diff --git a/package.json b/package.json
index a17c4da..5bf81aa 100644
--- a/package.json
+++ b/package.json
@@ -14,7 +14,8 @@
     "bcrypt": "^5.0.0",
     "express": "^4.17.1",
     "jsonwebtoken": "^8.5.1",
-    "mongodb": "^3.6.1"
+    "mongodb": "^3.6.1",
+    "yaml": "^1.10.0"
   },
   "devDependencies": {
     "eslint": "^7.4.0",
diff --git a/src/js/configuration.js b/src/js/configuration.js
index 0c9c75d..b7f3720 100644
--- a/src/js/configuration.js
+++ b/src/js/configuration.js
@@ -1,8 +1,16 @@
-module.exports = {
-    database: {
-        url: 'mongodb://localhost:27017',
-        username: 'express-user',
-        password: 'P@ssword1',
-        database: 'express-test'
-    }
-};
\ No newline at end of file
+const fs = require('fs');
+const yaml = require('yaml');
+
+const configurationFile = fs.readFileSync('src/resources/application.yml', 'utf8');
+const configuration = yaml.parse(configurationFile);
+console.log(configuration);
+module.exports = configuration;
+
+// module.exports = {
+//     database: {
+//         url: 'mongodb://localhost:27017',
+//         username: 'express-user',
+//         password: 'P@ssword1',
+//         database: 'express-test'
+//     }
+// };
\ No newline at end of file
diff --git a/src/js/controller/userCtrl.js b/src/js/controller/userCtrl.js
index 6faee65..6bc57d0 100644
--- a/src/js/controller/userCtrl.js
+++ b/src/js/controller/userCtrl.js
@@ -1,18 +1,14 @@
 const router = require('express').Router();
-const Jwt = require('../jwtService');
+const tokenService = require('../service/tokenService');
 const userService = require('../service/userService');
-const passwordService = require('../service/passwordService');
 
 // Develop routes here
 router.post('/login', (request, response) => {
     const loginRequest = request.body;
 
-    // If login is incorrect, the "getUser" function will return "undefined".
-    // So if "user" is not "undefined", this proofs that login is correct.
-    const user = userService.getUser(loginRequest.login);
-    if (!!loginRequest && !!user && passwordService.areSamePasswords(loginRequest.password, user.password)) {
+    if (!!loginRequest && userService.areCredentialsValid(loginRequest.login, loginRequest.password)) {
         const tokenPayload = { login: loginRequest.login };
-        response.json(Jwt.buildToken(tokenPayload));
+        response.json(tokenService.build(tokenPayload));
     } else {
         response.status(403).send();
     }
diff --git a/src/js/jwtService.js b/src/js/jwtService.js
deleted file mode 100644
index 5918988..0000000
--- a/src/js/jwtService.js
+++ /dev/null
@@ -1,19 +0,0 @@
-const jwt = require('jsonwebtoken');
-
-class Jwt {
-    buildToken(tokenPayload) {
-        return jwt.sign(tokenPayload, 'secret', {expiresIn: '1h'});
-    }
-
-    isTokenValid(token) {
-        try {
-            jwt.verify(token, 'secret');
-        } catch (exception) {
-            return false;
-        }
-        return true;
-    }
-}
-
-const jwtInstance = new Jwt();
-module.exports = jwtInstance;
\ No newline at end of file
diff --git a/src/js/repository/mongoClient.js b/src/js/repository/mongoClient.js
index 4ecf49d..40ed8f5 100644
--- a/src/js/repository/mongoClient.js
+++ b/src/js/repository/mongoClient.js
@@ -1,6 +1,6 @@
 const mongodb = require('mongodb');
 const configuration = require('../configuration');
-const mongoConfig = configuration.database;
+const mongoConfig = configuration.mongodb;
 
 class MongoClient {
     constructor() {
diff --git a/src/js/service/tokenService.js b/src/js/service/tokenService.js
new file mode 100644
index 0000000..5160ec9
--- /dev/null
+++ b/src/js/service/tokenService.js
@@ -0,0 +1,21 @@
+const jwt = require('jsonwebtoken');
+const configuration = require('../configuration');
+const securityConfig = configuration.security;
+
+class TokenService {
+    build(tokenPayload) {
+        return jwt.sign(tokenPayload, securityConfig.jwt.secret, {expiresIn: securityConfig.jwt.validity});
+    }
+
+    isValid(token) {
+        try {
+            jwt.verify(token, securityConfig.jwt.secret);
+        } catch (exception) {
+            return false;
+        }
+        return true;
+    }
+}
+
+const jwtInstance = new TokenService();
+module.exports = jwtInstance;
\ No newline at end of file
diff --git a/src/js/service/userService.js b/src/js/service/userService.js
index ed8b507..6a04100 100644
--- a/src/js/service/userService.js
+++ b/src/js/service/userService.js
@@ -5,7 +5,7 @@ const userRepository = new Repository('users');
 
 class UserService {
     getUser(login) {
-        return login === 'toto' 
+        return login === 'toto'
             ? {login: 'toto', password: passwordService.hashPassword('pwd')}
             : undefined;
     }
@@ -13,6 +13,13 @@ class UserService {
     isAuthenticated() {
         return false;
     }
+
+    areCredentialsValid(login, password) {
+        const user = this.getUser(login);
+        // If login is incorrect, the "getUser" function will return "undefined".
+        // So if "user" is not "undefined", this proofs that login is correct.
+        return !!user && passwordService.areSamePasswords(password, user.password);
+    }
 }
 
 const singleton = new UserService();
diff --git a/src/resources/application.yml b/src/resources/application.yml
new file mode 100644
index 0000000..ce52fa2
--- /dev/null
+++ b/src/resources/application.yml
@@ -0,0 +1,9 @@
+mongodb:
+  url: 'mongodb://localhost:27017'
+  username: 'express-user'
+  password: 'P@ssword1'
+  database: 'express-test'
+security:
+  jwt:
+    secret: 5ubtcCCo7hWBqjNGtzzVKnLT1KxN9uS4D6kRZowCunZAYPmxtKy6mvgoxANe4WqLVfiVI7AZSVqZCtvlSWFwIsnXGH6lxeKG0U8Wu7Kw0jwfFOGLvlO8bXaB
+    validity: 1h
\ No newline at end of file