public function logout(HttpServletRequestInterface $servletRequest)
{
// remove user principal and authentication method from request
$servletRequest->setUserPrincipal();
$servletRequest->setAuthType();
// destroy the session explicit
if ($session = $servletRequest->getSession()) {
$session->destroy('Explicit logout by user!');
}
}