Ребзя, хеллоу! Помогите пожалуйста с решением следующей пробемы: создал апишку на express'e,

залил на хост, домен, nginx вся фигня.

Через постман пробиваю эндпоинт - все гуд, все работает.
Добавил Access cors в nginx, но все равно не работает (

Фронт (react) говорит что ему выдает ошибку CORS

Access to fetch at 'https://domain/newlink' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

Подскажите пожалуйста как пофиксить данную проблему?

nginx config:
server{
server_name domain;
location / {
proxy_pass http://localhost:5000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}


add_header Access-Control-Allow-Origin *;
add_header Access-Control-Max-Age 3600;
add_header Access-Control-Expose-Headers Content-Length;
add_header Access-Control-Allow-Headers Range;

listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/api.donat.link/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/api.donat.link/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server{
if ($host = domain) {
return 301 https://$host$request_uri;
} # managed by Certbot


listen 80;
server_name domain;
return 404; # managed by Certbot


}

index.js:

const express = require('express');
const router = require('./router');
const bodyParser = require('body-parser');
const cors = require('cors')
let urlEncodedParser = bodyParser.urlencoded({extended: true});

class Server{
constructor(port) {
this.app = express();
this.port = port;
this.app.use(urlEncodedParser);
this.app.use(bodyParser.json());
this.app.use(router);
this.app.use(cors());
}

start(){
this.app.listen(this.port, (err) => {
if(err){
console.log(err);
throw err;
}
else{
console.log(`Server is running at ${this.port} port. `);
}
})
}
}

const server = new Server(5000);
server.start();

if ($request_method = 'OPTIONS') { add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Origin' $http_origin; add_header 'Access-Control-Allow-Methods' 'GET, POST, PATCH, OPTIONS, DELETE, PUT'; add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range, Authorization'; add_header 'Access-Control-Max-Age' 1728000; add_header 'Content-Type' 'text/plain; charset=utf-8'; add_header 'Content-Length' 0; return 204; }