diff --git a/cmd/main.go b/cmd/main.go
index 61e20c1..7595126 100644
--- a/cmd/main.go
+++ b/cmd/main.go
@@ -61,7 +61,7 @@ func main() {
 			middleware.Logger,
 			m.TextHTMLMiddleware,
 			m.CSPMiddleware,
-			authMiddleware.ValidateUser,
+			authMiddleware.AddUserToContext,
 		)
 
 		r.NotFound(handlers.NewNotFoundHandler().ServeHTTP)
diff --git a/internal/middleware/middleare_test.go b/internal/middleware/middleare_test.go
new file mode 100644
index 0000000..e0acde9
--- /dev/null
+++ b/internal/middleware/middleare_test.go
@@ -0,0 +1,60 @@
+package middleware
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestCSPMiddleware(t *testing.T) {
+
+	testCases := []struct {
+		name string
+	}{
+		{
+			name: "success",
+		},
+	}
+
+	for _, tc := range testCases {
+
+		t.Run(tc.name, func(t *testing.T) {
+
+			assert := assert.New(t)
+
+			next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+				ctx := r.Context()
+
+				nonces := GetNonces(ctx)
+				twNonce := GetTwNonce(ctx)
+				htmxNonce := GetHtmxNonce(ctx)
+				responseTargetsNonce := GetResponseTargetsNonce(ctx)
+
+				assert.Equal(nonces.Tw, twNonce)
+				assert.Len(twNonce, 32)
+
+				assert.Equal(nonces.Htmx, htmxNonce)
+				assert.Len(htmxNonce, 32)
+
+				assert.Equal(nonces.ResponseTargets, responseTargetsNonce)
+				assert.Len(responseTargetsNonce, 32)
+
+			})
+
+			middleware := CSPMiddleware(next)
+
+			recorder := httptest.NewRecorder()
+			request := httptest.NewRequest("GET", "/", nil)
+
+			middleware.ServeHTTP(recorder, request)
+
+			csp := recorder.Header().Get("Content-Security-Policy")
+
+			assert.NotEmpty(csp)
+
+		})
+	}
+
+}
diff --git a/internal/middleware/middleware.go b/internal/middleware/middleware.go
index e14b297..295325a 100644
--- a/internal/middleware/middleware.go
+++ b/internal/middleware/middleware.go
@@ -22,7 +22,6 @@ type Nonces struct {
 }
 
 func generateRandomString(length int) string {
-
 	bytes := make([]byte, length)
 	_, err := rand.Read(bytes)
 	if err != nil {
@@ -115,7 +114,7 @@ type UserContextKey string
 
 var UserKey UserContextKey = "user"
 
-func (m *AuthMiddleware) ValidateUser(next http.Handler) http.Handler {
+func (m *AuthMiddleware) AddUserToContext(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 
 		sessionCookie, err := r.Cookie(m.sessionCookieName)