diff --git a/src/Authorize/HeaderAuthentication.php b/src/Authorize/HeaderAuthentication.php
index 7eb4d45..c0a6323 100644
--- a/src/Authorize/HeaderAuthentication.php
+++ b/src/Authorize/HeaderAuthentication.php
@@ -42,7 +42,6 @@ class HeaderAuthentication implements AuthorizeMethodInterface
         return isset($methodObj) && $methodObj->execute($request);
     }
 
-
     public function catchRequest(ServerRequestInterface $request) : bool
     {
         foreach(array_merge($request->getHeader('Accept'), $request->getHeader('Content-Type')) as $accept) {
diff --git a/src/Lib/Authenticate.php b/src/Lib/Authenticate.php
index 2692bd3..fe00b39 100644
--- a/src/Lib/Authenticate.php
+++ b/src/Lib/Authenticate.php
@@ -120,7 +120,7 @@ class Authenticate {
         return $this;
     }
 
-    public function logUser(?int $id) : ? UserInterface
+    public function loadUser(?int $id) : ? UserInterface
     {
         try {
             if ($id === null || null === ($entity = $this->user::repository()->loadFromPk($id))) {
@@ -133,8 +133,17 @@ class Authenticate {
 
         $this->user->fromArray($entity);
 
-        $this->user->loggedIn(true);
-
         return $this->user;
     }
+
+    public function logUser(?int $id) : ? UserInterface
+    {
+        if ( null !== $this->loadUser($id) ) {
+            $this->user->loggedIn(true);
+
+            return $this->user;
+        }
+
+        return null;
+    }
 }
\ No newline at end of file
diff --git a/src/Lib/AuthenticationMethodEnum.php b/src/Lib/AuthenticationMethodEnum.php
new file mode 100644
index 0000000..afe3bfd
--- /dev/null
+++ b/src/Lib/AuthenticationMethodEnum.php
@@ -0,0 +1,9 @@
+<?php
+
+namespace Ulmus\User\Lib;
+
+enum AuthenticationMethodEnum
+{
+    case ForceLogin;
+    case UsernamePassword;
+}
diff --git a/src/Middleware/AuthenticationMiddleware.php b/src/Middleware/AuthenticationMiddleware.php
new file mode 100644
index 0000000..fbe94f6
--- /dev/null
+++ b/src/Middleware/AuthenticationMiddleware.php
@@ -0,0 +1,46 @@
+<?php
+
+namespace Ulmus\User\Middleware;
+
+use Psr\Http\{
+    Message\ResponseInterface,
+    Message\ServerRequestInterface,
+    Server\MiddlewareInterface,
+    Server\RequestHandlerInterface
+};
+use Ulmus\User\Entity\UserInterface;
+use Ulmus\User\Authorize\PostRequestAuthentication;
+use Ulmus\User\Lib\Authenticate;
+use Ulmus\User\Lib\AuthenticationMethodEnum;
+
+class AuthenticationMiddleware implements MiddlewareInterface
+{
+    public function __construct(
+        protected UserInterface $user,
+        protected Authenticate $authenticator,
+    ) {}
+
+    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
+    {
+        try {
+            if (null !== $id = $request->getAttribute('authentication_middleware:user_id')) {
+                $this->authenticator->loadUser($id);
+            }
+
+            switch($request->getAttribute('authentication_middleware:method')) {
+                case AuthenticationMethodEnum::ForceLogin:
+                    $this->authenticator->login();
+                    break;
+
+                case AuthenticationMethodEnum::UsernamePassword:
+                    $this->authenticator->authenticate($request->getAttribute('authentication_middleware:username'), $request->getAttribute('authentication_middleware:password'));
+                    break;
+            }
+        }
+        catch(\Exception $e) {
+            throw $e;
+        }
+
+        return $handler->handle($request);
+    }
+}
diff --git a/src/Middleware/HeaderAuthenticationMiddleware.php b/src/Middleware/HeaderAuthenticationMiddleware.php
index e97f270..7f54a41 100644
--- a/src/Middleware/HeaderAuthenticationMiddleware.php
+++ b/src/Middleware/HeaderAuthenticationMiddleware.php
@@ -13,15 +13,13 @@ use Ulmus\User\Authorize\HeaderAuthentication;
 
 class HeaderAuthenticationMiddleware implements MiddlewareInterface
 {
-    protected HeaderAuthentication $authenticator;
+    #protected HeaderAuthentication $authenticator;
 
     public function __construct(
         protected UserInterface $entity,
         protected \Closure $loginFailedResponse,
-        HeaderAuthentication $authenticator = null,
-    ) {
-        $this->authenticator = $authenticator ?: new HeaderAuthentication();
-    }
+        protected HeaderAuthentication $authenticator,
+    ) { }
 
     public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
     {