Drupal

How to check session with getting Drupal8 userid?

I know that AJAX passes the request header. How to get the header and check if the session is spoofed in Drupal8, and then get the user id from the session ?

Now the AJAX request causes the execution of a php file that contains the following:

<?php
    use Drupal\Core\DrupalKernel;
    use Drupal\Core\Database\Connection;
    use Symfony\Component\HttpFoundation\Request;
    
    use Drupal\Core\Session\AccountInterface;
    
    $autoloader = require_once 'autoload.php';
    $kernel = DrupalKernel::createFromRequest(Request::createFromGlobals(), $autoloader, 'prod');
    $kernel->boot();
        
    $useruid =  \Drupal::currentUser()->id(); /* тупо всегда = 0, т.к. новая сессия и неавторизированный юзер!*/
    if (!empty($_GET['uid'])) {
        $useruid = $_GET['uid'];
    }
    
    /* бла-бла-бла.. формируем массив данных $arr по $useruid ! */

    $kernel->shutdown();
    
    echo json_encode($arr);
?>