CN113392386B - Login method and device of business system, computer equipment and storage medium - Google Patents
Login method and device of business system, computer equipment and storage medium Download PDFInfo
- Publication number
- CN113392386B CN113392386B CN202110737157.2A CN202110737157A CN113392386B CN 113392386 B CN113392386 B CN 113392386B CN 202110737157 A CN202110737157 A CN 202110737157A CN 113392386 B CN113392386 B CN 113392386B
- Authority
- CN
- China
- Prior art keywords
- account
- login
- deployment
- account system
- instance
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 37
- 238000012795 verification Methods 0.000 claims abstract description 35
- 210000001503 joint Anatomy 0.000 claims abstract description 9
- 230000009191 jumping Effects 0.000 claims abstract description 7
- 235000014510 cooky Nutrition 0.000 claims description 17
- 238000004590 computer program Methods 0.000 claims description 12
- 238000001514 detection method Methods 0.000 claims description 6
- 230000007246 mechanism Effects 0.000 claims description 6
- 238000010899 nucleation Methods 0.000 claims description 3
- 238000003032 molecular docking Methods 0.000 claims 1
- 238000011161 development Methods 0.000 abstract description 9
- 230000008569 process Effects 0.000 description 7
- 230000006870 function Effects 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 238000013475 authorization Methods 0.000 description 3
- 230000001360 synchronised effect Effects 0.000 description 2
- 108010001267 Protein Subunits Proteins 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/101—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities
- G06F21/1014—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities to tokens
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/107—License processing; Key processing
- G06F21/1078—Logging; Metering
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/448—Execution paradigms, e.g. implementations of programming paradigms
- G06F9/4482—Procedural
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The application relates to the field of development, and provides a login method, a login device, computer equipment and a storage medium for a service system, wherein each deployment example of the service system is obtained, and a login address corresponding to each account system is obtained; configuring a login address into a deployment example, configuring corresponding verification service, and enabling an account system to be in butt joint with the deployment example based on the login address and the verification service; determining a target account system for the deployment instance receiving the access request; detecting whether the login state of the target account system is valid; and if the login state is invalid, jumping to a login page of a target account system, detecting whether an account successfully logs in the login page, planting the login state on a page of the deployment example, and logging in the deployment example by the account which successfully logs in. The existing account system is configured in the corresponding deployment example, the service system does not need to set the account system of the service system, and the existing account system is used for logging in, so that the development amount of the service system is reduced.
Description
Technical Field
The present application relates to the field of development technologies, and in particular, to a login method and apparatus for a business system, a computer device, and a storage medium.
Background
The business system is a system which has a front-end interface, can provide services for users in a browser or a mobile phone APP and meets certain business logic. The account system refers to a system including basic functions of managing generation, registration, login, logout and the like of accounts. A general service system may set a self account system, and a user of the service system registers or generates an account in the account system of the service system, thereby logging in. When other account systems need to be docked, authorization is performed through Open Authorization (OAuth), the OAuth relates to two service systems, both the service systems have their own account systems, a user can select and authorize their own account in the service system B when using the service system a, and after the Authorization is successful, the service system a can access the resources of the user in the service system B. The account number in the service system A and the account number in the service system B form a one-to-one binding relationship, if the user logs in the service system B and the service system A trusts the login state in the service system B, the service system A can find the account number of the user in the system and help the user to automatically log in. However, in the above manner, the business system needs to develop its own account system for logging in, so that the development amount of the business system is large.
Disclosure of Invention
The application mainly aims to provide a login method, a login device, a computer device and a storage medium of a business system, and aims to solve the technical problem that the business system needs to set an own account system, so that the development amount of the business system is large.
In order to achieve the above object, the present application provides a login method of a service system, including the following steps:
acquiring each deployment example of a service system, and acquiring a login address corresponding to each account system;
configuring the login address into each deployment instance, configuring corresponding verification service for each account system in the corresponding deployment instance, and enabling the corresponding account system to be in butt joint with the deployment instance based on the login address and the verification service;
detecting whether each deployment instance receives an access request;
if so, acquiring a dockable account system of the deployment instance receiving the access request;
determining a target account system of the deployment instance in the account systems capable of being butted according to a preset rule;
calling a verification service of the target account system to detect whether the login state of the target account system is valid;
if the login state is valid, logging in the deployment example by using the account with the valid login state in the target account system, acquiring account information of the target account system, and displaying the account information on a page of the deployment example;
if the login state is invalid, jumping to a login page of the target account system;
and detecting whether an account successfully logs in the login page, if so, acquiring the login state of the account successfully logged in, and planting the login state on the page of the deployment instance so as to log in the deployment instance by the account successfully logged in the login page.
Further, the step of determining the target account system of the deployment instance in the account systems that can be docked according to the preset rule includes:
detecting whether an account logs in each account system;
if yes, acquiring the number of account systems logged in by the account;
if the number is equal to 1, taking an account system with account login as a target account system;
if the number is larger than 1, acquiring the priority of each account system with account login, and selecting the account system with the highest priority as the target account system of the deployment example.
Further, the step of determining the target account system of the deployment instance in the account systems that can be docked according to the preset rule includes:
detecting a first domain name used when accessing the deployment instance;
detecting whether account domain names of the account systems have account domain names which are the same as the first domain name;
if so, taking an account system corresponding to the account domain name which is the same as the first domain name as a target account system of the deployment example.
Further, the step of determining the target account system of the deployment instance in the account systems that can be docked according to the preset rule includes:
acquiring User-agent of each browser accessing the deployment instance;
determining an access channel for accessing the deployment instance according to the User-agent;
and acquiring an account system under the access channel, and taking the account system under the access channel as a target account system of the deployment example.
Further, the step of seeding the login status on the page of the deployment instance includes:
detecting whether the target account system and the front-end page of the corresponding deployment instance are under the same domain name;
if so, planting the login state of the target account system on the page of the corresponding deployment example through a cookie mechanism;
and if not, acquiring a first token generated when the account successfully logs in, and putting the first token in a cookie of the domain name of the deployment instance.
Further, the step of invoking the verification service of the target account system to detect whether the login state of the target account system is valid includes:
obtaining a second token stored in the deployment instance;
transmitting the second token to the target account system to verify whether the login state of the target account system is valid;
receiving verification information returned by the target account system;
determining whether the login status is valid based on the authentication information.
Further, the step of determining the target account system of the deployment instance in the account systems that can be docked according to the preset rule includes:
and determining different account systems for the deployment examples as the target account system according to preset rules.
The present application further provides a login device of a service system, including:
the first acquisition unit is used for acquiring each deployment example of the service system and acquiring a login address corresponding to each account system;
a configuration unit, configured to configure the login address in each deployment instance, configure corresponding authentication service in the corresponding deployment instance for each account system, and enable the corresponding account system and the deployment instance to be in butt joint based on the login address and the authentication service;
the first detection unit is used for detecting whether each deployment instance receives an access request;
a second obtaining unit, configured to obtain, if received, a dockable account system of the deployment instance that receives the access request;
the determining unit is used for determining a target account system of the deployment instance in the account systems which can be butted according to a preset rule;
the calling unit is used for calling the verification service of the target account system to detect whether the login state of the target account system is valid;
a third obtaining unit, configured to, if the login status is valid, login the deployment instance with an account with a valid login status in the target account system, obtain account information of the target account system, and display the account information on a page of the deployment instance;
the skipping unit is used for skipping to a login page of the target account system if the login state is invalid;
and the second detection unit is used for detecting whether an account successfully logs in the login page, acquiring the login state of the account which successfully logs in if the account successfully logs in, and planting the login state on the page of the deployment instance so as to log in the deployment instance by the account which successfully logs in the login page.
The present application further provides a computer device, which includes a memory and a processor, where the memory stores a computer program, and the processor implements the steps of the login method of the business system when executing the computer program.
The present application further provides a computer-readable storage medium having stored thereon a computer program which, when being executed by a processor, carries out the steps of the method of logging in a business system according to any one of the preceding claims.
According to the login method and device of the business system, the computer equipment and the storage medium, the login address and the verification service of the existing account system are configured to the corresponding deployment examples, so that the deployment examples are connected with the existing account system, the business system does not need to set the own account system, and the plurality of deployment examples are connected with different account systems. The existing account system is used for logging in, so that the development amount of a service system is reduced.
Drawings
Fig. 1 is a schematic diagram illustrating steps of a login method of a business system in an embodiment of the present application;
FIG. 2 is a block diagram of a login device of a business system according to an embodiment of the present application;
fig. 3 is a block diagram illustrating a structure of a computer device according to an embodiment of the present application.
The implementation, functional features and advantages of the objectives of the present application will be further explained with reference to the accompanying drawings.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
Referring to fig. 1, an embodiment of the present application provides a login method for a service system, including the following steps:
s1, acquiring each deployment instance of a service system, and acquiring a login address corresponding to each account system;
s2, configuring the login address into each deployment example, configuring corresponding verification service for each account system in the corresponding deployment example, and enabling the corresponding account system to be in butt joint with the deployment example based on the login address and the verification service;
s3, detecting whether each deployment instance receives an access request;
s4, if the access request is received, obtaining the account system which can be butted with the deployment example and receives the access request;
s5, determining a target account system of each deployment instance in the account systems capable of being butted according to a preset rule;
step S6, calling a verification service of the target account system to detect whether the login state of the target account system is valid;
s7, if the login state is valid, logging in the deployment example by using an account with the valid login state in the target account system, acquiring account information of the target account system, and displaying the account information on a page of the deployment example;
s8, if the login state is invalid, jumping to a login page of the target account system;
and S9, detecting whether an account successfully logs in the login page, if so, acquiring the login state of the account successfully logged in, and planting the login state on the page of the deployment instance so as to log in the deployment instance by the account successfully logged in the login page.
In this embodiment, as described in the above steps S1 to S2, the service system has a plurality of deployment instances, that is, a development kit which is deployed on the service system and executes a certain function, such as an instance of an ordering function and an instance of a payment function of a certain order service system. One deployment instance may correspond to one function in a business system. The account system is an existing account system, such as an account system of WeChat, QQ, microblog, and the like, a login address is a URL (Uniform Resource Locator) corresponding to a login page of the account system, the login address is configured into each deployment instance, and a verification service corresponding to each account system is configured, and the verification service can be configured into a form of jar Bao Dengdi three-way code base or an interface provided by the login system. When the login address of the same account system is configured on different deployment instances, a verification service of the account system is configured on each deployment instance. Each deployment instance can be connected with the account systems, each deployment instance can be connected with a plurality of different account systems, the account systems connected among different deployment instances can be different, and the business system does not need to be provided with the account system. The account system in this embodiment mainly relates to login of an account, verification of a login state, and the like.
As described in the foregoing steps S3 to S5, when a user accesses a deployment instance of a service system, a corresponding access request is generated, but the access deployment instance needs to log in an account to complete a subsequent service flow, each deployment instance determines in advance an account system that can be docked, and the deployment instance that receives the access request needs to determine an account system as a target account system according to a preset rule, specifically, the target account system can be determined according to a priority between account systems.
As described in the foregoing steps S6 to S9, there may be an account login in the target account system, and whether the login state of the target account system is valid is detected, and if the login state is valid, account information logged in the target account system is acquired, where the account information includes: user name, account number, etc. The account number may include a cell phone number, a mailbox, a user name, an ID of a third party identity provider, an identification card, a fingerprint, face recognition, voice recognition, and the like. The account information is displayed on the page of the corresponding deployment example, so that a user can conveniently check and confirm the currently logged account. When the login state is invalid, the target account system has a corresponding login page, the target account system jumps to the login page, the user inputs a corresponding account by himself to log in, after the login is successful, the login state of the account which is successfully logged in is planted on the page of the corresponding deployment instance, namely, the login state is written into a cookie corresponding to the deployment instance, the cookie is set in NSHTTPURLResponse, and when the user accesses the deployment instance subsequently, the corresponding login state is directly obtained from the cookie to verify whether the login state is valid or not.
In this embodiment, the existing account system is configured in the corresponding deployment example, and the service system does not need to set its own account system, and logs in by using the existing account system, thereby reducing the development amount of the service system. When the account number exists in the existing account number system, the user can directly log in and use the service system without re-registering or generating. The service system does not set a self-fixed account number system, thereby improving the reusability of the service system and supporting multi-instance deployment. The existing account system is utilized to keep the relevant rules and security settings of the account consistent with the existing account system.
In an embodiment, the step S5 of determining the target account system of the deployment instance in the account systems that can be docked according to a preset rule includes:
step S51, detecting whether an account number is logged in each account number system;
step S52, if yes, acquiring the number of account systems logged in by the account;
step S53, if the number is equal to 1, taking an account system with account login as a target account system;
and step S54, if the number is larger than 1, acquiring the priority of each account system with account login, and selecting the account system with the highest priority as the target account system of the deployment example.
In this embodiment, each deployment instance is docked with a plurality of account systems, whether an account of a user logs in the account system docked with the deployment instance is detected, and it may happen that an account is in a login state at present in the docked account system, and the user does not need to log in again when the account system is seeded to a page of the deployment instance, so that the account system logged in by the existing account is selected as a target account system in this embodiment. However, the number of the account systems to be connected is multiple, and there may be a plurality of account systems to which account logins are simultaneously made, and a target account system needs to be determined, and there may be differences among the plurality of account systems to which deployment examples are connected, so that the account system to which each deployment example is connected can be prioritized in advance according to its own use habits, and the account system with the highest priority in account login is selected as the target account system. If one deployment example is connected with three account systems of WeChat, QQ and microblog, the priority of the account system in the deployment example is preset to be WeChat, QQ and microblog, namely the priority of the WeChat is the maximum. When all three account systems are logged in, the account system with the highest priority, namely the WeChat account system, is selected as the target account system.
In an embodiment, the step S5 of determining the target account system of the deployment instance in the dockable account systems according to a preset rule includes:
step S5a, detecting a first domain name used when accessing the deployment instance;
step S5b, detecting whether account domain names of the account systems have account domain names same as the first domain name;
and S5c, if the account system exists, taking the account system corresponding to the account domain name which is the same as the first domain name as the target account system of the deployment example.
In this embodiment, for security, each browser only allows one main domain name, each browser has its own account system, the main domain name of the browser is used as the account domain name of the corresponding account system, for example, a user uses one deployment example through a.com, the account system connected to the deployment example includes the account system of a, and the account system of a is used as the target account system, so that the target account system and the deployment example are under the same domain name, and subsequently, when the login state is invalid, the login state can be directly seeded on the corresponding page through a cookie mechanism. When a plurality of instances are deployed in the service system, a plurality of existing account systems can be reused, and the account system of the service system does not need to be set.
In an embodiment, the step S5 of determining the target account system of the deployment instance in the dockable account systems according to a preset rule includes:
S5A, acquiring User-agents of browsers accessing the deployment instances;
S5B, determining an access channel for accessing the deployment instance according to the User-agent;
and S5C, acquiring an account system under the access channel, and taking the account system under the access channel as a target account system of the deployment example.
In this embodiment, the chinese name of the User-agent is the User agent, which is a part of the Http protocol and belongs to a component of the header field, and the User-agent is also referred to as UA for short. It is a special string head, which is an identification for providing information of the browser type and version, operating system and version, browser kernel, etc. used by you to visit the website. Through the identification, the website accessed by the user can display different typesetting so as to provide better experience for the user or carry out information statistics; for example, mobile phone access to google is different from computer access, which is judged by google in terms of visitor UA. And determining whether the visitor accesses through a PC web or a mobile phone H5 according to the UA, wherein the PC web and the mobile phone H5 have different account systems, and directly selecting the account system under the corresponding access channel as a target account system.
In this embodiment, the step S9 of seeding the login state on the page of the deployment instance includes:
step S91, detecting whether the target account system and the front-end page of the corresponding deployment instance are under the same domain name;
s92, planting the login state of the target account system on the corresponding page of the deployment example through a cookie mechanism if the target account system is located on the page;
and S93, if the account is not in the login state, acquiring a first token generated when the account is successfully logged in, and planting the first token in a cookie of the domain name of the deployment instance.
In this embodiment, the front-end page of the target account system and the front-end page of the deployment instance may be under the same domain name, or may be under different domain names, and whether the two are under the same domain name is detected, and if so, the login state is planted on the page of the deployment instance directly through a cookie mechanism. If the front end pages of the client and the server are under different domain names, the user inputs an account number on the login page for login, a token is generated after login is successful, and the token is a string of character strings generated by the server and used as a token requested by the client. And after the account login is successful, jumping to a cookie page of the deployment instance from the login page, taking token as a parameter band to the past during jumping, and planting the token in the cookie of the domain name of the deployment instance. The cookie is a piece of special information sent to the client by the server, the information is stored in the client in a text mode, and the client can take the special information every time the client sends a request to the server.
In an embodiment, the step S6 of invoking the verification service of the target account system to detect whether the login status of the target account system is valid includes:
step S61, obtaining a second token stored in the deployment instance;
step S62, transmitting the second token to the target account system to verify whether the login state of the target account system is valid;
step S63, receiving verification information returned by the target account system;
step S64, determining whether the login state is valid based on the verification information.
In this embodiment, in the target account system, after the account logs in for the first time, the server may generate a second token and return the second token to the service system side, the service system side may store the second token correspondingly, and during subsequent access, the identity authentication may be completed only by taking the second token. A table is recorded in the account system, and the currently logged-in account, the corresponding third token, and the remaining validity period of the third token are recorded in the table. The third token that exceeds the validity period will be set to invalid. And if the second token transmitted to the target account system is the same as the third token in the table and within the validity period, the login state is considered to be valid. If the account number is different from the third token in the table, it indicates that there is no corresponding account number in the target account number system, and an account number needs to be newly created to facilitate login. If the same third token can be found in the table, but the validity period is not reached, the account needs to be re-entered for login. The target account system generates a verification result according to the comparison in the table, the verification result is transmitted back to the service system side, and whether the login state in the target account system is valid or not can be determined according to the verification result. All access requests to the business system take the login state (e.g., token planted in cookie) from the access request and invoke the authentication service. If the login state verification is passed, the corresponding business process in the deployment instance is continued, and if the login state verification is not passed, the corresponding login page of the target account system is skipped.
In an embodiment, the step S5 of determining the target account system of each deployment instance in the account systems that can be docked according to a preset rule includes:
step S501, determining different account systems for the deployment instances as the target account system according to preset rules.
In this embodiment, different account systems are determined for each deployment instance, accounts owned by the same user under different account systems are different, different account systems are determined for each deployment instance, different accounts of the same user can access different deployment instances at the same time, or the same deployment instance can be accessed through different access channels, and different accounts can log in through the same account system and then access the same deployment instance.
Referring to fig. 2, the present application further provides a login device of a service system, including:
the first obtaining unit 10 is configured to obtain each deployment instance of the service system, and obtain a login address corresponding to each account system;
a configuration unit 20, configured to configure the login address into each deployment instance, configure corresponding authentication service in the corresponding deployment instance for each account system, and enable the corresponding account system and the deployment instance to be in butt joint based on the login address and the authentication service;
a first detecting unit 30, configured to detect whether each deployment instance receives an access request;
a second obtaining unit 40, configured to obtain, if received, a dockable account system of the deployment instance that receives the access request;
a determining unit 50, configured to determine, according to a preset rule, a target account system of the deployment instance in the account systems that can be docked;
a calling unit 60, configured to call a verification service of the target account system to detect whether a login state of the target account system is valid;
a third obtaining unit 70, configured to, if the login status is valid, login the deployment instance with an account with a valid login status in the target account system, obtain account information of the target account system, and display the account information on a page of the deployment instance;
a skipping unit 80, configured to skip to a login page of the target account system if the login state is invalid;
the second detecting unit 90 is configured to detect whether an account successfully logs in the login page, acquire a login state of the account successfully logged in if the account successfully logs in, and place the login state on the page of the deployment instance, so that the account successfully logged in the login page logs in the deployment instance.
In an embodiment, the determining unit 50 includes:
the first detection subunit is used for detecting whether an account number is logged in each account number system;
the first acquisition subunit is used for acquiring the number of account systems logged in by the accounts if the account systems logged in by the accounts exist;
the first serving as a subunit, configured to, if the number is equal to 1, take an account system in which an account is logged in as a target account system;
and the second obtaining subunit is configured to, if the number is greater than 1, obtain priorities of the account systems in which the accounts log on, and select the account system with the highest priority as the target account system of the deployment example.
In an embodiment, the determining unit 50 includes:
the second detection subunit is used for detecting the first domain name used when the deployment instance is accessed;
a third detecting subunit, configured to detect whether an account domain name identical to the first domain name exists in the account domain names of the account systems;
and the second serving as a subunit, configured to, if the account system exists, use an account system corresponding to the account domain name that is the same as the first domain name as a target account system of the deployment instance.
In an embodiment, the determining unit 50 includes:
a third obtaining subunit, configured to obtain a User-agent of each browser accessing the deployment instance;
the first determining subunit is used for determining an access channel for accessing the deployment instance according to the User-agent;
and the fourth acquisition subunit is configured to acquire the account system in the access channel, and use the account system in the access channel as the target account system of the deployment instance.
In one embodiment, the second detecting unit 90 includes:
a fourth detection subunit, configured to detect whether the target account system and the corresponding front-end page of the deployment instance are under the same domain name;
the planting subunit is used for planting the login state of the target account system on the corresponding page of the deployment instance through a cookie mechanism if the target account system is in the login state;
and the fifth acquiring subunit is configured to acquire the first token generated when the account successfully logs in if the first token is not located, and place the first token in a cookie of the domain name of the deployment instance.
In one embodiment, the invoking unit 60 includes:
a sixth obtaining subunit, configured to obtain a second token stored in the deployment instance;
a verification subunit, configured to transmit the second token to the target account system to verify whether a login state of the target account system is valid;
the receiving subunit is used for receiving the verification information returned by the target account system;
a second determination subunit that determines whether the login state is valid based on the authentication information.
In an embodiment, the determining unit 50 includes:
and the third determining subunit is configured to determine, according to a preset rule, different account systems for the deployment instances as the target account system.
In this embodiment, please refer to the above method embodiment for the specific implementation of each unit and sub-unit, which is not described herein again.
Referring to fig. 3, a computer device, which may be a server and whose internal structure may be as shown in fig. 3, is also provided in the embodiment of the present application. The computer device includes a processor, a memory, a network interface, and a database connected by a system bus. Wherein the computer designed processor is used to provide computational and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operating system and the computer program to run on the non-volatile storage medium. The database of the computer device is used for storing data and the like. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a method of logging on a business system.
Those skilled in the art will appreciate that the architecture shown in fig. 3 is only a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects may be applied.
An embodiment of the present application further provides a computer-readable storage medium, on which a computer program is stored, and the computer program, when executed by a processor, implements a login method for a business system.
In summary, for the login method, the login device, the computer device, and the storage medium of the service system provided in the embodiment of the present application, each deployment instance of the service system is obtained, and a login address corresponding to each account system is obtained; configuring the login address into each deployment instance, configuring corresponding verification service for each account system in the corresponding deployment instance, and enabling the corresponding account system to be in butt joint with the deployment instance based on the login address and the verification service; detecting whether each deployment instance receives an access request; if so, acquiring a dockable account system of the deployment instance receiving the access request; determining a target account system of the deployment example in the account systems capable of being butted according to a preset rule; calling a verification service of the target account system to detect whether the login state of the target account system is valid; if the login state is valid, logging in the deployment example by using the account with the valid login state in the target account system, acquiring account information of the target account system, and displaying the account information on a page of the deployment example; if the login state is invalid, jumping to a login page of the target account system; and detecting whether an account successfully logs in the login page, if so, acquiring the login state of the account successfully logged in, and planting the login state on the deployment instance page so as to log in the deployment instance by the account successfully logged in the login page. According to the login method and device of the business system, the computer equipment and the storage medium, the existing account system is configured in the corresponding deployment example, the business system does not need to set the own account system, and the existing account system is used for login, so that the development amount of the business system is reduced. When the account number exists in the existing account number system, the user can directly log in and use the service system without re-registering or generating. The account system of the business system is not fixed, and different account systems are connected in a butt joint mode, so that the reusability of the business system is improved, and multi-instance deployment is supported. The existing account system is utilized to keep the relevant rules and security settings of the account consistent with the existing account system.
It will be understood by those skilled in the art that all or part of the processes of the methods of the above embodiments may be implemented by hardware associated with instructions of a computer program, which may be stored on a non-volatile computer-readable storage medium, and when executed, may include processes of the above embodiments of the methods. Any reference to memory, storage, database, or other medium provided herein and used in the examples may include non-volatile and/or volatile memory. Non-volatile memory can include read-only memory (ROM), programmable ROM (PROM), electrically Programmable ROM (EPROM), electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double data rate SDRAM (SSRDRAM), enhanced SDRAM (ESDRAM), synchronous Link (Synchlink) DRAM (SLDRAM), rambus (Rambus) direct RAM (RDRAM), direct bused dynamic RAM (DRDRAM), and bused dynamic RAM (RDRAM).
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, apparatus, article, or method that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, apparatus, article, or method. Without further limitation, an element defined by the phrase "comprising a … …" does not exclude the presence of another identical element in a process, apparatus, article, or method that comprises the element.
The above description is only for the preferred embodiment of the present application and not intended to limit the scope of the present application, and all modifications of equivalent structures and equivalent processes, which are made by the contents of the specification and the drawings of the present application, or which are directly or indirectly applied to other related technical fields, are intended to be included within the scope of the present application.
Claims (10)
1. A login method of a service system is characterized by comprising the following steps:
acquiring each deployment example of a service system, and acquiring a login address corresponding to each account system;
configuring the login address into each deployment instance, configuring corresponding verification service for each account system in the corresponding deployment instance, and enabling the corresponding account system to be in butt joint with the deployment instance based on the login address and the verification service;
detecting whether each deployment instance receives an access request;
if so, acquiring the account system which can be butted with the deployment example and receives the access request;
determining a target account system of the deployment example in the account systems capable of being butted according to a preset rule;
calling a verification service of the target account system to detect whether the login state of the target account system is valid;
if the login state is valid, logging in the deployment example by using the account with the valid login state in the target account system, acquiring account information of the target account system, and displaying the account information on a page of the deployment example;
if the login state is invalid, jumping to a login page of the target account system;
and detecting whether an account successfully logs in the login page, if so, acquiring the login state of the account successfully logged in, and planting the login state on the page of the deployment instance so as to log in the deployment instance by the account successfully logged in the login page.
2. The login method for the business system according to claim 1, wherein the step of determining the target account system of the deployment instance in the dockable account system according to a preset rule comprises:
detecting whether an account number is logged in each account number system;
if yes, acquiring the number of account systems logged in by the account;
if the number is equal to 1, taking an account system with account login as a target account system;
if the number is larger than 1, acquiring the priority of each account system logged by the account, and selecting the account system with the highest priority as the target account system of the deployment example.
3. The logging method for the business system according to claim 1, wherein the step of determining the target account system of the deployment instance in the account systems that can be docked according to a preset rule comprises:
detecting a first domain name used when accessing the deployment instance;
detecting whether account domain names of the account systems have account domain names which are the same as the first domain name;
if so, taking an account system corresponding to the account domain name which is the same as the first domain name as a target account system of the deployment example.
4. The logging method for the business system according to claim 1, wherein the step of determining the target account system of the deployment instance in the account systems that can be docked according to a preset rule comprises:
acquiring User-agent of each browser accessing the deployment instance;
determining an access channel for accessing the deployment instance according to the User-agent;
and acquiring an account system under the access channel, and taking the account system under the access channel as a target account system of the deployment example.
5. The method of claim 1, wherein the step of seeding the login status on the page of the deployment instance comprises:
detecting whether a front-end page of the target account system and a front-end page of the corresponding deployment example are under the same domain name;
if so, planting the login state of the target account system on the page of the corresponding deployment example through a cookie mechanism;
and if not, acquiring a first token generated when the account successfully logs in, and arranging the first token in a cookie of the domain name of the deployment instance.
6. The login method of business system according to claim 1, wherein the step of invoking the authentication service of the target account system to detect whether the login status of the target account system is valid comprises:
obtaining a second token stored in the deployment instance;
transmitting the second token to the target account system to verify whether the login state of the target account system is valid;
receiving verification information returned by the target account system;
determining whether the login status is valid based on the authentication information.
7. The logging method for the business system according to claim 1, wherein the step of determining the target account system of the deployment instance in the account systems that can be docked according to a preset rule comprises:
and determining different account systems for the deployment examples as the target account system according to preset rules.
8. A login apparatus for a business system, comprising:
the first acquisition unit is used for acquiring each deployment example of the service system and acquiring a login address corresponding to each account system;
a configuration unit, configured to configure the login address in each deployment instance, configure corresponding authentication service in the corresponding deployment instance for each account system, and enable the corresponding account system and the deployment instance to be in butt joint based on the login address and the authentication service;
a first detecting unit, configured to detect whether each deployment instance receives an access request;
a second obtaining unit, configured to obtain, if the docking account system of the deployment instance that receives the access request is received, the dockable account system of the deployment instance;
a determining unit, configured to determine, according to a preset rule, a target account system of the deployment instance in the account systems that can be docked;
the calling unit is used for calling the verification service of the target account system to detect whether the login state of the target account system is valid;
a third obtaining unit, configured to, if the login status is valid, login the deployment instance with an account with a valid login status in the target account system, obtain account information of the target account system, and display the account information on a page of the deployment instance;
the skipping unit is used for skipping to a login page of the target account system if the login state is invalid;
and the second detection unit is used for detecting whether an account successfully logs in the login page, acquiring the login state of the account which successfully logs in if the account successfully logs in, and planting the login state on the page of the deployment instance so as to log in the deployment instance by the account which successfully logs in the login page.
9. A computer arrangement comprising a memory and a processor, the memory having stored therein a computer program, characterized in that the processor, when executing the computer program, carries out the steps of the method of logging on a business system of any one of claims 1 to 7.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the logging method of a business system of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110737157.2A CN113392386B (en) | 2021-06-30 | 2021-06-30 | Login method and device of business system, computer equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110737157.2A CN113392386B (en) | 2021-06-30 | 2021-06-30 | Login method and device of business system, computer equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113392386A CN113392386A (en) | 2021-09-14 |
| CN113392386B true CN113392386B (en) | 2022-11-04 |
Family
ID=77624641
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110737157.2A Active CN113392386B (en) | 2021-06-30 | 2021-06-30 | Login method and device of business system, computer equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113392386B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111628965A (en) * | 2020-04-03 | 2020-09-04 | 北京奇艺世纪科技有限公司 | Cross-domain name login method and device |
| CN112417439A (en) * | 2019-08-21 | 2021-02-26 | 北京达佳互联信息技术有限公司 | Account detection method, device, server and storage medium |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105491048A (en) * | 2015-12-10 | 2016-04-13 | 小米科技有限责任公司 | Account management method and apparatus |
| CN111783067B (en) * | 2016-05-09 | 2023-09-08 | 创新先进技术有限公司 | Automatic login method and device between multiple network stations |
| US11012444B2 (en) * | 2018-06-25 | 2021-05-18 | Oracle International Corporation | Declarative third party identity provider integration for a multi-tenant identity cloud service |
| CN108848113B (en) * | 2018-08-15 | 2021-03-26 | 广州视源电子科技股份有限公司 | Client device login control method and device, storage medium and server |
| CN112291183B (en) * | 2019-07-23 | 2022-04-29 | 腾讯科技(深圳)有限公司 | Account login method, system and related equipment |
| CN112306591B (en) * | 2019-07-31 | 2022-07-22 | 腾讯科技(深圳)有限公司 | Remote debugging method and device based on page |
| CN110502889A (en) * | 2019-09-17 | 2019-11-26 | 腾讯科技(深圳)有限公司 | Login method, device, computer readable storage medium and computer equipment |
-
2021
- 2021-06-30 CN CN202110737157.2A patent/CN113392386B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112417439A (en) * | 2019-08-21 | 2021-02-26 | 北京达佳互联信息技术有限公司 | Account detection method, device, server and storage medium |
| CN111628965A (en) * | 2020-04-03 | 2020-09-04 | 北京奇艺世纪科技有限公司 | Cross-domain name login method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113392386A (en) | 2021-09-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109587133B (en) | Single sign-on system and method | |
| US10057251B2 (en) | Provisioning account credentials via a trusted channel | |
| US9954855B2 (en) | Login method and apparatus, and open platform system | |
| CN103023918B (en) | The mthods, systems and devices logged in are provided for multiple network services are unified | |
| US10944743B2 (en) | Rich communication services security authentication system | |
| EP3723341A1 (en) | Single sign-on for unmanaged mobile devices | |
| CN109831511A (en) | Method and equipment for scheduling content delivery network CDN edge nodes | |
| US7752322B2 (en) | System for ubiquitous network presence and access without cookies | |
| CN106254451B (en) | Embedded device web menu control system and method | |
| US10091179B2 (en) | User authentication framework | |
| CN102624737A (en) | Single sign-on integrated method for Form identity authentication in single login system | |
| CN104660409B (en) | The method of system login and certificate server cluster under cluster environment | |
| CN106254319B (en) | Light application login control method and device | |
| US10110754B2 (en) | Provisioning a trial service to a mobile device | |
| CN102710621B (en) | A kind of user authentication method and system | |
| CN116484338A (en) | Database access method and device | |
| CN109327468A (en) | A kind of offline reminding method, device, equipment and storage medium | |
| CN113392386B (en) | Login method and device of business system, computer equipment and storage medium | |
| CN111356090B (en) | Networking method of network, device thereof, terminal and computer readable storage medium | |
| CN109639788B (en) | Cross-domain name joint debugging method and system for voice conversation platform | |
| CN109150862B (en) | Method and server for realizing token roaming | |
| CN110572417B (en) | Method, apparatus, server and storage medium for providing login ticket | |
| CN114265642A (en) | Information processing method, information processing device, electronic equipment and computer readable storage medium | |
| CN110881038B (en) | Communication authentication method, system, equipment and storage medium | |
| CN114095483A (en) | Password substitution filling method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |