--- a/swtr/sampleConf.py
+++ /dev/null
@@ -1,5 +1 @@
-HOST='http://127.0.0.1'
-PORT=5000
-swtstoreURL='http://sweet/store/url'
-debug=True
--- /dev/null
+++ b/swtr/sample_config.py
@@ -1 +1,13 @@
+# the URL pointing to the sweet store this application will sweet to
+swtstoreURL = 'http://sweet/store/url'
+# the app_id or client_id you have recieved when you registered this
+# application to swtstore
+app_id = 'the app_id or client_id'
+# the app_secret or client_secret you have recieved when you registered this
+# application to swtstore
+app_secret = 'the app_secret or client_secret'
+# the URL at which your application is hosted
+# when you are deploying the app locally, by default this should be
+#redirect_uri = 'http://localhost:5000'
+redirect_uri = 'http://yourapplication.domain'
--- a/swtr/server.py
+++ b/swtr/server.py
@@ -2,34 +2,33 @@
 
 import flask
 from flask import session
-import conf
+import config
 import requests
 import json
 
 app = flask.Flask(__name__)
+app.config['SECRET_KEY'] = config.secret_key
 
-app.config['secret_key'] = "asdkasdiq2jedmaid0q2238uwadscksnc"
-app.secret_key = "asdkasdiq2jedmaid0q2238uwadscksnc"
 
-appID = 'YrYc9oMO7fT0avRUAtbRO1cLvoOUUI08BAuqOAJc'
-appSecret = 'r9BIYjYOPotMQUOoI98DmH7Eu1M4zg6cMeLay7LOlSsrF1KhKZ'
-
 @app.route('/', methods=['GET'])
 def index():
     auth_tok = None
     if flask.request.args.get('code'):
         payload = {
             'scopes': 'email sweet',
-            'client_secret': appSecret,
+            'client_secret': config.app_secret,
             'code': flask.request.args.get('code'),
-            'redirect_uri': 'http://localhost:5000/',
+            'redirect_uri': config.redirect_uri,
             'grant_type': 'authorization_code',
-            'client_id': appID
+            'client_id': config.app_id
         }
-        resp = requests.post('http://localhost:5001/oauth/token', data=payload)
+        # token exchange endpoint
+        oauth_token_x_endpoint = config.swtstoreURL + '/oauth/token'
+        resp = requests.post(oauth_token_x_endpoint, data=payload)
         auth_tok = json.loads(resp.text)
         print auth_tok
-        if auth_tok.has_key('error'):
+
+        if 'error' in auth_tok:
             print auth_tok['error']
             return flask.make_response(auth_tok['error'], 200)
 


@@ -42,11 +41,14 @@
 
     print auth_tok
     return flask.render_template('index.html',
-                                     access_token=auth_tok['access_token'],
-                                     refresh_token=auth_tok['refresh_token'],
-                                     url=flask.request.args.get('where'),
-                                     conf=conf)
+                                 access_token=auth_tok['access_token'],
+                                 refresh_token=auth_tok['refresh_token'],
+                                 config=config,
+                                 url=flask.request.args.get('where'))
 
+
+# if the app is run directly from command-line
+# assume its being run locally in a dev environment
 if __name__ == '__main__':
-    app.run(debug=conf.debug, host=conf.HOST, port=conf.PORT)
+    app.run(debug=True, host='0.0.0.0', port=5000)
--- a/swtr/static/js/swtmaker.js
+++ b/swtr/static/js/swtmaker.js
@@ -23,10 +23,14 @@
     if(swtr.access_token) {
       $('#signinview').html('Signing you in..');
       $.ajax({
-        url: 'http://localhost:5001/api/users/me?access_token='+
+        url: swtr.swtstoreURL()+'/api/users/me?access_token='+
           swtr.access_token,
         success: function(data) {
+          console.log(data.username);
           swtr.appView.userLoggedIn(data.username);
+        },
+        error: function() {
+          $('#signinview').html('Error signing in! Please try again');
         }
       });
     }
@@ -232,10 +236,10 @@
       }
 
       this.oauth = new Oauth({
-        app_id: 'YrYc9oMO7fT0avRUAtbRO1cLvoOUUI08BAuqOAJc',
-        app_secret: 'r9BIYjYOPotMQUOoI98DmH7Eu1M4zg6cMeLay7LOlSsrF1KhKZ',
-        endpoint: 'http://localhost:5001/oauth/authorize',
-        redirect_uri: 'http://localhost:5000/',
+        app_id: swtr.app_id,
+        app_secret: swtr.app_secret,
+        endpoint: swtr.swtstoreURL() + swtr.endpoints.auth,
+        redirect_uri: swtr.oauth_redirect_uri,
         scopes: 'email,sweet'
       });
     },
@@ -335,7 +339,6 @@
             $('#signin-msg').html('Error signing in. Please check your username and password. ');
           }
           else {
-            $('#signin-msg').html('Error signin in. Please try again. ');
           }
         }
       });
--- a/swtr/templates/index.html
+++ b/swtr/templates/index.html
@@ -51,11 +51,19 @@
 
     <script>
       window.swtr = window.swtr || {};
-      swtr.swtstoreURL = function() { return '{{ conf.swtstoreURL }}'; }
-      swtr.endpoints = {'get': '/api/sweets/q', 'post': '/api/sweets', 'auth':
-        '/authenticate', 'login': '/auth/login', 'logout': '/auth/logout'};
+      swtr.swtstoreURL = function() { return '{{ config.swtstoreURL }}'; }
+      swtr.endpoints = {
+        'get': '/api/sweets/q',
+        'post': '/api/sweets',
+        'auth': '/oauth/authorize',
+        'login': '/auth/login',
+        'logout': '/auth/logout'
+      };
       swtr.access_token = '{{ access_token }}';
       swtr.refresh_token = '{{ refresh_token }}';
+      swtr.app_id = '{{ config.app_id }}';
+      swtr.app_secret = '{{ config.app_secret }}';
+      swtr.oauth_redirect_uri = '{{ config.redirect_uri }}';
       window.onload = function() {
         swtr.init();
       };