I am building a website with Odoo, extending the website module and creating a custom theme, and my site will have restricted areas to logged users. My question is how to create a authentication for these users, avoiding them to acess the "backend"  of the Odoo. I need them to only acess the website, not the Odoo itself. Can I make the users of my website a kind of Odoo user, or do I need to separate Odoo users from website users? What is the best approach to my problem?