A network system generally controls large pools of computing, storage, and networking resources. By means of the preceding resources, the network system is capable of providing a plurality of services including, but not limited to, computing services, image services, storage services, network services and the like. The network system may manage access to the services by means of token authentication. That is, before a user can access a service, the user requests a token from the network system. Upon receipt of the request, the network system may assign a token with an expiration time instant to the user. Then the user may send a request, together with the token, for accessing the service.
Generally, the network system may determine the validity of the token based on the expiration time instant of the token. The expiration time instant indicates a lifetime of the token. If the time instant at which the request is received is later than the expiration time instant, the network system determines that the token is invalid or expired. Otherwise, the network system determines that the token is valid or unexpired. Thus, upon receipt of a request for accessing a service, the network system verifies the token and allows the user to access the requested service if the token is valid. However, in some cases, the token may become invalid when the network system begins to verify the token. The network system thus would not allow the user to access the requested service due to the invalid token, even if the request is legitimate.