diff --git a/src/main.go b/src/main.go
index 58db0ce..c4580eb 100644
--- a/src/main.go
+++ b/src/main.go
@@ -71,22 +71,24 @@ func main() {
 
 	authMiddleware := auth.NewMiddleware(env.Auth, log)
 
+	// TODO: refresh sould be handled by admins only
+
 	env.Handle("/users/login", users.LoginPOSTHandler).Methods("POST")
 	env.Handle("/users/signup", users.SignupPOSTHandler).Methods("POST")
-	env.Handle("/users/details", users.DetailsHandler).WithRole(users.UserRole)
-	env.Handle("/users/edit", users.EditHandler).WithRole(users.UserRole)
+	env.Handle("/users/details", users.DetailsHandler).WithRole(users.UserRole).Methods("GET")
+	env.Handle("/users/edit", users.EditHandler).WithRole(users.UserRole).Methods("POST")
 
-	env.Handle("/movies/polochon", movies.FromPolochon).WithRole(users.UserRole)
-	env.Handle("/movies/{id:tt[0-9]+}/get_details", movies.GetDetailsHandler).WithRole(users.UserRole)
-	env.Handle("/movies/explore", extmedias.Explore)
-	env.Handle("/movies/refresh", extmedias.Refresh)
-	env.Handle("/movies/search", movies.SearchMovie).Methods("POST")
+	env.Handle("/movies/polochon", movies.FromPolochon).WithRole(users.UserRole).Methods("GET")
+	env.Handle("/movies/{id:tt[0-9]+}/get_details", movies.GetDetailsHandler).WithRole(users.UserRole).Methods("GET")
+	env.Handle("/movies/explore", extmedias.Explore).WithRole(users.UserRole).Methods("GET")
+	env.Handle("/movies/refresh", extmedias.Refresh).WithRole(users.UserRole).Methods("POST")
+	env.Handle("/movies/search", movies.SearchMovie).WithRole(users.UserRole).Methods("POST")
 
 	// env.Handle("/shows/polochon", shows.FromPolochon).WithRole(users.UserRole)
-	env.Handle("/shows/{id:tt[0-9]+}", shows.GetDetailsHandler)
-	env.Handle("/shows/refresh", extmedias.RefreshShows)
-	env.Handle("/shows/explore", extmedias.ExploreShows)
-	env.Handle("/shows/search", shows.SearchShow).Methods("POST")
+	env.Handle("/shows/{id:tt[0-9]+}", shows.GetDetailsHandler).WithRole(users.UserRole).Methods("GET")
+	env.Handle("/shows/refresh", extmedias.RefreshShows).WithRole(users.UserRole).Methods("POST")
+	env.Handle("/shows/explore", extmedias.ExploreShows).WithRole(users.UserRole).Methods("GET")
+	env.Handle("/shows/search", shows.SearchShow).WithRole(users.UserRole).Methods("POST")
 
 	n := negroni.Classic()
 	n.Use(authMiddleware)