From a6dedd46ede75da177b475c86c4249f0d42ba78b Mon Sep 17 00:00:00 2001
From: "theis.gaedigk" <theis.gaedigk@icloud.com>
Date: Fri, 15 Aug 2025 12:01:46 +0200
Subject: [PATCH] fix: configure CORS to allow specific origins and enable
 credentials

---
 backend/server.js | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/backend/server.js b/backend/server.js
index a3a7912..e375e90 100644
--- a/backend/server.js
+++ b/backend/server.js
@@ -16,7 +16,12 @@ env.config();
 const app = express();
 const port = 8002;
 
-app.use(cors());
+app.use(
+  cors({
+    origin: ["https://backend.lose.the1s.de", "https://lose.the1s.de"],
+    credentials: true,
+  })
+);
 // Increase body size limits to support large CSV JSON payloads
 app.use(express.urlencoded({ extended: true, limit: "10mb" }));
 app.set("view engine", "ejs");