Right filter for rewriting page statuscode

I am new to developing wordpress plugins. But I am looking to write a fairly simple plugin.

I want to write a plugin that rewrites the returned status code based on some logic that consults a database. It can essentially be boiled down to an access plugin based on custom logic. When authorization fails I want to either return statuscode 403 or redirect to a login page.

But I am struggling to find the right place to hook in. And also the "correct" way of doing it.

The logic is based on a combination of the Page requested, the logged in user and that users role. Using these values I look up information in a database and either render some custom data or want to turn the user away. If the user is logged in I want to return a 403 but if the user is not logged in I want to return a 401. But is that even the right way of doing it in Wordpress? I am used to writing APIs and have never written a Wordpress plugin.

Should I render a text that says Content not available! instead of a 403 and redirect the user to the login page instead of a 401?

Ideally I would like to separate the logic that renders the data and the logic that authorizes. I would like that to be two different hooks or filters.

I have tried to add a filter on http_response but I can't get it to do anything. I am in doubt if I should call apply_filter myself or if Wordpress does that.

Where in the the Page lifecycle can I hook in after the page is known but not yet rendered to rewrite the page content and stop the rendering efter this rewrite.

All help is appreciated.