Fix jwt-token

server/middleware/auth.js

@@ -67,14 +67,20 @@ async function authenticateToken(req, res, next) {
     if (!user) {
       return res.status(401).json({
         success: false,
-        message: 'User not found'
+        message: 'User account not found. Please contact support.',
+        error: 'USER_NOT_FOUND',
+        errorCode: 'USER_NOT_FOUND',
+        redirectToLogin: true
       });
     }
 
     if (!user.is_active) {
       return res.status(401).json({
         success: false,
-        message: 'User account is inactive'
+        message: 'Your account has been deactivated. Please contact support.',
+        error: 'ACCOUNT_DEACTIVATED',
+        errorCode: 'ACCOUNT_INACTIVE',
+        redirectToLogin: true
       });
     }
 
@@ -158,7 +164,10 @@ function requireRole(roles) {
     if (!req.user) {
       return res.status(401).json({
         success: false,
-        message: 'Authentication required'
+        message: 'Authentication required',
+        error: 'NO_AUTH',
+        errorCode: 'AUTH_REQUIRED',
+        redirectToLogin: true
       });
     }
 
@@ -166,7 +175,12 @@ function requireRole(roles) {
     if (!userRoles.includes(req.user.role)) {
       return res.status(403).json({
         success: false,
-        message: 'Insufficient permissions'
+        message: `Access denied. This action requires ${userRoles.join(' or ')} permissions, but you have ${req.user.role} permissions.`,
+        error: 'INSUFFICIENT_PERMISSIONS',
+        errorCode: 'PERMISSION_DENIED',
+        userRole: req.user.role,
+        requiredRoles: userRoles,
+        redirectToLogin: false // Don't redirect for permission issues
       });
     }