当前位置:网站首页>How to design an interface?
How to design an interface?
2022-07-05 12:16:00 【Xujunsheng】
How to design an interface ?
Preface
Interfaces are essential to our system , It can be called the cornerstone of the system . I think a good interface needs to have the following aspects : Security 、 stability 、 Efficiency 、 Maintainability 、 Readability . Now let's discuss what issues need to be considered in designing a good interface according to these properties ?
Security
Security is of great importance to interfaces . Our common Web Vulnerabilities include :SQL Inject 、JSON Deserialization vulnerability 、XSS attack 、CSRF attack 、 File upload and download vulnerability 、DDoS attack 、 Weak password 、 Certificate Validation 、 The internal interface is exposed in the public network 、 Unauthorized access related vulnerabilities .
Preventive measures :
- data validation : Use filters 、 The interceptor verifies the input data ;
- Identity Authentication & session management : Use token protection for interfaces of important operations ;
- Secure storage : Using encryption algorithms :MD5、SHA256、3DES;
- IP White list 、 Log the interface request 、 Desensitization of sensitive data, etc .
stability
Interface stability includes two aspects: one is robust, the other is reliable , These two concepts are easy to confuse .
Robustness,
Robustness refers to the ability of an interface to handle errors .
It is reflected in several aspects : Interface current limiting 、 Downgrade 、 Interface response timeout processing 、 Retry and early warning mechanism .
Current limiting
Current limiting , Also known as flow control (Rate Limit). It means that the system is facing high concurrency , Or in the case of large traffic requests , Only specified events are allowed to enter , The excess will be denied service 、 To line up or wait for 、 Demotion, etc , So as to ensure the stability of the interface .
Common current limiting algorithms : Fixed window current limiting algorithm ( Counter )、 Sliding window current limiting algorithm 、 Leaky bucket algorithm 、 Token bucket algorithm .
For space reasons, I will not explain here , Let's open a separate chapter to introduce in detail .
Interface response timeout processing
This is often the case when interfacing with third-party interfaces , Because of unstable factors such as network
.
In this case, we can take : Set timeout 、 Interface retry mechanism 、 asynchronous 、 Early warning and other schemes .
And we can pass it :System Default mode 、StopWatch、AutoCloseable To count the response time of the interface , In order to monitor it .
reliability
Reliability design can mainly consider : idempotent 、 There are two aspects of transaction consistency .
Idempotency
Idempotent means that the execution result of any number of requests has the same impact as that of one request .
To put it bluntly, query operation will not affect the data itself no matter how many times it is queried , So the query itself is idempotent . But new operations , The database changes with each execution , So it's not idempotent .
There are many ways to solve idempotent problems , such as :
- insert before select
- Add pessimism lock :select … for update
- Lock in optimism : Add a... To the list timestamp perhaps version Field
- Add unique index
- Build a weight watch
- Add distribution lock :redis、zookeeper
Transaction consistency
A transaction is a set of ungroupable operations , These operations are either successful , Or cancel the execution .
Four characteristics of transactions (ACID): Atomicity 、 Uniformity 、 Isolation, 、 persistence .
The single database does not involve network interaction , Therefore, it is relatively simple to implement transactions between multiple tables (Spring Affairs are easily solved ), This kind of transaction is called local transaction .
When the performance of a single database reaches the bottleneck, it needs to carry out database and table separation and service-oriented transformation .
Distributed transaction is the participant of transaction 、 Servers that support transactions 、 Resource servers and transaction managers are located on different nodes of different distributed systems .
Single database transactions can easily meet the requirements of transactions ACID Four features , Provide strong consistency assurance , But distributed transactions should fully follow ACID Features can be difficult .
In order to pursue high availability and high throughput of distributed systems , The solution of distributed transaction generally provides final consistency .
Distributed transactions
We call transactions that provide ultimate consistency as flexible transactions , Flexible transactions generally follow the rules in the distributed domain BASE theory :
- BA:Basic Availability, Basic business availability .
- S:Soft state, The state of flexibility .
- E:Eventual consistency, Final consistency .
There are three scenarios for distributed transactions :
- Distributed transactions across databases
- Cross service distributed transactions
- Hybrid distributed transaction
Common distributed transaction solutions :
- XA Two-phase commit
- TCC Pattern : Support TCC The open source frameworks for transactions are :ByteTCC、Himly、TCC-transaction.
- Saga
- Message based distributed transaction : Scheme based on transaction message 、 Local message based solutions
- Distributed transaction middleware :Seata
Efficiency
We can use multithreading to make full and rational use of system resources , Using cache can improve response speed 、
The implementation of multithreading is inseparable from two classes :Thread、Runnable.
At the same time, we can also use Future and Callable Get the execution result of the child thread .
Using thread pools, you can manage and reuse threads , Reduce the context switching and other problems caused by frequent thread creation .
When it comes to multithreading, we have to talk about thread safety .
Thread safety problem
Two scenarios of thread safety :
- Data contention : Write two data at the same time , The data of one party is either discarded or written incorrectly ;
- Competitive conditions : Execution order , For example, to read the contents of a file , Then naturally, after this document is written , Suppose the threads don't work well , I'll read it before you finish writing , This will cause errors in order .
Thread safety issues only occur in multithreaded environments , Single thread serial execution does not have this problem .
Ensure thread safety in high concurrency scenarios , There are four dimensions to consider :
- Data is visible in a single thread , such as ThreadLocal;
- Read only objects ,final
- Thread safety class :StringBuffer、ConcurrentHashMap
- Synchronization and lock mechanism :synchronized、Lock etc. .
You should also pay attention to deadlock in multithreaded scenarios .
Maintainability
Maintainability can also be called extensibility . This requires a good design of the interface at the design level .
Reflected in the response results 、 exception handling 、 The printing of logs should be under unified control .
Another is that you can use design patterns .
Design patterns 23 Kind of , Most commonly used, such as : The singleton pattern 、 The proxy pattern 、 Factory mode 、 Builder pattern 、 Template pattern 、 Strategy model, etc .
Spring Many design patterns are used in the source code , If you are interested, you can learn something about .
Readability
Readability is to provide convenience for future generations , It's the so-called iron camp, flowing soldiers .
When we write interfaces, we might as well add more comments to complex logic , This is not only convenient for others to read , Also bring yourself traversal .
边栏推荐
- Matlab label2idx function (convert the label matrix into a cell array with linear index)
- ACID事务理论
- 一类恒等式的应用(范德蒙德卷积与超几何函数)
- Conversion du format de données GPS [facile à comprendre]
- Just a coincidence? The mysterious technology of apple ios16 is actually the same as that of Chinese enterprises five years ago!
- Wireless WiFi learning 8-channel transmitting remote control module
- [yolov3 loss function]
- [singleshotmultiboxdetector (SSD, single step multi frame target detection)]
- Which domestic cloud management platform manufacturer is good in 2022? Why?
- vscode快捷键
猜你喜欢
Understand kotlin from the perspective of an architect
Redis master-slave mode
July Huaqing learning-1
调查显示传统数据安全工具在60%情况下无法抵御勒索软件攻击
HiEngine:可媲美本地的云原生内存数据库引擎
Automated test lifecycle
Troubleshooting of high memory usage of redis in a production environment
Redirection of redis cluster
Sentinel sentinel mechanism of master automatic election in redis master-slave
MySQL splits strings for conditional queries
随机推荐
mysql拆分字符串做条件查询
Swift - add navigation bar
[yolov3 loss function]
July Huaqing learning-1
Understand kotlin from the perspective of an architect
语义分割实验:Unet网络/MSRC2数据集
Matlab struct function (structure array)
Multi table operation - Auto Association query
【ijkplayer】when i compile file “compile-ffmpeg.sh“ ,it show error “No such file or directory“.
手机 CPU 架构类型了解
MySQL view
跨平台(32bit和64bit)的 printf 格式符 %lld 输出64位的解决方式
Which domestic cloud management platform manufacturer is good in 2022? Why?
Sentinel sentinel mechanism of master automatic election in redis master-slave
Video networkState 属性
ACID事务理论
Automated test lifecycle
Intern position selection and simplified career development planning in Internet companies
Select drop-down box realizes three-level linkage of provinces and cities in China
HiEngine:可媲美本地的云原生内存数据库引擎