From 888ffef8e3e0d96da6bb3013a44a91c0d1ead6b9 Mon Sep 17 00:00:00 2001
From: ilia <idobkin@gmail.com>
Date: Sun, 4 Jan 2026 11:01:00 -0500
Subject: [PATCH] feat: Enable host trust for authentication and update example
 environment configuration

- Set AUTH_TRUST_HOST to true in env.example for improved security.
- Updated NextAuth configuration to trust the host during authentication.
---
 env.example | 1 +
 lib/auth.ts | 1 +
 2 files changed, 2 insertions(+)

diff --git a/env.example b/env.example
index 035bf7b..4322a8d 100644
--- a/env.example
+++ b/env.example
@@ -4,6 +4,7 @@ DATABASE_URL="postgresql://user:password@localhost:5432/mirrormatch?schema=publi
 # NextAuth
 NEXTAUTH_URL="http://localhost:3000"
 NEXTAUTH_SECRET="your-secret-key-here-generate-with-openssl-rand-base64-32"
+AUTH_TRUST_HOST=true
 
 # Email Configuration (for production)
 SMTP_HOST="smtp.example.com"
diff --git a/lib/auth.ts b/lib/auth.ts
index c3829f0..1c1afcc 100644
--- a/lib/auth.ts
+++ b/lib/auth.ts
@@ -9,6 +9,7 @@ if (!nextAuthSecret) {
 }
 
 export const { handlers, auth, signIn, signOut } = NextAuth({
+  trustHost: true,
   providers: [
     Credentials({
       name: "Credentials",