feat: add branded error pages

backend/config/settings.py

@@ -22,6 +22,7 @@ def _hostname_from_url(url: str) -> str:
 
 SECRET_KEY = os.getenv('DJANGO_SECRET_KEY', 'unsafe-dev-key')
 DEBUG = os.getenv('DJANGO_DEBUG', '0') == '1'
+FORCE_BRANDED_ERROR_PAGES = os.getenv('FORCE_BRANDED_ERROR_PAGES', '0') == '1'
 APP_DOMAIN = os.getenv('APP_DOMAIN', '').strip()
 APP_BASE_URL = os.getenv('APP_BASE_URL', '').strip().rstrip('/')
 ALLOWED_HOSTS = _split_csv_env('DJANGO_ALLOWED_HOSTS', 'localhost,127.0.0.1')
@@ -84,6 +85,7 @@ MIDDLEWARE = [
     'django.contrib.sessions.middleware.SessionMiddleware',
     'django.middleware.locale.LocaleMiddleware',
     'django.middleware.common.CommonMiddleware',
+    'workflows.middleware.FriendlyExceptionMiddleware',
     'workflows.middleware.RequestIDMiddleware',
     'workflows.middleware.RateLimitMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
@@ -95,6 +97,7 @@ MIDDLEWARE = [
 ]
 
 ROOT_URLCONF = 'config.urls'
+CSRF_FAILURE_VIEW = 'workflows.error_views.csrf_failure'
 
 TEMPLATES = [
     {

backend/config/urls.py

@@ -7,6 +7,11 @@ from django.urls import include, path
 from workflows.forms import AppPasswordChangeForm, AppPasswordResetForm, AppSetPasswordForm
 from workflows import views as workflow_views
 
+handler400 = 'workflows.error_views.bad_request'
+handler403 = 'workflows.error_views.permission_denied'
+handler404 = 'workflows.error_views.not_found'
+handler500 = 'workflows.error_views.server_error'
+
 urlpatterns = [
     path('admin/', admin.site.urls),
     path('i18n/', include('django.conf.urls.i18n')),