Stateful session cookie storage could be avoided

[runxiyu]

I think it's not appropriate to store the session cookie in a cache on the server side as it makes it. It could potentially lead to a fill-your-RAM DoS (albeit very unlikely).

A digital signature scheme would be better as it would not require you to store it in memory:
IMO the proper alternative is to use an HMAC or a natively keyed hash function like the BLAKE family of hashes (Anubis uses ed25519 which is much more computationally expensive on the server).

[squeaktoy]

Do I understand correctly if JWT addresses this type of issue?

[runxiyu]

Yes, although I'd personally recommend against them. JWTs are extremely complex; a simple HMAC would work here