Sign-out

The API endpoint to sign out a user is declared in the following route.

mern-skeleton/server/routes/auth.routes.js:

router.route('/auth/signout').get(authCtrl.signout)

When the Express app gets a GET request at '/auth/signout', it executes the signout controller function.

mern-skeleton/server/controllers/auth.controller.js:

const signout = (req, res) => {
  res.clearCookie("t")
  return res.status('200').json({
    message: "signed out"
  })
}

The signout function clears the response cookie containing the signed JWT. This is an optional endpoint and not really necessary for auth purposes if cookies are not used at all in the frontend. With JWT, user state storage is the client's responsibility, and there are multiple options for client-side storage besides cookies. On sign-out, the client needs to delete the token on the client side to establish that the user is no longer authenticated.