Enhance the robustness of deleting expired users

Currently expiryDate is used to determine whether or not a user is expired. This is not the most robust way as that field is updated when the user's password is changed. Figure out a way to handle this more robustly e.g. keep a record of when the user has last logged in.