diff --git a/core/http/session_manager.cpp b/core/http/session_manager.cpp
index a281527..bf56d7d 100644
--- a/core/http/session_manager.cpp
+++ b/core/http/session_manager.cpp
@@ -6,6 +6,8 @@
 
 #include "core/hash/sha256.h"
 
+#include "request.h"
+
 void SessionManager::add_session(HTTPSession *session) {
 	if (!session) {
 		printf("SessionManager::add_session: ERROR, session is null!\n");
@@ -94,7 +96,7 @@ void SessionManager::clear() {
 	_sessions_vec.clear();
 }
 
-std::string generate_session_id(const std::string &base) {
+std::string SessionManager::generate_session_id(const std::string &base) {
 	//todo make something simpler / better
 
 	SHA256 *h = SHA256::get();
@@ -111,6 +113,16 @@ std::string generate_session_id(const std::string &base) {
 	return sid;
 }
 
+void SessionManager::session_setup_middleware(Object *instance, Request *request) {
+	const std::string &sid = request->get_cookie("session");
+
+	if (sid == "") {
+		return;
+	}
+
+	request->session = SessionManager::get_singleton()->get_session(sid);
+}
+
 SessionManager *SessionManager::get_singleton() {
 	return _self;
 }
diff --git a/core/http/session_manager.h b/core/http/session_manager.h
index e473c19..92e813e 100644
--- a/core/http/session_manager.h
+++ b/core/http/session_manager.h
@@ -9,6 +9,7 @@
 #include <vector>
 
 class HTTPSession;
+class Request;
 
 class SessionManager : public Object {
 public:
@@ -22,6 +23,8 @@ public:
 
 	virtual std::string generate_session_id(const std::string &base = "");
 
+	static void session_setup_middleware(Object *instance, Request *request);
+
 	static SessionManager *get_singleton();
 
 	SessionManager();