Save Login status in session:
Excellent: The entire application can obtain the user information from the session, and the query is very convenient. Saving user information in session is essential (web App)
Missing: The session is not appropriate to save a lot of information, will increase or decrease memory consumption
Save the login status in the cookie:
Excellent: The data is saved in the client, convenient for the next login. For example: "Remember Me" feature
Lack: Security is not high, generally speaking of data encryption after saving in a cookie
Memcache applications are mainly in the cache of large amounts of data, such as: storing frequently used data in memcache, reducing the number of accesses to the database, which is also indispensable in Web applications
Missing: Data is lost when the cache is blown out
From efficiency considerations: Cookies > Memcache > Databases
Cookies have no effect on server-side loads, and if encryption and decryption consume a bit more CPU. Bandwidth will consume a bit more, all HTTP request headers under the same domain name will be accompanied by a cookie, so in the large traffic, JS, CSS, pictures placed under another domain name will save this portion of traffic.
Memcache will consume some server memory
Database connection is a typical bottleneck, can be exempt from the
From security Considerations: memcache/Databases > Cookies
Cookies are stored on the client side and need to be considered more secure
Memcache, databases are on the server side, a little bit safer relative to cookies
From server scalability considerations: Cookies > memcache/databases
If you have more than one backend server, you need to share session data
Memcache, database can be used to share the session between multiple servers, but easy to form a single point of bottleneck, under heavy load need to consider storage routing and so on
Cookies do not need to share session data on the server side at all, and rest stateless style coincidence
Scalability this point is not absolute, if the Nginx Ip_hash way to organize multiple back-end upstream do not need to share the session, but these require back-end architecture considerations and design, and the cookie does not have this aspect of extensibility issues
Add: Cookies are not in fact not in the extensibility of any problem need to consider, say "absolutely no" a bit absolute, scalability, this kind of thing, complexity is higher, need practical analysis of actual problems. In a simpler and more ideal situation, the cookie will be more scalable.
About User Login status Session,cookie or database or memcache of the pros and cons