Summary of the invention
For overcoming above-mentioned technical problem or solving the problems of the technologies described above at least in part, the following technical scheme of special proposition:
Embodiments of the invention propose a kind of method of deal with data access request, comprising:
Detect the data access request for visit data interface from user, and extract the request relevant information of described data access request;
Based on described request relevant information, verify rule by the access corresponding with described data-interface, judge whether described data access request has the access rights to described data-interface;
If described data access request has the access rights to described data-interface, then described data access request is sent to described data-interface.
Preferably, the method also comprises:
Verify rule by the access corresponding with described data-interface of pre-stored, judge whether described data access request has the access rights to described data-interface.
Preferably, the method also comprises:
The access corresponding with described data-interface is set and verifies rule.
Preferably, described request relevant information includes but not limited to:
The identification information of data-interface; The identification information of user; The request time of data access request.
Preferably, described access verification rule includes but not limited to:
The expired time corresponding with data-interface;
Maximum access times in the expired time corresponding with data-interface;
Based on the request number of times judgment rule of expired time and maximum access times.
Preferably, based on described request relevant information, verify rule by the access corresponding with described data-interface, judge whether described data access request has the access rights to described data-interface, comprises further:
For described user, determine the request number of times of described data access request in the expired time corresponding with described data-interface;
Judge the magnitude relationship of described request number of times and the maximum access times in the expired time corresponding with described data-interface;
If judge, described request number of times does not exceed described maximum access times, determines that described data access request has the access rights to described data-interface;
If judge, described request number of times exceeds described maximum access times, determines that described data access request does not have the access rights to described data-interface.
Preferably, the method also comprises:
If described data access request does not have the access rights to described data-interface, tackle described data access request;
Generate and send failed information, and described failed information is provided to described user.
Another embodiment of the present invention proposes a kind of method of deal with data access request, comprising:
Receive the data access request for visit data interface from user;
Extract the request relevant information of described data access request, and based on described request relevant information, utilize the access corresponding with described data-interface to verify rule, judge whether described data access request has the access rights to described data-interface;
If judge, described data access request has the access rights to described data-interface, forwards described data access request to corresponding data-interface.
Preferably, based on described request relevant information, utilize the access corresponding with described data-interface to verify rule, judge whether described data access request has the access rights to described data-interface, comprising:
For described user, determine the request number of times of described data access request in the expired time corresponding with described data-interface;
Judge the magnitude relationship of described request number of times and the maximum access times in the expired time corresponding with described data-interface;
If judge, described request number of times does not exceed described maximum access times, determines that described data access request has the access rights to described data-interface.
Preferably, the method also comprises:
If judge, described request number of times equals described maximum access times, issues the access verification rule that described data-interface is corresponding.
Preferably, the method also comprises:
If judge, described data access request does not have the access rights to described data-interface, generates and issue to send failed information.
Preferably, described access verification rule includes but not limited to:
The expired time corresponding with data-interface;
Maximum access times in the expired time corresponding with data-interface;
Based on the request number of times judgment rule of expired time and maximum access times.
Another embodiment of the present invention proposes a kind of device of deal with data access request, comprising:
Detection module, for detecting the data access request for visit data interface from user, and extracts the request relevant information of described data access request;
First judge module, for based on described request relevant information, verifies rule by the access corresponding with described data-interface, judges whether described data access request has the access rights to described data-interface;
Sending module, if having the access rights to described data-interface for described data access request, is then sent to described data-interface by described data access request.
Preferably, this device also comprises:
Second judge module, verifies rule for the access corresponding with described data-interface by pre-stored, judges whether described data access request has the access rights to described data-interface.
Preferably, this device also comprises:
Module being set, verifying rule for arranging the access corresponding with described data-interface.
Preferably, described request relevant information includes but not limited to:
The identification information of data-interface; The identification information of user; The request time of data access request.
Preferably, described access verification rule includes but not limited to:
The expired time corresponding with data-interface;
Maximum access times in the expired time corresponding with data-interface;
Based on the request number of times judgment rule of expired time and maximum access times.
Preferably, described first judge module comprises further:
First determining unit, for for described user, determines the request number of times of described data access request in the expired time corresponding with described data-interface;
First judging unit, for judging the magnitude relationship of described request number of times and the maximum access times in the expired time corresponding with described data-interface;
Second determining unit, if for judging that described request number of times does not exceed described maximum access times, determine that described data access request has the access rights to described data-interface;
3rd determining unit, if for judging that described request number of times exceeds described maximum access times, determine that described data access request does not have the access rights to described data-interface.
Preferably, this device also comprises:
Blocking module, if do not have the access rights to described data-interface for described data access request, tackles described data access request;
Generate sending module, send failed information for generating, and described failed information is provided to described user.
Another embodiment of the present invention proposes a kind of device of deal with data access request, comprising:
Receiver module, for receiving the data access request for visit data interface from user;
3rd judge module, for extracting the request relevant information of described data access request, and based on described request relevant information, utilize the access corresponding with described data-interface to verify rule, judge whether described data access request has the access rights to described data-interface;
Forwarding module, if for judging that described data access request has the access rights to described data-interface, forwards described data access request to corresponding data-interface.
Preferably, described 3rd judge module comprises:
4th determining unit, for for described user, determines the request number of times of described data access request in the expired time corresponding with described data-interface;
Second judging unit, for judging the magnitude relationship of described request number of times and the maximum access times in the expired time corresponding with described data-interface;
5th determining unit, if for judging that described request number of times does not exceed described maximum access times, determine that described data access request has the access rights to described data-interface.
Preferably, this device also comprises:
Issuing module, if for judging that described request number of times equals described maximum access times, issuing the access verification rule that described data-interface is corresponding.
Preferably, this device also comprises:
Generation issues module, if for judging that described data access request does not have the access rights to described data-interface, generating and issuing the failed information of transmission.
Preferably, described access verification rule includes but not limited to:
The expired time corresponding with data-interface;
Maximum access times in the expired time corresponding with data-interface;
Based on the request number of times judgment rule of expired time and maximum access times.
In embodiments of the invention, propose a kind of scheme of deal with data access request, according to the request relevant information of the data-interface access request from user, in conjunction with the access verification rule that data-interface is corresponding, can judge whether this data access request has the access rights to data-interface accurately, by client, access verification rule is arranged, user can according to the access of self requirements for access restriction to data-interface, the access verification rule simultaneously also issued by server verifies in the access times of client to data access request, achieve and judge that the access times whether data access request exceeds for this data-interface limit exactly in client, if repeatedly data access request at short notice frequent requests data-interface time, can tackle data access request in client this locality, and no longer send data access request to service end, the object reduced service end request is reached with this, and then reduce the load of service end corresponding data interface, meanwhile, the client of service end data-handling efficiency and terminal equipment is improved to the response speed of data access request.
The aspect that the present invention adds and advantage will part provide in the following description, and these will become obvious from the following description, or be recognized by practice of the present invention.
Embodiment
Be described below in detail embodiments of the invention, the example of described embodiment is shown in the drawings, and wherein same or similar label represents same or similar element or has element that is identical or similar functions from start to finish.Being exemplary below by the embodiment be described with reference to the drawings, only for explaining the present invention, and can not limitation of the present invention being interpreted as.
Those skilled in the art of the present technique are appreciated that unless expressly stated, and singulative used herein " ", " one ", " described " and " being somebody's turn to do " also can comprise plural form.Should be further understood that, the wording used in specification of the present invention " comprises " and refers to there is described feature, integer, step, operation, element and/or assembly, but does not get rid of and exist or add other features one or more, integer, step, operation, element, assembly and/or their group.Should be appreciated that, when we claim element to be " connected " or " coupling " to another element time, it can be directly connected or coupled to other elements, or also can there is intermediary element.In addition, " connection " used herein or " coupling " can comprise wireless connections or wirelessly to couple.Wording "and/or" used herein comprises one or more whole or arbitrary unit listing item be associated and all combinations.
Those skilled in the art of the present technique are appreciated that unless otherwise defined, and all terms used herein (comprising technical term and scientific terminology), have the meaning identical with the general understanding of the those of ordinary skill in field belonging to the present invention.It should also be understood that, those terms defined in such as general dictionary, should be understood to that there is the meaning consistent with the meaning in the context of prior art, unless and by specific definitions as here, otherwise can not explain by idealized or too formal implication.
Fig. 1 is the schematic flow sheet of the method for the deal with data access request of an embodiment in the present invention.The present embodiment performs following operation to realize the process to data access request in terminal.
Step S110: detect the data access request for visit data interface from user, and extract the request relevant information of data access request; Step S120: based on request relevant information, by the access corresponding with data-interface verification rule, judges whether data access request has the access rights to data-interface; Step S130: if data access request has the access rights to data-interface, then data access request is sent to data-interface.
In embodiments of the invention, propose a kind of scheme of deal with data access request, according to the request relevant information of the data-interface access request from user, in conjunction with the access verification rule that data-interface is corresponding, can judge whether this data access request has the access rights to data-interface accurately, by client, access verification rule is arranged, user can according to the access of self requirements for access restriction to data-interface, the access verification rule simultaneously also issued by server verifies in the access times of client to data access request, achieve and judge that the access times whether data access request exceeds for this data-interface limit exactly in client, if repeatedly data access request at short notice frequent requests data-interface time, can tackle data access request in client this locality, and no longer send data access request to service end, the object reduced service end request is reached with this, and then reduce the load of server end corresponding data interface, meanwhile, the client of servers' data treatment effeciency and terminal equipment is improved to the response speed of data access request.
Step S110: detect the data access request for visit data interface from user, and extract the request relevant information of data access request.
Wherein, relevant information is asked to include but not limited to:
The identification information of data-interface;
The identification information of user;
The request time of data access request.
Such as, in terminal equipment, when the data access request for access associated data interface from user being detected at every turn, extract the request relevant information of data access request, as the identification information of the identification information of user, the data-interface of request access, the request time etc. of request of data access, and request relevant information is carried out record; As, in the data access request extracted, the ID of user is " 0000001 ", and the request time of request of data access is when being " 2015-11-1800:00:00 ", this data access request for data-interface be "/index/vote "; Then, by the record that the identification information of the request time of data access request, the identification information of data-interface and user in request relevant information is associated, the user being " 0000001 " as recording user ID performs a data access request for interface "/index/vote " at " 2015-11-1800:00:00 ".
Step S120: based on request relevant information, by the access corresponding with data-interface verification rule, judges whether data access request has the access rights to data-interface.
Wherein, access verification rule includes but not limited to:
The expired time corresponding with data-interface;
Maximum access times in the expired time corresponding with data-interface;
Based on the request number of times judgment rule of expired time and maximum access times.
Particularly, based on the request relevant information of user, by the access corresponding with data-interface verification rule, first judge whether the data-interface that user accesses exceedes expired time, judge the maximum access times in the expired time corresponding with data-interface subsequently, finally, the request number of times based on expired time and maximum access times judges whether data access request has the access rights to data-interface.
Step S120 specifically comprises: by the access verification rule corresponding with data-interface of pre-stored, judge whether data access request has the access rights to data-interface.
Such as, in client preset access verification rule, the total degree that access verification rule comprises user visit data interface A in 24 hours may not exceed 4 times, and the request relevant information from user User1 data access request comprises: user User1 is at " 2015-12-1913:10:00 " moment request access data-interface A; Verify rule by the access corresponding with data-interface A of pre-stored, judge, from user User1 data access request, whether there are access rights to data-interface A.
Preferably, the method also comprises step S140 (not shown); Step S140: the access verification rule corresponding with data-interface is set.
Such as, user User1 is regular in the access verification that local setting data interface A is corresponding by client, and the total degree as arranged user User1 visit data interface A in 24 hours may not exceed 8 times.
Again such as, the access verification rule that the data-interface A that server issues is corresponding is: the total degree of all users visit data interface A in 24 hours may not exceed 6 times, client is preserved this access verification rule and carries out corresponding optimum configurations after receiving the access verification rule from server.
Wherein, in the access verification rule that local pre-stored is corresponding with data-interface, as in web terminal, the localStorage by HTML5 carries out persistent storage, also stores by modes such as cookie; As when client, then deposit in local data base.
In a preferred embodiment, as shown in Figure 2, based on request relevant information, by the access corresponding with data-interface verification rule, judge whether data access request has and step S221, step S222, step S223 and step S224 are comprised further to the step of the access rights of data-interface.Step S221: for user, determines the request number of times of data access request in the expired time corresponding with data-interface; Step S222: the magnitude relationship judging request number of times and the maximum access times in the expired time corresponding with data-interface; Step S223: request number of times does not exceed maximum access times if judge, determines that data access request has the access rights to data-interface; Step S224: request number of times exceeds maximum access times if judge, determines that data access request does not have the access rights to data-interface.
Such as, the request relevant information of the user User2 request access data-interface A that client is extracted, comprise user ID " User2 ", the title " data-interface A " of data-interface of request access, request of data access request time for " 2015-12-1913:10:00 ", the expired time corresponding with data-interface " data-interface A " is one day, and the maximum access times in the expired time corresponding with data-interface are 5 times, according to the title " data-interface A " of user ID " User2 " and data-interface, in storage area, inquiring user ID " User2 " is for the record of " data-interface A " corresponding data access request, inquire from user ID " User2 " request first " data-interface A ", request time is " 2015-12-1908:05:00 " first, to this request request time " 2015-12-1913:10:00 " between the number of times of data access request be 5, namely judge that request number of times 5 does not exceed in the intraday maximum access times 5 corresponding with data-interface A, can determine that user User2 data access request has the access rights to data-interface A, if user is request access data-interface A again, in the relevant information of then user User2 this time request access data-interface A, comprise the identification information " User2 " of user, the data-interface of request access identification information " data-interface A ", within the 2015-12-19 time on the same day, the number of times of request access was the 6th time, for user User2, judge that this request number of times 6 exceeds the maximum access times 5 within the 2015-12-19 same day time corresponding with data-interface A, can determine that this data access request of user User2 does not have the access rights to data-interface A.
Again such as, client receives the data access request for data-interface "/index/vote " from user " 0000001 " when " 2015-11-1800:04:11 ", in the time interval determining the time point " 2015-11-1800:04:11 " of asking to this at the time point " 2015-11-1800:00:00 " of user " 0000001 " request msg interface "/index/vote " first, the number of times received from the data access request for data-interface "/index/vote " of user " 0000001 " is 4 times, in access verification rule, the predefined expired time for data-interface "/index/vote " is 5 minutes, maximum access times in the expired time corresponding with data-interface "/index/vote " are 5 times, can judge that this is 4 times from the request number of times of user " 0000001 " data access request in 5 minutes, do not exceed maximum access times 5 times, therefore can judge that this data access request has the access rights to data-interface "/index/vote ".
Again such as, client receives the data access request for data-interface "/index/vote " from user " 0000001 " when " 2015-11-1800:05:20 ", in the time interval of the time point " 2015-11-1800:05:20 " of asking to this at the time point " 2015-11-1800:00:00 " of user " 0000001 " request msg interface "/index/vote " first, the number of times received from the data access request for data-interface "/index/vote " of user " 0000001 " is 6 times, in access verification rule, the predefined expired time for data-interface "/index/vote " is 5 minutes, maximum access times in the expired time corresponding with data-interface "/index/vote " are 5 times, can judge this from user " 0000001 " number be 6 times according to the request number of times of access request in 5 minutes, maximum access times 5 times are exceeded, therefore can judge that this data access request does not have the access rights to data-interface "/index/vote ".
Step S130: if data access request has the access rights to data-interface, then data access request is sent to data-interface.
Particularly, when judging to obtain the access rights that data access request has data-interface, the data access request of user is sent to the corresponding data-interface of service end by client.
In a preferred embodiment (with reference to figure 1), the method also comprises step S150 (not shown) and step S160 (not shown).Step S150: if data access request does not have the access rights to data-interface, data interception access request; Step S160: generate and send failed information, and failed information is provided to user.
Such as, when determining, from the data access request of user User2, not there are the access rights to data-interface A, interception user User2 is to the data access request of data-interface A, and generate the failed information of transmission, as " having exceeded maximum access times ", and failed information is provided to user User2.
Fig. 3 is the schematic flow sheet of the method for the deal with data access request of another embodiment in the present invention.
Step S310: receive the data access request for visit data interface from user; Step S320: the request relevant information extracting data access request, and based on request relevant information, utilize the access verification rule corresponding with data-interface, judge whether data access request has the access rights to data-interface; Step S330: data access request has the access rights to data-interface if judge, forwarding data access request is to corresponding data-interface.
Wherein, access verification rule includes but not limited to:
The expired time corresponding with data-interface;
Maximum access times in the expired time corresponding with data-interface;
Based on the request number of times judgment rule of expired time and maximum access times.
Such as, in service end preset access verification rule, the total degree that access verification rule comprises user visit data interface A in 24 hours may not exceed 4 times; Server receives the data access request for visit data interface A from user User3, and the request relevant information from user User3 data access request comprises: the ID of user is " User3 ", the request time of data access request be " 2015-12-1913:10:00 ", this data access request for data-interface for " data-interface A "; And request relevant information is carried out record; As, in the data access request extracted, the ID of user is " User3 ", request of data access request time be " 2015-12-1913:10:00 ", this data access request for data-interface be " data-interface A "; Then, by the record that the identification information of the request time of data access request, the identification information of data-interface and user in request relevant information is associated, the user being " User3 " as recording user ID performs a data access request for interface A at " 2015-12-1913:10:00 "; Subsequently, rule is verified by the access corresponding with data-interface A of service end pre-stored, judge, from user User3 data access request, whether there are access rights to data-interface A, if judge, user User3 data access request has the access rights to data-interface A, and forwarding data access request is to data-interface A.
Step S320 specifically comprises step S321 (not shown), step S322 (not shown), step S323 (not shown) and step S324 (not shown).Step S321: for user, determines the request number of times of data access request in the expired time corresponding with data-interface; Step S322: the magnitude relationship judging request number of times and the maximum access times in the expired time corresponding with data-interface; Step S323: request number of times does not exceed maximum access times if judge, determines that data access request has the access rights to data-interface.
Particularly, based on the request relevant information of user, by the access corresponding with data-interface verification rule, first judge whether the data-interface that user accesses exceedes expired time, judge the maximum access times in the expired time corresponding with data-interface subsequently, finally, the request number of times based on expired time and maximum access times judges whether data access request has the access rights to data-interface.
Such as, in service end preset access verification rule, the total degree that access verification rule comprises user visit data interface A in 24 hours may not exceed 4 times, server receives the data access request for visit data interface A from user User3, extract the request relevant information of data access request, comprise the ID of user for " User3 ", the request time of data access request is " 2015-12-1915:10:00 ", this data access request for data-interface be " data-interface A ", in the time interval determining the time point " 2015-12-1915:10:00 " of asking to this at the time point " 2015-12-1900:00:00 " of user " User3 " request msg interface A first, the number of times received from the data access request for data-interface A of user " User3 " is 4 times, namely judge that request number of times 4 does not exceed in the intraday maximum access times 4 corresponding with data-interface A, can determine, from the data access request of user User3, there are access rights to data-interface A, if user is request access data-interface A again, in the relevant information of then user User3 this time request access data-interface A, comprise the identification information " User3 " of user, the data-interface of request access identification information " data-interface A ", within the 2015-12-19 time on the same day, the number of times of request access was the 5th, for user User3, judge that this request number of times 5 exceeds the maximum access times 5 within the 2015-12-19 same day time corresponding with data-interface A, can determine that this data access request of user User3 does not have the access rights to data-interface A.
Again such as, service end receives the data access request for data-interface "/index/vote " from user " 0000001 " when " 2015-11-1800:05:20 ", in the time interval of the time point " 2015-11-1800:05:20 " of asking to this at the time point " 2015-11-1800:00:00 " of user " 0000001 " request msg interface "/index/vote " first, the number of times received from the data access request for data-interface "/index/vote " of user " 0000001 " is 6 times, in access verification rule, the predefined expired time for data-interface "/index/vote " is 5 minutes, maximum access times in the expired time corresponding with data-interface "/index/vote " are 5 times, can judge this from user " 0000001 " number be 6 times according to the request number of times of access request in 5 minutes, maximum access times 5 times are exceeded, therefore can judge that this data access request does not have the access rights to data-interface "/index/vote ".
In a preferred embodiment (with reference to Fig. 3), the method also comprises step S340 (not shown).Step S340: request number of times equals maximum access times if judge, issues the access verification rule that data-interface is corresponding.
Such as, according to service end preset access verification rule, when judging that the access request number of times 4 of user User3 at " 2015-12-1915:10:00 " moment request access data-interface A equals the maximum access times of user User3 visit data interface A within 24 hours same day of 2015-12-19, server issues access verification rule corresponding to data-interface A to terminal, and the total degree of the data-interface A accessed in " 2015-12-1900:00:00-2015-12-1924:00:00 " time interval as user User3 can not more than 4 times.
The present embodiment can realize judging at server end the goal of the invention whether data access request exceeds the access times for this data-interface and limit exactly, if repeatedly data access request at short notice frequent requests data-interface time, the restriction having reached access request number of times for specific user for particular data interface is judged in the front end of server, then access verification rule is issued to client, and the interception of request verification and data access request is directly performed in client, and verify without the need to the front end again data access request being sent to server, the object of the load reducing server is reached with this.In a preferred embodiment (with reference to Fig. 3), the method also comprises step S350 (not shown).Step S350: data access request does not have the access rights to data-interface if judge, generates and issues the failed information of transmission.
Such as, if user User3 is request access data-interface A when " 2015-12-1918:10:00 ", in the relevant information of then user User3 this time request access data-interface A, comprise the identification information " User3 " of user, the identification information " data-interface A " of the data-interface of request access, for user User3, in the time interval determining the time point " 2015-12-1918:10:00 " of asking to this at the time point " 2015-12-1900:00:00 " of user " User3 " request msg interface A first, the number of times received from the data access request for data-interface A of user " User3 " is 6 times, judge that this request number of times 6 exceeds the maximum access times 4 in the 2015-12-19 same day 24 hours corresponding with data-interface A, can determine that this data access request of user User3 does not have the access rights to data-interface A, generate the information of user User3 data access request failure subsequently as " having exceeded maximum access times ", and information is issued to client for prompting user.
In another embodiment of the present invention, propose a kind of method of deal with data access request, service end is according to the request relevant information of the data-interface access request from user received, in conjunction with the access verification rule that data-interface is corresponding, can judge whether this data access request has the access rights to data-interface accurately; Wherein, access verification for data-interface is regular without the need to being issued to client records and setting, only need in service end maintenance access verification rule, be convenient to access verification rule upgrade in time based on the amendment of data-interface and the change of business demand, reduce the maintenance cost of access verification rule.Simultaneously, the goal of the invention judging whether data access request exceeds the access times for this data-interface and limit exactly can be achieved, if repeatedly data access request at short notice frequent requests data-interface time, can tackle data access request in the front end of server, and no longer to corresponding data interface forwarding data access request, reach with this object reduced data interface requests, reduce the load of data-interface.
Fig. 4 is the structural representation of the device of the deal with data access request of another embodiment in the present invention.
The present embodiment performs following operation to realize the process to data access request at terminal.
Detection module 410 detects the data access request for visit data interface from user, and extracts the request relevant information of data access request; Based on request relevant information, by the access corresponding with data-interface verification rule, the first judge module 420 judges whether data access request has the access rights to data-interface; If data access request has the access rights to data-interface, data access request is sent to data-interface by sending module 430.
In embodiments of the invention, propose a kind of scheme of deal with data access request, according to the request relevant information of the data-interface access request from user, in conjunction with the access verification rule that data-interface is corresponding, can judge whether this data access request has the access rights to data-interface accurately, by client, access verification rule is arranged, user can according to the access of self requirements for access restriction to data-interface, the access verification rule simultaneously also issued by server verifies in the access times of client to data access request, achieve and judge that the access times whether data access request exceeds for this data-interface limit exactly in client, if repeatedly data access request at short notice frequent requests data-interface time, can tackle data access request in client this locality, and no longer send data access request to service end, the object reduced service end request is reached with this, and then reduce the load of server end corresponding data interface, meanwhile, the client of servers' data treatment effeciency and terminal equipment is improved to the response speed of data access request.
Detection module 410 detects the data access request for visit data interface from user, and extracts the request relevant information of data access request.
Wherein, relevant information is asked to include but not limited to:
The identification information of data-interface;
The identification information of user;
The request time of data access request.
Such as, in terminal equipment, when the data access request for access associated data interface from user being detected at every turn, extract the request relevant information of data access request, as the identification information of the identification information of user, the data-interface of request access, the request time etc. of request of data access, and request relevant information is carried out record; As, in the data access request extracted, the ID of user is " 0000001 ", and the request time of request of data access is when being " 2015-11-1800:00:00 ", this data access request for data-interface be "/index/vote "; Then, by the record that the identification information of the request time of data access request, the identification information of data-interface and user in request relevant information is associated, the user being " 0000001 " as recording user ID performs a data access request for interface "/index/vote " at " 2015-11-1800:00:00 ".
Based on request relevant information, by the access corresponding with data-interface verification rule, the first judge module 420 judges whether data access request has the access rights to data-interface.
Wherein, access verification rule includes but not limited to:
The expired time corresponding with data-interface;
Maximum access times in the expired time corresponding with data-interface;
Based on the request number of times judgment rule of expired time and maximum access times.
Particularly, based on the request relevant information of user, by the access corresponding with data-interface verification rule, first judge whether the data-interface that user accesses exceedes expired time, judge the maximum access times in the expired time corresponding with data-interface subsequently, finally, the request number of times based on expired time and maximum access times judges whether data access request has the access rights to data-interface.
First judge module 420, specifically for the access verification rule corresponding with data-interface by pre-stored, judges whether data access request has the access rights to data-interface.
Such as, in client preset access verification rule, the total degree that access verification rule comprises user visit data interface A in 24 hours may not exceed 4 times, and the request relevant information from user User1 data access request comprises: user User1 is at " 2015-12-1913:10:00 " moment request access data-interface A; Verify rule by the access corresponding with data-interface A of pre-stored, judge, from user User1 data access request, whether there are access rights to data-interface A.
Preferably, this device also comprises and arranges module (not shown); The access verification rule that module installation is corresponding with data-interface is set.
Such as, user User1 is regular in the access verification that local setting data interface A is corresponding by client, and the total degree as arranged user User1 visit data interface A in 24 hours may not exceed 8 times.
Again such as, the access verification rule that the data-interface A that server issues is corresponding is: the total degree of all users visit data interface A in 24 hours may not exceed 6 times, client is preserved this access verification rule and carries out corresponding optimum configurations after receiving the access verification rule from server.
Wherein, in the access verification rule that local pre-stored is corresponding with data-interface, as in web terminal, the localStorage by HTML5 carries out persistent storage, also stores by modes such as cookie; As when client, then deposit in local data base.
In a preferred embodiment, as shown in Figure 5, the first judge module comprises the first determining unit 521, first judging unit 522, second determining unit 523 and the 3rd determining unit 524 further.First determining unit 521, for user, determines the request number of times of data access request in the expired time corresponding with data-interface; First judging unit 522 judges the magnitude relationship of request number of times and the maximum access times in the expired time corresponding with data-interface; If the second determining unit 523 judges that request number of times does not exceed maximum access times, determine that data access request has the access rights to data-interface; If the 3rd determining unit 524 judges that request number of times exceeds maximum access times, determine that data access request does not have the access rights to data-interface.
Such as, the request relevant information of the user User2 request access data-interface A that client is extracted, comprise user ID " User2 ", the title " data-interface A " of data-interface of request access, request of data access request time for " 2015-12-1913:10:00 ", the expired time corresponding with data-interface " data-interface A " is one day, and the maximum access times in the expired time corresponding with data-interface are 5 times, according to the title " data-interface A " of user ID " User2 " and data-interface, in storage area, inquiring user ID " User2 " is for the record of " data-interface A " corresponding data access request, inquire from user ID " User2 " request first " data-interface A ", request time is " 2015-12-1908:05:00 " first, to this request request time " 2015-12-1913:10:00 " between the number of times of data access request be 5, namely judge that request number of times 5 does not exceed in the intraday maximum access times 5 corresponding with data-interface A, can determine that user User2 data access request has the access rights to data-interface A, if user is request access data-interface A again, in the relevant information of then user User2 this time request access data-interface A, comprise the identification information " User2 " of user, the data-interface of request access identification information " data-interface A ", within the 2015-12-19 time on the same day, the number of times of request access was the 6th time, for user User2, judge that this request number of times 6 exceeds the maximum access times 5 within the 2015-12-19 same day time corresponding with data-interface A, can determine that this data access request of user User2 does not have the access rights to data-interface A.
Again such as, client receives the data access request for data-interface "/index/vote " from user " 0000001 " when " 2015-11-1800:04:11 ", in the time interval determining the time point " 2015-11-1800:04:11 " of asking to this at the time point " 2015-11-1800:00:00 " of user " 0000001 " request msg interface "/index/vote " first, the number of times received from the data access request for data-interface "/index/vote " of user " 0000001 " is 4 times, in access verification rule, the predefined expired time for data-interface "/index/vote " is 5 minutes, maximum access times in the expired time corresponding with data-interface "/index/vote " are 5 times, can judge that this is 4 times from the request number of times of user " 0000001 " data access request in 5 minutes, do not exceed maximum access times 5 times, therefore can judge that this data access request has the access rights to data-interface "/index/vote ".
Again such as, client receives the data access request for data-interface "/index/vote " from user " 0000001 " when " 2015-11-1800:05:20 ", in the time interval of the time point " 2015-11-1800:05:20 " of asking to this at the time point " 2015-11-1800:00:00 " of user " 0000001 " request msg interface "/index/vote " first, the number of times received from the data access request for data-interface "/index/vote " of user " 0000001 " is 6 times, in access verification rule, the predefined expired time for data-interface "/index/vote " is 5 minutes, maximum access times in the expired time corresponding with data-interface "/index/vote " are 5 times, can judge this from user " 0000001 " number be 6 times according to the request number of times of access request in 5 minutes, maximum access times 5 times are exceeded, therefore can judge that this data access request does not have the access rights to data-interface "/index/vote ".
If data access request has the access rights to data-interface, data access request is sent to data-interface by sending module 430.
Particularly, when judging to obtain the access rights that data access request has data-interface, the data access request of user is sent to the corresponding data-interface of service end by client.
In a preferred embodiment (with reference to figure 4), this device also comprises blocking module (not shown) and generates sending module (not shown).If blocking module data access request does not have the access rights to data-interface, data interception access request; Generate sending module and generate the failed information of transmission, and failed information is provided to user.
Such as, when determining, from the data access request of user User2, not there are the access rights to data-interface A, interception user User2 is to the data access request of data-interface A, and generate the failed information of transmission, as " having exceeded maximum access times ", and failed information is provided to user User2.
Fig. 6 is the structural representation of the device of the deal with data access request of another embodiment in the present invention.
Receiver module 610 receives the data access request for visit data interface from user; 3rd judge module 620 extracts the request relevant information of data access request, and based on request relevant information, utilizes the access verification rule corresponding with data-interface, judge whether data access request has the access rights to data-interface; If forwarding module 630 judges that data access request has the access rights to data-interface, forwarding data access request is to corresponding data-interface.
Wherein, access verification rule includes but not limited to:
The expired time corresponding with data-interface;
Maximum access times in the expired time corresponding with data-interface;
Based on the request number of times judgment rule of expired time and maximum access times.
Such as, in service end preset access verification rule, the total degree that access verification rule comprises user visit data interface A in 24 hours may not exceed 4 times; Server receives the data access request for visit data interface A from user User3, and the request relevant information from user User3 data access request comprises: the ID of user is " User3 ", the request time of data access request be " 2015-12-1913:10:00 ", this data access request for data-interface for " data-interface A "; And request relevant information is carried out record; As, in the data access request extracted, the ID of user is " User3 ", request of data access request time be " 2015-12-1913:10:00 ", this data access request for data-interface be " data-interface A "; Then, by the record that the identification information of the request time of data access request, the identification information of data-interface and user in request relevant information is associated, the user being " User3 " as recording user ID performs a data access request for interface A at " 2015-12-1913:10:00 "; Subsequently, rule is verified by the access corresponding with data-interface A of service end pre-stored, judge, from user User3 data access request, whether there are access rights to data-interface A, if judge, user User3 data access request has the access rights to data-interface A, and forwarding data access request is to data-interface A.
3rd judge module specifically comprises the 4th determining unit (not shown), the second judging unit (not shown) and the 5th determining unit (not shown).4th determining unit, for user, determines the request number of times of data access request in the expired time corresponding with data-interface; Second judging unit judges the magnitude relationship of request number of times and the maximum access times in the expired time corresponding with data-interface; If judge, request number of times does not exceed maximum access times, and the 5th determining unit determination data access request has the access rights to data-interface.
Particularly, based on the request relevant information of user, by the access corresponding with data-interface verification rule, first judge whether the data-interface that user accesses exceedes expired time, judge the maximum access times in the expired time corresponding with data-interface subsequently, finally, the request number of times based on expired time and maximum access times judges whether data access request has the access rights to data-interface.
Such as, in service end preset access verification rule, the total degree that access verification rule comprises user visit data interface A in 24 hours may not exceed 4 times, server receives the data access request for visit data interface A from user User3, extract the request relevant information of data access request, comprise the ID of user for " User3 ", the request time of data access request is " 2015-12-1915:10:00 ", this data access request for data-interface be " data-interface A ", in the time interval determining the time point " 2015-12-1915:10:00 " of asking to this at the time point " 2015-12-1900:00:00 " of user " User3 " request msg interface A first, the number of times received from the data access request for data-interface A of user " User3 " is 4 times, namely judge that request number of times 4 does not exceed in the intraday maximum access times 4 corresponding with data-interface A, can determine, from the data access request of user User3, there are access rights to data-interface A, if user is request access data-interface A again, in the relevant information of then user User3 this time request access data-interface A, comprise the identification information " User3 " of user, the data-interface of request access identification information " data-interface A ", within the 2015-12-19 time on the same day, the number of times of request access was the 5th, for user User3, judge that this request number of times 5 exceeds the maximum access times 5 within the 2015-12-19 same day time corresponding with data-interface A, can determine that this data access request of user User3 does not have the access rights to data-interface A.
Again such as, service end receives the data access request for data-interface "/index/vote " from user " 0000001 " when " 2015-11-1800:05:20 ", in the time interval of the time point " 2015-11-1800:05:20 " of asking to this at the time point " 2015-11-1800:00:00 " of user " 0000001 " request msg interface "/index/vote " first, the number of times received from the data access request for data-interface "/index/vote " of user " 0000001 " is 6 times, in access verification rule, the predefined expired time for data-interface "/index/vote " is 5 minutes, maximum access times in the expired time corresponding with data-interface "/index/vote " are 5 times, can judge this from user " 0000001 " number be 6 times according to the request number of times of access request in 5 minutes, maximum access times 5 times are exceeded, therefore can judge that this data access request does not have the access rights to data-interface "/index/vote ".
In a preferred embodiment (with reference to Fig. 6), this device also comprises and issues module (not shown).If issue module to judge that request number of times equals maximum access times, issue the access verification rule that data-interface is corresponding.
Such as, according to service end preset access verification rule, when judging that the access request number of times 4 of user User3 at " 2015-12-1915:10:00 " moment request access data-interface A equals the maximum access times of user User3 visit data interface A within 24 hours same day of 2015-12-19, server issues access verification rule corresponding to data-interface A to terminal, and the total degree of the data-interface A accessed in " 2015-12-1900:00:00-2015-12-1924:00:00 " time interval as user User3 can not more than 4 times.
The present embodiment can realize judging at server end the goal of the invention whether data access request exceeds the access times for this data-interface and limit exactly, if repeatedly data access request at short notice frequent requests data-interface time, the restriction having reached access request number of times for specific user for particular data interface is judged in the front end of server, then access verification rule is issued to client, and the interception of request verification and data access request is directly performed in client, and verify without the need to the front end again data access request being sent to server, the object of the load reducing server is reached with this.In a preferred embodiment (with reference to Fig. 6), this device also comprises generation and issues module (not shown).If judge, data access request does not have the access rights to data-interface, generates to issue CMOS macro cell and issue to send failed information.
Such as, if user User3 is request access data-interface A when " 2015-12-1918:10:00 ", in the relevant information of then user User3 this time request access data-interface A, comprise the identification information " User3 " of user, the identification information " data-interface A " of the data-interface of request access, for user User3, in the time interval determining the time point " 2015-12-1918:10:00 " of asking to this at the time point " 2015-12-1900:00:00 " of user " User3 " request msg interface A first, the number of times received from the data access request for data-interface A of user " User3 " is 6 times, judge that this request number of times 6 exceeds the maximum access times 4 in the 2015-12-19 same day 24 hours corresponding with data-interface A, can determine that this data access request of user User3 does not have the access rights to data-interface A, generate the information of user User3 data access request failure subsequently as " having exceeded maximum access times ", and information is issued to client for prompting user.
In another embodiment of the present invention, propose a kind of device of deal with data access request, service end is according to the request relevant information of the data-interface access request from user received, in conjunction with the access verification rule that data-interface is corresponding, can judge whether this data access request has the access rights to data-interface accurately; Wherein, access verification for data-interface is regular without the need to being issued to client records and setting, only need in service end maintenance access verification rule, be convenient to access verification rule upgrade in time based on the amendment of data-interface and the change of business demand, reduce the maintenance cost of access verification rule.Simultaneously, the goal of the invention judging whether data access request exceeds the access times for this data-interface and limit exactly can be achieved, if repeatedly data access request at short notice frequent requests data-interface time, can tackle data access request in the front end of server, and no longer to corresponding data interface forwarding data access request, reach with this object reduced data interface requests, reduce the load of data-interface.
Those skilled in the art of the present technique are appreciated that the one or more equipment that the present invention includes and relate to for performing in operation described in the application.These equipment for required object and specialized designs and manufacture, or also can comprise the known device in all-purpose computer.These equipment have storage computer program within it, and these computer programs optionally activate or reconstruct.Such computer program can be stored in equipment (such as, computer) in computer-readable recording medium or be stored in and be suitable for store electrons instruction and be coupled in the medium of any type of bus respectively, described computer-readable medium includes but not limited to that the dish of any type (comprises floppy disk, hard disk, CD, CD-ROM, and magneto optical disk), ROM (Read-OnlyMemory, read-only memory), RAM (RandomAccessMemory, memory immediately), EPROM (ErasableProgrammableRead-OnlyMemory, Erarable Programmable Read only Memory), EEPROM (ElectricallyErasableProgrammableRead-OnlyMemory, EEPROM (Electrically Erasable Programmable Read Only Memo)), flash memory, magnetic card or light card.Namely, computer-readable recording medium comprises and being stored or any medium of transmission information with the form that can read by equipment (such as, computer).
Those skilled in the art of the present technique are appreciated that the combination that can realize the frame in each frame in these structure charts and/or block diagram and/or flow graph and these structure charts and/or block diagram and/or flow graph with computer program instructions.Those skilled in the art of the present technique are appreciated that, the processor that these computer program instructions can be supplied to all-purpose computer, special purpose computer or other programmable data processing methods realizes, thus is performed the scheme of specifying in the frame of structure chart disclosed by the invention and/or block diagram and/or flow graph or multiple frame by the processor of computer or other programmable data processing methods.
Those skilled in the art of the present technique are appreciated that various operations, method, the step in flow process, measure, the scheme discussed in the present invention can be replaced, changes, combines or delete.Further, there is various operations, method, other steps in flow process, measure, the scheme discussed in the present invention also can be replaced, change, reset, decompose, combine or delete.Further, of the prior art have also can be replaced with the step in operation various disclosed in the present invention, method, flow process, measure, scheme, changed, reset, decomposed, combined or deleted.
The above is only some embodiments of the present invention; it should be pointed out that for those skilled in the art, under the premise without departing from the principles of the invention; can also make some improvements and modifications, these improvements and modifications also should be considered as protection scope of the present invention.