Improve error handling in auth handlers to prevent information leakage

[coderabbitai]

Problem

The authentication handlers currently have poor error handling that exposes sensitive information and loses error granularity:

• loginError() function always returns HTTP 403 status code regardless of the actual error type
• Internal error messages are directly exposed to users via err.Error()
• No distinction between authentication failures vs server-side errors

Impact

• Security: Leaks sensitive internal error details to users
• UX: All errors appear as "403 Forbidden" regardless of root cause
• Debugging: Loses important error classification for proper handling

Requirements

1. Authentication errors: Return 401/403 with generic user-friendly messages
2. Server errors: Return 500 with generic messages (DB failures, JWT issues, etc.)
3. Logging: Preserve full error details in server logs for debugging
4. Apply same pattern: Fix both loginError() and registerError() functions

Related

• PR: Feat/frontend #39
• Comment: Feat/frontend #39 (comment)
• File: internal/delivery/http/handler/auth_handler.go
• Functions: loginError(), registerError()

Requested by: @itsLeonB