local function searchInit(cfg)
    return {} -- no ctx
end

local function searchCallback(cfg, _ctx)
    local h, err = ngx.req.get_headers()

    if err == "truncated" then
        return 400, 'too many headers'
    end

    local authheader = h["authorization"]

    if authheader == nil then
        return 401, "requires authentication"
    else
        return nil
    end
end

return {
    name='PleromaRestrictUnauthenticatedSearch',
    author='luna@l4.pm',
    title='restrict unauth search',
    description=[[
    Search can be a DoS vector. restrict it without Authorization header.
    Useful for small instances.
    ]],
    version=1,
    init=searchInit,
    callbacks = {
        ['/api/v2/search'] = searchCallback
    },
    config={},
}