diff --git a/src/middleware/authentication.rs b/src/middleware/authentication.rs
index b5516b36e3a6c719d2cb0b4b21b3db690f4bb596..278eb2c0d20855db8d9a8ae36b0c91a7ddf21825 100644
--- a/src/middleware/authentication.rs
+++ b/src/middleware/authentication.rs
@@ -28,25 +28,50 @@ pub struct AuthenticatedMiddleware<S> {
     service: S,
 }
 
+#[derive(serde::Deserialize)]
+struct Credentials {
+    id: String,
+    password: String,
+}
+
+async fn auth(req: &mut ServiceRequest) -> Result<(), Box<dyn actix_web::ResponseError>> {
+    let cookie = req.cookie("auth");
+    match cookie {
+        Some(cookie) => Ok(()),
+        None => match req.extract::<actix_web::web::Form<Credentials>>().await {
+            Ok(credentials) => Ok(()),
+            Err(_) => Err(Box::new(actix_web::ResponseError::status_code(
+                actix_web::http::StatusCode::UNAUTHORIZED,
+            ))),
+        },
+    }
+}
+
 impl<S, B> Service<ServiceRequest> for AuthenticatedMiddleware<S>
 where
     S: Service<ServiceRequest, Response = ServiceResponse<B>, Error = Error>,
     S::Future: 'static,
     B: 'static,
 {
-    type Response = ServiceResponse<B>;
+    type Response = ServiceResponse<actix_web::body::EitherBody<B>>;
     type Error = Error;
     type Future = LocalBoxFuture<'static, Result<Self::Response, Self::Error>>;
 
     forward_ready!(service);
 
     fn call(&self, req: ServiceRequest) -> Self::Future {
-        println!("AUTH MW");
-        let fut = self.service.call(req);
         Box::pin(async move {
-            let res = fut.await?;
-            println!("RESP");
-            Ok(res)
+            let credentials = req.extract::<actix_web::web::Form<Credentials>>().await;
+            let authenticated = auth(&mut req).await;
+
+            if let Err(msg) = authenticated {
+                return Ok(req.error_response(Error::from(msg)).map_into_right_body());
+            }
+
+            self.service
+                .call(req)
+                .await
+                .map(|res| res.map_into_left_body())
         })
     }
 }