update limit tablet autorized

app/controllers/api/authenticate_controller.rb

@@ -7,8 +7,7 @@ class Api::AuthenticateController < Api::ApiController
 
     if emp_id && password
       @employee = Employee.login(emp_id, password)
-
-      if @employee
+      if @employee && @employee.role == "waiter"
         render json: JSON.generate({:status => true, :session_token => @employee.token_session, :name => @employee.name, :role => @employee.role})
       else
         render json: JSON.generate({:status => false, :error_message => "Bad Emp_ID or Password."})