Protecting endpoints

So now that we're generating a token, and we're sending it to the consumer when they log in, we can protect an endpoins so that only an authorized user can access it by providing their token.

Let's begin by creating a new protected endpoint GET /users which will allow a user to fetch their own profile information including their name and email.