Clear session and show login when non-platform users access platform subdomain

Instead of redirecting business users to their business subdomain when
they access the platform subdomain, clear their session and show the
platform login page. This is cleaner when masquerading changes tokens
to a tenant user - they can simply log back in as a platform user.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

frontend/src/App.tsx

@@ -10,7 +10,7 @@ import { useCurrentUser, useMasquerade, useLogout } from './hooks/useAuth';
 import { useCurrentBusiness } from './hooks/useBusiness';
 import { useUpdateBusiness } from './hooks/useBusiness';
 import { usePlanFeatures } from './hooks/usePlanFeatures';
-import { setCookie } from './utils/cookies';
+import { setCookie, deleteCookie } from './utils/cookies';
 
 // Import Login Page
 const LoginPage = React.lazy(() => import('./pages/LoginPage'));
@@ -463,10 +463,13 @@ const AppContent: React.FC = () => {
     return <LoadingScreen />;
   }
 
-  // RULE: Business users on platform subdomain should be redirected to their business subdomain
+  // RULE: Non-platform users on platform subdomain should have their session cleared
-  if (isBusinessUser && isPlatformDomain && user.business_subdomain) {
+  // This handles cases where masquerading changed tokens to a business user
-    const port = window.location.port ? `:${window.location.port}` : '';
+  if (!isPlatformUser && isPlatformDomain) {
-    window.location.href = `${protocol}//${user.business_subdomain}.${baseDomain}${port}/`;
+    deleteCookie('access_token');
+    deleteCookie('refresh_token');
+    localStorage.removeItem('masquerade_stack');
+    window.location.href = '/platform/login';
     return <LoadingScreen />;
   }