SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

SuperTokens.com

Hey! Hoping to get some help with a CORS issue that I recently ran into. Our Flask app has two subdomains running in docker containers (`staging.<our_url>.com` and `production.<our_url>.com` ). 

Our goal is to have the user sign in on `staging.<our_url>.com` , but have this session utilized across both production and staging. I got SuperTokens up and running on our staging branch (works great here, btw!), followed the docs for handling multiple subdomains, but ran into a CORS error when I deployed to production:
```
Access to fetch at 'https://staging.<our_url>.com/auth/signinup/code' from origin 'https://production.<our_url>.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
```

I made sure that the CORS api is initialized after supertokens init but before the call to `Middleware(app)`, but still no luck. Any ideas what I'm doing wrong here?