How would I implement login only with Google OAuth. I do not want to store passwords and sensitive information (I would store email, name and profile photo ONLY) in my apps database (PostgreSQL).

Only specific people will have access to app, and I want them to login using google and that it checks if user has access.

I use Spring Boot for backend REST API, Angular for frontend, AWS for file storage and database and Gradle as build tool.

I watched some videos on youtube and read some articles on authentification in general but they weren't helpfull because they were not for my use case and used other tech stacks.

CodePudding user response：

Email, name and profile photo are all OpenID data. Your Angular app should access it from Google ID-token => do not store it in your own DB or you'll soon have data inconsitency (users updating their profile on google won't update your database).

Use angular-auth-oidc-client in your Angular app for users authentication, access & ID tokens acquisition and refreshing. This lib will also add access-token to all requests sent to configured routes: your resource-server will require it.

Configure your Spring REST API as a resource-server. Tutorials there.