- plug(RateLimiter, :search when action in [:search, :search2, :account_search])
+
+ # Note: Mastodon doesn't allow unauthenticated access (requires read:accounts / read:search)
+ plug(OAuthScopesPlug, %{scopes: ["read:search"], fallback: :proceed_unauthenticated})
+
+ # Note: on private instances auth is required (EnsurePublicOrAuthenticatedPlug is not skipped)
+
+ plug(RateLimiter, [name: :search] when action in [:search, :search2, :account_search])