Is "resources/videos/secure-db-login-with-rls" insecure?

Hello,

I was looking at the example in `resources/videos/secure-db-login-with-rls` but it is my understanding that all JS code added in Appsmith is executed on the front end and in this example is used to sign the JWT token. But anyone can manipulate the JS code running in their browser and gain access to any "account" of this app.

Is there something I am not seeing?
