如何建立防弹cookie系统？

I know the big posts about the cookie topic but I still have some unclear questions about the realization. My thoughts were these:

In my database I save for each of my user a cookie_token which is generated randomly when the account gets created. Just a random SHA1 or maybe a changed HASH of his BCRYPT.

Then my login logic would be:

If a user visits a private site

1. Is the Session LoggedIn true?
   1. Yes: All ok, stop further checks
   2. No: continue with 2.
2. Query the DB if the user with his ID has the same token as saved in his cookie.
   1. If Yes set the LoggedIn cookie
   2. Redirect.

But I've also read of a so called series_identifier but I couldn't figure out what this exactly is. As I understood it somehow should change every time the user creates a new session or something like this, but I'm not sure how to implement this. Can anyone give me a suggestion how to do that, or maybe an other approach to improve the security of the cookie / login process?

Best regards, Michael