diff --git a/controllers/status.js b/controllers/status.js
index 9e925c4..bfc07cd 100644
--- a/controllers/status.js
+++ b/controllers/status.js
@@ -21,7 +21,7 @@ module.exports = {
      * @param res
      */
     get: async (req, res) => {
-        const user = req.oidc ? await req.oidc.fetchUserInfo() : { email: 'admin' };
+        const user = req.oidc ? req.user : { email: 'admin' };
 
         res.render('status', {
             baseUrl: req.headers['x-ingress-path'] ? req.headers['x-ingress-path'] : '',
diff --git a/controllers/voucher.js b/controllers/voucher.js
index b70042b..6923af7 100644
--- a/controllers/voucher.js
+++ b/controllers/voucher.js
@@ -77,7 +77,7 @@ module.exports = {
                 return;
             }
 
-            const user = req.oidc ? await req.oidc.fetchUserInfo() : { email: null };
+            const user = req.oidc ? req.user : { email: null };
             const voucherNote = `${req.body['voucher-note'] !== '' ? req.body['voucher-note'] : ''}||;;||web||;;||${req.oidc ? 'oidc' : 'local'}||;;||${req.oidc ? user.email.split('@')[1].toLowerCase() : ''}`;
 
             // Create voucher code
diff --git a/controllers/vouchers.js b/controllers/vouchers.js
index 1304f01..5e31d73 100644
--- a/controllers/vouchers.js
+++ b/controllers/vouchers.js
@@ -59,7 +59,7 @@ module.exports = {
             return;
         }
 
-        const user = req.oidc ? await req.oidc.fetchUserInfo() : { email: 'admin' };
+        const user = req.oidc ? req.user : { email: 'admin' };
 
         res.render('voucher', {
             baseUrl: req.headers['x-ingress-path'] ? req.headers['x-ingress-path'] : '',
diff --git a/middlewares/authorization.js b/middlewares/authorization.js
index 8a5fa72..09495c8 100644
--- a/middlewares/authorization.js
+++ b/middlewares/authorization.js
@@ -51,6 +51,15 @@ module.exports = {
         // Check if OIDC is enabled then verify user status
         if(variables.authOidcEnabled) {
             oidc = req.oidc.isAuthenticated();
+
+            // Retrieve user info/verify user session is still valid
+            req.user = await req.oidc.fetchUserInfo().catch(() => {
+                res.redirect(302, `${req.headers['x-ingress-path'] ? req.headers['x-ingress-path'] : ''}/login`);
+            });
+
+            if(!req.user) {
+                return;
+            }
         }
 
         // Check if user is authorized by a service