CN116506215B - Access processing method, device, electronic equipment and storage medium - Google Patents

Abstract

The application provides an access processing method, an access processing device, electronic equipment and a storage medium. The method comprises the following steps: receiving a button operation instruction of a user for a button and determining a sub-application to which the button belongs under the condition that the user successfully logs in the main application; determining role information of the user according to login information of the user, and determining button authority information corresponding to the user according to the role information, the sub-application and the main application; and if the main application determines that the user has the operation authority of the button according to the button operation instruction and the button authority information, controlling the sub-application to respond to the button operation request. The method of the application realizes the improvement of the accuracy and the safety of the authentication result.

Description

Access processing methods, devices, electronic devices and storage media

Technical field

The present application relates to the field of computer technology, and in particular, to an access processing method, device, electronic device and storage medium.

Background technique

Micro front-end is an architecture similar to microservices. It applies the concept of microservices to the browser side and transforms Web applications from a single application into an aggregation of multiple small front-end applications. Each front-end sub-application can run independently. , independently developed and independently deployed, and the authentication processing of each front-end sub-application is also handled separately by the sub-front-end sub-application.

However, when the micro front-end system is divided into many front-end applications, authentication modules need to be set up in each front-end sub-application, which will lead to the existence of multiple authentication modules in the entire system, which is prone to authentication confusion.

Contents of the invention

This application provides an access processing method, device, electronic device and storage medium to solve the problem in the prior art that individual authentication of each sub-application in the micro front-end system is prone to authentication confusion, resulting in reduced authentication security, and achieves Improve the accuracy and security of authentication results.

In a first aspect, this application provides an access processing method applied to a micro front-end system. The micro front-end system includes a main application and multiple sub-applications. The method includes:

When the user successfully logs in to the main application, receive the user's button operation instruction for the button, and determine the sub-application to which the button belongs;

Determine the user's role information based on the user's login information, and determine the button permission information corresponding to the user based on the role information, the sub-application and the main application;

If the main application determines that the user has the operation authority for the button based on the button operation instruction and the button authority information, the sub-application is controlled to respond to the button operation request.

Optionally, before receiving the user's button operation instruction for the button, the method also includes:

Receive the login information input by the user, and authenticate the user's login permission for the main application based on the login information;

If the user fails to pass the login authority authentication, then the authentication prompt information indicating that the user does not have login authority is displayed to the user;

If the user passes the login authority authentication, the main application is controlled to respond to the login information, and the main page of the main application is displayed to the user; the main page includes corresponding sub-applications. menu.

Optionally, receiving a button operation instruction from the user for a button and determining the sub-application to which the button belongs includes:

Receive the user's operation instruction for any menu on the main page, and if it is determined based on the role information that the user has the operation authority for the current menu, then display the current menu to the user; the current menu Contains multiple buttons;

Receive a button operation instruction from the user for any button in the current menu, and determine the sub-application to which the button belongs based on the button operation instruction.

Optionally, determining the button permission information corresponding to the user based on the role information, the sub-application and the main application includes:

Read the first button permission information corresponding to the user role information in the sub-application, and read the second button permission information corresponding to the user role information in the main application;

The button authority information corresponding to the user is determined based on the information comparison result of the first button authority information and the second button authority information.

Optionally, determining the button authority information corresponding to the user based on the information comparison result of the first button authority information and the second button authority information includes:

If the comparison results of the first button permission information and the second button permission information are consistent, then the first button permission information or the second button permission information is determined as the button permission information corresponding to the user;

If the comparison results of the first button permission information and the second button permission information are inconsistent, the button permission information corresponding to the user is empty.

Optionally, the method also includes:

When monitoring the user's adjustment instruction for the current menu, parse the adjustment instruction to obtain the adjusted target menu address;

If the target menu address is in the preset address whitelist, the target menu corresponding to the target menu address is directly displayed;

If the target menu address is not in the preset address whitelist, authentication processing is performed based on the role information to determine whether the user has the operating authority to operate the menu corresponding to the target menu address.

Optionally, the method also includes:

For any button of any sub-application, the button permission information of each role information for the button is obtained in advance, and the button permission information is synchronized to the main application for storage.

In the second aspect, this application provides an access processing device, including:

A button operation instruction receiving module, configured to receive the user's button operation instruction for a button when the user successfully logs in to the main application, and determine the sub-application to which the button belongs;

A button permission information acquisition module, configured to determine the role information of the user based on the user's login information, and determine the button permission information corresponding to the user based on the role information, the sub-application and the main application;

An operation permission authentication module, configured to control the sub-application to respond to the button operation request if the main application determines that the user has the operation permission for the button based on the button operation instruction and the button permission information. .

Optionally, the device also includes:

A login authority authentication module, configured to receive the login information input by the user, and authenticate the user's login authority for the main application based on the login information;

A prompt information display module, configured to display authentication prompt information indicating that the user does not have login authority to the user if the user fails to pass the login authority authentication;

A main page display module, used to control the main application to respond to the login information if the user passes the login authority authentication, and display the main page of the main application to the user; the main page contains Each of the sub-applications has a corresponding menu.

Optional button operation instruction receiving module includes:

A menu display unit configured to receive the user's operating instructions for any menu on the main page, and if it is determined based on the role information that the user has the operating authority for the current menu, display the current menu to the user. Menu; the current menu contains multiple buttons;

A button operation instruction receiving unit is configured to receive a button operation instruction from the user for any button in the current menu, and determine the sub-application to which the button belongs based on the button operation instruction.

Optional, button permission information acquisition module, including:

A role button information acquisition unit, configured to read the first button permission information corresponding to the user role information in the sub-application, and read the second button corresponding to the user role information in the main application permission information;

A button authority information determining unit is configured to determine the button authority information corresponding to the user based on the information comparison result of the first button authority information and the second button authority information.

Optional, button permission information determination unit includes:

The first button authority information determination subunit is used to determine the first button authority information or the second button authority information if the comparison results of the first button authority information and the second button authority information are consistent. Determine the button permission information corresponding to the user;

The second button authority information determination subunit is used to determine that the button authority information corresponding to the user is empty if the comparison results of the first button authority information and the second button authority information are inconsistent.

Optionally, the device also includes:

A target menu address obtaining module, configured to, when monitoring the user's adjustment instruction for the current menu, parse the adjustment instruction and obtain the adjusted target menu address;

A target menu display unit, configured to directly display the target menu corresponding to the target menu address if the target menu address is in a preset address whitelist;

An operation authority authentication unit, configured to authenticate whether the user has the operation authority for the menu corresponding to the target menu address based on the role information if the target menu address is not in the preset address whitelist. deal with.

Optionally, the device also includes:

The button permission information storage module is used to obtain the button permission information of each role information pair button in advance for any button of any sub-application, and synchronize the button permission information to the main application for storage.

In a third aspect, this application provides an electronic device, including: a processor, and a communication connection with the processor

memory;

The memory stores computer execution instructions;

The processor executes computer execution instructions stored in the memory to implement the method as described in the first aspect.

In a fourth aspect, the present application provides a computer-readable storage medium. Computer-executable instructions are stored in the computer-readable storage medium. When executed by a processor, the computer-executable instructions are used to implement the method as described in the first aspect. .

In a fifth aspect, the present application provides a computer program product, including a computer program that implements the method described in the first aspect when executed by a processor.

The technical solution provided by this application receives the user's operation of the button in the sub-application when the user passes the login authentication of the micro front-end, and generates operation instructions based on the operation, as well as buttons determined from the sub-application and the main application. Permission information, in the main application, verify whether the user's corresponding role has the permission to operate the button. When it is determined that the user has the operation permission of the button, the sub-application is controlled to respond to the button operation request; by performing unified authentication in the main application, it can solve the problem that in the existing technology, individual authentication of each sub-application in the micro front-end system is prone to authentication confusion, resulting in authentication confusion. It solves the problem of reduced rights security and realizes the unified management of sub-applications by the micro-front-end system to facilitate the access and withdrawal of sub-applications in the system. The method of determining permission information based on two applications also improves the accuracy of authentication results. and security.

Description of drawings

The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the application and together with the description, serve to explain the principles of the application.

Figure 1 is a schematic structural diagram of the access processing micro front-end system provided by this application;

Figure 2 is a schematic flow chart of an access processing method provided by an embodiment of the present application;

Figure 3 is a schematic flow chart of another access processing method provided by an embodiment of the present application;

Figure 4 is a schematic flowchart of another access processing method provided by an embodiment of the present application;

Figure 5 is a schematic structural diagram of an access processing device provided by an embodiment of the present application;

Figure 6 is a schematic structural diagram of an electronic device provided by an embodiment of the present application;

Figure 7 is a block diagram of an electronic device provided by an embodiment of the present application.

Through the above-mentioned drawings, clear embodiments of the present application have been shown, which will be described in more detail below. These drawings and text descriptions are not intended to limit the scope of the present application's concepts in any way, but are intended to illustrate the application's concepts for those skilled in the art with reference to specific embodiments.

Detailed ways

Exemplary embodiments will be described in detail herein, examples of which are illustrated in the accompanying drawings. When the following description refers to the drawings, the same numbers in different drawings refer to the same or similar elements unless otherwise indicated. The implementations described in the following exemplary embodiments do not represent all implementations consistent with this application. Rather, they are merely examples of apparatus and methods consistent with aspects of the application as detailed in the appended claims.

In the current micro front-end architecture, only simple sub-application entry links are provided in the main application. Whether the specific user has access rights to sub-applications needs to be handled by each sub-application itself. However, when the micro front-end system is divided into many front-end applications, authentication modules need to be set up in each front-end sub-application, which will lead to the existence of multiple authentication modules in the entire system, which is prone to authentication confusion.

The access processing method provided by this application is intended to solve the above technical problems of the existing technology. In this application, the main application is used to manage all sub-applications and provide common functional modules such as unified login authentication, authentication, menu display, etc.; sub-applications only need to focus on module function development to avoid redundant development. Specifically, by unified authentication for each sub-application in the main application, the problem of confusion in authentication is avoided, and operation requests are authenticated based on the permission data stored in the main application and sub-applications respectively, thereby improving authentication. Accuracy and safety of results.

Figure 1 is a schematic structural diagram of the access processing micro front-end system provided by this application. For ease of understanding, the micro front-end application system in the embodiment of the present application will be described below with reference to Figure 1 . Referring to Figure 1, the system includes a main application and multiple sub-applications. It should be noted that FIG. 1 only illustrates three sub-applications as an example, which does not mean that the protection scope of the technical solution of the present application is limited to this. The number of sub-applications is not limited in this application. In this application, the main application is used to manage all sub-applications and provide common functional modules such as unified login authentication, authentication, menu display, etc.; sub-applications only need to focus on module function development to avoid redundant development. Specifically, when a user logs in to the main application of the system, he only needs to perform permission processing once in the main application. Every time he accesses or performs an operation, the permissions will be verified according to the preset role permissions, achieving unified management and making it more convenient. To realize the access and detachment of sub-applications.

The technical solution of the present application and how the technical solution of the present application solves the above technical problems will be described in detail below with specific embodiments. The following specific embodiments can be combined with each other, and the same or similar concepts or processes may not be described again in some embodiments. The embodiments of the present application will be described below with reference to the accompanying drawings.

Figure 2 is a schematic flowchart of an access processing method provided by an embodiment of the present application. This method can be executed by an access processing device, which can be a server or an electronic device. The electronic device is used as an example for description below. The method in this embodiment can be implemented by software, hardware, or a combination of software and hardware. , as shown in Figure 2, the method includes the following steps.

S210. When the user successfully logs in to the main application, receive the user's button operation instruction for the button, and determine the sub-application to which the button belongs.

In this application, the micro front-end system includes a main application and multiple sub-applications. The main application can be understood as the basic project among the many applications of the micro front-end architecture, used to provide unified authentication and authentication and other functional services for the entire system. The rest of the applications are registered in the main application, and in this main application you can decide which sub-application to activate based on the link address. That is, the main application can provide overall control functions. Applications other than the main application are called sub-applications. Sub-applications can be activated or destroyed according to the logic of the main application and can provide specific business functions.

Specifically, if the user wants to access the micro front-end system, he needs to send an access request to the micro front-end system. Optionally, if they have access rights, the micro front-end system allows users to log in to the main application of the micro front-end system and operate the sub-applications. Specifically, access requests include login requests and operation requests. In this application, the main application includes a preset authentication module for authenticating login requests received by the micro front-end system. Specifically, the authentication module parses the login request, authenticates the user's login permission based on the obtained login information, and determines whether the user has the permission to log in to the current micro front-end system. Optionally, if the user passes the above login permission authentication, it means that the user has the permission to log in to the micro front-end system. In other words, the current user can be allowed to log in to the main application of the micro front-end system and view the main page corresponding to the main application. On the contrary, if the user fails to pass the above login permission authentication, it means that the user does not have the permission to log in to the micro front-end system; at this time, a login prompt message that does not have the login permission can be displayed to the user.

Optionally, when the user has the permission to log in to the main application, the main application that controls the micro front-end responds to the user's login request, that is, the user successfully logs in to the main application; and, displays the various information in the micro front-end system to the user on the main page of the main application. The menu list of sub-applications allows users to operate the sub-applications they want to access based on the menu list. Specifically, the user can operate a button in the sub-application to be accessed, and then the main application receives a button operation instruction generated based on the operation of the button, and determines the operated button based on the button information contained in the button operation instruction. The sub-application that the button belongs to.

S220: Determine the user's role information based on the user's login information, and determine the user's corresponding button permission information based on the role information, sub-applications and main applications.

In this application, corresponding role information is preset for each user in the database of the main application, so that each user has the operating authority of this role to the menus and buttons of each sub-application in the micro front-end system. The above settings facilitate access to Users of the micro front-end system are managed, which improves the security of system access.

Specifically, the user login information contains the user account. Based on the user account, the role corresponding to the user account is searched in the preset role table, so as to determine the role information corresponding to the user based on the search results, and then the user operation can be determined based on the role information. The button permission information corresponding to the button.

It should be noted that since the button permission information used to authenticate whether the user has the operation permission of the button is stored in the main application and the sub-application corresponding to the button, it is necessary to obtain the information from the main application and the sub-application to which the button belongs during authentication. Obtain button permission information separately in the application. Specifically, on the basis of determining the sub-application to which the button operated by the user belongs, the button permission information corresponding to the user's role information is read from the configuration file of the sub-application and the database of the main application respectively.

Optionally, if the button permission information obtained in the two applications is consistent, it means that the above button permission information has been tampered with, and the authentication process can continue; otherwise, if the information obtained is inconsistent, it means that the above The button permission information stored in any application may have been tampered with. In this case, the accuracy of the authentication result cannot be guaranteed if any button permission information is used for authentication. Therefore, in this case, it can be controlled that any user is not allowed to Access this button to ensure security when the system is accessed.

Based on the above implementation, in order to access the sub-application in the micro front-end system, the sub-application needs to be registered in the main application first, and during the registration process, the button permission information of the user authentication process is stored in the sub-application respectively. application and the main application.

Optionally, in this application, for any button of any sub-application, the button permission information of each role information for the button is obtained in advance, and the button permission information is synchronized to the main application for storage.

Specifically, before the sub-application is registered in the main application, the button permission information corresponding to each role will be assigned to each button in the sub-application in advance, and the permission information of each button will be stored in the current sub-application as an enumeration value of the button key-value pair. in the corresponding configuration file. Further, when the current sub-application is registered to the main application, the button permission information corresponding to each button stored in the sub-application will be synchronously configured into the configuration file pre-generated by the main application for the current sub-application.

Optionally, when the main application receives a registration request from a sub-application, it will register the sub-application information to be registered in the main application according to the AppRouter attribute rules. Specifically, the system resources that the sub-application relies on during the subsequent display process need to be dynamically loaded in the main application, and the button permission information corresponding to each of the above buttons needs to be synchronously stored in the database of the main application.

S230. If the main application determines that the user has the operation permission of the button based on the button operation instruction and the button permission information, the sub-application is controlled to respond to the button operation request.

In the embodiment of the present application, after obtaining the button operation instruction, the main application performs authentication processing on the user's operation request based on the button operation instruction, that is, it verifies whether the user has the operation authority for the button. The specific authentication process may be to compare the button information contained in the button operation instruction with the button information of each role stored in the button permission information. Based on the successful comparison, determine the role corresponding to the role button information. Permission information. Optionally, if the role permission information indicates that the user does not have the operation permission, a prompt message indicating that the user does not have the operation permission is displayed to the user; conversely, if the role permission information indicates that the user has the operation permission, it means that the user has the operation permission for the button. Further, , you can control the sub-application to respond to button operation requests.

In the above technical solution, when the user passes the login authentication of the micro front end, the user's operation on the button in the sub-application is received, and the operation instructions generated based on the operation, as well as the button permissions determined from the sub-application and the main application Information, in the main application, verify whether the user's corresponding role has the permission to operate the button. When it is determined that the user has the operation permission of the button, the sub-application is controlled to respond to the button operation request; by performing unified authentication in the main application, it can solve the problem that in the existing technology, individual authentication of each sub-application in the micro front-end system is prone to authentication confusion, resulting in authentication confusion. It solves the problem of reduced rights security and realizes the unified management of sub-applications by the micro-front-end system to facilitate the access and withdrawal of sub-applications in the system. The method of determining permission information based on two applications also improves the accuracy of authentication results. and security.

Figure 3 is a schematic flowchart of another access processing method provided by an embodiment of the present application. This embodiment can be understood as a concrete introduction to the steps mentioned in the method introduced in the above embodiment. Referring to Figure 3, the method may specifically include:

S310. When the user successfully logs in to the main application, receive the user's button operation instruction for the button, and determine the sub-application to which the button belongs.

Specifically, for understanding and examples of technical means, technical effects, and technical terms in step S310, please refer to the explanation of step S210 in the above embodiment.

Based on the above implementation, in this embodiment, the steps determined in step S310 may specifically include:

S311. Receive the login information input by the user, and authenticate the user's login permission for the main application based on the login information. If the user fails to pass the login authority authentication, step S312 is executed; otherwise, if the user passes the login authority authentication, step S313 is executed.

In this embodiment of the present application, the login information input by the user may be the user account and user password information input by the user. Specifically, the authentication module of the main application matches the user account and user password information entered by the user in the account data table that pre-stores the user registration information based on the received authentication information, and determines whether the user can pass the login authority authentication based on the matching result. .

S312. Display the authentication prompt information indicating that the user does not have login permission to the user.

S313. Control the main application to respond to the login information and display the main page of the main application to the user; the main page includes menus corresponding to each sub-application.

Optionally, first match the user account. If the user account does not exist in the account data table, it means that the user has not been pre-registered in the micro front-end system, that is, he does not have login permission to the micro front-end system. Specifically, a prompt message indicating that the user does not have login permission can be displayed to the user. On the basis of the above, the login prompt information of "pre-register before logging in" can also be displayed to the user, so that the user can obtain the login permission more quickly and improve the user experience. On the contrary, if the user account exists in the account data table, it means that the user is a legal user who has been registered in the micro front-end system in advance. Further, obtain the user password information corresponding to the user account in the account data table; optionally, if the user password information is inconsistent with the user password information entered by the user, it means that the user has passed the login authority authentication. Specifically, A prompt message indicating failed login permission authentication can be displayed to the user. On the basis of the above, the login prompt information "Please enter the correct password to log in" can also be displayed to the user, so that the user can obtain the login permission more quickly and improve the user experience. On the contrary, if the user password information is consistent with the user password information input by the user, it is determined that the user has passed the login authority authentication. Specifically, the main application is controlled to respond to the user's login information and display the main page of the main application to the user. The main page includes a menu corresponding to each sub-application, so that the user can operate buttons in the sub-application based on the displayed menu.

S314. Receive the user's operation instruction for any menu on the main page. If it is determined based on the role information that the user has the operation authority for the current menu, display the current menu to the user.

In this embodiment of the present application, the user's operation instruction for the menu is received, and the menu information contained in the operation instruction is determined. Then, it is determined based on the menu information and the preset menu permission information of each role on the menu whether the role corresponding to the user has the operation permission on the menu. Optionally, if the user does not have the operation permission, a prompt message that the user does not have the operation permission will be prompted; conversely, if the user has the operation permission, the menu will be displayed to the user, and the user will be able to make adjustments based on each button displayed in the menu. Application operations.

S315. Receive the user's button operation instruction for any button in the current menu, and determine the sub-application to which the button belongs based on the button operation instruction.

In this embodiment of the present application, the user can operate the button in the menu corresponding to the sub-application to be accessed, and then the main application receives the button operation instruction generated based on the operation of the button, and performs the operation according to the button operation instruction. The button information determines the sub-application to which the operated button belongs.

S320: Determine the user's role information based on the user's login information, and determine the user's corresponding button permission information based on the role information, sub-applications and main applications.

Specifically, for understanding and examples of technical means, technical effects, and technical terms in step S320, please refer to the explanation of step S220 in the above embodiment.

Based on the above implementation, in this embodiment, step S320 may specifically include:

S321. Determine the user's role information based on the user's login information.

S322. Read the first button permission information corresponding to the user role information in the sub-application, and read the second button permission information corresponding to the user role information in the main application.

In this application, the main application is also pre-set with an authentication module for authenticating the user's operation instructions to determine whether the user has the operation authority for the button.

Specifically, the first button permission information stored in the main application can be read through store communication, and the second button permission information can be read in the sub-application to which the button belongs, and the first button permission information and the second button permission information can be read at the same time. Transmitted to the above-mentioned authentication module, so that the authentication module can perform authentication processing.

S323. Determine the button permission information corresponding to the user based on the information comparison result of the first button permission information and the second button permission information.

In the embodiment of the present application, after the authentication module reads the first button permission information and the second button permission information, the two button permission information are compared, and then based on the comparison result, it is determined that the user's corresponding role is suitable for the The button permission information corresponding to the button.

Optionally, the method for determining the button permission information corresponding to the user in the embodiment of the present application may include: if the comparison results of the first button permission information and the second button permission information are consistent, then converting the first button permission information or the second button permission information into The permission information is determined to be the button permission information corresponding to the user; if the comparison results of the first button permission information and the second button permission information are inconsistent, the button permission information corresponding to the user is empty.

Specifically, inconsistent comparison results indicate that the button permission information stored in any of the above applications may have been tampered with. In this case, if any button permission information is used for authentication processing, the accuracy of the authentication result cannot be guaranteed. Therefore, set the button permission information to a null value, so that no one has the operation permission for the button, that is, no user is allowed to access the button to ensure the security of the system when it is accessed.

S330. If the main application determines that the user has the operation permission of the button based on the button operation instruction and the button permission information, the sub-application is controlled to respond to the button operation request.

Specifically, for understanding and examples of technical means, technical effects, and technical terms in step S330, please refer to the explanation of step S230 in the above embodiment.

In the above technical solution, when the user passes the login authentication of the micro front end, the user's operation on the button in the sub-application is received, and the operation instructions generated based on the operation are transmitted to the preset authentication module of the main application; And the button permission information determined from the sub-application and the main application is also transmitted to the above-mentioned authentication module, and then in the authentication module, it is verified whether the user's corresponding role has the operation permission for the button; when it is determined that the user has The operation authority of the button controls the sub-application to respond to the button operation request; by performing unified authentication in the main application, it can solve the problem that in the existing technology, individual authentication of each sub-application in the micro front-end system is prone to authentication confusion, resulting in reduced authentication security. solve the problem, realize the unified management of sub-applications by the micro front-end system, facilitate the access and extraction of sub-applications in the system, and the method of determining permission information based on the two applications also improves the accuracy and security of the authentication results.

Based on the above implementation scheme, the authentication module in the main application of the micro front-end system of this application will also monitor page changes. Optional, if there is no operation on the currently displayed page for a long time, when the user clicks refresh, the authentication module will re-login the user and display the page again after the authentication is passed; optional, if the authentication fails, The request interface will receive a specific code in the request interceptor, and the authentication module will display related prompts such as login failure, which can further improve the security of the system when it is accessed.

Figure 4 is a schematic flowchart of another access processing method provided by an embodiment of the present application. This embodiment can be understood as an expanded embodiment of the steps not mentioned in the method introduced in the above embodiment. Refer to Figure 4. The method may specifically include:

S410. When the user successfully logs in to the main application, receive the user's button operation instruction for the button, and determine the sub-application to which the button belongs.

Specifically, for understanding and examples of technical means, technical effects, and technical terms in step S410, please refer to the explanations of step S210 and steps S311-S315 in the above embodiment.

S420: Determine the user's role information based on the user's login information, and determine the user's corresponding button permission information based on the role information, sub-applications and main applications.

Specifically, for understanding and examples of technical means, technical effects, and technical terms in step S420, please refer to the explanations of step S220 and steps S321-S322 in the above embodiment.

S430. If the main application determines that the user has the operation permission of the button based on the button operation instruction and the button permission information, the sub-application is controlled to respond to the button operation request.

Specifically, for understanding and examples of technical means, technical effects, and technical terms in step S330, please refer to the explanation of step S230 in the above embodiment.

S440. When the user's adjustment instruction for the current menu is monitored, the adjustment instruction is parsed to obtain the adjusted target menu address.

S450. Determine whether the target menu address is in the preset address whitelist.

S450. If the target menu address is in the preset address whitelist, perform step S460; otherwise, if the target menu address is not in the preset address whitelist, perform step S470.

S460. Directly display the target menu corresponding to the target menu address.

S470: Authenticate whether the user has the operating authority for the menu corresponding to the target menu address based on the role information.

In the embodiment of the present application, by monitoring the current menu, when it is found that the menu address changes, the menu address is further authenticated and authenticated. The menu adjustment instructions may include but are not limited to the operation of the user clicking to refresh the page or the operation of re-entering a new address in the address bar. Specifically, when the adjustment instruction is obtained, the adjustment instruction is parsed to obtain the adjusted target menu address, that is, the URL (Uniform Resource Locator, Uniform Resource Locator). Furthermore, the target menu address is matched in a preset address whitelist; optionally, if the target menu address exists in the address whitelist, it means that the user accessing the target menu address does not need to undergo authentication processing. , that is, anyone has access rights to this menu address. Optionally, if the target menu address does not exist in the address whitelist, it means that when the user accesses the target menu address, the user needs to be authenticated according to the user's corresponding role to determine whether the user has the authority to access the address. The permission to operate the target menu corresponding to the target menu address.

In this application, the default address whitelist is generated based on the menu addresses corresponding to the menus in the sub-application that can be accessed by any user when the sub-application is registered to the main application. Specifically, during the registration process, the address routes corresponding to each menu address are added to the preset whitelist of the routing interface so that they can be automatically skipped during subsequent authentication. It should be noted that address routes need to be added in the form of nested routes when registering, so that the main application can successfully automatically authenticate when it subsequently switches menus. specific. The nested routing method can apply prefixes to each route, and use layer-by-layer recursion to obtain the form {url1:{id,name,children:[{btn1},{btn2},..]}...} Mapping object.

Figure 5 is a schematic structural diagram of an access processing device provided by this application. Referring to Figure 5, the device includes: a button operation instruction receiving module 510, a button authority information acquisition module 520, and an operation authority authentication module 530; wherein,

The button operation instruction receiving module 510 is used to receive the user's button operation instruction for the button when the user successfully logs in to the main application, and determine the sub-application to which the button belongs;

The button permission information acquisition module 520 is used to determine the user's role information based on the user's login information, and determine the user's corresponding button permission information based on the role information, sub-applications and main applications;

The operation permission authentication module 530 is used to control the sub-application to respond to the button operation request if the main application determines that the user has the button operation permission based on the button operation instruction and the button permission information.

Optionally, the device also includes:

The login permission authentication module is used to receive the login information input by the user and authenticate the user's login permission for the main application based on the login information;

The prompt information display module is used to display the authentication prompt information to the user who does not have the login authority if the user fails to pass the login authority authentication;

The main page display module is used to control the main application to respond to the login information if the user passes the login permission authentication, and displays the main page of the main application to the user; the main page contains menus corresponding to each sub-application.

Optionally, the button operation instruction receiving module 510 includes:

The menu display unit is used to receive the user's operation instructions for any menu on the main page. If it is determined based on the role information that the user has the operation permission for the current menu, the current menu is displayed to the user; the current menu contains multiple buttons;

The button operation instruction receiving unit is configured to receive the user's button operation instruction for any button in the current menu, and determine the sub-application to which the button belongs based on the button operation instruction.

Optional, button permission information acquisition module 520 includes:

The role button information acquisition unit is used to read the first button permission information corresponding to the user role information in the sub-application, and to read the second button permission information corresponding to the user role information in the main application;

The button authority information determining unit is configured to determine the button authority information corresponding to the user based on the information comparison result of the first button authority information and the second button authority information.

Optional, button permission information determination unit includes:

The first button permission information determination subunit is used to determine the first button permission information or the second button permission information as the button permission information corresponding to the user if the comparison results of the first button permission information and the second button permission information are consistent. ;

The second button authority information determination subunit is used to determine that the button authority information corresponding to the user is empty if the comparison results of the first button authority information and the second button authority information are inconsistent.

Optionally, the device also includes:

The target menu address acquisition module is used to parse the adjustment instructions and obtain the adjusted target menu address when monitoring the user's adjustment instructions for the current menu;

The target menu display unit is used to directly display the target menu corresponding to the target menu address if the target menu address is in the preset address whitelist;

The operation authority authentication unit is used to authenticate whether the user has the operation authority for the menu corresponding to the target menu address based on the role information if the target menu address is not in the preset address whitelist.

Optionally, the device also includes:

The button permission information storage module is used to obtain the button permission information of each role information for any button of any sub-application in advance, and synchronize the button permission information to the main application for storage.

FIG. 6 is a schematic structural diagram of an electronic device provided by an embodiment of the present application. As shown in Figure 6, the electronic device of this embodiment may include:

at least one processor 601; and

A memory 602 communicatively connected to at least one processor;

The memory 602 stores instructions that can be executed by at least one processor 601, and the instructions are executed by at least one processor 601, so that the server performs the method as in any of the above embodiments.

Optionally, the memory 602 can be independent or integrated with the processor 601 .

The implementation principles and technical effects of the electronic device provided by this embodiment can be referred to the foregoing embodiments, and will not be described again here.

Embodiments of the present application also provide a computer-readable storage medium. Computer-executable instructions are stored in the computer-readable storage medium. When the processor executes the computer-executed instructions, the method of any of the foregoing embodiments is implemented.

An embodiment of the present application also provides a computer program product, including a computer program, which implements the method of any of the foregoing embodiments when executed by a processor.

In the several embodiments provided in this application, it should be understood that the disclosed devices and methods can be implemented in other ways. For example, the device embodiments described above are only illustrative. For example, the division of modules is only a logical function division. In actual implementation, there may be other division methods. For example, multiple modules may be combined or integrated into another unit. A system, or some features can be ignored, or not implemented.

The above integrated modules implemented in the form of software function modules can be stored in a computer-readable storage medium. The above-mentioned software function module is stored in a storage medium and includes a number of instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) or processor to execute some steps of the methods of various embodiments of the present application.

It should be understood that the above-mentioned processor may be a central processing unit (Central Processing Unit, referred to as CPU), or other general-purpose processor, digital signal processor (Digital Signal Processor, referred to as DSP), or application specific integrated circuit (Application Specific Integrated Circuit, ASIC for short), etc. A general-purpose processor may be a microprocessor or the processor may be any conventional processor, etc. The steps of the method disclosed in the application can be directly implemented by a hardware processor, or executed by a combination of hardware and software modules in the processor. The memory may include high-speed RAM memory, and may also include non-volatile storage NVM, such as at least one disk memory, which may also be a USB flash drive, a mobile hard disk, a read-only memory, a magnetic disk, or an optical disk.

The above storage media can be implemented by any type of volatile or non-volatile storage device or their combination, such as static random access memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable Except programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic disk or optical disk. Storage media can be any available media that can be accessed by a general purpose or special purpose computer.

An exemplary storage medium is coupled to the processor such that the processor can read information from the storage medium and write information to the storage medium. Of course, the storage medium can also be an integral part of the processor. The processor and storage medium may be located in Application Specific Integrated Circuits (ASIC). Of course, the processor and the storage medium can also exist as discrete components in the server or main control device.

Figure 7 is a block diagram of an electronic device provided by an embodiment of the present application. The electronic device may be a mobile phone, a computer, a digital broadcast terminal, a messaging device, a game console, a tablet device, a medical device, a fitness device, or a personal digital assistant. wait. Referring to FIG. 7 , the electronic device may be device 800 . Specifically, the device 800 may include one or more of the following components: a processing component 802, a memory 804, a power supply component 806, a multimedia component 808, an audio component 810, an input/output (I/O) interface 812, a sensor component 814, and communications. Component 816.

Processing component 802 generally controls the overall operations of device 800, such as operations associated with display, phone calls, data communications, camera operations, and recording operations. The processing component 802 may include one or more processors 820 to execute instructions to complete all or part of the steps of the above method. Additionally, processing component 802 may include one or more modules that facilitate interaction between processing component 802 and other components. For example, processing component 802 may include a multimedia module to facilitate interaction between multimedia component 808 and processing component 802.

Memory 804 is configured to store various types of data to support operations at device 800 . Examples of such data include instructions for any application or method operating on device 800, contact data, phonebook data, messages, pictures, videos, etc. Memory 804 may be implemented by any type of volatile or non-volatile storage device, or a combination thereof, such as static random access memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EEPROM), Programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disk.

Power supply component 806 provides power to the various components of device 800. Power supply components 806 may include a power management system, one or more power supplies, and other components associated with generating, managing, and distributing power to device 800 .

Multimedia component 808 includes a screen that provides an output interface between device 800 and the user. In some embodiments, the screen may include a liquid crystal display (LCD) and a touch panel (TP). If the screen includes a touch panel, the screen may be implemented as a touch screen to receive input signals from the user. The touch panel includes one or more touch sensors to sense touches, swipes, and gestures on the touch panel. A touch sensor can not only sense the boundaries of a touch or swipe action, but also detect the duration and pressure associated with the touch or swipe action. In some embodiments, multimedia component 808 includes a front-facing camera and/or a rear-facing camera. When the device 800 is in an operating mode, such as a shooting mode or a video mode, the front camera and/or the rear camera may receive external multimedia data. Each front-facing camera and rear-facing camera can be a fixed optical lens system or have a focal length and optical zoom capabilities.

Audio component 810 is configured to output and/or input audio signals. For example, audio component 810 includes a microphone (MIC) configured to receive external audio signals when device 800 is in operating modes, such as call mode, recording mode, and speech recognition mode. The received audio signal may be further stored in memory 804 or sent via communication component 816 . In some embodiments, audio component 810 also includes a speaker for outputting audio signals.

The I/O interface 812 provides an interface between the processing component 802 and a peripheral interface module, which may be a keyboard, a click wheel, a button, etc. These buttons may include, but are not limited to: Home button, Volume buttons, Start button, and Lock button.

Sensor component 814 includes one or more sensors for providing various aspects of status to device 800 . For example, the sensor component 814 can detect the open/closed state of the device 800, the relative positioning of components, such as the display and keypad of the device 800, the sensor component 814 can also detect the position change of the device 800 or a component of the device 800, the user The presence or absence of contact with device 800 , device 800 orientation or acceleration/deceleration and temperature changes of device 800 . Sensor assembly 814 may include a proximity sensor configured to detect the presence of nearby objects without any physical contact. Sensor assembly 814 may also include a light sensor, such as a CMOS or CCD image sensor, for use in imaging applications. In some embodiments, the sensor component 814 may also include an acceleration sensor, a gyroscope sensor, a magnetic sensor, a pressure sensor, or a temperature sensor.

Communication component 816 is configured to facilitate wired or wireless communication between apparatus 800 and other devices. Device 800 may access a wireless network based on a communication standard, such as WiFi, 2G or 3G, or a combination thereof. In one exemplary embodiment, the communication component 816 receives broadcast signals or broadcast related information from an external broadcast management system via a broadcast channel. In one exemplary embodiment, communications component 816 also includes a near field communications (NFC) module to facilitate short-range communications. For example, the NFC module can be implemented based on radio frequency identification (RFID) technology, infrared data association (IrDA) technology, ultra-wideband (UWB) technology, Bluetooth (BT) technology and other technologies.

In an exemplary embodiment, apparatus 800 may be configured by one or more application specific integrated circuits (ASICs), digital signal processors (DSPs), digital signal processing devices (DSPDs), programmable logic devices (PLDs), field programmable Gate array (FPGA), controller, microcontroller, microprocessor or other electronic components are implemented for executing the above method.

In an exemplary embodiment, a non-transitory computer-readable storage medium including instructions, such as a memory 804 including instructions, which are executable by the processor 820 of the apparatus 800 to complete the above method is also provided. For example, non-transitory computer-readable storage media may be ROM, random access memory (RAM), CD-ROM, magnetic tape, floppy disk, optical data storage device, etc.

A non-transitory computer-readable storage medium, when instructions in the storage medium are executed by a processor of an electronic device, enable the electronic device to perform the method of the above-mentioned electronic device.

Other embodiments of the present application will be readily apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of this application that follow the general principles of this application and include common knowledge or customary technical means in the technical field that are not disclosed in this application. . It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the application being indicated by the following claims.

It is to be understood that the present application is not limited to the precise structures described above and illustrated in the accompanying drawings, and that various modifications and changes may be made without departing from the scope thereof. The scope of the application is limited only by the appended claims.

Claims (8)

1. An access processing method, characterized in that it is applied to a micro front-end system, the micro front-end system includes a main application and a plurality of sub-applications, and the method includes: When the user successfully logs in to the main application, receive the user's button operation instruction for the button, and determine the sub-application to which the button belongs; Determine the role information of the user based on the user's login information; Read the first button permission information corresponding to the user role information in the sub-application, and read the second button permission information corresponding to the user role information in the main application; If the comparison results of the first button permission information and the second button permission information are consistent, then the first button permission information or the second button permission information is determined as the button permission information corresponding to the user; If the comparison results of the first button permission information and the second button permission information are inconsistent, then the button permission information corresponding to the user is empty; If the main application determines that the user has the operation authority for the button based on the button operation instruction and the button authority information, the sub-application is controlled to respond to the button operation request. 2. The method according to claim 1, characterized in that, before receiving the user's button operation instruction for the button, it further includes: Receive the login information input by the user, and authenticate the user's login permission for the main application based on the login information; If the user fails to pass the login authority authentication, then the authentication prompt information indicating that the user does not have login authority is displayed to the user; If the user passes the login authority authentication, the main application is controlled to respond to the login information, and the main page of the main application is displayed to the user; the main page includes corresponding sub-applications. menu. 3. The method according to claim 2, wherein receiving the user's button operation instruction for a button and determining the sub-application to which the button belongs includes: Receive the user's operation instruction for any menu on the main page, and if it is determined based on the role information that the user has the operation authority for the current menu, then display the current menu to the user; the current menu Contains multiple buttons; Receive a button operation instruction from the user for any button in the current menu, and determine the sub-application to which the button belongs based on the button operation instruction. 4. The method according to claim 3, characterized in that the method further includes: When monitoring the user's adjustment instruction for the current menu, parse the adjustment instruction to obtain the adjusted target menu address; If the target menu address is in the preset address whitelist, the target menu corresponding to the target menu address is directly displayed; If the target menu address is not in the preset address whitelist, authentication processing is performed based on the role information to determine whether the user has the operating authority to operate the menu corresponding to the target menu address. 5. The method according to claim 1, characterized in that, the method further comprises: For any button of any sub-application, the button permission information of each role information for the button is obtained in advance, and the button permission information is synchronized to the main application for storage. 6. An access processing device, characterized in that it is applied to a micro front-end system. The micro front-end system includes a main application and a plurality of sub-applications. The device includes: A button operation instruction receiving module, configured to receive the user's button operation instruction for a button when the user successfully logs in to the main application, and determine the sub-application to which the button belongs; A button permission information acquisition module, configured to determine the role information of the user based on the user's login information, and determine the button permission information corresponding to the user based on the role information, the sub-application and the main application; An operation permission authentication module, configured to control the sub-application to respond to the button operation request if the main application determines that the user has the operation permission for the button based on the button operation instruction and the button permission information. ; The button permission information acquisition module is specifically configured to read the first button permission information corresponding to the user role information in the sub-application, and read the first button permission information corresponding to the user role information in the main application. second button permission information; if the comparison results of the first button permission information and the second button permission information are consistent, determine the first button permission information or the second button permission information to be the user Corresponding button permission information; if the comparison results of the first button permission information and the second button permission information are inconsistent, the button permission information corresponding to the user is empty. 7. An electronic device, characterized by comprising: a processor, and a memory communicatively connected to the processor; The memory stores computer execution instructions; The processor executes computer execution instructions stored in the memory to implement the access processing method according to any one of claims 1 to 5. 8. A computer-readable storage medium, characterized in that computer-executable instructions are stored in the computer-readable storage medium, and when executed by a processor, the computer-executable instructions are used to implement any one of claims 1 to 5. The access processing method described.