Admin users have a special role in the system that will be used for developer/administrative tasks. Currently, admin users have:
- Special "Admin" badge on their profile
role: 'admin'in the database- Foundation for future admin-only features
-
Edit
backend/scripts/createAdminUser.jsand configure the admin user details:const adminData = { firstName: 'Your', lastName: 'Name', email: 'your-email@virginia.edu', password: 'your-secure-password', // ... rest of config };
-
Run the script:
cd backend node scripts/createAdminUser.js
- Go to Firebase Console → Firestore Database
- Navigate to the
userscollection - Find your existing user document (or create a new one)
- Update the
rolefield toadmin
- In
frontend/app/(tabs)/signup.jsx, change line 53:// Change from: const result = await signup(firstName, lastName, email, password, 'member'); // To: const result = await signup(firstName, lastName, email, password, 'admin');
- Sign up through the app
- Important: Change it back to 'member' afterwards!
Admin users will have access to:
- User management dashboard
- CIO approval/moderation
- Event moderation
- System analytics
- Content moderation
- Support ticket management
- System settings
// In any route with verifyToken middleware
const userDoc = await firestore.collection('users').doc(req.userId).get();
const isAdmin = userDoc.data().role === 'admin';
if (!isAdmin) {
return res.status(403).json({ error: 'Admin access required' });
}// In any component with AuthContext
const { user } = useAuth();
const isAdmin = user?.role === 'admin';
{isAdmin && (
<AdminOnlyFeature />
)}- Never hardcode admin credentials in the frontend code
- Admin accounts should use strong passwords
- Limit admin accounts to trusted developers only
- Consider adding 2FA for admin accounts in production
- Log all admin actions for audit trails
member- Regular userscio_exec- CIO executivesadmin- System administrators (developers)