Token timeout behaviour is annoying to users

We currently simply log the user out on timeout. Well, specifically, we log the user on the first 401 we get back from the API. This is sub-optimal both technically an in terms of user experience.

1. We should set a timeout (via setTimeout) on login to fire a callback before token expiry.
2. This should initiate login flow.
3. On login, we compare the logged in user token's subject to a cached subject. If mis-match, reset state as on logout and re-show login box, otherwise, user continues to use app happily.