Sorry for the short response, I'm processing this on a phone and just thought I'd share some areas to look into. 1. I think there is a package called impersonator which allows you to impersonate a front-end member, could solve one of your issues. 2. You can add additional properties to an Umbraco member, such as expiry date, then use a reoccurring daily task to check all members, for those which have expired you can change their role, for those that haven't you can skip over them