App.post and app.get request are not working Using the Express.js

app.post() and app.get() is not getting triggered, app.use() is working fine. xhr api calls are being captured in the get and post. Need help solving this. I want to set cookie in the post response api.

that’s all the info I have.

const express = require('express');
const path = require('path');
const app = express();
const port = process.env.PORT || 3000;

app.post('/api-route/:id', async (req, res) => {
  console.log("Request body: ", req.body);
  console.log("Request params: ", req.params);
  
  // Example of setting a cookie with HttpOnly and Secure flags
  const token = 'your-generated-token'; // Replace with actual token logic

  res.cookie('sessionToken', token, {
    httpOnly: true, // Prevent JavaScript access
    secure: true,   // Only send cookie over HTTPS
    sameSite: 'Strict', // Optionally add SameSite attribute for additional security
    maxAge: 3600000  // Set the cookie's expiration time (1 hour in this example)
  });

});

app.get('/health', function (request, response) {
  response.send("ok")
});

// Middleware to set security headers
app.use((req, res, next) => {
  sendSecurityHeaders(res);
  next();
});

function sendSecurityHeaders(response) {
  response.setHeader('Strict-Transport-Security', 'max-age=31536000;');
  response.setHeader('X-Frame-Options', 'SAMEORIGIN');
  response.setHeader('X-Content-Type-Options', 'nosniff');
  response.setHeader('Referrer-Policy', 'strict-origin-when-cross-origin');
  response.setHeader('Permissions-Policy', 'geolocation=(self)');
  response.setHeader('Content-Security-Policy', "default-src 'self");
}

// Middleware to serve static files
app.use(express.static(path.join(__dirname, 'build')));

// Catch-all route to handle client-side routing
app.get('*', (req, res) => {
  res.sendFile(path.resolve(__dirname, 'build', 'index.html'));
});

app.listen(port, () => {
  console.log(`Server is listening on port ${port}`);
});