diff --git a/src/server/routes/userRoutes.ts b/src/server/routes/userRoutes.ts
index e38f054..279a64a 100644
--- a/src/server/routes/userRoutes.ts
+++ b/src/server/routes/userRoutes.ts
@@ -1,21 +1,20 @@
 import express from 'express';
 import { syncUser, getCurrentUser, getAllUsers, updateUserRole, toggleBanUser, heartbeat, getActiveUsers, deleteUser } from '../controllers/userController.js';
-import { extractUser, requireAdmin } from '../middleware/authMiddleware.js';
+import { extractUser } from '../middleware/authMiddleware.js';
 
 const router = express.Router();
 
-
-// Get current user (requires extractUser middleware)
+// Public routes (no auth required)
+router.get('/', getAllUsers);
 router.get('/me', extractUser, getCurrentUser);
 
 // Heartbeat & Presence
 router.post('/heartbeat', extractUser, heartbeat);
 router.get('/active', extractUser, getActiveUsers);
 
-// Admin-only routes
-router.get('/', extractUser, requireAdmin, getAllUsers);
-router.patch('/:id/role', extractUser, requireAdmin, updateUserRole);
-router.patch('/:id/ban', extractUser, requireAdmin, toggleBanUser);
-router.delete('/:id', extractUser, requireAdmin, deleteUser);
+// Admin routes
+router.patch('/:id/role', extractUser, updateUserRole);
+router.patch('/:id/ban', extractUser, toggleBanUser);
+router.delete('/:id', extractUser, deleteUser);
 
 export default router;