From c8693070a8fce129ed9c0a4e2d52af236b5a4bd5 Mon Sep 17 00:00:00 2001
From: leoMehlig <leo@leomehlig.com>
Date: Thu, 9 May 2024 13:19:13 +0200
Subject: [PATCH 1/2] Logout should always reset the session.

---
 Sources/Auth/AuthClient.swift | 24 ++++++++++++++----------
 1 file changed, 14 insertions(+), 10 deletions(-)

diff --git a/Sources/Auth/AuthClient.swift b/Sources/Auth/AuthClient.swift
index 6eb0cad1..dcf63887 100644
--- a/Sources/Auth/AuthClient.swift
+++ b/Sources/Auth/AuthClient.swift
@@ -698,15 +698,24 @@ public final class AuthClient: Sendable {
   /// If using ``SignOutScope/others`` scope, no ``AuthChangeEvent/signedOut`` event is fired.
   /// - Parameter scope: Specifies which sessions should be logged out.
   public func signOut(scope: SignOutScope = .global) async throws {
-    do {
-      // Make sure we have a valid session.
-      _ = try await sessionManager.session()
+    let accessToken = currentSession?.accessToken
+
+    if scope != .others {
+        await sessionManager.remove()
+        eventEmitter.emit(.signedOut, session: nil)
+    }
+
+    guard let accessToken else {
+        throw AuthError.sessionNotFound
+    }
 
-      try await api.authorizedExecute(
+    do {
+      _ = try await api.execute(
         .init(
           url: configuration.url.appendingPathComponent("logout"),
           method: .post,
-          query: [URLQueryItem(name: "scope", value: scope.rawValue)]
+          query: [URLQueryItem(name: "scope", value: scope.rawValue)], 
+          headers: [.init(name: "Authorization", value: "Bearer \(accessToken)")]
         )
       )
     } catch {
@@ -720,11 +729,6 @@ public final class AuthClient: Sendable {
         throw error
       }
     }
-
-    if scope != .others {
-      await sessionManager.remove()
-      eventEmitter.emit(.signedOut, session: nil)
-    }
   }
 
   /// Log in an user given a User supplied OTP received via email.

From 99a7780decb06cb26e1d58cbbf67b82200d8e742 Mon Sep 17 00:00:00 2001
From: Leo Mehlig <leo@leomehlig.com>
Date: Fri, 10 May 2024 14:33:15 +0200
Subject: [PATCH 2/2] Update Sources/Auth/AuthClient.swift

Co-authored-by: Guilherme Souza <grsouza@pm.me>
---
 Sources/Auth/AuthClient.swift | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/Sources/Auth/AuthClient.swift b/Sources/Auth/AuthClient.swift
index dcf63887..7f46fcaa 100644
--- a/Sources/Auth/AuthClient.swift
+++ b/Sources/Auth/AuthClient.swift
@@ -698,17 +698,16 @@ public final class AuthClient: Sendable {
   /// If using ``SignOutScope/others`` scope, no ``AuthChangeEvent/signedOut`` event is fired.
   /// - Parameter scope: Specifies which sessions should be logged out.
   public func signOut(scope: SignOutScope = .global) async throws {
-    let accessToken = currentSession?.accessToken
+    guard let accessToken = currentSession?.accessToken else {
+        configuration.logger?.warning("signOut called without a session")
+        return
+    }
 
     if scope != .others {
         await sessionManager.remove()
         eventEmitter.emit(.signedOut, session: nil)
     }
 
-    guard let accessToken else {
-        throw AuthError.sessionNotFound
-    }
-
     do {
       _ = try await api.execute(
         .init(