diff --git a/src/middlewares/authentication.middleware.ts b/src/middlewares/authentication.middleware.ts
new file mode 100644
index 0000000..ae2cd79
--- /dev/null
+++ b/src/middlewares/authentication.middleware.ts
@@ -0,0 +1,67 @@
+import type {NextFunction, Request, Response} from "express";
+import JwtService from "@services/authentication/jwt.service";
+import {DatabasesService} from "@services/databases/databases.service";
+import {UserInDatabase} from "@interfaces/db/mariadb.interface";
+import {HttpStatusCode} from "axios";
+
+const db = new DatabasesService('OnlyDevs');
+
+async function getTokenFromHeader(req: Request) {
+	const token: string | undefined = req.headers.authorization?.split(" ")[1];
+	if (!token ||token.length <= 0) {
+		return false
+	}
+	return token;
+}
+
+
+async function UserMiddleware(req: Request, res: Response, next: NextFunction) {
+	const originToken = getTokenFromHeader(req);
+	if (!originToken) {
+		return res.status(HttpStatusCode.PreconditionRequired).json({ message: "Unauthorized" });
+	}
+	const tokenPayload = await JwtService.verify(`${originToken}`);
+	if (!tokenPayload || !tokenPayload.sub) {
+		return res.status(HttpStatusCode.PreconditionRequired).json({ message: "Unauthorized" });
+	}
+	const UserFound = await db.getUserById(tokenPayload.sub)
+	const User: UserInDatabase | undefined = UserFound[0] as UserInDatabase
+	if (!User) {
+		return res.status(HttpStatusCode.PreconditionRequired).json({ message: "Unauthorized, you dont exist." });
+	}
+	if (User.email_activation) {
+		return res.status(HttpStatusCode.PreconditionRequired).json({ message: "You should verify your email first."})
+	}
+	return next()
+}
+
+async function AdminMiddleware(req: Request, res: Response, next: NextFunction) {
+	const originToken = getTokenFromHeader(req);
+	if (!originToken) {
+		return res.status(HttpStatusCode.PreconditionRequired).json({ message: "Unauthorized" });
+	}
+	const tokenPayload = await JwtService.verify(`${originToken}`);
+	if (!tokenPayload || !tokenPayload.sub) {
+		return res.status(HttpStatusCode.PreconditionRequired).json({ message: "Unauthorized" });
+	}
+	const UserFound = await db.getUserById(tokenPayload.sub)
+	const User: UserInDatabase | undefined = UserFound[0] as UserInDatabase
+	if (!User) {
+		return res.status(HttpStatusCode.PreconditionRequired).json({ message: "Unauthorized, you dont exist." });
+	}
+	if (User.email_activation) {
+		return res.status(HttpStatusCode.PreconditionRequired).json({ message: "You should verify your email first."})
+	}
+
+	const adminState = User.admin
+
+	if (!adminState) {
+    return res.status(HttpStatusCode.PreconditionRequired).json({ message: "Unauthorized, you are not an admin." });
+  }
+	return next()
+}
+
+export const AuthMiddleware = {
+	user: UserMiddleware,
+	admin: AdminMiddleware,
+}
\ No newline at end of file