diff --git a/app.js b/app.js
index 4e92152..def6ffb 100644
--- a/app.js
+++ b/app.js
@@ -224,14 +224,20 @@ app.post('/register', async (req, res) => {
 app.post('/login', async (req, res) => {
   const { username, password } = req.body;
   try {
-    const userResult = await pool.query('SELECT * FROM users WHERE username = $1', [username]);
+    const userResult = await pool.query("SELECT *, CASE WHEN admin_temp IS NOT NULL AND (now() - admin_temp) > interval '24 hours' THEN 'expired' ELSE 'valid' END AS admin_status FROM users WHERE username = $1", [ username]);
+    console.log(userResult.rows[0]);
     if (userResult.rows.length > 0) {
       const user = userResult.rows[0];
       const match = await bcrypt.compare(password, user.password);
       if (match) {
         if (user.is_active) {
           req.session.userId = user.id;
-          req.session.role=user.role;
+          if (user.admin_status === 'expired') {
+              await pool.query('UPDATE users SET role = $1, admin_temp = $2 WHERE id = $3', ['user', NULL , userId]);
+              req.session.role='user';    
+            } else {
+              req.session.role=user.role;
+            }          
           res.redirect('/training');
         }  else {
           res.redirect('/freischaltung')
@@ -264,10 +270,17 @@ app.get('/logout', (req, res) => {
 });
 
 // Benutzer freischalten (nur Admin)
-app.post('/activate', requireAuth, requireAdmin, async (req, res) => {
-  const { userId } = req.body;
+app.post('/userrights', requireAuth, requireAdmin, async (req, res) => {
+  const { userId, type } = req.body;
   try {
+    if (type === 'activate'){
     await pool.query('UPDATE users SET is_active = TRUE WHERE id = $1', [userId]);
+  } else if (type === 'admin') {
+    await pool.query('UPDATE users SET role = $1 WHERE id = $2', ['admin', userId]);
+  }
+  else if (type === 'admint') {
+    await pool.query('UPDATE users SET role = $1, admin_temp = $2 WHERE id = $3', ['admin', moment().toDate() , userId]);
+  }
     res.redirect('/admin');
   } catch (error) {
     console.error('Error activating user:', error);
@@ -417,7 +430,7 @@ app.post('/update-leader', requireAuth , async (req, res) => {
 
 // Admin-Seite
 app.get('/admin', requireAuth, requireAdmin, async (req, res) => {
-  const usersResult = await pool.query('SELECT * FROM users WHERE is_active = FALSE');
+  const usersResult = await pool.query('SELECT * FROM users');
   res.render('admin', { users: usersResult.rows, session: req.session }); // Stelle sicher, dass es eine admin.ejs gibt
 });
 
diff --git a/views/admin.ejs b/views/admin.ejs
index b681fa3..f9c5a6c 100644
--- a/views/admin.ejs
+++ b/views/admin.ejs
@@ -32,18 +32,52 @@
   </div>
   <div class="tab-pane fade" id="cont-2" role="tabpanel" aria-labelledby="tab-2">
     <ul>
-      <% if (users.length > 0) {%>
       <% users.forEach(user => { %>
         <li>
           <%= user.username %> - <%= user.email %>
-          <form action="/activate" method="post" style="display: inline;">
+          <% if (user.role === '0') { %>
+          <form action="/userrights" method="post" style="display: inline;">
+            <input type="hidden" name="type" value="activate">
             <input type="hidden" name="userId" value="<%= user.id %>">
             <button type="submit" class="btn btn-success">Activate</button>
           </form>
+        <% } else if (user.role === 'user') { %>
+          <button type="button" class="btn btn-primary" data-bs-toggle="modal" data-bs-target="#adminModal">
+            Admin
+          </button>
+
+          <div class="modal fade" id="adminModal" data-bs-backdrop="static" data-bs-keyboard="false" tabindex="-1" aria-labelledby="staticBackdropLabel" aria-hidden="true">
+            <div class="modal-dialog">
+              <div class="modal-content">
+                <div class="modal-header">
+                  <h1 class="modal-title fs-5" id="staticBackdropLabel">Zum Admin machen?</h1>
+                  <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
+                </div>
+                <div class="modal-body">
+                  <form action="/userrights" method="post" style="display: inline;">
+                    <input type="hidden" name="type" value="admin">
+                    <input type="hidden" name="userId" value="<%= user.id %>">
+                    <button type="submit" class="btn btn-success">Dauerhaft</button>
+                  </form>
+        
+                  <form action="/userrights" method="post" style="display: inline;">
+                    <input type="hidden" name="type" value="admint">
+                    <input type="hidden" name="userId" value="<%= user.id %>">
+                    <button type="submit" class="btn btn-success">Temporär (24h)</button>
+                  </form>
+                </div>
+                <div class="modal-footer">
+                  <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Close</button>
+                </div>
+              </div>
+            </div>
+          </div>
+
+
+
+        <% } %>
         </li>
-      <% }) } else { %>
-        <p>Keine User zum freischalten</p>
-      <% } %>
+        <% }); %>
     </ul>
   </div>
 </div>