I suggest using cookies instead if security isn't an issue or else try something like this:
session.php
<?php session_start(); echo json_encode($_SESSION); ?>
code.js
fetch('session.php', {credentials: "same-origin"})
.then(response => response.json())
.then(data => console.log(data));