diff --git a/routes/api.js b/routes/api.js
index d1572cb..eec6f44 100644
--- a/routes/api.js
+++ b/routes/api.js
@@ -1,4 +1,3 @@
-// routes/api.js
 const express = require('express');
 const router = express.Router();
 const db = require('../db');
@@ -9,6 +8,14 @@ const fileUtils = require('../utils/fileUtils');
 const serverError = require('../utils/serverError');
 const video = require('../utils/video');
 const dbTester = require('../test/dbTester');
+const cors = require('cors'); // Import the cors package
+
+// Use the cors middleware
+router.use(cors({
+  origin: 'http://localhost:5500', // Replace with your frontend URL
+  methods: 'GET,POST,PUT,DELETE',
+  allowedHeaders: 'Content-Type',
+}));
 
 /**
  * @swagger
@@ -59,8 +66,7 @@ router.get('/projects/:id/create-video', async (req, res) => {
   } catch (error) {
     serverError.sendError('Error creating video:', res, error);
   }
-}
-);
+});
 
 /**
  * @swagger
@@ -113,9 +119,6 @@ router.get('/projects/:id', async (req, res) => {
 router.get('/projects/:id/videos', (req, res) => {
   const projectId = req.params.id;
   const query = 'SELECT * FROM public.videos WHERE project_id = $1';
-  res.setHeader('Access-Control-Allow-Origin', 'http://localhost:5500');
-  res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE');
-  res.setHeader('Access-Control-Allow-Headers', 'Content-Type');
   db.query(query, [projectId], (err, results) => {
     if (err) {
       serverError.sendError('Erreur lors de la récupération des vidéos pour le projet:', res, err);
@@ -145,9 +148,6 @@ router.get('/projects/:id/videos', (req, res) => {
 router.get('/projects/:id/measurements', (req, res) => {
   const projectId = req.params.id;
   const query = 'SELECT * FROM public.measurements WHERE project_id = $1';
-  res.setHeader('Access-Control-Allow-Origin', 'http://localhost:5500');
-  res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE');
-  res.setHeader('Access-Control-Allow-Headers', 'Content-Type');
   db.query(query, [projectId], (err, results) => {
     if (err) {
       serverError.sendError('Erreur lors de la récupération des mesures pour le projet:', res, err);
@@ -245,9 +245,6 @@ router.delete('/projects/:id', async (req, res) => {
  */
 router.get('/measurements', (req, res) => {
   const query = 'SELECT * FROM public.measurements';
-  res.setHeader('Access-Control-Allow-Origin', 'http://localhost:5500');
-  res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE');
-  res.setHeader('Access-Control-Allow-Headers', 'Content-Type');
   db.query(query, (err, results) => {
     if (err) {
       serverError.sendError('Erreur lors de la récupération des mesures:', res, err);
@@ -277,9 +274,6 @@ router.get('/measurements', (req, res) => {
 router.get('/measurements/:id', (req, res) => {
   const measurementId = req.params.id;
   const query = 'SELECT * FROM public.measurements WHERE id = $1';
-  res.setHeader('Access-Control-Allow-Origin', 'http://localhost:5500');
-  res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE');
-  res.setHeader('Access-Control-Allow-Headers', 'Content-Type');
   db.query(query, [measurementId], (err, results) => {
     if (err) {
       serverError.sendError('Erreur lors de la récupération de la mesure:', res, err);
@@ -356,9 +350,6 @@ router.delete('/measurements/:id', (req, res) => {
  */
 router.get('/videos', (req, res) => {
   const query = 'SELECT * FROM public.videos';
-  res.setHeader('Access-Control-Allow-Origin', 'http://localhost:5500');
-  res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE');
-  res.setHeader('Access-Control-Allow-Headers', 'Content-Type');
   db.query(query, (err, results) => {
     if (err) {
       serverError.sendError('Erreur lors de la récupération des vidéos:', res, err);
@@ -388,9 +379,6 @@ router.get('/videos', (req, res) => {
 router.get('/videos/:id', (req, res) => {
   const videoId = req.params.id;
   const query = 'SELECT * FROM public.videos WHERE id = $1';
-  res.setHeader('Access-Control-Allow-Origin', 'http://localhost:5500');
-  res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE');
-  res.setHeader('Access-Control-Allow-Headers', 'Content-Type');
   db.query(query, [videoId], (err, results) => {
     if (err) {
       serverError.sendError('Erreur lors de la récupération de la vidéo:', res, err);
@@ -508,9 +496,6 @@ router.delete('/videos/:id', (req, res) => {
  *         description: Image not found
  */
 router.get('/smile', (req, res) => {
-  res.setHeader('Access-Control-Allow-Origin', 'http://localhost:5500');
-  res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE');
-  res.setHeader('Access-Control-Allow-Headers', 'Content-Type');
   const imagePath = path.join(__dirname, '../storage/smile.jpg');
   fs.access(imagePath, fs.constants.F_OK, (err) => {
     if (err) {