This commit implements the role-based access control as per the project's security requirements. It includes:
- A new middleware 'requireRole' that checks user roles for protected endpoints
- Updated auth routes with role protection
- Auth controller with proper registration and login logic including JWT token generation
- Default user role assignment during registration
