Consent is always required; even if you just give people a random UUID, with no associated session/etc., that always requires consent.
There is a separate question, of whether consent is implied. If the identifying information is required to provide the user with a service they requested (e.g. a cookie for their online shopping cart), then consent is implied; no need to ask.
