Task
Build a small `check_jwt(token, now)` helper that ties 4 module-2 ideas together:
1. **Format** β must have exactly 3 dot-separated parts; else return None.
2. **Decode payload** β middle segment is base64url-encoded JSON.
3. **Expiry** β payload `exp` (unix seconds) must be > `now`; else None.
4. **Subject** β return `payload["sub"]` (the user_id).
The `now` parameter is injected so tests stay deterministic β a fake-clock pattern you'll reuse in module 3.
The harness prints results for: valid token / expired / malformed (only 2 parts) / missing exp.