diff --git a/src/app/api/reports/[id]/export/route.ts b/src/app/api/reports/[id]/export/route.ts
index 4f31b3e..227f6d4 100644
--- a/src/app/api/reports/[id]/export/route.ts
+++ b/src/app/api/reports/[id]/export/route.ts
@@ -2,12 +2,10 @@ import { NextResponse } from "next/server";
 export const dynamic = "force-dynamic";
 export const runtime = "nodejs";
 
-
 import { getServerSession } from "next-auth/next";
 import { authOptions } from "@/lib/auth";
 import { prisma } from "@/lib/prisma";
 import { uploadToDrive, generateReportMarkdown } from "@/lib/google-drive";
-import { getToken } from "next-auth/jwt";
 
 export async function POST(
   req: Request,
@@ -15,11 +13,18 @@ export async function POST(
 ) {
   const { id } = await params;
   const session = await getServerSession(authOptions);
-  
-  // We need the raw access token from JWT for Google API
-  const token = await getToken({ req: req as any });
 
-  if (!session || !token?.accessToken) {
+  if (!session?.user?.id) {
+    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+  }
+
+  // With database sessions (not JWT), the Google access token lives in the
+  // Account table — getToken() returns null in this strategy.
+  const account = await prisma.account.findFirst({
+    where: { userId: session.user.id, provider: "google" },
+  });
+
+  if (!account?.access_token) {
     return NextResponse.json({ error: "Unauthorized or missing Google token" }, { status: 401 });
   }
 
@@ -42,9 +47,9 @@ export async function POST(
 
   try {
     const driveFile = await uploadToDrive(
-        token.accessToken as string, 
-        fileName, 
-        markdown, 
+        account.access_token,
+        fileName,
+        markdown,
         folderSetting?.value
     );