From 6b06e1e6f1d565c223d4aaf1da42d53bb74ac08c Mon Sep 17 00:00:00 2001
From: zhanglingsheng <zhanglingsheng@qq.com>
Date: Thu, 21 Nov 2019 15:37:26 +0800
Subject: [PATCH] =?UTF-8?q?user=5Ftoken=E9=AA=8C=E8=AF=81=E6=8E=A5?=
 =?UTF-8?q?=E5=8F=A3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 Application/Sdk/Controller/BaseController.class.php | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/Application/Sdk/Controller/BaseController.class.php b/Application/Sdk/Controller/BaseController.class.php
index 3e03d0b6..876aa076 100644
--- a/Application/Sdk/Controller/BaseController.class.php
+++ b/Application/Sdk/Controller/BaseController.class.php
@@ -11,10 +11,13 @@ class BaseController extends RestController{
 		'Apple.apple_platform_pay','Spend.notice','Apple.apple_union_pay','WapPay.wap_shortcut_pay',
 		'WapPay.shortcut_pay','WapPay.android_shortcut_pay','WapPay.wap_shortcut_pay','WapPay.wap_shortcut_pay',
 		'Apple.apple_weixin_pay','Ipa365','User.user_login','user_register','platform_coin_deduction','get_user_money',
-        'file_pay','pay','GameGiftPage','UserH', 'PayH5','init_sdk','sign_contract', 'Apple','Shortcut'
+        'file_pay','pay','GameGiftPage','UserH', 'PayH5','init_sdk','sign_contract', 'Apple','Shortcut',
 //      'test','Game.get_suspend', 
         		
 	];
+    protected $noToken = [
+        'user_login', 'user_info', 'send_sms', 'verify_sms', 'forget_password'
+    ];
 	// 不需要验证TOKEN的接口
 	protected $noNeedToken = [
 		'Changyan', 'Exchange', 'FengHuoApi', 'File', 'Game', 'GameGift', 'GameNotify', 'Info', 'ios-wap-Pay',
@@ -34,9 +37,12 @@ class BaseController extends RestController{
        	$a = ACTION_NAME;
        	$data = json_decode ( base64_decode ( file_get_contents ( "php://input" ) ), true );
        		
-       	if (!(in_array($c, $this->noNeedGame) 
+       	if ((!(in_array($c, $this->noNeedGame) 
        		|| in_array($a, $this->noNeedGame) 
-       		|| in_array($c.".".$a, $this->noNeedGame))) {
+       		|| in_array($c.".".$a, $this->noNeedGame))) &&
+            (!(in_array($c, $this->noToken) 
+            || in_array($a, $this->noToken) 
+            || in_array($c.".".$a, $this->noToken)))) {
        		if ($data['api_ver'] == 2) {
 	       		$userToken = M('user_token', 'tab_')->where([
 	       			'user_id' => $data['user_id'],