public async Task <IActionResult> Logout()
{
// check for auth token, and add to revocation list
var tokenInfo = await HttpContext.AuthenticateAsync("Bearer");
if (tokenInfo != null)
{
var token = new JwtSecurityToken(claims: tokenInfo.Ticket.Principal.Claims);
_jwtManager.RevokeToken(token);
// remove cookie
HttpContext.Response.Cookies.Delete("Authorization");
}
return(Ok());
}