CN108833518B - A method of session id is generated based on nginx server - Google Patents
A method of session id is generated based on nginx server Download PDFInfo
- Publication number
- CN108833518B CN108833518B CN201810570009.4A CN201810570009A CN108833518B CN 108833518 B CN108833518 B CN 108833518B CN 201810570009 A CN201810570009 A CN 201810570009A CN 108833518 B CN108833518 B CN 108833518B
- Authority
- CN
- China
- Prior art keywords
- session
- nginx
- redis
- client
- node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 24
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 13
- 230000003252 repetitive effect Effects 0.000 claims abstract description 4
- 230000008569 process Effects 0.000 claims description 7
- 239000003795 chemical substances by application Substances 0.000 claims description 6
- 238000012795 verification Methods 0.000 claims description 6
- 230000001174 ascending effect Effects 0.000 claims description 4
- 239000012467 final product Substances 0.000 claims description 3
- 230000006872 improvement Effects 0.000 description 3
- 235000013399 edible fruits Nutrition 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 244000097202 Rathbunia alamosensis Species 0.000 description 1
- 235000009776 Rathbunia alamosensis Nutrition 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 229910002056 binary alloy Inorganic materials 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/30—Managing network names, e.g. use of aliases or nicknames
- H04L61/3015—Name registration, generation or assignment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
Abstract
The present invention provides a kind of method for generating session id based on nginx server, comprising: cluster internal generates non-repetitive sequence;Session id is put on more Redis clusters, the ID of Redis node is embedded in session id;It will be embedded in session id validity period;Data are changed into base64 format;Session id is collectively formed using check code and numerical part;It receives client and is transmitted through the session id come, whether before the deadline which is verified by algorithm, if forge, if effectively.The present invention realizes generation and the verifying function of session id on Nginx, reduces internal system network expense, reduces the pressure of back end application server, reduce hardware consumption, improve throughput of system, realizes the reasonable utilization of resource.
Description
Technical field
The present invention relates to Web development technique fields, are related to a kind of method for generating session id based on nginx server.
Background technique
Nginx is a high performance HTTP server and Reverse Proxy.It is a large amount of by Taobao, Netease, Sina etc.
Internet company uses.
There is demand in exploitation now, system needs to provide session id, for tracking user, to facilitate analysis user's row
For, do A/B test.In common Distributed-solution, generates and verification session id is responsible for by back end application server.
Nginx calls back end application server to complete session id generation, verification by interface.The program calls link relatively more, system
Internal network expense is big, and the hardware resource needed is more.
Summary of the invention
To solve the above problems, the invention discloses the methods for generating session id based on Nginx server, with nginx phase
The form of plug-in unit is answered, the session id for being not easy to be forged can be quickly generated.
In order to achieve the above object, the invention provides the following technical scheme:
A method of session id is generated based on nginx server, is included the following steps:
Step 1, cluster internal generate non repetitive sequence, and sequence includes: nginx example ID, timestamp, counter,
Nginx example ID has uniqueness;
Step 2 carries out operation using CRC32 algorithm to the sequence that step 1 generates, obtains a whole-number result, the knot
The node number of fruit and Redis do modular arithmetic, and obtained result is as Redis node ID;
Session id will be written validity period in step 3;
Step 4 splices sequence, Redis node ID, validity period, and carries out operation using Base64 algorithm and arrive session to obtain the final product
The numerical part of ID;
Step 5 splices the numerical part of session id, the User-Agent of client, client ip, server end password,
Then according to character ascending sort, operation finally is carried out using MD5 algorithm, operation result is check code;
Step 6, the identifying code that the session id numerical part and step 5 that splicing step 4 generates generate, obtains final
Session id.
As an improvement, further including session id method of calibration, comprise the following processes:
When receiving the request of client, the 128Bit check code at session id end is intercepted, then rest part is session id
Numerical part;The numerical part of session id is decoded using Base64 algorithm, decoded data are proceeded as follows:
Whether expired verify session id:
The 1st to the 40th is taken, the entry-into-force time is calculated;
The 69th is taken out to 76, calculates validity period;
If entry-into-force time+validity period < current time, session are expired;
Whether verification session id, which is forged, is distorted:
The numerical part of session id is spliced with client ip, client User-Agent, calculates MD5 code, and by result
It compares, judges whether identical with the check code in session id;If identical, indicate that session id is correct;If it is not the same, then indicating
Session id is to forge, or be tampered, mistake of dishing out;
Verify session id validity:
The 65th to 68 is intercepted, Redis node ID is obtained, according to Redis node ID, from corresponding Redis memory node
The session id is inquired, if inquiring data, illustrates that session id is effective, otherwise illustrates that the session id is invalid.
Further, counter current value is stored in shared drive, all Worker processes on separate unit Nginx server
Share the counter.
Compared with prior art, the invention has the advantages that and the utility model has the advantages that
The present invention realizes generation and the verifying function of session id on Nginx, reduces internal system network expense, subtracts
The pressure of few back end application server, reduces hardware consumption, improves throughput of system, realize the reasonable utilization of resource.
Detailed description of the invention
Fig. 1 is the flow chart for generating session id.
Fig. 2 receives client for server and is transmitted through the flow chart verified after the session id come.
Specific embodiment
Technical solution provided by the invention is described in detail below with reference to specific embodiment, it should be understood that following specific
Embodiment is only illustrative of the invention and is not intended to limit the scope of the invention.In addition, step shown in the flowchart of the accompanying drawings
Suddenly it can execute in a computer system such as a set of computer executable instructions, although also, showing in flow charts
Logical order, but in some cases, it can be with the steps shown or described are performed in an order that is different from the one herein.
The generation method provided by the invention that session id is generated based on Nginx server is as shown in Figure 1 and Figure 2, specific to wrap
Include following steps:
Step 1, cluster internal non repetitive sequence generate scheme:
Sequence is made up of following element: nginx example ID, timestamp (Millisecond), counter.
| Field name | Length |
| Timestamp | 40bit |
| Nginx example ID | 4bit |
| Counter | 20bit |
The wherein calculation of timestamp are as follows: -2016 zero second on the stroke of midnight on January 1, of current time.40bit storage
Data can be supported to the year two thousand fifty;
Nginx example ID length is 4bit, ID range: [0,15].It could support up 16 nginx;For each in cluster
Nginx server distributes a unique ID, uses the ID as a part of sequence.
Counter is combined in sequence, guarantees the uniqueness of sequence.Counter heights are 20bit, range: [0,1048575],
That is, every millisecond of at most 1,040,000 ID of production.When counter reaches the upper limit, 1 millisecond is waited.Then it resets, recalculates.Meter
Number device current value is stored in shared drive.All Worker processes can share the counter on separate unit Nginx server.
Step 2, it will words ID is put on more Redis clusters and the ID of Redis node is embedded in session id, in big data feelings
Under condition, the memory node ID being embedded in by extracting session id can directly inquire corresponding Redis database according to node ID,
The search efficiency of session id can be improved.
Operation is carried out using CRC32 algorithm by the sequence generated to step 1, a whole-number result, the knot can be obtained
The node number of fruit and Redis do modular arithmetic, and obtained result is Redis node ID.
Redis node ID format are as follows:
| Field name | Length |
| Redis node ID | 4bit |
Session id will be written validity period in step 3, reduce server memory expense.
Validity period format are as follows:
| Field name | Length | Value range |
| Type | 2bit | 0- points;1- hours;2- days;The 3- month |
| Value | 6bit | 0~64 |
Total 8bit.
The range that can be indicated are as follows:
1 to 64 point
1 to 64 hour
1 to 64 day
1 to 64 month
Such as:
| Validity period | Binary system | Integer |
| 1 minute | 00000001 | 1 |
| 5 minutes | 00000101 | 5 |
| 1 hour | 01000001 | 65 |
| 8 hours | 01001000 | 72 |
| 1 day | 10000001 | 129 |
| 2 days | 10000010 | 130 |
| 7 days | 10000111 | 135 |
| January | 11000001 | 193 |
Step 4 generates the numerical part of session id.
Splice sequence, Redis node ID, validity period, and carries out the number that session id is arrived in operation to obtain the final product using Base64 algorithm
Value part.Data are changed into base64 format by this step, can reduce session id length.
Step 5 generates identifying code.
Splice the numerical part of session id, the User-Agent of client, client ip, server end password, then presses
According to character ascending sort, operation finally is carried out using MD5 algorithm, operation result is check code.Meeting can be prevented using check code
Words ID is forged.
Step 6 is generated into session id.
Splice the session id numerical part that step 4 generates and the identifying code that step 5 generates to get final session is arrived
ID。
After session id generates, stores into the corresponding Redis database of mod_x, after storing successfully, return to client.
Step 7, verifying client are transmitted through the session id come.
When receiving the request of client, the 128Bit check code at session id end is intercepted, then rest part is session id
Numerical part.
Nginx is upper directly to do following verification to session id:
1. whether session id is expired
2. whether session id be tampered, forge.
Method of calibration:
The numerical part of session id is decoded using Base64 algorithm first, fetch bit operation below is all to decoded
Data are operated.
1. whether verify session id expired
The 1st to the 40th is taken, the entry-into-force time is calculated;The 69th is taken out to 76, calculates validity period.
If entry-into-force time+validity period < current time, session are expired.
2. whether verification session id be tampered, forge
The numerical part of session id is spliced with client ip, client User-Agent, calculates MD5 code, and by result
It compares, judges whether identical with the check code in session id.
If identical, correctly;If it is not the same, session id is to forge, or be tampered, mistake of dishing out.
3. verifying the validity of session id
The 65th to 68 is intercepted, Redis node ID is obtained, according to Redis node ID, from corresponding Redis memory node
The session id is inquired, if inquiring data, illustrates that session id is effective, otherwise the session id is invalid.
Those of ordinary skill in the art will appreciate that realizing all or part of the process in above-described embodiment method, being can be with
Relevant hardware is instructed to complete by computer program, the program can be stored in a computer-readable storage medium
In, the program is when being executed, it may include such as the process of the embodiment of above-mentioned each method.Wherein, the storage medium can be magnetic
Dish, CD, read-only memory (Read-Only Memory, ROM) or random access memory (Random Access
Memory, RAM) etc..
The technical means disclosed in the embodiments of the present invention is not limited only to technological means disclosed in above embodiment, further includes
Technical solution consisting of any combination of the above technical features.It should be pointed out that for those skilled in the art
For, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications are also considered as
Protection scope of the present invention.
Claims (3)
1. a kind of method for generating session id based on nginx server, which comprises the steps of:
Step 1, cluster internal generate non repetitive sequence, and sequence includes: nginx example ID, timestamp, counter, and nginx is real
Example ID has uniqueness;
Step 2 carries out operation using CRC32 algorithm to the sequence that step 1 generates, obtains a whole-number result, the result with
The node number of Redis does modular arithmetic, and obtained result is as Redis node ID;
Session id will be written validity period in step 3;
Step 4 splices sequence, Redis node ID, validity period, and carries out operation using Base64 algorithm and arrive session id to obtain the final product
Numerical part;
Step 5 splices the numerical part of session id, the User-Agent of client, client ip, server end password, then
According to character ascending sort, operation finally is carried out using MD5 algorithm, operation result is check code;
Step 6, the check code that the session id numerical part and step 5 that splicing step 4 generates generate, obtains final session
ID。
2. the method according to claim 1 for generating session id based on nginx server, which is characterized in that further include meeting
ID method of calibration is talked about, following process is specifically included:
When receiving the request of client, the 128Bit check code at session id end is intercepted, then rest part is the numerical value of session id
Part;The numerical part of session id is decoded using Base64 algorithm, decoded data are proceeded as follows:
Whether expired verify session id:
The 1st to the 40th is taken, the entry-into-force time is calculated;
The 69th is taken out to 76, calculates validity period;
If entry-into-force time+validity period < current time, session are expired;
Whether verification session id, which is forged, is distorted:
By the numerical part of session id with client ip, client User-Agent, the splicing of server end password, then according to word
Ascending sort is accorded with, MD5 code is calculated, and result and the check code in session id are compared, judges whether identical;If identical, table
Show that session id is correct;If it is not the same, then indicating that session id is to forge, or be tampered, mistake of dishing out;
Verify session id validity:
The 65th to 68 is intercepted, Redis node ID is obtained, according to Redis node ID, is inquired from corresponding Redis memory node
The session id illustrates that session id is effective if inquiring data, otherwise illustrates that the session id is invalid.
3. the method according to claim 1 for generating session id based on nginx server, it is characterised in that:
Counter current value is stored in shared drive, and all Worker processes share the counter on separate unit Nginx server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810570009.4A CN108833518B (en) | 2018-06-05 | 2018-06-05 | A method of session id is generated based on nginx server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810570009.4A CN108833518B (en) | 2018-06-05 | 2018-06-05 | A method of session id is generated based on nginx server |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108833518A CN108833518A (en) | 2018-11-16 |
| CN108833518B true CN108833518B (en) | 2019-04-09 |
Family
ID=64143928
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810570009.4A Active CN108833518B (en) | 2018-06-05 | 2018-06-05 | A method of session id is generated based on nginx server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108833518B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109981811B (en) * | 2019-03-12 | 2022-05-31 | 众安信息技术服务有限公司 | Session ID generation method and system of terminal application program |
| CN110086802B (en) * | 2019-04-24 | 2021-11-23 | 上海易点时空网络有限公司 | Authentication method and device for session |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103200152A (en) * | 2012-01-04 | 2013-07-10 | 中国移动通信集团公司 | Conversation processing method, server and client-side |
| CN105610853A (en) * | 2016-01-18 | 2016-05-25 | 网易(杭州)网络有限公司 | Communication method and system, and application server |
| CN106303428A (en) * | 2016-08-18 | 2017-01-04 | 杭州蛮牛科技有限公司 | A kind of security protection cloud platform |
| CN106685932A (en) * | 2016-12-08 | 2017-05-17 | 努比亚技术有限公司 | File access system and method based on cloud service |
| CN107018042A (en) * | 2017-04-13 | 2017-08-04 | 广东神马搜索科技有限公司 | Method for tracing and tracing system for online service system |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8886798B2 (en) * | 2010-11-15 | 2014-11-11 | Vardr Pty Ltd | Group monitoring system and method |
-
2018
- 2018-06-05 CN CN201810570009.4A patent/CN108833518B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103200152A (en) * | 2012-01-04 | 2013-07-10 | 中国移动通信集团公司 | Conversation processing method, server and client-side |
| CN105610853A (en) * | 2016-01-18 | 2016-05-25 | 网易(杭州)网络有限公司 | Communication method and system, and application server |
| CN106303428A (en) * | 2016-08-18 | 2017-01-04 | 杭州蛮牛科技有限公司 | A kind of security protection cloud platform |
| CN106685932A (en) * | 2016-12-08 | 2017-05-17 | 努比亚技术有限公司 | File access system and method based on cloud service |
| CN107018042A (en) * | 2017-04-13 | 2017-08-04 | 广东神马搜索科技有限公司 | Method for tracing and tracing system for online service system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108833518A (en) | 2018-11-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8429124B2 (en) | On demand multi-location large database synchronization system | |
| CN101159715B (en) | Safety information checking method and safety information checking device and client terminal | |
| SE541713C2 (en) | Method and system for registering digital documents | |
| US20050027731A1 (en) | Compression dictionaries | |
| US10216608B1 (en) | Load testing with automated service dependency discovery | |
| CN108390881A (en) | A kind of distribution high concurrent real-time messages method for pushing and system | |
| US20030163539A1 (en) | Apparatus and method for data transfer | |
| CN108833518B (en) | A method of session id is generated based on nginx server | |
| CN108768672B (en) | Data processing method, device and storage medium | |
| CN110032895A (en) | Request processing method, processing unit and requests verification method, verifying device | |
| CN104348578B (en) | The method and device of data processing | |
| EP1696339A2 (en) | System and method for testing data format using targeted variant input | |
| CN106899564A (en) | A kind of login method and device | |
| CN109995775B (en) | Block chain verification code application method, equipment and storage medium | |
| CN111625467B (en) | Automatic testing method and device, computer equipment and storage medium | |
| CN101136747A (en) | Information checking system and method | |
| CN101374158A (en) | Selectively delivering cached content or processed content to clients based upon a result completed percentage | |
| CN109525613A (en) | A kind of demand processing system and method | |
| US11323368B1 (en) | System and method for web service atomic transaction (WS-AT) affinity routing | |
| CN105337931A (en) | Number limit control method and distributed number limit control system | |
| Hwang et al. | Blockchain-based automatic indemnification mechanism based on proof of violation for cloud storage services | |
| CN112787978A (en) | Data acquisition method and device, computer equipment and computer-readable storage medium | |
| CN116561229B (en) | Data synchronization method, device and storage medium based on graphic neural network | |
| CN106339441A (en) | Form calling method, device and system | |
| Blaauwendraad et al. | Postquantum Hash-based Signatures for Multi-chain Blockchain Technologies |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 210019 4th floor, building 1, 69 Aoti street, Jianye District, Nanjing City, Jiangsu Province Patentee after: Nanjing Lianchuang Digital Technology Co.,Ltd. Address before: 210019 4th floor, building 1, 69 Aoti street, Jianye District, Nanjing City, Jiangsu Province Patentee before: NANJING LIANCHUANG INTERNET TECHNOLOGY Co.,Ltd. |
|
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: A method for generating session IDs based on nginx servers Granted publication date: 20190409 Pledgee: Bank of China Limited by Share Ltd. Jiangsu branch Pledgor: Nanjing Lianchuang Digital Technology Co.,Ltd. Registration number: Y2024980015503 |