diff --git a/src/app/api/analyze/route.ts b/src/app/api/analyze/route.ts
index d008e4f..b929639 100644
--- a/src/app/api/analyze/route.ts
+++ b/src/app/api/analyze/route.ts
@@ -5,6 +5,7 @@ import { analyzeImageWithVision } from '../../../services/googleVisionCore'
 import { processAnimalImage } from '../../../services/animalProcessingService'
 import { checkAndStoreImageHash } from '../../../services/imageHashService'
 import { awardPointsForImage } from '../../../services/userPointsService'
+import { validate as validateUuid } from 'uuid'
 
 // Increase body parser size limit
 export const config = {
@@ -38,9 +39,17 @@ export async function POST(req: NextRequest): Promise<NextResponse> {
     if (bypassAuth) {
       console.log('⚠️ BYPASSING AUTHENTICATION IN PRODUCTION FOR DEBUGGING ⚠️');
       
-      // Use hardcoded values for now
-      userId = 'temporary-user-id';
-      userEmail = 'temporary@example.com';
+      // Check for user headers even in bypass mode - use them if available
+      const headerUser = getUserFromHeaders(req);
+      if (headerUser && headerUser.id && validateUuid(headerUser.id)) {
+        userId = headerUser.id;
+        userEmail = headerUser.email || 'temporary@example.com';
+        console.log('Using header user data in bypass mode:', { userId, userEmail });
+      } else {
+        // Generate a proper UUID for testing
+        userId = '00000000-0000-0000-0000-000000000000';
+        userEmail = 'temporary@example.com';
+      }
     } else {
       // Try to get user from multiple sources
       const session = await getSessionFromCookie(req);