That is, to duplicate data in the database by implementing your own mechanism for saving session data? IMHO, it’s not worth it if there are no very specific requirements - either pull the database with each request or pull it only during authentication and use standard session tools to save the data received from the database for further use

1. Session data is temporary, build on that.
2. In the question, apparently, we are talking about permanent data - to store them in user profiles in the database.
3. If you do not want to pull the database every time, although there is nothing wrong with that, do caching.
4. PHP has a built-in session mechanism, you don't need to invent your own. Backends can be different - files, databases, memcached, you can implement your own.

What for? If, I'm pretty sure, the same data is stored in a table nearby. Store only information that will allow you to recognize the user and his incomplete session, and as a result, restore data in $_SESSION of your application.

You think you are in the right direction, only you made a mistake with the session.
Why forgot?
Let's remember the cause-and-effect relationship: A session is an object of a specific user (previously authenticated), so by storing user data in the session, you violate cause and effect.
I suggest using the following:
Create a static class (I think this is possible in PHP. In .NET, System.Threading.Thread.CurrentPrincipal is responsible for this). And the data of the current user is added to the value of the property of the static class. (Yes, there is the possibility of unauthorized data substitution, but on the other hand, impersonation can be carried out. And the value itself can be organized as a structure that could be serialized.
The serialization of this structure is necessary in order to encrypt the result after that (there are some nuances there) and put it on the user's side as a SEPARATE Cookie. And when requested, check the value of the cookie, and restore the value of the property of the above static class.
This approach will make it easier for you to authenticate the user after restarting the application (after all, the session is an object in memory).
Important points:
1. Incorrect use of encryption can lead to security problems (the value of encrypted data can be saved and reused)
2. Do not forget about data synchronization and take into account the fact that during operation there may be moments when data is out of sync
(Someone in the database has already changed, and the user is still using the old data set. You can treat login / logout, if it’s “vlob”).
There will be questions, please contact.

Authorized - Received all the necessary data from the database - Recorded them in $ _SESSION - Before the user exits the site, pull $ _SESSION