fix: use rows array returned by query(), not result.rows

db-postgres.ts query() returns T[] directly, not a QueryResult object.
result.rows was undefined, causing the session lookup to always
return null and redirect to login even with a valid session token.

Co-authored-by: Cursor <cursoragent@cursor.com>

app/api/theia-auth/route.ts

@@ -29,13 +29,6 @@ const SESSION_COOKIE_NAMES = [
 ];
 
 export async function GET(request: NextRequest) {
-  // Debug: when called with ?debug=1, reveal which cookies were received
-  if (request.nextUrl.searchParams.get('debug') === '1') {
-    const cookieHeader = request.headers.get('cookie') ?? '(none)';
-    const allNames = [...request.cookies.getAll()].map(c => c.name);
-    return NextResponse.json({ cookieHeader: cookieHeader.slice(0, 200), parsedNames: allNames });
-  }
-
   // Extract session token from cookies
   let sessionToken: string | null = null;
   for (const name of SESSION_COOKIE_NAMES) {
@@ -52,7 +45,7 @@ export async function GET(request: NextRequest) {
   let userName: string | null = null;
 
   try {
-    const result = await query<{ email: string; name: string }>(
+    const rows = await query<{ email: string; name: string }>(
       `SELECT u.email, u.name
          FROM sessions s
          JOIN users u ON u.id = s.user_id
@@ -61,11 +54,9 @@ export async function GET(request: NextRequest) {
         LIMIT 1`,
       [sessionToken],
     );
-    if (result.rows.length > 0) {
+    if (rows.length > 0) {
-      userEmail = result.rows[0].email;
+      userEmail = rows[0].email;
-      userName = result.rows[0].name;
+      userName = rows[0].name;
-    } else {
-      console.log('[theia-auth] No session found for token:', sessionToken.slice(0, 8));
     }
   } catch (err) {
     console.error('[theia-auth] DB error:', err);