调用 logout、refresh 方法后，旧的 token 为什么还能正常使用？

为什么调用logout、refresh方法之后，当前token还是可以继续使用，求指点。

routes/api.php

//需要TOKEN的接口
        $api->group(['middleware' => ['auth:admin_api', 'serializer:array']], function ($api) {
        ...
        }

config/jwt.php

    'ttl' => env('JWT_TTL', 60),
    'refresh_ttl' => env('JWT_REFRESH_TTL', 20160),

Http/Controllers/AuthorizationsController.php

  public function destroy()
    {
        auth($this->getGuardApiKey())->logout();
    }

    public function store(AuthorizationRequest $request)
    {
        $credentials = $request->only('username', 'password');

        if (!$token = auth($this->getGuardApiKey())->attempt($credentials)) {
            return $this->response()->error(trans('auth.failed'), 401);
        }

        $admin = auth($this->getGuardApiKey())->user();
        event(new AdminLoginEvent($admin));
        return $this->respondWithToken($token, $request->username);

    }