:sparkles: Finished latest implementation of session/access auth

backend/lib/routes/profile/get.js

     options: {
         ...pluginConfig.docs,
         tags: ['api'],
-        /** Protect this route with authentication? */
-        // TODO: change this once sessionToken is passed in headers
-        auth: false,
-        // auth: 'default_jwt',
+        auth: 'default_jwt',
         cors: true,
         handler: async function (request, h) {
             const { profile_id } = request.params

backend/lib/routes/user/list-profiles.js

     options: {
         ...pluginConfig.docs,
         tags: ['api'],
-        /** Protect this route with authentication? */
-        // TODO: change this once sessionToken is passed in headers
-        auth: false,
-        // auth: 'default_jwt',
+        auth: 'default_jwt',
         cors: true,
         handler: async function (request, h) {
             const { userService, profileService } = request.server.services()

backend/lib/routes/user/user-by-email.js

     options: {
         ...pluginConfig.docs.get,
         tags: ['api'],
-        auth: false,
-        // TODO: change this once sessionToken is passed in headers
-        // auth: 'default_jwt',
+        auth: 'default_jwt',
         cors: true,
         handler: async function (request, h) {
             const email = request.params.email

backend/lib/services/user.js

     }
 
     /**
-     * Use knew to find first user with useremail
+     * Use to find first user with useremail
      * @param {*} username
      * @param {*} txn
      * @returns

frontend/src/services/profile.service.js

  * @param {number} userId
  * @returns {array} instantiated Profile objects (see: /entites/profile)
  */
-const fetchProfilesByUserId = async userId => {
-    const profilesForUserId = await db.get(`/user/${userId}/profiles`)
+const fetchProfilesByUserId = async (userId, sessionToken) => {
+    const profilesForUserId = await db.get(
+        `/user/${userId}/profiles`,
+        sessionToken,
+    )
     const validProfileInstances = []
     for (let profileData of profilesForUserId) {
         const profile = new Profile(profileData)
     return profile
 }
 
-const fetchProfileByProfileId = async profileId => {
+const fetchProfileByProfileId = async (profileId, sessionToken) => {
     let profile
     try {
-        const profileData = await db.get(`/profile/${profileId}`)
+        const profileData = await db.get(`/profile/${profileId}`, sessionToken)
         profile = new Profile(profileData)
         if (!profile.isValid()) {
             throw '[Profile Service error]: Invalid or incomplete profile returned.'

frontend/src/services/user.service.js

     return await db.post(`/user/signup`, payload)
 }
 
-const fetchUserByEmail = async userEmail => {
-    return await db.get(`/user/fetchbymail/${userEmail}`)
+const fetchUserByEmail = async (userEmail, sessionToken) => {
+    return await db.get(`/user/fetchbymail/${userEmail}`, sessionToken)
 }
 
 export { signupUser, fetchUserByEmail }

frontend/src/views/OnboardingView.vue

             // TODO: Validate All routes hit by these methods using tokens in headers
             // NOTE: This can be accomplished using sessionData.sessionToken,
             // as it currently has the raw session token in it
-            const userId = await this.grabUserIdByEmail(sessionData.email)
-            currentProfileId = await this.grabProfileIdByUserId(userId)
+            const userId = await this.grabUserIdByEmail(
+                sessionData.email,
+                sessionData.sessionToken,
+            )
+            currentProfileId = await this.grabProfileIdByUserId(
+                userId,
+                sessionData.sessionToken,
+            )
             this.responses = await this.grabResponsesByProfileId(
                 currentProfileId,
+                sessionData.sessionToken,
             )
             this.currentStep = this.responses.length + 3
             this.goToStep(this.currentStep)
                 return validatedToken
             }
         },
-        async grabUserIdByEmail(email) {
-            const user = await fetchUserByEmail(email)
+        async grabUserIdByEmail(email, sessionToken) {
+            const user = await fetchUserByEmail(email, sessionToken)
             if (!user) {
                 throw new Error('User NOT found by email')
             } else return user.user_id
         },
-        async grabProfileIdByUserId(userId) {
-            const profilesFromUserId = await fetchProfilesByUserId(userId)
+        async grabProfileIdByUserId(userId, sessionToken) {
+            const profilesFromUserId = await fetchProfilesByUserId(
+                userId,
+                sessionToken,
+            )
             if (
                 profilesFromUserId.length === 1 &&
                 profilesFromUserId.status !== 401
                 throw new Error('No Profile for User ID found')
             }
         },
-        async grabProfileByProfileId(profileId) {
-            const profile = await fetchProfileByProfileId(profileId)
+        async grabProfileByProfileId(profileId, sessionToken) {
+            const profile = await fetchProfileByProfileId(
+                profileId,
+                sessionToken,
+            )
             if (!profile || profile.status === 401) {
                 throw new Error(`No Profile Found for profileId ${profileId}`)
             } else {
                 return profile
             }
         },
-        async grabResponsesByProfileId(profileId) {
+        async grabResponsesByProfileId(profileId, sessionToken) {
             const responses = []
-            const profile = await this.grabProfileByProfileId(profileId)
+            const profile = await this.grabProfileByProfileId(
+                profileId,
+                sessionToken,
+            )
             if (!profile.responses.length || profile.responses.status === 401) {
                 throw new Error(`No Responses Found for profileId ${profileId}`)
             } else {