added session manager, but in local dict

app/session_manager.py

@@ -0,0 +1,35 @@
+from fastapi import HTTPException
+from datetime import datetime, timedelta
+import secrets
+from typing import Dict, Optional
+
+class SessionManager:
+    def __init__(self, ttl: int):
+        self.ttl = ttl
+        self._tokens: Dict[str, Dict[str, datetime]] = {}
+
+    def create(self, user_id: str) -> str:
+        token = secrets.token_urlsafe(32)
+        self._tokens[token] = {
+            "user": user_id,
+            "expires": datetime.utcnow() + timedelta(seconds=self.ttl),
+        }
+        return token
+
+    def validate(self, token: Optional[str]) -> str:
+        self.cleanup()
+        if not token or token not in self._tokens:
+            raise HTTPException(status_code=401, detail="Not authenticated")
+
+        token_data = self._tokens[token]
+        if token_data["expires"] < datetime.utcnow():
+            del self._tokens[token]
+            raise HTTPException(status_code=401, detail="Session expired")
+
+        return token_data["user"]
+
+    def cleanup(self) -> None:
+        now = datetime.utcnow()
+        expired = [t for t, data in self._tokens.items() if data["expires"] < now]
+        for t in expired:
+            del self._tokens[t]