diff --git a/.forgejo/workflows/docker.yml b/.forgejo/workflows/docker.yml
index e5da6fc..90f3a7c 100644
--- a/.forgejo/workflows/docker.yml
+++ b/.forgejo/workflows/docker.yml
@@ -22,12 +22,11 @@ jobs:
           username: ${{ secrets.REGISTRY_USER }}
           password: ${{ secrets.REGISTRY_TOKEN }}
 
-      - name: Build and push image
+      - name: Build image
         run: |
-          docker build \
-            -t git.sinfonie.org/sinfonie/photo26:${{ steps.meta.outputs.TAG }} \
-            -t git.sinfonie.org/sinfonie/photo26:latest \
-            .
-          docker push git.sinfonie.org/sinfonie/photo26:${{ steps.meta.outputs.TAG }}
-          docker push git.sinfonie.org/sinfonie/photo26:latest
+          docker build -t git.sinfonie.org/sinfonie/photo26:${{ steps.meta.outputs.TAG }} .
+
+      - name: Push image
+        run: |
+          docker push git.sinfonie.org/sinfonie/photo26:${{ steps.meta.outputs.TAG }}
 
diff --git a/allauth_oauth/apps.py b/allauth_oauth/apps.py
deleted file mode 100644
index 69b727a..0000000
--- a/allauth_oauth/apps.py
+++ /dev/null
@@ -1,12 +0,0 @@
-# This file is part of photo21
-# Copyright (C) 2022  Amicale des élèves de l'ENS Paris-Saclay
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-from django.apps import AppConfig
-
-
-class AllauthOAuthConfig(AppConfig):
-    name = "allauth_oauth"
-
-    def ready(self):
-        import allauth_oauth.signals  # noqa: F401
diff --git a/allauth_oauth/signals.py b/allauth_oauth/signals.py
deleted file mode 100644
index d7f1cf6..0000000
--- a/allauth_oauth/signals.py
+++ /dev/null
@@ -1,29 +0,0 @@
-# This file is part of photo21
-# Copyright (C) 2022  Amicale des élèves de l'ENS Paris-Saclay
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-from allauth.socialaccount.signals import pre_social_login
-from django.dispatch import receiver
-
-
-@receiver(pre_social_login)
-def sync_user_fields(sender, request, sociallogin, **kwargs):
-    if not sociallogin.is_existing:
-        return
-
-    user = sociallogin.user
-    data = sociallogin.account.extra_data
-    changed = False
-
-    email = data.get("email")
-    if email and user.email != email:
-        user.email = email
-        changed = True
-
-    username = data.get("username")
-    if username and user.username != username:
-        user.username = username
-        changed = True
-
-    if changed:
-        user.save()
diff --git a/photo21/settings.py b/photo21/settings.py
index 422f2c7..953a8c2 100644
--- a/photo21/settings.py
+++ b/photo21/settings.py
@@ -166,15 +166,9 @@ CACHES = {
     "default": {
         "BACKEND": "django.core.cache.backends.locmem.LocMemCache",
         "LOCATION": "Master",
-    },
-    "select2": {
-        "BACKEND": "django.core.cache.backends.filebased.FileBasedCache",
-        "LOCATION": "/tmp/django_select2_cache",
-    },
+    }
 }
 
-SELECT2_CACHE_BACKEND = "select2"
-
 
 # Password validation
 # https://docs.djangoproject.com/en/2.2/ref/settings/#auth-password-validators
diff --git a/photo21/templates/base.html b/photo21/templates/base.html
index ccd17c2..91f63cb 100644
--- a/photo21/templates/base.html
+++ b/photo21/templates/base.html
@@ -37,7 +37,6 @@ SPDX-License-Identifier: GPL-3.0-or-later
             </button>
             <div class="collapse navbar-collapse" id="navbarSupportedContent">
                 <ul class="navbar-nav me-auto mb-2 mb-lg-0">
-                    {% if request.user.is_authenticated %}
                     <li class="nav-item">
                         {% url 'photologue:pl-gallery-archive' as url %}
                         <a class="nav-link {% if request.path_info == url %}active{% endif %}" href="{{ url }}">{% trans 'Galleries' %}</a>
@@ -53,7 +52,6 @@ SPDX-License-Identifier: GPL-3.0-or-later
                         <a class="nav-link" href="{% url 'admin:index' %}">{% trans 'Manage' %}</a>
                     </li>
                     {% endif %}
-                    {% endif %}
                 </ul>
                 <ul class="navbar-nav">
                     {% get_available_languages as LANGUAGES %}
diff --git a/photo21/views.py b/photo21/views.py
index 226c552..434be5b 100644
--- a/photo21/views.py
+++ b/photo21/views.py
@@ -9,44 +9,23 @@ from django.contrib.auth import get_user_model
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.http import FileResponse, Http404
 from django.views.generic import ListView, View
-from photologue.models import Gallery, Photo
+from photologue.models import Gallery
 
 
 class MediaAccess(View):
     def get(self, request, path):
-        if not request.user.is_authenticated:
+        if not request.user.is_authenticated and not request.session.get('public_gallery_access'):
             from django.contrib.auth.views import redirect_to_login
-            try:
-                # Direct match (original photo file)
-                allowed = Photo.objects.filter(
-                    image=path,
-                    galleries__is_public=True,
-                ).exists()
-                # Cache files (thumbnails/display) are derived from original photos
-                if not allowed and '/cache/' in path:
-                    original_dir = os.path.dirname(os.path.dirname(path))
-                    allowed = Photo.objects.filter(
-                        image__startswith=original_dir + '/',
-                        galleries__is_public=True,
-                    ).exists()
-            except Exception:
-                return redirect_to_login(request.get_full_path())
-            if not allowed:
-                return redirect_to_login(request.get_full_path())
+            return redirect_to_login(request.get_full_path())
         media_root = os.path.realpath(settings.MEDIA_ROOT)
         file_path = os.path.realpath(os.path.join(media_root, path))
         if not file_path.startswith(media_root + os.sep):
             raise Http404
         if not os.path.isfile(file_path):
             raise Http404
-        f = open(file_path, 'rb')
-        try:
-            response = FileResponse(f)
-            response['Cache-Control'] = 'max-age=2678400'
-            return response
-        except Exception:
-            f.close()
-            raise
+        response = FileResponse(open(file_path, 'rb'))
+        response['Cache-Control'] = 'max-age=2678400'
+        return response
 
 
 class IndexView(LoginRequiredMixin, ListView):
diff --git a/photologue/admin.py b/photologue/admin.py
index 6d28b36..f994402 100644
--- a/photologue/admin.py
+++ b/photologue/admin.py
@@ -3,6 +3,7 @@
 # SPDX-License-Identifier: GPL-3.0-or-later
 
 from django.contrib import admin
+from django.contrib.admin import EmptyFieldListFilter
 from django.utils.translation import gettext_lazy as _
 
 from .models import Gallery, Photo, Tag
@@ -10,7 +11,7 @@ from .models import Gallery, Photo, Tag
 
 class GalleryAdmin(admin.ModelAdmin):
     list_display = ("title", "date_start", "photo_count", "get_tags")
-    list_filter = ["date_start", "tags", "is_public"]
+    list_filter = ["date_start", "tags", ("public_token", EmptyFieldListFilter)]
     date_hierarchy = "date_start"
     prepopulated_fields = {"slug": ("title",)}
     model = Gallery
diff --git a/photologue/locale/fr/LC_MESSAGES/django.po b/photologue/locale/fr/LC_MESSAGES/django.po
index 34fada3..b60677f 100644
--- a/photologue/locale/fr/LC_MESSAGES/django.po
+++ b/photologue/locale/fr/LC_MESSAGES/django.po
@@ -399,21 +399,21 @@ msgstr "Aucune galerie trouvée."
 msgid "to"
 msgstr "au"
 
-#: photologue/templates/photologue/gallery_detail.html:49
-msgid "censored photos"
-msgstr "photos censurées"
+#: photologue/templates/photologue/gallery_detail.html:53
+msgid "Public link:"
+msgstr ""
 
-msgid "Make public"
-msgstr "Rendre publique"
+#: photologue/templates/photologue/gallery_detail.html:55
+msgid "Copy"
+msgstr ""
 
-msgid "Make private"
-msgstr "Rendre privée"
+#: photologue/templates/photologue/gallery_detail.html:56
+msgid "Revoke"
+msgstr ""
 
-msgid "Public, anyone with the link can view this gallery."
-msgstr "Publique, n'importe qui avec le lien peut voir cette galerie."
-
-msgid "Private, login required to view."
-msgstr "Privée, connexion requise pour voir."
+#: photologue/templates/photologue/gallery_detail.html:59
+msgid "Generate public link"
+msgstr ""
 
 #: photologue/templates/photologue/gallery_detail.html:78
 msgid "All pictures"
diff --git a/photologue/migrations/0009_alter_photo_options_gallery_public_token.py b/photologue/migrations/0009_alter_photo_options_gallery_public_token.py
deleted file mode 100644
index 7117111..0000000
--- a/photologue/migrations/0009_alter_photo_options_gallery_public_token.py
+++ /dev/null
@@ -1,22 +0,0 @@
-# Generated by Django 5.2.13 on 2026-04-20 19:54
-
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('photologue', '0008_regen_thumbnails'),
-    ]
-
-    operations = [
-        migrations.AlterModelOptions(
-            name='photo',
-            options={'get_latest_by': 'date_added', 'ordering': ['title'], 'verbose_name': 'photo', 'verbose_name_plural': 'photos'},
-        ),
-        migrations.AddField(
-            model_name='gallery',
-            name='is_public',
-            field=models.BooleanField(default=False, help_text='Public galleries can be accessed without being logged in.', verbose_name='is public'),
-        ),
-    ]
diff --git a/photologue/models.py b/photologue/models.py
index 7bd506c..99b937c 100644
--- a/photologue/models.py
+++ b/photologue/models.py
@@ -174,11 +174,6 @@ class Gallery(models.Model):
         verbose_name=_("photos"),
         blank=True,
     )
-    is_public = models.BooleanField(
-        _("is public"),
-        default=False,
-        help_text=_("Public galleries can be accessed without being logged in."),
-    )
 
     class Meta:
         ordering = ["-date_start"]
@@ -413,15 +408,14 @@ class ImageModel(models.Model):
         # Save the original format
         im_format = im.format
         # Rotate if found & necessary
-        exif = self.exif()
         if (
-            "Image Orientation" in exif
-            and exif.get("Image Orientation").values[0]
+            "Image Orientation" in self.exif()
+            and self.exif().get("Image Orientation").values[0]
             in IMAGE_EXIF_ORIENTATION_MAP
         ):
             im = im.transpose(
                 IMAGE_EXIF_ORIENTATION_MAP[
-                    exif.get("Image Orientation").values[0]
+                    self.exif().get("Image Orientation").values[0]
                 ]
             )
         # Resize/crop image
diff --git a/photologue/static/gallery_justified.js b/photologue/static/gallery_justified.js
index e162011..80dcc55 100644
--- a/photologue/static/gallery_justified.js
+++ b/photologue/static/gallery_justified.js
@@ -70,7 +70,6 @@
         });
     }
 
-    window.applyJustifiedLayout = applyLayout;
     document.addEventListener('DOMContentLoaded', applyLayout);
     window.addEventListener('resize', applyLayout);
 })();
diff --git a/photologue/static/lightgallery/plugins/admin/lg-admin.js b/photologue/static/lightgallery/plugins/admin/lg-admin.js
index d20f6db..aa0214d 100644
--- a/photologue/static/lightgallery/plugins/admin/lg-admin.js
+++ b/photologue/static/lightgallery/plugins/admin/lg-admin.js
@@ -13,6 +13,7 @@ class lgAdmin {
         this.isStaff = document.querySelector('[name=is_staff]').value === "true";
         this.userId = document.querySelector('[name=user_id]').value;
         this.canResolveCensorship = document.querySelector('[name=can_resolve_censorship]').value === "true";
+        this.guestMode = document.querySelector('[name=guest_mode]').value === "true";
         this.csrfToken = document.querySelector('[name=csrfmiddlewaretoken]').value;
         this.photoId = 0;
         return this;
@@ -75,15 +76,9 @@ class lgAdmin {
                 if (el) {
                     el.dataset.isPublic = 'true';
                     const img = el.querySelector('img');
-                    if (img) img.classList.remove('border-danger', 'border-5', 'photo-private');
+                    if (img) img.classList.remove('border-danger', 'border-5');
                 }
                 document.getElementById("lg-restore").style.display = 'none';
-                const countSpan = document.getElementById('private-count');
-                if (countSpan) {
-                    const newCount = parseInt(countSpan.textContent, 10) - 1;
-                    if (newCount <= 0) document.getElementById('private-count-line').remove();
-                    else countSpan.textContent = newCount;
-                }
             });
         }
     }
@@ -106,7 +101,6 @@ class lgAdmin {
             this.core.LGel.off('lgAfterSlide.adminRemove');
             const thumb = document.querySelector(`[data-slide-name='${photoId}']`);
             if (thumb) thumb.remove();
-            if (typeof window.applyJustifiedLayout === 'function') window.applyJustifiedLayout();
             const lgId = this.core.lgId;
             const deletedItem = document.getElementById(`lg-item-${lgId}-${currentIndex}`);
             if (deletedItem) deletedItem.remove();
diff --git a/photologue/templates/photologue/gallery_detail.html b/photologue/templates/photologue/gallery_detail.html
index d98f173..8e704d8 100755
--- a/photologue/templates/photologue/gallery_detail.html
+++ b/photologue/templates/photologue/gallery_detail.html
@@ -20,6 +20,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
 <input type="hidden" name="is_staff" value="{{ request.user.is_staff|yesno:'true,false' }}">
 <input type="hidden" name="user_id" value="{{ request.user.id }}">
 <input type="hidden" name="can_resolve_censorship" value="{{ can_resolve_censorship|yesno:'true,false' }}">
+<input type="hidden" name="guest_mode" value="{{ guest_mode|yesno:'true,false' }}">
 <script src="{% static 'lightgallery/lightgallery.min.js' %}"></script>
 <script src="{% static 'lightgallery/plugins/admin/lg-admin.js' %}"></script>
 <script src="{% static 'lightgallery/plugins/hash/lg-hash.min.js' %}"></script>
@@ -28,7 +29,6 @@ SPDX-License-Identifier: GPL-3.0-or-later
 <script src="{% static 'gallery_justified.js' %}"></script>
 <script src="{% static 'gallery_detail.js' %}"></script>
 <script src="{% static 'sweetalert.js' %}"></script>
-{% if not request.user.is_authenticated %}<style>#lg-download, #lg-admin, #lg-delete { display: none !important; }</style>{% endif %}
 {% endblock %}
 
 {% block content %}
@@ -44,23 +44,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
     {% endif %}
 </h1>
 {% if gallery.date_start %}<p class="text-muted small">{{ gallery.date_start }}{% if gallery.date_end and gallery.date_end != gallery.date_start %} {% trans "to" %} {{ gallery.date_end }}{% endif %}</p>{% endif %}
-{% if request.user.is_staff and gallery.photo_private_count %}<p class="text-danger small" id="private-count-line"><span id="private-count">{{ gallery.photo_private_count }}</span> {% trans "censored photos" %}</p>{% endif %}
-<div class="d-flex align-items-center gap-2 mb-2">
-    {% if request.user.is_staff %}
-    <form method="post" action="{% url 'photologue:pl-gallery-toggle-public' gallery.slug %}" class="mb-0">{% csrf_token %}
-        {% if gallery.is_public %}
-        <button type="submit" class="btn btn-outline-warning btn-sm">{% trans "Make private" %}</button>
-        {% else %}
-        <button type="submit" class="btn btn-outline-success btn-sm">{% trans "Make public" %}</button>
-        {% endif %}
-    </form>
-    {% endif %}
-    {% if gallery.is_public %}
-    <p class="small text-muted mb-0">{% trans "Public, anyone with the link can view this gallery." %}</p>
-    {% else %}
-    <p class="small text-muted mb-0">{% trans "Private, login required to view." %}</p>
-    {% endif %}
-</div>
+{% if request.user.is_staff and gallery.photo_private_count %}<p class="text-danger small">{{ gallery.photo_private_count }} photos censurées</p>{% endif %}
 {% if gallery.tags.all %}
 <p class="text-muted">
     Tags : {% for tag in gallery.tags.all %}
@@ -68,7 +52,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
     {% endfor %}
 </p>
 {% endif %}
-{% if gallery.description %}<p>{{ gallery.description|linebreaksbr }}</p>{% endif %}
+{% if gallery.description %}<p>{{ gallery.description|safe|linebreaksbr  }}</p>{% endif %}
 
 <div class="card">
     <div class="card-header pb-0 border-bottom-0">
@@ -91,7 +75,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
     </div>
     <div class="card-body p-0" id="lightgallery">
         {% for photo in photos %}
-        <a class="photo-item" href="{{ photo.get_absolute_url }}" data-src="{{ photo.get_display_url }}" data-download-url="{{ photo.image.url }}" data-slide-name="{{ photo.id }}" data-owner-id="{{ photo.owner.id }}" data-is-public="{{ photo.is_public|yesno:'true,false' }}" data-width="{{ photo.image_width|default:1 }}" data-height="{{ photo.image_height|default:1 }}">
+        <a class="photo-item" href="{{ photo.get_absolute_url }}" data-src="{{ photo.get_display_url}}" data-download-url="{{ photo.image.url }}" data-slide-name="{{ photo.id }}" data-owner-id="{{ photo.owner.id }}" data-is-public="{{ photo.is_public|yesno:'true,false' }}" data-width="{{ photo.image_width|default:1 }}" data-height="{{ photo.image_height|default:1 }}">
             <img src="{{ photo.get_thumbnail_url }}" data-lazy="{{ photo.get_thumbnail_url }}" class="{% if not photo.is_public %}photo-private{% endif %}" alt="{{ photo.title }}{% if photo.date_taken %} - {{ photo.date_taken|date }} {{ photo.date_taken|time }}{% endif %}{% if photo.owner.get_full_name %} - {{ photo.owner.get_full_name }}{% else %} - {{ photo.owner.username }}{% endif %}{% if photo.license %} - {{ photo.license }}{% endif %}{% if not photo.is_public %} - !PRIVATE!{% endif %}">
         </a>
         {% endfor %}
diff --git a/photologue/templates/photologue/includes/gallery_sample.html b/photologue/templates/photologue/includes/gallery_sample.html
index f91dd7f..7210415 100644
--- a/photologue/templates/photologue/includes/gallery_sample.html
+++ b/photologue/templates/photologue/includes/gallery_sample.html
@@ -7,7 +7,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
 
 <div class="card bg-gradient">
     {% for photo in gallery.sample %}
-    <img src="{{ photo.get_thumbnail_url }}" class="card-img-top" alt="{{ photo.title }}" style="height:200px;object-fit:cover;">
+    <img src="{{ photo.get_thumbnail_url }}" class="card-img-top" alt="{{ photo.title }}">
     {% endfor %}
     <div class="card-body">
         <h4 class="card-title h5">{{ gallery.title }}</h4>
diff --git a/photologue/templates/photologue/photo_detail.html b/photologue/templates/photologue/photo_detail.html
index 0c40697..a936847 100644
--- a/photologue/templates/photologue/photo_detail.html
+++ b/photologue/templates/photologue/photo_detail.html
@@ -15,7 +15,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
         <p class="text-muted small">{% trans "Published" %} {{ object.date_added }}</p>
     </div>
 </div>
-{% if object.caption %}<p>{{ object.caption }}</p>{% endif %}
+{% if object.caption %}<p>{{ object.caption|safe }}</p>{% endif %}
 <a href="{{ object.image.url }}">
     <img src="{{ object.get_display_url }}" class="img-thumbnail" alt="{{ object.title }}">
 </a>
diff --git a/photologue/urls.py b/photologue/urls.py
index 0acc12d..53379e4 100644
--- a/photologue/urls.py
+++ b/photologue/urls.py
@@ -9,7 +9,6 @@ from .views import (
     GalleryArchiveIndexView,
     GalleryDetailView,
     GalleryDownload,
-    GalleryPublicToggleView,
     GalleryUpload,
     GalleryYearArchiveView,
     PhotoDeleteView,
@@ -45,5 +44,4 @@ urlpatterns = [
     path("photo/<int:pk>/report/", PhotoReportView.as_view(), name="pl-photo-report"),
     path("photo/<int:pk>/uncensor/", PhotoUncensorView.as_view(), name="pl-photo-uncensor"),
     path("upload/", GalleryUpload.as_view(), name="pl-gallery-upload"),
-    path("gallery/<slug:slug>/toggle-public/", GalleryPublicToggleView.as_view(), name="pl-gallery-toggle-public"),
 ]
diff --git a/photologue/views.py b/photologue/views.py
index 6af85fd..52d4776 100644
--- a/photologue/views.py
+++ b/photologue/views.py
@@ -4,23 +4,23 @@
 
 import os
 import zipfile
+from io import BytesIO
 from pathlib import Path
 
 
 from django.contrib import messages
 from django.contrib.auth.mixins import LoginRequiredMixin, PermissionRequiredMixin
 from django.core.mail import mail_admins
-from django.conf import settings
 from django.db import transaction
 from django.http import HttpResponse
 from django.http import JsonResponse
-from django.shortcuts import get_object_or_404, redirect
-from django.urls import reverse, reverse_lazy
+from django.shortcuts import redirect
+from django.urls import reverse_lazy
 from django.utils.text import slugify
-from django.views import View
 from django.views.generic.dates import ArchiveIndexView, YearArchiveView
 from django.views.generic.detail import DetailView
 from django.views.generic.edit import DeleteView, FormView
+from django.conf import settings
 from PIL import Image
 from django.contrib.auth import get_user_model
 
@@ -93,18 +93,10 @@ class PhotoDeleteView(LoginRequiredMixin, DeleteView):
         return reverse_lazy("photologue:pl-gallery", args=[slug])
 
 
-class PhotoReportView(DetailView):
+class PhotoReportView(LoginRequiredMixin, DetailView):
     model = Photo
     template_name = "photologue/photo_confirm_report.html"
 
-    def dispatch(self, request, *args, **kwargs):
-        if not request.user.is_authenticated:
-            photo = self.get_object()
-            if not photo.galleries.filter(is_public=True).exists():
-                from django.contrib.auth.views import redirect_to_login
-                return redirect_to_login(request.get_full_path())
-        return super().dispatch(request, *args, **kwargs)
-
     def post(self, request, *args, **kwargs):
         """
         Make photo private on POST.
@@ -123,10 +115,9 @@ class PhotoReportView(DetailView):
         url = request.build_absolute_uri(url)
 
         # Send mail to managers
-        reporter = request.user.username if request.user.is_authenticated else "Anonymous (public link)"
         mail_admins(
             subject=f"Abuse report for photo id {photo.pk}",
-            message=f"{reporter} reported an abuse for `{photo.title}`: {url}#lg=1&slide={photo.pk}",
+            message=f"{self.request.user.username} reported an abuse for `{photo.title}`: {url}#lg=1&slide={photo.pk}",
         )
 
         # Redirect to gallery
@@ -159,21 +150,13 @@ class TagDetail(LoginRequiredMixin, DetailView):
         return context
 
 
-class GalleryDetailView(DetailView):
+class GalleryDetailView(LoginRequiredMixin, DetailView):
     """
     Gallery detail view to filter on photo owner
     """
 
     model = Gallery
 
-    def dispatch(self, request, *args, **kwargs):
-        if not request.user.is_authenticated:
-            self.object = self.get_object()
-            if not self.object.is_public:
-                from django.contrib.auth.views import redirect_to_login
-                return redirect_to_login(request.get_full_path())
-        return super().dispatch(request, *args, **kwargs)
-
     def get_context_data(self, **kwargs):
         context = super().get_context_data(**kwargs)
 
@@ -209,18 +192,10 @@ class GalleryDetailView(DetailView):
         return context
 
 
-class GalleryDownload(DetailView):
+class GalleryDownload(LoginRequiredMixin, DetailView):
     ### IN FUTURE, PUT IT as Django Task
     model = Gallery
 
-    def dispatch(self, request, *args, **kwargs):
-        if not request.user.is_authenticated:
-            self.object = self.get_object()
-            if not self.object.is_public:
-                from django.contrib.auth.views import redirect_to_login
-                return redirect_to_login(request.get_full_path())
-        return super().dispatch(request, *args, **kwargs)
-
     def get(self, request, *args, **kwargs):
         """
         Download a zip file of the gallery on GET request.
@@ -243,17 +218,13 @@ class GalleryDownload(DetailView):
         return redirect(
            (settings.MEDIA_URL + str(gallery_zip)).replace("\\", "/")
         )  # windows fix
+        # Return zip file
 
-
-class GalleryPublicToggleView(LoginRequiredMixin, View):
-    def post(self, request, slug):
-        if not request.user.is_staff:
-            from django.core.exceptions import PermissionDenied
-            raise PermissionDenied
-        gallery = get_object_or_404(Gallery, slug=slug)
-        gallery.is_public = not gallery.is_public
-        gallery.save()
-        return redirect(reverse("photologue:pl-gallery", args=[slug]))
+        # response = HttpResponse(
+        #    byte_data.getvalue(), content_type="application/x-zip-compressed"
+        # )
+        # response["Content-Disposition"] = f"attachment; filename={gallery.slug}.zip"
+        # return response
 
 
 class GalleryUpload(PermissionRequiredMixin, FormView):
@@ -301,7 +272,6 @@ class GalleryUpload(PermissionRequiredMixin, FormView):
             try:
                 opened = Image.open(photo_file)
                 opened.verify()
-                photo_file.seek(0)
             except Exception:
                 # Pillow doesn't recognize it as an image, skip it
                 messages.error(