not WP-specific but wouldn't one usually store a session-id (a long random string) into a cookie and then each page you navigate to asks for the cookies, extracts that session-id, and enquires the (server-side) database about the user's details?