diff --git a/src/modules/user/handlers/connections/addSchoolCompanyDetail.ts b/src/modules/user/handlers/connections/addSchoolCompanyDetail.ts
index 8575bf8..91f489a 100644
--- a/src/modules/user/handlers/connections/addSchoolCompanyDetail.ts
+++ b/src/modules/user/handlers/connections/addSchoolCompanyDetail.ts
@@ -4,6 +4,7 @@ import {
   Context,
 } from 'aws-lambda';
 import { prismaClient } from '../../../../common/database/prisma.lambda.service';
+import { verifyUserToken } from '../../../../common/middlewares/jwt/authForUser';
 import { safeHandler } from '../../../../common/utils/handlers/safeHandler';
 import ApiError from '../../../../common/utils/helper/ApiError';
 import { AddSchoolCompanyDetailDTO } from '../../dto/addSchoolCompanyDetail.dto';
@@ -16,6 +17,24 @@ export const handler = safeHandler(
     event: APIGatewayProxyEvent,
     context?: Context,
   ): Promise<APIGatewayProxyResult> => {
+    // Extract and verify token
+    const token =
+      event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+    if (!token) {
+      throw new ApiError(
+        400,
+        'This is a protected route. Please provide a valid token.',
+      );
+    }
+
+    // Verify token and get user info
+    const userInfo = await verifyUserToken(token);
+    const userId = Number(userInfo.id);
+
+    if (!userId || isNaN(userId)) {
+      throw new ApiError(400, 'Invalid user ID');
+    }
+
     // Extract body parameters
     let body;
     try {
diff --git a/src/modules/user/handlers/connections/getSchoolCompanyName.ts b/src/modules/user/handlers/connections/getSchoolCompanyName.ts
index aeeefa4..a7f0996 100644
--- a/src/modules/user/handlers/connections/getSchoolCompanyName.ts
+++ b/src/modules/user/handlers/connections/getSchoolCompanyName.ts
@@ -4,6 +4,7 @@ import {
   Context,
 } from 'aws-lambda';
 import { prismaClient } from '../../../../common/database/prisma.lambda.service';
+import { verifyUserToken } from '../../../../common/middlewares/jwt/authForUser';
 import { safeHandler } from '../../../../common/utils/handlers/safeHandler';
 import ApiError from '../../../../common/utils/helper/ApiError';
 import { UserService } from '../../services/user.service';
@@ -15,6 +16,24 @@ export const handler = safeHandler(
     event: APIGatewayProxyEvent,
     context?: Context,
   ): Promise<APIGatewayProxyResult> => {
+    // Extract and verify token
+    const token =
+      event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+    if (!token) {
+      throw new ApiError(
+        400,
+        'This is a protected route. Please provide a valid token.',
+      );
+    }
+
+    // Verify token and get user info
+    const userInfo = await verifyUserToken(token);
+    const userId = Number(userInfo.id);
+
+    if (!userId || isNaN(userId)) {
+      throw new ApiError(400, 'Invalid user ID');
+    }
+
     // Extract query parameters
     const searchQuery = event.queryStringParameters?.searchQuery?.trim();
     const isSchool = event.queryStringParameters?.isSchool?.toLowerCase();
diff --git a/src/modules/user/handlers/connections/searchCities.ts b/src/modules/user/handlers/connections/searchCities.ts
index a7c3d64..1b1ba7d 100644
--- a/src/modules/user/handlers/connections/searchCities.ts
+++ b/src/modules/user/handlers/connections/searchCities.ts
@@ -1,9 +1,10 @@
 import {
-    APIGatewayProxyEvent,
-    APIGatewayProxyResult,
-    Context,
+  APIGatewayProxyEvent,
+  APIGatewayProxyResult,
+  Context,
 } from 'aws-lambda';
 import { prismaClient } from '../../../../common/database/prisma.lambda.service';
+import { verifyUserToken } from '../../../../common/middlewares/jwt/authForUser';
 import { safeHandler } from '../../../../common/utils/handlers/safeHandler';
 import ApiError from '../../../../common/utils/helper/ApiError';
 import { UserService } from '../../services/user.service';
@@ -15,6 +16,24 @@ export const handler = safeHandler(
     event: APIGatewayProxyEvent,
     context?: Context,
   ): Promise<APIGatewayProxyResult> => {
+    // Extract and verify token
+    const token =
+      event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+    if (!token) {
+      throw new ApiError(
+        400,
+        'This is a protected route. Please provide a valid token.',
+      );
+    }
+
+    // Verify token and get user info
+    const userInfo = await verifyUserToken(token);
+    const userId = Number(userInfo.id);
+
+    if (!userId || isNaN(userId)) {
+      throw new ApiError(400, 'Invalid user ID');
+    }
+
     // Extract query parameters
     const searchQuery = event.queryStringParameters?.searchQuery?.trim();
 
@@ -24,7 +43,10 @@ export const handler = safeHandler(
     }
 
     if (searchQuery.length < 2) {
-      throw new ApiError(400, 'Search query must be at least 2 characters long');
+      throw new ApiError(
+        400,
+        'Search query must be at least 2 characters long',
+      );
     }
 
     // Call service to search cities