[FEATURE] Destroy session explicitly in logout
This change moves the call to Session->destroy() from a signal
to the AuthenticationProviderManager that already has the current
session as a dependency.
The "emitLoggedOut" signal is emitted before the session is
destroyed to allow other slots to inspect the session.