CN116663066A - Data access method, device and storage medium - Google Patents

Abstract

The application discloses a data access method, equipment and a storage medium, wherein the method performs data access in the form of an authentication token, so that the problem of unsafe data access existing in off-line borrowing can be relieved, meanwhile, the concept of a storage space is introduced into a document library management system, and the isolation between data in different storage spaces can be further realized on the basis of relieving the problem of unsafe data access, so that when the document library management system is applied to a project research and development part, research and development data of different teams can be respectively stored in different storage spaces in the document library management system, and the data access in the storage spaces can be limited by different research and development staff in the form of the authentication token, so that the relevance of the content between departments and teams can be greatly reduced, the similarity of the data content in the space can be improved, and the safety of the data access can be improved.

Description

Data access method, device and storage medium

technical field

The present application relates to the computer field, in particular to a data access method, device and storage medium.

Background technique

The project research and development department that conducts research and development on the project often includes multiple research and development teams. Different research and development teams are responsible for different parts of the research and development project. Each research and development team usually includes multiple research and development personnel. During the process of participating in project development, these research and development personnel, A lot of data related to the project will be generated, and the R&D personnel will share the data through mutual borrowing offline. This data sharing method has the problem of insecurity.

The above statements are provided merely to provide background information related to the present application and do not necessarily constitute prior art.

Contents of the invention

In view of the above-mentioned problems, the embodiments of the present application provide a data access method, device, and storage medium, which can alleviate the problem of insecurity existing in sharing data between R&D personnel through mutual borrowing offline.

In a first aspect, the present application provides a data access method, including:

In response to the user's access operation to the first storage space in the document library management system, if it is detected that the user has access rights to the first storage space, a first authentication token is generated, and the first The authentication token is used to indicate that the user has access to the first storage space;

The first storage space is accessed by using the first authentication token.

In the solution provided by this embodiment, data access is performed in units of storage space in the document library management system, and at the same time, when data access is performed on the first storage space, a first authentication token is generated, and the first authentication token is used to access first storage space. Data access in the form of authentication tokens can alleviate the problem of insecure data access in offline borrowing. At the same time, by introducing the concept of storage space in the document library management system, it can alleviate the above-mentioned insecure data access problems. , to further realize the isolation of data in different storage spaces, so that when the document library management system is applied to the project research and development part, different storage spaces in the document library management system can be used to store the R&D data of different teams respectively, and pass the certification The form of tokens restricts different R&D personnel from accessing the data in the storage space, which can greatly reduce the relevance of content between departments and teams, improve the similarity of data content in the space, and improve the security of data access.

In some embodiments, using the first authentication token to access the first storage space includes:

In response to no detection of the user's access operation to the first storage space within the validity period of the token, mark the first authentication token as an invalid token.

In the solution provided by this embodiment, the user's access operation to the first storage space within the validity period of the token is used to determine whether to mark the first authentication token as an invalid token, which can reduce the time when the user does not access the first storage space for a long time. Occupancy of storage space by the first authentication token.

In some embodiments, using the first authentication token to access the first storage space includes:

In response to detecting the user's operation on the first storage space within the monitoring period, extending the token validity period of the first authentication token, the monitoring period is the difference between the token validity period and the first The duration difference between the generated duration of the authentication token.

In the solution provided by this embodiment, when the generated duration of the first authentication token is about to be equal to the valid duration of the token, if the user's access operation to the first storage space can still be detected, the valid duration of the token is extended In this way, when the user is accessing the first storage space, the failure of the first authentication token leads to interruption of the user's access to the first storage space, thereby improving user experience.

In some embodiments, using the first authentication token to access the first storage space includes:

In response to detecting the user's data access operation on the target data in the first storage space, acquiring a currently valid token corresponding to the user;

If the currently valid token is the first authentication token, the target data is processed based on the data access operation.

In the solution provided by this embodiment, for each access of the user to the first storage space, the first authentication token is used to authenticate the user, which can further improve the security of data access.

In some embodiments, the method also includes:

In case the first authentication token is generated, in response to detecting that the user accesses a second storage space in the document library management system, and detecting that the user has access to the second storage space authority, generating a second authentication token, where the second authentication token is used to indicate that the user has access authority to the second storage space;

Overwriting the first authentication token with the second authentication token.

In the solution provided by this embodiment, when the storage space accessed by the user is switched, that is, the access to the first storage space is switched to the second storage space, in order to improve the security of data access, the data generated based on the second storage space will be used The second authentication token covers the first authentication token, so that at the same time, the user can only access one storage space in the document library management system, which not only facilitates the authentication of the user, but also improves the security of data access .

In some embodiments, when it is detected that the user has access authority to the first storage space, the steps include:

If it is detected that the storage space list corresponding to the user includes the first storage space; the storage space list includes all storage spaces to which the user has access rights.

In the solution provided by this embodiment, the user's access right to the first storage space is verified through the storage space list, which is simple and easy to implement.

In some embodiments, the method also includes:

When the first authentication token is generated, store the first authentication token in a cache.

In the solution provided by the embodiment of the present application, storing the first authentication token in the cache can increase the reading and writing speed of the first authentication token, thereby increasing the data access speed.

In a second aspect, the present application provides a data access device, including:

A generating module, configured to generate a first authentication token in response to the user's access operation to the first storage space in the document library management system, when it is detected that the user has access authority to the first storage space , the first authentication token is used to indicate that the user has access to the first storage space;

An access module, configured to use the first authentication token to access the first storage space.

In a third aspect, the present application provides an electronic device, including: a processor and a memory;

The memory is used to store computer programs;

The processor is configured to execute the program stored in the memory to implement the data access method described in the first aspect.

In a fourth aspect, the present application provides a computer-readable storage medium storing a computer program, and implementing the data access method in the first aspect when the computer program is executed by a processor.

The above description is only an overview of the technical solution of the present application. In order to better understand the technical means of the present application, it can be implemented according to the contents of the description, and in order to make the above and other purposes, features and advantages of the present application more obvious and understandable , the following specifically cites the specific implementation manner of the present application.

Description of drawings

Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiment. The drawings are only for the purpose of illustrating the preferred embodiments and are not to be considered as limiting the application. Also throughout the drawings, the same reference numerals are used to designate the same parts.

FIG. 1 is a schematic flowchart of a data access method in some embodiments of the present application;

FIG. 2 is a schematic structural diagram of the front-end architecture of the document library management system in some embodiments of the present application;

FIG. 3 is a schematic structural diagram of the back-end architecture of the document library management system in some embodiments of the present application;

FIG. 4 is a schematic structural diagram of a data access device in some embodiments of the present application;

FIG. 5 is a schematic structural diagram of an electronic device according to some embodiments of the present application;

FIG. 6 is a schematic structural diagram of a computer-readable storage medium according to some embodiments of the present application.

Detailed ways

Embodiments of the technical solutions of the present application will be described in detail below in conjunction with the accompanying drawings. The following examples are only used to illustrate the technical solution of the present application more clearly, and therefore are only examples, rather than limiting the protection scope of the present application.

Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by those skilled in the technical field of the application; the terms used herein are only for the purpose of describing specific embodiments, and are not intended to To limit this application; the terms "comprising" and "having" and any variations thereof in the specification and claims of this application and the description of the above drawings are intended to cover a non-exclusive inclusion.

In the description of the embodiments of the present application, technical terms such as "first" and "second" are only used to distinguish different objects, and should not be understood as indicating or implying relative importance or implicitly indicating the number, specificity, or specificity of the indicated technical features. Sequence or primary-secondary relationship. In the description of the embodiments of the present application, "plurality" means two or more, unless otherwise specifically defined.

The project research and development department that conducts research and development on the project often includes multiple research and development teams. Different research and development teams are responsible for different parts of the research and development project. Each research and development team usually includes multiple research and development personnel. During the process of participating in project development, these research and development personnel, A lot of data related to the project will be generated, and the R&D personnel will share the data through mutual borrowing offline. This data sharing method has the problem of insecurity.

In order to alleviate the problem of insecurity in the data sharing method in the related art, the embodiment of the present application provides a data access method, which performs data access in units of storage space in the document library management system, and simultaneously When the space performs data access, a first authentication token is generated, and the first authentication token is used to access the first storage space. Data access in the form of authentication tokens can alleviate the problem of insecure data access in offline borrowing. At the same time, by introducing the concept of storage space in the document library management system, it can alleviate the above-mentioned insecure data access problems. , to further realize the isolation of data in different storage spaces, so that when the document library management system is applied to the project research and development part, different storage spaces in the document library management system can be used to store the R&D data of different teams respectively, and pass the certification The form of tokens restricts different R&D personnel from accessing the data in the storage space, which can greatly reduce the relevance of content between departments and teams, improve the similarity of data content in the space, and improve the security of data access.

The data access method in the embodiment of the present application can be applied to an electronic device, and the electronic device may include a terminal device or a server. The terminal device may be a mobile terminal such as a mobile phone, a tablet computer, a notebook computer, a palmtop computer, or a PAD (Personal Digital Assistant, personal digital assistant), and a fixed terminal such as a digital TV, a desktop computer, and the like. Servers include but are not limited to cluster servers, cloud servers, etc.

Please refer to Fig. 1, Fig. 1 is a kind of data access method shown in the embodiment of the present application, this method may include the following steps:

101. In response to the user's access operation to the first storage space in the document library management system, if it is detected that the user has access rights to the first storage space, generate a first authentication token, and the first authentication token is used to indicate that the user has access to the first storage space;

102. Use the first authentication token to access the first storage space.

In this embodiment, different storage spaces in the document library management system can store the data of the same project at different R&D stages. The storage space can store R&D data of different R&D teams respectively, for example, the first storage space in the document library management system stores the R&D data of the first R&D team, and the second storage space stores the R&D data of the second R&D team. Through the concept of storage space, the R&D data of different R&D teams can be spatially isolated, thereby reducing the correlation of content between departments and teams and improving the similarity of data content in space.

In this embodiment, the user's access operation to the first storage space includes, but is not limited to, the user's single-click operation, double-click operation, login operation, touch operation, or slide operation on the first storage space.

In this embodiment, by making the first authentication token (token) carry the user information of the user and the identifier of the first storage space, the first authentication token can indicate that the user has access to the first storage space. Of course, the first authentication token may also be bound with the user information and the first storage space, so that the first authentication token indicates that the user has access authority to the first storage space.

In this embodiment, the user information includes, but is not limited to, the user's ID number, a combination of user name + login password, the user's job number, and the like.

In this embodiment, including but not limited to, background staff of the document library management system authenticate the user's access right to the first storage space.

In this embodiment, in order to improve the security of data access, in the process of using the first authentication token to access the first storage space, each time the user accesses the first storage space, the user can be authenticated by the first authentication token. authenticated access rights.

The document library management system in this embodiment includes two parts: a front-end architecture as shown in FIG. 2 and a back-end architecture as shown in FIG. 3 . The front-end architecture of each storage space includes functional module navigation (ie home page), blog module, file module, topic module, personal management module and global search module as shown in Figure 2. It should be understood that although different storage spaces include substantially the same functional modules, the same functional module stores different data in different storage spaces.

in:

Function module navigation includes popular article navigation, tag word cloud navigation, recommended article navigation and shared ranking navigation.

The blog module is used to display published articles in the current space, and users can select classification tags to filter the displayed article data. Click on an article to enter the details of the article, including the article author, title, content, tags associated with the article, number of views, release time, and display of article comments, likes, and favorites.

The file module is used to display the published files in the current space. Unlike the article, the details include the size and format of the file. The file provides download and online preview functions.

The topic module is used to display the articles and files sent to the topic in the current space. The administrators in the space can customize the topic type for users in the current space to post.

The personal management module is used to provide user account settings, content management, historical footprints, and my favorite functions. Account settings: users can modify user information such as nicknames and avatars; content management: users can modify, edit, and delete articles and files published by themselves; historical footprints: view users’ browsing records in the current space; my favorites: view users’ The collection status of the current space;

The global search module uses ElasticSearch's auto-completion search. The search endows the completion prompt function, which can search for matching data in the database and give automatic completion prompts according to the user input content. Hints filter out as much content as possible for users to search for. Auto-completion uses a pinyin word breaker. For example, the title of an article in the database has two words, pingguo and apple. When p is entered, both pingguo and apple will give prompts for users to choose.

As shown in Figure 3, the back-end architecture of the document library management system includes five modules: space management, user management, classification management, content management and topic management. The back-end architecture of the document library management system can be used by administrators.

Among them, the space management is used to manage the space or team where the user belongs to, and to add, delete, modify and check the space and/or team. A user can be moved in and out of a space or team. A system space or team can be added. Carry out overall control over the system space, team and associated personnel.

Among them, user management is used to synchronize company users to system users. Set user roles and permissions.

Among them, classification management is used to manage the first-level classification and second-level classification of the system. Add, delete, modify and check the system classification.

Among them, content management is used to manage articles and files published by users. View all articles or files published under the space according to the space, change the space where the article or file is located, and delete the article or file.

Among them, topic management is used to classify topics and manage articles or files under the categories. Add, delete, modify and check the classification of topics. Query articles or files published under thematic categories, change the space where articles or files are published, and delete articles or files.

In this embodiment, in order to support the front-end architecture and back-end architecture of the above-mentioned document library management system, the following architecture of the document library management system is also given:

The system designs 5 microservices. User service, blog service, search service, collection like comment service, file preview service. Modular development, the operation of the system is achieved by calling each other between services, and it is easy to expand and develop and maintain functional modules. The file preview service uses the open source kkFileView to perform a quick online preview of various types of files.

The RBAC model is used to manage user permissions. Specifically, the RBAC model is used to create a document library role. When a user logs in to the document library management system, multiple authentications are performed on the user based on the document library role, so as to achieve different access effects for different users.

Data storage: mysql stores all information of the system. Redis stores user tokens and user information. Encapsulate articles or files published by users with publishers and spatial information, and store the encapsulated data objects in Elasticsearch for fast and intelligent retrieval.

Articles and file attributes are abstracted, the abstracted objects are encapsulated, and finally persisted into the database for retrieval and analysis.

The space of the department and team is isolated, and the front end will request the backend to issue a token under the current space when the front desk switches spaces, and the space access permission information corresponding to the token token is stored in Redis. Afterwards, the interfaces accessed in the current space must carry this token token to verify the access rights to access the details of pages and articles or file resources. The token will be re-issued every time the space is switched to ensure that the user's token is only valid in the current space and has permission to access the resources in the current space, thus ensuring the isolation of the space. Guarantees the data similarity between each department team.

In the solution provided by this embodiment, data access is performed in units of storage space in the document library management system, and at the same time, when data access is performed on the first storage space, a first authentication token is generated, and the first authentication token is used to access first storage space. Data access in the form of authentication tokens can alleviate the problem of insecure data access in offline borrowing. At the same time, by introducing the concept of storage space in the document library management system, it can alleviate the above-mentioned insecure data access problems. , to further realize the isolation of data in different storage spaces, so that when the document library management system is applied to the project research and development part, different storage spaces in the document library management system can be used to store the R&D data of different teams respectively, and pass the certification The form of tokens restricts different R&D personnel from accessing the data in the storage space, which can greatly reduce the relevance of content between departments and teams, improve the similarity of data content in the space, and improve the security of data access.

In one or more embodiments of the present application, using the first authentication token to access the first storage space includes:

In response to no detection of the user's access operation to the first storage space within the validity period of the token, the first authentication token is marked as an invalid token.

In this embodiment, the first authentication token can be marked as an invalid token by changing the marking state of the first authentication token. For example, by updating the marking state of the first authentication token from a valid state to an invalid state. Of course, it is also possible to mark the first authentication token as an invalid token by deleting the first authentication token.

It should be understood that the first authentication token marked as an invalid token can no longer be used to realize access to the first storage space.

It should be understood that within the valid period of the token, the first authentication token is a valid token, so within the valid period of the token, the user's access to the first storage space can be performed through the first authentication token to the user's access authority. authentication. In the application, the validity period of the token can be considered to be preset based on experience, for example, the validity period of the token is set to 30 minutes.

In the solution provided by this embodiment, the user's access operation to the first storage space within the validity period of the token is used to determine whether to mark the first authentication token as an invalid token, which can reduce the time when the user does not access the first storage space for a long time. Occupancy of storage space by the first authentication token.

The above descriptions of the various embodiments tend to emphasize the differences between the various embodiments, and the same or similar points can be referred to each other, and for the sake of brevity, details are not repeated herein.

In one or more embodiments of the present application, using the first authentication token to access the first storage space includes:

In response to detecting the user's operation on the first storage space within the monitoring period, extend the valid period of the first authentication token, and the monitoring period is the difference between the valid period of the token and the generated period of the first authentication token.

In the application, the extended period of the valid period of the token can be set artificially based on experience or according to actual needs. For example, the extended period of the valid period of the token can be set to 30 minutes.

In the application, the detection duration can be set manually based on experience or according to actual needs. For example, the detection duration can be set to 10 minutes, that is, if the user's operation on the first storage space can still be detected within the last 10 minutes of the valid token , then extend the token validity period of the first authentication token.

In the solution provided by this embodiment, when the generated duration of the first authentication token is about to be equal to the valid duration of the token, if the user's access operation to the first storage space can still be detected, the valid duration of the token is extended In this way, when the user is accessing the first storage space, the failure of the first authentication token leads to interruption of the user's access to the first storage space, thereby improving user experience.

The above descriptions of the various embodiments tend to emphasize the differences between the various embodiments, and the same or similar points can be referred to each other, and for the sake of brevity, details are not repeated herein.

In one or more embodiments of the present application, using the first authentication token to access the first storage space includes:

In response to detecting the user's data access operation on the target data in the first storage space, acquiring a currently valid token corresponding to the user;

In the case that the current valid token is the first authentication token, the target data is processed based on the data access operation.

In the solution provided by this embodiment, for each access of the user to the first storage space, the first authentication token is used to authenticate the user, which can further improve the security of data access.

The above descriptions of the various embodiments tend to emphasize the differences between the various embodiments, and the same or similar points can be referred to each other, and for the sake of brevity, details are not repeated herein.

In one or more embodiments of the present application, the method also includes:

In the case of generating the first authentication token, in response to detecting that the user accesses the second storage space in the document library management system, and detecting that the user has access rights to the second storage space, a second authentication token is generated, and the second authentication token is generated. The second authentication token is used to indicate that the user has access to the second storage space;

Overwriting the first authentication token with the second authentication token.

In the solution provided by this embodiment, when the storage space accessed by the user is switched, that is, the access to the first storage space is switched to the second storage space, in order to improve the security of data access, the data generated based on the second storage space will be used The second authentication token covers the first authentication token, so that at the same time, the user can only access one storage space in the document library management system, which not only facilitates the authentication of the user, but also improves the security of data access .

The above descriptions of the various embodiments tend to emphasize the differences between the various embodiments, and the same or similar points can be referred to each other, and for the sake of brevity, details are not repeated herein.

In one or more embodiments of the present application, when it is detected that the user has access to the first storage space, the steps include:

If it is detected that the storage space list corresponding to the user includes the first storage space; the storage space list includes all storage spaces to which the user has access rights.

It should be understood that the user's user information is carried in the user's access operation to the first storage space, so the user's access right to the first storage space may be authenticated based on the user information in the access operation. Generally, a storage space list is maintained in an electronic device, and the storage space list includes all storage spaces to which a user has access rights. Therefore, when it is determined through query that the storage space list includes the first storage space, it can be determined that the user has access to the first storage space.

In the application, the storage spaces in the storage space list may be generated when the user registers in the document library management system. When a user registers in the document library management system, the background staff of the document library management system can verify and authenticate the storage space to be registered by the user, and after the authentication is passed, add the user registration time to the corresponding storage space list of the user The requested storage space.

In the solution provided by this embodiment, the user's access right to the first storage space is verified through the storage space list, which is simple and easy to implement.

The above descriptions of the various embodiments tend to emphasize the differences between the various embodiments, and the same or similar points can be referred to each other, and for the sake of brevity, details are not repeated herein.

In one or more embodiments of the present application, the method also includes:

When the first authentication token is generated, the first authentication token is stored in the cache.

In the solution provided by the embodiment of the present application, storing the first authentication token in the cache (Redis) can increase the reading and writing speed of the first authentication token, thereby increasing the data access speed.

The above descriptions of the various embodiments tend to emphasize the differences between the various embodiments, and the same or similar points can be referred to each other, and for the sake of brevity, details are not repeated herein.

The embodiment of the present application also provides a data access device, as shown in Figure 4, the device may include:

A generating module 41, configured to generate a first authentication order in response to a user's access operation to the first storage space in the document library management system, when it is detected that the user has access authority to the first storage space A card, the first authentication token is used to indicate that the user has access to the first storage space;

An access module 42, configured to use the first authentication token to access the first storage space.

Optionally, access module 42 is used for:

In response to no detection of the user's access operation to the first storage space within the validity period of the token, mark the first authentication token as an invalid token.

Optionally, access module 42 is used for:

In response to detecting the user's operation on the first storage space within the monitoring period, extending the token validity period of the first authentication token, the monitoring period is the difference between the token validity period and the first The duration difference between the generated duration of the authentication token.

Optionally, access module 42 is used for:

In response to detecting the user's data access operation on the target data in the first storage space, acquiring a currently valid token corresponding to the user;

If the currently valid token is the first authentication token, the target data is processed based on the data access operation.

Optionally, the device is also used for:

In case the first authentication token is generated, in response to detecting that the user accesses a second storage space in the document library management system, and detecting that the user has access to the second storage space authority, generating a second authentication token, where the second authentication token is used to indicate that the user has access authority to the second storage space;

Overwriting the first authentication token with the second authentication token.

Optionally, generating module 41 is used for:

If it is detected that the storage space list corresponding to the user includes the first storage space; the storage space list includes all storage spaces to which the user has access rights.

Optionally, the device is also used for:

When the first authentication token is generated, store the first authentication token in a cache.

The embodiments of the present application also provide an electronic device to execute the above data access method. Please refer to FIG. 5 , which shows a schematic diagram of an electronic device provided by some embodiments of the present application. As shown in Figure 5, the electronic device 5 includes: a processor 500, a memory 501, a bus 502 and a communication interface 503, the processor 500, the communication interface 503 and the memory 501 are connected through the bus 502; A computer program running on the processor 500, when the processor 500 runs the computer program, executes the data access method provided in any one of the foregoing implementation manners of the present application.

Wherein, the memory 501 may include a high-speed random access memory (RAM: Random Access Memory), and may also include a non-volatile memory (non-volatile memory), such as at least one disk memory. The communication connection between the device network element and at least one other network element is realized through at least one communication interface 503 (which may be wired or wireless), and the Internet, wide area network, local network, metropolitan area network, etc. can be used.

The bus 502 may be an ISA bus, a PCI bus, or an EISA bus, etc. The bus can be divided into address bus, data bus, control bus and so on. Wherein, the memory 501 is used to store a program, and the processor 500 executes the program after receiving an execution instruction, and the data access method disclosed in any implementation manner of the foregoing embodiments of the present application can be applied to the processor 500, Or implemented by the processor 500.

The processor 500 may be an integrated circuit chip with signal processing capabilities. In the implementation process, each step of the above method may be implemented by an integrated logic circuit of hardware in the processor 500 or an instruction in the form of software. The above-mentioned processor 500 can be a general-purpose processor, including a central processing unit (Central Processing Unit, referred to as CPU), a network processor (Network Processor, referred to as NP), etc.; it can also be a digital signal processor (DSP), an application-specific integrated circuit (ASIC), off-the-shelf programmable gate array (FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components. Various methods, steps, and logic block diagrams disclosed in the embodiments of the present application may be implemented or executed. A general-purpose processor may be a microprocessor, or the processor may be any conventional processor, or the like. The steps of the method disclosed in connection with the embodiments of the present application may be directly implemented by a hardware decoding processor, or implemented by a combination of hardware and software modules in the decoding processor. The software module can be located in a mature storage medium in the field such as random access memory, flash memory, read-only memory, programmable read-only memory or electrically erasable programmable memory, register. The storage medium is located in the memory 501, and the processor 500 reads the information in the memory 501, and completes the steps of the above method in combination with its hardware.

The electronic device provided in the embodiment of the present application and the data access method provided in the embodiment of the present application are based on the same inventive concept, and have the same beneficial effect as the method adopted, operated or implemented.

The embodiment of the present application also provides a computer-readable storage medium corresponding to the data access method provided in the foregoing embodiment, please refer to FIG. (that is, a program product), when the computer program is run by a processor, it will execute the data access method provided in any of the foregoing implementation manners.

It should be noted that examples of the computer-readable storage medium may also include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random Access memory (RAM), read only memory (ROM), electrically erasable programmable read only memory (EEPROM), flash memory or other optical and magnetic storage media will not be repeated here.

The computer-readable storage medium provided by the above embodiments of the present application is based on the same inventive concept as the data access method provided by the embodiments of the present application, and has the same beneficial effect as the method adopted, run or implemented by the stored application program.

It should be noted:

In the description provided herein, numerous specific details are set forth. However, it is understood that the embodiments of the application may be practiced without these specific details. In some instances, well-known structures and techniques have not been shown in detail in order not to obscure the understanding of this description.

In addition, those skilled in the art will appreciate that although some embodiments described herein include some features included in other embodiments but not others, combinations of features from different embodiments are meant to be within the scope of the present application. and form different embodiments. For example, in the following claims, any of the claimed embodiments may be used in any combination.

The above is only a preferred embodiment of the present application, but the scope of protection of the present application is not limited thereto. Any person familiar with the technical field can easily conceive of changes or changes within the technical scope disclosed in this application Replacement should be covered within the protection scope of this application. Therefore, the protection scope of the present application should be determined by the protection scope of the claims.

Claims (10)

1. A data access method, characterized in that, comprising: In response to the user's access operation to the first storage space in the document library management system, if it is detected that the user has access rights to the first storage space, a first authentication token is generated, and the first The authentication token is used to indicate that the user has access to the first storage space; The first storage space is accessed by using the first authentication token. 2. The method according to claim 1, wherein using the first authentication token to access the first storage space comprises: In response to no detection of the user's access operation to the first storage space within the validity period of the token, mark the first authentication token as an invalid token. 3. The method according to claim 1, wherein using the first authentication token to access the first storage space comprises: In response to detecting the user's operation on the first storage space within the monitoring period, extending the token validity period of the first authentication token, the monitoring period is the difference between the token validity period and the first The duration difference between the generated duration of the authentication token. 4. The method according to any one of claims 1-3, wherein using the first authentication token to access the first storage space comprises: In response to detecting the user's data access operation on the target data in the first storage space, acquiring a currently valid token corresponding to the user; If the currently valid token is the first authentication token, the target data is processed based on the data access operation. 5. The method according to any one of claims 1-3, wherein the method further comprises: In case the first authentication token is generated, in response to detecting that the user accesses a second storage space in the document library management system, and detecting that the user has access to the second storage space authority, generating a second authentication token, where the second authentication token is used to indicate that the user has access authority to the second storage space; Overwriting the first authentication token with the second authentication token. 6. The method according to any one of claims 1-3, wherein when it is detected that the user has access authority to the first storage space, comprising: If it is detected that the storage space list corresponding to the user includes the first storage space; the storage space list includes all storage spaces to which the user has access rights. 7. The method according to any one of claims 1-3, characterized in that the method further comprises: When the first authentication token is generated, store the first authentication token in a cache. 8. A data access device, characterized in that it comprises: A generating module, configured to generate a first authentication token in response to the user's access operation to the first storage space in the document library management system, when it is detected that the user has access authority to the first storage space , the first authentication token is used to indicate that the user has access to the first storage space; An access module, configured to use the first authentication token to access the first storage space. 9. An electronic device, comprising: a processor and a memory; The memory is used to store computer programs; The processor is configured to execute the program stored in the memory to implement the data access method according to any one of claims 1-7. 10. A computer-readable storage medium storing a computer program, wherein the computer program implements the data access method according to any one of claims 1-7 when executed by a processor.