fix: read Google access_token from Account table, not getToken()

With strategy:"database" there is no JWT cookie, so getToken() always
returns null. The Google access_token is stored in the Account table by
the PrismaAdapter. Query it directly via prisma.account.findFirst()
instead of the JWT helper.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

src/app/api/reports/[id]/export/route.ts

@@ -2,12 +2,10 @@ import { NextResponse } from "next/server";
 export const dynamic = "force-dynamic";
 export const runtime = "nodejs";
 
-
 import { getServerSession } from "next-auth/next";
 import { authOptions } from "@/lib/auth";
 import { prisma } from "@/lib/prisma";
 import { uploadToDrive, generateReportMarkdown } from "@/lib/google-drive";
-import { getToken } from "next-auth/jwt";
 
 export async function POST(
   req: Request,
@@ -16,10 +14,17 @@ export async function POST(
   const { id } = await params;
   const session = await getServerSession(authOptions);
 
-  // We need the raw access token from JWT for Google API
-  const token = await getToken({ req: req as any });
+  if (!session?.user?.id) {
+    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+  }
 
-  if (!session || !token?.accessToken) {
+  // With database sessions (not JWT), the Google access token lives in the
+  // Account table — getToken() returns null in this strategy.
+  const account = await prisma.account.findFirst({
+    where: { userId: session.user.id, provider: "google" },
+  });
+
+  if (!account?.access_token) {
     return NextResponse.json({ error: "Unauthorized or missing Google token" }, { status: 401 });
   }
 
@@ -42,7 +47,7 @@ export async function POST(
 
   try {
     const driveFile = await uploadToDrive(
-        token.accessToken as string, 
+        account.access_token,
         fileName,
         markdown,
         folderSetting?.value