CN118132247A - Cloud platform access method and device, electronic equipment and storage medium - Google Patents

Cloud platform access method and device, electronic equipment and storage medium Download PDF

Info

Publication number
CN118132247A
CN118132247A CN202311363639.1A CN202311363639A CN118132247A CN 118132247 A CN118132247 A CN 118132247A CN 202311363639 A CN202311363639 A CN 202311363639A CN 118132247 A CN118132247 A CN 118132247A
Authority
CN
China
Prior art keywords
access
user
cloud platform
service
authority
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311363639.1A
Other languages
Chinese (zh)
Inventor
李喜勇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Contemporary Amperex Intelligence Technology Shanghai Ltd
Original Assignee
Contemporary Amperex Intelligence Technology Shanghai Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Contemporary Amperex Intelligence Technology Shanghai Ltd filed Critical Contemporary Amperex Intelligence Technology Shanghai Ltd
Priority to CN202311363639.1A priority Critical patent/CN118132247A/en
Publication of CN118132247A publication Critical patent/CN118132247A/en
Pending legal-status Critical Current

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The application discloses a cloud platform access method, a cloud platform access device, electronic equipment and a storage medium. The method comprises the following steps: acquiring an access request of a user for a cloud platform, wherein the access request comprises a target access address; obtaining the access rights of the user from a cache, wherein the access rights comprise button rights and interface rights; and allowing the user to access the micro service corresponding to the target access address under the condition that the target access address exists in the access addresses corresponding to the access rights. The embodiment of the application can ensure the safety of the cloud platform interface function, reduce the resource consumption of the micro service and improve the development efficiency of the micro service.

Description

Cloud platform access method and device, electronic equipment and storage medium
Technical Field
The present application relates to the field of cloud platform technologies, and in particular, to a cloud platform access method, a device, an electronic device, and a storage medium.
Background
Different users of the cloud platform can be controlled to access different micro services in the cloud platform by configuring different access rights for different users of the cloud platform. In the related art, the access rights configured for the user are menu level and button level, and the safety of the interface function cannot be ensured. In addition, authentication verification is required to be performed on the access rights of the users through each micro service, which causes an increase in resource consumption of the micro service and a decrease in micro service development efficiency.
Disclosure of Invention
In view of the above problems, embodiments of the present application provide a cloud platform access method, a device, an electronic device, and a storage medium, which can ensure the security of a cloud platform interface function, reduce the resource consumption of micro services, and improve the development efficiency of micro services.
In a first aspect, an embodiment of the present application provides a cloud platform access method, including:
acquiring an access request of a user for a cloud platform, wherein the access request comprises a target access address;
obtaining the access rights of the user from a cache, wherein the access rights comprise button rights and interface rights;
And allowing the user to access the micro service corresponding to the target access address under the condition that the target access address exists in the access addresses corresponding to the access rights.
According to the cloud platform access method, the access authority configured for the user is the minimum granularity interface level, the interface function safety is guaranteed, the safety control of the cloud platform interface is realized, the access authority of the user is authenticated and verified uniformly, the resource consumption of the micro service is reduced, the micro service only needs to pay attention to the development of the self business function, and the development efficiency of the micro service is improved.
In addition, the cloud platform access method of the embodiment of the application can also have the following additional technical characteristics:
according to one embodiment of the application, the method further comprises:
and under the condition that the user successfully logs in the cloud platform, acquiring the access right of the user through a basic system management service and storing the access right into the cache.
The access rights of the user are acquired through the basic system management service and are stored in the cache, so that the business gateway service can directly acquire the access rights of the user from the cache for authentication verification after acquiring the access request of the user, the authentication efficiency of the business gateway service is effectively improved, and the access efficiency of the user is further improved.
According to one embodiment of the present application, the obtaining, by the basic system management service, the access right of the user and saving the access right in the cache includes:
Acquiring a permission list of the user from a database through the basic system management service, wherein the permission list comprises directory permission, menu permission, button permission and interface permission;
and storing the button permission and the interface permission in the permission list into the cache through the basic system management service.
By finely dividing the authority types, the authority management and control are easier.
According to one embodiment of the application, the method further comprises:
And returning the authority list of the user to the user through the basic system management service.
According to one embodiment of the application, the method further comprises:
acquiring a login request of the user for the cloud platform, wherein the login request comprises login information;
And verifying the login information through the basic system management service, and determining that the user successfully logs in the cloud platform under the condition that verification is passed.
According to one embodiment of the application, the method further comprises:
And under the condition that the login failure of the user is determined, clearing the access authority of the user in the cache through the basic system management service.
According to one embodiment of the application, the method further comprises:
Acquiring authority configuration information of the user, wherein the authority configuration information comprises a role configured for the user and an authority list configured for the role;
And storing the authority configuration information of the user into the database through the basic system management service.
By taking the basic system management service as an independent service to provide a basic management function, other micro services only need to pay attention to self business function development, so that development efficiency is improved, and function release timeliness is improved.
According to one embodiment of the present application, the obtaining the access right of the user from the cache includes:
invoking the access rights of the user from the cache through a service gateway service;
And under the condition that the access address corresponding to the access authority is determined to have the target access address, allowing the user to access the micro service corresponding to the target access address, including:
and determining whether the access address corresponding to the access authority has the target access address or not through the service gateway service, and allowing the user to access the micro service corresponding to the target access address under the condition that the access address corresponding to the access authority is determined to have the target access address.
And the service gateway service acquires the access authority of the user from the cache to perform authentication verification, so that the authentication efficiency of the service gateway service is effectively improved, and the access efficiency of the user is further improved.
In a second aspect, an embodiment of the present application provides a cloud platform access device, including:
The cloud platform access control system comprises a first acquisition module, a second acquisition module and a first control module, wherein the first acquisition module is used for acquiring an access request of a user for a cloud platform, and the access request comprises a target access address;
The second acquisition module is used for acquiring the access rights of the user from the cache, wherein the access rights comprise button rights and interface rights;
The determining module is used for determining whether the access address corresponding to the access authority has the target access address or not, and allowing the user to access the micro service corresponding to the target access address under the condition that the access address corresponding to the access authority is determined to have the target access address.
According to the cloud platform access device provided by the embodiment of the application, the access authority configured for the user is the minimum granularity interface level, the interface function safety is ensured, the safety management and control of the cloud platform interface are realized, the access authority of the user is subjected to unified authentication verification, the resource consumption of the micro service is reduced, the micro service only needs to pay attention to the development of the self business function, and the development efficiency of the micro service is improved.
In a third aspect, an embodiment of the present application provides an electronic device, including a memory, a processor, and a computer program stored on the memory and executable on the processor, where the processor implements the cloud platform access method according to the first aspect when executing the program.
In a fourth aspect, an embodiment of the present application proposes a computer readable storage medium, on which a computer program is stored, which when executed by a processor, implements a cloud platform access method according to the first aspect.
Additional aspects and advantages of the application will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the application.
Drawings
The foregoing and/or additional aspects and advantages of the application will become apparent and may be better understood from the following description of embodiments taken in conjunction with the accompanying drawings in which:
fig. 1 is a schematic flow chart of a cloud platform access method according to an embodiment of the present application;
fig. 2 is a schematic diagram of a cloud platform architecture in a cloud platform access method according to an embodiment of the present application;
FIG. 3 is a relationship diagram of a basic system management data model in the cloud platform access method provided by the embodiment of the application;
Fig. 4 is a schematic structural diagram of a cloud platform access device according to an embodiment of the present application;
Fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
The technical solutions of the embodiments of the present application will be clearly described below with reference to the drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which are obtained by a person skilled in the art based on the embodiments of the present application, fall within the scope of protection of the present application.
The terms first, second and the like in the description and in the claims, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged, as appropriate, such that embodiments of the present application may be implemented in sequences other than those illustrated or described herein, and that the objects identified by "first," "second," etc. are generally of a type, and are not limited to the number of objects, such as the first object may be one or more. Furthermore, in the description and claims, "and/or" means at least one of the connected objects, and the character "/", generally means that the associated object is an "or" relationship.
In the cloud computing era, a large number of resources are uniformly managed through a cloud platform, and micro services are provided for the outside through an interface form. In order to facilitate management, different access rights are configured for different users of the cloud platform, and different users can be controlled to access different micro services in the cloud platform.
In the related technology, the access rights configured for the user are menu level and button level, and the interface of the cloud platform is not safely managed and controlled. Under the condition that a user obtains the address of a certain interface, even if the user does not have the access right of the interface, the user can access the micro-service corresponding to the interface according to the address of the interface, so that the safety of the interface function cannot be ensured. In addition, under the condition that the user accesses the micro-service corresponding to a certain interface, the micro-service is required to carry out authentication and verification on the access authority of the user so as to judge whether the user is allowed to access the micro-service. The authentication mode causes larger resource consumption of the micro service, and the micro service not only needs to pay attention to self service function development, but also needs to carry out authentication processing on the access authority of the user, thereby reducing the development efficiency of the micro service.
In order to solve the problems, the application provides the cloud platform access method, which configures the access authority of the interface level with the minimum granularity for the user, and even if the user obtains the address of the interface, the user cannot access the micro-service corresponding to the interface under the condition that the user does not have the access authority of the interface, thereby ensuring the safety of the interface function and realizing the safety management and control of the cloud platform interface. And the access authority of the user is authenticated uniformly, authentication processing is not required to be performed on each micro service, the resource consumption of the micro service is reduced, the micro service only needs to pay attention to the development of self business functions, and the development efficiency of the micro service is improved.
The following describes a cloud platform access method, a cloud platform access device, an electronic device and a storage medium according to an embodiment of the application with reference to the accompanying drawings.
Fig. 1 is a schematic flow chart of a cloud platform access method according to an embodiment of the present application.
As shown in fig. 1, the cloud platform access method provided by the embodiment of the present application includes steps 110 to 130.
Step 110, an access request of a user for the cloud platform is obtained, wherein the access request comprises a target access address.
The cloud platform has a front end and a back end. The front end of the cloud platform may be a browser end or a web page end, as shown in fig. 2, and the front end of the cloud platform may be provided with a service management system. The rear end of the cloud platform can provide various resources, as shown in fig. 2, and is provided with a cloud platform micro service cluster, so that business gateway services and various internal micro services can be provided.
The user may interact with the front end of the cloud platform. The user can perform service operation at the front end, and the front end can respond to the operation of the user, determine the micro service corresponding to the service operated by the user and generate an access request for the micro service. The front end sends the access request to the back end, and the service gateway service of the back end firstly acquires the access request so as to carry out unified authentication and verification on the access authority of the user.
The access request includes a target access address, which is an access address of the micro service to be accessed by the user. Wherein the access address may be a URL (uniform resource locator ).
In some embodiments, the access request may also include a user identification. The user identification may be used to characterize the identity information of the user, e.g., the user identification may be a user account. By means of the user identification, the access request can be associated with the user.
It should be noted that, the service gateway service may obtain access requests of multiple users for the same micro service at the same time, or may obtain access requests of multiple users for different micro services at the same time.
Step 120, obtaining the access rights of the user from the cache, wherein the access rights comprise button rights and interface rights.
The access rights of the user are pre-stored in the cache. After the access rights of the user are obtained, the access rights of the user are directly obtained from the cache for authentication verification.
According to some embodiments of the present application, the obtaining the access rights of the user from the cache in step 120 includes:
And calling the access authority of the user from the cache through the service gateway service.
After the service gateway service obtains the access request of the user, the access authority of the user in the cache can be called. The access rights of the user in the cache comprise button rights and interface rights, namely the access rights of the user are used for indicating button addresses and interface addresses which allow the user to access, and the button addresses and the interface addresses are access addresses of the user.
It should be noted that, the interface corresponding to the micro-service at the back end is displayed at the front end in the form of a button and an interface, and the configuration of the interface level authority with minimum granularity is realized by configuring the access authority of the user as the button authority and the interface authority.
In some embodiments, the user identifier and the access right may be stored in the cache correspondingly, and after the service gateway service obtains the access request, according to the user identifier in the access request, the access right corresponding to the user identifier is obtained from the cache, where the access right corresponding to the user identifier is the access right of the user.
And 130, allowing the user to access the micro service corresponding to the target access address under the condition that the target access address exists in the access addresses corresponding to the access rights.
The access address corresponding to the access authority is the button address and the interface address which allow the user to access. By comparing the access address corresponding to the access authority with the target access address, whether the user is allowed to access the micro-service corresponding to the target access address can be determined.
According to some embodiments of the present application, in step 130, in the case that it is determined that the access address corresponding to the access authority has the target access address, allowing the user to access the micro service corresponding to the target access address includes:
And determining whether the access address corresponding to the access authority has a target access address or not through the service gateway service, and allowing the user to access the micro service corresponding to the target access address under the condition that the access address corresponding to the access authority has the target access address.
The service gateway service detects whether the access address corresponding to the access authority of the user has a target access address or not, if so, the service gateway service indicates that the user has the access authority to the target access address and allows the user to access the micro service corresponding to the target access address; if the target access address is not available, the user is indicated to have no access right to the target access address, and the user is not allowed to access the micro-service corresponding to the target access address.
And under the condition that the user is allowed to access the micro-service corresponding to the target access address, the business gateway service forwards the access request of the user to the micro-service corresponding to the target access address so that the user can access the micro-service corresponding to the target access address.
The embodiment of the application configures the authority of the interface level with the minimum granularity to the user, ensures the safety of the interface function of the cloud platform, and ensures that the interfaces of the cloud platform are provided for a front-end service management system under the safety control. In addition, the access authority of the user is authenticated uniformly through the service gateway service, the authentication processing of each micro service on the access authority of the user is not needed, the security and access control of the micro service are lightened, the resource consumption of the micro service is reduced, the micro service only needs to pay attention to the development of the self service function, the development efficiency of the micro service is improved, and the function release timeliness is improved.
According to some embodiments of the application, the cloud platform access method further comprises:
under the condition that the user successfully logs in the cloud platform, the access authority of the user is obtained through the basic system management service and is stored in the cache.
The access rights of the user are configured and stored in advance. Before the user performs service operation on the front end, the user needs to log in the service management system on the front end to log in the cloud platform. Under the condition that the user successfully logs in the cloud platform, the basic system management service acquires the access rights of the user stored in advance, and stores the access rights of the user in a cache. Wherein the cache may be a redis cache.
The basic system management service is a micro service at the back end of the cloud platform. In the embodiment, the basic system management service is used as an independent service to provide functions such as authority management, so that other micro services do not need to pay attention to the authority management problem, and the development efficiency of other micro services is improved. In addition, after the basic system management service acquires the access rights of the user, the access rights of the user are stored in the cache, so that the service gateway service can directly acquire the access rights of the user from the cache for authentication verification after acquiring the access request of the user, the authentication efficiency of the service gateway service is effectively improved, and the access efficiency of the user is further improved.
According to some embodiments of the present application, the step of obtaining access rights of a user through a basic system management service and saving the access rights in a cache includes:
Acquiring a user authority list from a database through a basic system management service, wherein the authority list comprises directory authorities, menu authorities, button authorities and interface authorities;
And saving the button rights and the interface rights in the rights list into a cache through the basic system management service.
The database stores a user authority list in advance. And under the condition that the user successfully logs in the cloud platform, the basic system management service acquires the authority list of the user from the database. The rights list includes a plurality of types of rights configured to the user, i.e., directory rights, menu rights, button rights, and interface rights. The directory permission is configured as a directory routing path, the menu permission is configured as a menu routing path, the button permission is configured as a button address, and the interface permission is configured as an interface address.
After acquiring the authority list of the user, the basic system management service stores the button authority and the interface authority in the authority list into a cache. The button authority and the interface authority are the access authority of the user.
The embodiment finely divides the authority types, and is easier to manage and control.
In some embodiments, the database stores the correspondence between the user and the roles in advance, and the correspondence between the roles and the permission list. The basic system management service can determine the role of the user according to the corresponding relation between the user and the role, and can determine the authority list of the user according to the corresponding relation between the role and the authority list.
The roles can be preconfigured to the users, and the roles configured by different users can be different. For example, the roles of the users may be general users, administrators, etc., and of course, other roles may be defined, where each role has a corresponding authority list. The permission list may be preconfigured to the roles, and permission lists configured by different roles may be different.
According to some embodiments of the application, the cloud platform access method further comprises:
and returning the authority list of the user to the user through the basic system management service.
After acquiring the authority list of the user, the basic system management service can return the authority list of the user to the service gateway service, and the service gateway service forwards the authority list of the user to the front end. The front end may present the corresponding rights to the user based on the user's rights list. For example, the front end presents a menu and buttons, etc. to the user, that they have rights to operate.
According to some embodiments of the application, the cloud platform access method further comprises:
acquiring a login request of a user for a cloud platform, wherein the login request comprises login information;
And verifying the login information through the basic system management service, and determining that the user successfully logs in the cloud platform under the condition that verification is passed.
The user may perform a login operation at the front end, e.g., the user enters a user account and password at the front end. The front end responds to login operation of a user, and generates a login request which comprises login information. The login information may be information input by the user at the front end, such as a user account number and a password. The front end sends the login request to the back end, and the business gateway service of the back end firstly acquires the login request. It should be noted that, for the login request of the user, the service gateway service does not need to authenticate and verify the access authority of the user, and directly forwards the login request to the basic system management service.
The basic system management service can verify the login information in the login request, and after the login information passes the verification, a token (such as token) is returned to the service gateway, and the service gateway forwards the token to the front end so as to indicate that the user successfully logs in the cloud platform.
In the embodiment, the basic system management service is used as an independent service to provide functions such as login management, so that other micro services do not need to pay attention to the login management problem, and the development efficiency of other micro services is improved.
In some embodiments, the login request may also include a user identification. The authority list pre-configured by the user is stored in a database of the basic system management service in correspondence with the user identification. After acquiring the login request and determining that the user successfully logs in the cloud platform, the basic system management service can acquire a permission list corresponding to the user identifier, namely, a permission list of the user, and store the access permission (namely, button permission and interface permission in the permission list) of the user and the user identifier in a cache.
According to some embodiments of the application, the cloud platform access method further comprises:
and under the condition that the login failure of the user is determined, clearing the access authority of the user in the cache through the basic system management service.
The basic system management service can set a login interval duration, and if the user is not logged in for a long time, that is, the user is not logged in for a long time, the login interval duration is reached, the user login failure is determined, and the basic system management service clears the access authority of the user in the cache.
Under the condition that the user login is invalid, if the user logs in the cloud platform again, the user needs to log in the front end again, such as re-inputting the user account number and the password. And the basic system management service re-acquires the access right of the user and stores the access right in the cache after re-determining that the user successfully logs in the cloud platform.
According to some embodiments of the application, the cloud platform access method further comprises:
Acquiring authority configuration information of a user, wherein the authority configuration information comprises a role configured for the user and an authority list configured for the role;
The authority configuration information of the user can be saved into a database through the basic system management service.
The roles of the users may include general users and administrators, etc. The authority configured by the roles of the administrator and the common user can be different, for example, the administrator has the service function use and management authority, and the common user only has the service function use authority.
As shown in fig. 2, the front-end service management system may include functions such as user account management, role management, rights management, and operation record management. The user account management is used for managing information such as user account, the role management is used for managing information such as user role, the authority management is used for managing information such as authority corresponding to the role, and the operation record management is used for recording conditions such as user access to micro-services.
The functions of user account management, role management, authority management, operation record management and the like of the front-end business management system can be provided by the basic system management service of the back-end. The management system configuration page can be generated through the basic system management service, and the management system configuration page is displayed to an administrator at the front end, so that the administrator can configure corresponding authorities for common users in the management system configuration page.
For example, an administrator creates an account of a user on a management system configuration page, creates a role, configures rights, then gives the rights to the role, gives the role to the account of the user, and generates rights configuration information of the user. The front end sends the authority configuration information of the user to the business gateway service, the business gateway service forwards the authority configuration information of the user to the basic system management service, and the basic system management service stores the authority configuration information of the user in a database in the form of a basic system management data model.
Wherein, the basic system management data model relation diagram is shown in fig. 3. The defined data model comprises a user account table, a role table, a user role relation table, a permission table and a role permission relation table. The user account list may include information such as an account number, a mailbox, a mobile phone number, and the like of the user. The character table may include information such as character codes, character names, and character types (e.g., administrator, general user). The rights table may include information such as rights code, rights name, front-end routing, routing path, and rights type. The permission types comprise a catalog, a menu, buttons and an interface.
The user role relationship table includes a role table ID and a user account table ID. The user account table ID is an identifier of a user account table, and the user account table ID may associate the user account table with the user role relationship table. The character table ID is an identification of a character table, and can associate the character table with a user character relationship table. The user account table may be associated with the role table by a user role relationship table. The role authority relationship table includes a role table ID and an authority table ID. The character table ID is an identification of a character table, and can associate the character table with a character authority relationship table. The authority table ID is an identifier of the authority table, and the authority table ID may associate the authority table with the role authority relationship table. Through the role authority relationship table, a role table may be associated with the authority table.
In the embodiment, the permission of the user is configured in a manner of configuring the permission for the user, so that the flexibility of configuring the permission of the user is improved. The basic system management service is used as an independent service to provide a basic management function, so that other micro services only need to pay attention to the development of self business functions, the development efficiency is improved, and the function release timeliness is improved.
According to the cloud platform access method provided by the embodiment of the application, the execution subject can be the cloud platform access device. In the embodiment of the application, a cloud platform access device executes a cloud platform access method as an example, and the cloud platform access device provided by the embodiment of the application is described.
The embodiment of the application also provides a cloud platform access device.
As shown in fig. 4, the cloud platform access device includes: a first acquisition module 10, a second acquisition module 20 and a determination module 30.
A first obtaining module 10, configured to obtain an access request for a cloud platform from a user, where the access request includes a target access address;
A second obtaining module 20, configured to obtain, from the cache, an access right of the user, where the access right includes a button right and an interface right;
a determining module 30, configured to determine whether the access address corresponding to the access right has the target access address, and allow the user to access the micro service corresponding to the target access address if it is determined that the access address corresponding to the access right has the target access address.
The access authority configured for the user is the minimum granularity interface level, the interface function safety is ensured, the safety control of the cloud platform interface is realized, the access authority of the user is authenticated and verified uniformly, the resource consumption of the micro service is reduced, the micro service only needs to pay attention to the development of the self business function, and the development efficiency of the micro service is improved.
In some embodiments, the second obtaining module 20 is further configured to invoke, by the service gateway service, the access rights of the user from the cache;
the determining module 30 is further configured to determine, by using the service gateway service, whether the access address corresponding to the access right has the target access address, and allow the user to access the micro service corresponding to the target access address if it is determined that the access address corresponding to the access right has the target access address.
According to the embodiment, the access authority of the user is obtained from the cache through the service gateway service to carry out authentication verification, so that the authentication efficiency of the service gateway service is effectively improved, and the access efficiency of the user is further improved.
In some embodiments, the cloud platform access device further includes a third acquisition module, where the third acquisition module is configured to:
and under the condition that the user successfully logs in the cloud platform, acquiring the access right of the user through a basic system management service and storing the access right into the cache.
According to the embodiment, the access rights of the user are acquired through the basic system management service and stored in the cache, so that the business gateway service can directly acquire the access rights of the user from the cache for authentication verification after acquiring the access request of the user, the authentication efficiency of the business gateway service is effectively improved, and the access efficiency of the user is further improved.
In some embodiments, the third acquisition module is further to:
Acquiring a permission list of the user from a database through the basic system management service, wherein the permission list comprises directory permission, menu permission, button permission and interface permission;
and storing the button permission and the interface permission in the permission list into the cache through the basic system management service.
The embodiment is easier to manage and control the rights by finely dividing the rights types.
In some embodiments, the cloud platform access device further comprises a return module for:
And returning the authority list of the user to the user through the basic system management service.
In some embodiments, the cloud platform access device further includes a fourth acquisition module, where the fourth acquisition module is configured to:
acquiring a login request of the user for the cloud platform, wherein the login request comprises login information;
And verifying the login information through the basic system management service, and determining that the user successfully logs in the cloud platform under the condition that verification is passed.
In some embodiments, the cloud platform access device further comprises a purge module for:
And under the condition that the login failure of the user is determined, clearing the access authority of the user in the cache through the basic system management service.
In some embodiments, the cloud platform access device further includes a fifth acquisition module, where the fifth acquisition module is configured to:
Acquiring authority configuration information of the user, wherein the authority configuration information comprises a role configured for the user and an authority list configured for the role;
And storing the authority configuration information of the user into the database through the basic system management service.
According to the embodiment, the basic system management service is used as the independent service to provide the basic management function, so that other micro services only need to pay attention to self business function development, development efficiency is improved, and function release timeliness is improved.
The cloud platform access device in the embodiment of the application can be electronic equipment, and can also be a component in the electronic equipment, such as an integrated circuit or a chip. The electronic device may be a terminal, or may be other devices than a terminal. By way of example, the electronic device may be a server, network attached storage (Network Attached Storage, NAS), or personal computer (personal computer, PC), etc., and embodiments of the application are not particularly limited.
The cloud platform access device in the embodiment of the application can be a device with an operating system. The operating system may be a microsoft (Windows) operating system, an Android operating system, an IOS operating system, or other possible operating systems, and the embodiment of the present application is not limited specifically.
The cloud platform access device provided by the embodiment of the application can realize each process of the cloud platform access method in the method embodiments of fig. 1 to 3, and in order to avoid repetition, the description is omitted here.
In some embodiments, as shown in fig. 5, an electronic device 500 is further provided in the embodiments of the present application, which includes a processor 501, a memory 502, and a computer program stored in the memory 502 and capable of running on the processor 501, where the program, when executed by the processor 501, implements the respective processes of the embodiments of the cloud platform access method described above, and the same technical effects are achieved, so that repetition is avoided and no further description is given here.
The embodiment of the present application further provides a computer readable storage medium, on which a computer program is stored, where the steps of the cloud platform access method in any one of the foregoing embodiments are implemented when the computer program is executed by a processor, and for brevity, will not be described herein.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element. Furthermore, it should be noted that the scope of the methods and apparatus in the embodiments of the present application is not limited to performing the functions in the order shown or discussed, but may also include performing the functions in a substantially simultaneous manner or in an opposite order depending on the functions involved, e.g., the described methods may be performed in an order different from that described, and various steps may be added, omitted, or combined. Additionally, features described with reference to certain examples may be combined in other examples.
From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art in the form of a computer software product stored in a storage medium (e.g. ROM/RAM, magnetic disk, optical disk) comprising instructions for causing a terminal (which may be a mobile phone, a computer, a server, or a network device, etc.) to perform the method according to the embodiments of the present application.
The embodiments of the present application have been described above with reference to the accompanying drawings, but the present application is not limited to the above-described embodiments, which are merely illustrative and not restrictive, and many forms may be made by those having ordinary skill in the art without departing from the spirit of the present application and the scope of the claims, which are to be protected by the present application.
In the description of the present specification, reference to the terms "one embodiment," "some embodiments," "illustrative embodiments," "examples," "specific examples," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the application. In this specification, schematic representations of the above terms do not necessarily refer to the same embodiments or examples. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
While embodiments of the present application have been shown and described, it will be understood by those of ordinary skill in the art that: many changes, modifications, substitutions and variations may be made to the embodiments without departing from the spirit and principles of the application, the scope of which is defined by the claims and their equivalents.

Claims (11)

1. The cloud platform access method is characterized by comprising the following steps of:
acquiring an access request of a user for a cloud platform, wherein the access request comprises a target access address;
obtaining the access rights of the user from a cache, wherein the access rights comprise button rights and interface rights;
And allowing the user to access the micro service corresponding to the target access address under the condition that the target access address exists in the access addresses corresponding to the access rights.
2. The cloud platform access method of claim 1, said method further comprising:
and under the condition that the user successfully logs in the cloud platform, acquiring the access right of the user through a basic system management service and storing the access right into the cache.
3. The cloud platform access method according to claim 2, wherein the obtaining, by the basic system management service, the access right of the user and saving the access right in the cache, includes:
Acquiring a permission list of the user from a database through the basic system management service, wherein the permission list comprises directory permission, menu permission, button permission and interface permission;
and storing the button permission and the interface permission in the permission list into the cache through the basic system management service.
4. The cloud platform access method of claim 2, said method further comprising:
And returning the authority list of the user to the user through the basic system management service.
5. The cloud platform access method of claim 2, said method further comprising:
acquiring a login request of the user for the cloud platform, wherein the login request comprises login information;
And verifying the login information through the basic system management service, and determining that the user successfully logs in the cloud platform under the condition that verification is passed.
6. The cloud platform access method of claim 2, said method further comprising:
And under the condition that the login failure of the user is determined, clearing the access authority of the user in the cache through the basic system management service.
7. The cloud platform access method of claim 3, said method further comprising:
Acquiring authority configuration information of the user, wherein the authority configuration information comprises a role configured for the user and an authority list configured for the role;
And storing the authority configuration information of the user into the database through the basic system management service.
8. The cloud platform access method according to any one of claims 1 to 7, wherein the obtaining the access right of the user from the cache includes:
invoking the access rights of the user from the cache through a service gateway service;
And under the condition that the access address corresponding to the access authority is determined to have the target access address, allowing the user to access the micro service corresponding to the target access address, including:
and determining whether the access address corresponding to the access authority has the target access address or not through the service gateway service, and allowing the user to access the micro service corresponding to the target access address under the condition that the access address corresponding to the access authority is determined to have the target access address.
9. A cloud platform access device, comprising:
The cloud platform access control system comprises a first acquisition module, a second acquisition module and a first control module, wherein the first acquisition module is used for acquiring an access request of a user for a cloud platform, and the access request comprises a target access address;
The second acquisition module is used for acquiring the access rights of the user from the cache, wherein the access rights comprise button rights and interface rights;
The determining module is used for determining whether the access address corresponding to the access authority has the target access address or not, and allowing the user to access the micro service corresponding to the target access address under the condition that the access address corresponding to the access authority is determined to have the target access address.
10. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the cloud platform access method of any of claims 1-8 when the program is executed by the processor.
11. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the cloud platform access method according to any of claims 1-8.
CN202311363639.1A 2023-10-19 2023-10-19 Cloud platform access method and device, electronic equipment and storage medium Pending CN118132247A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311363639.1A CN118132247A (en) 2023-10-19 2023-10-19 Cloud platform access method and device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311363639.1A CN118132247A (en) 2023-10-19 2023-10-19 Cloud platform access method and device, electronic equipment and storage medium

Publications (1)

Publication Number Publication Date
CN118132247A true CN118132247A (en) 2024-06-04

Family

ID=91244600

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311363639.1A Pending CN118132247A (en) 2023-10-19 2023-10-19 Cloud platform access method and device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN118132247A (en)

Similar Documents

Publication Publication Date Title
US9954855B2 (en) Login method and apparatus, and open platform system
CN112597472B (en) Single sign-on method, device and storage medium
US10250612B1 (en) Cross-account role management
CN103023918B (en) The mthods, systems and devices logged in are provided for multiple network services are unified
CN103634301B (en) The method of the private data of user's storage in client and access server thereof
CN107135218B (en) Login state obtaining and sending method, credential configuration method, client and server
CN111695156A (en) Service platform access method, device, equipment and storage medium
CN111343168B (en) Identity authentication method and device, computer equipment and readable storage medium
US9934310B2 (en) Determining repeat website users via browser uniqueness tracking
US8914864B1 (en) Temporary virtual identities in a social networking system
US11539707B2 (en) Dynamic security policy consolidation
CN111698250A (en) Access request processing method and device, electronic equipment and computer storage medium
CN105162775A (en) Logging method and device of virtual machine
US20180218133A1 (en) Electronic document access validation
US11798001B2 (en) Progressively validating access tokens
CN114726632A (en) Login method, device, storage medium and processor
CN108289080B (en) Method, device and system for accessing file system
CN116484338A (en) Database access method and device
CN114666124A (en) Business system login method, login device, electronic equipment and storage medium
CN108494749B (en) Method, device and equipment for disabling IP address and computer readable storage medium
CN106209746B (en) Security service providing method and server
CN109992298B (en) Examination and approval platform expansion method and device, examination and approval platform and readable storage medium
EP3827362A1 (en) Web browser incorporating social and community features
CN112346888B (en) Data communication method and device based on software application and server equipment
CN118132247A (en) Cloud platform access method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination