localStorage and cookies are the same in terms of GDPR. It encompasses all local storage mechanisms such as IndexedDB, cookies, localStorage, sessionStorage, etc.
(source: I read the directive way back when it came out, and also skimmed large sectoins of GDPR)