diff --git a/tests/Unit/Http/Middleware/Api/Admin/AuthenticateUserTest.php b/tests/Unit/Http/Middleware/Api/Admin/AuthenticateUserTest.php
new file mode 100644
index 000000000..fb243a78f
--- /dev/null
+++ b/tests/Unit/Http/Middleware/Api/Admin/AuthenticateUserTest.php
@@ -0,0 +1,53 @@
+<?php
+
+namespace Tests\Unit\Http\Middleware\Api\Admin;
+
+use Tests\Unit\Http\Middleware\MiddlewareTestCase;
+use Pterodactyl\Http\Middleware\Api\Admin\AuthenticateUser;
+
+class AuthenticateUserTest extends MiddlewareTestCase
+{
+    /**
+     * Test that no user defined results in an access denied exception.
+     *
+     * @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
+     */
+    public function testNoUserDefined()
+    {
+        $this->setRequestUserModel(null);
+
+        $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
+    }
+
+    /**
+     * Test that a non-admin user results an an exception.
+     *
+     * @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
+     */
+    public function testNonAdminUser()
+    {
+        $this->generateRequestUserModel(['root_admin' => false]);
+
+        $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
+    }
+
+    /**
+     * Test that an admin user continues though the middleware.
+     */
+    public function testAdminUser()
+    {
+        $this->generateRequestUserModel(['root_admin' => true]);
+
+        $this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
+    }
+
+    /**
+     * Return an instance of the middleware for testing.
+     *
+     * @return \Pterodactyl\Http\Middleware\Api\Admin\AuthenticateUser
+     */
+    private function getMiddleware(): AuthenticateUser
+    {
+        return new AuthenticateUser;
+    }
+}