Feature Request: Handing third party tokens

[richardvanbergen]

I'm trying to handle access and refresh tokens for the discord provider so that I can query the discord API.

The issue is that although Lucia has logic inside of it for getting and refreshing the access token, as far as I can tell it's only called once: when the user session is created to get the provider information.

So in order for me to actually use the discord API I have to:

1. Store the tokens in another model in the callback
2. Create a custom function to get tokens within my application that handles the refresh token

I don't want to add the to the user attributes in case I accidentally leak them.

It's not a huge amount of work for me but it would be really amazing if Lucia had a mechanism for handling third party tokens when using the oAuth providers. Just a nice convenience method that tracks them.

I'd be willing to help if need be. Thanks for the really cool library!