Use custom header

PHP used in CGI mode will eat the Authorization header and thus the authentication never worked.

Fixes #263

pub/js/login.js

@@ -17,7 +17,7 @@ var loginToken;
 			$.ajax({
 				url: '.',
 				headers: {
-					'Authorization': loginToken,
+					'X-Updater-Auth': loginToken,
 				},
 				method: 'POST',
 				success: function(data){

pub/js/main.js

@@ -1,7 +1,7 @@
 $(function () {
 	// Pass the auth token with any request
 	$.ajaxSetup({
-		headers: {'Authorization': loginToken}
+		headers: {'X-Updater-Auth': loginToken}
 	});
 
 

src/Controller/IndexController.php

@@ -98,7 +98,7 @@ protected function isLoggedIn() {
 		if(is_null($storedSecret)) {
 			die('updater.secret is undefined in config/config.php. Either browse the admin settings in your ownCloud and click "Open updater" or define a strong secret using <pre>php -r \'echo password_hash("MyStrongSecretDoUseYourOwn!", PASSWORD_DEFAULT)."\n";\'</pre> and set this in the config.php.');
 		}
-		$sentAuthHeader = ($this->request->header('Authorization') !== null) ? $this->request->header('Authorization') : '';
+		$sentAuthHeader = ($this->request->header('X_Updater_Auth') !== null) ? $this->request->header('X_Updater_Auth') : '';
 
 		if(password_verify($sentAuthHeader, $storedSecret)) {
 			return true;