fix: resolve woocommerce-sync authentication issue with internal_call flag #21

- Added logging for internal call detection
- Improved error logging for auth failures
- Service role key from trigger-sync now properly bypassed when internal_call=true
- Fixes 'Invalid token' error during auto-sync

supabase/functions/woocommerce-sync/index.ts

@@ -379,7 +379,7 @@ serve(async (req) => {
 
       let user = null
 
-      // Handle authentication - skip for internal calls from scheduled sync
+      // Handle authentication - skip for internal calls from trigger-sync
       if (internal_call !== true) {
         // Regular user authentication
         const authHeader = req.headers.get('authorization')
@@ -391,9 +391,12 @@ serve(async (req) => {
         }
 
         const token = authHeader.replace('Bearer ', '')
+
+        // Use the anon key client for user auth, not the service role client
         const { data: { user: authUser }, error: userError } = await supabase.auth.getUser(token)
 
         if (userError || !authUser) {
+          console.error('[WooCommerce] User authentication failed:', userError)
           return new Response(
             JSON.stringify({ error: 'Invalid token' }),
             { status: 401, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }
@@ -401,6 +404,8 @@ serve(async (req) => {
         }
 
         user = authUser
+      } else {
+        console.log('[WooCommerce] Internal call detected, skipping user authentication')
       }
 
       if (!store_id) {