This repository was archived by the owner on Jan 24, 2019. It is now read-only.
This repository was archived by the owner on Jan 24, 2019. It is now read-only.
GitHub Authentication keeps valid after user is removed from org or team #643
Description
Good night,
I am using this tool to authenticate on Github... I did some tests and if I remove the access from a user the user keeps able to login into my application.
If the user keeps navigating in the page their session is kept valid during this time...
If the Cookie gets expired (User idle) then he is unable to login again...
So the issue is: The user permission is not refreshed while the cookie is valid.
Besides that, is there any way that I can delete the user token directly at the oauth2_proxy?