Added configuration wrappers, authentication options and authentication documentation

src/HopFrame.Security/Authentication/HopFrameAuthentication.cs

@@ -17,23 +17,23 @@ public class HopFrameAuthentication(
     UrlEncoder encoder,
     ISystemClock clock,
     ITokenRepository tokens,
-    IPermissionRepository perms)
+    IPermissionRepository perms,
+    IOptions<HopFrameAuthenticationOptions> tokenOptions)
     : AuthenticationHandler<AuthenticationSchemeOptions>(options, logger, encoder, clock) {
 
-    public const string SchemeName = "HopCore.Authentication";
-    public static readonly TimeSpan AccessTokenTime = new(0, 0, 5, 0);
-    public static readonly TimeSpan RefreshTokenTime = new(30, 0, 0, 0);
+    public const string SchemeName = "HopFrame.Authentication";
 
     protected override async Task<AuthenticateResult> HandleAuthenticateAsync() {
         var accessToken = Request.Cookies[ITokenContext.AccessTokenType];
         if (string.IsNullOrEmpty(accessToken)) accessToken = Request.Headers[SchemeName];
         if (string.IsNullOrEmpty(accessToken)) accessToken = Request.Headers["Token"];
+        if (string.IsNullOrEmpty(accessToken)) accessToken = Request.Query["token"];
         if (string.IsNullOrEmpty(accessToken)) return AuthenticateResult.Fail("No Access Token provided");
 
         var tokenEntry = await tokens.GetToken(accessToken);
         
         if (tokenEntry is null) return AuthenticateResult.Fail("The provided Access Token does not exist");
-        if (tokenEntry.CreatedAt + AccessTokenTime < DateTime.Now) return AuthenticateResult.Fail("The provided Access Token is expired");
+        if (tokenEntry.CreatedAt + tokenOptions.Value.AccessTokenTime < DateTime.Now) return AuthenticateResult.Fail("The provided Access Token is expired");
         
         if (tokenEntry.Owner is null)
             return AuthenticateResult.Fail("The provided Access Token does not match any user");