Admin panel: dashboard (stats), user management (search/plan change/ban), scan viewer (delete), team manager, API key viewer (revoke), activity logs — admin: ankygaur9972@gmail.com

web/app/admin/page.tsx

@@ -0,0 +1,334 @@
+"use client";
+
+import { useState, useEffect } from "react";
+import Link from "next/link";
+import {
+  LayoutDashboard, Users, ScanText, Key, Shield, ScrollText, Activity,
+  Search, Ban, CircleCheck, ChevronDown, ChevronUp, Trash2, Crown,
+  ArrowLeft, RefreshCw, TriangleAlert, UserCheck, Eye, EyeOff
+} from "lucide-react";
+
+type Tab = "overview" | "users" | "scans" | "teams" | "api-keys" | "logs";
+
+export default function AdminPage() {
+  const [tab, setTab] = useState<Tab>("overview");
+  const [stats, setStats] = useState<any>(null);
+  const [users, setUsers] = useState<any[]>([]);
+  const [scans, setScans] = useState<any[]>([]);
+  const [teams, setTeams] = useState<any[]>([]);
+  const [apiKeys, setApiKeys] = useState<any[]>([]);
+  const [logs, setLogs] = useState<any[]>([]);
+  const [search, setSearch] = useState("");
+  const [loading, setLoading] = useState(false);
+  const [userTotal, setUserTotal] = useState(0);
+  const [scanTotal, setScanTotal] = useState(0);
+
+  async function fetchData(action: string, params?: Record<string, string>) {
+    const qs = new URLSearchParams({ action, ...params });
+    const res = await fetch(`/api/admin?${qs}`);
+    if (!res.ok) { window.location.href = "/dashboard-pages/dashboard"; return null; }
+    return res.json();
+  }
+
+  async function adminAction(body: any) {
+    setLoading(true);
+    await fetch("/api/admin", { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify(body) });
+    setLoading(false);
+    loadTab(tab);
+  }
+
+  async function loadTab(t: Tab) {
+    setLoading(true);
+    switch (t) {
+      case "overview": { const d = await fetchData("stats"); if (d) setStats(d); break; }
+      case "users": { const d = await fetchData("users", search ? { search } : {}); if (d) { setUsers(d.users); setUserTotal(d.total); } break; }
+      case "scans": { const d = await fetchData("scans"); if (d) { setScans(d.scans); setScanTotal(d.total); } break; }
+      case "teams": { const d = await fetchData("teams"); if (d) setTeams(d.teams); break; }
+      case "api-keys": { const d = await fetchData("api-keys"); if (d) setApiKeys(d.keys); break; }
+      case "logs": { const d = await fetchData("logs"); if (d) setLogs(d.logs); break; }
+    }
+    setLoading(false);
+  }
+
+  useEffect(() => { loadTab(tab); }, [tab]);
+
+  const TABS: { key: Tab; label: string; icon: any }[] = [
+    { key: "overview", label: "Overview", icon: LayoutDashboard },
+    { key: "users", label: "Users", icon: Users },
+    { key: "scans", label: "Scans", icon: ScanText },
+    { key: "teams", label: "Teams", icon: Shield },
+    { key: "api-keys", label: "API Keys", icon: Key },
+    { key: "logs", label: "Activity", icon: Activity },
+  ];
+
+  const planBadge = (plan: string) => {
+    const c: Record<string, string> = { free: "bg-zinc-100 text-zinc-600", pro: "bg-blue-50 text-blue-700", team: "bg-purple-50 text-purple-700" };
+    return <span className={`text-[11px] font-medium px-2 py-0.5 rounded ${c[plan] || c.free}`}>{plan}</span>;
+  };
+
+  return (
+    <div className="min-h-screen bg-white">
+      <div className="max-w-6xl mx-auto px-5 py-8">
+        {/* Header */}
+        <div className="flex items-center justify-between mb-8">
+          <div>
+            <Link href="/dashboard-pages/dashboard" className="inline-flex items-center gap-1.5 text-sm text-zinc-400 hover:text-zinc-600 mb-2">
+              <ArrowLeft className="w-3.5 h-3.5" /> Dashboard
+            </Link>
+            <h1 className="text-2xl font-semibold tracking-tight flex items-center gap-2">
+              <Crown className="w-6 h-6 text-amber-500" />
+              Admin Panel
+            </h1>
+          </div>
+          <button onClick={() => loadTab(tab)} disabled={loading}
+            className="p-2 rounded-lg hover:bg-zinc-100 text-zinc-400 disabled:opacity-40">
+            <RefreshCw className={`w-4 h-4 ${loading ? "animate-spin" : ""}`} />
+          </button>
+        </div>
+
+        {/* Tabs */}
+        <div className="flex gap-1 mb-6 overflow-x-auto pb-1">
+          {TABS.map((t) => (
+            <button key={t.key} onClick={() => setTab(t.key)}
+              className={`flex items-center gap-2 px-4 py-2 rounded-lg text-sm font-medium whitespace-nowrap transition-colors ${
+                tab === t.key ? "bg-zinc-900 text-white" : "text-zinc-500 hover:bg-zinc-100"
+              }`}>
+              <t.icon className="w-4 h-4" />
+              {t.label}
+            </button>
+          ))}
+        </div>
+
+        {/* Overview */}
+        {tab === "overview" && stats && (
+          <div className="space-y-6">
+            <div className="grid grid-cols-2 md:grid-cols-4 gap-4">
+              {[
+                { label: "Total Users", value: stats.total_users, sub: `${stats.banned_users} banned` },
+                { label: "Pro Users", value: stats.pro_users },
+                { label: "Team Users", value: stats.team_users },
+                { label: "Free Users", value: stats.free_users },
+                { label: "Total Scans", value: stats.total_scans },
+                { label: "Scans Today", value: stats.scans_today },
+                { label: "Teams", value: stats.total_teams },
+                { label: "Active API Keys", value: stats.total_api_keys },
+              ].map((s, i) => (
+                <div key={i} className="border border-zinc-200 rounded-xl p-4">
+                  <p className="text-xs text-zinc-400">{s.label}</p>
+                  <p className="text-2xl font-semibold mt-1">{s.value}</p>
+                  {s.sub && <p className="text-xs text-zinc-400 mt-0.5">{s.sub}</p>}
+                </div>
+              ))}
+            </div>
+          </div>
+        )}
+
+        {/* Users */}
+        {tab === "users" && (
+          <div>
+            <div className="flex gap-2 mb-4">
+              <div className="flex-1 relative">
+                <Search className="w-4 h-4 absolute left-3 top-1/2 -translate-y-1/2 text-zinc-400" />
+                <input value={search} onChange={(e) => setSearch(e.target.value)}
+                  onKeyDown={(e) => e.key === "Enter" && loadTab("users")}
+                  placeholder="Search by email or name..."
+                  className="w-full pl-10 pr-4 py-2.5 border border-zinc-200 rounded-lg text-sm focus:outline-none focus:border-zinc-400" />
+              </div>
+              <button onClick={() => loadTab("users")} className="px-4 bg-zinc-900 text-white rounded-lg text-sm font-medium hover:bg-zinc-800">Search</button>
+            </div>
+            <p className="text-xs text-zinc-400 mb-3">{userTotal} users total</p>
+            <div className="border border-zinc-200 rounded-xl overflow-hidden">
+              <table className="w-full text-sm">
+                <thead className="bg-zinc-50 border-b border-zinc-200">
+                  <tr>
+                    <th className="text-left px-4 py-3 font-medium text-zinc-500">User</th>
+                    <th className="text-left px-4 py-3 font-medium text-zinc-500">Plan</th>
+                    <th className="text-left px-4 py-3 font-medium text-zinc-500">Scans</th>
+                    <th className="text-left px-4 py-3 font-medium text-zinc-500">Joined</th>
+                    <th className="text-right px-4 py-3 font-medium text-zinc-500">Actions</th>
+                  </tr>
+                </thead>
+                <tbody className="divide-y divide-zinc-100">
+                  {users.map((u) => (
+                    <tr key={u.id} className={`${u.is_banned ? "opacity-50 bg-red-50/30" : "hover:bg-zinc-50"}`}>
+                      <td className="px-4 py-3">
+                        <p className="font-medium flex items-center gap-1.5">
+                          {u.full_name || u.email}
+                          {u.role === "admin" && <Crown className="w-3.5 h-3.5 text-amber-500" />}
+                          {u.is_banned && <Ban className="w-3.5 h-3.5 text-red-500" />}
+                        </p>
+                        <p className="text-xs text-zinc-400">{u.email}</p>
+                      </td>
+                      <td className="px-4 py-3">{planBadge(u.plan)}</td>
+                      <td className="px-4 py-3 text-zinc-500">{u.analyses_this_month}/mo</td>
+                      <td className="px-4 py-3 text-xs text-zinc-400">{new Date(u.created_at).toLocaleDateString()}</td>
+                      <td className="px-4 py-3 text-right">
+                        <div className="flex gap-1 justify-end">
+                          <select defaultValue={u.plan} onChange={(e) => adminAction({ action: "update_plan", userId: u.id, plan: e.target.value })}
+                            className="text-xs border border-zinc-200 rounded px-2 py-1 bg-white">
+                            <option value="free">Free</option>
+                            <option value="pro">Pro</option>
+                            <option value="team">Team</option>
+                          </select>
+                          <button onClick={() => adminAction({ action: "ban_user", userId: u.id, banned: !u.is_banned })}
+                            className={`p-1.5 rounded hover:bg-zinc-100 ${u.is_banned ? "text-emerald-500" : "text-red-400"}`}
+                            title={u.is_banned ? "Unban" : "Ban"}>
+                            {u.is_banned ? <CircleCheck className="w-3.5 h-3.5" /> : <Ban className="w-3.5 h-3.5" />}
+                          </button>
+                        </div>
+                      </td>
+                    </tr>
+                  ))}
+                </tbody>
+              </table>
+            </div>
+          </div>
+        )}
+
+        {/* Scans */}
+        {tab === "scans" && (
+          <div>
+            <p className="text-xs text-zinc-400 mb-3">{scanTotal} scans total</p>
+            <div className="border border-zinc-200 rounded-xl overflow-hidden">
+              <table className="w-full text-sm">
+                <thead className="bg-zinc-50 border-b border-zinc-200">
+                  <tr>
+                    <th className="text-left px-4 py-3 font-medium text-zinc-500">Source</th>
+                    <th className="text-left px-4 py-3 font-medium text-zinc-500">Grade</th>
+                    <th className="text-left px-4 py-3 font-medium text-zinc-500">Risk</th>
+                    <th className="text-left px-4 py-3 font-medium text-zinc-500">Clauses</th>
+                    <th className="text-left px-4 py-3 font-medium text-zinc-500">Date</th>
+                    <th className="text-right px-4 py-3 font-medium text-zinc-500">Actions</th>
+                  </tr>
+                </thead>
+                <tbody className="divide-y divide-zinc-100">
+                  {scans.map((s) => (
+                    <tr key={s.id} className="hover:bg-zinc-50">
+                      <td className="px-4 py-3 max-w-xs truncate text-zinc-700">{s.source_url || "Manual scan"}</td>
+                      <td className="px-4 py-3">
+                        <span className={`text-xs font-semibold px-2 py-0.5 rounded ${
+                          s.grade === "F" || s.grade === "D" ? "bg-red-50 text-red-700" :
+                          s.grade === "C" ? "bg-amber-50 text-amber-700" : "bg-emerald-50 text-emerald-700"
+                        }`}>{s.grade}</span>
+                      </td>
+                      <td className="px-4 py-3 text-zinc-500">{s.risk_score}/100</td>
+                      <td className="px-4 py-3 text-zinc-500">{s.flagged_count}/{s.total_clauses}</td>
+                      <td className="px-4 py-3 text-xs text-zinc-400">{new Date(s.created_at).toLocaleDateString()}</td>
+                      <td className="px-4 py-3 text-right">
+                        <button onClick={() => adminAction({ action: "delete_scan", scanId: s.id })}
+                          className="p-1.5 rounded hover:bg-red-50 text-red-400" title="Delete">
+                          <Trash2 className="w-3.5 h-3.5" />
+                        </button>
+                      </td>
+                    </tr>
+                  ))}
+                </tbody>
+              </table>
+            </div>
+          </div>
+        )}
+
+        {/* Teams */}
+        {tab === "teams" && (
+          <div className="border border-zinc-200 rounded-xl overflow-hidden">
+            <table className="w-full text-sm">
+              <thead className="bg-zinc-50 border-b border-zinc-200">
+                <tr>
+                  <th className="text-left px-4 py-3 font-medium text-zinc-500">Team</th>
+                  <th className="text-left px-4 py-3 font-medium text-zinc-500">Owner</th>
+                  <th className="text-left px-4 py-3 font-medium text-zinc-500">Seats</th>
+                  <th className="text-left px-4 py-3 font-medium text-zinc-500">Created</th>
+                  <th className="text-right px-4 py-3 font-medium text-zinc-500">Actions</th>
+                </tr>
+              </thead>
+              <tbody className="divide-y divide-zinc-100">
+                {teams.map((t) => (
+                  <tr key={t.id} className="hover:bg-zinc-50">
+                    <td className="px-4 py-3 font-medium">{t.name}</td>
+                    <td className="px-4 py-3 text-xs text-zinc-400 font-mono">{t.owner_id.slice(0, 8)}...</td>
+                    <td className="px-4 py-3 text-zinc-500">{t.max_seats}</td>
+                    <td className="px-4 py-3 text-xs text-zinc-400">{new Date(t.created_at).toLocaleDateString()}</td>
+                    <td className="px-4 py-3 text-right">
+                      <button onClick={() => adminAction({ action: "delete_team", teamId: t.id })}
+                        className="p-1.5 rounded hover:bg-red-50 text-red-400" title="Delete team">
+                        <Trash2 className="w-3.5 h-3.5" />
+                      </button>
+                    </td>
+                  </tr>
+                ))}
+                {teams.length === 0 && <tr><td colSpan={5} className="px-4 py-8 text-center text-zinc-400">No teams yet.</td></tr>}
+              </tbody>
+            </table>
+          </div>
+        )}
+
+        {/* API Keys */}
+        {tab === "api-keys" && (
+          <div className="border border-zinc-200 rounded-xl overflow-hidden">
+            <table className="w-full text-sm">
+              <thead className="bg-zinc-50 border-b border-zinc-200">
+                <tr>
+                  <th className="text-left px-4 py-3 font-medium text-zinc-500">Name</th>
+                  <th className="text-left px-4 py-3 font-medium text-zinc-500">Key</th>
+                  <th className="text-left px-4 py-3 font-medium text-zinc-500">Usage</th>
+                  <th className="text-left px-4 py-3 font-medium text-zinc-500">Status</th>
+                  <th className="text-right px-4 py-3 font-medium text-zinc-500">Actions</th>
+                </tr>
+              </thead>
+              <tbody className="divide-y divide-zinc-100">
+                {apiKeys.map((k) => (
+                  <tr key={k.id} className="hover:bg-zinc-50">
+                    <td className="px-4 py-3 font-medium">{k.name}</td>
+                    <td className="px-4 py-3 text-xs text-zinc-400 font-mono">{k.key_prefix}</td>
+                    <td className="px-4 py-3 text-zinc-500">{k.calls_this_month}/{k.calls_limit}</td>
+                    <td className="px-4 py-3">
+                      <span className={`text-xs font-medium px-2 py-0.5 rounded ${k.is_active ? "bg-emerald-50 text-emerald-700" : "bg-red-50 text-red-700"}`}>
+                        {k.is_active ? "Active" : "Revoked"}
+                      </span>
+                    </td>
+                    <td className="px-4 py-3 text-right">
+                      {k.is_active && (
+                        <button onClick={() => adminAction({ action: "revoke_api_key", keyId: k.id })}
+                          className="p-1.5 rounded hover:bg-red-50 text-red-400" title="Revoke">
+                          <Ban className="w-3.5 h-3.5" />
+                        </button>
+                      )}
+                    </td>
+                  </tr>
+                ))}
+                {apiKeys.length === 0 && <tr><td colSpan={5} className="px-4 py-8 text-center text-zinc-400">No API keys.</td></tr>}
+              </tbody>
+            </table>
+          </div>
+        )}
+
+        {/* Activity Logs */}
+        {tab === "logs" && (
+          <div className="border border-zinc-200 rounded-xl overflow-hidden">
+            <table className="w-full text-sm">
+              <thead className="bg-zinc-50 border-b border-zinc-200">
+                <tr>
+                  <th className="text-left px-4 py-3 font-medium text-zinc-500">Action</th>
+                  <th className="text-left px-4 py-3 font-medium text-zinc-500">Target</th>
+                  <th className="text-left px-4 py-3 font-medium text-zinc-500">Details</th>
+                  <th className="text-left px-4 py-3 font-medium text-zinc-500">Time</th>
+                </tr>
+              </thead>
+              <tbody className="divide-y divide-zinc-100">
+                {logs.map((l) => (
+                  <tr key={l.id} className="hover:bg-zinc-50">
+                    <td className="px-4 py-3 font-medium">{l.action}</td>
+                    <td className="px-4 py-3 text-xs text-zinc-400">{l.target_type}: {l.target_id?.slice(0, 8)}...</td>
+                    <td className="px-4 py-3 text-xs text-zinc-400 font-mono">{l.details ? JSON.stringify(l.details) : "—"}</td>
+                    <td className="px-4 py-3 text-xs text-zinc-400">{new Date(l.created_at).toLocaleString()}</td>
+                  </tr>
+                ))}
+                {logs.length === 0 && <tr><td colSpan={4} className="px-4 py-8 text-center text-zinc-400">No admin actions yet.</td></tr>}
+              </tbody>
+            </table>
+          </div>
+        )}
+      </div>
+    </div>
+  );
+}

web/app/api/admin/route.ts

@@ -0,0 +1,162 @@
+import { NextRequest, NextResponse } from "next/server";
+import { createClient } from "@/lib/supabase/server";
+
+const ADMIN_EMAILS = ["ankygaur9972@gmail.com"];
+
+async function checkAdmin() {
+  const supabase = await createClient();
+  const { data: { user } } = await supabase.auth.getUser();
+  if (!user || !ADMIN_EMAILS.includes(user.email || "")) {
+    return { supabase: null, user: null, error: true };
+  }
+  return { supabase, user, error: false };
+}
+
+// GET — admin stats + data
+export async function GET(req: NextRequest) {
+  const { supabase, user, error } = await checkAdmin();
+  if (error || !supabase || !user) return NextResponse.json({ error: "Forbidden" }, { status: 403 });
+
+  const url = new URL(req.url);
+  const action = url.searchParams.get("action");
+
+  switch (action) {
+    case "stats": {
+      const { count: totalUsers } = await supabase.from("profiles").select("id", { count: "exact", head: true });
+      const { count: proUsers } = await supabase.from("profiles").select("id", { count: "exact", head: true }).eq("plan", "pro");
+      const { count: teamUsers } = await supabase.from("profiles").select("id", { count: "exact", head: true }).eq("plan", "team");
+      const { count: totalScans } = await supabase.from("analyses").select("id", { count: "exact", head: true });
+      const { count: totalTeams } = await supabase.from("teams").select("id", { count: "exact", head: true });
+      const { count: totalApiKeys } = await supabase.from("api_keys").select("id", { count: "exact", head: true }).eq("is_active", true);
+      const { count: bannedUsers } = await supabase.from("profiles").select("id", { count: "exact", head: true }).eq("is_banned", true);
+
+      // Scans today
+      const today = new Date();
+      today.setHours(0, 0, 0, 0);
+      const { count: scansToday } = await supabase.from("analyses").select("id", { count: "exact", head: true }).gte("created_at", today.toISOString());
+
+      return NextResponse.json({
+        total_users: totalUsers || 0,
+        pro_users: proUsers || 0,
+        team_users: teamUsers || 0,
+        free_users: (totalUsers || 0) - (proUsers || 0) - (teamUsers || 0),
+        total_scans: totalScans || 0,
+        scans_today: scansToday || 0,
+        total_teams: totalTeams || 0,
+        total_api_keys: totalApiKeys || 0,
+        banned_users: bannedUsers || 0,
+      });
+    }
+
+    case "users": {
+      const limit = parseInt(url.searchParams.get("limit") || "50");
+      const offset = parseInt(url.searchParams.get("offset") || "0");
+      const search = url.searchParams.get("search") || "";
+
+      let query = supabase.from("profiles")
+        .select("id, email, full_name, plan, role, is_banned, analyses_this_month, team_id, razorpay_subscription_id, created_at", { count: "exact" })
+        .order("created_at", { ascending: false })
+        .range(offset, offset + limit - 1);
+
+      if (search) {
+        query = query.or(`email.ilike.%${search}%,full_name.ilike.%${search}%`);
+      }
+
+      const { data: users, count } = await query;
+      return NextResponse.json({ users: users || [], total: count || 0 });
+    }
+
+    case "scans": {
+      const limit = parseInt(url.searchParams.get("limit") || "50");
+      const offset = parseInt(url.searchParams.get("offset") || "0");
+
+      const { data: scans, count } = await supabase.from("analyses")
+        .select("id, user_id, source_url, risk_score, grade, flagged_count, total_clauses, created_at", { count: "exact" })
+        .order("created_at", { ascending: false })
+        .range(offset, offset + limit - 1);
+
+      return NextResponse.json({ scans: scans || [], total: count || 0 });
+    }
+
+    case "teams": {
+      const { data: teams } = await supabase.from("teams").select("*").order("created_at", { ascending: false });
+      return NextResponse.json({ teams: teams || [] });
+    }
+
+    case "api-keys": {
+      const { data: keys } = await supabase.from("api_keys")
+        .select("id, user_id, name, key_prefix, calls_this_month, calls_limit, is_active, created_at")
+        .order("created_at", { ascending: false });
+      return NextResponse.json({ keys: keys || [] });
+    }
+
+    case "logs": {
+      const { data: logs } = await supabase.from("admin_logs")
+        .select("*").order("created_at", { ascending: false }).limit(100);
+      return NextResponse.json({ logs: logs || [] });
+    }
+
+    default:
+      return NextResponse.json({ error: "Invalid action" }, { status: 400 });
+  }
+}
+
+// POST — admin actions
+export async function POST(req: NextRequest) {
+  const { supabase, user, error } = await checkAdmin();
+  if (error || !supabase || !user) return NextResponse.json({ error: "Forbidden" }, { status: 403 });
+
+  const body = await req.json();
+
+  switch (body.action) {
+    case "update_plan": {
+      const { userId, plan } = body;
+      await supabase.from("profiles").update({ plan, updated_at: new Date().toISOString() }).eq("id", userId);
+      await supabase.from("admin_logs").insert({
+        admin_id: user.id, action: "update_plan", target_type: "user", target_id: userId,
+        details: { plan },
+      });
+      return NextResponse.json({ success: true });
+    }
+
+    case "ban_user": {
+      const { userId, banned } = body;
+      await supabase.from("profiles").update({ is_banned: banned, updated_at: new Date().toISOString() }).eq("id", userId);
+      await supabase.from("admin_logs").insert({
+        admin_id: user.id, action: banned ? "ban_user" : "unban_user", target_type: "user", target_id: userId,
+      });
+      return NextResponse.json({ success: true });
+    }
+
+    case "delete_scan": {
+      const { scanId } = body;
+      await supabase.from("analyses").delete().eq("id", scanId);
+      await supabase.from("admin_logs").insert({
+        admin_id: user.id, action: "delete_scan", target_type: "scan", target_id: scanId,
+      });
+      return NextResponse.json({ success: true });
+    }
+
+    case "revoke_api_key": {
+      const { keyId } = body;
+      await supabase.from("api_keys").update({ is_active: false }).eq("id", keyId);
+      await supabase.from("admin_logs").insert({
+        admin_id: user.id, action: "revoke_api_key", target_type: "api_key", target_id: keyId,
+      });
+      return NextResponse.json({ success: true });
+    }
+
+    case "delete_team": {
+      const { teamId } = body;
+      await supabase.from("profiles").update({ team_id: null }).eq("team_id", teamId);
+      await supabase.from("teams").delete().eq("id", teamId);
+      await supabase.from("admin_logs").insert({
+        admin_id: user.id, action: "delete_team", target_type: "team", target_id: teamId,
+      });
+      return NextResponse.json({ success: true });
+    }
+
+    default:
+      return NextResponse.json({ error: "Invalid action" }, { status: 400 });
+  }
+}

web/components/nav.tsx

@@ -2,8 +2,9 @@
 
 import Link from "next/link";
 import { usePathname } from "next/navigation";
-import { ShieldCheck, Menu, X } from "lucide-react";
-import { useState } from "react";
+import { ShieldCheck, Menu, X, Crown } from "lucide-react";
+import { useState, useEffect } from "react";
+import { createClient } from "@/lib/supabase/client";
 
 const links = [
   { href: "/#features", label: "Features" },
@@ -11,10 +12,21 @@ const links = [
   { href: "/dashboard-pages/analyze", label: "Scanner" },
 ];
 
+const ADMIN_EMAILS = ["ankygaur9972@gmail.com"];
+
 export function Nav() {
   const [open, setOpen] = useState(false);
+  const [userEmail, setUserEmail] = useState<string | null>(null);
   const pathname = usePathname();
   const isDashboard = pathname?.startsWith("/dashboard");
+  const isAdmin = userEmail && ADMIN_EMAILS.includes(userEmail);
+
+  useEffect(() => {
+    const supabase = createClient();
+    supabase.auth.getUser().then(({ data }) => {
+      setUserEmail(data.user?.email || null);
+    });
+  }, []);
 
   return (
     <nav className="sticky top-0 z-50 bg-white/80 backdrop-blur-md border-b border-zinc-100">
@@ -24,7 +36,6 @@ export function Nav() {
           <span className="font-semibold text-[15px] tracking-tight text-zinc-900">ClauseGuard</span>
         </Link>
 
-        {/* Desktop */}
         <div className="hidden md:flex items-center gap-1">
           {links.map((l) => (
             <a key={l.href} href={l.href}
@@ -32,8 +43,17 @@ export function Nav() {
               {l.label}
             </a>
           ))}
+
+          {isAdmin && (
+            <Link href="/admin"
+              className="px-3 py-1.5 text-[13px] text-amber-600 hover:text-amber-700 rounded-md hover:bg-amber-50 transition-colors flex items-center gap-1">
+              <Crown className="w-3.5 h-3.5" /> Admin
+            </Link>
+          )}
+
           <div className="w-px h-4 bg-zinc-200 mx-2" />
-          {isDashboard ? (
+
+          {isDashboard || userEmail ? (
             <Link href="/dashboard-pages/settings"
               className="px-3 py-1.5 text-[13px] text-zinc-500 hover:text-zinc-900 rounded-md hover:bg-zinc-50">
               Settings
@@ -44,27 +64,27 @@ export function Nav() {
               Log in
             </Link>
           )}
-          <Link href={isDashboard ? "/dashboard-pages/analyze" : "/auth/signup"}
+          <Link href={isDashboard || userEmail ? "/dashboard-pages/analyze" : "/auth/signup"}
             className="ml-1 px-3.5 py-1.5 text-[13px] font-medium text-white bg-zinc-900 rounded-md hover:bg-zinc-800 transition-colors">
-            {isDashboard ? "New scan" : "Get started"}
+            {isDashboard || userEmail ? "New scan" : "Get started"}
           </Link>
         </div>
 
-        {/* Mobile toggle */}
         <button className="md:hidden p-1.5 rounded-md hover:bg-zinc-100" onClick={() => setOpen(!open)}>
           {open ? <X className="w-5 h-5" /> : <Menu className="w-5 h-5" />}
         </button>
       </div>
 
-      {/* Mobile menu */}
       {open && (
         <div className="md:hidden border-t border-zinc-100 bg-white px-5 py-3 space-y-1">
           {links.map((l) => (
             <a key={l.href} href={l.href} onClick={() => setOpen(false)}
-              className="block px-3 py-2 text-sm text-zinc-600 rounded-md hover:bg-zinc-50">
-              {l.label}
-            </a>
+              className="block px-3 py-2 text-sm text-zinc-600 rounded-md hover:bg-zinc-50">{l.label}</a>
           ))}
+          {isAdmin && (
+            <Link href="/admin" onClick={() => setOpen(false)}
+              className="block px-3 py-2 text-sm text-amber-600 rounded-md hover:bg-amber-50">Admin</Link>
+          )}
           <Link href="/auth/login" onClick={() => setOpen(false)}
             className="block px-3 py-2 text-sm text-zinc-600 rounded-md hover:bg-zinc-50">Log in</Link>
         </div>

web/lib/admin-guard.ts

@@ -0,0 +1,29 @@
+import { createClient } from "@/lib/supabase/server";
+import { redirect } from "next/navigation";
+
+const ADMIN_EMAILS = ["ankygaur9972@gmail.com"];
+
+export async function requireAdmin() {
+  const supabase = await createClient();
+  const { data: { user } } = await supabase.auth.getUser();
+
+  if (!user) redirect("/auth/login");
+
+  // Check email first (fast)
+  if (!ADMIN_EMAILS.includes(user.email || "")) {
+    redirect("/dashboard-pages/dashboard");
+  }
+
+  // Double check role in DB
+  const { data: profile } = await supabase
+    .from("profiles")
+    .select("role")
+    .eq("id", user.id)
+    .single();
+
+  if (profile?.role !== "admin") {
+    redirect("/dashboard-pages/dashboard");
+  }
+
+  return { user, supabase };
+}

web/lib/supabase/admin-schema.sql

@@ -0,0 +1,47 @@
+-- ClauseGuard — Admin Schema Extension
+-- Run AFTER the main schema.sql
+
+-- Add role column to profiles
+ALTER TABLE public.profiles ADD COLUMN IF NOT EXISTS role TEXT DEFAULT 'user' CHECK (role IN ('user', 'admin'));
+
+-- Add is_banned column
+ALTER TABLE public.profiles ADD COLUMN IF NOT EXISTS is_banned BOOLEAN DEFAULT false;
+
+-- Set admin
+UPDATE public.profiles SET role = 'admin' WHERE email = 'ankygaur9972@gmail.com';
+
+-- Activity log
+CREATE TABLE IF NOT EXISTS public.admin_logs (
+  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+  admin_id UUID REFERENCES auth.users NOT NULL,
+  action TEXT NOT NULL,
+  target_type TEXT,  -- 'user', 'team', 'scan', 'api_key', 'rule'
+  target_id TEXT,
+  details JSONB,
+  created_at TIMESTAMPTZ DEFAULT NOW()
+);
+
+CREATE INDEX IF NOT EXISTS idx_admin_logs_created ON public.admin_logs(created_at DESC);
+
+-- Admin RLS: admins can read all tables
+CREATE POLICY "Admins can read all profiles" ON public.profiles FOR SELECT
+  USING (auth.uid() IN (SELECT id FROM public.profiles WHERE role = 'admin'));
+
+CREATE POLICY "Admins can update all profiles" ON public.profiles FOR UPDATE
+  USING (auth.uid() IN (SELECT id FROM public.profiles WHERE role = 'admin'));
+
+CREATE POLICY "Admins can read all analyses" ON public.analyses FOR SELECT
+  USING (auth.uid() IN (SELECT id FROM public.profiles WHERE role = 'admin'));
+
+CREATE POLICY "Admins can read all teams" ON public.teams FOR SELECT
+  USING (auth.uid() IN (SELECT id FROM public.profiles WHERE role = 'admin'));
+
+CREATE POLICY "Admins can read all api_keys" ON public.api_keys FOR SELECT
+  USING (auth.uid() IN (SELECT id FROM public.profiles WHERE role = 'admin'));
+
+CREATE POLICY "Admins can read all custom_rules" ON public.custom_rules FOR SELECT
+  USING (auth.uid() IN (SELECT id FROM public.profiles WHERE role = 'admin'));
+
+ALTER TABLE public.admin_logs ENABLE ROW LEVEL SECURITY;
+CREATE POLICY "Admins can manage logs" ON public.admin_logs FOR ALL
+  USING (auth.uid() IN (SELECT id FROM public.profiles WHERE role = 'admin'));