diff --git a/packages/origami/package.json b/packages/origami/package.json
index a898095..cbfd187 100644
--- a/packages/origami/package.json
+++ b/packages/origami/package.json
@@ -25,15 +25,15 @@
   "dependencies": {
     "@origami/bird": "0.0.3-alpha.7",
     "@origami/core": "0.0.3-alpha.7",
+    "@origami/plugin-auth": "0.0.0",
     "@origami/plugin-core-api": "0.0.3-alpha.7",
     "@origami/plugin-default-pages": "0.0.3-alpha.7",
     "@origami/plugin-setup": "0.0.3-alpha.7",
     "@origami/tslint-config": "0.0.3-alpha.3",
     "origami-admin-zen": "^0.0.10-alpha.8",
     "origami-core-server": "^0.5.4",
-    "origami-plugin-auth": "^1.0.2",
     "origami-plugin-favicon": "^0.0.1",
-    "origami-plugin-media": "^2.0.0-alpha.2",
+    "origami-plugin-media": "^2.0.0-alpha.3",
     "origami-plugin-user-profiles": "^1.0.1",
     "signal-exit": "^3.0.2"
   },
diff --git a/packages/plugin-auth/.npmignore b/packages/plugin-auth/.npmignore
new file mode 100644
index 0000000..e6ec0c5
--- /dev/null
+++ b/packages/plugin-auth/.npmignore
@@ -0,0 +1,3 @@
+src
+tsconfig.json
+tslint.json
diff --git a/packages/plugin-auth/README.md b/packages/plugin-auth/README.md
new file mode 100644
index 0000000..333a865
--- /dev/null
+++ b/packages/plugin-auth/README.md
@@ -0,0 +1,24 @@
+# Origami Default Pages plugin
+
+This plugin provides fallbacks for default pages such as 404, 500, /index, etc.
+It also provides some common styling static resources used across the site like
+`base.css`, `logo.svg`, `waves.svg`, etc.
+
+**This is a default plugin in Origami**
+
+## Installation
+`yarn add origami-plugin-default-pages`
+
+## Configuration
+In your `.origami` file, add this to your `plugins`:
+
+
+```JSON
+{
+    ...
+    "plugins": {
+        "default-pages": true
+    }
+    ...
+}
+```
diff --git a/packages/plugin-auth/package.json b/packages/plugin-auth/package.json
new file mode 100644
index 0000000..8132357
--- /dev/null
+++ b/packages/plugin-auth/package.json
@@ -0,0 +1,19 @@
+{
+  "name": "@origami/plugin-auth",
+  "version": "0.0.0",
+  "description": "Authentication plugin for the Origami platform",
+  "repository": "https://github.com/origami-cms/core/tree/master/packages/plugin-auth",
+  "homepage": "http://www.origami.so",
+  "author": "Tristan Matthias <tristan@origami.so>",
+  "license": "MIT",
+  "main": "./build/index.js",
+  "typings": "./build/index.d.ts",
+  "scripts": {
+    "clean": "rm -rf build",
+    "watch": "tsc -w",
+    "build": "yarn clean && tsc"
+  },
+  "dependencies": {
+    "@origami/core": "0.0.3-alpha.7"
+  }
+}
\ No newline at end of file
diff --git a/packages/plugin-auth/src/index.ts b/packages/plugin-auth/src/index.ts
new file mode 100644
index 0000000..b739b9f
--- /dev/null
+++ b/packages/plugin-auth/src/index.ts
@@ -0,0 +1,43 @@
+import { auth as authLib, Origami, Server } from '@origami/core';
+
+// tslint:disable-next-line variable-name
+const Auth: Origami.Server.RequestHandler = async (req, res, next) => {
+  try {
+    const head = req.headers.authorization;
+
+    const _auth = head as string;
+
+    if (!head) throw new Error('auth.errors.noHeader');
+    const jwtRegex: RegExp = /Bearer\s(.+)/;
+    const regexResult = jwtRegex.exec(_auth);
+    if (!regexResult) throw new Error('auth.errors.invalidHead');
+    const [, jwt] = regexResult;
+
+    let data;
+    try {
+      data = authLib.jwtVerify(jwt, res.app.get('secret'));
+    } catch (e) {
+      if (e.name === 'JsonWebTokenError') {
+        throw new Error('auth.errors.invalidJWT');
+      }
+      if (e.name === 'TokenExpiredError') {
+        throw new Error('auth.errors.expired');
+      }
+      throw e;
+    }
+    req.jwt = {
+      token: jwt,
+      data
+    };
+
+    next();
+  } catch (e) {
+    next(e);
+  }
+};
+
+// tslint:disable-next-line no-default-export export-name
+export default (server: Server) => {
+  server.namedMiddleware('auth', Auth);
+};
+export const auth = Auth;
diff --git a/packages/plugin-auth/tsconfig.json b/packages/plugin-auth/tsconfig.json
new file mode 100644
index 0000000..b5ecd1f
--- /dev/null
+++ b/packages/plugin-auth/tsconfig.json
@@ -0,0 +1,8 @@
+{
+  "extends": "../../tsconfig.json",
+  "compilerOptions": {
+    "outDir": "./build",
+    "rootDir": "./src"
+  },
+  "include": ["./src/**/*.ts"]
+}
diff --git a/packages/plugin-auth/tslint.json b/packages/plugin-auth/tslint.json
new file mode 100644
index 0000000..c9a9ede
--- /dev/null
+++ b/packages/plugin-auth/tslint.json
@@ -0,0 +1,4 @@
+{
+  "extends": "@origami/tslint-config",
+  "defaultSeverity": "error"
+}
diff --git a/yarn.lock b/yarn.lock
index b194899..7c5e02b 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -6330,10 +6330,11 @@ origami-plugin-favicon@^0.0.1:
     serve-favicon "^2.5.0"
     to-ico "^1.1.5"
 
-origami-plugin-media@^2.0.0-alpha.2:
-  version "2.0.0-alpha.2"
-  resolved "https://registry.yarnpkg.com/origami-plugin-media/-/origami-plugin-media-2.0.0-alpha.2.tgz#e6b93aa7ffda4a4c8f6d5ed29b45f4bd8d7dd99c"
+origami-plugin-media@^2.0.0-alpha.3:
+  version "2.0.0-alpha.3"
+  resolved "https://registry.yarnpkg.com/origami-plugin-media/-/origami-plugin-media-2.0.0-alpha.3.tgz#23c57974f350adc4969e187ee1cbe64216cec17c"
   dependencies:
+    "@origami/core" "^0.0.3-alpha.6"
     aws-sdk "^2.337.0"
     mkdir-recursive "^0.4.0"