We'll need this because user interactive auth will get complicated and messy very soon.
This will be used for expiring sessions and tokens, among other things that need to happen periodically.
