diff --git a/src/app/Http/InvalidPasswordMiddleware.php b/src/app/Http/InvalidPasswordMiddleware.php
new file mode 100644
index 0000000..f94355e
--- /dev/null
+++ b/src/app/Http/InvalidPasswordMiddleware.php
@@ -0,0 +1,25 @@
+<?php
+
+namespace Pablo\Ae3auth\app\Http;
+
+use Closure;
+use Illuminate\Http\Exceptions\HttpResponseException;
+use Illuminate\Http\Request;
+use Symfony\Component\HttpFoundation\Response;
+
+class InvalidPasswordMiddleware
+{
+    public function handle(Request $request, Closure $next)
+    {
+        if (auth()->check()) {
+            if (auth()->user()->passwordExpired()) {
+                throw new HttpResponseException(
+                    response()->json([
+                        'message' => __('auth.password_expired'),
+                    ], Response::HTTP_FORBIDDEN)
+                );
+            }
+        }
+        return $next($request);
+    }
+}
diff --git a/src/app/Traits/HasPasswordValidation.php b/src/app/Traits/HasPasswordValidation.php
new file mode 100644
index 0000000..1bc8593
--- /dev/null
+++ b/src/app/Traits/HasPasswordValidation.php
@@ -0,0 +1,14 @@
+<?php
+
+namespace Pablo\Ae3auth\app\Traits;
+
+use Carbon\Carbon;
+
+trait HasPasswordValidation
+{
+    public function passwordExpired()
+    {
+        $passwordExpiresAtColumn = config('ae3auth-config.user.expires_password_column_name');
+        return Carbon::now()->greaterThan($this->$passwordExpiresAtColumn);
+    }
+}
\ No newline at end of file