diff --git a/src/components/AuthUser/AuthUser.tsx b/src/components/AuthUser/AuthUser.tsx
index 144b5460cfea22a5f50a0b2d7205a6618a67d0bf..317a5f7677a7bfd7c330f588749f011fb1690bdd 100644
--- a/src/components/AuthUser/AuthUser.tsx
+++ b/src/components/AuthUser/AuthUser.tsx
@@ -16,6 +16,8 @@ export const AuthUser: FC = () => {
       .get('api/web/csrf')
       .then((response) => {
         axios.defaults.headers.common['X-CSRFTOKEN'] = response.data.token;
+        sessionStorage.setItem('X-CSRFTOKEN', response.data.token);
+        sessionStorage.setItem('ROLE', 'admin');
       })
       .catch((error) => error);
   }, []);
diff --git a/src/components/api/PrivateRoute/PrivateRoute.tsx b/src/components/api/PrivateRoute/PrivateRoute.tsx
index 7c3256102d3fb2b7c2f131e4219276a3662fa497..1f74eae232bf1453cd94f81df206d3087bd18084 100644
--- a/src/components/api/PrivateRoute/PrivateRoute.tsx
+++ b/src/components/api/PrivateRoute/PrivateRoute.tsx
@@ -18,8 +18,9 @@ export const PrivateRoute = ({
   path,
   requiredRoles,
 }: Props): JSX.Element => {
-  const isAuthed = true;
-  const userHasRequiredRole = requiredRoles.includes('admin');
+  const isAuthed = !!sessionStorage.getItem('X-CSRFTOKEN');
+  const currentRole = String(sessionStorage.getItem('ROLE'));
+  const userHasRequiredRole = requiredRoles.includes(currentRole);
   const message = userHasRequiredRole
     ? 'Please log in to view this page'
     : 'Your role is not allowed';