Lets change the token logic that we had to use jwts

• Add the jsonwebtoken library as a dependency - https://www.npmjs.com/package/jsonwebtoken
• Get rid of our generateToken function
• Create a JWT_SECRET variable
• Create a jwt for the user instead of generating a token

<aside> 💡

Notice we put the username inside the token. The jwt holds your state. You no longer need to store the token in the global users variable

</aside>

• In the /me endpoint, use jwt.verify to verify the token