User opens a page. A session starts and they are asked to log in. They spend 30 minutes reading the page, then clicks a link. Since they were on the page for 20+ minutes their session ended. At that point they are asked to log in, and then taken to their chosen page as if never interrupted.
Reasonably easy, yes. This example is in PHP, but the same idea should work for other languages. At the top of every page that requires authorisation:
In checkauth.php, do this:
In login.php, do this: