refactor: standardize error handling with exception.Builder

- Replace hardcoded error messages with structured error codes using exception.Builder.
- Introduce new common error constants in exception/common.go (CommonErrorInvalidInput, CommonErrorUserNotFound, etc.).
- Update exception/specific.go with domain-specific errors and remove redundant ones.
- Apply consistent error handling across auth, event, user services and middleware.

Co-authored-by: Gemini <gemini@google.com>
Signed-off-by: Noa Virellia <noa@requiem.garden>

service/auth/redirect.go

@@ -3,6 +3,7 @@ package auth
 import (
 	"net/url"
 	"nixcn-cms/data"
+	"nixcn-cms/exception"
 	"nixcn-cms/pkgs/authcode"
 	"nixcn-cms/utils"
 
@@ -14,19 +15,40 @@ import (
 func Redirect(c *gin.Context) {
 	clientId := c.Query("client_id")
 	if clientId == "" {
-		utils.HttpResponse(c, 400, "", "invalid request")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.ErrorStatusClient).
+			SetService(exception.AuthService).
+			SetEndpoint(exception.AuthRedirectEndpoint).
+			SetType(exception.ErrorTypeCommon).
+			SetOriginal(exception.CommonErrorInvalidInput).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}
 
 	redirectUri := c.Query("redirect_uri")
 	if redirectUri == "" {
-		utils.HttpResponse(c, 400, "", "invalid request")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.ErrorStatusClient).
+			SetService(exception.AuthService).
+			SetEndpoint(exception.AuthRedirectEndpoint).
+			SetType(exception.ErrorTypeCommon).
+			SetOriginal(exception.CommonErrorInvalidInput).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}
 
 	state := c.Query("state")
 	if state == "" {
-		utils.HttpResponse(c, 400, "", "invalid request")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.ErrorStatusClient).
+			SetService(exception.AuthService).
+			SetEndpoint(exception.AuthRedirectEndpoint).
+			SetType(exception.ErrorTypeCommon).
+			SetOriginal(exception.CommonErrorInvalidInput).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}
 
@@ -35,7 +57,14 @@ func Redirect(c *gin.Context) {
 	// Verify email token
 	authCode, ok := authcode.VerifyAuthCode(code)
 	if !ok {
-		utils.HttpResponse(c, 403, "", "invalid or expired token")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.ErrorStatusClient).
+			SetService(exception.AuthService).
+			SetEndpoint(exception.AuthRedirectEndpoint).
+			SetType(exception.ErrorTypeSpecific).
+			SetOriginal(exception.AuthRedirectTokenInvalid).
+			Build()
+		utils.HttpResponse(c, 403, errorCode)
 		return
 	}
 
@@ -52,11 +81,25 @@ func Redirect(c *gin.Context) {
 			user.Username = user.UserId.String()
 			user.PermissionLevel = 10
 			if err := user.Create(); err != nil {
-				utils.HttpResponse(c, 500, "", "internal server error")
+				errorCode := new(exception.Builder).
+					SetStatus(exception.ErrorStatusServer).
+					SetService(exception.AuthService).
+					SetEndpoint(exception.AuthRedirectEndpoint).
+					SetType(exception.ErrorTypeCommon).
+					SetOriginal(exception.CommonErrorInternal).
+					Build()
+				utils.HttpResponse(c, 500, errorCode)
 				return
 			}
 		} else {
-			utils.HttpResponse(c, 500, "", "internal server error")
+			errorCode := new(exception.Builder).
+				SetStatus(exception.ErrorStatusServer).
+				SetService(exception.AuthService).
+				SetEndpoint(exception.AuthRedirectEndpoint).
+				SetType(exception.ErrorTypeCommon).
+				SetOriginal(exception.CommonErrorInternal).
+				Build()
+			utils.HttpResponse(c, 500, errorCode)
 			return
 		}
 	}
@@ -64,25 +107,53 @@ func Redirect(c *gin.Context) {
 	clientData := new(data.Client)
 	client, err := clientData.GetClientByClientId(clientId)
 	if err != nil {
-		utils.HttpResponse(c, 400, "", "client not found")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.ErrorStatusClient).
+			SetService(exception.AuthService).
+			SetEndpoint(exception.AuthRedirectEndpoint).
+			SetType(exception.ErrorTypeSpecific).
+			SetOriginal(exception.AuthRedirectClientNotFound).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}
 
 	err = client.ValidateRedirectURI(redirectUri)
 	if err != nil {
-		utils.HttpResponse(c, 400, "", "redirect uri not match")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.ErrorStatusClient).
+			SetService(exception.AuthService).
+			SetEndpoint(exception.AuthRedirectEndpoint).
+			SetType(exception.ErrorTypeSpecific).
+			SetOriginal(exception.AuthRedirectUriMismatch).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}
 
 	newCode, err := authcode.NewAuthCode(clientId, authCode.Email)
 	if err != nil {
-		utils.HttpResponse(c, 500, "", "internal server error")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.ErrorStatusServer).
+			SetService(exception.AuthService).
+			SetEndpoint(exception.AuthRedirectEndpoint).
+			SetType(exception.ErrorTypeCommon).
+			SetOriginal(exception.CommonErrorInternal).
+			Build()
+		utils.HttpResponse(c, 500, errorCode)
 		return
 	}
 
 	url, err := url.Parse(redirectUri)
 	if err != nil {
-		utils.HttpResponse(c, 400, "", "invalid redirect uri")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.ErrorStatusClient).
+			SetService(exception.AuthService).
+			SetEndpoint(exception.AuthRedirectEndpoint).
+			SetType(exception.ErrorTypeSpecific).
+			SetOriginal(exception.AuthRedirectInvalidUri).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}
 	query := url.Query()