Problem with session in security plugin

Hi, I have a problem with "remember me" function. When user click remember me during login then is setup cookie in that way:

$this->cookies->set('userid', $user->userid, time() + 15 * 86400);

ok, next if user close browser and open again, system correctly read cookie, set to session user object:

$this->session->set('user', $user);

and redirect to main page.

I also implemented SecurityPlugin like in Invo example:

if (!$this->session->user) { //redirect to login page }

I tried to dump session in SecurityPlugin and its empty.

My index.php define session nad security plugin in that way:

$di->setShared('session', function () {
  $session = new \Phalcon\Session\Adapter\Files(array(
      'uniqueId' => 'custom-service-id'
  ));
  $session->start();
  return $session;
});

 $di->set(
  'dispatcher',
  function() use ($di) {
      $eventsManager = $di->getShared('eventsManager');

      $eventsManager->attach(
          'dispatch:beforeException', new ErrorPlugin()
      );

      $eventsManager->attach(
          'dispatch:beforeDispatch', new SecurityPlugin()
      );

      $dispatcher = new Dispatcher();
      $dispatcher->setEventsManager($eventsManager);
      return $dispatcher;
  },
  true
);

And what happend? Infinity loop ;), user from login page is redirect to main page, from main page to login page, etc.

Any idea?

edited Sep '16

It works for me, post more code, like content of those plugins for example and code of whole method where you setting this cookie/session value and where you get them.

For some reason when SecurityPlugin validate user session, for first time there is no valid session, session is empty. In that SecurityPlugin I have condition that if user don't have permission then I'm destroying session. That was the problem. I'm not sure why, but that was the problem. Removing sessionDestroy solve partially problem.