|
@@ -67,21 +67,33 @@ npx supabase link --project-ref <project-ref>
|
|
|
|
|
|
|
|
Some Edge Functions have **built-in JWT/auth verification** and require Supabase's default JWT verification to be **disabled** in `config.toml`. This is configured with `verify_jwt = false`.
|
|
Some Edge Functions have **built-in JWT/auth verification** and require Supabase's default JWT verification to be **disabled** in `config.toml`. This is configured with `verify_jwt = false`.
|
|
|
|
|
|
|
|
-| Function | Reason for Disabled Supabase JWT |
|
|
|
|
|
-|----------|----------------------------------|
|
|
|
|
|
-| `auth` | Handles login/signup - no token yet |
|
|
|
|
|
-| `shopify-oauth` | OAuth callback from Shopify |
|
|
|
|
|
-| `woocommerce-oauth` | OAuth callback from WooCommerce |
|
|
|
|
|
-| `oauth-shoprenter-init` | OAuth initiation for ShopRenter |
|
|
|
|
|
-| `oauth-shoprenter-callback` | OAuth callback from ShopRenter |
|
|
|
|
|
-| `webhook-shoprenter-uninstall` | Webhook from ShopRenter (HMAC verified) |
|
|
|
|
|
-| `validate-shoprenter-hmac` | HMAC validation endpoint |
|
|
|
|
|
-| `gdpr-webhooks` | GDPR webhooks from platforms |
|
|
|
|
|
-| `shop-data-api` | Public API with custom API key auth |
|
|
|
|
|
-| `woocommerce-scheduled-sync` | Internal scheduled sync (service role) |
|
|
|
|
|
-| `shoprenter-scheduled-sync` | Internal scheduled sync (service role) |
|
|
|
|
|
-
|
|
|
|
|
-**Important**: When adding new Edge Functions that handle OAuth callbacks, webhooks, or have custom authentication, add them to `supabase/config.toml` with `verify_jwt = false`.
|
|
|
|
|
|
|
+| Function | Reason for Disabled Supabase JWT | In config.toml |
|
|
|
|
|
+|----------|----------------------------------|----------------|
|
|
|
|
|
+| `auth` | Handles login/signup - no token yet | ✅ |
|
|
|
|
|
+| `shopify-oauth` | OAuth callback from Shopify | ✅ |
|
|
|
|
|
+| `woocommerce-oauth` | OAuth callback from WooCommerce | ✅ |
|
|
|
|
|
+| `oauth-shoprenter-init` | OAuth initiation for ShopRenter | ✅ |
|
|
|
|
|
+| `oauth-shoprenter-callback` | OAuth callback from ShopRenter | ✅ |
|
|
|
|
|
+| `webhook-shoprenter-uninstall` | Webhook from ShopRenter (HMAC verified) | ✅ |
|
|
|
|
|
+| `validate-shoprenter-hmac` | HMAC validation endpoint | ✅ |
|
|
|
|
|
+| `gdpr-webhooks` | GDPR webhooks from platforms | ✅ |
|
|
|
|
|
+| `shop-data-api` | Public API with custom API key auth | ✅ |
|
|
|
|
|
+| `woocommerce-scheduled-sync` | Internal scheduled sync (service role) | ✅ |
|
|
|
|
|
+| `shoprenter-scheduled-sync` | Internal scheduled sync (service role) | ✅ |
|
|
|
|
|
+| `webhooks-shopify` | Webhooks from Shopify (HMAC verified) | ✅ |
|
|
|
|
|
+| `scraper-webhook` | Webhooks from scraper service | ✅ |
|
|
|
|
|
+| `get-pending-install-info` | Public endpoint for OAuth flow | ✅ |
|
|
|
|
|
+| `auto-register-shoprenter` | Auto-registers user during OAuth flow | ✅ |
|
|
|
|
|
+| `vapi-webhook` | VAPI end-of-call webhooks (internal API key) | ✅ |
|
|
|
|
|
+
|
|
|
|
|
+**Deployment Note**: Due to a known Supabase bug, `config.toml` settings may not be applied when updating existing functions. If JWT verification issues occur, redeploy with the explicit flag:
|
|
|
|
|
+```bash
|
|
|
|
|
+npx supabase functions deploy <function-name> --no-verify-jwt --project-ref <project-ref>
|
|
|
|
|
+```
|
|
|
|
|
+
|
|
|
|
|
+**Important**: When adding new Edge Functions that handle OAuth callbacks, webhooks, or have custom authentication:
|
|
|
|
|
+1. Add them to `supabase/config.toml` with `verify_jwt = false`
|
|
|
|
|
+2. Deploy with `--no-verify-jwt` flag to ensure the setting takes effect
|
|
|
|
|
|
|
|
## Technology Stack
|
|
## Technology Stack
|
|
|
|
|
|
Fszontagh