I’m building a small application whose first milestone is rock-solid user authentication backed by Laravel APIs and a PostgreSQL database. The system only needs one privileged role—Admin—but it must be implemented in a way that lets me add more roles later without refactoring the whole codebase. Backend • Laravel 10 (or the most recent LTS) will drive the REST API layer. Password-based sign-up, login, refreshable access tokens (Sanctum or JWT), password reset, and an audit trail for critical actions all have to be wired up. • PostgreSQL will store users, roles, and audit logs. Please structure the schema with migrations and seeders so I can re-create it in any environment with one command. Interfaces The same API will feed two clients: • A lightweight web interface (simple Blade views or a SPA—your call) so I can demo flows from a browser. • A starter mobile client that consumes the same endpoints. I’m happy with Flutter, React Native, or even Expo; pick whichever you’re most productive with, as long as it compiles on both iOS and Android. Deliverables 1. Clean, commented source code for the Laravel API, the web UI, and the mobile client. 2. Postman (or Insomnia) collection and short README showing how to spin everything up locally with Docker or a couple of artisan commands. 3. SQL migrations and seeders. 4. Brief deployment notes for pushing the backend to any standard Linux VPS or a Heroku-style platform. Acceptance I’ll run the migrations, create an Admin account, and confirm I can authenticate from both the browser and the mobile app, see the protected dashboard, and call a sample secured endpoint. If that workflow succeeds, we’re good to move to the next feature set.