diff --git a/app/layout.tsx b/app/layout.tsx
index b5ce1180..d0d78b7e 100644
--- a/app/layout.tsx
+++ b/app/layout.tsx
@@ -1,11 +1,10 @@
 // app/layout.tsx
-import type { Metadata } from "next";
 import "./styles/globals.css";
 import { Toaster } from "@/components/ui/toaster";
 
-export const metadata: Metadata = {
+export const metadata = {
   title: "MakeArmy",
-  description: "Laser tooling & community utilities",
+  description: "Laser Everything community tools",
 };
 
 export default function RootLayout({
@@ -14,10 +13,11 @@ export default function RootLayout({
   children: React.ReactNode;
 }) {
   return (
-    <html lang="en" suppressHydrationWarning>
-    <body className="min-h-screen bg-background text-foreground antialiased">
+    // Force dark theme (the simplest way to restore your previous look).
+    // If you later want system / toggle support, we can swap this for next-themes.
+    <html lang="en" className="dark" suppressHydrationWarning>
+    <body>
     {children}
-    {/* Shadcn toast portal */}
     <Toaster />
     </body>
     </html>
diff --git a/middleware.ts b/middleware.ts
index 2fd169a8..66922dc2 100644
--- a/middleware.ts
+++ b/middleware.ts
@@ -1,24 +1,26 @@
-import { NextResponse } from "next/server";
-import type { NextRequest } from "next/server";
+// middleware.ts
+import { NextRequest, NextResponse } from "next/server";
 
-const PROTECTED_PATHS = ["/my", "/api/my"];
+/**
+ * Protect only /my/* pages.
+ * If the user has no "ma_at" cookie (Directus access token), redirect to /auth/sign-in
+ * and preserve the original destination via ?next=...
+ */
+ export function middleware(req: NextRequest) {
+     const token = req.cookies.get("ma_at")?.value;
 
-export function middleware(req: NextRequest) {
-    const { pathname } = req.nextUrl;
-    const needsAuth = PROTECTED_PATHS.some(
-        (p) => pathname === p || pathname.startsWith(p + "/")
-    );
-    if (!needsAuth) return NextResponse.next();
+     if (token) {
+         return NextResponse.next();
+     }
 
-    const hasToken = Boolean(req.cookies.get("ma_at")?.value);
-    if (!hasToken) {
-        const url = new URL("/sign-in", req.url);
-        url.searchParams.set("next", pathname);
-        return NextResponse.redirect(url);
-    }
-    return NextResponse.next();
-}
+     // Not logged in → send to the correct sign-in route
+     const url = req.nextUrl.clone();
+     url.pathname = "/auth/sign-in";
+     url.searchParams.set("next", req.nextUrl.pathname + req.nextUrl.search);
+     return NextResponse.redirect(url);
+ }
 
-export const config = {
-    matcher: ["/((?!_next|static|favicon.ico).*)"],
-};
+ // Only run on /my/* so we don’t interfere with other routes (including /auth/*)
+ export const config = {
+     matcher: ["/my/:path*"],
+ };