public static function logout()
{
// remove all rows owned by the current user
BackendModel::get('database')->delete('users_sessions', 'session_id = ?', \SpoonSession::getSessionId());
// reset values. We can't destroy the session because session-data can be used on the site.
\SpoonSession::set('backend_logged_in', false);
\SpoonSession::set('backend_secret_key', '');
\SpoonSession::set('csrf_token', '');
}