diff --git a/.gitignore b/.gitignore
index e1d812b..87b4c75 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,3 +2,4 @@ __pycache__/
 *.swp
 *.swo
 sync.sh
+config.py
diff --git a/aberrant.py b/aberrant.py
index 76ee8f4..e9aed2e 100644
--- a/aberrant.py
+++ b/aberrant.py
@@ -12,8 +12,9 @@ from aiohttp_jinja2 import render_template
 import config
 import events
 import rtorrent
+import buckler_aiohttp
 
-app = web.Application()
+app = web.Application(middlewares=[buckler_aiohttp.buckler_session])
 app.on_shutdown.append(rtorrent.stop_watch)
 aiohttp_jinja2.setup(app, loader=jinja2.FileSystemLoader('templates'))
 rtorrent.init()
diff --git a/buckler_aiohttp.py b/buckler_aiohttp.py
new file mode 100644
index 0000000..d5b6dbb
--- /dev/null
+++ b/buckler_aiohttp.py
@@ -0,0 +1,61 @@
+#!/usr/bin/env python3
+"""
+Session interface middlewares to integrate the aiohttp app with Buckler.
+"""
+import json
+from datetime import datetime
+
+import aiohttp
+from aiohttp import web
+
+import config
+
+@web.middleware
+async def buckler_session(request, handler):
+	"""
+	Verifies the user with the configured Buckler app and retrieves any
+	session data they may have. Redirects them to the login page otherwise.
+	"""
+	user_id = request.cookies.get('userid')
+	user_sid = request.cookies.get('session')
+
+	url = config.buckler['url'] + '/get_session'
+	params = {
+		'app_id': config.buckler['app_id'],
+		'app_key': config.buckler['app_key'],
+		'userid': user_id,
+		'session': user_sid
+	}
+	async with aiohttp.ClientSession() as session:
+		async with session.get(url, params=params) as resp:
+			data = await resp.json()
+			if data.get('error'):
+				raise web.HTTPFound(location=config.buckler['login_url'])
+			request['session'] = data['session_data']
+			request['meta'] = data['meta']
+
+		resp = await handler(request)
+
+		if request['session'] != data['session_data']: # session data modified
+			url = config.buckler['url'] + '/set_session'
+			data = json.dumps(request['session'])
+			session.post(url, params=params, data=data) # TODO: error handle?
+
+		last_used = datetime.fromisoformat(request['meta']['last_used'])
+		now = datetime.now(last_used.tzinfo)
+		delta = now - last_used
+		if delta.seconds > 600:
+			resp.set_cookie(
+				'userid',
+				user_id,
+				mas_age=30*24*60*60,
+				secure=True,
+				http_only=True)
+			resp.set_cookie(
+				'session',
+				user_sid,
+				mas_age=30*24*60*60,
+				secure=True,
+				http_only=True)
+
+	return resp
diff --git a/config.py b/config.py
deleted file mode 100644
index ca1e2cb..0000000
--- a/config.py
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/usr/bin/env python3
-"""
-Configuation settings for Aberrant.
-"""
-prefix = '/aberrant'
diff --git a/config.py.template b/config.py.template
new file mode 100644
index 0000000..e6e45bd
--- /dev/null
+++ b/config.py.template
@@ -0,0 +1,11 @@
+#!/usr/bin/env python3
+"""
+Configuation settings for Aberrant.
+"""
+prefix = '/aberrant'
+buckler = {
+	'url': "http://192.168.1.100:5400/buckler",
+	'app_id': 1,
+	'app_key': """password""",
+	'login_url': "/buckler/login",
+}