I want to build an API management platform (The function is similar to Sina Weibo’s openAPI. The function is not as powerful as Weibo’s openAPI)
Call the interface and you need authorization. After authorization, the user will get the username, token and other authorization information
The user calls the interface parameters including: user name token or signature and other interface parameters
You can set the expiration time of the token and the limit on the number of token calls
Can record the number of calls made by each user Call record
My idea is:
Use mysql to store user name, signature, token, authorization date, user permissions and other information
Use redis string to store user call records
After receiving the request from the user Use the token to verify whether the call is legal. Use the user name to verify whether he has the authority to call this interface, whether the number of times has been exceeded, the frequency limit has been exceeded, and other information