diff --git a/packages/auth/src/index.js b/packages/auth/src/index.js
index 569456ea10..4aa2c8ab96 100644
--- a/packages/auth/src/index.js
+++ b/packages/auth/src/index.js
@@ -12,6 +12,7 @@ const {
   auditLog,
   tenancy,
   appTenancy,
+  authError,
 } = require("./middleware")
 const { setDB } = require("./db")
 const userCache = require("./cache/user")
@@ -60,6 +61,7 @@ module.exports = {
     buildTenancyMiddleware: tenancy,
     buildAppTenancyMiddleware: appTenancy,
     auditLog,
+    authError,
   },
   cache: {
     user: userCache,
diff --git a/packages/auth/src/middleware/index.js b/packages/auth/src/middleware/index.js
index 059f20af8b..cf8676a2bc 100644
--- a/packages/auth/src/middleware/index.js
+++ b/packages/auth/src/middleware/index.js
@@ -2,6 +2,7 @@ const jwt = require("./passport/jwt")
 const local = require("./passport/local")
 const google = require("./passport/google")
 const oidc = require("./passport/oidc")
+const { authError } = require("./passport/utils")
 const authenticated = require("./authenticated")
 const auditLog = require("./auditLog")
 const tenancy = require("./tenancy")
@@ -16,4 +17,5 @@ module.exports = {
   auditLog,
   tenancy,
   appTenancy,
+  authError,
 }
diff --git a/packages/auth/src/middleware/passport/google.js b/packages/auth/src/middleware/passport/google.js
index 07d6816c0b..cb93844c31 100644
--- a/packages/auth/src/middleware/passport/google.js
+++ b/packages/auth/src/middleware/passport/google.js
@@ -27,7 +27,11 @@ async function authenticate(accessToken, refreshToken, profile, done) {
  * from couchDB rather than environment variables, using this factory is necessary for dynamically configuring passport.
  * @returns Dynamically configured Passport Google Strategy
  */
-exports.strategyFactory = async function (config, callbackUrl) {
+exports.strategyFactory = async function (
+  config,
+  callbackUrl,
+  verify = authenticate
+) {
   try {
     const { clientID, clientSecret } = config
 
@@ -43,7 +47,7 @@ exports.strategyFactory = async function (config, callbackUrl) {
         clientSecret: config.clientSecret,
         callbackURL: callbackUrl,
       },
-      authenticate
+      verify
     )
   } catch (err) {
     console.error(err)
diff --git a/packages/auth/src/security/sessions.js b/packages/auth/src/security/sessions.js
index 328f74c794..83ca9d9bcd 100644
--- a/packages/auth/src/security/sessions.js
+++ b/packages/auth/src/security/sessions.js
@@ -30,6 +30,10 @@ exports.invalidateSessions = async (userId, sessionId = null) => {
     sessions.push({ key: makeSessionID(userId, sessionId) })
   } else {
     sessions = await getSessionsForUser(userId)
+    sessions.forEach(
+      session =>
+        (session.key = makeSessionID(session.userId, session.sessionId))
+    )
   }
   const client = await redis.getSessionClient()
   const promises = []