diff --git a/APIDOCS.md b/APIDOCS.md
index fb0bb36..764aa9e 100644
--- a/APIDOCS.md
+++ b/APIDOCS.md
@@ -2,13 +2,13 @@
 Akf-forum has got an API for AJAX, other clients etc. 
 
 ## Authorization
-You need this headers for send request to API:
+You need this header for send request to API:
 ```json
 {
-    "username": "testUser", 
-    "password": "testPassword"
+    "authorization": "Basic <base64 encoded username:password>"
 }
 ```
+
 But in front end, the API will works with session.
 
 ## Default Limits:
diff --git a/README.md b/README.md
index 248a135..3b8a10f 100644
--- a/README.md
+++ b/README.md
@@ -42,13 +42,15 @@ Akf-forum has got an API for AJAX (fetch), other clients etc. And, you can learn
 | To do | Is done? | 
 | ----- | -------- | 
 | Profile Message | ⚪ | 
-| Better Auth for API way | ⚪ | 
+| Better Auth for API way | 🟢 | 
 | mod role, permissions | ⚪ | 
 | upload other photos, model for it | ⚪ | 
 | categories page is need a update, thread count in category | ⚪ | 
-| preview for send messages in markdown format | 💚 |
+| preview for send messages in markdown format | 🟢 |
 | DC auth will store code for taking tokens, and create secret model setting | ⚪ |
-
+- IF a person liked a message, view.
+- Disable last seen button.
+ 
 ## Major Version History
 - V4: Caching
 - V3: New Theme
diff --git a/models/Message.js b/models/Message.js
index 9fe8ac6..9e05201 100644
--- a/models/Message.js
+++ b/models/Message.js
@@ -8,6 +8,7 @@ const schema = new mongoose.Schema({
     threadID: String,
     authorID: String,
     content: { type: String, maxlength: limits.message },
+    oldContents: [{ type: String, maxlength: limits.message }],
     time: { type: Date, default: Date.now },
     deleted: { type: Boolean, default: false },
     edited: { type: Boolean, default: false },
diff --git a/routes/api/index.js b/routes/api/index.js
index 3f7c990..0e8b61c 100644
--- a/routes/api/index.js
+++ b/routes/api/index.js
@@ -16,7 +16,9 @@ app.use(async (req, res, next) => {
     res.complate = result => res.status(200).json(result);
 
     if (req.user) return next();
-    const { username = null, password = null } = req.headers;
+    const authHeader = req.headers.authorization;
+    if (!authHeader) return res.error(401, "No authorization header");
+    const [username, password] = Buffer.from(authHeader.split(' ')[1], "base64").toString().split(":");
 
     if (!username || !password)
         return res.error(401, "Authorise headers are missing")