If valid → allow access; if expired/invalid → return 401 Unauthorized.?

Review the concept and prepare a concise verbal explanation with a real project example.