diff --git a/controllers/indexController.js b/controllers/indexController.js
index 824647e..eddcfb1 100644
--- a/controllers/indexController.js
+++ b/controllers/indexController.js
@@ -3,9 +3,9 @@ const collectionModel = require('../models/collection')
 
 // Home page
 exports.index = asyncHandler(async(req,res,next)=>{
+console.log(req.user)
 
-
-    res.render('index',{title:'E-commerce', user: req.user })
+    res.send({username: req.user.username })
 
 
 })
diff --git a/controllers/itemController.js b/controllers/itemController.js
index a2faece..67b20e2 100644
--- a/controllers/itemController.js
+++ b/controllers/itemController.js
@@ -297,6 +297,12 @@ exports.create_post_api = [
           
         
 })]
+//handleing creating item GET API
+exports.create_get_api =asyncHandler(async(req,res,next)=>{
+    const collections = await collectionModel.find({})
+    res.send({title:"collections create",collections:collections})
+
+})
 
 //handling deleting a item
 exports.delete = asyncHandler(async(req,res,next)=>{
diff --git a/helpers/auth.js b/helpers/auth.js
index 24eb810..db226cb 100644
--- a/helpers/auth.js
+++ b/helpers/auth.js
@@ -10,12 +10,12 @@ module.exports=function authenticate(req, res, next) {
     jwt.verify(token, process.env.ACCESS_TOKEN_SECRET, (err, user) => {
       if (err || user.username !== "admin") {
         console.log("eror", err);
-       return res.sendStatus(403);
+       return res.status(403).send({msg:'Forbidden',status:403});
       }
       req.user = user;
       next();
     });
   } else {
-    return res.sendStatus(403).send({errors:'Forrbiden'});
+    return res.status(403).send([{msg:'Forbidden',status:403}]);
   }
 }
diff --git a/request.rest b/request.rest
index d1a5ef3..7b220e7 100644
--- a/request.rest
+++ b/request.rest
@@ -1,7 +1 @@
-POST http://localhost:3000/item/create/api
-Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImFkbWluIiwiaWF0IjoxNjk0NDEzMzU0fQ.-bg_1nIVgNkEmWLDEivnXna4Lx0aT4qiOVSTSXCM_Gg
-content-type: application/json
-
-{
-    "name":"karim"
-}
+GET http://localhost:3000/collection/create/api
diff --git a/routes/index.js b/routes/index.js
index 5f38eb6..5bab889 100644
--- a/routes/index.js
+++ b/routes/index.js
@@ -1,8 +1,10 @@
 const express = require("express");
 const router = express.Router();
 const index_controller = require('../controllers/indexController')
+const authenticate = require('../helpers/auth')
+
 /* GET home page. */
-router.get("/",index_controller.index);
+router.post("/",authenticate,index_controller.index);
 
 //API Home page
 
diff --git a/routes/item.js b/routes/item.js
index 02682da..2eb4d79 100644
--- a/routes/item.js
+++ b/routes/item.js
@@ -20,7 +20,7 @@ router.get('/create',authenticate,item_controller.edit_get)
 router.post('/create',authenticate,upload.array('src',10),item_controller.edit_post)
 
 //creating  item
-router.get('/create/api',authenticate,item_controller.edit_get_api)
+router.get('/create/api',authenticate,item_controller.create_get_api)
 router.post('/create/api',authenticate,upload.array('src',10),item_controller.create_post_api)
 
 //editing item