Fix jwt-token

server/middleware/rbac.js

@@ -240,10 +240,17 @@ const getRoles = () => {
  */
 const requirePermission = (resource, action) => {
   return (req, res, next) => {
-    if (!req.user || !req.user.role) {
+    if (!req.user) {
       return res.status(401).json({
         success: false,
-        message: 'Authentication required'
+        message: 'User not authenticated'
+      });
+    }
+
+    if (!req.user.role) {
+      return res.status(403).json({
+        success: false,
+        message: 'Insufficient permissions'
       });
     }
 
@@ -253,9 +260,7 @@ const requirePermission = (resource, action) => {
     if (!hasRequiredPermission) {
       return res.status(403).json({
         success: false,
-        message: 'Insufficient permissions',
-        required_permission: `${resource}.${action}`,
-        user_role: userRole
+        message: 'Insufficient permissions'
       });
     }
 
@@ -337,7 +342,6 @@ module.exports = {
   getPermissions,
   getRoles,
   requirePermission,
-  requirePermission,
   requirePermissions,
   requireAnyPermission
 };