Documentation do not talk about add token/refresh route to csrf exempt

[rfschubert]

The default API documentation explains how to configure the routes, but do not talk about add routes to csrf middleware.

New users may be lost when trying to configure it.

[nicolaipre]

Perhaps they could add a reference to https://docs.masoniteproject.com/security/csrf-protection#exempting-routes somewhere within the API docs.