From 19b1f262548809ca1b485be9d560387dc496f55e Mon Sep 17 00:00:00 2001 From: jason Date: Fri, 13 Mar 2026 00:56:33 -0500 Subject: [PATCH] fix: read Google access_token from Account table, not getToken() With strategy:"database" there is no JWT cookie, so getToken() always returns null. The Google access_token is stored in the Account table by the PrismaAdapter. Query it directly via prisma.account.findFirst() instead of the JWT helper. Co-Authored-By: Claude Sonnet 4.6 --- src/app/api/reports/[id]/export/route.ts | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/src/app/api/reports/[id]/export/route.ts b/src/app/api/reports/[id]/export/route.ts index 4f31b3e..227f6d4 100644 --- a/src/app/api/reports/[id]/export/route.ts +++ b/src/app/api/reports/[id]/export/route.ts @@ -2,12 +2,10 @@ import { NextResponse } from "next/server"; export const dynamic = "force-dynamic"; export const runtime = "nodejs"; - import { getServerSession } from "next-auth/next"; import { authOptions } from "@/lib/auth"; import { prisma } from "@/lib/prisma"; import { uploadToDrive, generateReportMarkdown } from "@/lib/google-drive"; -import { getToken } from "next-auth/jwt"; export async function POST( req: Request, @@ -15,11 +13,18 @@ export async function POST( ) { const { id } = await params; const session = await getServerSession(authOptions); - - // We need the raw access token from JWT for Google API - const token = await getToken({ req: req as any }); - if (!session || !token?.accessToken) { + if (!session?.user?.id) { + return NextResponse.json({ error: "Unauthorized" }, { status: 401 }); + } + + // With database sessions (not JWT), the Google access token lives in the + // Account table — getToken() returns null in this strategy. + const account = await prisma.account.findFirst({ + where: { userId: session.user.id, provider: "google" }, + }); + + if (!account?.access_token) { return NextResponse.json({ error: "Unauthorized or missing Google token" }, { status: 401 }); } @@ -42,9 +47,9 @@ export async function POST( try { const driveFile = await uploadToDrive( - token.accessToken as string, - fileName, - markdown, + account.access_token, + fileName, + markdown, folderSetting?.value );