Please be sure to keep your admin private key and OAuth key a secret; don't commit them to Github, and take care to not expose them client-side.

I'll try to keep this updated on a best-effort basis, but no guarantees.

If you see a security flaw with this example, please let me know!