Remove auth req for accessing opensearch

Requiring authentication for accessing the opensearch template prevents
the browser from accessing the file when adding as a default search
engine. This removes the authentication requirement from the opensearch
route, which should never provide any sensitive information anyways.

app/routes.py

@@ -136,7 +136,6 @@ def index():
 
 
 @app.route('/opensearch.xml', methods=['GET'])
-@auth_required
 def opensearch():
     opensearch_url = g.app_location
     if opensearch_url.endswith('/'):