diff --git a/lib/core/utils/ctx/ctx.go b/lib/core/utils/ctx/ctx.go
index 5eb29404..128e5005 100644
--- a/lib/core/utils/ctx/ctx.go
+++ b/lib/core/utils/ctx/ctx.go
@@ -47,7 +47,18 @@ func ShouldBindJSON(r *http.Request, args any) error {
 
 // JSON 相应json数据
 func JSON(w http.ResponseWriter, code int, data any) {
+	// 跨域响应头
+	// To solve cross domain issue
+	w.Header().Set("Access-Control-Allow-Origin", "*")
+	//	w.Header().Set("Access-Control-Allow-Methods", "POST, GET, PUT, DELETE, OPTIONS")
+	w.Header().Set("Access-Control-Allow-Methods", "*")
+	w.Header().Set("Access-Control-Allow-Headers", "*")
+	//	w.Header().Set("Access-Control-Allow-Headers", "Content-Type")
+	//	w.Header().Set("Access-Control-Allow-Headers", "AccessToken")
+	w.Header().Set("Access-Control-Expose-Headers", "Access-Control-Allow-Headers, Token")
+	w.Header().Set("Access-Control-Allow-Credentials", "true")
 	w.Header().Set("Content-Type", "application/json;charset=UTF-8")
+
 	response, err := json.Marshal(data)
 	if err != nil {
 		w.WriteHeader(500)
diff --git a/lib/midware/authorize.go b/lib/midware/authorize.go
index 4000d57f..ce62320f 100644
--- a/lib/midware/authorize.go
+++ b/lib/midware/authorize.go
@@ -24,11 +24,6 @@ import (
 func Authorize(options map[string][]string) func(http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-			if r.RequestURI == "/api/rest/securityManagement/v1/oauth/token" {
-				// 继续处理请求
-				next.ServeHTTP(w, r)
-				return
-			}
 			// 获取请求头标识信息
 			accessToken := r.Header.Get("AccessToken")
 			if accessToken == "" {