diff --git a/app/main.py b/app/main.py
index 90c305a..edf094b 100644
--- a/app/main.py
+++ b/app/main.py
@@ -2,7 +2,7 @@ import asyncio
 import logging
 from contextlib import asynccontextmanager
 
-from fastapi import FastAPI, Request
+from fastapi import FastAPI
 from fastapi.responses import Response as FastAPIResponse
 from fastapi.staticfiles import StaticFiles
 
@@ -41,10 +41,7 @@ except ImportError:
 
 
 @app.get("/api/poster/{item_id}")
-async def poster_proxy(item_id: str, request: Request):
-    from app.routers.auth import get_current_user
-    await get_current_user(request)
-
+async def poster_proxy(item_id: str):
     image_data = await get_poster(item_id)
     if image_data is None:
         return FastAPIResponse(status_code=404)
diff --git a/app/static/app.js b/app/static/app.js
index 508c173..4b3c32b 100644
--- a/app/static/app.js
+++ b/app/static/app.js
@@ -506,5 +506,32 @@ document.getElementById('reset-btn').addEventListener('click', () => {
 });
 
 // --- Init ---
-checkAuth();
-loadSharedSearch();
+async function init() {
+    const isShared = await loadSharedSearch();
+    if (isShared) {
+        // Show main screen in read-only mode for shared links
+        document.getElementById('login-screen').classList.add('hidden');
+        document.getElementById('main-screen').classList.remove('hidden');
+        // Hide controls that require auth
+        document.getElementById('user-picker').classList.add('hidden');
+        document.getElementById('logout-btn').classList.add('hidden');
+        document.getElementById('user-name').textContent = '';
+        document.getElementById('reroll-btn').classList.add('hidden');
+        // Still try to auth in background for watch-check
+        try {
+            const res = await fetch(`${API}/api/auth/me`);
+            if (res.ok) {
+                currentUser = await res.json();
+                document.getElementById('user-name').textContent = currentUser.name;
+                document.getElementById('logout-btn').classList.remove('hidden');
+                // Now check watch state with the logged-in user
+                const grid = document.getElementById('results-grid');
+                const ids = Array.from(grid.querySelectorAll('.movie-card')).map(c => c.dataset.jellyfinId).filter(Boolean);
+                if (ids.length) await markWatchedCards(ids);
+            }
+        } catch { /* not logged in, that's fine */ }
+    } else {
+        await checkAuth();
+    }
+}
+init();