diff --git a/src/main/java/co/jp/mamol/myapp/config/AppConfig.java b/src/main/java/co/jp/mamol/myapp/config/AppConfig.java
new file mode 100644
index 0000000..507829e
--- /dev/null
+++ b/src/main/java/co/jp/mamol/myapp/config/AppConfig.java
@@ -0,0 +1,15 @@
+package co.jp.mamol.myapp.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+public class AppConfig {
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/co/jp/mamol/myapp/config/CorsConfig.java b/src/main/java/co/jp/mamol/myapp/config/CorsConfig.java
new file mode 100644
index 0000000..5cf53f2
--- /dev/null
+++ b/src/main/java/co/jp/mamol/myapp/config/CorsConfig.java
@@ -0,0 +1,18 @@
+package co.jp.mamol.myapp.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Configuration
+public class CorsConfig implements WebMvcConfigurer {
+
+    @Override
+    public void addCorsMappings(CorsRegistry registry) {
+        registry.addMapping("/api/**") // 允许 /api/ 下的所有请求
+                .allowedOrigins("http://192.168.0.192:8089","http://192.168.50.20:8089","http://192.168.1.192:8089") // 允许来自该域的请求
+                .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS") // 允许的 HTTP 方法
+                .allowedHeaders("*") // 允许所有头部
+                .allowCredentials(true); // 允许发送 Cookie
+    }
+}
\ No newline at end of file