diff --git a/auth.php b/auth.php
new file mode 100644
index 0000000..7c85aaf
--- /dev/null
+++ b/auth.php
@@ -0,0 +1,52 @@
+<?php
+
+/*
+*		smzint/Auth (c) schmamazon.com 2025
+*/
+
+$cookie_name = "SMZ-Auth";
+
+if(!isset($_COOKIE[$cookie_name])) {
+  // Nicht angemeldet
+  return false;
+} else {
+  $sessionId = $_COOKIE[$cookie_name];
+  include('db.ini.php');
+
+  $conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname);
+  if ($conn->connect_error) {
+    die("Connection failed: " . $conn->connect_error);
+  }
+
+  $sql = "SELECT * FROM smz_sessions WHERE sessionId='$sessionId' AND expiry > ".time()." ";
+  $result = $conn->query($sql);
+  if ($result->num_rows > 0) {
+    while($row = $result->fetch_assoc()) {
+      $uid = $row["uid"];
+    }
+  } else {
+    // ungültige Session
+    return false;
+  }
+  $conn->close();
+
+  $conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname);
+  if ($conn->connect_error) {
+    die("Connection failed: " . $conn->connect_error);
+  }
+  $sql = "SELECT email, username FROM smz_users WHERE id='$uid' AND active = 1";
+  $result = $conn->query($sql);
+  $conn->close();
+  if ($result->num_rows > 0) {
+    while($row = $result->fetch_assoc()) {
+      $uemail = $row["email"];
+      $uname = $row["username"];
+    }
+    return true;
+  } else {
+    //Nutzer deaktiviert
+    return false;
+  }
+}
+
+ ?>