♻️ Basiclly moved to Dealer from Consul

2024-07-15 00:01:17 +08:00 · 2024-07-15 00:01:17 +08:00 · 69fb9531cb
commit 69fb9531cb
parent a60be78ce6
40 changed files with 298 additions and 1451 deletions
--- a/.DS_Store
+++ b/.DS_Store
--- a/.idea/workspace.xml
+++ b/.idea/workspace.xml
@ -4,8 +4,43 @@
    <option name="autoReloadType" value="ALL" />
  </component>
  <component name="ChangeListManager">
-    <list default="true" id="3fefb2c4-b6f9-466b-a523-53352e8d6f95" name="更改" comment=":bug: Bug fixes">
+    <list default="true" id="3fefb2c4-b6f9-466b-a523-53352e8d6f95" name="更改" comment=":bug: Fix oauth ticket need mfa">
-      <change beforePath="$PROJECT_DIR$/pkg/internal/services/ticket.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/ticket.go" afterDir="false" />
+      <change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/go.mod" beforeDir="false" afterPath="$PROJECT_DIR$/go.mod" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/go.sum" beforeDir="false" afterPath="$PROJECT_DIR$/go.sum" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/hyper/auth.go" beforeDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/hyper/auth_adaptor.go" beforeDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/hyper/conn.go" beforeDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/internal/gap/server.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/gap/server.go" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/internal/grpc/auth.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/grpc/auth.go" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/internal/grpc/server.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/grpc/server.go" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/internal/i18n/bundle.go" beforeDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/internal/i18n/embed.go" beforeDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/internal/i18n/locale.en.json" beforeDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/internal/i18n/locale.zh.json" beforeDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/internal/i18n/middleware.go" beforeDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/internal/models/accounts.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/models/accounts.go" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/internal/server/api/avatar_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/server/api/avatar_api.go" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/internal/server/api/index.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/server/api/index.go" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/internal/server/api/ws.go" beforeDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/internal/server/exts/auth.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/server/exts/auth.go" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/internal/server/exts/cookies.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/server/exts/cookies.go" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/internal/server/server.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/server/server.go" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/internal/services/connections.go" beforeDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/internal/services/e2ee.go" beforeDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/internal/services/notifications.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/notifications.go" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/internal/services/statuses.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/statuses.go" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/main.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/main.go" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/proto/auth.pb.go" beforeDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/proto/auth.proto" beforeDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/proto/auth_grpc.pb.go" beforeDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/proto/friendships.pb.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/proto/friendships.pb.go" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/proto/friendships_grpc.pb.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/proto/friendships_grpc.pb.go" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/proto/notify.pb.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/proto/notify.pb.go" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/proto/notify_grpc.pb.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/proto/notify_grpc.pb.go" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/proto/realms.pb.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/proto/realms.pb.go" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/pkg/proto/realms_grpc.pb.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/proto/realms_grpc.pb.go" afterDir="false" />
      <change beforePath="$PROJECT_DIR$/settings.toml" beforeDir="false" afterPath="$PROJECT_DIR$/settings.toml" afterDir="false" />
    </list>
    <option name="SHOW_DIALOG" value="false" />
    <option name="HIGHLIGHT_CONFLICTS" value="true" />
@ -23,7 +58,7 @@
  <component name="Git.Settings">
    <option name="RECENT_BRANCH_BY_REPOSITORY">
      <map>
-        <entry key="$PROJECT_DIR$" value="features/kex" />
+        <entry key="$PROJECT_DIR$" value="master" />
      </map>
    </option>
    <option name="RECENT_GIT_ROOT_PATH" value="$PROJECT_DIR$" />
@ -40,34 +75,34 @@
    <option name="hideEmptyMiddlePackages" value="true" />
    <option name="showLibraryContents" value="true" />
  </component>
-  <component name="PropertiesComponent">{
+  <component name="PropertiesComponent"><![CDATA[{
-  &quot;keyToString&quot;: {
+  "keyToString": {
-    &quot;DefaultGoTemplateProperty&quot;: &quot;Go File&quot;,
+    "DefaultGoTemplateProperty": "Go File",
-    &quot;Go Build.Backend.executor&quot;: &quot;Run&quot;,
+    "Go Build.Backend.executor": "Run",
-    &quot;Go 构建.Backend.executor&quot;: &quot;Run&quot;,
+    "Go 构建.Backend.executor": "Run",
-    &quot;RunOnceActivity.ShowReadmeOnStart&quot;: &quot;true&quot;,
+    "RunOnceActivity.ShowReadmeOnStart": "true",
-    &quot;RunOnceActivity.go.formatter.settings.were.checked&quot;: &quot;true&quot;,
+    "RunOnceActivity.go.formatter.settings.were.checked": "true",
-    &quot;RunOnceActivity.go.migrated.go.modules.settings&quot;: &quot;true&quot;,
+    "RunOnceActivity.go.migrated.go.modules.settings": "true",
-    &quot;RunOnceActivity.go.modules.automatic.dependencies.download&quot;: &quot;true&quot;,
+    "RunOnceActivity.go.modules.automatic.dependencies.download": "true",
-    &quot;RunOnceActivity.go.modules.go.list.on.any.changes.was.set&quot;: &quot;true&quot;,
+    "RunOnceActivity.go.modules.go.list.on.any.changes.was.set": "true",
-    &quot;git-widget-placeholder&quot;: &quot;master&quot;,
+    "git-widget-placeholder": "refactor/dealer",
-    &quot;go.import.settings.migrated&quot;: &quot;true&quot;,
+    "go.import.settings.migrated": "true",
-    &quot;go.sdk.automatically.set&quot;: &quot;true&quot;,
+    "go.sdk.automatically.set": "true",
-    &quot;last_opened_file_path&quot;: &quot;/Users/littlesheep/Documents/Projects/Hydrogen/Passport/web/src/components/admin&quot;,
+    "last_opened_file_path": "/Users/littlesheep/Documents/Projects/Hydrogen/Passport/web/src/components/admin",
-    &quot;node.js.detected.package.eslint&quot;: &quot;true&quot;,
+    "node.js.detected.package.eslint": "true",
-    &quot;node.js.selected.package.eslint&quot;: &quot;(autodetect)&quot;,
+    "node.js.selected.package.eslint": "(autodetect)",
-    &quot;nodejs_package_manager_path&quot;: &quot;npm&quot;,
+    "nodejs_package_manager_path": "npm",
-    &quot;run.code.analysis.last.selected.profile&quot;: &quot;pProject Default&quot;,
+    "run.code.analysis.last.selected.profile": "pProject Default",
-    &quot;settings.editor.selected.configurable&quot;: &quot;preferences.pluginManager&quot;,
+    "settings.editor.selected.configurable": "preferences.pluginManager",
-    &quot;ts.external.directory.path&quot;: &quot;/Users/littlesheep/Documents/Projects/Hydrogen/Passport/web/node_modules/typescript/lib&quot;,
+    "ts.external.directory.path": "/Users/littlesheep/Documents/Projects/Hydrogen/Passport/web/node_modules/typescript/lib",
-    &quot;vue.rearranger.settings.migration&quot;: &quot;true&quot;
+    "vue.rearranger.settings.migration": "true"
  },
-  &quot;keyToStringList&quot;: {
+  "keyToStringList": {
-    &quot;DatabaseDriversLRU&quot;: [
+    "DatabaseDriversLRU": [
-      &quot;postgresql&quot;
+      "postgresql"
    ]
  }
-}</component>
+}]]></component>
  <component name="RecentsManager">
    <key name="CopyFile.RECENT_KEYS">
      <recent name="$PROJECT_DIR$/web/src/components/admin" />
@ -151,7 +186,6 @@
    </option>
  </component>
  <component name="VcsManagerConfiguration">
    <MESSAGE value=":ambulance: Fix nil pointer panic" />
    <MESSAGE value=":bug: Not supposed to appear to status at the same time" />
    <MESSAGE value=":ambulance: Fix getting user panic again..." />
    <MESSAGE value=":bug: Fix status validation issue" />
@ -176,7 +210,8 @@
    <MESSAGE value=":rotating_light: Fix ts lint issue" />
    <MESSAGE value=":poop: Remove mis-imported cgo" />
    <MESSAGE value=":bug: Bug fixes" />
-    <option name="LAST_COMMIT_MESSAGE" value=":bug: Bug fixes" />
+    <MESSAGE value=":bug: Fix oauth ticket need mfa" />
    <option name="LAST_COMMIT_MESSAGE" value=":bug: Fix oauth ticket need mfa" />
  </component>
  <component name="VgoProject">
    <settings-migrated>true</settings-migrated>
--- a/go.mod
+++ b/go.mod
@ -42,6 +42,7 @@ require (
 	cloud.google.com/go/iam v1.1.8 // indirect
 	cloud.google.com/go/longrunning v0.5.7 // indirect
 	cloud.google.com/go/storage v1.41.0 // indirect
 	git.solsynth.dev/hydrogen/dealer v0.0.0-20240714155615-ad83100677ab // indirect
 	github.com/andybalholm/brotli v1.1.0 // indirect
 	github.com/armon/go-metrics v0.4.1 // indirect
 	github.com/fasthttp/websocket v1.5.8 // indirect
--- a/go.sum
+++ b/go.sum
@ -17,6 +17,18 @@ cloud.google.com/go/storage v1.41.0 h1:RusiwatSu6lHeEXe3kglxakAmAbfV+rhtPqA6i8RB
 cloud.google.com/go/storage v1.41.0/go.mod h1:J1WCa/Z2FcgdEDuPUY8DxT5I+d9mFKsCepp5vR6Sq80=
 firebase.google.com/go v3.13.0+incompatible h1:3TdYC3DDi6aHn20qoRkxwGqNgdjtblwVAyRLQwGn/+4=
 firebase.google.com/go v3.13.0+incompatible/go.mod h1:xlah6XbEyW6tbfSklcfe5FHJIwjt8toICdV5Wh9ptHs=
 git.solsynth.dev/hydrogen/dealer v0.0.0-20240714122530-466b240e95a6 h1:QH5FGLdU7sfQ63RsgbP5iTjWE3/2VicJfewI4s28ThU=
 git.solsynth.dev/hydrogen/dealer v0.0.0-20240714122530-466b240e95a6/go.mod h1:eZwAwP7ahL7TO8GWBlYFYDdjlna+8zHYbDfNabnuUEU=
 git.solsynth.dev/hydrogen/dealer v0.0.0-20240714125606-31e73c438e33 h1:Zz0SQQ6xIBhBaNnGddl9AwX+5Id9J89NohzHjvG7/WM=
 git.solsynth.dev/hydrogen/dealer v0.0.0-20240714125606-31e73c438e33/go.mod h1:eZwAwP7ahL7TO8GWBlYFYDdjlna+8zHYbDfNabnuUEU=
 git.solsynth.dev/hydrogen/dealer v0.0.0-20240714135616-d371c4fbfae2 h1:95ofnv70QDsK5ZxENY8LdV04KT0SjQZN6Mz6xJfSDhg=
 git.solsynth.dev/hydrogen/dealer v0.0.0-20240714135616-d371c4fbfae2/go.mod h1:eZwAwP7ahL7TO8GWBlYFYDdjlna+8zHYbDfNabnuUEU=
 git.solsynth.dev/hydrogen/dealer v0.0.0-20240714154518-8f996bb69731 h1:8O1mbCnwpIt/51HUhF4fMtE6GEmBjiyJhtvBm2uwAHg=
 git.solsynth.dev/hydrogen/dealer v0.0.0-20240714154518-8f996bb69731/go.mod h1:eZwAwP7ahL7TO8GWBlYFYDdjlna+8zHYbDfNabnuUEU=
 git.solsynth.dev/hydrogen/dealer v0.0.0-20240714154934-7812a06cb195 h1:TuO+yRnsr9sGGpzpU58N6K1AIbTEEMtBML1lUcIp1rE=
 git.solsynth.dev/hydrogen/dealer v0.0.0-20240714154934-7812a06cb195/go.mod h1:eZwAwP7ahL7TO8GWBlYFYDdjlna+8zHYbDfNabnuUEU=
 git.solsynth.dev/hydrogen/dealer v0.0.0-20240714155615-ad83100677ab h1:hxqJkL4Ha3Y3SfeSA9TPKBJK6mtY88Q2uialHsDbGf0=
 git.solsynth.dev/hydrogen/dealer v0.0.0-20240714155615-ad83100677ab/go.mod h1:eZwAwP7ahL7TO8GWBlYFYDdjlna+8zHYbDfNabnuUEU=
 git.solsynth.dev/hydrogen/paperclip v0.0.0-20240622051057-0f56dba45745 h1:40BUsQMNXjqHyytkyF9py1HjTAWlRgO6R57YXUrHNy4=
 git.solsynth.dev/hydrogen/paperclip v0.0.0-20240622051057-0f56dba45745/go.mod h1:FsQGSLTl0gvo+9Jmbot02S72suyF9tFTrzDj70Xhifo=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
--- a/pkg/.DS_Store
+++ b/pkg/.DS_Store
--- a/pkg/hyper/auth.go
+++ b/pkg/hyper/auth.go
@ -1,63 +0,0 @@
 package hyper
 import (
 	"context"
 	"fmt"
 	"git.solsynth.dev/hydrogen/passport/pkg/proto"
 	"google.golang.org/grpc"
 	"time"
 )
 func (v *HyperConn) DoAuthenticate(atk, rtk string) (acc *proto.Userinfo, accessTk string, refreshTk string, err error) {
 	ctx, cancel := context.WithTimeout(context.Background(), time.Second*10)
 	defer cancel()
 	var in *grpc.ClientConn
 	in, err = v.DiscoverServiceGRPC("Hydrogen.Passport")
 	if err != nil {
 		return
 	}
 	var reply *proto.AuthReply
 	reply, err = proto.NewAuthClient(in).Authenticate(ctx, &proto.AuthRequest{
 		AccessToken:  atk,
 		RefreshToken: &rtk,
 	})
 	if err != nil {
 		return
 	}
 	if reply != nil {
 		acc = reply.GetUserinfo()
 		accessTk = reply.GetAccessToken()
 		refreshTk = reply.GetRefreshToken()
 		if !reply.IsValid {
 			err = fmt.Errorf("invalid authorization context")
 			return
 		}
 	}
 	return
 }
 func (v *HyperConn) DoCheckPerm(atk string, key string, val []byte) error {
 	ctx, cancel := context.WithTimeout(context.Background(), time.Second*10)
 	defer cancel()
 	in, err := v.DiscoverServiceGRPC("Hydrogen.Passport")
 	if err != nil {
 		return err
 	}
 	reply, err := proto.NewAuthClient(in).CheckPerm(ctx, &proto.CheckPermRequest{
 		Token: atk,
 		Key:   key,
 		Value: val,
 	})
 	if err != nil {
 		return err
 	} else if !reply.GetIsValid() {
 		return fmt.Errorf("missing permission: %s", key)
 	}
 	return nil
 }
--- a/pkg/hyper/auth_adaptor.go
+++ b/pkg/hyper/auth_adaptor.go
@ -1,69 +0,0 @@
 package hyper
 import (
 	"git.solsynth.dev/hydrogen/passport/pkg/proto"
 	"github.com/gofiber/fiber/v2"
 	jsoniter "github.com/json-iterator/go"
 	"strings"
 	"time"
 )
 const CookieAtk = "__hydrogen_atk"
 const CookieRtk = "__hydrogen_rtk"
 func (v *HyperConn) AuthMiddleware(c *fiber.Ctx) error {
 	var atk string
 	if cookie := c.Cookies(CookieAtk); len(cookie) > 0 {
 		atk = cookie
 	}
 	if header := c.Get(fiber.HeaderAuthorization); len(header) > 0 {
 		tk := strings.Replace(header, "Bearer", "", 1)
 		atk = strings.TrimSpace(tk)
 	}
 	if tk := c.Query("tk"); len(tk) > 0 {
 		atk = strings.TrimSpace(tk)
 	}
 	c.Locals("p_token", atk)
 	rtk := c.Cookies(CookieRtk)
 	if user, newAtk, newRtk, err := v.DoAuthenticate(atk, rtk); err == nil {
 		if newAtk != atk {
 			c.Cookie(&fiber.Cookie{
 				Name:     CookieAtk,
 				Value:    newAtk,
 				SameSite: "Lax",
 				Expires:  time.Now().Add(60 * time.Minute),
 				Path:     "/",
 			})
 			c.Cookie(&fiber.Cookie{
 				Name:     CookieRtk,
 				Value:    newRtk,
 				SameSite: "Lax",
 				Expires:  time.Now().Add(24 * 30 * time.Hour),
 				Path:     "/",
 			})
 		}
 		c.Locals("p_user", user)
 	}
 	return c.Next()
 }
 func (v *HyperConn) EnsureAuthenticated(c *fiber.Ctx) error {
 	if _, ok := c.Locals("p_user").(*proto.Userinfo); !ok {
 		return fiber.NewError(fiber.StatusUnauthorized)
 	}
 	return nil
 }
 func (v *HyperConn) EnsureGrantedPerm(c *fiber.Ctx, key string, val any) error {
 	if err := v.EnsureAuthenticated(c); err != nil {
 		return err
 	}
 	encodedVal, _ := jsoniter.Marshal(val)
 	if err := v.DoCheckPerm(c.Locals("p_token").(string), key, encodedVal); err != nil {
 		return fiber.NewError(fiber.StatusForbidden, err.Error())
 	}
 	return nil
 }
--- a/pkg/hyper/conn.go
+++ b/pkg/hyper/conn.go
@ -1,51 +0,0 @@
 package hyper
 import (
 	"context"
 	"fmt"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/credentials/insecure"
 	health "google.golang.org/grpc/health/grpc_health_v1"
 	"time"
 	_ "github.com/mbobakov/grpc-consul-resolver"
 )
 type HyperConn struct {
 	Addr string
 	cacheGrpcConn map[string]*grpc.ClientConn
 }
 func NewHyperConn(addr string) *HyperConn {
 	return &HyperConn{
 		Addr: addr,
 		cacheGrpcConn: make(map[string]*grpc.ClientConn),
 	}
 }
 func (v *HyperConn) DiscoverServiceGRPC(name string) (*grpc.ClientConn, error) {
 	if val, ok := v.cacheGrpcConn[name]; ok {
 		ctx, cancel := context.WithTimeout(context.Background(), time.Second*10)
 		defer cancel()
 		if _, err := health.NewHealthClient(val).Check(ctx, &health.HealthCheckRequest{
 			Service: name,
 		}); err == nil {
 			return val, nil
 		} else {
 			delete(v.cacheGrpcConn, name)
 		}
 	}
 	target := fmt.Sprintf("consul://%s/%s", v.Addr, name)
 	conn, err := grpc.NewClient(
 		target,
 		grpc.WithTransportCredentials(insecure.NewCredentials()),
 		grpc.WithDefaultServiceConfig(`{"loadBalancingPolicy": "round_robin"}`),
 	)
 	if err == nil {
 		v.cacheGrpcConn[name] = conn
 	}
 	return conn, err
 }
--- a/pkg/internal/.DS_Store
+++ b/pkg/internal/.DS_Store
--- a/pkg/internal/gap/server.go
+++ b/pkg/internal/gap/server.go
@ -2,51 +2,41 @@ package gap
 import (
 	"fmt"
-	"strconv"
+	"git.solsynth.dev/hydrogen/dealer/pkg/hyper"
 	"git.solsynth.dev/hydrogen/dealer/pkg/proto"
 	"github.com/rs/zerolog/log"
 	"strings"
 	"github.com/hashicorp/consul/api"
 	"github.com/spf13/viper"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/credentials/insecure"
 	_ "github.com/mbobakov/grpc-consul-resolver"
 )
-func Register() error {
+var H *hyper.HyperConn
 	cfg := api.DefaultConfig()
 	cfg.Address = viper.GetString("consul.addr")
 	client, err := api.NewClient(cfg)
 	if err != nil {
 		return err
 	}
 func RegisterService() error {
 	grpcBind := strings.SplitN(viper.GetString("grpc_bind"), ":", 2)
 	httpBind := strings.SplitN(viper.GetString("bind"), ":", 2)
 	outboundIp, _ := GetOutboundIP()
 	port, _ := strconv.Atoi(grpcBind[1])
-	registration := new(api.AgentServiceRegistration)
+	grpcOutbound := fmt.Sprintf("%s:%s", outboundIp, grpcBind[1])
-	registration.ID = viper.GetString("id")
+	httpOutbound := fmt.Sprintf("%s:%s", outboundIp, httpBind[1])
-	registration.Name = "Hydrogen.Passport"
+
-	registration.Address = outboundIp.String()
+	var err error
-	registration.Port = port
+	H, err = hyper.NewHyperConn(viper.GetString("dealer.addr"), &proto.ServiceInfo{
-	registration.Check = &api.AgentServiceCheck{
+		Id:       viper.GetString("id"),
-		GRPC:                           fmt.Sprintf("%s:%s", outboundIp, grpcBind[1]),
+		Type:     hyper.ServiceTypeAuthProvider,
-		Timeout:                        "5s",
+		Label:    "Passport",
-		Interval:                       "1m",
+		GrpcAddr: grpcOutbound,
-		DeregisterCriticalServiceAfter: "3m",
+		HttpAddr: &httpOutbound,
 	})
 	if err == nil {
 		go func() {
 			err := H.KeepRegisterService()
 			if err != nil {
 				log.Error().Err(err).Msg("An error occurred while registering service...")
 			}
 		}()
 	}
-	return client.Agent().ServiceRegister(registration)
+	return err
 }
 func DiscoverPaperclip() (*grpc.ClientConn, error) {
 	target := fmt.Sprintf("consul://%s/Hydrogen.Paperclip", viper.GetString("consul.addr"))
 	return grpc.NewClient(
 		target,
 		grpc.WithTransportCredentials(insecure.NewCredentials()),
 		grpc.WithDefaultServiceConfig(`{"loadBalancingPolicy": "round_robin"}`),
 	)
 }
--- a/pkg/internal/grpc/auth.go
+++ b/pkg/internal/grpc/auth.go
@ -3,23 +3,22 @@ package grpc
 import (
 	"context"
 	exproto "git.solsynth.dev/hydrogen/dealer/pkg/proto"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
 	"git.solsynth.dev/hydrogen/passport/pkg/proto"
 	jsoniter "github.com/json-iterator/go"
 	"github.com/samber/lo"
 )
-func (v *Server) Authenticate(_ context.Context, in *proto.AuthRequest) (*proto.AuthReply, error) {
+func (v *Server) Authenticate(_ context.Context, in *exproto.AuthRequest) (*exproto.AuthReply, error) {
 	ctx, perms, atk, rtk, err := services.Authenticate(in.GetAccessToken(), in.GetRefreshToken(), 0)
 	if err != nil {
-		return &proto.AuthReply{
+		return &exproto.AuthReply{
 			IsValid: false,
 		}, nil
 	} else {
 		user := ctx.Account
 		rawPerms, _ := jsoniter.Marshal(perms)
-		userinfo := &proto.Userinfo{
+		userinfo := &exproto.UserInfo{
 			Id:          uint64(user.ID),
 			Name:        user.Name,
 			Nick:        user.Nick,
@ -34,18 +33,20 @@ func (v *Server) Authenticate(_ context.Context, in *proto.AuthRequest) (*proto.
 			userinfo.Banner = *user.GetBanner()
 		}
-		return &proto.AuthReply{
+		return &exproto.AuthReply{
-			IsValid:      true,
+			IsValid: true,
-			AccessToken:  &atk,
+			Info: &exproto.AuthInfo{
-			RefreshToken: &rtk,
+				NewAccessToken:  &atk,
-			Permissions:  rawPerms,
+				NewRefreshToken: &rtk,
-			TicketId:     lo.ToPtr(uint64(ctx.Ticket.ID)),
+				Permissions:     rawPerms,
-			Userinfo:     userinfo,
+				TicketId:        uint64(ctx.Ticket.ID),
 				Info:            userinfo,
 			},
 		}, nil
 	}
 }
-func (v *Server) CheckPerm(_ context.Context, in *proto.CheckPermRequest) (*proto.CheckPermReply, error) {
+func (v *Server) CheckPerm(_ context.Context, in *exproto.CheckPermRequest) (*exproto.CheckPermReply, error) {
 	claims, err := services.DecodeJwt(in.GetToken())
 	if err != nil {
 		return nil, err
@ -64,7 +65,7 @@ func (v *Server) CheckPerm(_ context.Context, in *proto.CheckPermRequest) (*prot
 	perms := services.FilterPermNodes(heldPerms, ctx.Ticket.Claims)
 	valid := services.HasPermNode(perms, in.GetKey(), value)
-	return &proto.CheckPermReply{
+	return &exproto.CheckPermReply{
 		IsValid: valid,
 	}, nil
 }
--- a/pkg/internal/grpc/server.go
+++ b/pkg/internal/grpc/server.go
@ -4,6 +4,7 @@ import (
 	"google.golang.org/grpc/reflection"
 	"net"
 	exproto "git.solsynth.dev/hydrogen/dealer/pkg/proto"
 	"git.solsynth.dev/hydrogen/passport/pkg/proto"
 	"github.com/spf13/viper"
 	"google.golang.org/grpc"
@ -12,7 +13,7 @@ import (
 import health "google.golang.org/grpc/health/grpc_health_v1"
 type Server struct {
-	proto.UnimplementedAuthServer
+	exproto.UnimplementedAuthServer
 	proto.UnimplementedNotifyServer
 	proto.UnimplementedFriendshipsServer
 	proto.UnimplementedRealmsServer
@ -26,7 +27,7 @@ func NewServer() *Server {
 		srv: grpc.NewServer(),
 	}
-	proto.RegisterAuthServer(server.srv, &Server{})
+	exproto.RegisterAuthServer(server.srv, &Server{})
 	proto.RegisterNotifyServer(server.srv, &Server{})
 	proto.RegisterFriendshipsServer(server.srv, &Server{})
 	proto.RegisterRealmsServer(server.srv, &Server{})
--- a/pkg/internal/i18n/bundle.go
+++ b/pkg/internal/i18n/bundle.go
@ -1,16 +0,0 @@
 package i18n
 import (
 	jsoniter "github.com/json-iterator/go"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
 	"golang.org/x/text/language"
 )
 var Bundle *i18n.Bundle
 func InitInternationalization() {
 	Bundle = i18n.NewBundle(language.English)
 	Bundle.RegisterUnmarshalFunc("json", jsoniter.ConfigCompatibleWithStandardLibrary.Unmarshal)
 	Bundle.LoadMessageFileFS(FS, "locale.en.json")
 	Bundle.LoadMessageFileFS(FS, "locale.zh.json")
 }
--- a/pkg/internal/i18n/embed.go
+++ b/pkg/internal/i18n/embed.go
@ -1,6 +0,0 @@
 package i18n
 import "embed"
 //go:embed locale.*.json
 var FS embed.FS
--- a/pkg/internal/i18n/locale.en.json
+++ b/pkg/internal/i18n/locale.en.json
@ -1,23 +0,0 @@
 {
  "next": "Next",
  "email": "Email",
  "username": "Username",
  "nickname": "Nickname",
  "password": "Password",
  "unknown": "Unknown",
  "apply": "Apply",
  "back": "Back",
  "approve": "Approve",
  "decline": "Decline",
  "magicToken": "Magic Token",
  "signinTitle": "Sign In",
  "signinCaption": "Sign in to Solarpass to explore entire Solar Network. Explore posts, discover communities, talk with your best friends. All these things in the Solar Network!",
  "signinRequired": "You need to sign in before do that.",
  "signupTitle": "Sign Up",
  "signupCaption": "Sign up to create an account on Solarpass, then you can explore the entire Solar Network! Enjoy the next-generation Internet Ecosystem!",
  "authorizeTitle": "Authorize",
  "authorizeCaption": "One Solarpass, get entire network.",
  "mfaTitle": "Multi Factor Authenticate",
  "mfaCaption": "We need use one more way to verify it is you.",
  "mfaFactorEmail": "OTP through your email"
 }
--- a/pkg/internal/i18n/locale.zh.json
+++ b/pkg/internal/i18n/locale.zh.json
@ -1,23 +0,0 @@
 {
  "next": "下一步",
  "email": "邮件地址",
  "username": "用户名",
  "nickname": "昵称",
  "password": "密码",
  "unknown": "未知",
  "apply": "应用",
  "back": "返回",
  "approve": "接受",
  "decline": "拒绝",
  "magicToken": "魔法令牌",
  "signinTitle": "登陆",
  "signinCaption": "登陆 Solarpass 以探索整个 Solar Network，浏览帖子、探索社区、和你的好朋友聊八卦，一切尽在 Solar Network!",
  "signinRequired": "你需要在那之前登陆",
  "signupTitle": "注册",
  "signupCaption": "注册以在 Solarpass 创建一个账号，之后你就可以探索整个 Solar Network，享受下一代互联网生态系统！",
  "authorizeTitle": "授权",
  "authorizeCaption": "一个 Solarpass，整个网络。",
  "mfaTitle": "多因素验证",
  "mfaCaption": "我们需要另一个方法来确认你是你。",
  "mfaFactorEmail": "电子邮寄一次性验证码"
 }
--- a/pkg/internal/i18n/middleware.go
+++ b/pkg/internal/i18n/middleware.go
@ -1,15 +0,0 @@
 package i18n
 import (
 	"github.com/gofiber/fiber/v2"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
 )
 func I18nMiddleware(c *fiber.Ctx) error {
 	accept := c.Get(fiber.HeaderAcceptLanguage)
 	localizer := i18n.NewLocalizer(Bundle, accept)
 	c.Locals("localizer", localizer)
 	return c.Next()
 }
--- a/pkg/internal/models/accounts.go
+++ b/pkg/internal/models/accounts.go
@ -21,26 +21,26 @@ type Account struct {
 	SuspendedAt *time.Time        `json:"suspended_at"`
 	PermNodes   datatypes.JSONMap `json:"perm_nodes"`
-	Profile  AccountProfile `json:"profile"`
+	Profile  AccountProfile `json:"profile,omitempty"`
-	Statuses []Status       `json:"statuses"`
+	Statuses []Status       `json:"statuses,omitempty"`
-	Badges   []Badge        `json:"badges"`
+	Badges   []Badge        `json:"badges,omitempty"`
-	Contacts        []AccountContact `json:"contacts"`
+	Contacts        []AccountContact `json:"contacts,omitempty"`
-	RealmIdentities []RealmMember    `json:"realm_identities"`
+	RealmIdentities []RealmMember    `json:"realm_identities,omitempty"`
-	Tickets []AuthTicket `json:"tickets"`
+	Tickets []AuthTicket `json:"tickets,omitempty"`
-	Factors []AuthFactor `json:"factors"`
+	Factors []AuthFactor `json:"factors,omitempty"`
-	Events      []ActionEvent `json:"events"`
+	Events      []ActionEvent `json:"events,omitempty"`
 	MagicTokens []MagicToken  `json:"-"`
-	ThirdClients []ThirdClient `json:"clients"`
+	ThirdClients []ThirdClient `json:"clients,omitempty"`
-	Notifications     []Notification           `json:"notifications" gorm:"foreignKey:RecipientID"`
+	Notifications     []Notification           `json:"notifications,omitempty" gorm:"foreignKey:RecipientID"`
-	NotifySubscribers []NotificationSubscriber `json:"notify_subscribers"`
+	NotifySubscribers []NotificationSubscriber `json:"notify_subscribers,omitempty"`
-	Friendships        []AccountFriendship `json:"friendships" gorm:"foreignKey:AccountID"`
+	Friendships        []AccountFriendship `json:"friendships,omitempty" gorm:"foreignKey:AccountID"`
-	RelatedFriendships []AccountFriendship `json:"related_friendships" gorm:"foreignKey:RelatedID"`
+	RelatedFriendships []AccountFriendship `json:"related_friendships,omitempty" gorm:"foreignKey:RelatedID"`
 }
 func (v Account) GetAvatar() *string {
--- a/pkg/internal/server/.DS_Store
+++ b/pkg/internal/server/.DS_Store
--- a/pkg/internal/server/api/avatar_api.go
+++ b/pkg/internal/server/api/avatar_api.go
@ -3,6 +3,7 @@ package api
 import (
 	"context"
 	"fmt"
 	"git.solsynth.dev/hydrogen/dealer/pkg/hyper"
 	"git.solsynth.dev/hydrogen/paperclip/pkg/proto"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/database"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/gap"
@ -27,7 +28,7 @@ func setAvatar(c *fiber.Ctx) error {
 		return err
 	}
-	pc, err := gap.DiscoverPaperclip()
+	pc, err := gap.H.GetServiceGrpcConn(hyper.ServiceTypeFileProvider)
 	if err != nil {
 		return fiber.NewError(fiber.StatusInternalServerError, "attachments services was not available")
 	}
@ -63,7 +64,7 @@ func setBanner(c *fiber.Ctx) error {
 		return err
 	}
-	pc, err := gap.DiscoverPaperclip()
+	pc, err := gap.H.GetServiceGrpcConn(hyper.ServiceTypeFileProvider)
 	if err != nil {
 		return fiber.NewError(fiber.StatusInternalServerError, "attachments services was not available")
 	}
--- a/pkg/internal/server/api/index.go
+++ b/pkg/internal/server/api/index.go
@ -1,8 +1,6 @@
 package api
 import (
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/server/exts"
 	"github.com/gofiber/contrib/websocket"
 	"github.com/gofiber/fiber/v2"
 )
@ -99,13 +97,6 @@ func MapAPIs(app *fiber.App) {
 			developers.Post("/notify", notifyUser)
 		}
 		api.Use(func(c *fiber.Ctx) error {
 			if err := exts.EnsureAuthenticated(c); err != nil {
 				return err
 			}
 			return c.Next()
 		}).Get("/ws", websocket.New(listenWebsocket))
 		api.All("/*", func(c *fiber.Ctx) error {
 			return fiber.ErrNotFound
 		})
--- a/pkg/internal/server/api/ws.go
+++ b/pkg/internal/server/api/ws.go
@ -1,82 +0,0 @@
 package api
 import (
 	"fmt"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/models"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
 	"github.com/gofiber/contrib/websocket"
 	jsoniter "github.com/json-iterator/go"
 	"github.com/rs/zerolog/log"
 	"github.com/samber/lo"
 )
 func listenWebsocket(c *websocket.Conn) {
 	user := c.Locals("user").(models.Account)
 	// Push connection
 	services.ClientRegister(user, c)
 	log.Debug().Uint("user", user.ID).Msg("New websocket connection established...")
 	// Event loop
 	var task models.UnifiedCommand
 	var messageType int
 	var payload []byte
 	var packet []byte
 	var err error
 	for {
 		if messageType, packet, err = c.ReadMessage(); err != nil {
 			break
 		} else if err := jsoniter.Unmarshal(packet, &task); err != nil {
 			_ = c.WriteMessage(messageType, models.UnifiedCommand{
 				Action:  "error",
 				Message: "unable to unmarshal your command, requires json request",
 			}.Marshal())
 			continue
 		} else {
 			payload, _ = jsoniter.Marshal(task.Payload)
 		}
 		var message *models.UnifiedCommand
 		switch task.Action {
 		case "kex.request":
 			var req struct {
 				RequestID string `json:"request_id"`
 				KeypairID string `json:"keypair_id"`
 				Algorithm string `json:"algorithm"`
 				OwnerID   uint   `json:"owner_id"`
 				Deadline  int64  `json:"deadline"`
 			}
 			_ = jsoniter.Unmarshal(payload, &req)
 			if len(req.RequestID) <= 0 || len(req.KeypairID) <= 0 || req.OwnerID <= 0 {
 				message = lo.ToPtr(models.UnifiedCommandFromError(fmt.Errorf("invalid request")))
 			}
 			services.KexRequest(c, req.RequestID, req.KeypairID, req.Algorithm, req.OwnerID, req.Deadline)
 		case "kex.provide":
 			var req struct {
 				RequestID string `json:"request_id"`
 				KeypairID string `json:"keypair_id"`
 				Algorithm string `json:"algorithm"`
 				PublicKey []byte `json:"public_key"`
 			}
 			_ = jsoniter.Unmarshal(payload, &req)
 			if len(req.RequestID) <= 0 || len(req.KeypairID) <= 0 {
 				message = lo.ToPtr(models.UnifiedCommandFromError(fmt.Errorf("invalid request")))
 			}
 			services.KexProvide(user.ID, req.RequestID, req.KeypairID, packet)
 		default:
 			message = lo.ToPtr(models.UnifiedCommandFromError(fmt.Errorf("unknown action")))
 		}
 		if message != nil {
 			if err = c.WriteMessage(messageType, message.Marshal()); err != nil {
 				break
 			}
 		}
 	}
 	// Pop connection
 	services.ClientUnregister(user, c)
 	log.Debug().Uint("user", user.ID).Msg("A websocket connection disconnected...")
 }
--- a/pkg/internal/server/exts/auth.go
+++ b/pkg/internal/server/exts/auth.go
@ -2,7 +2,7 @@ package exts
 import (
 	"fmt"
-	"git.solsynth.dev/hydrogen/passport/pkg/hyper"
+	"git.solsynth.dev/hydrogen/dealer/pkg/hyper"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/models"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
 	"github.com/gofiber/fiber/v2"
--- a/pkg/internal/server/exts/cookies.go
+++ b/pkg/internal/server/exts/cookies.go
@ -1,7 +1,7 @@
 package exts
 import (
-	"git.solsynth.dev/hydrogen/passport/pkg/hyper"
+	"git.solsynth.dev/hydrogen/dealer/pkg/hyper"
 	"github.com/gofiber/fiber/v2"
 	"github.com/spf13/viper"
 	"time"
--- a/pkg/internal/server/server.go
+++ b/pkg/internal/server/server.go
@ -9,7 +9,6 @@ import (
 	"path/filepath"
 	"strings"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/i18n"
 	"github.com/gofiber/fiber/v2"
 	"github.com/gofiber/fiber/v2/middleware/cors"
 	"github.com/gofiber/fiber/v2/middleware/favicon"
@ -59,7 +58,6 @@ func NewServer() *HTTPApp {
 	}))
 	app.Use(exts.AuthMiddleware)
 	app.Use(i18n.I18nMiddleware)
 	admin.MapAdminAPIs(app)
 	api.MapAPIs(app)
--- a/pkg/internal/services/connections.go
+++ b/pkg/internal/services/connections.go
@ -1,37 +0,0 @@
 package services
 import (
 	"sync"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/models"
 	"github.com/gofiber/contrib/websocket"
 )
 var (
 	wsMutex sync.Mutex
 	wsConn  = make(map[uint]map[*websocket.Conn]bool)
 )
 func ClientRegister(user models.Account, conn *websocket.Conn) {
 	wsMutex.Lock()
 	if wsConn[user.ID] == nil {
 		wsConn[user.ID] = make(map[*websocket.Conn]bool)
 	}
 	wsConn[user.ID][conn] = true
 	wsMutex.Unlock()
 }
 func ClientUnregister(user models.Account, conn *websocket.Conn) {
 	wsMutex.Lock()
 	if wsConn[user.ID] == nil {
 		wsConn[user.ID] = make(map[*websocket.Conn]bool)
 	}
 	delete(wsConn[user.ID], conn)
 	wsMutex.Unlock()
 	if status, err := GetStatus(user.ID); err != nil || !status.IsInvisible {
 		if len(wsConn[user.ID]) == 0 {
 			_ = SetAccountLastSeen(user.ID)
 		}
 	}
 }
--- a/pkg/internal/services/e2ee.go
+++ b/pkg/internal/services/e2ee.go
@ -1,82 +0,0 @@
 package services
 import (
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/models"
 	"github.com/gofiber/contrib/websocket"
 	"github.com/gofiber/fiber/v2"
 	"time"
 )
 type kexRequest struct {
 	OwnerID  uint
 	Conn     *websocket.Conn
 	Deadline time.Time
 }
 var kexRequests = make(map[string]map[string]kexRequest)
 func KexRequest(conn *websocket.Conn, requestId, keypairId, algorithm string, ownerId uint, deadline int64) {
 	if kexRequests[keypairId] == nil {
 		kexRequests[keypairId] = make(map[string]kexRequest)
 	}
 	ddl := time.Now().Add(time.Second * time.Duration(deadline))
 	request := kexRequest{
 		OwnerID:  ownerId,
 		Conn:     conn,
 		Deadline: ddl,
 	}
 	flag := false
 	for c := range wsConn[ownerId] {
 		if c == conn {
 			continue
 		}
 		if c.WriteMessage(1, models.UnifiedCommand{
 			Action: "kex.request",
 			Payload: fiber.Map{
 				"request_id": requestId,
 				"keypair_id": keypairId,
 				"algorithm":  algorithm,
 				"owner_id":   ownerId,
 				"deadline":   deadline,
 			},
 		}.Marshal()) == nil {
 			flag = true
 		}
 	}
 	if flag {
 		kexRequests[keypairId][requestId] = request
 	}
 }
 func KexProvide(userId uint, requestId, keypairId string, pkt []byte) {
 	if kexRequests[keypairId] == nil {
 		return
 	}
 	val, ok := kexRequests[keypairId][requestId]
 	if !ok {
 		return
 	} else if val.OwnerID != userId {
 		return
 	} else {
 		_ = val.Conn.WriteMessage(1, pkt)
 	}
 }
 func KexCleanup() {
 	if len(kexRequests) <= 0 {
 		return
 	}
 	for kp, data := range kexRequests {
 		for idx, req := range data {
 			if req.Deadline.Unix() <= time.Now().Unix() {
 				delete(kexRequests[kp], idx)
 			}
 		}
 	}
 }
--- a/pkg/internal/services/notifications.go
+++ b/pkg/internal/services/notifications.go
@ -2,7 +2,11 @@ package services
 import (
 	"context"
 	"fmt"
 	"git.solsynth.dev/hydrogen/dealer/pkg/proto"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/gap"
 	"reflect"
 	"time"
 	"firebase.google.com/go/messaging"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/database"
@ -56,15 +60,23 @@ func NewNotification(notification models.Notification) error {
 	return nil
 }
-// PushNotification will push the notification what ever it is exists record in the database
+// PushNotification will push the notification whatever it exists record in the
-// Recommend push another goroutine when you need to push a lot of notification
+// database Recommend push another goroutine when you need to push a lot of
-// And just use block statement when you just push one notification, the time of create a new sub-process is much more than push notification
+// notifications And just use a block statement when you just push one
 // notification, the time of create a new subprocess is much more than push
 // notification
 func PushNotification(notification models.Notification) error {
-	for conn := range wsConn[notification.RecipientID] {
+	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
-		_ = conn.WriteMessage(1, models.UnifiedCommand{
+	defer cancel()
 	_, err := proto.NewStreamControllerClient(gap.H.GetDealerGrpcConn()).PushStream(ctx, &proto.PushStreamRequest{
 		UserId: uint64(notification.RecipientID),
 		Body: models.UnifiedCommand{
 			Action:  "notifications.new",
 			Payload: notification,
-		}.Marshal())
+		}.Marshal(),
 	})
 	if err != nil {
 		return fmt.Errorf("failed to push via websocket: %v", err)
 	}
 	// Skip push notification
--- a/pkg/internal/services/statuses.go
+++ b/pkg/internal/services/statuses.go
@ -1,7 +1,10 @@
 package services
 import (
 	"context"
 	"fmt"
 	"git.solsynth.dev/hydrogen/dealer/pkg/proto"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/gap"
 	"time"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/database"
@ -32,7 +35,16 @@ func GetStatus(uid uint) (models.Status, error) {
 }
 func GetUserOnline(uid uint) bool {
-	return wsConn[uid] != nil && len(wsConn[uid]) > 0
+	pc := proto.NewStreamControllerClient(gap.H.GetDealerGrpcConn())
 	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
 	defer cancel()
 	resp, err := pc.CountStreamConnection(ctx, &proto.CountConnectionRequest{
 		UserId: uint64(uid),
 	})
 	if err != nil {
 		return false
 	}
 	return resp.Count > 0
 }
 func GetStatusDisturbable(uid uint) error {
@ -49,7 +61,7 @@ func GetStatusDisturbable(uid uint) error {
 func GetStatusOnline(uid uint) error {
 	status, err := GetStatus(uid)
-	isOnline := wsConn[uid] != nil && len(wsConn[uid]) > 0
+	isOnline := GetUserOnline(uid)
 	if isOnline && err != nil {
 		return nil
 	} else if err == nil && status.IsInvisible {
--- a/pkg/main.go
+++ b/pkg/main.go
@ -7,8 +7,6 @@ import (
 	"os/signal"
 	"syscall"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/i18n"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/grpc"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/server"
 	"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
@ -37,8 +35,6 @@ func main() {
 		log.Panic().Err(err).Msg("An error occurred when loading settings.")
 	}
 	i18n.InitInternationalization()
 	// Connect to database
 	if err := database.NewGorm(); err != nil {
 		log.Fatal().Err(err).Msg("An error occurred when connect to database.")
@ -47,7 +43,7 @@ func main() {
 	}
 	// Connect other services
-	if err := gap.Register(); err != nil {
+	if err := gap.RegisterService(); err != nil {
 		log.Error().Err(err).Msg("An error occurred when registering service to gateway...")
 	}
 	if err := services.SetupFirebase(); err != nil {
@ -69,7 +65,6 @@ func main() {
 	quartz.AddFunc("@every 60m", services.DoAutoDatabaseCleanup)
 	quartz.AddFunc("@every 60s", services.RecycleAuthContext)
 	quartz.AddFunc("@every 60m", services.RecycleUnConfirmAccount)
 	quartz.AddFunc("@every 5m", services.KexCleanup)
 	quartz.AddFunc("@every 60s", services.SaveEventChanges)
 	quartz.Start()
--- a/pkg/proto/auth.pb.go
+++ b/pkg/proto/auth.pb.go
@ -1,554 +0,0 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.33.0
 // 	protoc        v5.26.1
 // source: auth.proto
 package proto
 import (
 	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
 	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
 	reflect "reflect"
 	sync "sync"
 )
 const (
 	// Verify that this generated code is sufficiently up-to-date.
 	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
 	// Verify that runtime/protoimpl is sufficiently up-to-date.
 	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
 )
 type Userinfo struct {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 	Id          uint64  `protobuf:"varint,1,opt,name=id,proto3" json:"id,omitempty"`
 	Name        string  `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
 	Nick        string  `protobuf:"bytes,3,opt,name=nick,proto3" json:"nick,omitempty"`
 	Email       string  `protobuf:"bytes,4,opt,name=email,proto3" json:"email,omitempty"`
 	Avatar      string  `protobuf:"bytes,5,opt,name=avatar,proto3" json:"avatar,omitempty"`
 	Banner      string  `protobuf:"bytes,6,opt,name=banner,proto3" json:"banner,omitempty"`
 	Description *string `protobuf:"bytes,7,opt,name=description,proto3,oneof" json:"description,omitempty"`
 }
 func (x *Userinfo) Reset() {
 	*x = Userinfo{}
 	if protoimpl.UnsafeEnabled {
 		mi := &file_auth_proto_msgTypes[0]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
 }
 func (x *Userinfo) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 func (*Userinfo) ProtoMessage() {}
 func (x *Userinfo) ProtoReflect() protoreflect.Message {
 	mi := &file_auth_proto_msgTypes[0]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
 			ms.StoreMessageInfo(mi)
 		}
 		return ms
 	}
 	return mi.MessageOf(x)
 }
 // Deprecated: Use Userinfo.ProtoReflect.Descriptor instead.
 func (*Userinfo) Descriptor() ([]byte, []int) {
 	return file_auth_proto_rawDescGZIP(), []int{0}
 }
 func (x *Userinfo) GetId() uint64 {
 	if x != nil {
 		return x.Id
 	}
 	return 0
 }
 func (x *Userinfo) GetName() string {
 	if x != nil {
 		return x.Name
 	}
 	return ""
 }
 func (x *Userinfo) GetNick() string {
 	if x != nil {
 		return x.Nick
 	}
 	return ""
 }
 func (x *Userinfo) GetEmail() string {
 	if x != nil {
 		return x.Email
 	}
 	return ""
 }
 func (x *Userinfo) GetAvatar() string {
 	if x != nil {
 		return x.Avatar
 	}
 	return ""
 }
 func (x *Userinfo) GetBanner() string {
 	if x != nil {
 		return x.Banner
 	}
 	return ""
 }
 func (x *Userinfo) GetDescription() string {
 	if x != nil && x.Description != nil {
 		return *x.Description
 	}
 	return ""
 }
 type AuthRequest struct {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 	AccessToken  string  `protobuf:"bytes,1,opt,name=access_token,json=accessToken,proto3" json:"access_token,omitempty"`
 	RefreshToken *string `protobuf:"bytes,2,opt,name=refresh_token,json=refreshToken,proto3,oneof" json:"refresh_token,omitempty"`
 }
 func (x *AuthRequest) Reset() {
 	*x = AuthRequest{}
 	if protoimpl.UnsafeEnabled {
 		mi := &file_auth_proto_msgTypes[1]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
 }
 func (x *AuthRequest) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 func (*AuthRequest) ProtoMessage() {}
 func (x *AuthRequest) ProtoReflect() protoreflect.Message {
 	mi := &file_auth_proto_msgTypes[1]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
 			ms.StoreMessageInfo(mi)
 		}
 		return ms
 	}
 	return mi.MessageOf(x)
 }
 // Deprecated: Use AuthRequest.ProtoReflect.Descriptor instead.
 func (*AuthRequest) Descriptor() ([]byte, []int) {
 	return file_auth_proto_rawDescGZIP(), []int{1}
 }
 func (x *AuthRequest) GetAccessToken() string {
 	if x != nil {
 		return x.AccessToken
 	}
 	return ""
 }
 func (x *AuthRequest) GetRefreshToken() string {
 	if x != nil && x.RefreshToken != nil {
 		return *x.RefreshToken
 	}
 	return ""
 }
 type AuthReply struct {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 	IsValid      bool      `protobuf:"varint,1,opt,name=is_valid,json=isValid,proto3" json:"is_valid,omitempty"`
 	AccessToken  *string   `protobuf:"bytes,2,opt,name=access_token,json=accessToken,proto3,oneof" json:"access_token,omitempty"`
 	RefreshToken *string   `protobuf:"bytes,3,opt,name=refresh_token,json=refreshToken,proto3,oneof" json:"refresh_token,omitempty"`
 	Userinfo     *Userinfo `protobuf:"bytes,4,opt,name=userinfo,proto3,oneof" json:"userinfo,omitempty"`
 	Permissions  []byte    `protobuf:"bytes,5,opt,name=permissions,proto3,oneof" json:"permissions,omitempty"`
 	TicketId     *uint64   `protobuf:"varint,6,opt,name=ticket_id,json=ticketId,proto3,oneof" json:"ticket_id,omitempty"`
 }
 func (x *AuthReply) Reset() {
 	*x = AuthReply{}
 	if protoimpl.UnsafeEnabled {
 		mi := &file_auth_proto_msgTypes[2]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
 }
 func (x *AuthReply) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 func (*AuthReply) ProtoMessage() {}
 func (x *AuthReply) ProtoReflect() protoreflect.Message {
 	mi := &file_auth_proto_msgTypes[2]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
 			ms.StoreMessageInfo(mi)
 		}
 		return ms
 	}
 	return mi.MessageOf(x)
 }
 // Deprecated: Use AuthReply.ProtoReflect.Descriptor instead.
 func (*AuthReply) Descriptor() ([]byte, []int) {
 	return file_auth_proto_rawDescGZIP(), []int{2}
 }
 func (x *AuthReply) GetIsValid() bool {
 	if x != nil {
 		return x.IsValid
 	}
 	return false
 }
 func (x *AuthReply) GetAccessToken() string {
 	if x != nil && x.AccessToken != nil {
 		return *x.AccessToken
 	}
 	return ""
 }
 func (x *AuthReply) GetRefreshToken() string {
 	if x != nil && x.RefreshToken != nil {
 		return *x.RefreshToken
 	}
 	return ""
 }
 func (x *AuthReply) GetUserinfo() *Userinfo {
 	if x != nil {
 		return x.Userinfo
 	}
 	return nil
 }
 func (x *AuthReply) GetPermissions() []byte {
 	if x != nil {
 		return x.Permissions
 	}
 	return nil
 }
 func (x *AuthReply) GetTicketId() uint64 {
 	if x != nil && x.TicketId != nil {
 		return *x.TicketId
 	}
 	return 0
 }
 type CheckPermRequest struct {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 	Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"`
 	Key   string `protobuf:"bytes,2,opt,name=key,proto3" json:"key,omitempty"`
 	Value []byte `protobuf:"bytes,3,opt,name=value,proto3" json:"value,omitempty"`
 }
 func (x *CheckPermRequest) Reset() {
 	*x = CheckPermRequest{}
 	if protoimpl.UnsafeEnabled {
 		mi := &file_auth_proto_msgTypes[3]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
 }
 func (x *CheckPermRequest) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 func (*CheckPermRequest) ProtoMessage() {}
 func (x *CheckPermRequest) ProtoReflect() protoreflect.Message {
 	mi := &file_auth_proto_msgTypes[3]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
 			ms.StoreMessageInfo(mi)
 		}
 		return ms
 	}
 	return mi.MessageOf(x)
 }
 // Deprecated: Use CheckPermRequest.ProtoReflect.Descriptor instead.
 func (*CheckPermRequest) Descriptor() ([]byte, []int) {
 	return file_auth_proto_rawDescGZIP(), []int{3}
 }
 func (x *CheckPermRequest) GetToken() string {
 	if x != nil {
 		return x.Token
 	}
 	return ""
 }
 func (x *CheckPermRequest) GetKey() string {
 	if x != nil {
 		return x.Key
 	}
 	return ""
 }
 func (x *CheckPermRequest) GetValue() []byte {
 	if x != nil {
 		return x.Value
 	}
 	return nil
 }
 type CheckPermReply struct {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 	IsValid bool `protobuf:"varint,1,opt,name=is_valid,json=isValid,proto3" json:"is_valid,omitempty"`
 }
 func (x *CheckPermReply) Reset() {
 	*x = CheckPermReply{}
 	if protoimpl.UnsafeEnabled {
 		mi := &file_auth_proto_msgTypes[4]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
 }
 func (x *CheckPermReply) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 func (*CheckPermReply) ProtoMessage() {}
 func (x *CheckPermReply) ProtoReflect() protoreflect.Message {
 	mi := &file_auth_proto_msgTypes[4]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
 			ms.StoreMessageInfo(mi)
 		}
 		return ms
 	}
 	return mi.MessageOf(x)
 }
 // Deprecated: Use CheckPermReply.ProtoReflect.Descriptor instead.
 func (*CheckPermReply) Descriptor() ([]byte, []int) {
 	return file_auth_proto_rawDescGZIP(), []int{4}
 }
 func (x *CheckPermReply) GetIsValid() bool {
 	if x != nil {
 		return x.IsValid
 	}
 	return false
 }
 var File_auth_proto protoreflect.FileDescriptor
 var file_auth_proto_rawDesc = []byte{
 	0x0a, 0x0a, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x05, 0x70, 0x72,
 	0x6f, 0x74, 0x6f, 0x22, 0xbf, 0x01, 0x0a, 0x08, 0x55, 0x73, 0x65, 0x72, 0x69, 0x6e, 0x66, 0x6f,
 	0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x02, 0x69, 0x64,
 	0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04,
 	0x6e, 0x61, 0x6d, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x69, 0x63, 0x6b, 0x18, 0x03, 0x20, 0x01,
 	0x28, 0x09, 0x52, 0x04, 0x6e, 0x69, 0x63, 0x6b, 0x12, 0x14, 0x0a, 0x05, 0x65, 0x6d, 0x61, 0x69,
 	0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x12, 0x16,
 	0x0a, 0x06, 0x61, 0x76, 0x61, 0x74, 0x61, 0x72, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06,
 	0x61, 0x76, 0x61, 0x74, 0x61, 0x72, 0x12, 0x16, 0x0a, 0x06, 0x62, 0x61, 0x6e, 0x6e, 0x65, 0x72,
 	0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x62, 0x61, 0x6e, 0x6e, 0x65, 0x72, 0x12, 0x25,
 	0x0a, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x07, 0x20,
 	0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69,
 	0x6f, 0x6e, 0x88, 0x01, 0x01, 0x42, 0x0e, 0x0a, 0x0c, 0x5f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69,
 	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x6c, 0x0a, 0x0b, 0x41, 0x75, 0x74, 0x68, 0x52, 0x65, 0x71,
 	0x75, 0x65, 0x73, 0x74, 0x12, 0x21, 0x0a, 0x0c, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x74,
 	0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x61, 0x63, 0x63, 0x65,
 	0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x28, 0x0a, 0x0d, 0x72, 0x65, 0x66, 0x72, 0x65,
 	0x73, 0x68, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00,
 	0x52, 0x0c, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x88, 0x01,
 	0x01, 0x42, 0x10, 0x0a, 0x0e, 0x5f, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x74, 0x6f,
 	0x6b, 0x65, 0x6e, 0x22, 0xc1, 0x02, 0x0a, 0x09, 0x41, 0x75, 0x74, 0x68, 0x52, 0x65, 0x70, 0x6c,
 	0x79, 0x12, 0x19, 0x0a, 0x08, 0x69, 0x73, 0x5f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x18, 0x01, 0x20,
 	0x01, 0x28, 0x08, 0x52, 0x07, 0x69, 0x73, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x12, 0x26, 0x0a, 0x0c,
 	0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01,
 	0x28, 0x09, 0x48, 0x00, 0x52, 0x0b, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65,
 	0x6e, 0x88, 0x01, 0x01, 0x12, 0x28, 0x0a, 0x0d, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f,
 	0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x48, 0x01, 0x52, 0x0c, 0x72,
 	0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x88, 0x01, 0x01, 0x12, 0x30,
 	0x0a, 0x08, 0x75, 0x73, 0x65, 0x72, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b,
 	0x32, 0x0f, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x69, 0x6e, 0x66,
 	0x6f, 0x48, 0x02, 0x52, 0x08, 0x75, 0x73, 0x65, 0x72, 0x69, 0x6e, 0x66, 0x6f, 0x88, 0x01, 0x01,
 	0x12, 0x25, 0x0a, 0x0b, 0x70, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18,
 	0x05, 0x20, 0x01, 0x28, 0x0c, 0x48, 0x03, 0x52, 0x0b, 0x70, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73,
 	0x69, 0x6f, 0x6e, 0x73, 0x88, 0x01, 0x01, 0x12, 0x20, 0x0a, 0x09, 0x74, 0x69, 0x63, 0x6b, 0x65,
 	0x74, 0x5f, 0x69, 0x64, 0x18, 0x06, 0x20, 0x01, 0x28, 0x04, 0x48, 0x04, 0x52, 0x08, 0x74, 0x69,
 	0x63, 0x6b, 0x65, 0x74, 0x49, 0x64, 0x88, 0x01, 0x01, 0x42, 0x0f, 0x0a, 0x0d, 0x5f, 0x61, 0x63,
 	0x63, 0x65, 0x73, 0x73, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x42, 0x10, 0x0a, 0x0e, 0x5f, 0x72,
 	0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x42, 0x0b, 0x0a, 0x09,
 	0x5f, 0x75, 0x73, 0x65, 0x72, 0x69, 0x6e, 0x66, 0x6f, 0x42, 0x0e, 0x0a, 0x0c, 0x5f, 0x70, 0x65,
 	0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x42, 0x0c, 0x0a, 0x0a, 0x5f, 0x74, 0x69,
 	0x63, 0x6b, 0x65, 0x74, 0x5f, 0x69, 0x64, 0x22, 0x50, 0x0a, 0x10, 0x43, 0x68, 0x65, 0x63, 0x6b,
 	0x50, 0x65, 0x72, 0x6d, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x14, 0x0a, 0x05, 0x74,
 	0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x74, 0x6f, 0x6b, 0x65,
 	0x6e, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03,
 	0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01,
 	0x28, 0x0c, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x22, 0x2b, 0x0a, 0x0e, 0x43, 0x68, 0x65,
 	0x63, 0x6b, 0x50, 0x65, 0x72, 0x6d, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x19, 0x0a, 0x08, 0x69,
 	0x73, 0x5f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x07, 0x69,
 	0x73, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x32, 0x7d, 0x0a, 0x04, 0x41, 0x75, 0x74, 0x68, 0x12, 0x36,
 	0x0a, 0x0c, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x12,
 	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x52, 0x65, 0x71, 0x75, 0x65,
 	0x73, 0x74, 0x1a, 0x10, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x52,
 	0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x3d, 0x0a, 0x09, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x50,
 	0x65, 0x72, 0x6d, 0x12, 0x17, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x43, 0x68, 0x65, 0x63,
 	0x6b, 0x50, 0x65, 0x72, 0x6d, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x15, 0x2e, 0x70,
 	0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x50, 0x65, 0x72, 0x6d, 0x52, 0x65,
 	0x70, 0x6c, 0x79, 0x22, 0x00, 0x42, 0x09, 0x5a, 0x07, 0x2e, 0x3b, 0x70, 0x72, 0x6f, 0x74, 0x6f,
 	0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 }
 var (
 	file_auth_proto_rawDescOnce sync.Once
 	file_auth_proto_rawDescData = file_auth_proto_rawDesc
 )
 func file_auth_proto_rawDescGZIP() []byte {
 	file_auth_proto_rawDescOnce.Do(func() {
 		file_auth_proto_rawDescData = protoimpl.X.CompressGZIP(file_auth_proto_rawDescData)
 	})
 	return file_auth_proto_rawDescData
 }
 var file_auth_proto_msgTypes = make([]protoimpl.MessageInfo, 5)
 var file_auth_proto_goTypes = []interface{}{
 	(*Userinfo)(nil),         // 0: proto.Userinfo
 	(*AuthRequest)(nil),      // 1: proto.AuthRequest
 	(*AuthReply)(nil),        // 2: proto.AuthReply
 	(*CheckPermRequest)(nil), // 3: proto.CheckPermRequest
 	(*CheckPermReply)(nil),   // 4: proto.CheckPermReply
 }
 var file_auth_proto_depIdxs = []int32{
 	0, // 0: proto.AuthReply.userinfo:type_name -> proto.Userinfo
 	1, // 1: proto.Auth.Authenticate:input_type -> proto.AuthRequest
 	3, // 2: proto.Auth.CheckPerm:input_type -> proto.CheckPermRequest
 	2, // 3: proto.Auth.Authenticate:output_type -> proto.AuthReply
 	4, // 4: proto.Auth.CheckPerm:output_type -> proto.CheckPermReply
 	3, // [3:5] is the sub-list for method output_type
 	1, // [1:3] is the sub-list for method input_type
 	1, // [1:1] is the sub-list for extension type_name
 	1, // [1:1] is the sub-list for extension extendee
 	0, // [0:1] is the sub-list for field type_name
 }
 func init() { file_auth_proto_init() }
 func file_auth_proto_init() {
 	if File_auth_proto != nil {
 		return
 	}
 	if !protoimpl.UnsafeEnabled {
 		file_auth_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
 			switch v := v.(*Userinfo); i {
 			case 0:
 				return &v.state
 			case 1:
 				return &v.sizeCache
 			case 2:
 				return &v.unknownFields
 			default:
 				return nil
 			}
 		}
 		file_auth_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
 			switch v := v.(*AuthRequest); i {
 			case 0:
 				return &v.state
 			case 1:
 				return &v.sizeCache
 			case 2:
 				return &v.unknownFields
 			default:
 				return nil
 			}
 		}
 		file_auth_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
 			switch v := v.(*AuthReply); i {
 			case 0:
 				return &v.state
 			case 1:
 				return &v.sizeCache
 			case 2:
 				return &v.unknownFields
 			default:
 				return nil
 			}
 		}
 		file_auth_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
 			switch v := v.(*CheckPermRequest); i {
 			case 0:
 				return &v.state
 			case 1:
 				return &v.sizeCache
 			case 2:
 				return &v.unknownFields
 			default:
 				return nil
 			}
 		}
 		file_auth_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
 			switch v := v.(*CheckPermReply); i {
 			case 0:
 				return &v.state
 			case 1:
 				return &v.sizeCache
 			case 2:
 				return &v.unknownFields
 			default:
 				return nil
 			}
 		}
 	}
 	file_auth_proto_msgTypes[0].OneofWrappers = []interface{}{}
 	file_auth_proto_msgTypes[1].OneofWrappers = []interface{}{}
 	file_auth_proto_msgTypes[2].OneofWrappers = []interface{}{}
 	type x struct{}
 	out := protoimpl.TypeBuilder{
 		File: protoimpl.DescBuilder{
 			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
 			RawDescriptor: file_auth_proto_rawDesc,
 			NumEnums:      0,
 			NumMessages:   5,
 			NumExtensions: 0,
 			NumServices:   1,
 		},
 		GoTypes:           file_auth_proto_goTypes,
 		DependencyIndexes: file_auth_proto_depIdxs,
 		MessageInfos:      file_auth_proto_msgTypes,
 	}.Build()
 	File_auth_proto = out.File
 	file_auth_proto_rawDesc = nil
 	file_auth_proto_goTypes = nil
 	file_auth_proto_depIdxs = nil
 }
--- a/pkg/proto/auth.proto
+++ b/pkg/proto/auth.proto
@ -1,44 +0,0 @@
 syntax = "proto3";
 option go_package = ".;proto";
 package proto;
 service Auth {
  rpc Authenticate(AuthRequest) returns (AuthReply) {}
  rpc CheckPerm(CheckPermRequest) returns (CheckPermReply) {}
 }
 message Userinfo {
  uint64 id = 1;
  string name = 2;
  string nick = 3;
  string email = 4;
  string avatar = 5;
  string banner = 6;
  optional string description = 7;
 }
 message AuthRequest {
  string access_token = 1;
  optional string refresh_token = 2;
 }
 message AuthReply {
  bool is_valid = 1;
  optional string access_token = 2;
  optional string refresh_token = 3;
  optional Userinfo userinfo = 4;
  optional bytes permissions = 5;
  optional uint64 ticket_id = 6;
 }
 message CheckPermRequest {
  string token = 1;
  string key = 2;
  bytes value = 3;
 }
 message CheckPermReply {
  bool is_valid = 1;
 }
--- a/pkg/proto/auth_grpc.pb.go
+++ b/pkg/proto/auth_grpc.pb.go
@ -1,146 +0,0 @@
 // Code generated by protoc-gen-go-grpc. DO NOT EDIT.
 // versions:
 // - protoc-gen-go-grpc v1.3.0
 // - protoc             v5.26.1
 // source: auth.proto
 package proto
 import (
 	context "context"
 	grpc "google.golang.org/grpc"
 	codes "google.golang.org/grpc/codes"
 	status "google.golang.org/grpc/status"
 )
 // This is a compile-time assertion to ensure that this generated file
 // is compatible with the grpc package it is being compiled against.
 // Requires gRPC-Go v1.32.0 or later.
 const _ = grpc.SupportPackageIsVersion7
 const (
 	Auth_Authenticate_FullMethodName = "/proto.Auth/Authenticate"
 	Auth_CheckPerm_FullMethodName    = "/proto.Auth/CheckPerm"
 )
 // AuthClient is the client API for Auth service.
 //
 // For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
 type AuthClient interface {
 	Authenticate(ctx context.Context, in *AuthRequest, opts ...grpc.CallOption) (*AuthReply, error)
 	CheckPerm(ctx context.Context, in *CheckPermRequest, opts ...grpc.CallOption) (*CheckPermReply, error)
 }
 type authClient struct {
 	cc grpc.ClientConnInterface
 }
 func NewAuthClient(cc grpc.ClientConnInterface) AuthClient {
 	return &authClient{cc}
 }
 func (c *authClient) Authenticate(ctx context.Context, in *AuthRequest, opts ...grpc.CallOption) (*AuthReply, error) {
 	out := new(AuthReply)
 	err := c.cc.Invoke(ctx, Auth_Authenticate_FullMethodName, in, out, opts...)
 	if err != nil {
 		return nil, err
 	}
 	return out, nil
 }
 func (c *authClient) CheckPerm(ctx context.Context, in *CheckPermRequest, opts ...grpc.CallOption) (*CheckPermReply, error) {
 	out := new(CheckPermReply)
 	err := c.cc.Invoke(ctx, Auth_CheckPerm_FullMethodName, in, out, opts...)
 	if err != nil {
 		return nil, err
 	}
 	return out, nil
 }
 // AuthServer is the server API for Auth service.
 // All implementations must embed UnimplementedAuthServer
 // for forward compatibility
 type AuthServer interface {
 	Authenticate(context.Context, *AuthRequest) (*AuthReply, error)
 	CheckPerm(context.Context, *CheckPermRequest) (*CheckPermReply, error)
 	mustEmbedUnimplementedAuthServer()
 }
 // UnimplementedAuthServer must be embedded to have forward compatible implementations.
 type UnimplementedAuthServer struct {
 }
 func (UnimplementedAuthServer) Authenticate(context.Context, *AuthRequest) (*AuthReply, error) {
 	return nil, status.Errorf(codes.Unimplemented, "method Authenticate not implemented")
 }
 func (UnimplementedAuthServer) CheckPerm(context.Context, *CheckPermRequest) (*CheckPermReply, error) {
 	return nil, status.Errorf(codes.Unimplemented, "method CheckPerm not implemented")
 }
 func (UnimplementedAuthServer) mustEmbedUnimplementedAuthServer() {}
 // UnsafeAuthServer may be embedded to opt out of forward compatibility for this service.
 // Use of this interface is not recommended, as added methods to AuthServer will
 // result in compilation errors.
 type UnsafeAuthServer interface {
 	mustEmbedUnimplementedAuthServer()
 }
 func RegisterAuthServer(s grpc.ServiceRegistrar, srv AuthServer) {
 	s.RegisterService(&Auth_ServiceDesc, srv)
 }
 func _Auth_Authenticate_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
 	in := new(AuthRequest)
 	if err := dec(in); err != nil {
 		return nil, err
 	}
 	if interceptor == nil {
 		return srv.(AuthServer).Authenticate(ctx, in)
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
 		FullMethod: Auth_Authenticate_FullMethodName,
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(AuthServer).Authenticate(ctx, req.(*AuthRequest))
 	}
 	return interceptor(ctx, in, info, handler)
 }
 func _Auth_CheckPerm_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
 	in := new(CheckPermRequest)
 	if err := dec(in); err != nil {
 		return nil, err
 	}
 	if interceptor == nil {
 		return srv.(AuthServer).CheckPerm(ctx, in)
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
 		FullMethod: Auth_CheckPerm_FullMethodName,
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
 		return srv.(AuthServer).CheckPerm(ctx, req.(*CheckPermRequest))
 	}
 	return interceptor(ctx, in, info, handler)
 }
 // Auth_ServiceDesc is the grpc.ServiceDesc for Auth service.
 // It's only intended for direct use with grpc.RegisterService,
 // and not to be introspected or modified (even as a copy)
 var Auth_ServiceDesc = grpc.ServiceDesc{
 	ServiceName: "proto.Auth",
 	HandlerType: (*AuthServer)(nil),
 	Methods: []grpc.MethodDesc{
 		{
 			MethodName: "Authenticate",
 			Handler:    _Auth_Authenticate_Handler,
 		},
 		{
 			MethodName: "CheckPerm",
 			Handler:    _Auth_CheckPerm_Handler,
 		},
 	},
 	Streams:  []grpc.StreamDesc{},
 	Metadata: "auth.proto",
 }
--- a/pkg/proto/friendships.pb.go
+++ b/pkg/proto/friendships.pb.go
@ -1,7 +1,7 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
-// 	protoc-gen-go v1.33.0
+// 	protoc-gen-go v1.34.2
-// 	protoc        v5.26.1
+// 	protoc        v5.27.1
 // source: friendships.proto
 package proto
@ -138,53 +138,6 @@ func (x *FriendshipTwoSideLookupRequest) GetStatus() uint32 {
 	return 0
 }
 type ListFriendshipResponse struct {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 	Data []*FriendshipResponse `protobuf:"bytes,1,rep,name=data,proto3" json:"data,omitempty"`
 }
 func (x *ListFriendshipResponse) Reset() {
 	*x = ListFriendshipResponse{}
 	if protoimpl.UnsafeEnabled {
 		mi := &file_friendships_proto_msgTypes[2]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
 }
 func (x *ListFriendshipResponse) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 func (*ListFriendshipResponse) ProtoMessage() {}
 func (x *ListFriendshipResponse) ProtoReflect() protoreflect.Message {
 	mi := &file_friendships_proto_msgTypes[2]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
 			ms.StoreMessageInfo(mi)
 		}
 		return ms
 	}
 	return mi.MessageOf(x)
 }
 // Deprecated: Use ListFriendshipResponse.ProtoReflect.Descriptor instead.
 func (*ListFriendshipResponse) Descriptor() ([]byte, []int) {
 	return file_friendships_proto_rawDescGZIP(), []int{2}
 }
 func (x *ListFriendshipResponse) GetData() []*FriendshipResponse {
 	if x != nil {
 		return x.Data
 	}
 	return nil
 }
 type FriendshipResponse struct {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
@ -198,7 +151,7 @@ type FriendshipResponse struct {
 func (x *FriendshipResponse) Reset() {
 	*x = FriendshipResponse{}
 	if protoimpl.UnsafeEnabled {
-		mi := &file_friendships_proto_msgTypes[3]
+		mi := &file_friendships_proto_msgTypes[2]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
@ -211,7 +164,7 @@ func (x *FriendshipResponse) String() string {
 func (*FriendshipResponse) ProtoMessage() {}
 func (x *FriendshipResponse) ProtoReflect() protoreflect.Message {
-	mi := &file_friendships_proto_msgTypes[3]
+	mi := &file_friendships_proto_msgTypes[2]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@ -224,7 +177,7 @@ func (x *FriendshipResponse) ProtoReflect() protoreflect.Message {
 // Deprecated: Use FriendshipResponse.ProtoReflect.Descriptor instead.
 func (*FriendshipResponse) Descriptor() ([]byte, []int) {
-	return file_friendships_proto_rawDescGZIP(), []int{3}
+	return file_friendships_proto_rawDescGZIP(), []int{2}
 }
 func (x *FriendshipResponse) GetAccountId() uint64 {
@ -248,6 +201,53 @@ func (x *FriendshipResponse) GetStatus() uint32 {
 	return 0
 }
 type ListFriendshipResponse struct {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 	Data []*FriendshipResponse `protobuf:"bytes,1,rep,name=data,proto3" json:"data,omitempty"`
 }
 func (x *ListFriendshipResponse) Reset() {
 	*x = ListFriendshipResponse{}
 	if protoimpl.UnsafeEnabled {
 		mi := &file_friendships_proto_msgTypes[3]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
 }
 func (x *ListFriendshipResponse) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 func (*ListFriendshipResponse) ProtoMessage() {}
 func (x *ListFriendshipResponse) ProtoReflect() protoreflect.Message {
 	mi := &file_friendships_proto_msgTypes[3]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
 			ms.StoreMessageInfo(mi)
 		}
 		return ms
 	}
 	return mi.MessageOf(x)
 }
 // Deprecated: Use ListFriendshipResponse.ProtoReflect.Descriptor instead.
 func (*ListFriendshipResponse) Descriptor() ([]byte, []int) {
 	return file_friendships_proto_rawDescGZIP(), []int{3}
 }
 func (x *ListFriendshipResponse) GetData() []*FriendshipResponse {
 	if x != nil {
 		return x.Data
 	}
 	return nil
 }
 var File_friendships_proto protoreflect.FileDescriptor
 var file_friendships_proto_rawDesc = []byte{
@ -265,18 +265,18 @@ var file_friendships_proto_rawDesc = []byte{
 	0x0a, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28,
 	0x04, 0x52, 0x09, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x65, 0x64, 0x49, 0x64, 0x12, 0x16, 0x0a, 0x06,
 	0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x06, 0x73, 0x74,
-	0x61, 0x74, 0x75, 0x73, 0x22, 0x47, 0x0a, 0x16, 0x4c, 0x69, 0x73, 0x74, 0x46, 0x72, 0x69, 0x65,
+	0x61, 0x74, 0x75, 0x73, 0x22, 0x6a, 0x0a, 0x12, 0x46, 0x72, 0x69, 0x65, 0x6e, 0x64, 0x73, 0x68,
-	0x6e, 0x64, 0x73, 0x68, 0x69, 0x70, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x2d,
+	0x69, 0x70, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x61, 0x63,
-	0x0a, 0x04, 0x64, 0x61, 0x74, 0x61, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x70,
+	0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x09,
-	0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x46, 0x72, 0x69, 0x65, 0x6e, 0x64, 0x73, 0x68, 0x69, 0x70, 0x52,
+	0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x49, 0x64, 0x12, 0x1d, 0x0a, 0x0a, 0x72, 0x65, 0x6c,
-	0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x52, 0x04, 0x64, 0x61, 0x74, 0x61, 0x22, 0x6a, 0x0a,
+	0x61, 0x74, 0x65, 0x64, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x09, 0x72,
-	0x12, 0x46, 0x72, 0x69, 0x65, 0x6e, 0x64, 0x73, 0x68, 0x69, 0x70, 0x52, 0x65, 0x73, 0x70, 0x6f,
+	0x65, 0x6c, 0x61, 0x74, 0x65, 0x64, 0x49, 0x64, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74,
-	0x6e, 0x73, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x69,
+	0x75, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73,
-	0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x09, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74,
+	0x22, 0x47, 0x0a, 0x16, 0x4c, 0x69, 0x73, 0x74, 0x46, 0x72, 0x69, 0x65, 0x6e, 0x64, 0x73, 0x68,
-	0x49, 0x64, 0x12, 0x1d, 0x0a, 0x0a, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x69, 0x64,
+	0x69, 0x70, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x2d, 0x0a, 0x04, 0x64, 0x61,
-	0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x09, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x65, 0x64, 0x49,
+	0x74, 0x61, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
-	0x64, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x2e, 0x46, 0x72, 0x69, 0x65, 0x6e, 0x64, 0x73, 0x68, 0x69, 0x70, 0x52, 0x65, 0x73, 0x70, 0x6f,
-	0x0d, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x32, 0xb5, 0x01, 0x0a, 0x0b, 0x46, 0x72,
+	0x6e, 0x73, 0x65, 0x52, 0x04, 0x64, 0x61, 0x74, 0x61, 0x32, 0xb5, 0x01, 0x0a, 0x0b, 0x46, 0x72,
 	0x69, 0x65, 0x6e, 0x64, 0x73, 0x68, 0x69, 0x70, 0x73, 0x12, 0x51, 0x0a, 0x0e, 0x4c, 0x69, 0x73,
 	0x74, 0x46, 0x72, 0x69, 0x65, 0x6e, 0x64, 0x73, 0x68, 0x69, 0x70, 0x12, 0x1e, 0x2e, 0x70, 0x72,
 	0x6f, 0x74, 0x6f, 0x2e, 0x46, 0x72, 0x69, 0x65, 0x6e, 0x64, 0x73, 0x68, 0x69, 0x70, 0x4c, 0x6f,
@ -305,18 +305,18 @@ func file_friendships_proto_rawDescGZIP() []byte {
 }
 var file_friendships_proto_msgTypes = make([]protoimpl.MessageInfo, 4)
-var file_friendships_proto_goTypes = []interface{}{
+var file_friendships_proto_goTypes = []any{
 	(*FriendshipLookupRequest)(nil),        // 0: proto.FriendshipLookupRequest
 	(*FriendshipTwoSideLookupRequest)(nil), // 1: proto.FriendshipTwoSideLookupRequest
-	(*ListFriendshipResponse)(nil),         // 2: proto.ListFriendshipResponse
+	(*FriendshipResponse)(nil),             // 2: proto.FriendshipResponse
-	(*FriendshipResponse)(nil),             // 3: proto.FriendshipResponse
+	(*ListFriendshipResponse)(nil),         // 3: proto.ListFriendshipResponse
 }
 var file_friendships_proto_depIdxs = []int32{
-	3, // 0: proto.ListFriendshipResponse.data:type_name -> proto.FriendshipResponse
+	2, // 0: proto.ListFriendshipResponse.data:type_name -> proto.FriendshipResponse
 	0, // 1: proto.Friendships.ListFriendship:input_type -> proto.FriendshipLookupRequest
 	1, // 2: proto.Friendships.GetFriendship:input_type -> proto.FriendshipTwoSideLookupRequest
-	2, // 3: proto.Friendships.ListFriendship:output_type -> proto.ListFriendshipResponse
+	3, // 3: proto.Friendships.ListFriendship:output_type -> proto.ListFriendshipResponse
-	3, // 4: proto.Friendships.GetFriendship:output_type -> proto.FriendshipResponse
+	2, // 4: proto.Friendships.GetFriendship:output_type -> proto.FriendshipResponse
 	3, // [3:5] is the sub-list for method output_type
 	1, // [1:3] is the sub-list for method input_type
 	1, // [1:1] is the sub-list for extension type_name
@ -330,7 +330,7 @@ func file_friendships_proto_init() {
 		return
 	}
 	if !protoimpl.UnsafeEnabled {
-		file_friendships_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+		file_friendships_proto_msgTypes[0].Exporter = func(v any, i int) any {
 			switch v := v.(*FriendshipLookupRequest); i {
 			case 0:
 				return &v.state
@ -342,7 +342,7 @@ func file_friendships_proto_init() {
 				return nil
 			}
 		}
-		file_friendships_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+		file_friendships_proto_msgTypes[1].Exporter = func(v any, i int) any {
 			switch v := v.(*FriendshipTwoSideLookupRequest); i {
 			case 0:
 				return &v.state
@ -354,8 +354,8 @@ func file_friendships_proto_init() {
 				return nil
 			}
 		}
-		file_friendships_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+		file_friendships_proto_msgTypes[2].Exporter = func(v any, i int) any {
-			switch v := v.(*ListFriendshipResponse); i {
+			switch v := v.(*FriendshipResponse); i {
 			case 0:
 				return &v.state
 			case 1:
@ -366,8 +366,8 @@ func file_friendships_proto_init() {
 				return nil
 			}
 		}
-		file_friendships_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+		file_friendships_proto_msgTypes[3].Exporter = func(v any, i int) any {
-			switch v := v.(*FriendshipResponse); i {
+			switch v := v.(*ListFriendshipResponse); i {
 			case 0:
 				return &v.state
 			case 1:
--- a/pkg/proto/friendships_grpc.pb.go
+++ b/pkg/proto/friendships_grpc.pb.go
@ -1,7 +1,7 @@
 // Code generated by protoc-gen-go-grpc. DO NOT EDIT.
 // versions:
-// - protoc-gen-go-grpc v1.3.0
+// - protoc-gen-go-grpc v1.4.0
-// - protoc             v5.26.1
+// - protoc             v5.27.1
 // source: friendships.proto
 package proto
@ -15,8 +15,8 @@ import (
 // This is a compile-time assertion to ensure that this generated file
 // is compatible with the grpc package it is being compiled against.
-// Requires gRPC-Go v1.32.0 or later.
+// Requires gRPC-Go v1.62.0 or later.
-const _ = grpc.SupportPackageIsVersion7
+const _ = grpc.SupportPackageIsVersion8
 const (
 	Friendships_ListFriendship_FullMethodName = "/proto.Friendships/ListFriendship"
@ -40,8 +40,9 @@ func NewFriendshipsClient(cc grpc.ClientConnInterface) FriendshipsClient {
 }
 func (c *friendshipsClient) ListFriendship(ctx context.Context, in *FriendshipLookupRequest, opts ...grpc.CallOption) (*ListFriendshipResponse, error) {
 	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
 	out := new(ListFriendshipResponse)
-	err := c.cc.Invoke(ctx, Friendships_ListFriendship_FullMethodName, in, out, opts...)
+	err := c.cc.Invoke(ctx, Friendships_ListFriendship_FullMethodName, in, out, cOpts...)
 	if err != nil {
 		return nil, err
 	}
@ -49,8 +50,9 @@ func (c *friendshipsClient) ListFriendship(ctx context.Context, in *FriendshipLo
 }
 func (c *friendshipsClient) GetFriendship(ctx context.Context, in *FriendshipTwoSideLookupRequest, opts ...grpc.CallOption) (*FriendshipResponse, error) {
 	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
 	out := new(FriendshipResponse)
-	err := c.cc.Invoke(ctx, Friendships_GetFriendship_FullMethodName, in, out, opts...)
+	err := c.cc.Invoke(ctx, Friendships_GetFriendship_FullMethodName, in, out, cOpts...)
 	if err != nil {
 		return nil, err
 	}
--- a/pkg/proto/notify.pb.go
+++ b/pkg/proto/notify.pb.go
@ -1,7 +1,7 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
-// 	protoc-gen-go v1.33.0
+// 	protoc-gen-go v1.34.2
-// 	protoc        v5.26.1
+// 	protoc        v5.27.1
 // source: notify.proto
 package proto
@ -293,7 +293,7 @@ func file_notify_proto_rawDescGZIP() []byte {
 }
 var file_notify_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
-var file_notify_proto_goTypes = []interface{}{
+var file_notify_proto_goTypes = []any{
 	(*NotifyLink)(nil),    // 0: proto.NotifyLink
 	(*NotifyRequest)(nil), // 1: proto.NotifyRequest
 	(*NotifyReply)(nil),   // 2: proto.NotifyReply
@ -315,7 +315,7 @@ func file_notify_proto_init() {
 		return
 	}
 	if !protoimpl.UnsafeEnabled {
-		file_notify_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+		file_notify_proto_msgTypes[0].Exporter = func(v any, i int) any {
 			switch v := v.(*NotifyLink); i {
 			case 0:
 				return &v.state
@ -327,7 +327,7 @@ func file_notify_proto_init() {
 				return nil
 			}
 		}
-		file_notify_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+		file_notify_proto_msgTypes[1].Exporter = func(v any, i int) any {
 			switch v := v.(*NotifyRequest); i {
 			case 0:
 				return &v.state
@ -339,7 +339,7 @@ func file_notify_proto_init() {
 				return nil
 			}
 		}
-		file_notify_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+		file_notify_proto_msgTypes[2].Exporter = func(v any, i int) any {
 			switch v := v.(*NotifyReply); i {
 			case 0:
 				return &v.state
--- a/pkg/proto/notify_grpc.pb.go
+++ b/pkg/proto/notify_grpc.pb.go
@ -1,7 +1,7 @@
 // Code generated by protoc-gen-go-grpc. DO NOT EDIT.
 // versions:
-// - protoc-gen-go-grpc v1.3.0
+// - protoc-gen-go-grpc v1.4.0
-// - protoc             v5.26.1
+// - protoc             v5.27.1
 // source: notify.proto
 package proto
@ -15,8 +15,8 @@ import (
 // This is a compile-time assertion to ensure that this generated file
 // is compatible with the grpc package it is being compiled against.
-// Requires gRPC-Go v1.32.0 or later.
+// Requires gRPC-Go v1.62.0 or later.
-const _ = grpc.SupportPackageIsVersion7
+const _ = grpc.SupportPackageIsVersion8
 const (
 	Notify_NotifyUser_FullMethodName = "/proto.Notify/NotifyUser"
@ -38,8 +38,9 @@ func NewNotifyClient(cc grpc.ClientConnInterface) NotifyClient {
 }
 func (c *notifyClient) NotifyUser(ctx context.Context, in *NotifyRequest, opts ...grpc.CallOption) (*NotifyReply, error) {
 	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
 	out := new(NotifyReply)
-	err := c.cc.Invoke(ctx, Notify_NotifyUser_FullMethodName, in, out, opts...)
+	err := c.cc.Invoke(ctx, Notify_NotifyUser_FullMethodName, in, out, cOpts...)
 	if err != nil {
 		return nil, err
 	}
--- a/pkg/proto/realms.pb.go
+++ b/pkg/proto/realms.pb.go
@ -1,7 +1,7 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
-// 	protoc-gen-go v1.33.0
+// 	protoc-gen-go v1.34.2
-// 	protoc        v5.26.1
+// 	protoc        v5.27.1
 // source: realms.proto
 package proto
@ -539,7 +539,7 @@ func file_realms_proto_rawDescGZIP() []byte {
 }
 var file_realms_proto_msgTypes = make([]protoimpl.MessageInfo, 7)
-var file_realms_proto_goTypes = []interface{}{
+var file_realms_proto_goTypes = []any{
 	(*RealmLookupWithUserRequest)(nil), // 0: proto.RealmLookupWithUserRequest
 	(*RealmLookupRequest)(nil),         // 1: proto.RealmLookupRequest
 	(*RealmResponse)(nil),              // 2: proto.RealmResponse
@ -577,7 +577,7 @@ func file_realms_proto_init() {
 		return
 	}
 	if !protoimpl.UnsafeEnabled {
-		file_realms_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+		file_realms_proto_msgTypes[0].Exporter = func(v any, i int) any {
 			switch v := v.(*RealmLookupWithUserRequest); i {
 			case 0:
 				return &v.state
@ -589,7 +589,7 @@ func file_realms_proto_init() {
 				return nil
 			}
 		}
-		file_realms_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
+		file_realms_proto_msgTypes[1].Exporter = func(v any, i int) any {
 			switch v := v.(*RealmLookupRequest); i {
 			case 0:
 				return &v.state
@ -601,7 +601,7 @@ func file_realms_proto_init() {
 				return nil
 			}
 		}
-		file_realms_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
+		file_realms_proto_msgTypes[2].Exporter = func(v any, i int) any {
 			switch v := v.(*RealmResponse); i {
 			case 0:
 				return &v.state
@ -613,7 +613,7 @@ func file_realms_proto_init() {
 				return nil
 			}
 		}
-		file_realms_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+		file_realms_proto_msgTypes[3].Exporter = func(v any, i int) any {
 			switch v := v.(*ListRealmResponse); i {
 			case 0:
 				return &v.state
@ -625,7 +625,7 @@ func file_realms_proto_init() {
 				return nil
 			}
 		}
-		file_realms_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
+		file_realms_proto_msgTypes[4].Exporter = func(v any, i int) any {
 			switch v := v.(*RealmMemberLookupRequest); i {
 			case 0:
 				return &v.state
@ -637,7 +637,7 @@ func file_realms_proto_init() {
 				return nil
 			}
 		}
-		file_realms_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
+		file_realms_proto_msgTypes[5].Exporter = func(v any, i int) any {
 			switch v := v.(*RealmMemberResponse); i {
 			case 0:
 				return &v.state
@ -649,7 +649,7 @@ func file_realms_proto_init() {
 				return nil
 			}
 		}
-		file_realms_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
+		file_realms_proto_msgTypes[6].Exporter = func(v any, i int) any {
 			switch v := v.(*ListRealmMemberResponse); i {
 			case 0:
 				return &v.state
@ -662,8 +662,8 @@ func file_realms_proto_init() {
 			}
 		}
 	}
-	file_realms_proto_msgTypes[1].OneofWrappers = []interface{}{}
+	file_realms_proto_msgTypes[1].OneofWrappers = []any{}
-	file_realms_proto_msgTypes[4].OneofWrappers = []interface{}{}
+	file_realms_proto_msgTypes[4].OneofWrappers = []any{}
 	type x struct{}
 	out := protoimpl.TypeBuilder{
 		File: protoimpl.DescBuilder{
--- a/pkg/proto/realms_grpc.pb.go
+++ b/pkg/proto/realms_grpc.pb.go
@ -1,7 +1,7 @@
 // Code generated by protoc-gen-go-grpc. DO NOT EDIT.
 // versions:
-// - protoc-gen-go-grpc v1.3.0
+// - protoc-gen-go-grpc v1.4.0
-// - protoc             v5.26.1
+// - protoc             v5.27.1
 // source: realms.proto
 package proto
@ -16,8 +16,8 @@ import (
 // This is a compile-time assertion to ensure that this generated file
 // is compatible with the grpc package it is being compiled against.
-// Requires gRPC-Go v1.32.0 or later.
+// Requires gRPC-Go v1.62.0 or later.
-const _ = grpc.SupportPackageIsVersion7
+const _ = grpc.SupportPackageIsVersion8
 const (
 	Realms_ListCommunityRealm_FullMethodName = "/proto.Realms/ListCommunityRealm"
@ -49,8 +49,9 @@ func NewRealmsClient(cc grpc.ClientConnInterface) RealmsClient {
 }
 func (c *realmsClient) ListCommunityRealm(ctx context.Context, in *emptypb.Empty, opts ...grpc.CallOption) (*ListRealmResponse, error) {
 	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
 	out := new(ListRealmResponse)
-	err := c.cc.Invoke(ctx, Realms_ListCommunityRealm_FullMethodName, in, out, opts...)
+	err := c.cc.Invoke(ctx, Realms_ListCommunityRealm_FullMethodName, in, out, cOpts...)
 	if err != nil {
 		return nil, err
 	}
@ -58,8 +59,9 @@ func (c *realmsClient) ListCommunityRealm(ctx context.Context, in *emptypb.Empty
 }
 func (c *realmsClient) ListAvailableRealm(ctx context.Context, in *RealmLookupWithUserRequest, opts ...grpc.CallOption) (*ListRealmResponse, error) {
 	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
 	out := new(ListRealmResponse)
-	err := c.cc.Invoke(ctx, Realms_ListAvailableRealm_FullMethodName, in, out, opts...)
+	err := c.cc.Invoke(ctx, Realms_ListAvailableRealm_FullMethodName, in, out, cOpts...)
 	if err != nil {
 		return nil, err
 	}
@ -67,8 +69,9 @@ func (c *realmsClient) ListAvailableRealm(ctx context.Context, in *RealmLookupWi
 }
 func (c *realmsClient) ListOwnedRealm(ctx context.Context, in *RealmLookupWithUserRequest, opts ...grpc.CallOption) (*ListRealmResponse, error) {
 	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
 	out := new(ListRealmResponse)
-	err := c.cc.Invoke(ctx, Realms_ListOwnedRealm_FullMethodName, in, out, opts...)
+	err := c.cc.Invoke(ctx, Realms_ListOwnedRealm_FullMethodName, in, out, cOpts...)
 	if err != nil {
 		return nil, err
 	}
@ -76,8 +79,9 @@ func (c *realmsClient) ListOwnedRealm(ctx context.Context, in *RealmLookupWithUs
 }
 func (c *realmsClient) GetRealm(ctx context.Context, in *RealmLookupRequest, opts ...grpc.CallOption) (*RealmResponse, error) {
 	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
 	out := new(RealmResponse)
-	err := c.cc.Invoke(ctx, Realms_GetRealm_FullMethodName, in, out, opts...)
+	err := c.cc.Invoke(ctx, Realms_GetRealm_FullMethodName, in, out, cOpts...)
 	if err != nil {
 		return nil, err
 	}
@ -85,8 +89,9 @@ func (c *realmsClient) GetRealm(ctx context.Context, in *RealmLookupRequest, opt
 }
 func (c *realmsClient) ListRealmMember(ctx context.Context, in *RealmMemberLookupRequest, opts ...grpc.CallOption) (*ListRealmMemberResponse, error) {
 	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
 	out := new(ListRealmMemberResponse)
-	err := c.cc.Invoke(ctx, Realms_ListRealmMember_FullMethodName, in, out, opts...)
+	err := c.cc.Invoke(ctx, Realms_ListRealmMember_FullMethodName, in, out, cOpts...)
 	if err != nil {
 		return nil, err
 	}
@ -94,8 +99,9 @@ func (c *realmsClient) ListRealmMember(ctx context.Context, in *RealmMemberLooku
 }
 func (c *realmsClient) GetRealmMember(ctx context.Context, in *RealmMemberLookupRequest, opts ...grpc.CallOption) (*RealmMemberResponse, error) {
 	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
 	out := new(RealmMemberResponse)
-	err := c.cc.Invoke(ctx, Realms_GetRealmMember_FullMethodName, in, out, opts...)
+	err := c.cc.Invoke(ctx, Realms_GetRealmMember_FullMethodName, in, out, cOpts...)
 	if err != nil {
 		return nil, err
 	}
--- a/settings.toml
+++ b/settings.toml
@ -22,8 +22,8 @@ use_registration_magic_token = false
 database = false
 print_routes = false
-[consul]
+[dealer]
-addr = "127.0.0.1:8500"
+addr = "127.0.0.1:7442"
 [mailer]
 name = "Alphabot <alphabot@smartsheep.studio>"