CN115664793A - Service processing method, device, system, equipment and storage medium - Google Patents
Service processing method, device, system, equipment and storage medium Download PDFInfo
- Publication number
- CN115664793A CN115664793A CN202211302902.1A CN202211302902A CN115664793A CN 115664793 A CN115664793 A CN 115664793A CN 202211302902 A CN202211302902 A CN 202211302902A CN 115664793 A CN115664793 A CN 115664793A
- Authority
- CN
- China
- Prior art keywords
- service
- user
- site
- processed
- processing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Computer And Data Communications (AREA)
Abstract
The embodiment of the invention discloses a service processing method, a device, a system, equipment and a storage medium, wherein the method comprises the following steps: when a page entering operation of a service to be processed is received, determining the processing authority of a user to the service to be processed according to the service identification of the service to be processed; if the user has the processing authority, jumping to a page of a service to be processed and determining user information according to a session identifier acquired from a host site, wherein the session identifier is generated by the host site when the user logs in at the host site; and processing the service to be processed according to the user information. By using the method, when the micro-service architecture is used for developing and deploying the system, the sub-site calls the main site to acquire the user permission at the front end through the service identifier without passing through the back end, so that the number of requests is effectively reduced, the performance of the server is optimized, the client information is acquired through the session identifier when the permission exists, the coupling degree of the main site is reduced on the premise of realizing data consistency, and the communication safety is ensured.
Description
Technical Field
The present invention relates to the field of Web application technologies, and in particular, to a method, an apparatus, a system, a device, and a storage medium for processing a service.
Background
In recent years, with the continuous innovation and development of internet technology, user demands are diversified, and rich system functions can be favored by users in a large internet competition environment. With the increase of system services, the code amount is continuously increased, application programs are gradually bloated, the coupling degree of each function is high, the performance and the maintenance cost of the system are limited, the capacity of a system for newly adding services is limited, and a micro-service architecture is generated as a distributed architecture scheme.
In the prior art, a main site mode is adopted under a micro service architecture, and a master site stores session information generated by login into a redis server to manage the session information. And session sharing among the main sub-sites allows all the sub-site micro-services to access the server and acquire session information. The redis is adopted to manage conference information, other substation micro-services are required to be allowed to access the redis of the main website, the coupling among the micro-services is large, the operation and maintenance cost is increased, and the main website deployment is not really realized. In addition, for the authority control, the back end of the sub-site needs to frequently call a menu authority query interface provided by the main site to query whether the client has the menu authority of the sub-site, the server burden is increased by frequent data interaction between the main sub-sites, the performance of the main sub-site is greatly influenced, the dependence of the sub-site on the main site is increased, and the coupling between service modules is high.
Disclosure of Invention
The invention provides a service processing method, a device, a system, equipment and a storage medium, which realize the reduction of the coupling degree of main stations and guarantee the communication safety on the premise of realizing data consistency.
In a first aspect, this embodiment provides a service processing method, which is applied to a substation under a micro-service architecture, where the method includes:
when a page entering operation of a service to be processed is received, determining the processing authority of a user to the service to be processed according to the service identification of the service to be processed;
if the user has the processing authority, jumping to a page of a service to be processed and determining user information according to a session identifier acquired from a host site, wherein the session identifier is generated by the host site when the user logs in at the host site;
and processing the service to be processed according to the user information.
In a second aspect, this embodiment provides a service processing apparatus configured in a substation under a micro service architecture, where the apparatus includes:
the permission determining module is used for determining the processing permission of a user on the service to be processed according to the service identification of the service to be processed when the page receiving the service to be processed enters the operation;
the information determining module is used for jumping to a page of a service to be processed and determining user information according to a session identifier acquired from a main site if the user has a processing authority, wherein the session identifier is generated by the main site when the user logs in at the main site;
and the processing module is used for processing the service to be processed according to the user information.
In a third aspect, an embodiment of the present invention further provides a micro service system, where the system includes a primary site and at least one secondary site;
the main site is used for receiving login operation of a user, generating a session identifier after the user logs in and storing an authority storage table associated with the user;
the sub-site comprises: the system comprises a permission determining module, an information determining module and a processing module; wherein, the first and the second end of the pipe are connected with each other,
the permission determining module is used for determining the processing permission of a user to the service to be processed according to the service identification of the service to be processed when the page receiving the service to be processed enters the operation;
the information determining module is used for jumping to a page of a service to be processed and determining user information according to a session identifier acquired from a main site if the user has a processing authority, wherein the session identifier is generated by the main site when the user logs in at the main site;
and the processing module is used for processing the service to be processed according to the user information.
In a fourth aspect, an embodiment of the present invention further provides an electronic device, as a substation under a micro service architecture, including:
one or more processors;
storage means for storing one or more programs;
the one or more programs are executed by the one or more processors, so that the one or more processors are used for executing the business processing method according to the embodiment of the first aspect.
In a fifth aspect, an embodiment of the present invention further provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the service processing method according to the embodiment of the first aspect.
The embodiment of the invention discloses a service processing method, a device, a system, equipment and a storage medium, wherein the method comprises the following steps: when a page entering operation of a service to be processed is received, determining the processing authority of a user to the service to be processed according to the service identification of the service to be processed; if the user has the processing authority, jumping to a page of a service to be processed and determining user information according to a session identifier acquired from a host site, wherein the session identifier is generated by the host site when the user logs in at the host site; and processing the service to be processed according to the user information. According to the technical scheme, when the micro-service architecture is used for developing and deploying the system, the sub-sites call the interface of the main site at the front end through the service identification to obtain the user permission without passing through the rear end, the number of requests is effectively reduced, the performance of the server is optimized, the client information is obtained through the session identification when the permission exists, on the premise of realizing data consistency, the coupling degree of the main and sub-sites is reduced, data interaction between the rear ends of the main and sub-sites is reduced, the burden of the server is relieved, the communication safety is guaranteed, and the system can conveniently expand the service function.
It should be understood that the statements in this section do not necessarily identify key or critical features of the embodiments of the present invention, nor do they necessarily limit the scope of the invention. Other features of the present invention will become apparent from the following description.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic flowchart of a service processing method according to an embodiment of the present invention;
fig. 2 is a schematic flow chart of a service processing method according to a second embodiment of the present invention;
fig. 3 is an exemplary diagram of a certain scenario service processing step provided in the second embodiment of the present invention;
fig. 4 is a schematic structural diagram of a service processing apparatus according to a third embodiment of the present invention;
fig. 5 is a schematic structural diagram of a microservice system according to a fourth embodiment of the present invention;
fig. 6 is a schematic structural diagram of an electronic device according to a fifth embodiment of the present invention.
Detailed Description
In order to make the technical solutions of the present invention better understood, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that the terms "target," "original," and the like in the description and claims of the present invention and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in other sequences than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
The micro-service architecture is classified according to the service functions and packaged into high-cohesion low-coupling module units, so that different functional modules are deployed in different servers, service data are stored in respective databases, and each micro-service is responsible for different service teams, and team independence, technology independence, data independence and deployment independence are realized. The problem of data communication among the micro services also comes along, how to realize the data communication among the micro services more safely and efficiently and ensure that business and user data are consistent and researched by system research personnel.
Under the micro-service architecture, different teams are responsible for different function modules of the same system, in order to develop operation and maintenance conveniently, the system is divided into a main site and sub-sites for development, the main site is separately and independently deployed, the main site is used for developing basic functions of user login, menu control, authority verification and the like, and the sub-sites are used for bearing specific service functions. In the main website mode, the main website and the sub website are two independent website systems, the main website provides a menu entrance for the sub website, and a client can only access the sub website through the main website and cannot independently provide service for the client.
In the prior art, the method for acquiring the user right and the user information between the main stations is as follows: 1. and the master station stores the session information session generated by login into a redis server, and manages the session. 2. And session sharing is carried out between the main sub-sites, all the sub-site micro-services are allowed to access the redis server, and the session is acquired. 3. And the sub-site judges the user login state according to the session, and executes the subsequent request logic in the logged-in state. 4. And the back end of the sub-site takes the client information as a request parameter, calls a main site menu authority inquiry interface, and continues to execute the service logic request of the subsequent sub-site if the main site returns the authority of the menu. 5. If the menu authority inquiry interface of the main site returns no authority, error information is returned to the front end, and the front end of the sub site prompts that the client does not have the function authority.
Considering that the redis management session is adopted, the redis that other substation micro-services need to be allowed to access the main site is required, the coupling among the micro-services is large, the operation and maintenance cost is increased, and the main site deployment is not really realized. In addition, for the authority control, the back end of the sub-site needs to frequently call a menu authority query interface provided by the main site to query whether the client has the menu authority of the sub-site, the frequent data interaction between the main sub-site increases the burden of the server, the performance of the main sub-site is greatly influenced, the dependence of the sub-site on the main site is increased, and the coupling between service modules is high.
Example one
Fig. 1 is a flowchart of a service processing method according to an embodiment of the present invention, where the embodiment is suitable for implementing data consistency between primary sites under a micro service architecture and reducing the degree of coupling between the primary sites, and the method may be executed by a service processing apparatus, and the apparatus may be implemented by hardware and/or software and is generally integrated in a secondary site.
As shown in fig. 1, a service processing method provided in this embodiment may specifically include the following steps:
s110, when the page of the received service to be processed enters the operation, determining the processing authority of the user to the service to be processed according to the service identification of the service to be processed.
In order to express the embodiments of the present invention more clearly, the related terms mentioned in the embodiments are explained first. Micro-service: a microservice is an architectural style, with a large complex software application consisting of one or more microservices. Each microservice in the system can be deployed independently, with loose coupling between each microservice, and each microservice is only concerned with completing one task. Master site mode: under the micro-service architecture, different teams are responsible for different function modules of the same system, in order to develop operation and maintenance conveniently, the system is divided into a main site and a sub-site for development, the main site is separately and independently deployed, the main site undertakes development of basic functions such as user login, menu control, authority verification and the like, and the sub-site undertakes specific service functions. In the main website mode, the main website and the sub website are two independent website systems, the main website provides a menu entrance for the sub website, and a client can only access the sub website through the main website and cannot independently provide service for the client. session: in computers, and in particular in network applications, it is called "session control". The session object stores the attributes and configuration information needed for a particular user session. Thus, when a user jumps between World Wide Web (Web) pages of an application, the variables stored in the session object will not be lost, but will persist throughout the user session. When a user requests a Web page from an application, the Web server will automatically create a session object if the user has not already a session. When a session expires or is discarded, the server will terminate the session. axios: a promise-based web request library encapsulates native XHR requests (a browser request) that can be used in browsers and runtime environment nodes. JSAPI: some predefined JS (JavaScript) functions are intended to provide applications and developers the ability to access a set of programs based on some software or hardware without having to access source code or understand internal working mechanisms. The JSAPI mentioned in the scheme is packaged in the client side APP by the main site, and the JSAAPIs can be accessed when the sub-sites run in the main site APP.
It should be noted that the micro service architecture described in this embodiment may use a device terminal such as a mobile phone and a computer as a carrier. In this embodiment, the host is an Application (APP) client, and the host is an entry of all the sub-site microservices and is responsible for basic functions such as user login, menu control, and permission verification. The sub-site is a business application, for example, H5 (HTML 5 is a language description way for constructing Web content) application, and the sub-site runs on the main site client and assumes specific business functions. The application scenario of this embodiment can be understood that, when a user has a service processing requirement, the user needs to log in a client through a host site first; if the user wants to perform specific service processing, the user needs to click a corresponding service menu to jump to a website page for specific service operation. For example, the user may log in through an account password manner or a mobile phone number verification code manner, which is not limited herein.
The page entering operation may be understood as an operation in which a user clicks through a touch object to enter a specific service in a website. The main execution body of the service processing method provided in this embodiment is a sub-site, and when a page of a service to be processed is received and enters an operation, the sub-site needs to determine a processing right of the service to be processed by a user according to a service identifier of the service to be processed, so as to determine whether the user has a right to enter the page of the sub-site for service processing. The service identification is the unique identification of each functional service, and the substation and the master site agree on the unique service identification of each functional service, and the service identification of each functional service can be understood as being determined and known when the service is constructed.
In consideration of the prior art, the back end of the sub-site needs to frequently call a menu authority query interface provided by the main site to query whether the client has the menu authority of the sub-site, the server burden is increased by frequent data interaction between the main sub-sites, the performance of the main sub-site is greatly influenced, dependence of the sub-site on the main site is increased, and the coupling between service modules is high.
In this embodiment, the front end of the sub-site is used to call the interface of the main site to obtain the service right corresponding to the user. It should be clear that when the user logs in at the home site, the home site will store the user's rights to all function menus of the entire system in the format of key-value pair key-value in the home site client cache. For example, assuming that the service identifier is a buscode, a permission can be recorded as a buscode-true, and no permission can be recorded as a buscode-false.
Specifically, when a user clicks a substation menu, that is, when a page entry operation is received, the front end of the substation calls a first interface, that is, a JSAPI1 function, provided by the host to obtain the permission of the user for the service to be processed. For example, the method for determining whether the user has a processing right to the service to be processed may be: calling a first interface of a main site through a front end of a sub-site to acquire a permission storage table stored by the main site; inquiring an authority storage table, and determining a key value corresponding to the service identifier; and determining the processing authority of the user to the service to be processed according to the key value, for example, if the service to be processed is identified as the buscode and the key value pair is found to be the buscode-true, determining that the user has the processing authority to the service to be processed. For example, if the to-be-processed service identifier is a buscode, and the key value pair is found to be a buscode-false, it is determined that the user has no processing right on the to-be-processed service.
And S120, if the user has the processing authority, jumping to a page of the service to be processed and determining user information according to the session identifier acquired from the main site.
Wherein the session identifier is generated by the host site when the user logs in at the host site. The host site generates a session identifier, which is a string randomly generated by the host site to identify the client, and the set time interval (every 2 minutes) changes.
In this embodiment, if it is determined that the user has the processing right, the user is allowed to enter a page corresponding to the substation point. In order to perform service processing, user information needs to be acquired. In the embodiment, the user information is obtained through the session identifier, the filter is used at the back end of the sub-site, the unregistered requests are uniformly filtered, the main site information query interface is called for the logged requests, the client information is obtained, and the client information is stored in the session information, so that the request parameters do not relate to user sensitive information, the risk of data tampering is reduced, and the requests are ensured to be safer and more reliable in transmission. For the user who logs in and makes a service request again, the user information can be directly obtained from the session information of the sub-site.
In this embodiment, when a client enters a website page for the first time after logging in and triggers an initialization request, a master website is called at the front end of the website to obtain a session identifier interface, and after obtaining a session identifier, the session identifier and request parameters are transmitted to the back end of the website through a service request. And a Filter is defined at the back end of the website, and the Filter is used for filtering the users which are not logged in. And calling a login customer information query interface exposed to the sub-site by the main site by using the session identifier, acquiring current customer information, and storing the current customer information to the sub-site for subsequent transaction of the sub-site. In this embodiment, when the client logs in and then enters the website page again, the user information can be directly obtained from the session information.
Wherein, the filter: the Java class realizes a special interface Filter, realizes the filtering function of request resources (jsp, servlet and html), is processed by a small service program or a service connector servlet, and is commonly used for login authority verification, sensitive character filtering and the like. Through the filter, the service requests arriving at the server side are processed uniformly, and unregistered requests are filtered.
There are 3 methods defined in Filter: init (): the method is invoked when the container starts up to initialize filtering. doFilter (): each request in the container invokes the method. Store (): the method is invoked when the container destroys the filter instance. In this embodiment, a doFilter () method is mainly used. It should be noted that, in this embodiment, the Filter is replaced by a Java Interceptor, which intercepts the request before executing the control controller, determines the login status, and obtains the client information.
Specifically, when a client enters a website page for the first time after logging in and triggers an initialization request, the front end acquires a session identifier by acquiring a user session interface, and sends the session identifier to the website back end by a service request; and the back end of the sub-site uses a filter interface, rewrites a DoFilter () method, filters the request of the client which is not logged in through the session identification, calls a client information inquiry interface provided by the main site for the request of the client which is logged in, and stores the client information into the session information of the sub-site for the subsequent service processing of the sub-site.
And S130, processing the service to be processed according to the user information.
Specifically, according to the user information, the service to be processed is processed, for example, data query in the last month is performed.
The embodiment of the invention discloses a method, a device, a system, equipment and a storage medium for processing service, wherein the method comprises the following steps: when a page of a received service to be processed enters operation, determining the processing authority of a user to the service to be processed according to the service identifier of the service to be processed; if the user has the processing authority, jumping to a page of the service to be processed and determining user information according to a session identifier acquired from the host site, wherein the session identifier is generated by the host site when the user logs in at the host site; and processing the service to be processed according to the user information. By using the method, when a micro-service architecture is used for developing and deploying a system, the sub-site calls the interface of the main site to acquire the user permission at the front end through the service identifier without passing through the back end, so that the number of requests is effectively reduced, the performance of the server is optimized, and the client information is acquired through the session identifier when the permission exists, so that the request parameters do not relate to the sensitive information of the user, the risk of data tampering is reduced, and the request is ensured to be safer and more reliable in transmission. On the premise of realizing data consistency, the coupling degree of the main substation is reduced, the data interaction between the rear ends of the main substations is reduced, the load of a server is lightened, the communication safety is ensured, and the system is convenient to expand the service function.
As an alternative embodiment of the present invention, on the basis of the above embodiment, the method is further defined to further include: and if the user has no processing authority, not performing page skipping and generating no-authority prompt information.
Specifically, if it is determined that the user has no processing permission for the service to be processed, the user cannot jump to a page corresponding to the sub-site, and at this time, no-permission prompt information is generated to prompt the login user that the service to be processed has no processing permission. For example, the logic implementation for obtaining the user right can be expressed as:
let auth = await getAuthMenu (buscode); v/Call host site JSAPI to get Menu Authority
If(auth){
this.$router.push({path:’/path1’});
}else{
this. $ toast ("without permission");
}。
in the optional embodiment, the front end of the sub-site calls the interface for obtaining the client permission, which is packaged by the main site, through the service identifier, obtains the permission of the user sub-site menu, and does not allow the user without permission to enter the sub-site service page for service processing and generate the prompt information without permission. The client permission of the sub-sites is acquired through the permission identification in the front-end calling interface without passing through the back end, so that the number of requests is effectively reduced, the performance of the server is optimized, and the coupling of the main sub-sites is reduced.
Example two
Fig. 2 is a schematic flow chart of a service processing method according to a second embodiment of the present invention, which is a further optimization of the second embodiment, and in this embodiment, when a page of a service to be processed is received and enters an operation, determining, according to a service identifier of the service to be processed, a processing right of a user to the service to be processed is further embodied as: when a page of a service to be processed is received to enter operation, a first interface of the main site is called through the front end of the sub-site to obtain a permission storage table, wherein the permission storage table contains the binding relationship between a user and various service processing permissions, and the permission storage table is stored by the main site when the user logs in at the main site; inquiring the authority storage table and determining a key value corresponding to the service identifier; and determining the processing authority of the user to the service to be processed according to the key value.
Meanwhile, the user information acquisition according to the session identifier acquired from the master site is further embodied as follows: calling a second interface of the main site through the front end of the sub-site to acquire a session identifier; generating a service request according to the session identifier and the request parameter, and sending the service request to the back end of the substation; analyzing the service request through a filter at the rear end of the substation to obtain a session identifier; if the session identifier is empty, determining user information according to a login identifier in the session information of the sub-site; and if the session identifier is not empty, calling a third interface of the main site through the back end of the sub-site to acquire user information.
As shown in fig. 2, the second embodiment provides a service processing method, which specifically includes the following steps:
s210, when the page of the received service to be processed enters the operation, a first interface of the main site is called through the front end of the sub site to obtain the authority storage table.
The authority storage table contains binding relations between users and various service processing authorities, and the authority storage table is stored by the main site when the users log in the main site. In this embodiment, the front end of the sub-site is used to call the interface of the main site to obtain the service right corresponding to the user. It should be clear that when the user logs in at the home site, the home site will store the user's rights to all function menus of the whole system in the home site client cache in the key-value format. For example, assuming that the service identifier is a buscode, a permission can be recorded as a buscode-true, and no permission can be recorded as a buscode-false.
Specifically, when a user clicks a sub-site menu, that is, a page entry operation is received, the front end of the sub-site calls a first interface provided by the host site, that is, a JSAPI1 function, to obtain the permission storage table.
S220, inquiring the authority storage table and determining the key value corresponding to the service identifier.
Specifically, the authority storage table is queried to determine a key value corresponding to the service identifier.
And S230, determining the processing authority of the user to the service to be processed according to the key value.
Illustratively, if the to-be-processed service is identified as the buscode, and the key value pair is found to be the buscode-true, it is determined that the user has the processing permission on the to-be-processed service. If the service to be processed is identified as the buscode, and the key value pair is found to be the buscode-false, it is determined that the user has no processing permission to the service to be processed.
S240, if the user has the processing authority, jumping to a page of the service to be processed and calling a second interface of the main site through the front end of the sub-site to acquire the session identification.
When a user logs in, the host site generates a session identifier, the session identifier is a string randomly generated by the host site and used for identifying a client, and a time interval is set, for example, the time interval changes every 2 minutes. If the user has the processing authority, the user can jump to a page corresponding to the sub-site, namely a page of the service to be processed, the front end of the sub-site obtains the session identifier of the logged-in user by calling a second interface provided by the client of the main site, and the second interface can be expressed as JSAPI2.
And S250, generating a service request according to the session identifier and the request parameter, and sending the service request to the back end of the substation.
Specifically, the slave station may set information related to the service request, such as information about request timeout time, a back-end address, a message type, and the like. The parameters of the service request include not only the parameters of the website service request, but also the session identifier. And sending the generated service request to the back end of the substation. The front end of the sub-site initiates a request to the back end through axios (axios is a Web data interaction mode), and receives data returned by the back end.
Illustratively, the logic for service request parameter setting may be expressed as:
Const service=axios.create({
timeout 30000,// request timeout
Value,// front end request message carries cookie
baseURL ` 10.10.10.10/itsm `,// request Path
headers:{
"Content-Type":"application/json",
}
})。
Illustratively, a service request is sent to the site back end, where the request parameters include parameters of the site service request and a session identifier, and the logic may be expressed as:
s260, analyzing the service request through a filter at the rear end of the sub-site to obtain a session identifier.
Specifically, a Filter is defined at the back end of the substation, and all requests initiated by the front end pass through the Filter. And rewriting the instance constructor init method, and acquiring the configuration parameters in the init method. The doFilter method is rewritten, and lightweight data interchange format (JSON) data is analyzed to obtain a session identifier so as to judge the login state. For example, the logic for parsing the service request through the filter at the backend of the website can be expressed as:
and S270, if the session identifier is empty, determining the user information according to the login identifier in the session information of the sub-site.
Specifically, if the session identifier is null, it indicates that the user does not first request the substation data after logging in. For example, after the user logs in, the service processing is performed first, and the data query is performed, then the service processing may be understood as first requesting the substation data, and the data query may be understood as second requesting the substation data. If the session identifier is empty, the user information needs to be further determined according to the login identifier in the session information of the sub-site.
Further, according to the login identifier in the session information of the website, the step of determining the user information may be expressed as:
a1, obtaining a login identification from session information of the substation.
Specifically, if the session identifier is empty, the login identifier of the user is stored in the session information, and the login identifier is obtained from the session information. Illustratively, assume that the session identifier is ssi and the login identifier is isLogin.
b1, judging whether the login identification is true.
Specifically, it is determined whether the login id is true. Continuing with the above example, isLogin equals true or isLogin equals null.
And c1, if true, acquiring the user information from the session information.
Specifically, if the login identification is true, which indicates that the user has completed logging in, the user information is obtained from the session information of the website. Illustratively, as described in the above example, if ssi is empty and isLogin is equal to true, it indicates that the user has completed logging in, and obtains user information from session.
d1, otherwise, determining that the user is not logged in and returning a non-login prompt.
Specifically, if the login identifier is not true, which indicates that the user is not logged in, or it can be understood that the login information is invalid, the filter at the backend of the website filters the part of the request, and directly returns error information.
Further, after the third interface of the master site is called by the back end of the slave site to obtain the user information, the method further includes: and storing the user information into the session information of the sub-site, and setting the login identification in the session information to be true.
Specifically, when a user accesses the data of the sub-sites for the first time, after the third interface of the main site is called by the rear end of the sub-sites to obtain the user information, the user information is stored in the session information of the sub-sites, so that the user information can be directly obtained from the session information of the sub-sites when the user subsequently performs other business operations, frequent requests for the data of the main site are avoided, and the performance of the server is improved. In addition, the login identifier in the session information is set to true, which indicates that the user has completed the login.
For example, the logic for obtaining the user information according to the session identifier may be represented as:
and S280, if the session identifier is not empty, calling a third interface of the main site through the back end of the sub-site to acquire the user information.
Specifically, if the session identifier is non-null, which indicates that the user requests the substation data for the first time after logging in, the substation calls an interface provided by the host to obtain the user information of the logged-in user. In this embodiment, for convenience of distinction, an interface for acquiring the user information is referred to as a third interface.
And S290, processing the service to be processed according to the user information.
The embodiment embodies the steps of determining the processing authority of the user to the service to be processed according to the service identifier of the service to be processed and acquiring the user information according to the session identifier acquired from the main site. When a system is developed and deployed by using a micro-service architecture, the user permission of the sub-sites is acquired by calling an interface function at the front end through a service identifier without passing through the back end, so that the number of requests is effectively reduced, the performance of a server is optimized, and the coupling of the main sub-sites is reduced. The user login information is used for uniformly filtering the request which is not logged in by using a filter at the rear end of the sub-site through the session identifier, and the user information is stored in the session information after a main site information query interface is called for the logged request, so that the request parameter does not relate to the sensitive information of the user, the risk of data tampering is reduced, and the request is ensured to be safer and more reliable in transmission. Through the service identifier and the session identifier, on the premise of realizing the consistency of data information between the main substations in the micro-service architecture, the data interaction between the rear ends of the main substations is reduced, the burden of a server is reduced, the coupling degree is reduced, and the system is convenient to expand service functions.
To more clearly express the service processing method provided by the embodiment of the present invention, exemplarily, fig. 3 is an exemplary diagram of a certain scenario service processing step provided by the second embodiment of the present invention.
S1, when a page of a service to be processed is received to enter operation, a first interface of a main site is called through a front end of a sub-site to obtain a permission storage table, wherein the permission storage table contains binding relations between users and various service processing permissions, and the permission storage table is stored by the main site when the users log in the main site.
And S2, inquiring the authority storage table and determining a key value corresponding to the service identifier.
And S3, determining the processing authority of the user to the service to be processed according to the key value, executing the step S4 if the user has no processing authority, and executing the step S5 if the user has the processing authority.
And S4, if the user has no processing authority, not performing page skipping and generating no-authority prompt information.
And S5, if the user has the processing authority, jumping to a page of the service to be processed and calling a second interface of the main site through the front end of the sub-site to acquire the session identifier.
And S6, generating a service request according to the session identifier and the request parameter, and sending the service request to the back end of the substation.
And S7, analyzing the service request through a filter at the rear end of the substation to obtain a session identifier, executing the step S8 if the session identifier is empty, and executing the step S12 if the session identifier is not empty.
And S8, if the session identifier is empty, acquiring the login identifier from the session information of the sub-site.
And S9, judging whether the login identification is true, if so, executing the step S10, otherwise, executing the step S11.
And S10, if true, acquiring the user information from the session information.
And S11, if not, determining that the user is not logged in and returning a non-login prompt.
And S12, if the session identifier is not empty, calling a third interface of the main site through the back end of the sub-site to acquire the user information.
And S13, storing the user information into the session information of the sub-site, and setting the login identification in the session information to be true.
And S14, processing the service to be processed according to the user information.
EXAMPLE III
Fig. 4 is a schematic structural diagram of a service processing apparatus according to a third embodiment of the present invention, which is applicable to a case where data consistency is implemented between main nodes under a micro service architecture and the coupling degree of the main nodes is reduced, and the apparatus may be implemented in the form of hardware and/or software. As shown in fig. 4, the apparatus includes: a rights determination module 31, an information determination module 32, and a processing module 33, wherein,
the permission determining module 31 is configured to determine, according to the service identifier of the service to be processed, a processing permission of the service to be processed by the user when the page receiving the service to be processed enters the operation;
the information determining module 32 is configured to jump to a page of a service to be processed and determine user information according to a session identifier acquired from a host if the user has a processing right, where the session identifier is generated by the host when the user logs in the host;
and the processing module 33 is configured to process the service to be processed according to the user information.
Optionally, the apparatus further comprises a prompting module, configured to:
and if the user has no processing authority, not performing page skipping and generating no-authority prompt information.
Optionally, the authority determining module 31 is configured to:
when a page of a service to be processed is received to enter operation, a first interface of a main site is called through the front end of a sub-site to obtain a permission storage table, wherein the permission storage table comprises binding relations between users and various service processing permissions, and the permission storage table is stored by the main site when the users log in the main site;
inquiring an authority storage table, and determining a key value corresponding to the service identifier;
and determining the processing authority of the user to the service to be processed according to the key value.
Optionally, the information determining module 32 includes:
the identifier acquisition unit is used for calling a second interface of the main site through the front end of the sub-site to acquire a session identifier;
the request sending unit is used for generating a service request according to the session identifier and the request parameter and sending the service request to the back end of the substation;
the analysis unit is used for analyzing the service request through a filter at the rear end of the substation to obtain a session identifier;
the first determining unit is used for determining user information according to the login identification in the session information of the sub-site if the session identification is empty;
and the second determining unit is used for calling a third interface of the main site through the back end of the sub-site to acquire the user information if the session identifier is not empty.
Optionally, the first determining unit is specifically configured to:
acquiring a login identifier from session information of the sub-site;
judging whether the login identification is true;
if true, acquiring user information from the session information;
otherwise, determining that the user is not logged in and returning a non-login prompt.
Optionally, the apparatus further includes a storage module, configured to:
and storing the user information into the session information of the sub-site, and setting the login identification in the session information to be true.
The service processing device provided by the embodiment of the invention can execute the service processing method provided by any embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method.
Example four
Fig. 5 is a schematic structural diagram of a microservice system according to a fourth embodiment of the present invention, as shown in fig. 5, the microservice system includes a primary site 1 and at least one secondary site 2;
the main site 1 is used for receiving login operation of a user, generating a session identifier after the user logs in and storing an authority storage table associated with the user;
the substation 2 includes: a right determination module 31, an information determination module 32, and a processing module 33; wherein the content of the first and second substances,
the permission determining module 31 is configured to determine, according to the service identifier of the service to be processed, a processing permission of the user for the service to be processed when the page receiving the service to be processed enters the operation;
the information determining module 32 is configured to jump to a page of a service to be processed and determine user information according to a session identifier acquired from a host if the user has a processing right, where the session identifier is generated by the host when the user logs in the host;
and the processing module 33 is configured to process the service to be processed according to the user information.
The micro service system provided by the embodiment of the invention can execute the service processing method provided by any embodiment of the invention, and has corresponding functional modules and beneficial effects of the execution method.
EXAMPLE five
Fig. 6 is a schematic structural diagram of an electronic device according to a fifth embodiment of the present invention. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital assistants, cellular phones, smart phones, wearable devices (e.g., helmets, glasses, watches, etc.), and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the inventions described and/or claimed herein.
As shown in fig. 6, the electronic device 40 includes at least one processor 41, and a memory communicatively connected to the at least one processor 41, such as a Read Only Memory (ROM) 42, a Random Access Memory (RAM) 43, and the like, wherein the memory stores a computer program executable by the at least one processor, and the processor 41 may perform various suitable actions and processes according to the computer program stored in the Read Only Memory (ROM) 42 or the computer program loaded from the storage unit 48 into the Random Access Memory (RAM) 43. In the RAM 43, various programs and data necessary for the operation of the electronic apparatus 40 can also be stored. The processor 41, the ROM 42, and the RAM 43 are connected to each other via a bus 44. An input/output (I/O) interface 45 is also connected to bus 44.
A number of components in the electronic device 40 are connected to the I/O interface 45, including: an input unit 746 such as a keyboard, mouse, or the like; an output unit 47 such as various types of displays, speakers, and the like; a storage unit 48 such as a magnetic disk, an optical disk, or the like; and a communication unit 49 such as a network card, modem, wireless communication transceiver, etc. The communication unit 49 allows the electronic device 40 to exchange information/data with other devices via a computer network such as the internet and/or various telecommunication networks.
In some embodiments, the business process method may be implemented as a computer program tangibly embodied in a computer-readable storage medium, such as storage unit 48. In some embodiments, part or all of the computer program may be loaded and/or installed onto the electronic device 40 via the ROM 42 and/or the communication unit 49. When the computer program is loaded into the RAM 43 and executed by the processor 41, one or more steps of the business process method described above may be performed. Alternatively, in other embodiments, the processor 41 may be configured to perform the traffic processing method by any other suitable means (e.g., by means of firmware).
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuitry, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), system on a chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
A computer program for implementing the methods of the present invention may be written in any combination of one or more programming languages. These computer programs may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the computer programs, when executed by the processor, cause the functions/acts specified in the flowchart and/or block diagram block or blocks to be performed. A computer program can execute entirely on a machine, partly on the machine, as a stand-alone software package, partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of the present invention, a computer-readable storage medium may be a tangible medium that can contain, or store a computer program for use by or in connection with an instruction execution system, apparatus, or device. A computer readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. Alternatively, the computer readable storage medium may be a machine readable signal medium. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on an electronic device having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user can provide input to the electronic device. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user can be received in any form, including acoustic, speech, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), blockchain networks, and the internet.
The computing system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical host and VPS service are overcome.
It should be understood that various forms of the flows shown above may be used, with steps reordered, added, or deleted. For example, the steps described in the present invention may be executed in parallel, sequentially, or in different orders, and are not limited herein as long as the desired results of the technical solution of the present invention can be achieved.
The above-described embodiments should not be construed as limiting the scope of the invention. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made, depending on design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. A business processing method is applied to a substation under a micro service architecture, and the method comprises the following steps:
when a page of a service to be processed is received to enter operation, determining the processing authority of a user on the service to be processed according to the service identification of the service to be processed;
if the user has the processing authority, jumping to a page of a service to be processed and determining user information according to a session identifier acquired from a host site, wherein the session identifier is generated by the host site when the user logs in at the host site;
and processing the service to be processed according to the user information.
2. The method of claim 1, further comprising:
and if the user has no processing authority, not performing page skipping and generating no-authority prompt information.
3. The method according to claim 1, wherein when receiving an entry operation of a service to be processed, determining a processing right of a user for the service to be processed according to a service identifier of the service to be processed comprises:
when a page of a service to be processed is received to enter operation, a first interface of the main site is called through the front end of the sub-site to obtain a permission storage table, wherein the permission storage table contains the binding relationship between a user and various service processing permissions, and the permission storage table is stored by the main site when the user logs in at the main site;
inquiring the authority storage table and determining a key value corresponding to the service identifier;
and determining the processing authority of the user to the service to be processed according to the key value.
4. The method of claim 1, wherein obtaining user information according to the session identifier obtained from the host site comprises:
calling a second interface of the main site through the front end of the sub-site to acquire a session identifier;
generating a service request according to the session identifier and the request parameter and sending the service request to a back end of the substation;
analyzing the service request through a filter at the rear end of the substation to obtain a session identifier;
if the session identifier is empty, determining user information according to a login identifier in the session information of the sub-site;
and if the session identifier is not empty, calling a third interface of the main site through the back end of the sub-site to acquire user information.
5. The method according to claim 4, wherein the determining user information according to the login identifier in the session information of the website comprises:
acquiring a login identifier from the session information of the sub-site;
judging whether the login identification is true;
if true, obtaining user information from the session information;
otherwise, determining that the user is not logged in and returning a non-login prompt.
6. The method of claim 4, after obtaining the user information through the third interface of the host site called by the backend of the branch site, further comprising:
and storing the user information into the session information of the sub-site, and setting the login identification in the session information to be true.
7. A transaction processing apparatus configured in a substation under a microservice architecture, the apparatus comprising:
the permission determining module is used for determining the processing permission of a user to the service to be processed according to the service identification of the service to be processed when the page receiving the service to be processed enters the operation;
the information determining module is used for jumping to a page of a service to be processed and determining user information according to a session identifier acquired from a main site if the user has a processing authority, wherein the session identifier is generated by the main site when the user logs in at the main site;
and the processing module is used for processing the service to be processed according to the user information.
8. A microservice system, comprising a primary site and at least one secondary site;
the main site is used for receiving login operation of a user, generating a session identifier after the user logs in and storing a permission storage table associated with the user;
the substation includes: the system comprises a permission determining module, an information determining module and a processing module; wherein the content of the first and second substances,
the permission determining module is used for determining the processing permission of a user to the service to be processed according to the service identification of the service to be processed when the page receiving the service to be processed enters the operation;
the information determining module is used for jumping to a page of a service to be processed and determining user information according to a session identifier acquired from a main site if the user has a processing authority, wherein the session identifier is generated by the main site when the user logs in at the main site;
and the processing module is used for processing the service to be processed according to the user information.
9. An electronic device, as a slave station under a microservice architecture, comprising:
one or more processors;
storage means for storing one or more programs;
the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the business processing method of any of claims 1-6.
10. A computer-readable storage medium, on which a computer program is stored, which program, when being executed by a processor, is adapted to carry out the service processing method according to any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211302902.1A CN115664793A (en) | 2022-10-24 | 2022-10-24 | Service processing method, device, system, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211302902.1A CN115664793A (en) | 2022-10-24 | 2022-10-24 | Service processing method, device, system, equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115664793A true CN115664793A (en) | 2023-01-31 |
Family
ID=84990909
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211302902.1A Pending CN115664793A (en) | 2022-10-24 | 2022-10-24 | Service processing method, device, system, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115664793A (en) |
-
2022
- 2022-10-24 CN CN202211302902.1A patent/CN115664793A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106998343B (en) | Remote procedure call processing method, device and system | |
| US8898731B2 (en) | Association of service policies based on the application of message content filters | |
| CN111258627B (en) | Interface document generation method and device | |
| KR102134547B1 (en) | Risk identification method, risk identification device, and cloud risk identification device and system | |
| CN112333096A (en) | Micro-service traffic scheduling method and related components | |
| US11755744B2 (en) | Application programming interface specification inference | |
| CN110781505B (en) | System construction method and device, retrieval method and device, medium and equipment | |
| CN112698952A (en) | Unified management method and device for computing resources, computer equipment and storage medium | |
| CN110737425B (en) | Method and device for establishing application program of charging platform system | |
| US11882154B2 (en) | Template representation of security resources | |
| CN115421922A (en) | Current limiting method, device, equipment, medium and product of distributed system | |
| CN113946816A (en) | Cloud service-based authentication method and device, electronic equipment and storage medium | |
| CN114296953A (en) | Multi-cloud heterogeneous system and task processing method | |
| CN113010238A (en) | Permission determination method, device and system for micro application call interface | |
| US20230118838A1 (en) | Advanced agent instrumentation for opentelemetry implementations | |
| CN112052152A (en) | Simulation test method and device | |
| CN112491943A (en) | Data request method, device, storage medium and electronic equipment | |
| CN107018140B (en) | Authority control method and system | |
| CN115664793A (en) | Service processing method, device, system, equipment and storage medium | |
| CN115550413A (en) | Data calling method and device, service gateway and storage medium | |
| CN114115897A (en) | Method for dynamically generating project local executable file based on nodejs script | |
| CN113515306A (en) | System transplanting method and device | |
| US12032647B2 (en) | Tenant network for rewriting of code included in a web page | |
| CN113495747B (en) | Gray scale release method and device | |
| CN117556116A (en) | Method and device for processing request information, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |