diff --git a/dynamicresponse/middleware/api.py b/dynamicresponse/middleware/api.py
index ab4d999..0bdf22b 100644
--- a/dynamicresponse/middleware/api.py
+++ b/dynamicresponse/middleware/api.py
@@ -62,7 +62,7 @@ def _should_authorize(self, request):
         already containing HTTP authorization headers.
         """
 
-        if (not request.is_api) or (request.user.is_authenticated()):
+        if (not request.is_api) or (hasattr(request, 'user') and request.user.is_authenticated()):
             return False
         else:
             return self._get_auth_string(request) is not None