Create User Authenticate with Roles

for instance i have 5 html files (index, signup, login, secretPage(user role))
thirst thing first user have to sign up i have few 7inputs(email, name,surname, password,role etc)
so in .go file i get all values from forms and put it inside my db.
Please help me how can i Authenticate users via session or cookies(login page, and what is the difference between them)
i tryed without cookies just sql queries something like comparing user’s password field with record in db (but i guess it is bad approach and user have to login each time to see secret page)
i also heard that for session you have to creat another db
please tell me about the best approach to signup, login,user authentication,user authorization