Index: backend/src/main/java/mk/ukim/finki/db/distributorapp/_security/SecurityConfig.java
===================================================================
--- backend/src/main/java/mk/ukim/finki/db/distributorapp/_security/SecurityConfig.java	(revision 26ac30e5d32279b3b2498f5cdd42397347ddd5d2)
+++ backend/src/main/java/mk/ukim/finki/db/distributorapp/_security/SecurityConfig.java	(revision 1bac4662d667eaad2414c77edf4f2d41f823e9a8)
@@ -1,4 +1,5 @@
 package mk.ukim.finki.db.distributorapp._security;
 
+import jakarta.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
 import mk.ukim.finki.db.distributorapp._security.jwt.JwtAuthenticationFilter;
@@ -39,5 +40,4 @@
                 .requiresChannel(channel -> channel
                         .anyRequest().requiresSecure() // Force HTTPS for all requests.
-
                 )
                 .cors(Customizer.withDefaults())
@@ -52,13 +52,13 @@
                 )
                 .addFilterBefore(new JwtAuthenticationFilter(jwtTokenProvider), UsernamePasswordAuthenticationFilter.class)
-                .formLogin(login -> login
-                        .loginPage("/auth/login")
-                        .loginProcessingUrl("/auth/login")
-                        .usernameParameter("email")
-                        .passwordParameter("password")
-                        .defaultSuccessUrl("/home", true)
-                        .failureUrl("/auth/login?error=true")
-                        .permitAll()
-                )
+//                .formLogin(login -> login
+//                        .loginPage("/auth/login")
+//                        .loginProcessingUrl("/auth/login")
+//                        .usernameParameter("email")
+//                        .passwordParameter("password")
+//                        .defaultSuccessUrl("/home", true)
+//                        .failureUrl("/auth/login?error=true")
+//                        .permitAll()
+//                )
                 .logout(logout -> logout
                         .logoutUrl("/logout")
@@ -70,6 +70,9 @@
                         .permitAll()
                 )
-                .exceptionHandling((ex) -> ex
-                        .accessDeniedPage("/access-denied"))
+                .exceptionHandling(exception ->
+                        exception.authenticationEntryPoint((request, response, authException) -> {
+                            response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized");
+                        })
+                )
                 .csrf(AbstractHttpConfigurer::disable);
 
@@ -81,5 +84,5 @@
         CorsConfiguration configuration = new CorsConfiguration();
 
-        configuration.setAllowedOrigins(List.of("https://10.0.2.2:8080"));
+        configuration.setAllowedOrigins(List.of("https://10.0.2.2:8443"));
         configuration.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "OPTIONS"));
         configuration.setAllowedHeaders(List.of("*"));
Index: backend/src/main/java/mk/ukim/finki/db/distributorapp/_security/jwt/JwtAuthenticationFilter.java
===================================================================
--- backend/src/main/java/mk/ukim/finki/db/distributorapp/_security/jwt/JwtAuthenticationFilter.java	(revision 26ac30e5d32279b3b2498f5cdd42397347ddd5d2)
+++ backend/src/main/java/mk/ukim/finki/db/distributorapp/_security/jwt/JwtAuthenticationFilter.java	(revision 1bac4662d667eaad2414c77edf4f2d41f823e9a8)
@@ -7,4 +7,6 @@
 import lombok.RequiredArgsConstructor;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
@@ -13,5 +15,6 @@
 
 import java.io.IOException;
-import java.util.Collections;
+import java.util.List;
+import java.util.stream.Collectors;
 
 @RequiredArgsConstructor
@@ -29,6 +32,12 @@
             String email = jwtTokenProvider.getEmailFromToken(token);
 
+            List<String> roles = jwtTokenProvider.getRolesFromToken(token);
+
+            List<GrantedAuthority> authorities = roles.stream()
+                    .map(SimpleGrantedAuthority::new)
+                    .collect(Collectors.toList());
+
             UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(
-                    email, null, Collections.emptyList());
+                    email, null, authorities);
             auth.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
 
Index: backend/src/main/java/mk/ukim/finki/db/distributorapp/_web/api/RestCustomerController.java
===================================================================
--- backend/src/main/java/mk/ukim/finki/db/distributorapp/_web/api/RestCustomerController.java	(revision 1bac4662d667eaad2414c77edf4f2d41f823e9a8)
+++ backend/src/main/java/mk/ukim/finki/db/distributorapp/_web/api/RestCustomerController.java	(revision 1bac4662d667eaad2414c77edf4f2d41f823e9a8)
@@ -0,0 +1,38 @@
+package mk.ukim.finki.db.distributorapp._web.api;
+
+import lombok.RequiredArgsConstructor;
+import mk.ukim.finki.db.distributorapp.customer.CustomerService;
+import mk.ukim.finki.db.distributorapp.customer.dto.CustomerDashboardDto;
+import mk.ukim.finki.db.distributorapp.delivery.DeliveryService;
+import mk.ukim.finki.db.distributorapp.delivery.dto.DeliveryDto;
+import mk.ukim.finki.db.distributorapp.order.OrdersService;
+import mk.ukim.finki.db.distributorapp.order.dto.OrderSimpleDto;
+import mk.ukim.finki.db.distributorapp.proForma.ProFormaService;
+import mk.ukim.finki.db.distributorapp.proForma.dto.ProFormaDto;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.List;
+
+@RestController
+@RequiredArgsConstructor
+@RequestMapping("api/customer")
+@CrossOrigin(origins = "*")
+public class RestCustomerController {
+    private final CustomerService customerService;
+    private final OrdersService ordersService;
+    private final DeliveryService deliveryService;
+    private final ProFormaService proFormaService;
+
+    @GetMapping("/{customerId}/dashboard")
+    public ResponseEntity<CustomerDashboardDto> getCustomerDashboard(@PathVariable("customerId") Long customerId) {
+        CustomerDashboardDto dashboard = new CustomerDashboardDto();
+        List<OrderSimpleDto> userOrders = this.ordersService.findSimpleOrdersByCustomer(customerId);
+        List<DeliveryDto> userDeliveries = this.deliveryService.getCurrentDeliveriesByCustomer(customerId);
+        List<ProFormaDto> userProFormas = this.proFormaService.getCurentProFormasByCustomer(customerId);
+        dashboard.setOrders(userOrders);
+        dashboard.setDeliveries(userDeliveries);
+        dashboard.setProFormas(userProFormas);
+        return ResponseEntity.ok(dashboard);
+    }
+}
Index: ckend/src/main/java/mk/ukim/finki/db/distributorapp/_web/rest/RestCustomerController.java
===================================================================
--- backend/src/main/java/mk/ukim/finki/db/distributorapp/_web/rest/RestCustomerController.java	(revision 26ac30e5d32279b3b2498f5cdd42397347ddd5d2)
+++ 	(revision )
@@ -1,38 +1,0 @@
-package mk.ukim.finki.db.distributorapp._web.rest;
-
-import lombok.RequiredArgsConstructor;
-import mk.ukim.finki.db.distributorapp.customer.CustomerService;
-import mk.ukim.finki.db.distributorapp.customer.dto.CustomerDashboardDto;
-import mk.ukim.finki.db.distributorapp.delivery.DeliveryService;
-import mk.ukim.finki.db.distributorapp.delivery.dto.DeliveryDto;
-import mk.ukim.finki.db.distributorapp.order.OrdersService;
-import mk.ukim.finki.db.distributorapp.order.dto.OrderSimpleDto;
-import mk.ukim.finki.db.distributorapp.proForma.ProFormaService;
-import mk.ukim.finki.db.distributorapp.proForma.dto.ProFormaDto;
-import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.*;
-
-import java.util.List;
-
-@RestController
-@RequiredArgsConstructor
-@RequestMapping("api/customer")
-@CrossOrigin(origins = "*")
-public class RestCustomerController {
-    private final CustomerService customerService;
-    private final OrdersService ordersService;
-    private final DeliveryService deliveryService;
-    private final ProFormaService proFormaService;
-
-    @GetMapping("/{customerId}/dashboard")
-    public ResponseEntity<CustomerDashboardDto> getCustomerDashboard(@PathVariable("customerId") Long customerId) {
-        CustomerDashboardDto dashboard = new CustomerDashboardDto();
-        List<OrderSimpleDto> userOrders = this.ordersService.findSimpleOrdersByCustomer(customerId);
-        List<DeliveryDto> userDeliveries = this.deliveryService.getCurrentDeliveriesByCustomer(customerId);
-        List<ProFormaDto> userProFormas = this.proFormaService.getCurentProFormasByCustomer(customerId);
-        dashboard.setOrders(userOrders);
-        dashboard.setDeliveries(userDeliveries);
-        dashboard.setProFormas(userProFormas);
-        return ResponseEntity.ok(dashboard);
-    }
-}