diff --git a/src/controller/authorization.ts b/src/controller/authorization.ts
index cf9cccf..6281d0d 100644
--- a/src/controller/authorization.ts
+++ b/src/controller/authorization.ts
@@ -154,18 +154,6 @@ export const authorization = wrap(async (req, res) => {
       return oauth2.decision(req, res, client, scope, user, redirectUri);
   }
 
-  // Consent pushed, ensure valid session
-  const {
-    session: { csrf },
-  } = req;
-  if (
-    req.method === 'POST' &&
-    csrf &&
-    !(req.body.csrf && req.body.csrf === csrf)
-  ) {
-    throw new InvalidRequest('Invalid session');
-  }
-
   // Save consent
   if (!consented) {
     if (!req.body || typeof req.body.decision === 'undefined') {
diff --git a/src/types/express/index.d.ts b/src/types/express/index.d.ts
index d58052e..73e4bb4 100644
--- a/src/types/express/index.d.ts
+++ b/src/types/express/index.d.ts
@@ -7,9 +7,3 @@ declare global {
     }
   }
 }
-
-declare module 'express-session' {
-  interface SessionData {
-    csrf: string;
-  }
-}