diff --git a/src/controllers/AuthControler.ts b/src/controllers/AuthControler.ts
index 072638e..a524f56 100644
--- a/src/controllers/AuthControler.ts
+++ b/src/controllers/AuthControler.ts
@@ -38,8 +38,6 @@ class AuthControler {
         if (err) {
           return res.status(403).json("Invalid token provided");
         }
-
-        console.log("Authorization provided for ", next.name, " to app ", app);
         next();
       });
     } else {
diff --git a/src/index.ts b/src/index.ts
index d48f3fe..f396445 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -14,7 +14,7 @@ app.get("/", (_, res) => {
 });
 
 app.get("/images", imageController.getAllImages);
-app.post("/images", imageController.addImage);
+app.post("/images", authControler.authorize, imageController.addImage);
 app.post("/login", authControler.login)
 
 // Set the default port to 8080, or use the PORT environment variable
diff --git a/tests/app.test.ts b/tests/app.test.ts
index 455b873..3d249b9 100644
--- a/tests/app.test.ts
+++ b/tests/app.test.ts
@@ -1,88 +1,135 @@
-import { afterEach, describe, expect, it, mock } from "bun:test";
+import { afterEach, beforeAll, describe, expect, it, mock } from "bun:test";
 import request from "supertest";
 import { app } from "../src";
 import imageService from "../src/services/ImageService";
 
 const imageServiceOriginal = imageService;
+const tok = await request(app)
+  .post("/login")
+  .send({ app: "tester", secret: "test" });
+const token = tok.body.token;
 
 afterEach(() => {
-    mock.restore();
-    mock.module("../src/services/ImageService", () => ({ default: imageServiceOriginal }));
-})
+  mock.restore();
+  mock.module("../src/services/ImageService", () => ({
+    default: imageServiceOriginal,
+  }));
+});
 
 describe("GET / shows all of the endpoints", async () => {
-    const res = await request(app).get("/");
+  const res = await request(app).get("/");
 
-    it("should be", async () => {
-        expect(res.body).toHaveProperty("endpoints");
-    });
+  it("should be", async () => {
+    expect(res.body).toHaveProperty("endpoints");
+  });
 
-    it("should be an array", () => {
-        expect(Array.isArray(res.body.endpoints)).toBeTrue();
-    })
-})
+  it("should be an array", () => {
+    expect(Array.isArray(res.body.endpoints)).toBeTrue();
+  });
+});
 
 describe("GET /images works properly", async () => {
-    const res = await request(app).get("/images");
+  const res = await request(app).get("/images");
 
-    it("should be an array", () => {
-        expect(Array.isArray(res.body.images)).toBeTrue();
-    });
+  it("should be an array", () => {
+    expect(Array.isArray(res.body.images)).toBeTrue();
+  });
 
-    it("should return a 200", async () => {
-        expect(res.statusCode).toBe(200);
-    });
+  it("should return a 200", async () => {
+    expect(res.statusCode).toBe(200);
+  });
 });
 
 describe("POST /images works properly", () => {
-    it("should return 201 for new image", async () => {
-        const res = await request(app).post("/images").send({
-            url: "https://test.url.com/1",
+
+    it("should return 401 for unauthenticated requests", async () => {
+        const res = await request(app)
+          .post("/images")
+          .send({
+            url: "https://test.url.com/0",
             status: "available",
-            tags: ["2girls", "touhou"]
-        });
-        expect(res.status).toSatisfy(status => [201].includes(status));
-    });
+            tags: ["2girls", "touhou"],
+          });
+        expect(res.status).toBe(401);
+      });
 
-    it("should return 409 for a repeated images", async () => {
-        await request(app).post("/images").send({
-            url: "https://test.url.com/2",
+      it("should return 403 for invalid tokens", async () => {
+        const res = await request(app)
+          .post("/images")
+          .set("authorization", `Bearer token`)
+          .send({
+            url: "https://test.url.com/0",
             status: "available",
-            tags: ["2girls", "touhou"]
-        });
+            tags: ["2girls", "touhou"],
+          });
+        expect(res.status).toBe(403);
+      });
 
-        const res = await request(app).post("/images").send({
-            url: "https://test.url.com/2",
-            status: "available",
-            tags: ["2girls", "touhou"]
-        });
+  it("should return 201 for new image", async () => {
+    const res = await request(app)
+      .post("/images")
+      .set("authorization", `Bearer ${token}`)
+      .send({
+        url: "https://test.url.com/1",
+        status: "available",
+        tags: ["2girls", "touhou"],
+      });
+    expect(res.status).toBe(201);
+  });
 
-        expect(res.status).toBe(409);
-    });
+  it("should return 409 for a repeated images", async () => {
+    await request(app)
+      .post("/images")
+      .set("authorization", `Bearer ${token}`)
+      .send({
+        url: "https://test.url.com/2",
+        status: "available",
+        tags: ["2girls", "touhou"],
+      });
 
-    it("should return 500 for an error on the service", async () => {
-        mock.module("../src/services/ImageService", () => ({
-            default: {
-                add: () => { throw new Error("This is an expected testing error"); }
-            }
-        }));
+    const res = await request(app)
+      .post("/images")
+      .set("authorization", `Bearer ${token}`)
+      .send({
+        url: "https://test.url.com/2",
+        status: "available",
+        tags: ["2girls", "touhou"],
+      });
 
-        const res = await request(app).post("/images").send({
-            url: "https://test.url.com/3",
-            status: "available",
-            tags: ["2girls", "touhou"]
-        });
-        
-        expect(res.status).toBe(500);
-    });
+    expect(res.status).toBe(409);
+  });
 
-    it("should return 400 for malformed requests", async () => {
-        mock.restore();
-        const res = await request(app).post("/images").send({
-            url: "https://test.url.com/4",
-            status: "wrong",
-            tags: ["2girls", "touhou"]
-        });
-        expect(res.status).toBe(400);
-    });
-});
\ No newline at end of file
+  it("should return 500 for an error on the service", async () => {
+    mock.module("../src/services/ImageService", () => ({
+      default: {
+        add: () => {
+          throw new Error("This is an expected testing error");
+        },
+      },
+    }));
+
+    const res = await request(app)
+      .post("/images")
+      .set("authorization", `Bearer ${token}`)
+      .send({
+        url: "https://test.url.com/3",
+        status: "available",
+        tags: ["2girls", "touhou"],
+      });
+
+    expect(res.status).toBe(500);
+  });
+
+  it("should return 400 for malformed requests", async () => {
+    mock.restore();
+    const res = await request(app)
+      .post("/images")
+      .set("authorization", `Bearer ${token}`)
+      .send({
+        url: "https://test.url.com/4",
+        status: "wrong",
+        tags: ["2girls", "touhou"],
+      });
+    expect(res.status).toBe(400);
+  });
+});
diff --git a/tests/auth.test.ts b/tests/auth.test.ts
new file mode 100644
index 0000000..6951875
--- /dev/null
+++ b/tests/auth.test.ts
@@ -0,0 +1,22 @@
+import { describe, expect, it, mock } from "bun:test";
+import request from "supertest";
+import { app } from "../src";
+
+describe("/login", async () => {
+  const correctRespose = await request(app).post("/login").send({
+    app: "tester",
+    secret: "test",
+  });
+  it("should return 200 for correct login", () => {
+    expect(correctRespose.status).toBe(200);
+  });
+  it("should contain a token", () => {
+    expect(correctRespose.body).toHaveProperty("token");
+  });
+
+  it("should return 403 for invalid credentials", async () => {
+    const res = await request(app).post("/login").send({});
+    expect(res.status).toBe(403);
+  });
+});
+