pub fn validate_token(secret: &str, token: &str) -> Result<Claims, ApiError>
Validate a JWT and return the embedded claims.