Does dbAuth use JSON Web Token or database session?
It uses an encrypted cookie and each request is validated towards the database, so I would say more towards the database session.
Docs: Authentication - dbAuth - How It Works
1 Like