Community Builder has built-in anti-spoofing security measures that rely on time sensitive settings to identify potential issues with session hijacking.
If you are seeing any "invalid session" error messages, then you need to first make sure that all your time zone related settings are correct:
- Server time zone
- etc.
You can turn-off these extra CB measures by accessing the 'Enable anti-spoofing sessions checks' parameter in the CB Configuration -> Integration tab area.