Users should not be allowed to insert questions unless they are an admin. This needs to be specified in the JWT.