If ArangoDB is used with authentication enabled, I think it's important that a user can log out, and close the session.

Just closing the tab for example, doesn't actually log out. If revisiting the web interface, the browser will reuse the old session. This is potentially a user-side security issue.