What do we mean by authentication? What do we mean by authorization? What is JWT? What is bcrypt? What is mongoose-unique-validator? Why should you use HTTPS instead of HTTP? Is the code base the best place to store the JWT secret?