From 6cd3e72e0927e37855001b8f5fa1d77c9939bf05 Mon Sep 17 00:00:00 2001 From: mattk42 Date: Tue, 14 Jul 2015 08:40:59 -0600 Subject: [PATCH] Check email validity on all requests rather than only on login/refresh --- oauthproxy.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/oauthproxy.go b/oauthproxy.go index 43d3e526..2c65131b 100644 --- a/oauthproxy.go +++ b/oauthproxy.go @@ -484,7 +484,7 @@ func (p *OauthProxy) Proxy(rw http.ResponseWriter, req *http.Request) { } } - if saveSession && session.Email != "" && !p.Validator(session.Email) { + if session != nil && session.Email != "" && !p.Validator(session.Email) { log.Printf("%s Permission Denied: removing session %s", remoteAddr, session) session = nil saveSession = false