diff --git a/README.md b/README.md
index 5c84385..cd207eb 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,4 @@
 TODO:  
 * http utility:  
   1. add parameters to the ProcessHeaders to enable/disable token/role-access-rights checks
+	2. check for Content-Type header, if clients expects something other than JSON respond with appropriate HTTP code
diff --git a/auth_utility.go b/auth_utility.go
index 827eb80..6d0a358 100644
--- a/auth_utility.go
+++ b/auth_utility.go
@@ -16,10 +16,6 @@ const saltSize = 32
 const appName  = "korisnicki-centar"
 const secret   = "korisnicki-centar-api"
 
-type Token struct {
-	TokenString string `json:"token"`
-}
-
 type TokenClaims struct {
 	Username string `json:"username"`
 	Role string     `json:"role"`
@@ -75,12 +71,12 @@ func HashMessage(message string, presalt string) (string, string, error) {
 	return hash, salt, nil
 }
 
-func IssueAPIToken(username, role string) (Token, error) {
-	var apiToken Token
+func IssueAPIToken(username, role string) (string, error) {
+	var apiToken string 
 	var err error
 
 	if err != nil {
-		return Token{}, err
+		return "", err
 	}
 
 	claims := TokenClaims{
@@ -93,33 +89,33 @@ func IssueAPIToken(username, role string) (Token, error) {
 	}
 
 	jwtToken := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
-	apiToken.TokenString, err = jwtToken.SignedString([]byte(secret))
+	apiToken, err = jwtToken.SignedString([]byte(secret))
 	if err != nil {
-		return Token{}, err
+		return "", err
 	}
 	return apiToken, nil
 }
 
-func RefreshAPIToken(tokenString string) (Token, error) {
-	var newToken Token
+func RefreshAPIToken(tokenString string) (string, error) {
+	var newToken string 
 	tokenString = strings.TrimPrefix(tokenString, "Bearer ")
 	token, err := parseTokenFunc(tokenString)
 	if err != nil {
-		return Token{}, err
+		return "", err
 	}
 
 	// type assertion
 	claims, ok := token.Claims.(*TokenClaims)
 	if !ok || !token.Valid {
-		return Token{}, errors.New("token is not valid")
+		return "", errors.New("token is not valid")
 	}
 
 	claims.ExpiresAt = (time.Now().Add(OneWeek)).Unix()
 	jwtToken := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
 
-	newToken.TokenString, err = jwtToken.SignedString([]byte(secret))
+	newToken, err = jwtToken.SignedString([]byte(secret))
 	if err != nil {
-		return Token{}, err
+		return "", err
 	}
 
 	return newToken, nil
diff --git a/http_utility.go b/http_utility.go
index d810348..f6e14d3 100644
--- a/http_utility.go
+++ b/http_utility.go
@@ -69,7 +69,7 @@ func RespondWithHttpError500(w http.ResponseWriter, req *http.Request) {
 
 //TODO: Add parameters to enable/disable token and roles authorization checks
 // Sets common headers and checks for token validity.
-func ProcessHeaders(fn http.HandlerFunc, shouldAuth bool) http.HandlerFunc {
+func ProcessHeaders(fn http.HandlerFunc, authEnabled bool) http.HandlerFunc {
 	return func(w http.ResponseWriter, req *http.Request) {
 //		@TODO: check Content-type header (must be application/json)
 //		ctype := w.Header.Get("Content-Type")
@@ -98,7 +98,7 @@ func ProcessHeaders(fn http.HandlerFunc, shouldAuth bool) http.HandlerFunc {
 			return
 		}
 
-		if shouldAuth {
+		if authEnabled {
 			if req.URL.Path != _apiVersion + _authEndPoint {
 				token := req.Header.Get("Authorization")
 				if _, err := ParseAPIToken(token); err != nil {