Your verbosity is much appreciated. So many tutorials are a case of ‘here’s the code’ without explaining the interconnectivity of the various components of the app and detailing the code usage within those components as you have achieved.

Your tutorial provides a great base case that can be modified/extended because of the clarity of presentation.

Now I can explore how to register an Admin user and protect the Admin (api) routes. Presently thinking of a config file with Admin credentials to be read on app startup and possibly stored in a db collection. Then add roles to saved (non-admin) user data.

Anyway, thanks.