You're correct, there is no way to do that out of the box.
The only way I can think of would be to use a reverse proxy and catch when the user uses the logout button with a rewrite rule to redirect to a custom page in the authentication module used to log out from the module.
Let the authentication module clear the session cookie. (Possibly after first running DELETE https://<server>/<v.proxy>/qps/user, with the user's session cookie, although the browser should have already done this.) And finally let the request return a redirect to a nice landing/login page. (Since the standard Qlik logout page is now hijacked.)