diff --git a/server/middleware/auth.js b/server/middleware/auth.js
index b48c1c8..b344ae0 100644
--- a/server/middleware/auth.js
+++ b/server/middleware/auth.js
@@ -39,6 +39,10 @@ async function authenticateToken(req, res, next) {
   }
 
   try {
+    if (!process.env.JWT_SECRET) {
+      throw new Error('JWT_SECRET environment variable is not set');
+    }
+    
     const decoded = jwt.verify(token, process.env.JWT_SECRET);
     
     // Log what's in the token for debugging