diff --git a/plugin/remote/gitlab/gitlab.go b/plugin/remote/gitlab/gitlab.go
index 155d0d7f..6bdbd0de 100644
--- a/plugin/remote/gitlab/gitlab.go
+++ b/plugin/remote/gitlab/gitlab.go
@@ -266,7 +266,11 @@ func (r *Gitlab) OpenRegistration() bool {
 }
 
 func (r *Gitlab) GetToken(user *model.User) (*model.Token, error) {
-	expiry := time.Now().Truncate(7200 * time.Second)
+	expiry := time.Unix(user.TokenExpiry, 0)
+	if expiry.Sub(time.Now()) > (60 * time.Second) {
+		return nil, nil
+	}
+
 	t := &oauth.Transport{
 		Config: NewOauthConfig(r, ""),
 		Token: &oauth.Token{
@@ -283,5 +287,6 @@ func (r *Gitlab) GetToken(user *model.User) (*model.Token, error) {
 	var token = new(model.Token)
 	token.AccessToken = t.Token.AccessToken
 	token.RefreshToken = t.Token.RefreshToken
+	token.Expiry = t.Token.Expiry.Unix()
 	return token, nil
 }
diff --git a/server/datastore/database/database.go b/server/datastore/database/database.go
index 6ca59d66..49237181 100644
--- a/server/datastore/database/database.go
+++ b/server/datastore/database/database.go
@@ -38,6 +38,7 @@ func Connect(driver, datasource string) (*sql.DB, error) {
 	var migrations = []migration.Migrator{
 		migrate.Setup,
 		migrate.Migrate_20142110,
+		migrate.Migrate_20152701,
 	}
 	return migration.Open(driver, datasource, migrations)
 }
diff --git a/server/datastore/migrate/migrate.go b/server/datastore/migrate/migrate.go
index 42a3c57c..9c8b14fc 100644
--- a/server/datastore/migrate/migrate.go
+++ b/server/datastore/migrate/migrate.go
@@ -39,6 +39,20 @@ func Migrate_20142110(tx migration.LimitedTx) error {
 	return nil
 }
 
+// Migrate_20142110 is a database migration on Oct-10 2014.
+func Migrate_20152701(tx migration.LimitedTx) error {
+	var stmts = []string{
+		addUserTokenExpires, // index the commit table repo_id column
+	}
+	for _, stmt := range stmts {
+		_, err := tx.Exec(transform(stmt))
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
 var userTable = `
 CREATE TABLE IF NOT EXISTS users (
 	 user_id           INTEGER PRIMARY KEY AUTOINCREMENT
@@ -144,3 +158,7 @@ CREATE TABLE IF NOT EXISTS blobs (
 	,UNIQUE(blob_path)
 );
 `
+
+var addUserTokenExpires = `
+ALTER TABLE users ADD COLUMN user_access_expires INTEGER
+`
diff --git a/server/handler/commit.go b/server/handler/commit.go
index edd0b9fa..d0c341c0 100644
--- a/server/handler/commit.go
+++ b/server/handler/commit.go
@@ -103,6 +103,7 @@ func PostCommit(c web.C, w http.ResponseWriter, r *http.Request) {
 	if user_token != nil {
 		owner.Access = user_token.AccessToken
 		owner.Secret = user_token.RefreshToken
+		owner.TokenExpiry = user_token.Expiry
 		datastore.PutUser(ctx, owner)
 	} else if err != nil {
 		w.WriteHeader(http.StatusBadRequest)
diff --git a/server/handler/hook.go b/server/handler/hook.go
index e506deb3..1b46ceb2 100644
--- a/server/handler/hook.go
+++ b/server/handler/hook.go
@@ -81,6 +81,7 @@ func PostHook(c web.C, w http.ResponseWriter, r *http.Request) {
 	if user_token != nil {
 		user.Access = user_token.AccessToken
 		user.Secret = user_token.RefreshToken
+		user.TokenExpiry = user_token.Expiry
 		datastore.PutUser(ctx, user)
 	} else if err != nil {
 		w.WriteHeader(http.StatusBadRequest)
diff --git a/server/handler/login.go b/server/handler/login.go
index 2b188bea..c370815e 100644
--- a/server/handler/login.go
+++ b/server/handler/login.go
@@ -90,6 +90,7 @@ func GetLogin(c web.C, w http.ResponseWriter, r *http.Request) {
 	u.Access = login.Access
 	u.Secret = login.Secret
 	u.Name = login.Name
+	u.TokenExpiry = login.Expiry
 	u.SetEmail(login.Email)
 	u.Syncing = u.IsStale()
 
diff --git a/server/handler/repo.go b/server/handler/repo.go
index 3fdf0d8c..13738411 100644
--- a/server/handler/repo.go
+++ b/server/handler/repo.go
@@ -147,6 +147,7 @@ func PostRepo(c web.C, w http.ResponseWriter, r *http.Request) {
 	if user_token != nil {
 		user.Access = user_token.AccessToken
 		user.Secret = user_token.RefreshToken
+		user.TokenExpiry = user_token.Expiry
 		datastore.PutUser(ctx, user)
 	} else if err != nil {
 		w.WriteHeader(http.StatusBadRequest)
diff --git a/server/handler/user.go b/server/handler/user.go
index 6b21528a..85e86127 100644
--- a/server/handler/user.go
+++ b/server/handler/user.go
@@ -163,6 +163,7 @@ func PostUserSync(c web.C, w http.ResponseWriter, r *http.Request) {
 	if user_token != nil {
 		user.Access = user_token.AccessToken
 		user.Secret = user_token.RefreshToken
+		user.TokenExpiry = user_token.Expiry
 	} else if err != nil {
 		w.WriteHeader(http.StatusNotFound)
 		return
diff --git a/shared/model/login.go b/shared/model/login.go
index a7ff2c04..c0546b2d 100644
--- a/shared/model/login.go
+++ b/shared/model/login.go
@@ -9,4 +9,5 @@ type Login struct {
 	Secret string
 	Name   string
 	Email  string
+	Expiry int64
 }
diff --git a/shared/model/token.go b/shared/model/token.go
index 5b18cac6..986429c6 100644
--- a/shared/model/token.go
+++ b/shared/model/token.go
@@ -1,11 +1,7 @@
 package model
 
-import (
-	"time"
-)
-
 type Token struct {
 	AccessToken  string
 	RefreshToken string
-	Expiry       time.Time
+	Expiry       int64
 }
diff --git a/shared/model/user.go b/shared/model/user.go
index 5edc9455..2b7b5ad1 100644
--- a/shared/model/user.go
+++ b/shared/model/user.go
@@ -5,21 +5,22 @@ import (
 )
 
 type User struct {
-	ID       int64  `meddler:"user_id,pk"     json:"-"`
-	Remote   string `meddler:"user_remote"    json:"remote"`
-	Login    string `meddler:"user_login"     json:"login"`
-	Access   string `meddler:"user_access"    json:"-"`
-	Secret   string `meddler:"user_secret"    json:"-"`
-	Name     string `meddler:"user_name"      json:"name"`
-	Email    string `meddler:"user_email"     json:"email,omitempty"`
-	Gravatar string `meddler:"user_gravatar"  json:"gravatar"`
-	Token    string `meddler:"user_token"     json:"-"`
-	Admin    bool   `meddler:"user_admin"     json:"admin"`
-	Active   bool   `meddler:"user_active"    json:"active"`
-	Syncing  bool   `meddler:"user_syncing"   json:"syncing"`
-	Created  int64  `meddler:"user_created"   json:"created_at"`
-	Updated  int64  `meddler:"user_updated"   json:"updated_at"`
-	Synced   int64  `meddler:"user_synced"    json:"synced_at"`
+	ID          int64  `meddler:"user_id,pk"          json:"-"`
+	Remote      string `meddler:"user_remote"         json:"remote"`
+	Login       string `meddler:"user_login"          json:"login"`
+	Access      string `meddler:"user_access"         json:"-"`
+	Secret      string `meddler:"user_secret"         json:"-"`
+	Name        string `meddler:"user_name"           json:"name"`
+	Email       string `meddler:"user_email"          json:"email,omitempty"`
+	Gravatar    string `meddler:"user_gravatar"       json:"gravatar"`
+	Token       string `meddler:"user_token"          json:"-"`
+	Admin       bool   `meddler:"user_admin"          json:"admin"`
+	Active      bool   `meddler:"user_active"         json:"active"`
+	Syncing     bool   `meddler:"user_syncing"        json:"syncing"`
+	Created     int64  `meddler:"user_created"        json:"created_at"`
+	Updated     int64  `meddler:"user_updated"        json:"updated_at"`
+	Synced      int64  `meddler:"user_synced"         json:"synced_at"`
+	TokenExpiry int64  `meddler:"user_access_expires" json:"-"`
 }
 
 func NewUser(remote, login, email string) *User {