To simplify things and help our users to be more productive, we have archived the current forum and focus our efforts on helping developers on Stack Overflow. You can post new questions on Stack Overflow or join our Discord channel.
I've seen a clustered solution that stored the session validity "keys" in a database. It requires some legwork on upkeeping, and on every request there is a database overhead to check if the session is valid, but the solution is very straightforward to implement.
You could also use memcached or something similar instead of a database, but if your environment is not clustered a simple static data structure is indeed the easiest way to go.