Sessions use cookies, so when you change domains (www.site.com to site.com) those cookies aren't being transmitted.
Set up your webserver to have one canonical url, and redirect everyone to that (for example, standardize on site.com, redirect www.site.com to site.com).
This is how I handle redirects in apache:
ServerAlias www.site.com my.site.com site.net www.site.net sites.com www.sites.com site.com
RewriteEngine On
RewriteCond %{SERVER_NAME} !=site.com
RewriteRule ^(.*) https://site.com/$1 [R=301]
I prefer site.com over www.site.com, unless you're doing something different on the two of them making people type an extra four characters seems worthless. My (lame) understanding of SEO is that you're better off picking one than having duplicate content at two urls (site.com/stuff and www.site.com/stuff)