diff --git a/deploy/logout.sql b/deploy/logout.sql
index c0a4523..9b55597 100644
--- a/deploy/logout.sql
+++ b/deploy/logout.sql
@@ -1,6 +1,7 @@
 -- Deploy numerus:logout to pg
 -- requires: schema_auth
 -- requires: user
+-- requires: current_app_user
 
 begin;
 
@@ -11,7 +12,9 @@ $$
 update "user"
 set cookie = default
   , cookie_expires_at = default
-where user_id = current_setting('request.user.id', true)::integer
+where cookie = current_app_user()
+  and cookie_expires_at > current_timestamp
+  and length(cookie) > 30
 $$
 language sql
 security definer
diff --git a/test/logout.sql b/test/logout.sql
index 0bc0776..2eb3c48 100644
--- a/test/logout.sql
+++ b/test/logout.sql
@@ -32,7 +32,7 @@ prepare user_cookies as
 select cookie, cookie_expires_at from "user" order by user_id
 ;
 
-select set_config('request.user.id', '0', false);
+select set_config('request.user.cookie', '', false);
 select lives_ok( $$ select * from logout() $$, 'Can logout “nobody”' );
 
 select results_eq(
@@ -43,7 +43,7 @@ select results_eq(
 	'Nothing changed'
 );
 
-select set_config('request.user.id', '1', false);
+select set_config('request.user.cookie', '8c23d4a8d777775f8fc507676a0d99d3dfa54b03b1b257c838', false);
 select lives_ok( $$ select * from logout() $$, 'Can logout the first user' );
 
 select results_eq(
@@ -54,7 +54,7 @@ select results_eq(
 	'The first user logged out'
 );
 
-select set_config('request.user.id', '12', false);
+select set_config('request.user.cookie', '0169e5f668eec1e6749fd25388b057997358efa8dfd697961a', false);
 select lives_ok( $$ select * from logout() $$, 'Can logout the second user' );
 
 select results_eq(