Fix CORS: Configure Flask-CORS properly to avoid duplicate headers

backend/app/main.py

@@ -23,7 +23,14 @@ if Config.ENCRYPTION_KEY:
     os.environ['ENCRYPTION_KEY'] = Config.ENCRYPTION_KEY
 
 # Extensions
-CORS(app)
+# CORS - Allow only from argeict.net
+CORS(app, resources={
+    r"/api/*": {
+        "origins": ["https://argeict.net"],
+        "methods": ["GET", "POST", "PUT", "DELETE", "OPTIONS"],
+        "allow_headers": ["Content-Type", "Authorization"]
+    }
+})
 db.init_app(app)
 migrate = Migrate(app, db)