You can’t reliably prevent people from voting multiple times without logging in. It’s not possible. I guess people could also create multiple user accounts to vote so there is no fool proof way.
Cookies are often cleared automatically by certain popular cleaners and unless you are only going to allow people to vote on a product they have purchased I think you are kind fighting a lost battle.

Stack Overflow limits voting capability by making sure a certain level has been achieved before being allowed to vote but I guess that’s not really applicable to your scenario.

This is not so much about sessions and cookies and more about setting up your database to record a vote including the voter id.

In the view that allows users to vote I would suggest that you switch between a voted icon and a vote now link depending on whether or not the currently logged in user has voted.

To determine if the user has voted then include the user id of the currently logged in user in a question_vote xref table.

For the belt and braces approach to prevent abuse of the html in the browser add the check to the validations of the question_vote record.

I would do this by adding a can_vote? method to the user model that accepts a question id as a parameter then you can use the question_id plus the user id to find a matching record in the question_vote table if a reordx is found return false otherwise return true