Index: session_api.module
===================================================================
--- session_api.module	(revision 941)
+++ session_api.module	(working copy)
@@ -46,15 +46,21 @@
     	return -1;
     }
     else {
-       $session_id = md5(ip_address() . time() . drupal_get_private_key());
+      $session_id = session_id();
+      $session_id = $session_id ? $session_id : md5(ip_address() . time() . drupal_get_private_key());
     }
-
+    
     // For the cookie we use the same domain that Drupal's own session cookie uses.
     $cookie_domain = ini_get('session.cookie_domain');
     // Update the session timeout.
     if ($sid) {
       $rec = new stdClass;
       $rec->sid = $sid;
+      
+      //Set a created date so we know when to clear the record.
+      //If a session exists for this user, use a creation time of 0 so 
+      //core session handling has control.
+      $rec->created = isset($_SESSION) ? 0 : time();
       $rec->session_id = $session_id;
       drupal_write_record('session_api', $rec, 'sid');
       setcookie('session_api_session', $session_id, time() + variable_get('session_api_cookie_expire_time', 2592000), '/', $cookie_domain);
@@ -63,9 +69,14 @@
     else {
       $rec = new stdClass();
       $rec->session_id = $session_id;
+      
+      //Set a created date so we know when to clear the record.
+      //If a session exists for this user, use a creation time of 0 so 
+      //core session handling has control.
+      $rec->created = isset($_SESSION) ? 0 : time();
       drupal_write_record('session_api', $rec);
       $sid = $rec->sid;
-
+      
       // Set cookie.
       setcookie('session_api_session', $session_id, time() + variable_get('session_api_cookie_expire_time', 2592000), '/', $cookie_domain);
     }
@@ -94,7 +105,7 @@
  */
 function session_api_cron() {
   // Fetch list of outdated sids.
-  $result = db_query("SELECT sap.sid FROM {session_api} sap LEFT JOIN {sessions} s ON (sap.session_id = s.sid) WHERE s.sid IS NULL");
+  $result = db_query("SELECT sap.sid FROM {session_api} sap LEFT JOIN {sessions} s ON (sap.session_id = s.sid) WHERE s.sid IS NULL AND sap.created < %d", time() - variable_get('session_api_cookie_expire_time', 2592000));
   $outdated_sids = array();
   while ($session = db_fetch_object($result)) {
     $outdated_sids[] = $session->sid;
Index: session_api.install
===================================================================
--- session_api.install	(revision 941)
+++ session_api.install	(working copy)
@@ -32,6 +32,10 @@
         'length' => 64,
         'not null' => TRUE,
       ),
+      'created' => array(
+        'type' => 'int',
+        'not null' => TRUE,
+      ),
     ),
     'primary key' => array('sid'),
     'unique keys' => array(
@@ -52,3 +56,14 @@
 
   return $ret;
 }
+
+/**
+ * Add created column.
+ */ 
+function session_api_update_6101() {
+  $ret = array();
+  
+  $ret[] = update_sql("ALTER TABLE {session_api} ADD created int(11) unsigned NOT NULL");
+  
+  return $ret;
+}
\ No newline at end of file