diff --git a/auth/middleware.go b/auth/middleware.go
index 0b19b0b..86f15a7 100644
--- a/auth/middleware.go
+++ b/auth/middleware.go
@@ -7,12 +7,22 @@ import (
 
 const UserCtxKey = "user"
 
-// Middleware adds authentication handling
-func Middleware(userLookup func(int) any) sushi.Middleware {
+// Auth holds the authentication middleware and user lookup function
+type Auth struct {
+	userLookup func(int) any
+}
+
+// New creates a new Auth instance
+func New(userLookup func(int) any) *Auth {
+	return &Auth{userLookup: userLookup}
+}
+
+// Middleware returns the authentication middleware function
+func (a *Auth) Middleware() sushi.Middleware {
 	return func(ctx sushi.Ctx, next func()) {
 		sess := sushi.GetCurrentSession(ctx)
-		if sess != nil && sess.UserID > 0 && userLookup != nil {
-			user := userLookup(sess.UserID)
+		if sess != nil && sess.UserID > 0 && a.userLookup != nil {
+			user := a.userLookup(sess.UserID)
 			if user != nil {
 				ctx.SetUserValue(UserCtxKey, user)
 			} else {
@@ -24,6 +34,15 @@ func Middleware(userLookup func(int) any) sushi.Middleware {
 	}
 }
 
+// Update refreshes the current user data in the context
+func (a *Auth) Update(ctx sushi.Ctx) {
+	sess := sushi.GetCurrentSession(ctx)
+	if sess != nil && sess.UserID > 0 && a.userLookup != nil {
+		user := a.userLookup(sess.UserID)
+		ctx.SetUserValue(UserCtxKey, user)
+	}
+}
+
 // RequireAuth middleware that redirects unauthenticated users
 func RequireAuth(redirectPath ...string) sushi.Middleware {
 	redirect := "/login"