i created an embedded app with a php framework. I store the access token in a session. Now i don't know whats the best way to handle expired sessions? Should i redirect to the index page. There i have access to the parameter "shop" of the iframe source and the authentication starts again or is there a better workflow?