Fixed error message when user clicks logout link after his session has been expired

CHANGELOG.md

@@ -4,6 +4,7 @@
 1. [](#bugfix)
     * Fixed `You have been logged out` message when entering to 2FA authentication due to `/admin/task:getNotifications` AJAX call
     * Fixed broken 2FA login when site is not configured to use Flex Users [#2109](https://github.com/getgrav/grav-plugin-admin/issues/2109)
+    * Fixed error message when user clicks logout link after his session has been expired
 
 # v1.10.10
 ## 04/07/2021

classes/plugin/Controllers/Login/LoginController.php

@@ -210,20 +210,14 @@ class LoginController extends AdminController
     }
 
     /**
-     * Handle logout when user isn't fully logged in.
+     * Handle logout when user isn't fully logged in or clicks logout after the session has been expired.
      *
      * @return ResponseInterface
      */
     public function taskLogout(): ResponseInterface
     {
-        try {
-            $this->checkNonce();
-        } catch (PageExpiredException $e) {
-            $this->setMessage($this->translate('PLUGIN_ADMIN.INVALID_SECURITY_TOKEN'), 'error');
-
-            return $this->createDisplayResponse();
-        }
-
+        // We do not need to check the nonce here as user session has been expired or user hasn't fully logged in (2FA).
+        // Just be sure we terminate the current session.
         $login = $this->getLogin();
         $event = $login->logout(['admin' => true], ['return_event' => true]);