Never done before the authorization for the JWT. I have got a website, login and password for jwt authorization. Doing authentication via Xhr to get the output of the error
"Access to XMLHttpRequest at 'https://blablabla.ru/
' from origin 'localhost:3000
' has been blocked by CORS policy: Response to a preflight request doesn't pass the access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource."
On which side of this lock? From my browser or from the website?