InMemorySessionStore
Array-backed {@see SessionStore}: the same contract kept entirely in process memory, for tests and zero-file consumers. Nothing is written to disk and nothing survives past the instance's lifetime. Expiry is evaluated against an injectable clock rather than the ambient wall clock, so a test can pin "now" and prove the fail-closed read: {@see self::read()} returns `null` for a record that is expired or revoked as of the clock, exactly as the contract demands.
InMemorySessionStore::__construct()
public function __construct(?callable $clock = null):Parameters
| Name | Type | Description |
|---|---|---|
| $clock | (callable(): \DateTimeImmutable | null) | the clock expiry is evaluated against; defaults to the wall clock. Inject it to pin "now" in a test. |
InMemorySessionStore::read()
public function read(string $sessionId): ?Milpa\Auth\SessionRecordThe valid session stored under `$sessionId`, or `null` when none is stored — or when the stored one is expired or revoked as of the injected clock (fail-closed).
Parameters
| Name | Type | Description |
|---|---|---|
| $sessionId | string |
InMemorySessionStore::write()
public function write(Milpa\Auth\SessionRecord $session): voidPersists `$session` in memory, keyed by its {@see SessionRecord::$id}.
Parameters
| Name | Type | Description |
|---|---|---|
| $session | Milpa\Auth\SessionRecord |
InMemorySessionStore::destroy()
public function destroy(string $sessionId): voidRemoves the session stored under `$sessionId`. A no-op when none is stored.
Parameters
| Name | Type | Description |
|---|---|---|
| $sessionId | string |