What verification does general design api, need to do?

what interface verification does the general corporate business api need to do

Php
Mar.05,2021

two main aspects, authentication and access control, see ide/introduction.html" rel=" nofollow noreferrer "> iam ,

of each aws.
  • Authentication

mainly verifies whether you are your problem. It is generally verified by user name and password, or by (accesskey/accessSecret). The former is used by end users, and the latter is used by the interface of the open platform. The user name / password mode is generally exchanged for token.

after login.
  • access control

access control is mainly to determine whether you have the permission to do this operation. For example, when you are in a group, when you want to dissolve the group, you will judge whether you have this permission, otherwise refuse the operation.

  • other security mechanisms

other security mechanisms belong to general security mechanisms, such as flow control (how often can only be accessed a certain number of times), which mainly prevent attacks. request response packet capitalization limit, mainly prevent some illegal operations.


add token, limit IP, our project does this (front and rear separation)


token state

MySQL Query : SELECT * FROM `codeshelper`.`v9_news` WHERE status=99 AND catid='6' ORDER BY rand() LIMIT 5
MySQL Error : Disk full (/tmp/#sql-temptable-64f5-1b36545-2bfe9.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
MySQL Errno : 1021
Message : Disk full (/tmp/#sql-temptable-64f5-1b36545-2bfe9.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
Need Help?