# Class BSV::Auth::SessionManager <a id="class-BSV-Auth-SessionManager"></a>

**Inherits:** `Object`

Thread-safe store for {PeerSession} objects.

Supports dual-index lookup: by `session_nonce` (primary) or by
`peer_identity_key` (secondary). Multiple concurrent sessions per peer
identity key are supported — the most recently updated session is returned
when looking up by identity key.

Sessions expire after `default_ttl` seconds (default: 3600). Pass
+default_ttl: nil+ to disable expiry entirely. Expired sessions are removed
lazily on access; call {#sweep_expired} for proactive cleanup.

Matches the ts-sdk SessionManager dual-index design.

## Public Instance Methods
### `add_session(session)` <a id="method-i-add_session"></a> <a id="add_session-instance_method"></a>
Adds a session to the manager.
- **@param** `session` [PeerSession]
- **@raise** [ArgumentError] if +session_nonce+ is blank

### `get_session(identifier)` <a id="method-i-get_session"></a> <a id="get_session-instance_method"></a>
Retrieves a session by `session_nonce` or `peer_identity_key`.

When the identifier is a session nonce, returns that exact session. When the
identifier is a peer identity key, returns the most recently updated
non-expired session for that peer.

Returns `nil` if the session has expired (and removes it from the store).
- **@param** `identifier` [String]
- **@return** [PeerSession, nil]

### `initialize(default_ttl: = 3600)` <a id="method-i-initialize"></a> <a id="initialize-instance_method"></a>
- **@param** `default_ttl` [Integer, nil] seconds before a session expires;
+nil+ disables TTL entirely.
- **@return** [SessionManager] a new instance of SessionManager

### `remove_session(session)` <a id="method-i-remove_session"></a> <a id="remove_session-instance_method"></a>
Removes a session from the manager.
- **@param** `session` [PeerSession]

### `session?(identifier)` <a id="method-i-session-3F"></a> <a id="session?-instance_method"></a>
- **@param** `identifier` [String] session nonce or identity key
- **@return** [Boolean]

### `sweep_expired()` <a id="method-i-sweep_expired"></a> <a id="sweep_expired-instance_method"></a>
Removes all expired sessions from the store.

Not called automatically — intended for use in long-running servers that want
to proactively reclaim memory.
- **@return** [Integer] number of sessions removed

### `update_session(session)` <a id="method-i-update_session"></a> <a id="update_session-instance_method"></a>
Updates an existing session (removes old references and re-adds).
- **@param** `session` [PeerSession]
