please review the section on security to make sure it's sane-sounding

[joshlong]

coverage on securing an app and using OAuth is mostly complete, but i'd love to have ur eagle eyes review

[rwinch]

@joshlong Ping me again on this issue once you have added the testing sections based upon #3