Auth Routes

[MatheusSanchez]

• Add authentication to all routes that are supposed to be logged in. ✅

Improvements

We could improve the routes now that we are using JWT tokens and limit API resource access.

• Do not allow a logged-in user to search for another user's info. #50

For example:

Currently, if you are logged in, you can search for a user using the get user by id route by passing another user's ID as a query parameter.

This happens because the route uses the JWT token just for authentication and not to search for the user.

This would also prevent us from needing to export the userId from the create-authenticate-user.ts file, which is used for our tests, and to complete the route path (through query parameters) in the tests.

• Do not return user info in the /login route #51
  Also, we should not return user info in the /login route, but that request needs to be aligned with the front-end, @pedrodecf.

These improvements are not done yet since they will require changing the URLs that the front-end sends to us. We are one day away from delivering the project, and including this PR, the routes are safe and without any security leaks.

Let's open an issue in the frontend and backend to address this smoothly
https://github.com/MatheusSanchez/orange-front