cs50 pset9 expected status code 200 but got 403

I'm going crazy. I have been working on this problem set for 6 hours now and I have already finished but my check50 is giving a 403 error and expects a 200.this is my code any help is greatly appreciated

import osfrom cs50 import SQLfrom flask import Flask, flash, redirect, render_template, request, sessionfrom flask_session import Sessionfrom werkzeug.security import check_password_hash, generate_password_hashfrom helpers import apology, login_required, lookup, usd# Configure applicationapp = Flask(__name__)# Custom filterapp.jinja_env.filters["usd"] = usd# Configure session to use filesystem (instead of signed cookies)app.config["SESSION_PERMANENT"] = Falseapp.config["SESSION_TYPE"] = "filesystem"Session(app)# Configure CS50 Library to use SQLite databasedb = SQL("sqlite:///finance.db")numbers = [0, 1, 2, 3, 4, 5, 6, 7, 8, 9]#COPIED SQLITE3 TABLE DESIGN FROM DEVIN FINLEY@app.after_requestdef after_request(response):"""Ensure responses aren't cached"""    response.headers["Cache-Control"] = "no-cache, no-store, must-revalidate"    response.headers["Expires"] = 0    response.headers["Pragma"] = "no-cache"    return response@app.route("/")@login_requireddef index():"""Show portfolio of stocks"""    stocks = db.execute("SELECT symbol, SUM(shares) as total_shares FROM transactions WHERE user_id = ? GROUP BY symbol HAVING total_shares", session["user_id"])    cash = db.execute("SELECT cash FROM users WHERE id = ?", session["user_id"])[0]["cash"]    # update user_portfolio with stock current price and total actual price of shares    total_value  =cash    final_total=cash    for stock in stocks:        quote=lookup(stock["symbol"])        stock["price"]=quote["price"]        stock["value"]=stock["price"]*stock["total_shares"]        total_value+=stock["value"]        final_total+=stock["value"]    return render_template("index.html", stocks=stocks, cash=cash, total_value=total_value, grand_total=final_total)@app.route("/login", methods=["GET", "POST"])def login():"""Log user in"""    # Forget any user_id    session.clear()    # User reached route via POST (as by submitting a form via POST)    if request.method == "POST":        # Ensure username was submitted        if not request.form.get("username"):            return apology("must provide username", 403)        # Ensure password was submitted        elif not request.form.get("password"):            return apology("must provide password", 403)        # Query database for username        rows = db.execute("SELECT * FROM users WHERE username = ?", request.form.get("username")        )        # Ensure username exists and password is correct        if len(rows) != 1 or not check_password_hash(            rows[0]["hash"], request.form.get("password")        ):            return apology("invalid username and/or password", 403)        # Remember which user has logged in        session["user_id"] = rows[0]["id"]        # Redirect user to home page        return redirect("/")    # User reached route via GET (as by clicking a link or via redirect)    else:        return render_template("login.html")@app.route("/logout")def logout():"""Log user out"""    # Forget any user_id    session.clear()    # Redirect user to login form    return redirect("/")@app.route("/quote", methods=["GET", "POST"])@login_requireddef quote():"""Get stock quote."""    if request.method=="POST":        symbol  =request.form.get("symbol")        quote=lookup(symbol)        if not quote:            return apology("invalid symbol, 400")        return render_template("quote.html", quote=quote)    else:        return render_template("quote.html")@app.route("/register", methods=["GET", "POST"])def register():"""Register user"""    session.clear()    if request.method == "POST":        if not request.form.get("username"):            return apology("must provide username", 400)        elif not request.form.get("password"):            return apology("must provide password", 400)        elif not request.form.get("confirmation"):            return apology("must provide confirmation", 400)        elif request.form.get("password") != request.form.get("confirmation"):            return apology("passwords do not match", 400)        rows = db.execute("SELECT * FROM users WHERE username = ?", request.form.get("username")            )        if len(rows)!=0:            return apology("username already exists", 400)        db.execute("INSERT INTO users (username, hash) VALUES(?, ?)", request.form.get("username"), generate_password_hash(request.form.get("username")))        rows = db.execute("SELECT * FROM users WHERE username = ?", request.form.get("username")                )        session["user_id"]=rows[0]["id"]        return redirect("/")    else:        return render_template("register.html")

I've tried asking duck50 and changing the location of the redirect but nothing please help. I've looked at similar threads to no avail