CN111800496B - Interface calling method, device, computer equipment and storage medium - Google Patents
Interface calling method, device, computer equipment and storage medium Download PDFInfo
- Publication number
- CN111800496B CN111800496B CN202010620415.4A CN202010620415A CN111800496B CN 111800496 B CN111800496 B CN 111800496B CN 202010620415 A CN202010620415 A CN 202010620415A CN 111800496 B CN111800496 B CN 111800496B
- Authority
- CN
- China
- Prior art keywords
- application program
- long connection
- interface
- call request
- connection server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/60—Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
- H04L67/63—Routing a service request depending on the request content or context
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The embodiment of the invention discloses an interface calling method, an interface calling device, computer equipment and a storage medium. The method relates to the technical field of interface verification. The method comprises the following steps: if an interface call request sent by an application program is received, judging whether the interface call request is an interface call request sent by the application program for the first time in the same day; if yes, judging whether the user logs in the application program; if yes, long connection is established with a preset MQTT long connection server according to the unique identification information application of the user; if a first handshake authentication identification code returned by the MQTT long connection server is received, the first handshake authentication identification code is sent to the application program; receiving a second handshake authentication identification code sent by the application program, and sending the second handshake authentication identification code to the MQTT long connection server; if a verification passing message returned by the MQTT long connection server is received, an interface calling request sent by an application program is responded, so that the waste of interface resources is avoided, and the safety of user data is ensured.
Description
Technical Field
The present invention relates to the field of interface verification technologies, and in particular, to an interface calling method, an interface calling device, a computer device, and a storage medium.
Background
The API (Application Programming Interface, application program interface) is a call interface that the operating system leaves to the application program, and the application program makes the operating system execute the commands of the application program by calling the API of the operating system.
At present, an API data interface of an application program is exposed in a public network environment, so that anybody can simulate calling of the API data interface of the application program in a simulator or Root script mode as long as he/she grasps the data mode of calling the API interface, and the application program is not required to be logged in by a person for operation, thereby causing a great deal of resource waste of the application program, and the data security of a user cannot be ensured.
Disclosure of Invention
The embodiment of the invention provides an interface calling method, an interface calling device, computer equipment and a storage medium, which aim to solve the problems of resource waste and poor safety of the existing interface calling mode.
In a first aspect, an embodiment of the present invention provides an interface calling method, including:
if an interface call request sent by an application program is received, judging whether the interface call request is an interface call request sent by the application program for the first time in the same day;
if the interface call request is the interface call request which is sent by the application program for the first time in the same day, judging whether the user logs in the application program or not;
if the user logs in the application program, a long connection is established with a preset MQTT long connection server according to the unique identification information application of the user;
if a first handshake authentication identification code returned by the MQTT long connection server is received, the first handshake authentication identification code is sent to the application program;
receiving a second handshake verification identification code sent by an application program, and sending the second handshake verification identification code to the MQTT long connection server so that the MQTT long connection server can verify the second handshake verification identification code;
and if the verification passing message returned by the MQTT long connection server is received, responding to an interface calling request sent by the application program, and marking the state of the application program in the current day as a normal state.
In a second aspect, an embodiment of the present invention further provides an interface calling device, including:
the first judging unit is used for judging whether the interface call request is the interface call request which is sent by the application program for the first time in the day or not if the interface call request is received by the application program;
the second judging unit is used for judging whether the user logs in the application program or not if the interface calling request is the interface calling request which is sent by the application program for the first time in the same day;
the application unit is used for applying to establish long connection with a preset MQTT long connection server according to the unique identification information of the user if the user logs in the application program;
the first sending unit is used for sending the first handshake authentication identification code to the application program if the first handshake authentication identification code returned by the MQTT long connection server is received;
the second sending unit is used for receiving a second handshake verification identification code sent by the application program and sending the second handshake verification identification code to the MQTT long connection server so that the MQTT long connection server can verify the second handshake verification identification code;
and the first response unit is used for responding to the interface calling request sent by the application program if receiving the verification passing message returned by the MQTT long connection server and marking the state of the application program in the current day as a normal state.
In a third aspect, an embodiment of the present invention further provides a computer device, which includes a memory and a processor, where the memory stores a computer program, and the processor implements the method when executing the computer program.
In a fourth aspect, embodiments of the present invention also provide a computer readable storage medium storing a computer program which, when executed by a processor, implements the above method.
The embodiment of the invention provides an interface calling method, an interface calling device, computer equipment and a storage medium. Wherein the method comprises the following steps: if an interface call request sent by an application program is received, judging whether the interface call request is an interface call request sent by the application program for the first time in the same day; if the interface call request is the interface call request which is sent by the application program for the first time in the same day, judging whether the user logs in the application program or not; if the user logs in the application program, a long connection is established with a preset MQTT long connection server according to the unique identification information application of the user; if a first handshake authentication identification code returned by the MQTT long connection server is received, the first handshake authentication identification code is sent to the application program; receiving a second handshake verification identification code sent by an application program, and sending the second handshake verification identification code to the MQTT long connection server so that the MQTT long connection server can verify the second handshake verification identification code; and if the verification passing message returned by the MQTT long connection server is received, responding to an interface calling request sent by the application program, and marking the state of the application program in the current day as a normal state. By applying the technical scheme of the embodiment of the invention, when the interface call request of the application program is received for the first time in the same day, whether the user logs in the application program is judged, if the user logs in the application program, the long connection is established with a preset MQTT long connection server according to the unique identification information application of the user; and judging whether long connection can be established with a preset MQTT long connection server according to the unique identification information of the user, and if not, rejecting the interface call request of the application program. In general, only normally accessed users can establish long connection with the preset MQTT long connection server according to the unique identification information of the users. By the method, the interface call request of the normal user which can establish long connection with the preset MQTT long connection server is responded, so that the waste of interface resources is avoided, and the safety of user data is ensured.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required for the description of the embodiments will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic diagram of an application scenario of an interface calling method according to an embodiment of the present invention;
FIG. 2 is a schematic flow chart of an interface calling method according to an embodiment of the present invention;
FIG. 3 is a schematic sub-flowchart of an interface calling method according to an embodiment of the present invention;
FIG. 4 is a flowchart of an interface calling method according to another embodiment of the present invention;
FIG. 5 is a schematic block diagram of an interface calling device according to an embodiment of the present invention;
FIG. 6 is a schematic block diagram of a second judging unit of the interface calling device according to an embodiment of the present invention;
FIG. 7 is a schematic block diagram of an interface calling device according to another embodiment of the present invention;
fig. 8 is a schematic block diagram of a computer device according to an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are some, but not all embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
It should be understood that the terms "comprises" and "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It is also to be understood that the terminology used in the description of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in this specification and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should be further understood that the term "and/or" as used in the present specification and the appended claims refers to any and all possible combinations of one or more of the associated listed items, and includes such combinations.
As used in this specification and the appended claims, the term "if" may be interpreted as "when..once" or "in response to a determination" or "in response to detection" depending on the context. Similarly, the phrase "if a determination" or "if a [ described condition or event ] is detected" may be interpreted in the context of meaning "upon determination" or "in response to determination" or "upon detection of a [ described condition or event ]" or "in response to detection of a [ described condition or event ]".
Referring to fig. 1 and fig. 2, fig. 1 is a schematic application scenario diagram of an interface calling method according to an embodiment of the present invention. Fig. 2 is a schematic flowchart of an interface calling method provided by an embodiment of the present invention. The interface calling method is applied to the terminal 1. If an interface call request sent by an application program is received, the terminal 1 judges whether the interface call request is an interface call request sent by the application program for the first time in the same day; if the interface call request is the interface call request sent by the application program for the first time in the same day, the terminal 1 judges whether the user logs in the application program or not; if the user logs in the application program, the terminal 1 applies to establish long connection with a preset MQTT long connection server 2 according to the unique identification information of the user; if a first handshake authentication identifier returned by the MQTT long connection server 2 is received, the terminal 1 sends the first handshake authentication identifier to the application program; the terminal 1 receives a second handshake verification identification code sent by an application program, and sends the second handshake verification identification code to the MQTT long connection server 2 so that the MQTT long connection server 2 verifies the second handshake verification identification code; if receiving the verification passing message returned by the MQTT long connection server 2, the terminal 1 responds to the interface calling request sent by the application program and marks the state of the application program in the current day as a normal state.
Fig. 2 is a flow chart of an interface calling method according to an embodiment of the present invention. As shown, the method includes the following steps S1-S6.
S1, if an interface call request sent by an application program is received, judging whether the interface call request is an interface call request sent by the application program for the first time in the same day.
In specific implementation, if an interface call request sent by an application program is received, whether the interface call request is an interface call request sent by the application program for the first time in the same day is judged.
Specifically, by looking up the log file, it is determined whether the interface call request is an interface call request that is first sent by the application program in the same day.
And S2, if the interface call request is the interface call request which is sent by the application program for the first time in the same day, judging whether the user logs in the application program.
In a specific implementation, if the interface call request is an interface call request sent by the application program for the first time in the same day, whether the user logs in the application program is judged. I.e. to check if the user is logged into the application.
In one embodiment, as shown in FIG. 3, the above step S2 specifically includes the following steps S21-S22.
S21, sending a login check request to a login server of the application program.
Specifically, a login check request may be sent to a login server of the application, where the login check request includes the ID of the user.
S22, receiving the check response message returned by the login server, and judging whether the user logs in the application program according to the check response message.
And the login server of the application program inquires the current login state of the user according to the ID contained in the login check request after receiving the login check request, and returns a check response message to the terminal so as to return the inquired login state of the user to the terminal.
And the terminal determines the login state of the user according to the verification response message returned by the login server.
And S3, if the user logs in the application program, applying for establishing long connection with a preset MQTT long connection server according to the unique identification information of the user.
In the implementation, if the user logs in the application program, long connection is established with a preset MQTT long connection server according to the unique identification information application of the user.
It should be noted that, the precondition of the long connection establishment is that the long connection client SDK component needs to be built in the APP environment, and needs to establish a connection with the server through the client, if there is no client environment, the long connection establishment fails.
In specific implementation, a long connection establishment request is sent to an MQTT long connection server, wherein the long connection establishment request contains unique identification information of a user. And the MQTT long connection server checks whether the user is a legal user according to the unique identification information of the user contained in the long connection establishment request, if the user is the legal user, the long connection establishment request is agreed, otherwise, the long connection establishment request is refused.
And S4, if the long connection can be established with the MQTT long connection server according to the unique identification information of the user, receiving a first handshake verification identification code returned by the MQTT long connection server, and sending the first handshake verification identification code to the application program.
In specific implementation, if the long connection can be established with the MQTT long connection server according to the unique identification information of the user, a first handshake verification identification code returned by the MQTT long connection server is received, and the first handshake verification identification code is sent to the application program.
S5, receiving a second handshake verification identification code sent by the application program, and sending the second handshake verification identification code to the MQTT long connection server so that the MQTT long connection server can verify the second handshake verification identification code.
In specific implementation, a second handshake authentication identification code sent by an application program is received, and the second handshake authentication identification code is sent to the MQTT long connection server, so that the MQTT long connection server can check the second handshake authentication identification code.
It should be noted that, after the MQTT long connection is established successfully, the MQTT server issues a 1-byte first handshake authentication identifier code through the long connection, and after receiving the first handshake authentication identifier code, the application client needs to respond to a 2-byte second handshake authentication code in time and sends the second handshake authentication code to the MQTT server.
It should be noted that the second handshake authentication code is composed of the first handshake authentication code issued by the MQTT long-connection server and the handshake code newly generated by the client. And the application program verifies the MQTT long connection server through the first handshake verification code. Correspondingly, the MQTT long connection server verifies the client through a second handshake verification code sent by the application program.
And S6, if the verification passing message returned by the MQTT long connection server is received, responding to an interface calling request sent by the application program, and marking the state of the application program in the current day as a normal state.
In the implementation, if the verification passing message returned by the MQTT long connection server is received, an interface calling request sent by the application program is responded, and the state of the application program in the current day is marked as a normal state.
By applying the technical scheme of the embodiment of the invention, when the interface call request of the application program is received for the first time in the same day, whether the user logs in the application program is judged, if the user logs in the application program, the long connection is established with a preset MQTT long connection server according to the unique identification information application of the user; and judging whether long connection can be established with a preset MQTT long connection server according to the unique identification information of the user, and if not, rejecting the interface call request of the application program. In general, only normally accessed users can establish long connection with the preset MQTT long connection server according to the unique identification information of the users. By the method, the interface call request of the normal user which can establish long connection with the preset MQTT long connection server is responded, so that the waste of interface resources is avoided, and the safety of user data is ensured.
Fig. 4 is a flowchart of an interface calling method according to another embodiment of the present invention. As shown in fig. 4, the interface calling method of the present embodiment includes steps S41 to S4. Steps S41 to S46 are similar to steps S1 to S6 in the above embodiment, and will not be described here again. Steps S47 to S413 added in the present embodiment are described in detail below.
S47, if the verification failure message returned by the MQTT long connection server is received, rejecting an interface calling request sent by the application program, and marking the state of the application program in the current day as an abnormal state.
In the implementation, if the verification failure message returned by the MQTT long connection server is received, the user is an illegal user, so that the interface calling request sent by the application program is refused, and the state of the application program in the current day is marked as an abnormal state.
And S49, if the connection rejection response information returned by the MQTT long connection server is received, rejecting the interface call request sent by the application program, and marking the state of the application program in the current day as an abnormal state.
In the implementation, if the connection rejection response information returned by the MQTT long connection server is received, the user is an illegal user, so that the interface calling request sent by the application program is rejected, and the state of the application program in the current day is marked as an abnormal state.
And S410, if the user does not log in the application program, rejecting an interface call request sent by the application program, and marking the state of the application program in the current day as an abnormal state.
In a specific implementation, if the user does not log in the application program, the user is an illegal user, so that the interface call request sent by the application program is refused, and the state of the application program in the current day is marked as an abnormal state.
And S410, if the interface call request is not the interface call request which is sent by the application program for the first time in the same day, judging whether the state of the application program in the same day is marked as a normal state or not.
In a specific implementation, if the interface call request is not the interface call request sent by the application program for the first time in the same day, it is determined whether the state of the application program in the same day is a normal state.
Specifically, it is determined whether the state of the application on the current day is a normal state according to the labeling results of steps S46, S47, S48, and S49.
S411, if the state of the application program on the current day is marked as a normal state, responding to the interface call request.
In the implementation, if the state of the application program in the current day is a normal state, the interface call request is responded, so that repeated verification is avoided, and the efficiency is improved.
And S412, rejecting the interface call request if the state of the application program on the current day is marked as an abnormal state.
In specific implementation, if the state of the application program on the current day is an abnormal state, the interface call request is refused.
S413, marking the user as an abnormal user, and recording unique identification information of the user.
In the implementation, the user is marked as an abnormal user, the unique identification information of the user is recorded, and relevant data are all stored in a large data platform for identifying and judging the user portrait.
Fig. 5 is a schematic block diagram of an interface calling device 60 according to an embodiment of the present invention. As shown in fig. 5, the present invention also provides an interface calling device 60 corresponding to the above interface calling method. The interface call device 60 includes a unit for executing the above-described interface call method, and the interface call device 60 may be configured in a desktop computer, a tablet computer, a portable computer, or the like. Specifically, referring to fig. 5, the interface calling device 60 includes a first determining unit 61, a second determining unit 62, an applying unit 63, a first transmitting unit 64, a second transmitting unit 65, and a first responding unit 66.
A first judging unit 61, configured to, if an interface call request sent by an application program is received, judge whether the interface call request is an interface call request sent by the application program for the first time in the day;
a second judging unit 62, configured to judge whether the user logs in the application program if the interface call request is an interface call request that is sent by the application program for the first time in the day;
an application unit 63, configured to apply for establishing long connection with a preset MQTT long connection server according to unique identification information of a user if the user logs in the application program;
a first sending unit 64, configured to send a first handshake authentication identifier code to the application if the first handshake authentication identifier code returned by the MQTT long-connection server is received;
a second sending unit 65, configured to receive a second handshake authentication identifier sent by an application, and send the second handshake authentication identifier to the MQTT long-connection server, so that the MQTT long-connection server checks the second handshake authentication identifier;
and the first response unit 66 is configured to respond to an interface call request sent by the application program if a verification passing message returned by the MQTT long-connection server is received, and mark the state of the application program in the current day as a normal state.
In one embodiment, as shown in fig. 6, the second determining unit 62 includes a third transmitting unit 621 and a receiving unit 622.
A third sending unit 621 configured to send a login check request to a login server of the application program;
and a receiving unit 622, configured to receive a verification response message returned by the login server, and determine whether the user logs in the application program according to the verification response message.
Fig. 7 is a schematic block diagram of an interface calling device 60 according to another embodiment of the present invention. As shown in fig. 7, the interface calling device 60 of the present embodiment is formed by adding the first rejecting unit 67, the second rejecting unit 68, the third rejecting unit 69, the third judging unit 610, the second responding unit 611, the third rejecting unit 612, and the marking unit 613 to the above embodiments.
And the first rejecting unit 67 is configured to reject the interface call request sent by the application program and mark the state of the application program on the current day as an abnormal state if the verification failure message returned by the MQTT long-connection server is received.
And the second rejecting unit 68 is configured to reject the interface call request sent by the application program and mark the state of the application program on the current day as an abnormal state if the connection rejection response information returned by the MQTT long-connection server is received.
And the third rejecting unit 69 is configured to reject the interface call request sent by the application program and mark the state of the application program on the current day as an abnormal state if the user does not log in the application program.
A third judging unit 610, configured to judge whether the state of the application program in the current day is marked as a normal state if the interface call request is not the interface call request sent by the application program in the current day for the first time;
the second response unit 611 is configured to respond to the interface call request if the state of the application program on the current day is marked as a normal state.
A third rejecting unit 612, configured to reject the interface call request if the state of the application program on the current day is marked as an abnormal state.
A marking unit 613, configured to mark the user as an abnormal user, and record unique identification information of the user.
It should be noted that, as will be clearly understood by those skilled in the art, the specific implementation process of the interface calling device 60 and each unit may refer to the corresponding description in the foregoing method embodiment, and for convenience and brevity of description, the description is omitted here.
The interface invoking means 60 described above may be implemented in the form of a computer program that may be run on a computer device as shown in fig. 8.
Referring to fig. 8, fig. 8 is a schematic block diagram of a computer device according to an embodiment of the present application. The computer device 500 may be a terminal, where the terminal may be an electronic device having a communication function, such as a smart phone, a tablet computer, a notebook computer, a desktop computer, a personal digital assistant, and a wearable device. With reference to FIG. 8, the computer device 500 includes a processor 502, memory, and a network interface 505 connected by a system bus 501, where the memory may include a non-volatile storage medium 503 and an internal memory 504.
The non-volatile storage medium 503 may store an operating system 5031 and a computer program 5032. The computer program 5032, when executed, causes the processor 502 to perform an interface call method.
The processor 502 is used to provide computing and control capabilities to support the operation of the overall computer device 500.
The internal memory 504 provides an environment for the execution of a computer program 5032 in the non-volatile storage medium 503, which computer program 5032, when executed by the processor 502, causes the processor 502 to perform an interface call method.
The network interface 505 is used for network communication with other devices. Those skilled in the art will appreciate that the architecture shown in fig. 8 is merely a block diagram of a portion of the architecture in connection with the present application and is not intended to limit the computer device 500 to which the present application is applied, and that a particular computer device 500 may include more or fewer components than shown, or may combine certain components, or have a different arrangement of components.
Wherein the processor 502 is configured to execute a computer program 5032 stored in a memory to implement the steps of:
if an interface call request sent by an application program is received, judging whether the interface call request is an interface call request sent by the application program for the first time in the same day;
if the interface call request is the interface call request which is sent by the application program for the first time in the same day, judging whether the user logs in the application program or not;
if the user logs in the application program, a long connection is established with a preset MQTT long connection server according to the unique identification information application of the user;
if a first handshake authentication identification code returned by the MQTT long connection server is received, the first handshake authentication identification code is sent to the application program;
receiving a second handshake verification identification code sent by an application program, and sending the second handshake verification identification code to the MQTT long connection server so that the MQTT long connection server can verify the second handshake verification identification code;
and if the verification passing message returned by the MQTT long connection server is received, responding to an interface calling request sent by the application program, and marking the state of the application program in the current day as a normal state.
In one embodiment, when implementing the step of determining whether the user logs in to the application, the processor 502 specifically implements the following steps:
sending a login check request to a login server of the application program;
and receiving a verification response message returned by the login server, and judging whether the user logs in the application program according to the verification response message.
In one embodiment, the processor 502 further implements the steps of:
and if the user does not log in the application program, rejecting an interface calling request sent by the application program, and marking the state of the application program in the current day as an abnormal state.
And if the verification failure message returned by the MQTT long connection server is received, rejecting an interface calling request sent by the application program, and marking the state of the application program in the current day as an abnormal state.
And if the connection rejection response information returned by the MQTT long connection server is received, rejecting the interface call request sent by the application program, and marking the state of the application program in the current day as an abnormal state.
If the interface call request is not the interface call request which is sent by the application program for the first time in the same day, judging whether the state of the application program in the same day is marked as a normal state or not;
and if the state of the application program in the current day is marked as a normal state, responding to the interface calling request.
And if the state of the application program in the current day is marked as an abnormal state, rejecting the interface call request.
Marking the user as an abnormal user, and recording unique identification information of the user.
It should be appreciated that in embodiments of the present application, the processor 502 may be a central processing unit (Central Processing Unit, CPU), the processor 502 may also be other general purpose processors, digital signal processors (Digital Signal Processor, DSPs), application specific integrated circuits (Application Specific Integrated Circuit, ASICs), off-the-shelf programmable gate arrays (Field-Programmable Gate Array, FPGAs) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, or the like. Wherein the general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
Those skilled in the art will appreciate that all or part of the flow in a method embodying the above described embodiments may be accomplished by computer programs instructing the relevant hardware. The computer program may be stored in a storage medium that is a computer readable storage medium. The computer program is executed by at least one processor in the computer system to implement the flow steps of the embodiments of the method described above.
Accordingly, the present invention also provides a storage medium. The storage medium may be a computer readable storage medium. The storage medium stores a computer program. The computer program, when executed by a processor, causes the processor to perform the steps of:
if an interface call request sent by an application program is received, judging whether the interface call request is an interface call request sent by the application program for the first time in the same day;
if the interface call request is the interface call request which is sent by the application program for the first time in the same day, judging whether the user logs in the application program or not;
if the user logs in the application program, a long connection is established with a preset MQTT long connection server according to the unique identification information application of the user;
if a first handshake authentication identification code returned by the MQTT long connection server is received, the first handshake authentication identification code is sent to the application program;
receiving a second handshake verification identification code sent by an application program, and sending the second handshake verification identification code to the MQTT long connection server so that the MQTT long connection server can verify the second handshake verification identification code;
and if the verification passing message returned by the MQTT long connection server is received, responding to an interface calling request sent by the application program, and marking the state of the application program in the current day as a normal state.
In one embodiment, when the processor executes the computer program to implement the step of determining whether the user logs in the application program, the steps are specifically implemented as follows:
sending a login check request to a login server of the application program;
and receiving a verification response message returned by the login server, and judging whether the user logs in the application program according to the verification response message.
In an embodiment, the processor, when executing the computer program, further performs the steps of:
and if the user does not log in the application program, rejecting an interface calling request sent by the application program, and marking the state of the application program in the current day as an abnormal state.
And if the verification failure message returned by the MQTT long connection server is received, rejecting an interface calling request sent by the application program, and marking the state of the application program in the current day as an abnormal state.
And if the connection rejection response information returned by the MQTT long connection server is received, rejecting the interface call request sent by the application program, and marking the state of the application program in the current day as an abnormal state.
If the interface call request is not the interface call request which is sent by the application program for the first time in the same day, judging whether the state of the application program in the same day is marked as a normal state or not;
and if the state of the application program in the current day is marked as a normal state, responding to the interface calling request.
And if the state of the application program in the current day is marked as an abnormal state, rejecting the interface call request.
Marking the user as an abnormal user, and recording unique identification information of the user.
The storage medium is a physical, non-transitory storage medium, and may be, for example, a U-disk, a removable hard disk, a Read-Only Memory (ROM), a magnetic disk, or an optical disk.
Those of ordinary skill in the art will appreciate that the elements and algorithm steps described in connection with the embodiments disclosed herein may be embodied in electronic hardware, in computer software, or in a combination of the two, and that the elements and steps of the examples have been generally described in terms of function in the foregoing description to clearly illustrate the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
In the several embodiments provided by the present invention, it should be understood that the disclosed apparatus and method may be implemented in other manners. For example, the device embodiments described above are merely illustrative. For example, the division of each unit is only one logic function division, and there may be another division manner in actual implementation. For example, multiple units or components may be combined or may be integrated into another system, or some features may be omitted, or not performed.
The steps in the method of the embodiment of the invention can be sequentially adjusted, combined and deleted according to actual needs. The units in the device of the embodiment of the invention can be combined, divided and deleted according to actual needs. In addition, each functional unit in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
The integrated unit may be stored in a storage medium if implemented in the form of a software functional unit and sold or used as a stand-alone product. Based on such understanding, the technical solution of the present invention is essentially or a part contributing to the prior art, or all or part of the technical solution may be embodied in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a terminal, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present invention.
In the foregoing embodiments, the descriptions of the embodiments are focused on, and for those portions of one embodiment that are not described in detail, reference may be made to the related descriptions of other embodiments.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.
While the invention has been described with reference to certain preferred embodiments, it will be understood by those skilled in the art that various changes and substitutions of equivalents may be made and equivalents will be apparent to those skilled in the art without departing from the scope of the invention. Therefore, the protection scope of the invention is subject to the protection scope of the claims.
Claims (10)
1. An interface calling method, comprising:
if an interface call request sent by an application program is received, judging whether the interface call request is an interface call request sent by the application program for the first time in the same day;
if the interface call request is the interface call request which is sent by the application program for the first time in the same day, judging whether the user logs in the application program or not;
if the user logs in the application program, a long connection is established with a preset MQTT long connection server according to the unique identification information application of the user;
if a first handshake authentication identification code returned by the MQTT long connection server is received, the first handshake authentication identification code is sent to the application program;
receiving a second handshake verification identification code sent by an application program, and sending the second handshake verification identification code to the MQTT long connection server so that the MQTT long connection server can verify the second handshake verification identification code;
and if the verification passing message returned by the MQTT long connection server is received, responding to an interface calling request sent by the application program, and marking the state of the application program in the current day as a normal state.
2. The interface calling method according to claim 1, wherein the determining whether the user logs in the application program includes:
sending a login check request to a login server of the application program;
and receiving a verification response message returned by the login server, and judging whether the user logs in the application program according to the verification response message.
3. The interface calling method of claim 1, wherein the method further comprises:
and if the user does not log in the application program, rejecting an interface calling request sent by the application program, and marking the state of the application program in the current day as an abnormal state.
4. The interface calling method of claim 1, wherein the method further comprises:
and if the verification failure message returned by the MQTT long connection server is received, rejecting an interface calling request sent by the application program, and marking the state of the application program in the current day as an abnormal state.
5. The interface calling method according to claim 1, wherein after the long connection is established with the preset MQTT long connection server according to the unique identification information application of the user, the method further comprises:
and if the connection rejection response information returned by the MQTT long connection server is received, rejecting the interface call request sent by the application program, and marking the state of the application program in the current day as an abnormal state.
6. The interface invocation method of any of claims 3-5, wherein the method further comprises:
if the interface call request is not the interface call request which is sent by the application program for the first time in the same day, judging whether the state of the application program in the same day is marked as a normal state or not;
if the state of the application program in the current day is marked as a normal state, responding to the interface calling request;
and if the state of the application program in the current day is marked as an abnormal state, rejecting the interface call request.
7. The interface invocation method of any of claims 3-5, wherein the method further comprises:
marking the user as an abnormal user, and recording unique identification information of the user.
8. An interface calling device, comprising:
the first judging unit is used for judging whether the interface call request is the interface call request which is sent by the application program for the first time in the day or not if the interface call request is received by the application program;
the second judging unit is used for judging whether the user logs in the application program or not if the interface calling request is the interface calling request which is sent by the application program for the first time in the same day;
the application unit is used for applying to establish long connection with a preset MQTT long connection server according to the unique identification information of the user if the user logs in the application program;
the first sending unit is used for sending the first handshake authentication identification code to the application program if the first handshake authentication identification code returned by the MQTT long connection server is received;
the second sending unit is used for receiving a second handshake verification identification code sent by the application program and sending the second handshake verification identification code to the MQTT long connection server so that the MQTT long connection server can verify the second handshake verification identification code;
and the first response unit is used for responding to the interface calling request sent by the application program if receiving the verification passing message returned by the MQTT long connection server and marking the state of the application program in the current day as a normal state.
9. A computer device, characterized in that it comprises a memory on which a computer program is stored and a processor which, when executing the computer program, implements the method according to any of claims 1-7.
10. A computer readable storage medium, characterized in that the storage medium stores a computer program which, when executed by a processor, implements the method according to any of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010620415.4A CN111800496B (en) | 2020-06-30 | 2020-06-30 | Interface calling method, device, computer equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010620415.4A CN111800496B (en) | 2020-06-30 | 2020-06-30 | Interface calling method, device, computer equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111800496A CN111800496A (en) | 2020-10-20 |
| CN111800496B true CN111800496B (en) | 2023-05-02 |
Family
ID=72810779
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010620415.4A Active CN111800496B (en) | 2020-06-30 | 2020-06-30 | Interface calling method, device, computer equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111800496B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112257055A (en) * | 2020-10-28 | 2021-01-22 | 深圳市启望科文技术有限公司 | Method and device for protecting sound recording file, computer equipment and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9692757B1 (en) * | 2015-05-20 | 2017-06-27 | Amazon Technologies, Inc. | Enhanced authentication for secure communications |
| CN107743616A (en) * | 2015-04-08 | 2018-02-27 | 亚马逊技术有限公司 | The end points management system of API agency service is provided |
| CN108965335A (en) * | 2018-09-07 | 2018-12-07 | 平安科技(深圳)有限公司 | Prevent method, electronic equipment and the computer media of malicious access login interface |
| CN110099078A (en) * | 2018-01-29 | 2019-08-06 | 阿里巴巴集团控股有限公司 | Communication between devices, message synchronization method, apparatus, equipment and storage medium |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110447247A (en) * | 2017-03-20 | 2019-11-12 | 康维达无线有限责任公司 | Service ability at user equipment is open |
| US11212310B2 (en) * | 2018-04-30 | 2021-12-28 | Aapi | System for reducing application programming interface (API) risk and latency |
-
2020
- 2020-06-30 CN CN202010620415.4A patent/CN111800496B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107743616A (en) * | 2015-04-08 | 2018-02-27 | 亚马逊技术有限公司 | The end points management system of API agency service is provided |
| US9692757B1 (en) * | 2015-05-20 | 2017-06-27 | Amazon Technologies, Inc. | Enhanced authentication for secure communications |
| CN110099078A (en) * | 2018-01-29 | 2019-08-06 | 阿里巴巴集团控股有限公司 | Communication between devices, message synchronization method, apparatus, equipment and storage medium |
| CN108965335A (en) * | 2018-09-07 | 2018-12-07 | 平安科技(深圳)有限公司 | Prevent method, electronic equipment and the computer media of malicious access login interface |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111800496A (en) | 2020-10-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109492378B (en) | Identity verification method based on equipment identification code, server and medium | |
| CN103744686B (en) | Control method and the system of installation is applied in intelligent terminal | |
| KR101832533B1 (en) | Reputation checking obtained files | |
| WO2015180690A1 (en) | Method and device for reading verification information | |
| CN104468592B (en) | Login method and login system | |
| WO2016193227A1 (en) | Nfc-enabled devices for performing secure contactless transactions and using hce | |
| CN111490981B (en) | Access management method and device, bastion machine and readable storage medium | |
| CN110113366B (en) | CSRF vulnerability detection method and device, computing device and storage medium | |
| CN110278192B (en) | Method and device for accessing intranet by extranet, computer equipment and readable storage medium | |
| WO2016118621A1 (en) | Methods, apparatus, and systems for resource access permission management | |
| CN104767713A (en) | Account binding method, server and account binding system | |
| US20240179156A1 (en) | Techniques for incentivized intrusion detection system | |
| Marforio et al. | Hardened setup of personalized security indicators to counter phishing attacks in mobile banking | |
| CN113225324A (en) | Block chain anonymous account creation method, system, device and storage medium | |
| CN105553942B (en) | Using the method and system jumped | |
| CN111817999A (en) | User login method and device | |
| CN113179282A (en) | Method and device for merging account numbers and server | |
| CN113190322A (en) | Page acquisition method, related equipment and medium | |
| CN111800496B (en) | Interface calling method, device, computer equipment and storage medium | |
| CN109063461B (en) | Third-party password-free login method and system | |
| CN106506163A (en) | ROM packet processing methods and device | |
| US20080022004A1 (en) | Method And System For Providing Resources By Using Virtual Path | |
| US20240031166A1 (en) | Web-side data signature method and apparatus and computer device | |
| CN114172714A (en) | Account access authority control method and device and electronic equipment | |
| CN106330882B (en) | Security verification method and security verification device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |