test: add tests for authorization

[claymcleod]

We should test that including the Bearer token gives you responses and omitting it gives you a forbidden response.

[raman976]

hey @claymcleod, I have made a PR for this issue please review it and tell me if anything needs to be changed.