[FEATURE] Unauthorized (403) branded page

[jsaltzman]

Is your feature request related to a problem? Please describe.
I love the Tinyauth login page. It is very attractive. But when I limit access to a container to specific OIDC group, the default 403 page (from nginx) is ugly.

Describe the solution you'd like
I'd like a branded 403 page from Tinyauth. Tinyauth could either direct to the page itself, or I can update my nginx conf to point to it.

Describe alternatives you've considered
On the discord, someone posted about this problem and there was a recommendation to redirect users to http://tinyauth.example.com/unauthorized?username=notfound. This is a nice hack, but instead of referencing a nonexistent user I wish there was a similar page that just says you are not authorized to access this site.

Additional context
N/A

[steveiliop56]

I was the one that mentioned the hack lol. Unfortunately I don't think we can get Nginx to read the error response from Tinyauth. Since it handles the redirect, Tinyauth cannot redirect itself like it does on Traefik so it has to depend on Nginx. Are you aware of any that Nginx could read anything from the 403 response? It definitely can't read JSON but maybe we can do something with headers?