- When a user navigates to the login page provided by my frontend, they are redirected to the Google login page.
- He logs on with his Google ID and password and is forwarded to my front end by Google with a token.
- My frontend sends tokens and Google ID to my backend with a REST API. the backend asks google if this token is valid.
- If the token is valid, the backend stores the Google ID and the token in the session table that is in the database. it responds to the frontend with 200 OK.
The reason I'm not sure about this approach is that it is more inefficient than a monolith server, which is responsible for both rendering HTML and executing business logic from the backend. Is this approach correct? Or do you have a better approach to tell me?