CN113221156A - Front-end authority control method and device, electronic equipment and storage medium - Google Patents
Front-end authority control method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN113221156A CN113221156A CN202110643743.0A CN202110643743A CN113221156A CN 113221156 A CN113221156 A CN 113221156A CN 202110643743 A CN202110643743 A CN 202110643743A CN 113221156 A CN113221156 A CN 113221156A
- Authority
- CN
- China
- Prior art keywords
- access
- authority
- menu
- target object
- page
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 50
- 238000012795 verification Methods 0.000 claims description 13
- 230000008569 process Effects 0.000 description 8
- 230000009471 action Effects 0.000 description 3
- 238000012423 maintenance Methods 0.000 description 3
- 238000011217 control strategy Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 206010033799 Paralysis Diseases 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 239000000126 substance Substances 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/955—Retrieval from the web using information identifiers, e.g. uniform resource locators [URL]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/01—Input arrangements or combined input and output arrangements for interaction between user and computer
- G06F3/048—Interaction techniques based on graphical user interfaces [GUI]
- G06F3/0481—Interaction techniques based on graphical user interfaces [GUI] based on specific properties of the displayed interaction object or a metaphor-based environment, e.g. interaction with desktop elements like windows or icons, or assisted by a cursor's changing behaviour or appearance
- G06F3/0482—Interaction with lists of selectable items, e.g. menus
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/01—Input arrangements or combined input and output arrangements for interaction between user and computer
- G06F3/048—Interaction techniques based on graphical user interfaces [GUI]
- G06F3/0487—Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser
- G06F3/0488—Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser using a touch-screen or digitiser, e.g. input of commands through traced gestures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Human Computer Interaction (AREA)
- Databases & Information Systems (AREA)
- Automation & Control Theory (AREA)
- Data Mining & Analysis (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a front-end authority control method, a device, electronic equipment and a storage medium. Based on the invention, the problem of front-end authority control can be solved, and after the user logs in, the front end can identify the legality of the access operation under the condition of not accessing the back-end service, thereby reducing the access pressure of the back end.
Description
Technical Field
The present invention relates to the field of software technologies, and in particular, to a front-end permission control method and apparatus, an electronic device, and a storage medium.
Background
How to safely and effectively control the authority of a system with separated front and rear ends is a problem which cannot be avoided in the project process.
In general, rights management can be divided into two cases: the first is the page access authority, which is very common, that is, different pages are displayed according to users with different roles; the second is the operation authority of the database, namely, the operation of increasing, deleting, modifying and checking the database is opened according to the user authority. The actual behavior of the two cases is identical at the front end, but for the first case there is only visual isolation, while the true control is placed at the back end, i.e. the second case.
Therefore, how to reduce the access pressure of the backend service is an urgent problem to be solved.
Disclosure of Invention
In view of the above, to solve the above problems, the present invention provides a front-end authority control method, apparatus, electronic device and storage medium, and the technical solution is as follows:
one aspect of the present invention provides a front-end authority control method, which is applied to a front end, and includes:
receiving login information of a target object of which the login page is input;
sending the login information to a back end so that the back end returns the authority information of the target object according to the login information;
and generating an access page corresponding to the authority information, and performing authority control on the access operation of the target object based on the access page.
Optionally, the permission information includes a permission tree, where the permission tree is composed of multiple menus with a hierarchical relationship, a first menu is an upper menu of a second menu, the first menu is higher in level than the second menu, and a menu with the lowest level includes multiple buttons;
correspondingly, the generating an access page corresponding to the authority information includes:
and generating a corresponding routing page according to the hierarchical relation of the menu in the authority tree and the corresponding button.
Optionally, the generating a corresponding routing page according to the hierarchical relationship of the menu in the authority tree and the corresponding button includes:
calling a pre-generated role menu list, wherein menus with access rights corresponding to different roles are recorded in the role menu list;
acquiring a target role to which the target object belongs, and carrying out recursive comparison on menus in the authority tree by using a menu corresponding to the target role in the role menu list;
and generating a dynamic route matched with the hierarchical relation of the menus in the authority tree based on the recursive comparison result so as to output a route page with the dynamic route.
Optionally, the back end returns the token of the target object while returning the authority information;
correspondingly, the performing authority control on the access operation of the target object based on the access page includes:
receiving an access request of the target object, which is input by the access page, wherein the access request comprises a token to be verified and an access link;
calling the cached token of the target object to verify the token in the access request;
if the token in the access request passes the verification, calling an access link corresponding to a button in the cached permission tree to verify the access link in the access request;
and if the access link in the access request passes the verification, sending the access link in the access request to the back end.
Another aspect of the present invention provides a front-end right control apparatus, including:
the login module is used for receiving login information of a target object input in a login page; sending the login information to a back end so that the back end returns the authority information of the target object according to the login information;
and the authority control module is used for generating an access page corresponding to the authority information and carrying out authority control on the access operation of the target object based on the access page.
Optionally, the permission information includes a permission tree, where the permission tree is composed of multiple menus with a hierarchical relationship, a first menu is an upper menu of a second menu, the first menu is higher in level than the second menu, and a menu with the lowest level includes multiple buttons;
correspondingly, the authority control module, configured to generate an access page corresponding to the authority information, is specifically configured to:
and generating a corresponding routing page according to the hierarchical relation of the menu in the authority tree and the corresponding button.
Optionally, the authority control module is configured to generate a corresponding routing page according to the hierarchical relationship of the menu in the authority tree and the corresponding button, and specifically configured to:
calling a pre-generated role menu list, wherein menus with access rights corresponding to different roles are recorded in the role menu list; acquiring a target role to which the target object belongs, and carrying out recursive comparison on menus in the authority tree by using a menu corresponding to the target role in the role menu list; and generating a dynamic route matched with the hierarchical relation of the menus in the authority tree based on the recursive comparison result so as to output a route page with the dynamic route.
Optionally, the back end returns the token of the target object while returning the authority information;
correspondingly, the authority control module, configured to perform authority control on the access operation of the target object based on the access page, is specifically configured to:
receiving an access request of the target object, which is input by the access page, wherein the access request comprises a token to be verified and an access link; calling the cached token of the target object to verify the token in the access request; if the token in the access request passes the verification, calling an access link corresponding to a button in the cached permission tree to verify the access link in the access request; and if the access link in the access request passes the verification, sending the access link in the access request to the back end.
Another aspect of the present invention provides an electronic device, including: at least one memory and at least one processor; the memory stores a program, the processor calls the program stored in the memory, and the program is used for realizing any one of the front-end authority control methods.
Another aspect of the present invention provides a storage medium, where computer-executable instructions are stored, and the computer-executable instructions are configured to execute any one of the front-end right control methods.
Compared with the prior art, the invention has the following beneficial effects:
the invention provides a front-end authority control method, a device, electronic equipment and a storage medium. Based on the invention, the problem of front-end authority control can be solved, and after the user logs in, the front end can identify the legality of the access operation under the condition of not accessing the back-end service, thereby reducing the access pressure of the back end.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a flowchart of a method for controlling front-end rights according to an embodiment of the present invention;
fig. 2 is a flowchart of a part of a method of controlling front-end rights according to an embodiment of the present invention;
fig. 3 is a flowchart of another part of a front-end authority control method according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a front-end authority control device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In order to make the aforementioned objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in further detail below.
At present, the main rights control strategies of vue include the following two types:
1) the front end records all rights. After the user logs in, the back end returns the user role, and the front end automatically allocates the page according to the role.
2) The front end only records pages, and the back end records authority. After the user logs in, the back end returns to the user authority list, and the front end generates an accessible page according to the list.
The existing authority control or the front end records all authorities, when the roles are more and more, certain trouble is brought to the compiling of the front end route, or the authority control is completely carried out by depending on the rear end, and if the user quantity is large, the burden of the server is increased.
The authority control method based on the BFE frame solves the problem of front-end authority control under the BFE frame, integrates the two authority control strategies, completely sets the authority based on the rear end, almost has no maintenance cost, can judge whether the authority is legal or not at the front end according to a Uniform Resource Locator (URL) link, and does not need to send a request to the rear end for judgment. Therefore, the maintenance cost is reduced, the illegal URL link can be intercepted from the front end, and the pressure of back-end service is reduced.
It should be noted that BFE is a new front-end framework based on vue.js, and aims to reduce the learning cost of front-end developers and improve the development efficiency of front-ends.
Referring to a method flowchart shown in fig. 1, an embodiment of the present invention provides a front-end authority control method, where the method is applied to a front end, and the method includes the following steps:
s10, the login information of the target object to which the login page is input is received.
In the embodiment of the present invention, the front end responds to an input operation of the target object, displays the login page to the target object, and further obtains login information input by the target object to the login page, where the login information may include information such as an account, a password, and an authentication code of the target object, and the embodiment of the present invention is not limited thereto.
And S20, sending the login information to the back end so that the back end returns the authority information of the target object according to the login information.
In the embodiment of the invention, the back end can analyze the login information to identify the role of the target object, thereby determining the authority information matched with the role and returning the authority information to the front end.
Specifically, the role menu list, the menu list and the role menu list can be designed according to requirements, and the content in the lists can be maintained by a system manager, including addition and management. Wherein the content of the first and second substances,
the role table records information of different roles, including role names, serial numbers and the like; the menu list records information of all authorities, including identification, attributes and the like, the authorities can be divided into a menu and a button, and one button corresponds to one URL link; the role menu table associates roles in the role table with menus in the menu table. It should be noted that the menus have directionality, that is, one menu can point to another menu, and also point to one or more buttons.
Based on this, the authority information returned by the back end to the front end includes at least one menu and the menu/button pointed by each menu.
And S30, generating an access page corresponding to the authority information, and performing authority control on the access operation of the target object based on the access page.
In the embodiment of the invention, based on the authority information returned by the back end, the menu and the button in the authority information are displayed on the access page, that is to say, the contents on the access page viewed by the target object are all the authority possessed by the role of the target object. Thus, the target object operates to access a menu on the page, and the menu/button pointed to by the menu can be viewed. The front end responds to the touch operation of the target object on the target button, and then the URL link corresponding to the target button can be generated.
In a specific implementation process, the authority information includes an authority tree, the authority tree is composed of a plurality of menus with a hierarchical relationship, the first menu is an upper menu of the second menu, the level of the first menu is higher than that of the second menu, and the menu with the lowest level includes a plurality of buttons.
In the embodiment of the invention, because the menus have directivity, one menu can point to the menu or the button. For example, the authority information includes three menus, menu 1, menu 2, and menu 3, where menu 1 points to buttons 1, 2, and 3, menu 2 points to menu 3, and menu 3 points to buttons 4 and 5, and thus the authority information includes two authority trees, that is, authority tree 1 composed of menu 1 and buttons 1, 2, and 3, and authority tree 2 composed of menu 2, menu 3, and buttons 4 and 5.
Continuing with the rights tree 2, the menu 2 and the menu 3 in the rights tree 2 have a hierarchical relationship, i.e. the menu 2 is an upper menu of the menu 3, the menu 2 is at a higher level than the menu 3, the menu 3 belongs to the menu with the lowest level in the rights tree 2, and the menu 3 has buttons 4 and 5.
On this basis, in the process of generating the access page corresponding to the authority information, a corresponding routing page can be generated according to the hierarchical relationship of the menus in the authority tree and the button of the menu with the lowest level in the authority tree, and the routing relationship of the menus and the button can be embodied in the routing page. Continuing with the authority tree 2, in the routing page generated based on the authority tree 2, firstly, the menu 2 is displayed to the target object, after the menu 2 is detected to be clicked by the target object, the menu 3 is continuously displayed to the target object, and further, after the menu 3 is detected to be clicked by the target object, the buttons 4 and 5 are displayed to the target object.
In the specific implementation process, the process of generating the corresponding routing page by the front end according to the hierarchical relationship of the menu in the authority tree and the corresponding button may adopt the following steps, and a flow chart of the method is shown in fig. 2:
s3011, a pre-generated character menu list is called, and a menu having access rights corresponding to different characters is recorded in the character menu list.
S3012, obtaining the target role to which the target object belongs, and carrying out recursive comparison on the menu in the authority tree according to the menu corresponding to the target role in the role menu list.
In the embodiment of the invention, because the types of the information processed by the front end and the back end are different, the authority tree returned by the back end can not be directly used when the front end obtains the authority tree, and the authority tree needs to be converted into the information type capable of being processed.
Further, a dynamic route of the target object is generated by filtering out menus and buttons to which the target object has authority by recursively comparing the authority tree with the role menu table.
And S3013, generating a dynamic route matched with the hierarchical relation of the menu in the authority tree based on the recursive comparison result so as to output a route page with the dynamic route.
In the embodiment of the present invention, as far as the authority tree 2 is used, the dynamic routing matched with the authority tree is "menu 2 → menu 3 → buttons 4 and 5", the routing page is displayed based on the touch operation of the dynamic routing response target object, and finally the URL link for the target button is sent to the back end.
In other embodiments, the back-end returns the rights information to the front-end, along with a token for the target object. Of course, the token is also generated based on the login information of the target object, and may specifically be calculated by using an existing algorithm, such as a hash algorithm, where one login information uniquely corresponds to one token.
Based on this, in step S30, "perform right control on access operation of the target object based on the access page" may adopt the following steps, and the method flowchart is shown in fig. 3:
s3021, receiving an access request of a target object with an access page input, wherein the access request comprises a token to be verified and an access link.
In order to access illegal network intrusion, in the embodiment of the present invention, even if the target object performs a touch operation on a button in the access page, the validity of the generated URL link needs to be verified. Of course, the token of the target object is also verified at the same time.
It should be noted that, for the token returned by the back end and the URL link corresponding to the button in the authority tree, the front end may be stored in the browser cache, so as to implement subsequent verification on the validity of the token and the URL link.
S3022, the cached token of the target object is called to verify the token in the access request.
In the embodiment of the invention, the validity of the token in the access request is determined by comparing whether the cached token is the same as the token in the access request. Specifically, if the two are the same, the token in the access request is legal and the authentication is passed, whereas if the two are different, the token in the access request is illegal and the authentication is not passed.
And S3023, if the token in the access request passes the verification, calling the access link corresponding to the button in the cached authority tree to verify the access link in the access request.
And S3024, if the access link in the access request passes the verification, sending the access link in the access request to the back end.
In the embodiment of the present invention, the access link is the above-mentioned URL link. The invention verifies the token and the URL link in sequence, and only when both are verified, the URL link is sent to the back end. Therefore, the front end can quickly identify the illegal access, the URL link of the illegal access can not request the back end, the pressure of the back end server can be relieved, and the service paralysis caused by the conditions of malicious request of an illegal user or misoperation of the user and the like can be prevented to a certain extent.
In practical application, in order to realize front-end control of a button, an instruction for judging the button permission is added to a directive/permission.js file, and the instruction is used for the button which needs to be displayed or hidden according to a user role, and the specific logic is as follows:
the method is used on the button needing to judge the authority:
< bfe-button @ click ═ viewexpandeplan (row) > -type ═ text "size ═ small" v-permission ═ all '03', '04', '06' ] > expense plan </bfe-button >
It should be noted that: js-based BFE framework or similar framework must be used and a database must be used to configure the storage of the role menu tables that generate the rights tree. In other words, routing configuration and tuning are performed by using the BFE as a front-end framework, so that the pressure of back-end service access can be reduced while the authority maintenance cost is reduced.
According to the front-end authority control method provided by the embodiment of the invention, the front end sends the login information input by the target object in the login page to the rear end, the authority information of the target object is returned by the rear end, the front end generates the access page corresponding to the authority information, and the front end performs authority control on the access operation of the target object based on the access page. Based on the invention, the problem of front-end authority control can be solved, and after the user logs in, the front end can identify the legality of the access operation under the condition of not accessing the back-end service, thereby reducing the access pressure of the back end.
Based on the front-end permission control method provided by the above embodiment, an embodiment of the present invention further provides an apparatus for executing the front-end permission control method, where a schematic structural diagram of the apparatus is shown in fig. 4, and the apparatus includes:
a login module 10 for receiving login information of a target object of which a login page is input; sending the login information to the back end so that the back end returns the authority information of the target object according to the login information;
and the authority control module 20 is used for generating an access page corresponding to the authority information and performing authority control on the access operation of the target object based on the access page.
Optionally, the authority information includes an authority tree, the authority tree is composed of a plurality of menus with a hierarchical relationship, the first menu is an upper menu of the second menu, the level of the first menu is higher than that of the second menu, and the menu with the lowest level includes a plurality of buttons;
correspondingly, the authority control module 20 for generating the access page corresponding to the authority information is specifically configured to:
and generating a corresponding routing page according to the hierarchical relation of the menu in the authority tree and the corresponding button.
Optionally, the authority control module 20 is configured to generate a corresponding routing page according to the hierarchical relationship of the menu in the authority tree and the corresponding button, and specifically configured to:
calling a pre-generated role menu list, wherein menus with access rights corresponding to different roles are recorded in the role menu list; acquiring a target role to which a target object belongs, and carrying out recursive comparison on menus in the authority tree by using menus corresponding to the target role in a role menu list; and generating a dynamic route matched with the hierarchical relation of the menu in the authority tree based on the recursive comparison result so as to output a route page with the dynamic route.
Optionally, the back end returns the token of the target object while returning the authority information;
correspondingly, the authority control module 20 for performing authority control on the access operation of the target object based on the access page is specifically configured to:
receiving an access request of a target object of which an access page is input, wherein the access request comprises a token to be verified and an access link; calling the cached token of the target object to verify the token in the access request; if the token in the access request passes the verification, calling an access link corresponding to a button in the cached authority tree to verify the access link in the access request; and if the access link in the access request passes the verification, sending the access link in the access request to the back end.
It should be noted that, for the detailed functions of each module in the embodiment of the present invention, reference may be made to the corresponding disclosure part of the foregoing front-end authority control method embodiment, and details are not described here again.
Based on the front-end permission control method provided by the above embodiment, an embodiment of the present invention further provides an electronic device, where the electronic device includes: at least one memory and at least one processor; the memorizer stores programs, the processor calls the programs stored in the memorizer, and the programs are used for realizing the front-end authority control method.
Based on the front-end authority control method provided by the above embodiment, an embodiment of the present invention further provides a storage medium, where the storage medium stores computer-executable instructions, and the computer-executable instructions are used for executing the front-end authority control method.
The foregoing detailed description is directed to a front-end permission control method, apparatus, electronic device, and storage medium provided by the present invention, and specific examples are applied herein to illustrate the principles and implementations of the present invention, and the descriptions of the foregoing examples are only used to help understand the method and the core ideas of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
It should be noted that, in the present specification, the embodiments are all described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments may be referred to each other. The device disclosed by the embodiment corresponds to the method disclosed by the embodiment, so that the description is simple, and the relevant points can be referred to the method part for description.
It is further noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include or include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (10)
1. A front-end authority control method, applied to a front end, the method comprising:
receiving login information of a target object of which the login page is input;
sending the login information to a back end so that the back end returns the authority information of the target object according to the login information;
and generating an access page corresponding to the authority information, and performing authority control on the access operation of the target object based on the access page.
2. The method according to claim 1, wherein the authority information includes an authority tree, the authority tree is composed of a plurality of menus with a hierarchical relationship, a first menu is an upper menu of a second menu, the first menu has a higher level than the second menu, and a menu with a lowest level includes a plurality of buttons;
correspondingly, the generating an access page corresponding to the authority information includes:
and generating a corresponding routing page according to the hierarchical relation of the menu in the authority tree and the corresponding button.
3. The method of claim 2, wherein generating the corresponding routing page according to the hierarchical relationship of the menus in the permission tree and the corresponding buttons comprises:
calling a pre-generated role menu list, wherein menus with access rights corresponding to different roles are recorded in the role menu list;
acquiring a target role to which the target object belongs, and carrying out recursive comparison on menus in the authority tree by using a menu corresponding to the target role in the role menu list;
and generating a dynamic route matched with the hierarchical relation of the menus in the authority tree based on the recursive comparison result so as to output a route page with the dynamic route.
4. The method of claim 2, wherein the backend returns the rights information and simultaneously returns the token of the target object;
correspondingly, the performing authority control on the access operation of the target object based on the access page includes:
receiving an access request of the target object, which is input by the access page, wherein the access request comprises a token to be verified and an access link;
calling the cached token of the target object to verify the token in the access request;
if the token in the access request passes the verification, calling an access link corresponding to a button in the cached permission tree to verify the access link in the access request;
and if the access link in the access request passes the verification, sending the access link in the access request to the back end.
5. A front-end entitlement control device, characterized in that said device comprises:
the login module is used for receiving login information of a target object input in a login page; sending the login information to a back end so that the back end returns the authority information of the target object according to the login information;
and the authority control module is used for generating an access page corresponding to the authority information and carrying out authority control on the access operation of the target object based on the access page.
6. The apparatus according to claim 5, wherein the authority information includes an authority tree, the authority tree is composed of a plurality of menus with a hierarchical relationship, a first menu is an upper menu of a second menu, the first menu has a higher level than the second menu, and a menu with a lowest level includes a plurality of buttons;
correspondingly, the authority control module, configured to generate an access page corresponding to the authority information, is specifically configured to:
and generating a corresponding routing page according to the hierarchical relation of the menu in the authority tree and the corresponding button.
7. The apparatus according to claim 6, wherein the permission control module, configured to generate a corresponding routing page according to a hierarchical relationship of menus in the permission tree and corresponding buttons, is specifically configured to:
calling a pre-generated role menu list, wherein menus with access rights corresponding to different roles are recorded in the role menu list; acquiring a target role to which the target object belongs, and carrying out recursive comparison on menus in the authority tree by using a menu corresponding to the target role in the role menu list; and generating a dynamic route matched with the hierarchical relation of the menus in the authority tree based on the recursive comparison result so as to output a route page with the dynamic route.
8. The apparatus of claim 6, wherein the backend returns the rights information and simultaneously returns the token of the target object;
correspondingly, the authority control module, configured to perform authority control on the access operation of the target object based on the access page, is specifically configured to:
receiving an access request of the target object, which is input by the access page, wherein the access request comprises a token to be verified and an access link; calling the cached token of the target object to verify the token in the access request; if the token in the access request passes the verification, calling an access link corresponding to a button in the cached permission tree to verify the access link in the access request; and if the access link in the access request passes the verification, sending the access link in the access request to the back end.
9. An electronic device, characterized in that the electronic device comprises: at least one memory and at least one processor; the memory stores a program, and the processor calls the program stored in the memory, and the program is used for realizing the front-end authority control method in any one of claims 1-4.
10. A storage medium having stored thereon computer-executable instructions for performing the front-end entitlement control method recited in any one of claims 1-4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110643743.0A CN113221156A (en) | 2021-06-09 | 2021-06-09 | Front-end authority control method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110643743.0A CN113221156A (en) | 2021-06-09 | 2021-06-09 | Front-end authority control method and device, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113221156A true CN113221156A (en) | 2021-08-06 |
Family
ID=77083503
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110643743.0A Pending CN113221156A (en) | 2021-06-09 | 2021-06-09 | Front-end authority control method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113221156A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114528504A (en) * | 2022-02-21 | 2022-05-24 | 北京达佳互联信息技术有限公司 | Data processing method, device, electronic equipment and medium |
| CN114745316A (en) * | 2022-04-13 | 2022-07-12 | 工银科技有限公司 | Routing method, apparatus, device, medium and program product |
| CN115733702A (en) * | 2023-01-06 | 2023-03-03 | 宜科(天津)电子有限公司 | Control method of routing authority, storage medium and electronic device |
| CN117318994A (en) * | 2023-08-29 | 2023-12-29 | 北京安锐卓越信息技术股份有限公司 | Page access method, device, medium and electronic equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109936575A (en) * | 2019-03-07 | 2019-06-25 | 北京融链科技有限公司 | Page access method, apparatus, storage medium and processor |
| CN112487407A (en) * | 2020-12-01 | 2021-03-12 | 广州奇享科技有限公司 | Authority control method, device, medium and electronic equipment |
| CN112615923A (en) * | 2020-12-21 | 2021-04-06 | 北京鸿盈信息技术有限公司 | Single-page application page display control method and device, terminal equipment and server |
| CN112882688A (en) * | 2021-01-07 | 2021-06-01 | 中国人民财产保险股份有限公司 | Cloud-based architecture supporting multi-front-end project access |
-
2021
- 2021-06-09 CN CN202110643743.0A patent/CN113221156A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109936575A (en) * | 2019-03-07 | 2019-06-25 | 北京融链科技有限公司 | Page access method, apparatus, storage medium and processor |
| CN112487407A (en) * | 2020-12-01 | 2021-03-12 | 广州奇享科技有限公司 | Authority control method, device, medium and electronic equipment |
| CN112615923A (en) * | 2020-12-21 | 2021-04-06 | 北京鸿盈信息技术有限公司 | Single-page application page display control method and device, terminal equipment and server |
| CN112882688A (en) * | 2021-01-07 | 2021-06-01 | 中国人民财产保险股份有限公司 | Cloud-based architecture supporting multi-front-end project access |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114528504A (en) * | 2022-02-21 | 2022-05-24 | 北京达佳互联信息技术有限公司 | Data processing method, device, electronic equipment and medium |
| CN114745316A (en) * | 2022-04-13 | 2022-07-12 | 工银科技有限公司 | Routing method, apparatus, device, medium and program product |
| CN114745316B (en) * | 2022-04-13 | 2023-11-14 | 工银科技有限公司 | Routing method, device, equipment and medium |
| CN115733702A (en) * | 2023-01-06 | 2023-03-03 | 宜科(天津)电子有限公司 | Control method of routing authority, storage medium and electronic device |
| CN117318994A (en) * | 2023-08-29 | 2023-12-29 | 北京安锐卓越信息技术股份有限公司 | Page access method, device, medium and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113221156A (en) | Front-end authority control method and device, electronic equipment and storage medium | |
| JP7018920B2 (en) | Confidential information processing methods, devices, servers, and security decision systems | |
| CN110602052B (en) | Micro-service processing method and server | |
| CN111695156A (en) | Service platform access method, device, equipment and storage medium | |
| WO2016101635A1 (en) | Method, apparatus and device for synchronizing login status, and computer storage medium | |
| CN108696490A (en) | The recognition methods of account permission and device | |
| CN109428877B (en) | Method and device for accessing service system through user equipment | |
| US20140173693A1 (en) | Cookie Optimization | |
| KR100870714B1 (en) | Method for blocking harmful internet sites in real-time by approaching engine to object property | |
| CN110708335A (en) | Access authentication method and device and terminal equipment | |
| WO2016007178A1 (en) | System and method for providing contextual analytics data | |
| CN108289080B (en) | Method, device and system for accessing file system | |
| US20180039771A1 (en) | Method of and server for authorizing execution of an application on an electronic device | |
| CN111935107B (en) | Identity authentication method, device, system, electronic equipment and storage medium | |
| CN103905477A (en) | HTTP request processing method and server | |
| CN109525613B (en) | Request processing system and method | |
| CN102761576B (en) | Web system malicious polyphonic ringtone ordering preventing method and server | |
| CN114257451B (en) | Verification interface replacement method and device, storage medium and computer equipment | |
| CN111752964A (en) | Data processing method and device based on data interface | |
| CN112528286B (en) | Terminal equipment safety detection method, associated equipment and computer program product | |
| CN110213211A (en) | Identify the method, apparatus, terminal and storage medium of safe download link | |
| CN111368231B (en) | Method and device for testing heterogeneous redundancy architecture website | |
| CN108650257B (en) | Security detection setting method and device based on website content and storage medium | |
| CN111865977A (en) | Information processing method and system | |
| CN117290840B (en) | Browser auditing method, device, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |