Merge pull request #3271 from astaxie/develop

add vendor gopkg.in/yaml.v2
2025-07-11 16:41:01 +00:00 · 2018-07-31 21:18:48 +08:00 · 2018-07-31 21:18:07 +08:00 · 2018-07-31 20:52:47 +08:00 · 2018-07-31 20:09:08 +08:00 · 2018-07-31 20:07:18 +08:00
137 changed files with 18056 additions and 679 deletions
--- a/.travis.yml
+++ b/.travis.yml
@ -1,9 +1,8 @@
 language: go

 go:
-  - 1.6.4
-  - 1.7.5
-  - 1.8.1
+  - "1.9.7"
+  - "1.10.3"
 services:
  - redis-server
  - mysql
@ -11,7 +10,6 @@ services:
  - memcached
 env:
  - ORM_DRIVER=sqlite3   ORM_SOURCE=$TRAVIS_BUILD_DIR/orm_test.db
-  - ORM_DRIVER=mysql    ORM_SOURCE="root:@/orm_test?charset=utf8"
  - ORM_DRIVER=postgres ORM_SOURCE="user=postgres dbname=orm_test sslmode=disable"
 before_install:
 - git clone git://github.com/ideawu/ssdb.git
@ -23,27 +21,31 @@ install:
  - go get github.com/go-sql-driver/mysql
  - go get github.com/mattn/go-sqlite3
  - go get github.com/bradfitz/gomemcache/memcache
-  - go get github.com/garyburd/redigo/redis
+  - go get github.com/gomodule/redigo/redis
  - go get github.com/beego/x2j
  - go get github.com/couchbase/go-couchbase
  - go get github.com/beego/goyaml2
+  - go get gopkg.in/yaml.v2
  - go get github.com/belogik/goes
  - go get github.com/siddontang/ledisdb/config
  - go get github.com/siddontang/ledisdb/ledis
  - go get github.com/ssdb/gossdb/ssdb
  - go get github.com/cloudflare/golz4
  - go get github.com/gogo/protobuf/proto
+  - go get github.com/Knetic/govaluate
+  - go get github.com/casbin/casbin
  - go get -u honnef.co/go/tools/cmd/gosimple
  - go get -u github.com/mdempsky/unconvert
  - go get -u github.com/gordonklaus/ineffassign
  - go get -u github.com/golang/lint/golint
+  - go get -u github.com/go-redis/redis
 before_script:
  - psql --version
  - sh -c "if [ '$ORM_DRIVER' = 'postgres' ]; then psql -c 'create database orm_test;' -U postgres; fi"
  - sh -c "if [ '$ORM_DRIVER' = 'mysql' ]; then mysql -u root -e 'create database orm_test;'; fi"
  - sh -c "if [ '$ORM_DRIVER' = 'sqlite' ]; then touch $TRAVIS_BUILD_DIR/orm_test.db; fi"
-  - sh -c "if [ $(go version) == *1.[5-9]* ]; then go get github.com/golang/lint/golint; golint ./...; fi"
-  - sh -c "if [ $(go version) == *1.[5-9]* ]; then go tool vet .; fi"
+  - sh -c "go get github.com/golang/lint/golint; golint ./...;"
+  - sh -c "go list ./... | grep -v vendor | xargs go vet -v"
  - mkdir -p res/var
  - ./ssdb/ssdb-server ./ssdb/ssdb.conf -d
 after_script:
@ -57,4 +59,4 @@ script:
  - find . ! \( -path './vendor' -prune \) -type f -name '*.go' -print0 | xargs -0 gofmt -l -s
  - golint ./...
 addons:
-  postgresql: "9.4"
+  postgresql: "9.6"
--- a/README.md
+++ b/README.md
@ -1,4 +1,5 @@
-# Beego [![Build Status](https://travis-ci.org/astaxie/beego.svg?branch=master)](https://travis-ci.org/astaxie/beego) [![GoDoc](http://godoc.org/github.com/astaxie/beego?status.svg)](http://godoc.org/github.com/astaxie/beego) [![Foundation](https://img.shields.io/badge/Golang-Foundation-green.svg)](http://golangfoundation.org)
+# Beego [![Build Status](https://travis-ci.org/astaxie/beego.svg?branch=master)](https://travis-ci.org/astaxie/beego) [![GoDoc](http://godoc.org/github.com/astaxie/beego?status.svg)](http://godoc.org/github.com/astaxie/beego) [![Foundation](https://img.shields.io/badge/Golang-Foundation-green.svg)](http://golangfoundation.org) [![Go Report Card](https://goreportcard.com/badge/github.com/astaxie/beego)](https://goreportcard.com/report/github.com/astaxie/beego)
+

 beego is used for rapid development of RESTful APIs, web apps and backend services in Go.
 It is inspired by Tornado, Sinatra and Flask. beego has some Go-specific features such as interfaces and struct embedding.
--- a/admin.go
+++ b/admin.go
@ -37,7 +37,7 @@ var beeAdminApp *adminApp
 // FilterMonitorFunc is default monitor filter when admin module is enable.
 // if this func returns, admin module records qbs for this request by condition of this function logic.
 // usage:
-// 	func MyFilterMonitor(method, requestPath string, t time.Duration) bool {
+// 	func MyFilterMonitor(method, requestPath string, t time.Duration, pattern string, statusCode int) bool {
 //	 	if method == "POST" {
 //			return false
 //	 	}
@ -50,7 +50,7 @@ var beeAdminApp *adminApp
 //	 	return true
 // 	}
 // 	beego.FilterMonitorFunc = MyFilterMonitor.
-var FilterMonitorFunc func(string, string, time.Duration) bool
+var FilterMonitorFunc func(string, string, time.Duration, string, int) bool

 func init() {
 	beeAdminApp = &adminApp{
@ -62,7 +62,7 @@ func init() {
 	beeAdminApp.Route("/healthcheck", healthcheck)
 	beeAdminApp.Route("/task", taskStatus)
 	beeAdminApp.Route("/listconf", listConf)
-	FilterMonitorFunc = func(string, string, time.Duration) bool { return true }
+	FilterMonitorFunc = func(string, string, time.Duration, string, int) bool { return true }
 }

 // AdminIndex is the default http.Handler for admin module.
@ -76,6 +76,18 @@ func adminIndex(rw http.ResponseWriter, r *http.Request) {
 func qpsIndex(rw http.ResponseWriter, r *http.Request) {
 	data := make(map[interface{}]interface{})
 	data["Content"] = toolbox.StatisticsMap.GetMap()
+
+	// do html escape before display path, avoid xss
+	if content, ok := (data["Content"]).(map[string]interface{}); ok {
+		if resultLists, ok := (content["Data"]).([][]string); ok {
+			for i := range resultLists {
+				if len(resultLists[i]) > 0 {
+					resultLists[i][0] = template.HTMLEscapeString(resultLists[i][0])
+				}
+			}
+		}
+	}
+
 	execTpl(rw, data, qpsTpl, defaultScriptsTpl)
 }

--- a/admin_test.go
+++ b/admin_test.go
@ -67,6 +67,8 @@ func oldMap() map[string]interface{} {
 	m["BConfig.WebConfig.Session.SessionDomain"] = BConfig.WebConfig.Session.SessionDomain
 	m["BConfig.WebConfig.Session.SessionDisableHTTPOnly"] = BConfig.WebConfig.Session.SessionDisableHTTPOnly
 	m["BConfig.Log.AccessLogs"] = BConfig.Log.AccessLogs
+	m["BConfig.Log.EnableStaticLogs"] = BConfig.Log.EnableStaticLogs
+	m["BConfig.Log.AccessLogsFormat"] = BConfig.Log.AccessLogsFormat
 	m["BConfig.Log.FileLineNum"] = BConfig.Log.FileLineNum
 	m["BConfig.Log.Outputs"] = BConfig.Log.Outputs
 	return m
--- a/app.go
+++ b/app.go
@ -15,17 +15,22 @@
 package beego

 import (
+	"crypto/tls"
+	"crypto/x509"
 	"fmt"
+	"io/ioutil"
 	"net"
 	"net/http"
 	"net/http/fcgi"
 	"os"
 	"path"
+	"strings"
 	"time"

 	"github.com/astaxie/beego/grace"
 	"github.com/astaxie/beego/logs"
 	"github.com/astaxie/beego/utils"
+	"golang.org/x/crypto/acme/autocert"
 )

 var (
@ -51,8 +56,11 @@ func NewApp() *App {
 	return app
 }

+// MiddleWare function for http.Handler
+type MiddleWare func(http.Handler) http.Handler
+
 // Run beego application.
-func (app *App) Run() {
+func (app *App) Run(mws ...MiddleWare) {
 	addr := BConfig.Listen.HTTPAddr

 	if BConfig.Listen.HTTPPort != 0 {
@ -94,6 +102,12 @@ func (app *App) Run() {
 	}

 	app.Server.Handler = app.Handlers
+	for i := len(mws) - 1; i >= 0; i-- {
+		if mws[i] == nil {
+			continue
+		}
+		app.Server.Handler = mws[i](app.Server.Handler)
+	}
 	app.Server.ReadTimeout = time.Duration(BConfig.Listen.ServerTimeOut) * time.Second
 	app.Server.WriteTimeout = time.Duration(BConfig.Listen.ServerTimeOut) * time.Second
 	app.Server.ErrorLog = logs.GetLogger("HTTP")
@ -102,9 +116,9 @@ func (app *App) Run() {
 	if BConfig.Listen.Graceful {
 		httpsAddr := BConfig.Listen.HTTPSAddr
 		app.Server.Addr = httpsAddr
-		if BConfig.Listen.EnableHTTPS {
+		if BConfig.Listen.EnableHTTPS || BConfig.Listen.EnableMutualHTTPS {
 			go func() {
-				time.Sleep(20 * time.Microsecond)
+				time.Sleep(1000 * time.Microsecond)
 				if BConfig.Listen.HTTPSPort != 0 {
 					httpsAddr = fmt.Sprintf("%s:%d", BConfig.Listen.HTTPSAddr, BConfig.Listen.HTTPSPort)
 					app.Server.Addr = httpsAddr
@ -112,10 +126,27 @@ func (app *App) Run() {
 				server := grace.NewServer(httpsAddr, app.Handlers)
 				server.Server.ReadTimeout = app.Server.ReadTimeout
 				server.Server.WriteTimeout = app.Server.WriteTimeout
-				if err := server.ListenAndServeTLS(BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile); err != nil {
-					logs.Critical("ListenAndServeTLS: ", err, fmt.Sprintf("%d", os.Getpid()))
-					time.Sleep(100 * time.Microsecond)
-					endRunning <- true
+				if BConfig.Listen.EnableMutualHTTPS {
+					if err := server.ListenAndServeMutualTLS(BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile, BConfig.Listen.TrustCaFile); err != nil {
+						logs.Critical("ListenAndServeTLS: ", err, fmt.Sprintf("%d", os.Getpid()))
+						time.Sleep(100 * time.Microsecond)
+						endRunning <- true
+					}
+				} else {
+					if BConfig.Listen.AutoTLS {
+						m := autocert.Manager{
+							Prompt:     autocert.AcceptTOS,
+							HostPolicy: autocert.HostWhitelist(BConfig.Listen.Domains...),
+							Cache:      autocert.DirCache(BConfig.Listen.TLSCacheDir),
+						}
+						app.Server.TLSConfig = &tls.Config{GetCertificate: m.GetCertificate}
+						BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile = "", ""
+					}
+					if err := server.ListenAndServeTLS(BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile); err != nil {
+						logs.Critical("ListenAndServeTLS: ", err, fmt.Sprintf("%d", os.Getpid()))
+						time.Sleep(100 * time.Microsecond)
+						endRunning <- true
+					}
 				}
 			}()
 		}
@ -139,22 +170,44 @@ func (app *App) Run() {
 	}

 	// run normal mode
-	if BConfig.Listen.EnableHTTPS {
+	if BConfig.Listen.EnableHTTPS || BConfig.Listen.EnableMutualHTTPS {
 		go func() {
-			time.Sleep(20 * time.Microsecond)
+			time.Sleep(1000 * time.Microsecond)
 			if BConfig.Listen.HTTPSPort != 0 {
 				app.Server.Addr = fmt.Sprintf("%s:%d", BConfig.Listen.HTTPSAddr, BConfig.Listen.HTTPSPort)
 			} else if BConfig.Listen.EnableHTTP {
-				BeeLogger.Info("Start https server error, confict with http.Please reset https port")
+				BeeLogger.Info("Start https server error, conflict with http. Please reset https port")
 				return
 			}
 			logs.Info("https server Running on https://%s", app.Server.Addr)
+			if BConfig.Listen.AutoTLS {
+				m := autocert.Manager{
+					Prompt:     autocert.AcceptTOS,
+					HostPolicy: autocert.HostWhitelist(BConfig.Listen.Domains...),
+					Cache:      autocert.DirCache(BConfig.Listen.TLSCacheDir),
+				}
+				app.Server.TLSConfig = &tls.Config{GetCertificate: m.GetCertificate}
+				BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile = "", ""
+			} else if BConfig.Listen.EnableMutualHTTPS {
+				pool := x509.NewCertPool()
+				data, err := ioutil.ReadFile(BConfig.Listen.TrustCaFile)
+				if err != nil {
+					BeeLogger.Info("MutualHTTPS should provide TrustCaFile")
+					return
+				}
+				pool.AppendCertsFromPEM(data)
+				app.Server.TLSConfig = &tls.Config{
+					ClientCAs:  pool,
+					ClientAuth: tls.RequireAndVerifyClientCert,
+				}
+			}
 			if err := app.Server.ListenAndServeTLS(BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile); err != nil {
 				logs.Critical("ListenAndServeTLS: ", err)
 				time.Sleep(100 * time.Microsecond)
 				endRunning <- true
 			}
 		}()
+
 	}
 	if BConfig.Listen.EnableHTTP {
 		go func() {
@ -207,6 +260,84 @@ func Router(rootpath string, c ControllerInterface, mappingMethods ...string) *A
 	return BeeApp
 }

+// UnregisterFixedRoute unregisters the route with the specified fixedRoute. It is particularly useful
+// in web applications that inherit most routes from a base webapp via the underscore
+// import, and aim to overwrite only certain paths.
+// The method parameter can be empty or "*" for all HTTP methods, or a particular
+// method type (e.g. "GET" or "POST") for selective removal.
+//
+// Usage (replace "GET" with "*" for all methods):
+//  beego.UnregisterFixedRoute("/yourpreviouspath", "GET")
+//  beego.Router("/yourpreviouspath", yourControllerAddress, "get:GetNewPage")
+func UnregisterFixedRoute(fixedRoute string, method string) *App {
+	subPaths := splitPath(fixedRoute)
+	if method == "" || method == "*" {
+		for m := range HTTPMETHOD {
+			if _, ok := BeeApp.Handlers.routers[m]; !ok {
+				continue
+			}
+			if BeeApp.Handlers.routers[m].prefix == strings.Trim(fixedRoute, "/ ") {
+				findAndRemoveSingleTree(BeeApp.Handlers.routers[m])
+				continue
+			}
+			findAndRemoveTree(subPaths, BeeApp.Handlers.routers[m], m)
+		}
+		return BeeApp
+	}
+	// Single HTTP method
+	um := strings.ToUpper(method)
+	if _, ok := BeeApp.Handlers.routers[um]; ok {
+		if BeeApp.Handlers.routers[um].prefix == strings.Trim(fixedRoute, "/ ") {
+			findAndRemoveSingleTree(BeeApp.Handlers.routers[um])
+			return BeeApp
+		}
+		findAndRemoveTree(subPaths, BeeApp.Handlers.routers[um], um)
+	}
+	return BeeApp
+}
+
+func findAndRemoveTree(paths []string, entryPointTree *Tree, method string) {
+	for i := range entryPointTree.fixrouters {
+		if entryPointTree.fixrouters[i].prefix == paths[0] {
+			if len(paths) == 1 {
+				if len(entryPointTree.fixrouters[i].fixrouters) > 0 {
+					// If the route had children subtrees, remove just the functional leaf,
+					// to allow children to function as before
+					if len(entryPointTree.fixrouters[i].leaves) > 0 {
+						entryPointTree.fixrouters[i].leaves[0] = nil
+						entryPointTree.fixrouters[i].leaves = entryPointTree.fixrouters[i].leaves[1:]
+					}
+				} else {
+					// Remove the *Tree from the fixrouters slice
+					entryPointTree.fixrouters[i] = nil
+
+					if i == len(entryPointTree.fixrouters)-1 {
+						entryPointTree.fixrouters = entryPointTree.fixrouters[:i]
+					} else {
+						entryPointTree.fixrouters = append(entryPointTree.fixrouters[:i], entryPointTree.fixrouters[i+1:len(entryPointTree.fixrouters)]...)
+					}
+				}
+				return
+			}
+			findAndRemoveTree(paths[1:], entryPointTree.fixrouters[i], method)
+		}
+	}
+}
+
+func findAndRemoveSingleTree(entryPointTree *Tree) {
+	if entryPointTree == nil {
+		return
+	}
+	if len(entryPointTree.fixrouters) > 0 {
+		// If the route had children subtrees, remove just the functional leaf,
+		// to allow children to function as before
+		if len(entryPointTree.leaves) > 0 {
+			entryPointTree.leaves[0] = nil
+			entryPointTree.leaves = entryPointTree.leaves[1:]
+		}
+	}
+}
+
 // Include will generate router file in the router/xxx.go from the controller's comments
 // usage:
 // beego.Include(&BankAccount{}, &OrderController{},&RefundController{},&ReceiptController{})
--- a/beego.go
+++ b/beego.go
@ -23,7 +23,7 @@ import (

 const (
 	// VERSION represent beego web framework version.
-	VERSION = "1.8.2"
+	VERSION = "1.10.1"

 	// DEV is for develop
 	DEV = "dev"
@ -40,9 +40,9 @@ var (

 // AddAPPStartHook is used to register the hookfunc
 // The hookfuncs will run in beego.Run()
-// such as sessionInit, middlerware start, buildtemplate, admin start
-func AddAPPStartHook(hf hookfunc) {
-	hooks = append(hooks, hf)
+// such as initiating session , starting middleware , building template, starting admin control and so on.
+func AddAPPStartHook(hf ...hookfunc) {
+	hooks = append(hooks, hf...)
 }

 // Run beego application.
@ -62,19 +62,39 @@ func Run(params ...string) {
 		if len(strs) > 1 && strs[1] != "" {
 			BConfig.Listen.HTTPPort, _ = strconv.Atoi(strs[1])
 		}
+
+		BConfig.Listen.Domains = params
 	}

 	BeeApp.Run()
 }

+// RunWithMiddleWares Run beego application with middlewares.
+func RunWithMiddleWares(addr string, mws ...MiddleWare) {
+	initBeforeHTTPRun()
+
+	strs := strings.Split(addr, ":")
+	if len(strs) > 0 && strs[0] != "" {
+		BConfig.Listen.HTTPAddr = strs[0]
+		BConfig.Listen.Domains = []string{strs[0]}
+	}
+	if len(strs) > 1 && strs[1] != "" {
+		BConfig.Listen.HTTPPort, _ = strconv.Atoi(strs[1])
+	}
+
+	BeeApp.Run(mws...)
+}
+
 func initBeforeHTTPRun() {
 	//init hooks
-	AddAPPStartHook(registerMime)
-	AddAPPStartHook(registerDefaultErrorHandler)
-	AddAPPStartHook(registerSession)
-	AddAPPStartHook(registerTemplate)
-	AddAPPStartHook(registerAdmin)
-	AddAPPStartHook(registerGzip)
+	AddAPPStartHook(
+		registerMime,
+		registerDefaultErrorHandler,
+		registerSession,
+		registerTemplate,
+		registerAdmin,
+		registerGzip,
+	)

 	for _, hk := range hooks {
 		if err := hk(); err != nil {
--- a/cache/README.md
+++ b/cache/README.md
@ -52,7 +52,7 @@ Configure like this:

 ## Redis adapter

-Redis adapter use the [redigo](http://github.com/garyburd/redigo) client.
+Redis adapter use the [redigo](http://github.com/gomodule/redigo) client.

 Configure like this:

--- a/cache/cache.go
+++ b/cache/cache.go
@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.

-// Package cache provide a Cache interface and some implemetn engine
+// Package cache provide a Cache interface and some implement engine
 // Usage:
 //
 // import(
--- a/cache/conv.go
+++ b/cache/conv.go
@ -28,7 +28,7 @@ func GetString(v interface{}) string {
 		return string(result)
 	default:
 		if v != nil {
-			return fmt.Sprintf("%v", result)
+			return fmt.Sprint(result)
 		}
 	}
 	return ""
--- a/cache/memory.go
+++ b/cache/memory.go
@ -217,26 +217,31 @@ func (bc *MemoryCache) vaccuum() {
 		if bc.items == nil {
 			return
 		}
-		for name := range bc.items {
-			bc.itemExpired(name)
+		if keys := bc.expiredKeys(); len(keys) != 0 {
+			bc.clearItems(keys)
 		}
 	}
 }

-// itemExpired returns true if an item is expired.
-func (bc *MemoryCache) itemExpired(name string) bool {
+// expiredKeys returns key list which are expired.
+func (bc *MemoryCache) expiredKeys() (keys []string) {
+	bc.RLock()
+	defer bc.RUnlock()
+	for key, itm := range bc.items {
+		if itm.isExpire() {
+			keys = append(keys, key)
+		}
+	}
+	return
+}
+
+// clearItems removes all the items which key in keys.
+func (bc *MemoryCache) clearItems(keys []string) {
 	bc.Lock()
 	defer bc.Unlock()
-
-	itm, ok := bc.items[name]
-	if !ok {
-		return true
+	for _, key := range keys {
+		delete(bc.items, key)
 	}
-	if itm.isExpire() {
-		delete(bc.items, name)
-		return true
-	}
-	return false
 }

 func init() {
--- a/cache/redis/redis.go
+++ b/cache/redis/redis.go
@ -14,9 +14,9 @@

 // Package redis for cache provider
 //
-// depend on github.com/garyburd/redigo/redis
+// depend on github.com/gomodule/redigo/redis
 //
-// go install github.com/garyburd/redigo/redis
+// go install github.com/gomodule/redigo/redis
 //
 // Usage:
 // import(
@ -32,10 +32,11 @@ package redis
 import (
 	"encoding/json"
 	"errors"
+	"fmt"
 	"strconv"
 	"time"

-	"github.com/garyburd/redigo/redis"
+	"github.com/gomodule/redigo/redis"

 	"github.com/astaxie/beego/cache"
 )
@ -52,6 +53,7 @@ type Cache struct {
 	dbNum    int
 	key      string
 	password string
+	maxIdle  int
 }

 // NewRedisCache create new redis cache with default collection name.
@ -59,14 +61,23 @@ func NewRedisCache() cache.Cache {
 	return &Cache{key: DefaultKey}
 }

-// actually do the redis cmds
+// actually do the redis cmds, args[0] must be the key name.
 func (rc *Cache) do(commandName string, args ...interface{}) (reply interface{}, err error) {
+	if len(args) < 1 {
+		return nil, errors.New("missing required arguments")
+	}
+	args[0] = rc.associate(args[0])
 	c := rc.p.Get()
 	defer c.Close()

 	return c.Do(commandName, args...)
 }

+// associate with config key.
+func (rc *Cache) associate(originKey interface{}) string {
+	return fmt.Sprintf("%s:%s", rc.key, originKey)
+}
+
 // Get cache from redis.
 func (rc *Cache) Get(key string) interface{} {
 	if v, err := rc.do("GET", key); err == nil {
@ -77,57 +88,28 @@ func (rc *Cache) Get(key string) interface{} {

 // GetMulti get cache from redis.
 func (rc *Cache) GetMulti(keys []string) []interface{} {
-	size := len(keys)
-	var rv []interface{}
 	c := rc.p.Get()
 	defer c.Close()
-	var err error
+	var args []interface{}
 	for _, key := range keys {
-		err = c.Send("GET", key)
-		if err != nil {
-			goto ERROR
-		}
+		args = append(args, rc.associate(key))
 	}
-	if err = c.Flush(); err != nil {
-		goto ERROR
+	values, err := redis.Values(c.Do("MGET", args...))
+	if err != nil {
+		return nil
 	}
-	for i := 0; i < size; i++ {
-		if v, err := c.Receive(); err == nil {
-			rv = append(rv, v.([]byte))
-		} else {
-			rv = append(rv, err)
-		}
-	}
-	return rv
-ERROR:
-	rv = rv[0:0]
-	for i := 0; i < size; i++ {
-		rv = append(rv, nil)
-	}
-
-	return rv
+	return values
 }

 // Put put cache to redis.
 func (rc *Cache) Put(key string, val interface{}, timeout time.Duration) error {
-	var err error
-	if _, err = rc.do("SETEX", key, int64(timeout/time.Second), val); err != nil {
-		return err
-	}
-
-	if _, err = rc.do("HSET", rc.key, key, true); err != nil {
-		return err
-	}
+	_, err := rc.do("SETEX", key, int64(timeout/time.Second), val)
 	return err
 }

 // Delete delete cache in redis.
 func (rc *Cache) Delete(key string) error {
-	var err error
-	if _, err = rc.do("DEL", key); err != nil {
-		return err
-	}
-	_, err = rc.do("HDEL", rc.key, key)
+	_, err := rc.do("DEL", key)
 	return err
 }

@ -137,11 +119,6 @@ func (rc *Cache) IsExist(key string) bool {
 	if err != nil {
 		return false
 	}
-	if !v {
-		if _, err = rc.do("HDEL", rc.key, key); err != nil {
-			return false
-		}
-	}
 	return v
 }

@ -159,16 +136,17 @@ func (rc *Cache) Decr(key string) error {

 // ClearAll clean all cache in redis. delete this redis collection.
 func (rc *Cache) ClearAll() error {
-	cachedKeys, err := redis.Strings(rc.do("HKEYS", rc.key))
+	c := rc.p.Get()
+	defer c.Close()
+	cachedKeys, err := redis.Strings(c.Do("KEYS", rc.key+":*"))
 	if err != nil {
 		return err
 	}
 	for _, str := range cachedKeys {
-		if _, err = rc.do("DEL", str); err != nil {
+		if _, err = c.Do("DEL", str); err != nil {
 			return err
 		}
 	}
-	_, err = rc.do("DEL", rc.key)
 	return err
 }

@ -192,10 +170,14 @@ func (rc *Cache) StartAndGC(config string) error {
 	if _, ok := cf["password"]; !ok {
 		cf["password"] = ""
 	}
+	if _, ok := cf["maxIdle"]; !ok {
+		cf["maxIdle"] = "3"
+	}
 	rc.key = cf["key"]
 	rc.conninfo = cf["conn"]
 	rc.dbNum, _ = strconv.Atoi(cf["dbNum"])
 	rc.password = cf["password"]
+	rc.maxIdle, _ = strconv.Atoi(cf["maxIdle"])

 	rc.connectInit()

@ -229,7 +211,7 @@ func (rc *Cache) connectInit() {
 	}
 	// initialize a new pool
 	rc.p = &redis.Pool{
-		MaxIdle:     3,
+		MaxIdle:     rc.maxIdle,
 		IdleTimeout: 180 * time.Second,
 		Dial:        dialFunc,
 	}
--- a/cache/redis/redis_test.go
+++ b/cache/redis/redis_test.go
@ -19,7 +19,7 @@ import (
 	"time"

 	"github.com/astaxie/beego/cache"
-	"github.com/garyburd/redigo/redis"
+	"github.com/gomodule/redigo/redis"
 )

 func TestRedisCache(t *testing.T) {
--- a/config.go
+++ b/config.go
@ -49,22 +49,27 @@ type Config struct {

 // Listen holds for http and https related config
 type Listen struct {
-	Graceful      bool // Graceful means use graceful module to start the server
-	ServerTimeOut int64
-	ListenTCP4    bool
-	EnableHTTP    bool
-	HTTPAddr      string
-	HTTPPort      int
-	EnableHTTPS   bool
-	HTTPSAddr     string
-	HTTPSPort     int
-	HTTPSCertFile string
-	HTTPSKeyFile  string
-	EnableAdmin   bool
-	AdminAddr     string
-	AdminPort     int
-	EnableFcgi    bool
-	EnableStdIo   bool // EnableStdIo works with EnableFcgi Use FCGI via standard I/O
+	Graceful          bool // Graceful means use graceful module to start the server
+	ServerTimeOut     int64
+	ListenTCP4        bool
+	EnableHTTP        bool
+	HTTPAddr          string
+	HTTPPort          int
+	AutoTLS           bool
+	Domains           []string
+	TLSCacheDir       string
+	EnableHTTPS       bool
+	EnableMutualHTTPS bool
+	HTTPSAddr         string
+	HTTPSPort         int
+	HTTPSCertFile     string
+	HTTPSKeyFile      string
+	TrustCaFile       string
+	EnableAdmin       bool
+	AdminAddr         string
+	AdminPort         int
+	EnableFcgi        bool
+	EnableStdIo       bool // EnableStdIo works with EnableFcgi Use FCGI via standard I/O
 }

 // WebConfig holds web related config
@ -96,16 +101,18 @@ type SessionConfig struct {
 	SessionAutoSetCookie         bool
 	SessionDomain                string
 	SessionDisableHTTPOnly       bool // used to allow for cross domain cookies/javascript cookies.
-	SessionEnableSidInHTTPHeader bool //	enable store/get the sessionId into/from http headers
+	SessionEnableSidInHTTPHeader bool // enable store/get the sessionId into/from http headers
 	SessionNameInHTTPHeader      string
-	SessionEnableSidInURLQuery   bool //	enable get the sessionId from Url Query params
+	SessionEnableSidInURLQuery   bool // enable get the sessionId from Url Query params
 }

 // LogConfig holds Log related config
 type LogConfig struct {
-	AccessLogs  bool
-	FileLineNum bool
-	Outputs     map[string]string // Store Adaptor : config
+	AccessLogs       bool
+	EnableStaticLogs bool   //log static files requests default: false
+	AccessLogsFormat string //access log format: JSON_FORMAT, APACHE_FORMAT or empty string
+	FileLineNum      bool
+	Outputs          map[string]string // Store Adaptor : config
 }

 var (
@ -134,9 +141,13 @@ func init() {
 	if err != nil {
 		panic(err)
 	}
-	appConfigPath = filepath.Join(workPath, "conf", "app.conf")
+	var filename = "app.conf"
+	if os.Getenv("BEEGO_RUNMODE") != "" {
+		filename = os.Getenv("BEEGO_RUNMODE") + ".app.conf"
+	}
+	appConfigPath = filepath.Join(workPath, "conf", filename)
 	if !utils.FileExists(appConfigPath) {
-		appConfigPath = filepath.Join(AppPath, "conf", "app.conf")
+		appConfigPath = filepath.Join(AppPath, "conf", filename)
 		if !utils.FileExists(appConfigPath) {
 			AppConfig = &beegoAppConfig{innerConfig: config.NewFakeConfig()}
 			return
@ -175,13 +186,18 @@ func recoverPanic(ctx *context.Context) {
 		if BConfig.RunMode == DEV && BConfig.EnableErrorsRender {
 			showErr(err, ctx, stack)
 		}
+		if ctx.Output.Status != 0 {
+			ctx.ResponseWriter.WriteHeader(ctx.Output.Status)
+		} else {
+			ctx.ResponseWriter.WriteHeader(500)
+		}
 	}
 }

 func newBConfig() *Config {
 	return &Config{
 		AppName:             "beego",
-		RunMode:             DEV,
+		RunMode:             PROD,
 		RouterCaseSensitive: true,
 		ServerName:          "beegoServer:" + VERSION,
 		RecoverPanic:        true,
@ -196,6 +212,9 @@ func newBConfig() *Config {
 			ServerTimeOut: 0,
 			ListenTCP4:    false,
 			EnableHTTP:    true,
+			AutoTLS:       false,
+			Domains:       []string{},
+			TLSCacheDir:   ".",
 			HTTPAddr:      "",
 			HTTPPort:      8080,
 			EnableHTTPS:   false,
@ -233,15 +252,17 @@ func newBConfig() *Config {
 				SessionCookieLifeTime:        0, //set cookie default is the browser life
 				SessionAutoSetCookie:         true,
 				SessionDomain:                "",
-				SessionEnableSidInHTTPHeader: false, //	enable store/get the sessionId into/from http headers
+				SessionEnableSidInHTTPHeader: false, // enable store/get the sessionId into/from http headers
 				SessionNameInHTTPHeader:      "Beegosessionid",
-				SessionEnableSidInURLQuery:   false, //	enable get the sessionId from Url Query params
+				SessionEnableSidInURLQuery:   false, // enable get the sessionId from Url Query params
 			},
 		},
 		Log: LogConfig{
-			AccessLogs:  false,
-			FileLineNum: true,
-			Outputs:     map[string]string{"console": ""},
+			AccessLogs:       false,
+			EnableStaticLogs: false,
+			AccessLogsFormat: "APACHE_FORMAT",
+			FileLineNum:      true,
+			Outputs:          map[string]string{"console": ""},
 		},
 	}
 }
--- a/config/config.go
+++ b/config/config.go
@ -150,12 +150,12 @@ func ExpandValueEnv(value string) (realValue string) {
 	}

 	key := ""
-	defalutV := ""
+	defaultV := ""
 	// value start with "${"
 	for i := 2; i < vLen; i++ {
 		if value[i] == '|' && (i+1 < vLen && value[i+1] == '|') {
 			key = value[2:i]
-			defalutV = value[i+2 : vLen-1] // other string is default value.
+			defaultV = value[i+2 : vLen-1] // other string is default value.
 			break
 		} else if value[i] == '}' {
 			key = value[2:i]
@ -165,7 +165,7 @@ func ExpandValueEnv(value string) (realValue string) {

 	realValue = os.Getenv(key)
 	if realValue == "" {
-		realValue = defalutV
+		realValue = defaultV
 	}

 	return
@ -189,16 +189,16 @@ func ParseBool(val interface{}) (value bool, err error) {
 				return false, nil
 			}
 		case int8, int32, int64:
-			strV := fmt.Sprintf("%s", v)
+			strV := fmt.Sprintf("%d", v)
 			if strV == "1" {
 				return true, nil
 			} else if strV == "0" {
 				return false, nil
 			}
 		case float64:
-			if v == 1 {
+			if v == 1.0 {
 				return true, nil
-			} else if v == 0 {
+			} else if v == 0.0 {
 				return false, nil
 			}
 		}
--- a/config/fake.go
+++ b/config/fake.go
@ -126,7 +126,7 @@ func (c *fakeConfigContainer) SaveConfigFile(filename string) error {

 var _ Configer = new(fakeConfigContainer)

-// NewFakeConfig return a fake Congiger
+// NewFakeConfig return a fake Configer
 func NewFakeConfig() Configer {
 	return &fakeConfigContainer{
 		data: make(map[string]string),
--- a/config/ini.go
+++ b/config/ini.go
@ -215,7 +215,7 @@ func (c *IniConfigContainer) Bool(key string) (bool, error) {
 }

 // DefaultBool returns the boolean value for a given key.
-// if err != nil return defaltval
+// if err != nil return defaultval
 func (c *IniConfigContainer) DefaultBool(key string, defaultval bool) bool {
 	v, err := c.Bool(key)
 	if err != nil {
@ -230,7 +230,7 @@ func (c *IniConfigContainer) Int(key string) (int, error) {
 }

 // DefaultInt returns the integer value for a given key.
-// if err != nil return defaltval
+// if err != nil return defaultval
 func (c *IniConfigContainer) DefaultInt(key string, defaultval int) int {
 	v, err := c.Int(key)
 	if err != nil {
@ -245,7 +245,7 @@ func (c *IniConfigContainer) Int64(key string) (int64, error) {
 }

 // DefaultInt64 returns the int64 value for a given key.
-// if err != nil return defaltval
+// if err != nil return defaultval
 func (c *IniConfigContainer) DefaultInt64(key string, defaultval int64) int64 {
 	v, err := c.Int64(key)
 	if err != nil {
@ -260,7 +260,7 @@ func (c *IniConfigContainer) Float(key string) (float64, error) {
 }

 // DefaultFloat returns the float64 value for a given key.
-// if err != nil return defaltval
+// if err != nil return defaultval
 func (c *IniConfigContainer) DefaultFloat(key string, defaultval float64) float64 {
 	v, err := c.Float(key)
 	if err != nil {
@ -275,7 +275,7 @@ func (c *IniConfigContainer) String(key string) string {
 }

 // DefaultString returns the string value for a given key.
-// if err != nil return defaltval
+// if err != nil return defaultval
 func (c *IniConfigContainer) DefaultString(key string, defaultval string) string {
 	v := c.String(key)
 	if v == "" {
@ -295,7 +295,7 @@ func (c *IniConfigContainer) Strings(key string) []string {
 }

 // DefaultStrings returns the []string value for a given key.
-// if err != nil return defaltval
+// if err != nil return defaultval
 func (c *IniConfigContainer) DefaultStrings(key string, defaultval []string) []string {
 	v := c.Strings(key)
 	if v == nil {
@ -314,7 +314,7 @@ func (c *IniConfigContainer) GetSection(section string) (map[string]string, erro

 // SaveConfigFile save the config into file.
 //
-// BUG(env): The environment variable config item will be saved with real value in SaveConfigFile Funcation.
+// BUG(env): The environment variable config item will be saved with real value in SaveConfigFile Function.
 func (c *IniConfigContainer) SaveConfigFile(filename string) (err error) {
 	// Write configuration file by filename.
 	f, err := os.Create(filename)
--- a/config/json.go
+++ b/config/json.go
@ -101,7 +101,7 @@ func (c *JSONConfigContainer) Int(key string) (int, error) {
 }

 // DefaultInt returns the integer value for a given key.
-// if err != nil return defaltval
+// if err != nil return defaultval
 func (c *JSONConfigContainer) DefaultInt(key string, defaultval int) int {
 	if v, err := c.Int(key); err == nil {
 		return v
@ -122,7 +122,7 @@ func (c *JSONConfigContainer) Int64(key string) (int64, error) {
 }

 // DefaultInt64 returns the int64 value for a given key.
-// if err != nil return defaltval
+// if err != nil return defaultval
 func (c *JSONConfigContainer) DefaultInt64(key string, defaultval int64) int64 {
 	if v, err := c.Int64(key); err == nil {
 		return v
@ -143,7 +143,7 @@ func (c *JSONConfigContainer) Float(key string) (float64, error) {
 }

 // DefaultFloat returns the float64 value for a given key.
-// if err != nil return defaltval
+// if err != nil return defaultval
 func (c *JSONConfigContainer) DefaultFloat(key string, defaultval float64) float64 {
 	if v, err := c.Float(key); err == nil {
 		return v
@ -163,7 +163,7 @@ func (c *JSONConfigContainer) String(key string) string {
 }

 // DefaultString returns the string value for a given key.
-// if err != nil return defaltval
+// if err != nil return defaultval
 func (c *JSONConfigContainer) DefaultString(key string, defaultval string) string {
 	// TODO FIXME should not use "" to replace non existence
 	if v := c.String(key); v != "" {
@ -182,7 +182,7 @@ func (c *JSONConfigContainer) Strings(key string) []string {
 }

 // DefaultStrings returns the []string value for a given key.
-// if err != nil return defaltval
+// if err != nil return defaultval
 func (c *JSONConfigContainer) DefaultStrings(key string, defaultval []string) []string {
 	if v := c.Strings(key); v != nil {
 		return v
--- a/config/json_test.go
+++ b/config/json_test.go
@ -216,7 +216,7 @@ func TestJson(t *testing.T) {
 		t.Error("unknown keys should return an error when expecting a Bool")
 	}

-	if !jsonconf.DefaultBool("unknow", true) {
+	if !jsonconf.DefaultBool("unknown", true) {
 		t.Error("unknown keys with default value wrong")
 	}
 }
--- a/config/xml/xml.go
+++ b/config/xml/xml.go
@ -102,7 +102,7 @@ func (c *ConfigContainer) Int(key string) (int, error) {
 }

 // DefaultInt returns the integer value for a given key.
-// if err != nil return defaltval
+// if err != nil return defaultval
 func (c *ConfigContainer) DefaultInt(key string, defaultval int) int {
 	v, err := c.Int(key)
 	if err != nil {
@ -117,7 +117,7 @@ func (c *ConfigContainer) Int64(key string) (int64, error) {
 }

 // DefaultInt64 returns the int64 value for a given key.
-// if err != nil return defaltval
+// if err != nil return defaultval
 func (c *ConfigContainer) DefaultInt64(key string, defaultval int64) int64 {
 	v, err := c.Int64(key)
 	if err != nil {
@ -133,7 +133,7 @@ func (c *ConfigContainer) Float(key string) (float64, error) {
 }

 // DefaultFloat returns the float64 value for a given key.
-// if err != nil return defaltval
+// if err != nil return defaultval
 func (c *ConfigContainer) DefaultFloat(key string, defaultval float64) float64 {
 	v, err := c.Float(key)
 	if err != nil {
@ -151,7 +151,7 @@ func (c *ConfigContainer) String(key string) string {
 }

 // DefaultString returns the string value for a given key.
-// if err != nil return defaltval
+// if err != nil return defaultval
 func (c *ConfigContainer) DefaultString(key string, defaultval string) string {
 	v := c.String(key)
 	if v == "" {
@ -170,7 +170,7 @@ func (c *ConfigContainer) Strings(key string) []string {
 }

 // DefaultStrings returns the []string value for a given key.
-// if err != nil return defaltval
+// if err != nil return defaultval
 func (c *ConfigContainer) DefaultStrings(key string, defaultval []string) []string {
 	v := c.Strings(key)
 	if v == nil {
--- a/config/yaml/yaml.go
+++ b/config/yaml/yaml.go
@ -119,7 +119,7 @@ func parseYML(buf []byte) (cnf map[string]interface{}, err error) {
 // ConfigContainer A Config represents the yaml configuration.
 type ConfigContainer struct {
 	data map[string]interface{}
-	sync.Mutex
+	sync.RWMutex
 }

 // Bool returns the boolean value for a given key.
@ -154,7 +154,7 @@ func (c *ConfigContainer) Int(key string) (int, error) {
 }

 // DefaultInt returns the integer value for a given key.
-// if err != nil return defaltval
+// if err != nil return defaultval
 func (c *ConfigContainer) DefaultInt(key string, defaultval int) int {
 	v, err := c.Int(key)
 	if err != nil {
@ -174,7 +174,7 @@ func (c *ConfigContainer) Int64(key string) (int64, error) {
 }

 // DefaultInt64 returns the int64 value for a given key.
-// if err != nil return defaltval
+// if err != nil return defaultval
 func (c *ConfigContainer) DefaultInt64(key string, defaultval int64) int64 {
 	v, err := c.Int64(key)
 	if err != nil {
@ -198,7 +198,7 @@ func (c *ConfigContainer) Float(key string) (float64, error) {
 }

 // DefaultFloat returns the float64 value for a given key.
-// if err != nil return defaltval
+// if err != nil return defaultval
 func (c *ConfigContainer) DefaultFloat(key string, defaultval float64) float64 {
 	v, err := c.Float(key)
 	if err != nil {
@ -218,7 +218,7 @@ func (c *ConfigContainer) String(key string) string {
 }

 // DefaultString returns the string value for a given key.
-// if err != nil return defaltval
+// if err != nil return defaultval
 func (c *ConfigContainer) DefaultString(key string, defaultval string) string {
 	v := c.String(key)
 	if v == "" {
@ -237,7 +237,7 @@ func (c *ConfigContainer) Strings(key string) []string {
 }

 // DefaultStrings returns the []string value for a given key.
-// if err != nil return defaltval
+// if err != nil return defaultval
 func (c *ConfigContainer) DefaultStrings(key string, defaultval []string) []string {
 	v := c.Strings(key)
 	if v == nil {
@ -285,9 +285,28 @@ func (c *ConfigContainer) getData(key string) (interface{}, error) {
 	if len(key) == 0 {
 		return nil, errors.New("key is empty")
 	}
+	c.RLock()
+	defer c.RUnlock()

-	if v, ok := c.data[key]; ok {
-		return v, nil
+	keys := strings.Split(key, ".")
+	tmpData := c.data
+	for idx, k := range keys {
+		if v, ok := tmpData[k]; ok {
+			switch v.(type) {
+			case map[string]interface{}:
+				{
+					tmpData = v.(map[string]interface{})
+					if idx == len(keys) - 1 {
+						return tmpData, nil
+					}
+				}
+			default:
+				{
+					return v, nil
+				}
+
+			}
+		}
 	}
 	return nil, fmt.Errorf("not exist key %q", key)
 }
--- a/config_test.go
+++ b/config_test.go
@ -75,7 +75,7 @@ func TestAssignConfig_02(t *testing.T) {

 	jcf := &config.JSONConfig{}
 	bs, _ = json.Marshal(configMap)
-	ac, _ := jcf.ParseData([]byte(bs))
+	ac, _ := jcf.ParseData(bs)

 	for _, i := range []interface{}{_BConfig, &_BConfig.Listen, &_BConfig.WebConfig, &_BConfig.Log, &_BConfig.WebConfig.Session} {
 		assignSingleConfig(i, ac)
--- a/context/context.go
+++ b/context/context.go
@ -171,6 +171,22 @@ func (ctx *Context) CheckXSRFCookie() bool {
 	return true
 }

+// RenderMethodResult renders the return value of a controller method to the output
+func (ctx *Context) RenderMethodResult(result interface{}) {
+	if result != nil {
+		renderer, ok := result.(Renderer)
+		if !ok {
+			err, ok := result.(error)
+			if ok {
+				renderer = errorRenderer(err)
+			} else {
+				renderer = jsonRenderer(result)
+			}
+		}
+		renderer.Render(ctx)
+	}
+}
+
 //Response is a wrapper for the http.ResponseWriter
 //started set to true if response was written to then don't execute other handler
 type Response struct {
--- a/context/input.go
+++ b/context/input.go
@ -16,9 +16,12 @@ package context

 import (
 	"bytes"
+	"compress/gzip"
 	"errors"
 	"io"
 	"io/ioutil"
+	"net"
+	"net/http"
 	"net/url"
 	"reflect"
 	"regexp"
@ -34,6 +37,7 @@ var (
 	acceptsHTMLRegex = regexp.MustCompile(`(text/html|application/xhtml\+xml)(?:,|$)`)
 	acceptsXMLRegex  = regexp.MustCompile(`(application/xml|text/xml)(?:,|$)`)
 	acceptsJSONRegex = regexp.MustCompile(`(application/json)(?:,|$)`)
+	acceptsYAMLRegex = regexp.MustCompile(`(application/x-yaml)(?:,|$)`)
 	maxParam         = 50
 )

@ -113,9 +117,8 @@ func (input *BeegoInput) Domain() string {
 // if no host info in request, return localhost.
 func (input *BeegoInput) Host() string {
 	if input.Context.Request.Host != "" {
-		hostParts := strings.Split(input.Context.Request.Host, ":")
-		if len(hostParts) > 0 {
-			return hostParts[0]
+		if hostPart, _, err := net.SplitHostPort(input.Context.Request.Host); err == nil {
+			return hostPart
 		}
 		return input.Context.Request.Host
 	}
@ -201,23 +204,27 @@ func (input *BeegoInput) AcceptsXML() bool {
 func (input *BeegoInput) AcceptsJSON() bool {
 	return acceptsJSONRegex.MatchString(input.Header("Accept"))
 }
+// AcceptsYAML Checks if request accepts json response
+func (input *BeegoInput) AcceptsYAML() bool {
+	return acceptsYAMLRegex.MatchString(input.Header("Accept"))
+}

 // IP returns request client ip.
 // if in proxy, return first proxy id.
-// if error, return 127.0.0.1.
+// if error, return RemoteAddr.
 func (input *BeegoInput) IP() string {
 	ips := input.Proxy()
 	if len(ips) > 0 && ips[0] != "" {
-		rip := strings.Split(ips[0], ":")
-		return rip[0]
-	}
-	ip := strings.Split(input.Context.Request.RemoteAddr, ":")
-	if len(ip) > 0 {
-		if ip[0] != "[" {
-			return ip[0]
+		rip, _, err := net.SplitHostPort(ips[0])
+		if err != nil {
+			rip = ips[0]
 		}
+		return rip
 	}
-	return "127.0.0.1"
+	if ip, _, err := net.SplitHostPort(input.Context.Request.RemoteAddr); err == nil {
+		return ip
+	}
+	return input.Context.Request.RemoteAddr
 }

 // Proxy returns proxy client ips slice.
@ -251,9 +258,8 @@ func (input *BeegoInput) SubDomains() string {
 // Port returns request client port.
 // when error or empty, return 80.
 func (input *BeegoInput) Port() int {
-	parts := strings.Split(input.Context.Request.Host, ":")
-	if len(parts) == 2 {
-		port, _ := strconv.Atoi(parts[1])
+	if _, portPart, err := net.SplitHostPort(input.Context.Request.Host); err == nil {
+		port, _ := strconv.Atoi(portPart)
 		return port
 	}
 	return 80
@ -349,11 +355,22 @@ func (input *BeegoInput) CopyBody(MaxMemory int64) []byte {
 	if input.Context.Request.Body == nil {
 		return []byte{}
 	}
+
+	var requestbody []byte
 	safe := &io.LimitedReader{R: input.Context.Request.Body, N: MaxMemory}
-	requestbody, _ := ioutil.ReadAll(safe)
+	if input.Header("Content-Encoding") == "gzip" {
+		reader, err := gzip.NewReader(safe)
+		if err != nil {
+			return nil
+		}
+		requestbody, _ = ioutil.ReadAll(reader)
+	} else {
+		requestbody, _ = ioutil.ReadAll(safe)
+	}
+
 	input.Context.Request.Body.Close()
 	bf := bytes.NewBuffer(requestbody)
-	input.Context.Request.Body = ioutil.NopCloser(bf)
+	input.Context.Request.Body = http.MaxBytesReader(input.Context.ResponseWriter, ioutil.NopCloser(bf), MaxMemory)
 	input.RequestBody = requestbody
 	return requestbody
 }
--- a/context/output.go
+++ b/context/output.go
@ -30,6 +30,7 @@ import (
 	"strconv"
 	"strings"
 	"time"
+	"gopkg.in/yaml.v2"
 )

 // BeegoOutput does work for sending response header.
@ -168,9 +169,22 @@ func sanitizeValue(v string) string {
 	return cookieValueSanitizer.Replace(v)
 }

+func jsonRenderer(value interface{}) Renderer {
+	return rendererFunc(func(ctx *Context) {
+		ctx.Output.JSON(value, false, false)
+	})
+}
+
+func errorRenderer(err error) Renderer {
+	return rendererFunc(func(ctx *Context) {
+		ctx.Output.SetStatus(500)
+		ctx.Output.Body([]byte(err.Error()))
+	})
+}
+
 // JSON writes json to response body.
-// if coding is true, it converts utf-8 to \u0000 type.
-func (output *BeegoOutput) JSON(data interface{}, hasIndent bool, coding bool) error {
+// if encoding is true, it converts utf-8 to \u0000 type.
+func (output *BeegoOutput) JSON(data interface{}, hasIndent bool, encoding bool) error {
 	output.Header("Content-Type", "application/json; charset=utf-8")
 	var content []byte
 	var err error
@ -183,12 +197,26 @@ func (output *BeegoOutput) JSON(data interface{}, hasIndent bool, coding bool) e
 		http.Error(output.Context.ResponseWriter, err.Error(), http.StatusInternalServerError)
 		return err
 	}
-	if coding {
+	if encoding {
 		content = []byte(stringsToJSON(string(content)))
 	}
 	return output.Body(content)
 }

+
+// YAML writes yaml to response body.
+func (output *BeegoOutput) YAML(data interface{}) error {
+	output.Header("Content-Type", "application/application/x-yaml; charset=utf-8")
+	var content []byte
+	var err error
+	content, err = yaml.Marshal(data)
+	if err != nil {
+		http.Error(output.Context.ResponseWriter, err.Error(), http.StatusInternalServerError)
+		return err
+	}
+	return output.Body(content)
+}
+
 // JSONP writes jsonp to response body.
 func (output *BeegoOutput) JSONP(data interface{}, hasIndent bool) error {
 	output.Header("Content-Type", "application/javascript; charset=utf-8")
@ -247,7 +275,7 @@ func (output *BeegoOutput) Download(file string, filename ...string) {
 	} else {
 		fName = filepath.Base(file)
 	}
-	output.Header("Content-Disposition", "attachment; filename="+url.QueryEscape(fName))
+	output.Header("Content-Disposition", "attachment; filename="+url.PathEscape(fName))
 	output.Header("Content-Description", "File Transfer")
 	output.Header("Content-Type", "application/octet-stream")
 	output.Header("Content-Transfer-Encoding", "binary")
@ -312,13 +340,13 @@ func (output *BeegoOutput) IsForbidden() bool {
 }

 // IsNotFound returns boolean of this request is not found.
-// HTTP 404 means forbidden.
+// HTTP 404 means not found.
 func (output *BeegoOutput) IsNotFound() bool {
 	return output.Status == 404
 }

 // IsClientError returns boolean of this request client sends error data.
-// HTTP 4xx means forbidden.
+// HTTP 4xx means client error.
 func (output *BeegoOutput) IsClientError() bool {
 	return output.Status >= 400 && output.Status < 500
 }
@ -330,14 +358,18 @@ func (output *BeegoOutput) IsServerError() bool {
 }

 func stringsToJSON(str string) string {
-	rs := []rune(str)
 	var jsons bytes.Buffer
-	for _, r := range rs {
+	for _, r := range str {
 		rint := int(r)
 		if rint < 128 {
 			jsons.WriteRune(r)
 		} else {
 			jsons.WriteString("\\u")
+			if rint < 0x100 {
+				jsons.WriteString("00")
+			} else if rint < 0x1000 {
+				jsons.WriteString("0")
+			}
 			jsons.WriteString(strconv.FormatInt(int64(rint), 16))
 		}
 	}
--- a/context/param/conv.go
+++ b/context/param/conv.go
@ -0,0 +1,78 @@
+package param
+
+import (
+	"fmt"
+	"reflect"
+
+	beecontext "github.com/astaxie/beego/context"
+	"github.com/astaxie/beego/logs"
+)
+
+// ConvertParams converts http method params to values that will be passed to the method controller as arguments
+func ConvertParams(methodParams []*MethodParam, methodType reflect.Type, ctx *beecontext.Context) (result []reflect.Value) {
+	result = make([]reflect.Value, 0, len(methodParams))
+	for i := 0; i < len(methodParams); i++ {
+		reflectValue := convertParam(methodParams[i], methodType.In(i), ctx)
+		result = append(result, reflectValue)
+	}
+	return
+}
+
+func convertParam(param *MethodParam, paramType reflect.Type, ctx *beecontext.Context) (result reflect.Value) {
+	paramValue := getParamValue(param, ctx)
+	if paramValue == "" {
+		if param.required {
+			ctx.Abort(400, fmt.Sprintf("Missing parameter %s", param.name))
+		} else {
+			paramValue = param.defaultValue
+		}
+	}
+
+	reflectValue, err := parseValue(param, paramValue, paramType)
+	if err != nil {
+		logs.Debug(fmt.Sprintf("Error converting param %s to type %s. Value: %v, Error: %s", param.name, paramType, paramValue, err))
+		ctx.Abort(400, fmt.Sprintf("Invalid parameter %s. Can not convert %v to type %s", param.name, paramValue, paramType))
+	}
+
+	return reflectValue
+}
+
+func getParamValue(param *MethodParam, ctx *beecontext.Context) string {
+	switch param.in {
+	case body:
+		return string(ctx.Input.RequestBody)
+	case header:
+		return ctx.Input.Header(param.name)
+	case path:
+		return ctx.Input.Query(":" + param.name)
+	default:
+		return ctx.Input.Query(param.name)
+	}
+}
+
+func parseValue(param *MethodParam, paramValue string, paramType reflect.Type) (result reflect.Value, err error) {
+	if paramValue == "" {
+		return reflect.Zero(paramType), nil
+	}
+	parser := getParser(param, paramType)
+	value, err := parser.parse(paramValue, paramType)
+	if err != nil {
+		return result, err
+	}
+
+	return safeConvert(reflect.ValueOf(value), paramType)
+}
+
+func safeConvert(value reflect.Value, t reflect.Type) (result reflect.Value, err error) {
+	defer func() {
+		if r := recover(); r != nil {
+			var ok bool
+			err, ok = r.(error)
+			if !ok {
+				err = fmt.Errorf("%v", r)
+			}
+		}
+	}()
+	result = value.Convert(t)
+	return
+}
--- a/context/param/methodparams.go
+++ b/context/param/methodparams.go
@ -0,0 +1,69 @@
+package param
+
+import (
+	"fmt"
+	"strings"
+)
+
+//MethodParam keeps param information to be auto passed to controller methods
+type MethodParam struct {
+	name         string
+	in           paramType
+	required     bool
+	defaultValue string
+}
+
+type paramType byte
+
+const (
+	param paramType = iota
+	path
+	body
+	header
+)
+
+//New creates a new MethodParam with name and specific options
+func New(name string, opts ...MethodParamOption) *MethodParam {
+	return newParam(name, nil, opts)
+}
+
+func newParam(name string, parser paramParser, opts []MethodParamOption) (param *MethodParam) {
+	param = &MethodParam{name: name}
+	for _, option := range opts {
+		option(param)
+	}
+	return
+}
+
+//Make creates an array of MethodParmas or an empty array
+func Make(list ...*MethodParam) []*MethodParam {
+	if len(list) > 0 {
+		return list
+	}
+	return nil
+}
+
+func (mp *MethodParam) String() string {
+	options := []string{}
+	result := "param.New(\"" + mp.name + "\""
+	if mp.required {
+		options = append(options, "param.IsRequired")
+	}
+	switch mp.in {
+	case path:
+		options = append(options, "param.InPath")
+	case body:
+		options = append(options, "param.InBody")
+	case header:
+		options = append(options, "param.InHeader")
+	}
+	if mp.defaultValue != "" {
+		options = append(options, fmt.Sprintf(`param.Default("%s")`, mp.defaultValue))
+	}
+	if len(options) > 0 {
+		result += ", "
+	}
+	result += strings.Join(options, ", ")
+	result += ")"
+	return result
+}
--- a/context/param/options.go
+++ b/context/param/options.go
@ -0,0 +1,37 @@
+package param
+
+import (
+	"fmt"
+)
+
+// MethodParamOption defines a func which apply options on a MethodParam
+type MethodParamOption func(*MethodParam)
+
+// IsRequired indicates that this param is required and can not be omitted from the http request
+var IsRequired MethodParamOption = func(p *MethodParam) {
+	p.required = true
+}
+
+// InHeader indicates that this param is passed via an http header
+var InHeader MethodParamOption = func(p *MethodParam) {
+	p.in = header
+}
+
+// InPath indicates that this param is part of the URL path
+var InPath MethodParamOption = func(p *MethodParam) {
+	p.in = path
+}
+
+// InBody indicates that this param is passed as an http request body
+var InBody MethodParamOption = func(p *MethodParam) {
+	p.in = body
+}
+
+// Default provides a default value for the http param
+func Default(defaultValue interface{}) MethodParamOption {
+	return func(p *MethodParam) {
+		if defaultValue != nil {
+			p.defaultValue = fmt.Sprint(defaultValue)
+		}
+	}
+}
--- a/context/param/parsers.go
+++ b/context/param/parsers.go
@ -0,0 +1,149 @@
+package param
+
+import (
+	"encoding/json"
+	"reflect"
+	"strconv"
+	"strings"
+	"time"
+)
+
+type paramParser interface {
+	parse(value string, toType reflect.Type) (interface{}, error)
+}
+
+func getParser(param *MethodParam, t reflect.Type) paramParser {
+	switch t.Kind() {
+	case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64,
+		reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64:
+		return intParser{}
+	case reflect.Slice:
+		if t.Elem().Kind() == reflect.Uint8 { //treat []byte as string
+			return stringParser{}
+		}
+		if param.in == body {
+			return jsonParser{}
+		}
+		elemParser := getParser(param, t.Elem())
+		if elemParser == (jsonParser{}) {
+			return elemParser
+		}
+		return sliceParser(elemParser)
+	case reflect.Bool:
+		return boolParser{}
+	case reflect.String:
+		return stringParser{}
+	case reflect.Float32, reflect.Float64:
+		return floatParser{}
+	case reflect.Ptr:
+		elemParser := getParser(param, t.Elem())
+		if elemParser == (jsonParser{}) {
+			return elemParser
+		}
+		return ptrParser(elemParser)
+	default:
+		if t.PkgPath() == "time" && t.Name() == "Time" {
+			return timeParser{}
+		}
+		return jsonParser{}
+	}
+}
+
+type parserFunc func(value string, toType reflect.Type) (interface{}, error)
+
+func (f parserFunc) parse(value string, toType reflect.Type) (interface{}, error) {
+	return f(value, toType)
+}
+
+type boolParser struct {
+}
+
+func (p boolParser) parse(value string, toType reflect.Type) (interface{}, error) {
+	return strconv.ParseBool(value)
+}
+
+type stringParser struct {
+}
+
+func (p stringParser) parse(value string, toType reflect.Type) (interface{}, error) {
+	return value, nil
+}
+
+type intParser struct {
+}
+
+func (p intParser) parse(value string, toType reflect.Type) (interface{}, error) {
+	return strconv.Atoi(value)
+}
+
+type floatParser struct {
+}
+
+func (p floatParser) parse(value string, toType reflect.Type) (interface{}, error) {
+	if toType.Kind() == reflect.Float32 {
+		res, err := strconv.ParseFloat(value, 32)
+		if err != nil {
+			return nil, err
+		}
+		return float32(res), nil
+	}
+	return strconv.ParseFloat(value, 64)
+}
+
+type timeParser struct {
+}
+
+func (p timeParser) parse(value string, toType reflect.Type) (result interface{}, err error) {
+	result, err = time.Parse(time.RFC3339, value)
+	if err != nil {
+		result, err = time.Parse("2006-01-02", value)
+	}
+	return
+}
+
+type jsonParser struct {
+}
+
+func (p jsonParser) parse(value string, toType reflect.Type) (interface{}, error) {
+	pResult := reflect.New(toType)
+	v := pResult.Interface()
+	err := json.Unmarshal([]byte(value), v)
+	if err != nil {
+		return nil, err
+	}
+	return pResult.Elem().Interface(), nil
+}
+
+func sliceParser(elemParser paramParser) paramParser {
+	return parserFunc(func(value string, toType reflect.Type) (interface{}, error) {
+		values := strings.Split(value, ",")
+		result := reflect.MakeSlice(toType, 0, len(values))
+		elemType := toType.Elem()
+		for _, v := range values {
+			parsedValue, err := elemParser.parse(v, elemType)
+			if err != nil {
+				return nil, err
+			}
+			result = reflect.Append(result, reflect.ValueOf(parsedValue))
+		}
+		return result.Interface(), nil
+	})
+}
+
+func ptrParser(elemParser paramParser) paramParser {
+	return parserFunc(func(value string, toType reflect.Type) (interface{}, error) {
+		parsedValue, err := elemParser.parse(value, toType.Elem())
+		if err != nil {
+			return nil, err
+		}
+		newValPtr := reflect.New(toType.Elem())
+		newVal := reflect.Indirect(newValPtr)
+		convertedVal, err := safeConvert(reflect.ValueOf(parsedValue), toType.Elem())
+		if err != nil {
+			return nil, err
+		}
+
+		newVal.Set(convertedVal)
+		return newValPtr.Interface(), nil
+	})
+}
--- a/context/param/parsers_test.go
+++ b/context/param/parsers_test.go
@ -0,0 +1,84 @@
+package param
+
+import "testing"
+import "reflect"
+import "time"
+
+type testDefinition struct {
+	strValue       string
+	expectedValue  interface{}
+	expectedParser paramParser
+}
+
+func Test_Parsers(t *testing.T) {
+
+	//ints
+	checkParser(testDefinition{"1", 1, intParser{}}, t)
+	checkParser(testDefinition{"-1", int64(-1), intParser{}}, t)
+	checkParser(testDefinition{"1", uint64(1), intParser{}}, t)
+
+	//floats
+	checkParser(testDefinition{"1.0", float32(1.0), floatParser{}}, t)
+	checkParser(testDefinition{"-1.0", float64(-1.0), floatParser{}}, t)
+
+	//strings
+	checkParser(testDefinition{"AB", "AB", stringParser{}}, t)
+	checkParser(testDefinition{"AB", []byte{65, 66}, stringParser{}}, t)
+
+	//bools
+	checkParser(testDefinition{"true", true, boolParser{}}, t)
+	checkParser(testDefinition{"0", false, boolParser{}}, t)
+
+	//timeParser
+	checkParser(testDefinition{"2017-05-30T13:54:53Z", time.Date(2017, 5, 30, 13, 54, 53, 0, time.UTC), timeParser{}}, t)
+	checkParser(testDefinition{"2017-05-30", time.Date(2017, 5, 30, 0, 0, 0, 0, time.UTC), timeParser{}}, t)
+
+	//json
+	checkParser(testDefinition{`{"X": 5, "Y":"Z"}`, struct {
+		X int
+		Y string
+	}{5, "Z"}, jsonParser{}}, t)
+
+	//slice in query is parsed as comma delimited
+	checkParser(testDefinition{`1,2`, []int{1, 2}, sliceParser(intParser{})}, t)
+
+	//slice in body is parsed as json
+	checkParser(testDefinition{`["a","b"]`, []string{"a", "b"}, jsonParser{}}, t, MethodParam{in: body})
+
+	//pointers
+	var someInt = 1
+	checkParser(testDefinition{`1`, &someInt, ptrParser(intParser{})}, t)
+
+	var someStruct = struct{ X int }{5}
+	checkParser(testDefinition{`{"X": 5}`, &someStruct, jsonParser{}}, t)
+
+}
+
+func checkParser(def testDefinition, t *testing.T, methodParam ...MethodParam) {
+	toType := reflect.TypeOf(def.expectedValue)
+	var mp MethodParam
+	if len(methodParam) == 0 {
+		mp = MethodParam{}
+	} else {
+		mp = methodParam[0]
+	}
+	parser := getParser(&mp, toType)
+
+	if reflect.TypeOf(parser) != reflect.TypeOf(def.expectedParser) {
+		t.Errorf("Invalid parser for value %v. Expected: %v, actual: %v", def.strValue, reflect.TypeOf(def.expectedParser).Name(), reflect.TypeOf(parser).Name())
+		return
+	}
+	result, err := parser.parse(def.strValue, toType)
+	if err != nil {
+		t.Errorf("Parsing error for value %v. Expected result: %v, error: %v", def.strValue, def.expectedValue, err)
+		return
+	}
+	convResult, err := safeConvert(reflect.ValueOf(result), toType)
+	if err != nil {
+		t.Errorf("Conversion error for %v. from value: %v, toType: %v, error: %v", def.strValue, result, toType, err)
+		return
+	}
+	if !reflect.DeepEqual(convResult.Interface(), def.expectedValue) {
+		t.Errorf("Parsing error for value %v. Expected result: %v, actual: %v", def.strValue, def.expectedValue, result)
+	}
+}
--- a/context/renderer.go
+++ b/context/renderer.go
@ -0,0 +1,12 @@
+package context
+
+// Renderer defines an http response renderer
+type Renderer interface {
+	Render(ctx *Context)
+}
+
+type rendererFunc func(ctx *Context)
+
+func (f rendererFunc) Render(ctx *Context) {
+	f(ctx)
+}
--- a/context/response.go
+++ b/context/response.go
@ -0,0 +1,27 @@
+package context
+
+import (
+	"strconv"
+
+	"net/http"
+)
+
+const (
+	//BadRequest indicates http error 400
+	BadRequest StatusCode = http.StatusBadRequest
+
+	//NotFound indicates http error 404
+	NotFound StatusCode = http.StatusNotFound
+)
+
+// StatusCode sets the http response status code
+type StatusCode int
+
+func (s StatusCode) Error() string {
+	return strconv.Itoa(int(s))
+}
+
+// Render sets the http status code
+func (s StatusCode) Render(ctx *Context) {
+	ctx.Output.SetStatus(int(s))
+}
--- a/controller.go
+++ b/controller.go
@ -28,6 +28,7 @@ import (
 	"strings"

 	"github.com/astaxie/beego/context"
+	"github.com/astaxie/beego/context/param"
 	"github.com/astaxie/beego/session"
 )

@ -35,6 +36,7 @@ import (
 const (
 	applicationJSON = "application/json"
 	applicationXML  = "application/xml"
+	applicationYAML = "application/x-yaml"
 	textXML         = "text/xml"
 )

@ -51,8 +53,16 @@ type ControllerComments struct {
 	Router           string
 	AllowHTTPMethods []string
 	Params           []map[string]string
+	MethodParams     []*param.MethodParam
 }

+// ControllerCommentsSlice implements the sort interface
+type ControllerCommentsSlice []ControllerComments
+
+func (p ControllerCommentsSlice) Len() int           { return len(p) }
+func (p ControllerCommentsSlice) Less(i, j int) bool { return p[i].Router < p[j].Router }
+func (p ControllerCommentsSlice) Swap(i, j int)      { p[i], p[j] = p[j], p[i] }
+
 // Controller defines some basic http request handler operations, such as
 // http context, template and view, session and xsrf.
 type Controller struct {
@ -263,7 +273,22 @@ func (c *Controller) viewPath() string {

 // Redirect sends the redirection response to url with status code.
 func (c *Controller) Redirect(url string, code int) {
+	logAccess(c.Ctx, nil, code)
 	c.Ctx.Redirect(code, url)
+	panic(ErrAbort)
+}
+
+// Set the data depending on the accepted
+func (c *Controller) SetData(data interface{}) {
+	accept := c.Ctx.Input.Header("Accept")
+	switch accept {
+	case applicationJSON:
+		c.Data["json"] = data
+	case applicationXML, textXML:
+		c.Data["xml"] = data
+	default:
+		c.Data["json"] = data
+	}
 }

 // Abort stops controller handler and show the error data if code is defined in ErrorMap or code string.
@ -338,6 +363,11 @@ func (c *Controller) ServeXML() {
 	c.Ctx.Output.XML(c.Data["xml"], hasIndent)
 }

+// ServeXML sends xml response.
+func (c *Controller) ServeYAML() {
+	c.Ctx.Output.YAML(c.Data["yaml"])
+}
+
 // ServeFormatted serve Xml OR Json, depending on the value of the Accept header
 func (c *Controller) ServeFormatted() {
 	accept := c.Ctx.Input.Header("Accept")
@ -346,6 +376,8 @@ func (c *Controller) ServeFormatted() {
 		c.ServeJSON()
 	case applicationXML, textXML:
 		c.ServeXML()
+	case applicationYAML:
+		c.ServeYAML()
 	default:
 		c.ServeJSON()
 	}
--- a/error.go
+++ b/error.go
@ -28,7 +28,7 @@ import (
 )

 const (
-	errorTypeHandler = iota
+	errorTypeHandler    = iota
 	errorTypeController
 )

@ -93,11 +93,6 @@ func showErr(err interface{}, ctx *context.Context, stack string) {
 		"BeegoVersion":  VERSION,
 		"GoVersion":     runtime.Version(),
 	}
-	if ctx.Output.Status != 0 {
-		ctx.ResponseWriter.WriteHeader(ctx.Output.Status)
-	} else {
-		ctx.ResponseWriter.WriteHeader(500)
-	}
 	t.Execute(ctx.ResponseWriter, data)
 }

@ -252,6 +247,30 @@ func forbidden(rw http.ResponseWriter, r *http.Request) {
 	)
 }

+// show 422 missing xsrf token
+func missingxsrf(rw http.ResponseWriter, r *http.Request) {
+	responseError(rw, r,
+		422,
+		"<br>The page you have requested is forbidden."+
+			"<br>Perhaps you are here because:"+
+			"<br><br><ul>"+
+			"<br>'_xsrf' argument missing from POST"+
+			"</ul>",
+	)
+}
+
+// show 417 invalid xsrf token
+func invalidxsrf(rw http.ResponseWriter, r *http.Request) {
+	responseError(rw, r,
+		417,
+		"<br>The page you have requested is forbidden."+
+			"<br>Perhaps you are here because:"+
+			"<br><br><ul>"+
+			"<br>expected XSRF not found"+
+			"</ul>",
+	)
+}
+
 // show 404 not found error.
 func notFound(rw http.ResponseWriter, r *http.Request) {
 	responseError(rw, r,
@ -415,6 +434,9 @@ func exception(errCode string, ctx *context.Context) {
 }

 func executeError(err *errorInfo, ctx *context.Context, code int) {
+	//make sure to log the error in the access log
+	logAccess(ctx, nil, code)
+
 	if err.errorType == errorTypeHandler {
 		ctx.ResponseWriter.WriteHeader(code)
 		err.handler(ctx.ResponseWriter, ctx.Request)
--- a/error_test.go
+++ b/error_test.go
@ -52,7 +52,7 @@ func TestErrorCode_01(t *testing.T) {
 		if w.Code != code {
 			t.Fail()
 		}
-		if !strings.Contains(string(w.Body.Bytes()), http.StatusText(code)) {
+		if !strings.Contains(w.Body.String(), http.StatusText(code)) {
 			t.Fail()
 		}
 	}
@ -82,7 +82,7 @@ func TestErrorCode_03(t *testing.T) {
 	if w.Code != 200 {
 		t.Fail()
 	}
-	if string(w.Body.Bytes()) != parseCodeError {
+	if w.Body.String() != parseCodeError {
 		t.Fail()
 	}
 }
--- a/grace/conn.go
+++ b/grace/conn.go
@ -3,14 +3,17 @@ package grace
 import (
 	"errors"
 	"net"
+	"sync"
 )

 type graceConn struct {
 	net.Conn
 	server *Server
+	m      sync.Mutex
+	closed bool
 }

-func (c graceConn) Close() (err error) {
+func (c *graceConn) Close() (err error) {
 	defer func() {
 		if r := recover(); r != nil {
 			switch x := r.(type) {
@ -23,6 +26,14 @@ func (c graceConn) Close() (err error) {
 			}
 		}
 	}()
+
+	c.m.Lock()
+	if c.closed {
+		c.m.Unlock()
+		return
+	}
 	c.server.wg.Done()
+	c.closed = true
+	c.m.Unlock()
 	return c.Conn.Close()
 }
--- a/grace/listener.go
+++ b/grace/listener.go
@ -37,7 +37,7 @@ func (gl *graceListener) Accept() (c net.Conn, err error) {
 	tc.SetKeepAlive(true)
 	tc.SetKeepAlivePeriod(3 * time.Minute)

-	c = graceConn{
+	c = &graceConn{
 		Conn:   tc,
 		server: gl.server,
 	}
--- a/grace/server.go
+++ b/grace/server.go
@ -2,7 +2,9 @@ package grace

 import (
 	"crypto/tls"
+	"crypto/x509"
 	"fmt"
+	"io/ioutil"
 	"log"
 	"net"
 	"net/http"
@ -65,7 +67,7 @@ func (srv *Server) ListenAndServe() (err error) {
 			log.Println(err)
 			return err
 		}
-		err = process.Kill()
+		err = process.Signal(syscall.SIGTERM)
 		if err != nil {
 			return err
 		}
@ -114,6 +116,62 @@ func (srv *Server) ListenAndServeTLS(certFile, keyFile string) (err error) {
 	srv.tlsInnerListener = newGraceListener(l, srv)
 	srv.GraceListener = tls.NewListener(srv.tlsInnerListener, srv.TLSConfig)

+	if srv.isChild {
+		process, err := os.FindProcess(os.Getppid())
+		if err != nil {
+			log.Println(err)
+			return err
+		}
+		err = process.Signal(syscall.SIGTERM)
+		if err != nil {
+			return err
+		}
+	}
+	log.Println(os.Getpid(), srv.Addr)
+	return srv.Serve()
+}
+
+// ListenAndServeMutualTLS listens on the TCP network address srv.Addr and then calls
+// Serve to handle requests on incoming mutual TLS connections.
+func (srv *Server) ListenAndServeMutualTLS(certFile, keyFile, trustFile string) (err error) {
+	addr := srv.Addr
+	if addr == "" {
+		addr = ":https"
+	}
+
+	if srv.TLSConfig == nil {
+		srv.TLSConfig = &tls.Config{}
+	}
+	if srv.TLSConfig.NextProtos == nil {
+		srv.TLSConfig.NextProtos = []string{"http/1.1"}
+	}
+
+	srv.TLSConfig.Certificates = make([]tls.Certificate, 1)
+	srv.TLSConfig.Certificates[0], err = tls.LoadX509KeyPair(certFile, keyFile)
+	if err != nil {
+		return
+	}
+	srv.TLSConfig.ClientAuth = tls.RequireAndVerifyClientCert
+	pool := x509.NewCertPool()
+	data, err := ioutil.ReadFile(trustFile)
+	if err != nil {
+		log.Println(err)
+		return err
+	}
+	pool.AppendCertsFromPEM(data)
+	srv.TLSConfig.ClientCAs = pool
+	log.Println("Mutual HTTPS")
+	go srv.handleSignals()
+
+	l, err := srv.getListener(addr)
+	if err != nil {
+		log.Println(err)
+		return err
+	}
+
+	srv.tlsInnerListener = newGraceListener(l, srv)
+	srv.GraceListener = tls.NewListener(srv.tlsInnerListener, srv.TLSConfig)
+
 	if srv.isChild {
 		process, err := os.FindProcess(os.Getppid())
 		if err != nil {
--- a/hooks.go
+++ b/hooks.go
@ -32,6 +32,8 @@ func registerDefaultErrorHandler() error {
 		"502": badGateway,
 		"503": serviceUnavailable,
 		"504": gatewayTimeout,
+		"417": invalidxsrf,
+		"422": missingxsrf,
 	}
 	for e, h := range m {
 		if _, ok := ErrorMaps[e]; !ok {
--- a/httplib/httplib.go
+++ b/httplib/httplib.go
@ -50,6 +50,7 @@ import (
 	"strings"
 	"sync"
 	"time"
+	"gopkg.in/yaml.v2"
 )

 var defaultSetting = BeegoHTTPSettings{
@ -318,6 +319,34 @@ func (b *BeegoHTTPRequest) Body(data interface{}) *BeegoHTTPRequest {
 	return b
 }

+// XMLBody adds request raw body encoding by XML.
+func (b *BeegoHTTPRequest) XMLBody(obj interface{}) (*BeegoHTTPRequest, error) {
+	if b.req.Body == nil && obj != nil {
+		byts, err := xml.Marshal(obj)
+		if err != nil {
+			return b, err
+		}
+		b.req.Body = ioutil.NopCloser(bytes.NewReader(byts))
+		b.req.ContentLength = int64(len(byts))
+		b.req.Header.Set("Content-Type", "application/xml")
+	}
+	return b, nil
+}
+
+// YAMLBody adds request raw body encoding by YAML.
+func (b *BeegoHTTPRequest) YAMLBody(obj interface{}) (*BeegoHTTPRequest, error) {
+	if b.req.Body == nil && obj != nil {
+		byts, err := yaml.Marshal(obj)
+		if err != nil {
+			return b, err
+		}
+		b.req.Body = ioutil.NopCloser(bytes.NewReader(byts))
+		b.req.ContentLength = int64(len(byts))
+		b.req.Header.Set("Content-Type", "application/x+yaml")
+	}
+	return b, nil
+}
+
 // JSONBody adds request raw body encoding by JSON.
 func (b *BeegoHTTPRequest) JSONBody(obj interface{}) (*BeegoHTTPRequest, error) {
 	if b.req.Body == nil && obj != nil {
@ -417,12 +446,12 @@ func (b *BeegoHTTPRequest) DoRequest() (resp *http.Response, err error) {
 	}

 	b.buildURL(paramBody)
-	url, err := url.Parse(b.url)
+	urlParsed, err := url.Parse(b.url)
 	if err != nil {
 		return nil, err
 	}

-	b.req.URL = url
+	b.req.URL = urlParsed

 	trans := b.setting.Transport

@ -432,7 +461,7 @@ func (b *BeegoHTTPRequest) DoRequest() (resp *http.Response, err error) {
 			TLSClientConfig:     b.setting.TLSClientConfig,
 			Proxy:               b.setting.Proxy,
 			Dial:                TimeoutDialer(b.setting.ConnectTimeout, b.setting.ReadWriteTimeout),
-			MaxIdleConnsPerHost: -1,
+			MaxIdleConnsPerHost: 100,
 		}
 	} else {
 		// if b.transport is *http.Transport then set the settings.
@ -567,6 +596,16 @@ func (b *BeegoHTTPRequest) ToXML(v interface{}) error {
 	return xml.Unmarshal(data, v)
 }

+// ToYAML returns the map that marshals from the body bytes as yaml in response .
+// it calls Response inner.
+func (b *BeegoHTTPRequest) ToYAML(v interface{}) error {
+	data, err := b.Bytes()
+	if err != nil {
+		return err
+	}
+	return yaml.Unmarshal(data, v)
+}
+
 // Response executes request client gets response mannually.
 func (b *BeegoHTTPRequest) Response() (*http.Response, error) {
 	return b.getResponse()
--- a/logs/README.md
+++ b/logs/README.md
@ -16,48 +16,57 @@ As of now this logs support console, file,smtp and conn.

 First you must import it

-	import (
-		"github.com/astaxie/beego/logs"
-	)
+```golang
+import (
+	"github.com/astaxie/beego/logs"
+)
+```

 Then init a Log (example with console adapter)

-	log := NewLogger(10000)
-	log.SetLogger("console", "")	
+```golang
+log := logs.NewLogger(10000)
+log.SetLogger("console", "")
+```

 > the first params stand for how many channel

-Use it like this:	
-	
-	log.Trace("trace")
-	log.Info("info")
-	log.Warn("warning")
-	log.Debug("debug")
-	log.Critical("critical")
+Use it like this:

+```golang
+log.Trace("trace")
+log.Info("info")
+log.Warn("warning")
+log.Debug("debug")
+log.Critical("critical")
+```

 ## File adapter

 Configure file adapter like this:

-	log := NewLogger(10000)
-	log.SetLogger("file", `{"filename":"test.log"}`)
-
+```golang
+log := NewLogger(10000)
+log.SetLogger("file", `{"filename":"test.log"}`)
+```

 ## Conn adapter

 Configure like this:

-	log := NewLogger(1000)
-	log.SetLogger("conn", `{"net":"tcp","addr":":7020"}`)
-	log.Info("info")
-
+```golang
+log := NewLogger(1000)
+log.SetLogger("conn", `{"net":"tcp","addr":":7020"}`)
+log.Info("info")
+```

 ## Smtp adapter

 Configure like this:

-	log := NewLogger(10000)
-	log.SetLogger("smtp", `{"username":"beegotest@gmail.com","password":"xxxxxxxx","host":"smtp.gmail.com:587","sendTos":["xiemengjun@gmail.com"]}`)
-	log.Critical("sendmail critical")
-	time.Sleep(time.Second * 30)
+```golang
+log := NewLogger(10000)
+log.SetLogger("smtp", `{"username":"beegotest@gmail.com","password":"xxxxxxxx","host":"smtp.gmail.com:587","sendTos":["xiemengjun@gmail.com"]}`)
+log.Critical("sendmail critical")
+time.Sleep(time.Second * 30)
+```
--- a/logs/accesslog.go
+++ b/logs/accesslog.go
@ -0,0 +1,83 @@
+// Copyright 2014 beego Author. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package logs
+
+import (
+	"bytes"
+	"strings"
+	"encoding/json"
+	"fmt"
+	"time"
+)
+
+const (
+	apacheFormatPattern = "%s - - [%s] \"%s %d %d\" %f %s %s"
+	apacheFormat        = "APACHE_FORMAT"
+	jsonFormat          = "JSON_FORMAT"
+)
+
+// AccessLogRecord struct for holding access log data.
+type AccessLogRecord struct {
+	RemoteAddr     string        `json:"remote_addr"`
+	RequestTime    time.Time     `json:"request_time"`
+	RequestMethod  string        `json:"request_method"`
+	Request        string        `json:"request"`
+	ServerProtocol string        `json:"server_protocol"`
+	Host           string        `json:"host"`
+	Status         int           `json:"status"`
+	BodyBytesSent  int64         `json:"body_bytes_sent"`
+	ElapsedTime    time.Duration `json:"elapsed_time"`
+	HTTPReferrer   string        `json:"http_referrer"`
+	HTTPUserAgent  string        `json:"http_user_agent"`
+	RemoteUser     string        `json:"remote_user"`
+}
+
+func (r *AccessLogRecord) json() ([]byte, error) {
+	buffer := &bytes.Buffer{}
+	encoder := json.NewEncoder(buffer)
+	disableEscapeHTML(encoder)
+
+	err := encoder.Encode(r)
+	return buffer.Bytes(), err
+}
+
+func disableEscapeHTML(i interface{}) {
+	if e, ok := i.(interface {
+		SetEscapeHTML(bool)
+	}); ok {
+		e.SetEscapeHTML(false)
+	}
+}
+
+// AccessLog - Format and print access log.
+func AccessLog(r *AccessLogRecord, format string) {
+	var msg string
+	switch format {
+	case apacheFormat:
+		timeFormatted := r.RequestTime.Format("02/Jan/2006 03:04:05")
+		msg = fmt.Sprintf(apacheFormatPattern, r.RemoteAddr, timeFormatted, r.Request, r.Status, r.BodyBytesSent,
+			r.ElapsedTime.Seconds(), r.HTTPReferrer, r.HTTPUserAgent)
+	case jsonFormat:
+		fallthrough
+	default:
+		jsonData, err := r.json()
+		if err != nil {
+			msg = fmt.Sprintf(`{"Error": "%s"}`, err)
+		} else {
+			msg = string(jsonData)
+		}
+	}
+	beeLogger.writeMsg(levelLoggerImpl, strings.TrimSpace(msg))
+}
--- a/logs/file.go
+++ b/logs/file.go
@ -21,6 +21,7 @@ import (
 	"fmt"
 	"io"
 	"os"
+	"path"
 	"path/filepath"
 	"strconv"
 	"strings"
@ -40,6 +41,9 @@ type fileLogWriter struct {
 	MaxLines         int `json:"maxlines"`
 	maxLinesCurLines int

+	MaxFiles         int `json:"maxfiles"`
+	MaxFilesCurFiles int
+
 	// Rotate at size
 	MaxSize        int `json:"maxsize"`
 	maxSizeCurSize int
@ -50,38 +54,52 @@ type fileLogWriter struct {
 	dailyOpenDate int
 	dailyOpenTime time.Time

+	// Rotate hourly
+	Hourly         bool  `json:"hourly"`
+	MaxHours       int64 `json:"maxhours"`
+	hourlyOpenDate int
+	hourlyOpenTime time.Time
+
 	Rotate bool `json:"rotate"`

 	Level int `json:"level"`

 	Perm string `json:"perm"`

+	RotatePerm string `json:"rotateperm"`
+
 	fileNameOnly, suffix string // like "project.log", project is fileNameOnly and .log is suffix
 }

 // newFileWriter create a FileLogWriter returning as LoggerInterface.
 func newFileWriter() Logger {
 	w := &fileLogWriter{
-		Daily:   true,
-		MaxDays: 7,
-		Rotate:  true,
-		Level:   LevelTrace,
-		Perm:    "0660",
+		Daily:      true,
+		MaxDays:    7,
+		Hourly:     false,
+		MaxHours:   168,
+		Rotate:     true,
+		RotatePerm: "0440",
+		Level:      LevelTrace,
+		Perm:       "0660",
+		MaxLines:   10000000,
+		MaxFiles:   999,
+		MaxSize:    1 << 28,
 	}
 	return w
 }

 // Init file logger with json config.
 // jsonConfig like:
-//	{
-//	"filename":"logs/beego.log",
-//	"maxLines":10000,
-//	"maxsize":1024,
-//	"daily":true,
-//	"maxDays":15,
-//	"rotate":true,
-//  	"perm":"0600"
-//	}
+//  {
+//  "filename":"logs/beego.log",
+//  "maxLines":10000,
+//  "maxsize":1024,
+//  "daily":true,
+//  "maxDays":15,
+//  "rotate":true,
+//      "perm":"0600"
+//  }
 func (w *fileLogWriter) Init(jsonConfig string) error {
 	err := json.Unmarshal([]byte(jsonConfig), w)
 	if err != nil {
@ -112,10 +130,16 @@ func (w *fileLogWriter) startLogger() error {
 	return w.initFd()
 }

-func (w *fileLogWriter) needRotate(size int, day int) bool {
+func (w *fileLogWriter) needRotateDaily(size int, day int) bool {
 	return (w.MaxLines > 0 && w.maxLinesCurLines >= w.MaxLines) ||
 		(w.MaxSize > 0 && w.maxSizeCurSize >= w.MaxSize) ||
 		(w.Daily && day != w.dailyOpenDate)
+}
+
+func (w *fileLogWriter) needRotateHourly(size int, hour int) bool {
+	return (w.MaxLines > 0 && w.maxLinesCurLines >= w.MaxLines) ||
+		(w.MaxSize > 0 && w.maxSizeCurSize >= w.MaxSize) ||
+		(w.Hourly && hour != w.hourlyOpenDate)

 }

@ -124,14 +148,23 @@ func (w *fileLogWriter) WriteMsg(when time.Time, msg string, level int) error {
 	if level > w.Level {
 		return nil
 	}
-	h, d := formatTimeHeader(when)
-	msg = string(h) + msg + "\n"
+	hd, d, h := formatTimeHeader(when)
+	msg = string(hd) + msg + "\n"
 	if w.Rotate {
 		w.RLock()
-		if w.needRotate(len(msg), d) {
+		if w.needRotateHourly(len(msg), h) {
 			w.RUnlock()
 			w.Lock()
-			if w.needRotate(len(msg), d) {
+			if w.needRotateHourly(len(msg), h) {
+				if err := w.doRotate(when); err != nil {
+					fmt.Fprintf(os.Stderr, "FileLogWriter(%q): %s\n", w.Filename, err)
+				}
+			}
+			w.Unlock()
+		} else if w.needRotateDaily(len(msg), d) {
+			w.RUnlock()
+			w.Lock()
+			if w.needRotateDaily(len(msg), d) {
 				if err := w.doRotate(when); err != nil {
 					fmt.Fprintf(os.Stderr, "FileLogWriter(%q): %s\n", w.Filename, err)
 				}
@ -158,6 +191,10 @@ func (w *fileLogWriter) createLogFile() (*os.File, error) {
 	if err != nil {
 		return nil, err
 	}
+
+	filepath := path.Dir(w.Filename)
+	os.MkdirAll(filepath, os.FileMode(perm))
+
 	fd, err := os.OpenFile(w.Filename, os.O_WRONLY|os.O_APPEND|os.O_CREATE, os.FileMode(perm))
 	if err == nil {
 		// Make sure file perm is user set perm cause of `os.OpenFile` will obey umask
@ -175,11 +212,15 @@ func (w *fileLogWriter) initFd() error {
 	w.maxSizeCurSize = int(fInfo.Size())
 	w.dailyOpenTime = time.Now()
 	w.dailyOpenDate = w.dailyOpenTime.Day()
+	w.hourlyOpenTime = time.Now()
+	w.hourlyOpenDate = w.hourlyOpenTime.Hour()
 	w.maxLinesCurLines = 0
-	if w.Daily {
+	if w.Hourly {
+		go w.hourlyRotate(w.hourlyOpenTime)
+	} else if w.Daily {
 		go w.dailyRotate(w.dailyOpenTime)
 	}
-	if fInfo.Size() > 0 {
+	if fInfo.Size() > 0 && w.MaxLines > 0 {
 		count, err := w.lines()
 		if err != nil {
 			return err
@ -195,7 +236,22 @@ func (w *fileLogWriter) dailyRotate(openTime time.Time) {
 	tm := time.NewTimer(time.Duration(nextDay.UnixNano() - openTime.UnixNano() + 100))
 	<-tm.C
 	w.Lock()
-	if w.needRotate(0, time.Now().Day()) {
+	if w.needRotateDaily(0, time.Now().Day()) {
+		if err := w.doRotate(time.Now()); err != nil {
+			fmt.Fprintf(os.Stderr, "FileLogWriter(%q): %s\n", w.Filename, err)
+		}
+	}
+	w.Unlock()
+}
+
+func (w *fileLogWriter) hourlyRotate(openTime time.Time) {
+	y, m, d := openTime.Add(1 * time.Hour).Date()
+	h, _, _ := openTime.Add(1 * time.Hour).Clock()
+	nextHour := time.Date(y, m, d, h, 0, 0, 0, openTime.Location())
+	tm := time.NewTimer(time.Duration(nextHour.UnixNano() - openTime.UnixNano() + 100))
+	<-tm.C
+	w.Lock()
+	if w.needRotateHourly(0, time.Now().Hour()) {
 		if err := w.doRotate(time.Now()); err != nil {
 			fmt.Fprintf(os.Stderr, "FileLogWriter(%q): %s\n", w.Filename, err)
 		}
@ -235,28 +291,41 @@ func (w *fileLogWriter) lines() (int, error) {
 func (w *fileLogWriter) doRotate(logTime time.Time) error {
 	// file exists
 	// Find the next available number
-	num := 1
+	num := w.MaxFilesCurFiles + 1
 	fName := ""
+	format := ""
+	var openTime time.Time
+	rotatePerm, err := strconv.ParseInt(w.RotatePerm, 8, 64)
+	if err != nil {
+		return err
+	}

-	_, err := os.Lstat(w.Filename)
+	_, err = os.Lstat(w.Filename)
 	if err != nil {
 		//even if the file is not exist or other ,we should RESTART the logger
 		goto RESTART_LOGGER
 	}

+	if w.Hourly {
+		format = "2006010215"
+		openTime = w.hourlyOpenTime
+	} else if w.Daily {
+		format = "2006-01-02"
+		openTime = w.dailyOpenTime
+	}
+
+	// only when one of them be setted, then the file would be splited
 	if w.MaxLines > 0 || w.MaxSize > 0 {
-		for ; err == nil && num <= 999; num++ {
-			fName = w.fileNameOnly + fmt.Sprintf(".%s.%03d%s", logTime.Format("2006-01-02"), num, w.suffix)
+		for ; err == nil && num <= w.MaxFiles; num++ {
+			fName = w.fileNameOnly + fmt.Sprintf(".%s.%03d%s", logTime.Format(format), num, w.suffix)
 			_, err = os.Lstat(fName)
 		}
 	} else {
-		fName = fmt.Sprintf("%s.%s%s", w.fileNameOnly, w.dailyOpenTime.Format("2006-01-02"), w.suffix)
+		fName = w.fileNameOnly + fmt.Sprintf(".%s.%03d%s", openTime.Format(format), num, w.suffix)
 		_, err = os.Lstat(fName)
-		for ; err == nil && num <= 999; num++ {
-			fName = w.fileNameOnly + fmt.Sprintf(".%s.%03d%s", w.dailyOpenTime.Format("2006-01-02"), num, w.suffix)
-			_, err = os.Lstat(fName)
-		}
+		w.MaxFilesCurFiles = num
 	}
+
 	// return error if the last file checked still existed
 	if err == nil {
 		return fmt.Errorf("Rotate: Cannot find free log number to rename %s", w.Filename)
@ -271,8 +340,9 @@ func (w *fileLogWriter) doRotate(logTime time.Time) error {
 	if err != nil {
 		goto RESTART_LOGGER
 	}
-	err = os.Chmod(fName, os.FileMode(0440))
-	// re-start logger
+
+	err = os.Chmod(fName, os.FileMode(rotatePerm))
+
 RESTART_LOGGER:

 	startLoggerErr := w.startLogger()
@ -299,13 +369,21 @@ func (w *fileLogWriter) deleteOldLog() {
 		if info == nil {
 			return
 		}
-
-		if !info.IsDir() && info.ModTime().Add(24*time.Hour*time.Duration(w.MaxDays)).Before(time.Now()) {
-			if strings.HasPrefix(filepath.Base(path), filepath.Base(w.fileNameOnly)) &&
-				strings.HasSuffix(filepath.Base(path), w.suffix) {
-				os.Remove(path)
-			}
-		}
+        if w.Hourly {
+            if !info.IsDir() && info.ModTime().Add(1 * time.Hour * time.Duration(w.MaxHours)).Before(time.Now()) {
+                if strings.HasPrefix(filepath.Base(path), filepath.Base(w.fileNameOnly)) &&
+                strings.HasSuffix(filepath.Base(path), w.suffix) {
+                    os.Remove(path)
+                }
+            }
+        } else if w.Daily {
+            if !info.IsDir() && info.ModTime().Add(24 * time.Hour * time.Duration(w.MaxDays)).Before(time.Now()) {
+                if strings.HasPrefix(filepath.Base(path), filepath.Base(w.fileNameOnly)) &&
+                strings.HasSuffix(filepath.Base(path), w.suffix) {
+                    os.Remove(path)
+                }
+            }
+        }
 		return
 	})
 }
--- a/logs/file_test.go
+++ b/logs/file_test.go
@ -112,7 +112,7 @@ func TestFile2(t *testing.T) {
 	os.Remove("test2.log")
 }

-func TestFileRotate_01(t *testing.T) {
+func TestFileDailyRotate_01(t *testing.T) {
 	log := NewLogger(10000)
 	log.SetLogger("file", `{"filename":"test3.log","maxlines":4}`)
 	log.Debug("debug")
@ -133,28 +133,28 @@ func TestFileRotate_01(t *testing.T) {
 	os.Remove("test3.log")
 }

-func TestFileRotate_02(t *testing.T) {
+func TestFileDailyRotate_02(t *testing.T) {
 	fn1 := "rotate_day.log"
-	fn2 := "rotate_day." + time.Now().Add(-24*time.Hour).Format("2006-01-02") + ".log"
-	testFileRotate(t, fn1, fn2)
+	fn2 := "rotate_day." + time.Now().Add(-24*time.Hour).Format("2006-01-02") + ".001.log"
+	testFileRotate(t, fn1, fn2, true, false)
 }

-func TestFileRotate_03(t *testing.T) {
+func TestFileDailyRotate_03(t *testing.T) {
 	fn1 := "rotate_day.log"
 	fn := "rotate_day." + time.Now().Add(-24*time.Hour).Format("2006-01-02") + ".log"
 	os.Create(fn)
 	fn2 := "rotate_day." + time.Now().Add(-24*time.Hour).Format("2006-01-02") + ".001.log"
-	testFileRotate(t, fn1, fn2)
+	testFileRotate(t, fn1, fn2, true, false)
 	os.Remove(fn)
 }

-func TestFileRotate_04(t *testing.T) {
+func TestFileDailyRotate_04(t *testing.T) {
 	fn1 := "rotate_day.log"
-	fn2 := "rotate_day." + time.Now().Add(-24*time.Hour).Format("2006-01-02") + ".log"
+	fn2 := "rotate_day." + time.Now().Add(-24*time.Hour).Format("2006-01-02") + ".001.log"
 	testFileDailyRotate(t, fn1, fn2)
 }

-func TestFileRotate_05(t *testing.T) {
+func TestFileDailyRotate_05(t *testing.T) {
 	fn1 := "rotate_day.log"
 	fn := "rotate_day." + time.Now().Add(-24*time.Hour).Format("2006-01-02") + ".log"
 	os.Create(fn)
@ -162,7 +162,7 @@ func TestFileRotate_05(t *testing.T) {
 	testFileDailyRotate(t, fn1, fn2)
 	os.Remove(fn)
 }
-func TestFileRotate_06(t *testing.T) { //test file mode
+func TestFileDailyRotate_06(t *testing.T) { //test file mode
 	log := NewLogger(10000)
 	log.SetLogger("file", `{"filename":"test3.log","maxlines":4}`)
 	log.Debug("debug")
@ -183,22 +183,110 @@ func TestFileRotate_06(t *testing.T) { //test file mode
 	os.Remove(rotateName)
 	os.Remove("test3.log")
 }
-func testFileRotate(t *testing.T, fn1, fn2 string) {
-	fw := &fileLogWriter{
-		Daily:   true,
-		MaxDays: 7,
-		Rotate:  true,
-		Level:   LevelTrace,
-		Perm:    "0660",
+
+func TestFileHourlyRotate_01(t *testing.T) {
+	log := NewLogger(10000)
+    log.SetLogger("file", `{"filename":"test3.log","hourly":true,"maxlines":4}`)
+	log.Debug("debug")
+	log.Info("info")
+	log.Notice("notice")
+	log.Warning("warning")
+	log.Error("error")
+	log.Alert("alert")
+	log.Critical("critical")
+	log.Emergency("emergency")
+	rotateName := "test3" + fmt.Sprintf(".%s.%03d", time.Now().Format("2006010215"), 1) + ".log"
+	b, err := exists(rotateName)
+	if !b || err != nil {
+		os.Remove("test3.log")
+		t.Fatal("rotate not generated")
 	}
-	fw.Init(fmt.Sprintf(`{"filename":"%v","maxdays":1}`, fn1))
-	fw.dailyOpenTime = time.Now().Add(-24 * time.Hour)
-	fw.dailyOpenDate = fw.dailyOpenTime.Day()
-	fw.WriteMsg(time.Now(), "this is a msg for test", LevelDebug)
+	os.Remove(rotateName)
+	os.Remove("test3.log")
+}
+
+func TestFileHourlyRotate_02(t *testing.T) {
+	fn1 := "rotate_hour.log"
+	fn2 := "rotate_hour." + time.Now().Add(-1*time.Hour).Format("2006010215") + ".001.log"
+	testFileRotate(t, fn1, fn2, false, true)
+}
+
+func TestFileHourlyRotate_03(t *testing.T) {
+	fn1 := "rotate_hour.log"
+	fn := "rotate_hour." + time.Now().Add(-1*time.Hour).Format("2006010215") + ".log"
+	os.Create(fn)
+	fn2 := "rotate_hour." + time.Now().Add(-1*time.Hour).Format("2006010215") + ".001.log"
+	testFileRotate(t, fn1, fn2, false, true)
+	os.Remove(fn)
+}
+
+func TestFileHourlyRotate_04(t *testing.T) {
+	fn1 := "rotate_hour.log"
+	fn2 := "rotate_hour." + time.Now().Add(-1*time.Hour).Format("2006010215") + ".001.log"
+	testFileHourlyRotate(t, fn1, fn2)
+}
+
+func TestFileHourlyRotate_05(t *testing.T) {
+	fn1 := "rotate_hour.log"
+	fn := "rotate_hour." + time.Now().Add(-1*time.Hour).Format("2006010215") + ".log"
+	os.Create(fn)
+	fn2 := "rotate_hour." + time.Now().Add(-1*time.Hour).Format("2006010215") + ".001.log"
+	testFileHourlyRotate(t, fn1, fn2)
+	os.Remove(fn)
+}
+
+func TestFileHourlyRotate_06(t *testing.T) { //test file mode
+	log := NewLogger(10000)
+    log.SetLogger("file", `{"filename":"test3.log", "hourly":true, "maxlines":4}`)
+	log.Debug("debug")
+	log.Info("info")
+	log.Notice("notice")
+	log.Warning("warning")
+	log.Error("error")
+	log.Alert("alert")
+	log.Critical("critical")
+	log.Emergency("emergency")
+	rotateName := "test3" + fmt.Sprintf(".%s.%03d", time.Now().Format("2006010215"), 1) + ".log"
+	s, _ := os.Lstat(rotateName)
+	if s.Mode() != 0440 {
+		os.Remove(rotateName)
+		os.Remove("test3.log")
+		t.Fatal("rotate file mode error")
+	}
+	os.Remove(rotateName)
+	os.Remove("test3.log")
+}
+
+func testFileRotate(t *testing.T, fn1, fn2 string, daily, hourly bool) {
+	fw := &fileLogWriter{
+		Daily:      daily,
+		MaxDays:    7,
+		Hourly:     hourly,
+		MaxHours:   168,
+		Rotate:     true,
+		Level:      LevelTrace,
+		Perm:       "0660",
+		RotatePerm: "0440",
+	}
+
+    if daily {
+        fw.Init(fmt.Sprintf(`{"filename":"%v","maxdays":1}`, fn1))
+        fw.dailyOpenTime = time.Now().Add(-24 * time.Hour)
+        fw.dailyOpenDate = fw.dailyOpenTime.Day()
+    }
+
+    if hourly {
+        fw.Init(fmt.Sprintf(`{"filename":"%v","maxhours":1}`, fn1))
+        fw.hourlyOpenTime = time.Now().Add(-1 * time.Hour)
+        fw.hourlyOpenDate = fw.hourlyOpenTime.Day()
+    }
+
+    fw.WriteMsg(time.Now(), "this is a msg for test", LevelDebug)

 	for _, file := range []string{fn1, fn2} {
 		_, err := os.Stat(file)
 		if err != nil {
+			t.Log(err)
 			t.FailNow()
 		}
 		os.Remove(file)
@ -208,11 +296,12 @@ func testFileRotate(t *testing.T, fn1, fn2 string) {

 func testFileDailyRotate(t *testing.T, fn1, fn2 string) {
 	fw := &fileLogWriter{
-		Daily:   true,
-		MaxDays: 7,
-		Rotate:  true,
-		Level:   LevelTrace,
-		Perm:    "0660",
+		Daily:      true,
+		MaxDays:    7,
+		Rotate:     true,
+		Level:      LevelTrace,
+		Perm:       "0660",
+		RotatePerm: "0440",
 	}
 	fw.Init(fmt.Sprintf(`{"filename":"%v","maxdays":1}`, fn1))
 	fw.dailyOpenTime = time.Now().Add(-24 * time.Hour)
@ -237,6 +326,37 @@ func testFileDailyRotate(t *testing.T, fn1, fn2 string) {
 	fw.Destroy()
 }

+func testFileHourlyRotate(t *testing.T, fn1, fn2 string) {
+	fw := &fileLogWriter{
+        Hourly:      true,
+        MaxHours:    168,
+		Rotate:     true,
+		Level:      LevelTrace,
+		Perm:       "0660",
+		RotatePerm: "0440",
+	}
+	fw.Init(fmt.Sprintf(`{"filename":"%v","maxhours":1}`, fn1))
+	fw.hourlyOpenTime = time.Now().Add(-1 * time.Hour)
+	fw.hourlyOpenDate = fw.hourlyOpenTime.Hour()
+	hour, _ := time.ParseInLocation("2006010215", time.Now().Format("2006010215"), fw.hourlyOpenTime.Location())
+	hour = hour.Add(-1 * time.Second)
+	fw.hourlyRotate(hour)
+	for _, file := range []string{fn1, fn2} {
+		_, err := os.Stat(file)
+		if err != nil {
+			t.FailNow()
+		}
+		content, err := ioutil.ReadFile(file)
+		if err != nil {
+			t.FailNow()
+		}
+		if len(content) > 0 {
+			t.FailNow()
+		}
+		os.Remove(file)
+	}
+	fw.Destroy()
+}
 func exists(path string) (bool, error) {
 	_, err := os.Stat(path)
 	if err == nil {
--- a/logs/log.go
+++ b/logs/log.go
@ -47,7 +47,7 @@ import (

 // RFC5424 log message levels.
 const (
-	LevelEmergency = iota
+	LevelEmergency     = iota
 	LevelAlert
 	LevelCritical
 	LevelError
@ -116,6 +116,7 @@ type BeeLogger struct {
 	enableFuncCallDepth bool
 	loggerFuncCallDepth int
 	asynchronous        bool
+	prefix              string
 	msgChanLen          int64
 	msgChan             chan *logMsg
 	signalChan          chan string
@ -247,7 +248,7 @@ func (bl *BeeLogger) Write(p []byte) (n int, err error) {
 	}
 	// writeMsg will always add a '\n' character
 	if p[len(p)-1] == '\n' {
-		p = p[0 : len(p)-1]
+		p = p[0: len(p)-1]
 	}
 	// set levelLoggerImpl to ensure all log message will be write out
 	err = bl.writeMsg(levelLoggerImpl, string(p))
@ -267,6 +268,9 @@ func (bl *BeeLogger) writeMsg(logLevel int, msg string, v ...interface{}) error
 	if len(v) > 0 {
 		msg = fmt.Sprintf(msg, v...)
 	}
+
+	msg = bl.prefix + " " + msg
+
 	when := time.Now()
 	if bl.enableFuncCallDepth {
 		_, file, line, ok := runtime.Caller(bl.loggerFuncCallDepth)
@ -305,6 +309,11 @@ func (bl *BeeLogger) SetLevel(l int) {
 	bl.level = l
 }

+// GetLevel Get Current log message level.
+func (bl *BeeLogger) GetLevel() int {
+	return bl.level
+}
+
 // SetLogFuncCallDepth set log funcCallDepth
 func (bl *BeeLogger) SetLogFuncCallDepth(d int) {
 	bl.loggerFuncCallDepth = d
@ -320,6 +329,11 @@ func (bl *BeeLogger) EnableFuncCallDepth(b bool) {
 	bl.enableFuncCallDepth = b
 }

+// set prefix
+func (bl *BeeLogger) SetPrefix(s string) {
+	bl.prefix = s
+}
+
 // start logger chan reading.
 // when chan is not empty, write logs.
 func (bl *BeeLogger) startLogger() {
@ -544,6 +558,11 @@ func SetLevel(l int) {
 	beeLogger.SetLevel(l)
 }

+// SetPrefix sets the prefix
+func SetPrefix(s string) {
+	beeLogger.SetPrefix(s)
+}
+
 // EnableFuncCallDepth enable log funcCallDepth
 func EnableFuncCallDepth(b bool) {
 	beeLogger.enableFuncCallDepth = b
--- a/logs/logger.go
+++ b/logs/logger.go
@ -33,7 +33,7 @@ func newLogWriter(wr io.Writer) *logWriter {

 func (lg *logWriter) println(when time.Time, msg string) {
 	lg.Lock()
-	h, _ := formatTimeHeader(when)
+	h, _, _:= formatTimeHeader(when)
 	lg.writer.Write(append(append(h, msg...), '\n'))
 	lg.Unlock()
 }
@ -87,13 +87,15 @@ const (
 	mi2 = `012345678901234567890123456789012345678901234567890123456789`
 	s1  = `000000000011111111112222222222333333333344444444445555555555`
 	s2  = `012345678901234567890123456789012345678901234567890123456789`
+	ns1 = `0123456789`
 )

-func formatTimeHeader(when time.Time) ([]byte, int) {
+func formatTimeHeader(when time.Time) ([]byte, int, int) {
 	y, mo, d := when.Date()
 	h, mi, s := when.Clock()
-	//len("2006/01/02 15:04:05 ")==20
-	var buf [20]byte
+	ns := when.Nanosecond() / 1000000
+	//len("2006/01/02 15:04:05.123 ")==24
+	var buf [24]byte

 	buf[0] = y1[y/1000%10]
 	buf[1] = y2[y/100]
@ -114,9 +116,14 @@ func formatTimeHeader(when time.Time) ([]byte, int) {
 	buf[16] = ':'
 	buf[17] = s1[s]
 	buf[18] = s2[s]
-	buf[19] = ' '
+	buf[19] = '.'
+	buf[20] = ns1[ns/100]
+	buf[21] = ns1[ns%100/10]
+	buf[22] = ns1[ns%10]

-	return buf[0:], d
+	buf[23] = ' '
+
+	return buf[0:], d, h
 }

 var (
--- a/logs/logger_test.go
+++ b/logs/logger_test.go
@ -30,8 +30,8 @@ func TestFormatHeader_0(t *testing.T) {
 		if tm.Year() >= 2100 {
 			break
 		}
-		h, _ := formatTimeHeader(tm)
-		if tm.Format("2006/01/02 15:04:05 ") != string(h) {
+		h, _, _ := formatTimeHeader(tm)
+		if tm.Format("2006/01/02 15:04:05.000 ") != string(h) {
 			t.Log(tm)
 			t.FailNow()
 		}
@ -48,8 +48,8 @@ func TestFormatHeader_1(t *testing.T) {
 		if tm.Year() >= year+1 {
 			break
 		}
-		h, _ := formatTimeHeader(tm)
-		if tm.Format("2006/01/02 15:04:05 ") != string(h) {
+		h, _, _ := formatTimeHeader(tm)
+		if tm.Format("2006/01/02 15:04:05.000 ") != string(h) {
 			t.Log(tm)
 			t.FailNow()
 		}
--- a/logs/multifile.go
+++ b/logs/multifile.go
@ -67,7 +67,10 @@ func (f *multiFileLogWriter) Init(config string) error {
 				jsonMap["level"] = i
 				bs, _ := json.Marshal(jsonMap)
 				writer = newFileWriter().(*fileLogWriter)
-				writer.Init(string(bs))
+				err := writer.Init(string(bs))
+				if err != nil {
+					return err
+				}
 				f.writers[i] = writer
 			}
 		}
--- a/migration/ddl.go
+++ b/migration/ddl.go
@ -14,40 +14,382 @@

 package migration

-// Table store the tablename and Column
-type Table struct {
-	TableName string
-	Columns   []*Column
+import (
+	"fmt"
+
+	"github.com/astaxie/beego"
+)
+
+// Index struct defines the structure of Index Columns
+type Index struct {
+	Name string
 }

-// Create return the create sql
-func (t *Table) Create() string {
-	return ""
+// Unique struct defines a single unique key combination
+type Unique struct {
+	Definition string
+	Columns    []*Column
 }

-// Drop return the drop sql
-func (t *Table) Drop() string {
-	return ""
-}
-
-// Column define the columns name type and Default
+//Column struct defines a single column of a table
 type Column struct {
-	Name    string
-	Type    string
-	Default interface{}
+	Name     string
+	Inc      string
+	Null     string
+	Default  string
+	Unsign   string
+	DataType string
+	remove   bool
+	Modify   bool
 }

-// Create return create sql with the provided tbname and columns
-func Create(tbname string, columns ...Column) string {
-	return ""
+// Foreign struct defines a single foreign relationship
+type Foreign struct {
+	ForeignTable  string
+	ForeignColumn string
+	OnDelete      string
+	OnUpdate      string
+	Column
 }

-// Drop return the drop sql with the provided tbname and columns
-func Drop(tbname string, columns ...Column) string {
-	return ""
+// RenameColumn struct allows renaming of columns
+type RenameColumn struct {
+	OldName     string
+	OldNull     string
+	OldDefault  string
+	OldUnsign   string
+	OldDataType string
+	NewName     string
+	Column
 }

-// TableDDL is still in think
-func TableDDL(tbname string, columns ...Column) string {
-	return ""
+// CreateTable creates the table on system
+func (m *Migration) CreateTable(tablename, engine, charset string, p ...func()) {
+	m.TableName = tablename
+	m.Engine = engine
+	m.Charset = charset
+	m.ModifyType = "create"
+}
+
+// AlterTable set the ModifyType to alter
+func (m *Migration) AlterTable(tablename string) {
+	m.TableName = tablename
+	m.ModifyType = "alter"
+}
+
+// NewCol creates a new standard column and attaches it to m struct
+func (m *Migration) NewCol(name string) *Column {
+	col := &Column{Name: name}
+	m.AddColumns(col)
+	return col
+}
+
+//PriCol creates a new primary column and attaches it to m struct
+func (m *Migration) PriCol(name string) *Column {
+	col := &Column{Name: name}
+	m.AddColumns(col)
+	m.AddPrimary(col)
+	return col
+}
+
+//UniCol creates / appends columns to specified unique key and attaches it to m struct
+func (m *Migration) UniCol(uni, name string) *Column {
+	col := &Column{Name: name}
+	m.AddColumns(col)
+
+	uniqueOriginal := &Unique{}
+
+	for _, unique := range m.Uniques {
+		if unique.Definition == uni {
+			unique.AddColumnsToUnique(col)
+			uniqueOriginal = unique
+		}
+	}
+	if uniqueOriginal.Definition == "" {
+		unique := &Unique{Definition: uni}
+		unique.AddColumnsToUnique(col)
+		m.AddUnique(unique)
+	}
+
+	return col
+}
+
+//ForeignCol creates a new foreign column and returns the instance of column
+func (m *Migration) ForeignCol(colname, foreigncol, foreigntable string) (foreign *Foreign) {
+
+	foreign = &Foreign{ForeignColumn: foreigncol, ForeignTable: foreigntable}
+	foreign.Name = colname
+	m.AddForeign(foreign)
+	return foreign
+}
+
+//SetOnDelete sets the on delete of foreign
+func (foreign *Foreign) SetOnDelete(del string) *Foreign {
+	foreign.OnDelete = "ON DELETE" + del
+	return foreign
+}
+
+//SetOnUpdate sets the on update of foreign
+func (foreign *Foreign) SetOnUpdate(update string) *Foreign {
+	foreign.OnUpdate = "ON UPDATE" + update
+	return foreign
+}
+
+//Remove marks the columns to be removed.
+//it allows reverse m to create the column.
+func (c *Column) Remove() {
+	c.remove = true
+}
+
+//SetAuto enables auto_increment of column (can be used once)
+func (c *Column) SetAuto(inc bool) *Column {
+	if inc {
+		c.Inc = "auto_increment"
+	}
+	return c
+}
+
+//SetNullable sets the column to be null
+func (c *Column) SetNullable(null bool) *Column {
+	if null {
+		c.Null = ""
+
+	} else {
+		c.Null = "NOT NULL"
+	}
+	return c
+}
+
+//SetDefault sets the default value, prepend with "DEFAULT "
+func (c *Column) SetDefault(def string) *Column {
+	c.Default = "DEFAULT " + def
+	return c
+}
+
+//SetUnsigned sets the column to be unsigned int
+func (c *Column) SetUnsigned(unsign bool) *Column {
+	if unsign {
+		c.Unsign = "UNSIGNED"
+	}
+	return c
+}
+
+//SetDataType sets the dataType of the column
+func (c *Column) SetDataType(dataType string) *Column {
+	c.DataType = dataType
+	return c
+}
+
+//SetOldNullable allows reverting to previous nullable on reverse ms
+func (c *RenameColumn) SetOldNullable(null bool) *RenameColumn {
+	if null {
+		c.OldNull = ""
+
+	} else {
+		c.OldNull = "NOT NULL"
+	}
+	return c
+}
+
+//SetOldDefault allows reverting to previous default on reverse ms
+func (c *RenameColumn) SetOldDefault(def string) *RenameColumn {
+	c.OldDefault = def
+	return c
+}
+
+//SetOldUnsigned allows reverting to previous unsgined on reverse ms
+func (c *RenameColumn) SetOldUnsigned(unsign bool) *RenameColumn {
+	if unsign {
+		c.OldUnsign = "UNSIGNED"
+	}
+	return c
+}
+
+//SetOldDataType allows reverting to previous datatype on reverse ms
+func (c *RenameColumn) SetOldDataType(dataType string) *RenameColumn {
+	c.OldDataType = dataType
+	return c
+}
+
+//SetPrimary adds the columns to the primary key (can only be used any number of times in only one m)
+func (c *Column) SetPrimary(m *Migration) *Column {
+	m.Primary = append(m.Primary, c)
+	return c
+}
+
+//AddColumnsToUnique adds the columns to Unique Struct
+func (unique *Unique) AddColumnsToUnique(columns ...*Column) *Unique {
+
+	unique.Columns = append(unique.Columns, columns...)
+
+	return unique
+}
+
+//AddColumns adds columns to m struct
+func (m *Migration) AddColumns(columns ...*Column) *Migration {
+
+	m.Columns = append(m.Columns, columns...)
+
+	return m
+}
+
+//AddPrimary adds the column to primary in m struct
+func (m *Migration) AddPrimary(primary *Column) *Migration {
+	m.Primary = append(m.Primary, primary)
+	return m
+}
+
+//AddUnique adds the column to unique in m struct
+func (m *Migration) AddUnique(unique *Unique) *Migration {
+	m.Uniques = append(m.Uniques, unique)
+	return m
+}
+
+//AddForeign adds the column to foreign in m struct
+func (m *Migration) AddForeign(foreign *Foreign) *Migration {
+	m.Foreigns = append(m.Foreigns, foreign)
+	return m
+}
+
+//AddIndex adds the column to index in m struct
+func (m *Migration) AddIndex(index *Index) *Migration {
+	m.Indexes = append(m.Indexes, index)
+	return m
+}
+
+//RenameColumn allows renaming of columns
+func (m *Migration) RenameColumn(from, to string) *RenameColumn {
+	rename := &RenameColumn{OldName: from, NewName: to}
+	m.Renames = append(m.Renames, rename)
+	return rename
+}
+
+//GetSQL returns the generated sql depending on ModifyType
+func (m *Migration) GetSQL() (sql string) {
+	sql = ""
+	switch m.ModifyType {
+	case "create":
+		{
+			sql += fmt.Sprintf("CREATE TABLE `%s` (", m.TableName)
+			for index, column := range m.Columns {
+				sql += fmt.Sprintf("\n `%s` %s %s %s %s %s", column.Name, column.DataType, column.Unsign, column.Null, column.Inc, column.Default)
+				if len(m.Columns) > index+1 {
+					sql += ","
+				}
+			}
+
+			if len(m.Primary) > 0 {
+				sql += fmt.Sprintf(",\n PRIMARY KEY( ")
+			}
+			for index, column := range m.Primary {
+				sql += fmt.Sprintf(" `%s`", column.Name)
+				if len(m.Primary) > index+1 {
+					sql += ","
+				}
+
+			}
+			if len(m.Primary) > 0 {
+				sql += fmt.Sprintf(")")
+			}
+
+			for _, unique := range m.Uniques {
+				sql += fmt.Sprintf(",\n UNIQUE KEY `%s`( ", unique.Definition)
+				for index, column := range unique.Columns {
+					sql += fmt.Sprintf(" `%s`", column.Name)
+					if len(unique.Columns) > index+1 {
+						sql += ","
+					}
+				}
+				sql += fmt.Sprintf(")")
+			}
+			for _, foreign := range m.Foreigns {
+				sql += fmt.Sprintf(",\n `%s` %s %s %s %s %s", foreign.Name, foreign.DataType, foreign.Unsign, foreign.Null, foreign.Inc, foreign.Default)
+				sql += fmt.Sprintf(",\n KEY  `%s_%s_foreign`(`%s`),", m.TableName, foreign.Column.Name, foreign.Column.Name)
+				sql += fmt.Sprintf("\n CONSTRAINT `%s_%s_foreign` FOREIGN KEY (`%s`) REFERENCES `%s` (`%s`)  %s %s", m.TableName, foreign.Column.Name, foreign.Column.Name, foreign.ForeignTable, foreign.ForeignColumn, foreign.OnDelete, foreign.OnUpdate)
+
+			}
+			sql += fmt.Sprintf(")ENGINE=%s DEFAULT CHARSET=%s;", m.Engine, m.Charset)
+			break
+		}
+	case "alter":
+		{
+			sql += fmt.Sprintf("ALTER TABLE `%s` ", m.TableName)
+			for index, column := range m.Columns {
+				if !column.remove {
+					beego.BeeLogger.Info("col")
+					sql += fmt.Sprintf("\n ADD `%s` %s %s %s %s %s", column.Name, column.DataType, column.Unsign, column.Null, column.Inc, column.Default)
+				} else {
+					sql += fmt.Sprintf("\n DROP COLUMN `%s`", column.Name)
+				}
+
+				if len(m.Columns) > index+1 {
+					sql += ","
+				}
+			}
+			for index, column := range m.Renames {
+				sql += fmt.Sprintf("CHANGE COLUMN `%s` `%s` %s %s %s %s %s", column.OldName, column.NewName, column.DataType, column.Unsign, column.Null, column.Inc, column.Default)
+				if len(m.Renames) > index+1 {
+					sql += ","
+				}
+			}
+
+			for index, foreign := range m.Foreigns {
+				sql += fmt.Sprintf("ADD `%s` %s %s %s %s %s", foreign.Name, foreign.DataType, foreign.Unsign, foreign.Null, foreign.Inc, foreign.Default)
+				sql += fmt.Sprintf(",\n ADD KEY  `%s_%s_foreign`(`%s`)", m.TableName, foreign.Column.Name, foreign.Column.Name)
+				sql += fmt.Sprintf(",\n ADD CONSTRAINT  `%s_%s_foreign` FOREIGN KEY (`%s`) REFERENCES `%s` (`%s`)  %s %s", m.TableName, foreign.Column.Name, foreign.Column.Name, foreign.ForeignTable, foreign.ForeignColumn, foreign.OnDelete, foreign.OnUpdate)
+				if len(m.Foreigns) > index+1 {
+					sql += ","
+				}
+			}
+			sql += ";"
+
+			break
+		}
+	case "reverse":
+		{
+
+			sql += fmt.Sprintf("ALTER TABLE `%s`", m.TableName)
+			for index, column := range m.Columns {
+				if column.remove {
+					sql += fmt.Sprintf("\n ADD `%s` %s %s %s %s %s", column.Name, column.DataType, column.Unsign, column.Null, column.Inc, column.Default)
+				} else {
+					sql += fmt.Sprintf("\n DROP COLUMN `%s`", column.Name)
+				}
+				if len(m.Columns) > index+1 {
+					sql += ","
+				}
+			}
+
+			if len(m.Primary) > 0 {
+				sql += fmt.Sprintf("\n DROP PRIMARY KEY,")
+			}
+
+			for index, unique := range m.Uniques {
+				sql += fmt.Sprintf("\n DROP KEY `%s`", unique.Definition)
+				if len(m.Uniques) > index+1 {
+					sql += ","
+				}
+
+			}
+			for index, column := range m.Renames {
+				sql += fmt.Sprintf("\n CHANGE COLUMN `%s` `%s` %s %s %s %s", column.NewName, column.OldName, column.OldDataType, column.OldUnsign, column.OldNull, column.OldDefault)
+				if len(m.Renames) > index+1 {
+					sql += ","
+				}
+			}
+
+			for _, foreign := range m.Foreigns {
+				sql += fmt.Sprintf("\n DROP KEY  `%s_%s_foreign`", m.TableName, foreign.Column.Name)
+				sql += fmt.Sprintf(",\n DROP FOREIGN KEY  `%s_%s_foreign`", m.TableName, foreign.Column.Name)
+				sql += fmt.Sprintf(",\n DROP COLUMN `%s`", foreign.Name)
+			}
+			sql += ";"
+		}
+	case "delete":
+		{
+			sql += fmt.Sprintf("DROP TABLE IF EXISTS `%s`;", m.TableName)
+		}
+	}
+
+	return
 }
--- a/migration/doc.go
+++ b/migration/doc.go
@ -0,0 +1,32 @@
+// Package migration enables you to generate migrations back and forth. It generates both migrations.
+//
+// //Creates a table
+// m.CreateTable("tablename","InnoDB","utf8");
+//
+// //Alter a table
+// m.AlterTable("tablename")
+//
+// Standard Column Methods
+// * SetDataType
+// * SetNullable
+// * SetDefault
+// * SetUnsigned (use only on integer types unless produces error)
+//
+// //Sets a primary column, multiple calls allowed, standard column methods available
+// m.PriCol("id").SetAuto(true).SetNullable(false).SetDataType("INT(10)").SetUnsigned(true)
+//
+// //UniCol Can be used multiple times, allows standard Column methods. Use same "index" string to add to same index
+// m.UniCol("index","column")
+//
+// //Standard Column Initialisation, can call .Remove() after NewCol("") on alter to remove
+// m.NewCol("name").SetDataType("VARCHAR(255) COLLATE utf8_unicode_ci").SetNullable(false)
+// m.NewCol("value").SetDataType("DOUBLE(8,2)").SetNullable(false)
+//
+// //Rename Columns , only use with Alter table, doesn't works with Create, prefix standard column methods with "Old" to
+// //create a true reversible migration eg: SetOldDataType("DOUBLE(12,3)")
+// m.RenameColumn("from","to")...
+//
+// //Foreign Columns, single columns are only supported, SetOnDelete & SetOnUpdate are available, call appropriately.
+// //Supports standard column methods, automatic reverse.
+// m.ForeignCol("local_col","foreign_col","foreign_table")
+package migration
--- a/migration/migration.go
+++ b/migration/migration.go
@ -52,6 +52,26 @@ type Migrationer interface {
 	GetCreated() int64
 }

+//Migration defines the migrations by either SQL or DDL
+type Migration struct {
+	sqls           []string
+	Created        string
+	TableName      string
+	Engine         string
+	Charset        string
+	ModifyType     string
+	Columns        []*Column
+	Indexes        []*Index
+	Primary        []*Column
+	Uniques        []*Unique
+	Foreigns       []*Foreign
+	Renames        []*RenameColumn
+	RemoveColumns  []*Column
+	RemoveIndexes  []*Index
+	RemoveUniques  []*Unique
+	RemoveForeigns []*Foreign
+}
+
 var (
 	migrationMap map[string]Migrationer
 )
@ -60,20 +80,34 @@ func init() {
 	migrationMap = make(map[string]Migrationer)
 }

-// Migration the basic type which will implement the basic type
-type Migration struct {
-	sqls    []string
-	Created string
-}
-
 // Up implement in the Inheritance struct for upgrade
 func (m *Migration) Up() {

+	switch m.ModifyType {
+	case "reverse":
+		m.ModifyType = "alter"
+	case "delete":
+		m.ModifyType = "create"
+	}
+	m.sqls = append(m.sqls, m.GetSQL())
 }

 // Down implement in the Inheritance struct for down
 func (m *Migration) Down() {

+	switch m.ModifyType {
+	case "alter":
+		m.ModifyType = "reverse"
+	case "create":
+		m.ModifyType = "delete"
+	}
+	m.sqls = append(m.sqls, m.GetSQL())
+}
+
+//Migrate adds the SQL to the execution list
+func (m *Migration) Migrate(migrationType string) {
+	m.ModifyType = migrationType
+	m.sqls = append(m.sqls, m.GetSQL())
 }

 // SQL add sql want to execute
@ -138,7 +172,7 @@ func Register(name string, m Migrationer) error {
 	return nil
 }

-// Upgrade upgrate the migration from lasttime
+// Upgrade upgrade the migration from lasttime
 func Upgrade(lasttime int64) error {
 	sm := sortMap(migrationMap)
 	i := 0
--- a/orm/README.md
+++ b/orm/README.md
@ -61,6 +61,9 @@ func init() {

 	// set default database
 	orm.RegisterDataBase("default", "mysql", "root:root@/my_db?charset=utf8", 30)
+	
+	// create table
+	orm.RunSyncdb("default", false, true)	
 }

 func main() {
--- a/orm/cmd_utils.go
+++ b/orm/cmd_utils.go
@ -51,12 +51,14 @@ checkColumn:
 	switch fieldType {
 	case TypeBooleanField:
 		col = T["bool"]
-	case TypeCharField:
+	case TypeVarCharField:
 		if al.Driver == DRPostgres && fi.toText {
 			col = T["string-text"]
 		} else {
 			col = fmt.Sprintf(T["string"], fieldSize)
 		}
+	case TypeCharField:
+		col = fmt.Sprintf(T["string-char"], fieldSize)
 	case TypeTextField:
 		col = T["string-text"]
 	case TypeTimeField:
@ -96,13 +98,13 @@ checkColumn:
 		}
 	case TypeJSONField:
 		if al.Driver != DRPostgres {
-			fieldType = TypeCharField
+			fieldType = TypeVarCharField
 			goto checkColumn
 		}
 		col = T["json"]
 	case TypeJsonbField:
 		if al.Driver != DRPostgres {
-			fieldType = TypeCharField
+			fieldType = TypeVarCharField
 			goto checkColumn
 		}
 		col = T["jsonb"]
@ -195,6 +197,10 @@ func getDbCreateSQL(al *alias) (sqls []string, tableIndexes map[string][]dbIndex
 			if strings.Contains(column, "%COL%") {
 				column = strings.Replace(column, "%COL%", fi.column, -1)
 			}
+			
+			if fi.description != "" {
+				column += " " + fmt.Sprintf("COMMENT '%s'",fi.description)
+			}

 			columns = append(columns, column)
 		}
--- a/orm/db.go
+++ b/orm/db.go
@ -142,7 +142,7 @@ func (d *dbBase) collectFieldValue(mi *modelInfo, fi *fieldInfo, ind reflect.Val
 				} else {
 					value = field.Bool()
 				}
-			case TypeCharField, TypeTextField, TypeJSONField, TypeJsonbField:
+			case TypeVarCharField, TypeCharField, TypeTextField, TypeJSONField, TypeJsonbField:
 				if ns, ok := field.Interface().(sql.NullString); ok {
 					value = nil
 					if ns.Valid {
@ -536,6 +536,8 @@ func (d *dbBase) InsertOrUpdate(q dbQuerier, mi *modelInfo, ind reflect.Value, a
 	updates := make([]string, len(names))
 	var conflitValue interface{}
 	for i, v := range names {
+		// identifier in database may not be case-sensitive, so quote it
+		v = fmt.Sprintf("%s%s%s", Q, v, Q)
 		marks[i] = "?"
 		valueStr := argsMap[strings.ToLower(v)]
 		if v == args0 {
@ -833,7 +835,11 @@ func (d *dbBase) DeleteBatch(q dbQuerier, qs *querySet, mi *modelInfo, cond *Con
 		if err := rs.Scan(&ref); err != nil {
 			return 0, err
 		}
-		args = append(args, reflect.ValueOf(ref).Interface())
+		pkValue, err := d.convertValueFromDB(mi.fields.pk, reflect.ValueOf(ref).Interface(), tz)
+		if err != nil {
+			return 0, err
+		}
+		args = append(args, pkValue)
 		cnt++
 	}

@ -965,6 +971,10 @@ func (d *dbBase) ReadBatch(q dbQuerier, qs *querySet, mi *modelInfo, cond *Condi
 	}
 	query := fmt.Sprintf("%s %s FROM %s%s%s T0 %s%s%s%s%s", sqlSelect, sels, Q, mi.table, Q, join, where, groupBy, orderBy, limit)

+	if qs.forupdate {
+		query += " FOR UPDATE"
+	}
+
 	d.ins.ReplaceMarks(&query)

 	var rs *sql.Rows
@ -1236,7 +1246,7 @@ setValue:
 			}
 			value = b
 		}
-	case fieldType == TypeCharField || fieldType == TypeTextField || fieldType == TypeJSONField || fieldType == TypeJsonbField:
+	case fieldType == TypeVarCharField || fieldType == TypeCharField || fieldType == TypeTextField || fieldType == TypeJSONField || fieldType == TypeJsonbField:
 		if str == nil {
 			value = ToStr(val)
 		} else {
@ -1382,7 +1392,7 @@ setValue:
 				field.SetBool(value.(bool))
 			}
 		}
-	case fieldType == TypeCharField || fieldType == TypeTextField || fieldType == TypeJSONField || fieldType == TypeJsonbField:
+	case fieldType == TypeVarCharField || fieldType == TypeCharField || fieldType == TypeTextField || fieldType == TypeJSONField || fieldType == TypeJsonbField:
 		if isNative {
 			if ns, ok := field.Interface().(sql.NullString); ok {
 				if value == nil {
--- a/orm/db_alias.go
+++ b/orm/db_alias.go
@ -119,7 +119,7 @@ type alias struct {
 func detectTZ(al *alias) {
 	// orm timezone system match database
 	// default use Local
-	al.TZ = time.Local
+	al.TZ = DefaultTimeLoc

 	if al.DriverName == "sphinx" {
 		return
@ -136,7 +136,9 @@ func detectTZ(al *alias) {
 			}
 			t, err := time.Parse("-07:00:00", tz)
 			if err == nil {
-				al.TZ = t.Location()
+				if t.Location().String() != "" {
+					al.TZ = t.Location()
+				}
 			} else {
 				DebugLog.Printf("Detect DB timezone: %s %s\n", tz, err.Error())
 			}
--- a/orm/db_mysql.go
+++ b/orm/db_mysql.go
@ -46,6 +46,7 @@ var mysqlTypes = map[string]string{
 	"pk":              "NOT NULL PRIMARY KEY",
 	"bool":            "bool",
 	"string":          "varchar(%d)",
+	"string-char":     "char(%d)",
 	"string-text":     "longtext",
 	"time.Time-date":  "date",
 	"time.Time":       "datetime",
--- a/orm/db_oracle.go
+++ b/orm/db_oracle.go
@ -34,6 +34,7 @@ var oracleTypes = map[string]string{
 	"pk":              "NOT NULL PRIMARY KEY",
 	"bool":            "bool",
 	"string":          "VARCHAR2(%d)",
+	"string-char":     "CHAR(%d)",
 	"string-text":     "VARCHAR2(%d)",
 	"time.Time-date":  "DATE",
 	"time.Time":       "TIMESTAMP",
@ -94,3 +95,43 @@ func (d *dbBaseOracle) IndexExists(db dbQuerier, table string, name string) bool
 	row.Scan(&cnt)
 	return cnt > 0
 }
+
+// execute insert sql with given struct and given values.
+// insert the given values, not the field values in struct.
+func (d *dbBaseOracle) InsertValue(q dbQuerier, mi *modelInfo, isMulti bool, names []string, values []interface{}) (int64, error) {
+	Q := d.ins.TableQuote()
+
+	marks := make([]string, len(names))
+	for i := range marks {
+		marks[i] = ":" + names[i]
+	}
+
+	sep := fmt.Sprintf("%s, %s", Q, Q)
+	qmarks := strings.Join(marks, ", ")
+	columns := strings.Join(names, sep)
+
+	multi := len(values) / len(names)
+
+	if isMulti {
+		qmarks = strings.Repeat(qmarks+"), (", multi-1) + qmarks
+	}
+
+	query := fmt.Sprintf("INSERT INTO %s%s%s (%s%s%s) VALUES (%s)", Q, mi.table, Q, Q, columns, Q, qmarks)
+
+	d.ins.ReplaceMarks(&query)
+
+	if isMulti || !d.ins.HasReturningID(mi, &query) {
+		res, err := q.Exec(query, values...)
+		if err == nil {
+			if isMulti {
+				return res.RowsAffected()
+			}
+			return res.LastInsertId()
+		}
+		return 0, err
+	}
+	row := q.QueryRow(query, values...)
+	var id int64
+	err := row.Scan(&id)
+	return id, err
+}
--- a/orm/db_postgres.go
+++ b/orm/db_postgres.go
@ -43,6 +43,7 @@ var postgresTypes = map[string]string{
 	"pk":              "NOT NULL PRIMARY KEY",
 	"bool":            "bool",
 	"string":          "varchar(%d)",
+	"string-char":     "char(%d)",
 	"string-text":     "text",
 	"time.Time-date":  "date",
 	"time.Time":       "timestamp with time zone",
--- a/orm/db_sqlite.go
+++ b/orm/db_sqlite.go
@ -43,6 +43,7 @@ var sqliteTypes = map[string]string{
 	"pk":              "NOT NULL PRIMARY KEY",
 	"bool":            "bool",
 	"string":          "varchar(%d)",
+	"string-char":     "character(%d)",
 	"string-text":     "text",
 	"time.Time-date":  "date",
 	"time.Time":       "datetime",
--- a/orm/models.go
+++ b/orm/models.go
@ -52,7 +52,7 @@ func (mc *_modelCache) all() map[string]*modelInfo {
 	return m
 }

-// get orderd model info
+// get ordered model info
 func (mc *_modelCache) allOrdered() []*modelInfo {
 	m := make([]*modelInfo, 0, len(mc.orders))
 	for _, table := range mc.orders {
--- a/orm/models_boot.go
+++ b/orm/models_boot.go
@ -75,7 +75,7 @@ func registerModel(PrefixOrSuffix string, model interface{}, isPrefix bool) {
 		}

 		if mi.fields.pk == nil {
-			fmt.Printf("<orm.RegisterModel> `%s` need a primary key field, default use 'id' if not set\n", name)
+			fmt.Printf("<orm.RegisterModel> `%s` needs a primary key field, default is to use 'id' if not set\n", name)
 			os.Exit(2)
 		}

@ -89,7 +89,7 @@ func registerModel(PrefixOrSuffix string, model interface{}, isPrefix bool) {
 	modelCache.set(table, mi)
 }

-// boostrap models
+// bootstrap models
 func bootStrap() {
 	if modelCache.done {
 		return
@ -332,7 +332,7 @@ func RegisterModelWithSuffix(suffix string, models ...interface{}) {
 	}
 }

-// BootStrap bootrap models.
+// BootStrap bootstrap models.
 // make all model parsed and can not add more models
 func BootStrap() {
 	if modelCache.done {
--- a/orm/models_fields.go
+++ b/orm/models_fields.go
@ -23,6 +23,7 @@ import (
 // Define the Type enum
 const (
 	TypeBooleanField = 1 << iota
+	TypeVarCharField
 	TypeCharField
 	TypeTextField
 	TypeTimeField
@ -49,9 +50,9 @@ const (

 // Define some logic enum
 const (
-	IsIntegerField         = ^-TypePositiveBigIntegerField >> 5 << 6
-	IsPositiveIntegerField = ^-TypePositiveBigIntegerField >> 9 << 10
-	IsRelField             = ^-RelReverseMany >> 17 << 18
+	IsIntegerField         = ^-TypePositiveBigIntegerField >> 6 << 7
+	IsPositiveIntegerField = ^-TypePositiveBigIntegerField >> 10 << 11
+	IsRelField             = ^-RelReverseMany >> 18 << 19
 	IsFieldType            = ^-RelReverseMany<<1 + 1
 )

@ -85,7 +86,7 @@ func (e *BooleanField) SetRaw(value interface{}) error {
 		e.Set(d)
 	case string:
 		v, err := StrTo(d).Bool()
-		if err != nil {
+		if err == nil {
 			e.Set(v)
 		}
 		return err
@ -126,7 +127,7 @@ func (e *CharField) String() string {

 // FieldType return the enum type
 func (e *CharField) FieldType() int {
-	return TypeCharField
+	return TypeVarCharField
 }

 // SetRaw set the interface to string
@ -190,7 +191,7 @@ func (e *TimeField) SetRaw(value interface{}) error {
 		e.Set(d)
 	case string:
 		v, err := timeParse(d, formatTime)
-		if err != nil {
+		if err == nil {
 			e.Set(v)
 		}
 		return err
@ -232,7 +233,7 @@ func (e *DateField) Set(d time.Time) {
 	*e = DateField(d)
 }

-// String convert datatime to string
+// String convert datetime to string
 func (e *DateField) String() string {
 	return e.Value().String()
 }
@ -249,7 +250,7 @@ func (e *DateField) SetRaw(value interface{}) error {
 		e.Set(d)
 	case string:
 		v, err := timeParse(d, formatDate)
-		if err != nil {
+		if err == nil {
 			e.Set(v)
 		}
 		return err
@ -272,12 +273,12 @@ var _ Fielder = new(DateField)
 // Takes the same extra arguments as DateField.
 type DateTimeField time.Time

-// Value return the datatime value
+// Value return the datetime value
 func (e DateTimeField) Value() time.Time {
 	return time.Time(e)
 }

-// Set set the time.Time to datatime
+// Set set the time.Time to datetime
 func (e *DateTimeField) Set(d time.Time) {
 	*e = DateTimeField(d)
 }
@ -299,7 +300,7 @@ func (e *DateTimeField) SetRaw(value interface{}) error {
 		e.Set(d)
 	case string:
 		v, err := timeParse(d, formatDateTime)
-		if err != nil {
+		if err == nil {
 			e.Set(v)
 		}
 		return err
@ -309,12 +310,12 @@ func (e *DateTimeField) SetRaw(value interface{}) error {
 	return nil
 }

-// RawValue return the datatime value
+// RawValue return the datetime value
 func (e *DateTimeField) RawValue() interface{} {
 	return e.Value()
 }

-// verify datatime implement fielder
+// verify datetime implement fielder
 var _ Fielder = new(DateTimeField)

 // FloatField A floating-point number represented in go by a float32 value.
@ -349,9 +350,10 @@ func (e *FloatField) SetRaw(value interface{}) error {
 		e.Set(d)
 	case string:
 		v, err := StrTo(d).Float64()
-		if err != nil {
+		if err == nil {
 			e.Set(v)
 		}
+		return err
 	default:
 		return fmt.Errorf("<FloatField.SetRaw> unknown value `%s`", value)
 	}
@ -396,9 +398,10 @@ func (e *SmallIntegerField) SetRaw(value interface{}) error {
 		e.Set(d)
 	case string:
 		v, err := StrTo(d).Int16()
-		if err != nil {
+		if err == nil {
 			e.Set(v)
 		}
+		return err
 	default:
 		return fmt.Errorf("<SmallIntegerField.SetRaw> unknown value `%s`", value)
 	}
@ -443,9 +446,10 @@ func (e *IntegerField) SetRaw(value interface{}) error {
 		e.Set(d)
 	case string:
 		v, err := StrTo(d).Int32()
-		if err != nil {
+		if err == nil {
 			e.Set(v)
 		}
+		return err
 	default:
 		return fmt.Errorf("<IntegerField.SetRaw> unknown value `%s`", value)
 	}
@ -490,9 +494,10 @@ func (e *BigIntegerField) SetRaw(value interface{}) error {
 		e.Set(d)
 	case string:
 		v, err := StrTo(d).Int64()
-		if err != nil {
+		if err == nil {
 			e.Set(v)
 		}
+		return err
 	default:
 		return fmt.Errorf("<BigIntegerField.SetRaw> unknown value `%s`", value)
 	}
@ -537,9 +542,10 @@ func (e *PositiveSmallIntegerField) SetRaw(value interface{}) error {
 		e.Set(d)
 	case string:
 		v, err := StrTo(d).Uint16()
-		if err != nil {
+		if err == nil {
 			e.Set(v)
 		}
+		return err
 	default:
 		return fmt.Errorf("<PositiveSmallIntegerField.SetRaw> unknown value `%s`", value)
 	}
@ -584,9 +590,10 @@ func (e *PositiveIntegerField) SetRaw(value interface{}) error {
 		e.Set(d)
 	case string:
 		v, err := StrTo(d).Uint32()
-		if err != nil {
+		if err == nil {
 			e.Set(v)
 		}
+		return err
 	default:
 		return fmt.Errorf("<PositiveIntegerField.SetRaw> unknown value `%s`", value)
 	}
@ -631,9 +638,10 @@ func (e *PositiveBigIntegerField) SetRaw(value interface{}) error {
 		e.Set(d)
 	case string:
 		v, err := StrTo(d).Uint64()
-		if err != nil {
+		if err == nil {
 			e.Set(v)
 		}
+		return err
 	default:
 		return fmt.Errorf("<PositiveBigIntegerField.SetRaw> unknown value `%s`", value)
 	}
--- a/orm/models_info_f.go
+++ b/orm/models_info_f.go
@ -136,6 +136,7 @@ type fieldInfo struct {
 	decimals            int
 	isFielder           bool // implement Fielder interface
 	onDelete            string
+	description         string
 }

 // new field info
@ -244,8 +245,10 @@ checkType:
 		if err != nil {
 			goto end
 		}
-		if fieldType == TypeCharField {
+		if fieldType == TypeVarCharField {
 			switch tags["type"] {
+			case "char":
+				fieldType = TypeCharField
 			case "text":
 				fieldType = TypeTextField
 			case "json":
@ -298,6 +301,7 @@ checkType:
 	fi.sf = sf
 	fi.fullName = mi.fullName + mName + "." + sf.Name

+	fi.description = sf.Tag.Get("description")
 	fi.null = attrs["null"]
 	fi.index = attrs["index"]
 	fi.auto = attrs["auto"]
@ -357,7 +361,7 @@ checkType:

 	switch fieldType {
 	case TypeBooleanField:
-	case TypeCharField, TypeJSONField, TypeJsonbField:
+	case TypeVarCharField, TypeCharField, TypeJSONField, TypeJsonbField:
 		if size != "" {
 			v, e := StrTo(size).Int32()
 			if e != nil {
--- a/orm/models_info_m.go
+++ b/orm/models_info_m.go
@ -75,7 +75,8 @@ func addModelFields(mi *modelInfo, ind reflect.Value, mName string, index []int)
 			break
 		}
 		//record current field index
-		fi.fieldIndex = append(index, i)
+		fi.fieldIndex = append(fi.fieldIndex, index...)
+		fi.fieldIndex = append(fi.fieldIndex, i)
 		fi.mi = mi
 		fi.inModel = true
 		if !mi.fields.Add(fi) {
--- a/orm/models_test.go
+++ b/orm/models_test.go
@ -49,7 +49,7 @@ func (e *SliceStringField) String() string {
 }

 func (e *SliceStringField) FieldType() int {
-	return TypeCharField
+	return TypeVarCharField
 }

 func (e *SliceStringField) SetRaw(value interface{}) error {
@ -433,53 +433,57 @@ var (
 	dDbBaser dbBaser
 )

+var (
+	helpinfo = `need driver and source!
+
+	Default DB Drivers.
+	
+	  driver: url
+	   mysql: https://github.com/go-sql-driver/mysql
+	 sqlite3: https://github.com/mattn/go-sqlite3
+	postgres: https://github.com/lib/pq
+	tidb: https://github.com/pingcap/tidb
+	
+	usage:
+	
+	go get -u github.com/astaxie/beego/orm
+	go get -u github.com/go-sql-driver/mysql
+	go get -u github.com/mattn/go-sqlite3
+	go get -u github.com/lib/pq
+	go get -u github.com/pingcap/tidb
+	
+	#### MySQL
+	mysql -u root -e 'create database orm_test;'
+	export ORM_DRIVER=mysql
+	export ORM_SOURCE="root:@/orm_test?charset=utf8"
+	go test -v github.com/astaxie/beego/orm
+	
+	
+	#### Sqlite3
+	export ORM_DRIVER=sqlite3
+	export ORM_SOURCE='file:memory_test?mode=memory'
+	go test -v github.com/astaxie/beego/orm
+	
+	
+	#### PostgreSQL
+	psql -c 'create database orm_test;' -U postgres
+	export ORM_DRIVER=postgres
+	export ORM_SOURCE="user=postgres dbname=orm_test sslmode=disable"
+	go test -v github.com/astaxie/beego/orm
+	
+	#### TiDB
+	export ORM_DRIVER=tidb
+	export ORM_SOURCE='memory://test/test'
+	go test -v github.com/astaxie/beego/orm
+	
+	`
+)
+
 func init() {
 	Debug, _ = StrTo(DBARGS.Debug).Bool()

 	if DBARGS.Driver == "" || DBARGS.Source == "" {
-		fmt.Println(`need driver and source!
-
-Default DB Drivers.
-
-  driver: url
-   mysql: https://github.com/go-sql-driver/mysql
- sqlite3: https://github.com/mattn/go-sqlite3
-postgres: https://github.com/lib/pq
-tidb: https://github.com/pingcap/tidb
-
-usage:
-
-go get -u github.com/astaxie/beego/orm
-go get -u github.com/go-sql-driver/mysql
-go get -u github.com/mattn/go-sqlite3
-go get -u github.com/lib/pq
-go get -u github.com/pingcap/tidb
-
-#### MySQL
-mysql -u root -e 'create database orm_test;'
-export ORM_DRIVER=mysql
-export ORM_SOURCE="root:@/orm_test?charset=utf8"
-go test -v github.com/astaxie/beego/orm
-
-
-#### Sqlite3
-export ORM_DRIVER=sqlite3
-export ORM_SOURCE='file:memory_test?mode=memory'
-go test -v github.com/astaxie/beego/orm
-
-
-#### PostgreSQL
-psql -c 'create database orm_test;' -U postgres
-export ORM_DRIVER=postgres
-export ORM_SOURCE="user=postgres dbname=orm_test sslmode=disable"
-go test -v github.com/astaxie/beego/orm
-
-#### TiDB
-export ORM_DRIVER=tidb
-export ORM_SOURCE='memory://test/test'
-go test -v github.com/astaxie/beego/orm
-
-`)
+		fmt.Println(helpinfo)
 		os.Exit(2)
 	}

--- a/orm/models_utils.go
+++ b/orm/models_utils.go
@ -149,7 +149,7 @@ func getFieldType(val reflect.Value) (ft int, err error) {
 	case reflect.TypeOf(new(bool)):
 		ft = TypeBooleanField
 	case reflect.TypeOf(new(string)):
-		ft = TypeCharField
+		ft = TypeVarCharField
 	case reflect.TypeOf(new(time.Time)):
 		ft = TypeDateTimeField
 	default:
@ -176,7 +176,7 @@ func getFieldType(val reflect.Value) (ft int, err error) {
 		case reflect.Bool:
 			ft = TypeBooleanField
 		case reflect.String:
-			ft = TypeCharField
+			ft = TypeVarCharField
 		default:
 			if elm.Interface() == nil {
 				panic(fmt.Errorf("%s is nil pointer, may be miss setting tag", val))
@ -189,7 +189,7 @@ func getFieldType(val reflect.Value) (ft int, err error) {
 			case sql.NullBool:
 				ft = TypeBooleanField
 			case sql.NullString:
-				ft = TypeCharField
+				ft = TypeVarCharField
 			case time.Time:
 				ft = TypeDateTimeField
 			}
--- a/orm/orm.go
+++ b/orm/orm.go
@ -12,6 +12,8 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.

+// +build go1.8
+
 // Package orm provide ORM for MySQL/PostgreSQL/sqlite
 // Simple Usage
 //
@ -52,6 +54,7 @@
 package orm

 import (
+	"context"
 	"database/sql"
 	"errors"
 	"fmt"
@ -107,7 +110,7 @@ func (o *orm) getMiInd(md interface{}, needPtr bool) (mi *modelInfo, ind reflect
 	if mi, ok := modelCache.getByFullName(name); ok {
 		return mi, ind
 	}
-	panic(fmt.Errorf("<Ormer> table: `%s` not found, maybe not RegisterModel", name))
+	panic(fmt.Errorf("<Ormer> table: `%s` not found, make sure it was registered with `RegisterModel()`", name))
 }

 // get field info from model info by given field name
@ -458,11 +461,15 @@ func (o *orm) Using(name string) error {

 // begin transaction
 func (o *orm) Begin() error {
+	return o.BeginTx(context.Background(), nil)
+}
+
+func (o *orm) BeginTx(ctx context.Context, opts *sql.TxOptions) error {
 	if o.isTx {
 		return ErrTxHasBegan
 	}
 	var tx *sql.Tx
-	tx, err := o.db.(txer).Begin()
+	tx, err := o.db.(txer).BeginTx(ctx, opts)
 	if err != nil {
 		return err
 	}
--- a/orm/orm_log.go
+++ b/orm/orm_log.go
@ -15,6 +15,7 @@
 package orm

 import (
+	"context"
 	"database/sql"
 	"fmt"
 	"io"
@ -150,6 +151,13 @@ func (d *dbQueryLog) Begin() (*sql.Tx, error) {
 	return tx, err
 }

+func (d *dbQueryLog) BeginTx(ctx context.Context, opts *sql.TxOptions) (*sql.Tx, error) {
+	a := time.Now()
+	tx, err := d.db.(txer).BeginTx(ctx, opts)
+	debugLogQueies(d.alias, "db.BeginTx", "START TRANSACTION", a, err)
+	return tx, err
+}
+
 func (d *dbQueryLog) Commit() error {
 	a := time.Now()
 	err := d.db.(txEnder).Commit()
--- a/orm/orm_queryset.go
+++ b/orm/orm_queryset.go
@ -55,16 +55,17 @@ func ColValue(opt operator, value interface{}) interface{} {

 // real query struct
 type querySet struct {
-	mi       *modelInfo
-	cond     *Condition
-	related  []string
-	relDepth int
-	limit    int64
-	offset   int64
-	groups   []string
-	orders   []string
-	distinct bool
-	orm      *orm
+	mi        *modelInfo
+	cond      *Condition
+	related   []string
+	relDepth  int
+	limit     int64
+	offset    int64
+	groups    []string
+	orders    []string
+	distinct  bool
+	forupdate bool
+	orm       *orm
 }

 var _ QuerySeter = new(querySet)
@ -127,6 +128,12 @@ func (o querySet) Distinct() QuerySeter {
 	return &o
 }

+// add FOR UPDATE to SELECT
+func (o querySet) ForUpdate() QuerySeter {
+	o.forupdate = true
+	return &o
+}
+
 // set relation model to query together.
 // it will query relation models and assign to parent model.
 func (o querySet) RelatedSel(params ...interface{}) QuerySeter {
@ -191,7 +198,11 @@ func (o *querySet) PrepareInsert() (Inserter, error) {
 // query all data and map to containers.
 // cols means the columns when querying.
 func (o *querySet) All(container interface{}, cols ...string) (int64, error) {
-	return o.orm.alias.DbBaser.ReadBatch(o.orm.db, o, o.mi, o.cond, container, o.orm.alias.TZ, cols)
+	num, err := o.orm.alias.DbBaser.ReadBatch(o.orm.db, o, o.mi, o.cond, container, o.orm.alias.TZ, cols)
+	if num == 0 {
+		return 0, ErrNoRows
+	}
+	return num, err
 }

 // query one row data and map to containers.
--- a/orm/orm_raw.go
+++ b/orm/orm_raw.go
@ -493,19 +493,33 @@ func (o *rawSet) QueryRows(containers ...interface{}) (int64, error) {
 					}
 				}
 			} else {
-				for i := 0; i < ind.NumField(); i++ {
-					f := ind.Field(i)
-					fe := ind.Type().Field(i)
-					_, tags := parseStructTag(fe.Tag.Get(defaultStructTagName))
-					var col string
-					if col = tags["column"]; col == "" {
-						col = snakeString(fe.Name)
-					}
-					if v, ok := columnsMp[col]; ok {
-						value := reflect.ValueOf(v).Elem().Interface()
-						o.setFieldValue(f, value)
+				// define recursive function
+				var recursiveSetField func(rv reflect.Value)
+				recursiveSetField = func(rv reflect.Value) {
+					for i := 0; i < rv.NumField(); i++ {
+						f := rv.Field(i)
+						fe := rv.Type().Field(i)
+
+						// check if the field is a Struct
+						// recursive the Struct type
+						if fe.Type.Kind() == reflect.Struct {
+							recursiveSetField(f)
+						}
+
+						_, tags := parseStructTag(fe.Tag.Get(defaultStructTagName))
+						var col string
+						if col = tags["column"]; col == "" {
+							col = snakeString(fe.Name)
+						}
+						if v, ok := columnsMp[col]; ok {
+							value := reflect.ValueOf(v).Elem().Interface()
+							o.setFieldValue(f, value)
+						}
 					}
 				}
+
+				// init call the recursive function
+				recursiveSetField(ind)
 			}

 			if eTyps[0].Kind() == reflect.Ptr {
--- a/orm/orm_test.go
+++ b/orm/orm_test.go
@ -12,10 +12,13 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.

+// +build go1.8
+
 package orm

 import (
 	"bytes"
+	"context"
 	"database/sql"
 	"fmt"
 	"io/ioutil"
@ -452,9 +455,9 @@ func TestNullDataTypes(t *testing.T) {
 	throwFail(t, AssertIs(*d.Float32Ptr, float32Ptr))
 	throwFail(t, AssertIs(*d.Float64Ptr, float64Ptr))
 	throwFail(t, AssertIs(*d.DecimalPtr, decimalPtr))
-	throwFail(t, AssertIs((*d.TimePtr).Format(testTime), timePtr.Format(testTime)))
-	throwFail(t, AssertIs((*d.DatePtr).Format(testDate), datePtr.Format(testDate)))
-	throwFail(t, AssertIs((*d.DateTimePtr).Format(testDateTime), dateTimePtr.Format(testDateTime)))
+	throwFail(t, AssertIs((*d.TimePtr).UTC().Format(testTime), timePtr.UTC().Format(testTime)))
+	throwFail(t, AssertIs((*d.DatePtr).UTC().Format(testDate), datePtr.UTC().Format(testDate)))
+	throwFail(t, AssertIs((*d.DateTimePtr).UTC().Format(testDateTime), dateTimePtr.UTC().Format(testDateTime)))
 }

 func TestDataCustomTypes(t *testing.T) {
@ -1008,13 +1011,13 @@ func TestAll(t *testing.T) {

 	qs = dORM.QueryTable("user")
 	num, err = qs.Filter("user_name", "nothing").All(&users)
-	throwFailNow(t, err)
+	throwFailNow(t, AssertIs(err, ErrNoRows))
 	throwFailNow(t, AssertIs(num, 0))

 	var users3 []*User
 	qs = dORM.QueryTable("user")
 	num, err = qs.Filter("user_name", "nothing").All(&users3)
-	throwFailNow(t, err)
+	throwFailNow(t, AssertIs(err, ErrNoRows))
 	throwFailNow(t, AssertIs(num, 0))
 	throwFailNow(t, AssertIs(users3 == nil, false))
 }
@ -1661,6 +1664,13 @@ func TestRawQueryRow(t *testing.T) {
 	throwFail(t, AssertIs(pid, nil))
 }

+// user_profile table
+type userProfile struct {
+	User
+	Age   int
+	Money float64
+}
+
 func TestQueryRows(t *testing.T) {
 	Q := dDbBaser.TableQuote()

@ -1731,6 +1741,19 @@ func TestQueryRows(t *testing.T) {
 	throwFailNow(t, AssertIs(usernames[1], "astaxie"))
 	throwFailNow(t, AssertIs(ids[2], 4))
 	throwFailNow(t, AssertIs(usernames[2], "nobody"))
+
+	//test query rows by nested struct
+	var l []userProfile
+	query = fmt.Sprintf("SELECT * FROM %suser_profile%s LEFT JOIN %suser%s ON %suser_profile%s.%sid%s = %suser%s.%sid%s", Q, Q, Q, Q, Q, Q, Q, Q, Q, Q, Q, Q)
+	num, err = dORM.Raw(query).QueryRows(&l)
+	throwFailNow(t, err)
+	throwFailNow(t, AssertIs(num, 2))
+	throwFailNow(t, AssertIs(len(l), 2))
+	throwFailNow(t, AssertIs(l[0].UserName, "slene"))
+	throwFailNow(t, AssertIs(l[0].Age, 28))
+	throwFailNow(t, AssertIs(l[1].UserName, "astaxie"))
+	throwFailNow(t, AssertIs(l[1].Age, 30))
+
 }

 func TestRawValues(t *testing.T) {
@ -1970,6 +1993,66 @@ func TestTransaction(t *testing.T) {

 }

+func TestTransactionIsolationLevel(t *testing.T) {
+	// this test worked when database support transaction isolation level
+	if IsSqlite {
+		return
+	}
+
+	o1 := NewOrm()
+	o2 := NewOrm()
+
+	// start two transaction with isolation level repeatable read
+	err := o1.BeginTx(context.Background(), &sql.TxOptions{Isolation: sql.LevelRepeatableRead})
+	throwFail(t, err)
+	err = o2.BeginTx(context.Background(), &sql.TxOptions{Isolation: sql.LevelRepeatableRead})
+	throwFail(t, err)
+
+	// o1 insert tag
+	var tag Tag
+	tag.Name = "test-transaction"
+	id, err := o1.Insert(&tag)
+	throwFail(t, err)
+	throwFail(t, AssertIs(id > 0, true))
+
+	// o2 query tag table, no result
+	num, err := o2.QueryTable("tag").Filter("name", "test-transaction").Count()
+	throwFail(t, err)
+	throwFail(t, AssertIs(num, 0))
+
+	// o1 commit
+	o1.Commit()
+
+	// o2 query tag table, still no result
+	num, err = o2.QueryTable("tag").Filter("name", "test-transaction").Count()
+	throwFail(t, err)
+	throwFail(t, AssertIs(num, 0))
+
+	// o2 commit and query tag table, get the result
+	o2.Commit()
+	num, err = o2.QueryTable("tag").Filter("name", "test-transaction").Count()
+	throwFail(t, err)
+	throwFail(t, AssertIs(num, 1))
+
+	num, err = o1.QueryTable("tag").Filter("name", "test-transaction").Delete()
+	throwFail(t, err)
+	throwFail(t, AssertIs(num, 1))
+}
+
+func TestBeginTxWithContextCanceled(t *testing.T) {
+	o := NewOrm()
+	ctx, cancel := context.WithCancel(context.Background())
+	o.BeginTx(ctx, nil)
+	id, err := o.Insert(&Tag{Name: "test-context"})
+	throwFail(t, err)
+	throwFail(t, AssertIs(id > 0, true))
+
+	// cancel the context before commit to make it error
+	cancel()
+	err = o.Commit()
+	throwFail(t, AssertIs(err, context.Canceled))
+}
+
 func TestReadOrCreate(t *testing.T) {
 	u := &User{
 		UserName: "Kyle",
@ -2240,6 +2323,7 @@ func TestIgnoreCaseTag(t *testing.T) {
 	throwFail(t, AssertIs(info.fields.GetByName("Name02").column, "Name"))
 	throwFail(t, AssertIs(info.fields.GetByName("Name03").column, "name"))
 }
+
 func TestInsertOrUpdate(t *testing.T) {
 	RegisterModel(new(User))
 	user := User{UserName: "unique_username133", Status: 1, Password: "o"}
@ -2277,6 +2361,11 @@ func TestInsertOrUpdate(t *testing.T) {
 		throwFailNow(t, AssertIs(user2.Status, test.Status))
 		throwFailNow(t, AssertIs(user2.Password, strings.TrimSpace(test.Password)))
 	}
+
+	//postgres ON CONFLICT DO UPDATE SET can`t use colu=colu+values
+	if IsPostgres {
+		return
+	}
 	//test3 +
 	_, err = dORM.InsertOrUpdate(&user2, "user_name", "status=status+1")
 	if err != nil {
--- a/orm/types.go
+++ b/orm/types.go
@ -15,6 +15,7 @@
 package orm

 import (
+	"context"
 	"database/sql"
 	"reflect"
 	"time"
@ -106,6 +107,17 @@ type Ormer interface {
 	// 	...
 	// 	err = o.Rollback()
 	Begin() error
+	// begin transaction with provided context and option
+	// the provided context is used until the transaction is committed or rolled back.
+	// if the context is canceled, the transaction will be rolled back.
+	// the provided TxOptions is optional and may be nil if defaults should be used.
+	// if a non-default isolation level is used that the driver doesn't support, an error will be returned.
+	// for example:
+	//  o := NewOrm()
+	// 	err := o.BeginTx(context.Background(), &sql.TxOptions{Isolation: sql.LevelRepeatableRead})
+	//  ...
+	//  err = o.Rollback()
+	BeginTx(ctx context.Context, opts *sql.TxOptions) error
 	// commit transaction
 	Commit() error
 	// rollback transaction
@ -190,6 +202,10 @@ type QuerySeter interface {
 	//    Distinct().
 	//    All(&permissions)
 	Distinct() QuerySeter
+	// set FOR UPDATE to query.
+	// for example:
+	//  o.QueryTable("user").Filter("uid", uid).ForUpdate().All(&users)
+	ForUpdate() QuerySeter
 	// return QuerySeter execution result number
 	// for example:
 	//	num, err = qs.Filter("profile__age__gt", 28).Count()
@ -397,6 +413,7 @@ type dbQuerier interface {
 // transaction beginner
 type txer interface {
 	Begin() (*sql.Tx, error)
+	BeginTx(ctx context.Context, opts *sql.TxOptions) (*sql.Tx, error)
 }

 // transaction ending
--- a/parser.go
+++ b/parser.go
@ -24,9 +24,13 @@ import (
 	"io/ioutil"
 	"os"
 	"path/filepath"
+	"regexp"
 	"sort"
+	"strconv"
 	"strings"
+	"unicode"

+	"github.com/astaxie/beego/context/param"
 	"github.com/astaxie/beego/logs"
 	"github.com/astaxie/beego/utils"
 )
@ -35,6 +39,7 @@ var globalRouterTemplate = `package routers

 import (
 	"github.com/astaxie/beego"
+	"github.com/astaxie/beego/context/param"
 )

 func init() {
@ -81,7 +86,7 @@ func parserPkg(pkgRealpath, pkgpath string) error {
 					if specDecl.Recv != nil {
 						exp, ok := specDecl.Recv.List[0].Type.(*ast.StarExpr) // Check that the type is correct first beforing throwing to parser
 						if ok {
-							parserComments(specDecl.Doc, specDecl.Name.String(), fmt.Sprint(exp.X), pkgpath)
+							parserComments(specDecl, fmt.Sprint(exp.X), pkgpath)
 						}
 					}
 				}
@ -93,37 +98,34 @@ func parserPkg(pkgRealpath, pkgpath string) error {
 	return nil
 }

-func parserComments(comments *ast.CommentGroup, funcName, controllerName, pkgpath string) error {
-	if comments != nil && comments.List != nil {
-		for _, c := range comments.List {
-			t := strings.TrimSpace(strings.TrimLeft(c.Text, "//"))
-			if strings.HasPrefix(t, "@router") {
-				elements := strings.TrimLeft(t, "@router ")
-				e1 := strings.SplitN(elements, " ", 2)
-				if len(e1) < 1 {
-					return errors.New("you should has router information")
-				}
+type parsedComment struct {
+	routerPath string
+	methods    []string
+	params     map[string]parsedParam
+}
+
+type parsedParam struct {
+	name     string
+	datatype string
+	location string
+	defValue string
+	required bool
+}
+
+func parserComments(f *ast.FuncDecl, controllerName, pkgpath string) error {
+	if f.Doc != nil {
+		parsedComments, err := parseComment(f.Doc.List)
+		if err != nil {
+			return err
+		}
+		for _, parsedComment := range parsedComments {
+			if parsedComment.routerPath != "" {
 				key := pkgpath + ":" + controllerName
 				cc := ControllerComments{}
-				cc.Method = funcName
-				cc.Router = e1[0]
-				if len(e1) == 2 && e1[1] != "" {
-					e1 = strings.SplitN(e1[1], " ", 2)
-					if len(e1) >= 1 {
-						cc.AllowHTTPMethods = strings.Split(strings.Trim(e1[0], "[]"), ",")
-					} else {
-						cc.AllowHTTPMethods = append(cc.AllowHTTPMethods, "get")
-					}
-				} else {
-					cc.AllowHTTPMethods = append(cc.AllowHTTPMethods, "get")
-				}
-				if len(e1) == 2 && e1[1] != "" {
-					keyval := strings.Split(strings.Trim(e1[1], "[]"), " ")
-					for _, kv := range keyval {
-						kk := strings.Split(kv, ":")
-						cc.Params = append(cc.Params, map[string]string{strings.Join(kk[:len(kk)-1], ":"): kk[len(kk)-1]})
-					}
-				}
+				cc.Method = f.Name.String()
+				cc.Router = parsedComment.routerPath
+				cc.AllowHTTPMethods = parsedComment.methods
+				cc.MethodParams = buildMethodParams(f.Type.Params.List, parsedComment)
 				genInfoList[key] = append(genInfoList[key], cc)
 			}
 		}
@ -131,6 +133,145 @@ func parserComments(comments *ast.CommentGroup, funcName, controllerName, pkgpat
 	return nil
 }

+func buildMethodParams(funcParams []*ast.Field, pc *parsedComment) []*param.MethodParam {
+	result := make([]*param.MethodParam, 0, len(funcParams))
+	for _, fparam := range funcParams {
+		for _, pName := range fparam.Names {
+			methodParam := buildMethodParam(fparam, pName.Name, pc)
+			result = append(result, methodParam)
+		}
+	}
+	return result
+}
+
+func buildMethodParam(fparam *ast.Field, name string, pc *parsedComment) *param.MethodParam {
+	options := []param.MethodParamOption{}
+	if cparam, ok := pc.params[name]; ok {
+		//Build param from comment info
+		name = cparam.name
+		if cparam.required {
+			options = append(options, param.IsRequired)
+		}
+		switch cparam.location {
+		case "body":
+			options = append(options, param.InBody)
+		case "header":
+			options = append(options, param.InHeader)
+		case "path":
+			options = append(options, param.InPath)
+		}
+		if cparam.defValue != "" {
+			options = append(options, param.Default(cparam.defValue))
+		}
+	} else {
+		if paramInPath(name, pc.routerPath) {
+			options = append(options, param.InPath)
+		}
+	}
+	return param.New(name, options...)
+}
+
+func paramInPath(name, route string) bool {
+	return strings.HasSuffix(route, ":"+name) ||
+		strings.Contains(route, ":"+name+"/")
+}
+
+var routeRegex = regexp.MustCompile(`@router\s+(\S+)(?:\s+\[(\S+)\])?`)
+
+func parseComment(lines []*ast.Comment) (pcs []*parsedComment, err error) {
+	pcs = []*parsedComment{}
+	params := map[string]parsedParam{}
+
+	for _, c := range lines {
+		t := strings.TrimSpace(strings.TrimLeft(c.Text, "//"))
+		if strings.HasPrefix(t, "@Param") {
+			pv := getparams(strings.TrimSpace(strings.TrimLeft(t, "@Param")))
+			if len(pv) < 4 {
+				logs.Error("Invalid @Param format. Needs at least 4 parameters")
+			}
+			p := parsedParam{}
+			names := strings.SplitN(pv[0], "=>", 2)
+			p.name = names[0]
+			funcParamName := p.name
+			if len(names) > 1 {
+				funcParamName = names[1]
+			}
+			p.location = pv[1]
+			p.datatype = pv[2]
+			switch len(pv) {
+			case 5:
+				p.required, _ = strconv.ParseBool(pv[3])
+			case 6:
+				p.defValue = pv[3]
+				p.required, _ = strconv.ParseBool(pv[4])
+			}
+			params[funcParamName] = p
+		}
+	}
+
+	for _, c := range lines {
+		var pc = &parsedComment{}
+		pc.params = params
+
+		t := strings.TrimSpace(strings.TrimLeft(c.Text, "//"))
+		if strings.HasPrefix(t, "@router") {
+			t := strings.TrimSpace(strings.TrimLeft(c.Text, "//"))
+			matches := routeRegex.FindStringSubmatch(t)
+			if len(matches) == 3 {
+				pc.routerPath = matches[1]
+				methods := matches[2]
+				if methods == "" {
+					pc.methods = []string{"get"}
+					//pc.hasGet = true
+				} else {
+					pc.methods = strings.Split(methods, ",")
+					//pc.hasGet = strings.Contains(methods, "get")
+				}
+				pcs = append(pcs, pc)
+			} else {
+				return nil, errors.New("Router information is missing")
+			}
+		}
+	}
+	return
+}
+
+// direct copy from bee\g_docs.go
+// analysis params return []string
+// @Param	query		form	 string	true		"The email for login"
+// [query form string true "The email for login"]
+func getparams(str string) []string {
+	var s []rune
+	var j int
+	var start bool
+	var r []string
+	var quoted int8
+	for _, c := range str {
+		if unicode.IsSpace(c) && quoted == 0 {
+			if !start {
+				continue
+			} else {
+				start = false
+				j++
+				r = append(r, string(s))
+				s = make([]rune, 0)
+				continue
+			}
+		}
+
+		start = true
+		if c == '"' {
+			quoted ^= 1
+			continue
+		}
+		s = append(s, c)
+	}
+	if len(s) > 0 {
+		r = append(r, string(s))
+	}
+	return r
+}
+
 func genRouterCode(pkgRealpath string) {
 	os.Mkdir(getRouterDir(pkgRealpath), 0755)
 	logs.Info("generate router from comments")
@ -144,6 +285,7 @@ func genRouterCode(pkgRealpath string) {
 	sort.Strings(sortKey)
 	for _, k := range sortKey {
 		cList := genInfoList[k]
+		sort.Sort(ControllerCommentsSlice(cList))
 		for _, c := range cList {
 			allmethod := "nil"
 			if len(c.AllowHTTPMethods) > 0 {
@ -163,12 +305,24 @@ func genRouterCode(pkgRealpath string) {
 				}
 				params = strings.TrimRight(params, ",") + "}"
 			}
+			methodParams := "param.Make("
+			if len(c.MethodParams) > 0 {
+				lines := make([]string, 0, len(c.MethodParams))
+				for _, m := range c.MethodParams {
+					lines = append(lines, fmt.Sprint(m))
+				}
+				methodParams += "\n				" +
+					strings.Join(lines, ",\n				") +
+					",\n			"
+			}
+			methodParams += ")"
 			globalinfo = globalinfo + `
 	beego.GlobalControllerRouter["` + k + `"] = append(beego.GlobalControllerRouter["` + k + `"],
 		beego.ControllerComments{
 			Method: "` + strings.TrimSpace(c.Method) + `",
 			` + "Router: `" + c.Router + "`" + `,
 			AllowHTTPMethods: ` + allmethod + `,
+			MethodParams: ` + methodParams + `,
 			Params: ` + params + `})
 `
 		}
--- a/plugins/authz/authz.go
+++ b/plugins/authz/authz.go
@ -0,0 +1,86 @@
+// Copyright 2014 beego Author. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package authz provides handlers to enable ACL, RBAC, ABAC authorization support.
+// Simple Usage:
+//	import(
+//		"github.com/astaxie/beego"
+//		"github.com/astaxie/beego/plugins/authz"
+//		"github.com/casbin/casbin"
+//	)
+//
+//	func main(){
+//		// mediate the access for every request
+//		beego.InsertFilter("*", beego.BeforeRouter, authz.NewAuthorizer(casbin.NewEnforcer("authz_model.conf", "authz_policy.csv")))
+//		beego.Run()
+//	}
+//
+//
+// Advanced Usage:
+//
+//	func main(){
+//		e := casbin.NewEnforcer("authz_model.conf", "")
+//		e.AddRoleForUser("alice", "admin")
+//		e.AddPolicy(...)
+//
+//		beego.InsertFilter("*", beego.BeforeRouter, authz.NewAuthorizer(e))
+//		beego.Run()
+//	}
+package authz
+
+import (
+	"github.com/astaxie/beego"
+	"github.com/astaxie/beego/context"
+	"github.com/casbin/casbin"
+	"net/http"
+)
+
+// NewAuthorizer returns the authorizer.
+// Use a casbin enforcer as input
+func NewAuthorizer(e *casbin.Enforcer) beego.FilterFunc {
+	return func(ctx *context.Context) {
+		a := &BasicAuthorizer{enforcer: e}
+
+		if !a.CheckPermission(ctx.Request) {
+			a.RequirePermission(ctx.ResponseWriter)
+		}
+	}
+}
+
+// BasicAuthorizer stores the casbin handler
+type BasicAuthorizer struct {
+	enforcer *casbin.Enforcer
+}
+
+// GetUserName gets the user name from the request.
+// Currently, only HTTP basic authentication is supported
+func (a *BasicAuthorizer) GetUserName(r *http.Request) string {
+	username, _, _ := r.BasicAuth()
+	return username
+}
+
+// CheckPermission checks the user/method/path combination from the request.
+// Returns true (permission granted) or false (permission forbidden)
+func (a *BasicAuthorizer) CheckPermission(r *http.Request) bool {
+	user := a.GetUserName(r)
+	method := r.Method
+	path := r.URL.Path
+	return a.enforcer.Enforce(user, path, method)
+}
+
+// RequirePermission returns the 403 Forbidden to the client
+func (a *BasicAuthorizer) RequirePermission(w http.ResponseWriter) {
+	w.WriteHeader(403)
+	w.Write([]byte("403 Forbidden\n"))
+}
--- a/plugins/authz/authz_model.conf
+++ b/plugins/authz/authz_model.conf
@ -0,0 +1,14 @@
+[request_definition]
+r = sub, obj, act
+
+[policy_definition]
+p = sub, obj, act
+
+[role_definition]
+g = _, _
+
+[policy_effect]
+e = some(where (p.eft == allow))
+
+[matchers]
+m = g(r.sub, p.sub) && keyMatch(r.obj, p.obj) && (r.act == p.act || p.act == "*")
--- a/plugins/authz/authz_policy.csv
+++ b/plugins/authz/authz_policy.csv
@ -0,0 +1,7 @@
+p, alice, /dataset1/*, GET
+p, alice, /dataset1/resource1, POST
+p, bob, /dataset2/resource1, *
+p, bob, /dataset2/resource2, GET
+p, bob, /dataset2/folder1/*, POST
+p, dataset1_admin, /dataset1/*, *
+g, cathy, dataset1_admin
--- a/plugins/authz/authz_test.go
+++ b/plugins/authz/authz_test.go
@ -0,0 +1,107 @@
+// Copyright 2014 beego Author. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package authz
+
+import (
+	"github.com/astaxie/beego"
+	"github.com/astaxie/beego/context"
+	"github.com/astaxie/beego/plugins/auth"
+	"github.com/casbin/casbin"
+	"net/http"
+	"net/http/httptest"
+	"testing"
+)
+
+func testRequest(t *testing.T, handler *beego.ControllerRegister, user string, path string, method string, code int) {
+	r, _ := http.NewRequest(method, path, nil)
+	r.SetBasicAuth(user, "123")
+	w := httptest.NewRecorder()
+	handler.ServeHTTP(w, r)
+
+	if w.Code != code {
+		t.Errorf("%s, %s, %s: %d, supposed to be %d", user, path, method, w.Code, code)
+	}
+}
+
+func TestBasic(t *testing.T) {
+	handler := beego.NewControllerRegister()
+
+	handler.InsertFilter("*", beego.BeforeRouter, auth.Basic("alice", "123"))
+	handler.InsertFilter("*", beego.BeforeRouter, NewAuthorizer(casbin.NewEnforcer("authz_model.conf", "authz_policy.csv")))
+
+	handler.Any("*", func(ctx *context.Context) {
+		ctx.Output.SetStatus(200)
+	})
+
+	testRequest(t, handler, "alice", "/dataset1/resource1", "GET", 200)
+	testRequest(t, handler, "alice", "/dataset1/resource1", "POST", 200)
+	testRequest(t, handler, "alice", "/dataset1/resource2", "GET", 200)
+	testRequest(t, handler, "alice", "/dataset1/resource2", "POST", 403)
+}
+
+func TestPathWildcard(t *testing.T) {
+	handler := beego.NewControllerRegister()
+
+	handler.InsertFilter("*", beego.BeforeRouter, auth.Basic("bob", "123"))
+	handler.InsertFilter("*", beego.BeforeRouter, NewAuthorizer(casbin.NewEnforcer("authz_model.conf", "authz_policy.csv")))
+
+	handler.Any("*", func(ctx *context.Context) {
+		ctx.Output.SetStatus(200)
+	})
+
+	testRequest(t, handler, "bob", "/dataset2/resource1", "GET", 200)
+	testRequest(t, handler, "bob", "/dataset2/resource1", "POST", 200)
+	testRequest(t, handler, "bob", "/dataset2/resource1", "DELETE", 200)
+	testRequest(t, handler, "bob", "/dataset2/resource2", "GET", 200)
+	testRequest(t, handler, "bob", "/dataset2/resource2", "POST", 403)
+	testRequest(t, handler, "bob", "/dataset2/resource2", "DELETE", 403)
+
+	testRequest(t, handler, "bob", "/dataset2/folder1/item1", "GET", 403)
+	testRequest(t, handler, "bob", "/dataset2/folder1/item1", "POST", 200)
+	testRequest(t, handler, "bob", "/dataset2/folder1/item1", "DELETE", 403)
+	testRequest(t, handler, "bob", "/dataset2/folder1/item2", "GET", 403)
+	testRequest(t, handler, "bob", "/dataset2/folder1/item2", "POST", 200)
+	testRequest(t, handler, "bob", "/dataset2/folder1/item2", "DELETE", 403)
+}
+
+func TestRBAC(t *testing.T) {
+	handler := beego.NewControllerRegister()
+
+	handler.InsertFilter("*", beego.BeforeRouter, auth.Basic("cathy", "123"))
+	e := casbin.NewEnforcer("authz_model.conf", "authz_policy.csv")
+	handler.InsertFilter("*", beego.BeforeRouter, NewAuthorizer(e))
+
+	handler.Any("*", func(ctx *context.Context) {
+		ctx.Output.SetStatus(200)
+	})
+
+	// cathy can access all /dataset1/* resources via all methods because it has the dataset1_admin role.
+	testRequest(t, handler, "cathy", "/dataset1/item", "GET", 200)
+	testRequest(t, handler, "cathy", "/dataset1/item", "POST", 200)
+	testRequest(t, handler, "cathy", "/dataset1/item", "DELETE", 200)
+	testRequest(t, handler, "cathy", "/dataset2/item", "GET", 403)
+	testRequest(t, handler, "cathy", "/dataset2/item", "POST", 403)
+	testRequest(t, handler, "cathy", "/dataset2/item", "DELETE", 403)
+
+	// delete all roles on user cathy, so cathy cannot access any resources now.
+	e.DeleteRolesForUser("cathy")
+
+	testRequest(t, handler, "cathy", "/dataset1/item", "GET", 403)
+	testRequest(t, handler, "cathy", "/dataset1/item", "POST", 403)
+	testRequest(t, handler, "cathy", "/dataset1/item", "DELETE", 403)
+	testRequest(t, handler, "cathy", "/dataset2/item", "GET", 403)
+	testRequest(t, handler, "cathy", "/dataset2/item", "POST", 403)
+	testRequest(t, handler, "cathy", "/dataset2/item", "DELETE", 403)
+}
--- a/router.go
+++ b/router.go
@ -27,6 +27,7 @@ import (
 	"time"

 	beecontext "github.com/astaxie/beego/context"
+	"github.com/astaxie/beego/context/param"
 	"github.com/astaxie/beego/logs"
 	"github.com/astaxie/beego/toolbox"
 	"github.com/astaxie/beego/utils"
@ -42,35 +43,35 @@ const (
 )

 const (
-	routerTypeBeego = iota
+	routerTypeBeego   = iota
 	routerTypeRESTFul
 	routerTypeHandler
 )

 var (
 	// HTTPMETHOD list the supported http methods.
-	HTTPMETHOD = map[string]string{
-		"GET":       "GET",
-		"POST":      "POST",
-		"PUT":       "PUT",
-		"DELETE":    "DELETE",
-		"PATCH":     "PATCH",
-		"OPTIONS":   "OPTIONS",
-		"HEAD":      "HEAD",
-		"TRACE":     "TRACE",
-		"CONNECT":   "CONNECT",
-		"MKCOL":     "MKCOL",
-		"COPY":      "COPY",
-		"MOVE":      "MOVE",
-		"PROPFIND":  "PROPFIND",
-		"PROPPATCH": "PROPPATCH",
-		"LOCK":      "LOCK",
-		"UNLOCK":    "UNLOCK",
+	HTTPMETHOD = map[string]bool{
+		"GET":       true,
+		"POST":      true,
+		"PUT":       true,
+		"DELETE":    true,
+		"PATCH":     true,
+		"OPTIONS":   true,
+		"HEAD":      true,
+		"TRACE":     true,
+		"CONNECT":   true,
+		"MKCOL":     true,
+		"COPY":      true,
+		"MOVE":      true,
+		"PROPFIND":  true,
+		"PROPPATCH": true,
+		"LOCK":      true,
+		"UNLOCK":    true,
 	}
 	// these beego.Controller's methods shouldn't reflect to AutoRouter
 	exceptMethod = []string{"Init", "Prepare", "Finish", "Render", "RenderString",
 		"RenderBytes", "Redirect", "Abort", "StopRun", "UrlFor", "ServeJSON", "ServeJSONP",
-		"ServeXML", "Input", "ParseForm", "GetString", "GetStrings", "GetInt", "GetBool",
+		"ServeYAML", "ServeXML", "Input", "ParseForm", "GetString", "GetStrings", "GetInt", "GetBool",
 		"GetFloat", "GetFile", "SaveToFile", "StartSession", "SetSession", "GetSession",
 		"DelSession", "SessionRegenerateID", "DestroySession", "IsAjax", "GetSecureCookie",
 		"SetSecureCookie", "XsrfToken", "CheckXsrfCookie", "XsrfFormHtml",
@ -116,6 +117,8 @@ type ControllerInfo struct {
 	handler        http.Handler
 	runFunction    FilterFunc
 	routerType     int
+	initialize     func() ControllerInterface
+	methodParams   []*param.MethodParam
 }

 // ControllerRegister containers registered router rules, controller handlers and filters.
@ -151,6 +154,10 @@ func NewControllerRegister() *ControllerRegister {
 //	Add("/api",&RestController{},"get,post:ApiFunc"
 //	Add("/simple",&SimpleController{},"get:GetFunc;post:PostFunc")
 func (p *ControllerRegister) Add(pattern string, c ControllerInterface, mappingMethods ...string) {
+	p.addWithMethodParams(pattern, c, nil, mappingMethods...)
+}
+
+func (p *ControllerRegister) addWithMethodParams(pattern string, c ControllerInterface, methodParams []*param.MethodParam, mappingMethods ...string) {
 	reflectVal := reflect.ValueOf(c)
 	t := reflect.Indirect(reflectVal).Type()
 	methods := make(map[string]string)
@ -163,7 +170,7 @@ func (p *ControllerRegister) Add(pattern string, c ControllerInterface, mappingM
 			}
 			comma := strings.Split(colon[0], ",")
 			for _, m := range comma {
-				if _, ok := HTTPMETHOD[strings.ToUpper(m)]; m == "*" || ok {
+				if m == "*" || HTTPMETHOD[strings.ToUpper(m)] {
 					if val := reflectVal.MethodByName(colon[1]); val.IsValid() {
 						methods[strings.ToUpper(m)] = colon[1]
 					} else {
@ -181,14 +188,39 @@ func (p *ControllerRegister) Add(pattern string, c ControllerInterface, mappingM
 	route.methods = methods
 	route.routerType = routerTypeBeego
 	route.controllerType = t
+	route.initialize = func() ControllerInterface {
+		vc := reflect.New(route.controllerType)
+		execController, ok := vc.Interface().(ControllerInterface)
+		if !ok {
+			panic("controller is not ControllerInterface")
+		}
+
+		elemVal := reflect.ValueOf(c).Elem()
+		elemType := reflect.TypeOf(c).Elem()
+		execElem := reflect.ValueOf(execController).Elem()
+
+		numOfFields := elemVal.NumField()
+		for i := 0; i < numOfFields; i++ {
+			fieldType := elemType.Field(i)
+			elemField := execElem.FieldByName(fieldType.Name)
+			if elemField.CanSet() {
+				fieldVal := elemVal.Field(i)
+				elemField.Set(fieldVal)
+			}
+		}
+
+		return execController
+	}
+
+	route.methodParams = methodParams
 	if len(methods) == 0 {
-		for _, m := range HTTPMETHOD {
+		for m := range HTTPMETHOD {
 			p.addToRouter(m, pattern, route)
 		}
 	} else {
 		for k := range methods {
 			if k == "*" {
-				for _, m := range HTTPMETHOD {
+				for m := range HTTPMETHOD {
 					p.addToRouter(m, pattern, route)
 				}
 			} else {
@ -245,7 +277,7 @@ func (p *ControllerRegister) Include(cList ...ControllerInterface) {
 		key := t.PkgPath() + ":" + t.Name()
 		if comm, ok := GlobalControllerRouter[key]; ok {
 			for _, a := range comm {
-				p.Add(a.Router, c, strings.Join(a.AllowHTTPMethods, ",")+":"+a.Method)
+				p.addWithMethodParams(a.Router, c, a.MethodParams, strings.Join(a.AllowHTTPMethods, ",")+":"+a.Method)
 			}
 		}
 	}
@ -330,7 +362,7 @@ func (p *ControllerRegister) Any(pattern string, f FilterFunc) {
 //    })
 func (p *ControllerRegister) AddMethod(method, pattern string, f FilterFunc) {
 	method = strings.ToUpper(method)
-	if _, ok := HTTPMETHOD[method]; method != "*" && !ok {
+	if method != "*" && !HTTPMETHOD[method] {
 		panic("not support http method: " + method)
 	}
 	route := &ControllerInfo{}
@ -339,7 +371,7 @@ func (p *ControllerRegister) AddMethod(method, pattern string, f FilterFunc) {
 	route.runFunction = f
 	methods := make(map[string]string)
 	if method == "*" {
-		for _, val := range HTTPMETHOD {
+		for val := range HTTPMETHOD {
 			methods[val] = val
 		}
 	} else {
@ -348,7 +380,7 @@ func (p *ControllerRegister) AddMethod(method, pattern string, f FilterFunc) {
 	route.methods = methods
 	for k := range methods {
 		if k == "*" {
-			for _, m := range HTTPMETHOD {
+			for m := range HTTPMETHOD {
 				p.addToRouter(m, pattern, route)
 			}
 		} else {
@ -368,7 +400,7 @@ func (p *ControllerRegister) Handler(pattern string, h http.Handler, options ...
 			pattern = path.Join(pattern, "?:all(.*)")
 		}
 	}
-	for _, m := range HTTPMETHOD {
+	for m := range HTTPMETHOD {
 		p.addToRouter(m, pattern, route)
 	}
 }
@ -403,7 +435,7 @@ func (p *ControllerRegister) AddAutoPrefix(prefix string, c ControllerInterface)
 			patternFix := path.Join(prefix, strings.ToLower(controllerName), strings.ToLower(rt.Method(i).Name))
 			patternFixInit := path.Join(prefix, controllerName, rt.Method(i).Name)
 			route.pattern = pattern
-			for _, m := range HTTPMETHOD {
+			for m := range HTTPMETHOD {
 				p.addToRouter(m, pattern, route)
 				p.addToRouter(m, patternInit, route)
 				p.addToRouter(m, patternFix, route)
@ -504,7 +536,7 @@ func (p *ControllerRegister) geturl(t *Tree, url, controllName, methodName strin
 			if c.routerType == routerTypeBeego &&
 				strings.HasSuffix(path.Join(c.controllerType.PkgPath(), c.controllerType.Name()), controllName) {
 				find := false
-				if _, ok := HTTPMETHOD[strings.ToUpper(methodName)]; ok {
+				if HTTPMETHOD[strings.ToUpper(methodName)] {
 					if len(c.methods) == 0 {
 						find = true
 					} else if m, ok := c.methods[strings.ToUpper(methodName)]; ok && m == strings.ToUpper(methodName) {
@ -624,11 +656,12 @@ func (p *ControllerRegister) execFilter(context *beecontext.Context, urlPath str
 func (p *ControllerRegister) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
 	startTime := time.Now()
 	var (
-		runRouter  reflect.Type
-		findRouter bool
-		runMethod  string
-		routerInfo *ControllerInfo
-		isRunnable bool
+		runRouter    reflect.Type
+		findRouter   bool
+		runMethod    string
+		methodParams []*param.MethodParam
+		routerInfo   *ControllerInfo
+		isRunnable   bool
 	)
 	context := p.pool.Get().(*beecontext.Context)
 	context.Reset(rw, r)
@ -651,7 +684,7 @@ func (p *ControllerRegister) ServeHTTP(rw http.ResponseWriter, r *http.Request)
 	}

 	// filter wrong http method
-	if _, ok := HTTPMETHOD[r.Method]; !ok {
+	if !HTTPMETHOD[r.Method] {
 		http.Error(rw, "Method Not Allowed", 405)
 		goto Admin
 	}
@ -696,7 +729,6 @@ func (p *ControllerRegister) ServeHTTP(rw http.ResponseWriter, r *http.Request)
 	// User can define RunController and RunMethod in filter
 	if context.Input.RunController != nil && context.Input.RunMethod != "" {
 		findRouter = true
-		isRunnable = true
 		runMethod = context.Input.RunMethod
 		runRouter = context.Input.RunController
 	} else {
@ -740,6 +772,7 @@ func (p *ControllerRegister) ServeHTTP(rw http.ResponseWriter, r *http.Request)
 			routerInfo.handler.ServeHTTP(rw, r)
 		} else {
 			runRouter = routerInfo.controllerType
+			methodParams = routerInfo.methodParams
 			method := r.Method
 			if r.Method == http.MethodPost && context.Input.Query("_method") == http.MethodPost {
 				method = http.MethodPut
@ -760,14 +793,20 @@ func (p *ControllerRegister) ServeHTTP(rw http.ResponseWriter, r *http.Request)
 	// also defined runRouter & runMethod from filter
 	if !isRunnable {
 		//Invoke the request handler
-		vc := reflect.New(runRouter)
-		execController, ok := vc.Interface().(ControllerInterface)
-		if !ok {
-			panic("controller is not ControllerInterface")
+		var execController ControllerInterface
+		if routerInfo.initialize != nil {
+			execController = routerInfo.initialize()
+		} else {
+			vc := reflect.New(runRouter)
+			var ok bool
+			execController, ok = vc.Interface().(ControllerInterface)
+			if !ok {
+				panic("controller is not ControllerInterface")
+			}
 		}

 		//call the controller init function
-		execController.Init(context, runRouter.Name(), runMethod, vc.Interface())
+		execController.Init(context, runRouter.Name(), runMethod, execController)

 		//call prepare function
 		execController.Prepare()
@ -802,9 +841,15 @@ func (p *ControllerRegister) ServeHTTP(rw http.ResponseWriter, r *http.Request)
 				execController.Options()
 			default:
 				if !execController.HandlerFunc(runMethod) {
-					var in []reflect.Value
+					vc := reflect.ValueOf(execController)
 					method := vc.MethodByName(runMethod)
-					method.Call(in)
+					in := param.ConvertParams(methodParams, method.Type(), context)
+					out := method.Call(in)
+
+					//For backward compatibility we only handle response if we had incoming methodParams
+					if methodParams != nil {
+						p.handleParamResponse(context, execController, out)
+					}
 				}
 			}

@ -832,10 +877,23 @@ func (p *ControllerRegister) ServeHTTP(rw http.ResponseWriter, r *http.Request)
 	}

 Admin:
-	//admin module record QPS
+//admin module record QPS
+
+	statusCode := context.ResponseWriter.Status
+	if statusCode == 0 {
+		statusCode = 200
+	}
+
+	logAccess(context, &startTime, statusCode)
+
 	if BConfig.Listen.EnableAdmin {
 		timeDur := time.Since(startTime)
-		if FilterMonitorFunc(r.Method, r.URL.Path, timeDur) {
+		pattern := ""
+		if routerInfo != nil {
+			pattern = routerInfo.pattern
+		}
+
+		if FilterMonitorFunc(r.Method, r.URL.Path, timeDur, pattern, statusCode) {
 			if runRouter != nil {
 				go toolbox.StatisticsMap.AddStatistics(r.Method, r.URL.Path, runRouter.Name(), timeDur)
 			} else {
@ -844,20 +902,13 @@ Admin:
 		}
 	}

-	if BConfig.RunMode == DEV || BConfig.Log.AccessLogs {
-		timeDur := time.Since(startTime)
+	if BConfig.RunMode == DEV && !BConfig.Log.AccessLogs {
 		var devInfo string
-
-		statusCode := context.ResponseWriter.Status
-		if statusCode == 0 {
-			statusCode = 200
-		}
-
+		timeDur := time.Since(startTime)
 		iswin := (runtime.GOOS == "windows")
 		statusColor := logs.ColorByStatus(iswin, statusCode)
 		methodColor := logs.ColorByMethod(iswin, r.Method)
 		resetColor := logs.ColorByMethod(iswin, "")
-
 		if findRouter {
 			if routerInfo != nil {
 				devInfo = fmt.Sprintf("|%15s|%s %3d %s|%13s|%8s|%s %-7s %s %-3s   r:%s", context.Input.IP(), statusColor, statusCode,
@ -877,13 +928,26 @@ Admin:
 			logs.Debug(devInfo)
 		}
 	}
-
 	// Call WriteHeader if status code has been set changed
 	if context.Output.Status != 0 {
 		context.ResponseWriter.WriteHeader(context.Output.Status)
 	}
 }

+func (p *ControllerRegister) handleParamResponse(context *beecontext.Context, execController ControllerInterface, results []reflect.Value) {
+	//looping in reverse order for the case when both error and value are returned and error sets the response status code
+	for i := len(results) - 1; i >= 0; i-- {
+		result := results[i]
+		if result.Kind() != reflect.Interface || !result.IsNil() {
+			resultValue := result.Interface()
+			context.RenderMethodResult(resultValue)
+		}
+	}
+	if !context.ResponseWriter.Started && len(results) > 0 && context.Output.Status == 0 {
+		context.Output.SetStatus(200)
+	}
+}
+
 // FindRouter Find Router info for URL
 func (p *ControllerRegister) FindRouter(context *beecontext.Context) (routerInfo *ControllerInfo, isFind bool) {
 	var urlPath = context.Input.URL()
@ -910,3 +974,38 @@ func toURL(params map[string]string) string {
 	}
 	return strings.TrimRight(u, "&")
 }
+
+func logAccess(ctx *beecontext.Context, startTime *time.Time, statusCode int) {
+	//Skip logging if AccessLogs config is false
+	if !BConfig.Log.AccessLogs {
+		return
+	}
+	//Skip logging static requests unless EnableStaticLogs config is true
+	if !BConfig.Log.EnableStaticLogs && DefaultAccessLogFilter.Filter(ctx) {
+		return
+	}
+	var (
+		requestTime time.Time
+		elapsedTime time.Duration
+		r           = ctx.Request
+	)
+	if startTime != nil {
+		requestTime = *startTime
+		elapsedTime = time.Since(*startTime)
+	}
+	record := &logs.AccessLogRecord{
+		RemoteAddr:     ctx.Input.IP(),
+		RequestTime:    requestTime,
+		RequestMethod:  r.Method,
+		Request:        fmt.Sprintf("%s %s %s", r.Method, r.RequestURI, r.Proto),
+		ServerProtocol: r.Proto,
+		Host:           r.Host,
+		Status:         statusCode,
+		ElapsedTime:    elapsedTime,
+		HTTPReferrer:   r.Header.Get("Referer"),
+		HTTPUserAgent:  r.Header.Get("User-Agent"),
+		RemoteUser:     r.Header.Get("Remote-User"),
+		BodyBytesSent:  0, //@todo this one is missing!
+	}
+	logs.AccessLog(record, BConfig.Log.AccessLogsFormat)
+}
--- a/router_test.go
+++ b/router_test.go
@ -695,3 +695,30 @@ func beegoResetParams(ctx *context.Context) {
 func beegoHandleResetParams(ctx *context.Context) {
 	ctx.ResponseWriter.Header().Set("splat", ctx.Input.Param(":splat"))
 }
+
+// YAML
+type YAMLController struct {
+	Controller
+}
+
+func (jc *YAMLController) Prepare() {
+	jc.Data["yaml"] = "prepare"
+	jc.ServeYAML()
+}
+
+func (jc *YAMLController) Get() {
+	jc.Data["Username"] = "astaxie"
+	jc.Ctx.Output.Body([]byte("ok"))
+}
+
+func TestYAMLPrepare(t *testing.T) {
+	r, _ := http.NewRequest("GET", "/yaml/list", nil)
+	w := httptest.NewRecorder()
+
+	handler := NewControllerRegister()
+	handler.Add("/yaml/list", &YAMLController{})
+	handler.ServeHTTP(w, r)
+	if strings.TrimSpace(w.Body.String()) != "prepare" {
+		t.Errorf(w.Body.String())
+	}
+}
--- a/session/redis/sess_redis.go
+++ b/session/redis/sess_redis.go
@ -14,9 +14,9 @@

 // Package redis for session provider
 //
-// depend on github.com/garyburd/redigo/redis
+// depend on github.com/gomodule/redigo/redis
 //
-// go install github.com/garyburd/redigo/redis
+// go install github.com/gomodule/redigo/redis
 //
 // Usage:
 // import(
@ -24,10 +24,10 @@
 //   "github.com/astaxie/beego/session"
 // )
 //
-//	func init() {
-//		globalSessions, _ = session.NewManager("redis", ``{"cookieName":"gosessionid","gclifetime":3600,"ProviderConfig":"127.0.0.1:7070"}``)
-//		go globalSessions.GC()
-//	}
+// 	func init() {
+// 		globalSessions, _ = session.NewManager("redis", ``{"cookieName":"gosessionid","gclifetime":3600,"ProviderConfig":"127.0.0.1:7070"}``)
+// 		go globalSessions.GC()
+// 	}
 //
 // more docs: http://beego.me/docs/module/session.md
 package redis
@ -37,10 +37,11 @@ import (
 	"strconv"
 	"strings"
 	"sync"
+	"time"

 	"github.com/astaxie/beego/session"

-	"github.com/garyburd/redigo/redis"
+	"github.com/gomodule/redigo/redis"
 )

 var redispder = &Provider{}
@ -118,8 +119,8 @@ type Provider struct {
 }

 // SessionInit init redis session
-// savepath like redis server addr,pool size,password,dbnum
-// e.g. 127.0.0.1:6379,100,astaxie,0
+// savepath like redis server addr,pool size,password,dbnum,IdleTimeout second
+// e.g. 127.0.0.1:6379,100,astaxie,0,30
 func (rp *Provider) SessionInit(maxlifetime int64, savePath string) error {
 	rp.maxlifetime = maxlifetime
 	configs := strings.Split(savePath, ",")
@ -149,24 +150,39 @@ func (rp *Provider) SessionInit(maxlifetime int64, savePath string) error {
 	} else {
 		rp.dbNum = 0
 	}
-	rp.poollist = redis.NewPool(func() (redis.Conn, error) {
-		c, err := redis.Dial("tcp", rp.savePath)
-		if err != nil {
-			return nil, err
+	var idleTimeout time.Duration = 0
+	if len(configs) > 4 {
+		timeout, err := strconv.Atoi(configs[4])
+		if err == nil && timeout > 0 {
+			idleTimeout = time.Duration(timeout) * time.Second
 		}
-		if rp.password != "" {
-			if _, err = c.Do("AUTH", rp.password); err != nil {
-				c.Close()
+	}
+	rp.poollist = &redis.Pool{
+		Dial: func() (redis.Conn, error) {
+			c, err := redis.Dial("tcp", rp.savePath)
+			if err != nil {
 				return nil, err
 			}
-		}
-		_, err = c.Do("SELECT", rp.dbNum)
-		if err != nil {
-			c.Close()
-			return nil, err
-		}
-		return c, err
-	}, rp.poolsize)
+			if rp.password != "" {
+				if _, err = c.Do("AUTH", rp.password); err != nil {
+					c.Close()
+					return nil, err
+				}
+			}
+			// some redis proxy such as twemproxy is not support select command
+			if rp.dbNum > 0 {
+				_, err = c.Do("SELECT", rp.dbNum)
+				if err != nil {
+					c.Close()
+					return nil, err
+				}
+			}
+			return c, err
+		},
+		MaxIdle: rp.poolsize,
+	}
+
+	rp.poollist.IdleTimeout = idleTimeout

 	return rp.poollist.Get().Err()
 }
@ -179,7 +195,7 @@ func (rp *Provider) SessionRead(sid string) (session.Store, error) {
 	var kv map[interface{}]interface{}

 	kvs, err := redis.String(c.Do("GET", sid))
-	if err != redis.ErrNil {
+	if err != nil && err != redis.ErrNil {
 		return nil, err
 	}
 	if len(kvs) == 0 {
--- a/session/redis_cluster/redis_cluster.go
+++ b/session/redis_cluster/redis_cluster.go
@ -0,0 +1,220 @@
+// Copyright 2014 beego Author. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package redis for session provider
+//
+// depend on github.com/go-redis/redis
+//
+// go install github.com/go-redis/redis
+//
+// Usage:
+// import(
+//   _ "github.com/astaxie/beego/session/redis_cluster"
+//   "github.com/astaxie/beego/session"
+// )
+//
+//	func init() {
+//		globalSessions, _ = session.NewManager("redis_cluster", ``{"cookieName":"gosessionid","gclifetime":3600,"ProviderConfig":"127.0.0.1:7070;127.0.0.1:7071"}``)
+//		go globalSessions.GC()
+//	}
+//
+// more docs: http://beego.me/docs/module/session.md
+package redis_cluster
+import (
+	"net/http"
+	"strconv"
+	"strings"
+	"sync"
+	"github.com/astaxie/beego/session"
+	rediss "github.com/go-redis/redis"
+	"time"
+)
+
+var redispder = &Provider{}
+
+// MaxPoolSize redis_cluster max pool size
+var MaxPoolSize = 1000
+
+// SessionStore redis_cluster session store
+type SessionStore struct {
+	p           *rediss.ClusterClient
+	sid         string
+	lock        sync.RWMutex
+	values      map[interface{}]interface{}
+	maxlifetime int64
+}
+
+// Set value in redis_cluster session
+func (rs *SessionStore) Set(key, value interface{}) error {
+	rs.lock.Lock()
+	defer rs.lock.Unlock()
+	rs.values[key] = value
+	return nil
+}
+
+// Get value in redis_cluster session
+func (rs *SessionStore) Get(key interface{}) interface{} {
+	rs.lock.RLock()
+	defer rs.lock.RUnlock()
+	if v, ok := rs.values[key]; ok {
+		return v
+	}
+	return nil
+}
+
+// Delete value in redis_cluster session
+func (rs *SessionStore) Delete(key interface{}) error {
+	rs.lock.Lock()
+	defer rs.lock.Unlock()
+	delete(rs.values, key)
+	return nil
+}
+
+// Flush clear all values in redis_cluster session
+func (rs *SessionStore) Flush() error {
+	rs.lock.Lock()
+	defer rs.lock.Unlock()
+	rs.values = make(map[interface{}]interface{})
+	return nil
+}
+
+// SessionID get redis_cluster session id
+func (rs *SessionStore) SessionID() string {
+	return rs.sid
+}
+
+// SessionRelease save session values to redis_cluster
+func (rs *SessionStore) SessionRelease(w http.ResponseWriter) {
+	b, err := session.EncodeGob(rs.values)
+	if err != nil {
+		return
+	}
+	c := rs.p
+	c.Set(rs.sid, string(b), time.Duration(rs.maxlifetime) * time.Second)
+}
+
+// Provider redis_cluster session provider
+type Provider struct {
+	maxlifetime int64
+	savePath    string
+	poolsize    int
+	password    string
+	dbNum       int
+	poollist    *rediss.ClusterClient
+}
+
+// SessionInit init redis_cluster session
+// savepath like redis server addr,pool size,password,dbnum
+// e.g. 127.0.0.1:6379;127.0.0.1:6380,100,test,0
+func (rp *Provider) SessionInit(maxlifetime int64, savePath string) error {
+	rp.maxlifetime = maxlifetime
+	configs := strings.Split(savePath, ",")
+	if len(configs) > 0 {
+		rp.savePath = configs[0]
+	}
+	if len(configs) > 1 {
+		poolsize, err := strconv.Atoi(configs[1])
+		if err != nil || poolsize < 0 {
+			rp.poolsize = MaxPoolSize
+		} else {
+			rp.poolsize = poolsize
+		}
+	} else {
+		rp.poolsize = MaxPoolSize
+	}
+	if len(configs) > 2 {
+		rp.password = configs[2]
+	}
+	if len(configs) > 3 {
+		dbnum, err := strconv.Atoi(configs[3])
+		if err != nil || dbnum < 0 {
+			rp.dbNum = 0
+		} else {
+			rp.dbNum = dbnum
+		}
+	} else {
+		rp.dbNum = 0
+	}
+	
+	rp.poollist = rediss.NewClusterClient(&rediss.ClusterOptions{
+		Addrs:    strings.Split(rp.savePath, ";"),
+		Password:  rp.password,
+		PoolSize: rp.poolsize,
+	})
+	return rp.poollist.Ping().Err()
+}
+
+// SessionRead read redis_cluster session by sid
+func (rp *Provider) SessionRead(sid string) (session.Store, error) {
+	var kv map[interface{}]interface{}
+	kvs, err := rp.poollist.Get(sid).Result()
+	if err != nil && err != rediss.Nil {
+		return nil, err
+	}
+	if len(kvs) == 0 {
+		kv = make(map[interface{}]interface{})
+	} else {
+		if kv, err = session.DecodeGob([]byte(kvs)); err != nil {
+			return nil, err
+		}
+	}
+
+	rs := &SessionStore{p: rp.poollist, sid: sid, values: kv, maxlifetime: rp.maxlifetime}
+	return rs, nil
+}
+
+// SessionExist check redis_cluster session exist by sid
+func (rp *Provider) SessionExist(sid string) bool {
+	c := rp.poollist
+	if existed, err := c.Exists(sid).Result(); err != nil || existed == 0 {
+		return false
+	}
+	return true
+}
+
+// SessionRegenerate generate new sid for redis_cluster session
+func (rp *Provider) SessionRegenerate(oldsid, sid string) (session.Store, error) {
+	c := rp.poollist
+	
+	if existed, err := c.Exists(oldsid).Result(); err != nil || existed == 0 {
+		// oldsid doesn't exists, set the new sid directly
+		// ignore error here, since if it return error
+		// the existed value will be 0
+		c.Set(sid, "", time.Duration(rp.maxlifetime) * time.Second)
+	} else {
+		c.Rename(oldsid, sid)
+		c.Expire(sid, time.Duration(rp.maxlifetime) * time.Second)
+	}
+	return rp.SessionRead(sid)
+}
+
+// SessionDestroy delete redis session by id
+func (rp *Provider) SessionDestroy(sid string) error {
+	c := rp.poollist
+	c.Del(sid)
+	return nil
+}
+
+// SessionGC Impelment method, no used.
+func (rp *Provider) SessionGC() {
+}
+
+// SessionAll return all activeSession
+func (rp *Provider) SessionAll() int {
+	return 0
+}
+
+func init() {
+	session.Register("redis_cluster", redispder)
+}
--- a/session/sess_file.go
+++ b/session/sess_file.go
@ -78,6 +78,8 @@ func (fs *FileSessionStore) SessionID() string {

 // SessionRelease Write file session to local file with Gob string
 func (fs *FileSessionStore) SessionRelease(w http.ResponseWriter) {
+	filepder.lock.Lock()
+	defer filepder.lock.Unlock()
 	b, err := EncodeGob(fs.values)
 	if err != nil {
 		SLogger.Println(err)
@ -164,7 +166,7 @@ func (fp *FileProvider) SessionRead(sid string) (Store, error) {
 }

 // SessionExist Check file session exist.
-// it checkes the file named from sid exist or not.
+// it checks the file named from sid exist or not.
 func (fp *FileProvider) SessionExist(sid string) bool {
 	filepder.lock.Lock()
 	defer filepder.lock.Unlock()
--- a/session/sess_utils.go
+++ b/session/sess_utils.go
@ -149,7 +149,7 @@ func decodeCookie(block cipher.Block, hashKey, name, value string, gcmaxlifetime
 	// 2. Verify MAC. Value is "date|value|mac".
 	parts := bytes.SplitN(b, []byte("|"), 3)
 	if len(parts) != 3 {
-		return nil, errors.New("Decode: invalid value %v")
+		return nil, errors.New("Decode: invalid value format")
 	}

 	b = append([]byte(name+"|"), b[:len(b)-len(parts[2])]...)
--- a/staticfile.go
+++ b/staticfile.go
@ -74,7 +74,7 @@ func serverStaticRouter(ctx *context.Context) {
 	if enableCompress {
 		acceptEncoding = context.ParseEncoding(ctx.Request)
 	}
-	b, n, sch, err := openFile(filePath, fileInfo, acceptEncoding)
+	b, n, sch, reader, err := openFile(filePath, fileInfo, acceptEncoding)
 	if err != nil {
 		if BConfig.RunMode == DEV {
 			logs.Warn("Can't compress the file:", filePath, err)
@ -89,47 +89,53 @@ func serverStaticRouter(ctx *context.Context) {
 		ctx.Output.Header("Content-Length", strconv.FormatInt(sch.size, 10))
 	}

-	http.ServeContent(ctx.ResponseWriter, ctx.Request, filePath, sch.modTime, sch)
+	http.ServeContent(ctx.ResponseWriter, ctx.Request, filePath, sch.modTime, reader)
 }

 type serveContentHolder struct {
-	*bytes.Reader
+	data     []byte
 	modTime  time.Time
 	size     int64
 	encoding string
 }

+type serveContentReader struct {
+	*bytes.Reader
+}
+
 var (
 	staticFileMap = make(map[string]*serveContentHolder)
 	mapLock       sync.RWMutex
 )

-func openFile(filePath string, fi os.FileInfo, acceptEncoding string) (bool, string, *serveContentHolder, error) {
+func openFile(filePath string, fi os.FileInfo, acceptEncoding string) (bool, string, *serveContentHolder, *serveContentReader, error) {
 	mapKey := acceptEncoding + ":" + filePath
 	mapLock.RLock()
 	mapFile := staticFileMap[mapKey]
 	mapLock.RUnlock()
 	if isOk(mapFile, fi) {
-		return mapFile.encoding != "", mapFile.encoding, mapFile, nil
+		reader := &serveContentReader{Reader: bytes.NewReader(mapFile.data)}
+		return mapFile.encoding != "", mapFile.encoding, mapFile, reader, nil
 	}
 	mapLock.Lock()
 	defer mapLock.Unlock()
 	if mapFile = staticFileMap[mapKey]; !isOk(mapFile, fi) {
 		file, err := os.Open(filePath)
 		if err != nil {
-			return false, "", nil, err
+			return false, "", nil, nil, err
 		}
 		defer file.Close()
 		var bufferWriter bytes.Buffer
 		_, n, err := context.WriteFile(acceptEncoding, &bufferWriter, file)
 		if err != nil {
-			return false, "", nil, err
+			return false, "", nil, nil, err
 		}
-		mapFile = &serveContentHolder{Reader: bytes.NewReader(bufferWriter.Bytes()), modTime: fi.ModTime(), size: int64(bufferWriter.Len()), encoding: n}
+		mapFile = &serveContentHolder{data: bufferWriter.Bytes(), modTime: fi.ModTime(), size: int64(bufferWriter.Len()), encoding: n}
 		staticFileMap[mapKey] = mapFile
 	}

-	return mapFile.encoding != "", mapFile.encoding, mapFile, nil
+	reader := &serveContentReader{Reader: bytes.NewReader(mapFile.data)}
+	return mapFile.encoding != "", mapFile.encoding, mapFile, reader, nil
 }

 func isOk(s *serveContentHolder, fi os.FileInfo) bool {
--- a/staticfile_test.go
+++ b/staticfile_test.go
@ -16,7 +16,7 @@ var licenseFile = filepath.Join(currentWorkDir, "LICENSE")

 func testOpenFile(encoding string, content []byte, t *testing.T) {
 	fi, _ := os.Stat(licenseFile)
-	b, n, sch, err := openFile(licenseFile, fi, encoding)
+	b, n, sch, reader, err := openFile(licenseFile, fi, encoding)
 	if err != nil {
 		t.Log(err)
 		t.Fail()
@ -24,7 +24,7 @@ func testOpenFile(encoding string, content []byte, t *testing.T) {

 	t.Log("open static file encoding "+n, b)

-	assetOpenFileAndContent(sch, content, t)
+	assetOpenFileAndContent(sch, reader, content, t)
 }
 func TestOpenStaticFile_1(t *testing.T) {
 	file, _ := os.Open(licenseFile)
@ -53,13 +53,13 @@ func TestOpenStaticFileDeflate_1(t *testing.T) {
 	testOpenFile("deflate", content, t)
 }

-func assetOpenFileAndContent(sch *serveContentHolder, content []byte, t *testing.T) {
+func assetOpenFileAndContent(sch *serveContentHolder, reader *serveContentReader, content []byte, t *testing.T) {
 	t.Log(sch.size, len(content))
 	if sch.size != int64(len(content)) {
 		t.Log("static content file size not same")
 		t.Fail()
 	}
-	bs, _ := ioutil.ReadAll(sch)
+	bs, _ := ioutil.ReadAll(reader)
 	for i, v := range content {
 		if v != bs[i] {
 			t.Log("content not same")
--- a/swagger/swagger.go
+++ b/swagger/swagger.go
@ -22,19 +22,19 @@ package swagger

 // Swagger list the resource
 type Swagger struct {
-	SwaggerVersion      string              `json:"swagger,omitempty" yaml:"swagger,omitempty"`
-	Infos               Information         `json:"info" yaml:"info"`
-	Host                string              `json:"host,omitempty" yaml:"host,omitempty"`
-	BasePath            string              `json:"basePath,omitempty" yaml:"basePath,omitempty"`
-	Schemes             []string            `json:"schemes,omitempty" yaml:"schemes,omitempty"`
-	Consumes            []string            `json:"consumes,omitempty" yaml:"consumes,omitempty"`
-	Produces            []string            `json:"produces,omitempty" yaml:"produces,omitempty"`
-	Paths               map[string]*Item    `json:"paths" yaml:"paths"`
-	Definitions         map[string]Schema   `json:"definitions,omitempty" yaml:"definitions,omitempty"`
-	SecurityDefinitions map[string]Security `json:"securityDefinitions,omitempty" yaml:"securityDefinitions,omitempty"`
-	Security            map[string][]string `json:"security,omitempty" yaml:"security,omitempty"`
-	Tags                []Tag               `json:"tags,omitempty" yaml:"tags,omitempty"`
-	ExternalDocs        *ExternalDocs       `json:"externalDocs,omitempty" yaml:"externalDocs,omitempty"`
+	SwaggerVersion      string                `json:"swagger,omitempty" yaml:"swagger,omitempty"`
+	Infos               Information           `json:"info" yaml:"info"`
+	Host                string                `json:"host,omitempty" yaml:"host,omitempty"`
+	BasePath            string                `json:"basePath,omitempty" yaml:"basePath,omitempty"`
+	Schemes             []string              `json:"schemes,omitempty" yaml:"schemes,omitempty"`
+	Consumes            []string              `json:"consumes,omitempty" yaml:"consumes,omitempty"`
+	Produces            []string              `json:"produces,omitempty" yaml:"produces,omitempty"`
+	Paths               map[string]*Item      `json:"paths" yaml:"paths"`
+	Definitions         map[string]Schema     `json:"definitions,omitempty" yaml:"definitions,omitempty"`
+	SecurityDefinitions map[string]Security   `json:"securityDefinitions,omitempty" yaml:"securityDefinitions,omitempty"`
+	Security            []map[string][]string `json:"security,omitempty" yaml:"security,omitempty"`
+	Tags                []Tag                 `json:"tags,omitempty" yaml:"tags,omitempty"`
+	ExternalDocs        *ExternalDocs         `json:"externalDocs,omitempty" yaml:"externalDocs,omitempty"`
 }

 // Information Provides metadata about the API. The metadata can be used by the clients if needed.
@ -75,16 +75,17 @@ type Item struct {

 // Operation Describes a single API operation on a path.
 type Operation struct {
-	Tags        []string            `json:"tags,omitempty" yaml:"tags,omitempty"`
-	Summary     string              `json:"summary,omitempty" yaml:"summary,omitempty"`
-	Description string              `json:"description,omitempty" yaml:"description,omitempty"`
-	OperationID string              `json:"operationId,omitempty" yaml:"operationId,omitempty"`
-	Consumes    []string            `json:"consumes,omitempty" yaml:"consumes,omitempty"`
-	Produces    []string            `json:"produces,omitempty" yaml:"produces,omitempty"`
-	Schemes     []string            `json:"schemes,omitempty" yaml:"schemes,omitempty"`
-	Parameters  []Parameter         `json:"parameters,omitempty" yaml:"parameters,omitempty"`
-	Responses   map[string]Response `json:"responses,omitempty" yaml:"responses,omitempty"`
-	Deprecated  bool                `json:"deprecated,omitempty" yaml:"deprecated,omitempty"`
+	Tags        []string              `json:"tags,omitempty" yaml:"tags,omitempty"`
+	Summary     string                `json:"summary,omitempty" yaml:"summary,omitempty"`
+	Description string                `json:"description,omitempty" yaml:"description,omitempty"`
+	OperationID string                `json:"operationId,omitempty" yaml:"operationId,omitempty"`
+	Consumes    []string              `json:"consumes,omitempty" yaml:"consumes,omitempty"`
+	Produces    []string              `json:"produces,omitempty" yaml:"produces,omitempty"`
+	Schemes     []string              `json:"schemes,omitempty" yaml:"schemes,omitempty"`
+	Parameters  []Parameter           `json:"parameters,omitempty" yaml:"parameters,omitempty"`
+	Responses   map[string]Response   `json:"responses,omitempty" yaml:"responses,omitempty"`
+	Security    []map[string][]string `json:"security,omitempty" yaml:"security,omitempty"`
+	Deprecated  bool                  `json:"deprecated,omitempty" yaml:"deprecated,omitempty"`
 }

 // Parameter Describes a single operation parameter.
@ -120,6 +121,8 @@ type Schema struct {
 	Type        string               `json:"type,omitempty" yaml:"type,omitempty"`
 	Items       *Schema              `json:"items,omitempty" yaml:"items,omitempty"`
 	Properties  map[string]Propertie `json:"properties,omitempty" yaml:"properties,omitempty"`
+	Enum        []interface{}        `json:"enum,omitempty" yaml:"enum,omitempty"`
+	Example     interface{}          `json:"example,omitempty" yaml:"example,omitempty"`
 }

 // Propertie are taken from the JSON Schema definition but their definitions were adjusted to the Swagger Specification
@ -129,7 +132,7 @@ type Propertie struct {
 	Description          string               `json:"description,omitempty" yaml:"description,omitempty"`
 	Default              interface{}          `json:"default,omitempty" yaml:"default,omitempty"`
 	Type                 string               `json:"type,omitempty" yaml:"type,omitempty"`
-	Example              string               `json:"example,omitempty" yaml:"example,omitempty"`
+	Example              interface{}          `json:"example,omitempty" yaml:"example,omitempty"`
 	Required             []string             `json:"required,omitempty" yaml:"required,omitempty"`
 	Format               string               `json:"format,omitempty" yaml:"format,omitempty"`
 	ReadOnly             bool                 `json:"readOnly,omitempty" yaml:"readOnly,omitempty"`
@ -140,7 +143,7 @@ type Propertie struct {

 // Response as they are returned from executing this operation.
 type Response struct {
-	Description string  `json:"description,omitempty" yaml:"description,omitempty"`
+	Description string  `json:"description" yaml:"description"`
 	Schema      *Schema `json:"schema,omitempty" yaml:"schema,omitempty"`
 	Ref         string  `json:"$ref,omitempty" yaml:"$ref,omitempty"`
 }
--- a/template.go
+++ b/template.go
@ -218,9 +218,10 @@ func BuildTemplate(dir string, files ...string) error {
 				}
 				if err != nil {
 					logs.Error("parse template err:", file, err)
-				} else {
-					beeTemplates[file] = t
+					templatesLock.Unlock()
+					return err
 				}
+				beeTemplates[file] = t
 				templatesLock.Unlock()
 			}
 		}
--- a/templatefunc.go
+++ b/templatefunc.go
@ -17,6 +17,7 @@ package beego
 import (
 	"errors"
 	"fmt"
+	"html"
 	"html/template"
 	"net/url"
 	"reflect"
@ -27,9 +28,10 @@ import (
 )

 const (
-	formatTime     = "15:04:05"
-	formatDate     = "2006-01-02"
-	formatDateTime = "2006-01-02 15:04:05"
+	formatTime      = "15:04:05"
+	formatDate      = "2006-01-02"
+	formatDateTime  = "2006-01-02 15:04:05"
+	formatDateTimeT = "2006-01-02T15:04:05"
 )

 // Substr returns the substr from start to length.
@ -53,21 +55,21 @@ func Substr(s string, start, length int) string {
 // HTML2str returns escaping text convert from html.
 func HTML2str(html string) string {

-	re, _ := regexp.Compile("\\<[\\S\\s]+?\\>")
+	re, _ := regexp.Compile(`\<[\S\s]+?\>`)
 	html = re.ReplaceAllStringFunc(html, strings.ToLower)

 	//remove STYLE
-	re, _ = regexp.Compile("\\<style[\\S\\s]+?\\</style\\>")
+	re, _ = regexp.Compile(`\<style[\S\s]+?\</style\>`)
 	html = re.ReplaceAllString(html, "")

 	//remove SCRIPT
-	re, _ = regexp.Compile("\\<script[\\S\\s]+?\\</script\\>")
+	re, _ = regexp.Compile(`\<script[\S\s]+?\</script\>`)
 	html = re.ReplaceAllString(html, "")

-	re, _ = regexp.Compile("\\<[\\S\\s]+?\\>")
+	re, _ = regexp.Compile(`\<[\S\s]+?\>`)
 	html = re.ReplaceAllString(html, "\n")

-	re, _ = regexp.Compile("\\s{2,}")
+	re, _ = regexp.Compile(`\s{2,}`)
 	html = re.ReplaceAllString(html, "\n")

 	return strings.TrimSpace(html)
@ -83,24 +85,24 @@ func DateFormat(t time.Time, layout string) (datestring string) {
 var datePatterns = []string{
 	// year
 	"Y", "2006", // A full numeric representation of a year, 4 digits   Examples: 1999 or 2003
-	"y", "06", //A two digit representation of a year   Examples: 99 or 03
+	"y", "06",   //A two digit representation of a year   Examples: 99 or 03

 	// month
-	"m", "01", // Numeric representation of a month, with leading zeros 01 through 12
-	"n", "1", // Numeric representation of a month, without leading zeros   1 through 12
-	"M", "Jan", // A short textual representation of a month, three letters Jan through Dec
+	"m", "01",      // Numeric representation of a month, with leading zeros 01 through 12
+	"n", "1",       // Numeric representation of a month, without leading zeros   1 through 12
+	"M", "Jan",     // A short textual representation of a month, three letters Jan through Dec
 	"F", "January", // A full textual representation of a month, such as January or March   January through December

 	// day
 	"d", "02", // Day of the month, 2 digits with leading zeros 01 to 31
-	"j", "2", // Day of the month without leading zeros 1 to 31
+	"j", "2",  // Day of the month without leading zeros 1 to 31

 	// week
-	"D", "Mon", // A textual representation of a day, three letters Mon through Sun
+	"D", "Mon",    // A textual representation of a day, three letters Mon through Sun
 	"l", "Monday", // A full textual representation of the day of the week  Sunday through Saturday

 	// time
-	"g", "3", // 12-hour format of an hour without leading zeros    1 through 12
+	"g", "3",  // 12-hour format of an hour without leading zeros    1 through 12
 	"G", "15", // 24-hour format of an hour without leading zeros   0 through 23
 	"h", "03", // 12-hour format of an hour with leading zeros  01 through 12
 	"H", "15", // 24-hour format of an hour with leading zeros  00 through 23
@ -206,14 +208,12 @@ func Htmlquote(text string) string {
 	       '&lt;&#39;&amp;&quot;&gt;'
 	*/

-	text = strings.Replace(text, "&", "&amp;", -1) // Must be done first!
-	text = strings.Replace(text, "<", "&lt;", -1)
-	text = strings.Replace(text, ">", "&gt;", -1)
-	text = strings.Replace(text, "'", "&#39;", -1)
-	text = strings.Replace(text, "\"", "&quot;", -1)
-	text = strings.Replace(text, "“", "&ldquo;", -1)
-	text = strings.Replace(text, "”", "&rdquo;", -1)
-	text = strings.Replace(text, " ", "&nbsp;", -1)
+	text = html.EscapeString(text)
+	text = strings.NewReplacer(
+		`“`, "&ldquo;",
+		`”`, "&rdquo;",
+		` `, "&nbsp;",
+	).Replace(text)

 	return strings.TrimSpace(text)
 }
@ -227,17 +227,7 @@ func Htmlunquote(text string) string {
 	       '<\\'&">'
 	*/

-	// strings.Replace(s, old, new, n)
-	// 在s字符串中，把old字符串替换为new字符串，n表示替换的次数，小于0表示全部替换
-
-	text = strings.Replace(text, "&nbsp;", " ", -1)
-	text = strings.Replace(text, "&rdquo;", "”", -1)
-	text = strings.Replace(text, "&ldquo;", "“", -1)
-	text = strings.Replace(text, "&quot;", "\"", -1)
-	text = strings.Replace(text, "&#39;", "'", -1)
-	text = strings.Replace(text, "&gt;", ">", -1)
-	text = strings.Replace(text, "&lt;", "<", -1)
-	text = strings.Replace(text, "&amp;", "&", -1) // Must be done last!
+	text = html.UnescapeString(text)

 	return strings.TrimSpace(text)
 }
@ -360,8 +350,13 @@ func parseFormToStruct(form url.Values, objT reflect.Type, objV reflect.Value) e
 					value = value[:25]
 					t, err = time.ParseInLocation(time.RFC3339, value, time.Local)
 				} else if len(value) >= 19 {
-					value = value[:19]
-					t, err = time.ParseInLocation(formatDateTime, value, time.Local)
+					if strings.Contains(value, "T") {
+						value = value[:19]
+						t, err = time.ParseInLocation(formatDateTimeT, value, time.Local)
+					} else {
+						value = value[:19]
+						t, err = time.ParseInLocation(formatDateTime, value, time.Local)
+					}
 				} else if len(value) >= 10 {
 					if len(value) > 10 {
 						value = value[:10]
@ -373,7 +368,6 @@ func parseFormToStruct(form url.Values, objT reflect.Type, objV reflect.Value) e
 					}
 					t, err = time.ParseInLocation(formatTime, value, time.Local)
 				}
-
 				if err != nil {
 					return err
 				}
--- a/templatefunc_test.go
+++ b/templatefunc_test.go
@ -94,7 +94,7 @@ func TestCompareRelated(t *testing.T) {
 }

 func TestHtmlquote(t *testing.T) {
-	h := `&lt;&#39;&nbsp;&rdquo;&ldquo;&amp;&quot;&gt;`
+	h := `&lt;&#39;&nbsp;&rdquo;&ldquo;&amp;&#34;&gt;`
 	s := `<' ”“&">`
 	if Htmlquote(s) != h {
 		t.Error("should be equal")
@ -102,8 +102,8 @@ func TestHtmlquote(t *testing.T) {
 }

 func TestHtmlunquote(t *testing.T) {
-	h := `&lt;&#39;&nbsp;&rdquo;&ldquo;&amp;&quot;&gt;`
-	s := `<' ”“&">`
+	h := `&lt;&#39;&nbsp;&rdquo;&ldquo;&amp;&#34;&gt;`
+	s := `<' ”“&">`
 	if Htmlunquote(h) != s {
 		t.Error("should be equal")
 	}
--- a/tree.go
+++ b/tree.go
@ -28,7 +28,7 @@ var (
 )

 // Tree has three elements: FixRouter/wildcard/leaves
-// fixRouter sotres Fixed Router
+// fixRouter stores Fixed Router
 // wildcard stores params
 // leaves store the endpoint information
 type Tree struct {
--- a/unregroute_test.go
+++ b/unregroute_test.go
@ -0,0 +1,226 @@
+// Copyright 2014 beego Author. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package beego
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"strings"
+	"testing"
+)
+
+//
+// The unregroute_test.go contains tests for the unregister route
+// functionality, that allows overriding route paths in children project
+// that embed parent routers.
+//
+
+const contentRootOriginal = "ok-original-root"
+const contentLevel1Original = "ok-original-level1"
+const contentLevel2Original = "ok-original-level2"
+
+const contentRootReplacement = "ok-replacement-root"
+const contentLevel1Replacement = "ok-replacement-level1"
+const contentLevel2Replacement = "ok-replacement-level2"
+
+// TestPreUnregController will supply content for the original routes,
+// before unregistration
+type TestPreUnregController struct {
+	Controller
+}
+
+func (tc *TestPreUnregController) GetFixedRoot() {
+	tc.Ctx.Output.Body([]byte(contentRootOriginal))
+}
+func (tc *TestPreUnregController) GetFixedLevel1() {
+	tc.Ctx.Output.Body([]byte(contentLevel1Original))
+}
+func (tc *TestPreUnregController) GetFixedLevel2() {
+	tc.Ctx.Output.Body([]byte(contentLevel2Original))
+}
+
+// TestPostUnregController will supply content for the overriding routes,
+// after the original ones are unregistered.
+type TestPostUnregController struct {
+	Controller
+}
+
+func (tc *TestPostUnregController) GetFixedRoot() {
+	tc.Ctx.Output.Body([]byte(contentRootReplacement))
+}
+func (tc *TestPostUnregController) GetFixedLevel1() {
+	tc.Ctx.Output.Body([]byte(contentLevel1Replacement))
+}
+func (tc *TestPostUnregController) GetFixedLevel2() {
+	tc.Ctx.Output.Body([]byte(contentLevel2Replacement))
+}
+
+// TestUnregisterFixedRouteRoot replaces just the root fixed route path.
+// In this case, for a path like "/level1/level2" or "/level1", those actions
+// should remain intact, and continue to serve the original content.
+func TestUnregisterFixedRouteRoot(t *testing.T) {
+
+	var method = "GET"
+
+	handler := NewControllerRegister()
+	handler.Add("/", &TestPreUnregController{}, "get:GetFixedRoot")
+	handler.Add("/level1", &TestPreUnregController{}, "get:GetFixedLevel1")
+	handler.Add("/level1/level2", &TestPreUnregController{}, "get:GetFixedLevel2")
+
+	// Test original root
+	testHelperFnContentCheck(t, handler, "Test original root",
+		method, "/", contentRootOriginal)
+
+	// Test original level 1
+	testHelperFnContentCheck(t, handler, "Test original level 1",
+		method, "/level1", contentLevel1Original)
+
+	// Test original level 2
+	testHelperFnContentCheck(t, handler, "Test original level 2",
+		method, "/level1/level2", contentLevel2Original)
+
+	// Remove only the root path
+	findAndRemoveSingleTree(handler.routers[method])
+
+	// Replace the root path TestPreUnregController action with the action from
+	// TestPostUnregController
+	handler.Add("/", &TestPostUnregController{}, "get:GetFixedRoot")
+
+	// Test replacement root (expect change)
+	testHelperFnContentCheck(t, handler, "Test replacement root (expect change)", method, "/", contentRootReplacement)
+
+	// Test level 1 (expect no change from the original)
+	testHelperFnContentCheck(t, handler, "Test level 1 (expect no change from the original)", method, "/level1", contentLevel1Original)
+
+	// Test level 2 (expect no change from the original)
+	testHelperFnContentCheck(t, handler, "Test level 2 (expect no change from the original)", method, "/level1/level2", contentLevel2Original)
+
+}
+
+// TestUnregisterFixedRouteLevel1 replaces just the "/level1" fixed route path.
+// In this case, for a path like "/level1/level2" or "/", those actions
+// should remain intact, and continue to serve the original content.
+func TestUnregisterFixedRouteLevel1(t *testing.T) {
+
+	var method = "GET"
+
+	handler := NewControllerRegister()
+	handler.Add("/", &TestPreUnregController{}, "get:GetFixedRoot")
+	handler.Add("/level1", &TestPreUnregController{}, "get:GetFixedLevel1")
+	handler.Add("/level1/level2", &TestPreUnregController{}, "get:GetFixedLevel2")
+
+	// Test original root
+	testHelperFnContentCheck(t, handler,
+		"TestUnregisterFixedRouteLevel1.Test original root",
+		method, "/", contentRootOriginal)
+
+	// Test original level 1
+	testHelperFnContentCheck(t, handler,
+		"TestUnregisterFixedRouteLevel1.Test original level 1",
+		method, "/level1", contentLevel1Original)
+
+	// Test original level 2
+	testHelperFnContentCheck(t, handler,
+		"TestUnregisterFixedRouteLevel1.Test original level 2",
+		method, "/level1/level2", contentLevel2Original)
+
+	// Remove only the level1 path
+	subPaths := splitPath("/level1")
+	if handler.routers[method].prefix == strings.Trim("/level1", "/ ") {
+		findAndRemoveSingleTree(handler.routers[method])
+	} else {
+		findAndRemoveTree(subPaths, handler.routers[method], method)
+	}
+
+	// Replace the "level1" path TestPreUnregController action with the action from
+	// TestPostUnregController
+	handler.Add("/level1", &TestPostUnregController{}, "get:GetFixedLevel1")
+
+	// Test replacement root (expect no change from the original)
+	testHelperFnContentCheck(t, handler, "Test replacement root (expect no change from the original)", method, "/", contentRootOriginal)
+
+	// Test level 1 (expect change)
+	testHelperFnContentCheck(t, handler, "Test level 1 (expect change)", method, "/level1", contentLevel1Replacement)
+
+	// Test level 2 (expect no change from the original)
+	testHelperFnContentCheck(t, handler, "Test level 2 (expect no change from the original)", method, "/level1/level2", contentLevel2Original)
+
+}
+
+// TestUnregisterFixedRouteLevel2 unregisters just the "/level1/level2" fixed
+// route path. In this case, for a path like "/level1" or "/", those actions
+// should remain intact, and continue to serve the original content.
+func TestUnregisterFixedRouteLevel2(t *testing.T) {
+
+	var method = "GET"
+
+	handler := NewControllerRegister()
+	handler.Add("/", &TestPreUnregController{}, "get:GetFixedRoot")
+	handler.Add("/level1", &TestPreUnregController{}, "get:GetFixedLevel1")
+	handler.Add("/level1/level2", &TestPreUnregController{}, "get:GetFixedLevel2")
+
+	// Test original root
+	testHelperFnContentCheck(t, handler,
+		"TestUnregisterFixedRouteLevel1.Test original root",
+		method, "/", contentRootOriginal)
+
+	// Test original level 1
+	testHelperFnContentCheck(t, handler,
+		"TestUnregisterFixedRouteLevel1.Test original level 1",
+		method, "/level1", contentLevel1Original)
+
+	// Test original level 2
+	testHelperFnContentCheck(t, handler,
+		"TestUnregisterFixedRouteLevel1.Test original level 2",
+		method, "/level1/level2", contentLevel2Original)
+
+	// Remove only the level2 path
+	subPaths := splitPath("/level1/level2")
+	if handler.routers[method].prefix == strings.Trim("/level1/level2", "/ ") {
+		findAndRemoveSingleTree(handler.routers[method])
+	} else {
+		findAndRemoveTree(subPaths, handler.routers[method], method)
+	}
+
+	// Replace the "/level1/level2" path TestPreUnregController action with the action from
+	// TestPostUnregController
+	handler.Add("/level1/level2", &TestPostUnregController{}, "get:GetFixedLevel2")
+
+	// Test replacement root (expect no change from the original)
+	testHelperFnContentCheck(t, handler, "Test replacement root (expect no change from the original)", method, "/", contentRootOriginal)
+
+	// Test level 1 (expect no change from the original)
+	testHelperFnContentCheck(t, handler, "Test level 1 (expect no change from the original)", method, "/level1", contentLevel1Original)
+
+	// Test level 2 (expect change)
+	testHelperFnContentCheck(t, handler, "Test level 2 (expect change)", method, "/level1/level2", contentLevel2Replacement)
+
+}
+
+func testHelperFnContentCheck(t *testing.T, handler *ControllerRegister,
+	testName, method, path, expectedBodyContent string) {
+
+	r, err := http.NewRequest(method, path, nil)
+	if err != nil {
+		t.Errorf("httpRecorderBodyTest NewRequest error: %v", err)
+		return
+	}
+	w := httptest.NewRecorder()
+	handler.ServeHTTP(w, r)
+	body := w.Body.String()
+	if body != expectedBodyContent {
+		t.Errorf("%s: expected [%s], got [%s];", testName, expectedBodyContent, body)
+	}
+}
--- a/utils/safemap_test.go
+++ b/utils/safemap_test.go
@ -31,6 +31,22 @@ func TestSet(t *testing.T) {
 	}
 }

+func TestReSet(t *testing.T) {
+	safeMap := NewBeeMap()
+	if ok := safeMap.Set("astaxie", 1); !ok {
+		t.Error("expected", true, "got", false)
+	}
+	// set diff value
+	if ok := safeMap.Set("astaxie", -1); !ok {
+		t.Error("expected", true, "got", false)
+	}
+
+	// set same value
+	if ok := safeMap.Set("astaxie", -1); ok {
+		t.Error("expected", false, "got", true)
+	}
+}
+
 func TestCheck(t *testing.T) {
 	if exists := safeMap.Check("astaxie"); !exists {
 		t.Error("expected", true, "got", false)
@ -50,6 +66,21 @@ func TestDelete(t *testing.T) {
 	}
 }

+func TestItems(t *testing.T) {
+	safeMap := NewBeeMap()
+	safeMap.Set("astaxie", "hello")
+	for k, v := range safeMap.Items() {
+		key := k.(string)
+		value := v.(string)
+		if key != "astaxie" {
+			t.Error("expected the key should be astaxie")
+		}
+		if value != "hello" {
+			t.Error("expected the value should be hello")
+		}
+	}
+}
+
 func TestCount(t *testing.T) {
 	if count := safeMap.Count(); count != 0 {
 		t.Error("expected count to be", 0, "got", count)
--- a/validation/README.md
+++ b/validation/README.md
@ -64,6 +64,9 @@ Struct Tag Use:

 	func main() {
 		valid := validation.Validation{}
+		// ignore empty field valid
+		// see CanSkipFuncs
+		// valid := validation.Validation{RequiredFirst:true}
 		u := user{Name: "test", Age: 40}
 		b, err := valid.Valid(u)
 		if err != nil {
--- a/validation/util.go
+++ b/validation/util.go
@ -25,6 +25,8 @@ import (
 const (
 	// ValidTag struct tag
 	ValidTag = "valid"
+
+	wordsize = 32 << (^uint(0) >> 32 & 1)
 )

 var (
@ -43,6 +45,8 @@ var (
 		"Valid":     true,
 		"NoMatch":   true,
 	}
+	// ErrInt64On32 show 32 bit platform not support int64
+	ErrInt64On32 = fmt.Errorf("not support int64 on 32-bit platform")
 )

 func init() {
@ -249,16 +253,39 @@ func parseParam(t reflect.Type, s string) (i interface{}, err error) {
 	switch t.Kind() {
 	case reflect.Int:
 		i, err = strconv.Atoi(s)
+	case reflect.Int64:
+		if wordsize == 32 {
+			return nil, ErrInt64On32
+		}
+		i, err = strconv.ParseInt(s, 10, 64)
+	case reflect.Int32:
+		var v int64
+		v, err = strconv.ParseInt(s, 10, 32)
+		if err == nil {
+			i = int32(v)
+		}
+	case reflect.Int16:
+		var v int64
+		v, err = strconv.ParseInt(s, 10, 16)
+		if err == nil {
+			i = int16(v)
+		}
+	case reflect.Int8:
+		var v int64
+		v, err = strconv.ParseInt(s, 10, 8)
+		if err == nil {
+			i = int8(v)
+		}
 	case reflect.String:
 		i = s
 	case reflect.Ptr:
 		if t.Elem().String() != "regexp.Regexp" {
-			err = fmt.Errorf("does not support %s", t.Elem().String())
+			err = fmt.Errorf("not support %s", t.Elem().String())
 			return
 		}
 		i, err = regexp.Compile(s)
 	default:
-		err = fmt.Errorf("does not support %s", t.Kind().String())
+		err = fmt.Errorf("not support %s", t.Kind().String())
 	}
 	return
 }
--- a/validation/validation.go
+++ b/validation/validation.go
@ -106,8 +106,13 @@ func (r *Result) Message(message string, args ...interface{}) *Result {

 // A Validation context manages data validation and error messages.
 type Validation struct {
+	// if this field set true, in struct tag valid
+	// if the struct field vale is empty
+	// it will skip those valid functions, see CanSkipFuncs
+	RequiredFirst bool
+
 	Errors    []*Error
-	ErrorsMap map[string]*Error
+	ErrorsMap map[string][]*Error
 }

 // Clear Clean all ValidationError.
@ -124,7 +129,7 @@ func (v *Validation) HasErrors() bool {
 // ErrorMap Return the errors mapped by key.
 // If there are multiple validation errors associated with a single key, the
 // first one "wins".  (Typically the first validation will be the more basic).
-func (v *Validation) ErrorMap() map[string]*Error {
+func (v *Validation) ErrorMap() map[string][]*Error {
 	return v.ErrorsMap
 }

@ -240,7 +245,21 @@ func (v *Validation) ZipCode(obj interface{}, key string) *Result {
 }

 func (v *Validation) apply(chk Validator, obj interface{}) *Result {
-	if chk.IsSatisfied(obj) {
+	if nil == obj {
+		if chk.IsSatisfied(obj) {
+			return &Result{Ok: true}
+		}
+	} else if reflect.TypeOf(obj).Kind() == reflect.Ptr {
+		if reflect.ValueOf(obj).IsNil() {
+			if chk.IsSatisfied(nil) {
+				return &Result{Ok: true}
+			}
+		} else {
+			if chk.IsSatisfied(reflect.ValueOf(obj).Elem().Interface()) {
+				return &Result{Ok: true}
+			}
+		}
+	} else if chk.IsSatisfied(obj) {
 		return &Result{Ok: true}
 	}

@ -273,14 +292,35 @@ func (v *Validation) apply(chk Validator, obj interface{}) *Result {
 	}
 }

+// AddError adds independent error message for the provided key
+func (v *Validation) AddError(key, message string) {
+	Name := key
+	Field := ""
+
+	parts := strings.Split(key, ".")
+	if len(parts) == 2 {
+		Field = parts[0]
+		Name = parts[1]
+	}
+
+	err := &Error{
+		Message: message,
+		Key:     key,
+		Name:    Name,
+		Field:   Field,
+	}
+	v.setError(err)
+}
+
 func (v *Validation) setError(err *Error) {
 	v.Errors = append(v.Errors, err)
 	if v.ErrorsMap == nil {
-		v.ErrorsMap = make(map[string]*Error)
+		v.ErrorsMap = make(map[string][]*Error)
 	}
 	if _, ok := v.ErrorsMap[err.Field]; !ok {
-		v.ErrorsMap[err.Field] = err
+		v.ErrorsMap[err.Field] = []*Error{}
 	}
+	v.ErrorsMap[err.Field] = append(v.ErrorsMap[err.Field], err)
 }

 // SetError Set error message for one field in ValidationError
@ -324,7 +364,30 @@ func (v *Validation) Valid(obj interface{}) (b bool, err error) {
 		if vfs, err = getValidFuncs(objT.Field(i)); err != nil {
 			return
 		}
+
+		var hasRequired bool
 		for _, vf := range vfs {
+			if vf.Name == "Required" {
+				hasRequired = true
+			}
+
+			currentField := objV.Field(i).Interface()
+			if objV.Field(i).Kind() == reflect.Ptr {
+				if objV.Field(i).IsNil() {
+					currentField = ""
+				} else {
+					currentField = objV.Field(i).Elem().Interface()
+				}
+			}
+
+
+			chk := Required{""}.IsSatisfied(currentField)
+			if !hasRequired && v.RequiredFirst && !chk {
+				if _, ok := CanSkipFuncs[vf.Name]; ok {
+					continue
+				}
+			}
+
 			if _, err = funcs.Call(vf.Name,
 				mergeParam(v, objV.Field(i).Interface(), vf.Params)...); err != nil {
 				return
@ -376,3 +439,9 @@ func (v *Validation) RecursiveValid(objc interface{}) (bool, error) {
 	}
 	return pass, err
 }
+
+func (v *Validation) CanSkipAlso(skipFunc string) {
+	if _, ok := CanSkipFuncs[skipFunc]; !ok {
+		CanSkipFuncs[skipFunc] = struct{}{}
+	}
+}
--- a/validation/validation_test.go
+++ b/validation/validation_test.go
@ -35,6 +35,12 @@ func TestRequired(t *testing.T) {
 	if valid.Required("", "string").Ok {
 		t.Error("\"'\" string should be false")
 	}
+	if valid.Required(" ", "string").Ok {
+		t.Error("\" \" string should be false") // For #2361
+	}
+	if valid.Required("\n", "string").Ok {
+		t.Error("new line string should be false") // For #2361
+	}
 	if !valid.Required("astaxie", "string").Ok {
 		t.Error("string should be true")
 	}
@ -175,10 +181,10 @@ func TestAlphaNumeric(t *testing.T) {
 func TestMatch(t *testing.T) {
 	valid := Validation{}

-	if valid.Match("suchuangji@gmail", regexp.MustCompile("^\\w+@\\w+\\.\\w+$"), "match").Ok {
+	if valid.Match("suchuangji@gmail", regexp.MustCompile(`^\w+@\w+\.\w+$`), "match").Ok {
 		t.Error("\"suchuangji@gmail\" match \"^\\w+@\\w+\\.\\w+$\"  should be false")
 	}
-	if !valid.Match("suchuangji@gmail.com", regexp.MustCompile("^\\w+@\\w+\\.\\w+$"), "match").Ok {
+	if !valid.Match("suchuangji@gmail.com", regexp.MustCompile(`^\w+@\w+\.\w+$`), "match").Ok {
 		t.Error("\"suchuangji@gmail\" match \"^\\w+@\\w+\\.\\w+$\"  should be true")
 	}
 }
@ -186,10 +192,10 @@ func TestMatch(t *testing.T) {
 func TestNoMatch(t *testing.T) {
 	valid := Validation{}

-	if valid.NoMatch("123@gmail", regexp.MustCompile("[^\\w\\d]"), "nomatch").Ok {
+	if valid.NoMatch("123@gmail", regexp.MustCompile(`[^\w\d]`), "nomatch").Ok {
 		t.Error("\"123@gmail\" not match \"[^\\w\\d]\"  should be false")
 	}
-	if !valid.NoMatch("123gmail", regexp.MustCompile("[^\\w\\d]"), "match").Ok {
+	if !valid.NoMatch("123gmail", regexp.MustCompile(`[^\w\d]`), "match").Ok {
 		t.Error("\"123@gmail\" not match \"[^\\w\\d@]\"  should be true")
 	}
 }
@ -385,3 +391,173 @@ func TestRecursiveValid(t *testing.T) {
 		t.Error("validation should not be passed")
 	}
 }
+
+func TestSkipValid(t *testing.T) {
+	type User struct {
+		ID int
+
+		Email    string `valid:"Email"`
+		ReqEmail string `valid:"Required;Email"`
+
+		IP    string `valid:"IP"`
+		ReqIP string `valid:"Required;IP"`
+
+		Mobile    string `valid:"Mobile"`
+		ReqMobile string `valid:"Required;Mobile"`
+
+		Tel    string `valid:"Tel"`
+		ReqTel string `valid:"Required;Tel"`
+
+		Phone    string `valid:"Phone"`
+		ReqPhone string `valid:"Required;Phone"`
+
+		ZipCode    string `valid:"ZipCode"`
+		ReqZipCode string `valid:"Required;ZipCode"`
+	}
+
+	u := User{
+		ReqEmail:   "a@a.com",
+		ReqIP:      "127.0.0.1",
+		ReqMobile:  "18888888888",
+		ReqTel:     "02088888888",
+		ReqPhone:   "02088888888",
+		ReqZipCode: "510000",
+	}
+
+	valid := Validation{}
+	b, err := valid.Valid(u)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if b {
+		t.Fatal("validation should not be passed")
+	}
+
+	valid = Validation{RequiredFirst: true}
+	b, err = valid.Valid(u)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if !b {
+		t.Fatal("validation should be passed")
+	}
+}
+
+func TestPointer(t *testing.T) {
+	type User struct {
+		ID int
+
+		Email    *string `valid:"Email"`
+		ReqEmail *string `valid:"Required;Email"`
+	}
+
+	u := User{
+		ReqEmail: nil,
+		Email:	  nil,
+	}
+
+	valid := Validation{}
+	b, err := valid.Valid(u)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if b {
+		t.Fatal("validation should not be passed")
+	}
+
+	validEmail := "a@a.com"
+	u = User{
+		ReqEmail: &validEmail,
+		Email:	  nil,
+	}
+
+	valid = Validation{RequiredFirst: true}
+	b, err = valid.Valid(u)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if !b {
+		t.Fatal("validation should be passed")
+	}
+
+	u = User{
+		ReqEmail: &validEmail,
+		Email:	  nil,
+	}
+
+	valid = Validation{}
+	b, err = valid.Valid(u)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if b {
+		t.Fatal("validation should not be passed")
+	}
+
+	invalidEmail := "a@a"
+	u = User{
+		ReqEmail: &validEmail,
+		Email:	  &invalidEmail,
+	}
+
+	valid = Validation{RequiredFirst: true}
+	b, err = valid.Valid(u)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if b {
+		t.Fatal("validation should not be passed")
+	}
+
+	u = User{
+		ReqEmail: &validEmail,
+		Email:	  &invalidEmail,
+	}
+
+	valid = Validation{}
+	b, err = valid.Valid(u)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if b {
+		t.Fatal("validation should not be passed")
+	}
+}
+
+
+func TestCanSkipAlso(t *testing.T) {
+	type User struct {
+		ID int
+
+		Email    	string `valid:"Email"`
+		ReqEmail 	string `valid:"Required;Email"`
+		MatchRange	int 	`valid:"Range(10, 20)"`
+	}
+
+	u := User{
+		ReqEmail: 	"a@a.com",
+		Email:    	"",
+		MatchRange: 0,
+	}
+
+	valid := Validation{RequiredFirst: true}
+	b, err := valid.Valid(u)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if b {
+		t.Fatal("validation should not be passed")
+	}
+
+	valid = Validation{RequiredFirst: true}
+	valid.CanSkipAlso("Range")
+	b, err = valid.Valid(u)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if !b {
+		t.Fatal("validation should be passed")
+	}
+
+}
+
--- a/validation/validators.go
+++ b/validation/validators.go
@ -18,10 +18,21 @@ import (
 	"fmt"
 	"reflect"
 	"regexp"
+	"strings"
 	"time"
 	"unicode/utf8"
 )

+// CanSkipFuncs will skip valid if RequiredFirst is true and the struct field's value is empty
+var CanSkipFuncs = map[string]struct{}{
+	"Email":   {},
+	"IP":      {},
+	"Mobile":  {},
+	"Tel":     {},
+	"Phone":   {},
+	"ZipCode": {},
+}
+
 // MessageTmpls store commond validate template
 var MessageTmpls = map[string]string{
 	"Required":     "Can not be empty",
@ -98,7 +109,7 @@ func (r Required) IsSatisfied(obj interface{}) bool {
 	}

 	if str, ok := obj.(string); ok {
-		return len(str) > 0
+		return len(strings.TrimSpace(str)) > 0
 	}
 	if _, ok := obj.(bool); ok {
 		return true
@ -145,7 +156,7 @@ func (r Required) IsSatisfied(obj interface{}) bool {

 // DefaultMessage return the default error message
 func (r Required) DefaultMessage() string {
-	return fmt.Sprint(MessageTmpls["Required"])
+	return MessageTmpls["Required"]
 }

 // GetKey return the r.Key
@ -165,12 +176,28 @@ type Min struct {
 }

 // IsSatisfied judge whether obj is valid
+// not support int64 on 32-bit platform
 func (m Min) IsSatisfied(obj interface{}) bool {
-	num, ok := obj.(int)
-	if ok {
-		return num >= m.Min
+	var v int
+	switch obj.(type) {
+	case int64:
+		if wordsize == 32 {
+			return false
+		}
+		v = int(obj.(int64))
+	case int:
+		v = obj.(int)
+	case int32:
+		v = int(obj.(int32))
+	case int16:
+		v = int(obj.(int16))
+	case int8:
+		v = int(obj.(int8))
+	default:
+		return false
 	}
-	return false
+
+	return v >= m.Min
 }

 // DefaultMessage return the default min error message
@ -195,12 +222,28 @@ type Max struct {
 }

 // IsSatisfied judge whether obj is valid
+// not support int64 on 32-bit platform
 func (m Max) IsSatisfied(obj interface{}) bool {
-	num, ok := obj.(int)
-	if ok {
-		return num <= m.Max
+	var v int
+	switch obj.(type) {
+	case int64:
+		if wordsize == 32 {
+			return false
+		}
+		v = int(obj.(int64))
+	case int:
+		v = obj.(int)
+	case int32:
+		v = int(obj.(int32))
+	case int16:
+		v = int(obj.(int16))
+	case int8:
+		v = int(obj.(int8))
+	default:
+		return false
 	}
-	return false
+
+	return v <= m.Max
 }

 // DefaultMessage return the default max error message
@ -226,6 +269,7 @@ type Range struct {
 }

 // IsSatisfied judge whether obj is valid
+// not support int64 on 32-bit platform
 func (r Range) IsSatisfied(obj interface{}) bool {
 	return r.Min.IsSatisfied(obj) && r.Max.IsSatisfied(obj)
 }
@ -364,7 +408,7 @@ func (a Alpha) IsSatisfied(obj interface{}) bool {

 // DefaultMessage return the default Length error message
 func (a Alpha) DefaultMessage() string {
-	return fmt.Sprint(MessageTmpls["Alpha"])
+	return MessageTmpls["Alpha"]
 }

 // GetKey return the m.Key
@ -397,7 +441,7 @@ func (n Numeric) IsSatisfied(obj interface{}) bool {

 // DefaultMessage return the default Length error message
 func (n Numeric) DefaultMessage() string {
-	return fmt.Sprint(MessageTmpls["Numeric"])
+	return MessageTmpls["Numeric"]
 }

 // GetKey return the n.Key
@ -430,7 +474,7 @@ func (a AlphaNumeric) IsSatisfied(obj interface{}) bool {

 // DefaultMessage return the default Length error message
 func (a AlphaNumeric) DefaultMessage() string {
-	return fmt.Sprint(MessageTmpls["AlphaNumeric"])
+	return MessageTmpls["AlphaNumeric"]
 }

 // GetKey return the a.Key
@ -495,7 +539,7 @@ func (n NoMatch) GetLimitValue() interface{} {
 	return n.Regexp.String()
 }

-var alphaDashPattern = regexp.MustCompile("[^\\d\\w-_]")
+var alphaDashPattern = regexp.MustCompile(`[^\d\w-_]`)

 // AlphaDash check not Alpha
 type AlphaDash struct {
@ -505,7 +549,7 @@ type AlphaDash struct {

 // DefaultMessage return the default AlphaDash error message
 func (a AlphaDash) DefaultMessage() string {
-	return fmt.Sprint(MessageTmpls["AlphaDash"])
+	return MessageTmpls["AlphaDash"]
 }

 // GetKey return the n.Key
@ -518,7 +562,7 @@ func (a AlphaDash) GetLimitValue() interface{} {
 	return nil
 }

-var emailPattern = regexp.MustCompile("^[\\w!#$%&'*+/=?^_`{|}~-]+(?:\\.[\\w!#$%&'*+/=?^_`{|}~-]+)*@(?:[\\w](?:[\\w-]*[\\w])?\\.)+[a-zA-Z0-9](?:[\\w-]*[\\w])?$")
+var emailPattern = regexp.MustCompile(`^[\w!#$%&'*+/=?^_` + "`" + `{|}~-]+(?:\.[\w!#$%&'*+/=?^_` + "`" + `{|}~-]+)*@(?:[\w](?:[\w-]*[\w])?\.)+[a-zA-Z0-9](?:[\w-]*[\w])?$`)

 // Email check struct
 type Email struct {
@ -528,7 +572,7 @@ type Email struct {

 // DefaultMessage return the default Email error message
 func (e Email) DefaultMessage() string {
-	return fmt.Sprint(MessageTmpls["Email"])
+	return MessageTmpls["Email"]
 }

 // GetKey return the n.Key
@ -541,7 +585,7 @@ func (e Email) GetLimitValue() interface{} {
 	return nil
 }

-var ipPattern = regexp.MustCompile("^((2[0-4]\\d|25[0-5]|[01]?\\d\\d?)\\.){3}(2[0-4]\\d|25[0-5]|[01]?\\d\\d?)$")
+var ipPattern = regexp.MustCompile(`^((2[0-4]\d|25[0-5]|[01]?\d\d?)\.){3}(2[0-4]\d|25[0-5]|[01]?\d\d?)$`)

 // IP check struct
 type IP struct {
@ -551,7 +595,7 @@ type IP struct {

 // DefaultMessage return the default IP error message
 func (i IP) DefaultMessage() string {
-	return fmt.Sprint(MessageTmpls["IP"])
+	return MessageTmpls["IP"]
 }

 // GetKey return the i.Key
@ -564,7 +608,7 @@ func (i IP) GetLimitValue() interface{} {
 	return nil
 }

-var base64Pattern = regexp.MustCompile("^(?:[A-Za-z0-99+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$")
+var base64Pattern = regexp.MustCompile(`^(?:[A-Za-z0-99+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$`)

 // Base64 check struct
 type Base64 struct {
@ -574,7 +618,7 @@ type Base64 struct {

 // DefaultMessage return the default Base64 error message
 func (b Base64) DefaultMessage() string {
-	return fmt.Sprint(MessageTmpls["Base64"])
+	return MessageTmpls["Base64"]
 }

 // GetKey return the b.Key
@ -588,7 +632,7 @@ func (b Base64) GetLimitValue() interface{} {
 }

 // just for chinese mobile phone number
-var mobilePattern = regexp.MustCompile("^((\\+86)|(86))?(1(([35][0-9])|[8][0-9]|[7][06789]|[4][579]))\\d{8}$")
+var mobilePattern = regexp.MustCompile(`^((\+86)|(86))?(1(([35][0-9])|[8][0-9]|[7][06789]|[4][579]))\d{8}$`)

 // Mobile check struct
 type Mobile struct {
@ -598,7 +642,7 @@ type Mobile struct {

 // DefaultMessage return the default Mobile error message
 func (m Mobile) DefaultMessage() string {
-	return fmt.Sprint(MessageTmpls["Mobile"])
+	return MessageTmpls["Mobile"]
 }

 // GetKey return the m.Key
@ -612,7 +656,7 @@ func (m Mobile) GetLimitValue() interface{} {
 }

 // just for chinese telephone number
-var telPattern = regexp.MustCompile("^(0\\d{2,3}(\\-)?)?\\d{7,8}$")
+var telPattern = regexp.MustCompile(`^(0\d{2,3}(\-)?)?\d{7,8}$`)

 // Tel check telephone struct
 type Tel struct {
@ -622,7 +666,7 @@ type Tel struct {

 // DefaultMessage return the default Tel error message
 func (t Tel) DefaultMessage() string {
-	return fmt.Sprint(MessageTmpls["Tel"])
+	return MessageTmpls["Tel"]
 }

 // GetKey return the t.Key
@ -649,7 +693,7 @@ func (p Phone) IsSatisfied(obj interface{}) bool {

 // DefaultMessage return the default Phone error message
 func (p Phone) DefaultMessage() string {
-	return fmt.Sprint(MessageTmpls["Phone"])
+	return MessageTmpls["Phone"]
 }

 // GetKey return the p.Key
@ -663,7 +707,7 @@ func (p Phone) GetLimitValue() interface{} {
 }

 // just for chinese zipcode
-var zipCodePattern = regexp.MustCompile("^[1-9]\\d{5}$")
+var zipCodePattern = regexp.MustCompile(`^[1-9]\d{5}$`)

 // ZipCode check the zip struct
 type ZipCode struct {
@ -673,7 +717,7 @@ type ZipCode struct {

 // DefaultMessage return the default Zip error message
 func (z ZipCode) DefaultMessage() string {
-	return fmt.Sprint(MessageTmpls["ZipCode"])
+	return MessageTmpls["ZipCode"]
 }

 // GetKey return the z.Key
--- a/vendor/golang.org/x/crypto/LICENSE
+++ b/vendor/golang.org/x/crypto/LICENSE
@ -0,0 +1,27 @@
+Copyright (c) 2009 The Go Authors. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+   * Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+   * Redistributions in binary form must reproduce the above
+copyright notice, this list of conditions and the following disclaimer
+in the documentation and/or other materials provided with the
+distribution.
+   * Neither the name of Google Inc. nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
--- a/vendor/golang.org/x/crypto/PATENTS
+++ b/vendor/golang.org/x/crypto/PATENTS
@ -0,0 +1,22 @@
+Additional IP Rights Grant (Patents)
+
+"This implementation" means the copyrightable works distributed by
+Google as part of the Go project.
+
+Google hereby grants to You a perpetual, worldwide, non-exclusive,
+no-charge, royalty-free, irrevocable (except as stated in this section)
+patent license to make, have made, use, offer to sell, sell, import,
+transfer and otherwise run, modify and propagate the contents of this
+implementation of Go, where such license applies only to those patent
+claims, both currently owned or controlled by Google and acquired in
+the future, licensable by Google that are necessarily infringed by this
+implementation of Go.  This grant does not include claims that would be
+infringed only as a consequence of further modification of this
+implementation.  If you or your agent or exclusive licensee institute or
+order or agree to the institution of patent litigation against any
+entity (including a cross-claim or counterclaim in a lawsuit) alleging
+that this implementation of Go or any code incorporated within this
+implementation of Go constitutes direct or contributory patent
+infringement, or inducement of patent infringement, then any patent
+rights granted to you under this License for this implementation of Go
+shall terminate as of the date such litigation is filed.
--- a/vendor/golang.org/x/crypto/acme/acme.go
+++ b/vendor/golang.org/x/crypto/acme/acme.go
@ -0,0 +1,921 @@
+// Copyright 2015 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package acme provides an implementation of the
+// Automatic Certificate Management Environment (ACME) spec.
+// See https://tools.ietf.org/html/draft-ietf-acme-acme-02 for details.
+//
+// Most common scenarios will want to use autocert subdirectory instead,
+// which provides automatic access to certificates from Let's Encrypt
+// and any other ACME-based CA.
+//
+// This package is a work in progress and makes no API stability promises.
+package acme
+
+import (
+	"context"
+	"crypto"
+	"crypto/ecdsa"
+	"crypto/elliptic"
+	"crypto/rand"
+	"crypto/sha256"
+	"crypto/tls"
+	"crypto/x509"
+	"crypto/x509/pkix"
+	"encoding/asn1"
+	"encoding/base64"
+	"encoding/hex"
+	"encoding/json"
+	"encoding/pem"
+	"errors"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"math/big"
+	"net/http"
+	"strings"
+	"sync"
+	"time"
+)
+
+const (
+	// LetsEncryptURL is the Directory endpoint of Let's Encrypt CA.
+	LetsEncryptURL = "https://acme-v01.api.letsencrypt.org/directory"
+
+	// ALPNProto is the ALPN protocol name used by a CA server when validating
+	// tls-alpn-01 challenges.
+	//
+	// Package users must ensure their servers can negotiate the ACME ALPN
+	// in order for tls-alpn-01 challenge verifications to succeed.
+	ALPNProto = "acme-tls/1"
+)
+
+// idPeACMEIdentifierV1 is the OID for the ACME extension for the TLS-ALPN challenge.
+var idPeACMEIdentifierV1 = asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 7, 1, 30, 1}
+
+const (
+	maxChainLen = 5       // max depth and breadth of a certificate chain
+	maxCertSize = 1 << 20 // max size of a certificate, in bytes
+
+	// Max number of collected nonces kept in memory.
+	// Expect usual peak of 1 or 2.
+	maxNonces = 100
+)
+
+// Client is an ACME client.
+// The only required field is Key. An example of creating a client with a new key
+// is as follows:
+//
+// 	key, err := rsa.GenerateKey(rand.Reader, 2048)
+// 	if err != nil {
+// 		log.Fatal(err)
+// 	}
+// 	client := &Client{Key: key}
+//
+type Client struct {
+	// Key is the account key used to register with a CA and sign requests.
+	// Key.Public() must return a *rsa.PublicKey or *ecdsa.PublicKey.
+	Key crypto.Signer
+
+	// HTTPClient optionally specifies an HTTP client to use
+	// instead of http.DefaultClient.
+	HTTPClient *http.Client
+
+	// DirectoryURL points to the CA directory endpoint.
+	// If empty, LetsEncryptURL is used.
+	// Mutating this value after a successful call of Client's Discover method
+	// will have no effect.
+	DirectoryURL string
+
+	// RetryBackoff computes the duration after which the nth retry of a failed request
+	// should occur. The value of n for the first call on failure is 1.
+	// The values of r and resp are the request and response of the last failed attempt.
+	// If the returned value is negative or zero, no more retries are done and an error
+	// is returned to the caller of the original method.
+	//
+	// Requests which result in a 4xx client error are not retried,
+	// except for 400 Bad Request due to "bad nonce" errors and 429 Too Many Requests.
+	//
+	// If RetryBackoff is nil, a truncated exponential backoff algorithm
+	// with the ceiling of 10 seconds is used, where each subsequent retry n
+	// is done after either ("Retry-After" + jitter) or (2^n seconds + jitter),
+	// preferring the former if "Retry-After" header is found in the resp.
+	// The jitter is a random value up to 1 second.
+	RetryBackoff func(n int, r *http.Request, resp *http.Response) time.Duration
+
+	dirMu sync.Mutex // guards writes to dir
+	dir   *Directory // cached result of Client's Discover method
+
+	noncesMu sync.Mutex
+	nonces   map[string]struct{} // nonces collected from previous responses
+}
+
+// Discover performs ACME server discovery using c.DirectoryURL.
+//
+// It caches successful result. So, subsequent calls will not result in
+// a network round-trip. This also means mutating c.DirectoryURL after successful call
+// of this method will have no effect.
+func (c *Client) Discover(ctx context.Context) (Directory, error) {
+	c.dirMu.Lock()
+	defer c.dirMu.Unlock()
+	if c.dir != nil {
+		return *c.dir, nil
+	}
+
+	dirURL := c.DirectoryURL
+	if dirURL == "" {
+		dirURL = LetsEncryptURL
+	}
+	res, err := c.get(ctx, dirURL, wantStatus(http.StatusOK))
+	if err != nil {
+		return Directory{}, err
+	}
+	defer res.Body.Close()
+	c.addNonce(res.Header)
+
+	var v struct {
+		Reg    string `json:"new-reg"`
+		Authz  string `json:"new-authz"`
+		Cert   string `json:"new-cert"`
+		Revoke string `json:"revoke-cert"`
+		Meta   struct {
+			Terms   string   `json:"terms-of-service"`
+			Website string   `json:"website"`
+			CAA     []string `json:"caa-identities"`
+		}
+	}
+	if err := json.NewDecoder(res.Body).Decode(&v); err != nil {
+		return Directory{}, err
+	}
+	c.dir = &Directory{
+		RegURL:    v.Reg,
+		AuthzURL:  v.Authz,
+		CertURL:   v.Cert,
+		RevokeURL: v.Revoke,
+		Terms:     v.Meta.Terms,
+		Website:   v.Meta.Website,
+		CAA:       v.Meta.CAA,
+	}
+	return *c.dir, nil
+}
+
+// CreateCert requests a new certificate using the Certificate Signing Request csr encoded in DER format.
+// The exp argument indicates the desired certificate validity duration. CA may issue a certificate
+// with a different duration.
+// If the bundle argument is true, the returned value will also contain the CA (issuer) certificate chain.
+//
+// In the case where CA server does not provide the issued certificate in the response,
+// CreateCert will poll certURL using c.FetchCert, which will result in additional round-trips.
+// In such a scenario, the caller can cancel the polling with ctx.
+//
+// CreateCert returns an error if the CA's response or chain was unreasonably large.
+// Callers are encouraged to parse the returned value to ensure the certificate is valid and has the expected features.
+func (c *Client) CreateCert(ctx context.Context, csr []byte, exp time.Duration, bundle bool) (der [][]byte, certURL string, err error) {
+	if _, err := c.Discover(ctx); err != nil {
+		return nil, "", err
+	}
+
+	req := struct {
+		Resource  string `json:"resource"`
+		CSR       string `json:"csr"`
+		NotBefore string `json:"notBefore,omitempty"`
+		NotAfter  string `json:"notAfter,omitempty"`
+	}{
+		Resource: "new-cert",
+		CSR:      base64.RawURLEncoding.EncodeToString(csr),
+	}
+	now := timeNow()
+	req.NotBefore = now.Format(time.RFC3339)
+	if exp > 0 {
+		req.NotAfter = now.Add(exp).Format(time.RFC3339)
+	}
+
+	res, err := c.post(ctx, c.Key, c.dir.CertURL, req, wantStatus(http.StatusCreated))
+	if err != nil {
+		return nil, "", err
+	}
+	defer res.Body.Close()
+
+	curl := res.Header.Get("Location") // cert permanent URL
+	if res.ContentLength == 0 {
+		// no cert in the body; poll until we get it
+		cert, err := c.FetchCert(ctx, curl, bundle)
+		return cert, curl, err
+	}
+	// slurp issued cert and CA chain, if requested
+	cert, err := c.responseCert(ctx, res, bundle)
+	return cert, curl, err
+}
+
+// FetchCert retrieves already issued certificate from the given url, in DER format.
+// It retries the request until the certificate is successfully retrieved,
+// context is cancelled by the caller or an error response is received.
+//
+// The returned value will also contain the CA (issuer) certificate if the bundle argument is true.
+//
+// FetchCert returns an error if the CA's response or chain was unreasonably large.
+// Callers are encouraged to parse the returned value to ensure the certificate is valid
+// and has expected features.
+func (c *Client) FetchCert(ctx context.Context, url string, bundle bool) ([][]byte, error) {
+	res, err := c.get(ctx, url, wantStatus(http.StatusOK))
+	if err != nil {
+		return nil, err
+	}
+	return c.responseCert(ctx, res, bundle)
+}
+
+// RevokeCert revokes a previously issued certificate cert, provided in DER format.
+//
+// The key argument, used to sign the request, must be authorized
+// to revoke the certificate. It's up to the CA to decide which keys are authorized.
+// For instance, the key pair of the certificate may be authorized.
+// If the key is nil, c.Key is used instead.
+func (c *Client) RevokeCert(ctx context.Context, key crypto.Signer, cert []byte, reason CRLReasonCode) error {
+	if _, err := c.Discover(ctx); err != nil {
+		return err
+	}
+
+	body := &struct {
+		Resource string `json:"resource"`
+		Cert     string `json:"certificate"`
+		Reason   int    `json:"reason"`
+	}{
+		Resource: "revoke-cert",
+		Cert:     base64.RawURLEncoding.EncodeToString(cert),
+		Reason:   int(reason),
+	}
+	if key == nil {
+		key = c.Key
+	}
+	res, err := c.post(ctx, key, c.dir.RevokeURL, body, wantStatus(http.StatusOK))
+	if err != nil {
+		return err
+	}
+	defer res.Body.Close()
+	return nil
+}
+
+// AcceptTOS always returns true to indicate the acceptance of a CA's Terms of Service
+// during account registration. See Register method of Client for more details.
+func AcceptTOS(tosURL string) bool { return true }
+
+// Register creates a new account registration by following the "new-reg" flow.
+// It returns the registered account. The account is not modified.
+//
+// The registration may require the caller to agree to the CA's Terms of Service (TOS).
+// If so, and the account has not indicated the acceptance of the terms (see Account for details),
+// Register calls prompt with a TOS URL provided by the CA. Prompt should report
+// whether the caller agrees to the terms. To always accept the terms, the caller can use AcceptTOS.
+func (c *Client) Register(ctx context.Context, a *Account, prompt func(tosURL string) bool) (*Account, error) {
+	if _, err := c.Discover(ctx); err != nil {
+		return nil, err
+	}
+
+	var err error
+	if a, err = c.doReg(ctx, c.dir.RegURL, "new-reg", a); err != nil {
+		return nil, err
+	}
+	var accept bool
+	if a.CurrentTerms != "" && a.CurrentTerms != a.AgreedTerms {
+		accept = prompt(a.CurrentTerms)
+	}
+	if accept {
+		a.AgreedTerms = a.CurrentTerms
+		a, err = c.UpdateReg(ctx, a)
+	}
+	return a, err
+}
+
+// GetReg retrieves an existing registration.
+// The url argument is an Account URI.
+func (c *Client) GetReg(ctx context.Context, url string) (*Account, error) {
+	a, err := c.doReg(ctx, url, "reg", nil)
+	if err != nil {
+		return nil, err
+	}
+	a.URI = url
+	return a, nil
+}
+
+// UpdateReg updates an existing registration.
+// It returns an updated account copy. The provided account is not modified.
+func (c *Client) UpdateReg(ctx context.Context, a *Account) (*Account, error) {
+	uri := a.URI
+	a, err := c.doReg(ctx, uri, "reg", a)
+	if err != nil {
+		return nil, err
+	}
+	a.URI = uri
+	return a, nil
+}
+
+// Authorize performs the initial step in an authorization flow.
+// The caller will then need to choose from and perform a set of returned
+// challenges using c.Accept in order to successfully complete authorization.
+//
+// If an authorization has been previously granted, the CA may return
+// a valid authorization (Authorization.Status is StatusValid). If so, the caller
+// need not fulfill any challenge and can proceed to requesting a certificate.
+func (c *Client) Authorize(ctx context.Context, domain string) (*Authorization, error) {
+	if _, err := c.Discover(ctx); err != nil {
+		return nil, err
+	}
+
+	type authzID struct {
+		Type  string `json:"type"`
+		Value string `json:"value"`
+	}
+	req := struct {
+		Resource   string  `json:"resource"`
+		Identifier authzID `json:"identifier"`
+	}{
+		Resource:   "new-authz",
+		Identifier: authzID{Type: "dns", Value: domain},
+	}
+	res, err := c.post(ctx, c.Key, c.dir.AuthzURL, req, wantStatus(http.StatusCreated))
+	if err != nil {
+		return nil, err
+	}
+	defer res.Body.Close()
+
+	var v wireAuthz
+	if err := json.NewDecoder(res.Body).Decode(&v); err != nil {
+		return nil, fmt.Errorf("acme: invalid response: %v", err)
+	}
+	if v.Status != StatusPending && v.Status != StatusValid {
+		return nil, fmt.Errorf("acme: unexpected status: %s", v.Status)
+	}
+	return v.authorization(res.Header.Get("Location")), nil
+}
+
+// GetAuthorization retrieves an authorization identified by the given URL.
+//
+// If a caller needs to poll an authorization until its status is final,
+// see the WaitAuthorization method.
+func (c *Client) GetAuthorization(ctx context.Context, url string) (*Authorization, error) {
+	res, err := c.get(ctx, url, wantStatus(http.StatusOK, http.StatusAccepted))
+	if err != nil {
+		return nil, err
+	}
+	defer res.Body.Close()
+	var v wireAuthz
+	if err := json.NewDecoder(res.Body).Decode(&v); err != nil {
+		return nil, fmt.Errorf("acme: invalid response: %v", err)
+	}
+	return v.authorization(url), nil
+}
+
+// RevokeAuthorization relinquishes an existing authorization identified
+// by the given URL.
+// The url argument is an Authorization.URI value.
+//
+// If successful, the caller will be required to obtain a new authorization
+// using the Authorize method before being able to request a new certificate
+// for the domain associated with the authorization.
+//
+// It does not revoke existing certificates.
+func (c *Client) RevokeAuthorization(ctx context.Context, url string) error {
+	req := struct {
+		Resource string `json:"resource"`
+		Status   string `json:"status"`
+		Delete   bool   `json:"delete"`
+	}{
+		Resource: "authz",
+		Status:   "deactivated",
+		Delete:   true,
+	}
+	res, err := c.post(ctx, c.Key, url, req, wantStatus(http.StatusOK))
+	if err != nil {
+		return err
+	}
+	defer res.Body.Close()
+	return nil
+}
+
+// WaitAuthorization polls an authorization at the given URL
+// until it is in one of the final states, StatusValid or StatusInvalid,
+// the ACME CA responded with a 4xx error code, or the context is done.
+//
+// It returns a non-nil Authorization only if its Status is StatusValid.
+// In all other cases WaitAuthorization returns an error.
+// If the Status is StatusInvalid, the returned error is of type *AuthorizationError.
+func (c *Client) WaitAuthorization(ctx context.Context, url string) (*Authorization, error) {
+	for {
+		res, err := c.get(ctx, url, wantStatus(http.StatusOK, http.StatusAccepted))
+		if err != nil {
+			return nil, err
+		}
+
+		var raw wireAuthz
+		err = json.NewDecoder(res.Body).Decode(&raw)
+		res.Body.Close()
+		switch {
+		case err != nil:
+			// Skip and retry.
+		case raw.Status == StatusValid:
+			return raw.authorization(url), nil
+		case raw.Status == StatusInvalid:
+			return nil, raw.error(url)
+		}
+
+		// Exponential backoff is implemented in c.get above.
+		// This is just to prevent continuously hitting the CA
+		// while waiting for a final authorization status.
+		d := retryAfter(res.Header.Get("Retry-After"))
+		if d == 0 {
+			// Given that the fastest challenges TLS-SNI and HTTP-01
+			// require a CA to make at least 1 network round trip
+			// and most likely persist a challenge state,
+			// this default delay seems reasonable.
+			d = time.Second
+		}
+		t := time.NewTimer(d)
+		select {
+		case <-ctx.Done():
+			t.Stop()
+			return nil, ctx.Err()
+		case <-t.C:
+			// Retry.
+		}
+	}
+}
+
+// GetChallenge retrieves the current status of an challenge.
+//
+// A client typically polls a challenge status using this method.
+func (c *Client) GetChallenge(ctx context.Context, url string) (*Challenge, error) {
+	res, err := c.get(ctx, url, wantStatus(http.StatusOK, http.StatusAccepted))
+	if err != nil {
+		return nil, err
+	}
+	defer res.Body.Close()
+	v := wireChallenge{URI: url}
+	if err := json.NewDecoder(res.Body).Decode(&v); err != nil {
+		return nil, fmt.Errorf("acme: invalid response: %v", err)
+	}
+	return v.challenge(), nil
+}
+
+// Accept informs the server that the client accepts one of its challenges
+// previously obtained with c.Authorize.
+//
+// The server will then perform the validation asynchronously.
+func (c *Client) Accept(ctx context.Context, chal *Challenge) (*Challenge, error) {
+	auth, err := keyAuth(c.Key.Public(), chal.Token)
+	if err != nil {
+		return nil, err
+	}
+
+	req := struct {
+		Resource string `json:"resource"`
+		Type     string `json:"type"`
+		Auth     string `json:"keyAuthorization"`
+	}{
+		Resource: "challenge",
+		Type:     chal.Type,
+		Auth:     auth,
+	}
+	res, err := c.post(ctx, c.Key, chal.URI, req, wantStatus(
+		http.StatusOK,       // according to the spec
+		http.StatusAccepted, // Let's Encrypt: see https://goo.gl/WsJ7VT (acme-divergences.md)
+	))
+	if err != nil {
+		return nil, err
+	}
+	defer res.Body.Close()
+
+	var v wireChallenge
+	if err := json.NewDecoder(res.Body).Decode(&v); err != nil {
+		return nil, fmt.Errorf("acme: invalid response: %v", err)
+	}
+	return v.challenge(), nil
+}
+
+// DNS01ChallengeRecord returns a DNS record value for a dns-01 challenge response.
+// A TXT record containing the returned value must be provisioned under
+// "_acme-challenge" name of the domain being validated.
+//
+// The token argument is a Challenge.Token value.
+func (c *Client) DNS01ChallengeRecord(token string) (string, error) {
+	ka, err := keyAuth(c.Key.Public(), token)
+	if err != nil {
+		return "", err
+	}
+	b := sha256.Sum256([]byte(ka))
+	return base64.RawURLEncoding.EncodeToString(b[:]), nil
+}
+
+// HTTP01ChallengeResponse returns the response for an http-01 challenge.
+// Servers should respond with the value to HTTP requests at the URL path
+// provided by HTTP01ChallengePath to validate the challenge and prove control
+// over a domain name.
+//
+// The token argument is a Challenge.Token value.
+func (c *Client) HTTP01ChallengeResponse(token string) (string, error) {
+	return keyAuth(c.Key.Public(), token)
+}
+
+// HTTP01ChallengePath returns the URL path at which the response for an http-01 challenge
+// should be provided by the servers.
+// The response value can be obtained with HTTP01ChallengeResponse.
+//
+// The token argument is a Challenge.Token value.
+func (c *Client) HTTP01ChallengePath(token string) string {
+	return "/.well-known/acme-challenge/" + token
+}
+
+// TLSSNI01ChallengeCert creates a certificate for TLS-SNI-01 challenge response.
+// Servers can present the certificate to validate the challenge and prove control
+// over a domain name.
+//
+// The implementation is incomplete in that the returned value is a single certificate,
+// computed only for Z0 of the key authorization. ACME CAs are expected to update
+// their implementations to use the newer version, TLS-SNI-02.
+// For more details on TLS-SNI-01 see https://tools.ietf.org/html/draft-ietf-acme-acme-01#section-7.3.
+//
+// The token argument is a Challenge.Token value.
+// If a WithKey option is provided, its private part signs the returned cert,
+// and the public part is used to specify the signee.
+// If no WithKey option is provided, a new ECDSA key is generated using P-256 curve.
+//
+// The returned certificate is valid for the next 24 hours and must be presented only when
+// the server name of the TLS ClientHello matches exactly the returned name value.
+func (c *Client) TLSSNI01ChallengeCert(token string, opt ...CertOption) (cert tls.Certificate, name string, err error) {
+	ka, err := keyAuth(c.Key.Public(), token)
+	if err != nil {
+		return tls.Certificate{}, "", err
+	}
+	b := sha256.Sum256([]byte(ka))
+	h := hex.EncodeToString(b[:])
+	name = fmt.Sprintf("%s.%s.acme.invalid", h[:32], h[32:])
+	cert, err = tlsChallengeCert([]string{name}, opt)
+	if err != nil {
+		return tls.Certificate{}, "", err
+	}
+	return cert, name, nil
+}
+
+// TLSSNI02ChallengeCert creates a certificate for TLS-SNI-02 challenge response.
+// Servers can present the certificate to validate the challenge and prove control
+// over a domain name. For more details on TLS-SNI-02 see
+// https://tools.ietf.org/html/draft-ietf-acme-acme-03#section-7.3.
+//
+// The token argument is a Challenge.Token value.
+// If a WithKey option is provided, its private part signs the returned cert,
+// and the public part is used to specify the signee.
+// If no WithKey option is provided, a new ECDSA key is generated using P-256 curve.
+//
+// The returned certificate is valid for the next 24 hours and must be presented only when
+// the server name in the TLS ClientHello matches exactly the returned name value.
+func (c *Client) TLSSNI02ChallengeCert(token string, opt ...CertOption) (cert tls.Certificate, name string, err error) {
+	b := sha256.Sum256([]byte(token))
+	h := hex.EncodeToString(b[:])
+	sanA := fmt.Sprintf("%s.%s.token.acme.invalid", h[:32], h[32:])
+
+	ka, err := keyAuth(c.Key.Public(), token)
+	if err != nil {
+		return tls.Certificate{}, "", err
+	}
+	b = sha256.Sum256([]byte(ka))
+	h = hex.EncodeToString(b[:])
+	sanB := fmt.Sprintf("%s.%s.ka.acme.invalid", h[:32], h[32:])
+
+	cert, err = tlsChallengeCert([]string{sanA, sanB}, opt)
+	if err != nil {
+		return tls.Certificate{}, "", err
+	}
+	return cert, sanA, nil
+}
+
+// TLSALPN01ChallengeCert creates a certificate for TLS-ALPN-01 challenge response.
+// Servers can present the certificate to validate the challenge and prove control
+// over a domain name. For more details on TLS-ALPN-01 see
+// https://tools.ietf.org/html/draft-shoemaker-acme-tls-alpn-00#section-3
+//
+// The token argument is a Challenge.Token value.
+// If a WithKey option is provided, its private part signs the returned cert,
+// and the public part is used to specify the signee.
+// If no WithKey option is provided, a new ECDSA key is generated using P-256 curve.
+//
+// The returned certificate is valid for the next 24 hours and must be presented only when
+// the server name in the TLS ClientHello matches the domain, and the special acme-tls/1 ALPN protocol
+// has been specified.
+func (c *Client) TLSALPN01ChallengeCert(token, domain string, opt ...CertOption) (cert tls.Certificate, err error) {
+	ka, err := keyAuth(c.Key.Public(), token)
+	if err != nil {
+		return tls.Certificate{}, err
+	}
+	shasum := sha256.Sum256([]byte(ka))
+	extValue, err := asn1.Marshal(shasum[:])
+	if err != nil {
+		return tls.Certificate{}, err
+	}
+	acmeExtension := pkix.Extension{
+		Id:       idPeACMEIdentifierV1,
+		Critical: true,
+		Value:    extValue,
+	}
+
+	tmpl := defaultTLSChallengeCertTemplate()
+
+	var newOpt []CertOption
+	for _, o := range opt {
+		switch o := o.(type) {
+		case *certOptTemplate:
+			t := *(*x509.Certificate)(o) // shallow copy is ok
+			tmpl = &t
+		default:
+			newOpt = append(newOpt, o)
+		}
+	}
+	tmpl.ExtraExtensions = append(tmpl.ExtraExtensions, acmeExtension)
+	newOpt = append(newOpt, WithTemplate(tmpl))
+	return tlsChallengeCert([]string{domain}, newOpt)
+}
+
+// doReg sends all types of registration requests.
+// The type of request is identified by typ argument, which is a "resource"
+// in the ACME spec terms.
+//
+// A non-nil acct argument indicates whether the intention is to mutate data
+// of the Account. Only Contact and Agreement of its fields are used
+// in such cases.
+func (c *Client) doReg(ctx context.Context, url string, typ string, acct *Account) (*Account, error) {
+	req := struct {
+		Resource  string   `json:"resource"`
+		Contact   []string `json:"contact,omitempty"`
+		Agreement string   `json:"agreement,omitempty"`
+	}{
+		Resource: typ,
+	}
+	if acct != nil {
+		req.Contact = acct.Contact
+		req.Agreement = acct.AgreedTerms
+	}
+	res, err := c.post(ctx, c.Key, url, req, wantStatus(
+		http.StatusOK,       // updates and deletes
+		http.StatusCreated,  // new account creation
+		http.StatusAccepted, // Let's Encrypt divergent implementation
+	))
+	if err != nil {
+		return nil, err
+	}
+	defer res.Body.Close()
+
+	var v struct {
+		Contact        []string
+		Agreement      string
+		Authorizations string
+		Certificates   string
+	}
+	if err := json.NewDecoder(res.Body).Decode(&v); err != nil {
+		return nil, fmt.Errorf("acme: invalid response: %v", err)
+	}
+	var tos string
+	if v := linkHeader(res.Header, "terms-of-service"); len(v) > 0 {
+		tos = v[0]
+	}
+	var authz string
+	if v := linkHeader(res.Header, "next"); len(v) > 0 {
+		authz = v[0]
+	}
+	return &Account{
+		URI:            res.Header.Get("Location"),
+		Contact:        v.Contact,
+		AgreedTerms:    v.Agreement,
+		CurrentTerms:   tos,
+		Authz:          authz,
+		Authorizations: v.Authorizations,
+		Certificates:   v.Certificates,
+	}, nil
+}
+
+// popNonce returns a nonce value previously stored with c.addNonce
+// or fetches a fresh one from the given URL.
+func (c *Client) popNonce(ctx context.Context, url string) (string, error) {
+	c.noncesMu.Lock()
+	defer c.noncesMu.Unlock()
+	if len(c.nonces) == 0 {
+		return c.fetchNonce(ctx, url)
+	}
+	var nonce string
+	for nonce = range c.nonces {
+		delete(c.nonces, nonce)
+		break
+	}
+	return nonce, nil
+}
+
+// clearNonces clears any stored nonces
+func (c *Client) clearNonces() {
+	c.noncesMu.Lock()
+	defer c.noncesMu.Unlock()
+	c.nonces = make(map[string]struct{})
+}
+
+// addNonce stores a nonce value found in h (if any) for future use.
+func (c *Client) addNonce(h http.Header) {
+	v := nonceFromHeader(h)
+	if v == "" {
+		return
+	}
+	c.noncesMu.Lock()
+	defer c.noncesMu.Unlock()
+	if len(c.nonces) >= maxNonces {
+		return
+	}
+	if c.nonces == nil {
+		c.nonces = make(map[string]struct{})
+	}
+	c.nonces[v] = struct{}{}
+}
+
+func (c *Client) fetchNonce(ctx context.Context, url string) (string, error) {
+	r, err := http.NewRequest("HEAD", url, nil)
+	if err != nil {
+		return "", err
+	}
+	resp, err := c.doNoRetry(ctx, r)
+	if err != nil {
+		return "", err
+	}
+	defer resp.Body.Close()
+	nonce := nonceFromHeader(resp.Header)
+	if nonce == "" {
+		if resp.StatusCode > 299 {
+			return "", responseError(resp)
+		}
+		return "", errors.New("acme: nonce not found")
+	}
+	return nonce, nil
+}
+
+func nonceFromHeader(h http.Header) string {
+	return h.Get("Replay-Nonce")
+}
+
+func (c *Client) responseCert(ctx context.Context, res *http.Response, bundle bool) ([][]byte, error) {
+	b, err := ioutil.ReadAll(io.LimitReader(res.Body, maxCertSize+1))
+	if err != nil {
+		return nil, fmt.Errorf("acme: response stream: %v", err)
+	}
+	if len(b) > maxCertSize {
+		return nil, errors.New("acme: certificate is too big")
+	}
+	cert := [][]byte{b}
+	if !bundle {
+		return cert, nil
+	}
+
+	// Append CA chain cert(s).
+	// At least one is required according to the spec:
+	// https://tools.ietf.org/html/draft-ietf-acme-acme-03#section-6.3.1
+	up := linkHeader(res.Header, "up")
+	if len(up) == 0 {
+		return nil, errors.New("acme: rel=up link not found")
+	}
+	if len(up) > maxChainLen {
+		return nil, errors.New("acme: rel=up link is too large")
+	}
+	for _, url := range up {
+		cc, err := c.chainCert(ctx, url, 0)
+		if err != nil {
+			return nil, err
+		}
+		cert = append(cert, cc...)
+	}
+	return cert, nil
+}
+
+// chainCert fetches CA certificate chain recursively by following "up" links.
+// Each recursive call increments the depth by 1, resulting in an error
+// if the recursion level reaches maxChainLen.
+//
+// First chainCert call starts with depth of 0.
+func (c *Client) chainCert(ctx context.Context, url string, depth int) ([][]byte, error) {
+	if depth >= maxChainLen {
+		return nil, errors.New("acme: certificate chain is too deep")
+	}
+
+	res, err := c.get(ctx, url, wantStatus(http.StatusOK))
+	if err != nil {
+		return nil, err
+	}
+	defer res.Body.Close()
+	b, err := ioutil.ReadAll(io.LimitReader(res.Body, maxCertSize+1))
+	if err != nil {
+		return nil, err
+	}
+	if len(b) > maxCertSize {
+		return nil, errors.New("acme: certificate is too big")
+	}
+	chain := [][]byte{b}
+
+	uplink := linkHeader(res.Header, "up")
+	if len(uplink) > maxChainLen {
+		return nil, errors.New("acme: certificate chain is too large")
+	}
+	for _, up := range uplink {
+		cc, err := c.chainCert(ctx, up, depth+1)
+		if err != nil {
+			return nil, err
+		}
+		chain = append(chain, cc...)
+	}
+
+	return chain, nil
+}
+
+// linkHeader returns URI-Reference values of all Link headers
+// with relation-type rel.
+// See https://tools.ietf.org/html/rfc5988#section-5 for details.
+func linkHeader(h http.Header, rel string) []string {
+	var links []string
+	for _, v := range h["Link"] {
+		parts := strings.Split(v, ";")
+		for _, p := range parts {
+			p = strings.TrimSpace(p)
+			if !strings.HasPrefix(p, "rel=") {
+				continue
+			}
+			if v := strings.Trim(p[4:], `"`); v == rel {
+				links = append(links, strings.Trim(parts[0], "<>"))
+			}
+		}
+	}
+	return links
+}
+
+// keyAuth generates a key authorization string for a given token.
+func keyAuth(pub crypto.PublicKey, token string) (string, error) {
+	th, err := JWKThumbprint(pub)
+	if err != nil {
+		return "", err
+	}
+	return fmt.Sprintf("%s.%s", token, th), nil
+}
+
+// defaultTLSChallengeCertTemplate is a template used to create challenge certs for TLS challenges.
+func defaultTLSChallengeCertTemplate() *x509.Certificate {
+	return &x509.Certificate{
+		SerialNumber:          big.NewInt(1),
+		NotBefore:             time.Now(),
+		NotAfter:              time.Now().Add(24 * time.Hour),
+		BasicConstraintsValid: true,
+		KeyUsage:              x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
+		ExtKeyUsage:           []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
+	}
+}
+
+// tlsChallengeCert creates a temporary certificate for TLS-SNI challenges
+// with the given SANs and auto-generated public/private key pair.
+// The Subject Common Name is set to the first SAN to aid debugging.
+// To create a cert with a custom key pair, specify WithKey option.
+func tlsChallengeCert(san []string, opt []CertOption) (tls.Certificate, error) {
+	var key crypto.Signer
+	tmpl := defaultTLSChallengeCertTemplate()
+	for _, o := range opt {
+		switch o := o.(type) {
+		case *certOptKey:
+			if key != nil {
+				return tls.Certificate{}, errors.New("acme: duplicate key option")
+			}
+			key = o.key
+		case *certOptTemplate:
+			t := *(*x509.Certificate)(o) // shallow copy is ok
+			tmpl = &t
+		default:
+			// package's fault, if we let this happen:
+			panic(fmt.Sprintf("unsupported option type %T", o))
+		}
+	}
+	if key == nil {
+		var err error
+		if key, err = ecdsa.GenerateKey(elliptic.P256(), rand.Reader); err != nil {
+			return tls.Certificate{}, err
+		}
+	}
+	tmpl.DNSNames = san
+	if len(san) > 0 {
+		tmpl.Subject.CommonName = san[0]
+	}
+
+	der, err := x509.CreateCertificate(rand.Reader, tmpl, tmpl, key.Public(), key)
+	if err != nil {
+		return tls.Certificate{}, err
+	}
+	return tls.Certificate{
+		Certificate: [][]byte{der},
+		PrivateKey:  key,
+	}, nil
+}
+
+// encodePEM returns b encoded as PEM with block of type typ.
+func encodePEM(typ string, b []byte) []byte {
+	pb := &pem.Block{Type: typ, Bytes: b}
+	return pem.EncodeToMemory(pb)
+}
+
+// timeNow is useful for testing for fixed current time.
+var timeNow = time.Now
--- a/vendor/golang.org/x/crypto/acme/autocert/autocert.go
+++ b/vendor/golang.org/x/crypto/acme/autocert/autocert.go
--- a/Show More
+++ b/Show More