How can I verify login using google api, oauth?



I want to use google oauth api to log in to the site which I create.

I use react and node and I'm done with getting current access_token issued but I'm not sure how to know if the user is logged in.

  • Should I check the user's access_token every time the user calls the api of my site?

  • If that's correct, should the access_token be held by the client?

  • Isn't that a security issue?

I did a lot of searching but I don't know how to manage access_token and how to check if user is logged in.

This is the article I referenced

Continue reading...