The access token provided by OAuth expires after a very short amount of time, but the acceptance is still cached, and simply clicking Login will reaffirm that acceptance and regenerate the auth token (and not present the full OAuth handshake). Rather than forcing the user to periodically click "Log In", the plugin should check that the access token is valid before the page render (and, if it already does that and is just reacting to short-lived access tokens, use a refresh token to acquire a new access token if the access token is no longer valid)