diff --git a/ober.go b/ober.go
index aeaa0dc..4bc4ac6 100644
--- a/ober.go
+++ b/ober.go
@@ -180,7 +180,24 @@ func Register(ctx *fasthttp.RequestCtx) {
 }
 
 func WatchPost(ctx *fasthttp.RequestCtx) {
-	//
+	auth := ctx.Request.Header.Peek("X-HUSO-AUTH")
+	if ctx.UserValue("user") == nil || auth == nil || string(auth) == "" {
+		ctx.SetStatusCode(fasthttp.StatusBadRequest)
+		return
+	}
+	username := fmt.Sprintf("%s", ctx.UserValue("user"))
+	if !authenticate(username, string(auth)) {
+		ctx.SetStatusCode(fasthttp.StatusUnauthorized)
+		return
+	}
+}
+
+func authenticate(username, auth string) bool {
+	user, err := ReadUser(username)
+	if err != nil {
+		return false
+	}
+	return user.Secret == auth
 }
 
 func addErrorToCtx(ctx *fasthttp.RequestCtx, err error) {