diff --git a/resources/scripts/admin/stores/auth.js b/resources/scripts/admin/stores/auth.js
index 08229eca..55321e1c 100644
--- a/resources/scripts/admin/stores/auth.js
+++ b/resources/scripts/admin/stores/auth.js
@@ -46,20 +46,29 @@ export const useAuthStore = (useWindow = false) => {
         return new Promise((resolve, reject) => {
           http
             .post('/auth/logout')
-            .then((response) => {
+            .then(async (response) => {
               const notificationStore = useNotificationStore()
               notificationStore.showNotification({
                 type: 'success',
                 message: 'Logged out successfully.',
               })
 
+              // Clear stored auth data so next login doesn't send stale tokens
+              window.Ls.remove('auth.token')
+              window.Ls.remove('selectedCompany')
+
+              // Refresh CSRF token so next login works cleanly
+              await http.get('/sanctum/csrf-cookie').catch(() => {})
+
               window.router.push('/login')
-                // resetStore.clearPinia()
               resolve(response)
             })
             .catch((err) => {
               handleError(err)
-              window.router.push('/')
+              window.Ls.remove('auth.token')
+              window.Ls.remove('selectedCompany')
+              http.get('/sanctum/csrf-cookie').catch(() => {})
+              window.router.push('/login')
               reject(err)
             })
         })
diff --git a/routes/web.php b/routes/web.php
index 2c27d156..577d9ebd 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -34,6 +34,9 @@ Route::post('login', [LoginController::class, 'login']);
 
 Route::post('auth/logout', function () {
     Auth::guard('web')->logout();
+
+    request()->session()->invalidate();
+    request()->session()->regenerateToken();
 });
 
 // Customer auth