menu/app/Http/Middleware/TokenAuth.php

<?php

namespace App\Http\Middleware;

use Closure;
use App\User;
use App\Error;

class TokenAuth
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
	$flag = $this->checkToken($request);
	if($flag) {
            return $next($request);
	} else {
	    return json_encode(['rst'=>['msg'=>'token is error'], 'errno'=>'401', 'err'=>Error::getError(401),'timestamp'=>time().'']);
	}
    }

    //验证token是否有效
    private function checkToken($request) {
	$token = $request->headers->get('token') ? $request->headers->get('token') : ($request->get('token') ? $request->get('token') : null);
	if(empty($token)) return false;
	$data = User::parseToken($token);	
	if(empty($data) || ($token!=$data->token && (($data->last_login_time - 30 *86400) > time()))) {
	    return false;
	}
	return true;
    }

    
}