Storing invalid session IDs after logout
This version now stored the invalid session IDs after a user logs out, so clients can not use old session cookies to access protected routes
This version now stored the invalid session IDs after a user logs out, so clients can not use old session cookies to access protected routes