Fix jwt-token

.gitignore

@@ -19,6 +19,10 @@ docker-compose.override.yml
 logs/
 *.log
 
+# Uploads
+uploads/
+!uploads/logos/.gitkeep
+
 # Debug files
 debug_logs/
 api_debug.log

docker-compose.yml

@@ -72,11 +72,13 @@ services:
       RATE_LIMIT_WINDOW_MS: ${RATE_LIMIT_WINDOW_MS:-900000}
       RATE_LIMIT_MAX_REQUESTS: ${RATE_LIMIT_MAX_REQUESTS:-1000}
       SECURITY_LOG_DIR: /app/logs
+      VITE_BASE_PATH: ${VITE_BASE_PATH:-/}
     ports:
       - "3002:3001"
     volumes:
       - ./server/logs:/app/logs
       - ./debug_logs:/app/debug_logs
+      - ./uploads:/app/uploads
     networks:
       - drone-network
     depends_on:

docker/nginx/default.conf

@@ -56,6 +56,20 @@ server {
         proxy_read_timeout 86400;
     }
 
+    # Proxy uploads requests to backend (for logos and other files)
+    location /uggla/uploads/ {
+        proxy_pass http://backend:3001/uploads/;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        
+        # Cache uploaded files for 1 month
+        add_header Cache-Control "public, max-age=2592000";
+        proxy_read_timeout 86400;
+    }
+
     # WebSocket proxy for Socket.IO
     location /uggla/socket.io/ {
         proxy_pass http://backend:3001/socket.io/;

nginx/conf.d/default.conf

@@ -80,6 +80,30 @@ server {
         proxy_read_timeout 60s;
     }
     
+    # Upload routes for logos and other files
+    location /uploads/ {
+        # Add tenant header for backend
+        proxy_set_header X-Tenant-Subdomain $tenant;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Port $server_port;
+        
+        proxy_pass http://backend;
+        proxy_redirect off;
+        
+        # Cache uploaded files for 1 month
+        proxy_cache_valid 200 30d;
+        add_header Cache-Control "public, max-age=2592000";
+        
+        # Timeouts
+        proxy_connect_timeout 60s;
+        proxy_send_timeout 60s;
+        proxy_read_timeout 60s;
+    }
+    
     # Authentication routes with stricter rate limiting
     location /auth/ {
         limit_req zone=auth burst=10 nodelay;

server/routes/tenant.js

@@ -148,8 +148,9 @@ router.post('/logo-upload', authenticateToken, requirePermissions(['branding.edi
       }
     }
 
-    // Create logo URL
-    const logoUrl = `/uploads/logos/${req.file.filename}`;
+    // Create logo URL with base path support
+    const basePath = process.env.VITE_BASE_PATH || '';
+    const logoUrl = `${basePath}uploads/logos/${req.file.filename}`;
 
     // Update tenant branding with new logo
     const updatedBranding = {