Restrict login if the user did not continue in the Login action

I am using the Option 3 described here.

However, if the user navigate away from the consent page to another area of the app they are already authenticated although they did not submit and agree to GDPR.

Any suggestions?