Private repository is still accessible to a collaborator on Sourcegraph until signing out and back in

Created by: chrismwendt

This happens on both granting and revoking access - I have to sign out and back in to get the change in permission to take effect.

• Image sourcegraph/server@sha256:fc7c6d14bbfe3632ce27bca5b16c2099ea473ede4d03faf246ee22be64e87839 (Jan 13)
• Add a GitHub external service
• Set the ttl to 1s
• Add a GitHub authentication provider https://docs.sourcegraph.com/admin/repo/permissions#github
• Enable a private repository someuser/someprivaterepo
• Add a random user (like sourcegraph-bot) as a collaborator
• Sign into GitHub as sourcegraph-bot and visit the private repository and accept the invitation
• As sourcegraph-bot, visit http://localhost:7080/github.com/someuser/someprivaterepo and make sure the repository is accessible
• Sign into GitHub as yourself and revoke access to someuser/someprivaterepo from sourcegraph-bot
• Wait a few seconds then refresh the page at http://localhost:7080/github.com/someuser/someprivaterepo while signed in as sourcegraph-bot
• Notice sourcegraph-bot still has access, when you'd expect sourcegraph-bot to see a 404
• Sign out and back in
• Notice http://localhost:7080/github.com/someuser/someprivaterepo now 404s