ARTICLE AD BOX
(index):1 Access to XMLHttpRequest at 'http://localhost:5001/api/updateBookingStatus/12f33c2e-68b9-41bc-aa6b-86fa8b2d3e65' from origin 'http://localhost:5173' has been blocked by CORS policy: Method PATCH is not allowed by Access-Control-Allow-Methods in preflight response.
this is the error. I have put PATCH in the cores configuration but still the error is showing
app.use( cors({ origin: "http://localhost:5173", methods: ["GET", "POST", "PUT", "DELETE","OPTIONS", "PATCH"], allowedHeaders: ["Authorization", "Content-Type"], }) ); //this is my frontend code const handleStatusChange=(bookingId, newStatus)=>{ console.log(`Changing status of booking ${bookingId} to ${newStatus}`); console.log("Token being sent:", localStorage.getItem("token")); axios.patch(`http://localhost:5001/api/updateBookingStatus/${bookingId}`, { bookingStatus:newStatus },{ headers:{ Authorization: `Bearer ${localStorage.getItem("token")}` } }).then((response)=>{ console.log("Status updated successfully:", response.data); setSelectedStatus(newStatus); // Update local state to reflect the change }).catch((error)=>{ console.error("Error updating status:", error); alert("Failed to update booking status. Please try again."); }); } //and this is my jwt verification import jwt from 'jsonwebtoken'; import dotenv from 'dotenv'; dotenv.config(); function verifyToken(req,res,next){ if(req.method==="OPTIONS"){ console.log("OPTIONS request - skipping auth"); return next(); } const authHeader=req.headers.authorization if(!authHeader){ return res.status(401).json({message:"no token provided"}) } const token=authHeader.split(" ")[1] try{ const decoded=jwt.verify(token,process.env.JWT_SECRET) req.user=decoded; next(); } catch(err){ return res.status(401).json({message:"Unauthorized"}) } } export default verifyToken;