Glad that was it!
In this case, I would characterize this as “incorrect usage”. Trying to get a token and logging the user out at the same time is something that you would not see during regular usage, and whoever ends up writing to the database last “wins”.
So, make sure you don’t attempt these opposite things at the same time. Kind of a “Doctor it hurts when I do this” situation