How to authenticate admin without revealing passwd

[Wordit Ltd <wo...@googlemail.com>]

I'm creating a couchapp and need to ensure that only admin can change
a user's details.
Problem is, I need admin to login to do that. How do I prevent the
admin's passwd being seen?
It's javascript, so isn't the login visible to all?

e.g. I need to use login to be allowed to SaveDoc:
CouchDB.login("admin","secret");
...SaveDoc({json});

Somebody on the list just mentioned using an additional frontend app
to only allow admin to make changes. I don't understand what that
requires, or whether it is right for my situation.

Marcus

p.s. Finally making some progress with CouchDB. Thanks for all the
help on this list.