diff --git a/src/utils/auth.ts b/src/utils/auth.ts
index be7afbf..2622ba2 100644
--- a/src/utils/auth.ts
+++ b/src/utils/auth.ts
@@ -32,6 +32,23 @@ export const auth = betterAuth({
 			},
 		},
 	},
+	databaseHooks: {
+		user: {
+			create: {
+				before: async (user) => {
+					if (user.email === process.env.ADMIN_EMAIL) {
+						return {
+							data: {
+								...user,
+								role: "admin",
+							},
+						};
+					}
+					return { data: user };
+				},
+			},
+		},
+	},
 	secret: process.env.BETTER_AUTH_SECRET,
 	session: {
 		cookieCache: {
@@ -42,5 +59,6 @@ export const auth = betterAuth({
 	},
 	advanced: {
 		cookiePrefix: "bun-react",
+		trustProxy: true,
 	},
 });
diff --git a/src/utils/env.ts b/src/utils/env.ts
index 132b90c..d853093 100644
--- a/src/utils/env.ts
+++ b/src/utils/env.ts
@@ -21,7 +21,11 @@ export const getEnv = (key: string, defaultValue = ""): string => {
 };
 
 export const VITE_PUBLIC_URL = (() => {
-	const envUrl = getEnv("VITE_PUBLIC_URL");
+	// Priority: 
+	// 1. BETTER_AUTH_URL (standard for better-auth)
+	// 2. VITE_PUBLIC_URL (our app standard)
+	// 3. window.location.origin (browser fallback)
+	const envUrl = getEnv("BETTER_AUTH_URL") || getEnv("VITE_PUBLIC_URL");
 	if (envUrl) return envUrl;
 
 	// Fallback for browser