diff --git a/api/src/models/Blacklist.js b/api/src/models/Blacklist.js
new file mode 100644
index 0000000..a7d4c7f
--- /dev/null
+++ b/api/src/models/Blacklist.js
@@ -0,0 +1,9 @@
+const mongoose = require('mongoose');
+
+const blacklistSchema = new mongoose.Schema({
+  user_id: { type: String },
+  blacklistToken: { type: String },
+  time: { type: Date, default: Date.now },
+});
+
+module.exports = mongoose.model('Blacklist', blacklistSchema);
diff --git a/api/src/routes/auth/index.js b/api/src/routes/auth/index.js
index 7d5f35d..b8b63bb 100644
--- a/api/src/routes/auth/index.js
+++ b/api/src/routes/auth/index.js
@@ -1,5 +1,6 @@
 const express = require('express');
 const User = require('../../models/User');
+const Blacklist = require('../../models/Blacklist');
 const jwt = require('jsonwebtoken');
 
 const router = express.Router();
@@ -107,8 +108,38 @@ router.get('/callback', async (req, res) => {
     .redirect(DASHBOARD_URL);
 });
 
-router.get('/signout', (req, res) => {
-  res.clearCookie('token').sendStatus(200);
+router.get('/signout', async (req, res) => {
+  const token = req.cookies.token;
+
+  // Clear cookie regardless of token presence
+  if (!token) {
+    res.clearCookie('token', { httpOnly: true, secure: true });
+    return res.status(200).json({ message: 'Successfully logged out. No active session found.' });
+  }
+
+  try {
+    // Verify the token
+    const savedToken = await Blacklist.findOne({ blacklistToken: token });
+    if (savedToken) {
+      res.clearCookie('token', { httpOnly: true, secure: true });
+      return res.status(200).json({ message: 'Successfully logged out. Active session found and already blocked.' });
+    }
+    const decodedToken = jwt.verify(token, process.env.JWT_SECRET);
+
+    // Add token to blacklist
+    await Blacklist.create({ blacklistToken: token, user_id: decodedToken.id });
+
+    res.clearCookie('token', { httpOnly: true, secure: true });
+    return res.status(200).json({ message: 'Successfully logged out.' });
+  } catch (err) {
+    // Handle invalid token or verification errors
+    if (err) {
+      res.clearCookie('token', { httpOnly: true, secure: true });
+      return res.status(200).json({ message: 'Successfully logged out. Invalid or expired session token.' });
+    }
+
+    return res.status(500).json({ message: 'Error during logout. Please try again later.' });
+  }
 });
 
 module.exports = router;