diff --git a/frontend/middleware/admin-only.ts b/frontend/middleware/admin-only.ts
index 66a4e00f3566..b55f603d5151 100644
--- a/frontend/middleware/admin-only.ts
+++ b/frontend/middleware/admin-only.ts
@@ -1,8 +1,8 @@
-interface AuthRedirectParams {
+interface AdminRedirectParams {
     $auth: any
     redirect: (path: string) => void
 }
-export default function ({ $auth, redirect }: AuthRedirectParams) {
+export default function ({ $auth, redirect }: AdminRedirectParams) {
     // If the user is not an admin redirect to the home page
     if (!$auth.user.admin) {
         return redirect("/")
diff --git a/frontend/middleware/advanced-only.ts b/frontend/middleware/advanced-only.ts
new file mode 100644
index 000000000000..378e3044b3ea
--- /dev/null
+++ b/frontend/middleware/advanced-only.ts
@@ -0,0 +1,11 @@
+interface AdvancedOnlyRedirectParams {
+    $auth: any
+    redirect: (path: string) => void
+}
+export default function ({ $auth, redirect }: AdvancedOnlyRedirectParams) {
+    // If the user is not allowed to access advanced features redirect to the home page
+    if (!$auth.user.advanced) {
+        console.warn("User is not allowed to access advanced features");
+        return redirect("/")
+    }
+}
diff --git a/frontend/middleware/can-manage-only.ts b/frontend/middleware/can-manage-only.ts
new file mode 100644
index 000000000000..9c09819ca3d6
--- /dev/null
+++ b/frontend/middleware/can-manage-only.ts
@@ -0,0 +1,12 @@
+interface CanManageRedirectParams {
+  $auth: any
+  redirect: (path: string) => void
+}
+export default function ({ $auth, redirect }: CanManageRedirectParams) {
+  // If the user is not allowed to manage group settings redirect to the home page
+  console.log($auth.user)
+  if (!$auth.user.canManage) {
+    console.warn("User is not allowed to manage group settings");
+    return redirect("/")
+  }
+}
diff --git a/frontend/middleware/can-organize-only.ts b/frontend/middleware/can-organize-only.ts
new file mode 100644
index 000000000000..93d6c5c5aabf
--- /dev/null
+++ b/frontend/middleware/can-organize-only.ts
@@ -0,0 +1,11 @@
+interface CanOrganizeRedirectParams {
+    $auth: any
+    redirect: (path: string) => void
+}
+export default function ({ $auth, redirect }: CanOrganizeRedirectParams) {
+    // If the user is not allowed to organize redirect to the home page
+    if (!$auth.user.canOrganize) {
+        console.warn("User is not allowed to organize data");
+        return redirect("/")
+    }
+}
diff --git a/frontend/middleware/group-only.ts b/frontend/middleware/group-only.ts
new file mode 100644
index 000000000000..84f28f12725d
--- /dev/null
+++ b/frontend/middleware/group-only.ts
@@ -0,0 +1,12 @@
+interface GroupOnlyRedirectParams {
+  $auth: any
+  route: any
+  redirect: (path: string) => void
+}
+
+export default function ({ $auth, route, redirect }: GroupOnlyRedirectParams) {
+  // this can only be used for routes that have a groupSlug parameter (e.g. /g/:groupSlug/...)
+  if (route.params.groupSlug !== $auth.user.groupSlug) {
+    redirect("/")
+  }
+}
diff --git a/frontend/pages/g/_groupSlug/cookbooks/index.vue b/frontend/pages/g/_groupSlug/cookbooks/index.vue
index 233c4ad887bd..064aa41ff5ca 100644
--- a/frontend/pages/g/_groupSlug/cookbooks/index.vue
+++ b/frontend/pages/g/_groupSlug/cookbooks/index.vue
@@ -98,31 +98,23 @@
 </template>
 
 <script lang="ts">
-import { defineComponent, reactive, ref, useRouter } from "@nuxtjs/composition-api";
+
+import { defineComponent, reactive, ref } from "@nuxtjs/composition-api";
 import draggable from "vuedraggable";
 import { useCookbooks } from "@/composables/use-group-cookbooks";
-import { useLoggedInState } from "~/composables/use-logged-in-state";
 import CookbookEditor from "~/components/Domain/Cookbook/CookbookEditor.vue";
 import { ReadCookBook } from "~/lib/api/types/cookbook";
 
 export default defineComponent({
   components: { CookbookEditor, draggable },
+  middleware: ["auth", "group-only"],
   setup() {
-    const { isOwnGroup, loggedIn } = useLoggedInState();
-    const router = useRouter();
-
-    if (!(loggedIn.value && isOwnGroup.value)) {
-      router.back();
-    }
-
     const dialogStates = reactive({
       create: false,
       delete: false,
     });
-
     const { cookbooks, actions } = useCookbooks();
-
-
+    
     // create
     const createTarget = ref<ReadCookBook | null>(null);
     async function createCookbook() {
@@ -146,7 +138,6 @@ export default defineComponent({
       dialogStates.delete = false;
       deleteTarget.value = null;
     }
-
     return {
       cookbooks,
       actions,
diff --git a/frontend/pages/g/_groupSlug/r/_slug/ingredient-parser.vue b/frontend/pages/g/_groupSlug/r/_slug/ingredient-parser.vue
index 458cb74be5dc..cafc7b6ff882 100644
--- a/frontend/pages/g/_groupSlug/r/_slug/ingredient-parser.vue
+++ b/frontend/pages/g/_groupSlug/r/_slug/ingredient-parser.vue
@@ -133,6 +133,7 @@ export default defineComponent({
     RecipeIngredientEditor,
     draggable
   },
+  middleware: ["auth", "group-only"],
   setup() {
     const { $auth } = useContext();
     const panels = ref<number[]>([]);
diff --git a/frontend/pages/g/_groupSlug/r/create.vue b/frontend/pages/g/_groupSlug/r/create.vue
index 064500f5fa68..2fd3f4bdfc48 100644
--- a/frontend/pages/g/_groupSlug/r/create.vue
+++ b/frontend/pages/g/_groupSlug/r/create.vue
@@ -33,6 +33,7 @@ import AdvancedOnly from "~/components/global/AdvancedOnly.vue";
 
 export default defineComponent({
   components: { AdvancedOnly },
+  middleware: ["auth", "group-only"],
   setup() {
     const { $auth, $globals, i18n } = useContext();
 
diff --git a/frontend/pages/g/_groupSlug/recipes/categories/index.vue b/frontend/pages/g/_groupSlug/recipes/categories/index.vue
index 0c986c374041..1cc94cf8681b 100644
--- a/frontend/pages/g/_groupSlug/recipes/categories/index.vue
+++ b/frontend/pages/g/_groupSlug/recipes/categories/index.vue
@@ -22,6 +22,7 @@ export default defineComponent({
   components: {
     RecipeOrganizerPage,
   },
+  middleware: ["auth", "group-only"],
   setup() {
     const { items, actions } = useCategoryStore();
 
diff --git a/frontend/pages/g/_groupSlug/recipes/tags/index.vue b/frontend/pages/g/_groupSlug/recipes/tags/index.vue
index f8d1f21857fd..861fead9face 100644
--- a/frontend/pages/g/_groupSlug/recipes/tags/index.vue
+++ b/frontend/pages/g/_groupSlug/recipes/tags/index.vue
@@ -22,6 +22,7 @@ export default defineComponent({
   components: {
     RecipeOrganizerPage,
   },
+  middleware: ["auth", "group-only"],
   setup() {
     const { items, actions } = useTagStore();
 
diff --git a/frontend/pages/g/_groupSlug/recipes/timeline.vue b/frontend/pages/g/_groupSlug/recipes/timeline.vue
index 913baaafafd8..114cf9b34480 100644
--- a/frontend/pages/g/_groupSlug/recipes/timeline.vue
+++ b/frontend/pages/g/_groupSlug/recipes/timeline.vue
@@ -17,6 +17,7 @@ import RecipeTimeline from "~/components/Domain/Recipe/RecipeTimeline.vue";
 
 export default defineComponent({
   components: { RecipeTimeline },
+  middleware: ["auth", "group-only"],
   setup() {
     const api = useUserApi();
     const ready = ref<boolean>(false);
diff --git a/frontend/pages/g/_groupSlug/recipes/tools/index.vue b/frontend/pages/g/_groupSlug/recipes/tools/index.vue
index 9f086448d4fe..ff2eaa8b205c 100644
--- a/frontend/pages/g/_groupSlug/recipes/tools/index.vue
+++ b/frontend/pages/g/_groupSlug/recipes/tools/index.vue
@@ -22,6 +22,7 @@ export default defineComponent({
   components: {
     RecipeOrganizerPage,
   },
+  middleware: ["auth", "group-only"],
   setup() {
     const toolStore = useToolStore();
     const dialog = ref(false);
diff --git a/frontend/pages/group/data.vue b/frontend/pages/group/data.vue
index abf7041103f0..f48b59a9c305 100644
--- a/frontend/pages/group/data.vue
+++ b/frontend/pages/group/data.vue
@@ -30,6 +30,7 @@
 import { computed, defineComponent, useContext, useRoute } from "@nuxtjs/composition-api";
 
 export default defineComponent({
+  middleware: ["auth", "can-organize-only"],
   props: {
     value: {
       type: Boolean,
diff --git a/frontend/pages/group/data/foods.vue b/frontend/pages/group/data/foods.vue
index 480de092e96e..f2c4c5053308 100644
--- a/frontend/pages/group/data/foods.vue
+++ b/frontend/pages/group/data/foods.vue
@@ -227,7 +227,6 @@ import { useFoodStore, useLabelStore } from "~/composables/store";
 import { VForm } from "~/types/vuetify";
 
 export default defineComponent({
-
   components: { MultiPurposeLabel, RecipeDataAliasManagerDialog },
   setup() {
     const userApi = useUserApi();
diff --git a/frontend/pages/group/index.vue b/frontend/pages/group/index.vue
index 9b4e24678da3..b9893b25faee 100644
--- a/frontend/pages/group/index.vue
+++ b/frontend/pages/group/index.vue
@@ -65,6 +65,7 @@ import { useGroupSelf } from "~/composables/use-groups";
 import { ReadGroupPreferences } from "~/lib/api/types/group";
 
 export default defineComponent({
+  middleware: ["auth", "can-manage-only"],
   setup() {
     const { group, actions: groupActions } = useGroupSelf();
 
diff --git a/frontend/pages/group/mealplan/planner.vue b/frontend/pages/group/mealplan/planner.vue
index 1ae451f9a251..3ddc56ba967b 100644
--- a/frontend/pages/group/mealplan/planner.vue
+++ b/frontend/pages/group/mealplan/planner.vue
@@ -46,6 +46,7 @@ import { isSameDay, addDays, parseISO } from "date-fns";
 import { useMealplans } from "~/composables/use-group-mealplan";
 
 export default defineComponent({
+  middleware: ["auth"],
   setup() {
     const route = useRoute();
     const router = useRouter();
diff --git a/frontend/pages/group/mealplan/settings.vue b/frontend/pages/group/mealplan/settings.vue
index 580832196370..122719306c52 100644
--- a/frontend/pages/group/mealplan/settings.vue
+++ b/frontend/pages/group/mealplan/settings.vue
@@ -98,6 +98,7 @@ export default defineComponent({
     GroupMealPlanRuleForm,
     RecipeChips,
   },
+  middleware: ["auth"],
   props: {
     value: {
       type: Boolean,
diff --git a/frontend/pages/group/members.vue b/frontend/pages/group/members.vue
index 539a67d4e1d9..ec3a3c844543 100644
--- a/frontend/pages/group/members.vue
+++ b/frontend/pages/group/members.vue
@@ -78,6 +78,7 @@ export default defineComponent({
   components: {
     UserAvatar,
   },
+  middleware: ["auth"],
   setup() {
     const api = useUserApi();
 
diff --git a/frontend/pages/group/migrations.vue b/frontend/pages/group/migrations.vue
index 06466c588a58..af57585f4755 100644
--- a/frontend/pages/group/migrations.vue
+++ b/frontend/pages/group/migrations.vue
@@ -85,6 +85,7 @@ const MIGRATIONS = {
 };
 
 export default defineComponent({
+  middleware: ["auth", "advanced-only"],
   setup() {
     const { $globals, i18n } = useContext();
 
diff --git a/frontend/pages/group/notifiers.vue b/frontend/pages/group/notifiers.vue
index 732deedb64a6..12e5cf252c3d 100644
--- a/frontend/pages/group/notifiers.vue
+++ b/frontend/pages/group/notifiers.vue
@@ -124,6 +124,7 @@ interface OptionSection {
 }
 
 export default defineComponent({
+  middleware: ["auth", "advanced-only"],
   setup() {
     const api = useUserApi();
 
diff --git a/frontend/pages/group/reports/_id.vue b/frontend/pages/group/reports/_id.vue
index fb0646f93048..2fcd33b565d8 100644
--- a/frontend/pages/group/reports/_id.vue
+++ b/frontend/pages/group/reports/_id.vue
@@ -34,6 +34,7 @@ import { useUserApi } from "~/composables/api";
 import { ReportOut } from "~/lib/api/types/reports";
 
 export default defineComponent({
+  middleware: "auth",
   setup() {
     const route = useRoute();
     const id = route.value.params.id;
diff --git a/frontend/pages/group/webhooks.vue b/frontend/pages/group/webhooks.vue
index 134541fc07c5..e5a59ae805dd 100644
--- a/frontend/pages/group/webhooks.vue
+++ b/frontend/pages/group/webhooks.vue
@@ -50,6 +50,7 @@ import GroupWebhookEditor from "~/components/Domain/Group/GroupWebhookEditor.vue
 
 export default defineComponent({
   components: { GroupWebhookEditor },
+  middleware: ["auth", "advanced-only"],
   setup() {
     const { actions, webhooks } = useGroupWebhooks();
 
diff --git a/frontend/pages/shopping-lists/_id.vue b/frontend/pages/shopping-lists/_id.vue
index 8ea06124484f..a8150f19bd6b 100644
--- a/frontend/pages/shopping-lists/_id.vue
+++ b/frontend/pages/shopping-lists/_id.vue
@@ -235,6 +235,7 @@ export default defineComponent({
     RecipeList,
     ShoppingListItemEditor,
   },
+  middleware: "auth",
   setup() {
     const { $auth, i18n } = useContext();
     const preferences = useShoppingListPreferences();
diff --git a/frontend/pages/shopping-lists/index.vue b/frontend/pages/shopping-lists/index.vue
index fecbbe4e64a9..9a504f7be13d 100644
--- a/frontend/pages/shopping-lists/index.vue
+++ b/frontend/pages/shopping-lists/index.vue
@@ -44,6 +44,7 @@ import { useUserApi } from "~/composables/api";
 import { useAsyncKey } from "~/composables/use-utils";
 
 export default defineComponent({
+  middleware: "auth",
   setup() {
     const { $auth } = useContext();
     const userApi = useUserApi();
diff --git a/frontend/pages/user/_id/favorites.vue b/frontend/pages/user/_id/favorites.vue
index ec4e5c8fd984..603428d428e7 100644
--- a/frontend/pages/user/_id/favorites.vue
+++ b/frontend/pages/user/_id/favorites.vue
@@ -14,6 +14,7 @@ import { useAsyncKey } from "~/composables/use-utils";
 
 export default defineComponent({
   components: { RecipeCardSection },
+  middleware: "auth",
   setup() {
     const api = useUserApi();
     const route = useRoute();
diff --git a/frontend/pages/user/profile/api-tokens.vue b/frontend/pages/user/profile/api-tokens.vue
index 8e41c6216986..8b6d21b361b9 100644
--- a/frontend/pages/user/profile/api-tokens.vue
+++ b/frontend/pages/user/profile/api-tokens.vue
@@ -69,6 +69,7 @@ import { useUserApi } from "~/composables/api";
 import { VForm } from "~/types/vuetify";
 
 export default defineComponent({
+  middleware: ["auth", "advanced-only"],
   setup() {
     const nuxtContext = useContext();
 
diff --git a/frontend/pages/user/profile/edit.vue b/frontend/pages/user/profile/edit.vue
index 3eadc87ed1c9..2681e9c5df68 100644
--- a/frontend/pages/user/profile/edit.vue
+++ b/frontend/pages/user/profile/edit.vue
@@ -135,6 +135,7 @@ export default defineComponent({
     UserAvatar,
     UserPasswordStrength,
   },
+  middleware: "auth",
   setup() {
     const { $auth } = useContext();
     const user = computed(() => $auth.user as unknown as UserOut);
diff --git a/frontend/pages/user/profile/index.vue b/frontend/pages/user/profile/index.vue
index ddb011550d1a..24a4e0f38a2d 100644
--- a/frontend/pages/user/profile/index.vue
+++ b/frontend/pages/user/profile/index.vue
@@ -113,7 +113,7 @@
         <p>{{ $t('profile.group-description') }}</p>
       </div>
       <v-row tag="section">
-        <v-col cols="12" sm="12" md="6">
+        <v-col v-if="$auth.user.canManage" cols="12" sm="12" md="6">
           <UserProfileLinkCard
             :link="{ text: $tc('profile.group-settings'), to: `/group` }"
             :image="require('~/static/svgs/manage-group-settings.svg')"
@@ -162,17 +162,16 @@
             </UserProfileLinkCard>
           </v-col>
         </AdvancedOnly>
-        <AdvancedOnly>
-          <v-col cols="12" sm="12" md="6">
-            <UserProfileLinkCard
-              :link="{ text: $tc('profile.manage-data'), to: `/group/data/foods` }"
-              :image="require('~/static/svgs/manage-recipes.svg')"
-            >
-              <template #title> {{ $t('profile.manage-data') }} </template>
-              {{ $t('profile.manage-data-description') }}
-            </UserProfileLinkCard>
-          </v-col>
-        </AdvancedOnly>
+        <!-- $auth.user.canOrganize should not be null because of the auth middleware -->
+        <v-col v-if="$auth.user.canOrganize" cols="12" sm="12" md="6">
+          <UserProfileLinkCard
+            :link="{ text: $tc('profile.manage-data'), to: `/group/data/foods` }"
+            :image="require('~/static/svgs/manage-recipes.svg')"
+          >
+            <template #title> {{ $t('profile.manage-data') }} </template>
+            {{ $t('profile.manage-data-description') }}
+          </UserProfileLinkCard>
+        </v-col>
         <AdvancedOnly>
           <v-col cols="12" sm="12" md="6">
             <UserProfileLinkCard
@@ -208,6 +207,7 @@ export default defineComponent({
     UserAvatar,
     StatsCards,
   },
+  middleware: "auth",
   scrollToTop: true,
   setup() {
     const { $auth, i18n } = useContext();