CN114697100A - Authentication method, system, terminal and storage medium for front-end and back-end separation setting - Google Patents

Authentication method, system, terminal and storage medium for front-end and back-end separation setting Download PDF

Info

Publication number
CN114697100A
CN114697100A CN202210295727.1A CN202210295727A CN114697100A CN 114697100 A CN114697100 A CN 114697100A CN 202210295727 A CN202210295727 A CN 202210295727A CN 114697100 A CN114697100 A CN 114697100A
Authority
CN
China
Prior art keywords
page
user
resource
authority
resource authority
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210295727.1A
Other languages
Chinese (zh)
Inventor
刘正强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Lailai Technology Co ltd
Original Assignee
Beijing Lailai Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Lailai Technology Co ltd filed Critical Beijing Lailai Technology Co ltd
Priority to CN202210295727.1A priority Critical patent/CN114697100A/en
Publication of CN114697100A publication Critical patent/CN114697100A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses an authentication method, a system, a terminal and a storage medium for front-end and back-end separation setting, wherein the method comprises the following steps: the acquisition user I D acquires the target resource authority corresponding to the user I D from the back end according to the user I D; rendering a primary system page according to the target resource authority corresponding to the user I D, wherein the primary system page comprises access links of a plurality of systems; and receiving a system access command, and obtaining a secondary module resource right, a tertiary page resource right and a quaternary interface resource right corresponding to the user I D according to the system access command and the target resource right to render a corresponding page. The invention establishes a set of complete authentication mechanism, has clear rule definition and can ensure the safe and stable operation of the system.

Description

Authentication method, system, terminal and storage medium for front-end and back-end separation setting
Technical Field
The invention relates to the technical field of authentication of front-end and back-end separation settings, in particular to an authentication method, an authentication system, a terminal and a storage medium for the front-end and back-end separation settings.
Background
With the popularization of mobile devices, the traditional PC mode is difficult to support the development of mobile Internet, more and more enterprises adopt the separation of a front end and a back end, the back end provides a data interface, and other ends are called through user information.
However, in the prior art, the authority is fixed in the front-end routing file, the rule definition is not clear enough, and the safe and stable operation of front-end page authority control cannot be guaranteed.
Thus, there is a need for improvements and enhancements in the art.
Disclosure of Invention
Aiming at the defects in the prior art, the invention provides an authentication method, an authentication system, an authentication terminal and a storage medium for front-end and back-end separation setting, and aims to solve the problems that the definition of authority rules is not clear and the safe and stable operation of front-end page authority control cannot be ensured in the prior art.
In order to solve the technical problems, the technical scheme adopted by the invention is as follows:
in a first aspect of the present invention, an authentication method for front-end and back-end separation settings is provided, where the method includes:
acquiring a user ID, and acquiring a target resource authority corresponding to the user ID from a back end according to the user ID;
rendering a primary system page according to the target resource authority corresponding to the user ID, wherein the primary system page comprises access links of a plurality of systems;
and receiving a system access command, and acquiring a secondary module resource authority, a tertiary page resource authority and a quaternary interface resource authority corresponding to the user ID according to the system access command and the target resource authority so as to render a corresponding page.
The method for separately setting authentication at the front end and the back end, wherein the acquiring the target resource authority corresponding to the user ID from the back end according to the user ID comprises the following steps:
and determining a user role according to the user ID, and determining the target resource authority according to the user role.
The front end and the back end set up authentication method in a classified manner, wherein the resources of the target resource authority corresponding to the user ID are created in the back end in advance, and non-primary resources in the target resource authority correspond to parent resources.
The method for separately setting authentication at the front end and the back end, wherein the step of obtaining the resource authority of the secondary module, the resource authority of the tertiary page and the resource authority of the quaternary interface according to the system access command and the target resource authority to render the corresponding page comprises the following steps:
entering an sso page according to the system ID and token corresponding to the system access command;
performing route matching through the sso page to obtain associated route data of the user ID in the second-level module resource authority and the third-level page resource authority in the system corresponding to the system ID;
and rendering a page according to the associated routing data and the four-level interface resource authority of the user ID in the system corresponding to the system ID.
The authentication method is set separately at the front end and the back end, wherein rendering a page according to the associated routing data and the resource authority of the four-level interface of the user ID in the system corresponding to the system ID comprises:
generating a system page menu according to the associated routing data;
and determining the display mode of the button in the system page menu according to the four-level interface resource authority in the target resource authority.
The authentication method is set separately at the front end and the back end, wherein the obtaining of the associated routing data of the second-level module resource and the third-level page resource by performing routing matching through the sso page includes:
performing method matching on a front-end routing object and all the second-level module resources and the third-level page resources corresponding to the system ID cached in the sso page in advance through the sso page to obtain filtered routing data;
and adding the filtered routing data to a front-end route to obtain the associated routing data.
The method for separately setting authentication at the front end and the back end, wherein the step of determining the display mode of the button in the page according to the four-level interface resource authority in the target resource authority comprises the following steps:
matching all four-level interface resource authorities corresponding to the user ID with all four-level interface resources in a system corresponding to the system ID through the sso page in an API address and request mode to judge whether a button in the page has an operation authority or not;
and when the button has no operation right, determining the display mode of the button to be hidden or grayed display.
In a second aspect of the present invention, an authentication system for front-end and back-end separation settings is provided, which includes:
the authority determining module is used for acquiring a user ID and acquiring a target resource authority corresponding to the user ID from a back end according to the user ID;
the primary system rendering module is used for rendering a primary system page according to the target resource authority corresponding to the user ID, and the primary system page comprises access links of a plurality of systems;
and the page rendering module is used for receiving a system access command and acquiring a secondary module resource authority, a tertiary page resource authority and a quaternary interface resource authority corresponding to the user ID according to the system access command and the target resource authority so as to render a corresponding page.
In a third aspect of the present invention, a terminal is provided, where the terminal includes a processor, and a computer-readable storage medium communicatively connected to the processor, where the computer-readable storage medium is adapted to store a plurality of instructions, and the processor is adapted to call the instructions in the computer-readable storage medium to perform the steps of implementing any one of the front-end and back-end separation setting authentication methods described above.
A fourth aspect of the present invention provides a computer-readable storage medium storing one or more programs, which are executable by one or more processors to implement the steps of the front-end and back-end separation setting authentication method according to any one of the above.
Compared with the prior art, the invention provides a front-end and back-end separation setting authentication method, a system, a terminal and a storage medium, wherein in the front-end and back-end separation setting authentication method, a first-level system resource, a second-level module resource, a third-level page resource and a fourth-level interface resource are established based on background configuration resource authority, a first-level system page is firstly obtained according to the flow of a user, then page authority in the system is obtained step by step, a set of complete authentication mechanism is established, the rule definition is clear, and the safe and stable operation of the system is guaranteed.
Drawings
Fig. 1 is a flowchart of an embodiment of an authentication method for front-end and back-end separation settings provided by the present invention;
FIG. 2 is a process diagram of resource creation in an embodiment of a front-end and back-end separation authentication method provided by the present invention;
FIG. 3 is a schematic diagram of resources at different levels in an embodiment of a front-end and back-end separation authentication method provided by the present invention;
FIG. 4 is a flowchart illustrating a process of storing resource data according to an embodiment of the authentication method for front and back separation settings provided in the present invention;
FIG. 5 is a flowchart illustrating operations of role-resource permission setting in an embodiment of a method for authentication with separate front and back ends according to the present invention;
fig. 6 is a flow chart of the front-end system and the route authentication in the embodiment of the authentication method for front-end and back-end separation setting provided by the present invention;
FIG. 7 is a first-level system resource page effect diagram in an embodiment of a method for authentication with separate front and back end settings according to the present invention;
FIG. 8 is a flowchart illustrating the process of setting up the authorization of menu resources in an embodiment of the authentication method provided by the present invention;
fig. 9 is a schematic diagram illustrating a process of route authentication in an embodiment of a method for separately setting authentication at front and back ends according to the present invention;
fig. 10 is a schematic diagram illustrating a route matching process in an embodiment of a front-end and back-end separation authentication method provided by the present invention;
FIG. 11 is a diagram illustrating the menu effect of a page in an embodiment of a method for authentication with separate front and back end settings according to the present invention;
FIG. 12 is a diagram illustrating an interface authentication process in an embodiment of a front-end and back-end separation authentication method provided by the present invention;
FIG. 13 is a schematic diagram illustrating a button displaying effect in an embodiment of a method for authentication with front and back end separation settings according to the present invention;
fig. 14 is a schematic structural diagram of an embodiment of a front-end and back-end separation setup authentication system provided in the present invention;
fig. 15 is a schematic diagram of an embodiment of a terminal provided in the present invention.
Detailed Description
In order to make the objects, technical solutions and effects of the present invention clearer and clearer, the present invention is further described in detail below with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The authentication method for front-end and back-end separation setting provided by the invention can be executed by a terminal. The terminal includes but is not limited to various computers, servers, mobile phones, tablet computers, wearable devices and the like.
Example one
As shown in fig. 1, an embodiment of the authentication method with separate front and back end settings includes the steps of:
s100, acquiring a user ID, and acquiring a target resource authority corresponding to the user ID from a back end according to the user ID.
In this embodiment, creating a resource at a backend in advance, allocating the resource to different user IDs, and generating a target resource right corresponding to each user ID, in order to improve efficiency of resource allocation, the allocating the resource may be based on a role, that is, acquiring the target resource right corresponding to the user ID from the backend according to the user ID includes:
and determining a user role according to the user ID, and determining the target resource authority according to the user role.
And the resources of the target resource authority corresponding to the user ID are created at the rear end in advance, and non-primary resources in the target resource authority correspond to parent resources. Specifically, as shown in fig. 2, fig. 3, and fig. 4, the resources are divided into a first-level system resource, a second-level module resource, a third-level page resource, and a fourth-level interface resource, where the second-level module resource and the third-level page resource may be collectively referred to as a menu resource or a routing resource, the interface resource belongs to a subclass of the menu resource, and the menu resource belongs to a subclass of the system resource.
And indicating the system resources of the new system in the resource management level menu at the new system, wherein the system resources comprise the url and the system name of the system. Primary system resources are all systems accessible to a user at the application portal display, and the primary system resources table may be as shown in Table 1:
name of system Request mode URL address Operation of
xx content center get http://wwww.xxx.com/path1 xx
xx settlement center get http://wwww.xxx.com/path2 xx
xx customer service center get http://wwww.xxx.com/path3 xx
xx operation and maintenance center get http://wwww.xxx.com/path4 xx
TABLE 1
The secondary module resource is mainly associated with a parent menu address of the system, and the system, url and module name of the secondary module resource are required to be filled, wherein the system is the primary system resource. The secondary module resource table may be as shown in table 2:
module name Belonging system Request mode URL address Operation of
Xx management xx content center get /path5 xx
Xx review xx clearing center get /path6 xx
Xx recording xx customer service center get /path7 xx
Xx module xx operation and maintenance center get /path8 xx
TABLE 2
The third-level page resource belongs to a subclass page address in the second-level module resource, and needs to fill in the second-level module, the name and the url, and the third-level page resource table can be as shown in table 3:
page name Belonging system Belonging module Request mode URL address Operation of
Xx List xx content center xx management get /path9 xx
Details of Xx xx content center xx management get /path10 xx
Xx recording xx content center xx management get /path11 xx
Xx query xx operation and maintenance center xx management get /path12 xx
TABLE 3
After selecting the three-level page resource, the four-level interface resource can enter the corresponding four-level functional resource list page, and then all functional interface data under the three-level page resource are newly added, and the page, the functional name and the url of the antenna are needed. The four-level interface resource table may be as shown in table 4:
page name Belonging system Belonging module Request mode URL address Operation of
xx list xx content center xx management post /path13 xx
xx details xx content center xx management get /path14 xx
xx entry xx content center xx management put /path15 xx
xx queries xx operation and maintenance center xx management delete /path16 xx
TABLE 4
When creating resources, if the resource level is selected, if the resource level is non-primary resource, the corresponding parent resource needs to be selected, and if the resource level is primary resource, the resource level can be directly stored.
As shown in fig. 5, a user and a role are created, a role list is added with roles, a role name needs to be filled, a parent orange is needed, and whether a parent option is broken or not, wherein the parent role initialization is a super administrator. And associating the roles with the corresponding resources, setting resource permissions in the role list, and checking and storing the resources of the creation numbers in the resource creation phase. For the created users, the users and the roles are associated, so that the resource authority is correspondingly configured for each user.
S200, rendering a primary system page according to the target resource authority corresponding to the user ID, wherein the primary system page comprises access links of a plurality of systems.
In this embodiment, for a plurality of systems, the same application is used for control, as shown in fig. 6, after a user logs in an application through a user ID, first, a primary system resource right is obtained according to the user ID, and then, a primary system page is rendered, and an effect diagram is shown in fig. 7.
S300, receiving a system access command, and according to the system access command and the target resource authority, obtaining a secondary module resource authority, a tertiary page resource authority and a quaternary interface resource authority corresponding to the user ID to render a corresponding page.
The step of obtaining the resource permission of the secondary module, the resource permission of the tertiary page and the resource permission of the quaternary interface according to the system access command and the target resource permission to render the corresponding page comprises the following steps:
entering an sso page according to the system ID and token corresponding to the system access command;
performing route matching through the subsystem sso page to obtain associated route data of the user ID in the second-level module resource authority and the third-level page resource authority in the system corresponding to the system ID;
and rendering a page according to the associated routing data and the four-level interface resource authority of the user ID in the system corresponding to the system ID.
When a user clicks a certain system link, the system access command is sent out, the system ID of the system and the token corresponding to the user are carried to enter a system sso page, second-level and third-level resources and asynchronous routing matching are carried out on the system authority of the current access user through the sso page to obtain associated routing data, and then a system menu is generated through an addRoutes method.
As shown in fig. 8, after the system access command is received, a newly added route needs to be matched to implement rendering of a page menu, specifically, as shown in fig. 9, all second, third, and fourth-level resources of the current system exist in the sso page, and are specifically stored in vuex, and resource data persistence is maintained, the browser is properly cached according to role resource data, and resource data cached in the sso page can be cleared and updated according to the access number and frequency of the resources, so that the access speed is increased. A front-end authority control file and a method are defined, wherein the method comprises a route filtering method, a route caching method and a route dynamic adding method. And matching the routing resource authority corresponding to the user ID with all secondary and tertiary resources in the system corresponding to the system ID to realize routing filtering. As shown in fig. 10, after the matching is successful, the associated routing data is obtained according to the successfully matched routing resource authority, and the associated routing data is added to the front-end route, so as to implement the rendering of the system page menu, as shown in fig. 11.
The code of the route authentication is as follows:
Figure BDA0003563225190000091
Figure BDA0003563225190000101
the rendering a page according to the associated routing data and the four-level interface resource authority of the user ID in the system corresponding to the system ID comprises:
generating a system page menu according to the associated routing data;
and determining the display mode of the button in the page according to the four-level interface resource authority in the target resource authority.
The determining the display mode of the button in the page according to the four-level interface resource authority in the target resource authority comprises:
matching all four-level interface resource authorities corresponding to the user ID with all four-level interface resources in a system corresponding to the system ID through the sso page in an API address and request mode to judge whether a button in the page has an operation authority or not;
and when the button has no operation right, determining the display mode of the button to be hidden or grayed display.
The authority control related to the button operation in the page menu is realized by adopting a convention scheme, namely, a front end presets four-level resources corresponding to each button operation on a page code layer, an api interface address and a request mode of the four-level resources, and the buttons are matched with all the four-level interface resources of the current system through an instruction mode so as to judge whether the buttons have operation authority or not, and further determine the display mode of the buttons.
Specifically, as shown in fig. 12, a corresponding interface address and a corresponding request mode are defined in the front-end port file, and data parameters defined by the interface are bound with the instruction in the same component introduction mode. For example, when a four-level interface resource is cached in a sso page, the format is set as [ 'get', 'url' ], wherein the 'get' example is a request mode, the 'url' example is an interface address, the request mode is stored, and the request mode and the interface address are simultaneously used as matching conditions, so that the situation that different operation types have the same url can be avoided, and the corresponding operation cannot be distinguished simply according to the url. The buttons are associated with all four-level resource authorities of the user ID in an instruction mode for matching, four-level resource authorities of the user ID in a current system (a system corresponding to the system ID) are filtered, whether each button in the menu has an operation authority or not is judged, the button is highlighted or grayed and hidden according to whether the operation authority exists or not, and an effect diagram is shown in fig. 13.
The code of the button operation authority authentication is as follows:
Figure BDA0003563225190000111
Figure BDA0003563225190000121
the $ _ has method is packaged as follows:
Figure BDA0003563225190000122
the buttons are referenced as follows:
<el-button v-has="titleParams.permission.add"></el-button>
in summary, the embodiment provides an authentication method for front-end and back-end separation settings, where a target data provider and a target data specification are determined by a target link, and target data is collected from the target data provider according to the target data specification, and when data needs to be collected from multiple data providers or data providers need to be added according to different cooperation protocols, only links need to be added and mapped to different data providers and data specifications, and a new authentication interface for front-end and back-end separation settings is not needed to be newly established, thereby reducing repetitive work.
It should be understood that, although the steps in the flowcharts shown in the figures of the present specification are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not limited to being performed in the exact order illustrated and, unless explicitly stated herein, may be performed in other orders. Moreover, at least a portion of the steps in the flowchart may include multiple sub-steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of performing the sub-steps or stages is not necessarily sequential, but may be performed alternately or alternately with other steps or at least a portion of the sub-steps or stages of other steps.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, databases or other media used in the embodiments provided herein may include non-volatile and/or volatile memory. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
Example two
Based on the above embodiment, the present invention further provides a front-end and back-end separation setting authentication system, as shown in fig. 14, where the front-end and back-end separation setting authentication system includes:
the authority determining module is configured to obtain a user ID, and obtain, from a back end according to the user ID, a target resource authority corresponding to the user ID, as described in embodiment one;
a primary system rendering module, configured to render a primary system page according to a target resource permission corresponding to the user ID, where the primary system page includes access links of multiple systems, as described in embodiment one;
and a page rendering module, configured to receive a system access command, and obtain, according to the system access command and the target resource permission, a secondary module resource permission, a tertiary page resource permission, and a quaternary interface resource permission corresponding to the user ID, to render a corresponding page, which is specifically described in embodiment one.
EXAMPLE III
Based on the above embodiments, the present invention further provides a terminal, as shown in fig. 15, where the terminal includes a processor 10 and a memory 20. Fig. 15 shows only some of the components of the terminal, but it is to be understood that not all of the shown components are required to be implemented, and that more or fewer components may be implemented instead.
The memory 20 may in some embodiments be an internal storage unit of the terminal, such as a hard disk or a memory of the terminal. The memory 20 may also be an external storage device of the terminal in other embodiments, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like provided on the terminal. Further, the memory 20 may also include both an internal storage unit and an external storage device of the terminal. The memory 20 is used for storing application software installed in the terminal and various data. The memory 20 may also be used to temporarily store data that has been output or is to be output. In one embodiment, the memory 20 stores a front-end and back-end separation setting authentication program 30, and the front-end and back-end separation setting authentication program 30 can be executed by the processor 10, so as to implement the front-end and back-end separation setting authentication method in the present application.
The processor 10 may be a Central Processing Unit (CPU), microprocessor or other chip in some embodiments, and is used to run program codes stored in the memory 20 or process data, such as executing the front-end and back-end separation setting authentication method.
In one embodiment, when the processor 10 executes the front-end and back-end separation setting authentication program 30 in the memory 20, the following steps are implemented:
acquiring a user ID, and acquiring a target resource authority corresponding to the user ID from a back end according to the user ID;
rendering a primary system page according to the target resource authority corresponding to the user ID, wherein the primary system page comprises access links of a plurality of systems;
and receiving a system access command, and acquiring a secondary module resource authority, a tertiary page resource authority and a quaternary interface resource authority corresponding to the user ID according to the system access command and the target resource authority so as to render a corresponding page.
The acquiring the target resource authority corresponding to the user ID from the back end according to the user ID comprises the following steps:
and determining a user role according to the user ID, and determining the target resource authority according to the user role.
And the resources of the target resource authority corresponding to the user ID are created at the rear end in advance, and non-primary resources in the target resource authority correspond to parent resources.
Wherein, the acquiring the resource authority of the secondary module, the resource authority of the tertiary page and the resource authority of the quaternary interface according to the system access command and the target resource authority to render the corresponding page comprises:
entering an sso page according to the system ID and token corresponding to the system access command;
performing route matching through the sso page to obtain associated route data of the user ID in the second-level module resource authority and the third-level page resource authority in the system corresponding to the system ID;
and rendering a page according to the associated routing data and the four-level interface resource authority of the user ID in the system corresponding to the system ID.
Wherein the rendering a page according to the associated routing data and the four-level interface resource authority of the user ID in the system corresponding to the system ID comprises:
generating a system page menu according to the associated routing data;
and determining the display mode of the button in the system page menu according to the four-level interface resource authority in the target resource authority.
Wherein, the obtaining of the associated routing data of the secondary module resource and the tertiary page resource by performing routing matching through the sso page comprises:
performing method matching on a front-end routing object and all the second-level module resources and the third-level page resources corresponding to the system ID cached in the sso page in advance through the sso page to obtain filtered routing data;
and adding the filtered routing data to a front-end route to obtain the associated routing data.
Wherein, the determining the display mode of the button in the page according to the four-level interface resource authority in the target resource authority comprises:
matching all four-level interface resource authorities corresponding to the user ID with all four-level interface resources in a system corresponding to the system ID through the sso page in an API address and request mode to judge whether a button in the page has an operation authority or not;
and when the button has no operation right, determining the display mode of the button to be hidden or grayed display.
Example four
The present invention also provides a computer readable storage medium in which one or more programs are stored, the one or more programs being executable by one or more processors to implement the steps of the front-end and back-end separation setting authentication method as described above.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims (10)

1. A front-end and back-end separation setting authentication method is characterized by comprising the following steps:
acquiring a user ID, and acquiring a target resource authority corresponding to the user ID from a back end according to the user ID;
rendering a primary system page according to the target resource authority corresponding to the user ID, wherein the primary system page comprises access links of a plurality of systems;
and receiving a system access command, and acquiring a secondary module resource authority, a tertiary page resource authority and a quaternary interface resource authority corresponding to the user ID according to the system access command and the target resource authority so as to render a corresponding page.
2. The method for authentication by front-end and back-end separation setting of claim 1, wherein the obtaining of the target resource right corresponding to the user ID from the back-end according to the user ID comprises:
and determining a user role according to the user ID, and determining the target resource authority according to the user role.
3. The authentication method for front-end and back-end separation setting according to claim 2, wherein the resource of the target resource authority corresponding to the user ID is created in the back-end in advance, and non-primary resources in the target resource authority correspond to parent resources.
4. The method for authentication of front-end and back-end separation settings according to claim 1, wherein the obtaining of the resource right of the secondary module, the resource right of the tertiary page and the resource right of the quaternary interface according to the system access command and the target resource right to render the corresponding page comprises:
entering an sso page according to the system ID and token corresponding to the system access command;
performing route matching through the sso page to obtain associated route data of the user ID in the second-level module resource authority and the third-level page resource authority in the system corresponding to the system ID;
and rendering a page according to the associated routing data and the four-level interface resource authority of the user ID in the system corresponding to the system ID.
5. The authentication method for front-end and back-end separation setting of claim 4, wherein the rendering a page according to the associated routing data and the four-level interface resource authority of the user ID in the system corresponding to the system ID comprises:
generating a system page menu according to the associated routing data;
and determining the display mode of the button in the system page menu according to the four-level interface resource authority in the target resource authority.
6. The authentication method for front-end and back-end separation setting of claim 4, wherein the obtaining of the associated routing data of the secondary module resource and the tertiary page resource by performing routing matching through the sso page comprises:
performing method matching on a front-end routing object and all the second-level module resources and the third-level page resources corresponding to the system ID cached in the sso page in advance through the sso page to obtain filtered routing data;
and adding the filtered routing data to a front-end route to obtain the associated routing data.
7. The authentication method for front-end and back-end separation setting of claim 5, wherein the determining the display mode of the button in the page according to the fourth-level interface resource authority in the target resource authority comprises:
matching all four-level interface resource authorities corresponding to the user ID with all four-level interface resources in a system corresponding to the system ID through the sso page in an API address and request mode to judge whether a button in the page has an operation authority or not;
and when the button has no operation right, determining the display mode of the button to be in a hidden or grey display mode.
8. A front-end and back-end separation setting authentication system, comprising:
the authority determining module is used for acquiring a user ID and acquiring a target resource authority corresponding to the user ID from a back end according to the user ID;
the primary system rendering module is used for rendering a primary system page according to the target resource authority corresponding to the user ID, and the primary system page comprises access links of a plurality of systems;
and the page rendering module is used for receiving a system access command and acquiring a secondary module resource authority, a tertiary page resource authority and a quaternary interface resource authority corresponding to the user ID according to the system access command and the target resource authority so as to render a corresponding page.
9. A terminal, characterized in that the terminal comprises: a processor, a computer readable storage medium communicatively connected to the processor, the computer readable storage medium adapted to store a plurality of instructions, the processor adapted to invoke the instructions in the computer readable storage medium to perform the steps of implementing the front-end and back-end separation setting authentication method as recited in any one of claims 1 to 7.
10. A computer-readable storage medium, storing one or more programs, the one or more programs being executable by one or more processors to perform the steps of the front-end and back-end split setting authentication method according to any one of claims 1 to 7.
CN202210295727.1A 2022-03-24 2022-03-24 Authentication method, system, terminal and storage medium for front-end and back-end separation setting Pending CN114697100A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210295727.1A CN114697100A (en) 2022-03-24 2022-03-24 Authentication method, system, terminal and storage medium for front-end and back-end separation setting

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210295727.1A CN114697100A (en) 2022-03-24 2022-03-24 Authentication method, system, terminal and storage medium for front-end and back-end separation setting

Publications (1)

Publication Number Publication Date
CN114697100A true CN114697100A (en) 2022-07-01

Family

ID=82138824

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210295727.1A Pending CN114697100A (en) 2022-03-24 2022-03-24 Authentication method, system, terminal and storage medium for front-end and back-end separation setting

Country Status (1)

Country Link
CN (1) CN114697100A (en)

Similar Documents

Publication Publication Date Title
US9729499B2 (en) Browser and method for domain name resolution by the same
CN104580406B (en) A kind of method and apparatus of synchronous logging state
KR102090982B1 (en) How to identify malicious websites, devices and computer storage media
US8745088B2 (en) System and method of performing risk analysis using a portal
CN108829838B (en) Batch processing method of account information and server
CN111625782B (en) Access authority control method and device for source code, computer equipment and storage medium
CN110798445B (en) Public gateway interface testing method and device, computer equipment and storage medium
CN102882886A (en) Network terminal and method for presenting visited website associated information
US9769159B2 (en) Cookie optimization
CN102917049A (en) Method for showing information of visited website, browser and system
CN105530127A (en) Method for processing network access request by proxy server and proxy server
CN111177672A (en) Page access control method and device and electronic equipment
CN115150392A (en) Remote file copying method, system, computing equipment and storage medium
CN113282591B (en) Authority filtering method, authority filtering device, computer equipment and storage medium
CN111767053A (en) Front-end page data acquisition method and device
CN111935107A (en) Identity authentication method, device, system, electronic equipment and storage medium
CN111367703A (en) Troubleshooting method and device
CN114697100A (en) Authentication method, system, terminal and storage medium for front-end and back-end separation setting
CN112948733B (en) Interface maintenance method, device, computing equipment and medium
CN114186958A (en) Method, computing device and storage medium for exporting list data as spreadsheet
CN111585897B (en) Request route management method, system, computer system and readable storage medium
CN106503576A (en) A kind of method and device for inquiring about data of paying taxes
CN109558433B (en) Method and device for requesting access to HDFS
CN111400623A (en) Method and apparatus for searching information
US10268418B1 (en) Accessing multiple data snapshots via one access point

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination