Discussion around api_token provided in package

[bhushan]

• login and registration routes should not need token
• once we login or register we should get token in response specific to that user..
• then this token should be used to create projects ..

Not sure how that token is scoped in backend.. it might be security threat

Want to raise discussion around this topic so if needed it can be addressed..

[cindreta]

@bhushan I'm on this. I'll have this solved by tomorrow!