Update from GitHub Actions

functions/utils/cors.ts

@@ -4,7 +4,7 @@
 export const CORS_HEADERS = {
     'Access-Control-Allow-Origin': '*',  // 允许所有来源
     'Access-Control-Allow-Methods': 'GET, POST, PUT, DELETE, OPTIONS',  // 允许的HTTP方法
-    'Access-Control-Allow-Headers': 'Content-Type, Authorization, X-Requested-With, x-app-token',  // 允许的请求头
+    'Access-Control-Allow-Headers': '*',  // 允许的请求头
     'Access-Control-Max-Age': '86400',  // 预检请求的有效期
 };
 

functions/utils/jwt.ts

@@ -31,6 +31,7 @@ export async function generateToken(username: string, secret: string): Promise<s
  * @returns 验证是否通过
  */
 export async function verifyToken(request: Request, secret: string): Promise<boolean> {
+  console.log(request.headers)
   let authHeader = request.headers.get('Authorization');
   if (!authHeader) {
     authHeader = request.headers.get('x-app-token');

index.ts

@@ -37,8 +37,8 @@ app.use(trimTrailingSlash());
 app.use('*', cors({
     origin: '*',
     allowMethods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
-    allowHeaders: ['Content-Type', 'Authorization',"x-app-token"],
-    exposeHeaders: ['Content-Length'],
+    allowHeaders: ['*'],  // Allow all headers
+    exposeHeaders: ['*'], // Expose all headers
     credentials: true,
 }));