From b90ba6c909476fde6314efefc30d912937919fd3 Mon Sep 17 00:00:00 2001
From: Nick Sweeting <git@sweeting.me>
Date: Wed, 8 May 2024 20:02:47 -0700
Subject: [PATCH] change header auth to use X-ArchiveBox-API-Key so it doesnt
 conflict with other auth headers

---
 archivebox/api/auth.py | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/archivebox/api/auth.py b/archivebox/api/auth.py
index 8215bc1c..efa7d103 100644
--- a/archivebox/api/auth.py
+++ b/archivebox/api/auth.py
@@ -79,29 +79,29 @@ class UserPassAuthCheck:
 
 ### Django-Ninja-Provided Auth Methods
 
-class UsernameAndPasswordAuth(UserPassAuthCheck, HttpBasicAuth):
-    """Allow authenticating by passing username & password via HTTP Basic Authentication (not recommended)"""
+class HeaderTokenAuth(APITokenAuthCheck, APIKeyHeader):
+    """Allow authenticating by passing X-API-Key=xyz as a request header"""
+    param_name = "X-ArchiveBox-API-Key"
+
+class BearerTokenAuth(APITokenAuthCheck, HttpBearer):
+    """Allow authenticating by passing Bearer=xyz as a request header"""
     pass
 
 class QueryParamTokenAuth(APITokenAuthCheck, APIKeyQuery):
     """Allow authenticating by passing api_key=xyz as a GET/POST query parameter"""
     param_name = "api_key"
 
-class HeaderTokenAuth(APITokenAuthCheck, APIKeyHeader):
-    """Allow authenticating by passing X-API-Key=xyz as a request header"""
-    param_name = "X-API-Key"
-
-class BearerTokenAuth(APITokenAuthCheck, HttpBearer):
-    """Allow authenticating by passing Bearer=xyz as a request header"""
+class UsernameAndPasswordAuth(UserPassAuthCheck, HttpBasicAuth):
+    """Allow authenticating by passing username & password via HTTP Basic Authentication (not recommended)"""
     pass
 
 
 ### Enabled Auth Methods
 
 API_AUTH_METHODS = [
-    QueryParamTokenAuth(), 
     HeaderTokenAuth(),
     BearerTokenAuth(),
+    QueryParamTokenAuth(), 
     django_auth_superuser,
     UsernameAndPasswordAuth(),
 ]