Server needs to allow users to login. Once logged in, we'll provide a token to the client side that is unique.

Subsequent requests will pass in the token and we'll authenticate the tokens.

/login will take in email, password and generate an auth token for you. You'll need to pass the token on most future requests, but can pass it in on any requests.