Add configurable CORS support via appsettings.json

Introduce CORS configuration using allowed origins from appsettings.json. Updated Program.cs to read allowed origins from configuration and apply them to the CORS policy, defaulting to AllowAnyOrigin if none are specified. Also made minor formatting and comment improvements.

DbFirst.API/appsettings.json

@@ -2,6 +2,12 @@
   "ConnectionStrings": {
     "DefaultConnection": "Server=SDD-VMP04-SQL17\\DD_DEVELOP01;Database=DD_ECM;User Id=sa;Password=dd;TrustServerCertificate=True;"
   },
+  "Cors": {
+    "AllowedOrigins": [
+      "https://localhost:7276",
+      "http://localhost:5101"
+    ]
+  },
   "Logging": {
     "LogLevel": {
       "Default": "Information",