From 9a5003f92a151f5936c787b7d772fc2e196ce716 Mon Sep 17 00:00:00 2001
From: Mouse Reeve <mousereeve@riseup.net>
Date: Sun, 3 Oct 2021 09:18:17 -0700
Subject: [PATCH] Don't let anonymous users search remote data

---
 bookwyrm/views/search.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bookwyrm/views/search.py b/bookwyrm/views/search.py
index df891266..4c19a193 100644
--- a/bookwyrm/views/search.py
+++ b/bookwyrm/views/search.py
@@ -67,11 +67,11 @@ class Search(View):
         return TemplateResponse(request, f"search/{search_type}.html", data)
 
 
-def book_search(query, _, min_confidence, search_remote=False):
+def book_search(query, user, min_confidence, search_remote=False):
     """the real business is elsewhere"""
     # try a local-only search
     results = [{"results": search(query, min_confidence=min_confidence)}]
-    if results and not search_remote:
+    if not user.is_authenticated or (results and not search_remote):
         return results, False
 
     # if there were no local results, or the request was for remote, search all sources