh.Pty
 	Language int
 	Assets       []*model.Asset
 	Accounts     map[int]*model.Account
 	Commands     map[int]*model.Command
 	HistoryInput []string
 	SshClient        *ssh.Client
 	SshSession       map[string]*client.Connection
 	GatewayCloseChan chan struct{}
 	SelectedAsset *model.Asset
 	SessionReq    *gsession.SshReq
 	AccountInfo *model.Account
 	NeedAccount bool
 	Parser *Parser
 	GatewayListener   net.Listener
 	MessageChan       chan string
 	AccountsForSelect []*model.Account
 	Cache             *cache.Cache
 }
 type Parser struct {
 	Input      *ansiterm.ByteStream
 	Output     *ansiterm.ByteStream
 	InputData  []byte
 	OutputData []byte
 	Ps1        string
 	Ps2        string
 }
 var (
 	Bundle       = i18n.NewBundle(language.Chinese)
 	TotalSession = map[string]*client.Connection{}
 )
 func I18nInit(path string) {
 	Bundle.RegisterUnmarshalFunc("toml", toml.Unmarshal)
 	files, err := util.ListFiles(path)
 	if err != nil {
 		logger.L.Error(err.Error(), zap.String("module", "i18n"))
 	}
 	for _, f := range files {
 		_, err = Bundle.LoadMessageFile(f)
 		if err != nil {
 			logger.L.Warn(err.Error(), zap.String("module", "i18n"))
 		}
 	}
 }
 func NewInteractiveHandler(s gossh.Session, ss *sshdServer, pty gossh.Pty) *InteractiveHandler {
 	//t := term.NewTerminal(s, "> ")
 	t, err := readline.NewEx(&readline.Config{
 		Stdin:  s,
 		Stdout: s,
 		Prompt: ">",
 	})
 	if err != nil {
 		logger.L.Error(err.Error())
 	}
 	ih := &InteractiveHandler{
 		Locker:  new(sync.RWMutex),
 		Term:    t,
 		Session: s,
 		Sshd:    ss,
 		SessionReq:  &gsession.SshReq{},
 		SshSession:  map[string]*client.Connection{},
 		Pty:         pty,
 		MessageChan: make(chan string, 128),
 		Cache:       cache.New(time.Minute, time.Minute*5),
 	}
 	ih.Language = 1
 	ih.Localizer = i18n.NewLocalizer(Bundle)
 	width := 120
 	height := 40
 	if pty.Window.Width != 0 {
 		width = pty.Window.Width
 	}
 	if pty.Window.Height != 0 {
 		height = pty.Window.Height
 	}
 	ih.Parser = &Parser{
 		Input:  NewParser(width, height),
 		Output: NewParser(width, height),
 	}
 	return ih
 }
 func completer(d prompt.Document) []prompt.Suggest {
 	// 这里可以根据用户的实时输入来动态生成建议
 	suggestions := []prompt.Suggest{
 		{Text: "users", Description: "Store the username"},
 		{Text: "articles", Description: "Store the article text posted by user"},
 	}
 	// 只有当用户输入为空，或者以 'u' 开始时，才显示建议
 	if d.TextBeforeCursor() == "" || d.GetWordBeforeCursorWithSpace() == "u" {
 		return prompt.FilterHasPrefix(suggestions, d.GetWordBeforeCursor(), true)
 	}
 	// 其他情况不显示任何建议
 	return []prompt.Suggest{}
 }
 func NewParser(width, height int) *ansiterm.ByteStream {
 	screen := ansiterm.NewScreen(width, height)
 	stream := ansiterm.InitByteStream(screen, false)
 	stream.Attach(screen)
 	return stream
 }
 func (i *InteractiveHandler) WatchWinSize(winChan <-chan gossh.Window) {
 	for {
 		select {
 		case <-i.Session.Context().Done():
 			return
 		case win, ok := <-winChan:
 			if !ok {
 				return
 			}
 			for _, v := range i.SshSession {
 				client.ResizeSshClient(v.Session, win.Height, win.Width)
 				_ = v.Record.Resize(win.Height, win.Width)
 			}
 		}
 	}
 }
 func (i *InteractiveHandler) SwitchLanguage(lang string) {
 	languages := []string{"zh", "en"}
 	switch len(lang) {
 	case 0:
 		length := len(languages)
 		if length <= 1 {
 			return
 		}
 		if i.Language >= length {
 			i.Language = 1
 		} else {
 			i.Language += 1
 		}
 	default:
 		for index, v := range languages {
 			if v == lang {
 				i.Language = index + 1
 			}
 		}
 	}
 	i.Localizer = i18n.NewLocalizer(Bundle, languages[i.Language-1])
 }
 func (i *InteractiveHandler) SwitchLang(lang string) {
 	languages := []string{"zh", "en"}
 	switch len(lang) {
 	case 0:
 		length := len(languages)
 		if length <= 1 {
 			return
 		}
 		if i.Language >= length {
 			i.Language = 1
 		} else {
 			i.Language += 1
 		}
 	default:
 		for index, v := range languages {
 			if v == lang {
 				i.Language = index + 1
 			}
 		}
 	}
 	i.Localizer = i18n.NewLocalizer(Bundle, languages[i.Language-1])
 	i.PrintMessage(myi18n.MsgSshWelcome, map[string]any{"User": i.Session.User()})
 }
 func (i *InteractiveHandler) output(msg string) {
 	_, _ = io.WriteString(i.Session, msg)
 }
 func (i *InteractiveHandler) HostInfo(id int) (asset *model.Asset, err error) {
 	if id < 0 {
 		return
 	}
 	cookie, ok := i.Session.Context().Value("cookie").(string)
 	if !ok {
 		err = fmt.Errorf("no cookie")
 		return
 	}
 	res, er := i.Sshd.Core.Asset.Lists(cookie, "", id)
 	if er != nil {
 		err = er
 		return
 	}
 	if res.Count != 1 {
 		er = fmt.Errorf("found %d hosts: not unique", res.Count)
 		return
 	}
 	bs, er := json.Marshal(res.List[0])
 	if er != nil {
 		err = er
 		return
 	}
 	err = json.Unmarshal(bs, &asset)
 	if err != nil {
 		return
 	}
 	return asset, nil
 }
 func (i *InteractiveHandler) Check(id int, host *model.Asset) (asset *model.Asset, state bool, err error) {
 	assets, er := i.AcquireAssets("", id)
 	if er != nil {
 		err = er
 		return
 	}
 	if len(assets) == 0 {
 		return
 	}
 	asset = assets[0]
 	state = i.Sshd.Core.Asset.HasPermission(asset.AccessAuth)
 	return
 }
 func (i *InteractiveHandler) generateSessionRecord(conn *client.Connection, status int) (res *model.Session, err error) {
 	res = &model.Session{
 		SessionType: cast.ToInt(i.Session.Context().Value("sshType")),
 	}
 	if i.SessionReq != nil && i.SessionReq.Uid != 0 {
 		err = util.DecodeStruct(&res, i.SessionReq)
 		if err != nil {
 			return
 		}
 		res.Uid = i.SessionReq.Uid
 	} else {
 		res.ClientIp = i.Session.RemoteAddr().String()
 	}
 	res.UserName = i.Session.Context().User()
 	res.AccountInfo = fmt.Sprintf("%s(%s)", i.AccountInfo.Name, i.AccountInfo.Account)
 	s, er := i.Sshd.Core.Auth.AclInfo(i.Session.Context().Value("cookie").(string))
 	if er != nil {
 		logger.L.Warn(er.Error(), zap.String("session", "add"))
 	} else if s != nil {
 		res.Uid = s.Uid
 		res.UserName = s.UserName
 	}
 	res.Status = status
 	res.AssetInfo = fmt.Sprintf("%s(%s)", i.SelectedAsset.Name, i.SelectedAsset.Ip)
 	res.SessionId = conn.SessionId
 	res.GatewayId = i.SelectedAsset.GatewayId
 	if conn.Gateway != nil {
 		res.GatewayInfo = fmt.Sprintf("%s:%d", conn.Gateway.Host, conn.Gateway.Port)
 	}
 	res.AssetId = i.SelectedAsset.Id
 	res.AccountId = i.AccountInfo.Id
 	if status == model.SESSIONSTATUS_OFFLINE {
 		t := time.Now()
 		res.ClosedAt = &t
 	}
 	return
 }
 func readLine(s gossh.Session) string {
 	buf := make([]byte, 1)
 	var in []byte
 	for {
 		_, _ = s.Read(buf)
 		switch buf[0] {
 		case []byte("\r")[0], []byte("\r\n")[0]:
 			return string(in)
 		default:
 			in = append(in, buf[0])
 		}
 	}
 }
 func (i *InteractiveHandler) Schedule(pty *gossh.Pty) {
 	i.pty = pty
 	var err error
 	var line string
 	if st, ok := i.Session.Context().Value("sshType").(int); ok && st == model.SESSIONTYPE_WEB {
 		//line, err = i.Term.ReadLine()
 		line = readLine(i.Session)
 		if err != nil {
 			logger.L.Debug("connection closed", zap.String("msg", err.Error()))
 			return
 		}
 		var r *gsession.SshReq
 		err = json.Unmarshal([]byte(line), &r)
 		if err != nil {
 			logger.L.Warn(err.Error())
 			return
 		}
 		// "Accept-Language")
 		//i.Localizer = i18n.NewLocalizer(conf.Bundle, lang, accept)
 		i.Session.Context().SetValue("cookie", r.Cookie)
 		i.SessionReq = r
 		// monitor
 		{
 			if i.SessionReq.SessionId != "" {
 				switch i.SessionReq.Action {
 				case model.SESSIONACTION_MONITOR:
 					i.wrapJsonResponse(i.SessionReq.SessionId, 0, "success")
 					RegisterMonitorSession(i.SessionReq.SessionId, i.Session)
 					return
 				case model.SESSIONACTION_CLOSE:
 					if v, ok := config.TotalHostSession.Load(i.SessionReq.SessionId); ok {
 						err = v.(*client.Connection).Session.Close()
 						if err != nil {
 							logger.L.Warn(err.Error())
 							i.wrapJsonResponse(i.SessionReq.SessionId, 1, "failed")
 							return
 						}
 						close(v.(*client.Connection).Exit)
 					}
 					i.wrapJsonResponse(i.SessionReq.SessionId, 0, "success")
 					return
 				}
 			}
 		}
 		host, ok, err := i.Check(r.AssetId, nil)
 		if err != nil {
 			logger.L.Warn(err.Error())
 			i.wrapJsonResponse("", 1, err.Error())
 			return
 		}
 		if !ok {
 			i.wrapJsonResponse("", 1, fmt.Sprintf("invalid status for %v", r.AssetId))
 			return
 		}
 		i.SelectedAsset = host
 		commands, er := i.AcquireCommands()
 		if er != nil {
 			return
 		}
 		i.Commands = commands
 		_, err = i.Proxy(host.Ip, r.AccountId)
 		if err != nil {
 			logger.L.Error(err.Error(), zap.String("module", "proxy"))
 			i.wrapJsonResponse("", 1, err.Error())
 		}
 		return
 	} else {
 		if config.SSHConfig.PlainMode {
 			i.SwitchLang("zh")
 			for {
 				//line, err = i.Term.ReadLine()
 				line, err = i.Term.Readline()
 				if err != nil {
 					logger.L.Debug("connection closed", zap.String("msg", err.Error()))
 					break
 				}
 				if strings.TrimSpace(line) == "" {
 					continue
 				}
 				if i.HandleInput(strings.TrimSpace(line)) {
 					break
 				}
 			}
 		} else {
 			tm := InitAndRunTerm(i)
 			_, err := tm.Run()
 			if err != nil {
 				logger.L.Error(err.Error(), zap.String("module", "schedule"))
 			}
 		}
 	}
 }
 func (i *InteractiveHandler) HandleInput(line string) (exit bool) {
 	switch strings.TrimSpace(line) {
 	case "/*":
 		i.SelectedAsset = nil
 		assets, er := i.AcquireAssets("", 0)
 		if er != nil {
 			return
 		}
 		accounts, er := i.AcquireAccounts()
 		if er != nil {
 			return
 		}
 		commands, er := i.AcquireCommands()
 		if er != nil {
 			return
 		}
 		i.Locker.Lock()
 		i.Assets = assets
 		i.Accounts = accounts
 		i.Commands = commands
 		i.Locker.Unlock()
 		i.showResult(assets)
 		return
 	case "/?", "/？":
 		i.PrintMessage(myi18n.MsgSshWelcome, map[string]any{"User": i.Session.User()})
 		return
 	case "/s":
 		i.SwitchLang("")
 		return
 	case "/q":
 		i.Session.Close()
 		return
 	default:
 		switch {
 		case line == "exit":
 			logger.L.Info("exit", zap.String("user", i.Session.User()), zap.String("input", line))
 			i.Session.Close()
 			return
 		}
 	}
 	_, er := i.Proxy(line, -1)
 	if er != nil {
 		logger.L.Info(er.Error())
 	}
 	if st, ok := i.Session.Context().Value("sshType").(int); ok && st == model.SESSIONTYPE_WEB {
 		exit = true
 	}
 	return
 }
 func (i *InteractiveHandler) AcquireAndStoreAssets(search string, id int) (selectedHosts, likeHosts []*model.Asset, err error) {
 	i.Locker.RLock()
 	count := len(i.Assets)
 	i.Locker.RUnlock()
 	var find = func(assets []*model.Asset) (selectedHosts, likeHosts []*model.Asset) {
 		if search == "" {
 			return
 		}
 		for _, v := range assets {
 			if v.Ip == search || v.Name == search {
 				selectedHosts = append(selectedHosts, v)
 			} else if strings.Contains(v.Ip, search) || strings.Contains(v.Name, search) {
 				likeHosts = append(likeHosts, v)
 			}
 		}
 		return
 	}
 	if count == 0 {
 		res, er := i.AcquireAssets(search, id)
 		if er != nil {
 			err = er
 			return
 		}
 		selectedHosts, likeHosts = find(res)
 		i.Locker.Lock()
 		i.Assets = res
 		i.Locker.Unlock()
 		return
 	} else {
 		i.Locker.Lock()
 		selectedHosts, likeHosts = find(i.Assets)
 		i.Locker.Unlock()
 		return
 	}
 }
 func (i *InteractiveHandler) AcquireAssets(search string, id int) (assets []*model.Asset, err error) {
 	if search == "" && id <= 0 {
 		if v, ok := i.Cache.Get("assets"); ok {
 			return v.([]*model.Asset), nil
 		} else {
 			defer func() {
 				if err == nil {
 					i.Cache.Set("assets", assets, 0)
 				}
 			}()
 		}
 	}
 	if totalAssets, ok := i.Cache.Get("assets"); ok {
 		for _, v := range totalAssets.([]*model.Asset) {
 			if id > 0 {
 				if id == v.Id {
 					assets = append(assets, v)
 					return
 				} else {
 					continue
 				}
 			} else {
 				if strings.Contains(v.Name, search) {
 					assets = append(assets, v)
 				}
 			}
 		}
 	} else {
 		cookie, ok := i.Session.Context().Value("cookie").(string)
 		if ok {
 			res, er := i.Sshd.Core.Asset.Lists(cookie, search, id)
 			if er != nil {
 				err = er
 				return
 			}
 			if res != nil {
 				for _, v := range res.List {
 					var v1 model.Asset
 					_ = util.DecodeStruct(&v1, v)
 					bs, _ := json.Marshal(v.(map[string]interface{})["authorization"])
 					er = json.Unmarshal(bs, &v1.Authorization)
 					if er != nil {
 						logger.L.Warn(er.Error())
 					}
 					assets = append(assets, &v1)
 				}
 			}
 		} else {
 			err = fmt.Errorf("no cookies")
 		}
 	}
 	return
 }
 func (i *InteractiveHandler) AcquireAccounts() (accounts map[int]*model.Account, err error) {
 	accounts = map[int]*model.Account{}
 	cookie, ok := i.Session.Context().Value("cookie").(string)
 	if ok {
 		res, er := i.Sshd.Core.Auth.Accounts(cookie)
 		if er != nil {
 			err = er
 			return
 		}
 		for _, v := range res {
 			var v1 model.Account
 			_ = util.DecodeStruct(&v1, v)
 			accounts[v1.Id] = &v1
 		}
 	} else {
 		err = fmt.Errorf("no cookies")
 	}
 	return
 }
 func (i *InteractiveHandler) AcquireAccountInfo(id int, name string) (res *model.Account, err error) {
 	cookie, ok := i.Session.Context().Value("cookie").(string)
 	if ok {
 		return i.Sshd.Core.Auth.AccountInfo(cookie, id, name)
 	} else {
 		err = fmt.Errorf("no cookies")
 	}
 	return
 }
 func (i *InteractiveHandler) AcquireCommands() (commands map[int]*model.Command, err error) {
 	commands = map[int]*model.Command{}
 	cookie, ok := i.Session.Context().Value("cookie").(string)
 	if ok {
 		res, er := i.Sshd.Core.Asset.Commands(cookie)
 		if er != nil {
 			err = er
 			return
 		}
 		for _, v := range res {
 			var v1 model.Command
 			_ = util.DecodeStruct(&v1, v)
 			commands[v1.Id] = &v1
 		}
 	} else {
 		err = fmt.Errorf("no cookies")
 	}
 	return
 }
 func (i *InteractiveHandler) AcquireConfig() (config *model.Config, err error) {
 	config = &model.Config{}
 	cookie, ok := i.Session.Context().Value("cookie").(string)
 	if ok {
 		res, er := i.Sshd.Core.Asset.Config(cookie)
 		if er != nil {
 			err = er
 			return
 		}
 		config = res
 	} else {
 		err = fmt.Errorf("no cookies")
 	}
 	return
 }
 func (i *InteractiveHandler) showResult(data []*model.Asset) {
 	i.Term.SetPrompt("host> ")
 	var hosts []string
 	for _, d := range data {
 		hosts = append(hosts, d.Name)
 	}
 	var templateData = map[string]interface{}{
 		"Count": len(data),
 		"Msg":   "",
 	}
 	if data != nil {
 		templateData["Msg"] = i.tableData(hosts)
 	}
 	i.PrintMessage(myi18n.MsgSshShowAssetResults, templateData)
 }
 func (i *InteractiveHandler) tableData(data []string) string {
 	chunkData := i.chunkData(data)
 	buf := &bytes.Buffer{}
 	tw := tablewriter.NewWriter(buf)
 	tw.SetAutoWrapText(false)
 	tw.SetColumnSeparator(" ")
 	tw.SetNoWhiteSpace(false)
 	tw.SetBorder(false)
 	tw.SetAlignment(tablewriter.ALIGN_LEFT)
 	tw.AppendBulk(chunkData)
 	tw.Render()
 	return buf.String()
 }
 func (i *InteractiveHandler) chunkData(data []string) (res [][]string) {
 	width := 80
 	if i.pty != nil {
 		width = i.pty.Window.Width
 	}
 	n := len(data)
 	chunk := n
 	for ; chunk >= 1; chunk -= 1 {
 		ok := true
 		for i := 0; i < n && ok; i += chunk {
 			w := chunk*3 + 4
 			r := i + chunk
 			if r > n {
 				r = n
 			}
 			for _, s := range data[i:r] {
 				w += runewidth.StringWidth(s)
 			}
 			ok = ok && w <= width
 		}
 		if ok {
 			t := i.getChunk(data, chunk)
 			maxLen := make(map[int]int)
 			for _, c := range t {
 				for i, v := range c {
 					l := runewidth.StringWidth(v)
 					if l > maxLen[i] {
 						maxLen[i] = l
 					}
 				}
 			}
 			for _, row := range t {
 				w := chunk*3 + 4
 				for i := range row {
 					w += maxLen[i]
 				}
 				ok = ok && w <= width
 			}
 		}
 		if ok {
 			break
 		}
 	}
 	if chunk < 1 {
 		chunk = 1
 	}
 	res = i.getChunk(data, chunk)
 	return
 }
 func (i *InteractiveHandler) getChunk(data []string, chunk int) (res [][]string) {
 	n := len(data)
 	for i := 0; i < n; i += chunk {
 		r := i + chunk
 		if r > n {
 			r = n
 		}
 		res = append(res, data[i:r])
 	}
 	return
 }
 func (i *InteractiveHandler) wrapJsonResponse(sessionId string, code int, message string) {
 	if st, ok := i.Session.Context().Value("sshType").(int); ok && st != model.SESSIONTYPE_WEB {
 		return
 	}
 	res, er := json.Marshal(gsession.ServerResp{
 		Code:      code,
 		Message:   message,
 		SessionId: sessionId,
 		Uid:       i.SessionReq.Uid,
 		UserName:  i.SessionReq.UserName,
 	})
 	if er != nil {
 		logger.L.Error(er.Error())
 	}
 	i.output(string(append(res, []byte("\r")...)))
 }
 func (i *InteractiveHandler) NewSession(account *model.Account, gateway *model.Gateway) (conn *client.Connection, err error) {
 	i.Locker.Lock()
 	defer i.Locker.Unlock()
 	if i.SshClient == nil {
 		protocol := i.SessionReq.Protocol
 		if strings.HasPrefix(i.SessionReq.Protocol, "ssh:") {
 			protocol = "ssh:" + getSshPort(i.SessionReq.Protocol)
 		}
 		con, ch, er := client.NewSShClient(strings.ReplaceAll(protocol, "ssh", i.SelectedAsset.Ip), account, gateway)
 		if er != nil {
 			err = er
 			return
 		}
 		i.SshClient = con
 		i.GatewayCloseChan = ch
 	}
 	i.AccountInfo = account
 	conn, err = client.NewSShSession(i.SshClient, i.Pty, i.GatewayCloseChan)
 	if err != nil {
 		return
 	}
 	conn.AssetId = i.SelectedAsset.Id
 	conn.AccountId = account.Id
 	conn.Gateway = gateway
 	i.SshSession[conn.SessionId] = conn
 	return
 }
 func (i *InteractiveHandler) UpsertSession(conn *client.Connection, status int) error {
 	resp, err := i.generateSessionRecord(conn, status)
 	if err != nil {
 		return err
 	}
 	return i.Sshd.Core.Audit.NewSession(resp)
 }
--- a/backend/pkg/proto/ssh/handler/message.go
+++ b/backend/pkg/proto/ssh/handler/message.go
@@ -1,34 +0,0 @@
 package handler
 import (
 	"github.com/nicksnyder/go-i18n/v2/i18n"
 	"go.uber.org/zap"
 	"github.com/veops/oneterm/pkg/logger"
 	"github.com/veops/oneterm/pkg/proto/ssh/config"
 )
 func (i *InteractiveHandler) PrintMessage(msg *i18n.Message, data any) {
 	if config.SSHConfig.PlainMode {
 		i.output("\r\n" + i.Message(msg, data))
 	} else {
 		i.MessageChan <- i.Message(msg, data)
 	}
 }
 func (i *InteractiveHandler) PrintMessageV1(msg *i18n.Message, data any) {
 	i.output(i.Message(msg, data))
 }
 func (i *InteractiveHandler) Message(msg *i18n.Message, data any) string {
 	str, er := i.Localizer.Localize(&i18n.LocalizeConfig{
 		DefaultMessage: msg,
 		TemplateData:   data,
 		PluralCount:    1,
 	})
 	if er != nil {
 		logger.L.Warn(er.Error(), zap.String("module", "i18n"))
 		return ""
 	}
 	return str
 }
--- a/backend/pkg/proto/ssh/handler/proxy.go
+++ b/backend/pkg/proto/ssh/handler/proxy.go
@@ -1,554 +0,0 @@
 // Package handler
 /**
 Copyright (c) The Authors.
 * @Author: feng.xiang
 * @Date: 2024/1/18 17:05
 * @Desc:
 */
 package handler
 import (
 	"bytes"
 	"fmt"
 	"io"
 	"regexp"
 	"sort"
 	"strings"
 	"sync/atomic"
 	"time"
 	"unicode/utf8"
 	gossh "github.com/gliderlabs/ssh"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
 	myi18n "github.com/veops/oneterm/pkg/i18n"
 	"github.com/veops/oneterm/pkg/logger"
 	"github.com/veops/oneterm/pkg/proto/ssh/client"
 	"github.com/veops/oneterm/pkg/proto/ssh/config"
 	"github.com/veops/oneterm/pkg/server/model"
 )
 var (
 	IdleTimeout = time.Minute * 5
 	ReturnKey   = []byte{0x0d}
 )
 func (i *InteractiveHandler) Proxy(line string, accountId int) (step int, err error) {
 	step = 1
 	if accountId > 0 {
 		var accountName string
 		defer func() {
 			if err != nil {
 				i.PrintMessage(myi18n.MsgSshAccountLoginError, map[string]any{"User": accountName})
 			}
 		}()
 		if i.SelectedAsset != nil && accountId < 0 {
 			accountName = line
 		}
 		host, ok, er := i.Check(i.SelectedAsset.Id, nil)
 		if er != nil {
 			err = er
 			return
 		}
 		if !ok {
 			err = fmt.Errorf("current time is not allowed to access")
 			return
 		}
 		i.SelectedAsset = host
 		if _, ok := i.SelectedAsset.Authorization[accountId]; !ok {
 			err = fmt.Errorf("you donnot have permission")
 			return
 		}
 		account, er := i.Sshd.Core.Auth.AccountInfo(i.Session.Context().Value("cookie").(string), accountId, accountName)
 		if er != nil {
 			err = er
 			return
 		}
 		accountName = account.Name
 		var gateway *model.Gateway
 		if i.SelectedAsset.GatewayId != 0 {
 			gateway, err = i.Sshd.Core.Asset.Gateway(i.Session.Context().Value("cookie").(string), i.SelectedAsset.GatewayId)
 			if err != nil {
 				return
 			}
 		}
 		conn, er := i.NewSession(account, gateway)
 		if er != nil {
 			err = er
 			return
 		}
 		er = i.UpsertSession(conn, model.SESSIONSTATUS_ONLINE)
 		if er != nil {
 			logger.L.Warn(er.Error())
 		}
 		config.TotalHostSession.Store(conn.SessionId, conn)
 		if err := i.bind(i.Session, conn); err != nil {
 			logger.L.Error(err.Error())
 		}
 		step = 1
 	} else {
 		if i.NeedAccount && i.SelectedAsset != nil {
 			i.NeedAccount = false
 			var account *model.Account
 			accountIds := make([]int, 0)
 			for aId := range i.SelectedAsset.Authorization {
 				accountIds = append(accountIds, aId)
 			}
 			sort.Ints(accountIds)
 			for _, aId := range accountIds {
 				account := i.Accounts[aId]
 				if config.SSHConfig.PlainMode {
 					if account == nil || !strings.Contains(account.Name, line) {
 						continue
 					}
 				} else {
 					if account == nil || line != account.Name {
 						continue
 					}
 				}
 				return i.Proxy(line, account.Id)
 			}
 			if account == nil {
 				i.PrintMessage(myi18n.MsgSshAccountLoginError, map[string]any{"User": line})
 			}
 			return
 		} else if strings.TrimSpace(line) == "" {
 			return
 		}
 		var (
 			host *model.Asset
 		)
 		selectHosts, likeHosts, er := i.AcquireAndStoreAssets(line, 0)
 		if er != nil {
 			logger.L.Error(err.Error())
 		}
 		if len(selectHosts) == 0 && len(likeHosts) == 0 {
 			i.PrintMessage(myi18n.MsgSshNoMatchingAsset, map[string]any{"Host": line})
 			return
 		}
 		switch len(selectHosts) {
 		case 0:
 			switch len(likeHosts) {
 			case 0:
 				return
 			case 1:
 				host = likeHosts[0]
 			default:
 				i.showResult(likeHosts)
 				return
 			}
 		case 1:
 			host = selectHosts[0]
 		default:
 			i.showResult(selectHosts)
 			return
 		}
 		i.SelectedAsset = host
 		var sshPort string
 		for _, v := range host.Protocols {
 			if strings.HasPrefix(v, "ssh") {
 				sshPort = getSshPort(v)
 				break
 			}
 		}
 		if sshPort == "" {
 			i.PrintMessage(myi18n.MsgSshNoSshAccessMethod, map[string]any{"Host": line})
 			return
 		}
 		i.SessionReq.Protocol = "ssh:" + sshPort
 		var hostAccountIds []int
 		if len(i.Accounts) == 0 {
 			accounts, er := i.AcquireAccounts()
 			if er != nil {
 				logger.L.Info(er.Error())
 			} else {
 				i.Accounts = accounts
 			}
 		}
 		for k := range host.Authorization {
 			if v, ok := i.Accounts[k]; ok {
 				hostAccountIds = append(hostAccountIds, v.Id)
 			}
 		}
 		sort.Ints(hostAccountIds)
 		switch len(hostAccountIds) {
 		case 0:
 			i.PrintMessage(myi18n.MsgSshNoSshAccountForAsset, map[string]any{"Host": line})
 			return
 		case 1:
 			return i.Proxy(line, hostAccountIds[0])
 		default:
 			var accounts []string
 			for _, aId := range hostAccountIds {
 				if account, ok := i.Accounts[aId]; ok {
 					i.AccountsForSelect = append(i.AccountsForSelect, account)
 					accounts = append(accounts, account.Name)
 				}
 			}
 			i.NeedAccount = true
 			if config.SSHConfig.PlainMode {
 				i.PrintMessage(myi18n.MsgSshMultiSshAccountForAsset, map[string]any{"Accounts": i.tableData(accounts)})
 			}
 			step = 2
 		}
 	}
 	return
 }
 func getSshPort(protocol string) (sshPort string) {
 	tmp := strings.Split(protocol, ":")
 	if len(tmp) == 2 && tmp[0] == "ssh" {
 		sshPort = tmp[1]
 	}
 	if strings.TrimSpace(sshPort) == "" {
 		sshPort = "22"
 	}
 	return sshPort
 }
 func (i *InteractiveHandler) handleUserInput(userConn gossh.Session, targetInChan chan<- []byte,
 	done chan struct{}) {
 	buffer := bytes.NewBuffer(make([]byte, 0, 1024*2))
 	maxLen := 1024
 	for {
 		buf := make([]byte, maxLen)
 		nr, err := userConn.Read(buf)
 		if nr > 0 {
 			validBytes := buf[:nr]
 			bufferLen := buffer.Len()
 			if bufferLen > 0 || nr == maxLen {
 				buffer.Write(buf[:nr])
 				validBytes = validBytes[:0]
 			}
 			remainBytes := buffer.Bytes()
 			for len(remainBytes) > 0 {
 				r, size := utf8.DecodeRune(remainBytes)
 				if r == utf8.RuneError {
 					if len(remainBytes) <= 3 {
 						break
 					}
 				}
 				validBytes = append(validBytes, remainBytes[:size]...)
 				remainBytes = remainBytes[size:]
 			}
 			buffer.Reset()
 			if len(remainBytes) > 0 {
 				buffer.Write(remainBytes)
 			}
 			select {
 			case targetInChan <- validBytes:
 			case <-done:
 				break
 			}
 		}
 		if err != nil {
 			break
 		}
 	}
 	close(targetInChan)
 }
 func (i *InteractiveHandler) handleHostOutput(hostConn *client.Connection, userConn gossh.Session,
 	done chan struct{}, ticker *time.Ticker) {
 	for {
 		buf := make([]byte, 1024)
 		n, err := hostConn.Stdout.Read(buf)
 		if err != nil {
 			logger.L.Warn(err.Error())
 		}
 		ticker.Reset(IdleTimeout)
 		i.handleOutput(buf[:n], hostConn, userConn)
 		if err == io.EOF {
 			close(done)
 			break
 		}
 	}
 }
 func (i *InteractiveHandler) bind(userConn gossh.Session, hostConn *client.Connection) error {
 	maxIdleTimeout := time.Hour * 2
 	mConfig, _ := i.AcquireConfig()
 	if mConfig != nil && mConfig.Timeout > 0 {
 		IdleTimeout = time.Second * time.Duration(mConfig.Timeout)
 	}
 	if IdleTimeout > maxIdleTimeout {
 		IdleTimeout = maxIdleTimeout
 	}
 	targetInChan := make(chan []byte, 1)
 	done := make(chan struct{})
 	var (
 		exit             bool
 		accessUpdateStep = time.Minute
 		waitRead         atomic.Bool
 	)
 	waitRead.Store(true)
 	i.wrapJsonResponse(hostConn.SessionId, 0, "success")
 	tk, tkAccess, readReset := time.NewTicker(IdleTimeout), time.NewTicker(accessUpdateStep), time.NewTicker(time.Second)
 	go i.handleUserInput(userConn, targetInChan, done)
 	go i.handleHostOutput(hostConn, userConn, done, tk)
 	for {
 		select {
 		case p, ok := <-targetInChan:
 			if !ok {
 				return nil
 			}
 			tk.Reset(IdleTimeout)
 			//readL.WriteStdin(p)
 			err, _ := i.HandleData(p, hostConn, userConn)
 			if err != nil {
 				logger.L.Error(err.Error())
 			}
 			readReset.Reset(time.Second)
 		case <-done:
 			exit = true
 		case <-tk.C:
 			_, err := userConn.Write([]byte(i.Message(myi18n.MsgSShHostIdleTimeout, map[string]any{"Idle": IdleTimeout})))
 			if err != nil {
 				logger.L.Warn(err.Error())
 			}
 			exit = true
 		case <-readReset.C:
 			waitRead.Store(true)
 		case <-hostConn.Exit:
 			exit = true
 		case <-i.Session.Context().Done():
 			exit = true
 		case <-tkAccess.C:
 			commands, er := i.AcquireCommands()
 			if er == nil {
 				i.Commands = commands
 			}
 			asset, er := i.AcquireAssets("", hostConn.AssetId)
 			if er != nil || len(asset) <= 0 || !i.Sshd.Core.Asset.HasPermission(asset[0].AccessAuth) {
 				_, err := userConn.Write([]byte(i.Message(myi18n.MsgSshAccessRefusedInTimespan, nil)))
 				if err != nil {
 					logger.L.Error(err.Error())
 				}
 				exit = true
 				break
 			}
 			i.SelectedAsset = asset[0]
 			if _, ok := asset[0].Authorization[hostConn.AccountId]; !ok {
 				_, err := userConn.Write([]byte(i.Message(myi18n.MsgSshNoAssetPermission, map[string]any{"Host": i.SelectedAsset.Name})))
 				if err != nil {
 					logger.L.Warn(err.Error())
 				}
 				exit = true
 				break
 			}
 			account, er := i.AcquireAccountInfo(hostConn.AccountId, "")
 			if er != nil || account == nil {
 				_, err := userConn.Write([]byte(i.Message(myi18n.MsgSshNoAssetPermission, map[string]any{"Host": i.SelectedAsset.Name})))
 				if err != nil {
 					logger.L.Warn(err.Error())
 				}
 				exit = true
 				break
 			}
 		}
 		if exit {
 			i.Exits(hostConn)
 			return nil
 		}
 	}
 }
 func (i *InteractiveHandler) handleOutput(data []byte, hostConn *client.Connection, userConn gossh.Session) {
 	_, err := userConn.Write(data)
 	if err != nil {
 		logger.L.Info(err.Error())
 	}
 	if !hostConn.Parser.State(data) {
 		i.Parser.OutputData = append(i.Parser.OutputData, data...)
 	}
 	err = hostConn.Record.Write(data)
 	if err != nil {
 		logger.L.Error(err.Error())
 	}
 	Monitor(hostConn.SessionId, data)
 }
 func (i *InteractiveHandler) CommandLevel(cmd string) int {
 	// TODO
 	return 0
 }
 func parseOutput(data []string) (output []string) {
 	for _, line := range data {
 		if strings.TrimSpace(line) != "" {
 			output = append(output, line)
 		}
 	}
 	return output
 }
 func (i *InteractiveHandler) Output() string {
 	i.Parser.Output.Feed(i.Parser.OutputData)
 	res := parseOutput(i.Parser.Output.Listener.Display())
 	if len(res) == 0 {
 		return ""
 	}
 	return res[len(res)-1]
 }
 func (i *InteractiveHandler) Command() string {
 	s := i.Output()
 	return strings.TrimPrefix(s, i.Parser.Ps1)
 }
 func (i *InteractiveHandler) HandleData(data []byte, hostConn *client.Connection, userConn gossh.Session) (err error, exit bool) {
 	if hostConn.Parser.State(data) {
 		_, err = hostConn.Stdin.Write(data)
 		if err != nil {
 			logger.L.Error(err.Error())
 		}
 		return
 	}
 	var write bool
 	if bytes.LastIndex(data, []byte{0x0d}) == -1 {
 		_, err = hostConn.Stdin.Write(data)
 		if err != nil {
 			logger.L.Error(err.Error())
 		}
 		write = true
 	} else {
 		if len(data) > 1 {
 			var tmp []byte
 			for _, d := range data {
 				if d != 0x0d {
 					tmp = append(tmp, d)
 					continue
 				}
 				if len(tmp) > 0 {
 					err1, stop := i.HandleData(tmp, hostConn, userConn)
 					if err1 != nil {
 						return err1, stop
 					}
 					if stop {
 						break
 					}
 				}
 				err1, stop := i.HandleData(ReturnKey, hostConn, userConn)
 				if err != nil {
 					return err1, stop
 				}
 				if stop {
 					break
 				}
 			}
 			return
 		}
 	}
 	if bytes.LastIndex(data, ReturnKey) == 0 {
 		time.Sleep(time.Millisecond * 100)
 	}
 	if len(i.Parser.InputData) == 0 && i.Parser.Ps2 == "" {
 		i.Parser.Ps1 = i.Output()
 	}
 	i.Parser.InputData = append(i.Parser.InputData, data...)
 	if bytes.LastIndex(data, ReturnKey) == 0 {
 		command := i.Command()
 		i.Parser.Output.Listener.Reset()
 		i.Parser.OutputData = nil
 		i.Parser.InputData = nil
 		i.Parser.Ps2 = ""
 		if _, valid := i.CommandCheck(command); valid {
 			if strings.TrimSpace(command) != "" {
 				go i.Sshd.Core.Audit.AddCommand(model.SessionCmd{Cmd: command, Level: i.CommandLevel(command), SessionId: hostConn.SessionId})
 			}
 			if !write {
 				_, err = hostConn.Stdin.Write(data)
 				if err != nil {
 					logger.L.Warn(err.Error())
 				}
 			}
 		} else {
 			tips, _ := i.Localizer.Localize(&i18n.LocalizeConfig{
 				DefaultMessage: myi18n.MsgSshCommandRefused,
 				TemplateData:   map[string]string{"Command": command},
 				PluralCount:    1,
 			})
 			_, err = hostConn.Stdin.Write([]byte{0x15})
 			if err != nil {
 				logger.L.Warn(err.Error())
 			}
 			i.Parser.Ps2 = i.Parser.Ps1 + command
 			i.handleOutput([]byte("\r\n"+tips+i.Parser.Ps2), hostConn, userConn)
 			_, err = hostConn.Stdin.Write([]byte{0x15})
 			return err, true
 		}
 	}
 	return
 }
 func (i *InteractiveHandler) Exits(conn *client.Connection) {
 	if conn.GateWayCloseChan != nil {
 		conn.GateWayCloseChan <- struct{}{}
 	}
 	_ = conn.Session.Close()
 	conn.Record.Close()
 	config.TotalHostSession.Delete(conn.SessionId)
 	config.TotalMonitors.Delete(conn.SessionId)
 	i.Locker.Lock()
 	delete(i.SshSession, conn.SessionId)
 	if len(i.SshSession) == 0 {
 		_ = i.SshClient.Close()
 		i.SshClient = nil
 	}
 	i.Locker.Unlock()
 	err := i.UpsertSession(conn, model.SESSIONSTATUS_OFFLINE)
 	if err != nil {
 		logger.L.Error(err.Error())
 	}
 }
 func (i *InteractiveHandler) CommandCheck(command string) (string, bool) {
 	for _, id := range i.SelectedAsset.CmdIds {
 		cmd, ok := i.Commands[id]
 		if !ok || !cmd.Enable {
 			continue
 		}
 		for _, c := range cmd.Cmds {
 			p, err := regexp.Compile(c)
 			if err == nil {
 				if p.Match([]byte(command)) {
 					return c, false
 				}
 			} else {
 				if c == command {
 					return c, false
 				}
 			}
 		}
 	}
 	return "", true
 }
 //func (v *VirtualTermIn) Read(p []byte) (n int, err error) {
 //	return v.InChan.Read(p)
 //}
 //
 //func (v *VirtualTermIn) Close() error {
 //	return nil
 //}
 //
 //func (v *VirtualTermOut) Write(p []byte) (n int, err error) {
 //	return v.OutChan.Write(p)
 //}
--- a/backend/pkg/proto/ssh/handler/sider.go
+++ b/backend/pkg/proto/ssh/handler/sider.go
@@ -1,47 +0,0 @@
 package handler
 import (
 	"fmt"
 	gossh "github.com/gliderlabs/ssh"
 	"github.com/veops/oneterm/pkg/logger"
 	"github.com/veops/oneterm/pkg/proto/ssh/config"
 )
 func RegisterMonitorSession(sessionId string, sess gossh.Session) {
 	_, ok := config.TotalHostSession.Load(sessionId)
 	if !ok {
 		return
 	}
 	config.TotalMonitors.LoadOrStore(sessionId, sess)
 	if _, ok := config.TotalMonitors.Load(sessionId); !ok {
 		config.TotalMonitors.Store(sessionId, sess)
 	}
 	<-sess.Context().Done()
 	DeleteMonitorSession(sessionId)
 }
 func DeleteMonitorSession(sessionId string) {
 	config.TotalMonitors.Delete(sessionId)
 }
 func getMonitorSession(sessionId string) gossh.Session {
 	if v, ok := config.TotalMonitors.Load(sessionId); ok {
 		return v.(gossh.Session)
 	}
 	return nil
 }
 func Monitor(sessionId string, p []byte) {
 	if s := getMonitorSession(sessionId); s != nil {
 		_, err := s.Write(p)
 		if err != nil {
 			logger.L.Error(fmt.Sprintf("moninor session %s failed: %s", sessionId, err.Error()))
 			return
 		}
 	}
 }
--- a/backend/pkg/proto/ssh/handler/term.go
+++ b/backend/pkg/proto/ssh/handler/term.go
@@ -1,380 +0,0 @@
 // Package handler
 /**
 Copyright (c) The Authors.
 * @Author: feng.xiang
 * @Date: 2024/1/24 15:20
 * @Desc:
 */
 package handler
 import (
 	"fmt"
 	"io"
 	"strconv"
 	"strings"
 	"sync"
 	"sync/atomic"
 	"time"
 	"github.com/charmbracelet/bubbles/table"
 	tea "github.com/charmbracelet/bubbletea"
 	"github.com/charmbracelet/lipgloss"
 	"go.uber.org/zap"
 	myi18n "github.com/veops/oneterm/pkg/i18n"
 	"github.com/veops/oneterm/pkg/logger"
 )
 type TermModel struct {
 	table           table.Model
 	query           string
 	cookie          string
 	Object          *InteractiveHandler
 	SearchTime      time.Time
 	Rows            []table.Row
 	Step            int
 	PreView         int
 	lang            string
 	lastOutputLines int
 	in              *ProxyReader
 	out             *ProxyWriter
 	hostExit        bool
 	hasMsg          chan struct{}
 }
 const (
 	Tip int = iota
 	ChooseHost
 	ChooseAccount
 	HostInteractive
 )
 var baseStyle = lipgloss.NewStyle().
 	BorderStyle(lipgloss.NormalBorder()).
 	BorderForeground(lipgloss.Color("240"))
 func (m *TermModel) Init() tea.Cmd { return nil }
 func (m *TermModel) addStep(v int) {
 	switch m.Step {
 	case Tip, ChooseHost:
 		m.Step += v
 	case ChooseAccount:
 		m.Step -= v
 	default:
 		m.Step = Tip
 	}
 }
 func (m *TermModel) printfToSSH(out string) tea.Cmd {
 	return func() tea.Msg {
 		_, err := m.Object.Session.Write([]byte(out + "\n"))
 		if err != nil {
 			return err
 		}
 		return nil
 	}
 }
 func (m *TermModel) CurrentState() int {
 	return Tip
 }
 func (m *TermModel) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
 	var (
 		cmd tea.Cmd
 		err error
 	)
 	switch msg := msg.(type) {
 	case tea.KeyMsg:
 		switch msg.String() {
 		case "esc":
 			if m.table.Focused() {
 				m.table.Blur()
 			} else {
 				m.table.Focus()
 			}
 		case "ctrl+c":
 			return m, tea.Quit
 		case "enter":
 			sr := m.table.SelectedRow()
 			if len(sr) == 0 {
 				break
 			}
 			s := m.query
 			m.query = ""
 			switch s {
 			case "/?":
 				m.Step = Tip
 				return m, nil
 			default:
 				switch len(sr) {
 				case 0:
 					return m, nil
 				default:
 					m.ClearDataSource()
 					m.Step, err = m.Object.Proxy(sr[1], 0)
 					if err != nil {
 						logger.L.Warn(err.Error())
 					}
 					m.ResetSource()
 					m.convertRows()
 					m.updateTable()
 					if len(m.Object.MessageChan) > 0 {
 						out := <-m.Object.MessageChan
 						return m, tea.Batch(tea.ClearScreen, tea.Printf(out))
 					}
 					if len(m.Object.AccountsForSelect) > 0 {
 						m.Object.AccountsForSelect = nil
 					}
 					return m, tea.ClearScreen
 				}
 			}
 		case "backspace":
 			if len(m.query) > 0 {
 				m.query = m.query[:len(m.query)-1]
 			}
 			m.updateTable()
 		default:
 			if msg.Type == tea.KeyRunes && len(msg.String()) >= 1 {
 				m.query += msg.String()
 			}
 			switch m.query {
 			case "/?":
 				m.Step = Tip
 				m.query = ""
 				return m, nil
 			case "/s":
 				m.Step = Tip
 				m.query = ""
 				m.Object.SwitchLanguage("")
 				return m, nil
 			case "/q":
 				return m, tea.Quit
 			case "/*":
 				m.Step = Tip
 				m.query = ""
 			}
 			if m.Step == Tip {
 				m.Step = ChooseHost
 			}
 			m.updateTable()
 		}
 	}
 	m.table, cmd = m.table.Update(msg)
 	return m, cmd
 }
 //func (m *TermModel) Welcome() []table.Row {
 //	rows := []table.Row{
 //		{"/?", "help"},
 //		{"/s", "swith"},
 //	}
 //}
 func (m *TermModel) View() string {
 	defer func() {
 		m.in.hasMsg.Store(false)
 	}()
 	var s string
 	switch m.Step {
 	case Tip:
 		//m.table.SetColumns([]table.Column{
 		//{Title: "Tip", Width: 80},
 		//})
 		m.PreView = Tip
 		s += m.Object.Message(myi18n.MsgSshWelcome, map[string]any{"User": m.Object.Session.User()})
 		s = "\x1b[2K\x1b[G" + s + "\n: " + m.query
 	case ChooseHost:
 		m.table.SetColumns([]table.Column{
 			{Title: "No.", Width: 5},
 			{Title: "Name", Width: 20},
 			{Title: "Ip", Width: 18},
 		})
 		if m.PreView == Tip {
 			s = "\x1b[2K\x1b[G"
 		}
 		s += baseStyle.Render(m.table.View() + "\n: " + m.query)
 	case ChooseAccount:
 		m.table.SetColumns([]table.Column{
 			{Title: "No.", Width: 5},
 			{Title: "Name", Width: 20},
 			{Title: "Account", Width: 18},
 		})
 		s += baseStyle.Render(m.table.View() + "\n: " + m.query)
 	}
 	return s
 	//m.lastOutputLines = strings.Count(s, "\n") + 1
 	//moveToBottomRight := "\033[999;999H"
 	//moveToBottomRight = ""
 	//return moveToBottomRight + s
 }
 func (m *TermModel) clearLastOutput() string {
 	return fmt.Sprintf("\033[%dA\033[J", m.lastOutputLines)
 }
 func (m *TermModel) updateTable() {
 	if m.query == "" {
 		m.table.SetRows(m.Rows)
 		return
 	}
 	var filteredRows []table.Row
 	for _, row := range m.Rows {
 		if rowContainsQuery(row, m.query) {
 			filteredRows = append(filteredRows, row)
 		}
 	}
 	m.table.SetRows(filteredRows)
 }
 func rowContainsQuery(row table.Row, query string) bool {
 	for _, cell := range row {
 		if strings.Contains(strings.ToLower(cell), strings.ToLower(query)) {
 			return true
 		}
 	}
 	return false
 }
 func InitAndRunTerm(obj *InteractiveHandler) *tea.Program {
 	columns := []table.Column{
 		{Title: "No.", Width: 5},
 		{Title: "Name", Width: 20},
 		{Title: "Ip", Width: 18},
 	}
 	t := table.New(
 		table.WithColumns(columns),
 		table.WithFocused(true),
 		table.WithHeight(7),
 	)
 	s := table.DefaultStyles()
 	s.Header = s.Header.
 		BorderStyle(lipgloss.NormalBorder()).
 		BorderForeground(lipgloss.Color("240")).
 		BorderBottom(true).
 		Bold(false)
 	s.Selected = s.Selected.
 		Foreground(lipgloss.Color("229")).
 		Background(lipgloss.Color("57")).
 		Bold(false)
 	t.SetStyles(s)
 	tm := &TermModel{
 		table:  t,
 		Object: obj,
 		in:     &ProxyReader{r: obj.Session},
 		out:    &ProxyWriter{w: obj.Session},
 		hasMsg: make(chan struct{}),
 	}
 	tm.updateRows()
 	return tea.NewProgram(tm, tea.WithInput(tm.in), tea.WithOutput(tm.out))
 }
 func (m *TermModel) updateRows() {
 	assets, err := m.Object.AcquireAssets("", 0)
 	if err != nil {
 		logger.L.Warn(err.Error(), zap.String("module", "term"))
 		return
 	}
 	var rows []table.Row
 	for index, v1 := range assets {
 		rows = append(rows, []string{strconv.Itoa(index), v1.Name, v1.Ip})
 	}
 	m.Object.Locker.Lock()
 	m.Object.Assets = assets
 	m.Object.Locker.Unlock()
 	m.SearchTime = time.Now()
 	m.Rows = rows
 }
 func (m *TermModel) convertRows() {
 	switch m.Step {
 	case ChooseAccount:
 		var rows []table.Row
 		for index, v := range m.Object.AccountsForSelect {
 			rows = append(rows, table.Row{strconv.Itoa(index), v.Name, v.Account})
 		}
 		m.Rows = rows
 	default:
 		if time.Since(m.SearchTime) < time.Minute {
 			var rows []table.Row
 			for index, v1 := range m.Object.Assets {
 				rows = append(rows, []string{strconv.Itoa(index), v1.Name, v1.Ip})
 			}
 			m.Rows = rows
 			return
 		}
 		m.updateRows()
 	}
 }
 type nilWriter struct{}
 func (nw nilWriter) Write(p []byte) (int, error) {
 	return len(p), nil
 }
 func (m *TermModel) ClearDataSource() {
 	m.in.SetReader(nil)
 	m.out.SetWriter(nil)
 }
 func (m *TermModel) ResetSource() {
 	m.in.SetReader(m.Object.Session)
 	m.out.SetWriter(m.Object.Session)
 }
 type ProxyWriter struct {
 	lock sync.RWMutex
 	w    io.Writer
 }
 func (pw *ProxyWriter) Write(p []byte) (n int, err error) {
 	pw.lock.RLock()
 	defer pw.lock.RUnlock()
 	for pw.w == nil {
 		time.Sleep(time.Millisecond * 50)
 	}
 	return pw.w.Write(p)
 }
 func (pw *ProxyWriter) SetWriter(w io.Writer) {
 	pw.lock.Lock()
 	defer pw.lock.Unlock()
 	pw.w = w
 }
 type ProxyReader struct {
 	lock   sync.RWMutex
 	r      io.Reader
 	hasMsg atomic.Bool
 }
 func (pr *ProxyReader) Read(p []byte) (n int, err error) {
 	pr.lock.RLock()
 	defer pr.lock.RUnlock()
 	for pr.r == nil || pr.hasMsg.Load() {
 		time.Sleep(time.Millisecond * 100)
 	}
 	n, err = pr.r.Read(p)
 	pr.hasMsg.Store(true)
 	return
 }
 func (pr *ProxyReader) SetReader(r io.Reader) {
 	pr.r = r
 }
--- a/backend/pkg/proto/ssh/record/asciinema.go
+++ b/backend/pkg/proto/ssh/record/asciinema.go
@@ -1,154 +0,0 @@
 package record
 import (
 	"encoding/json"
 	"fmt"
 	"os"
 	"path/filepath"
 	"strings"
 	"time"
 	gossh "github.com/gliderlabs/ssh"
 	"go.uber.org/zap"
 	"github.com/veops/oneterm/pkg/logger"
 	"github.com/veops/oneterm/pkg/proto/ssh/api"
 	"github.com/veops/oneterm/pkg/proto/ssh/config"
 )
 type Asciinema struct {
 	Timestamp time.Time
 	FilePath  string
 	SessionId string
 	Writer    *os.File
 	InChan    chan string
 	buf       []string
 	HasWidth  bool
 }
 func NewAsciinema(sessionId string, pty gossh.Pty) (asc *Asciinema, err error) {
 	asc = &Asciinema{
 		Timestamp: time.Now(),
 		InChan:    make(chan string, 20480),
 		SessionId: sessionId,
 	}
 	if config.SSHConfig.RecordFilePath == "" {
 		asc.FilePath, _ = os.Getwd()
 	}
 	asc.FilePath = filepath.Join(asc.FilePath, sessionId+".cast")
 	castFile, err := os.Create(asc.FilePath)
 	if err != nil {
 		return
 	}
 	asc.Writer = castFile
 	head := map[string]any{
 		"version":   2,
 		"width":     pty.Window.Width,
 		"height":    pty.Window.Height,
 		"timestamp": asc.Timestamp.Unix(),
 		"env": map[string]any{
 			"SHELL": "/bin/bash",
 			"TERM":  "xterm-256color",
 		},
 	}
 	s, _ := json.Marshal(head)
 	if pty.Window.Width == 0 {
 		asc.buf = append(asc.buf, string(s))
 	} else {
 		asc.HasWidth = true
 		_, err = castFile.Write(s)
 		if err != nil {
 			return asc, err
 		}
 		_, err = castFile.WriteString("\r\n")
 		if err != nil {
 			return asc, err
 		}
 	}
 	return asc, err
 }
 func (a *Asciinema) Write(data []byte) error {
 	s := make([]any, 3)
 	s[0] = (float64(time.Now().UnixMicro() - a.Timestamp.UnixMicro())) / 1000 / 1000
 	s[1] = "o"
 	s[2] = string(data)
 	res, err := json.Marshal(s)
 	if err != nil {
 		return err
 	}
 	if !a.HasWidth {
 		a.buf = append(a.buf, string(res))
 	} else {
 		_, err = a.Writer.Write(append(res, []byte("\r\n")...))
 	}
 	return err
 }
 func (a *Asciinema) RemoteWrite(rec string) {
 	a.InChan <- rec
 	for v := range a.InChan {
 		err := api.AddReplay(a.SessionId, map[string]string{
 			"session_id": a.SessionId,
 			"body":       v,
 		})
 		if err != nil {
 			logger.L.Error(err.Error())
 			break
 		}
 	}
 }
 func (a *Asciinema) Close() {
 	a.Writer.Close()
 	err := api.AddReplayFile(a.SessionId, a.FilePath)
 	if err != nil {
 		logger.L.Error(err.Error())
 	}
 	err = os.Remove(a.FilePath)
 	if err != nil {
 		logger.L.Warn(err.Error(), zap.String("module", "asciinema"))
 	}
 }
 func (a *Asciinema) Resize(height, width int) error {
 	if !a.HasWidth {
 		a.ReWriteZeroWidth(height, width)
 	}
 	s := make([]any, 3)
 	s[0] = (float64(time.Now().UnixMicro() - a.Timestamp.UnixMicro())) / 1000 / 1000
 	s[1] = "r"
 	s[2] = fmt.Sprintf("%dx%d", width, height)
 	res, err := json.Marshal(s)
 	if err != nil {
 		return err
 	}
 	_, err = a.Writer.Write(append(res, []byte("\r\n")...))
 	return err
 }
 func (a *Asciinema) ReWriteZeroWidth(height, width int) {
 	defer func() {
 		a.HasWidth = true
 	}()
 	if len(a.buf) > 0 {
 		head := map[string]any{}
 		er := json.Unmarshal([]byte(a.buf[0]), &head)
 		if er == nil {
 			head["width"] = width
 			head["height"] = height
 			s, er := json.Marshal(head)
 			if er == nil {
 				a.buf[0] = string(s)
 			}
 		}
 	}
 	_, _ = a.Writer.WriteString(strings.Join(a.buf, "\r\n"))
 	_, _ = a.Writer.WriteString("\r\n")
 	return
 }
--- a/backend/pkg/proto/ssh/record/record.go
+++ b/backend/pkg/proto/ssh/record/record.go
@@ -1,7 +0,0 @@
 package record
 type Record interface {
 	Write(record []byte) error
 	Close()
 	Resize(height, width int) error
 }
--- a/backend/pkg/proto/ssh/ssh.go
+++ b/backend/pkg/proto/ssh/ssh.go
@@ -1,40 +0,0 @@
 package ssh
 import (
 	"net"
 	"time"
 	"github.com/pires/go-proxyproto"
 	"github.com/veops/oneterm/pkg/logger"
 	"github.com/veops/oneterm/pkg/proto/ssh/handler"
 )
 func Run(Addr, apiHost, token, privateKeyPath, secretKey string) error {
 	s, er := handler.Init(Addr, apiHost, token, privateKeyPath, secretKey)
 	if er != nil {
 		return er
 	}
 	go func() {
 		ln, err := net.Listen("tcp", s.Addr)
 		if err != nil {
 			logger.L.Fatal(err.Error())
 		}
 		proxyListener := &proxyproto.Listener{
 			Listener:          ln,
 			ReadHeaderTimeout: 10 * time.Second,
 		}
 		defer proxyListener.Close()
 		err = s.Serve(proxyListener)
 		if err != nil {
 			logger.L.Fatal(err.Error())
 			return
 		}
 	}()
 	return nil
 }
--- a/backend/pkg/server/router/middleware/auth.go
+++ b/backend/pkg/server/router/middleware/auth.go
@@ -1,98 +0,0 @@
 // Package middleware
 package middleware
 import (
 	"encoding/json"
 	"fmt"
 	"net/http"
 	"sync"
 	"github.com/gin-gonic/gin"
 	"go.uber.org/zap"
 	"github.com/veops/oneterm/pkg/conf"
 	"github.com/veops/oneterm/pkg/logger"
 	"github.com/veops/oneterm/pkg/server/auth/acl"
 )
 var (
 	basicAuthDb = sync.Map{}
 )
 func init() {
 	basicAuthDb.Store("admin", "admin")
 }
 func Auth() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		var err error
 		var ok bool
 		if conf.Cfg.Auth.Acl != nil && conf.Cfg.Auth.Acl.Url != "" {
 			err, ok = authAcl(c)
 		} else {
 			// TODO: add your auth here
 			ok = true
 		}
 		if !ok {
 			logger.L.Warn(err.Error())
 			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
 				"message": "authorized refused",
 			})
 			return
 		}
 		c.Next()
 	}
 }
 func AuthToken() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		if c.GetHeader("X-Token") != conf.Cfg.SshServer.Xtoken {
 			logger.L.Warn("invalid token", zap.String("X-Token", c.GetHeader("X-Token")))
 			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
 				"message": "authorized refused",
 			})
 			return
 		}
 		c.Next()
 	}
 }
 func authAcl(ctx *gin.Context) (error, bool) {
 	session := &acl.Session{}
 	sess, err := ctx.Cookie("session")
 	if err == nil && sess != "" {
 		s := acl.NewSignature(conf.Cfg.SecretKey, "cookie-session", "", "hmac", nil, nil)
 		content, err := s.Unsign(sess)
 		if err != nil {
 			return err, false
 		}
 		err = json.Unmarshal(content, &session)
 		if err != nil {
 			return err, false
 		}
 		ctx.Set("session", session)
 		return nil, true
 	}
 	return fmt.Errorf("no session"), false
 }
 //func authBasic(ctx *gin.Context) (error, bool) {
 //	if user, password, ok := ctx.Request.BasicAuth(); ok {
 //		if p, ok := basicAuthDb.Load(user); ok && p.(string) == password {
 //			return nil, true
 //		} else {
 //			return fmt.Errorf("invalid user or password"), false
 //		}
 //	}
 //	return fmt.Errorf("invalid user or password"), false
 //}
 //func authWithWhiteList(ip string) bool {
 //	return lo.Contains(viper.GetStringSlice("gateway.whiteList"), ip)
 //}
--- a/backend/pkg/server/router/middleware/cache.go
+++ b/backend/pkg/server/router/middleware/cache.go
@@ -1,151 +0,0 @@
 package middleware
 import (
 	"bytes"
 	"context"
 	"encoding/gob"
 	"fmt"
 	"net/http"
 	"time"
 	"github.com/gin-gonic/gin"
 	"golang.org/x/sync/singleflight"
 	"github.com/veops/oneterm/pkg/logger"
 	"github.com/veops/oneterm/pkg/server/storage/cache/redis"
 )
 var (
 	cachePrefix = "App::HttpCache"
 )
 type responseCache struct {
 	Status int
 	Header http.Header
 	Data   []byte
 }
 func (c *responseCache) fillWithCacheWriter(cacheWriter *responseCacheWriter) {
 	c.Status = cacheWriter.Status()
 	c.Data = cacheWriter.body.Bytes()
 	c.Header = cacheWriter.Header().Clone()
 }
 // responseCacheWriter
 type responseCacheWriter struct {
 	gin.ResponseWriter
 	body bytes.Buffer
 }
 func (w *responseCacheWriter) Write(b []byte) (int, error) {
 	w.body.Write(b)
 	return w.ResponseWriter.Write(b)
 }
 func replyWithCache(c *gin.Context, respCache *responseCache) {
 	c.Writer.WriteHeader(respCache.Status)
 	for key, values := range respCache.Header {
 		for _, val := range values {
 			c.Writer.Header().Set(key, val)
 		}
 	}
 	if _, err := c.Writer.Write(respCache.Data); err != nil {
 		logger.L.Error(err.Error())
 	}
 	c.Abort()
 }
 func RCache(ctx context.Context, defaultExpire time.Duration) gin.HandlerFunc {
 	sfGroup := singleflight.Group{}
 	return func(c *gin.Context) {
 		cacheKey := fmt.Sprintf("%s::%s", cachePrefix, c.Request.RequestURI)
 		cacheDuration := defaultExpire
 		// read cache first
 		{
 			respCache := &responseCache{}
 			err := RGet(ctx, cacheKey, &respCache)
 			if err == nil {
 				replyWithCache(c, respCache)
 				return
 			}
 		}
 		cacheWriter := &responseCacheWriter{ResponseWriter: c.Writer}
 		c.Writer = cacheWriter
 		inFlight := false
 		rawRespCache, _, _ := sfGroup.Do(cacheKey, func() (any, error) {
 			forgetTimer := time.AfterFunc(time.Second*15, func() {
 				sfGroup.Forget(cacheKey)
 			})
 			defer forgetTimer.Stop()
 			c.Next()
 			inFlight = true
 			respCache := &responseCache{}
 			respCache.fillWithCacheWriter(cacheWriter)
 			// only cache 2xx response
 			if !c.IsAborted() && cacheWriter.Status() < 300 && cacheWriter.Status() >= 200 {
 				if err := RSet(ctx, cacheKey, respCache, cacheDuration); err != nil {
 					logger.L.Error(err.Error())
 				}
 			}
 			return respCache, nil
 		})
 		if !inFlight {
 			replyWithCache(c, rawRespCache.(*responseCache))
 			return
 		}
 	}
 }
 // redis
 func RSet(ctx context.Context, key string, value any, expire time.Duration) error {
 	payload, err := Serialize(value)
 	if err != nil {
 		return err
 	}
 	_, err = redis.RC.SetEx(ctx, key, payload, expire).Result()
 	return err
 }
 func RDelete(ctx context.Context, key string) error {
 	_, err := redis.RC.Del(ctx, key).Result()
 	return err
 }
 func RGet(ctx context.Context, key string, value any) error {
 	r, err := redis.RC.Get(ctx, key).Bytes()
 	if err != nil {
 		return err
 	}
 	return Deserialize(r, value)
 }
 // codec
 func Serialize(value any) ([]byte, error) {
 	var b bytes.Buffer
 	encoder := gob.NewEncoder(&b)
 	if err := encoder.Encode(value); err != nil {
 		return nil, err
 	}
 	return b.Bytes(), nil
 }
 func Deserialize(byt []byte, ptr any) (err error) {
 	b := bytes.NewBuffer(byt)
 	decoder := gob.NewDecoder(b)
 	if err = decoder.Decode(ptr); err != nil {
 		return err
 	}
 	return nil
 }
--- a/backend/pkg/server/router/middleware/error.go
+++ b/backend/pkg/server/router/middleware/error.go
@@ -1,63 +0,0 @@
 package middleware
 import (
 	"bytes"
 	"encoding/json"
 	"strings"
 	"github.com/gin-gonic/gin"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
 	"github.com/veops/oneterm/pkg/conf"
 	"github.com/veops/oneterm/pkg/server/controller"
 )
 type bodyWriter struct {
 	gin.ResponseWriter
 	body *bytes.Buffer
 }
 func (w bodyWriter) Write(b []byte) (int, error) {
 	return w.body.Write(b)
 }
 func Error2Resp() gin.HandlerFunc {
 	return func(ctx *gin.Context) {
 		if strings.Contains(ctx.Request.URL.String(), "session/replay") {
 			ctx.Next()
 			return
 		}
 		wb := &bodyWriter{
 			body:           &bytes.Buffer{},
 			ResponseWriter: ctx.Writer,
 		}
 		ctx.Writer = wb
 		ctx.Next()
 		obj := make(map[string]any)
 		json.Unmarshal(wb.body.Bytes(), &obj)
 		if len(ctx.Errors) > 0 {
 			if v, ok := obj["code"]; !ok || v == 0 {
 				obj["code"] = ctx.Writer.Status()
 			}
 			if v, ok := obj["message"]; !ok || v == "" {
 				e := ctx.Errors.Last().Err
 				obj["message"] = e.Error()
 				ae, ok := e.(*controller.ApiError)
 				if ok {
 					lang := ctx.PostForm("lang")
 					accept := ctx.GetHeader("Accept-Language")
 					localizer := i18n.NewLocalizer(conf.Bundle, lang, accept)
 					obj["message"] = ae.Message(localizer)
 				}
 			}
 		}
 		bs, _ := json.Marshal(obj)
 		wb.ResponseWriter.Write(bs)
 	}
 }
--- a/backend/pkg/server/router/middleware/log.go
+++ b/backend/pkg/server/router/middleware/log.go
@@ -1,137 +0,0 @@
 // Package middleware
 package middleware
 import (
 	"bytes"
 	"encoding/json"
 	"io"
 	"net"
 	"net/http"
 	"net/http/httputil"
 	"os"
 	"runtime/debug"
 	"strings"
 	"time"
 	"github.com/gin-gonic/gin"
 	"github.com/samber/lo"
 	"go.uber.org/zap"
 	"github.com/veops/oneterm/pkg/logger"
 	handler "github.com/veops/oneterm/pkg/server/controller"
 )
 var (
 	NotLogUrls = []string{"/favicon.ico"}
 )
 func GinLogger(logger *zap.Logger) gin.HandlerFunc {
 	return func(c *gin.Context) {
 		start := time.Now()
 		path := c.Request.URL.Path
 		query := c.Request.URL.RawQuery
 		c.Next()
 		if !lo.Contains(NotLogUrls, path) {
 			cost := time.Since(start)
 			logger.Info(path,
 				zap.Int("status", c.Writer.Status()),
 				zap.String("method", c.Request.Method),
 				zap.String("path", path),
 				zap.String("query", query),
 				zap.String("ip", c.ClientIP()),
 				zap.String("user-agent", c.Request.UserAgent()),
 				zap.String("errors", c.Errors.ByType(gin.ErrorTypePrivate).String()),
 				zap.Duration("cost", cost),
 			)
 		}
 	}
 }
 func GinRecovery(logger *zap.Logger, stack bool) gin.HandlerFunc {
 	return func(c *gin.Context) {
 		defer func() {
 			if err := recover(); err != nil {
 				var brokenPipe bool
 				if ne, ok := err.(*net.OpError); ok {
 					if se, ok := ne.Err.(*os.SyscallError); ok {
 						if strings.Contains(strings.ToLower(se.Error()), "broken pipe") ||
 							strings.Contains(strings.ToLower(se.Error()), "connection reset by peer") {
 							brokenPipe = true
 						}
 					}
 				}
 				httpRequest, _ := httputil.DumpRequest(c.Request, false)
 				if brokenPipe {
 					logger.Error(c.Request.URL.Path,
 						zap.Any("error", err),
 						zap.String("request", string(httpRequest)),
 					)
 					err := c.Error(err.(error))
 					if err != nil {
 						logger.Error(err.Error())
 					}
 					c.Abort()
 					return
 				}
 				if stack {
 					logger.Error("[Recovery from panic]",
 						zap.Any("error", err),
 						zap.String("request", string(httpRequest)),
 						zap.String("stack", string(debug.Stack())),
 					)
 				} else {
 					logger.Error("[Recovery from panic]",
 						zap.Any("error", err),
 						zap.String("request", string(httpRequest)),
 					)
 				}
 				c.AbortWithStatus(http.StatusInternalServerError)
 			}
 		}()
 		c.Next()
 	}
 }
 // LogRequest LogUpdate Record the specified HTTP request (including the URL and data) in a log or another location.
 func LogRequest() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		if !lo.Contains([]string{"GET", "HEAD"}, c.Request.Method) {
 			data := map[string]any{}
 			bodyBytes, _ := io.ReadAll(c.Request.Body)
 			_ = c.Request.Body.Close()
 			c.Request.Body = io.NopCloser(bytes.NewBuffer(bodyBytes))
 			if err := json.Unmarshal(bodyBytes, &data); err != nil {
 				if valid, err := permissionCheck(c, data); err != nil {
 					c.AbortWithStatusJSON(http.StatusBadRequest,
 						handler.HttpResponse{Code: http.StatusBadRequest, Message: err.Error()})
 					return
 				} else if !valid {
 					c.AbortWithStatusJSON(http.StatusBadRequest,
 						handler.HttpResponse{Code: http.StatusForbidden, Message: "no permission"})
 					return
 				}
 			}
 			excludeUrls := map[string]struct{}{}
 			if _, ok := excludeUrls[c.Request.RequestURI]; !ok {
 				if c.Request.Method != "POST" {
 					w := &responseWriter{ResponseWriter: c.Writer, body: []byte{}}
 					c.Writer = w
 					logger.L.Info("request record", zap.String("body", string(w.body)))
 				}
 			}
 		}
 		c.Next()
 	}
 }
 func permissionCheck(ctx *gin.Context, data map[string]any) (bool, error) {
 	return true, nil
 }
--- a/backend/pkg/server/router/middleware/middleware.go
+++ b/backend/pkg/server/router/middleware/middleware.go
@@ -1,62 +0,0 @@
 package middleware
 import (
 	"net/http"
 	"runtime"
 	"github.com/gin-gonic/gin"
 	"github.com/veops/oneterm/pkg/logger"
 )
 func Cors() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		method := c.Request.Method
 		origin := c.Request.Header.Get("Origin")
 		if origin != "" {
 			c.Writer.Header().Set("Access-Control-Allow-Origin", origin)
 			c.Header("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE, UPDATE")
 			c.Header("Access-Control-Allow-Headers", "Authorization, Content-Length, X-CSRF-Token, Token, session")
 			c.Header("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers")
 			c.Header("Access-Control-Max-Age", "172800")
 			c.Header("Access-Control-Allow-Credentials", "true")
 		}
 		if method == "OPTIONS" {
 			c.AbortWithStatus(http.StatusNoContent)
 			return
 		}
 		defer func() {
 			if err := recover(); err != nil {
 				logger.L.Sugar().Errorf("Panic info is: %v", err)
 			}
 		}()
 		c.Next()
 	}
 }
 func RecoveryWithWriter() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		defer func() {
 			if err := recover(); err != nil {
 				var buf [4096]byte
 				n := runtime.Stack(buf[:], false)
 				logger.L.Error(string(buf[:n]))
 			}
 		}()
 		c.Next()
 	}
 }
 type responseWriter struct {
 	gin.ResponseWriter
 	body []byte
 }
 func (w *responseWriter) Write(data []byte) (int, error) {
 	w.body = append(w.body, data...)
 	return w.ResponseWriter.Write(data)
 }
--- a/backend/pkg/server/router/router.go
+++ b/backend/pkg/server/router/router.go
@@ -1,121 +0,0 @@
 package router
 import (
 	"context"
 	"encoding/gob"
 	"fmt"
 	"net/http"
 	"os"
 	"time"
 	"github.com/gin-contrib/sessions"
 	"github.com/gin-contrib/sessions/cookie"
 	"github.com/gin-gonic/gin"
 	"github.com/prometheus/client_golang/prometheus/promhttp"
 	"github.com/spf13/viper"
 	swaggerFiles "github.com/swaggo/files"
 	ginSwagger "github.com/swaggo/gin-swagger"
 	"github.com/veops/oneterm/docs"
 	"github.com/veops/oneterm/pkg/conf"
 	"github.com/veops/oneterm/pkg/logger"
 	"github.com/veops/oneterm/pkg/server/router/middleware"
 	"github.com/veops/oneterm/pkg/util"
 )
 var routeGroup []*GroupRoute
 func Server(cfg *conf.ConfigYaml) *http.Server {
 	routeConfig()
 	srv := &http.Server{
 		Addr:    fmt.Sprintf("%s:%d", cfg.Http.Host, cfg.Http.Port),
 		Handler: setupRouter(),
 	}
 	go func() {
 		if err := srv.ListenAndServe(); err != nil && err != http.ErrServerClosed {
 			logger.L.Error(err.Error())
 			os.Exit(1)
 		}
 	}()
 	logger.L.Info(fmt.Sprintf("start on server:%s", srv.Addr))
 	return srv
 }
 func GracefulExit(srv *http.Server, ch chan struct{}) {
 	<-ch
 	ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
 	defer cancel()
 	if err := srv.Shutdown(ctx); err != nil {
 		logger.L.Error(err.Error())
 	}
 	logger.L.Info("Shutdown server ...")
 }
 func routeConfig() {
 	var commonRoute []Route
 	commonRoute = append(commonRoute, routes...)
 	routeGroup = []*GroupRoute{
 		{
 			Prefix: "/api/oneterm/v1",
 			GroupMiddleware: gin.HandlersChain{
 				middleware.Error2Resp(),
 				middleware.RecoveryWithWriter(),
 			},
 			SubRoutes: commonRoute,
 		},
 		{
 			Prefix:    "",
 			SubRoutes: baseRoutes,
 		},
 	}
 }
 func setupRouter() *gin.Engine {
 	r := gin.New()
 	r.SetTrustedProxies([]string{"0.0.0.0/0", "::/0"})
 	r.MaxMultipartMemory = 128 << 20
 	r.Use(
 		middleware.GinLogger(logger.L),
 		middleware.LogRequest(),
 		middleware.Cors(),
 		middleware.GinRecovery(logger.L, true))
 	// sso
 	gob.Register(map[string]any{}) // important!
 	store := cookie.NewStore([]byte(viper.GetString("gateway.secretKey")))
 	r.Use(sessions.Sessions("session", store))
 	routeGroupsMap := make(map[string]*gin.RouterGroup)
 	for _, gRoute := range routeGroup {
 		if _, ok := routeGroupsMap[gRoute.Prefix]; !ok {
 			routeGroupsMap[gRoute.Prefix] = r.Group(gRoute.Prefix)
 		}
 		for _, gMiddleware := range gRoute.GroupMiddleware {
 			routeGroupsMap[gRoute.Prefix].Use(gMiddleware)
 		}
 		for _, subRoute := range gRoute.SubRoutes {
 			length := len(subRoute.Middleware) + 2
 			routes := make([]any, length)
 			routes[0] = subRoute.Pattern
 			for i, v := range subRoute.Middleware {
 				routes[i+1] = v
 			}
 			routes[length-1] = subRoute.HandlerFunc
 			util.CallReflect(
 				routeGroupsMap[gRoute.Prefix],
 				subRoute.Method,
 				routes...)
 		}
 	}
 	r.Handle("GET", "/metrics", gin.WrapH(promhttp.Handler()))
 	// swagger
 	docs.SwaggerInfo.Title = "ONETERM API"
 	docs.SwaggerInfo.BasePath = "/api/oneterm/v1"
 	r.GET("/swagger/*any", ginSwagger.WrapHandler(swaggerFiles.Handler))
 	return r
 }
--- a/backend/pkg/server/router/routers.go
+++ b/backend/pkg/server/router/routers.go
@@ -1,447 +0,0 @@
 package router
 import (
 	"net/http"
 	"github.com/gin-gonic/gin"
 	"github.com/veops/oneterm/pkg/logger"
 	"github.com/veops/oneterm/pkg/server/controller"
 	"github.com/veops/oneterm/pkg/server/router/middleware"
 )
 var (
 	c = controller.NewController()
 	baseRoutes = []Route{
 		{
 			Name:    "a health check, just for monitoring",
 			Method:  "GET",
 			Pattern: "/-/health",
 			HandlerFunc: func(ctx *gin.Context) {
 				ctx.String(http.StatusOK, "OK")
 			},
 		},
 		{
 			Name:    "favicon.ico",
 			Method:  "GET",
 			Pattern: "/favicon.ico",
 			HandlerFunc: func(ctx *gin.Context) {
 			},
 		},
 		{
 			Name:    "change the log level",
 			Method:  "PUT",
 			Pattern: "/-/log/level",
 			HandlerFunc: func(ctx *gin.Context) {
 				logger.AtomicLevel.ServeHTTP(ctx.Writer, ctx.Request)
 			},
 		},
 	}
 	routes = []Route{
 		// account
 		{
 			Name:        "create a account",
 			Method:      "POST",
 			Pattern:     "account",
 			HandlerFunc: c.CreateAccount,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "delete a account",
 			Method:      "DELETE",
 			Pattern:     "account/:id",
 			HandlerFunc: c.DeleteAccount,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "update a account",
 			Method:      "PUT",
 			Pattern:     "account/:id",
 			HandlerFunc: c.UpdateAccount,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "query accounts",
 			Method:      "GET",
 			Pattern:     "account",
 			HandlerFunc: c.GetAccounts,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		// asset
 		{
 			Name:        "create a asset",
 			Method:      "POST",
 			Pattern:     "asset",
 			HandlerFunc: c.CreateAsset,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "delete a asset",
 			Method:      "DELETE",
 			Pattern:     "asset/:id",
 			HandlerFunc: c.DeleteAsset,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "update a asset",
 			Method:      "PUT",
 			Pattern:     "asset/:id",
 			HandlerFunc: c.UpdateAsset,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "query assets",
 			Method:      "GET",
 			Pattern:     "asset",
 			HandlerFunc: c.GetAssets,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "update asset by server",
 			Method:      "PUT",
 			Pattern:     "asset/update_by_server",
 			HandlerFunc: c.UpdateByServer,
 			Middleware:  gin.HandlersChain{middleware.AuthToken()},
 		},
 		{
 			Name:        "query asset by server",
 			Method:      "GET",
 			Pattern:     "asset/query_by_server",
 			HandlerFunc: c.QueryByServer,
 			Middleware:  gin.HandlersChain{middleware.AuthToken()},
 		},
 		// command
 		{
 			Name:        "create a command",
 			Method:      "POST",
 			Pattern:     "command",
 			HandlerFunc: c.CreateCommand,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "delete a command",
 			Method:      "DELETE",
 			Pattern:     "command/:id",
 			HandlerFunc: c.DeleteCommand,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "update a command",
 			Method:      "PUT",
 			Pattern:     "command/:id",
 			HandlerFunc: c.UpdateCommand,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "query commands",
 			Method:      "GET",
 			Pattern:     "command",
 			HandlerFunc: c.GetCommands,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "modify config",
 			Method:      "POST",
 			Pattern:     "config",
 			HandlerFunc: c.PostConfig,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "query config",
 			Method:      "GET",
 			Pattern:     "config",
 			HandlerFunc: c.GetConfig,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		// gateway
 		{
 			Name:        "create a gateway",
 			Method:      "POST",
 			Pattern:     "gateway",
 			HandlerFunc: c.CreateGateway,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "delete a gateway",
 			Method:      "DELETE",
 			Pattern:     "gateway/:id",
 			HandlerFunc: c.DeleteGateway,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "update a gateway",
 			Method:      "PUT",
 			Pattern:     "gateway/:id",
 			HandlerFunc: c.UpdateGateway,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "query gateways",
 			Method:      "GET",
 			Pattern:     "gateway",
 			HandlerFunc: c.GetGateways,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		// node
 		{
 			Name:        "create a node",
 			Method:      "POST",
 			Pattern:     "node",
 			HandlerFunc: c.CreateNode,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "delete a node",
 			Method:      "DELETE",
 			Pattern:     "node/:id",
 			HandlerFunc: c.DeleteNode,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "update a node",
 			Method:      "PUT",
 			Pattern:     "node/:id",
 			HandlerFunc: c.UpdateNode,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "query nodes",
 			Method:      "GET",
 			Pattern:     "node",
 			HandlerFunc: c.GetNodes,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		// publicKey
 		{
 			Name:        "create a publicKey",
 			Method:      "POST",
 			Pattern:     "public_key",
 			HandlerFunc: c.CreatePublicKey,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "delete a publicKey",
 			Method:      "DELETE",
 			Pattern:     "public_key/:id",
 			HandlerFunc: c.DeletePublicKey,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "update a publicKey",
 			Method:      "PUT",
 			Pattern:     "public_key/:id",
 			HandlerFunc: c.UpdatePublicKey,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "query publicKeys",
 			Method:      "GET",
 			Pattern:     "public_key",
 			HandlerFunc: c.GetPublicKeys,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "auth by publicKey or password",
 			Method:      "POST",
 			Pattern:     "public_key/auth",
 			HandlerFunc: c.Auth,
 			Middleware:  gin.HandlersChain{middleware.AuthToken()},
 		},
 		//stat
 		{
 			Name:        "query stat asset type",
 			Method:      "GET",
 			Pattern:     "stat/assettype",
 			HandlerFunc: c.StatAssetType,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "query stat count",
 			Method:      "GET",
 			Pattern:     "stat/count",
 			HandlerFunc: c.StatCount,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "query stat count of user",
 			Method:      "GET",
 			Pattern:     "stat/count/ofuser",
 			HandlerFunc: c.StatCountOfUser,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "query stat account",
 			Method:      "GET",
 			Pattern:     "stat/account",
 			HandlerFunc: c.StatAccount,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "query stat asset",
 			Method:      "GET",
 			Pattern:     "stat/asset",
 			HandlerFunc: c.StatAsset,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "query stat rank of user",
 			Method:      "GET",
 			Pattern:     "stat/rank/ofuser",
 			HandlerFunc: c.StatRankOfUser,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		//session
 		{
 			Name:        "query session",
 			Method:      "GET",
 			Pattern:     "session",
 			HandlerFunc: c.GetSessions,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "query session cmds",
 			Method:      "GET",
 			Pattern:     "session/:session_id/cmd",
 			HandlerFunc: c.GetSessionCmds,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "query session option asset",
 			Method:      "GET",
 			Pattern:     "session/option/asset",
 			HandlerFunc: c.GetSessionOptionAsset,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "query session option client ip",
 			Method:      "GET",
 			Pattern:     "session/option/clientip",
 			HandlerFunc: c.GetSessionOptionClientIp,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "query session replay",
 			Method:      "GET",
 			Pattern:     "session/replay/:session_id",
 			HandlerFunc: c.GetSessionReplay,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "create sesssin replay",
 			Method:      "POST",
 			Pattern:     "session/replay/:session_id",
 			HandlerFunc: c.CreateSessionReplay,
 			Middleware:  gin.HandlersChain{middleware.AuthToken()},
 		},
 		{
 			Name:        "upsert session",
 			Method:      "POST",
 			Pattern:     "session",
 			HandlerFunc: c.UpsertSession,
 			Middleware:  gin.HandlersChain{middleware.AuthToken()},
 		},
 		{
 			Name:        "create sesssin cmd",
 			Method:      "POST",
 			Pattern:     "session/cmd",
 			HandlerFunc: c.CreateSessionCmd,
 			Middleware:  gin.HandlersChain{middleware.AuthToken()},
 		},
 		//history
 		{
 			Name:        "query history",
 			Method:      "GET",
 			Pattern:     "history",
 			HandlerFunc: c.GetHistories,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "query history type mapping",
 			Method:      "GET",
 			Pattern:     "history/type/mapping",
 			HandlerFunc: c.GetHistoryTypeMapping,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		//connect
 		{
 			Name:        "connect",
 			Method:      "POST",
 			Pattern:     "connect/:asset_id/:account_id/:protocol",
 			HandlerFunc: c.Connect,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "connecting",
 			Method:      "GET",
 			Pattern:     "connect/:session_id",
 			HandlerFunc: c.Connecting,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "connect monitor",
 			Method:      "GET",
 			Pattern:     "connect/monitor/:session_id",
 			HandlerFunc: c.ConnectMonitor,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "connect close",
 			Method:      "POST",
 			Pattern:     "connect/close/:session_id",
 			HandlerFunc: c.ConnectClose,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		//file
 		{
 			Name:        "query file history",
 			Method:      "GET",
 			Pattern:     "file/history",
 			HandlerFunc: c.GetFileHistory,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "file action ls",
 			Method:      "GET",
 			Pattern:     "file/ls/:asset_id/:account_id",
 			HandlerFunc: c.FileLS,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "file action mkdir",
 			Method:      "POST",
 			Pattern:     "file/mkdir/:asset_id/:account_id",
 			HandlerFunc: c.FileMkdir,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "file action upload",
 			Method:      "POST",
 			Pattern:     "file/upload/:asset_id/:account_id",
 			HandlerFunc: c.FileUpload,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 		{
 			Name:        "file action download",
 			Method:      "GET",
 			Pattern:     "file/download/:asset_id/:account_id",
 			HandlerFunc: c.FileDownload,
 			Middleware:  gin.HandlersChain{middleware.Auth()},
 		},
 	}
 )
 type Route struct {
 	Name        string
 	Method      string
 	Pattern     string
 	HandlerFunc func(ctx *gin.Context)
 	Middleware  []gin.HandlerFunc
 }
 type GroupRoute struct {
 	Prefix          string
 	GroupMiddleware gin.HandlersChain
 	SubRoutes       []Route
 }
--- a/backend/pkg/server/schedule/cmdb/cmdb.go
+++ b/backend/pkg/server/schedule/cmdb/cmdb.go
@@ -1,174 +0,0 @@
 package cmdb
 import (
 	"context"
 	"crypto/sha1"
 	"encoding/hex"
 	"errors"
 	"fmt"
 	"net/url"
 	"sort"
 	"strings"
 	"time"
 	"github.com/samber/lo"
 	"github.com/spf13/cast"
 	"go.uber.org/zap"
 	"gorm.io/gorm"
 	"github.com/veops/oneterm/pkg/conf"
 	"github.com/veops/oneterm/pkg/logger"
 	"github.com/veops/oneterm/pkg/server/auth/acl"
 	"github.com/veops/oneterm/pkg/server/controller"
 	"github.com/veops/oneterm/pkg/server/model"
 	"github.com/veops/oneterm/pkg/server/remote"
 	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
 )
 var (
 	ctx, cancel = context.WithCancel(context.Background())
 )
 func Run() (err error) {
 	currentUser := &acl.Session{
 		Uid: conf.Cfg.Worker.Uid,
 		Acl: acl.Acl{
 			Rid: conf.Cfg.Worker.Rid,
 		},
 	}
 	tk := time.NewTicker(time.Minute)
 	last := make(map[int]time.Time)
 	for {
 		select {
 		case <-tk.C:
 			nodes, err := getNodes()
 			if err != nil {
 				logger.L.Error("get nodes faild", zap.Error(err))
 				continue
 			}
 			now := time.Now()
 			for _, n := range nodes {
 				d, _ := time.ParseDuration(fmt.Sprintf("%fh", n.Sync.Frequency))
 				if last[n.Id].Add(d).After(now) {
 					continue
 				}
 				if n.Sync.TypeId <= 0 {
 					continue
 				}
 				cis, err := getCis(n.Sync.TypeId, n.Sync.Filters)
 				if err != nil {
 					logger.L.Error("get cmdb failed", zap.Error(err))
 					continue
 				}
 				for _, ci := range cis {
 					a := &model.Asset{
 						Ciid:          cast.ToInt(ci["_id"]),
 						ParentId:      n.Id,
 						UpdaterId:     conf.Cfg.Worker.Uid,
 						Ip:            cast.ToString(ci[n.Sync.Mapping["ip"]]),
 						Name:          fmt.Sprintf("%s@%v", cast.ToString(ci[n.Sync.Mapping["name"]]), time.Now().Format(time.RFC3339)),
 						Protocols:     n.Protocols,
 						Authorization: n.Authorization,
 						AccessAuth:    n.AccessAuth,
 					}
 					resourceIds := make([]int, 0)
 					if err := mysql.DB.Model(a).Select("resource_id").Where("ci_id = ?", a.Ciid).Find(&resourceIds).Error; err != nil {
 						logger.L.Error("insert ci failed", zap.Error(err))
 						continue
 					}
 					if !errors.Is(mysql.DB.Model(a).Where("ci_id = ?", a.Ciid).Where("parent_id = ?", a.ParentId).First(map[string]any{}).Error, gorm.ErrRecordNotFound) {
 						continue
 					}
 					a.CreatorId = conf.Cfg.Worker.Uid
 					a.ResourceId, err = acl.CreateAcl(ctx, currentUser, acl.GetResourceTypeName(conf.RESOURCE_ASSET), a.Name)
 					if err != nil {
 						continue
 					}
 					if err = mysql.DB.Transaction(func(tx *gorm.DB) (err error) {
 						if err = tx.Create(a).Error; err != nil {
 							return
 						}
 						err = controller.HandleAuthorization(currentUser, tx, model.ACTION_CREATE, nil, a)
 						return
 					}); err != nil {
 						continue
 					}
 				}
 			}
 		case <-ctx.Done():
 			return
 		}
 	}
 }
 func Stop(err error) {
 	defer cancel()
 }
 func getNodes() (res map[int]*model.Node, err error) {
 	data := make([]*model.Node, 0)
 	err = mysql.DB.
 		Model(&model.Node{}).
 		Where("enable = ?", 1).
 		Find(&data).
 		Error
 	if err != nil {
 		return
 	}
 	res = lo.SliceToMap(data, func(d *model.Node) (int, *model.Node) { return d.Id, d })
 	return
 }
 func getCis(typeId int, filters string) (res []map[string]any, err error) {
 	url := fmt.Sprintf("%s/ci/s", conf.Cfg.Cmdb.Url)
 	params := map[string]any{
 		"q":     fmt.Sprintf("_type:(%d),%s", typeId, filters),
 		"count": 100000,
 	}
 	params["_secret"] = buildAPIKey(url, params)
 	params["_key"] = conf.Cfg.Worker.Key
 	ps := make(map[string]string)
 	for k, v := range params {
 		ps[k] = cast.ToString(v)
 	}
 	data := &GetCIResult{}
 	resp, err := remote.RC.R().
 		SetQueryParams(ps).
 		SetResult(data).
 		Get(url)
 	if err = remote.HandleErr(err, resp, func(dt map[string]any) bool { return true }); err != nil {
 		return
 	}
 	res = data.Result
 	return
 }
 type GetCIResult struct {
 	Counter  map[string]int   `json:"counter"`
 	Facet    map[string]any   `json:"facet"`
 	Numfound int              `json:"numfound"`
 	Page     int              `json:"page"`
 	Result   []map[string]any `json:"result"`
 	Total    int              `json:"total"`
 }
 func buildAPIKey(u string, params map[string]any) string {
 	pu, _ := url.Parse(u)
 	keys := lo.Keys(params)
 	sort.Slice(keys, func(i, j int) bool { return keys[i] < keys[j] })
 	vals := strings.Join(
 		lo.Map(keys, func(k string, _ int) string {
 			return lo.Ternary(strings.HasPrefix(k, "_"), "", cast.ToString(params[k]))
 		}),
 		"")
 	sha := sha1.New()
 	sha.Write([]byte(strings.Join([]string{pu.Path, conf.Cfg.Worker.Secret, vals}, "")))
 	return hex.EncodeToString(sha.Sum(nil))
 }
--- a/backend/pkg/server/storage/cache/local/localcache.go
+++ b/backend/pkg/server/storage/cache/local/localcache.go
@@ -1,21 +0,0 @@
 package local
 import (
 	"context"
 	"time"
 	"github.com/allegro/bigcache/v3"
 )
 var (
 	// LC local cache client
 	LC *bigcache.BigCache
 )
 func Init() error {
 	var err error
 	if LC, err = bigcache.New(context.Background(), bigcache.DefaultConfig(time.Minute*10)); err != nil {
 		return err
 	}
 	return nil
 }
--- a/backend/pkg/server/storage/db/mysql/mysql.go
+++ b/backend/pkg/server/storage/db/mysql/mysql.go
@@ -1,27 +0,0 @@
 package mysql
 import (
 	"fmt"
 	"gorm.io/driver/mysql"
 	"gorm.io/gorm"
 	"github.com/veops/oneterm/pkg/conf"
 )
 var (
 	DB *gorm.DB
 )
 func Init(cfg *conf.MysqlConfig) (err error) {
 	if cfg == nil {
 		return
 	}
 	dsn := fmt.Sprintf("%s:%s@tcp(%s:%s)/oneterm?charset=utf8mb4&parseTime=True&loc=Local", cfg.User, cfg.Password, cfg.Ip, cfg.Port)
 	if DB, err = gorm.Open(mysql.Open(dsn), &gorm.Config{}); err != nil {
 		return
 	}
 	return
 }
--- a/backend/pkg/util/requests.go
+++ b/backend/pkg/util/requests.go
@@ -1,52 +0,0 @@
 package util
 import (
 	"bytes"
 	"fmt"
 	"io"
 	"net/http"
 	"net/url"
 	"strings"
 )
 func ClientRequest(client *http.Client, method, url string, headers map[string]string, data []byte) (int, []byte, error) {
 	var res []byte
 	var code = 0
 	req, err := http.NewRequest(strings.ToUpper(method), url, bytes.NewBuffer(data))
 	if err != nil {
 		return code, res, err
 	}
 	for k, v := range headers {
 		req.Header.Set(k, v)
 	}
 	//req.AddCookie(&http.Cookie{Name: "session", Value: ""})
 	response, err := client.Do(req)
 	if err != nil && response == nil {
 		return code, res, fmt.Errorf("error: %+v", err)
 	} else {
 		if response != nil {
 			defer response.Body.Close()
 			r, err := io.ReadAll(response.Body)
 			return response.StatusCode, r, err
 		}
 		return code, res, nil
 	}
 }
 func PostForm(reqUrl string, content map[string]string) (int, []byte, error) {
 	data := url.Values{}
 	for k, v := range content {
 		data.Add(k, v)
 	}
 	resp, err := http.PostForm(reqUrl, data)
 	if resp != nil {
 		defer resp.Body.Close()
 	}
 	if err != nil {
 		return 0, nil, err
 	}
 	r, err := io.ReadAll(resp.Body)
 	return resp.StatusCode, r, err
 }
--- a/backend/pkg/util/util.go
+++ b/backend/pkg/util/util.go
@@ -1,164 +0,0 @@
 package util
 import (
 	"errors"
 	"fmt"
 	"net"
 	"os"
 	"path/filepath"
 	"reflect"
 	"strconv"
 	"time"
 	"unsafe"
 	"github.com/mitchellh/mapstructure"
 )
 func GetLocalIP() (string, error) {
 	interfaces, err := net.Interfaces()
 	if err != nil {
 		return "", err
 	}
 	for _, iface := range interfaces {
 		addrs, err := iface.Addrs()
 		if err != nil {
 			return "", err
 		}
 		for _, addr := range addrs {
 			ipNet, ok := addr.(*net.IPNet)
 			if ok && !ipNet.IP.IsLoopback() && ipNet.IP.To4() != nil {
 				return ipNet.IP.String(), nil
 			}
 		}
 	}
 	return "", errors.New("cannot find the client IP address")
 }
 func GetMacAddrs() (macAddrs []string) {
 	netInterfaces, err := net.Interfaces()
 	if err != nil {
 		return macAddrs
 	}
 	for _, netInterface := range netInterfaces {
 		macAddr := netInterface.HardwareAddr.String()
 		if len(macAddr) == 0 {
 			continue
 		}
 		macAddrs = append(macAddrs, macAddr)
 	}
 	return macAddrs
 }
 func CallReflect(any any, name string, args ...any) []reflect.Value {
 	inputs := make([]reflect.Value, len(args))
 	for i := range args {
 		inputs[i] = reflect.ValueOf(args[i])
 	}
 	if v := reflect.ValueOf(any).MethodByName(name); v.String() == "<invalid Value>" {
 		return nil
 	} else {
 		return v.Call(inputs)
 	}
 }
 func SetUnExportedStructField(ptr any, field string, newValue any) error {
 	v := reflect.ValueOf(ptr).Elem().FieldByName(field)
 	v = reflect.NewAt(v.Type(), unsafe.Pointer(v.UnsafeAddr())).Elem()
 	nv := reflect.ValueOf(newValue)
 	if v.Kind() != nv.Kind() {
 		return fmt.Errorf("expected kind :%s, get kind: %s", v.Kind(), nv.Kind())
 	}
 	v.Set(nv)
 	return nil
 }
 //func CopyStruct(source interface{}, dest interface{}) {
 //	val := reflect.ValueOf(source)
 //	destVal := reflect.ValueOf(dest).Elem()
 //
 //	for i := 0; i < val.NumField(); i++ {
 //		field := val.Type().Field(i).Name
 //		destField := destVal.FieldByName(field)
 //		if destField.IsValid() && destField.CanSet() {
 //			destField.Set(val.Field(i))
 //		}
 //	}
 //}
 func CopyStruct(src, dst interface{}) error {
 	srcVal := reflect.ValueOf(src)
 	dstVal := reflect.ValueOf(dst).Elem()
 	for i := 0; i < srcVal.NumField(); i++ {
 		srcField := srcVal.Type().Field(i)
 		dstField, found := dstVal.Type().FieldByName(srcField.Name)
 		if found {
 			if dstField.Type.AssignableTo(srcField.Type) {
 				dstVal.FieldByName(srcField.Name).Set(srcVal.Field(i))
 			} else {
 				return fmt.Errorf("Cannot assign %s field", srcField.Name)
 			}
 		}
 	}
 	return nil
 }
 func ToTimeHookFunc() mapstructure.DecodeHookFunc {
 	return func(
 		f reflect.Type,
 		t reflect.Type,
 		data interface{}) (interface{}, error) {
 		if t != reflect.TypeOf(time.Time{}) {
 			return data, nil
 		}
 		switch f.Kind() {
 		case reflect.String:
 			return time.Parse(time.RFC3339, data.(string))
 		case reflect.Float64:
 			return time.Unix(0, int64(data.(float64))*int64(time.Millisecond)), nil
 		case reflect.Int64:
 			return time.Unix(0, data.(int64)*int64(time.Millisecond)), nil
 		default:
 			return data, nil
 		}
 		// Convert it by parsing
 	}
 }
 func decodeHook(f reflect.Type, t reflect.Type, data interface{}) (interface{}, error) {
 	if f.Kind() == reflect.Int && t.Kind() == reflect.String {
 		return strconv.Itoa(data.(int)), nil
 	}
 	return data, nil
 }
 func DecodeStruct(dst, src any) error {
 	decoder, _ := mapstructure.NewDecoder(&mapstructure.DecoderConfig{
 		TagName: "json",
 		Result:  &dst,
 		DecodeHook: mapstructure.ComposeDecodeHookFunc(
 			ToTimeHookFunc()),
 	})
 	return decoder.Decode(src)
 }
 func ListFiles(path string) (res []string, err error) {
 	err = filepath.Walk(path, func(path string, info os.FileInfo, err error) error {
 		if err != nil {
 			return err
 		}
 		if !info.IsDir() && filepath.Ext(path) == ".toml" {
 			res = append(res, path)
 		}
 		return nil
 	})
 	return
 }
--- a/backend/pkg/server/remote/http.go
+++ b/backend/pkg/server/remote/http.go
@@ -14,9 +14,9 @@ import (
 	"github.com/spf13/cast"
 	"go.uber.org/zap"
-	"github.com/veops/oneterm/pkg/conf"
+	redis "github.com/veops/oneterm/cache"
-	"github.com/veops/oneterm/pkg/logger"
+	"github.com/veops/oneterm/conf"
-	"github.com/veops/oneterm/pkg/server/storage/cache/redis"
+	"github.com/veops/oneterm/logger"
 )
 var (
@@ -54,7 +54,7 @@ func HandleErr(e error, resp *resty.Response, isOk func(dt map[string]any) bool)
 	defer func() {
 		if err != nil {
 			bs, _ := json.Marshal(resp.Request.Body)
-			logger.L.Error(fmt.Sprintf("%s failed", runtime.FuncForPC(pc).Name()), zap.String("url", resp.Request.URL), zap.String("req", string(bs)), zap.String("resp", resp.String()))
+			logger.L().Error(fmt.Sprintf("%s failed", runtime.FuncForPC(pc).Name()), zap.String("url", resp.Request.URL), zap.String("req", string(bs)), zap.String("resp", resp.String()))
 		}
 	}()
--- a/backend/pkg/server/schedule/connectable/connectable.go
+++ b/backend/pkg/server/schedule/connectable/connectable.go
@@ -1,4 +1,4 @@
-package connectable
+package schedule
 import (
 	"context"
@@ -12,11 +12,11 @@ import (
 	"github.com/spf13/cast"
 	"go.uber.org/zap"
-	"github.com/veops/oneterm/pkg/logger"
+	mysql "github.com/veops/oneterm/db"
-	ggateway "github.com/veops/oneterm/pkg/server/global/gateway"
+	ggateway "github.com/veops/oneterm/gateway"
-	"github.com/veops/oneterm/pkg/server/model"
+	"github.com/veops/oneterm/logger"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	"github.com/veops/oneterm/model"
-	"github.com/veops/oneterm/pkg/util"
+	"github.com/veops/oneterm/util"
 )
 var (
@@ -24,7 +24,7 @@ var (
 	d           = time.Hour * 2
 )
-func Run() (err error) {
+func RunConnectable() (err error) {
 	tk := time.NewTicker(d)
 	for {
 		select {
@@ -36,14 +36,14 @@ func Run() (err error) {
 	}
 }
-func Stop(err error) {
+func StopConnectable(err error) {
 	defer cancel()
 }
 func CheckUpdate(ids ...int) (err error) {
 	defer func() {
 		if err != nil {
-			logger.L.Warn("check connectable failed", zap.Error(err))
+			logger.L().Warn("check connectable failed", zap.Error(err))
 		}
 	}()
 	assets := make([]*model.Asset, 0)
@@ -56,7 +56,7 @@ func CheckUpdate(ids ...int) (err error) {
 	}
 	if err = db.
 		Find(&assets).Error; err != nil {
-		logger.L.Debug("get assets to test connectable failed", zap.Error(err))
+		logger.L().Debug("get assets to test connectable failed", zap.Error(err))
 		return
 	}
 	gids := lo.Without(lo.Uniq(lo.Map(assets, func(a *model.Asset, _ int) int { return a.GatewayId })), 0)
@@ -66,7 +66,7 @@ func CheckUpdate(ids ...int) (err error) {
 			Model(gateways).
 			Where("id IN ?", gids).
 			Find(&gateways).Error; err != nil {
-			logger.L.Debug("get gatewats to test connectable failed", zap.Error(err))
+			logger.L().Debug("get gatewats to test connectable failed", zap.Error(err))
 			return
 		}
 	}
@@ -89,12 +89,12 @@ func CheckUpdate(ids ...int) (err error) {
 	ggateway.GetGatewayManager().Close(sids...)
 	if len(oks) > 0 {
 		if err := mysql.DB.Model(assets).Where("id IN ?", oks).Update("connectable", true).Error; err != nil {
-			logger.L.Debug("update connectable to ok failed", zap.Error(err))
+			logger.L().Debug("update connectable to ok failed", zap.Error(err))
 		}
 	}
 	if len(oks) < len(all) {
 		if err := mysql.DB.Model(assets).Where("id IN ?", lo.Without(all, oks...)).Update("connectable", false).Error; err != nil {
-			logger.L.Debug("update connectable to fail failed", zap.Error(err))
+			logger.L().Debug("update connectable to fail failed", zap.Error(err))
 		}
 	}
 	return
@@ -111,7 +111,7 @@ func checkOne(asset *model.Asset, gateway *model.Gateway) (sid string, ok bool)
 		if asset.GatewayId != 0 {
 			gt, err = ggateway.GetGatewayManager().Open(sid, ip, port, gateway)
 			if err != nil {
-				logger.L.Debug("open gateway failed", zap.Error(err))
+				logger.L().Debug("open gateway failed", zap.Error(err))
 				continue
 			}
 			ip, port = gt.LocalIp, gt.LocalPort
@@ -119,7 +119,7 @@ func checkOne(asset *model.Asset, gateway *model.Gateway) (sid string, ok bool)
 		addr := fmt.Sprintf("%s:%d", ip, port)
 		net, err := net.DialTimeout("tcp", addr, time.Second*3)
 		if err != nil {
-			logger.L.Debug("dail failed", zap.String("addr", addr), zap.Error(err))
+			logger.L().Debug("dail failed", zap.String("addr", addr), zap.Error(err))
 			continue
 		}
 		defer net.Close()
--- a/backend/pkg/server/global/session/session.go
+++ b/backend/pkg/server/global/session/session.go
@@ -9,12 +9,13 @@ import (
 	"time"
 	"github.com/gin-gonic/gin"
 	"github.com/veops/oneterm/pkg/logger"
 	"github.com/veops/oneterm/pkg/server/guacd"
 	"github.com/veops/oneterm/pkg/server/model"
 	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
 	"go.uber.org/zap"
 	"gorm.io/gorm/clause"
 	"github.com/veops/oneterm/api/guacd"
 	mysql "github.com/veops/oneterm/db"
 	"github.com/veops/oneterm/logger"
 	"github.com/veops/oneterm/model"
 )
 var (
@@ -85,7 +86,7 @@ func Init() (err error) {
 		Where("status = ?", model.SESSIONSTATUS_ONLINE).
 		Find(&sessions).
 		Error; err != nil {
-		logger.L.Warn("get sessions failed", zap.Error(err))
+		logger.L().Warn("get sessions failed", zap.Error(err))
 		return
 	}
 	ctx := &gin.Context{}
--- a/backend/pkg/util/aes.go
+++ b/backend/pkg/util/aes.go
--- a/backend/pkg/util/aes_test.go
+++ b/backend/pkg/util/aes_test.go
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -138,17 +138,6 @@ services:
        aliases:
          - acl-api
 volumes:
  db-data:
    driver: local
    name: oneterm_db-data
  file-data:
    driver: local
    name: oneterm_file-data
  ssh-data:
    driver: local
    name: oneterm_ssh
 networks:
  new:
    driver: bridge