Use new naming for token

main.go

@@ -104,7 +104,7 @@ func main() {
 			// Allow token to be supplied via query string for GET fallback.
 			qt := strings.TrimSpace(r.URL.Query().Get("token"))
 			if qt == "" || !subtleStringEqual(qt, strings.TrimSpace(*token)) {
-				errLog.Printf("/open unauthorized method=%s path=%q headerToken=%t queryToken=%t dur=%s", r.Method, rawPath, strings.TrimSpace(r.Header.Get("X-Filetools-Token")) != "", qt != "", time.Since(start))
+				errLog.Printf("/open unauthorized method=%s path=%q headerToken=%t queryToken=%t dur=%s", r.Method, rawPath, strings.TrimSpace(r.Header.Get("X-Luxtools-Token")) != "", qt != "", time.Since(start))
 				writeJSON(w, http.StatusUnauthorized, openResponse{OK: false, Message: "unauthorized"})
 				return
 			}
@@ -182,7 +182,7 @@ func withCORS(w http.ResponseWriter, r *http.Request) {
 		w.Header().Set("Access-Control-Allow-Origin", "*")
 	}
 	w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS")
-	w.Header().Set("Access-Control-Allow-Headers", "Content-Type, X-Filetools-Token")
+	w.Header().Set("Access-Control-Allow-Headers", "Content-Type, X-Luxtools-Token")
 }
 
 func checkToken(r *http.Request, required string) bool {
@@ -190,7 +190,7 @@ func checkToken(r *http.Request, required string) bool {
 	if required == "" {
 		return true
 	}
-	got := r.Header.Get("X-Filetools-Token")
+	got := r.Header.Get("X-Luxtools-Token")
 	got = strings.TrimSpace(got)
 	return got != "" && subtleStringEqual(got, required)
 }