diff --git a/app.js b/app.js
index 04fcb7789a21aa9ddd5596867c2f5bfd6e0cbc48..bf2bd1d18a586f558a2a40416c2804c7592595c0 100644
--- a/app.js
+++ b/app.js
@@ -17,33 +17,14 @@ const app = express();
 
 app.use(morgan('dev'));  //濡쒓퉭��
 // CORS �ㅼ젙
-
-const corsOptions = {
-  origin: (origin, callback) => {
-    console.log('CORS Origin:', origin); // �붾쾭源낆슜 濡쒓렇
-    const allowedOrigins = [
-      'http://localhost:3000', // 濡쒖뺄 媛쒕컻 �섍꼍
-      'http://ec2-43-203-68-83.ap-northeast-2.compute.amazonaws.com', // EC2 諛깆뿏��
-    ];
-    if (!origin) return callback(null, true); // origin�� �놁쑝硫� �덉슜 (e.g., Postman)
-    if (allowedOrigins.includes(origin)) {
-      return callback(null, true);
-    }
-    console.log('CORS origin rejected:', origin); // 李⑤떒�� origin 濡쒓렇
-    return callback(new Error('Not allowed by CORS'));
-  },
-  methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
-  allowedHeaders: ['Content-Type', 'Authorization'],
-  credentials: true, // 荑좏궎 �덉슜
-};
-
-// CORS 誘몃뱾�⑥뼱 �곸슜
-app.use(cors(corsOptions));
-
-// Preflight �붿껌 泥섎━
-app.options('*', cors(corsOptions));
-
-
+app.use(
+  cors({
+    origin: process.env.FRONTEND_URL, 
+    methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
+    allowedHeaders: ['Content-Type', 'Authorization'],
+    credentials: true,
+  })
+);
 // 
 app.use(
   session({
@@ -74,7 +55,7 @@ app.use(flash());
 console.log('MongoDB URI:', process.env.MONGO_URI);
 //�쇱슦�� �깅줉 
 const authRoutes = require('./routes/auth');
-app.use('/api/auth',authRoutes);
+app.use('/auth', authRoutes);
 
 const scheduleRoutes = require('./routes/schedule');
 app.use('/api/schedule', scheduleRoutes);
@@ -111,4 +92,4 @@ const PORT = process.env.PORT || 3000;
     console.error('�� �쒕쾭 �쒖옉 以� �ㅻ쪟 諛쒖깮:', error);
     process.exit(1);
   }
-})();
+})();
\ No newline at end of file