diff --git a/litelist-api/dub.json b/litelist-api/dub.json
index 97b373e..42feab3 100644
--- a/litelist-api/dub.json
+++ b/litelist-api/dub.json
@@ -7,7 +7,7 @@
 		"botan": "~>1.13.5",
 		"d-properties": "~>1.0.5",
 		"d2sqlite3": "~>1.0.0",
-		"handy-httpd": "~>7.13.0",
+		"handy-httpd": "~>8.0.0",
 		"jwt": "~>0.4.0",
 		"resusage": "~>0.3.2",
 		"slf4d": "~>2.4.3"
diff --git a/litelist-api/dub.selections.json b/litelist-api/dub.selections.json
index b94ee22..473cfc0 100644
--- a/litelist-api/dub.selections.json
+++ b/litelist-api/dub.selections.json
@@ -5,10 +5,10 @@
 		"botan-math": "1.0.4",
 		"d-properties": "1.0.5",
 		"d2sqlite3": "1.0.0",
-		"handy-httpd": "7.13.0",
+		"handy-httpd": "8.0.0",
 		"httparsed": "1.2.1",
 		"jwt": "0.4.0",
-		"memutils": "1.0.9",
+		"memutils": "1.0.10",
 		"path-matcher": "1.1.3",
 		"resusage": "0.3.2",
 		"slf4d": "2.4.3",
diff --git a/litelist-api/source/auth.d b/litelist-api/source/auth.d
index d3a0a0b..fd22928 100644
--- a/litelist-api/source/auth.d
+++ b/litelist-api/source/auth.d
@@ -75,12 +75,12 @@ Nullable!AuthContext validateAuthenticatedRequest(ref HttpRequestContext ctx, in
     import std.typecons;
 
     immutable HEADER_NAME = "Authorization";
-    if (!ctx.request.hasHeader(HEADER_NAME)) {
+    if (!ctx.request.headers.contains(HEADER_NAME)) {
         ctx.response.setStatus(HttpStatus.UNAUTHORIZED);
         ctx.response.writeBodyString("Missing Authorization header.");
         return Nullable!AuthContext.init;
     }
-    string authHeader = ctx.request.getHeader(HEADER_NAME);
+    string authHeader = ctx.request.headers.getFirst(HEADER_NAME).orElse("");
     if (authHeader.length < 7 || authHeader[0 .. 7] != "Bearer ") {
         ctx.response.setStatus(HttpStatus.UNAUTHORIZED);
         ctx.response.writeBodyString("Invalid bearer token authorization header.");