Currently `anyone` can go to the test endpoint (when it's uncommented). Ideally that would only be accessible when config.debug == True or by entering an access key.
The key is being generated in the config file config.py#19, but need to implement the actual login requirement.