Great job if you have made it this far, as you have not only added authentication and registration to your app but also created a web app that can be used by multiple users to create Shopping Lists and items that only they can view and edit. The way users stay authenticated on the web is due to sessions, and they do not need to enter their password for every request they make. This is possible due to browsers storing the session token in the cookie of the browser, which gets sent to the server every time a request is made. Using the token in the cookie, it is able to decipher the user making the request by looking it up in the in-memory sessions dictionary. So this works seamlessly in the browser, but, for mobile apps making the request, there is no cookie or way to store the cookie.

For such apps, we need a different type of authentication system, which is called token-based authentication where we will send a token similar to the token stored in...