I understand how to handle authentication with Supabase, but when it comes to implementing authorization, where I want to differentiate functionality based on roles, would it be best to create a separate table to store roles and then verify these roles in a Middleware.ts file? The environment is Next.js 14 with Supabase as the BaaS, and OAuth will also be handled using Supabase.