diff --git a/docker-compose.yml b/docker-compose.yml
index fd34ab599d8c2fe5d553b909804ec8d7374994c3..d8fa4bb4f86bae24e304d3997f5645fe3fdcda47 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -5,9 +5,7 @@ services:
     container_name: nginx
     volumes:
       - ./nginx.conf:/etc/nginx/nginx.conf
-      # /home/lucien/Documents/programmation/go/tpappsec/nginx.conf
       - ./certs:/etc/certs
-      # /home/lucien/Documents/programmation/go/tpappsec/certs
     ports:
       - 80:80
       - 443:443
@@ -15,5 +13,6 @@ services:
   appsec:
     image: appsec:latest
     container_name: tpappsec
+    env_file: var.env
     expose:
       - "8080"
diff --git a/go.mod b/go.mod
index 0541cd0f8f019314cadc5c91a6726fe2e0708c72..02ccf890e83c69392a88f5d0185e1a59edf9927c 100644
--- a/go.mod
+++ b/go.mod
@@ -22,6 +22,7 @@ require (
 	github.com/go-playground/universal-translator v0.18.0 // indirect
 	github.com/go-playground/validator/v10 v10.10.0 // indirect
 	github.com/goccy/go-json v0.9.7 // indirect
+	github.com/joho/godotenv v1.4.0
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/leodido/go-urn v1.2.1 // indirect
 	github.com/mattn/go-isatty v0.0.14 // indirect
diff --git a/go.sum b/go.sum
index fee3e2b649ba784140ac90c0f78f53b2a5dc10b9..7c57db54655e290c107267fa6a21447075be5e1b 100644
--- a/go.sum
+++ b/go.sum
@@ -24,6 +24,8 @@ github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaS
 github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
+github.com/joho/godotenv v1.4.0 h1:3l4+N6zfMWnkbPEXKng2o2/MR5mSwTrBih4ZEkkz1lg=
+github.com/joho/godotenv v1.4.0/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
 github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
 github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
diff --git a/main.go b/main.go
index a350b804445974bd5bb780ae41d030eda2cc5b5c..e4f1c40c393a99d813474ceab255ee89ac1c98cc 100644
--- a/main.go
+++ b/main.go
@@ -2,6 +2,7 @@ package main
 
 import (
 	"net/http"
+	"os"
 	"strings"
 
 	"fmt"
@@ -158,19 +159,30 @@ func main() {
 
 	router := gin.Default()
 
-	authorizedGetStudents := router.Group("/", gin.BasicAuth(gin.Accounts{
-		"foo":      "bar",
-		"aristote": "Eucl1de",
-	}))
+	var authorizedGetStudents = make(map[string]string)
+	var authorizedAllStudents = make(map[string]string)
 
-	authorizedAllStudents := router.Group("/", gin.BasicAuth(gin.Accounts{
-		"aristote": "Eucl1de",
-	}))
+	authorizedGetStudentsUsername := strings.Fields(os.Getenv("USER_GET"))
+	authorizedGetStudentsPassword := strings.Fields(os.Getenv("PASS_GET"))
+	for key, val := range authorizedGetStudentsUsername {
+		pass := authorizedGetStudentsPassword[key]
+		authorizedGetStudents[val] = pass
+	}
+
+	authorizedAllStudentsUsername := strings.Fields(os.Getenv("USER_ALL"))
+	authorizedAllStudentsPassword := strings.Fields(os.Getenv("PASS_ALL"))
+	for key, val := range authorizedAllStudentsUsername {
+		pass := authorizedAllStudentsPassword[key]
+		authorizedAllStudents[val] = pass
+	}
+
+	groupGet := router.Group("/", gin.BasicAuth(authorizedGetStudents))
+	groupAll := router.Group("/", gin.BasicAuth(authorizedAllStudents))
 
-	authorizedGetStudents.GET("/students", getStudents)
-	authorizedGetStudents.GET("/students/:id", getStudentByID)
-	authorizedAllStudents.POST("/students", postStudent)
-	authorizedAllStudents.DELETE("/students/:id", deleteStudent)
+	groupGet.GET("/students", getStudents)
+	groupGet.GET("/students/:id", getStudentByID)
+	groupAll.POST("/students", postStudent)
+	groupAll.DELETE("/students/:id", deleteStudent)
 
 	authorizedOkta := router.Group("/")
 
diff --git a/var.env b/var.env
new file mode 100644
index 0000000000000000000000000000000000000000..47b46c0782d4e69915acc0085029db3388b42472
--- /dev/null
+++ b/var.env
@@ -0,0 +1,4 @@
+USER_GET="foo aristote"
+PASS_GET="bar Eucl1de"
+USER_ALL="aristote"
+PASS_ALL="Eucl1de"
\ No newline at end of file