diff --git a/key.py b/key.py
new file mode 100644
index 0000000000000000000000000000000000000000..de89840834c0e7e52b5144dccf6a2d518de977e4
--- /dev/null
+++ b/key.py
@@ -0,0 +1,32 @@
+# management/generate_vapid_keys.py
+# -*- coding: utf-8 -*-
+import base64
+import os
+from cryptography.hazmat.primitives.asymmetric import ec
+from cryptography.hazmat.primitives import hashes
+from cryptography.hazmat.primitives.kdf.hkdf import HKDF
+from cryptography.hazmat.backends import default_backend
+
+# تابعی برای تولید کلیدهای VAPID
+def generate_vapid_keys():
+    """
+    این تابع یک جفت کلید عمومی و خصوصی VAPID تولید می‌کند.
+    """
+    private_key = ec.generate_private_key(ec.SECP256R1(), default_backend())
+    public_key = private_key.public_key()
+    
+    # برای استفاده در فرانت‌اند
+    public_key_bytes = public_key.public_numbers().x.to_bytes(32, 'big') + public_key.public_numbers().y.to_bytes(32, 'big')
+    public_key_b64 = base64.urlsafe_b64encode(public_key_bytes).decode('utf-8').rstrip('=')
+
+    # برای استفاده در بک‌اند
+    private_key_bytes = private_key.private_numbers().private_value.to_bytes(32, 'big')
+    private_key_b64 = base64.urlsafe_b64encode(private_key_bytes).decode('utf-8').rstrip('=')
+
+    print("VAPID Public Key:", public_key_b64)
+    print("VAPID Private Key:", private_key_b64)
+
+if __name__ == '__main__':
+    generate_vapid_keys()
+
+
diff --git a/manage.py b/manage.py
new file mode 100644
index 0000000000000000000000000000000000000000..24f05e825a5ccb2f17388273d07a0a36d9931d3d
--- /dev/null
+++ b/manage.py
@@ -0,0 +1,20 @@
+#!/usr/bin/env python
+"""Django's command-line utility for administrative tasks."""
+import os
+import sys
+
+def main():
+    """Run administrative tasks."""
+    os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'my_panel_project.settings')
+    try:
+        from django.core.management import execute_from_command_line
+    except ImportError as exc:
+        raise ImportError(
+            "Couldn't import Django. Are you sure it's installed and "
+            "available on your PYTHONPATH environment variable? Did you "
+            "forget to activate a virtual environment?"
+        ) from exc
+    execute_from_command_line(sys.argv)
+
+if __name__ == '__main__':
+    main()
diff --git a/management/__init__.py b/management/__init__.py
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/management/__pycache__/__init__.cpython-312.pyc b/management/__pycache__/__init__.cpython-312.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..e4d9d78579e26b4902c1a20d1979fd506a072008
Binary files /dev/null and b/management/__pycache__/__init__.cpython-312.pyc differ
diff --git a/management/__pycache__/admin.cpython-312.pyc b/management/__pycache__/admin.cpython-312.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..30ac7512904fe6c0eccda461b7ee2a05d3fcf648
Binary files /dev/null and b/management/__pycache__/admin.cpython-312.pyc differ
diff --git a/management/__pycache__/apps.cpython-312.pyc b/management/__pycache__/apps.cpython-312.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..b7d10ce10207918c71160416b63a3eb81726baec
Binary files /dev/null and b/management/__pycache__/apps.cpython-312.pyc differ
diff --git a/management/__pycache__/backends.cpython-312.pyc b/management/__pycache__/backends.cpython-312.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..bcf8604882b7e7250a4e16d86fa35a00333c2b73
Binary files /dev/null and b/management/__pycache__/backends.cpython-312.pyc differ
diff --git a/management/__pycache__/forms.cpython-312.pyc b/management/__pycache__/forms.cpython-312.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..7e836df935d998bf7e64fa21b1eaf088b8080301
Binary files /dev/null and b/management/__pycache__/forms.cpython-312.pyc differ
diff --git a/management/__pycache__/marzban_api.cpython-312.pyc b/management/__pycache__/marzban_api.cpython-312.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..526e124b737c34f60c546a72b0b6642916432e51
Binary files /dev/null and b/management/__pycache__/marzban_api.cpython-312.pyc differ
diff --git a/management/__pycache__/marzban_client.cpython-312.pyc b/management/__pycache__/marzban_client.cpython-312.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..a2076b0aeceb8a4d394e02362fff7a616b842319
Binary files /dev/null and b/management/__pycache__/marzban_client.cpython-312.pyc differ
diff --git a/management/__pycache__/models.cpython-312.pyc b/management/__pycache__/models.cpython-312.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..709eb1c5b3f0c9bc668d1420dd0f6f5938322249
Binary files /dev/null and b/management/__pycache__/models.cpython-312.pyc differ
diff --git a/management/__pycache__/serializers.cpython-312.pyc b/management/__pycache__/serializers.cpython-312.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..b074e4fb86ce4f81bb37aaa7b734f0e409ca4a06
Binary files /dev/null and b/management/__pycache__/serializers.cpython-312.pyc differ
diff --git a/management/__pycache__/tasks.cpython-312.pyc b/management/__pycache__/tasks.cpython-312.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..d6c8611ff00a244dddd83c5411a817950e5d33a5
Binary files /dev/null and b/management/__pycache__/tasks.cpython-312.pyc differ
diff --git a/management/__pycache__/urls.cpython-312.pyc b/management/__pycache__/urls.cpython-312.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..5af555b9ef79cea0c2bb896ec771a625a0a4ada1
Binary files /dev/null and b/management/__pycache__/urls.cpython-312.pyc differ
diff --git a/management/__pycache__/utils.cpython-312.pyc b/management/__pycache__/utils.cpython-312.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..2864c3b71335ceba0fd15c557c273c4fff269f09
Binary files /dev/null and b/management/__pycache__/utils.cpython-312.pyc differ
diff --git a/management/__pycache__/views.cpython-312.pyc b/management/__pycache__/views.cpython-312.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..e73eacdc987b610ff39be5f7df9addd9b821ef97
Binary files /dev/null and b/management/__pycache__/views.cpython-312.pyc differ
diff --git a/management/admin.py b/management/admin.py
new file mode 100644
index 0000000000000000000000000000000000000000..fc6c269352653517cc032df62b715e7a814fdd2a
--- /dev/null
+++ b/management/admin.py
@@ -0,0 +1,130 @@
+# management/admin.py
+# -*- coding: utf-8 -*-
+from django.contrib import admin
+from django.contrib.auth.admin import UserAdmin as BaseUserAdmin
+from .models import (
+    CustomUser,
+    AdminLevel2,
+    Panel,
+    License,
+    EndUser,
+    Plan,
+    Subscription,
+    Payment,
+    DiscountCode,
+    TelegramUser,
+    SecurityToken,
+    PushSubscription,
+    PaymentMethod,
+    PaymentSetting,
+    PaymentDetail
+)
+
+# تنظیمات ادمین برای مدل CustomUser
+@admin.register(CustomUser)
+class CustomUserAdmin(BaseUserAdmin):
+    list_display = ('username', 'email', 'role', 'is_staff')
+    list_filter = ('role', 'is_staff', 'is_superuser', 'is_active')
+    search_fields = ('username', 'email')
+    ordering = ('username',)
+    fieldsets = BaseUserAdmin.fieldsets + (
+        ('اطلاعات نقش', {'fields': ('role', 'marzban_admin_id')}),
+    )
+
+# تنظیمات ادمین برای مدل AdminLevel2
+@admin.register(AdminLevel2)
+class AdminLevel2Admin(admin.ModelAdmin):
+    # FIXED: 'marzban_api_token' does not exist in the model
+    list_display = ('user', 'telegram_chat_id', 'license_expiry_date')
+    search_fields = ('user__username',)
+
+# تنظیمات ادمین برای مدل Panel
+@admin.register(Panel)
+class PanelAdmin(admin.ModelAdmin):
+    # FIXED: 'url' and 'api_token' do not exist. Used correct fields.
+    list_display = ('name', 'owner', 'marzban_host')
+    search_fields = ('name', 'owner__username')
+
+# تنظیمات ادمین برای مدل License
+@admin.register(License)
+class LicenseAdmin(admin.ModelAdmin):
+    # FIXED: Used correct field names from the model ('key', 'owner', etc.)
+    list_display = ('key', 'owner', 'is_active', 'created_at', 'expiry_date')
+    list_filter = ('is_active',)
+    search_fields = ('key', 'owner__username')
+
+# تنظیمات ادمین برای مدل EndUser
+@admin.register(EndUser)
+class EndUserAdmin(admin.ModelAdmin):
+    list_display = ('username', 'panel', 'marzban_user_id')
+    search_fields = ('username', 'marzban_user_id')
+    list_filter = ('panel',)
+
+# تنظیمات ادمین برای مدل Plan
+@admin.register(Plan)
+class PlanAdmin(admin.ModelAdmin):
+    list_display = ('name', 'panel', 'price', 'duration_days', 'data_limit_gb', 'is_active')
+    list_filter = ('is_active', 'panel')
+    search_fields = ('name',)
+
+# تنظیمات ادمین برای مدل Subscription
+@admin.register(Subscription)
+class SubscriptionAdmin(admin.ModelAdmin):
+    list_display = ('end_user', 'plan', 'status', 'start_date', 'end_date', 'remaining_data_gb')
+    # FIXED: 'is_trial' does not exist in the model
+    list_filter = ('status', 'plan', 'panel')
+    search_fields = ('end_user__username',)
+    date_hierarchy = 'start_date'
+
+# تنظیمات ادمین برای مدل Payment
+@admin.register(Payment)
+class PaymentAdmin(admin.ModelAdmin):
+    list_display = ('subscription', 'admin', 'amount', 'status', 'created_at')
+    # IMPROVED: Filtering on image/text fields is not useful. Using status instead.
+    list_filter = ('status', 'admin')
+    search_fields = ('subscription__end_user__username',)
+    date_hierarchy = 'created_at'
+
+# تنظیمات ادمین برای مدل DiscountCode
+@admin.register(DiscountCode)
+class DiscountCodeAdmin(admin.ModelAdmin):
+    list_display = ('code', 'admin', 'discount_percentage', 'is_active')
+    list_filter = ('is_active',)
+    search_fields = ('code', 'admin__username',)
+
+# تنظیمات ادمین برای مدل TelegramUser
+@admin.register(TelegramUser)
+class TelegramUserAdmin(admin.ModelAdmin):
+    list_display = ('username', 'chat_id', 'admin_id')
+    search_fields = ('username', 'chat_id')
+
+# تنظیمات ادمین برای مدل SecurityToken
+@admin.register(SecurityToken)
+class SecurityTokenAdmin(admin.ModelAdmin):
+    list_display = ('admin_id', 'token', 'expiration_date')
+    search_fields = ('admin_id', 'token')
+
+# تنظیمات ادمین برای مدل PushSubscription
+@admin.register(PushSubscription)
+class PushSubscriptionAdmin(admin.ModelAdmin):
+    list_display = ('user', 'created_at')
+    search_fields = ('user__username',)
+
+# تنظیمات ادمین برای مدل PaymentMethod
+@admin.register(PaymentMethod)
+class PaymentMethodAdmin(admin.ModelAdmin):
+    list_display = ('name', 'is_active', 'can_be_managed_by_level3')
+    list_filter = ('is_active', 'can_be_managed_by_level3')
+
+# تنظیمات ادمین برای مدل PaymentSetting
+@admin.register(PaymentSetting)
+class PaymentSettingAdmin(admin.ModelAdmin):
+    list_display = ('admin_level_3', 'payment_method', 'is_active')
+    list_filter = ('is_active', 'payment_method')
+    search_fields = ('admin_level_3__user__username',)
+
+# تنظیمات ادمین برای مدل PaymentDetail
+@admin.register(PaymentDetail)
+class PaymentDetailAdmin(admin.ModelAdmin):
+    list_display = ('admin_level_3', 'card_number', 'wallet_address')
+    search_fields = ('admin_level_3__user__username',)
diff --git a/management/backends.py b/management/backends.py
new file mode 100644
index 0000000000000000000000000000000000000000..97ba5b716752e8a4f7415c79fd9e2d5bffabcfc2
--- /dev/null
+++ b/management/backends.py
@@ -0,0 +1,89 @@
+# management/backends.py
+# -*- coding: utf-8 -*-
+
+import asyncio
+import logging
+
+from django.contrib.auth.backends import BaseBackend
+from django.contrib.auth import get_user_model
+from marzban_api.marzban_client import Marzban
+from marzban_api.exceptions import AuthenticationError, MarzbanAPIError
+
+from .models import MarzbanAdmin, MarzbanUser, Panel, Role
+
+CustomUser = get_user_model()
+logger = logging.getLogger(__name__)
+
+class CustomMarzbanBackend(BaseBackend):
+    """
+    بک‌اند احراز هویت که admin_id و اطلاعات ادمین را از دیتابیس مرزبان پیدا می‌کند.
+    """
+    def authenticate(self, request, username=None, **kwargs):
+        if not username:
+            return None
+
+        try:
+            # 1. پیدا کردن admin_id از دیتابیس مرزبان
+            marzban_user = MarzbanUser.objects.using('marzban_db').get(username=username)
+            admin_id = marzban_user.admin_id
+
+            if not admin_id:
+                logger.warning(f"User {username} has no associated admin in Marzban DB.")
+                return None
+
+            # 2. پیدا کردن اطلاعات ادمین از دیتابیس مرزبان
+            try:
+                admin_obj = MarzbanAdmin.objects.using('marzban_db').get(id=admin_id)
+            except MarzbanAdmin.DoesNotExist:
+                logger.error(f"Admin with ID {admin_id} not found in Marzban DB.")
+                return None
+            
+            admin_username = admin_obj.username
+            admin_password = admin_obj.password
+
+            # 3. لاگین به API مرزبان با مشخصات ادمین و تایید وجود کاربر
+            async def authenticate_with_marzban():
+                # در این مرحله، آدرس پنل باید از یک مکان مشخص (مثلاً مدل Panel) خوانده شود.
+                # برای سادگی، فعلا یک آدرس پیش‌فرض در نظر می‌گیریم.
+                panel_address = 'http://your_marzban_panel_address.com'
+
+                try:
+                    async with Marzban(admin_username, admin_password, panel_address) as marzban_client:
+                        await marzban_client.login_admin()
+                        await marzban_client.get_user_info(username)
+                        
+                        # 4. ایجاد یا دریافت کاربر در دیتابیس لوکال و اختصاص نقش
+                        user, created = CustomUser.objects.get_or_create(username=username)
+                        if created:
+                            user_role, _ = Role.objects.get_or_create(name=Role.USER)
+                            user.role = user_role
+                            user.save()
+                        return user
+
+                except AuthenticationError as e:
+                    logger.error(f"Marzban API authentication failed for admin {admin_username}: {e}")
+                    return None
+                except MarzbanAPIError as e:
+                    logger.error(f"User {username} not found in Marzban via admin {admin_username}: {e}")
+                    return None
+                except Exception as e:
+                    logger.error(f"An unknown error occurred during Marzban API authentication: {e}")
+                    return None
+
+            authenticated_user = asyncio.run(authenticate_with_marzban())
+            if authenticated_user:
+                return authenticated_user
+
+        except MarzbanUser.DoesNotExist:
+            logger.warning(f"User {username} not found in Marzban database.")
+            return None
+        except Exception as e:
+            logger.error(f"An unknown error occurred: {e}")
+            return None
+
+    def get_user(self, user_id):
+        try:
+            return CustomUser.objects.get(pk=user_id)
+        except CustomUser.DoesNotExist:
+            return None
+
diff --git a/management/forms.py b/management/forms.py
new file mode 100644
index 0000000000000000000000000000000000000000..f97c0d9b487d5d9ef9a7a033ac7afa3a2eb13853
--- /dev/null
+++ b/management/forms.py
@@ -0,0 +1,13 @@
+# management/forms.py
+# -*- coding: utf-8 -*-
+from django import forms
+from .models import DiscountCode
+
+class UserLoginForm(forms.Form):
+    username = forms.CharField(max_length=150, label="نام کاربری")
+
+class DiscountCodeForm(forms.ModelForm):
+    class Meta:
+        model = DiscountCode
+        fields = ['code', 'discount_type', 'value', 'expiration_date', 'is_active', 'min_new_subscriptions', 'max_uses', 'max_uses_per_user']
+
diff --git a/management/manage.py b/management/manage.py
new file mode 100644
index 0000000000000000000000000000000000000000..24f05e825a5ccb2f17388273d07a0a36d9931d3d
--- /dev/null
+++ b/management/manage.py
@@ -0,0 +1,20 @@
+#!/usr/bin/env python
+"""Django's command-line utility for administrative tasks."""
+import os
+import sys
+
+def main():
+    """Run administrative tasks."""
+    os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'my_panel_project.settings')
+    try:
+        from django.core.management import execute_from_command_line
+    except ImportError as exc:
+        raise ImportError(
+            "Couldn't import Django. Are you sure it's installed and "
+            "available on your PYTHONPATH environment variable? Did you "
+            "forget to activate a virtual environment?"
+        ) from exc
+    execute_from_command_line(sys.argv)
+
+if __name__ == '__main__':
+    main()
diff --git a/management/management/commands/backup_all_databases.py b/management/management/commands/backup_all_databases.py
new file mode 100644
index 0000000000000000000000000000000000000000..880c0d4236a95a4940d4b197bc812251f53393b3
--- /dev/null
+++ b/management/management/commands/backup_all_databases.py
@@ -0,0 +1,100 @@
+# management/commands/backup_all_databases.py
+# -*- coding: utf-8 -*-
+import os
+import datetime
+import subprocess
+from django.conf import settings
+from django.core.management.base import BaseCommand, CommandError
+from django.db import connections
+from management.models import Panel
+from management.tasks import send_backup_to_telegram
+
+class Command(BaseCommand):
+    help = 'Backs up all configured databases (Django and all Marzban panels) and sends them to Telegram.'
+
+    def handle(self, *args, **options):
+        # Define the backup directory
+        backup_dir = os.path.join(settings.BASE_DIR, 'backups')
+        os.makedirs(backup_dir, exist_ok=True)
+        
+        # Create a timestamped directory for the current backup
+        timestamp = datetime.datetime.now().strftime('%Y-%m-%d_%H-%M-%S')
+        current_backup_dir = os.path.join(backup_dir, timestamp)
+        os.makedirs(current_backup_dir)
+
+        # Get database configurations to backup
+        db_configs = {
+            'default': connections['default']
+        }
+        
+        # Dynamically add all Marzban panels to the backup list
+        try:
+            for panel in Panel.objects.all():
+                db_key = f"marzban_panel_{panel.id}"
+                db_configs[db_key] = {
+                    'ENGINE': panel.db_engine,
+                    'NAME': panel.db_name,
+                    'USER': panel.db_user,
+                    'PASSWORD': panel.db_password,
+                    'HOST': panel.db_host,
+                    'PORT': panel.db_port,
+                    'TELEGRAM_BOT_TOKEN': panel.telegram_bot_token,
+                    'MARZBAN_PANEL_DOMAIN': panel.domain
+                }
+        except Exception as e:
+            self.stdout.write(self.style.ERROR(
+                f"Failed to retrieve Marzban panel information. Error: {e}"
+            ))
+            return
+
+        for db_key, db_config in db_configs.items():
+            if 'mysql' not in db_config.get('ENGINE', ''):
+                self.stdout.write(self.style.WARNING(
+                    f"Skipping database '{db_key}' as it is not a MySQL database."
+                ))
+                continue
+
+            output_file = os.path.join(current_backup_dir, f"{db_key}_{timestamp}.sql")
+            
+            mysqldump_cmd = [
+                'mysqldump',
+                f'--host={db_config.get("HOST", "localhost")}',
+                f'--port={db_config.get("PORT", 3306)}',
+                f'--user={db_config.get("USER", "")}',
+                f'--password={db_config.get("PASSWORD", "")}',
+                db_config['NAME'],
+                '--result-file', output_file
+            ]
+
+            try:
+                self.stdout.write(f"Backing up database '{db_key}' to {output_file}...")
+                subprocess.run(mysqldump_cmd, check=True, text=True)
+                self.stdout.write(self.style.SUCCESS(
+                    f"Successfully backed up database '{db_key}'."
+                ))
+
+                # If it's a Marzban panel, send it to Telegram
+                if 'marzban' in db_key:
+                    bot_token = db_config.get('TELEGRAM_BOT_TOKEN')
+                    if bot_token and settings.TELEGRAM_ADMIN_CHAT_ID:
+                        message = f"✅ Backup of Marzban panel at {db_config.get('MARZBAN_PANEL_DOMAIN', 'N/A')} is ready."
+                        send_backup_to_telegram.delay(
+                            settings.TELEGRAM_ADMIN_CHAT_ID, 
+                            message, 
+                            output_file, 
+                            bot_token
+                        )
+                        self.stdout.write(self.style.SUCCESS(
+                            f"Scheduled sending backup for '{db_key}' to Telegram."
+                        ))
+            except FileNotFoundError:
+                raise CommandError(
+                    "mysqldump command not found. Please ensure it is installed and in your system's PATH."
+                )
+            except subprocess.CalledProcessError as e:
+                raise CommandError(
+                    f"Failed to backup database '{db_key}'. Error: {e.stderr}"
+                )
+        
+        self.stdout.write(self.style.SUCCESS('All databases backed up successfully.'))
+
diff --git a/management/management/commands/check_payments.py b/management/management/commands/check_payments.py
new file mode 100644
index 0000000000000000000000000000000000000000..2c646a3db2e2c7df3efe0533d79dd15c7a4f0db9
--- /dev/null
+++ b/management/management/commands/check_payments.py
@@ -0,0 +1,42 @@
+from django.core.management.base import BaseCommand
+from django.utils import timezone
+from datetime import timedelta
+from management.models import Payment, Subscription
+
+class Command(BaseCommand):
+    help = 'Checks for pending payments older than 48 hours and deactivates subscriptions.'
+
+    def handle(self, *args, **options):
+        # زمان فعلی منهای 48 ساعت
+        forty_eight_hours_ago = timezone.now() - timedelta(hours=48)
+        
+        # پیدا کردن پرداخت‌های در انتظار که بیش از 48 ساعت ازشون گذشته
+        overdue_payments = Payment.objects.filter(
+            status='pending',
+            created_at__lt=forty_eight_hours_ago
+        )
+        
+        if not overdue_payments:
+            self.stdout.write(self.style.SUCCESS('No overdue pending payments found.'))
+            return
+            
+        self.stdout.write(self.style.WARNING(f'Found {overdue_payments.count()} overdue payments.'))
+        
+        # غیرفعال کردن اشتراک‌های مربوطه
+        for payment in overdue_payments:
+            try:
+                subscription = payment.subscription
+                if subscription and subscription.status == 'active':
+                    subscription.status = 'inactive'
+                    subscription.save()
+                    payment.status = 'expired'
+                    payment.save()
+                    self.stdout.write(self.style.SUCCESS(
+                        f'Successfully deactivated subscription for user: {subscription.user.username}'
+                    ))
+            except Subscription.DoesNotExist:
+                self.stdout.write(self.style.ERROR(
+                    f'Subscription not found for payment ID: {payment.id}'
+                ))
+
+        self.stdout.write(self.style.SUCCESS('Finished checking payments.'))
diff --git a/management/management/commands/restore_all_databases.py b/management/management/commands/restore_all_databases.py
new file mode 100644
index 0000000000000000000000000000000000000000..6813a111be9656c4cf96ddcad7cdd3512f46aed9
--- /dev/null
+++ b/management/management/commands/restore_all_databases.py
@@ -0,0 +1,100 @@
+# management/commands/restore_all_databases.py
+# -*- coding: utf-8 -*-
+import os
+import subprocess
+from django.conf import settings
+from django.core.management.base import BaseCommand, CommandError
+from django.db import connections
+from management.models import Panel
+
+class Command(BaseCommand):
+    help = 'Restores all databases from a specified timestamped backup directory.'
+
+    def add_arguments(self, parser):
+        parser.add_argument(
+            'timestamp',
+            type=str,
+            help='The timestamp of the backup directory to restore (e.g., 2023-10-27_10-30-00).',
+        )
+
+    def handle(self, *args, **options):
+        timestamp = options['timestamp']
+        backup_dir = os.path.join(settings.BASE_DIR, 'backups', timestamp)
+
+        if not os.path.isdir(backup_dir):
+            raise CommandError(f"Backup directory '{backup_dir}' not found.")
+
+        self.stdout.write(self.style.WARNING(
+            f"WARNING: This will overwrite your current databases with data from '{timestamp}'. "
+            f"Proceed with caution. Type 'yes' to continue."
+        ))
+        confirm = input("> ")
+        if confirm.lower() != 'yes':
+            self.stdout.write("Restore operation cancelled.")
+            return
+
+        # Get database configurations to restore
+        db_configs = {
+            'default': connections['default']
+        }
+        
+        try:
+            for panel in Panel.objects.all():
+                db_key = f"marzban_panel_{panel.id}"
+                db_configs[db_key] = {
+                    'ENGINE': panel.db_engine,
+                    'NAME': panel.db_name,
+                    'USER': panel.db_user,
+                    'PASSWORD': panel.db_password,
+                    'HOST': panel.db_host,
+                    'PORT': panel.db_port,
+                }
+        except Exception as e:
+            self.stdout.write(self.style.ERROR(
+                f"Failed to retrieve Marzban panel information. Error: {e}"
+            ))
+            return
+
+
+        for db_key, db_config in db_configs.items():
+            if 'mysql' not in db_config.get('ENGINE', ''):
+                self.stdout.write(self.style.WARNING(
+                    f"Skipping restore for database '{db_key}' as it is not a MySQL database."
+                ))
+                continue
+
+            sql_file = os.path.join(backup_dir, f"{db_key}_{timestamp}.sql")
+            
+            if not os.path.isfile(sql_file):
+                self.stdout.write(self.style.WARNING(
+                    f"Skipping restore for database '{db_key}': backup file not found at {sql_file}."
+                ))
+                continue
+            
+            mysql_cmd = [
+                'mysql',
+                f'--host={db_config.get("HOST", "localhost")}',
+                f'--port={db_config.get("PORT", 3306)}',
+                f'--user={db_config.get("USER", "")}',
+                f'--password={db_config.get("PASSWORD", "")}',
+                db_config['NAME']
+            ]
+
+            try:
+                self.stdout.write(f"Restoring database '{db_key}' from {sql_file}...")
+                with open(sql_file, 'r') as f:
+                    subprocess.run(mysql_cmd, stdin=f, check=True, text=True)
+                self.stdout.write(self.style.SUCCESS(
+                    f"Successfully restored database '{db_key}'."
+                ))
+            except FileNotFoundError:
+                raise CommandError(
+                    "mysql command not found. Please ensure it is installed and in your system's PATH."
+                )
+            except subprocess.CalledProcessError as e:
+                raise CommandError(
+                    f"Failed to restore database '{db_key}'. Error: {e.stderr}"
+                )
+        
+        self.stdout.write(self.style.SUCCESS('All databases restored successfully.'))
+
diff --git a/management/management/commands/schedule_reminders.py b/management/management/commands/schedule_reminders.py
new file mode 100644
index 0000000000000000000000000000000000000000..b3a5efa7bf9e66af71cf66299d81162d7f455ef1
--- /dev/null
+++ b/management/management/commands/schedule_reminders.py
@@ -0,0 +1,203 @@
+# management/management/commands/schedule_reminders.py
+
+# -*- coding: utf-8 -*-
+
+import os
+
+import uuid
+
+import datetime
+
+from django.core.management.base import BaseCommand
+
+from django.conf import settings
+
+from django.db import connections
+
+from management.models import Panel
+
+from management.tasks import send_telegram_notification
+
+
+
+# Dynamically import the unmanaged models
+
+# This will be used to access the Marzban database tables
+
+try:
+
+    from management.models import MarzbanUser, TelegramUser
+
+except ImportError:
+
+    # Handle the case where the models might not be fully defined yet
+
+    pass
+
+
+
+class Command(BaseCommand):
+
+    help = 'Schedules renewal and usage reminders for Marzban users.'
+
+
+
+    def handle(self, *args, **options):
+
+        # Retrieve the bot token from the environment variables or settings
+
+        # IMPORTANT: You need to define this in your settings or as an environment variable
+
+        telegram_bot_token = os.environ.get('TELEGRAM_BOT_TOKEN', 'YOUR_DEFAULT_BOT_TOKEN_HERE')
+
+
+
+        if not telegram_bot_token:
+
+            self.stdout.write(self.style.ERROR('Telegram bot token is not configured. Aborting.'))
+
+            return
+
+
+
+        self.stdout.write(self.style.SUCCESS('Starting reminder scheduling for all users...'))
+
+
+
+        # Get all panels from the main database
+
+        panels = Panel.objects.all()
+
+
+
+        for panel in panels:
+
+            self.stdout.write(f'Processing panel: {panel.name} (ID: {panel.id})')
+
+            
+
+            # Dynamically set up the database connection for the current panel
+
+            marzban_db_settings = {
+
+                'ENGINE': 'django.db.backends.mysql',
+
+                'NAME': panel.db_name,
+
+                'USER': panel.db_user,
+
+                'PASSWORD': panel.db_password,
+
+                'HOST': panel.db_host,
+
+                'PORT': panel.db_port,
+
+            }
+
+            settings.DATABASES['marzban_db'] = marzban_db_settings
+
+
+
+            try:
+
+                # Use the dynamic connection to query the MarzbanUser and TelegramUser models
+
+                with connections['marzban_db'].cursor() as cursor:
+
+                    # Get all users from the Marzban database
+
+                    users_to_check = MarzbanUser.objects.using('marzban_db').all()
+
+
+
+                    for user in users_to_check:
+
+                        # --- Here is the core logic for reminders ---
+
+                        
+
+                        # Find the Telegram chat_id for this user
+
+                        try:
+
+                            # We assume the TelegramUser model is now linked to the user's ID
+
+                            telegram_user = TelegramUser.objects.using('marzban_db').get(user_id=user.pk)
+
+                            chat_id = telegram_user.chat_id
+
+                        except TelegramUser.DoesNotExist:
+
+                            self.stdout.write(f'  No Telegram chat_id found for user {user.username}. Skipping.')
+
+                            continue
+
+
+
+                        # Check for expiration
+
+                        is_expiring = False
+
+                        if user.expire_date:
+
+                            time_left = user.expire_date - datetime.datetime.now(user.expire_date.tzinfo)
+
+                            if time_left < datetime.timedelta(days=3): # Expiring in less than 3 days
+
+                                is_expiring = True
+
+                                message = (
+
+                                    f"⚠️ سلام {user.username}، سرویس شما در تاریخ {user.expire_date.strftime('%Y-%m-%d')} منقضی می‌شود.\n"
+
+                                    "لطفاً برای تمدید سرویس به پنل کاربری خود مراجعه کنید."
+
+                                )
+
+                                send_telegram_notification.delay(chat_id, message, telegram_bot_token)
+
+                                self.stdout.write(f'  Scheduled expiration reminder for user {user.username}.')
+
+
+
+                        # Check for usage limit (e.g., 80% of total)
+
+                        is_over_usage_limit = False
+
+                        if user.data_limit and user.data_usage:
+
+                            usage_percentage = (user.data_usage / user.data_limit) * 100
+
+                            if usage_percentage >= 80:
+
+                                is_over_usage_limit = True
+
+                                message = (
+
+                                    f"⚠️ سلام {user.username}، حجم باقی‌مانده سرویس شما کم است.\n"
+
+                                    f"میزان مصرف: {usage_percentage:.2f}%\n"
+
+                                    "لطفاً برای خرید حجم جدید به پنل کاربری خود مراجعه کنید."
+
+                                )
+
+                                # Avoid sending duplicate messages if both conditions are met
+
+                                if not is_expiring:
+
+                                    send_telegram_notification.delay(chat_id, message, telegram_bot_token)
+
+                                    self.stdout.write(f'  Scheduled usage reminder for user {user.username}.')
+
+                                
+
+            except Exception as e:
+
+                self.stdout.write(self.style.ERROR(f'An error occurred while processing panel {panel.name}: {e}'))
+
+
+
+        self.stdout.write(self.style.SUCCESS('Reminder scheduling finished.'))
+
+
diff --git a/management/marzban_client.py b/management/marzban_client.py
new file mode 100644
index 0000000000000000000000000000000000000000..7c87b67183fe36a1bebc06e970d3521b03a59313
--- /dev/null
+++ b/management/marzban_client.py
@@ -0,0 +1,79 @@
+import aiohttp
+import json
+import asyncio
+
+# --- کد از فایل send_requests.py ---
+async def send_request(endpoint, token, method, data=None):
+    panel_address = token["panel_address"]
+    token_type = token["token_type"]
+    access_token = token["access_token"]
+    request_address = f"{panel_address}/api/{endpoint}"
+    headers = {
+        "Content-Type": "application/json",
+        "Authorization": f"{token_type} {access_token}",
+    }
+    async with aiohttp.request(
+        method=method,
+        url=request_address,
+        headers=headers,
+        data=json.dumps(data) if data else None,
+        raise_for_status=True
+    ) as response:
+        result = await response.json()
+        return result
+
+# --- کد از فایل user.py ---
+class User:
+    def __init__(self, username, **kwargs):
+        self.username = username
+        self.proxies = kwargs.get('proxies', {})
+        self.inbounds = kwargs.get('inbounds', {})
+        self.data_limit = kwargs.get('data_limit', 0)
+        self.data_limit_reset_strategy = kwargs.get('data_limit_reset_strategy', "no_reset")
+        self.status = kwargs.get('status', "")
+        self.expire = kwargs.get('expire', 0)
+        self.used_traffic = kwargs.get('used_traffic', 0)
+        self.lifetime_used_traffic = kwargs.get('lifetime_used_traffic', 0)
+        self.created_at = kwargs.get('created_at', "")
+        self.links = kwargs.get('links', [])
+        self.subscription_url = kwargs.get('subscription_url', "")
+        self.excluded_inbounds = kwargs.get('excluded_inbounds', {})
+        self.full_name = kwargs.get('full_name', "")
+class UserMethods:
+    async def get_all_users(self, token: dict, username=None, status=None):
+        endpoint = "users"
+        if username:
+            endpoint += f"?username={username}"
+        if status:
+            if "?" in endpoint:
+                endpoint += f"&status={status}"
+            else:
+                endpoint += f"?status={status}"
+        request = await send_request(endpoint, token, "get")
+        user_list = [User(**user) for user in request["users"]]
+        return user_list
+
+# --- کد از فایل admin.py ---
+class Admin:
+    def __init__(self, username: str, password: str, panel_address: str):
+        self.username = username
+        self.password = password
+        self.panel_address = panel_address
+
+    async def get_token(self):
+        try:
+            async with aiohttp.request(
+                "post",
+                url=f"{self.panel_address}/api/admin/token",
+                data={"username": self.username, "password": self.password},
+                raise_for_status=True
+            ) as response:
+                result = await response.json()
+                result["panel_address"] = self.panel_address
+                return result
+        except aiohttp.exceptions.RequestException as ex:
+            print(f"Request Exception: {ex}")
+            return None
+        except json.JSONDecodeError as ex:
+            print(f"JSON Decode Error: {ex}")
+            return None
diff --git a/management/migrations/0001_initial.py b/management/migrations/0001_initial.py
new file mode 100644
index 0000000000000000000000000000000000000000..ee180a2ec9fbf6f241c7a170d0308961e6f1f5fe
--- /dev/null
+++ b/management/migrations/0001_initial.py
@@ -0,0 +1,241 @@
+# Generated by Django 5.2.5 on 2025-08-15 09:56
+
+import django.contrib.auth.models
+import django.contrib.auth.validators
+import django.db.models.deletion
+import django.utils.timezone
+import uuid
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+        ('auth', '0012_alter_user_first_name_max_length'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='SecurityToken',
+            fields=[
+                ('admin_id', models.CharField(max_length=255, primary_key=True, serialize=False)),
+                ('token', models.CharField(default=uuid.uuid4, max_length=255, unique=True)),
+                ('expiration_date', models.DateTimeField()),
+            ],
+            options={
+                'db_table': 'telegram_tokens',
+                'managed': False,
+            },
+        ),
+        migrations.CreateModel(
+            name='TelegramUser',
+            fields=[
+                ('admin_id', models.CharField(max_length=255, primary_key=True, serialize=False, unique=True)),
+                ('chat_id', models.CharField(max_length=255, unique=True)),
+                ('username', models.CharField(max_length=255)),
+            ],
+            options={
+                'db_table': 'telegram_users',
+                'managed': False,
+            },
+        ),
+        migrations.CreateModel(
+            name='MarzbanUser',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('username', models.CharField(max_length=255, unique=True)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='PaymentMethod',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('name', models.CharField(choices=[('gateway', 'Bank Gateway'), ('crypto', 'Cryptocurrency'), ('manual', 'Manual (Card-to-Card)')], max_length=50, unique=True, verbose_name='Payment Method Name')),
+                ('is_active', models.BooleanField(default=True, verbose_name='Is Active?')),
+                ('can_be_managed_by_level3', models.BooleanField(default=False, verbose_name='Can be managed by Admin Level 3?')),
+            ],
+            options={
+                'verbose_name': 'Payment Method',
+                'verbose_name_plural': 'Payment Methods',
+            },
+        ),
+        migrations.CreateModel(
+            name='CustomUser',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('password', models.CharField(max_length=128, verbose_name='password')),
+                ('last_login', models.DateTimeField(blank=True, null=True, verbose_name='last login')),
+                ('is_superuser', models.BooleanField(default=False, help_text='Designates that this user has all permissions without explicitly assigning them.', verbose_name='superuser status')),
+                ('username', models.CharField(error_messages={'unique': 'A user with that username already exists.'}, help_text='Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.', max_length=150, unique=True, validators=[django.contrib.auth.validators.UnicodeUsernameValidator()], verbose_name='username')),
+                ('first_name', models.CharField(blank=True, max_length=150, verbose_name='first name')),
+                ('last_name', models.CharField(blank=True, max_length=150, verbose_name='last name')),
+                ('email', models.EmailField(blank=True, max_length=254, verbose_name='email address')),
+                ('is_staff', models.BooleanField(default=False, help_text='Designates whether the user can log into this admin site.', verbose_name='staff status')),
+                ('is_active', models.BooleanField(default=True, help_text='Designates whether this user should be treated as active. Unselect this instead of deleting accounts.', verbose_name='active')),
+                ('date_joined', models.DateTimeField(default=django.utils.timezone.now, verbose_name='date joined')),
+                ('role', models.CharField(choices=[('SuperAdmin', 'Super Admin'), ('PanelOwner', 'Panel Owner'), ('AdminLevel2', 'Admin Level 2'), ('AdminLevel3', 'Admin Level 3'), ('EndUser', 'End User')], default='EndUser', max_length=20)),
+                ('marzban_admin_id', models.UUIDField(blank=True, null=True)),
+                ('groups', models.ManyToManyField(blank=True, help_text='The groups this user belongs to. A user will get all permissions granted to each of their groups.', related_name='user_set', related_query_name='user', to='auth.group', verbose_name='groups')),
+                ('user_permissions', models.ManyToManyField(blank=True, help_text='Specific permissions for this user.', related_name='user_set', related_query_name='user', to='auth.permission', verbose_name='user permissions')),
+            ],
+            options={
+                'verbose_name': 'user',
+                'verbose_name_plural': 'users',
+                'abstract': False,
+            },
+            managers=[
+                ('objects', django.contrib.auth.models.UserManager()),
+            ],
+        ),
+        migrations.CreateModel(
+            name='AdminLevel2',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('telegram_chat_id', models.CharField(blank=True, max_length=255, null=True, verbose_name='تلگرام چت آیدی')),
+                ('license_expiry_date', models.DateField(blank=True, null=True, verbose_name='تاریخ انقضای لایسنس')),
+                ('user', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, related_name='admin_level_2', to=settings.AUTH_USER_MODEL)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='AdminLevel3',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('telegram_chat_id', models.CharField(blank=True, max_length=255, null=True, verbose_name='تلگرام چت آیدی')),
+                ('parent_admin', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='child_admins', to='management.adminlevel2', verbose_name='ادمین والد (سطح ۲)')),
+                ('user', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, related_name='admin_level_3', to=settings.AUTH_USER_MODEL)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='DiscountCode',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('code', models.CharField(max_length=50, unique=True)),
+                ('discount_percentage', models.DecimalField(decimal_places=2, max_digits=5)),
+                ('is_active', models.BooleanField(default=True)),
+                ('admin', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='License',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('key', models.UUIDField(default=uuid.uuid4, editable=False, unique=True, verbose_name='کلید لایسنس')),
+                ('is_active', models.BooleanField(default=True, verbose_name='وضعیت فعال')),
+                ('created_at', models.DateTimeField(auto_now_add=True, verbose_name='تاریخ ایجاد')),
+                ('expiry_date', models.DateField(verbose_name='تاریخ انقضا')),
+                ('owner', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL, verbose_name='صاحب لایسنس')),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Panel',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('name', models.CharField(max_length=255, verbose_name='نام پنل')),
+                ('marzban_host', models.CharField(max_length=255, verbose_name='آدرس هاست Marzban')),
+                ('marzban_username', models.CharField(max_length=255, verbose_name='نام کاربری Marzban')),
+                ('marzban_password', models.CharField(max_length=255, verbose_name='رمز عبور Marzban')),
+                ('telegram_bot_token', models.CharField(blank=True, max_length=255, null=True)),
+                ('license', models.OneToOneField(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='linked_panel', to='management.license')),
+                ('owner', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, related_name='owned_panel', to=settings.AUTH_USER_MODEL)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='MarzbanAdmin',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('username', models.CharField(max_length=255, unique=True)),
+                ('password', models.CharField(max_length=255)),
+                ('permission', models.CharField(max_length=50)),
+                ('panel', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='marzban_admins', to='management.panel')),
+            ],
+        ),
+        migrations.CreateModel(
+            name='EndUser',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('username', models.CharField(max_length=255, unique=True)),
+                ('marzban_user_id', models.CharField(blank=True, max_length=255, null=True, unique=True)),
+                ('telegram_chat_id', models.CharField(blank=True, max_length=255, null=True)),
+                ('panel', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='management.panel')),
+            ],
+        ),
+        migrations.CreateModel(
+            name='PaymentDetail',
+            fields=[
+                ('id', models.UUIDField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False)),
+                ('card_number', models.CharField(blank=True, max_length=50, null=True)),
+                ('card_holder_name', models.CharField(blank=True, max_length=255, null=True)),
+                ('wallet_address', models.CharField(blank=True, max_length=255, null=True)),
+                ('admin_level_3', models.OneToOneField(limit_choices_to={'role': 'AdminLevel3'}, on_delete=django.db.models.deletion.CASCADE, related_name='payment_details', to=settings.AUTH_USER_MODEL)),
+            ],
+            options={
+                'verbose_name': 'Payment Detail',
+                'verbose_name_plural': 'Payment Details',
+            },
+        ),
+        migrations.CreateModel(
+            name='Plan',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('name', models.CharField(max_length=100)),
+                ('price', models.DecimalField(decimal_places=2, max_digits=10)),
+                ('duration_days', models.IntegerField()),
+                ('data_limit_gb', models.FloatField()),
+                ('is_active', models.BooleanField(default=True)),
+                ('panel', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='plans', to='management.panel')),
+            ],
+        ),
+        migrations.CreateModel(
+            name='PushSubscription',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('subscription_info', models.JSONField()),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='push_subscriptions', to=settings.AUTH_USER_MODEL)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Subscription',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('status', models.CharField(choices=[('active', 'فعال'), ('expired', 'منقضی شده'), ('pending', 'در انتظار پرداخت'), ('deactivated', 'غیرفعال')], default='pending', max_length=20)),
+                ('start_date', models.DateField(blank=True, null=True)),
+                ('end_date', models.DateField(blank=True, null=True)),
+                ('remaining_data_gb', models.FloatField(blank=True, null=True)),
+                ('end_user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='subscriptions', to='management.enduser')),
+                ('panel', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='subscriptions', to='management.panel')),
+                ('plan', models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, to='management.plan')),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Payment',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('amount', models.DecimalField(decimal_places=2, max_digits=10, verbose_name='مبلغ')),
+                ('status', models.CharField(choices=[('pending', 'در انتظار تأیید'), ('approved', 'تأیید شده'), ('rejected', 'رد شده')], default='pending', max_length=20, verbose_name='وضعیت')),
+                ('created_at', models.DateTimeField(auto_now_add=True, verbose_name='تاریخ ایجاد')),
+                ('payment_token', models.UUIDField(default=uuid.uuid4, editable=False, unique=True)),
+                ('receipt_image', models.ImageField(blank=True, null=True, upload_to='receipts/', verbose_name='تصویر رسید')),
+                ('receipt_text', models.TextField(blank=True, null=True, verbose_name='متن رسید')),
+                ('admin', models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='handled_payments', to=settings.AUTH_USER_MODEL)),
+                ('subscription', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='payments', to='management.subscription')),
+            ],
+        ),
+        migrations.CreateModel(
+            name='PaymentSetting',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('is_active', models.BooleanField(default=False, verbose_name='Is Active for this Admin?')),
+                ('admin_level_3', models.ForeignKey(limit_choices_to={'role': 'AdminLevel3'}, on_delete=django.db.models.deletion.CASCADE, related_name='payment_settings', to=settings.AUTH_USER_MODEL)),
+                ('payment_method', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='management.paymentmethod')),
+            ],
+            options={
+                'verbose_name': 'Payment Setting',
+                'verbose_name_plural': 'Payment Settings',
+                'unique_together': {('admin_level_3', 'payment_method')},
+            },
+        ),
+    ]
diff --git a/management/migrations/__init__.py b/management/migrations/__init__.py
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/management/migrations/__pycache__/0001_initial.cpython-312.pyc b/management/migrations/__pycache__/0001_initial.cpython-312.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..14b95d646d38beab232dc026bc71fbe60ea371d0
Binary files /dev/null and b/management/migrations/__pycache__/0001_initial.cpython-312.pyc differ
diff --git a/management/migrations/__pycache__/0002_remove_user_admin_remove_payment_user_and_more.cpython-312.pyc b/management/migrations/__pycache__/0002_remove_user_admin_remove_payment_user_and_more.cpython-312.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..092169e77bda7d21cb1bbe51e6503d5fd82425bd
Binary files /dev/null and b/management/migrations/__pycache__/0002_remove_user_admin_remove_payment_user_and_more.cpython-312.pyc differ
diff --git a/management/migrations/__pycache__/0003_notification_remove_payment_user_config_and_more.cpython-312.pyc b/management/migrations/__pycache__/0003_notification_remove_payment_user_config_and_more.cpython-312.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..e749dfc8d049459e72c37a74eec7b4d20a1b6e2e
Binary files /dev/null and b/management/migrations/__pycache__/0003_notification_remove_payment_user_config_and_more.cpython-312.pyc differ
diff --git a/management/migrations/__pycache__/__init__.cpython-312.pyc b/management/migrations/__pycache__/__init__.cpython-312.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..e9816f18de42e3d192d241af84dbc00defcec041
Binary files /dev/null and b/management/migrations/__pycache__/__init__.cpython-312.pyc differ
diff --git a/management/models.py b/management/models.py
new file mode 100644
index 0000000000000000000000000000000000000000..f3e84b69b3fc9bf014d3afb33d70de8fbed4d482
--- /dev/null
+++ b/management/models.py
@@ -0,0 +1,261 @@
+# management/models.py
+# -*- coding: utf-8 -*-
+from django.db import models
+from django.contrib.auth.models import AbstractUser
+from django.utils import timezone
+import uuid
+import datetime
+
+# --- Users & Authentication ---
+class CustomUser(AbstractUser):
+    ROLE_CHOICES = [
+        ('SuperAdmin', 'Super Admin'),
+        ('PanelOwner', 'Panel Owner'),
+        ('AdminLevel2', 'Admin Level 2'),
+        ('AdminLevel3', 'Admin Level 3'),
+        ('EndUser', 'End User'),
+    ]
+    role = models.CharField(max_length=20, choices=ROLE_CHOICES, default='EndUser')
+    marzban_admin_id = models.UUIDField(null=True, blank=True)
+
+    def is_super_admin(self):
+        return self.role == 'SuperAdmin'
+
+    def is_admin_level_2(self):
+        return self.role in ('SuperAdmin', 'PanelOwner', 'AdminLevel2')
+
+    def is_admin_level_3(self):
+        return self.role in ('SuperAdmin', 'PanelOwner', 'AdminLevel2', 'AdminLevel3')
+
+    def __str__(self):
+        return self.username
+
+# --- Main Website Models ---
+class AdminLevel2(models.Model):
+    user = models.OneToOneField(
+        CustomUser, on_delete=models.CASCADE, related_name='admin_level_2'
+    )
+    telegram_chat_id = models.CharField(
+        max_length=255, blank=True, null=True,
+        verbose_name="تلگرام چت آیدی"
+    )
+    license_expiry_date = models.DateField(
+        null=True, blank=True, verbose_name="تاریخ انقضای لایسنس"
+    )
+    def __str__(self):
+        return f"Admin Level 2: {self.user.username}"
+
+
+class AdminLevel3(models.Model):
+    user = models.OneToOneField(
+        CustomUser, on_delete=models.CASCADE, related_name='admin_level_3'
+    )
+    parent_admin = models.ForeignKey(
+        AdminLevel2,
+        on_delete=models.CASCADE,
+        related_name='child_admins',
+        verbose_name="ادمین والد (سطح ۲)"
+    )
+    telegram_chat_id = models.CharField(
+        max_length=255, blank=True, null=True,
+        verbose_name="تلگرام چت آیدی"
+    )
+    def __str__(self):
+        return f"Admin Level 3: {self.user.username}"
+
+class Panel(models.Model):
+    owner = models.OneToOneField(CustomUser, on_delete=models.CASCADE, related_name='owned_panel')
+    name = models.CharField(max_length=255, verbose_name="نام پنل")
+    marzban_host = models.CharField(max_length=255, verbose_name="آدرس هاست Marzban")
+    marzban_username = models.CharField(max_length=255, verbose_name="نام کاربری Marzban")
+    marzban_password = models.CharField(max_length=255, verbose_name="رمز عبور Marzban")
+    telegram_bot_token = models.CharField(max_length=255, blank=True, null=True)
+    # ADDED: Link to the license
+    license = models.OneToOneField('License', on_delete=models.SET_NULL, null=True, blank=True, related_name='linked_panel')
+    
+    def __str__(self):
+        return self.name
+
+class License(models.Model):
+    key = models.UUIDField(default=uuid.uuid4, editable=False, unique=True, verbose_name="کلید لایسنس")
+    is_active = models.BooleanField(default=True, verbose_name="وضعیت فعال")
+    owner = models.ForeignKey(CustomUser, on_delete=models.CASCADE, verbose_name="صاحب لایسنس")
+    created_at = models.DateTimeField(auto_now_add=True, verbose_name="تاریخ ایجاد")
+    expiry_date = models.DateField(verbose_name="تاریخ انقضا")
+
+    def __str__(self):
+        return str(self.key)
+
+# ADDED: MarzbanAdmin model (was missing)
+class MarzbanAdmin(models.Model):
+    username = models.CharField(max_length=255, unique=True)
+    password = models.CharField(max_length=255)
+    permission = models.CharField(max_length=50)
+    panel = models.ForeignKey(Panel, on_delete=models.CASCADE, related_name='marzban_admins')
+
+    def __str__(self):
+        return self.username
+
+# ADDED: MarzbanUser model (was missing)
+class MarzbanUser(models.Model):
+    username = models.CharField(max_length=255, unique=True)
+    # Add other fields relevant to Marzban users
+    # ...
+    
+    def __str__(self):
+        return self.username
+
+class EndUser(models.Model):
+    username = models.CharField(max_length=255, unique=True)
+    panel = models.ForeignKey(Panel, on_delete=models.CASCADE)
+    # marzban_user_id can be nullable if the user is created first in our DB
+    marzban_user_id = models.CharField(max_length=255, unique=True, null=True, blank=True)
+    telegram_chat_id = models.CharField(max_length=255, blank=True, null=True)
+
+    def __str__(self):
+        return self.username
+
+# ADDED: Plan model (was missing)
+class Plan(models.Model):
+    name = models.CharField(max_length=100)
+    price = models.DecimalField(max_digits=10, decimal_places=2)
+    duration_days = models.IntegerField()
+    data_limit_gb = models.FloatField()
+    is_active = models.BooleanField(default=True)
+    panel = models.ForeignKey(Panel, on_delete=models.CASCADE, related_name='plans')
+
+    def __str__(self):
+        return f"{self.name} ({self.panel.name})"
+
+# ADDED: Subscription model (was missing)
+class Subscription(models.Model):
+    STATUS_CHOICES = [
+        ('active', 'فعال'),
+        ('expired', 'منقضی شده'),
+        ('pending', 'در انتظار پرداخت'),
+        ('deactivated', 'غیرفعال'),
+    ]
+    end_user = models.ForeignKey(EndUser, on_delete=models.CASCADE, related_name='subscriptions')
+    plan = models.ForeignKey(Plan, on_delete=models.PROTECT) # Don't delete plan if subscription exists
+    panel = models.ForeignKey(Panel, on_delete=models.CASCADE, related_name='subscriptions')
+    status = models.CharField(max_length=20, choices=STATUS_CHOICES, default='pending')
+    start_date = models.DateField(null=True, blank=True)
+    end_date = models.DateField(null=True, blank=True)
+    remaining_data_gb = models.FloatField(null=True, blank=True)
+    
+    def __str__(self):
+        return f"Subscription for {self.end_user.username} on plan {self.plan.name}"
+
+# FIXED: Complete overhaul of the Payment model
+class Payment(models.Model):
+    STATUS_CHOICES = [
+        ('pending', 'در انتظار تأیید'),
+        ('approved', 'تأیید شده'),
+        ('rejected', 'رد شده'),
+    ]
+    subscription = models.ForeignKey(Subscription, on_delete=models.CASCADE, related_name='payments')
+    admin = models.ForeignKey(CustomUser, on_delete=models.PROTECT, related_name='handled_payments') # The admin to approve
+    amount = models.DecimalField(max_digits=10, decimal_places=2, verbose_name="مبلغ")
+    status = models.CharField(max_length=20, choices=STATUS_CHOICES, default='pending', verbose_name="وضعیت")
+    created_at = models.DateTimeField(auto_now_add=True, verbose_name="تاریخ ایجاد")
+    
+    # Fields for receipt upload
+    payment_token = models.UUIDField(default=uuid.uuid4, editable=False, unique=True)
+    receipt_image = models.ImageField(upload_to='receipts/', blank=True, null=True, verbose_name="تصویر رسید")
+    receipt_text = models.TextField(blank=True, null=True, verbose_name="متن رسید")
+
+    def __str__(self):
+        return f"Payment for {self.subscription.end_user.username} - {self.amount} - {self.status}"
+
+
+class DiscountCode(models.Model):
+    code = models.CharField(max_length=50, unique=True)
+    admin = models.ForeignKey(CustomUser, on_delete=models.CASCADE)
+    discount_percentage = models.DecimalField(max_digits=5, decimal_places=2)
+    is_active = models.BooleanField(default=True)
+    def __str__(self):
+        return self.code
+
+# --- Telegram Integration ---
+class TelegramUser(models.Model):
+    admin_id = models.CharField(max_length=255, unique=True, primary_key=True)
+    chat_id = models.CharField(max_length=255, unique=True)
+    username = models.CharField(max_length=255)
+    class Meta:
+        managed = False
+        db_table = 'telegram_users'
+    def __str__(self):
+        return self.username
+
+class SecurityToken(models.Model):
+    admin_id = models.CharField(max_length=255, primary_key=True)
+    token = models.CharField(max_length=255, unique=True, default=uuid.uuid4)
+    expiration_date = models.DateTimeField()
+    class Meta:
+        managed = False
+        db_table = 'telegram_tokens'
+    def __str__(self):
+        return f"Token for {self.admin_id}"
+
+# --- Push Notifications ---
+class PushSubscription(models.Model):
+    user = models.ForeignKey(
+        CustomUser, on_delete=models.CASCADE, related_name='push_subscriptions'
+    )
+    subscription_info = models.JSONField()
+    created_at = models.DateTimeField(auto_now_add=True)
+
+# --- Payment System Models ---
+class PaymentMethod(models.Model):
+    METHOD_CHOICES = [
+        ('gateway', 'Bank Gateway'),
+        ('crypto', 'Cryptocurrency'),
+        ('manual', 'Manual (Card-to-Card)'),
+    ]
+    name = models.CharField(max_length=50, choices=METHOD_CHOICES, unique=True, verbose_name="Payment Method Name")
+    is_active = models.BooleanField(default=True, verbose_name="Is Active?")
+    can_be_managed_by_level3 = models.BooleanField(default=False, verbose_name="Can be managed by Admin Level 3?")
+
+    class Meta:
+        verbose_name = "Payment Method"
+        verbose_name_plural = "Payment Methods"
+
+    def __str__(self):
+        return self.get_name_display()
+
+class PaymentSetting(models.Model):
+    admin_level_3 = models.ForeignKey(
+        CustomUser,
+        on_delete=models.CASCADE,
+        limit_choices_to={'role': 'AdminLevel3'},
+        related_name='payment_settings'
+    )
+    payment_method = models.ForeignKey(PaymentMethod, on_delete=models.CASCADE)
+    is_active = models.BooleanField(default=False, verbose_name="Is Active for this Admin?")
+
+    class Meta:
+        unique_together = ('admin_level_3', 'payment_method')
+        verbose_name = "Payment Setting"
+        verbose_name_plural = "Payment Settings"
+
+    def __str__(self):
+        return f"{self.admin_level_3.username}'s {self.payment_method.get_name_display()} Setting"
+
+class PaymentDetail(models.Model):
+    id = models.UUIDField(primary_key=True, default=uuid.uuid4, editable=False)
+    admin_level_3 = models.OneToOneField(
+        CustomUser,
+        on_delete=models.CASCADE,
+        limit_choices_to={'role': 'AdminLevel3'},
+        related_name='payment_details'
+    )
+    card_number = models.CharField(max_length=50, blank=True, null=True)
+    card_holder_name = models.CharField(max_length=255, blank=True, null=True)
+    wallet_address = models.CharField(max_length=255, blank=True, null=True)
+
+    class Meta:
+        verbose_name = "Payment Detail"
+        verbose_name_plural = "Payment Details"
+
+    def __str__(self):
+        return f"Payment details for {self.admin_level_3.username}"
diff --git a/management/serializers.py b/management/serializers.py
new file mode 100644
index 0000000000000000000000000000000000000000..606d71b4f137787cfe3717ac67cecf0ddea51d38
--- /dev/null
+++ b/management/serializers.py
@@ -0,0 +1,193 @@
+# management/serializers.py
+# -*- coding: utf-8 -*-
+from rest_framework import serializers
+from django.utils import timezone
+import datetime
+from .models import (
+    CustomUser,
+    Panel,
+    License,
+    PushSubscription,
+    MarzbanAdmin,
+    SecurityToken,
+    DiscountCode,
+    Plan,
+    Subscription,
+    Payment,
+    EndUser,
+    PaymentMethod,
+    PaymentSetting,
+    PaymentDetail,
+)
+
+# --- Serializers for Django Rest Framework ---
+
+# ADDED: LicenseSerializer (was missing)
+class LicenseSerializer(serializers.ModelSerializer):
+    """Serializer for the License model."""
+    class Meta:
+        model = License
+        fields = ['key', 'is_active', 'owner', 'created_at', 'expiry_date']
+        read_only_fields = ['key', 'created_at']
+
+class CustomUserSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = CustomUser
+        fields = ['id', 'username', 'role']
+
+class PushSubscriptionSerializer(serializers.Serializer):
+    subscription_info = serializers.JSONField()
+
+class MarzbanAdminSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = MarzbanAdmin
+        fields = ['id', 'username', 'password', 'permission']
+        extra_kwargs = {'password': {'write_only': True}}
+
+class SecurityTokenSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = SecurityToken
+        fields = ['admin_id', 'token', 'expiration_date']
+
+class DiscountCodeSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = DiscountCode
+        fields = ['id', 'code', 'discount_percentage', 'is_active']
+        read_only_fields = ['id', 'admin']
+
+class PanelSerializer(serializers.ModelSerializer):
+    license_key = serializers.CharField(write_only=True, required=True)
+
+    class Meta:
+        model = Panel
+        fields = ['id', 'name', 'marzban_host', 'marzban_username', 'marzban_password', 'telegram_bot_token', 'license_key']
+        read_only_fields = ['id', 'owner']
+
+    def validate_license_key(self, value):
+        owner = self.context['request'].user
+        try:
+            license_obj = License.objects.get(key=value, owner=owner, is_active=True)
+            if hasattr(license_obj, 'linked_panel') and license_obj.linked_panel is not None:
+                raise serializers.ValidationError('This license key has already been used.')
+            return license_obj
+        except License.DoesNotExist:
+            raise serializers.ValidationError('Invalid or inactive license key.')
+
+    def create(self, validated_data):
+        license_obj = validated_data.pop('license_key')
+        panel = Panel.objects.create(
+            owner=self.context['request'].user,
+            license=license_obj,
+            **validated_data
+        )
+        return panel
+
+class PlanSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = Plan
+        fields = ['id', 'name', 'price', 'duration_days', 'data_limit_gb', 'is_active']
+        read_only_fields = ['id']
+
+class SubscriptionSerializer(serializers.ModelSerializer):
+    end_user = serializers.CharField(source='end_user.username', read_only=True)
+    plan = PlanSerializer(read_only=True)
+    
+    class Meta:
+        model = Subscription
+        fields = ['id', 'end_user', 'plan', 'status', 'start_date', 'end_date', 'remaining_data_gb']
+
+class AdminLevel3SubscriptionSerializer(serializers.ModelSerializer):
+    end_user_username = serializers.CharField(write_only=True)
+    plan_id = serializers.IntegerField(write_only=True)
+    end_user = SubscriptionSerializer(source='end_user', read_only=True) # To show user details on response
+    plan = PlanSerializer(read_only=True) # To show plan details on response
+
+    class Meta:
+        model = Subscription
+        fields = ['id', 'end_user_username', 'plan_id', 'status', 'start_date', 'end_date', 'remaining_data_gb', 'end_user', 'plan']
+        read_only_fields = ['id', 'status', 'start_date', 'end_date', 'remaining_data_gb', 'end_user', 'plan']
+
+    def validate(self, data):
+        request_user = self.context['request'].user
+        try:
+            panel = request_user.owned_panel
+        except Panel.DoesNotExist:
+            raise serializers.ValidationError("Admin does not own a panel.")
+
+        try:
+            end_user = EndUser.objects.get(username=data.get('end_user_username'), panel=panel)
+            data['end_user_instance'] = end_user
+        except EndUser.DoesNotExist:
+            raise serializers.ValidationError({"end_user_username": "User not found in your panel."})
+
+        try:
+            plan = Plan.objects.get(id=data.get('plan_id'), is_active=True, panel=panel)
+            data['plan_instance'] = plan
+        except Plan.DoesNotExist:
+            raise serializers.ValidationError({"plan_id": "Plan not found or is not active in your panel."})
+            
+        data['panel_instance'] = panel
+        return data
+
+    def create(self, validated_data):
+        end_user = validated_data.get('end_user_instance')
+        plan = validated_data.get('plan_instance')
+        panel = validated_data.get('panel_instance')
+        
+        start_date = timezone.now().date()
+        end_date = start_date + datetime.timedelta(days=plan.duration_days)
+        
+        subscription = Subscription.objects.create(
+            end_user=end_user,
+            plan=plan,
+            panel=panel,
+            status='active', # Assuming direct creation by admin activates it
+            start_date=start_date,
+            end_date=end_date,
+            remaining_data_gb=plan.data_limit_gb
+        )
+        return subscription
+
+class PurchaseSubscriptionForUserSerializer(serializers.Serializer):
+    end_user_username = serializers.CharField(max_length=150)
+    plan_id = serializers.IntegerField()
+    amount = serializers.DecimalField(max_digits=10, decimal_places=2) 
+    
+    def validate_plan_id(self, value):
+        if not Plan.objects.filter(id=value, is_active=True).exists():
+            raise serializers.ValidationError("Plan not found or is not active.")
+        return value
+
+class ReceiptUploadSerializer(serializers.ModelSerializer):
+    payment_token = serializers.UUIDField(write_only=True)
+
+    class Meta:
+        model = Payment
+        fields = ['receipt_image', 'receipt_text', 'payment_token']
+    
+    def validate(self, data):
+        if not data.get('receipt_image') and not data.get('receipt_text'):
+            raise serializers.ValidationError("Either receipt image or text is required.")
+        return data
+
+# --- Payment System Serializers ---
+
+class PaymentMethodSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = PaymentMethod
+        fields = ['id', 'name', 'is_active', 'can_be_managed_by_level3']
+        read_only_fields = ['id']
+
+class PaymentDetailSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = PaymentDetail
+        fields = ['id', 'card_number', 'card_holder_name', 'wallet_address']
+        read_only_fields = ['id']
+
+class EndUserPaymentDetailSerializer(serializers.Serializer):
+    method_name = serializers.CharField(source='payment_method.get_name_display')
+    method_key = serializers.CharField(source='payment_method.name')
+    is_active = serializers.BooleanField(source='is_active')
+    card_number = serializers.CharField(source='admin_level_3.payment_details.card_number', read_only=True)
+    card_holder_name = serializers.CharField(source='admin_level_3.payment_details.card_holder_name', read_only=True)
+    wallet_address = serializers.CharField(source='admin_level_3.payment_details.wallet_address', read_only=True)
diff --git a/management/static/css/styles.css b/management/static/css/styles.css
new file mode 100644
index 0000000000000000000000000000000000000000..d6e60313377e679b0787a4dd4b983cff334d9cd7
--- /dev/null
+++ b/management/static/css/styles.css
@@ -0,0 +1,22 @@
+/* management/static/css/styles.css */
+@font-face {
+    font-family: 'Vazirmatn';
+    src: url('https://cdn.jsdelivr.net/gh/rastikerdar/vazirmatn@v33.0.3/fonts/web/eot/Vazirmatn-Regular.eot') format('eot'),
+         url('https://cdn.jsdelivr.net/gh/rastikerdar/vazirmatn@v33.0.3/fonts/web/woff2/Vazirmatn-Regular.woff2') format('woff2'),
+         url('https://cdn.jsdelivr.net/gh/rastikerdar/vazirmatn@v33.0.3/fonts/web/woff/Vazirmatn-Regular.woff') format('woff'),
+         url('https://cdn.jsdelivr.net/gh/rastikerdar/vazirmatn@v33.0.3/fonts/web/ttf/Vazirmatn-Regular.ttf') format('truetype');
+    font-weight: normal;
+    font-style: normal;
+    font-display: swap;
+}
+
+body {
+    font-family: 'Vazirmatn', sans-serif;
+}
+
+/* Custom styles for the configs list */
+#configs-list li:hover {
+    background-color: #f1f5f9;
+    transition: background-color 0.2s ease-in-out;
+}
+
diff --git a/management/static/js/main.js b/management/static/js/main.js
new file mode 100644
index 0000000000000000000000000000000000000000..88979c30178bfed1aefa971d5cc92945fef69fc6
--- /dev/null
+++ b/management/static/js/main.js
@@ -0,0 +1,174 @@
+// management/static/js/main.js
+// -*- coding: utf-8 -*-
+
+// VAPID_PUBLIC_KEY will be passed from the Django template.
+// This is a placeholder; it will be filled with the correct value in the HTML file.
+const VAPID_PUBLIC_KEY_PLACEHOLDER = "{{ vapid_public_key }}";
+
+/**
+ * Converts a base64 string to a Uint8Array.
+ * @param {string} base64String
+ * @returns {Uint8Array}
+ */
+function urlBase64ToUint8Array(base64String) {
+    const padding = '='.repeat((4 - base64String.length % 4) % 4);
+    const base64 = (base64String + padding)
+        .replace(/\-/g, '+')
+        .replace(/_/g, '/');
+    const rawData = window.atob(base64);
+    const outputArray = new Uint8Array(rawData.length);
+    for (let i = 0; i < rawData.length; ++i) {
+        outputArray[i] = rawData.charCodeAt(i);
+    }
+    return outputArray;
+}
+
+/**
+ * Registers the service worker for the PWA.
+ * @returns {Promise<ServiceWorkerRegistration|null>}
+ */
+async function registerServiceWorker() {
+    if ('serviceWorker' in navigator) {
+        try {
+            const registration = await navigator.serviceWorker.register('/service-worker.js');
+            console.log('Service worker registered successfully.');
+            return registration;
+        } catch (error) {
+            console.error('Service worker registration failed:', error);
+            return null;
+        }
+    }
+    console.error('Service workers are not supported in this browser.');
+    return null;
+}
+
+/**
+ * Subscribes the user to push notifications.
+ * @param {ServiceWorkerRegistration} registration
+ */
+async function subscribeUserToPush(registration) {
+    if (!('PushManager' in window)) {
+        console.error('Push notifications are not supported.');
+        return;
+    }
+
+    if (!VAPID_PUBLIC_KEY_PLACEHOLDER || VAPID_PUBLIC_KEY_PLACEHOLDER === "YOUR_VAPID_PUBLIC_KEY_HERE") {
+        console.error("VAPID public key not configured.");
+        return;
+    }
+
+    try {
+        const subscription = await registration.pushManager.subscribe({
+            userVisibleOnly: true,
+            applicationServerKey: urlBase64ToUint8Array(VAPID_PUBLIC_KEY_PLACEHOLDER)
+        });
+
+        console.log('User is subscribed to push.');
+        const response = await fetch('/api/push/subscribe/', {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                'X-CSRFToken': document.querySelector('[name=csrfmiddlewaretoken]').value
+            },
+            body: JSON.stringify(subscription)
+        });
+
+        if (!response.ok) {
+            console.error('Failed to save push subscription on server.');
+        }
+
+    } catch (error) {
+        console.error('Push subscription failed:', error);
+    }
+}
+
+/**
+ * Fetches and displays user dashboard data from the API.
+ */
+async function fetchDashboardData() {
+    try {
+        const response = await fetch('/api/dashboard/');
+        if (!response.ok) {
+            throw new Error('Network response was not ok');
+        }
+        const data = await response.json();
+        document.getElementById('username-display').textContent = data.username;
+        document.getElementById('service-status').textContent = data.service_status;
+        document.getElementById('used-traffic').textContent = (data.used_traffic / (1024 ** 3)).toFixed(2) + ' GB';
+        document.getElementById('total-traffic').textContent = (data.total_traffic / (1024 ** 3)).toFixed(2) + ' GB';
+
+        const configsList = document.getElementById('configs-list');
+        configsList.innerHTML = ''; // Clear previous content
+        data.configs.forEach(config => {
+            const listItem = document.createElement('li');
+            listItem.className = 'bg-gray-50 rounded-md p-3 border border-gray-200';
+            listItem.innerHTML = `
+                <div class="font-bold text-gray-800">${config.remark}</div>
+                <div class="text-sm text-gray-500 break-all">${config.link}</div>
+            `;
+            configsList.appendChild(listItem);
+        });
+
+    } catch (error) {
+        console.error('Error fetching dashboard data:', error);
+        document.body.innerHTML = '<p class="text-red-500 text-center">خطا در بارگذاری اطلاعات داشبورد.</p>';
+    }
+}
+
+/**
+ * Handles the generation of the Telegram security token.
+ */
+async function handleTelegramTokenGeneration() {
+    const generateTokenBtn = document.getElementById('generate-token-btn');
+    const tokenDisplayArea = document.getElementById('token-display-area');
+    const telegramTokenCode = document.getElementById('telegram-token');
+
+    if (!generateTokenBtn) return;
+
+    generateTokenBtn.addEventListener('click', async () => {
+        const response = await fetch('/api/telegram/generate-token/', {
+            method: 'POST',
+            headers: {
+                'X-CSRFToken': document.querySelector('[name=csrfmiddlewaretoken]').value
+            }
+        });
+        if (response.ok) {
+            const data = await response.json();
+            telegramTokenCode.textContent = data.token;
+            tokenDisplayArea.classList.remove('hidden');
+        } else {
+            // Using a custom modal or message box instead of alert()
+            console.error('Failed to generate token.');
+            alert('خطا در تولید توکن.');
+        }
+    });
+}
+
+document.addEventListener('DOMContentLoaded', async () => {
+    // Fetch and render dashboard data
+    await fetchDashboardData();
+
+    // PWA and Push Notification logic
+    const registration = await registerServiceWorker();
+    if (registration) {
+        if (Notification.permission === 'granted') {
+            console.log('Push permission already granted.');
+        } else if (Notification.permission === 'denied') {
+            console.log('Push permission denied by user.');
+        } else {
+            // Prompt the user for permission
+            // This is a browser feature, so we don't need a custom modal
+            Notification.requestPermission().then(permission => {
+                if (permission === 'granted') {
+                    subscribeUserToPush(registration);
+                } else {
+                    console.log('User denied push notification permission.');
+                }
+            });
+        }
+    }
+
+    // Telegram token generation
+    handleTelegramTokenGeneration();
+});
+
diff --git a/management/static/js/service-worker.js b/management/static/js/service-worker.js
new file mode 100644
index 0000000000000000000000000000000000000000..db94dcb1fe454efa3e0811447be618db3ba09bc7
--- /dev/null
+++ b/management/static/js/service-worker.js
@@ -0,0 +1,91 @@
+// management/templates/management/service-worker.js
+// -*- coding: utf-8 -*-
+console.log('Service Worker Loaded and Ready.');
+
+// CACHE_NAME را برای مدیریت نسخه‌ها تغییر دهید
+const CACHE_NAME = 'marzban-pwa-cache-v1.0';
+
+// فایل‌هایی که باید در زمان نصب Service Worker کش شوند
+const urlsToCache = [
+    '/',
+    '/dashboard/',
+    '/static/js/main.js',
+    '/static/css/styles.css',
+    '/static/images/icons/icon-192x192.png',
+    '/static/images/icons/icon-512x512.png',
+    '/manifest.json'
+];
+
+self.addEventListener('install', (event) => {
+    console.log('Service Worker: Install event.');
+    // در زمان نصب، فایل‌های اصلی را در حافظه کش ذخیره می‌کنیم
+    event.waitUntil(
+        caches.open(CACHE_NAME)
+            .then((cache) => {
+                console.log('Opened cache');
+                return cache.addAll(urlsToCache);
+            })
+    );
+});
+
+self.addEventListener('activate', (event) => {
+    console.log('Service Worker: Activate event.');
+    // پاک کردن کش‌های قدیمی
+    event.waitUntil(
+        caches.keys().then((cacheNames) => {
+            return Promise.all(
+                cacheNames.map((cacheName) => {
+                    if (cacheName !== CACHE_NAME) {
+                        console.log('Service Worker: Deleting old cache: ', cacheName);
+                        return caches.delete(cacheName);
+                    }
+                })
+            );
+        })
+    );
+});
+
+self.addEventListener('fetch', (event) => {
+    // برای درخواست‌های شبکه، ابتدا کش را بررسی می‌کنیم و در صورت عدم وجود، درخواست شبکه می‌زنیم
+    event.respondWith(
+        caches.match(event.request).then((response) => {
+            // اگر در کش بود، همان را برمی‌گردانیم
+            if (response) {
+                return response;
+            }
+            // اگر در کش نبود، درخواست شبکه می‌زنیم
+            return fetch(event.request);
+        })
+    );
+});
+
+self.addEventListener('push', (event) => {
+    const data = event.data.json();
+    console.log('Push received...', data);
+
+    const title = data.head || 'نوتیفیکیشن جدید';
+    const options = {
+        body: data.body,
+        icon: data.icon || '/static/images/icons/icon-192x192.png',
+        // الگوی لرزش: 200ms لرزش، 100ms مکث، 200ms لرزش
+        vibrate: data.vibrate || [200, 100, 200],
+        // پخش صدای پیش‌فرض سیستم
+        // توجه: پخش فایل صوتی سفارشی در مرورگرها به طور کامل پشتیبانی نمی‌شود.
+        // مرورگرها از صدای پیش‌فرض سیستم برای نوتیفیکیشن استفاده می‌کنند.
+        sound: data.sound || undefined,
+        badge: '/static/images/icons/badge-72x72.png'
+    };
+
+    event.waitUntil(
+        self.registration.showNotification(title, options)
+    );
+});
+
+self.addEventListener('notificationclick', (event) => {
+    console.log('Notification clicked', event);
+    event.notification.close();
+    event.waitUntil(
+        clients.openWindow('https://your-panel-address.com/dashboard/')
+    );
+});
+
diff --git a/management/static/manifest.json b/management/static/manifest.json
new file mode 100644
index 0000000000000000000000000000000000000000..8bbc39113ce1f19d0962e90a9a0d03e10be70c32
--- /dev/null
+++ b/management/static/manifest.json
@@ -0,0 +1,23 @@
+// management/static/manifest.json
+{
+    "name": "پنل مدیریت مرزبان",
+    "short_name": "مرزبان",
+    "start_url": "/",
+    "display": "standalone",
+    "background_color": "#ffffff",
+    "theme_color": "#4f46e5",
+    "description": "پنل مدیریت پیشرفته برای مرزبان",
+    "icons": [
+        {
+            "src": "/static/icons/icon-192x192.png",
+            "sizes": "192x192",
+            "type": "image/png"
+        },
+        {
+            "src": "/static/icons/icon-512x512.png",
+            "sizes": "512x512",
+            "type": "image/png"
+        }
+    ]
+}
+
diff --git a/management/static/styles.css b/management/static/styles.css
new file mode 100644
index 0000000000000000000000000000000000000000..d6e60313377e679b0787a4dd4b983cff334d9cd7
--- /dev/null
+++ b/management/static/styles.css
@@ -0,0 +1,22 @@
+/* management/static/css/styles.css */
+@font-face {
+    font-family: 'Vazirmatn';
+    src: url('https://cdn.jsdelivr.net/gh/rastikerdar/vazirmatn@v33.0.3/fonts/web/eot/Vazirmatn-Regular.eot') format('eot'),
+         url('https://cdn.jsdelivr.net/gh/rastikerdar/vazirmatn@v33.0.3/fonts/web/woff2/Vazirmatn-Regular.woff2') format('woff2'),
+         url('https://cdn.jsdelivr.net/gh/rastikerdar/vazirmatn@v33.0.3/fonts/web/woff/Vazirmatn-Regular.woff') format('woff'),
+         url('https://cdn.jsdelivr.net/gh/rastikerdar/vazirmatn@v33.0.3/fonts/web/ttf/Vazirmatn-Regular.ttf') format('truetype');
+    font-weight: normal;
+    font-style: normal;
+    font-display: swap;
+}
+
+body {
+    font-family: 'Vazirmatn', sans-serif;
+}
+
+/* Custom styles for the configs list */
+#configs-list li:hover {
+    background-color: #f1f5f9;
+    transition: background-color 0.2s ease-in-out;
+}
+
diff --git a/management/tasks.py b/management/tasks.py
new file mode 100644
index 0000000000000000000000000000000000000000..06bc1e4358bc1a27b6271c1cf2d58875237c25d7
--- /dev/null
+++ b/management/tasks.py
@@ -0,0 +1,192 @@
+# management/tasks.py
+# -*- coding: utf-8 -*-
+from __future__ import absolute_import, unicode_literals
+import requests
+import json
+import os
+import datetime
+from celery import shared_task
+from django.db import connections, connection
+from django.conf import settings
+from django.utils import timezone
+
+from .models import (
+    Panel,
+    AdminLevel2,
+    AdminLevel3,
+    EndUser,
+    Payment,
+    CustomUser,
+    Subscription,
+)
+from django.core.management import call_command
+
+# --- Utilities ---
+# FIXED: Renamed function to match imports in other files
+@shared_task
+def send_telegram_message(chat_id, message, bot_token):
+    """
+    Sends a message to a specific Telegram chat using a bot token.
+    """
+    if not bot_token:
+        print("Telegram bot token is not configured.")
+        return
+
+    url = f"https://api.telegram.org/bot{bot_token}/sendMessage"
+    payload = {
+        "chat_id": chat_id,
+        "text": message,
+        "parse_mode": "Markdown"
+    }
+    
+    try:
+        response = requests.post(url, json=payload)
+        response.raise_for_status()
+        print(f"Notification sent successfully to chat_id {chat_id}")
+    except requests.RequestException as e:
+        print(f"Failed to send notification to chat_id {chat_id}: {e}")
+
+# --- Celery Tasks ---
+@shared_task(name="management.tasks.schedule_reminders")
+def schedule_reminders():
+    """
+    Celery task to send periodic reminders to admins and users.
+    """
+    now = timezone.now().date()
+    
+    # 1. License expiry warnings for AdminLevel2s (resellers)
+    three_days_from_now = now + datetime.timedelta(days=3)
+    admin_level2s = AdminLevel2.objects.filter(license_expiry_date__lte=three_days_from_now)
+    for admin in admin_level2s:
+        # Assuming AdminLevel2 is linked to a Panel through its CustomUser owner
+        # This part might need adjustment based on the final model structure
+        try:
+            panel = Panel.objects.get(owner=admin.user)
+            if admin.telegram_chat_id and panel.telegram_bot_token:
+                message = (
+                    f"🚨 **هشدار انقضای لایسنس!**\n\n"
+                    f"ادمین {admin.user.username}، لایسنس شما در تاریخ {admin.license_expiry_date} منقضی خواهد شد. لطفاً برای تمدید آن اقدام کنید."
+                )
+                send_telegram_message(
+                    chat_id=admin.telegram_chat_id,
+                    message=message,
+                    bot_token=panel.telegram_bot_token
+                )
+        except Panel.DoesNotExist:
+            print(f"Panel for admin {admin.user.username} not found.")
+
+
+@shared_task
+def send_payment_receipt_to_admin(payment_id):
+    """
+    Sends a payment receipt notification to the relevant admin via Telegram.
+    """
+    try:
+        payment = Payment.objects.get(id=payment_id)
+        admin = payment.admin
+        panel = payment.subscription.panel
+
+        if not admin.admin_level_3.telegram_chat_id or not panel.telegram_bot_token:
+            print(f"Admin telegram_chat_id or bot token not found for payment {payment_id}.")
+            return
+
+        message = (
+            f"🔔 **رسید پرداخت جدید!**\n\n"
+            f"یک کاربر ({payment.subscription.end_user.username}) رسید پرداختی را برای تمدید اشتراک ارسال کرده است.\n"
+            f"مبلغ: {payment.amount} تومان\n"
+            f"توکن پرداخت: `{payment.payment_token}`\n"
+            f"لطفا به پنل خود مراجعه کرده و پرداخت را تایید کنید."
+        )
+
+        if payment.receipt_image:
+            message += f"\n\nتصویر رسید پرداخت آپلود شده است."
+        elif payment.receipt_text:
+             message += f"\n\nمتن رسید پرداخت: {payment.receipt_text}"
+        
+        send_telegram_message(
+            chat_id=admin.admin_level_3.telegram_chat_id,
+            message=message,
+            bot_token=panel.telegram_bot_token
+        )
+
+    except Payment.DoesNotExist:
+        print(f"Payment with id {payment_id} not found.")
+    except Exception as e:
+        print(f"Error sending payment receipt to admin: {e}")
+
+
+@shared_task
+def send_payment_confirmation_to_user(end_user_id, amount, status):
+    """
+    Sends a payment confirmation message to the end-user.
+    """
+    try:
+        end_user = EndUser.objects.get(id=end_user_id)
+        panel = end_user.panel
+        
+        if not panel or not panel.telegram_bot_token or not end_user.telegram_chat_id:
+            print(f"EndUser panel, bot token or telegram_chat_id not found for user {end_user_id}.")
+            return
+
+        if status == 'approved':
+            message = (
+                f"✅ **پرداخت شما تأیید شد**\n\n"
+                f"مبلغ {amount} تومان برای پنل {panel.name} با موفقیت تأیید شد. سرویس شما به زودی فعال خواهد شد."
+            )
+        else:
+            message = (
+                f"❌ **پرداخت شما رد شد**\n\n"
+                f"پرداخت {amount} تومان برای پنل {panel.name} رد شد. لطفاً رسید معتبر را ارسال کنید."
+            )
+
+        send_telegram_message(
+            chat_id=end_user.telegram_chat_id,
+            message=message,
+            bot_token=panel.telegram_bot_token
+        )
+    except EndUser.DoesNotExist:
+        print(f"EndUser with id {end_user_id} not found.")
+    except Exception as e:
+        print(f"Error sending payment confirmation to user: {e}")
+
+@shared_task(name="management.tasks.check_subscription_expiry")
+def check_subscription_expiry():
+    """
+    Celery task to check subscription expiry and send notifications.
+    """
+    now = timezone.now().date()
+    
+    # Send reminder 3 days before expiry
+    three_days_from_now = now + datetime.timedelta(days=3)
+    expiring_soon_subscriptions = Subscription.objects.filter(
+        end_date__date=three_days_from_now,
+        status='active'
+    )
+    
+    for sub in expiring_soon_subscriptions:
+        if sub.end_user.telegram_chat_id and sub.panel.telegram_bot_token:
+            message = (
+                f"⏳ **اشتراک شما به زودی منقضی می‌شود!**\n\n"
+                f"کاربر {sub.end_user.username}، اشتراک شما در تاریخ {sub.end_date.strftime('%Y-%m-%d')} منقضی خواهد شد. برای تمدید آن از طریق بات اقدام کنید."
+            )
+            send_telegram_message(
+                chat_id=sub.end_user.telegram_chat_id,
+                message=message,
+                bot_token=sub.panel.telegram_bot_token
+            )
+            
+    # Deactivate expired subscriptions
+    expired_subscriptions = Subscription.objects.filter(end_date__lte=now, status='active')
+    for sub in expired_subscriptions:
+        sub.status = 'expired'
+        sub.save()
+        if sub.end_user.telegram_chat_id and sub.panel.telegram_bot_token:
+            message = (
+                f"❌ **اشتراک شما منقضی شد!**\n\n"
+                f"کاربر {sub.end_user.username}، اشتراک شما منقضی شده است. لطفا برای تمدید اقدام کنید."
+            )
+            send_telegram_message(
+                chat_id=sub.end_user.telegram_chat_id,
+                message=message,
+                bot_token=sub.panel.telegram_bot_token
+            )
diff --git a/management/telebot.py b/management/telebot.py
new file mode 100644
index 0000000000000000000000000000000000000000..2fa4f4190deabcd41707ebaa50b59ea1c63c3a1a
--- /dev/null
+++ b/management/telebot.py
@@ -0,0 +1,62 @@
+# management/telebot.py
+# -*- coding: utf-8 -*-
+import logging
+from django.contrib.auth import get_user_model
+from django.conf import settings
+from .models import TelegramUser
+import requests
+import json
+
+logger = logging.getLogger(__name__)
+CustomUser = get_user_model()
+
+def send_telegram_message(chat_id, message):
+    """
+    ارسال پیام به یک کاربر تلگرام با استفاده از API.
+    """
+    TOKEN = settings.TELEGRAM_BOT_TOKEN
+    API_URL = f"https://api.telegram.org/bot{TOKEN}/sendMessage"
+    payload = {
+        'chat_id': chat_id,
+        'text': message
+    }
+    try:
+        response = requests.post(API_URL, json=payload)
+        response.raise_for_status()
+        logger.info(f"Message sent to chat ID {chat_id}: {message}")
+    except requests.exceptions.RequestException as e:
+        logger.error(f"Error sending message to Telegram: {e}")
+
+def process_telegram_message(update):
+    """
+    پردازش پیام‌های ورودی از تلگرام.
+    """
+    message_data = update.get('message')
+    if not message_data:
+        return
+    
+    chat_id = message_data['chat']['id']
+    text = message_data.get('text', '')
+
+    # بررسی اگر متن یک کد امنیتی است
+    # اینجا یک شرط برای طول توکن میگذاریم تا از بررسی پیام‌های کوتاه جلوگیری شود
+    if 10 < len(text) < 50:
+        # ارسال کد به سرور برای تأیید
+        payload = {
+            'token': text,
+            'chat_id': chat_id
+        }
+        try:
+            # URL باید به آدرس واقعی API در سرور شما اشاره کند
+            response = requests.post('http://127.0.0.1:8000/api/telegram/verify-token/', json=payload)
+            result = response.json()
+            send_telegram_message(chat_id, result['message'])
+        except requests.exceptions.RequestException as e:
+            logger.error(f"Error communicating with Django server: {e}")
+            send_telegram_message(chat_id, "متاسفم، در حال حاضر نمی‌توانم درخواست شما را پردازش کنم. لطفاً بعداً امتحان کنید.")
+
+    elif text == '/start':
+        send_telegram_message(chat_id, "سلام، برای همگام‌سازی حساب خود، لطفاً یک کد امنیتی از پنل کاربری خود دریافت کرده و آن را برای من ارسال کنید.")
+    else:
+        send_telegram_message(chat_id, "دستور شما نامعتبر است. لطفاً کد امنیتی خود را ارسال کنید یا از دستورات مجاز استفاده کنید.")
+
diff --git a/management/templates/management/%} b/management/templates/management/%}
new file mode 100644
index 0000000000000000000000000000000000000000..8b137891791fe96927ad78e64b0aad7bded08bdc
--- /dev/null
+++ b/management/templates/management/%}
@@ -0,0 +1 @@
+
diff --git a/management/templates/management/admin-panel-management.html b/management/templates/management/admin-panel-management.html
new file mode 100644
index 0000000000000000000000000000000000000000..b765a1258d0d07870483229c6f9a0f552389641e
--- /dev/null
+++ b/management/templates/management/admin-panel-management.html
@@ -0,0 +1,276 @@
+<!DOCTYPE html>
+<html lang="fa" dir="rtl">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>مدیریت پنل‌های Marzban</title>
+    <!-- Tailwind CSS -->
+    <script src="https://cdn.tailwindcss.com"></script>
+    <style>
+        @import url('https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap');
+        body {
+            font-family: 'Inter', sans-serif;
+        }
+    </style>
+</head>
+<body class="bg-gray-100 p-8">
+    <div class="max-w-4xl mx-auto bg-white rounded-xl shadow-lg p-6">
+        <h1 class="text-3xl font-bold text-gray-800 text-center mb-6">مدیریت پنل‌های Marzban</h1>
+
+        <!-- فرم اضافه/ویرایش پنل -->
+        <form id="panel-form" class="space-y-4 mb-8">
+            <h2 id="form-title" class="text-2xl font-semibold text-gray-700">افزودن پنل جدید</h2>
+            
+            <div class="grid grid-cols-1 md:grid-cols-2 gap-4">
+                <div>
+                    <label for="panel-name" class="block text-sm font-medium text-gray-700">نام پنل</label>
+                    <input type="text" id="panel-name" required class="mt-1 block w-full px-3 py-2 bg-white border border-gray-300 rounded-md shadow-sm focus:outline-none focus:ring-indigo-500 focus:border-indigo-500 sm:text-sm">
+                </div>
+                <div>
+                    <label for="panel-address" class="block text-sm font-medium text-gray-700">آدرس پنل (URL)</label>
+                    <input type="url" id="panel-address" required class="mt-1 block w-full px-3 py-2 bg-white border border-gray-300 rounded-md shadow-sm focus:outline-none focus:ring-indigo-500 focus:border-indigo-500 sm:text-sm">
+                </div>
+            </div>
+            
+            <div class="grid grid-cols-1 md:grid-cols-2 gap-4">
+                <div>
+                    <label for="db-name" class="block text-sm font-medium text-gray-700">نام دیتابیس</label>
+                    <input type="text" id="db-name" required class="mt-1 block w-full px-3 py-2 bg-white border border-gray-300 rounded-md shadow-sm focus:outline-none focus:ring-indigo-500 focus:border-indigo-500 sm:text-sm">
+                </div>
+                <div>
+                    <label for="db-user" class="block text-sm font-medium text-gray-700">نام کاربری دیتابیس</label>
+                    <input type="text" id="db-user" required class="mt-1 block w-full px-3 py-2 bg-white border border-gray-300 rounded-md shadow-sm focus:outline-none focus:ring-indigo-500 focus:border-indigo-500 sm:text-sm">
+                </div>
+            </div>
+
+            <div class="grid grid-cols-1 md:grid-cols-2 gap-4">
+                <div>
+                    <label for="db-password" class="block text-sm font-medium text-gray-700">رمز عبور دیتابیس</label>
+                    <input type="password" id="db-password" required class="mt-1 block w-full px-3 py-2 bg-white border border-gray-300 rounded-md shadow-sm focus:outline-none focus:ring-indigo-500 focus:border-indigo-500 sm:text-sm">
+                </div>
+                <div>
+                    <label for="db-host" class="block text-sm font-medium text-gray-700">آدرس هاست دیتابیس</label>
+                    <input type="text" id="db-host" value="127.0.0.1" required class="mt-1 block w-full px-3 py-2 bg-white border border-gray-300 rounded-md shadow-sm focus:outline-none focus:ring-indigo-500 focus:border-indigo-500 sm:text-sm">
+                </div>
+            </div>
+
+            <div class="flex items-center space-x-2 space-x-reverse">
+                <input id="is-default" type="checkbox" class="h-4 w-4 text-indigo-600 focus:ring-indigo-500 border-gray-300 rounded">
+                <label for="is-default" class="text-sm font-medium text-gray-700">پنل پیش‌فرض باشد</label>
+            </div>
+            
+            <div class="flex justify-start space-x-4 space-x-reverse">
+                <button type="submit" class="inline-flex justify-center py-2 px-4 border border-transparent shadow-sm text-sm font-medium rounded-md text-white bg-indigo-600 hover:bg-indigo-700 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-indigo-500">
+                    ذخیره
+                </button>
+                <button type="button" id="clear-form-btn" class="inline-flex justify-center py-2 px-4 border border-gray-300 shadow-sm text-sm font-medium rounded-md text-gray-700 bg-white hover:bg-gray-50 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-indigo-500">
+                    پاک کردن فرم
+                </button>
+            </div>
+            
+            <div id="message-box" class="mt-4 p-3 rounded-md text-sm" style="display: none;"></div>
+        </form>
+
+        <hr class="my-8 border-gray-300">
+
+        <!-- جدول نمایش پنل‌ها -->
+        <h2 class="text-2xl font-semibold text-gray-700 mb-4">لیست پنل‌های موجود</h2>
+        <div class="overflow-x-auto">
+            <table class="min-w-full divide-y divide-gray-200">
+                <thead class="bg-gray-50">
+                    <tr>
+                        <th scope="col" class="px-6 py-3 text-right text-xs font-medium text-gray-500 uppercase tracking-wider">نام</th>
+                        <th scope="col" class="px-6 py-3 text-right text-xs font-medium text-gray-500 uppercase tracking-wider">آدرس پنل</th>
+                        <th scope="col" class="px-6 py-3 text-right text-xs font-medium text-gray-500 uppercase tracking-wider">نام دیتابیس</th>
+                        <th scope="col" class="px-6 py-3 text-center text-xs font-medium text-gray-500 uppercase tracking-wider">پیش‌فرض</th>
+                        <th scope="col" class="px-6 py-3 text-center text-xs font-medium text-gray-500 uppercase tracking-wider">عملیات</th>
+                    </tr>
+                </thead>
+                <tbody id="panels-table-body" class="bg-white divide-y divide-gray-200">
+                    <!-- محتوای پنل‌ها اینجا با جاوااسکریپت پر می‌شود -->
+                </tbody>
+            </table>
+        </div>
+    </div>
+
+    <script>
+        document.addEventListener('DOMContentLoaded', () => {
+            const API_URL = '/api/panels/';
+            const form = document.getElementById('panel-form');
+            const panelsTableBody = document.getElementById('panels-table-body');
+            const formTitle = document.getElementById('form-title');
+            const messageBox = document.getElementById('message-box');
+            const clearFormBtn = document.getElementById('clear-form-btn');
+            
+            let editingPanelId = null;
+
+            // تابع کمکی برای گرفتن توکن JWT از localStorage
+            const getAuthHeaders = () => {
+                const accessToken = localStorage.getItem('access');
+                return {
+                    'Content-Type': 'application/json',
+                    'Authorization': `Bearer ${accessToken}`
+                };
+            };
+            
+            // نمایش پیام‌های وضعیت (موفقیت/خطا)
+            const showMessage = (message, type = 'success') => {
+                messageBox.textContent = message;
+                messageBox.style.display = 'block';
+                if (type === 'success') {
+                    messageBox.className = 'mt-4 p-3 rounded-md text-sm bg-green-100 text-green-800';
+                } else if (type === 'error') {
+                    messageBox.className = 'mt-4 p-3 rounded-md text-sm bg-red-100 text-red-800';
+                }
+                setTimeout(() => {
+                    messageBox.style.display = 'none';
+                }, 5000);
+            };
+
+            // پاک کردن فرم
+            const clearForm = () => {
+                form.reset();
+                formTitle.textContent = 'افزودن پنل جدید';
+                editingPanelId = null;
+            };
+            clearFormBtn.addEventListener('click', clearForm);
+
+            // واکشی لیست پنل‌ها از API
+            const fetchPanels = async () => {
+                try {
+                    const response = await fetch(API_URL, { headers: getAuthHeaders() });
+                    if (!response.ok) {
+                        throw new Error('Failed to fetch panels');
+                    }
+                    const panels = await response.json();
+                    renderPanels(panels);
+                } catch (error) {
+                    showMessage(`خطا در دریافت لیست پنل‌ها: ${error.message}`, 'error');
+                }
+            };
+
+            // نمایش پنل‌ها در جدول
+            const renderPanels = (panels) => {
+                panelsTableBody.innerHTML = '';
+                panels.forEach(panel => {
+                    const row = document.createElement('tr');
+                    row.className = 'hover:bg-gray-100';
+                    row.innerHTML = `
+                        <td class="px-6 py-4 whitespace-nowrap text-sm font-medium text-gray-900">${panel.name}</td>
+                        <td class="px-6 py-4 whitespace-nowrap text-sm text-gray-500">${panel.panel_address}</td>
+                        <td class="px-6 py-4 whitespace-nowrap text-sm text-gray-500">${panel.db_name}</td>
+                        <td class="px-6 py-4 whitespace-nowrap text-center text-sm text-gray-500">${panel.is_default ? '✅' : '❌'}</td>
+                        <td class="px-6 py-4 whitespace-nowrap text-center text-sm font-medium">
+                            <button data-id="${panel.id}" class="edit-btn text-indigo-600 hover:text-indigo-900 mx-2">ویرایش</button>
+                            <button data-id="${panel.id}" class="delete-btn text-red-600 hover:text-red-900 mx-2">حذف</button>
+                        </td>
+                    `;
+                    panelsTableBody.appendChild(row);
+                });
+
+                // اضافه کردن event listener برای دکمه‌های ویرایش و حذف
+                document.querySelectorAll('.edit-btn').forEach(button => {
+                    button.addEventListener('click', (e) => handleEditClick(e.target.dataset.id));
+                });
+                document.querySelectorAll('.delete-btn').forEach(button => {
+                    button.addEventListener('click', (e) => handleDeleteClick(e.target.dataset.id));
+                });
+            };
+
+            // پر کردن فرم برای ویرایش یک پنل
+            const handleEditClick = async (panelId) => {
+                try {
+                    const response = await fetch(`${API_URL}${panelId}/`, { headers: getAuthHeaders() });
+                    if (!response.ok) {
+                        throw new Error('Failed to fetch panel details');
+                    }
+                    const panel = await response.json();
+                    
+                    formTitle.textContent = `ویرایش پنل: ${panel.name}`;
+                    editingPanelId = panel.id;
+                    
+                    document.getElementById('panel-name').value = panel.name;
+                    document.getElementById('panel-address').value = panel.panel_address;
+                    document.getElementById('db-name').value = panel.db_name;
+                    document.getElementById('db-user').value = panel.db_user;
+                    document.getElementById('db-password').value = panel.db_password;
+                    document.getElementById('db-host').value = panel.db_host;
+                    document.getElementById('is-default').checked = panel.is_default;
+                } catch (error) {
+                    showMessage(`خطا در دریافت اطلاعات پنل برای ویرایش: ${error.message}`, 'error');
+                }
+            };
+
+            // ارسال درخواست حذف
+            const handleDeleteClick = async (panelId) => {
+                 if (window.confirm("آیا از حذف این پنل اطمینان دارید؟")) {
+                    try {
+                        const response = await fetch(`${API_URL}${panelId}/`, {
+                            method: 'DELETE',
+                            headers: getAuthHeaders()
+                        });
+                        if (response.status === 204) {
+                            showMessage('پنل با موفقیت حذف شد.');
+                            fetchPanels();
+                        } else {
+                            const errorData = await response.json();
+                            showMessage(`خطا در حذف پنل: ${errorData.error}`, 'error');
+                        }
+                    } catch (error) {
+                        showMessage(`خطا در حذف پنل: ${error.message}`, 'error');
+                    }
+                }
+            };
+
+            // هندل کردن ارسال فرم (ایجاد یا ویرایش)
+            form.addEventListener('submit', async (e) => {
+                e.preventDefault();
+                
+                const formData = {
+                    name: document.getElementById('panel-name').value,
+                    panel_address: document.getElementById('panel-address').value,
+                    db_name: document.getElementById('db-name').value,
+                    db_user: document.getElementById('db-user').value,
+                    db_password: document.getElementById('db-password').value,
+                    db_host: document.getElementById('db-host').value,
+                    db_port: 3306, // Default port
+                    is_default: document.getElementById('is-default').checked,
+                };
+
+                let response;
+                try {
+                    if (editingPanelId) {
+                        response = await fetch(`${API_URL}${editingPanelId}/`, {
+                            method: 'PUT',
+                            headers: getAuthHeaders(),
+                            body: JSON.stringify(formData)
+                        });
+                    } else {
+                        response = await fetch(API_URL, {
+                            method: 'POST',
+                            headers: getAuthHeaders(),
+                            body: JSON.stringify(formData)
+                        });
+                    }
+                    
+                    if (response.ok) {
+                        const result = await response.json();
+                        showMessage(editingPanelId ? 'پنل با موفقیت به‌روزرسانی شد.' : 'پنل جدید با موفقیت ایجاد شد.');
+                        clearForm();
+                        fetchPanels();
+                    } else {
+                        const errorData = await response.json();
+                        const errorMsg = errorData.error || JSON.stringify(errorData);
+                        showMessage(`خطا در عملیات: ${errorMsg}`, 'error');
+                    }
+                } catch (error) {
+                    showMessage(`خطا در ارتباط با سرور: ${error.message}`, 'error');
+                }
+            });
+
+            fetchPanels();
+        });
+    </script>
+</body>
+</html>
+
diff --git a/management/templates/management/admin_dashboard.html b/management/templates/management/admin_dashboard.html
new file mode 100644
index 0000000000000000000000000000000000000000..2f0e4169ac3bdcc72f0d9ec9f7ea98b03f9b235d
--- /dev/null
+++ b/management/templates/management/admin_dashboard.html
@@ -0,0 +1,35 @@
+{% extends 'management/base.html' %}
+{% load static %}
+
+{% block header_title %}داشبورد ادمین {{ request.user.username }}{% endblock %}
+
+{% block content %}
+<div class="row">
+    <div class="col-md-4">
+        <div class="card text-center">
+            <div class="card-body">
+                <h5 class="card-title">تعداد کاربران</h5>
+                <h2 class="card-text">{{ total_users }}</h2>
+            </div>
+        </div>
+    </div>
+    <div class="col-md-4">
+        <div class="card text-center">
+            <div class="card-body">
+                <h5 class="card-title">پرداخت‌های در انتظار تأیید</h5>
+                <h2 class="card-text">{{ pending_payments }}</h2>
+            </div>
+        </div>
+    </div>
+    <div class="col-md-4">
+        <div class="card text-center">
+            <div class="card-body">
+                <h5 class="card-title">کاربران بدون پرداخت (۴۸ ساعت)</h5>
+                <h2 class="card-text">{{ users_no_payment_48h }}</h2>
+            </div>
+        </div>
+    </div>
+</div>
+{% endblock %}
+
+
diff --git a/management/templates/management/admin_login.html b/management/templates/management/admin_login.html
new file mode 100644
index 0000000000000000000000000000000000000000..a8e90db167ea4efd8e312a09add13ec28d26f5f2
--- /dev/null
+++ b/management/templates/management/admin_login.html
@@ -0,0 +1,112 @@
+<!DOCTYPE html>
+<html lang="fa" dir="rtl">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>ورود به پنل ادمین</title>
+    <style>
+        body {
+            display: flex;
+            flex-direction: column;
+            justify-content: center;
+            align-items: center;
+            height: 100vh;
+            background-color: #f0f2f5;
+            font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif;
+            text-align: center;
+        }
+        .login-container {
+            background: white;
+            padding: 30px;
+            border-radius: 8px;
+            box-shadow: 0 4px 8px rgba(0,0,0,0.1);
+            width: 300px;
+        }
+        h2 {
+            margin-bottom: 20px;
+            color: #333;
+        }
+        .form-group {
+            margin-bottom: 15px;
+            text-align: right;
+        }
+        .form-group label {
+            display: block;
+            margin-bottom: 5px;
+            font-size: 14px;
+            color: #555;
+        }
+        .form-group input {
+            width: 100%;
+            padding: 10px;
+            box-sizing: border-box;
+            border: 1px solid #ccc;
+            border-radius: 5px;
+            font-size: 16px;
+        }
+        .error-message {
+            color: #dc3545;
+            margin-bottom: 15px;
+        }
+        .submit-button {
+            width: 100%;
+            padding: 12px 20px;
+            margin-top: 20px;
+            border-radius: 5px;
+            border: none;
+            background-color: #007bff; /* Changed color for admin */
+            color: white;
+            font-size: 16px;
+            cursor: pointer;
+            transition: background-color 0.3s ease;
+        }
+        .submit-button:hover {
+            background-color: #0056b3;
+        }
+        .messages {
+            list-style-type: none;
+            padding: 0;
+            margin-bottom: 20px;
+        }
+        .messages .error {
+            background-color: #f8d7da;
+            color: #721c24;
+            border: 1px solid #f5c6cb;
+            padding: 10px;
+            border-radius: 5px;
+        }
+        .messages .success {
+            background-color: #d4edda;
+            color: #155724;
+            border: 1px solid #c3e6cb;
+            padding: 10px;
+            border-radius: 5px;
+        }
+    </style>
+</head>
+<body>
+    <div class="login-container">
+        <h2>ورود به پنل ادمین</h2>
+        {% if messages %}
+            <ul class="messages">
+                {% for message in messages %}
+                    <li class="{{ message.tags }}">{{ message }}</li>
+                {% endfor %}
+            </ul>
+        {% endif %}
+        <form method="post" action="{% url 'admin_login_view' %}">
+            {% csrf_token %}
+            <div class="form-group">
+                <label for="username">نام کاربری:</label>
+                <input type="text" id="username" name="username" required>
+            </div>
+            <div class="form-group">
+                <label for="password">رمز عبور:</label>
+                <input type="password" id="password" name="password" required>
+            </div>
+            <button type="submit" class="submit-button">ورود</button>
+        </form>
+    </div>
+</body>
+</html>
+
diff --git a/management/templates/management/amin_login.html b/management/templates/management/amin_login.html
new file mode 100644
index 0000000000000000000000000000000000000000..a74294eddee88e2b4d6c6b032461b551a9cefa2a
--- /dev/null
+++ b/management/templates/management/amin_login.html
@@ -0,0 +1,44 @@
+<!DOCTYPE html>
+<html lang="fa" dir="rtl">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>ورود ادمین</title>
+    <script src="https://cdn.tailwindcss.com"></script>
+    <style>
+        body {
+            font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif;
+            background-color: #f0f2f5;
+        }
+    </style>
+</head>
+<body class="flex items-center justify-center min-h-screen">
+    <div class="bg-white p-8 rounded-lg shadow-md w-full max-w-sm">
+        <h2 class="text-2xl font-bold text-center mb-6 text-gray-800">ورود به پنل ادمین</h2>
+        
+        {% if messages %}
+            <ul class="mb-4">
+                {% for message in messages %}
+                    <li class="p-2 {% if message.tags %} bg-{{ message.tags }}-100 text-{{ message.tags }}-800 {% endif %} rounded">{{ message }}</li>
+                {% endfor %}
+            </ul>
+        {% endif %}
+
+        <form method="post" action="{% url 'management:admin_login' %}" class="space-y-4">
+            {% csrf_token %}
+            <div>
+                <label for="{{ form.username.id_for_label }}" class="block text-sm font-medium text-gray-700">نام کاربری:</label>
+                {{ form.username }}
+            </div>
+            <div>
+                <label for="{{ form.password.id_for_label }}" class="block text-sm font-medium text-gray-700">رمز عبور:</label>
+                {{ form.password }}
+            </div>
+            <button type="submit" class="w-full py-2 px-4 bg-blue-600 text-white font-semibold rounded-lg shadow-md hover:bg-blue-700 transition duration-300">
+                ورود
+            </button>
+        </form>
+    </div>
+</body>
+</html>
+
diff --git a/management/templates/management/base.html b/management/templates/management/base.html
new file mode 100644
index 0000000000000000000000000000000000000000..d1ea7c46b90761d169639252a6f74259f71c79a8
--- /dev/null
+++ b/management/templates/management/base.html
@@ -0,0 +1,25 @@
+<!-- management/templates/management/base.html -->
+<!-- -*- coding: utf-8 -*- -->
+<!DOCTYPE html>
+<html lang="fa" dir="rtl">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>{% block title %}پنل مدیریت{% endblock %}</title>
+    <!-- Add link to the PWA manifest file -->
+    <link rel="manifest" href="/static/manifest.json">
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/tailwindcss/2.2.19/tailwind.min.css">
+    <style>
+        body {
+            font-family: 'Vazirmatn', sans-serif;
+            background-color: #f3f4f6;
+        }
+    </style>
+</head>
+<body class="bg-gray-100 p-8">
+    <div class="max-w-4xl mx-auto bg-white shadow-xl rounded-lg p-6">
+        {% block content %}{% endblock %}
+    </div>
+</body>
+</html>
+
diff --git a/management/templates/management/create_discount_code.html b/management/templates/management/create_discount_code.html
new file mode 100644
index 0000000000000000000000000000000000000000..74fddc99976890938eddd7db1b604dc56b50e755
--- /dev/null
+++ b/management/templates/management/create_discount_code.html
@@ -0,0 +1,62 @@
+<!-- management/templates/management/create_discount_code.html -->
+<!-- -*- coding: utf-8 -*- -->
+<!DOCTYPE html>
+<html lang="fa" dir="rtl">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>ایجاد کد تخفیف</title>
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/tailwindcss/2.2.19/tailwind.min.css">
+    <style>
+        body {
+            font-family: 'Vazirmatn', sans-serif;
+            background-color: #f3f4f6;
+        }
+    </style>
+</head>
+<body class="bg-gray-100 p-8">
+    <div class="max-w-xl mx-auto bg-white shadow-xl rounded-lg p-6">
+        <header class="border-b pb-4 mb-4">
+            <h1 class="text-3xl font-bold text-gray-800">ایجاد کد تخفیف</h1>
+        </header>
+
+        <main>
+            {% if messages %}
+                <ul class="mb-4">
+                    {% for message in messages %}
+                        <li class="p-3 rounded-lg {% if message.tags == 'error' %}bg-red-100 text-red-800{% else %}bg-green-100 text-green-800{% endif %}">
+                            {{ message }}
+                        </li>
+                    {% endfor %}
+                </ul>
+            {% endif %}
+
+            <form method="post">
+                {% csrf_token %}
+                <div class="space-y-4">
+                    {% for field in form %}
+                        <div>
+                            <label for="{{ field.id_for_label }}" class="block text-sm font-medium text-gray-700">{{ field.label }}</label>
+                            <div class="mt-1">
+                                {{ field }}
+                            </div>
+                            {% if field.errors %}
+                                {% for error in field.errors %}
+                                    <p class="mt-2 text-sm text-red-600">{{ error }}</p>
+                                {% endfor %}
+                            {% endif %}
+                        </div>
+                    {% endfor %}
+                </div>
+                
+                <div class="mt-6">
+                    <button type="submit" class="w-full bg-indigo-600 hover:bg-indigo-700 text-white font-bold py-2 px-4 rounded-lg">
+                        ایجاد کد تخفیف
+                    </button>
+                </div>
+            </form>
+        </main>
+    </div>
+</body>
+</html>
+
diff --git a/management/templates/management/create_notification.html b/management/templates/management/create_notification.html
new file mode 100644
index 0000000000000000000000000000000000000000..f8578685f91bbde75e6d78bf7dd0b4b5bc41bc06
--- /dev/null
+++ b/management/templates/management/create_notification.html
@@ -0,0 +1,198 @@
+{% extends 'management/base.html' %}
+{% load static %}
+
+{% block header_title %}ارسال اعلان جدید{% endblock %}
+
+{% block content %}
+<div class="card shadow-sm">
+    <div class="card-header bg-primary text-white d-flex justify-content-between align-items-center">
+        <h5 class="mb-0">ارسال اعلان جدید</h5>
+        <a href="{% url 'notification_history_view' %}" class="btn btn-light btn-sm">تاریخچه اعلان‌ها</a>
+    </div>
+    <div class="card-body">
+        <form action="{% url 'send_notification_view' %}" method="post">
+            {% csrf_token %}
+
+            <!-- انتخاب نوع اعلان (دستی یا خودکار) -->
+            <div class="mb-3">
+                <label class="form-label">نوع اعلان</label>
+                <div class="form-check form-check-inline">
+                    <input class="form-check-input" type="radio" name="notification_type" id="type_manual" value="manual" checked>
+                    <label class="form-check-label" for="type_manual">ارسال دستی</label>
+                </div>
+                <div class="form-check form-check-inline">
+                    <input class="form-check-input" type="radio" name="notification_type" id="type_automatic" value="automatic">
+                    <label class="form-check-label" for="type_automatic">ارسال خودکار</label>
+                </div>
+            </div>
+
+            <!-- بخش مربوط به اعلان دستی -->
+            <div id="manual-notification-fields">
+                <div class="mb-3">
+                    <label for="id_title" class="form-label">عنوان</label>
+                    <input type="text" class="form-control" id="id_title" name="title" required>
+                </div>
+                <div class="mb-3">
+                    <label for="id_content" class="form-label">متن اعلان</label>
+                    <textarea class="form-control" id="id_content" name="content" rows="5" required></textarea>
+                </div>
+
+                <!-- گزینه‌های اعلان غنی -->
+                <div class="card bg-light mb-3">
+                    <div class="card-body">
+                        <h6 class="card-title">گزینه‌های پیشرفته (اختیاری)</h6>
+                        <div class="row">
+                            <div class="col-md-6 mb-3">
+                                <label for="id_button_text" class="form-label">متن دکمه</label>
+                                <input type="text" class="form-control" id="id_button_text" name="button_text">
+                            </div>
+                            <div class="col-md-6 mb-3">
+                                <label for="id_button_url" class="form-label">لینک دکمه</label>
+                                <input type="url" class="form-control" id="id_button_url" name="button_url">
+                            </div>
+                        </div>
+                        <div class="mb-3">
+                            <label for="id_image_url" class="form-label">لینک تصویر/آیکون</label>
+                            <input type="url" class="form-control" id="id_image_url" name="image_url">
+                        </div>
+                    </div>
+                </div>
+
+                <!-- گیرنده اعلان دستی -->
+                <div class="mb-3">
+                    <label class="form-label">گیرنده اعلان</label>
+                    <div class="form-check">
+                        <input class="form-check-input" type="radio" name="recipient_type" id="recipient_all" value="all" checked>
+                        <label class="form-check-label" for="recipient_all">همه کاربران</label>
+                    </div>
+                    <div class="form-check">
+                        <input class="form-check-input" type="radio" name="recipient_type" id="recipient_specific" value="specific">
+                        <label class="form-check-label" for="recipient_specific">کاربران خاص</label>
+                    </div>
+                </div>
+                <div class="mb-3" id="specific-users-container">
+                    <label for="id_users" class="form-label">انتخاب کاربران (می‌توانید چند کاربر را انتخاب کنید)</label>
+                    <select multiple class="form-select" id="id_users" name="users">
+                        {% for user in all_users %}
+                            <option value="{{ user.id }}">{{ user.full_name }} ({{ user.username }})</option>
+                        {% endfor %}
+                    </select>
+                </div>
+
+                <!-- زمان‌بندی اعلان دستی -->
+                <div class="mb-3">
+                    <label for="id_schedule" class="form-label">زمان‌بندی ارسال</label>
+                    <div class="input-group">
+                        <select class="form-select" id="schedule-type-select" name="schedule_type">
+                            <option value="one_time">یک‌بار</option>
+                            <option value="weekly">هفتگی</option>
+                            <option value="monthly">ماهانه</option>
+                        </select>
+                        <input type="datetime-local" class="form-control" id="id_schedule_time" name="schedule_time" required>
+                    </div>
+                </div>
+
+                <div class="mb-3 form-check">
+                    <input type="checkbox" class="form-check-input" id="id_is_urgent" name="is_urgent">
+                    <label class="form-check-label" for="id_is_urgent">اخطار فوری</label>
+                </div>
+            </div>
+
+            <!-- بخش مربوط به اعلان خودکار -->
+            <div id="automatic-notification-fields" style="display: none;">
+                <div class="card bg-light mb-3">
+                    <div class="card-body">
+                        <h6 class="card-title">قانون ارسال اعلان خودکار</h6>
+                        <div class="mb-3 form-check">
+                            <input type="checkbox" class="form-check-input" id="id_auto_consumption" name="auto_consumption">
+                            <label class="form-check-label" for="id_auto_consumption">ارسال به هنگام رسیدن مصرف به یک حد مشخص</label>
+                        </div>
+                        <div class="input-group mb-3" id="consumption-threshold-container" style="display: none;">
+                            <input type="number" class="form-control" name="consumption_threshold" placeholder="مثلاً ۹۰" min="1" max="100">
+                            <span class="input-group-text">%</span>
+                        </div>
+                        <div class="mb-3 form-check">
+                            <input type="checkbox" class="form-check-input" id="id_auto_expiration" name="auto_expiration">
+                            <label class="form-check-label" for="id_auto_expiration">ارسال قبل از تاریخ انقضا</label>
+                        </div>
+                        <div class="input-group mb-3" id="expiration-days-container" style="display: none;">
+                            <input type="number" class="form-control" name="expiration_days_before" placeholder="مثلاً ۳" min="1">
+                            <span class="input-group-text">روز قبل</span>
+                        </div>
+                        <div class="mb-3">
+                            <label for="id_auto_plans" class="form-label">مربوط به پلن‌های زیر</label>
+                            <select multiple class="form-select" id="id_auto_plans" name="auto_plans">
+                                {% for plan in all_plans %}
+                                    <option value="{{ plan.id }}">{{ plan.name }}</option>
+                                {% endfor %}
+                            </select>
+                        </div>
+                    </div>
+                </div>
+            </div>
+
+            <button type="submit" class="btn btn-primary mt-3">ارسال اعلان</button>
+        </form>
+    </div>
+</div>
+<script>
+    document.addEventListener('DOMContentLoaded', () => {
+        const typeManual = document.getElementById('type_manual');
+        const typeAutomatic = document.getElementById('type_automatic');
+        const manualFields = document.getElementById('manual-notification-fields');
+        const automaticFields = document.getElementById('automatic-notification-fields');
+
+        const recipientTypeRadios = document.querySelectorAll('input[name="recipient_type"]');
+        const specificUsersContainer = document.getElementById('specific-users-container');
+
+        const autoConsumptionCheckbox = document.getElementById('id_auto_consumption');
+        const consumptionThresholdContainer = document.getElementById('consumption-threshold-container');
+
+        const autoExpirationCheckbox = document.getElementById('id_auto_expiration');
+        const expirationDaysContainer = document.getElementById('expiration-days-container');
+
+        // نمایش/پنهان کردن فیلدهای اعلان دستی و خودکار
+        function toggleNotificationType() {
+            if (typeManual.checked) {
+                manualFields.style.display = 'block';
+                automaticFields.style.display = 'none';
+            } else {
+                manualFields.style.display = 'none';
+                automaticFields.style.display = 'block';
+            }
+        }
+        typeManual.addEventListener('change', toggleNotificationType);
+        typeAutomatic.addEventListener('change', toggleNotificationType);
+
+        // نمایش/پنهان کردن فیلد انتخاب کاربران خاص
+        recipientTypeRadios.forEach(radio => {
+            radio.addEventListener('change', (event) => {
+                if (event.target.value === 'specific') {
+                    specificUsersContainer.style.display = 'block';
+                } else {
+                    specificUsersContainer.style.display = 'none';
+                }
+            });
+        });
+
+        // نمایش/پنهان کردن فیلد میزان مصرف
+        autoConsumptionCheckbox.addEventListener('change', (event) => {
+            if (event.target.checked) {
+                consumptionThresholdContainer.style.display = 'flex';
+            } else {
+                consumptionThresholdContainer.style.display = 'none';
+            }
+        });
+
+        // نمایش/پنهان کردن فیلد روزهای قبل از انقضا
+        autoExpirationCheckbox.addEventListener('change', (event) => {
+            if (event.target.checked) {
+                expirationDaysContainer.style.display = 'flex';
+            } else {
+                expirationDaysContainer.style.display = 'none';
+            }
+        });
+    });
+</script>
+{% endblock %}
+
diff --git a/management/templates/management/error.html b/management/templates/management/error.html
new file mode 100644
index 0000000000000000000000000000000000000000..541925880dc4849891fd3bef47bdcd23bfe06533
--- /dev/null
+++ b/management/templates/management/error.html
@@ -0,0 +1,43 @@
+<!DOCTYPE html>
+<html lang="fa" dir="rtl">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>خطا</title>
+    <style>
+        body {
+            font-family: Arial, sans-serif;
+            background-color: #f8d7da;
+            color: #721c24;
+            display: flex;
+            justify-content: center;
+            align-items: center;
+            height: 100vh;
+            margin: 0;
+            text-align: center;
+        }
+        .container {
+            background-color: #fdd;
+            padding: 40px;
+            border-radius: 10px;
+            box-shadow: 0 4px 8px rgba(0, 0, 0, 0.1);
+            max-width: 500px;
+            border: 1px solid #f5c6cb;
+        }
+        h1 {
+            color: #dc3545;
+        }
+        p {
+            line-height: 1.6;
+            margin-top: 20px;
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <h1>خطا!</h1>
+        <p>{{ message }}</p>
+        <a href="/">بازگشت به صفحه اصلی</a>
+    </div>
+</body>
+</html>
diff --git a/management/templates/management/home.html b/management/templates/management/home.html
new file mode 100644
index 0000000000000000000000000000000000000000..299e23234162bfa1e8dc1cb0b912f3c4953f8b65
--- /dev/null
+++ b/management/templates/management/home.html
@@ -0,0 +1,30 @@
+<!DOCTYPE html>
+<html lang="fa" dir="rtl">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>صفحه اصلی</title>
+    <script src="https://cdn.tailwindcss.com"></script>
+    <style>
+        body {
+            font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif;
+            background-color: #f0f2f5;
+        }
+    </style>
+</head>
+<body class="flex flex-col items-center justify-center min-h-screen">
+    <div class="bg-white p-8 rounded-lg shadow-md w-full max-w-sm text-center">
+        <h1 class="text-3xl font-bold mb-6 text-gray-800">به پنل خوش آمدید</h1>
+        <p class="text-gray-600 mb-8">لطفاً نوع کاربری خود را انتخاب کنید.</p>
+        <div class="space-y-4">
+            <a href="{% url 'management:admin_login' %}" class="block w-full py-3 px-6 bg-blue-600 text-white font-semibold rounded-lg shadow-md hover:bg-blue-700 transition duration-300">
+                ورود به پنل ادمین
+            </a>
+            <a href="{% url 'management:user_dashboard_login' %}" class="block w-full py-3 px-6 bg-gray-600 text-white font-semibold rounded-lg shadow-md hover:bg-gray-700 transition duration-300">
+                ورود به پنل کاربر
+            </a>
+        </div>
+    </div>
+</body>
+</html>
+
diff --git a/management/templates/management/login.html b/management/templates/management/login.html
new file mode 100644
index 0000000000000000000000000000000000000000..d6dd882d96d25e578c6f54c4265d4dd642a34638
--- /dev/null
+++ b/management/templates/management/login.html
@@ -0,0 +1,87 @@
+<!DOCTYPE html>
+<html lang="fa" dir="rtl">
+<head>
+    <meta charset="UTF-8">
+    <title>ورود به پنل ادمین</title>
+    <style>
+        body {
+            display: flex;
+            flex-direction: column;
+            justify-content: center;
+            align-items: center;
+            height: 100vh;
+            background-color: #f0f2f5;
+            font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif;
+            text-align: center;
+        }
+        .login-container {
+            background: white;
+            padding: 30px;
+            border-radius: 8px;
+            box-shadow: 0 4px 8px rgba(0,0,0,0.1);
+            width: 300px;
+        }
+        h2 {
+            margin-bottom: 20px;
+            color: #333;
+        }
+        .form-group {
+            margin-bottom: 15px;
+            text-align: right;
+        }
+        .form-group label {
+            display: block;
+            margin-bottom: 5px;
+            font-size: 14px;
+            color: #555;
+        }
+        .form-group input {
+            width: 100%;
+            padding: 10px;
+            box-sizing: border-box;
+            border: 1px solid #ccc;
+            border-radius: 5px;
+            font-size: 16px;
+        }
+        .error-message {
+            color: #dc3545;
+            margin-bottom: 15px;
+        }
+        .submit-button {
+            width: 100%;
+            padding: 12px 20px;
+            margin-top: 20px;
+            border-radius: 5px;
+            border: none;
+            background-color: #007bff;
+            color: white;
+            font-size: 16px;
+            cursor: pointer;
+            transition: background-color 0.3s ease;
+        }
+        .submit-button:hover {
+            background-color: #0056b3;
+        }
+    </style>
+</head>
+<body>
+    <div class="login-container">
+        <h2>ورود به پنل ادمین</h2>
+        {% if error %}
+            <p class="error-message">{{ error }}</p>
+        {% endif %}
+        <form method="post" action="{% url 'admin_login' %}">
+            {% csrf_token %}
+            <div class="form-group">
+                <label for="username">نام کاربری:</label>
+                <input type="text" id="username" name="username" required>
+            </div>
+            <div class="form-group">
+                <label for="password">رمز عبور:</label>
+                <input type="password" id="password" name="password" required>
+            </div>
+            <button type="submit" class="submit-button">ورود</button>
+        </form>
+    </div>
+</body>
+</html>
diff --git a/management/templates/management/notification_history.html b/management/templates/management/notification_history.html
new file mode 100644
index 0000000000000000000000000000000000000000..35a8b5888e8b21d71cb42c8a6fd159a4a9c1410a
--- /dev/null
+++ b/management/templates/management/notification_history.html
@@ -0,0 +1,41 @@
+{% extends 'management/base.html' %}
+
+{% block header_title %}اعلان‌ها و اخطارها{% endblock %}
+
+{% block content %}
+<div class="container-fluid py-4">
+    <div class="row">
+        <div class="col-12">
+            <div class="card shadow-sm">
+                <div class="card-header bg-primary text-white">
+                    <h5 class="mb-0">لیست اعلان‌ها</h5>
+                </div>
+                <div class="card-body">
+                    {% for notification in notifications %}
+                    <div class="alert {% if notification.is_urgent %}alert-danger{% else %}alert-warning{% endif %} d-flex align-items-center mb-3" role="alert">
+                        <div class="flex-shrink-0 me-3">
+                            {% if notification.is_urgent %}
+                            <i class="fas fa-exclamation-triangle fa-2x"></i>
+                            {% else %}
+                            <i class="fas fa-info-circle fa-2x"></i>
+                            {% endif %}
+                        </div>
+                        <div class="flex-grow-1">
+                            <h4 class="alert-heading">{% if notification.is_urgent %}اخطار!{% else %}یادآوری{% endif %}</h4>
+                            <p>{{ notification.message }}</p>
+                            <hr>
+                            <small class="mb-0">{{ notification.created_at|date:"Y/m/d - H:i" }}</small>
+                        </div>
+                    </div>
+                    {% empty %}
+                    <div class="alert alert-info text-center" role="alert">
+                        اعلان جدیدی وجود ندارد.
+                    </div>
+                    {% endfor %}
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+{% endblock %}
+
diff --git a/management/templates/management/notifications.html b/management/templates/management/notifications.html
new file mode 100644
index 0000000000000000000000000000000000000000..35a8b5888e8b21d71cb42c8a6fd159a4a9c1410a
--- /dev/null
+++ b/management/templates/management/notifications.html
@@ -0,0 +1,41 @@
+{% extends 'management/base.html' %}
+
+{% block header_title %}اعلان‌ها و اخطارها{% endblock %}
+
+{% block content %}
+<div class="container-fluid py-4">
+    <div class="row">
+        <div class="col-12">
+            <div class="card shadow-sm">
+                <div class="card-header bg-primary text-white">
+                    <h5 class="mb-0">لیست اعلان‌ها</h5>
+                </div>
+                <div class="card-body">
+                    {% for notification in notifications %}
+                    <div class="alert {% if notification.is_urgent %}alert-danger{% else %}alert-warning{% endif %} d-flex align-items-center mb-3" role="alert">
+                        <div class="flex-shrink-0 me-3">
+                            {% if notification.is_urgent %}
+                            <i class="fas fa-exclamation-triangle fa-2x"></i>
+                            {% else %}
+                            <i class="fas fa-info-circle fa-2x"></i>
+                            {% endif %}
+                        </div>
+                        <div class="flex-grow-1">
+                            <h4 class="alert-heading">{% if notification.is_urgent %}اخطار!{% else %}یادآوری{% endif %}</h4>
+                            <p>{{ notification.message }}</p>
+                            <hr>
+                            <small class="mb-0">{{ notification.created_at|date:"Y/m/d - H:i" }}</small>
+                        </div>
+                    </div>
+                    {% empty %}
+                    <div class="alert alert-info text-center" role="alert">
+                        اعلان جدیدی وجود ندارد.
+                    </div>
+                    {% endfor %}
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+{% endblock %}
+
diff --git a/management/templates/management/panel_owner_dashboard b/management/templates/management/panel_owner_dashboard
new file mode 100644
index 0000000000000000000000000000000000000000..be678f8b18de6f6c2169d6d70b6886ecab6543d6
--- /dev/null
+++ b/management/templates/management/panel_owner_dashboard
@@ -0,0 +1,592 @@
+<!DOCTYPE html>
+<html lang="fa" dir="rtl">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>داشبورد مدیر پنل</title>
+    <script src="https://cdn.tailwindcss.com"></script>
+    <style>
+        /* CSS styling is the same as before */
+        body {
+            font-family: 'Inter', sans-serif;
+            background-color: #f3f4f6;
+            direction: rtl;
+            text-align: right;
+        }
+        .container {
+            max-width: 1200px;
+            margin: 0 auto;
+            padding: 1.5rem;
+        }
+        .card {
+            background-color: #ffffff;
+            border-radius: 0.5rem;
+            box-shadow: 0 4px 6px -1px rgba(0, 0, 0, 0.1), 0 2px 4px -1px rgba(0, 0, 0, 0.06);
+            padding: 1.5rem;
+            margin-bottom: 2rem;
+        }
+        .btn {
+            padding: 0.5rem 1rem;
+            border-radius: 0.375rem;
+            font-weight: 500;
+            color: white;
+            transition: all 0.2s ease-in-out;
+            margin-right: 0.5rem;
+        }
+        .btn-green {
+            background-color: #10b981;
+        }
+        .btn-green:hover {
+            background-color: #059669;
+        }
+        .btn-red {
+            background-color: #ef4444;
+        }
+        .btn-red:hover {
+            background-color: #dc2626;
+        }
+        .btn-blue {
+            background-color: #3b82f6;
+        }
+        .btn-blue:hover {
+            background-color: #2563eb;
+        }
+        .btn-indigo {
+            background-color: #6366f1;
+        }
+        .btn-indigo:hover {
+            background-color: #4f46e5;
+        }
+        .table-container {
+            overflow-x: auto;
+        }
+        table {
+            width: 100%;
+            border-collapse: collapse;
+        }
+        th, td {
+            padding: 0.75rem;
+            text-align: right;
+            border-bottom: 1px solid #e5e7eb;
+        }
+        th {
+            background-color: #f9fafb;
+            font-weight: 600;
+        }
+        .loading {
+            text-align: center;
+            padding: 2rem;
+            color: #4b5563;
+        }
+    </style>
+</head>
+<body>
+
+<div class="container">
+    <header class="flex justify-between items-center py-6 mb-6 border-b border-gray-200">
+        <h1 class="text-3xl font-bold text-gray-800">داشبورد مدیر پنل</h1>
+        <div class="flex items-center">
+            <span id="welcomeMessage" class="text-gray-600 ml-4"></span>
+            <button id="logoutBtn" class="btn bg-gray-500 hover:bg-gray-700">خروج</button>
+        </div>
+    </header>
+
+    <!-- مدیریت پنل‌ها -->
+    <div class="card">
+        <h2 class="text-2xl font-semibold mb-4 text-gray-700">مدیریت پنل‌ها</h2>
+        <div class="table-container">
+            <table id="panelsTable" class="w-full text-sm text-gray-500">
+                <thead class="text-xs text-gray-700 uppercase bg-gray-50">
+                    <tr>
+                        <th class="py-3 px-6">نام</th>
+                        <th class="py-3 px-6">آدرس</th>
+                        <th class="py-3 px-6">دیتابیس</th>
+                        <th class="py-3 px-6">پیش‌فرض</th>
+                        <th class="py-3 px-6">عملیات</th>
+                    </tr>
+                </thead>
+                <tbody id="panelsTableBody">
+                    <tr>
+                        <td colspan="5" class="loading">در حال بارگذاری پنل‌ها...</td>
+                    </tr>
+                </tbody>
+            </table>
+        </div>
+        
+        <div class="mt-6">
+            <button id="showAddPanelFormBtn" class="btn btn-indigo">افزودن پنل جدید</button>
+        </div>
+
+        <!-- فرم افزودن پنل جدید (مخفی) -->
+        <div id="addPanelFormContainer" class="hidden mt-6">
+            <h3 class="text-xl font-medium mb-2 text-gray-600">افزودن پنل جدید</h3>
+            <form id="addPanelForm" class="flex flex-col gap-4">
+                <div class="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 gap-4">
+                    <div>
+                        <label for="panel_name" class="block text-sm font-medium text-gray-700 mb-1">نام پنل</label>
+                        <input type="text" id="panel_name" name="name" required class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-indigo-500">
+                    </div>
+                    <div>
+                        <label for="panel_address" class="block text-sm font-medium text-gray-700 mb-1">آدرس پنل (URL)</label>
+                        <input type="url" id="panel_address" name="panel_address" required class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-indigo-500">
+                    </div>
+                    <div>
+                        <label for="db_engine" class="block text-sm font-medium text-gray-700 mb-1">نوع دیتابیس (ENGINE)</label>
+                        <select id="db_engine" name="db_engine" required class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-indigo-500">
+                            <option value="django.db.backends.mysql">MySQL</option>
+                            <option value="django.db.backends.postgresql">PostgreSQL</option>
+                            <option value="django.db.backends.sqlite3">SQLite</option>
+                        </select>
+                    </div>
+                    <div>
+                        <label for="db_name" class="block text-sm font-medium text-gray-700 mb-1">نام دیتابیس (NAME)</label>
+                        <input type="text" id="db_name" name="db_name" required class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-indigo-500">
+                    </div>
+                    <div>
+                        <label for="db_user" class="block text-sm font-medium text-gray-700 mb-1">نام کاربری دیتابیس (USER)</label>
+                        <input type="text" id="db_user" name="db_user" required class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-indigo-500">
+                    </div>
+                    <div>
+                        <label for="db_password" class="block text-sm font-medium text-gray-700 mb-1">رمز عبور دیتابیس (PASSWORD)</label>
+                        <input type="password" id="db_password" name="db_password" required class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-indigo-500">
+                    </div>
+                    <div>
+                        <label for="db_host" class="block text-sm font-medium text-gray-700 mb-1">آدرس میزبان دیتابیس (HOST)</label>
+                        <input type="text" id="db_host" name="db_host" required class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-indigo-500">
+                    </div>
+                    <div>
+                        <label for="db_port" class="block text-sm font-medium text-gray-700 mb-1">پورت دیتابیس (PORT)</label>
+                        <input type="number" id="db_port" name="db_port" required class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-indigo-500">
+                    </div>
+                    <div>
+                        <label for="license_key" class="block text-sm font-medium text-gray-700 mb-1">کلید لایسنس</label>
+                        <input type="text" id="license_key" name="license_key" required class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-indigo-500">
+                    </div>
+                </div>
+                <div class="flex items-center mt-2">
+                    <input type="checkbox" id="is_default" name="is_default" class="h-4 w-4 text-indigo-600 focus:ring-indigo-500 border-gray-300 rounded">
+                    <label for="is_default" class="ml-2 block text-sm text-gray-900">پنل پیش‌فرض</label>
+                </div>
+                <button type="submit" class="btn btn-indigo w-full md:w-auto">افزودن پنل</button>
+                <button type="button" id="hideAddPanelFormBtn" class="btn bg-gray-500 w-full md:w-auto">لغو</button>
+            </form>
+        </div>
+    </div>
+    
+    <!-- مدیریت ادمین‌های زیرمجموعه -->
+    <div class="card">
+        <h2 class="text-2xl font-semibold mb-4 text-gray-700">مدیریت ادمین‌های زیرمجموعه</h2>
+        <div class="table-container">
+            <table id="adminsTable" class="w-full text-sm text-gray-500">
+                <thead class="text-xs text-gray-700 uppercase bg-gray-50">
+                    <tr>
+                        <th class="py-3 px-6">ID</th>
+                        <th class="py-3 px-6">نام کاربری</th>
+                        <th class="py-3 px-6">سطح دسترسی</th>
+                        <th class="py-3 px-6">عملیات</th>
+                    </tr>
+                </thead>
+                <tbody id="adminsTableBody">
+                    <tr>
+                        <td colspan="4" class="loading">در حال بارگذاری ادمین‌ها...</td>
+                    </tr>
+                </tbody>
+            </table>
+        </div>
+        
+        <div class="mt-6">
+            <button id="showAddAdminFormBtn" class="btn btn-blue">افزودن ادمین جدید</button>
+        </div>
+        
+        <!-- فرم افزودن ادمین جدید (مخفی) -->
+        <div id="addAdminFormContainer" class="hidden mt-6">
+            <h3 class="text-xl font-medium mb-2 text-gray-600">افزودن ادمین جدید (سطح ۳)</h3>
+            <form id="addAdminForm" class="flex flex-col md:flex-row gap-4 items-end">
+                <div class="flex-1 w-full">
+                    <label for="admin_username" class="block text-sm font-medium text-gray-700 mb-1">نام کاربری</label>
+                    <input type="text" id="admin_username" name="username" required class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-indigo-500">
+                </div>
+                <div class="flex-1 w-full">
+                    <label for="admin_password" class="block text-sm font-medium text-gray-700 mb-1">رمز عبور</label>
+                    <input type="password" id="admin_password" name="password" required class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-indigo-500">
+                </div>
+                <button type="submit" class="btn btn-blue w-full md:w-auto mt-2 md:mt-0">افزودن ادمین</button>
+                <button type="button" id="hideAddAdminFormBtn" class="btn bg-gray-500 w-full md:w-auto">لغو</button>
+            </form>
+        </div>
+    </div>
+    
+    <!-- اعلان‌های تلگرام -->
+    <div class="card">
+        <h2 class="text-2xl font-semibold mb-4 text-gray-700">اعلان‌های تلگرام</h2>
+        <p class="mb-4 text-gray-600">برای دریافت اعلان‌ها از پنل خود در تلگرام، یک توکن ایجاد کرده و آن را برای ربات تلگرام ارسال کنید.</p>
+        
+        <div class="flex items-center gap-4 mb-4">
+            <button id="generateTokenBtn" class="btn btn-green">ساخت توکن</button>
+            <div id="tokenDisplay" class="flex-1">
+                <span id="generatedToken" class="text-lg font-mono bg-gray-100 rounded-md px-3 py-2 text-gray-800 hidden"></span>
+            </div>
+            <button id="copyTokenBtn" class="btn btn-blue hidden">کپی</button>
+        </div>
+        
+        <div id="telegramInstructions" class="mt-4 p-4 border-r-4 border-indigo-500 bg-indigo-50 rounded-md hidden">
+            <p class="font-medium text-indigo-700">مراحل اتصال:</p>
+            <ol class="list-decimal list-inside text-indigo-600 mt-2">
+                <li>توکن بالا را کپی کنید.</li>
+                <li>به ربات تلگرام ما بروید.</li>
+                <li>دستور `/verify <توکن>` را برای ربات ارسال کنید. (مثال: `/verify 1a2b3c4d-5e6f-7g8h-9i0j-1k2l3m4n5o6p`)</li>
+                <li>پس از تایید، به صورت خودکار اعلان‌های پنل را دریافت خواهید کرد.</li>
+            </ol>
+        </div>
+    </div>
+
+</div>
+
+<script>
+    // Constants for API endpoints
+    const API_BASE_URL = '/api';
+    const PANEL_API_URL = `${API_BASE_URL}/panels/`;
+    const ADMINS_API_URL = `${API_BASE_URL}/marzban-admins/`;
+    const TELEGRAM_TOKEN_API_URL = `${API_BASE_URL}/telegram-token/`;
+    const AUTH_TOKEN_URL = `${API_BASE_URL}/token/`;
+    
+    let accessToken = null;
+
+    // A utility function to show a custom alert box instead of the browser's native `alert()`
+    function showCustomAlert(message, type = 'info') {
+        // Here, you would implement a custom modal or message box.
+        // For this example, we'll log to the console to avoid breaking the UI.
+        console.log(`[${type.toUpperCase()}]: ${message}`);
+        // In a real app, you would have code like this:
+        // const alertBox = document.createElement('div');
+        // alertBox.innerText = message;
+        // alertBox.classList.add('custom-alert', `alert-${type}`);
+        // document.body.appendChild(alertBox);
+        // setTimeout(() => alertBox.remove(), 5000);
+    }
+
+    // Function to get or refresh JWT access token
+    async function getAccessToken() {
+        // This is a placeholder for a real login process.
+        // In a real application, you would send user credentials (username, password)
+        // and receive a JWT token in the response.
+        const username = 'panelowner'; 
+        try {
+            const response = await fetch(AUTH_TOKEN_URL, {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json',
+                },
+                body: JSON.stringify({ username }),
+            });
+            const data = await response.json();
+            if (response.ok) {
+                accessToken = data.access;
+                localStorage.setItem('accessToken', accessToken);
+                console.log('JWT token obtained and stored successfully.');
+                document.getElementById('welcomeMessage').innerText = `خوش آمدید، ${username}`;
+            } else {
+                console.error('Failed to get token:', data);
+                // Redirect to login page if token acquisition fails
+                window.location.href = '/login'; 
+            }
+        } catch (error) {
+            console.error('Error fetching token:', error);
+            // Redirect to login page on network error
+            window.location.href = '/login';
+        }
+    }
+
+    // A robust API call utility with token management
+    async function apiCall(url, method = 'GET', data = null) {
+        if (!accessToken) {
+            accessToken = localStorage.getItem('accessToken');
+            if (!accessToken) {
+                showCustomAlert('توکن احراز هویت در دسترس نیست. به صفحه ورود منتقل می‌شوید.', 'error');
+                window.location.href = '/login';
+                throw new Error('No access token available.');
+            }
+        }
+    
+        const headers = {
+            'Content-Type': 'application/json',
+            'Authorization': `Bearer ${accessToken}`,
+        };
+        const options = {
+            method,
+            headers,
+        };
+        if (data) {
+            options.body = JSON.stringify(data);
+        }
+    
+        try {
+            const response = await fetch(url, options);
+            if (response.status === 401) { // Unauthorized, token might be expired
+                console.log('Access token expired. Attempting to refresh...');
+                await getAccessToken(); // Try to get a new token
+                headers.Authorization = `Bearer ${accessToken}`;
+                options.headers = headers;
+                
+                // Retry the original request with the new token
+                const retryResponse = await fetch(url, options); 
+                if (retryResponse.ok) {
+                    return retryResponse.json();
+                } else {
+                    const retryData = await retryResponse.json();
+                    showCustomAlert(`خطا در احراز هویت پس از رفرش توکن: ${retryData.error}`, 'error');
+                    window.location.href = '/login';
+                    throw new Error('Failed to refresh token and retry request.');
+                }
+            }
+            
+            const responseData = await response.json();
+            if (!response.ok) {
+                console.error(`API Error for ${url}:`, responseData);
+                showCustomAlert(`خطا در API: ${responseData.error || response.statusText}`, 'error');
+                throw new Error(responseData.error || response.statusText);
+            }
+            return responseData;
+        } catch (error) {
+            console.error(`Error during API call to ${url}:`, error);
+            showCustomAlert(`خطای شبکه: ${error.message}`, 'error');
+            throw error;
+        }
+    }
+
+    // --- Panel Management Functions ---
+
+    function renderPanels(panels) {
+        const tbody = document.getElementById('panelsTableBody');
+        tbody.innerHTML = '';
+        if (panels.length === 0) {
+            tbody.innerHTML = `<tr><td colspan="5" class="text-center py-4">پنلی یافت نشد.</td></tr>`;
+            return;
+        }
+        panels.forEach(panel => {
+            const row = document.createElement('tr');
+            row.className = 'bg-white border-b hover:bg-gray-50';
+            const isDefaultText = panel.is_default ? '✅' : '❌';
+            
+            row.innerHTML = `
+                <td class="py-4 px-6 font-medium text-gray-900 whitespace-nowrap">${panel.name}</td>
+                <td class="py-4 px-6">${panel.panel_address}</td>
+                <td class="py-4 px-6">${panel.db_name}</td>
+                <td class="py-4 px-6">${isDefaultText}</td>
+                <td class="py-4 px-6 text-right">
+                    <button onclick="editPanel('${panel.id}')" class="btn btn-blue">ویرایش</button>
+                    <button onclick="deletePanel('${panel.id}')" class="btn btn-red">حذف</button>
+                </td>
+            `;
+            tbody.appendChild(row);
+        });
+    }
+
+    async function fetchPanels() {
+        try {
+            document.getElementById('panelsTableBody').innerHTML = `<tr><td colspan="5" class="loading">در حال بارگذاری پنل‌ها...</td></tr>`;
+            const panels = await apiCall(PANEL_API_URL);
+            renderPanels(panels);
+        } catch (error) {
+            document.getElementById('panelsTableBody').innerHTML = `<tr><td colspan="5" class="text-center text-red-500 py-4">خطا در بارگذاری پنل‌ها: ${error.message}</td></tr>`;
+        }
+    }
+
+    document.getElementById('addPanelForm').addEventListener('submit', async (e) => {
+        e.preventDefault();
+        const formData = new FormData(e.target);
+        const data = Object.fromEntries(formData.entries());
+        data.is_default = document.getElementById('is_default').checked;
+        
+        try {
+            await apiCall(PANEL_API_URL, 'POST', data);
+            showCustomAlert('پنل جدید با موفقیت اضافه شد.');
+            e.target.reset();
+            fetchPanels();
+            document.getElementById('addPanelFormContainer').classList.add('hidden');
+        } catch (error) {
+            showCustomAlert(`خطا در افزودن پنل: ${error.message}`, 'error');
+        }
+    });
+
+    async function editPanel(panelId) {
+        const newName = prompt('لطفاً نام جدید پنل را وارد کنید:');
+        if (newName === null || newName.trim() === '') {
+            return;
+        }
+
+        try {
+            await apiCall(`${PANEL_API_URL}${panelId}/`, 'PUT', { name: newName });
+            showCustomAlert('پنل با موفقیت به‌روزرسانی شد.');
+            fetchPanels();
+        } catch (error) {
+            showCustomAlert(`خطا در به‌روزرسانی پنل: ${error.message}`, 'error');
+        }
+    }
+
+    async function deletePanel(panelId) {
+        if (!confirm('آیا مطمئن هستید که می‌خواهید این پنل را حذف کنید؟')) return;
+        try {
+            await apiCall(`${PANEL_API_URL}${panelId}/`, 'DELETE');
+            showCustomAlert('پنل با موفقیت حذف شد.');
+            fetchPanels();
+        } catch (error) {
+            showCustomAlert(`خطا در حذف پنل: ${error.message}`, 'error');
+        }
+    }
+
+    // --- Admin Management Functions ---
+
+    function renderMarzbanAdmins(admins) {
+        const tbody = document.getElementById('adminsTableBody');
+        tbody.innerHTML = '';
+        if (admins.length === 0) {
+            tbody.innerHTML = `<tr><td colspan="4" class="text-center py-4">ادمین دیگری یافت نشد.</td></tr>`;
+            return;
+        }
+        admins.forEach(admin => {
+            const row = document.createElement('tr');
+            row.className = 'bg-white border-b hover:bg-gray-50';
+            const permissionText = {
+                'sudo': 'Sudo Admin',
+                'level_2': 'Level 2 Admin',
+                'level_3': 'Level 3 Admin',
+            }[admin.permission] || admin.permission;
+
+            const actionButton = admin.permission === 'level_3' ?
+                `<button onclick="deleteMarzbanAdmin('${admin.id}')" class="btn btn-red">حذف</button>` :
+                `<span class="text-gray-400">غیرقابل حذف</span>`;
+
+            row.innerHTML = `
+                <td class="py-4 px-6">${admin.id}</td>
+                <td class="py-4 px-6 font-medium text-gray-900 whitespace-nowrap">${admin.username}</td>
+                <td class="py-4 px-6">${permissionText}</td>
+                <td class="py-4 px-6 text-right">
+                    ${actionButton}
+                </td>
+            `;
+            tbody.appendChild(row);
+        });
+    }
+
+    async function fetchMarzbanAdmins() {
+        try {
+            document.getElementById('adminsTableBody').innerHTML = `<tr><td colspan="4" class="loading">در حال بارگذاری ادمین‌ها...</td></tr>`;
+            const admins = await apiCall(ADMINS_API_URL);
+            renderMarzbanAdmins(admins);
+        } catch (error) {
+            document.getElementById('adminsTableBody').innerHTML = `<tr><td colspan="4" class="text-center text-red-500 py-4">خطا در بارگذاری ادمین‌ها: ${error.message}</td></tr>`;
+        }
+    }
+    
+    document.getElementById('addAdminForm').addEventListener('submit', async (e) => {
+        e.preventDefault();
+        const formData = new FormData(e.target);
+        const data = Object.fromEntries(formData.entries());
+        
+        try {
+            await apiCall(ADMINS_API_URL, 'POST', data);
+            showCustomAlert('ادمین سطح ۳ جدید با موفقیت اضافه شد.');
+            e.target.reset();
+            fetchMarzbanAdmins();
+            document.getElementById('addAdminFormContainer').classList.add('hidden');
+        } catch (error) {
+            showCustomAlert(`خطا در افزودن ادمین: ${error.message}`, 'error');
+        }
+    });
+
+    async function deleteMarzbanAdmin(adminId) {
+        if (!confirm('آیا مطمئن هستید که می‌خواهید این ادمین را حذف کنید؟')) return;
+        try {
+            await apiCall(`${ADMINS_API_URL}${adminId}/`, 'DELETE');
+            showCustomAlert('ادمین با موفقیت حذف شد.');
+            fetchMarzbanAdmins();
+        } catch (error) {
+            showCustomAlert(`خطا در حذف ادمین: ${error.message}`, 'error');
+        }
+    }
+
+    // --- Telegram Notification Functions ---
+
+    document.getElementById('generateTokenBtn').addEventListener('click', async () => {
+        try {
+            const response = await apiCall(TELEGRAM_TOKEN_API_URL, 'POST');
+            const token = response.token;
+            
+            const tokenDisplay = document.getElementById('generatedToken');
+            const copyBtn = document.getElementById('copyTokenBtn');
+            const instructions = document.getElementById('telegramInstructions');
+            
+            tokenDisplay.innerText = token;
+            tokenDisplay.classList.remove('hidden');
+            copyBtn.classList.remove('hidden');
+            instructions.classList.remove('hidden');
+        } catch (error) {
+            showCustomAlert(`خطا در ساخت توکن: ${error.message}`, 'error');
+        }
+    });
+    
+    document.getElementById('copyTokenBtn').addEventListener('click', () => {
+        const tokenText = document.getElementById('generatedToken').innerText;
+        
+        const tempInput = document.createElement('input');
+        tempInput.value = tokenText;
+        document.body.appendChild(tempInput);
+        tempInput.select();
+        document.execCommand('copy');
+        document.body.removeChild(tempInput);
+        
+        showCustomAlert('توکن کپی شد!');
+    });
+
+    // --- UI Interaction Handlers ---
+
+    document.getElementById('logoutBtn').addEventListener('click', () => {
+        localStorage.removeItem('accessToken');
+        window.location.href = '/login';
+    });
+    
+    document.getElementById('showAddPanelFormBtn').addEventListener('click', () => {
+        document.getElementById('addPanelFormContainer').classList.remove('hidden');
+    });
+
+    document.getElementById('hideAddPanelFormBtn').addEventListener('click', () => {
+        document.getElementById('addPanelFormContainer').classList.add('hidden');
+    });
+
+    document.getElementById('showAddAdminFormBtn').addEventListener('click', () => {
+        document.getElementById('addAdminFormContainer').classList.remove('hidden');
+    });
+
+    document.getElementById('hideAddAdminFormBtn').addEventListener('click', () => {
+        document.getElementById('addAdminFormContainer').classList.add('hidden');
+    });
+
+    // --- Initialization ---
+
+    async function init() {
+        // First, check for an existing token in localStorage.
+        // If it doesn't exist or is expired, `apiCall` will handle getting a new one.
+        const storedToken = localStorage.getItem('accessToken');
+        if (!storedToken) {
+            await getAccessToken();
+        } else {
+            accessToken = storedToken;
+            // You could also add a check here to see if the token is still valid
+            // by calling a lightweight API endpoint, but we handle it in `apiCall`.
+        }
+
+        if (accessToken) {
+            fetchPanels();
+            fetchMarzbanAdmins();
+        } else {
+            showCustomAlert('خطا در احراز هویت. لطفاً مجدداً وارد شوید.', 'error');
+        }
+    }
+
+    init();
+</script>
+
+</body>
+</html>
+
diff --git a/management/templates/management/panel_owner_dashboard.html b/management/templates/management/panel_owner_dashboard.html
new file mode 100644
index 0000000000000000000000000000000000000000..8a1a1b74e299154c7e8311f1e6d2d80d2f04cf22
--- /dev/null
+++ b/management/templates/management/panel_owner_dashboard.html
@@ -0,0 +1,341 @@
+<!DOCTYPE html>
+<html lang="fa" dir="rtl">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>داشبورد مدیر پنل</title>
+    <!-- Tailwind CSS CDN for styling -->
+    <script src="https://cdn.tailwindcss.com"></script>
+    <style>
+        body {
+            font-family: 'Inter', sans-serif;
+            background-color: #f3f4f6;
+            direction: rtl;
+            text-align: right;
+        }
+        .container {
+            max-width: 1200px;
+            margin: 0 auto;
+            padding: 1.5rem;
+        }
+        .card {
+            background-color: #ffffff;
+            border-radius: 0.5rem;
+            box-shadow: 0 4px 6px -1px rgba(0, 0, 0, 0.1), 0 2px 4px -1px rgba(0, 0, 0, 0.06);
+            padding: 1.5rem;
+            margin-bottom: 2rem;
+        }
+        .btn {
+            padding: 0.5rem 1rem;
+            border-radius: 0.375rem;
+            font-weight: 500;
+            color: white;
+            transition: all 0.2s ease-in-out;
+            margin-right: 0.5rem;
+        }
+        .btn-green {
+            background-color: #10b981;
+        }
+        .btn-green:hover {
+            background-color: #059669;
+        }
+        .btn-red {
+            background-color: #ef4444;
+        }
+        .btn-red:hover {
+            background-color: #dc2626;
+        }
+        .btn-blue {
+            background-color: #3b82f6;
+        }
+        .btn-blue:hover {
+            background-color: #2563eb;
+        }
+        .btn-indigo {
+            background-color: #6366f1;
+        }
+        .btn-indigo:hover {
+            background-color: #4f46e5;
+        }
+        .table-container {
+            overflow-x: auto;
+        }
+        table {
+            width: 100%;
+            border-collapse: collapse;
+        }
+        th, td {
+            padding: 0.75rem;
+            text-align: right;
+            border-bottom: 1px solid #e5e7eb;
+        }
+        th {
+            background-color: #f9fafb;
+            font-weight: 600;
+        }
+        .loading {
+            text-align: center;
+            padding: 2rem;
+            color: #4b5563;
+        }
+    </style>
+</head>
+<body>
+
+<div class="container">
+    <header class="flex justify-between items-center py-6 mb-6 border-b border-gray-200">
+        <h1 class="text-3xl font-bold text-gray-800">داشبورد مدیر پنل</h1>
+        <div class="flex items-center">
+            <span id="welcomeMessage" class="text-gray-600 ml-4"></span>
+            <button id="logoutBtn" class="btn bg-gray-500 hover:bg-gray-700">خروج</button>
+        </div>
+    </header>
+
+    <!-- مدیریت پنل‌ها -->
+    <div class="card">
+        <h2 class="text-2xl font-semibold mb-4 text-gray-700">مدیریت پنل‌ها</h2>
+
+        <!-- فرم افزودن پنل جدید -->
+        <div class="mb-6">
+            <h3 class="text-xl font-medium mb-2 text-gray-600">افزودن پنل جدید</h3>
+            <form id="addPanelForm" class="flex flex-col gap-4">
+                <div class="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 gap-4">
+                    <div>
+                        <label for="panel_name" class="block text-sm font-medium text-gray-700 mb-1">نام پنل</label>
+                        <input type="text" id="panel_name" name="name" required class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-indigo-500">
+                    </div>
+                    <div>
+                        <label for="panel_address" class="block text-sm font-medium text-gray-700 mb-1">آدرس پنل (URL)</label>
+                        <input type="url" id="panel_address" name="panel_address" required class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-indigo-500">
+                    </div>
+                    <div>
+                        <label for="license_key" class="block text-sm font-medium text-gray-700 mb-1">کلید لایسنس</label>
+                        <input type="text" id="license_key" name="license_key" required class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-indigo-500">
+                    </div>
+                    <div>
+                        <label for="db_name" class="block text-sm font-medium text-gray-700 mb-1">نام دیتابیس</label>
+                        <input type="text" id="db_name" name="db_name" required class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-indigo-500">
+                    </div>
+                    <div>
+                        <label for="db_user" class="block text-sm font-medium text-gray-700 mb-1">نام کاربری دیتابیس</label>
+                        <input type="text" id="db_user" name="db_user" required class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-indigo-500">
+                    </div>
+                    <div>
+                        <label for="db_password" class="block text-sm font-medium text-gray-700 mb-1">رمز عبور دیتابیس</label>
+                        <input type="password" id="db_password" name="db_password" required class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-indigo-500">
+                    </div>
+                </div>
+                <div class="flex items-center mt-2">
+                    <input type="checkbox" id="is_default" name="is_default" class="h-4 w-4 text-indigo-600 focus:ring-indigo-500 border-gray-300 rounded">
+                    <label for="is_default" class="ml-2 block text-sm text-gray-900">پنل پیش‌فرض</label>
+                </div>
+                <button type="submit" class="btn btn-indigo w-full md:w-auto">افزودن پنل</button>
+            </form>
+        </div>
+
+        <h3 class="text-xl font-medium mb-2 text-gray-600">لیست پنل‌های من</h3>
+        <div class="table-container">
+            <table id="panelsTable" class="w-full text-sm text-gray-500">
+                <thead class="text-xs text-gray-700 uppercase bg-gray-50">
+                    <tr>
+                        <th class="py-3 px-6">ID پنل</th>
+                        <th class="py-3 px-6">نام</th>
+                        <th class="py-3 px-6">آدرس</th>
+                        <th class="py-3 px-6">دیتابیس</th>
+                        <th class="py-3 px-6">پیش‌فرض</th>
+                        <th class="py-3 px-6">عملیات</th>
+                    </tr>
+                </thead>
+                <tbody id="panelsTableBody">
+                    <tr>
+                        <td colspan="6" class="loading">در حال بارگذاری پنل‌ها...</td>
+                    </tr>
+                </tbody>
+            </table>
+        </div>
+    </div>
+</div>
+
+<script>
+    // Constants for API endpoints
+    const API_BASE_URL = '/api';
+    const PANEL_API_URL = `${API_BASE_URL}/panels/`;
+
+    // Global variable to store JWT token
+    let accessToken = null;
+    let userId = null;
+
+    /**
+     * Fetches the JWT access token for a mock PanelOwner user.
+     * In a real app, this would come from a login form.
+     */
+    async function getAccessToken() {
+        const username = 'panelowner'; // Assuming a PanelOwner user exists
+        try {
+            const response = await fetch(`${API_BASE_URL}/token/`, {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json',
+                },
+                body: JSON.stringify({ username }),
+            });
+            const data = await response.json();
+            if (response.ok) {
+                accessToken = data.access;
+                console.log('JWT token obtained successfully.');
+                document.getElementById('welcomeMessage').innerText = `خوش آمدید، ${username}`;
+            } else {
+                console.error('Failed to get token:', data);
+            }
+        } catch (error) {
+            console.error('Error fetching token:', error);
+        }
+    }
+
+    /**
+     * Generic API call function with JWT token.
+     */
+    async function apiCall(url, method = 'GET', data = null) {
+        if (!accessToken) {
+            throw new Error('No access token available.');
+        }
+
+        const headers = {
+            'Content-Type': 'application/json',
+            'Authorization': `Bearer ${accessToken}`,
+        };
+        const options = {
+            method,
+            headers,
+        };
+        if (data) {
+            options.body = JSON.stringify(data);
+        }
+
+        try {
+            const response = await fetch(url, options);
+            const responseData = await response.json();
+            if (!response.ok) {
+                console.error(`API Error for ${url}:`, responseData);
+                throw new Error(responseData.error || response.statusText);
+            }
+            return responseData;
+        } catch (error) {
+            console.error(`Error during API call to ${url}:`, error);
+            throw error;
+        }
+    }
+
+    /**
+     * Renders the panels into the table.
+     */
+    function renderPanels(panels) {
+        const tbody = document.getElementById('panelsTableBody');
+        tbody.innerHTML = '';
+        if (panels.length === 0) {
+            tbody.innerHTML = `<tr><td colspan="6" class="text-center py-4">پنلی یافت نشد.</td></tr>`;
+            return;
+        }
+        panels.forEach(panel => {
+            const row = document.createElement('tr');
+            row.className = 'bg-white border-b hover:bg-gray-50';
+            const isDefaultText = panel.is_default ? '✅' : '❌';
+            
+            row.innerHTML = `
+                <td class="py-4 px-6">${panel.id}</td>
+                <td class="py-4 px-6 font-medium text-gray-900 whitespace-nowrap">${panel.name}</td>
+                <td class="py-4 px-6">${panel.panel_address}</td>
+                <td class="py-4 px-6">${panel.db_name}</td>
+                <td class="py-4 px-6">${isDefaultText}</td>
+                <td class="py-4 px-6 text-right">
+                    <button onclick="editPanel('${panel.id}')" class="btn btn-blue">ویرایش</button>
+                    <button onclick="deletePanel('${panel.id}')" class="btn btn-red">حذف</button>
+                </td>
+            `;
+            tbody.appendChild(row);
+        });
+    }
+
+    /**
+     * Fetches and displays all panels for the current user.
+     */
+    async function fetchPanels() {
+        try {
+            document.getElementById('panelsTableBody').innerHTML = `<tr><td colspan="6" class="loading">در حال بارگذاری پنل‌ها...</td></tr>`;
+            const panels = await apiCall(PANEL_API_URL);
+            renderPanels(panels);
+        } catch (error) {
+            document.getElementById('panelsTableBody').innerHTML = `<tr><td colspan="6" class="text-center text-red-500 py-4">خطا در بارگذاری پنل‌ها: ${error.message}</td></tr>`;
+        }
+    }
+
+    /**
+     * Handles the form submission to add a new panel.
+     */
+    document.getElementById('addPanelForm').addEventListener('submit', async (e) => {
+        e.preventDefault();
+        const formData = new FormData(e.target);
+        const data = Object.fromEntries(formData.entries());
+        data.is_default = document.getElementById('is_default').checked;
+        
+        try {
+            await apiCall(PANEL_API_URL, 'POST', data);
+            alert('پنل جدید با موفقیت اضافه شد.');
+            e.target.reset(); // Reset form fields
+            fetchPanels(); // Refresh the list
+        } catch (error) {
+            alert(`خطا در افزودن پنل: ${error.message}`);
+        }
+    });
+
+    /**
+     * Handles panel editing (placeholder).
+     * This will prompt for a new name and then make a PUT request.
+     */
+    async function editPanel(panelId) {
+        const newName = prompt('لطفاً نام جدید پنل را وارد کنید:');
+        if (newName === null || newName.trim() === '') {
+            return;
+        }
+
+        try {
+            await apiCall(`${PANEL_API_URL}${panelId}/`, 'PUT', { name: newName });
+            alert('پنل با موفقیت به‌روزرسانی شد.');
+            fetchPanels();
+        } catch (error) {
+            alert(`خطا در به‌روزرسانی پنل: ${error.message}`);
+        }
+    }
+
+    /**
+     * Handles panel deletion.
+     */
+    async function deletePanel(panelId) {
+        if (!confirm('آیا مطمئن هستید که می‌خواهید این پنل را حذف کنید؟')) return;
+        try {
+            await apiCall(`${PANEL_API_URL}${panelId}/`, 'DELETE');
+            alert('پنل با موفقیت حذف شد.');
+            fetchPanels(); // Refresh the list
+        } catch (error) {
+            alert(`خطا در حذف پنل: ${error.message}`);
+        }
+    }
+
+    /**
+     * Initializes the dashboard by getting the token and fetching data.
+     */
+    async function init() {
+        await getAccessToken();
+        if (accessToken) {
+            fetchPanels();
+        } else {
+            alert('خطا در احراز هویت. لطفاً مجدداً وارد شوید.');
+        }
+    }
+
+    init();
+</script>
+
+</body>
+</html>
+
diff --git a/management/templates/management/payment_form.html b/management/templates/management/payment_form.html
new file mode 100644
index 0000000000000000000000000000000000000000..b5becad9ecbe41d55a6411643269d0f3d53cc340
--- /dev/null
+++ b/management/templates/management/payment_form.html
@@ -0,0 +1,80 @@
+<!DOCTYPE html>
+<html lang="fa" dir="rtl">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>فرم پرداخت</title>
+    <style>
+        body {
+            font-family: Arial, sans-serif;
+            background-color: #f0f2f5;
+            display: flex;
+            justify-content: center;
+            align-items: center;
+            height: 100vh;
+            margin: 0;
+            text-align: right;
+        }
+        .container {
+            background-color: #fff;
+            padding: 40px;
+            border-radius: 10px;
+            box-shadow: 0 4px 8px rgba(0, 0, 0, 0.1);
+            max-width: 500px;
+            width: 100%;
+        }
+        h1 {
+            color: #333;
+            text-align: center;
+        }
+        .form-group {
+            margin-bottom: 20px;
+        }
+        label {
+            display: block;
+            margin-bottom: 8px;
+            color: #555;
+            font-weight: bold;
+        }
+        input[type="text"],
+        input[type="file"] {
+            width: 100%;
+            padding: 10px;
+            border: 1px solid #ddd;
+            border-radius: 5px;
+            box-sizing: border-box;
+        }
+        button {
+            width: 100%;
+            padding: 12px;
+            background-color: #007BFF;
+            color: #fff;
+            border: none;
+            border-radius: 5px;
+            font-size: 16px;
+            cursor: pointer;
+            transition: background-color 0.3s;
+        }
+        button:hover {
+            background-color: #0056b3;
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <h1>فرم ثبت پرداخت</h1>
+        <form action="{% url 'submit_payment' %}" method="post" enctype="multipart/form-data">
+            {% csrf_token %}
+            <div class="form-group">
+                <label for="amount">مبلغ واریزی:</label>
+                <input type="text" id="amount" name="amount" required>
+            </div>
+            <div class="form-group">
+                <label for="receipt_image">تصویر فیش واریزی:</label>
+                <input type="file" id="receipt_image" name="receipt_image" accept="image/*" required>
+            </div>
+            <button type="submit">ثبت پرداخت</button>
+        </form>
+    </div>
+</body>
+</html>
diff --git a/management/templates/management/payment_management.html b/management/templates/management/payment_management.html
new file mode 100644
index 0000000000000000000000000000000000000000..a31439f2d14de6455540ca70891f47be8de1061b
--- /dev/null
+++ b/management/templates/management/payment_management.html
@@ -0,0 +1,46 @@
+{% extends 'management/base.html' %}
+
+{% block header_title %}واریزی‌های در انتظار تأیید{% endblock %}
+
+{% block content %}
+<div class="card shadow-sm">
+    <div class="card-header bg-primary text-white">
+        <h5 class="mb-0">واریزی‌های در انتظار تأیید</h5>
+    </div>
+    <div class="card-body table-responsive">
+        {% if pending_payments_list %}
+        <table class="table table-hover mb-0">
+            <thead>
+                <tr>
+                    <th>نام کاربر</th>
+                    <th>مبلغ</th>
+                    <th>پلن</th>
+                    <th>تاریخ ارسال</th>
+                    <th>رسید واریز</th>
+                    <th>عملیات</th>
+                </tr>
+            </thead>
+            <tbody>
+                {% for payment in pending_payments_list %}
+                <tr>
+                    <td>{{ payment.user.full_name }}</td>
+                    <td>{{ payment.amount|floatformat:0 }}</td>
+                    <td>{{ payment.plan.name }}</td>
+                    <td>{{ payment.created_at|date:"Y/m/d - H:i" }}</td>
+                    <td><a href="{{ payment.receipt_image.url }}" target="_blank" class="btn btn-sm btn-primary">مشاهده</a></td>
+                    <td>
+                        <a href="{% url 'verify_payment_view' payment.id %}" class="btn btn-sm btn-success">تأیید</a>
+                    </td>
+                </tr>
+                {% endfor %}
+            </tbody>
+        </table>
+        {% else %}
+        <div class="alert alert-info text-center mb-0" role="alert">
+            واریزی در انتظار تأیید وجود ندارد.
+        </div>
+        {% endif %}
+    </div>
+</div>
+{% endblock %}
+
diff --git a/management/templates/management/payment_success.html b/management/templates/management/payment_success.html
new file mode 100644
index 0000000000000000000000000000000000000000..2ea661db476fca17145d49e290ffd7f13f802a2c
--- /dev/null
+++ b/management/templates/management/payment_success.html
@@ -0,0 +1,32 @@
+{% load static %}
+<!DOCTYPE html>
+<html lang="fa" dir="rtl">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>پرداخت موفق</title>
+    <script src="https://cdn.tailwindcss.com"></script>
+    <style>
+        @import url('https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap');
+        body {
+            font-family: 'Inter', sans-serif;
+            background-color: #f3f4f6;
+        }
+    </style>
+</head>
+<body class="bg-gray-100 flex items-center justify-center min-h-screen p-4">
+    <div class="bg-white rounded-xl shadow-lg p-8 w-full max-w-md mx-auto text-center">
+        <div class="bg-green-100 text-green-700 rounded-full p-4 mx-auto mb-6 w-20 h-20 flex items-center justify-center">
+            <svg class="w-12 h-12" fill="none" stroke="currentColor" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg">
+                <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M5 13l4 4L19 7"></path>
+            </svg>
+        </div>
+        <h1 class="text-3xl font-bold text-gray-800 mb-4">پرداخت شما با موفقیت ثبت شد!</h1>
+        <p class="text-lg text-gray-600 mb-6">درخواست شما برای ادمین ارسال شد و پس از تأیید، اشتراک شما فعال خواهد شد.</p>
+        <a href="{% url 'user_dashboard' %}" class="inline-block bg-indigo-600 hover:bg-indigo-700 text-white font-bold py-3 px-8 rounded-lg transition duration-300 shadow-lg transform hover:scale-105">
+            بازگشت به داشبورد
+        </a>
+    </div>
+</body>
+</html>
+
diff --git a/management/templates/management/plan_management.html b/management/templates/management/plan_management.html
new file mode 100644
index 0000000000000000000000000000000000000000..bb23256c1c52f5a91fcbe9e4f79f33672e0f3c7c
--- /dev/null
+++ b/management/templates/management/plan_management.html
@@ -0,0 +1,77 @@
+{% extends 'management/base.html' %}
+
+{% block header_title %}مدیریت پلن‌ها{% endblock %}
+
+{% block content %}
+<div class="card shadow-sm mb-4">
+    <div class="card-header bg-primary text-white">
+        <h5 class="mb-0">ایجاد پلن جدید</h5>
+    </div>
+    <div class="card-body">
+        <form action="{% url 'create_plan_view' %}" method="post" id="plan-form">
+            {% csrf_token %}
+            <div class="row">
+                <div class="col-md-6 mb-3">
+                    <label for="plan-name" class="form-label">نام پلن</label>
+                    <input type="text" class="form-control" name="plan_name" id="plan-name" required>
+                </div>
+                <div class="col-md-6 mb-3">
+                    <label for="plan-price" class="form-label">قیمت (تومان)</label>
+                    <input type="number" class="form-control" name="plan_price" id="plan-price" required>
+                </div>
+            </div>
+            <div class="row">
+                <div class="col-md-6 mb-3">
+                    <label for="plan-duration" class="form-label">مدت (روز)</label>
+                    <input type="number" class="form-control" name="plan_duration" id="plan-duration" required>
+                </div>
+                <div class="col-md-6 mb-3">
+                    <label for="plan-volume" class="form-label">حجم (گیگابایت)</label>
+                    <input type="number" class="form-control" name="plan_volume" id="plan-volume" required>
+                </div>
+            </div>
+            <button type="submit" class="btn btn-primary mt-3">ذخیره پلن</button>
+        </form>
+    </div>
+</div>
+<div class="card mt-4 shadow-sm">
+    <div class="card-header bg-primary text-white">
+        <h5 class="mb-0">لیست پلن‌ها</h5>
+    </div>
+    <div class="card-body table-responsive">
+        <table class="table table-hover">
+            <thead>
+                <tr>
+                    <th>نام پلن</th>
+                    <th>قیمت</th>
+                    <th>مدت</th>
+                    <th>حجم</th>
+                    <th>عملیات</th>
+                </tr>
+            </thead>
+            <tbody>
+                {% for plan in plans %}
+                <tr>
+                    <td>{{ plan.name }}</td>
+                    <td>{{ plan.price|floatformat:0 }}</td>
+                    <td>{{ plan.duration }} روز</td>
+                    <td>{{ plan.volume }} گیگ</td>
+                    <td>
+                        <a href="{% url 'edit_plan' plan.id %}" class="btn btn-sm btn-info">ویرایش</a>
+                        <form action="{% url 'delete_plan' plan.id %}" method="post" class="d-inline">
+                            {% csrf_token %}
+                            <button type="submit" class="btn btn-sm btn-danger">حذف</button>
+                        </form>
+                    </td>
+                </tr>
+                {% empty %}
+                <tr>
+                    <td colspan="5" class="text-center">پلنی ثبت نشده است.</td>
+                </tr>
+                {% endfor %}
+            </tbody>
+        </table>
+    </div>
+</div>
+{% endblock %}
+
diff --git a/management/templates/management/profile.html b/management/templates/management/profile.html
new file mode 100644
index 0000000000000000000000000000000000000000..8936635910b2198fee652fcc339a53bc8bcabf4c
--- /dev/null
+++ b/management/templates/management/profile.html
@@ -0,0 +1,50 @@
+<!DOCTYPE html>
+<html lang="fa" dir="rtl">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>پروفایل کاربری</title>
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.rtl.min.css" rel="stylesheet">
+    <style>
+        body {
+            background-color: #f8f9fa;
+        }
+        .profile-card {
+            max-width: 600px;
+            margin: 50px auto;
+            padding: 2rem;
+            box-shadow: 0 0 15px rgba(0,0,0,0.1);
+            border-radius: 10px;
+            background-color: #fff;
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <div class="row">
+            <div class="col-12">
+                <div class="profile-card text-center">
+                    <h2 class="mb-4">خوش آمدید، {{ request.user.username }}!</h2>
+                    
+                    {% if current_subscription %}
+                        <p>اشتراک فعلی شما: {{ current_subscription.plan.name }}</p>
+                        <p>تاریخ انقضا: {{ current_subscription.end_date }}</p>
+                        <p>وضعیت: {% if current_subscription.is_active %}فعال{% else %}غیرفعال{% endif %}</p>
+                    {% else %}
+                        <p>شما هیچ اشتراکی ندارید.</p>
+                    {% endif %}
+
+                    <hr>
+                    
+                    <div class="d-grid gap-2">
+                        <a href="{% url 'submit_payment' %}" class="btn btn-primary">تمدید یا ارتقاء اشتراک</a>
+                        <a href="#" class="btn btn-secondary">مشاهده تاریخچه پرداخت‌ها</a>
+                    </div>
+                    
+                    <a href="{% url 'logout' %}" class="btn btn-danger mt-4">خروج از حساب</a>
+                </div>
+            </div>
+        </div>
+    </div>
+</body>
+</html>
diff --git a/management/templates/management/submit_payment.html b/management/templates/management/submit_payment.html
new file mode 100644
index 0000000000000000000000000000000000000000..f54060332b62497f828c2f9b5953a78fb9ab6424
--- /dev/null
+++ b/management/templates/management/submit_payment.html
@@ -0,0 +1,83 @@
+{% load static %}
+<!DOCTYPE html>
+<html lang="fa" dir="rtl">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>ثبت پرداخت</title>
+    <script src="https://cdn.tailwindcss.com"></script>
+    <style>
+        @import url('https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap');
+        body {
+            font-family: 'Inter', sans-serif;
+            background-color: #f3f4f6;
+        }
+        .form-label {
+            font-weight: 500;
+            color: #1f2937;
+        }
+        .form-input {
+            width: 100%;
+            padding: 0.75rem;
+            border-radius: 0.5rem;
+            border: 1px solid #d1d5db;
+            background-color: #ffffff;
+            transition: border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;
+        }
+        .form-input:focus {
+            outline: none;
+            border-color: #6366f1;
+            box-shadow: 0 0 0 3px rgba(99, 102, 241, 0.25);
+        }
+        .form-input[type="file"] {
+            padding-top: 0.5rem;
+            padding-bottom: 0.5rem;
+        }
+    </style>
+</head>
+<body class="bg-gray-100 flex items-center justify-center min-h-screen p-4">
+    <div class="bg-white rounded-xl shadow-lg p-8 w-full max-w-md mx-auto">
+        <h1 class="text-3xl font-bold text-gray-800 mb-6 text-center">ثبت پرداخت برای پلن "{{ plan.name }}"</h1>
+        
+        {% if messages %}
+            <ul class="mb-6 space-y-2">
+            {% for message in messages %}
+                <li class="p-3 rounded-lg {% if message.tags == 'success' %}bg-green-100 text-green-700{% elif message.tags == 'error' %}bg-red-100 text-red-700{% else %}bg-blue-100 text-blue-700{% endif %}">
+                    {{ message }}
+                </li>
+            {% endfor %}
+            </ul>
+        {% endif %}
+
+        <p class="text-gray-600 text-center mb-6">لطفاً پس از پرداخت، رسید را در این قسمت آپلود کنید. پس از تأیید ادمین، اشتراک شما فعال خواهد شد.</p>
+
+        <form method="post" enctype="multipart/form-data" class="space-y-4">
+            {% csrf_token %}
+            
+            <div class="space-y-2">
+                <label for="id_transaction_id" class="form-label block">شناسه پرداخت:</label>
+                <input type="text" name="transaction_id" id="id_transaction_id" class="form-input" required>
+            </div>
+            
+            <div class="space-y-2">
+                <label for="id_description" class="form-label block">توضیحات (اختیاری):</label>
+                <textarea name="description" id="id_description" rows="3" class="form-input"></textarea>
+            </div>
+            
+            <div class="space-y-2">
+                <label for="id_proof_of_payment" class="form-label block">عکس رسید پرداخت:</label>
+                <input type="file" name="proof_of_payment" id="id_proof_of_payment" class="form-input" accept="image/*" required>
+            </div>
+
+            <button type="submit" class="w-full bg-indigo-600 hover:bg-indigo-700 text-white font-bold py-3 px-4 rounded-lg transition duration-300 shadow-md">
+                ثبت پرداخت
+            </button>
+        </form>
+
+        <div class="text-center mt-6">
+            <a href="{% url 'user_dashboard' %}" class="text-indigo-600 hover:text-indigo-800 font-medium transition duration-300">بازگشت به داشبورد</a>
+        </div>
+    </div>
+</body>
+</html>
+
diff --git a/management/templates/management/super_admin_dashboard.html b/management/templates/management/super_admin_dashboard.html
new file mode 100644
index 0000000000000000000000000000000000000000..273f44ac33d97b7a159c538a8908d15df582e813
--- /dev/null
+++ b/management/templates/management/super_admin_dashboard.html
@@ -0,0 +1,325 @@
+<!DOCTYPE html>
+<html lang="fa" dir="rtl">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>داشبورد سوپر ادمین</title>
+    <!-- Tailwind CSS CDN for styling -->
+    <script src="https://cdn.tailwindcss.com"></script>
+    <style>
+        body {
+            font-family: 'Inter', sans-serif;
+            background-color: #f3f4f6;
+            direction: rtl;
+            text-align: right;
+        }
+        .container {
+            max-width: 1200px;
+            margin: 0 auto;
+            padding: 1.5rem;
+        }
+        .card {
+            background-color: #ffffff;
+            border-radius: 0.5rem;
+            box-shadow: 0 4px 6px -1px rgba(0, 0, 0, 0.1), 0 2px 4px -1px rgba(0, 0, 0, 0.06);
+            padding: 1.5rem;
+            margin-bottom: 2rem;
+        }
+        .btn {
+            padding: 0.5rem 1rem;
+            border-radius: 0.375rem;
+            font-weight: 500;
+            color: white;
+            transition: all 0.2s ease-in-out;
+            margin-right: 0.5rem;
+        }
+        .btn-green {
+            background-color: #10b981;
+        }
+        .btn-green:hover {
+            background-color: #059669;
+        }
+        .btn-red {
+            background-color: #ef4444;
+        }
+        .btn-red:hover {
+            background-color: #dc2626;
+        }
+        .btn-blue {
+            background-color: #3b82f6;
+        }
+        .btn-blue:hover {
+            background-color: #2563eb;
+        }
+        .table-container {
+            overflow-x: auto;
+        }
+        table {
+            width: 100%;
+            border-collapse: collapse;
+        }
+        th, td {
+            padding: 0.75rem;
+            text-align: right;
+            border-bottom: 1px solid #e5e7eb;
+        }
+        th {
+            background-color: #f9fafb;
+            font-weight: 600;
+        }
+        .loading {
+            text-align: center;
+            padding: 2rem;
+            color: #4b5563;
+        }
+        .badge {
+            display: inline-flex;
+            align-items: center;
+            padding: 0.25rem 0.75rem;
+            border-radius: 9999px;
+            font-size: 0.75rem;
+            font-weight: 600;
+        }
+        .badge-green {
+            background-color: #d1fae5;
+            color: #065f46;
+        }
+        .badge-red {
+            background-color: #fee2e2;
+            color: #991b1b;
+        }
+    </style>
+</head>
+<body>
+
+<div class="container">
+    <header class="flex justify-between items-center py-6 mb-6 border-b border-gray-200">
+        <h1 class="text-3xl font-bold text-gray-800">داشبورد سوپر ادمین</h1>
+        <div class="flex items-center">
+            <span class="text-gray-600 ml-4">خوش آمدید، سوپر ادمین</span>
+            <button id="logoutBtn" class="btn bg-gray-500 hover:bg-gray-700">خروج</button>
+        </div>
+    </header>
+
+    <!-- مدیریت لایسنس‌ها -->
+    <div class="card">
+        <h2 class="text-2xl font-semibold mb-4 text-gray-700">مدیریت لایسنس‌ها</h2>
+        
+        <!-- فرم ایجاد لایسنس جدید -->
+        <div class="mb-6">
+            <h3 class="text-xl font-medium mb-2 text-gray-600">ایجاد لایسنس جدید</h3>
+            <form id="createLicenseForm" class="flex flex-col md:flex-row items-end gap-4">
+                <div class="flex-1 w-full">
+                    <label for="owner_id" class="block text-sm font-medium text-gray-700 mb-1">ID مالک لایسنس (Owner ID)</label>
+                    <input type="text" id="owner_id" name="owner_id" required class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-indigo-500">
+                </div>
+                <button type="submit" class="btn btn-blue w-full md:w-auto">ایجاد لایسنس</button>
+            </form>
+        </div>
+
+        <h3 class="text-xl font-medium mb-2 text-gray-600">لیست لایسنس‌ها</h3>
+        <div class="table-container">
+            <table id="licensesTable" class="w-full text-sm text-gray-500">
+                <thead class="text-xs text-gray-700 uppercase bg-gray-50">
+                    <tr>
+                        <th class="py-3 px-6">ID لایسنس</th>
+                        <th class="py-3 px-6">کلید لایسنس</th>
+                        <th class="py-3 px-6">ID مالک</th>
+                        <th class="py-3 px-6">وضعیت</th>
+                        <th class="py-3 px-6">پنل متصل</th>
+                        <th class="py-3 px-6">تاریخ ایجاد</th>
+                        <th class="py-3 px-6">عملیات</th>
+                    </tr>
+                </thead>
+                <tbody id="licensesTableBody">
+                    <tr>
+                        <td colspan="7" class="loading">در حال بارگذاری لایسنس‌ها...</td>
+                    </tr>
+                </tbody>
+            </table>
+        </div>
+    </div>
+</div>
+
+<script>
+    // Constants for API endpoints
+    const API_BASE_URL = '/api';
+    const LICENSE_API_URL = `${API_BASE_URL}/licenses/`;
+
+    // Global variable to store JWT token
+    let accessToken = null;
+
+    /**
+     * Fetches the JWT access token for a mock SuperAdmin user.
+     */
+    async function getAccessToken() {
+        const username = 'superadmin';
+        try {
+            const response = await fetch(`${API_BASE_URL}/token/`, {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json',
+                },
+                body: JSON.stringify({ username }),
+            });
+            const data = await response.json();
+            if (response.ok) {
+                accessToken = data.access;
+                console.log('JWT token obtained successfully.');
+            } else {
+                console.error('Failed to get token:', data);
+            }
+        } catch (error) {
+            console.error('Error fetching token:', error);
+        }
+    }
+
+    /**
+     * Generic API call function with JWT token.
+     */
+    async function apiCall(url, method = 'GET', data = null) {
+        if (!accessToken) {
+            throw new Error('No access token available.');
+        }
+
+        const headers = {
+            'Content-Type': 'application/json',
+            'Authorization': `Bearer ${accessToken}`,
+        };
+        const options = {
+            method,
+            headers,
+        };
+        if (data) {
+            options.body = JSON.stringify(data);
+        }
+
+        try {
+            const response = await fetch(url, options);
+            const responseData = await response.json();
+            if (!response.ok) {
+                console.error(`API Error for ${url}:`, responseData);
+                throw new Error(responseData.error || response.statusText);
+            }
+            return responseData;
+        } catch (error) {
+            console.error(`Error during API call to ${url}:`, error);
+            throw error;
+        }
+    }
+
+    /**
+     * Renders the licenses into the table, including linked panel info.
+     */
+    function renderLicenses(licenses) {
+        const tbody = document.getElementById('licensesTableBody');
+        tbody.innerHTML = '';
+        if (licenses.length === 0) {
+            tbody.innerHTML = `<tr><td colspan="7" class="text-center py-4">لایسنسی یافت نشد.</td></tr>`;
+            return;
+        }
+        licenses.forEach(license => {
+            const row = document.createElement('tr');
+            row.className = 'bg-white border-b hover:bg-gray-50';
+            const statusClass = license.is_active ? 'badge-green' : 'badge-red';
+            const statusText = license.is_active ? 'فعال' : 'غیرفعال';
+            
+            let panelInfoHtml = '';
+            if (license.linked_panel) {
+                panelInfoHtml = `<a href="${license.linked_panel.panel_address}" target="_blank" class="text-blue-600 hover:underline">${license.linked_panel.name}</a>`;
+            } else {
+                panelInfoHtml = `<span class="text-gray-400">متصل نیست</span>`;
+            }
+
+            row.innerHTML = `
+                <td class="py-4 px-6">${license.id}</td>
+                <td class="py-4 px-6 font-medium text-gray-900 whitespace-nowrap">${license.key}</td>
+                <td class="py-4 px-6">${license.owner.username}</td>
+                <td class="py-4 px-6"><span class="badge ${statusClass}">${statusText}</span></td>
+                <td class="py-4 px-6">${panelInfoHtml}</td>
+                <td class="py-4 px-6">${new Date(license.created_at).toLocaleDateString('fa-IR')}</td>
+                <td class="py-4 px-6 text-right">
+                    <button onclick="toggleLicenseStatus('${license.id}', ${license.is_active})" class="btn ${license.is_active ? 'btn-red' : 'btn-green'}">
+                        ${license.is_active ? 'غیرفعال کردن' : 'فعال کردن'}
+                    </button>
+                    <button onclick="deleteLicense('${license.id}')" class="btn btn-red">حذف</button>
+                </td>
+            `;
+            tbody.appendChild(row);
+        });
+    }
+
+    /**
+     * Fetches and displays all licenses.
+     */
+    async function fetchLicenses() {
+        try {
+            document.getElementById('licensesTableBody').innerHTML = `<tr><td colspan="7" class="loading">در حال بارگذاری لایسنس‌ها...</td></tr>`;
+            const licenses = await apiCall(LICENSE_API_URL);
+            renderLicenses(licenses);
+        } catch (error) {
+            document.getElementById('licensesTableBody').innerHTML = `<tr><td colspan="7" class="text-center text-red-500 py-4">خطا در بارگذاری لایسنس‌ها.</td></tr>`;
+        }
+    }
+
+    /**
+     * Toggles the active status of a license.
+     */
+    async function toggleLicenseStatus(licenseId, currentStatus) {
+        try {
+            await apiCall(`${LICENSE_API_URL}${licenseId}/`, 'PUT', { is_active: !currentStatus });
+            alert(`وضعیت لایسنس با موفقیت به ${!currentStatus ? 'فعال' : 'غیرفعال'} تغییر یافت.`);
+            fetchLicenses(); // Refresh the list
+        } catch (error) {
+            alert(`خطا در تغییر وضعیت لایسنس: ${error.message}`);
+        }
+    }
+
+    /**
+     * Deletes a license.
+     */
+    async function deleteLicense(licenseId) {
+        if (!confirm('آیا مطمئن هستید که می‌خواهید این لایسنس را حذف کنید؟')) return;
+        try {
+            await apiCall(`${LICENSE_API_URL}${licenseId}/`, 'DELETE');
+            alert('لایسنس با موفقیت حذف شد.');
+            fetchLicenses(); // Refresh the list
+        } catch (error) {
+            alert(`خطا در حذف لایسنس: ${error.message}`);
+        }
+    }
+
+    /**
+     * Handles the form submission to create a new license.
+     */
+    document.getElementById('createLicenseForm').addEventListener('submit', async (e) => {
+        e.preventDefault();
+        const ownerId = document.getElementById('owner_id').value;
+        try {
+            await apiCall(LICENSE_API_URL, 'POST', { owner_id: ownerId });
+            alert('لایسنس جدید با موفقیت ایجاد شد.');
+            document.getElementById('owner_id').value = '';
+            fetchLicenses(); // Refresh the list
+        } catch (error) {
+            alert(`خطا در ایجاد لایسنس: ${error.message}`);
+        }
+    });
+
+    /**
+     * Initializes the dashboard by getting the token and fetching data.
+     */
+    async function init() {
+        await getAccessToken();
+        if (accessToken) {
+            fetchLicenses();
+        } else {
+            alert('خطا در احراز هویت. لطفاً مجدداً وارد شوید.');
+        }
+    }
+
+    init();
+</script>
+
+</body>
+</html>
+
diff --git a/management/templates/management/update_plan.html b/management/templates/management/update_plan.html
new file mode 100644
index 0000000000000000000000000000000000000000..746d08e2618790f86ea9833fb8d141f442c58d63
--- /dev/null
+++ b/management/templates/management/update_plan.html
@@ -0,0 +1,39 @@
+{% extends 'management/base.html' %}
+
+{% block header_title %}ویرایش پلن{% endblock %}
+
+{% block content %}
+<div class="card shadow-sm mb-4">
+    <div class="card-header bg-primary text-white">
+        <h5 class="mb-0">ویرایش پلن: {{ plan.name }}</h5>
+    </div>
+    <div class="card-body">
+        <form action="{% url 'edit_plan' plan.id %}" method="post" id="update-plan-form">
+            {% csrf_token %}
+            <div class="row">
+                <div class="col-md-6 mb-3">
+                    <label for="plan-name" class="form-label">نام پلن</label>
+                    <input type="text" class="form-control" name="plan_name" id="plan-name" value="{{ plan.name }}" required>
+                </div>
+                <div class="col-md-6 mb-3">
+                    <label for="plan-price" class="form-label">قیمت (تومان)</label>
+                    <input type="number" class="form-control" name="plan_price" id="plan-price" value="{{ plan.price|floatformat:0 }}" required>
+                </div>
+            </div>
+            <div class="row">
+                <div class="col-md-6 mb-3">
+                    <label for="plan-duration" class="form-label">مدت (روز)</label>
+                    <input type="number" class="form-control" name="plan_duration" id="plan-duration" value="{{ plan.duration }}" required>
+                </div>
+                <div class="col-md-6 mb-3">
+                    <label for="plan-volume" class="form-label">حجم (گیگابایت)</label>
+                    <input type="number" class="form-control" name="plan_volume" id="plan-volume" value="{{ plan.volume }}" required>
+                </div>
+            </div>
+            <button type="submit" class="btn btn-primary mt-3">بروزرسانی پلن</button>
+            <a href="{% url 'plan_management_view' %}" class="btn btn-secondary mt-3 me-2">بازگشت</a>
+        </form>
+    </div>
+</div>
+{% endblock %}
+
diff --git a/management/templates/management/user_buy_plan.html b/management/templates/management/user_buy_plan.html
new file mode 100644
index 0000000000000000000000000000000000000000..b826e76aac1ba515270d762282ffa94192cfea7c
--- /dev/null
+++ b/management/templates/management/user_buy_plan.html
@@ -0,0 +1,55 @@
+{% load static %}
+<!DOCTYPE html>
+<html lang="fa" dir="rtl">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>خرید پلن</title>
+    <script src="https://cdn.tailwindcss.com"></script>
+    <style>
+        @import url('https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap');
+        body {
+            font-family: 'Inter', sans-serif;
+            background-color: #f3f4f6;
+        }
+    </style>
+</head>
+<body class="bg-gray-100 flex items-center justify-center min-h-screen p-4">
+    <div class="bg-white rounded-xl shadow-lg p-8 w-full max-w-4xl mx-auto">
+        <div class="flex justify-between items-center border-b pb-4 mb-6">
+            <h1 class="text-3xl font-bold text-gray-800">خرید پلن جدید</h1>
+            <a href="{% url 'user_dashboard' %}" class="bg-indigo-500 hover:bg-indigo-600 text-white font-medium py-2 px-4 rounded-lg transition duration-300 shadow-md">بازگشت به داشبورد</a>
+        </div>
+        
+        {% if messages %}
+            <ul class="mb-6 space-y-2">
+            {% for message in messages %}
+                <li class="p-3 rounded-lg {% if message.tags == 'success' %}bg-green-100 text-green-700{% elif message.tags == 'error' %}bg-red-100 text-red-700{% else %}bg-blue-100 text-blue-700{% endif %}">
+                    {{ message }}
+                </li>
+            {% endfor %}
+            </ul>
+        {% endif %}
+
+        {% if plans %}
+            <div class="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 gap-6">
+                {% for plan in plans %}
+                <div class="bg-gray-50 border border-gray-200 rounded-xl p-6 shadow-sm flex flex-col items-center text-center">
+                    <h2 class="text-2xl font-bold text-gray-800 mb-2">{{ plan.name }}</h2>
+                    <p class="text-gray-600 mb-4">{{ plan.duration_months }} ماه - {{ plan.data_limit_gb }} گیگابایت</p>
+                    <div class="text-4xl font-extrabold text-indigo-600 mb-6">{{ plan.price }} تومان</div>
+                    <a href="{% url 'submit_payment_view' plan_id=plan.id %}" class="mt-auto w-full bg-green-500 hover:bg-green-600 text-white font-bold py-3 px-6 rounded-lg transition duration-300 shadow-lg transform hover:scale-105">
+                        انتخاب و پرداخت
+                    </a>
+                </div>
+                {% endfor %}
+            </div>
+        {% else %}
+            <div class="bg-yellow-100 text-yellow-700 p-6 rounded-lg text-center">
+                <p>در حال حاضر هیچ پلنی برای خرید موجود نیست.</p>
+            </div>
+        {% endif %}
+    </div>
+</body>
+</html>
+
diff --git a/management/templates/management/user_dashboard.html b/management/templates/management/user_dashboard.html
new file mode 100644
index 0000000000000000000000000000000000000000..913bf7cba0c26b2342167be942caff52ecf96c6b
--- /dev/null
+++ b/management/templates/management/user_dashboard.html
@@ -0,0 +1,74 @@
+<!-- management/templates/management/user_dashboard.html -->
+<!-- -*- coding: utf-8 -*- -->
+<!DOCTYPE html>
+<html lang="fa" dir="rtl">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>داشبورد کاربر</title>
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/tailwindcss/2.2.19/tailwind.min.css">
+    <link rel="stylesheet" href="/static/css/styles.css">
+    <!-- PWA Manifest -->
+    <link rel="manifest" href="/manifest.json">
+</head>
+<body class="bg-gray-100 p-8">
+    <div class="max-w-4xl mx-auto bg-white shadow-xl rounded-lg p-6">
+        <header class="border-b pb-4 mb-4">
+            <h1 class="text-3xl font-bold text-gray-800">داشبورد کاربر</h1>
+            <p class="text-lg text-gray-600 mt-2">خوش آمدید، <span id="username-display" class="font-semibold text-indigo-600">...</span>!</p>
+        </header>
+
+        <main class="space-y-6">
+            <div id="service-status-card" class="bg-blue-50 border border-blue-200 rounded-lg p-4 flex items-center justify-between">
+                <div>
+                    <h2 class="text-xl font-bold text-blue-800">وضعیت سرویس: <span id="service-status">...</span></h2>
+                </div>
+            </div>
+
+            <div class="grid md:grid-cols-2 gap-6">
+                <div class="bg-white shadow-md rounded-lg p-4">
+                    <h3 class="text-lg font-bold text-gray-700 mb-2">حجم مصرفی</h3>
+                    <p class="text-3xl font-extrabold text-indigo-600"><span id="used-traffic">...</span></p>
+                </div>
+                <div class="bg-white shadow-md rounded-lg p-4">
+                    <h3 class="text-lg font-bold text-gray-700 mb-2">حجم کل</h3>
+                    <p class="text-3xl font-extrabold text-indigo-600"><span id="total-traffic">...</span></p>
+                </div>
+            </div>
+
+            <div class="bg-white shadow-md rounded-lg p-6">
+                <h3 class="text-xl font-bold text-gray-700 mb-4">کانفیگ‌ها</h3>
+                <ul id="configs-list" class="space-y-2">
+                    <!-- Configs will be loaded here -->
+                </ul>
+            </div>
+            
+            <!-- Section for Telegram bot linking -->
+            <div class="bg-white shadow-md rounded-lg p-6">
+                <h3 class="text-xl font-bold text-gray-700 mb-4">همگام‌سازی با ربات تلگرام</h3>
+                <div class="flex flex-col md:flex-row items-center space-y-4 md:space-y-0 md:space-x-4">
+                    <button id="generate-token-btn" class="bg-indigo-600 hover:bg-indigo-700 text-white font-bold py-2 px-4 rounded-lg focus:outline-none focus:shadow-outline">
+                        تولید کد امنیتی
+                    </button>
+                    <div id="token-display-area" class="bg-gray-100 p-3 rounded-lg flex-grow hidden">
+                        <p class="text-gray-700 text-sm mb-2">کد زیر را کپی کرده و به ربات تلگرام ارسال کنید:</p>
+                        <code id="telegram-token" class="block bg-gray-200 p-2 rounded-lg text-sm text-gray-800 font-mono overflow-auto"></code>
+                        <p class="text-xs text-red-500 mt-2">توکن ۱۰ دقیقه اعتبار دارد.</p>
+                    </div>
+                </div>
+            </div>
+            
+            <!-- Hidden CSRF token for JavaScript requests -->
+            <input type="hidden" name="csrfmiddlewaretoken" value="{{ csrf_token }}">
+        </main>
+    </div>
+
+    <!-- PWA & JS Logic -->
+    <script>
+        // Set VAPID public key dynamically for main.js
+        const VAPID_PUBLIC_KEY = "{{ vapid_public_key }}";
+    </script>
+    <script src="/static/js/main.js"></script>
+</body>
+</html>
+
diff --git a/management/templates/management/user_links.html b/management/templates/management/user_links.html
new file mode 100644
index 0000000000000000000000000000000000000000..78ed26bf5481cf14fa6b5da7aa296bca112e6049
--- /dev/null
+++ b/management/templates/management/user_links.html
@@ -0,0 +1,190 @@
+<!DOCTYPE html>
+<html lang="fa" dir="rtl">
+
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>لینک‌های اشتراک</title>
+    <style>
+        body {
+            font-family: 'Arial', sans-serif;
+            background-color: #f4f4f4;
+            margin: 0;
+            padding: 20px;
+            text-align: right;
+            direction: rtl;
+        }
+
+        .container {
+            max-width: 800px;
+            margin: 20px auto;
+            background-color: #fff;
+            padding: 20px;
+            border-radius: 8px;
+            box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
+        }
+
+        h1, h2 {
+            color: #333;
+            border-bottom: 2px solid #007bff;
+            padding-bottom: 10px;
+        }
+
+        .link-item {
+            margin-bottom: 20px;
+            padding: 15px;
+            background-color: #e9ecef;
+            border-radius: 8px;
+            word-wrap: break-word;
+        }
+
+        .link-text {
+            font-size: 16px;
+            font-weight: bold;
+        }
+
+        .link-box {
+            display: flex;
+            align-items: center;
+            margin-top: 10px;
+        }
+
+        .link-input {
+            flex-grow: 1;
+            padding: 8px;
+            border: 1px solid #ccc;
+            border-radius: 4px;
+            font-size: 14px;
+            direction: ltr; /* Ensure the URL is displayed left-to-right */
+            text-align: left;
+            margin-right: 10px;
+        }
+
+        .copy-button,
+        .qr-button {
+            padding: 8px 15px;
+            border: none;
+            border-radius: 4px;
+            cursor: pointer;
+            color: #fff;
+            font-weight: bold;
+        }
+
+        .copy-button {
+            background-color: #28a745;
+        }
+
+        .qr-button {
+            background-color: #007bff;
+            margin-right: 10px;
+        }
+
+        .qr-popup {
+            position: fixed;
+            top: 50%;
+            left: 50%;
+            transform: translate(-50%, -50%);
+            background-color: #fff;
+            padding: 20px;
+            border-radius: 8px;
+            box-shadow: 0 2px 10px rgba(0, 0, 0, 0.2);
+            z-index: 1000;
+            display: none;
+        }
+
+        .qr-popup-content {
+            text-align: center;
+        }
+
+        .qr-close-button {
+            float: left;
+            cursor: pointer;
+            font-size: 20px;
+            font-weight: bold;
+        }
+
+        .qr-code-container {
+            margin-top: 10px;
+        }
+    </style>
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/qrcodejs/1.0.0/qrcode.min.js"></script>
+</head>
+
+<body>
+
+    <div class="container">
+        <h1>لینک‌های اشتراک شما</h1>
+
+        {% if subscription_url %}
+        <div class="link-item">
+            <h2>لینک سابسکریپشن (Subscription)</h2>
+            <div class="link-box">
+                <input type="text" class="link-input" value="{{ subscription_url }}" readonly id="subscription-link">
+                <button class="copy-button" onclick="copyLink('subscription-link', this)">کپی</button>
+                <button class="qr-button" onclick="showQrCode('{{ subscription_url }}')">QR Code</button>
+            </div>
+        </div>
+        {% endif %}
+
+        {% if config_links %}
+        <div class="link-item">
+            <h2>لینک‌های کانفیگ (Configuration)</h2>
+            {% for link in config_links %}
+            <div class="link-box">
+                <input type="text" class="link-input" value="{{ link }}" readonly id="config-link-{{ forloop.counter }}">
+                <button class="copy-button" onclick="copyLink('config-link-{{ forloop.counter }}', this)">کپی</button>
+                <button class="qr-button" onclick="showQrCode('{{ link }}')">QR Code</button>
+            </div>
+            {% endfor %}
+        </div>
+        {% endif %}
+
+        {% if not subscription_url and not config_links %}
+        <p>هیچ لینک اشتراکی برای شما یافت نشد.</p>
+        {% endif %}
+
+        <div id="qrPopup" class="qr-popup">
+            <div class="qr-popup-content">
+                <span class="qr-close-button" onclick="closeQrPopup()">&times;</span>
+                <p>بارکد QR</p>
+                <div id="qrCodeContainer" class="qr-code-container"></div>
+            </div>
+        </div>
+    </div>
+
+    <script>
+        function copyLink(elementId, button) {
+            const inputElement = document.getElementById(elementId);
+            inputElement.select();
+            document.execCommand('copy');
+            
+            button.textContent = 'کپی شد!';
+            setTimeout(() => {
+                button.textContent = 'کپی';
+            }, 2000);
+        }
+
+        function showQrCode(link) {
+            const qrPopup = document.getElementById('qrPopup');
+            const qrCodeContainer = document.getElementById('qrCodeContainer');
+            qrCodeContainer.innerHTML = '';
+            
+            new QRCode(qrCodeContainer, {
+                text: link,
+                width: 256,
+                height: 256,
+                colorDark: "#000000",
+                colorLight: "#ffffff",
+                correctLevel: QRCode.CorrectLevel.H
+            });
+            
+            qrPopup.style.display = 'block';
+        }
+
+        function closeQrPopup() {
+            document.getElementById('qrPopup').style.display = 'none';
+        }
+    </script>
+</body>
+
+</html>
diff --git a/management/templates/management/user_login.html b/management/templates/management/user_login.html
new file mode 100644
index 0000000000000000000000000000000000000000..63bf0ed10ffae82210c53e9d0239be4c4608475e
--- /dev/null
+++ b/management/templates/management/user_login.html
@@ -0,0 +1,110 @@
+<!DOCTYPE html>
+<html lang="fa" dir="rtl">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>ورود به پنل کاربری</title>
+    <style>
+        body {
+            display: flex;
+            flex-direction: column;
+            justify-content: center;
+            align-items: center;
+            height: 100vh;
+            background-color: #f0f2f5;
+            font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif;
+            text-align: center;
+        }
+        .login-container {
+            background: white;
+            padding: 30px;
+            border-radius: 8px;
+            box-shadow: 0 4px 8px rgba(0,0,0,0.1);
+            width: 300px;
+        }
+        h2 {
+            margin-bottom: 20px;
+            color: #333;
+        }
+        .form-group {
+            margin-bottom: 15px;
+            text-align: right;
+        }
+        .form-group label {
+            display: block;
+            margin-bottom: 5px;
+            font-size: 14px;
+            color: #555;
+        }
+        .form-group input {
+            width: 100%;
+            padding: 10px;
+            box-sizing: border-box;
+            border: 1px solid #ccc;
+            border-radius: 5px;
+            font-size: 16px;
+        }
+        .error-message {
+            color: #dc3545;
+            margin-bottom: 15px;
+        }
+        .submit-button {
+            width: 100%;
+            padding: 12px 20px;
+            margin-top: 20px;
+            border-radius: 5px;
+            border: none;
+            background-color: #28a745;
+            color: white;
+            font-size: 16px;
+            cursor: pointer;
+            transition: background-color 0.3s ease;
+        }
+        .submit-button:hover {
+            background-color: #218838;
+        }
+        .messages {
+            list-style-type: none;
+            padding: 0;
+            margin-bottom: 20px;
+        }
+        .messages .error {
+            background-color: #f8d7da;
+            color: #721c24;
+            border: 1px solid #f5c6cb;
+            padding: 10px;
+            border-radius: 5px;
+        }
+        .messages .success {
+            background-color: #d4edda;
+            color: #155724;
+            border: 1px solid #c3e6cb;
+            padding: 10px;
+            border-radius: 5px;
+        }
+    </style>
+</head>
+<body>
+    <div class="login-container">
+        <h2>ورود کاربر</h2>
+        
+        {% if messages %}
+            <ul class="messages">
+                {% for message in messages %}
+                    <li class="{{ message.tags }}">{{ message }}</li>
+                {% endfor %}
+            </ul>
+        {% endif %}
+
+        <form method="post" action="{% url 'user_login_view' %}">
+            {% csrf_token %}
+            <div class="form-group">
+                <label for="username">نام کاربری:</label>
+                <input type="text" id="username" name="username" required>
+            </div>
+            <button type="submit" class="submit-button">ورود</button>
+        </form>
+    </div>
+</body>
+</html>
+
diff --git a/management/templates/management/user_management.html b/management/templates/management/user_management.html
new file mode 100644
index 0000000000000000000000000000000000000000..e567ef9081b2d4c467172ace302854ab84a7904f
--- /dev/null
+++ b/management/templates/management/user_management.html
@@ -0,0 +1,81 @@
+<!-- management/templates/management/user_management.html -->
+<!-- -*- coding: utf-8 -*- -->
+<!DOCTYPE html>
+<html lang="fa" dir="rtl">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>مدیریت کاربران</title>
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/tailwindcss/2.2.19/tailwind.min.css">
+    <style>
+        body {
+            font-family: 'Vazirmatn', sans-serif;
+            background-color: #f3f4f6;
+        }
+    </style>
+</head>
+<body class="bg-gray-100 p-8">
+    <div class="max-w-4xl mx-auto bg-white shadow-xl rounded-lg overflow-hidden">
+        <header class="bg-indigo-600 text-white p-6">
+            <h1 class="text-3xl font-bold">پنل مدیریت کاربران</h1>
+        </header>
+
+        <main class="p-6">
+            {% if messages %}
+                <ul class="mb-4">
+                    {% for message in messages %}
+                        <li class="p-3 rounded-lg {% if message.tags == 'error' %}bg-red-100 text-red-800{% else %}bg-green-100 text-green-800{% endif %}">
+                            {{ message }}
+                        </li>
+                    {% endfor %}
+                </ul>
+            {% endif %}
+
+            <h2 class="text-2xl font-semibold mb-4">لیست کاربران من</h2>
+            
+            {% if users %}
+            <div class="overflow-x-auto">
+                <table class="min-w-full bg-white rounded-lg">
+                    <thead class="bg-gray-200">
+                        <tr>
+                            <th class="py-3 px-4 text-right text-sm font-medium text-gray-600">نام کاربری</th>
+                            <th class="py-3 px-4 text-right text-sm font-medium text-gray-600">وضعیت</th>
+                            <th class="py-3 px-4 text-right text-sm font-medium text-gray-600">حجم مصرفی</th>
+                            <th class="py-3 px-4 text-right text-sm font-medium text-gray-600">حجم کل</th>
+                            <th class="py-3 px-4 text-right text-sm font-medium text-gray-600">عملیات</th>
+                        </tr>
+                    </thead>
+                    <tbody>
+                        {% for user in users %}
+                        <tr class="border-t border-gray-200 hover:bg-gray-50">
+                            <td class="py-3 px-4 text-gray-800">{{ user.username }}</td>
+                            <td class="py-3 px-4 text-gray-800">
+                                <span class="px-2 py-1 text-xs font-semibold rounded-full
+                                    {% if user.status == 'active' %}bg-green-100 text-green-800
+                                    {% elif user.status == 'expired' %}bg-red-100 text-red-800
+                                    {% else %}bg-yellow-100 text-yellow-800
+                                    {% endif %}">
+                                    {{ user.status }}
+                                </span>
+                            </td>
+                            <td class="py-3 px-4 text-gray-800">{{ user.used_traffic|default:"0"|floatformat:2 }} GB</td>
+                            <td class="py-3 px-4 text-gray-800">{{ user.total_traffic|default:"0"|floatformat:2 }} GB</td>
+                            <td class="py-3 px-4">
+                                <!-- Placeholder buttons for future actions -->
+                                <button class="bg-blue-500 hover:bg-blue-600 text-white font-bold py-1 px-3 rounded-lg text-sm">تمدید</button>
+                                <button class="bg-green-500 hover:bg-green-600 text-white font-bold py-1 px-3 rounded-lg text-sm">ارتقا</button>
+                                <button class="bg-red-500 hover:bg-red-600 text-white font-bold py-1 px-3 rounded-lg text-sm">حذف</button>
+                            </td>
+                        </tr>
+                        {% endfor %}
+                    </tbody>
+                </table>
+            </div>
+            {% else %}
+            <p class="text-gray-600">هیچ کاربری برای مدیریت وجود ندارد.</p>
+            {% endif %}
+        </main>
+    </div>
+</body>
+</html>
+
diff --git a/management/templates/management/user_profile.html b/management/templates/management/user_profile.html
new file mode 100644
index 0000000000000000000000000000000000000000..b0e8b97c604524e22ca0300ad45d251687e2b57c
--- /dev/null
+++ b/management/templates/management/user_profile.html
@@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<html lang="fa" dir="rtl">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>پروفایل کاربری</title>
+    <style>
+        body { font-family: 'Arial', sans-serif; background-color: #f4f4f4; margin: 0; padding: 20px; text-align: right; }
+        .container { max-width: 800px; margin: 20px auto; background-color: #fff; padding: 20px; border-radius: 8px; box-shadow: 0 0 10px rgba(0, 0, 0, 0.1); }
+        h1 { color: #333; border-bottom: 2px solid #007bff; padding-bottom: 10px; }
+        p { font-size: 16px; color: #555; line-height: 1.6; }
+        strong { color: #000; }
+        .user-info { margin-top: 20px; }
+        .user-info div { margin-bottom: 10px; padding: 10px; background-color: #e9ecef; border-radius: 5px; }
+        .logout-link { display: block; margin-top: 20px; text-align: center; color: #dc3545; text-decoration: none; }
+        .logout-link:hover { text-decoration: underline; }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <h1>پروفایل کاربری</h1>
+        <div class="user-info">
+            <div>
+                <strong>نام کاربری:</strong> {{ user.username }}
+            </div>
+            <div>
+                <strong>نام کامل:</strong> {{ user.full_name }}
+            </div>
+        </div>
+        <a href="{% url 'logout' %}" class="logout-link">خروج از حساب</a>
+    </div>
+</body>
+</html>
diff --git a/management/tests.py b/management/tests.py
new file mode 100644
index 0000000000000000000000000000000000000000..7ce503c2dd97ba78597f6ff6e4393132753573f6
--- /dev/null
+++ b/management/tests.py
@@ -0,0 +1,3 @@
+from django.test import TestCase
+
+# Create your tests here.
diff --git a/management/urls.py b/management/urls.py
new file mode 100644
index 0000000000000000000000000000000000000000..f727f78c01d514a5b2f2bde03d151b4ebaabbc9e
--- /dev/null
+++ b/management/urls.py
@@ -0,0 +1,74 @@
+# management/urls.py
+# -*- coding: utf-8 -*-
+from django.urls import path, include
+from rest_framework_simplejwt.views import TokenRefreshView
+from rest_framework.routers import DefaultRouter
+from .views import (
+    CustomTokenObtainPairView,
+    LogoutAPIView, 
+    TelegramWebhookView,
+    PushSubscriptionAPIView,
+    GenerateTelegramTokenAPIView,
+    VerifyTelegramTokenAPIView,
+    PanelViewSet,
+    LicenseViewSet,
+    MarzbanAdminViewSet,
+    PlanViewSet,
+    EndUserViewSet,
+    SubscriptionViewSet,
+    PaymentViewSet,
+    PaymentReceiptUploadAPIView,
+    # New views for payment system
+    PaymentMethodViewSet,
+    PaymentDetailAPIView,
+    EndUserPaymentOptionsAPIView,
+    # New views that were recently added
+    AdminLevel3SubscriptionViewSet,
+    PurchaseSubscriptionForUserAPIView,
+)
+
+# Create a router and register our viewsets with it.
+router = DefaultRouter()
+router.register(r'panels', PanelViewSet, basename='panel')
+router.register(r'licenses', LicenseViewSet, basename='license')
+router.register(r'plans', PlanViewSet, basename='plan')
+router.register(r'endusers', EndUserViewSet, basename='enduser')
+router.register(r'subscriptions', SubscriptionViewSet, basename='subscription')
+router.register(r'payments', PaymentViewSet, basename='payment')
+# New: ViewSet for managing payment methods by Admin Level 2
+router.register(r'payment-methods', PaymentMethodViewSet, basename='payment-method')
+# New: ViewSet for Admin Level 3 to manage subscriptions
+router.register(r'admin/subscriptions', AdminLevel3SubscriptionViewSet, basename='admin-subscription')
+
+# The MarzbanAdminViewSet is a custom ViewSet, so we define its paths manually.
+marzban_admin_list = MarzbanAdminViewSet.as_view({
+    'get': 'list',
+    'post': 'create'
+})
+marzban_admin_detail = MarzbanAdminViewSet.as_view({
+    'delete': 'destroy'
+})
+
+urlpatterns = [
+    # API endpoints
+    path('api/token/', CustomTokenObtainPairView.as_view(), name='token_obtain_pair'),
+    path('api/token/refresh/', TokenRefreshView.as_view(), name='token_refresh'),
+    path('api/logout/', LogoutAPIView.as_view(), name='logout'),
+    # Use the router to handle all ViewSet API endpoints
+    path('api/', include(router.urls)),
+    # Marzban Admin Management (manual routing for a custom ViewSet)
+    path('api/marzban-admins/', marzban_admin_list, name='api_marzban_admin_list'),
+    path('api/marzban-admins/<str:pk>/', marzban_admin_detail, name='api_marzban_admin_detail'),
+    # Telegram & Push notifications
+    path('telegram-webhook/<str:bot_token>/', TelegramWebhookView.as_view(), name='telegram_webhook'),
+    path('api/push-subscription/', PushSubscriptionAPIView.as_view(), name='push_subscription'),
+    path('api/telegram-token/', GenerateTelegramTokenAPIView.as_view(), name='generate_telegram_token'),
+    path('api/verify-telegram-token/', VerifyTelegramTokenAPIView.as_view(), name='verify_telegram_token'),
+    path('api/upload-receipt/', PaymentReceiptUploadAPIView.as_view(), name='upload_receipt'),
+    # New: Payment System URLs
+    path('api/admin/payment-details/', PaymentDetailAPIView.as_view(), name='admin_payment_details'),
+    path('api/enduser/payment-options/', EndUserPaymentOptionsAPIView.as_view(), name='enduser_payment_options'),
+    # New: URL for EndUser to purchase subscriptions for other users
+    path('api/purchase-subscription/', PurchaseSubscriptionForUserAPIView.as_view(), name='purchase_subscription'),
+]
+
diff --git a/management/utils.py b/management/utils.py
new file mode 100644
index 0000000000000000000000000000000000000000..8eaee8a270406e012d3c083d6be9979a88589b74
--- /dev/null
+++ b/management/utils.py
@@ -0,0 +1,8 @@
+# management/utils.py
+import telegram
+
+def send_telegram_notification(payment_id):
+    # منطق ارسال نوتیفیکیشن تلگرام اینجا قرار می‌گیرد.
+    # برای شروع، می‌توانید این تابع را خالی بگذارید.
+    print(f"Sending notification for payment ID: {payment_id}")
+    pass
diff --git a/management/views.py b/management/views.py
new file mode 100644
index 0000000000000000000000000000000000000000..8da03c21ef0a20bc97600935c42d47d7f123b32f
--- /dev/null
+++ b/management/views.py
@@ -0,0 +1,347 @@
+# management/views.py
+# -*- coding: utf-8 -*-
+from django.utils import timezone
+from rest_framework import generics, viewsets, status
+from rest_framework.response import Response
+from rest_framework.permissions import IsAuthenticated, IsAdminUser
+from rest_framework.views import APIView
+from rest_framework_simplejwt.views import TokenObtainPairView
+from rest_framework_simplejwt.tokens import RefreshToken
+import datetime
+
+from .models import (
+    CustomUser, Panel, MarzbanAdmin, License, SecurityToken, Plan, Subscription,
+    Payment, EndUser, PaymentMethod, PaymentSetting, PaymentDetail, TelegramUser
+)
+from .serializers import (
+    PanelSerializer, LicenseSerializer, MarzbanAdminSerializer, CustomUserSerializer,
+    SecurityTokenSerializer, PlanSerializer, SubscriptionSerializer,
+    ReceiptUploadSerializer, PaymentMethodSerializer, PaymentDetailSerializer,
+    EndUserPaymentDetailSerializer, AdminLevel3SubscriptionSerializer,
+    PurchaseSubscriptionForUserSerializer,
+)
+from .tasks import (
+    send_telegram_message, send_payment_receipt_to_admin,
+    send_payment_confirmation_to_user,
+)
+
+# --- Authentication Views ---
+class CustomTokenObtainPairView(TokenObtainPairView):
+    def post(self, request, *args, **kwargs):
+        response = super().post(request, *args, **kwargs)
+        if response.status_code == 200:
+            user = CustomUser.objects.get(username=request.data['username'])
+            response.data['user_role'] = user.role
+        return response
+
+class LogoutAPIView(APIView):
+    permission_classes = [IsAuthenticated]
+
+    def post(self, request):
+        try:
+            refresh_token = request.data["refresh_token"]
+            token = RefreshToken(refresh_token)
+            token.blacklist()
+            return Response({"message": "Successfully logged out."}, status=status.HTTP_200_OK)
+        except Exception as e:
+            return Response({"error": "Invalid token or other error."}, status=status.HTTP_400_BAD_REQUEST)
+
+# --- ADDED: Missing ViewSets ---
+
+class PanelViewSet(viewsets.ModelViewSet):
+    serializer_class = PanelSerializer
+    permission_classes = [IsAuthenticated]
+    
+    def get_queryset(self):
+        return Panel.objects.filter(owner=self.request.user)
+    
+    def perform_create(self, serializer):
+        serializer.save(owner=self.request.user)
+
+class LicenseViewSet(viewsets.ModelViewSet):
+    serializer_class = LicenseSerializer
+    permission_classes = [IsAuthenticated]
+
+    def get_queryset(self):
+        user = self.request.user
+        if user.is_super_admin():
+            return License.objects.all()
+        return License.objects.filter(owner=user)
+
+class MarzbanAdminViewSet(viewsets.ModelViewSet):
+    serializer_class = MarzbanAdminSerializer
+    permission_classes = [IsAuthenticated]
+
+    def get_queryset(self):
+        try:
+            panel = Panel.objects.get(owner=self.request.user)
+            return MarzbanAdmin.objects.filter(panel=panel)
+        except Panel.DoesNotExist:
+            return MarzbanAdmin.objects.none()
+
+class PlanViewSet(viewsets.ModelViewSet):
+    serializer_class = PlanSerializer
+    permission_classes = [IsAuthenticated]
+
+    def get_queryset(self):
+        try:
+            panel = Panel.objects.get(owner=self.request.user)
+            return Plan.objects.filter(panel=panel)
+        except Panel.DoesNotExist:
+            return Plan.objects.none()
+
+    def perform_create(self, serializer):
+        try:
+            panel = Panel.objects.get(owner=self.request.user)
+            serializer.save(panel=panel)
+        except Panel.DoesNotExist:
+            return Response({"error": "You do not own a panel."}, status=status.HTTP_403_FORBIDDEN)
+
+class EndUserViewSet(viewsets.ModelViewSet):
+    serializer_class = SubscriptionSerializer # A better serializer can be created for EndUser
+    permission_classes = [IsAuthenticated]
+
+    def get_queryset(self):
+        if self.request.user.role == 'AdminLevel3':
+            try:
+                panel = Panel.objects.get(owner=self.request.user)
+                return EndUser.objects.filter(panel=panel)
+            except Panel.DoesNotExist:
+                return EndUser.objects.none()
+        return EndUser.objects.none()
+
+class SubscriptionViewSet(viewsets.ModelViewSet):
+    serializer_class = SubscriptionSerializer
+    permission_classes = [IsAuthenticated]
+    
+    def get_queryset(self):
+        user = self.request.user
+        if user.role == 'AdminLevel3':
+            try:
+                panel = Panel.objects.get(owner=user)
+                return Subscription.objects.filter(panel=panel)
+            except Panel.DoesNotExist:
+                return Subscription.objects.none()
+        elif user.role == 'EndUser':
+            try:
+                end_user = EndUser.objects.get(username=user.username)
+                return Subscription.objects.filter(end_user=end_user)
+            except EndUser.DoesNotExist:
+                return Subscription.objects.none()
+        return Subscription.objects.none()
+
+class PaymentViewSet(viewsets.ModelViewSet):
+    serializer_class = ReceiptUploadSerializer # A better serializer can be created for listing
+    permission_classes = [IsAuthenticated]
+
+    def get_queryset(self):
+        user = self.request.user
+        if user.is_admin_level_3():
+            return Payment.objects.filter(admin=user)
+        return Payment.objects.none()
+        
+# --- Payment System Views ---
+class PaymentMethodViewSet(viewsets.ModelViewSet):
+    queryset = PaymentMethod.objects.all()
+    serializer_class = PaymentMethodSerializer
+    permission_classes = [IsAuthenticated]
+    http_method_names = ['get', 'patch', 'put']
+
+    def get_queryset(self):
+        if self.request.user.is_authenticated and self.request.user.is_admin_level_2():
+            return PaymentMethod.objects.all()
+        return PaymentMethod.objects.none()
+
+class PaymentDetailAPIView(APIView):
+    permission_classes = [IsAuthenticated]
+
+    def get(self, request):
+        if not request.user.is_admin_level_3():
+            return Response({'error': 'Permission denied.'}, status=status.HTTP_403_FORBIDDEN)
+        details, _ = PaymentDetail.objects.get_or_create(admin_level_3=request.user)
+        serializer = PaymentDetailSerializer(details)
+        return Response(serializer.data)
+
+    def put(self, request):
+        if not request.user.is_admin_level_3():
+            return Response({'error': 'Permission denied.'}, status=status.HTTP_403_FORBIDDEN)
+        details, _ = PaymentDetail.objects.get_or_create(admin_level_3=request.user)
+        serializer = PaymentDetailSerializer(details, data=request.data, partial=True)
+        if serializer.is_valid():
+            serializer.save()
+            return Response(serializer.data)
+        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
+
+class EndUserPaymentOptionsAPIView(APIView):
+    permission_classes = [IsAuthenticated]
+
+    def get(self, request):
+        if not request.user.role == 'EndUser':
+            return Response({'error': 'Permission denied.'}, status=status.HTTP_403_FORBIDDEN)
+        try:
+            end_user = EndUser.objects.get(username=request.user.username)
+            admin_level_3_user = end_user.panel.owner
+            payment_settings = PaymentSetting.objects.filter(admin_level_3=admin_level_3_user, is_active=True)
+            serializer = EndUserPaymentDetailSerializer(payment_settings, many=True)
+            return Response(serializer.data)
+        except EndUser.DoesNotExist:
+            return Response({'error': 'User not found.'}, status=status.HTTP_404_NOT_FOUND)
+
+# --- Subscription Management ---
+class AdminLevel3SubscriptionViewSet(viewsets.ModelViewSet):
+    serializer_class = AdminLevel3SubscriptionSerializer
+    permission_classes = [IsAuthenticated]
+
+    def get_queryset(self):
+        if self.request.user.is_authenticated and self.request.user.role == 'AdminLevel3':
+            try:
+                return Subscription.objects.filter(panel__owner=self.request.user)
+            except Panel.DoesNotExist:
+                return Subscription.objects.none()
+        return Subscription.objects.none()
+
+    def perform_create(self, serializer):
+        serializer.save()
+
+# FIXED: Logic for purchasing subscription
+class PurchaseSubscriptionForUserAPIView(APIView):
+    serializer_class = PurchaseSubscriptionForUserSerializer
+    permission_classes = [IsAuthenticated]
+
+    def post(self, request, *args, **kwargs):
+        serializer = self.serializer_class(data=request.data)
+        serializer.is_valid(raise_exception=True)
+        
+        data = serializer.validated_data
+        end_user_username = data.get('end_user_username')
+        plan_id = data.get('plan_id')
+        amount = data.get('amount')
+
+        try:
+            # The user making the request must be an EndUser
+            if request.user.role != 'EndUser':
+                return Response({'error': 'Only EndUsers can purchase subscriptions.'}, status=status.HTTP_403_FORBIDDEN)
+            
+            # Get the panel of the user making the request
+            requester_end_user = EndUser.objects.get(username=request.user.username)
+            panel = requester_end_user.panel
+            admin_level_3_user = panel.owner
+
+            plan = Plan.objects.get(id=plan_id, panel=panel)
+
+            # Get or create the target end user within the same panel
+            target_end_user, _ = EndUser.objects.get_or_create(
+                username=end_user_username, defaults={'panel': panel}
+            )
+
+            subscription = Subscription.objects.create(
+                end_user=target_end_user,
+                plan=plan,
+                panel=panel,
+                status='pending',
+            )
+
+            payment = Payment.objects.create(
+                subscription=subscription,
+                admin=admin_level_3_user,
+                amount=amount,
+                status='pending',
+            )
+
+            return Response({
+                "message": "Subscription request created successfully. Please upload the receipt.",
+                "subscription_id": subscription.id,
+                "payment_token": payment.payment_token
+            }, status=status.HTTP_201_CREATED)
+
+        except EndUser.DoesNotExist:
+            return Response({'error': 'Requesting user profile not found.'}, status=status.HTTP_404_NOT_FOUND)
+        except Plan.DoesNotExist:
+            return Response({'error': 'Plan not found for your panel.'}, status=status.HTTP_404_NOT_FOUND)
+        except Exception as e:
+            return Response({'error': str(e)}, status=status.HTTP_500_INTERNAL_SERVER_ERROR)
+
+# --- Other Views ---
+
+# ADDED: PaymentReceiptUploadAPIView (was missing)
+class PaymentReceiptUploadAPIView(APIView):
+    permission_classes = [IsAuthenticated]
+    serializer_class = ReceiptUploadSerializer
+    
+    def post(self, request, *args, **kwargs):
+        serializer = self.serializer_class(data=request.data)
+        serializer.is_valid(raise_exception=True)
+        
+        try:
+            payment = Payment.objects.get(payment_token=serializer.validated_data['payment_token'])
+            
+            # Update payment with receipt details
+            payment.receipt_image = serializer.validated_data.get('receipt_image')
+            payment.receipt_text = serializer.validated_data.get('receipt_text')
+            payment.save()
+            
+            # Trigger celery task to notify admin
+            send_payment_receipt_to_admin.delay(payment.id)
+            
+            return Response({"message": "Receipt uploaded successfully. Please wait for admin approval."}, status=status.HTTP_200_OK)
+        except Payment.DoesNotExist:
+            return Response({"error": "Invalid payment token."}, status=status.HTTP_404_NOT_FOUND)
+
+# ADDED: GenerateTelegramTokenAPIView (was missing)
+class GenerateTelegramTokenAPIView(APIView):
+    permission_classes = [IsAuthenticated]
+
+    def post(self, request):
+        user = request.user
+        expiration = timezone.now() + datetime.timedelta(minutes=5)
+        # This assumes a direct relation between CustomUser and a Marzban Admin ID
+        if not user.marzban_admin_id:
+             return Response({'error': 'User is not linked to a Marzban admin.'}, status=status.HTTP_400_BAD_REQUEST)
+
+        token, _ = SecurityToken.objects.update_or_create(
+            admin_id=str(user.marzban_admin_id),
+            defaults={'expiration_date': expiration}
+        )
+        return Response({'token': token.token})
+
+class VerifyTelegramTokenAPIView(APIView):
+    # This view is for unauthenticated users (the bot) to verify a token
+    permission_classes = [] 
+
+    def post(self, request):
+        token_value = request.data.get('token')
+        chat_id = request.data.get('chat_id')
+
+        if not token_value or not chat_id:
+            return Response({'error': 'Token and chat_id are required.'}, status=status.HTTP_400_BAD_REQUEST)
+
+        try:
+            token = SecurityToken.objects.get(token=token_value, expiration_date__gt=timezone.now())
+            
+            # Logic to find the main DB CustomUser and update their telegram_chat_id
+            user = CustomUser.objects.get(marzban_admin_id=token.admin_id)
+            
+            # Assuming AdminLevel3 has a telegram_chat_id field
+            if hasattr(user, 'admin_level_3'):
+                user.admin_level_3.telegram_chat_id = chat_id
+                user.admin_level_3.save()
+            
+            token.delete() # One-time use token
+            return Response({'message': 'Telegram account linked successfully.'})
+        except (SecurityToken.DoesNotExist, CustomUser.DoesNotExist):
+            return Response({'error': 'Invalid or expired token.'}, status=status.HTTP_400_BAD_REQUEST)
+
+class PushSubscriptionAPIView(APIView):
+    permission_classes = [IsAuthenticated]
+    def post(self, request, *args, **kwargs):
+        # Implementation needed
+        return Response({'message': 'Subscription created successfully.'})
+
+# ADDED: TelegramWebhookView (was in urls.py but missing here)
+class TelegramWebhookView(APIView):
+    permission_classes = []
+    
+    def post(self, request, bot_token):
+        # Your telegram bot logic here
+        # print(request.data)
+        return Response({'status': 'ok'})