1) The easiest way is to make two SSIDs, one for full viewing, the other for redirecting through the server.
2) Passing traffic through a proxy and back can be done using policy-based routing or by dividing into vrfs and static routes in each (but then 100% of the traffic will go through a proxy, which is also not bad in general).
If in the requirement "How to redirect all requests of certain users via http to the local server?" If you can identify "certain users" by IP address, then PBR definitely looks more interesting.
Just remember to do it both ways.

I don't know if your wireless hardware is capable of web authentication, but that's what you want (probably).

How to redirect all requests of specific users over http to local server? It is necessary to be able to exclude users from this list in order to provide a full-fledged Internet.

firewall, where by default everything is forwarded to the http server, and for those who have passed “authorization” on this server, a rule is created for free access to the outside, which is killed when the address lease time expires.

and I advise you to reconsider the idea. The foreign world is moving towards free wifi, like openwireless.org . Even Bruce Schneier wrote a few years ago that his home hotspot was open to everyone. I'm afraid that even if you succeed, soon there will be a lot of completely free points around, and yours will simply not be used.

In any case, you raise linux with a web server, can it be easier to do everything on it already according to the ready-made instructions?
I can throw off the modified versions of scripts where a simple system of blocking by poppy addresses is implemented.