diff --git a/docs/BACKUP_RECOVERY.md b/docs/BACKUP_RECOVERY.md
index 6489d68..53bbed4 100644
--- a/docs/BACKUP_RECOVERY.md
+++ b/docs/BACKUP_RECOVERY.md
@@ -9,12 +9,19 @@ This document outlines the backup and recovery procedures for the StreamFlix Pos
### Automated Backups
- **Frequency**: Daily at 2:00 AM UTC
+ - Low Traffic Window: 2:00 AM UTC is statistically the time of lowest user activity across our target demographics.
+ Performance Impact: Running backups consumes CPU and I/O. Performing this during off-peak hours prevents API latency for active users.
- **Retention Policy**:
- - Daily backups: 7 days
- - Weekly backups: 4 weeks
- - Monthly backups: 12 months
+ - Daily backups: 7 days : Handles the most common scenario"I accidentally deleted something yesterday."
+ - Weekly backups: 4 weeks : Useful for identifying trends or issues that weren't noticed immediately.
+ - Monthly backups: 12 months : Required for long-term auditing and compliance without keeping 365 separate daily files (which would waste storage)
+
- **Storage Location**: `./backups/` directory
-- **Backup Method**: PostgreSQL `pg_dump` (logical backup)
+ - **Backup Method**: PostgreSQL `pg_dump` (logical backup)
+ - this has been choosen because of fallowings :
+ Portability: Logical SQL exports can be restored across different operating systems or slightly different PostgreSQL versions.
+ Granularity: It allows us to edit the SQL file if we only need to recover a specific table or row, which is impossible with a binary snapshot.
+ Size: Text-based SQL dumps compress highly efficiently with GZIP/ZIP.
### Manual Backup
diff --git a/src/main/java/com/example/streamflix/config/SecurityConfig.java b/src/main/java/com/example/streamflix/config/SecurityConfig.java
index f3d8754..fcbaf79 100644
--- a/src/main/java/com/example/streamflix/config/SecurityConfig.java
+++ b/src/main/java/com/example/streamflix/config/SecurityConfig.java
@@ -30,7 +30,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class)
.authorizeHttpRequests(auth -> auth
- .requestMatchers("/index.html", "/dashboard.html", "/css/**", "/js/**").permitAll()
+ .requestMatchers("/index.html", "/dashboard.html", "/css/**", "/js/**", "/admin.html").permitAll()
.requestMatchers("/api/v1/auth/register", "/api/v1/auth/login", "/api/v1/auth/verify", "/api/v1/auth/forgot-password", "/api/v1/auth/reset-password", "/api/v1/auth/admin/register").permitAll()
.requestMatchers("/api/v1/media/admin/**","/api/v1/media/movie/admin/**","/api/v1/media/series/admin/**")
.hasAnyRole("Junior", "Mid-level", "Senior")
diff --git a/src/main/resources/static/admin.html b/src/main/resources/static/admin.html
new file mode 100644
index 0000000..ad1a015
--- /dev/null
+++ b/src/main/resources/static/admin.html
@@ -0,0 +1,54 @@
+
+
+