Summary of the invention
To overcome above-mentioned technical problem or at least being partially solved above-mentioned technical problem, spy proposes following technical scheme:
The embodiment of the present invention proposes a kind of method for handling data access request, comprising:
The data access request from the user for being used to access data-interface is detected, and extracts the data access request
Request relevant information;
Based on the request relevant information, rule is verified by access corresponding with the data-interface, judges the number
Whether there is the access authority to the data-interface according to access request;
If the data access request has the access authority to the data-interface, the data access request is sent out
It send to the data-interface.
Preferably, this method further include:
Rule is verified by pre-stored access corresponding with the data-interface, whether judges the data access request
With the access authority to the data-interface.
Preferably, this method further include:
Access verification rule corresponding with the data-interface is set.
Preferably, the request relevant information includes but is not limited to:
The identification information of data-interface;The identification information of user;The request time of data access request.
Preferably, the access verification rule includes but is not limited to:
Expired time corresponding with data-interface;
Maximum access times in expired time corresponding with data-interface;
Request number of times judgment rule based on expired time and maximum access times.
It is preferably based on the request relevant information, rule, judgement are verified by access corresponding with the data-interface
Whether the data access request has the access authority to the data-interface, further comprises:
For the user, the data access request asking in expired time corresponding with the data-interface is determined
Seek number;
Judge the big of the request number of times and the maximum access times in expired time corresponding with the data-interface
Small relationship;
If judging, the request number of times without departing from the maximum access times, determines that the data access request has to institute
State the access authority of data-interface;
If judging, the request number of times beyond the maximum access times, determines that the data access request does not have to institute
State the access authority of data-interface.
Preferably, this method further include:
If the data access request does not have the access authority to the data-interface, intercepts the data access and ask
It asks;
It generates and sends failure prompt information, and the failure prompt information is provided to the user.
Another embodiment of the present invention proposes a kind of method for handling data access request, comprising:
It receives from the user for accessing the data access request of data-interface;
Extract the request relevant information of the data access request, and be based on the request relevant information, using with it is described
The corresponding access verification rule of data-interface, judges whether the data access request has the access right to the data-interface
Limit;
If judging, the data access request has the access authority to the data-interface, and the data access is forwarded to ask
It asks to corresponding data-interface.
It is preferably based on the request relevant information, verifies rule, judgement using access corresponding with the data-interface
Whether the data access request has the access authority to the data-interface, comprising:
For the user, the data access request asking in expired time corresponding with the data-interface is determined
Seek number;
Judge the big of the request number of times and the maximum access times in expired time corresponding with the data-interface
Small relationship;
If judging, the request number of times without departing from the maximum access times, determines that the data access request has to institute
State the access authority of data-interface.
Preferably, this method further include:
If judging, the request number of times is equal to the maximum access times, issues the corresponding access verification of the data-interface
Rule.
Preferably, this method further include:
If judging, the data access request does not have the access authority to the data-interface, generates and issues transmission and loses
Lose prompt information.
Preferably, the access verification rule includes but is not limited to:
Expired time corresponding with data-interface;
Maximum access times in expired time corresponding with data-interface;
Request number of times judgment rule based on expired time and maximum access times.
Another embodiment of the present invention proposes a kind of device for handling data access request, comprising:
Detection module, it is from the user for accessing the data access request of data-interface for detecting, and described in extraction
The request relevant information of data access request;
First judgment module passes through access corresponding with data-interface school for being based on the request relevant information
Rule is tested, judges whether the data access request has the access authority to the data-interface;
Sending module will be described if having the access authority to the data-interface for the data access request
Data access request is sent to the data-interface.
Preferably, the device further include:
Second judgment module judges institute for verifying rule by pre-stored access corresponding with the data-interface
State whether data access request has access authority to the data-interface.
Preferably, the device further include:
Setup module, for access verification rule corresponding with the data-interface to be arranged.
Preferably, the request relevant information includes but is not limited to:
The identification information of data-interface;The identification information of user;The request time of data access request.
Preferably, the access verification rule includes but is not limited to:
Expired time corresponding with data-interface;
Maximum access times in expired time corresponding with data-interface;
Request number of times judgment rule based on expired time and maximum access times.
Preferably, the first judgment module further comprises:
First determination unit, for be directed to the user, determine the data access request with the data-interface pair
The request number of times in expired time answered;
First judging unit, for judging the request number of times and in expired time corresponding with the data-interface
The size relation of maximum access times;
Second determination unit, if for judging that the request number of times without departing from the maximum access times, determines the number
There is the access authority to the data-interface according to access request;
Third determination unit, if for judging that the request number of times beyond the maximum access times, determines the data
Access request does not have the access authority to the data-interface.
Preferably, the device further include:
Blocking module intercepts institute if not having the access authority to the data-interface for the data access request
State data access request;
Sending module is generated, sends failure prompt information for generating, and the failure prompt information is provided to described
User.
Another embodiment of the present invention proposes a kind of device for handling data access request, comprising:
Receiving module, it is from the user for accessing the data access request of data-interface for receiving;
Third judgment module for extracting the request relevant information of the data access request, and is based on the request phase
Information is closed, rule is verified using access corresponding with the data-interface, judges whether the data access request has to institute
State the access authority of data-interface;
Forwarding module, if for judging that the data access request has the access authority to the data-interface, forwarding
The data access request is to corresponding data-interface.
Preferably, the third judgment module includes:
4th determination unit, for be directed to the user, determine the data access request with the data-interface pair
The request number of times in expired time answered;
Second judgment unit, for judging the request number of times and in expired time corresponding with the data-interface
The size relation of maximum access times;
5th determination unit, if for judging that the request number of times without departing from the maximum access times, determines the number
There is the access authority to the data-interface according to access request.
Preferably, the device further include:
Module is issued, if issuing the data-interface for judging that the request number of times is equal to the maximum access times
Corresponding access verification rule.
Preferably, the device further include:
Generation issues module, if for judging that the data access request does not have the access right to the data-interface
Limit generates and issues transmission failure prompt information.
Preferably, the access verification rule includes but is not limited to:
Expired time corresponding with data-interface;
Maximum access times in expired time corresponding with data-interface;
Request number of times judgment rule based on expired time and maximum access times.
In the embodiment of the present invention, a kind of scheme for handling data access request is proposed, according to data from the user
The request relevant information of interface access request, the corresponding access verification rule of combined data interface, can accurately judge the data
Whether access request has the access authority to data-interface;Access verification rule can be configured by client, user
The access to data-interface can be limited according to itself requirements for access, while can also be existed by the access verification rule that server issues
Client verifies the access times of data access request, realizes and accurately judges that data access request is in client
The no access times beyond for the data-interface limit, if repeatedly frequent requests data connect data access request in a short time
When mouth, locally data access request can be intercepted in client, and no longer send data access request to server-side, with this
Achieve the purpose that reduce the load requested server-side, and then reduce server-side corresponding data interface;Meanwhile improving server-side number
According to the client for the treatment of effeciency and terminal device to the response speed of data access request.
The additional aspect of the present invention and advantage will be set forth in part in the description, these will become from the following description
Obviously, or practice through the invention is recognized.
Specific embodiment
The embodiment of the present invention is described below in detail, examples of the embodiments are shown in the accompanying drawings, wherein from beginning to end
Same or similar label indicates same or similar element or element with the same or similar functions.Below with reference to attached
The embodiment of figure description is exemplary, and for explaining only the invention, and is not construed as limiting the claims.
Those skilled in the art of the present technique are appreciated that unless expressly stated, singular " one " used herein, " one
It is a ", " described " and "the" may also comprise plural form.It is to be further understood that being arranged used in specification of the invention
Diction " comprising " refer to that there are the feature, integer, step, operation, element and/or component, but it is not excluded that in the presence of or addition
Other one or more features, integer, step, operation, element, component and/or their group.It should be understood that when we claim member
Part is " connected " or when " coupled " to another element, it can be directly connected or coupled to other elements, or there may also be
Intermediary element.In addition, " connection " used herein or " coupling " may include being wirelessly connected or wirelessly coupling.It is used herein to arrange
Diction "and/or" includes one or more associated wholes for listing item or any cell and all combinations.
Those skilled in the art of the present technique are appreciated that unless otherwise defined, all terms used herein (including technology art
Language and scientific term), there is meaning identical with the general understanding of those of ordinary skill in fields of the present invention.Should also
Understand, those terms such as defined in the general dictionary, it should be understood that have in the context of the prior art
The consistent meaning of meaning, and unless idealization or meaning too formal otherwise will not be used by specific definitions as here
To explain.
Fig. 1 is the flow diagram of the method for the processing data access request of one embodiment in the present invention.The present embodiment
Operations described below is executed in terminal to realize the processing to data access request.
Step S110: detection is from the user for accessing the data access request of data-interface, and extracts data access
The request relevant information of request;Step S120: it based on request relevant information, is verified and is advised by access corresponding with data-interface
Then, judge whether data access request has the access authority to data-interface;Step S130: if data access request have pair
The access authority of data-interface, then be sent to data-interface for data access request.
In the embodiment of the present invention, a kind of scheme for handling data access request is proposed, according to data from the user
The request relevant information of interface access request, the corresponding access verification rule of combined data interface, can accurately judge the data
Whether access request has the access authority to data-interface;Access verification rule can be configured by client, user
The access to data-interface can be limited according to itself requirements for access, while can also be existed by the access verification rule that server issues
Client verifies the access times of data access request, realizes and accurately judges that data access request is in client
The no access times beyond for the data-interface limit, if repeatedly frequent requests data connect data access request in a short time
When mouth, locally data access request can be intercepted in client, and no longer send data access request to server-side, with this
Achieve the purpose that reduce the load requested server-side, and then reduce server end corresponding data interface;Meanwhile improving server
Response speed of the client of end data treatment effeciency and terminal device to data access request.
Step S110: detection is from the user for accessing the data access request of data-interface, and extracts data access
The request relevant information of request.
Wherein, request relevant information includes but is not limited to:
The identification information of data-interface;
The identification information of user;
The request time of data access request.
For example, in terminal device, when detecting that the data from the user for access associated data interface visit every time
When asking request, the request relevant information of data access request is extracted, as the identification information of user, the data that request access to connect
Identification information, request time of request of data access of mouth etc., and request relevant information is recorded;Such as, the number extracted
According in access request, the ID of user is " 0000001 ", the request time of request of data access be " 2015-11-18 00:00:
When 00 ", the data-interface which is directed to is "/index/vote ";Then, data in request relevant information are visited
It asks the identification information of the request time of request, the identification information of data-interface and user associated record, such as records User ID
A data access is executed at " 2015-11-18 00:00:00 " for interface "/index/vote " for the user of " 0000001 "
Request.
Step S120: based on request relevant information, rule is verified by access corresponding with data-interface, judges that data are visited
Ask whether request has the access authority to data-interface.
Wherein, access verification rule includes but is not limited to:
Expired time corresponding with data-interface;
Maximum access times in expired time corresponding with data-interface;
Request number of times judgment rule based on expired time and maximum access times.
Specifically, the request relevant information based on user verifies rule by access corresponding with data-interface, sentences first
Whether the data-interface of disconnected user's access is more than expired time, is subsequently determined whether in expired time corresponding with data-interface most
Big access times, finally, the request number of times based on expired time and maximum access times judges whether data access request has
To the access authority of data-interface.
Step S120 is specifically included: being verified rule by pre-stored access corresponding with data-interface, is judged that data are visited
Ask whether request has the access authority to data-interface.
For example, in the preset access verification rule of client, access verification rule includes that user accessed data in 24 hours
The total degree of interface A may not exceed 4 times, and the request relevant information from user's User1 data access request includes: user
User1 requests access to data-interface A at " 2015-12-19 13:10:00 " moment;It is corresponding with data-interface A by what is be pre-stored
Access verify rule, judge the access authority for whether having to data-interface A from user User1 data access request.
Preferably, this method further includes step S140 (not shown);Step S140: setting is corresponding with data-interface
Access verification rule.
For example, the corresponding access verification rule of data-interface A can be locally located by client in user User1, such as set
Setting user User1 and accessing the total degree of data-interface A in 24 hours may not exceed 8 times.
In another example the corresponding access verification rule of data-interface A that server issues are as follows: all users visit in 24 hours
Ask that the total degree of data-interface A may not exceed 6 times, after client receives the verification rule of the access from server, saving should
Access verification rule simultaneously carries out corresponding parameter setting.
Wherein, in locally pre-stored access verification rule corresponding with data-interface, such as in web terminal, it can pass through HTML5's
LocalStorage carries out persistent storage, can also be stored by modes such as cookie;Such as in client, then this is stored to
In ground database.
In a preferred embodiment, as shown in Fig. 2, passing through access corresponding with data-interface based on request relevant information
Verification rule, judges that the step of whether data access request has the access authority to data-interface further comprises step
S221, step S222, step S223 and step S224.Step S221: it is directed to user, determines that data access request connects with data
Request number of times in the corresponding expired time of mouth;Step S222: judge request number of times and when corresponding with data-interface expired
The size relation of interior maximum access times;Step S223: if judging, request number of times without departing from maximum access times, determines number
There is the access authority to data-interface according to access request;Step S224: if judging, request number of times exceeds maximum access times, really
Data access request is determined without the access authority to data-interface.
For example, the user User2 that client is extracted requests access to the request relevant information of data-interface A, including user
The request time that ID " User2 ", the title " data-interface A " of the data-interface requested access to, request of data access is " 2015-
12-19 13:10:00";Expired time corresponding with data-interface " data-interface A " is one day, corresponding with data-interface
Maximum access times in expired time are 5 times;According to User ID " User2 " and the title " data-interface A " of data-interface,
The record that User ID " User2 " is directed to " data-interface A " corresponding data access request is inquired in storage region, is inquired from head
Secondary User ID " User2 " request " data-interface A ", request time is " 2015-12-19 08:05:00 " for the first time, until this is requested
Request time " 2015-12-19 13:10:00 " between data access request number be 5, that is, judge request number of times 5 not
Beyond in intraday maximum access times 5 corresponding with data-interface A, it may be determined that user's User2 data access request has
To the access authority of data-interface A;If user requests access to data-interface A again, user User2 this time requests access to data
In the relevant information of interface A, the identification information of identification information " User2 ", the data-interface requested access to including user
" data-interface A ", the number requested access in the time on the day of 2015-12-19 are the 6th time, for user User2, judge this
Secondary request number of times 6 is beyond the maximum access times 5 in the time on the day of 2015-12-19 corresponding with data-interface A, it may be determined that
This time data access request does not have the access authority to data-interface A to user User2.
In another example client is received at " 2015-11-18 00:04:11 " is directed to number from user " 0000001 "
According to the data access request of interface "/index/vote ", determine in user " 0000001 " request data interface "/index/ for the first time
The time point " 2015-11-18 00:00:00 " of vote " to this time point " 2015-11-18 00:04:11 " requested when
Between time of the data access request for data-interface "/index/vote " from user " 0000001 " is received in section
Number be 4 times, access verification rule in the predefined expired time for data-interface "/index/vote " be 5 minutes, with
Maximum access times in the corresponding expired time of data-interface "/index/vote " are 5 times, can determine whether this from user
The request number of times of " 0000001 " data access request in 5 minutes is 4 times, and is less than maximum access times 5 times, therefore can be sentenced
This data access request of breaking has the access authority to data-interface "/index/vote ".
In another example client is received at " 2015-11-18 00:05:20 " is directed to number from user " 0000001 "
According to the data access request of interface "/index/vote ", in user " 0000001 " request data interface "/index/ for the first time
The time point " 2015-11-18 00:00:00 " of vote " to this time point " 2015-11-18 00:05:20 " requested when
Between time of the data access request for data-interface "/index/vote " from user " 0000001 " is received in section
Number be 6 times, access verification rule in the predefined expired time for data-interface "/index/vote " be 5 minutes, with
Maximum access times in the corresponding expired time of data-interface "/index/vote " are 5 times, can determine whether this from user
" 0000001 " number is 6 times according to the request number of times of access request in 5 minutes, has been more than maximum access times 5 times, therefore can sentence
This data access request of breaking does not have the access authority to data-interface "/index/vote ".
Step S130: if data access request has the access authority to data-interface, data access request is sent
To data-interface.
Specifically, when judgement, which obtains data access request, to be had to the access authority of data-interface, client is by user
Data access request be sent to the corresponding data-interface of server-side.
(refer to Fig. 1) in a preferred embodiment, this method further includes step S150 (not shown) and step S160
(not shown).Step S150: if data access request does not have the access authority to data-interface, data interception access is asked
It asks;Step S160: it generates and sends failure prompt information, and failure prompt information is provided to user.
For example, when determining that the data access request from user User2 does not have the access authority to data-interface A,
User User2 is intercepted to the data access request of data-interface A, and generates transmission failure prompt information, " has been more than such as maximum visit
Ask number ", and failure prompt information is provided to user User2.
Fig. 3 is the flow diagram of the method for the processing data access request of another embodiment in the present invention.
Step S310: it receives from the user for accessing the data access request of data-interface;Step S320: number is extracted
According to the request relevant information of access request, and based on request relevant information, rule is verified using access corresponding with data-interface,
Judge whether data access request has the access authority to data-interface;Step S330: if judging, data access request has
To the access authority of data-interface, forward data access request to corresponding data-interface.
Wherein, access verification rule includes but is not limited to:
Expired time corresponding with data-interface;
Maximum access times in expired time corresponding with data-interface;
Request number of times judgment rule based on expired time and maximum access times.
For example, in the preset access verification rule of server-side, access verification rule includes that user accessed data in 24 hours
The total degree of interface A may not exceed 4 times;Server receives the data for accessing data-interface A from user User3 and visits
Ask request, the request relevant information from user's User3 data access request includes: that the ID of user is " User3 ", data access
The data-interface that the request time of request is " 2015-12-19 13:10:00 ", the data access request is directed to is " data-interface
A";And request relevant information is recorded;Such as, in the data access request extracted, the ID of user is " User3 ", data
The request time requested access to is " 2015-12-19 13:10:00 ", and the data-interface which is directed to is " data
Interface A ";Then, the request time of data access request in relevant information, the identification information of data-interface and user will be requested
The associated record of identification information, such as record User ID be " User3 " user for interface A " 2015-12-19 13:10:
00 " executes a data access request;Then, rule is verified by the access corresponding with data-interface A that server-side is pre-stored,
The access authority for whether having to data-interface A from user User3 data access request is judged, if judging user's User3 number
There is the access authority to data-interface A, forwarding data access request to data-interface A according to access request.
Step S320 specifically includes step S321 (not shown), step S322 (not shown), step S323 (figure
In be not shown) and step S324 (not shown).Step S321: it is directed to user, determines that data access request connects with data
Request number of times in the corresponding expired time of mouth;Step S322: judge request number of times and when corresponding with data-interface expired
The size relation of interior maximum access times;Step S323: if judging, request number of times without departing from maximum access times, determines number
There is the access authority to data-interface according to access request.
Specifically, the request relevant information based on user verifies rule by access corresponding with data-interface, sentences first
Whether the data-interface of disconnected user's access is more than expired time, is subsequently determined whether in expired time corresponding with data-interface most
Big access times, finally, the request number of times based on expired time and maximum access times judges whether data access request has
To the access authority of data-interface.
For example, in the preset access verification rule of server-side, access verification rule includes that user accessed data in 24 hours
The total degree of interface A may not exceed 4 times;Server receives the data for accessing data-interface A from user User3 and visits
It asks request, extracts the request relevant information of data access request, the ID including user is " User3 ", data access request
The data-interface that request time is " 2015-12-19 15:10:00 ", the data access request is directed to is " data-interface A ", really
It is scheduled on the time that the time point " 2015-12-19 00:00:00 " of user " User3 " request data interface A for the first time requests to this
The data for data-interface A from user " User3 " are received in the time interval of point " 2015-12-19 15:10:00 "
The number of access request is 4 times, that is, judges request number of times 4 without departing from intraday maximum access corresponding with data-interface A
Number 4, it may be determined that the data access request from user User3 has the access authority to data-interface A;If user asks again
Access data-interface A is sought, then user User3 is this time requested access in the relevant information of data-interface A, the identity mark including user
Know information " User3 ", the identification information " data-interface A " of the data-interface requested access to, on the day of 2015-12-19 in the time
The number requested access to is the 5th, for user User3, judges that this request number of times 5 exceeds corresponding with data-interface A
Maximum access times 5 on the day of 2015-12-19 in the time, it may be determined that this time data access request does not have logarithm to user User3
According to the access authority of interface A.
In another example server-side is received at " 2015-11-18 00:05:20 " is directed to number from user " 0000001 "
According to the data access request of interface "/index/vote ", in user " 0000001 " request data interface "/index/ for the first time
The time point " 2015-11-18 00:00:00 " of vote " to this time point " 2015-11-18 00:05:20 " requested when
Between time of the data access request for data-interface "/index/vote " from user " 0000001 " is received in section
Number be 6 times, access verification rule in the predefined expired time for data-interface "/index/vote " be 5 minutes, with
Maximum access times in the corresponding expired time of data-interface "/index/vote " are 5 times, can determine whether this from user
" 0000001 " number is 6 times according to the request number of times of access request in 5 minutes, has been more than maximum access times 5 times, therefore can sentence
This data access request of breaking does not have the access authority to data-interface "/index/vote ".
In a preferred embodiment (referring to Fig. 3), this method further includes step S340 (not shown).Step S340:
If judging, request number of times is equal to maximum access times, issues the corresponding access verification rule of data-interface.
For example, verify rule according to the preset access of server-side, when judge user User3 " 2015-12-19 15:10:
The access request number 4 that 00 " moment requested access to data-interface A is equal to user User3 access data-interface A in 2015-12-19
When maximum access times in 24 hours same day, server issues the corresponding access verification rule of data-interface A to terminal, such as uses
The data-interface A's that family User3 is accessed in " 2015-12-19 00:00:00-2015-12-19 24:00:00 " time interval
Total degree is no more than 4 times.
The present embodiment may be implemented in server end and accurately judge whether data access request exceeds for the data-interface
Access times limitation goal of the invention, if repeatedly data access request in a short time frequent requests data-interface when, taking
The front end judgement of business device has reached the limitation of access request number for specific user for specific data interface, then will access school
It tests rule and is issued to client, and directly execute request verification and the interception of data access request in client, without again will
The front end that data access request is sent to server is verified, and the load of reduction server is achieved the purpose that with this.One
(referring to Fig. 3) in preferred embodiment, this method further includes step S350 (not shown).Step S350: if judging, data are visited
It asks that request does not have the access authority to data-interface, generate and issues transmission failure prompt information.
For example, if user User3 requests access to data-interface A, user at " 2015-12-19 18:10:00 "
User3 is this time requested access in the relevant information of data-interface A, and identification information " User3 " including user requests access to
The identification information " data-interface A " of data-interface determine that request data connects for the first time in user " User3 " for user User3
The time at time point " 2015-12-19 00:00:00 " to this time point " 2015-12-19 18:10:00 " requested of mouth A
The number that the data access request for data-interface A from user " User3 " is received in section is 6 times, and judgement is this time
Request number of times 6, can beyond the maximum access times 4 in the 24 hour time on the day of 2015-12-19 corresponding with data-interface A
Determine that this time data access request subsequently generates user's User3 number without the access authority to data-interface A to user User3
According to the prompt information such as " being more than maximum access times " of access request failure, and it will be prompted to information and be issued to client to be used for
Prompt user.
In another embodiment of the present invention, a kind of method for handling data access request is proposed, server-side is according to reception
The request relevant information of the data-interface access request from the user arrived, the corresponding access verification rule of combined data interface,
It can accurately judge whether the data access request has the access authority to data-interface;Wherein, for the visit of data-interface
Ask verification rule without being issued to client record and setting, it is only necessary to verify rule, easily accessible school in server-side maintenance access
It tests the variation of regular modification and business demand based on data-interface and is updated in time, reduce access verification rule
Maintenance cost.Simultaneously, it can be achieved that accurately judging whether data access request exceeds the access times for the data-interface
The goal of the invention of limitation, if repeatedly data access request in a short time frequent requests data-interface when, can be before server
End intercepts data access request, and no longer forwards data access request to corresponding data interface, is reduced with this to reach
To the purpose of data interface requests, the load of data-interface is reduced.
Fig. 4 is the structural schematic diagram of the device of the processing data access request of another embodiment in the present invention.
The present embodiment executes operations described below in terminal to realize the processing to data access request.
Detection module 410 detects the data access request from the user for being used to access data-interface, and extracts data visit
Ask the request relevant information of request;Based on request relevant information, rule is verified by access corresponding with data-interface, first sentences
Disconnected module 420 judges whether data access request has the access authority to data-interface;If data access request has logarithm
According to the access authority of interface, data access request is then sent to data-interface by sending module 430.
In the embodiment of the present invention, a kind of scheme for handling data access request is proposed, according to data from the user
The request relevant information of interface access request, the corresponding access verification rule of combined data interface, can accurately judge the data
Whether access request has the access authority to data-interface;Access verification rule can be configured by client, user
The access to data-interface can be limited according to itself requirements for access, while can also be existed by the access verification rule that server issues
Client verifies the access times of data access request, realizes and accurately judges that data access request is in client
The no access times beyond for the data-interface limit, if repeatedly frequent requests data connect data access request in a short time
When mouth, locally data access request can be intercepted in client, and no longer send data access request to server-side, with this
Achieve the purpose that reduce the load requested server-side, and then reduce server end corresponding data interface;Meanwhile improving server
Response speed of the client of end data treatment effeciency and terminal device to data access request.
Detection module 410 detects the data access request from the user for being used to access data-interface, and extracts data visit
Ask the request relevant information of request.
Wherein, request relevant information includes but is not limited to:
The identification information of data-interface;
The identification information of user;
The request time of data access request.
For example, in terminal device, when detecting that the data from the user for access associated data interface visit every time
When asking request, the request relevant information of data access request is extracted, as the identification information of user, the data that request access to connect
Identification information, request time of request of data access of mouth etc., and request relevant information is recorded;Such as, the number extracted
According in access request, the ID of user is " 0000001 ", the request time of request of data access be " 2015-11-18 00:00:
When 00 ", the data-interface which is directed to is "/index/vote ";Then, data in request relevant information are visited
It asks the identification information of the request time of request, the identification information of data-interface and user associated record, such as records User ID
A data access is executed at " 2015-11-18 00:00:00 " for interface "/index/vote " for the user of " 0000001 "
Request.
Based on request relevant information, rule is verified by access corresponding with data-interface, first judgment module 420 judges
Whether data access request has the access authority to data-interface.
Wherein, access verification rule includes but is not limited to:
Expired time corresponding with data-interface;
Maximum access times in expired time corresponding with data-interface;
Request number of times judgment rule based on expired time and maximum access times.
Specifically, the request relevant information based on user verifies rule by access corresponding with data-interface, sentences first
Whether the data-interface of disconnected user's access is more than expired time, is subsequently determined whether in expired time corresponding with data-interface most
Big access times, finally, the request number of times based on expired time and maximum access times judges whether data access request has
To the access authority of data-interface.
First judgment module 420 is specifically used for verifying rule, judgement by pre-stored access corresponding with data-interface
Whether data access request has the access authority to data-interface.
For example, in the preset access verification rule of client, access verification rule includes that user accessed data in 24 hours
The total degree of interface A may not exceed 4 times, and the request relevant information from user's User1 data access request includes: user
User1 requests access to data-interface A at " 2015-12-19 13:10:00 " moment;It is corresponding with data-interface A by what is be pre-stored
Access verify rule, judge the access authority for whether having to data-interface A from user User1 data access request.
Preferably, which further includes setup module (not shown);Setup module setting is corresponding with data-interface
Access verification rule.
For example, the corresponding access verification rule of data-interface A can be locally located by client in user User1, such as set
Setting user User1 and accessing the total degree of data-interface A in 24 hours may not exceed 8 times.
In another example the corresponding access verification rule of data-interface A that server issues are as follows: all users visit in 24 hours
Ask that the total degree of data-interface A may not exceed 6 times, after client receives the verification rule of the access from server, saving should
Access verification rule simultaneously carries out corresponding parameter setting.
Wherein, in locally pre-stored access verification rule corresponding with data-interface, such as in web terminal, it can pass through HTML5's
LocalStorage carries out persistent storage, can also be stored by modes such as cookie;Such as in client, then this is stored to
In ground database.
In a preferred embodiment, as shown in figure 5, first judgment module further comprises the first determination unit 521, first
Judging unit 522, the second determination unit 523 and third determination unit 524.First determination unit 521 is directed to user, determines data
Request number of times of the access request in expired time corresponding with data-interface;First judging unit 522 judge request number of times with
The size relation of maximum access times in expired time corresponding with data-interface;If the judgement of the second determination unit 523 is asked
It asks number without departing from maximum access times, determines that data access request has the access authority to data-interface;Third determines single
If member 524 judges that request number of times exceeds maximum access times, determine that data access request does not have the access right to data-interface
Limit.
For example, the user User2 that client is extracted requests access to the request relevant information of data-interface A, including user
The request time that ID " User2 ", the title " data-interface A " of the data-interface requested access to, request of data access is " 2015-
12-19 13:10:00";Expired time corresponding with data-interface " data-interface A " is one day, corresponding with data-interface
Maximum access times in expired time are 5 times;According to User ID " User2 " and the title " data-interface A " of data-interface,
The record that User ID " User2 " is directed to " data-interface A " corresponding data access request is inquired in storage region, is inquired from head
Secondary User ID " User2 " request " data-interface A ", request time is " 2015-12-19 08:05:00 " for the first time, until this is requested
Request time " 2015-12-19 13:10:00 " between data access request number be 5, that is, judge request number of times 5 not
Beyond in intraday maximum access times 5 corresponding with data-interface A, it may be determined that user's User2 data access request has
To the access authority of data-interface A;If user requests access to data-interface A again, user User2 this time requests access to data
In the relevant information of interface A, the identification information of identification information " User2 ", the data-interface requested access to including user
" data-interface A ", the number requested access in the time on the day of 2015-12-19 are the 6th time, for user User2, judge this
Secondary request number of times 6 is beyond the maximum access times 5 in the time on the day of 2015-12-19 corresponding with data-interface A, it may be determined that
This time data access request does not have the access authority to data-interface A to user User2.
In another example client is received at " 2015-11-18 00:04:11 " is directed to number from user " 0000001 "
According to the data access request of interface "/index/vote ", determine in user " 0000001 " request data interface "/index/ for the first time
The time point " 2015-11-18 00:00:00 " of vote " to this time point " 2015-11-18 00:04:11 " requested when
Between time of the data access request for data-interface "/index/vote " from user " 0000001 " is received in section
Number be 4 times, access verification rule in the predefined expired time for data-interface "/index/vote " be 5 minutes, with
Maximum access times in the corresponding expired time of data-interface "/index/vote " are 5 times, can determine whether this from user
The request number of times of " 0000001 " data access request in 5 minutes is 4 times, and is less than maximum access times 5 times, therefore can be sentenced
This data access request of breaking has the access authority to data-interface "/index/vote ".
In another example client is received at " 2015-11-18 00:05:20 " is directed to number from user " 0000001 "
According to the data access request of interface "/index/vote ", in user " 0000001 " request data interface "/index/ for the first time
The time point " 2015-11-18 00:00:00 " of vote " to this time point " 2015-11-18 00:05:20 " requested when
Between time of the data access request for data-interface "/index/vote " from user " 0000001 " is received in section
Number be 6 times, access verification rule in the predefined expired time for data-interface "/index/vote " be 5 minutes, with
Maximum access times in the corresponding expired time of data-interface "/index/vote " are 5 times, can determine whether this from user
" 0000001 " number is 6 times according to the request number of times of access request in 5 minutes, has been more than maximum access times 5 times, therefore can sentence
This data access request of breaking does not have the access authority to data-interface "/index/vote ".
If data access request has the access authority to data-interface, sending module 430 sends out data access request
It send to data-interface.
Specifically, when judgement, which obtains data access request, to be had to the access authority of data-interface, client is by user
Data access request be sent to the corresponding data-interface of server-side.
(refer to Fig. 4) in a preferred embodiment, which further includes that blocking module (not shown) and generation are sent
Module (not shown).If blocking module data access request does not have the access authority to data-interface, data interception is visited
Ask request;It generates sending module and generates transmission failure prompt information, and failure prompt information is provided to user.
For example, when determining that the data access request from user User2 does not have the access authority to data-interface A,
User User2 is intercepted to the data access request of data-interface A, and generates transmission failure prompt information, " has been more than such as maximum visit
Ask number ", and failure prompt information is provided to user User2.
Fig. 6 is the structural schematic diagram of the device of the processing data access request of another embodiment in the present invention.
Receiving module 610 receives from the user for accessing the data access request of data-interface;Third judgment module
620 extract the request relevant information of data access request, and based on request relevant information, utilize access corresponding with data-interface
Verification rule, judges whether data access request has the access authority to data-interface;If forwarding module 630 judges that data are visited
Ask that request has the access authority to data-interface, forwarding data access request to corresponding data-interface.
Wherein, access verification rule includes but is not limited to:
Expired time corresponding with data-interface;
Maximum access times in expired time corresponding with data-interface;
Request number of times judgment rule based on expired time and maximum access times.
For example, in the preset access verification rule of server-side, access verification rule includes that user accessed data in 24 hours
The total degree of interface A may not exceed 4 times;Server receives the data for accessing data-interface A from user User3 and visits
Ask request, the request relevant information from user's User3 data access request includes: that the ID of user is " User3 ", data access
The data-interface that the request time of request is " 2015-12-19 13:10:00 ", the data access request is directed to is " data-interface
A";And request relevant information is recorded;Such as, in the data access request extracted, the ID of user is " User3 ", data
The request time requested access to is " 2015-12-19 13:10:00 ", and the data-interface which is directed to is " data
Interface A ";Then, the request time of data access request in relevant information, the identification information of data-interface and user will be requested
The associated record of identification information, such as record User ID be " User3 " user for interface A " 2015-12-19 13:10:
00 " executes a data access request;Then, rule is verified by the access corresponding with data-interface A that server-side is pre-stored,
The access authority for whether having to data-interface A from user User3 data access request is judged, if judging user's User3 number
There is the access authority to data-interface A, forwarding data access request to data-interface A according to access request.
Third judgment module specifically includes the 4th determination unit (not shown), second judgment unit (not shown)
With the 5th determination unit (not shown).4th determination unit be directed to user, determine data access request with data-interface
Request number of times in corresponding expired time;Second judgment unit judges request number of times and when corresponding with data-interface expired
The size relation of interior maximum access times;If judging request number of times without departing from maximum access times, the 5th determination unit is true
Data access request is determined with the access authority to data-interface.
Specifically, the request relevant information based on user verifies rule by access corresponding with data-interface, sentences first
Whether the data-interface of disconnected user's access is more than expired time, is subsequently determined whether in expired time corresponding with data-interface most
Big access times, finally, the request number of times based on expired time and maximum access times judges whether data access request has
To the access authority of data-interface.
For example, in the preset access verification rule of server-side, access verification rule includes that user accessed data in 24 hours
The total degree of interface A may not exceed 4 times;Server receives the data for accessing data-interface A from user User3 and visits
It asks request, extracts the request relevant information of data access request, the ID including user is " User3 ", data access request
The data-interface that request time is " 2015-12-19 15:10:00 ", the data access request is directed to is " data-interface A ", really
It is scheduled on the time that the time point " 2015-12-19 00:00:00 " of user " User3 " request data interface A for the first time requests to this
The data for data-interface A from user " User3 " are received in the time interval of point " 2015-12-19 15:10:00 "
The number of access request is 4 times, that is, judges request number of times 4 without departing from intraday maximum access corresponding with data-interface A
Number 4, it may be determined that the data access request from user User3 has the access authority to data-interface A;If user asks again
Access data-interface A is sought, then user User3 is this time requested access in the relevant information of data-interface A, the identity mark including user
Know information " User3 ", the identification information " data-interface A " of the data-interface requested access to, on the day of 2015-12-19 in the time
The number requested access to is the 5th, for user User3, judges that this request number of times 5 exceeds corresponding with data-interface A
Maximum access times 5 on the day of 2015-12-19 in the time, it may be determined that this time data access request does not have logarithm to user User3
According to the access authority of interface A.
In another example server-side is received at " 2015-11-18 00:05:20 " is directed to number from user " 0000001 "
According to the data access request of interface "/index/vote ", in user " 0000001 " request data interface "/index/ for the first time
The time point " 2015-11-18 00:00:00 " of vote " to this time point " 2015-11-18 00:05:20 " requested when
Between time of the data access request for data-interface "/index/vote " from user " 0000001 " is received in section
Number be 6 times, access verification rule in the predefined expired time for data-interface "/index/vote " be 5 minutes, with
Maximum access times in the corresponding expired time of data-interface "/index/vote " are 5 times, can determine whether this from user
" 0000001 " number is 6 times according to the request number of times of access request in 5 minutes, has been more than maximum access times 5 times, therefore can sentence
This data access request of breaking does not have the access authority to data-interface "/index/vote ".
In a preferred embodiment (referring to Fig. 6), which further includes issuing module (not shown).If issuing module
Judge that request number of times is equal to maximum access times, issues the corresponding access verification rule of data-interface.
For example, verify rule according to the preset access of server-side, when judge user User3 " 2015-12-19 15:10:
The access request number 4 that 00 " moment requested access to data-interface A is equal to user User3 access data-interface A in 2015-12-19
When maximum access times in 24 hours same day, server issues the corresponding access verification rule of data-interface A to terminal, such as uses
The data-interface A's that family User3 is accessed in " 2015-12-19 00:00:00-2015-12-19 24:00:00 " time interval
Total degree is no more than 4 times.
The present embodiment may be implemented in server end and accurately judge whether data access request exceeds for the data-interface
Access times limitation goal of the invention, if repeatedly data access request in a short time frequent requests data-interface when, taking
The front end judgement of business device has reached the limitation of access request number for specific user for specific data interface, then will access school
It tests rule and is issued to client, and directly execute request verification and the interception of data access request in client, without again will
The front end that data access request is sent to server is verified, and the load of reduction server is achieved the purpose that with this.One
(referring to Fig. 6) in preferred embodiment, which further includes generating to issue module (not shown).If judging data access request
Without the access authority to data-interface, generation issues module and generates and issue transmission failure prompt information.
For example, if user User3 requests access to data-interface A, user at " 2015-12-19 18:10:00 "
User3 is this time requested access in the relevant information of data-interface A, and identification information " User3 " including user requests access to
The identification information " data-interface A " of data-interface determine that request data connects for the first time in user " User3 " for user User3
The time at time point " 2015-12-19 00:00:00 " to this time point " 2015-12-19 18:10:00 " requested of mouth A
The number that the data access request for data-interface A from user " User3 " is received in section is 6 times, and judgement is this time
Request number of times 6, can beyond the maximum access times 4 in the 24 hour time on the day of 2015-12-19 corresponding with data-interface A
Determine that this time data access request subsequently generates user's User3 number without the access authority to data-interface A to user User3
According to the prompt information such as " being more than maximum access times " of access request failure, and it will be prompted to information and be issued to client to be used for
Prompt user.
In another embodiment of the present invention, a kind of device for handling data access request is proposed, server-side is according to reception
The request relevant information of the data-interface access request from the user arrived, the corresponding access verification rule of combined data interface,
It can accurately judge whether the data access request has the access authority to data-interface;Wherein, for the visit of data-interface
Ask verification rule without being issued to client record and setting, it is only necessary to verify rule, easily accessible school in server-side maintenance access
It tests the variation of regular modification and business demand based on data-interface and is updated in time, reduce access verification rule
Maintenance cost.Simultaneously, it can be achieved that accurately judging whether data access request exceeds the access times for the data-interface
The goal of the invention of limitation, if repeatedly data access request in a short time frequent requests data-interface when, can be before server
End intercepts data access request, and no longer forwards data access request to corresponding data interface, is reduced with this to reach
To the purpose of data interface requests, the load of data-interface is reduced.
Those skilled in the art of the present technique are appreciated that the present invention includes being related to for executing in operation described herein
One or more equipment.These equipment can specially design and manufacture for required purpose, or also may include general
Known device in computer.These equipment have the computer program being stored in it, these computer programs are selectively
Activation or reconstruct.Such computer program can be stored in equipment (for example, computer) readable medium or be stored in
It e-command and is coupled in any kind of medium of bus respectively suitable for storage, the computer-readable medium includes but not
Be limited to any kind of disk (including floppy disk, hard disk, CD, CD-ROM and magneto-optic disk), ROM (Read-Only Memory, only
Read memory), RAM (Random Access Memory, immediately memory), EPROM (Erasable Programmable
Read-Only Memory, Erarable Programmable Read only Memory), EEPROM (Electrically Erasable
Programmable Read-Only Memory, Electrically Erasable Programmable Read-Only Memory), flash memory, magnetic card or light card
Piece.It is, readable medium includes by equipment (for example, computer) with any Jie for the form storage or transmission information that can be read
Matter.
Those skilled in the art of the present technique be appreciated that can be realized with computer program instructions these structure charts and/or
The combination of each frame and these structure charts and/or the frame in block diagram and/or flow graph in block diagram and/or flow graph.This technology neck
Field technique personnel be appreciated that these computer program instructions can be supplied to general purpose computer, special purpose computer or other
The processor of programmable data processing method is realized, to pass through the processing of computer or other programmable data processing methods
The scheme specified in frame or multiple frames of the device to execute structure chart and/or block diagram and/or flow graph disclosed by the invention.
Those skilled in the art of the present technique have been appreciated that in the present invention the various operations crossed by discussion, method, in process
Steps, measures, and schemes can be replaced, changed, combined or be deleted.Further, each with having been crossed by discussion in the present invention
Kind of operation, method, other steps, measures, and schemes in process may also be alternated, changed, rearranged, decomposed, combined or deleted.
Further, in the prior art to have and the step in various operations, method disclosed in the present invention, process, measure, scheme
It may also be alternated, changed, rearranged, decomposed, combined or deleted.
The above is only some embodiments of the invention, it is noted that for the ordinary skill people of the art
For member, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications are also answered
It is considered as protection scope of the present invention.