diff --git a/apps/backend/prisma/migrations/20260319132056_add_band_approval/migration.sql b/apps/backend/prisma/migrations/20260319132056_add_band_approval/migration.sql
new file mode 100644
index 0000000..ec3baa6
--- /dev/null
+++ b/apps/backend/prisma/migrations/20260319132056_add_band_approval/migration.sql
@@ -0,0 +1,2 @@
+-- AlterTable
+ALTER TABLE "Band" ADD COLUMN     "isApproved" BOOLEAN NOT NULL DEFAULT false;
diff --git a/apps/backend/prisma/migrations/20260323150841_add_created_at_to_band_membership/migration.sql b/apps/backend/prisma/migrations/20260323150841_add_created_at_to_band_membership/migration.sql
new file mode 100644
index 0000000..7202f7e
--- /dev/null
+++ b/apps/backend/prisma/migrations/20260323150841_add_created_at_to_band_membership/migration.sql
@@ -0,0 +1,2 @@
+-- AlterTable
+ALTER TABLE "BandMembership" ADD COLUMN     "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP;
diff --git a/apps/backend/prisma/schema.prisma b/apps/backend/prisma/schema.prisma
index e00e147..a621df1 100644
--- a/apps/backend/prisma/schema.prisma
+++ b/apps/backend/prisma/schema.prisma
@@ -79,17 +79,19 @@ model Band {
   webPage      String?
   description  String?
   genres       String[]
+  isApproved   Boolean          @default(false)
   members      BandMembership[]
   reservations Reservation[]
 }
 
 model BandMembership {
-  id     Int                  @id @default(autoincrement())
-  userId Int?
-  bandId Int?
-  status BandMembershipStatus @default(PENDING)
-  band   Band?                @relation(fields: [bandId], references: [id])
-  user   User?                @relation(fields: [userId], references: [id])
+  id        Int                  @id @default(autoincrement())
+  userId    Int?
+  bandId    Int?
+  status    BandMembershipStatus @default(PENDING)
+  createdAt DateTime             @default(now())
+  band      Band?                @relation(fields: [bandId], references: [id])
+  user      User?                @relation(fields: [userId], references: [id])
 
   @@unique([bandId, userId])
 }
diff --git a/apps/backend/src/auth/jwt.strategy.ts b/apps/backend/src/auth/jwt.strategy.ts
index 9588bb2..b6f61e8 100644
--- a/apps/backend/src/auth/jwt.strategy.ts
+++ b/apps/backend/src/auth/jwt.strategy.ts
@@ -1,11 +1,12 @@
-import { Injectable } from '@nestjs/common';
+import { Injectable, UnauthorizedException } from '@nestjs/common';
 import { PassportStrategy } from '@nestjs/passport';
+import { PrismaService } from 'nestjs-prisma';
 import { ExtractJwt, Strategy } from 'passport-jwt';
 import { User } from 'src/users/entities/user.entity';
 
 @Injectable()
 export class JwtStrategy extends PassportStrategy(Strategy) {
-  constructor() {
+  constructor(private readonly prisma: PrismaService) {
     super({
       jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
       ignoreExpiration: false,
@@ -13,7 +14,11 @@ export class JwtStrategy extends PassportStrategy(Strategy) {
     });
   }
 
-  validate(payload: User): User {
-    return payload;
+  async validate(payload: User): Promise<User> {
+    const user = await this.prisma.user.findUnique({ where: { id: payload.id } });
+    if (!user) {
+      throw new UnauthorizedException('User not found');
+    }
+    return user;
   }
 }
diff --git a/apps/backend/src/auth/optional-jwt-auth.guard.ts b/apps/backend/src/auth/optional-jwt-auth.guard.ts
new file mode 100644
index 0000000..28726ef
--- /dev/null
+++ b/apps/backend/src/auth/optional-jwt-auth.guard.ts
@@ -0,0 +1,14 @@
+import { Injectable } from '@nestjs/common';
+import { AuthGuard } from '@nestjs/passport';
+
+@Injectable()
+export class OptionalJwtAuthGuard extends AuthGuard('jwt') {
+  // Override handleRequest so it doesn't throw an error if no user is found
+  handleRequest(err: any, user: any) {
+    // If there is an error or no user, just return null (do not throw UnauthorizedException)
+    if (err || !user) {
+      return null;
+    }
+    return user;
+  }
+}
diff --git a/apps/backend/src/bands/bands.service.ts b/apps/backend/src/bands/bands.service.ts
index 4d1e44b..da02329 100644
--- a/apps/backend/src/bands/bands.service.ts
+++ b/apps/backend/src/bands/bands.service.ts
@@ -11,13 +11,59 @@ import { Band } from './entities/band.entity';
 export class BandsService {
   constructor(private readonly prisma: PrismaService) {}
 
-  async create(createBandDto: CreateBandDto): Promise<Band> {
+  async create(createBandDto: CreateBandDto, userId?: number): Promise<Band> {
+    if (userId) {
+      return await this.prisma.band.create({
+        data: {
+          ...createBandDto,
+          members: {
+            create: {
+              userId,
+              status: BandMembershipStatus.ACCEPTED,
+            },
+          },
+        },
+      });
+    }
     return await this.prisma.band.create({ data: createBandDto });
   }
 
-  async findAll(): Promise<Band[]> {
+  async findAll(user?: User): Promise<Band[]> {
+    let where: any = { isApproved: true };
+    const sevenDaysAgo = new Date(Date.now() - 7 * 24 * 60 * 60 * 1000);
+
+    if (user?.role === 'ADMIN') {
+      where = {}; // Admins see all bands, approved or not
+    } else if (user?.id) {
+      // Normal users see approved bands OR bands where they are a member
+      where = {
+        OR: [
+          { isApproved: true },
+          {
+            members: {
+              some: {
+                userId: user.id,
+                OR: [
+                  { status: BandMembershipStatus.ACCEPTED },
+                  { status: BandMembershipStatus.PENDING, createdAt: { gte: sevenDaysAgo } },
+                ],
+              },
+            },
+          },
+        ],
+      };
+    }
+
     const res = await this.prisma.band.findMany({
-      include: { members: { include: { user: { select: { fullName: true } } } } },
+      where,
+      include: {
+        members: {
+          where: {
+            OR: [{ status: 'ACCEPTED' }, { status: 'PENDING', createdAt: { gte: sevenDaysAgo } }],
+          },
+          include: { user: { select: { fullName: true } } },
+        },
+      },
     });
     return res;
   }
@@ -44,10 +90,28 @@ export class BandsService {
     }
   }
 
+  async isAcceptedMember(bandId: number, userId: number): Promise<boolean> {
+    const count = await this.prisma.bandMembership.count({
+      where: {
+        bandId,
+        userId,
+        status: BandMembershipStatus.ACCEPTED,
+      },
+    });
+    return count > 0;
+  }
+
   async findMembers(id: number): Promise<User[]> {
     try {
+      const sevenDaysAgo = new Date(Date.now() - 7 * 24 * 60 * 60 * 1000);
       const bandmemberships = await this.prisma.bandMembership.findMany({
-        where: { bandId: id },
+        where: {
+          bandId: id,
+          OR: [
+            { status: BandMembershipStatus.ACCEPTED },
+            { status: BandMembershipStatus.PENDING, createdAt: { gte: sevenDaysAgo } },
+          ],
+        },
         include: { user: true },
       });
       return bandmemberships.map((membership) => membership.user);
@@ -58,6 +122,18 @@ export class BandsService {
 
   async addMember(bandId: number, userId: number): Promise<BandMembership> {
     try {
+      const sevenDaysAgo = new Date(Date.now() - 7 * 24 * 60 * 60 * 1000);
+
+      // Clean up expired pending invites before checking for existing
+      await this.prisma.bandMembership.deleteMany({
+        where: {
+          bandId,
+          userId,
+          status: BandMembershipStatus.PENDING,
+          createdAt: { lt: sevenDaysAgo },
+        },
+      });
+
       const existing = await this.prisma.bandMembership.findFirst({ where: { bandId, userId } });
       if (existing) {
         throw new ConflictException('User is already a member of this band');
@@ -87,10 +163,22 @@ export class BandsService {
 
   async approveMember(bandId: number, userId: number) {
     try {
-      return await this.prisma.bandMembership.updateMany({
-        where: { bandId, userId },
+      const sevenDaysAgo = new Date(Date.now() - 7 * 24 * 60 * 60 * 1000);
+      const res = await this.prisma.bandMembership.updateMany({
+        where: {
+          bandId,
+          userId,
+          status: BandMembershipStatus.PENDING,
+          createdAt: { gte: sevenDaysAgo },
+        },
         data: { status: BandMembershipStatus.ACCEPTED },
       });
+
+      if (res.count === 0) {
+        throw new NotFoundException('No valid invitation found');
+      }
+
+      return res;
     } catch (error) {
       throw new NotFoundException('No member found');
     }
diff --git a/apps/backend/src/bands/bandsController.ts b/apps/backend/src/bands/bandsController.ts
index 82736cd..00247c4 100644
--- a/apps/backend/src/bands/bandsController.ts
+++ b/apps/backend/src/bands/bandsController.ts
@@ -1,8 +1,21 @@
-import { Body, Controller, Delete, Get, Param, ParseIntPipe, Patch, Post, UseGuards } from '@nestjs/common';
+import {
+  Body,
+  Controller,
+  Delete,
+  ForbiddenException,
+  Get,
+  Param,
+  ParseIntPipe,
+  Patch,
+  Post,
+  Req,
+  UseGuards,
+} from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
 import { ApiBearerAuth } from '@nestjs/swagger';
 import { Role } from '@prisma/client';
 import { Roles } from 'src/auth/decorators/Roles.decorator';
+import { OptionalJwtAuthGuard } from 'src/auth/optional-jwt-auth.guard';
 import { RolesGuard } from 'src/auth/roles.guard';
 
 import { BandsService } from './bands.service';
@@ -16,13 +29,14 @@ export class BandsController {
   @Post()
   @ApiBearerAuth()
   @UseGuards(AuthGuard('jwt')) // Ha JWT-t használsz
-  create(@Body() createBandDto: CreateBandDto) {
-    return this.bandsService.create(createBandDto);
+  create(@Body() createBandDto: CreateBandDto, @Req() req: any) {
+    return this.bandsService.create(createBandDto, req.user.id);
   }
 
   @Get()
-  findAll() {
-    return this.bandsService.findAll();
+  @UseGuards(OptionalJwtAuthGuard)
+  findAll(@Req() req: any) {
+    return this.bandsService.findAll(req.user);
   }
 
   @Get(':id')
@@ -54,23 +68,46 @@ export class BandsController {
   @Post(':id/members/:userId')
   @ApiBearerAuth()
   @UseGuards(AuthGuard('jwt'))
-  addMember(@Param('id', ParseIntPipe) bandId: number, @Param('userId', ParseIntPipe) userId: number) {
+  async addMember(
+    @Param('id', ParseIntPipe) bandId: number,
+    @Param('userId', ParseIntPipe) userId: number,
+    @Req() req: any
+  ) {
+    if (req.user.role !== Role.ADMIN) {
+      // Requesting user must be an accepted member of the band
+      const isMember = await this.bandsService.isAcceptedMember(bandId, req.user.id);
+      if (!isMember) {
+        throw new ForbiddenException('Csak a zenekar tagjai hívhatnak meg másokat.');
+      }
+    }
     return this.bandsService.addMember(bandId, userId);
   }
 
   @Delete(':id/members/:userId')
   @ApiBearerAuth()
-  @UseGuards(AuthGuard('jwt'), RolesGuard)
-  @Roles(Role.ADMIN)
-  removeMember(@Param('id', ParseIntPipe) bandId: number, @Param('userId', ParseIntPipe) userId: number) {
+  @UseGuards(AuthGuard('jwt'))
+  removeMember(
+    @Param('id', ParseIntPipe) bandId: number,
+    @Param('userId', ParseIntPipe) userId: number,
+    @Req() req: any
+  ) {
+    if (req.user.role !== Role.ADMIN && req.user.id !== userId) {
+      throw new ForbiddenException('Csak magadat távolíthatod el.');
+    }
     return this.bandsService.removeMember(bandId, userId);
   }
 
   @Patch(':id/members/:userId')
   @ApiBearerAuth()
-  @UseGuards(AuthGuard('jwt'), RolesGuard)
-  @Roles(Role.ADMIN)
-  approveMember(@Param('id', ParseIntPipe) bandId: number, @Param('userId', ParseIntPipe) userId: number) {
+  @UseGuards(AuthGuard('jwt'))
+  approveMember(
+    @Param('id', ParseIntPipe) bandId: number,
+    @Param('userId', ParseIntPipe) userId: number,
+    @Req() req: any
+  ) {
+    if (req.user.role !== Role.ADMIN && req.user.id !== userId) {
+      throw new ForbiddenException('Csak a saját meghívódat fogadhatod el.');
+    }
     return this.bandsService.approveMember(bandId, userId);
   }
 }
diff --git a/apps/backend/src/bands/dto/update-band.dto.ts b/apps/backend/src/bands/dto/update-band.dto.ts
index 3ef04f6..0866d35 100644
--- a/apps/backend/src/bands/dto/update-band.dto.ts
+++ b/apps/backend/src/bands/dto/update-band.dto.ts
@@ -1,5 +1,10 @@
 import { PartialType } from '@nestjs/mapped-types';
+import { IsBoolean, IsOptional } from 'class-validator';
 
 import { CreateBandDto } from './create-band.dto';
 
-export class UpdateBandDto extends PartialType(CreateBandDto) {}
+export class UpdateBandDto extends PartialType(CreateBandDto) {
+  @IsOptional()
+  @IsBoolean()
+  isApproved?: boolean;
+}
diff --git a/apps/frontend/src/app/bands/page.tsx b/apps/frontend/src/app/bands/page.tsx
index 8e3abe7..fc44fc0 100644
--- a/apps/frontend/src/app/bands/page.tsx
+++ b/apps/frontend/src/app/bands/page.tsx
@@ -1,6 +1,6 @@
 'use client';
 
-import { useEffect, useState } from 'react';
+import { useEffect, useMemo, useState } from 'react';
 
 import BandRow from '@/components/band/band-row';
 import CreateBandDialog from '@/components/band/create-band-dialog';
@@ -16,6 +16,12 @@ export default function Bands() {
   const [searchTerm, setSearchTerm] = useState('');
   const { user } = useUser();
 
+  const knownGenres = useMemo(() => {
+    const genreSet = new Set<string>();
+    bands.forEach((b) => b.genres?.forEach((g) => genreSet.add(g)));
+    return Array.from(genreSet).sort();
+  }, [bands]);
+
   const fetchBands = () => {
     axiosApi.get('/bands').then((res) => {
       const fetched: Band[] = res.data;
@@ -37,7 +43,7 @@ export default function Bands() {
       <div className='flex items-center justify-between flex-col sm:flex-row gap-3 p-4 bg-background sticky top-0 z-10'>
         <h1 className='text-2xl font-semibold text-primary w-full sm:w-auto text-center sm:text-left'>Zenekarok</h1>
         <div className='flex gap-2 w-full sm:w-auto flex-col sm:flex-row'>
-          {user && <CreateBandDialog onCreated={() => fetchBands()} />}
+          {user && <CreateBandDialog onCreated={() => fetchBands()} knownGenres={knownGenres} />}
           <Input
             placeholder='Keresés...'
             value={searchTerm}
@@ -47,17 +53,17 @@ export default function Bands() {
         </div>
       </div>
       <Table>
-        <TableBody>
-          {filteredData.length ? (
-            filteredData.map((band) => <BandRow band={band} key={band.id} />)
-          ) : (
+        {filteredData.length ? (
+          filteredData.map((band) => <BandRow band={band} key={band.id} knownGenres={knownGenres} />)
+        ) : (
+          <TableBody>
             <TableRow>
               <TableCell colSpan={4} className='h-24 text-center'>
-                No results.
+                Nincs találat.
               </TableCell>
             </TableRow>
-          )}
-        </TableBody>
+          </TableBody>
+        )}
       </Table>
     </div>
   );
diff --git a/apps/frontend/src/components/band/band-form-dialog.tsx b/apps/frontend/src/components/band/band-form-dialog.tsx
index cdeb4a8..fc754b8 100644
--- a/apps/frontend/src/components/band/band-form-dialog.tsx
+++ b/apps/frontend/src/components/band/band-form-dialog.tsx
@@ -1,6 +1,6 @@
 'use client';
 
-import { ReactNode, useEffect, useMemo, useState } from 'react';
+import { ReactNode, useEffect, useMemo, useRef, useState } from 'react';
 import { toast } from 'sonner';
 
 import { Button } from '@/components/ui/button';
@@ -22,6 +22,7 @@ type BandFormDialogProps = {
   onOpenChange: (open: boolean) => void;
   onSuccess?: (band: Band) => void;
   trigger?: ReactNode;
+  knownGenres?: string[];
 };
 
 const MAX_NAME_LENGTH = 100;
@@ -30,7 +31,15 @@ const MAX_WEBPAGE_LENGTH = 200;
 const MAX_DESCRIPTION_LENGTH = 1000;
 const MAX_GENRES_LENGTH = 200;
 
-export default function BandFormDialog({ mode, band, open, onOpenChange, onSuccess, trigger }: BandFormDialogProps) {
+export default function BandFormDialog({
+  mode,
+  band,
+  open,
+  onOpenChange,
+  onSuccess,
+  trigger,
+  knownGenres,
+}: BandFormDialogProps) {
   const { user } = useUser();
   const isEdit = useMemo(() => mode === 'edit', [mode]);
 
@@ -41,6 +50,8 @@ export default function BandFormDialog({ mode, band, open, onOpenChange, onSucce
   const [webPage, setWebPage] = useState(band?.webPage || '');
   const [description, setDescription] = useState(band?.description || '');
   const [genresInput, setGenresInput] = useState((band?.genres || []).join(', '));
+  const [showSuggestions, setShowSuggestions] = useState(false);
+  const genresWrapperRef = useRef<HTMLDivElement>(null);
 
   useEffect(() => {
     if (!open) {
@@ -51,6 +62,7 @@ export default function BandFormDialog({ mode, band, open, onOpenChange, onSucce
       setDescription(band?.description || '');
       setGenresInput((band?.genres || []).join(', '));
       setSubmitting(false);
+      setShowSuggestions(false);
     } else if (isEdit) {
       // when opening edit, ensure fields reflect latest band
       setName(band?.name || '');
@@ -67,6 +79,39 @@ export default function BandFormDialog({ mode, band, open, onOpenChange, onSucce
     }
   }, [open, isEdit, mode, band?.name, band?.email, band?.webPage, band?.description, band?.genres]);
 
+  // Derive suggestions: filter knownGenres by the current token (text after last comma)
+  // and exclude genres already present in the input.
+  const genreSuggestions = useMemo(() => {
+    if (!knownGenres?.length || !showSuggestions) return [];
+
+    const parts = genresInput.split(',');
+    const currentToken = parts[parts.length - 1].trim().toLowerCase();
+    const already = new Set(
+      parts
+        .slice(0, -1)
+        .map((g) => g.trim().toLowerCase())
+        .filter(Boolean)
+    );
+
+    return knownGenres.filter((g) => {
+      const lower = g.toLowerCase();
+      return !already.has(lower) && (currentToken === '' || lower.includes(currentToken));
+    });
+  }, [knownGenres, genresInput, showSuggestions]);
+
+  const handleSelectSuggestion = (genre: string) => {
+    const parts = genresInput.split(',');
+    // Replace the last token (currently being typed) with the selected suggestion
+    parts[parts.length - 1] = genre.trim();
+    // Rejoin with comma-space and append a trailing comma-space
+    const newVal = `${parts
+      .map((p) => p.trim())
+      .filter(Boolean)
+      .join(', ')}, `;
+    setGenresInput(newVal);
+    // Keep suggestions open so they can rapidly click multiple genres
+  };
+
   const handleSubmit = async () => {
     if (!name.trim()) return;
     setSubmitting(true);
@@ -152,12 +197,33 @@ export default function BandFormDialog({ mode, band, open, onOpenChange, onSucce
             onChange={(e) => setDescription(sanitizeUtfInput(e.target.value))}
             maxLength={MAX_DESCRIPTION_LENGTH}
           />
-          <Input
-            placeholder='Műfajok (vesszővel elválasztva)'
-            value={genresInput}
-            onChange={(e) => setGenresInput(sanitizeUtfInput(e.target.value))}
-            maxLength={MAX_GENRES_LENGTH}
-          />
+          <div ref={genresWrapperRef} className='relative'>
+            <Input
+              placeholder='Műfajok (vesszővel elválasztva)'
+              value={genresInput}
+              onChange={(e) => setGenresInput(sanitizeUtfInput(e.target.value))}
+              maxLength={MAX_GENRES_LENGTH}
+              onFocus={() => setShowSuggestions(true)}
+              onBlur={() => {
+                // Delay so a click on a suggestion registers first
+                setTimeout(() => setShowSuggestions(false), 150);
+              }}
+            />
+            {genreSuggestions.length > 0 && (
+              <ul className='absolute z-50 mt-1 w-full rounded-md border border-input bg-background shadow-md max-h-48 overflow-y-auto'>
+                {genreSuggestions.map((genre) => (
+                  <li
+                    key={genre}
+                    onMouseDown={(e) => e.preventDefault()} // prevent blur before click
+                    onClick={() => handleSelectSuggestion(genre)}
+                    className='cursor-pointer px-3 py-2 text-sm hover:bg-accent hover:text-accent-foreground transition-colors'
+                  >
+                    {genre}
+                  </li>
+                ))}
+              </ul>
+            )}
+          </div>
           <div className='flex justify-end gap-2 mt-2'>
             <Button variant='ghost' onClick={() => onOpenChange(false)} disabled={submitting}>
               Mégse
diff --git a/apps/frontend/src/components/band/band-row.tsx b/apps/frontend/src/components/band/band-row.tsx
index 0cc8fe0..d222663 100644
--- a/apps/frontend/src/components/band/band-row.tsx
+++ b/apps/frontend/src/components/band/band-row.tsx
@@ -2,22 +2,29 @@ import { LogOut, Pencil, Play } from 'lucide-react';
 import { useEffect, useMemo, useState } from 'react';
 
 import BandFormDialog from '@/components/band/band-form-dialog';
+import { Badge } from '@/components/ui/badge';
 import { Button } from '@/components/ui/button';
 import { Collapsible, CollapsibleContent, CollapsibleTrigger } from '@/components/ui/collapsible';
 import { Dialog, DialogContent, DialogHeader, DialogTitle, DialogTrigger } from '@/components/ui/dialog';
-import { TableCell, TableRow } from '@/components/ui/table';
+import { TableBody, TableCell, TableRow } from '@/components/ui/table';
 import getUser from '@/hooks/getUser';
 import { useUser } from '@/hooks/useUser';
 import axiosApi from '@/lib/apiSetup';
 import { Band, BandMembership } from '@/types/band';
 
-export default function BandRow({ band }: { band: Band }) {
+export default function BandRow({ band, knownGenres }: { band: Band; knownGenres?: string[] }) {
   const { user } = useUser();
-  const [memberNames, setMemberNames] = useState<string[]>([]);
+  const [memberInfos, setMemberInfos] = useState<{ id?: number; name: string }[]>([]);
   const isMember = useMemo(() => {
     if (!user) return false;
     const m = (band.members || []) as BandMembership[];
-    return m.some((bm) => bm.userId === user.id);
+    return m.some((bm) => bm.userId === user.id && bm.status === 'ACCEPTED');
+  }, [user, band.members]);
+
+  const isPending = useMemo(() => {
+    if (!user) return false;
+    const m = (band.members || []) as BandMembership[];
+    return m.some((bm) => bm.userId === user.id && bm.status === 'PENDING');
   }, [user, band.members]);
 
   const [editOpen, setEditOpen] = useState(false);
@@ -37,28 +44,31 @@ export default function BandRow({ band }: { band: Band }) {
   useEffect(() => {
     const members = band.members;
     if (!members || members.length === 0) {
-      setMemberNames([]);
+      setMemberInfos([]);
       return;
     }
 
     if (typeof (members as any)[0] === 'string') {
-      setMemberNames(members as unknown as string[]);
+      setMemberInfos((members as unknown as string[]).map((name) => ({ name })));
       return;
     }
 
     let cancelled = false;
     const memberships = members as BandMembership[];
-    const userIds = memberships.map((m) => m.userId).filter((id): id is number => typeof id === 'number');
+    const userIds = memberships
+      .filter((m) => m.status === 'ACCEPTED')
+      .map((m) => m.userId)
+      .filter((id): id is number => typeof id === 'number');
     Promise.all(
       userIds.map((id) =>
         getUser(id)
-          .then((u) => u.fullName)
+          .then((u) => ({ id, name: u.fullName }))
           .catch(() => undefined)
       )
     )
-      .then((names) => names.filter((n): n is string => Boolean(n)))
-      .then((names) => {
-        if (!cancelled) setMemberNames(names);
+      .then((infos) => infos.filter((info): info is { id: number; name: string } => Boolean(info)))
+      .then((infos) => {
+        if (!cancelled) setMemberInfos(infos);
       });
 
     return () => {
@@ -68,19 +78,26 @@ export default function BandRow({ band }: { band: Band }) {
 
   return (
     <Collapsible key={band.id} asChild>
-      <>
+      <TableBody className='border-b'>
         <TableRow className='border-0'>
           <TableCell colSpan={4}>
-            <div>
+            <div className='flex items-center gap-2'>
               <strong className='text-xl'>{band.name}</strong>
-              <h1>{band.genres?.join(' ')}</h1>
+              {!band.isApproved && (
+                <Badge variant='outline' className='ml-2 text-destructive border-destructive'>
+                  Jóváhagyásra vár
+                </Badge>
+              )}
             </div>
+            <h1>{band.genres?.join(' ')}</h1>
           </TableCell>
           <TableCell>{band.webPage}</TableCell>
           <TableCell>
             <a href={`mailto:${band.email}`}>{band.email}</a>
           </TableCell>
-          <TableCell>{band.members?.length || 0} tag</TableCell>
+          <TableCell>
+            {band.members?.filter((m: any) => typeof m === 'string' || m.status === 'ACCEPTED').length || 0} tag
+          </TableCell>
           <TableCell>
             <CollapsibleTrigger asChild className='data-[state=open]:rotate-90 transition-all duration-300'>
               <Button size='icon' variant='ghost'>
@@ -96,11 +113,67 @@ export default function BandRow({ band }: { band: Band }) {
                 <div className='order-1 flex-1 md:pr-4 break-words w-full'>{band.description}</div>
                 <div className='order-2 flex-1 md:pr-4 w-full'>
                   <strong>Tagok: </strong>
-                  {memberNames.join(', ')}
+                  <div className='mt-1 flex flex-wrap gap-2'>
+                    {memberInfos.map((m, i) => (
+                      <Badge key={m.id ?? i} variant='secondary' className='flex items-center gap-1'>
+                        {m.name}
+                        {user?.role === 'ADMIN' && m.id && (
+                          <button
+                            type='button'
+                            className='text-destructive hover:text-red-700 ml-1 font-bold'
+                            onClick={() =>
+                              axiosApi.delete(`/bands/${band.id}/members/${m.id}`).then(() => window.location.reload())
+                            }
+                          >
+                            ×
+                          </button>
+                        )}
+                      </Badge>
+                    ))}
+                  </div>
                 </div>
                 <div className='order-3 md:ml-auto flex flex-row items-center gap-2 shrink-0 flex-wrap w-full md:w-auto'>
+                  {isPending && (
+                    <div className='flex gap-2 mb-4 w-full bg-accent p-3 rounded-md items-center justify-between'>
+                      <span className='text-sm font-semibold'>Meghívásod van ebbe a zenekarba!</span>
+                      <div className='flex gap-2'>
+                        <Button
+                          size='sm'
+                          className='bg-green-600 hover:bg-green-700'
+                          onClick={() =>
+                            axiosApi.patch(`/bands/${band.id}/members/${user?.id}`).then(() => window.location.reload())
+                          }
+                        >
+                          Elfogadás
+                        </Button>
+                        <Button
+                          size='sm'
+                          variant='destructive'
+                          onClick={() =>
+                            axiosApi
+                              .delete(`/bands/${band.id}/members/${user?.id}`)
+                              .then(() => window.location.reload())
+                          }
+                        >
+                          Elutasítás
+                        </Button>
+                      </div>
+                    </div>
+                  )}
+                  {/* Approve button for admins */}
+                  {user?.role === 'ADMIN' && !band.isApproved && (
+                    <Button
+                      size='sm'
+                      className='bg-green-600 hover:bg-green-700'
+                      onClick={() => {
+                        axiosApi.patch(`/bands/${band.id}`, { isApproved: true }).then(() => window.location.reload());
+                      }}
+                    >
+                      Elfogadás
+                    </Button>
+                  )}
                   {/* Join button removed intentionally */}
-                  {isMember && user && (
+                  {(isMember || user?.role === 'ADMIN') && user && (
                     <>
                       <div>
                         <BandFormDialog
@@ -109,6 +182,7 @@ export default function BandRow({ band }: { band: Band }) {
                           open={editOpen}
                           onOpenChange={setEditOpen}
                           onSuccess={() => window.location.reload()}
+                          knownGenres={knownGenres}
                           trigger={
                             <Button size='sm' variant='secondary'>
                               <Pencil />
@@ -117,15 +191,19 @@ export default function BandRow({ band }: { band: Band }) {
                         />
                       </div>
                       <div>
-                        <Button
-                          size='sm'
-                          variant='destructive'
-                          onClick={() =>
-                            axiosApi.delete(`/bands/${band.id}/members/${user.id}`).then(() => window.location.reload())
-                          }
-                        >
-                          <LogOut />
-                        </Button>
+                        {isMember && (
+                          <Button
+                            size='sm'
+                            variant='destructive'
+                            onClick={() =>
+                              axiosApi
+                                .delete(`/bands/${band.id}/members/${user.id}`)
+                                .then(() => window.location.reload())
+                            }
+                          >
+                            <LogOut />
+                          </Button>
+                        )}
                       </div>
                       <div>
                         <Dialog
@@ -136,11 +214,11 @@ export default function BandRow({ band }: { band: Band }) {
                           }}
                         >
                           <DialogTrigger asChild>
-                            <Button size='sm'>Tag hozzáadása</Button>
+                            <Button size='sm'>Tag meghívása</Button>
                           </DialogTrigger>
                           <DialogContent>
                             <DialogHeader>
-                              <DialogTitle>Tag hozzáadása</DialogTitle>
+                              <DialogTitle>Tag meghívása</DialogTitle>
                             </DialogHeader>
                             <div className='flex flex-col gap-3'>
                               <select
@@ -178,7 +256,7 @@ export default function BandRow({ band }: { band: Band }) {
                                   }}
                                   disabled={selectedUserId === ''}
                                 >
-                                  Hozzáadás
+                                  Meghívás
                                 </Button>
                               </div>
                             </div>
@@ -192,7 +270,7 @@ export default function BandRow({ band }: { band: Band }) {
             </TableCell>
           </CollapsibleContent>
         </TableRow>
-      </>
+      </TableBody>
     </Collapsible>
   );
 }
diff --git a/apps/frontend/src/components/band/create-band-dialog.tsx b/apps/frontend/src/components/band/create-band-dialog.tsx
index 7b80a9e..69465dc 100644
--- a/apps/frontend/src/components/band/create-band-dialog.tsx
+++ b/apps/frontend/src/components/band/create-band-dialog.tsx
@@ -9,9 +9,10 @@ import { Band } from '@/types/band';
 
 type CreateBandDialogProps = {
   onCreated?: (band: Band) => void;
+  knownGenres?: string[];
 };
 
-export default function CreateBandDialog({ onCreated }: CreateBandDialogProps) {
+export default function CreateBandDialog({ onCreated, knownGenres }: CreateBandDialogProps) {
   const [open, setOpen] = useState(false);
 
   return (
@@ -20,6 +21,7 @@ export default function CreateBandDialog({ onCreated }: CreateBandDialogProps) {
       open={open}
       onOpenChange={setOpen}
       onSuccess={(b) => onCreated?.(b)}
+      knownGenres={knownGenres}
       trigger={
         <Button>
           <Plus />
diff --git a/apps/frontend/src/types/band.ts b/apps/frontend/src/types/band.ts
index 6307dec..0f87bc4 100644
--- a/apps/frontend/src/types/band.ts
+++ b/apps/frontend/src/types/band.ts
@@ -5,12 +5,14 @@ export type Band = {
   webPage: string;
   description: string;
   genres?: string[];
+  isApproved: boolean;
   members?: BandMembership[];
 };
 
 export type BandMembership = {
   id: number;
-  bandId: number;
   userId: number;
-  status: string;
+  bandId: number;
+  status: 'PENDING' | 'ACCEPTED';
+  createdAt: string;
 };
diff --git a/project_info/product.md b/project_info/product.md
index d6f07db..ded6c28 100644
--- a/project_info/product.md
+++ b/project_info/product.md
@@ -2,7 +2,7 @@
 
 ## Project Purpose
 
-**mmmk-web** is the official web platform of **MMMK** (Mérnöki Muzsikusok Művelődési Köre — the music club of a Hungarian university). It serves as the club's central digital hub, combining a public-facing homepage with an internal management system for club operations.
+**mmmk-web** is the official web platform of **MMMK** (Muzsika Mívelő Mérnökök Klubja — the music club of a Hungarian university). It serves as the club's central digital hub, combining a public-facing homepage with an internal management system for club operations.
 
 The platform replaces manual coordination (e.g. scheduling rehearsal room usage by message/email) with a structured, self-service system accessible to all club members via university SSO login.
 
@@ -34,8 +34,12 @@ The platform replaces manual coordination (e.g. scheduling rehearsal room usage
 
 ### 🎸 Band Management
 
-- Members can **create and manage bands**, including name, email, website, description, and genre tags
-- Band membership with approval flow: `PENDING` → `ACCEPTED`
+- Members can **create bands**, including name, email, website, description, and genre tags (with real-time autocomplete suggestions based on existing bands)
+- Newly created bands require **Admin approval** (`isApproved` flag) to become public. Until approved, they are only visible to band members and admins.
+- Admins can **approve, edit, and fully manage members** for any band on the platform.
+- Band members and Admins can **invite new users** to their band.
+- Band membership invitations start in a `PENDING` state and automatically expire after 7 days.
+- Invited users must explicitly **Accept** or **Reject** the invitation; accepted users are officially added to the band.
 - Bands can be linked to rehearsal reservations
 
 ### 👥 Member Directory
diff --git a/project_info/structure.md b/project_info/structure.md
index f18c256..0a7790a 100644
--- a/project_info/structure.md
+++ b/project_info/structure.md
@@ -146,8 +146,8 @@ AppModule
 │   ├── UsersService        ← findAll, findMe, findOne, update
 │   └── UsersController     ← GET /users, /users/me, /users/:id, PATCH /users/:id
 ├── BandsModule
-│   ├── BandsService
-│   └── BandsController     ← CRUD /bands
+│   ├── BandsService        ← Filters bands based on isApproved and user role
+│   └── BandsController     ← CRUD /bands (Uses OptionalJwtAuthGuard for public access)
 ├── MembershipsModule
 │   ├── MembershipsService
 │   └── MembershipsController ← CRUD /memberships
@@ -286,6 +286,8 @@ The Prisma schema (`prisma/schema.prisma`) is the authoritative definition for a
 **New models added in this merge:**
 | Model | Purpose |
 |---|---|
+| `Band` (updated) | Added `isApproved` flag to gate visibility on the public bands page. |
+| `BandMembership` (updated) | Added `createdAt` timestamp to enable 7-day automatic expiration for `PENDING` invitations. |
 | `ReservationConfig` | Singleton config record (id=1): default daily/weekly hour caps for users and bands |
 | `SanctionTier` | Linked to `ReservationConfig`; defines tighter caps for users with ≥ N sanction points |
 | `Period` | Date range record (start/end dates); used for scheduling periods |