You probably will need to actually create 2 separate sessions. For this I would think the advanced template would be the best starting point. Frontend would be your main site, and backend would be your logged in area. You could even make a 3rd for your admin panel, if needed.
In your config you would need to specify different sessions. The way I use it, is to completely separate my frontend from the backend.
Example of config;
'components' => [
'user' => [
'identityClass' => 'common\models\User',
'enableAutoLogin' => true,
'identityCookie' => [
'name' => '_frontendUser', // unique for frontend
]
],
'session' => [
'name' => 'PHPFRONTSESSID',
'savePath' => sys_get_temp_dir(),
],
....
You would do the same for backend, only using different names.
If they can still go to the main site while they are logged in, you would need to do some addition checks, like checking if the other session exists. You could make a special rule to redirect them off the main site to the logged in area if it exists. If they still need to access the main site but know if they are logged in (like to show logout instead of login link, or show their username) then you would have to reference the other session.
I am not sure if you can actually use a session from another section... A way around it would be to store data in the first session about the 2nd session. In your login routine, you would need to inject the user data into the first session. And on logout, remove it.
Not sure what our going for, and there are still some things to look into (like if you can access another session without hacky options).
However, I think your hangup right now is that you need to define separate session values in your config.
I should also add, I wrote a wiki about how to have 2 separate sessions here: http://www.yiiframework.com/wiki/814/guide-how-to-actually-separate-frontend-user-and-backend-admin-on-yii2-advanced/
Problem with yiii2 advanced, is by default if you login to the frontend you are also logged into the backend. Well if you use frontend as members and backend as admin, you dont want it like that! A member shouldn't be logged into the admin area. So you have to make them 2 separate sessions.
While my wiki is for a slightly different use, I think it stems from the same problem and may help you figure this out.