I know it's been a while, but we're still experiencing the same problem. The session is somehow not cleared. This code gets executed during logout:
"$self->session(expires => 1);
Then, at login, printing the session variable say $self->session('username'); sometimes yields the username and the user remains logged in, sometimes it is undefined and the user can log out successfully. I was not able to find a pattern for this, but it doesn't fail only on the server, it also fails on localhost, so there's no connection to that.