diff --git a/base/aaa/portal/apply.go b/base/aaa/portal/apply.go
index 7fea2d57..abedd0d0 100644
--- a/base/aaa/portal/apply.go
+++ b/base/aaa/portal/apply.go
@@ -8,55 +8,62 @@ import (
 	"shylinux.com/x/icebergs/base/mdb"
 	"shylinux.com/x/icebergs/base/nfs"
 	"shylinux.com/x/icebergs/base/web"
+	"shylinux.com/x/icebergs/base/web/html"
 	kit "shylinux.com/x/toolkits"
 )
 
 type apply struct {
 	ice.Hash
-	field string `data:"time,hash,email,mobile,username,status"`
-	input string `name:"input" help:"输入" role:"void"`
+	field string `data:"time,hash,mobile,email,usernick,username,userrole,status"`
+	sso   string `name:"sso" help:"登录"`
+	input string `name:"input" help:"注册" role:"void"`
 	apply string `name:"apply" help:"申请" role:"void"`
 	agree string `name:"agree userrole=tech" help:"同意" icon:"bi bi-check2-square"`
 	login string `name:"login" help:"登录" role:"void"`
-	list  string `name:"list hash auto" help:"注册"`
+	list  string `name:"list hash auto sso" help:"注册"`
 }
 
+func (s apply) Sso(m *ice.Message, arg ...string) {
+	m.Cmd(web.CHAT_HEADER, mdb.CREATE, mdb.TYPE, cli.QRCODE, mdb.NAME, "扫码登录", mdb.ORDER, "10")
+	m.Cmd(web.CHAT_HEADER, mdb.CREATE, mdb.TYPE, mdb.PLUGIN, mdb.NAME, "邮箱登录", mdb.ORDER, "11", ctx.INDEX, m.PrefixKey(), ctx.ARGS, kit.FuncName(s.Email))
+	m.Cmd(web.CHAT_HEADER, mdb.CREATE, mdb.TYPE, mdb.PLUGIN, mdb.NAME, "注册用户", mdb.ORDER, "12", ctx.INDEX, m.PrefixKey(), ctx.ARGS, kit.FuncName(s.Input))
+}
 func (s apply) Input(m *ice.Message, arg ...string) {
-	kit.If(m.Option(mdb.HASH) == "input", func() { m.Option(mdb.HASH, "") })
+	kit.If(m.Option(mdb.HASH) == kit.FuncName(s.Input), func() { m.Options(mdb.HASH, "") })
 	if k := _cookie_key(m); m.Option(k) == "" || s.List(m, m.Option(k)).Length() == 0 && m.Result() == "" {
-		ctx.DisplayStoryForm(m.Message, "email*", s.Apply)
+		ctx.DisplayStoryForm(m.Message, "email*", aaa.USERNICK, s.Apply)
 	}
 }
 func (s apply) Apply(m *ice.Message, arg ...string) {
 	if m.Warn(m.Options(arg).Cmd(aaa.USER, m.Option(aaa.EMAIL)).Length() > 0, "already exists") {
 		return
 	}
-	arg = append(arg, aaa.USERNAME, m.Option(aaa.EMAIL))
-	m.ProcessCookie(_cookie_key(m), s.Hash.Create(m, kit.Simple(arg, mdb.STATUS, s.Apply, aaa.IP, m.Option(ice.MSG_USERIP), aaa.UA, m.Option(ice.MSG_USERUA), cli.DAEMON, m.Option(ice.MSG_DAEMON))...))
+	m.ProcessCookie(_cookie_key(m), s.Hash.Create(m, kit.Simple(append(arg, aaa.USERNAME, m.Option(aaa.EMAIL)), mdb.STATUS, s.Apply,
+		aaa.IP, m.Option(ice.MSG_USERIP), aaa.UA, m.Option(ice.MSG_USERUA), cli.DAEMON, m.Option(ice.MSG_DAEMON))...))
 }
 func (s apply) Agree(m *ice.Message, arg ...string) {
 	msg := s.Hash.List(m.Spawn(), m.Option(mdb.HASH))
 	s.Hash.Modify(m, kit.Simple(m.OptionSimple(mdb.HASH, aaa.USERROLE), mdb.STATUS, s.Agree)...)
 	m.Cmd(aaa.USER, mdb.CREATE, msg.AppendSimple(aaa.USERNICK, aaa.USERNAME), m.Option(aaa.USERROLE))
-	web.PushNotice(m.Spawn(kit.Dict(ice.MSG_DAEMON, msg.Append(cli.DAEMON))).Message, "refresh")
+	web.PushNotice(m.Spawn(kit.Dict(ice.MSG_DAEMON, msg.Append(cli.DAEMON))).Message, html.REFRESH)
 }
 func (s apply) Login(m *ice.Message, arg ...string) {
-	m.Options(arg)
-	if m.Option(aaa.EMAIL) != "" {
-		m.Cmdy(aaa.EMAIL, aaa.SEND, m.Option(aaa.EMAIL), "", "login contexts", m.Cmd(web.SHARE, mdb.CREATE, mdb.TYPE, aaa.LOGIN).Append(mdb.LINK))
+	kit.If(m.Option(mdb.HASH) == kit.FuncName(s.Input), func() { m.Options(mdb.HASH, "") })
+	if m.Options(arg).Option(aaa.EMAIL) == "" {
+		m.OptionDefault(mdb.HASH, m.Option(_cookie_key(m)))
+		s.Hash.Modify(m, kit.Simple(m.OptionSimple(mdb.HASH), mdb.STATUS, s.Login)...)
+		web.RenderCookie(m.Message, m.Cmdx(aaa.SESS, mdb.CREATE, s.Hash.List(m.Spawn(), m.Option(mdb.HASH)).Append(aaa.USERNAME)))
+		m.ProcessLocation(nfs.PS)
+	} else {
+		m.Options(ice.MSG_USERNAME, m.Option(aaa.EMAIL))
+		space := kit.Keys(kit.Slice(kit.Split(m.Option(ice.MSG_DAEMON), nfs.PT), 0, -1))
+		share := m.Cmd(web.SHARE, mdb.CREATE, mdb.TYPE, web.FIELD, mdb.NAME, web.CHAT_GRANT, mdb.TEXT, space).Append(mdb.LINK)
+		m.Cmdy(aaa.EMAIL, aaa.SEND, m.Option(aaa.EMAIL), "", "login contexts, please grant", html.FormatA(share))
 		m.ProcessHold()
-		return
 	}
-	kit.If(m.Option(mdb.HASH) == "input", func() { m.Option(mdb.HASH, "") })
-	m.OptionDefault(mdb.HASH, m.Option(_cookie_key(m)))
-	msg := s.Hash.List(m.Spawn(), m.Option(mdb.HASH))
-	s.Hash.Modify(m, kit.Simple(m.OptionSimple(mdb.HASH), mdb.STATUS, s.Login)...)
-	sessid := m.Cmdx(aaa.SESS, mdb.CREATE, msg.Append(aaa.USERNAME))
-	web.RenderCookie(m.Message, sessid)
-	m.ProcessLocation(nfs.PS)
 }
 func (s apply) Email(m *ice.Message, arg ...string) {
-	ctx.DisplayStoryForm(m.Message, "email*", s.Login)
+	ctx.DisplayStoryForm(m.Message, "email*", s.Login).Echo("邮件发送成功后，请在邮箱中授权登录")
 }
 func (s apply) List(m *ice.Message, arg ...string) *ice.Message {
 	kit.If(m.Option(_cookie_key(m)), func(p string) { arg = []string{p} })
@@ -72,18 +79,18 @@ func (s apply) List(m *ice.Message, arg ...string) *ice.Message {
 	})
 	if len(arg) == 0 {
 		m.EchoQRCode(m.MergePodCmd("", "", ctx.ACTION, s.Input))
-	} else {
+	} else if !kit.IsIn(m.ActionKey(), "", ice.LIST, mdb.SELECT) {
 		switch m.Append(mdb.STATUS) {
-		case kit.FuncName(s.Apply):
-			m.SetAppend()
-			m.EchoInfoButton("please wait agree")
-		case kit.FuncName(s.Agree):
-			m.SetAppend()
-			m.EchoInfoButton("please login", s.Login)
 		case kit.FuncName(s.Login):
-			m.SetAppend()
-			m.EchoAnchor(nfs.PS)
-			m.ProcessLocation(nfs.PS)
+			if m.ActionKey() == kit.FuncName(s.Input) {
+				m.ProcessCookie(_cookie_key(m), "")
+			} else {
+				m.SetAppend().ProcessLocation(nfs.PS)
+			}
+		case kit.FuncName(s.Agree):
+			m.SetAppend().EchoInfoButton("please login", s.Login)
+		case kit.FuncName(s.Apply):
+			m.SetAppend().EchoInfoButton("please wait admin agree")
 		}
 	}
 	return m
diff --git a/base/web/html/html.go b/base/web/html/html.go
index 80739368..112cef8a 100644
--- a/base/web/html/html.go
+++ b/base/web/html/html.go
@@ -52,15 +52,16 @@ const (
 	PROFILE = "profile"
 	DISPLAY = "display"
 
-	VIEW   = "view"
-	TEXT   = "text"
-	BUTTON = "button"
-	INPUT  = "input"
-	VALUE  = "value"
-	OUTPUT = "output"
-	LAYOUT = "layout"
-	RESIZE = "resize"
-	FILTER = "filter"
+	VIEW    = "view"
+	TEXT    = "text"
+	BUTTON  = "button"
+	INPUT   = "input"
+	VALUE   = "value"
+	OUTPUT  = "output"
+	LAYOUT  = "layout"
+	RESIZE  = "resize"
+	REFRESH = "refresh"
+	FILTER  = "filter"
 )
 
 const (
@@ -93,9 +94,9 @@ const (
 func Format(tag string, inner string, arg ...string) string {
 	return kit.Format("<%s %s>%s</%s>", tag, kit.JoinProperty(arg...), inner, tag)
 }
-func FormatDanger(value string) string {
-	return Format(SPAN, value, STYLE, kit.JoinCSS(
-		BACKGROUND_COLOR, "var(--danger-bg-color)",
-		COLOR, "var(--danger-fg-color)",
-	))
+func FormatA(inner string, arg ...string) string {
+	return kit.Format(`<a href="%s">%s</a>`, kit.Select(inner, arg, 0), inner)
+}
+func FormatDanger(value string) string {
+	return Format(SPAN, value, STYLE, kit.JoinCSS(BACKGROUND_COLOR, "var(--danger-bg-color)", COLOR, "var(--danger-fg-color)"))
 }
diff --git a/render.go b/render.go
index 83c18944..23e89896 100644
--- a/render.go
+++ b/render.go
@@ -210,7 +210,7 @@ func (m *Message) EchoFields(cmd string, arg ...string) *Message {
 `, cmd, kit.Join(arg))
 }
 func (m *Message) EchoInfoButton(info string, arg ...Any) *Message {
-	m.Display("/plugin/story/table.js", "style", "form")
+	m.Display("/plugin/table.js", "style", "form")
 	return m.Echo(html.Format("div", info, "class", "info", "style", kit.JoinCSS())).EchoButton(arg...).Echo(NL).Action(arg...)
 }
 func (m *Message) EchoButton(arg ...Any) *Message    { return m.Echo(Render(m, RENDER_BUTTON, arg...)) }