diff --git a/controller/files.go b/controller/files.go
index c3b217f..525a181 100644
--- a/controller/files.go
+++ b/controller/files.go
@@ -5,6 +5,7 @@ import (
 	"git.lumeweb.com/LumeWeb/portal/cid"
 	"git.lumeweb.com/LumeWeb/portal/controller/response"
 	"git.lumeweb.com/LumeWeb/portal/logger"
+	"git.lumeweb.com/LumeWeb/portal/middleware"
 	"git.lumeweb.com/LumeWeb/portal/service/files"
 	"github.com/kataras/iris/v12"
 	"go.uber.org/zap"
@@ -15,6 +16,10 @@ type FilesController struct {
 	Controller
 }
 
+func (f *FilesController) BeginRequest(ctx iris.Context) {
+	ctx.AddHandler(middleware.VerifyJwt)
+}
+
 func (f *FilesController) PostUpload() {
 	ctx := f.Ctx
 
diff --git a/middleware/jwt.go b/middleware/jwt.go
new file mode 100644
index 0000000..8594920
--- /dev/null
+++ b/middleware/jwt.go
@@ -0,0 +1,22 @@
+package middleware
+
+import (
+	"git.lumeweb.com/LumeWeb/portal/service/auth"
+	"github.com/kataras/iris/v12"
+)
+
+func VerifyJwt(ctx iris.Context) {
+	token := auth.GetRequestAuthCode(ctx)
+
+	if len(token) == 0 {
+		ctx.StopWithError(iris.StatusUnauthorized, auth.ErrInvalidToken)
+		return
+	}
+
+	if err := auth.VerifyLoginToken(token); err != nil {
+		ctx.StopWithError(iris.StatusUnauthorized, auth.ErrInvalidToken)
+		return
+	}
+
+	ctx.Next()
+}