Why JWT token?

I'm planning to create a web application. For authentication, I want to use JWT token.

I have read everyone that is safe, but I don't understand why.

Let's say the user login and the server sends back the token. The user wants to see his/ her orders (its a webshop), so the frontend sends a query like

https://react-my-burger-21f7b.firebaseio.com/orders.json?auth=<TOKEN>&orderBy="userId"&equalTo=<USER_ID>

As the user can see the token in the console network tab He or she can make a query like

https://react-my-burger-21f7b.firebaseio.com/orders.json?auth=<TOKEN>

with this, he can see everyone's orders and even can manipulate this data.