Update readme to mention that maybe it's necessary to be logged in now

[colobas]

Hi. I can't get an access token. I checked the code, and from what I understand the flow is:

1. with the consumer key, request a request_token
2. user auths with the given request_token on the browser
3. after user authenticates, request an access_token

I tried reproducing this flow manually (calling all the involved functions by hand) and it's clear that the problem arises when requesting the access_token, the response is always a 403 (forbidden).

Is it possible that the authentication flow of Pocket changed and the authentication of the request_token isn't complete? I checked the authorized apps on my pocket profile and the app is listed there, so it's weird to me that we're getting this 403

[colobas]

I just noticed the X-Error-Code is 158, which according to the docs means "User rejected code"

[colobas]

Ok after trying a while I did get it to work, but not from a logged-out user. I had to be logged-in.

[alphapapa]

Maybe that means that they fixed a bug on their end, because as it says in the readme, it used to only work when logged out. sigh I guess I'd better update the readme...