gdg-charusat · krishnapaljadeja · Mar 1, 2026 · Feb 28, 2026 · Feb 28, 2026 · Feb 28, 2026
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
@@ -1,4 +1,4 @@
-## Team Number : Team
+## Team Number : Team
 
 ## Description
 <!-- Provide a brief description of what this PR does -->

diff --git a/prisma/migrations/20260228000000_add_role_rbac/migration.sql b/prisma/migrations/20260228000000_add_role_rbac/migration.sql
@@ -0,0 +1,5 @@
+-- CreateEnum
+CREATE TYPE "Role" AS ENUM ('USER', 'ADMIN');
+
+-- AlterTable
+ALTER TABLE "users" ADD COLUMN "role" "Role" NOT NULL DEFAULT 'USER';
diff --git a/prisma/migrations/migration_lock.toml b/prisma/migrations/migration_lock.toml
@@ -0,0 +1,3 @@
+# Please do not edit this file manually
+# It should be added in your version-control system (e.g., Git)
+provider = "postgresql"
diff --git a/prisma/schema.prisma b/prisma/schema.prisma
@@ -28,6 +28,7 @@ model User {
   email             String             @unique
   username          String             @unique
   password          String
+  role              Role               @default(USER)
   passwordResetTokenHash String?
   passwordResetTokenExpiry DateTime?
   leetcodeUsername  String?
@@ -39,13 +40,9 @@ model User {
 
 
   // Relations
-
-  dailySubmissions   DailySubmission[] @relation("UserDailySubmissions")
-  ownedChallenges    Challenge[]       @relation("ChallengeOwner")
-  memberships        ChallengeMember[]
-  challengeInvites  ChallengeInvite[]  @relation("InviteCreator")
+  ownedChallenges   Challenge[]        @relation("ChallengeOwner")
+  memberships       ChallengeMember[]
 
-
   @@map("users")
 }
 
@@ -67,9 +64,7 @@ model Challenge {
   dailySubmissions  DailySubmission[]    @relation("ChallengeDailySubmissions")
   members           ChallengeMember[]
   dailyResults            DailyResult[]
-  invites                 ChallengeInvite[]
 
-
   @@map("challenges")
 }
 
@@ -152,33 +147,9 @@ model ProblemMetadata {
   @@map("problem_metadata")
 }
 
-model ChallengeInvite {
-  id          String    @id @default(uuid())
-  challengeId String
-  code        String    @unique
-  createdBy   String
-  expiresAt   DateTime
-  maxUses     Int       @default(1)
-  usedCount   Int       @default(0)
-  createdAt   DateTime  @default(now())
-
-  // Relations
-  challenge   Challenge @relation(fields: [challengeId], references: [id], onDelete: Cascade)
-  creator     User      @relation("InviteCreator", fields: [createdBy], references: [id])
-
-  @@index([code])
-  @@index([challengeId])
-  @@map("challenge_invites")
-}
-
-model TokenBlacklist {
-  id                String           @id @default(uuid())
-  token             String           @unique
-  expiresAt         DateTime
-  createdAt         DateTime         @default(now())
-
-  @@index([expiresAt])
-  @@map("token_blacklist")
+enum Role {
+  USER
+  ADMIN
 }
 
 enum ChallengeStatus {

diff --git a/prisma/seed.js b/prisma/seed.js
@@ -4,6 +4,14 @@ const bcryptjs = require("bcryptjs");
 const prisma = new PrismaClient();
 
 // Sample data
+const ADMIN_USER = {
+  email: "admin@codeduel.dev",
+  username: "admin",
+  password: "Admin@1234",
+  leetcodeUsername: null,
+  role: "ADMIN",
+};
+
 const USERS = [
   {
     email: "john.doe@example.com",
@@ -168,6 +176,26 @@ async function main() {
 
     // 1. Create Users
     console.log("👥 Creating users...");
+
+    // Create admin user first
+    const adminHashedPassword = await bcryptjs.hash(ADMIN_USER.password, 10);
+    const adminUser = await prisma.user.create({
+      data: {
+        email: ADMIN_USER.email,
+        username: ADMIN_USER.username,
+        password: adminHashedPassword,
+        leetcodeUsername: ADMIN_USER.leetcodeUsername,
+        role: ADMIN_USER.role,
+        emailPreferences: {
+          welcomeEmail: true,
+          streakReminder: true,
+          streakBroken: true,
+          weeklySummary: true,
+        },
+      },
+    });
+    console.log(`✅ Created admin user: ${adminUser.username}`);
+
     const users = await Promise.all(
       USERS.map(async (user) => {
         const hashedPassword = await bcryptjs.hash(user.password, 10);
@@ -392,8 +420,9 @@ async function main() {
     console.log(`   • Penalty Ledger Entries: ${penaltyLedgerEntries.length}`);
 
     console.log("\n📝 Sample Credentials for Testing:");
+    console.log(`   🔑 ADMIN: ${ADMIN_USER.username} / ${ADMIN_USER.password}`);
     users.forEach((user, index) => {
-      console.log(`   ${index + 1}. ${user.username} / ${user.password}`);
+      console.log(`   ${index + 1}. ${user.username} / ${USERS[index].password}`);
     });
   } catch (error) {
     console.error("❌ Error during seeding:", error);

diff --git a/src/app.js b/src/app.js
@@ -17,6 +17,7 @@ const authRoutes = require("./routes/auth.routes");
 const challengeRoutes = require("./routes/challenge.routes");
 const dashboardRoutes = require("./routes/dashboard.routes");
 const leetcodeRoutes = require("./routes/leetcode.routes");
+const adminRoutes = require("./routes/admin.routes");
 const { apiLimiter, authLimiter } = require('./middlewares/rateLimiter.middleware');
 
 // Import security middlewares
@@ -89,6 +90,7 @@ const createApp = () => {
   app.use("/api/challenges", challengeRoutes);
   app.use("/api/dashboard", dashboardRoutes);
   app.use("/api/leetcode", leetcodeRoutes);
+  app.use("/api/admin", adminRoutes);
 
   // Root endpoint
   app.get("/", (req, res) => {