fix(auth): use createRouteHandlerClient in callback for proper session cookies

The callback route was using createClient() which silently ignores
cookie set operations (designed for Server Components). This caused
session cookies to not be set after OAuth callback, resulting in users
being unable to login despite successful GitHub authentication.

Changed to createRouteHandlerClient() which properly handles cookie
operations in Route Handlers, allowing session cookies to be set
correctly after exchangeCodeForSession().

Root cause: createClient() wraps cookie.set() in try-catch and ignores
failures, while createRouteHandlerClient() propagates errors properly.

Author: ryota-murakami

app/auth/callback/route.ts

@@ -13,7 +13,7 @@ import { cookies } from 'next/headers'
 import { NextResponse } from 'next/server'
 
 import { createFirstBoardIfNeeded } from '@/lib/actions/board'
-import { createClient } from '@/lib/supabase/server'
+import { createRouteHandlerClient } from '@/lib/supabase/server'
 
 // Cookie name
 const GITHUB_TOKEN_COOKIE = 'github_provider_token'
@@ -41,7 +41,7 @@ export async function GET(request: Request) {
   const next = searchParams.get('next') ?? '/boards'
 
   if (code) {
-    const supabase = await createClient()
+    const supabase = await createRouteHandlerClient(request)
 
     try {
       // Establish session using authentication code