feat: add role-based access control for admin and member users

16. `docs/api.md

@@ -11,6 +11,20 @@ ### POST /api/logout
 - **Description**: Logout the user and revoke the token.
 - **Response**: JSON object with a success message.
 
+## Admin Management
+
+### GET /api/admin/users
+- **Description**: Get a list of users (restricted to member users).
+- **Response**: JSON object with a list of users.
+
+### POST /api/admin/users/{user}/activate
+- **Description**: Activate a user (restricted to member users).
+- **Response**: JSON object with a success message.
+
+### POST /api/admin/users/{user}/deactivate
+- **Description**: Deactivate a user (restricted to member users).
+- **Response**: JSON object with a success message.
+
 ## Frontend API
 
 ### GET /api/frontend

app/Http/Middleware/CheckRole.php

@@ -0,0 +1,16 @@
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+
+class CheckRole
+{
+    public function handle(Request $request, Closure $next, $role)
+    {
+        if ($request->user()->role !== $role) {
+            return response()->json(['error' => 'Unauthorized'], 403);
+        }
+
+        return $next($request);
+    }
+}

database/migrations/xxxx_xx_xx_add_role_to_users_table.php

@@ -0,0 +1,20 @@
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+class AddRoleToUsersTable extends Migration
+{
+    public function up()
+    {
+        Schema::table('users', function (Blueprint $table) {
+            $table->string('role')->default('member');
+        });
+    }
+
+    public function down()
+    {
+        Schema::table('users', function (Blueprint $table) {
+            $table->dropColumn('role');
+        });
+    }
+}