If the user's supplied session token expires whilst logged in, they won't find out until they next attempt to turn the VPN on, at which point they need to then log out, and log back in.
We should instead check if the token is expired when the app starts, and sign the user out if it is.