Are there examples of role-based authorization with Luminus? I have an idea of keeping a set of roles in the :identity key for the request/session, but I would like to compare other approaches for inspiration.