I think (1) could potentially be separate, expiring doesn't have to be *that* timely.
However, (2) *does* need to be timely since someone may be deactivating a token for a malicious user or for a security leak.
We might be able to speed this script up by having an intermediate table that holds a set of actions that must take place, which gets populated when someone a) deactivates, b) creates a token, c) regenerates a token (which is similar to the publisher's "dirty pockets" concept).
Obviously, the other cope optimisations you mention would also be useful.
I think (1) could potentially be separate, expiring doesn't have to be *that* timely.
However, (2) *does* need to be timely since someone may be deactivating a token for a malicious user or for a security leak.
We might be able to speed this script up by having an intermediate table that holds a set of actions that must take place, which gets populated when someone a) deactivates, b) creates a token, c) regenerates a token (which is similar to the publisher's "dirty pockets" concept).
Obviously, the other cope optimisations you mention would also be useful.