The session based authentication and authorization backend.
(session-backend & [{:keys [unauthorized-handler authfn], :or {authfn identity}}])