diff --git a/assets/react/controllers/Menu.tsx b/assets/react/controllers/Menu.tsx
index c7d1cd33bbb226f37fd8aef5ea017d9dda260eeb..3eade34a3883a50102ac5211262d823d3876da75 100644
--- a/assets/react/controllers/Menu.tsx
+++ b/assets/react/controllers/Menu.tsx
@@ -26,7 +26,7 @@ export default function Menu() {
             </a>
           </li>
           <li>
-            <a href="/">
+            <a href="/logout">
               <span className="item">Déconnexion</span>
             </a>
           </li>
diff --git a/src/Controller/EconomicController.php b/src/Controller/EconomicController.php
index fe444b016f947de10a861cef1c73451b4c0138ff..5edfc5382ee724c53fe7b7583bb422f7ce7d8e2f 100644
--- a/src/Controller/EconomicController.php
+++ b/src/Controller/EconomicController.php
@@ -6,8 +6,9 @@ use App\Entity\User;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Annotation\Route;
-use Symfony\Bundle\SecurityBundle\Security;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 
+#[IsGranted('ROLE_USER')]
 class EconomicController extends AbstractController
 {
     #[Route('/economic', name: 'app_economic')]
diff --git a/src/Controller/HomeController.php b/src/Controller/HomeController.php
index d4931df72162a107f407e238357b393cd43d75bf..5f718d302bd84594c35562fdfdb2beabc5492bb7 100644
--- a/src/Controller/HomeController.php
+++ b/src/Controller/HomeController.php
@@ -60,5 +60,12 @@ class HomeController extends AbstractController
     {
         return $this->redirectToRoute('login');
     }
+
+    #[Route("/logout", name: "app_logout")]
+    public function logout()
+    {
+        // controller can be blank: it will never be called!
+        throw new \Exception('Don\'t forget to activate logout in security.yaml');
+    }
 }
 
diff --git a/src/Controller/SummaryController.php b/src/Controller/SummaryController.php
index 122e66e49284b466a1e4bee8e05e7b6df3ca8e90..ffbf5fa2be319daf16724bce6cc538e44f1aea41 100644
--- a/src/Controller/SummaryController.php
+++ b/src/Controller/SummaryController.php
@@ -6,9 +6,11 @@ use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Annotation\Route;
 use App\Service\SummaryService;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 use Symfony\UX\Chartjs\Model\Chart;
 use Symfony\UX\Chartjs\Builder\ChartBuilderInterface;
 
+#[IsGranted('ROLE_USER')]
 class SummaryController extends AbstractController
 {
     #[Route('/summary', name: 'app_summary')]
diff --git a/src/Controller/TransactionController.php b/src/Controller/TransactionController.php
index a0e3e4c02377361327028f03e2682787189f107f..893db07210f2e90fa7f2777afcbc3baae4c80356 100644
--- a/src/Controller/TransactionController.php
+++ b/src/Controller/TransactionController.php
@@ -5,7 +5,9 @@ namespace App\Controller;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Annotation\Route;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
 
+#[IsGranted('ROLE_USER')]
 class TransactionController extends AbstractController
 {
     #[Route('/transaction', name: 'app_transaction')]