update migrate

2023-04-05 15:05:14 +09:00 · 2023-04-05 15:05:14 +09:00 · 1d65e1194b
commit 1d65e1194b
parent 9573dc895f
36 changed files with 1430 additions and 137 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1,5 @@
 t
+.env
+*.zsh
+*.json
+#*.sqlite
--- a/ent/card.go
+++ b/ent/card.go
@ -17,6 +17,8 @@ type Card struct {
 	config `json:"-"`
 	// ID of the ent.
 	ID int `json:"id,omitempty"`
+	// Password holds the value of the "password" field.
+	Password string `json:"-"`
 	// Card holds the value of the "card" field.
 	Card int `json:"card,omitempty"`
 	// Status holds the value of the "status" field.
@ -62,7 +64,7 @@ func (*Card) scanValues(columns []string) ([]any, error) {
 		switch columns[i] {
 		case card.FieldID, card.FieldCard, card.FieldCp:
 			values[i] = new(sql.NullInt64)
-		case card.FieldStatus, card.FieldURL:
+		case card.FieldPassword, card.FieldStatus, card.FieldURL:
 			values[i] = new(sql.NullString)
 		case card.FieldCreatedAt:
 			values[i] = new(sql.NullTime)
@ -89,6 +91,12 @@ func (c *Card) assignValues(columns []string, values []any) error {
 				return fmt.Errorf("unexpected type %T for field id", value)
 			}
 			c.ID = int(value.Int64)
+		case card.FieldPassword:
+			if value, ok := values[i].(*sql.NullString); !ok {
+				return fmt.Errorf("unexpected type %T for field password", values[i])
+			} else if value.Valid {
+				c.Password = value.String
+			}
 		case card.FieldCard:
 			if value, ok := values[i].(*sql.NullInt64); !ok {
 				return fmt.Errorf("unexpected type %T for field card", values[i])
@ -159,6 +167,8 @@ func (c *Card) String() string {
 	var builder strings.Builder
 	builder.WriteString("Card(")
 	builder.WriteString(fmt.Sprintf("id=%v, ", c.ID))
+	builder.WriteString("password=<sensitive>")
+	builder.WriteString(", ")
 	builder.WriteString("card=")
 	builder.WriteString(fmt.Sprintf("%v", c.Card))
 	builder.WriteString(", ")
--- a/ent/card/card.go
+++ b/ent/card/card.go
@ -11,6 +11,8 @@ const (
 	Label = "card"
 	// FieldID holds the string denoting the id field in the database.
 	FieldID = "id"
+	// FieldPassword holds the string denoting the password field in the database.
+	FieldPassword = "password"
 	// FieldCard holds the string denoting the card field in the database.
 	FieldCard = "card"
 	// FieldStatus holds the string denoting the status field in the database.
@ -37,6 +39,7 @@ const (
 // Columns holds all SQL columns for card fields.
 var Columns = []string{
 	FieldID,
+	FieldPassword,
 	FieldCard,
 	FieldStatus,
 	FieldCp,
@ -66,6 +69,8 @@ func ValidColumn(column string) bool {
 }

 var (
+	// PasswordValidator is a validator for the "password" field. It is called by the builders before save.
+	PasswordValidator func(string) error
 	// DefaultCard holds the default value on creation for the "card" field.
 	DefaultCard func() int
 	// DefaultStatus holds the default value on creation for the "status" field.
--- a/ent/card/where.go
+++ b/ent/card/where.go
@ -55,6 +55,11 @@ func IDLTE(id int) predicate.Card {
 	return predicate.Card(sql.FieldLTE(FieldID, id))
 }

+// Password applies equality check predicate on the "password" field. It's identical to PasswordEQ.
+func Password(v string) predicate.Card {
+	return predicate.Card(sql.FieldEQ(FieldPassword, v))
+}
+
 // Card applies equality check predicate on the "card" field. It's identical to CardEQ.
 func Card(v int) predicate.Card {
 	return predicate.Card(sql.FieldEQ(FieldCard, v))
@ -80,6 +85,71 @@ func CreatedAt(v time.Time) predicate.Card {
 	return predicate.Card(sql.FieldEQ(FieldCreatedAt, v))
 }

+// PasswordEQ applies the EQ predicate on the "password" field.
+func PasswordEQ(v string) predicate.Card {
+	return predicate.Card(sql.FieldEQ(FieldPassword, v))
+}
+
+// PasswordNEQ applies the NEQ predicate on the "password" field.
+func PasswordNEQ(v string) predicate.Card {
+	return predicate.Card(sql.FieldNEQ(FieldPassword, v))
+}
+
+// PasswordIn applies the In predicate on the "password" field.
+func PasswordIn(vs ...string) predicate.Card {
+	return predicate.Card(sql.FieldIn(FieldPassword, vs...))
+}
+
+// PasswordNotIn applies the NotIn predicate on the "password" field.
+func PasswordNotIn(vs ...string) predicate.Card {
+	return predicate.Card(sql.FieldNotIn(FieldPassword, vs...))
+}
+
+// PasswordGT applies the GT predicate on the "password" field.
+func PasswordGT(v string) predicate.Card {
+	return predicate.Card(sql.FieldGT(FieldPassword, v))
+}
+
+// PasswordGTE applies the GTE predicate on the "password" field.
+func PasswordGTE(v string) predicate.Card {
+	return predicate.Card(sql.FieldGTE(FieldPassword, v))
+}
+
+// PasswordLT applies the LT predicate on the "password" field.
+func PasswordLT(v string) predicate.Card {
+	return predicate.Card(sql.FieldLT(FieldPassword, v))
+}
+
+// PasswordLTE applies the LTE predicate on the "password" field.
+func PasswordLTE(v string) predicate.Card {
+	return predicate.Card(sql.FieldLTE(FieldPassword, v))
+}
+
+// PasswordContains applies the Contains predicate on the "password" field.
+func PasswordContains(v string) predicate.Card {
+	return predicate.Card(sql.FieldContains(FieldPassword, v))
+}
+
+// PasswordHasPrefix applies the HasPrefix predicate on the "password" field.
+func PasswordHasPrefix(v string) predicate.Card {
+	return predicate.Card(sql.FieldHasPrefix(FieldPassword, v))
+}
+
+// PasswordHasSuffix applies the HasSuffix predicate on the "password" field.
+func PasswordHasSuffix(v string) predicate.Card {
+	return predicate.Card(sql.FieldHasSuffix(FieldPassword, v))
+}
+
+// PasswordEqualFold applies the EqualFold predicate on the "password" field.
+func PasswordEqualFold(v string) predicate.Card {
+	return predicate.Card(sql.FieldEqualFold(FieldPassword, v))
+}
+
+// PasswordContainsFold applies the ContainsFold predicate on the "password" field.
+func PasswordContainsFold(v string) predicate.Card {
+	return predicate.Card(sql.FieldContainsFold(FieldPassword, v))
+}
+
 // CardEQ applies the EQ predicate on the "card" field.
 func CardEQ(v int) predicate.Card {
 	return predicate.Card(sql.FieldEQ(FieldCard, v))
--- a/ent/card_create.go
+++ b/ent/card_create.go
@ -21,6 +21,12 @@ type CardCreate struct {
 	hooks    []Hook
 }

+// SetPassword sets the "password" field.
+func (cc *CardCreate) SetPassword(s string) *CardCreate {
+	cc.mutation.SetPassword(s)
+	return cc
+}
+
 // SetCard sets the "card" field.
 func (cc *CardCreate) SetCard(i int) *CardCreate {
 	cc.mutation.SetCard(i)
@ -161,6 +167,14 @@ func (cc *CardCreate) defaults() {

 // check runs all checks and user-defined validators on the builder.
 func (cc *CardCreate) check() error {
+	if _, ok := cc.mutation.Password(); !ok {
+		return &ValidationError{Name: "password", err: errors.New(`ent: missing required field "Card.password"`)}
+	}
+	if v, ok := cc.mutation.Password(); ok {
+		if err := card.PasswordValidator(v); err != nil {
+			return &ValidationError{Name: "password", err: fmt.Errorf(`ent: validator failed for field "Card.password": %w`, err)}
+		}
+	}
 	if _, ok := cc.mutation.OwnerID(); !ok {
 		return &ValidationError{Name: "owner", err: errors.New(`ent: missing required edge "Card.owner"`)}
 	}
@ -190,6 +204,10 @@ func (cc *CardCreate) createSpec() (*Card, *sqlgraph.CreateSpec) {
 		_node = &Card{config: cc.config}
 		_spec = sqlgraph.NewCreateSpec(card.Table, sqlgraph.NewFieldSpec(card.FieldID, field.TypeInt))
 	)
+	if value, ok := cc.mutation.Password(); ok {
+		_spec.SetField(card.FieldPassword, field.TypeString, value)
+		_node.Password = value
+	}
 	if value, ok := cc.mutation.Card(); ok {
 		_spec.SetField(card.FieldCard, field.TypeInt, value)
 		_node.Card = value
@ -218,10 +236,7 @@ func (cc *CardCreate) createSpec() (*Card, *sqlgraph.CreateSpec) {
 			Columns: []string{card.OwnerColumn},
 			Bidi:    false,
 			Target: &sqlgraph.EdgeTarget{
-				IDSpec: &sqlgraph.FieldSpec{
-					Type:   field.TypeInt,
-					Column: user.FieldID,
-				},
+				IDSpec: sqlgraph.NewFieldSpec(user.FieldID, field.TypeInt),
 			},
 		}
 		for _, k := range nodes {
--- a/ent/card_query.go
+++ b/ent/card_query.go
@ -298,12 +298,12 @@ func (cq *CardQuery) WithOwner(opts ...func(*UserQuery)) *CardQuery {
 // Example:
 //
 //	var v []struct {
-//		Card int `json:"card,omitempty"`
+//		Password string `json:"password,omitempty"`
 //		Count int `json:"count,omitempty"`
 //	}
 //
 //	client.Card.Query().
-//		GroupBy(card.FieldCard).
+//		GroupBy(card.FieldPassword).
 //		Aggregate(ent.Count()).
 //		Scan(ctx, &v)
 func (cq *CardQuery) GroupBy(field string, fields ...string) *CardGroupBy {
@ -321,11 +321,11 @@ func (cq *CardQuery) GroupBy(field string, fields ...string) *CardGroupBy {
 // Example:
 //
 //	var v []struct {
-//		Card int `json:"card,omitempty"`
+//		Password string `json:"password,omitempty"`
 //	}
 //
 //	client.Card.Query().
-//		Select(card.FieldCard).
+//		Select(card.FieldPassword).
 //		Scan(ctx, &v)
 func (cq *CardQuery) Select(fields ...string) *CardSelect {
 	cq.ctx.Fields = append(cq.ctx.Fields, fields...)
--- a/ent/card_update.go
+++ b/ent/card_update.go
@ -120,10 +120,7 @@ func (cu *CardUpdate) sqlSave(ctx context.Context) (n int, err error) {
 			Columns: []string{card.OwnerColumn},
 			Bidi:    false,
 			Target: &sqlgraph.EdgeTarget{
-				IDSpec: &sqlgraph.FieldSpec{
-					Type:   field.TypeInt,
-					Column: user.FieldID,
-				},
+				IDSpec: sqlgraph.NewFieldSpec(user.FieldID, field.TypeInt),
 			},
 		}
 		_spec.Edges.Clear = append(_spec.Edges.Clear, edge)
@ -136,10 +133,7 @@ func (cu *CardUpdate) sqlSave(ctx context.Context) (n int, err error) {
 			Columns: []string{card.OwnerColumn},
 			Bidi:    false,
 			Target: &sqlgraph.EdgeTarget{
-				IDSpec: &sqlgraph.FieldSpec{
-					Type:   field.TypeInt,
-					Column: user.FieldID,
-				},
+				IDSpec: sqlgraph.NewFieldSpec(user.FieldID, field.TypeInt),
 			},
 		}
 		for _, k := range nodes {
@ -289,10 +283,7 @@ func (cuo *CardUpdateOne) sqlSave(ctx context.Context) (_node *Card, err error)
 			Columns: []string{card.OwnerColumn},
 			Bidi:    false,
 			Target: &sqlgraph.EdgeTarget{
-				IDSpec: &sqlgraph.FieldSpec{
-					Type:   field.TypeInt,
-					Column: user.FieldID,
-				},
+				IDSpec: sqlgraph.NewFieldSpec(user.FieldID, field.TypeInt),
 			},
 		}
 		_spec.Edges.Clear = append(_spec.Edges.Clear, edge)
@ -305,10 +296,7 @@ func (cuo *CardUpdateOne) sqlSave(ctx context.Context) (_node *Card, err error)
 			Columns: []string{card.OwnerColumn},
 			Bidi:    false,
 			Target: &sqlgraph.EdgeTarget{
-				IDSpec: &sqlgraph.FieldSpec{
-					Type:   field.TypeInt,
-					Column: user.FieldID,
-				},
+				IDSpec: sqlgraph.NewFieldSpec(user.FieldID, field.TypeInt),
 			},
 		}
 		for _, k := range nodes {
--- a/ent/ent.go
+++ b/ent/ent.go
@ -509,7 +509,7 @@ func withHooks[V Value, M any, PM interface {
 		return exec(ctx)
 	}
 	var mut Mutator = MutateFunc(func(ctx context.Context, m Mutation) (Value, error) {
-		mutationT, ok := m.(PM)
+		mutationT, ok := any(m).(PM)
 		if !ok {
 			return nil, fmt.Errorf("unexpected mutation type %T", m)
 		}
--- a/ent/group.go
+++ b/ent/group.go
@ -17,6 +17,8 @@ type Group struct {
 	ID int `json:"id,omitempty"`
 	// Name holds the value of the "name" field.
 	Name string `json:"name,omitempty"`
+	// Password holds the value of the "password" field.
+	Password string `json:"-"`
 	// Edges holds the relations/edges for other nodes in the graph.
 	// The values are being populated by the GroupQuery when eager-loading is set.
 	Edges GroupEdges `json:"edges"`
@ -47,7 +49,7 @@ func (*Group) scanValues(columns []string) ([]any, error) {
 		switch columns[i] {
 		case group.FieldID:
 			values[i] = new(sql.NullInt64)
-		case group.FieldName:
+		case group.FieldName, group.FieldPassword:
 			values[i] = new(sql.NullString)
 		default:
 			return nil, fmt.Errorf("unexpected column %q for type Group", columns[i])
@ -76,6 +78,12 @@ func (gr *Group) assignValues(columns []string, values []any) error {
 			} else if value.Valid {
 				gr.Name = value.String
 			}
+		case group.FieldPassword:
+			if value, ok := values[i].(*sql.NullString); !ok {
+				return fmt.Errorf("unexpected type %T for field password", values[i])
+			} else if value.Valid {
+				gr.Password = value.String
+			}
 		}
 	}
 	return nil
@ -111,6 +119,8 @@ func (gr *Group) String() string {
 	builder.WriteString(fmt.Sprintf("id=%v, ", gr.ID))
 	builder.WriteString("name=")
 	builder.WriteString(gr.Name)
+	builder.WriteString(", ")
+	builder.WriteString("password=<sensitive>")
 	builder.WriteByte(')')
 	return builder.String()
 }
--- a/ent/group/group.go
+++ b/ent/group/group.go
@ -9,6 +9,8 @@ const (
 	FieldID = "id"
 	// FieldName holds the string denoting the name field in the database.
 	FieldName = "name"
+	// FieldPassword holds the string denoting the password field in the database.
+	FieldPassword = "password"
 	// EdgeUsers holds the string denoting the users edge name in mutations.
 	EdgeUsers = "users"
 	// Table holds the table name of the group in the database.
@ -26,6 +28,7 @@ const (
 var Columns = []string{
 	FieldID,
 	FieldName,
+	FieldPassword,
 }

 // ValidColumn reports if the column name is valid (part of the table columns).
@ -37,3 +40,8 @@ func ValidColumn(column string) bool {
 	}
 	return false
 }
+
+var (
+	// PasswordValidator is a validator for the "password" field. It is called by the builders before save.
+	PasswordValidator func(string) error
+)
--- a/ent/group/where.go
+++ b/ent/group/where.go
@ -59,6 +59,11 @@ func Name(v string) predicate.Group {
 	return predicate.Group(sql.FieldEQ(FieldName, v))
 }

+// Password applies equality check predicate on the "password" field. It's identical to PasswordEQ.
+func Password(v string) predicate.Group {
+	return predicate.Group(sql.FieldEQ(FieldPassword, v))
+}
+
 // NameEQ applies the EQ predicate on the "name" field.
 func NameEQ(v string) predicate.Group {
 	return predicate.Group(sql.FieldEQ(FieldName, v))
@ -124,6 +129,71 @@ func NameContainsFold(v string) predicate.Group {
 	return predicate.Group(sql.FieldContainsFold(FieldName, v))
 }

+// PasswordEQ applies the EQ predicate on the "password" field.
+func PasswordEQ(v string) predicate.Group {
+	return predicate.Group(sql.FieldEQ(FieldPassword, v))
+}
+
+// PasswordNEQ applies the NEQ predicate on the "password" field.
+func PasswordNEQ(v string) predicate.Group {
+	return predicate.Group(sql.FieldNEQ(FieldPassword, v))
+}
+
+// PasswordIn applies the In predicate on the "password" field.
+func PasswordIn(vs ...string) predicate.Group {
+	return predicate.Group(sql.FieldIn(FieldPassword, vs...))
+}
+
+// PasswordNotIn applies the NotIn predicate on the "password" field.
+func PasswordNotIn(vs ...string) predicate.Group {
+	return predicate.Group(sql.FieldNotIn(FieldPassword, vs...))
+}
+
+// PasswordGT applies the GT predicate on the "password" field.
+func PasswordGT(v string) predicate.Group {
+	return predicate.Group(sql.FieldGT(FieldPassword, v))
+}
+
+// PasswordGTE applies the GTE predicate on the "password" field.
+func PasswordGTE(v string) predicate.Group {
+	return predicate.Group(sql.FieldGTE(FieldPassword, v))
+}
+
+// PasswordLT applies the LT predicate on the "password" field.
+func PasswordLT(v string) predicate.Group {
+	return predicate.Group(sql.FieldLT(FieldPassword, v))
+}
+
+// PasswordLTE applies the LTE predicate on the "password" field.
+func PasswordLTE(v string) predicate.Group {
+	return predicate.Group(sql.FieldLTE(FieldPassword, v))
+}
+
+// PasswordContains applies the Contains predicate on the "password" field.
+func PasswordContains(v string) predicate.Group {
+	return predicate.Group(sql.FieldContains(FieldPassword, v))
+}
+
+// PasswordHasPrefix applies the HasPrefix predicate on the "password" field.
+func PasswordHasPrefix(v string) predicate.Group {
+	return predicate.Group(sql.FieldHasPrefix(FieldPassword, v))
+}
+
+// PasswordHasSuffix applies the HasSuffix predicate on the "password" field.
+func PasswordHasSuffix(v string) predicate.Group {
+	return predicate.Group(sql.FieldHasSuffix(FieldPassword, v))
+}
+
+// PasswordEqualFold applies the EqualFold predicate on the "password" field.
+func PasswordEqualFold(v string) predicate.Group {
+	return predicate.Group(sql.FieldEqualFold(FieldPassword, v))
+}
+
+// PasswordContainsFold applies the ContainsFold predicate on the "password" field.
+func PasswordContainsFold(v string) predicate.Group {
+	return predicate.Group(sql.FieldContainsFold(FieldPassword, v))
+}
+
 // HasUsers applies the HasEdge predicate on the "users" edge.
 func HasUsers() predicate.Group {
 	return predicate.Group(func(s *sql.Selector) {
--- a/ent/group_create.go
+++ b/ent/group_create.go
@ -26,6 +26,12 @@ func (gc *GroupCreate) SetName(s string) *GroupCreate {
 	return gc
 }

+// SetPassword sets the "password" field.
+func (gc *GroupCreate) SetPassword(s string) *GroupCreate {
+	gc.mutation.SetPassword(s)
+	return gc
+}
+
 // AddUserIDs adds the "users" edge to the User entity by IDs.
 func (gc *GroupCreate) AddUserIDs(ids ...int) *GroupCreate {
 	gc.mutation.AddUserIDs(ids...)
@ -78,6 +84,14 @@ func (gc *GroupCreate) check() error {
 	if _, ok := gc.mutation.Name(); !ok {
 		return &ValidationError{Name: "name", err: errors.New(`ent: missing required field "Group.name"`)}
 	}
+	if _, ok := gc.mutation.Password(); !ok {
+		return &ValidationError{Name: "password", err: errors.New(`ent: missing required field "Group.password"`)}
+	}
+	if v, ok := gc.mutation.Password(); ok {
+		if err := group.PasswordValidator(v); err != nil {
+			return &ValidationError{Name: "password", err: fmt.Errorf(`ent: validator failed for field "Group.password": %w`, err)}
+		}
+	}
 	return nil
 }

@ -108,6 +122,10 @@ func (gc *GroupCreate) createSpec() (*Group, *sqlgraph.CreateSpec) {
 		_spec.SetField(group.FieldName, field.TypeString, value)
 		_node.Name = value
 	}
+	if value, ok := gc.mutation.Password(); ok {
+		_spec.SetField(group.FieldPassword, field.TypeString, value)
+		_node.Password = value
+	}
 	if nodes := gc.mutation.UsersIDs(); len(nodes) > 0 {
 		edge := &sqlgraph.EdgeSpec{
 			Rel:     sqlgraph.O2M,
@ -116,10 +134,7 @@ func (gc *GroupCreate) createSpec() (*Group, *sqlgraph.CreateSpec) {
 			Columns: []string{group.UsersColumn},
 			Bidi:    false,
 			Target: &sqlgraph.EdgeTarget{
-				IDSpec: &sqlgraph.FieldSpec{
-					Type:   field.TypeInt,
-					Column: user.FieldID,
-				},
+				IDSpec: sqlgraph.NewFieldSpec(user.FieldID, field.TypeInt),
 			},
 		}
 		for _, k := range nodes {
--- a/ent/group_update.go
+++ b/ent/group_update.go
@ -122,10 +122,7 @@ func (gu *GroupUpdate) sqlSave(ctx context.Context) (n int, err error) {
 			Columns: []string{group.UsersColumn},
 			Bidi:    false,
 			Target: &sqlgraph.EdgeTarget{
-				IDSpec: &sqlgraph.FieldSpec{
-					Type:   field.TypeInt,
-					Column: user.FieldID,
-				},
+				IDSpec: sqlgraph.NewFieldSpec(user.FieldID, field.TypeInt),
 			},
 		}
 		_spec.Edges.Clear = append(_spec.Edges.Clear, edge)
@ -138,10 +135,7 @@ func (gu *GroupUpdate) sqlSave(ctx context.Context) (n int, err error) {
 			Columns: []string{group.UsersColumn},
 			Bidi:    false,
 			Target: &sqlgraph.EdgeTarget{
-				IDSpec: &sqlgraph.FieldSpec{
-					Type:   field.TypeInt,
-					Column: user.FieldID,
-				},
+				IDSpec: sqlgraph.NewFieldSpec(user.FieldID, field.TypeInt),
 			},
 		}
 		for _, k := range nodes {
@ -157,10 +151,7 @@ func (gu *GroupUpdate) sqlSave(ctx context.Context) (n int, err error) {
 			Columns: []string{group.UsersColumn},
 			Bidi:    false,
 			Target: &sqlgraph.EdgeTarget{
-				IDSpec: &sqlgraph.FieldSpec{
-					Type:   field.TypeInt,
-					Column: user.FieldID,
-				},
+				IDSpec: sqlgraph.NewFieldSpec(user.FieldID, field.TypeInt),
 			},
 		}
 		for _, k := range nodes {
@ -312,10 +303,7 @@ func (guo *GroupUpdateOne) sqlSave(ctx context.Context) (_node *Group, err error
 			Columns: []string{group.UsersColumn},
 			Bidi:    false,
 			Target: &sqlgraph.EdgeTarget{
-				IDSpec: &sqlgraph.FieldSpec{
-					Type:   field.TypeInt,
-					Column: user.FieldID,
-				},
+				IDSpec: sqlgraph.NewFieldSpec(user.FieldID, field.TypeInt),
 			},
 		}
 		_spec.Edges.Clear = append(_spec.Edges.Clear, edge)
@ -328,10 +316,7 @@ func (guo *GroupUpdateOne) sqlSave(ctx context.Context) (_node *Group, err error
 			Columns: []string{group.UsersColumn},
 			Bidi:    false,
 			Target: &sqlgraph.EdgeTarget{
-				IDSpec: &sqlgraph.FieldSpec{
-					Type:   field.TypeInt,
-					Column: user.FieldID,
-				},
+				IDSpec: sqlgraph.NewFieldSpec(user.FieldID, field.TypeInt),
 			},
 		}
 		for _, k := range nodes {
@ -347,10 +332,7 @@ func (guo *GroupUpdateOne) sqlSave(ctx context.Context) (_node *Group, err error
 			Columns: []string{group.UsersColumn},
 			Bidi:    false,
 			Target: &sqlgraph.EdgeTarget{
-				IDSpec: &sqlgraph.FieldSpec{
-					Type:   field.TypeInt,
-					Column: user.FieldID,
-				},
+				IDSpec: sqlgraph.NewFieldSpec(user.FieldID, field.TypeInt),
 			},
 		}
 		for _, k := range nodes {
--- a/ent/migrate/migrations/20230405104340_migration_name.sql
+++ b/ent/migrate/migrations/20230405104340_migration_name.sql
@ -0,0 +1,12 @@
+-- Create "cards" table
+CREATE TABLE `cards` (`id` integer NOT NULL PRIMARY KEY AUTOINCREMENT, `password` text NOT NULL, `card` integer NULL, `status` text NULL, `cp` integer NULL, `url` text NULL DEFAULT 'https://card.syui.ai', `created_at` datetime NULL, `user_card` integer NOT NULL, CONSTRAINT `cards_users_card` FOREIGN KEY (`user_card`) REFERENCES `users` (`id`) ON DELETE NO ACTION);
+-- Create "groups" table
+CREATE TABLE `groups` (`id` integer NOT NULL PRIMARY KEY AUTOINCREMENT, `name` text NOT NULL, `password` text NOT NULL);
+-- Create index "group_name" to table: "groups"
+CREATE UNIQUE INDEX `group_name` ON `groups` (`name`);
+-- Create "users" table
+CREATE TABLE `users` (`id` integer NOT NULL PRIMARY KEY AUTOINCREMENT, `username` text NOT NULL, `password` text NOT NULL, `created_at` datetime NULL, `updated_at` datetime NULL, `next` text NULL DEFAULT '20230405', `group_users` integer NULL, CONSTRAINT `users_groups_users` FOREIGN KEY (`group_users`) REFERENCES `groups` (`id`) ON DELETE SET NULL);
+-- Create index "users_username_key" to table: "users"
+CREATE UNIQUE INDEX `users_username_key` ON `users` (`username`);
+-- Create index "user_username" to table: "users"
+CREATE UNIQUE INDEX `user_username` ON `users` (`username`);
--- a/ent/migrate/migrations/atlas.sum
+++ b/ent/migrate/migrations/atlas.sum
@ -0,0 +1,2 @@
+h1:GU79ffcSbQHeq4BLGuuAdObBOt0WLTcsQx+AucxEqkA=
+20230405104340_migration_name.sql h1:vlsZT8ob1qpLmBAGPqNBBG/iFact7wy1pb27tAavvRU=
--- a/ent/migrate/schema.go
+++ b/ent/migrate/schema.go
@ -11,6 +11,7 @@ var (
 	// CardsColumns holds the columns for the "cards" table.
 	CardsColumns = []*schema.Column{
 		{Name: "id", Type: field.TypeInt, Increment: true},
+		{Name: "password", Type: field.TypeString},
 		{Name: "card", Type: field.TypeInt, Nullable: true},
 		{Name: "status", Type: field.TypeString, Nullable: true},
 		{Name: "cp", Type: field.TypeInt, Nullable: true},
@ -26,7 +27,7 @@ var (
 		ForeignKeys: []*schema.ForeignKey{
 			{
 				Symbol:     "cards_users_card",
-				Columns:    []*schema.Column{CardsColumns[6]},
+				Columns:    []*schema.Column{CardsColumns[7]},
 				RefColumns: []*schema.Column{UsersColumns[0]},
 				OnDelete:   schema.NoAction,
 			},
@ -36,6 +37,7 @@ var (
 	GroupsColumns = []*schema.Column{
 		{Name: "id", Type: field.TypeInt, Increment: true},
 		{Name: "name", Type: field.TypeString},
+		{Name: "password", Type: field.TypeString},
 	}
 	// GroupsTable holds the schema information for the "groups" table.
 	GroupsTable = &schema.Table{
@ -54,9 +56,10 @@ var (
 	UsersColumns = []*schema.Column{
 		{Name: "id", Type: field.TypeInt, Increment: true},
 		{Name: "username", Type: field.TypeString, Unique: true, Size: 30},
+		{Name: "password", Type: field.TypeString},
 		{Name: "created_at", Type: field.TypeTime, Nullable: true},
 		{Name: "updated_at", Type: field.TypeTime, Nullable: true},
-		{Name: "next", Type: field.TypeString, Nullable: true, Default: "20230404"},
+		{Name: "next", Type: field.TypeString, Nullable: true, Default: "20230406"},
 		{Name: "group_users", Type: field.TypeInt, Nullable: true},
 	}
 	// UsersTable holds the schema information for the "users" table.
@ -67,7 +70,7 @@ var (
 		ForeignKeys: []*schema.ForeignKey{
 			{
 				Symbol:     "users_groups_users",
-				Columns:    []*schema.Column{UsersColumns[5]},
+				Columns:    []*schema.Column{UsersColumns[6]},
 				RefColumns: []*schema.Column{GroupsColumns[0]},
 				OnDelete:   schema.SetNull,
 			},
--- a/ent/mutation.go
+++ b/ent/mutation.go
@ -37,6 +37,7 @@ type CardMutation struct {
 	op            Op
 	typ           string
 	id            *int
+	password      *string
 	card          *int
 	addcard       *int
 	status        *string
@ -150,6 +151,42 @@ func (m *CardMutation) IDs(ctx context.Context) ([]int, error) {
 	}
 }

+// SetPassword sets the "password" field.
+func (m *CardMutation) SetPassword(s string) {
+	m.password = &s
+}
+
+// Password returns the value of the "password" field in the mutation.
+func (m *CardMutation) Password() (r string, exists bool) {
+	v := m.password
+	if v == nil {
+		return
+	}
+	return *v, true
+}
+
+// OldPassword returns the old "password" field's value of the Card entity.
+// If the Card object wasn't provided to the builder, the object is fetched from the database.
+// An error is returned if the mutation operation is not UpdateOne, or the database query fails.
+func (m *CardMutation) OldPassword(ctx context.Context) (v string, err error) {
+	if !m.op.Is(OpUpdateOne) {
+		return v, errors.New("OldPassword is only allowed on UpdateOne operations")
+	}
+	if m.id == nil || m.oldValue == nil {
+		return v, errors.New("OldPassword requires an ID field in the mutation")
+	}
+	oldValue, err := m.oldValue(ctx)
+	if err != nil {
+		return v, fmt.Errorf("querying old value for OldPassword: %w", err)
+	}
+	return oldValue.Password, nil
+}
+
+// ResetPassword resets all changes to the "password" field.
+func (m *CardMutation) ResetPassword() {
+	m.password = nil
+}
+
 // SetCard sets the "card" field.
 func (m *CardMutation) SetCard(i int) {
 	m.card = &i
@ -510,7 +547,10 @@ func (m *CardMutation) Type() string {
 // order to get all numeric fields that were incremented/decremented, call
 // AddedFields().
 func (m *CardMutation) Fields() []string {
-	fields := make([]string, 0, 5)
+	fields := make([]string, 0, 6)
+	if m.password != nil {
+		fields = append(fields, card.FieldPassword)
+	}
 	if m.card != nil {
 		fields = append(fields, card.FieldCard)
 	}
@ -534,6 +574,8 @@ func (m *CardMutation) Fields() []string {
 // schema.
 func (m *CardMutation) Field(name string) (ent.Value, bool) {
 	switch name {
+	case card.FieldPassword:
+		return m.Password()
 	case card.FieldCard:
 		return m.Card()
 	case card.FieldStatus:
@ -553,6 +595,8 @@ func (m *CardMutation) Field(name string) (ent.Value, bool) {
 // database failed.
 func (m *CardMutation) OldField(ctx context.Context, name string) (ent.Value, error) {
 	switch name {
+	case card.FieldPassword:
+		return m.OldPassword(ctx)
 	case card.FieldCard:
 		return m.OldCard(ctx)
 	case card.FieldStatus:
@ -572,6 +616,13 @@ func (m *CardMutation) OldField(ctx context.Context, name string) (ent.Value, er
 // type.
 func (m *CardMutation) SetField(name string, value ent.Value) error {
 	switch name {
+	case card.FieldPassword:
+		v, ok := value.(string)
+		if !ok {
+			return fmt.Errorf("unexpected type %T for field %s", value, name)
+		}
+		m.SetPassword(v)
+		return nil
 	case card.FieldCard:
 		v, ok := value.(int)
 		if !ok {
@ -716,6 +767,9 @@ func (m *CardMutation) ClearField(name string) error {
 // It returns an error if the field is not defined in the schema.
 func (m *CardMutation) ResetField(name string) error {
 	switch name {
+	case card.FieldPassword:
+		m.ResetPassword()
+		return nil
 	case card.FieldCard:
 		m.ResetCard()
 		return nil
@ -816,6 +870,7 @@ type GroupMutation struct {
 	typ           string
 	id            *int
 	name          *string
+	password      *string
 	clearedFields map[string]struct{}
 	users         map[int]struct{}
 	removedusers  map[int]struct{}
@ -959,6 +1014,42 @@ func (m *GroupMutation) ResetName() {
 	m.name = nil
 }

+// SetPassword sets the "password" field.
+func (m *GroupMutation) SetPassword(s string) {
+	m.password = &s
+}
+
+// Password returns the value of the "password" field in the mutation.
+func (m *GroupMutation) Password() (r string, exists bool) {
+	v := m.password
+	if v == nil {
+		return
+	}
+	return *v, true
+}
+
+// OldPassword returns the old "password" field's value of the Group entity.
+// If the Group object wasn't provided to the builder, the object is fetched from the database.
+// An error is returned if the mutation operation is not UpdateOne, or the database query fails.
+func (m *GroupMutation) OldPassword(ctx context.Context) (v string, err error) {
+	if !m.op.Is(OpUpdateOne) {
+		return v, errors.New("OldPassword is only allowed on UpdateOne operations")
+	}
+	if m.id == nil || m.oldValue == nil {
+		return v, errors.New("OldPassword requires an ID field in the mutation")
+	}
+	oldValue, err := m.oldValue(ctx)
+	if err != nil {
+		return v, fmt.Errorf("querying old value for OldPassword: %w", err)
+	}
+	return oldValue.Password, nil
+}
+
+// ResetPassword resets all changes to the "password" field.
+func (m *GroupMutation) ResetPassword() {
+	m.password = nil
+}
+
 // AddUserIDs adds the "users" edge to the User entity by ids.
 func (m *GroupMutation) AddUserIDs(ids ...int) {
 	if m.users == nil {
@ -1047,10 +1138,13 @@ func (m *GroupMutation) Type() string {
 // order to get all numeric fields that were incremented/decremented, call
 // AddedFields().
 func (m *GroupMutation) Fields() []string {
-	fields := make([]string, 0, 1)
+	fields := make([]string, 0, 2)
 	if m.name != nil {
 		fields = append(fields, group.FieldName)
 	}
+	if m.password != nil {
+		fields = append(fields, group.FieldPassword)
+	}
 	return fields
 }

@ -1061,6 +1155,8 @@ func (m *GroupMutation) Field(name string) (ent.Value, bool) {
 	switch name {
 	case group.FieldName:
 		return m.Name()
+	case group.FieldPassword:
+		return m.Password()
 	}
 	return nil, false
 }
@ -1072,6 +1168,8 @@ func (m *GroupMutation) OldField(ctx context.Context, name string) (ent.Value, e
 	switch name {
 	case group.FieldName:
 		return m.OldName(ctx)
+	case group.FieldPassword:
+		return m.OldPassword(ctx)
 	}
 	return nil, fmt.Errorf("unknown Group field %s", name)
 }
@ -1088,6 +1186,13 @@ func (m *GroupMutation) SetField(name string, value ent.Value) error {
 		}
 		m.SetName(v)
 		return nil
+	case group.FieldPassword:
+		v, ok := value.(string)
+		if !ok {
+			return fmt.Errorf("unexpected type %T for field %s", value, name)
+		}
+		m.SetPassword(v)
+		return nil
 	}
 	return fmt.Errorf("unknown Group field %s", name)
 }
@ -1140,6 +1245,9 @@ func (m *GroupMutation) ResetField(name string) error {
 	case group.FieldName:
 		m.ResetName()
 		return nil
+	case group.FieldPassword:
+		m.ResetPassword()
+		return nil
 	}
 	return fmt.Errorf("unknown Group field %s", name)
 }
@ -1235,6 +1343,7 @@ type UserMutation struct {
 	typ           string
 	id            *int
 	username      *string
+	password      *string
 	created_at    *time.Time
 	updated_at    *time.Time
 	next          *string
@ -1381,6 +1490,42 @@ func (m *UserMutation) ResetUsername() {
 	m.username = nil
 }

+// SetPassword sets the "password" field.
+func (m *UserMutation) SetPassword(s string) {
+	m.password = &s
+}
+
+// Password returns the value of the "password" field in the mutation.
+func (m *UserMutation) Password() (r string, exists bool) {
+	v := m.password
+	if v == nil {
+		return
+	}
+	return *v, true
+}
+
+// OldPassword returns the old "password" field's value of the User entity.
+// If the User object wasn't provided to the builder, the object is fetched from the database.
+// An error is returned if the mutation operation is not UpdateOne, or the database query fails.
+func (m *UserMutation) OldPassword(ctx context.Context) (v string, err error) {
+	if !m.op.Is(OpUpdateOne) {
+		return v, errors.New("OldPassword is only allowed on UpdateOne operations")
+	}
+	if m.id == nil || m.oldValue == nil {
+		return v, errors.New("OldPassword requires an ID field in the mutation")
+	}
+	oldValue, err := m.oldValue(ctx)
+	if err != nil {
+		return v, fmt.Errorf("querying old value for OldPassword: %w", err)
+	}
+	return oldValue.Password, nil
+}
+
+// ResetPassword resets all changes to the "password" field.
+func (m *UserMutation) ResetPassword() {
+	m.password = nil
+}
+
 // SetCreatedAt sets the "created_at" field.
 func (m *UserMutation) SetCreatedAt(t time.Time) {
 	m.created_at = &t
@ -1616,10 +1761,13 @@ func (m *UserMutation) Type() string {
 // order to get all numeric fields that were incremented/decremented, call
 // AddedFields().
 func (m *UserMutation) Fields() []string {
-	fields := make([]string, 0, 4)
+	fields := make([]string, 0, 5)
 	if m.username != nil {
 		fields = append(fields, user.FieldUsername)
 	}
+	if m.password != nil {
+		fields = append(fields, user.FieldPassword)
+	}
 	if m.created_at != nil {
 		fields = append(fields, user.FieldCreatedAt)
 	}
@ -1639,6 +1787,8 @@ func (m *UserMutation) Field(name string) (ent.Value, bool) {
 	switch name {
 	case user.FieldUsername:
 		return m.Username()
+	case user.FieldPassword:
+		return m.Password()
 	case user.FieldCreatedAt:
 		return m.CreatedAt()
 	case user.FieldUpdatedAt:
@ -1656,6 +1806,8 @@ func (m *UserMutation) OldField(ctx context.Context, name string) (ent.Value, er
 	switch name {
 	case user.FieldUsername:
 		return m.OldUsername(ctx)
+	case user.FieldPassword:
+		return m.OldPassword(ctx)
 	case user.FieldCreatedAt:
 		return m.OldCreatedAt(ctx)
 	case user.FieldUpdatedAt:
@ -1678,6 +1830,13 @@ func (m *UserMutation) SetField(name string, value ent.Value) error {
 		}
 		m.SetUsername(v)
 		return nil
+	case user.FieldPassword:
+		v, ok := value.(string)
+		if !ok {
+			return fmt.Errorf("unexpected type %T for field %s", value, name)
+		}
+		m.SetPassword(v)
+		return nil
 	case user.FieldCreatedAt:
 		v, ok := value.(time.Time)
 		if !ok {
@ -1772,6 +1931,9 @@ func (m *UserMutation) ResetField(name string) error {
 	case user.FieldUsername:
 		m.ResetUsername()
 		return nil
+	case user.FieldPassword:
+		m.ResetPassword()
+		return nil
 	case user.FieldCreatedAt:
 		m.ResetCreatedAt()
 		return nil
--- a/ent/ogent/oas_json_gen.go
+++ b/ent/ogent/oas_json_gen.go
@ -917,6 +917,11 @@ func (s *CreateCardReq) Encode(e *jx.Encoder) {

 // encodeFields encodes fields.
 func (s *CreateCardReq) encodeFields(e *jx.Encoder) {
+	{
+
+		e.FieldStart("password")
+		e.Str(s.Password)
+	}
 	{
 		if s.Card.Set {
 			e.FieldStart("card")
@ -954,13 +959,14 @@ func (s *CreateCardReq) encodeFields(e *jx.Encoder) {
 	}
 }

-var jsonFieldsNameOfCreateCardReq = [6]string{
-	0: "card",
-	1: "status",
-	2: "cp",
-	3: "url",
-	4: "created_at",
-	5: "owner",
+var jsonFieldsNameOfCreateCardReq = [7]string{
+	0: "password",
+	1: "card",
+	2: "status",
+	3: "cp",
+	4: "url",
+	5: "created_at",
+	6: "owner",
 }

 // Decode decodes CreateCardReq from json.
@ -972,6 +978,18 @@ func (s *CreateCardReq) Decode(d *jx.Decoder) error {

 	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
 		switch string(k) {
+		case "password":
+			requiredBitSet[0] |= 1 << 0
+			if err := func() error {
+				v, err := d.Str()
+				s.Password = string(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"password\"")
+			}
 		case "card":
 			if err := func() error {
 				s.Card.Reset()
@ -1023,7 +1041,7 @@ func (s *CreateCardReq) Decode(d *jx.Decoder) error {
 				return errors.Wrap(err, "decode field \"created_at\"")
 			}
 		case "owner":
-			requiredBitSet[0] |= 1 << 5
+			requiredBitSet[0] |= 1 << 6
 			if err := func() error {
 				v, err := d.Int()
 				s.Owner = int(v)
@ -1044,7 +1062,7 @@ func (s *CreateCardReq) Decode(d *jx.Decoder) error {
 	// Validate required fields.
 	var failures []validate.FieldError
 	for i, mask := range [1]uint8{
-		0b00100000,
+		0b01000001,
 	} {
 		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
 			// Mask only required fields and check equality to mask using XOR.
@ -1104,6 +1122,11 @@ func (s *CreateGroupReq) encodeFields(e *jx.Encoder) {
 		e.FieldStart("name")
 		e.Str(s.Name)
 	}
+	{
+
+		e.FieldStart("password")
+		e.Str(s.Password)
+	}
 	{
 		if s.Users != nil {
 			e.FieldStart("users")
@ -1116,9 +1139,10 @@ func (s *CreateGroupReq) encodeFields(e *jx.Encoder) {
 	}
 }

-var jsonFieldsNameOfCreateGroupReq = [2]string{
+var jsonFieldsNameOfCreateGroupReq = [3]string{
 	0: "name",
-	1: "users",
+	1: "password",
+	2: "users",
 }

 // Decode decodes CreateGroupReq from json.
@ -1142,6 +1166,18 @@ func (s *CreateGroupReq) Decode(d *jx.Decoder) error {
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"name\"")
 			}
+		case "password":
+			requiredBitSet[0] |= 1 << 1
+			if err := func() error {
+				v, err := d.Str()
+				s.Password = string(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"password\"")
+			}
 		case "users":
 			if err := func() error {
 				s.Users = make([]int, 0)
@ -1171,7 +1207,7 @@ func (s *CreateGroupReq) Decode(d *jx.Decoder) error {
 	// Validate required fields.
 	var failures []validate.FieldError
 	for i, mask := range [1]uint8{
-		0b00000001,
+		0b00000011,
 	} {
 		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
 			// Mask only required fields and check equality to mask using XOR.
@ -1231,6 +1267,11 @@ func (s *CreateUserReq) encodeFields(e *jx.Encoder) {
 		e.FieldStart("username")
 		e.Str(s.Username)
 	}
+	{
+
+		e.FieldStart("password")
+		e.Str(s.Password)
+	}
 	{
 		if s.CreatedAt.Set {
 			e.FieldStart("created_at")
@ -1261,12 +1302,13 @@ func (s *CreateUserReq) encodeFields(e *jx.Encoder) {
 	}
 }

-var jsonFieldsNameOfCreateUserReq = [5]string{
+var jsonFieldsNameOfCreateUserReq = [6]string{
 	0: "username",
-	1: "created_at",
-	2: "updated_at",
-	3: "next",
-	4: "card",
+	1: "password",
+	2: "created_at",
+	3: "updated_at",
+	4: "next",
+	5: "card",
 }

 // Decode decodes CreateUserReq from json.
@ -1290,6 +1332,18 @@ func (s *CreateUserReq) Decode(d *jx.Decoder) error {
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"username\"")
 			}
+		case "password":
+			requiredBitSet[0] |= 1 << 1
+			if err := func() error {
+				v, err := d.Str()
+				s.Password = string(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"password\"")
+			}
 		case "created_at":
 			if err := func() error {
 				s.CreatedAt.Reset()
@ -1349,7 +1403,7 @@ func (s *CreateUserReq) Decode(d *jx.Decoder) error {
 	// Validate required fields.
 	var failures []validate.FieldError
 	for i, mask := range [1]uint8{
-		0b00000001,
+		0b00000011,
 	} {
 		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
 			// Mask only required fields and check equality to mask using XOR.
--- a/ent/ogent/oas_schemas_gen.go
+++ b/ent/ogent/oas_schemas_gen.go
@ -356,6 +356,7 @@ func (s *CardUpdate) SetCreatedAt(val OptDateTime) {
 func (*CardUpdate) updateCardRes() {}

 type CreateCardReq struct {
+	Password  string      `json:"password"`
 	Card      OptInt      `json:"card"`
 	Status    OptString   `json:"status"`
 	Cp        OptInt      `json:"cp"`
@ -364,6 +365,11 @@ type CreateCardReq struct {
 	Owner     int         `json:"owner"`
 }

+// GetPassword returns the value of Password.
+func (s *CreateCardReq) GetPassword() string {
+	return s.Password
+}
+
 // GetCard returns the value of Card.
 func (s *CreateCardReq) GetCard() OptInt {
 	return s.Card
@ -394,6 +400,11 @@ func (s *CreateCardReq) GetOwner() int {
 	return s.Owner
 }

+// SetPassword sets the value of Password.
+func (s *CreateCardReq) SetPassword(val string) {
+	s.Password = val
+}
+
 // SetCard sets the value of Card.
 func (s *CreateCardReq) SetCard(val OptInt) {
 	s.Card = val
@ -425,8 +436,9 @@ func (s *CreateCardReq) SetOwner(val int) {
 }

 type CreateGroupReq struct {
-	Name  string `json:"name"`
-	Users []int  `json:"users"`
+	Name     string `json:"name"`
+	Password string `json:"password"`
+	Users    []int  `json:"users"`
 }

 // GetName returns the value of Name.
@ -434,6 +446,11 @@ func (s *CreateGroupReq) GetName() string {
 	return s.Name
 }

+// GetPassword returns the value of Password.
+func (s *CreateGroupReq) GetPassword() string {
+	return s.Password
+}
+
 // GetUsers returns the value of Users.
 func (s *CreateGroupReq) GetUsers() []int {
 	return s.Users
@ -444,6 +461,11 @@ func (s *CreateGroupReq) SetName(val string) {
 	s.Name = val
 }

+// SetPassword sets the value of Password.
+func (s *CreateGroupReq) SetPassword(val string) {
+	s.Password = val
+}
+
 // SetUsers sets the value of Users.
 func (s *CreateGroupReq) SetUsers(val []int) {
 	s.Users = val
@ -451,6 +473,7 @@ func (s *CreateGroupReq) SetUsers(val []int) {

 type CreateUserReq struct {
 	Username  string      `json:"username"`
+	Password  string      `json:"password"`
 	CreatedAt OptDateTime `json:"created_at"`
 	UpdatedAt OptDateTime `json:"updated_at"`
 	Next      OptString   `json:"next"`
@ -462,6 +485,11 @@ func (s *CreateUserReq) GetUsername() string {
 	return s.Username
 }

+// GetPassword returns the value of Password.
+func (s *CreateUserReq) GetPassword() string {
+	return s.Password
+}
+
 // GetCreatedAt returns the value of CreatedAt.
 func (s *CreateUserReq) GetCreatedAt() OptDateTime {
 	return s.CreatedAt
@ -487,6 +515,11 @@ func (s *CreateUserReq) SetUsername(val string) {
 	s.Username = val
 }

+// SetPassword sets the value of Password.
+func (s *CreateUserReq) SetPassword(val string) {
+	s.Password = val
+}
+
 // SetCreatedAt sets the value of CreatedAt.
 func (s *CreateUserReq) SetCreatedAt(val OptDateTime) {
 	s.CreatedAt = val
--- a/ent/ogent/ogent.go
+++ b/ent/ogent/ogent.go
@ -12,8 +12,11 @@ import (
 	"t/ent/user"

 	"github.com/go-faster/jx"
+	"os"
 )

+var password = os.Getenv("PASS")
+var zero = "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
 // OgentHandler implements the ogen generated Handler interface and uses Ent as data layer.
 type OgentHandler struct {
 	client *ent.Client
@ -33,6 +36,7 @@ func rawError(err error) jx.Raw {
 func (h *OgentHandler) CreateCard(ctx context.Context, req *CreateCardReq) (CreateCardRes, error) {
 	b := h.client.Card.Create()
 	// Add all fields.
+	b.SetPassword(req.Password)
 	if v, ok := req.Card.Get(); ok {
 		b.SetCard(v)
 	}
@ -49,7 +53,12 @@ func (h *OgentHandler) CreateCard(ctx context.Context, req *CreateCardReq) (Crea
 		b.SetCreatedAt(v)
 	}
 	// Add all edges.
-	b.SetOwnerID(req.Owner)
+
+	if req.Password == password {
+		b.SetOwnerID(req.Owner)
+	} else {
+		b.SetOwnerID(0)
+	}
 	// Persist to storage.
 	e, err := b.Save(ctx)
 	if err != nil {
@ -109,7 +118,7 @@ func (h *OgentHandler) ReadCard(ctx context.Context, params ReadCardParams) (Rea

 // UpdateCard handles PATCH /cards/{id} requests.
 func (h *OgentHandler) UpdateCard(ctx context.Context, req *UpdateCardReq, params UpdateCardParams) (UpdateCardRes, error) {
-	b := h.client.Card.UpdateOneID(params.ID)
+	b := h.client.Card.UpdateOneID(0)
 	// Add all fields.
 	// Add all edges.
 	if v, ok := req.Owner.Get(); ok {
@ -148,7 +157,7 @@ func (h *OgentHandler) UpdateCard(ctx context.Context, req *UpdateCardReq, param

 // DeleteCard handles DELETE /cards/{id} requests.
 func (h *OgentHandler) DeleteCard(ctx context.Context, params DeleteCardParams) (DeleteCardRes, error) {
-	err := h.client.Card.DeleteOneID(params.ID).Exec(ctx)
+	err := h.client.Card.DeleteOneID(0).Exec(ctx)
 	if err != nil {
 		switch {
 		case ent.IsNotFound(err):
@ -240,6 +249,7 @@ func (h *OgentHandler) CreateGroup(ctx context.Context, req *CreateGroupReq) (Cr
 	b := h.client.Group.Create()
 	// Add all fields.
 	b.SetName(req.Name)
+	b.SetPassword(req.Password)
 	// Add all edges.
 	b.AddUserIDs(req.Users...)
 	// Persist to storage.
@ -301,7 +311,7 @@ func (h *OgentHandler) ReadGroup(ctx context.Context, params ReadGroupParams) (R

 // UpdateGroup handles PATCH /groups/{id} requests.
 func (h *OgentHandler) UpdateGroup(ctx context.Context, req *UpdateGroupReq, params UpdateGroupParams) (UpdateGroupRes, error) {
-	b := h.client.Group.UpdateOneID(params.ID)
+	b := h.client.Group.UpdateOneID(0)
 	// Add all fields.
 	if v, ok := req.Name.Get(); ok {
 		b.SetName(v)
@ -444,7 +454,12 @@ func (h *OgentHandler) ListGroupUsers(ctx context.Context, params ListGroupUsers
 func (h *OgentHandler) CreateUser(ctx context.Context, req *CreateUserReq) (CreateUserRes, error) {
 	b := h.client.User.Create()
 	// Add all fields.
-	b.SetUsername(req.Username)
+	if req.Password == password {
+		b.SetUsername(req.Username)
+	} else {
+		b.SetUsername("")
+	}
+	b.SetPassword(req.Password)
 	if v, ok := req.CreatedAt.Get(); ok {
 		b.SetCreatedAt(v)
 	}
@ -458,6 +473,7 @@ func (h *OgentHandler) CreateUser(ctx context.Context, req *CreateUserReq) (Crea
 	b.AddCardIDs(req.Card...)
 	// Persist to storage.
 	e, err := b.Save(ctx)
+
 	if err != nil {
 		switch {
 		case ent.IsNotSingular(err):
@ -560,7 +576,7 @@ func (h *OgentHandler) UpdateUser(ctx context.Context, req *UpdateUserReq, param

 // DeleteUser handles DELETE /users/{id} requests.
 func (h *OgentHandler) DeleteUser(ctx context.Context, params DeleteUserParams) (DeleteUserRes, error) {
-	err := h.client.User.DeleteOneID(params.ID).Exec(ctx)
+	err := h.client.User.DeleteOneID(0).Exec(ctx)
 	if err != nil {
 		switch {
 		case ent.IsNotFound(err):
--- a/ent/openapi.json
+++ b/ent/openapi.json
@ -77,6 +77,9 @@
              "schema": {
                "type": "object",
                "properties": {
+                  "password": {
+                    "type": "string"
+                  },
                  "card": {
                    "type": "integer"
                  },
@ -98,6 +101,7 @@
                  }
                },
                "required": [
+                  "password",
                  "owner"
                ]
              }
@ -412,6 +416,9 @@
                  "name": {
                    "type": "string"
                  },
+                  "password": {
+                    "type": "string"
+                  },
                  "users": {
                    "type": "array",
                    "items": {
@ -420,7 +427,8 @@
                  }
                },
                "required": [
-                  "name"
+                  "name",
+                  "password"
                ]
              }
            }
@ -734,6 +742,9 @@
                  "username": {
                    "type": "string"
                  },
+                  "password": {
+                    "type": "string"
+                  },
                  "created_at": {
                    "type": "string",
                    "format": "date-time"
@ -753,7 +764,8 @@
                  }
                },
                "required": [
-                  "username"
+                  "username",
+                  "password"
                ]
              }
            }
@ -1031,6 +1043,9 @@
          "id": {
            "type": "integer"
          },
+          "password": {
+            "type": "string"
+          },
          "card": {
            "type": "integer"
          },
@ -1053,6 +1068,7 @@
        },
        "required": [
          "id",
+          "password",
          "owner"
        ]
      },
@ -1199,6 +1215,9 @@
          "name": {
            "type": "string"
          },
+          "password": {
+            "type": "string"
+          },
          "users": {
            "type": "array",
            "items": {
@ -1208,7 +1227,8 @@
        },
        "required": [
          "id",
-          "name"
+          "name",
+          "password"
        ]
      },
      "GroupCreate": {
@ -1306,6 +1326,9 @@
          "username": {
            "type": "string"
          },
+          "password": {
+            "type": "string"
+          },
          "created_at": {
            "type": "string",
            "format": "date-time"
@ -1326,7 +1349,8 @@
        },
        "required": [
          "id",
-          "username"
+          "username",
+          "password"
        ]
      },
      "UserCreate": {
--- a/ent/runtime.go
+++ b/ent/runtime.go
@ -4,6 +4,7 @@ package ent

 import (
 	"t/ent/card"
+	"t/ent/group"
 	"t/ent/schema"
 	"t/ent/user"
 	"time"
@ -15,26 +16,36 @@ import (
 func init() {
 	cardFields := schema.Card{}.Fields()
 	_ = cardFields
+	// cardDescPassword is the schema descriptor for password field.
+	cardDescPassword := cardFields[0].Descriptor()
+	// card.PasswordValidator is a validator for the "password" field. It is called by the builders before save.
+	card.PasswordValidator = cardDescPassword.Validators[0].(func(string) error)
 	// cardDescCard is the schema descriptor for card field.
-	cardDescCard := cardFields[0].Descriptor()
+	cardDescCard := cardFields[1].Descriptor()
 	// card.DefaultCard holds the default value on creation for the card field.
 	card.DefaultCard = cardDescCard.Default.(func() int)
 	// cardDescStatus is the schema descriptor for status field.
-	cardDescStatus := cardFields[1].Descriptor()
+	cardDescStatus := cardFields[2].Descriptor()
 	// card.DefaultStatus holds the default value on creation for the status field.
 	card.DefaultStatus = cardDescStatus.Default.(func() string)
 	// cardDescCp is the schema descriptor for cp field.
-	cardDescCp := cardFields[2].Descriptor()
+	cardDescCp := cardFields[3].Descriptor()
 	// card.DefaultCp holds the default value on creation for the cp field.
 	card.DefaultCp = cardDescCp.Default.(func() int)
 	// cardDescURL is the schema descriptor for url field.
-	cardDescURL := cardFields[3].Descriptor()
+	cardDescURL := cardFields[4].Descriptor()
 	// card.DefaultURL holds the default value on creation for the url field.
 	card.DefaultURL = cardDescURL.Default.(string)
 	// cardDescCreatedAt is the schema descriptor for created_at field.
-	cardDescCreatedAt := cardFields[4].Descriptor()
+	cardDescCreatedAt := cardFields[5].Descriptor()
 	// card.DefaultCreatedAt holds the default value on creation for the created_at field.
 	card.DefaultCreatedAt = cardDescCreatedAt.Default.(func() time.Time)
+	groupFields := schema.Group{}.Fields()
+	_ = groupFields
+	// groupDescPassword is the schema descriptor for password field.
+	groupDescPassword := groupFields[1].Descriptor()
+	// group.PasswordValidator is a validator for the "password" field. It is called by the builders before save.
+	group.PasswordValidator = groupDescPassword.Validators[0].(func(string) error)
 	userFields := schema.User{}.Fields()
 	_ = userFields
 	// userDescUsername is the schema descriptor for username field.
@ -55,16 +66,20 @@ func init() {
 			return nil
 		}
 	}()
+	// userDescPassword is the schema descriptor for password field.
+	userDescPassword := userFields[1].Descriptor()
+	// user.PasswordValidator is a validator for the "password" field. It is called by the builders before save.
+	user.PasswordValidator = userDescPassword.Validators[0].(func(string) error)
 	// userDescCreatedAt is the schema descriptor for created_at field.
-	userDescCreatedAt := userFields[1].Descriptor()
+	userDescCreatedAt := userFields[2].Descriptor()
 	// user.DefaultCreatedAt holds the default value on creation for the created_at field.
 	user.DefaultCreatedAt = userDescCreatedAt.Default.(func() time.Time)
 	// userDescUpdatedAt is the schema descriptor for updated_at field.
-	userDescUpdatedAt := userFields[2].Descriptor()
+	userDescUpdatedAt := userFields[3].Descriptor()
 	// user.DefaultUpdatedAt holds the default value on creation for the updated_at field.
 	user.DefaultUpdatedAt = userDescUpdatedAt.Default.(func() time.Time)
 	// userDescNext is the schema descriptor for next field.
-	userDescNext := userFields[3].Descriptor()
+	userDescNext := userFields[4].Descriptor()
 	// user.DefaultNext holds the default value on creation for the next field.
 	user.DefaultNext = userDescNext.Default.(string)
 }
--- a/ent/runtime/runtime.go
+++ b/ent/runtime/runtime.go
@ -5,6 +5,6 @@ package runtime
 // The schema-stitching logic is generated in t/ent/runtime.go

 const (
-	Version = "v0.11.9"                                         // Version of ent codegen.
-	Sum     = "h1:dbbCkAiPVTRBIJwoZctiSYjB7zxQIBOzVSU5H9VYIQI=" // Sum of ent codegen.
+	Version = "v0.11.10"                                        // Version of ent codegen.
+	Sum     = "h1:iqn32ybY5HRW3xSAyMNdNKpZhKgMf1Zunsej9yPKUI8=" // Sum of ent codegen.
 )
--- a/ent/schema/card.go
+++ b/ent/schema/card.go
@ -20,6 +20,12 @@ var cp int

 func (Card) Fields() []ent.Field {
 	return []ent.Field{  
+
+		field.String("password").
+		NotEmpty().
+		Immutable().
+		Sensitive(),
+
 		field.Int("card").
 		Immutable().
 		DefaultFunc(func() int {
@ -93,5 +99,6 @@ func (Card) Edges() []ent.Edge {
 			Ref("card").
 			Unique().
 			Required(),
+
 	}
 }
--- a/ent/schema/group.go
+++ b/ent/schema/group.go
@ -16,6 +16,11 @@ type Group struct {
 func (Group) Fields() []ent.Field {
    return []ent.Field{
        field.String("name"),
+
+								field.String("password").
+								NotEmpty().
+								Immutable().
+								Sensitive(),
    }
 }

--- a/ent/schema/user.go
+++ b/ent/schema/user.go
@ -35,6 +35,11 @@ func (User) Fields() []ent.Field {
 		//Match(regexp.MustCompile("[a-z]+$")).
 		Unique(),

+		field.String("password").
+		NotEmpty().
+		Immutable().
+		Sensitive(),
+
 		//field.Bool("limit").
 		//Optional().
 		//Default(false),
--- a/ent/user.go
+++ b/ent/user.go
@ -18,6 +18,8 @@ type User struct {
 	ID int `json:"id,omitempty"`
 	// Username holds the value of the "username" field.
 	Username string `json:"username,omitempty"`
+	// Password holds the value of the "password" field.
+	Password string `json:"-"`
 	// CreatedAt holds the value of the "created_at" field.
 	CreatedAt time.Time `json:"created_at,omitempty"`
 	// UpdatedAt holds the value of the "updated_at" field.
@ -55,7 +57,7 @@ func (*User) scanValues(columns []string) ([]any, error) {
 		switch columns[i] {
 		case user.FieldID:
 			values[i] = new(sql.NullInt64)
-		case user.FieldUsername, user.FieldNext:
+		case user.FieldUsername, user.FieldPassword, user.FieldNext:
 			values[i] = new(sql.NullString)
 		case user.FieldCreatedAt, user.FieldUpdatedAt:
 			values[i] = new(sql.NullTime)
@ -88,6 +90,12 @@ func (u *User) assignValues(columns []string, values []any) error {
 			} else if value.Valid {
 				u.Username = value.String
 			}
+		case user.FieldPassword:
+			if value, ok := values[i].(*sql.NullString); !ok {
+				return fmt.Errorf("unexpected type %T for field password", values[i])
+			} else if value.Valid {
+				u.Password = value.String
+			}
 		case user.FieldCreatedAt:
 			if value, ok := values[i].(*sql.NullTime); !ok {
 				return fmt.Errorf("unexpected type %T for field created_at", values[i])
@ -149,6 +157,8 @@ func (u *User) String() string {
 	builder.WriteString("username=")
 	builder.WriteString(u.Username)
 	builder.WriteString(", ")
+	builder.WriteString("password=<sensitive>")
+	builder.WriteString(", ")
 	builder.WriteString("created_at=")
 	builder.WriteString(u.CreatedAt.Format(time.ANSIC))
 	builder.WriteString(", ")
--- a/ent/user/user.go
+++ b/ent/user/user.go
@ -13,6 +13,8 @@ const (
 	FieldID = "id"
 	// FieldUsername holds the string denoting the username field in the database.
 	FieldUsername = "username"
+	// FieldPassword holds the string denoting the password field in the database.
+	FieldPassword = "password"
 	// FieldCreatedAt holds the string denoting the created_at field in the database.
 	FieldCreatedAt = "created_at"
 	// FieldUpdatedAt holds the string denoting the updated_at field in the database.
@ -36,6 +38,7 @@ const (
 var Columns = []string{
 	FieldID,
 	FieldUsername,
+	FieldPassword,
 	FieldCreatedAt,
 	FieldUpdatedAt,
 	FieldNext,
@ -65,6 +68,8 @@ func ValidColumn(column string) bool {
 var (
 	// UsernameValidator is a validator for the "username" field. It is called by the builders before save.
 	UsernameValidator func(string) error
+	// PasswordValidator is a validator for the "password" field. It is called by the builders before save.
+	PasswordValidator func(string) error
 	// DefaultCreatedAt holds the default value on creation for the "created_at" field.
 	DefaultCreatedAt func() time.Time
 	// DefaultUpdatedAt holds the default value on creation for the "updated_at" field.
--- a/ent/user/where.go
+++ b/ent/user/where.go
@ -60,6 +60,11 @@ func Username(v string) predicate.User {
 	return predicate.User(sql.FieldEQ(FieldUsername, v))
 }

+// Password applies equality check predicate on the "password" field. It's identical to PasswordEQ.
+func Password(v string) predicate.User {
+	return predicate.User(sql.FieldEQ(FieldPassword, v))
+}
+
 // CreatedAt applies equality check predicate on the "created_at" field. It's identical to CreatedAtEQ.
 func CreatedAt(v time.Time) predicate.User {
 	return predicate.User(sql.FieldEQ(FieldCreatedAt, v))
@ -140,6 +145,71 @@ func UsernameContainsFold(v string) predicate.User {
 	return predicate.User(sql.FieldContainsFold(FieldUsername, v))
 }

+// PasswordEQ applies the EQ predicate on the "password" field.
+func PasswordEQ(v string) predicate.User {
+	return predicate.User(sql.FieldEQ(FieldPassword, v))
+}
+
+// PasswordNEQ applies the NEQ predicate on the "password" field.
+func PasswordNEQ(v string) predicate.User {
+	return predicate.User(sql.FieldNEQ(FieldPassword, v))
+}
+
+// PasswordIn applies the In predicate on the "password" field.
+func PasswordIn(vs ...string) predicate.User {
+	return predicate.User(sql.FieldIn(FieldPassword, vs...))
+}
+
+// PasswordNotIn applies the NotIn predicate on the "password" field.
+func PasswordNotIn(vs ...string) predicate.User {
+	return predicate.User(sql.FieldNotIn(FieldPassword, vs...))
+}
+
+// PasswordGT applies the GT predicate on the "password" field.
+func PasswordGT(v string) predicate.User {
+	return predicate.User(sql.FieldGT(FieldPassword, v))
+}
+
+// PasswordGTE applies the GTE predicate on the "password" field.
+func PasswordGTE(v string) predicate.User {
+	return predicate.User(sql.FieldGTE(FieldPassword, v))
+}
+
+// PasswordLT applies the LT predicate on the "password" field.
+func PasswordLT(v string) predicate.User {
+	return predicate.User(sql.FieldLT(FieldPassword, v))
+}
+
+// PasswordLTE applies the LTE predicate on the "password" field.
+func PasswordLTE(v string) predicate.User {
+	return predicate.User(sql.FieldLTE(FieldPassword, v))
+}
+
+// PasswordContains applies the Contains predicate on the "password" field.
+func PasswordContains(v string) predicate.User {
+	return predicate.User(sql.FieldContains(FieldPassword, v))
+}
+
+// PasswordHasPrefix applies the HasPrefix predicate on the "password" field.
+func PasswordHasPrefix(v string) predicate.User {
+	return predicate.User(sql.FieldHasPrefix(FieldPassword, v))
+}
+
+// PasswordHasSuffix applies the HasSuffix predicate on the "password" field.
+func PasswordHasSuffix(v string) predicate.User {
+	return predicate.User(sql.FieldHasSuffix(FieldPassword, v))
+}
+
+// PasswordEqualFold applies the EqualFold predicate on the "password" field.
+func PasswordEqualFold(v string) predicate.User {
+	return predicate.User(sql.FieldEqualFold(FieldPassword, v))
+}
+
+// PasswordContainsFold applies the ContainsFold predicate on the "password" field.
+func PasswordContainsFold(v string) predicate.User {
+	return predicate.User(sql.FieldContainsFold(FieldPassword, v))
+}
+
 // CreatedAtEQ applies the EQ predicate on the "created_at" field.
 func CreatedAtEQ(v time.Time) predicate.User {
 	return predicate.User(sql.FieldEQ(FieldCreatedAt, v))
--- a/ent/user_create.go
+++ b/ent/user_create.go
@ -27,6 +27,12 @@ func (uc *UserCreate) SetUsername(s string) *UserCreate {
 	return uc
 }

+// SetPassword sets the "password" field.
+func (uc *UserCreate) SetPassword(s string) *UserCreate {
+	uc.mutation.SetPassword(s)
+	return uc
+}
+
 // SetCreatedAt sets the "created_at" field.
 func (uc *UserCreate) SetCreatedAt(t time.Time) *UserCreate {
 	uc.mutation.SetCreatedAt(t)
@ -143,6 +149,14 @@ func (uc *UserCreate) check() error {
 			return &ValidationError{Name: "username", err: fmt.Errorf(`ent: validator failed for field "User.username": %w`, err)}
 		}
 	}
+	if _, ok := uc.mutation.Password(); !ok {
+		return &ValidationError{Name: "password", err: errors.New(`ent: missing required field "User.password"`)}
+	}
+	if v, ok := uc.mutation.Password(); ok {
+		if err := user.PasswordValidator(v); err != nil {
+			return &ValidationError{Name: "password", err: fmt.Errorf(`ent: validator failed for field "User.password": %w`, err)}
+		}
+	}
 	return nil
 }

@ -173,6 +187,10 @@ func (uc *UserCreate) createSpec() (*User, *sqlgraph.CreateSpec) {
 		_spec.SetField(user.FieldUsername, field.TypeString, value)
 		_node.Username = value
 	}
+	if value, ok := uc.mutation.Password(); ok {
+		_spec.SetField(user.FieldPassword, field.TypeString, value)
+		_node.Password = value
+	}
 	if value, ok := uc.mutation.CreatedAt(); ok {
 		_spec.SetField(user.FieldCreatedAt, field.TypeTime, value)
 		_node.CreatedAt = value
@ -193,10 +211,7 @@ func (uc *UserCreate) createSpec() (*User, *sqlgraph.CreateSpec) {
 			Columns: []string{user.CardColumn},
 			Bidi:    false,
 			Target: &sqlgraph.EdgeTarget{
-				IDSpec: &sqlgraph.FieldSpec{
-					Type:   field.TypeInt,
-					Column: card.FieldID,
-				},
+				IDSpec: sqlgraph.NewFieldSpec(card.FieldID, field.TypeInt),
 			},
 		}
 		for _, k := range nodes {
--- a/ent/user_update.go
+++ b/ent/user_update.go
@ -169,10 +169,7 @@ func (uu *UserUpdate) sqlSave(ctx context.Context) (n int, err error) {
 			Columns: []string{user.CardColumn},
 			Bidi:    false,
 			Target: &sqlgraph.EdgeTarget{
-				IDSpec: &sqlgraph.FieldSpec{
-					Type:   field.TypeInt,
-					Column: card.FieldID,
-				},
+				IDSpec: sqlgraph.NewFieldSpec(card.FieldID, field.TypeInt),
 			},
 		}
 		_spec.Edges.Clear = append(_spec.Edges.Clear, edge)
@ -185,10 +182,7 @@ func (uu *UserUpdate) sqlSave(ctx context.Context) (n int, err error) {
 			Columns: []string{user.CardColumn},
 			Bidi:    false,
 			Target: &sqlgraph.EdgeTarget{
-				IDSpec: &sqlgraph.FieldSpec{
-					Type:   field.TypeInt,
-					Column: card.FieldID,
-				},
+				IDSpec: sqlgraph.NewFieldSpec(card.FieldID, field.TypeInt),
 			},
 		}
 		for _, k := range nodes {
@ -204,10 +198,7 @@ func (uu *UserUpdate) sqlSave(ctx context.Context) (n int, err error) {
 			Columns: []string{user.CardColumn},
 			Bidi:    false,
 			Target: &sqlgraph.EdgeTarget{
-				IDSpec: &sqlgraph.FieldSpec{
-					Type:   field.TypeInt,
-					Column: card.FieldID,
-				},
+				IDSpec: sqlgraph.NewFieldSpec(card.FieldID, field.TypeInt),
 			},
 		}
 		for _, k := range nodes {
@ -405,10 +396,7 @@ func (uuo *UserUpdateOne) sqlSave(ctx context.Context) (_node *User, err error)
 			Columns: []string{user.CardColumn},
 			Bidi:    false,
 			Target: &sqlgraph.EdgeTarget{
-				IDSpec: &sqlgraph.FieldSpec{
-					Type:   field.TypeInt,
-					Column: card.FieldID,
-				},
+				IDSpec: sqlgraph.NewFieldSpec(card.FieldID, field.TypeInt),
 			},
 		}
 		_spec.Edges.Clear = append(_spec.Edges.Clear, edge)
@ -421,10 +409,7 @@ func (uuo *UserUpdateOne) sqlSave(ctx context.Context) (_node *User, err error)
 			Columns: []string{user.CardColumn},
 			Bidi:    false,
 			Target: &sqlgraph.EdgeTarget{
-				IDSpec: &sqlgraph.FieldSpec{
-					Type:   field.TypeInt,
-					Column: card.FieldID,
-				},
+				IDSpec: sqlgraph.NewFieldSpec(card.FieldID, field.TypeInt),
 			},
 		}
 		for _, k := range nodes {
@ -440,10 +425,7 @@ func (uuo *UserUpdateOne) sqlSave(ctx context.Context) (_node *User, err error)
 			Columns: []string{user.CardColumn},
 			Bidi:    false,
 			Target: &sqlgraph.EdgeTarget{
-				IDSpec: &sqlgraph.FieldSpec{
-					Type:   field.TypeInt,
-					Column: card.FieldID,
-				},
+				IDSpec: sqlgraph.NewFieldSpec(card.FieldID, field.TypeInt),
 			},
 		}
 		for _, k := range nodes {
--- a/go.mod
+++ b/go.mod
@ -5,7 +5,7 @@ go 1.19
 //replace ariga.io/ogent => ../../

 require (
-	entgo.io/ent v0.11.9
+	entgo.io/ent v0.11.10
 	github.com/go-faster/errors v0.6.1
 	github.com/go-faster/jx v0.42.0-alpha.1
 	github.com/mattn/go-sqlite3 v1.14.16
@ -18,7 +18,7 @@ require (
 )

 require (
-	ariga.io/atlas v0.9.1 // indirect
+	ariga.io/atlas v0.9.2-0.20230303073438-03a4779a6338 // indirect
 	ariga.io/entviz v0.0.0-20230125130633-6c9be8e08c7c // indirect
 	ariga.io/ogent v0.0.0-20230309073626-8dc564a6a73e // indirect
 	entgo.io/contrib v0.3.5 // indirect
@ -31,10 +31,12 @@ require (
 	github.com/go-logr/logr v1.2.3 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-openapi/inflect v0.19.0 // indirect
+	github.com/go-sql-driver/mysql v1.7.0 // indirect
 	github.com/golang/mock v1.6.0 // indirect
 	github.com/google/go-cmp v0.5.9 // indirect
 	github.com/google/uuid v1.3.0 // indirect
 	github.com/hashicorp/hcl/v2 v2.15.0 // indirect
+	github.com/joho/godotenv v1.5.1 // indirect
 	github.com/kyokomi/lottery v1.2.0 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.17 // indirect
--- a/go.sum
+++ b/go.sum
@ -1,5 +1,7 @@
 ariga.io/atlas v0.9.1 h1:EpoPMnwsQG0vn9c0sYExpwSYtr7bvuSUXzQclU2pMjc=
 ariga.io/atlas v0.9.1/go.mod h1:T230JFcENj4ZZzMkZrXFDSkv+2kXkUgpJ5FQQ5hMcKU=
+ariga.io/atlas v0.9.2-0.20230303073438-03a4779a6338 h1:8kmSV3mbQKn0niZ/EdE11uhFvFKiW1VlaqVBIYOyahM=
+ariga.io/atlas v0.9.2-0.20230303073438-03a4779a6338/go.mod h1:T230JFcENj4ZZzMkZrXFDSkv+2kXkUgpJ5FQQ5hMcKU=
 ariga.io/entviz v0.0.0-20230125130633-6c9be8e08c7c h1:7FbOjKKWKqD7FZXQq3qWcRlvGFO1LGYvVZIWQ2D9Evs=
 ariga.io/entviz v0.0.0-20230125130633-6c9be8e08c7c/go.mod h1:wArXZPqbbWBcOmkqwmIF6hIcW+3T1NLDde0iRhW6an8=
 ariga.io/ogent v0.0.0-20230309073626-8dc564a6a73e h1:8mxC+4Y7pVKgfoUJIMdChrS95d+TcJ6xuhw49nVYIAY=
@ -8,6 +10,8 @@ entgo.io/contrib v0.3.5 h1:wY85TgRp3j5ix/SZ9IE6Ob5lObHFmVUYH0ZFw1D5Hzc=
 entgo.io/contrib v0.3.5/go.mod h1:R5HiFszVD8OVOZKFGRbqYogRxK7z1ruzWyEEesjQwE0=
 entgo.io/ent v0.11.9 h1:dbbCkAiPVTRBIJwoZctiSYjB7zxQIBOzVSU5H9VYIQI=
 entgo.io/ent v0.11.9/go.mod h1:KWHOcDZn1xk3mz3ipWdKrQpMvwqa/9B69TUuAPP9W6g=
+entgo.io/ent v0.11.10 h1:iqn32ybY5HRW3xSAyMNdNKpZhKgMf1Zunsej9yPKUI8=
+entgo.io/ent v0.11.10/go.mod h1:mzTZ0trE+jCQw/fnzijbm5Mck/l8Gbg7gC/+L1COyzM=
 github.com/DATA-DOG/go-sqlmock v1.5.0 h1:Shsta01QNfFxHCfpW6YH2STWB0MudeXXEWMr20OEh60=
 github.com/Khan/genqlient v0.5.0 h1:TMZJ+tl/BpbmGyIBiXzKzUftDhw4ZWxQZ+1ydn0gyII=
 github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo=
@ -38,6 +42,7 @@ github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre
 github.com/go-openapi/inflect v0.19.0 h1:9jCH9scKIbHeV9m12SmPilScz6krDxKRasNNSNPXu/4=
 github.com/go-openapi/inflect v0.19.0/go.mod h1:lHpZVlpIQqLyKwJ4N+YSc9hchQy/i12fJykb83CRBH4=
 github.com/go-sql-driver/mysql v1.7.0 h1:ueSltNNllEqE3qcWBTD0iQd3IpL/6U+mJxLkazJ7YPc=
+github.com/go-sql-driver/mysql v1.7.0/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
 github.com/go-test/deep v1.0.3 h1:ZrJSEWsXzPOxaZnFteGEfooLba+ju3FYIbOrS+rQd68=
 github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc=
 github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs=
@ -47,6 +52,8 @@ github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
 github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/hashicorp/hcl/v2 v2.15.0 h1:CPDXO6+uORPjKflkWCCwoWc9uRp+zSIPcCQ+BrxV7m8=
 github.com/hashicorp/hcl/v2 v2.15.0/go.mod h1:JRmR89jycNkrrqnMmvPDMd56n1rQJ2Q6KocSLCMCXng=
+github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
+github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
@ -61,6 +68,7 @@ github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovk
 github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
 github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng=
 github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
+github.com/mattn/go-runewidth v0.0.9 h1:Lm995f3rfxdpd6TSmuVCHVb/QhupuXlYr8sCI/QdE+0=
 github.com/mattn/go-sqlite3 v1.14.16 h1:yOQRA0RpS5PFz/oikGwBEqvAWhWg5ufRz4ETLjwpU1Y=
 github.com/mattn/go-sqlite3 v1.14.16/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg=
 github.com/mazen160/go-random v0.0.0-20210308102632-d2b501c85c03 h1:iM7JTVzKOYKWjzhGcgHAgFVQt5QfiHIVrRUaWPfh0Q4=
@ -69,6 +77,7 @@ github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQ
 github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0=
 github.com/ogen-go/ogen v0.59.0 h1:9aSSZ1KCLJIcRyjkO7IHrG0vAI6l1BO877LwTbMcX+k=
 github.com/ogen-go/ogen v0.59.0/go.mod h1:0MHLcWEbxwdvR+R9E05paQSRh/2vHtVSJgKqmwYyW8M=
+github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec=
 github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
@ -76,6 +85,8 @@ github.com/segmentio/asm v1.2.0 h1:9BQrFxC+YOHJlTlHGkTrFWf59nbL3XnCoFLTwDCI7ys=
 github.com/segmentio/asm v1.2.0/go.mod h1:BqMnlJP91P8d+4ibuonYZw9mfnzI9HfxselHZr5aAcs=
 github.com/sergi/go-diff v1.1.0 h1:we8PVUC3FE2uYfodKH/nBHMSetSfHDR6scGdBi+erh0=
 github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
+github.com/spf13/cobra v1.6.1 h1:o94oiPyS4KD1mPy2fmcYYHHfCxLqYjJOhGsCHFZtEzA=
+github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
 github.com/stoewer/go-strcase v1.2.0 h1:Z2iHWqGXH00XYgqDmNgQbIBxf3wrNq0F3feEy0ainaU=
 github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
--- a/main.go
+++ b/main.go
@ -9,6 +9,7 @@ import (
 	"t/ent/ogent"
 	"entgo.io/ent/dialect"
 	_ "github.com/mattn/go-sqlite3"
+	"entgo.io/ent/dialect/sql/schema"
 	"time"
 )

@ -50,14 +51,21 @@ func (h handler) DrawDone(ctx context.Context, params ogent.DrawDoneParams) erro

 func main() {
 	// Create ent client.
-	client, err := ent.Open(dialect.SQLite, "file:/data/ent.sqlite?_fk=1")
+	client, err := ent.Open(dialect.SQLite, "file:/data/new.sqlite?_fk=1")
+	//client, err := ent.Open(dialect.SQLite, "file:data/ent.sqlite?_fk=1")
+	//client, err := ent.Open(dialect.SQLite, "file:/data/ent.sqlite?_fk=1")
 	//client, err := ent.Open(dialect.SQLite, "file:data?mode=memory&cache=shared&_fk=1")
 	if err != nil {
 		log.Fatal(err)
 	}
 	// Run the migrations.
-	if err := client.Schema.Create(context.Background()); err != nil {
-		log.Fatal(err)
+	//if err := client.Schema.Create(context.Background()); err != nil {
+	//	log.Fatal(err)
+	//}
+	ctx := context.Background()
+	err = client.Schema.Create(ctx, schema.WithAtlas(true))
+	if err != nil {
+		log.Fatalf("failed creating schema resources: %v", err)
 	}
 	// Create the handler.
 	h := handler{
--- a/readme.md
+++ b/readme.md
@ -9,8 +9,9 @@ $ ./card

 $ go generate ./...
 $ go run -mod=mod main.go
-$ curl -X POST -H "Content-Type: application/json" -d '{"username":"syui"}' localhost:8080/users
-$ curl -X POST -H "Content-Type: application/json" -d '{"owner":1}' localhost:8080/cards
+$ curl -X POST -H "Content-Type: application/json" -d "{\"username\":\"syui\",\"password\":\"$pass\"}" localhost:8080/users
+$ curl -X POST -H "Content-Type: application/json" -d "{\"owner\":1,\"password\":\"$pass\"}" localhost:8080/cards
+$ curl -X POST -H "Content-Type: application/json" -d "{\"owner\":1,\"card\":1,\"cp\":11,\"status\":\"normal\",\"password\":\"$pass\"}" localhost:8080/cards
 $ curl localhost:8080/users
 $ curl localhost:8080/cards
 $ curl localhost:8080/users/1
--- a/tmp/ogent.go
+++ b/tmp/ogent.go
@ -0,0 +1,674 @@
+// Code generated by ent, DO NOT EDIT.
+
+package ogent
+
+import (
+	"context"
+	"net/http"
+
+	"t/ent"
+	"t/ent/card"
+	"t/ent/group"
+	"t/ent/user"
+
+	"github.com/go-faster/jx"
+	"os"
+)
+
+var password = os.Getenv("PASS")
+var zero = "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
+// OgentHandler implements the ogen generated Handler interface and uses Ent as data layer.
+type OgentHandler struct {
+	client *ent.Client
+}
+
+// NewOgentHandler returns a new OgentHandler.
+func NewOgentHandler(c *ent.Client) *OgentHandler { return &OgentHandler{c} }
+
+// rawError renders err as json string.
+func rawError(err error) jx.Raw {
+	var e jx.Encoder
+	e.Str(err.Error())
+	return e.Bytes()
+}
+
+// CreateCard handles POST /cards requests.
+func (h *OgentHandler) CreateCard(ctx context.Context, req *CreateCardReq) (CreateCardRes, error) {
+	b := h.client.Card.Create()
+	// Add all fields.
+	b.SetPassword(req.Password)
+	if v, ok := req.Card.Get(); ok {
+		b.SetCard(v)
+	}
+	if v, ok := req.Status.Get(); ok {
+		b.SetStatus(v)
+	}
+	if v, ok := req.Cp.Get(); ok {
+		b.SetCp(v)
+	}
+	if v, ok := req.URL.Get(); ok {
+		b.SetURL(v)
+	}
+	if v, ok := req.CreatedAt.Get(); ok {
+		b.SetCreatedAt(v)
+	}
+	// Add all edges.
+
+	if req.Password == password {
+		b.SetOwnerID(req.Owner)
+	} else {
+		b.SetOwnerID(0)
+	}
+	// Persist to storage.
+	e, err := b.Save(ctx)
+	if err != nil {
+		switch {
+		case ent.IsNotSingular(err):
+			return &R409{
+				Code:   http.StatusConflict,
+				Status: http.StatusText(http.StatusConflict),
+				Errors: rawError(err),
+			}, nil
+		case ent.IsConstraintError(err):
+			return &R409{
+				Code:   http.StatusConflict,
+				Status: http.StatusText(http.StatusConflict),
+				Errors: rawError(err),
+			}, nil
+		default:
+			// Let the server handle the error.
+			return nil, err
+		}
+	}
+	// Reload the entity to attach all eager-loaded edges.
+	q := h.client.Card.Query().Where(card.ID(e.ID))
+	e, err = q.Only(ctx)
+	if err != nil {
+		// This should never happen.
+		return nil, err
+	}
+	return NewCardCreate(e), nil
+}
+
+// ReadCard handles GET /cards/{id} requests.
+func (h *OgentHandler) ReadCard(ctx context.Context, params ReadCardParams) (ReadCardRes, error) {
+	q := h.client.Card.Query().Where(card.IDEQ(params.ID))
+	e, err := q.Only(ctx)
+	if err != nil {
+		switch {
+		case ent.IsNotFound(err):
+			return &R404{
+				Code:   http.StatusNotFound,
+				Status: http.StatusText(http.StatusNotFound),
+				Errors: rawError(err),
+			}, nil
+		case ent.IsNotSingular(err):
+			return &R409{
+				Code:   http.StatusConflict,
+				Status: http.StatusText(http.StatusConflict),
+				Errors: rawError(err),
+			}, nil
+		default:
+			// Let the server handle the error.
+			return nil, err
+		}
+	}
+	return NewCardRead(e), nil
+}
+
+// UpdateCard handles PATCH /cards/{id} requests.
+func (h *OgentHandler) UpdateCard(ctx context.Context, req *UpdateCardReq, params UpdateCardParams) (UpdateCardRes, error) {
+	b := h.client.Card.UpdateOneID(0)
+	// Add all fields.
+	// Add all edges.
+	if v, ok := req.Owner.Get(); ok {
+		b.SetOwnerID(v)
+	}
+	// Persist to storage.
+	e, err := b.Save(ctx)
+	if err != nil {
+		switch {
+		case ent.IsNotFound(err):
+			return &R404{
+				Code:   http.StatusNotFound,
+				Status: http.StatusText(http.StatusNotFound),
+				Errors: rawError(err),
+			}, nil
+		case ent.IsConstraintError(err):
+			return &R409{
+				Code:   http.StatusConflict,
+				Status: http.StatusText(http.StatusConflict),
+				Errors: rawError(err),
+			}, nil
+		default:
+			// Let the server handle the error.
+			return nil, err
+		}
+	}
+	// Reload the entity to attach all eager-loaded edges.
+	q := h.client.Card.Query().Where(card.ID(e.ID))
+	e, err = q.Only(ctx)
+	if err != nil {
+		// This should never happen.
+		return nil, err
+	}
+	return NewCardUpdate(e), nil
+}
+
+// DeleteCard handles DELETE /cards/{id} requests.
+func (h *OgentHandler) DeleteCard(ctx context.Context, params DeleteCardParams) (DeleteCardRes, error) {
+	err := h.client.Card.DeleteOneID(0).Exec(ctx)
+	if err != nil {
+		switch {
+		case ent.IsNotFound(err):
+			return &R404{
+				Code:   http.StatusNotFound,
+				Status: http.StatusText(http.StatusNotFound),
+				Errors: rawError(err),
+			}, nil
+		case ent.IsConstraintError(err):
+			return &R409{
+				Code:   http.StatusConflict,
+				Status: http.StatusText(http.StatusConflict),
+				Errors: rawError(err),
+			}, nil
+		default:
+			// Let the server handle the error.
+			return nil, err
+		}
+	}
+	return new(DeleteCardNoContent), nil
+
+}
+
+// ListCard handles GET /cards requests.
+func (h *OgentHandler) ListCard(ctx context.Context, params ListCardParams) (ListCardRes, error) {
+	q := h.client.Card.Query()
+	page := 1
+	if v, ok := params.Page.Get(); ok {
+		page = v
+	}
+	itemsPerPage := 30
+	if v, ok := params.ItemsPerPage.Get(); ok {
+		itemsPerPage = v
+	}
+	q.Limit(itemsPerPage).Offset((page - 1) * itemsPerPage)
+
+	es, err := q.All(ctx)
+	if err != nil {
+		switch {
+		case ent.IsNotFound(err):
+			return &R404{
+				Code:   http.StatusNotFound,
+				Status: http.StatusText(http.StatusNotFound),
+				Errors: rawError(err),
+			}, nil
+		case ent.IsNotSingular(err):
+			return &R409{
+				Code:   http.StatusConflict,
+				Status: http.StatusText(http.StatusConflict),
+				Errors: rawError(err),
+			}, nil
+		default:
+			// Let the server handle the error.
+			return nil, err
+		}
+	}
+	r := NewCardLists(es)
+	return (*ListCardOKApplicationJSON)(&r), nil
+}
+
+// ReadCardOwner handles GET /cards/{id}/owner requests.
+func (h *OgentHandler) ReadCardOwner(ctx context.Context, params ReadCardOwnerParams) (ReadCardOwnerRes, error) {
+	q := h.client.Card.Query().Where(card.IDEQ(params.ID)).QueryOwner()
+	e, err := q.Only(ctx)
+	if err != nil {
+		switch {
+		case ent.IsNotFound(err):
+			return &R404{
+				Code:   http.StatusNotFound,
+				Status: http.StatusText(http.StatusNotFound),
+				Errors: rawError(err),
+			}, nil
+		case ent.IsNotSingular(err):
+			return &R409{
+				Code:   http.StatusConflict,
+				Status: http.StatusText(http.StatusConflict),
+				Errors: rawError(err),
+			}, nil
+		default:
+			// Let the server handle the error.
+			return nil, err
+		}
+	}
+	return NewCardOwnerRead(e), nil
+}
+
+// CreateGroup handles POST /groups requests.
+func (h *OgentHandler) CreateGroup(ctx context.Context, req *CreateGroupReq) (CreateGroupRes, error) {
+	b := h.client.Group.Create()
+	// Add all fields.
+	b.SetName(req.Name)
+	b.SetPassword(req.Password)
+	// Add all edges.
+	b.AddUserIDs(req.Users...)
+	// Persist to storage.
+	e, err := b.Save(ctx)
+	if err != nil {
+		switch {
+		case ent.IsNotSingular(err):
+			return &R409{
+				Code:   http.StatusConflict,
+				Status: http.StatusText(http.StatusConflict),
+				Errors: rawError(err),
+			}, nil
+		case ent.IsConstraintError(err):
+			return &R409{
+				Code:   http.StatusConflict,
+				Status: http.StatusText(http.StatusConflict),
+				Errors: rawError(err),
+			}, nil
+		default:
+			// Let the server handle the error.
+			return nil, err
+		}
+	}
+	// Reload the entity to attach all eager-loaded edges.
+	q := h.client.Group.Query().Where(group.ID(e.ID))
+	e, err = q.Only(ctx)
+	if err != nil {
+		// This should never happen.
+		return nil, err
+	}
+	return NewGroupCreate(e), nil
+}
+
+// ReadGroup handles GET /groups/{id} requests.
+func (h *OgentHandler) ReadGroup(ctx context.Context, params ReadGroupParams) (ReadGroupRes, error) {
+	q := h.client.Group.Query().Where(group.IDEQ(params.ID))
+	e, err := q.Only(ctx)
+	if err != nil {
+		switch {
+		case ent.IsNotFound(err):
+			return &R404{
+				Code:   http.StatusNotFound,
+				Status: http.StatusText(http.StatusNotFound),
+				Errors: rawError(err),
+			}, nil
+		case ent.IsNotSingular(err):
+			return &R409{
+				Code:   http.StatusConflict,
+				Status: http.StatusText(http.StatusConflict),
+				Errors: rawError(err),
+			}, nil
+		default:
+			// Let the server handle the error.
+			return nil, err
+		}
+	}
+	return NewGroupRead(e), nil
+}
+
+// UpdateGroup handles PATCH /groups/{id} requests.
+func (h *OgentHandler) UpdateGroup(ctx context.Context, req *UpdateGroupReq, params UpdateGroupParams) (UpdateGroupRes, error) {
+	b := h.client.Group.UpdateOneID(0)
+	// Add all fields.
+	if v, ok := req.Name.Get(); ok {
+		b.SetName(v)
+	}
+	// Add all edges.
+	if req.Users != nil {
+		b.ClearUsers().AddUserIDs(req.Users...)
+	}
+	// Persist to storage.
+	e, err := b.Save(ctx)
+	if err != nil {
+		switch {
+		case ent.IsNotFound(err):
+			return &R404{
+				Code:   http.StatusNotFound,
+				Status: http.StatusText(http.StatusNotFound),
+				Errors: rawError(err),
+			}, nil
+		case ent.IsConstraintError(err):
+			return &R409{
+				Code:   http.StatusConflict,
+				Status: http.StatusText(http.StatusConflict),
+				Errors: rawError(err),
+			}, nil
+		default:
+			// Let the server handle the error.
+			return nil, err
+		}
+	}
+	// Reload the entity to attach all eager-loaded edges.
+	q := h.client.Group.Query().Where(group.ID(e.ID))
+	e, err = q.Only(ctx)
+	if err != nil {
+		// This should never happen.
+		return nil, err
+	}
+	return NewGroupUpdate(e), nil
+}
+
+// DeleteGroup handles DELETE /groups/{id} requests.
+func (h *OgentHandler) DeleteGroup(ctx context.Context, params DeleteGroupParams) (DeleteGroupRes, error) {
+	err := h.client.Group.DeleteOneID(params.ID).Exec(ctx)
+	if err != nil {
+		switch {
+		case ent.IsNotFound(err):
+			return &R404{
+				Code:   http.StatusNotFound,
+				Status: http.StatusText(http.StatusNotFound),
+				Errors: rawError(err),
+			}, nil
+		case ent.IsConstraintError(err):
+			return &R409{
+				Code:   http.StatusConflict,
+				Status: http.StatusText(http.StatusConflict),
+				Errors: rawError(err),
+			}, nil
+		default:
+			// Let the server handle the error.
+			return nil, err
+		}
+	}
+	return new(DeleteGroupNoContent), nil
+
+}
+
+// ListGroup handles GET /groups requests.
+func (h *OgentHandler) ListGroup(ctx context.Context, params ListGroupParams) (ListGroupRes, error) {
+	q := h.client.Group.Query()
+	page := 1
+	if v, ok := params.Page.Get(); ok {
+		page = v
+	}
+	itemsPerPage := 30
+	if v, ok := params.ItemsPerPage.Get(); ok {
+		itemsPerPage = v
+	}
+	q.Limit(itemsPerPage).Offset((page - 1) * itemsPerPage)
+
+	es, err := q.All(ctx)
+	if err != nil {
+		switch {
+		case ent.IsNotFound(err):
+			return &R404{
+				Code:   http.StatusNotFound,
+				Status: http.StatusText(http.StatusNotFound),
+				Errors: rawError(err),
+			}, nil
+		case ent.IsNotSingular(err):
+			return &R409{
+				Code:   http.StatusConflict,
+				Status: http.StatusText(http.StatusConflict),
+				Errors: rawError(err),
+			}, nil
+		default:
+			// Let the server handle the error.
+			return nil, err
+		}
+	}
+	r := NewGroupLists(es)
+	return (*ListGroupOKApplicationJSON)(&r), nil
+}
+
+// ListGroupUsers handles GET /groups/{id}/users requests.
+func (h *OgentHandler) ListGroupUsers(ctx context.Context, params ListGroupUsersParams) (ListGroupUsersRes, error) {
+	q := h.client.Group.Query().Where(group.IDEQ(params.ID)).QueryUsers()
+	page := 1
+	if v, ok := params.Page.Get(); ok {
+		page = v
+	}
+	itemsPerPage := 30
+	if v, ok := params.ItemsPerPage.Get(); ok {
+		itemsPerPage = v
+	}
+	q.Limit(itemsPerPage).Offset((page - 1) * itemsPerPage)
+	es, err := q.All(ctx)
+	if err != nil {
+		switch {
+		case ent.IsNotFound(err):
+			return &R404{
+				Code:   http.StatusNotFound,
+				Status: http.StatusText(http.StatusNotFound),
+				Errors: rawError(err),
+			}, nil
+		case ent.IsNotSingular(err):
+			return &R409{
+				Code:   http.StatusConflict,
+				Status: http.StatusText(http.StatusConflict),
+				Errors: rawError(err),
+			}, nil
+		default:
+			// Let the server handle the error.
+			return nil, err
+		}
+	}
+	r := NewGroupUsersLists(es)
+	return (*ListGroupUsersOKApplicationJSON)(&r), nil
+}
+
+// CreateUser handles POST /users requests.
+func (h *OgentHandler) CreateUser(ctx context.Context, req *CreateUserReq) (CreateUserRes, error) {
+	b := h.client.User.Create()
+	// Add all fields.
+	if req.Password == password {
+		b.SetUsername(req.Username)
+	} else {
+		b.SetUsername("")
+	}
+	b.SetPassword(req.Password)
+	if v, ok := req.CreatedAt.Get(); ok {
+		b.SetCreatedAt(v)
+	}
+	if v, ok := req.UpdatedAt.Get(); ok {
+		b.SetUpdatedAt(v)
+	}
+	if v, ok := req.Next.Get(); ok {
+		b.SetNext(v)
+	}
+	// Add all edges.
+	b.AddCardIDs(req.Card...)
+	// Persist to storage.
+	e, err := b.Save(ctx)
+
+	if err != nil {
+		switch {
+		case ent.IsNotSingular(err):
+			return &R409{
+				Code:   http.StatusConflict,
+				Status: http.StatusText(http.StatusConflict),
+				Errors: rawError(err),
+			}, nil
+		case ent.IsConstraintError(err):
+			return &R409{
+				Code:   http.StatusConflict,
+				Status: http.StatusText(http.StatusConflict),
+				Errors: rawError(err),
+			}, nil
+		default:
+			// Let the server handle the error.
+			return nil, err
+		}
+	}
+	// Reload the entity to attach all eager-loaded edges.
+	q := h.client.User.Query().Where(user.ID(e.ID))
+	e, err = q.Only(ctx)
+	if err != nil {
+		// This should never happen.
+		return nil, err
+	}
+	return NewUserCreate(e), nil
+}
+
+// ReadUser handles GET /users/{id} requests.
+func (h *OgentHandler) ReadUser(ctx context.Context, params ReadUserParams) (ReadUserRes, error) {
+	q := h.client.User.Query().Where(user.IDEQ(params.ID))
+	e, err := q.Only(ctx)
+	if err != nil {
+		switch {
+		case ent.IsNotFound(err):
+			return &R404{
+				Code:   http.StatusNotFound,
+				Status: http.StatusText(http.StatusNotFound),
+				Errors: rawError(err),
+			}, nil
+		case ent.IsNotSingular(err):
+			return &R409{
+				Code:   http.StatusConflict,
+				Status: http.StatusText(http.StatusConflict),
+				Errors: rawError(err),
+			}, nil
+		default:
+			// Let the server handle the error.
+			return nil, err
+		}
+	}
+	return NewUserRead(e), nil
+}
+
+// UpdateUser handles PATCH /users/{id} requests.
+func (h *OgentHandler) UpdateUser(ctx context.Context, req *UpdateUserReq, params UpdateUserParams) (UpdateUserRes, error) {
+	b := h.client.User.UpdateOneID(params.ID)
+	// Add all fields.
+	if v, ok := req.UpdatedAt.Get(); ok {
+		b.SetUpdatedAt(v)
+	}
+	if v, ok := req.Next.Get(); ok {
+		b.SetNext(v)
+	}
+	// Add all edges.
+	if req.Card != nil {
+		b.ClearCard().AddCardIDs(req.Card...)
+	}
+	// Persist to storage.
+	e, err := b.Save(ctx)
+	if err != nil {
+		switch {
+		case ent.IsNotFound(err):
+			return &R404{
+				Code:   http.StatusNotFound,
+				Status: http.StatusText(http.StatusNotFound),
+				Errors: rawError(err),
+			}, nil
+		case ent.IsConstraintError(err):
+			return &R409{
+				Code:   http.StatusConflict,
+				Status: http.StatusText(http.StatusConflict),
+				Errors: rawError(err),
+			}, nil
+		default:
+			// Let the server handle the error.
+			return nil, err
+		}
+	}
+	// Reload the entity to attach all eager-loaded edges.
+	q := h.client.User.Query().Where(user.ID(e.ID))
+	e, err = q.Only(ctx)
+	if err != nil {
+		// This should never happen.
+		return nil, err
+	}
+	return NewUserUpdate(e), nil
+}
+
+// DeleteUser handles DELETE /users/{id} requests.
+func (h *OgentHandler) DeleteUser(ctx context.Context, params DeleteUserParams) (DeleteUserRes, error) {
+	err := h.client.User.DeleteOneID(0).Exec(ctx)
+	if err != nil {
+		switch {
+		case ent.IsNotFound(err):
+			return &R404{
+				Code:   http.StatusNotFound,
+				Status: http.StatusText(http.StatusNotFound),
+				Errors: rawError(err),
+			}, nil
+		case ent.IsConstraintError(err):
+			return &R409{
+				Code:   http.StatusConflict,
+				Status: http.StatusText(http.StatusConflict),
+				Errors: rawError(err),
+			}, nil
+		default:
+			// Let the server handle the error.
+			return nil, err
+		}
+	}
+	return new(DeleteUserNoContent), nil
+
+}
+
+// ListUser handles GET /users requests.
+func (h *OgentHandler) ListUser(ctx context.Context, params ListUserParams) (ListUserRes, error) {
+	q := h.client.User.Query()
+	page := 1
+	if v, ok := params.Page.Get(); ok {
+		page = v
+	}
+	itemsPerPage := 30
+	if v, ok := params.ItemsPerPage.Get(); ok {
+		itemsPerPage = v
+	}
+	q.Limit(itemsPerPage).Offset((page - 1) * itemsPerPage)
+
+	es, err := q.All(ctx)
+	if err != nil {
+		switch {
+		case ent.IsNotFound(err):
+			return &R404{
+				Code:   http.StatusNotFound,
+				Status: http.StatusText(http.StatusNotFound),
+				Errors: rawError(err),
+			}, nil
+		case ent.IsNotSingular(err):
+			return &R409{
+				Code:   http.StatusConflict,
+				Status: http.StatusText(http.StatusConflict),
+				Errors: rawError(err),
+			}, nil
+		default:
+			// Let the server handle the error.
+			return nil, err
+		}
+	}
+	r := NewUserLists(es)
+	return (*ListUserOKApplicationJSON)(&r), nil
+}
+
+// ListUserCard handles GET /users/{id}/card requests.
+func (h *OgentHandler) ListUserCard(ctx context.Context, params ListUserCardParams) (ListUserCardRes, error) {
+	q := h.client.User.Query().Where(user.IDEQ(params.ID)).QueryCard()
+	page := 1
+	if v, ok := params.Page.Get(); ok {
+		page = v
+	}
+	itemsPerPage := 30
+	if v, ok := params.ItemsPerPage.Get(); ok {
+		itemsPerPage = v
+	}
+	q.Limit(itemsPerPage).Offset((page - 1) * itemsPerPage)
+	es, err := q.All(ctx)
+	if err != nil {
+		switch {
+		case ent.IsNotFound(err):
+			return &R404{
+				Code:   http.StatusNotFound,
+				Status: http.StatusText(http.StatusNotFound),
+				Errors: rawError(err),
+			}, nil
+		case ent.IsNotSingular(err):
+			return &R409{
+				Code:   http.StatusConflict,
+				Status: http.StatusText(http.StatusConflict),
+				Errors: rawError(err),
+			}, nil
+		default:
+			// Let the server handle the error.
+			return nil, err
+		}
+	}
+	r := NewUserCardLists(es)
+	return (*ListUserCardOKApplicationJSON)(&r), nil
+}