I’ve been wrestling with this for some time by now.
I have been developing a system from Yii2 advanced setup and had no problems with user authentication until i needed to create a separate back office app for clients. I structured it after backend and named it clientend. The authentication process is shared. There are separate session cookies created for each app: _backendSession and _clientendSession. Now as one logs in the user cookies are created: _backendUser and _clientUser. The problem is that as i try to log in from /backend/web the _backendUser cookie is not created, but _clientUser is done instead, which confuses the system to try to handle it on /clientend/web. When i log in from /clientend/web, system seems to work ok.
I hope someone can help me with this issue, or at least point me to right direction.