diff --git a/README.md b/README.md
index ce119d3c..870790e3 100644
--- a/README.md
+++ b/README.md
@@ -718,6 +718,7 @@ You can tune the middleware behavior using middleware specific configuration par
 - "dbAuth.loginAfterRegistration": 1 or zero if registered users should be logged in after registration ("")
 - "dbAuth.passwordLength": Minimum length that the password must have ("12")
 - "dbAuth.sessionName": The name of the PHP session that is started ("")
+- "dbAuth.updateSessionData": Number of minutes after which the session data is updated when calling /me end-point (0)
 - "wpAuth.mode": Set to "optional" if you want to allow anonymous access ("required")
 - "wpAuth.wpDirectory": The folder/path where the Wordpress install can be found (".")
 - "wpAuth.usernameFormField": The name of the form field that holds the username ("username")
diff --git a/src/Tqdev/PhpCrudApi/Middleware/DbAuthMiddleware.php b/src/Tqdev/PhpCrudApi/Middleware/DbAuthMiddleware.php
index fb6aba9f..35227262 100644
--- a/src/Tqdev/PhpCrudApi/Middleware/DbAuthMiddleware.php
+++ b/src/Tqdev/PhpCrudApi/Middleware/DbAuthMiddleware.php
@@ -111,6 +111,7 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
                             session_regenerate_id(true);
                         }
                         unset($user[$passwordColumnName]);
+                        $user['updatedAt'] = time();
                         $_SESSION['user'] = $user;
                         return $this->responder->success($user);
                     } else {
@@ -128,6 +129,7 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
                             session_regenerate_id(true);
                         }
                         unset($user[$passwordColumnName]);
+                        $user['updatedAt'] = time();
                         $_SESSION['user'] = $user;
                         return $this->responder->success($user);
                     }
@@ -176,6 +178,24 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
         }
         if ($method == 'GET' && $path == 'me') {
             if (isset($_SESSION['user'])) {
+                $updateAfter = $this->getProperty('updateSessionData',0) * 60; 
+                $passwordColumnName = $this->getProperty('passwordColumn','password');
+                if($updateAfter > 0 && (time() > ($_SESSION['user']['updatedAt'] + $updateAfter))){
+                    $tableName = $this->getProperty('loginTable','users');
+                    $table = $this->reflection->getTable($tableName);
+                    $pkName = $table->getPk()->getName();
+                    $returnedColumns = $this->getProperty('returnedColumns','');
+                    if(!$returnedColumns){
+                        $columnNames = $table->getColumnNames();
+                    }else{
+                        $columnNames = array_map('trim',explode(',',$returnedColumns));
+                        $columnNames = array_values(array_unique($columnNames));
+                    }
+                    $user = $this->db->selectSingle($table,$columnNames,$_SESSION['user'][$pkName]);
+                    unset($user[$passwordColumnName]);
+                    $user['updatedAt'] = time();
+                    $_SESSION['user'] = $user;
+                }
                 return $this->responder->success($_SESSION['user']);
             }
             return $this->responder->error(ErrorCode::AUTHENTICATION_REQUIRED, '');