For authentication and authorization processes, we can use OAuth 2.0 framework. It is an industry standard authorization protocol. This is a direct authentication pattern. So users can login using their other public profiles. No need to register and enter password. Because of that, this is often called the password anti-pattern. How Aouth works? When web application redirects a browser to a Google URLauthorization sequence begins; the URL includes query parameters that indicate the type of access being requested. Google manages the user authentication and session selection. The result is an authorization code, which the application can exchange for an access token and a refresh token [6]. Authentication process - source - https://developers.google.com/identity/protocols/OAuth2 The application should store the refresh token for future use and use the access token to access a Google API. Once the access token expires, the application uses the refresh token to o