I was able to successfully login to my NiFi instance. I then shutdown and deleted the database_repository directory. Upon restart, I was able to login to NiFi, as the JWT token was no longer valid. However, going to /logout didn't remove the token either.
If the JWT Token is no longer valid when attempting to login, the endpoint should request that the cookie be deleted. In fact, going to /logout actually threw a NullPointerException.