Hello and welcome,
This is a very nice idea.
I tried having a look but I didn’t quite feel like signing up at this point.
If I understand correctly, the second app is an app that you would like your students to log into, and in that app the students would have access to various quizzes or other materials. Am I getting the general concept correct?
If so, any sensitive data, as well as checking for authentication and permission, should be handled on the server side (e.g., checking if a quiz question was correctly answered, etc…). The client side code is running in the browser and therefore is under the user’s control.
Please let us know if I have misunderstood the question.