Let's add one more feature to our application; the ability to add new words to the word list. We won't allow just any user to do this, only administrators. How exactly can we make a user an administrator? Well, we'll cheat. Open the users.json
file directly, and add an "admin":true
property to the user object of our choice. Then, we'll open the server.js
file; first is the GET route for /new
:
app.get('/new', function (req, res) { if (req.user && req.user.admin) { res.render('new.ejs'); } else { res.redirect('/'); } });
If there's a user logged in, and that user is an administrator, then we'll render the new word template. Otherwise, we'll redirect to the root route. Create the new.ejs
file in the views
directory, and write this:
<% include header %> <% include nav %> <div id='main'> <form method="post" action="/new"> <h1> Add a Word </h1> <p>Word:</p> <p><input type='text' name='word...