Make sure the operation to generate a time-limited token is atomic.

With the previous implementation, several methods invoked time() themselves. Under certain conditions (basically, when the clock proceeds to the next second between computing the offset and calculating the token value), this could cause a mismatch that could make tokens expire before they are supposed to. Shouldn't be a big issue unless the system is really, really slow, but better safe than sorry.