From 3e26ac0cd0f9a4d5a646e9b9d1045a9b660ec976 Mon Sep 17 00:00:00 2001
From: Nick Sergeant <nick@nicksergeant.com>
Date: Sat, 2 Apr 2016 12:36:57 -0400
Subject: [PATCH] Don't allow non-auth to report spam.

---
 snipts/views.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/snipts/views.py b/snipts/views.py
index 7e77c70..f9869cf 100644
--- a/snipts/views.py
+++ b/snipts/views.py
@@ -7,7 +7,7 @@ from django.core.mail import send_mail
 from django.core.paginator import Paginator, InvalidPage
 from django.db.models import Count
 from django.db.models import Q
-from django.http import Http404, HttpResponse, HttpResponseRedirect
+from django.http import Http404, HttpResponse, HttpResponseRedirect, HttpResponseBadRequest
 from django.shortcuts import get_object_or_404, render_to_response
 from django.template import RequestContext
 from django.views.decorators.cache import never_cache
@@ -80,6 +80,10 @@ def embed(request, snipt_key):
 
 
 def report_spam(request, snipt_id):
+
+    if not request.user.is_authenticated():
+        return HttpResponseBadRequest()
+
     snipt = get_object_or_404(Snipt, pk=snipt_id)
 
     send_mail('[Snipt] Spam reported',