diff --git a/backend/internal/core/usecases/auth/login.go b/backend/internal/core/usecases/auth/login.go
index d699c68..0dd6512 100644
--- a/backend/internal/core/usecases/auth/login.go
+++ b/backend/internal/core/usecases/auth/login.go
@@ -3,6 +3,7 @@ package auth
 import (
 	"context"
 	"errors"
+	"fmt"
 
 	"github.com/rede5/gohorsejobs/backend/internal/core/dto"
 	"github.com/rede5/gohorsejobs/backend/internal/core/ports"
@@ -21,28 +22,35 @@ func NewLoginUseCase(userRepo ports.UserRepository, authService ports.AuthServic
 }
 
 func (uc *LoginUseCase) Execute(ctx context.Context, input dto.LoginRequest) (*dto.AuthResponse, error) {
-	// 1. Find User by Email (Global or implicit tenant?)
-	// Implementation Note: In this architecture, email should be unique enough or we iterate.
-	// For simplicity, assuming email is unique system-wide or we find the active one.
+	// 1. Find User by Email
+	fmt.Printf("[LOGIN DEBUG] Searching for user: %s\n", input.Email)
 	user, err := uc.userRepo.FindByEmail(ctx, input.Email)
 	if err != nil {
-		return nil, errors.New("invalid credentials") // Avoid leaking existence
-	}
-
-	// Check if user was found (FindByEmail returns nil, nil when not found)
-	if user == nil {
+		fmt.Printf("[LOGIN DEBUG] Error finding user: %v\n", err)
 		return nil, errors.New("invalid credentials")
 	}
 
+	// Check if user was found
+	if user == nil {
+		fmt.Printf("[LOGIN DEBUG] User not found (nil)\n")
+		return nil, errors.New("invalid credentials")
+	}
+
+	fmt.Printf("[LOGIN DEBUG] User found: ID=%s, Status=%s, HashPrefix=%s\n", user.ID, user.Status, user.PasswordHash[:10])
+
 	// 2. Verify Password
 	if !uc.authService.VerifyPassword(user.PasswordHash, input.Password) {
+		fmt.Printf("[LOGIN DEBUG] Password verification FAILED\n")
 		return nil, errors.New("invalid credentials")
 	}
+	fmt.Printf("[LOGIN DEBUG] Password verification PASSED\n")
 
 	// 3. Check Status
 	if user.Status != "ACTIVE" {
+		fmt.Printf("[LOGIN DEBUG] Status check FAILED: Expected ACTIVE, got '%s'\n", user.Status)
 		return nil, errors.New("account inactive")
 	}
+	fmt.Printf("[LOGIN DEBUG] Status check PASSED\n")
 
 	// 4. Generate Token
 	roles := make([]string, len(user.Roles))
@@ -52,6 +60,7 @@ func (uc *LoginUseCase) Execute(ctx context.Context, input dto.LoginRequest) (*d
 
 	token, err := uc.authService.GenerateToken(user.ID, user.TenantID, roles)
 	if err != nil {
+		fmt.Printf("[LOGIN DEBUG] Token generation FAILED: %v\n", err)
 		return nil, errors.New("failed to generate token")
 	}
 
diff --git a/frontend/src/app/login/page.tsx b/frontend/src/app/login/page.tsx
index 918cb50..c16120a 100644
--- a/frontend/src/app/login/page.tsx
+++ b/frontend/src/app/login/page.tsx
@@ -66,7 +66,9 @@ export default function LoginPage() {
 
     try {
       // Login sem passar role, o backend decide
+      console.log('🚀 [LOGIN FRONT] Tentando login com:', data.email);
       const user = await login(data.email, data.password);
+      console.log('✅ [LOGIN FRONT] Sucesso:', user);
 
       if (user) {
         // Se "lembrar de mim" estiver marcado, salvar no localStorage
@@ -79,7 +81,8 @@ export default function LoginPage() {
         setError(t("auth.login.errors.invalidCredentials"));
       }
     } catch (err: any) {
-      console.error(err);
+      console.error('🔥 [LOGIN FRONT] Erro no login:', err);
+      console.error('🔥 [LOGIN FRONT] Detalhes:', err.response?.data || err.message);
       setError(err.message || t("auth.login.errors.generic"));
     } finally {
       setLoading(false);