update cors and deeptrain oauth link

app/src/views/IndexView.vue

@@ -27,11 +27,11 @@ function toggleUser() {
 }
 
 function login() {
-  location.href = "https://deeptrain.vercel.app/login?app=lightnotes";
+  location.href = "https://deeptrain.net/login?app=lightnotes";
 }
 
 function register() {
-  location.href = "https://deeptrain.vercel.app/register?app=lightnotes";
+  location.href = "https://deeptrain.net/register?app=lightnotes";
 }
 </script>
 <template>

backend/main.go

@@ -22,6 +22,7 @@ func main() {
 	}
 
 	{
+		app.Use(middleware.CORSMiddleware())
 		app.Use(middleware.BuiltinMiddleWare(ConnectMySQL(), ConnectRedis()))
 		app.Use(middleware.ThrottleMiddleware())
 		app.Use(AuthMiddleware())

backend/middleware/cors.go

@@ -0,0 +1,41 @@
+package middleware
+
+import (
+	"github.com/gin-gonic/gin"
+	"net/http"
+)
+
+var allowedOrigins = []string{
+	"https://fystart.cn",
+	"https://www.fystart.cn",
+	"https://40code.com",
+	"https://www.40code.com",
+}
+
+func Contains[T comparable](value T, slice []T) bool {
+	for _, item := range slice {
+		if item == value {
+			return true
+		}
+	}
+	return false
+}
+
+func CORSMiddleware() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		origin := c.Request.Header.Get("Origin")
+		if Contains(origin, allowedOrigins) {
+			c.Writer.Header().Set("Access-Control-Allow-Origin", origin)
+			c.Writer.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS")
+			c.Writer.Header().Set("Access-Control-Allow-Headers", "Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
+
+			if c.Request.Method == "OPTIONS" {
+				c.Writer.Header().Set("Access-Control-Max-Age", "3600")
+				c.AbortWithStatus(http.StatusOK)
+				return
+			}
+		}
+
+		c.Next()
+	}
+}