diff --git a/internal/auth/inmemory.go b/internal/auth/inmemory.go
index e3c7cfbd9d941e78353f7bcd66a590f7cc266fab..879300b87058471adc52cb34ae196f5c9b07973f 100644
--- a/internal/auth/inmemory.go
+++ b/internal/auth/inmemory.go
@@ -96,17 +96,20 @@ func (d *DataHandler) AddUser(w http.ResponseWriter, req *http.Request) {
 		http.Error(w, err.Error(), 400)
 		return
 	}
+
+	// Check login don't already exist
+	for _, val := range users {
+		if newUser.Login == val.Login {
+			http.Error(w, "login already exists", 400)
+			return
+		}
+	}
+
 	// Encrypt the password with bcrypt
 	if newUser.Password == "" {
 		http.Error(w, "passwords cannot be blank", 400)
 		return
-	}
-	if newUser.Role == "ADMIN" {
-		newUser.IsAdmin = true
 	} else {
-		newUser.IsAdmin = false
-	}
-	if newUser.Password != "" {
 		hash, err := bcrypt.GenerateFromPassword([]byte(newUser.Password), bcrypt.DefaultCost)
 		if err != nil {
 			http.Error(w, err.Error(), 400)
@@ -115,13 +118,12 @@ func (d *DataHandler) AddUser(w http.ResponseWriter, req *http.Request) {
 		newUser.PasswordHash = string(hash)
 		newUser.Password = ""
 	}
-	// Check login don't already exist
-	for _, val := range users {
-		if newUser.Login == val.Login {
-			http.Error(w, "login already exists", 400)
-			return
-		}
+	if newUser.Role == "ADMIN" {
+		newUser.IsAdmin = true
+	} else {
+		newUser.IsAdmin = false
 	}
+
 	d.createUser(newUser)
 	d.db.Last(&newUser)
 	json.NewEncoder(w).Encode(newUser)
diff --git a/internal/auth/oauth2.go b/internal/auth/oauth2.go
index e65e357c0dc04b70b0b77433840369ac862bf6c0..8e1189de57ba4d74cad0129b44b7cba567c3efdb 100644
--- a/internal/auth/oauth2.go
+++ b/internal/auth/oauth2.go
@@ -59,7 +59,7 @@ func (m Manager) HandleOAuth2Login(w http.ResponseWriter, r *http.Request) {
 	// Generate state and store it in cookie
 	oauthStateString, err := common.GenerateRandomString(16)
 	if err != nil {
-		log.Logger.Fatalf("Error generating OAuth2 strate string :%v\n", err)
+		log.Logger.Fatalf("Error generating OAuth2 state string :%v\n", err)
 	}
 	tokens.Manager.StoreData(oauthStateString, m.Hostname, oAuth2StateKey, 30*time.Second, w)
 	url := m.Config.AuthCodeURL(oauthStateString)
diff --git a/internal/rootmux/rootmux.go b/internal/rootmux/rootmux.go
index c0dfb4436d3eb16574592d12e4c7cbf8412297f9..2cc76e7dc7f8d8eb7a89e1ae775f8ca0df26a45c 100644
--- a/internal/rootmux/rootmux.go
+++ b/internal/rootmux/rootmux.go
@@ -6,9 +6,8 @@ import (
 
 	"forge.grandlyon.com/systemes-dinformation/project-template/sdk-go/internal/auth"
 	"forge.grandlyon.com/systemes-dinformation/project-template/sdk-go/internal/models"
-	"forge.grandlyon.com/systemes-dinformation/project-template/sdk-go/pkg/middlewares"
-
 	"forge.grandlyon.com/systemes-dinformation/project-template/sdk-go/pkg/common"
+	"forge.grandlyon.com/systemes-dinformation/project-template/sdk-go/pkg/middlewares"
 )
 
 // RootMux represents the main controller of the application
diff --git a/internal/rootmux/rootmux_test.go b/internal/rootmux/rootmux_test.go
index 6a744af65fe8a3d7800da2476811a35f52c2553d..6a2c1bb8b1acc1e821a3855284ce291e49fb9733 100644
--- a/internal/rootmux/rootmux_test.go
+++ b/internal/rootmux/rootmux_test.go
@@ -89,28 +89,26 @@ func appTests(t *testing.T) {
 		json.Unmarshal([]byte(response), &token)
 		xsrfHeader := map[string]string{"XSRF-TOKEN": token.XSRFToken}
 
-		const apiOperation1 = "/api/Operations/1"
-		const apiBankAccount1 = "/api/BankAccounts/1"
 		// Add invalid operation between client and Bakery must be refused with 417 (Expectation failed)
 		do("POST", "/api/Operations", xsrfHeader, `{"Debtor":1,"Amount":-1789,"Creditor":2}`, 417, "Not enough money")
 
 		// Add an operation between Dupond and Bakery and verify that bank accounts are updated and opposite operation is created
 		do("POST", "/api/Operations", xsrfHeader, `{"Debtor":1,"Amount":-100,"Creditor":2}`, 200, "")
-		do("GET", apiOperation1, xsrfHeader, "", 200, `{"ID":1,"Debtor":1,"Amount":-100`)
+		do("GET", "/api/Operations/1", xsrfHeader, "", 200, `{"ID":1,"Debtor":1,"Amount":-100`)
 		do("GET", "/api/Operations/2", xsrfHeader, "", 200, `{"ID":2,"Debtor":2,"Amount":100`)
-		do("GET", apiBankAccount1, xsrfHeader, "", 200, `{"ID":1,"Number":"01-01","UserClientID":1,"Type":"checking-account","Amount":358,"BankOverdraft":-100,"Operations":[{"ID":1,"Debtor":1,"Amount":-100,"Date":"`)
+		do("GET", "/api/BankAccounts/1", xsrfHeader, "", 200, `{"ID":1,"Number":"01-01","UserClientID":1,"Type":"checking-account","Amount":358,"BankOverdraft":-100,"Operations":[{"ID":1,"Debtor":1,"Amount":-100,"Date":"`)
 		do("GET", "/api/BankAccounts/2", xsrfHeader, "", 200, `{"ID":2,"Number":"02-01","UserClientID":2,"Type":"checking-account","Amount":4845,"BankOverdraft":-500,"Operations":[{"ID":2,"Debtor":2,"Amount":100,"Date":`)
 
 		// Try to delete the first operation, the opposite operation should also have been deleted and bank accounts updated
-		do("DELETE", apiOperation1, xsrfHeader, ``, 200, "")
-		do("GET", apiOperation1, xsrfHeader, "", 404, `id does not exist`)
+		do("DELETE", "/api/Operations/1", xsrfHeader, ``, 200, "")
+		do("GET", "/api/Operations/1", xsrfHeader, "", 404, `id does not exist`)
 		do("GET", "/api/Operations/2", xsrfHeader, "", 404, `id does not exist`)
-		do("GET", apiBankAccount1, xsrfHeader, "", 200, `{"ID":1,"Number":"01-01","UserClientID":1,"Type":"checking-account","Amount":458,"BankOverdraft":-100,"Operations":[]}`)
+		do("GET", "/api/BankAccounts/1", xsrfHeader, "", 200, `{"ID":1,"Number":"01-01","UserClientID":1,"Type":"checking-account","Amount":458,"BankOverdraft":-100,"Operations":[]}`)
 		do("GET", "/api/BankAccounts/2", xsrfHeader, "", 200, `{"ID":2,"Number":"02-01","UserClientID":2,"Type":"checking-account","Amount":4745,"BankOverdraft":-500,"Operations":[]}`)
 
 		// Delete a client should also delete his banks accounts
 		do("DELETE", "/api/UserClients/1", xsrfHeader, ``, 200, "")
-		do("GET", apiBankAccount1, xsrfHeader, "", 404, `id does not exist`)
+		do("GET", "/api/BankAccounts/1", xsrfHeader, "", 404, `id does not exist`)
 
 	}
 	// Do an OAuth2 login with an known admin
diff --git a/internal/rootmux/unlogged_test.go b/internal/rootmux/unlogged_test.go
index dedec8e383ea0932752fefae97957a3e9980875b..33447053b86dc0b0b0d5a40fd8fa5f9606ddbd8b 100644
--- a/internal/rootmux/unlogged_test.go
+++ b/internal/rootmux/unlogged_test.go
@@ -52,11 +52,11 @@ func UnLoggedUserTests(t *testing.T) {
 	do("POST", "/api/Operations", noH, `{"Debtor":1,"Amount":-100,"Creditor":3}`, 401, errorExtractingToken)
 
 	// Unlogged user should not be able to delete an Operation
-	do("DELETE", "/api/Operations/1", noH, ``, 401, "error extracting token")
+	do("DELETE", "/api/Operations/1", noH, ``, 401, errorExtractingToken)
 	// Unlogged user should not be able to delete a BankAccount
-	do("DELETE", "/api/BankAccounts/2", noH, ``, 401, "error extracting token")
+	do("DELETE", "/api/BankAccounts/2", noH, ``, 401, errorExtractingToken)
 	// Unlogged user should not be able to delete a Client
-	do("DELETE", "/api/UserClients/2", noH, ``, 401, "error extracting token")
+	do("DELETE", "/api/UserClients/2", noH, ``, 401, errorExtractingToken)
 	// Unlogged user should not be able to delete a Banker
-	do("DELETE", "/api/UserBankers/2", noH, ``, 401, "error extracting token")
+	do("DELETE", "/api/UserBankers/2", noH, ``, 401, errorExtractingToken)
 }