Remove public registration flow and implement admin-only Add User panel

Author: Jay-Naik2526

Treasure_Hunt_Backend/src/routes/userRoutes.js

@@ -1,9 +1,10 @@
 import express from 'express';
 import { registerUser, loginUser } from '../controllers/userController.js';
+import { authenticateToken, isAdmin } from '../middleware/authMiddleware.js';
 
 const router = express.Router();
 
-router.post('/register', registerUser);
+router.post('/register', authenticateToken, isAdmin, registerUser);
 router.post('/login', loginUser);
 
 export default router;

Treasure_Hunt_Frontend/src/pages/admin/Admin.jsx

@@ -4,6 +4,7 @@ import QuestionPanel from './components/QuestionPanel';
 import TeamPanel from './components/TeamPanel';
 import ResultPanel from './components/ResultPanel';
 import ViewQuestions from './components/ViewQuestions';
+import AddUserPanel from './components/AddUserPanel';
 
 /* ── SVG decorations ──────────────────────────────────────── */
 const MapX = ({ size = 48, style = {} }) => (
@@ -53,6 +54,7 @@ const TAB_META = [
   { id: 'View Questions', label: 'View Questions', icon: '📜', desc: 'Edit & remove clues' },
   { id: 'Teams', label: 'Teams', icon: '🏴‍☠️', desc: 'Review submissions' },
   { id: 'Results', label: 'Results', icon: '🏆', desc: 'Leaderboard & export' },
+  { id: 'Add User', label: 'Add User', icon: '🧑‍🤝‍🧑', desc: 'Manage players' },
 ];
 
 const Admin = () => {
@@ -163,6 +165,7 @@ const Admin = () => {
                 {activeTab === 'View Questions' && <ViewQuestions />}
                 {activeTab === 'Teams' && <TeamPanel />}
                 {activeTab === 'Results' && <ResultPanel />}
+                {activeTab === 'Add User' && <AddUserPanel />}
               </motion.div>
             </AnimatePresence>
           </div>

Treasure_Hunt_Frontend/src/pages/admin/components/AddUserPanel.jsx

@@ -0,0 +1,186 @@
+import { useState } from 'react';
+import { registerUser } from '../../../services/api';
+
+const s = {
+    label: {
+        display: 'block',
+        fontSize: '0.85rem',
+        fontWeight: 800,
+        color: 'var(--color-green)',
+        fontFamily: 'var(--font-body)',
+        marginBottom: '0.5rem',
+        letterSpacing: '0.5px',
+        textTransform: 'uppercase',
+    },
+    input: {
+        width: '100%',
+        padding: '0.75rem 1rem',
+        borderRadius: '10px',
+        border: '2.5px solid var(--color-green)',
+        fontSize: '1rem',
+        fontFamily: 'var(--font-body)',
+        background: 'var(--color-bg-primary)',
+        color: 'var(--color-text-primary)',
+        outline: 'none',
+        boxSizing: 'border-box',
+        transition: 'border-color 0.2s',
+    },
+    select: {
+        width: '100%',
+        padding: '0.75rem 1rem',
+        borderRadius: '10px',
+        border: '2.5px solid var(--color-green)',
+        fontSize: '1rem',
+        fontFamily: 'var(--font-body)',
+        background: 'var(--color-bg-primary)',
+        color: 'var(--color-text-primary)',
+        outline: 'none',
+        boxSizing: 'border-box',
+        transition: 'border-color 0.2s',
+    },
+    successBar: {
+        padding: '0.75rem 1rem',
+        borderRadius: '10px',
+        border: '2px solid #2e7d32',
+        background: '#e8f5e9',
+        color: '#2e7d32',
+        fontWeight: 700,
+        fontSize: '0.9rem',
+        marginBottom: '1rem',
+    },
+    errorBar: {
+        padding: '0.75rem 1rem',
+        borderRadius: '10px',
+        border: '2px solid var(--color-red)',
+        background: '#ffebee',
+        color: 'var(--color-red)',
+        fontWeight: 700,
+        fontSize: '0.9rem',
+        marginBottom: '1rem',
+    },
+};
+
+const AddUserPanel = () => {
+    const [formData, setFormData] = useState({
+        username: '',
+        password: '',
+        role: 'participant',
+    });
+    const [error, setError] = useState('');
+    const [success, setSuccess] = useState('');
+    const [loading, setLoading] = useState(false);
+
+    const handleSubmit = async (e) => {
+        e.preventDefault();
+        setError('');
+        setSuccess('');
+        if (!formData.username || !formData.password) {
+            setError('Username and password are required');
+            return;
+        }
+        setLoading(true);
+
+        try {
+            // registerUser handles the standard POST /users/register call from frontend
+            // which now requires a Bearer token (supplied by interceptor)
+            const response = await registerUser(formData);
+            if (response.success) {
+                setSuccess('✅ User account created successfully!');
+                setFormData({ ...formData, username: '', password: '' });
+            } else {
+                setError(response.message || 'Failed to create user');
+            }
+        } catch {
+            setError('An error occurred while creating the user account');
+        } finally {
+            setLoading(false);
+        }
+    };
+
+    return (
+        <div style={{ maxWidth: 720, margin: '0 auto' }}>
+            {/* Section heading */}
+            <div style={{ display: 'flex', alignItems: 'center', gap: 10, marginBottom: '1.5rem' }}>
+                <svg width="28" height="28" viewBox="0 0 28 28" fill="none">
+                    <rect x="2" y="2" width="24" height="24" rx="6" fill="var(--color-bg-secondary)" stroke="var(--color-green)" strokeWidth="2.5" />
+                    <path d="M14 13C16.2 13 18 11.2 18 9C18 6.8 16.2 5 14 5C11.8 5 10 6.8 10 9C10 11.2 11.8 13 14 13ZM14 15C11 15 5 16.5 5 19.5V21H23V19.5C23 16.5 17 15 14 15Z" fill="var(--color-green)" />
+                </svg>
+                <h2 style={{ fontFamily: 'var(--font-heading)', fontSize: '1.5rem', color: 'var(--color-green)', margin: 0 }}>
+                    Create New Participant / Admin
+                </h2>
+            </div>
+
+            <div style={{ background: '#fff', padding: '2rem', borderRadius: '16px', boxShadow: '0 4px 6px rgba(0,0,0,0.05)' }}>
+                {error && <div style={s.errorBar}>{error}</div>}
+                {success && <div style={s.successBar}>{success}</div>}
+
+                <form onSubmit={handleSubmit} style={{ display: 'flex', flexDirection: 'column', gap: '1.5rem' }}>
+
+                    <div style={{ display: 'grid', gridTemplateColumns: '1fr 1fr', gap: '1.5rem' }}>
+                        <div>
+                            <label style={s.label}>Username</label>
+                            <input
+                                type="text"
+                                value={formData.username}
+                                onChange={e => setFormData({ ...formData, username: e.target.value })}
+                                placeholder="e.g. thecluemafia"
+                                style={s.input}
+                            />
+                        </div>
+
+                        <div>
+                            <label style={s.label}>Password</label>
+                            <input
+                                type="text"
+                                value={formData.password}
+                                onChange={e => setFormData({ ...formData, password: e.target.value })}
+                                placeholder="Passcode..."
+                                style={s.input}
+                            />
+                        </div>
+                    </div>
+
+                    <div>
+                        <label style={s.label}>Account Role</label>
+                        <select
+                            value={formData.role}
+                            onChange={e => setFormData({ ...formData, role: e.target.value })}
+                            style={s.select}
+                        >
+                            <option value="participant">Participant</option>
+                            <option value="admin">Admin</option>
+                        </select>
+                    </div>
+
+                    <div style={{ paddingTop: '1rem', borderTop: '2px dashed var(--color-bg-secondary)' }}>
+                        <button
+                            type="submit"
+                            disabled={loading}
+                            style={{
+                                width: '100%',
+                                padding: '1rem',
+                                fontSize: '1.1rem',
+                                borderRadius: '12px',
+                                background: 'var(--color-red)',
+                                color: '#fff',
+                                fontWeight: 800,
+                                border: 'none',
+                                cursor: loading ? 'not-allowed' : 'pointer',
+                                opacity: loading ? 0.7 : 1,
+                                boxShadow: '4px 4px 0 var(--color-brown-dim)',
+                                transition: 'transform 0.1s',
+                            }}
+                            onMouseDown={e => { if (!loading) e.currentTarget.style.transform = 'translate(2px, 2px)' }}
+                            onMouseUp={e => { if (!loading) e.currentTarget.style.transform = 'none' }}
+                            onMouseLeave={e => { if (!loading) e.currentTarget.style.transform = 'none' }}
+                        >
+                            {loading ? 'CREATING...' : 'CREATE ACCOUNT'}
+                        </button>
+                    </div>
+                </form>
+            </div>
+        </div>
+    );
+};
+
+export default AddUserPanel;

Treasure_Hunt_Frontend/src/pages/login/Login.jsx

@@ -4,7 +4,6 @@ import { motion, AnimatePresence } from "framer-motion";
 import { loginUser, registerUser } from "../../services/api";
 
 const Login = () => {
-  const [isLogin, setIsLogin] = useState(true);
   const [username, setUsername] = useState("");
   const [password, setPassword] = useState("");
   const [role, setRole] = useState("participant");
@@ -17,9 +16,7 @@ const Login = () => {
     setLoading(true);
     setError("");
     try {
-      const response = isLogin
-        ? await loginUser({ username, password })
-        : await registerUser({ username, password, role });
+      const response = await loginUser({ username, password });
       if (response.success) {
         localStorage.setItem("token", response.token);
         localStorage.setItem("userRole", response.user.role);
@@ -72,7 +69,7 @@ const Login = () => {
       >
         <div className="flex-col-center" style={{ marginBottom: '1.5rem', textAlign: 'center' }}>
           <h2 style={{ fontSize: '2.2rem', lineHeight: 1.1, marginBottom: '0.4rem' }}>
-            {isLogin ? "WELCOME EXPLORER" : "ENLIST NOW"}
+            WELCOME EXPLORER
           </h2>
           <p style={{ fontSize: '1rem', fontWeight: 600, color: 'var(--color-green-light)', margin: 0 }}>
             Are you up for the challenge?
@@ -129,19 +126,10 @@ const Login = () => {
             style={{ padding: '1rem', borderRadius: '12px', border: '3px solid var(--color-green)', fontSize: '1.1rem', fontWeight: 'bold', outline: 'none', background: 'var(--color-bg-primary)', color: 'var(--color-green)' }}
           />
           <button type="submit" disabled={loading} style={{ marginTop: '0.8rem', fontSize: '1.2rem', padding: '1rem' }}>
-            {loading ? "VERIFYING..." : (isLogin ? "START ADVENTURE" : "JOIN CREW")}
+            {loading ? "VERIFYING..." : "START ADVENTURE"}
           </button>
         </form>
 
-        <div style={{ textAlign: 'center', marginTop: '1.5rem' }}>
-          <span
-            onClick={() => { setIsLogin(!isLogin); setError(""); }}
-            style={{ color: 'var(--color-brown)', fontWeight: 800, cursor: 'pointer', fontSize: '1rem', textDecoration: 'underline' }}
-          >
-            {isLogin ? "New Explorer? Enlist Here!" : "Already Enlisted? Resume Journey!"}
-          </span>
-        </div>
-
       </motion.div>
     </div>
   );