As far as I know, Twitter's OAuth tokens have an undefined session length - basically, until the token is explicitly revoked by the user. IMHO, this is ideal.