Fix jwt-token

server/routes/tenant.js

@@ -185,6 +185,72 @@ router.post('/logo-upload', authenticateToken, requirePermissions(['branding.edi
   }
 });
 
+/**
+ * DELETE /tenant/logo
+ * Remove tenant logo (branding admin or higher)
+ */
+router.delete('/logo', authenticateToken, requirePermissions(['branding.edit']), async (req, res) => {
+  try {
+    // Determine tenant from request
+    const tenantId = await multiAuth.determineTenant(req);
+    if (!tenantId) {
+      return res.status(400).json({
+        success: false,
+        message: 'Unable to determine tenant from request'
+      });
+    }
+
+    // Get tenant
+    const tenant = await Tenant.findOne({ where: { slug: tenantId } });
+    if (!tenant) {
+      return res.status(404).json({
+        success: false,
+        message: 'Tenant not found'
+      });
+    }
+
+    // Check if tenant has a logo to remove
+    if (!tenant.branding?.logo_url) {
+      return res.status(400).json({
+        success: false,
+        message: 'No logo to remove'
+      });
+    }
+
+    // Delete the physical logo file
+    const logoPath = tenant.branding.logo_url.replace('/uploads/logos/', '');
+    const filePath = path.join(__dirname, '../uploads/logos', logoPath);
+    if (fs.existsSync(filePath)) {
+      fs.unlinkSync(filePath);
+    }
+
+    // Update tenant branding to remove logo
+    const updatedBranding = {
+      ...tenant.branding,
+      logo_url: null
+    };
+
+    await tenant.update({ branding: updatedBranding });
+
+    console.log(`✅ Tenant "${tenantId}" logo removed by user "${req.user.username}"`);
+
+    res.json({
+      success: true,
+      message: 'Logo removed successfully',
+      data: { 
+        branding: updatedBranding
+      }
+    });
+
+  } catch (error) {
+    console.error('Error removing logo:', error);
+    res.status(500).json({
+      success: false,
+      message: 'Failed to remove logo'
+    });
+  }
+});
+
 /**
  * PUT /tenant/branding
  * Update tenant branding (branding admin or higher)