JWT Verification Starter
Verify JWTs three ways - against a provider's JWKS (Auth0, Clerk, Cognito, Firebase), a static PEM public key, or an HS256 shared secret - then protect a real per-user Postgres resource scoped to the token's sub claim. Reference endpoints for every is_valid_jwt mode plus a working, owner-scoped notes API and a one-call multi:true migration.