in the main view add a simple timer that checks every 5 minutes if the user is still logged in. This probably will require a special endpoint that checks to see if the cookie for securesocial is still valid WITHOUT renewing it. If token is expired refresh page (which might result in the login page showing).