Flask-CORS, Python Session. The access-control-allow-origin header returns to my frontend with the wildcard * ¿why?

Question

we have two days with this issue, first at all we are creating a nuxtjs frontend, and a flask backend, i made a login which works perfectly in my localhost, then in the serv