diff --git a/delivery/controller/users_controller.go b/delivery/controller/users_controller.go
index c1401db..0e4031d 100644
--- a/delivery/controller/users_controller.go
+++ b/delivery/controller/users_controller.go
@@ -18,7 +18,7 @@ type UsersController struct {
 
 func (uc *UsersController) Route() {
 	rg:= uc.rg.Group("/users")
-	// rg.Use(middleware.RateLoginMiddleware())
+	rg.Use(middleware.RateLoginMiddleware())
 	rg.Use(middleware.CORSMiddleware())
 	rg.OPTIONS("/login", func(c *gin.Context) {
 		c.Status(http.StatusNoContent)
diff --git a/middleware/rate_limitter.go b/middleware/rate_limitter.go
index 39b0256..a877f47 100644
--- a/middleware/rate_limitter.go
+++ b/middleware/rate_limitter.go
@@ -43,6 +43,10 @@ func getLoginLimiter() *rate.Limiter {
 
 func RateLimitMiddleware() gin.HandlerFunc{
 	return func(c *gin.Context) {
+		if c.Request.Method == http.MethodOptions {
+			c.Next()
+			return
+		}
 		userID, exists := c.Get("userID")
         if !exists {
             common.ErrorResponses(c, http.StatusUnauthorized, "Unauthorized: No user ID found")
@@ -64,6 +68,10 @@ func RateLimitMiddleware() gin.HandlerFunc{
 
 func RateLoginMiddleware() gin.HandlerFunc{
 	return func(c *gin.Context) {
+		if c.Request.Method == http.MethodOptions {
+			c.Next()
+			return
+		}
 		limiter := getLoginLimiter()
 
 		if !limiter.Allow() {