Please add session as a middleware in droplet.json

[Aman-US-Punjabi]

https://github.com/anthonycastelli/Vapor-JWTAuthorization/blob/master/Config/droplet.json#L35

Also, I tried to logout but still after logging out, I'm able to access Secured Routes, dont know what to do, any clue?

Thanks for your time.

[rgkobashi]

@Aman-US-Punjabi I ran into the same problem, I am assuming you are still sending the token on the request after logging out (like me), if so, the PayloadAuthenticationMiddleware will authenticate him again (you can see that on the source code). And it will succeed because the token is still valid, what you can do is when the user logs out, invalidate that token. There is a lot of information about how to invalidate tokens. I will write it here but I'm still looking into that 😅