From d8e9620ad12e8f4854d46492943eb5b899f01518 Mon Sep 17 00:00:00 2001
From: Kayne Ruse <kayneruse@gmail.com>
Date: Fri, 13 Aug 2021 20:58:52 +1000
Subject: [PATCH] Fixed a logout bug when the access token changes

---
 server/auth/index.js | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/server/auth/index.js b/server/auth/index.js
index 8ee96fb..f9e9610 100644
--- a/server/auth/index.js
+++ b/server/auth/index.js
@@ -19,12 +19,12 @@ router.post('/recover', require('./password-recover'));
 router.get('/reset', require('./password-redirect'));
 router.patch('/reset', require('./password-reset'));
 
+//logouts allowed when banned, and when the token itself is invalid
+router.delete('/logout', require('./logout'));
+
 //middleware
 router.use(tokenAuth);
 
-//logouts allowed when banned, still needs tokens
-router.delete('/logout', require('./logout'));
-
 router.use(async (req, res, next) => {
 	const record = await accounts.findOne({
 		where: {