Im making a website where it has a user registration. What I was going to do is when a user logs in with Google, it stores their details (ID, email, name, picture and G+ link) in a local database. Then every time the user connects to the website, it checks to see if the users ID is in the local database. If it is, they are logged in and can access all their details and the documents etc they have uploaded.
If they’re not, they can login.
Am I allowed to do this, or do I somehow have to authenticate the user on every page they visit and then find a way to link this to my local database?
I do not think you are allowed to store API information in your own database. On top of that, why would you go to such lengths to allow users to log in/access their documents. If you want to use their google info as login credentials all you have to do is instead of checking against your database, make an cURL call to google’s API and see if they return you a user. If so, create a session and allow the user to log in.