edit cors middleware

delivery/controller/users_controller.go

@@ -18,8 +18,8 @@ type UsersController struct {
 
 func (uc *UsersController) Route() {
 	rg:= uc.rg.Group("/users")
-	rg.Use(middleware.RateLoginMiddleware())
 	rg.Use(middleware.CORSMiddleware())
+	rg.Use(middleware.RateLoginMiddleware())
 	rg.OPTIONS("/login", func(c *gin.Context) {
 		c.Status(http.StatusNoContent)
 	})

middleware/cors_middleware.go

@@ -8,13 +8,12 @@ import (
 
 func CORSMiddleware() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		c.Writer.Header().Set("Access-Control-Allow-Origin", "*")
+		c.Writer.Header().Set("Access-Control-Allow-Origin", "*") // Change to specific domains if needed
 		c.Writer.Header().Set("Access-Control-Allow-Methods", "GET, POST, OPTIONS, PUT, DELETE")
-		c.Writer.Header().Set("Access-Control-Allow-Headers", "Authorization, Content-Type, X-Requested-With")
+		c.Writer.Header().Set("Access-Control-Allow-Headers", "Authorization, Content-Type")
-		c.Writer.Header().Set("Access-Control-Allow-Credentials", "true")
 
-		// Handle OPTIONS method
+		// Allow OPTIONS method to pass through
-		if c.Request.Method == "OPTIONS" {
+		if c.Request.Method == http.MethodOptions {
 			c.AbortWithStatus(http.StatusNoContent)
 			return
 		}