codeigniter API - how can I check every POST for a certain value

Question

I just asked THIS QUESTION and got a rather obvious and simple answer (over complicating things as always!)

The proposed solution says that every time I contact my own API I send over a 'token' - 128 bit say.

Instead I though I could do a check to see if user is logged in first (so my own website does not have to authorise each time) and if not check the posts for a 'token'

What I now want to do is check every incoming POST to my API for the token.

ie use the constructor to do this rather than having to add a 'has_token' method to every single method across all my controllers.

Is there a way to do this in the constructor so that any request will check against this token?

public function __construct()
   {
        parent::__construct();
        if (!$this->authentication->logged_in())
        {
             if(!POST_DATA['token'] == "tokenValue"){ //PSEUDO CODE HERE FOR WHAT I WANT TO BE ABLE TO DO
                       redirect('auth/login', 'refresh');
                     } 

        }
  }

basically is there a way to intercept all post data from none-logged in users and check that post has a 'token' set before continuing -> if not I will return an error 'invalid token' or 'token missing' (I am aware the code above does not do this!)

Thanks in advance.

Answer 1

Is this right? Check if the user is logged in, if they're not, check the $_POST for a token, and then check if the token is valid?

if ( ! $this->auth->logged_in() )
{
    if ( $this->input->post('token') )
    {
        if ( ! $this->token_model->check_token($this->input->post('token')) )
        {
            // Invalid token....
        }
    }
    else
    {
        // No token found
    }
}