diff --git a/.env.example b/.env.example
index 8644304..667304c 100644
--- a/.env.example
+++ b/.env.example
@@ -21,6 +21,9 @@ AUTH_SECRET=change_me_to_a_strong_random_secret
 AUTH_GOOGLE_ID=your_google_oauth_client_id
 AUTH_GOOGLE_SECRET=your_google_oauth_client_secret
 
+# Auth.js base URL - set to the public URL of your app
+AUTH_URL=http://localhost:3000
+
 # Auth.js trust host configuration
 # Set to true when using HTTP (e.g., localhost), should be false in production with HTTPS
 AUTH_TRUST_HOST=true
diff --git a/docker-compose.yml b/docker-compose.yml
index 1208df3..70f4f39 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -14,6 +14,7 @@ services:
       - NEXT_PUBLIC_PREDICTIONS_ENABLED=true
       - API_KEY=${API_KEY}
       - AUTH_SECRET=${AUTH_SECRET}
+      - AUTH_URL=${AUTH_URL}
       - AUTH_GOOGLE_ID=${AUTH_GOOGLE_ID}
       - AUTH_GOOGLE_SECRET=${AUTH_GOOGLE_SECRET}
       - AUTH_TRUST_HOST=${AUTH_TRUST_HOST}
diff --git a/src/auth.ts b/src/auth.ts
index de06dda..78f18f3 100644
--- a/src/auth.ts
+++ b/src/auth.ts
@@ -21,7 +21,7 @@ export const { handlers, auth, signIn, signOut } = NextAuth({
         password: { label: "Password", type: "password" },
       },
       async authorize(credentials) {
-        const email = credentials?.email as string | undefined;
+        const email = (credentials?.email as string | undefined)?.trim().toLowerCase();
         const password = credentials?.password as string | undefined;
 
         if (!email || !password) {