This question has multiple facets which regards an application that has a login, along with instant messaging i.e. QBChat. All of these questions kind of relate.
1) When a user logs in, I create a session, login the QBUser in, and log in the QBUSer to QBChat. Is is common practice, when a user logs out to log out of QBChat, log out of QBUser and destroy the session?
2) Currently, when the application is sent to the background, I log the user out of QBChat, QBUSER and destroy their session and when the user comes back I create a new session and log them back in to everything. I do this to make sure that the users session doesn't expire when while the application is in the background. Is there any other way to automatically renew sessions when the application is in use?
3) Finally, this question relates back to the second one, if I am using the application and the session expires, is there a call back function that will be called if the session expires? So if I use the application for 2 hours straight, and the session expires is there anyway I can get a indication that it expired and either manually renew it or have it done automatically?
Yes, it's common pattern. Two things that you need to know:
I do only QBChat logout. You don't need to destroy session every time. You can recreate session if need without destroy it before. To check session expiration datetime use