When logging out, do we need to call one or both of the following?
As suggested here:
request()->user()->currentAccessToken()->delete();
