diff --git a/backend/modules/games.js b/backend/modules/games.js
index cf5c9fb5f4ff35ca6ecd89cf8c527318943a4cb2..532c61a3706cbb6852b07baa8a444ff3d28cc3ad 100644
--- a/backend/modules/games.js
+++ b/backend/modules/games.js
@@ -1,6 +1,6 @@
 /*
 Page: login.js
-Author: Alexandre Perruchoud & Dylan Wacker
+Author: Dylan Wacker
 Description: Controller
  */
 let persist = require('./persist');
diff --git a/backend/modules/jwtUtils.js b/backend/modules/jwtUtils.js
index 4c3d0040326df488dedffb0cb1b533f2d16b91e9..4715088e5776bac71a0152e59bc81352dc2afe37 100644
--- a/backend/modules/jwtUtils.js
+++ b/backend/modules/jwtUtils.js
@@ -1,13 +1,17 @@
 /*
 Page: login.js
-Author: Alexandre Perruchoud & Dylan Wacker
-Description: Create the token with JWT
+Author: Dylan Wacker
+Description: Create the token with JSON Web Token
  */
 var jwt = require('jsonwebtoken');
 
 const JWT_SIGN = 'MIIBOAIBAAJAbrpdZ3BYbqJn8fx0dVqj0pPP7nlH3VLGZAn3tmUyg7msSf5M3lJs';
 
-// default algorithm: HS256
+/*
+header: type of token and hashing algorithm (default algorithm: HS256)
+payload: data(here username of the user) and additionnal metada | encoded in Base64Url 
+signature: take the header and encoded payload, secret and the algorithm specified and sign (can verify the integretiy of the claims)
+*/
 module.exports = {
     generateTokenForUser: function(user_name) {
         return jwt.sign({
diff --git a/backend/modules/persist.js b/backend/modules/persist.js
index ddac1da3301a59ef84121239a534943fcc4d3bd4..f80f57e822f3aac13a7ed2694d58ce41fcdf8862 100644
--- a/backend/modules/persist.js
+++ b/backend/modules/persist.js
@@ -1,8 +1,10 @@
 /*
 Page: persist.js
-Author: Alexandre Perruchoud & Dylan Wacker
-Description: persistant data
+Author: Dylan Wacker
+Description: persistant data -> if refresh don't loose previous data
  */
+
+// json database for user
 let database_favorite_games = {
     dylan: {
         games: [3498, 3328],
diff --git a/backend/server.js b/backend/server.js
index 52eb779e3aeb7c231d2f0cfd2695ed88614d3e18..6b4809743d108f2e41525d0ce0f153e9c8e6e4b3 100644
--- a/backend/server.js
+++ b/backend/server.js
@@ -1,10 +1,10 @@
 /*
 Page: server.js
-Author: Alexandre Perruchoud & Dylan Wacker
+Author: Dylan Wacker
 Description: manager the server application
  */
 var jwt = require('jsonwebtoken');
-const express = require('express');
+const express = require('express'); // framework for node.js
 const bodyParser = require('body-parser'); //  get args and parameter in http request
 const exp = require('constants');
 const games = require('./modules/games');
@@ -13,15 +13,14 @@ const { checkUserExist, database } = require('./modules/persist');
 
 
 let token = undefined;
-const JWT_SIGN = 'MIIBOAIBAAJAbrpdZ3BYbqJn8fx0dVqj0pPP7nlH3VLGZAn3tmUyg7msSf5M3lJs';
 
 // init server
 let server = express();
 
-// body parser config
-server.use(bodyParser.json());
-server.use(bodyParser.urlencoded({ extended: false }));
-server.use(express.static('../frontend'));
+// body parser config - parse incoming request bodies
+server.use(bodyParser.json()); // look request where Content-Type: application/json header is present and  the text-based JSON input into JS-accessible variables 
+server.use(bodyParser.urlencoded({ extended: false })); // Same for URL-encoded requests (extend : false -> only string)
+server.use(express.static('../frontend')); // for load static files
 
 const PORT_NUMBER = 8080;
 
@@ -189,22 +188,34 @@ server.post('/api/v1/logout', function(request, response) {
  * params limit the number of games returned
  */
 server.get('/api/v1/games/:username/:limit?', function(request, response) {
-    if (database[request.params.username].token != undefined) {
-        if (request.params.username !== undefined) {
-            // test the if it's the right token, in the payload of the token we have the username
+    if (request.params.username !== undefined) {
+        // test the if it's the right token, in the payload of the token we have the username
+        console.log(database[request.params.username].token);
+
+        if (database[request.params.username].token != undefined) {
             if (jwt.decode(database[request.params.username].token).username == request.params.username) {
-                return response.status(201).json(games.getFavoriteGamesOfUser(request.params.username, request.params.limit));
+
+                // test the if it's the right token, in the payload of the token we have the username
+                if (jwt.decode(database[request.params.username].token).username == request.params.username) {
+                    return response.status(201).json(games.getFavoriteGamesOfUser(request.params.username, request.params.limit));
+                } else {
+                    return response.status(400).json({ 'error': 'not the good token gived' });
+                }
+
             } else {
+                console.log('error: not the good token gived!');
                 return response.status(400).json({ 'error': 'not the good token gived' });
             }
+        } else {
+            console.log('error: user not connected!');
+            return response.status(400).json({ 'error': 'user not connected!' });
+
         }
-    } else {
-        console.log('error: nobody is logged!');
-        return response.status(400).json({ 'error': 'nobody is logged!' });
     }
     return response.status(400).json({
         'error': 'Bad request'
     });
+
 });
 
 
diff --git a/frontend/res/js/manage_api.js b/frontend/res/js/manage_api.js
index 4537c89058d8c4a87532fa5a9c00079b1661a16f..ca23b3ac0d07b033f53b6f9a1c57542f4d1dd92d 100644
--- a/frontend/res/js/manage_api.js
+++ b/frontend/res/js/manage_api.js
@@ -1,6 +1,6 @@
 /*
 Page: manage_api.js
-Author: Alexandre Perruchoud & Dylan Wacker
+Author: Dylan Wacker
 Description: Manage the api fetch data
  */