diff --git a/package.json b/package.json
index 24aa2995b..6fdc5ca12 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "xo-server",
-  "version": "4.9.1",
+  "version": "4.9.2",
   "license": "AGPL-3.0",
   "description": "Server part of Xen-Orchestra",
   "keywords": [
diff --git a/src/models/token.js b/src/models/token.js
index 0694bb186..b12ab7fd1 100644
--- a/src/models/token.js
+++ b/src/models/token.js
@@ -1,26 +1,10 @@
 import Collection from '../collection/redis'
 import Model from '../model'
-import {generateToken} from '../utils'
 
 // ===================================================================
 
-export default class Token extends Model {
-  static generate (userId) {
-    return generateToken().then(token => new Token({
-      id: token,
-      user_id: userId
-    }))
-  }
-}
+export default class Token extends Model {}
 
 // -------------------------------------------------------------------
 
-export class Tokens extends Collection {
-  get Model () {
-    return Token
-  }
-
-  generate (userId) {
-    return Token.generate(userId).then(token => this.add(token))
-  }
-}
+export class Tokens extends Collection {}
diff --git a/src/xo.js b/src/xo.js
index 52de59ea6..965eb51ea 100644
--- a/src/xo.js
+++ b/src/xo.js
@@ -50,7 +50,7 @@ import {PluginsMetadata} from './models/plugin-metadata'
 import {Remotes} from './models/remote'
 import {Schedules} from './models/schedule'
 import {Servers} from './models/server'
-import {Tokens} from './models/token'
+import Token, {Tokens} from './models/token'
 import {Users} from './models/user'
 
 // ===================================================================
@@ -900,9 +900,15 @@ export default class Xo extends EventEmitter {
   // -----------------------------------------------------------------
 
   async createAuthenticationToken ({userId}) {
-    // TODO: use plain objects
-    const token = await this._tokens.generate(userId)
+    const token = new Token({
+      id: await generateToken(),
+      user_id: userId,
+      expiration: Date.now() + 1e3 * 60 * 60 * 24 * 30 // 1 month validity.
+    })
 
+    await this._tokens.add(token)
+
+    // TODO: use plain properties directly.
     return token.properties
   }
 
@@ -913,12 +919,22 @@ export default class Xo extends EventEmitter {
   }
 
   async getAuthenticationToken (id) {
-    const token = await this._tokens.first(id)
+    let token = await this._tokens.first(id)
     if (!token) {
       throw new NoSuchAuthenticationToken(id)
     }
 
-    return token.properties
+    token = token.properties
+
+    if (!(
+      token.expiration > Date.now()
+    )) {
+      this._tokens.remove(id).catch(noop)
+
+      throw new NoSuchAuthenticationToken(id)
+    }
+
+    return token
   }
 
   async _getAuthenticationTokensForUser (userId) {