pub fn unverified_user_id(token: &str) -> Result<Uuid, Error>Expand description
Reads the sub (user id) from a token WITHOUT verifying its signature.
This is a routing hint ONLY: it tells the verifier whose public key to fetch.
The token MUST then be re-verified with that key via verify_jwt_token —
an attacker can set any sub, but a token signed with the wrong key fails
that real verification. Never trust the result for authorization.
§Errors
Returns the underlying JWT decode error if the token is structurally invalid
or its sub is not a UUID.