One possible method would be to set a variable attached to the user's session that records the current time every time an action is carried out.
The only drawback there is that you would need something (like a timer) which would periodically check against that variable and against the current time to validate your timeout period having passed or not. Basically though, if you set a timer for say 10 minutes in length to start when an action is carried out, and at the same time set a variable to contain the current time... when the timer runs out it checks current vs stored and if > your timeout period will end the session.
If, on the other hand, a new action is carried out in the meantime, the timer and the stored time are reset and the session is maintained.
Hope this helps :) Please remember to mark solved once your issue is resolved. Also, it may have been better to have posted this question in the same thread you'd already started relating to timed session expiration :twisted: