We don't need to remove the existing session prematurely. This causes some issues when users want to implement some sort of switch-account functionality since the existing session will always be removed regardless of whether the signup / sign-in attempt succeeds.
It's safe to remove _removeSession since calling _saveSession multiple times will just replace the existing session
What kind of change does this PR introduce?
_removeSessionsince calling_saveSessionmultiple times will just replace the existing session