Handle security schemas in OpenAPI generation

[codetheweb]

Similar to nextlove, we should allow authentication middleware to declare security schemas and output it in the generated OpenAPI spec.