diff --git a/apps/web/src/middleware.ts b/apps/web/src/middleware.ts
index 72d5cc8..db02dc5 100644
--- a/apps/web/src/middleware.ts
+++ b/apps/web/src/middleware.ts
@@ -1,13 +1,29 @@
 import { NextResponse } from "next/server";
 import type { NextRequest } from "next/server";
+import { getSessionCookie } from "better-auth/cookies";
 
-export function middleware(request: NextRequest) {
-  // Redirect /editor to /
-  if (request.nextUrl.pathname === "/editor") {
-    return NextResponse.redirect(new URL("/", request.url));
+export async function middleware(request: NextRequest) {
+  const path = request.nextUrl.pathname;
+  const session = getSessionCookie(request);
+
+  if (path === "/editor" && !session) {
+    const loginUrl = new URL("/auth/login", request.url);
+    loginUrl.searchParams.set("redirect", request.url);
+    return NextResponse.redirect(loginUrl);
   }
+
+  return NextResponse.next();
 }
 
 export const config = {
-  matcher: "/editor",
+  matcher: [
+    /*
+     * Match all request paths except for the ones starting with:
+     * - api (API routes)
+     * - _next/static (static files)
+     * - _next/image (image optimization files)
+     * - favicon.ico (favicon file)
+     */
+    "/((?!api|_next/static|_next/image|favicon.ico).*)",
+  ],
 };