diff --git a/froide/document/filters.py b/froide/document/filters.py
index cb903e631..e20d15711 100644
--- a/froide/document/filters.py
+++ b/froide/document/filters.py
@@ -58,7 +58,7 @@ def filter_foirequest(self, qs, name, value):
 
 
 def get_portal_queryset(request):
-    if not request.user.is_crew:
+    if not request.user.is_authenticated or not request.user.is_crew:
         return DocumentPortal.objects.filter(public=True)
     return DocumentPortal.objects.all()
 
diff --git a/froide/helper/auth.py b/froide/helper/auth.py
index 08db16fb0..f02fcac6c 100644
--- a/froide/helper/auth.py
+++ b/froide/helper/auth.py
@@ -227,7 +227,7 @@ def get_user_filter(request, teams=None, fk_path=None):
 
 def require_crew(view_func):
     def decorator(request, *args, **kwargs):
-        if not request.user.is_crew:
+        if not request.user.is_authenticated or not request.user.is_crew:
             raise PermissionDenied
         return view_func(request, *args, **kwargs)