That’s a difference between v3 and v5, user_id field was added to the root endpoint. Although if the username does match what you’re expecting, it should work. As for the garbage in body, it’s probably gzipped and wasn’t decompressed by Request/node. Seems to happen sometimes with the 401 response.
As far as I can tell though, your app should work…