CN111859364A - Authority authentication method, device, equipment and storage medium - Google Patents
Authority authentication method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN111859364A CN111859364A CN202010745417.6A CN202010745417A CN111859364A CN 111859364 A CN111859364 A CN 111859364A CN 202010745417 A CN202010745417 A CN 202010745417A CN 111859364 A CN111859364 A CN 111859364A
- Authority
- CN
- China
- Prior art keywords
- authentication
- authentication code
- information
- code
- authority
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
Abstract
The invention discloses a method, a device, equipment and a computer readable storage medium for authority authentication, wherein the method comprises the following steps: acquiring a first authentication code input by a user; acquiring authentication information, and executing authentication code generation operation by using the authentication information to obtain a second authentication code; judging whether the first authentication code is the same as the second authentication code; if the first authentication code is the same as the second authentication code, determining that the authority authentication is passed; after acquiring authentication information, the method executes authentication code generation operation by using the authentication information to obtain a second authentication code; the second authentication code is locally generated according to the authentication information and is a legal authentication code; if the user has the corresponding authority, the first authentication code input by the user is also a legal authentication code which is the same as the second authentication code. Therefore, if the first authentication code is the same as the second authentication code, the authority authentication is determined to be passed. Through the comparison of the first verification code and the second verification code, the authority authentication can be carried out on the user, and the authorization file is prevented from being stolen.
Description
Technical Field
The present invention relates to the field of rights authentication technologies, and in particular, to a rights authentication method, a rights authentication device, a rights authentication apparatus, and a computer-readable storage medium.
Background
Currently, many software or applications have a free portion and a paid portion, for example, some application platforms provide a number of standalone application downloads that are not authorized until a fee is received. For performing the authority authentication, it is generally set up to perform the authentication of the authority authentication platform through the network, however, the user without authority often bypasses the online authority authentication by being offline from the authority authentication platform. To solve this problem, the related art generally adopts a method of issuing an authorization file to distinguish whether or not there is a right. That is, the authorization file is sent to the terminal of the paying user, and the terminal judges whether the terminal has the authority or not by checking whether the authorization file exists or not during operation. However, the authorization file may be stolen, and a user who originally has no authority may obtain the corresponding authority through the stolen authorization file. Therefore, the related art has the problem that the authorization file is easy to be stolen, and the loss is caused to developers.
Therefore, how to solve the problem that the authorization file in the related art is easy to be stolen and causes loss to developers is a technical problem to be solved by those skilled in the art.
Disclosure of Invention
In view of the above, the present invention provides a method, an apparatus, a device and a computer readable storage medium for authority authentication, which solve the problem that the authorization file is easy to be stolen and causes loss to the developer in the related art.
In order to solve the above technical problem, the present invention provides a method for authenticating a right, comprising:
acquiring a first authentication code input by a user;
acquiring authentication information, and executing authentication code generation operation by using the authentication information to obtain a second authentication code;
judging whether the first authentication code is the same as the second authentication code;
and if the first authentication code is the same as the second authentication code, determining that the authority authentication is passed.
Optionally, the obtaining the authentication information and performing an authentication code generation operation by using the authentication information to obtain a second authentication code includes:
acquiring current time, user information and first authentication information as the authentication information;
and inputting the authentication information into a hash function to obtain the second authentication code.
Optionally, the obtaining the authentication information and performing an authentication code generation operation by using the authentication information to obtain a second authentication code includes:
acquiring user information, application information and second authentication information as the authentication information;
and inputting the authentication information into a hash function to obtain the second authentication code.
Optionally, the inputting the authentication information into a hash function to obtain the second authentication code includes:
inputting the authentication information into a hash function to obtain an initial authentication code;
and carrying out standardization processing on the initial authentication code to obtain the second authentication code.
Optionally, the executing, by using the authentication information, an authentication code generating operation to obtain a second authentication code includes:
determining a target generating program corresponding to the selection information in the plurality of generating programs;
and executing the authentication code generation operation by using the target generation program based on the authentication information to obtain the second authentication code.
Optionally, before acquiring the first authentication code input by the user, the method further includes:
establishing connection with an authentication platform;
and acquiring a plurality of generating programs sent by the authentication platform.
Optionally, after the determining passes the authority authentication, the method further includes:
acquiring an operation instruction input by a user;
and responding to the operation instruction within the authority range of the first authentication code.
The invention also provides a permission authentication device, comprising:
the acquisition module is used for acquiring a first authentication code input by a user;
the generating module is used for acquiring authentication information and executing authentication code generating operation by using the authentication information to obtain a second authentication code;
the judging module is used for judging whether the first authentication code is the same as the second authentication code;
and the determining module is used for determining that the authority authentication is passed if the first authentication code is the same as the second authentication code.
The invention also provides a permission authentication device, which comprises a memory and a processor, wherein:
the memory is used for storing a computer program;
the processor is configured to execute the computer program to implement the above-mentioned right authentication method.
The present invention also provides a computer-readable storage medium for storing a computer program, wherein the computer program, when executed by a processor, implements the above-described method of rights authentication.
The authority authentication method provided by the invention obtains a first authentication code input by a user; acquiring authentication information, and executing authentication code generation operation by using the authentication information to obtain a second authentication code; judging whether the first authentication code is the same as the second authentication code; and if the first authentication code is the same as the second authentication code, determining that the authority authentication is passed.
Therefore, after the authentication information is acquired, the method executes the authentication code generation operation by using the authentication information to obtain the second authentication code. And the second authentication code is locally generated according to the authentication information and is a legal authentication code. The first authentication code is input by a user, and after the first authentication code and the second authentication code are obtained, whether the first authentication code and the second authentication code are the same or not is judged. If the user has the corresponding authority, the user naturally has a legal verification code generated in the same generation mode as the second authentication code, and the input first authentication code is also a legal authentication code which is the same as the second authentication code. Therefore, if the first authentication code is the same as the second authentication code, the authority authentication is determined to be passed. Through comparison of the first verification code and the second verification code, the authority authentication can be performed on the user in an offline state of the authority authentication platform, meanwhile, the authorization file is replaced by the authentication code, the authorization file is prevented from being stolen, and the problems that the authorization file is easy to be stolen and loss is caused to developers in the related art are solved.
In addition, the invention also provides an authority authentication device, an authority authentication device and a computer readable storage medium, and the device also have the beneficial effects.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a flowchart of a method for right authentication according to an embodiment of the present invention;
fig. 2 is a flowchart of a specific second authentication code generation method according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an authority authentication apparatus according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a right authentication device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In a possible implementation manner, please refer to fig. 1, where fig. 1 is a flowchart of an authority authentication method according to an embodiment of the present invention. The method comprises the following steps:
s101: the first authentication code input by the user is obtained.
All or part of the steps in this embodiment may be performed by the authority authentication device. The authority authentication device can be a smart phone, a computer, a tablet computer or other terminals. The first authentication code is input by the user, and may be a valid authentication code, for example, the user has purchased the corresponding service, and has obtained authorization, and the user can obtain the valid authentication code. Or when the user does not purchase the corresponding service, the user does not have a legal authentication code, and the first authentication code input by the user is an illegal authentication code. Further, the embodiment does not limit the method for obtaining the legal authentication code after the user obtains the authorization, for example, the legal authentication code may be sent to the authorization authentication terminal by a platform performing the authorization (i.e., an authorization authentication platform, such as an application download platform or a dedicated authentication platform); or can be sent to other terminals designated by the user by the platform performing authorization; or the information can be sent to the account or number designated by the user through mails, short messages and the like. It should be noted that the sent legitimate authentication code is not an authorization file, and the sent legitimate authentication code is not read and compared with the second authentication code during authentication, but the first authentication code input by the user is acquired and compared with the second authentication code.
The embodiment does not limit the method for obtaining the first authentication code, and for example, the first authentication code can be input by a user in real time through an interactive function; or the configuration file input by the user can be read, and the first authentication code is read from the configuration file, that is, the user can input the first authentication code in advance, and acquire the first authentication code when the authority authentication is required. The first authentication code may specifically be constituted by characters, numbers, wildcards, etc. Further, the time for acquiring the first authentication code may be set according to actual conditions, for example, the authority authentication may be performed when an application or a program is started to acquire the first authentication code; or the authority authentication can be carried out when a function or a process needing the authority call is required to be called, and the first authentication code is obtained.
S102: and acquiring authentication information, and executing authentication code generation operation by using the authentication information to obtain a second authentication code.
The authentication information is information necessary to generate a legitimate authentication code, which is also used to generate the second authentication code. The authentication file includes user information and may include other information. The user information may include user account information, user password information, user number information, and the like. The user information is used for distinguishing the users, and the authentication code generated by the user information is related to the users, so that the unauthorized users can be prevented from passing the authentication after obtaining the authentication code of the authorized user. The specific content of the other information may be set according to actual needs, for example, when the authorization time requirement needs to be considered in the authority authentication, the other information may include the current time; or when the authority authentication needs to consider distinguishing different applications, processes or functions, the other information may include application information, process information or function information; other information may also include basic information such as platform internal identification, which is not limited in this embodiment.
After the authentication information is acquired, it is necessary to perform an authentication code generation operation using the authentication information. The specific generation manner of the authentication code generation operation is the same as the generation manner corresponding to the valid verification code obtained after the user is authorized, that is, the generated second authentication code is a valid authentication code. Therefore, when the first authentication code input by the user is also a legal authentication code, the first authentication code and the second authentication code should be the same.
The authentication code generation operation may be performed in a fixed generation manner, or different generation manners may be selected according to actual needs. For example, when the authority authentication is performed on different applications, different generation modes can be adopted to generate a second authentication code; or when the authority authentication is performed on different functions or different processes in the same application, different generation modes can be adopted to generate the second authentication code. Different generation modes should obtain different second authentication codes when the same authentication information is obtained so as to play a distinguishing role. Further, the generation of the second authentication code, i.e., the generation of the legitimate authentication code, should be impossible to crack.
The present embodiment does not limit the execution sequence of the two steps S101 and S102, for example, when it is determined that the authorization authentication is required, the step S101 may be executed first, and then the step S102 may be executed; or the step S102 may be executed first, and then the step S101 may be executed; or may be performed simultaneously with the steps of S101 and S102.
S103: and judging whether the first authentication code and the second authentication code are the same.
After the first authentication code and the second authentication code are obtained, whether the first authentication code and the second authentication code are the same is judged. The second authentication code adopts the same generation mode and authentication information as the legal authentication code, so the second authentication code is the legal authentication code. If the first authentication code is the same as the second authentication code, it is determined that the user is authorized because the user can only obtain the valid authentication code if the user inputs the valid authentication code, and the step S104 can be entered. If the first authentication code is different from the second authentication code, it indicates that the authentication code input by the user is not a valid authentication code, and it cannot be determined whether the user is authorized at this time, and the process may proceed to step S105.
S104: and determining that the authority authentication is passed.
After determining that the first authentication code is identical to the second authentication code, it may be determined that the user has input a legitimate authentication code, which has been authorized, and thus it may be determined that the authority authentication is passed. After the authority authentication is determined to pass, other actions can be executed, for example, an operation instruction input by a user can be acquired, and the operation instruction is responded within the authority range of the first authentication code.
S105: and (5) presetting operation.
The present embodiment does not limit the operation performed when the first authentication code and the second authentication code are different, and for example, the prompt message may be output and the first authentication code may be acquired again, or the alarm message may be output.
By applying the authority authentication method provided by the embodiment of the invention, after the authentication information is acquired, the authentication information is utilized to execute the authentication code generation operation, and the second authentication code is obtained. And the second authentication code is locally generated according to the authentication information and is a legal authentication code. The first authentication code is input by a user, and after the first authentication code and the second authentication code are obtained, whether the first authentication code and the second authentication code are the same or not is judged. If the user has the corresponding authority, the user naturally has a legal verification code generated in the same generation mode as the second authentication code, and the input first authentication code is also a legal authentication code which is the same as the second authentication code. Therefore, if the first authentication code is the same as the second authentication code, the authority authentication is determined to be passed. Through comparison of the first verification code and the second verification code, the authority authentication can be performed on the user in an offline state of the authority authentication platform, meanwhile, the authorization file is replaced by the authentication code, the authorization file is prevented from being stolen, and the problems that the authorization file is easy to be stolen and loss is caused to developers in the related art are solved.
Based on the above embodiments, the present embodiment will specifically describe several steps in the above embodiments. Specifically, before performing the authority authentication, the method may further include:
step 11: and establishing connection with the authentication platform.
Step 12: a plurality of generation programs transmitted by the authentication platform are acquired.
In this embodiment, before performing the authority authentication, it is necessary to establish a connection with the authentication platform and acquire the generation program from the authentication platform. The generating program is used for executing the authentication code generating operation. In this embodiment, in order to improve the security of the second authentication code and prevent the second authentication code from cracking the generation method, a plurality of generation programs may be acquired, and each generation program corresponds to a different application, function, and the like. Even if a certain generating program is cracked, an unauthorized user can only illegally pass the authority authentication of one application or function and cannot pass the authority authentication of all the applications or functions, so that the safety of the authority authentication is improved.
Accordingly, in generating the second authentication code, the S102 step may include:
step 21: an object generating program corresponding to the selection information is determined among the plurality of generating programs.
Step 22: and executing the authentication code generation operation by using the target generation program based on the authentication information to obtain the second authentication code.
The selection information is used to select the target generating program, and may specifically be an application number, a function number, a process name, and the like. The selection information may be acquired when the second verification code is generated, and a target generation program corresponding to the selection information is determined among the plurality of generation programs. After determining the target generator, an authentication code generation operation may be performed with the target generator based on the authentication information, resulting in a second authentication code.
In one embodiment, the step S102 may include:
step 31: and acquiring the current time, the user information and the first authentication information as authentication information.
Step 32: and inputting the authentication information into a hash function to obtain a second authentication code.
In this embodiment, the authorization to the user is not a permanent authorization, but has a certain time limit. Therefore, when generating the valid authentication code and the second authentication code, the current time needs to be acquired. The current time may be specifically an hour, a day, a week, a month, or a year, and may be set according to the authorized validity duration. For example, when the valid authorization duration is day, the obtained current time is the current day and date, for example, 1 month and 1 day of 2020; when the authorized effective duration is month, the obtained current time is the current month date, for example, 1 month in 2020. And after the current time is obtained, obtaining the user information and the first authentication information at the same time, and inputting the user information and the first authentication information into a hash function together to obtain a second authentication code. The hash function may specifically be an MD5 function, an SHA256 function, or the like.
In another embodiment, the S102 step may include:
step 41: and acquiring the user information, the application information and the second authentication information as authentication information.
Step 42: and inputting the authentication information into a hash function to obtain a second authentication code.
The difference from the previous embodiment is that the application information is used as the authentication information in the present embodiment. The application information is used for distinguishing applications, when a fixed and unchangeable legal authentication code generation mode is adopted, in order to improve the safety of the second authentication code, even if an unauthorized user cracks the authentication code generation mode, the second authentication code can only pass the authority authentication of one application, and because the application information is determined by the application itself, corresponds to the application itself and is not controlled by the user, the user can not pass the authority authentication of other applications. It should be noted that the second authentication information may be the same as or different from the first authentication information, and may be specifically set according to actual situations.
Based on the above two embodiments, step 32 and step 42 may include:
step 51: and inputting the authentication information into a hash function to obtain an initial authentication code.
Step 52: and carrying out standardization processing on the initial authentication code to obtain a second authentication code.
In order to improve the security of the authentication code and prevent the authentication code from being cracked, the initial authentication code directly obtained by the hash function may be standardized. The normalization process may include a character selection process, i.e. selecting characters at corresponding positions from the initial authentication code to form the second authentication code, e.g. removing odd-numbered characters of the initial authentication code to form the second authentication code. The normalization processing may also include other processing manners, such as character replacement processing, calculation processing (for example, adding values of two consecutive characters to obtain one character in the second authentication code), and the like.
Referring to fig. 2, fig. 2 is a flowchart illustrating a specific second authentication code generation method according to an embodiment of the present invention. In this embodiment, a platform user name (i.e., a user name of a user on the platform), a current date, a platform internal identifier, and an application unique code are used as authentication information, and are used as input to calculate a combined string MD5 value (i.e., an initial authentication code). And obtaining an encryption string after the calculation is finished, and combining the encryption string after odd bits are taken to obtain an authentication authorization code, namely a second authentication code.
In the following, the right authentication apparatus provided by the embodiment of the present invention is introduced, and the right authentication apparatus described below and the right authentication method described above may be referred to correspondingly.
Referring to fig. 3, fig. 3 is a schematic structural diagram of an authority authentication device according to an embodiment of the present invention, including:
an obtaining module 110, configured to obtain a first authentication code input by a user;
a generating module 120, configured to obtain the authentication information, and perform an authentication code generating operation using the authentication information to obtain a second authentication code;
a judging module 130, configured to judge whether the first authentication code and the second authentication code are the same;
and the determining module 140 is configured to determine that the authorization authentication is passed if the first authentication code is the same as the second authentication code.
Optionally, the generating module 120 includes:
a first acquisition unit configured to acquire a current time, user information, and first authentication information as authentication information;
and the first input unit is used for inputting the authentication information into a hash function to obtain a second authentication code.
Optionally, the generating module 120 includes:
a second acquisition unit configured to acquire the user information, the application information, and the second authentication information as authentication information;
and the second input unit is used for inputting the authentication information into the hash function to obtain a second authentication code.
Optionally, the first input unit or the second input unit comprises:
the input subunit is used for inputting the authentication information into a hash function to obtain an initial authentication code;
and the standardization subunit is used for carrying out standardization processing on the initial authentication code to obtain a second authentication code.
Optionally, the generating module 120 includes:
a selection unit configured to determine a target generating program corresponding to the selection information among the plurality of generating programs;
and the generating unit is used for executing the authentication code generating operation by using the target generating program based on the authentication information to obtain a second authentication code.
Optionally, the method further comprises:
the connection module is used for establishing connection with the authentication platform;
and the urban area acquisition module is used for acquiring a plurality of generation programs sent by the authentication platform.
Optionally, the method further comprises:
the instruction acquisition module is used for acquiring an operation instruction input by a user;
and the response module is used for responding to the operation instruction within the authority range of the first authentication code.
In the following, the authority authentication device provided by the embodiment of the present invention is introduced, and the authority authentication device described below and the authority authentication method described above may be referred to correspondingly.
Referring to fig. 4, fig. 4 is a schematic structural diagram of a right authentication device according to an embodiment of the present invention. Wherein the rights authentication device 100 may include a processor 101 and a memory 102, and may further include one or more of a multimedia component 103, an information input/information output (I/O) interface 104, and a communication component 105.
The processor 101 is configured to control the overall operation of the authority authentication device 100, so as to complete all or part of the steps in the authority authentication method; the memory 102 is used to store various types of data to support operation at the rights authentication device 100, which may include, for example, instructions for any application or method operating on the rights authentication device 100, as well as application-related data. The Memory 102 may be implemented by any type of volatile or non-volatile Memory device or combination thereof, such as one or more of Static Random Access Memory (SRAM), Electrically Erasable Programmable Read-Only Memory (EEPROM), Erasable Programmable Read-Only Memory (EPROM), Programmable Read-Only Memory (PROM), Read-Only Memory (ROM), magnetic Memory, flash Memory, magnetic or optical disk.
The multimedia component 103 may include a screen and an audio component. Wherein the screen may be, for example, a touch screen and the audio component is used for outputting and/or inputting audio signals. For example, the audio component may include a microphone for receiving external audio signals. The received audio signal may further be stored in the memory 102 or transmitted through the communication component 105. The audio assembly also includes at least one speaker for outputting audio signals. The I/O interface 104 provides an interface between the processor 101 and other interface modules, such as a keyboard, mouse, buttons, etc. These buttons may be virtual buttons or physical buttons. The communication component 105 is used for wired or wireless communication between the rights authentication device 100 and other devices. Wireless Communication, such as Wi-Fi, bluetooth, Near Field Communication (NFC), 2G, 3G, or 4G, or a combination of one or more of them, so that the corresponding Communication component 105 may include: Wi-Fi part, Bluetooth part, NFC part.
The authority authentication apparatus 100 may be implemented by one or more Application Specific Integrated Circuits (ASICs), Digital Signal Processors (DSPs), Digital Signal Processing Devices (DSPDs), Programmable Logic Devices (PLDs), Field Programmable Gate Arrays (FPGAs), controllers, microcontrollers, microprocessors or other electronic components, and is configured to perform the authority authentication method according to the above embodiments.
In the following, the computer-readable storage medium provided by the embodiment of the present invention is introduced, and the computer-readable storage medium described below and the above-described right authentication method may be referred to correspondingly.
The present invention also provides a computer-readable storage medium, on which a computer program is stored, which, when executed by a processor, implements the steps of the above-described method for right authentication.
The computer-readable storage medium may include: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The embodiments are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same or similar parts among the embodiments are referred to each other. The device disclosed by the embodiment corresponds to the method disclosed by the embodiment, so that the description is simple, and the relevant points can be referred to the method part for description.
Those of skill would further appreciate that the various illustrative components and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in Random Access Memory (RAM), memory, Read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
Finally, it should also be noted that, herein, relationships such as first and second, etc., are intended only to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms include, or any other variation is intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that includes a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.
The authority authentication method, the authority authentication device and the computer readable storage medium provided by the present invention are introduced in detail, and a specific example is applied in the text to explain the principle and the implementation of the present invention, and the description of the above embodiment is only used to help understanding the method and the core idea of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
Claims (10)
1. A method of rights authentication, comprising:
acquiring a first authentication code input by a user;
acquiring authentication information, and executing authentication code generation operation by using the authentication information to obtain a second authentication code;
judging whether the first authentication code is the same as the second authentication code;
and if the first authentication code is the same as the second authentication code, determining that the authority authentication is passed.
2. The method for authenticating authority according to claim 1, wherein the obtaining authentication information and performing an authentication code generation operation using the authentication information to obtain a second authentication code comprises:
acquiring current time, user information and first authentication information as the authentication information;
and inputting the authentication information into a hash function to obtain the second authentication code.
3. The method for authenticating authority according to claim 1, wherein the obtaining authentication information and performing an authentication code generation operation using the authentication information to obtain a second authentication code comprises:
acquiring user information, application information and second authentication information as the authentication information;
and inputting the authentication information into a hash function to obtain the second authentication code.
4. The method for authenticating authority according to claim 2 or 3, wherein the inputting the authentication information into a hash function to obtain the second authentication code includes:
inputting the authentication information into a hash function to obtain an initial authentication code;
and carrying out standardization processing on the initial authentication code to obtain the second authentication code.
5. The method of claim 1, wherein the performing an authentication code generation operation using the authentication information to obtain a second authentication code comprises:
determining a target generating program corresponding to the selection information in the plurality of generating programs;
and executing the authentication code generation operation by using the target generation program based on the authentication information to obtain the second authentication code.
6. The method for authenticating authority according to claim 5, further comprising, before acquiring the first authentication code inputted by the user:
establishing connection with an authentication platform;
and acquiring a plurality of generating programs sent by the authentication platform.
7. The authority authentication method according to claim 1, further comprising, after the determination that the authority authentication is passed:
acquiring an operation instruction input by a user;
and responding to the operation instruction within the authority range of the first authentication code.
8. An authority authentication apparatus, comprising:
the acquisition module is used for acquiring a first authentication code input by a user;
the generating module is used for acquiring authentication information and executing authentication code generating operation by using the authentication information to obtain a second authentication code;
the judging module is used for judging whether the first authentication code is the same as the second authentication code;
and the determining module is used for determining that the authority authentication is passed if the first authentication code is the same as the second authentication code.
9. An authority authentication device comprising a memory and a processor, wherein:
the memory is used for storing a computer program;
the processor is configured to execute the computer program to implement the rights authentication method according to any one of claims 1 to 7.
10. A computer-readable storage medium for storing a computer program, wherein the computer program when executed by a processor implements the rights authentication method as claimed in any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010745417.6A CN111859364A (en) | 2020-07-29 | 2020-07-29 | Authority authentication method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010745417.6A CN111859364A (en) | 2020-07-29 | 2020-07-29 | Authority authentication method, device, equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111859364A true CN111859364A (en) | 2020-10-30 |
Family
ID=72946449
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010745417.6A Pending CN111859364A (en) | 2020-07-29 | 2020-07-29 | Authority authentication method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111859364A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114590224A (en) * | 2022-03-10 | 2022-06-07 | 重庆金康赛力斯新能源汽车设计院有限公司 | Automobile anti-theft control method and device, automobile and electronic equipment |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1445666A (en) * | 2003-01-24 | 2003-10-01 | 赵红刚 | Method for controlling license of software |
| CN102254118A (en) * | 2011-07-15 | 2011-11-23 | 飞天诚信科技股份有限公司 | Identifying code generating method and device |
| CN102938045A (en) * | 2012-07-23 | 2013-02-20 | 吴俊杰 | Encryption method and authorization method after encryption for electronic product |
| CN105046141A (en) * | 2015-06-12 | 2015-11-11 | 北京京东尚科信息技术有限公司 | Self-daptive verification code design method and system |
| CN105139204A (en) * | 2015-07-27 | 2015-12-09 | 飞天诚信科技股份有限公司 | Method and system for carrying out security authentication |
| CN106919810A (en) * | 2017-02-22 | 2017-07-04 | 广州广电运通金融电子股份有限公司 | Registration code generating method and device, software registration method and device |
| CN107249004A (en) * | 2017-07-24 | 2017-10-13 | 广州市玄武无线科技股份有限公司 | A kind of identity identifying method, device and client |
| CN107483485A (en) * | 2017-09-13 | 2017-12-15 | 深圳市屯奇尔科技有限公司 | Generation method, authorization method, relevant apparatus and the terminal device of authorization code |
| CN110162936A (en) * | 2019-05-31 | 2019-08-23 | 北京比特安索信息技术有限公司 | A kind of use authorization method of software content |
| CN110213248A (en) * | 2019-05-20 | 2019-09-06 | 武汉市灯塔互动文化传播有限公司 | Authorization method and device under a kind of offline environment |
| CN110572396A (en) * | 2019-09-10 | 2019-12-13 | 广州创维平面显示科技有限公司 | method and system for controlling function use authorization |
| CN111090850A (en) * | 2018-10-24 | 2020-05-01 | 杭州海康威视系统技术有限公司 | Authentication system, method and device |
-
2020
- 2020-07-29 CN CN202010745417.6A patent/CN111859364A/en active Pending
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1445666A (en) * | 2003-01-24 | 2003-10-01 | 赵红刚 | Method for controlling license of software |
| CN102254118A (en) * | 2011-07-15 | 2011-11-23 | 飞天诚信科技股份有限公司 | Identifying code generating method and device |
| CN102938045A (en) * | 2012-07-23 | 2013-02-20 | 吴俊杰 | Encryption method and authorization method after encryption for electronic product |
| CN105046141A (en) * | 2015-06-12 | 2015-11-11 | 北京京东尚科信息技术有限公司 | Self-daptive verification code design method and system |
| CN105139204A (en) * | 2015-07-27 | 2015-12-09 | 飞天诚信科技股份有限公司 | Method and system for carrying out security authentication |
| CN106919810A (en) * | 2017-02-22 | 2017-07-04 | 广州广电运通金融电子股份有限公司 | Registration code generating method and device, software registration method and device |
| CN107249004A (en) * | 2017-07-24 | 2017-10-13 | 广州市玄武无线科技股份有限公司 | A kind of identity identifying method, device and client |
| CN107483485A (en) * | 2017-09-13 | 2017-12-15 | 深圳市屯奇尔科技有限公司 | Generation method, authorization method, relevant apparatus and the terminal device of authorization code |
| CN111090850A (en) * | 2018-10-24 | 2020-05-01 | 杭州海康威视系统技术有限公司 | Authentication system, method and device |
| CN110213248A (en) * | 2019-05-20 | 2019-09-06 | 武汉市灯塔互动文化传播有限公司 | Authorization method and device under a kind of offline environment |
| CN110162936A (en) * | 2019-05-31 | 2019-08-23 | 北京比特安索信息技术有限公司 | A kind of use authorization method of software content |
| CN110572396A (en) * | 2019-09-10 | 2019-12-13 | 广州创维平面显示科技有限公司 | method and system for controlling function use authorization |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114590224A (en) * | 2022-03-10 | 2022-06-07 | 重庆金康赛力斯新能源汽车设计院有限公司 | Automobile anti-theft control method and device, automobile and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107395614B (en) | Single sign-on method and system | |
| CN104104672B (en) | The method that dynamic authorization code is established in identity-based certification | |
| JP4727278B2 (en) | Application program verification system, application program verification method, and computer program | |
| CN111404696B (en) | Collaborative signature method, security service middleware, related platform and system | |
| CN108055238B (en) | Account verification method and system | |
| CN107870793B (en) | Method and device for loading SO file in application program | |
| CN108229144B (en) | Verification method of application program, terminal equipment and storage medium | |
| CN106897606B (en) | Brush machine protection method and device | |
| CN113378119B (en) | Software authorization method, device, equipment and storage medium | |
| CN110177111B (en) | Information verification method, system and device | |
| CN111143822A (en) | Application system access method and device | |
| CN109117605B (en) | Authentication method, device and equipment thereof and storage medium | |
| CN103971048A (en) | Method and system for entering password | |
| CN112507326B (en) | Encryption method and device for password information based on SM3 hash algorithm and computer equipment | |
| CN112507316A (en) | User verification method and device, readable storage medium and electronic equipment | |
| CN111859364A (en) | Authority authentication method, device, equipment and storage medium | |
| CN107623696B (en) | User identity verification method and device based on user behavior characteristics | |
| CN108650645B (en) | Method and related device for preventing malicious fee deduction | |
| CN112000933B (en) | Application software activation method and device, electronic equipment and storage medium | |
| CN107679865B (en) | Identity verification method and device based on touch area | |
| CN113079023B (en) | File distribution management method and device and related equipment | |
| CN106446719B (en) | Method for preventing eSIM file from being tampered and mobile terminal | |
| CN113051532A (en) | Software authorization method and device, computer equipment and storage medium | |
| CN113868628A (en) | Signature verification method and device, computer equipment and storage medium | |
| CN107172106B (en) | Security information interaction method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201030 |
|
| RJ01 | Rejection of invention patent application after publication |