To protect access to the read, update, and delete routes, the server will need to check that the requesting client is actually an authenticated and authorized user.
To check if the requesting user is signed in and has a valid JWT when a protected route is accessed, we will use the express-jwt module.