problemmediumalgorithmsleetcode-1797leetcode 1797leetcode1797

Design Authentication Manager

MediumUpdated: Sep 14, 2025
Practice on:
LeetCode

Problem

There is an authentication system that works with authentication tokens. For each session, the user will receive a new authentication token that will expire timeToLive seconds after the currentTime. If the token is renewed, the expiry time will be extended to expire timeToLive seconds after the (potentially different) currentTime.

Implement the AuthenticationManager class:

  • AuthenticationManager(int timeToLive) constructs the AuthenticationManager and sets the timeToLive.
  • generate(string tokenId, int currentTime) generates a new token with the given tokenId at the given currentTime in seconds.
  • renew(string tokenId, int currentTime) renews the unexpired token with the given tokenId at the given currentTime in seconds. If there are no unexpired tokens with the given tokenId, the request is ignored, and nothing happens.
  • countUnexpiredTokens(int currentTime) returns the number of unexpired tokens at the given currentTime.

Note that if a token expires at time t, and another action happens on time t (renew or countUnexpiredTokens), the expiration takes place before the other actions.

Examples

Example 1

Input
["AuthenticationManager", "renew", "generate", "countUnexpiredTokens", "generate", "renew", "renew", "countUnexpiredTokens"]
[[5], ["aaa", 1], ["aaa", 2], [6], ["bbb", 7], ["aaa", 8], ["bbb", 10], [15]]
Output
[null, null, null, 1, null, null, null, 0]

Explanation
AuthenticationManager authenticationManager = new AuthenticationManager(5); // Constructs the AuthenticationManager with timeToLive = 5 seconds.
authenticationManager.renew("aaa", 1); // No token exists with tokenId "aaa" at time 1, so nothing happens.
authenticationManager.generate("aaa", 2); // Generates a new token with tokenId "aaa" at time 2.
authenticationManager.countUnexpiredTokens(6); // The token with tokenId "aaa" is the only unexpired one at time 6, so return 1.
authenticationManager.generate("bbb", 7); // Generates a new token with tokenId "bbb" at time 7.
authenticationManager.renew("aaa", 8); // The token with tokenId "aaa" expired at time 7, and 8 >= 7, so at time 8 the renew request is ignored, and nothing happens.
authenticationManager.renew("bbb", 10); // The token with tokenId "bbb" is unexpired at time 10, so the renew request is fulfilled and now the token will expire at time 15.
authenticationManager.countUnexpiredTokens(15); // The token with tokenId "bbb" expires at time 15, and the token with tokenId "aaa" expired at time 7, so currently no token is unexpired, so return 0.

Constraints

  • 1 <= timeToLive <= 10^8
  • 1 <= currentTime <= 10^8
  • 1 <= tokenId.length <= 5
  • tokenId consists only of lowercase letters.
  • All calls to generate will contain unique values of tokenId.
  • The values of currentTime across all the function calls will be strictly increasing.
  • At most 2000 calls will be made to all functions combined.

Solution

Method 1 – Hash Map for Token Expiry Tracking

Intuition

We need to efficiently generate, renew, and count unexpired tokens. Since currentTime is strictly increasing, we can use a hash map to store each token's expiry time and simply remove expired tokens during count or renew operations.

Approach

  1. Use a hash map to store tokenId and its expiry time.
  2. On generate(tokenId, currentTime), set the expiry time to currentTime + timeToLive.
  3. On renew(tokenId, currentTime), if the token exists and is unexpired, update its expiry time to currentTime + timeToLive.
  4. On countUnexpiredTokens(currentTime), remove all expired tokens and return the count of remaining tokens.

Code

Java
import java.util.*;
public class AuthenticationManager {
    private int timeToLive;
    private Map<String, Integer> tokens;
    public AuthenticationManager(int timeToLive) {
        this.timeToLive = timeToLive;
        this.tokens = new HashMap<>();
    }
    public void generate(String tokenId, int currentTime) {
        tokens.put(tokenId, currentTime + timeToLive);
    }
    public void renew(String tokenId, int currentTime) {
        if (tokens.containsKey(tokenId) && tokens.get(tokenId) > currentTime) {
            tokens.put(tokenId, currentTime + timeToLive);
        }
    }
    public int countUnexpiredTokens(int currentTime) {
        List<String> expired = new ArrayList<>();
        for (Map.Entry<String, Integer> e : tokens.entrySet()) {
            if (e.getValue() <= currentTime) expired.add(e.getKey());
        }
        for (String tid : expired) tokens.remove(tid);
        return tokens.size();
    }
}
Python
class AuthenticationManager:
    def __init__(self, timeToLive: int):
        self.timeToLive = timeToLive
        self.tokens = {}
    def generate(self, tokenId: str, currentTime: int) -> None:
        self.tokens[tokenId] = currentTime + self.timeToLive
    def renew(self, tokenId: str, currentTime: int) -> None:
        if tokenId in self.tokens and self.tokens[tokenId] > currentTime:
            self.tokens[tokenId] = currentTime + self.timeToLive
    def countUnexpiredTokens(self, currentTime: int) -> int:
        expired = [tid for tid, exp in self.tokens.items() if exp <= currentTime]
        for tid in expired:
            del self.tokens[tid]
        return len(self.tokens)

Complexity

  • ⏰ Time complexity:
    • generate: O(1) average time (hash-map insert).
    • renew: O(1) average time (hash-map lookup + update).
    • countUnexpiredTokens: O(k) time where k is the number of stored tokens at the time of the call (worst-case O(n) where n is the number of generated tokens). Because expired tokens are removed during counting and currentTime is strictly increasing, the total work across all countUnexpiredTokens calls is O(G) where G is the number of generate calls (each token is removed at most once), yielding an amortized O(1) cost per operation in that sense.
  • 🧺 Space complexity: O(n) where n is the number of stored (unexpired) tokens.

Comments