verifyJWT Middleware Causes Unauthorized Error for Nonexistent Routes (404).

[r0-0hit]

When attempting to access nonexistent routes, the application incorrectly returns an "Unauthorized" error instead of the expected "404" response. This issue occurs because the verifyJWT middleware is applied globally before the 404 handler. As a result, verifyJWT intercepts the request for nonexistent routes and responds with "Unauthorized" if the JWT is missing or invalid, preventing the 404 handler from executing.

This behavior creates confusion for users accessing non-protected, nonexistent routes and misrepresents the actual error.