feat: global error handler with template rendering

internal/proxy/director/layer/authn/oidc/authenticator.go

@@ -86,7 +86,7 @@ func (a *Authenticator) PreAuthentication(w http.ResponseWriter, r *http.Request
 		if postLogoutRedirectURL != "" {
 			isAuthorized := slices.Contains(options.OIDC.PostLogoutRedirectURLs, postLogoutRedirectURL)
 			if !isAuthorized {
-				http.Error(w, "unauthorized post-logout redirect", http.StatusBadRequest)
+				director.HandleError(ctx, w, r, http.StatusBadRequest, errors.New("unauthorized post-logout redirect"))
 				return errors.WithStack(authn.ErrSkipRequest)
 			}
 		}

internal/proxy/director/layer/authn/oidc/client.go

@@ -6,6 +6,7 @@ import (
 	"net/url"
 	"strings"
 
+	"forge.cadoles.com/cadoles/bouncer/internal/proxy/director"
 	"github.com/coreos/go-oidc/v3/oidc"
 	"github.com/dchest/uniuri"
 	"github.com/gorilla/sessions"
@@ -68,8 +69,7 @@ func (c *Client) login(w http.ResponseWriter, r *http.Request, sess *sessions.Se
 	sess.Values[sessionKeyPostLoginRedirectURL] = postLoginRedirectURL
 
 	if err := sess.Save(r, w); err != nil {
-		logger.Error(ctx, "could not save session", logger.CapturedE(errors.WithStack(err)))
-		http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
+		director.HandleError(ctx, w, r, http.StatusInternalServerError, errors.New("could not save session"))
 
 		return
 	}