Preflight CORS SlimFramework

I need help on handling preflighted CORS request with SlimFramework. I’m sending a post request with a ‘token’ header using Angular HTTP. This is what I have in the server to manage the CORS stuff:

$app->options('/{routes:.+}', function ($request, $response, $args) {
    return $response;

$app->add(function ($req, $res, $next) {
    $response = $next($req, $res);
    return $response
            ->withHeader('Access-Control-Allow-Origin', '*')
            ->withHeader('Access-Control-Allow-Headers', 'X-Requested-With, Content-Type, Accept, Origin, Authorization, token')
            ->withHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');

But I get in the Chrome browser:


I don’t know how the code in the server is supposed to be to avoid this issue. Everything works with Postman.