Add dynamic CORS middleware to support Vercel preview domains

[hrideshmg]

When deploying frontend previews on Vercel, each branch or pull request is assigned a unique preview URL (e.g., https://home-git-fork-harshith-2208-develop-amfoss-dev.vercel.app/dashboard).

However, since CORS does not natively support URL wildcards, backend requests from these dynamically generated subdomains fail unless each preview URL is explicitly whitelisted. This breaks API requests during development and review stages.

Expected Behavior

Requests originating from any Vercel preview domain (i.e. *.vercel.app) should be accepted without needing manual updates to the CORS whitelist.

Proposed Solution

• Implement a custom CORS middleware in the backend that:
• Dynamically validates incoming Origin headers.
• Uses regex or pattern matching to allow origins that match the Vercel preview URL format: