diff --git a/.gitignore b/.gitignore
index 3d70248ba2..053370cc3a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -12,4 +12,11 @@ npm-debug.log*
 yarn-debug.log*
 yarn-error.log*
 
-package-lock.json
\ No newline at end of file
+package-lock.json
+# env files
+backend/.env
+frontend/.env
+
+# env files
+backend/.env
+frontend/.env
diff --git a/README.md b/README.md
index 31466b54c2..75915c1c95 100644
--- a/README.md
+++ b/README.md
@@ -1,13 +1,42 @@
 # Final Project
 
-Replace this readme with your own information about your project.
+Pocket Oracle
+
+A small full-stack tarot app where you can draw cards, save readings, and revisit them later.
 
-Start by briefly describing the assignment in a sentence or two. Keep it short and to the point.
 
 ## The problem
 
-Describe how you approached to problem, and what tools and techniques you used to solve it. How did you plan? What technologies did you use? If you had more time, what would be next?
+Planning: wrote a few user stories (“draw one card”, “save a 3-card reading”, “see my history”), sketched the pages, then built backend → frontend → deploy in that order.
+
+Tech stack:
+
+Frontend: React (Vite), React Router, axios, react-hook-form + Zod, styled-components for theme tokens.
+
+Backend: Node + Express, MongoDB (Mongoose), JWT auth, bcrypt.
+
+Deployment: Netlify (frontend) and Render (backend).
+
+How I solved it:
+
+Created REST endpoints for auth and readings (CRUD).
+
+Used a shared axios instance with a request interceptor to attach the JWT to every call.
+
+Set up CORS to allow Netlify + localhost.
+Kept colors/spacing in CSS variables so the hero image + palette were easy to tune.
+
+If I had more time: find /make better readings, implement AI, fix so all tarot cards show, daily card with history - calenderview, search/filter for readings, better a11y & loading states, overall visual clean-up - make it more user logical and a small test suite (Vitest/RTL).
+
 
 ## View it live
 
-Every project should be deployed somewhere. Be sure to include the link to the deployed project so that the viewer can click around and see what it's all about.
\ No newline at end of file
+App: https://pocketoracle.netlify.app
+
+API (Render): https://pocket-oracle.onrender.com
+
+
+
+Thanks to:
+https://github.com/krates98/tarotcardapi for images and more.
+https://commons.wikimedia.org/wiki/File:Sebastian_Pether_(1790-1844)_-_Moonlit_Landscape_with_a_Gothic_Ruin_-_1449048_-_National_Trust.jpg for hero image
\ No newline at end of file
diff --git a/backend/package.json b/backend/package.json
index 08f29f2448..226a9fcc6c 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -12,9 +12,15 @@
     "@babel/core": "^7.17.9",
     "@babel/node": "^7.16.8",
     "@babel/preset-env": "^7.16.11",
+    "axios": "^1.11.0",
+    "bcrypt": "^6.0.0",
     "cors": "^2.8.5",
-    "express": "^4.17.3",
-    "mongoose": "^8.4.0",
-    "nodemon": "^3.0.1"
+    "dotenv": "^17.2.1",
+    "express": "^4.21.2",
+    "jsonwebtoken": "^9.0.2",
+    "mongoose": "^8.18.0"
+  },
+  "devDependencies": {
+    "nodemon": "^3.1.10"
   }
-}
\ No newline at end of file
+}
diff --git a/backend/server.js b/backend/server.js
index 070c875189..b2bdf52d7a 100644
--- a/backend/server.js
+++ b/backend/server.js
@@ -1,22 +1,91 @@
-import express from "express";
-import cors from "cors";
-import mongoose from "mongoose";
+// backend/server.js
+// force .env to override any OS env var
+import dotenv from 'dotenv';
+dotenv.config({ override: true });
+import express from 'express';
+import cors from 'cors';
+import mongoose from 'mongoose';
 
-const mongoUrl = process.env.MONGO_URL || "mongodb://localhost/final-project";
-mongoose.connect(mongoUrl);
-mongoose.Promise = Promise;
+import authRouter from './src/routes/auth.js';
+import secretRouter from './src/routes/secret.js';
+import readingsRouter from './src/routes/readings.js';
+import tarotRouter from './src/routes/tarot.js';
+
+const PORT = process.env.PORT || 5000;
+const MONGO_URI = process.env.MONGODB_URI;
+
+if (!MONGO_URI) {
+  console.error('❌ MONGODB_URI missing in backend/.env');
+  process.exit(1);
+}
 
-const port = process.env.PORT || 8080;
 const app = express();
 
-app.use(cors());
+// --- CORS (dev + production) -----------------------------------------------
+const DEV_ORIGINS = [
+  'http://localhost:5173',
+  'http://localhost:5174',
+  'http://localhost:5175',
+  'http://localhost:5176',
+];
+
+// Allow comma-separated env (ex: "https://pocketoracle.netlify.app,http://localhost:5173")
+const ENV_ORIGINS = (process.env.CLIENT_ORIGIN || '')
+  .split(',')
+  .map(s => s.trim())
+  .filter(Boolean);
+
+const ALLOWED_ORIGINS = ENV_ORIGINS.length ? ENV_ORIGINS : DEV_ORIGINS;
+
+const corsOptions = {
+  origin(origin, cb) {
+    // allow curl/health checks (no Origin) and any listed origin
+    if (!origin || ALLOWED_ORIGINS.includes(origin)) return cb(null, true);
+    cb(new Error(`CORS: origin not allowed -> ${origin}`));
+  },
+  methods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'],
+  allowedHeaders: ['Content-Type', 'Authorization'],
+  credentials: false,
+  maxAge: 86400,
+  optionsSuccessStatus: 204
+};
+
+app.use(cors(corsOptions));
+// Make sure every route responds to preflight
+app.options('*', cors(corsOptions));
+// ---------------------------------------------------------------------------
+
 app.use(express.json());
 
-app.get("/", (req, res) => {
-  res.send("Hello Technigo!");
-});
+// Health check
+app.get('/health', (_req, res) => res.json({ status: 'ok' }));
+
+// Routes
+app.use('/api/auth', authRouter);
+app.use('/api/secret', secretRouter);
+app.use('/api/readings', readingsRouter);
+app.use('/api/tarot', tarotRouter);
 
-// Start the server
-app.listen(port, () => {
-  console.log(`Server running on http://localhost:${port}`);
+// Demo root
+app.get('/', (_req, res) => {
+  res.send('Hello Technigo!');
 });
+
+async function start() {
+  try {
+    await mongoose.connect(MONGO_URI);
+    console.log('✓ MongoDB connected');
+
+    app.listen(PORT, () => {
+      console.log(`✓ Server running on http://localhost:${PORT}`);
+      console.log('✓ CORS allowed origins:', (ALLOWED_ORIGINS || []).join(', '));
+    });
+
+  } catch (err) {
+    console.error('DB connection failed:', err.message);
+    process.exit(1);
+  }
+}
+
+start();
+
diff --git a/backend/src/middleware/auth.js b/backend/src/middleware/auth.js
new file mode 100644
index 0000000000..180f1e7b78
--- /dev/null
+++ b/backend/src/middleware/auth.js
@@ -0,0 +1,13 @@
+import jwt from 'jsonwebtoken';
+
+export default function auth(req, res, next) {
+  const h = req.headers.authorization || '';
+  const token = h.startsWith('Bearer ') ? h.slice(7) : null;
+  if (!token) return res.status(401).json({ error: 'Missing token' });
+  try {
+    req.user = jwt.verify(token, process.env.JWT_SECRET); // { id, email, name }
+    next();
+  } catch {
+    res.status(401).json({ error: 'Invalid token' });
+  }
+}
diff --git a/backend/src/models/Reading.js b/backend/src/models/Reading.js
new file mode 100644
index 0000000000..a311665251
--- /dev/null
+++ b/backend/src/models/Reading.js
@@ -0,0 +1,19 @@
+// backend/src/models/Reading.js
+import mongoose from 'mongoose';
+
+const CardSchema = new mongoose.Schema({
+  id: { type: String, required: true },       // e.g., "XVI" or "The Tower"
+  reversed: { type: Boolean, default: false },
+  position: { type: String },                  // e.g., "Past", "Present", "Future"
+}, { _id: false });
+
+const ReadingSchema = new mongoose.Schema({
+  userId: { type: mongoose.Schema.Types.ObjectId, ref: 'User', required: true, index: true },
+  spread: { type: String, enum: ['one', 'three', 'custom'], required: true },
+  title: { type: String },
+  notes: { type: String },
+  tags: { type: [String], default: [] },
+  cards: { type: [CardSchema], default: [] },
+}, { timestamps: true });
+
+export default mongoose.model('Reading', ReadingSchema);
diff --git a/backend/src/models/User.js b/backend/src/models/User.js
new file mode 100644
index 0000000000..64c59c64cd
--- /dev/null
+++ b/backend/src/models/User.js
@@ -0,0 +1,10 @@
+import mongoose from 'mongoose';
+const { Schema, model } = mongoose;
+
+const userSchema = new Schema({
+  name: { type: String, required: true },
+  email: { type: String, required: true, unique: true },
+  passwordHash: { type: String, required: true }
+}, { timestamps: true });
+
+export default model('User', userSchema);
diff --git a/backend/src/routes/auth.js b/backend/src/routes/auth.js
new file mode 100644
index 0000000000..145afa8b55
--- /dev/null
+++ b/backend/src/routes/auth.js
@@ -0,0 +1,31 @@
+import { Router } from 'express';
+import bcrypt from 'bcrypt';
+import jwt from 'jsonwebtoken';
+import User from '../models/User.js';
+import auth from '../middleware/auth.js';
+
+const router = Router();
+
+router.post('/register', async (req, res) => {
+  const { name, email, password } = req.body || {};
+  if (!name || !email || !password) return res.status(400).json({ error: 'Missing fields' });
+  const exists = await User.findOne({ email });
+  if (exists) return res.status(409).json({ error: 'Email already in use' });
+  const passwordHash = await bcrypt.hash(password, 10);
+  await User.create({ name, email, passwordHash });
+  res.status(201).json({ message: 'User created' });
+});
+
+router.post('/login', async (req, res) => {
+  const { email, password } = req.body || {};
+  const user = await User.findOne({ email });
+  if (!user) return res.status(401).json({ error: 'Invalid credentials' });
+  const ok = await bcrypt.compare(password, user.passwordHash);
+  if (!ok) return res.status(401).json({ error: 'Invalid credentials' });
+  const token = jwt.sign({ id: user._id, email: user.email, name: user.name }, process.env.JWT_SECRET, { expiresIn: '7d' });
+  res.json({ token, user: { id: user._id, name: user.name, email: user.email } });
+});
+
+router.get('/me', auth, (req, res) => res.json({ user: req.user }));
+
+export default router;
diff --git a/backend/src/routes/readings.js b/backend/src/routes/readings.js
new file mode 100644
index 0000000000..d0c4aef655
--- /dev/null
+++ b/backend/src/routes/readings.js
@@ -0,0 +1,131 @@
+// backend/src/routes/readings.js
+import { Router } from 'express';
+import mongoose from 'mongoose';
+import auth from '../middleware/auth.js';
+import Reading from '../models/Reading.js';
+
+const router = Router();
+const { isValidObjectId } = mongoose;
+
+// All routes below require JWT
+router.use(auth);
+
+/**
+ * CREATE a reading
+ */
+router.post('/', async (req, res) => {
+  try {
+    const { spread, title, notes, tags = [], cards = [] } = req.body;
+    if (!spread) return res.status(400).json({ error: 'spread is required' });
+
+    const reading = await Reading.create({
+      userId: req.user.id,
+      spread,
+      title,
+      notes,
+      tags,
+      cards,
+    });
+
+    res.status(201).json(reading);
+  } catch (e) {
+    res.status(400).json({ error: e.message || 'Invalid payload' });
+  }
+});
+
+/**
+ * LIST your readings (paginated)
+ * GET /api/readings?page=1&limit=10
+ */
+router.get('/', async (req, res) => {
+  try {
+    const page = Math.max(parseInt(req.query.page || '1', 10), 1);
+    const limit = Math.min(Math.max(parseInt(req.query.limit || '10', 10), 1), 50);
+    const skip = (page - 1) * limit;
+
+    const [items, total] = await Promise.all([
+      Reading.find({ userId: req.user.id })
+        .sort({ createdAt: -1 })
+        .skip(skip)
+        .limit(limit),
+      Reading.countDocuments({ userId: req.user.id }),
+    ]);
+
+    res.json({
+      page,
+      limit,
+      total,
+      pages: Math.max(1, Math.ceil(total / limit)),
+      items,
+    });
+  } catch (e) {
+    res.status(500).json({ error: 'Server error' });
+  }
+});
+
+/**
+ * READ ONE (owner check)
+ */
+router.get('/:id', async (req, res) => {
+  try {
+    const { id } = req.params;
+    if (!isValidObjectId(id)) return res.status(400).json({ error: 'Bad id' });
+
+    const reading = await Reading.findById(id);
+    if (!reading || String(reading.userId) !== req.user.id) {
+      return res.status(404).json({ error: 'Not found' });
+    }
+
+    res.json(reading);
+  } catch (e) {
+    res.status(500).json({ error: 'Server error' });
+  }
+});
+
+/**
+ * UPDATE (partial, owner check)
+ */
+router.patch('/:id', async (req, res) => {
+  try {
+    const { id } = req.params;
+    if (!isValidObjectId(id)) return res.status(400).json({ error: 'Bad id' });
+
+    const allowed = ['spread', 'title', 'notes', 'tags', 'cards'];
+    const updates = {};
+    for (const k of allowed) if (k in req.body) updates[k] = req.body[k];
+
+    const reading = await Reading.findById(id);
+    if (!reading || String(reading.userId) !== req.user.id) {
+      return res.status(404).json({ error: 'Not found' });
+    }
+
+    Object.assign(reading, updates);
+    await reading.save();
+    res.json(reading);
+  } catch (e) {
+    res.status(500).json({ error: 'Server error' });
+  }
+});
+
+/**
+ * DELETE (owner check)
+ */
+router.delete('/:id', async (req, res) => {
+  try {
+    const { id } = req.params;
+    if (!isValidObjectId(id)) return res.status(400).json({ error: 'Bad id' });
+
+    const reading = await Reading.findById(id);
+    if (!reading || String(reading.userId) !== req.user.id) {
+      return res.status(404).json({ error: 'Not found' });
+    }
+
+    await reading.deleteOne();
+    res.json({ message: 'Deleted' });
+  } catch (e) {
+    res.status(500).json({ error: 'Server error' });
+  }
+});
+
+export default router;
+
diff --git a/backend/src/routes/secret.js b/backend/src/routes/secret.js
new file mode 100644
index 0000000000..547afe6c4d
--- /dev/null
+++ b/backend/src/routes/secret.js
@@ -0,0 +1,12 @@
+// backend/src/routes/secret.js
+import { Router } from 'express';
+import auth from '../middleware/auth.js';
+
+const router = Router();
+
+// GET /api/secret (requires valid JWT)
+router.get('/', auth, (req, res) => {
+  res.json({ message: `Hello ${req.user.name}, here’s your secret ✨` });
+});
+
+export default router;
diff --git a/backend/src/routes/tarot.js b/backend/src/routes/tarot.js
new file mode 100644
index 0000000000..ebc74533ea
--- /dev/null
+++ b/backend/src/routes/tarot.js
@@ -0,0 +1,26 @@
+import { Router } from 'express';
+import axios from 'axios';
+
+const router = Router();
+const BASE = process.env.TAROT_API_BASE || 'https://tarotapi.dev/api/v1';
+
+router.get('/draw', async (req, res) => {
+  try {
+    const n = Number(req.query.n || 3);
+    const { data } = await axios.get(`${BASE}/cards/random`, { params: { n } });
+    res.json(data);
+  } catch (e) {
+    res.status(502).json({ error: 'Tarot API failed', detail: e.message });
+  }
+});
+
+router.get('/cards', async (_req, res) => {
+  try {
+    const { data } = await axios.get(`${BASE}/cards`);
+    res.json(data);
+  } catch (e) {
+    res.status(502).json({ error: 'Tarot API failed', detail: e.message });
+  }
+});
+
+export default router;
diff --git a/frontend/index.html b/frontend/index.html
index 664410b5b9..fa44fe08aa 100644
--- a/frontend/index.html
+++ b/frontend/index.html
@@ -1,13 +1,46 @@
 <!DOCTYPE html>
 <html lang="en">
-  <head>
-    <meta charset="UTF-8" />
-    <link rel="icon" type="image/svg+xml" href="/vite.svg" />
-    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <title>Technigo React Vite Boiler Plate</title>
-  </head>
-  <body>
-    <div id="root"></div>
-    <script type="module" src="/src/main.jsx"></script>
-  </body>
-</html>
+
+<head>
+  <link
+    rel="preconnect"
+    href="https://fonts.gstatic.com"
+    crossorigin
+  >
+  <link
+    href="https://fonts.googleapis.com/css2?family=Playfair+Display:wght@700;800&family=Inter:wght@400;600&display=swap"
+    rel="stylesheet"
+  >
+  <meta charset="UTF-8" />
+  <link
+    rel="icon"
+    type="image/svg+xml"
+    href="/card-back.svg"
+  />
+
+  <link
+    rel="mask-icon"
+    href="/card-back.svg"
+    color="#d1a84a"
+  >
+  <meta
+    name="theme-color"
+    content="#eef2f2"
+  >
+
+  <meta
+    name="viewport"
+    content="width=device-width, initial-scale=1.0"
+  />
+  <title>Pocket Oracle</title>
+</head>
+
+<body>
+  <div id="root"></div>
+  <script
+    type="module"
+    src="/src/main.jsx"
+  ></script>
+</body>
+
+</html>
\ No newline at end of file
diff --git a/frontend/package.json b/frontend/package.json
index 7b2747e949..bede188fc3 100644
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -10,8 +10,14 @@
     "preview": "vite preview"
   },
   "dependencies": {
+    "@hookform/resolvers": "^5.2.1",
+    "axios": "^1.11.0",
     "react": "^18.2.0",
-    "react-dom": "^18.2.0"
+    "react-dom": "^18.2.0",
+    "react-hook-form": "^7.62.0",
+    "react-router-dom": "^7.8.2",
+    "styled-components": "^6.1.19",
+    "zod": "^4.1.3"
   },
   "devDependencies": {
     "@types/react": "^18.2.15",
diff --git a/frontend/public/_redirects b/frontend/public/_redirects
new file mode 100644
index 0000000000..7797f7c6a7
--- /dev/null
+++ b/frontend/public/_redirects
@@ -0,0 +1 @@
+/* /index.html 200
diff --git a/frontend/public/card-back.svg b/frontend/public/card-back.svg
new file mode 100644
index 0000000000..8e7b8e9d08
--- /dev/null
+++ b/frontend/public/card-back.svg
@@ -0,0 +1,12 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 750 1200">
+  <defs>
+    <pattern id="p" width="40" height="40" patternUnits="userSpaceOnUse">
+      <circle cx="20" cy="20" r="6" fill="#f6d26a"></circle>
+      <rect x="19" y="0" width="2" height="40" fill="#f6d26a" opacity="0.35"></rect>
+      <rect x="0" y="19" width="40" height="2" fill="#f6d26a" opacity="0.35"></rect>
+    </pattern>
+  </defs>
+  <rect width="100%" height="100%" rx="28" ry="28" fill="#5a2a83"></rect>
+  <rect x="24" y="24" width="702" height="1152" rx="24" ry="24" fill="none" stroke="#f6d26a" stroke-width="6"></rect>
+  <rect x="48" y="48" width="654" height="1104" rx="20" ry="20" fill="url(#p)" stroke="#f6d26a" stroke-width="4" opacity="0.9"></rect>
+</svg>
diff --git a/frontend/public/hero.jpg b/frontend/public/hero.jpg
new file mode 100644
index 0000000000..aa39ec4713
Binary files /dev/null and b/frontend/public/hero.jpg differ
diff --git a/frontend/public/old-hero.jpg b/frontend/public/old-hero.jpg
new file mode 100644
index 0000000000..7035000787
Binary files /dev/null and b/frontend/public/old-hero.jpg differ
diff --git a/frontend/src/App.jsx b/frontend/src/App.jsx
index 0a24275e6e..d0f230ec84 100644
--- a/frontend/src/App.jsx
+++ b/frontend/src/App.jsx
@@ -1,8 +1,91 @@
-export const App = () => {
+// frontend/src/App.jsx
+import { BrowserRouter, Routes, Route, Navigate, useNavigate } from 'react-router-dom';
+import { useEffect } from 'react';
+import { AuthProvider, useAuth } from './context/AuthContext';
+
+import Home from './pages/Home';
+import Login from './pages/Login';
+import Register from './pages/Register';
+import Secret from './pages/Secret';
+
+import { ThemeProvider } from 'styled-components';
+import { getTheme } from './ui/theme';
+import { GlobalStyle } from './ui/GlobalStyle';
+import { Nav, NavLink, GhostButton, Brand } from './ui/components';
+import { useLocalStorage } from './hooks/useLocalStorage';
+
+function Private({ children }) {
+  const { isLoggedIn } = useAuth();
+  return isLoggedIn ? children : <Navigate to="/login" replace />;
+}
+
+function TopNav({ mode, toggleMode }) {
+  const { isLoggedIn, logout } = useAuth();
+  const navigate = useNavigate();
+
+  const onLogout = (e) => {
+    e.preventDefault();
+    logout();
+    navigate('/');
+  };
 
   return (
-    <>
-      <h1>Welcome to Final Project!</h1>
-    </>
+    <Nav>
+      {/* First row (mobile): brand + theme toggle */}
+      <div className="row-top">
+        <Brand to="/">Pocket Oracle</Brand>
+        <GhostButton onClick={toggleMode} aria-pressed={mode === 'dark'}>
+          {mode === 'dark' ? '🌙 Dark' : '☀️ Light'}
+        </GhostButton>
+      </div>
+
+      {/* Second row (mobile): links; on desktop sits to the right */}
+      <div className="row-links">
+        <NavLink to="/">Home</NavLink>
+        <NavLink to="/secret">Secret</NavLink>
+
+        {!isLoggedIn ? (
+          <>
+            <NavLink to="/login">Login</NavLink>
+            <NavLink to="/register">Register</NavLink>
+          </>
+        ) : (
+          <NavLink to="/" onClick={onLogout}>Logout</NavLink>
+        )}
+      </div>
+    </Nav>
   );
-};
+}
+
+export default function App() {
+  const [mode, setMode] = useLocalStorage('mode', 'light');
+  const theme = getTheme(mode);
+  const toggleMode = () => setMode(mode === 'light' ? 'dark' : 'light');
+
+  // Warm the API (Render cold start)
+  useEffect(() => {
+    const url = `${import.meta.env.VITE_API_URL}/health`;
+    fetch(url, { cache: 'no-store' }).catch(() => { });
+  }, []);
+
+  return (
+    <ThemeProvider theme={theme}>
+      <GlobalStyle />
+      <AuthProvider>
+        <BrowserRouter>
+          <TopNav mode={mode} toggleMode={toggleMode} />
+          <Routes>
+            <Route path="/" element={<Home />} />
+            <Route path="/secret" element={<Private><Secret /></Private>} />
+            <Route path="/login" element={<Login />} />
+            <Route path="/register" element={<Register />} />
+            <Route path="*" element={<div style={{ padding: 16 }}>Not found</div>} />
+          </Routes>
+        </BrowserRouter>
+      </AuthProvider>
+    </ThemeProvider>
+  );
+}
+
+
+
diff --git a/frontend/src/Secret.jsx b/frontend/src/Secret.jsx
new file mode 100644
index 0000000000..bc855139e6
--- /dev/null
+++ b/frontend/src/Secret.jsx
@@ -0,0 +1,57 @@
+// frontend/src/pages/Secret.jsx
+import { useState } from 'react';
+import { Page, Grid, Card } from '../ui/components'; // keep your UI imports
+import ReadingForm from '../components/ReadingForm';
+import ReadingsList from '../components/ReadingsList';
+
+import { drawRandom } from '../services/tarot';
+import { imageUrlForCard } from '../lib/tarotImages';
+
+export default function Secret() {
+  const [refreshKey, setRefreshKey] = useState(0);
+  const [cards, setCards] = useState([]);
+
+  async function handleDraw() {
+    try {
+      const data = await drawRandom(3);
+      const list = Array.isArray(data) ? data : data.cards;
+      setCards(list || []);
+    } catch (e) {
+      alert(e?.response?.data?.error || e.message);
+    }
+  }
+
+  return (
+    <Page>
+      <Grid>
+        <Card>
+          <h2 style={{ marginTop: 0 }}>Quick draw from API</h2>
+          <button onClick={handleDraw}>Draw 3 cards</button>
+          <div style={{
+            display: 'grid',
+            gridTemplateColumns: 'repeat(3, minmax(140px, 1fr))',
+            gap: 12,
+            marginTop: 12
+          }}>
+            {cards.map((c) => (
+              <div key={c.name} style={{ textAlign: 'center' }}>
+                <img
+                  src={imageUrlForCard(c)}
+                  alt={c.name}
+                  style={{ width: '100%', maxWidth: 220, height: 'auto', borderRadius: 8 }}
+                  onError={(e) => { e.currentTarget.src = '/card-back.png'; }}
+                />
+                <div style={{ marginTop: 6, fontWeight: 600 }}>{c.name}</div>
+                {c.meaning_up && <div style={{ fontSize: 12, opacity: 0.8 }}>{c.meaning_up}</div>}
+              </div>
+            ))}
+          </div>
+        </Card>
+
+        <ReadingForm onCreated={() => setRefreshKey(k => k + 1)} />
+        <ReadingsList refreshKey={refreshKey} />
+      </Grid>
+    </Page>
+  );
+}
+
diff --git a/frontend/src/components/Hero.jsx b/frontend/src/components/Hero.jsx
new file mode 100644
index 0000000000..f05e3690c1
--- /dev/null
+++ b/frontend/src/components/Hero.jsx
@@ -0,0 +1,26 @@
+// frontend/src/components/Hero.jsx
+import { Link } from 'react-router-dom';
+
+export default function Hero({
+  title = 'Welcome to your pocket oracle!',
+  subtitle = 'Draw a card or login for more options.',
+  ctaLabel = 'More',
+  ctaTo = '/secret',
+  position = 'center 35%',      // you control the crop via this prop
+}) {
+  return (
+    <div
+      className="hero"
+      style={{
+        '--hero-pos': position,       // used by CSS var
+        backgroundPosition: position, // hard override (wins over other CSS)
+      }}
+    >
+      <div className="content">
+        <h1 className="hero-title">{title}</h1>
+        {subtitle && <p className="hero-sub">{subtitle}</p>}
+        {ctaLabel && <Link className="btn-accent" to={ctaTo}>{ctaLabel}</Link>}
+      </div>
+    </div>
+  );
+}
diff --git a/frontend/src/components/ReadingForm.jsx b/frontend/src/components/ReadingForm.jsx
new file mode 100644
index 0000000000..e0426953ad
--- /dev/null
+++ b/frontend/src/components/ReadingForm.jsx
@@ -0,0 +1,154 @@
+// frontend/src/components/ReadingForm.jsx
+import { useState } from 'react';
+import { useForm } from 'react-hook-form';
+import { z } from 'zod';
+import { zodResolver } from '@hookform/resolvers/zod';
+import { createReading } from '../services/readings';
+import { Card, H2, Field, Label, Input, Button, ErrorText, Hint } from '../ui/components';
+
+const SpreadEnum = z.enum(['one', 'three']);
+
+const FormSchema = z.object({
+  spread: SpreadEnum,
+  title: z.string().optional(),
+  notes: z.string().optional(),
+  tags: z.string().optional(), // comma separated, we'll split to []
+  // one-card fields
+  oneCard: z.string().optional(),
+  oneRev: z.boolean().optional(),
+  // three-card fields
+  past: z.string().optional(),
+  pastRev: z.boolean().optional(),
+  present: z.string().optional(),
+  presentRev: z.boolean().optional(),
+  future: z.string().optional(),
+  futureRev: z.boolean().optional(),
+});
+
+export default function ReadingForm({ onCreated }) {
+  const [error, setError] = useState('');
+  const { register, handleSubmit, watch, reset, formState: { errors, isSubmitting } } =
+    useForm({ resolver: zodResolver(FormSchema), defaultValues: { spread: 'three' } });
+
+  const spread = watch('spread');
+
+  const onSubmit = async (data) => {
+    setError('');
+
+    // Build payload for the API
+    const tags = (data.tags || '')
+      .split(',')
+      .map(s => s.trim())
+      .filter(Boolean);
+
+    let payload = {
+      spread: data.spread,
+      title: data.title || '',
+      notes: data.notes || '',
+      tags,
+      cards: [],
+    };
+
+    if (data.spread === 'one') {
+      if (!data.oneCard) { setError('Please enter the card.'); return; }
+      payload.cards = [
+        { id: data.oneCard, reversed: !!data.oneRev, position: 'Single' },
+      ];
+    } else {
+      if (!data.past || !data.present || !data.future) {
+        setError('Please fill in all three cards.');
+        return;
+      }
+      payload.cards = [
+        { id: data.past, reversed: !!data.pastRev, position: 'Past' },
+        { id: data.present, reversed: !!data.presentRev, position: 'Present' },
+        { id: data.future, reversed: !!data.futureRev, position: 'Future' },
+      ];
+    }
+
+    try {
+      await createReading(payload);
+      reset({ spread: data.spread, title: '', notes: '', tags: '' });
+      onCreated?.();
+    } catch (e) {
+      setError(e?.response?.data?.error || e.message);
+    }
+  };
+
+  return (
+    <Card>
+      <H2>Create a Reading</H2>
+      <Hint>Choose a spread, fill the cards, and save. Tags are optional (comma separated).</Hint>
+
+      {error && <ErrorText>{error}</ErrorText>}
+
+      <form onSubmit={handleSubmit(onSubmit)}>
+        <Field>
+          <Label>Spread</Label>
+          <select {...register('spread')}>
+            <option value="one">One card</option>
+            <option value="three">Three cards</option>
+          </select>
+        </Field>
+
+        <Field>
+          <Label>Title</Label>
+          <Input placeholder="Daily check-in" {...register('title')} />
+          {errors.title && <ErrorText>{errors.title.message}</ErrorText>}
+        </Field>
+
+        <Field>
+          <Label>Notes</Label>
+          <Input placeholder="How are you feeling?" {...register('notes')} />
+        </Field>
+
+        <Field>
+          <Label>Tags (comma separated)</Label>
+          <Input placeholder="daily, mood" {...register('tags')} />
+        </Field>
+
+        {spread === 'one' ? (
+          <>
+            <Field>
+              <Label>Card</Label>
+              <Input placeholder="The Sun" {...register('oneCard')} />
+            </Field>
+            <label style={{ display: 'inline-flex', gap: 8, alignItems: 'center' }}>
+              <input type="checkbox" {...register('oneRev')} /> Reversed
+            </label>
+          </>
+        ) : (
+          <>
+            <Field>
+              <Label>Past</Label>
+              <Input placeholder="The Fool" {...register('past')} />
+              <label style={{ display: 'inline-flex', gap: 8, alignItems: 'center', marginTop: 6 }}>
+                <input type="checkbox" {...register('pastRev')} /> Reversed
+              </label>
+            </Field>
+
+            <Field>
+              <Label>Present</Label>
+              <Input placeholder="The Sun" {...register('present')} />
+              <label style={{ display: 'inline-flex', gap: 8, alignItems: 'center', marginTop: 6 }}>
+                <input type="checkbox" {...register('presentRev')} /> Reversed
+              </label>
+            </Field>
+
+            <Field>
+              <Label>Future</Label>
+              <Input placeholder="The Tower" {...register('future')} />
+              <label style={{ display: 'inline-flex', gap: 8, alignItems: 'center', marginTop: 6 }}>
+                <input type="checkbox" {...register('futureRev')} /> Reversed
+              </label>
+            </Field>
+          </>
+        )}
+
+        <Button type="submit" disabled={isSubmitting} style={{ marginTop: 12 }}>
+          {isSubmitting ? 'Saving…' : 'Save reading'}
+        </Button>
+      </form>
+    </Card>
+  );
+}
diff --git a/frontend/src/components/ReadingsList.jsx b/frontend/src/components/ReadingsList.jsx
new file mode 100644
index 0000000000..fd7723d0e1
--- /dev/null
+++ b/frontend/src/components/ReadingsList.jsx
@@ -0,0 +1,129 @@
+// frontend/src/components/ReadingsList.jsx
+import { useEffect, useState } from 'react';
+import { listReadings, deleteReading, updateReading } from '../services/readings';
+
+export default function ReadingsList({ refreshKey = 0 }) {
+  const [page, setPage] = useState(1);
+  const [limit] = useState(10); // change to 5/20 if you prefer
+  const [data, setData] = useState({ items: [], total: 0, pages: 0, page: 1 });
+  const [loading, setLoading] = useState(true);
+  const [err, setErr] = useState('');
+
+  // inline notes editing
+  const [editing, setEditing] = useState(null); // reading _id
+  const [draft, setDraft] = useState('');
+
+  useEffect(() => {
+    let ignore = false;
+
+    (async () => {
+      setLoading(true);
+      try {
+        // listReadings should accept (page, limit) and return { page, pages, total, items }
+        const res = await listReadings(page, limit);
+        if (!ignore) {
+          setData(res);
+          setErr('');
+        }
+      } catch (e) {
+        if (!ignore) setErr(e?.response?.data?.error || e.message);
+      } finally {
+        if (!ignore) setLoading(false);
+      }
+    })();
+
+    return () => { ignore = true; };
+  }, [page, limit, refreshKey]);
+
+  const onDelete = async (id) => {
+    if (!confirm('Delete this reading?')) return;
+    // If this was the last item on the page and not the first page, step back a page
+    const lastOnPage = data.items.length === 1 && page > 1;
+    await deleteReading(id);
+    if (lastOnPage) setPage(p => Math.max(1, p - 1));
+    else {
+      // trigger a lightweight refresh without flipping page
+      setData(d => ({ ...d, items: d.items.filter(x => x._id !== id), total: d.total - 1 }));
+    }
+  };
+
+  const beginEdit = (r) => { setEditing(r._id); setDraft(r.notes || ''); };
+  const cancelEdit = () => { setEditing(null); setDraft(''); };
+
+  const saveEdit = async (id) => {
+    await updateReading(id, { notes: draft });
+    setEditing(null);
+    // update the item locally to avoid a full refetch
+    setData(d => ({
+      ...d,
+      items: d.items.map(it => it._id === id ? { ...it, notes: draft } : it)
+    }));
+  };
+
+  const fmt = (iso) => new Date(iso).toLocaleString();
+
+  return (
+    <>
+      {loading && <p>Loading…</p>}
+      {err && <p style={{ color: 'crimson' }}>{err}</p>}
+
+      {!loading && !err && data.items.length === 0 && (
+        <p>No readings yet. Draw a spread and save it to see it here.</p>
+      )}
+
+      {data.items.map(r => (
+        <div key={r._id} className="card" style={{ marginBottom: 12 }}>
+          <h3 style={{ marginTop: 0 }}>{r.title || '(untitled)'}</h3>
+          <p style={{ margin: '4px 0' }}>
+            <b>Spread:</b> {r.spread} • <b>Saved:</b> {fmt(r.createdAt)}
+          </p>
+
+          {editing === r._id ? (
+            <>
+              <textarea
+                value={draft}
+                onChange={e => setDraft(e.target.value)}
+                rows={3}
+                style={{ width: '100%' }}
+              />
+              <div style={{ marginTop: 8 }}>
+                <button onClick={() => saveEdit(r._id)}>Save</button>
+                <button onClick={cancelEdit} style={{ marginLeft: 8 }}>Cancel</button>
+              </div>
+            </>
+          ) : (
+            <>
+              {r.notes && <p style={{ margin: '4px 0' }}>{r.notes}</p>}
+              <button onClick={() => beginEdit(r)} style={{ marginRight: 8 }}>Edit notes</button>
+            </>
+          )}
+
+          <ul style={{ margin: '6px 0 12px 18px' }}>
+            {r.cards.map((c, i) => (
+              <li key={i}>
+                {c.position}: {c.id}{c.reversed ? ' (reversed)' : ''}
+              </li>
+            ))}
+          </ul>
+
+          <button onClick={() => onDelete(r._id)}>Delete</button>
+        </div>
+      ))}
+
+      {/* Pagination */}
+      {data.pages > 1 && (
+        <div style={{ display: 'flex', alignItems: 'center', gap: 8, marginTop: 8 }}>
+          <button disabled={page <= 1} onClick={() => setPage(p => Math.max(1, p - 1))}>← Prev</button>
+          <span>
+            Page {data.page} / {data.pages}
+            {' · '}
+            {data.total} total
+          </span>
+          <button disabled={page >= data.pages} onClick={() => setPage(p => Math.min(data.pages, p + 1))}>Next →</button>
+        </div>
+      )}
+    </>
+  );
+}
+
+
diff --git a/frontend/src/components/TarotCard.jsx b/frontend/src/components/TarotCard.jsx
new file mode 100644
index 0000000000..b20c658c28
--- /dev/null
+++ b/frontend/src/components/TarotCard.jsx
@@ -0,0 +1,25 @@
+import { imageUrlForCard } from '../lib/tarotImages';
+
+export default function TarotCard({ card, title, hoverText }) {
+  const src = card ? imageUrlForCard(card) : '/card-back.svg';
+  const style = {
+    transform: card?.reversed ? 'rotate(180deg)' : 'none',
+    transition: 'transform .2s ease',
+  };
+
+  return (
+    <div className="overlay-wrap" style={{ textAlign: 'center' }}>
+      <img className="tarot-img" src={src} alt={card?.name || 'Card back'} style={style}
+        onError={(e) => { e.currentTarget.src = '/card-back.svg'; }} />
+      {hoverText && <div className="overlay"><strong>{title}</strong><br />{hoverText}</div>}
+      {card && (
+        <>
+          <div style={{ marginTop: 8, fontWeight: 700 }}>{card.name}{card.reversed ? ' (reversed)' : ''}</div>
+          <div style={{ fontSize: 13, opacity: .8, marginTop: 4 }}>
+            {card.reversed ? (card.meaning_rev || 'Reversed meaning') : (card.meaning_up || 'Meaning')}
+          </div>
+        </>
+      )}
+    </div>
+  );
+}
diff --git a/frontend/src/components/WhatsNext.jsx b/frontend/src/components/WhatsNext.jsx
new file mode 100644
index 0000000000..b2c3c7c11a
--- /dev/null
+++ b/frontend/src/components/WhatsNext.jsx
@@ -0,0 +1,20 @@
+// frontend/src/components/WhatsNext.jsx
+import { H2, Hint } from '../ui/components';
+
+export default function WhatsNext() {
+  return (
+    <>
+      <H2>What’s next?</H2>
+      <ul style={{ margin: '8px 0 0 18px' }}>
+        <li>One card draw</li>
+        <li>Three card spread - Your Focal Point</li>
+        <li>Comment and save</li>
+      </ul>
+      <Hint style={{ marginTop: 8 }}>
+        After signing in, you’ll land on your dashboard where you can draw cards,
+        save readings, and revisit your history.
+      </Hint>
+
+    </>
+  );
+}
diff --git a/frontend/src/context/AuthContext.jsx b/frontend/src/context/AuthContext.jsx
new file mode 100644
index 0000000000..5dcf76bb42
--- /dev/null
+++ b/frontend/src/context/AuthContext.jsx
@@ -0,0 +1,39 @@
+// frontend/src/context/AuthContext.jsx
+import { createContext, useContext, useMemo } from 'react';
+import { useLocalStorage } from '../hooks/useLocalStorage';
+import api from '../lib/api';
+
+const AuthContext = createContext(null);
+
+export function AuthProvider({ children }) {
+  const [token, setToken] = useLocalStorage('token', null);
+  const [user, setUser] = useLocalStorage('user', null);
+
+  const register = async (name, email, password) => {
+    const { data } = await api.post('/api/auth/register', { name, email, password });
+    return data?.message === 'User created';
+  };
+
+  const login = async (email, password) => {
+    const { data } = await api.post('/api/auth/login', { email, password });
+    // server returns { token, user }
+    setToken(data.token);
+    setUser(data.user);
+  };
+
+  const logout = () => {
+    setToken(null);
+    setUser(null);
+    // No setAuthToken(null) anymore — the interceptor just won't find a token
+  };
+
+  const value = useMemo(
+    () => ({ token, user, isLoggedIn: !!token, register, login, logout }),
+    [token, user]
+  );
+
+  return <AuthContext.Provider value={value}>{children}</AuthContext.Provider>;
+}
+
+export const useAuth = () => useContext(AuthContext);
+
diff --git a/frontend/src/hooks/useLocalStorage.js b/frontend/src/hooks/useLocalStorage.js
new file mode 100644
index 0000000000..51b59a94fa
--- /dev/null
+++ b/frontend/src/hooks/useLocalStorage.js
@@ -0,0 +1,9 @@
+import { useEffect, useState } from 'react';
+export function useLocalStorage(key, initialValue) {
+  const [value, setValue] = useState(() => {
+    const v = localStorage.getItem(key);
+    return v !== null ? JSON.parse(v) : initialValue;
+  });
+  useEffect(() => { localStorage.setItem(key, JSON.stringify(value)); }, [key, value]);
+  return [value, setValue];
+}
diff --git a/frontend/src/index.css b/frontend/src/index.css
index e69de29bb2..f94cf8f3c3 100644
--- a/frontend/src/index.css
+++ b/frontend/src/index.css
@@ -0,0 +1,285 @@
+/* ========= Design tokens ========= */
+:root {
+  --font-display: "Playfair Display", serif;
+  --font-body: "Inter", system-ui, -apple-system, Segoe UI, Roboto, Arial, sans-serif;
+
+  /* keep these roughly in sync with theme.js (light mode) */
+  --bg: #ebab095;
+  --text: #1f2426;
+  /* navbar text & hero text */
+  --muted: #6c7a7d;
+  --card-bg: #ffffff;
+  --accent: #d1a84a;
+  /* moonlight gold for CTA */
+  --nav-bg: #222a2d;
+  /* dark bar later */
+
+  /* keep the overlay gone */
+  --hero-dark-top: 0;
+  --hero-dark-bottom: 0;
+}
+
+html,
+body,
+#root {
+  height: 100%;
+}
+
+body {
+  margin: 0;
+  background: var(--bg);
+  color: var(--text);
+  font-family: var(--font-body);
+}
+
+/* ========= Layout helpers ========= */
+.grid-1-2-3 {
+  display: grid;
+  gap: 16px;
+  grid-template-columns: 1fr;
+}
+
+@media (min-width: 900px) {
+  .grid-1-2-3 {
+    grid-template-columns: 1fr 1fr 1fr;
+  }
+}
+
+.card {
+  background: var(--card-bg);
+  border: 1px solid rgba(0, 0, 0, .08);
+  border-radius: 12px;
+  padding: 16px;
+  box-shadow: 0 4px 14px rgba(0, 0, 0, .05);
+}
+
+/* ========= Tarot image + overlay ========= */
+.tarot-img {
+  width: 100%;
+  height: auto;
+  max-width: 240px;
+  border-radius: 10px;
+  display: block;
+  margin-inline: auto;
+}
+
+/* Hover overlay for the 3-card headings */
+.overlay-wrap {
+  position: relative;
+}
+
+.overlay {
+  position: absolute;
+  inset: 0;
+  background: rgba(0, 0, 0, .72);
+  color: #fff;
+  padding: 10px 12px;
+  border-radius: 10px;
+  opacity: 0;
+  transition: opacity .2s ease;
+  font-size: 14px;
+  line-height: 1.35;
+}
+
+.overlay-wrap:hover .overlay {
+  opacity: 1;
+}
+
+/* ========= Hero ========= */
+.hero {
+  position: relative;
+  min-height: clamp(360px, 42vw, 520px);
+  border-radius: 0;
+  overflow: hidden;
+
+  /* use separate props so nothing overrides position later */
+  background-image: url('/hero.jpg');
+  background-repeat: no-repeat;
+  background-size: cover;
+  background-position: var(--hero-pos);
+  /* <- reads the prop */
+
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  margin: 0;
+}
+
+.hero::before {
+  /* use "" instead of none to get the darker overlay */
+  content: none;
+  position: absolute;
+  inset: 0;
+  /* lighten/darken by tweaking the two vars above */
+  background: linear-gradient(180deg,
+      rgba(0, 0, 0, var(--hero-dark-top)),
+      rgba(0, 0, 0, var(--hero-dark-bottom)));
+}
+
+.hero .content {
+  position: relative;
+  color: var(--text);
+  /* match navbar/app text */
+  text-align: center;
+  max-width: 920px;
+  padding: 18px 22px;
+  border-radius: 12px;
+  background: transparent;
+  /* no dark panel */
+  backdrop-filter: none;
+}
+
+/* use the app/body font instead of the display font */
+.hero-title {
+  font-family: var(--font-body);
+  font-weight: 800;
+  /* strong like your H1 */
+  font-size: clamp(28px, 6vw, 56px);
+  margin: 0 0 10px;
+  color: var(--accent);
+  /* same as navbar */
+}
+
+.hero-sub {
+  font-family: var(--font-body);
+  color: var(--accent);
+  font-size: clamp(14px, 2.2vw, 22px);
+  margin: 0 0 16px;
+}
+
+/* CTA uses the new gold accent */
+.btn-accent {
+  display: inline-block;
+  padding: 10px 18px;
+  border-radius: 10px;
+  background: var(--accent);
+  color: #1b1f23;
+  /* dark text on gold for contrast */
+  font-weight: 600;
+  border: none;
+  cursor: pointer;
+  text-decoration: none;
+}
+
+.btn-accent:disabled {
+  opacity: .6;
+  cursor: default;
+}
+
+/* --- hero readability tweaks (optional) --- */
+.hero {
+  /* a touch taller on phones, a bit shorter on huge screens */
+  min-height: clamp(360px, 42vw, 520px);
+}
+
+/* stronger text legibility without over-darkening the photo */
+.hero .content {
+  background: linear-gradient(to bottom,
+      rgba(0, 0, 0, .35),
+      rgba(0, 0, 0, .4));
+  text-shadow: 0 1px 2px rgba(0, 0, 0, .35);
+}
+
+/* CTA hover focus states */
+.btn-accent:hover,
+.btn-accent:focus-visible {
+  filter: brightness(1.05);
+  transform: translateY(-1px);
+  transition: transform .15s ease, filter .15s ease;
+  outline: none;
+}
+
+/* give a little extra space below hero so the next section breathes */
+.hero+.page-root,
+.hero+main {
+  margin-top: 16px;
+}
+
+/* Desktop: make the hero taller so more of the painting shows */
+@media (min-width: 1024px) {
+  .hero {
+    /* pick one of these heights — start with the first line */
+    min-height: clamp(600px, 58vw, 820px);
+    /* GOOD default */
+    /* OR: height: 62vh; min-height: 600px;  */
+    /* alternative */
+  }
+}
+
+/* Headline-with-tooltip used above the 3 cards */
+.info-head {
+  position: relative;
+  display: inline-block;
+  margin-bottom: 8px;
+}
+
+.info-title {
+  font-weight: 700;
+  color: var(--text);
+  /* or var(--accent) if you want the gold */
+  cursor: help;
+  text-decoration: underline dotted;
+}
+
+.info-tip {
+  position: absolute;
+  left: 0;
+  top: calc(100% + 6px);
+  z-index: 10;
+  width: min(320px, 80vw);
+  padding: 10px 12px;
+  border-radius: 10px;
+  background: rgba(0, 0, 0, .85);
+  color: #fff;
+  font-size: 14px;
+  line-height: 1.35;
+  box-shadow: 0 8px 20px rgba(0, 0, 0, .25);
+  opacity: 0;
+  transform: translateY(4px);
+  pointer-events: none;
+  transition: opacity .15s ease, transform .15s ease;
+}
+
+/* show on hover OR keyboard focus */
+.info-head:hover .info-tip,
+.info-head:focus-within .info-tip {
+  opacity: 1;
+  transform: translateY(0);
+}
+
+/* keep tooltip inside on tiny screens */
+@media (max-width: 420px) {
+  .info-tip {
+    left: 50%;
+    transform: translate(-50%, 6px);
+  }
+
+  .info-head:hover .info-tip,
+  .info-head:focus-within .info-tip {
+    transform: translate(-50%, 0);
+  }
+}
+
+/* Make the first card span two columns on wide screens */
+@media (min-width: 900px) {
+  .grid-1-2-3>.span-2 {
+    grid-column: 1 / span 2;
+  }
+}
+
+/* Show the explanatory text only when hovering the heading */
+.hint-toggle {
+  font-weight: 700;
+  cursor: help;
+  margin-bottom: 4px;
+}
+
+.hint {
+  display: none;
+  color: var(--muted);
+  margin-bottom: 8px;
+}
+
+.hint-toggle:hover+.hint {
+  display: block;
+}
\ No newline at end of file
diff --git a/frontend/src/lib/api.js b/frontend/src/lib/api.js
new file mode 100644
index 0000000000..f45231c7a4
--- /dev/null
+++ b/frontend/src/lib/api.js
@@ -0,0 +1,63 @@
+// frontend/src/lib/api.js
+import axios from 'axios';
+
+const api = axios.create({
+  baseURL: import.meta.env.VITE_API_URL, // Render URL in prod, http://localhost:5000 in dev
+});
+
+// --- Request interceptor: attach a clean token only where needed ---
+api.interceptors.request.use((config) => {
+  // Read token from localStorage and unquote if it was JSON.stringified
+  let token = localStorage.getItem('token');
+  try {
+    if (token && (token.startsWith('"') || token.startsWith("'"))) {
+      token = JSON.parse(token);
+    }
+  } catch {
+    /* ignore parse errors */
+  }
+
+
+  // Resolve the pathname even if config.url is relative
+  const base = api.defaults.baseURL || window.location.origin;
+  const full = new URL(config.url, base);
+  const path = full.pathname;
+
+  // Endpoints that do NOT require auth
+  const isPublic =
+    path.startsWith('/api/tarot') ||   // public tarot proxy
+    path.startsWith('/api/auth') ||    // login/register
+    path === '/health';                // health check
+
+  if (!isPublic && typeof token === 'string' && token.length > 0) {
+    config.headers.Authorization = `Bearer ${token}`;
+  } else {
+    delete config.headers.Authorization; // be explicit
+  }
+
+  return config;
+});
+
+// --- Response interceptor: handle auth failures globally ---
+let redirecting = false; // prevent redirect loops
+
+api.interceptors.response.use(
+  (res) => res,
+  (err) => {
+    const status = err?.response?.status;
+
+    if ((status === 401 || status === 403) && !redirecting) {
+      redirecting = true;
+      localStorage.removeItem('token');
+      localStorage.removeItem('user');
+      alert('Your session expired. Please log in again.');
+      window.location.assign('/login'); // hard redirect resets all state
+    }
+
+    return Promise.reject(err);
+  }
+);
+
+export default api;
+
+
diff --git a/frontend/src/lib/retry.js b/frontend/src/lib/retry.js
new file mode 100644
index 0000000000..5c76edc25b
--- /dev/null
+++ b/frontend/src/lib/retry.js
@@ -0,0 +1,24 @@
+// frontend/src/lib/retry.js
+export const sleep = (ms) => new Promise((r) => setTimeout(r, ms));
+
+export async function withRetry(task, { retries = 1, delay = 1000, backoff = 1.5 } = {}) {
+  let attempt = 0;
+  let lastErr;
+  while (attempt <= retries) {
+    try {
+      return await task();
+    } catch (err) {
+      lastErr = err;
+      const status = err?.response?.status;
+      const transient =
+        !status || status >= 500 || status === 429 || err.code === 'ECONNABORTED' || err.message?.includes('Network Error');
+
+      if (!transient || attempt === retries) throw err;
+
+      const wait = Math.round(delay * Math.pow(backoff, attempt));
+      await sleep(wait);
+      attempt++;
+    }
+  }
+  throw lastErr;
+}
diff --git a/frontend/src/lib/tarotImages.js b/frontend/src/lib/tarotImages.js
new file mode 100644
index 0000000000..315d7a950d
--- /dev/null
+++ b/frontend/src/lib/tarotImages.js
@@ -0,0 +1,67 @@
+// frontend/src/lib/tarotImages.js
+
+// Use Special:FilePath so we don't need hashed CDN paths
+const WIKI = 'https://commons.wikimedia.org/wiki/Special:FilePath';
+
+// Exact, stable filenames for the Major Arcana
+const MAJOR_FILES = {
+  'The Fool': 'RWS_Tarot_00_Fool.jpg',
+  'The Magician': 'RWS_Tarot_01_Magician.jpg',
+  'The High Priestess': 'RWS_Tarot_02_High_Priestess.jpg',
+  'The Empress': 'RWS_Tarot_03_Empress.jpg',
+  'The Emperor': 'RWS_Tarot_04_Emperor.jpg',
+  'The Hierophant': 'RWS_Tarot_05_Hierophant.jpg',
+  'The Lovers': 'RWS_Tarot_06_Lovers.jpg',
+  'The Chariot': 'RWS_Tarot_07_Chariot.jpg',
+  'Strength': 'RWS_Tarot_08_Strength.jpg',
+  'The Hermit': 'RWS_Tarot_09_Hermit.jpg',
+  'Wheel of Fortune': 'RWS_Tarot_10_Wheel_of_Fortune.jpg',
+  'Justice': 'RWS_Tarot_11_Justice.jpg',
+  'The Hanged Man': 'RWS_Tarot_12_Hanged_Man.jpg',
+  'Death': 'RWS_Tarot_13_Death.jpg',
+  'Temperance': 'RWS_Tarot_14_Temperance.jpg',
+  'The Devil': 'RWS_Tarot_15_Devil.jpg',
+  'The Tower': 'RWS_Tarot_16_Tower.jpg',
+  'The Star': 'RWS_Tarot_17_Star.jpg',
+  'The Moon': 'RWS_Tarot_18_Moon.jpg',
+  'The Sun': 'RWS_Tarot_19_Sun.jpg',
+  'Judgement': 'RWS_Tarot_20_Judgement.jpg',
+  'The World': 'RWS_Tarot_21_World.jpg',
+};
+
+// Minor ranks → number used in filenames (Ace=01 … King=14)
+const RANK_TO_NUM = {
+  Ace: '01', Two: '02', Three: '03', Four: '04', Five: '05',
+  Six: '06', Seven: '07', Eight: '08', Nine: '09', Ten: '10',
+  Page: '11', Knight: '12', Queen: '13', King: '14',
+};
+
+// Build the filename pattern for minors: e.g. "Ace of Wands" → "Wands01.jpg"
+function fileForMinor(name) {
+  // Name usually looks like "Ace of Wands", "Three of Cups", etc.
+  const m = /^([A-Za-z]+)\s+of\s+([A-Za-z]+)$/.exec(name);
+  if (!m) return null;
+  const rank = m[1];
+  let suit = m[2];
+
+  // Normalize common synonyms if needed
+  if (suit.toLowerCase() === 'coins') suit = 'Pentacles';
+
+  const num = RANK_TO_NUM[rank];
+  if (!num) return null;
+  return `${suit}${num}.jpg`; // e.g. "Swords04.jpg"
+}
+
+// card is one item from tarotapi.dev: { name, type, ... }
+export function imageUrlForCard(card) {
+  // Try majors map
+  const mf = MAJOR_FILES[card.name];
+  if (mf) return `${WIKI}/${encodeURIComponent(mf)}`;
+
+  // Try minors
+  const minor = fileForMinor(card.name);
+  if (minor) return `${WIKI}/${encodeURIComponent(minor)}`;
+
+  // Fallback image in /public
+  return '/card-back.svg';
+}
diff --git a/frontend/src/main.jsx b/frontend/src/main.jsx
index 51294f3998..b91620d35e 100644
--- a/frontend/src/main.jsx
+++ b/frontend/src/main.jsx
@@ -1,6 +1,6 @@
 import React from "react";
 import ReactDOM from "react-dom/client";
-import { App } from "./App.jsx";
+import App from "./App.jsx";
 import "./index.css";
 
 ReactDOM.createRoot(document.getElementById("root")).render(
diff --git a/frontend/src/pages/Home.jsx b/frontend/src/pages/Home.jsx
new file mode 100644
index 0000000000..ec94bb5af9
--- /dev/null
+++ b/frontend/src/pages/Home.jsx
@@ -0,0 +1,92 @@
+// frontend/src/pages/Home.jsx
+import { useState } from 'react';
+import styled from 'styled-components';
+import { useAuth } from '../context/AuthContext';
+import { Page, Card, H1, Hint, Button } from '../ui/components';
+import { Link } from 'react-router-dom';
+
+import TarotCard from '../components/TarotCard';
+import { drawOneCard } from '../services/tarot';
+import Hero from '../components/Hero';
+
+// Regular card look, but centered content
+const CenterCard = styled(Card)`
+  text-align: center;
+  display: flex;
+  flex-direction: column;
+  align-items: center;
+`;
+
+// NEW: simple vertical stack to add a small gap between cards
+const CardStack = styled.div`
+  display: flex;
+  flex-direction: column;
+  gap: 16px; /* adjust to 12 / 20 if you want less/more space */
+`;
+
+export default function Home() {
+  const { user, isLoggedIn, logout } = useAuth();
+
+  const [card, setCard] = useState(null);
+  const [loading, setLoading] = useState(false);
+
+  async function onDraw() {
+    setLoading(true);
+    try {
+      setCard(await drawOneCard()); // random, 50% reversed
+    } finally {
+      setLoading(false);
+    }
+  }
+
+  const greeting = isLoggedIn && user?.name ? `Hi, ${user.name}!` : 'Hi!';
+
+  return (
+    <>
+      {/* Full-bleed hero stays outside Page */}
+      <Hero position="right 75%" />
+
+      <Page>
+        {/* Wrap both cards in the stack to create the gap */}
+        <CardStack>
+          {/* Row 1 — Welcome */}
+          <CenterCard>
+            <H1>{greeting}</H1>
+            <Hint>
+              {isLoggedIn
+                ? 'Welcome back. Head to your dashboard to draw cards and save readings.'
+                : 'Draw a card now or log in / create an account to save your readings.'}
+            </Hint>
+
+            {isLoggedIn ? (
+              <div style={{ display: 'flex', gap: 8, flexWrap: 'wrap', justifyContent: 'center' }}>
+                <Button as={Link} to="/secret">Open Dashboard</Button>
+                <Button onClick={logout}>Log out</Button>
+              </div>
+            ) : (
+              <div style={{ display: 'flex', gap: 8, flexWrap: 'wrap', justifyContent: 'center' }}>
+                <Button as={Link} to="/register">Create account</Button>
+                <Button as={Link} to="/login">Login</Button>
+              </div>
+            )}
+          </CenterCard>
+
+          {/* Row 2 — One-card Guidance */}
+          <CenterCard>
+            <H1>One-card Guidance</H1>
+            <Hint><b>Think of something you want guidance about.</b></Hint>
+
+            <TarotCard card={card} />
+
+            <div style={{ marginTop: 12 }}>
+              <Button onClick={onDraw} disabled={loading}>
+                {loading ? 'Drawing…' : (card ? 'Draw again' : 'Draw card')}
+              </Button>
+            </div>
+          </CenterCard>
+        </CardStack>
+      </Page>
+    </>
+  );
+}
+
diff --git a/frontend/src/pages/Login.jsx b/frontend/src/pages/Login.jsx
new file mode 100644
index 0000000000..2a9d35f366
--- /dev/null
+++ b/frontend/src/pages/Login.jsx
@@ -0,0 +1,70 @@
+import { useForm } from 'react-hook-form';
+import { z } from 'zod';
+import { zodResolver } from '@hookform/resolvers/zod';
+import { useAuth } from '../context/AuthContext';
+import { useState } from 'react';
+import { useNavigate, Link } from 'react-router-dom';
+import { Page, Card, H1, Hint, Field, Label, Input, ErrorText, Button } from '../ui/components';
+import WhatsNext from '../components/WhatsNext';   // <-- added
+
+const schema = z.object({
+  email: z.string().email('Enter a valid email address'),
+  password: z.string().min(6, 'Password must be at least 6 characters'),
+});
+
+export default function Login() {
+  const { login } = useAuth();
+  const [serverError, setServerError] = useState('');
+  const navigate = useNavigate();
+
+  const { register, handleSubmit, formState: { errors, isSubmitting } } = useForm({
+    resolver: zodResolver(schema),
+    mode: 'onTouched',
+  });
+
+  const onSubmit = async (v) => {
+    setServerError('');
+    try { await login(v.email, v.password); navigate('/'); }
+    catch (e) { setServerError(e.message || 'Login failed'); }
+  };
+
+  return (
+    <Page>
+      <Card>
+        <H1>Login</H1>
+        <Hint>Welcome back! Please sign in to continue.</Hint>
+        {serverError && <ErrorText role="alert">{serverError}</ErrorText>}
+
+        <form onSubmit={handleSubmit(onSubmit)} noValidate>
+          <Field>
+            <Label htmlFor="email">Email</Label>
+            <Input id="email" type="email" {...register('email')}
+              aria-invalid={!!errors.email || undefined} />
+            {errors.email && <ErrorText id="login-email-err">{errors.email.message}</ErrorText>}
+          </Field>
+
+          <Field>
+            <Label htmlFor="password">Password</Label>
+            <Input id="password" type="password" {...register('password')}
+              aria-invalid={!!errors.password || undefined} />
+            {errors.password && <ErrorText id="login-pass-err">{errors.password.message}</ErrorText>}
+          </Field>
+
+          <Button disabled={isSubmitting} style={{ marginTop: 8 }}>
+            {isSubmitting ? 'Logging in…' : 'Login'}
+          </Button>
+        </form>
+
+        {/* ---- added below the form ---- */}
+        <hr style={{ margin: '16px 0', border: 0, borderTop: '1px solid #e5e7eb' }} />
+        <WhatsNext />
+        {/* ---- end added block ---- */}
+
+        <Hint style={{ marginTop: 12 }}>
+          New here? <Link to="/register">Create an account</Link>
+        </Hint>
+      </Card>
+    </Page>
+  );
+}
+
diff --git a/frontend/src/pages/Register.jsx b/frontend/src/pages/Register.jsx
new file mode 100644
index 0000000000..4d41491216
--- /dev/null
+++ b/frontend/src/pages/Register.jsx
@@ -0,0 +1,89 @@
+import { useForm } from 'react-hook-form';
+import { z } from 'zod';
+import { zodResolver } from '@hookform/resolvers/zod';
+import { useAuth } from '../context/AuthContext';
+import { useState } from 'react';
+import { useNavigate, Link } from 'react-router-dom';
+import { Page, Card, H1, Hint, Field, Label, Input, ErrorText, Button, Divider } from '../ui/components';
+import WhatsNext from '../components/WhatsNext';
+
+const schema = z.object({
+  name: z.string().min(2, 'Name must be at least 2 characters'),
+  email: z.string().email('Enter a valid email address'),
+  password: z.string().min(6, 'Password must be at least 6 characters'),
+  confirmPassword: z.string().min(6, 'Confirm your password'),
+}).refine(v => v.password === v.confirmPassword, {
+  message: 'Passwords must match',
+  path: ['confirmPassword'],
+});
+
+export default function Register() {
+  const { register: doRegister } = useAuth();
+  const [serverError, setServerError] = useState('');
+  const navigate = useNavigate();
+
+  const { register, handleSubmit, formState: { errors, isSubmitting } } = useForm({
+    resolver: zodResolver(schema),
+    mode: 'onTouched',
+  });
+
+  const onSubmit = async ({ name, email, password }) => {
+    setServerError('');
+    try {
+      await doRegister(name, email, password);
+      navigate('/login');
+    } catch (e) {
+      setServerError(e.message || 'Register failed');
+    }
+  };
+
+  return (
+    <Page>
+      <Card>
+        <H1>Create account</H1>
+        <Hint>Use a valid email and a password with at least 6 characters.</Hint>
+        {serverError && <ErrorText role="alert">{serverError}</ErrorText>}
+
+        <form onSubmit={handleSubmit(onSubmit)} noValidate>
+          <Field>
+            <Label htmlFor="name">Name</Label>
+            <Input id="name" {...register('name')} aria-invalid={!!errors.name || undefined} />
+            {errors.name && <ErrorText id="name-err">{errors.name.message}</ErrorText>}
+          </Field>
+
+          <Field>
+            <Label htmlFor="email">Email</Label>
+            <Input id="email" type="email" {...register('email')} aria-invalid={!!errors.email || undefined} />
+            {errors.email && <ErrorText id="email-err">{errors.email.message}</ErrorText>}
+          </Field>
+
+          <Field>
+            <Label htmlFor="password">Password</Label>
+            <Input id="password" type="password" {...register('password')} aria-invalid={!!errors.password || undefined} />
+            {errors.password && <ErrorText id="password-err">{errors.password.message}</ErrorText>}
+          </Field>
+
+          <Field>
+            <Label htmlFor="confirmPassword">Confirm password</Label>
+            <Input id="confirmPassword" type="password" {...register('confirmPassword')} aria-invalid={!!errors.confirmPassword || undefined} />
+            {errors.confirmPassword && <ErrorText id="confirm-err">{errors.confirmPassword.message}</ErrorText>}
+          </Field>
+
+          <Button disabled={isSubmitting} style={{ marginTop: 8 }}>
+            {isSubmitting ? 'Creating…' : 'Create account'}
+          </Button>
+        </form>
+
+        {/* Exactly like Login: divider + info block inside the same Card */}
+        <Divider aria-hidden="true" />
+        <WhatsNext />
+
+        <Hint style={{ marginTop: 12 }}>
+          Already have an account? <Link to="/login">Login</Link>
+        </Hint>
+      </Card>
+    </Page>
+  );
+}
+
+
diff --git a/frontend/src/pages/Secret.jsx b/frontend/src/pages/Secret.jsx
new file mode 100644
index 0000000000..d8dcdb6ba4
--- /dev/null
+++ b/frontend/src/pages/Secret.jsx
@@ -0,0 +1,189 @@
+// frontend/src/pages/Secret.jsx
+import { useState } from 'react';
+import styled from 'styled-components';
+import { Page, Card } from '../ui/components';
+import TarotCard from '../components/TarotCard';
+import { drawOneCard } from '../services/tarot';
+import ReadingsList from '../components/ReadingsList';
+import { createReading } from '../services/readings';
+
+const H1 = ({ children, style, ...rest }) => (
+  <h2 style={{ marginTop: 0, ...style }} {...rest}>{children}</h2>
+);
+
+/** Centered card container (keeps grid span utility working) */
+const CenterCard = styled(Card)`
+  text-align: center;
+  display: flex;
+  flex-direction: column;
+  align-items: center;
+
+  &.span-2 {
+    grid-column: span 2;
+  }
+`;
+
+/** Column inside the 3-card grid, with centered content */
+const Col = styled.div`
+  text-align: center;
+  display: flex;
+  flex-direction: column;
+  align-items: center;
+`;
+
+export default function Secret() {
+  const [mode, setMode] = useState('one'); // 'one' | 'three'
+  const [refreshKey, setRefreshKey] = useState(0);
+
+  // One-card state
+  const [oneCard, setOneCard] = useState(null);
+  const [busyOne, setBusyOne] = useState(false);
+
+  // Three-card state
+  const [c1, setC1] = useState(null);
+  const [c2, setC2] = useState(null);
+  const [c3, setC3] = useState(null);
+  const [busy, setBusy] = useState({ c1: false, c2: false, c3: false });
+
+  const focalText = `Focus on this and the benefits will be bigger than anything else.
+A 'knot in a muscle'. Aspect of yourself to express? Challenge to overcome?
+Something neglected that needs attention?`;
+  const receiveText = `Let this in to unlock the Focal Point. The world is trying to give
+this to you. A window of opportunity? An invitation?`;
+  const giveText = `What the world wants from you. Talent to develop? Truth to express?
+Task to complete? Get this out to dissolve the block around the Focal Point.`;
+
+  async function draw(setter, key) {
+    setBusy(s => ({ ...s, [key]: true }));
+    try {
+      setter(await drawOneCard());
+    } finally {
+      setBusy(s => ({ ...s, [key]: false }));
+    }
+  }
+
+  async function saveThree() {
+    if (!c1 || !c2 || !c3) { alert('Draw all three cards first.'); return; }
+    await createReading({
+      spread: 'three',
+      title: 'Focal / Receive / Give',
+      notes: '',
+      tags: ['auto', 'three'],
+      cards: [
+        { id: c1.name, reversed: !!c1.reversed, position: 'Focal Point' },
+        { id: c2.name, reversed: !!c2.reversed, position: 'Gift to Receive' },
+        { id: c3.name, reversed: !!c3.reversed, position: 'Gift to Give' },
+      ],
+    });
+    setRefreshKey(k => k + 1);
+    alert('Saved!');
+  }
+
+  async function saveOne() {
+    if (!oneCard) return; // safety
+    await createReading({
+      spread: 'one',
+      title: 'Single',
+      notes: '',
+      tags: ['auto', 'one'],
+      cards: [
+        { id: oneCard.name, reversed: !!oneCard.reversed, position: 'Single' },
+      ],
+    });
+    setRefreshKey(k => k + 1);
+    alert('Saved!');
+  }
+
+  return (
+    <Page>
+      <div className="grid-1-2-3">
+        {/* LEFT: draw area (span two columns on desktop) */}
+        <CenterCard className="span-2">
+          <H1>Draw options</H1>
+
+          <label style={{ display: 'inline-flex', gap: 8, marginRight: 16 }}>
+            <input type="radio" checked={mode === 'one'} onChange={() => setMode('one')} />
+            One card
+          </label>
+          <label style={{ display: 'inline-flex', gap: 8 }}>
+            <input type="radio" checked={mode === 'three'} onChange={() => setMode('three')} />
+            Three cards
+          </label>
+
+          {mode === 'one' ? (
+            <div style={{ marginTop: 16 }}>
+              <p><b>Think of something you want guidance about.</b></p>
+
+              <TarotCard card={oneCard} />
+
+              <div style={{ marginTop: 12, display: 'flex', gap: 8, justifyContent: 'center' }}>
+                <button
+                  onClick={async () => {
+                    setBusyOne(true);
+                    try { setOneCard(await drawOneCard()); }
+                    finally { setBusyOne(false); }
+                  }}
+                  disabled={busyOne}
+                >
+                  {busyOne ? 'Drawing…' : (oneCard ? 'Draw again' : 'Draw card')}
+                </button>
+
+                {/* Quick-save for one-card readings */}
+                <button onClick={saveOne} disabled={!oneCard}>
+                  Save as reading
+                </button>
+              </div>
+            </div>
+          ) : (
+            <div style={{ marginTop: 16, width: '100%' }}>
+              <div className="grid-1-2-3">
+                <Col>
+                  <div className="hint-toggle">Focal Point</div>
+                  <div className="hint">{focalText}</div>
+                  <TarotCard card={c1} />
+                  <button onClick={() => draw(setC1, 'c1')} disabled={busy.c1} style={{ marginTop: 8 }}>
+                    {busy.c1 ? 'Drawing…' : (c1 ? 'Draw again' : 'Draw card')}
+                  </button>
+                </Col>
+
+                <Col>
+                  <div className="hint-toggle">Gift to Receive</div>
+                  <div className="hint">{receiveText}</div>
+                  <TarotCard card={c2} />
+                  <button onClick={() => draw(setC2, 'c2')} disabled={busy.c2} style={{ marginTop: 8 }}>
+                    {busy.c2 ? 'Drawing…' : (c2 ? 'Draw again' : 'Draw card')}
+                  </button>
+                </Col>
+
+                <Col>
+                  <div className="hint-toggle">Gift to Give</div>
+                  <div className="hint">{giveText}</div>
+                  <TarotCard card={c3} />
+                  <button onClick={() => draw(setC3, 'c3')} disabled={busy.c3} style={{ marginTop: 8 }}>
+                    {busy.c3 ? 'Drawing…' : (c3 ? 'Draw again' : 'Draw card')}
+                  </button>
+                </Col>
+              </div>
+
+              <div style={{ marginTop: 12 }}>
+                <button onClick={saveThree} disabled={!c1 || !c2 || !c3}>
+                  Save as reading
+                </button>
+              </div>
+            </div>
+          )}
+        </CenterCard>
+
+        {/* RIGHT: saved readings (center heading, keep list left-aligned) */}
+        <div className="card">
+          <H1 style={{ textAlign: 'center' }}>My Readings</H1>
+          <div style={{ textAlign: 'left', width: '100%' }}>
+            <ReadingsList refreshKey={refreshKey} />
+          </div>
+        </div>
+      </div>
+    </Page>
+  );
+}
+
+
diff --git a/frontend/src/services/readings.js b/frontend/src/services/readings.js
new file mode 100644
index 0000000000..5c559a8292
--- /dev/null
+++ b/frontend/src/services/readings.js
@@ -0,0 +1,30 @@
+// frontend/src/services/readings.js
+import api from '../lib/api';
+import { withRetry } from '../lib/retry';
+
+// List current user's readings (with a small retry for cold starts / hiccups)
+export const listReadings = (page = 1, limit = 10) =>
+  withRetry(
+    () => api.get('/api/readings', { params: { page, limit } }).then(r => r.data),
+    { retries: 1, delay: 1200 } // try once more after ~1.2s
+  );
+
+// Create a reading
+export const createReading = (payload) =>
+  api.post('/api/readings', payload).then(r => r.data);
+
+// (Optional) Get one reading (also wrapped with retry)
+export const getReading = (id) =>
+  withRetry(
+    () => api.get(`/api/readings/${id}`).then(r => r.data),
+    { retries: 1, delay: 1200 }
+  );
+
+// Update a reading
+export const updateReading = (id, payload) =>
+  api.patch(`/api/readings/${id}`, payload).then(r => r.data);
+
+// Delete a reading
+export const deleteReading = (id) =>
+  api.delete(`/api/readings/${id}`).then(r => r.data);
+
diff --git a/frontend/src/services/tarot.js b/frontend/src/services/tarot.js
new file mode 100644
index 0000000000..d65c6e77c9
--- /dev/null
+++ b/frontend/src/services/tarot.js
@@ -0,0 +1,36 @@
+// frontend/src/services/tarot.js
+import api from '../lib/api';              // axios instance
+import { withRetry } from '../lib/retry';  // <-- NEW
+
+// tarotapi.dev sometimes returns { cards: [...] } and sometimes just [...]
+const normalize = (data) => (Array.isArray(data) ? data : (data?.cards || []));
+
+// Internal helper: draw N with a small retry (helps on cold-starts/timeouts)
+const drawRaw = (n = 3) =>
+  withRetry(
+    () => api.get('/api/tarot/draw', { params: { n } }).then((r) => r.data),
+    { retries: 1, delay: 1200 } // try once more after ~1.2s
+  );
+
+// Public APIs you use elsewhere
+export const drawRandom = async (n = 3) => normalize(await drawRaw(n));
+
+export const listAllCards = () =>
+  withRetry(
+    () => api.get('/api/tarot/cards').then((r) => r.data),
+    { retries: 1, delay: 1200 }
+  );
+
+// Draw exactly one card and randomly mark it reversed (50/50)
+export const drawOneCard = async () => {
+  const list = await drawRandom(1);
+  const c = list[0];
+  if (!c) return null;
+  return { ...c, reversed: Math.random() < 0.5 };
+};
+
+// Draw three cards and randomly mark each reversed
+export const drawThreeCards = async () => {
+  const list = await drawRandom(3);
+  return list.map((c) => ({ ...c, reversed: Math.random() < 0.5 }));
+};
diff --git a/frontend/src/ui/GlobalStyle.js b/frontend/src/ui/GlobalStyle.js
new file mode 100644
index 0000000000..d9dcc37f9c
--- /dev/null
+++ b/frontend/src/ui/GlobalStyle.js
@@ -0,0 +1,18 @@
+// frontend/src/ui/GlobalStyle.js
+import { createGlobalStyle } from 'styled-components';
+
+export const GlobalStyle = createGlobalStyle`
+  *,*::before,*::after{ box-sizing:border-box; }
+  html,body,#root{ height:100%; }
+  body{
+    margin:0; background: ${({ theme }) => theme.colors.page};
+    color:${({ theme }) => theme.colors.text};
+    font: 16px/1.5 system-ui, -apple-system, Segoe UI, Roboto, Helvetica, Arial, sans-serif;
+    -webkit-font-smoothing: antialiased; text-rendering: optimizeLegibility;
+  }
+  a{ color:inherit; text-decoration:none; }
+  :focus-visible{ outline:3px solid ${({ theme }) => theme.colors.focus}; outline-offset:2px; }
+  @media (prefers-reduced-motion: reduce){
+    *,*::before,*::after{ animation-duration:0.01ms !important; animation-iteration-count:1 !important; transition-duration:0.01ms !important; scroll-behavior:auto !important; }
+  }
+`;
diff --git a/frontend/src/ui/components.js b/frontend/src/ui/components.js
new file mode 100644
index 0000000000..06cd007535
--- /dev/null
+++ b/frontend/src/ui/components.js
@@ -0,0 +1,177 @@
+// frontend/src/ui/components.js
+import styled from 'styled-components';
+import { Link as RouterLink } from 'react-router-dom';
+
+export const Page = styled.main`
+  max-width: 960px;
+  margin: 0 auto;
+  padding: clamp(16px, 3vw, 32px);
+`;
+
+export const Card = styled.section`
+  background:${({ theme }) => theme.colors.bg};
+  border:1px solid ${({ theme }) => theme.colors.border};
+  border-radius:${({ theme }) => theme.radii.lg};
+  box-shadow:${({ theme }) => theme.shadow.sm};
+  padding: clamp(16px, 3vw, 28px);
+`;
+
+export const H1 = styled.h1`margin: 0 0 12px; font-weight: 700;`;
+export const H2 = styled.h2`margin: 0 0 8px; font-weight: 700; font-size:1.25rem;`;
+export const Hint = styled.p`margin: 8px 0 16px; color:${({ theme }) => theme.colors.muted};`;
+
+export const Field = styled.div`margin: 12px 0;`;
+export const Label = styled.label`display:block; margin: 0 0 6px; font-weight:600;`;
+export const Input = styled.input`
+  width:100%; padding:12px 14px; border-radius:${({ theme }) => theme.radii.md};
+  border:1px solid ${({ theme }) => theme.colors.border}; background:#fff;
+  &:focus{ border-color:${({ theme }) => theme.colors.focus}; box-shadow:0 0 0 4px rgba(37,99,235,.15); }
+  &[aria-invalid="true"]{ border-color:${({ theme }) => theme.colors.danger}; }
+`;
+
+export const ErrorText = styled.p`
+  margin:6px 0 0; color:${({ theme }) => theme.colors.danger}; font-size:0.925rem;
+`;
+
+export const Button = styled.button`
+  display:inline-flex; align-items:center; justify-content:center; gap:8px;
+  padding:12px 16px; border:0; border-radius:${({ theme }) => theme.radii.md};
+  color:${({ theme }) => theme.colors.primaryText}; background:${({ theme }) => theme.colors.primary};
+  cursor:pointer; font-weight:600; box-shadow:${({ theme }) => theme.shadow.sm};
+  &:hover{ background:${({ theme }) => theme.colors.primaryHover}; }
+  &:disabled{ opacity:.6; cursor:not-allowed; }
+`;
+
+/* Theme toggle button styled for the dark nav */
+export const GhostButton = styled.button`
+  background: transparent;
+  color: #f2f4f5;
+  border: 1px solid rgba(255,255,255,.25);
+  border-radius: 8px;
+  padding: 6px 10px;
+  cursor: pointer;
+
+  display: inline-flex;
+  align-items: center;
+  gap: 6px;
+
+  &:hover,
+  &:focus-visible {
+    border-color: rgba(255,255,255,.45);
+    transform: translateY(-1px);
+    outline: none;
+  }
+
+  &:active { transform: translateY(0); }
+`;
+
+/* === NAVBAR (2-row on mobile: brand + mode, then links) === */
+const BRAND = '#8a63d2';                      // lighter purple you liked
+const BRAND_BG = 'rgba(138, 99, 210, 0.18)';  // soft pill hover bg
+
+export const Nav = styled.nav`
+  position: sticky;
+  top: 0;
+  z-index: 50;
+
+  background: var(--nav-bg); /* from :root in index.css */
+  color: #f2f4f5;
+  border-bottom: 1px solid rgba(255,255,255,.08);
+
+  padding: 12px 16px;
+  margin: 0;
+
+  /* Mobile: stack into two rows */
+  .row-top {
+    display: flex;
+    align-items: center;
+    justify-content: space-between;
+    gap: 12px;
+  }
+
+  .row-links {
+    display: flex;
+    flex-wrap: wrap;
+    gap: 10px 14px;
+    margin-top: 8px;
+  }
+
+  /* Desktop: brand left, links + toggle right (single bar feel) */
+  @media (min-width: 700px) {
+    display: grid;
+    grid-template-columns: 1fr auto;
+    align-items: center;
+
+    .row-top {
+      justify-content: flex-start;
+      gap: 16px;
+    }
+
+    .row-links {
+      justify-content: flex-end;
+      margin-top: 0;
+    }
+  }
+`;
+
+/* Keep NavGroup for compatibility (optional to use) */
+export const NavGroup = styled.div`
+  display: flex;
+  align-items: center;
+  gap: 16px;
+  flex-wrap: wrap;
+`;
+
+/* Brand text (no card image) */
+export const Brand = styled(RouterLink)`
+  font-weight: 800;
+  letter-spacing: 0.2px;
+  text-decoration: none;
+  color: ${BRAND};
+  font-size: 18px;
+  line-height: 1;
+  padding: 6px 8px;
+  border-radius: 10px;
+  transition: background 120ms ease, color 120ms ease;
+
+  &:hover,
+  &:focus-visible {
+    background: ${BRAND_BG};
+    color: ${BRAND};
+    outline: none;
+  }
+`;
+
+/* Links with clear purple hover/active states */
+export const NavLink = styled(RouterLink)`
+  color: inherit;
+  text-decoration: none;
+  font-weight: 600;
+  line-height: 1;
+  padding: 6px 10px;
+  border-radius: 10px;
+  transition: background 120ms ease, color 120ms ease;
+
+  &:hover,
+  &:focus-visible {
+    background: ${BRAND_BG};
+    color: ${BRAND};
+    outline: none;
+  }
+
+  &.active {
+    background: ${BRAND_BG};
+    color: ${BRAND};
+  }
+`;
+
+export const Grid = styled.div`
+  display:grid; gap:16px;
+  grid-template-columns: repeat(auto-fit, minmax(260px, 1fr));
+`;
+
+export const Divider = styled.hr`
+  border: 0;
+  border-top: 1px solid ${({ theme }) => theme.colors.border};
+  margin: 16px 0;
+`;
diff --git a/frontend/src/ui/theme.js b/frontend/src/ui/theme.js
new file mode 100644
index 0000000000..66475c0386
--- /dev/null
+++ b/frontend/src/ui/theme.js
@@ -0,0 +1,49 @@
+// frontend/src/ui/theme.js
+
+// "Moonlight landscape" palette
+const light = {
+  // page + card
+  page: '#bab095',   // page background
+  bg: '#ffffff',   // card/nav background
+  border: '#e3eaeb',
+
+  // text
+  text: '#1f2426',   // main text (also navbar/hero text)
+  muted: '#6c7a7d',
+
+  // brand
+  primary: '#d1a84a', // moonlight gold
+  primaryHover: '#bf983f',
+  primaryText: '#1b1f23', // dark text on gold
+
+  // states
+  focus: '#2563eb',
+  danger: '#e5484d',
+};
+
+const dark = {
+  page: '#0f1416',
+  bg: '#161d1f',
+  border: '#2a3437',
+
+  text: '#e7ecec',
+  muted: '#95a3a7',
+
+  primary: '#d1a84a',
+  primaryHover: '#c09941',
+  primaryText: '#0f1416',
+
+  focus: '#4f83ff',
+  danger: '#ff6b6b',
+};
+
+export function getTheme(mode = 'light') {
+  const colors = mode === 'dark' ? dark : light;
+  return {
+    mode,
+    colors,
+    radii: { sm: '8px', md: '12px', lg: '16px' },
+    shadow: { sm: '0 4px 14px rgba(0,0,0,.06)' },
+  };
+}
+