diff --git a/diskuy_back/lib/diskuy_web/auth/guardian.ex b/diskuy_back/lib/diskuy_web/auth/guardian.ex
index ebfed8b84d69ee7c9dd16e8000529230d9685c21..ee4888843df11f3de95117ad4e617194b0201f86 100644
--- a/diskuy_back/lib/diskuy_web/auth/guardian.ex
+++ b/diskuy_back/lib/diskuy_web/auth/guardian.ex
@@ -35,4 +35,13 @@ defmodule DiskuyWeb.Auth.Guardian do
     {:ok, user, token}
   end
 
+  def check_authorized(user, id_entity) do
+    case user.id == id_entity do
+      true ->
+        {:ok, :authorized}
+      false ->
+        {:error, :unauthorized}
+    end
+  end
+
 end
diff --git a/diskuy_back/lib/diskuy_web/controllers/post_controller.ex b/diskuy_back/lib/diskuy_web/controllers/post_controller.ex
index 7de76bd9bbbdff1299fa97cd10a00d4d75657d1f..c41f03b1b048c537629af1bd655477c229406518 100644
--- a/diskuy_back/lib/diskuy_web/controllers/post_controller.ex
+++ b/diskuy_back/lib/diskuy_web/controllers/post_controller.ex
@@ -5,6 +5,7 @@ defmodule DiskuyWeb.PostController do
   alias Diskuy.Forum.Post
   alias Diskuy.Likes
   alias Diskuy.Likes.PostLike
+  alias DiskuyWeb.Auth.Guardian
 
   action_fallback DiskuyWeb.FallbackController
 
@@ -29,17 +30,20 @@ defmodule DiskuyWeb.PostController do
   end
 
   def update(conn, %{"id" => id, "post" => post_params}) do
+    current_user = Guardian.Plug.current_resource(conn)
     post = Forum.get_post!(id)
-
-    with {:ok, %Post{} = post} <- Forum.update_post(post, post_params) do
+    with {:ok, :authorized} <- Guardian.check_authorized(current_user, post.user_id),
+         {:ok, %Post{} = post} <- Forum.update_post(post, post_params) do
       render(conn, "show.json", post: post)
     end
   end
 
   def delete(conn, %{"id" => id}) do
+    current_user = Guardian.Plug.current_resource(conn)
     post = Forum.get_post!(id)
 
-    with {:ok, %Post{}} <- Forum.delete_post(post) do
+    with {:ok, :authorized} <- Guardian.check_authorized(current_user, post.user_id),
+         {:ok, %Post{}} <- Forum.delete_post(post) do
       send_resp(conn, :no_content, "")
     end
   end
diff --git a/diskuy_back/lib/diskuy_web/controllers/thread_controller.ex b/diskuy_back/lib/diskuy_web/controllers/thread_controller.ex
index cda5d5d80e0ecd2f9c55396140c05618053ee6b3..ea0bbb2abe13e1f8bc662e96213acacd7d38e281 100644
--- a/diskuy_back/lib/diskuy_web/controllers/thread_controller.ex
+++ b/diskuy_back/lib/diskuy_web/controllers/thread_controller.ex
@@ -30,15 +30,19 @@ defmodule DiskuyWeb.ThreadController do
   end
 
   def update(conn, %{"id" => id, "thread" => thread_params}) do
+    current_user = Guardian.Plug.current_resource(conn)
     thread = Forum.get_thread!(id)
-    with {:ok, %Thread{} = thread} <- Forum.update_thread(thread, thread_params) do
+    with {:ok, :authorized} <- Guardian.check_authorized(current_user, thread.user_id),
+         {:ok, %Thread{} = thread} <- Forum.update_thread(thread, thread_params) do
       render(conn, "show.json", thread: thread)
     end
   end
 
   def delete(conn, %{"id" => id}) do
+    current_user = Guardian.Plug.current_resource(conn)
     thread = Forum.get_thread!(id)
-    with {:ok, %Thread{}} <- Forum.delete_thread(thread) do
+    with {:ok, :authorized} <- Guardian.check_authorized(current_user, thread.user_id),
+         {:ok, %Thread{}} <- Forum.delete_thread(thread) do
       send_resp(conn, :no_content, "")
     end
   end