diff --git a/app/Http/Controllers/AuthController.php b/app/Http/Controllers/AuthController.php
index bb31e8c..37ae48f 100644
--- a/app/Http/Controllers/AuthController.php
+++ b/app/Http/Controllers/AuthController.php
@@ -11,6 +11,7 @@ use App\Models\Role;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Support\Facades\Password;
 use Illuminate\Validation\ValidationException;
+
 class AuthController extends Controller
 {
 	public function __construct()
@@ -25,46 +26,50 @@ class AuthController extends Controller
 		$remember  = $request->remember;
 		$is_mobile = $request->is_mobile;
 
-		if(empty($username) || empty($password))
-			return response()->json(['status'=>'error','message'=>'You must fill all the fields'], 400);
+		if (empty($username) || empty($password))
+			return response()->json(['status' => 'error', 'message' => 'You must fill all the fields'], 400);
 
 		$usernameCheck = false;
 		$passwordCheck = false;
-		
-		if (User::where('username', $username)->exists()) 
+
+		if (User::where('username', $username)->exists())
 			$usernameCheck = true;
 
-		if (User::where('password', md5($password))->exists()) 
+		if (User::where('password', md5($password))->exists())
 			$passwordCheck = true;
 
-		if ($usernameCheck & $passwordCheck){
+		if ($usernameCheck & $passwordCheck) {
 			$user = User::where('username', $username)->where('password', md5($password))->first();
-			if($is_mobile){
+			if ($is_mobile) {
 				$fcm_token = $request->fcm_token;
 
-				if(!$fcm_token || $fcm_token=="")
-					return response()->json(['status'=>'error','message'=>'FCM Token is required'], 400);
+				if (!$fcm_token || $fcm_token == "")
+					return response()->json(['status' => 'error', 'message' => 'FCM Token is required'], 400);
 
 				$dataUpdateFcm = array(
-					"fcm_token"=>$fcm_token
+					"fcm_token" => $fcm_token
 				);
 
 				$hr = User::find($user->id);
 
-				if($hr)
+				if ($hr)
 					$hr->update($dataUpdateFcm);
 			}
 
 			$dataRole = Role::find($user->role_id);
+			$dataHierarchy = $this->getDataHierarchy($user->divisi_id, $user->id);
 
-			if($dataRole)
+			if ($dataRole)
 				$user->role = $dataRole;
 
-			if (! $token =Auth::login($user))
+			if ($dataHierarchy)
+				$user->hierarchy = $dataHierarchy;
+
+			if (!$token = Auth::login($user))
 				return response()->json(['error' => 'Unauthorized'], 401);
 
 			$ttl = 60;
-			if($remember)
+			if ($remember)
 				$ttl = 10080;
 
 			// todo : change existing md5 hashed function to laravel's originally bcrypt
@@ -80,13 +85,13 @@ class AuthController extends Controller
 					'expires_in' => auth()->factory()->getTTL() * $ttl,
 				),
 			]);
-		}else {
+		} else {
 			if (!$usernameCheck && !$passwordCheck)
 				return response()->json(['code' => 201, 'message' => "username and password doesn't match"], 201);
 			if (!$passwordCheck)
 				return response()->json(['code' => 201, 'message' => "password doesn't match"], 201);
 			if (!$usernameCheck)
 				return response()->json(['code' => 201, 'message' => "username doesn't match"], 201);
-		} 
+		}
 	}
 }