html/api/auth-check.php

<?php
session_set_cookie_params(["lifetime"=>86400,"path"=>"/","domain"=>".weval-consulting.com","secure"=>true,"httponly"=>true,"samesite"=>"Lax"]);
session_start();
if(!empty($_SESSION["weval_auth"]) && $_SESSION["weval_auth"] === true) {
    http_response_code(200);
    echo "OK";
} else {
    http_response_code(401);
    echo "UNAUTHORIZED";
}