<?php
// src/Security/ApiAuthenticationEntryPoint.php

// ...

class ApiAuthenticationEntryPoint implements AuthenticationEntryPointInterface
{

    // ...

    public function start(Request $request, ?AuthenticationException $authException = null): RedirectResponse
    {
        /** @var string $route current route */
        $route = $request->get('_route');
        if (str_starts_with($route, '_api_')) {
            throw new HttpException(Response::HTTP_UNAUTHORIZED);
        }
        $request->getSession()->getFlashBag()->add('note', 'Vous devez vous authentifier pour accéder à cette page.');

        return new RedirectResponse($this->urlGenerator->generate('app_login'));
    }
}