diff --git a/app/middleware.php b/app/middleware.php
index c8d321e..bc6360d 100644
--- a/app/middleware.php
+++ b/app/middleware.php
@@ -5,6 +5,8 @@ return [
     // \think\middleware\CheckRequestCache::class,
     // 多语言加载
     // \think\middleware\LoadLangPack::class,
+    // 允许跨域请求 (如果没有跨域需求可将此处代码屏蔽以提升安全性)
+    \cores\middleware\AllowCrossDomain::class,
     // Session初始化
      \think\middleware\SessionInit::class
 ];
diff --git a/cores/middleware/AllowCrossDomain.php b/cores/middleware/AllowCrossDomain.php
new file mode 100644
index 0000000..7590234
--- /dev/null
+++ b/cores/middleware/AllowCrossDomain.php
@@ -0,0 +1,100 @@
+<?php
+// +----------------------------------------------------------------------
+// | 萤火商城系统 [ 致力于通过产品和服务，帮助商家高效化开拓市场 ]
+// +----------------------------------------------------------------------
+// | Copyright (c) 2017~2024 https://www.yiovo.com All rights reserved.
+// +----------------------------------------------------------------------
+// | Licensed 这不是一个自由软件，不允许对程序代码以任何形式任何目的的再发行
+// +----------------------------------------------------------------------
+// | Author: 萤火科技 <admin@yiovo.com>
+// +----------------------------------------------------------------------
+declare (strict_types=1);
+
+namespace cores\middleware;
+
+use Closure;
+use think\Config;
+use think\Request;
+use think\Response;
+
+/**
+ * 跨域请求支持
+ * Class AllowCrossDomain
+ * @package cores\middleware
+ */
+class AllowCrossDomain
+{
+    // cookie的所属域名
+    protected $cookieDomain;
+
+    /**
+     * 构造方法
+     * AllowCrossDomain constructor.
+     * @param Config $config
+     */
+    public function __construct(Config $config)
+    {
+        $this->cookieDomain = $config->get('cookie.domain', '');
+    }
+
+    /**
+     * 获取允许跨域的header参数 [自定义]
+     * @return array
+     */
+    private function getCustomHeader(): array
+    {
+        return [
+            'Access-Token',
+            'storeId',
+            'platform',
+        ];
+    }
+
+    /**
+     * 获取允许跨域的header参数
+     * @return array
+     */
+    private function getHeader(): array
+    {
+        $headers = array_merge([
+            'Authorization', 'Content-Type', 'X-CSRF-TOKEN', 'X-Requested-With',
+            'If-Match', 'If-Modified-Since', 'If-None-Match', 'If-Unmodified-Since'
+        ], $this->getCustomHeader());
+
+        return [
+            // 允许所有域名访问
+            'Access-Control-Allow-Origin' => '*',
+            // 允许cookie跨域访问
+            'Access-Control-Allow-Credentials' => 'true',
+            // 预检请求的有效期
+            'Access-Control-Max-Age' => 1800,
+            // 允许跨域的方法
+            'Access-Control-Allow-Methods' => 'GET, POST, PATCH, PUT, DELETE, OPTIONS',
+            // 跨域请求header头
+            'Access-Control-Allow-Headers' => implode(',', $headers),
+        ];
+    }
+
+    /**
+     * 允许跨域请求
+     * @access public
+     * @param Request $request
+     * @param Closure $next
+     * @param array|null $header
+     * @return Response
+     */
+    public function handle(Request $request, Closure $next, ?array $header = []): Response
+    {
+        $header = !empty($header) ? array_merge($this->getHeader(), $header) : $this->getHeader();
+        if (!isset($header['Access-Control-Allow-Origin'])) {
+            $origin = $request->header('origin');
+
+            if ($origin && ('' == $this->cookieDomain || strpos($origin, $this->cookieDomain))) {
+                $header['Access-Control-Allow-Origin'] = $origin;
+            } else {
+                $header['Access-Control-Allow-Origin'] = '*';
+            }
+        }
+        return $next($request)->header($header);
+    }
+}
diff --git a/cores/middleware/AppLog.php b/cores/middleware/AppLog.php
new file mode 100644
index 0000000..72077bb
--- /dev/null
+++ b/cores/middleware/AppLog.php
@@ -0,0 +1,66 @@
+<?php
+// +----------------------------------------------------------------------
+// | 萤火商城系统 [ 致力于通过产品和服务，帮助商家高效化开拓市场 ]
+// +----------------------------------------------------------------------
+// | Copyright (c) 2017~2024 https://www.yiovo.com All rights reserved.
+// +----------------------------------------------------------------------
+// | Licensed 这不是一个自由软件，不允许对程序代码以任何形式任何目的的再发行
+// +----------------------------------------------------------------------
+// | Author: 萤火科技 <admin@yiovo.com>
+// +----------------------------------------------------------------------
+declare (strict_types=1);
+
+namespace cores\middleware;
+
+use think\Response;
+use think\facade\Log as FacadeLog;
+use app\common\library\Log;
+
+/**
+ * 中间件：应用日志
+ */
+class AppLog
+{
+    // 访问日志
+    private static string $beginLog = '';
+
+    /**
+     * 前置中间件
+     * @param \think\Request $request
+     * @param \Closure $next
+     * @return mixed
+     */
+    public function handle(\think\Request $request, \Closure $next)
+    {
+        // 记录访问日志
+        if (env('begin_log')) {
+            $log = $this->getVisitor($request);
+            $log .= "\r\n" . '[ header ] ' . print_r($request->header(), true);
+            $log .= "" . '[ param ] ' . print_r($request->param(), true);
+            $log .= '--------------------------------------------------------------------------------------------';
+            static::$beginLog = $log;
+        }
+        return $next($request);
+    }
+
+    /**
+     * 记录访问日志
+     * @param Response $response
+     */
+    public function end(Response $response)
+    {
+        FacadeLog::record(static::$beginLog, 'begin');
+        Log::end();
+    }
+
+    /**
+     * 获取请求路径信息
+     * @param \think\Request $request
+     * @return string
+     */
+    private function getVisitor(\think\Request $request): string
+    {
+        $data = [$request->ip(), $request->method(), $request->url(true)];
+        return implode(' ', $data);
+    }
+}
\ No newline at end of file