diff --git a/server/utils/jwt.ts b/server/utils/jwt.ts
index c274277e8..a24b1223b 100644
--- a/server/utils/jwt.ts
+++ b/server/utils/jwt.ts
@@ -91,6 +91,12 @@ export async function getUserForEmailSigninToken(token: string): Promise<User> {
     rejectOnEmpty: true,
   });
 
+  if (user.lastSignedInAt) {
+    if (user.lastSignedInAt > new Date(payload.createdAt)) {
+      throw AuthenticationError("Expired token");
+    }
+  }
+
   try {
     JWT.verify(token, user.jwtSecret);
   } catch (err) {