diff --git a/src/routes/guilds/#guild_id/members.ts b/src/routes/guilds/#guild_id/members.ts
index 9c6efe32..45a82ee8 100644
--- a/src/routes/guilds/#guild_id/members.ts
+++ b/src/routes/guilds/#guild_id/members.ts
@@ -1,8 +1,16 @@
 import { Request, Response, Router } from "express";
-import { GuildModel, MemberModel, UserModel, toObject, GuildMemberAddEvent, getPermission, PermissionResolvable } from "@fosscord/server-util";
+import {
+	GuildModel,
+	MemberModel,
+	UserModel,
+	toObject,
+	GuildMemberAddEvent,
+	getPermission,
+	PermissionResolvable,
+} from "@fosscord/server-util";
 import { HTTPError } from "lambert-server";
 import { instanceOf, Length, check } from "../../../util/instanceOf";
-import { PublicMemberProjection, addMember, removeMember, addRole, removeRole, changeNickname } from "../../../util/Member";
+import { PublicMemberProjection, addMember, removeMember, addRole, removeRole, changeNickname, isMember } from "../../../util/Member";
 import { emitEvent } from "../../../util/Event";
 import { MemberNickChangeSchema } from "../../../schema/Member";
 import { getPublicUser } from "../../../util/User";
@@ -15,6 +23,7 @@ router.get("/", async (req: Request, res: Response) => {
 	const { guild_id } = req.params;
 	const guild = await GuildModel.findOne({ id: guild_id }).exec();
 	if (!guild) throw new HTTPError("Guild not found", 404);
+	await isMember(req.user_id, guild_id);
 
 	try {
 		instanceOf({ $limit: new Length(Number, 1, 1000), $after: String }, req.query, {
@@ -40,6 +49,7 @@ router.get("/", async (req: Request, res: Response) => {
 
 router.get("/:member_id", async (req: Request, res: Response) => {
 	const { guild_id, member_id } = req.params;
+	await isMember(req.user_id, guild_id);
 
 	const member = await MemberModel.findOne({ id: member_id, guild_id }).exec();
 	if (!member) throw new HTTPError("Member not found", 404);
@@ -54,7 +64,6 @@ router.put("/:member_id", async (req: Request, res: Response) => {
 	res.sendStatus(204)
 });
 
-
 router.delete("/:member_id", async (req: Request, res: Response) => {
 	const { guild_id, member_id } = req.params;
 
@@ -84,12 +93,12 @@ router.put("/:member_id/roles/:role_id", async (req: Request, res: Response) =>
 
 router.patch("/:member_id/nick", check(MemberNickChangeSchema), async (req: Request, res: Response) => {
 	var { guild_id, member_id } = req.params;
-	var permissionString:PermissionResolvable = "MANAGE_NICKNAMES";
-	if(member_id === "@me") {
+	var permissionString: PermissionResolvable = "MANAGE_NICKNAMES";
+	if (member_id === "@me") {
 		member_id = req.user_id;
 		permissionString = "CHANGE_NICKNAME";
 	}
- 
+
 	const perms = await getPermission(req.user_id, guild_id);
 	perms.hasThrow(permissionString);
 
@@ -97,5 +106,4 @@ router.patch("/:member_id/nick", check(MemberNickChangeSchema), async (req: Requ
 	res.status(204);
 });
 
-
 export default router;
diff --git a/src/util/Member.ts b/src/util/Member.ts
index 636cdc61..8900b206 100644
--- a/src/util/Member.ts
+++ b/src/util/Member.ts
@@ -28,6 +28,12 @@ export const PublicMemberProjection = {
 	premium_since: true,
 };
 
+export async function isMember(user_id: string, guild_id: string) {
+	const exists = await MemberModel.exists({ id: user_id, guild_id });
+	if (!exists) throw new HTTPError("You are not a member of this guild", 403);
+	return exists;
+}
+
 export async function addMember(user_id: string, guild_id: string, cache?: { guild?: Guild }) {
 	const user = await getPublicUser(user_id, { guilds: true });
 
@@ -95,7 +101,7 @@ export async function removeMember(user_id: string, guild_id: string) {
 	const guild = await GuildModel.findOne({ id: guild_id }, { owner_id: true }).exec();
 	if (!guild) throw new HTTPError("Guild not found", 404);
 	if (guild.owner_id === user_id) throw new Error("The owner cannot be removed of the guild");
-	if (!(await MemberModel.exists({ id: user.id, guild_id }))) throw new HTTPError("You are not member of this guild", 404);
+	if (!(await MemberModel.exists({ id: user.id, guild_id }))) throw new HTTPError("Is not member of this guild", 404);
 
 	// use promise all to execute all promises at the same time -> save time
 	return Promise.all([
@@ -130,24 +136,25 @@ export async function addRole(user_id: string, guild_id: string, role_id: string
 	const role = await RoleModel.findOne({ id: role_id, guild_id: guild_id }).exec();
 	if (!role) throw new HTTPError("role not found", 404);
 
-	var memberObj = await MemberModel.findOneAndUpdate({
+	var memberObj = await MemberModel.findOneAndUpdate(
+		{
 			id: user_id,
 			guild_id: guild_id,
-		}, { $push: { roles: role_id } }).exec();
+		},
+		{ $push: { roles: role_id } }
+	).exec();
+
+	if (!memberObj) throw new HTTPError("Member not found", 404);
 
-	if(!memberObj) throw new HTTPError("Member not found", 404);
-	
 	await emitEvent({
 		event: "GUILD_MEMBER_UPDATE",
 		data: {
 			guild_id: guild_id,
 			user: user,
-			roles: memberObj.roles
-		
+			roles: memberObj.roles,
 		},
 		guild_id: guild_id,
 	} as GuildMemberUpdateEvent);
-
 }
 
 export async function removeRole(user_id: string, guild_id: string, role_id: string) {
@@ -156,47 +163,47 @@ export async function removeRole(user_id: string, guild_id: string, role_id: str
 	const role = await RoleModel.findOne({ id: role_id, guild_id: guild_id }).exec();
 	if (!role) throw new HTTPError("role not found", 404);
 
-	var memberObj = await MemberModel.findOneAndUpdate({
+	var memberObj = await MemberModel.findOneAndUpdate(
+		{
 			id: user_id,
 			guild_id: guild_id,
-		}, { $pull: { roles: role_id } }).exec();
+		},
+		{ $pull: { roles: role_id } }
+	).exec();
+
+	if (!memberObj) throw new HTTPError("Member not found", 404);
 
-	if(!memberObj) throw new HTTPError("Member not found", 404);
-	
 	await emitEvent({
 		event: "GUILD_MEMBER_UPDATE",
 		data: {
 			guild_id: guild_id,
 			user: user,
-			roles: memberObj.roles
-		
+			roles: memberObj.roles,
 		},
 		guild_id: guild_id,
 	} as GuildMemberUpdateEvent);
-
 }
 
 export async function changeNickname(user_id: string, guild_id: string, nickname: string) {
 	const user = await getPublicUser(user_id);
 
-	var memberObj = await MemberModel.findOneAndUpdate({
+	var memberObj = await MemberModel.findOneAndUpdate(
+		{
 			id: user_id,
 			guild_id: guild_id,
-		}, { nick: nickname } ).exec();
+		},
+		{ nick: nickname }
+	).exec();
+
+	if (!memberObj) throw new HTTPError("Member not found", 404);
 
-	if(!memberObj) throw new HTTPError("Member not found", 404);
-	
 	await emitEvent({
 		event: "GUILD_MEMBER_UPDATE",
 		data: {
 			guild_id: guild_id,
 			user: user,
-			nick: nickname
-		
+			nick: nickname,
 		},
 		guild_id: guild_id,
 	} as GuildMemberUpdateEvent);
-
 }
-
-