diff --git a/src/authchecker.ts b/src/authchecker.ts
index 2075076..344e0c1 100644
--- a/src/authchecker.ts
+++ b/src/authchecker.ts
@@ -26,7 +26,16 @@ const authchecker = async (action: Action, permissions: string[] | string) => {
 
     action.response.local = {}
     action.response.local.jwtPayload = jwtPayload.permissions
-    //TODO: Check Permissions
+    required_permissions.forEach(r => {
+        const permission_key = r.split(":")[0]
+        const actual_accesslevel_for_permission = jwtPayload.permissions[permission_key]
+        const permission_access_level = r.split(":")[1]
+        if (actual_accesslevel_for_permission.includes(permission_access_level)) {
+            return true;
+        } else {
+            throw new NoPermissionError()
+        }
+    });
     try {
         jwt.verify(provided_token, config.jwt_secret);
         return true