Fix jwt-token

server/Dockerfile

@@ -20,23 +20,35 @@ RUN npm install --only=production && \
     npm cache clean --force
 
 # Copy application code
-COPY . .
+# Copy application code
+COPY --chown=nodejs:nodejs . .
 
-# Create logs directory
-RUN mkdir -p logs
+# Copy and set permissions for entrypoint script
+COPY docker-entrypoint.sh /usr/local/bin/
+RUN chmod +x /usr/local/bin/docker-entrypoint.sh
 
-# Create uploads directory for logos
-RUN mkdir -p uploads/logos
+# Install su-exec for user switching
+RUN apk add --no-cache su-exec
+
+# Create logs and uploads directories
+RUN mkdir -p logs uploads/logos
 
 # Create non-root user
 RUN addgroup -g 1001 -S nodejs && \
     adduser -S nodejs -u 1001
 
-# Set ownership
+# Set ownership of all app files including uploads
 RUN chown -R nodejs:nodejs /app
 
-# Switch to non-root user
-USER nodejs
+# Ensure uploads directory has proper permissions
+RUN chmod -R 755 /app/uploads
+
+# Copy and set permissions for entrypoint script
+COPY docker-entrypoint.sh /usr/local/bin/
+RUN chmod +x /usr/local/bin/docker-entrypoint.sh
+
+# Stay as root for the entrypoint (it will switch to nodejs user)
+# USER nodejs (commented out - entrypoint will handle user switching)
 
 # Expose port
 EXPOSE 3001
@@ -45,8 +57,8 @@ EXPOSE 3001
 HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
     CMD curl -f http://localhost:3001/api/health || exit 1
 
-# Use dumb-init to handle signals properly
-ENTRYPOINT ["dumb-init", "--"]
+# Use custom entrypoint that handles permissions and user switching
+ENTRYPOINT ["docker-entrypoint.sh"]
 
 # Start the application
 CMD ["npm", "start"]