[LOGS-1] PLU-557: Less verbose error logs (#1208)

## TL;DR

This PR enhances error handling for GraphQL requests:
- Adds special handling for `INTERNAL_SERVER_ERROR` responses to prevent leaking sensitive server details to the frontend


## How to test?
- [ ] Force an error, ensure that the generic 'An error has occurred' toast is thrown on the frontend
  - [ ] Console should not show any additional information about queries
- [ ] If the query has a custom message, it should be shown in the toast in the frontend. for example, when attempting to transfer a pipe to a user that does not exist in Plumber

## Screenshots


![Screenshot 2025-09-15 at 2.08.55 PM.png](https://app.graphite.dev/user-attachments/assets/9e6e4ee9-308a-4a82-863e-ac4cbe57f477.png)

![Screenshot 2025-09-15 at 2.09.23 PM.png](https://app.graphite.dev/user-attachments/assets/a5d90fda-9fb6-4502-93ba-97d7a2a01ae0.png)

Author: kevinkim-ogp

packages/backend/src/helpers/graphql-instance.ts

@@ -1,11 +1,13 @@
 import { ApolloServer, type ApolloServerPlugin } from '@apollo/server'
+import { unwrapResolverError } from '@apollo/server/errors'
 import { ApolloServerPluginLandingPageDisabled } from '@apollo/server/plugin/disabled'
 import { ApolloServerPluginLandingPageLocalDefault } from '@apollo/server/plugin/landingPage/default'
 import { expressMiddleware } from '@as-integrations/express4'
 import { makeExecutableSchema } from '@graphql-tools/schema'
 import { RequestHandler } from 'express'
 import { Kind, OperationDefinitionNode } from 'graphql/language'
 import { applyMiddleware } from 'graphql-middleware'
+import { DBError } from 'objection'
 
 import appConfig from '@/config/app'
 import { BadUserInputError } from '@/errors/graphql-errors'
@@ -86,20 +88,42 @@ export const server = new ApolloServer<UnauthenticatedContext>({
   ],
   // We don't want to allow batching within a single HTTP request, this defaults to false
   allowBatchedHttpRequests: false,
-  formatError: (error) => {
-    logger.error(error)
-    let errorMessage = error.message
-    if (error.message.includes('Did you mean')) {
+  formatError: (formattedError, error) => {
+    logger.error(formattedError)
+
+    // NOTE: objection throws all error with DBError class
+    // so we handle them here
+    if (unwrapResolverError(error) instanceof DBError) {
+      return { message: 'Internal server error', code: 'INTERNAL_SERVER_ERROR' }
+    }
+
+    // NOTE: handles INTERNAL_SERVER_ERROR
+    // logs the error on the server and return a generic message to the frontend
+    // to prevent leaking internal server error details to the frontend such as the
+    // exact SQL queries.
+    if (formattedError.extensions?.code === 'INTERNAL_SERVER_ERROR') {
+      // Return a generic message to the frontend
+      let message = 'An error has occurred'
+      if (formattedError?.message) {
+        message += ': ' + formattedError?.message
+      }
+      return { message, code: 'INTERNAL_SERVER_ERROR' }
+    }
+
+    let errorMessage = formattedError.message
+    if (formattedError.message.includes('Did you mean')) {
       errorMessage = 'Invalid request'
     }
     if (
-      error.message.includes("Please either specify a 'content-type' header")
+      formattedError.message.includes(
+        "Please either specify a 'content-type' header",
+      )
     ) {
       errorMessage = 'Blocked request'
     }
     const newError = {
       message: errorMessage,
-      code: error.extensions?.code,
+      code: formattedError.extensions?.code,
     }
     return newError
   },

packages/frontend/src/components/ApolloProvider/index.tsx

@@ -15,6 +15,8 @@ const ApolloProvider = (props: ApolloProviderProps): React.ReactElement => {
     (message: string) => {
       toast({
         title: message,
+        description:
+          'If this error persists, contact us at [email protected].',
         status: 'error',
         duration: 3000,
         isClosable: true,