diff --git a/backend/project/endpoints/projects/projects.py b/backend/project/endpoints/projects/projects.py
index 5f882c76..e19538ad 100644
--- a/backend/project/endpoints/projects/projects.py
+++ b/backend/project/endpoints/projects/projects.py
@@ -18,6 +18,7 @@
 from project.utils.query_agent import create_model_instance
 from project.utils.authentication import login_required_return_uid, authorize_teacher
 from project.endpoints.projects.endpoint_parser import parse_project_params
+from project.utils.models.course_utils import is_teacher_of_course
 from project.utils.models.project_utils import get_course_of_project
 
 API_URL = os.getenv('API_HOST')
@@ -80,8 +81,11 @@ def post(self, teacher_id=None):
         Post functionality for project
         using flask_restfull parse lib
         """
-
         project_json = parse_project_params()
+
+        if not is_teacher_of_course(teacher_id, project_json["course_id"]):
+            return {"message":"You are not the teacher of this course"}, 403
+
         filename = None
         if "assignment_file" in request.files:
             file = request.files["assignment_file"]