Your app needs to make sure people sign up for accounts before viewing the awesome photo albums.
Security is at the api level.
Your app needs:
- Provide Sign-in and Sign-up capabilities
- Store the token and append to http requests
- Provide app level "protection" for states that require a token
- Direct user to sign-in/sign-up as appropriate
- Deal with potentially bad tokens
- sign-in/sign-up views and corresponding api calls: 5pts
- manage token: 1pts
- Good user experience: 4pts