feat: implement role-based access control and auth routes

This commit implements the role-based access control middleware and authentication routes as per the project's requirements. It includes:

backend/middleware/requireRole.js

@@ -0,0 +1,20 @@
+/**
+ * Middleware to require a specific role for an endpoint.
+ * @param {string[]} allowedRoles - Array of roles allowed to access the endpoint.
+ * @returns {function} Express middleware function.
+ */
+module.exports = (allowedRoles) => {
+  return (req, res, next) => {
+    const userRole = req.user?.role;
+    
+    if (!userRole) {
+      return res.status(401).json({ error: 'Authorization required' });
+    }
+    
+    if (!allowedRoles.includes(userRole)) {
+      return res.status(403).json({ error: 'Insufficient permissions' });
+    }
+    
+    next();
+  };
+};