Logout using FeathersJS REST API

Question

Using freshly generated FeathersJS application (local auth), I am doing following REST api calls with following behaviour:

1. GET /users - it FAILS with not-authorized
2. POST /authentication with username and password - successful
3. GET /users - it SUCCEEDS and returns list of users
4. DELETE /authentication - returns auth object, no error messages (and on server side logout event is generated)
5. GET /users - it SUCCEEDS and returns list of users

expected result from my side is that on step 5 I would get not-authorized error, as JWT token would be expired after logout on server side.

what am I doing wrong? how can I logout user properly using just REST api, so token would be invalidated? or authentication is meant to be used only in conjunction with FeathersJS client libraries?

p.s. I am trying out FeathersJS as a potential solution for backend REST API for my Flutter app. Hence I am interested only in server side implementation of FeathersJS.

Answer 1

FeathersJS is stateless. So, in your client, just set your access token to null.