Hi @dylanswartz 
In addition to logins, the Post-Login Flow Auth0 Actions also execute when re-authenticating user sessions via refresh token rotations requests ( oauth2-refresh-token event transaction protocol) & silent authentication requests ( prompt=none in /authorize requests)
Depending on your implementation of Auth0, there may be other protocols that are triggering your Post-Login action that I didn’t take into account when writing the conditional. Sorry!
Take a look at the available protocols in the event.transaction object here: Actions Triggers: post-login - Event Object
There is also this existing feedback post that may interest you, if you’d like to vote on it.