diff --git a/app/routes/posts/edit.py b/app/routes/posts/edit.py
index 8824fb9..861ec1c 100644
--- a/app/routes/posts/edit.py
+++ b/app/routes/posts/edit.py
@@ -1,6 +1,7 @@
 from app import app, db
 from app.models.post import Post
 from app.utils.render import render
+from app.utils.check_csrf import check_csrf
 from app.forms.forum import CommentEditForm, AnonymousCommentEditForm
 from urllib.parse import urlparse
 from flask import redirect, url_for, abort, request
@@ -36,3 +37,21 @@ def edit_post(postid):
         return render('forum/edit_comment.html', comment=p, form=form)
     else:
         abort(404)
+
+@app.route('/post/supprimer/<int:postid>', methods=['GET','POST'])
+@login_required
+@check_csrf
+def delete_post(postid):
+    p = Post.query.filter_by(id=postid).first_or_404()
+
+    # TODO: Check whether privileged user has access to board
+    if p.author != current_user and not current_user.priv("delete-posts"):
+        abort(403)
+
+    for a in p.attachments:
+        db.session.delete(a)
+    db.session.commit()
+
+    db.session.delete(p)
+    db.session.commit()
+    return redirect(request.referrer)
diff --git a/app/templates/widgets/thread.html b/app/templates/widgets/thread.html
index 35fa537..e0a0c57 100644
--- a/app/templates/widgets/thread.html
+++ b/app/templates/widgets/thread.html
@@ -15,7 +15,7 @@
             {% endif %}
             | <a href="{{ request.path }}#{{ c.id }}">#</a>
             | <a href="{{ url_for('edit_post', postid=c.id, r=request.path) }}">Modifier</a>
-            | <a href="#">Supprimer</a>
+            | <a href="{{ url_for('delete_post', postid=c.id, csrf_token=csrf_token()) }}" onclick="return confirm('Le message sera supprimé')">Supprimer</a>
             </div>
 
             {{ c.text|md }}