fix: use 401 errors instead of 403 for nginx responses

internal/controller/proxy_controller.go

@@ -190,9 +190,9 @@ func (controller *ProxyController) proxyHandler(c *gin.Context) {
 
 			if !controller.useBrowserResponse(proxyCtx) {
 				c.Header("x-tinyauth-location", redirectURL)
-				c.JSON(403, gin.H{
+				c.JSON(401, gin.H{
-					"status":  403,
+					"status":  401,
-					"message": "Forbidden",
+					"message": "Unauthorized",
 				})
 				return
 			}
@@ -234,9 +234,9 @@ func (controller *ProxyController) proxyHandler(c *gin.Context) {
 
 				if !controller.useBrowserResponse(proxyCtx) {
 					c.Header("x-tinyauth-location", redirectURL)
-					c.JSON(403, gin.H{
+					c.JSON(401, gin.H{
-						"status":  403,
+						"status":  401,
-						"message": "Forbidden",
+						"message": "Unauthorized",
 					})
 					return
 				}

internal/controller/proxy_controller_test.go

@@ -371,7 +371,7 @@ func TestProxyController(t *testing.T) {
 				req.Header.Set("x-forwarded-proto", "https")
 				req.Header.Set("x-forwarded-uri", "/")
 				router.ServeHTTP(recorder, req)
-				assert.Equal(t, 403, recorder.Code)
+				assert.Equal(t, 401, recorder.Code)
 				assert.Equal(t, "", recorder.Header().Get("remote-user"))
 				assert.Equal(t, "", recorder.Header().Get("remote-name"))
 				assert.Equal(t, "", recorder.Header().Get("remote-email"))

internal/controller/resources_controller.go

@@ -32,7 +32,7 @@ func (controller *ResourcesController) resourcesHandler(c *gin.Context) {
 	if controller.config.Resources.Path == "" {
 		c.JSON(404, gin.H{
 			"status":  404,
-			"message": "Resources not found",
+			"message": "Resource not found",
 		})
 		return
 	}