diff --git a/backend/go.mod b/backend/go.mod
index 9377cb7..69ffb12 100644
--- a/backend/go.mod
+++ b/backend/go.mod
@@ -16,44 +16,27 @@ require (
 
 require (
 	github.com/agnivade/levenshtein v1.1.1 // indirect
-	github.com/cilium/ebpf v0.11.0 // indirect
-	github.com/cosiner/argv v0.1.0 // indirect
 	github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect
-	github.com/derekparker/trie v0.0.0-20230829180723-39f4de51ef7d // indirect
-	github.com/go-delve/delve v1.22.0 // indirect
-	github.com/go-delve/gore v0.11.6 // indirect
-	github.com/go-delve/liner v1.2.3-0.20220127212407-d32d89dd2a5d // indirect
-	github.com/google/go-dap v0.11.0 // indirect
 	github.com/google/uuid v1.5.0 // indirect
 	github.com/gorilla/websocket v1.5.1 // indirect
-	github.com/hashicorp/golang-lru v1.0.2 // indirect
 	github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
-	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/magiconair/properties v1.8.7 // indirect
-	github.com/mattn/go-colorable v0.1.13 // indirect
-	github.com/mattn/go-isatty v0.0.20 // indirect
-	github.com/mattn/go-runewidth v0.0.13 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/pelletier/go-toml/v2 v2.1.0 // indirect
-	github.com/rivo/uniseg v0.2.0 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	github.com/sagikazarmark/locafero v0.4.0 // indirect
 	github.com/sagikazarmark/slog-shim v0.1.0 // indirect
-	github.com/sirupsen/logrus v1.9.3 // indirect
 	github.com/sosodev/duration v1.2.0 // indirect
 	github.com/sourcegraph/conc v0.3.0 // indirect
 	github.com/spf13/afero v1.11.0 // indirect
 	github.com/spf13/cast v1.6.0 // indirect
-	github.com/spf13/cobra v1.7.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/subosito/gotenv v1.6.0 // indirect
 	github.com/urfave/cli/v2 v2.25.5 // indirect
 	github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect
-	go.starlark.net v0.0.0-20231101134539-556fd59b42f6 // indirect
 	go.uber.org/atomic v1.9.0 // indirect
 	go.uber.org/multierr v1.9.0 // indirect
-	golang.org/x/arch v0.6.0 // indirect
 	golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect
 	golang.org/x/mod v0.14.0 // indirect
 	golang.org/x/net v0.20.0 // indirect
@@ -61,6 +44,5 @@ require (
 	golang.org/x/text v0.14.0 // indirect
 	golang.org/x/tools v0.14.0 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
-	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
diff --git a/backend/go.sum b/backend/go.sum
index e7dbcb3..c69aeec 100644
--- a/backend/go.sum
+++ b/backend/go.sum
@@ -10,18 +10,12 @@ github.com/andybalholm/cascadia v1.3.1 h1:nhxRkql1kdYCc8Snf7D5/D3spOX+dBgjA6u8x0
 github.com/andybalholm/cascadia v1.3.1/go.mod h1:R4bJ1UQfqADjvDa4P6HZHLh/3OxWWEqc0Sk8XGwHqvA=
 github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0 h1:jfIu9sQUG6Ig+0+Ap1h4unLjW6YQJpKZVmUzxsD4E/Q=
 github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0/go.mod h1:t2tdKJDJF9BV14lnkjHmOQgcvEKgtqs5a1N3LNdJhGE=
-github.com/cilium/ebpf v0.11.0 h1:V8gS/bTCCjX9uUnkUFUpPsksM8n1lXBAvHcpiFk1X2Y=
-github.com/cilium/ebpf v0.11.0/go.mod h1:WE7CZAnqOL2RouJ4f1uyNhqr2P4CCvXFIqdRDUgWsVs=
-github.com/cosiner/argv v0.1.0 h1:BVDiEL32lwHukgJKP87btEPenzrrHUjajs/8yzaqcXg=
-github.com/cosiner/argv v0.1.0/go.mod h1:EusR6TucWKX+zFgtdUsKT2Cvg45K5rtpCcWz4hK06d8=
 github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w=
 github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/derekparker/trie v0.0.0-20230829180723-39f4de51ef7d h1:hUWoLdw5kvo2xCsqlsIBMvWUc1QCSsCYD2J2+Fg6YoU=
-github.com/derekparker/trie v0.0.0-20230829180723-39f4de51ef7d/go.mod h1:C7Es+DLenIpPc9J6IYw4jrK0h7S9bKj4DNl8+KxGEXU=
 github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM=
 github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
 github.com/dgryski/trifles v0.0.0-20200323201526-dd97f9abfb48 h1:fRzb/w+pyskVMQ+UbP35JkH8yB7MYb4q/qhBarqZE6g=
@@ -32,44 +26,24 @@ github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nos
 github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
 github.com/go-chi/chi v1.5.5 h1:vOB/HbEMt9QqBqErz07QehcOKHaWFtuj87tTDVz2qXE=
 github.com/go-chi/chi v1.5.5/go.mod h1:C9JqLr3tIYjDOZpzn+BCuxY8z8vmca43EeMgyZt7irw=
-github.com/go-delve/delve v1.22.0 h1:c7GOFs49/jMGHdp10KphKkGqNmLjOp7fcwz1MQwcMlw=
-github.com/go-delve/delve v1.22.0/go.mod h1:cSvtTzN0Ei8NsPH7TbxeQSLBmdsreeAD5p1UNhrII7w=
-github.com/go-delve/gore v0.11.6 h1:MyP7xTNQO+dDiLBKxI/DKgkn74cMBjHZZxS8grtJ6G8=
-github.com/go-delve/gore v0.11.6/go.mod h1:6RBVnEUxVGkztpRY0UDUnEzS4GqETQjWrw8rhegmN4I=
-github.com/go-delve/liner v1.2.3-0.20220127212407-d32d89dd2a5d h1:pxjSLshkZJGLVm0wv20f/H0oTWiq/egkoJQ2ja6LEvo=
-github.com/go-delve/liner v1.2.3-0.20220127212407-d32d89dd2a5d/go.mod h1:biJCRbqp51wS+I92HMqn5H8/A0PAhxn2vyOT+JqhiGI=
 github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI=
 github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
 github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
 github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
-github.com/google/go-dap v0.11.0 h1:SpAZJL41rOOvd85PuLCCLE1dteTQOyKNnn0H3DBHywo=
-github.com/google/go-dap v0.11.0/go.mod h1:HAeyoSd2WIfTfg+0GRXcFrb+RnojAtGNh+k+XTIxJDE=
 github.com/google/uuid v1.5.0 h1:1p67kYwdtXjb0gL0BPiP1Av9wiZPo5A8z2cWkTZ+eyU=
 github.com/google/uuid v1.5.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/gorilla/websocket v1.5.1 h1:gmztn0JnHVt9JZquRuzLw3g4wouNVzKL15iLr/zn/QY=
 github.com/gorilla/websocket v1.5.1/go.mod h1:x3kM2JMyaluk02fnUJpQuwD2dCS5NDG2ZHL0uE0tcaY=
-github.com/hashicorp/golang-lru v1.0.2 h1:dV3g9Z/unq5DpblPpw+Oqcv4dU/1omnb4Ok8iPY6p1c=
-github.com/hashicorp/golang-lru v1.0.2/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4=
 github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k=
 github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM=
 github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
 github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
-github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
-github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
 github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
 github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY=
 github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
-github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
-github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
-github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
-github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
-github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
-github.com/mattn/go-runewidth v0.0.3/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU=
-github.com/mattn/go-runewidth v0.0.13 h1:lTGmDsbAYt5DmK6OnoV7EuIF1wEIFAcxld6ypU4OSgU=
-github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
 github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
 github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
 github.com/pelletier/go-toml/v2 v2.1.0 h1:FnwAJ4oYMvbT/34k9zzHuZNrhlz48GB3/s6at6/MHO4=
@@ -77,8 +51,6 @@ github.com/pelletier/go-toml/v2 v2.1.0/go.mod h1:tJU2Z3ZkXwnxa4DPO899bsyIoywizdU
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY=
-github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
 github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8=
 github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
 github.com/rs/cors v1.10.1 h1:L0uuZVXIKlI1SShY2nhFfo44TYvDPQ1w4oFkUJNfhyo=
@@ -91,8 +63,6 @@ github.com/sagikazarmark/slog-shim v0.1.0 h1:diDBnUNK9N/354PgrxMywXnAwEr1QZcOr6g
 github.com/sagikazarmark/slog-shim v0.1.0/go.mod h1:SrcSrq8aKtyuqEI1uvTDTK1arOWRIczQRv+GVI1AkeQ=
 github.com/sergi/go-diff v1.3.1 h1:xkr+Oxo4BOQKmkn/B9eMK0g5Kg/983T9DqqPHwYqD+8=
 github.com/sergi/go-diff v1.3.1/go.mod h1:aMJSSKb2lpPvRNec0+w3fl7LP9IOFzdc9Pa4NFbPK1I=
-github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
-github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/sosodev/duration v1.2.0 h1:pqK/FLSjsAADWY74SyWDCjOcd5l7H8GSnnOGEB9A1Us=
 github.com/sosodev/duration v1.2.0/go.mod h1:RQIBBX0+fMLc/D9+Jb/fwvVmo0eZvDDEERAikUR6SDg=
 github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9ySo=
@@ -101,8 +71,6 @@ github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8=
 github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY=
 github.com/spf13/cast v1.6.0 h1:GEiTHELF+vaR5dhz3VqZfFSzZjYbgeKDpBxQVS4GYJ0=
 github.com/spf13/cast v1.6.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo=
-github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I=
-github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0=
 github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
 github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/spf13/viper v1.18.2 h1:LUXCnvUvSM6FXAsj6nnfc8Q2tp1dIgUfY9Kc8GsSOiQ=
@@ -111,7 +79,6 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
-github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
@@ -124,36 +91,24 @@ github.com/vektah/gqlparser/v2 v2.5.10 h1:6zSM4azXC9u4Nxy5YmdmGu4uKamfwsdKTwp5zs
 github.com/vektah/gqlparser/v2 v2.5.10/go.mod h1:1rCcfwB2ekJofmluGWXMSEnPMZgbxzwj6FaZ/4OT8Cc=
 github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 h1:bAn7/zixMGCfxrRTfdpNzjtPYqr8smhKouy9mxVdGPU=
 github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8=
-go.starlark.net v0.0.0-20231101134539-556fd59b42f6 h1:+eC0F/k4aBLC4szgOcjd7bDTEnpxADJyWJE0yowgM3E=
-go.starlark.net v0.0.0-20231101134539-556fd59b42f6/go.mod h1:LcLNIzVOMp4oV+uusnpk+VU+SzXaJakUuBjoCSWH5dM=
 go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE=
 go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
 go.uber.org/multierr v1.9.0 h1:7fIwc/ZtS0q++VgcfqFDxSBZVv/Xo49/SYnDFupUwlI=
 go.uber.org/multierr v1.9.0/go.mod h1:X2jQV1h+kxSjClGpnseKVIxpmcjrj7MNnI0bnlfKTVQ=
-golang.org/x/arch v0.6.0 h1:S0JTfE48HbRj80+4tbvZDYsJ3tGv6BUU3XxyZ7CirAc=
-golang.org/x/arch v0.6.0/go.mod h1:FEVrYAQjsQXMVJ1nsMoVVXPZg6p2JE2mx8psSWTDQys=
 golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc=
 golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
 golang.org/x/exp v0.0.0-20230905200255-921286631fa9 h1:GoHiUyI/Tp2nVkLI2mCxVkOjsbSXD66ic0XW0js0R9g=
 golang.org/x/exp v0.0.0-20230905200255-921286631fa9/go.mod h1:S2oDrQGGwySpoQPVqRShND87VCbxmc6bL1Yd2oYrm6k=
-golang.org/x/mod v0.12.0 h1:rmsUpXtvNzj340zd98LZ4KntptpfRHwpFOHG188oHXc=
-golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0=
 golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
 golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo=
 golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
 golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE=
 golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/sys v0.0.0-20211117180635-dee7805ff2e1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU=
 golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
 golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
-golang.org/x/tools v0.13.0 h1:Iey4qkscZuv0VvIt8E0neZjtPVQFSc870HQ448QgEmQ=
-golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58=
 golang.org/x/tools v0.14.0 h1:jvNa2pY0M4r62jkRQ6RwEZZyPcymeL9XZMLBbV7U2nc=
 golang.org/x/tools v0.14.0/go.mod h1:uYBEerGOWcJyEORxN+Ek8+TT266gXkNlHdJBwexUsBg=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
diff --git a/backend/graph/generated/generated.go b/backend/graph/generated/generated.go
index 4e0f39e..de270ad 100644
--- a/backend/graph/generated/generated.go
+++ b/backend/graph/generated/generated.go
@@ -48,7 +48,7 @@ type DirectiveRoot struct {
 type ComplexityRoot struct {
 	Mutation struct {
 		CreateTodo      func(childComplexity int, input model.NewTodo) int
-		LoginAttendance func(childComplexity int, email string, idGoogleSignIn string, publickey string) int
+		LoginAttendance func(childComplexity int, email string, idGoogleSignIn string) int
 	}
 
 	Query struct {
@@ -62,6 +62,7 @@ type ComplexityRoot struct {
 		CreatedAt               func(childComplexity int) int
 		DisplayNameGoogleSignIn func(childComplexity int) int
 		Email                   func(childComplexity int) int
+		Expired                 func(childComplexity int) int
 		IDGoogleSignIn          func(childComplexity int) int
 		IsActive                func(childComplexity int) int
 		IsLogin                 func(childComplexity int) int
@@ -93,7 +94,7 @@ type ComplexityRoot struct {
 
 type MutationResolver interface {
 	CreateTodo(ctx context.Context, input model.NewTodo) (*model.Todo, error)
-	LoginAttendance(ctx context.Context, email string, idGoogleSignIn string, publickey string) (*model.Staff, error)
+	LoginAttendance(ctx context.Context, email string, idGoogleSignIn string) (*model.Staff, error)
 }
 type QueryResolver interface {
 	Todos(ctx context.Context) ([]*model.Todo, error)
@@ -143,7 +144,7 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in
 			return 0, false
 		}
 
-		return e.complexity.Mutation.LoginAttendance(childComplexity, args["email"].(string), args["id_google_sign_in"].(string), args["publickey"].(string)), true
+		return e.complexity.Mutation.LoginAttendance(childComplexity, args["email"].(string), args["id_google_sign_in"].(string)), true
 
 	case "Query.searchStaffByEmail":
 		if e.complexity.Query.SearchStaffByEmail == nil {
@@ -209,6 +210,13 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in
 
 		return e.complexity.Staff.Email(childComplexity), true
 
+	case "Staff.expired":
+		if e.complexity.Staff.Expired == nil {
+			break
+		}
+
+		return e.complexity.Staff.Expired(childComplexity), true
+
 	case "Staff.id_google_sign_in":
 		if e.complexity.Staff.IDGoogleSignIn == nil {
 			break
@@ -471,8 +479,9 @@ type Staff {
     email: String!
     phone_number: String
     is_active: String
-    is_login: Boolean
+    is_login: String
     token: String
+    expired: String
     id_google_sign_in: String!
     display_name_google_sign_in: String
     created_at: String
@@ -494,7 +503,7 @@ extend type Query {
 
 # mutation untuk perubahan data
 extend type Mutation {
-  loginAttendance(email:String!, id_google_sign_in:String!, publickey:String!) : Staff!
+  loginAttendance(email:String!, id_google_sign_in:String!) : Staff!
 }`, BuiltIn: false},
 }
 var parsedSchema = gqlparser.MustLoadSchema(sources...)
@@ -539,15 +548,6 @@ func (ec *executionContext) field_Mutation_loginAttendance_args(ctx context.Cont
 		}
 	}
 	args["id_google_sign_in"] = arg1
-	var arg2 string
-	if tmp, ok := rawArgs["publickey"]; ok {
-		ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("publickey"))
-		arg2, err = ec.unmarshalNString2string(ctx, tmp)
-		if err != nil {
-			return nil, err
-		}
-	}
-	args["publickey"] = arg2
 	return args, nil
 }
 
@@ -746,7 +746,7 @@ func (ec *executionContext) _Mutation_loginAttendance(ctx context.Context, field
 	}()
 	resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) {
 		ctx = rctx // use context from middleware stack in children
-		return ec.resolvers.Mutation().LoginAttendance(rctx, fc.Args["email"].(string), fc.Args["id_google_sign_in"].(string), fc.Args["publickey"].(string))
+		return ec.resolvers.Mutation().LoginAttendance(rctx, fc.Args["email"].(string), fc.Args["id_google_sign_in"].(string))
 	})
 	if err != nil {
 		ec.Error(ctx, err)
@@ -787,6 +787,8 @@ func (ec *executionContext) fieldContext_Mutation_loginAttendance(ctx context.Co
 				return ec.fieldContext_Staff_is_login(ctx, field)
 			case "token":
 				return ec.fieldContext_Staff_token(ctx, field)
+			case "expired":
+				return ec.fieldContext_Staff_expired(ctx, field)
 			case "id_google_sign_in":
 				return ec.fieldContext_Staff_id_google_sign_in(ctx, field)
 			case "display_name_google_sign_in":
@@ -922,6 +924,8 @@ func (ec *executionContext) fieldContext_Query_searchStaffByEmail(ctx context.Co
 				return ec.fieldContext_Staff_is_login(ctx, field)
 			case "token":
 				return ec.fieldContext_Staff_token(ctx, field)
+			case "expired":
+				return ec.fieldContext_Staff_expired(ctx, field)
 			case "id_google_sign_in":
 				return ec.fieldContext_Staff_id_google_sign_in(ctx, field)
 			case "display_name_google_sign_in":
@@ -1003,6 +1007,8 @@ func (ec *executionContext) fieldContext_Query_staffGetByStaffId(ctx context.Con
 				return ec.fieldContext_Staff_is_login(ctx, field)
 			case "token":
 				return ec.fieldContext_Staff_token(ctx, field)
+			case "expired":
+				return ec.fieldContext_Staff_expired(ctx, field)
 			case "id_google_sign_in":
 				return ec.fieldContext_Staff_id_google_sign_in(ctx, field)
 			case "display_name_google_sign_in":
@@ -1084,6 +1090,8 @@ func (ec *executionContext) fieldContext_Query_staffListBySearch(ctx context.Con
 				return ec.fieldContext_Staff_is_login(ctx, field)
 			case "token":
 				return ec.fieldContext_Staff_token(ctx, field)
+			case "expired":
+				return ec.fieldContext_Staff_expired(ctx, field)
 			case "id_google_sign_in":
 				return ec.fieldContext_Staff_id_google_sign_in(ctx, field)
 			case "display_name_google_sign_in":
@@ -1520,9 +1528,9 @@ func (ec *executionContext) _Staff_is_login(ctx context.Context, field graphql.C
 	if resTmp == nil {
 		return graphql.Null
 	}
-	res := resTmp.(*bool)
+	res := resTmp.(*string)
 	fc.Result = res
-	return ec.marshalOBoolean2ᚖbool(ctx, field.Selections, res)
+	return ec.marshalOString2ᚖstring(ctx, field.Selections, res)
 }
 
 func (ec *executionContext) fieldContext_Staff_is_login(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) {
@@ -1532,7 +1540,7 @@ func (ec *executionContext) fieldContext_Staff_is_login(ctx context.Context, fie
 		IsMethod:   false,
 		IsResolver: false,
 		Child: func(ctx context.Context, field graphql.CollectedField) (*graphql.FieldContext, error) {
-			return nil, errors.New("field of type Boolean does not have child fields")
+			return nil, errors.New("field of type String does not have child fields")
 		},
 	}
 	return fc, nil
@@ -1579,6 +1587,47 @@ func (ec *executionContext) fieldContext_Staff_token(ctx context.Context, field
 	return fc, nil
 }
 
+func (ec *executionContext) _Staff_expired(ctx context.Context, field graphql.CollectedField, obj *model.Staff) (ret graphql.Marshaler) {
+	fc, err := ec.fieldContext_Staff_expired(ctx, field)
+	if err != nil {
+		return graphql.Null
+	}
+	ctx = graphql.WithFieldContext(ctx, fc)
+	defer func() {
+		if r := recover(); r != nil {
+			ec.Error(ctx, ec.Recover(ctx, r))
+			ret = graphql.Null
+		}
+	}()
+	resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) {
+		ctx = rctx // use context from middleware stack in children
+		return obj.Expired, nil
+	})
+	if err != nil {
+		ec.Error(ctx, err)
+		return graphql.Null
+	}
+	if resTmp == nil {
+		return graphql.Null
+	}
+	res := resTmp.(*string)
+	fc.Result = res
+	return ec.marshalOString2ᚖstring(ctx, field.Selections, res)
+}
+
+func (ec *executionContext) fieldContext_Staff_expired(ctx context.Context, field graphql.CollectedField) (fc *graphql.FieldContext, err error) {
+	fc = &graphql.FieldContext{
+		Object:     "Staff",
+		Field:      field,
+		IsMethod:   false,
+		IsResolver: false,
+		Child: func(ctx context.Context, field graphql.CollectedField) (*graphql.FieldContext, error) {
+			return nil, errors.New("field of type String does not have child fields")
+		},
+	}
+	return fc, nil
+}
+
 func (ec *executionContext) _Staff_id_google_sign_in(ctx context.Context, field graphql.CollectedField, obj *model.Staff) (ret graphql.Marshaler) {
 	fc, err := ec.fieldContext_Staff_id_google_sign_in(ctx, field)
 	if err != nil {
@@ -4146,6 +4195,8 @@ func (ec *executionContext) _Staff(ctx context.Context, sel ast.SelectionSet, ob
 			out.Values[i] = ec._Staff_is_login(ctx, field, obj)
 		case "token":
 			out.Values[i] = ec._Staff_token(ctx, field, obj)
+		case "expired":
+			out.Values[i] = ec._Staff_expired(ctx, field, obj)
 		case "id_google_sign_in":
 			out.Values[i] = ec._Staff_id_google_sign_in(ctx, field, obj)
 			if out.Values[i] == graphql.Null {
diff --git a/backend/graph/graphqls/staff.graphqls b/backend/graph/graphqls/staff.graphqls
index e8364d1..bac1fe2 100644
--- a/backend/graph/graphqls/staff.graphqls
+++ b/backend/graph/graphqls/staff.graphqls
@@ -6,8 +6,9 @@ type Staff {
     email: String!
     phone_number: String
     is_active: String
-    is_login: Boolean
+    is_login: String
     token: String
+    expired: String
     id_google_sign_in: String!
     display_name_google_sign_in: String
     created_at: String
@@ -29,5 +30,5 @@ extend type Query {
 
 # mutation untuk perubahan data
 extend type Mutation {
-  loginAttendance(email:String!, id_google_sign_in:String!, publickey:String!) : Staff!
+  loginAttendance(email:String!, id_google_sign_in:String!) : Staff!
 }
\ No newline at end of file
diff --git a/backend/graph/model/models_gen.go b/backend/graph/model/models_gen.go
index 0914b5e..11ac70c 100644
--- a/backend/graph/model/models_gen.go
+++ b/backend/graph/model/models_gen.go
@@ -20,8 +20,9 @@ type Staff struct {
 	Email                   string  `json:"email"`
 	PhoneNumber             *string `json:"phone_number,omitempty"`
 	IsActive                *string `json:"is_active,omitempty"`
-	IsLogin                 *bool   `json:"is_login,omitempty"`
+	IsLogin                 *string `json:"is_login,omitempty"`
 	Token                   *string `json:"token,omitempty"`
+	Expired                 *string `json:"expired,omitempty"`
 	IDGoogleSignIn          string  `json:"id_google_sign_in"`
 	DisplayNameGoogleSignIn *string `json:"display_name_google_sign_in,omitempty"`
 	CreatedAt               *string `json:"created_at,omitempty"`
diff --git a/backend/graph/resolver/staff.resolvers.go b/backend/graph/resolver/staff.resolvers.go
index 76a8cdf..45e89e3 100644
--- a/backend/graph/resolver/staff.resolvers.go
+++ b/backend/graph/resolver/staff.resolvers.go
@@ -13,11 +13,11 @@ import (
 )
 
 // LoginAttendance is the resolver for the loginAttendance field.
-func (r *mutationResolver) LoginAttendance(ctx context.Context, email string, idGoogleSignIn string, publickey string) (*model.Staff, error) {
+func (r *mutationResolver) LoginAttendance(ctx context.Context, email string, idGoogleSignIn string) (*model.Staff, error) {
 	// panic(fmt.Errorf("not implemented: LoginAttendance - loginAttendance"))
 	// return r.LoginAttendance(ctx, email, idGoogleSignIn, publickey)
 	var staffinternal staffinternal.Staff
-	return staffinternal.LoginAttendance(email, idGoogleSignIn, publickey)
+	return staffinternal.LoginAttendance(email, idGoogleSignIn)
 }
 
 // SearchStaffByEmail is the resolver for the searchStaffByEmail field.
diff --git a/backend/internal/staff/staff.go b/backend/internal/staff/staff.go
index 4a79495..be64ff4 100644
--- a/backend/internal/staff/staff.go
+++ b/backend/internal/staff/staff.go
@@ -1,9 +1,6 @@
 package staff
 
 import (
-	"crypto/rand"
-	"crypto/rsa"
-	"crypto/x509"
 	"database/sql"
 	"encoding/pem"
 	"fmt"
@@ -13,6 +10,7 @@ import (
 	"com.sismedika.com.absensi/graph/model"
 	"com.sismedika.com.absensi/pkg/config"
 	db "com.sismedika.com.absensi/pkg/database"
+	"com.sismedika.com.absensi/pkg/jwt"
 )
 
 // diambil dari graph/model/struct nya Staff
@@ -22,7 +20,8 @@ type Staff model.Staff
 // email string, id_google_sign_in string = parameter inputan dari flutter nanti
 // *model.Staff, error = output yang dihasilkan, jika tidak error return *model.Staff namun jika error maka sebelah kanan nya yaitu
 // error
-func (staff *Staff) LoginAttendance(email string, id_google_sign_in string, publickey string) (*model.Staff, error) {
+
+func (staff *Staff) LoginAttendance(email string, id_google_sign_in string) (*model.Staff, error) {
 
 	// inisialisasi
 	var err error
@@ -46,25 +45,42 @@ func (staff *Staff) LoginAttendance(email string, id_google_sign_in string, publ
 		return nil, fmt.Errorf(("INTERNAL_SERVER_ERROR"))
 	}
 
-	// Decode the RSA private key
-	priv, err := x509.ParsePKCS1PrivateKey(block.Bytes)
+	// generate token
+	// token yg kiri merupakan output
+	// _ merupakan value yg tidak digunakan dalam hal ini expired bisa di cek di fungsi jwt.GenerateToken
+	// err merupakan kondisi ketika error return nya apa
+
+	token, _, err := jwt.GenerateToken(email, id_google_sign_in)
 	if err != nil {
-		log.Printf("bad private key: %s", err)
-		return nil, fmt.Errorf(("INTERNAL_SERVER_ERROR"))
+		return nil, err
 	}
 
-	passEncrypted, err := rsa.EncryptPKCS1v15(rand.Reader, &priv.PublicKey, []byte(publickey))
+	// jika sukses generate token maka update
+	// M_StaffToken & M_StaffIsLogin
+
+	qx := `UPDATE m_staff 
+	SET 
+	M_StaffToken = ?,
+	M_StaffIsLogin = 'Y'
+	WHERE
+	M_StaffIsActive = 'Y' 
+	AND M_StaffEmail = ? 
+	AND M_StaffIDGoogleSignIn = ?
+	`
+	// log sql untuk mengetahui query yg akan dieksekusi
+	db.LogSQL(qx)
+
+	// cek kondisi
+	// _ merupakan kondisi true namun value tidak digunakan sbg cek
+	// error kondisi false dan error digunakan
+	_, err = db.Handle.Exec(
+		qx,
+		token,
+		email,
+		id_google_sign_in)
+
 	if err != nil {
-		log.Printf("decrypt: %s\n", err)
-		return nil, fmt.Errorf(("DECRYPTION_FAILED"))
-	}
-
-	if passEncrypted != nil {
-		// log.Printf("hasil variable passEncrypted: %s\n", passEncrypted)
-	}
-
-	if priv != nil {
-		// log.Printf("hasil variable priv: %s\n", priv)
+		return &ret, fmt.Errorf("UPDATE_TOKEN_FAILED")
 	}
 
 	// data yang akan di tampilkan
@@ -109,7 +125,7 @@ func (staff *Staff) LoginAttendance(email string, id_google_sign_in string, publ
 	// check data
 
 	if err != nil {
-		log.Printf("Error employee_id select: %v", err)
+		log.Printf("Error m_staff select: %v", err)
 		log.Printf("Executing query: %s\n", q)
 		return nil, err
 	}
diff --git a/backend/pkg/auth/middleware.go b/backend/pkg/auth/middleware.go
new file mode 100644
index 0000000..6936ba3
--- /dev/null
+++ b/backend/pkg/auth/middleware.go
@@ -0,0 +1,70 @@
+package auth
+
+import (
+	"context"
+	"log"
+	"net/http"
+	"strings"
+
+	"com.sismedika.com.absensi/graph/model"
+	"com.sismedika.com.absensi/pkg/jwt"
+)
+
+var userCtxKey = &contextKey{"user"}
+
+type contextKey struct {
+	name string
+}
+
+type AuthRequest struct {
+	isAuthenticated bool
+	staff           model.Staff
+}
+
+func Middleware() func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			header := r.Header.Get("Authorization")
+			AuthStatus := AuthRequest{isAuthenticated: false}
+			// Allow unauthenticated users in
+			if header == "" {
+				ctx := context.WithValue(r.Context(), userCtxKey, &AuthStatus)
+				r = r.WithContext(ctx)
+				next.ServeHTTP(w, r)
+				return
+			}
+
+			// validate jwt token
+			tokenParts := strings.Split(header, " ")
+			var tokenStr string
+			if len(tokenParts) == 2 && tokenParts[0] == "Bearer" {
+				tokenStr = tokenParts[1]
+			}
+			email, idGoogleSignIn, err := jwt.ParseToken(tokenStr)
+			if err != nil {
+				log.Printf("ParseToken: %v\n", err)
+				ctx := context.WithValue(r.Context(), userCtxKey, &AuthStatus)
+				r = r.WithContext(ctx)
+				next.ServeHTTP(w, r)
+				// boom.Unathorized(w, fmt.Errorf("AUTHORIZATION_HEADER_INVALID"))
+				return
+			}
+			AuthStatus.staff = model.Staff{
+				Email:          email,
+				IDGoogleSignIn: idGoogleSignIn,
+			}
+			// put it in context
+			ctx := context.WithValue(r.Context(), userCtxKey, &AuthStatus)
+
+			// and call the next with our new context
+			r = r.WithContext(ctx)
+			next.ServeHTTP(w, r)
+		})
+	}
+}
+
+// ForContext finds the user from the context. REQUIRES Middleware to have run.
+func ForContext(ctx context.Context) *model.User {
+	raw, _ := ctx.Value(userCtxKey).(*model.User)
+	return raw
+}
diff --git a/backend/pkg/jwt/jwt.go b/backend/pkg/jwt/jwt.go
index 56c0895..debb7ac 100644
--- a/backend/pkg/jwt/jwt.go
+++ b/backend/pkg/jwt/jwt.go
@@ -12,15 +12,14 @@ import (
 // var conf = config.Data
 
 // GenerateToken generates a jwt token and assign a username to it's claims and return it
-func GenerateToken(user_id int, username string, staff_id int) (string, int64, error) {
+func GenerateToken(M_StaffEmail string, M_StaffIDGoogleSignIn string) (string, int64, error) {
 	token := jwt.New(jwt.SigningMethodHS256)
 	/* Create a map to store our claims */
 	claims := token.Claims.(jwt.MapClaims)
 	/* Set token claims */
 	expired := time.Now().Add(time.Minute * time.Duration(config.Data.GetInt("tokenExpiration"))).Unix()
-	claims["user_id"] = user_id
-	claims["user_name"] = username
-	claims["staff_id"] = staff_id
+	claims["M_StaffIDGoogleSignIn"] = M_StaffIDGoogleSignIn
+	claims["M_StaffEmail"] = M_StaffEmail
 	claims["exp"] = expired
 	tokenString, err := token.SignedString([]byte(config.Data.Get("secretkey")))
 	if err != nil {
@@ -30,7 +29,7 @@ func GenerateToken(user_id int, username string, staff_id int) (string, int64, e
 }
 
 // ParseToken parses a jwt token and returns the username in it's claims
-func ParseToken(tokenStr string) (int, string, int, error) {
+func ParseToken(tokenStr string) (string, string, error) {
 	claims := jwt.MapClaims{}
 
 	token, err := jwt.ParseWithClaims(tokenStr, claims, func(token *jwt.Token) (interface{}, error) {
@@ -41,38 +40,34 @@ func ParseToken(tokenStr string) (int, string, int, error) {
 
 		if v.Errors == jwt.ValidationErrorExpired {
 			log.Printf("parse token 1: %v\n", err)
-			return 0, "", 0, fmt.Errorf("TOKEN_EXPIRED")
+			return "", "", fmt.Errorf("TOKEN_EXPIRED")
 		}
 
 		log.Printf("parse token 2: %v\n", err)
-		return 0, "", 0, fmt.Errorf("TOKEN_INVALID")
+		return "", "", fmt.Errorf("TOKEN_INVALID")
 	}
 
 	if !token.Valid {
 		log.Printf("token invalid: %v\n", err)
-		return 0, "", 0, fmt.Errorf(("TOKEN_INVALID"))
+		return "", "", fmt.Errorf(("TOKEN_INVALID"))
 	}
 
 	if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
 		if !ok {
-			return 0, "", 0, fmt.Errorf(("TOKEN_INVALID"))
+			return "", "", fmt.Errorf(("TOKEN_INVALID"))
 		}
 		// type of user_id is float64: https://stackoverflow.com/questions/70705673/panic-interface-conversion-interface-is-float64-not-int64
-		if claims["user_id"] == nil {
-			return 0, "", 0, fmt.Errorf(("TOKEN_INVALID"))
+		if claims["M_StaffIDGoogleSignIn"] == nil {
+			return "", "", fmt.Errorf(("TOKEN_INVALID"))
 		}
-		if claims["user_name"] == nil {
-			return 0, "", 0, fmt.Errorf(("TOKEN_INVALID"))
+		if claims["M_StaffEmail"] == nil {
+			return "", "", fmt.Errorf(("TOKEN_INVALID"))
 		}
-		if claims["staff_id"] == nil {
-			return 0, "", 0, fmt.Errorf(("TOKEN_INVALID"))
-		}
-		user_id := int(claims["user_id"].(float64))
-		user_name := claims["user_name"].(string)
-		staff_id := int(claims["practitioner_id"].(float64))
-		return user_id, user_name, staff_id, nil
+		M_StaffIDGoogleSignIn := claims["M_StaffIDGoogleSignIn"].(string)
+		M_StaffEmail := claims["M_StaffEmail"].(string)
+		return M_StaffIDGoogleSignIn, M_StaffEmail, nil
 	} else {
 		log.Printf("token claims: %v\n", err)
-		return 0, "", 0, fmt.Errorf(("TOKEN_INVALID"))
+		return "", "", fmt.Errorf(("TOKEN_INVALID"))
 	}
 }
diff --git a/backend/server.go b/backend/server.go
index ce0b79b..37e306b 100644
--- a/backend/server.go
+++ b/backend/server.go
@@ -7,6 +7,7 @@ import (
 
 	"com.sismedika.com.absensi/graph/generated"
 	"com.sismedika.com.absensi/graph/resolver"
+	"com.sismedika.com.absensi/pkg/auth"
 	"com.sismedika.com.absensi/pkg/config"
 	"com.sismedika.com.absensi/pkg/database"
 	"github.com/99designs/gqlgen/graphql/handler"
@@ -29,7 +30,7 @@ func main() {
 	defer database.Handle.Close()
 
 	router.Use(
-		// auth.Middleware(),
+		auth.Middleware(),
 		// dataloader.Middleware,
 		cors.New(cors.Options{
 			AllowedOrigins:   []string{"*"},