diff --git a/app/controllers/inbox_controller.rb b/app/controllers/inbox_controller.rb
index 47353289..076e1264 100644
--- a/app/controllers/inbox_controller.rb
+++ b/app/controllers/inbox_controller.rb
@@ -1,4 +1,6 @@
 class InboxController < ApplicationController
+  before_filter :authenticate_user!
+
   def show
     @inbox = Inbox.where(user: current_user).order(:created_at).reverse_order
   end
diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb
index 3245c234..ae5222f3 100644
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@@ -4,10 +4,11 @@ class UserController < ApplicationController
   end
 
   def edit
-    
+    authenticate_user!
   end
 
   def update
+    authenticate_user!
     params.require(:display_name)
     current_user.display_name = params[:display_name]
     current_user.save!