diff --git a/src/auth/strategies/jwt.strategy.ts b/src/auth/strategies/jwt.strategy.ts
new file mode 100644
index 0000000..ee355db
--- /dev/null
+++ b/src/auth/strategies/jwt.strategy.ts
@@ -0,0 +1,19 @@
+import { PassportStrategy } from '@nestjs/passport';
+import { Injectable } from '@nestjs/common';
+import { ConfigService } from '@nestjs/config';
+import { ExtractJwt, Strategy } from 'passport-jwt';
+
+@Injectable()
+export class JwtStrategy extends PassportStrategy(Strategy) {
+  constructor(config: ConfigService) {
+    super({
+      jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
+      ignoreExpiration: false,
+      secretOrKey: config.get<string>('server.jwt-secret'),
+    });
+  }
+
+  async validate(payload: any) {
+    return { userId: payload.sub, vatsimId: payload.vatsimId };
+  }
+}