removeExpiredKeys on boot?

[peteruithoven]

Superlogin's Quickstart mentions:

Note: Session tokens for your API will be unusable as soon as they expire. However, there is no mechanism to automatically revoke expired credentials with CouchDB. Whenever a user logs in, logs out, or refreshes the session, SuperLogin will automatically clean up any expired credentials for that user. For additional security, periodically run superlogin.removeExpiredKeys() either with setInterval or a cron job. This will deauthorize every single expired credential that exists in the system.

Couldn't we run this automatically when a server (with superlogin) is started? We have our superlogin hosted with Heroku, who perform a daily restart, and I can't imagine they are the only ones that do this. This would be an easy way to add security for users who host their service using similar services, that doesn't require something like a cron job.