fix(security): 强化 usage 端点信息暴露控制

fix(antigravity): 修复请求频繁429的问题
fix(billing): 修复客户端取消请求时计费丢失问题
2026-04-06 00:10:21 +08:00 · 2026-01-08 17:45:31 +08:00 · 2026-01-08 17:27:35 +08:00 · 2026-01-08 11:25:17 +08:00 · 2026-01-08 09:56:26 +08:00 · 2026-01-08 09:27:57 +08:00
397 changed files with 51570 additions and 16967 deletions
--- a/.github/audit-exceptions.yml
+++ b/.github/audit-exceptions.yml
@@ -0,0 +1,16 @@
+version: 1
+exceptions:
+  - package: xlsx
+    advisory: "GHSA-4r6h-8v6p-xvw6"
+    severity: high
+    reason: "Admin export only; switched to dynamic import to reduce exposure (CVE-2023-30533)"
+    mitigation: "Load only on export; restrict export permissions and data scope"
+    expires_on: "2026-04-05"
+    owner: "security@your-domain"
+  - package: xlsx
+    advisory: "GHSA-5pgg-2g8v-p4x9"
+    severity: high
+    reason: "Admin export only; switched to dynamic import to reduce exposure (CVE-2024-22363)"
+    mitigation: "Load only on export; restrict export permissions and data scope"
+    expires_on: "2026-04-05"
+    owner: "security@your-domain"
--- a/.github/workflows/backend-ci.yml
+++ b/.github/workflows/backend-ci.yml
@@ -15,8 +15,11 @@ jobs:
      - uses: actions/setup-go@v5
        with:
          go-version-file: backend/go.mod
-          check-latest: true
+          check-latest: false
          cache: true
+      - name: Verify Go version
+        run: |
+          go version | grep -q 'go1.25.5'
      - name: Unit tests
        working-directory: backend
        run: make test-unit
@@ -31,8 +34,11 @@ jobs:
      - uses: actions/setup-go@v5
        with:
          go-version-file: backend/go.mod
-          check-latest: true
+          check-latest: false
          cache: true
+      - name: Verify Go version
+        run: |
+          go version | grep -q 'go1.25.5'
      - name: golangci-lint
        uses: golangci/golangci-lint-action@v9
        with:
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -4,6 +4,22 @@ on:
  push:
    tags:
      - 'v*'
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: 'Tag to release (e.g., v1.0.0)'
+        required: true
+        type: string
+      simple_release:
+        description: 'Simple release: only x86_64 GHCR image, skip other artifacts'
+        required: false
+        type: boolean
+        default: false
+
+# 环境变量：合并 workflow_dispatch 输入和 repository variable
+# tag push 触发时读取 vars.SIMPLE_RELEASE，workflow_dispatch 时使用输入参数
+env:
+  SIMPLE_RELEASE: ${{ github.event.inputs.simple_release == 'true' || vars.SIMPLE_RELEASE == 'true' }}

 permissions:
  contents: write
@@ -19,7 +35,12 @@ jobs:

      - name: Update VERSION file
        run: |
-          VERSION=${GITHUB_REF#refs/tags/v}
+          if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
+            VERSION=${{ github.event.inputs.tag }}
+            VERSION=${VERSION#v}
+          else
+            VERSION=${GITHUB_REF#refs/tags/v}
+          fi
          echo "$VERSION" > backend/cmd/server/VERSION
          echo "Updated VERSION file to: $VERSION"

@@ -36,19 +57,24 @@ jobs:
      - name: Checkout
        uses: actions/checkout@v4

+      - name: Setup pnpm
+        uses: pnpm/action-setup@v4
+        with:
+          version: 9
+
      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: '20'
-          cache: 'npm'
-          cache-dependency-path: frontend/package-lock.json
+          cache: 'pnpm'
+          cache-dependency-path: frontend/pnpm-lock.yaml

      - name: Install dependencies
-        run: npm ci
+        run: pnpm install --frozen-lockfile
        working-directory: frontend

      - name: Build frontend
-        run: npm run build
+        run: pnpm run build
        working-directory: frontend

      - name: Upload frontend artifact
@@ -66,6 +92,7 @@ jobs:
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
+          ref: ${{ github.event.inputs.tag || github.ref }}

      - name: Download VERSION artifact
        uses: actions/download-artifact@v4
@@ -82,9 +109,14 @@ jobs:
      - name: Setup Go
        uses: actions/setup-go@v5
        with:
-          go-version: '1.24'
+          go-version-file: backend/go.mod
+          check-latest: false
          cache-dependency-path: backend/go.sum

+      - name: Verify Go version
+        run: |
+          go version | grep -q 'go1.25.5'
+
      # Docker setup for GoReleaser
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3
@@ -93,7 +125,10 @@ jobs:
        uses: docker/setup-buildx-action@v3

      - name: Login to DockerHub
+        if: ${{ env.DOCKERHUB_USERNAME != '' }}
        uses: docker/login-action@v3
+        env:
+          DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
@@ -113,7 +148,11 @@ jobs:
      - name: Get tag message
        id: tag_message
        run: |
-          TAG_NAME=${GITHUB_REF#refs/tags/}
+          if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
+            TAG_NAME=${{ github.event.inputs.tag }}
+          else
+            TAG_NAME=${GITHUB_REF#refs/tags/}
+          fi
          echo "Processing tag: $TAG_NAME"

          # 获取完整的 tag message（跳过第一行标题）
@@ -137,18 +176,21 @@ jobs:
        uses: goreleaser/goreleaser-action@v6
        with:
          version: '~> v2'
-          args: release --clean --skip=validate
+          args: release --clean --skip=validate ${{ env.SIMPLE_RELEASE == 'true' && '--config=.goreleaser.simple.yaml' || '' }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          TAG_MESSAGE: ${{ steps.tag_message.outputs.message }}
          GITHUB_REPO_OWNER: ${{ github.repository_owner }}
          GITHUB_REPO_OWNER_LOWER: ${{ steps.lowercase.outputs.owner }}
          GITHUB_REPO_NAME: ${{ github.event.repository.name }}
-          DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
+          DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME || 'skip' }}

      # Update DockerHub description
      - name: Update DockerHub description
+        if: ${{ env.SIMPLE_RELEASE != 'true' && env.DOCKERHUB_USERNAME != '' }}
        uses: peter-evans/dockerhub-description@v4
+        env:
+          DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
@@ -158,9 +200,11 @@ jobs:

      # Send Telegram notification
      - name: Send Telegram Notification
+        if: ${{ env.SIMPLE_RELEASE != 'true' }}
        env:
          TELEGRAM_BOT_TOKEN: ${{ secrets.TELEGRAM_BOT_TOKEN }}
          TELEGRAM_CHAT_ID: ${{ secrets.TELEGRAM_CHAT_ID }}
+          DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
        continue-on-error: true
        run: |
          # 检查必要的环境变量
@@ -169,10 +213,13 @@ jobs:
            exit 0
          fi

-          TAG_NAME=${GITHUB_REF#refs/tags/}
+          if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
+            TAG_NAME=${{ github.event.inputs.tag }}
+          else
+            TAG_NAME=${GITHUB_REF#refs/tags/}
+          fi
          VERSION=${TAG_NAME#v}
          REPO="${{ github.repository }}"
-          DOCKER_IMAGE="${{ secrets.DOCKERHUB_USERNAME }}/sub2api"
          GHCR_IMAGE="ghcr.io/${REPO,,}"  # ${,,} converts to lowercase

          # 获取 tag message 内容
@@ -194,14 +241,20 @@ jobs:

          MESSAGE+="🐳 *Docker 部署:*"$'\n'
          MESSAGE+="\`\`\`bash"$'\n'
-          MESSAGE+="# Docker Hub"$'\n'
-          MESSAGE+="docker pull ${DOCKER_IMAGE}:${TAG_NAME}"$'\n'
-          MESSAGE+="# GitHub Container Registry"$'\n'
+          # 根据是否配置 DockerHub 动态生成
+          if [ -n "$DOCKERHUB_USERNAME" ]; then
+            DOCKER_IMAGE="${DOCKERHUB_USERNAME}/sub2api"
+            MESSAGE+="# Docker Hub"$'\n'
+            MESSAGE+="docker pull ${DOCKER_IMAGE}:${TAG_NAME}"$'\n'
+            MESSAGE+="# GitHub Container Registry"$'\n'
+          fi
          MESSAGE+="docker pull ${GHCR_IMAGE}:${TAG_NAME}"$'\n'
          MESSAGE+="\`\`\`"$'\n'$'\n'
          MESSAGE+="🔗 *相关链接:*"$'\n'
          MESSAGE+="• [GitHub Release](https://github.com/${REPO}/releases/tag/${TAG_NAME})"$'\n'
-          MESSAGE+="• [Docker Hub](https://hub.docker.com/r/${DOCKER_IMAGE})"$'\n'
+          if [ -n "$DOCKERHUB_USERNAME" ]; then
+            MESSAGE+="• [Docker Hub](https://hub.docker.com/r/${DOCKER_IMAGE})"$'\n'
+          fi
          MESSAGE+="• [GitHub Packages](https://github.com/${REPO}/pkgs/container/sub2api)"$'\n'$'\n'
          MESSAGE+="#Sub2API #Release #${TAG_NAME//./_}"

--- a/.github/workflows/security-scan.yml
+++ b/.github/workflows/security-scan.yml
@@ -0,0 +1,62 @@
+name: Security Scan
+
+on:
+  push:
+  pull_request:
+  schedule:
+    - cron: '0 3 * * 1'
+
+permissions:
+  contents: read
+
+jobs:
+  backend-security:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: backend/go.mod
+          check-latest: false
+          cache-dependency-path: backend/go.sum
+      - name: Verify Go version
+        run: |
+          go version | grep -q 'go1.25.5'
+      - name: Run govulncheck
+        working-directory: backend
+        run: |
+          go install golang.org/x/vuln/cmd/govulncheck@latest
+          govulncheck ./...
+      - name: Run gosec
+        working-directory: backend
+        run: |
+          go install github.com/securego/gosec/v2/cmd/gosec@latest
+          gosec -severity high -confidence high ./...
+
+  frontend-security:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up pnpm
+        uses: pnpm/action-setup@v4
+        with:
+          version: 9
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'pnpm'
+          cache-dependency-path: frontend/pnpm-lock.yaml
+      - name: Install dependencies
+        working-directory: frontend
+        run: pnpm install --frozen-lockfile
+      - name: Run pnpm audit
+        working-directory: frontend
+        run: |
+          pnpm audit --prod --audit-level=high --json > audit.json || true
+      - name: Check audit exceptions
+        run: |
+          python tools/check_pnpm_audit_exceptions.py \
+            --audit frontend/audit.json \
+            --exceptions .github/audit-exceptions.yml
--- a/.gitignore
+++ b/.gitignore
@@ -33,6 +33,7 @@ frontend/dist/
 *.local
 *.tsbuildinfo
 vite.config.d.ts
+vite.config.js.timestamp-*

 # 日志
 npm-debug.log*
@@ -48,6 +49,7 @@ pnpm-debug.log*
 .env.*.local
 *.env
 !.env.example
+docker-compose.override.yml

 # ===================
 # IDE / 编辑器
@@ -77,6 +79,7 @@ temp/
 *.temp
 *.log
 *.bak
+.cache/

 # ===================
 # 构建产物
@@ -117,3 +120,9 @@ docs/
 code-reviews/
 AGENTS.md
 backend/cmd/server/server
+deploy/docker-compose.override.yml
+.gocache/
+vite.config.js
+!docs/
+docs/*
+!docs/dependency-security.md
--- a/.goreleaser.simple.yaml
+++ b/.goreleaser.simple.yaml
@@ -0,0 +1,86 @@
+# 简化版 GoReleaser 配置 - 仅发布 x86_64 GHCR 镜像
+version: 2
+
+project_name: sub2api
+
+before:
+  hooks:
+    - go mod tidy -C backend
+
+builds:
+  - id: sub2api
+    dir: backend
+    main: ./cmd/server
+    binary: sub2api
+    flags:
+      - -tags=embed
+    env:
+      - CGO_ENABLED=0
+    goos:
+      - linux
+    goarch:
+      - amd64
+    ldflags:
+      - -s -w
+      - -X main.Commit={{.Commit}}
+      - -X main.Date={{.Date}}
+      - -X main.BuildType=release
+
+# 跳过 archives
+archives: []
+
+# 跳过 checksum
+checksum:
+  disable: true
+
+changelog:
+  disable: true
+
+# 仅 GHCR x86_64 镜像
+dockers:
+  - id: ghcr-amd64
+    goos: linux
+    goarch: amd64
+    image_templates:
+      - "ghcr.io/{{ .Env.GITHUB_REPO_OWNER_LOWER }}/sub2api:{{ .Version }}-amd64"
+      - "ghcr.io/{{ .Env.GITHUB_REPO_OWNER_LOWER }}/sub2api:{{ .Version }}"
+      - "ghcr.io/{{ .Env.GITHUB_REPO_OWNER_LOWER }}/sub2api:latest"
+    dockerfile: Dockerfile.goreleaser
+    use: buildx
+    build_flag_templates:
+      - "--platform=linux/amd64"
+      - "--label=org.opencontainers.image.version={{ .Version }}"
+      - "--label=org.opencontainers.image.revision={{ .Commit }}"
+      - "--label=org.opencontainers.image.source=https://github.com/{{ .Env.GITHUB_REPO_OWNER }}/{{ .Env.GITHUB_REPO_NAME }}"
+
+# 跳过 manifests（单架构不需要）
+docker_manifests: []
+
+release:
+  github:
+    owner: "{{ .Env.GITHUB_REPO_OWNER }}"
+    name: "{{ .Env.GITHUB_REPO_NAME }}"
+  draft: false
+  prerelease: auto
+  name_template: "Sub2API {{.Version}} (Simple)"
+  # 跳过上传二进制包
+  skip_upload: true
+  header: |
+    > AI API Gateway Platform - 将 AI 订阅配额分发和管理
+    > ⚡ Simple Release: 仅包含 x86_64 GHCR 镜像
+
+    {{ .Env.TAG_MESSAGE }}
+
+  footer: |
+    ---
+
+    ## 📥 Installation
+
+    **Docker (x86_64 only):**
+    ```bash
+    docker pull ghcr.io/{{ .Env.GITHUB_REPO_OWNER_LOWER }}/sub2api:{{ .Version }}
+    ```
+
+    ## 📚 Documentation
+
+    - [GitHub Repository](https://github.com/{{ .Env.GITHUB_REPO_OWNER }}/{{ .Env.GITHUB_REPO_NAME }})
--- a/.goreleaser.yaml
+++ b/.goreleaser.yaml
@@ -54,9 +54,11 @@ changelog:

 # Docker images
 dockers:
+  # DockerHub images (skipped if DOCKERHUB_USERNAME is 'skip')
  - id: amd64
    goos: linux
    goarch: amd64
+    skip_push: '{{ if eq .Env.DOCKERHUB_USERNAME "skip" }}true{{ else }}false{{ end }}'
    image_templates:
      - "{{ .Env.DOCKERHUB_USERNAME }}/sub2api:{{ .Version }}-amd64"
    dockerfile: Dockerfile.goreleaser
@@ -69,6 +71,7 @@ dockers:
  - id: arm64
    goos: linux
    goarch: arm64
+    skip_push: '{{ if eq .Env.DOCKERHUB_USERNAME "skip" }}true{{ else }}false{{ end }}'
    image_templates:
      - "{{ .Env.DOCKERHUB_USERNAME }}/sub2api:{{ .Version }}-arm64"
    dockerfile: Dockerfile.goreleaser
@@ -107,22 +110,27 @@ dockers:

 # Docker manifests for multi-arch support
 docker_manifests:
+  # DockerHub manifests (skipped if DOCKERHUB_USERNAME is 'skip')
  - name_template: "{{ .Env.DOCKERHUB_USERNAME }}/sub2api:{{ .Version }}"
+    skip_push: '{{ if eq .Env.DOCKERHUB_USERNAME "skip" }}true{{ else }}false{{ end }}'
    image_templates:
      - "{{ .Env.DOCKERHUB_USERNAME }}/sub2api:{{ .Version }}-amd64"
      - "{{ .Env.DOCKERHUB_USERNAME }}/sub2api:{{ .Version }}-arm64"

  - name_template: "{{ .Env.DOCKERHUB_USERNAME }}/sub2api:latest"
+    skip_push: '{{ if eq .Env.DOCKERHUB_USERNAME "skip" }}true{{ else }}false{{ end }}'
    image_templates:
      - "{{ .Env.DOCKERHUB_USERNAME }}/sub2api:{{ .Version }}-amd64"
      - "{{ .Env.DOCKERHUB_USERNAME }}/sub2api:{{ .Version }}-arm64"

  - name_template: "{{ .Env.DOCKERHUB_USERNAME }}/sub2api:{{ .Major }}.{{ .Minor }}"
+    skip_push: '{{ if eq .Env.DOCKERHUB_USERNAME "skip" }}true{{ else }}false{{ end }}'
    image_templates:
      - "{{ .Env.DOCKERHUB_USERNAME }}/sub2api:{{ .Version }}-amd64"
      - "{{ .Env.DOCKERHUB_USERNAME }}/sub2api:{{ .Version }}-arm64"

  - name_template: "{{ .Env.DOCKERHUB_USERNAME }}/sub2api:{{ .Major }}"
+    skip_push: '{{ if eq .Env.DOCKERHUB_USERNAME "skip" }}true{{ else }}false{{ end }}'
    image_templates:
      - "{{ .Env.DOCKERHUB_USERNAME }}/sub2api:{{ .Version }}-amd64"
      - "{{ .Env.DOCKERHUB_USERNAME }}/sub2api:{{ .Version }}-arm64"
@@ -169,9 +177,11 @@ release:

    **Docker:**
    ```bash
+    {{ if ne .Env.DOCKERHUB_USERNAME "skip" -}}
    # Docker Hub
    docker pull {{ .Env.DOCKERHUB_USERNAME }}/sub2api:{{ .Version }}

+    {{ end -}}
    # GitHub Container Registry
    docker pull ghcr.io/{{ .Env.GITHUB_REPO_OWNER_LOWER }}/sub2api:{{ .Version }}
    ```
--- a/13
+++ b/13
@@ -7,8 +7,8 @@
 # =============================================================================

 ARG NODE_IMAGE=node:24-alpine
-ARG GOLANG_IMAGE=golang:1.25-alpine
-ARG ALPINE_IMAGE=alpine:3.19
+ARG GOLANG_IMAGE=golang:1.25.5-alpine
+ARG ALPINE_IMAGE=alpine:3.20
 ARG GOPROXY=https://goproxy.cn,direct
 ARG GOSUMDB=sum.golang.google.cn

@@ -19,13 +19,16 @@ FROM ${NODE_IMAGE} AS frontend-builder

 WORKDIR /app/frontend

+# Install pnpm
+RUN corepack enable && corepack prepare pnpm@latest --activate
+
 # Install dependencies first (better caching)
-COPY frontend/package*.json ./
-RUN npm ci
+COPY frontend/package.json frontend/pnpm-lock.yaml ./
+RUN pnpm install --frozen-lockfile

 # Copy frontend source and build
 COPY frontend/ ./
-RUN npm run build
+RUN pnpm run build

 # -----------------------------------------------------------------------------
 # Stage 2: Backend Builder
--- a/14
+++ b/14
@@ -1,4 +1,4 @@
-.PHONY: build build-backend build-frontend
+.PHONY: build build-backend build-frontend test test-backend test-frontend

 # 一键编译前后端
 build: build-backend build-frontend
@@ -9,4 +9,14 @@ build-backend:

 # 编译前端（需要已安装依赖）
 build-frontend:
-	@npm --prefix frontend run build
+	@pnpm --dir frontend run build
+
+# 运行测试（后端 + 前端）
+test: test-backend test-frontend
+
+test-backend:
+	@$(MAKE) -C backend test
+
+test-frontend:
+	@pnpm --dir frontend run lint:check
+	@pnpm --dir frontend run typecheck
--- a/README.md
+++ b/README.md
@@ -2,7 +2,7 @@

 <div align="center">

-[![Go](https://img.shields.io/badge/Go-1.21+-00ADD8.svg)](https://golang.org/)
+[![Go](https://img.shields.io/badge/Go-1.25.5-00ADD8.svg)](https://golang.org/)
 [![Vue](https://img.shields.io/badge/Vue-3.4+-4FC08D.svg)](https://vuejs.org/)
 [![PostgreSQL](https://img.shields.io/badge/PostgreSQL-15+-336791.svg)](https://www.postgresql.org/)
 [![Redis](https://img.shields.io/badge/Redis-7+-DC382D.svg)](https://redis.io/)
@@ -44,13 +44,19 @@ Sub2API is an AI API gateway platform designed to distribute and manage API quot

 | Component | Technology |
 |-----------|------------|
-| Backend | Go 1.21+, Gin, GORM |
+| Backend | Go 1.25.5, Gin, Ent |
 | Frontend | Vue 3.4+, Vite 5+, TailwindCSS |
 | Database | PostgreSQL 15+ |
 | Cache/Queue | Redis 7+ |

 ---

+## Documentation
+
+- Dependency Security: `docs/dependency-security.md`
+
+---
+
 ## Deployment

 ### Method 1: Script Installation (Recommended)
@@ -160,6 +166,22 @@ ADMIN_PASSWORD=your_admin_password

 # Optional: Custom port
 SERVER_PORT=8080
+
+# Optional: Security configuration
+# Enable URL allowlist validation (false to skip allowlist checks, only basic format validation)
+SECURITY_URL_ALLOWLIST_ENABLED=false
+
+# Allow insecure HTTP URLs when allowlist is disabled (default: false, requires https)
+# ⚠️ WARNING: Enabling this allows HTTP (plaintext) URLs which can expose API keys
+#             Only recommended for:
+#             - Development/testing environments
+#             - Internal networks with trusted endpoints
+#             - When using local test servers (http://localhost)
+# PRODUCTION: Keep this false or use HTTPS URLs only
+SECURITY_URL_ALLOWLIST_ALLOW_INSECURE_HTTP=false
+
+# Allow private IP addresses for upstream/pricing/CRS (for internal deployments)
+SECURITY_URL_ALLOWLIST_ALLOW_PRIVATE_HOSTS=false
 ```

 ```bash
@@ -218,20 +240,23 @@ Build and run from source code for development or customization.
 git clone https://github.com/Wei-Shaw/sub2api.git
 cd sub2api

-# 2. Build frontend
+# 2. Install pnpm (if not already installed)
+npm install -g pnpm
+
+# 3. Build frontend
 cd frontend
-npm install
-npm run build
+pnpm install
+pnpm run build
 # Output will be in ../backend/internal/web/dist/

-# 3. Build backend with embedded frontend
+# 4. Build backend with embedded frontend
 cd ../backend
 go build -tags embed -o sub2api ./cmd/server

-# 4. Create configuration file
+# 5. Create configuration file
 cp ../deploy/config.example.yaml ./config.yaml

-# 5. Edit configuration
+# 6. Edit configuration
 nano config.yaml
 ```

@@ -268,6 +293,59 @@ default:
  rate_multiplier: 1.0
 ```

+Additional security-related options are available in `config.yaml`:
+
+- `cors.allowed_origins` for CORS allowlist
+- `security.url_allowlist` for upstream/pricing/CRS host allowlists
+- `security.url_allowlist.enabled` to disable URL validation (use with caution)
+- `security.url_allowlist.allow_insecure_http` to allow HTTP URLs when validation is disabled
+- `security.url_allowlist.allow_private_hosts` to allow private/local IP addresses
+- `security.response_headers.enabled` to enable configurable response header filtering (disabled uses default allowlist)
+- `security.csp` to control Content-Security-Policy headers
+- `billing.circuit_breaker` to fail closed on billing errors
+- `server.trusted_proxies` to enable X-Forwarded-For parsing
+- `turnstile.required` to require Turnstile in release mode
+
+**⚠️ Security Warning: HTTP URL Configuration**
+
+When `security.url_allowlist.enabled=false`, the system performs minimal URL validation by default, **rejecting HTTP URLs** and only allowing HTTPS. To allow HTTP URLs (e.g., for development or internal testing), you must explicitly set:
+
+```yaml
+security:
+  url_allowlist:
+    enabled: false                # Disable allowlist checks
+    allow_insecure_http: true     # Allow HTTP URLs (⚠️ INSECURE)
+```
+
+**Or via environment variable:**
+
+```bash
+SECURITY_URL_ALLOWLIST_ENABLED=false
+SECURITY_URL_ALLOWLIST_ALLOW_INSECURE_HTTP=true
+```
+
+**Risks of allowing HTTP:**
+- API keys and data transmitted in **plaintext** (vulnerable to interception)
+- Susceptible to **man-in-the-middle (MITM) attacks**
+- **NOT suitable for production** environments
+
+**When to use HTTP:**
+- ✅ Development/testing with local servers (http://localhost)
+- ✅ Internal networks with trusted endpoints
+- ✅ Testing account connectivity before obtaining HTTPS
+- ❌ Production environments (use HTTPS only)
+
+**Example error without this setting:**
+```
+Invalid base URL: invalid url scheme: http
+```
+
+If you disable URL validation or response header filtering, harden your network layer:
+- Enforce an egress allowlist for upstream domains/IPs
+- Block private/loopback/link-local ranges
+- Enforce TLS-only outbound traffic
+- Strip sensitive upstream response headers at the proxy
+
 ```bash
 # 6. Run the application
 ./sub2api
@@ -282,7 +360,7 @@ go run ./cmd/server

 # Frontend (with hot reload)
 cd frontend
-npm run dev
+pnpm run dev
 ```

 #### Code Generation
@@ -297,6 +375,16 @@ go generate ./cmd/server

 ---

+## Simple Mode
+
+Simple Mode is designed for individual developers or internal teams who want quick access without full SaaS features.
+
+- Enable: Set environment variable `RUN_MODE=simple`
+- Difference: Hides SaaS-related features and skips billing process
+- Security note: In production, you must also set `SIMPLE_MODE_CONFIRM=true` to allow startup
+
+---
+
 ## Antigravity Support

 Sub2API supports [Antigravity](https://antigravity.so/) accounts. After authorization, dedicated endpoints are available for Claude and Gemini models.
@@ -321,6 +409,12 @@ Antigravity accounts support optional **hybrid scheduling**. When enabled, the g

 > **⚠️ Warning**: Anthropic Claude and Antigravity Claude **cannot be mixed within the same conversation context**. Use groups to isolate them properly.

+### Known Issues
+
+In Claude Code, Plan Mode cannot exit automatically. (Normally when using the native Claude API, after planning is complete, Claude Code will pop up options for users to approve or reject the plan.)
+
+**Workaround**: Press `Shift + Tab` to manually exit Plan Mode, then type your response to approve or reject the plan.
+
 ---

 ## Project Structure
--- a/README_CN.md
+++ b/README_CN.md
@@ -2,7 +2,7 @@

 <div align="center">

-[![Go](https://img.shields.io/badge/Go-1.21+-00ADD8.svg)](https://golang.org/)
+[![Go](https://img.shields.io/badge/Go-1.25.5-00ADD8.svg)](https://golang.org/)
 [![Vue](https://img.shields.io/badge/Vue-3.4+-4FC08D.svg)](https://vuejs.org/)
 [![PostgreSQL](https://img.shields.io/badge/PostgreSQL-15+-336791.svg)](https://www.postgresql.org/)
 [![Redis](https://img.shields.io/badge/Redis-7+-DC382D.svg)](https://redis.io/)
@@ -44,13 +44,19 @@ Sub2API 是一个 AI API 网关平台，用于分发和管理 AI 产品订阅（

 | 组件 | 技术 |
 |------|------|
-| 后端 | Go 1.21+, Gin, GORM |
+| 后端 | Go 1.25.5, Gin, Ent |
 | 前端 | Vue 3.4+, Vite 5+, TailwindCSS |
 | 数据库 | PostgreSQL 15+ |
 | 缓存/队列 | Redis 7+ |

 ---

+## 文档
+
+- 依赖安全：`docs/dependency-security.md`
+
+---
+
 ## 部署方式

 ### 方式一：脚本安装（推荐）
@@ -160,6 +166,22 @@ ADMIN_PASSWORD=your_admin_password

 # 可选：自定义端口
 SERVER_PORT=8080
+
+# 可选：安全配置
+# 启用 URL 白名单验证（false 则跳过白名单检查，仅做基本格式校验）
+SECURITY_URL_ALLOWLIST_ENABLED=false
+
+# 关闭白名单时，是否允许 http:// URL（默认 false，只允许 https://）
+# ⚠️ 警告：允许 HTTP 会暴露 API 密钥（明文传输）
+#          仅建议在以下场景使用：
+#          - 开发/测试环境
+#          - 内部可信网络
+#          - 本地测试服务器（http://localhost）
+# 生产环境：保持 false 或仅使用 HTTPS URL
+SECURITY_URL_ALLOWLIST_ALLOW_INSECURE_HTTP=false
+
+# 是否允许私有 IP 地址用于上游/定价/CRS（内网部署时使用）
+SECURITY_URL_ALLOWLIST_ALLOW_PRIVATE_HOSTS=false
 ```

 ```bash
@@ -218,20 +240,23 @@ docker-compose logs -f
 git clone https://github.com/Wei-Shaw/sub2api.git
 cd sub2api

-# 2. 编译前端
+# 2. 安装 pnpm（如果还没有安装）
+npm install -g pnpm
+
+# 3. 编译前端
 cd frontend
-npm install
-npm run build
+pnpm install
+pnpm run build
 # 构建产物输出到 ../backend/internal/web/dist/

-# 3. 编译后端（嵌入前端）
+# 4. 编译后端（嵌入前端）
 cd ../backend
 go build -tags embed -o sub2api ./cmd/server

-# 4. 创建配置文件
+# 5. 创建配置文件
 cp ../deploy/config.example.yaml ./config.yaml

-# 5. 编辑配置
+# 6. 编辑配置
 nano config.yaml
 ```

@@ -268,6 +293,59 @@ default:
  rate_multiplier: 1.0
 ```

+`config.yaml` 还支持以下安全相关配置：
+
+- `cors.allowed_origins` 配置 CORS 白名单
+- `security.url_allowlist` 配置上游/价格数据/CRS 主机白名单
+- `security.url_allowlist.enabled` 可关闭 URL 校验（慎用）
+- `security.url_allowlist.allow_insecure_http` 关闭校验时允许 HTTP URL
+- `security.url_allowlist.allow_private_hosts` 允许私有/本地 IP 地址
+- `security.response_headers.enabled` 可启用可配置响应头过滤（关闭时使用默认白名单）
+- `security.csp` 配置 Content-Security-Policy
+- `billing.circuit_breaker` 计费异常时 fail-closed
+- `server.trusted_proxies` 启用可信代理解析 X-Forwarded-For
+- `turnstile.required` 在 release 模式强制启用 Turnstile
+
+**⚠️ 安全警告：HTTP URL 配置**
+
+当 `security.url_allowlist.enabled=false` 时，系统默认执行最小 URL 校验，**拒绝 HTTP URL**，仅允许 HTTPS。要允许 HTTP URL（例如用于开发或内网测试），必须显式设置：
+
+```yaml
+security:
+  url_allowlist:
+    enabled: false                # 禁用白名单检查
+    allow_insecure_http: true     # 允许 HTTP URL（⚠️ 不安全）
+```
+
+**或通过环境变量：**
+
+```bash
+SECURITY_URL_ALLOWLIST_ENABLED=false
+SECURITY_URL_ALLOWLIST_ALLOW_INSECURE_HTTP=true
+```
+
+**允许 HTTP 的风险：**
+- API 密钥和数据以**明文传输**（可被截获）
+- 易受**中间人攻击 (MITM)**
+- **不适合生产环境**
+
+**适用场景：**
+- ✅ 开发/测试环境的本地服务器（http://localhost）
+- ✅ 内网可信端点
+- ✅ 获取 HTTPS 前测试账号连通性
+- ❌ 生产环境（仅使用 HTTPS）
+
+**未设置此项时的错误示例：**
+```
+Invalid base URL: invalid url scheme: http
+```
+
+如关闭 URL 校验或响应头过滤，请加强网络层防护：
+- 出站访问白名单限制上游域名/IP
+- 阻断私网/回环/链路本地地址
+- 强制仅允许 TLS 出站
+- 在反向代理层移除敏感响应头
+
 ```bash
 # 6. 运行应用
 ./sub2api
@@ -282,7 +360,7 @@ go run ./cmd/server

 # 前端（支持热重载）
 cd frontend
-npm run dev
+pnpm run dev
 ```

 #### 代码生成
@@ -331,6 +409,10 @@ Antigravity 账户支持可选的**混合调度**功能。开启后，通用端

 > **⚠️ 注意**：Anthropic Claude 和 Antigravity Claude **不能在同一上下文中混合使用**，请通过分组功能做好隔离。

+
+### 已知问题
+在 Claude Code 中，无法自动退出Plan Mode。（正常使用原生Claude Api时，Plan 完成后，Claude Code会弹出弹出选项让用户同意或拒绝Plan。） 
+解决办法：shift + Tab，手动退出Plan mode，然后输入内容 告诉 Claude Code 同意或拒绝 Plan
 ---

 ## 项目结构
--- a/backend/.golangci.yml
+++ b/backend/.golangci.yml
@@ -83,7 +83,14 @@ linters:
      # Example (to disable some checks): [ "all", "-SA1000", "-SA1001"]
      # Run `GL_DEBUG=staticcheck golangci-lint run --enable=staticcheck` to see all available checks and enabled by config checks.
      # Default: ["all", "-ST1000", "-ST1003", "-ST1016", "-ST1020", "-ST1021", "-ST1022"]
+      # Temporarily disable style checks to allow CI to pass
      checks:
+        - all
+        - -ST1000  # Package comment format
+        - -ST1003  # Poorly chosen identifier (ApiKey vs APIKey)
+        - -ST1020  # Comment on exported method format
+        - -ST1021  # Comment on exported type format
+        - -ST1022  # Comment on exported variable format
        # Invalid regular expression.
        # https://staticcheck.dev/docs/checks/#SA1000
        - SA1000
@@ -369,15 +376,7 @@ linters:
        # Ineffectual Go compiler directive.
        # https://staticcheck.dev/docs/checks/#SA9009
        - SA9009
-        # Incorrect or missing package comment.
-        # https://staticcheck.dev/docs/checks/#ST1000
-        - ST1000
-        # Dot imports are discouraged.
-        # https://staticcheck.dev/docs/checks/#ST1001
-        - ST1001
-        # Poorly chosen identifier.
-        # https://staticcheck.dev/docs/checks/#ST1003
-        - ST1003
+        # NOTE: ST1000, ST1001, ST1003, ST1020, ST1021, ST1022 are disabled above
        # Incorrectly formatted error string.
        # https://staticcheck.dev/docs/checks/#ST1005
        - ST1005
@@ -411,15 +410,7 @@ linters:
        # Importing the same package multiple times.
        # https://staticcheck.dev/docs/checks/#ST1019
        - ST1019
-        # The documentation of an exported function should start with the function's name.
-        # https://staticcheck.dev/docs/checks/#ST1020
-        - ST1020
-        # The documentation of an exported type should start with type's name.
-        # https://staticcheck.dev/docs/checks/#ST1021
-        - ST1021
-        # The documentation of an exported variable or constant should start with variable's name.
-        # https://staticcheck.dev/docs/checks/#ST1022
-        - ST1022
+        # NOTE: ST1020, ST1021, ST1022 removed (disabled above)
        # Redundant type in variable declaration.
        # https://staticcheck.dev/docs/checks/#ST1023
        - ST1023
--- a/backend/Dockerfile
+++ b/backend/Dockerfile
@@ -1,4 +1,4 @@
-FROM golang:1.21-alpine
+FROM golang:1.25.5-alpine

 WORKDIR /app

--- a/backend/Makefile
+++ b/backend/Makefile
@@ -1,8 +1,12 @@
-.PHONY: build test-unit test-integration test-e2e
+.PHONY: build test test-unit test-integration test-e2e

 build:
 	go build -o bin/server ./cmd/server

+test:
+	go test ./...
+	golangci-lint run ./...
+
 test-unit:
 	go test -tags=unit ./...

--- a/backend/cmd/jwtgen/main.go
+++ b/backend/cmd/jwtgen/main.go
@@ -0,0 +1,57 @@
+package main
+
+import (
+	"context"
+	"flag"
+	"fmt"
+	"log"
+	"time"
+
+	_ "github.com/Wei-Shaw/sub2api/ent/runtime"
+	"github.com/Wei-Shaw/sub2api/internal/config"
+	"github.com/Wei-Shaw/sub2api/internal/repository"
+	"github.com/Wei-Shaw/sub2api/internal/service"
+)
+
+func main() {
+	email := flag.String("email", "", "Admin email to issue a JWT for (defaults to first active admin)")
+	flag.Parse()
+
+	cfg, err := config.Load()
+	if err != nil {
+		log.Fatalf("failed to load config: %v", err)
+	}
+
+	client, sqlDB, err := repository.InitEnt(cfg)
+	if err != nil {
+		log.Fatalf("failed to init db: %v", err)
+	}
+	defer func() {
+		if err := client.Close(); err != nil {
+			log.Printf("failed to close db: %v", err)
+		}
+	}()
+
+	userRepo := repository.NewUserRepository(client, sqlDB)
+	authService := service.NewAuthService(userRepo, cfg, nil, nil, nil, nil)
+
+	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+	defer cancel()
+
+	var user *service.User
+	if *email != "" {
+		user, err = userRepo.GetByEmail(ctx, *email)
+	} else {
+		user, err = userRepo.GetFirstAdmin(ctx)
+	}
+	if err != nil {
+		log.Fatalf("failed to resolve admin user: %v", err)
+	}
+
+	token, err := authService.GenerateToken(user)
+	if err != nil {
+		log.Fatalf("failed to generate token: %v", err)
+	}
+
+	fmt.Printf("ADMIN_EMAIL=%s\nADMIN_USER_ID=%d\nJWT=%s\n", user.Email, user.ID, token)
+}
--- a/backend/cmd/server/main.go
+++ b/backend/cmd/server/main.go
@@ -86,7 +86,8 @@ func main() {
 func runSetupServer() {
 	r := gin.New()
 	r.Use(middleware.Recovery())
-	r.Use(middleware.CORS())
+	r.Use(middleware.CORS(config.CORSConfig{}))
+	r.Use(middleware.SecurityHeaders(config.CSPConfig{Enabled: true, Policy: config.DefaultCSPPolicy}))

 	// Register setup routes
 	setup.RegisterRoutes(r)
--- a/backend/cmd/server/wire.go
+++ b/backend/cmd/server/wire.go
@@ -63,6 +63,7 @@ func provideCleanup(
 	entClient *ent.Client,
 	rdb *redis.Client,
 	tokenRefresh *service.TokenRefreshService,
+	accountExpiry *service.AccountExpiryService,
 	pricing *service.PricingService,
 	emailQueue *service.EmailQueueService,
 	billingCache *service.BillingCacheService,
@@ -70,7 +71,6 @@ func provideCleanup(
 	openaiOAuth *service.OpenAIOAuthService,
 	geminiOAuth *service.GeminiOAuthService,
 	antigravityOAuth *service.AntigravityOAuthService,
-	antigravityQuota *service.AntigravityQuotaRefresher,
 ) func() {
 	return func() {
 		ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
@@ -85,6 +85,10 @@ func provideCleanup(
 				tokenRefresh.Stop()
 				return nil
 			}},
+			{"AccountExpiryService", func() error {
+				accountExpiry.Stop()
+				return nil
+			}},
 			{"PricingService", func() error {
 				pricing.Stop()
 				return nil
@@ -113,10 +117,6 @@ func provideCleanup(
 				antigravityOAuth.Stop()
 				return nil
 			}},
-			{"AntigravityQuotaRefresher", func() error {
-				antigravityQuota.Stop()
-				return nil
-			}},
 			{"Redis", func() error {
 				return rdb.Close()
 			}},
--- a/backend/cmd/server/wire_gen.go
+++ b/backend/cmd/server/wire_gen.go
@@ -55,14 +55,14 @@ func initializeApplication(buildInfo handler.BuildInfo) (*Application, error) {
 	userService := service.NewUserService(userRepository)
 	authHandler := handler.NewAuthHandler(configConfig, authService, userService)
 	userHandler := handler.NewUserHandler(userService)
-	apiKeyRepository := repository.NewApiKeyRepository(client)
+	apiKeyRepository := repository.NewAPIKeyRepository(client)
 	groupRepository := repository.NewGroupRepository(client, db)
 	userSubscriptionRepository := repository.NewUserSubscriptionRepository(client)
-	apiKeyCache := repository.NewApiKeyCache(redisClient)
-	apiKeyService := service.NewApiKeyService(apiKeyRepository, userRepository, groupRepository, userSubscriptionRepository, apiKeyCache, configConfig)
+	apiKeyCache := repository.NewAPIKeyCache(redisClient)
+	apiKeyService := service.NewAPIKeyService(apiKeyRepository, userRepository, groupRepository, userSubscriptionRepository, apiKeyCache, configConfig)
 	apiKeyHandler := handler.NewAPIKeyHandler(apiKeyService)
 	usageLogRepository := repository.NewUsageLogRepository(client, db)
-	usageService := service.NewUsageService(usageLogRepository, userRepository)
+	usageService := service.NewUsageService(usageLogRepository, userRepository, client)
 	usageHandler := handler.NewUsageHandler(usageService, apiKeyService)
 	redeemCodeRepository := repository.NewRedeemCodeRepository(client)
 	billingCache := repository.NewBillingCache(redisClient)
@@ -76,7 +76,7 @@ func initializeApplication(buildInfo handler.BuildInfo) (*Application, error) {
 	dashboardHandler := admin.NewDashboardHandler(dashboardService)
 	accountRepository := repository.NewAccountRepository(client, db)
 	proxyRepository := repository.NewProxyRepository(client, db)
-	proxyExitInfoProber := repository.NewProxyExitInfoProber()
+	proxyExitInfoProber := repository.NewProxyExitInfoProber(configConfig)
 	adminService := service.NewAdminService(userRepository, groupRepository, accountRepository, proxyRepository, apiKeyRepository, redeemCodeRepository, billingCacheService, proxyExitInfoProber)
 	adminUserHandler := admin.NewUserHandler(adminService)
 	groupHandler := admin.NewGroupHandler(adminService)
@@ -87,21 +87,25 @@ func initializeApplication(buildInfo handler.BuildInfo) (*Application, error) {
 	geminiOAuthClient := repository.NewGeminiOAuthClient(configConfig)
 	geminiCliCodeAssistClient := repository.NewGeminiCliCodeAssistClient()
 	geminiOAuthService := service.NewGeminiOAuthService(proxyRepository, geminiOAuthClient, geminiCliCodeAssistClient, configConfig)
-	rateLimitService := service.NewRateLimitService(accountRepository, configConfig)
+	antigravityOAuthService := service.NewAntigravityOAuthService(proxyRepository)
+	geminiQuotaService := service.NewGeminiQuotaService(configConfig, settingRepository)
+	tempUnschedCache := repository.NewTempUnschedCache(redisClient)
+	rateLimitService := service.NewRateLimitService(accountRepository, usageLogRepository, configConfig, geminiQuotaService, tempUnschedCache)
 	claudeUsageFetcher := repository.NewClaudeUsageFetcher()
-	accountUsageService := service.NewAccountUsageService(accountRepository, usageLogRepository, claudeUsageFetcher)
+	antigravityQuotaFetcher := service.NewAntigravityQuotaFetcher(proxyRepository)
+	usageCache := service.NewUsageCache()
+	accountUsageService := service.NewAccountUsageService(accountRepository, usageLogRepository, claudeUsageFetcher, geminiQuotaService, antigravityQuotaFetcher, usageCache)
 	geminiTokenCache := repository.NewGeminiTokenCache(redisClient)
 	geminiTokenProvider := service.NewGeminiTokenProvider(accountRepository, geminiTokenCache, geminiOAuthService)
 	gatewayCache := repository.NewGatewayCache(redisClient)
-	antigravityOAuthService := service.NewAntigravityOAuthService(proxyRepository)
 	antigravityTokenProvider := service.NewAntigravityTokenProvider(accountRepository, geminiTokenCache, antigravityOAuthService)
 	httpUpstream := repository.NewHTTPUpstream(configConfig)
-	antigravityGatewayService := service.NewAntigravityGatewayService(accountRepository, gatewayCache, antigravityTokenProvider, rateLimitService, httpUpstream)
-	accountTestService := service.NewAccountTestService(accountRepository, oAuthService, openAIOAuthService, geminiTokenProvider, antigravityGatewayService, httpUpstream)
+	antigravityGatewayService := service.NewAntigravityGatewayService(accountRepository, gatewayCache, antigravityTokenProvider, rateLimitService, httpUpstream, settingService)
+	accountTestService := service.NewAccountTestService(accountRepository, geminiTokenProvider, antigravityGatewayService, httpUpstream, configConfig)
 	concurrencyCache := repository.ProvideConcurrencyCache(redisClient, configConfig)
-	concurrencyService := service.NewConcurrencyService(concurrencyCache)
-	crsSyncService := service.NewCRSSyncService(accountRepository, proxyRepository, oAuthService, openAIOAuthService, geminiOAuthService)
-	accountHandler := admin.NewAccountHandler(adminService, oAuthService, openAIOAuthService, geminiOAuthService, rateLimitService, accountUsageService, accountTestService, concurrencyService, crsSyncService)
+	concurrencyService := service.ProvideConcurrencyService(concurrencyCache, accountRepository, configConfig)
+	crsSyncService := service.NewCRSSyncService(accountRepository, proxyRepository, oAuthService, openAIOAuthService, geminiOAuthService, configConfig)
+	accountHandler := admin.NewAccountHandler(adminService, oAuthService, openAIOAuthService, geminiOAuthService, antigravityOAuthService, rateLimitService, accountUsageService, accountTestService, concurrencyService, crsSyncService)
 	oAuthHandler := admin.NewOAuthHandler(oAuthService)
 	openAIOAuthHandler := admin.NewOpenAIOAuthHandler(openAIOAuthService, adminService)
 	geminiOAuthHandler := admin.NewGeminiOAuthHandler(geminiOAuthService)
@@ -110,14 +114,18 @@ func initializeApplication(buildInfo handler.BuildInfo) (*Application, error) {
 	adminRedeemHandler := admin.NewRedeemHandler(adminService)
 	settingHandler := admin.NewSettingHandler(settingService, emailService, turnstileService)
 	updateCache := repository.NewUpdateCache(redisClient)
-	gitHubReleaseClient := repository.NewGitHubReleaseClient()
+	gitHubReleaseClient := repository.ProvideGitHubReleaseClient(configConfig)
 	serviceBuildInfo := provideServiceBuildInfo(buildInfo)
 	updateService := service.ProvideUpdateService(updateCache, gitHubReleaseClient, serviceBuildInfo)
 	systemHandler := handler.ProvideSystemHandler(updateService)
 	adminSubscriptionHandler := admin.NewSubscriptionHandler(subscriptionService)
 	adminUsageHandler := admin.NewUsageHandler(usageService, apiKeyService, adminService)
-	adminHandlers := handler.ProvideAdminHandlers(dashboardHandler, adminUserHandler, groupHandler, accountHandler, oAuthHandler, openAIOAuthHandler, geminiOAuthHandler, antigravityOAuthHandler, proxyHandler, adminRedeemHandler, settingHandler, systemHandler, adminSubscriptionHandler, adminUsageHandler)
-	pricingRemoteClient := repository.NewPricingRemoteClient()
+	userAttributeDefinitionRepository := repository.NewUserAttributeDefinitionRepository(client)
+	userAttributeValueRepository := repository.NewUserAttributeValueRepository(client)
+	userAttributeService := service.NewUserAttributeService(userAttributeDefinitionRepository, userAttributeValueRepository)
+	userAttributeHandler := admin.NewUserAttributeHandler(userAttributeService)
+	adminHandlers := handler.ProvideAdminHandlers(dashboardHandler, adminUserHandler, groupHandler, accountHandler, oAuthHandler, openAIOAuthHandler, geminiOAuthHandler, antigravityOAuthHandler, proxyHandler, adminRedeemHandler, settingHandler, systemHandler, adminSubscriptionHandler, adminUsageHandler, userAttributeHandler)
+	pricingRemoteClient := repository.ProvidePricingRemoteClient(configConfig)
 	pricingService, err := service.ProvidePricingService(configConfig, pricingRemoteClient)
 	if err != nil {
 		return nil, err
@@ -127,21 +135,21 @@ func initializeApplication(buildInfo handler.BuildInfo) (*Application, error) {
 	identityService := service.NewIdentityService(identityCache)
 	timingWheelService := service.ProvideTimingWheelService()
 	deferredService := service.ProvideDeferredService(accountRepository, timingWheelService)
-	gatewayService := service.NewGatewayService(accountRepository, groupRepository, usageLogRepository, userRepository, userSubscriptionRepository, gatewayCache, configConfig, billingService, rateLimitService, billingCacheService, identityService, httpUpstream, deferredService)
-	geminiMessagesCompatService := service.NewGeminiMessagesCompatService(accountRepository, groupRepository, gatewayCache, geminiTokenProvider, rateLimitService, httpUpstream, antigravityGatewayService)
-	gatewayHandler := handler.NewGatewayHandler(gatewayService, geminiMessagesCompatService, antigravityGatewayService, userService, concurrencyService, billingCacheService)
-	openAIGatewayService := service.NewOpenAIGatewayService(accountRepository, usageLogRepository, userRepository, userSubscriptionRepository, gatewayCache, configConfig, billingService, rateLimitService, billingCacheService, httpUpstream, deferredService)
-	openAIGatewayHandler := handler.NewOpenAIGatewayHandler(openAIGatewayService, concurrencyService, billingCacheService)
+	gatewayService := service.NewGatewayService(accountRepository, groupRepository, usageLogRepository, userRepository, userSubscriptionRepository, gatewayCache, configConfig, concurrencyService, billingService, rateLimitService, billingCacheService, identityService, httpUpstream, deferredService)
+	geminiMessagesCompatService := service.NewGeminiMessagesCompatService(accountRepository, groupRepository, gatewayCache, geminiTokenProvider, rateLimitService, httpUpstream, antigravityGatewayService, configConfig)
+	gatewayHandler := handler.NewGatewayHandler(gatewayService, geminiMessagesCompatService, antigravityGatewayService, userService, concurrencyService, billingCacheService, configConfig)
+	openAIGatewayService := service.NewOpenAIGatewayService(accountRepository, usageLogRepository, userRepository, userSubscriptionRepository, gatewayCache, configConfig, concurrencyService, billingService, rateLimitService, billingCacheService, httpUpstream, deferredService)
+	openAIGatewayHandler := handler.NewOpenAIGatewayHandler(openAIGatewayService, concurrencyService, billingCacheService, configConfig)
 	handlerSettingHandler := handler.ProvideSettingHandler(settingService, buildInfo)
 	handlers := handler.ProvideHandlers(authHandler, userHandler, apiKeyHandler, usageHandler, redeemHandler, subscriptionHandler, adminHandlers, gatewayHandler, openAIGatewayHandler, handlerSettingHandler)
 	jwtAuthMiddleware := middleware.NewJWTAuthMiddleware(authService, userService)
 	adminAuthMiddleware := middleware.NewAdminAuthMiddleware(authService, userService, settingService)
-	apiKeyAuthMiddleware := middleware.NewApiKeyAuthMiddleware(apiKeyService, subscriptionService, configConfig)
+	apiKeyAuthMiddleware := middleware.NewAPIKeyAuthMiddleware(apiKeyService, subscriptionService, configConfig)
 	engine := server.ProvideRouter(configConfig, handlers, jwtAuthMiddleware, adminAuthMiddleware, apiKeyAuthMiddleware, apiKeyService, subscriptionService)
 	httpServer := server.ProvideHTTPServer(configConfig, engine)
 	tokenRefreshService := service.ProvideTokenRefreshService(accountRepository, oAuthService, openAIOAuthService, geminiOAuthService, antigravityOAuthService, configConfig)
-	antigravityQuotaRefresher := service.ProvideAntigravityQuotaRefresher(accountRepository, proxyRepository, antigravityOAuthService, configConfig)
-	v := provideCleanup(client, redisClient, tokenRefreshService, pricingService, emailQueueService, billingCacheService, oAuthService, openAIOAuthService, geminiOAuthService, antigravityOAuthService, antigravityQuotaRefresher)
+	accountExpiryService := service.ProvideAccountExpiryService(accountRepository)
+	v := provideCleanup(client, redisClient, tokenRefreshService, accountExpiryService, pricingService, emailQueueService, billingCacheService, oAuthService, openAIOAuthService, geminiOAuthService, antigravityOAuthService)
 	application := &Application{
 		Server:  httpServer,
 		Cleanup: v,
@@ -167,6 +175,7 @@ func provideCleanup(
 	entClient *ent.Client,
 	rdb *redis.Client,
 	tokenRefresh *service.TokenRefreshService,
+	accountExpiry *service.AccountExpiryService,
 	pricing *service.PricingService,
 	emailQueue *service.EmailQueueService,
 	billingCache *service.BillingCacheService,
@@ -174,7 +183,6 @@ func provideCleanup(
 	openaiOAuth *service.OpenAIOAuthService,
 	geminiOAuth *service.GeminiOAuthService,
 	antigravityOAuth *service.AntigravityOAuthService,
-	antigravityQuota *service.AntigravityQuotaRefresher,
 ) func() {
 	return func() {
 		ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
@@ -188,6 +196,10 @@ func provideCleanup(
 				tokenRefresh.Stop()
 				return nil
 			}},
+			{"AccountExpiryService", func() error {
+				accountExpiry.Stop()
+				return nil
+			}},
 			{"PricingService", func() error {
 				pricing.Stop()
 				return nil
@@ -216,10 +228,6 @@ func provideCleanup(
 				antigravityOAuth.Stop()
 				return nil
 			}},
-			{"AntigravityQuotaRefresher", func() error {
-				antigravityQuota.Stop()
-				return nil
-			}},
 			{"Redis", func() error {
 				return rdb.Close()
 			}},
--- a/backend/ent/account.go
+++ b/backend/ent/account.go
@@ -27,6 +27,8 @@ type Account struct {
 	DeletedAt *time.Time `json:"deleted_at,omitempty"`
 	// Name holds the value of the "name" field.
 	Name string `json:"name,omitempty"`
+	// Notes holds the value of the "notes" field.
+	Notes *string `json:"notes,omitempty"`
 	// Platform holds the value of the "platform" field.
 	Platform string `json:"platform,omitempty"`
 	// Type holds the value of the "type" field.
@@ -47,6 +49,10 @@ type Account struct {
 	ErrorMessage *string `json:"error_message,omitempty"`
 	// LastUsedAt holds the value of the "last_used_at" field.
 	LastUsedAt *time.Time `json:"last_used_at,omitempty"`
+	// Account expiration time (NULL means no expiration).
+	ExpiresAt *time.Time `json:"expires_at,omitempty"`
+	// Auto pause scheduling when account expires.
+	AutoPauseOnExpired bool `json:"auto_pause_on_expired,omitempty"`
 	// Schedulable holds the value of the "schedulable" field.
 	Schedulable bool `json:"schedulable,omitempty"`
 	// RateLimitedAt holds the value of the "rate_limited_at" field.
@@ -127,13 +133,13 @@ func (*Account) scanValues(columns []string) ([]any, error) {
 		switch columns[i] {
 		case account.FieldCredentials, account.FieldExtra:
 			values[i] = new([]byte)
-		case account.FieldSchedulable:
+		case account.FieldAutoPauseOnExpired, account.FieldSchedulable:
 			values[i] = new(sql.NullBool)
 		case account.FieldID, account.FieldProxyID, account.FieldConcurrency, account.FieldPriority:
 			values[i] = new(sql.NullInt64)
-		case account.FieldName, account.FieldPlatform, account.FieldType, account.FieldStatus, account.FieldErrorMessage, account.FieldSessionWindowStatus:
+		case account.FieldName, account.FieldNotes, account.FieldPlatform, account.FieldType, account.FieldStatus, account.FieldErrorMessage, account.FieldSessionWindowStatus:
 			values[i] = new(sql.NullString)
-		case account.FieldCreatedAt, account.FieldUpdatedAt, account.FieldDeletedAt, account.FieldLastUsedAt, account.FieldRateLimitedAt, account.FieldRateLimitResetAt, account.FieldOverloadUntil, account.FieldSessionWindowStart, account.FieldSessionWindowEnd:
+		case account.FieldCreatedAt, account.FieldUpdatedAt, account.FieldDeletedAt, account.FieldLastUsedAt, account.FieldExpiresAt, account.FieldRateLimitedAt, account.FieldRateLimitResetAt, account.FieldOverloadUntil, account.FieldSessionWindowStart, account.FieldSessionWindowEnd:
 			values[i] = new(sql.NullTime)
 		default:
 			values[i] = new(sql.UnknownType)
@@ -181,6 +187,13 @@ func (_m *Account) assignValues(columns []string, values []any) error {
 			} else if value.Valid {
 				_m.Name = value.String
 			}
+		case account.FieldNotes:
+			if value, ok := values[i].(*sql.NullString); !ok {
+				return fmt.Errorf("unexpected type %T for field notes", values[i])
+			} else if value.Valid {
+				_m.Notes = new(string)
+				*_m.Notes = value.String
+			}
 		case account.FieldPlatform:
 			if value, ok := values[i].(*sql.NullString); !ok {
 				return fmt.Errorf("unexpected type %T for field platform", values[i])
@@ -248,6 +261,19 @@ func (_m *Account) assignValues(columns []string, values []any) error {
 				_m.LastUsedAt = new(time.Time)
 				*_m.LastUsedAt = value.Time
 			}
+		case account.FieldExpiresAt:
+			if value, ok := values[i].(*sql.NullTime); !ok {
+				return fmt.Errorf("unexpected type %T for field expires_at", values[i])
+			} else if value.Valid {
+				_m.ExpiresAt = new(time.Time)
+				*_m.ExpiresAt = value.Time
+			}
+		case account.FieldAutoPauseOnExpired:
+			if value, ok := values[i].(*sql.NullBool); !ok {
+				return fmt.Errorf("unexpected type %T for field auto_pause_on_expired", values[i])
+			} else if value.Valid {
+				_m.AutoPauseOnExpired = value.Bool
+			}
 		case account.FieldSchedulable:
 			if value, ok := values[i].(*sql.NullBool); !ok {
 				return fmt.Errorf("unexpected type %T for field schedulable", values[i])
@@ -366,6 +392,11 @@ func (_m *Account) String() string {
 	builder.WriteString("name=")
 	builder.WriteString(_m.Name)
 	builder.WriteString(", ")
+	if v := _m.Notes; v != nil {
+		builder.WriteString("notes=")
+		builder.WriteString(*v)
+	}
+	builder.WriteString(", ")
 	builder.WriteString("platform=")
 	builder.WriteString(_m.Platform)
 	builder.WriteString(", ")
@@ -402,6 +433,14 @@ func (_m *Account) String() string {
 		builder.WriteString(v.Format(time.ANSIC))
 	}
 	builder.WriteString(", ")
+	if v := _m.ExpiresAt; v != nil {
+		builder.WriteString("expires_at=")
+		builder.WriteString(v.Format(time.ANSIC))
+	}
+	builder.WriteString(", ")
+	builder.WriteString("auto_pause_on_expired=")
+	builder.WriteString(fmt.Sprintf("%v", _m.AutoPauseOnExpired))
+	builder.WriteString(", ")
 	builder.WriteString("schedulable=")
 	builder.WriteString(fmt.Sprintf("%v", _m.Schedulable))
 	builder.WriteString(", ")
--- a/backend/ent/account/account.go
+++ b/backend/ent/account/account.go
@@ -23,6 +23,8 @@ const (
 	FieldDeletedAt = "deleted_at"
 	// FieldName holds the string denoting the name field in the database.
 	FieldName = "name"
+	// FieldNotes holds the string denoting the notes field in the database.
+	FieldNotes = "notes"
 	// FieldPlatform holds the string denoting the platform field in the database.
 	FieldPlatform = "platform"
 	// FieldType holds the string denoting the type field in the database.
@@ -43,6 +45,10 @@ const (
 	FieldErrorMessage = "error_message"
 	// FieldLastUsedAt holds the string denoting the last_used_at field in the database.
 	FieldLastUsedAt = "last_used_at"
+	// FieldExpiresAt holds the string denoting the expires_at field in the database.
+	FieldExpiresAt = "expires_at"
+	// FieldAutoPauseOnExpired holds the string denoting the auto_pause_on_expired field in the database.
+	FieldAutoPauseOnExpired = "auto_pause_on_expired"
 	// FieldSchedulable holds the string denoting the schedulable field in the database.
 	FieldSchedulable = "schedulable"
 	// FieldRateLimitedAt holds the string denoting the rate_limited_at field in the database.
@@ -102,6 +108,7 @@ var Columns = []string{
 	FieldUpdatedAt,
 	FieldDeletedAt,
 	FieldName,
+	FieldNotes,
 	FieldPlatform,
 	FieldType,
 	FieldCredentials,
@@ -112,6 +119,8 @@ var Columns = []string{
 	FieldStatus,
 	FieldErrorMessage,
 	FieldLastUsedAt,
+	FieldExpiresAt,
+	FieldAutoPauseOnExpired,
 	FieldSchedulable,
 	FieldRateLimitedAt,
 	FieldRateLimitResetAt,
@@ -169,6 +178,8 @@ var (
 	DefaultStatus string
 	// StatusValidator is a validator for the "status" field. It is called by the builders before save.
 	StatusValidator func(string) error
+	// DefaultAutoPauseOnExpired holds the default value on creation for the "auto_pause_on_expired" field.
+	DefaultAutoPauseOnExpired bool
 	// DefaultSchedulable holds the default value on creation for the "schedulable" field.
 	DefaultSchedulable bool
 	// SessionWindowStatusValidator is a validator for the "session_window_status" field. It is called by the builders before save.
@@ -203,6 +214,11 @@ func ByName(opts ...sql.OrderTermOption) OrderOption {
 	return sql.OrderByField(FieldName, opts...).ToFunc()
 }

+// ByNotes orders the results by the notes field.
+func ByNotes(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldNotes, opts...).ToFunc()
+}
+
 // ByPlatform orders the results by the platform field.
 func ByPlatform(opts ...sql.OrderTermOption) OrderOption {
 	return sql.OrderByField(FieldPlatform, opts...).ToFunc()
@@ -243,6 +259,16 @@ func ByLastUsedAt(opts ...sql.OrderTermOption) OrderOption {
 	return sql.OrderByField(FieldLastUsedAt, opts...).ToFunc()
 }

+// ByExpiresAt orders the results by the expires_at field.
+func ByExpiresAt(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldExpiresAt, opts...).ToFunc()
+}
+
+// ByAutoPauseOnExpired orders the results by the auto_pause_on_expired field.
+func ByAutoPauseOnExpired(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldAutoPauseOnExpired, opts...).ToFunc()
+}
+
 // BySchedulable orders the results by the schedulable field.
 func BySchedulable(opts ...sql.OrderTermOption) OrderOption {
 	return sql.OrderByField(FieldSchedulable, opts...).ToFunc()
--- a/backend/ent/account/where.go
+++ b/backend/ent/account/where.go
@@ -75,6 +75,11 @@ func Name(v string) predicate.Account {
 	return predicate.Account(sql.FieldEQ(FieldName, v))
 }

+// Notes applies equality check predicate on the "notes" field. It's identical to NotesEQ.
+func Notes(v string) predicate.Account {
+	return predicate.Account(sql.FieldEQ(FieldNotes, v))
+}
+
 // Platform applies equality check predicate on the "platform" field. It's identical to PlatformEQ.
 func Platform(v string) predicate.Account {
 	return predicate.Account(sql.FieldEQ(FieldPlatform, v))
@@ -115,6 +120,16 @@ func LastUsedAt(v time.Time) predicate.Account {
 	return predicate.Account(sql.FieldEQ(FieldLastUsedAt, v))
 }

+// ExpiresAt applies equality check predicate on the "expires_at" field. It's identical to ExpiresAtEQ.
+func ExpiresAt(v time.Time) predicate.Account {
+	return predicate.Account(sql.FieldEQ(FieldExpiresAt, v))
+}
+
+// AutoPauseOnExpired applies equality check predicate on the "auto_pause_on_expired" field. It's identical to AutoPauseOnExpiredEQ.
+func AutoPauseOnExpired(v bool) predicate.Account {
+	return predicate.Account(sql.FieldEQ(FieldAutoPauseOnExpired, v))
+}
+
 // Schedulable applies equality check predicate on the "schedulable" field. It's identical to SchedulableEQ.
 func Schedulable(v bool) predicate.Account {
 	return predicate.Account(sql.FieldEQ(FieldSchedulable, v))
@@ -345,6 +360,81 @@ func NameContainsFold(v string) predicate.Account {
 	return predicate.Account(sql.FieldContainsFold(FieldName, v))
 }

+// NotesEQ applies the EQ predicate on the "notes" field.
+func NotesEQ(v string) predicate.Account {
+	return predicate.Account(sql.FieldEQ(FieldNotes, v))
+}
+
+// NotesNEQ applies the NEQ predicate on the "notes" field.
+func NotesNEQ(v string) predicate.Account {
+	return predicate.Account(sql.FieldNEQ(FieldNotes, v))
+}
+
+// NotesIn applies the In predicate on the "notes" field.
+func NotesIn(vs ...string) predicate.Account {
+	return predicate.Account(sql.FieldIn(FieldNotes, vs...))
+}
+
+// NotesNotIn applies the NotIn predicate on the "notes" field.
+func NotesNotIn(vs ...string) predicate.Account {
+	return predicate.Account(sql.FieldNotIn(FieldNotes, vs...))
+}
+
+// NotesGT applies the GT predicate on the "notes" field.
+func NotesGT(v string) predicate.Account {
+	return predicate.Account(sql.FieldGT(FieldNotes, v))
+}
+
+// NotesGTE applies the GTE predicate on the "notes" field.
+func NotesGTE(v string) predicate.Account {
+	return predicate.Account(sql.FieldGTE(FieldNotes, v))
+}
+
+// NotesLT applies the LT predicate on the "notes" field.
+func NotesLT(v string) predicate.Account {
+	return predicate.Account(sql.FieldLT(FieldNotes, v))
+}
+
+// NotesLTE applies the LTE predicate on the "notes" field.
+func NotesLTE(v string) predicate.Account {
+	return predicate.Account(sql.FieldLTE(FieldNotes, v))
+}
+
+// NotesContains applies the Contains predicate on the "notes" field.
+func NotesContains(v string) predicate.Account {
+	return predicate.Account(sql.FieldContains(FieldNotes, v))
+}
+
+// NotesHasPrefix applies the HasPrefix predicate on the "notes" field.
+func NotesHasPrefix(v string) predicate.Account {
+	return predicate.Account(sql.FieldHasPrefix(FieldNotes, v))
+}
+
+// NotesHasSuffix applies the HasSuffix predicate on the "notes" field.
+func NotesHasSuffix(v string) predicate.Account {
+	return predicate.Account(sql.FieldHasSuffix(FieldNotes, v))
+}
+
+// NotesIsNil applies the IsNil predicate on the "notes" field.
+func NotesIsNil() predicate.Account {
+	return predicate.Account(sql.FieldIsNull(FieldNotes))
+}
+
+// NotesNotNil applies the NotNil predicate on the "notes" field.
+func NotesNotNil() predicate.Account {
+	return predicate.Account(sql.FieldNotNull(FieldNotes))
+}
+
+// NotesEqualFold applies the EqualFold predicate on the "notes" field.
+func NotesEqualFold(v string) predicate.Account {
+	return predicate.Account(sql.FieldEqualFold(FieldNotes, v))
+}
+
+// NotesContainsFold applies the ContainsFold predicate on the "notes" field.
+func NotesContainsFold(v string) predicate.Account {
+	return predicate.Account(sql.FieldContainsFold(FieldNotes, v))
+}
+
 // PlatformEQ applies the EQ predicate on the "platform" field.
 func PlatformEQ(v string) predicate.Account {
 	return predicate.Account(sql.FieldEQ(FieldPlatform, v))
@@ -775,6 +865,66 @@ func LastUsedAtNotNil() predicate.Account {
 	return predicate.Account(sql.FieldNotNull(FieldLastUsedAt))
 }

+// ExpiresAtEQ applies the EQ predicate on the "expires_at" field.
+func ExpiresAtEQ(v time.Time) predicate.Account {
+	return predicate.Account(sql.FieldEQ(FieldExpiresAt, v))
+}
+
+// ExpiresAtNEQ applies the NEQ predicate on the "expires_at" field.
+func ExpiresAtNEQ(v time.Time) predicate.Account {
+	return predicate.Account(sql.FieldNEQ(FieldExpiresAt, v))
+}
+
+// ExpiresAtIn applies the In predicate on the "expires_at" field.
+func ExpiresAtIn(vs ...time.Time) predicate.Account {
+	return predicate.Account(sql.FieldIn(FieldExpiresAt, vs...))
+}
+
+// ExpiresAtNotIn applies the NotIn predicate on the "expires_at" field.
+func ExpiresAtNotIn(vs ...time.Time) predicate.Account {
+	return predicate.Account(sql.FieldNotIn(FieldExpiresAt, vs...))
+}
+
+// ExpiresAtGT applies the GT predicate on the "expires_at" field.
+func ExpiresAtGT(v time.Time) predicate.Account {
+	return predicate.Account(sql.FieldGT(FieldExpiresAt, v))
+}
+
+// ExpiresAtGTE applies the GTE predicate on the "expires_at" field.
+func ExpiresAtGTE(v time.Time) predicate.Account {
+	return predicate.Account(sql.FieldGTE(FieldExpiresAt, v))
+}
+
+// ExpiresAtLT applies the LT predicate on the "expires_at" field.
+func ExpiresAtLT(v time.Time) predicate.Account {
+	return predicate.Account(sql.FieldLT(FieldExpiresAt, v))
+}
+
+// ExpiresAtLTE applies the LTE predicate on the "expires_at" field.
+func ExpiresAtLTE(v time.Time) predicate.Account {
+	return predicate.Account(sql.FieldLTE(FieldExpiresAt, v))
+}
+
+// ExpiresAtIsNil applies the IsNil predicate on the "expires_at" field.
+func ExpiresAtIsNil() predicate.Account {
+	return predicate.Account(sql.FieldIsNull(FieldExpiresAt))
+}
+
+// ExpiresAtNotNil applies the NotNil predicate on the "expires_at" field.
+func ExpiresAtNotNil() predicate.Account {
+	return predicate.Account(sql.FieldNotNull(FieldExpiresAt))
+}
+
+// AutoPauseOnExpiredEQ applies the EQ predicate on the "auto_pause_on_expired" field.
+func AutoPauseOnExpiredEQ(v bool) predicate.Account {
+	return predicate.Account(sql.FieldEQ(FieldAutoPauseOnExpired, v))
+}
+
+// AutoPauseOnExpiredNEQ applies the NEQ predicate on the "auto_pause_on_expired" field.
+func AutoPauseOnExpiredNEQ(v bool) predicate.Account {
+	return predicate.Account(sql.FieldNEQ(FieldAutoPauseOnExpired, v))
+}
+
 // SchedulableEQ applies the EQ predicate on the "schedulable" field.
 func SchedulableEQ(v bool) predicate.Account {
 	return predicate.Account(sql.FieldEQ(FieldSchedulable, v))
--- a/backend/ent/account_create.go
+++ b/backend/ent/account_create.go
@@ -73,6 +73,20 @@ func (_c *AccountCreate) SetName(v string) *AccountCreate {
 	return _c
 }

+// SetNotes sets the "notes" field.
+func (_c *AccountCreate) SetNotes(v string) *AccountCreate {
+	_c.mutation.SetNotes(v)
+	return _c
+}
+
+// SetNillableNotes sets the "notes" field if the given value is not nil.
+func (_c *AccountCreate) SetNillableNotes(v *string) *AccountCreate {
+	if v != nil {
+		_c.SetNotes(*v)
+	}
+	return _c
+}
+
 // SetPlatform sets the "platform" field.
 func (_c *AccountCreate) SetPlatform(v string) *AccountCreate {
 	_c.mutation.SetPlatform(v)
@@ -181,6 +195,34 @@ func (_c *AccountCreate) SetNillableLastUsedAt(v *time.Time) *AccountCreate {
 	return _c
 }

+// SetExpiresAt sets the "expires_at" field.
+func (_c *AccountCreate) SetExpiresAt(v time.Time) *AccountCreate {
+	_c.mutation.SetExpiresAt(v)
+	return _c
+}
+
+// SetNillableExpiresAt sets the "expires_at" field if the given value is not nil.
+func (_c *AccountCreate) SetNillableExpiresAt(v *time.Time) *AccountCreate {
+	if v != nil {
+		_c.SetExpiresAt(*v)
+	}
+	return _c
+}
+
+// SetAutoPauseOnExpired sets the "auto_pause_on_expired" field.
+func (_c *AccountCreate) SetAutoPauseOnExpired(v bool) *AccountCreate {
+	_c.mutation.SetAutoPauseOnExpired(v)
+	return _c
+}
+
+// SetNillableAutoPauseOnExpired sets the "auto_pause_on_expired" field if the given value is not nil.
+func (_c *AccountCreate) SetNillableAutoPauseOnExpired(v *bool) *AccountCreate {
+	if v != nil {
+		_c.SetAutoPauseOnExpired(*v)
+	}
+	return _c
+}
+
 // SetSchedulable sets the "schedulable" field.
 func (_c *AccountCreate) SetSchedulable(v bool) *AccountCreate {
 	_c.mutation.SetSchedulable(v)
@@ -391,6 +433,10 @@ func (_c *AccountCreate) defaults() error {
 		v := account.DefaultStatus
 		_c.mutation.SetStatus(v)
 	}
+	if _, ok := _c.mutation.AutoPauseOnExpired(); !ok {
+		v := account.DefaultAutoPauseOnExpired
+		_c.mutation.SetAutoPauseOnExpired(v)
+	}
 	if _, ok := _c.mutation.Schedulable(); !ok {
 		v := account.DefaultSchedulable
 		_c.mutation.SetSchedulable(v)
@@ -450,6 +496,9 @@ func (_c *AccountCreate) check() error {
 			return &ValidationError{Name: "status", err: fmt.Errorf(`ent: validator failed for field "Account.status": %w`, err)}
 		}
 	}
+	if _, ok := _c.mutation.AutoPauseOnExpired(); !ok {
+		return &ValidationError{Name: "auto_pause_on_expired", err: errors.New(`ent: missing required field "Account.auto_pause_on_expired"`)}
+	}
 	if _, ok := _c.mutation.Schedulable(); !ok {
 		return &ValidationError{Name: "schedulable", err: errors.New(`ent: missing required field "Account.schedulable"`)}
 	}
@@ -501,6 +550,10 @@ func (_c *AccountCreate) createSpec() (*Account, *sqlgraph.CreateSpec) {
 		_spec.SetField(account.FieldName, field.TypeString, value)
 		_node.Name = value
 	}
+	if value, ok := _c.mutation.Notes(); ok {
+		_spec.SetField(account.FieldNotes, field.TypeString, value)
+		_node.Notes = &value
+	}
 	if value, ok := _c.mutation.Platform(); ok {
 		_spec.SetField(account.FieldPlatform, field.TypeString, value)
 		_node.Platform = value
@@ -537,6 +590,14 @@ func (_c *AccountCreate) createSpec() (*Account, *sqlgraph.CreateSpec) {
 		_spec.SetField(account.FieldLastUsedAt, field.TypeTime, value)
 		_node.LastUsedAt = &value
 	}
+	if value, ok := _c.mutation.ExpiresAt(); ok {
+		_spec.SetField(account.FieldExpiresAt, field.TypeTime, value)
+		_node.ExpiresAt = &value
+	}
+	if value, ok := _c.mutation.AutoPauseOnExpired(); ok {
+		_spec.SetField(account.FieldAutoPauseOnExpired, field.TypeBool, value)
+		_node.AutoPauseOnExpired = value
+	}
 	if value, ok := _c.mutation.Schedulable(); ok {
 		_spec.SetField(account.FieldSchedulable, field.TypeBool, value)
 		_node.Schedulable = value
@@ -712,6 +773,24 @@ func (u *AccountUpsert) UpdateName() *AccountUpsert {
 	return u
 }

+// SetNotes sets the "notes" field.
+func (u *AccountUpsert) SetNotes(v string) *AccountUpsert {
+	u.Set(account.FieldNotes, v)
+	return u
+}
+
+// UpdateNotes sets the "notes" field to the value that was provided on create.
+func (u *AccountUpsert) UpdateNotes() *AccountUpsert {
+	u.SetExcluded(account.FieldNotes)
+	return u
+}
+
+// ClearNotes clears the value of the "notes" field.
+func (u *AccountUpsert) ClearNotes() *AccountUpsert {
+	u.SetNull(account.FieldNotes)
+	return u
+}
+
 // SetPlatform sets the "platform" field.
 func (u *AccountUpsert) SetPlatform(v string) *AccountUpsert {
 	u.Set(account.FieldPlatform, v)
@@ -862,6 +941,36 @@ func (u *AccountUpsert) ClearLastUsedAt() *AccountUpsert {
 	return u
 }

+// SetExpiresAt sets the "expires_at" field.
+func (u *AccountUpsert) SetExpiresAt(v time.Time) *AccountUpsert {
+	u.Set(account.FieldExpiresAt, v)
+	return u
+}
+
+// UpdateExpiresAt sets the "expires_at" field to the value that was provided on create.
+func (u *AccountUpsert) UpdateExpiresAt() *AccountUpsert {
+	u.SetExcluded(account.FieldExpiresAt)
+	return u
+}
+
+// ClearExpiresAt clears the value of the "expires_at" field.
+func (u *AccountUpsert) ClearExpiresAt() *AccountUpsert {
+	u.SetNull(account.FieldExpiresAt)
+	return u
+}
+
+// SetAutoPauseOnExpired sets the "auto_pause_on_expired" field.
+func (u *AccountUpsert) SetAutoPauseOnExpired(v bool) *AccountUpsert {
+	u.Set(account.FieldAutoPauseOnExpired, v)
+	return u
+}
+
+// UpdateAutoPauseOnExpired sets the "auto_pause_on_expired" field to the value that was provided on create.
+func (u *AccountUpsert) UpdateAutoPauseOnExpired() *AccountUpsert {
+	u.SetExcluded(account.FieldAutoPauseOnExpired)
+	return u
+}
+
 // SetSchedulable sets the "schedulable" field.
 func (u *AccountUpsert) SetSchedulable(v bool) *AccountUpsert {
 	u.Set(account.FieldSchedulable, v)
@@ -1076,6 +1185,27 @@ func (u *AccountUpsertOne) UpdateName() *AccountUpsertOne {
 	})
 }

+// SetNotes sets the "notes" field.
+func (u *AccountUpsertOne) SetNotes(v string) *AccountUpsertOne {
+	return u.Update(func(s *AccountUpsert) {
+		s.SetNotes(v)
+	})
+}
+
+// UpdateNotes sets the "notes" field to the value that was provided on create.
+func (u *AccountUpsertOne) UpdateNotes() *AccountUpsertOne {
+	return u.Update(func(s *AccountUpsert) {
+		s.UpdateNotes()
+	})
+}
+
+// ClearNotes clears the value of the "notes" field.
+func (u *AccountUpsertOne) ClearNotes() *AccountUpsertOne {
+	return u.Update(func(s *AccountUpsert) {
+		s.ClearNotes()
+	})
+}
+
 // SetPlatform sets the "platform" field.
 func (u *AccountUpsertOne) SetPlatform(v string) *AccountUpsertOne {
 	return u.Update(func(s *AccountUpsert) {
@@ -1251,6 +1381,41 @@ func (u *AccountUpsertOne) ClearLastUsedAt() *AccountUpsertOne {
 	})
 }

+// SetExpiresAt sets the "expires_at" field.
+func (u *AccountUpsertOne) SetExpiresAt(v time.Time) *AccountUpsertOne {
+	return u.Update(func(s *AccountUpsert) {
+		s.SetExpiresAt(v)
+	})
+}
+
+// UpdateExpiresAt sets the "expires_at" field to the value that was provided on create.
+func (u *AccountUpsertOne) UpdateExpiresAt() *AccountUpsertOne {
+	return u.Update(func(s *AccountUpsert) {
+		s.UpdateExpiresAt()
+	})
+}
+
+// ClearExpiresAt clears the value of the "expires_at" field.
+func (u *AccountUpsertOne) ClearExpiresAt() *AccountUpsertOne {
+	return u.Update(func(s *AccountUpsert) {
+		s.ClearExpiresAt()
+	})
+}
+
+// SetAutoPauseOnExpired sets the "auto_pause_on_expired" field.
+func (u *AccountUpsertOne) SetAutoPauseOnExpired(v bool) *AccountUpsertOne {
+	return u.Update(func(s *AccountUpsert) {
+		s.SetAutoPauseOnExpired(v)
+	})
+}
+
+// UpdateAutoPauseOnExpired sets the "auto_pause_on_expired" field to the value that was provided on create.
+func (u *AccountUpsertOne) UpdateAutoPauseOnExpired() *AccountUpsertOne {
+	return u.Update(func(s *AccountUpsert) {
+		s.UpdateAutoPauseOnExpired()
+	})
+}
+
 // SetSchedulable sets the "schedulable" field.
 func (u *AccountUpsertOne) SetSchedulable(v bool) *AccountUpsertOne {
 	return u.Update(func(s *AccountUpsert) {
@@ -1651,6 +1816,27 @@ func (u *AccountUpsertBulk) UpdateName() *AccountUpsertBulk {
 	})
 }

+// SetNotes sets the "notes" field.
+func (u *AccountUpsertBulk) SetNotes(v string) *AccountUpsertBulk {
+	return u.Update(func(s *AccountUpsert) {
+		s.SetNotes(v)
+	})
+}
+
+// UpdateNotes sets the "notes" field to the value that was provided on create.
+func (u *AccountUpsertBulk) UpdateNotes() *AccountUpsertBulk {
+	return u.Update(func(s *AccountUpsert) {
+		s.UpdateNotes()
+	})
+}
+
+// ClearNotes clears the value of the "notes" field.
+func (u *AccountUpsertBulk) ClearNotes() *AccountUpsertBulk {
+	return u.Update(func(s *AccountUpsert) {
+		s.ClearNotes()
+	})
+}
+
 // SetPlatform sets the "platform" field.
 func (u *AccountUpsertBulk) SetPlatform(v string) *AccountUpsertBulk {
 	return u.Update(func(s *AccountUpsert) {
@@ -1826,6 +2012,41 @@ func (u *AccountUpsertBulk) ClearLastUsedAt() *AccountUpsertBulk {
 	})
 }

+// SetExpiresAt sets the "expires_at" field.
+func (u *AccountUpsertBulk) SetExpiresAt(v time.Time) *AccountUpsertBulk {
+	return u.Update(func(s *AccountUpsert) {
+		s.SetExpiresAt(v)
+	})
+}
+
+// UpdateExpiresAt sets the "expires_at" field to the value that was provided on create.
+func (u *AccountUpsertBulk) UpdateExpiresAt() *AccountUpsertBulk {
+	return u.Update(func(s *AccountUpsert) {
+		s.UpdateExpiresAt()
+	})
+}
+
+// ClearExpiresAt clears the value of the "expires_at" field.
+func (u *AccountUpsertBulk) ClearExpiresAt() *AccountUpsertBulk {
+	return u.Update(func(s *AccountUpsert) {
+		s.ClearExpiresAt()
+	})
+}
+
+// SetAutoPauseOnExpired sets the "auto_pause_on_expired" field.
+func (u *AccountUpsertBulk) SetAutoPauseOnExpired(v bool) *AccountUpsertBulk {
+	return u.Update(func(s *AccountUpsert) {
+		s.SetAutoPauseOnExpired(v)
+	})
+}
+
+// UpdateAutoPauseOnExpired sets the "auto_pause_on_expired" field to the value that was provided on create.
+func (u *AccountUpsertBulk) UpdateAutoPauseOnExpired() *AccountUpsertBulk {
+	return u.Update(func(s *AccountUpsert) {
+		s.UpdateAutoPauseOnExpired()
+	})
+}
+
 // SetSchedulable sets the "schedulable" field.
 func (u *AccountUpsertBulk) SetSchedulable(v bool) *AccountUpsertBulk {
 	return u.Update(func(s *AccountUpsert) {
--- a/backend/ent/account_update.go
+++ b/backend/ent/account_update.go
@@ -71,6 +71,26 @@ func (_u *AccountUpdate) SetNillableName(v *string) *AccountUpdate {
 	return _u
 }

+// SetNotes sets the "notes" field.
+func (_u *AccountUpdate) SetNotes(v string) *AccountUpdate {
+	_u.mutation.SetNotes(v)
+	return _u
+}
+
+// SetNillableNotes sets the "notes" field if the given value is not nil.
+func (_u *AccountUpdate) SetNillableNotes(v *string) *AccountUpdate {
+	if v != nil {
+		_u.SetNotes(*v)
+	}
+	return _u
+}
+
+// ClearNotes clears the value of the "notes" field.
+func (_u *AccountUpdate) ClearNotes() *AccountUpdate {
+	_u.mutation.ClearNotes()
+	return _u
+}
+
 // SetPlatform sets the "platform" field.
 func (_u *AccountUpdate) SetPlatform(v string) *AccountUpdate {
 	_u.mutation.SetPlatform(v)
@@ -227,6 +247,40 @@ func (_u *AccountUpdate) ClearLastUsedAt() *AccountUpdate {
 	return _u
 }

+// SetExpiresAt sets the "expires_at" field.
+func (_u *AccountUpdate) SetExpiresAt(v time.Time) *AccountUpdate {
+	_u.mutation.SetExpiresAt(v)
+	return _u
+}
+
+// SetNillableExpiresAt sets the "expires_at" field if the given value is not nil.
+func (_u *AccountUpdate) SetNillableExpiresAt(v *time.Time) *AccountUpdate {
+	if v != nil {
+		_u.SetExpiresAt(*v)
+	}
+	return _u
+}
+
+// ClearExpiresAt clears the value of the "expires_at" field.
+func (_u *AccountUpdate) ClearExpiresAt() *AccountUpdate {
+	_u.mutation.ClearExpiresAt()
+	return _u
+}
+
+// SetAutoPauseOnExpired sets the "auto_pause_on_expired" field.
+func (_u *AccountUpdate) SetAutoPauseOnExpired(v bool) *AccountUpdate {
+	_u.mutation.SetAutoPauseOnExpired(v)
+	return _u
+}
+
+// SetNillableAutoPauseOnExpired sets the "auto_pause_on_expired" field if the given value is not nil.
+func (_u *AccountUpdate) SetNillableAutoPauseOnExpired(v *bool) *AccountUpdate {
+	if v != nil {
+		_u.SetAutoPauseOnExpired(*v)
+	}
+	return _u
+}
+
 // SetSchedulable sets the "schedulable" field.
 func (_u *AccountUpdate) SetSchedulable(v bool) *AccountUpdate {
 	_u.mutation.SetSchedulable(v)
@@ -545,6 +599,12 @@ func (_u *AccountUpdate) sqlSave(ctx context.Context) (_node int, err error) {
 	if value, ok := _u.mutation.Name(); ok {
 		_spec.SetField(account.FieldName, field.TypeString, value)
 	}
+	if value, ok := _u.mutation.Notes(); ok {
+		_spec.SetField(account.FieldNotes, field.TypeString, value)
+	}
+	if _u.mutation.NotesCleared() {
+		_spec.ClearField(account.FieldNotes, field.TypeString)
+	}
 	if value, ok := _u.mutation.Platform(); ok {
 		_spec.SetField(account.FieldPlatform, field.TypeString, value)
 	}
@@ -584,6 +644,15 @@ func (_u *AccountUpdate) sqlSave(ctx context.Context) (_node int, err error) {
 	if _u.mutation.LastUsedAtCleared() {
 		_spec.ClearField(account.FieldLastUsedAt, field.TypeTime)
 	}
+	if value, ok := _u.mutation.ExpiresAt(); ok {
+		_spec.SetField(account.FieldExpiresAt, field.TypeTime, value)
+	}
+	if _u.mutation.ExpiresAtCleared() {
+		_spec.ClearField(account.FieldExpiresAt, field.TypeTime)
+	}
+	if value, ok := _u.mutation.AutoPauseOnExpired(); ok {
+		_spec.SetField(account.FieldAutoPauseOnExpired, field.TypeBool, value)
+	}
 	if value, ok := _u.mutation.Schedulable(); ok {
 		_spec.SetField(account.FieldSchedulable, field.TypeBool, value)
 	}
@@ -814,6 +883,26 @@ func (_u *AccountUpdateOne) SetNillableName(v *string) *AccountUpdateOne {
 	return _u
 }

+// SetNotes sets the "notes" field.
+func (_u *AccountUpdateOne) SetNotes(v string) *AccountUpdateOne {
+	_u.mutation.SetNotes(v)
+	return _u
+}
+
+// SetNillableNotes sets the "notes" field if the given value is not nil.
+func (_u *AccountUpdateOne) SetNillableNotes(v *string) *AccountUpdateOne {
+	if v != nil {
+		_u.SetNotes(*v)
+	}
+	return _u
+}
+
+// ClearNotes clears the value of the "notes" field.
+func (_u *AccountUpdateOne) ClearNotes() *AccountUpdateOne {
+	_u.mutation.ClearNotes()
+	return _u
+}
+
 // SetPlatform sets the "platform" field.
 func (_u *AccountUpdateOne) SetPlatform(v string) *AccountUpdateOne {
 	_u.mutation.SetPlatform(v)
@@ -970,6 +1059,40 @@ func (_u *AccountUpdateOne) ClearLastUsedAt() *AccountUpdateOne {
 	return _u
 }

+// SetExpiresAt sets the "expires_at" field.
+func (_u *AccountUpdateOne) SetExpiresAt(v time.Time) *AccountUpdateOne {
+	_u.mutation.SetExpiresAt(v)
+	return _u
+}
+
+// SetNillableExpiresAt sets the "expires_at" field if the given value is not nil.
+func (_u *AccountUpdateOne) SetNillableExpiresAt(v *time.Time) *AccountUpdateOne {
+	if v != nil {
+		_u.SetExpiresAt(*v)
+	}
+	return _u
+}
+
+// ClearExpiresAt clears the value of the "expires_at" field.
+func (_u *AccountUpdateOne) ClearExpiresAt() *AccountUpdateOne {
+	_u.mutation.ClearExpiresAt()
+	return _u
+}
+
+// SetAutoPauseOnExpired sets the "auto_pause_on_expired" field.
+func (_u *AccountUpdateOne) SetAutoPauseOnExpired(v bool) *AccountUpdateOne {
+	_u.mutation.SetAutoPauseOnExpired(v)
+	return _u
+}
+
+// SetNillableAutoPauseOnExpired sets the "auto_pause_on_expired" field if the given value is not nil.
+func (_u *AccountUpdateOne) SetNillableAutoPauseOnExpired(v *bool) *AccountUpdateOne {
+	if v != nil {
+		_u.SetAutoPauseOnExpired(*v)
+	}
+	return _u
+}
+
 // SetSchedulable sets the "schedulable" field.
 func (_u *AccountUpdateOne) SetSchedulable(v bool) *AccountUpdateOne {
 	_u.mutation.SetSchedulable(v)
@@ -1318,6 +1441,12 @@ func (_u *AccountUpdateOne) sqlSave(ctx context.Context) (_node *Account, err er
 	if value, ok := _u.mutation.Name(); ok {
 		_spec.SetField(account.FieldName, field.TypeString, value)
 	}
+	if value, ok := _u.mutation.Notes(); ok {
+		_spec.SetField(account.FieldNotes, field.TypeString, value)
+	}
+	if _u.mutation.NotesCleared() {
+		_spec.ClearField(account.FieldNotes, field.TypeString)
+	}
 	if value, ok := _u.mutation.Platform(); ok {
 		_spec.SetField(account.FieldPlatform, field.TypeString, value)
 	}
@@ -1357,6 +1486,15 @@ func (_u *AccountUpdateOne) sqlSave(ctx context.Context) (_node *Account, err er
 	if _u.mutation.LastUsedAtCleared() {
 		_spec.ClearField(account.FieldLastUsedAt, field.TypeTime)
 	}
+	if value, ok := _u.mutation.ExpiresAt(); ok {
+		_spec.SetField(account.FieldExpiresAt, field.TypeTime, value)
+	}
+	if _u.mutation.ExpiresAtCleared() {
+		_spec.ClearField(account.FieldExpiresAt, field.TypeTime)
+	}
+	if value, ok := _u.mutation.AutoPauseOnExpired(); ok {
+		_spec.SetField(account.FieldAutoPauseOnExpired, field.TypeBool, value)
+	}
 	if value, ok := _u.mutation.Schedulable(); ok {
 		_spec.SetField(account.FieldSchedulable, field.TypeBool, value)
 	}
--- a/backend/ent/apikey.go
+++ b/backend/ent/apikey.go
@@ -14,8 +14,8 @@ import (
 	"github.com/Wei-Shaw/sub2api/ent/user"
 )

-// ApiKey is the model entity for the ApiKey schema.
-type ApiKey struct {
+// APIKey is the model entity for the APIKey schema.
+type APIKey struct {
 	config `json:"-"`
 	// ID of the ent.
 	ID int64 `json:"id,omitempty"`
@@ -36,13 +36,13 @@ type ApiKey struct {
 	// Status holds the value of the "status" field.
 	Status string `json:"status,omitempty"`
 	// Edges holds the relations/edges for other nodes in the graph.
-	// The values are being populated by the ApiKeyQuery when eager-loading is set.
-	Edges        ApiKeyEdges `json:"edges"`
+	// The values are being populated by the APIKeyQuery when eager-loading is set.
+	Edges        APIKeyEdges `json:"edges"`
 	selectValues sql.SelectValues
 }

-// ApiKeyEdges holds the relations/edges for other nodes in the graph.
-type ApiKeyEdges struct {
+// APIKeyEdges holds the relations/edges for other nodes in the graph.
+type APIKeyEdges struct {
 	// User holds the value of the user edge.
 	User *User `json:"user,omitempty"`
 	// Group holds the value of the group edge.
@@ -56,7 +56,7 @@ type ApiKeyEdges struct {

 // UserOrErr returns the User value or an error if the edge
 // was not loaded in eager-loading, or loaded but was not found.
-func (e ApiKeyEdges) UserOrErr() (*User, error) {
+func (e APIKeyEdges) UserOrErr() (*User, error) {
 	if e.User != nil {
 		return e.User, nil
 	} else if e.loadedTypes[0] {
@@ -67,7 +67,7 @@ func (e ApiKeyEdges) UserOrErr() (*User, error) {

 // GroupOrErr returns the Group value or an error if the edge
 // was not loaded in eager-loading, or loaded but was not found.
-func (e ApiKeyEdges) GroupOrErr() (*Group, error) {
+func (e APIKeyEdges) GroupOrErr() (*Group, error) {
 	if e.Group != nil {
 		return e.Group, nil
 	} else if e.loadedTypes[1] {
@@ -78,7 +78,7 @@ func (e ApiKeyEdges) GroupOrErr() (*Group, error) {

 // UsageLogsOrErr returns the UsageLogs value or an error if the edge
 // was not loaded in eager-loading.
-func (e ApiKeyEdges) UsageLogsOrErr() ([]*UsageLog, error) {
+func (e APIKeyEdges) UsageLogsOrErr() ([]*UsageLog, error) {
 	if e.loadedTypes[2] {
 		return e.UsageLogs, nil
 	}
@@ -86,7 +86,7 @@ func (e ApiKeyEdges) UsageLogsOrErr() ([]*UsageLog, error) {
 }

 // scanValues returns the types for scanning values from sql.Rows.
-func (*ApiKey) scanValues(columns []string) ([]any, error) {
+func (*APIKey) scanValues(columns []string) ([]any, error) {
 	values := make([]any, len(columns))
 	for i := range columns {
 		switch columns[i] {
@@ -104,8 +104,8 @@ func (*ApiKey) scanValues(columns []string) ([]any, error) {
 }

 // assignValues assigns the values that were returned from sql.Rows (after scanning)
-// to the ApiKey fields.
-func (_m *ApiKey) assignValues(columns []string, values []any) error {
+// to the APIKey fields.
+func (_m *APIKey) assignValues(columns []string, values []any) error {
 	if m, n := len(values), len(columns); m < n {
 		return fmt.Errorf("mismatch number of scan values: %d != %d", m, n)
 	}
@@ -174,49 +174,49 @@ func (_m *ApiKey) assignValues(columns []string, values []any) error {
 	return nil
 }

-// Value returns the ent.Value that was dynamically selected and assigned to the ApiKey.
+// Value returns the ent.Value that was dynamically selected and assigned to the APIKey.
 // This includes values selected through modifiers, order, etc.
-func (_m *ApiKey) Value(name string) (ent.Value, error) {
+func (_m *APIKey) Value(name string) (ent.Value, error) {
 	return _m.selectValues.Get(name)
 }

-// QueryUser queries the "user" edge of the ApiKey entity.
-func (_m *ApiKey) QueryUser() *UserQuery {
-	return NewApiKeyClient(_m.config).QueryUser(_m)
+// QueryUser queries the "user" edge of the APIKey entity.
+func (_m *APIKey) QueryUser() *UserQuery {
+	return NewAPIKeyClient(_m.config).QueryUser(_m)
 }

-// QueryGroup queries the "group" edge of the ApiKey entity.
-func (_m *ApiKey) QueryGroup() *GroupQuery {
-	return NewApiKeyClient(_m.config).QueryGroup(_m)
+// QueryGroup queries the "group" edge of the APIKey entity.
+func (_m *APIKey) QueryGroup() *GroupQuery {
+	return NewAPIKeyClient(_m.config).QueryGroup(_m)
 }

-// QueryUsageLogs queries the "usage_logs" edge of the ApiKey entity.
-func (_m *ApiKey) QueryUsageLogs() *UsageLogQuery {
-	return NewApiKeyClient(_m.config).QueryUsageLogs(_m)
+// QueryUsageLogs queries the "usage_logs" edge of the APIKey entity.
+func (_m *APIKey) QueryUsageLogs() *UsageLogQuery {
+	return NewAPIKeyClient(_m.config).QueryUsageLogs(_m)
 }

-// Update returns a builder for updating this ApiKey.
-// Note that you need to call ApiKey.Unwrap() before calling this method if this ApiKey
+// Update returns a builder for updating this APIKey.
+// Note that you need to call APIKey.Unwrap() before calling this method if this APIKey
 // was returned from a transaction, and the transaction was committed or rolled back.
-func (_m *ApiKey) Update() *ApiKeyUpdateOne {
-	return NewApiKeyClient(_m.config).UpdateOne(_m)
+func (_m *APIKey) Update() *APIKeyUpdateOne {
+	return NewAPIKeyClient(_m.config).UpdateOne(_m)
 }

-// Unwrap unwraps the ApiKey entity that was returned from a transaction after it was closed,
+// Unwrap unwraps the APIKey entity that was returned from a transaction after it was closed,
 // so that all future queries will be executed through the driver which created the transaction.
-func (_m *ApiKey) Unwrap() *ApiKey {
+func (_m *APIKey) Unwrap() *APIKey {
 	_tx, ok := _m.config.driver.(*txDriver)
 	if !ok {
-		panic("ent: ApiKey is not a transactional entity")
+		panic("ent: APIKey is not a transactional entity")
 	}
 	_m.config.driver = _tx.drv
 	return _m
 }

 // String implements the fmt.Stringer.
-func (_m *ApiKey) String() string {
+func (_m *APIKey) String() string {
 	var builder strings.Builder
-	builder.WriteString("ApiKey(")
+	builder.WriteString("APIKey(")
 	builder.WriteString(fmt.Sprintf("id=%v, ", _m.ID))
 	builder.WriteString("created_at=")
 	builder.WriteString(_m.CreatedAt.Format(time.ANSIC))
@@ -249,5 +249,5 @@ func (_m *ApiKey) String() string {
 	return builder.String()
 }

-// ApiKeys is a parsable slice of ApiKey.
-type ApiKeys []*ApiKey
+// APIKeys is a parsable slice of APIKey.
+type APIKeys []*APIKey
--- a/backend/ent/apikey/apikey.go
+++ b/backend/ent/apikey/apikey.go
@@ -109,7 +109,7 @@ var (
 	StatusValidator func(string) error
 )

-// OrderOption defines the ordering options for the ApiKey queries.
+// OrderOption defines the ordering options for the APIKey queries.
 type OrderOption func(*sql.Selector)

 // ByID orders the results by the id field.
--- a/backend/ent/apikey/where.go
+++ b/backend/ent/apikey/where.go
@@ -11,468 +11,468 @@ import (
 )

 // ID filters vertices based on their ID field.
-func ID(id int64) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldEQ(FieldID, id))
+func ID(id int64) predicate.APIKey {
+	return predicate.APIKey(sql.FieldEQ(FieldID, id))
 }

 // IDEQ applies the EQ predicate on the ID field.
-func IDEQ(id int64) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldEQ(FieldID, id))
+func IDEQ(id int64) predicate.APIKey {
+	return predicate.APIKey(sql.FieldEQ(FieldID, id))
 }

 // IDNEQ applies the NEQ predicate on the ID field.
-func IDNEQ(id int64) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldNEQ(FieldID, id))
+func IDNEQ(id int64) predicate.APIKey {
+	return predicate.APIKey(sql.FieldNEQ(FieldID, id))
 }

 // IDIn applies the In predicate on the ID field.
-func IDIn(ids ...int64) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldIn(FieldID, ids...))
+func IDIn(ids ...int64) predicate.APIKey {
+	return predicate.APIKey(sql.FieldIn(FieldID, ids...))
 }

 // IDNotIn applies the NotIn predicate on the ID field.
-func IDNotIn(ids ...int64) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldNotIn(FieldID, ids...))
+func IDNotIn(ids ...int64) predicate.APIKey {
+	return predicate.APIKey(sql.FieldNotIn(FieldID, ids...))
 }

 // IDGT applies the GT predicate on the ID field.
-func IDGT(id int64) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldGT(FieldID, id))
+func IDGT(id int64) predicate.APIKey {
+	return predicate.APIKey(sql.FieldGT(FieldID, id))
 }

 // IDGTE applies the GTE predicate on the ID field.
-func IDGTE(id int64) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldGTE(FieldID, id))
+func IDGTE(id int64) predicate.APIKey {
+	return predicate.APIKey(sql.FieldGTE(FieldID, id))
 }

 // IDLT applies the LT predicate on the ID field.
-func IDLT(id int64) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldLT(FieldID, id))
+func IDLT(id int64) predicate.APIKey {
+	return predicate.APIKey(sql.FieldLT(FieldID, id))
 }

 // IDLTE applies the LTE predicate on the ID field.
-func IDLTE(id int64) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldLTE(FieldID, id))
+func IDLTE(id int64) predicate.APIKey {
+	return predicate.APIKey(sql.FieldLTE(FieldID, id))
 }

 // CreatedAt applies equality check predicate on the "created_at" field. It's identical to CreatedAtEQ.
-func CreatedAt(v time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldEQ(FieldCreatedAt, v))
+func CreatedAt(v time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldEQ(FieldCreatedAt, v))
 }

 // UpdatedAt applies equality check predicate on the "updated_at" field. It's identical to UpdatedAtEQ.
-func UpdatedAt(v time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldEQ(FieldUpdatedAt, v))
+func UpdatedAt(v time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldEQ(FieldUpdatedAt, v))
 }

 // DeletedAt applies equality check predicate on the "deleted_at" field. It's identical to DeletedAtEQ.
-func DeletedAt(v time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldEQ(FieldDeletedAt, v))
+func DeletedAt(v time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldEQ(FieldDeletedAt, v))
 }

 // UserID applies equality check predicate on the "user_id" field. It's identical to UserIDEQ.
-func UserID(v int64) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldEQ(FieldUserID, v))
+func UserID(v int64) predicate.APIKey {
+	return predicate.APIKey(sql.FieldEQ(FieldUserID, v))
 }

 // Key applies equality check predicate on the "key" field. It's identical to KeyEQ.
-func Key(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldEQ(FieldKey, v))
+func Key(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldEQ(FieldKey, v))
 }

 // Name applies equality check predicate on the "name" field. It's identical to NameEQ.
-func Name(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldEQ(FieldName, v))
+func Name(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldEQ(FieldName, v))
 }

 // GroupID applies equality check predicate on the "group_id" field. It's identical to GroupIDEQ.
-func GroupID(v int64) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldEQ(FieldGroupID, v))
+func GroupID(v int64) predicate.APIKey {
+	return predicate.APIKey(sql.FieldEQ(FieldGroupID, v))
 }

 // Status applies equality check predicate on the "status" field. It's identical to StatusEQ.
-func Status(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldEQ(FieldStatus, v))
+func Status(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldEQ(FieldStatus, v))
 }

 // CreatedAtEQ applies the EQ predicate on the "created_at" field.
-func CreatedAtEQ(v time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldEQ(FieldCreatedAt, v))
+func CreatedAtEQ(v time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldEQ(FieldCreatedAt, v))
 }

 // CreatedAtNEQ applies the NEQ predicate on the "created_at" field.
-func CreatedAtNEQ(v time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldNEQ(FieldCreatedAt, v))
+func CreatedAtNEQ(v time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldNEQ(FieldCreatedAt, v))
 }

 // CreatedAtIn applies the In predicate on the "created_at" field.
-func CreatedAtIn(vs ...time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldIn(FieldCreatedAt, vs...))
+func CreatedAtIn(vs ...time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldIn(FieldCreatedAt, vs...))
 }

 // CreatedAtNotIn applies the NotIn predicate on the "created_at" field.
-func CreatedAtNotIn(vs ...time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldNotIn(FieldCreatedAt, vs...))
+func CreatedAtNotIn(vs ...time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldNotIn(FieldCreatedAt, vs...))
 }

 // CreatedAtGT applies the GT predicate on the "created_at" field.
-func CreatedAtGT(v time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldGT(FieldCreatedAt, v))
+func CreatedAtGT(v time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldGT(FieldCreatedAt, v))
 }

 // CreatedAtGTE applies the GTE predicate on the "created_at" field.
-func CreatedAtGTE(v time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldGTE(FieldCreatedAt, v))
+func CreatedAtGTE(v time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldGTE(FieldCreatedAt, v))
 }

 // CreatedAtLT applies the LT predicate on the "created_at" field.
-func CreatedAtLT(v time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldLT(FieldCreatedAt, v))
+func CreatedAtLT(v time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldLT(FieldCreatedAt, v))
 }

 // CreatedAtLTE applies the LTE predicate on the "created_at" field.
-func CreatedAtLTE(v time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldLTE(FieldCreatedAt, v))
+func CreatedAtLTE(v time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldLTE(FieldCreatedAt, v))
 }

 // UpdatedAtEQ applies the EQ predicate on the "updated_at" field.
-func UpdatedAtEQ(v time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldEQ(FieldUpdatedAt, v))
+func UpdatedAtEQ(v time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldEQ(FieldUpdatedAt, v))
 }

 // UpdatedAtNEQ applies the NEQ predicate on the "updated_at" field.
-func UpdatedAtNEQ(v time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldNEQ(FieldUpdatedAt, v))
+func UpdatedAtNEQ(v time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldNEQ(FieldUpdatedAt, v))
 }

 // UpdatedAtIn applies the In predicate on the "updated_at" field.
-func UpdatedAtIn(vs ...time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldIn(FieldUpdatedAt, vs...))
+func UpdatedAtIn(vs ...time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldIn(FieldUpdatedAt, vs...))
 }

 // UpdatedAtNotIn applies the NotIn predicate on the "updated_at" field.
-func UpdatedAtNotIn(vs ...time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldNotIn(FieldUpdatedAt, vs...))
+func UpdatedAtNotIn(vs ...time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldNotIn(FieldUpdatedAt, vs...))
 }

 // UpdatedAtGT applies the GT predicate on the "updated_at" field.
-func UpdatedAtGT(v time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldGT(FieldUpdatedAt, v))
+func UpdatedAtGT(v time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldGT(FieldUpdatedAt, v))
 }

 // UpdatedAtGTE applies the GTE predicate on the "updated_at" field.
-func UpdatedAtGTE(v time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldGTE(FieldUpdatedAt, v))
+func UpdatedAtGTE(v time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldGTE(FieldUpdatedAt, v))
 }

 // UpdatedAtLT applies the LT predicate on the "updated_at" field.
-func UpdatedAtLT(v time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldLT(FieldUpdatedAt, v))
+func UpdatedAtLT(v time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldLT(FieldUpdatedAt, v))
 }

 // UpdatedAtLTE applies the LTE predicate on the "updated_at" field.
-func UpdatedAtLTE(v time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldLTE(FieldUpdatedAt, v))
+func UpdatedAtLTE(v time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldLTE(FieldUpdatedAt, v))
 }

 // DeletedAtEQ applies the EQ predicate on the "deleted_at" field.
-func DeletedAtEQ(v time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldEQ(FieldDeletedAt, v))
+func DeletedAtEQ(v time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldEQ(FieldDeletedAt, v))
 }

 // DeletedAtNEQ applies the NEQ predicate on the "deleted_at" field.
-func DeletedAtNEQ(v time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldNEQ(FieldDeletedAt, v))
+func DeletedAtNEQ(v time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldNEQ(FieldDeletedAt, v))
 }

 // DeletedAtIn applies the In predicate on the "deleted_at" field.
-func DeletedAtIn(vs ...time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldIn(FieldDeletedAt, vs...))
+func DeletedAtIn(vs ...time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldIn(FieldDeletedAt, vs...))
 }

 // DeletedAtNotIn applies the NotIn predicate on the "deleted_at" field.
-func DeletedAtNotIn(vs ...time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldNotIn(FieldDeletedAt, vs...))
+func DeletedAtNotIn(vs ...time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldNotIn(FieldDeletedAt, vs...))
 }

 // DeletedAtGT applies the GT predicate on the "deleted_at" field.
-func DeletedAtGT(v time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldGT(FieldDeletedAt, v))
+func DeletedAtGT(v time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldGT(FieldDeletedAt, v))
 }

 // DeletedAtGTE applies the GTE predicate on the "deleted_at" field.
-func DeletedAtGTE(v time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldGTE(FieldDeletedAt, v))
+func DeletedAtGTE(v time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldGTE(FieldDeletedAt, v))
 }

 // DeletedAtLT applies the LT predicate on the "deleted_at" field.
-func DeletedAtLT(v time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldLT(FieldDeletedAt, v))
+func DeletedAtLT(v time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldLT(FieldDeletedAt, v))
 }

 // DeletedAtLTE applies the LTE predicate on the "deleted_at" field.
-func DeletedAtLTE(v time.Time) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldLTE(FieldDeletedAt, v))
+func DeletedAtLTE(v time.Time) predicate.APIKey {
+	return predicate.APIKey(sql.FieldLTE(FieldDeletedAt, v))
 }

 // DeletedAtIsNil applies the IsNil predicate on the "deleted_at" field.
-func DeletedAtIsNil() predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldIsNull(FieldDeletedAt))
+func DeletedAtIsNil() predicate.APIKey {
+	return predicate.APIKey(sql.FieldIsNull(FieldDeletedAt))
 }

 // DeletedAtNotNil applies the NotNil predicate on the "deleted_at" field.
-func DeletedAtNotNil() predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldNotNull(FieldDeletedAt))
+func DeletedAtNotNil() predicate.APIKey {
+	return predicate.APIKey(sql.FieldNotNull(FieldDeletedAt))
 }

 // UserIDEQ applies the EQ predicate on the "user_id" field.
-func UserIDEQ(v int64) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldEQ(FieldUserID, v))
+func UserIDEQ(v int64) predicate.APIKey {
+	return predicate.APIKey(sql.FieldEQ(FieldUserID, v))
 }

 // UserIDNEQ applies the NEQ predicate on the "user_id" field.
-func UserIDNEQ(v int64) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldNEQ(FieldUserID, v))
+func UserIDNEQ(v int64) predicate.APIKey {
+	return predicate.APIKey(sql.FieldNEQ(FieldUserID, v))
 }

 // UserIDIn applies the In predicate on the "user_id" field.
-func UserIDIn(vs ...int64) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldIn(FieldUserID, vs...))
+func UserIDIn(vs ...int64) predicate.APIKey {
+	return predicate.APIKey(sql.FieldIn(FieldUserID, vs...))
 }

 // UserIDNotIn applies the NotIn predicate on the "user_id" field.
-func UserIDNotIn(vs ...int64) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldNotIn(FieldUserID, vs...))
+func UserIDNotIn(vs ...int64) predicate.APIKey {
+	return predicate.APIKey(sql.FieldNotIn(FieldUserID, vs...))
 }

 // KeyEQ applies the EQ predicate on the "key" field.
-func KeyEQ(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldEQ(FieldKey, v))
+func KeyEQ(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldEQ(FieldKey, v))
 }

 // KeyNEQ applies the NEQ predicate on the "key" field.
-func KeyNEQ(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldNEQ(FieldKey, v))
+func KeyNEQ(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldNEQ(FieldKey, v))
 }

 // KeyIn applies the In predicate on the "key" field.
-func KeyIn(vs ...string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldIn(FieldKey, vs...))
+func KeyIn(vs ...string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldIn(FieldKey, vs...))
 }

 // KeyNotIn applies the NotIn predicate on the "key" field.
-func KeyNotIn(vs ...string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldNotIn(FieldKey, vs...))
+func KeyNotIn(vs ...string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldNotIn(FieldKey, vs...))
 }

 // KeyGT applies the GT predicate on the "key" field.
-func KeyGT(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldGT(FieldKey, v))
+func KeyGT(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldGT(FieldKey, v))
 }

 // KeyGTE applies the GTE predicate on the "key" field.
-func KeyGTE(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldGTE(FieldKey, v))
+func KeyGTE(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldGTE(FieldKey, v))
 }

 // KeyLT applies the LT predicate on the "key" field.
-func KeyLT(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldLT(FieldKey, v))
+func KeyLT(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldLT(FieldKey, v))
 }

 // KeyLTE applies the LTE predicate on the "key" field.
-func KeyLTE(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldLTE(FieldKey, v))
+func KeyLTE(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldLTE(FieldKey, v))
 }

 // KeyContains applies the Contains predicate on the "key" field.
-func KeyContains(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldContains(FieldKey, v))
+func KeyContains(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldContains(FieldKey, v))
 }

 // KeyHasPrefix applies the HasPrefix predicate on the "key" field.
-func KeyHasPrefix(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldHasPrefix(FieldKey, v))
+func KeyHasPrefix(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldHasPrefix(FieldKey, v))
 }

 // KeyHasSuffix applies the HasSuffix predicate on the "key" field.
-func KeyHasSuffix(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldHasSuffix(FieldKey, v))
+func KeyHasSuffix(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldHasSuffix(FieldKey, v))
 }

 // KeyEqualFold applies the EqualFold predicate on the "key" field.
-func KeyEqualFold(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldEqualFold(FieldKey, v))
+func KeyEqualFold(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldEqualFold(FieldKey, v))
 }

 // KeyContainsFold applies the ContainsFold predicate on the "key" field.
-func KeyContainsFold(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldContainsFold(FieldKey, v))
+func KeyContainsFold(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldContainsFold(FieldKey, v))
 }

 // NameEQ applies the EQ predicate on the "name" field.
-func NameEQ(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldEQ(FieldName, v))
+func NameEQ(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldEQ(FieldName, v))
 }

 // NameNEQ applies the NEQ predicate on the "name" field.
-func NameNEQ(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldNEQ(FieldName, v))
+func NameNEQ(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldNEQ(FieldName, v))
 }

 // NameIn applies the In predicate on the "name" field.
-func NameIn(vs ...string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldIn(FieldName, vs...))
+func NameIn(vs ...string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldIn(FieldName, vs...))
 }

 // NameNotIn applies the NotIn predicate on the "name" field.
-func NameNotIn(vs ...string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldNotIn(FieldName, vs...))
+func NameNotIn(vs ...string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldNotIn(FieldName, vs...))
 }

 // NameGT applies the GT predicate on the "name" field.
-func NameGT(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldGT(FieldName, v))
+func NameGT(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldGT(FieldName, v))
 }

 // NameGTE applies the GTE predicate on the "name" field.
-func NameGTE(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldGTE(FieldName, v))
+func NameGTE(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldGTE(FieldName, v))
 }

 // NameLT applies the LT predicate on the "name" field.
-func NameLT(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldLT(FieldName, v))
+func NameLT(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldLT(FieldName, v))
 }

 // NameLTE applies the LTE predicate on the "name" field.
-func NameLTE(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldLTE(FieldName, v))
+func NameLTE(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldLTE(FieldName, v))
 }

 // NameContains applies the Contains predicate on the "name" field.
-func NameContains(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldContains(FieldName, v))
+func NameContains(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldContains(FieldName, v))
 }

 // NameHasPrefix applies the HasPrefix predicate on the "name" field.
-func NameHasPrefix(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldHasPrefix(FieldName, v))
+func NameHasPrefix(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldHasPrefix(FieldName, v))
 }

 // NameHasSuffix applies the HasSuffix predicate on the "name" field.
-func NameHasSuffix(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldHasSuffix(FieldName, v))
+func NameHasSuffix(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldHasSuffix(FieldName, v))
 }

 // NameEqualFold applies the EqualFold predicate on the "name" field.
-func NameEqualFold(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldEqualFold(FieldName, v))
+func NameEqualFold(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldEqualFold(FieldName, v))
 }

 // NameContainsFold applies the ContainsFold predicate on the "name" field.
-func NameContainsFold(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldContainsFold(FieldName, v))
+func NameContainsFold(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldContainsFold(FieldName, v))
 }

 // GroupIDEQ applies the EQ predicate on the "group_id" field.
-func GroupIDEQ(v int64) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldEQ(FieldGroupID, v))
+func GroupIDEQ(v int64) predicate.APIKey {
+	return predicate.APIKey(sql.FieldEQ(FieldGroupID, v))
 }

 // GroupIDNEQ applies the NEQ predicate on the "group_id" field.
-func GroupIDNEQ(v int64) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldNEQ(FieldGroupID, v))
+func GroupIDNEQ(v int64) predicate.APIKey {
+	return predicate.APIKey(sql.FieldNEQ(FieldGroupID, v))
 }

 // GroupIDIn applies the In predicate on the "group_id" field.
-func GroupIDIn(vs ...int64) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldIn(FieldGroupID, vs...))
+func GroupIDIn(vs ...int64) predicate.APIKey {
+	return predicate.APIKey(sql.FieldIn(FieldGroupID, vs...))
 }

 // GroupIDNotIn applies the NotIn predicate on the "group_id" field.
-func GroupIDNotIn(vs ...int64) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldNotIn(FieldGroupID, vs...))
+func GroupIDNotIn(vs ...int64) predicate.APIKey {
+	return predicate.APIKey(sql.FieldNotIn(FieldGroupID, vs...))
 }

 // GroupIDIsNil applies the IsNil predicate on the "group_id" field.
-func GroupIDIsNil() predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldIsNull(FieldGroupID))
+func GroupIDIsNil() predicate.APIKey {
+	return predicate.APIKey(sql.FieldIsNull(FieldGroupID))
 }

 // GroupIDNotNil applies the NotNil predicate on the "group_id" field.
-func GroupIDNotNil() predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldNotNull(FieldGroupID))
+func GroupIDNotNil() predicate.APIKey {
+	return predicate.APIKey(sql.FieldNotNull(FieldGroupID))
 }

 // StatusEQ applies the EQ predicate on the "status" field.
-func StatusEQ(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldEQ(FieldStatus, v))
+func StatusEQ(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldEQ(FieldStatus, v))
 }

 // StatusNEQ applies the NEQ predicate on the "status" field.
-func StatusNEQ(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldNEQ(FieldStatus, v))
+func StatusNEQ(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldNEQ(FieldStatus, v))
 }

 // StatusIn applies the In predicate on the "status" field.
-func StatusIn(vs ...string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldIn(FieldStatus, vs...))
+func StatusIn(vs ...string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldIn(FieldStatus, vs...))
 }

 // StatusNotIn applies the NotIn predicate on the "status" field.
-func StatusNotIn(vs ...string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldNotIn(FieldStatus, vs...))
+func StatusNotIn(vs ...string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldNotIn(FieldStatus, vs...))
 }

 // StatusGT applies the GT predicate on the "status" field.
-func StatusGT(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldGT(FieldStatus, v))
+func StatusGT(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldGT(FieldStatus, v))
 }

 // StatusGTE applies the GTE predicate on the "status" field.
-func StatusGTE(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldGTE(FieldStatus, v))
+func StatusGTE(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldGTE(FieldStatus, v))
 }

 // StatusLT applies the LT predicate on the "status" field.
-func StatusLT(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldLT(FieldStatus, v))
+func StatusLT(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldLT(FieldStatus, v))
 }

 // StatusLTE applies the LTE predicate on the "status" field.
-func StatusLTE(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldLTE(FieldStatus, v))
+func StatusLTE(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldLTE(FieldStatus, v))
 }

 // StatusContains applies the Contains predicate on the "status" field.
-func StatusContains(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldContains(FieldStatus, v))
+func StatusContains(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldContains(FieldStatus, v))
 }

 // StatusHasPrefix applies the HasPrefix predicate on the "status" field.
-func StatusHasPrefix(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldHasPrefix(FieldStatus, v))
+func StatusHasPrefix(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldHasPrefix(FieldStatus, v))
 }

 // StatusHasSuffix applies the HasSuffix predicate on the "status" field.
-func StatusHasSuffix(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldHasSuffix(FieldStatus, v))
+func StatusHasSuffix(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldHasSuffix(FieldStatus, v))
 }

 // StatusEqualFold applies the EqualFold predicate on the "status" field.
-func StatusEqualFold(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldEqualFold(FieldStatus, v))
+func StatusEqualFold(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldEqualFold(FieldStatus, v))
 }

 // StatusContainsFold applies the ContainsFold predicate on the "status" field.
-func StatusContainsFold(v string) predicate.ApiKey {
-	return predicate.ApiKey(sql.FieldContainsFold(FieldStatus, v))
+func StatusContainsFold(v string) predicate.APIKey {
+	return predicate.APIKey(sql.FieldContainsFold(FieldStatus, v))
 }

 // HasUser applies the HasEdge predicate on the "user" edge.
-func HasUser() predicate.ApiKey {
-	return predicate.ApiKey(func(s *sql.Selector) {
+func HasUser() predicate.APIKey {
+	return predicate.APIKey(func(s *sql.Selector) {
 		step := sqlgraph.NewStep(
 			sqlgraph.From(Table, FieldID),
 			sqlgraph.Edge(sqlgraph.M2O, true, UserTable, UserColumn),
@@ -482,8 +482,8 @@ func HasUser() predicate.ApiKey {
 }

 // HasUserWith applies the HasEdge predicate on the "user" edge with a given conditions (other predicates).
-func HasUserWith(preds ...predicate.User) predicate.ApiKey {
-	return predicate.ApiKey(func(s *sql.Selector) {
+func HasUserWith(preds ...predicate.User) predicate.APIKey {
+	return predicate.APIKey(func(s *sql.Selector) {
 		step := newUserStep()
 		sqlgraph.HasNeighborsWith(s, step, func(s *sql.Selector) {
 			for _, p := range preds {
@@ -494,8 +494,8 @@ func HasUserWith(preds ...predicate.User) predicate.ApiKey {
 }

 // HasGroup applies the HasEdge predicate on the "group" edge.
-func HasGroup() predicate.ApiKey {
-	return predicate.ApiKey(func(s *sql.Selector) {
+func HasGroup() predicate.APIKey {
+	return predicate.APIKey(func(s *sql.Selector) {
 		step := sqlgraph.NewStep(
 			sqlgraph.From(Table, FieldID),
 			sqlgraph.Edge(sqlgraph.M2O, true, GroupTable, GroupColumn),
@@ -505,8 +505,8 @@ func HasGroup() predicate.ApiKey {
 }

 // HasGroupWith applies the HasEdge predicate on the "group" edge with a given conditions (other predicates).
-func HasGroupWith(preds ...predicate.Group) predicate.ApiKey {
-	return predicate.ApiKey(func(s *sql.Selector) {
+func HasGroupWith(preds ...predicate.Group) predicate.APIKey {
+	return predicate.APIKey(func(s *sql.Selector) {
 		step := newGroupStep()
 		sqlgraph.HasNeighborsWith(s, step, func(s *sql.Selector) {
 			for _, p := range preds {
@@ -517,8 +517,8 @@ func HasGroupWith(preds ...predicate.Group) predicate.ApiKey {
 }

 // HasUsageLogs applies the HasEdge predicate on the "usage_logs" edge.
-func HasUsageLogs() predicate.ApiKey {
-	return predicate.ApiKey(func(s *sql.Selector) {
+func HasUsageLogs() predicate.APIKey {
+	return predicate.APIKey(func(s *sql.Selector) {
 		step := sqlgraph.NewStep(
 			sqlgraph.From(Table, FieldID),
 			sqlgraph.Edge(sqlgraph.O2M, false, UsageLogsTable, UsageLogsColumn),
@@ -528,8 +528,8 @@ func HasUsageLogs() predicate.ApiKey {
 }

 // HasUsageLogsWith applies the HasEdge predicate on the "usage_logs" edge with a given conditions (other predicates).
-func HasUsageLogsWith(preds ...predicate.UsageLog) predicate.ApiKey {
-	return predicate.ApiKey(func(s *sql.Selector) {
+func HasUsageLogsWith(preds ...predicate.UsageLog) predicate.APIKey {
+	return predicate.APIKey(func(s *sql.Selector) {
 		step := newUsageLogsStep()
 		sqlgraph.HasNeighborsWith(s, step, func(s *sql.Selector) {
 			for _, p := range preds {
@@ -540,16 +540,16 @@ func HasUsageLogsWith(preds ...predicate.UsageLog) predicate.ApiKey {
 }

 // And groups predicates with the AND operator between them.
-func And(predicates ...predicate.ApiKey) predicate.ApiKey {
-	return predicate.ApiKey(sql.AndPredicates(predicates...))
+func And(predicates ...predicate.APIKey) predicate.APIKey {
+	return predicate.APIKey(sql.AndPredicates(predicates...))
 }

 // Or groups predicates with the OR operator between them.
-func Or(predicates ...predicate.ApiKey) predicate.ApiKey {
-	return predicate.ApiKey(sql.OrPredicates(predicates...))
+func Or(predicates ...predicate.APIKey) predicate.APIKey {
+	return predicate.APIKey(sql.OrPredicates(predicates...))
 }

 // Not applies the not operator on the given predicate.
-func Not(p predicate.ApiKey) predicate.ApiKey {
-	return predicate.ApiKey(sql.NotPredicates(p))
+func Not(p predicate.APIKey) predicate.APIKey {
+	return predicate.APIKey(sql.NotPredicates(p))
 }
--- a/backend/ent/apikey_create.go
+++ b/backend/ent/apikey_create.go
@@ -17,22 +17,22 @@ import (
 	"github.com/Wei-Shaw/sub2api/ent/user"
 )

-// ApiKeyCreate is the builder for creating a ApiKey entity.
-type ApiKeyCreate struct {
+// APIKeyCreate is the builder for creating a APIKey entity.
+type APIKeyCreate struct {
 	config
-	mutation *ApiKeyMutation
+	mutation *APIKeyMutation
 	hooks    []Hook
 	conflict []sql.ConflictOption
 }

 // SetCreatedAt sets the "created_at" field.
-func (_c *ApiKeyCreate) SetCreatedAt(v time.Time) *ApiKeyCreate {
+func (_c *APIKeyCreate) SetCreatedAt(v time.Time) *APIKeyCreate {
 	_c.mutation.SetCreatedAt(v)
 	return _c
 }

 // SetNillableCreatedAt sets the "created_at" field if the given value is not nil.
-func (_c *ApiKeyCreate) SetNillableCreatedAt(v *time.Time) *ApiKeyCreate {
+func (_c *APIKeyCreate) SetNillableCreatedAt(v *time.Time) *APIKeyCreate {
 	if v != nil {
 		_c.SetCreatedAt(*v)
 	}
@@ -40,13 +40,13 @@ func (_c *ApiKeyCreate) SetNillableCreatedAt(v *time.Time) *ApiKeyCreate {
 }

 // SetUpdatedAt sets the "updated_at" field.
-func (_c *ApiKeyCreate) SetUpdatedAt(v time.Time) *ApiKeyCreate {
+func (_c *APIKeyCreate) SetUpdatedAt(v time.Time) *APIKeyCreate {
 	_c.mutation.SetUpdatedAt(v)
 	return _c
 }

 // SetNillableUpdatedAt sets the "updated_at" field if the given value is not nil.
-func (_c *ApiKeyCreate) SetNillableUpdatedAt(v *time.Time) *ApiKeyCreate {
+func (_c *APIKeyCreate) SetNillableUpdatedAt(v *time.Time) *APIKeyCreate {
 	if v != nil {
 		_c.SetUpdatedAt(*v)
 	}
@@ -54,13 +54,13 @@ func (_c *ApiKeyCreate) SetNillableUpdatedAt(v *time.Time) *ApiKeyCreate {
 }

 // SetDeletedAt sets the "deleted_at" field.
-func (_c *ApiKeyCreate) SetDeletedAt(v time.Time) *ApiKeyCreate {
+func (_c *APIKeyCreate) SetDeletedAt(v time.Time) *APIKeyCreate {
 	_c.mutation.SetDeletedAt(v)
 	return _c
 }

 // SetNillableDeletedAt sets the "deleted_at" field if the given value is not nil.
-func (_c *ApiKeyCreate) SetNillableDeletedAt(v *time.Time) *ApiKeyCreate {
+func (_c *APIKeyCreate) SetNillableDeletedAt(v *time.Time) *APIKeyCreate {
 	if v != nil {
 		_c.SetDeletedAt(*v)
 	}
@@ -68,31 +68,31 @@ func (_c *ApiKeyCreate) SetNillableDeletedAt(v *time.Time) *ApiKeyCreate {
 }

 // SetUserID sets the "user_id" field.
-func (_c *ApiKeyCreate) SetUserID(v int64) *ApiKeyCreate {
+func (_c *APIKeyCreate) SetUserID(v int64) *APIKeyCreate {
 	_c.mutation.SetUserID(v)
 	return _c
 }

 // SetKey sets the "key" field.
-func (_c *ApiKeyCreate) SetKey(v string) *ApiKeyCreate {
+func (_c *APIKeyCreate) SetKey(v string) *APIKeyCreate {
 	_c.mutation.SetKey(v)
 	return _c
 }

 // SetName sets the "name" field.
-func (_c *ApiKeyCreate) SetName(v string) *ApiKeyCreate {
+func (_c *APIKeyCreate) SetName(v string) *APIKeyCreate {
 	_c.mutation.SetName(v)
 	return _c
 }

 // SetGroupID sets the "group_id" field.
-func (_c *ApiKeyCreate) SetGroupID(v int64) *ApiKeyCreate {
+func (_c *APIKeyCreate) SetGroupID(v int64) *APIKeyCreate {
 	_c.mutation.SetGroupID(v)
 	return _c
 }

 // SetNillableGroupID sets the "group_id" field if the given value is not nil.
-func (_c *ApiKeyCreate) SetNillableGroupID(v *int64) *ApiKeyCreate {
+func (_c *APIKeyCreate) SetNillableGroupID(v *int64) *APIKeyCreate {
 	if v != nil {
 		_c.SetGroupID(*v)
 	}
@@ -100,13 +100,13 @@ func (_c *ApiKeyCreate) SetNillableGroupID(v *int64) *ApiKeyCreate {
 }

 // SetStatus sets the "status" field.
-func (_c *ApiKeyCreate) SetStatus(v string) *ApiKeyCreate {
+func (_c *APIKeyCreate) SetStatus(v string) *APIKeyCreate {
 	_c.mutation.SetStatus(v)
 	return _c
 }

 // SetNillableStatus sets the "status" field if the given value is not nil.
-func (_c *ApiKeyCreate) SetNillableStatus(v *string) *ApiKeyCreate {
+func (_c *APIKeyCreate) SetNillableStatus(v *string) *APIKeyCreate {
 	if v != nil {
 		_c.SetStatus(*v)
 	}
@@ -114,23 +114,23 @@ func (_c *ApiKeyCreate) SetNillableStatus(v *string) *ApiKeyCreate {
 }

 // SetUser sets the "user" edge to the User entity.
-func (_c *ApiKeyCreate) SetUser(v *User) *ApiKeyCreate {
+func (_c *APIKeyCreate) SetUser(v *User) *APIKeyCreate {
 	return _c.SetUserID(v.ID)
 }

 // SetGroup sets the "group" edge to the Group entity.
-func (_c *ApiKeyCreate) SetGroup(v *Group) *ApiKeyCreate {
+func (_c *APIKeyCreate) SetGroup(v *Group) *APIKeyCreate {
 	return _c.SetGroupID(v.ID)
 }

 // AddUsageLogIDs adds the "usage_logs" edge to the UsageLog entity by IDs.
-func (_c *ApiKeyCreate) AddUsageLogIDs(ids ...int64) *ApiKeyCreate {
+func (_c *APIKeyCreate) AddUsageLogIDs(ids ...int64) *APIKeyCreate {
 	_c.mutation.AddUsageLogIDs(ids...)
 	return _c
 }

 // AddUsageLogs adds the "usage_logs" edges to the UsageLog entity.
-func (_c *ApiKeyCreate) AddUsageLogs(v ...*UsageLog) *ApiKeyCreate {
+func (_c *APIKeyCreate) AddUsageLogs(v ...*UsageLog) *APIKeyCreate {
 	ids := make([]int64, len(v))
 	for i := range v {
 		ids[i] = v[i].ID
@@ -138,13 +138,13 @@ func (_c *ApiKeyCreate) AddUsageLogs(v ...*UsageLog) *ApiKeyCreate {
 	return _c.AddUsageLogIDs(ids...)
 }

-// Mutation returns the ApiKeyMutation object of the builder.
-func (_c *ApiKeyCreate) Mutation() *ApiKeyMutation {
+// Mutation returns the APIKeyMutation object of the builder.
+func (_c *APIKeyCreate) Mutation() *APIKeyMutation {
 	return _c.mutation
 }

-// Save creates the ApiKey in the database.
-func (_c *ApiKeyCreate) Save(ctx context.Context) (*ApiKey, error) {
+// Save creates the APIKey in the database.
+func (_c *APIKeyCreate) Save(ctx context.Context) (*APIKey, error) {
 	if err := _c.defaults(); err != nil {
 		return nil, err
 	}
@@ -152,7 +152,7 @@ func (_c *ApiKeyCreate) Save(ctx context.Context) (*ApiKey, error) {
 }

 // SaveX calls Save and panics if Save returns an error.
-func (_c *ApiKeyCreate) SaveX(ctx context.Context) *ApiKey {
+func (_c *APIKeyCreate) SaveX(ctx context.Context) *APIKey {
 	v, err := _c.Save(ctx)
 	if err != nil {
 		panic(err)
@@ -161,20 +161,20 @@ func (_c *ApiKeyCreate) SaveX(ctx context.Context) *ApiKey {
 }

 // Exec executes the query.
-func (_c *ApiKeyCreate) Exec(ctx context.Context) error {
+func (_c *APIKeyCreate) Exec(ctx context.Context) error {
 	_, err := _c.Save(ctx)
 	return err
 }

 // ExecX is like Exec, but panics if an error occurs.
-func (_c *ApiKeyCreate) ExecX(ctx context.Context) {
+func (_c *APIKeyCreate) ExecX(ctx context.Context) {
 	if err := _c.Exec(ctx); err != nil {
 		panic(err)
 	}
 }

 // defaults sets the default values of the builder before save.
-func (_c *ApiKeyCreate) defaults() error {
+func (_c *APIKeyCreate) defaults() error {
 	if _, ok := _c.mutation.CreatedAt(); !ok {
 		if apikey.DefaultCreatedAt == nil {
 			return fmt.Errorf("ent: uninitialized apikey.DefaultCreatedAt (forgotten import ent/runtime?)")
@@ -197,47 +197,47 @@ func (_c *ApiKeyCreate) defaults() error {
 }

 // check runs all checks and user-defined validators on the builder.
-func (_c *ApiKeyCreate) check() error {
+func (_c *APIKeyCreate) check() error {
 	if _, ok := _c.mutation.CreatedAt(); !ok {
-		return &ValidationError{Name: "created_at", err: errors.New(`ent: missing required field "ApiKey.created_at"`)}
+		return &ValidationError{Name: "created_at", err: errors.New(`ent: missing required field "APIKey.created_at"`)}
 	}
 	if _, ok := _c.mutation.UpdatedAt(); !ok {
-		return &ValidationError{Name: "updated_at", err: errors.New(`ent: missing required field "ApiKey.updated_at"`)}
+		return &ValidationError{Name: "updated_at", err: errors.New(`ent: missing required field "APIKey.updated_at"`)}
 	}
 	if _, ok := _c.mutation.UserID(); !ok {
-		return &ValidationError{Name: "user_id", err: errors.New(`ent: missing required field "ApiKey.user_id"`)}
+		return &ValidationError{Name: "user_id", err: errors.New(`ent: missing required field "APIKey.user_id"`)}
 	}
 	if _, ok := _c.mutation.Key(); !ok {
-		return &ValidationError{Name: "key", err: errors.New(`ent: missing required field "ApiKey.key"`)}
+		return &ValidationError{Name: "key", err: errors.New(`ent: missing required field "APIKey.key"`)}
 	}
 	if v, ok := _c.mutation.Key(); ok {
 		if err := apikey.KeyValidator(v); err != nil {
-			return &ValidationError{Name: "key", err: fmt.Errorf(`ent: validator failed for field "ApiKey.key": %w`, err)}
+			return &ValidationError{Name: "key", err: fmt.Errorf(`ent: validator failed for field "APIKey.key": %w`, err)}
 		}
 	}
 	if _, ok := _c.mutation.Name(); !ok {
-		return &ValidationError{Name: "name", err: errors.New(`ent: missing required field "ApiKey.name"`)}
+		return &ValidationError{Name: "name", err: errors.New(`ent: missing required field "APIKey.name"`)}
 	}
 	if v, ok := _c.mutation.Name(); ok {
 		if err := apikey.NameValidator(v); err != nil {
-			return &ValidationError{Name: "name", err: fmt.Errorf(`ent: validator failed for field "ApiKey.name": %w`, err)}
+			return &ValidationError{Name: "name", err: fmt.Errorf(`ent: validator failed for field "APIKey.name": %w`, err)}
 		}
 	}
 	if _, ok := _c.mutation.Status(); !ok {
-		return &ValidationError{Name: "status", err: errors.New(`ent: missing required field "ApiKey.status"`)}
+		return &ValidationError{Name: "status", err: errors.New(`ent: missing required field "APIKey.status"`)}
 	}
 	if v, ok := _c.mutation.Status(); ok {
 		if err := apikey.StatusValidator(v); err != nil {
-			return &ValidationError{Name: "status", err: fmt.Errorf(`ent: validator failed for field "ApiKey.status": %w`, err)}
+			return &ValidationError{Name: "status", err: fmt.Errorf(`ent: validator failed for field "APIKey.status": %w`, err)}
 		}
 	}
 	if len(_c.mutation.UserIDs()) == 0 {
-		return &ValidationError{Name: "user", err: errors.New(`ent: missing required edge "ApiKey.user"`)}
+		return &ValidationError{Name: "user", err: errors.New(`ent: missing required edge "APIKey.user"`)}
 	}
 	return nil
 }

-func (_c *ApiKeyCreate) sqlSave(ctx context.Context) (*ApiKey, error) {
+func (_c *APIKeyCreate) sqlSave(ctx context.Context) (*APIKey, error) {
 	if err := _c.check(); err != nil {
 		return nil, err
 	}
@@ -255,9 +255,9 @@ func (_c *ApiKeyCreate) sqlSave(ctx context.Context) (*ApiKey, error) {
 	return _node, nil
 }

-func (_c *ApiKeyCreate) createSpec() (*ApiKey, *sqlgraph.CreateSpec) {
+func (_c *APIKeyCreate) createSpec() (*APIKey, *sqlgraph.CreateSpec) {
 	var (
-		_node = &ApiKey{config: _c.config}
+		_node = &APIKey{config: _c.config}
 		_spec = sqlgraph.NewCreateSpec(apikey.Table, sqlgraph.NewFieldSpec(apikey.FieldID, field.TypeInt64))
 	)
 	_spec.OnConflict = _c.conflict
@@ -341,7 +341,7 @@ func (_c *ApiKeyCreate) createSpec() (*ApiKey, *sqlgraph.CreateSpec) {
 // OnConflict allows configuring the `ON CONFLICT` / `ON DUPLICATE KEY` clause
 // of the `INSERT` statement. For example:
 //
-//	client.ApiKey.Create().
+//	client.APIKey.Create().
 //		SetCreatedAt(v).
 //		OnConflict(
 //			// Update the row with the new values
@@ -350,13 +350,13 @@ func (_c *ApiKeyCreate) createSpec() (*ApiKey, *sqlgraph.CreateSpec) {
 //		).
 //		// Override some of the fields with custom
 //		// update values.
-//		Update(func(u *ent.ApiKeyUpsert) {
+//		Update(func(u *ent.APIKeyUpsert) {
 //			SetCreatedAt(v+v).
 //		}).
 //		Exec(ctx)
-func (_c *ApiKeyCreate) OnConflict(opts ...sql.ConflictOption) *ApiKeyUpsertOne {
+func (_c *APIKeyCreate) OnConflict(opts ...sql.ConflictOption) *APIKeyUpsertOne {
 	_c.conflict = opts
-	return &ApiKeyUpsertOne{
+	return &APIKeyUpsertOne{
 		create: _c,
 	}
 }
@@ -364,121 +364,121 @@ func (_c *ApiKeyCreate) OnConflict(opts ...sql.ConflictOption) *ApiKeyUpsertOne
 // OnConflictColumns calls `OnConflict` and configures the columns
 // as conflict target. Using this option is equivalent to using:
 //
-//	client.ApiKey.Create().
+//	client.APIKey.Create().
 //		OnConflict(sql.ConflictColumns(columns...)).
 //		Exec(ctx)
-func (_c *ApiKeyCreate) OnConflictColumns(columns ...string) *ApiKeyUpsertOne {
+func (_c *APIKeyCreate) OnConflictColumns(columns ...string) *APIKeyUpsertOne {
 	_c.conflict = append(_c.conflict, sql.ConflictColumns(columns...))
-	return &ApiKeyUpsertOne{
+	return &APIKeyUpsertOne{
 		create: _c,
 	}
 }

 type (
-	// ApiKeyUpsertOne is the builder for "upsert"-ing
-	//  one ApiKey node.
-	ApiKeyUpsertOne struct {
-		create *ApiKeyCreate
+	// APIKeyUpsertOne is the builder for "upsert"-ing
+	//  one APIKey node.
+	APIKeyUpsertOne struct {
+		create *APIKeyCreate
 	}

-	// ApiKeyUpsert is the "OnConflict" setter.
-	ApiKeyUpsert struct {
+	// APIKeyUpsert is the "OnConflict" setter.
+	APIKeyUpsert struct {
 		*sql.UpdateSet
 	}
 )

 // SetUpdatedAt sets the "updated_at" field.
-func (u *ApiKeyUpsert) SetUpdatedAt(v time.Time) *ApiKeyUpsert {
+func (u *APIKeyUpsert) SetUpdatedAt(v time.Time) *APIKeyUpsert {
 	u.Set(apikey.FieldUpdatedAt, v)
 	return u
 }

 // UpdateUpdatedAt sets the "updated_at" field to the value that was provided on create.
-func (u *ApiKeyUpsert) UpdateUpdatedAt() *ApiKeyUpsert {
+func (u *APIKeyUpsert) UpdateUpdatedAt() *APIKeyUpsert {
 	u.SetExcluded(apikey.FieldUpdatedAt)
 	return u
 }

 // SetDeletedAt sets the "deleted_at" field.
-func (u *ApiKeyUpsert) SetDeletedAt(v time.Time) *ApiKeyUpsert {
+func (u *APIKeyUpsert) SetDeletedAt(v time.Time) *APIKeyUpsert {
 	u.Set(apikey.FieldDeletedAt, v)
 	return u
 }

 // UpdateDeletedAt sets the "deleted_at" field to the value that was provided on create.
-func (u *ApiKeyUpsert) UpdateDeletedAt() *ApiKeyUpsert {
+func (u *APIKeyUpsert) UpdateDeletedAt() *APIKeyUpsert {
 	u.SetExcluded(apikey.FieldDeletedAt)
 	return u
 }

 // ClearDeletedAt clears the value of the "deleted_at" field.
-func (u *ApiKeyUpsert) ClearDeletedAt() *ApiKeyUpsert {
+func (u *APIKeyUpsert) ClearDeletedAt() *APIKeyUpsert {
 	u.SetNull(apikey.FieldDeletedAt)
 	return u
 }

 // SetUserID sets the "user_id" field.
-func (u *ApiKeyUpsert) SetUserID(v int64) *ApiKeyUpsert {
+func (u *APIKeyUpsert) SetUserID(v int64) *APIKeyUpsert {
 	u.Set(apikey.FieldUserID, v)
 	return u
 }

 // UpdateUserID sets the "user_id" field to the value that was provided on create.
-func (u *ApiKeyUpsert) UpdateUserID() *ApiKeyUpsert {
+func (u *APIKeyUpsert) UpdateUserID() *APIKeyUpsert {
 	u.SetExcluded(apikey.FieldUserID)
 	return u
 }

 // SetKey sets the "key" field.
-func (u *ApiKeyUpsert) SetKey(v string) *ApiKeyUpsert {
+func (u *APIKeyUpsert) SetKey(v string) *APIKeyUpsert {
 	u.Set(apikey.FieldKey, v)
 	return u
 }

 // UpdateKey sets the "key" field to the value that was provided on create.
-func (u *ApiKeyUpsert) UpdateKey() *ApiKeyUpsert {
+func (u *APIKeyUpsert) UpdateKey() *APIKeyUpsert {
 	u.SetExcluded(apikey.FieldKey)
 	return u
 }

 // SetName sets the "name" field.
-func (u *ApiKeyUpsert) SetName(v string) *ApiKeyUpsert {
+func (u *APIKeyUpsert) SetName(v string) *APIKeyUpsert {
 	u.Set(apikey.FieldName, v)
 	return u
 }

 // UpdateName sets the "name" field to the value that was provided on create.
-func (u *ApiKeyUpsert) UpdateName() *ApiKeyUpsert {
+func (u *APIKeyUpsert) UpdateName() *APIKeyUpsert {
 	u.SetExcluded(apikey.FieldName)
 	return u
 }

 // SetGroupID sets the "group_id" field.
-func (u *ApiKeyUpsert) SetGroupID(v int64) *ApiKeyUpsert {
+func (u *APIKeyUpsert) SetGroupID(v int64) *APIKeyUpsert {
 	u.Set(apikey.FieldGroupID, v)
 	return u
 }

 // UpdateGroupID sets the "group_id" field to the value that was provided on create.
-func (u *ApiKeyUpsert) UpdateGroupID() *ApiKeyUpsert {
+func (u *APIKeyUpsert) UpdateGroupID() *APIKeyUpsert {
 	u.SetExcluded(apikey.FieldGroupID)
 	return u
 }

 // ClearGroupID clears the value of the "group_id" field.
-func (u *ApiKeyUpsert) ClearGroupID() *ApiKeyUpsert {
+func (u *APIKeyUpsert) ClearGroupID() *APIKeyUpsert {
 	u.SetNull(apikey.FieldGroupID)
 	return u
 }

 // SetStatus sets the "status" field.
-func (u *ApiKeyUpsert) SetStatus(v string) *ApiKeyUpsert {
+func (u *APIKeyUpsert) SetStatus(v string) *APIKeyUpsert {
 	u.Set(apikey.FieldStatus, v)
 	return u
 }

 // UpdateStatus sets the "status" field to the value that was provided on create.
-func (u *ApiKeyUpsert) UpdateStatus() *ApiKeyUpsert {
+func (u *APIKeyUpsert) UpdateStatus() *APIKeyUpsert {
 	u.SetExcluded(apikey.FieldStatus)
 	return u
 }
@@ -486,12 +486,12 @@ func (u *ApiKeyUpsert) UpdateStatus() *ApiKeyUpsert {
 // UpdateNewValues updates the mutable fields using the new values that were set on create.
 // Using this option is equivalent to using:
 //
-//	client.ApiKey.Create().
+//	client.APIKey.Create().
 //		OnConflict(
 //			sql.ResolveWithNewValues(),
 //		).
 //		Exec(ctx)
-func (u *ApiKeyUpsertOne) UpdateNewValues() *ApiKeyUpsertOne {
+func (u *APIKeyUpsertOne) UpdateNewValues() *APIKeyUpsertOne {
 	u.create.conflict = append(u.create.conflict, sql.ResolveWithNewValues())
 	u.create.conflict = append(u.create.conflict, sql.ResolveWith(func(s *sql.UpdateSet) {
 		if _, exists := u.create.mutation.CreatedAt(); exists {
@@ -504,159 +504,159 @@ func (u *ApiKeyUpsertOne) UpdateNewValues() *ApiKeyUpsertOne {
 // Ignore sets each column to itself in case of conflict.
 // Using this option is equivalent to using:
 //
-//	client.ApiKey.Create().
+//	client.APIKey.Create().
 //	    OnConflict(sql.ResolveWithIgnore()).
 //	    Exec(ctx)
-func (u *ApiKeyUpsertOne) Ignore() *ApiKeyUpsertOne {
+func (u *APIKeyUpsertOne) Ignore() *APIKeyUpsertOne {
 	u.create.conflict = append(u.create.conflict, sql.ResolveWithIgnore())
 	return u
 }

 // DoNothing configures the conflict_action to `DO NOTHING`.
 // Supported only by SQLite and PostgreSQL.
-func (u *ApiKeyUpsertOne) DoNothing() *ApiKeyUpsertOne {
+func (u *APIKeyUpsertOne) DoNothing() *APIKeyUpsertOne {
 	u.create.conflict = append(u.create.conflict, sql.DoNothing())
 	return u
 }

-// Update allows overriding fields `UPDATE` values. See the ApiKeyCreate.OnConflict
+// Update allows overriding fields `UPDATE` values. See the APIKeyCreate.OnConflict
 // documentation for more info.
-func (u *ApiKeyUpsertOne) Update(set func(*ApiKeyUpsert)) *ApiKeyUpsertOne {
+func (u *APIKeyUpsertOne) Update(set func(*APIKeyUpsert)) *APIKeyUpsertOne {
 	u.create.conflict = append(u.create.conflict, sql.ResolveWith(func(update *sql.UpdateSet) {
-		set(&ApiKeyUpsert{UpdateSet: update})
+		set(&APIKeyUpsert{UpdateSet: update})
 	}))
 	return u
 }

 // SetUpdatedAt sets the "updated_at" field.
-func (u *ApiKeyUpsertOne) SetUpdatedAt(v time.Time) *ApiKeyUpsertOne {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertOne) SetUpdatedAt(v time.Time) *APIKeyUpsertOne {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.SetUpdatedAt(v)
 	})
 }

 // UpdateUpdatedAt sets the "updated_at" field to the value that was provided on create.
-func (u *ApiKeyUpsertOne) UpdateUpdatedAt() *ApiKeyUpsertOne {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertOne) UpdateUpdatedAt() *APIKeyUpsertOne {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.UpdateUpdatedAt()
 	})
 }

 // SetDeletedAt sets the "deleted_at" field.
-func (u *ApiKeyUpsertOne) SetDeletedAt(v time.Time) *ApiKeyUpsertOne {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertOne) SetDeletedAt(v time.Time) *APIKeyUpsertOne {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.SetDeletedAt(v)
 	})
 }

 // UpdateDeletedAt sets the "deleted_at" field to the value that was provided on create.
-func (u *ApiKeyUpsertOne) UpdateDeletedAt() *ApiKeyUpsertOne {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertOne) UpdateDeletedAt() *APIKeyUpsertOne {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.UpdateDeletedAt()
 	})
 }

 // ClearDeletedAt clears the value of the "deleted_at" field.
-func (u *ApiKeyUpsertOne) ClearDeletedAt() *ApiKeyUpsertOne {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertOne) ClearDeletedAt() *APIKeyUpsertOne {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.ClearDeletedAt()
 	})
 }

 // SetUserID sets the "user_id" field.
-func (u *ApiKeyUpsertOne) SetUserID(v int64) *ApiKeyUpsertOne {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertOne) SetUserID(v int64) *APIKeyUpsertOne {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.SetUserID(v)
 	})
 }

 // UpdateUserID sets the "user_id" field to the value that was provided on create.
-func (u *ApiKeyUpsertOne) UpdateUserID() *ApiKeyUpsertOne {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertOne) UpdateUserID() *APIKeyUpsertOne {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.UpdateUserID()
 	})
 }

 // SetKey sets the "key" field.
-func (u *ApiKeyUpsertOne) SetKey(v string) *ApiKeyUpsertOne {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertOne) SetKey(v string) *APIKeyUpsertOne {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.SetKey(v)
 	})
 }

 // UpdateKey sets the "key" field to the value that was provided on create.
-func (u *ApiKeyUpsertOne) UpdateKey() *ApiKeyUpsertOne {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertOne) UpdateKey() *APIKeyUpsertOne {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.UpdateKey()
 	})
 }

 // SetName sets the "name" field.
-func (u *ApiKeyUpsertOne) SetName(v string) *ApiKeyUpsertOne {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertOne) SetName(v string) *APIKeyUpsertOne {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.SetName(v)
 	})
 }

 // UpdateName sets the "name" field to the value that was provided on create.
-func (u *ApiKeyUpsertOne) UpdateName() *ApiKeyUpsertOne {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertOne) UpdateName() *APIKeyUpsertOne {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.UpdateName()
 	})
 }

 // SetGroupID sets the "group_id" field.
-func (u *ApiKeyUpsertOne) SetGroupID(v int64) *ApiKeyUpsertOne {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertOne) SetGroupID(v int64) *APIKeyUpsertOne {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.SetGroupID(v)
 	})
 }

 // UpdateGroupID sets the "group_id" field to the value that was provided on create.
-func (u *ApiKeyUpsertOne) UpdateGroupID() *ApiKeyUpsertOne {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertOne) UpdateGroupID() *APIKeyUpsertOne {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.UpdateGroupID()
 	})
 }

 // ClearGroupID clears the value of the "group_id" field.
-func (u *ApiKeyUpsertOne) ClearGroupID() *ApiKeyUpsertOne {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertOne) ClearGroupID() *APIKeyUpsertOne {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.ClearGroupID()
 	})
 }

 // SetStatus sets the "status" field.
-func (u *ApiKeyUpsertOne) SetStatus(v string) *ApiKeyUpsertOne {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertOne) SetStatus(v string) *APIKeyUpsertOne {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.SetStatus(v)
 	})
 }

 // UpdateStatus sets the "status" field to the value that was provided on create.
-func (u *ApiKeyUpsertOne) UpdateStatus() *ApiKeyUpsertOne {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertOne) UpdateStatus() *APIKeyUpsertOne {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.UpdateStatus()
 	})
 }

 // Exec executes the query.
-func (u *ApiKeyUpsertOne) Exec(ctx context.Context) error {
+func (u *APIKeyUpsertOne) Exec(ctx context.Context) error {
 	if len(u.create.conflict) == 0 {
-		return errors.New("ent: missing options for ApiKeyCreate.OnConflict")
+		return errors.New("ent: missing options for APIKeyCreate.OnConflict")
 	}
 	return u.create.Exec(ctx)
 }

 // ExecX is like Exec, but panics if an error occurs.
-func (u *ApiKeyUpsertOne) ExecX(ctx context.Context) {
+func (u *APIKeyUpsertOne) ExecX(ctx context.Context) {
 	if err := u.create.Exec(ctx); err != nil {
 		panic(err)
 	}
 }

 // Exec executes the UPSERT query and returns the inserted/updated ID.
-func (u *ApiKeyUpsertOne) ID(ctx context.Context) (id int64, err error) {
+func (u *APIKeyUpsertOne) ID(ctx context.Context) (id int64, err error) {
 	node, err := u.create.Save(ctx)
 	if err != nil {
 		return id, err
@@ -665,7 +665,7 @@ func (u *ApiKeyUpsertOne) ID(ctx context.Context) (id int64, err error) {
 }

 // IDX is like ID, but panics if an error occurs.
-func (u *ApiKeyUpsertOne) IDX(ctx context.Context) int64 {
+func (u *APIKeyUpsertOne) IDX(ctx context.Context) int64 {
 	id, err := u.ID(ctx)
 	if err != nil {
 		panic(err)
@@ -673,28 +673,28 @@ func (u *ApiKeyUpsertOne) IDX(ctx context.Context) int64 {
 	return id
 }

-// ApiKeyCreateBulk is the builder for creating many ApiKey entities in bulk.
-type ApiKeyCreateBulk struct {
+// APIKeyCreateBulk is the builder for creating many APIKey entities in bulk.
+type APIKeyCreateBulk struct {
 	config
 	err      error
-	builders []*ApiKeyCreate
+	builders []*APIKeyCreate
 	conflict []sql.ConflictOption
 }

-// Save creates the ApiKey entities in the database.
-func (_c *ApiKeyCreateBulk) Save(ctx context.Context) ([]*ApiKey, error) {
+// Save creates the APIKey entities in the database.
+func (_c *APIKeyCreateBulk) Save(ctx context.Context) ([]*APIKey, error) {
 	if _c.err != nil {
 		return nil, _c.err
 	}
 	specs := make([]*sqlgraph.CreateSpec, len(_c.builders))
-	nodes := make([]*ApiKey, len(_c.builders))
+	nodes := make([]*APIKey, len(_c.builders))
 	mutators := make([]Mutator, len(_c.builders))
 	for i := range _c.builders {
 		func(i int, root context.Context) {
 			builder := _c.builders[i]
 			builder.defaults()
 			var mut Mutator = MutateFunc(func(ctx context.Context, m Mutation) (Value, error) {
-				mutation, ok := m.(*ApiKeyMutation)
+				mutation, ok := m.(*APIKeyMutation)
 				if !ok {
 					return nil, fmt.Errorf("unexpected mutation type %T", m)
 				}
@@ -742,7 +742,7 @@ func (_c *ApiKeyCreateBulk) Save(ctx context.Context) ([]*ApiKey, error) {
 }

 // SaveX is like Save, but panics if an error occurs.
-func (_c *ApiKeyCreateBulk) SaveX(ctx context.Context) []*ApiKey {
+func (_c *APIKeyCreateBulk) SaveX(ctx context.Context) []*APIKey {
 	v, err := _c.Save(ctx)
 	if err != nil {
 		panic(err)
@@ -751,13 +751,13 @@ func (_c *ApiKeyCreateBulk) SaveX(ctx context.Context) []*ApiKey {
 }

 // Exec executes the query.
-func (_c *ApiKeyCreateBulk) Exec(ctx context.Context) error {
+func (_c *APIKeyCreateBulk) Exec(ctx context.Context) error {
 	_, err := _c.Save(ctx)
 	return err
 }

 // ExecX is like Exec, but panics if an error occurs.
-func (_c *ApiKeyCreateBulk) ExecX(ctx context.Context) {
+func (_c *APIKeyCreateBulk) ExecX(ctx context.Context) {
 	if err := _c.Exec(ctx); err != nil {
 		panic(err)
 	}
@@ -766,7 +766,7 @@ func (_c *ApiKeyCreateBulk) ExecX(ctx context.Context) {
 // OnConflict allows configuring the `ON CONFLICT` / `ON DUPLICATE KEY` clause
 // of the `INSERT` statement. For example:
 //
-//	client.ApiKey.CreateBulk(builders...).
+//	client.APIKey.CreateBulk(builders...).
 //		OnConflict(
 //			// Update the row with the new values
 //			// the was proposed for insertion.
@@ -774,13 +774,13 @@ func (_c *ApiKeyCreateBulk) ExecX(ctx context.Context) {
 //		).
 //		// Override some of the fields with custom
 //		// update values.
-//		Update(func(u *ent.ApiKeyUpsert) {
+//		Update(func(u *ent.APIKeyUpsert) {
 //			SetCreatedAt(v+v).
 //		}).
 //		Exec(ctx)
-func (_c *ApiKeyCreateBulk) OnConflict(opts ...sql.ConflictOption) *ApiKeyUpsertBulk {
+func (_c *APIKeyCreateBulk) OnConflict(opts ...sql.ConflictOption) *APIKeyUpsertBulk {
 	_c.conflict = opts
-	return &ApiKeyUpsertBulk{
+	return &APIKeyUpsertBulk{
 		create: _c,
 	}
 }
@@ -788,31 +788,31 @@ func (_c *ApiKeyCreateBulk) OnConflict(opts ...sql.ConflictOption) *ApiKeyUpsert
 // OnConflictColumns calls `OnConflict` and configures the columns
 // as conflict target. Using this option is equivalent to using:
 //
-//	client.ApiKey.Create().
+//	client.APIKey.Create().
 //		OnConflict(sql.ConflictColumns(columns...)).
 //		Exec(ctx)
-func (_c *ApiKeyCreateBulk) OnConflictColumns(columns ...string) *ApiKeyUpsertBulk {
+func (_c *APIKeyCreateBulk) OnConflictColumns(columns ...string) *APIKeyUpsertBulk {
 	_c.conflict = append(_c.conflict, sql.ConflictColumns(columns...))
-	return &ApiKeyUpsertBulk{
+	return &APIKeyUpsertBulk{
 		create: _c,
 	}
 }

-// ApiKeyUpsertBulk is the builder for "upsert"-ing
-// a bulk of ApiKey nodes.
-type ApiKeyUpsertBulk struct {
-	create *ApiKeyCreateBulk
+// APIKeyUpsertBulk is the builder for "upsert"-ing
+// a bulk of APIKey nodes.
+type APIKeyUpsertBulk struct {
+	create *APIKeyCreateBulk
 }

 // UpdateNewValues updates the mutable fields using the new values that
 // were set on create. Using this option is equivalent to using:
 //
-//	client.ApiKey.Create().
+//	client.APIKey.Create().
 //		OnConflict(
 //			sql.ResolveWithNewValues(),
 //		).
 //		Exec(ctx)
-func (u *ApiKeyUpsertBulk) UpdateNewValues() *ApiKeyUpsertBulk {
+func (u *APIKeyUpsertBulk) UpdateNewValues() *APIKeyUpsertBulk {
 	u.create.conflict = append(u.create.conflict, sql.ResolveWithNewValues())
 	u.create.conflict = append(u.create.conflict, sql.ResolveWith(func(s *sql.UpdateSet) {
 		for _, b := range u.create.builders {
@@ -827,160 +827,160 @@ func (u *ApiKeyUpsertBulk) UpdateNewValues() *ApiKeyUpsertBulk {
 // Ignore sets each column to itself in case of conflict.
 // Using this option is equivalent to using:
 //
-//	client.ApiKey.Create().
+//	client.APIKey.Create().
 //		OnConflict(sql.ResolveWithIgnore()).
 //		Exec(ctx)
-func (u *ApiKeyUpsertBulk) Ignore() *ApiKeyUpsertBulk {
+func (u *APIKeyUpsertBulk) Ignore() *APIKeyUpsertBulk {
 	u.create.conflict = append(u.create.conflict, sql.ResolveWithIgnore())
 	return u
 }

 // DoNothing configures the conflict_action to `DO NOTHING`.
 // Supported only by SQLite and PostgreSQL.
-func (u *ApiKeyUpsertBulk) DoNothing() *ApiKeyUpsertBulk {
+func (u *APIKeyUpsertBulk) DoNothing() *APIKeyUpsertBulk {
 	u.create.conflict = append(u.create.conflict, sql.DoNothing())
 	return u
 }

-// Update allows overriding fields `UPDATE` values. See the ApiKeyCreateBulk.OnConflict
+// Update allows overriding fields `UPDATE` values. See the APIKeyCreateBulk.OnConflict
 // documentation for more info.
-func (u *ApiKeyUpsertBulk) Update(set func(*ApiKeyUpsert)) *ApiKeyUpsertBulk {
+func (u *APIKeyUpsertBulk) Update(set func(*APIKeyUpsert)) *APIKeyUpsertBulk {
 	u.create.conflict = append(u.create.conflict, sql.ResolveWith(func(update *sql.UpdateSet) {
-		set(&ApiKeyUpsert{UpdateSet: update})
+		set(&APIKeyUpsert{UpdateSet: update})
 	}))
 	return u
 }

 // SetUpdatedAt sets the "updated_at" field.
-func (u *ApiKeyUpsertBulk) SetUpdatedAt(v time.Time) *ApiKeyUpsertBulk {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertBulk) SetUpdatedAt(v time.Time) *APIKeyUpsertBulk {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.SetUpdatedAt(v)
 	})
 }

 // UpdateUpdatedAt sets the "updated_at" field to the value that was provided on create.
-func (u *ApiKeyUpsertBulk) UpdateUpdatedAt() *ApiKeyUpsertBulk {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertBulk) UpdateUpdatedAt() *APIKeyUpsertBulk {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.UpdateUpdatedAt()
 	})
 }

 // SetDeletedAt sets the "deleted_at" field.
-func (u *ApiKeyUpsertBulk) SetDeletedAt(v time.Time) *ApiKeyUpsertBulk {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertBulk) SetDeletedAt(v time.Time) *APIKeyUpsertBulk {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.SetDeletedAt(v)
 	})
 }

 // UpdateDeletedAt sets the "deleted_at" field to the value that was provided on create.
-func (u *ApiKeyUpsertBulk) UpdateDeletedAt() *ApiKeyUpsertBulk {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertBulk) UpdateDeletedAt() *APIKeyUpsertBulk {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.UpdateDeletedAt()
 	})
 }

 // ClearDeletedAt clears the value of the "deleted_at" field.
-func (u *ApiKeyUpsertBulk) ClearDeletedAt() *ApiKeyUpsertBulk {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertBulk) ClearDeletedAt() *APIKeyUpsertBulk {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.ClearDeletedAt()
 	})
 }

 // SetUserID sets the "user_id" field.
-func (u *ApiKeyUpsertBulk) SetUserID(v int64) *ApiKeyUpsertBulk {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertBulk) SetUserID(v int64) *APIKeyUpsertBulk {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.SetUserID(v)
 	})
 }

 // UpdateUserID sets the "user_id" field to the value that was provided on create.
-func (u *ApiKeyUpsertBulk) UpdateUserID() *ApiKeyUpsertBulk {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertBulk) UpdateUserID() *APIKeyUpsertBulk {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.UpdateUserID()
 	})
 }

 // SetKey sets the "key" field.
-func (u *ApiKeyUpsertBulk) SetKey(v string) *ApiKeyUpsertBulk {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertBulk) SetKey(v string) *APIKeyUpsertBulk {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.SetKey(v)
 	})
 }

 // UpdateKey sets the "key" field to the value that was provided on create.
-func (u *ApiKeyUpsertBulk) UpdateKey() *ApiKeyUpsertBulk {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertBulk) UpdateKey() *APIKeyUpsertBulk {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.UpdateKey()
 	})
 }

 // SetName sets the "name" field.
-func (u *ApiKeyUpsertBulk) SetName(v string) *ApiKeyUpsertBulk {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertBulk) SetName(v string) *APIKeyUpsertBulk {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.SetName(v)
 	})
 }

 // UpdateName sets the "name" field to the value that was provided on create.
-func (u *ApiKeyUpsertBulk) UpdateName() *ApiKeyUpsertBulk {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertBulk) UpdateName() *APIKeyUpsertBulk {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.UpdateName()
 	})
 }

 // SetGroupID sets the "group_id" field.
-func (u *ApiKeyUpsertBulk) SetGroupID(v int64) *ApiKeyUpsertBulk {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertBulk) SetGroupID(v int64) *APIKeyUpsertBulk {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.SetGroupID(v)
 	})
 }

 // UpdateGroupID sets the "group_id" field to the value that was provided on create.
-func (u *ApiKeyUpsertBulk) UpdateGroupID() *ApiKeyUpsertBulk {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertBulk) UpdateGroupID() *APIKeyUpsertBulk {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.UpdateGroupID()
 	})
 }

 // ClearGroupID clears the value of the "group_id" field.
-func (u *ApiKeyUpsertBulk) ClearGroupID() *ApiKeyUpsertBulk {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertBulk) ClearGroupID() *APIKeyUpsertBulk {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.ClearGroupID()
 	})
 }

 // SetStatus sets the "status" field.
-func (u *ApiKeyUpsertBulk) SetStatus(v string) *ApiKeyUpsertBulk {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertBulk) SetStatus(v string) *APIKeyUpsertBulk {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.SetStatus(v)
 	})
 }

 // UpdateStatus sets the "status" field to the value that was provided on create.
-func (u *ApiKeyUpsertBulk) UpdateStatus() *ApiKeyUpsertBulk {
-	return u.Update(func(s *ApiKeyUpsert) {
+func (u *APIKeyUpsertBulk) UpdateStatus() *APIKeyUpsertBulk {
+	return u.Update(func(s *APIKeyUpsert) {
 		s.UpdateStatus()
 	})
 }

 // Exec executes the query.
-func (u *ApiKeyUpsertBulk) Exec(ctx context.Context) error {
+func (u *APIKeyUpsertBulk) Exec(ctx context.Context) error {
 	if u.create.err != nil {
 		return u.create.err
 	}
 	for i, b := range u.create.builders {
 		if len(b.conflict) != 0 {
-			return fmt.Errorf("ent: OnConflict was set for builder %d. Set it on the ApiKeyCreateBulk instead", i)
+			return fmt.Errorf("ent: OnConflict was set for builder %d. Set it on the APIKeyCreateBulk instead", i)
 		}
 	}
 	if len(u.create.conflict) == 0 {
-		return errors.New("ent: missing options for ApiKeyCreateBulk.OnConflict")
+		return errors.New("ent: missing options for APIKeyCreateBulk.OnConflict")
 	}
 	return u.create.Exec(ctx)
 }

 // ExecX is like Exec, but panics if an error occurs.
-func (u *ApiKeyUpsertBulk) ExecX(ctx context.Context) {
+func (u *APIKeyUpsertBulk) ExecX(ctx context.Context) {
 	if err := u.create.Exec(ctx); err != nil {
 		panic(err)
 	}
--- a/backend/ent/apikey_delete.go
+++ b/backend/ent/apikey_delete.go
@@ -12,26 +12,26 @@ import (
 	"github.com/Wei-Shaw/sub2api/ent/predicate"
 )

-// ApiKeyDelete is the builder for deleting a ApiKey entity.
-type ApiKeyDelete struct {
+// APIKeyDelete is the builder for deleting a APIKey entity.
+type APIKeyDelete struct {
 	config
 	hooks    []Hook
-	mutation *ApiKeyMutation
+	mutation *APIKeyMutation
 }

-// Where appends a list predicates to the ApiKeyDelete builder.
-func (_d *ApiKeyDelete) Where(ps ...predicate.ApiKey) *ApiKeyDelete {
+// Where appends a list predicates to the APIKeyDelete builder.
+func (_d *APIKeyDelete) Where(ps ...predicate.APIKey) *APIKeyDelete {
 	_d.mutation.Where(ps...)
 	return _d
 }

 // Exec executes the deletion query and returns how many vertices were deleted.
-func (_d *ApiKeyDelete) Exec(ctx context.Context) (int, error) {
+func (_d *APIKeyDelete) Exec(ctx context.Context) (int, error) {
 	return withHooks(ctx, _d.sqlExec, _d.mutation, _d.hooks)
 }

 // ExecX is like Exec, but panics if an error occurs.
-func (_d *ApiKeyDelete) ExecX(ctx context.Context) int {
+func (_d *APIKeyDelete) ExecX(ctx context.Context) int {
 	n, err := _d.Exec(ctx)
 	if err != nil {
 		panic(err)
@@ -39,7 +39,7 @@ func (_d *ApiKeyDelete) ExecX(ctx context.Context) int {
 	return n
 }

-func (_d *ApiKeyDelete) sqlExec(ctx context.Context) (int, error) {
+func (_d *APIKeyDelete) sqlExec(ctx context.Context) (int, error) {
 	_spec := sqlgraph.NewDeleteSpec(apikey.Table, sqlgraph.NewFieldSpec(apikey.FieldID, field.TypeInt64))
 	if ps := _d.mutation.predicates; len(ps) > 0 {
 		_spec.Predicate = func(selector *sql.Selector) {
@@ -56,19 +56,19 @@ func (_d *ApiKeyDelete) sqlExec(ctx context.Context) (int, error) {
 	return affected, err
 }

-// ApiKeyDeleteOne is the builder for deleting a single ApiKey entity.
-type ApiKeyDeleteOne struct {
-	_d *ApiKeyDelete
+// APIKeyDeleteOne is the builder for deleting a single APIKey entity.
+type APIKeyDeleteOne struct {
+	_d *APIKeyDelete
 }

-// Where appends a list predicates to the ApiKeyDelete builder.
-func (_d *ApiKeyDeleteOne) Where(ps ...predicate.ApiKey) *ApiKeyDeleteOne {
+// Where appends a list predicates to the APIKeyDelete builder.
+func (_d *APIKeyDeleteOne) Where(ps ...predicate.APIKey) *APIKeyDeleteOne {
 	_d._d.mutation.Where(ps...)
 	return _d
 }

 // Exec executes the deletion query.
-func (_d *ApiKeyDeleteOne) Exec(ctx context.Context) error {
+func (_d *APIKeyDeleteOne) Exec(ctx context.Context) error {
 	n, err := _d._d.Exec(ctx)
 	switch {
 	case err != nil:
@@ -81,7 +81,7 @@ func (_d *ApiKeyDeleteOne) Exec(ctx context.Context) error {
 }

 // ExecX is like Exec, but panics if an error occurs.
-func (_d *ApiKeyDeleteOne) ExecX(ctx context.Context) {
+func (_d *APIKeyDeleteOne) ExecX(ctx context.Context) {
 	if err := _d.Exec(ctx); err != nil {
 		panic(err)
 	}
--- a/backend/ent/apikey_query.go
+++ b/backend/ent/apikey_query.go
@@ -19,13 +19,13 @@ import (
 	"github.com/Wei-Shaw/sub2api/ent/user"
 )

-// ApiKeyQuery is the builder for querying ApiKey entities.
-type ApiKeyQuery struct {
+// APIKeyQuery is the builder for querying APIKey entities.
+type APIKeyQuery struct {
 	config
 	ctx           *QueryContext
 	order         []apikey.OrderOption
 	inters        []Interceptor
-	predicates    []predicate.ApiKey
+	predicates    []predicate.APIKey
 	withUser      *UserQuery
 	withGroup     *GroupQuery
 	withUsageLogs *UsageLogQuery
@@ -34,39 +34,39 @@ type ApiKeyQuery struct {
 	path func(context.Context) (*sql.Selector, error)
 }

-// Where adds a new predicate for the ApiKeyQuery builder.
-func (_q *ApiKeyQuery) Where(ps ...predicate.ApiKey) *ApiKeyQuery {
+// Where adds a new predicate for the APIKeyQuery builder.
+func (_q *APIKeyQuery) Where(ps ...predicate.APIKey) *APIKeyQuery {
 	_q.predicates = append(_q.predicates, ps...)
 	return _q
 }

 // Limit the number of records to be returned by this query.
-func (_q *ApiKeyQuery) Limit(limit int) *ApiKeyQuery {
+func (_q *APIKeyQuery) Limit(limit int) *APIKeyQuery {
 	_q.ctx.Limit = &limit
 	return _q
 }

 // Offset to start from.
-func (_q *ApiKeyQuery) Offset(offset int) *ApiKeyQuery {
+func (_q *APIKeyQuery) Offset(offset int) *APIKeyQuery {
 	_q.ctx.Offset = &offset
 	return _q
 }

 // Unique configures the query builder to filter duplicate records on query.
 // By default, unique is set to true, and can be disabled using this method.
-func (_q *ApiKeyQuery) Unique(unique bool) *ApiKeyQuery {
+func (_q *APIKeyQuery) Unique(unique bool) *APIKeyQuery {
 	_q.ctx.Unique = &unique
 	return _q
 }

 // Order specifies how the records should be ordered.
-func (_q *ApiKeyQuery) Order(o ...apikey.OrderOption) *ApiKeyQuery {
+func (_q *APIKeyQuery) Order(o ...apikey.OrderOption) *APIKeyQuery {
 	_q.order = append(_q.order, o...)
 	return _q
 }

 // QueryUser chains the current query on the "user" edge.
-func (_q *ApiKeyQuery) QueryUser() *UserQuery {
+func (_q *APIKeyQuery) QueryUser() *UserQuery {
 	query := (&UserClient{config: _q.config}).Query()
 	query.path = func(ctx context.Context) (fromU *sql.Selector, err error) {
 		if err := _q.prepareQuery(ctx); err != nil {
@@ -88,7 +88,7 @@ func (_q *ApiKeyQuery) QueryUser() *UserQuery {
 }

 // QueryGroup chains the current query on the "group" edge.
-func (_q *ApiKeyQuery) QueryGroup() *GroupQuery {
+func (_q *APIKeyQuery) QueryGroup() *GroupQuery {
 	query := (&GroupClient{config: _q.config}).Query()
 	query.path = func(ctx context.Context) (fromU *sql.Selector, err error) {
 		if err := _q.prepareQuery(ctx); err != nil {
@@ -110,7 +110,7 @@ func (_q *ApiKeyQuery) QueryGroup() *GroupQuery {
 }

 // QueryUsageLogs chains the current query on the "usage_logs" edge.
-func (_q *ApiKeyQuery) QueryUsageLogs() *UsageLogQuery {
+func (_q *APIKeyQuery) QueryUsageLogs() *UsageLogQuery {
 	query := (&UsageLogClient{config: _q.config}).Query()
 	query.path = func(ctx context.Context) (fromU *sql.Selector, err error) {
 		if err := _q.prepareQuery(ctx); err != nil {
@@ -131,9 +131,9 @@ func (_q *ApiKeyQuery) QueryUsageLogs() *UsageLogQuery {
 	return query
 }

-// First returns the first ApiKey entity from the query.
-// Returns a *NotFoundError when no ApiKey was found.
-func (_q *ApiKeyQuery) First(ctx context.Context) (*ApiKey, error) {
+// First returns the first APIKey entity from the query.
+// Returns a *NotFoundError when no APIKey was found.
+func (_q *APIKeyQuery) First(ctx context.Context) (*APIKey, error) {
 	nodes, err := _q.Limit(1).All(setContextOp(ctx, _q.ctx, ent.OpQueryFirst))
 	if err != nil {
 		return nil, err
@@ -145,7 +145,7 @@ func (_q *ApiKeyQuery) First(ctx context.Context) (*ApiKey, error) {
 }

 // FirstX is like First, but panics if an error occurs.
-func (_q *ApiKeyQuery) FirstX(ctx context.Context) *ApiKey {
+func (_q *APIKeyQuery) FirstX(ctx context.Context) *APIKey {
 	node, err := _q.First(ctx)
 	if err != nil && !IsNotFound(err) {
 		panic(err)
@@ -153,9 +153,9 @@ func (_q *ApiKeyQuery) FirstX(ctx context.Context) *ApiKey {
 	return node
 }

-// FirstID returns the first ApiKey ID from the query.
-// Returns a *NotFoundError when no ApiKey ID was found.
-func (_q *ApiKeyQuery) FirstID(ctx context.Context) (id int64, err error) {
+// FirstID returns the first APIKey ID from the query.
+// Returns a *NotFoundError when no APIKey ID was found.
+func (_q *APIKeyQuery) FirstID(ctx context.Context) (id int64, err error) {
 	var ids []int64
 	if ids, err = _q.Limit(1).IDs(setContextOp(ctx, _q.ctx, ent.OpQueryFirstID)); err != nil {
 		return
@@ -168,7 +168,7 @@ func (_q *ApiKeyQuery) FirstID(ctx context.Context) (id int64, err error) {
 }

 // FirstIDX is like FirstID, but panics if an error occurs.
-func (_q *ApiKeyQuery) FirstIDX(ctx context.Context) int64 {
+func (_q *APIKeyQuery) FirstIDX(ctx context.Context) int64 {
 	id, err := _q.FirstID(ctx)
 	if err != nil && !IsNotFound(err) {
 		panic(err)
@@ -176,10 +176,10 @@ func (_q *ApiKeyQuery) FirstIDX(ctx context.Context) int64 {
 	return id
 }

-// Only returns a single ApiKey entity found by the query, ensuring it only returns one.
-// Returns a *NotSingularError when more than one ApiKey entity is found.
-// Returns a *NotFoundError when no ApiKey entities are found.
-func (_q *ApiKeyQuery) Only(ctx context.Context) (*ApiKey, error) {
+// Only returns a single APIKey entity found by the query, ensuring it only returns one.
+// Returns a *NotSingularError when more than one APIKey entity is found.
+// Returns a *NotFoundError when no APIKey entities are found.
+func (_q *APIKeyQuery) Only(ctx context.Context) (*APIKey, error) {
 	nodes, err := _q.Limit(2).All(setContextOp(ctx, _q.ctx, ent.OpQueryOnly))
 	if err != nil {
 		return nil, err
@@ -195,7 +195,7 @@ func (_q *ApiKeyQuery) Only(ctx context.Context) (*ApiKey, error) {
 }

 // OnlyX is like Only, but panics if an error occurs.
-func (_q *ApiKeyQuery) OnlyX(ctx context.Context) *ApiKey {
+func (_q *APIKeyQuery) OnlyX(ctx context.Context) *APIKey {
 	node, err := _q.Only(ctx)
 	if err != nil {
 		panic(err)
@@ -203,10 +203,10 @@ func (_q *ApiKeyQuery) OnlyX(ctx context.Context) *ApiKey {
 	return node
 }

-// OnlyID is like Only, but returns the only ApiKey ID in the query.
-// Returns a *NotSingularError when more than one ApiKey ID is found.
+// OnlyID is like Only, but returns the only APIKey ID in the query.
+// Returns a *NotSingularError when more than one APIKey ID is found.
 // Returns a *NotFoundError when no entities are found.
-func (_q *ApiKeyQuery) OnlyID(ctx context.Context) (id int64, err error) {
+func (_q *APIKeyQuery) OnlyID(ctx context.Context) (id int64, err error) {
 	var ids []int64
 	if ids, err = _q.Limit(2).IDs(setContextOp(ctx, _q.ctx, ent.OpQueryOnlyID)); err != nil {
 		return
@@ -223,7 +223,7 @@ func (_q *ApiKeyQuery) OnlyID(ctx context.Context) (id int64, err error) {
 }

 // OnlyIDX is like OnlyID, but panics if an error occurs.
-func (_q *ApiKeyQuery) OnlyIDX(ctx context.Context) int64 {
+func (_q *APIKeyQuery) OnlyIDX(ctx context.Context) int64 {
 	id, err := _q.OnlyID(ctx)
 	if err != nil {
 		panic(err)
@@ -231,18 +231,18 @@ func (_q *ApiKeyQuery) OnlyIDX(ctx context.Context) int64 {
 	return id
 }

-// All executes the query and returns a list of ApiKeys.
-func (_q *ApiKeyQuery) All(ctx context.Context) ([]*ApiKey, error) {
+// All executes the query and returns a list of APIKeys.
+func (_q *APIKeyQuery) All(ctx context.Context) ([]*APIKey, error) {
 	ctx = setContextOp(ctx, _q.ctx, ent.OpQueryAll)
 	if err := _q.prepareQuery(ctx); err != nil {
 		return nil, err
 	}
-	qr := querierAll[[]*ApiKey, *ApiKeyQuery]()
-	return withInterceptors[[]*ApiKey](ctx, _q, qr, _q.inters)
+	qr := querierAll[[]*APIKey, *APIKeyQuery]()
+	return withInterceptors[[]*APIKey](ctx, _q, qr, _q.inters)
 }

 // AllX is like All, but panics if an error occurs.
-func (_q *ApiKeyQuery) AllX(ctx context.Context) []*ApiKey {
+func (_q *APIKeyQuery) AllX(ctx context.Context) []*APIKey {
 	nodes, err := _q.All(ctx)
 	if err != nil {
 		panic(err)
@@ -250,8 +250,8 @@ func (_q *ApiKeyQuery) AllX(ctx context.Context) []*ApiKey {
 	return nodes
 }

-// IDs executes the query and returns a list of ApiKey IDs.
-func (_q *ApiKeyQuery) IDs(ctx context.Context) (ids []int64, err error) {
+// IDs executes the query and returns a list of APIKey IDs.
+func (_q *APIKeyQuery) IDs(ctx context.Context) (ids []int64, err error) {
 	if _q.ctx.Unique == nil && _q.path != nil {
 		_q.Unique(true)
 	}
@@ -263,7 +263,7 @@ func (_q *ApiKeyQuery) IDs(ctx context.Context) (ids []int64, err error) {
 }

 // IDsX is like IDs, but panics if an error occurs.
-func (_q *ApiKeyQuery) IDsX(ctx context.Context) []int64 {
+func (_q *APIKeyQuery) IDsX(ctx context.Context) []int64 {
 	ids, err := _q.IDs(ctx)
 	if err != nil {
 		panic(err)
@@ -272,16 +272,16 @@ func (_q *ApiKeyQuery) IDsX(ctx context.Context) []int64 {
 }

 // Count returns the count of the given query.
-func (_q *ApiKeyQuery) Count(ctx context.Context) (int, error) {
+func (_q *APIKeyQuery) Count(ctx context.Context) (int, error) {
 	ctx = setContextOp(ctx, _q.ctx, ent.OpQueryCount)
 	if err := _q.prepareQuery(ctx); err != nil {
 		return 0, err
 	}
-	return withInterceptors[int](ctx, _q, querierCount[*ApiKeyQuery](), _q.inters)
+	return withInterceptors[int](ctx, _q, querierCount[*APIKeyQuery](), _q.inters)
 }

 // CountX is like Count, but panics if an error occurs.
-func (_q *ApiKeyQuery) CountX(ctx context.Context) int {
+func (_q *APIKeyQuery) CountX(ctx context.Context) int {
 	count, err := _q.Count(ctx)
 	if err != nil {
 		panic(err)
@@ -290,7 +290,7 @@ func (_q *ApiKeyQuery) CountX(ctx context.Context) int {
 }

 // Exist returns true if the query has elements in the graph.
-func (_q *ApiKeyQuery) Exist(ctx context.Context) (bool, error) {
+func (_q *APIKeyQuery) Exist(ctx context.Context) (bool, error) {
 	ctx = setContextOp(ctx, _q.ctx, ent.OpQueryExist)
 	switch _, err := _q.FirstID(ctx); {
 	case IsNotFound(err):
@@ -303,7 +303,7 @@ func (_q *ApiKeyQuery) Exist(ctx context.Context) (bool, error) {
 }

 // ExistX is like Exist, but panics if an error occurs.
-func (_q *ApiKeyQuery) ExistX(ctx context.Context) bool {
+func (_q *APIKeyQuery) ExistX(ctx context.Context) bool {
 	exist, err := _q.Exist(ctx)
 	if err != nil {
 		panic(err)
@@ -311,18 +311,18 @@ func (_q *ApiKeyQuery) ExistX(ctx context.Context) bool {
 	return exist
 }

-// Clone returns a duplicate of the ApiKeyQuery builder, including all associated steps. It can be
+// Clone returns a duplicate of the APIKeyQuery builder, including all associated steps. It can be
 // used to prepare common query builders and use them differently after the clone is made.
-func (_q *ApiKeyQuery) Clone() *ApiKeyQuery {
+func (_q *APIKeyQuery) Clone() *APIKeyQuery {
 	if _q == nil {
 		return nil
 	}
-	return &ApiKeyQuery{
+	return &APIKeyQuery{
 		config:        _q.config,
 		ctx:           _q.ctx.Clone(),
 		order:         append([]apikey.OrderOption{}, _q.order...),
 		inters:        append([]Interceptor{}, _q.inters...),
-		predicates:    append([]predicate.ApiKey{}, _q.predicates...),
+		predicates:    append([]predicate.APIKey{}, _q.predicates...),
 		withUser:      _q.withUser.Clone(),
 		withGroup:     _q.withGroup.Clone(),
 		withUsageLogs: _q.withUsageLogs.Clone(),
@@ -334,7 +334,7 @@ func (_q *ApiKeyQuery) Clone() *ApiKeyQuery {

 // WithUser tells the query-builder to eager-load the nodes that are connected to
 // the "user" edge. The optional arguments are used to configure the query builder of the edge.
-func (_q *ApiKeyQuery) WithUser(opts ...func(*UserQuery)) *ApiKeyQuery {
+func (_q *APIKeyQuery) WithUser(opts ...func(*UserQuery)) *APIKeyQuery {
 	query := (&UserClient{config: _q.config}).Query()
 	for _, opt := range opts {
 		opt(query)
@@ -345,7 +345,7 @@ func (_q *ApiKeyQuery) WithUser(opts ...func(*UserQuery)) *ApiKeyQuery {

 // WithGroup tells the query-builder to eager-load the nodes that are connected to
 // the "group" edge. The optional arguments are used to configure the query builder of the edge.
-func (_q *ApiKeyQuery) WithGroup(opts ...func(*GroupQuery)) *ApiKeyQuery {
+func (_q *APIKeyQuery) WithGroup(opts ...func(*GroupQuery)) *APIKeyQuery {
 	query := (&GroupClient{config: _q.config}).Query()
 	for _, opt := range opts {
 		opt(query)
@@ -356,7 +356,7 @@ func (_q *ApiKeyQuery) WithGroup(opts ...func(*GroupQuery)) *ApiKeyQuery {

 // WithUsageLogs tells the query-builder to eager-load the nodes that are connected to
 // the "usage_logs" edge. The optional arguments are used to configure the query builder of the edge.
-func (_q *ApiKeyQuery) WithUsageLogs(opts ...func(*UsageLogQuery)) *ApiKeyQuery {
+func (_q *APIKeyQuery) WithUsageLogs(opts ...func(*UsageLogQuery)) *APIKeyQuery {
 	query := (&UsageLogClient{config: _q.config}).Query()
 	for _, opt := range opts {
 		opt(query)
@@ -375,13 +375,13 @@ func (_q *ApiKeyQuery) WithUsageLogs(opts ...func(*UsageLogQuery)) *ApiKeyQuery
 //		Count int `json:"count,omitempty"`
 //	}
 //
-//	client.ApiKey.Query().
+//	client.APIKey.Query().
 //		GroupBy(apikey.FieldCreatedAt).
 //		Aggregate(ent.Count()).
 //		Scan(ctx, &v)
-func (_q *ApiKeyQuery) GroupBy(field string, fields ...string) *ApiKeyGroupBy {
+func (_q *APIKeyQuery) GroupBy(field string, fields ...string) *APIKeyGroupBy {
 	_q.ctx.Fields = append([]string{field}, fields...)
-	grbuild := &ApiKeyGroupBy{build: _q}
+	grbuild := &APIKeyGroupBy{build: _q}
 	grbuild.flds = &_q.ctx.Fields
 	grbuild.label = apikey.Label
 	grbuild.scan = grbuild.Scan
@@ -397,23 +397,23 @@ func (_q *ApiKeyQuery) GroupBy(field string, fields ...string) *ApiKeyGroupBy {
 //		CreatedAt time.Time `json:"created_at,omitempty"`
 //	}
 //
-//	client.ApiKey.Query().
+//	client.APIKey.Query().
 //		Select(apikey.FieldCreatedAt).
 //		Scan(ctx, &v)
-func (_q *ApiKeyQuery) Select(fields ...string) *ApiKeySelect {
+func (_q *APIKeyQuery) Select(fields ...string) *APIKeySelect {
 	_q.ctx.Fields = append(_q.ctx.Fields, fields...)
-	sbuild := &ApiKeySelect{ApiKeyQuery: _q}
+	sbuild := &APIKeySelect{APIKeyQuery: _q}
 	sbuild.label = apikey.Label
 	sbuild.flds, sbuild.scan = &_q.ctx.Fields, sbuild.Scan
 	return sbuild
 }

-// Aggregate returns a ApiKeySelect configured with the given aggregations.
-func (_q *ApiKeyQuery) Aggregate(fns ...AggregateFunc) *ApiKeySelect {
+// Aggregate returns a APIKeySelect configured with the given aggregations.
+func (_q *APIKeyQuery) Aggregate(fns ...AggregateFunc) *APIKeySelect {
 	return _q.Select().Aggregate(fns...)
 }

-func (_q *ApiKeyQuery) prepareQuery(ctx context.Context) error {
+func (_q *APIKeyQuery) prepareQuery(ctx context.Context) error {
 	for _, inter := range _q.inters {
 		if inter == nil {
 			return fmt.Errorf("ent: uninitialized interceptor (forgotten import ent/runtime?)")
@@ -439,9 +439,9 @@ func (_q *ApiKeyQuery) prepareQuery(ctx context.Context) error {
 	return nil
 }

-func (_q *ApiKeyQuery) sqlAll(ctx context.Context, hooks ...queryHook) ([]*ApiKey, error) {
+func (_q *APIKeyQuery) sqlAll(ctx context.Context, hooks ...queryHook) ([]*APIKey, error) {
 	var (
-		nodes       = []*ApiKey{}
+		nodes       = []*APIKey{}
 		_spec       = _q.querySpec()
 		loadedTypes = [3]bool{
 			_q.withUser != nil,
@@ -450,10 +450,10 @@ func (_q *ApiKeyQuery) sqlAll(ctx context.Context, hooks ...queryHook) ([]*ApiKe
 		}
 	)
 	_spec.ScanValues = func(columns []string) ([]any, error) {
-		return (*ApiKey).scanValues(nil, columns)
+		return (*APIKey).scanValues(nil, columns)
 	}
 	_spec.Assign = func(columns []string, values []any) error {
-		node := &ApiKey{config: _q.config}
+		node := &APIKey{config: _q.config}
 		nodes = append(nodes, node)
 		node.Edges.loadedTypes = loadedTypes
 		return node.assignValues(columns, values)
@@ -469,29 +469,29 @@ func (_q *ApiKeyQuery) sqlAll(ctx context.Context, hooks ...queryHook) ([]*ApiKe
 	}
 	if query := _q.withUser; query != nil {
 		if err := _q.loadUser(ctx, query, nodes, nil,
-			func(n *ApiKey, e *User) { n.Edges.User = e }); err != nil {
+			func(n *APIKey, e *User) { n.Edges.User = e }); err != nil {
 			return nil, err
 		}
 	}
 	if query := _q.withGroup; query != nil {
 		if err := _q.loadGroup(ctx, query, nodes, nil,
-			func(n *ApiKey, e *Group) { n.Edges.Group = e }); err != nil {
+			func(n *APIKey, e *Group) { n.Edges.Group = e }); err != nil {
 			return nil, err
 		}
 	}
 	if query := _q.withUsageLogs; query != nil {
 		if err := _q.loadUsageLogs(ctx, query, nodes,
-			func(n *ApiKey) { n.Edges.UsageLogs = []*UsageLog{} },
-			func(n *ApiKey, e *UsageLog) { n.Edges.UsageLogs = append(n.Edges.UsageLogs, e) }); err != nil {
+			func(n *APIKey) { n.Edges.UsageLogs = []*UsageLog{} },
+			func(n *APIKey, e *UsageLog) { n.Edges.UsageLogs = append(n.Edges.UsageLogs, e) }); err != nil {
 			return nil, err
 		}
 	}
 	return nodes, nil
 }

-func (_q *ApiKeyQuery) loadUser(ctx context.Context, query *UserQuery, nodes []*ApiKey, init func(*ApiKey), assign func(*ApiKey, *User)) error {
+func (_q *APIKeyQuery) loadUser(ctx context.Context, query *UserQuery, nodes []*APIKey, init func(*APIKey), assign func(*APIKey, *User)) error {
 	ids := make([]int64, 0, len(nodes))
-	nodeids := make(map[int64][]*ApiKey)
+	nodeids := make(map[int64][]*APIKey)
 	for i := range nodes {
 		fk := nodes[i].UserID
 		if _, ok := nodeids[fk]; !ok {
@@ -518,9 +518,9 @@ func (_q *ApiKeyQuery) loadUser(ctx context.Context, query *UserQuery, nodes []*
 	}
 	return nil
 }
-func (_q *ApiKeyQuery) loadGroup(ctx context.Context, query *GroupQuery, nodes []*ApiKey, init func(*ApiKey), assign func(*ApiKey, *Group)) error {
+func (_q *APIKeyQuery) loadGroup(ctx context.Context, query *GroupQuery, nodes []*APIKey, init func(*APIKey), assign func(*APIKey, *Group)) error {
 	ids := make([]int64, 0, len(nodes))
-	nodeids := make(map[int64][]*ApiKey)
+	nodeids := make(map[int64][]*APIKey)
 	for i := range nodes {
 		if nodes[i].GroupID == nil {
 			continue
@@ -550,9 +550,9 @@ func (_q *ApiKeyQuery) loadGroup(ctx context.Context, query *GroupQuery, nodes [
 	}
 	return nil
 }
-func (_q *ApiKeyQuery) loadUsageLogs(ctx context.Context, query *UsageLogQuery, nodes []*ApiKey, init func(*ApiKey), assign func(*ApiKey, *UsageLog)) error {
+func (_q *APIKeyQuery) loadUsageLogs(ctx context.Context, query *UsageLogQuery, nodes []*APIKey, init func(*APIKey), assign func(*APIKey, *UsageLog)) error {
 	fks := make([]driver.Value, 0, len(nodes))
-	nodeids := make(map[int64]*ApiKey)
+	nodeids := make(map[int64]*APIKey)
 	for i := range nodes {
 		fks = append(fks, nodes[i].ID)
 		nodeids[nodes[i].ID] = nodes[i]
@@ -581,7 +581,7 @@ func (_q *ApiKeyQuery) loadUsageLogs(ctx context.Context, query *UsageLogQuery,
 	return nil
 }

-func (_q *ApiKeyQuery) sqlCount(ctx context.Context) (int, error) {
+func (_q *APIKeyQuery) sqlCount(ctx context.Context) (int, error) {
 	_spec := _q.querySpec()
 	_spec.Node.Columns = _q.ctx.Fields
 	if len(_q.ctx.Fields) > 0 {
@@ -590,7 +590,7 @@ func (_q *ApiKeyQuery) sqlCount(ctx context.Context) (int, error) {
 	return sqlgraph.CountNodes(ctx, _q.driver, _spec)
 }

-func (_q *ApiKeyQuery) querySpec() *sqlgraph.QuerySpec {
+func (_q *APIKeyQuery) querySpec() *sqlgraph.QuerySpec {
 	_spec := sqlgraph.NewQuerySpec(apikey.Table, apikey.Columns, sqlgraph.NewFieldSpec(apikey.FieldID, field.TypeInt64))
 	_spec.From = _q.sql
 	if unique := _q.ctx.Unique; unique != nil {
@@ -636,7 +636,7 @@ func (_q *ApiKeyQuery) querySpec() *sqlgraph.QuerySpec {
 	return _spec
 }

-func (_q *ApiKeyQuery) sqlQuery(ctx context.Context) *sql.Selector {
+func (_q *APIKeyQuery) sqlQuery(ctx context.Context) *sql.Selector {
 	builder := sql.Dialect(_q.driver.Dialect())
 	t1 := builder.Table(apikey.Table)
 	columns := _q.ctx.Fields
@@ -668,28 +668,28 @@ func (_q *ApiKeyQuery) sqlQuery(ctx context.Context) *sql.Selector {
 	return selector
 }

-// ApiKeyGroupBy is the group-by builder for ApiKey entities.
-type ApiKeyGroupBy struct {
+// APIKeyGroupBy is the group-by builder for APIKey entities.
+type APIKeyGroupBy struct {
 	selector
-	build *ApiKeyQuery
+	build *APIKeyQuery
 }

 // Aggregate adds the given aggregation functions to the group-by query.
-func (_g *ApiKeyGroupBy) Aggregate(fns ...AggregateFunc) *ApiKeyGroupBy {
+func (_g *APIKeyGroupBy) Aggregate(fns ...AggregateFunc) *APIKeyGroupBy {
 	_g.fns = append(_g.fns, fns...)
 	return _g
 }

 // Scan applies the selector query and scans the result into the given value.
-func (_g *ApiKeyGroupBy) Scan(ctx context.Context, v any) error {
+func (_g *APIKeyGroupBy) Scan(ctx context.Context, v any) error {
 	ctx = setContextOp(ctx, _g.build.ctx, ent.OpQueryGroupBy)
 	if err := _g.build.prepareQuery(ctx); err != nil {
 		return err
 	}
-	return scanWithInterceptors[*ApiKeyQuery, *ApiKeyGroupBy](ctx, _g.build, _g, _g.build.inters, v)
+	return scanWithInterceptors[*APIKeyQuery, *APIKeyGroupBy](ctx, _g.build, _g, _g.build.inters, v)
 }

-func (_g *ApiKeyGroupBy) sqlScan(ctx context.Context, root *ApiKeyQuery, v any) error {
+func (_g *APIKeyGroupBy) sqlScan(ctx context.Context, root *APIKeyQuery, v any) error {
 	selector := root.sqlQuery(ctx).Select()
 	aggregation := make([]string, 0, len(_g.fns))
 	for _, fn := range _g.fns {
@@ -716,28 +716,28 @@ func (_g *ApiKeyGroupBy) sqlScan(ctx context.Context, root *ApiKeyQuery, v any)
 	return sql.ScanSlice(rows, v)
 }

-// ApiKeySelect is the builder for selecting fields of ApiKey entities.
-type ApiKeySelect struct {
-	*ApiKeyQuery
+// APIKeySelect is the builder for selecting fields of APIKey entities.
+type APIKeySelect struct {
+	*APIKeyQuery
 	selector
 }

 // Aggregate adds the given aggregation functions to the selector query.
-func (_s *ApiKeySelect) Aggregate(fns ...AggregateFunc) *ApiKeySelect {
+func (_s *APIKeySelect) Aggregate(fns ...AggregateFunc) *APIKeySelect {
 	_s.fns = append(_s.fns, fns...)
 	return _s
 }

 // Scan applies the selector query and scans the result into the given value.
-func (_s *ApiKeySelect) Scan(ctx context.Context, v any) error {
+func (_s *APIKeySelect) Scan(ctx context.Context, v any) error {
 	ctx = setContextOp(ctx, _s.ctx, ent.OpQuerySelect)
 	if err := _s.prepareQuery(ctx); err != nil {
 		return err
 	}
-	return scanWithInterceptors[*ApiKeyQuery, *ApiKeySelect](ctx, _s.ApiKeyQuery, _s, _s.inters, v)
+	return scanWithInterceptors[*APIKeyQuery, *APIKeySelect](ctx, _s.APIKeyQuery, _s, _s.inters, v)
 }

-func (_s *ApiKeySelect) sqlScan(ctx context.Context, root *ApiKeyQuery, v any) error {
+func (_s *APIKeySelect) sqlScan(ctx context.Context, root *APIKeyQuery, v any) error {
 	selector := root.sqlQuery(ctx)
 	aggregation := make([]string, 0, len(_s.fns))
 	for _, fn := range _s.fns {
--- a/backend/ent/apikey_update.go
+++ b/backend/ent/apikey_update.go
@@ -18,33 +18,33 @@ import (
 	"github.com/Wei-Shaw/sub2api/ent/user"
 )

-// ApiKeyUpdate is the builder for updating ApiKey entities.
-type ApiKeyUpdate struct {
+// APIKeyUpdate is the builder for updating APIKey entities.
+type APIKeyUpdate struct {
 	config
 	hooks    []Hook
-	mutation *ApiKeyMutation
+	mutation *APIKeyMutation
 }

-// Where appends a list predicates to the ApiKeyUpdate builder.
-func (_u *ApiKeyUpdate) Where(ps ...predicate.ApiKey) *ApiKeyUpdate {
+// Where appends a list predicates to the APIKeyUpdate builder.
+func (_u *APIKeyUpdate) Where(ps ...predicate.APIKey) *APIKeyUpdate {
 	_u.mutation.Where(ps...)
 	return _u
 }

 // SetUpdatedAt sets the "updated_at" field.
-func (_u *ApiKeyUpdate) SetUpdatedAt(v time.Time) *ApiKeyUpdate {
+func (_u *APIKeyUpdate) SetUpdatedAt(v time.Time) *APIKeyUpdate {
 	_u.mutation.SetUpdatedAt(v)
 	return _u
 }

 // SetDeletedAt sets the "deleted_at" field.
-func (_u *ApiKeyUpdate) SetDeletedAt(v time.Time) *ApiKeyUpdate {
+func (_u *APIKeyUpdate) SetDeletedAt(v time.Time) *APIKeyUpdate {
 	_u.mutation.SetDeletedAt(v)
 	return _u
 }

 // SetNillableDeletedAt sets the "deleted_at" field if the given value is not nil.
-func (_u *ApiKeyUpdate) SetNillableDeletedAt(v *time.Time) *ApiKeyUpdate {
+func (_u *APIKeyUpdate) SetNillableDeletedAt(v *time.Time) *APIKeyUpdate {
 	if v != nil {
 		_u.SetDeletedAt(*v)
 	}
@@ -52,19 +52,19 @@ func (_u *ApiKeyUpdate) SetNillableDeletedAt(v *time.Time) *ApiKeyUpdate {
 }

 // ClearDeletedAt clears the value of the "deleted_at" field.
-func (_u *ApiKeyUpdate) ClearDeletedAt() *ApiKeyUpdate {
+func (_u *APIKeyUpdate) ClearDeletedAt() *APIKeyUpdate {
 	_u.mutation.ClearDeletedAt()
 	return _u
 }

 // SetUserID sets the "user_id" field.
-func (_u *ApiKeyUpdate) SetUserID(v int64) *ApiKeyUpdate {
+func (_u *APIKeyUpdate) SetUserID(v int64) *APIKeyUpdate {
 	_u.mutation.SetUserID(v)
 	return _u
 }

 // SetNillableUserID sets the "user_id" field if the given value is not nil.
-func (_u *ApiKeyUpdate) SetNillableUserID(v *int64) *ApiKeyUpdate {
+func (_u *APIKeyUpdate) SetNillableUserID(v *int64) *APIKeyUpdate {
 	if v != nil {
 		_u.SetUserID(*v)
 	}
@@ -72,13 +72,13 @@ func (_u *ApiKeyUpdate) SetNillableUserID(v *int64) *ApiKeyUpdate {
 }

 // SetKey sets the "key" field.
-func (_u *ApiKeyUpdate) SetKey(v string) *ApiKeyUpdate {
+func (_u *APIKeyUpdate) SetKey(v string) *APIKeyUpdate {
 	_u.mutation.SetKey(v)
 	return _u
 }

 // SetNillableKey sets the "key" field if the given value is not nil.
-func (_u *ApiKeyUpdate) SetNillableKey(v *string) *ApiKeyUpdate {
+func (_u *APIKeyUpdate) SetNillableKey(v *string) *APIKeyUpdate {
 	if v != nil {
 		_u.SetKey(*v)
 	}
@@ -86,13 +86,13 @@ func (_u *ApiKeyUpdate) SetNillableKey(v *string) *ApiKeyUpdate {
 }

 // SetName sets the "name" field.
-func (_u *ApiKeyUpdate) SetName(v string) *ApiKeyUpdate {
+func (_u *APIKeyUpdate) SetName(v string) *APIKeyUpdate {
 	_u.mutation.SetName(v)
 	return _u
 }

 // SetNillableName sets the "name" field if the given value is not nil.
-func (_u *ApiKeyUpdate) SetNillableName(v *string) *ApiKeyUpdate {
+func (_u *APIKeyUpdate) SetNillableName(v *string) *APIKeyUpdate {
 	if v != nil {
 		_u.SetName(*v)
 	}
@@ -100,13 +100,13 @@ func (_u *ApiKeyUpdate) SetNillableName(v *string) *ApiKeyUpdate {
 }

 // SetGroupID sets the "group_id" field.
-func (_u *ApiKeyUpdate) SetGroupID(v int64) *ApiKeyUpdate {
+func (_u *APIKeyUpdate) SetGroupID(v int64) *APIKeyUpdate {
 	_u.mutation.SetGroupID(v)
 	return _u
 }

 // SetNillableGroupID sets the "group_id" field if the given value is not nil.
-func (_u *ApiKeyUpdate) SetNillableGroupID(v *int64) *ApiKeyUpdate {
+func (_u *APIKeyUpdate) SetNillableGroupID(v *int64) *APIKeyUpdate {
 	if v != nil {
 		_u.SetGroupID(*v)
 	}
@@ -114,19 +114,19 @@ func (_u *ApiKeyUpdate) SetNillableGroupID(v *int64) *ApiKeyUpdate {
 }

 // ClearGroupID clears the value of the "group_id" field.
-func (_u *ApiKeyUpdate) ClearGroupID() *ApiKeyUpdate {
+func (_u *APIKeyUpdate) ClearGroupID() *APIKeyUpdate {
 	_u.mutation.ClearGroupID()
 	return _u
 }

 // SetStatus sets the "status" field.
-func (_u *ApiKeyUpdate) SetStatus(v string) *ApiKeyUpdate {
+func (_u *APIKeyUpdate) SetStatus(v string) *APIKeyUpdate {
 	_u.mutation.SetStatus(v)
 	return _u
 }

 // SetNillableStatus sets the "status" field if the given value is not nil.
-func (_u *ApiKeyUpdate) SetNillableStatus(v *string) *ApiKeyUpdate {
+func (_u *APIKeyUpdate) SetNillableStatus(v *string) *APIKeyUpdate {
 	if v != nil {
 		_u.SetStatus(*v)
 	}
@@ -134,23 +134,23 @@ func (_u *ApiKeyUpdate) SetNillableStatus(v *string) *ApiKeyUpdate {
 }

 // SetUser sets the "user" edge to the User entity.
-func (_u *ApiKeyUpdate) SetUser(v *User) *ApiKeyUpdate {
+func (_u *APIKeyUpdate) SetUser(v *User) *APIKeyUpdate {
 	return _u.SetUserID(v.ID)
 }

 // SetGroup sets the "group" edge to the Group entity.
-func (_u *ApiKeyUpdate) SetGroup(v *Group) *ApiKeyUpdate {
+func (_u *APIKeyUpdate) SetGroup(v *Group) *APIKeyUpdate {
 	return _u.SetGroupID(v.ID)
 }

 // AddUsageLogIDs adds the "usage_logs" edge to the UsageLog entity by IDs.
-func (_u *ApiKeyUpdate) AddUsageLogIDs(ids ...int64) *ApiKeyUpdate {
+func (_u *APIKeyUpdate) AddUsageLogIDs(ids ...int64) *APIKeyUpdate {
 	_u.mutation.AddUsageLogIDs(ids...)
 	return _u
 }

 // AddUsageLogs adds the "usage_logs" edges to the UsageLog entity.
-func (_u *ApiKeyUpdate) AddUsageLogs(v ...*UsageLog) *ApiKeyUpdate {
+func (_u *APIKeyUpdate) AddUsageLogs(v ...*UsageLog) *APIKeyUpdate {
 	ids := make([]int64, len(v))
 	for i := range v {
 		ids[i] = v[i].ID
@@ -158,37 +158,37 @@ func (_u *ApiKeyUpdate) AddUsageLogs(v ...*UsageLog) *ApiKeyUpdate {
 	return _u.AddUsageLogIDs(ids...)
 }

-// Mutation returns the ApiKeyMutation object of the builder.
-func (_u *ApiKeyUpdate) Mutation() *ApiKeyMutation {
+// Mutation returns the APIKeyMutation object of the builder.
+func (_u *APIKeyUpdate) Mutation() *APIKeyMutation {
 	return _u.mutation
 }

 // ClearUser clears the "user" edge to the User entity.
-func (_u *ApiKeyUpdate) ClearUser() *ApiKeyUpdate {
+func (_u *APIKeyUpdate) ClearUser() *APIKeyUpdate {
 	_u.mutation.ClearUser()
 	return _u
 }

 // ClearGroup clears the "group" edge to the Group entity.
-func (_u *ApiKeyUpdate) ClearGroup() *ApiKeyUpdate {
+func (_u *APIKeyUpdate) ClearGroup() *APIKeyUpdate {
 	_u.mutation.ClearGroup()
 	return _u
 }

 // ClearUsageLogs clears all "usage_logs" edges to the UsageLog entity.
-func (_u *ApiKeyUpdate) ClearUsageLogs() *ApiKeyUpdate {
+func (_u *APIKeyUpdate) ClearUsageLogs() *APIKeyUpdate {
 	_u.mutation.ClearUsageLogs()
 	return _u
 }

 // RemoveUsageLogIDs removes the "usage_logs" edge to UsageLog entities by IDs.
-func (_u *ApiKeyUpdate) RemoveUsageLogIDs(ids ...int64) *ApiKeyUpdate {
+func (_u *APIKeyUpdate) RemoveUsageLogIDs(ids ...int64) *APIKeyUpdate {
 	_u.mutation.RemoveUsageLogIDs(ids...)
 	return _u
 }

 // RemoveUsageLogs removes "usage_logs" edges to UsageLog entities.
-func (_u *ApiKeyUpdate) RemoveUsageLogs(v ...*UsageLog) *ApiKeyUpdate {
+func (_u *APIKeyUpdate) RemoveUsageLogs(v ...*UsageLog) *APIKeyUpdate {
 	ids := make([]int64, len(v))
 	for i := range v {
 		ids[i] = v[i].ID
@@ -197,7 +197,7 @@ func (_u *ApiKeyUpdate) RemoveUsageLogs(v ...*UsageLog) *ApiKeyUpdate {
 }

 // Save executes the query and returns the number of nodes affected by the update operation.
-func (_u *ApiKeyUpdate) Save(ctx context.Context) (int, error) {
+func (_u *APIKeyUpdate) Save(ctx context.Context) (int, error) {
 	if err := _u.defaults(); err != nil {
 		return 0, err
 	}
@@ -205,7 +205,7 @@ func (_u *ApiKeyUpdate) Save(ctx context.Context) (int, error) {
 }

 // SaveX is like Save, but panics if an error occurs.
-func (_u *ApiKeyUpdate) SaveX(ctx context.Context) int {
+func (_u *APIKeyUpdate) SaveX(ctx context.Context) int {
 	affected, err := _u.Save(ctx)
 	if err != nil {
 		panic(err)
@@ -214,20 +214,20 @@ func (_u *ApiKeyUpdate) SaveX(ctx context.Context) int {
 }

 // Exec executes the query.
-func (_u *ApiKeyUpdate) Exec(ctx context.Context) error {
+func (_u *APIKeyUpdate) Exec(ctx context.Context) error {
 	_, err := _u.Save(ctx)
 	return err
 }

 // ExecX is like Exec, but panics if an error occurs.
-func (_u *ApiKeyUpdate) ExecX(ctx context.Context) {
+func (_u *APIKeyUpdate) ExecX(ctx context.Context) {
 	if err := _u.Exec(ctx); err != nil {
 		panic(err)
 	}
 }

 // defaults sets the default values of the builder before save.
-func (_u *ApiKeyUpdate) defaults() error {
+func (_u *APIKeyUpdate) defaults() error {
 	if _, ok := _u.mutation.UpdatedAt(); !ok {
 		if apikey.UpdateDefaultUpdatedAt == nil {
 			return fmt.Errorf("ent: uninitialized apikey.UpdateDefaultUpdatedAt (forgotten import ent/runtime?)")
@@ -239,29 +239,29 @@ func (_u *ApiKeyUpdate) defaults() error {
 }

 // check runs all checks and user-defined validators on the builder.
-func (_u *ApiKeyUpdate) check() error {
+func (_u *APIKeyUpdate) check() error {
 	if v, ok := _u.mutation.Key(); ok {
 		if err := apikey.KeyValidator(v); err != nil {
-			return &ValidationError{Name: "key", err: fmt.Errorf(`ent: validator failed for field "ApiKey.key": %w`, err)}
+			return &ValidationError{Name: "key", err: fmt.Errorf(`ent: validator failed for field "APIKey.key": %w`, err)}
 		}
 	}
 	if v, ok := _u.mutation.Name(); ok {
 		if err := apikey.NameValidator(v); err != nil {
-			return &ValidationError{Name: "name", err: fmt.Errorf(`ent: validator failed for field "ApiKey.name": %w`, err)}
+			return &ValidationError{Name: "name", err: fmt.Errorf(`ent: validator failed for field "APIKey.name": %w`, err)}
 		}
 	}
 	if v, ok := _u.mutation.Status(); ok {
 		if err := apikey.StatusValidator(v); err != nil {
-			return &ValidationError{Name: "status", err: fmt.Errorf(`ent: validator failed for field "ApiKey.status": %w`, err)}
+			return &ValidationError{Name: "status", err: fmt.Errorf(`ent: validator failed for field "APIKey.status": %w`, err)}
 		}
 	}
 	if _u.mutation.UserCleared() && len(_u.mutation.UserIDs()) > 0 {
-		return errors.New(`ent: clearing a required unique edge "ApiKey.user"`)
+		return errors.New(`ent: clearing a required unique edge "APIKey.user"`)
 	}
 	return nil
 }

-func (_u *ApiKeyUpdate) sqlSave(ctx context.Context) (_node int, err error) {
+func (_u *APIKeyUpdate) sqlSave(ctx context.Context) (_node int, err error) {
 	if err := _u.check(); err != nil {
 		return _node, err
 	}
@@ -406,28 +406,28 @@ func (_u *ApiKeyUpdate) sqlSave(ctx context.Context) (_node int, err error) {
 	return _node, nil
 }

-// ApiKeyUpdateOne is the builder for updating a single ApiKey entity.
-type ApiKeyUpdateOne struct {
+// APIKeyUpdateOne is the builder for updating a single APIKey entity.
+type APIKeyUpdateOne struct {
 	config
 	fields   []string
 	hooks    []Hook
-	mutation *ApiKeyMutation
+	mutation *APIKeyMutation
 }

 // SetUpdatedAt sets the "updated_at" field.
-func (_u *ApiKeyUpdateOne) SetUpdatedAt(v time.Time) *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) SetUpdatedAt(v time.Time) *APIKeyUpdateOne {
 	_u.mutation.SetUpdatedAt(v)
 	return _u
 }

 // SetDeletedAt sets the "deleted_at" field.
-func (_u *ApiKeyUpdateOne) SetDeletedAt(v time.Time) *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) SetDeletedAt(v time.Time) *APIKeyUpdateOne {
 	_u.mutation.SetDeletedAt(v)
 	return _u
 }

 // SetNillableDeletedAt sets the "deleted_at" field if the given value is not nil.
-func (_u *ApiKeyUpdateOne) SetNillableDeletedAt(v *time.Time) *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) SetNillableDeletedAt(v *time.Time) *APIKeyUpdateOne {
 	if v != nil {
 		_u.SetDeletedAt(*v)
 	}
@@ -435,19 +435,19 @@ func (_u *ApiKeyUpdateOne) SetNillableDeletedAt(v *time.Time) *ApiKeyUpdateOne {
 }

 // ClearDeletedAt clears the value of the "deleted_at" field.
-func (_u *ApiKeyUpdateOne) ClearDeletedAt() *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) ClearDeletedAt() *APIKeyUpdateOne {
 	_u.mutation.ClearDeletedAt()
 	return _u
 }

 // SetUserID sets the "user_id" field.
-func (_u *ApiKeyUpdateOne) SetUserID(v int64) *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) SetUserID(v int64) *APIKeyUpdateOne {
 	_u.mutation.SetUserID(v)
 	return _u
 }

 // SetNillableUserID sets the "user_id" field if the given value is not nil.
-func (_u *ApiKeyUpdateOne) SetNillableUserID(v *int64) *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) SetNillableUserID(v *int64) *APIKeyUpdateOne {
 	if v != nil {
 		_u.SetUserID(*v)
 	}
@@ -455,13 +455,13 @@ func (_u *ApiKeyUpdateOne) SetNillableUserID(v *int64) *ApiKeyUpdateOne {
 }

 // SetKey sets the "key" field.
-func (_u *ApiKeyUpdateOne) SetKey(v string) *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) SetKey(v string) *APIKeyUpdateOne {
 	_u.mutation.SetKey(v)
 	return _u
 }

 // SetNillableKey sets the "key" field if the given value is not nil.
-func (_u *ApiKeyUpdateOne) SetNillableKey(v *string) *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) SetNillableKey(v *string) *APIKeyUpdateOne {
 	if v != nil {
 		_u.SetKey(*v)
 	}
@@ -469,13 +469,13 @@ func (_u *ApiKeyUpdateOne) SetNillableKey(v *string) *ApiKeyUpdateOne {
 }

 // SetName sets the "name" field.
-func (_u *ApiKeyUpdateOne) SetName(v string) *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) SetName(v string) *APIKeyUpdateOne {
 	_u.mutation.SetName(v)
 	return _u
 }

 // SetNillableName sets the "name" field if the given value is not nil.
-func (_u *ApiKeyUpdateOne) SetNillableName(v *string) *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) SetNillableName(v *string) *APIKeyUpdateOne {
 	if v != nil {
 		_u.SetName(*v)
 	}
@@ -483,13 +483,13 @@ func (_u *ApiKeyUpdateOne) SetNillableName(v *string) *ApiKeyUpdateOne {
 }

 // SetGroupID sets the "group_id" field.
-func (_u *ApiKeyUpdateOne) SetGroupID(v int64) *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) SetGroupID(v int64) *APIKeyUpdateOne {
 	_u.mutation.SetGroupID(v)
 	return _u
 }

 // SetNillableGroupID sets the "group_id" field if the given value is not nil.
-func (_u *ApiKeyUpdateOne) SetNillableGroupID(v *int64) *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) SetNillableGroupID(v *int64) *APIKeyUpdateOne {
 	if v != nil {
 		_u.SetGroupID(*v)
 	}
@@ -497,19 +497,19 @@ func (_u *ApiKeyUpdateOne) SetNillableGroupID(v *int64) *ApiKeyUpdateOne {
 }

 // ClearGroupID clears the value of the "group_id" field.
-func (_u *ApiKeyUpdateOne) ClearGroupID() *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) ClearGroupID() *APIKeyUpdateOne {
 	_u.mutation.ClearGroupID()
 	return _u
 }

 // SetStatus sets the "status" field.
-func (_u *ApiKeyUpdateOne) SetStatus(v string) *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) SetStatus(v string) *APIKeyUpdateOne {
 	_u.mutation.SetStatus(v)
 	return _u
 }

 // SetNillableStatus sets the "status" field if the given value is not nil.
-func (_u *ApiKeyUpdateOne) SetNillableStatus(v *string) *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) SetNillableStatus(v *string) *APIKeyUpdateOne {
 	if v != nil {
 		_u.SetStatus(*v)
 	}
@@ -517,23 +517,23 @@ func (_u *ApiKeyUpdateOne) SetNillableStatus(v *string) *ApiKeyUpdateOne {
 }

 // SetUser sets the "user" edge to the User entity.
-func (_u *ApiKeyUpdateOne) SetUser(v *User) *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) SetUser(v *User) *APIKeyUpdateOne {
 	return _u.SetUserID(v.ID)
 }

 // SetGroup sets the "group" edge to the Group entity.
-func (_u *ApiKeyUpdateOne) SetGroup(v *Group) *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) SetGroup(v *Group) *APIKeyUpdateOne {
 	return _u.SetGroupID(v.ID)
 }

 // AddUsageLogIDs adds the "usage_logs" edge to the UsageLog entity by IDs.
-func (_u *ApiKeyUpdateOne) AddUsageLogIDs(ids ...int64) *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) AddUsageLogIDs(ids ...int64) *APIKeyUpdateOne {
 	_u.mutation.AddUsageLogIDs(ids...)
 	return _u
 }

 // AddUsageLogs adds the "usage_logs" edges to the UsageLog entity.
-func (_u *ApiKeyUpdateOne) AddUsageLogs(v ...*UsageLog) *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) AddUsageLogs(v ...*UsageLog) *APIKeyUpdateOne {
 	ids := make([]int64, len(v))
 	for i := range v {
 		ids[i] = v[i].ID
@@ -541,37 +541,37 @@ func (_u *ApiKeyUpdateOne) AddUsageLogs(v ...*UsageLog) *ApiKeyUpdateOne {
 	return _u.AddUsageLogIDs(ids...)
 }

-// Mutation returns the ApiKeyMutation object of the builder.
-func (_u *ApiKeyUpdateOne) Mutation() *ApiKeyMutation {
+// Mutation returns the APIKeyMutation object of the builder.
+func (_u *APIKeyUpdateOne) Mutation() *APIKeyMutation {
 	return _u.mutation
 }

 // ClearUser clears the "user" edge to the User entity.
-func (_u *ApiKeyUpdateOne) ClearUser() *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) ClearUser() *APIKeyUpdateOne {
 	_u.mutation.ClearUser()
 	return _u
 }

 // ClearGroup clears the "group" edge to the Group entity.
-func (_u *ApiKeyUpdateOne) ClearGroup() *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) ClearGroup() *APIKeyUpdateOne {
 	_u.mutation.ClearGroup()
 	return _u
 }

 // ClearUsageLogs clears all "usage_logs" edges to the UsageLog entity.
-func (_u *ApiKeyUpdateOne) ClearUsageLogs() *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) ClearUsageLogs() *APIKeyUpdateOne {
 	_u.mutation.ClearUsageLogs()
 	return _u
 }

 // RemoveUsageLogIDs removes the "usage_logs" edge to UsageLog entities by IDs.
-func (_u *ApiKeyUpdateOne) RemoveUsageLogIDs(ids ...int64) *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) RemoveUsageLogIDs(ids ...int64) *APIKeyUpdateOne {
 	_u.mutation.RemoveUsageLogIDs(ids...)
 	return _u
 }

 // RemoveUsageLogs removes "usage_logs" edges to UsageLog entities.
-func (_u *ApiKeyUpdateOne) RemoveUsageLogs(v ...*UsageLog) *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) RemoveUsageLogs(v ...*UsageLog) *APIKeyUpdateOne {
 	ids := make([]int64, len(v))
 	for i := range v {
 		ids[i] = v[i].ID
@@ -579,21 +579,21 @@ func (_u *ApiKeyUpdateOne) RemoveUsageLogs(v ...*UsageLog) *ApiKeyUpdateOne {
 	return _u.RemoveUsageLogIDs(ids...)
 }

-// Where appends a list predicates to the ApiKeyUpdate builder.
-func (_u *ApiKeyUpdateOne) Where(ps ...predicate.ApiKey) *ApiKeyUpdateOne {
+// Where appends a list predicates to the APIKeyUpdate builder.
+func (_u *APIKeyUpdateOne) Where(ps ...predicate.APIKey) *APIKeyUpdateOne {
 	_u.mutation.Where(ps...)
 	return _u
 }

 // Select allows selecting one or more fields (columns) of the returned entity.
 // The default is selecting all fields defined in the entity schema.
-func (_u *ApiKeyUpdateOne) Select(field string, fields ...string) *ApiKeyUpdateOne {
+func (_u *APIKeyUpdateOne) Select(field string, fields ...string) *APIKeyUpdateOne {
 	_u.fields = append([]string{field}, fields...)
 	return _u
 }

-// Save executes the query and returns the updated ApiKey entity.
-func (_u *ApiKeyUpdateOne) Save(ctx context.Context) (*ApiKey, error) {
+// Save executes the query and returns the updated APIKey entity.
+func (_u *APIKeyUpdateOne) Save(ctx context.Context) (*APIKey, error) {
 	if err := _u.defaults(); err != nil {
 		return nil, err
 	}
@@ -601,7 +601,7 @@ func (_u *ApiKeyUpdateOne) Save(ctx context.Context) (*ApiKey, error) {
 }

 // SaveX is like Save, but panics if an error occurs.
-func (_u *ApiKeyUpdateOne) SaveX(ctx context.Context) *ApiKey {
+func (_u *APIKeyUpdateOne) SaveX(ctx context.Context) *APIKey {
 	node, err := _u.Save(ctx)
 	if err != nil {
 		panic(err)
@@ -610,20 +610,20 @@ func (_u *ApiKeyUpdateOne) SaveX(ctx context.Context) *ApiKey {
 }

 // Exec executes the query on the entity.
-func (_u *ApiKeyUpdateOne) Exec(ctx context.Context) error {
+func (_u *APIKeyUpdateOne) Exec(ctx context.Context) error {
 	_, err := _u.Save(ctx)
 	return err
 }

 // ExecX is like Exec, but panics if an error occurs.
-func (_u *ApiKeyUpdateOne) ExecX(ctx context.Context) {
+func (_u *APIKeyUpdateOne) ExecX(ctx context.Context) {
 	if err := _u.Exec(ctx); err != nil {
 		panic(err)
 	}
 }

 // defaults sets the default values of the builder before save.
-func (_u *ApiKeyUpdateOne) defaults() error {
+func (_u *APIKeyUpdateOne) defaults() error {
 	if _, ok := _u.mutation.UpdatedAt(); !ok {
 		if apikey.UpdateDefaultUpdatedAt == nil {
 			return fmt.Errorf("ent: uninitialized apikey.UpdateDefaultUpdatedAt (forgotten import ent/runtime?)")
@@ -635,36 +635,36 @@ func (_u *ApiKeyUpdateOne) defaults() error {
 }

 // check runs all checks and user-defined validators on the builder.
-func (_u *ApiKeyUpdateOne) check() error {
+func (_u *APIKeyUpdateOne) check() error {
 	if v, ok := _u.mutation.Key(); ok {
 		if err := apikey.KeyValidator(v); err != nil {
-			return &ValidationError{Name: "key", err: fmt.Errorf(`ent: validator failed for field "ApiKey.key": %w`, err)}
+			return &ValidationError{Name: "key", err: fmt.Errorf(`ent: validator failed for field "APIKey.key": %w`, err)}
 		}
 	}
 	if v, ok := _u.mutation.Name(); ok {
 		if err := apikey.NameValidator(v); err != nil {
-			return &ValidationError{Name: "name", err: fmt.Errorf(`ent: validator failed for field "ApiKey.name": %w`, err)}
+			return &ValidationError{Name: "name", err: fmt.Errorf(`ent: validator failed for field "APIKey.name": %w`, err)}
 		}
 	}
 	if v, ok := _u.mutation.Status(); ok {
 		if err := apikey.StatusValidator(v); err != nil {
-			return &ValidationError{Name: "status", err: fmt.Errorf(`ent: validator failed for field "ApiKey.status": %w`, err)}
+			return &ValidationError{Name: "status", err: fmt.Errorf(`ent: validator failed for field "APIKey.status": %w`, err)}
 		}
 	}
 	if _u.mutation.UserCleared() && len(_u.mutation.UserIDs()) > 0 {
-		return errors.New(`ent: clearing a required unique edge "ApiKey.user"`)
+		return errors.New(`ent: clearing a required unique edge "APIKey.user"`)
 	}
 	return nil
 }

-func (_u *ApiKeyUpdateOne) sqlSave(ctx context.Context) (_node *ApiKey, err error) {
+func (_u *APIKeyUpdateOne) sqlSave(ctx context.Context) (_node *APIKey, err error) {
 	if err := _u.check(); err != nil {
 		return _node, err
 	}
 	_spec := sqlgraph.NewUpdateSpec(apikey.Table, apikey.Columns, sqlgraph.NewFieldSpec(apikey.FieldID, field.TypeInt64))
 	id, ok := _u.mutation.ID()
 	if !ok {
-		return nil, &ValidationError{Name: "id", err: errors.New(`ent: missing "ApiKey.id" for update`)}
+		return nil, &ValidationError{Name: "id", err: errors.New(`ent: missing "APIKey.id" for update`)}
 	}
 	_spec.Node.ID.Value = id
 	if fields := _u.fields; len(fields) > 0 {
@@ -807,7 +807,7 @@ func (_u *ApiKeyUpdateOne) sqlSave(ctx context.Context) (_node *ApiKey, err erro
 		}
 		_spec.Edges.Add = append(_spec.Edges.Add, edge)
 	}
-	_node = &ApiKey{config: _u.config}
+	_node = &APIKey{config: _u.config}
 	_spec.Assign = _node.assignValues
 	_spec.ScanValues = _node.scanValues
 	if err = sqlgraph.UpdateNode(ctx, _u.driver, _spec); err != nil {
--- a/backend/ent/client.go
+++ b/backend/ent/client.go
@@ -25,6 +25,8 @@ import (
 	"github.com/Wei-Shaw/sub2api/ent/usagelog"
 	"github.com/Wei-Shaw/sub2api/ent/user"
 	"github.com/Wei-Shaw/sub2api/ent/userallowedgroup"
+	"github.com/Wei-Shaw/sub2api/ent/userattributedefinition"
+	"github.com/Wei-Shaw/sub2api/ent/userattributevalue"
 	"github.com/Wei-Shaw/sub2api/ent/usersubscription"

 	stdsql "database/sql"
@@ -35,12 +37,12 @@ type Client struct {
 	config
 	// Schema is the client for creating, migrating and dropping schema.
 	Schema *migrate.Schema
+	// APIKey is the client for interacting with the APIKey builders.
+	APIKey *APIKeyClient
 	// Account is the client for interacting with the Account builders.
 	Account *AccountClient
 	// AccountGroup is the client for interacting with the AccountGroup builders.
 	AccountGroup *AccountGroupClient
-	// ApiKey is the client for interacting with the ApiKey builders.
-	ApiKey *ApiKeyClient
 	// Group is the client for interacting with the Group builders.
 	Group *GroupClient
 	// Proxy is the client for interacting with the Proxy builders.
@@ -55,6 +57,10 @@ type Client struct {
 	User *UserClient
 	// UserAllowedGroup is the client for interacting with the UserAllowedGroup builders.
 	UserAllowedGroup *UserAllowedGroupClient
+	// UserAttributeDefinition is the client for interacting with the UserAttributeDefinition builders.
+	UserAttributeDefinition *UserAttributeDefinitionClient
+	// UserAttributeValue is the client for interacting with the UserAttributeValue builders.
+	UserAttributeValue *UserAttributeValueClient
 	// UserSubscription is the client for interacting with the UserSubscription builders.
 	UserSubscription *UserSubscriptionClient
 }
@@ -68,9 +74,9 @@ func NewClient(opts ...Option) *Client {

 func (c *Client) init() {
 	c.Schema = migrate.NewSchema(c.driver)
+	c.APIKey = NewAPIKeyClient(c.config)
 	c.Account = NewAccountClient(c.config)
 	c.AccountGroup = NewAccountGroupClient(c.config)
-	c.ApiKey = NewApiKeyClient(c.config)
 	c.Group = NewGroupClient(c.config)
 	c.Proxy = NewProxyClient(c.config)
 	c.RedeemCode = NewRedeemCodeClient(c.config)
@@ -78,6 +84,8 @@ func (c *Client) init() {
 	c.UsageLog = NewUsageLogClient(c.config)
 	c.User = NewUserClient(c.config)
 	c.UserAllowedGroup = NewUserAllowedGroupClient(c.config)
+	c.UserAttributeDefinition = NewUserAttributeDefinitionClient(c.config)
+	c.UserAttributeValue = NewUserAttributeValueClient(c.config)
 	c.UserSubscription = NewUserSubscriptionClient(c.config)
 }

@@ -169,19 +177,21 @@ func (c *Client) Tx(ctx context.Context) (*Tx, error) {
 	cfg := c.config
 	cfg.driver = tx
 	return &Tx{
-		ctx:              ctx,
-		config:           cfg,
-		Account:          NewAccountClient(cfg),
-		AccountGroup:     NewAccountGroupClient(cfg),
-		ApiKey:           NewApiKeyClient(cfg),
-		Group:            NewGroupClient(cfg),
-		Proxy:            NewProxyClient(cfg),
-		RedeemCode:       NewRedeemCodeClient(cfg),
-		Setting:          NewSettingClient(cfg),
-		UsageLog:         NewUsageLogClient(cfg),
-		User:             NewUserClient(cfg),
-		UserAllowedGroup: NewUserAllowedGroupClient(cfg),
-		UserSubscription: NewUserSubscriptionClient(cfg),
+		ctx:                     ctx,
+		config:                  cfg,
+		APIKey:                  NewAPIKeyClient(cfg),
+		Account:                 NewAccountClient(cfg),
+		AccountGroup:            NewAccountGroupClient(cfg),
+		Group:                   NewGroupClient(cfg),
+		Proxy:                   NewProxyClient(cfg),
+		RedeemCode:              NewRedeemCodeClient(cfg),
+		Setting:                 NewSettingClient(cfg),
+		UsageLog:                NewUsageLogClient(cfg),
+		User:                    NewUserClient(cfg),
+		UserAllowedGroup:        NewUserAllowedGroupClient(cfg),
+		UserAttributeDefinition: NewUserAttributeDefinitionClient(cfg),
+		UserAttributeValue:      NewUserAttributeValueClient(cfg),
+		UserSubscription:        NewUserSubscriptionClient(cfg),
 	}, nil
 }

@@ -199,26 +209,28 @@ func (c *Client) BeginTx(ctx context.Context, opts *sql.TxOptions) (*Tx, error)
 	cfg := c.config
 	cfg.driver = &txDriver{tx: tx, drv: c.driver}
 	return &Tx{
-		ctx:              ctx,
-		config:           cfg,
-		Account:          NewAccountClient(cfg),
-		AccountGroup:     NewAccountGroupClient(cfg),
-		ApiKey:           NewApiKeyClient(cfg),
-		Group:            NewGroupClient(cfg),
-		Proxy:            NewProxyClient(cfg),
-		RedeemCode:       NewRedeemCodeClient(cfg),
-		Setting:          NewSettingClient(cfg),
-		UsageLog:         NewUsageLogClient(cfg),
-		User:             NewUserClient(cfg),
-		UserAllowedGroup: NewUserAllowedGroupClient(cfg),
-		UserSubscription: NewUserSubscriptionClient(cfg),
+		ctx:                     ctx,
+		config:                  cfg,
+		APIKey:                  NewAPIKeyClient(cfg),
+		Account:                 NewAccountClient(cfg),
+		AccountGroup:            NewAccountGroupClient(cfg),
+		Group:                   NewGroupClient(cfg),
+		Proxy:                   NewProxyClient(cfg),
+		RedeemCode:              NewRedeemCodeClient(cfg),
+		Setting:                 NewSettingClient(cfg),
+		UsageLog:                NewUsageLogClient(cfg),
+		User:                    NewUserClient(cfg),
+		UserAllowedGroup:        NewUserAllowedGroupClient(cfg),
+		UserAttributeDefinition: NewUserAttributeDefinitionClient(cfg),
+		UserAttributeValue:      NewUserAttributeValueClient(cfg),
+		UserSubscription:        NewUserSubscriptionClient(cfg),
 	}, nil
 }

 // Debug returns a new debug-client. It's used to get verbose logging on specific operations.
 //
 //	client.Debug().
-//		Account.
+//		APIKey.
 //		Query().
 //		Count(ctx)
 func (c *Client) Debug() *Client {
@@ -241,8 +253,9 @@ func (c *Client) Close() error {
 // In order to add hooks to a specific client, call: `client.Node.Use(...)`.
 func (c *Client) Use(hooks ...Hook) {
 	for _, n := range []interface{ Use(...Hook) }{
-		c.Account, c.AccountGroup, c.ApiKey, c.Group, c.Proxy, c.RedeemCode, c.Setting,
-		c.UsageLog, c.User, c.UserAllowedGroup, c.UserSubscription,
+		c.APIKey, c.Account, c.AccountGroup, c.Group, c.Proxy, c.RedeemCode, c.Setting,
+		c.UsageLog, c.User, c.UserAllowedGroup, c.UserAttributeDefinition,
+		c.UserAttributeValue, c.UserSubscription,
 	} {
 		n.Use(hooks...)
 	}
@@ -252,8 +265,9 @@ func (c *Client) Use(hooks ...Hook) {
 // In order to add interceptors to a specific client, call: `client.Node.Intercept(...)`.
 func (c *Client) Intercept(interceptors ...Interceptor) {
 	for _, n := range []interface{ Intercept(...Interceptor) }{
-		c.Account, c.AccountGroup, c.ApiKey, c.Group, c.Proxy, c.RedeemCode, c.Setting,
-		c.UsageLog, c.User, c.UserAllowedGroup, c.UserSubscription,
+		c.APIKey, c.Account, c.AccountGroup, c.Group, c.Proxy, c.RedeemCode, c.Setting,
+		c.UsageLog, c.User, c.UserAllowedGroup, c.UserAttributeDefinition,
+		c.UserAttributeValue, c.UserSubscription,
 	} {
 		n.Intercept(interceptors...)
 	}
@@ -262,12 +276,12 @@ func (c *Client) Intercept(interceptors ...Interceptor) {
 // Mutate implements the ent.Mutator interface.
 func (c *Client) Mutate(ctx context.Context, m Mutation) (Value, error) {
 	switch m := m.(type) {
+	case *APIKeyMutation:
+		return c.APIKey.mutate(ctx, m)
 	case *AccountMutation:
 		return c.Account.mutate(ctx, m)
 	case *AccountGroupMutation:
 		return c.AccountGroup.mutate(ctx, m)
-	case *ApiKeyMutation:
-		return c.ApiKey.mutate(ctx, m)
 	case *GroupMutation:
 		return c.Group.mutate(ctx, m)
 	case *ProxyMutation:
@@ -282,6 +296,10 @@ func (c *Client) Mutate(ctx context.Context, m Mutation) (Value, error) {
 		return c.User.mutate(ctx, m)
 	case *UserAllowedGroupMutation:
 		return c.UserAllowedGroup.mutate(ctx, m)
+	case *UserAttributeDefinitionMutation:
+		return c.UserAttributeDefinition.mutate(ctx, m)
+	case *UserAttributeValueMutation:
+		return c.UserAttributeValue.mutate(ctx, m)
 	case *UserSubscriptionMutation:
 		return c.UserSubscription.mutate(ctx, m)
 	default:
@@ -289,6 +307,189 @@ func (c *Client) Mutate(ctx context.Context, m Mutation) (Value, error) {
 	}
 }

+// APIKeyClient is a client for the APIKey schema.
+type APIKeyClient struct {
+	config
+}
+
+// NewAPIKeyClient returns a client for the APIKey from the given config.
+func NewAPIKeyClient(c config) *APIKeyClient {
+	return &APIKeyClient{config: c}
+}
+
+// Use adds a list of mutation hooks to the hooks stack.
+// A call to `Use(f, g, h)` equals to `apikey.Hooks(f(g(h())))`.
+func (c *APIKeyClient) Use(hooks ...Hook) {
+	c.hooks.APIKey = append(c.hooks.APIKey, hooks...)
+}
+
+// Intercept adds a list of query interceptors to the interceptors stack.
+// A call to `Intercept(f, g, h)` equals to `apikey.Intercept(f(g(h())))`.
+func (c *APIKeyClient) Intercept(interceptors ...Interceptor) {
+	c.inters.APIKey = append(c.inters.APIKey, interceptors...)
+}
+
+// Create returns a builder for creating a APIKey entity.
+func (c *APIKeyClient) Create() *APIKeyCreate {
+	mutation := newAPIKeyMutation(c.config, OpCreate)
+	return &APIKeyCreate{config: c.config, hooks: c.Hooks(), mutation: mutation}
+}
+
+// CreateBulk returns a builder for creating a bulk of APIKey entities.
+func (c *APIKeyClient) CreateBulk(builders ...*APIKeyCreate) *APIKeyCreateBulk {
+	return &APIKeyCreateBulk{config: c.config, builders: builders}
+}
+
+// MapCreateBulk creates a bulk creation builder from the given slice. For each item in the slice, the function creates
+// a builder and applies setFunc on it.
+func (c *APIKeyClient) MapCreateBulk(slice any, setFunc func(*APIKeyCreate, int)) *APIKeyCreateBulk {
+	rv := reflect.ValueOf(slice)
+	if rv.Kind() != reflect.Slice {
+		return &APIKeyCreateBulk{err: fmt.Errorf("calling to APIKeyClient.MapCreateBulk with wrong type %T, need slice", slice)}
+	}
+	builders := make([]*APIKeyCreate, rv.Len())
+	for i := 0; i < rv.Len(); i++ {
+		builders[i] = c.Create()
+		setFunc(builders[i], i)
+	}
+	return &APIKeyCreateBulk{config: c.config, builders: builders}
+}
+
+// Update returns an update builder for APIKey.
+func (c *APIKeyClient) Update() *APIKeyUpdate {
+	mutation := newAPIKeyMutation(c.config, OpUpdate)
+	return &APIKeyUpdate{config: c.config, hooks: c.Hooks(), mutation: mutation}
+}
+
+// UpdateOne returns an update builder for the given entity.
+func (c *APIKeyClient) UpdateOne(_m *APIKey) *APIKeyUpdateOne {
+	mutation := newAPIKeyMutation(c.config, OpUpdateOne, withAPIKey(_m))
+	return &APIKeyUpdateOne{config: c.config, hooks: c.Hooks(), mutation: mutation}
+}
+
+// UpdateOneID returns an update builder for the given id.
+func (c *APIKeyClient) UpdateOneID(id int64) *APIKeyUpdateOne {
+	mutation := newAPIKeyMutation(c.config, OpUpdateOne, withAPIKeyID(id))
+	return &APIKeyUpdateOne{config: c.config, hooks: c.Hooks(), mutation: mutation}
+}
+
+// Delete returns a delete builder for APIKey.
+func (c *APIKeyClient) Delete() *APIKeyDelete {
+	mutation := newAPIKeyMutation(c.config, OpDelete)
+	return &APIKeyDelete{config: c.config, hooks: c.Hooks(), mutation: mutation}
+}
+
+// DeleteOne returns a builder for deleting the given entity.
+func (c *APIKeyClient) DeleteOne(_m *APIKey) *APIKeyDeleteOne {
+	return c.DeleteOneID(_m.ID)
+}
+
+// DeleteOneID returns a builder for deleting the given entity by its id.
+func (c *APIKeyClient) DeleteOneID(id int64) *APIKeyDeleteOne {
+	builder := c.Delete().Where(apikey.ID(id))
+	builder.mutation.id = &id
+	builder.mutation.op = OpDeleteOne
+	return &APIKeyDeleteOne{builder}
+}
+
+// Query returns a query builder for APIKey.
+func (c *APIKeyClient) Query() *APIKeyQuery {
+	return &APIKeyQuery{
+		config: c.config,
+		ctx:    &QueryContext{Type: TypeAPIKey},
+		inters: c.Interceptors(),
+	}
+}
+
+// Get returns a APIKey entity by its id.
+func (c *APIKeyClient) Get(ctx context.Context, id int64) (*APIKey, error) {
+	return c.Query().Where(apikey.ID(id)).Only(ctx)
+}
+
+// GetX is like Get, but panics if an error occurs.
+func (c *APIKeyClient) GetX(ctx context.Context, id int64) *APIKey {
+	obj, err := c.Get(ctx, id)
+	if err != nil {
+		panic(err)
+	}
+	return obj
+}
+
+// QueryUser queries the user edge of a APIKey.
+func (c *APIKeyClient) QueryUser(_m *APIKey) *UserQuery {
+	query := (&UserClient{config: c.config}).Query()
+	query.path = func(context.Context) (fromV *sql.Selector, _ error) {
+		id := _m.ID
+		step := sqlgraph.NewStep(
+			sqlgraph.From(apikey.Table, apikey.FieldID, id),
+			sqlgraph.To(user.Table, user.FieldID),
+			sqlgraph.Edge(sqlgraph.M2O, true, apikey.UserTable, apikey.UserColumn),
+		)
+		fromV = sqlgraph.Neighbors(_m.driver.Dialect(), step)
+		return fromV, nil
+	}
+	return query
+}
+
+// QueryGroup queries the group edge of a APIKey.
+func (c *APIKeyClient) QueryGroup(_m *APIKey) *GroupQuery {
+	query := (&GroupClient{config: c.config}).Query()
+	query.path = func(context.Context) (fromV *sql.Selector, _ error) {
+		id := _m.ID
+		step := sqlgraph.NewStep(
+			sqlgraph.From(apikey.Table, apikey.FieldID, id),
+			sqlgraph.To(group.Table, group.FieldID),
+			sqlgraph.Edge(sqlgraph.M2O, true, apikey.GroupTable, apikey.GroupColumn),
+		)
+		fromV = sqlgraph.Neighbors(_m.driver.Dialect(), step)
+		return fromV, nil
+	}
+	return query
+}
+
+// QueryUsageLogs queries the usage_logs edge of a APIKey.
+func (c *APIKeyClient) QueryUsageLogs(_m *APIKey) *UsageLogQuery {
+	query := (&UsageLogClient{config: c.config}).Query()
+	query.path = func(context.Context) (fromV *sql.Selector, _ error) {
+		id := _m.ID
+		step := sqlgraph.NewStep(
+			sqlgraph.From(apikey.Table, apikey.FieldID, id),
+			sqlgraph.To(usagelog.Table, usagelog.FieldID),
+			sqlgraph.Edge(sqlgraph.O2M, false, apikey.UsageLogsTable, apikey.UsageLogsColumn),
+		)
+		fromV = sqlgraph.Neighbors(_m.driver.Dialect(), step)
+		return fromV, nil
+	}
+	return query
+}
+
+// Hooks returns the client hooks.
+func (c *APIKeyClient) Hooks() []Hook {
+	hooks := c.hooks.APIKey
+	return append(hooks[:len(hooks):len(hooks)], apikey.Hooks[:]...)
+}
+
+// Interceptors returns the client interceptors.
+func (c *APIKeyClient) Interceptors() []Interceptor {
+	inters := c.inters.APIKey
+	return append(inters[:len(inters):len(inters)], apikey.Interceptors[:]...)
+}
+
+func (c *APIKeyClient) mutate(ctx context.Context, m *APIKeyMutation) (Value, error) {
+	switch m.Op() {
+	case OpCreate:
+		return (&APIKeyCreate{config: c.config, hooks: c.Hooks(), mutation: m}).Save(ctx)
+	case OpUpdate:
+		return (&APIKeyUpdate{config: c.config, hooks: c.Hooks(), mutation: m}).Save(ctx)
+	case OpUpdateOne:
+		return (&APIKeyUpdateOne{config: c.config, hooks: c.Hooks(), mutation: m}).Save(ctx)
+	case OpDelete, OpDeleteOne:
+		return (&APIKeyDelete{config: c.config, hooks: c.Hooks(), mutation: m}).Exec(ctx)
+	default:
+		return nil, fmt.Errorf("ent: unknown APIKey mutation op: %q", m.Op())
+	}
+}
+
 // AccountClient is a client for the Account schema.
 type AccountClient struct {
 	config
@@ -604,189 +805,6 @@ func (c *AccountGroupClient) mutate(ctx context.Context, m *AccountGroupMutation
 	}
 }

-// ApiKeyClient is a client for the ApiKey schema.
-type ApiKeyClient struct {
-	config
-}
-
-// NewApiKeyClient returns a client for the ApiKey from the given config.
-func NewApiKeyClient(c config) *ApiKeyClient {
-	return &ApiKeyClient{config: c}
-}
-
-// Use adds a list of mutation hooks to the hooks stack.
-// A call to `Use(f, g, h)` equals to `apikey.Hooks(f(g(h())))`.
-func (c *ApiKeyClient) Use(hooks ...Hook) {
-	c.hooks.ApiKey = append(c.hooks.ApiKey, hooks...)
-}
-
-// Intercept adds a list of query interceptors to the interceptors stack.
-// A call to `Intercept(f, g, h)` equals to `apikey.Intercept(f(g(h())))`.
-func (c *ApiKeyClient) Intercept(interceptors ...Interceptor) {
-	c.inters.ApiKey = append(c.inters.ApiKey, interceptors...)
-}
-
-// Create returns a builder for creating a ApiKey entity.
-func (c *ApiKeyClient) Create() *ApiKeyCreate {
-	mutation := newApiKeyMutation(c.config, OpCreate)
-	return &ApiKeyCreate{config: c.config, hooks: c.Hooks(), mutation: mutation}
-}
-
-// CreateBulk returns a builder for creating a bulk of ApiKey entities.
-func (c *ApiKeyClient) CreateBulk(builders ...*ApiKeyCreate) *ApiKeyCreateBulk {
-	return &ApiKeyCreateBulk{config: c.config, builders: builders}
-}
-
-// MapCreateBulk creates a bulk creation builder from the given slice. For each item in the slice, the function creates
-// a builder and applies setFunc on it.
-func (c *ApiKeyClient) MapCreateBulk(slice any, setFunc func(*ApiKeyCreate, int)) *ApiKeyCreateBulk {
-	rv := reflect.ValueOf(slice)
-	if rv.Kind() != reflect.Slice {
-		return &ApiKeyCreateBulk{err: fmt.Errorf("calling to ApiKeyClient.MapCreateBulk with wrong type %T, need slice", slice)}
-	}
-	builders := make([]*ApiKeyCreate, rv.Len())
-	for i := 0; i < rv.Len(); i++ {
-		builders[i] = c.Create()
-		setFunc(builders[i], i)
-	}
-	return &ApiKeyCreateBulk{config: c.config, builders: builders}
-}
-
-// Update returns an update builder for ApiKey.
-func (c *ApiKeyClient) Update() *ApiKeyUpdate {
-	mutation := newApiKeyMutation(c.config, OpUpdate)
-	return &ApiKeyUpdate{config: c.config, hooks: c.Hooks(), mutation: mutation}
-}
-
-// UpdateOne returns an update builder for the given entity.
-func (c *ApiKeyClient) UpdateOne(_m *ApiKey) *ApiKeyUpdateOne {
-	mutation := newApiKeyMutation(c.config, OpUpdateOne, withApiKey(_m))
-	return &ApiKeyUpdateOne{config: c.config, hooks: c.Hooks(), mutation: mutation}
-}
-
-// UpdateOneID returns an update builder for the given id.
-func (c *ApiKeyClient) UpdateOneID(id int64) *ApiKeyUpdateOne {
-	mutation := newApiKeyMutation(c.config, OpUpdateOne, withApiKeyID(id))
-	return &ApiKeyUpdateOne{config: c.config, hooks: c.Hooks(), mutation: mutation}
-}
-
-// Delete returns a delete builder for ApiKey.
-func (c *ApiKeyClient) Delete() *ApiKeyDelete {
-	mutation := newApiKeyMutation(c.config, OpDelete)
-	return &ApiKeyDelete{config: c.config, hooks: c.Hooks(), mutation: mutation}
-}
-
-// DeleteOne returns a builder for deleting the given entity.
-func (c *ApiKeyClient) DeleteOne(_m *ApiKey) *ApiKeyDeleteOne {
-	return c.DeleteOneID(_m.ID)
-}
-
-// DeleteOneID returns a builder for deleting the given entity by its id.
-func (c *ApiKeyClient) DeleteOneID(id int64) *ApiKeyDeleteOne {
-	builder := c.Delete().Where(apikey.ID(id))
-	builder.mutation.id = &id
-	builder.mutation.op = OpDeleteOne
-	return &ApiKeyDeleteOne{builder}
-}
-
-// Query returns a query builder for ApiKey.
-func (c *ApiKeyClient) Query() *ApiKeyQuery {
-	return &ApiKeyQuery{
-		config: c.config,
-		ctx:    &QueryContext{Type: TypeApiKey},
-		inters: c.Interceptors(),
-	}
-}
-
-// Get returns a ApiKey entity by its id.
-func (c *ApiKeyClient) Get(ctx context.Context, id int64) (*ApiKey, error) {
-	return c.Query().Where(apikey.ID(id)).Only(ctx)
-}
-
-// GetX is like Get, but panics if an error occurs.
-func (c *ApiKeyClient) GetX(ctx context.Context, id int64) *ApiKey {
-	obj, err := c.Get(ctx, id)
-	if err != nil {
-		panic(err)
-	}
-	return obj
-}
-
-// QueryUser queries the user edge of a ApiKey.
-func (c *ApiKeyClient) QueryUser(_m *ApiKey) *UserQuery {
-	query := (&UserClient{config: c.config}).Query()
-	query.path = func(context.Context) (fromV *sql.Selector, _ error) {
-		id := _m.ID
-		step := sqlgraph.NewStep(
-			sqlgraph.From(apikey.Table, apikey.FieldID, id),
-			sqlgraph.To(user.Table, user.FieldID),
-			sqlgraph.Edge(sqlgraph.M2O, true, apikey.UserTable, apikey.UserColumn),
-		)
-		fromV = sqlgraph.Neighbors(_m.driver.Dialect(), step)
-		return fromV, nil
-	}
-	return query
-}
-
-// QueryGroup queries the group edge of a ApiKey.
-func (c *ApiKeyClient) QueryGroup(_m *ApiKey) *GroupQuery {
-	query := (&GroupClient{config: c.config}).Query()
-	query.path = func(context.Context) (fromV *sql.Selector, _ error) {
-		id := _m.ID
-		step := sqlgraph.NewStep(
-			sqlgraph.From(apikey.Table, apikey.FieldID, id),
-			sqlgraph.To(group.Table, group.FieldID),
-			sqlgraph.Edge(sqlgraph.M2O, true, apikey.GroupTable, apikey.GroupColumn),
-		)
-		fromV = sqlgraph.Neighbors(_m.driver.Dialect(), step)
-		return fromV, nil
-	}
-	return query
-}
-
-// QueryUsageLogs queries the usage_logs edge of a ApiKey.
-func (c *ApiKeyClient) QueryUsageLogs(_m *ApiKey) *UsageLogQuery {
-	query := (&UsageLogClient{config: c.config}).Query()
-	query.path = func(context.Context) (fromV *sql.Selector, _ error) {
-		id := _m.ID
-		step := sqlgraph.NewStep(
-			sqlgraph.From(apikey.Table, apikey.FieldID, id),
-			sqlgraph.To(usagelog.Table, usagelog.FieldID),
-			sqlgraph.Edge(sqlgraph.O2M, false, apikey.UsageLogsTable, apikey.UsageLogsColumn),
-		)
-		fromV = sqlgraph.Neighbors(_m.driver.Dialect(), step)
-		return fromV, nil
-	}
-	return query
-}
-
-// Hooks returns the client hooks.
-func (c *ApiKeyClient) Hooks() []Hook {
-	hooks := c.hooks.ApiKey
-	return append(hooks[:len(hooks):len(hooks)], apikey.Hooks[:]...)
-}
-
-// Interceptors returns the client interceptors.
-func (c *ApiKeyClient) Interceptors() []Interceptor {
-	inters := c.inters.ApiKey
-	return append(inters[:len(inters):len(inters)], apikey.Interceptors[:]...)
-}
-
-func (c *ApiKeyClient) mutate(ctx context.Context, m *ApiKeyMutation) (Value, error) {
-	switch m.Op() {
-	case OpCreate:
-		return (&ApiKeyCreate{config: c.config, hooks: c.Hooks(), mutation: m}).Save(ctx)
-	case OpUpdate:
-		return (&ApiKeyUpdate{config: c.config, hooks: c.Hooks(), mutation: m}).Save(ctx)
-	case OpUpdateOne:
-		return (&ApiKeyUpdateOne{config: c.config, hooks: c.Hooks(), mutation: m}).Save(ctx)
-	case OpDelete, OpDeleteOne:
-		return (&ApiKeyDelete{config: c.config, hooks: c.Hooks(), mutation: m}).Exec(ctx)
-	default:
-		return nil, fmt.Errorf("ent: unknown ApiKey mutation op: %q", m.Op())
-	}
-}
-
 // GroupClient is a client for the Group schema.
 type GroupClient struct {
 	config
@@ -896,8 +914,8 @@ func (c *GroupClient) GetX(ctx context.Context, id int64) *Group {
 }

 // QueryAPIKeys queries the api_keys edge of a Group.
-func (c *GroupClient) QueryAPIKeys(_m *Group) *ApiKeyQuery {
-	query := (&ApiKeyClient{config: c.config}).Query()
+func (c *GroupClient) QueryAPIKeys(_m *Group) *APIKeyQuery {
+	query := (&APIKeyClient{config: c.config}).Query()
 	query.path = func(context.Context) (fromV *sql.Selector, _ error) {
 		id := _m.ID
 		step := sqlgraph.NewStep(
@@ -1624,8 +1642,8 @@ func (c *UsageLogClient) QueryUser(_m *UsageLog) *UserQuery {
 }

 // QueryAPIKey queries the api_key edge of a UsageLog.
-func (c *UsageLogClient) QueryAPIKey(_m *UsageLog) *ApiKeyQuery {
-	query := (&ApiKeyClient{config: c.config}).Query()
+func (c *UsageLogClient) QueryAPIKey(_m *UsageLog) *APIKeyQuery {
+	query := (&APIKeyClient{config: c.config}).Query()
 	query.path = func(context.Context) (fromV *sql.Selector, _ error) {
 		id := _m.ID
 		step := sqlgraph.NewStep(
@@ -1821,8 +1839,8 @@ func (c *UserClient) GetX(ctx context.Context, id int64) *User {
 }

 // QueryAPIKeys queries the api_keys edge of a User.
-func (c *UserClient) QueryAPIKeys(_m *User) *ApiKeyQuery {
-	query := (&ApiKeyClient{config: c.config}).Query()
+func (c *UserClient) QueryAPIKeys(_m *User) *APIKeyQuery {
+	query := (&APIKeyClient{config: c.config}).Query()
 	query.path = func(context.Context) (fromV *sql.Selector, _ error) {
 		id := _m.ID
 		step := sqlgraph.NewStep(
@@ -1916,6 +1934,22 @@ func (c *UserClient) QueryUsageLogs(_m *User) *UsageLogQuery {
 	return query
 }

+// QueryAttributeValues queries the attribute_values edge of a User.
+func (c *UserClient) QueryAttributeValues(_m *User) *UserAttributeValueQuery {
+	query := (&UserAttributeValueClient{config: c.config}).Query()
+	query.path = func(context.Context) (fromV *sql.Selector, _ error) {
+		id := _m.ID
+		step := sqlgraph.NewStep(
+			sqlgraph.From(user.Table, user.FieldID, id),
+			sqlgraph.To(userattributevalue.Table, userattributevalue.FieldID),
+			sqlgraph.Edge(sqlgraph.O2M, false, user.AttributeValuesTable, user.AttributeValuesColumn),
+		)
+		fromV = sqlgraph.Neighbors(_m.driver.Dialect(), step)
+		return fromV, nil
+	}
+	return query
+}
+
 // QueryUserAllowedGroups queries the user_allowed_groups edge of a User.
 func (c *UserClient) QueryUserAllowedGroups(_m *User) *UserAllowedGroupQuery {
 	query := (&UserAllowedGroupClient{config: c.config}).Query()
@@ -2075,6 +2109,322 @@ func (c *UserAllowedGroupClient) mutate(ctx context.Context, m *UserAllowedGroup
 	}
 }

+// UserAttributeDefinitionClient is a client for the UserAttributeDefinition schema.
+type UserAttributeDefinitionClient struct {
+	config
+}
+
+// NewUserAttributeDefinitionClient returns a client for the UserAttributeDefinition from the given config.
+func NewUserAttributeDefinitionClient(c config) *UserAttributeDefinitionClient {
+	return &UserAttributeDefinitionClient{config: c}
+}
+
+// Use adds a list of mutation hooks to the hooks stack.
+// A call to `Use(f, g, h)` equals to `userattributedefinition.Hooks(f(g(h())))`.
+func (c *UserAttributeDefinitionClient) Use(hooks ...Hook) {
+	c.hooks.UserAttributeDefinition = append(c.hooks.UserAttributeDefinition, hooks...)
+}
+
+// Intercept adds a list of query interceptors to the interceptors stack.
+// A call to `Intercept(f, g, h)` equals to `userattributedefinition.Intercept(f(g(h())))`.
+func (c *UserAttributeDefinitionClient) Intercept(interceptors ...Interceptor) {
+	c.inters.UserAttributeDefinition = append(c.inters.UserAttributeDefinition, interceptors...)
+}
+
+// Create returns a builder for creating a UserAttributeDefinition entity.
+func (c *UserAttributeDefinitionClient) Create() *UserAttributeDefinitionCreate {
+	mutation := newUserAttributeDefinitionMutation(c.config, OpCreate)
+	return &UserAttributeDefinitionCreate{config: c.config, hooks: c.Hooks(), mutation: mutation}
+}
+
+// CreateBulk returns a builder for creating a bulk of UserAttributeDefinition entities.
+func (c *UserAttributeDefinitionClient) CreateBulk(builders ...*UserAttributeDefinitionCreate) *UserAttributeDefinitionCreateBulk {
+	return &UserAttributeDefinitionCreateBulk{config: c.config, builders: builders}
+}
+
+// MapCreateBulk creates a bulk creation builder from the given slice. For each item in the slice, the function creates
+// a builder and applies setFunc on it.
+func (c *UserAttributeDefinitionClient) MapCreateBulk(slice any, setFunc func(*UserAttributeDefinitionCreate, int)) *UserAttributeDefinitionCreateBulk {
+	rv := reflect.ValueOf(slice)
+	if rv.Kind() != reflect.Slice {
+		return &UserAttributeDefinitionCreateBulk{err: fmt.Errorf("calling to UserAttributeDefinitionClient.MapCreateBulk with wrong type %T, need slice", slice)}
+	}
+	builders := make([]*UserAttributeDefinitionCreate, rv.Len())
+	for i := 0; i < rv.Len(); i++ {
+		builders[i] = c.Create()
+		setFunc(builders[i], i)
+	}
+	return &UserAttributeDefinitionCreateBulk{config: c.config, builders: builders}
+}
+
+// Update returns an update builder for UserAttributeDefinition.
+func (c *UserAttributeDefinitionClient) Update() *UserAttributeDefinitionUpdate {
+	mutation := newUserAttributeDefinitionMutation(c.config, OpUpdate)
+	return &UserAttributeDefinitionUpdate{config: c.config, hooks: c.Hooks(), mutation: mutation}
+}
+
+// UpdateOne returns an update builder for the given entity.
+func (c *UserAttributeDefinitionClient) UpdateOne(_m *UserAttributeDefinition) *UserAttributeDefinitionUpdateOne {
+	mutation := newUserAttributeDefinitionMutation(c.config, OpUpdateOne, withUserAttributeDefinition(_m))
+	return &UserAttributeDefinitionUpdateOne{config: c.config, hooks: c.Hooks(), mutation: mutation}
+}
+
+// UpdateOneID returns an update builder for the given id.
+func (c *UserAttributeDefinitionClient) UpdateOneID(id int64) *UserAttributeDefinitionUpdateOne {
+	mutation := newUserAttributeDefinitionMutation(c.config, OpUpdateOne, withUserAttributeDefinitionID(id))
+	return &UserAttributeDefinitionUpdateOne{config: c.config, hooks: c.Hooks(), mutation: mutation}
+}
+
+// Delete returns a delete builder for UserAttributeDefinition.
+func (c *UserAttributeDefinitionClient) Delete() *UserAttributeDefinitionDelete {
+	mutation := newUserAttributeDefinitionMutation(c.config, OpDelete)
+	return &UserAttributeDefinitionDelete{config: c.config, hooks: c.Hooks(), mutation: mutation}
+}
+
+// DeleteOne returns a builder for deleting the given entity.
+func (c *UserAttributeDefinitionClient) DeleteOne(_m *UserAttributeDefinition) *UserAttributeDefinitionDeleteOne {
+	return c.DeleteOneID(_m.ID)
+}
+
+// DeleteOneID returns a builder for deleting the given entity by its id.
+func (c *UserAttributeDefinitionClient) DeleteOneID(id int64) *UserAttributeDefinitionDeleteOne {
+	builder := c.Delete().Where(userattributedefinition.ID(id))
+	builder.mutation.id = &id
+	builder.mutation.op = OpDeleteOne
+	return &UserAttributeDefinitionDeleteOne{builder}
+}
+
+// Query returns a query builder for UserAttributeDefinition.
+func (c *UserAttributeDefinitionClient) Query() *UserAttributeDefinitionQuery {
+	return &UserAttributeDefinitionQuery{
+		config: c.config,
+		ctx:    &QueryContext{Type: TypeUserAttributeDefinition},
+		inters: c.Interceptors(),
+	}
+}
+
+// Get returns a UserAttributeDefinition entity by its id.
+func (c *UserAttributeDefinitionClient) Get(ctx context.Context, id int64) (*UserAttributeDefinition, error) {
+	return c.Query().Where(userattributedefinition.ID(id)).Only(ctx)
+}
+
+// GetX is like Get, but panics if an error occurs.
+func (c *UserAttributeDefinitionClient) GetX(ctx context.Context, id int64) *UserAttributeDefinition {
+	obj, err := c.Get(ctx, id)
+	if err != nil {
+		panic(err)
+	}
+	return obj
+}
+
+// QueryValues queries the values edge of a UserAttributeDefinition.
+func (c *UserAttributeDefinitionClient) QueryValues(_m *UserAttributeDefinition) *UserAttributeValueQuery {
+	query := (&UserAttributeValueClient{config: c.config}).Query()
+	query.path = func(context.Context) (fromV *sql.Selector, _ error) {
+		id := _m.ID
+		step := sqlgraph.NewStep(
+			sqlgraph.From(userattributedefinition.Table, userattributedefinition.FieldID, id),
+			sqlgraph.To(userattributevalue.Table, userattributevalue.FieldID),
+			sqlgraph.Edge(sqlgraph.O2M, false, userattributedefinition.ValuesTable, userattributedefinition.ValuesColumn),
+		)
+		fromV = sqlgraph.Neighbors(_m.driver.Dialect(), step)
+		return fromV, nil
+	}
+	return query
+}
+
+// Hooks returns the client hooks.
+func (c *UserAttributeDefinitionClient) Hooks() []Hook {
+	hooks := c.hooks.UserAttributeDefinition
+	return append(hooks[:len(hooks):len(hooks)], userattributedefinition.Hooks[:]...)
+}
+
+// Interceptors returns the client interceptors.
+func (c *UserAttributeDefinitionClient) Interceptors() []Interceptor {
+	inters := c.inters.UserAttributeDefinition
+	return append(inters[:len(inters):len(inters)], userattributedefinition.Interceptors[:]...)
+}
+
+func (c *UserAttributeDefinitionClient) mutate(ctx context.Context, m *UserAttributeDefinitionMutation) (Value, error) {
+	switch m.Op() {
+	case OpCreate:
+		return (&UserAttributeDefinitionCreate{config: c.config, hooks: c.Hooks(), mutation: m}).Save(ctx)
+	case OpUpdate:
+		return (&UserAttributeDefinitionUpdate{config: c.config, hooks: c.Hooks(), mutation: m}).Save(ctx)
+	case OpUpdateOne:
+		return (&UserAttributeDefinitionUpdateOne{config: c.config, hooks: c.Hooks(), mutation: m}).Save(ctx)
+	case OpDelete, OpDeleteOne:
+		return (&UserAttributeDefinitionDelete{config: c.config, hooks: c.Hooks(), mutation: m}).Exec(ctx)
+	default:
+		return nil, fmt.Errorf("ent: unknown UserAttributeDefinition mutation op: %q", m.Op())
+	}
+}
+
+// UserAttributeValueClient is a client for the UserAttributeValue schema.
+type UserAttributeValueClient struct {
+	config
+}
+
+// NewUserAttributeValueClient returns a client for the UserAttributeValue from the given config.
+func NewUserAttributeValueClient(c config) *UserAttributeValueClient {
+	return &UserAttributeValueClient{config: c}
+}
+
+// Use adds a list of mutation hooks to the hooks stack.
+// A call to `Use(f, g, h)` equals to `userattributevalue.Hooks(f(g(h())))`.
+func (c *UserAttributeValueClient) Use(hooks ...Hook) {
+	c.hooks.UserAttributeValue = append(c.hooks.UserAttributeValue, hooks...)
+}
+
+// Intercept adds a list of query interceptors to the interceptors stack.
+// A call to `Intercept(f, g, h)` equals to `userattributevalue.Intercept(f(g(h())))`.
+func (c *UserAttributeValueClient) Intercept(interceptors ...Interceptor) {
+	c.inters.UserAttributeValue = append(c.inters.UserAttributeValue, interceptors...)
+}
+
+// Create returns a builder for creating a UserAttributeValue entity.
+func (c *UserAttributeValueClient) Create() *UserAttributeValueCreate {
+	mutation := newUserAttributeValueMutation(c.config, OpCreate)
+	return &UserAttributeValueCreate{config: c.config, hooks: c.Hooks(), mutation: mutation}
+}
+
+// CreateBulk returns a builder for creating a bulk of UserAttributeValue entities.
+func (c *UserAttributeValueClient) CreateBulk(builders ...*UserAttributeValueCreate) *UserAttributeValueCreateBulk {
+	return &UserAttributeValueCreateBulk{config: c.config, builders: builders}
+}
+
+// MapCreateBulk creates a bulk creation builder from the given slice. For each item in the slice, the function creates
+// a builder and applies setFunc on it.
+func (c *UserAttributeValueClient) MapCreateBulk(slice any, setFunc func(*UserAttributeValueCreate, int)) *UserAttributeValueCreateBulk {
+	rv := reflect.ValueOf(slice)
+	if rv.Kind() != reflect.Slice {
+		return &UserAttributeValueCreateBulk{err: fmt.Errorf("calling to UserAttributeValueClient.MapCreateBulk with wrong type %T, need slice", slice)}
+	}
+	builders := make([]*UserAttributeValueCreate, rv.Len())
+	for i := 0; i < rv.Len(); i++ {
+		builders[i] = c.Create()
+		setFunc(builders[i], i)
+	}
+	return &UserAttributeValueCreateBulk{config: c.config, builders: builders}
+}
+
+// Update returns an update builder for UserAttributeValue.
+func (c *UserAttributeValueClient) Update() *UserAttributeValueUpdate {
+	mutation := newUserAttributeValueMutation(c.config, OpUpdate)
+	return &UserAttributeValueUpdate{config: c.config, hooks: c.Hooks(), mutation: mutation}
+}
+
+// UpdateOne returns an update builder for the given entity.
+func (c *UserAttributeValueClient) UpdateOne(_m *UserAttributeValue) *UserAttributeValueUpdateOne {
+	mutation := newUserAttributeValueMutation(c.config, OpUpdateOne, withUserAttributeValue(_m))
+	return &UserAttributeValueUpdateOne{config: c.config, hooks: c.Hooks(), mutation: mutation}
+}
+
+// UpdateOneID returns an update builder for the given id.
+func (c *UserAttributeValueClient) UpdateOneID(id int64) *UserAttributeValueUpdateOne {
+	mutation := newUserAttributeValueMutation(c.config, OpUpdateOne, withUserAttributeValueID(id))
+	return &UserAttributeValueUpdateOne{config: c.config, hooks: c.Hooks(), mutation: mutation}
+}
+
+// Delete returns a delete builder for UserAttributeValue.
+func (c *UserAttributeValueClient) Delete() *UserAttributeValueDelete {
+	mutation := newUserAttributeValueMutation(c.config, OpDelete)
+	return &UserAttributeValueDelete{config: c.config, hooks: c.Hooks(), mutation: mutation}
+}
+
+// DeleteOne returns a builder for deleting the given entity.
+func (c *UserAttributeValueClient) DeleteOne(_m *UserAttributeValue) *UserAttributeValueDeleteOne {
+	return c.DeleteOneID(_m.ID)
+}
+
+// DeleteOneID returns a builder for deleting the given entity by its id.
+func (c *UserAttributeValueClient) DeleteOneID(id int64) *UserAttributeValueDeleteOne {
+	builder := c.Delete().Where(userattributevalue.ID(id))
+	builder.mutation.id = &id
+	builder.mutation.op = OpDeleteOne
+	return &UserAttributeValueDeleteOne{builder}
+}
+
+// Query returns a query builder for UserAttributeValue.
+func (c *UserAttributeValueClient) Query() *UserAttributeValueQuery {
+	return &UserAttributeValueQuery{
+		config: c.config,
+		ctx:    &QueryContext{Type: TypeUserAttributeValue},
+		inters: c.Interceptors(),
+	}
+}
+
+// Get returns a UserAttributeValue entity by its id.
+func (c *UserAttributeValueClient) Get(ctx context.Context, id int64) (*UserAttributeValue, error) {
+	return c.Query().Where(userattributevalue.ID(id)).Only(ctx)
+}
+
+// GetX is like Get, but panics if an error occurs.
+func (c *UserAttributeValueClient) GetX(ctx context.Context, id int64) *UserAttributeValue {
+	obj, err := c.Get(ctx, id)
+	if err != nil {
+		panic(err)
+	}
+	return obj
+}
+
+// QueryUser queries the user edge of a UserAttributeValue.
+func (c *UserAttributeValueClient) QueryUser(_m *UserAttributeValue) *UserQuery {
+	query := (&UserClient{config: c.config}).Query()
+	query.path = func(context.Context) (fromV *sql.Selector, _ error) {
+		id := _m.ID
+		step := sqlgraph.NewStep(
+			sqlgraph.From(userattributevalue.Table, userattributevalue.FieldID, id),
+			sqlgraph.To(user.Table, user.FieldID),
+			sqlgraph.Edge(sqlgraph.M2O, true, userattributevalue.UserTable, userattributevalue.UserColumn),
+		)
+		fromV = sqlgraph.Neighbors(_m.driver.Dialect(), step)
+		return fromV, nil
+	}
+	return query
+}
+
+// QueryDefinition queries the definition edge of a UserAttributeValue.
+func (c *UserAttributeValueClient) QueryDefinition(_m *UserAttributeValue) *UserAttributeDefinitionQuery {
+	query := (&UserAttributeDefinitionClient{config: c.config}).Query()
+	query.path = func(context.Context) (fromV *sql.Selector, _ error) {
+		id := _m.ID
+		step := sqlgraph.NewStep(
+			sqlgraph.From(userattributevalue.Table, userattributevalue.FieldID, id),
+			sqlgraph.To(userattributedefinition.Table, userattributedefinition.FieldID),
+			sqlgraph.Edge(sqlgraph.M2O, true, userattributevalue.DefinitionTable, userattributevalue.DefinitionColumn),
+		)
+		fromV = sqlgraph.Neighbors(_m.driver.Dialect(), step)
+		return fromV, nil
+	}
+	return query
+}
+
+// Hooks returns the client hooks.
+func (c *UserAttributeValueClient) Hooks() []Hook {
+	return c.hooks.UserAttributeValue
+}
+
+// Interceptors returns the client interceptors.
+func (c *UserAttributeValueClient) Interceptors() []Interceptor {
+	return c.inters.UserAttributeValue
+}
+
+func (c *UserAttributeValueClient) mutate(ctx context.Context, m *UserAttributeValueMutation) (Value, error) {
+	switch m.Op() {
+	case OpCreate:
+		return (&UserAttributeValueCreate{config: c.config, hooks: c.Hooks(), mutation: m}).Save(ctx)
+	case OpUpdate:
+		return (&UserAttributeValueUpdate{config: c.config, hooks: c.Hooks(), mutation: m}).Save(ctx)
+	case OpUpdateOne:
+		return (&UserAttributeValueUpdateOne{config: c.config, hooks: c.Hooks(), mutation: m}).Save(ctx)
+	case OpDelete, OpDeleteOne:
+		return (&UserAttributeValueDelete{config: c.config, hooks: c.Hooks(), mutation: m}).Exec(ctx)
+	default:
+		return nil, fmt.Errorf("ent: unknown UserAttributeValue mutation op: %q", m.Op())
+	}
+}
+
 // UserSubscriptionClient is a client for the UserSubscription schema.
 type UserSubscriptionClient struct {
 	config
@@ -2277,12 +2627,14 @@ func (c *UserSubscriptionClient) mutate(ctx context.Context, m *UserSubscription
 // hooks and interceptors per client, for fast access.
 type (
 	hooks struct {
-		Account, AccountGroup, ApiKey, Group, Proxy, RedeemCode, Setting, UsageLog,
-		User, UserAllowedGroup, UserSubscription []ent.Hook
+		APIKey, Account, AccountGroup, Group, Proxy, RedeemCode, Setting, UsageLog,
+		User, UserAllowedGroup, UserAttributeDefinition, UserAttributeValue,
+		UserSubscription []ent.Hook
 	}
 	inters struct {
-		Account, AccountGroup, ApiKey, Group, Proxy, RedeemCode, Setting, UsageLog,
-		User, UserAllowedGroup, UserSubscription []ent.Interceptor
+		APIKey, Account, AccountGroup, Group, Proxy, RedeemCode, Setting, UsageLog,
+		User, UserAllowedGroup, UserAttributeDefinition, UserAttributeValue,
+		UserSubscription []ent.Interceptor
 	}
 )

--- a/backend/ent/ent.go
+++ b/backend/ent/ent.go
@@ -22,6 +22,8 @@ import (
 	"github.com/Wei-Shaw/sub2api/ent/usagelog"
 	"github.com/Wei-Shaw/sub2api/ent/user"
 	"github.com/Wei-Shaw/sub2api/ent/userallowedgroup"
+	"github.com/Wei-Shaw/sub2api/ent/userattributedefinition"
+	"github.com/Wei-Shaw/sub2api/ent/userattributevalue"
 	"github.com/Wei-Shaw/sub2api/ent/usersubscription"
 )

@@ -83,17 +85,19 @@ var (
 func checkColumn(t, c string) error {
 	initCheck.Do(func() {
 		columnCheck = sql.NewColumnCheck(map[string]func(string) bool{
-			account.Table:          account.ValidColumn,
-			accountgroup.Table:     accountgroup.ValidColumn,
-			apikey.Table:           apikey.ValidColumn,
-			group.Table:            group.ValidColumn,
-			proxy.Table:            proxy.ValidColumn,
-			redeemcode.Table:       redeemcode.ValidColumn,
-			setting.Table:          setting.ValidColumn,
-			usagelog.Table:         usagelog.ValidColumn,
-			user.Table:             user.ValidColumn,
-			userallowedgroup.Table: userallowedgroup.ValidColumn,
-			usersubscription.Table: usersubscription.ValidColumn,
+			apikey.Table:                  apikey.ValidColumn,
+			account.Table:                 account.ValidColumn,
+			accountgroup.Table:            accountgroup.ValidColumn,
+			group.Table:                   group.ValidColumn,
+			proxy.Table:                   proxy.ValidColumn,
+			redeemcode.Table:              redeemcode.ValidColumn,
+			setting.Table:                 setting.ValidColumn,
+			usagelog.Table:                usagelog.ValidColumn,
+			user.Table:                    user.ValidColumn,
+			userallowedgroup.Table:        userallowedgroup.ValidColumn,
+			userattributedefinition.Table: userattributedefinition.ValidColumn,
+			userattributevalue.Table:      userattributevalue.ValidColumn,
+			usersubscription.Table:        usersubscription.ValidColumn,
 		})
 	})
 	return columnCheck(t, c)
--- a/backend/ent/generate.go
+++ b/backend/ent/generate.go
@@ -1,3 +1,4 @@
+// Package ent provides the generated ORM code for database entities.
 package ent

 // 启用 sql/execquery 以生成 ExecContext/QueryContext 的透传接口，便于事务内执行原生 SQL。
--- a/backend/ent/group.go
+++ b/backend/ent/group.go
@@ -45,6 +45,12 @@ type Group struct {
 	MonthlyLimitUsd *float64 `json:"monthly_limit_usd,omitempty"`
 	// DefaultValidityDays holds the value of the "default_validity_days" field.
 	DefaultValidityDays int `json:"default_validity_days,omitempty"`
+	// ImagePrice1k holds the value of the "image_price_1k" field.
+	ImagePrice1k *float64 `json:"image_price_1k,omitempty"`
+	// ImagePrice2k holds the value of the "image_price_2k" field.
+	ImagePrice2k *float64 `json:"image_price_2k,omitempty"`
+	// ImagePrice4k holds the value of the "image_price_4k" field.
+	ImagePrice4k *float64 `json:"image_price_4k,omitempty"`
 	// Edges holds the relations/edges for other nodes in the graph.
 	// The values are being populated by the GroupQuery when eager-loading is set.
 	Edges        GroupEdges `json:"edges"`
@@ -54,7 +60,7 @@ type Group struct {
 // GroupEdges holds the relations/edges for other nodes in the graph.
 type GroupEdges struct {
 	// APIKeys holds the value of the api_keys edge.
-	APIKeys []*ApiKey `json:"api_keys,omitempty"`
+	APIKeys []*APIKey `json:"api_keys,omitempty"`
 	// RedeemCodes holds the value of the redeem_codes edge.
 	RedeemCodes []*RedeemCode `json:"redeem_codes,omitempty"`
 	// Subscriptions holds the value of the subscriptions edge.
@@ -76,7 +82,7 @@ type GroupEdges struct {

 // APIKeysOrErr returns the APIKeys value or an error if the edge
 // was not loaded in eager-loading.
-func (e GroupEdges) APIKeysOrErr() ([]*ApiKey, error) {
+func (e GroupEdges) APIKeysOrErr() ([]*APIKey, error) {
 	if e.loadedTypes[0] {
 		return e.APIKeys, nil
 	}
@@ -153,7 +159,7 @@ func (*Group) scanValues(columns []string) ([]any, error) {
 		switch columns[i] {
 		case group.FieldIsExclusive:
 			values[i] = new(sql.NullBool)
-		case group.FieldRateMultiplier, group.FieldDailyLimitUsd, group.FieldWeeklyLimitUsd, group.FieldMonthlyLimitUsd:
+		case group.FieldRateMultiplier, group.FieldDailyLimitUsd, group.FieldWeeklyLimitUsd, group.FieldMonthlyLimitUsd, group.FieldImagePrice1k, group.FieldImagePrice2k, group.FieldImagePrice4k:
 			values[i] = new(sql.NullFloat64)
 		case group.FieldID, group.FieldDefaultValidityDays:
 			values[i] = new(sql.NullInt64)
@@ -271,6 +277,27 @@ func (_m *Group) assignValues(columns []string, values []any) error {
 			} else if value.Valid {
 				_m.DefaultValidityDays = int(value.Int64)
 			}
+		case group.FieldImagePrice1k:
+			if value, ok := values[i].(*sql.NullFloat64); !ok {
+				return fmt.Errorf("unexpected type %T for field image_price_1k", values[i])
+			} else if value.Valid {
+				_m.ImagePrice1k = new(float64)
+				*_m.ImagePrice1k = value.Float64
+			}
+		case group.FieldImagePrice2k:
+			if value, ok := values[i].(*sql.NullFloat64); !ok {
+				return fmt.Errorf("unexpected type %T for field image_price_2k", values[i])
+			} else if value.Valid {
+				_m.ImagePrice2k = new(float64)
+				*_m.ImagePrice2k = value.Float64
+			}
+		case group.FieldImagePrice4k:
+			if value, ok := values[i].(*sql.NullFloat64); !ok {
+				return fmt.Errorf("unexpected type %T for field image_price_4k", values[i])
+			} else if value.Valid {
+				_m.ImagePrice4k = new(float64)
+				*_m.ImagePrice4k = value.Float64
+			}
 		default:
 			_m.selectValues.Set(columns[i], values[i])
 		}
@@ -285,7 +312,7 @@ func (_m *Group) Value(name string) (ent.Value, error) {
 }

 // QueryAPIKeys queries the "api_keys" edge of the Group entity.
-func (_m *Group) QueryAPIKeys() *ApiKeyQuery {
+func (_m *Group) QueryAPIKeys() *APIKeyQuery {
 	return NewGroupClient(_m.config).QueryAPIKeys(_m)
 }

@@ -398,6 +425,21 @@ func (_m *Group) String() string {
 	builder.WriteString(", ")
 	builder.WriteString("default_validity_days=")
 	builder.WriteString(fmt.Sprintf("%v", _m.DefaultValidityDays))
+	builder.WriteString(", ")
+	if v := _m.ImagePrice1k; v != nil {
+		builder.WriteString("image_price_1k=")
+		builder.WriteString(fmt.Sprintf("%v", *v))
+	}
+	builder.WriteString(", ")
+	if v := _m.ImagePrice2k; v != nil {
+		builder.WriteString("image_price_2k=")
+		builder.WriteString(fmt.Sprintf("%v", *v))
+	}
+	builder.WriteString(", ")
+	if v := _m.ImagePrice4k; v != nil {
+		builder.WriteString("image_price_4k=")
+		builder.WriteString(fmt.Sprintf("%v", *v))
+	}
 	builder.WriteByte(')')
 	return builder.String()
 }
--- a/backend/ent/group/group.go
+++ b/backend/ent/group/group.go
@@ -43,6 +43,12 @@ const (
 	FieldMonthlyLimitUsd = "monthly_limit_usd"
 	// FieldDefaultValidityDays holds the string denoting the default_validity_days field in the database.
 	FieldDefaultValidityDays = "default_validity_days"
+	// FieldImagePrice1k holds the string denoting the image_price_1k field in the database.
+	FieldImagePrice1k = "image_price_1k"
+	// FieldImagePrice2k holds the string denoting the image_price_2k field in the database.
+	FieldImagePrice2k = "image_price_2k"
+	// FieldImagePrice4k holds the string denoting the image_price_4k field in the database.
+	FieldImagePrice4k = "image_price_4k"
 	// EdgeAPIKeys holds the string denoting the api_keys edge name in mutations.
 	EdgeAPIKeys = "api_keys"
 	// EdgeRedeemCodes holds the string denoting the redeem_codes edge name in mutations.
@@ -63,7 +69,7 @@ const (
 	Table = "groups"
 	// APIKeysTable is the table that holds the api_keys relation/edge.
 	APIKeysTable = "api_keys"
-	// APIKeysInverseTable is the table name for the ApiKey entity.
+	// APIKeysInverseTable is the table name for the APIKey entity.
 	// It exists in this package in order to avoid circular dependency with the "apikey" package.
 	APIKeysInverseTable = "api_keys"
 	// APIKeysColumn is the table column denoting the api_keys relation/edge.
@@ -132,6 +138,9 @@ var Columns = []string{
 	FieldWeeklyLimitUsd,
 	FieldMonthlyLimitUsd,
 	FieldDefaultValidityDays,
+	FieldImagePrice1k,
+	FieldImagePrice2k,
+	FieldImagePrice4k,
 }

 var (
@@ -267,6 +276,21 @@ func ByDefaultValidityDays(opts ...sql.OrderTermOption) OrderOption {
 	return sql.OrderByField(FieldDefaultValidityDays, opts...).ToFunc()
 }

+// ByImagePrice1k orders the results by the image_price_1k field.
+func ByImagePrice1k(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldImagePrice1k, opts...).ToFunc()
+}
+
+// ByImagePrice2k orders the results by the image_price_2k field.
+func ByImagePrice2k(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldImagePrice2k, opts...).ToFunc()
+}
+
+// ByImagePrice4k orders the results by the image_price_4k field.
+func ByImagePrice4k(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldImagePrice4k, opts...).ToFunc()
+}
+
 // ByAPIKeysCount orders the results by api_keys count.
 func ByAPIKeysCount(opts ...sql.OrderTermOption) OrderOption {
 	return func(s *sql.Selector) {
--- a/backend/ent/group/where.go
+++ b/backend/ent/group/where.go
@@ -125,6 +125,21 @@ func DefaultValidityDays(v int) predicate.Group {
 	return predicate.Group(sql.FieldEQ(FieldDefaultValidityDays, v))
 }

+// ImagePrice1k applies equality check predicate on the "image_price_1k" field. It's identical to ImagePrice1kEQ.
+func ImagePrice1k(v float64) predicate.Group {
+	return predicate.Group(sql.FieldEQ(FieldImagePrice1k, v))
+}
+
+// ImagePrice2k applies equality check predicate on the "image_price_2k" field. It's identical to ImagePrice2kEQ.
+func ImagePrice2k(v float64) predicate.Group {
+	return predicate.Group(sql.FieldEQ(FieldImagePrice2k, v))
+}
+
+// ImagePrice4k applies equality check predicate on the "image_price_4k" field. It's identical to ImagePrice4kEQ.
+func ImagePrice4k(v float64) predicate.Group {
+	return predicate.Group(sql.FieldEQ(FieldImagePrice4k, v))
+}
+
 // CreatedAtEQ applies the EQ predicate on the "created_at" field.
 func CreatedAtEQ(v time.Time) predicate.Group {
 	return predicate.Group(sql.FieldEQ(FieldCreatedAt, v))
@@ -830,6 +845,156 @@ func DefaultValidityDaysLTE(v int) predicate.Group {
 	return predicate.Group(sql.FieldLTE(FieldDefaultValidityDays, v))
 }

+// ImagePrice1kEQ applies the EQ predicate on the "image_price_1k" field.
+func ImagePrice1kEQ(v float64) predicate.Group {
+	return predicate.Group(sql.FieldEQ(FieldImagePrice1k, v))
+}
+
+// ImagePrice1kNEQ applies the NEQ predicate on the "image_price_1k" field.
+func ImagePrice1kNEQ(v float64) predicate.Group {
+	return predicate.Group(sql.FieldNEQ(FieldImagePrice1k, v))
+}
+
+// ImagePrice1kIn applies the In predicate on the "image_price_1k" field.
+func ImagePrice1kIn(vs ...float64) predicate.Group {
+	return predicate.Group(sql.FieldIn(FieldImagePrice1k, vs...))
+}
+
+// ImagePrice1kNotIn applies the NotIn predicate on the "image_price_1k" field.
+func ImagePrice1kNotIn(vs ...float64) predicate.Group {
+	return predicate.Group(sql.FieldNotIn(FieldImagePrice1k, vs...))
+}
+
+// ImagePrice1kGT applies the GT predicate on the "image_price_1k" field.
+func ImagePrice1kGT(v float64) predicate.Group {
+	return predicate.Group(sql.FieldGT(FieldImagePrice1k, v))
+}
+
+// ImagePrice1kGTE applies the GTE predicate on the "image_price_1k" field.
+func ImagePrice1kGTE(v float64) predicate.Group {
+	return predicate.Group(sql.FieldGTE(FieldImagePrice1k, v))
+}
+
+// ImagePrice1kLT applies the LT predicate on the "image_price_1k" field.
+func ImagePrice1kLT(v float64) predicate.Group {
+	return predicate.Group(sql.FieldLT(FieldImagePrice1k, v))
+}
+
+// ImagePrice1kLTE applies the LTE predicate on the "image_price_1k" field.
+func ImagePrice1kLTE(v float64) predicate.Group {
+	return predicate.Group(sql.FieldLTE(FieldImagePrice1k, v))
+}
+
+// ImagePrice1kIsNil applies the IsNil predicate on the "image_price_1k" field.
+func ImagePrice1kIsNil() predicate.Group {
+	return predicate.Group(sql.FieldIsNull(FieldImagePrice1k))
+}
+
+// ImagePrice1kNotNil applies the NotNil predicate on the "image_price_1k" field.
+func ImagePrice1kNotNil() predicate.Group {
+	return predicate.Group(sql.FieldNotNull(FieldImagePrice1k))
+}
+
+// ImagePrice2kEQ applies the EQ predicate on the "image_price_2k" field.
+func ImagePrice2kEQ(v float64) predicate.Group {
+	return predicate.Group(sql.FieldEQ(FieldImagePrice2k, v))
+}
+
+// ImagePrice2kNEQ applies the NEQ predicate on the "image_price_2k" field.
+func ImagePrice2kNEQ(v float64) predicate.Group {
+	return predicate.Group(sql.FieldNEQ(FieldImagePrice2k, v))
+}
+
+// ImagePrice2kIn applies the In predicate on the "image_price_2k" field.
+func ImagePrice2kIn(vs ...float64) predicate.Group {
+	return predicate.Group(sql.FieldIn(FieldImagePrice2k, vs...))
+}
+
+// ImagePrice2kNotIn applies the NotIn predicate on the "image_price_2k" field.
+func ImagePrice2kNotIn(vs ...float64) predicate.Group {
+	return predicate.Group(sql.FieldNotIn(FieldImagePrice2k, vs...))
+}
+
+// ImagePrice2kGT applies the GT predicate on the "image_price_2k" field.
+func ImagePrice2kGT(v float64) predicate.Group {
+	return predicate.Group(sql.FieldGT(FieldImagePrice2k, v))
+}
+
+// ImagePrice2kGTE applies the GTE predicate on the "image_price_2k" field.
+func ImagePrice2kGTE(v float64) predicate.Group {
+	return predicate.Group(sql.FieldGTE(FieldImagePrice2k, v))
+}
+
+// ImagePrice2kLT applies the LT predicate on the "image_price_2k" field.
+func ImagePrice2kLT(v float64) predicate.Group {
+	return predicate.Group(sql.FieldLT(FieldImagePrice2k, v))
+}
+
+// ImagePrice2kLTE applies the LTE predicate on the "image_price_2k" field.
+func ImagePrice2kLTE(v float64) predicate.Group {
+	return predicate.Group(sql.FieldLTE(FieldImagePrice2k, v))
+}
+
+// ImagePrice2kIsNil applies the IsNil predicate on the "image_price_2k" field.
+func ImagePrice2kIsNil() predicate.Group {
+	return predicate.Group(sql.FieldIsNull(FieldImagePrice2k))
+}
+
+// ImagePrice2kNotNil applies the NotNil predicate on the "image_price_2k" field.
+func ImagePrice2kNotNil() predicate.Group {
+	return predicate.Group(sql.FieldNotNull(FieldImagePrice2k))
+}
+
+// ImagePrice4kEQ applies the EQ predicate on the "image_price_4k" field.
+func ImagePrice4kEQ(v float64) predicate.Group {
+	return predicate.Group(sql.FieldEQ(FieldImagePrice4k, v))
+}
+
+// ImagePrice4kNEQ applies the NEQ predicate on the "image_price_4k" field.
+func ImagePrice4kNEQ(v float64) predicate.Group {
+	return predicate.Group(sql.FieldNEQ(FieldImagePrice4k, v))
+}
+
+// ImagePrice4kIn applies the In predicate on the "image_price_4k" field.
+func ImagePrice4kIn(vs ...float64) predicate.Group {
+	return predicate.Group(sql.FieldIn(FieldImagePrice4k, vs...))
+}
+
+// ImagePrice4kNotIn applies the NotIn predicate on the "image_price_4k" field.
+func ImagePrice4kNotIn(vs ...float64) predicate.Group {
+	return predicate.Group(sql.FieldNotIn(FieldImagePrice4k, vs...))
+}
+
+// ImagePrice4kGT applies the GT predicate on the "image_price_4k" field.
+func ImagePrice4kGT(v float64) predicate.Group {
+	return predicate.Group(sql.FieldGT(FieldImagePrice4k, v))
+}
+
+// ImagePrice4kGTE applies the GTE predicate on the "image_price_4k" field.
+func ImagePrice4kGTE(v float64) predicate.Group {
+	return predicate.Group(sql.FieldGTE(FieldImagePrice4k, v))
+}
+
+// ImagePrice4kLT applies the LT predicate on the "image_price_4k" field.
+func ImagePrice4kLT(v float64) predicate.Group {
+	return predicate.Group(sql.FieldLT(FieldImagePrice4k, v))
+}
+
+// ImagePrice4kLTE applies the LTE predicate on the "image_price_4k" field.
+func ImagePrice4kLTE(v float64) predicate.Group {
+	return predicate.Group(sql.FieldLTE(FieldImagePrice4k, v))
+}
+
+// ImagePrice4kIsNil applies the IsNil predicate on the "image_price_4k" field.
+func ImagePrice4kIsNil() predicate.Group {
+	return predicate.Group(sql.FieldIsNull(FieldImagePrice4k))
+}
+
+// ImagePrice4kNotNil applies the NotNil predicate on the "image_price_4k" field.
+func ImagePrice4kNotNil() predicate.Group {
+	return predicate.Group(sql.FieldNotNull(FieldImagePrice4k))
+}
+
 // HasAPIKeys applies the HasEdge predicate on the "api_keys" edge.
 func HasAPIKeys() predicate.Group {
 	return predicate.Group(func(s *sql.Selector) {
@@ -842,7 +1007,7 @@ func HasAPIKeys() predicate.Group {
 }

 // HasAPIKeysWith applies the HasEdge predicate on the "api_keys" edge with a given conditions (other predicates).
-func HasAPIKeysWith(preds ...predicate.ApiKey) predicate.Group {
+func HasAPIKeysWith(preds ...predicate.APIKey) predicate.Group {
 	return predicate.Group(func(s *sql.Selector) {
 		step := newAPIKeysStep()
 		sqlgraph.HasNeighborsWith(s, step, func(s *sql.Selector) {
--- a/backend/ent/group_create.go
+++ b/backend/ent/group_create.go
@@ -216,14 +216,56 @@ func (_c *GroupCreate) SetNillableDefaultValidityDays(v *int) *GroupCreate {
 	return _c
 }

-// AddAPIKeyIDs adds the "api_keys" edge to the ApiKey entity by IDs.
+// SetImagePrice1k sets the "image_price_1k" field.
+func (_c *GroupCreate) SetImagePrice1k(v float64) *GroupCreate {
+	_c.mutation.SetImagePrice1k(v)
+	return _c
+}
+
+// SetNillableImagePrice1k sets the "image_price_1k" field if the given value is not nil.
+func (_c *GroupCreate) SetNillableImagePrice1k(v *float64) *GroupCreate {
+	if v != nil {
+		_c.SetImagePrice1k(*v)
+	}
+	return _c
+}
+
+// SetImagePrice2k sets the "image_price_2k" field.
+func (_c *GroupCreate) SetImagePrice2k(v float64) *GroupCreate {
+	_c.mutation.SetImagePrice2k(v)
+	return _c
+}
+
+// SetNillableImagePrice2k sets the "image_price_2k" field if the given value is not nil.
+func (_c *GroupCreate) SetNillableImagePrice2k(v *float64) *GroupCreate {
+	if v != nil {
+		_c.SetImagePrice2k(*v)
+	}
+	return _c
+}
+
+// SetImagePrice4k sets the "image_price_4k" field.
+func (_c *GroupCreate) SetImagePrice4k(v float64) *GroupCreate {
+	_c.mutation.SetImagePrice4k(v)
+	return _c
+}
+
+// SetNillableImagePrice4k sets the "image_price_4k" field if the given value is not nil.
+func (_c *GroupCreate) SetNillableImagePrice4k(v *float64) *GroupCreate {
+	if v != nil {
+		_c.SetImagePrice4k(*v)
+	}
+	return _c
+}
+
+// AddAPIKeyIDs adds the "api_keys" edge to the APIKey entity by IDs.
 func (_c *GroupCreate) AddAPIKeyIDs(ids ...int64) *GroupCreate {
 	_c.mutation.AddAPIKeyIDs(ids...)
 	return _c
 }

-// AddAPIKeys adds the "api_keys" edges to the ApiKey entity.
-func (_c *GroupCreate) AddAPIKeys(v ...*ApiKey) *GroupCreate {
+// AddAPIKeys adds the "api_keys" edges to the APIKey entity.
+func (_c *GroupCreate) AddAPIKeys(v ...*APIKey) *GroupCreate {
 	ids := make([]int64, len(v))
 	for i := range v {
 		ids[i] = v[i].ID
@@ -516,6 +558,18 @@ func (_c *GroupCreate) createSpec() (*Group, *sqlgraph.CreateSpec) {
 		_spec.SetField(group.FieldDefaultValidityDays, field.TypeInt, value)
 		_node.DefaultValidityDays = value
 	}
+	if value, ok := _c.mutation.ImagePrice1k(); ok {
+		_spec.SetField(group.FieldImagePrice1k, field.TypeFloat64, value)
+		_node.ImagePrice1k = &value
+	}
+	if value, ok := _c.mutation.ImagePrice2k(); ok {
+		_spec.SetField(group.FieldImagePrice2k, field.TypeFloat64, value)
+		_node.ImagePrice2k = &value
+	}
+	if value, ok := _c.mutation.ImagePrice4k(); ok {
+		_spec.SetField(group.FieldImagePrice4k, field.TypeFloat64, value)
+		_node.ImagePrice4k = &value
+	}
 	if nodes := _c.mutation.APIKeysIDs(); len(nodes) > 0 {
 		edge := &sqlgraph.EdgeSpec{
 			Rel:     sqlgraph.O2M,
@@ -888,6 +942,78 @@ func (u *GroupUpsert) AddDefaultValidityDays(v int) *GroupUpsert {
 	return u
 }

+// SetImagePrice1k sets the "image_price_1k" field.
+func (u *GroupUpsert) SetImagePrice1k(v float64) *GroupUpsert {
+	u.Set(group.FieldImagePrice1k, v)
+	return u
+}
+
+// UpdateImagePrice1k sets the "image_price_1k" field to the value that was provided on create.
+func (u *GroupUpsert) UpdateImagePrice1k() *GroupUpsert {
+	u.SetExcluded(group.FieldImagePrice1k)
+	return u
+}
+
+// AddImagePrice1k adds v to the "image_price_1k" field.
+func (u *GroupUpsert) AddImagePrice1k(v float64) *GroupUpsert {
+	u.Add(group.FieldImagePrice1k, v)
+	return u
+}
+
+// ClearImagePrice1k clears the value of the "image_price_1k" field.
+func (u *GroupUpsert) ClearImagePrice1k() *GroupUpsert {
+	u.SetNull(group.FieldImagePrice1k)
+	return u
+}
+
+// SetImagePrice2k sets the "image_price_2k" field.
+func (u *GroupUpsert) SetImagePrice2k(v float64) *GroupUpsert {
+	u.Set(group.FieldImagePrice2k, v)
+	return u
+}
+
+// UpdateImagePrice2k sets the "image_price_2k" field to the value that was provided on create.
+func (u *GroupUpsert) UpdateImagePrice2k() *GroupUpsert {
+	u.SetExcluded(group.FieldImagePrice2k)
+	return u
+}
+
+// AddImagePrice2k adds v to the "image_price_2k" field.
+func (u *GroupUpsert) AddImagePrice2k(v float64) *GroupUpsert {
+	u.Add(group.FieldImagePrice2k, v)
+	return u
+}
+
+// ClearImagePrice2k clears the value of the "image_price_2k" field.
+func (u *GroupUpsert) ClearImagePrice2k() *GroupUpsert {
+	u.SetNull(group.FieldImagePrice2k)
+	return u
+}
+
+// SetImagePrice4k sets the "image_price_4k" field.
+func (u *GroupUpsert) SetImagePrice4k(v float64) *GroupUpsert {
+	u.Set(group.FieldImagePrice4k, v)
+	return u
+}
+
+// UpdateImagePrice4k sets the "image_price_4k" field to the value that was provided on create.
+func (u *GroupUpsert) UpdateImagePrice4k() *GroupUpsert {
+	u.SetExcluded(group.FieldImagePrice4k)
+	return u
+}
+
+// AddImagePrice4k adds v to the "image_price_4k" field.
+func (u *GroupUpsert) AddImagePrice4k(v float64) *GroupUpsert {
+	u.Add(group.FieldImagePrice4k, v)
+	return u
+}
+
+// ClearImagePrice4k clears the value of the "image_price_4k" field.
+func (u *GroupUpsert) ClearImagePrice4k() *GroupUpsert {
+	u.SetNull(group.FieldImagePrice4k)
+	return u
+}
+
 // UpdateNewValues updates the mutable fields using the new values that were set on create.
 // Using this option is equivalent to using:
 //
@@ -1185,6 +1311,90 @@ func (u *GroupUpsertOne) UpdateDefaultValidityDays() *GroupUpsertOne {
 	})
 }

+// SetImagePrice1k sets the "image_price_1k" field.
+func (u *GroupUpsertOne) SetImagePrice1k(v float64) *GroupUpsertOne {
+	return u.Update(func(s *GroupUpsert) {
+		s.SetImagePrice1k(v)
+	})
+}
+
+// AddImagePrice1k adds v to the "image_price_1k" field.
+func (u *GroupUpsertOne) AddImagePrice1k(v float64) *GroupUpsertOne {
+	return u.Update(func(s *GroupUpsert) {
+		s.AddImagePrice1k(v)
+	})
+}
+
+// UpdateImagePrice1k sets the "image_price_1k" field to the value that was provided on create.
+func (u *GroupUpsertOne) UpdateImagePrice1k() *GroupUpsertOne {
+	return u.Update(func(s *GroupUpsert) {
+		s.UpdateImagePrice1k()
+	})
+}
+
+// ClearImagePrice1k clears the value of the "image_price_1k" field.
+func (u *GroupUpsertOne) ClearImagePrice1k() *GroupUpsertOne {
+	return u.Update(func(s *GroupUpsert) {
+		s.ClearImagePrice1k()
+	})
+}
+
+// SetImagePrice2k sets the "image_price_2k" field.
+func (u *GroupUpsertOne) SetImagePrice2k(v float64) *GroupUpsertOne {
+	return u.Update(func(s *GroupUpsert) {
+		s.SetImagePrice2k(v)
+	})
+}
+
+// AddImagePrice2k adds v to the "image_price_2k" field.
+func (u *GroupUpsertOne) AddImagePrice2k(v float64) *GroupUpsertOne {
+	return u.Update(func(s *GroupUpsert) {
+		s.AddImagePrice2k(v)
+	})
+}
+
+// UpdateImagePrice2k sets the "image_price_2k" field to the value that was provided on create.
+func (u *GroupUpsertOne) UpdateImagePrice2k() *GroupUpsertOne {
+	return u.Update(func(s *GroupUpsert) {
+		s.UpdateImagePrice2k()
+	})
+}
+
+// ClearImagePrice2k clears the value of the "image_price_2k" field.
+func (u *GroupUpsertOne) ClearImagePrice2k() *GroupUpsertOne {
+	return u.Update(func(s *GroupUpsert) {
+		s.ClearImagePrice2k()
+	})
+}
+
+// SetImagePrice4k sets the "image_price_4k" field.
+func (u *GroupUpsertOne) SetImagePrice4k(v float64) *GroupUpsertOne {
+	return u.Update(func(s *GroupUpsert) {
+		s.SetImagePrice4k(v)
+	})
+}
+
+// AddImagePrice4k adds v to the "image_price_4k" field.
+func (u *GroupUpsertOne) AddImagePrice4k(v float64) *GroupUpsertOne {
+	return u.Update(func(s *GroupUpsert) {
+		s.AddImagePrice4k(v)
+	})
+}
+
+// UpdateImagePrice4k sets the "image_price_4k" field to the value that was provided on create.
+func (u *GroupUpsertOne) UpdateImagePrice4k() *GroupUpsertOne {
+	return u.Update(func(s *GroupUpsert) {
+		s.UpdateImagePrice4k()
+	})
+}
+
+// ClearImagePrice4k clears the value of the "image_price_4k" field.
+func (u *GroupUpsertOne) ClearImagePrice4k() *GroupUpsertOne {
+	return u.Update(func(s *GroupUpsert) {
+		s.ClearImagePrice4k()
+	})
+}
+
 // Exec executes the query.
 func (u *GroupUpsertOne) Exec(ctx context.Context) error {
 	if len(u.create.conflict) == 0 {
@@ -1648,6 +1858,90 @@ func (u *GroupUpsertBulk) UpdateDefaultValidityDays() *GroupUpsertBulk {
 	})
 }

+// SetImagePrice1k sets the "image_price_1k" field.
+func (u *GroupUpsertBulk) SetImagePrice1k(v float64) *GroupUpsertBulk {
+	return u.Update(func(s *GroupUpsert) {
+		s.SetImagePrice1k(v)
+	})
+}
+
+// AddImagePrice1k adds v to the "image_price_1k" field.
+func (u *GroupUpsertBulk) AddImagePrice1k(v float64) *GroupUpsertBulk {
+	return u.Update(func(s *GroupUpsert) {
+		s.AddImagePrice1k(v)
+	})
+}
+
+// UpdateImagePrice1k sets the "image_price_1k" field to the value that was provided on create.
+func (u *GroupUpsertBulk) UpdateImagePrice1k() *GroupUpsertBulk {
+	return u.Update(func(s *GroupUpsert) {
+		s.UpdateImagePrice1k()
+	})
+}
+
+// ClearImagePrice1k clears the value of the "image_price_1k" field.
+func (u *GroupUpsertBulk) ClearImagePrice1k() *GroupUpsertBulk {
+	return u.Update(func(s *GroupUpsert) {
+		s.ClearImagePrice1k()
+	})
+}
+
+// SetImagePrice2k sets the "image_price_2k" field.
+func (u *GroupUpsertBulk) SetImagePrice2k(v float64) *GroupUpsertBulk {
+	return u.Update(func(s *GroupUpsert) {
+		s.SetImagePrice2k(v)
+	})
+}
+
+// AddImagePrice2k adds v to the "image_price_2k" field.
+func (u *GroupUpsertBulk) AddImagePrice2k(v float64) *GroupUpsertBulk {
+	return u.Update(func(s *GroupUpsert) {
+		s.AddImagePrice2k(v)
+	})
+}
+
+// UpdateImagePrice2k sets the "image_price_2k" field to the value that was provided on create.
+func (u *GroupUpsertBulk) UpdateImagePrice2k() *GroupUpsertBulk {
+	return u.Update(func(s *GroupUpsert) {
+		s.UpdateImagePrice2k()
+	})
+}
+
+// ClearImagePrice2k clears the value of the "image_price_2k" field.
+func (u *GroupUpsertBulk) ClearImagePrice2k() *GroupUpsertBulk {
+	return u.Update(func(s *GroupUpsert) {
+		s.ClearImagePrice2k()
+	})
+}
+
+// SetImagePrice4k sets the "image_price_4k" field.
+func (u *GroupUpsertBulk) SetImagePrice4k(v float64) *GroupUpsertBulk {
+	return u.Update(func(s *GroupUpsert) {
+		s.SetImagePrice4k(v)
+	})
+}
+
+// AddImagePrice4k adds v to the "image_price_4k" field.
+func (u *GroupUpsertBulk) AddImagePrice4k(v float64) *GroupUpsertBulk {
+	return u.Update(func(s *GroupUpsert) {
+		s.AddImagePrice4k(v)
+	})
+}
+
+// UpdateImagePrice4k sets the "image_price_4k" field to the value that was provided on create.
+func (u *GroupUpsertBulk) UpdateImagePrice4k() *GroupUpsertBulk {
+	return u.Update(func(s *GroupUpsert) {
+		s.UpdateImagePrice4k()
+	})
+}
+
+// ClearImagePrice4k clears the value of the "image_price_4k" field.
+func (u *GroupUpsertBulk) ClearImagePrice4k() *GroupUpsertBulk {
+	return u.Update(func(s *GroupUpsert) {
+		s.ClearImagePrice4k()
+	})
+}
+
 // Exec executes the query.
 func (u *GroupUpsertBulk) Exec(ctx context.Context) error {
 	if u.create.err != nil {
--- a/backend/ent/group_query.go
+++ b/backend/ent/group_query.go
@@ -31,7 +31,7 @@ type GroupQuery struct {
 	order                 []group.OrderOption
 	inters                []Interceptor
 	predicates            []predicate.Group
-	withAPIKeys           *ApiKeyQuery
+	withAPIKeys           *APIKeyQuery
 	withRedeemCodes       *RedeemCodeQuery
 	withSubscriptions     *UserSubscriptionQuery
 	withUsageLogs         *UsageLogQuery
@@ -76,8 +76,8 @@ func (_q *GroupQuery) Order(o ...group.OrderOption) *GroupQuery {
 }

 // QueryAPIKeys chains the current query on the "api_keys" edge.
-func (_q *GroupQuery) QueryAPIKeys() *ApiKeyQuery {
-	query := (&ApiKeyClient{config: _q.config}).Query()
+func (_q *GroupQuery) QueryAPIKeys() *APIKeyQuery {
+	query := (&APIKeyClient{config: _q.config}).Query()
 	query.path = func(ctx context.Context) (fromU *sql.Selector, err error) {
 		if err := _q.prepareQuery(ctx); err != nil {
 			return nil, err
@@ -459,8 +459,8 @@ func (_q *GroupQuery) Clone() *GroupQuery {

 // WithAPIKeys tells the query-builder to eager-load the nodes that are connected to
 // the "api_keys" edge. The optional arguments are used to configure the query builder of the edge.
-func (_q *GroupQuery) WithAPIKeys(opts ...func(*ApiKeyQuery)) *GroupQuery {
-	query := (&ApiKeyClient{config: _q.config}).Query()
+func (_q *GroupQuery) WithAPIKeys(opts ...func(*APIKeyQuery)) *GroupQuery {
+	query := (&APIKeyClient{config: _q.config}).Query()
 	for _, opt := range opts {
 		opt(query)
 	}
@@ -654,8 +654,8 @@ func (_q *GroupQuery) sqlAll(ctx context.Context, hooks ...queryHook) ([]*Group,
 	}
 	if query := _q.withAPIKeys; query != nil {
 		if err := _q.loadAPIKeys(ctx, query, nodes,
-			func(n *Group) { n.Edges.APIKeys = []*ApiKey{} },
-			func(n *Group, e *ApiKey) { n.Edges.APIKeys = append(n.Edges.APIKeys, e) }); err != nil {
+			func(n *Group) { n.Edges.APIKeys = []*APIKey{} },
+			func(n *Group, e *APIKey) { n.Edges.APIKeys = append(n.Edges.APIKeys, e) }); err != nil {
 			return nil, err
 		}
 	}
@@ -711,7 +711,7 @@ func (_q *GroupQuery) sqlAll(ctx context.Context, hooks ...queryHook) ([]*Group,
 	return nodes, nil
 }

-func (_q *GroupQuery) loadAPIKeys(ctx context.Context, query *ApiKeyQuery, nodes []*Group, init func(*Group), assign func(*Group, *ApiKey)) error {
+func (_q *GroupQuery) loadAPIKeys(ctx context.Context, query *APIKeyQuery, nodes []*Group, init func(*Group), assign func(*Group, *APIKey)) error {
 	fks := make([]driver.Value, 0, len(nodes))
 	nodeids := make(map[int64]*Group)
 	for i := range nodes {
@@ -724,7 +724,7 @@ func (_q *GroupQuery) loadAPIKeys(ctx context.Context, query *ApiKeyQuery, nodes
 	if len(query.ctx.Fields) > 0 {
 		query.ctx.AppendFieldOnce(apikey.FieldGroupID)
 	}
-	query.Where(predicate.ApiKey(func(s *sql.Selector) {
+	query.Where(predicate.APIKey(func(s *sql.Selector) {
 		s.Where(sql.InValues(s.C(group.APIKeysColumn), fks...))
 	}))
 	neighbors, err := query.All(ctx)
--- a/backend/ent/group_update.go
+++ b/backend/ent/group_update.go
@@ -273,14 +273,95 @@ func (_u *GroupUpdate) AddDefaultValidityDays(v int) *GroupUpdate {
 	return _u
 }

-// AddAPIKeyIDs adds the "api_keys" edge to the ApiKey entity by IDs.
+// SetImagePrice1k sets the "image_price_1k" field.
+func (_u *GroupUpdate) SetImagePrice1k(v float64) *GroupUpdate {
+	_u.mutation.ResetImagePrice1k()
+	_u.mutation.SetImagePrice1k(v)
+	return _u
+}
+
+// SetNillableImagePrice1k sets the "image_price_1k" field if the given value is not nil.
+func (_u *GroupUpdate) SetNillableImagePrice1k(v *float64) *GroupUpdate {
+	if v != nil {
+		_u.SetImagePrice1k(*v)
+	}
+	return _u
+}
+
+// AddImagePrice1k adds value to the "image_price_1k" field.
+func (_u *GroupUpdate) AddImagePrice1k(v float64) *GroupUpdate {
+	_u.mutation.AddImagePrice1k(v)
+	return _u
+}
+
+// ClearImagePrice1k clears the value of the "image_price_1k" field.
+func (_u *GroupUpdate) ClearImagePrice1k() *GroupUpdate {
+	_u.mutation.ClearImagePrice1k()
+	return _u
+}
+
+// SetImagePrice2k sets the "image_price_2k" field.
+func (_u *GroupUpdate) SetImagePrice2k(v float64) *GroupUpdate {
+	_u.mutation.ResetImagePrice2k()
+	_u.mutation.SetImagePrice2k(v)
+	return _u
+}
+
+// SetNillableImagePrice2k sets the "image_price_2k" field if the given value is not nil.
+func (_u *GroupUpdate) SetNillableImagePrice2k(v *float64) *GroupUpdate {
+	if v != nil {
+		_u.SetImagePrice2k(*v)
+	}
+	return _u
+}
+
+// AddImagePrice2k adds value to the "image_price_2k" field.
+func (_u *GroupUpdate) AddImagePrice2k(v float64) *GroupUpdate {
+	_u.mutation.AddImagePrice2k(v)
+	return _u
+}
+
+// ClearImagePrice2k clears the value of the "image_price_2k" field.
+func (_u *GroupUpdate) ClearImagePrice2k() *GroupUpdate {
+	_u.mutation.ClearImagePrice2k()
+	return _u
+}
+
+// SetImagePrice4k sets the "image_price_4k" field.
+func (_u *GroupUpdate) SetImagePrice4k(v float64) *GroupUpdate {
+	_u.mutation.ResetImagePrice4k()
+	_u.mutation.SetImagePrice4k(v)
+	return _u
+}
+
+// SetNillableImagePrice4k sets the "image_price_4k" field if the given value is not nil.
+func (_u *GroupUpdate) SetNillableImagePrice4k(v *float64) *GroupUpdate {
+	if v != nil {
+		_u.SetImagePrice4k(*v)
+	}
+	return _u
+}
+
+// AddImagePrice4k adds value to the "image_price_4k" field.
+func (_u *GroupUpdate) AddImagePrice4k(v float64) *GroupUpdate {
+	_u.mutation.AddImagePrice4k(v)
+	return _u
+}
+
+// ClearImagePrice4k clears the value of the "image_price_4k" field.
+func (_u *GroupUpdate) ClearImagePrice4k() *GroupUpdate {
+	_u.mutation.ClearImagePrice4k()
+	return _u
+}
+
+// AddAPIKeyIDs adds the "api_keys" edge to the APIKey entity by IDs.
 func (_u *GroupUpdate) AddAPIKeyIDs(ids ...int64) *GroupUpdate {
 	_u.mutation.AddAPIKeyIDs(ids...)
 	return _u
 }

-// AddAPIKeys adds the "api_keys" edges to the ApiKey entity.
-func (_u *GroupUpdate) AddAPIKeys(v ...*ApiKey) *GroupUpdate {
+// AddAPIKeys adds the "api_keys" edges to the APIKey entity.
+func (_u *GroupUpdate) AddAPIKeys(v ...*APIKey) *GroupUpdate {
 	ids := make([]int64, len(v))
 	for i := range v {
 		ids[i] = v[i].ID
@@ -368,20 +449,20 @@ func (_u *GroupUpdate) Mutation() *GroupMutation {
 	return _u.mutation
 }

-// ClearAPIKeys clears all "api_keys" edges to the ApiKey entity.
+// ClearAPIKeys clears all "api_keys" edges to the APIKey entity.
 func (_u *GroupUpdate) ClearAPIKeys() *GroupUpdate {
 	_u.mutation.ClearAPIKeys()
 	return _u
 }

-// RemoveAPIKeyIDs removes the "api_keys" edge to ApiKey entities by IDs.
+// RemoveAPIKeyIDs removes the "api_keys" edge to APIKey entities by IDs.
 func (_u *GroupUpdate) RemoveAPIKeyIDs(ids ...int64) *GroupUpdate {
 	_u.mutation.RemoveAPIKeyIDs(ids...)
 	return _u
 }

-// RemoveAPIKeys removes "api_keys" edges to ApiKey entities.
-func (_u *GroupUpdate) RemoveAPIKeys(v ...*ApiKey) *GroupUpdate {
+// RemoveAPIKeys removes "api_keys" edges to APIKey entities.
+func (_u *GroupUpdate) RemoveAPIKeys(v ...*APIKey) *GroupUpdate {
 	ids := make([]int64, len(v))
 	for i := range v {
 		ids[i] = v[i].ID
@@ -642,6 +723,33 @@ func (_u *GroupUpdate) sqlSave(ctx context.Context) (_node int, err error) {
 	if value, ok := _u.mutation.AddedDefaultValidityDays(); ok {
 		_spec.AddField(group.FieldDefaultValidityDays, field.TypeInt, value)
 	}
+	if value, ok := _u.mutation.ImagePrice1k(); ok {
+		_spec.SetField(group.FieldImagePrice1k, field.TypeFloat64, value)
+	}
+	if value, ok := _u.mutation.AddedImagePrice1k(); ok {
+		_spec.AddField(group.FieldImagePrice1k, field.TypeFloat64, value)
+	}
+	if _u.mutation.ImagePrice1kCleared() {
+		_spec.ClearField(group.FieldImagePrice1k, field.TypeFloat64)
+	}
+	if value, ok := _u.mutation.ImagePrice2k(); ok {
+		_spec.SetField(group.FieldImagePrice2k, field.TypeFloat64, value)
+	}
+	if value, ok := _u.mutation.AddedImagePrice2k(); ok {
+		_spec.AddField(group.FieldImagePrice2k, field.TypeFloat64, value)
+	}
+	if _u.mutation.ImagePrice2kCleared() {
+		_spec.ClearField(group.FieldImagePrice2k, field.TypeFloat64)
+	}
+	if value, ok := _u.mutation.ImagePrice4k(); ok {
+		_spec.SetField(group.FieldImagePrice4k, field.TypeFloat64, value)
+	}
+	if value, ok := _u.mutation.AddedImagePrice4k(); ok {
+		_spec.AddField(group.FieldImagePrice4k, field.TypeFloat64, value)
+	}
+	if _u.mutation.ImagePrice4kCleared() {
+		_spec.ClearField(group.FieldImagePrice4k, field.TypeFloat64)
+	}
 	if _u.mutation.APIKeysCleared() {
 		edge := &sqlgraph.EdgeSpec{
 			Rel:     sqlgraph.O2M,
@@ -1195,14 +1303,95 @@ func (_u *GroupUpdateOne) AddDefaultValidityDays(v int) *GroupUpdateOne {
 	return _u
 }

-// AddAPIKeyIDs adds the "api_keys" edge to the ApiKey entity by IDs.
+// SetImagePrice1k sets the "image_price_1k" field.
+func (_u *GroupUpdateOne) SetImagePrice1k(v float64) *GroupUpdateOne {
+	_u.mutation.ResetImagePrice1k()
+	_u.mutation.SetImagePrice1k(v)
+	return _u
+}
+
+// SetNillableImagePrice1k sets the "image_price_1k" field if the given value is not nil.
+func (_u *GroupUpdateOne) SetNillableImagePrice1k(v *float64) *GroupUpdateOne {
+	if v != nil {
+		_u.SetImagePrice1k(*v)
+	}
+	return _u
+}
+
+// AddImagePrice1k adds value to the "image_price_1k" field.
+func (_u *GroupUpdateOne) AddImagePrice1k(v float64) *GroupUpdateOne {
+	_u.mutation.AddImagePrice1k(v)
+	return _u
+}
+
+// ClearImagePrice1k clears the value of the "image_price_1k" field.
+func (_u *GroupUpdateOne) ClearImagePrice1k() *GroupUpdateOne {
+	_u.mutation.ClearImagePrice1k()
+	return _u
+}
+
+// SetImagePrice2k sets the "image_price_2k" field.
+func (_u *GroupUpdateOne) SetImagePrice2k(v float64) *GroupUpdateOne {
+	_u.mutation.ResetImagePrice2k()
+	_u.mutation.SetImagePrice2k(v)
+	return _u
+}
+
+// SetNillableImagePrice2k sets the "image_price_2k" field if the given value is not nil.
+func (_u *GroupUpdateOne) SetNillableImagePrice2k(v *float64) *GroupUpdateOne {
+	if v != nil {
+		_u.SetImagePrice2k(*v)
+	}
+	return _u
+}
+
+// AddImagePrice2k adds value to the "image_price_2k" field.
+func (_u *GroupUpdateOne) AddImagePrice2k(v float64) *GroupUpdateOne {
+	_u.mutation.AddImagePrice2k(v)
+	return _u
+}
+
+// ClearImagePrice2k clears the value of the "image_price_2k" field.
+func (_u *GroupUpdateOne) ClearImagePrice2k() *GroupUpdateOne {
+	_u.mutation.ClearImagePrice2k()
+	return _u
+}
+
+// SetImagePrice4k sets the "image_price_4k" field.
+func (_u *GroupUpdateOne) SetImagePrice4k(v float64) *GroupUpdateOne {
+	_u.mutation.ResetImagePrice4k()
+	_u.mutation.SetImagePrice4k(v)
+	return _u
+}
+
+// SetNillableImagePrice4k sets the "image_price_4k" field if the given value is not nil.
+func (_u *GroupUpdateOne) SetNillableImagePrice4k(v *float64) *GroupUpdateOne {
+	if v != nil {
+		_u.SetImagePrice4k(*v)
+	}
+	return _u
+}
+
+// AddImagePrice4k adds value to the "image_price_4k" field.
+func (_u *GroupUpdateOne) AddImagePrice4k(v float64) *GroupUpdateOne {
+	_u.mutation.AddImagePrice4k(v)
+	return _u
+}
+
+// ClearImagePrice4k clears the value of the "image_price_4k" field.
+func (_u *GroupUpdateOne) ClearImagePrice4k() *GroupUpdateOne {
+	_u.mutation.ClearImagePrice4k()
+	return _u
+}
+
+// AddAPIKeyIDs adds the "api_keys" edge to the APIKey entity by IDs.
 func (_u *GroupUpdateOne) AddAPIKeyIDs(ids ...int64) *GroupUpdateOne {
 	_u.mutation.AddAPIKeyIDs(ids...)
 	return _u
 }

-// AddAPIKeys adds the "api_keys" edges to the ApiKey entity.
-func (_u *GroupUpdateOne) AddAPIKeys(v ...*ApiKey) *GroupUpdateOne {
+// AddAPIKeys adds the "api_keys" edges to the APIKey entity.
+func (_u *GroupUpdateOne) AddAPIKeys(v ...*APIKey) *GroupUpdateOne {
 	ids := make([]int64, len(v))
 	for i := range v {
 		ids[i] = v[i].ID
@@ -1290,20 +1479,20 @@ func (_u *GroupUpdateOne) Mutation() *GroupMutation {
 	return _u.mutation
 }

-// ClearAPIKeys clears all "api_keys" edges to the ApiKey entity.
+// ClearAPIKeys clears all "api_keys" edges to the APIKey entity.
 func (_u *GroupUpdateOne) ClearAPIKeys() *GroupUpdateOne {
 	_u.mutation.ClearAPIKeys()
 	return _u
 }

-// RemoveAPIKeyIDs removes the "api_keys" edge to ApiKey entities by IDs.
+// RemoveAPIKeyIDs removes the "api_keys" edge to APIKey entities by IDs.
 func (_u *GroupUpdateOne) RemoveAPIKeyIDs(ids ...int64) *GroupUpdateOne {
 	_u.mutation.RemoveAPIKeyIDs(ids...)
 	return _u
 }

-// RemoveAPIKeys removes "api_keys" edges to ApiKey entities.
-func (_u *GroupUpdateOne) RemoveAPIKeys(v ...*ApiKey) *GroupUpdateOne {
+// RemoveAPIKeys removes "api_keys" edges to APIKey entities.
+func (_u *GroupUpdateOne) RemoveAPIKeys(v ...*APIKey) *GroupUpdateOne {
 	ids := make([]int64, len(v))
 	for i := range v {
 		ids[i] = v[i].ID
@@ -1594,6 +1783,33 @@ func (_u *GroupUpdateOne) sqlSave(ctx context.Context) (_node *Group, err error)
 	if value, ok := _u.mutation.AddedDefaultValidityDays(); ok {
 		_spec.AddField(group.FieldDefaultValidityDays, field.TypeInt, value)
 	}
+	if value, ok := _u.mutation.ImagePrice1k(); ok {
+		_spec.SetField(group.FieldImagePrice1k, field.TypeFloat64, value)
+	}
+	if value, ok := _u.mutation.AddedImagePrice1k(); ok {
+		_spec.AddField(group.FieldImagePrice1k, field.TypeFloat64, value)
+	}
+	if _u.mutation.ImagePrice1kCleared() {
+		_spec.ClearField(group.FieldImagePrice1k, field.TypeFloat64)
+	}
+	if value, ok := _u.mutation.ImagePrice2k(); ok {
+		_spec.SetField(group.FieldImagePrice2k, field.TypeFloat64, value)
+	}
+	if value, ok := _u.mutation.AddedImagePrice2k(); ok {
+		_spec.AddField(group.FieldImagePrice2k, field.TypeFloat64, value)
+	}
+	if _u.mutation.ImagePrice2kCleared() {
+		_spec.ClearField(group.FieldImagePrice2k, field.TypeFloat64)
+	}
+	if value, ok := _u.mutation.ImagePrice4k(); ok {
+		_spec.SetField(group.FieldImagePrice4k, field.TypeFloat64, value)
+	}
+	if value, ok := _u.mutation.AddedImagePrice4k(); ok {
+		_spec.AddField(group.FieldImagePrice4k, field.TypeFloat64, value)
+	}
+	if _u.mutation.ImagePrice4kCleared() {
+		_spec.ClearField(group.FieldImagePrice4k, field.TypeFloat64)
+	}
 	if _u.mutation.APIKeysCleared() {
 		edge := &sqlgraph.EdgeSpec{
 			Rel:     sqlgraph.O2M,
--- a/backend/ent/hook/hook.go
+++ b/backend/ent/hook/hook.go
@@ -9,6 +9,18 @@ import (
 	"github.com/Wei-Shaw/sub2api/ent"
 )

+// The APIKeyFunc type is an adapter to allow the use of ordinary
+// function as APIKey mutator.
+type APIKeyFunc func(context.Context, *ent.APIKeyMutation) (ent.Value, error)
+
+// Mutate calls f(ctx, m).
+func (f APIKeyFunc) Mutate(ctx context.Context, m ent.Mutation) (ent.Value, error) {
+	if mv, ok := m.(*ent.APIKeyMutation); ok {
+		return f(ctx, mv)
+	}
+	return nil, fmt.Errorf("unexpected mutation type %T. expect *ent.APIKeyMutation", m)
+}
+
 // The AccountFunc type is an adapter to allow the use of ordinary
 // function as Account mutator.
 type AccountFunc func(context.Context, *ent.AccountMutation) (ent.Value, error)
@@ -33,18 +45,6 @@ func (f AccountGroupFunc) Mutate(ctx context.Context, m ent.Mutation) (ent.Value
 	return nil, fmt.Errorf("unexpected mutation type %T. expect *ent.AccountGroupMutation", m)
 }

-// The ApiKeyFunc type is an adapter to allow the use of ordinary
-// function as ApiKey mutator.
-type ApiKeyFunc func(context.Context, *ent.ApiKeyMutation) (ent.Value, error)
-
-// Mutate calls f(ctx, m).
-func (f ApiKeyFunc) Mutate(ctx context.Context, m ent.Mutation) (ent.Value, error) {
-	if mv, ok := m.(*ent.ApiKeyMutation); ok {
-		return f(ctx, mv)
-	}
-	return nil, fmt.Errorf("unexpected mutation type %T. expect *ent.ApiKeyMutation", m)
-}
-
 // The GroupFunc type is an adapter to allow the use of ordinary
 // function as Group mutator.
 type GroupFunc func(context.Context, *ent.GroupMutation) (ent.Value, error)
@@ -129,6 +129,30 @@ func (f UserAllowedGroupFunc) Mutate(ctx context.Context, m ent.Mutation) (ent.V
 	return nil, fmt.Errorf("unexpected mutation type %T. expect *ent.UserAllowedGroupMutation", m)
 }

+// The UserAttributeDefinitionFunc type is an adapter to allow the use of ordinary
+// function as UserAttributeDefinition mutator.
+type UserAttributeDefinitionFunc func(context.Context, *ent.UserAttributeDefinitionMutation) (ent.Value, error)
+
+// Mutate calls f(ctx, m).
+func (f UserAttributeDefinitionFunc) Mutate(ctx context.Context, m ent.Mutation) (ent.Value, error) {
+	if mv, ok := m.(*ent.UserAttributeDefinitionMutation); ok {
+		return f(ctx, mv)
+	}
+	return nil, fmt.Errorf("unexpected mutation type %T. expect *ent.UserAttributeDefinitionMutation", m)
+}
+
+// The UserAttributeValueFunc type is an adapter to allow the use of ordinary
+// function as UserAttributeValue mutator.
+type UserAttributeValueFunc func(context.Context, *ent.UserAttributeValueMutation) (ent.Value, error)
+
+// Mutate calls f(ctx, m).
+func (f UserAttributeValueFunc) Mutate(ctx context.Context, m ent.Mutation) (ent.Value, error) {
+	if mv, ok := m.(*ent.UserAttributeValueMutation); ok {
+		return f(ctx, mv)
+	}
+	return nil, fmt.Errorf("unexpected mutation type %T. expect *ent.UserAttributeValueMutation", m)
+}
+
 // The UserSubscriptionFunc type is an adapter to allow the use of ordinary
 // function as UserSubscription mutator.
 type UserSubscriptionFunc func(context.Context, *ent.UserSubscriptionMutation) (ent.Value, error)
--- a/backend/ent/intercept/intercept.go
+++ b/backend/ent/intercept/intercept.go
@@ -19,6 +19,8 @@ import (
 	"github.com/Wei-Shaw/sub2api/ent/usagelog"
 	"github.com/Wei-Shaw/sub2api/ent/user"
 	"github.com/Wei-Shaw/sub2api/ent/userallowedgroup"
+	"github.com/Wei-Shaw/sub2api/ent/userattributedefinition"
+	"github.com/Wei-Shaw/sub2api/ent/userattributevalue"
 	"github.com/Wei-Shaw/sub2api/ent/usersubscription"
 )

@@ -78,6 +80,33 @@ func (f TraverseFunc) Traverse(ctx context.Context, q ent.Query) error {
 	return f(ctx, query)
 }

+// The APIKeyFunc type is an adapter to allow the use of ordinary function as a Querier.
+type APIKeyFunc func(context.Context, *ent.APIKeyQuery) (ent.Value, error)
+
+// Query calls f(ctx, q).
+func (f APIKeyFunc) Query(ctx context.Context, q ent.Query) (ent.Value, error) {
+	if q, ok := q.(*ent.APIKeyQuery); ok {
+		return f(ctx, q)
+	}
+	return nil, fmt.Errorf("unexpected query type %T. expect *ent.APIKeyQuery", q)
+}
+
+// The TraverseAPIKey type is an adapter to allow the use of ordinary function as Traverser.
+type TraverseAPIKey func(context.Context, *ent.APIKeyQuery) error
+
+// Intercept is a dummy implementation of Intercept that returns the next Querier in the pipeline.
+func (f TraverseAPIKey) Intercept(next ent.Querier) ent.Querier {
+	return next
+}
+
+// Traverse calls f(ctx, q).
+func (f TraverseAPIKey) Traverse(ctx context.Context, q ent.Query) error {
+	if q, ok := q.(*ent.APIKeyQuery); ok {
+		return f(ctx, q)
+	}
+	return fmt.Errorf("unexpected query type %T. expect *ent.APIKeyQuery", q)
+}
+
 // The AccountFunc type is an adapter to allow the use of ordinary function as a Querier.
 type AccountFunc func(context.Context, *ent.AccountQuery) (ent.Value, error)

@@ -132,33 +161,6 @@ func (f TraverseAccountGroup) Traverse(ctx context.Context, q ent.Query) error {
 	return fmt.Errorf("unexpected query type %T. expect *ent.AccountGroupQuery", q)
 }

-// The ApiKeyFunc type is an adapter to allow the use of ordinary function as a Querier.
-type ApiKeyFunc func(context.Context, *ent.ApiKeyQuery) (ent.Value, error)
-
-// Query calls f(ctx, q).
-func (f ApiKeyFunc) Query(ctx context.Context, q ent.Query) (ent.Value, error) {
-	if q, ok := q.(*ent.ApiKeyQuery); ok {
-		return f(ctx, q)
-	}
-	return nil, fmt.Errorf("unexpected query type %T. expect *ent.ApiKeyQuery", q)
-}
-
-// The TraverseApiKey type is an adapter to allow the use of ordinary function as Traverser.
-type TraverseApiKey func(context.Context, *ent.ApiKeyQuery) error
-
-// Intercept is a dummy implementation of Intercept that returns the next Querier in the pipeline.
-func (f TraverseApiKey) Intercept(next ent.Querier) ent.Querier {
-	return next
-}
-
-// Traverse calls f(ctx, q).
-func (f TraverseApiKey) Traverse(ctx context.Context, q ent.Query) error {
-	if q, ok := q.(*ent.ApiKeyQuery); ok {
-		return f(ctx, q)
-	}
-	return fmt.Errorf("unexpected query type %T. expect *ent.ApiKeyQuery", q)
-}
-
 // The GroupFunc type is an adapter to allow the use of ordinary function as a Querier.
 type GroupFunc func(context.Context, *ent.GroupQuery) (ent.Value, error)

@@ -348,6 +350,60 @@ func (f TraverseUserAllowedGroup) Traverse(ctx context.Context, q ent.Query) err
 	return fmt.Errorf("unexpected query type %T. expect *ent.UserAllowedGroupQuery", q)
 }

+// The UserAttributeDefinitionFunc type is an adapter to allow the use of ordinary function as a Querier.
+type UserAttributeDefinitionFunc func(context.Context, *ent.UserAttributeDefinitionQuery) (ent.Value, error)
+
+// Query calls f(ctx, q).
+func (f UserAttributeDefinitionFunc) Query(ctx context.Context, q ent.Query) (ent.Value, error) {
+	if q, ok := q.(*ent.UserAttributeDefinitionQuery); ok {
+		return f(ctx, q)
+	}
+	return nil, fmt.Errorf("unexpected query type %T. expect *ent.UserAttributeDefinitionQuery", q)
+}
+
+// The TraverseUserAttributeDefinition type is an adapter to allow the use of ordinary function as Traverser.
+type TraverseUserAttributeDefinition func(context.Context, *ent.UserAttributeDefinitionQuery) error
+
+// Intercept is a dummy implementation of Intercept that returns the next Querier in the pipeline.
+func (f TraverseUserAttributeDefinition) Intercept(next ent.Querier) ent.Querier {
+	return next
+}
+
+// Traverse calls f(ctx, q).
+func (f TraverseUserAttributeDefinition) Traverse(ctx context.Context, q ent.Query) error {
+	if q, ok := q.(*ent.UserAttributeDefinitionQuery); ok {
+		return f(ctx, q)
+	}
+	return fmt.Errorf("unexpected query type %T. expect *ent.UserAttributeDefinitionQuery", q)
+}
+
+// The UserAttributeValueFunc type is an adapter to allow the use of ordinary function as a Querier.
+type UserAttributeValueFunc func(context.Context, *ent.UserAttributeValueQuery) (ent.Value, error)
+
+// Query calls f(ctx, q).
+func (f UserAttributeValueFunc) Query(ctx context.Context, q ent.Query) (ent.Value, error) {
+	if q, ok := q.(*ent.UserAttributeValueQuery); ok {
+		return f(ctx, q)
+	}
+	return nil, fmt.Errorf("unexpected query type %T. expect *ent.UserAttributeValueQuery", q)
+}
+
+// The TraverseUserAttributeValue type is an adapter to allow the use of ordinary function as Traverser.
+type TraverseUserAttributeValue func(context.Context, *ent.UserAttributeValueQuery) error
+
+// Intercept is a dummy implementation of Intercept that returns the next Querier in the pipeline.
+func (f TraverseUserAttributeValue) Intercept(next ent.Querier) ent.Querier {
+	return next
+}
+
+// Traverse calls f(ctx, q).
+func (f TraverseUserAttributeValue) Traverse(ctx context.Context, q ent.Query) error {
+	if q, ok := q.(*ent.UserAttributeValueQuery); ok {
+		return f(ctx, q)
+	}
+	return fmt.Errorf("unexpected query type %T. expect *ent.UserAttributeValueQuery", q)
+}
+
 // The UserSubscriptionFunc type is an adapter to allow the use of ordinary function as a Querier.
 type UserSubscriptionFunc func(context.Context, *ent.UserSubscriptionQuery) (ent.Value, error)

@@ -378,12 +434,12 @@ func (f TraverseUserSubscription) Traverse(ctx context.Context, q ent.Query) err
 // NewQuery returns the generic Query interface for the given typed query.
 func NewQuery(q ent.Query) (Query, error) {
 	switch q := q.(type) {
+	case *ent.APIKeyQuery:
+		return &query[*ent.APIKeyQuery, predicate.APIKey, apikey.OrderOption]{typ: ent.TypeAPIKey, tq: q}, nil
 	case *ent.AccountQuery:
 		return &query[*ent.AccountQuery, predicate.Account, account.OrderOption]{typ: ent.TypeAccount, tq: q}, nil
 	case *ent.AccountGroupQuery:
 		return &query[*ent.AccountGroupQuery, predicate.AccountGroup, accountgroup.OrderOption]{typ: ent.TypeAccountGroup, tq: q}, nil
-	case *ent.ApiKeyQuery:
-		return &query[*ent.ApiKeyQuery, predicate.ApiKey, apikey.OrderOption]{typ: ent.TypeApiKey, tq: q}, nil
 	case *ent.GroupQuery:
 		return &query[*ent.GroupQuery, predicate.Group, group.OrderOption]{typ: ent.TypeGroup, tq: q}, nil
 	case *ent.ProxyQuery:
@@ -398,6 +454,10 @@ func NewQuery(q ent.Query) (Query, error) {
 		return &query[*ent.UserQuery, predicate.User, user.OrderOption]{typ: ent.TypeUser, tq: q}, nil
 	case *ent.UserAllowedGroupQuery:
 		return &query[*ent.UserAllowedGroupQuery, predicate.UserAllowedGroup, userallowedgroup.OrderOption]{typ: ent.TypeUserAllowedGroup, tq: q}, nil
+	case *ent.UserAttributeDefinitionQuery:
+		return &query[*ent.UserAttributeDefinitionQuery, predicate.UserAttributeDefinition, userattributedefinition.OrderOption]{typ: ent.TypeUserAttributeDefinition, tq: q}, nil
+	case *ent.UserAttributeValueQuery:
+		return &query[*ent.UserAttributeValueQuery, predicate.UserAttributeValue, userattributevalue.OrderOption]{typ: ent.TypeUserAttributeValue, tq: q}, nil
 	case *ent.UserSubscriptionQuery:
 		return &query[*ent.UserSubscriptionQuery, predicate.UserSubscription, usersubscription.OrderOption]{typ: ent.TypeUserSubscription, tq: q}, nil
 	default:
--- a/backend/ent/migrate/schema.go
+++ b/backend/ent/migrate/schema.go
@@ -9,141 +9,6 @@ import (
 )

 var (
-	// AccountsColumns holds the columns for the "accounts" table.
-	AccountsColumns = []*schema.Column{
-		{Name: "id", Type: field.TypeInt64, Increment: true},
-		{Name: "created_at", Type: field.TypeTime, SchemaType: map[string]string{"postgres": "timestamptz"}},
-		{Name: "updated_at", Type: field.TypeTime, SchemaType: map[string]string{"postgres": "timestamptz"}},
-		{Name: "deleted_at", Type: field.TypeTime, Nullable: true, SchemaType: map[string]string{"postgres": "timestamptz"}},
-		{Name: "name", Type: field.TypeString, Size: 100},
-		{Name: "platform", Type: field.TypeString, Size: 50},
-		{Name: "type", Type: field.TypeString, Size: 20},
-		{Name: "credentials", Type: field.TypeJSON, SchemaType: map[string]string{"postgres": "jsonb"}},
-		{Name: "extra", Type: field.TypeJSON, SchemaType: map[string]string{"postgres": "jsonb"}},
-		{Name: "concurrency", Type: field.TypeInt, Default: 3},
-		{Name: "priority", Type: field.TypeInt, Default: 50},
-		{Name: "status", Type: field.TypeString, Size: 20, Default: "active"},
-		{Name: "error_message", Type: field.TypeString, Nullable: true, SchemaType: map[string]string{"postgres": "text"}},
-		{Name: "last_used_at", Type: field.TypeTime, Nullable: true, SchemaType: map[string]string{"postgres": "timestamptz"}},
-		{Name: "schedulable", Type: field.TypeBool, Default: true},
-		{Name: "rate_limited_at", Type: field.TypeTime, Nullable: true, SchemaType: map[string]string{"postgres": "timestamptz"}},
-		{Name: "rate_limit_reset_at", Type: field.TypeTime, Nullable: true, SchemaType: map[string]string{"postgres": "timestamptz"}},
-		{Name: "overload_until", Type: field.TypeTime, Nullable: true, SchemaType: map[string]string{"postgres": "timestamptz"}},
-		{Name: "session_window_start", Type: field.TypeTime, Nullable: true, SchemaType: map[string]string{"postgres": "timestamptz"}},
-		{Name: "session_window_end", Type: field.TypeTime, Nullable: true, SchemaType: map[string]string{"postgres": "timestamptz"}},
-		{Name: "session_window_status", Type: field.TypeString, Nullable: true, Size: 20},
-		{Name: "proxy_id", Type: field.TypeInt64, Nullable: true},
-	}
-	// AccountsTable holds the schema information for the "accounts" table.
-	AccountsTable = &schema.Table{
-		Name:       "accounts",
-		Columns:    AccountsColumns,
-		PrimaryKey: []*schema.Column{AccountsColumns[0]},
-		ForeignKeys: []*schema.ForeignKey{
-			{
-				Symbol:     "accounts_proxies_proxy",
-				Columns:    []*schema.Column{AccountsColumns[21]},
-				RefColumns: []*schema.Column{ProxiesColumns[0]},
-				OnDelete:   schema.SetNull,
-			},
-		},
-		Indexes: []*schema.Index{
-			{
-				Name:    "account_platform",
-				Unique:  false,
-				Columns: []*schema.Column{AccountsColumns[5]},
-			},
-			{
-				Name:    "account_type",
-				Unique:  false,
-				Columns: []*schema.Column{AccountsColumns[6]},
-			},
-			{
-				Name:    "account_status",
-				Unique:  false,
-				Columns: []*schema.Column{AccountsColumns[11]},
-			},
-			{
-				Name:    "account_proxy_id",
-				Unique:  false,
-				Columns: []*schema.Column{AccountsColumns[21]},
-			},
-			{
-				Name:    "account_priority",
-				Unique:  false,
-				Columns: []*schema.Column{AccountsColumns[10]},
-			},
-			{
-				Name:    "account_last_used_at",
-				Unique:  false,
-				Columns: []*schema.Column{AccountsColumns[13]},
-			},
-			{
-				Name:    "account_schedulable",
-				Unique:  false,
-				Columns: []*schema.Column{AccountsColumns[14]},
-			},
-			{
-				Name:    "account_rate_limited_at",
-				Unique:  false,
-				Columns: []*schema.Column{AccountsColumns[15]},
-			},
-			{
-				Name:    "account_rate_limit_reset_at",
-				Unique:  false,
-				Columns: []*schema.Column{AccountsColumns[16]},
-			},
-			{
-				Name:    "account_overload_until",
-				Unique:  false,
-				Columns: []*schema.Column{AccountsColumns[17]},
-			},
-			{
-				Name:    "account_deleted_at",
-				Unique:  false,
-				Columns: []*schema.Column{AccountsColumns[3]},
-			},
-		},
-	}
-	// AccountGroupsColumns holds the columns for the "account_groups" table.
-	AccountGroupsColumns = []*schema.Column{
-		{Name: "priority", Type: field.TypeInt, Default: 50},
-		{Name: "created_at", Type: field.TypeTime, SchemaType: map[string]string{"postgres": "timestamptz"}},
-		{Name: "account_id", Type: field.TypeInt64},
-		{Name: "group_id", Type: field.TypeInt64},
-	}
-	// AccountGroupsTable holds the schema information for the "account_groups" table.
-	AccountGroupsTable = &schema.Table{
-		Name:       "account_groups",
-		Columns:    AccountGroupsColumns,
-		PrimaryKey: []*schema.Column{AccountGroupsColumns[2], AccountGroupsColumns[3]},
-		ForeignKeys: []*schema.ForeignKey{
-			{
-				Symbol:     "account_groups_accounts_account",
-				Columns:    []*schema.Column{AccountGroupsColumns[2]},
-				RefColumns: []*schema.Column{AccountsColumns[0]},
-				OnDelete:   schema.NoAction,
-			},
-			{
-				Symbol:     "account_groups_groups_group",
-				Columns:    []*schema.Column{AccountGroupsColumns[3]},
-				RefColumns: []*schema.Column{GroupsColumns[0]},
-				OnDelete:   schema.NoAction,
-			},
-		},
-		Indexes: []*schema.Index{
-			{
-				Name:    "accountgroup_group_id",
-				Unique:  false,
-				Columns: []*schema.Column{AccountGroupsColumns[3]},
-			},
-			{
-				Name:    "accountgroup_priority",
-				Unique:  false,
-				Columns: []*schema.Column{AccountGroupsColumns[0]},
-			},
-		},
-	}
 	// APIKeysColumns holds the columns for the "api_keys" table.
 	APIKeysColumns = []*schema.Column{
 		{Name: "id", Type: field.TypeInt64, Increment: true},
@@ -198,6 +63,144 @@ var (
 			},
 		},
 	}
+	// AccountsColumns holds the columns for the "accounts" table.
+	AccountsColumns = []*schema.Column{
+		{Name: "id", Type: field.TypeInt64, Increment: true},
+		{Name: "created_at", Type: field.TypeTime, SchemaType: map[string]string{"postgres": "timestamptz"}},
+		{Name: "updated_at", Type: field.TypeTime, SchemaType: map[string]string{"postgres": "timestamptz"}},
+		{Name: "deleted_at", Type: field.TypeTime, Nullable: true, SchemaType: map[string]string{"postgres": "timestamptz"}},
+		{Name: "name", Type: field.TypeString, Size: 100},
+		{Name: "notes", Type: field.TypeString, Nullable: true, SchemaType: map[string]string{"postgres": "text"}},
+		{Name: "platform", Type: field.TypeString, Size: 50},
+		{Name: "type", Type: field.TypeString, Size: 20},
+		{Name: "credentials", Type: field.TypeJSON, SchemaType: map[string]string{"postgres": "jsonb"}},
+		{Name: "extra", Type: field.TypeJSON, SchemaType: map[string]string{"postgres": "jsonb"}},
+		{Name: "concurrency", Type: field.TypeInt, Default: 3},
+		{Name: "priority", Type: field.TypeInt, Default: 50},
+		{Name: "status", Type: field.TypeString, Size: 20, Default: "active"},
+		{Name: "error_message", Type: field.TypeString, Nullable: true, SchemaType: map[string]string{"postgres": "text"}},
+		{Name: "last_used_at", Type: field.TypeTime, Nullable: true, SchemaType: map[string]string{"postgres": "timestamptz"}},
+		{Name: "expires_at", Type: field.TypeTime, Nullable: true, SchemaType: map[string]string{"postgres": "timestamptz"}},
+		{Name: "auto_pause_on_expired", Type: field.TypeBool, Default: true},
+		{Name: "schedulable", Type: field.TypeBool, Default: true},
+		{Name: "rate_limited_at", Type: field.TypeTime, Nullable: true, SchemaType: map[string]string{"postgres": "timestamptz"}},
+		{Name: "rate_limit_reset_at", Type: field.TypeTime, Nullable: true, SchemaType: map[string]string{"postgres": "timestamptz"}},
+		{Name: "overload_until", Type: field.TypeTime, Nullable: true, SchemaType: map[string]string{"postgres": "timestamptz"}},
+		{Name: "session_window_start", Type: field.TypeTime, Nullable: true, SchemaType: map[string]string{"postgres": "timestamptz"}},
+		{Name: "session_window_end", Type: field.TypeTime, Nullable: true, SchemaType: map[string]string{"postgres": "timestamptz"}},
+		{Name: "session_window_status", Type: field.TypeString, Nullable: true, Size: 20},
+		{Name: "proxy_id", Type: field.TypeInt64, Nullable: true},
+	}
+	// AccountsTable holds the schema information for the "accounts" table.
+	AccountsTable = &schema.Table{
+		Name:       "accounts",
+		Columns:    AccountsColumns,
+		PrimaryKey: []*schema.Column{AccountsColumns[0]},
+		ForeignKeys: []*schema.ForeignKey{
+			{
+				Symbol:     "accounts_proxies_proxy",
+				Columns:    []*schema.Column{AccountsColumns[24]},
+				RefColumns: []*schema.Column{ProxiesColumns[0]},
+				OnDelete:   schema.SetNull,
+			},
+		},
+		Indexes: []*schema.Index{
+			{
+				Name:    "account_platform",
+				Unique:  false,
+				Columns: []*schema.Column{AccountsColumns[6]},
+			},
+			{
+				Name:    "account_type",
+				Unique:  false,
+				Columns: []*schema.Column{AccountsColumns[7]},
+			},
+			{
+				Name:    "account_status",
+				Unique:  false,
+				Columns: []*schema.Column{AccountsColumns[12]},
+			},
+			{
+				Name:    "account_proxy_id",
+				Unique:  false,
+				Columns: []*schema.Column{AccountsColumns[24]},
+			},
+			{
+				Name:    "account_priority",
+				Unique:  false,
+				Columns: []*schema.Column{AccountsColumns[11]},
+			},
+			{
+				Name:    "account_last_used_at",
+				Unique:  false,
+				Columns: []*schema.Column{AccountsColumns[14]},
+			},
+			{
+				Name:    "account_schedulable",
+				Unique:  false,
+				Columns: []*schema.Column{AccountsColumns[17]},
+			},
+			{
+				Name:    "account_rate_limited_at",
+				Unique:  false,
+				Columns: []*schema.Column{AccountsColumns[18]},
+			},
+			{
+				Name:    "account_rate_limit_reset_at",
+				Unique:  false,
+				Columns: []*schema.Column{AccountsColumns[19]},
+			},
+			{
+				Name:    "account_overload_until",
+				Unique:  false,
+				Columns: []*schema.Column{AccountsColumns[20]},
+			},
+			{
+				Name:    "account_deleted_at",
+				Unique:  false,
+				Columns: []*schema.Column{AccountsColumns[3]},
+			},
+		},
+	}
+	// AccountGroupsColumns holds the columns for the "account_groups" table.
+	AccountGroupsColumns = []*schema.Column{
+		{Name: "priority", Type: field.TypeInt, Default: 50},
+		{Name: "created_at", Type: field.TypeTime, SchemaType: map[string]string{"postgres": "timestamptz"}},
+		{Name: "account_id", Type: field.TypeInt64},
+		{Name: "group_id", Type: field.TypeInt64},
+	}
+	// AccountGroupsTable holds the schema information for the "account_groups" table.
+	AccountGroupsTable = &schema.Table{
+		Name:       "account_groups",
+		Columns:    AccountGroupsColumns,
+		PrimaryKey: []*schema.Column{AccountGroupsColumns[2], AccountGroupsColumns[3]},
+		ForeignKeys: []*schema.ForeignKey{
+			{
+				Symbol:     "account_groups_accounts_account",
+				Columns:    []*schema.Column{AccountGroupsColumns[2]},
+				RefColumns: []*schema.Column{AccountsColumns[0]},
+				OnDelete:   schema.NoAction,
+			},
+			{
+				Symbol:     "account_groups_groups_group",
+				Columns:    []*schema.Column{AccountGroupsColumns[3]},
+				RefColumns: []*schema.Column{GroupsColumns[0]},
+				OnDelete:   schema.NoAction,
+			},
+		},
+		Indexes: []*schema.Index{
+			{
+				Name:    "accountgroup_group_id",
+				Unique:  false,
+				Columns: []*schema.Column{AccountGroupsColumns[3]},
+			},
+			{
+				Name:    "accountgroup_priority",
+				Unique:  false,
+				Columns: []*schema.Column{AccountGroupsColumns[0]},
+			},
+		},
+	}
 	// GroupsColumns holds the columns for the "groups" table.
 	GroupsColumns = []*schema.Column{
 		{Name: "id", Type: field.TypeInt64, Increment: true},
@@ -215,6 +218,9 @@ var (
 		{Name: "weekly_limit_usd", Type: field.TypeFloat64, Nullable: true, SchemaType: map[string]string{"postgres": "decimal(20,8)"}},
 		{Name: "monthly_limit_usd", Type: field.TypeFloat64, Nullable: true, SchemaType: map[string]string{"postgres": "decimal(20,8)"}},
 		{Name: "default_validity_days", Type: field.TypeInt, Default: 30},
+		{Name: "image_price_1k", Type: field.TypeFloat64, Nullable: true, SchemaType: map[string]string{"postgres": "decimal(20,8)"}},
+		{Name: "image_price_2k", Type: field.TypeFloat64, Nullable: true, SchemaType: map[string]string{"postgres": "decimal(20,8)"}},
+		{Name: "image_price_4k", Type: field.TypeFloat64, Nullable: true, SchemaType: map[string]string{"postgres": "decimal(20,8)"}},
 	}
 	// GroupsTable holds the schema information for the "groups" table.
 	GroupsTable = &schema.Table{
@@ -367,9 +373,12 @@ var (
 		{Name: "stream", Type: field.TypeBool, Default: false},
 		{Name: "duration_ms", Type: field.TypeInt, Nullable: true},
 		{Name: "first_token_ms", Type: field.TypeInt, Nullable: true},
+		{Name: "user_agent", Type: field.TypeString, Nullable: true, Size: 512},
+		{Name: "image_count", Type: field.TypeInt, Default: 0},
+		{Name: "image_size", Type: field.TypeString, Nullable: true, Size: 10},
 		{Name: "created_at", Type: field.TypeTime, SchemaType: map[string]string{"postgres": "timestamptz"}},
-		{Name: "account_id", Type: field.TypeInt64},
 		{Name: "api_key_id", Type: field.TypeInt64},
+		{Name: "account_id", Type: field.TypeInt64},
 		{Name: "group_id", Type: field.TypeInt64, Nullable: true},
 		{Name: "user_id", Type: field.TypeInt64},
 		{Name: "subscription_id", Type: field.TypeInt64, Nullable: true},
@@ -380,33 +389,33 @@ var (
 		Columns:    UsageLogsColumns,
 		PrimaryKey: []*schema.Column{UsageLogsColumns[0]},
 		ForeignKeys: []*schema.ForeignKey{
-			{
-				Symbol:     "usage_logs_accounts_usage_logs",
-				Columns:    []*schema.Column{UsageLogsColumns[21]},
-				RefColumns: []*schema.Column{AccountsColumns[0]},
-				OnDelete:   schema.NoAction,
-			},
 			{
 				Symbol:     "usage_logs_api_keys_usage_logs",
-				Columns:    []*schema.Column{UsageLogsColumns[22]},
+				Columns:    []*schema.Column{UsageLogsColumns[24]},
 				RefColumns: []*schema.Column{APIKeysColumns[0]},
 				OnDelete:   schema.NoAction,
 			},
+			{
+				Symbol:     "usage_logs_accounts_usage_logs",
+				Columns:    []*schema.Column{UsageLogsColumns[25]},
+				RefColumns: []*schema.Column{AccountsColumns[0]},
+				OnDelete:   schema.NoAction,
+			},
 			{
 				Symbol:     "usage_logs_groups_usage_logs",
-				Columns:    []*schema.Column{UsageLogsColumns[23]},
+				Columns:    []*schema.Column{UsageLogsColumns[26]},
 				RefColumns: []*schema.Column{GroupsColumns[0]},
 				OnDelete:   schema.SetNull,
 			},
 			{
 				Symbol:     "usage_logs_users_usage_logs",
-				Columns:    []*schema.Column{UsageLogsColumns[24]},
+				Columns:    []*schema.Column{UsageLogsColumns[27]},
 				RefColumns: []*schema.Column{UsersColumns[0]},
 				OnDelete:   schema.NoAction,
 			},
 			{
 				Symbol:     "usage_logs_user_subscriptions_usage_logs",
-				Columns:    []*schema.Column{UsageLogsColumns[25]},
+				Columns:    []*schema.Column{UsageLogsColumns[28]},
 				RefColumns: []*schema.Column{UserSubscriptionsColumns[0]},
 				OnDelete:   schema.SetNull,
 			},
@@ -415,32 +424,32 @@ var (
 			{
 				Name:    "usagelog_user_id",
 				Unique:  false,
-				Columns: []*schema.Column{UsageLogsColumns[24]},
+				Columns: []*schema.Column{UsageLogsColumns[27]},
 			},
 			{
 				Name:    "usagelog_api_key_id",
 				Unique:  false,
-				Columns: []*schema.Column{UsageLogsColumns[22]},
+				Columns: []*schema.Column{UsageLogsColumns[24]},
 			},
 			{
 				Name:    "usagelog_account_id",
 				Unique:  false,
-				Columns: []*schema.Column{UsageLogsColumns[21]},
+				Columns: []*schema.Column{UsageLogsColumns[25]},
 			},
 			{
 				Name:    "usagelog_group_id",
 				Unique:  false,
-				Columns: []*schema.Column{UsageLogsColumns[23]},
+				Columns: []*schema.Column{UsageLogsColumns[26]},
 			},
 			{
 				Name:    "usagelog_subscription_id",
 				Unique:  false,
-				Columns: []*schema.Column{UsageLogsColumns[25]},
+				Columns: []*schema.Column{UsageLogsColumns[28]},
 			},
 			{
 				Name:    "usagelog_created_at",
 				Unique:  false,
-				Columns: []*schema.Column{UsageLogsColumns[20]},
+				Columns: []*schema.Column{UsageLogsColumns[23]},
 			},
 			{
 				Name:    "usagelog_model",
@@ -455,12 +464,12 @@ var (
 			{
 				Name:    "usagelog_user_id_created_at",
 				Unique:  false,
-				Columns: []*schema.Column{UsageLogsColumns[24], UsageLogsColumns[20]},
+				Columns: []*schema.Column{UsageLogsColumns[27], UsageLogsColumns[23]},
 			},
 			{
 				Name:    "usagelog_api_key_id_created_at",
 				Unique:  false,
-				Columns: []*schema.Column{UsageLogsColumns[22], UsageLogsColumns[20]},
+				Columns: []*schema.Column{UsageLogsColumns[24], UsageLogsColumns[23]},
 			},
 		},
 	}
@@ -477,7 +486,6 @@ var (
 		{Name: "concurrency", Type: field.TypeInt, Default: 5},
 		{Name: "status", Type: field.TypeString, Size: 20, Default: "active"},
 		{Name: "username", Type: field.TypeString, Size: 100, Default: ""},
-		{Name: "wechat", Type: field.TypeString, Size: 100, Default: ""},
 		{Name: "notes", Type: field.TypeString, Default: "", SchemaType: map[string]string{"postgres": "text"}},
 	}
 	// UsersTable holds the schema information for the "users" table.
@@ -531,6 +539,92 @@ var (
 			},
 		},
 	}
+	// UserAttributeDefinitionsColumns holds the columns for the "user_attribute_definitions" table.
+	UserAttributeDefinitionsColumns = []*schema.Column{
+		{Name: "id", Type: field.TypeInt64, Increment: true},
+		{Name: "created_at", Type: field.TypeTime, SchemaType: map[string]string{"postgres": "timestamptz"}},
+		{Name: "updated_at", Type: field.TypeTime, SchemaType: map[string]string{"postgres": "timestamptz"}},
+		{Name: "deleted_at", Type: field.TypeTime, Nullable: true, SchemaType: map[string]string{"postgres": "timestamptz"}},
+		{Name: "key", Type: field.TypeString, Size: 100},
+		{Name: "name", Type: field.TypeString, Size: 255},
+		{Name: "description", Type: field.TypeString, Default: "", SchemaType: map[string]string{"postgres": "text"}},
+		{Name: "type", Type: field.TypeString, Size: 20},
+		{Name: "options", Type: field.TypeJSON, SchemaType: map[string]string{"postgres": "jsonb"}},
+		{Name: "required", Type: field.TypeBool, Default: false},
+		{Name: "validation", Type: field.TypeJSON, SchemaType: map[string]string{"postgres": "jsonb"}},
+		{Name: "placeholder", Type: field.TypeString, Size: 255, Default: ""},
+		{Name: "display_order", Type: field.TypeInt, Default: 0},
+		{Name: "enabled", Type: field.TypeBool, Default: true},
+	}
+	// UserAttributeDefinitionsTable holds the schema information for the "user_attribute_definitions" table.
+	UserAttributeDefinitionsTable = &schema.Table{
+		Name:       "user_attribute_definitions",
+		Columns:    UserAttributeDefinitionsColumns,
+		PrimaryKey: []*schema.Column{UserAttributeDefinitionsColumns[0]},
+		Indexes: []*schema.Index{
+			{
+				Name:    "userattributedefinition_key",
+				Unique:  false,
+				Columns: []*schema.Column{UserAttributeDefinitionsColumns[4]},
+			},
+			{
+				Name:    "userattributedefinition_enabled",
+				Unique:  false,
+				Columns: []*schema.Column{UserAttributeDefinitionsColumns[13]},
+			},
+			{
+				Name:    "userattributedefinition_display_order",
+				Unique:  false,
+				Columns: []*schema.Column{UserAttributeDefinitionsColumns[12]},
+			},
+			{
+				Name:    "userattributedefinition_deleted_at",
+				Unique:  false,
+				Columns: []*schema.Column{UserAttributeDefinitionsColumns[3]},
+			},
+		},
+	}
+	// UserAttributeValuesColumns holds the columns for the "user_attribute_values" table.
+	UserAttributeValuesColumns = []*schema.Column{
+		{Name: "id", Type: field.TypeInt64, Increment: true},
+		{Name: "created_at", Type: field.TypeTime, SchemaType: map[string]string{"postgres": "timestamptz"}},
+		{Name: "updated_at", Type: field.TypeTime, SchemaType: map[string]string{"postgres": "timestamptz"}},
+		{Name: "value", Type: field.TypeString, Size: 2147483647, Default: ""},
+		{Name: "user_id", Type: field.TypeInt64},
+		{Name: "attribute_id", Type: field.TypeInt64},
+	}
+	// UserAttributeValuesTable holds the schema information for the "user_attribute_values" table.
+	UserAttributeValuesTable = &schema.Table{
+		Name:       "user_attribute_values",
+		Columns:    UserAttributeValuesColumns,
+		PrimaryKey: []*schema.Column{UserAttributeValuesColumns[0]},
+		ForeignKeys: []*schema.ForeignKey{
+			{
+				Symbol:     "user_attribute_values_users_attribute_values",
+				Columns:    []*schema.Column{UserAttributeValuesColumns[4]},
+				RefColumns: []*schema.Column{UsersColumns[0]},
+				OnDelete:   schema.NoAction,
+			},
+			{
+				Symbol:     "user_attribute_values_user_attribute_definitions_values",
+				Columns:    []*schema.Column{UserAttributeValuesColumns[5]},
+				RefColumns: []*schema.Column{UserAttributeDefinitionsColumns[0]},
+				OnDelete:   schema.NoAction,
+			},
+		},
+		Indexes: []*schema.Index{
+			{
+				Name:    "userattributevalue_user_id_attribute_id",
+				Unique:  true,
+				Columns: []*schema.Column{UserAttributeValuesColumns[4], UserAttributeValuesColumns[5]},
+			},
+			{
+				Name:    "userattributevalue_attribute_id",
+				Unique:  false,
+				Columns: []*schema.Column{UserAttributeValuesColumns[5]},
+			},
+		},
+	}
 	// UserSubscriptionsColumns holds the columns for the "user_subscriptions" table.
 	UserSubscriptionsColumns = []*schema.Column{
 		{Name: "id", Type: field.TypeInt64, Increment: true},
@@ -617,9 +711,9 @@ var (
 	}
 	// Tables holds all the tables in the schema.
 	Tables = []*schema.Table{
+		APIKeysTable,
 		AccountsTable,
 		AccountGroupsTable,
-		APIKeysTable,
 		GroupsTable,
 		ProxiesTable,
 		RedeemCodesTable,
@@ -627,11 +721,18 @@ var (
 		UsageLogsTable,
 		UsersTable,
 		UserAllowedGroupsTable,
+		UserAttributeDefinitionsTable,
+		UserAttributeValuesTable,
 		UserSubscriptionsTable,
 	}
 )

 func init() {
+	APIKeysTable.ForeignKeys[0].RefTable = GroupsTable
+	APIKeysTable.ForeignKeys[1].RefTable = UsersTable
+	APIKeysTable.Annotation = &entsql.Annotation{
+		Table: "api_keys",
+	}
 	AccountsTable.ForeignKeys[0].RefTable = ProxiesTable
 	AccountsTable.Annotation = &entsql.Annotation{
 		Table: "accounts",
@@ -641,11 +742,6 @@ func init() {
 	AccountGroupsTable.Annotation = &entsql.Annotation{
 		Table: "account_groups",
 	}
-	APIKeysTable.ForeignKeys[0].RefTable = GroupsTable
-	APIKeysTable.ForeignKeys[1].RefTable = UsersTable
-	APIKeysTable.Annotation = &entsql.Annotation{
-		Table: "api_keys",
-	}
 	GroupsTable.Annotation = &entsql.Annotation{
 		Table: "groups",
 	}
@@ -660,8 +756,8 @@ func init() {
 	SettingsTable.Annotation = &entsql.Annotation{
 		Table: "settings",
 	}
-	UsageLogsTable.ForeignKeys[0].RefTable = AccountsTable
-	UsageLogsTable.ForeignKeys[1].RefTable = APIKeysTable
+	UsageLogsTable.ForeignKeys[0].RefTable = APIKeysTable
+	UsageLogsTable.ForeignKeys[1].RefTable = AccountsTable
 	UsageLogsTable.ForeignKeys[2].RefTable = GroupsTable
 	UsageLogsTable.ForeignKeys[3].RefTable = UsersTable
 	UsageLogsTable.ForeignKeys[4].RefTable = UserSubscriptionsTable
@@ -676,6 +772,14 @@ func init() {
 	UserAllowedGroupsTable.Annotation = &entsql.Annotation{
 		Table: "user_allowed_groups",
 	}
+	UserAttributeDefinitionsTable.Annotation = &entsql.Annotation{
+		Table: "user_attribute_definitions",
+	}
+	UserAttributeValuesTable.ForeignKeys[0].RefTable = UsersTable
+	UserAttributeValuesTable.ForeignKeys[1].RefTable = UserAttributeDefinitionsTable
+	UserAttributeValuesTable.Annotation = &entsql.Annotation{
+		Table: "user_attribute_values",
+	}
 	UserSubscriptionsTable.ForeignKeys[0].RefTable = GroupsTable
 	UserSubscriptionsTable.ForeignKeys[1].RefTable = UsersTable
 	UserSubscriptionsTable.ForeignKeys[2].RefTable = UsersTable
--- a/backend/ent/mutation.go
+++ b/backend/ent/mutation.go
--- a/backend/ent/predicate/predicate.go
+++ b/backend/ent/predicate/predicate.go
@@ -6,15 +6,15 @@ import (
 	"entgo.io/ent/dialect/sql"
 )

+// APIKey is the predicate function for apikey builders.
+type APIKey func(*sql.Selector)
+
 // Account is the predicate function for account builders.
 type Account func(*sql.Selector)

 // AccountGroup is the predicate function for accountgroup builders.
 type AccountGroup func(*sql.Selector)

-// ApiKey is the predicate function for apikey builders.
-type ApiKey func(*sql.Selector)
-
 // Group is the predicate function for group builders.
 type Group func(*sql.Selector)

@@ -36,5 +36,11 @@ type User func(*sql.Selector)
 // UserAllowedGroup is the predicate function for userallowedgroup builders.
 type UserAllowedGroup func(*sql.Selector)

+// UserAttributeDefinition is the predicate function for userattributedefinition builders.
+type UserAttributeDefinition func(*sql.Selector)
+
+// UserAttributeValue is the predicate function for userattributevalue builders.
+type UserAttributeValue func(*sql.Selector)
+
 // UserSubscription is the predicate function for usersubscription builders.
 type UserSubscription func(*sql.Selector)
--- a/backend/ent/runtime/runtime.go
+++ b/backend/ent/runtime/runtime.go
@@ -16,6 +16,8 @@ import (
 	"github.com/Wei-Shaw/sub2api/ent/usagelog"
 	"github.com/Wei-Shaw/sub2api/ent/user"
 	"github.com/Wei-Shaw/sub2api/ent/userallowedgroup"
+	"github.com/Wei-Shaw/sub2api/ent/userattributedefinition"
+	"github.com/Wei-Shaw/sub2api/ent/userattributevalue"
 	"github.com/Wei-Shaw/sub2api/ent/usersubscription"
 )

@@ -23,127 +25,14 @@ import (
 // (default values, validators, hooks and policies) and stitches it
 // to their package variables.
 func init() {
-	accountMixin := schema.Account{}.Mixin()
-	accountMixinHooks1 := accountMixin[1].Hooks()
-	account.Hooks[0] = accountMixinHooks1[0]
-	accountMixinInters1 := accountMixin[1].Interceptors()
-	account.Interceptors[0] = accountMixinInters1[0]
-	accountMixinFields0 := accountMixin[0].Fields()
-	_ = accountMixinFields0
-	accountFields := schema.Account{}.Fields()
-	_ = accountFields
-	// accountDescCreatedAt is the schema descriptor for created_at field.
-	accountDescCreatedAt := accountMixinFields0[0].Descriptor()
-	// account.DefaultCreatedAt holds the default value on creation for the created_at field.
-	account.DefaultCreatedAt = accountDescCreatedAt.Default.(func() time.Time)
-	// accountDescUpdatedAt is the schema descriptor for updated_at field.
-	accountDescUpdatedAt := accountMixinFields0[1].Descriptor()
-	// account.DefaultUpdatedAt holds the default value on creation for the updated_at field.
-	account.DefaultUpdatedAt = accountDescUpdatedAt.Default.(func() time.Time)
-	// account.UpdateDefaultUpdatedAt holds the default value on update for the updated_at field.
-	account.UpdateDefaultUpdatedAt = accountDescUpdatedAt.UpdateDefault.(func() time.Time)
-	// accountDescName is the schema descriptor for name field.
-	accountDescName := accountFields[0].Descriptor()
-	// account.NameValidator is a validator for the "name" field. It is called by the builders before save.
-	account.NameValidator = func() func(string) error {
-		validators := accountDescName.Validators
-		fns := [...]func(string) error{
-			validators[0].(func(string) error),
-			validators[1].(func(string) error),
-		}
-		return func(name string) error {
-			for _, fn := range fns {
-				if err := fn(name); err != nil {
-					return err
-				}
-			}
-			return nil
-		}
-	}()
-	// accountDescPlatform is the schema descriptor for platform field.
-	accountDescPlatform := accountFields[1].Descriptor()
-	// account.PlatformValidator is a validator for the "platform" field. It is called by the builders before save.
-	account.PlatformValidator = func() func(string) error {
-		validators := accountDescPlatform.Validators
-		fns := [...]func(string) error{
-			validators[0].(func(string) error),
-			validators[1].(func(string) error),
-		}
-		return func(platform string) error {
-			for _, fn := range fns {
-				if err := fn(platform); err != nil {
-					return err
-				}
-			}
-			return nil
-		}
-	}()
-	// accountDescType is the schema descriptor for type field.
-	accountDescType := accountFields[2].Descriptor()
-	// account.TypeValidator is a validator for the "type" field. It is called by the builders before save.
-	account.TypeValidator = func() func(string) error {
-		validators := accountDescType.Validators
-		fns := [...]func(string) error{
-			validators[0].(func(string) error),
-			validators[1].(func(string) error),
-		}
-		return func(_type string) error {
-			for _, fn := range fns {
-				if err := fn(_type); err != nil {
-					return err
-				}
-			}
-			return nil
-		}
-	}()
-	// accountDescCredentials is the schema descriptor for credentials field.
-	accountDescCredentials := accountFields[3].Descriptor()
-	// account.DefaultCredentials holds the default value on creation for the credentials field.
-	account.DefaultCredentials = accountDescCredentials.Default.(func() map[string]interface{})
-	// accountDescExtra is the schema descriptor for extra field.
-	accountDescExtra := accountFields[4].Descriptor()
-	// account.DefaultExtra holds the default value on creation for the extra field.
-	account.DefaultExtra = accountDescExtra.Default.(func() map[string]interface{})
-	// accountDescConcurrency is the schema descriptor for concurrency field.
-	accountDescConcurrency := accountFields[6].Descriptor()
-	// account.DefaultConcurrency holds the default value on creation for the concurrency field.
-	account.DefaultConcurrency = accountDescConcurrency.Default.(int)
-	// accountDescPriority is the schema descriptor for priority field.
-	accountDescPriority := accountFields[7].Descriptor()
-	// account.DefaultPriority holds the default value on creation for the priority field.
-	account.DefaultPriority = accountDescPriority.Default.(int)
-	// accountDescStatus is the schema descriptor for status field.
-	accountDescStatus := accountFields[8].Descriptor()
-	// account.DefaultStatus holds the default value on creation for the status field.
-	account.DefaultStatus = accountDescStatus.Default.(string)
-	// account.StatusValidator is a validator for the "status" field. It is called by the builders before save.
-	account.StatusValidator = accountDescStatus.Validators[0].(func(string) error)
-	// accountDescSchedulable is the schema descriptor for schedulable field.
-	accountDescSchedulable := accountFields[11].Descriptor()
-	// account.DefaultSchedulable holds the default value on creation for the schedulable field.
-	account.DefaultSchedulable = accountDescSchedulable.Default.(bool)
-	// accountDescSessionWindowStatus is the schema descriptor for session_window_status field.
-	accountDescSessionWindowStatus := accountFields[17].Descriptor()
-	// account.SessionWindowStatusValidator is a validator for the "session_window_status" field. It is called by the builders before save.
-	account.SessionWindowStatusValidator = accountDescSessionWindowStatus.Validators[0].(func(string) error)
-	accountgroupFields := schema.AccountGroup{}.Fields()
-	_ = accountgroupFields
-	// accountgroupDescPriority is the schema descriptor for priority field.
-	accountgroupDescPriority := accountgroupFields[2].Descriptor()
-	// accountgroup.DefaultPriority holds the default value on creation for the priority field.
-	accountgroup.DefaultPriority = accountgroupDescPriority.Default.(int)
-	// accountgroupDescCreatedAt is the schema descriptor for created_at field.
-	accountgroupDescCreatedAt := accountgroupFields[3].Descriptor()
-	// accountgroup.DefaultCreatedAt holds the default value on creation for the created_at field.
-	accountgroup.DefaultCreatedAt = accountgroupDescCreatedAt.Default.(func() time.Time)
-	apikeyMixin := schema.ApiKey{}.Mixin()
+	apikeyMixin := schema.APIKey{}.Mixin()
 	apikeyMixinHooks1 := apikeyMixin[1].Hooks()
 	apikey.Hooks[0] = apikeyMixinHooks1[0]
 	apikeyMixinInters1 := apikeyMixin[1].Interceptors()
 	apikey.Interceptors[0] = apikeyMixinInters1[0]
 	apikeyMixinFields0 := apikeyMixin[0].Fields()
 	_ = apikeyMixinFields0
-	apikeyFields := schema.ApiKey{}.Fields()
+	apikeyFields := schema.APIKey{}.Fields()
 	_ = apikeyFields
 	// apikeyDescCreatedAt is the schema descriptor for created_at field.
 	apikeyDescCreatedAt := apikeyMixinFields0[0].Descriptor()
@@ -197,6 +86,123 @@ func init() {
 	apikey.DefaultStatus = apikeyDescStatus.Default.(string)
 	// apikey.StatusValidator is a validator for the "status" field. It is called by the builders before save.
 	apikey.StatusValidator = apikeyDescStatus.Validators[0].(func(string) error)
+	accountMixin := schema.Account{}.Mixin()
+	accountMixinHooks1 := accountMixin[1].Hooks()
+	account.Hooks[0] = accountMixinHooks1[0]
+	accountMixinInters1 := accountMixin[1].Interceptors()
+	account.Interceptors[0] = accountMixinInters1[0]
+	accountMixinFields0 := accountMixin[0].Fields()
+	_ = accountMixinFields0
+	accountFields := schema.Account{}.Fields()
+	_ = accountFields
+	// accountDescCreatedAt is the schema descriptor for created_at field.
+	accountDescCreatedAt := accountMixinFields0[0].Descriptor()
+	// account.DefaultCreatedAt holds the default value on creation for the created_at field.
+	account.DefaultCreatedAt = accountDescCreatedAt.Default.(func() time.Time)
+	// accountDescUpdatedAt is the schema descriptor for updated_at field.
+	accountDescUpdatedAt := accountMixinFields0[1].Descriptor()
+	// account.DefaultUpdatedAt holds the default value on creation for the updated_at field.
+	account.DefaultUpdatedAt = accountDescUpdatedAt.Default.(func() time.Time)
+	// account.UpdateDefaultUpdatedAt holds the default value on update for the updated_at field.
+	account.UpdateDefaultUpdatedAt = accountDescUpdatedAt.UpdateDefault.(func() time.Time)
+	// accountDescName is the schema descriptor for name field.
+	accountDescName := accountFields[0].Descriptor()
+	// account.NameValidator is a validator for the "name" field. It is called by the builders before save.
+	account.NameValidator = func() func(string) error {
+		validators := accountDescName.Validators
+		fns := [...]func(string) error{
+			validators[0].(func(string) error),
+			validators[1].(func(string) error),
+		}
+		return func(name string) error {
+			for _, fn := range fns {
+				if err := fn(name); err != nil {
+					return err
+				}
+			}
+			return nil
+		}
+	}()
+	// accountDescPlatform is the schema descriptor for platform field.
+	accountDescPlatform := accountFields[2].Descriptor()
+	// account.PlatformValidator is a validator for the "platform" field. It is called by the builders before save.
+	account.PlatformValidator = func() func(string) error {
+		validators := accountDescPlatform.Validators
+		fns := [...]func(string) error{
+			validators[0].(func(string) error),
+			validators[1].(func(string) error),
+		}
+		return func(platform string) error {
+			for _, fn := range fns {
+				if err := fn(platform); err != nil {
+					return err
+				}
+			}
+			return nil
+		}
+	}()
+	// accountDescType is the schema descriptor for type field.
+	accountDescType := accountFields[3].Descriptor()
+	// account.TypeValidator is a validator for the "type" field. It is called by the builders before save.
+	account.TypeValidator = func() func(string) error {
+		validators := accountDescType.Validators
+		fns := [...]func(string) error{
+			validators[0].(func(string) error),
+			validators[1].(func(string) error),
+		}
+		return func(_type string) error {
+			for _, fn := range fns {
+				if err := fn(_type); err != nil {
+					return err
+				}
+			}
+			return nil
+		}
+	}()
+	// accountDescCredentials is the schema descriptor for credentials field.
+	accountDescCredentials := accountFields[4].Descriptor()
+	// account.DefaultCredentials holds the default value on creation for the credentials field.
+	account.DefaultCredentials = accountDescCredentials.Default.(func() map[string]interface{})
+	// accountDescExtra is the schema descriptor for extra field.
+	accountDescExtra := accountFields[5].Descriptor()
+	// account.DefaultExtra holds the default value on creation for the extra field.
+	account.DefaultExtra = accountDescExtra.Default.(func() map[string]interface{})
+	// accountDescConcurrency is the schema descriptor for concurrency field.
+	accountDescConcurrency := accountFields[7].Descriptor()
+	// account.DefaultConcurrency holds the default value on creation for the concurrency field.
+	account.DefaultConcurrency = accountDescConcurrency.Default.(int)
+	// accountDescPriority is the schema descriptor for priority field.
+	accountDescPriority := accountFields[8].Descriptor()
+	// account.DefaultPriority holds the default value on creation for the priority field.
+	account.DefaultPriority = accountDescPriority.Default.(int)
+	// accountDescStatus is the schema descriptor for status field.
+	accountDescStatus := accountFields[9].Descriptor()
+	// account.DefaultStatus holds the default value on creation for the status field.
+	account.DefaultStatus = accountDescStatus.Default.(string)
+	// account.StatusValidator is a validator for the "status" field. It is called by the builders before save.
+	account.StatusValidator = accountDescStatus.Validators[0].(func(string) error)
+	// accountDescAutoPauseOnExpired is the schema descriptor for auto_pause_on_expired field.
+	accountDescAutoPauseOnExpired := accountFields[13].Descriptor()
+	// account.DefaultAutoPauseOnExpired holds the default value on creation for the auto_pause_on_expired field.
+	account.DefaultAutoPauseOnExpired = accountDescAutoPauseOnExpired.Default.(bool)
+	// accountDescSchedulable is the schema descriptor for schedulable field.
+	accountDescSchedulable := accountFields[14].Descriptor()
+	// account.DefaultSchedulable holds the default value on creation for the schedulable field.
+	account.DefaultSchedulable = accountDescSchedulable.Default.(bool)
+	// accountDescSessionWindowStatus is the schema descriptor for session_window_status field.
+	accountDescSessionWindowStatus := accountFields[20].Descriptor()
+	// account.SessionWindowStatusValidator is a validator for the "session_window_status" field. It is called by the builders before save.
+	account.SessionWindowStatusValidator = accountDescSessionWindowStatus.Validators[0].(func(string) error)
+	accountgroupFields := schema.AccountGroup{}.Fields()
+	_ = accountgroupFields
+	// accountgroupDescPriority is the schema descriptor for priority field.
+	accountgroupDescPriority := accountgroupFields[2].Descriptor()
+	// accountgroup.DefaultPriority holds the default value on creation for the priority field.
+	accountgroup.DefaultPriority = accountgroupDescPriority.Default.(int)
+	// accountgroupDescCreatedAt is the schema descriptor for created_at field.
+	accountgroupDescCreatedAt := accountgroupFields[3].Descriptor()
+	// accountgroup.DefaultCreatedAt holds the default value on creation for the created_at field.
+	accountgroup.DefaultCreatedAt = accountgroupDescCreatedAt.Default.(func() time.Time)
 	groupMixin := schema.Group{}.Mixin()
 	groupMixinHooks1 := groupMixin[1].Hooks()
 	group.Hooks[0] = groupMixinHooks1[0]
@@ -519,8 +525,20 @@ func init() {
 	usagelogDescStream := usagelogFields[21].Descriptor()
 	// usagelog.DefaultStream holds the default value on creation for the stream field.
 	usagelog.DefaultStream = usagelogDescStream.Default.(bool)
+	// usagelogDescUserAgent is the schema descriptor for user_agent field.
+	usagelogDescUserAgent := usagelogFields[24].Descriptor()
+	// usagelog.UserAgentValidator is a validator for the "user_agent" field. It is called by the builders before save.
+	usagelog.UserAgentValidator = usagelogDescUserAgent.Validators[0].(func(string) error)
+	// usagelogDescImageCount is the schema descriptor for image_count field.
+	usagelogDescImageCount := usagelogFields[25].Descriptor()
+	// usagelog.DefaultImageCount holds the default value on creation for the image_count field.
+	usagelog.DefaultImageCount = usagelogDescImageCount.Default.(int)
+	// usagelogDescImageSize is the schema descriptor for image_size field.
+	usagelogDescImageSize := usagelogFields[26].Descriptor()
+	// usagelog.ImageSizeValidator is a validator for the "image_size" field. It is called by the builders before save.
+	usagelog.ImageSizeValidator = usagelogDescImageSize.Validators[0].(func(string) error)
 	// usagelogDescCreatedAt is the schema descriptor for created_at field.
-	usagelogDescCreatedAt := usagelogFields[24].Descriptor()
+	usagelogDescCreatedAt := usagelogFields[27].Descriptor()
 	// usagelog.DefaultCreatedAt holds the default value on creation for the created_at field.
 	usagelog.DefaultCreatedAt = usagelogDescCreatedAt.Default.(func() time.Time)
 	userMixin := schema.User{}.Mixin()
@@ -604,14 +622,8 @@ func init() {
 	user.DefaultUsername = userDescUsername.Default.(string)
 	// user.UsernameValidator is a validator for the "username" field. It is called by the builders before save.
 	user.UsernameValidator = userDescUsername.Validators[0].(func(string) error)
-	// userDescWechat is the schema descriptor for wechat field.
-	userDescWechat := userFields[7].Descriptor()
-	// user.DefaultWechat holds the default value on creation for the wechat field.
-	user.DefaultWechat = userDescWechat.Default.(string)
-	// user.WechatValidator is a validator for the "wechat" field. It is called by the builders before save.
-	user.WechatValidator = userDescWechat.Validators[0].(func(string) error)
 	// userDescNotes is the schema descriptor for notes field.
-	userDescNotes := userFields[8].Descriptor()
+	userDescNotes := userFields[7].Descriptor()
 	// user.DefaultNotes holds the default value on creation for the notes field.
 	user.DefaultNotes = userDescNotes.Default.(string)
 	userallowedgroupFields := schema.UserAllowedGroup{}.Fields()
@@ -620,6 +632,128 @@ func init() {
 	userallowedgroupDescCreatedAt := userallowedgroupFields[2].Descriptor()
 	// userallowedgroup.DefaultCreatedAt holds the default value on creation for the created_at field.
 	userallowedgroup.DefaultCreatedAt = userallowedgroupDescCreatedAt.Default.(func() time.Time)
+	userattributedefinitionMixin := schema.UserAttributeDefinition{}.Mixin()
+	userattributedefinitionMixinHooks1 := userattributedefinitionMixin[1].Hooks()
+	userattributedefinition.Hooks[0] = userattributedefinitionMixinHooks1[0]
+	userattributedefinitionMixinInters1 := userattributedefinitionMixin[1].Interceptors()
+	userattributedefinition.Interceptors[0] = userattributedefinitionMixinInters1[0]
+	userattributedefinitionMixinFields0 := userattributedefinitionMixin[0].Fields()
+	_ = userattributedefinitionMixinFields0
+	userattributedefinitionFields := schema.UserAttributeDefinition{}.Fields()
+	_ = userattributedefinitionFields
+	// userattributedefinitionDescCreatedAt is the schema descriptor for created_at field.
+	userattributedefinitionDescCreatedAt := userattributedefinitionMixinFields0[0].Descriptor()
+	// userattributedefinition.DefaultCreatedAt holds the default value on creation for the created_at field.
+	userattributedefinition.DefaultCreatedAt = userattributedefinitionDescCreatedAt.Default.(func() time.Time)
+	// userattributedefinitionDescUpdatedAt is the schema descriptor for updated_at field.
+	userattributedefinitionDescUpdatedAt := userattributedefinitionMixinFields0[1].Descriptor()
+	// userattributedefinition.DefaultUpdatedAt holds the default value on creation for the updated_at field.
+	userattributedefinition.DefaultUpdatedAt = userattributedefinitionDescUpdatedAt.Default.(func() time.Time)
+	// userattributedefinition.UpdateDefaultUpdatedAt holds the default value on update for the updated_at field.
+	userattributedefinition.UpdateDefaultUpdatedAt = userattributedefinitionDescUpdatedAt.UpdateDefault.(func() time.Time)
+	// userattributedefinitionDescKey is the schema descriptor for key field.
+	userattributedefinitionDescKey := userattributedefinitionFields[0].Descriptor()
+	// userattributedefinition.KeyValidator is a validator for the "key" field. It is called by the builders before save.
+	userattributedefinition.KeyValidator = func() func(string) error {
+		validators := userattributedefinitionDescKey.Validators
+		fns := [...]func(string) error{
+			validators[0].(func(string) error),
+			validators[1].(func(string) error),
+		}
+		return func(key string) error {
+			for _, fn := range fns {
+				if err := fn(key); err != nil {
+					return err
+				}
+			}
+			return nil
+		}
+	}()
+	// userattributedefinitionDescName is the schema descriptor for name field.
+	userattributedefinitionDescName := userattributedefinitionFields[1].Descriptor()
+	// userattributedefinition.NameValidator is a validator for the "name" field. It is called by the builders before save.
+	userattributedefinition.NameValidator = func() func(string) error {
+		validators := userattributedefinitionDescName.Validators
+		fns := [...]func(string) error{
+			validators[0].(func(string) error),
+			validators[1].(func(string) error),
+		}
+		return func(name string) error {
+			for _, fn := range fns {
+				if err := fn(name); err != nil {
+					return err
+				}
+			}
+			return nil
+		}
+	}()
+	// userattributedefinitionDescDescription is the schema descriptor for description field.
+	userattributedefinitionDescDescription := userattributedefinitionFields[2].Descriptor()
+	// userattributedefinition.DefaultDescription holds the default value on creation for the description field.
+	userattributedefinition.DefaultDescription = userattributedefinitionDescDescription.Default.(string)
+	// userattributedefinitionDescType is the schema descriptor for type field.
+	userattributedefinitionDescType := userattributedefinitionFields[3].Descriptor()
+	// userattributedefinition.TypeValidator is a validator for the "type" field. It is called by the builders before save.
+	userattributedefinition.TypeValidator = func() func(string) error {
+		validators := userattributedefinitionDescType.Validators
+		fns := [...]func(string) error{
+			validators[0].(func(string) error),
+			validators[1].(func(string) error),
+		}
+		return func(_type string) error {
+			for _, fn := range fns {
+				if err := fn(_type); err != nil {
+					return err
+				}
+			}
+			return nil
+		}
+	}()
+	// userattributedefinitionDescOptions is the schema descriptor for options field.
+	userattributedefinitionDescOptions := userattributedefinitionFields[4].Descriptor()
+	// userattributedefinition.DefaultOptions holds the default value on creation for the options field.
+	userattributedefinition.DefaultOptions = userattributedefinitionDescOptions.Default.([]map[string]interface{})
+	// userattributedefinitionDescRequired is the schema descriptor for required field.
+	userattributedefinitionDescRequired := userattributedefinitionFields[5].Descriptor()
+	// userattributedefinition.DefaultRequired holds the default value on creation for the required field.
+	userattributedefinition.DefaultRequired = userattributedefinitionDescRequired.Default.(bool)
+	// userattributedefinitionDescValidation is the schema descriptor for validation field.
+	userattributedefinitionDescValidation := userattributedefinitionFields[6].Descriptor()
+	// userattributedefinition.DefaultValidation holds the default value on creation for the validation field.
+	userattributedefinition.DefaultValidation = userattributedefinitionDescValidation.Default.(map[string]interface{})
+	// userattributedefinitionDescPlaceholder is the schema descriptor for placeholder field.
+	userattributedefinitionDescPlaceholder := userattributedefinitionFields[7].Descriptor()
+	// userattributedefinition.DefaultPlaceholder holds the default value on creation for the placeholder field.
+	userattributedefinition.DefaultPlaceholder = userattributedefinitionDescPlaceholder.Default.(string)
+	// userattributedefinition.PlaceholderValidator is a validator for the "placeholder" field. It is called by the builders before save.
+	userattributedefinition.PlaceholderValidator = userattributedefinitionDescPlaceholder.Validators[0].(func(string) error)
+	// userattributedefinitionDescDisplayOrder is the schema descriptor for display_order field.
+	userattributedefinitionDescDisplayOrder := userattributedefinitionFields[8].Descriptor()
+	// userattributedefinition.DefaultDisplayOrder holds the default value on creation for the display_order field.
+	userattributedefinition.DefaultDisplayOrder = userattributedefinitionDescDisplayOrder.Default.(int)
+	// userattributedefinitionDescEnabled is the schema descriptor for enabled field.
+	userattributedefinitionDescEnabled := userattributedefinitionFields[9].Descriptor()
+	// userattributedefinition.DefaultEnabled holds the default value on creation for the enabled field.
+	userattributedefinition.DefaultEnabled = userattributedefinitionDescEnabled.Default.(bool)
+	userattributevalueMixin := schema.UserAttributeValue{}.Mixin()
+	userattributevalueMixinFields0 := userattributevalueMixin[0].Fields()
+	_ = userattributevalueMixinFields0
+	userattributevalueFields := schema.UserAttributeValue{}.Fields()
+	_ = userattributevalueFields
+	// userattributevalueDescCreatedAt is the schema descriptor for created_at field.
+	userattributevalueDescCreatedAt := userattributevalueMixinFields0[0].Descriptor()
+	// userattributevalue.DefaultCreatedAt holds the default value on creation for the created_at field.
+	userattributevalue.DefaultCreatedAt = userattributevalueDescCreatedAt.Default.(func() time.Time)
+	// userattributevalueDescUpdatedAt is the schema descriptor for updated_at field.
+	userattributevalueDescUpdatedAt := userattributevalueMixinFields0[1].Descriptor()
+	// userattributevalue.DefaultUpdatedAt holds the default value on creation for the updated_at field.
+	userattributevalue.DefaultUpdatedAt = userattributevalueDescUpdatedAt.Default.(func() time.Time)
+	// userattributevalue.UpdateDefaultUpdatedAt holds the default value on update for the updated_at field.
+	userattributevalue.UpdateDefaultUpdatedAt = userattributevalueDescUpdatedAt.UpdateDefault.(func() time.Time)
+	// userattributevalueDescValue is the schema descriptor for value field.
+	userattributevalueDescValue := userattributevalueFields[2].Descriptor()
+	// userattributevalue.DefaultValue holds the default value on creation for the value field.
+	userattributevalue.DefaultValue = userattributevalueDescValue.Default.(string)
 	usersubscriptionMixin := schema.UserSubscription{}.Mixin()
 	usersubscriptionMixinHooks1 := usersubscriptionMixin[1].Hooks()
 	usersubscription.Hooks[0] = usersubscriptionMixinHooks1[0]
--- a/backend/ent/schema/account.go
+++ b/backend/ent/schema/account.go
@@ -54,6 +54,11 @@ func (Account) Fields() []ent.Field {
 		field.String("name").
 			MaxLen(100).
 			NotEmpty(),
+		// notes: 管理员备注（可为空）
+		field.String("notes").
+			Optional().
+			Nillable().
+			SchemaType(map[string]string{dialect.Postgres: "text"}),

 		// platform: 所属平台，如 "claude", "gemini", "openai" 等
 		field.String("platform").
@@ -113,6 +118,16 @@ func (Account) Fields() []ent.Field {
 			Optional().
 			Nillable().
 			SchemaType(map[string]string{dialect.Postgres: "timestamptz"}),
+		// expires_at: 账户过期时间（可为空）
+		field.Time("expires_at").
+			Optional().
+			Nillable().
+			Comment("Account expiration time (NULL means no expiration).").
+			SchemaType(map[string]string{dialect.Postgres: "timestamptz"}),
+		// auto_pause_on_expired: 过期后自动暂停调度
+		field.Bool("auto_pause_on_expired").
+			Default(true).
+			Comment("Auto pause scheduling when account expires."),

 		// ========== 调度和速率限制相关字段 ==========
 		// 这些字段在 migrations/005_schema_parity.sql 中添加
--- a/backend/ent/schema/api_key.go
+++ b/backend/ent/schema/api_key.go
@@ -12,25 +12,25 @@ import (
 	"entgo.io/ent/schema/index"
 )

-// ApiKey holds the schema definition for the ApiKey entity.
-type ApiKey struct {
+// APIKey holds the schema definition for the APIKey entity.
+type APIKey struct {
 	ent.Schema
 }

-func (ApiKey) Annotations() []schema.Annotation {
+func (APIKey) Annotations() []schema.Annotation {
 	return []schema.Annotation{
 		entsql.Annotation{Table: "api_keys"},
 	}
 }

-func (ApiKey) Mixin() []ent.Mixin {
+func (APIKey) Mixin() []ent.Mixin {
 	return []ent.Mixin{
 		mixins.TimeMixin{},
 		mixins.SoftDeleteMixin{},
 	}
 }

-func (ApiKey) Fields() []ent.Field {
+func (APIKey) Fields() []ent.Field {
 	return []ent.Field{
 		field.Int64("user_id"),
 		field.String("key").
@@ -49,7 +49,7 @@ func (ApiKey) Fields() []ent.Field {
 	}
 }

-func (ApiKey) Edges() []ent.Edge {
+func (APIKey) Edges() []ent.Edge {
 	return []ent.Edge{
 		edge.From("user", User.Type).
 			Ref("api_keys").
@@ -64,7 +64,7 @@ func (ApiKey) Edges() []ent.Edge {
 	}
 }

-func (ApiKey) Indexes() []ent.Index {
+func (APIKey) Indexes() []ent.Index {
 	return []ent.Index{
 		// key 字段已在 Fields() 中声明 Unique()，无需重复索引
 		index.Fields("user_id"),
--- a/backend/ent/schema/group.go
+++ b/backend/ent/schema/group.go
@@ -72,12 +72,26 @@ func (Group) Fields() []ent.Field {
 			SchemaType(map[string]string{dialect.Postgres: "decimal(20,8)"}),
 		field.Int("default_validity_days").
 			Default(30),
+
+		// 图片生成计费配置（antigravity 和 gemini 平台使用）
+		field.Float("image_price_1k").
+			Optional().
+			Nillable().
+			SchemaType(map[string]string{dialect.Postgres: "decimal(20,8)"}),
+		field.Float("image_price_2k").
+			Optional().
+			Nillable().
+			SchemaType(map[string]string{dialect.Postgres: "decimal(20,8)"}),
+		field.Float("image_price_4k").
+			Optional().
+			Nillable().
+			SchemaType(map[string]string{dialect.Postgres: "decimal(20,8)"}),
 	}
 }

 func (Group) Edges() []ent.Edge {
 	return []ent.Edge{
-		edge.To("api_keys", ApiKey.Type),
+		edge.To("api_keys", APIKey.Type),
 		edge.To("redeem_codes", RedeemCode.Type),
 		edge.To("subscriptions", UserSubscription.Type),
 		edge.To("usage_logs", UsageLog.Type),
--- a/backend/ent/schema/usage_log.go
+++ b/backend/ent/schema/usage_log.go
@@ -96,6 +96,18 @@ func (UsageLog) Fields() []ent.Field {
 		field.Int("first_token_ms").
 			Optional().
 			Nillable(),
+		field.String("user_agent").
+			MaxLen(512).
+			Optional().
+			Nillable(),
+
+		// 图片生成字段（仅 gemini-3-pro-image 等图片模型使用）
+		field.Int("image_count").
+			Default(0),
+		field.String("image_size").
+			MaxLen(10).
+			Optional().
+			Nillable(),

 		// 时间戳（只有 created_at，日志不可修改）
 		field.Time("created_at").
@@ -113,7 +125,7 @@ func (UsageLog) Edges() []ent.Edge {
 			Field("user_id").
 			Required().
 			Unique(),
-		edge.From("api_key", ApiKey.Type).
+		edge.From("api_key", APIKey.Type).
 			Ref("usage_logs").
 			Field("api_key_id").
 			Required().
--- a/backend/ent/schema/user.go
+++ b/backend/ent/schema/user.go
@@ -57,9 +57,7 @@ func (User) Fields() []ent.Field {
 		field.String("username").
 			MaxLen(100).
 			Default(""),
-		field.String("wechat").
-			MaxLen(100).
-			Default(""),
+		// wechat field migrated to user_attribute_values (see migration 019)
 		field.String("notes").
 			SchemaType(map[string]string{dialect.Postgres: "text"}).
 			Default(""),
@@ -68,13 +66,14 @@ func (User) Fields() []ent.Field {

 func (User) Edges() []ent.Edge {
 	return []ent.Edge{
-		edge.To("api_keys", ApiKey.Type),
+		edge.To("api_keys", APIKey.Type),
 		edge.To("redeem_codes", RedeemCode.Type),
 		edge.To("subscriptions", UserSubscription.Type),
 		edge.To("assigned_subscriptions", UserSubscription.Type),
 		edge.To("allowed_groups", Group.Type).
 			Through("user_allowed_groups", UserAllowedGroup.Type),
 		edge.To("usage_logs", UsageLog.Type),
+		edge.To("attribute_values", UserAttributeValue.Type),
 	}
 }

--- a/backend/ent/schema/user_attribute_definition.go
+++ b/backend/ent/schema/user_attribute_definition.go
@@ -0,0 +1,109 @@
+package schema
+
+import (
+	"github.com/Wei-Shaw/sub2api/ent/schema/mixins"
+
+	"entgo.io/ent"
+	"entgo.io/ent/dialect"
+	"entgo.io/ent/dialect/entsql"
+	"entgo.io/ent/schema"
+	"entgo.io/ent/schema/edge"
+	"entgo.io/ent/schema/field"
+	"entgo.io/ent/schema/index"
+)
+
+// UserAttributeDefinition holds the schema definition for custom user attributes.
+//
+// This entity defines the metadata for user attributes, such as:
+//   - Attribute key (unique identifier like "company_name")
+//   - Display name shown in forms
+//   - Field type (text, number, select, etc.)
+//   - Validation rules
+//   - Whether the field is required or enabled
+type UserAttributeDefinition struct {
+	ent.Schema
+}
+
+func (UserAttributeDefinition) Annotations() []schema.Annotation {
+	return []schema.Annotation{
+		entsql.Annotation{Table: "user_attribute_definitions"},
+	}
+}
+
+func (UserAttributeDefinition) Mixin() []ent.Mixin {
+	return []ent.Mixin{
+		mixins.TimeMixin{},
+		mixins.SoftDeleteMixin{},
+	}
+}
+
+func (UserAttributeDefinition) Fields() []ent.Field {
+	return []ent.Field{
+		// key: Unique identifier for the attribute (e.g., "company_name")
+		// Used for programmatic reference
+		field.String("key").
+			MaxLen(100).
+			NotEmpty(),
+
+		// name: Display name shown in forms (e.g., "Company Name")
+		field.String("name").
+			MaxLen(255).
+			NotEmpty(),
+
+		// description: Optional description/help text for the attribute
+		field.String("description").
+			SchemaType(map[string]string{dialect.Postgres: "text"}).
+			Default(""),
+
+		// type: Attribute type - text, textarea, number, email, url, date, select, multi_select
+		field.String("type").
+			MaxLen(20).
+			NotEmpty(),
+
+		// options: Select options for select/multi_select types (stored as JSONB)
+		// Format: [{"value": "xxx", "label": "XXX"}, ...]
+		field.JSON("options", []map[string]any{}).
+			Default([]map[string]any{}).
+			SchemaType(map[string]string{dialect.Postgres: "jsonb"}),
+
+		// required: Whether this attribute is required when editing a user
+		field.Bool("required").
+			Default(false),
+
+		// validation: Validation rules for the attribute value (stored as JSONB)
+		// Format: {"min_length": 1, "max_length": 100, "min": 0, "max": 100, "pattern": "^[a-z]+$", "message": "..."}
+		field.JSON("validation", map[string]any{}).
+			Default(map[string]any{}).
+			SchemaType(map[string]string{dialect.Postgres: "jsonb"}),
+
+		// placeholder: Placeholder text shown in input fields
+		field.String("placeholder").
+			MaxLen(255).
+			Default(""),
+
+		// display_order: Order in which attributes are displayed (lower = first)
+		field.Int("display_order").
+			Default(0),
+
+		// enabled: Whether this attribute is active and shown in forms
+		field.Bool("enabled").
+			Default(true),
+	}
+}
+
+func (UserAttributeDefinition) Edges() []ent.Edge {
+	return []ent.Edge{
+		// values: All user values for this attribute definition
+		edge.To("values", UserAttributeValue.Type),
+	}
+}
+
+func (UserAttributeDefinition) Indexes() []ent.Index {
+	return []ent.Index{
+		// Partial unique index on key (WHERE deleted_at IS NULL) via migration
+		index.Fields("key"),
+		index.Fields("enabled"),
+		index.Fields("display_order"),
+		index.Fields("deleted_at"),
+	}
+}
--- a/backend/ent/schema/user_attribute_value.go
+++ b/backend/ent/schema/user_attribute_value.go
@@ -0,0 +1,74 @@
+package schema
+
+import (
+	"github.com/Wei-Shaw/sub2api/ent/schema/mixins"
+
+	"entgo.io/ent"
+	"entgo.io/ent/dialect/entsql"
+	"entgo.io/ent/schema"
+	"entgo.io/ent/schema/edge"
+	"entgo.io/ent/schema/field"
+	"entgo.io/ent/schema/index"
+)
+
+// UserAttributeValue holds a user's value for a specific attribute.
+//
+// This entity stores the actual values that users have for each attribute definition.
+// Values are stored as strings and converted to the appropriate type by the application.
+type UserAttributeValue struct {
+	ent.Schema
+}
+
+func (UserAttributeValue) Annotations() []schema.Annotation {
+	return []schema.Annotation{
+		entsql.Annotation{Table: "user_attribute_values"},
+	}
+}
+
+func (UserAttributeValue) Mixin() []ent.Mixin {
+	return []ent.Mixin{
+		// Only use TimeMixin, no soft delete - values are hard deleted
+		mixins.TimeMixin{},
+	}
+}
+
+func (UserAttributeValue) Fields() []ent.Field {
+	return []ent.Field{
+		// user_id: References the user this value belongs to
+		field.Int64("user_id"),
+
+		// attribute_id: References the attribute definition
+		field.Int64("attribute_id"),
+
+		// value: The actual value stored as a string
+		// For multi_select, this is a JSON array string
+		field.Text("value").
+			Default(""),
+	}
+}
+
+func (UserAttributeValue) Edges() []ent.Edge {
+	return []ent.Edge{
+		// user: The user who owns this attribute value
+		edge.From("user", User.Type).
+			Ref("attribute_values").
+			Field("user_id").
+			Required().
+			Unique(),
+
+		// definition: The attribute definition this value is for
+		edge.From("definition", UserAttributeDefinition.Type).
+			Ref("values").
+			Field("attribute_id").
+			Required().
+			Unique(),
+	}
+}
+
+func (UserAttributeValue) Indexes() []ent.Index {
+	return []ent.Index{
+		// Unique index on (user_id, attribute_id)
+		index.Fields("user_id", "attribute_id").Unique(),
+		index.Fields("attribute_id"),
+	}
+}
--- a/backend/ent/tx.go
+++ b/backend/ent/tx.go
@@ -14,12 +14,12 @@ import (
 // Tx is a transactional client that is created by calling Client.Tx().
 type Tx struct {
 	config
+	// APIKey is the client for interacting with the APIKey builders.
+	APIKey *APIKeyClient
 	// Account is the client for interacting with the Account builders.
 	Account *AccountClient
 	// AccountGroup is the client for interacting with the AccountGroup builders.
 	AccountGroup *AccountGroupClient
-	// ApiKey is the client for interacting with the ApiKey builders.
-	ApiKey *ApiKeyClient
 	// Group is the client for interacting with the Group builders.
 	Group *GroupClient
 	// Proxy is the client for interacting with the Proxy builders.
@@ -34,6 +34,10 @@ type Tx struct {
 	User *UserClient
 	// UserAllowedGroup is the client for interacting with the UserAllowedGroup builders.
 	UserAllowedGroup *UserAllowedGroupClient
+	// UserAttributeDefinition is the client for interacting with the UserAttributeDefinition builders.
+	UserAttributeDefinition *UserAttributeDefinitionClient
+	// UserAttributeValue is the client for interacting with the UserAttributeValue builders.
+	UserAttributeValue *UserAttributeValueClient
 	// UserSubscription is the client for interacting with the UserSubscription builders.
 	UserSubscription *UserSubscriptionClient

@@ -167,9 +171,9 @@ func (tx *Tx) Client() *Client {
 }

 func (tx *Tx) init() {
+	tx.APIKey = NewAPIKeyClient(tx.config)
 	tx.Account = NewAccountClient(tx.config)
 	tx.AccountGroup = NewAccountGroupClient(tx.config)
-	tx.ApiKey = NewApiKeyClient(tx.config)
 	tx.Group = NewGroupClient(tx.config)
 	tx.Proxy = NewProxyClient(tx.config)
 	tx.RedeemCode = NewRedeemCodeClient(tx.config)
@@ -177,6 +181,8 @@ func (tx *Tx) init() {
 	tx.UsageLog = NewUsageLogClient(tx.config)
 	tx.User = NewUserClient(tx.config)
 	tx.UserAllowedGroup = NewUserAllowedGroupClient(tx.config)
+	tx.UserAttributeDefinition = NewUserAttributeDefinitionClient(tx.config)
+	tx.UserAttributeValue = NewUserAttributeValueClient(tx.config)
 	tx.UserSubscription = NewUserSubscriptionClient(tx.config)
 }

@@ -187,7 +193,7 @@ func (tx *Tx) init() {
 // of them in order to commit or rollback the transaction.
 //
 // If a closed transaction is embedded in one of the generated entities, and the entity
-// applies a query, for example: Account.QueryXXX(), the query will be executed
+// applies a query, for example: APIKey.QueryXXX(), the query will be executed
 // through the driver which created this transaction.
 //
 // Note that txDriver is not goroutine safe.
--- a/backend/ent/usagelog.go
+++ b/backend/ent/usagelog.go
@@ -70,6 +70,12 @@ type UsageLog struct {
 	DurationMs *int `json:"duration_ms,omitempty"`
 	// FirstTokenMs holds the value of the "first_token_ms" field.
 	FirstTokenMs *int `json:"first_token_ms,omitempty"`
+	// UserAgent holds the value of the "user_agent" field.
+	UserAgent *string `json:"user_agent,omitempty"`
+	// ImageCount holds the value of the "image_count" field.
+	ImageCount int `json:"image_count,omitempty"`
+	// ImageSize holds the value of the "image_size" field.
+	ImageSize *string `json:"image_size,omitempty"`
 	// CreatedAt holds the value of the "created_at" field.
 	CreatedAt time.Time `json:"created_at,omitempty"`
 	// Edges holds the relations/edges for other nodes in the graph.
@@ -83,7 +89,7 @@ type UsageLogEdges struct {
 	// User holds the value of the user edge.
 	User *User `json:"user,omitempty"`
 	// APIKey holds the value of the api_key edge.
-	APIKey *ApiKey `json:"api_key,omitempty"`
+	APIKey *APIKey `json:"api_key,omitempty"`
 	// Account holds the value of the account edge.
 	Account *Account `json:"account,omitempty"`
 	// Group holds the value of the group edge.
@@ -108,7 +114,7 @@ func (e UsageLogEdges) UserOrErr() (*User, error) {

 // APIKeyOrErr returns the APIKey value or an error if the edge
 // was not loaded in eager-loading, or loaded but was not found.
-func (e UsageLogEdges) APIKeyOrErr() (*ApiKey, error) {
+func (e UsageLogEdges) APIKeyOrErr() (*APIKey, error) {
 	if e.APIKey != nil {
 		return e.APIKey, nil
 	} else if e.loadedTypes[1] {
@@ -159,9 +165,9 @@ func (*UsageLog) scanValues(columns []string) ([]any, error) {
 			values[i] = new(sql.NullBool)
 		case usagelog.FieldInputCost, usagelog.FieldOutputCost, usagelog.FieldCacheCreationCost, usagelog.FieldCacheReadCost, usagelog.FieldTotalCost, usagelog.FieldActualCost, usagelog.FieldRateMultiplier:
 			values[i] = new(sql.NullFloat64)
-		case usagelog.FieldID, usagelog.FieldUserID, usagelog.FieldAPIKeyID, usagelog.FieldAccountID, usagelog.FieldGroupID, usagelog.FieldSubscriptionID, usagelog.FieldInputTokens, usagelog.FieldOutputTokens, usagelog.FieldCacheCreationTokens, usagelog.FieldCacheReadTokens, usagelog.FieldCacheCreation5mTokens, usagelog.FieldCacheCreation1hTokens, usagelog.FieldBillingType, usagelog.FieldDurationMs, usagelog.FieldFirstTokenMs:
+		case usagelog.FieldID, usagelog.FieldUserID, usagelog.FieldAPIKeyID, usagelog.FieldAccountID, usagelog.FieldGroupID, usagelog.FieldSubscriptionID, usagelog.FieldInputTokens, usagelog.FieldOutputTokens, usagelog.FieldCacheCreationTokens, usagelog.FieldCacheReadTokens, usagelog.FieldCacheCreation5mTokens, usagelog.FieldCacheCreation1hTokens, usagelog.FieldBillingType, usagelog.FieldDurationMs, usagelog.FieldFirstTokenMs, usagelog.FieldImageCount:
 			values[i] = new(sql.NullInt64)
-		case usagelog.FieldRequestID, usagelog.FieldModel:
+		case usagelog.FieldRequestID, usagelog.FieldModel, usagelog.FieldUserAgent, usagelog.FieldImageSize:
 			values[i] = new(sql.NullString)
 		case usagelog.FieldCreatedAt:
 			values[i] = new(sql.NullTime)
@@ -334,6 +340,26 @@ func (_m *UsageLog) assignValues(columns []string, values []any) error {
 				_m.FirstTokenMs = new(int)
 				*_m.FirstTokenMs = int(value.Int64)
 			}
+		case usagelog.FieldUserAgent:
+			if value, ok := values[i].(*sql.NullString); !ok {
+				return fmt.Errorf("unexpected type %T for field user_agent", values[i])
+			} else if value.Valid {
+				_m.UserAgent = new(string)
+				*_m.UserAgent = value.String
+			}
+		case usagelog.FieldImageCount:
+			if value, ok := values[i].(*sql.NullInt64); !ok {
+				return fmt.Errorf("unexpected type %T for field image_count", values[i])
+			} else if value.Valid {
+				_m.ImageCount = int(value.Int64)
+			}
+		case usagelog.FieldImageSize:
+			if value, ok := values[i].(*sql.NullString); !ok {
+				return fmt.Errorf("unexpected type %T for field image_size", values[i])
+			} else if value.Valid {
+				_m.ImageSize = new(string)
+				*_m.ImageSize = value.String
+			}
 		case usagelog.FieldCreatedAt:
 			if value, ok := values[i].(*sql.NullTime); !ok {
 				return fmt.Errorf("unexpected type %T for field created_at", values[i])
@@ -359,7 +385,7 @@ func (_m *UsageLog) QueryUser() *UserQuery {
 }

 // QueryAPIKey queries the "api_key" edge of the UsageLog entity.
-func (_m *UsageLog) QueryAPIKey() *ApiKeyQuery {
+func (_m *UsageLog) QueryAPIKey() *APIKeyQuery {
 	return NewUsageLogClient(_m.config).QueryAPIKey(_m)
 }

@@ -481,6 +507,19 @@ func (_m *UsageLog) String() string {
 		builder.WriteString(fmt.Sprintf("%v", *v))
 	}
 	builder.WriteString(", ")
+	if v := _m.UserAgent; v != nil {
+		builder.WriteString("user_agent=")
+		builder.WriteString(*v)
+	}
+	builder.WriteString(", ")
+	builder.WriteString("image_count=")
+	builder.WriteString(fmt.Sprintf("%v", _m.ImageCount))
+	builder.WriteString(", ")
+	if v := _m.ImageSize; v != nil {
+		builder.WriteString("image_size=")
+		builder.WriteString(*v)
+	}
+	builder.WriteString(", ")
 	builder.WriteString("created_at=")
 	builder.WriteString(_m.CreatedAt.Format(time.ANSIC))
 	builder.WriteByte(')')
--- a/backend/ent/usagelog/usagelog.go
+++ b/backend/ent/usagelog/usagelog.go
@@ -62,6 +62,12 @@ const (
 	FieldDurationMs = "duration_ms"
 	// FieldFirstTokenMs holds the string denoting the first_token_ms field in the database.
 	FieldFirstTokenMs = "first_token_ms"
+	// FieldUserAgent holds the string denoting the user_agent field in the database.
+	FieldUserAgent = "user_agent"
+	// FieldImageCount holds the string denoting the image_count field in the database.
+	FieldImageCount = "image_count"
+	// FieldImageSize holds the string denoting the image_size field in the database.
+	FieldImageSize = "image_size"
 	// FieldCreatedAt holds the string denoting the created_at field in the database.
 	FieldCreatedAt = "created_at"
 	// EdgeUser holds the string denoting the user edge name in mutations.
@@ -85,7 +91,7 @@ const (
 	UserColumn = "user_id"
 	// APIKeyTable is the table that holds the api_key relation/edge.
 	APIKeyTable = "usage_logs"
-	// APIKeyInverseTable is the table name for the ApiKey entity.
+	// APIKeyInverseTable is the table name for the APIKey entity.
 	// It exists in this package in order to avoid circular dependency with the "apikey" package.
 	APIKeyInverseTable = "api_keys"
 	// APIKeyColumn is the table column denoting the api_key relation/edge.
@@ -140,6 +146,9 @@ var Columns = []string{
 	FieldStream,
 	FieldDurationMs,
 	FieldFirstTokenMs,
+	FieldUserAgent,
+	FieldImageCount,
+	FieldImageSize,
 	FieldCreatedAt,
 }

@@ -188,6 +197,12 @@ var (
 	DefaultBillingType int8
 	// DefaultStream holds the default value on creation for the "stream" field.
 	DefaultStream bool
+	// UserAgentValidator is a validator for the "user_agent" field. It is called by the builders before save.
+	UserAgentValidator func(string) error
+	// DefaultImageCount holds the default value on creation for the "image_count" field.
+	DefaultImageCount int
+	// ImageSizeValidator is a validator for the "image_size" field. It is called by the builders before save.
+	ImageSizeValidator func(string) error
 	// DefaultCreatedAt holds the default value on creation for the "created_at" field.
 	DefaultCreatedAt func() time.Time
 )
@@ -320,6 +335,21 @@ func ByFirstTokenMs(opts ...sql.OrderTermOption) OrderOption {
 	return sql.OrderByField(FieldFirstTokenMs, opts...).ToFunc()
 }

+// ByUserAgent orders the results by the user_agent field.
+func ByUserAgent(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldUserAgent, opts...).ToFunc()
+}
+
+// ByImageCount orders the results by the image_count field.
+func ByImageCount(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldImageCount, opts...).ToFunc()
+}
+
+// ByImageSize orders the results by the image_size field.
+func ByImageSize(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldImageSize, opts...).ToFunc()
+}
+
 // ByCreatedAt orders the results by the created_at field.
 func ByCreatedAt(opts ...sql.OrderTermOption) OrderOption {
 	return sql.OrderByField(FieldCreatedAt, opts...).ToFunc()
--- a/backend/ent/usagelog/where.go
+++ b/backend/ent/usagelog/where.go
@@ -175,6 +175,21 @@ func FirstTokenMs(v int) predicate.UsageLog {
 	return predicate.UsageLog(sql.FieldEQ(FieldFirstTokenMs, v))
 }

+// UserAgent applies equality check predicate on the "user_agent" field. It's identical to UserAgentEQ.
+func UserAgent(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldEQ(FieldUserAgent, v))
+}
+
+// ImageCount applies equality check predicate on the "image_count" field. It's identical to ImageCountEQ.
+func ImageCount(v int) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldEQ(FieldImageCount, v))
+}
+
+// ImageSize applies equality check predicate on the "image_size" field. It's identical to ImageSizeEQ.
+func ImageSize(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldEQ(FieldImageSize, v))
+}
+
 // CreatedAt applies equality check predicate on the "created_at" field. It's identical to CreatedAtEQ.
 func CreatedAt(v time.Time) predicate.UsageLog {
 	return predicate.UsageLog(sql.FieldEQ(FieldCreatedAt, v))
@@ -1100,6 +1115,196 @@ func FirstTokenMsNotNil() predicate.UsageLog {
 	return predicate.UsageLog(sql.FieldNotNull(FieldFirstTokenMs))
 }

+// UserAgentEQ applies the EQ predicate on the "user_agent" field.
+func UserAgentEQ(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldEQ(FieldUserAgent, v))
+}
+
+// UserAgentNEQ applies the NEQ predicate on the "user_agent" field.
+func UserAgentNEQ(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldNEQ(FieldUserAgent, v))
+}
+
+// UserAgentIn applies the In predicate on the "user_agent" field.
+func UserAgentIn(vs ...string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldIn(FieldUserAgent, vs...))
+}
+
+// UserAgentNotIn applies the NotIn predicate on the "user_agent" field.
+func UserAgentNotIn(vs ...string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldNotIn(FieldUserAgent, vs...))
+}
+
+// UserAgentGT applies the GT predicate on the "user_agent" field.
+func UserAgentGT(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldGT(FieldUserAgent, v))
+}
+
+// UserAgentGTE applies the GTE predicate on the "user_agent" field.
+func UserAgentGTE(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldGTE(FieldUserAgent, v))
+}
+
+// UserAgentLT applies the LT predicate on the "user_agent" field.
+func UserAgentLT(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldLT(FieldUserAgent, v))
+}
+
+// UserAgentLTE applies the LTE predicate on the "user_agent" field.
+func UserAgentLTE(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldLTE(FieldUserAgent, v))
+}
+
+// UserAgentContains applies the Contains predicate on the "user_agent" field.
+func UserAgentContains(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldContains(FieldUserAgent, v))
+}
+
+// UserAgentHasPrefix applies the HasPrefix predicate on the "user_agent" field.
+func UserAgentHasPrefix(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldHasPrefix(FieldUserAgent, v))
+}
+
+// UserAgentHasSuffix applies the HasSuffix predicate on the "user_agent" field.
+func UserAgentHasSuffix(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldHasSuffix(FieldUserAgent, v))
+}
+
+// UserAgentIsNil applies the IsNil predicate on the "user_agent" field.
+func UserAgentIsNil() predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldIsNull(FieldUserAgent))
+}
+
+// UserAgentNotNil applies the NotNil predicate on the "user_agent" field.
+func UserAgentNotNil() predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldNotNull(FieldUserAgent))
+}
+
+// UserAgentEqualFold applies the EqualFold predicate on the "user_agent" field.
+func UserAgentEqualFold(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldEqualFold(FieldUserAgent, v))
+}
+
+// UserAgentContainsFold applies the ContainsFold predicate on the "user_agent" field.
+func UserAgentContainsFold(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldContainsFold(FieldUserAgent, v))
+}
+
+// ImageCountEQ applies the EQ predicate on the "image_count" field.
+func ImageCountEQ(v int) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldEQ(FieldImageCount, v))
+}
+
+// ImageCountNEQ applies the NEQ predicate on the "image_count" field.
+func ImageCountNEQ(v int) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldNEQ(FieldImageCount, v))
+}
+
+// ImageCountIn applies the In predicate on the "image_count" field.
+func ImageCountIn(vs ...int) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldIn(FieldImageCount, vs...))
+}
+
+// ImageCountNotIn applies the NotIn predicate on the "image_count" field.
+func ImageCountNotIn(vs ...int) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldNotIn(FieldImageCount, vs...))
+}
+
+// ImageCountGT applies the GT predicate on the "image_count" field.
+func ImageCountGT(v int) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldGT(FieldImageCount, v))
+}
+
+// ImageCountGTE applies the GTE predicate on the "image_count" field.
+func ImageCountGTE(v int) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldGTE(FieldImageCount, v))
+}
+
+// ImageCountLT applies the LT predicate on the "image_count" field.
+func ImageCountLT(v int) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldLT(FieldImageCount, v))
+}
+
+// ImageCountLTE applies the LTE predicate on the "image_count" field.
+func ImageCountLTE(v int) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldLTE(FieldImageCount, v))
+}
+
+// ImageSizeEQ applies the EQ predicate on the "image_size" field.
+func ImageSizeEQ(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldEQ(FieldImageSize, v))
+}
+
+// ImageSizeNEQ applies the NEQ predicate on the "image_size" field.
+func ImageSizeNEQ(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldNEQ(FieldImageSize, v))
+}
+
+// ImageSizeIn applies the In predicate on the "image_size" field.
+func ImageSizeIn(vs ...string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldIn(FieldImageSize, vs...))
+}
+
+// ImageSizeNotIn applies the NotIn predicate on the "image_size" field.
+func ImageSizeNotIn(vs ...string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldNotIn(FieldImageSize, vs...))
+}
+
+// ImageSizeGT applies the GT predicate on the "image_size" field.
+func ImageSizeGT(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldGT(FieldImageSize, v))
+}
+
+// ImageSizeGTE applies the GTE predicate on the "image_size" field.
+func ImageSizeGTE(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldGTE(FieldImageSize, v))
+}
+
+// ImageSizeLT applies the LT predicate on the "image_size" field.
+func ImageSizeLT(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldLT(FieldImageSize, v))
+}
+
+// ImageSizeLTE applies the LTE predicate on the "image_size" field.
+func ImageSizeLTE(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldLTE(FieldImageSize, v))
+}
+
+// ImageSizeContains applies the Contains predicate on the "image_size" field.
+func ImageSizeContains(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldContains(FieldImageSize, v))
+}
+
+// ImageSizeHasPrefix applies the HasPrefix predicate on the "image_size" field.
+func ImageSizeHasPrefix(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldHasPrefix(FieldImageSize, v))
+}
+
+// ImageSizeHasSuffix applies the HasSuffix predicate on the "image_size" field.
+func ImageSizeHasSuffix(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldHasSuffix(FieldImageSize, v))
+}
+
+// ImageSizeIsNil applies the IsNil predicate on the "image_size" field.
+func ImageSizeIsNil() predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldIsNull(FieldImageSize))
+}
+
+// ImageSizeNotNil applies the NotNil predicate on the "image_size" field.
+func ImageSizeNotNil() predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldNotNull(FieldImageSize))
+}
+
+// ImageSizeEqualFold applies the EqualFold predicate on the "image_size" field.
+func ImageSizeEqualFold(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldEqualFold(FieldImageSize, v))
+}
+
+// ImageSizeContainsFold applies the ContainsFold predicate on the "image_size" field.
+func ImageSizeContainsFold(v string) predicate.UsageLog {
+	return predicate.UsageLog(sql.FieldContainsFold(FieldImageSize, v))
+}
+
 // CreatedAtEQ applies the EQ predicate on the "created_at" field.
 func CreatedAtEQ(v time.Time) predicate.UsageLog {
 	return predicate.UsageLog(sql.FieldEQ(FieldCreatedAt, v))
@@ -1175,7 +1380,7 @@ func HasAPIKey() predicate.UsageLog {
 }

 // HasAPIKeyWith applies the HasEdge predicate on the "api_key" edge with a given conditions (other predicates).
-func HasAPIKeyWith(preds ...predicate.ApiKey) predicate.UsageLog {
+func HasAPIKeyWith(preds ...predicate.APIKey) predicate.UsageLog {
 	return predicate.UsageLog(func(s *sql.Selector) {
 		step := newAPIKeyStep()
 		sqlgraph.HasNeighborsWith(s, step, func(s *sql.Selector) {
--- a/backend/ent/usagelog_create.go
+++ b/backend/ent/usagelog_create.go
@@ -323,6 +323,48 @@ func (_c *UsageLogCreate) SetNillableFirstTokenMs(v *int) *UsageLogCreate {
 	return _c
 }

+// SetUserAgent sets the "user_agent" field.
+func (_c *UsageLogCreate) SetUserAgent(v string) *UsageLogCreate {
+	_c.mutation.SetUserAgent(v)
+	return _c
+}
+
+// SetNillableUserAgent sets the "user_agent" field if the given value is not nil.
+func (_c *UsageLogCreate) SetNillableUserAgent(v *string) *UsageLogCreate {
+	if v != nil {
+		_c.SetUserAgent(*v)
+	}
+	return _c
+}
+
+// SetImageCount sets the "image_count" field.
+func (_c *UsageLogCreate) SetImageCount(v int) *UsageLogCreate {
+	_c.mutation.SetImageCount(v)
+	return _c
+}
+
+// SetNillableImageCount sets the "image_count" field if the given value is not nil.
+func (_c *UsageLogCreate) SetNillableImageCount(v *int) *UsageLogCreate {
+	if v != nil {
+		_c.SetImageCount(*v)
+	}
+	return _c
+}
+
+// SetImageSize sets the "image_size" field.
+func (_c *UsageLogCreate) SetImageSize(v string) *UsageLogCreate {
+	_c.mutation.SetImageSize(v)
+	return _c
+}
+
+// SetNillableImageSize sets the "image_size" field if the given value is not nil.
+func (_c *UsageLogCreate) SetNillableImageSize(v *string) *UsageLogCreate {
+	if v != nil {
+		_c.SetImageSize(*v)
+	}
+	return _c
+}
+
 // SetCreatedAt sets the "created_at" field.
 func (_c *UsageLogCreate) SetCreatedAt(v time.Time) *UsageLogCreate {
 	_c.mutation.SetCreatedAt(v)
@@ -342,8 +384,8 @@ func (_c *UsageLogCreate) SetUser(v *User) *UsageLogCreate {
 	return _c.SetUserID(v.ID)
 }

-// SetAPIKey sets the "api_key" edge to the ApiKey entity.
-func (_c *UsageLogCreate) SetAPIKey(v *ApiKey) *UsageLogCreate {
+// SetAPIKey sets the "api_key" edge to the APIKey entity.
+func (_c *UsageLogCreate) SetAPIKey(v *APIKey) *UsageLogCreate {
 	return _c.SetAPIKeyID(v.ID)
 }

@@ -457,6 +499,10 @@ func (_c *UsageLogCreate) defaults() {
 		v := usagelog.DefaultStream
 		_c.mutation.SetStream(v)
 	}
+	if _, ok := _c.mutation.ImageCount(); !ok {
+		v := usagelog.DefaultImageCount
+		_c.mutation.SetImageCount(v)
+	}
 	if _, ok := _c.mutation.CreatedAt(); !ok {
 		v := usagelog.DefaultCreatedAt()
 		_c.mutation.SetCreatedAt(v)
@@ -535,6 +581,19 @@ func (_c *UsageLogCreate) check() error {
 	if _, ok := _c.mutation.Stream(); !ok {
 		return &ValidationError{Name: "stream", err: errors.New(`ent: missing required field "UsageLog.stream"`)}
 	}
+	if v, ok := _c.mutation.UserAgent(); ok {
+		if err := usagelog.UserAgentValidator(v); err != nil {
+			return &ValidationError{Name: "user_agent", err: fmt.Errorf(`ent: validator failed for field "UsageLog.user_agent": %w`, err)}
+		}
+	}
+	if _, ok := _c.mutation.ImageCount(); !ok {
+		return &ValidationError{Name: "image_count", err: errors.New(`ent: missing required field "UsageLog.image_count"`)}
+	}
+	if v, ok := _c.mutation.ImageSize(); ok {
+		if err := usagelog.ImageSizeValidator(v); err != nil {
+			return &ValidationError{Name: "image_size", err: fmt.Errorf(`ent: validator failed for field "UsageLog.image_size": %w`, err)}
+		}
+	}
 	if _, ok := _c.mutation.CreatedAt(); !ok {
 		return &ValidationError{Name: "created_at", err: errors.New(`ent: missing required field "UsageLog.created_at"`)}
 	}
@@ -650,6 +709,18 @@ func (_c *UsageLogCreate) createSpec() (*UsageLog, *sqlgraph.CreateSpec) {
 		_spec.SetField(usagelog.FieldFirstTokenMs, field.TypeInt, value)
 		_node.FirstTokenMs = &value
 	}
+	if value, ok := _c.mutation.UserAgent(); ok {
+		_spec.SetField(usagelog.FieldUserAgent, field.TypeString, value)
+		_node.UserAgent = &value
+	}
+	if value, ok := _c.mutation.ImageCount(); ok {
+		_spec.SetField(usagelog.FieldImageCount, field.TypeInt, value)
+		_node.ImageCount = value
+	}
+	if value, ok := _c.mutation.ImageSize(); ok {
+		_spec.SetField(usagelog.FieldImageSize, field.TypeString, value)
+		_node.ImageSize = &value
+	}
 	if value, ok := _c.mutation.CreatedAt(); ok {
 		_spec.SetField(usagelog.FieldCreatedAt, field.TypeTime, value)
 		_node.CreatedAt = value
@@ -1199,6 +1270,60 @@ func (u *UsageLogUpsert) ClearFirstTokenMs() *UsageLogUpsert {
 	return u
 }

+// SetUserAgent sets the "user_agent" field.
+func (u *UsageLogUpsert) SetUserAgent(v string) *UsageLogUpsert {
+	u.Set(usagelog.FieldUserAgent, v)
+	return u
+}
+
+// UpdateUserAgent sets the "user_agent" field to the value that was provided on create.
+func (u *UsageLogUpsert) UpdateUserAgent() *UsageLogUpsert {
+	u.SetExcluded(usagelog.FieldUserAgent)
+	return u
+}
+
+// ClearUserAgent clears the value of the "user_agent" field.
+func (u *UsageLogUpsert) ClearUserAgent() *UsageLogUpsert {
+	u.SetNull(usagelog.FieldUserAgent)
+	return u
+}
+
+// SetImageCount sets the "image_count" field.
+func (u *UsageLogUpsert) SetImageCount(v int) *UsageLogUpsert {
+	u.Set(usagelog.FieldImageCount, v)
+	return u
+}
+
+// UpdateImageCount sets the "image_count" field to the value that was provided on create.
+func (u *UsageLogUpsert) UpdateImageCount() *UsageLogUpsert {
+	u.SetExcluded(usagelog.FieldImageCount)
+	return u
+}
+
+// AddImageCount adds v to the "image_count" field.
+func (u *UsageLogUpsert) AddImageCount(v int) *UsageLogUpsert {
+	u.Add(usagelog.FieldImageCount, v)
+	return u
+}
+
+// SetImageSize sets the "image_size" field.
+func (u *UsageLogUpsert) SetImageSize(v string) *UsageLogUpsert {
+	u.Set(usagelog.FieldImageSize, v)
+	return u
+}
+
+// UpdateImageSize sets the "image_size" field to the value that was provided on create.
+func (u *UsageLogUpsert) UpdateImageSize() *UsageLogUpsert {
+	u.SetExcluded(usagelog.FieldImageSize)
+	return u
+}
+
+// ClearImageSize clears the value of the "image_size" field.
+func (u *UsageLogUpsert) ClearImageSize() *UsageLogUpsert {
+	u.SetNull(usagelog.FieldImageSize)
+	return u
+}
+
 // UpdateNewValues updates the mutable fields using the new values that were set on create.
 // Using this option is equivalent to using:
 //
@@ -1720,6 +1845,69 @@ func (u *UsageLogUpsertOne) ClearFirstTokenMs() *UsageLogUpsertOne {
 	})
 }

+// SetUserAgent sets the "user_agent" field.
+func (u *UsageLogUpsertOne) SetUserAgent(v string) *UsageLogUpsertOne {
+	return u.Update(func(s *UsageLogUpsert) {
+		s.SetUserAgent(v)
+	})
+}
+
+// UpdateUserAgent sets the "user_agent" field to the value that was provided on create.
+func (u *UsageLogUpsertOne) UpdateUserAgent() *UsageLogUpsertOne {
+	return u.Update(func(s *UsageLogUpsert) {
+		s.UpdateUserAgent()
+	})
+}
+
+// ClearUserAgent clears the value of the "user_agent" field.
+func (u *UsageLogUpsertOne) ClearUserAgent() *UsageLogUpsertOne {
+	return u.Update(func(s *UsageLogUpsert) {
+		s.ClearUserAgent()
+	})
+}
+
+// SetImageCount sets the "image_count" field.
+func (u *UsageLogUpsertOne) SetImageCount(v int) *UsageLogUpsertOne {
+	return u.Update(func(s *UsageLogUpsert) {
+		s.SetImageCount(v)
+	})
+}
+
+// AddImageCount adds v to the "image_count" field.
+func (u *UsageLogUpsertOne) AddImageCount(v int) *UsageLogUpsertOne {
+	return u.Update(func(s *UsageLogUpsert) {
+		s.AddImageCount(v)
+	})
+}
+
+// UpdateImageCount sets the "image_count" field to the value that was provided on create.
+func (u *UsageLogUpsertOne) UpdateImageCount() *UsageLogUpsertOne {
+	return u.Update(func(s *UsageLogUpsert) {
+		s.UpdateImageCount()
+	})
+}
+
+// SetImageSize sets the "image_size" field.
+func (u *UsageLogUpsertOne) SetImageSize(v string) *UsageLogUpsertOne {
+	return u.Update(func(s *UsageLogUpsert) {
+		s.SetImageSize(v)
+	})
+}
+
+// UpdateImageSize sets the "image_size" field to the value that was provided on create.
+func (u *UsageLogUpsertOne) UpdateImageSize() *UsageLogUpsertOne {
+	return u.Update(func(s *UsageLogUpsert) {
+		s.UpdateImageSize()
+	})
+}
+
+// ClearImageSize clears the value of the "image_size" field.
+func (u *UsageLogUpsertOne) ClearImageSize() *UsageLogUpsertOne {
+	return u.Update(func(s *UsageLogUpsert) {
+		s.ClearImageSize()
+	})
+}
+
 // Exec executes the query.
 func (u *UsageLogUpsertOne) Exec(ctx context.Context) error {
 	if len(u.create.conflict) == 0 {
@@ -2407,6 +2595,69 @@ func (u *UsageLogUpsertBulk) ClearFirstTokenMs() *UsageLogUpsertBulk {
 	})
 }

+// SetUserAgent sets the "user_agent" field.
+func (u *UsageLogUpsertBulk) SetUserAgent(v string) *UsageLogUpsertBulk {
+	return u.Update(func(s *UsageLogUpsert) {
+		s.SetUserAgent(v)
+	})
+}
+
+// UpdateUserAgent sets the "user_agent" field to the value that was provided on create.
+func (u *UsageLogUpsertBulk) UpdateUserAgent() *UsageLogUpsertBulk {
+	return u.Update(func(s *UsageLogUpsert) {
+		s.UpdateUserAgent()
+	})
+}
+
+// ClearUserAgent clears the value of the "user_agent" field.
+func (u *UsageLogUpsertBulk) ClearUserAgent() *UsageLogUpsertBulk {
+	return u.Update(func(s *UsageLogUpsert) {
+		s.ClearUserAgent()
+	})
+}
+
+// SetImageCount sets the "image_count" field.
+func (u *UsageLogUpsertBulk) SetImageCount(v int) *UsageLogUpsertBulk {
+	return u.Update(func(s *UsageLogUpsert) {
+		s.SetImageCount(v)
+	})
+}
+
+// AddImageCount adds v to the "image_count" field.
+func (u *UsageLogUpsertBulk) AddImageCount(v int) *UsageLogUpsertBulk {
+	return u.Update(func(s *UsageLogUpsert) {
+		s.AddImageCount(v)
+	})
+}
+
+// UpdateImageCount sets the "image_count" field to the value that was provided on create.
+func (u *UsageLogUpsertBulk) UpdateImageCount() *UsageLogUpsertBulk {
+	return u.Update(func(s *UsageLogUpsert) {
+		s.UpdateImageCount()
+	})
+}
+
+// SetImageSize sets the "image_size" field.
+func (u *UsageLogUpsertBulk) SetImageSize(v string) *UsageLogUpsertBulk {
+	return u.Update(func(s *UsageLogUpsert) {
+		s.SetImageSize(v)
+	})
+}
+
+// UpdateImageSize sets the "image_size" field to the value that was provided on create.
+func (u *UsageLogUpsertBulk) UpdateImageSize() *UsageLogUpsertBulk {
+	return u.Update(func(s *UsageLogUpsert) {
+		s.UpdateImageSize()
+	})
+}
+
+// ClearImageSize clears the value of the "image_size" field.
+func (u *UsageLogUpsertBulk) ClearImageSize() *UsageLogUpsertBulk {
+	return u.Update(func(s *UsageLogUpsert) {
+		s.ClearImageSize()
+	})
+}
+
 // Exec executes the query.
 func (u *UsageLogUpsertBulk) Exec(ctx context.Context) error {
 	if u.create.err != nil {
--- a/backend/ent/usagelog_query.go
+++ b/backend/ent/usagelog_query.go
@@ -28,7 +28,7 @@ type UsageLogQuery struct {
 	inters           []Interceptor
 	predicates       []predicate.UsageLog
 	withUser         *UserQuery
-	withAPIKey       *ApiKeyQuery
+	withAPIKey       *APIKeyQuery
 	withAccount      *AccountQuery
 	withGroup        *GroupQuery
 	withSubscription *UserSubscriptionQuery
@@ -91,8 +91,8 @@ func (_q *UsageLogQuery) QueryUser() *UserQuery {
 }

 // QueryAPIKey chains the current query on the "api_key" edge.
-func (_q *UsageLogQuery) QueryAPIKey() *ApiKeyQuery {
-	query := (&ApiKeyClient{config: _q.config}).Query()
+func (_q *UsageLogQuery) QueryAPIKey() *APIKeyQuery {
+	query := (&APIKeyClient{config: _q.config}).Query()
 	query.path = func(ctx context.Context) (fromU *sql.Selector, err error) {
 		if err := _q.prepareQuery(ctx); err != nil {
 			return nil, err
@@ -394,8 +394,8 @@ func (_q *UsageLogQuery) WithUser(opts ...func(*UserQuery)) *UsageLogQuery {

 // WithAPIKey tells the query-builder to eager-load the nodes that are connected to
 // the "api_key" edge. The optional arguments are used to configure the query builder of the edge.
-func (_q *UsageLogQuery) WithAPIKey(opts ...func(*ApiKeyQuery)) *UsageLogQuery {
-	query := (&ApiKeyClient{config: _q.config}).Query()
+func (_q *UsageLogQuery) WithAPIKey(opts ...func(*APIKeyQuery)) *UsageLogQuery {
+	query := (&APIKeyClient{config: _q.config}).Query()
 	for _, opt := range opts {
 		opt(query)
 	}
@@ -548,7 +548,7 @@ func (_q *UsageLogQuery) sqlAll(ctx context.Context, hooks ...queryHook) ([]*Usa
 	}
 	if query := _q.withAPIKey; query != nil {
 		if err := _q.loadAPIKey(ctx, query, nodes, nil,
-			func(n *UsageLog, e *ApiKey) { n.Edges.APIKey = e }); err != nil {
+			func(n *UsageLog, e *APIKey) { n.Edges.APIKey = e }); err != nil {
 			return nil, err
 		}
 	}
@@ -602,7 +602,7 @@ func (_q *UsageLogQuery) loadUser(ctx context.Context, query *UserQuery, nodes [
 	}
 	return nil
 }
-func (_q *UsageLogQuery) loadAPIKey(ctx context.Context, query *ApiKeyQuery, nodes []*UsageLog, init func(*UsageLog), assign func(*UsageLog, *ApiKey)) error {
+func (_q *UsageLogQuery) loadAPIKey(ctx context.Context, query *APIKeyQuery, nodes []*UsageLog, init func(*UsageLog), assign func(*UsageLog, *APIKey)) error {
 	ids := make([]int64, 0, len(nodes))
 	nodeids := make(map[int64][]*UsageLog)
 	for i := range nodes {
--- a/backend/ent/usagelog_update.go
+++ b/backend/ent/usagelog_update.go
@@ -504,13 +504,74 @@ func (_u *UsageLogUpdate) ClearFirstTokenMs() *UsageLogUpdate {
 	return _u
 }

+// SetUserAgent sets the "user_agent" field.
+func (_u *UsageLogUpdate) SetUserAgent(v string) *UsageLogUpdate {
+	_u.mutation.SetUserAgent(v)
+	return _u
+}
+
+// SetNillableUserAgent sets the "user_agent" field if the given value is not nil.
+func (_u *UsageLogUpdate) SetNillableUserAgent(v *string) *UsageLogUpdate {
+	if v != nil {
+		_u.SetUserAgent(*v)
+	}
+	return _u
+}
+
+// ClearUserAgent clears the value of the "user_agent" field.
+func (_u *UsageLogUpdate) ClearUserAgent() *UsageLogUpdate {
+	_u.mutation.ClearUserAgent()
+	return _u
+}
+
+// SetImageCount sets the "image_count" field.
+func (_u *UsageLogUpdate) SetImageCount(v int) *UsageLogUpdate {
+	_u.mutation.ResetImageCount()
+	_u.mutation.SetImageCount(v)
+	return _u
+}
+
+// SetNillableImageCount sets the "image_count" field if the given value is not nil.
+func (_u *UsageLogUpdate) SetNillableImageCount(v *int) *UsageLogUpdate {
+	if v != nil {
+		_u.SetImageCount(*v)
+	}
+	return _u
+}
+
+// AddImageCount adds value to the "image_count" field.
+func (_u *UsageLogUpdate) AddImageCount(v int) *UsageLogUpdate {
+	_u.mutation.AddImageCount(v)
+	return _u
+}
+
+// SetImageSize sets the "image_size" field.
+func (_u *UsageLogUpdate) SetImageSize(v string) *UsageLogUpdate {
+	_u.mutation.SetImageSize(v)
+	return _u
+}
+
+// SetNillableImageSize sets the "image_size" field if the given value is not nil.
+func (_u *UsageLogUpdate) SetNillableImageSize(v *string) *UsageLogUpdate {
+	if v != nil {
+		_u.SetImageSize(*v)
+	}
+	return _u
+}
+
+// ClearImageSize clears the value of the "image_size" field.
+func (_u *UsageLogUpdate) ClearImageSize() *UsageLogUpdate {
+	_u.mutation.ClearImageSize()
+	return _u
+}
+
 // SetUser sets the "user" edge to the User entity.
 func (_u *UsageLogUpdate) SetUser(v *User) *UsageLogUpdate {
 	return _u.SetUserID(v.ID)
 }

-// SetAPIKey sets the "api_key" edge to the ApiKey entity.
-func (_u *UsageLogUpdate) SetAPIKey(v *ApiKey) *UsageLogUpdate {
+// SetAPIKey sets the "api_key" edge to the APIKey entity.
+func (_u *UsageLogUpdate) SetAPIKey(v *APIKey) *UsageLogUpdate {
 	return _u.SetAPIKeyID(v.ID)
 }

@@ -540,7 +601,7 @@ func (_u *UsageLogUpdate) ClearUser() *UsageLogUpdate {
 	return _u
 }

-// ClearAPIKey clears the "api_key" edge to the ApiKey entity.
+// ClearAPIKey clears the "api_key" edge to the APIKey entity.
 func (_u *UsageLogUpdate) ClearAPIKey() *UsageLogUpdate {
 	_u.mutation.ClearAPIKey()
 	return _u
@@ -603,6 +664,16 @@ func (_u *UsageLogUpdate) check() error {
 			return &ValidationError{Name: "model", err: fmt.Errorf(`ent: validator failed for field "UsageLog.model": %w`, err)}
 		}
 	}
+	if v, ok := _u.mutation.UserAgent(); ok {
+		if err := usagelog.UserAgentValidator(v); err != nil {
+			return &ValidationError{Name: "user_agent", err: fmt.Errorf(`ent: validator failed for field "UsageLog.user_agent": %w`, err)}
+		}
+	}
+	if v, ok := _u.mutation.ImageSize(); ok {
+		if err := usagelog.ImageSizeValidator(v); err != nil {
+			return &ValidationError{Name: "image_size", err: fmt.Errorf(`ent: validator failed for field "UsageLog.image_size": %w`, err)}
+		}
+	}
 	if _u.mutation.UserCleared() && len(_u.mutation.UserIDs()) > 0 {
 		return errors.New(`ent: clearing a required unique edge "UsageLog.user"`)
 	}
@@ -738,6 +809,24 @@ func (_u *UsageLogUpdate) sqlSave(ctx context.Context) (_node int, err error) {
 	if _u.mutation.FirstTokenMsCleared() {
 		_spec.ClearField(usagelog.FieldFirstTokenMs, field.TypeInt)
 	}
+	if value, ok := _u.mutation.UserAgent(); ok {
+		_spec.SetField(usagelog.FieldUserAgent, field.TypeString, value)
+	}
+	if _u.mutation.UserAgentCleared() {
+		_spec.ClearField(usagelog.FieldUserAgent, field.TypeString)
+	}
+	if value, ok := _u.mutation.ImageCount(); ok {
+		_spec.SetField(usagelog.FieldImageCount, field.TypeInt, value)
+	}
+	if value, ok := _u.mutation.AddedImageCount(); ok {
+		_spec.AddField(usagelog.FieldImageCount, field.TypeInt, value)
+	}
+	if value, ok := _u.mutation.ImageSize(); ok {
+		_spec.SetField(usagelog.FieldImageSize, field.TypeString, value)
+	}
+	if _u.mutation.ImageSizeCleared() {
+		_spec.ClearField(usagelog.FieldImageSize, field.TypeString)
+	}
 	if _u.mutation.UserCleared() {
 		edge := &sqlgraph.EdgeSpec{
 			Rel:     sqlgraph.M2O,
@@ -1375,13 +1464,74 @@ func (_u *UsageLogUpdateOne) ClearFirstTokenMs() *UsageLogUpdateOne {
 	return _u
 }

+// SetUserAgent sets the "user_agent" field.
+func (_u *UsageLogUpdateOne) SetUserAgent(v string) *UsageLogUpdateOne {
+	_u.mutation.SetUserAgent(v)
+	return _u
+}
+
+// SetNillableUserAgent sets the "user_agent" field if the given value is not nil.
+func (_u *UsageLogUpdateOne) SetNillableUserAgent(v *string) *UsageLogUpdateOne {
+	if v != nil {
+		_u.SetUserAgent(*v)
+	}
+	return _u
+}
+
+// ClearUserAgent clears the value of the "user_agent" field.
+func (_u *UsageLogUpdateOne) ClearUserAgent() *UsageLogUpdateOne {
+	_u.mutation.ClearUserAgent()
+	return _u
+}
+
+// SetImageCount sets the "image_count" field.
+func (_u *UsageLogUpdateOne) SetImageCount(v int) *UsageLogUpdateOne {
+	_u.mutation.ResetImageCount()
+	_u.mutation.SetImageCount(v)
+	return _u
+}
+
+// SetNillableImageCount sets the "image_count" field if the given value is not nil.
+func (_u *UsageLogUpdateOne) SetNillableImageCount(v *int) *UsageLogUpdateOne {
+	if v != nil {
+		_u.SetImageCount(*v)
+	}
+	return _u
+}
+
+// AddImageCount adds value to the "image_count" field.
+func (_u *UsageLogUpdateOne) AddImageCount(v int) *UsageLogUpdateOne {
+	_u.mutation.AddImageCount(v)
+	return _u
+}
+
+// SetImageSize sets the "image_size" field.
+func (_u *UsageLogUpdateOne) SetImageSize(v string) *UsageLogUpdateOne {
+	_u.mutation.SetImageSize(v)
+	return _u
+}
+
+// SetNillableImageSize sets the "image_size" field if the given value is not nil.
+func (_u *UsageLogUpdateOne) SetNillableImageSize(v *string) *UsageLogUpdateOne {
+	if v != nil {
+		_u.SetImageSize(*v)
+	}
+	return _u
+}
+
+// ClearImageSize clears the value of the "image_size" field.
+func (_u *UsageLogUpdateOne) ClearImageSize() *UsageLogUpdateOne {
+	_u.mutation.ClearImageSize()
+	return _u
+}
+
 // SetUser sets the "user" edge to the User entity.
 func (_u *UsageLogUpdateOne) SetUser(v *User) *UsageLogUpdateOne {
 	return _u.SetUserID(v.ID)
 }

-// SetAPIKey sets the "api_key" edge to the ApiKey entity.
-func (_u *UsageLogUpdateOne) SetAPIKey(v *ApiKey) *UsageLogUpdateOne {
+// SetAPIKey sets the "api_key" edge to the APIKey entity.
+func (_u *UsageLogUpdateOne) SetAPIKey(v *APIKey) *UsageLogUpdateOne {
 	return _u.SetAPIKeyID(v.ID)
 }

@@ -1411,7 +1561,7 @@ func (_u *UsageLogUpdateOne) ClearUser() *UsageLogUpdateOne {
 	return _u
 }

-// ClearAPIKey clears the "api_key" edge to the ApiKey entity.
+// ClearAPIKey clears the "api_key" edge to the APIKey entity.
 func (_u *UsageLogUpdateOne) ClearAPIKey() *UsageLogUpdateOne {
 	_u.mutation.ClearAPIKey()
 	return _u
@@ -1487,6 +1637,16 @@ func (_u *UsageLogUpdateOne) check() error {
 			return &ValidationError{Name: "model", err: fmt.Errorf(`ent: validator failed for field "UsageLog.model": %w`, err)}
 		}
 	}
+	if v, ok := _u.mutation.UserAgent(); ok {
+		if err := usagelog.UserAgentValidator(v); err != nil {
+			return &ValidationError{Name: "user_agent", err: fmt.Errorf(`ent: validator failed for field "UsageLog.user_agent": %w`, err)}
+		}
+	}
+	if v, ok := _u.mutation.ImageSize(); ok {
+		if err := usagelog.ImageSizeValidator(v); err != nil {
+			return &ValidationError{Name: "image_size", err: fmt.Errorf(`ent: validator failed for field "UsageLog.image_size": %w`, err)}
+		}
+	}
 	if _u.mutation.UserCleared() && len(_u.mutation.UserIDs()) > 0 {
 		return errors.New(`ent: clearing a required unique edge "UsageLog.user"`)
 	}
@@ -1639,6 +1799,24 @@ func (_u *UsageLogUpdateOne) sqlSave(ctx context.Context) (_node *UsageLog, err
 	if _u.mutation.FirstTokenMsCleared() {
 		_spec.ClearField(usagelog.FieldFirstTokenMs, field.TypeInt)
 	}
+	if value, ok := _u.mutation.UserAgent(); ok {
+		_spec.SetField(usagelog.FieldUserAgent, field.TypeString, value)
+	}
+	if _u.mutation.UserAgentCleared() {
+		_spec.ClearField(usagelog.FieldUserAgent, field.TypeString)
+	}
+	if value, ok := _u.mutation.ImageCount(); ok {
+		_spec.SetField(usagelog.FieldImageCount, field.TypeInt, value)
+	}
+	if value, ok := _u.mutation.AddedImageCount(); ok {
+		_spec.AddField(usagelog.FieldImageCount, field.TypeInt, value)
+	}
+	if value, ok := _u.mutation.ImageSize(); ok {
+		_spec.SetField(usagelog.FieldImageSize, field.TypeString, value)
+	}
+	if _u.mutation.ImageSizeCleared() {
+		_spec.ClearField(usagelog.FieldImageSize, field.TypeString)
+	}
 	if _u.mutation.UserCleared() {
 		edge := &sqlgraph.EdgeSpec{
 			Rel:     sqlgraph.M2O,
--- a/backend/ent/user.go
+++ b/backend/ent/user.go
@@ -37,8 +37,6 @@ type User struct {
 	Status string `json:"status,omitempty"`
 	// Username holds the value of the "username" field.
 	Username string `json:"username,omitempty"`
-	// Wechat holds the value of the "wechat" field.
-	Wechat string `json:"wechat,omitempty"`
 	// Notes holds the value of the "notes" field.
 	Notes string `json:"notes,omitempty"`
 	// Edges holds the relations/edges for other nodes in the graph.
@@ -50,7 +48,7 @@ type User struct {
 // UserEdges holds the relations/edges for other nodes in the graph.
 type UserEdges struct {
 	// APIKeys holds the value of the api_keys edge.
-	APIKeys []*ApiKey `json:"api_keys,omitempty"`
+	APIKeys []*APIKey `json:"api_keys,omitempty"`
 	// RedeemCodes holds the value of the redeem_codes edge.
 	RedeemCodes []*RedeemCode `json:"redeem_codes,omitempty"`
 	// Subscriptions holds the value of the subscriptions edge.
@@ -61,16 +59,18 @@ type UserEdges struct {
 	AllowedGroups []*Group `json:"allowed_groups,omitempty"`
 	// UsageLogs holds the value of the usage_logs edge.
 	UsageLogs []*UsageLog `json:"usage_logs,omitempty"`
+	// AttributeValues holds the value of the attribute_values edge.
+	AttributeValues []*UserAttributeValue `json:"attribute_values,omitempty"`
 	// UserAllowedGroups holds the value of the user_allowed_groups edge.
 	UserAllowedGroups []*UserAllowedGroup `json:"user_allowed_groups,omitempty"`
 	// loadedTypes holds the information for reporting if a
 	// type was loaded (or requested) in eager-loading or not.
-	loadedTypes [7]bool
+	loadedTypes [8]bool
 }

 // APIKeysOrErr returns the APIKeys value or an error if the edge
 // was not loaded in eager-loading.
-func (e UserEdges) APIKeysOrErr() ([]*ApiKey, error) {
+func (e UserEdges) APIKeysOrErr() ([]*APIKey, error) {
 	if e.loadedTypes[0] {
 		return e.APIKeys, nil
 	}
@@ -122,10 +122,19 @@ func (e UserEdges) UsageLogsOrErr() ([]*UsageLog, error) {
 	return nil, &NotLoadedError{edge: "usage_logs"}
 }

+// AttributeValuesOrErr returns the AttributeValues value or an error if the edge
+// was not loaded in eager-loading.
+func (e UserEdges) AttributeValuesOrErr() ([]*UserAttributeValue, error) {
+	if e.loadedTypes[6] {
+		return e.AttributeValues, nil
+	}
+	return nil, &NotLoadedError{edge: "attribute_values"}
+}
+
 // UserAllowedGroupsOrErr returns the UserAllowedGroups value or an error if the edge
 // was not loaded in eager-loading.
 func (e UserEdges) UserAllowedGroupsOrErr() ([]*UserAllowedGroup, error) {
-	if e.loadedTypes[6] {
+	if e.loadedTypes[7] {
 		return e.UserAllowedGroups, nil
 	}
 	return nil, &NotLoadedError{edge: "user_allowed_groups"}
@@ -140,7 +149,7 @@ func (*User) scanValues(columns []string) ([]any, error) {
 			values[i] = new(sql.NullFloat64)
 		case user.FieldID, user.FieldConcurrency:
 			values[i] = new(sql.NullInt64)
-		case user.FieldEmail, user.FieldPasswordHash, user.FieldRole, user.FieldStatus, user.FieldUsername, user.FieldWechat, user.FieldNotes:
+		case user.FieldEmail, user.FieldPasswordHash, user.FieldRole, user.FieldStatus, user.FieldUsername, user.FieldNotes:
 			values[i] = new(sql.NullString)
 		case user.FieldCreatedAt, user.FieldUpdatedAt, user.FieldDeletedAt:
 			values[i] = new(sql.NullTime)
@@ -226,12 +235,6 @@ func (_m *User) assignValues(columns []string, values []any) error {
 			} else if value.Valid {
 				_m.Username = value.String
 			}
-		case user.FieldWechat:
-			if value, ok := values[i].(*sql.NullString); !ok {
-				return fmt.Errorf("unexpected type %T for field wechat", values[i])
-			} else if value.Valid {
-				_m.Wechat = value.String
-			}
 		case user.FieldNotes:
 			if value, ok := values[i].(*sql.NullString); !ok {
 				return fmt.Errorf("unexpected type %T for field notes", values[i])
@@ -252,7 +255,7 @@ func (_m *User) Value(name string) (ent.Value, error) {
 }

 // QueryAPIKeys queries the "api_keys" edge of the User entity.
-func (_m *User) QueryAPIKeys() *ApiKeyQuery {
+func (_m *User) QueryAPIKeys() *APIKeyQuery {
 	return NewUserClient(_m.config).QueryAPIKeys(_m)
 }

@@ -281,6 +284,11 @@ func (_m *User) QueryUsageLogs() *UsageLogQuery {
 	return NewUserClient(_m.config).QueryUsageLogs(_m)
 }

+// QueryAttributeValues queries the "attribute_values" edge of the User entity.
+func (_m *User) QueryAttributeValues() *UserAttributeValueQuery {
+	return NewUserClient(_m.config).QueryAttributeValues(_m)
+}
+
 // QueryUserAllowedGroups queries the "user_allowed_groups" edge of the User entity.
 func (_m *User) QueryUserAllowedGroups() *UserAllowedGroupQuery {
 	return NewUserClient(_m.config).QueryUserAllowedGroups(_m)
@@ -341,9 +349,6 @@ func (_m *User) String() string {
 	builder.WriteString("username=")
 	builder.WriteString(_m.Username)
 	builder.WriteString(", ")
-	builder.WriteString("wechat=")
-	builder.WriteString(_m.Wechat)
-	builder.WriteString(", ")
 	builder.WriteString("notes=")
 	builder.WriteString(_m.Notes)
 	builder.WriteByte(')')
--- a/backend/ent/user/user.go
+++ b/backend/ent/user/user.go
@@ -35,8 +35,6 @@ const (
 	FieldStatus = "status"
 	// FieldUsername holds the string denoting the username field in the database.
 	FieldUsername = "username"
-	// FieldWechat holds the string denoting the wechat field in the database.
-	FieldWechat = "wechat"
 	// FieldNotes holds the string denoting the notes field in the database.
 	FieldNotes = "notes"
 	// EdgeAPIKeys holds the string denoting the api_keys edge name in mutations.
@@ -51,13 +49,15 @@ const (
 	EdgeAllowedGroups = "allowed_groups"
 	// EdgeUsageLogs holds the string denoting the usage_logs edge name in mutations.
 	EdgeUsageLogs = "usage_logs"
+	// EdgeAttributeValues holds the string denoting the attribute_values edge name in mutations.
+	EdgeAttributeValues = "attribute_values"
 	// EdgeUserAllowedGroups holds the string denoting the user_allowed_groups edge name in mutations.
 	EdgeUserAllowedGroups = "user_allowed_groups"
 	// Table holds the table name of the user in the database.
 	Table = "users"
 	// APIKeysTable is the table that holds the api_keys relation/edge.
 	APIKeysTable = "api_keys"
-	// APIKeysInverseTable is the table name for the ApiKey entity.
+	// APIKeysInverseTable is the table name for the APIKey entity.
 	// It exists in this package in order to avoid circular dependency with the "apikey" package.
 	APIKeysInverseTable = "api_keys"
 	// APIKeysColumn is the table column denoting the api_keys relation/edge.
@@ -95,6 +95,13 @@ const (
 	UsageLogsInverseTable = "usage_logs"
 	// UsageLogsColumn is the table column denoting the usage_logs relation/edge.
 	UsageLogsColumn = "user_id"
+	// AttributeValuesTable is the table that holds the attribute_values relation/edge.
+	AttributeValuesTable = "user_attribute_values"
+	// AttributeValuesInverseTable is the table name for the UserAttributeValue entity.
+	// It exists in this package in order to avoid circular dependency with the "userattributevalue" package.
+	AttributeValuesInverseTable = "user_attribute_values"
+	// AttributeValuesColumn is the table column denoting the attribute_values relation/edge.
+	AttributeValuesColumn = "user_id"
 	// UserAllowedGroupsTable is the table that holds the user_allowed_groups relation/edge.
 	UserAllowedGroupsTable = "user_allowed_groups"
 	// UserAllowedGroupsInverseTable is the table name for the UserAllowedGroup entity.
@@ -117,7 +124,6 @@ var Columns = []string{
 	FieldConcurrency,
 	FieldStatus,
 	FieldUsername,
-	FieldWechat,
 	FieldNotes,
 }

@@ -171,10 +177,6 @@ var (
 	DefaultUsername string
 	// UsernameValidator is a validator for the "username" field. It is called by the builders before save.
 	UsernameValidator func(string) error
-	// DefaultWechat holds the default value on creation for the "wechat" field.
-	DefaultWechat string
-	// WechatValidator is a validator for the "wechat" field. It is called by the builders before save.
-	WechatValidator func(string) error
 	// DefaultNotes holds the default value on creation for the "notes" field.
 	DefaultNotes string
 )
@@ -237,11 +239,6 @@ func ByUsername(opts ...sql.OrderTermOption) OrderOption {
 	return sql.OrderByField(FieldUsername, opts...).ToFunc()
 }

-// ByWechat orders the results by the wechat field.
-func ByWechat(opts ...sql.OrderTermOption) OrderOption {
-	return sql.OrderByField(FieldWechat, opts...).ToFunc()
-}
-
 // ByNotes orders the results by the notes field.
 func ByNotes(opts ...sql.OrderTermOption) OrderOption {
 	return sql.OrderByField(FieldNotes, opts...).ToFunc()
@@ -331,6 +328,20 @@ func ByUsageLogs(term sql.OrderTerm, terms ...sql.OrderTerm) OrderOption {
 	}
 }

+// ByAttributeValuesCount orders the results by attribute_values count.
+func ByAttributeValuesCount(opts ...sql.OrderTermOption) OrderOption {
+	return func(s *sql.Selector) {
+		sqlgraph.OrderByNeighborsCount(s, newAttributeValuesStep(), opts...)
+	}
+}
+
+// ByAttributeValues orders the results by attribute_values terms.
+func ByAttributeValues(term sql.OrderTerm, terms ...sql.OrderTerm) OrderOption {
+	return func(s *sql.Selector) {
+		sqlgraph.OrderByNeighborTerms(s, newAttributeValuesStep(), append([]sql.OrderTerm{term}, terms...)...)
+	}
+}
+
 // ByUserAllowedGroupsCount orders the results by user_allowed_groups count.
 func ByUserAllowedGroupsCount(opts ...sql.OrderTermOption) OrderOption {
 	return func(s *sql.Selector) {
@@ -386,6 +397,13 @@ func newUsageLogsStep() *sqlgraph.Step {
 		sqlgraph.Edge(sqlgraph.O2M, false, UsageLogsTable, UsageLogsColumn),
 	)
 }
+func newAttributeValuesStep() *sqlgraph.Step {
+	return sqlgraph.NewStep(
+		sqlgraph.From(Table, FieldID),
+		sqlgraph.To(AttributeValuesInverseTable, FieldID),
+		sqlgraph.Edge(sqlgraph.O2M, false, AttributeValuesTable, AttributeValuesColumn),
+	)
+}
 func newUserAllowedGroupsStep() *sqlgraph.Step {
 	return sqlgraph.NewStep(
 		sqlgraph.From(Table, FieldID),
--- a/backend/ent/user/where.go
+++ b/backend/ent/user/where.go
@@ -105,11 +105,6 @@ func Username(v string) predicate.User {
 	return predicate.User(sql.FieldEQ(FieldUsername, v))
 }

-// Wechat applies equality check predicate on the "wechat" field. It's identical to WechatEQ.
-func Wechat(v string) predicate.User {
-	return predicate.User(sql.FieldEQ(FieldWechat, v))
-}
-
 // Notes applies equality check predicate on the "notes" field. It's identical to NotesEQ.
 func Notes(v string) predicate.User {
 	return predicate.User(sql.FieldEQ(FieldNotes, v))
@@ -650,71 +645,6 @@ func UsernameContainsFold(v string) predicate.User {
 	return predicate.User(sql.FieldContainsFold(FieldUsername, v))
 }

-// WechatEQ applies the EQ predicate on the "wechat" field.
-func WechatEQ(v string) predicate.User {
-	return predicate.User(sql.FieldEQ(FieldWechat, v))
-}
-
-// WechatNEQ applies the NEQ predicate on the "wechat" field.
-func WechatNEQ(v string) predicate.User {
-	return predicate.User(sql.FieldNEQ(FieldWechat, v))
-}
-
-// WechatIn applies the In predicate on the "wechat" field.
-func WechatIn(vs ...string) predicate.User {
-	return predicate.User(sql.FieldIn(FieldWechat, vs...))
-}
-
-// WechatNotIn applies the NotIn predicate on the "wechat" field.
-func WechatNotIn(vs ...string) predicate.User {
-	return predicate.User(sql.FieldNotIn(FieldWechat, vs...))
-}
-
-// WechatGT applies the GT predicate on the "wechat" field.
-func WechatGT(v string) predicate.User {
-	return predicate.User(sql.FieldGT(FieldWechat, v))
-}
-
-// WechatGTE applies the GTE predicate on the "wechat" field.
-func WechatGTE(v string) predicate.User {
-	return predicate.User(sql.FieldGTE(FieldWechat, v))
-}
-
-// WechatLT applies the LT predicate on the "wechat" field.
-func WechatLT(v string) predicate.User {
-	return predicate.User(sql.FieldLT(FieldWechat, v))
-}
-
-// WechatLTE applies the LTE predicate on the "wechat" field.
-func WechatLTE(v string) predicate.User {
-	return predicate.User(sql.FieldLTE(FieldWechat, v))
-}
-
-// WechatContains applies the Contains predicate on the "wechat" field.
-func WechatContains(v string) predicate.User {
-	return predicate.User(sql.FieldContains(FieldWechat, v))
-}
-
-// WechatHasPrefix applies the HasPrefix predicate on the "wechat" field.
-func WechatHasPrefix(v string) predicate.User {
-	return predicate.User(sql.FieldHasPrefix(FieldWechat, v))
-}
-
-// WechatHasSuffix applies the HasSuffix predicate on the "wechat" field.
-func WechatHasSuffix(v string) predicate.User {
-	return predicate.User(sql.FieldHasSuffix(FieldWechat, v))
-}
-
-// WechatEqualFold applies the EqualFold predicate on the "wechat" field.
-func WechatEqualFold(v string) predicate.User {
-	return predicate.User(sql.FieldEqualFold(FieldWechat, v))
-}
-
-// WechatContainsFold applies the ContainsFold predicate on the "wechat" field.
-func WechatContainsFold(v string) predicate.User {
-	return predicate.User(sql.FieldContainsFold(FieldWechat, v))
-}
-
 // NotesEQ applies the EQ predicate on the "notes" field.
 func NotesEQ(v string) predicate.User {
 	return predicate.User(sql.FieldEQ(FieldNotes, v))
@@ -792,7 +722,7 @@ func HasAPIKeys() predicate.User {
 }

 // HasAPIKeysWith applies the HasEdge predicate on the "api_keys" edge with a given conditions (other predicates).
-func HasAPIKeysWith(preds ...predicate.ApiKey) predicate.User {
+func HasAPIKeysWith(preds ...predicate.APIKey) predicate.User {
 	return predicate.User(func(s *sql.Selector) {
 		step := newAPIKeysStep()
 		sqlgraph.HasNeighborsWith(s, step, func(s *sql.Selector) {
@@ -918,6 +848,29 @@ func HasUsageLogsWith(preds ...predicate.UsageLog) predicate.User {
 	})
 }

+// HasAttributeValues applies the HasEdge predicate on the "attribute_values" edge.
+func HasAttributeValues() predicate.User {
+	return predicate.User(func(s *sql.Selector) {
+		step := sqlgraph.NewStep(
+			sqlgraph.From(Table, FieldID),
+			sqlgraph.Edge(sqlgraph.O2M, false, AttributeValuesTable, AttributeValuesColumn),
+		)
+		sqlgraph.HasNeighbors(s, step)
+	})
+}
+
+// HasAttributeValuesWith applies the HasEdge predicate on the "attribute_values" edge with a given conditions (other predicates).
+func HasAttributeValuesWith(preds ...predicate.UserAttributeValue) predicate.User {
+	return predicate.User(func(s *sql.Selector) {
+		step := newAttributeValuesStep()
+		sqlgraph.HasNeighborsWith(s, step, func(s *sql.Selector) {
+			for _, p := range preds {
+				p(s)
+			}
+		})
+	})
+}
+
 // HasUserAllowedGroups applies the HasEdge predicate on the "user_allowed_groups" edge.
 func HasUserAllowedGroups() predicate.User {
 	return predicate.User(func(s *sql.Selector) {
--- a/backend/ent/user_create.go
+++ b/backend/ent/user_create.go
@@ -16,6 +16,7 @@ import (
 	"github.com/Wei-Shaw/sub2api/ent/redeemcode"
 	"github.com/Wei-Shaw/sub2api/ent/usagelog"
 	"github.com/Wei-Shaw/sub2api/ent/user"
+	"github.com/Wei-Shaw/sub2api/ent/userattributevalue"
 	"github.com/Wei-Shaw/sub2api/ent/usersubscription"
 )

@@ -151,20 +152,6 @@ func (_c *UserCreate) SetNillableUsername(v *string) *UserCreate {
 	return _c
 }

-// SetWechat sets the "wechat" field.
-func (_c *UserCreate) SetWechat(v string) *UserCreate {
-	_c.mutation.SetWechat(v)
-	return _c
-}
-
-// SetNillableWechat sets the "wechat" field if the given value is not nil.
-func (_c *UserCreate) SetNillableWechat(v *string) *UserCreate {
-	if v != nil {
-		_c.SetWechat(*v)
-	}
-	return _c
-}
-
 // SetNotes sets the "notes" field.
 func (_c *UserCreate) SetNotes(v string) *UserCreate {
 	_c.mutation.SetNotes(v)
@@ -179,14 +166,14 @@ func (_c *UserCreate) SetNillableNotes(v *string) *UserCreate {
 	return _c
 }

-// AddAPIKeyIDs adds the "api_keys" edge to the ApiKey entity by IDs.
+// AddAPIKeyIDs adds the "api_keys" edge to the APIKey entity by IDs.
 func (_c *UserCreate) AddAPIKeyIDs(ids ...int64) *UserCreate {
 	_c.mutation.AddAPIKeyIDs(ids...)
 	return _c
 }

-// AddAPIKeys adds the "api_keys" edges to the ApiKey entity.
-func (_c *UserCreate) AddAPIKeys(v ...*ApiKey) *UserCreate {
+// AddAPIKeys adds the "api_keys" edges to the APIKey entity.
+func (_c *UserCreate) AddAPIKeys(v ...*APIKey) *UserCreate {
 	ids := make([]int64, len(v))
 	for i := range v {
 		ids[i] = v[i].ID
@@ -269,6 +256,21 @@ func (_c *UserCreate) AddUsageLogs(v ...*UsageLog) *UserCreate {
 	return _c.AddUsageLogIDs(ids...)
 }

+// AddAttributeValueIDs adds the "attribute_values" edge to the UserAttributeValue entity by IDs.
+func (_c *UserCreate) AddAttributeValueIDs(ids ...int64) *UserCreate {
+	_c.mutation.AddAttributeValueIDs(ids...)
+	return _c
+}
+
+// AddAttributeValues adds the "attribute_values" edges to the UserAttributeValue entity.
+func (_c *UserCreate) AddAttributeValues(v ...*UserAttributeValue) *UserCreate {
+	ids := make([]int64, len(v))
+	for i := range v {
+		ids[i] = v[i].ID
+	}
+	return _c.AddAttributeValueIDs(ids...)
+}
+
 // Mutation returns the UserMutation object of the builder.
 func (_c *UserCreate) Mutation() *UserMutation {
 	return _c.mutation
@@ -340,10 +342,6 @@ func (_c *UserCreate) defaults() error {
 		v := user.DefaultUsername
 		_c.mutation.SetUsername(v)
 	}
-	if _, ok := _c.mutation.Wechat(); !ok {
-		v := user.DefaultWechat
-		_c.mutation.SetWechat(v)
-	}
 	if _, ok := _c.mutation.Notes(); !ok {
 		v := user.DefaultNotes
 		_c.mutation.SetNotes(v)
@@ -405,14 +403,6 @@ func (_c *UserCreate) check() error {
 			return &ValidationError{Name: "username", err: fmt.Errorf(`ent: validator failed for field "User.username": %w`, err)}
 		}
 	}
-	if _, ok := _c.mutation.Wechat(); !ok {
-		return &ValidationError{Name: "wechat", err: errors.New(`ent: missing required field "User.wechat"`)}
-	}
-	if v, ok := _c.mutation.Wechat(); ok {
-		if err := user.WechatValidator(v); err != nil {
-			return &ValidationError{Name: "wechat", err: fmt.Errorf(`ent: validator failed for field "User.wechat": %w`, err)}
-		}
-	}
 	if _, ok := _c.mutation.Notes(); !ok {
 		return &ValidationError{Name: "notes", err: errors.New(`ent: missing required field "User.notes"`)}
 	}
@@ -483,10 +473,6 @@ func (_c *UserCreate) createSpec() (*User, *sqlgraph.CreateSpec) {
 		_spec.SetField(user.FieldUsername, field.TypeString, value)
 		_node.Username = value
 	}
-	if value, ok := _c.mutation.Wechat(); ok {
-		_spec.SetField(user.FieldWechat, field.TypeString, value)
-		_node.Wechat = value
-	}
 	if value, ok := _c.mutation.Notes(); ok {
 		_spec.SetField(user.FieldNotes, field.TypeString, value)
 		_node.Notes = value
@@ -591,6 +577,22 @@ func (_c *UserCreate) createSpec() (*User, *sqlgraph.CreateSpec) {
 		}
 		_spec.Edges = append(_spec.Edges, edge)
 	}
+	if nodes := _c.mutation.AttributeValuesIDs(); len(nodes) > 0 {
+		edge := &sqlgraph.EdgeSpec{
+			Rel:     sqlgraph.O2M,
+			Inverse: false,
+			Table:   user.AttributeValuesTable,
+			Columns: []string{user.AttributeValuesColumn},
+			Bidi:    false,
+			Target: &sqlgraph.EdgeTarget{
+				IDSpec: sqlgraph.NewFieldSpec(userattributevalue.FieldID, field.TypeInt64),
+			},
+		}
+		for _, k := range nodes {
+			edge.Target.Nodes = append(edge.Target.Nodes, k)
+		}
+		_spec.Edges = append(_spec.Edges, edge)
+	}
 	return _node, _spec
 }

@@ -769,18 +771,6 @@ func (u *UserUpsert) UpdateUsername() *UserUpsert {
 	return u
 }

-// SetWechat sets the "wechat" field.
-func (u *UserUpsert) SetWechat(v string) *UserUpsert {
-	u.Set(user.FieldWechat, v)
-	return u
-}
-
-// UpdateWechat sets the "wechat" field to the value that was provided on create.
-func (u *UserUpsert) UpdateWechat() *UserUpsert {
-	u.SetExcluded(user.FieldWechat)
-	return u
-}
-
 // SetNotes sets the "notes" field.
 func (u *UserUpsert) SetNotes(v string) *UserUpsert {
 	u.Set(user.FieldNotes, v)
@@ -985,20 +975,6 @@ func (u *UserUpsertOne) UpdateUsername() *UserUpsertOne {
 	})
 }

-// SetWechat sets the "wechat" field.
-func (u *UserUpsertOne) SetWechat(v string) *UserUpsertOne {
-	return u.Update(func(s *UserUpsert) {
-		s.SetWechat(v)
-	})
-}
-
-// UpdateWechat sets the "wechat" field to the value that was provided on create.
-func (u *UserUpsertOne) UpdateWechat() *UserUpsertOne {
-	return u.Update(func(s *UserUpsert) {
-		s.UpdateWechat()
-	})
-}
-
 // SetNotes sets the "notes" field.
 func (u *UserUpsertOne) SetNotes(v string) *UserUpsertOne {
 	return u.Update(func(s *UserUpsert) {
@@ -1371,20 +1347,6 @@ func (u *UserUpsertBulk) UpdateUsername() *UserUpsertBulk {
 	})
 }

-// SetWechat sets the "wechat" field.
-func (u *UserUpsertBulk) SetWechat(v string) *UserUpsertBulk {
-	return u.Update(func(s *UserUpsert) {
-		s.SetWechat(v)
-	})
-}
-
-// UpdateWechat sets the "wechat" field to the value that was provided on create.
-func (u *UserUpsertBulk) UpdateWechat() *UserUpsertBulk {
-	return u.Update(func(s *UserUpsert) {
-		s.UpdateWechat()
-	})
-}
-
 // SetNotes sets the "notes" field.
 func (u *UserUpsertBulk) SetNotes(v string) *UserUpsertBulk {
 	return u.Update(func(s *UserUpsert) {
--- a/backend/ent/user_query.go
+++ b/backend/ent/user_query.go
@@ -19,6 +19,7 @@ import (
 	"github.com/Wei-Shaw/sub2api/ent/usagelog"
 	"github.com/Wei-Shaw/sub2api/ent/user"
 	"github.com/Wei-Shaw/sub2api/ent/userallowedgroup"
+	"github.com/Wei-Shaw/sub2api/ent/userattributevalue"
 	"github.com/Wei-Shaw/sub2api/ent/usersubscription"
 )

@@ -29,12 +30,13 @@ type UserQuery struct {
 	order                     []user.OrderOption
 	inters                    []Interceptor
 	predicates                []predicate.User
-	withAPIKeys               *ApiKeyQuery
+	withAPIKeys               *APIKeyQuery
 	withRedeemCodes           *RedeemCodeQuery
 	withSubscriptions         *UserSubscriptionQuery
 	withAssignedSubscriptions *UserSubscriptionQuery
 	withAllowedGroups         *GroupQuery
 	withUsageLogs             *UsageLogQuery
+	withAttributeValues       *UserAttributeValueQuery
 	withUserAllowedGroups     *UserAllowedGroupQuery
 	// intermediate query (i.e. traversal path).
 	sql  *sql.Selector
@@ -73,8 +75,8 @@ func (_q *UserQuery) Order(o ...user.OrderOption) *UserQuery {
 }

 // QueryAPIKeys chains the current query on the "api_keys" edge.
-func (_q *UserQuery) QueryAPIKeys() *ApiKeyQuery {
-	query := (&ApiKeyClient{config: _q.config}).Query()
+func (_q *UserQuery) QueryAPIKeys() *APIKeyQuery {
+	query := (&APIKeyClient{config: _q.config}).Query()
 	query.path = func(ctx context.Context) (fromU *sql.Selector, err error) {
 		if err := _q.prepareQuery(ctx); err != nil {
 			return nil, err
@@ -204,6 +206,28 @@ func (_q *UserQuery) QueryUsageLogs() *UsageLogQuery {
 	return query
 }

+// QueryAttributeValues chains the current query on the "attribute_values" edge.
+func (_q *UserQuery) QueryAttributeValues() *UserAttributeValueQuery {
+	query := (&UserAttributeValueClient{config: _q.config}).Query()
+	query.path = func(ctx context.Context) (fromU *sql.Selector, err error) {
+		if err := _q.prepareQuery(ctx); err != nil {
+			return nil, err
+		}
+		selector := _q.sqlQuery(ctx)
+		if err := selector.Err(); err != nil {
+			return nil, err
+		}
+		step := sqlgraph.NewStep(
+			sqlgraph.From(user.Table, user.FieldID, selector),
+			sqlgraph.To(userattributevalue.Table, userattributevalue.FieldID),
+			sqlgraph.Edge(sqlgraph.O2M, false, user.AttributeValuesTable, user.AttributeValuesColumn),
+		)
+		fromU = sqlgraph.SetNeighbors(_q.driver.Dialect(), step)
+		return fromU, nil
+	}
+	return query
+}
+
 // QueryUserAllowedGroups chains the current query on the "user_allowed_groups" edge.
 func (_q *UserQuery) QueryUserAllowedGroups() *UserAllowedGroupQuery {
 	query := (&UserAllowedGroupClient{config: _q.config}).Query()
@@ -424,6 +448,7 @@ func (_q *UserQuery) Clone() *UserQuery {
 		withAssignedSubscriptions: _q.withAssignedSubscriptions.Clone(),
 		withAllowedGroups:         _q.withAllowedGroups.Clone(),
 		withUsageLogs:             _q.withUsageLogs.Clone(),
+		withAttributeValues:       _q.withAttributeValues.Clone(),
 		withUserAllowedGroups:     _q.withUserAllowedGroups.Clone(),
 		// clone intermediate query.
 		sql:  _q.sql.Clone(),
@@ -433,8 +458,8 @@ func (_q *UserQuery) Clone() *UserQuery {

 // WithAPIKeys tells the query-builder to eager-load the nodes that are connected to
 // the "api_keys" edge. The optional arguments are used to configure the query builder of the edge.
-func (_q *UserQuery) WithAPIKeys(opts ...func(*ApiKeyQuery)) *UserQuery {
-	query := (&ApiKeyClient{config: _q.config}).Query()
+func (_q *UserQuery) WithAPIKeys(opts ...func(*APIKeyQuery)) *UserQuery {
+	query := (&APIKeyClient{config: _q.config}).Query()
 	for _, opt := range opts {
 		opt(query)
 	}
@@ -497,6 +522,17 @@ func (_q *UserQuery) WithUsageLogs(opts ...func(*UsageLogQuery)) *UserQuery {
 	return _q
 }

+// WithAttributeValues tells the query-builder to eager-load the nodes that are connected to
+// the "attribute_values" edge. The optional arguments are used to configure the query builder of the edge.
+func (_q *UserQuery) WithAttributeValues(opts ...func(*UserAttributeValueQuery)) *UserQuery {
+	query := (&UserAttributeValueClient{config: _q.config}).Query()
+	for _, opt := range opts {
+		opt(query)
+	}
+	_q.withAttributeValues = query
+	return _q
+}
+
 // WithUserAllowedGroups tells the query-builder to eager-load the nodes that are connected to
 // the "user_allowed_groups" edge. The optional arguments are used to configure the query builder of the edge.
 func (_q *UserQuery) WithUserAllowedGroups(opts ...func(*UserAllowedGroupQuery)) *UserQuery {
@@ -586,13 +622,14 @@ func (_q *UserQuery) sqlAll(ctx context.Context, hooks ...queryHook) ([]*User, e
 	var (
 		nodes       = []*User{}
 		_spec       = _q.querySpec()
-		loadedTypes = [7]bool{
+		loadedTypes = [8]bool{
 			_q.withAPIKeys != nil,
 			_q.withRedeemCodes != nil,
 			_q.withSubscriptions != nil,
 			_q.withAssignedSubscriptions != nil,
 			_q.withAllowedGroups != nil,
 			_q.withUsageLogs != nil,
+			_q.withAttributeValues != nil,
 			_q.withUserAllowedGroups != nil,
 		}
 	)
@@ -616,8 +653,8 @@ func (_q *UserQuery) sqlAll(ctx context.Context, hooks ...queryHook) ([]*User, e
 	}
 	if query := _q.withAPIKeys; query != nil {
 		if err := _q.loadAPIKeys(ctx, query, nodes,
-			func(n *User) { n.Edges.APIKeys = []*ApiKey{} },
-			func(n *User, e *ApiKey) { n.Edges.APIKeys = append(n.Edges.APIKeys, e) }); err != nil {
+			func(n *User) { n.Edges.APIKeys = []*APIKey{} },
+			func(n *User, e *APIKey) { n.Edges.APIKeys = append(n.Edges.APIKeys, e) }); err != nil {
 			return nil, err
 		}
 	}
@@ -658,6 +695,13 @@ func (_q *UserQuery) sqlAll(ctx context.Context, hooks ...queryHook) ([]*User, e
 			return nil, err
 		}
 	}
+	if query := _q.withAttributeValues; query != nil {
+		if err := _q.loadAttributeValues(ctx, query, nodes,
+			func(n *User) { n.Edges.AttributeValues = []*UserAttributeValue{} },
+			func(n *User, e *UserAttributeValue) { n.Edges.AttributeValues = append(n.Edges.AttributeValues, e) }); err != nil {
+			return nil, err
+		}
+	}
 	if query := _q.withUserAllowedGroups; query != nil {
 		if err := _q.loadUserAllowedGroups(ctx, query, nodes,
 			func(n *User) { n.Edges.UserAllowedGroups = []*UserAllowedGroup{} },
@@ -668,7 +712,7 @@ func (_q *UserQuery) sqlAll(ctx context.Context, hooks ...queryHook) ([]*User, e
 	return nodes, nil
 }

-func (_q *UserQuery) loadAPIKeys(ctx context.Context, query *ApiKeyQuery, nodes []*User, init func(*User), assign func(*User, *ApiKey)) error {
+func (_q *UserQuery) loadAPIKeys(ctx context.Context, query *APIKeyQuery, nodes []*User, init func(*User), assign func(*User, *APIKey)) error {
 	fks := make([]driver.Value, 0, len(nodes))
 	nodeids := make(map[int64]*User)
 	for i := range nodes {
@@ -681,7 +725,7 @@ func (_q *UserQuery) loadAPIKeys(ctx context.Context, query *ApiKeyQuery, nodes
 	if len(query.ctx.Fields) > 0 {
 		query.ctx.AppendFieldOnce(apikey.FieldUserID)
 	}
-	query.Where(predicate.ApiKey(func(s *sql.Selector) {
+	query.Where(predicate.APIKey(func(s *sql.Selector) {
 		s.Where(sql.InValues(s.C(user.APIKeysColumn), fks...))
 	}))
 	neighbors, err := query.All(ctx)
@@ -885,6 +929,36 @@ func (_q *UserQuery) loadUsageLogs(ctx context.Context, query *UsageLogQuery, no
 	}
 	return nil
 }
+func (_q *UserQuery) loadAttributeValues(ctx context.Context, query *UserAttributeValueQuery, nodes []*User, init func(*User), assign func(*User, *UserAttributeValue)) error {
+	fks := make([]driver.Value, 0, len(nodes))
+	nodeids := make(map[int64]*User)
+	for i := range nodes {
+		fks = append(fks, nodes[i].ID)
+		nodeids[nodes[i].ID] = nodes[i]
+		if init != nil {
+			init(nodes[i])
+		}
+	}
+	if len(query.ctx.Fields) > 0 {
+		query.ctx.AppendFieldOnce(userattributevalue.FieldUserID)
+	}
+	query.Where(predicate.UserAttributeValue(func(s *sql.Selector) {
+		s.Where(sql.InValues(s.C(user.AttributeValuesColumn), fks...))
+	}))
+	neighbors, err := query.All(ctx)
+	if err != nil {
+		return err
+	}
+	for _, n := range neighbors {
+		fk := n.UserID
+		node, ok := nodeids[fk]
+		if !ok {
+			return fmt.Errorf(`unexpected referenced foreign-key "user_id" returned %v for node %v`, fk, n.ID)
+		}
+		assign(node, n)
+	}
+	return nil
+}
 func (_q *UserQuery) loadUserAllowedGroups(ctx context.Context, query *UserAllowedGroupQuery, nodes []*User, init func(*User), assign func(*User, *UserAllowedGroup)) error {
 	fks := make([]driver.Value, 0, len(nodes))
 	nodeids := make(map[int64]*User)
--- a/backend/ent/user_update.go
+++ b/backend/ent/user_update.go
@@ -17,6 +17,7 @@ import (
 	"github.com/Wei-Shaw/sub2api/ent/redeemcode"
 	"github.com/Wei-Shaw/sub2api/ent/usagelog"
 	"github.com/Wei-Shaw/sub2api/ent/user"
+	"github.com/Wei-Shaw/sub2api/ent/userattributevalue"
 	"github.com/Wei-Shaw/sub2api/ent/usersubscription"
 )

@@ -171,20 +172,6 @@ func (_u *UserUpdate) SetNillableUsername(v *string) *UserUpdate {
 	return _u
 }

-// SetWechat sets the "wechat" field.
-func (_u *UserUpdate) SetWechat(v string) *UserUpdate {
-	_u.mutation.SetWechat(v)
-	return _u
-}
-
-// SetNillableWechat sets the "wechat" field if the given value is not nil.
-func (_u *UserUpdate) SetNillableWechat(v *string) *UserUpdate {
-	if v != nil {
-		_u.SetWechat(*v)
-	}
-	return _u
-}
-
 // SetNotes sets the "notes" field.
 func (_u *UserUpdate) SetNotes(v string) *UserUpdate {
 	_u.mutation.SetNotes(v)
@@ -199,14 +186,14 @@ func (_u *UserUpdate) SetNillableNotes(v *string) *UserUpdate {
 	return _u
 }

-// AddAPIKeyIDs adds the "api_keys" edge to the ApiKey entity by IDs.
+// AddAPIKeyIDs adds the "api_keys" edge to the APIKey entity by IDs.
 func (_u *UserUpdate) AddAPIKeyIDs(ids ...int64) *UserUpdate {
 	_u.mutation.AddAPIKeyIDs(ids...)
 	return _u
 }

-// AddAPIKeys adds the "api_keys" edges to the ApiKey entity.
-func (_u *UserUpdate) AddAPIKeys(v ...*ApiKey) *UserUpdate {
+// AddAPIKeys adds the "api_keys" edges to the APIKey entity.
+func (_u *UserUpdate) AddAPIKeys(v ...*APIKey) *UserUpdate {
 	ids := make([]int64, len(v))
 	for i := range v {
 		ids[i] = v[i].ID
@@ -289,25 +276,40 @@ func (_u *UserUpdate) AddUsageLogs(v ...*UsageLog) *UserUpdate {
 	return _u.AddUsageLogIDs(ids...)
 }

+// AddAttributeValueIDs adds the "attribute_values" edge to the UserAttributeValue entity by IDs.
+func (_u *UserUpdate) AddAttributeValueIDs(ids ...int64) *UserUpdate {
+	_u.mutation.AddAttributeValueIDs(ids...)
+	return _u
+}
+
+// AddAttributeValues adds the "attribute_values" edges to the UserAttributeValue entity.
+func (_u *UserUpdate) AddAttributeValues(v ...*UserAttributeValue) *UserUpdate {
+	ids := make([]int64, len(v))
+	for i := range v {
+		ids[i] = v[i].ID
+	}
+	return _u.AddAttributeValueIDs(ids...)
+}
+
 // Mutation returns the UserMutation object of the builder.
 func (_u *UserUpdate) Mutation() *UserMutation {
 	return _u.mutation
 }

-// ClearAPIKeys clears all "api_keys" edges to the ApiKey entity.
+// ClearAPIKeys clears all "api_keys" edges to the APIKey entity.
 func (_u *UserUpdate) ClearAPIKeys() *UserUpdate {
 	_u.mutation.ClearAPIKeys()
 	return _u
 }

-// RemoveAPIKeyIDs removes the "api_keys" edge to ApiKey entities by IDs.
+// RemoveAPIKeyIDs removes the "api_keys" edge to APIKey entities by IDs.
 func (_u *UserUpdate) RemoveAPIKeyIDs(ids ...int64) *UserUpdate {
 	_u.mutation.RemoveAPIKeyIDs(ids...)
 	return _u
 }

-// RemoveAPIKeys removes "api_keys" edges to ApiKey entities.
-func (_u *UserUpdate) RemoveAPIKeys(v ...*ApiKey) *UserUpdate {
+// RemoveAPIKeys removes "api_keys" edges to APIKey entities.
+func (_u *UserUpdate) RemoveAPIKeys(v ...*APIKey) *UserUpdate {
 	ids := make([]int64, len(v))
 	for i := range v {
 		ids[i] = v[i].ID
@@ -420,6 +422,27 @@ func (_u *UserUpdate) RemoveUsageLogs(v ...*UsageLog) *UserUpdate {
 	return _u.RemoveUsageLogIDs(ids...)
 }

+// ClearAttributeValues clears all "attribute_values" edges to the UserAttributeValue entity.
+func (_u *UserUpdate) ClearAttributeValues() *UserUpdate {
+	_u.mutation.ClearAttributeValues()
+	return _u
+}
+
+// RemoveAttributeValueIDs removes the "attribute_values" edge to UserAttributeValue entities by IDs.
+func (_u *UserUpdate) RemoveAttributeValueIDs(ids ...int64) *UserUpdate {
+	_u.mutation.RemoveAttributeValueIDs(ids...)
+	return _u
+}
+
+// RemoveAttributeValues removes "attribute_values" edges to UserAttributeValue entities.
+func (_u *UserUpdate) RemoveAttributeValues(v ...*UserAttributeValue) *UserUpdate {
+	ids := make([]int64, len(v))
+	for i := range v {
+		ids[i] = v[i].ID
+	}
+	return _u.RemoveAttributeValueIDs(ids...)
+}
+
 // Save executes the query and returns the number of nodes affected by the update operation.
 func (_u *UserUpdate) Save(ctx context.Context) (int, error) {
 	if err := _u.defaults(); err != nil {
@@ -489,11 +512,6 @@ func (_u *UserUpdate) check() error {
 			return &ValidationError{Name: "username", err: fmt.Errorf(`ent: validator failed for field "User.username": %w`, err)}
 		}
 	}
-	if v, ok := _u.mutation.Wechat(); ok {
-		if err := user.WechatValidator(v); err != nil {
-			return &ValidationError{Name: "wechat", err: fmt.Errorf(`ent: validator failed for field "User.wechat": %w`, err)}
-		}
-	}
 	return nil
 }

@@ -545,9 +563,6 @@ func (_u *UserUpdate) sqlSave(ctx context.Context) (_node int, err error) {
 	if value, ok := _u.mutation.Username(); ok {
 		_spec.SetField(user.FieldUsername, field.TypeString, value)
 	}
-	if value, ok := _u.mutation.Wechat(); ok {
-		_spec.SetField(user.FieldWechat, field.TypeString, value)
-	}
 	if value, ok := _u.mutation.Notes(); ok {
 		_spec.SetField(user.FieldNotes, field.TypeString, value)
 	}
@@ -833,6 +848,51 @@ func (_u *UserUpdate) sqlSave(ctx context.Context) (_node int, err error) {
 		}
 		_spec.Edges.Add = append(_spec.Edges.Add, edge)
 	}
+	if _u.mutation.AttributeValuesCleared() {
+		edge := &sqlgraph.EdgeSpec{
+			Rel:     sqlgraph.O2M,
+			Inverse: false,
+			Table:   user.AttributeValuesTable,
+			Columns: []string{user.AttributeValuesColumn},
+			Bidi:    false,
+			Target: &sqlgraph.EdgeTarget{
+				IDSpec: sqlgraph.NewFieldSpec(userattributevalue.FieldID, field.TypeInt64),
+			},
+		}
+		_spec.Edges.Clear = append(_spec.Edges.Clear, edge)
+	}
+	if nodes := _u.mutation.RemovedAttributeValuesIDs(); len(nodes) > 0 && !_u.mutation.AttributeValuesCleared() {
+		edge := &sqlgraph.EdgeSpec{
+			Rel:     sqlgraph.O2M,
+			Inverse: false,
+			Table:   user.AttributeValuesTable,
+			Columns: []string{user.AttributeValuesColumn},
+			Bidi:    false,
+			Target: &sqlgraph.EdgeTarget{
+				IDSpec: sqlgraph.NewFieldSpec(userattributevalue.FieldID, field.TypeInt64),
+			},
+		}
+		for _, k := range nodes {
+			edge.Target.Nodes = append(edge.Target.Nodes, k)
+		}
+		_spec.Edges.Clear = append(_spec.Edges.Clear, edge)
+	}
+	if nodes := _u.mutation.AttributeValuesIDs(); len(nodes) > 0 {
+		edge := &sqlgraph.EdgeSpec{
+			Rel:     sqlgraph.O2M,
+			Inverse: false,
+			Table:   user.AttributeValuesTable,
+			Columns: []string{user.AttributeValuesColumn},
+			Bidi:    false,
+			Target: &sqlgraph.EdgeTarget{
+				IDSpec: sqlgraph.NewFieldSpec(userattributevalue.FieldID, field.TypeInt64),
+			},
+		}
+		for _, k := range nodes {
+			edge.Target.Nodes = append(edge.Target.Nodes, k)
+		}
+		_spec.Edges.Add = append(_spec.Edges.Add, edge)
+	}
 	if _node, err = sqlgraph.UpdateNodes(ctx, _u.driver, _spec); err != nil {
 		if _, ok := err.(*sqlgraph.NotFoundError); ok {
 			err = &NotFoundError{user.Label}
@@ -991,20 +1051,6 @@ func (_u *UserUpdateOne) SetNillableUsername(v *string) *UserUpdateOne {
 	return _u
 }

-// SetWechat sets the "wechat" field.
-func (_u *UserUpdateOne) SetWechat(v string) *UserUpdateOne {
-	_u.mutation.SetWechat(v)
-	return _u
-}
-
-// SetNillableWechat sets the "wechat" field if the given value is not nil.
-func (_u *UserUpdateOne) SetNillableWechat(v *string) *UserUpdateOne {
-	if v != nil {
-		_u.SetWechat(*v)
-	}
-	return _u
-}
-
 // SetNotes sets the "notes" field.
 func (_u *UserUpdateOne) SetNotes(v string) *UserUpdateOne {
 	_u.mutation.SetNotes(v)
@@ -1019,14 +1065,14 @@ func (_u *UserUpdateOne) SetNillableNotes(v *string) *UserUpdateOne {
 	return _u
 }

-// AddAPIKeyIDs adds the "api_keys" edge to the ApiKey entity by IDs.
+// AddAPIKeyIDs adds the "api_keys" edge to the APIKey entity by IDs.
 func (_u *UserUpdateOne) AddAPIKeyIDs(ids ...int64) *UserUpdateOne {
 	_u.mutation.AddAPIKeyIDs(ids...)
 	return _u
 }

-// AddAPIKeys adds the "api_keys" edges to the ApiKey entity.
-func (_u *UserUpdateOne) AddAPIKeys(v ...*ApiKey) *UserUpdateOne {
+// AddAPIKeys adds the "api_keys" edges to the APIKey entity.
+func (_u *UserUpdateOne) AddAPIKeys(v ...*APIKey) *UserUpdateOne {
 	ids := make([]int64, len(v))
 	for i := range v {
 		ids[i] = v[i].ID
@@ -1109,25 +1155,40 @@ func (_u *UserUpdateOne) AddUsageLogs(v ...*UsageLog) *UserUpdateOne {
 	return _u.AddUsageLogIDs(ids...)
 }

+// AddAttributeValueIDs adds the "attribute_values" edge to the UserAttributeValue entity by IDs.
+func (_u *UserUpdateOne) AddAttributeValueIDs(ids ...int64) *UserUpdateOne {
+	_u.mutation.AddAttributeValueIDs(ids...)
+	return _u
+}
+
+// AddAttributeValues adds the "attribute_values" edges to the UserAttributeValue entity.
+func (_u *UserUpdateOne) AddAttributeValues(v ...*UserAttributeValue) *UserUpdateOne {
+	ids := make([]int64, len(v))
+	for i := range v {
+		ids[i] = v[i].ID
+	}
+	return _u.AddAttributeValueIDs(ids...)
+}
+
 // Mutation returns the UserMutation object of the builder.
 func (_u *UserUpdateOne) Mutation() *UserMutation {
 	return _u.mutation
 }

-// ClearAPIKeys clears all "api_keys" edges to the ApiKey entity.
+// ClearAPIKeys clears all "api_keys" edges to the APIKey entity.
 func (_u *UserUpdateOne) ClearAPIKeys() *UserUpdateOne {
 	_u.mutation.ClearAPIKeys()
 	return _u
 }

-// RemoveAPIKeyIDs removes the "api_keys" edge to ApiKey entities by IDs.
+// RemoveAPIKeyIDs removes the "api_keys" edge to APIKey entities by IDs.
 func (_u *UserUpdateOne) RemoveAPIKeyIDs(ids ...int64) *UserUpdateOne {
 	_u.mutation.RemoveAPIKeyIDs(ids...)
 	return _u
 }

-// RemoveAPIKeys removes "api_keys" edges to ApiKey entities.
-func (_u *UserUpdateOne) RemoveAPIKeys(v ...*ApiKey) *UserUpdateOne {
+// RemoveAPIKeys removes "api_keys" edges to APIKey entities.
+func (_u *UserUpdateOne) RemoveAPIKeys(v ...*APIKey) *UserUpdateOne {
 	ids := make([]int64, len(v))
 	for i := range v {
 		ids[i] = v[i].ID
@@ -1240,6 +1301,27 @@ func (_u *UserUpdateOne) RemoveUsageLogs(v ...*UsageLog) *UserUpdateOne {
 	return _u.RemoveUsageLogIDs(ids...)
 }

+// ClearAttributeValues clears all "attribute_values" edges to the UserAttributeValue entity.
+func (_u *UserUpdateOne) ClearAttributeValues() *UserUpdateOne {
+	_u.mutation.ClearAttributeValues()
+	return _u
+}
+
+// RemoveAttributeValueIDs removes the "attribute_values" edge to UserAttributeValue entities by IDs.
+func (_u *UserUpdateOne) RemoveAttributeValueIDs(ids ...int64) *UserUpdateOne {
+	_u.mutation.RemoveAttributeValueIDs(ids...)
+	return _u
+}
+
+// RemoveAttributeValues removes "attribute_values" edges to UserAttributeValue entities.
+func (_u *UserUpdateOne) RemoveAttributeValues(v ...*UserAttributeValue) *UserUpdateOne {
+	ids := make([]int64, len(v))
+	for i := range v {
+		ids[i] = v[i].ID
+	}
+	return _u.RemoveAttributeValueIDs(ids...)
+}
+
 // Where appends a list predicates to the UserUpdate builder.
 func (_u *UserUpdateOne) Where(ps ...predicate.User) *UserUpdateOne {
 	_u.mutation.Where(ps...)
@@ -1322,11 +1404,6 @@ func (_u *UserUpdateOne) check() error {
 			return &ValidationError{Name: "username", err: fmt.Errorf(`ent: validator failed for field "User.username": %w`, err)}
 		}
 	}
-	if v, ok := _u.mutation.Wechat(); ok {
-		if err := user.WechatValidator(v); err != nil {
-			return &ValidationError{Name: "wechat", err: fmt.Errorf(`ent: validator failed for field "User.wechat": %w`, err)}
-		}
-	}
 	return nil
 }

@@ -1395,9 +1472,6 @@ func (_u *UserUpdateOne) sqlSave(ctx context.Context) (_node *User, err error) {
 	if value, ok := _u.mutation.Username(); ok {
 		_spec.SetField(user.FieldUsername, field.TypeString, value)
 	}
-	if value, ok := _u.mutation.Wechat(); ok {
-		_spec.SetField(user.FieldWechat, field.TypeString, value)
-	}
 	if value, ok := _u.mutation.Notes(); ok {
 		_spec.SetField(user.FieldNotes, field.TypeString, value)
 	}
@@ -1683,6 +1757,51 @@ func (_u *UserUpdateOne) sqlSave(ctx context.Context) (_node *User, err error) {
 		}
 		_spec.Edges.Add = append(_spec.Edges.Add, edge)
 	}
+	if _u.mutation.AttributeValuesCleared() {
+		edge := &sqlgraph.EdgeSpec{
+			Rel:     sqlgraph.O2M,
+			Inverse: false,
+			Table:   user.AttributeValuesTable,
+			Columns: []string{user.AttributeValuesColumn},
+			Bidi:    false,
+			Target: &sqlgraph.EdgeTarget{
+				IDSpec: sqlgraph.NewFieldSpec(userattributevalue.FieldID, field.TypeInt64),
+			},
+		}
+		_spec.Edges.Clear = append(_spec.Edges.Clear, edge)
+	}
+	if nodes := _u.mutation.RemovedAttributeValuesIDs(); len(nodes) > 0 && !_u.mutation.AttributeValuesCleared() {
+		edge := &sqlgraph.EdgeSpec{
+			Rel:     sqlgraph.O2M,
+			Inverse: false,
+			Table:   user.AttributeValuesTable,
+			Columns: []string{user.AttributeValuesColumn},
+			Bidi:    false,
+			Target: &sqlgraph.EdgeTarget{
+				IDSpec: sqlgraph.NewFieldSpec(userattributevalue.FieldID, field.TypeInt64),
+			},
+		}
+		for _, k := range nodes {
+			edge.Target.Nodes = append(edge.Target.Nodes, k)
+		}
+		_spec.Edges.Clear = append(_spec.Edges.Clear, edge)
+	}
+	if nodes := _u.mutation.AttributeValuesIDs(); len(nodes) > 0 {
+		edge := &sqlgraph.EdgeSpec{
+			Rel:     sqlgraph.O2M,
+			Inverse: false,
+			Table:   user.AttributeValuesTable,
+			Columns: []string{user.AttributeValuesColumn},
+			Bidi:    false,
+			Target: &sqlgraph.EdgeTarget{
+				IDSpec: sqlgraph.NewFieldSpec(userattributevalue.FieldID, field.TypeInt64),
+			},
+		}
+		for _, k := range nodes {
+			edge.Target.Nodes = append(edge.Target.Nodes, k)
+		}
+		_spec.Edges.Add = append(_spec.Edges.Add, edge)
+	}
 	_node = &User{config: _u.config}
 	_spec.Assign = _node.assignValues
 	_spec.ScanValues = _node.scanValues
--- a/backend/ent/userattributedefinition.go
+++ b/backend/ent/userattributedefinition.go
@@ -0,0 +1,276 @@
+// Code generated by ent, DO NOT EDIT.
+
+package ent
+
+import (
+	"encoding/json"
+	"fmt"
+	"strings"
+	"time"
+
+	"entgo.io/ent"
+	"entgo.io/ent/dialect/sql"
+	"github.com/Wei-Shaw/sub2api/ent/userattributedefinition"
+)
+
+// UserAttributeDefinition is the model entity for the UserAttributeDefinition schema.
+type UserAttributeDefinition struct {
+	config `json:"-"`
+	// ID of the ent.
+	ID int64 `json:"id,omitempty"`
+	// CreatedAt holds the value of the "created_at" field.
+	CreatedAt time.Time `json:"created_at,omitempty"`
+	// UpdatedAt holds the value of the "updated_at" field.
+	UpdatedAt time.Time `json:"updated_at,omitempty"`
+	// DeletedAt holds the value of the "deleted_at" field.
+	DeletedAt *time.Time `json:"deleted_at,omitempty"`
+	// Key holds the value of the "key" field.
+	Key string `json:"key,omitempty"`
+	// Name holds the value of the "name" field.
+	Name string `json:"name,omitempty"`
+	// Description holds the value of the "description" field.
+	Description string `json:"description,omitempty"`
+	// Type holds the value of the "type" field.
+	Type string `json:"type,omitempty"`
+	// Options holds the value of the "options" field.
+	Options []map[string]interface{} `json:"options,omitempty"`
+	// Required holds the value of the "required" field.
+	Required bool `json:"required,omitempty"`
+	// Validation holds the value of the "validation" field.
+	Validation map[string]interface{} `json:"validation,omitempty"`
+	// Placeholder holds the value of the "placeholder" field.
+	Placeholder string `json:"placeholder,omitempty"`
+	// DisplayOrder holds the value of the "display_order" field.
+	DisplayOrder int `json:"display_order,omitempty"`
+	// Enabled holds the value of the "enabled" field.
+	Enabled bool `json:"enabled,omitempty"`
+	// Edges holds the relations/edges for other nodes in the graph.
+	// The values are being populated by the UserAttributeDefinitionQuery when eager-loading is set.
+	Edges        UserAttributeDefinitionEdges `json:"edges"`
+	selectValues sql.SelectValues
+}
+
+// UserAttributeDefinitionEdges holds the relations/edges for other nodes in the graph.
+type UserAttributeDefinitionEdges struct {
+	// Values holds the value of the values edge.
+	Values []*UserAttributeValue `json:"values,omitempty"`
+	// loadedTypes holds the information for reporting if a
+	// type was loaded (or requested) in eager-loading or not.
+	loadedTypes [1]bool
+}
+
+// ValuesOrErr returns the Values value or an error if the edge
+// was not loaded in eager-loading.
+func (e UserAttributeDefinitionEdges) ValuesOrErr() ([]*UserAttributeValue, error) {
+	if e.loadedTypes[0] {
+		return e.Values, nil
+	}
+	return nil, &NotLoadedError{edge: "values"}
+}
+
+// scanValues returns the types for scanning values from sql.Rows.
+func (*UserAttributeDefinition) scanValues(columns []string) ([]any, error) {
+	values := make([]any, len(columns))
+	for i := range columns {
+		switch columns[i] {
+		case userattributedefinition.FieldOptions, userattributedefinition.FieldValidation:
+			values[i] = new([]byte)
+		case userattributedefinition.FieldRequired, userattributedefinition.FieldEnabled:
+			values[i] = new(sql.NullBool)
+		case userattributedefinition.FieldID, userattributedefinition.FieldDisplayOrder:
+			values[i] = new(sql.NullInt64)
+		case userattributedefinition.FieldKey, userattributedefinition.FieldName, userattributedefinition.FieldDescription, userattributedefinition.FieldType, userattributedefinition.FieldPlaceholder:
+			values[i] = new(sql.NullString)
+		case userattributedefinition.FieldCreatedAt, userattributedefinition.FieldUpdatedAt, userattributedefinition.FieldDeletedAt:
+			values[i] = new(sql.NullTime)
+		default:
+			values[i] = new(sql.UnknownType)
+		}
+	}
+	return values, nil
+}
+
+// assignValues assigns the values that were returned from sql.Rows (after scanning)
+// to the UserAttributeDefinition fields.
+func (_m *UserAttributeDefinition) assignValues(columns []string, values []any) error {
+	if m, n := len(values), len(columns); m < n {
+		return fmt.Errorf("mismatch number of scan values: %d != %d", m, n)
+	}
+	for i := range columns {
+		switch columns[i] {
+		case userattributedefinition.FieldID:
+			value, ok := values[i].(*sql.NullInt64)
+			if !ok {
+				return fmt.Errorf("unexpected type %T for field id", value)
+			}
+			_m.ID = int64(value.Int64)
+		case userattributedefinition.FieldCreatedAt:
+			if value, ok := values[i].(*sql.NullTime); !ok {
+				return fmt.Errorf("unexpected type %T for field created_at", values[i])
+			} else if value.Valid {
+				_m.CreatedAt = value.Time
+			}
+		case userattributedefinition.FieldUpdatedAt:
+			if value, ok := values[i].(*sql.NullTime); !ok {
+				return fmt.Errorf("unexpected type %T for field updated_at", values[i])
+			} else if value.Valid {
+				_m.UpdatedAt = value.Time
+			}
+		case userattributedefinition.FieldDeletedAt:
+			if value, ok := values[i].(*sql.NullTime); !ok {
+				return fmt.Errorf("unexpected type %T for field deleted_at", values[i])
+			} else if value.Valid {
+				_m.DeletedAt = new(time.Time)
+				*_m.DeletedAt = value.Time
+			}
+		case userattributedefinition.FieldKey:
+			if value, ok := values[i].(*sql.NullString); !ok {
+				return fmt.Errorf("unexpected type %T for field key", values[i])
+			} else if value.Valid {
+				_m.Key = value.String
+			}
+		case userattributedefinition.FieldName:
+			if value, ok := values[i].(*sql.NullString); !ok {
+				return fmt.Errorf("unexpected type %T for field name", values[i])
+			} else if value.Valid {
+				_m.Name = value.String
+			}
+		case userattributedefinition.FieldDescription:
+			if value, ok := values[i].(*sql.NullString); !ok {
+				return fmt.Errorf("unexpected type %T for field description", values[i])
+			} else if value.Valid {
+				_m.Description = value.String
+			}
+		case userattributedefinition.FieldType:
+			if value, ok := values[i].(*sql.NullString); !ok {
+				return fmt.Errorf("unexpected type %T for field type", values[i])
+			} else if value.Valid {
+				_m.Type = value.String
+			}
+		case userattributedefinition.FieldOptions:
+			if value, ok := values[i].(*[]byte); !ok {
+				return fmt.Errorf("unexpected type %T for field options", values[i])
+			} else if value != nil && len(*value) > 0 {
+				if err := json.Unmarshal(*value, &_m.Options); err != nil {
+					return fmt.Errorf("unmarshal field options: %w", err)
+				}
+			}
+		case userattributedefinition.FieldRequired:
+			if value, ok := values[i].(*sql.NullBool); !ok {
+				return fmt.Errorf("unexpected type %T for field required", values[i])
+			} else if value.Valid {
+				_m.Required = value.Bool
+			}
+		case userattributedefinition.FieldValidation:
+			if value, ok := values[i].(*[]byte); !ok {
+				return fmt.Errorf("unexpected type %T for field validation", values[i])
+			} else if value != nil && len(*value) > 0 {
+				if err := json.Unmarshal(*value, &_m.Validation); err != nil {
+					return fmt.Errorf("unmarshal field validation: %w", err)
+				}
+			}
+		case userattributedefinition.FieldPlaceholder:
+			if value, ok := values[i].(*sql.NullString); !ok {
+				return fmt.Errorf("unexpected type %T for field placeholder", values[i])
+			} else if value.Valid {
+				_m.Placeholder = value.String
+			}
+		case userattributedefinition.FieldDisplayOrder:
+			if value, ok := values[i].(*sql.NullInt64); !ok {
+				return fmt.Errorf("unexpected type %T for field display_order", values[i])
+			} else if value.Valid {
+				_m.DisplayOrder = int(value.Int64)
+			}
+		case userattributedefinition.FieldEnabled:
+			if value, ok := values[i].(*sql.NullBool); !ok {
+				return fmt.Errorf("unexpected type %T for field enabled", values[i])
+			} else if value.Valid {
+				_m.Enabled = value.Bool
+			}
+		default:
+			_m.selectValues.Set(columns[i], values[i])
+		}
+	}
+	return nil
+}
+
+// Value returns the ent.Value that was dynamically selected and assigned to the UserAttributeDefinition.
+// This includes values selected through modifiers, order, etc.
+func (_m *UserAttributeDefinition) Value(name string) (ent.Value, error) {
+	return _m.selectValues.Get(name)
+}
+
+// QueryValues queries the "values" edge of the UserAttributeDefinition entity.
+func (_m *UserAttributeDefinition) QueryValues() *UserAttributeValueQuery {
+	return NewUserAttributeDefinitionClient(_m.config).QueryValues(_m)
+}
+
+// Update returns a builder for updating this UserAttributeDefinition.
+// Note that you need to call UserAttributeDefinition.Unwrap() before calling this method if this UserAttributeDefinition
+// was returned from a transaction, and the transaction was committed or rolled back.
+func (_m *UserAttributeDefinition) Update() *UserAttributeDefinitionUpdateOne {
+	return NewUserAttributeDefinitionClient(_m.config).UpdateOne(_m)
+}
+
+// Unwrap unwraps the UserAttributeDefinition entity that was returned from a transaction after it was closed,
+// so that all future queries will be executed through the driver which created the transaction.
+func (_m *UserAttributeDefinition) Unwrap() *UserAttributeDefinition {
+	_tx, ok := _m.config.driver.(*txDriver)
+	if !ok {
+		panic("ent: UserAttributeDefinition is not a transactional entity")
+	}
+	_m.config.driver = _tx.drv
+	return _m
+}
+
+// String implements the fmt.Stringer.
+func (_m *UserAttributeDefinition) String() string {
+	var builder strings.Builder
+	builder.WriteString("UserAttributeDefinition(")
+	builder.WriteString(fmt.Sprintf("id=%v, ", _m.ID))
+	builder.WriteString("created_at=")
+	builder.WriteString(_m.CreatedAt.Format(time.ANSIC))
+	builder.WriteString(", ")
+	builder.WriteString("updated_at=")
+	builder.WriteString(_m.UpdatedAt.Format(time.ANSIC))
+	builder.WriteString(", ")
+	if v := _m.DeletedAt; v != nil {
+		builder.WriteString("deleted_at=")
+		builder.WriteString(v.Format(time.ANSIC))
+	}
+	builder.WriteString(", ")
+	builder.WriteString("key=")
+	builder.WriteString(_m.Key)
+	builder.WriteString(", ")
+	builder.WriteString("name=")
+	builder.WriteString(_m.Name)
+	builder.WriteString(", ")
+	builder.WriteString("description=")
+	builder.WriteString(_m.Description)
+	builder.WriteString(", ")
+	builder.WriteString("type=")
+	builder.WriteString(_m.Type)
+	builder.WriteString(", ")
+	builder.WriteString("options=")
+	builder.WriteString(fmt.Sprintf("%v", _m.Options))
+	builder.WriteString(", ")
+	builder.WriteString("required=")
+	builder.WriteString(fmt.Sprintf("%v", _m.Required))
+	builder.WriteString(", ")
+	builder.WriteString("validation=")
+	builder.WriteString(fmt.Sprintf("%v", _m.Validation))
+	builder.WriteString(", ")
+	builder.WriteString("placeholder=")
+	builder.WriteString(_m.Placeholder)
+	builder.WriteString(", ")
+	builder.WriteString("display_order=")
+	builder.WriteString(fmt.Sprintf("%v", _m.DisplayOrder))
+	builder.WriteString(", ")
+	builder.WriteString("enabled=")
+	builder.WriteString(fmt.Sprintf("%v", _m.Enabled))
+	builder.WriteByte(')')
+	return builder.String()
+}
+
+// UserAttributeDefinitions is a parsable slice of UserAttributeDefinition.
+type UserAttributeDefinitions []*UserAttributeDefinition
--- a/backend/ent/userattributedefinition/userattributedefinition.go
+++ b/backend/ent/userattributedefinition/userattributedefinition.go
@@ -0,0 +1,205 @@
+// Code generated by ent, DO NOT EDIT.
+
+package userattributedefinition
+
+import (
+	"time"
+
+	"entgo.io/ent"
+	"entgo.io/ent/dialect/sql"
+	"entgo.io/ent/dialect/sql/sqlgraph"
+)
+
+const (
+	// Label holds the string label denoting the userattributedefinition type in the database.
+	Label = "user_attribute_definition"
+	// FieldID holds the string denoting the id field in the database.
+	FieldID = "id"
+	// FieldCreatedAt holds the string denoting the created_at field in the database.
+	FieldCreatedAt = "created_at"
+	// FieldUpdatedAt holds the string denoting the updated_at field in the database.
+	FieldUpdatedAt = "updated_at"
+	// FieldDeletedAt holds the string denoting the deleted_at field in the database.
+	FieldDeletedAt = "deleted_at"
+	// FieldKey holds the string denoting the key field in the database.
+	FieldKey = "key"
+	// FieldName holds the string denoting the name field in the database.
+	FieldName = "name"
+	// FieldDescription holds the string denoting the description field in the database.
+	FieldDescription = "description"
+	// FieldType holds the string denoting the type field in the database.
+	FieldType = "type"
+	// FieldOptions holds the string denoting the options field in the database.
+	FieldOptions = "options"
+	// FieldRequired holds the string denoting the required field in the database.
+	FieldRequired = "required"
+	// FieldValidation holds the string denoting the validation field in the database.
+	FieldValidation = "validation"
+	// FieldPlaceholder holds the string denoting the placeholder field in the database.
+	FieldPlaceholder = "placeholder"
+	// FieldDisplayOrder holds the string denoting the display_order field in the database.
+	FieldDisplayOrder = "display_order"
+	// FieldEnabled holds the string denoting the enabled field in the database.
+	FieldEnabled = "enabled"
+	// EdgeValues holds the string denoting the values edge name in mutations.
+	EdgeValues = "values"
+	// Table holds the table name of the userattributedefinition in the database.
+	Table = "user_attribute_definitions"
+	// ValuesTable is the table that holds the values relation/edge.
+	ValuesTable = "user_attribute_values"
+	// ValuesInverseTable is the table name for the UserAttributeValue entity.
+	// It exists in this package in order to avoid circular dependency with the "userattributevalue" package.
+	ValuesInverseTable = "user_attribute_values"
+	// ValuesColumn is the table column denoting the values relation/edge.
+	ValuesColumn = "attribute_id"
+)
+
+// Columns holds all SQL columns for userattributedefinition fields.
+var Columns = []string{
+	FieldID,
+	FieldCreatedAt,
+	FieldUpdatedAt,
+	FieldDeletedAt,
+	FieldKey,
+	FieldName,
+	FieldDescription,
+	FieldType,
+	FieldOptions,
+	FieldRequired,
+	FieldValidation,
+	FieldPlaceholder,
+	FieldDisplayOrder,
+	FieldEnabled,
+}
+
+// ValidColumn reports if the column name is valid (part of the table columns).
+func ValidColumn(column string) bool {
+	for i := range Columns {
+		if column == Columns[i] {
+			return true
+		}
+	}
+	return false
+}
+
+// Note that the variables below are initialized by the runtime
+// package on the initialization of the application. Therefore,
+// it should be imported in the main as follows:
+//
+//	import _ "github.com/Wei-Shaw/sub2api/ent/runtime"
+var (
+	Hooks        [1]ent.Hook
+	Interceptors [1]ent.Interceptor
+	// DefaultCreatedAt holds the default value on creation for the "created_at" field.
+	DefaultCreatedAt func() time.Time
+	// DefaultUpdatedAt holds the default value on creation for the "updated_at" field.
+	DefaultUpdatedAt func() time.Time
+	// UpdateDefaultUpdatedAt holds the default value on update for the "updated_at" field.
+	UpdateDefaultUpdatedAt func() time.Time
+	// KeyValidator is a validator for the "key" field. It is called by the builders before save.
+	KeyValidator func(string) error
+	// NameValidator is a validator for the "name" field. It is called by the builders before save.
+	NameValidator func(string) error
+	// DefaultDescription holds the default value on creation for the "description" field.
+	DefaultDescription string
+	// TypeValidator is a validator for the "type" field. It is called by the builders before save.
+	TypeValidator func(string) error
+	// DefaultOptions holds the default value on creation for the "options" field.
+	DefaultOptions []map[string]interface{}
+	// DefaultRequired holds the default value on creation for the "required" field.
+	DefaultRequired bool
+	// DefaultValidation holds the default value on creation for the "validation" field.
+	DefaultValidation map[string]interface{}
+	// DefaultPlaceholder holds the default value on creation for the "placeholder" field.
+	DefaultPlaceholder string
+	// PlaceholderValidator is a validator for the "placeholder" field. It is called by the builders before save.
+	PlaceholderValidator func(string) error
+	// DefaultDisplayOrder holds the default value on creation for the "display_order" field.
+	DefaultDisplayOrder int
+	// DefaultEnabled holds the default value on creation for the "enabled" field.
+	DefaultEnabled bool
+)
+
+// OrderOption defines the ordering options for the UserAttributeDefinition queries.
+type OrderOption func(*sql.Selector)
+
+// ByID orders the results by the id field.
+func ByID(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldID, opts...).ToFunc()
+}
+
+// ByCreatedAt orders the results by the created_at field.
+func ByCreatedAt(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldCreatedAt, opts...).ToFunc()
+}
+
+// ByUpdatedAt orders the results by the updated_at field.
+func ByUpdatedAt(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldUpdatedAt, opts...).ToFunc()
+}
+
+// ByDeletedAt orders the results by the deleted_at field.
+func ByDeletedAt(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldDeletedAt, opts...).ToFunc()
+}
+
+// ByKey orders the results by the key field.
+func ByKey(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldKey, opts...).ToFunc()
+}
+
+// ByName orders the results by the name field.
+func ByName(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldName, opts...).ToFunc()
+}
+
+// ByDescription orders the results by the description field.
+func ByDescription(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldDescription, opts...).ToFunc()
+}
+
+// ByType orders the results by the type field.
+func ByType(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldType, opts...).ToFunc()
+}
+
+// ByRequired orders the results by the required field.
+func ByRequired(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldRequired, opts...).ToFunc()
+}
+
+// ByPlaceholder orders the results by the placeholder field.
+func ByPlaceholder(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldPlaceholder, opts...).ToFunc()
+}
+
+// ByDisplayOrder orders the results by the display_order field.
+func ByDisplayOrder(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldDisplayOrder, opts...).ToFunc()
+}
+
+// ByEnabled orders the results by the enabled field.
+func ByEnabled(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldEnabled, opts...).ToFunc()
+}
+
+// ByValuesCount orders the results by values count.
+func ByValuesCount(opts ...sql.OrderTermOption) OrderOption {
+	return func(s *sql.Selector) {
+		sqlgraph.OrderByNeighborsCount(s, newValuesStep(), opts...)
+	}
+}
+
+// ByValues orders the results by values terms.
+func ByValues(term sql.OrderTerm, terms ...sql.OrderTerm) OrderOption {
+	return func(s *sql.Selector) {
+		sqlgraph.OrderByNeighborTerms(s, newValuesStep(), append([]sql.OrderTerm{term}, terms...)...)
+	}
+}
+func newValuesStep() *sqlgraph.Step {
+	return sqlgraph.NewStep(
+		sqlgraph.From(Table, FieldID),
+		sqlgraph.To(ValuesInverseTable, FieldID),
+		sqlgraph.Edge(sqlgraph.O2M, false, ValuesTable, ValuesColumn),
+	)
+}
--- a/backend/ent/userattributedefinition/where.go
+++ b/backend/ent/userattributedefinition/where.go
@@ -0,0 +1,664 @@
+// Code generated by ent, DO NOT EDIT.
+
+package userattributedefinition
+
+import (
+	"time"
+
+	"entgo.io/ent/dialect/sql"
+	"entgo.io/ent/dialect/sql/sqlgraph"
+	"github.com/Wei-Shaw/sub2api/ent/predicate"
+)
+
+// ID filters vertices based on their ID field.
+func ID(id int64) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldID, id))
+}
+
+// IDEQ applies the EQ predicate on the ID field.
+func IDEQ(id int64) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldID, id))
+}
+
+// IDNEQ applies the NEQ predicate on the ID field.
+func IDNEQ(id int64) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldNEQ(FieldID, id))
+}
+
+// IDIn applies the In predicate on the ID field.
+func IDIn(ids ...int64) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldIn(FieldID, ids...))
+}
+
+// IDNotIn applies the NotIn predicate on the ID field.
+func IDNotIn(ids ...int64) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldNotIn(FieldID, ids...))
+}
+
+// IDGT applies the GT predicate on the ID field.
+func IDGT(id int64) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldGT(FieldID, id))
+}
+
+// IDGTE applies the GTE predicate on the ID field.
+func IDGTE(id int64) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldGTE(FieldID, id))
+}
+
+// IDLT applies the LT predicate on the ID field.
+func IDLT(id int64) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldLT(FieldID, id))
+}
+
+// IDLTE applies the LTE predicate on the ID field.
+func IDLTE(id int64) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldLTE(FieldID, id))
+}
+
+// CreatedAt applies equality check predicate on the "created_at" field. It's identical to CreatedAtEQ.
+func CreatedAt(v time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldCreatedAt, v))
+}
+
+// UpdatedAt applies equality check predicate on the "updated_at" field. It's identical to UpdatedAtEQ.
+func UpdatedAt(v time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldUpdatedAt, v))
+}
+
+// DeletedAt applies equality check predicate on the "deleted_at" field. It's identical to DeletedAtEQ.
+func DeletedAt(v time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldDeletedAt, v))
+}
+
+// Key applies equality check predicate on the "key" field. It's identical to KeyEQ.
+func Key(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldKey, v))
+}
+
+// Name applies equality check predicate on the "name" field. It's identical to NameEQ.
+func Name(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldName, v))
+}
+
+// Description applies equality check predicate on the "description" field. It's identical to DescriptionEQ.
+func Description(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldDescription, v))
+}
+
+// Type applies equality check predicate on the "type" field. It's identical to TypeEQ.
+func Type(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldType, v))
+}
+
+// Required applies equality check predicate on the "required" field. It's identical to RequiredEQ.
+func Required(v bool) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldRequired, v))
+}
+
+// Placeholder applies equality check predicate on the "placeholder" field. It's identical to PlaceholderEQ.
+func Placeholder(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldPlaceholder, v))
+}
+
+// DisplayOrder applies equality check predicate on the "display_order" field. It's identical to DisplayOrderEQ.
+func DisplayOrder(v int) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldDisplayOrder, v))
+}
+
+// Enabled applies equality check predicate on the "enabled" field. It's identical to EnabledEQ.
+func Enabled(v bool) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldEnabled, v))
+}
+
+// CreatedAtEQ applies the EQ predicate on the "created_at" field.
+func CreatedAtEQ(v time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldCreatedAt, v))
+}
+
+// CreatedAtNEQ applies the NEQ predicate on the "created_at" field.
+func CreatedAtNEQ(v time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldNEQ(FieldCreatedAt, v))
+}
+
+// CreatedAtIn applies the In predicate on the "created_at" field.
+func CreatedAtIn(vs ...time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldIn(FieldCreatedAt, vs...))
+}
+
+// CreatedAtNotIn applies the NotIn predicate on the "created_at" field.
+func CreatedAtNotIn(vs ...time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldNotIn(FieldCreatedAt, vs...))
+}
+
+// CreatedAtGT applies the GT predicate on the "created_at" field.
+func CreatedAtGT(v time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldGT(FieldCreatedAt, v))
+}
+
+// CreatedAtGTE applies the GTE predicate on the "created_at" field.
+func CreatedAtGTE(v time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldGTE(FieldCreatedAt, v))
+}
+
+// CreatedAtLT applies the LT predicate on the "created_at" field.
+func CreatedAtLT(v time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldLT(FieldCreatedAt, v))
+}
+
+// CreatedAtLTE applies the LTE predicate on the "created_at" field.
+func CreatedAtLTE(v time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldLTE(FieldCreatedAt, v))
+}
+
+// UpdatedAtEQ applies the EQ predicate on the "updated_at" field.
+func UpdatedAtEQ(v time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldUpdatedAt, v))
+}
+
+// UpdatedAtNEQ applies the NEQ predicate on the "updated_at" field.
+func UpdatedAtNEQ(v time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldNEQ(FieldUpdatedAt, v))
+}
+
+// UpdatedAtIn applies the In predicate on the "updated_at" field.
+func UpdatedAtIn(vs ...time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldIn(FieldUpdatedAt, vs...))
+}
+
+// UpdatedAtNotIn applies the NotIn predicate on the "updated_at" field.
+func UpdatedAtNotIn(vs ...time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldNotIn(FieldUpdatedAt, vs...))
+}
+
+// UpdatedAtGT applies the GT predicate on the "updated_at" field.
+func UpdatedAtGT(v time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldGT(FieldUpdatedAt, v))
+}
+
+// UpdatedAtGTE applies the GTE predicate on the "updated_at" field.
+func UpdatedAtGTE(v time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldGTE(FieldUpdatedAt, v))
+}
+
+// UpdatedAtLT applies the LT predicate on the "updated_at" field.
+func UpdatedAtLT(v time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldLT(FieldUpdatedAt, v))
+}
+
+// UpdatedAtLTE applies the LTE predicate on the "updated_at" field.
+func UpdatedAtLTE(v time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldLTE(FieldUpdatedAt, v))
+}
+
+// DeletedAtEQ applies the EQ predicate on the "deleted_at" field.
+func DeletedAtEQ(v time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldDeletedAt, v))
+}
+
+// DeletedAtNEQ applies the NEQ predicate on the "deleted_at" field.
+func DeletedAtNEQ(v time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldNEQ(FieldDeletedAt, v))
+}
+
+// DeletedAtIn applies the In predicate on the "deleted_at" field.
+func DeletedAtIn(vs ...time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldIn(FieldDeletedAt, vs...))
+}
+
+// DeletedAtNotIn applies the NotIn predicate on the "deleted_at" field.
+func DeletedAtNotIn(vs ...time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldNotIn(FieldDeletedAt, vs...))
+}
+
+// DeletedAtGT applies the GT predicate on the "deleted_at" field.
+func DeletedAtGT(v time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldGT(FieldDeletedAt, v))
+}
+
+// DeletedAtGTE applies the GTE predicate on the "deleted_at" field.
+func DeletedAtGTE(v time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldGTE(FieldDeletedAt, v))
+}
+
+// DeletedAtLT applies the LT predicate on the "deleted_at" field.
+func DeletedAtLT(v time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldLT(FieldDeletedAt, v))
+}
+
+// DeletedAtLTE applies the LTE predicate on the "deleted_at" field.
+func DeletedAtLTE(v time.Time) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldLTE(FieldDeletedAt, v))
+}
+
+// DeletedAtIsNil applies the IsNil predicate on the "deleted_at" field.
+func DeletedAtIsNil() predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldIsNull(FieldDeletedAt))
+}
+
+// DeletedAtNotNil applies the NotNil predicate on the "deleted_at" field.
+func DeletedAtNotNil() predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldNotNull(FieldDeletedAt))
+}
+
+// KeyEQ applies the EQ predicate on the "key" field.
+func KeyEQ(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldKey, v))
+}
+
+// KeyNEQ applies the NEQ predicate on the "key" field.
+func KeyNEQ(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldNEQ(FieldKey, v))
+}
+
+// KeyIn applies the In predicate on the "key" field.
+func KeyIn(vs ...string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldIn(FieldKey, vs...))
+}
+
+// KeyNotIn applies the NotIn predicate on the "key" field.
+func KeyNotIn(vs ...string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldNotIn(FieldKey, vs...))
+}
+
+// KeyGT applies the GT predicate on the "key" field.
+func KeyGT(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldGT(FieldKey, v))
+}
+
+// KeyGTE applies the GTE predicate on the "key" field.
+func KeyGTE(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldGTE(FieldKey, v))
+}
+
+// KeyLT applies the LT predicate on the "key" field.
+func KeyLT(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldLT(FieldKey, v))
+}
+
+// KeyLTE applies the LTE predicate on the "key" field.
+func KeyLTE(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldLTE(FieldKey, v))
+}
+
+// KeyContains applies the Contains predicate on the "key" field.
+func KeyContains(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldContains(FieldKey, v))
+}
+
+// KeyHasPrefix applies the HasPrefix predicate on the "key" field.
+func KeyHasPrefix(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldHasPrefix(FieldKey, v))
+}
+
+// KeyHasSuffix applies the HasSuffix predicate on the "key" field.
+func KeyHasSuffix(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldHasSuffix(FieldKey, v))
+}
+
+// KeyEqualFold applies the EqualFold predicate on the "key" field.
+func KeyEqualFold(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEqualFold(FieldKey, v))
+}
+
+// KeyContainsFold applies the ContainsFold predicate on the "key" field.
+func KeyContainsFold(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldContainsFold(FieldKey, v))
+}
+
+// NameEQ applies the EQ predicate on the "name" field.
+func NameEQ(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldName, v))
+}
+
+// NameNEQ applies the NEQ predicate on the "name" field.
+func NameNEQ(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldNEQ(FieldName, v))
+}
+
+// NameIn applies the In predicate on the "name" field.
+func NameIn(vs ...string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldIn(FieldName, vs...))
+}
+
+// NameNotIn applies the NotIn predicate on the "name" field.
+func NameNotIn(vs ...string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldNotIn(FieldName, vs...))
+}
+
+// NameGT applies the GT predicate on the "name" field.
+func NameGT(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldGT(FieldName, v))
+}
+
+// NameGTE applies the GTE predicate on the "name" field.
+func NameGTE(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldGTE(FieldName, v))
+}
+
+// NameLT applies the LT predicate on the "name" field.
+func NameLT(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldLT(FieldName, v))
+}
+
+// NameLTE applies the LTE predicate on the "name" field.
+func NameLTE(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldLTE(FieldName, v))
+}
+
+// NameContains applies the Contains predicate on the "name" field.
+func NameContains(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldContains(FieldName, v))
+}
+
+// NameHasPrefix applies the HasPrefix predicate on the "name" field.
+func NameHasPrefix(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldHasPrefix(FieldName, v))
+}
+
+// NameHasSuffix applies the HasSuffix predicate on the "name" field.
+func NameHasSuffix(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldHasSuffix(FieldName, v))
+}
+
+// NameEqualFold applies the EqualFold predicate on the "name" field.
+func NameEqualFold(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEqualFold(FieldName, v))
+}
+
+// NameContainsFold applies the ContainsFold predicate on the "name" field.
+func NameContainsFold(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldContainsFold(FieldName, v))
+}
+
+// DescriptionEQ applies the EQ predicate on the "description" field.
+func DescriptionEQ(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldDescription, v))
+}
+
+// DescriptionNEQ applies the NEQ predicate on the "description" field.
+func DescriptionNEQ(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldNEQ(FieldDescription, v))
+}
+
+// DescriptionIn applies the In predicate on the "description" field.
+func DescriptionIn(vs ...string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldIn(FieldDescription, vs...))
+}
+
+// DescriptionNotIn applies the NotIn predicate on the "description" field.
+func DescriptionNotIn(vs ...string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldNotIn(FieldDescription, vs...))
+}
+
+// DescriptionGT applies the GT predicate on the "description" field.
+func DescriptionGT(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldGT(FieldDescription, v))
+}
+
+// DescriptionGTE applies the GTE predicate on the "description" field.
+func DescriptionGTE(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldGTE(FieldDescription, v))
+}
+
+// DescriptionLT applies the LT predicate on the "description" field.
+func DescriptionLT(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldLT(FieldDescription, v))
+}
+
+// DescriptionLTE applies the LTE predicate on the "description" field.
+func DescriptionLTE(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldLTE(FieldDescription, v))
+}
+
+// DescriptionContains applies the Contains predicate on the "description" field.
+func DescriptionContains(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldContains(FieldDescription, v))
+}
+
+// DescriptionHasPrefix applies the HasPrefix predicate on the "description" field.
+func DescriptionHasPrefix(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldHasPrefix(FieldDescription, v))
+}
+
+// DescriptionHasSuffix applies the HasSuffix predicate on the "description" field.
+func DescriptionHasSuffix(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldHasSuffix(FieldDescription, v))
+}
+
+// DescriptionEqualFold applies the EqualFold predicate on the "description" field.
+func DescriptionEqualFold(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEqualFold(FieldDescription, v))
+}
+
+// DescriptionContainsFold applies the ContainsFold predicate on the "description" field.
+func DescriptionContainsFold(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldContainsFold(FieldDescription, v))
+}
+
+// TypeEQ applies the EQ predicate on the "type" field.
+func TypeEQ(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldType, v))
+}
+
+// TypeNEQ applies the NEQ predicate on the "type" field.
+func TypeNEQ(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldNEQ(FieldType, v))
+}
+
+// TypeIn applies the In predicate on the "type" field.
+func TypeIn(vs ...string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldIn(FieldType, vs...))
+}
+
+// TypeNotIn applies the NotIn predicate on the "type" field.
+func TypeNotIn(vs ...string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldNotIn(FieldType, vs...))
+}
+
+// TypeGT applies the GT predicate on the "type" field.
+func TypeGT(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldGT(FieldType, v))
+}
+
+// TypeGTE applies the GTE predicate on the "type" field.
+func TypeGTE(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldGTE(FieldType, v))
+}
+
+// TypeLT applies the LT predicate on the "type" field.
+func TypeLT(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldLT(FieldType, v))
+}
+
+// TypeLTE applies the LTE predicate on the "type" field.
+func TypeLTE(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldLTE(FieldType, v))
+}
+
+// TypeContains applies the Contains predicate on the "type" field.
+func TypeContains(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldContains(FieldType, v))
+}
+
+// TypeHasPrefix applies the HasPrefix predicate on the "type" field.
+func TypeHasPrefix(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldHasPrefix(FieldType, v))
+}
+
+// TypeHasSuffix applies the HasSuffix predicate on the "type" field.
+func TypeHasSuffix(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldHasSuffix(FieldType, v))
+}
+
+// TypeEqualFold applies the EqualFold predicate on the "type" field.
+func TypeEqualFold(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEqualFold(FieldType, v))
+}
+
+// TypeContainsFold applies the ContainsFold predicate on the "type" field.
+func TypeContainsFold(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldContainsFold(FieldType, v))
+}
+
+// RequiredEQ applies the EQ predicate on the "required" field.
+func RequiredEQ(v bool) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldRequired, v))
+}
+
+// RequiredNEQ applies the NEQ predicate on the "required" field.
+func RequiredNEQ(v bool) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldNEQ(FieldRequired, v))
+}
+
+// PlaceholderEQ applies the EQ predicate on the "placeholder" field.
+func PlaceholderEQ(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldPlaceholder, v))
+}
+
+// PlaceholderNEQ applies the NEQ predicate on the "placeholder" field.
+func PlaceholderNEQ(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldNEQ(FieldPlaceholder, v))
+}
+
+// PlaceholderIn applies the In predicate on the "placeholder" field.
+func PlaceholderIn(vs ...string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldIn(FieldPlaceholder, vs...))
+}
+
+// PlaceholderNotIn applies the NotIn predicate on the "placeholder" field.
+func PlaceholderNotIn(vs ...string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldNotIn(FieldPlaceholder, vs...))
+}
+
+// PlaceholderGT applies the GT predicate on the "placeholder" field.
+func PlaceholderGT(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldGT(FieldPlaceholder, v))
+}
+
+// PlaceholderGTE applies the GTE predicate on the "placeholder" field.
+func PlaceholderGTE(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldGTE(FieldPlaceholder, v))
+}
+
+// PlaceholderLT applies the LT predicate on the "placeholder" field.
+func PlaceholderLT(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldLT(FieldPlaceholder, v))
+}
+
+// PlaceholderLTE applies the LTE predicate on the "placeholder" field.
+func PlaceholderLTE(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldLTE(FieldPlaceholder, v))
+}
+
+// PlaceholderContains applies the Contains predicate on the "placeholder" field.
+func PlaceholderContains(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldContains(FieldPlaceholder, v))
+}
+
+// PlaceholderHasPrefix applies the HasPrefix predicate on the "placeholder" field.
+func PlaceholderHasPrefix(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldHasPrefix(FieldPlaceholder, v))
+}
+
+// PlaceholderHasSuffix applies the HasSuffix predicate on the "placeholder" field.
+func PlaceholderHasSuffix(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldHasSuffix(FieldPlaceholder, v))
+}
+
+// PlaceholderEqualFold applies the EqualFold predicate on the "placeholder" field.
+func PlaceholderEqualFold(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEqualFold(FieldPlaceholder, v))
+}
+
+// PlaceholderContainsFold applies the ContainsFold predicate on the "placeholder" field.
+func PlaceholderContainsFold(v string) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldContainsFold(FieldPlaceholder, v))
+}
+
+// DisplayOrderEQ applies the EQ predicate on the "display_order" field.
+func DisplayOrderEQ(v int) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldDisplayOrder, v))
+}
+
+// DisplayOrderNEQ applies the NEQ predicate on the "display_order" field.
+func DisplayOrderNEQ(v int) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldNEQ(FieldDisplayOrder, v))
+}
+
+// DisplayOrderIn applies the In predicate on the "display_order" field.
+func DisplayOrderIn(vs ...int) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldIn(FieldDisplayOrder, vs...))
+}
+
+// DisplayOrderNotIn applies the NotIn predicate on the "display_order" field.
+func DisplayOrderNotIn(vs ...int) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldNotIn(FieldDisplayOrder, vs...))
+}
+
+// DisplayOrderGT applies the GT predicate on the "display_order" field.
+func DisplayOrderGT(v int) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldGT(FieldDisplayOrder, v))
+}
+
+// DisplayOrderGTE applies the GTE predicate on the "display_order" field.
+func DisplayOrderGTE(v int) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldGTE(FieldDisplayOrder, v))
+}
+
+// DisplayOrderLT applies the LT predicate on the "display_order" field.
+func DisplayOrderLT(v int) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldLT(FieldDisplayOrder, v))
+}
+
+// DisplayOrderLTE applies the LTE predicate on the "display_order" field.
+func DisplayOrderLTE(v int) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldLTE(FieldDisplayOrder, v))
+}
+
+// EnabledEQ applies the EQ predicate on the "enabled" field.
+func EnabledEQ(v bool) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldEQ(FieldEnabled, v))
+}
+
+// EnabledNEQ applies the NEQ predicate on the "enabled" field.
+func EnabledNEQ(v bool) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.FieldNEQ(FieldEnabled, v))
+}
+
+// HasValues applies the HasEdge predicate on the "values" edge.
+func HasValues() predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(func(s *sql.Selector) {
+		step := sqlgraph.NewStep(
+			sqlgraph.From(Table, FieldID),
+			sqlgraph.Edge(sqlgraph.O2M, false, ValuesTable, ValuesColumn),
+		)
+		sqlgraph.HasNeighbors(s, step)
+	})
+}
+
+// HasValuesWith applies the HasEdge predicate on the "values" edge with a given conditions (other predicates).
+func HasValuesWith(preds ...predicate.UserAttributeValue) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(func(s *sql.Selector) {
+		step := newValuesStep()
+		sqlgraph.HasNeighborsWith(s, step, func(s *sql.Selector) {
+			for _, p := range preds {
+				p(s)
+			}
+		})
+	})
+}
+
+// And groups predicates with the AND operator between them.
+func And(predicates ...predicate.UserAttributeDefinition) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.AndPredicates(predicates...))
+}
+
+// Or groups predicates with the OR operator between them.
+func Or(predicates ...predicate.UserAttributeDefinition) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.OrPredicates(predicates...))
+}
+
+// Not applies the not operator on the given predicate.
+func Not(p predicate.UserAttributeDefinition) predicate.UserAttributeDefinition {
+	return predicate.UserAttributeDefinition(sql.NotPredicates(p))
+}
--- a/backend/ent/userattributedefinition_create.go
+++ b/backend/ent/userattributedefinition_create.go
--- a/backend/ent/userattributedefinition_delete.go
+++ b/backend/ent/userattributedefinition_delete.go
@@ -0,0 +1,88 @@
+// Code generated by ent, DO NOT EDIT.
+
+package ent
+
+import (
+	"context"
+
+	"entgo.io/ent/dialect/sql"
+	"entgo.io/ent/dialect/sql/sqlgraph"
+	"entgo.io/ent/schema/field"
+	"github.com/Wei-Shaw/sub2api/ent/predicate"
+	"github.com/Wei-Shaw/sub2api/ent/userattributedefinition"
+)
+
+// UserAttributeDefinitionDelete is the builder for deleting a UserAttributeDefinition entity.
+type UserAttributeDefinitionDelete struct {
+	config
+	hooks    []Hook
+	mutation *UserAttributeDefinitionMutation
+}
+
+// Where appends a list predicates to the UserAttributeDefinitionDelete builder.
+func (_d *UserAttributeDefinitionDelete) Where(ps ...predicate.UserAttributeDefinition) *UserAttributeDefinitionDelete {
+	_d.mutation.Where(ps...)
+	return _d
+}
+
+// Exec executes the deletion query and returns how many vertices were deleted.
+func (_d *UserAttributeDefinitionDelete) Exec(ctx context.Context) (int, error) {
+	return withHooks(ctx, _d.sqlExec, _d.mutation, _d.hooks)
+}
+
+// ExecX is like Exec, but panics if an error occurs.
+func (_d *UserAttributeDefinitionDelete) ExecX(ctx context.Context) int {
+	n, err := _d.Exec(ctx)
+	if err != nil {
+		panic(err)
+	}
+	return n
+}
+
+func (_d *UserAttributeDefinitionDelete) sqlExec(ctx context.Context) (int, error) {
+	_spec := sqlgraph.NewDeleteSpec(userattributedefinition.Table, sqlgraph.NewFieldSpec(userattributedefinition.FieldID, field.TypeInt64))
+	if ps := _d.mutation.predicates; len(ps) > 0 {
+		_spec.Predicate = func(selector *sql.Selector) {
+			for i := range ps {
+				ps[i](selector)
+			}
+		}
+	}
+	affected, err := sqlgraph.DeleteNodes(ctx, _d.driver, _spec)
+	if err != nil && sqlgraph.IsConstraintError(err) {
+		err = &ConstraintError{msg: err.Error(), wrap: err}
+	}
+	_d.mutation.done = true
+	return affected, err
+}
+
+// UserAttributeDefinitionDeleteOne is the builder for deleting a single UserAttributeDefinition entity.
+type UserAttributeDefinitionDeleteOne struct {
+	_d *UserAttributeDefinitionDelete
+}
+
+// Where appends a list predicates to the UserAttributeDefinitionDelete builder.
+func (_d *UserAttributeDefinitionDeleteOne) Where(ps ...predicate.UserAttributeDefinition) *UserAttributeDefinitionDeleteOne {
+	_d._d.mutation.Where(ps...)
+	return _d
+}
+
+// Exec executes the deletion query.
+func (_d *UserAttributeDefinitionDeleteOne) Exec(ctx context.Context) error {
+	n, err := _d._d.Exec(ctx)
+	switch {
+	case err != nil:
+		return err
+	case n == 0:
+		return &NotFoundError{userattributedefinition.Label}
+	default:
+		return nil
+	}
+}
+
+// ExecX is like Exec, but panics if an error occurs.
+func (_d *UserAttributeDefinitionDeleteOne) ExecX(ctx context.Context) {
+	if err := _d.Exec(ctx); err != nil {
+		panic(err)
+	}
+}
--- a/backend/ent/userattributedefinition_query.go
+++ b/backend/ent/userattributedefinition_query.go
@@ -0,0 +1,606 @@
+// Code generated by ent, DO NOT EDIT.
+
+package ent
+
+import (
+	"context"
+	"database/sql/driver"
+	"fmt"
+	"math"
+
+	"entgo.io/ent"
+	"entgo.io/ent/dialect/sql"
+	"entgo.io/ent/dialect/sql/sqlgraph"
+	"entgo.io/ent/schema/field"
+	"github.com/Wei-Shaw/sub2api/ent/predicate"
+	"github.com/Wei-Shaw/sub2api/ent/userattributedefinition"
+	"github.com/Wei-Shaw/sub2api/ent/userattributevalue"
+)
+
+// UserAttributeDefinitionQuery is the builder for querying UserAttributeDefinition entities.
+type UserAttributeDefinitionQuery struct {
+	config
+	ctx        *QueryContext
+	order      []userattributedefinition.OrderOption
+	inters     []Interceptor
+	predicates []predicate.UserAttributeDefinition
+	withValues *UserAttributeValueQuery
+	// intermediate query (i.e. traversal path).
+	sql  *sql.Selector
+	path func(context.Context) (*sql.Selector, error)
+}
+
+// Where adds a new predicate for the UserAttributeDefinitionQuery builder.
+func (_q *UserAttributeDefinitionQuery) Where(ps ...predicate.UserAttributeDefinition) *UserAttributeDefinitionQuery {
+	_q.predicates = append(_q.predicates, ps...)
+	return _q
+}
+
+// Limit the number of records to be returned by this query.
+func (_q *UserAttributeDefinitionQuery) Limit(limit int) *UserAttributeDefinitionQuery {
+	_q.ctx.Limit = &limit
+	return _q
+}
+
+// Offset to start from.
+func (_q *UserAttributeDefinitionQuery) Offset(offset int) *UserAttributeDefinitionQuery {
+	_q.ctx.Offset = &offset
+	return _q
+}
+
+// Unique configures the query builder to filter duplicate records on query.
+// By default, unique is set to true, and can be disabled using this method.
+func (_q *UserAttributeDefinitionQuery) Unique(unique bool) *UserAttributeDefinitionQuery {
+	_q.ctx.Unique = &unique
+	return _q
+}
+
+// Order specifies how the records should be ordered.
+func (_q *UserAttributeDefinitionQuery) Order(o ...userattributedefinition.OrderOption) *UserAttributeDefinitionQuery {
+	_q.order = append(_q.order, o...)
+	return _q
+}
+
+// QueryValues chains the current query on the "values" edge.
+func (_q *UserAttributeDefinitionQuery) QueryValues() *UserAttributeValueQuery {
+	query := (&UserAttributeValueClient{config: _q.config}).Query()
+	query.path = func(ctx context.Context) (fromU *sql.Selector, err error) {
+		if err := _q.prepareQuery(ctx); err != nil {
+			return nil, err
+		}
+		selector := _q.sqlQuery(ctx)
+		if err := selector.Err(); err != nil {
+			return nil, err
+		}
+		step := sqlgraph.NewStep(
+			sqlgraph.From(userattributedefinition.Table, userattributedefinition.FieldID, selector),
+			sqlgraph.To(userattributevalue.Table, userattributevalue.FieldID),
+			sqlgraph.Edge(sqlgraph.O2M, false, userattributedefinition.ValuesTable, userattributedefinition.ValuesColumn),
+		)
+		fromU = sqlgraph.SetNeighbors(_q.driver.Dialect(), step)
+		return fromU, nil
+	}
+	return query
+}
+
+// First returns the first UserAttributeDefinition entity from the query.
+// Returns a *NotFoundError when no UserAttributeDefinition was found.
+func (_q *UserAttributeDefinitionQuery) First(ctx context.Context) (*UserAttributeDefinition, error) {
+	nodes, err := _q.Limit(1).All(setContextOp(ctx, _q.ctx, ent.OpQueryFirst))
+	if err != nil {
+		return nil, err
+	}
+	if len(nodes) == 0 {
+		return nil, &NotFoundError{userattributedefinition.Label}
+	}
+	return nodes[0], nil
+}
+
+// FirstX is like First, but panics if an error occurs.
+func (_q *UserAttributeDefinitionQuery) FirstX(ctx context.Context) *UserAttributeDefinition {
+	node, err := _q.First(ctx)
+	if err != nil && !IsNotFound(err) {
+		panic(err)
+	}
+	return node
+}
+
+// FirstID returns the first UserAttributeDefinition ID from the query.
+// Returns a *NotFoundError when no UserAttributeDefinition ID was found.
+func (_q *UserAttributeDefinitionQuery) FirstID(ctx context.Context) (id int64, err error) {
+	var ids []int64
+	if ids, err = _q.Limit(1).IDs(setContextOp(ctx, _q.ctx, ent.OpQueryFirstID)); err != nil {
+		return
+	}
+	if len(ids) == 0 {
+		err = &NotFoundError{userattributedefinition.Label}
+		return
+	}
+	return ids[0], nil
+}
+
+// FirstIDX is like FirstID, but panics if an error occurs.
+func (_q *UserAttributeDefinitionQuery) FirstIDX(ctx context.Context) int64 {
+	id, err := _q.FirstID(ctx)
+	if err != nil && !IsNotFound(err) {
+		panic(err)
+	}
+	return id
+}
+
+// Only returns a single UserAttributeDefinition entity found by the query, ensuring it only returns one.
+// Returns a *NotSingularError when more than one UserAttributeDefinition entity is found.
+// Returns a *NotFoundError when no UserAttributeDefinition entities are found.
+func (_q *UserAttributeDefinitionQuery) Only(ctx context.Context) (*UserAttributeDefinition, error) {
+	nodes, err := _q.Limit(2).All(setContextOp(ctx, _q.ctx, ent.OpQueryOnly))
+	if err != nil {
+		return nil, err
+	}
+	switch len(nodes) {
+	case 1:
+		return nodes[0], nil
+	case 0:
+		return nil, &NotFoundError{userattributedefinition.Label}
+	default:
+		return nil, &NotSingularError{userattributedefinition.Label}
+	}
+}
+
+// OnlyX is like Only, but panics if an error occurs.
+func (_q *UserAttributeDefinitionQuery) OnlyX(ctx context.Context) *UserAttributeDefinition {
+	node, err := _q.Only(ctx)
+	if err != nil {
+		panic(err)
+	}
+	return node
+}
+
+// OnlyID is like Only, but returns the only UserAttributeDefinition ID in the query.
+// Returns a *NotSingularError when more than one UserAttributeDefinition ID is found.
+// Returns a *NotFoundError when no entities are found.
+func (_q *UserAttributeDefinitionQuery) OnlyID(ctx context.Context) (id int64, err error) {
+	var ids []int64
+	if ids, err = _q.Limit(2).IDs(setContextOp(ctx, _q.ctx, ent.OpQueryOnlyID)); err != nil {
+		return
+	}
+	switch len(ids) {
+	case 1:
+		id = ids[0]
+	case 0:
+		err = &NotFoundError{userattributedefinition.Label}
+	default:
+		err = &NotSingularError{userattributedefinition.Label}
+	}
+	return
+}
+
+// OnlyIDX is like OnlyID, but panics if an error occurs.
+func (_q *UserAttributeDefinitionQuery) OnlyIDX(ctx context.Context) int64 {
+	id, err := _q.OnlyID(ctx)
+	if err != nil {
+		panic(err)
+	}
+	return id
+}
+
+// All executes the query and returns a list of UserAttributeDefinitions.
+func (_q *UserAttributeDefinitionQuery) All(ctx context.Context) ([]*UserAttributeDefinition, error) {
+	ctx = setContextOp(ctx, _q.ctx, ent.OpQueryAll)
+	if err := _q.prepareQuery(ctx); err != nil {
+		return nil, err
+	}
+	qr := querierAll[[]*UserAttributeDefinition, *UserAttributeDefinitionQuery]()
+	return withInterceptors[[]*UserAttributeDefinition](ctx, _q, qr, _q.inters)
+}
+
+// AllX is like All, but panics if an error occurs.
+func (_q *UserAttributeDefinitionQuery) AllX(ctx context.Context) []*UserAttributeDefinition {
+	nodes, err := _q.All(ctx)
+	if err != nil {
+		panic(err)
+	}
+	return nodes
+}
+
+// IDs executes the query and returns a list of UserAttributeDefinition IDs.
+func (_q *UserAttributeDefinitionQuery) IDs(ctx context.Context) (ids []int64, err error) {
+	if _q.ctx.Unique == nil && _q.path != nil {
+		_q.Unique(true)
+	}
+	ctx = setContextOp(ctx, _q.ctx, ent.OpQueryIDs)
+	if err = _q.Select(userattributedefinition.FieldID).Scan(ctx, &ids); err != nil {
+		return nil, err
+	}
+	return ids, nil
+}
+
+// IDsX is like IDs, but panics if an error occurs.
+func (_q *UserAttributeDefinitionQuery) IDsX(ctx context.Context) []int64 {
+	ids, err := _q.IDs(ctx)
+	if err != nil {
+		panic(err)
+	}
+	return ids
+}
+
+// Count returns the count of the given query.
+func (_q *UserAttributeDefinitionQuery) Count(ctx context.Context) (int, error) {
+	ctx = setContextOp(ctx, _q.ctx, ent.OpQueryCount)
+	if err := _q.prepareQuery(ctx); err != nil {
+		return 0, err
+	}
+	return withInterceptors[int](ctx, _q, querierCount[*UserAttributeDefinitionQuery](), _q.inters)
+}
+
+// CountX is like Count, but panics if an error occurs.
+func (_q *UserAttributeDefinitionQuery) CountX(ctx context.Context) int {
+	count, err := _q.Count(ctx)
+	if err != nil {
+		panic(err)
+	}
+	return count
+}
+
+// Exist returns true if the query has elements in the graph.
+func (_q *UserAttributeDefinitionQuery) Exist(ctx context.Context) (bool, error) {
+	ctx = setContextOp(ctx, _q.ctx, ent.OpQueryExist)
+	switch _, err := _q.FirstID(ctx); {
+	case IsNotFound(err):
+		return false, nil
+	case err != nil:
+		return false, fmt.Errorf("ent: check existence: %w", err)
+	default:
+		return true, nil
+	}
+}
+
+// ExistX is like Exist, but panics if an error occurs.
+func (_q *UserAttributeDefinitionQuery) ExistX(ctx context.Context) bool {
+	exist, err := _q.Exist(ctx)
+	if err != nil {
+		panic(err)
+	}
+	return exist
+}
+
+// Clone returns a duplicate of the UserAttributeDefinitionQuery builder, including all associated steps. It can be
+// used to prepare common query builders and use them differently after the clone is made.
+func (_q *UserAttributeDefinitionQuery) Clone() *UserAttributeDefinitionQuery {
+	if _q == nil {
+		return nil
+	}
+	return &UserAttributeDefinitionQuery{
+		config:     _q.config,
+		ctx:        _q.ctx.Clone(),
+		order:      append([]userattributedefinition.OrderOption{}, _q.order...),
+		inters:     append([]Interceptor{}, _q.inters...),
+		predicates: append([]predicate.UserAttributeDefinition{}, _q.predicates...),
+		withValues: _q.withValues.Clone(),
+		// clone intermediate query.
+		sql:  _q.sql.Clone(),
+		path: _q.path,
+	}
+}
+
+// WithValues tells the query-builder to eager-load the nodes that are connected to
+// the "values" edge. The optional arguments are used to configure the query builder of the edge.
+func (_q *UserAttributeDefinitionQuery) WithValues(opts ...func(*UserAttributeValueQuery)) *UserAttributeDefinitionQuery {
+	query := (&UserAttributeValueClient{config: _q.config}).Query()
+	for _, opt := range opts {
+		opt(query)
+	}
+	_q.withValues = query
+	return _q
+}
+
+// GroupBy is used to group vertices by one or more fields/columns.
+// It is often used with aggregate functions, like: count, max, mean, min, sum.
+//
+// Example:
+//
+//	var v []struct {
+//		CreatedAt time.Time `json:"created_at,omitempty"`
+//		Count int `json:"count,omitempty"`
+//	}
+//
+//	client.UserAttributeDefinition.Query().
+//		GroupBy(userattributedefinition.FieldCreatedAt).
+//		Aggregate(ent.Count()).
+//		Scan(ctx, &v)
+func (_q *UserAttributeDefinitionQuery) GroupBy(field string, fields ...string) *UserAttributeDefinitionGroupBy {
+	_q.ctx.Fields = append([]string{field}, fields...)
+	grbuild := &UserAttributeDefinitionGroupBy{build: _q}
+	grbuild.flds = &_q.ctx.Fields
+	grbuild.label = userattributedefinition.Label
+	grbuild.scan = grbuild.Scan
+	return grbuild
+}
+
+// Select allows the selection one or more fields/columns for the given query,
+// instead of selecting all fields in the entity.
+//
+// Example:
+//
+//	var v []struct {
+//		CreatedAt time.Time `json:"created_at,omitempty"`
+//	}
+//
+//	client.UserAttributeDefinition.Query().
+//		Select(userattributedefinition.FieldCreatedAt).
+//		Scan(ctx, &v)
+func (_q *UserAttributeDefinitionQuery) Select(fields ...string) *UserAttributeDefinitionSelect {
+	_q.ctx.Fields = append(_q.ctx.Fields, fields...)
+	sbuild := &UserAttributeDefinitionSelect{UserAttributeDefinitionQuery: _q}
+	sbuild.label = userattributedefinition.Label
+	sbuild.flds, sbuild.scan = &_q.ctx.Fields, sbuild.Scan
+	return sbuild
+}
+
+// Aggregate returns a UserAttributeDefinitionSelect configured with the given aggregations.
+func (_q *UserAttributeDefinitionQuery) Aggregate(fns ...AggregateFunc) *UserAttributeDefinitionSelect {
+	return _q.Select().Aggregate(fns...)
+}
+
+func (_q *UserAttributeDefinitionQuery) prepareQuery(ctx context.Context) error {
+	for _, inter := range _q.inters {
+		if inter == nil {
+			return fmt.Errorf("ent: uninitialized interceptor (forgotten import ent/runtime?)")
+		}
+		if trv, ok := inter.(Traverser); ok {
+			if err := trv.Traverse(ctx, _q); err != nil {
+				return err
+			}
+		}
+	}
+	for _, f := range _q.ctx.Fields {
+		if !userattributedefinition.ValidColumn(f) {
+			return &ValidationError{Name: f, err: fmt.Errorf("ent: invalid field %q for query", f)}
+		}
+	}
+	if _q.path != nil {
+		prev, err := _q.path(ctx)
+		if err != nil {
+			return err
+		}
+		_q.sql = prev
+	}
+	return nil
+}
+
+func (_q *UserAttributeDefinitionQuery) sqlAll(ctx context.Context, hooks ...queryHook) ([]*UserAttributeDefinition, error) {
+	var (
+		nodes       = []*UserAttributeDefinition{}
+		_spec       = _q.querySpec()
+		loadedTypes = [1]bool{
+			_q.withValues != nil,
+		}
+	)
+	_spec.ScanValues = func(columns []string) ([]any, error) {
+		return (*UserAttributeDefinition).scanValues(nil, columns)
+	}
+	_spec.Assign = func(columns []string, values []any) error {
+		node := &UserAttributeDefinition{config: _q.config}
+		nodes = append(nodes, node)
+		node.Edges.loadedTypes = loadedTypes
+		return node.assignValues(columns, values)
+	}
+	for i := range hooks {
+		hooks[i](ctx, _spec)
+	}
+	if err := sqlgraph.QueryNodes(ctx, _q.driver, _spec); err != nil {
+		return nil, err
+	}
+	if len(nodes) == 0 {
+		return nodes, nil
+	}
+	if query := _q.withValues; query != nil {
+		if err := _q.loadValues(ctx, query, nodes,
+			func(n *UserAttributeDefinition) { n.Edges.Values = []*UserAttributeValue{} },
+			func(n *UserAttributeDefinition, e *UserAttributeValue) { n.Edges.Values = append(n.Edges.Values, e) }); err != nil {
+			return nil, err
+		}
+	}
+	return nodes, nil
+}
+
+func (_q *UserAttributeDefinitionQuery) loadValues(ctx context.Context, query *UserAttributeValueQuery, nodes []*UserAttributeDefinition, init func(*UserAttributeDefinition), assign func(*UserAttributeDefinition, *UserAttributeValue)) error {
+	fks := make([]driver.Value, 0, len(nodes))
+	nodeids := make(map[int64]*UserAttributeDefinition)
+	for i := range nodes {
+		fks = append(fks, nodes[i].ID)
+		nodeids[nodes[i].ID] = nodes[i]
+		if init != nil {
+			init(nodes[i])
+		}
+	}
+	if len(query.ctx.Fields) > 0 {
+		query.ctx.AppendFieldOnce(userattributevalue.FieldAttributeID)
+	}
+	query.Where(predicate.UserAttributeValue(func(s *sql.Selector) {
+		s.Where(sql.InValues(s.C(userattributedefinition.ValuesColumn), fks...))
+	}))
+	neighbors, err := query.All(ctx)
+	if err != nil {
+		return err
+	}
+	for _, n := range neighbors {
+		fk := n.AttributeID
+		node, ok := nodeids[fk]
+		if !ok {
+			return fmt.Errorf(`unexpected referenced foreign-key "attribute_id" returned %v for node %v`, fk, n.ID)
+		}
+		assign(node, n)
+	}
+	return nil
+}
+
+func (_q *UserAttributeDefinitionQuery) sqlCount(ctx context.Context) (int, error) {
+	_spec := _q.querySpec()
+	_spec.Node.Columns = _q.ctx.Fields
+	if len(_q.ctx.Fields) > 0 {
+		_spec.Unique = _q.ctx.Unique != nil && *_q.ctx.Unique
+	}
+	return sqlgraph.CountNodes(ctx, _q.driver, _spec)
+}
+
+func (_q *UserAttributeDefinitionQuery) querySpec() *sqlgraph.QuerySpec {
+	_spec := sqlgraph.NewQuerySpec(userattributedefinition.Table, userattributedefinition.Columns, sqlgraph.NewFieldSpec(userattributedefinition.FieldID, field.TypeInt64))
+	_spec.From = _q.sql
+	if unique := _q.ctx.Unique; unique != nil {
+		_spec.Unique = *unique
+	} else if _q.path != nil {
+		_spec.Unique = true
+	}
+	if fields := _q.ctx.Fields; len(fields) > 0 {
+		_spec.Node.Columns = make([]string, 0, len(fields))
+		_spec.Node.Columns = append(_spec.Node.Columns, userattributedefinition.FieldID)
+		for i := range fields {
+			if fields[i] != userattributedefinition.FieldID {
+				_spec.Node.Columns = append(_spec.Node.Columns, fields[i])
+			}
+		}
+	}
+	if ps := _q.predicates; len(ps) > 0 {
+		_spec.Predicate = func(selector *sql.Selector) {
+			for i := range ps {
+				ps[i](selector)
+			}
+		}
+	}
+	if limit := _q.ctx.Limit; limit != nil {
+		_spec.Limit = *limit
+	}
+	if offset := _q.ctx.Offset; offset != nil {
+		_spec.Offset = *offset
+	}
+	if ps := _q.order; len(ps) > 0 {
+		_spec.Order = func(selector *sql.Selector) {
+			for i := range ps {
+				ps[i](selector)
+			}
+		}
+	}
+	return _spec
+}
+
+func (_q *UserAttributeDefinitionQuery) sqlQuery(ctx context.Context) *sql.Selector {
+	builder := sql.Dialect(_q.driver.Dialect())
+	t1 := builder.Table(userattributedefinition.Table)
+	columns := _q.ctx.Fields
+	if len(columns) == 0 {
+		columns = userattributedefinition.Columns
+	}
+	selector := builder.Select(t1.Columns(columns...)...).From(t1)
+	if _q.sql != nil {
+		selector = _q.sql
+		selector.Select(selector.Columns(columns...)...)
+	}
+	if _q.ctx.Unique != nil && *_q.ctx.Unique {
+		selector.Distinct()
+	}
+	for _, p := range _q.predicates {
+		p(selector)
+	}
+	for _, p := range _q.order {
+		p(selector)
+	}
+	if offset := _q.ctx.Offset; offset != nil {
+		// limit is mandatory for offset clause. We start
+		// with default value, and override it below if needed.
+		selector.Offset(*offset).Limit(math.MaxInt32)
+	}
+	if limit := _q.ctx.Limit; limit != nil {
+		selector.Limit(*limit)
+	}
+	return selector
+}
+
+// UserAttributeDefinitionGroupBy is the group-by builder for UserAttributeDefinition entities.
+type UserAttributeDefinitionGroupBy struct {
+	selector
+	build *UserAttributeDefinitionQuery
+}
+
+// Aggregate adds the given aggregation functions to the group-by query.
+func (_g *UserAttributeDefinitionGroupBy) Aggregate(fns ...AggregateFunc) *UserAttributeDefinitionGroupBy {
+	_g.fns = append(_g.fns, fns...)
+	return _g
+}
+
+// Scan applies the selector query and scans the result into the given value.
+func (_g *UserAttributeDefinitionGroupBy) Scan(ctx context.Context, v any) error {
+	ctx = setContextOp(ctx, _g.build.ctx, ent.OpQueryGroupBy)
+	if err := _g.build.prepareQuery(ctx); err != nil {
+		return err
+	}
+	return scanWithInterceptors[*UserAttributeDefinitionQuery, *UserAttributeDefinitionGroupBy](ctx, _g.build, _g, _g.build.inters, v)
+}
+
+func (_g *UserAttributeDefinitionGroupBy) sqlScan(ctx context.Context, root *UserAttributeDefinitionQuery, v any) error {
+	selector := root.sqlQuery(ctx).Select()
+	aggregation := make([]string, 0, len(_g.fns))
+	for _, fn := range _g.fns {
+		aggregation = append(aggregation, fn(selector))
+	}
+	if len(selector.SelectedColumns()) == 0 {
+		columns := make([]string, 0, len(*_g.flds)+len(_g.fns))
+		for _, f := range *_g.flds {
+			columns = append(columns, selector.C(f))
+		}
+		columns = append(columns, aggregation...)
+		selector.Select(columns...)
+	}
+	selector.GroupBy(selector.Columns(*_g.flds...)...)
+	if err := selector.Err(); err != nil {
+		return err
+	}
+	rows := &sql.Rows{}
+	query, args := selector.Query()
+	if err := _g.build.driver.Query(ctx, query, args, rows); err != nil {
+		return err
+	}
+	defer rows.Close()
+	return sql.ScanSlice(rows, v)
+}
+
+// UserAttributeDefinitionSelect is the builder for selecting fields of UserAttributeDefinition entities.
+type UserAttributeDefinitionSelect struct {
+	*UserAttributeDefinitionQuery
+	selector
+}
+
+// Aggregate adds the given aggregation functions to the selector query.
+func (_s *UserAttributeDefinitionSelect) Aggregate(fns ...AggregateFunc) *UserAttributeDefinitionSelect {
+	_s.fns = append(_s.fns, fns...)
+	return _s
+}
+
+// Scan applies the selector query and scans the result into the given value.
+func (_s *UserAttributeDefinitionSelect) Scan(ctx context.Context, v any) error {
+	ctx = setContextOp(ctx, _s.ctx, ent.OpQuerySelect)
+	if err := _s.prepareQuery(ctx); err != nil {
+		return err
+	}
+	return scanWithInterceptors[*UserAttributeDefinitionQuery, *UserAttributeDefinitionSelect](ctx, _s.UserAttributeDefinitionQuery, _s, _s.inters, v)
+}
+
+func (_s *UserAttributeDefinitionSelect) sqlScan(ctx context.Context, root *UserAttributeDefinitionQuery, v any) error {
+	selector := root.sqlQuery(ctx)
+	aggregation := make([]string, 0, len(_s.fns))
+	for _, fn := range _s.fns {
+		aggregation = append(aggregation, fn(selector))
+	}
+	switch n := len(*_s.selector.flds); {
+	case n == 0 && len(aggregation) > 0:
+		selector.Select(aggregation...)
+	case n != 0 && len(aggregation) > 0:
+		selector.AppendSelect(aggregation...)
+	}
+	rows := &sql.Rows{}
+	query, args := selector.Query()
+	if err := _s.driver.Query(ctx, query, args, rows); err != nil {
+		return err
+	}
+	defer rows.Close()
+	return sql.ScanSlice(rows, v)
+}
--- a/backend/ent/userattributedefinition_update.go
+++ b/backend/ent/userattributedefinition_update.go
@@ -0,0 +1,846 @@
+// Code generated by ent, DO NOT EDIT.
+
+package ent
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"time"
+
+	"entgo.io/ent/dialect/sql"
+	"entgo.io/ent/dialect/sql/sqlgraph"
+	"entgo.io/ent/dialect/sql/sqljson"
+	"entgo.io/ent/schema/field"
+	"github.com/Wei-Shaw/sub2api/ent/predicate"
+	"github.com/Wei-Shaw/sub2api/ent/userattributedefinition"
+	"github.com/Wei-Shaw/sub2api/ent/userattributevalue"
+)
+
+// UserAttributeDefinitionUpdate is the builder for updating UserAttributeDefinition entities.
+type UserAttributeDefinitionUpdate struct {
+	config
+	hooks    []Hook
+	mutation *UserAttributeDefinitionMutation
+}
+
+// Where appends a list predicates to the UserAttributeDefinitionUpdate builder.
+func (_u *UserAttributeDefinitionUpdate) Where(ps ...predicate.UserAttributeDefinition) *UserAttributeDefinitionUpdate {
+	_u.mutation.Where(ps...)
+	return _u
+}
+
+// SetUpdatedAt sets the "updated_at" field.
+func (_u *UserAttributeDefinitionUpdate) SetUpdatedAt(v time.Time) *UserAttributeDefinitionUpdate {
+	_u.mutation.SetUpdatedAt(v)
+	return _u
+}
+
+// SetDeletedAt sets the "deleted_at" field.
+func (_u *UserAttributeDefinitionUpdate) SetDeletedAt(v time.Time) *UserAttributeDefinitionUpdate {
+	_u.mutation.SetDeletedAt(v)
+	return _u
+}
+
+// SetNillableDeletedAt sets the "deleted_at" field if the given value is not nil.
+func (_u *UserAttributeDefinitionUpdate) SetNillableDeletedAt(v *time.Time) *UserAttributeDefinitionUpdate {
+	if v != nil {
+		_u.SetDeletedAt(*v)
+	}
+	return _u
+}
+
+// ClearDeletedAt clears the value of the "deleted_at" field.
+func (_u *UserAttributeDefinitionUpdate) ClearDeletedAt() *UserAttributeDefinitionUpdate {
+	_u.mutation.ClearDeletedAt()
+	return _u
+}
+
+// SetKey sets the "key" field.
+func (_u *UserAttributeDefinitionUpdate) SetKey(v string) *UserAttributeDefinitionUpdate {
+	_u.mutation.SetKey(v)
+	return _u
+}
+
+// SetNillableKey sets the "key" field if the given value is not nil.
+func (_u *UserAttributeDefinitionUpdate) SetNillableKey(v *string) *UserAttributeDefinitionUpdate {
+	if v != nil {
+		_u.SetKey(*v)
+	}
+	return _u
+}
+
+// SetName sets the "name" field.
+func (_u *UserAttributeDefinitionUpdate) SetName(v string) *UserAttributeDefinitionUpdate {
+	_u.mutation.SetName(v)
+	return _u
+}
+
+// SetNillableName sets the "name" field if the given value is not nil.
+func (_u *UserAttributeDefinitionUpdate) SetNillableName(v *string) *UserAttributeDefinitionUpdate {
+	if v != nil {
+		_u.SetName(*v)
+	}
+	return _u
+}
+
+// SetDescription sets the "description" field.
+func (_u *UserAttributeDefinitionUpdate) SetDescription(v string) *UserAttributeDefinitionUpdate {
+	_u.mutation.SetDescription(v)
+	return _u
+}
+
+// SetNillableDescription sets the "description" field if the given value is not nil.
+func (_u *UserAttributeDefinitionUpdate) SetNillableDescription(v *string) *UserAttributeDefinitionUpdate {
+	if v != nil {
+		_u.SetDescription(*v)
+	}
+	return _u
+}
+
+// SetType sets the "type" field.
+func (_u *UserAttributeDefinitionUpdate) SetType(v string) *UserAttributeDefinitionUpdate {
+	_u.mutation.SetType(v)
+	return _u
+}
+
+// SetNillableType sets the "type" field if the given value is not nil.
+func (_u *UserAttributeDefinitionUpdate) SetNillableType(v *string) *UserAttributeDefinitionUpdate {
+	if v != nil {
+		_u.SetType(*v)
+	}
+	return _u
+}
+
+// SetOptions sets the "options" field.
+func (_u *UserAttributeDefinitionUpdate) SetOptions(v []map[string]interface{}) *UserAttributeDefinitionUpdate {
+	_u.mutation.SetOptions(v)
+	return _u
+}
+
+// AppendOptions appends value to the "options" field.
+func (_u *UserAttributeDefinitionUpdate) AppendOptions(v []map[string]interface{}) *UserAttributeDefinitionUpdate {
+	_u.mutation.AppendOptions(v)
+	return _u
+}
+
+// SetRequired sets the "required" field.
+func (_u *UserAttributeDefinitionUpdate) SetRequired(v bool) *UserAttributeDefinitionUpdate {
+	_u.mutation.SetRequired(v)
+	return _u
+}
+
+// SetNillableRequired sets the "required" field if the given value is not nil.
+func (_u *UserAttributeDefinitionUpdate) SetNillableRequired(v *bool) *UserAttributeDefinitionUpdate {
+	if v != nil {
+		_u.SetRequired(*v)
+	}
+	return _u
+}
+
+// SetValidation sets the "validation" field.
+func (_u *UserAttributeDefinitionUpdate) SetValidation(v map[string]interface{}) *UserAttributeDefinitionUpdate {
+	_u.mutation.SetValidation(v)
+	return _u
+}
+
+// SetPlaceholder sets the "placeholder" field.
+func (_u *UserAttributeDefinitionUpdate) SetPlaceholder(v string) *UserAttributeDefinitionUpdate {
+	_u.mutation.SetPlaceholder(v)
+	return _u
+}
+
+// SetNillablePlaceholder sets the "placeholder" field if the given value is not nil.
+func (_u *UserAttributeDefinitionUpdate) SetNillablePlaceholder(v *string) *UserAttributeDefinitionUpdate {
+	if v != nil {
+		_u.SetPlaceholder(*v)
+	}
+	return _u
+}
+
+// SetDisplayOrder sets the "display_order" field.
+func (_u *UserAttributeDefinitionUpdate) SetDisplayOrder(v int) *UserAttributeDefinitionUpdate {
+	_u.mutation.ResetDisplayOrder()
+	_u.mutation.SetDisplayOrder(v)
+	return _u
+}
+
+// SetNillableDisplayOrder sets the "display_order" field if the given value is not nil.
+func (_u *UserAttributeDefinitionUpdate) SetNillableDisplayOrder(v *int) *UserAttributeDefinitionUpdate {
+	if v != nil {
+		_u.SetDisplayOrder(*v)
+	}
+	return _u
+}
+
+// AddDisplayOrder adds value to the "display_order" field.
+func (_u *UserAttributeDefinitionUpdate) AddDisplayOrder(v int) *UserAttributeDefinitionUpdate {
+	_u.mutation.AddDisplayOrder(v)
+	return _u
+}
+
+// SetEnabled sets the "enabled" field.
+func (_u *UserAttributeDefinitionUpdate) SetEnabled(v bool) *UserAttributeDefinitionUpdate {
+	_u.mutation.SetEnabled(v)
+	return _u
+}
+
+// SetNillableEnabled sets the "enabled" field if the given value is not nil.
+func (_u *UserAttributeDefinitionUpdate) SetNillableEnabled(v *bool) *UserAttributeDefinitionUpdate {
+	if v != nil {
+		_u.SetEnabled(*v)
+	}
+	return _u
+}
+
+// AddValueIDs adds the "values" edge to the UserAttributeValue entity by IDs.
+func (_u *UserAttributeDefinitionUpdate) AddValueIDs(ids ...int64) *UserAttributeDefinitionUpdate {
+	_u.mutation.AddValueIDs(ids...)
+	return _u
+}
+
+// AddValues adds the "values" edges to the UserAttributeValue entity.
+func (_u *UserAttributeDefinitionUpdate) AddValues(v ...*UserAttributeValue) *UserAttributeDefinitionUpdate {
+	ids := make([]int64, len(v))
+	for i := range v {
+		ids[i] = v[i].ID
+	}
+	return _u.AddValueIDs(ids...)
+}
+
+// Mutation returns the UserAttributeDefinitionMutation object of the builder.
+func (_u *UserAttributeDefinitionUpdate) Mutation() *UserAttributeDefinitionMutation {
+	return _u.mutation
+}
+
+// ClearValues clears all "values" edges to the UserAttributeValue entity.
+func (_u *UserAttributeDefinitionUpdate) ClearValues() *UserAttributeDefinitionUpdate {
+	_u.mutation.ClearValues()
+	return _u
+}
+
+// RemoveValueIDs removes the "values" edge to UserAttributeValue entities by IDs.
+func (_u *UserAttributeDefinitionUpdate) RemoveValueIDs(ids ...int64) *UserAttributeDefinitionUpdate {
+	_u.mutation.RemoveValueIDs(ids...)
+	return _u
+}
+
+// RemoveValues removes "values" edges to UserAttributeValue entities.
+func (_u *UserAttributeDefinitionUpdate) RemoveValues(v ...*UserAttributeValue) *UserAttributeDefinitionUpdate {
+	ids := make([]int64, len(v))
+	for i := range v {
+		ids[i] = v[i].ID
+	}
+	return _u.RemoveValueIDs(ids...)
+}
+
+// Save executes the query and returns the number of nodes affected by the update operation.
+func (_u *UserAttributeDefinitionUpdate) Save(ctx context.Context) (int, error) {
+	if err := _u.defaults(); err != nil {
+		return 0, err
+	}
+	return withHooks(ctx, _u.sqlSave, _u.mutation, _u.hooks)
+}
+
+// SaveX is like Save, but panics if an error occurs.
+func (_u *UserAttributeDefinitionUpdate) SaveX(ctx context.Context) int {
+	affected, err := _u.Save(ctx)
+	if err != nil {
+		panic(err)
+	}
+	return affected
+}
+
+// Exec executes the query.
+func (_u *UserAttributeDefinitionUpdate) Exec(ctx context.Context) error {
+	_, err := _u.Save(ctx)
+	return err
+}
+
+// ExecX is like Exec, but panics if an error occurs.
+func (_u *UserAttributeDefinitionUpdate) ExecX(ctx context.Context) {
+	if err := _u.Exec(ctx); err != nil {
+		panic(err)
+	}
+}
+
+// defaults sets the default values of the builder before save.
+func (_u *UserAttributeDefinitionUpdate) defaults() error {
+	if _, ok := _u.mutation.UpdatedAt(); !ok {
+		if userattributedefinition.UpdateDefaultUpdatedAt == nil {
+			return fmt.Errorf("ent: uninitialized userattributedefinition.UpdateDefaultUpdatedAt (forgotten import ent/runtime?)")
+		}
+		v := userattributedefinition.UpdateDefaultUpdatedAt()
+		_u.mutation.SetUpdatedAt(v)
+	}
+	return nil
+}
+
+// check runs all checks and user-defined validators on the builder.
+func (_u *UserAttributeDefinitionUpdate) check() error {
+	if v, ok := _u.mutation.Key(); ok {
+		if err := userattributedefinition.KeyValidator(v); err != nil {
+			return &ValidationError{Name: "key", err: fmt.Errorf(`ent: validator failed for field "UserAttributeDefinition.key": %w`, err)}
+		}
+	}
+	if v, ok := _u.mutation.Name(); ok {
+		if err := userattributedefinition.NameValidator(v); err != nil {
+			return &ValidationError{Name: "name", err: fmt.Errorf(`ent: validator failed for field "UserAttributeDefinition.name": %w`, err)}
+		}
+	}
+	if v, ok := _u.mutation.GetType(); ok {
+		if err := userattributedefinition.TypeValidator(v); err != nil {
+			return &ValidationError{Name: "type", err: fmt.Errorf(`ent: validator failed for field "UserAttributeDefinition.type": %w`, err)}
+		}
+	}
+	if v, ok := _u.mutation.Placeholder(); ok {
+		if err := userattributedefinition.PlaceholderValidator(v); err != nil {
+			return &ValidationError{Name: "placeholder", err: fmt.Errorf(`ent: validator failed for field "UserAttributeDefinition.placeholder": %w`, err)}
+		}
+	}
+	return nil
+}
+
+func (_u *UserAttributeDefinitionUpdate) sqlSave(ctx context.Context) (_node int, err error) {
+	if err := _u.check(); err != nil {
+		return _node, err
+	}
+	_spec := sqlgraph.NewUpdateSpec(userattributedefinition.Table, userattributedefinition.Columns, sqlgraph.NewFieldSpec(userattributedefinition.FieldID, field.TypeInt64))
+	if ps := _u.mutation.predicates; len(ps) > 0 {
+		_spec.Predicate = func(selector *sql.Selector) {
+			for i := range ps {
+				ps[i](selector)
+			}
+		}
+	}
+	if value, ok := _u.mutation.UpdatedAt(); ok {
+		_spec.SetField(userattributedefinition.FieldUpdatedAt, field.TypeTime, value)
+	}
+	if value, ok := _u.mutation.DeletedAt(); ok {
+		_spec.SetField(userattributedefinition.FieldDeletedAt, field.TypeTime, value)
+	}
+	if _u.mutation.DeletedAtCleared() {
+		_spec.ClearField(userattributedefinition.FieldDeletedAt, field.TypeTime)
+	}
+	if value, ok := _u.mutation.Key(); ok {
+		_spec.SetField(userattributedefinition.FieldKey, field.TypeString, value)
+	}
+	if value, ok := _u.mutation.Name(); ok {
+		_spec.SetField(userattributedefinition.FieldName, field.TypeString, value)
+	}
+	if value, ok := _u.mutation.Description(); ok {
+		_spec.SetField(userattributedefinition.FieldDescription, field.TypeString, value)
+	}
+	if value, ok := _u.mutation.GetType(); ok {
+		_spec.SetField(userattributedefinition.FieldType, field.TypeString, value)
+	}
+	if value, ok := _u.mutation.Options(); ok {
+		_spec.SetField(userattributedefinition.FieldOptions, field.TypeJSON, value)
+	}
+	if value, ok := _u.mutation.AppendedOptions(); ok {
+		_spec.AddModifier(func(u *sql.UpdateBuilder) {
+			sqljson.Append(u, userattributedefinition.FieldOptions, value)
+		})
+	}
+	if value, ok := _u.mutation.Required(); ok {
+		_spec.SetField(userattributedefinition.FieldRequired, field.TypeBool, value)
+	}
+	if value, ok := _u.mutation.Validation(); ok {
+		_spec.SetField(userattributedefinition.FieldValidation, field.TypeJSON, value)
+	}
+	if value, ok := _u.mutation.Placeholder(); ok {
+		_spec.SetField(userattributedefinition.FieldPlaceholder, field.TypeString, value)
+	}
+	if value, ok := _u.mutation.DisplayOrder(); ok {
+		_spec.SetField(userattributedefinition.FieldDisplayOrder, field.TypeInt, value)
+	}
+	if value, ok := _u.mutation.AddedDisplayOrder(); ok {
+		_spec.AddField(userattributedefinition.FieldDisplayOrder, field.TypeInt, value)
+	}
+	if value, ok := _u.mutation.Enabled(); ok {
+		_spec.SetField(userattributedefinition.FieldEnabled, field.TypeBool, value)
+	}
+	if _u.mutation.ValuesCleared() {
+		edge := &sqlgraph.EdgeSpec{
+			Rel:     sqlgraph.O2M,
+			Inverse: false,
+			Table:   userattributedefinition.ValuesTable,
+			Columns: []string{userattributedefinition.ValuesColumn},
+			Bidi:    false,
+			Target: &sqlgraph.EdgeTarget{
+				IDSpec: sqlgraph.NewFieldSpec(userattributevalue.FieldID, field.TypeInt64),
+			},
+		}
+		_spec.Edges.Clear = append(_spec.Edges.Clear, edge)
+	}
+	if nodes := _u.mutation.RemovedValuesIDs(); len(nodes) > 0 && !_u.mutation.ValuesCleared() {
+		edge := &sqlgraph.EdgeSpec{
+			Rel:     sqlgraph.O2M,
+			Inverse: false,
+			Table:   userattributedefinition.ValuesTable,
+			Columns: []string{userattributedefinition.ValuesColumn},
+			Bidi:    false,
+			Target: &sqlgraph.EdgeTarget{
+				IDSpec: sqlgraph.NewFieldSpec(userattributevalue.FieldID, field.TypeInt64),
+			},
+		}
+		for _, k := range nodes {
+			edge.Target.Nodes = append(edge.Target.Nodes, k)
+		}
+		_spec.Edges.Clear = append(_spec.Edges.Clear, edge)
+	}
+	if nodes := _u.mutation.ValuesIDs(); len(nodes) > 0 {
+		edge := &sqlgraph.EdgeSpec{
+			Rel:     sqlgraph.O2M,
+			Inverse: false,
+			Table:   userattributedefinition.ValuesTable,
+			Columns: []string{userattributedefinition.ValuesColumn},
+			Bidi:    false,
+			Target: &sqlgraph.EdgeTarget{
+				IDSpec: sqlgraph.NewFieldSpec(userattributevalue.FieldID, field.TypeInt64),
+			},
+		}
+		for _, k := range nodes {
+			edge.Target.Nodes = append(edge.Target.Nodes, k)
+		}
+		_spec.Edges.Add = append(_spec.Edges.Add, edge)
+	}
+	if _node, err = sqlgraph.UpdateNodes(ctx, _u.driver, _spec); err != nil {
+		if _, ok := err.(*sqlgraph.NotFoundError); ok {
+			err = &NotFoundError{userattributedefinition.Label}
+		} else if sqlgraph.IsConstraintError(err) {
+			err = &ConstraintError{msg: err.Error(), wrap: err}
+		}
+		return 0, err
+	}
+	_u.mutation.done = true
+	return _node, nil
+}
+
+// UserAttributeDefinitionUpdateOne is the builder for updating a single UserAttributeDefinition entity.
+type UserAttributeDefinitionUpdateOne struct {
+	config
+	fields   []string
+	hooks    []Hook
+	mutation *UserAttributeDefinitionMutation
+}
+
+// SetUpdatedAt sets the "updated_at" field.
+func (_u *UserAttributeDefinitionUpdateOne) SetUpdatedAt(v time.Time) *UserAttributeDefinitionUpdateOne {
+	_u.mutation.SetUpdatedAt(v)
+	return _u
+}
+
+// SetDeletedAt sets the "deleted_at" field.
+func (_u *UserAttributeDefinitionUpdateOne) SetDeletedAt(v time.Time) *UserAttributeDefinitionUpdateOne {
+	_u.mutation.SetDeletedAt(v)
+	return _u
+}
+
+// SetNillableDeletedAt sets the "deleted_at" field if the given value is not nil.
+func (_u *UserAttributeDefinitionUpdateOne) SetNillableDeletedAt(v *time.Time) *UserAttributeDefinitionUpdateOne {
+	if v != nil {
+		_u.SetDeletedAt(*v)
+	}
+	return _u
+}
+
+// ClearDeletedAt clears the value of the "deleted_at" field.
+func (_u *UserAttributeDefinitionUpdateOne) ClearDeletedAt() *UserAttributeDefinitionUpdateOne {
+	_u.mutation.ClearDeletedAt()
+	return _u
+}
+
+// SetKey sets the "key" field.
+func (_u *UserAttributeDefinitionUpdateOne) SetKey(v string) *UserAttributeDefinitionUpdateOne {
+	_u.mutation.SetKey(v)
+	return _u
+}
+
+// SetNillableKey sets the "key" field if the given value is not nil.
+func (_u *UserAttributeDefinitionUpdateOne) SetNillableKey(v *string) *UserAttributeDefinitionUpdateOne {
+	if v != nil {
+		_u.SetKey(*v)
+	}
+	return _u
+}
+
+// SetName sets the "name" field.
+func (_u *UserAttributeDefinitionUpdateOne) SetName(v string) *UserAttributeDefinitionUpdateOne {
+	_u.mutation.SetName(v)
+	return _u
+}
+
+// SetNillableName sets the "name" field if the given value is not nil.
+func (_u *UserAttributeDefinitionUpdateOne) SetNillableName(v *string) *UserAttributeDefinitionUpdateOne {
+	if v != nil {
+		_u.SetName(*v)
+	}
+	return _u
+}
+
+// SetDescription sets the "description" field.
+func (_u *UserAttributeDefinitionUpdateOne) SetDescription(v string) *UserAttributeDefinitionUpdateOne {
+	_u.mutation.SetDescription(v)
+	return _u
+}
+
+// SetNillableDescription sets the "description" field if the given value is not nil.
+func (_u *UserAttributeDefinitionUpdateOne) SetNillableDescription(v *string) *UserAttributeDefinitionUpdateOne {
+	if v != nil {
+		_u.SetDescription(*v)
+	}
+	return _u
+}
+
+// SetType sets the "type" field.
+func (_u *UserAttributeDefinitionUpdateOne) SetType(v string) *UserAttributeDefinitionUpdateOne {
+	_u.mutation.SetType(v)
+	return _u
+}
+
+// SetNillableType sets the "type" field if the given value is not nil.
+func (_u *UserAttributeDefinitionUpdateOne) SetNillableType(v *string) *UserAttributeDefinitionUpdateOne {
+	if v != nil {
+		_u.SetType(*v)
+	}
+	return _u
+}
+
+// SetOptions sets the "options" field.
+func (_u *UserAttributeDefinitionUpdateOne) SetOptions(v []map[string]interface{}) *UserAttributeDefinitionUpdateOne {
+	_u.mutation.SetOptions(v)
+	return _u
+}
+
+// AppendOptions appends value to the "options" field.
+func (_u *UserAttributeDefinitionUpdateOne) AppendOptions(v []map[string]interface{}) *UserAttributeDefinitionUpdateOne {
+	_u.mutation.AppendOptions(v)
+	return _u
+}
+
+// SetRequired sets the "required" field.
+func (_u *UserAttributeDefinitionUpdateOne) SetRequired(v bool) *UserAttributeDefinitionUpdateOne {
+	_u.mutation.SetRequired(v)
+	return _u
+}
+
+// SetNillableRequired sets the "required" field if the given value is not nil.
+func (_u *UserAttributeDefinitionUpdateOne) SetNillableRequired(v *bool) *UserAttributeDefinitionUpdateOne {
+	if v != nil {
+		_u.SetRequired(*v)
+	}
+	return _u
+}
+
+// SetValidation sets the "validation" field.
+func (_u *UserAttributeDefinitionUpdateOne) SetValidation(v map[string]interface{}) *UserAttributeDefinitionUpdateOne {
+	_u.mutation.SetValidation(v)
+	return _u
+}
+
+// SetPlaceholder sets the "placeholder" field.
+func (_u *UserAttributeDefinitionUpdateOne) SetPlaceholder(v string) *UserAttributeDefinitionUpdateOne {
+	_u.mutation.SetPlaceholder(v)
+	return _u
+}
+
+// SetNillablePlaceholder sets the "placeholder" field if the given value is not nil.
+func (_u *UserAttributeDefinitionUpdateOne) SetNillablePlaceholder(v *string) *UserAttributeDefinitionUpdateOne {
+	if v != nil {
+		_u.SetPlaceholder(*v)
+	}
+	return _u
+}
+
+// SetDisplayOrder sets the "display_order" field.
+func (_u *UserAttributeDefinitionUpdateOne) SetDisplayOrder(v int) *UserAttributeDefinitionUpdateOne {
+	_u.mutation.ResetDisplayOrder()
+	_u.mutation.SetDisplayOrder(v)
+	return _u
+}
+
+// SetNillableDisplayOrder sets the "display_order" field if the given value is not nil.
+func (_u *UserAttributeDefinitionUpdateOne) SetNillableDisplayOrder(v *int) *UserAttributeDefinitionUpdateOne {
+	if v != nil {
+		_u.SetDisplayOrder(*v)
+	}
+	return _u
+}
+
+// AddDisplayOrder adds value to the "display_order" field.
+func (_u *UserAttributeDefinitionUpdateOne) AddDisplayOrder(v int) *UserAttributeDefinitionUpdateOne {
+	_u.mutation.AddDisplayOrder(v)
+	return _u
+}
+
+// SetEnabled sets the "enabled" field.
+func (_u *UserAttributeDefinitionUpdateOne) SetEnabled(v bool) *UserAttributeDefinitionUpdateOne {
+	_u.mutation.SetEnabled(v)
+	return _u
+}
+
+// SetNillableEnabled sets the "enabled" field if the given value is not nil.
+func (_u *UserAttributeDefinitionUpdateOne) SetNillableEnabled(v *bool) *UserAttributeDefinitionUpdateOne {
+	if v != nil {
+		_u.SetEnabled(*v)
+	}
+	return _u
+}
+
+// AddValueIDs adds the "values" edge to the UserAttributeValue entity by IDs.
+func (_u *UserAttributeDefinitionUpdateOne) AddValueIDs(ids ...int64) *UserAttributeDefinitionUpdateOne {
+	_u.mutation.AddValueIDs(ids...)
+	return _u
+}
+
+// AddValues adds the "values" edges to the UserAttributeValue entity.
+func (_u *UserAttributeDefinitionUpdateOne) AddValues(v ...*UserAttributeValue) *UserAttributeDefinitionUpdateOne {
+	ids := make([]int64, len(v))
+	for i := range v {
+		ids[i] = v[i].ID
+	}
+	return _u.AddValueIDs(ids...)
+}
+
+// Mutation returns the UserAttributeDefinitionMutation object of the builder.
+func (_u *UserAttributeDefinitionUpdateOne) Mutation() *UserAttributeDefinitionMutation {
+	return _u.mutation
+}
+
+// ClearValues clears all "values" edges to the UserAttributeValue entity.
+func (_u *UserAttributeDefinitionUpdateOne) ClearValues() *UserAttributeDefinitionUpdateOne {
+	_u.mutation.ClearValues()
+	return _u
+}
+
+// RemoveValueIDs removes the "values" edge to UserAttributeValue entities by IDs.
+func (_u *UserAttributeDefinitionUpdateOne) RemoveValueIDs(ids ...int64) *UserAttributeDefinitionUpdateOne {
+	_u.mutation.RemoveValueIDs(ids...)
+	return _u
+}
+
+// RemoveValues removes "values" edges to UserAttributeValue entities.
+func (_u *UserAttributeDefinitionUpdateOne) RemoveValues(v ...*UserAttributeValue) *UserAttributeDefinitionUpdateOne {
+	ids := make([]int64, len(v))
+	for i := range v {
+		ids[i] = v[i].ID
+	}
+	return _u.RemoveValueIDs(ids...)
+}
+
+// Where appends a list predicates to the UserAttributeDefinitionUpdate builder.
+func (_u *UserAttributeDefinitionUpdateOne) Where(ps ...predicate.UserAttributeDefinition) *UserAttributeDefinitionUpdateOne {
+	_u.mutation.Where(ps...)
+	return _u
+}
+
+// Select allows selecting one or more fields (columns) of the returned entity.
+// The default is selecting all fields defined in the entity schema.
+func (_u *UserAttributeDefinitionUpdateOne) Select(field string, fields ...string) *UserAttributeDefinitionUpdateOne {
+	_u.fields = append([]string{field}, fields...)
+	return _u
+}
+
+// Save executes the query and returns the updated UserAttributeDefinition entity.
+func (_u *UserAttributeDefinitionUpdateOne) Save(ctx context.Context) (*UserAttributeDefinition, error) {
+	if err := _u.defaults(); err != nil {
+		return nil, err
+	}
+	return withHooks(ctx, _u.sqlSave, _u.mutation, _u.hooks)
+}
+
+// SaveX is like Save, but panics if an error occurs.
+func (_u *UserAttributeDefinitionUpdateOne) SaveX(ctx context.Context) *UserAttributeDefinition {
+	node, err := _u.Save(ctx)
+	if err != nil {
+		panic(err)
+	}
+	return node
+}
+
+// Exec executes the query on the entity.
+func (_u *UserAttributeDefinitionUpdateOne) Exec(ctx context.Context) error {
+	_, err := _u.Save(ctx)
+	return err
+}
+
+// ExecX is like Exec, but panics if an error occurs.
+func (_u *UserAttributeDefinitionUpdateOne) ExecX(ctx context.Context) {
+	if err := _u.Exec(ctx); err != nil {
+		panic(err)
+	}
+}
+
+// defaults sets the default values of the builder before save.
+func (_u *UserAttributeDefinitionUpdateOne) defaults() error {
+	if _, ok := _u.mutation.UpdatedAt(); !ok {
+		if userattributedefinition.UpdateDefaultUpdatedAt == nil {
+			return fmt.Errorf("ent: uninitialized userattributedefinition.UpdateDefaultUpdatedAt (forgotten import ent/runtime?)")
+		}
+		v := userattributedefinition.UpdateDefaultUpdatedAt()
+		_u.mutation.SetUpdatedAt(v)
+	}
+	return nil
+}
+
+// check runs all checks and user-defined validators on the builder.
+func (_u *UserAttributeDefinitionUpdateOne) check() error {
+	if v, ok := _u.mutation.Key(); ok {
+		if err := userattributedefinition.KeyValidator(v); err != nil {
+			return &ValidationError{Name: "key", err: fmt.Errorf(`ent: validator failed for field "UserAttributeDefinition.key": %w`, err)}
+		}
+	}
+	if v, ok := _u.mutation.Name(); ok {
+		if err := userattributedefinition.NameValidator(v); err != nil {
+			return &ValidationError{Name: "name", err: fmt.Errorf(`ent: validator failed for field "UserAttributeDefinition.name": %w`, err)}
+		}
+	}
+	if v, ok := _u.mutation.GetType(); ok {
+		if err := userattributedefinition.TypeValidator(v); err != nil {
+			return &ValidationError{Name: "type", err: fmt.Errorf(`ent: validator failed for field "UserAttributeDefinition.type": %w`, err)}
+		}
+	}
+	if v, ok := _u.mutation.Placeholder(); ok {
+		if err := userattributedefinition.PlaceholderValidator(v); err != nil {
+			return &ValidationError{Name: "placeholder", err: fmt.Errorf(`ent: validator failed for field "UserAttributeDefinition.placeholder": %w`, err)}
+		}
+	}
+	return nil
+}
+
+func (_u *UserAttributeDefinitionUpdateOne) sqlSave(ctx context.Context) (_node *UserAttributeDefinition, err error) {
+	if err := _u.check(); err != nil {
+		return _node, err
+	}
+	_spec := sqlgraph.NewUpdateSpec(userattributedefinition.Table, userattributedefinition.Columns, sqlgraph.NewFieldSpec(userattributedefinition.FieldID, field.TypeInt64))
+	id, ok := _u.mutation.ID()
+	if !ok {
+		return nil, &ValidationError{Name: "id", err: errors.New(`ent: missing "UserAttributeDefinition.id" for update`)}
+	}
+	_spec.Node.ID.Value = id
+	if fields := _u.fields; len(fields) > 0 {
+		_spec.Node.Columns = make([]string, 0, len(fields))
+		_spec.Node.Columns = append(_spec.Node.Columns, userattributedefinition.FieldID)
+		for _, f := range fields {
+			if !userattributedefinition.ValidColumn(f) {
+				return nil, &ValidationError{Name: f, err: fmt.Errorf("ent: invalid field %q for query", f)}
+			}
+			if f != userattributedefinition.FieldID {
+				_spec.Node.Columns = append(_spec.Node.Columns, f)
+			}
+		}
+	}
+	if ps := _u.mutation.predicates; len(ps) > 0 {
+		_spec.Predicate = func(selector *sql.Selector) {
+			for i := range ps {
+				ps[i](selector)
+			}
+		}
+	}
+	if value, ok := _u.mutation.UpdatedAt(); ok {
+		_spec.SetField(userattributedefinition.FieldUpdatedAt, field.TypeTime, value)
+	}
+	if value, ok := _u.mutation.DeletedAt(); ok {
+		_spec.SetField(userattributedefinition.FieldDeletedAt, field.TypeTime, value)
+	}
+	if _u.mutation.DeletedAtCleared() {
+		_spec.ClearField(userattributedefinition.FieldDeletedAt, field.TypeTime)
+	}
+	if value, ok := _u.mutation.Key(); ok {
+		_spec.SetField(userattributedefinition.FieldKey, field.TypeString, value)
+	}
+	if value, ok := _u.mutation.Name(); ok {
+		_spec.SetField(userattributedefinition.FieldName, field.TypeString, value)
+	}
+	if value, ok := _u.mutation.Description(); ok {
+		_spec.SetField(userattributedefinition.FieldDescription, field.TypeString, value)
+	}
+	if value, ok := _u.mutation.GetType(); ok {
+		_spec.SetField(userattributedefinition.FieldType, field.TypeString, value)
+	}
+	if value, ok := _u.mutation.Options(); ok {
+		_spec.SetField(userattributedefinition.FieldOptions, field.TypeJSON, value)
+	}
+	if value, ok := _u.mutation.AppendedOptions(); ok {
+		_spec.AddModifier(func(u *sql.UpdateBuilder) {
+			sqljson.Append(u, userattributedefinition.FieldOptions, value)
+		})
+	}
+	if value, ok := _u.mutation.Required(); ok {
+		_spec.SetField(userattributedefinition.FieldRequired, field.TypeBool, value)
+	}
+	if value, ok := _u.mutation.Validation(); ok {
+		_spec.SetField(userattributedefinition.FieldValidation, field.TypeJSON, value)
+	}
+	if value, ok := _u.mutation.Placeholder(); ok {
+		_spec.SetField(userattributedefinition.FieldPlaceholder, field.TypeString, value)
+	}
+	if value, ok := _u.mutation.DisplayOrder(); ok {
+		_spec.SetField(userattributedefinition.FieldDisplayOrder, field.TypeInt, value)
+	}
+	if value, ok := _u.mutation.AddedDisplayOrder(); ok {
+		_spec.AddField(userattributedefinition.FieldDisplayOrder, field.TypeInt, value)
+	}
+	if value, ok := _u.mutation.Enabled(); ok {
+		_spec.SetField(userattributedefinition.FieldEnabled, field.TypeBool, value)
+	}
+	if _u.mutation.ValuesCleared() {
+		edge := &sqlgraph.EdgeSpec{
+			Rel:     sqlgraph.O2M,
+			Inverse: false,
+			Table:   userattributedefinition.ValuesTable,
+			Columns: []string{userattributedefinition.ValuesColumn},
+			Bidi:    false,
+			Target: &sqlgraph.EdgeTarget{
+				IDSpec: sqlgraph.NewFieldSpec(userattributevalue.FieldID, field.TypeInt64),
+			},
+		}
+		_spec.Edges.Clear = append(_spec.Edges.Clear, edge)
+	}
+	if nodes := _u.mutation.RemovedValuesIDs(); len(nodes) > 0 && !_u.mutation.ValuesCleared() {
+		edge := &sqlgraph.EdgeSpec{
+			Rel:     sqlgraph.O2M,
+			Inverse: false,
+			Table:   userattributedefinition.ValuesTable,
+			Columns: []string{userattributedefinition.ValuesColumn},
+			Bidi:    false,
+			Target: &sqlgraph.EdgeTarget{
+				IDSpec: sqlgraph.NewFieldSpec(userattributevalue.FieldID, field.TypeInt64),
+			},
+		}
+		for _, k := range nodes {
+			edge.Target.Nodes = append(edge.Target.Nodes, k)
+		}
+		_spec.Edges.Clear = append(_spec.Edges.Clear, edge)
+	}
+	if nodes := _u.mutation.ValuesIDs(); len(nodes) > 0 {
+		edge := &sqlgraph.EdgeSpec{
+			Rel:     sqlgraph.O2M,
+			Inverse: false,
+			Table:   userattributedefinition.ValuesTable,
+			Columns: []string{userattributedefinition.ValuesColumn},
+			Bidi:    false,
+			Target: &sqlgraph.EdgeTarget{
+				IDSpec: sqlgraph.NewFieldSpec(userattributevalue.FieldID, field.TypeInt64),
+			},
+		}
+		for _, k := range nodes {
+			edge.Target.Nodes = append(edge.Target.Nodes, k)
+		}
+		_spec.Edges.Add = append(_spec.Edges.Add, edge)
+	}
+	_node = &UserAttributeDefinition{config: _u.config}
+	_spec.Assign = _node.assignValues
+	_spec.ScanValues = _node.scanValues
+	if err = sqlgraph.UpdateNode(ctx, _u.driver, _spec); err != nil {
+		if _, ok := err.(*sqlgraph.NotFoundError); ok {
+			err = &NotFoundError{userattributedefinition.Label}
+		} else if sqlgraph.IsConstraintError(err) {
+			err = &ConstraintError{msg: err.Error(), wrap: err}
+		}
+		return nil, err
+	}
+	_u.mutation.done = true
+	return _node, nil
+}
--- a/backend/ent/userattributevalue.go
+++ b/backend/ent/userattributevalue.go
@@ -0,0 +1,198 @@
+// Code generated by ent, DO NOT EDIT.
+
+package ent
+
+import (
+	"fmt"
+	"strings"
+	"time"
+
+	"entgo.io/ent"
+	"entgo.io/ent/dialect/sql"
+	"github.com/Wei-Shaw/sub2api/ent/user"
+	"github.com/Wei-Shaw/sub2api/ent/userattributedefinition"
+	"github.com/Wei-Shaw/sub2api/ent/userattributevalue"
+)
+
+// UserAttributeValue is the model entity for the UserAttributeValue schema.
+type UserAttributeValue struct {
+	config `json:"-"`
+	// ID of the ent.
+	ID int64 `json:"id,omitempty"`
+	// CreatedAt holds the value of the "created_at" field.
+	CreatedAt time.Time `json:"created_at,omitempty"`
+	// UpdatedAt holds the value of the "updated_at" field.
+	UpdatedAt time.Time `json:"updated_at,omitempty"`
+	// UserID holds the value of the "user_id" field.
+	UserID int64 `json:"user_id,omitempty"`
+	// AttributeID holds the value of the "attribute_id" field.
+	AttributeID int64 `json:"attribute_id,omitempty"`
+	// Value holds the value of the "value" field.
+	Value string `json:"value,omitempty"`
+	// Edges holds the relations/edges for other nodes in the graph.
+	// The values are being populated by the UserAttributeValueQuery when eager-loading is set.
+	Edges        UserAttributeValueEdges `json:"edges"`
+	selectValues sql.SelectValues
+}
+
+// UserAttributeValueEdges holds the relations/edges for other nodes in the graph.
+type UserAttributeValueEdges struct {
+	// User holds the value of the user edge.
+	User *User `json:"user,omitempty"`
+	// Definition holds the value of the definition edge.
+	Definition *UserAttributeDefinition `json:"definition,omitempty"`
+	// loadedTypes holds the information for reporting if a
+	// type was loaded (or requested) in eager-loading or not.
+	loadedTypes [2]bool
+}
+
+// UserOrErr returns the User value or an error if the edge
+// was not loaded in eager-loading, or loaded but was not found.
+func (e UserAttributeValueEdges) UserOrErr() (*User, error) {
+	if e.User != nil {
+		return e.User, nil
+	} else if e.loadedTypes[0] {
+		return nil, &NotFoundError{label: user.Label}
+	}
+	return nil, &NotLoadedError{edge: "user"}
+}
+
+// DefinitionOrErr returns the Definition value or an error if the edge
+// was not loaded in eager-loading, or loaded but was not found.
+func (e UserAttributeValueEdges) DefinitionOrErr() (*UserAttributeDefinition, error) {
+	if e.Definition != nil {
+		return e.Definition, nil
+	} else if e.loadedTypes[1] {
+		return nil, &NotFoundError{label: userattributedefinition.Label}
+	}
+	return nil, &NotLoadedError{edge: "definition"}
+}
+
+// scanValues returns the types for scanning values from sql.Rows.
+func (*UserAttributeValue) scanValues(columns []string) ([]any, error) {
+	values := make([]any, len(columns))
+	for i := range columns {
+		switch columns[i] {
+		case userattributevalue.FieldID, userattributevalue.FieldUserID, userattributevalue.FieldAttributeID:
+			values[i] = new(sql.NullInt64)
+		case userattributevalue.FieldValue:
+			values[i] = new(sql.NullString)
+		case userattributevalue.FieldCreatedAt, userattributevalue.FieldUpdatedAt:
+			values[i] = new(sql.NullTime)
+		default:
+			values[i] = new(sql.UnknownType)
+		}
+	}
+	return values, nil
+}
+
+// assignValues assigns the values that were returned from sql.Rows (after scanning)
+// to the UserAttributeValue fields.
+func (_m *UserAttributeValue) assignValues(columns []string, values []any) error {
+	if m, n := len(values), len(columns); m < n {
+		return fmt.Errorf("mismatch number of scan values: %d != %d", m, n)
+	}
+	for i := range columns {
+		switch columns[i] {
+		case userattributevalue.FieldID:
+			value, ok := values[i].(*sql.NullInt64)
+			if !ok {
+				return fmt.Errorf("unexpected type %T for field id", value)
+			}
+			_m.ID = int64(value.Int64)
+		case userattributevalue.FieldCreatedAt:
+			if value, ok := values[i].(*sql.NullTime); !ok {
+				return fmt.Errorf("unexpected type %T for field created_at", values[i])
+			} else if value.Valid {
+				_m.CreatedAt = value.Time
+			}
+		case userattributevalue.FieldUpdatedAt:
+			if value, ok := values[i].(*sql.NullTime); !ok {
+				return fmt.Errorf("unexpected type %T for field updated_at", values[i])
+			} else if value.Valid {
+				_m.UpdatedAt = value.Time
+			}
+		case userattributevalue.FieldUserID:
+			if value, ok := values[i].(*sql.NullInt64); !ok {
+				return fmt.Errorf("unexpected type %T for field user_id", values[i])
+			} else if value.Valid {
+				_m.UserID = value.Int64
+			}
+		case userattributevalue.FieldAttributeID:
+			if value, ok := values[i].(*sql.NullInt64); !ok {
+				return fmt.Errorf("unexpected type %T for field attribute_id", values[i])
+			} else if value.Valid {
+				_m.AttributeID = value.Int64
+			}
+		case userattributevalue.FieldValue:
+			if value, ok := values[i].(*sql.NullString); !ok {
+				return fmt.Errorf("unexpected type %T for field value", values[i])
+			} else if value.Valid {
+				_m.Value = value.String
+			}
+		default:
+			_m.selectValues.Set(columns[i], values[i])
+		}
+	}
+	return nil
+}
+
+// GetValue returns the ent.Value that was dynamically selected and assigned to the UserAttributeValue.
+// This includes values selected through modifiers, order, etc.
+func (_m *UserAttributeValue) GetValue(name string) (ent.Value, error) {
+	return _m.selectValues.Get(name)
+}
+
+// QueryUser queries the "user" edge of the UserAttributeValue entity.
+func (_m *UserAttributeValue) QueryUser() *UserQuery {
+	return NewUserAttributeValueClient(_m.config).QueryUser(_m)
+}
+
+// QueryDefinition queries the "definition" edge of the UserAttributeValue entity.
+func (_m *UserAttributeValue) QueryDefinition() *UserAttributeDefinitionQuery {
+	return NewUserAttributeValueClient(_m.config).QueryDefinition(_m)
+}
+
+// Update returns a builder for updating this UserAttributeValue.
+// Note that you need to call UserAttributeValue.Unwrap() before calling this method if this UserAttributeValue
+// was returned from a transaction, and the transaction was committed or rolled back.
+func (_m *UserAttributeValue) Update() *UserAttributeValueUpdateOne {
+	return NewUserAttributeValueClient(_m.config).UpdateOne(_m)
+}
+
+// Unwrap unwraps the UserAttributeValue entity that was returned from a transaction after it was closed,
+// so that all future queries will be executed through the driver which created the transaction.
+func (_m *UserAttributeValue) Unwrap() *UserAttributeValue {
+	_tx, ok := _m.config.driver.(*txDriver)
+	if !ok {
+		panic("ent: UserAttributeValue is not a transactional entity")
+	}
+	_m.config.driver = _tx.drv
+	return _m
+}
+
+// String implements the fmt.Stringer.
+func (_m *UserAttributeValue) String() string {
+	var builder strings.Builder
+	builder.WriteString("UserAttributeValue(")
+	builder.WriteString(fmt.Sprintf("id=%v, ", _m.ID))
+	builder.WriteString("created_at=")
+	builder.WriteString(_m.CreatedAt.Format(time.ANSIC))
+	builder.WriteString(", ")
+	builder.WriteString("updated_at=")
+	builder.WriteString(_m.UpdatedAt.Format(time.ANSIC))
+	builder.WriteString(", ")
+	builder.WriteString("user_id=")
+	builder.WriteString(fmt.Sprintf("%v", _m.UserID))
+	builder.WriteString(", ")
+	builder.WriteString("attribute_id=")
+	builder.WriteString(fmt.Sprintf("%v", _m.AttributeID))
+	builder.WriteString(", ")
+	builder.WriteString("value=")
+	builder.WriteString(_m.Value)
+	builder.WriteByte(')')
+	return builder.String()
+}
+
+// UserAttributeValues is a parsable slice of UserAttributeValue.
+type UserAttributeValues []*UserAttributeValue
--- a/backend/ent/userattributevalue/userattributevalue.go
+++ b/backend/ent/userattributevalue/userattributevalue.go
@@ -0,0 +1,139 @@
+// Code generated by ent, DO NOT EDIT.
+
+package userattributevalue
+
+import (
+	"time"
+
+	"entgo.io/ent/dialect/sql"
+	"entgo.io/ent/dialect/sql/sqlgraph"
+)
+
+const (
+	// Label holds the string label denoting the userattributevalue type in the database.
+	Label = "user_attribute_value"
+	// FieldID holds the string denoting the id field in the database.
+	FieldID = "id"
+	// FieldCreatedAt holds the string denoting the created_at field in the database.
+	FieldCreatedAt = "created_at"
+	// FieldUpdatedAt holds the string denoting the updated_at field in the database.
+	FieldUpdatedAt = "updated_at"
+	// FieldUserID holds the string denoting the user_id field in the database.
+	FieldUserID = "user_id"
+	// FieldAttributeID holds the string denoting the attribute_id field in the database.
+	FieldAttributeID = "attribute_id"
+	// FieldValue holds the string denoting the value field in the database.
+	FieldValue = "value"
+	// EdgeUser holds the string denoting the user edge name in mutations.
+	EdgeUser = "user"
+	// EdgeDefinition holds the string denoting the definition edge name in mutations.
+	EdgeDefinition = "definition"
+	// Table holds the table name of the userattributevalue in the database.
+	Table = "user_attribute_values"
+	// UserTable is the table that holds the user relation/edge.
+	UserTable = "user_attribute_values"
+	// UserInverseTable is the table name for the User entity.
+	// It exists in this package in order to avoid circular dependency with the "user" package.
+	UserInverseTable = "users"
+	// UserColumn is the table column denoting the user relation/edge.
+	UserColumn = "user_id"
+	// DefinitionTable is the table that holds the definition relation/edge.
+	DefinitionTable = "user_attribute_values"
+	// DefinitionInverseTable is the table name for the UserAttributeDefinition entity.
+	// It exists in this package in order to avoid circular dependency with the "userattributedefinition" package.
+	DefinitionInverseTable = "user_attribute_definitions"
+	// DefinitionColumn is the table column denoting the definition relation/edge.
+	DefinitionColumn = "attribute_id"
+)
+
+// Columns holds all SQL columns for userattributevalue fields.
+var Columns = []string{
+	FieldID,
+	FieldCreatedAt,
+	FieldUpdatedAt,
+	FieldUserID,
+	FieldAttributeID,
+	FieldValue,
+}
+
+// ValidColumn reports if the column name is valid (part of the table columns).
+func ValidColumn(column string) bool {
+	for i := range Columns {
+		if column == Columns[i] {
+			return true
+		}
+	}
+	return false
+}
+
+var (
+	// DefaultCreatedAt holds the default value on creation for the "created_at" field.
+	DefaultCreatedAt func() time.Time
+	// DefaultUpdatedAt holds the default value on creation for the "updated_at" field.
+	DefaultUpdatedAt func() time.Time
+	// UpdateDefaultUpdatedAt holds the default value on update for the "updated_at" field.
+	UpdateDefaultUpdatedAt func() time.Time
+	// DefaultValue holds the default value on creation for the "value" field.
+	DefaultValue string
+)
+
+// OrderOption defines the ordering options for the UserAttributeValue queries.
+type OrderOption func(*sql.Selector)
+
+// ByID orders the results by the id field.
+func ByID(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldID, opts...).ToFunc()
+}
+
+// ByCreatedAt orders the results by the created_at field.
+func ByCreatedAt(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldCreatedAt, opts...).ToFunc()
+}
+
+// ByUpdatedAt orders the results by the updated_at field.
+func ByUpdatedAt(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldUpdatedAt, opts...).ToFunc()
+}
+
+// ByUserID orders the results by the user_id field.
+func ByUserID(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldUserID, opts...).ToFunc()
+}
+
+// ByAttributeID orders the results by the attribute_id field.
+func ByAttributeID(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldAttributeID, opts...).ToFunc()
+}
+
+// ByValue orders the results by the value field.
+func ByValue(opts ...sql.OrderTermOption) OrderOption {
+	return sql.OrderByField(FieldValue, opts...).ToFunc()
+}
+
+// ByUserField orders the results by user field.
+func ByUserField(field string, opts ...sql.OrderTermOption) OrderOption {
+	return func(s *sql.Selector) {
+		sqlgraph.OrderByNeighborTerms(s, newUserStep(), sql.OrderByField(field, opts...))
+	}
+}
+
+// ByDefinitionField orders the results by definition field.
+func ByDefinitionField(field string, opts ...sql.OrderTermOption) OrderOption {
+	return func(s *sql.Selector) {
+		sqlgraph.OrderByNeighborTerms(s, newDefinitionStep(), sql.OrderByField(field, opts...))
+	}
+}
+func newUserStep() *sqlgraph.Step {
+	return sqlgraph.NewStep(
+		sqlgraph.From(Table, FieldID),
+		sqlgraph.To(UserInverseTable, FieldID),
+		sqlgraph.Edge(sqlgraph.M2O, true, UserTable, UserColumn),
+	)
+}
+func newDefinitionStep() *sqlgraph.Step {
+	return sqlgraph.NewStep(
+		sqlgraph.From(Table, FieldID),
+		sqlgraph.To(DefinitionInverseTable, FieldID),
+		sqlgraph.Edge(sqlgraph.M2O, true, DefinitionTable, DefinitionColumn),
+	)
+}
--- a/backend/ent/userattributevalue/where.go
+++ b/backend/ent/userattributevalue/where.go
@@ -0,0 +1,327 @@
+// Code generated by ent, DO NOT EDIT.
+
+package userattributevalue
+
+import (
+	"time"
+
+	"entgo.io/ent/dialect/sql"
+	"entgo.io/ent/dialect/sql/sqlgraph"
+	"github.com/Wei-Shaw/sub2api/ent/predicate"
+)
+
+// ID filters vertices based on their ID field.
+func ID(id int64) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldEQ(FieldID, id))
+}
+
+// IDEQ applies the EQ predicate on the ID field.
+func IDEQ(id int64) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldEQ(FieldID, id))
+}
+
+// IDNEQ applies the NEQ predicate on the ID field.
+func IDNEQ(id int64) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldNEQ(FieldID, id))
+}
+
+// IDIn applies the In predicate on the ID field.
+func IDIn(ids ...int64) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldIn(FieldID, ids...))
+}
+
+// IDNotIn applies the NotIn predicate on the ID field.
+func IDNotIn(ids ...int64) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldNotIn(FieldID, ids...))
+}
+
+// IDGT applies the GT predicate on the ID field.
+func IDGT(id int64) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldGT(FieldID, id))
+}
+
+// IDGTE applies the GTE predicate on the ID field.
+func IDGTE(id int64) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldGTE(FieldID, id))
+}
+
+// IDLT applies the LT predicate on the ID field.
+func IDLT(id int64) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldLT(FieldID, id))
+}
+
+// IDLTE applies the LTE predicate on the ID field.
+func IDLTE(id int64) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldLTE(FieldID, id))
+}
+
+// CreatedAt applies equality check predicate on the "created_at" field. It's identical to CreatedAtEQ.
+func CreatedAt(v time.Time) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldEQ(FieldCreatedAt, v))
+}
+
+// UpdatedAt applies equality check predicate on the "updated_at" field. It's identical to UpdatedAtEQ.
+func UpdatedAt(v time.Time) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldEQ(FieldUpdatedAt, v))
+}
+
+// UserID applies equality check predicate on the "user_id" field. It's identical to UserIDEQ.
+func UserID(v int64) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldEQ(FieldUserID, v))
+}
+
+// AttributeID applies equality check predicate on the "attribute_id" field. It's identical to AttributeIDEQ.
+func AttributeID(v int64) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldEQ(FieldAttributeID, v))
+}
+
+// Value applies equality check predicate on the "value" field. It's identical to ValueEQ.
+func Value(v string) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldEQ(FieldValue, v))
+}
+
+// CreatedAtEQ applies the EQ predicate on the "created_at" field.
+func CreatedAtEQ(v time.Time) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldEQ(FieldCreatedAt, v))
+}
+
+// CreatedAtNEQ applies the NEQ predicate on the "created_at" field.
+func CreatedAtNEQ(v time.Time) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldNEQ(FieldCreatedAt, v))
+}
+
+// CreatedAtIn applies the In predicate on the "created_at" field.
+func CreatedAtIn(vs ...time.Time) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldIn(FieldCreatedAt, vs...))
+}
+
+// CreatedAtNotIn applies the NotIn predicate on the "created_at" field.
+func CreatedAtNotIn(vs ...time.Time) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldNotIn(FieldCreatedAt, vs...))
+}
+
+// CreatedAtGT applies the GT predicate on the "created_at" field.
+func CreatedAtGT(v time.Time) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldGT(FieldCreatedAt, v))
+}
+
+// CreatedAtGTE applies the GTE predicate on the "created_at" field.
+func CreatedAtGTE(v time.Time) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldGTE(FieldCreatedAt, v))
+}
+
+// CreatedAtLT applies the LT predicate on the "created_at" field.
+func CreatedAtLT(v time.Time) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldLT(FieldCreatedAt, v))
+}
+
+// CreatedAtLTE applies the LTE predicate on the "created_at" field.
+func CreatedAtLTE(v time.Time) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldLTE(FieldCreatedAt, v))
+}
+
+// UpdatedAtEQ applies the EQ predicate on the "updated_at" field.
+func UpdatedAtEQ(v time.Time) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldEQ(FieldUpdatedAt, v))
+}
+
+// UpdatedAtNEQ applies the NEQ predicate on the "updated_at" field.
+func UpdatedAtNEQ(v time.Time) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldNEQ(FieldUpdatedAt, v))
+}
+
+// UpdatedAtIn applies the In predicate on the "updated_at" field.
+func UpdatedAtIn(vs ...time.Time) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldIn(FieldUpdatedAt, vs...))
+}
+
+// UpdatedAtNotIn applies the NotIn predicate on the "updated_at" field.
+func UpdatedAtNotIn(vs ...time.Time) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldNotIn(FieldUpdatedAt, vs...))
+}
+
+// UpdatedAtGT applies the GT predicate on the "updated_at" field.
+func UpdatedAtGT(v time.Time) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldGT(FieldUpdatedAt, v))
+}
+
+// UpdatedAtGTE applies the GTE predicate on the "updated_at" field.
+func UpdatedAtGTE(v time.Time) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldGTE(FieldUpdatedAt, v))
+}
+
+// UpdatedAtLT applies the LT predicate on the "updated_at" field.
+func UpdatedAtLT(v time.Time) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldLT(FieldUpdatedAt, v))
+}
+
+// UpdatedAtLTE applies the LTE predicate on the "updated_at" field.
+func UpdatedAtLTE(v time.Time) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldLTE(FieldUpdatedAt, v))
+}
+
+// UserIDEQ applies the EQ predicate on the "user_id" field.
+func UserIDEQ(v int64) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldEQ(FieldUserID, v))
+}
+
+// UserIDNEQ applies the NEQ predicate on the "user_id" field.
+func UserIDNEQ(v int64) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldNEQ(FieldUserID, v))
+}
+
+// UserIDIn applies the In predicate on the "user_id" field.
+func UserIDIn(vs ...int64) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldIn(FieldUserID, vs...))
+}
+
+// UserIDNotIn applies the NotIn predicate on the "user_id" field.
+func UserIDNotIn(vs ...int64) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldNotIn(FieldUserID, vs...))
+}
+
+// AttributeIDEQ applies the EQ predicate on the "attribute_id" field.
+func AttributeIDEQ(v int64) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldEQ(FieldAttributeID, v))
+}
+
+// AttributeIDNEQ applies the NEQ predicate on the "attribute_id" field.
+func AttributeIDNEQ(v int64) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldNEQ(FieldAttributeID, v))
+}
+
+// AttributeIDIn applies the In predicate on the "attribute_id" field.
+func AttributeIDIn(vs ...int64) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldIn(FieldAttributeID, vs...))
+}
+
+// AttributeIDNotIn applies the NotIn predicate on the "attribute_id" field.
+func AttributeIDNotIn(vs ...int64) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldNotIn(FieldAttributeID, vs...))
+}
+
+// ValueEQ applies the EQ predicate on the "value" field.
+func ValueEQ(v string) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldEQ(FieldValue, v))
+}
+
+// ValueNEQ applies the NEQ predicate on the "value" field.
+func ValueNEQ(v string) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldNEQ(FieldValue, v))
+}
+
+// ValueIn applies the In predicate on the "value" field.
+func ValueIn(vs ...string) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldIn(FieldValue, vs...))
+}
+
+// ValueNotIn applies the NotIn predicate on the "value" field.
+func ValueNotIn(vs ...string) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldNotIn(FieldValue, vs...))
+}
+
+// ValueGT applies the GT predicate on the "value" field.
+func ValueGT(v string) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldGT(FieldValue, v))
+}
+
+// ValueGTE applies the GTE predicate on the "value" field.
+func ValueGTE(v string) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldGTE(FieldValue, v))
+}
+
+// ValueLT applies the LT predicate on the "value" field.
+func ValueLT(v string) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldLT(FieldValue, v))
+}
+
+// ValueLTE applies the LTE predicate on the "value" field.
+func ValueLTE(v string) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldLTE(FieldValue, v))
+}
+
+// ValueContains applies the Contains predicate on the "value" field.
+func ValueContains(v string) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldContains(FieldValue, v))
+}
+
+// ValueHasPrefix applies the HasPrefix predicate on the "value" field.
+func ValueHasPrefix(v string) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldHasPrefix(FieldValue, v))
+}
+
+// ValueHasSuffix applies the HasSuffix predicate on the "value" field.
+func ValueHasSuffix(v string) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldHasSuffix(FieldValue, v))
+}
+
+// ValueEqualFold applies the EqualFold predicate on the "value" field.
+func ValueEqualFold(v string) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldEqualFold(FieldValue, v))
+}
+
+// ValueContainsFold applies the ContainsFold predicate on the "value" field.
+func ValueContainsFold(v string) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.FieldContainsFold(FieldValue, v))
+}
+
+// HasUser applies the HasEdge predicate on the "user" edge.
+func HasUser() predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(func(s *sql.Selector) {
+		step := sqlgraph.NewStep(
+			sqlgraph.From(Table, FieldID),
+			sqlgraph.Edge(sqlgraph.M2O, true, UserTable, UserColumn),
+		)
+		sqlgraph.HasNeighbors(s, step)
+	})
+}
+
+// HasUserWith applies the HasEdge predicate on the "user" edge with a given conditions (other predicates).
+func HasUserWith(preds ...predicate.User) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(func(s *sql.Selector) {
+		step := newUserStep()
+		sqlgraph.HasNeighborsWith(s, step, func(s *sql.Selector) {
+			for _, p := range preds {
+				p(s)
+			}
+		})
+	})
+}
+
+// HasDefinition applies the HasEdge predicate on the "definition" edge.
+func HasDefinition() predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(func(s *sql.Selector) {
+		step := sqlgraph.NewStep(
+			sqlgraph.From(Table, FieldID),
+			sqlgraph.Edge(sqlgraph.M2O, true, DefinitionTable, DefinitionColumn),
+		)
+		sqlgraph.HasNeighbors(s, step)
+	})
+}
+
+// HasDefinitionWith applies the HasEdge predicate on the "definition" edge with a given conditions (other predicates).
+func HasDefinitionWith(preds ...predicate.UserAttributeDefinition) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(func(s *sql.Selector) {
+		step := newDefinitionStep()
+		sqlgraph.HasNeighborsWith(s, step, func(s *sql.Selector) {
+			for _, p := range preds {
+				p(s)
+			}
+		})
+	})
+}
+
+// And groups predicates with the AND operator between them.
+func And(predicates ...predicate.UserAttributeValue) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.AndPredicates(predicates...))
+}
+
+// Or groups predicates with the OR operator between them.
+func Or(predicates ...predicate.UserAttributeValue) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.OrPredicates(predicates...))
+}
+
+// Not applies the not operator on the given predicate.
+func Not(p predicate.UserAttributeValue) predicate.UserAttributeValue {
+	return predicate.UserAttributeValue(sql.NotPredicates(p))
+}
--- a/backend/ent/userattributevalue_create.go
+++ b/backend/ent/userattributevalue_create.go
@@ -0,0 +1,731 @@
+// Code generated by ent, DO NOT EDIT.
+
+package ent
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"time"
+
+	"entgo.io/ent/dialect/sql"
+	"entgo.io/ent/dialect/sql/sqlgraph"
+	"entgo.io/ent/schema/field"
+	"github.com/Wei-Shaw/sub2api/ent/user"
+	"github.com/Wei-Shaw/sub2api/ent/userattributedefinition"
+	"github.com/Wei-Shaw/sub2api/ent/userattributevalue"
+)
+
+// UserAttributeValueCreate is the builder for creating a UserAttributeValue entity.
+type UserAttributeValueCreate struct {
+	config
+	mutation *UserAttributeValueMutation
+	hooks    []Hook
+	conflict []sql.ConflictOption
+}
+
+// SetCreatedAt sets the "created_at" field.
+func (_c *UserAttributeValueCreate) SetCreatedAt(v time.Time) *UserAttributeValueCreate {
+	_c.mutation.SetCreatedAt(v)
+	return _c
+}
+
+// SetNillableCreatedAt sets the "created_at" field if the given value is not nil.
+func (_c *UserAttributeValueCreate) SetNillableCreatedAt(v *time.Time) *UserAttributeValueCreate {
+	if v != nil {
+		_c.SetCreatedAt(*v)
+	}
+	return _c
+}
+
+// SetUpdatedAt sets the "updated_at" field.
+func (_c *UserAttributeValueCreate) SetUpdatedAt(v time.Time) *UserAttributeValueCreate {
+	_c.mutation.SetUpdatedAt(v)
+	return _c
+}
+
+// SetNillableUpdatedAt sets the "updated_at" field if the given value is not nil.
+func (_c *UserAttributeValueCreate) SetNillableUpdatedAt(v *time.Time) *UserAttributeValueCreate {
+	if v != nil {
+		_c.SetUpdatedAt(*v)
+	}
+	return _c
+}
+
+// SetUserID sets the "user_id" field.
+func (_c *UserAttributeValueCreate) SetUserID(v int64) *UserAttributeValueCreate {
+	_c.mutation.SetUserID(v)
+	return _c
+}
+
+// SetAttributeID sets the "attribute_id" field.
+func (_c *UserAttributeValueCreate) SetAttributeID(v int64) *UserAttributeValueCreate {
+	_c.mutation.SetAttributeID(v)
+	return _c
+}
+
+// SetValue sets the "value" field.
+func (_c *UserAttributeValueCreate) SetValue(v string) *UserAttributeValueCreate {
+	_c.mutation.SetValue(v)
+	return _c
+}
+
+// SetNillableValue sets the "value" field if the given value is not nil.
+func (_c *UserAttributeValueCreate) SetNillableValue(v *string) *UserAttributeValueCreate {
+	if v != nil {
+		_c.SetValue(*v)
+	}
+	return _c
+}
+
+// SetUser sets the "user" edge to the User entity.
+func (_c *UserAttributeValueCreate) SetUser(v *User) *UserAttributeValueCreate {
+	return _c.SetUserID(v.ID)
+}
+
+// SetDefinitionID sets the "definition" edge to the UserAttributeDefinition entity by ID.
+func (_c *UserAttributeValueCreate) SetDefinitionID(id int64) *UserAttributeValueCreate {
+	_c.mutation.SetDefinitionID(id)
+	return _c
+}
+
+// SetDefinition sets the "definition" edge to the UserAttributeDefinition entity.
+func (_c *UserAttributeValueCreate) SetDefinition(v *UserAttributeDefinition) *UserAttributeValueCreate {
+	return _c.SetDefinitionID(v.ID)
+}
+
+// Mutation returns the UserAttributeValueMutation object of the builder.
+func (_c *UserAttributeValueCreate) Mutation() *UserAttributeValueMutation {
+	return _c.mutation
+}
+
+// Save creates the UserAttributeValue in the database.
+func (_c *UserAttributeValueCreate) Save(ctx context.Context) (*UserAttributeValue, error) {
+	_c.defaults()
+	return withHooks(ctx, _c.sqlSave, _c.mutation, _c.hooks)
+}
+
+// SaveX calls Save and panics if Save returns an error.
+func (_c *UserAttributeValueCreate) SaveX(ctx context.Context) *UserAttributeValue {
+	v, err := _c.Save(ctx)
+	if err != nil {
+		panic(err)
+	}
+	return v
+}
+
+// Exec executes the query.
+func (_c *UserAttributeValueCreate) Exec(ctx context.Context) error {
+	_, err := _c.Save(ctx)
+	return err
+}
+
+// ExecX is like Exec, but panics if an error occurs.
+func (_c *UserAttributeValueCreate) ExecX(ctx context.Context) {
+	if err := _c.Exec(ctx); err != nil {
+		panic(err)
+	}
+}
+
+// defaults sets the default values of the builder before save.
+func (_c *UserAttributeValueCreate) defaults() {
+	if _, ok := _c.mutation.CreatedAt(); !ok {
+		v := userattributevalue.DefaultCreatedAt()
+		_c.mutation.SetCreatedAt(v)
+	}
+	if _, ok := _c.mutation.UpdatedAt(); !ok {
+		v := userattributevalue.DefaultUpdatedAt()
+		_c.mutation.SetUpdatedAt(v)
+	}
+	if _, ok := _c.mutation.Value(); !ok {
+		v := userattributevalue.DefaultValue
+		_c.mutation.SetValue(v)
+	}
+}
+
+// check runs all checks and user-defined validators on the builder.
+func (_c *UserAttributeValueCreate) check() error {
+	if _, ok := _c.mutation.CreatedAt(); !ok {
+		return &ValidationError{Name: "created_at", err: errors.New(`ent: missing required field "UserAttributeValue.created_at"`)}
+	}
+	if _, ok := _c.mutation.UpdatedAt(); !ok {
+		return &ValidationError{Name: "updated_at", err: errors.New(`ent: missing required field "UserAttributeValue.updated_at"`)}
+	}
+	if _, ok := _c.mutation.UserID(); !ok {
+		return &ValidationError{Name: "user_id", err: errors.New(`ent: missing required field "UserAttributeValue.user_id"`)}
+	}
+	if _, ok := _c.mutation.AttributeID(); !ok {
+		return &ValidationError{Name: "attribute_id", err: errors.New(`ent: missing required field "UserAttributeValue.attribute_id"`)}
+	}
+	if _, ok := _c.mutation.Value(); !ok {
+		return &ValidationError{Name: "value", err: errors.New(`ent: missing required field "UserAttributeValue.value"`)}
+	}
+	if len(_c.mutation.UserIDs()) == 0 {
+		return &ValidationError{Name: "user", err: errors.New(`ent: missing required edge "UserAttributeValue.user"`)}
+	}
+	if len(_c.mutation.DefinitionIDs()) == 0 {
+		return &ValidationError{Name: "definition", err: errors.New(`ent: missing required edge "UserAttributeValue.definition"`)}
+	}
+	return nil
+}
+
+func (_c *UserAttributeValueCreate) sqlSave(ctx context.Context) (*UserAttributeValue, error) {
+	if err := _c.check(); err != nil {
+		return nil, err
+	}
+	_node, _spec := _c.createSpec()
+	if err := sqlgraph.CreateNode(ctx, _c.driver, _spec); err != nil {
+		if sqlgraph.IsConstraintError(err) {
+			err = &ConstraintError{msg: err.Error(), wrap: err}
+		}
+		return nil, err
+	}
+	id := _spec.ID.Value.(int64)
+	_node.ID = int64(id)
+	_c.mutation.id = &_node.ID
+	_c.mutation.done = true
+	return _node, nil
+}
+
+func (_c *UserAttributeValueCreate) createSpec() (*UserAttributeValue, *sqlgraph.CreateSpec) {
+	var (
+		_node = &UserAttributeValue{config: _c.config}
+		_spec = sqlgraph.NewCreateSpec(userattributevalue.Table, sqlgraph.NewFieldSpec(userattributevalue.FieldID, field.TypeInt64))
+	)
+	_spec.OnConflict = _c.conflict
+	if value, ok := _c.mutation.CreatedAt(); ok {
+		_spec.SetField(userattributevalue.FieldCreatedAt, field.TypeTime, value)
+		_node.CreatedAt = value
+	}
+	if value, ok := _c.mutation.UpdatedAt(); ok {
+		_spec.SetField(userattributevalue.FieldUpdatedAt, field.TypeTime, value)
+		_node.UpdatedAt = value
+	}
+	if value, ok := _c.mutation.Value(); ok {
+		_spec.SetField(userattributevalue.FieldValue, field.TypeString, value)
+		_node.Value = value
+	}
+	if nodes := _c.mutation.UserIDs(); len(nodes) > 0 {
+		edge := &sqlgraph.EdgeSpec{
+			Rel:     sqlgraph.M2O,
+			Inverse: true,
+			Table:   userattributevalue.UserTable,
+			Columns: []string{userattributevalue.UserColumn},
+			Bidi:    false,
+			Target: &sqlgraph.EdgeTarget{
+				IDSpec: sqlgraph.NewFieldSpec(user.FieldID, field.TypeInt64),
+			},
+		}
+		for _, k := range nodes {
+			edge.Target.Nodes = append(edge.Target.Nodes, k)
+		}
+		_node.UserID = nodes[0]
+		_spec.Edges = append(_spec.Edges, edge)
+	}
+	if nodes := _c.mutation.DefinitionIDs(); len(nodes) > 0 {
+		edge := &sqlgraph.EdgeSpec{
+			Rel:     sqlgraph.M2O,
+			Inverse: true,
+			Table:   userattributevalue.DefinitionTable,
+			Columns: []string{userattributevalue.DefinitionColumn},
+			Bidi:    false,
+			Target: &sqlgraph.EdgeTarget{
+				IDSpec: sqlgraph.NewFieldSpec(userattributedefinition.FieldID, field.TypeInt64),
+			},
+		}
+		for _, k := range nodes {
+			edge.Target.Nodes = append(edge.Target.Nodes, k)
+		}
+		_node.AttributeID = nodes[0]
+		_spec.Edges = append(_spec.Edges, edge)
+	}
+	return _node, _spec
+}
+
+// OnConflict allows configuring the `ON CONFLICT` / `ON DUPLICATE KEY` clause
+// of the `INSERT` statement. For example:
+//
+//	client.UserAttributeValue.Create().
+//		SetCreatedAt(v).
+//		OnConflict(
+//			// Update the row with the new values
+//			// the was proposed for insertion.
+//			sql.ResolveWithNewValues(),
+//		).
+//		// Override some of the fields with custom
+//		// update values.
+//		Update(func(u *ent.UserAttributeValueUpsert) {
+//			SetCreatedAt(v+v).
+//		}).
+//		Exec(ctx)
+func (_c *UserAttributeValueCreate) OnConflict(opts ...sql.ConflictOption) *UserAttributeValueUpsertOne {
+	_c.conflict = opts
+	return &UserAttributeValueUpsertOne{
+		create: _c,
+	}
+}
+
+// OnConflictColumns calls `OnConflict` and configures the columns
+// as conflict target. Using this option is equivalent to using:
+//
+//	client.UserAttributeValue.Create().
+//		OnConflict(sql.ConflictColumns(columns...)).
+//		Exec(ctx)
+func (_c *UserAttributeValueCreate) OnConflictColumns(columns ...string) *UserAttributeValueUpsertOne {
+	_c.conflict = append(_c.conflict, sql.ConflictColumns(columns...))
+	return &UserAttributeValueUpsertOne{
+		create: _c,
+	}
+}
+
+type (
+	// UserAttributeValueUpsertOne is the builder for "upsert"-ing
+	//  one UserAttributeValue node.
+	UserAttributeValueUpsertOne struct {
+		create *UserAttributeValueCreate
+	}
+
+	// UserAttributeValueUpsert is the "OnConflict" setter.
+	UserAttributeValueUpsert struct {
+		*sql.UpdateSet
+	}
+)
+
+// SetUpdatedAt sets the "updated_at" field.
+func (u *UserAttributeValueUpsert) SetUpdatedAt(v time.Time) *UserAttributeValueUpsert {
+	u.Set(userattributevalue.FieldUpdatedAt, v)
+	return u
+}
+
+// UpdateUpdatedAt sets the "updated_at" field to the value that was provided on create.
+func (u *UserAttributeValueUpsert) UpdateUpdatedAt() *UserAttributeValueUpsert {
+	u.SetExcluded(userattributevalue.FieldUpdatedAt)
+	return u
+}
+
+// SetUserID sets the "user_id" field.
+func (u *UserAttributeValueUpsert) SetUserID(v int64) *UserAttributeValueUpsert {
+	u.Set(userattributevalue.FieldUserID, v)
+	return u
+}
+
+// UpdateUserID sets the "user_id" field to the value that was provided on create.
+func (u *UserAttributeValueUpsert) UpdateUserID() *UserAttributeValueUpsert {
+	u.SetExcluded(userattributevalue.FieldUserID)
+	return u
+}
+
+// SetAttributeID sets the "attribute_id" field.
+func (u *UserAttributeValueUpsert) SetAttributeID(v int64) *UserAttributeValueUpsert {
+	u.Set(userattributevalue.FieldAttributeID, v)
+	return u
+}
+
+// UpdateAttributeID sets the "attribute_id" field to the value that was provided on create.
+func (u *UserAttributeValueUpsert) UpdateAttributeID() *UserAttributeValueUpsert {
+	u.SetExcluded(userattributevalue.FieldAttributeID)
+	return u
+}
+
+// SetValue sets the "value" field.
+func (u *UserAttributeValueUpsert) SetValue(v string) *UserAttributeValueUpsert {
+	u.Set(userattributevalue.FieldValue, v)
+	return u
+}
+
+// UpdateValue sets the "value" field to the value that was provided on create.
+func (u *UserAttributeValueUpsert) UpdateValue() *UserAttributeValueUpsert {
+	u.SetExcluded(userattributevalue.FieldValue)
+	return u
+}
+
+// UpdateNewValues updates the mutable fields using the new values that were set on create.
+// Using this option is equivalent to using:
+//
+//	client.UserAttributeValue.Create().
+//		OnConflict(
+//			sql.ResolveWithNewValues(),
+//		).
+//		Exec(ctx)
+func (u *UserAttributeValueUpsertOne) UpdateNewValues() *UserAttributeValueUpsertOne {
+	u.create.conflict = append(u.create.conflict, sql.ResolveWithNewValues())
+	u.create.conflict = append(u.create.conflict, sql.ResolveWith(func(s *sql.UpdateSet) {
+		if _, exists := u.create.mutation.CreatedAt(); exists {
+			s.SetIgnore(userattributevalue.FieldCreatedAt)
+		}
+	}))
+	return u
+}
+
+// Ignore sets each column to itself in case of conflict.
+// Using this option is equivalent to using:
+//
+//	client.UserAttributeValue.Create().
+//	    OnConflict(sql.ResolveWithIgnore()).
+//	    Exec(ctx)
+func (u *UserAttributeValueUpsertOne) Ignore() *UserAttributeValueUpsertOne {
+	u.create.conflict = append(u.create.conflict, sql.ResolveWithIgnore())
+	return u
+}
+
+// DoNothing configures the conflict_action to `DO NOTHING`.
+// Supported only by SQLite and PostgreSQL.
+func (u *UserAttributeValueUpsertOne) DoNothing() *UserAttributeValueUpsertOne {
+	u.create.conflict = append(u.create.conflict, sql.DoNothing())
+	return u
+}
+
+// Update allows overriding fields `UPDATE` values. See the UserAttributeValueCreate.OnConflict
+// documentation for more info.
+func (u *UserAttributeValueUpsertOne) Update(set func(*UserAttributeValueUpsert)) *UserAttributeValueUpsertOne {
+	u.create.conflict = append(u.create.conflict, sql.ResolveWith(func(update *sql.UpdateSet) {
+		set(&UserAttributeValueUpsert{UpdateSet: update})
+	}))
+	return u
+}
+
+// SetUpdatedAt sets the "updated_at" field.
+func (u *UserAttributeValueUpsertOne) SetUpdatedAt(v time.Time) *UserAttributeValueUpsertOne {
+	return u.Update(func(s *UserAttributeValueUpsert) {
+		s.SetUpdatedAt(v)
+	})
+}
+
+// UpdateUpdatedAt sets the "updated_at" field to the value that was provided on create.
+func (u *UserAttributeValueUpsertOne) UpdateUpdatedAt() *UserAttributeValueUpsertOne {
+	return u.Update(func(s *UserAttributeValueUpsert) {
+		s.UpdateUpdatedAt()
+	})
+}
+
+// SetUserID sets the "user_id" field.
+func (u *UserAttributeValueUpsertOne) SetUserID(v int64) *UserAttributeValueUpsertOne {
+	return u.Update(func(s *UserAttributeValueUpsert) {
+		s.SetUserID(v)
+	})
+}
+
+// UpdateUserID sets the "user_id" field to the value that was provided on create.
+func (u *UserAttributeValueUpsertOne) UpdateUserID() *UserAttributeValueUpsertOne {
+	return u.Update(func(s *UserAttributeValueUpsert) {
+		s.UpdateUserID()
+	})
+}
+
+// SetAttributeID sets the "attribute_id" field.
+func (u *UserAttributeValueUpsertOne) SetAttributeID(v int64) *UserAttributeValueUpsertOne {
+	return u.Update(func(s *UserAttributeValueUpsert) {
+		s.SetAttributeID(v)
+	})
+}
+
+// UpdateAttributeID sets the "attribute_id" field to the value that was provided on create.
+func (u *UserAttributeValueUpsertOne) UpdateAttributeID() *UserAttributeValueUpsertOne {
+	return u.Update(func(s *UserAttributeValueUpsert) {
+		s.UpdateAttributeID()
+	})
+}
+
+// SetValue sets the "value" field.
+func (u *UserAttributeValueUpsertOne) SetValue(v string) *UserAttributeValueUpsertOne {
+	return u.Update(func(s *UserAttributeValueUpsert) {
+		s.SetValue(v)
+	})
+}
+
+// UpdateValue sets the "value" field to the value that was provided on create.
+func (u *UserAttributeValueUpsertOne) UpdateValue() *UserAttributeValueUpsertOne {
+	return u.Update(func(s *UserAttributeValueUpsert) {
+		s.UpdateValue()
+	})
+}
+
+// Exec executes the query.
+func (u *UserAttributeValueUpsertOne) Exec(ctx context.Context) error {
+	if len(u.create.conflict) == 0 {
+		return errors.New("ent: missing options for UserAttributeValueCreate.OnConflict")
+	}
+	return u.create.Exec(ctx)
+}
+
+// ExecX is like Exec, but panics if an error occurs.
+func (u *UserAttributeValueUpsertOne) ExecX(ctx context.Context) {
+	if err := u.create.Exec(ctx); err != nil {
+		panic(err)
+	}
+}
+
+// Exec executes the UPSERT query and returns the inserted/updated ID.
+func (u *UserAttributeValueUpsertOne) ID(ctx context.Context) (id int64, err error) {
+	node, err := u.create.Save(ctx)
+	if err != nil {
+		return id, err
+	}
+	return node.ID, nil
+}
+
+// IDX is like ID, but panics if an error occurs.
+func (u *UserAttributeValueUpsertOne) IDX(ctx context.Context) int64 {
+	id, err := u.ID(ctx)
+	if err != nil {
+		panic(err)
+	}
+	return id
+}
+
+// UserAttributeValueCreateBulk is the builder for creating many UserAttributeValue entities in bulk.
+type UserAttributeValueCreateBulk struct {
+	config
+	err      error
+	builders []*UserAttributeValueCreate
+	conflict []sql.ConflictOption
+}
+
+// Save creates the UserAttributeValue entities in the database.
+func (_c *UserAttributeValueCreateBulk) Save(ctx context.Context) ([]*UserAttributeValue, error) {
+	if _c.err != nil {
+		return nil, _c.err
+	}
+	specs := make([]*sqlgraph.CreateSpec, len(_c.builders))
+	nodes := make([]*UserAttributeValue, len(_c.builders))
+	mutators := make([]Mutator, len(_c.builders))
+	for i := range _c.builders {
+		func(i int, root context.Context) {
+			builder := _c.builders[i]
+			builder.defaults()
+			var mut Mutator = MutateFunc(func(ctx context.Context, m Mutation) (Value, error) {
+				mutation, ok := m.(*UserAttributeValueMutation)
+				if !ok {
+					return nil, fmt.Errorf("unexpected mutation type %T", m)
+				}
+				if err := builder.check(); err != nil {
+					return nil, err
+				}
+				builder.mutation = mutation
+				var err error
+				nodes[i], specs[i] = builder.createSpec()
+				if i < len(mutators)-1 {
+					_, err = mutators[i+1].Mutate(root, _c.builders[i+1].mutation)
+				} else {
+					spec := &sqlgraph.BatchCreateSpec{Nodes: specs}
+					spec.OnConflict = _c.conflict
+					// Invoke the actual operation on the latest mutation in the chain.
+					if err = sqlgraph.BatchCreate(ctx, _c.driver, spec); err != nil {
+						if sqlgraph.IsConstraintError(err) {
+							err = &ConstraintError{msg: err.Error(), wrap: err}
+						}
+					}
+				}
+				if err != nil {
+					return nil, err
+				}
+				mutation.id = &nodes[i].ID
+				if specs[i].ID.Value != nil {
+					id := specs[i].ID.Value.(int64)
+					nodes[i].ID = int64(id)
+				}
+				mutation.done = true
+				return nodes[i], nil
+			})
+			for i := len(builder.hooks) - 1; i >= 0; i-- {
+				mut = builder.hooks[i](mut)
+			}
+			mutators[i] = mut
+		}(i, ctx)
+	}
+	if len(mutators) > 0 {
+		if _, err := mutators[0].Mutate(ctx, _c.builders[0].mutation); err != nil {
+			return nil, err
+		}
+	}
+	return nodes, nil
+}
+
+// SaveX is like Save, but panics if an error occurs.
+func (_c *UserAttributeValueCreateBulk) SaveX(ctx context.Context) []*UserAttributeValue {
+	v, err := _c.Save(ctx)
+	if err != nil {
+		panic(err)
+	}
+	return v
+}
+
+// Exec executes the query.
+func (_c *UserAttributeValueCreateBulk) Exec(ctx context.Context) error {
+	_, err := _c.Save(ctx)
+	return err
+}
+
+// ExecX is like Exec, but panics if an error occurs.
+func (_c *UserAttributeValueCreateBulk) ExecX(ctx context.Context) {
+	if err := _c.Exec(ctx); err != nil {
+		panic(err)
+	}
+}
+
+// OnConflict allows configuring the `ON CONFLICT` / `ON DUPLICATE KEY` clause
+// of the `INSERT` statement. For example:
+//
+//	client.UserAttributeValue.CreateBulk(builders...).
+//		OnConflict(
+//			// Update the row with the new values
+//			// the was proposed for insertion.
+//			sql.ResolveWithNewValues(),
+//		).
+//		// Override some of the fields with custom
+//		// update values.
+//		Update(func(u *ent.UserAttributeValueUpsert) {
+//			SetCreatedAt(v+v).
+//		}).
+//		Exec(ctx)
+func (_c *UserAttributeValueCreateBulk) OnConflict(opts ...sql.ConflictOption) *UserAttributeValueUpsertBulk {
+	_c.conflict = opts
+	return &UserAttributeValueUpsertBulk{
+		create: _c,
+	}
+}
+
+// OnConflictColumns calls `OnConflict` and configures the columns
+// as conflict target. Using this option is equivalent to using:
+//
+//	client.UserAttributeValue.Create().
+//		OnConflict(sql.ConflictColumns(columns...)).
+//		Exec(ctx)
+func (_c *UserAttributeValueCreateBulk) OnConflictColumns(columns ...string) *UserAttributeValueUpsertBulk {
+	_c.conflict = append(_c.conflict, sql.ConflictColumns(columns...))
+	return &UserAttributeValueUpsertBulk{
+		create: _c,
+	}
+}
+
+// UserAttributeValueUpsertBulk is the builder for "upsert"-ing
+// a bulk of UserAttributeValue nodes.
+type UserAttributeValueUpsertBulk struct {
+	create *UserAttributeValueCreateBulk
+}
+
+// UpdateNewValues updates the mutable fields using the new values that
+// were set on create. Using this option is equivalent to using:
+//
+//	client.UserAttributeValue.Create().
+//		OnConflict(
+//			sql.ResolveWithNewValues(),
+//		).
+//		Exec(ctx)
+func (u *UserAttributeValueUpsertBulk) UpdateNewValues() *UserAttributeValueUpsertBulk {
+	u.create.conflict = append(u.create.conflict, sql.ResolveWithNewValues())
+	u.create.conflict = append(u.create.conflict, sql.ResolveWith(func(s *sql.UpdateSet) {
+		for _, b := range u.create.builders {
+			if _, exists := b.mutation.CreatedAt(); exists {
+				s.SetIgnore(userattributevalue.FieldCreatedAt)
+			}
+		}
+	}))
+	return u
+}
+
+// Ignore sets each column to itself in case of conflict.
+// Using this option is equivalent to using:
+//
+//	client.UserAttributeValue.Create().
+//		OnConflict(sql.ResolveWithIgnore()).
+//		Exec(ctx)
+func (u *UserAttributeValueUpsertBulk) Ignore() *UserAttributeValueUpsertBulk {
+	u.create.conflict = append(u.create.conflict, sql.ResolveWithIgnore())
+	return u
+}
+
+// DoNothing configures the conflict_action to `DO NOTHING`.
+// Supported only by SQLite and PostgreSQL.
+func (u *UserAttributeValueUpsertBulk) DoNothing() *UserAttributeValueUpsertBulk {
+	u.create.conflict = append(u.create.conflict, sql.DoNothing())
+	return u
+}
+
+// Update allows overriding fields `UPDATE` values. See the UserAttributeValueCreateBulk.OnConflict
+// documentation for more info.
+func (u *UserAttributeValueUpsertBulk) Update(set func(*UserAttributeValueUpsert)) *UserAttributeValueUpsertBulk {
+	u.create.conflict = append(u.create.conflict, sql.ResolveWith(func(update *sql.UpdateSet) {
+		set(&UserAttributeValueUpsert{UpdateSet: update})
+	}))
+	return u
+}
+
+// SetUpdatedAt sets the "updated_at" field.
+func (u *UserAttributeValueUpsertBulk) SetUpdatedAt(v time.Time) *UserAttributeValueUpsertBulk {
+	return u.Update(func(s *UserAttributeValueUpsert) {
+		s.SetUpdatedAt(v)
+	})
+}
+
+// UpdateUpdatedAt sets the "updated_at" field to the value that was provided on create.
+func (u *UserAttributeValueUpsertBulk) UpdateUpdatedAt() *UserAttributeValueUpsertBulk {
+	return u.Update(func(s *UserAttributeValueUpsert) {
+		s.UpdateUpdatedAt()
+	})
+}
+
+// SetUserID sets the "user_id" field.
+func (u *UserAttributeValueUpsertBulk) SetUserID(v int64) *UserAttributeValueUpsertBulk {
+	return u.Update(func(s *UserAttributeValueUpsert) {
+		s.SetUserID(v)
+	})
+}
+
+// UpdateUserID sets the "user_id" field to the value that was provided on create.
+func (u *UserAttributeValueUpsertBulk) UpdateUserID() *UserAttributeValueUpsertBulk {
+	return u.Update(func(s *UserAttributeValueUpsert) {
+		s.UpdateUserID()
+	})
+}
+
+// SetAttributeID sets the "attribute_id" field.
+func (u *UserAttributeValueUpsertBulk) SetAttributeID(v int64) *UserAttributeValueUpsertBulk {
+	return u.Update(func(s *UserAttributeValueUpsert) {
+		s.SetAttributeID(v)
+	})
+}
+
+// UpdateAttributeID sets the "attribute_id" field to the value that was provided on create.
+func (u *UserAttributeValueUpsertBulk) UpdateAttributeID() *UserAttributeValueUpsertBulk {
+	return u.Update(func(s *UserAttributeValueUpsert) {
+		s.UpdateAttributeID()
+	})
+}
+
+// SetValue sets the "value" field.
+func (u *UserAttributeValueUpsertBulk) SetValue(v string) *UserAttributeValueUpsertBulk {
+	return u.Update(func(s *UserAttributeValueUpsert) {
+		s.SetValue(v)
+	})
+}
+
+// UpdateValue sets the "value" field to the value that was provided on create.
+func (u *UserAttributeValueUpsertBulk) UpdateValue() *UserAttributeValueUpsertBulk {
+	return u.Update(func(s *UserAttributeValueUpsert) {
+		s.UpdateValue()
+	})
+}
+
+// Exec executes the query.
+func (u *UserAttributeValueUpsertBulk) Exec(ctx context.Context) error {
+	if u.create.err != nil {
+		return u.create.err
+	}
+	for i, b := range u.create.builders {
+		if len(b.conflict) != 0 {
+			return fmt.Errorf("ent: OnConflict was set for builder %d. Set it on the UserAttributeValueCreateBulk instead", i)
+		}
+	}
+	if len(u.create.conflict) == 0 {
+		return errors.New("ent: missing options for UserAttributeValueCreateBulk.OnConflict")
+	}
+	return u.create.Exec(ctx)
+}
+
+// ExecX is like Exec, but panics if an error occurs.
+func (u *UserAttributeValueUpsertBulk) ExecX(ctx context.Context) {
+	if err := u.create.Exec(ctx); err != nil {
+		panic(err)
+	}
+}
--- a/backend/ent/userattributevalue_delete.go
+++ b/backend/ent/userattributevalue_delete.go
@@ -0,0 +1,88 @@
+// Code generated by ent, DO NOT EDIT.
+
+package ent
+
+import (
+	"context"
+
+	"entgo.io/ent/dialect/sql"
+	"entgo.io/ent/dialect/sql/sqlgraph"
+	"entgo.io/ent/schema/field"
+	"github.com/Wei-Shaw/sub2api/ent/predicate"
+	"github.com/Wei-Shaw/sub2api/ent/userattributevalue"
+)
+
+// UserAttributeValueDelete is the builder for deleting a UserAttributeValue entity.
+type UserAttributeValueDelete struct {
+	config
+	hooks    []Hook
+	mutation *UserAttributeValueMutation
+}
+
+// Where appends a list predicates to the UserAttributeValueDelete builder.
+func (_d *UserAttributeValueDelete) Where(ps ...predicate.UserAttributeValue) *UserAttributeValueDelete {
+	_d.mutation.Where(ps...)
+	return _d
+}
+
+// Exec executes the deletion query and returns how many vertices were deleted.
+func (_d *UserAttributeValueDelete) Exec(ctx context.Context) (int, error) {
+	return withHooks(ctx, _d.sqlExec, _d.mutation, _d.hooks)
+}
+
+// ExecX is like Exec, but panics if an error occurs.
+func (_d *UserAttributeValueDelete) ExecX(ctx context.Context) int {
+	n, err := _d.Exec(ctx)
+	if err != nil {
+		panic(err)
+	}
+	return n
+}
+
+func (_d *UserAttributeValueDelete) sqlExec(ctx context.Context) (int, error) {
+	_spec := sqlgraph.NewDeleteSpec(userattributevalue.Table, sqlgraph.NewFieldSpec(userattributevalue.FieldID, field.TypeInt64))
+	if ps := _d.mutation.predicates; len(ps) > 0 {
+		_spec.Predicate = func(selector *sql.Selector) {
+			for i := range ps {
+				ps[i](selector)
+			}
+		}
+	}
+	affected, err := sqlgraph.DeleteNodes(ctx, _d.driver, _spec)
+	if err != nil && sqlgraph.IsConstraintError(err) {
+		err = &ConstraintError{msg: err.Error(), wrap: err}
+	}
+	_d.mutation.done = true
+	return affected, err
+}
+
+// UserAttributeValueDeleteOne is the builder for deleting a single UserAttributeValue entity.
+type UserAttributeValueDeleteOne struct {
+	_d *UserAttributeValueDelete
+}
+
+// Where appends a list predicates to the UserAttributeValueDelete builder.
+func (_d *UserAttributeValueDeleteOne) Where(ps ...predicate.UserAttributeValue) *UserAttributeValueDeleteOne {
+	_d._d.mutation.Where(ps...)
+	return _d
+}
+
+// Exec executes the deletion query.
+func (_d *UserAttributeValueDeleteOne) Exec(ctx context.Context) error {
+	n, err := _d._d.Exec(ctx)
+	switch {
+	case err != nil:
+		return err
+	case n == 0:
+		return &NotFoundError{userattributevalue.Label}
+	default:
+		return nil
+	}
+}
+
+// ExecX is like Exec, but panics if an error occurs.
+func (_d *UserAttributeValueDeleteOne) ExecX(ctx context.Context) {
+	if err := _d.Exec(ctx); err != nil {
+		panic(err)
+	}
+}
--- a/backend/ent/userattributevalue_query.go
+++ b/backend/ent/userattributevalue_query.go
@@ -0,0 +1,681 @@
+// Code generated by ent, DO NOT EDIT.
+
+package ent
+
+import (
+	"context"
+	"fmt"
+	"math"
+
+	"entgo.io/ent"
+	"entgo.io/ent/dialect/sql"
+	"entgo.io/ent/dialect/sql/sqlgraph"
+	"entgo.io/ent/schema/field"
+	"github.com/Wei-Shaw/sub2api/ent/predicate"
+	"github.com/Wei-Shaw/sub2api/ent/user"
+	"github.com/Wei-Shaw/sub2api/ent/userattributedefinition"
+	"github.com/Wei-Shaw/sub2api/ent/userattributevalue"
+)
+
+// UserAttributeValueQuery is the builder for querying UserAttributeValue entities.
+type UserAttributeValueQuery struct {
+	config
+	ctx            *QueryContext
+	order          []userattributevalue.OrderOption
+	inters         []Interceptor
+	predicates     []predicate.UserAttributeValue
+	withUser       *UserQuery
+	withDefinition *UserAttributeDefinitionQuery
+	// intermediate query (i.e. traversal path).
+	sql  *sql.Selector
+	path func(context.Context) (*sql.Selector, error)
+}
+
+// Where adds a new predicate for the UserAttributeValueQuery builder.
+func (_q *UserAttributeValueQuery) Where(ps ...predicate.UserAttributeValue) *UserAttributeValueQuery {
+	_q.predicates = append(_q.predicates, ps...)
+	return _q
+}
+
+// Limit the number of records to be returned by this query.
+func (_q *UserAttributeValueQuery) Limit(limit int) *UserAttributeValueQuery {
+	_q.ctx.Limit = &limit
+	return _q
+}
+
+// Offset to start from.
+func (_q *UserAttributeValueQuery) Offset(offset int) *UserAttributeValueQuery {
+	_q.ctx.Offset = &offset
+	return _q
+}
+
+// Unique configures the query builder to filter duplicate records on query.
+// By default, unique is set to true, and can be disabled using this method.
+func (_q *UserAttributeValueQuery) Unique(unique bool) *UserAttributeValueQuery {
+	_q.ctx.Unique = &unique
+	return _q
+}
+
+// Order specifies how the records should be ordered.
+func (_q *UserAttributeValueQuery) Order(o ...userattributevalue.OrderOption) *UserAttributeValueQuery {
+	_q.order = append(_q.order, o...)
+	return _q
+}
+
+// QueryUser chains the current query on the "user" edge.
+func (_q *UserAttributeValueQuery) QueryUser() *UserQuery {
+	query := (&UserClient{config: _q.config}).Query()
+	query.path = func(ctx context.Context) (fromU *sql.Selector, err error) {
+		if err := _q.prepareQuery(ctx); err != nil {
+			return nil, err
+		}
+		selector := _q.sqlQuery(ctx)
+		if err := selector.Err(); err != nil {
+			return nil, err
+		}
+		step := sqlgraph.NewStep(
+			sqlgraph.From(userattributevalue.Table, userattributevalue.FieldID, selector),
+			sqlgraph.To(user.Table, user.FieldID),
+			sqlgraph.Edge(sqlgraph.M2O, true, userattributevalue.UserTable, userattributevalue.UserColumn),
+		)
+		fromU = sqlgraph.SetNeighbors(_q.driver.Dialect(), step)
+		return fromU, nil
+	}
+	return query
+}
+
+// QueryDefinition chains the current query on the "definition" edge.
+func (_q *UserAttributeValueQuery) QueryDefinition() *UserAttributeDefinitionQuery {
+	query := (&UserAttributeDefinitionClient{config: _q.config}).Query()
+	query.path = func(ctx context.Context) (fromU *sql.Selector, err error) {
+		if err := _q.prepareQuery(ctx); err != nil {
+			return nil, err
+		}
+		selector := _q.sqlQuery(ctx)
+		if err := selector.Err(); err != nil {
+			return nil, err
+		}
+		step := sqlgraph.NewStep(
+			sqlgraph.From(userattributevalue.Table, userattributevalue.FieldID, selector),
+			sqlgraph.To(userattributedefinition.Table, userattributedefinition.FieldID),
+			sqlgraph.Edge(sqlgraph.M2O, true, userattributevalue.DefinitionTable, userattributevalue.DefinitionColumn),
+		)
+		fromU = sqlgraph.SetNeighbors(_q.driver.Dialect(), step)
+		return fromU, nil
+	}
+	return query
+}
+
+// First returns the first UserAttributeValue entity from the query.
+// Returns a *NotFoundError when no UserAttributeValue was found.
+func (_q *UserAttributeValueQuery) First(ctx context.Context) (*UserAttributeValue, error) {
+	nodes, err := _q.Limit(1).All(setContextOp(ctx, _q.ctx, ent.OpQueryFirst))
+	if err != nil {
+		return nil, err
+	}
+	if len(nodes) == 0 {
+		return nil, &NotFoundError{userattributevalue.Label}
+	}
+	return nodes[0], nil
+}
+
+// FirstX is like First, but panics if an error occurs.
+func (_q *UserAttributeValueQuery) FirstX(ctx context.Context) *UserAttributeValue {
+	node, err := _q.First(ctx)
+	if err != nil && !IsNotFound(err) {
+		panic(err)
+	}
+	return node
+}
+
+// FirstID returns the first UserAttributeValue ID from the query.
+// Returns a *NotFoundError when no UserAttributeValue ID was found.
+func (_q *UserAttributeValueQuery) FirstID(ctx context.Context) (id int64, err error) {
+	var ids []int64
+	if ids, err = _q.Limit(1).IDs(setContextOp(ctx, _q.ctx, ent.OpQueryFirstID)); err != nil {
+		return
+	}
+	if len(ids) == 0 {
+		err = &NotFoundError{userattributevalue.Label}
+		return
+	}
+	return ids[0], nil
+}
+
+// FirstIDX is like FirstID, but panics if an error occurs.
+func (_q *UserAttributeValueQuery) FirstIDX(ctx context.Context) int64 {
+	id, err := _q.FirstID(ctx)
+	if err != nil && !IsNotFound(err) {
+		panic(err)
+	}
+	return id
+}
+
+// Only returns a single UserAttributeValue entity found by the query, ensuring it only returns one.
+// Returns a *NotSingularError when more than one UserAttributeValue entity is found.
+// Returns a *NotFoundError when no UserAttributeValue entities are found.
+func (_q *UserAttributeValueQuery) Only(ctx context.Context) (*UserAttributeValue, error) {
+	nodes, err := _q.Limit(2).All(setContextOp(ctx, _q.ctx, ent.OpQueryOnly))
+	if err != nil {
+		return nil, err
+	}
+	switch len(nodes) {
+	case 1:
+		return nodes[0], nil
+	case 0:
+		return nil, &NotFoundError{userattributevalue.Label}
+	default:
+		return nil, &NotSingularError{userattributevalue.Label}
+	}
+}
+
+// OnlyX is like Only, but panics if an error occurs.
+func (_q *UserAttributeValueQuery) OnlyX(ctx context.Context) *UserAttributeValue {
+	node, err := _q.Only(ctx)
+	if err != nil {
+		panic(err)
+	}
+	return node
+}
+
+// OnlyID is like Only, but returns the only UserAttributeValue ID in the query.
+// Returns a *NotSingularError when more than one UserAttributeValue ID is found.
+// Returns a *NotFoundError when no entities are found.
+func (_q *UserAttributeValueQuery) OnlyID(ctx context.Context) (id int64, err error) {
+	var ids []int64
+	if ids, err = _q.Limit(2).IDs(setContextOp(ctx, _q.ctx, ent.OpQueryOnlyID)); err != nil {
+		return
+	}
+	switch len(ids) {
+	case 1:
+		id = ids[0]
+	case 0:
+		err = &NotFoundError{userattributevalue.Label}
+	default:
+		err = &NotSingularError{userattributevalue.Label}
+	}
+	return
+}
+
+// OnlyIDX is like OnlyID, but panics if an error occurs.
+func (_q *UserAttributeValueQuery) OnlyIDX(ctx context.Context) int64 {
+	id, err := _q.OnlyID(ctx)
+	if err != nil {
+		panic(err)
+	}
+	return id
+}
+
+// All executes the query and returns a list of UserAttributeValues.
+func (_q *UserAttributeValueQuery) All(ctx context.Context) ([]*UserAttributeValue, error) {
+	ctx = setContextOp(ctx, _q.ctx, ent.OpQueryAll)
+	if err := _q.prepareQuery(ctx); err != nil {
+		return nil, err
+	}
+	qr := querierAll[[]*UserAttributeValue, *UserAttributeValueQuery]()
+	return withInterceptors[[]*UserAttributeValue](ctx, _q, qr, _q.inters)
+}
+
+// AllX is like All, but panics if an error occurs.
+func (_q *UserAttributeValueQuery) AllX(ctx context.Context) []*UserAttributeValue {
+	nodes, err := _q.All(ctx)
+	if err != nil {
+		panic(err)
+	}
+	return nodes
+}
+
+// IDs executes the query and returns a list of UserAttributeValue IDs.
+func (_q *UserAttributeValueQuery) IDs(ctx context.Context) (ids []int64, err error) {
+	if _q.ctx.Unique == nil && _q.path != nil {
+		_q.Unique(true)
+	}
+	ctx = setContextOp(ctx, _q.ctx, ent.OpQueryIDs)
+	if err = _q.Select(userattributevalue.FieldID).Scan(ctx, &ids); err != nil {
+		return nil, err
+	}
+	return ids, nil
+}
+
+// IDsX is like IDs, but panics if an error occurs.
+func (_q *UserAttributeValueQuery) IDsX(ctx context.Context) []int64 {
+	ids, err := _q.IDs(ctx)
+	if err != nil {
+		panic(err)
+	}
+	return ids
+}
+
+// Count returns the count of the given query.
+func (_q *UserAttributeValueQuery) Count(ctx context.Context) (int, error) {
+	ctx = setContextOp(ctx, _q.ctx, ent.OpQueryCount)
+	if err := _q.prepareQuery(ctx); err != nil {
+		return 0, err
+	}
+	return withInterceptors[int](ctx, _q, querierCount[*UserAttributeValueQuery](), _q.inters)
+}
+
+// CountX is like Count, but panics if an error occurs.
+func (_q *UserAttributeValueQuery) CountX(ctx context.Context) int {
+	count, err := _q.Count(ctx)
+	if err != nil {
+		panic(err)
+	}
+	return count
+}
+
+// Exist returns true if the query has elements in the graph.
+func (_q *UserAttributeValueQuery) Exist(ctx context.Context) (bool, error) {
+	ctx = setContextOp(ctx, _q.ctx, ent.OpQueryExist)
+	switch _, err := _q.FirstID(ctx); {
+	case IsNotFound(err):
+		return false, nil
+	case err != nil:
+		return false, fmt.Errorf("ent: check existence: %w", err)
+	default:
+		return true, nil
+	}
+}
+
+// ExistX is like Exist, but panics if an error occurs.
+func (_q *UserAttributeValueQuery) ExistX(ctx context.Context) bool {
+	exist, err := _q.Exist(ctx)
+	if err != nil {
+		panic(err)
+	}
+	return exist
+}
+
+// Clone returns a duplicate of the UserAttributeValueQuery builder, including all associated steps. It can be
+// used to prepare common query builders and use them differently after the clone is made.
+func (_q *UserAttributeValueQuery) Clone() *UserAttributeValueQuery {
+	if _q == nil {
+		return nil
+	}
+	return &UserAttributeValueQuery{
+		config:         _q.config,
+		ctx:            _q.ctx.Clone(),
+		order:          append([]userattributevalue.OrderOption{}, _q.order...),
+		inters:         append([]Interceptor{}, _q.inters...),
+		predicates:     append([]predicate.UserAttributeValue{}, _q.predicates...),
+		withUser:       _q.withUser.Clone(),
+		withDefinition: _q.withDefinition.Clone(),
+		// clone intermediate query.
+		sql:  _q.sql.Clone(),
+		path: _q.path,
+	}
+}
+
+// WithUser tells the query-builder to eager-load the nodes that are connected to
+// the "user" edge. The optional arguments are used to configure the query builder of the edge.
+func (_q *UserAttributeValueQuery) WithUser(opts ...func(*UserQuery)) *UserAttributeValueQuery {
+	query := (&UserClient{config: _q.config}).Query()
+	for _, opt := range opts {
+		opt(query)
+	}
+	_q.withUser = query
+	return _q
+}
+
+// WithDefinition tells the query-builder to eager-load the nodes that are connected to
+// the "definition" edge. The optional arguments are used to configure the query builder of the edge.
+func (_q *UserAttributeValueQuery) WithDefinition(opts ...func(*UserAttributeDefinitionQuery)) *UserAttributeValueQuery {
+	query := (&UserAttributeDefinitionClient{config: _q.config}).Query()
+	for _, opt := range opts {
+		opt(query)
+	}
+	_q.withDefinition = query
+	return _q
+}
+
+// GroupBy is used to group vertices by one or more fields/columns.
+// It is often used with aggregate functions, like: count, max, mean, min, sum.
+//
+// Example:
+//
+//	var v []struct {
+//		CreatedAt time.Time `json:"created_at,omitempty"`
+//		Count int `json:"count,omitempty"`
+//	}
+//
+//	client.UserAttributeValue.Query().
+//		GroupBy(userattributevalue.FieldCreatedAt).
+//		Aggregate(ent.Count()).
+//		Scan(ctx, &v)
+func (_q *UserAttributeValueQuery) GroupBy(field string, fields ...string) *UserAttributeValueGroupBy {
+	_q.ctx.Fields = append([]string{field}, fields...)
+	grbuild := &UserAttributeValueGroupBy{build: _q}
+	grbuild.flds = &_q.ctx.Fields
+	grbuild.label = userattributevalue.Label
+	grbuild.scan = grbuild.Scan
+	return grbuild
+}
+
+// Select allows the selection one or more fields/columns for the given query,
+// instead of selecting all fields in the entity.
+//
+// Example:
+//
+//	var v []struct {
+//		CreatedAt time.Time `json:"created_at,omitempty"`
+//	}
+//
+//	client.UserAttributeValue.Query().
+//		Select(userattributevalue.FieldCreatedAt).
+//		Scan(ctx, &v)
+func (_q *UserAttributeValueQuery) Select(fields ...string) *UserAttributeValueSelect {
+	_q.ctx.Fields = append(_q.ctx.Fields, fields...)
+	sbuild := &UserAttributeValueSelect{UserAttributeValueQuery: _q}
+	sbuild.label = userattributevalue.Label
+	sbuild.flds, sbuild.scan = &_q.ctx.Fields, sbuild.Scan
+	return sbuild
+}
+
+// Aggregate returns a UserAttributeValueSelect configured with the given aggregations.
+func (_q *UserAttributeValueQuery) Aggregate(fns ...AggregateFunc) *UserAttributeValueSelect {
+	return _q.Select().Aggregate(fns...)
+}
+
+func (_q *UserAttributeValueQuery) prepareQuery(ctx context.Context) error {
+	for _, inter := range _q.inters {
+		if inter == nil {
+			return fmt.Errorf("ent: uninitialized interceptor (forgotten import ent/runtime?)")
+		}
+		if trv, ok := inter.(Traverser); ok {
+			if err := trv.Traverse(ctx, _q); err != nil {
+				return err
+			}
+		}
+	}
+	for _, f := range _q.ctx.Fields {
+		if !userattributevalue.ValidColumn(f) {
+			return &ValidationError{Name: f, err: fmt.Errorf("ent: invalid field %q for query", f)}
+		}
+	}
+	if _q.path != nil {
+		prev, err := _q.path(ctx)
+		if err != nil {
+			return err
+		}
+		_q.sql = prev
+	}
+	return nil
+}
+
+func (_q *UserAttributeValueQuery) sqlAll(ctx context.Context, hooks ...queryHook) ([]*UserAttributeValue, error) {
+	var (
+		nodes       = []*UserAttributeValue{}
+		_spec       = _q.querySpec()
+		loadedTypes = [2]bool{
+			_q.withUser != nil,
+			_q.withDefinition != nil,
+		}
+	)
+	_spec.ScanValues = func(columns []string) ([]any, error) {
+		return (*UserAttributeValue).scanValues(nil, columns)
+	}
+	_spec.Assign = func(columns []string, values []any) error {
+		node := &UserAttributeValue{config: _q.config}
+		nodes = append(nodes, node)
+		node.Edges.loadedTypes = loadedTypes
+		return node.assignValues(columns, values)
+	}
+	for i := range hooks {
+		hooks[i](ctx, _spec)
+	}
+	if err := sqlgraph.QueryNodes(ctx, _q.driver, _spec); err != nil {
+		return nil, err
+	}
+	if len(nodes) == 0 {
+		return nodes, nil
+	}
+	if query := _q.withUser; query != nil {
+		if err := _q.loadUser(ctx, query, nodes, nil,
+			func(n *UserAttributeValue, e *User) { n.Edges.User = e }); err != nil {
+			return nil, err
+		}
+	}
+	if query := _q.withDefinition; query != nil {
+		if err := _q.loadDefinition(ctx, query, nodes, nil,
+			func(n *UserAttributeValue, e *UserAttributeDefinition) { n.Edges.Definition = e }); err != nil {
+			return nil, err
+		}
+	}
+	return nodes, nil
+}
+
+func (_q *UserAttributeValueQuery) loadUser(ctx context.Context, query *UserQuery, nodes []*UserAttributeValue, init func(*UserAttributeValue), assign func(*UserAttributeValue, *User)) error {
+	ids := make([]int64, 0, len(nodes))
+	nodeids := make(map[int64][]*UserAttributeValue)
+	for i := range nodes {
+		fk := nodes[i].UserID
+		if _, ok := nodeids[fk]; !ok {
+			ids = append(ids, fk)
+		}
+		nodeids[fk] = append(nodeids[fk], nodes[i])
+	}
+	if len(ids) == 0 {
+		return nil
+	}
+	query.Where(user.IDIn(ids...))
+	neighbors, err := query.All(ctx)
+	if err != nil {
+		return err
+	}
+	for _, n := range neighbors {
+		nodes, ok := nodeids[n.ID]
+		if !ok {
+			return fmt.Errorf(`unexpected foreign-key "user_id" returned %v`, n.ID)
+		}
+		for i := range nodes {
+			assign(nodes[i], n)
+		}
+	}
+	return nil
+}
+func (_q *UserAttributeValueQuery) loadDefinition(ctx context.Context, query *UserAttributeDefinitionQuery, nodes []*UserAttributeValue, init func(*UserAttributeValue), assign func(*UserAttributeValue, *UserAttributeDefinition)) error {
+	ids := make([]int64, 0, len(nodes))
+	nodeids := make(map[int64][]*UserAttributeValue)
+	for i := range nodes {
+		fk := nodes[i].AttributeID
+		if _, ok := nodeids[fk]; !ok {
+			ids = append(ids, fk)
+		}
+		nodeids[fk] = append(nodeids[fk], nodes[i])
+	}
+	if len(ids) == 0 {
+		return nil
+	}
+	query.Where(userattributedefinition.IDIn(ids...))
+	neighbors, err := query.All(ctx)
+	if err != nil {
+		return err
+	}
+	for _, n := range neighbors {
+		nodes, ok := nodeids[n.ID]
+		if !ok {
+			return fmt.Errorf(`unexpected foreign-key "attribute_id" returned %v`, n.ID)
+		}
+		for i := range nodes {
+			assign(nodes[i], n)
+		}
+	}
+	return nil
+}
+
+func (_q *UserAttributeValueQuery) sqlCount(ctx context.Context) (int, error) {
+	_spec := _q.querySpec()
+	_spec.Node.Columns = _q.ctx.Fields
+	if len(_q.ctx.Fields) > 0 {
+		_spec.Unique = _q.ctx.Unique != nil && *_q.ctx.Unique
+	}
+	return sqlgraph.CountNodes(ctx, _q.driver, _spec)
+}
+
+func (_q *UserAttributeValueQuery) querySpec() *sqlgraph.QuerySpec {
+	_spec := sqlgraph.NewQuerySpec(userattributevalue.Table, userattributevalue.Columns, sqlgraph.NewFieldSpec(userattributevalue.FieldID, field.TypeInt64))
+	_spec.From = _q.sql
+	if unique := _q.ctx.Unique; unique != nil {
+		_spec.Unique = *unique
+	} else if _q.path != nil {
+		_spec.Unique = true
+	}
+	if fields := _q.ctx.Fields; len(fields) > 0 {
+		_spec.Node.Columns = make([]string, 0, len(fields))
+		_spec.Node.Columns = append(_spec.Node.Columns, userattributevalue.FieldID)
+		for i := range fields {
+			if fields[i] != userattributevalue.FieldID {
+				_spec.Node.Columns = append(_spec.Node.Columns, fields[i])
+			}
+		}
+		if _q.withUser != nil {
+			_spec.Node.AddColumnOnce(userattributevalue.FieldUserID)
+		}
+		if _q.withDefinition != nil {
+			_spec.Node.AddColumnOnce(userattributevalue.FieldAttributeID)
+		}
+	}
+	if ps := _q.predicates; len(ps) > 0 {
+		_spec.Predicate = func(selector *sql.Selector) {
+			for i := range ps {
+				ps[i](selector)
+			}
+		}
+	}
+	if limit := _q.ctx.Limit; limit != nil {
+		_spec.Limit = *limit
+	}
+	if offset := _q.ctx.Offset; offset != nil {
+		_spec.Offset = *offset
+	}
+	if ps := _q.order; len(ps) > 0 {
+		_spec.Order = func(selector *sql.Selector) {
+			for i := range ps {
+				ps[i](selector)
+			}
+		}
+	}
+	return _spec
+}
+
+func (_q *UserAttributeValueQuery) sqlQuery(ctx context.Context) *sql.Selector {
+	builder := sql.Dialect(_q.driver.Dialect())
+	t1 := builder.Table(userattributevalue.Table)
+	columns := _q.ctx.Fields
+	if len(columns) == 0 {
+		columns = userattributevalue.Columns
+	}
+	selector := builder.Select(t1.Columns(columns...)...).From(t1)
+	if _q.sql != nil {
+		selector = _q.sql
+		selector.Select(selector.Columns(columns...)...)
+	}
+	if _q.ctx.Unique != nil && *_q.ctx.Unique {
+		selector.Distinct()
+	}
+	for _, p := range _q.predicates {
+		p(selector)
+	}
+	for _, p := range _q.order {
+		p(selector)
+	}
+	if offset := _q.ctx.Offset; offset != nil {
+		// limit is mandatory for offset clause. We start
+		// with default value, and override it below if needed.
+		selector.Offset(*offset).Limit(math.MaxInt32)
+	}
+	if limit := _q.ctx.Limit; limit != nil {
+		selector.Limit(*limit)
+	}
+	return selector
+}
+
+// UserAttributeValueGroupBy is the group-by builder for UserAttributeValue entities.
+type UserAttributeValueGroupBy struct {
+	selector
+	build *UserAttributeValueQuery
+}
+
+// Aggregate adds the given aggregation functions to the group-by query.
+func (_g *UserAttributeValueGroupBy) Aggregate(fns ...AggregateFunc) *UserAttributeValueGroupBy {
+	_g.fns = append(_g.fns, fns...)
+	return _g
+}
+
+// Scan applies the selector query and scans the result into the given value.
+func (_g *UserAttributeValueGroupBy) Scan(ctx context.Context, v any) error {
+	ctx = setContextOp(ctx, _g.build.ctx, ent.OpQueryGroupBy)
+	if err := _g.build.prepareQuery(ctx); err != nil {
+		return err
+	}
+	return scanWithInterceptors[*UserAttributeValueQuery, *UserAttributeValueGroupBy](ctx, _g.build, _g, _g.build.inters, v)
+}
+
+func (_g *UserAttributeValueGroupBy) sqlScan(ctx context.Context, root *UserAttributeValueQuery, v any) error {
+	selector := root.sqlQuery(ctx).Select()
+	aggregation := make([]string, 0, len(_g.fns))
+	for _, fn := range _g.fns {
+		aggregation = append(aggregation, fn(selector))
+	}
+	if len(selector.SelectedColumns()) == 0 {
+		columns := make([]string, 0, len(*_g.flds)+len(_g.fns))
+		for _, f := range *_g.flds {
+			columns = append(columns, selector.C(f))
+		}
+		columns = append(columns, aggregation...)
+		selector.Select(columns...)
+	}
+	selector.GroupBy(selector.Columns(*_g.flds...)...)
+	if err := selector.Err(); err != nil {
+		return err
+	}
+	rows := &sql.Rows{}
+	query, args := selector.Query()
+	if err := _g.build.driver.Query(ctx, query, args, rows); err != nil {
+		return err
+	}
+	defer rows.Close()
+	return sql.ScanSlice(rows, v)
+}
+
+// UserAttributeValueSelect is the builder for selecting fields of UserAttributeValue entities.
+type UserAttributeValueSelect struct {
+	*UserAttributeValueQuery
+	selector
+}
+
+// Aggregate adds the given aggregation functions to the selector query.
+func (_s *UserAttributeValueSelect) Aggregate(fns ...AggregateFunc) *UserAttributeValueSelect {
+	_s.fns = append(_s.fns, fns...)
+	return _s
+}
+
+// Scan applies the selector query and scans the result into the given value.
+func (_s *UserAttributeValueSelect) Scan(ctx context.Context, v any) error {
+	ctx = setContextOp(ctx, _s.ctx, ent.OpQuerySelect)
+	if err := _s.prepareQuery(ctx); err != nil {
+		return err
+	}
+	return scanWithInterceptors[*UserAttributeValueQuery, *UserAttributeValueSelect](ctx, _s.UserAttributeValueQuery, _s, _s.inters, v)
+}
+
+func (_s *UserAttributeValueSelect) sqlScan(ctx context.Context, root *UserAttributeValueQuery, v any) error {
+	selector := root.sqlQuery(ctx)
+	aggregation := make([]string, 0, len(_s.fns))
+	for _, fn := range _s.fns {
+		aggregation = append(aggregation, fn(selector))
+	}
+	switch n := len(*_s.selector.flds); {
+	case n == 0 && len(aggregation) > 0:
+		selector.Select(aggregation...)
+	case n != 0 && len(aggregation) > 0:
+		selector.AppendSelect(aggregation...)
+	}
+	rows := &sql.Rows{}
+	query, args := selector.Query()
+	if err := _s.driver.Query(ctx, query, args, rows); err != nil {
+		return err
+	}
+	defer rows.Close()
+	return sql.ScanSlice(rows, v)
+}
--- a/backend/ent/userattributevalue_update.go
+++ b/backend/ent/userattributevalue_update.go
@@ -0,0 +1,504 @@
+// Code generated by ent, DO NOT EDIT.
+
+package ent
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"time"
+
+	"entgo.io/ent/dialect/sql"
+	"entgo.io/ent/dialect/sql/sqlgraph"
+	"entgo.io/ent/schema/field"
+	"github.com/Wei-Shaw/sub2api/ent/predicate"
+	"github.com/Wei-Shaw/sub2api/ent/user"
+	"github.com/Wei-Shaw/sub2api/ent/userattributedefinition"
+	"github.com/Wei-Shaw/sub2api/ent/userattributevalue"
+)
+
+// UserAttributeValueUpdate is the builder for updating UserAttributeValue entities.
+type UserAttributeValueUpdate struct {
+	config
+	hooks    []Hook
+	mutation *UserAttributeValueMutation
+}
+
+// Where appends a list predicates to the UserAttributeValueUpdate builder.
+func (_u *UserAttributeValueUpdate) Where(ps ...predicate.UserAttributeValue) *UserAttributeValueUpdate {
+	_u.mutation.Where(ps...)
+	return _u
+}
+
+// SetUpdatedAt sets the "updated_at" field.
+func (_u *UserAttributeValueUpdate) SetUpdatedAt(v time.Time) *UserAttributeValueUpdate {
+	_u.mutation.SetUpdatedAt(v)
+	return _u
+}
+
+// SetUserID sets the "user_id" field.
+func (_u *UserAttributeValueUpdate) SetUserID(v int64) *UserAttributeValueUpdate {
+	_u.mutation.SetUserID(v)
+	return _u
+}
+
+// SetNillableUserID sets the "user_id" field if the given value is not nil.
+func (_u *UserAttributeValueUpdate) SetNillableUserID(v *int64) *UserAttributeValueUpdate {
+	if v != nil {
+		_u.SetUserID(*v)
+	}
+	return _u
+}
+
+// SetAttributeID sets the "attribute_id" field.
+func (_u *UserAttributeValueUpdate) SetAttributeID(v int64) *UserAttributeValueUpdate {
+	_u.mutation.SetAttributeID(v)
+	return _u
+}
+
+// SetNillableAttributeID sets the "attribute_id" field if the given value is not nil.
+func (_u *UserAttributeValueUpdate) SetNillableAttributeID(v *int64) *UserAttributeValueUpdate {
+	if v != nil {
+		_u.SetAttributeID(*v)
+	}
+	return _u
+}
+
+// SetValue sets the "value" field.
+func (_u *UserAttributeValueUpdate) SetValue(v string) *UserAttributeValueUpdate {
+	_u.mutation.SetValue(v)
+	return _u
+}
+
+// SetNillableValue sets the "value" field if the given value is not nil.
+func (_u *UserAttributeValueUpdate) SetNillableValue(v *string) *UserAttributeValueUpdate {
+	if v != nil {
+		_u.SetValue(*v)
+	}
+	return _u
+}
+
+// SetUser sets the "user" edge to the User entity.
+func (_u *UserAttributeValueUpdate) SetUser(v *User) *UserAttributeValueUpdate {
+	return _u.SetUserID(v.ID)
+}
+
+// SetDefinitionID sets the "definition" edge to the UserAttributeDefinition entity by ID.
+func (_u *UserAttributeValueUpdate) SetDefinitionID(id int64) *UserAttributeValueUpdate {
+	_u.mutation.SetDefinitionID(id)
+	return _u
+}
+
+// SetDefinition sets the "definition" edge to the UserAttributeDefinition entity.
+func (_u *UserAttributeValueUpdate) SetDefinition(v *UserAttributeDefinition) *UserAttributeValueUpdate {
+	return _u.SetDefinitionID(v.ID)
+}
+
+// Mutation returns the UserAttributeValueMutation object of the builder.
+func (_u *UserAttributeValueUpdate) Mutation() *UserAttributeValueMutation {
+	return _u.mutation
+}
+
+// ClearUser clears the "user" edge to the User entity.
+func (_u *UserAttributeValueUpdate) ClearUser() *UserAttributeValueUpdate {
+	_u.mutation.ClearUser()
+	return _u
+}
+
+// ClearDefinition clears the "definition" edge to the UserAttributeDefinition entity.
+func (_u *UserAttributeValueUpdate) ClearDefinition() *UserAttributeValueUpdate {
+	_u.mutation.ClearDefinition()
+	return _u
+}
+
+// Save executes the query and returns the number of nodes affected by the update operation.
+func (_u *UserAttributeValueUpdate) Save(ctx context.Context) (int, error) {
+	_u.defaults()
+	return withHooks(ctx, _u.sqlSave, _u.mutation, _u.hooks)
+}
+
+// SaveX is like Save, but panics if an error occurs.
+func (_u *UserAttributeValueUpdate) SaveX(ctx context.Context) int {
+	affected, err := _u.Save(ctx)
+	if err != nil {
+		panic(err)
+	}
+	return affected
+}
+
+// Exec executes the query.
+func (_u *UserAttributeValueUpdate) Exec(ctx context.Context) error {
+	_, err := _u.Save(ctx)
+	return err
+}
+
+// ExecX is like Exec, but panics if an error occurs.
+func (_u *UserAttributeValueUpdate) ExecX(ctx context.Context) {
+	if err := _u.Exec(ctx); err != nil {
+		panic(err)
+	}
+}
+
+// defaults sets the default values of the builder before save.
+func (_u *UserAttributeValueUpdate) defaults() {
+	if _, ok := _u.mutation.UpdatedAt(); !ok {
+		v := userattributevalue.UpdateDefaultUpdatedAt()
+		_u.mutation.SetUpdatedAt(v)
+	}
+}
+
+// check runs all checks and user-defined validators on the builder.
+func (_u *UserAttributeValueUpdate) check() error {
+	if _u.mutation.UserCleared() && len(_u.mutation.UserIDs()) > 0 {
+		return errors.New(`ent: clearing a required unique edge "UserAttributeValue.user"`)
+	}
+	if _u.mutation.DefinitionCleared() && len(_u.mutation.DefinitionIDs()) > 0 {
+		return errors.New(`ent: clearing a required unique edge "UserAttributeValue.definition"`)
+	}
+	return nil
+}
+
+func (_u *UserAttributeValueUpdate) sqlSave(ctx context.Context) (_node int, err error) {
+	if err := _u.check(); err != nil {
+		return _node, err
+	}
+	_spec := sqlgraph.NewUpdateSpec(userattributevalue.Table, userattributevalue.Columns, sqlgraph.NewFieldSpec(userattributevalue.FieldID, field.TypeInt64))
+	if ps := _u.mutation.predicates; len(ps) > 0 {
+		_spec.Predicate = func(selector *sql.Selector) {
+			for i := range ps {
+				ps[i](selector)
+			}
+		}
+	}
+	if value, ok := _u.mutation.UpdatedAt(); ok {
+		_spec.SetField(userattributevalue.FieldUpdatedAt, field.TypeTime, value)
+	}
+	if value, ok := _u.mutation.Value(); ok {
+		_spec.SetField(userattributevalue.FieldValue, field.TypeString, value)
+	}
+	if _u.mutation.UserCleared() {
+		edge := &sqlgraph.EdgeSpec{
+			Rel:     sqlgraph.M2O,
+			Inverse: true,
+			Table:   userattributevalue.UserTable,
+			Columns: []string{userattributevalue.UserColumn},
+			Bidi:    false,
+			Target: &sqlgraph.EdgeTarget{
+				IDSpec: sqlgraph.NewFieldSpec(user.FieldID, field.TypeInt64),
+			},
+		}
+		_spec.Edges.Clear = append(_spec.Edges.Clear, edge)
+	}
+	if nodes := _u.mutation.UserIDs(); len(nodes) > 0 {
+		edge := &sqlgraph.EdgeSpec{
+			Rel:     sqlgraph.M2O,
+			Inverse: true,
+			Table:   userattributevalue.UserTable,
+			Columns: []string{userattributevalue.UserColumn},
+			Bidi:    false,
+			Target: &sqlgraph.EdgeTarget{
+				IDSpec: sqlgraph.NewFieldSpec(user.FieldID, field.TypeInt64),
+			},
+		}
+		for _, k := range nodes {
+			edge.Target.Nodes = append(edge.Target.Nodes, k)
+		}
+		_spec.Edges.Add = append(_spec.Edges.Add, edge)
+	}
+	if _u.mutation.DefinitionCleared() {
+		edge := &sqlgraph.EdgeSpec{
+			Rel:     sqlgraph.M2O,
+			Inverse: true,
+			Table:   userattributevalue.DefinitionTable,
+			Columns: []string{userattributevalue.DefinitionColumn},
+			Bidi:    false,
+			Target: &sqlgraph.EdgeTarget{
+				IDSpec: sqlgraph.NewFieldSpec(userattributedefinition.FieldID, field.TypeInt64),
+			},
+		}
+		_spec.Edges.Clear = append(_spec.Edges.Clear, edge)
+	}
+	if nodes := _u.mutation.DefinitionIDs(); len(nodes) > 0 {
+		edge := &sqlgraph.EdgeSpec{
+			Rel:     sqlgraph.M2O,
+			Inverse: true,
+			Table:   userattributevalue.DefinitionTable,
+			Columns: []string{userattributevalue.DefinitionColumn},
+			Bidi:    false,
+			Target: &sqlgraph.EdgeTarget{
+				IDSpec: sqlgraph.NewFieldSpec(userattributedefinition.FieldID, field.TypeInt64),
+			},
+		}
+		for _, k := range nodes {
+			edge.Target.Nodes = append(edge.Target.Nodes, k)
+		}
+		_spec.Edges.Add = append(_spec.Edges.Add, edge)
+	}
+	if _node, err = sqlgraph.UpdateNodes(ctx, _u.driver, _spec); err != nil {
+		if _, ok := err.(*sqlgraph.NotFoundError); ok {
+			err = &NotFoundError{userattributevalue.Label}
+		} else if sqlgraph.IsConstraintError(err) {
+			err = &ConstraintError{msg: err.Error(), wrap: err}
+		}
+		return 0, err
+	}
+	_u.mutation.done = true
+	return _node, nil
+}
+
+// UserAttributeValueUpdateOne is the builder for updating a single UserAttributeValue entity.
+type UserAttributeValueUpdateOne struct {
+	config
+	fields   []string
+	hooks    []Hook
+	mutation *UserAttributeValueMutation
+}
+
+// SetUpdatedAt sets the "updated_at" field.
+func (_u *UserAttributeValueUpdateOne) SetUpdatedAt(v time.Time) *UserAttributeValueUpdateOne {
+	_u.mutation.SetUpdatedAt(v)
+	return _u
+}
+
+// SetUserID sets the "user_id" field.
+func (_u *UserAttributeValueUpdateOne) SetUserID(v int64) *UserAttributeValueUpdateOne {
+	_u.mutation.SetUserID(v)
+	return _u
+}
+
+// SetNillableUserID sets the "user_id" field if the given value is not nil.
+func (_u *UserAttributeValueUpdateOne) SetNillableUserID(v *int64) *UserAttributeValueUpdateOne {
+	if v != nil {
+		_u.SetUserID(*v)
+	}
+	return _u
+}
+
+// SetAttributeID sets the "attribute_id" field.
+func (_u *UserAttributeValueUpdateOne) SetAttributeID(v int64) *UserAttributeValueUpdateOne {
+	_u.mutation.SetAttributeID(v)
+	return _u
+}
+
+// SetNillableAttributeID sets the "attribute_id" field if the given value is not nil.
+func (_u *UserAttributeValueUpdateOne) SetNillableAttributeID(v *int64) *UserAttributeValueUpdateOne {
+	if v != nil {
+		_u.SetAttributeID(*v)
+	}
+	return _u
+}
+
+// SetValue sets the "value" field.
+func (_u *UserAttributeValueUpdateOne) SetValue(v string) *UserAttributeValueUpdateOne {
+	_u.mutation.SetValue(v)
+	return _u
+}
+
+// SetNillableValue sets the "value" field if the given value is not nil.
+func (_u *UserAttributeValueUpdateOne) SetNillableValue(v *string) *UserAttributeValueUpdateOne {
+	if v != nil {
+		_u.SetValue(*v)
+	}
+	return _u
+}
+
+// SetUser sets the "user" edge to the User entity.
+func (_u *UserAttributeValueUpdateOne) SetUser(v *User) *UserAttributeValueUpdateOne {
+	return _u.SetUserID(v.ID)
+}
+
+// SetDefinitionID sets the "definition" edge to the UserAttributeDefinition entity by ID.
+func (_u *UserAttributeValueUpdateOne) SetDefinitionID(id int64) *UserAttributeValueUpdateOne {
+	_u.mutation.SetDefinitionID(id)
+	return _u
+}
+
+// SetDefinition sets the "definition" edge to the UserAttributeDefinition entity.
+func (_u *UserAttributeValueUpdateOne) SetDefinition(v *UserAttributeDefinition) *UserAttributeValueUpdateOne {
+	return _u.SetDefinitionID(v.ID)
+}
+
+// Mutation returns the UserAttributeValueMutation object of the builder.
+func (_u *UserAttributeValueUpdateOne) Mutation() *UserAttributeValueMutation {
+	return _u.mutation
+}
+
+// ClearUser clears the "user" edge to the User entity.
+func (_u *UserAttributeValueUpdateOne) ClearUser() *UserAttributeValueUpdateOne {
+	_u.mutation.ClearUser()
+	return _u
+}
+
+// ClearDefinition clears the "definition" edge to the UserAttributeDefinition entity.
+func (_u *UserAttributeValueUpdateOne) ClearDefinition() *UserAttributeValueUpdateOne {
+	_u.mutation.ClearDefinition()
+	return _u
+}
+
+// Where appends a list predicates to the UserAttributeValueUpdate builder.
+func (_u *UserAttributeValueUpdateOne) Where(ps ...predicate.UserAttributeValue) *UserAttributeValueUpdateOne {
+	_u.mutation.Where(ps...)
+	return _u
+}
+
+// Select allows selecting one or more fields (columns) of the returned entity.
+// The default is selecting all fields defined in the entity schema.
+func (_u *UserAttributeValueUpdateOne) Select(field string, fields ...string) *UserAttributeValueUpdateOne {
+	_u.fields = append([]string{field}, fields...)
+	return _u
+}
+
+// Save executes the query and returns the updated UserAttributeValue entity.
+func (_u *UserAttributeValueUpdateOne) Save(ctx context.Context) (*UserAttributeValue, error) {
+	_u.defaults()
+	return withHooks(ctx, _u.sqlSave, _u.mutation, _u.hooks)
+}
+
+// SaveX is like Save, but panics if an error occurs.
+func (_u *UserAttributeValueUpdateOne) SaveX(ctx context.Context) *UserAttributeValue {
+	node, err := _u.Save(ctx)
+	if err != nil {
+		panic(err)
+	}
+	return node
+}
+
+// Exec executes the query on the entity.
+func (_u *UserAttributeValueUpdateOne) Exec(ctx context.Context) error {
+	_, err := _u.Save(ctx)
+	return err
+}
+
+// ExecX is like Exec, but panics if an error occurs.
+func (_u *UserAttributeValueUpdateOne) ExecX(ctx context.Context) {
+	if err := _u.Exec(ctx); err != nil {
+		panic(err)
+	}
+}
+
+// defaults sets the default values of the builder before save.
+func (_u *UserAttributeValueUpdateOne) defaults() {
+	if _, ok := _u.mutation.UpdatedAt(); !ok {
+		v := userattributevalue.UpdateDefaultUpdatedAt()
+		_u.mutation.SetUpdatedAt(v)
+	}
+}
+
+// check runs all checks and user-defined validators on the builder.
+func (_u *UserAttributeValueUpdateOne) check() error {
+	if _u.mutation.UserCleared() && len(_u.mutation.UserIDs()) > 0 {
+		return errors.New(`ent: clearing a required unique edge "UserAttributeValue.user"`)
+	}
+	if _u.mutation.DefinitionCleared() && len(_u.mutation.DefinitionIDs()) > 0 {
+		return errors.New(`ent: clearing a required unique edge "UserAttributeValue.definition"`)
+	}
+	return nil
+}
+
+func (_u *UserAttributeValueUpdateOne) sqlSave(ctx context.Context) (_node *UserAttributeValue, err error) {
+	if err := _u.check(); err != nil {
+		return _node, err
+	}
+	_spec := sqlgraph.NewUpdateSpec(userattributevalue.Table, userattributevalue.Columns, sqlgraph.NewFieldSpec(userattributevalue.FieldID, field.TypeInt64))
+	id, ok := _u.mutation.ID()
+	if !ok {
+		return nil, &ValidationError{Name: "id", err: errors.New(`ent: missing "UserAttributeValue.id" for update`)}
+	}
+	_spec.Node.ID.Value = id
+	if fields := _u.fields; len(fields) > 0 {
+		_spec.Node.Columns = make([]string, 0, len(fields))
+		_spec.Node.Columns = append(_spec.Node.Columns, userattributevalue.FieldID)
+		for _, f := range fields {
+			if !userattributevalue.ValidColumn(f) {
+				return nil, &ValidationError{Name: f, err: fmt.Errorf("ent: invalid field %q for query", f)}
+			}
+			if f != userattributevalue.FieldID {
+				_spec.Node.Columns = append(_spec.Node.Columns, f)
+			}
+		}
+	}
+	if ps := _u.mutation.predicates; len(ps) > 0 {
+		_spec.Predicate = func(selector *sql.Selector) {
+			for i := range ps {
+				ps[i](selector)
+			}
+		}
+	}
+	if value, ok := _u.mutation.UpdatedAt(); ok {
+		_spec.SetField(userattributevalue.FieldUpdatedAt, field.TypeTime, value)
+	}
+	if value, ok := _u.mutation.Value(); ok {
+		_spec.SetField(userattributevalue.FieldValue, field.TypeString, value)
+	}
+	if _u.mutation.UserCleared() {
+		edge := &sqlgraph.EdgeSpec{
+			Rel:     sqlgraph.M2O,
+			Inverse: true,
+			Table:   userattributevalue.UserTable,
+			Columns: []string{userattributevalue.UserColumn},
+			Bidi:    false,
+			Target: &sqlgraph.EdgeTarget{
+				IDSpec: sqlgraph.NewFieldSpec(user.FieldID, field.TypeInt64),
+			},
+		}
+		_spec.Edges.Clear = append(_spec.Edges.Clear, edge)
+	}
+	if nodes := _u.mutation.UserIDs(); len(nodes) > 0 {
+		edge := &sqlgraph.EdgeSpec{
+			Rel:     sqlgraph.M2O,
+			Inverse: true,
+			Table:   userattributevalue.UserTable,
+			Columns: []string{userattributevalue.UserColumn},
+			Bidi:    false,
+			Target: &sqlgraph.EdgeTarget{
+				IDSpec: sqlgraph.NewFieldSpec(user.FieldID, field.TypeInt64),
+			},
+		}
+		for _, k := range nodes {
+			edge.Target.Nodes = append(edge.Target.Nodes, k)
+		}
+		_spec.Edges.Add = append(_spec.Edges.Add, edge)
+	}
+	if _u.mutation.DefinitionCleared() {
+		edge := &sqlgraph.EdgeSpec{
+			Rel:     sqlgraph.M2O,
+			Inverse: true,
+			Table:   userattributevalue.DefinitionTable,
+			Columns: []string{userattributevalue.DefinitionColumn},
+			Bidi:    false,
+			Target: &sqlgraph.EdgeTarget{
+				IDSpec: sqlgraph.NewFieldSpec(userattributedefinition.FieldID, field.TypeInt64),
+			},
+		}
+		_spec.Edges.Clear = append(_spec.Edges.Clear, edge)
+	}
+	if nodes := _u.mutation.DefinitionIDs(); len(nodes) > 0 {
+		edge := &sqlgraph.EdgeSpec{
+			Rel:     sqlgraph.M2O,
+			Inverse: true,
+			Table:   userattributevalue.DefinitionTable,
+			Columns: []string{userattributevalue.DefinitionColumn},
+			Bidi:    false,
+			Target: &sqlgraph.EdgeTarget{
+				IDSpec: sqlgraph.NewFieldSpec(userattributedefinition.FieldID, field.TypeInt64),
+			},
+		}
+		for _, k := range nodes {
+			edge.Target.Nodes = append(edge.Target.Nodes, k)
+		}
+		_spec.Edges.Add = append(_spec.Edges.Add, edge)
+	}
+	_node = &UserAttributeValue{config: _u.config}
+	_spec.Assign = _node.assignValues
+	_spec.ScanValues = _node.scanValues
+	if err = sqlgraph.UpdateNode(ctx, _u.driver, _spec); err != nil {
+		if _, ok := err.(*sqlgraph.NotFoundError); ok {
+			err = &NotFoundError{userattributevalue.Label}
+		} else if sqlgraph.IsConstraintError(err) {
+			err = &ConstraintError{msg: err.Error(), wrap: err}
+		}
+		return nil, err
+	}
+	_u.mutation.done = true
+	return _node, nil
+}
--- a/backend/go.mod
+++ b/backend/go.mod
@@ -1,16 +1,14 @@
 module github.com/Wei-Shaw/sub2api

-go 1.24.0
-
-toolchain go1.24.11
+go 1.25.5

 require (
 	entgo.io/ent v0.14.5
 	github.com/gin-gonic/gin v1.9.1
-	github.com/golang-jwt/jwt/v5 v5.2.0
+	github.com/golang-jwt/jwt/v5 v5.2.2
 	github.com/google/uuid v1.6.0
 	github.com/google/wire v0.7.0
-	github.com/imroc/req/v3 v3.56.0
+	github.com/imroc/req/v3 v3.57.0
 	github.com/lib/pq v1.10.9
 	github.com/redis/go-redis/v9 v9.17.2
 	github.com/spf13/viper v1.18.2
@@ -20,16 +18,16 @@ require (
 	github.com/tidwall/gjson v1.18.0
 	github.com/tidwall/sjson v1.2.5
 	github.com/zeromicro/go-zero v1.9.4
-	golang.org/x/crypto v0.44.0
-	golang.org/x/net v0.47.0
-	golang.org/x/term v0.37.0
+	golang.org/x/crypto v0.46.0
+	golang.org/x/net v0.48.0
+	golang.org/x/sync v0.19.0
+	golang.org/x/term v0.38.0
 	gopkg.in/yaml.v3 v3.0.1
 )

 require (
 	ariga.io/atlas v0.32.1-0.20250325101103-175b25e1c1b9 // indirect
 	dario.cat/mergo v1.0.2 // indirect
-	filippo.io/edwards25519 v1.1.0 // indirect
 	github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
 	github.com/Microsoft/go-winio v0.6.2 // indirect
 	github.com/agext/levenshtein v1.2.3 // indirect
@@ -64,7 +62,6 @@ require (
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/go-playground/validator/v10 v10.14.0 // indirect
-	github.com/go-sql-driver/mysql v1.9.0 // indirect
 	github.com/goccy/go-json v0.10.2 // indirect
 	github.com/google/go-cmp v0.7.0 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
@@ -74,10 +71,8 @@ require (
 	github.com/hashicorp/hcl/v2 v2.18.1 // indirect
 	github.com/icholy/digest v1.1.0 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
-	github.com/jinzhu/inflection v1.0.0 // indirect
-	github.com/jinzhu/now v1.1.5 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/klauspost/compress v1.18.1 // indirect
+	github.com/klauspost/compress v1.18.2 // indirect
 	github.com/klauspost/cpuid/v2 v2.2.4 // indirect
 	github.com/leodido/go-urn v1.2.4 // indirect
 	github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
@@ -105,8 +100,8 @@ require (
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
-	github.com/quic-go/qpack v0.5.1 // indirect
-	github.com/quic-go/quic-go v0.56.0 // indirect
+	github.com/quic-go/qpack v0.6.0 // indirect
+	github.com/quic-go/quic-go v0.57.1 // indirect
 	github.com/refraction-networking/utls v1.8.1 // indirect
 	github.com/rivo/uniseg v0.2.0 // indirect
 	github.com/sagikazarmark/locafero v0.4.0 // indirect
@@ -141,16 +136,12 @@ require (
 	go.uber.org/multierr v1.9.0 // indirect
 	golang.org/x/arch v0.3.0 // indirect
 	golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect
-	golang.org/x/mod v0.29.0 // indirect
-	golang.org/x/sync v0.18.0 // indirect
-	golang.org/x/sys v0.38.0 // indirect
-	golang.org/x/text v0.31.0 // indirect
-	golang.org/x/tools v0.38.0 // indirect
+	golang.org/x/mod v0.30.0 // indirect
+	golang.org/x/sys v0.39.0 // indirect
+	golang.org/x/text v0.32.0 // indirect
+	golang.org/x/tools v0.39.0 // indirect
 	golang.org/x/tools/go/packages/packagestest v0.1.1-deprecated // indirect
 	google.golang.org/grpc v1.75.1 // indirect
 	google.golang.org/protobuf v1.36.10 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
-	gorm.io/datatypes v1.2.7 // indirect
-	gorm.io/driver/mysql v1.5.6 // indirect
-	gorm.io/gorm v1.30.0 // indirect
 )
--- a/backend/go.sum
+++ b/backend/go.sum
@@ -4,8 +4,6 @@ dario.cat/mergo v1.0.2 h1:85+piFYR1tMbRrLcDwR18y4UKJ3aH1Tbzi24VRW1TK8=
 dario.cat/mergo v1.0.2/go.mod h1:E/hbnu0NxMFBjpMIE34DRGLWqDy0g5FuKDhCb31ngxA=
 entgo.io/ent v0.14.5 h1:Rj2WOYJtCkWyFo6a+5wB3EfBRP0rnx1fMk6gGA0UUe4=
 entgo.io/ent v0.14.5/go.mod h1:zTzLmWtPvGpmSwtkaayM2cm5m819NdM7z7tYPq3vN0U=
-filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
-filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
 github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6 h1:He8afgbRMd7mFxO99hRNu+6tazq8nFF9lIwo9JFroBk=
 github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6/go.mod h1:8o94RPi1/7XTJvwPpRSzSUedZrtlirdB3r9Z20bi2f8=
 github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8=
@@ -96,15 +94,12 @@ github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJn
 github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
 github.com/go-playground/validator/v10 v10.14.0 h1:vgvQWe3XCz3gIeFDm/HnTIbj6UGmg/+t63MyGU2n5js=
 github.com/go-playground/validator/v10 v10.14.0/go.mod h1:9iXMNT7sEkjXb0I+enO7QXmzG6QCsPWY4zveKFVRSyU=
-github.com/go-sql-driver/mysql v1.7.0/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
-github.com/go-sql-driver/mysql v1.9.0 h1:Y0zIbQXhQKmQgTp44Y1dp3wTXcn804QoTptLZT1vtvo=
-github.com/go-sql-driver/mysql v1.9.0/go.mod h1:pDetrLJeA3oMujJuvXc8RJoasr589B6A9fwzD3QMrqw=
 github.com/go-test/deep v1.0.3 h1:ZrJSEWsXzPOxaZnFteGEfooLba+ju3FYIbOrS+rQd68=
 github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA=
 github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU=
 github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
-github.com/golang-jwt/jwt/v5 v5.2.0 h1:d/ix8ftRUorsN+5eMIlF4T6J8CAt9rch3My2winC1Jw=
-github.com/golang-jwt/jwt/v5 v5.2.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
+github.com/golang-jwt/jwt/v5 v5.2.2 h1:Rl4B7itRWVtYIHFrSNd7vhTiz9UpLdi6gZhZ3wEeDy8=
+github.com/golang-jwt/jwt/v5 v5.2.2/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
 github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
@@ -126,8 +121,8 @@ github.com/hashicorp/hcl/v2 v2.18.1 h1:6nxnOJFku1EuSawSD81fuviYUV8DxFr3fp2dUi3ZY
 github.com/hashicorp/hcl/v2 v2.18.1/go.mod h1:ThLC89FV4p9MPW804KVbe/cEXoQ8NZEh+JtMeeGErHE=
 github.com/icholy/digest v1.1.0 h1:HfGg9Irj7i+IX1o1QAmPfIBNu/Q5A5Tu3n/MED9k9H4=
 github.com/icholy/digest v1.1.0/go.mod h1:QNrsSGQ5v7v9cReDI0+eyjsXGUoRSUZQHeQ5C4XLa0Y=
-github.com/imroc/req/v3 v3.56.0 h1:t6YdqqerYBXhZ9+VjqsQs5wlKxdUNEvsgBhxWc1AEEo=
-github.com/imroc/req/v3 v3.56.0/go.mod h1:cUZSooE8hhzFNOrAbdxuemXDQxFXLQTnu3066jr7ZGk=
+github.com/imroc/req/v3 v3.57.0 h1:LMTUjNRUybUkTPn8oJDq8Kg3JRBOBTcnDhKu7mzupKI=
+github.com/imroc/req/v3 v3.57.0/go.mod h1:JL62ey1nvSLq81HORNcosvlf7SxZStONNqOprg0Pz00=
 github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
 github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
 github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM=
@@ -138,14 +133,10 @@ github.com/jackc/pgx/v5 v5.7.4 h1:9wKznZrhWa2QiHL+NjTSPP6yjl3451BX3imWDnokYlg=
 github.com/jackc/pgx/v5 v5.7.4/go.mod h1:ncY89UGWxg82EykZUwSpUKEfccBGGYq1xjrOpsbsfGQ=
 github.com/jackc/puddle/v2 v2.2.2 h1:PR8nw+E/1w0GLuRFSmiioY6UooMp6KJv0/61nB7icHo=
 github.com/jackc/puddle/v2 v2.2.2/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4=
-github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E=
-github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc=
-github.com/jinzhu/now v1.1.5 h1:/o9tlHleP7gOFmsnYNz3RGnqzefHA47wQpKrrdTIwXQ=
-github.com/jinzhu/now v1.1.5/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8=
 github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
 github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
-github.com/klauspost/compress v1.18.1 h1:bcSGx7UbpBqMChDtsF28Lw6v/G94LPrrbMbdC3JH2co=
-github.com/klauspost/compress v1.18.1/go.mod h1:ZQFFVG+MdnR0P+l6wpXgIL4NTtwiKIdBnrBd8Nrxr+0=
+github.com/klauspost/compress v1.18.2 h1:iiPHWW0YrcFgpBYhsA6D1+fqHssJscY/Tm/y2Uqnapk=
+github.com/klauspost/compress v1.18.2/go.mod h1:R0h/fSBs8DE4ENlcrlib3PsXS61voFxhIs2DeRhCvJ4=
 github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
 github.com/klauspost/cpuid/v2 v2.2.4 h1:acbojRNwl3o09bUq+yDCtZFc1aiwaAAxtcn8YkZXnvk=
 github.com/klauspost/cpuid/v2 v2.2.4/go.mod h1:RVVoqg1df56z8g3pUjL/3lE5UfnlrJX8tyFgg4nqhuY=
@@ -219,10 +210,10 @@ github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c h1:ncq/mPwQF
 github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE=
 github.com/prashantv/gostub v1.1.0 h1:BTyx3RfQjRHnUWaGF9oQos79AlQ5k8WNktv7VGvVH4g=
 github.com/prashantv/gostub v1.1.0/go.mod h1:A5zLQHz7ieHGG7is6LLXLz7I8+3LZzsrV0P1IAHhP5U=
-github.com/quic-go/qpack v0.5.1 h1:giqksBPnT/HDtZ6VhtFKgoLOWmlyo9Ei6u9PqzIMbhI=
-github.com/quic-go/qpack v0.5.1/go.mod h1:+PC4XFrEskIVkcLzpEkbLqq1uCoxPhQuvK5rH1ZgaEg=
-github.com/quic-go/quic-go v0.56.0 h1:q/TW+OLismmXAehgFLczhCDTYB3bFmua4D9lsNBWxvY=
-github.com/quic-go/quic-go v0.56.0/go.mod h1:9gx5KsFQtw2oZ6GZTyh+7YEvOxWCL9WZAepnHxgAo6c=
+github.com/quic-go/qpack v0.6.0 h1:g7W+BMYynC1LbYLSqRt8PBg5Tgwxn214ZZR34VIOjz8=
+github.com/quic-go/qpack v0.6.0/go.mod h1:lUpLKChi8njB4ty2bFLX2x4gzDqXwUpaO1DP9qMDZII=
+github.com/quic-go/quic-go v0.57.1 h1:25KAAR9QR8KZrCZRThWMKVAwGoiHIrNbT72ULHTuI10=
+github.com/quic-go/quic-go v0.57.1/go.mod h1:ly4QBAjHA2VhdnxhojRsCUOeJwKYg+taDlos92xb1+s=
 github.com/redis/go-redis/v9 v9.17.2 h1:P2EGsA4qVIM3Pp+aPocCJ7DguDHhqrXNhVcEp4ViluI=
 github.com/redis/go-redis/v9 v9.17.2/go.mod h1:u410H11HMLoB+TP67dz8rL9s6QW2j76l0//kSOd3370=
 github.com/refraction-networking/utls v1.8.1 h1:yNY1kapmQU8JeM1sSw2H2asfTIwWxIkrMJI0pRUOCAo=
@@ -335,16 +326,16 @@ go.uber.org/multierr v1.9.0/go.mod h1:X2jQV1h+kxSjClGpnseKVIxpmcjrj7MNnI0bnlfKTV
 golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
 golang.org/x/arch v0.3.0 h1:02VY4/ZcO/gBOH6PUaoiptASxtXU10jazRCP865E97k=
 golang.org/x/arch v0.3.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
-golang.org/x/crypto v0.44.0 h1:A97SsFvM3AIwEEmTBiaxPPTYpDC47w720rdiiUvgoAU=
-golang.org/x/crypto v0.44.0/go.mod h1:013i+Nw79BMiQiMsOPcVCB5ZIJbYkerPrGnOa00tvmc=
+golang.org/x/crypto v0.46.0 h1:cKRW/pmt1pKAfetfu+RCEvjvZkA9RimPbh7bhFjGVBU=
+golang.org/x/crypto v0.46.0/go.mod h1:Evb/oLKmMraqjZ2iQTwDwvCtJkczlDuTmdJXoZVzqU0=
 golang.org/x/exp v0.0.0-20230905200255-921286631fa9 h1:GoHiUyI/Tp2nVkLI2mCxVkOjsbSXD66ic0XW0js0R9g=
 golang.org/x/exp v0.0.0-20230905200255-921286631fa9/go.mod h1:S2oDrQGGwySpoQPVqRShND87VCbxmc6bL1Yd2oYrm6k=
-golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA=
-golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w=
-golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY=
-golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU=
-golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I=
-golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
+golang.org/x/mod v0.30.0 h1:fDEXFVZ/fmCKProc/yAXXUijritrDzahmwwefnjoPFk=
+golang.org/x/mod v0.30.0/go.mod h1:lAsf5O2EvJeSFMiBxXDki7sCgAxEUcZHXoXMKT4GJKc=
+golang.org/x/net v0.48.0 h1:zyQRTTrjc33Lhh0fBgT/H3oZq9WuvRR5gPC70xpDiQU=
+golang.org/x/net v0.48.0/go.mod h1:+ndRgGjkh8FGtu1w1FGbEC31if4VrNVMuKTgcAAnQRY=
+golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4=
+golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
 golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201204225414-ed752295db88/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
@@ -354,16 +345,16 @@ golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
-golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
-golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU=
-golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254=
-golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM=
-golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM=
+golang.org/x/sys v0.39.0 h1:CvCKL8MeisomCi6qNZ+wbb0DN9E5AATixKsvNtMoMFk=
+golang.org/x/sys v0.39.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
+golang.org/x/term v0.38.0 h1:PQ5pkm/rLO6HnxFR7N2lJHOZX6Kez5Y1gDSJla6jo7Q=
+golang.org/x/term v0.38.0/go.mod h1:bSEAKrOT1W+VSu9TSCMtoGEOUcKxOKgl3LE5QEF/xVg=
+golang.org/x/text v0.32.0 h1:ZD01bjUt1FQ9WJ0ClOL5vxgxOI/sVCNgX1YtKwcY0mU=
+golang.org/x/text v0.32.0/go.mod h1:o/rUWzghvpD5TXrTIBuJU77MTaN0ljMWE47kxGJQ7jY=
 golang.org/x/time v0.12.0 h1:ScB/8o8olJvc+CQPWrK3fPZNfh7qgwCrY0zJmoEQLSE=
 golang.org/x/time v0.12.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg=
-golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ=
-golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs=
+golang.org/x/tools v0.39.0 h1:ik4ho21kwuQln40uelmciQPp9SipgNDdrafrYA4TmQQ=
+golang.org/x/tools v0.39.0/go.mod h1:JnefbkDPyD8UU2kI5fuf8ZX4/yUeh9W877ZeBONxUqQ=
 golang.org/x/tools/go/expect v0.1.0-deprecated h1:jY2C5HGYR5lqex3gEniOQL0r7Dq5+VGVgY1nudX5lXY=
 golang.org/x/tools/go/expect v0.1.0-deprecated/go.mod h1:eihoPOH+FgIqa3FpoTwguz/bVUSGBlGQU67vpBeOrBY=
 golang.org/x/tools/go/packages/packagestest v0.1.1-deprecated h1:1h2MnaIAIXISqTFKdENegdpAgUXz6NrPEsbIeWaBRvM=
@@ -386,13 +377,6 @@ gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gorm.io/datatypes v1.2.7 h1:ww9GAhF1aGXZY3EB3cJPJ7//JiuQo7DlQA7NNlVaTdk=
-gorm.io/datatypes v1.2.7/go.mod h1:M2iO+6S3hhi4nAyYe444Pcb0dcIiOMJ7QHaUXxyiNZY=
-gorm.io/driver/mysql v1.5.6 h1:Ld4mkIickM+EliaQZQx3uOJDJHtrd70MxAUqWqlx3Y8=
-gorm.io/driver/mysql v1.5.6/go.mod h1:sEtPWMiqiN1N1cMXoXmBbd8C6/l+TESwriotuRRpkDM=
-gorm.io/gorm v1.25.7/go.mod h1:hbnx/Oo0ChWMn1BIhpy1oYozzpM15i4YPuHDmfYtwg8=
-gorm.io/gorm v1.30.0 h1:qbT5aPv1UH8gI99OsRlvDToLxW5zR7FzS9acZDOZcgs=
-gorm.io/gorm v1.30.0/go.mod h1:8Z33v652h4//uMA76KjeDH8mJXPm1QNCYrMeatR0DOE=
 gotest.tools/v3 v3.5.2 h1:7koQfIKdy+I8UTetycgUqXWSDwpgv193Ka+qRsmBY8Q=
 gotest.tools/v3 v3.5.2/go.mod h1:LtdLGcnqToBH83WByAAi/wiwSFCArdFIUV/xxN4pcjA=
 rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4=
--- a/backend/internal/config/config.go
+++ b/backend/internal/config/config.go
@@ -1,8 +1,14 @@
+// Package config provides configuration loading, defaults, and validation.
 package config

 import (
+	"crypto/rand"
+	"encoding/hex"
 	"fmt"
+	"log"
+	"os"
 	"strings"
+	"time"

 	"github.com/spf13/viper"
 )
@@ -12,6 +18,8 @@ const (
 	RunModeSimple   = "simple"
 )

+const DefaultCSPPolicy = "default-src 'self'; script-src 'self' https://challenges.cloudflare.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' https:; frame-src https://challenges.cloudflare.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self'"
+
 // 连接池隔离策略常量
 // 用于控制上游 HTTP 连接池的隔离粒度，影响连接复用和资源消耗
 const (
@@ -28,6 +36,10 @@ const (

 type Config struct {
 	Server       ServerConfig       `mapstructure:"server"`
+	CORS         CORSConfig         `mapstructure:"cors"`
+	Security     SecurityConfig     `mapstructure:"security"`
+	Billing      BillingConfig      `mapstructure:"billing"`
+	Turnstile    TurnstileConfig    `mapstructure:"turnstile"`
 	Database     DatabaseConfig     `mapstructure:"database"`
 	Redis        RedisConfig        `mapstructure:"redis"`
 	JWT          JWTConfig          `mapstructure:"jwt"`
@@ -35,14 +47,25 @@ type Config struct {
 	RateLimit    RateLimitConfig    `mapstructure:"rate_limit"`
 	Pricing      PricingConfig      `mapstructure:"pricing"`
 	Gateway      GatewayConfig      `mapstructure:"gateway"`
+	Concurrency  ConcurrencyConfig  `mapstructure:"concurrency"`
 	TokenRefresh TokenRefreshConfig `mapstructure:"token_refresh"`
 	RunMode      string             `mapstructure:"run_mode" yaml:"run_mode"`
 	Timezone     string             `mapstructure:"timezone"` // e.g. "Asia/Shanghai", "UTC"
 	Gemini       GeminiConfig       `mapstructure:"gemini"`
+	Update       UpdateConfig       `mapstructure:"update"`
+}
+
+// UpdateConfig 在线更新相关配置
+type UpdateConfig struct {
+	// ProxyURL 用于访问 GitHub 的代理地址
+	// 支持 http/https/socks5/socks5h 协议
+	// 例如: "http://127.0.0.1:7890", "socks5://127.0.0.1:1080"
+	ProxyURL string `mapstructure:"proxy_url"`
 }

 type GeminiConfig struct {
 	OAuth GeminiOAuthConfig `mapstructure:"oauth"`
+	Quota GeminiQuotaConfig `mapstructure:"quota"`
 }

 type GeminiOAuthConfig struct {
@@ -51,6 +74,17 @@ type GeminiOAuthConfig struct {
 	Scopes       string `mapstructure:"scopes"`
 }

+type GeminiQuotaConfig struct {
+	Tiers  map[string]GeminiTierQuotaConfig `mapstructure:"tiers"`
+	Policy string                           `mapstructure:"policy"`
+}
+
+type GeminiTierQuotaConfig struct {
+	ProRPD          *int64 `mapstructure:"pro_rpd" json:"pro_rpd"`
+	FlashRPD        *int64 `mapstructure:"flash_rpd" json:"flash_rpd"`
+	CooldownMinutes *int   `mapstructure:"cooldown_minutes" json:"cooldown_minutes"`
+}
+
 // TokenRefreshConfig OAuth token自动刷新配置
 type TokenRefreshConfig struct {
 	// 是否启用自动刷新
@@ -81,11 +115,65 @@ type PricingConfig struct {
 }

 type ServerConfig struct {
-	Host              string `mapstructure:"host"`
-	Port              int    `mapstructure:"port"`
-	Mode              string `mapstructure:"mode"`                // debug/release
-	ReadHeaderTimeout int    `mapstructure:"read_header_timeout"` // 读取请求头超时（秒）
-	IdleTimeout       int    `mapstructure:"idle_timeout"`        // 空闲连接超时（秒）
+	Host              string   `mapstructure:"host"`
+	Port              int      `mapstructure:"port"`
+	Mode              string   `mapstructure:"mode"`                // debug/release
+	ReadHeaderTimeout int      `mapstructure:"read_header_timeout"` // 读取请求头超时（秒）
+	IdleTimeout       int      `mapstructure:"idle_timeout"`        // 空闲连接超时（秒）
+	TrustedProxies    []string `mapstructure:"trusted_proxies"`     // 可信代理列表（CIDR/IP）
+}
+
+type CORSConfig struct {
+	AllowedOrigins   []string `mapstructure:"allowed_origins"`
+	AllowCredentials bool     `mapstructure:"allow_credentials"`
+}
+
+type SecurityConfig struct {
+	URLAllowlist    URLAllowlistConfig   `mapstructure:"url_allowlist"`
+	ResponseHeaders ResponseHeaderConfig `mapstructure:"response_headers"`
+	CSP             CSPConfig            `mapstructure:"csp"`
+	ProxyProbe      ProxyProbeConfig     `mapstructure:"proxy_probe"`
+}
+
+type URLAllowlistConfig struct {
+	Enabled           bool     `mapstructure:"enabled"`
+	UpstreamHosts     []string `mapstructure:"upstream_hosts"`
+	PricingHosts      []string `mapstructure:"pricing_hosts"`
+	CRSHosts          []string `mapstructure:"crs_hosts"`
+	AllowPrivateHosts bool     `mapstructure:"allow_private_hosts"`
+	// 关闭 URL 白名单校验时，是否允许 http URL（默认只允许 https）
+	AllowInsecureHTTP bool `mapstructure:"allow_insecure_http"`
+}
+
+type ResponseHeaderConfig struct {
+	Enabled           bool     `mapstructure:"enabled"`
+	AdditionalAllowed []string `mapstructure:"additional_allowed"`
+	ForceRemove       []string `mapstructure:"force_remove"`
+}
+
+type CSPConfig struct {
+	Enabled bool   `mapstructure:"enabled"`
+	Policy  string `mapstructure:"policy"`
+}
+
+type ProxyProbeConfig struct {
+	InsecureSkipVerify bool `mapstructure:"insecure_skip_verify"` // 已禁用：禁止跳过 TLS 证书验证
+}
+
+type BillingConfig struct {
+	CircuitBreaker CircuitBreakerConfig `mapstructure:"circuit_breaker"`
+}
+
+type CircuitBreakerConfig struct {
+	Enabled             bool `mapstructure:"enabled"`
+	FailureThreshold    int  `mapstructure:"failure_threshold"`
+	ResetTimeoutSeconds int  `mapstructure:"reset_timeout_seconds"`
+	HalfOpenRequests    int  `mapstructure:"half_open_requests"`
+}
+
+type ConcurrencyConfig struct {
+	// PingInterval: 并发等待期间的 SSE ping 间隔（秒）
+	PingInterval int `mapstructure:"ping_interval"`
 }

 // GatewayConfig API网关相关配置
@@ -119,6 +207,44 @@ type GatewayConfig struct {
 	// ConcurrencySlotTTLMinutes: 并发槽位过期时间（分钟）
 	// 应大于最长 LLM 请求时间，防止请求完成前槽位过期
 	ConcurrencySlotTTLMinutes int `mapstructure:"concurrency_slot_ttl_minutes"`
+
+	// StreamDataIntervalTimeout: 流数据间隔超时（秒），0表示禁用
+	StreamDataIntervalTimeout int `mapstructure:"stream_data_interval_timeout"`
+	// StreamKeepaliveInterval: 流式 keepalive 间隔（秒），0表示禁用
+	StreamKeepaliveInterval int `mapstructure:"stream_keepalive_interval"`
+	// MaxLineSize: 上游 SSE 单行最大字节数（0使用默认值）
+	MaxLineSize int `mapstructure:"max_line_size"`
+
+	// 是否记录上游错误响应体摘要（避免输出请求内容）
+	LogUpstreamErrorBody bool `mapstructure:"log_upstream_error_body"`
+	// 上游错误响应体记录最大字节数（超过会截断）
+	LogUpstreamErrorBodyMaxBytes int `mapstructure:"log_upstream_error_body_max_bytes"`
+
+	// API-key 账号在客户端未提供 anthropic-beta 时，是否按需自动补齐（默认关闭以保持兼容）
+	InjectBetaForAPIKey bool `mapstructure:"inject_beta_for_apikey"`
+
+	// 是否允许对部分 400 错误触发 failover（默认关闭以避免改变语义）
+	FailoverOn400 bool `mapstructure:"failover_on_400"`
+
+	// Scheduling: 账号调度相关配置
+	Scheduling GatewaySchedulingConfig `mapstructure:"scheduling"`
+}
+
+// GatewaySchedulingConfig accounts scheduling configuration.
+type GatewaySchedulingConfig struct {
+	// 粘性会话排队配置
+	StickySessionMaxWaiting  int           `mapstructure:"sticky_session_max_waiting"`
+	StickySessionWaitTimeout time.Duration `mapstructure:"sticky_session_wait_timeout"`
+
+	// 兜底排队配置
+	FallbackWaitTimeout time.Duration `mapstructure:"fallback_wait_timeout"`
+	FallbackMaxWaiting  int           `mapstructure:"fallback_max_waiting"`
+
+	// 负载计算
+	LoadBatchEnabled bool `mapstructure:"load_batch_enabled"`
+
+	// 过期槽位清理周期（0 表示禁用）
+	SlotCleanupInterval time.Duration `mapstructure:"slot_cleanup_interval"`
 }

 func (s *ServerConfig) Address() string {
@@ -192,12 +318,16 @@ type JWTConfig struct {
 	ExpireHour int    `mapstructure:"expire_hour"`
 }

+type TurnstileConfig struct {
+	Required bool `mapstructure:"required"`
+}
+
 type DefaultConfig struct {
 	AdminEmail      string  `mapstructure:"admin_email"`
 	AdminPassword   string  `mapstructure:"admin_password"`
 	UserConcurrency int     `mapstructure:"user_concurrency"`
 	UserBalance     float64 `mapstructure:"user_balance"`
-	ApiKeyPrefix    string  `mapstructure:"api_key_prefix"`
+	APIKeyPrefix    string  `mapstructure:"api_key_prefix"`
 	RateMultiplier  float64 `mapstructure:"rate_multiplier"`
 }

@@ -218,8 +348,19 @@ func NormalizeRunMode(value string) string {
 func Load() (*Config, error) {
 	viper.SetConfigName("config")
 	viper.SetConfigType("yaml")
+
+	// Add config paths in priority order
+	// 1. DATA_DIR environment variable (highest priority)
+	if dataDir := os.Getenv("DATA_DIR"); dataDir != "" {
+		viper.AddConfigPath(dataDir)
+	}
+	// 2. Docker data directory
+	viper.AddConfigPath("/app/data")
+	// 3. Current directory
 	viper.AddConfigPath(".")
+	// 4. Config subdirectory
 	viper.AddConfigPath("./config")
+	// 5. System config directory
 	viper.AddConfigPath("/etc/sub2api")

 	// 环境变量支持
@@ -242,11 +383,46 @@ func Load() (*Config, error) {
 	}

 	cfg.RunMode = NormalizeRunMode(cfg.RunMode)
+	cfg.Server.Mode = strings.ToLower(strings.TrimSpace(cfg.Server.Mode))
+	if cfg.Server.Mode == "" {
+		cfg.Server.Mode = "debug"
+	}
+	cfg.JWT.Secret = strings.TrimSpace(cfg.JWT.Secret)
+	cfg.CORS.AllowedOrigins = normalizeStringSlice(cfg.CORS.AllowedOrigins)
+	cfg.Security.ResponseHeaders.AdditionalAllowed = normalizeStringSlice(cfg.Security.ResponseHeaders.AdditionalAllowed)
+	cfg.Security.ResponseHeaders.ForceRemove = normalizeStringSlice(cfg.Security.ResponseHeaders.ForceRemove)
+	cfg.Security.CSP.Policy = strings.TrimSpace(cfg.Security.CSP.Policy)
+
+	if cfg.JWT.Secret == "" {
+		secret, err := generateJWTSecret(64)
+		if err != nil {
+			return nil, fmt.Errorf("generate jwt secret error: %w", err)
+		}
+		cfg.JWT.Secret = secret
+		log.Println("Warning: JWT secret auto-generated. Consider setting a fixed secret for production.")
+	}

 	if err := cfg.Validate(); err != nil {
 		return nil, fmt.Errorf("validate config error: %w", err)
 	}

+	if !cfg.Security.URLAllowlist.Enabled {
+		log.Println("Warning: security.url_allowlist.enabled=false; allowlist/SSRF checks disabled (minimal format validation only).")
+	}
+	if !cfg.Security.ResponseHeaders.Enabled {
+		log.Println("Warning: security.response_headers.enabled=false; configurable header filtering disabled (default allowlist only).")
+	}
+
+	if cfg.JWT.Secret != "" && isWeakJWTSecret(cfg.JWT.Secret) {
+		log.Println("Warning: JWT secret appears weak; use a 32+ character random secret in production.")
+	}
+	if len(cfg.Security.ResponseHeaders.AdditionalAllowed) > 0 || len(cfg.Security.ResponseHeaders.ForceRemove) > 0 {
+		log.Printf("AUDIT: response header policy configured additional_allowed=%v force_remove=%v",
+			cfg.Security.ResponseHeaders.AdditionalAllowed,
+			cfg.Security.ResponseHeaders.ForceRemove,
+		)
+	}
+
 	return &cfg, nil
 }

@@ -259,6 +435,45 @@ func setDefaults() {
 	viper.SetDefault("server.mode", "debug")
 	viper.SetDefault("server.read_header_timeout", 30) // 30秒读取请求头
 	viper.SetDefault("server.idle_timeout", 120)       // 120秒空闲超时
+	viper.SetDefault("server.trusted_proxies", []string{})
+
+	// CORS
+	viper.SetDefault("cors.allowed_origins", []string{})
+	viper.SetDefault("cors.allow_credentials", true)
+
+	// Security
+	viper.SetDefault("security.url_allowlist.enabled", false)
+	viper.SetDefault("security.url_allowlist.upstream_hosts", []string{
+		"api.openai.com",
+		"api.anthropic.com",
+		"api.kimi.com",
+		"open.bigmodel.cn",
+		"api.minimaxi.com",
+		"generativelanguage.googleapis.com",
+		"cloudcode-pa.googleapis.com",
+		"*.openai.azure.com",
+	})
+	viper.SetDefault("security.url_allowlist.pricing_hosts", []string{
+		"raw.githubusercontent.com",
+	})
+	viper.SetDefault("security.url_allowlist.crs_hosts", []string{})
+	viper.SetDefault("security.url_allowlist.allow_private_hosts", true)
+	viper.SetDefault("security.url_allowlist.allow_insecure_http", true)
+	viper.SetDefault("security.response_headers.enabled", false)
+	viper.SetDefault("security.response_headers.additional_allowed", []string{})
+	viper.SetDefault("security.response_headers.force_remove", []string{})
+	viper.SetDefault("security.csp.enabled", true)
+	viper.SetDefault("security.csp.policy", DefaultCSPPolicy)
+	viper.SetDefault("security.proxy_probe.insecure_skip_verify", false)
+
+	// Billing
+	viper.SetDefault("billing.circuit_breaker.enabled", true)
+	viper.SetDefault("billing.circuit_breaker.failure_threshold", 5)
+	viper.SetDefault("billing.circuit_breaker.reset_timeout_seconds", 30)
+	viper.SetDefault("billing.circuit_breaker.half_open_requests", 3)
+
+	// Turnstile
+	viper.SetDefault("turnstile.required", false)

 	// Database
 	viper.SetDefault("database.host", "localhost")
@@ -284,7 +499,7 @@ func setDefaults() {
 	viper.SetDefault("redis.min_idle_conns", 10)

 	// JWT
-	viper.SetDefault("jwt.secret", "change-me-in-production")
+	viper.SetDefault("jwt.secret", "")
 	viper.SetDefault("jwt.expire_hour", 24)

 	// Default
@@ -312,17 +527,31 @@ func setDefaults() {
 	viper.SetDefault("timezone", "Asia/Shanghai")

 	// Gateway
-	viper.SetDefault("gateway.response_header_timeout", 300) // 300秒(5分钟)等待上游响应头，LLM高负载时可能排队较久
+	viper.SetDefault("gateway.response_header_timeout", 600) // 600秒(10分钟)等待上游响应头，LLM高负载时可能排队较久
+	viper.SetDefault("gateway.log_upstream_error_body", false)
+	viper.SetDefault("gateway.log_upstream_error_body_max_bytes", 2048)
+	viper.SetDefault("gateway.inject_beta_for_apikey", false)
+	viper.SetDefault("gateway.failover_on_400", false)
 	viper.SetDefault("gateway.max_body_size", int64(100*1024*1024))
 	viper.SetDefault("gateway.connection_pool_isolation", ConnectionPoolIsolationAccountProxy)
 	// HTTP 上游连接池配置（针对 5000+ 并发用户优化）
-	viper.SetDefault("gateway.max_idle_conns", 240)            // 最大空闲连接总数（HTTP/2 场景默认）
-	viper.SetDefault("gateway.max_idle_conns_per_host", 120)   // 每主机最大空闲连接（HTTP/2 场景默认）
-	viper.SetDefault("gateway.max_conns_per_host", 240)        // 每主机最大连接数（含活跃，HTTP/2 场景默认）
-	viper.SetDefault("gateway.idle_conn_timeout_seconds", 300) // 空闲连接超时（秒）
+	viper.SetDefault("gateway.max_idle_conns", 240)           // 最大空闲连接总数（HTTP/2 场景默认）
+	viper.SetDefault("gateway.max_idle_conns_per_host", 120)  // 每主机最大空闲连接（HTTP/2 场景默认）
+	viper.SetDefault("gateway.max_conns_per_host", 240)       // 每主机最大连接数（含活跃，HTTP/2 场景默认）
+	viper.SetDefault("gateway.idle_conn_timeout_seconds", 90) // 空闲连接超时（秒）
 	viper.SetDefault("gateway.max_upstream_clients", 5000)
 	viper.SetDefault("gateway.client_idle_ttl_seconds", 900)
-	viper.SetDefault("gateway.concurrency_slot_ttl_minutes", 15) // 并发槽位过期时间（支持超长请求）
+	viper.SetDefault("gateway.concurrency_slot_ttl_minutes", 30) // 并发槽位过期时间（支持超长请求）
+	viper.SetDefault("gateway.stream_data_interval_timeout", 180)
+	viper.SetDefault("gateway.stream_keepalive_interval", 10)
+	viper.SetDefault("gateway.max_line_size", 10*1024*1024)
+	viper.SetDefault("gateway.scheduling.sticky_session_max_waiting", 3)
+	viper.SetDefault("gateway.scheduling.sticky_session_wait_timeout", 45*time.Second)
+	viper.SetDefault("gateway.scheduling.fallback_wait_timeout", 30*time.Second)
+	viper.SetDefault("gateway.scheduling.fallback_max_waiting", 100)
+	viper.SetDefault("gateway.scheduling.load_batch_enabled", true)
+	viper.SetDefault("gateway.scheduling.slot_cleanup_interval", 30*time.Second)
+	viper.SetDefault("concurrency.ping_interval", 10)

 	// TokenRefresh
 	viper.SetDefault("token_refresh.enabled", true)
@@ -337,14 +566,36 @@ func setDefaults() {
 	viper.SetDefault("gemini.oauth.client_id", "")
 	viper.SetDefault("gemini.oauth.client_secret", "")
 	viper.SetDefault("gemini.oauth.scopes", "")
+	viper.SetDefault("gemini.quota.policy", "")
+
+	// Update - 在线更新配置
+	// 代理地址为空表示直连 GitHub（适用于海外服务器）
+	viper.SetDefault("update.proxy_url", "")
 }

 func (c *Config) Validate() error {
-	if c.JWT.Secret == "" {
-		return fmt.Errorf("jwt.secret is required")
+	if c.JWT.ExpireHour <= 0 {
+		return fmt.Errorf("jwt.expire_hour must be positive")
 	}
-	if c.JWT.Secret == "change-me-in-production" && c.Server.Mode == "release" {
-		return fmt.Errorf("jwt.secret must be changed in production")
+	if c.JWT.ExpireHour > 168 {
+		return fmt.Errorf("jwt.expire_hour must be <= 168 (7 days)")
+	}
+	if c.JWT.ExpireHour > 24 {
+		log.Printf("Warning: jwt.expire_hour is %d hours (> 24). Consider shorter expiration for security.", c.JWT.ExpireHour)
+	}
+	if c.Security.CSP.Enabled && strings.TrimSpace(c.Security.CSP.Policy) == "" {
+		return fmt.Errorf("security.csp.policy is required when CSP is enabled")
+	}
+	if c.Billing.CircuitBreaker.Enabled {
+		if c.Billing.CircuitBreaker.FailureThreshold <= 0 {
+			return fmt.Errorf("billing.circuit_breaker.failure_threshold must be positive")
+		}
+		if c.Billing.CircuitBreaker.ResetTimeoutSeconds <= 0 {
+			return fmt.Errorf("billing.circuit_breaker.reset_timeout_seconds must be positive")
+		}
+		if c.Billing.CircuitBreaker.HalfOpenRequests <= 0 {
+			return fmt.Errorf("billing.circuit_breaker.half_open_requests must be positive")
+		}
 	}
 	if c.Database.MaxOpenConns <= 0 {
 		return fmt.Errorf("database.max_open_conns must be positive")
@@ -402,6 +653,9 @@ func (c *Config) Validate() error {
 	if c.Gateway.IdleConnTimeoutSeconds <= 0 {
 		return fmt.Errorf("gateway.idle_conn_timeout_seconds must be positive")
 	}
+	if c.Gateway.IdleConnTimeoutSeconds > 180 {
+		log.Printf("Warning: gateway.idle_conn_timeout_seconds is %d (> 180). Consider 60-120 seconds for better connection reuse.", c.Gateway.IdleConnTimeoutSeconds)
+	}
 	if c.Gateway.MaxUpstreamClients <= 0 {
 		return fmt.Errorf("gateway.max_upstream_clients must be positive")
 	}
@@ -411,9 +665,92 @@ func (c *Config) Validate() error {
 	if c.Gateway.ConcurrencySlotTTLMinutes <= 0 {
 		return fmt.Errorf("gateway.concurrency_slot_ttl_minutes must be positive")
 	}
+	if c.Gateway.StreamDataIntervalTimeout < 0 {
+		return fmt.Errorf("gateway.stream_data_interval_timeout must be non-negative")
+	}
+	if c.Gateway.StreamDataIntervalTimeout != 0 &&
+		(c.Gateway.StreamDataIntervalTimeout < 30 || c.Gateway.StreamDataIntervalTimeout > 300) {
+		return fmt.Errorf("gateway.stream_data_interval_timeout must be 0 or between 30-300 seconds")
+	}
+	if c.Gateway.StreamKeepaliveInterval < 0 {
+		return fmt.Errorf("gateway.stream_keepalive_interval must be non-negative")
+	}
+	if c.Gateway.StreamKeepaliveInterval != 0 &&
+		(c.Gateway.StreamKeepaliveInterval < 5 || c.Gateway.StreamKeepaliveInterval > 30) {
+		return fmt.Errorf("gateway.stream_keepalive_interval must be 0 or between 5-30 seconds")
+	}
+	if c.Gateway.MaxLineSize < 0 {
+		return fmt.Errorf("gateway.max_line_size must be non-negative")
+	}
+	if c.Gateway.MaxLineSize != 0 && c.Gateway.MaxLineSize < 1024*1024 {
+		return fmt.Errorf("gateway.max_line_size must be at least 1MB")
+	}
+	if c.Gateway.Scheduling.StickySessionMaxWaiting <= 0 {
+		return fmt.Errorf("gateway.scheduling.sticky_session_max_waiting must be positive")
+	}
+	if c.Gateway.Scheduling.StickySessionWaitTimeout <= 0 {
+		return fmt.Errorf("gateway.scheduling.sticky_session_wait_timeout must be positive")
+	}
+	if c.Gateway.Scheduling.FallbackWaitTimeout <= 0 {
+		return fmt.Errorf("gateway.scheduling.fallback_wait_timeout must be positive")
+	}
+	if c.Gateway.Scheduling.FallbackMaxWaiting <= 0 {
+		return fmt.Errorf("gateway.scheduling.fallback_max_waiting must be positive")
+	}
+	if c.Gateway.Scheduling.SlotCleanupInterval < 0 {
+		return fmt.Errorf("gateway.scheduling.slot_cleanup_interval must be non-negative")
+	}
+	if c.Concurrency.PingInterval < 5 || c.Concurrency.PingInterval > 30 {
+		return fmt.Errorf("concurrency.ping_interval must be between 5-30 seconds")
+	}
 	return nil
 }

+func normalizeStringSlice(values []string) []string {
+	if len(values) == 0 {
+		return values
+	}
+	normalized := make([]string, 0, len(values))
+	for _, v := range values {
+		trimmed := strings.TrimSpace(v)
+		if trimmed == "" {
+			continue
+		}
+		normalized = append(normalized, trimmed)
+	}
+	return normalized
+}
+
+func isWeakJWTSecret(secret string) bool {
+	lower := strings.ToLower(strings.TrimSpace(secret))
+	if lower == "" {
+		return true
+	}
+	weak := map[string]struct{}{
+		"change-me-in-production": {},
+		"changeme":                {},
+		"secret":                  {},
+		"password":                {},
+		"123456":                  {},
+		"12345678":                {},
+		"admin":                   {},
+		"jwt-secret":              {},
+	}
+	_, exists := weak[lower]
+	return exists
+}
+
+func generateJWTSecret(byteLength int) (string, error) {
+	if byteLength <= 0 {
+		byteLength = 32
+	}
+	buf := make([]byte, byteLength)
+	if _, err := rand.Read(buf); err != nil {
+		return "", err
+	}
+	return hex.EncodeToString(buf), nil
+}
+
 // GetServerAddress returns the server address (host:port) from config file or environment variable.
 // This is a lightweight function that can be used before full config validation,
 // such as during setup wizard startup.
--- a/backend/internal/config/config_test.go
+++ b/backend/internal/config/config_test.go
@@ -1,6 +1,11 @@
 package config

-import "testing"
+import (
+	"testing"
+	"time"
+
+	"github.com/spf13/viper"
+)

 func TestNormalizeRunMode(t *testing.T) {
 	tests := []struct {
@@ -21,3 +26,67 @@ func TestNormalizeRunMode(t *testing.T) {
 		}
 	}
 }
+
+func TestLoadDefaultSchedulingConfig(t *testing.T) {
+	viper.Reset()
+
+	cfg, err := Load()
+	if err != nil {
+		t.Fatalf("Load() error: %v", err)
+	}
+
+	if cfg.Gateway.Scheduling.StickySessionMaxWaiting != 3 {
+		t.Fatalf("StickySessionMaxWaiting = %d, want 3", cfg.Gateway.Scheduling.StickySessionMaxWaiting)
+	}
+	if cfg.Gateway.Scheduling.StickySessionWaitTimeout != 45*time.Second {
+		t.Fatalf("StickySessionWaitTimeout = %v, want 45s", cfg.Gateway.Scheduling.StickySessionWaitTimeout)
+	}
+	if cfg.Gateway.Scheduling.FallbackWaitTimeout != 30*time.Second {
+		t.Fatalf("FallbackWaitTimeout = %v, want 30s", cfg.Gateway.Scheduling.FallbackWaitTimeout)
+	}
+	if cfg.Gateway.Scheduling.FallbackMaxWaiting != 100 {
+		t.Fatalf("FallbackMaxWaiting = %d, want 100", cfg.Gateway.Scheduling.FallbackMaxWaiting)
+	}
+	if !cfg.Gateway.Scheduling.LoadBatchEnabled {
+		t.Fatalf("LoadBatchEnabled = false, want true")
+	}
+	if cfg.Gateway.Scheduling.SlotCleanupInterval != 30*time.Second {
+		t.Fatalf("SlotCleanupInterval = %v, want 30s", cfg.Gateway.Scheduling.SlotCleanupInterval)
+	}
+}
+
+func TestLoadSchedulingConfigFromEnv(t *testing.T) {
+	viper.Reset()
+	t.Setenv("GATEWAY_SCHEDULING_STICKY_SESSION_MAX_WAITING", "5")
+
+	cfg, err := Load()
+	if err != nil {
+		t.Fatalf("Load() error: %v", err)
+	}
+
+	if cfg.Gateway.Scheduling.StickySessionMaxWaiting != 5 {
+		t.Fatalf("StickySessionMaxWaiting = %d, want 5", cfg.Gateway.Scheduling.StickySessionMaxWaiting)
+	}
+}
+
+func TestLoadDefaultSecurityToggles(t *testing.T) {
+	viper.Reset()
+
+	cfg, err := Load()
+	if err != nil {
+		t.Fatalf("Load() error: %v", err)
+	}
+
+	if cfg.Security.URLAllowlist.Enabled {
+		t.Fatalf("URLAllowlist.Enabled = true, want false")
+	}
+	if !cfg.Security.URLAllowlist.AllowInsecureHTTP {
+		t.Fatalf("URLAllowlist.AllowInsecureHTTP = false, want true")
+	}
+	if !cfg.Security.URLAllowlist.AllowPrivateHosts {
+		t.Fatalf("URLAllowlist.AllowPrivateHosts = false, want true")
+	}
+	if cfg.Security.ResponseHeaders.Enabled {
+		t.Fatalf("ResponseHeaders.Enabled = true, want false")
+	}
+}
--- a/backend/internal/handler/admin/account_handler.go
+++ b/backend/internal/handler/admin/account_handler.go
@@ -1,8 +1,12 @@
+// Package admin provides HTTP handlers for administrative operations.
 package admin

 import (
+	"errors"
 	"strconv"
 	"strings"
+	"sync"
+	"time"

 	"github.com/Wei-Shaw/sub2api/internal/handler/dto"
 	"github.com/Wei-Shaw/sub2api/internal/pkg/claude"
@@ -13,6 +17,7 @@ import (
 	"github.com/Wei-Shaw/sub2api/internal/service"

 	"github.com/gin-gonic/gin"
+	"golang.org/x/sync/errgroup"
 )

 // OAuthHandler handles OAuth-related operations for accounts
@@ -29,15 +34,16 @@ func NewOAuthHandler(oauthService *service.OAuthService) *OAuthHandler {

 // AccountHandler handles admin account management
 type AccountHandler struct {
-	adminService        service.AdminService
-	oauthService        *service.OAuthService
-	openaiOAuthService  *service.OpenAIOAuthService
-	geminiOAuthService  *service.GeminiOAuthService
-	rateLimitService    *service.RateLimitService
-	accountUsageService *service.AccountUsageService
-	accountTestService  *service.AccountTestService
-	concurrencyService  *service.ConcurrencyService
-	crsSyncService      *service.CRSSyncService
+	adminService            service.AdminService
+	oauthService            *service.OAuthService
+	openaiOAuthService      *service.OpenAIOAuthService
+	geminiOAuthService      *service.GeminiOAuthService
+	antigravityOAuthService *service.AntigravityOAuthService
+	rateLimitService        *service.RateLimitService
+	accountUsageService     *service.AccountUsageService
+	accountTestService      *service.AccountTestService
+	concurrencyService      *service.ConcurrencyService
+	crsSyncService          *service.CRSSyncService
 }

 // NewAccountHandler creates a new admin account handler
@@ -46,6 +52,7 @@ func NewAccountHandler(
 	oauthService *service.OAuthService,
 	openaiOAuthService *service.OpenAIOAuthService,
 	geminiOAuthService *service.GeminiOAuthService,
+	antigravityOAuthService *service.AntigravityOAuthService,
 	rateLimitService *service.RateLimitService,
 	accountUsageService *service.AccountUsageService,
 	accountTestService *service.AccountTestService,
@@ -53,56 +60,66 @@ func NewAccountHandler(
 	crsSyncService *service.CRSSyncService,
 ) *AccountHandler {
 	return &AccountHandler{
-		adminService:        adminService,
-		oauthService:        oauthService,
-		openaiOAuthService:  openaiOAuthService,
-		geminiOAuthService:  geminiOAuthService,
-		rateLimitService:    rateLimitService,
-		accountUsageService: accountUsageService,
-		accountTestService:  accountTestService,
-		concurrencyService:  concurrencyService,
-		crsSyncService:      crsSyncService,
+		adminService:            adminService,
+		oauthService:            oauthService,
+		openaiOAuthService:      openaiOAuthService,
+		geminiOAuthService:      geminiOAuthService,
+		antigravityOAuthService: antigravityOAuthService,
+		rateLimitService:        rateLimitService,
+		accountUsageService:     accountUsageService,
+		accountTestService:      accountTestService,
+		concurrencyService:      concurrencyService,
+		crsSyncService:          crsSyncService,
 	}
 }

 // CreateAccountRequest represents create account request
 type CreateAccountRequest struct {
-	Name        string         `json:"name" binding:"required"`
-	Platform    string         `json:"platform" binding:"required"`
-	Type        string         `json:"type" binding:"required,oneof=oauth setup-token apikey"`
-	Credentials map[string]any `json:"credentials" binding:"required"`
-	Extra       map[string]any `json:"extra"`
-	ProxyID     *int64         `json:"proxy_id"`
-	Concurrency int            `json:"concurrency"`
-	Priority    int            `json:"priority"`
-	GroupIDs    []int64        `json:"group_ids"`
+	Name                    string         `json:"name" binding:"required"`
+	Notes                   *string        `json:"notes"`
+	Platform                string         `json:"platform" binding:"required"`
+	Type                    string         `json:"type" binding:"required,oneof=oauth setup-token apikey"`
+	Credentials             map[string]any `json:"credentials" binding:"required"`
+	Extra                   map[string]any `json:"extra"`
+	ProxyID                 *int64         `json:"proxy_id"`
+	Concurrency             int            `json:"concurrency"`
+	Priority                int            `json:"priority"`
+	GroupIDs                []int64        `json:"group_ids"`
+	ExpiresAt               *int64         `json:"expires_at"`
+	AutoPauseOnExpired      *bool          `json:"auto_pause_on_expired"`
+	ConfirmMixedChannelRisk *bool          `json:"confirm_mixed_channel_risk"` // 用户确认混合渠道风险
 }

 // UpdateAccountRequest represents update account request
 // 使用指针类型来区分"未提供"和"设置为0"
 type UpdateAccountRequest struct {
-	Name        string         `json:"name"`
-	Type        string         `json:"type" binding:"omitempty,oneof=oauth setup-token apikey"`
-	Credentials map[string]any `json:"credentials"`
-	Extra       map[string]any `json:"extra"`
-	ProxyID     *int64         `json:"proxy_id"`
-	Concurrency *int           `json:"concurrency"`
-	Priority    *int           `json:"priority"`
-	Status      string         `json:"status" binding:"omitempty,oneof=active inactive"`
-	GroupIDs    *[]int64       `json:"group_ids"`
+	Name                    string         `json:"name"`
+	Notes                   *string        `json:"notes"`
+	Type                    string         `json:"type" binding:"omitempty,oneof=oauth setup-token apikey"`
+	Credentials             map[string]any `json:"credentials"`
+	Extra                   map[string]any `json:"extra"`
+	ProxyID                 *int64         `json:"proxy_id"`
+	Concurrency             *int           `json:"concurrency"`
+	Priority                *int           `json:"priority"`
+	Status                  string         `json:"status" binding:"omitempty,oneof=active inactive"`
+	GroupIDs                *[]int64       `json:"group_ids"`
+	ExpiresAt               *int64         `json:"expires_at"`
+	AutoPauseOnExpired      *bool          `json:"auto_pause_on_expired"`
+	ConfirmMixedChannelRisk *bool          `json:"confirm_mixed_channel_risk"` // 用户确认混合渠道风险
 }

 // BulkUpdateAccountsRequest represents the payload for bulk editing accounts
 type BulkUpdateAccountsRequest struct {
-	AccountIDs  []int64        `json:"account_ids" binding:"required,min=1"`
-	Name        string         `json:"name"`
-	ProxyID     *int64         `json:"proxy_id"`
-	Concurrency *int           `json:"concurrency"`
-	Priority    *int           `json:"priority"`
-	Status      string         `json:"status" binding:"omitempty,oneof=active inactive error"`
-	GroupIDs    *[]int64       `json:"group_ids"`
-	Credentials map[string]any `json:"credentials"`
-	Extra       map[string]any `json:"extra"`
+	AccountIDs              []int64        `json:"account_ids" binding:"required,min=1"`
+	Name                    string         `json:"name"`
+	ProxyID                 *int64         `json:"proxy_id"`
+	Concurrency             *int           `json:"concurrency"`
+	Priority                *int           `json:"priority"`
+	Status                  string         `json:"status" binding:"omitempty,oneof=active inactive error"`
+	GroupIDs                *[]int64       `json:"group_ids"`
+	Credentials             map[string]any `json:"credentials"`
+	Extra                   map[string]any `json:"extra"`
+	ConfirmMixedChannelRisk *bool          `json:"confirm_mixed_channel_risk"` // 用户确认混合渠道风险
 }

 // AccountWithConcurrency extends Account with real-time concurrency info
@@ -177,18 +194,43 @@ func (h *AccountHandler) Create(c *gin.Context) {
 		return
 	}

+	// 确定是否跳过混合渠道检查
+	skipCheck := req.ConfirmMixedChannelRisk != nil && *req.ConfirmMixedChannelRisk
+
 	account, err := h.adminService.CreateAccount(c.Request.Context(), &service.CreateAccountInput{
-		Name:        req.Name,
-		Platform:    req.Platform,
-		Type:        req.Type,
-		Credentials: req.Credentials,
-		Extra:       req.Extra,
-		ProxyID:     req.ProxyID,
-		Concurrency: req.Concurrency,
-		Priority:    req.Priority,
-		GroupIDs:    req.GroupIDs,
+		Name:                  req.Name,
+		Notes:                 req.Notes,
+		Platform:              req.Platform,
+		Type:                  req.Type,
+		Credentials:           req.Credentials,
+		Extra:                 req.Extra,
+		ProxyID:               req.ProxyID,
+		Concurrency:           req.Concurrency,
+		Priority:              req.Priority,
+		GroupIDs:              req.GroupIDs,
+		ExpiresAt:             req.ExpiresAt,
+		AutoPauseOnExpired:    req.AutoPauseOnExpired,
+		SkipMixedChannelCheck: skipCheck,
 	})
 	if err != nil {
+		// 检查是否为混合渠道错误
+		var mixedErr *service.MixedChannelError
+		if errors.As(err, &mixedErr) {
+			// 返回特殊错误码要求确认
+			c.JSON(409, gin.H{
+				"error":   "mixed_channel_warning",
+				"message": mixedErr.Error(),
+				"details": gin.H{
+					"group_id":         mixedErr.GroupID,
+					"group_name":       mixedErr.GroupName,
+					"current_platform": mixedErr.CurrentPlatform,
+					"other_platform":   mixedErr.OtherPlatform,
+				},
+				"require_confirmation": true,
+			})
+			return
+		}
+
 		response.ErrorFrom(c, err)
 		return
 	}
@@ -211,18 +253,43 @@ func (h *AccountHandler) Update(c *gin.Context) {
 		return
 	}

+	// 确定是否跳过混合渠道检查
+	skipCheck := req.ConfirmMixedChannelRisk != nil && *req.ConfirmMixedChannelRisk
+
 	account, err := h.adminService.UpdateAccount(c.Request.Context(), accountID, &service.UpdateAccountInput{
-		Name:        req.Name,
-		Type:        req.Type,
-		Credentials: req.Credentials,
-		Extra:       req.Extra,
-		ProxyID:     req.ProxyID,
-		Concurrency: req.Concurrency, // 指针类型，nil 表示未提供
-		Priority:    req.Priority,    // 指针类型，nil 表示未提供
-		Status:      req.Status,
-		GroupIDs:    req.GroupIDs,
+		Name:                  req.Name,
+		Notes:                 req.Notes,
+		Type:                  req.Type,
+		Credentials:           req.Credentials,
+		Extra:                 req.Extra,
+		ProxyID:               req.ProxyID,
+		Concurrency:           req.Concurrency, // 指针类型，nil 表示未提供
+		Priority:              req.Priority,    // 指针类型，nil 表示未提供
+		Status:                req.Status,
+		GroupIDs:              req.GroupIDs,
+		ExpiresAt:             req.ExpiresAt,
+		AutoPauseOnExpired:    req.AutoPauseOnExpired,
+		SkipMixedChannelCheck: skipCheck,
 	})
 	if err != nil {
+		// 检查是否为混合渠道错误
+		var mixedErr *service.MixedChannelError
+		if errors.As(err, &mixedErr) {
+			// 返回特殊错误码要求确认
+			c.JSON(409, gin.H{
+				"error":   "mixed_channel_warning",
+				"message": mixedErr.Error(),
+				"details": gin.H{
+					"group_id":         mixedErr.GroupID,
+					"group_name":       mixedErr.GroupName,
+					"current_platform": mixedErr.CurrentPlatform,
+					"other_platform":   mixedErr.OtherPlatform,
+				},
+				"require_confirmation": true,
+			})
+			return
+		}
+
 		response.ErrorFrom(c, err)
 		return
 	}
@@ -302,7 +369,8 @@ func (h *AccountHandler) SyncFromCRS(c *gin.Context) {
 		SyncProxies: syncProxies,
 	})
 	if err != nil {
-		response.ErrorFrom(c, err)
+		// Provide detailed error message for CRS sync failures
+		response.InternalError(c, "CRS sync failed: "+err.Error())
 		return
 	}

@@ -363,6 +431,19 @@ func (h *AccountHandler) Refresh(c *gin.Context) {
 				newCredentials[k] = v
 			}
 		}
+	} else if account.Platform == service.PlatformAntigravity {
+		tokenInfo, err := h.antigravityOAuthService.RefreshAccountToken(c.Request.Context(), account)
+		if err != nil {
+			response.ErrorFrom(c, err)
+			return
+		}
+
+		newCredentials = h.antigravityOAuthService.BuildAccountCredentials(tokenInfo)
+		for k, v := range account.Credentials {
+			if _, exists := newCredentials[k]; !exists {
+				newCredentials[k] = v
+			}
+		}
 	} else {
 		// Use Anthropic/Claude OAuth service to refresh token
 		tokenInfo, err := h.oauthService.RefreshAccountToken(c.Request.Context(), account)
@@ -566,6 +647,9 @@ func (h *AccountHandler) BulkUpdate(c *gin.Context) {
 		return
 	}

+	// 确定是否跳过混合渠道检查
+	skipCheck := req.ConfirmMixedChannelRisk != nil && *req.ConfirmMixedChannelRisk
+
 	hasUpdates := req.Name != "" ||
 		req.ProxyID != nil ||
 		req.Concurrency != nil ||
@@ -581,15 +665,16 @@ func (h *AccountHandler) BulkUpdate(c *gin.Context) {
 	}

 	result, err := h.adminService.BulkUpdateAccounts(c.Request.Context(), &service.BulkUpdateAccountsInput{
-		AccountIDs:  req.AccountIDs,
-		Name:        req.Name,
-		ProxyID:     req.ProxyID,
-		Concurrency: req.Concurrency,
-		Priority:    req.Priority,
-		Status:      req.Status,
-		GroupIDs:    req.GroupIDs,
-		Credentials: req.Credentials,
-		Extra:       req.Extra,
+		AccountIDs:            req.AccountIDs,
+		Name:                  req.Name,
+		ProxyID:               req.ProxyID,
+		Concurrency:           req.Concurrency,
+		Priority:              req.Priority,
+		Status:                req.Status,
+		GroupIDs:              req.GroupIDs,
+		Credentials:           req.Credentials,
+		Extra:                 req.Extra,
+		SkipMixedChannelCheck: skipCheck,
 	})
 	if err != nil {
 		response.ErrorFrom(c, err)
@@ -779,6 +864,49 @@ func (h *AccountHandler) ClearRateLimit(c *gin.Context) {
 	response.Success(c, gin.H{"message": "Rate limit cleared successfully"})
 }

+// GetTempUnschedulable handles getting temporary unschedulable status
+// GET /api/v1/admin/accounts/:id/temp-unschedulable
+func (h *AccountHandler) GetTempUnschedulable(c *gin.Context) {
+	accountID, err := strconv.ParseInt(c.Param("id"), 10, 64)
+	if err != nil {
+		response.BadRequest(c, "Invalid account ID")
+		return
+	}
+
+	state, err := h.rateLimitService.GetTempUnschedStatus(c.Request.Context(), accountID)
+	if err != nil {
+		response.ErrorFrom(c, err)
+		return
+	}
+
+	if state == nil || state.UntilUnix <= time.Now().Unix() {
+		response.Success(c, gin.H{"active": false})
+		return
+	}
+
+	response.Success(c, gin.H{
+		"active": true,
+		"state":  state,
+	})
+}
+
+// ClearTempUnschedulable handles clearing temporary unschedulable status
+// DELETE /api/v1/admin/accounts/:id/temp-unschedulable
+func (h *AccountHandler) ClearTempUnschedulable(c *gin.Context) {
+	accountID, err := strconv.ParseInt(c.Param("id"), 10, 64)
+	if err != nil {
+		response.BadRequest(c, "Invalid account ID")
+		return
+	}
+
+	if err := h.rateLimitService.ClearTempUnschedulable(c.Request.Context(), accountID); err != nil {
+		response.ErrorFrom(c, err)
+		return
+	}
+
+	response.Success(c, gin.H{"message": "Temp unschedulable cleared successfully"})
+}
+
 // GetTodayStats handles getting account today statistics
 // GET /api/v1/admin/accounts/:id/today-stats
 func (h *AccountHandler) GetTodayStats(c *gin.Context) {
@@ -989,3 +1117,164 @@ func (h *AccountHandler) GetAvailableModels(c *gin.Context) {

 	response.Success(c, models)
 }
+
+// RefreshTier handles refreshing Google One tier for a single account
+// POST /api/v1/admin/accounts/:id/refresh-tier
+func (h *AccountHandler) RefreshTier(c *gin.Context) {
+	accountID, err := strconv.ParseInt(c.Param("id"), 10, 64)
+	if err != nil {
+		response.BadRequest(c, "Invalid account ID")
+		return
+	}
+
+	ctx := c.Request.Context()
+	account, err := h.adminService.GetAccount(ctx, accountID)
+	if err != nil {
+		response.NotFound(c, "Account not found")
+		return
+	}
+
+	if account.Platform != service.PlatformGemini || account.Type != service.AccountTypeOAuth {
+		response.BadRequest(c, "Only Gemini OAuth accounts support tier refresh")
+		return
+	}
+
+	oauthType, _ := account.Credentials["oauth_type"].(string)
+	if oauthType != "google_one" {
+		response.BadRequest(c, "Only google_one OAuth accounts support tier refresh")
+		return
+	}
+
+	tierID, extra, creds, err := h.geminiOAuthService.RefreshAccountGoogleOneTier(ctx, account)
+	if err != nil {
+		response.ErrorFrom(c, err)
+		return
+	}
+
+	_, updateErr := h.adminService.UpdateAccount(ctx, accountID, &service.UpdateAccountInput{
+		Credentials: creds,
+		Extra:       extra,
+	})
+	if updateErr != nil {
+		response.ErrorFrom(c, updateErr)
+		return
+	}
+
+	response.Success(c, gin.H{
+		"tier_id":             tierID,
+		"storage_info":        extra,
+		"drive_storage_limit": extra["drive_storage_limit"],
+		"drive_storage_usage": extra["drive_storage_usage"],
+		"updated_at":          extra["drive_tier_updated_at"],
+	})
+}
+
+// BatchRefreshTierRequest represents batch tier refresh request
+type BatchRefreshTierRequest struct {
+	AccountIDs []int64 `json:"account_ids"`
+}
+
+// BatchRefreshTier handles batch refreshing Google One tier
+// POST /api/v1/admin/accounts/batch-refresh-tier
+func (h *AccountHandler) BatchRefreshTier(c *gin.Context) {
+	var req BatchRefreshTierRequest
+	if err := c.ShouldBindJSON(&req); err != nil {
+		req = BatchRefreshTierRequest{}
+	}
+
+	ctx := c.Request.Context()
+	accounts := make([]*service.Account, 0)
+
+	if len(req.AccountIDs) == 0 {
+		allAccounts, _, err := h.adminService.ListAccounts(ctx, 1, 10000, "gemini", "oauth", "", "")
+		if err != nil {
+			response.ErrorFrom(c, err)
+			return
+		}
+		for i := range allAccounts {
+			acc := &allAccounts[i]
+			oauthType, _ := acc.Credentials["oauth_type"].(string)
+			if oauthType == "google_one" {
+				accounts = append(accounts, acc)
+			}
+		}
+	} else {
+		fetched, err := h.adminService.GetAccountsByIDs(ctx, req.AccountIDs)
+		if err != nil {
+			response.ErrorFrom(c, err)
+			return
+		}
+
+		for _, acc := range fetched {
+			if acc == nil {
+				continue
+			}
+			if acc.Platform != service.PlatformGemini || acc.Type != service.AccountTypeOAuth {
+				continue
+			}
+			oauthType, _ := acc.Credentials["oauth_type"].(string)
+			if oauthType != "google_one" {
+				continue
+			}
+			accounts = append(accounts, acc)
+		}
+	}
+
+	const maxConcurrency = 10
+	g, gctx := errgroup.WithContext(ctx)
+	g.SetLimit(maxConcurrency)
+
+	var mu sync.Mutex
+	var successCount, failedCount int
+	var errors []gin.H
+
+	for _, account := range accounts {
+		acc := account // 闭包捕获
+		g.Go(func() error {
+			_, extra, creds, err := h.geminiOAuthService.RefreshAccountGoogleOneTier(gctx, acc)
+			if err != nil {
+				mu.Lock()
+				failedCount++
+				errors = append(errors, gin.H{
+					"account_id": acc.ID,
+					"error":      err.Error(),
+				})
+				mu.Unlock()
+				return nil
+			}
+
+			_, updateErr := h.adminService.UpdateAccount(gctx, acc.ID, &service.UpdateAccountInput{
+				Credentials: creds,
+				Extra:       extra,
+			})
+
+			mu.Lock()
+			if updateErr != nil {
+				failedCount++
+				errors = append(errors, gin.H{
+					"account_id": acc.ID,
+					"error":      updateErr.Error(),
+				})
+			} else {
+				successCount++
+			}
+			mu.Unlock()
+
+			return nil
+		})
+	}
+
+	if err := g.Wait(); err != nil {
+		response.ErrorFrom(c, err)
+		return
+	}
+
+	results := gin.H{
+		"total":   len(accounts),
+		"success": successCount,
+		"failed":  failedCount,
+		"errors":  errors,
+	}
+
+	response.Success(c, results)
+}
--- a/backend/internal/handler/admin/dashboard_handler.go
+++ b/backend/internal/handler/admin/dashboard_handler.go
@@ -26,31 +26,33 @@ func NewDashboardHandler(dashboardService *service.DashboardService) *DashboardH
 }

 // parseTimeRange parses start_date, end_date query parameters
+// Uses user's timezone if provided, otherwise falls back to server timezone
 func parseTimeRange(c *gin.Context) (time.Time, time.Time) {
-	now := timezone.Now()
+	userTZ := c.Query("timezone") // Get user's timezone from request
+	now := timezone.NowInUserLocation(userTZ)
 	startDate := c.Query("start_date")
 	endDate := c.Query("end_date")

 	var startTime, endTime time.Time

 	if startDate != "" {
-		if t, err := timezone.ParseInLocation("2006-01-02", startDate); err == nil {
+		if t, err := timezone.ParseInUserLocation("2006-01-02", startDate, userTZ); err == nil {
 			startTime = t
 		} else {
-			startTime = timezone.StartOfDay(now.AddDate(0, 0, -7))
+			startTime = timezone.StartOfDayInUserLocation(now.AddDate(0, 0, -7), userTZ)
 		}
 	} else {
-		startTime = timezone.StartOfDay(now.AddDate(0, 0, -7))
+		startTime = timezone.StartOfDayInUserLocation(now.AddDate(0, 0, -7), userTZ)
 	}

 	if endDate != "" {
-		if t, err := timezone.ParseInLocation("2006-01-02", endDate); err == nil {
+		if t, err := timezone.ParseInUserLocation("2006-01-02", endDate, userTZ); err == nil {
 			endTime = t.Add(24 * time.Hour) // Include the end date
 		} else {
-			endTime = timezone.StartOfDay(now.AddDate(0, 0, 1))
+			endTime = timezone.StartOfDayInUserLocation(now.AddDate(0, 0, 1), userTZ)
 		}
 	} else {
-		endTime = timezone.StartOfDay(now.AddDate(0, 0, 1))
+		endTime = timezone.StartOfDayInUserLocation(now.AddDate(0, 0, 1), userTZ)
 	}

 	return startTime, endTime
@@ -75,8 +77,8 @@ func (h *DashboardHandler) GetStats(c *gin.Context) {
 		"active_users":    stats.ActiveUsers,

 		// API Key 统计
-		"total_api_keys":  stats.TotalApiKeys,
-		"active_api_keys": stats.ActiveApiKeys,
+		"total_api_keys":  stats.TotalAPIKeys,
+		"active_api_keys": stats.ActiveAPIKeys,

 		// 账户统计
 		"total_accounts":     stats.TotalAccounts,
@@ -193,10 +195,10 @@ func (h *DashboardHandler) GetModelStats(c *gin.Context) {
 	})
 }

-// GetApiKeyUsageTrend handles getting API key usage trend data
+// GetAPIKeyUsageTrend handles getting API key usage trend data
 // GET /api/v1/admin/dashboard/api-keys-trend
 // Query params: start_date, end_date (YYYY-MM-DD), granularity (day/hour), limit (default 5)
-func (h *DashboardHandler) GetApiKeyUsageTrend(c *gin.Context) {
+func (h *DashboardHandler) GetAPIKeyUsageTrend(c *gin.Context) {
 	startTime, endTime := parseTimeRange(c)
 	granularity := c.DefaultQuery("granularity", "day")
 	limitStr := c.DefaultQuery("limit", "5")
@@ -205,7 +207,7 @@ func (h *DashboardHandler) GetApiKeyUsageTrend(c *gin.Context) {
 		limit = 5
 	}

-	trend, err := h.dashboardService.GetApiKeyUsageTrend(c.Request.Context(), startTime, endTime, granularity, limit)
+	trend, err := h.dashboardService.GetAPIKeyUsageTrend(c.Request.Context(), startTime, endTime, granularity, limit)
 	if err != nil {
 		response.Error(c, 500, "Failed to get API key usage trend")
 		return
@@ -273,26 +275,26 @@ func (h *DashboardHandler) GetBatchUsersUsage(c *gin.Context) {
 	response.Success(c, gin.H{"stats": stats})
 }

-// BatchApiKeysUsageRequest represents the request body for batch api key usage stats
-type BatchApiKeysUsageRequest struct {
-	ApiKeyIDs []int64 `json:"api_key_ids" binding:"required"`
+// BatchAPIKeysUsageRequest represents the request body for batch api key usage stats
+type BatchAPIKeysUsageRequest struct {
+	APIKeyIDs []int64 `json:"api_key_ids" binding:"required"`
 }

-// GetBatchApiKeysUsage handles getting usage stats for multiple API keys
+// GetBatchAPIKeysUsage handles getting usage stats for multiple API keys
 // POST /api/v1/admin/dashboard/api-keys-usage
-func (h *DashboardHandler) GetBatchApiKeysUsage(c *gin.Context) {
-	var req BatchApiKeysUsageRequest
+func (h *DashboardHandler) GetBatchAPIKeysUsage(c *gin.Context) {
+	var req BatchAPIKeysUsageRequest
 	if err := c.ShouldBindJSON(&req); err != nil {
 		response.BadRequest(c, "Invalid request: "+err.Error())
 		return
 	}

-	if len(req.ApiKeyIDs) == 0 {
+	if len(req.APIKeyIDs) == 0 {
 		response.Success(c, gin.H{"stats": map[string]any{}})
 		return
 	}

-	stats, err := h.dashboardService.GetBatchApiKeyUsageStats(c.Request.Context(), req.ApiKeyIDs)
+	stats, err := h.dashboardService.GetBatchAPIKeyUsageStats(c.Request.Context(), req.APIKeyIDs)
 	if err != nil {
 		response.Error(c, 500, "Failed to get API key usage stats")
 		return
--- a/backend/internal/handler/admin/gemini_oauth_handler.go
+++ b/backend/internal/handler/admin/gemini_oauth_handler.go
@@ -18,6 +18,7 @@ func NewGeminiOAuthHandler(geminiOAuthService *service.GeminiOAuthService) *Gemi
 	return &GeminiOAuthHandler{geminiOAuthService: geminiOAuthService}
 }

+// GetCapabilities returns the Gemini OAuth configuration capabilities.
 // GET /api/v1/admin/gemini/oauth/capabilities
 func (h *GeminiOAuthHandler) GetCapabilities(c *gin.Context) {
 	cfg := h.geminiOAuthService.GetOAuthConfig()
@@ -30,6 +31,8 @@ type GeminiGenerateAuthURLRequest struct {
 	// OAuth 类型: "code_assist" (需要 project_id) 或 "ai_studio" (不需要 project_id)
 	// 默认为 "code_assist" 以保持向后兼容
 	OAuthType string `json:"oauth_type"`
+	// TierID is a user-selected tier to be used when auto detection is unavailable or fails.
+	TierID string `json:"tier_id"`
 }

 // GenerateAuthURL generates Google OAuth authorization URL for Gemini.
@@ -46,15 +49,15 @@ func (h *GeminiOAuthHandler) GenerateAuthURL(c *gin.Context) {
 	if oauthType == "" {
 		oauthType = "code_assist"
 	}
-	if oauthType != "code_assist" && oauthType != "ai_studio" {
-		response.BadRequest(c, "Invalid oauth_type: must be 'code_assist' or 'ai_studio'")
+	if oauthType != "code_assist" && oauthType != "google_one" && oauthType != "ai_studio" {
+		response.BadRequest(c, "Invalid oauth_type: must be 'code_assist', 'google_one', or 'ai_studio'")
 		return
 	}

 	// Always pass the "hosted" callback URI; the OAuth service may override it depending on
 	// oauth_type and whether the built-in Gemini CLI OAuth client is used.
 	redirectURI := deriveGeminiRedirectURI(c)
-	result, err := h.geminiOAuthService.GenerateAuthURL(c.Request.Context(), req.ProxyID, redirectURI, req.ProjectID, oauthType)
+	result, err := h.geminiOAuthService.GenerateAuthURL(c.Request.Context(), req.ProxyID, redirectURI, req.ProjectID, oauthType, req.TierID)
 	if err != nil {
 		msg := err.Error()
 		// Treat missing/invalid OAuth client configuration as a user/config error.
@@ -76,6 +79,9 @@ type GeminiExchangeCodeRequest struct {
 	ProxyID   *int64 `json:"proxy_id"`
 	// OAuth 类型: "code_assist" 或 "ai_studio"，需要与 GenerateAuthURL 时的类型一致
 	OAuthType string `json:"oauth_type"`
+	// TierID is a user-selected tier to be used when auto detection is unavailable or fails.
+	// This field is optional; when omitted, the server uses the tier stored in the OAuth session.
+	TierID string `json:"tier_id"`
 }

 // ExchangeCode exchanges authorization code for tokens.
@@ -92,8 +98,8 @@ func (h *GeminiOAuthHandler) ExchangeCode(c *gin.Context) {
 	if oauthType == "" {
 		oauthType = "code_assist"
 	}
-	if oauthType != "code_assist" && oauthType != "ai_studio" {
-		response.BadRequest(c, "Invalid oauth_type: must be 'code_assist' or 'ai_studio'")
+	if oauthType != "code_assist" && oauthType != "google_one" && oauthType != "ai_studio" {
+		response.BadRequest(c, "Invalid oauth_type: must be 'code_assist', 'google_one', or 'ai_studio'")
 		return
 	}

@@ -103,6 +109,7 @@ func (h *GeminiOAuthHandler) ExchangeCode(c *gin.Context) {
 		Code:      req.Code,
 		ProxyID:   req.ProxyID,
 		OAuthType: oauthType,
+		TierID:    req.TierID,
 	})
 	if err != nil {
 		response.BadRequest(c, "Failed to exchange code: "+err.Error())
--- a/backend/internal/handler/admin/group_handler.go
+++ b/backend/internal/handler/admin/group_handler.go
@@ -33,6 +33,10 @@ type CreateGroupRequest struct {
 	DailyLimitUSD    *float64 `json:"daily_limit_usd"`
 	WeeklyLimitUSD   *float64 `json:"weekly_limit_usd"`
 	MonthlyLimitUSD  *float64 `json:"monthly_limit_usd"`
+	// 图片生成计费配置（antigravity 和 gemini 平台使用，负数表示清除配置）
+	ImagePrice1K *float64 `json:"image_price_1k"`
+	ImagePrice2K *float64 `json:"image_price_2k"`
+	ImagePrice4K *float64 `json:"image_price_4k"`
 }

 // UpdateGroupRequest represents update group request
@@ -47,6 +51,10 @@ type UpdateGroupRequest struct {
 	DailyLimitUSD    *float64 `json:"daily_limit_usd"`
 	WeeklyLimitUSD   *float64 `json:"weekly_limit_usd"`
 	MonthlyLimitUSD  *float64 `json:"monthly_limit_usd"`
+	// 图片生成计费配置（antigravity 和 gemini 平台使用，负数表示清除配置）
+	ImagePrice1K *float64 `json:"image_price_1k"`
+	ImagePrice2K *float64 `json:"image_price_2k"`
+	ImagePrice4K *float64 `json:"image_price_4k"`
 }

 // List handles listing all groups with pagination
@@ -139,6 +147,9 @@ func (h *GroupHandler) Create(c *gin.Context) {
 		DailyLimitUSD:    req.DailyLimitUSD,
 		WeeklyLimitUSD:   req.WeeklyLimitUSD,
 		MonthlyLimitUSD:  req.MonthlyLimitUSD,
+		ImagePrice1K:     req.ImagePrice1K,
+		ImagePrice2K:     req.ImagePrice2K,
+		ImagePrice4K:     req.ImagePrice4K,
 	})
 	if err != nil {
 		response.ErrorFrom(c, err)
@@ -174,6 +185,9 @@ func (h *GroupHandler) Update(c *gin.Context) {
 		DailyLimitUSD:    req.DailyLimitUSD,
 		WeeklyLimitUSD:   req.WeeklyLimitUSD,
 		MonthlyLimitUSD:  req.MonthlyLimitUSD,
+		ImagePrice1K:     req.ImagePrice1K,
+		ImagePrice2K:     req.ImagePrice2K,
+		ImagePrice4K:     req.ImagePrice4K,
 	})
 	if err != nil {
 		response.ErrorFrom(c, err)
@@ -237,9 +251,9 @@ func (h *GroupHandler) GetGroupAPIKeys(c *gin.Context) {
 		return
 	}

-	outKeys := make([]dto.ApiKey, 0, len(keys))
+	outKeys := make([]dto.APIKey, 0, len(keys))
 	for i := range keys {
-		outKeys = append(outKeys, *dto.ApiKeyFromService(&keys[i]))
+		outKeys = append(outKeys, *dto.APIKeyFromService(&keys[i]))
 	}
 	response.Paginated(c, outKeys, total, page, pageSize)
 }
--- a/backend/internal/handler/admin/proxy_handler.go
+++ b/backend/internal/handler/admin/proxy_handler.go
@@ -26,7 +26,7 @@ func NewProxyHandler(adminService service.AdminService) *ProxyHandler {
 // CreateProxyRequest represents create proxy request
 type CreateProxyRequest struct {
 	Name     string `json:"name" binding:"required"`
-	Protocol string `json:"protocol" binding:"required,oneof=http https socks5"`
+	Protocol string `json:"protocol" binding:"required,oneof=http https socks5 socks5h"`
 	Host     string `json:"host" binding:"required"`
 	Port     int    `json:"port" binding:"required,min=1,max=65535"`
 	Username string `json:"username"`
@@ -36,7 +36,7 @@ type CreateProxyRequest struct {
 // UpdateProxyRequest represents update proxy request
 type UpdateProxyRequest struct {
 	Name     string `json:"name"`
-	Protocol string `json:"protocol" binding:"omitempty,oneof=http https socks5"`
+	Protocol string `json:"protocol" binding:"omitempty,oneof=http https socks5 socks5h"`
 	Host     string `json:"host"`
 	Port     int    `json:"port" binding:"omitempty,min=1,max=65535"`
 	Username string `json:"username"`
@@ -255,7 +255,7 @@ func (h *ProxyHandler) GetProxyAccounts(c *gin.Context) {

 // BatchCreateProxyItem represents a single proxy in batch create request
 type BatchCreateProxyItem struct {
-	Protocol string `json:"protocol" binding:"required,oneof=http https socks5"`
+	Protocol string `json:"protocol" binding:"required,oneof=http https socks5 socks5h"`
 	Host     string `json:"host" binding:"required"`
 	Port     int    `json:"port" binding:"required,min=1,max=65535"`
 	Username string `json:"username"`
--- a/backend/internal/handler/admin/setting_handler.go
+++ b/backend/internal/handler/admin/setting_handler.go
@@ -1,8 +1,12 @@
 package admin

 import (
+	"log"
+	"time"
+
 	"github.com/Wei-Shaw/sub2api/internal/handler/dto"
 	"github.com/Wei-Shaw/sub2api/internal/pkg/response"
+	"github.com/Wei-Shaw/sub2api/internal/server/middleware"
 	"github.com/Wei-Shaw/sub2api/internal/service"

 	"github.com/gin-gonic/gin"
@@ -34,26 +38,33 @@ func (h *SettingHandler) GetSettings(c *gin.Context) {
 	}

 	response.Success(c, dto.SystemSettings{
-		RegistrationEnabled: settings.RegistrationEnabled,
-		EmailVerifyEnabled:  settings.EmailVerifyEnabled,
-		SmtpHost:            settings.SmtpHost,
-		SmtpPort:            settings.SmtpPort,
-		SmtpUsername:        settings.SmtpUsername,
-		SmtpPassword:        settings.SmtpPassword,
-		SmtpFrom:            settings.SmtpFrom,
-		SmtpFromName:        settings.SmtpFromName,
-		SmtpUseTLS:          settings.SmtpUseTLS,
-		TurnstileEnabled:    settings.TurnstileEnabled,
-		TurnstileSiteKey:    settings.TurnstileSiteKey,
-		TurnstileSecretKey:  settings.TurnstileSecretKey,
-		SiteName:            settings.SiteName,
-		SiteLogo:            settings.SiteLogo,
-		SiteSubtitle:        settings.SiteSubtitle,
-		ApiBaseUrl:          settings.ApiBaseUrl,
-		ContactInfo:         settings.ContactInfo,
-		DocUrl:              settings.DocUrl,
-		DefaultConcurrency:  settings.DefaultConcurrency,
-		DefaultBalance:      settings.DefaultBalance,
+		RegistrationEnabled:          settings.RegistrationEnabled,
+		EmailVerifyEnabled:           settings.EmailVerifyEnabled,
+		SMTPHost:                     settings.SMTPHost,
+		SMTPPort:                     settings.SMTPPort,
+		SMTPUsername:                 settings.SMTPUsername,
+		SMTPPasswordConfigured:       settings.SMTPPasswordConfigured,
+		SMTPFrom:                     settings.SMTPFrom,
+		SMTPFromName:                 settings.SMTPFromName,
+		SMTPUseTLS:                   settings.SMTPUseTLS,
+		TurnstileEnabled:             settings.TurnstileEnabled,
+		TurnstileSiteKey:             settings.TurnstileSiteKey,
+		TurnstileSecretKeyConfigured: settings.TurnstileSecretKeyConfigured,
+		SiteName:                     settings.SiteName,
+		SiteLogo:                     settings.SiteLogo,
+		SiteSubtitle:                 settings.SiteSubtitle,
+		APIBaseURL:                   settings.APIBaseURL,
+		ContactInfo:                  settings.ContactInfo,
+		DocURL:                       settings.DocURL,
+		DefaultConcurrency:           settings.DefaultConcurrency,
+		DefaultBalance:               settings.DefaultBalance,
+		EnableModelFallback:          settings.EnableModelFallback,
+		FallbackModelAnthropic:       settings.FallbackModelAnthropic,
+		FallbackModelOpenAI:          settings.FallbackModelOpenAI,
+		FallbackModelGemini:          settings.FallbackModelGemini,
+		FallbackModelAntigravity:     settings.FallbackModelAntigravity,
+		EnableIdentityPatch:          settings.EnableIdentityPatch,
+		IdentityPatchPrompt:          settings.IdentityPatchPrompt,
 	})
 }

@@ -64,13 +75,13 @@ type UpdateSettingsRequest struct {
 	EmailVerifyEnabled  bool `json:"email_verify_enabled"`

 	// 邮件服务设置
-	SmtpHost     string `json:"smtp_host"`
-	SmtpPort     int    `json:"smtp_port"`
-	SmtpUsername string `json:"smtp_username"`
-	SmtpPassword string `json:"smtp_password"`
-	SmtpFrom     string `json:"smtp_from_email"`
-	SmtpFromName string `json:"smtp_from_name"`
-	SmtpUseTLS   bool   `json:"smtp_use_tls"`
+	SMTPHost     string `json:"smtp_host"`
+	SMTPPort     int    `json:"smtp_port"`
+	SMTPUsername string `json:"smtp_username"`
+	SMTPPassword string `json:"smtp_password"`
+	SMTPFrom     string `json:"smtp_from_email"`
+	SMTPFromName string `json:"smtp_from_name"`
+	SMTPUseTLS   bool   `json:"smtp_use_tls"`

 	// Cloudflare Turnstile 设置
 	TurnstileEnabled   bool   `json:"turnstile_enabled"`
@@ -81,13 +92,24 @@ type UpdateSettingsRequest struct {
 	SiteName     string `json:"site_name"`
 	SiteLogo     string `json:"site_logo"`
 	SiteSubtitle string `json:"site_subtitle"`
-	ApiBaseUrl   string `json:"api_base_url"`
+	APIBaseURL   string `json:"api_base_url"`
 	ContactInfo  string `json:"contact_info"`
-	DocUrl       string `json:"doc_url"`
+	DocURL       string `json:"doc_url"`

 	// 默认配置
 	DefaultConcurrency int     `json:"default_concurrency"`
 	DefaultBalance     float64 `json:"default_balance"`
+
+	// Model fallback configuration
+	EnableModelFallback      bool   `json:"enable_model_fallback"`
+	FallbackModelAnthropic   string `json:"fallback_model_anthropic"`
+	FallbackModelOpenAI      string `json:"fallback_model_openai"`
+	FallbackModelGemini      string `json:"fallback_model_gemini"`
+	FallbackModelAntigravity string `json:"fallback_model_antigravity"`
+
+	// Identity patch configuration (Claude -> Gemini)
+	EnableIdentityPatch bool   `json:"enable_identity_patch"`
+	IdentityPatchPrompt string `json:"identity_patch_prompt"`
 }

 // UpdateSettings 更新系统设置
@@ -99,6 +121,12 @@ func (h *SettingHandler) UpdateSettings(c *gin.Context) {
 		return
 	}

+	previousSettings, err := h.settingService.GetAllSettings(c.Request.Context())
+	if err != nil {
+		response.ErrorFrom(c, err)
+		return
+	}
+
 	// 验证参数
 	if req.DefaultConcurrency < 1 {
 		req.DefaultConcurrency = 1
@@ -106,8 +134,8 @@ func (h *SettingHandler) UpdateSettings(c *gin.Context) {
 	if req.DefaultBalance < 0 {
 		req.DefaultBalance = 0
 	}
-	if req.SmtpPort <= 0 {
-		req.SmtpPort = 587
+	if req.SMTPPort <= 0 {
+		req.SMTPPort = 587
 	}

 	// Turnstile 参数验证
@@ -117,21 +145,18 @@ func (h *SettingHandler) UpdateSettings(c *gin.Context) {
 			response.BadRequest(c, "Turnstile Site Key is required when enabled")
 			return
 		}
+		// 如果未提供 secret key，使用已保存的值（留空保留当前值）
 		if req.TurnstileSecretKey == "" {
-			response.BadRequest(c, "Turnstile Secret Key is required when enabled")
-			return
-		}
-
-		// 获取当前设置，检查参数是否有变化
-		currentSettings, err := h.settingService.GetAllSettings(c.Request.Context())
-		if err != nil {
-			response.ErrorFrom(c, err)
-			return
+			if previousSettings.TurnstileSecretKey == "" {
+				response.BadRequest(c, "Turnstile Secret Key is required when enabled")
+				return
+			}
+			req.TurnstileSecretKey = previousSettings.TurnstileSecretKey
 		}

 		// 当 site_key 或 secret_key 任一变化时验证（避免配置错误导致无法登录）
-		siteKeyChanged := currentSettings.TurnstileSiteKey != req.TurnstileSiteKey
-		secretKeyChanged := currentSettings.TurnstileSecretKey != req.TurnstileSecretKey
+		siteKeyChanged := previousSettings.TurnstileSiteKey != req.TurnstileSiteKey
+		secretKeyChanged := previousSettings.TurnstileSecretKey != req.TurnstileSecretKey
 		if siteKeyChanged || secretKeyChanged {
 			if err := h.turnstileService.ValidateSecretKey(c.Request.Context(), req.TurnstileSecretKey); err != nil {
 				response.ErrorFrom(c, err)
@@ -141,26 +166,33 @@ func (h *SettingHandler) UpdateSettings(c *gin.Context) {
 	}

 	settings := &service.SystemSettings{
-		RegistrationEnabled: req.RegistrationEnabled,
-		EmailVerifyEnabled:  req.EmailVerifyEnabled,
-		SmtpHost:            req.SmtpHost,
-		SmtpPort:            req.SmtpPort,
-		SmtpUsername:        req.SmtpUsername,
-		SmtpPassword:        req.SmtpPassword,
-		SmtpFrom:            req.SmtpFrom,
-		SmtpFromName:        req.SmtpFromName,
-		SmtpUseTLS:          req.SmtpUseTLS,
-		TurnstileEnabled:    req.TurnstileEnabled,
-		TurnstileSiteKey:    req.TurnstileSiteKey,
-		TurnstileSecretKey:  req.TurnstileSecretKey,
-		SiteName:            req.SiteName,
-		SiteLogo:            req.SiteLogo,
-		SiteSubtitle:        req.SiteSubtitle,
-		ApiBaseUrl:          req.ApiBaseUrl,
-		ContactInfo:         req.ContactInfo,
-		DocUrl:              req.DocUrl,
-		DefaultConcurrency:  req.DefaultConcurrency,
-		DefaultBalance:      req.DefaultBalance,
+		RegistrationEnabled:      req.RegistrationEnabled,
+		EmailVerifyEnabled:       req.EmailVerifyEnabled,
+		SMTPHost:                 req.SMTPHost,
+		SMTPPort:                 req.SMTPPort,
+		SMTPUsername:             req.SMTPUsername,
+		SMTPPassword:             req.SMTPPassword,
+		SMTPFrom:                 req.SMTPFrom,
+		SMTPFromName:             req.SMTPFromName,
+		SMTPUseTLS:               req.SMTPUseTLS,
+		TurnstileEnabled:         req.TurnstileEnabled,
+		TurnstileSiteKey:         req.TurnstileSiteKey,
+		TurnstileSecretKey:       req.TurnstileSecretKey,
+		SiteName:                 req.SiteName,
+		SiteLogo:                 req.SiteLogo,
+		SiteSubtitle:             req.SiteSubtitle,
+		APIBaseURL:               req.APIBaseURL,
+		ContactInfo:              req.ContactInfo,
+		DocURL:                   req.DocURL,
+		DefaultConcurrency:       req.DefaultConcurrency,
+		DefaultBalance:           req.DefaultBalance,
+		EnableModelFallback:      req.EnableModelFallback,
+		FallbackModelAnthropic:   req.FallbackModelAnthropic,
+		FallbackModelOpenAI:      req.FallbackModelOpenAI,
+		FallbackModelGemini:      req.FallbackModelGemini,
+		FallbackModelAntigravity: req.FallbackModelAntigravity,
+		EnableIdentityPatch:      req.EnableIdentityPatch,
+		IdentityPatchPrompt:      req.IdentityPatchPrompt,
 	}

 	if err := h.settingService.UpdateSettings(c.Request.Context(), settings); err != nil {
@@ -168,6 +200,8 @@ func (h *SettingHandler) UpdateSettings(c *gin.Context) {
 		return
 	}

+	h.auditSettingsUpdate(c, previousSettings, settings, req)
+
 	// 重新获取设置返回
 	updatedSettings, err := h.settingService.GetAllSettings(c.Request.Context())
 	if err != nil {
@@ -176,69 +210,176 @@ func (h *SettingHandler) UpdateSettings(c *gin.Context) {
 	}

 	response.Success(c, dto.SystemSettings{
-		RegistrationEnabled: updatedSettings.RegistrationEnabled,
-		EmailVerifyEnabled:  updatedSettings.EmailVerifyEnabled,
-		SmtpHost:            updatedSettings.SmtpHost,
-		SmtpPort:            updatedSettings.SmtpPort,
-		SmtpUsername:        updatedSettings.SmtpUsername,
-		SmtpPassword:        updatedSettings.SmtpPassword,
-		SmtpFrom:            updatedSettings.SmtpFrom,
-		SmtpFromName:        updatedSettings.SmtpFromName,
-		SmtpUseTLS:          updatedSettings.SmtpUseTLS,
-		TurnstileEnabled:    updatedSettings.TurnstileEnabled,
-		TurnstileSiteKey:    updatedSettings.TurnstileSiteKey,
-		TurnstileSecretKey:  updatedSettings.TurnstileSecretKey,
-		SiteName:            updatedSettings.SiteName,
-		SiteLogo:            updatedSettings.SiteLogo,
-		SiteSubtitle:        updatedSettings.SiteSubtitle,
-		ApiBaseUrl:          updatedSettings.ApiBaseUrl,
-		ContactInfo:         updatedSettings.ContactInfo,
-		DocUrl:              updatedSettings.DocUrl,
-		DefaultConcurrency:  updatedSettings.DefaultConcurrency,
-		DefaultBalance:      updatedSettings.DefaultBalance,
+		RegistrationEnabled:          updatedSettings.RegistrationEnabled,
+		EmailVerifyEnabled:           updatedSettings.EmailVerifyEnabled,
+		SMTPHost:                     updatedSettings.SMTPHost,
+		SMTPPort:                     updatedSettings.SMTPPort,
+		SMTPUsername:                 updatedSettings.SMTPUsername,
+		SMTPPasswordConfigured:       updatedSettings.SMTPPasswordConfigured,
+		SMTPFrom:                     updatedSettings.SMTPFrom,
+		SMTPFromName:                 updatedSettings.SMTPFromName,
+		SMTPUseTLS:                   updatedSettings.SMTPUseTLS,
+		TurnstileEnabled:             updatedSettings.TurnstileEnabled,
+		TurnstileSiteKey:             updatedSettings.TurnstileSiteKey,
+		TurnstileSecretKeyConfigured: updatedSettings.TurnstileSecretKeyConfigured,
+		SiteName:                     updatedSettings.SiteName,
+		SiteLogo:                     updatedSettings.SiteLogo,
+		SiteSubtitle:                 updatedSettings.SiteSubtitle,
+		APIBaseURL:                   updatedSettings.APIBaseURL,
+		ContactInfo:                  updatedSettings.ContactInfo,
+		DocURL:                       updatedSettings.DocURL,
+		DefaultConcurrency:           updatedSettings.DefaultConcurrency,
+		DefaultBalance:               updatedSettings.DefaultBalance,
+		EnableModelFallback:          updatedSettings.EnableModelFallback,
+		FallbackModelAnthropic:       updatedSettings.FallbackModelAnthropic,
+		FallbackModelOpenAI:          updatedSettings.FallbackModelOpenAI,
+		FallbackModelGemini:          updatedSettings.FallbackModelGemini,
+		FallbackModelAntigravity:     updatedSettings.FallbackModelAntigravity,
+		EnableIdentityPatch:          updatedSettings.EnableIdentityPatch,
+		IdentityPatchPrompt:          updatedSettings.IdentityPatchPrompt,
 	})
 }

-// TestSmtpRequest 测试SMTP连接请求
-type TestSmtpRequest struct {
-	SmtpHost     string `json:"smtp_host" binding:"required"`
-	SmtpPort     int    `json:"smtp_port"`
-	SmtpUsername string `json:"smtp_username"`
-	SmtpPassword string `json:"smtp_password"`
-	SmtpUseTLS   bool   `json:"smtp_use_tls"`
+func (h *SettingHandler) auditSettingsUpdate(c *gin.Context, before *service.SystemSettings, after *service.SystemSettings, req UpdateSettingsRequest) {
+	if before == nil || after == nil {
+		return
+	}
+
+	changed := diffSettings(before, after, req)
+	if len(changed) == 0 {
+		return
+	}
+
+	subject, _ := middleware.GetAuthSubjectFromContext(c)
+	role, _ := middleware.GetUserRoleFromContext(c)
+	log.Printf("AUDIT: settings updated at=%s user_id=%d role=%s changed=%v",
+		time.Now().UTC().Format(time.RFC3339),
+		subject.UserID,
+		role,
+		changed,
+	)
 }

-// TestSmtpConnection 测试SMTP连接
+func diffSettings(before *service.SystemSettings, after *service.SystemSettings, req UpdateSettingsRequest) []string {
+	changed := make([]string, 0, 20)
+	if before.RegistrationEnabled != after.RegistrationEnabled {
+		changed = append(changed, "registration_enabled")
+	}
+	if before.EmailVerifyEnabled != after.EmailVerifyEnabled {
+		changed = append(changed, "email_verify_enabled")
+	}
+	if before.SMTPHost != after.SMTPHost {
+		changed = append(changed, "smtp_host")
+	}
+	if before.SMTPPort != after.SMTPPort {
+		changed = append(changed, "smtp_port")
+	}
+	if before.SMTPUsername != after.SMTPUsername {
+		changed = append(changed, "smtp_username")
+	}
+	if req.SMTPPassword != "" {
+		changed = append(changed, "smtp_password")
+	}
+	if before.SMTPFrom != after.SMTPFrom {
+		changed = append(changed, "smtp_from_email")
+	}
+	if before.SMTPFromName != after.SMTPFromName {
+		changed = append(changed, "smtp_from_name")
+	}
+	if before.SMTPUseTLS != after.SMTPUseTLS {
+		changed = append(changed, "smtp_use_tls")
+	}
+	if before.TurnstileEnabled != after.TurnstileEnabled {
+		changed = append(changed, "turnstile_enabled")
+	}
+	if before.TurnstileSiteKey != after.TurnstileSiteKey {
+		changed = append(changed, "turnstile_site_key")
+	}
+	if req.TurnstileSecretKey != "" {
+		changed = append(changed, "turnstile_secret_key")
+	}
+	if before.SiteName != after.SiteName {
+		changed = append(changed, "site_name")
+	}
+	if before.SiteLogo != after.SiteLogo {
+		changed = append(changed, "site_logo")
+	}
+	if before.SiteSubtitle != after.SiteSubtitle {
+		changed = append(changed, "site_subtitle")
+	}
+	if before.APIBaseURL != after.APIBaseURL {
+		changed = append(changed, "api_base_url")
+	}
+	if before.ContactInfo != after.ContactInfo {
+		changed = append(changed, "contact_info")
+	}
+	if before.DocURL != after.DocURL {
+		changed = append(changed, "doc_url")
+	}
+	if before.DefaultConcurrency != after.DefaultConcurrency {
+		changed = append(changed, "default_concurrency")
+	}
+	if before.DefaultBalance != after.DefaultBalance {
+		changed = append(changed, "default_balance")
+	}
+	if before.EnableModelFallback != after.EnableModelFallback {
+		changed = append(changed, "enable_model_fallback")
+	}
+	if before.FallbackModelAnthropic != after.FallbackModelAnthropic {
+		changed = append(changed, "fallback_model_anthropic")
+	}
+	if before.FallbackModelOpenAI != after.FallbackModelOpenAI {
+		changed = append(changed, "fallback_model_openai")
+	}
+	if before.FallbackModelGemini != after.FallbackModelGemini {
+		changed = append(changed, "fallback_model_gemini")
+	}
+	if before.FallbackModelAntigravity != after.FallbackModelAntigravity {
+		changed = append(changed, "fallback_model_antigravity")
+	}
+	return changed
+}
+
+// TestSMTPRequest 测试SMTP连接请求
+type TestSMTPRequest struct {
+	SMTPHost     string `json:"smtp_host" binding:"required"`
+	SMTPPort     int    `json:"smtp_port"`
+	SMTPUsername string `json:"smtp_username"`
+	SMTPPassword string `json:"smtp_password"`
+	SMTPUseTLS   bool   `json:"smtp_use_tls"`
+}
+
+// TestSMTPConnection 测试SMTP连接
 // POST /api/v1/admin/settings/test-smtp
-func (h *SettingHandler) TestSmtpConnection(c *gin.Context) {
-	var req TestSmtpRequest
+func (h *SettingHandler) TestSMTPConnection(c *gin.Context) {
+	var req TestSMTPRequest
 	if err := c.ShouldBindJSON(&req); err != nil {
 		response.BadRequest(c, "Invalid request: "+err.Error())
 		return
 	}

-	if req.SmtpPort <= 0 {
-		req.SmtpPort = 587
+	if req.SMTPPort <= 0 {
+		req.SMTPPort = 587
 	}

 	// 如果未提供密码，从数据库获取已保存的密码
-	password := req.SmtpPassword
+	password := req.SMTPPassword
 	if password == "" {
-		savedConfig, err := h.emailService.GetSmtpConfig(c.Request.Context())
+		savedConfig, err := h.emailService.GetSMTPConfig(c.Request.Context())
 		if err == nil && savedConfig != nil {
 			password = savedConfig.Password
 		}
 	}

-	config := &service.SmtpConfig{
-		Host:     req.SmtpHost,
-		Port:     req.SmtpPort,
-		Username: req.SmtpUsername,
+	config := &service.SMTPConfig{
+		Host:     req.SMTPHost,
+		Port:     req.SMTPPort,
+		Username: req.SMTPUsername,
 		Password: password,
-		UseTLS:   req.SmtpUseTLS,
+		UseTLS:   req.SMTPUseTLS,
 	}

-	err := h.emailService.TestSmtpConnectionWithConfig(config)
+	err := h.emailService.TestSMTPConnectionWithConfig(config)
 	if err != nil {
 		response.ErrorFrom(c, err)
 		return
@@ -250,13 +391,13 @@ func (h *SettingHandler) TestSmtpConnection(c *gin.Context) {
 // SendTestEmailRequest 发送测试邮件请求
 type SendTestEmailRequest struct {
 	Email        string `json:"email" binding:"required,email"`
-	SmtpHost     string `json:"smtp_host" binding:"required"`
-	SmtpPort     int    `json:"smtp_port"`
-	SmtpUsername string `json:"smtp_username"`
-	SmtpPassword string `json:"smtp_password"`
-	SmtpFrom     string `json:"smtp_from_email"`
-	SmtpFromName string `json:"smtp_from_name"`
-	SmtpUseTLS   bool   `json:"smtp_use_tls"`
+	SMTPHost     string `json:"smtp_host" binding:"required"`
+	SMTPPort     int    `json:"smtp_port"`
+	SMTPUsername string `json:"smtp_username"`
+	SMTPPassword string `json:"smtp_password"`
+	SMTPFrom     string `json:"smtp_from_email"`
+	SMTPFromName string `json:"smtp_from_name"`
+	SMTPUseTLS   bool   `json:"smtp_use_tls"`
 }

 // SendTestEmail 发送测试邮件
@@ -268,27 +409,27 @@ func (h *SettingHandler) SendTestEmail(c *gin.Context) {
 		return
 	}

-	if req.SmtpPort <= 0 {
-		req.SmtpPort = 587
+	if req.SMTPPort <= 0 {
+		req.SMTPPort = 587
 	}

 	// 如果未提供密码，从数据库获取已保存的密码
-	password := req.SmtpPassword
+	password := req.SMTPPassword
 	if password == "" {
-		savedConfig, err := h.emailService.GetSmtpConfig(c.Request.Context())
+		savedConfig, err := h.emailService.GetSMTPConfig(c.Request.Context())
 		if err == nil && savedConfig != nil {
 			password = savedConfig.Password
 		}
 	}

-	config := &service.SmtpConfig{
-		Host:     req.SmtpHost,
-		Port:     req.SmtpPort,
-		Username: req.SmtpUsername,
+	config := &service.SMTPConfig{
+		Host:     req.SMTPHost,
+		Port:     req.SMTPPort,
+		Username: req.SMTPUsername,
 		Password: password,
-		From:     req.SmtpFrom,
-		FromName: req.SmtpFromName,
-		UseTLS:   req.SmtpUseTLS,
+		From:     req.SMTPFrom,
+		FromName: req.SMTPFromName,
+		UseTLS:   req.SMTPUseTLS,
 	}

 	siteName := h.settingService.GetSiteName(c.Request.Context())
@@ -333,10 +474,10 @@ func (h *SettingHandler) SendTestEmail(c *gin.Context) {
 	response.Success(c, gin.H{"message": "Test email sent successfully"})
 }

-// GetAdminApiKey 获取管理员 API Key 状态
+// GetAdminAPIKey 获取管理员 API Key 状态
 // GET /api/v1/admin/settings/admin-api-key
-func (h *SettingHandler) GetAdminApiKey(c *gin.Context) {
-	maskedKey, exists, err := h.settingService.GetAdminApiKeyStatus(c.Request.Context())
+func (h *SettingHandler) GetAdminAPIKey(c *gin.Context) {
+	maskedKey, exists, err := h.settingService.GetAdminAPIKeyStatus(c.Request.Context())
 	if err != nil {
 		response.ErrorFrom(c, err)
 		return
@@ -348,10 +489,10 @@ func (h *SettingHandler) GetAdminApiKey(c *gin.Context) {
 	})
 }

-// RegenerateAdminApiKey 生成/重新生成管理员 API Key
+// RegenerateAdminAPIKey 生成/重新生成管理员 API Key
 // POST /api/v1/admin/settings/admin-api-key/regenerate
-func (h *SettingHandler) RegenerateAdminApiKey(c *gin.Context) {
-	key, err := h.settingService.GenerateAdminApiKey(c.Request.Context())
+func (h *SettingHandler) RegenerateAdminAPIKey(c *gin.Context) {
+	key, err := h.settingService.GenerateAdminAPIKey(c.Request.Context())
 	if err != nil {
 		response.ErrorFrom(c, err)
 		return
@@ -362,10 +503,10 @@ func (h *SettingHandler) RegenerateAdminApiKey(c *gin.Context) {
 	})
 }

-// DeleteAdminApiKey 删除管理员 API Key
+// DeleteAdminAPIKey 删除管理员 API Key
 // DELETE /api/v1/admin/settings/admin-api-key
-func (h *SettingHandler) DeleteAdminApiKey(c *gin.Context) {
-	if err := h.settingService.DeleteAdminApiKey(c.Request.Context()); err != nil {
+func (h *SettingHandler) DeleteAdminAPIKey(c *gin.Context) {
+	if err := h.settingService.DeleteAdminAPIKey(c.Request.Context()); err != nil {
 		response.ErrorFrom(c, err)
 		return
 	}
--- a/backend/internal/handler/admin/usage_handler.go
+++ b/backend/internal/handler/admin/usage_handler.go
@@ -17,14 +17,14 @@ import (
 // UsageHandler handles admin usage-related requests
 type UsageHandler struct {
 	usageService  *service.UsageService
-	apiKeyService *service.ApiKeyService
+	apiKeyService *service.APIKeyService
 	adminService  service.AdminService
 }

 // NewUsageHandler creates a new admin usage handler
 func NewUsageHandler(
 	usageService *service.UsageService,
-	apiKeyService *service.ApiKeyService,
+	apiKeyService *service.APIKeyService,
 	adminService service.AdminService,
 ) *UsageHandler {
 	return &UsageHandler{
@@ -102,8 +102,9 @@ func (h *UsageHandler) List(c *gin.Context) {

 	// Parse date range
 	var startTime, endTime *time.Time
+	userTZ := c.Query("timezone") // Get user's timezone from request
 	if startDateStr := c.Query("start_date"); startDateStr != "" {
-		t, err := timezone.ParseInLocation("2006-01-02", startDateStr)
+		t, err := timezone.ParseInUserLocation("2006-01-02", startDateStr, userTZ)
 		if err != nil {
 			response.BadRequest(c, "Invalid start_date format, use YYYY-MM-DD")
 			return
@@ -112,7 +113,7 @@ func (h *UsageHandler) List(c *gin.Context) {
 	}

 	if endDateStr := c.Query("end_date"); endDateStr != "" {
-		t, err := timezone.ParseInLocation("2006-01-02", endDateStr)
+		t, err := timezone.ParseInUserLocation("2006-01-02", endDateStr, userTZ)
 		if err != nil {
 			response.BadRequest(c, "Invalid end_date format, use YYYY-MM-DD")
 			return
@@ -125,7 +126,7 @@ func (h *UsageHandler) List(c *gin.Context) {
 	params := pagination.PaginationParams{Page: page, PageSize: pageSize}
 	filters := usagestats.UsageLogFilters{
 		UserID:      userID,
-		ApiKeyID:    apiKeyID,
+		APIKeyID:    apiKeyID,
 		AccountID:   accountID,
 		GroupID:     groupID,
 		Model:       model,
@@ -143,7 +144,7 @@ func (h *UsageHandler) List(c *gin.Context) {

 	out := make([]dto.UsageLog, 0, len(records))
 	for i := range records {
-		out = append(out, *dto.UsageLogFromService(&records[i]))
+		out = append(out, *dto.UsageLogFromServiceAdmin(&records[i]))
 	}
 	response.Paginated(c, out, result.Total, page, pageSize)
 }
@@ -151,8 +152,8 @@ func (h *UsageHandler) List(c *gin.Context) {
 // Stats handles getting usage statistics with filters
 // GET /api/v1/admin/usage/stats
 func (h *UsageHandler) Stats(c *gin.Context) {
-	// Parse filters
-	var userID, apiKeyID int64
+	// Parse filters - same as List endpoint
+	var userID, apiKeyID, accountID, groupID int64
 	if userIDStr := c.Query("user_id"); userIDStr != "" {
 		id, err := strconv.ParseInt(userIDStr, 10, 64)
 		if err != nil {
@@ -171,8 +172,50 @@ func (h *UsageHandler) Stats(c *gin.Context) {
 		apiKeyID = id
 	}

+	if accountIDStr := c.Query("account_id"); accountIDStr != "" {
+		id, err := strconv.ParseInt(accountIDStr, 10, 64)
+		if err != nil {
+			response.BadRequest(c, "Invalid account_id")
+			return
+		}
+		accountID = id
+	}
+
+	if groupIDStr := c.Query("group_id"); groupIDStr != "" {
+		id, err := strconv.ParseInt(groupIDStr, 10, 64)
+		if err != nil {
+			response.BadRequest(c, "Invalid group_id")
+			return
+		}
+		groupID = id
+	}
+
+	model := c.Query("model")
+
+	var stream *bool
+	if streamStr := c.Query("stream"); streamStr != "" {
+		val, err := strconv.ParseBool(streamStr)
+		if err != nil {
+			response.BadRequest(c, "Invalid stream value, use true or false")
+			return
+		}
+		stream = &val
+	}
+
+	var billingType *int8
+	if billingTypeStr := c.Query("billing_type"); billingTypeStr != "" {
+		val, err := strconv.ParseInt(billingTypeStr, 10, 8)
+		if err != nil {
+			response.BadRequest(c, "Invalid billing_type")
+			return
+		}
+		bt := int8(val)
+		billingType = &bt
+	}
+
 	// Parse date range
-	now := timezone.Now()
+	userTZ := c.Query("timezone")
+	now := timezone.NowInUserLocation(userTZ)
 	var startTime, endTime time.Time

 	startDateStr := c.Query("start_date")
@@ -180,12 +223,12 @@ func (h *UsageHandler) Stats(c *gin.Context) {

 	if startDateStr != "" && endDateStr != "" {
 		var err error
-		startTime, err = timezone.ParseInLocation("2006-01-02", startDateStr)
+		startTime, err = timezone.ParseInUserLocation("2006-01-02", startDateStr, userTZ)
 		if err != nil {
 			response.BadRequest(c, "Invalid start_date format, use YYYY-MM-DD")
 			return
 		}
-		endTime, err = timezone.ParseInLocation("2006-01-02", endDateStr)
+		endTime, err = timezone.ParseInUserLocation("2006-01-02", endDateStr, userTZ)
 		if err != nil {
 			response.BadRequest(c, "Invalid end_date format, use YYYY-MM-DD")
 			return
@@ -195,39 +238,31 @@ func (h *UsageHandler) Stats(c *gin.Context) {
 		period := c.DefaultQuery("period", "today")
 		switch period {
 		case "today":
-			startTime = timezone.StartOfDay(now)
+			startTime = timezone.StartOfDayInUserLocation(now, userTZ)
 		case "week":
 			startTime = now.AddDate(0, 0, -7)
 		case "month":
 			startTime = now.AddDate(0, -1, 0)
 		default:
-			startTime = timezone.StartOfDay(now)
+			startTime = timezone.StartOfDayInUserLocation(now, userTZ)
 		}
 		endTime = now
 	}

-	if apiKeyID > 0 {
-		stats, err := h.usageService.GetStatsByApiKey(c.Request.Context(), apiKeyID, startTime, endTime)
-		if err != nil {
-			response.ErrorFrom(c, err)
-			return
-		}
-		response.Success(c, stats)
-		return
+	// Build filters and call GetStatsWithFilters
+	filters := usagestats.UsageLogFilters{
+		UserID:      userID,
+		APIKeyID:    apiKeyID,
+		AccountID:   accountID,
+		GroupID:     groupID,
+		Model:       model,
+		Stream:      stream,
+		BillingType: billingType,
+		StartTime:   &startTime,
+		EndTime:     &endTime,
 	}

-	if userID > 0 {
-		stats, err := h.usageService.GetStatsByUser(c.Request.Context(), userID, startTime, endTime)
-		if err != nil {
-			response.ErrorFrom(c, err)
-			return
-		}
-		response.Success(c, stats)
-		return
-	}
-
-	// Get global stats
-	stats, err := h.usageService.GetGlobalStats(c.Request.Context(), startTime, endTime)
+	stats, err := h.usageService.GetStatsWithFilters(c.Request.Context(), filters)
 	if err != nil {
 		response.ErrorFrom(c, err)
 		return
@@ -246,7 +281,7 @@ func (h *UsageHandler) SearchUsers(c *gin.Context) {
 	}

 	// Limit to 30 results
-	users, _, err := h.adminService.ListUsers(c.Request.Context(), 1, 30, "", "", keyword)
+	users, _, err := h.adminService.ListUsers(c.Request.Context(), 1, 30, service.UserListFilters{Search: keyword})
 	if err != nil {
 		response.ErrorFrom(c, err)
 		return
@@ -269,9 +304,9 @@ func (h *UsageHandler) SearchUsers(c *gin.Context) {
 	response.Success(c, result)
 }

-// SearchApiKeys handles searching API keys by user
+// SearchAPIKeys handles searching API keys by user
 // GET /api/v1/admin/usage/search-api-keys
-func (h *UsageHandler) SearchApiKeys(c *gin.Context) {
+func (h *UsageHandler) SearchAPIKeys(c *gin.Context) {
 	userIDStr := c.Query("user_id")
 	keyword := c.Query("q")

@@ -285,22 +320,22 @@ func (h *UsageHandler) SearchApiKeys(c *gin.Context) {
 		userID = id
 	}

-	keys, err := h.apiKeyService.SearchApiKeys(c.Request.Context(), userID, keyword, 30)
+	keys, err := h.apiKeyService.SearchAPIKeys(c.Request.Context(), userID, keyword, 30)
 	if err != nil {
 		response.ErrorFrom(c, err)
 		return
 	}

 	// Return simplified API key list (only id and name)
-	type SimpleApiKey struct {
+	type SimpleAPIKey struct {
 		ID     int64  `json:"id"`
 		Name   string `json:"name"`
 		UserID int64  `json:"user_id"`
 	}

-	result := make([]SimpleApiKey, len(keys))
+	result := make([]SimpleAPIKey, len(keys))
 	for i, k := range keys {
-		result[i] = SimpleApiKey{
+		result[i] = SimpleAPIKey{
 			ID:     k.ID,
 			Name:   k.Name,
 			UserID: k.UserID,
--- a/backend/internal/handler/admin/user_attribute_handler.go
+++ b/backend/internal/handler/admin/user_attribute_handler.go
@@ -0,0 +1,342 @@
+package admin
+
+import (
+	"strconv"
+
+	"github.com/Wei-Shaw/sub2api/internal/pkg/response"
+	"github.com/Wei-Shaw/sub2api/internal/service"
+
+	"github.com/gin-gonic/gin"
+)
+
+// UserAttributeHandler handles user attribute management
+type UserAttributeHandler struct {
+	attrService *service.UserAttributeService
+}
+
+// NewUserAttributeHandler creates a new handler
+func NewUserAttributeHandler(attrService *service.UserAttributeService) *UserAttributeHandler {
+	return &UserAttributeHandler{attrService: attrService}
+}
+
+// --- Request/Response DTOs ---
+
+// CreateAttributeDefinitionRequest represents create attribute definition request
+type CreateAttributeDefinitionRequest struct {
+	Key         string                          `json:"key" binding:"required,min=1,max=100"`
+	Name        string                          `json:"name" binding:"required,min=1,max=255"`
+	Description string                          `json:"description"`
+	Type        string                          `json:"type" binding:"required"`
+	Options     []service.UserAttributeOption   `json:"options"`
+	Required    bool                            `json:"required"`
+	Validation  service.UserAttributeValidation `json:"validation"`
+	Placeholder string                          `json:"placeholder"`
+	Enabled     bool                            `json:"enabled"`
+}
+
+// UpdateAttributeDefinitionRequest represents update attribute definition request
+type UpdateAttributeDefinitionRequest struct {
+	Name        *string                          `json:"name"`
+	Description *string                          `json:"description"`
+	Type        *string                          `json:"type"`
+	Options     *[]service.UserAttributeOption   `json:"options"`
+	Required    *bool                            `json:"required"`
+	Validation  *service.UserAttributeValidation `json:"validation"`
+	Placeholder *string                          `json:"placeholder"`
+	Enabled     *bool                            `json:"enabled"`
+}
+
+// ReorderRequest represents reorder attribute definitions request
+type ReorderRequest struct {
+	IDs []int64 `json:"ids" binding:"required"`
+}
+
+// UpdateUserAttributesRequest represents update user attributes request
+type UpdateUserAttributesRequest struct {
+	Values map[int64]string `json:"values" binding:"required"`
+}
+
+// BatchGetUserAttributesRequest represents batch get user attributes request
+type BatchGetUserAttributesRequest struct {
+	UserIDs []int64 `json:"user_ids" binding:"required"`
+}
+
+// BatchUserAttributesResponse represents batch user attributes response
+type BatchUserAttributesResponse struct {
+	// Map of userID -> map of attributeID -> value
+	Attributes map[int64]map[int64]string `json:"attributes"`
+}
+
+// AttributeDefinitionResponse represents attribute definition response
+type AttributeDefinitionResponse struct {
+	ID           int64                           `json:"id"`
+	Key          string                          `json:"key"`
+	Name         string                          `json:"name"`
+	Description  string                          `json:"description"`
+	Type         string                          `json:"type"`
+	Options      []service.UserAttributeOption   `json:"options"`
+	Required     bool                            `json:"required"`
+	Validation   service.UserAttributeValidation `json:"validation"`
+	Placeholder  string                          `json:"placeholder"`
+	DisplayOrder int                             `json:"display_order"`
+	Enabled      bool                            `json:"enabled"`
+	CreatedAt    string                          `json:"created_at"`
+	UpdatedAt    string                          `json:"updated_at"`
+}
+
+// AttributeValueResponse represents attribute value response
+type AttributeValueResponse struct {
+	ID          int64  `json:"id"`
+	UserID      int64  `json:"user_id"`
+	AttributeID int64  `json:"attribute_id"`
+	Value       string `json:"value"`
+	CreatedAt   string `json:"created_at"`
+	UpdatedAt   string `json:"updated_at"`
+}
+
+// --- Helpers ---
+
+func defToResponse(def *service.UserAttributeDefinition) *AttributeDefinitionResponse {
+	return &AttributeDefinitionResponse{
+		ID:           def.ID,
+		Key:          def.Key,
+		Name:         def.Name,
+		Description:  def.Description,
+		Type:         string(def.Type),
+		Options:      def.Options,
+		Required:     def.Required,
+		Validation:   def.Validation,
+		Placeholder:  def.Placeholder,
+		DisplayOrder: def.DisplayOrder,
+		Enabled:      def.Enabled,
+		CreatedAt:    def.CreatedAt.Format("2006-01-02T15:04:05Z07:00"),
+		UpdatedAt:    def.UpdatedAt.Format("2006-01-02T15:04:05Z07:00"),
+	}
+}
+
+func valueToResponse(val *service.UserAttributeValue) *AttributeValueResponse {
+	return &AttributeValueResponse{
+		ID:          val.ID,
+		UserID:      val.UserID,
+		AttributeID: val.AttributeID,
+		Value:       val.Value,
+		CreatedAt:   val.CreatedAt.Format("2006-01-02T15:04:05Z07:00"),
+		UpdatedAt:   val.UpdatedAt.Format("2006-01-02T15:04:05Z07:00"),
+	}
+}
+
+// --- Handlers ---
+
+// ListDefinitions lists all attribute definitions
+// GET /admin/user-attributes
+func (h *UserAttributeHandler) ListDefinitions(c *gin.Context) {
+	enabledOnly := c.Query("enabled") == "true"
+
+	defs, err := h.attrService.ListDefinitions(c.Request.Context(), enabledOnly)
+	if err != nil {
+		response.ErrorFrom(c, err)
+		return
+	}
+
+	out := make([]*AttributeDefinitionResponse, 0, len(defs))
+	for i := range defs {
+		out = append(out, defToResponse(&defs[i]))
+	}
+
+	response.Success(c, out)
+}
+
+// CreateDefinition creates a new attribute definition
+// POST /admin/user-attributes
+func (h *UserAttributeHandler) CreateDefinition(c *gin.Context) {
+	var req CreateAttributeDefinitionRequest
+	if err := c.ShouldBindJSON(&req); err != nil {
+		response.BadRequest(c, "Invalid request: "+err.Error())
+		return
+	}
+
+	def, err := h.attrService.CreateDefinition(c.Request.Context(), service.CreateAttributeDefinitionInput{
+		Key:         req.Key,
+		Name:        req.Name,
+		Description: req.Description,
+		Type:        service.UserAttributeType(req.Type),
+		Options:     req.Options,
+		Required:    req.Required,
+		Validation:  req.Validation,
+		Placeholder: req.Placeholder,
+		Enabled:     req.Enabled,
+	})
+	if err != nil {
+		response.ErrorFrom(c, err)
+		return
+	}
+
+	response.Success(c, defToResponse(def))
+}
+
+// UpdateDefinition updates an attribute definition
+// PUT /admin/user-attributes/:id
+func (h *UserAttributeHandler) UpdateDefinition(c *gin.Context) {
+	id, err := strconv.ParseInt(c.Param("id"), 10, 64)
+	if err != nil {
+		response.BadRequest(c, "Invalid attribute ID")
+		return
+	}
+
+	var req UpdateAttributeDefinitionRequest
+	if err := c.ShouldBindJSON(&req); err != nil {
+		response.BadRequest(c, "Invalid request: "+err.Error())
+		return
+	}
+
+	input := service.UpdateAttributeDefinitionInput{
+		Name:        req.Name,
+		Description: req.Description,
+		Options:     req.Options,
+		Required:    req.Required,
+		Validation:  req.Validation,
+		Placeholder: req.Placeholder,
+		Enabled:     req.Enabled,
+	}
+	if req.Type != nil {
+		t := service.UserAttributeType(*req.Type)
+		input.Type = &t
+	}
+
+	def, err := h.attrService.UpdateDefinition(c.Request.Context(), id, input)
+	if err != nil {
+		response.ErrorFrom(c, err)
+		return
+	}
+
+	response.Success(c, defToResponse(def))
+}
+
+// DeleteDefinition deletes an attribute definition
+// DELETE /admin/user-attributes/:id
+func (h *UserAttributeHandler) DeleteDefinition(c *gin.Context) {
+	id, err := strconv.ParseInt(c.Param("id"), 10, 64)
+	if err != nil {
+		response.BadRequest(c, "Invalid attribute ID")
+		return
+	}
+
+	if err := h.attrService.DeleteDefinition(c.Request.Context(), id); err != nil {
+		response.ErrorFrom(c, err)
+		return
+	}
+
+	response.Success(c, gin.H{"message": "Attribute definition deleted successfully"})
+}
+
+// ReorderDefinitions reorders attribute definitions
+// PUT /admin/user-attributes/reorder
+func (h *UserAttributeHandler) ReorderDefinitions(c *gin.Context) {
+	var req ReorderRequest
+	if err := c.ShouldBindJSON(&req); err != nil {
+		response.BadRequest(c, "Invalid request: "+err.Error())
+		return
+	}
+
+	// Convert IDs array to orders map (position in array = display_order)
+	orders := make(map[int64]int, len(req.IDs))
+	for i, id := range req.IDs {
+		orders[id] = i
+	}
+
+	if err := h.attrService.ReorderDefinitions(c.Request.Context(), orders); err != nil {
+		response.ErrorFrom(c, err)
+		return
+	}
+
+	response.Success(c, gin.H{"message": "Reorder successful"})
+}
+
+// GetUserAttributes gets a user's attribute values
+// GET /admin/users/:id/attributes
+func (h *UserAttributeHandler) GetUserAttributes(c *gin.Context) {
+	userID, err := strconv.ParseInt(c.Param("id"), 10, 64)
+	if err != nil {
+		response.BadRequest(c, "Invalid user ID")
+		return
+	}
+
+	values, err := h.attrService.GetUserAttributes(c.Request.Context(), userID)
+	if err != nil {
+		response.ErrorFrom(c, err)
+		return
+	}
+
+	out := make([]*AttributeValueResponse, 0, len(values))
+	for i := range values {
+		out = append(out, valueToResponse(&values[i]))
+	}
+
+	response.Success(c, out)
+}
+
+// UpdateUserAttributes updates a user's attribute values
+// PUT /admin/users/:id/attributes
+func (h *UserAttributeHandler) UpdateUserAttributes(c *gin.Context) {
+	userID, err := strconv.ParseInt(c.Param("id"), 10, 64)
+	if err != nil {
+		response.BadRequest(c, "Invalid user ID")
+		return
+	}
+
+	var req UpdateUserAttributesRequest
+	if err := c.ShouldBindJSON(&req); err != nil {
+		response.BadRequest(c, "Invalid request: "+err.Error())
+		return
+	}
+
+	inputs := make([]service.UpdateUserAttributeInput, 0, len(req.Values))
+	for attrID, value := range req.Values {
+		inputs = append(inputs, service.UpdateUserAttributeInput{
+			AttributeID: attrID,
+			Value:       value,
+		})
+	}
+
+	if err := h.attrService.UpdateUserAttributes(c.Request.Context(), userID, inputs); err != nil {
+		response.ErrorFrom(c, err)
+		return
+	}
+
+	// Return updated values
+	values, err := h.attrService.GetUserAttributes(c.Request.Context(), userID)
+	if err != nil {
+		response.ErrorFrom(c, err)
+		return
+	}
+
+	out := make([]*AttributeValueResponse, 0, len(values))
+	for i := range values {
+		out = append(out, valueToResponse(&values[i]))
+	}
+
+	response.Success(c, out)
+}
+
+// GetBatchUserAttributes gets attribute values for multiple users
+// POST /admin/user-attributes/batch
+func (h *UserAttributeHandler) GetBatchUserAttributes(c *gin.Context) {
+	var req BatchGetUserAttributesRequest
+	if err := c.ShouldBindJSON(&req); err != nil {
+		response.BadRequest(c, "Invalid request: "+err.Error())
+		return
+	}
+
+	if len(req.UserIDs) == 0 {
+		response.Success(c, BatchUserAttributesResponse{Attributes: map[int64]map[int64]string{}})
+		return
+	}
+
+	attrs, err := h.attrService.GetBatchUserAttributes(c.Request.Context(), req.UserIDs)
+	if err != nil {
+		response.ErrorFrom(c, err)
+		return
+	}
+
+	response.Success(c, BatchUserAttributesResponse{Attributes: attrs})
+}
--- a/backend/internal/handler/admin/user_handler.go
+++ b/backend/internal/handler/admin/user_handler.go
@@ -27,7 +27,6 @@ type CreateUserRequest struct {
 	Email         string  `json:"email" binding:"required,email"`
 	Password      string  `json:"password" binding:"required,min=6"`
 	Username      string  `json:"username"`
-	Wechat        string  `json:"wechat"`
 	Notes         string  `json:"notes"`
 	Balance       float64 `json:"balance"`
 	Concurrency   int     `json:"concurrency"`
@@ -40,7 +39,6 @@ type UpdateUserRequest struct {
 	Email         string   `json:"email" binding:"omitempty,email"`
 	Password      string   `json:"password" binding:"omitempty,min=6"`
 	Username      *string  `json:"username"`
-	Wechat        *string  `json:"wechat"`
 	Notes         *string  `json:"notes"`
 	Balance       *float64 `json:"balance"`
 	Concurrency   *int     `json:"concurrency"`
@@ -57,13 +55,22 @@ type UpdateBalanceRequest struct {

 // List handles listing all users with pagination
 // GET /api/v1/admin/users
+// Query params:
+//   - status: filter by user status
+//   - role: filter by user role
+//   - search: search in email, username
+//   - attr[{id}]: filter by custom attribute value, e.g. attr[1]=company
 func (h *UserHandler) List(c *gin.Context) {
 	page, pageSize := response.ParsePagination(c)
-	status := c.Query("status")
-	role := c.Query("role")
-	search := c.Query("search")

-	users, total, err := h.adminService.ListUsers(c.Request.Context(), page, pageSize, status, role, search)
+	filters := service.UserListFilters{
+		Status:     c.Query("status"),
+		Role:       c.Query("role"),
+		Search:     c.Query("search"),
+		Attributes: parseAttributeFilters(c),
+	}
+
+	users, total, err := h.adminService.ListUsers(c.Request.Context(), page, pageSize, filters)
 	if err != nil {
 		response.ErrorFrom(c, err)
 		return
@@ -76,6 +83,29 @@ func (h *UserHandler) List(c *gin.Context) {
 	response.Paginated(c, out, total, page, pageSize)
 }

+// parseAttributeFilters extracts attribute filters from query params
+// Format: attr[{attributeID}]=value, e.g. attr[1]=company&attr[2]=developer
+func parseAttributeFilters(c *gin.Context) map[int64]string {
+	result := make(map[int64]string)
+
+	// Get all query params and look for attr[*] pattern
+	for key, values := range c.Request.URL.Query() {
+		if len(values) == 0 || values[0] == "" {
+			continue
+		}
+		// Check if key matches pattern attr[{id}]
+		if len(key) > 5 && key[:5] == "attr[" && key[len(key)-1] == ']' {
+			idStr := key[5 : len(key)-1]
+			id, err := strconv.ParseInt(idStr, 10, 64)
+			if err == nil && id > 0 {
+				result[id] = values[0]
+			}
+		}
+	}
+
+	return result
+}
+
 // GetByID handles getting a user by ID
 // GET /api/v1/admin/users/:id
 func (h *UserHandler) GetByID(c *gin.Context) {
@@ -107,7 +137,6 @@ func (h *UserHandler) Create(c *gin.Context) {
 		Email:         req.Email,
 		Password:      req.Password,
 		Username:      req.Username,
-		Wechat:        req.Wechat,
 		Notes:         req.Notes,
 		Balance:       req.Balance,
 		Concurrency:   req.Concurrency,
@@ -141,7 +170,6 @@ func (h *UserHandler) Update(c *gin.Context) {
 		Email:         req.Email,
 		Password:      req.Password,
 		Username:      req.Username,
-		Wechat:        req.Wechat,
 		Notes:         req.Notes,
 		Balance:       req.Balance,
 		Concurrency:   req.Concurrency,
@@ -215,9 +243,9 @@ func (h *UserHandler) GetUserAPIKeys(c *gin.Context) {
 		return
 	}

-	out := make([]dto.ApiKey, 0, len(keys))
+	out := make([]dto.APIKey, 0, len(keys))
 	for i := range keys {
-		out = append(out, *dto.ApiKeyFromService(&keys[i]))
+		out = append(out, *dto.APIKeyFromService(&keys[i]))
 	}
 	response.Paginated(c, out, total, page, pageSize)
 }
--- a/backend/internal/handler/api_key_handler.go
+++ b/backend/internal/handler/api_key_handler.go
@@ -1,3 +1,4 @@
+// Package handler provides HTTP request handlers for the application.
 package handler

 import (
@@ -14,11 +15,11 @@ import (

 // APIKeyHandler handles API key-related requests
 type APIKeyHandler struct {
-	apiKeyService *service.ApiKeyService
+	apiKeyService *service.APIKeyService
 }

 // NewAPIKeyHandler creates a new APIKeyHandler
-func NewAPIKeyHandler(apiKeyService *service.ApiKeyService) *APIKeyHandler {
+func NewAPIKeyHandler(apiKeyService *service.APIKeyService) *APIKeyHandler {
 	return &APIKeyHandler{
 		apiKeyService: apiKeyService,
 	}
@@ -56,9 +57,9 @@ func (h *APIKeyHandler) List(c *gin.Context) {
 		return
 	}

-	out := make([]dto.ApiKey, 0, len(keys))
+	out := make([]dto.APIKey, 0, len(keys))
 	for i := range keys {
-		out = append(out, *dto.ApiKeyFromService(&keys[i]))
+		out = append(out, *dto.APIKeyFromService(&keys[i]))
 	}
 	response.Paginated(c, out, result.Total, page, pageSize)
 }
@@ -90,7 +91,7 @@ func (h *APIKeyHandler) GetByID(c *gin.Context) {
 		return
 	}

-	response.Success(c, dto.ApiKeyFromService(key))
+	response.Success(c, dto.APIKeyFromService(key))
 }

 // Create handles creating a new API key
@@ -108,7 +109,7 @@ func (h *APIKeyHandler) Create(c *gin.Context) {
 		return
 	}

-	svcReq := service.CreateApiKeyRequest{
+	svcReq := service.CreateAPIKeyRequest{
 		Name:      req.Name,
 		GroupID:   req.GroupID,
 		CustomKey: req.CustomKey,
@@ -119,7 +120,7 @@ func (h *APIKeyHandler) Create(c *gin.Context) {
 		return
 	}

-	response.Success(c, dto.ApiKeyFromService(key))
+	response.Success(c, dto.APIKeyFromService(key))
 }

 // Update handles updating an API key
@@ -143,7 +144,7 @@ func (h *APIKeyHandler) Update(c *gin.Context) {
 		return
 	}

-	svcReq := service.UpdateApiKeyRequest{}
+	svcReq := service.UpdateAPIKeyRequest{}
 	if req.Name != "" {
 		svcReq.Name = &req.Name
 	}
@@ -158,7 +159,7 @@ func (h *APIKeyHandler) Update(c *gin.Context) {
 		return
 	}

-	response.Success(c, dto.ApiKeyFromService(key))
+	response.Success(c, dto.APIKeyFromService(key))
 }

 // Delete handles deleting an API key
--- a/backend/internal/handler/dto/mappers.go
+++ b/backend/internal/handler/dto/mappers.go
@@ -1,6 +1,11 @@
+// Package dto provides data transfer objects for HTTP handlers.
 package dto

-import "github.com/Wei-Shaw/sub2api/internal/service"
+import (
+	"time"
+
+	"github.com/Wei-Shaw/sub2api/internal/service"
+)

 func UserFromServiceShallow(u *service.User) *User {
 	if u == nil {
@@ -10,7 +15,6 @@ func UserFromServiceShallow(u *service.User) *User {
 		ID:            u.ID,
 		Email:         u.Email,
 		Username:      u.Username,
-		Wechat:        u.Wechat,
 		Notes:         u.Notes,
 		Role:          u.Role,
 		Balance:       u.Balance,
@@ -27,11 +31,11 @@ func UserFromService(u *service.User) *User {
 		return nil
 	}
 	out := UserFromServiceShallow(u)
-	if len(u.ApiKeys) > 0 {
-		out.ApiKeys = make([]ApiKey, 0, len(u.ApiKeys))
-		for i := range u.ApiKeys {
-			k := u.ApiKeys[i]
-			out.ApiKeys = append(out.ApiKeys, *ApiKeyFromService(&k))
+	if len(u.APIKeys) > 0 {
+		out.APIKeys = make([]APIKey, 0, len(u.APIKeys))
+		for i := range u.APIKeys {
+			k := u.APIKeys[i]
+			out.APIKeys = append(out.APIKeys, *APIKeyFromService(&k))
 		}
 	}
 	if len(u.Subscriptions) > 0 {
@@ -44,11 +48,11 @@ func UserFromService(u *service.User) *User {
 	return out
 }

-func ApiKeyFromService(k *service.ApiKey) *ApiKey {
+func APIKeyFromService(k *service.APIKey) *APIKey {
 	if k == nil {
 		return nil
 	}
-	return &ApiKey{
+	return &APIKey{
 		ID:        k.ID,
 		UserID:    k.UserID,
 		Key:       k.Key,
@@ -78,6 +82,9 @@ func GroupFromServiceShallow(g *service.Group) *Group {
 		DailyLimitUSD:    g.DailyLimitUSD,
 		WeeklyLimitUSD:   g.WeeklyLimitUSD,
 		MonthlyLimitUSD:  g.MonthlyLimitUSD,
+		ImagePrice1K:     g.ImagePrice1K,
+		ImagePrice2K:     g.ImagePrice2K,
+		ImagePrice4K:     g.ImagePrice4K,
 		CreatedAt:        g.CreatedAt,
 		UpdatedAt:        g.UpdatedAt,
 		AccountCount:     g.AccountCount,
@@ -104,28 +111,33 @@ func AccountFromServiceShallow(a *service.Account) *Account {
 		return nil
 	}
 	return &Account{
-		ID:                  a.ID,
-		Name:                a.Name,
-		Platform:            a.Platform,
-		Type:                a.Type,
-		Credentials:         a.Credentials,
-		Extra:               a.Extra,
-		ProxyID:             a.ProxyID,
-		Concurrency:         a.Concurrency,
-		Priority:            a.Priority,
-		Status:              a.Status,
-		ErrorMessage:        a.ErrorMessage,
-		LastUsedAt:          a.LastUsedAt,
-		CreatedAt:           a.CreatedAt,
-		UpdatedAt:           a.UpdatedAt,
-		Schedulable:         a.Schedulable,
-		RateLimitedAt:       a.RateLimitedAt,
-		RateLimitResetAt:    a.RateLimitResetAt,
-		OverloadUntil:       a.OverloadUntil,
-		SessionWindowStart:  a.SessionWindowStart,
-		SessionWindowEnd:    a.SessionWindowEnd,
-		SessionWindowStatus: a.SessionWindowStatus,
-		GroupIDs:            a.GroupIDs,
+		ID:                      a.ID,
+		Name:                    a.Name,
+		Notes:                   a.Notes,
+		Platform:                a.Platform,
+		Type:                    a.Type,
+		Credentials:             a.Credentials,
+		Extra:                   a.Extra,
+		ProxyID:                 a.ProxyID,
+		Concurrency:             a.Concurrency,
+		Priority:                a.Priority,
+		Status:                  a.Status,
+		ErrorMessage:            a.ErrorMessage,
+		LastUsedAt:              a.LastUsedAt,
+		ExpiresAt:               timeToUnixSeconds(a.ExpiresAt),
+		AutoPauseOnExpired:      a.AutoPauseOnExpired,
+		CreatedAt:               a.CreatedAt,
+		UpdatedAt:               a.UpdatedAt,
+		Schedulable:             a.Schedulable,
+		RateLimitedAt:           a.RateLimitedAt,
+		RateLimitResetAt:        a.RateLimitResetAt,
+		OverloadUntil:           a.OverloadUntil,
+		TempUnschedulableUntil:  a.TempUnschedulableUntil,
+		TempUnschedulableReason: a.TempUnschedulableReason,
+		SessionWindowStart:      a.SessionWindowStart,
+		SessionWindowEnd:        a.SessionWindowEnd,
+		SessionWindowStatus:     a.SessionWindowStatus,
+		GroupIDs:                a.GroupIDs,
 	}
 }

@@ -151,6 +163,14 @@ func AccountFromService(a *service.Account) *Account {
 	return out
 }

+func timeToUnixSeconds(value *time.Time) *int64 {
+	if value == nil {
+		return nil
+	}
+	ts := value.Unix()
+	return &ts
+}
+
 func AccountGroupFromService(ag *service.AccountGroup) *AccountGroup {
 	if ag == nil {
 		return nil
@@ -214,14 +234,28 @@ func RedeemCodeFromService(rc *service.RedeemCode) *RedeemCode {
 	}
 }

-func UsageLogFromService(l *service.UsageLog) *UsageLog {
+// AccountSummaryFromService returns a minimal AccountSummary for usage log display.
+// Only includes ID and Name - no sensitive fields like Credentials, Proxy, etc.
+func AccountSummaryFromService(a *service.Account) *AccountSummary {
+	if a == nil {
+		return nil
+	}
+	return &AccountSummary{
+		ID:   a.ID,
+		Name: a.Name,
+	}
+}
+
+// usageLogFromServiceBase is a helper that converts service UsageLog to DTO.
+// The account parameter allows caller to control what Account info is included.
+func usageLogFromServiceBase(l *service.UsageLog, account *AccountSummary) *UsageLog {
 	if l == nil {
 		return nil
 	}
 	return &UsageLog{
 		ID:                    l.ID,
 		UserID:                l.UserID,
-		ApiKeyID:              l.ApiKeyID,
+		APIKeyID:              l.APIKeyID,
 		AccountID:             l.AccountID,
 		RequestID:             l.RequestID,
 		Model:                 l.Model,
@@ -244,15 +278,32 @@ func UsageLogFromService(l *service.UsageLog) *UsageLog {
 		Stream:                l.Stream,
 		DurationMs:            l.DurationMs,
 		FirstTokenMs:          l.FirstTokenMs,
+		ImageCount:            l.ImageCount,
+		ImageSize:             l.ImageSize,
 		CreatedAt:             l.CreatedAt,
 		User:                  UserFromServiceShallow(l.User),
-		ApiKey:                ApiKeyFromService(l.ApiKey),
-		Account:               AccountFromService(l.Account),
+		APIKey:                APIKeyFromService(l.APIKey),
+		Account:               account,
 		Group:                 GroupFromServiceShallow(l.Group),
 		Subscription:          UserSubscriptionFromService(l.Subscription),
 	}
 }

+// UsageLogFromService converts a service UsageLog to DTO for regular users.
+// It excludes Account details - users should not see account information.
+func UsageLogFromService(l *service.UsageLog) *UsageLog {
+	return usageLogFromServiceBase(l, nil)
+}
+
+// UsageLogFromServiceAdmin converts a service UsageLog to DTO for admin users.
+// It includes minimal Account info (ID, Name only).
+func UsageLogFromServiceAdmin(l *service.UsageLog) *UsageLog {
+	if l == nil {
+		return nil
+	}
+	return usageLogFromServiceBase(l, AccountSummaryFromService(l.Account))
+}
+
 func SettingFromService(s *service.Setting) *Setting {
 	if s == nil {
 		return nil
--- a/backend/internal/handler/dto/settings.go
+++ b/backend/internal/handler/dto/settings.go
@@ -5,27 +5,38 @@ type SystemSettings struct {
 	RegistrationEnabled bool `json:"registration_enabled"`
 	EmailVerifyEnabled  bool `json:"email_verify_enabled"`

-	SmtpHost     string `json:"smtp_host"`
-	SmtpPort     int    `json:"smtp_port"`
-	SmtpUsername string `json:"smtp_username"`
-	SmtpPassword string `json:"smtp_password,omitempty"`
-	SmtpFrom     string `json:"smtp_from_email"`
-	SmtpFromName string `json:"smtp_from_name"`
-	SmtpUseTLS   bool   `json:"smtp_use_tls"`
+	SMTPHost               string `json:"smtp_host"`
+	SMTPPort               int    `json:"smtp_port"`
+	SMTPUsername           string `json:"smtp_username"`
+	SMTPPasswordConfigured bool   `json:"smtp_password_configured"`
+	SMTPFrom               string `json:"smtp_from_email"`
+	SMTPFromName           string `json:"smtp_from_name"`
+	SMTPUseTLS             bool   `json:"smtp_use_tls"`

-	TurnstileEnabled   bool   `json:"turnstile_enabled"`
-	TurnstileSiteKey   string `json:"turnstile_site_key"`
-	TurnstileSecretKey string `json:"turnstile_secret_key,omitempty"`
+	TurnstileEnabled             bool   `json:"turnstile_enabled"`
+	TurnstileSiteKey             string `json:"turnstile_site_key"`
+	TurnstileSecretKeyConfigured bool   `json:"turnstile_secret_key_configured"`

 	SiteName     string `json:"site_name"`
 	SiteLogo     string `json:"site_logo"`
 	SiteSubtitle string `json:"site_subtitle"`
-	ApiBaseUrl   string `json:"api_base_url"`
+	APIBaseURL   string `json:"api_base_url"`
 	ContactInfo  string `json:"contact_info"`
-	DocUrl       string `json:"doc_url"`
+	DocURL       string `json:"doc_url"`

 	DefaultConcurrency int     `json:"default_concurrency"`
 	DefaultBalance     float64 `json:"default_balance"`
+
+	// Model fallback configuration
+	EnableModelFallback      bool   `json:"enable_model_fallback"`
+	FallbackModelAnthropic   string `json:"fallback_model_anthropic"`
+	FallbackModelOpenAI      string `json:"fallback_model_openai"`
+	FallbackModelGemini      string `json:"fallback_model_gemini"`
+	FallbackModelAntigravity string `json:"fallback_model_antigravity"`
+
+	// Identity patch configuration (Claude -> Gemini)
+	EnableIdentityPatch bool   `json:"enable_identity_patch"`
+	IdentityPatchPrompt string `json:"identity_patch_prompt"`
 }

 type PublicSettings struct {
@@ -36,8 +47,8 @@ type PublicSettings struct {
 	SiteName            string `json:"site_name"`
 	SiteLogo            string `json:"site_logo"`
 	SiteSubtitle        string `json:"site_subtitle"`
-	ApiBaseUrl          string `json:"api_base_url"`
+	APIBaseURL          string `json:"api_base_url"`
 	ContactInfo         string `json:"contact_info"`
-	DocUrl              string `json:"doc_url"`
+	DocURL              string `json:"doc_url"`
 	Version             string `json:"version"`
 }
--- a/backend/internal/handler/dto/types.go
+++ b/backend/internal/handler/dto/types.go
@@ -6,7 +6,6 @@ type User struct {
 	ID            int64     `json:"id"`
 	Email         string    `json:"email"`
 	Username      string    `json:"username"`
-	Wechat        string    `json:"wechat"`
 	Notes         string    `json:"notes"`
 	Role          string    `json:"role"`
 	Balance       float64   `json:"balance"`
@@ -16,11 +15,11 @@ type User struct {
 	CreatedAt     time.Time `json:"created_at"`
 	UpdatedAt     time.Time `json:"updated_at"`

-	ApiKeys       []ApiKey           `json:"api_keys,omitempty"`
+	APIKeys       []APIKey           `json:"api_keys,omitempty"`
 	Subscriptions []UserSubscription `json:"subscriptions,omitempty"`
 }

-type ApiKey struct {
+type APIKey struct {
 	ID        int64     `json:"id"`
 	UserID    int64     `json:"user_id"`
 	Key       string    `json:"key"`
@@ -48,6 +47,11 @@ type Group struct {
 	WeeklyLimitUSD   *float64 `json:"weekly_limit_usd"`
 	MonthlyLimitUSD  *float64 `json:"monthly_limit_usd"`

+	// 图片生成计费配置（仅 antigravity 平台使用）
+	ImagePrice1K *float64 `json:"image_price_1k"`
+	ImagePrice2K *float64 `json:"image_price_2k"`
+	ImagePrice4K *float64 `json:"image_price_4k"`
+
 	CreatedAt time.Time `json:"created_at"`
 	UpdatedAt time.Time `json:"updated_at"`

@@ -56,20 +60,23 @@ type Group struct {
 }

 type Account struct {
-	ID           int64          `json:"id"`
-	Name         string         `json:"name"`
-	Platform     string         `json:"platform"`
-	Type         string         `json:"type"`
-	Credentials  map[string]any `json:"credentials"`
-	Extra        map[string]any `json:"extra"`
-	ProxyID      *int64         `json:"proxy_id"`
-	Concurrency  int            `json:"concurrency"`
-	Priority     int            `json:"priority"`
-	Status       string         `json:"status"`
-	ErrorMessage string         `json:"error_message"`
-	LastUsedAt   *time.Time     `json:"last_used_at"`
-	CreatedAt    time.Time      `json:"created_at"`
-	UpdatedAt    time.Time      `json:"updated_at"`
+	ID                 int64          `json:"id"`
+	Name               string         `json:"name"`
+	Notes              *string        `json:"notes"`
+	Platform           string         `json:"platform"`
+	Type               string         `json:"type"`
+	Credentials        map[string]any `json:"credentials"`
+	Extra              map[string]any `json:"extra"`
+	ProxyID            *int64         `json:"proxy_id"`
+	Concurrency        int            `json:"concurrency"`
+	Priority           int            `json:"priority"`
+	Status             string         `json:"status"`
+	ErrorMessage       string         `json:"error_message"`
+	LastUsedAt         *time.Time     `json:"last_used_at"`
+	ExpiresAt          *int64         `json:"expires_at"`
+	AutoPauseOnExpired bool           `json:"auto_pause_on_expired"`
+	CreatedAt          time.Time      `json:"created_at"`
+	UpdatedAt          time.Time      `json:"updated_at"`

 	Schedulable bool `json:"schedulable"`

@@ -77,6 +84,9 @@ type Account struct {
 	RateLimitResetAt *time.Time `json:"rate_limit_reset_at"`
 	OverloadUntil    *time.Time `json:"overload_until"`

+	TempUnschedulableUntil  *time.Time `json:"temp_unschedulable_until"`
+	TempUnschedulableReason string     `json:"temp_unschedulable_reason"`
+
 	SessionWindowStart  *time.Time `json:"session_window_start"`
 	SessionWindowEnd    *time.Time `json:"session_window_end"`
 	SessionWindowStatus string     `json:"session_window_status"`
@@ -137,7 +147,7 @@ type RedeemCode struct {
 type UsageLog struct {
 	ID        int64  `json:"id"`
 	UserID    int64  `json:"user_id"`
-	ApiKeyID  int64  `json:"api_key_id"`
+	APIKeyID  int64  `json:"api_key_id"`
 	AccountID int64  `json:"account_id"`
 	RequestID string `json:"request_id"`
 	Model     string `json:"model"`
@@ -166,15 +176,26 @@ type UsageLog struct {
 	DurationMs   *int `json:"duration_ms"`
 	FirstTokenMs *int `json:"first_token_ms"`

+	// 图片生成字段
+	ImageCount int     `json:"image_count"`
+	ImageSize  *string `json:"image_size"`
+
 	CreatedAt time.Time `json:"created_at"`

 	User         *User             `json:"user,omitempty"`
-	ApiKey       *ApiKey           `json:"api_key,omitempty"`
-	Account      *Account          `json:"account,omitempty"`
+	APIKey       *APIKey           `json:"api_key,omitempty"`
+	Account      *AccountSummary   `json:"account,omitempty"` // Use minimal AccountSummary to prevent data leakage
 	Group        *Group            `json:"group,omitempty"`
 	Subscription *UserSubscription `json:"subscription,omitempty"`
 }

+// AccountSummary is a minimal account info for usage log display.
+// It intentionally excludes sensitive fields like Credentials, Proxy, etc.
+type AccountSummary struct {
+	ID   int64  `json:"id"`
+	Name string `json:"name"`
+}
+
 type Setting struct {
 	ID        int64     `json:"id"`
 	Key       string    `json:"key"`
--- a/backend/internal/handler/gateway_handler.go
+++ b/backend/internal/handler/gateway_handler.go
@@ -11,7 +11,10 @@ import (
 	"strings"
 	"time"

+	"github.com/Wei-Shaw/sub2api/internal/config"
+	"github.com/Wei-Shaw/sub2api/internal/pkg/antigravity"
 	"github.com/Wei-Shaw/sub2api/internal/pkg/claude"
+	pkgerrors "github.com/Wei-Shaw/sub2api/internal/pkg/errors"
 	"github.com/Wei-Shaw/sub2api/internal/pkg/openai"
 	middleware2 "github.com/Wei-Shaw/sub2api/internal/server/middleware"
 	"github.com/Wei-Shaw/sub2api/internal/service"
@@ -37,14 +40,19 @@ func NewGatewayHandler(
 	userService *service.UserService,
 	concurrencyService *service.ConcurrencyService,
 	billingCacheService *service.BillingCacheService,
+	cfg *config.Config,
 ) *GatewayHandler {
+	pingInterval := time.Duration(0)
+	if cfg != nil {
+		pingInterval = time.Duration(cfg.Concurrency.PingInterval) * time.Second
+	}
 	return &GatewayHandler{
 		gatewayService:            gatewayService,
 		geminiCompatService:       geminiCompatService,
 		antigravityGatewayService: antigravityGatewayService,
 		userService:               userService,
 		billingCacheService:       billingCacheService,
-		concurrencyHelper:         NewConcurrencyHelper(concurrencyService, SSEPingFormatClaude),
+		concurrencyHelper:         NewConcurrencyHelper(concurrencyService, SSEPingFormatClaude, pingInterval),
 	}
 }

@@ -52,7 +60,7 @@ func NewGatewayHandler(
 // POST /v1/messages
 func (h *GatewayHandler) Messages(c *gin.Context) {
 	// 从context获取apiKey和user（ApiKeyAuth中间件已设置）
-	apiKey, ok := middleware2.GetApiKeyFromContext(c)
+	apiKey, ok := middleware2.GetAPIKeyFromContext(c)
 	if !ok {
 		h.errorResponse(c, http.StatusUnauthorized, "authentication_error", "Invalid API key")
 		return
@@ -100,6 +108,9 @@ func (h *GatewayHandler) Messages(c *gin.Context) {
 	// 获取订阅信息（可能为nil）- 提前获取用于后续检查
 	subscription, _ := middleware2.GetSubscriptionFromContext(c)

+	// 获取 User-Agent
+	userAgent := c.Request.UserAgent()
+
 	// 0. 检查wait队列是否已满
 	maxWait := service.CalculateMaxWait(subject.Concurrency)
 	canWait, err := h.concurrencyHelper.IncrementWaitCount(c.Request.Context(), subject.UserID, maxWait)
@@ -120,6 +131,8 @@ func (h *GatewayHandler) Messages(c *gin.Context) {
 		h.handleConcurrencyError(c, err, "user", streamStarted)
 		return
 	}
+	// 在请求结束或 Context 取消时确保释放槽位，避免客户端断开造成泄漏
+	userReleaseFunc = wrapReleaseOnDone(c.Request.Context(), userReleaseFunc)
 	if userReleaseFunc != nil {
 		defer userReleaseFunc()
 	}
@@ -127,7 +140,8 @@ func (h *GatewayHandler) Messages(c *gin.Context) {
 	// 2. 【新增】Wait后二次检查余额/订阅
 	if err := h.billingCacheService.CheckBillingEligibility(c.Request.Context(), apiKey.User, apiKey, apiKey.Group, subscription); err != nil {
 		log.Printf("Billing eligibility check failed after wait: %v", err)
-		h.handleStreamingAwareError(c, http.StatusForbidden, "billing_error", err.Error(), streamStarted)
+		status, code, message := billingErrorDetails(err)
+		h.handleStreamingAwareError(c, status, code, message, streamStarted)
 		return
 	}

@@ -141,6 +155,10 @@ func (h *GatewayHandler) Messages(c *gin.Context) {
 	} else if apiKey.Group != nil {
 		platform = apiKey.Group.Platform
 	}
+	sessionKey := sessionHash
+	if platform == service.PlatformGemini && sessionHash != "" {
+		sessionKey = "gemini:" + sessionHash
+	}

 	if platform == service.PlatformGemini {
 		const maxAccountSwitches = 3
@@ -149,7 +167,7 @@ func (h *GatewayHandler) Messages(c *gin.Context) {
 		lastFailoverStatus := 0

 		for {
-			account, err := h.geminiCompatService.SelectAccountForModelWithExclusions(c.Request.Context(), apiKey.GroupID, sessionHash, reqModel, failedAccountIDs)
+			selection, err := h.gatewayService.SelectAccountWithLoadAwareness(c.Request.Context(), apiKey.GroupID, sessionKey, reqModel, failedAccountIDs)
 			if err != nil {
 				if len(failedAccountIDs) == 0 {
 					h.handleStreamingAwareError(c, http.StatusServiceUnavailable, "api_error", "No available accounts: "+err.Error(), streamStarted)
@@ -158,9 +176,13 @@ func (h *GatewayHandler) Messages(c *gin.Context) {
 				h.handleFailoverExhausted(c, lastFailoverStatus, streamStarted)
 				return
 			}
+			account := selection.Account

 			// 检查预热请求拦截（在账号选择后、转发前检查）
 			if account.IsInterceptWarmupEnabled() && isWarmupRequest(body) {
+				if selection.Acquired && selection.ReleaseFunc != nil {
+					selection.ReleaseFunc()
+				}
 				if reqStream {
 					sendMockWarmupStream(c, reqModel)
 				} else {
@@ -170,12 +192,50 @@ func (h *GatewayHandler) Messages(c *gin.Context) {
 			}

 			// 3. 获取账号并发槽位
-			accountReleaseFunc, err := h.concurrencyHelper.AcquireAccountSlotWithWait(c, account.ID, account.Concurrency, reqStream, &streamStarted)
-			if err != nil {
-				log.Printf("Account concurrency acquire failed: %v", err)
-				h.handleConcurrencyError(c, err, "account", streamStarted)
-				return
+			accountReleaseFunc := selection.ReleaseFunc
+			var accountWaitRelease func()
+			if !selection.Acquired {
+				if selection.WaitPlan == nil {
+					h.handleStreamingAwareError(c, http.StatusServiceUnavailable, "api_error", "No available accounts", streamStarted)
+					return
+				}
+				canWait, err := h.concurrencyHelper.IncrementAccountWaitCount(c.Request.Context(), account.ID, selection.WaitPlan.MaxWaiting)
+				if err != nil {
+					log.Printf("Increment account wait count failed: %v", err)
+				} else if !canWait {
+					log.Printf("Account wait queue full: account=%d", account.ID)
+					h.handleStreamingAwareError(c, http.StatusTooManyRequests, "rate_limit_error", "Too many pending requests, please retry later", streamStarted)
+					return
+				} else {
+					// Only set release function if increment succeeded
+					accountWaitRelease = func() {
+						h.concurrencyHelper.DecrementAccountWaitCount(c.Request.Context(), account.ID)
+					}
+				}
+
+				accountReleaseFunc, err = h.concurrencyHelper.AcquireAccountSlotWithWaitTimeout(
+					c,
+					account.ID,
+					selection.WaitPlan.MaxConcurrency,
+					selection.WaitPlan.Timeout,
+					reqStream,
+					&streamStarted,
+				)
+				if err != nil {
+					if accountWaitRelease != nil {
+						accountWaitRelease()
+					}
+					log.Printf("Account concurrency acquire failed: %v", err)
+					h.handleConcurrencyError(c, err, "account", streamStarted)
+					return
+				}
+				if err := h.gatewayService.BindStickySession(c.Request.Context(), sessionKey, account.ID); err != nil {
+					log.Printf("Bind sticky session failed: %v", err)
+				}
 			}
+			// 账号槽位/等待计数需要在超时或断开时安全回收
+			accountReleaseFunc = wrapReleaseOnDone(c.Request.Context(), accountReleaseFunc)
+			accountWaitRelease = wrapReleaseOnDone(c.Request.Context(), accountWaitRelease)

 			// 转发请求 - 根据账号平台分流
 			var result *service.ForwardResult
@@ -187,6 +247,9 @@ func (h *GatewayHandler) Messages(c *gin.Context) {
 			if accountReleaseFunc != nil {
 				accountReleaseFunc()
 			}
+			if accountWaitRelease != nil {
+				accountWaitRelease()
+			}
 			if err != nil {
 				var failoverErr *service.UpstreamFailoverError
 				if errors.As(err, &failoverErr) {
@@ -207,19 +270,20 @@ func (h *GatewayHandler) Messages(c *gin.Context) {
 			}

 			// 异步记录使用量（subscription已在函数开头获取）
-			go func(result *service.ForwardResult, usedAccount *service.Account) {
+			go func(result *service.ForwardResult, usedAccount *service.Account, ua string) {
 				ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
 				defer cancel()
 				if err := h.gatewayService.RecordUsage(ctx, &service.RecordUsageInput{
 					Result:       result,
-					ApiKey:       apiKey,
+					APIKey:       apiKey,
 					User:         apiKey.User,
 					Account:      usedAccount,
 					Subscription: subscription,
+					UserAgent:    ua,
 				}); err != nil {
 					log.Printf("Record usage failed: %v", err)
 				}
-			}(result, account)
+			}(result, account, userAgent)
 			return
 		}
 	}
@@ -231,7 +295,7 @@ func (h *GatewayHandler) Messages(c *gin.Context) {

 	for {
 		// 选择支持该模型的账号
-		account, err := h.gatewayService.SelectAccountForModelWithExclusions(c.Request.Context(), apiKey.GroupID, sessionHash, reqModel, failedAccountIDs)
+		selection, err := h.gatewayService.SelectAccountWithLoadAwareness(c.Request.Context(), apiKey.GroupID, sessionKey, reqModel, failedAccountIDs)
 		if err != nil {
 			if len(failedAccountIDs) == 0 {
 				h.handleStreamingAwareError(c, http.StatusServiceUnavailable, "api_error", "No available accounts: "+err.Error(), streamStarted)
@@ -240,9 +304,13 @@ func (h *GatewayHandler) Messages(c *gin.Context) {
 			h.handleFailoverExhausted(c, lastFailoverStatus, streamStarted)
 			return
 		}
+		account := selection.Account

 		// 检查预热请求拦截（在账号选择后、转发前检查）
 		if account.IsInterceptWarmupEnabled() && isWarmupRequest(body) {
+			if selection.Acquired && selection.ReleaseFunc != nil {
+				selection.ReleaseFunc()
+			}
 			if reqStream {
 				sendMockWarmupStream(c, reqModel)
 			} else {
@@ -252,12 +320,50 @@ func (h *GatewayHandler) Messages(c *gin.Context) {
 		}

 		// 3. 获取账号并发槽位
-		accountReleaseFunc, err := h.concurrencyHelper.AcquireAccountSlotWithWait(c, account.ID, account.Concurrency, reqStream, &streamStarted)
-		if err != nil {
-			log.Printf("Account concurrency acquire failed: %v", err)
-			h.handleConcurrencyError(c, err, "account", streamStarted)
-			return
+		accountReleaseFunc := selection.ReleaseFunc
+		var accountWaitRelease func()
+		if !selection.Acquired {
+			if selection.WaitPlan == nil {
+				h.handleStreamingAwareError(c, http.StatusServiceUnavailable, "api_error", "No available accounts", streamStarted)
+				return
+			}
+			canWait, err := h.concurrencyHelper.IncrementAccountWaitCount(c.Request.Context(), account.ID, selection.WaitPlan.MaxWaiting)
+			if err != nil {
+				log.Printf("Increment account wait count failed: %v", err)
+			} else if !canWait {
+				log.Printf("Account wait queue full: account=%d", account.ID)
+				h.handleStreamingAwareError(c, http.StatusTooManyRequests, "rate_limit_error", "Too many pending requests, please retry later", streamStarted)
+				return
+			} else {
+				// Only set release function if increment succeeded
+				accountWaitRelease = func() {
+					h.concurrencyHelper.DecrementAccountWaitCount(c.Request.Context(), account.ID)
+				}
+			}
+
+			accountReleaseFunc, err = h.concurrencyHelper.AcquireAccountSlotWithWaitTimeout(
+				c,
+				account.ID,
+				selection.WaitPlan.MaxConcurrency,
+				selection.WaitPlan.Timeout,
+				reqStream,
+				&streamStarted,
+			)
+			if err != nil {
+				if accountWaitRelease != nil {
+					accountWaitRelease()
+				}
+				log.Printf("Account concurrency acquire failed: %v", err)
+				h.handleConcurrencyError(c, err, "account", streamStarted)
+				return
+			}
+			if err := h.gatewayService.BindStickySession(c.Request.Context(), sessionKey, account.ID); err != nil {
+				log.Printf("Bind sticky session failed: %v", err)
+			}
 		}
+		// 账号槽位/等待计数需要在超时或断开时安全回收
+		accountReleaseFunc = wrapReleaseOnDone(c.Request.Context(), accountReleaseFunc)
+		accountWaitRelease = wrapReleaseOnDone(c.Request.Context(), accountWaitRelease)

 		// 转发请求 - 根据账号平台分流
 		var result *service.ForwardResult
@@ -269,6 +375,9 @@ func (h *GatewayHandler) Messages(c *gin.Context) {
 		if accountReleaseFunc != nil {
 			accountReleaseFunc()
 		}
+		if accountWaitRelease != nil {
+			accountWaitRelease()
+		}
 		if err != nil {
 			var failoverErr *service.UpstreamFailoverError
 			if errors.As(err, &failoverErr) {
@@ -284,36 +393,67 @@ func (h *GatewayHandler) Messages(c *gin.Context) {
 				continue
 			}
 			// 错误响应已在Forward中处理，这里只记录日志
-			log.Printf("Forward request failed: %v", err)
+			log.Printf("Account %d: Forward request failed: %v", account.ID, err)
 			return
 		}

 		// 异步记录使用量（subscription已在函数开头获取）
-		go func(result *service.ForwardResult, usedAccount *service.Account) {
+		go func(result *service.ForwardResult, usedAccount *service.Account, ua string) {
 			ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
 			defer cancel()
 			if err := h.gatewayService.RecordUsage(ctx, &service.RecordUsageInput{
 				Result:       result,
-				ApiKey:       apiKey,
+				APIKey:       apiKey,
 				User:         apiKey.User,
 				Account:      usedAccount,
 				Subscription: subscription,
+				UserAgent:    ua,
 			}); err != nil {
 				log.Printf("Record usage failed: %v", err)
 			}
-		}(result, account)
+		}(result, account, userAgent)
 		return
 	}
 }

 // Models handles listing available models
 // GET /v1/models
-// Returns different model lists based on the API key's group platform
+// Returns models based on account configurations (model_mapping whitelist)
+// Falls back to default models if no whitelist is configured
 func (h *GatewayHandler) Models(c *gin.Context) {
-	apiKey, _ := middleware2.GetApiKeyFromContext(c)
+	apiKey, _ := middleware2.GetAPIKeyFromContext(c)

-	// Return OpenAI models for OpenAI platform groups
-	if apiKey != nil && apiKey.Group != nil && apiKey.Group.Platform == "openai" {
+	var groupID *int64
+	var platform string
+
+	if apiKey != nil && apiKey.Group != nil {
+		groupID = &apiKey.Group.ID
+		platform = apiKey.Group.Platform
+	}
+
+	// Get available models from account configurations (without platform filter)
+	availableModels := h.gatewayService.GetAvailableModels(c.Request.Context(), groupID, "")
+
+	if len(availableModels) > 0 {
+		// Build model list from whitelist
+		models := make([]claude.Model, 0, len(availableModels))
+		for _, modelID := range availableModels {
+			models = append(models, claude.Model{
+				ID:          modelID,
+				Type:        "model",
+				DisplayName: modelID,
+				CreatedAt:   "2024-01-01T00:00:00Z",
+			})
+		}
+		c.JSON(http.StatusOK, gin.H{
+			"object": "list",
+			"data":   models,
+		})
+		return
+	}
+
+	// Fallback to default models
+	if platform == "openai" {
 		c.JSON(http.StatusOK, gin.H{
 			"object": "list",
 			"data":   openai.DefaultModels,
@@ -321,17 +461,25 @@ func (h *GatewayHandler) Models(c *gin.Context) {
 		return
 	}

-	// Default: Claude models
 	c.JSON(http.StatusOK, gin.H{
 		"object": "list",
 		"data":   claude.DefaultModels,
 	})
 }

+// AntigravityModels 返回 Antigravity 支持的全部模型
+// GET /antigravity/models
+func (h *GatewayHandler) AntigravityModels(c *gin.Context) {
+	c.JSON(http.StatusOK, gin.H{
+		"object": "list",
+		"data":   antigravity.DefaultModels(),
+	})
+}
+
 // Usage handles getting account balance for CC Switch integration
 // GET /v1/usage
 func (h *GatewayHandler) Usage(c *gin.Context) {
-	apiKey, ok := middleware2.GetApiKeyFromContext(c)
+	apiKey, ok := middleware2.GetAPIKeyFromContext(c)
 	if !ok {
 		h.errorResponse(c, http.StatusUnauthorized, "authentication_error", "Invalid API key")
 		return
@@ -459,8 +607,20 @@ func (h *GatewayHandler) handleStreamingAwareError(c *gin.Context, status int, e
 		// Stream already started, send error as SSE event then close
 		flusher, ok := c.Writer.(http.Flusher)
 		if ok {
-			// Send error event in SSE format
-			errorEvent := fmt.Sprintf(`data: {"type": "error", "error": {"type": "%s", "message": "%s"}}`+"\n\n", errType, message)
+			// Send error event in SSE format with proper JSON marshaling
+			errorData := map[string]any{
+				"type": "error",
+				"error": map[string]string{
+					"type":    errType,
+					"message": message,
+				},
+			}
+			jsonBytes, err := json.Marshal(errorData)
+			if err != nil {
+				_ = c.Error(err)
+				return
+			}
+			errorEvent := fmt.Sprintf("data: %s\n\n", string(jsonBytes))
 			if _, err := fmt.Fprint(c.Writer, errorEvent); err != nil {
 				_ = c.Error(err)
 			}
@@ -489,7 +649,7 @@ func (h *GatewayHandler) errorResponse(c *gin.Context, status int, errType, mess
 // 特点：校验订阅/余额，但不计算并发、不记录使用量
 func (h *GatewayHandler) CountTokens(c *gin.Context) {
 	// 从context获取apiKey和user（ApiKeyAuth中间件已设置）
-	apiKey, ok := middleware2.GetApiKeyFromContext(c)
+	apiKey, ok := middleware2.GetAPIKeyFromContext(c)
 	if !ok {
 		h.errorResponse(c, http.StatusUnauthorized, "authentication_error", "Invalid API key")
 		return
@@ -535,7 +695,8 @@ func (h *GatewayHandler) CountTokens(c *gin.Context) {
 	// 校验 billing eligibility（订阅/余额）
 	// 【注意】不计算并发，但需要校验订阅/余额
 	if err := h.billingCacheService.CheckBillingEligibility(c.Request.Context(), apiKey.User, apiKey, apiKey.Group, subscription); err != nil {
-		h.errorResponse(c, http.StatusForbidden, "billing_error", err.Error())
+		status, code, message := billingErrorDetails(err)
+		h.errorResponse(c, status, code, message)
 		return
 	}

@@ -610,8 +771,27 @@ func sendMockWarmupStream(c *gin.Context, model string) {
 	c.Header("Connection", "keep-alive")
 	c.Header("X-Accel-Buffering", "no")

+	// Build message_start event with proper JSON marshaling
+	messageStart := map[string]any{
+		"type": "message_start",
+		"message": map[string]any{
+			"id":            "msg_mock_warmup",
+			"type":          "message",
+			"role":          "assistant",
+			"model":         model,
+			"content":       []any{},
+			"stop_reason":   nil,
+			"stop_sequence": nil,
+			"usage": map[string]int{
+				"input_tokens":  10,
+				"output_tokens": 0,
+			},
+		},
+	}
+	messageStartJSON, _ := json.Marshal(messageStart)
+
 	events := []string{
-		`event: message_start` + "\n" + `data: {"message":{"content":[],"id":"msg_mock_warmup","model":"` + model + `","role":"assistant","stop_reason":null,"stop_sequence":null,"type":"message","usage":{"input_tokens":10,"output_tokens":0}},"type":"message_start"}`,
+		`event: message_start` + "\n" + `data: ` + string(messageStartJSON),
 		`event: content_block_start` + "\n" + `data: {"content_block":{"text":"","type":"text"},"index":0,"type":"content_block_start"}`,
 		`event: content_block_delta` + "\n" + `data: {"delta":{"text":"New","type":"text_delta"},"index":0,"type":"content_block_delta"}`,
 		`event: content_block_delta` + "\n" + `data: {"delta":{"text":" Conversation","type":"text_delta"},"index":0,"type":"content_block_delta"}`,
@@ -642,3 +822,18 @@ func sendMockWarmupResponse(c *gin.Context, model string) {
 		},
 	})
 }
+
+func billingErrorDetails(err error) (status int, code, message string) {
+	if errors.Is(err, service.ErrBillingServiceUnavailable) {
+		msg := pkgerrors.Message(err)
+		if msg == "" {
+			msg = "Billing service temporarily unavailable. Please retry later."
+		}
+		return http.StatusServiceUnavailable, "billing_service_error", msg
+	}
+	msg := pkgerrors.Message(err)
+	if msg == "" {
+		msg = err.Error()
+	}
+	return http.StatusForbidden, "billing_error", msg
+}
--- a/backend/internal/handler/gateway_helper.go
+++ b/backend/internal/handler/gateway_helper.go
@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"math/rand"
 	"net/http"
+	"sync"
 	"time"

 	"github.com/Wei-Shaw/sub2api/internal/service"
@@ -26,8 +27,8 @@ import (
 const (
 	// maxConcurrencyWait 等待并发槽位的最大时间
 	maxConcurrencyWait = 30 * time.Second
-	// pingInterval 流式响应等待时发送 ping 的间隔
-	pingInterval = 15 * time.Second
+	// defaultPingInterval 流式响应等待时发送 ping 的默认间隔
+	defaultPingInterval = 10 * time.Second
 	// initialBackoff 初始退避时间
 	initialBackoff = 100 * time.Millisecond
 	// backoffMultiplier 退避时间乘数（指数退避）
@@ -44,6 +45,8 @@ const (
 	SSEPingFormatClaude SSEPingFormat = "data: {\"type\": \"ping\"}\n\n"
 	// SSEPingFormatNone indicates no ping should be sent (e.g., OpenAI has no ping spec)
 	SSEPingFormatNone SSEPingFormat = ""
+	// SSEPingFormatComment is an SSE comment ping for OpenAI/Codex CLI clients
+	SSEPingFormatComment SSEPingFormat = ":\n\n"
 )

 // ConcurrencyError represents a concurrency limit error with context
@@ -63,16 +66,52 @@ func (e *ConcurrencyError) Error() string {
 type ConcurrencyHelper struct {
 	concurrencyService *service.ConcurrencyService
 	pingFormat         SSEPingFormat
+	pingInterval       time.Duration
 }

 // NewConcurrencyHelper creates a new ConcurrencyHelper
-func NewConcurrencyHelper(concurrencyService *service.ConcurrencyService, pingFormat SSEPingFormat) *ConcurrencyHelper {
+func NewConcurrencyHelper(concurrencyService *service.ConcurrencyService, pingFormat SSEPingFormat, pingInterval time.Duration) *ConcurrencyHelper {
+	if pingInterval <= 0 {
+		pingInterval = defaultPingInterval
+	}
 	return &ConcurrencyHelper{
 		concurrencyService: concurrencyService,
 		pingFormat:         pingFormat,
+		pingInterval:       pingInterval,
 	}
 }

+// wrapReleaseOnDone ensures release runs at most once and still triggers on context cancellation.
+// 用于避免客户端断开或上游超时导致的并发槽位泄漏。
+// 修复：添加 quit channel 确保 goroutine 及时退出，避免泄露
+func wrapReleaseOnDone(ctx context.Context, releaseFunc func()) func() {
+	if releaseFunc == nil {
+		return nil
+	}
+	var once sync.Once
+	quit := make(chan struct{})
+
+	release := func() {
+		once.Do(func() {
+			releaseFunc()
+			close(quit) // 通知监听 goroutine 退出
+		})
+	}
+
+	go func() {
+		select {
+		case <-ctx.Done():
+			// Context 取消时释放资源
+			release()
+		case <-quit:
+			// 正常释放已完成，goroutine 退出
+			return
+		}
+	}()
+
+	return release
+}
+
 // IncrementWaitCount increments the wait count for a user
 func (h *ConcurrencyHelper) IncrementWaitCount(ctx context.Context, userID int64, maxWait int) (bool, error) {
 	return h.concurrencyService.IncrementWaitCount(ctx, userID, maxWait)
@@ -83,6 +122,16 @@ func (h *ConcurrencyHelper) DecrementWaitCount(ctx context.Context, userID int64
 	h.concurrencyService.DecrementWaitCount(ctx, userID)
 }

+// IncrementAccountWaitCount increments the wait count for an account
+func (h *ConcurrencyHelper) IncrementAccountWaitCount(ctx context.Context, accountID int64, maxWait int) (bool, error) {
+	return h.concurrencyService.IncrementAccountWaitCount(ctx, accountID, maxWait)
+}
+
+// DecrementAccountWaitCount decrements the wait count for an account
+func (h *ConcurrencyHelper) DecrementAccountWaitCount(ctx context.Context, accountID int64) {
+	h.concurrencyService.DecrementAccountWaitCount(ctx, accountID)
+}
+
 // AcquireUserSlotWithWait acquires a user concurrency slot, waiting if necessary.
 // For streaming requests, sends ping events during the wait.
 // streamStarted is updated if streaming response has begun.
@@ -126,9 +175,29 @@ func (h *ConcurrencyHelper) AcquireAccountSlotWithWait(c *gin.Context, accountID
 // waitForSlotWithPing waits for a concurrency slot, sending ping events for streaming requests.
 // streamStarted pointer is updated when streaming begins (for proper error handling by caller).
 func (h *ConcurrencyHelper) waitForSlotWithPing(c *gin.Context, slotType string, id int64, maxConcurrency int, isStream bool, streamStarted *bool) (func(), error) {
-	ctx, cancel := context.WithTimeout(c.Request.Context(), maxConcurrencyWait)
+	return h.waitForSlotWithPingTimeout(c, slotType, id, maxConcurrency, maxConcurrencyWait, isStream, streamStarted)
+}
+
+// waitForSlotWithPingTimeout waits for a concurrency slot with a custom timeout.
+func (h *ConcurrencyHelper) waitForSlotWithPingTimeout(c *gin.Context, slotType string, id int64, maxConcurrency int, timeout time.Duration, isStream bool, streamStarted *bool) (func(), error) {
+	ctx, cancel := context.WithTimeout(c.Request.Context(), timeout)
 	defer cancel()

+	// Try immediate acquire first (avoid unnecessary wait)
+	var result *service.AcquireResult
+	var err error
+	if slotType == "user" {
+		result, err = h.concurrencyService.AcquireUserSlot(ctx, id, maxConcurrency)
+	} else {
+		result, err = h.concurrencyService.AcquireAccountSlot(ctx, id, maxConcurrency)
+	}
+	if err != nil {
+		return nil, err
+	}
+	if result.Acquired {
+		return result.ReleaseFunc, nil
+	}
+
 	// Determine if ping is needed (streaming + ping format defined)
 	needPing := isStream && h.pingFormat != ""

@@ -144,7 +213,7 @@ func (h *ConcurrencyHelper) waitForSlotWithPing(c *gin.Context, slotType string,
 	// Only create ping ticker if ping is needed
 	var pingCh <-chan time.Time
 	if needPing {
-		pingTicker := time.NewTicker(pingInterval)
+		pingTicker := time.NewTicker(h.pingInterval)
 		defer pingTicker.Stop()
 		pingCh = pingTicker.C
 	}
@@ -200,6 +269,11 @@ func (h *ConcurrencyHelper) waitForSlotWithPing(c *gin.Context, slotType string,
 	}
 }

+// AcquireAccountSlotWithWaitTimeout acquires an account slot with a custom timeout (keeps SSE ping).
+func (h *ConcurrencyHelper) AcquireAccountSlotWithWaitTimeout(c *gin.Context, accountID int64, maxConcurrency int, timeout time.Duration, isStream bool, streamStarted *bool) (func(), error) {
+	return h.waitForSlotWithPingTimeout(c, "account", accountID, maxConcurrency, timeout, isStream, streamStarted)
+}
+
 // nextBackoff 计算下一次退避时间
 // 性能优化：使用指数退避 + 随机抖动，避免惊群效应
 // current: 当前退避时间
--- a/backend/internal/handler/gateway_helper_test.go
+++ b/backend/internal/handler/gateway_helper_test.go
@@ -0,0 +1,141 @@
+package handler
+
+import (
+	"context"
+	"runtime"
+	"sync/atomic"
+	"testing"
+	"time"
+)
+
+// TestWrapReleaseOnDone_NoGoroutineLeak 验证 wrapReleaseOnDone 修复后不会泄露 goroutine
+func TestWrapReleaseOnDone_NoGoroutineLeak(t *testing.T) {
+	// 记录测试开始时的 goroutine 数量
+	runtime.GC()
+	time.Sleep(100 * time.Millisecond)
+	initialGoroutines := runtime.NumGoroutine()
+
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+
+	var releaseCount int32
+	release := wrapReleaseOnDone(ctx, func() {
+		atomic.AddInt32(&releaseCount, 1)
+	})
+
+	// 正常释放
+	release()
+
+	// 等待足够时间确保 goroutine 退出
+	time.Sleep(200 * time.Millisecond)
+
+	// 验证只释放一次
+	if count := atomic.LoadInt32(&releaseCount); count != 1 {
+		t.Errorf("expected release count to be 1, got %d", count)
+	}
+
+	// 强制 GC，清理已退出的 goroutine
+	runtime.GC()
+	time.Sleep(100 * time.Millisecond)
+
+	// 验证 goroutine 数量没有增加（允许±2的误差，考虑到测试框架本身可能创建的 goroutine）
+	finalGoroutines := runtime.NumGoroutine()
+	if finalGoroutines > initialGoroutines+2 {
+		t.Errorf("goroutine leak detected: initial=%d, final=%d, leaked=%d",
+			initialGoroutines, finalGoroutines, finalGoroutines-initialGoroutines)
+	}
+}
+
+// TestWrapReleaseOnDone_ContextCancellation 验证 context 取消时也能正确释放
+func TestWrapReleaseOnDone_ContextCancellation(t *testing.T) {
+	ctx, cancel := context.WithCancel(context.Background())
+
+	var releaseCount int32
+	_ = wrapReleaseOnDone(ctx, func() {
+		atomic.AddInt32(&releaseCount, 1)
+	})
+
+	// 取消 context，应该触发释放
+	cancel()
+
+	// 等待释放完成
+	time.Sleep(100 * time.Millisecond)
+
+	// 验证释放被调用
+	if count := atomic.LoadInt32(&releaseCount); count != 1 {
+		t.Errorf("expected release count to be 1, got %d", count)
+	}
+}
+
+// TestWrapReleaseOnDone_MultipleCallsOnlyReleaseOnce 验证多次调用 release 只释放一次
+func TestWrapReleaseOnDone_MultipleCallsOnlyReleaseOnce(t *testing.T) {
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+
+	var releaseCount int32
+	release := wrapReleaseOnDone(ctx, func() {
+		atomic.AddInt32(&releaseCount, 1)
+	})
+
+	// 调用多次
+	release()
+	release()
+	release()
+
+	// 等待执行完成
+	time.Sleep(100 * time.Millisecond)
+
+	// 验证只释放一次
+	if count := atomic.LoadInt32(&releaseCount); count != 1 {
+		t.Errorf("expected release count to be 1, got %d", count)
+	}
+}
+
+// TestWrapReleaseOnDone_NilReleaseFunc 验证 nil releaseFunc 不会 panic
+func TestWrapReleaseOnDone_NilReleaseFunc(t *testing.T) {
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+
+	release := wrapReleaseOnDone(ctx, nil)
+
+	if release != nil {
+		t.Error("expected nil release function when releaseFunc is nil")
+	}
+}
+
+// TestWrapReleaseOnDone_ConcurrentCalls 验证并发调用的安全性
+func TestWrapReleaseOnDone_ConcurrentCalls(t *testing.T) {
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+
+	var releaseCount int32
+	release := wrapReleaseOnDone(ctx, func() {
+		atomic.AddInt32(&releaseCount, 1)
+	})
+
+	// 并发调用 release
+	const numGoroutines = 10
+	for i := 0; i < numGoroutines; i++ {
+		go release()
+	}
+
+	// 等待所有 goroutine 完成
+	time.Sleep(200 * time.Millisecond)
+
+	// 验证只释放一次
+	if count := atomic.LoadInt32(&releaseCount); count != 1 {
+		t.Errorf("expected release count to be 1, got %d", count)
+	}
+}
+
+// BenchmarkWrapReleaseOnDone 性能基准测试
+func BenchmarkWrapReleaseOnDone(b *testing.B) {
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		release := wrapReleaseOnDone(ctx, func() {})
+		release()
+	}
+}
--- a/backend/internal/handler/gemini_v1beta_handler.go
+++ b/backend/internal/handler/gemini_v1beta_handler.go
@@ -9,6 +9,7 @@ import (
 	"strings"
 	"time"

+	"github.com/Wei-Shaw/sub2api/internal/pkg/antigravity"
 	"github.com/Wei-Shaw/sub2api/internal/pkg/gemini"
 	"github.com/Wei-Shaw/sub2api/internal/pkg/googleapi"
 	"github.com/Wei-Shaw/sub2api/internal/server/middleware"
@@ -20,7 +21,7 @@ import (
 // GeminiV1BetaListModels proxies:
 // GET /v1beta/models
 func (h *GatewayHandler) GeminiV1BetaListModels(c *gin.Context) {
-	apiKey, ok := middleware.GetApiKeyFromContext(c)
+	apiKey, ok := middleware.GetAPIKeyFromContext(c)
 	if !ok || apiKey == nil {
 		googleError(c, http.StatusUnauthorized, "Invalid API key")
 		return
@@ -32,9 +33,9 @@ func (h *GatewayHandler) GeminiV1BetaListModels(c *gin.Context) {
 		return
 	}

-	// 强制 antigravity 模式：直接返回静态模型列表
+	// 强制 antigravity 模式：返回 antigravity 支持的模型列表
 	if forcePlatform == service.PlatformAntigravity {
-		c.JSON(http.StatusOK, gemini.FallbackModelsList())
+		c.JSON(http.StatusOK, antigravity.FallbackGeminiModelsList())
 		return
 	}

@@ -66,7 +67,7 @@ func (h *GatewayHandler) GeminiV1BetaListModels(c *gin.Context) {
 // GeminiV1BetaGetModel proxies:
 // GET /v1beta/models/{model}
 func (h *GatewayHandler) GeminiV1BetaGetModel(c *gin.Context) {
-	apiKey, ok := middleware.GetApiKeyFromContext(c)
+	apiKey, ok := middleware.GetAPIKeyFromContext(c)
 	if !ok || apiKey == nil {
 		googleError(c, http.StatusUnauthorized, "Invalid API key")
 		return
@@ -84,9 +85,9 @@ func (h *GatewayHandler) GeminiV1BetaGetModel(c *gin.Context) {
 		return
 	}

-	// 强制 antigravity 模式：直接返回静态模型信息
+	// 强制 antigravity 模式：返回 antigravity 模型信息
 	if forcePlatform == service.PlatformAntigravity {
-		c.JSON(http.StatusOK, gemini.FallbackModel(modelName))
+		c.JSON(http.StatusOK, antigravity.FallbackGeminiModel(modelName))
 		return
 	}

@@ -119,7 +120,7 @@ func (h *GatewayHandler) GeminiV1BetaGetModel(c *gin.Context) {
 // POST /v1beta/models/{model}:generateContent
 // POST /v1beta/models/{model}:streamGenerateContent?alt=sse
 func (h *GatewayHandler) GeminiV1BetaModels(c *gin.Context) {
-	apiKey, ok := middleware.GetApiKeyFromContext(c)
+	apiKey, ok := middleware.GetAPIKeyFromContext(c)
 	if !ok || apiKey == nil {
 		googleError(c, http.StatusUnauthorized, "Invalid API key")
 		return
@@ -163,8 +164,11 @@ func (h *GatewayHandler) GeminiV1BetaModels(c *gin.Context) {
 	// Get subscription (may be nil)
 	subscription, _ := middleware.GetSubscriptionFromContext(c)

+	// 获取 User-Agent
+	userAgent := c.Request.UserAgent()
+
 	// For Gemini native API, do not send Claude-style ping frames.
-	geminiConcurrency := NewConcurrencyHelper(h.concurrencyHelper.concurrencyService, SSEPingFormatNone)
+	geminiConcurrency := NewConcurrencyHelper(h.concurrencyHelper.concurrencyService, SSEPingFormatNone, 0)

 	// 0) wait queue check
 	maxWait := service.CalculateMaxWait(authSubject.Concurrency)
@@ -184,26 +188,33 @@ func (h *GatewayHandler) GeminiV1BetaModels(c *gin.Context) {
 		googleError(c, http.StatusTooManyRequests, err.Error())
 		return
 	}
+	// 确保请求取消时也会释放槽位，避免长连接被动中断造成泄漏
+	userReleaseFunc = wrapReleaseOnDone(c.Request.Context(), userReleaseFunc)
 	if userReleaseFunc != nil {
 		defer userReleaseFunc()
 	}

 	// 2) billing eligibility check (after wait)
 	if err := h.billingCacheService.CheckBillingEligibility(c.Request.Context(), apiKey.User, apiKey, apiKey.Group, subscription); err != nil {
-		googleError(c, http.StatusForbidden, err.Error())
+		status, _, message := billingErrorDetails(err)
+		googleError(c, status, message)
 		return
 	}

 	// 3) select account (sticky session based on request body)
 	parsedReq, _ := service.ParseGatewayRequest(body)
 	sessionHash := h.gatewayService.GenerateSessionHash(parsedReq)
+	sessionKey := sessionHash
+	if sessionHash != "" {
+		sessionKey = "gemini:" + sessionHash
+	}
 	const maxAccountSwitches = 3
 	switchCount := 0
 	failedAccountIDs := make(map[int64]struct{})
 	lastFailoverStatus := 0

 	for {
-		account, err := h.geminiCompatService.SelectAccountForModelWithExclusions(c.Request.Context(), apiKey.GroupID, sessionHash, modelName, failedAccountIDs)
+		selection, err := h.gatewayService.SelectAccountWithLoadAwareness(c.Request.Context(), apiKey.GroupID, sessionKey, modelName, failedAccountIDs)
 		if err != nil {
 			if len(failedAccountIDs) == 0 {
 				googleError(c, http.StatusServiceUnavailable, "No available Gemini accounts: "+err.Error())
@@ -212,13 +223,52 @@ func (h *GatewayHandler) GeminiV1BetaModels(c *gin.Context) {
 			handleGeminiFailoverExhausted(c, lastFailoverStatus)
 			return
 		}
+		account := selection.Account

 		// 4) account concurrency slot
-		accountReleaseFunc, err := geminiConcurrency.AcquireAccountSlotWithWait(c, account.ID, account.Concurrency, stream, &streamStarted)
-		if err != nil {
-			googleError(c, http.StatusTooManyRequests, err.Error())
-			return
+		accountReleaseFunc := selection.ReleaseFunc
+		var accountWaitRelease func()
+		if !selection.Acquired {
+			if selection.WaitPlan == nil {
+				googleError(c, http.StatusServiceUnavailable, "No available Gemini accounts")
+				return
+			}
+			canWait, err := geminiConcurrency.IncrementAccountWaitCount(c.Request.Context(), account.ID, selection.WaitPlan.MaxWaiting)
+			if err != nil {
+				log.Printf("Increment account wait count failed: %v", err)
+			} else if !canWait {
+				log.Printf("Account wait queue full: account=%d", account.ID)
+				googleError(c, http.StatusTooManyRequests, "Too many pending requests, please retry later")
+				return
+			} else {
+				// Only set release function if increment succeeded
+				accountWaitRelease = func() {
+					geminiConcurrency.DecrementAccountWaitCount(c.Request.Context(), account.ID)
+				}
+			}
+
+			accountReleaseFunc, err = geminiConcurrency.AcquireAccountSlotWithWaitTimeout(
+				c,
+				account.ID,
+				selection.WaitPlan.MaxConcurrency,
+				selection.WaitPlan.Timeout,
+				stream,
+				&streamStarted,
+			)
+			if err != nil {
+				if accountWaitRelease != nil {
+					accountWaitRelease()
+				}
+				googleError(c, http.StatusTooManyRequests, err.Error())
+				return
+			}
+			if err := h.gatewayService.BindStickySession(c.Request.Context(), sessionKey, account.ID); err != nil {
+				log.Printf("Bind sticky session failed: %v", err)
+			}
 		}
+		// 账号槽位/等待计数需要在超时或断开时安全回收
+		accountReleaseFunc = wrapReleaseOnDone(c.Request.Context(), accountReleaseFunc)
+		accountWaitRelease = wrapReleaseOnDone(c.Request.Context(), accountWaitRelease)

 		// 5) forward (根据平台分流)
 		var result *service.ForwardResult
@@ -230,6 +280,9 @@ func (h *GatewayHandler) GeminiV1BetaModels(c *gin.Context) {
 		if accountReleaseFunc != nil {
 			accountReleaseFunc()
 		}
+		if accountWaitRelease != nil {
+			accountWaitRelease()
+		}
 		if err != nil {
 			var failoverErr *service.UpstreamFailoverError
 			if errors.As(err, &failoverErr) {
@@ -250,19 +303,20 @@ func (h *GatewayHandler) GeminiV1BetaModels(c *gin.Context) {
 		}

 		// 6) record usage async
-		go func(result *service.ForwardResult, usedAccount *service.Account) {
+		go func(result *service.ForwardResult, usedAccount *service.Account, ua string) {
 			ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
 			defer cancel()
 			if err := h.gatewayService.RecordUsage(ctx, &service.RecordUsageInput{
 				Result:       result,
-				ApiKey:       apiKey,
+				APIKey:       apiKey,
 				User:         apiKey.User,
 				Account:      usedAccount,
 				Subscription: subscription,
+				UserAgent:    ua,
 			}); err != nil {
 				log.Printf("Record usage failed: %v", err)
 			}
-		}(result, account)
+		}(result, account, userAgent)
 		return
 	}
 }
--- a/Show More
+++ b/Show More