From 909c6d5fba9309bd52df2555795759d13a6570bd Mon Sep 17 00:00:00 2001
From: Antony Kurniawan <antonynugroho467@gmail.com>
Date: Wed, 1 Oct 2025 10:18:44 +0700
Subject: [PATCH] fix: token

---
 middleware/verifyToken.js | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/middleware/verifyToken.js b/middleware/verifyToken.js
index 33e8dde..ab5eb21 100644
--- a/middleware/verifyToken.js
+++ b/middleware/verifyToken.js
@@ -8,7 +8,8 @@ function setUser(req, decoded) {
     username: decoded.user_name,
     email: decoded.user_email,
     roleId: decoded.role_id,
-    roleName: decoded.role_name
+    roleName: decoded.role_name,
+    is_sa: decoded.is_sa
   };
 }
 
@@ -44,10 +45,10 @@ function verifyRefreshToken(req, res, next) {
     }
 
     const decoded = JWTService.verifyRefreshToken(refreshToken);
-    setUser(req, decoded);
+    req.user = decoded;
     next();
   } catch (error) {
-    next(new ErrorHandler(500, 'Refresh token verification failed'));
+    next(new ErrorHandler(401, 'Refresh token is invalid or expired'));
   }
 }