写一个BaseController 类

基本思路：
1、继承一个公共基类，将验证相关代码放在基类
2、根据 孩子类下的notNeedToken 来决定是否进行验证
3、验证失败后，直接响应回来
这里需要封装一个主要代码：

 protected function response($data = []){$type = $this->getResponseType();$response = Response::create($data, $type);throw new HttpResponseException($response);}

如果直接return 返回，是不会终止执行的，而是会继续执行到指定的控制器，所以这里的方法仿造了$this->error() 以及 $this->success()方法。

全部代码

<?phpnamespace app\api\controller;use think\Controller;
use think\exception\HttpResponseException;
use think\Request;
use think\Response;class BaseController extends Controller
{protected $tokenError = ''; // 错误信息protected $tokenInfo = null; // 解析出来的token信息protected $statusCode = 200;protected $notNeedToken = [];public function _initialize(){$this->checkToken();$this->statusCode = $this->tokenError == '' ? 200 : 401;if (!empty($this->tokenError)) {$this->response(['code' => 0,'msg' => $this->tokenError]);}}// 检查tokenpublic function checkToken(){$request = Request::instance();$path = $request->path();$tokenStr = $request->header('Authorization');do {//echo '所有路由都需要执行' . $path;// 不在排除的路由列表当中都需要进行验证if (!in_array($path, $this->notNeedToken)) {if (empty($tokenStr)) {// 没有传递token$this->tokenError = '请先登录后操作';break;}[$a, $token] = explode(" ", $tokenStr);// 如果为空 直接返回错误if (empty($token)) {$this->tokenError = '请先登录后操作';break;}// 进入验证操作$rst = checkToken($token);if ($rst['code'] == 2) {$this->tokenError = $rst['msg'];break;}// token本身还没有过期$this->tokenInfo = $rst['data'];// 检查数据库表当中是否已经标记为过期了（可能执行了退出登录了）$appUserToken = model('api/app_user_token');$rst =  $appUserToken::get(['user_id' =>   $this->tokenInfo->id,'token' =>   $token]);// 不存在该信息if (empty($rst)) {$this->tokenError = '没有该登录信息';break;}if ($rst['is_overtime'] == 1) {$this->tokenError = '登录已过期';break;}}} while (0);}protected function response($data = []){$type = $this->getResponseType();$response = Response::create($data, $type);throw new HttpResponseException($response);}
}

控制器UserController

class User extends BaseController
{//不需要验证token的接口protected $notNeedToken = ['api/user/reg','api/user/login'];
}