Protecting routes with express-jwt

To protect access to the read, update, and delete routes, the server will need to check that the requesting client is actually an authenticated and authorized user.

To check if the requesting user is signed in and has a valid JWT when a protected route is accessed, we will use the express-jwt module.

The express-jwt module is middleware that validates JSON Web Tokens. Run npm install express-jwt --save from the command line to install express-jwt.