I had made a little project: a login for a Drupal site with Angular. The main point is “security” so, for the side of Angular I tried Guards, on the side of Drupal, I use the OAuth standard. You can check the Github project here
So, for now, I am going to talk about how I configured the Drupal site for protecting data with the OAuth authentication, using the Simple OAuth module. Also, some testing with PostMan for sending the token or refreshing it.
In the angular side, I tried two approaches for “protecting” data, one simple was with Guards, and another one was, after Drupal token expires, intercept the 403 forbidden response, and send a refresh token, for update it, and be able to make a new request.
Personally, I don't like long guides with an infinite scroll, so, please, check the table of content, and if you like any of them, check it up. Good Luck and any feedback will be welcome!
Have a good luck, and remember to check the git repository