PHP总是创建一个新会话

I'm currently working on a website using Angular 2 and a PHP REST API backend. As soon as I started working with session data, I've found out it's creating a new separate session file after every request from the site, which does not happen when using POSTMAN to call my API.

Following is my index.php

<?php
session_start();

error_reporting(E_ALL); ini_set('display_errors', true);
if (!is_writable(session_save_path()) ) {
   echo 'Session save path "'.session_save_path().'" is not writable!'; 
}
require '../vendor/autoload.php';

$settings = require __DIR__ . '/../src/settings.php';
$app = new \Slim\App($settings);


// Register dependencies
require __DIR__ . '/../src/dependencies.php';

// Register routes
require __DIR__ . '/../src/routes/routes.php';

$app->run();
exit();
?>

For example after hitting login 6 times I get stuff like this in the xampp/tmp folder:

sess_9tehhc94n54ra6rpq2j55b0b70
sess_84u3blees7ue2la3nckn97f4h5
sess_au79phq7k1umjbeambia4smjf4
sess_bm5658c44n0d0s452tm9g7mij6
sess_eac14a6sths5ars0eltc3g13e4
sess_m3mk9ms4f2j12jqh4hvh8gsch1

However, if I call my REST API using POSTMAN, it will create and use only one session file as intended.

Additional Info

I have two virtual hosts setup on Apache using the hosts file as follows:

127.0.0.1    api.stuff.dev
127.0.0.1    application.stuff.dev

PHP Version 7.0.8

PHP.ini (Session-related things only)

session.save_handler=files
session.save_path="C:\xampp\tmp"
session.use_strict_mode=0
session.use_cookies=1
session.use_only_cookies=1
session.name=PHPSESSID
session.auto_start=0
session.cookie_path=/
session.cookie_domain=
session.cookie_httponly=
session.serialize_handler=php
session.gc_probability=1
session.gc_divisor=1000
session.gc_maxlifetime=1440
session.referer_check=
session.entropy_length=0
session.cache_limiter=nocache
session.cache_expire=180
session.use_trans_sid=0
session.hash_function=0
session.hash_bits_per_character=5

httpd-vhosts.conf

<VirtualHost *:80>
    ServerAdmin admin@localhost.com
    DocumentRoot "E:\applications\stuff"
    ServerName  application.stuff.dev
    ServerAlias  application.stuff.dev
    <Directory "E:\applications\stuff">
        Require all granted
    </Directory>
</VirtualHost>
<VirtualHost *:80>
    ServerAdmin admin@localhost.com
    DocumentRoot "E:\applications\API REST"
    ServerName api.stuff.dev
    ServerAlias api.stuff.dev
    <Directory "E:\applications\API REST">
        AllowOverride All
        Require all granted
        Header always set Access-Control-Allow-Origin "*"
        Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
        Header always set Access-Control-Max-Age "1000"
        Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
    </Directory>
</VirtualHost>