fix: add unauthorized instead of sending to a loop

oauth.go

@@ -84,6 +84,11 @@ func (s *OAuthStore) DeleteSession(sessionID string) {
 func sendToLoginPage(w http.ResponseWriter, r *http.Request) {
 	http.Redirect(w, r, "/oauth/login", http.StatusTemporaryRedirect)
 }
+
+func sendToUnauthorized(w http.ResponseWriter, r *http.Request) {
+	http.Redirect(w, r, "/oauth/unauthorized", http.StatusTemporaryRedirect)
+}
+
 func generateRandomToken() string {
 	b := make([]byte, 32)
 	rand.Read(b)
@@ -93,6 +98,16 @@ func generateRandomToken() string {
 //go:embed templates/LoginPage.html
 var loginPageContent string
 
+//go:embed templates/NotAuthorizedPage.html
+var unauthorizedPageContent string
+
+func (s *OAuthStore) UnauthorizedPage() http.Handler {
+	unauthorizedPageTemplate := template.Must(template.New("unauthorizedPageContent").Parse(unauthorizedPageContent))
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		unauthorizedPageTemplate.Execute(w, nil)
+	})
+}
+
 func (s *OAuthStore) LoginPage() http.Handler {
 
 	loginPageTemplate := template.Must(template.New("loginPageContent").Parse(loginPageContent))
@@ -156,7 +171,7 @@ func (s *OAuthStore) Protected(next http.Handler) http.Handler {
 			}
 		}
 		if !found {
-			sendToLoginPage(w, r)
+			sendToUnauthorized(w, r)
 			return
 		}