Once a web application user is logged in using OpenID Connect, the state of his session must be regularly checked (see OpenID Connect Session Management).
When a session has expired, a silent renewal can be performed or a simple redirect to the logout page instead.
We could use the oicd-client.js library to ease the implementation.