diff --git a/src/Controller/ProfileController.php b/src/Controller/ProfileController.php
index 314b439..9ff11b4 100644
--- a/src/Controller/ProfileController.php
+++ b/src/Controller/ProfileController.php
@@ -11,6 +11,7 @@ use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Attribute\Route;
 use App\Repository\ParticipantRepository;
+use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 
 class ProfileController extends AbstractController
 {
@@ -21,22 +22,30 @@ class ProfileController extends AbstractController
         $this->profileRepo = $profileRepo;
     }
     #[Route('/profile/{uuid}', name: 'profile_view', methods: ['GET'])]
-    public function viewProfile(string $uuid, ParticipantRepository $profileRepo, Request $request): Response
+    public function viewProfile(string $uuid, ParticipantRepository $profileRepo, TokenStorageInterface $tokenStorage): Response
     {
+        $token = $tokenStorage->getToken();
+        $userConnect = $token?->getUser();
         $currentProfile = $profileRepo->findOneBy(['idParticipant' => $uuid]);
+        if ($userConnect->getIdParticipant() !== $currentProfile->getIdParticipant()) {
+            $this->addFlash('error', "Vous ne pouvez pas consulter un profil qui n'est pas le votre");
+            return $this->redirectToRoute('home');
+        }
         return $this->render('profile/view.html.twig', [
             'profile' => $currentProfile,
         ]);
     }
 
     #[Route('/profile/edit/{uuid}', name: 'profile_edit', methods: ['GET', 'POST'])]
-    public function editProfile(string $uuid, Request $request): Response
+    public function editProfile(string $uuid, Request $request, TokenStorageInterface $tokenStorage): Response
     {
         try {
+            $token = $tokenStorage->getToken();
+            $userConnect = $token?->getUser();
             $profile = $this->profileRepo->findOneBy(['idParticipant' => $uuid]);
-            if (!$profile === $this->getUser()) {
+            if ($userConnect->getIdParticipant() !== $profile->getIdParticipant()) {
                 $this->addFlash('error', "Vous ne pouvez pas modifier un profil qui n'est pas le votre");
-                return $this->redirectToRoute('profile_view',['uuid' => $profile->getIdParticipant()]);
+                return $this->redirectToRoute('home');
             }
             $form = $this->createForm(ProfileFormType::class, $profile);
             $form->handleRequest($request);