Why new session should be created during user authentication?

Security POV