extractors is a configuration setting which defines which credentials extractors are available to the system. The default setting is:
'extractors': [ 'http_basic', 'simple_cookie'],
This means that, by default, every request is inspected for valid (in order):
- HTTP Basic Authentication credentials that map to an existing User and their password.
tiddlyweb_userCookie that is authentic.
Changing this list changes how user information is extracted from requests.