Why AuthUserSession.OnLogout is triggered for non-existing session

We’re using SS custom authentication. We’ve registered our typed session object and handle logout logic in OnLogout() override.
However, we see that this method is called even when there is no valid session exist. Usually, a client sends logout on window closing. It’s possible to open a window (see login screen) and then instead of authenticating, just to close it. As result we still have OnLogout() method called.

Is it possible to make it called only for valid sessions? Is there another mechanism to do actions on (valid) logout?

Thank you,

It shouldn’t be limited if there’s an explicit logout action, the Logout event shouldn’t get lost.

To prevent it, you can only call logout for valid sessions on the client or check IsAuthenticated in the event on the server.