There was an existing bug where by we decoded userID from the token without verifying who signed the token. With this, we have moved to using userProfile to get userID
Which issue(s) does this PR fix/relate to?
No issue
Have you included tests for your changes?
[x] Yes. Tested manually
[ ] No, and this is why:
Did you document any new/modified functionality?
[ ] Yes
[x] No, and this is why: there is no need for documentation at this moment
What type of PR is this?
What does this do?
There was an existing bug where by we decoded userID from the token without verifying who signed the token. With this, we have moved to using
userProfile
to get userIDWhich issue(s) does this PR fix/relate to?
No issue
Have you included tests for your changes?
Did you document any new/modified functionality?
Notes