CN110750765A - Service system, front-end page control method thereof, computer device, and storage medium - Google Patents

Service system, front-end page control method thereof, computer device, and storage medium Download PDF

Info

Publication number
CN110750765A
CN110750765A CN201910923664.8A CN201910923664A CN110750765A CN 110750765 A CN110750765 A CN 110750765A CN 201910923664 A CN201910923664 A CN 201910923664A CN 110750765 A CN110750765 A CN 110750765A
Authority
CN
China
Prior art keywords
server
user information
user
service server
service
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910923664.8A
Other languages
Chinese (zh)
Other versions
CN110750765B (en
Inventor
陈健
张奕冕
董鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qianxin Technology Group Co Ltd
Secworld Information Technology Beijing Co Ltd
Original Assignee
Qianxin Technology Group Co Ltd
Secworld Information Technology Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qianxin Technology Group Co Ltd, Secworld Information Technology Beijing Co Ltd filed Critical Qianxin Technology Group Co Ltd
Priority to CN201910923664.8A priority Critical patent/CN110750765B/en
Publication of CN110750765A publication Critical patent/CN110750765A/en
Application granted granted Critical
Publication of CN110750765B publication Critical patent/CN110750765B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/448Execution paradigms, e.g. implementations of programming paradigms
    • G06F9/4482Procedural

Abstract

The invention provides a service system, a front-end page control method thereof, computer equipment and a storage medium. The service system comprises a business server, a verification server, a front end and a database, and the method comprises the following steps: the front end receives a login request of a user, sends a password acquisition request to the verification server, the verification server verifies account information, and an access password is returned to the front end after the account information passes the verification; the front end sends a first access request to the service server, the service server sends a user information acquisition request to the verification server, the verification server verifies the access password, the front end obtains the user information after the verification is passed, a second access request is sent to the service server, element visibility is acquired, the front end displays an operation control with visible element visibility indication on an operation page, and hides the operation control with invisible element visibility indication. By the method and the device, the safety of operation authority control and user experience can be improved.

Description

Service system, front-end page control method thereof, computer device, and storage medium
Technical Field
The present invention relates to the field of data processing technologies, and in particular, to a service system, a front-end page control method thereof, a computer device, and a storage medium.
Background
In a service system, different operation authorities often need to be set for different users, for example, in an intra-company business service system, different operation authorities need to be set for employees with different functions. In a service system provided by the prior art, after a user logs in the service system through a front end, the front end directly displays a uniform operation page, and the user selects an operable control according to the authority of the user. When the user selects the operation control within the authority, the service server can return the corresponding service data, the safety of the operation authority control is low, when the user selects the operation control outside the authority, the front end returns prompt information such as 'no operation authority', and the user experience is poor.
Therefore, it is a technical problem to be solved in the art to provide a service system, a front-end page control method thereof, a computer device and a storage medium to improve the security of operation authority control and user experience.
Disclosure of Invention
The invention aims to provide a service system, a front-end page control method thereof, computer equipment and a storage medium, which are used for solving the technical problems of low safety of operation authority control and poor user experience in the front-end page control method of the service system in the prior art.
In one aspect, the present invention provides a front-end page control method for a service system.
The service system includes: the front-end page control method comprises the following steps: the method comprises the steps that a front end receives a login request of a user, wherein the login request comprises account information; the front end sends a password acquisition request to a verification server, wherein the password acquisition request comprises account information; the authentication server authenticates the account information and returns an access password to the front end after the authentication is passed; the front end receives an access password sent by the authentication server; the front end sends a first access request to a service server, wherein the first access request comprises an access password, and the first access request accesses a first interface of the service server for acquiring user information; the service server sends a user information acquisition request to the verification server, wherein the user information acquisition request comprises an access password; the authentication server authenticates the access password and returns user information to the service server after the authentication is passed; the service server receives user information sent by the verification server; the front end receives user information returned by the first interface; the front end sends a second access request to the service server, wherein the second access request comprises user information, and the second access request accesses a second interface of the service server for acquiring element visibility; the business server queries a database according to the user information to acquire element visibility, wherein the database comprises authority configuration information which comprises a corresponding relation between the user information and the element visibility; the front end receives element visibility returned by the second interface; and the front end displays an operation control with visible element visibility indication on the operation page, and hides an operation control with invisible element visibility indication, wherein the visible operation control is an operation control in the user operation authority, and the invisible operation control is an operation control outside the user operation authority.
Further, the second access request further includes an access password, and after the step of sending the second access request to the service server by the front end, before the step of querying the database by the service server according to the user information to obtain the visibility of the element, the front end page control method further includes: the service server sends an access password verification request to the verification server, wherein the access password verification request comprises an access password; the verification server verifies the access password and returns a verification result to the service server; and when the received verification result is that the verification is passed, the service server queries the database according to the user information to acquire the element visibility.
Further, the front-end page control method further includes: the front end responds to the operation of the user on the operation control and sends a third access request to the business server, wherein the third access request comprises user information, and the third access request accesses the business server to complete a third interface of the service corresponding to the operated operation control; the service server inquires a database according to the user information to judge whether the user has an operation authority corresponding to the operation control, wherein the authority configuration information further comprises a corresponding relation between the user information and the operation authority; and when the user has the operation right corresponding to the operation control, the business server returns the service data to the front end.
Further, the third access request further includes an access password, and after the step of sending the third access request to the service server by the front end, before the step of querying the database by the service server according to the user information to determine whether the user has the operation right corresponding to the operation control, the front end page control method further includes: the service server sends an access password verification request to the verification server, wherein the access password verification request comprises an access password; the verification server verifies the access password and returns a verification result to the service server; and when the received verification result is that the verification is passed, the service server inquires the database according to the user information so as to judge whether the user has the operation authority corresponding to the operation control.
Further, the database further includes a user list, and after the service server receives the user information sent by the verification server, the front-end page control method further includes: the service server inquires user information in the user list, wherein when the service server cannot inquire the user information in the user list, the user information is written into the user list and marked as the user information to be configured; the step of the front end displaying the operation control with the element visibility indication visible on the operation page comprises the following steps: the front end displays the authority configuration operation control on the operation page; when the user has the operation right corresponding to the operation control, the step that the business server returns the service data to the front end comprises the following steps: and when the user has the operation authority corresponding to the authority configuration operation control, the service server returns the information of the user to be configured in the user list to the front end.
Further, the permission configuration information includes a first corresponding relationship, a second corresponding relationship and a third corresponding relationship, the first corresponding relationship is a corresponding relationship between the identification user information and the role, the second corresponding relationship is a corresponding relationship between the identification role and the operation permission, the third corresponding relationship is a corresponding relationship between the identification operation permission and the element visibility, the service server queries the database according to the user information to obtain the element visibility, and the step includes: the service server searches a plurality of roles corresponding to the user information in the first corresponding relation; the service server searches the operation authority corresponding to each role in the second corresponding relation; the business server searches element visibility corresponding to each operation authority in the third corresponding relation; and the business server collects element visibility corresponding to all roles.
Further, the front-end page control method further includes: and after the hidden element visibility indication on the operation page by the front end indicates the invisible operation control, displaying a preset substitute icon at a position corresponding to the invisible operation control.
In another aspect, the present invention provides a service system for achieving the above objects.
The service system includes: the system comprises a service server, a verification server, a front end and a database, wherein: the front end is used for receiving a login request of a user, wherein the login request comprises account information; the front end is also used for sending a password acquisition request to the verification server, wherein the password acquisition request comprises account information; the verification server is used for verifying the account information and returning an access password to the front end after the account information passes the verification; the front end is also used for receiving an access password sent by the authentication server; the front end is also used for sending a first access request to the service server, wherein the first access request comprises an access password, and the first access request accesses a first interface for the service server to acquire user information; the service server is used for sending a user information acquisition request to the verification server, wherein the user information acquisition request comprises an access password; the verification server is also used for verifying the access password and returning the user information to the service server after the verification is passed; the service server is also used for receiving the user information sent by the verification server; the front end is also used for receiving user information returned by the first interface; the front end is also used for sending a second access request to the service server, wherein the second access request comprises user information, and the second access request accesses a second interface for obtaining element visibility of the service server; the business server is also used for querying a database according to the user information to acquire element visibility, wherein the database comprises authority configuration information, and the authority configuration information comprises a corresponding relation between the user information and the element visibility; the front end is also used for receiving element visibility returned by the second interface; the front end is also used for displaying an operation control with visible element visibility indication on the operation page, and hiding the operation control with invisible element visibility indication, wherein the visible operation control is an operation control in the user operation permission, and the invisible operation control is an operation control outside the user operation permission.
To achieve the above object, the present invention also provides a computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the steps of the above method when executing the computer program.
To achieve the above object, the present invention also provides a computer-readable storage medium having stored thereon a computer program which, when being executed by a processor, carries out the steps of the above method.
The invention provides a service system and a front-end page control method thereof, a computer device and a storage medium, wherein the service system comprises a service server, an authentication server, a front end and a database, after receiving a login request of a user, the front end firstly obtains an access password from the authentication server, and then accesses a first interface of the service server through the access password to obtain user information; when receiving access, a first interface of the service server verifies an access password to a verification server, the verification server sends user information to the server after passing the verification, the first interface of the server returns the user information to the front end, and the front end accesses a second interface of the server through the user information to obtain element visibility; when a second interface of the business server receives access, acquiring element visibility according to the user information, and returning the element visibility to the front end; the front end displays the operation control with visible element visibility indication on the operation page, hides the operation control with invisible element visibility indication, for a user, the operation controls seen by the user are all the operation controls in the operation authority of the user, the user does not need to pay attention to the operation authority, user experience is improved, meanwhile, when the operation control displayed on the operation page is controlled, an access password needs to be verified through a verification server, user information can be obtained after verification is passed, element visibility can be obtained through the user information in a database, and the safety of the service system for operation authority control is improved.
Drawings
Fig. 1 is a flowchart of a front-end page control method of a service system according to an embodiment of the present invention;
fig. 2 is a flowchart of a front-end page control method of a service system according to a second embodiment of the present invention;
fig. 3 is a flowchart of a front-end page control method of a service system according to a third embodiment of the present invention;
fig. 4 is a block diagram of a service system according to a fourth embodiment of the present invention;
fig. 5 is a hardware configuration diagram of a computer device according to a fifth embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The invention provides a service system, a front-end page control method thereof, computer equipment and a storage medium. In the front-end page control method of the service system, after a user logs in the service system through a front end, the front end verifies account information to a verification server, obtains an access password after the verification is passed, and then writes the access password into a first access request for accessing a first interface of a service server; when a first interface of a service server is accessed, an access password is written in a user information acquisition request and is sent to a verification server, the verification server returns user information to the service server after the access password is verified, and the service server sends the user information to a front end as return information of the front end accessing the first interface; the front end writes the user information into a second access request for accessing a second interface of the service server after obtaining the user information; and when a second interface of the business server is accessed, querying a database according to the user information of the second access request, wherein the database comprises permission configuration information, the permission configuration information comprises a corresponding relation between the user information and element visibility, and the business server can find the element visibility through the user information and return the element visibility to the front end, wherein the element visibility is used for indicating which operation controls are visible and which operation controls are invisible, the visible operation controls are operation controls in the user operation permission, and the invisible operation controls are operation controls outside the user operation permission. After the front end receives the element visibility, the operation control with the visible element visibility indication is displayed on the operation page, namely the operation control in the user operation authority is displayed, and meanwhile, the operation control with the invisible element visibility indication is hidden, namely the operation control outside the user operation authority is hidden.
It can be seen that the operation controls displayed on the operation page at the front end are all within the operation authority of the user, the user does not need to pay attention to which operation controls belong to the operation authority, which operation authorities belong to the outside of the operation authority, user experience is improved, meanwhile, when the operation controls displayed on the operation page are controlled, the access password needs to be verified through the verification server, the user information can be obtained after the verification is passed, element visibility can be obtained through the user information in the database, and the safety of the service system on the operation authority control is improved.
Specific embodiments of the service system and the front-end page control method, the computer device, and the storage medium thereof according to the present invention will be described in detail below.
Example one
The embodiment of the invention provides a front-end page control method of a service system, which is applied to the service system and can improve the security of the operation authority control of the service system and the user experience, wherein the service system comprises a service server, a verification server, a front end and a database, and the front-end page control method of the service system provided by the embodiment is realized on the basis of the interaction among the front end, the verification server and the service server and the reading and writing of the database by the service server. Specifically, fig. 1 is a flowchart of a front-end page control method of a service system according to an embodiment of the present invention, and as shown in fig. 1, the front-end page control method of the service system according to the embodiment includes steps S101 to S113 as follows.
Step S101: the front end receives a login request of a user.
The front end provides a login window of the service system, a user inputs information such as account information and password information through the login window, namely the front end receives a login request, and the login request comprises the account information and the password information.
After receiving the login request, the front end can firstly verify account information, password information and the like, and after the verification is passed, the front end acquires an access password from the verification server.
Step S102: the front end sends a password acquisition request to the authentication server.
The password acquisition request comprises account information.
Step S103: and the authentication server authenticates the account information and returns an access password to the front end after the authentication is passed.
After receiving the password acquisition request, the authentication server authenticates the account information, and returns an access password to the front end after the authentication is passed, wherein the returned access password can be an access password corresponding to the account information.
Step S104: the front end receives an access password sent by the authentication server.
Step S105: the front end sends a first access request to a service server.
The first access request comprises an access password, and the first access request accesses a first interface for acquiring user information from the service server.
Step S106: and the service server sends a user information acquisition request to the verification server.
Wherein the user information acquisition request includes an access password.
Optionally, the access password is used as header information of the first access request. And after receiving the first access request, the service server analyzes the header information to obtain an access password, simultaneously uses the access password as the header information of the user information acquisition request, and sends the user information acquisition request to the verification server.
Step S107: and the authentication server authenticates the access password and returns user information to the service server after the authentication is passed.
After receiving the user information acquisition request, the verification server analyzes the header information to obtain an access password, verifies the analyzed access password by using the data of the verification server, and sends the user information corresponding to the access password to the service server when the verification is successful.
Step S108: and the service server receives the user information sent by the verification server.
And after receiving the user information sent by the verification server, the service server returns the user information to the front end through the first interface.
Step S109: the front end receives the user information returned by the first interface.
Step S110: and the front end sends a second access request to the service server.
And the second access request comprises user information, and the second access request accesses a second interface for acquiring element visibility of the service server.
Step S111: and the business server queries the database according to the user information to acquire element visibility.
And when receiving a second access request for accessing the second interface, the service server analyzes the second access request to obtain the user information, and queries the database by taking the user information as a query parameter.
The database comprises permission configuration information, the permission configuration information comprises a corresponding relation between user information and element visibility, namely when the permission configuration information comprises certain user information and element visibility corresponding to the user information, the element visibility can be found in the permission configuration information through the user information. The element visibility is used for indicating which operation controls are visible for a user corresponding to the user information, which operation controls are invisible for the user corresponding to the user, the visible operation controls are operation controls within the user operation authority, and the invisible operation controls are operation controls outside the user operation authority. Optionally, the element visibility may be a plurality of key value pairs, where a key in a key value pair is identification information of the operation control, and a value in the key value pair is an identification of whether the operation control is visible. Alternatively, element visibility can be in any other data format that can identify the operating controls as visible and invisible.
And after acquiring the element visibility, the service server returns the element visibility to the front end.
Optionally, the permission configuration information includes a first corresponding relationship, a second corresponding relationship, and a third corresponding relationship, where the first corresponding relationship is a corresponding relationship between the identifier user information and the role, the second corresponding relationship is a corresponding relationship between the identifier role and the operation permission, and the third corresponding relationship is a corresponding relationship between the identifier operation permission and the element visibility. When the step S111 realizes the acquisition of element visibility, the following steps are specifically executed: the service server searches a plurality of roles corresponding to the user information in the first corresponding relation; the service server searches the operation authority corresponding to each role in the second corresponding relation; the business server searches element visibility corresponding to each operation authority in the third corresponding relation; and the business server collects element visibility corresponding to all roles.
Step S112: the front end receives element visibility returned by the second interface.
Step S113: the front end displays the operation control with visible element visibility indication on the operation page, and hides the operation control with invisible element visibility indication.
When the front end renders the operation page, the visible operation control is displayed, and the invisible operation control is hidden, so that users with different operation authorities can see different operation controls on the operation page.
Optionally, after the front end hides the operation control whose element visibility indicates invisibility on the operation page, the front end displays a preset substitute icon at a position corresponding to the invisibility operation control, so that when the front end renders the operation page, a unified frame can be adopted, and only the substitute icon needs to be displayed at the position corresponding to the hidden operation control.
The front-end page control method of the service system provided by the embodiment is adopted, the service system comprises a service server, an authentication server, a front end and a database, after the front end receives a login request of a user, the front end firstly obtains an access password from the authentication server, and then accesses a first interface of the service server through the access password to obtain user information; when receiving access, a first interface of the service server verifies an access password to a verification server, the verification server sends user information to the server after passing the verification, the first interface of the server returns the user information to the front end, and the front end accesses a second interface of the server through the user information to obtain element visibility; when a second interface of the business server receives access, acquiring element visibility according to the user information, and returning the element visibility to the front end; the front end displays the operation control with visible element visibility indication on the operation page, hides the operation control with invisible element visibility indication, for a user, the operation controls seen by the user are all the operation controls in the operation authority of the user, the user does not need to pay attention to the operation authority, user experience is improved, meanwhile, when the operation control displayed on the operation page is controlled, an access password needs to be verified through a verification server, user information can be obtained after verification is passed, element visibility can be obtained through the user information in a database, and the safety of the service system for operation authority control is improved.
Example two
The second embodiment of the invention provides a front-end page control method of a preferred service system, which is applied to the service system and can further improve the security of the operation authority control of the service system, wherein the service system comprises a business server, a verification server, a front end and a database. In the front-end page control method of the service system provided in the second embodiment, some technical features and corresponding technical effects are the same as those of the first embodiment, and only a brief description is given in this embodiment. Specifically, fig. 2 is a flowchart of a front-end page control method of a service system according to a second embodiment of the present invention, and as shown in fig. 2, the front-end page control method of the service system according to the second embodiment includes steps S201 to S215 as follows.
Step S201: the front end receives a login request of a user and sends a password acquisition request to the authentication server.
The login request and the password acquisition request both comprise account information.
Step S202: and the authentication server authenticates the account information and returns an access password to the front end after the authentication is passed.
Step S203: the front end receives an access password sent by the authentication server and sends a first access request to the service server.
The first access request comprises an access password, and the first access request accesses a first interface for acquiring user information from the service server.
Step S204: and the service server sends a user information acquisition request to the verification server.
Wherein the user information acquisition request includes an access password.
Step S205: and the authentication server authenticates the access password and returns user information to the service server after the authentication is passed.
Step S206: and the service server receives the user information sent by the verification server.
Step S207: and the front end receives the user information returned by the first interface and sends a second access request to the service server.
And the second access request accesses a second interface of the business server for acquiring element visibility.
Step S208: the service server sends an access password authentication request to the authentication server.
Wherein the access password authentication request includes an access password.
Step S209: the authentication server authenticates the access password and returns the authentication result to the service server.
Step S210: and when the received verification result is that the verification is passed, the service server queries the database according to the user information to acquire the element visibility.
The database comprises authority configuration information, and the authority configuration information comprises a corresponding relation between user information and element visibility.
Step S211: and the front end receives the element visibility returned by the second interface, displays the operation control with visible element visibility indication on the operation page, hides the operation control with invisible element visibility indication, and responds to the operation of the operation control by the user and sends a third access request to the service server.
The visible operation control is an operation control in the user operation authority, the invisible operation control is an operation control outside the user operation authority, the third access request comprises user information and an access password, and the third access request accesses the service server to complete a third interface of a service corresponding to the operated operation control.
Step S212: the service server sends an access password authentication request to the authentication server.
Wherein the access password authentication request includes an access password.
Step S213: the authentication server authenticates the access password and returns the authentication result to the service server.
Step S214: and when the received verification result is that the verification is passed, the service server queries the database according to the user information to judge whether the user has the operation authority corresponding to the operation control.
The authority configuration information also comprises the corresponding relation between the user information and the operation authority.
Step S215: and when the user has the operation right corresponding to the operation control, the business server returns the service data to the front end.
By adopting the front-end page control method of the service system provided by the embodiment, when the front end accesses the interface of the service server, the access request comprises the access password, when the interface of the service server responds to the access request, the access password carried by the access request is firstly verified to the verification server, and after the service server receives the verification result that the verification is passed, the real service of the interface is executed, so that the safety of the service system is further improved. In addition, when the third interface of the service server receives the access request, the service server firstly inquires the operation authority in the database, and returns the service data when the operation authority is met, so that the front end in the non-service system is prevented from requesting the service without the operation authority, and the safety of the service system is further improved.
EXAMPLE III
The third embodiment of the invention provides a front-end page control method of a preferred service system, which is applied to the service system and can further improve the security of the operation authority control of the service system, wherein the service system comprises a business server, a verification server, a front end and a database. In the front-end page control method of the service system provided by the third embodiment, some technical features and corresponding technical effects are the same as those of the first embodiment, and only brief descriptions are provided in this embodiment. It should be noted that the embodiment includes a first front end and a second front end, and the account numbers registered in the two front ends are different. Specifically, fig. 3 is a flowchart of a front-end page control method of a service system according to a third embodiment of the present invention, and as shown in fig. 3, the front-end page control method of the service system according to the third embodiment includes steps S301 to S312 as follows.
Step S301: the first front end receives a login request of a first user, and sends a password acquisition request to the authentication server.
The login request and the password acquisition request both comprise account information.
Step S302: and the authentication server authenticates the account information and returns an access password to the first front end after the account information is authenticated.
Step S303: the first front end receives the access password sent by the authentication server and sends a first access request to the service server.
The first access request comprises an access password, and the first access request accesses a first interface for acquiring user information from the service server.
Step S304: and the service server sends a first user information acquisition request to the verification server.
Wherein the first user information acquisition request comprises an access password.
Step S305: and the authentication server authenticates the access password and returns the first user information to the service server after the authentication is passed.
Step S306: the service server receives first user information sent by the verification server, inquires the first user information in the user list, and writes the first user information into the user list and marks the first user information as user information to be configured when the service server cannot inquire the first user information in the user list.
Step S307: and the second front end sends a second access request to the service server.
And the second access request comprises second user information, and the second access request accesses a second interface for acquiring element visibility of the service server.
Step S308: and the business server queries the database according to the user information to acquire element visibility.
The database comprises authority configuration information, and the authority configuration information comprises a corresponding relation between user information and element visibility.
Step S309: and the second front end receives the element visibility returned by the second interface, displays the operation control with visible element visibility indication on the operation page, and hides the operation control with invisible element visibility indication.
In this embodiment, the operation control displayed on the operation page includes an operation control configured by the authority. The operation authority of the second user information includes authority configuration.
Step S310: and the second front end responds to the operation of the second user on the permission configuration operation control and sends a third access request to the service server.
And the third access request accesses a third interface of the service server to complete the authority configuration service.
Step S311: and the service server inquires the database according to the second user information so as to judge whether the user has the operation authority corresponding to the authority configuration operation control.
The authority configuration information also comprises the corresponding relation between the user information and the operation authority.
Step S312: and when the second user has the operation right corresponding to the right configuration operation control, the service server returns the information of the user to be configured in the user list to the second front end.
By adopting the front-end page control method of the service system provided by the embodiment, the service server acquires the user information from the verification server, then queries the user information in the user list, when the user information cannot be queried, the user information is indicated to be not configured in the database, at this time, the user information is written into the user list and is marked as the user information to be configured, when the user with the authority configuration operation authority configures the space, the service server feeds back the user information to be configured in the user list to the front end, so that the user information which is not configured can be configured at the first time, and the user with the authority configuration operation authority does not need to pay attention to the user information which is not configured, and the convenience of the user is improved.
Example four
Corresponding to the above embodiments, the fourth embodiment of the present invention provides a service system, and the technical features in this embodiment can refer to the above embodiments, which are only briefly described here. Fig. 4 is a block diagram of a service system provided in the fourth embodiment of the present invention, and as shown in fig. 4, the service system includes: a service server 401, a verification server 402, a front end 403 and a database 404, wherein:
the front end 403 is configured to receive a login request of a user, where the login request includes account information;
the front end 403 is further configured to send a password obtaining request to the verification server 402, where the password obtaining request includes account information;
the verification server 402 is configured to verify the account information and return an access password to the front end 403 after the verification is passed;
the front end 403 is further configured to receive an access password sent by the authentication server 402;
the front end 403 is further configured to send a first access request to the service server 401, where the first access request includes an access password, and the first access request accesses a first interface of the service server 401 to obtain user information;
the service server 401 is configured to send a user information obtaining request to the authentication server 402, where the user information obtaining request includes an access password;
the verification server 402 is further configured to verify the access password, and return user information to the service server 401 after the verification is passed;
the service server 401 is further configured to receive user information sent by the authentication server 402;
the front end 403 is further configured to receive user information returned by the first interface;
the front end 403 is further configured to send a second access request to the service server 401, where the second access request includes user information, and the second access request accesses the second interface of the service server 401 to obtain element visibility;
the service server 401 is further configured to query the database 404 according to the user information to obtain element visibility, where the database 404 includes permission configuration information, and the permission configuration information includes a corresponding relationship between the user information and the element visibility;
the front end 403 is further configured to receive element visibility returned by the second interface; and
the front end 403 is further configured to display an operation control with a visible element visibility indication on the operation page, and display an operation control with a hidden element visibility indication that is invisible, where the visible operation control is an operation control within the operation permission of the user, and the invisible operation control is an operation control outside the operation permission of the user.
Optionally, in an embodiment, the second access request further includes an access password, and the service server 401 is further configured to, after the step of sending the second access request to the service server 401 by the front end 403, send an access password authentication request to the authentication server 402 before the service server 401 queries the database 404 according to the user information to obtain element visibility, where the access password authentication request includes the access password; the verification server 402 is further configured to verify the access password and return a verification result to the business server 401, where the business server 401 is further configured to query the database 404 according to the user information to obtain element visibility when the received verification result is verification passed.
Optionally, in an embodiment, the front end 403 is further configured to send, in response to an operation on an operation control by a user, a third access request to the service server 401, where the third access request includes user information, and the third access request accesses the third interface of the service corresponding to the operated operation control, where the third interface is completed by the service server 401; the service server 401 is further configured to query the database 404 according to the user information to determine whether the user has an operation right corresponding to the operation control, and when the user has the operation right corresponding to the operation control, return service data to the front end 403, where the right configuration information further includes a corresponding relationship between the user information and the operation right;
optionally, in an embodiment, the third access request further includes an access password, and after the front end 403 sends the third access request to the service server 401, before the service server 401 queries the database 404 according to the user information to determine whether the user has an operation right corresponding to the operation control, the service server 401 is further configured to send an access password verification request to the verification server 402, where the access password verification request includes the access password; the verification server 402 is further configured to verify the access password and return a verification result to the service server 401, where the service server 401 is further configured to query the database 404 according to the user information when the received verification result is that the verification is passed, so as to determine whether the user has an operation right corresponding to the operation control.
Optionally, in an embodiment, the database 404 further includes a user list, and after receiving the user information sent by the verification server 402, the service server 401 is further configured to query the user information in the user list, where when the user information is not queried in the user list, the user information is written in the user list and marked as user information to be configured; the front end 403 is further configured to display a permission configuration operation control on the operation page; when the user has the operation right corresponding to the right configuration operation control, the service server 401 is further configured to return the user information to be configured in the user list to the front end 403.
Optionally, in an embodiment, the permission configuration information includes a first corresponding relationship, a second corresponding relationship, and a third corresponding relationship, where the first corresponding relationship is a corresponding relationship between identification user information and a role, the second corresponding relationship is a corresponding relationship between identification role and an operation permission, and the third corresponding relationship is a corresponding relationship between identification operation permission and element visibility, and when the service server 401 queries the database 404 according to the user information to obtain the element visibility, the specifically executed steps include: searching a plurality of roles corresponding to the user information in the first corresponding relation; searching operation authority corresponding to each role in the second corresponding relation; searching element visibility corresponding to each operation authority in the third corresponding relation; and summarizing the visibility of elements corresponding to all roles.
Optionally, in an embodiment, the front end 403 is further configured to display a preset alternative icon at a position corresponding to the invisible operation control after hiding the operation control, where the element visibility indicates that the operation control is invisible, on the operation page.
EXAMPLE five
The embodiment also provides a computer device, such as a smart phone, a tablet computer, a notebook computer, a desktop computer, a rack-mounted service server, a blade-type service server, a tower-type service server, or a rack-mounted service server (including an independent service server or a service server cluster composed of a plurality of service servers) that can execute programs. As shown in fig. 5, the computer device 01 of the present embodiment at least includes but is not limited to: a memory 011 and a processor 012, which are communicatively connected to each other via a system bus, as shown in fig. 5. It is noted that fig. 5 only shows the computer device 01 having the component memory 011 and the processor 012, but it is to be understood that not all of the shown components are required to be implemented, and that more or fewer components may be implemented instead.
In this embodiment, the memory 011 (i.e., a readable storage medium) includes a flash memory, a hard disk, a multimedia card, a card-type memory (e.g., SD or DX memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a read-only memory (ROM), an electrically erasable programmable read-only memory (EEPROM), a programmable read-only memory (PROM), a magnetic memory, a magnetic disk, an optical disk, and the like. In some embodiments, the storage 011 can be an internal storage unit of the computer device 01, such as a hard disk or a memory of the computer device 01. In other embodiments, the memory 011 can also be an external storage device of the computer device 01, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), etc. provided on the computer device 01. Of course, the memory 011 can also include both internal and external memory units of the computer device 01. In this embodiment, the memory 011 is generally used to store an operating system installed in the computer device 01 and various application software, such as a program code of the front-end page control method of the service system in the first embodiment. Further, the memory 011 can also be used to temporarily store various kinds of data that have been output or are to be output.
The processor 012 may be a Central Processing Unit (CPU), a controller, a microcontroller, a microprocessor, or other data Processing chip in some embodiments. The processor 012 is generally used to control the overall operation of the computer device 01. In the present embodiment, the processor 012 is configured to run a program code stored in the memory 011 or process data, for example, a front-end page control method of a service system or the like.
EXAMPLE six
The sixth embodiment further provides a computer-readable storage medium, such as a flash memory, a hard disk, a multimedia card, a card-type memory (e.g., SD or DX memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a read-only memory (ROM), an electrically erasable programmable read-only memory (EEPROM), a programmable read-only memory (PROM), a magnetic memory, a magnetic disk, an optical disk, a service server, an App application store, etc., on which a computer program is stored, which when executed by a processor implements corresponding functions. The computer-readable storage medium of this embodiment is used for storing a service system, and when being executed by a processor, the computer-readable storage medium implements the front-end page control method of the service system of the first embodiment.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.

Claims (10)

1. A front-end page control method for a service system, the service system comprising: the front-end page control method comprises the following steps:
the front end receives a login request of a user, wherein the login request comprises account information;
the front end sends a password acquisition request to the verification server, wherein the password acquisition request comprises the account information;
the authentication server authenticates the account information and returns an access password to the front end after the account information is authenticated;
the front end receives an access password sent by the authentication server;
the front end sends a first access request to the service server, wherein the first access request comprises the access password, and the first access request accesses a first interface of the service server for acquiring user information;
the service server sends a user information acquisition request to the verification server, wherein the user information acquisition request comprises the access password;
the authentication server authenticates the access password and returns user information to the service server after the authentication is passed;
the service server receives the user information sent by the verification server;
the front end receives the user information returned by the first interface;
the front end sends a second access request to the service server, wherein the second access request comprises the user information, and the second access request accesses a second interface of the service server for acquiring element visibility;
the business server queries the database according to the user information to acquire element visibility, wherein the database comprises authority configuration information, and the authority configuration information comprises a corresponding relation between the user information and the element visibility;
the front end receives the element visibility returned by the second interface; and
the front end displays an operation control with visible element visibility indication on an operation page and hides the operation control with invisible element visibility indication, wherein the visible operation control is an operation control in the user operation authority, and the invisible operation control is an operation control outside the user operation authority.
2. The front-end page control method of the service system according to claim 1, wherein the second access request further includes the access password, and after the step of the front-end sending the second access request to the business server, before the step of the business server querying the database according to the user information to obtain element visibility, the front-end page control method further includes:
the service server sends an access password verification request to the verification server, wherein the access password verification request comprises the access password;
the authentication server authenticates the access password and returns an authentication result to the service server;
and when the received verification result is that the verification is passed, the service server queries the database according to the user information to acquire element visibility.
3. The front-end page control method of the service system according to claim 1, wherein the front-end page control method further comprises:
the front end responds to the operation of the user on the operation control, and sends a third access request to the service server, wherein the third access request comprises the user information, and the third access request accesses the service server to complete a third interface of the service corresponding to the operated operation control;
the service server inquires the database according to the user information to judge whether the user has the operation authority corresponding to the operation control, wherein the authority configuration information also comprises the corresponding relation between the user information and the operation authority;
and when the user has the operation right corresponding to the operation control, the business server returns the data of the service to the front end.
4. The front-end page control method of the service system according to claim 3, wherein the third access request further includes the access password, and after the step of sending the third access request to the service server by the front end, before the step of querying the database by the service server according to the user information to determine whether the user has the operation right corresponding to the operation control, the front-end page control method further includes:
the service server sends an access password verification request to the verification server, wherein the access password verification request comprises the access password;
the authentication server authenticates the access password and returns an authentication result to the service server;
and when the received verification result is that the verification is passed, the service server inquires the database according to the user information so as to judge whether the user has the operation authority corresponding to the operation control.
5. Front end page control method of a service system according to claim 3,
the database further includes a user list, and after the service server receives the user information sent by the verification server, the front-end page control method further includes: the service server inquires the user information in the user list, wherein when the service server cannot inquire the user information in the user list, the user information is written into the user list and marked as the user information to be configured;
the step of the front end displaying the operation control with the element visibility indication visible on the operation page comprises the following steps: the front end displays a permission configuration operation control on an operation page;
when the user has the operation right corresponding to the operation control, the step of returning the data of the service to the front end by the business server comprises the following steps: and when the user has the operation authority corresponding to the authority configuration operation control, the service server returns the information of the user to be configured in the user list to the front end.
6. The front-end page control method of the service system according to claim 1, wherein the permission configuration information includes a first correspondence, a second correspondence, and a third correspondence, the first correspondence is a correspondence identifying the user information and a role, the second correspondence is a correspondence identifying the role and an operation permission, the third correspondence is a correspondence identifying the operation permission and the element visibility, and the step of querying the database by the service server according to the user information to obtain the element visibility includes:
the business server searches a plurality of roles corresponding to the user information in the first corresponding relation;
the service server searches the operation authority corresponding to each role in the second corresponding relation;
the business server searches element visibility corresponding to each operation authority in the third corresponding relation;
and the business server collects element visibility corresponding to all roles.
7. The front-end page control method of the service system according to claim 1, wherein the front-end page control method further comprises:
and after the element visibility indication invisible operation control is hidden on the operation page by the front end, displaying a preset substitute icon at a position corresponding to the invisible operation control.
8. A service system, comprising: the system comprises a service server, a verification server, a front end and a database, wherein:
the front end is used for receiving a login request of a user, wherein the login request comprises account information;
the front end is further configured to send a password obtaining request to the authentication server, where the password obtaining request includes the account information;
the authentication server is used for authenticating the account information and returning an access password to the front end after the account information is authenticated;
the front end is also used for receiving an access password sent by the authentication server;
the front end is further configured to send a first access request to the service server, where the first access request includes the access password, and the first access request accesses a first interface of the service server to obtain user information;
the service server is used for sending a user information acquisition request to the verification server, wherein the user information acquisition request comprises the access password;
the authentication server is also used for authenticating the access password and returning user information to the service server after the authentication is passed;
the service server is also used for receiving the user information sent by the verification server;
the front end is also used for receiving the user information returned by the first interface;
the front end is further configured to send a second access request to the service server, where the second access request includes the user information, and the second access request accesses a second interface of the service server, where the second interface obtains element visibility;
the business server is further used for querying the database according to the user information to obtain element visibility, wherein the database comprises permission configuration information, and the permission configuration information comprises a corresponding relation between the user information and the element visibility;
the front end is further configured to receive the element visibility returned by the second interface; and
the front end is further configured to display an operation control with a visible element visibility indication on an operation page, and hide the operation control with the invisible element visibility indication, where the visible operation control is an operation control within the user operation permission, and the invisible operation control is an operation control outside the user operation permission.
9. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the steps of the method of any of claims 1 to 7 are implemented by the processor when executing the computer program.
10. A computer-readable storage medium having stored thereon a computer program, characterized in that: the computer program when executed by a processor implements the steps of the method of any one of claims 1 to 7.
CN201910923664.8A 2019-09-27 2019-09-27 Service system, front-end page control method thereof, computer device, and storage medium Active CN110750765B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910923664.8A CN110750765B (en) 2019-09-27 2019-09-27 Service system, front-end page control method thereof, computer device, and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910923664.8A CN110750765B (en) 2019-09-27 2019-09-27 Service system, front-end page control method thereof, computer device, and storage medium

Publications (2)

Publication Number Publication Date
CN110750765A true CN110750765A (en) 2020-02-04
CN110750765B CN110750765B (en) 2022-03-01

Family

ID=69277264

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910923664.8A Active CN110750765B (en) 2019-09-27 2019-09-27 Service system, front-end page control method thereof, computer device, and storage medium

Country Status (1)

Country Link
CN (1) CN110750765B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111343168A (en) * 2020-02-19 2020-06-26 深圳壹账通智能科技有限公司 Identity authentication method and device, computer equipment and readable storage medium
CN112528198A (en) * 2020-11-26 2021-03-19 福州智象信息技术有限公司 Front-end-based detail authority control method, system, equipment and medium
CN113301045A (en) * 2021-05-25 2021-08-24 四川虹魔方网络科技有限公司 Login service access security control method

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050028105A1 (en) * 2003-02-28 2005-02-03 Scott Musson Method for entitling a user interface
CN106201461A (en) * 2016-06-27 2016-12-07 浪潮(北京)电子信息产业有限公司 Generation method, system and the background server at a kind of interface
CN106911687A (en) * 2017-02-20 2017-06-30 深圳国泰安教育技术股份有限公司 A kind of page makeup control method and device
CN109669597A (en) * 2018-10-31 2019-04-23 武汉艺果互动科技股份有限公司 Front end authority control method, equipment and storage equipment when user browses web sites
CN109740379A (en) * 2019-01-03 2019-05-10 山东浪潮通软信息科技有限公司 A kind of front end authority control method
CN109815656A (en) * 2018-12-11 2019-05-28 平安科技(深圳)有限公司 Login authentication method, device, equipment and computer readable storage medium
CN110009314A (en) * 2019-04-18 2019-07-12 武汉鼠标科技有限公司 A kind of educational system and teaching platform of the behavioural analysis based on big data
CN110069730A (en) * 2019-03-15 2019-07-30 平安城市建设科技(深圳)有限公司 Front end page display control method, device, equipment and readable storage medium storing program for executing

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050028105A1 (en) * 2003-02-28 2005-02-03 Scott Musson Method for entitling a user interface
CN106201461A (en) * 2016-06-27 2016-12-07 浪潮(北京)电子信息产业有限公司 Generation method, system and the background server at a kind of interface
CN106911687A (en) * 2017-02-20 2017-06-30 深圳国泰安教育技术股份有限公司 A kind of page makeup control method and device
CN109669597A (en) * 2018-10-31 2019-04-23 武汉艺果互动科技股份有限公司 Front end authority control method, equipment and storage equipment when user browses web sites
CN109815656A (en) * 2018-12-11 2019-05-28 平安科技(深圳)有限公司 Login authentication method, device, equipment and computer readable storage medium
CN109740379A (en) * 2019-01-03 2019-05-10 山东浪潮通软信息科技有限公司 A kind of front end authority control method
CN110069730A (en) * 2019-03-15 2019-07-30 平安城市建设科技(深圳)有限公司 Front end page display control method, device, equipment and readable storage medium storing program for executing
CN110009314A (en) * 2019-04-18 2019-07-12 武汉鼠标科技有限公司 A kind of educational system and teaching platform of the behavioural analysis based on big data

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111343168A (en) * 2020-02-19 2020-06-26 深圳壹账通智能科技有限公司 Identity authentication method and device, computer equipment and readable storage medium
CN112528198A (en) * 2020-11-26 2021-03-19 福州智象信息技术有限公司 Front-end-based detail authority control method, system, equipment and medium
CN112528198B (en) * 2020-11-26 2022-08-16 福州智象信息技术有限公司 Front-end-based detail authority control method, system, equipment and medium
CN113301045A (en) * 2021-05-25 2021-08-24 四川虹魔方网络科技有限公司 Login service access security control method

Also Published As

Publication number Publication date
CN110750765B (en) 2022-03-01

Similar Documents

Publication Publication Date Title
US11799847B2 (en) File format and platform for storage and verification of credentials
CN107395614B (en) Single sign-on method and system
CN110750765B (en) Service system, front-end page control method thereof, computer device, and storage medium
CN105610810B (en) Data processing method, client and server
EP1782155B1 (en) Methods and apparatuses for automatically selecting a profile
EP2992472B1 (en) User authentication
CN111343168B (en) Identity authentication method and device, computer equipment and readable storage medium
WO2020181809A1 (en) Data processing method and system based on interface checking, and computer device
CN110784450A (en) Single sign-on method and device based on browser
CN110334144B (en) Message display method, device, computer equipment and storage medium
CN108256303A (en) Electronic device, auth method and storage medium
CN111159595A (en) Page loading method, system, computer equipment and computer readable storage medium
CN109460653B (en) Rule engine based verification method, verification device, storage medium and apparatus
CN112163199B (en) Login authentication method, device, equipment and storage medium using public account
CN111460496A (en) Permission configuration method based on user role, electronic device and storage medium
CN111651749A (en) Method and device for finding account based on password, computer equipment and storage medium
CN109829321B (en) Method, device, equipment and storage medium for authenticating identity
CN105830079A (en) Authentication information management system, authentication information management device, program, recording medium, and authentication information management method
CN112260983B (en) Identity authentication method, device, equipment and computer readable storage medium
CN113239397A (en) Information access method, device, computer equipment and medium
CN108241732B (en) Electronic device, information processing method, and storage medium
CN105760160B (en) Method, device and system for adding cards from plug-in
CN105490988B (en) Method, device and system for improving data transmission security
CN109241728B (en) Method and device for acquiring password information, computer equipment and storage medium
CN106878296B (en) Data access control method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP01 Change in the name or title of a patent holder

Address after: Room 332, 3 / F, Building 102, 28 xinjiekouwei street, Xicheng District, Beijing 100088

Patentee after: Qianxin Technology Group Co.,Ltd.

Patentee after: Qianxin Wangshen information technology (Beijing) Co., Ltd

Address before: Room 332, 3 / F, Building 102, 28 xinjiekouwei street, Xicheng District, Beijing 100088

Patentee before: Qianxin Technology Group Co.,Ltd.

Patentee before: Wangshen information technology (Beijing) Co., Ltd

CP01 Change in the name or title of a patent holder