CN115396192A - User identity verification method and device, computer equipment and storage medium - Google Patents
User identity verification method and device, computer equipment and storage medium Download PDFInfo
- Publication number
- CN115396192A CN115396192A CN202211021582.2A CN202211021582A CN115396192A CN 115396192 A CN115396192 A CN 115396192A CN 202211021582 A CN202211021582 A CN 202211021582A CN 115396192 A CN115396192 A CN 115396192A
- Authority
- CN
- China
- Prior art keywords
- server
- time
- user
- management equipment
- current time
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Telephonic Communication Services (AREA)
Abstract
The application provides a user identity verification method, a user identity verification device, computer equipment and a storage medium, relates to the technical field of network security, and is used for improving the accuracy of user identity verification so as to ensure the network security of a related service system. The method mainly comprises the following steps: receiving a login request sent by a user through management equipment, wherein the login request comprises a user account, a management equipment identifier and a one-time password; the one-time password is generated by a mobile terminal bound by the management equipment; generating a check code according to the user account, the management equipment identifier and the current time of the server; no network communication exists between the server and the mobile terminal; judging whether the check code is the same as the one-time password or not; and if the check code is the same as the one-time password, determining that the user successfully logs in.
Description
Technical Field
The present application relates to the field of network security technologies, and in particular, to a method and an apparatus for verifying a user identity, a computer device, and a storage medium.
Background
The traditional enterprise business management system generally logs in a single password form, namely, the identity of a user is verified through an input user account and a corresponding fixed password. However, the user may still be hacked into the operation page of the management system by brute force cracking, that is, the account and the password corresponding to the user are obtained by brute force cracking, so that the user identity is verified to be passed.
Disclosure of Invention
The embodiment of the application provides a user identity verification method and device, computer equipment and a storage medium, which are used for improving the accuracy of user identity verification so as to ensure the network security of a related service system.
The embodiment of the invention provides a user identity verification method, which is applied to a server and comprises the following steps:
receiving a login request sent by a user through management equipment, wherein the login request comprises a user account, a management equipment identifier and a one-time password; the one-time password is generated by the mobile terminal bound by the management equipment;
generating a check code according to the user account, the management equipment identifier and the current time of the server; no network communication exists between the server and the mobile terminal;
judging whether the check code is the same as the one-time password or not;
and if the check code is the same as the one-time password, determining that the user login is successful.
The embodiment of the invention provides a user identity verification device, which comprises:
the system comprises a receiving module, a processing module and a processing module, wherein the receiving module is used for receiving a login request sent by a user through a management device, and the login request comprises a user account, a management device identifier and a one-time password; the one-time password is generated by the mobile terminal bound by the management equipment;
the generating module is used for generating a check code according to the user account, the management equipment identifier and the current time of the server; no network communication exists between the server and the mobile terminal;
the judging module is used for judging whether the check code is the same as the one-time password or not;
and the determining module is used for determining that the user successfully logs in if the check code is the same as the one-time password.
A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, the processor implementing the user identity verification method when executing the computer program.
A computer-readable storage medium, in which a computer program is stored, which, when executed by a processor, implements the above-mentioned user identity verification method.
The invention provides a user identity verification method, a user identity verification device, computer equipment and a storage medium, wherein a login request sent by a user through management equipment is received firstly, and the login request comprises a user account, a management equipment identifier and a one-time password; the one-time password is generated by the mobile terminal bound by the management equipment; then generating a check code according to the user account, the management equipment identifier and the current time of the server; judging whether the check code is the same as the one-time password or not; and if the check code is the same as the one-time password, determining that the user login is successful. Compared with the fixed password form corresponding to the user account in the prior art, the embodiment adopts the mode of generating the check code according to the user account, the management equipment identifier and the current time of the server to check the identity of the user, and the mode of generating the check code by the mobile terminal and the mode of generating the check code by the server are systematic, so that the server can still realize the check of the one-time password in the login request even if no network communication exists between the server and the mobile terminal, thereby improving the accuracy of the check of the user identity through the invention and ensuring the network security of a related service system.
Drawings
Fig. 1 is a block diagram of a user identity verification system provided in the present application;
fig. 2 is a flowchart of a user identity verification method provided in the present application;
FIG. 3 is a flow chart of another method for verifying user identity provided herein;
fig. 4 is a schematic structural diagram of a user identity verification apparatus provided in the present application;
fig. 5 is a schematic diagram of a computer device provided in the present application.
Detailed Description
In order to better understand the technical solutions of the embodiments of the present application, the following detailed descriptions are provided with accompanying drawings and specific embodiments, and it should be understood that the specific features in the embodiments and examples of the present application are detailed descriptions of the technical solutions of the embodiments of the present application, but not limitations of the technical solutions of the present application, and the technical features in the embodiments and examples of the present application may be combined with each other without conflict.
Embodiments of the present application will be described in detail below with reference to fig. 1.
The scheme provided by the embodiment of the application can be applied to the user identity verification system 10 shown in fig. 1. As shown in fig. 1, the user identity verification system 10 may include: a server 11, at least one management device 12 and a mobile terminal 13.
A mobile terminal 13 for generating a one-time password for the bound management device;
the management device 12 is configured to send a login request to the server 11, where the login request includes a user account, a management device identifier, and a one-time password;
the server 11 is configured to generate a check code according to the user account, the management device identifier, and the current time of the server; no network communication exists between the server and the mobile terminal;
the server 11 is used for judging whether the check code is the same as the one-time password or not;
and the server 11 is configured to determine that the user login is successful if the server 11 determines that the check code is the same as the one-time password.
It should be noted that the identification information table in the management device 12 in this embodiment may include a plurality of user accounts, each user account corresponds to one user, that is, one management device 12 in this embodiment may satisfy the login of a plurality of users; the user may also be bound to multiple management devices 12, that is, the user account of the user may be stored in multiple management devices 12, so that the same user logs in different management devices 12.
The management device 12 may be operated on an electronic device such as a tablet computer, a notebook computer, an ultra-mobile personal computer (UMPC), a netbook, a Personal Digital Assistant (PDA), and the like.
Referring to fig. 2, a user identity verification method according to an embodiment of the present invention is described in terms of server execution, and includes steps S201 to S204:
step S201, a login request sent by a user through a management device is received, wherein the login request comprises a user account, a management device identifier and a one-time password.
Specifically, a user initiates a login request through a login interface displayed by the management device, that is, the user inputs a user account, a management device identifier and a one-time password on the login interface. The one-time password is generated by a mobile terminal bound with the management device, and the management device identifier is used for uniquely identifying the management device, namely the device identifier of the management device used by the user.
It should be noted that, when a user initiates a login request through the login interface, the management device identifier may be added by default, that is, the user only needs to input a corresponding user account and a one-time password to send the login request.
In an optional embodiment provided by the present invention, a plurality of bound users may be configured in a management device, and then user accounts of the bound users are stored in a data table, when a user inputs a user account through a login interface, the data table needs to be called to determine whether the user account input by the user is in the data table, and if the user account input by the user is in the data table, the user may further input a corresponding one-time password; if the user account input by the user is not in the data table, outputting prompt information of the user account which requires to be input and bound so as to prompt that the user account currently input by the user does not belong to the account bound by the management equipment. In addition, when a user initiates login through a login interface, the user can directly click the user account input box to select the user account which the user wants to log in.
Step S202, generating a check code according to the user account, the management equipment identification and the current time of the server.
Even if no network communication exists between the server and the mobile terminal, the user can still initiate a login request through the one-time password generated by the mobile terminal.
In an optional embodiment provided by the present invention, the generating a check code according to the user account, the management device identifier, and the current time of the server includes:
s2021, acquiring codes of a time section corresponding to the current time of the server, wherein the time section is of a fixed duration.
The fixed time period may be set according to requirements, for example, the fixed time period may be set to 3 minutes, 5 minutes, 1 hour, 2 hours, or 3 hours. For example, if the fixed duration is 1 hour, the fixed duration can be divided into 24 time segments, the 1 st time segment (00.
In this embodiment, if the obtained current time of the server is 01.
It should be noted that the fixed time duration in this embodiment may be configured according to the valid time of the one-time password, and if the valid time of the one-time password is 5 minutes, the fixed time duration is 5 minutes, then the one day may be divided into 288 time segments, for example, the first time segment may be 00-00, and the second time segment may be 00-06-00.
S2022, calculating a quotient of the difference value between the current time and the preset starting time of the server and the fixed time length, and rounding up the quotient to obtain a target value.
The preset starting time is the current time of the server which is acquired by the mobile terminal last time, and if the current time of the server which is acquired by the mobile terminal last time is 2022-08-20, the preset starting time is 2022-08-20.
For example, if the current time of the server is 2022-08-19, the preset start time is 2022-08-20, 10, and the fixed time duration is 5 minutes, the calculated quotient is 1450/5=290, and the target value obtained by rounding up the quotient 290 is still 290.
And S2023, generating a check code according to the user account, the management equipment identifier, the time zone code and the target value.
Specifically, in this embodiment, the check code may be obtained by splicing the user account, the management device identifier, the code of the time segment, and the target value, or an MD5 value generated according to the user account, the management device identifier, the code of the time segment, and the target value is used as the check code, which is not specifically limited in this embodiment.
In this embodiment, the manner in which the server generates the check code is the same as the manner in which the mobile terminal generates the one-time password, and since the check code is generated based on the user account, the management device identifier, the code of the time segment, and the target value, the code of the time segment can ensure the timeliness of the check code (i.e., the one-time password), and the target value can ensure that the check code of the one-time password, which can be verified accurately enough, is generated even when the codes of the time segments are consistent (e.g., codes of time segments corresponding to the current times determined by 2022-08-19 and 2022-08-20.
Step S203, judging whether the check code is the same as the one-time password.
It should be noted that, in this embodiment, the manner in which the mobile terminal generates the one-time password and the manner in which the server generates the check code are systematic, but the mobile terminal is the current time of the server estimated according to the preset starting time. When the server updates the preset starting time, the preset starting time needs to be synchronized to the mobile terminal.
And step S204, if the check code is the same as the one-time password, determining that the user successfully logs in.
The invention provides a user identity verification method, which comprises the steps of firstly receiving a login request sent by a user through a management device, wherein the login request comprises a user account, a management device identifier and a one-time password; the one-time password is generated by a mobile terminal bound by the management equipment; then generating a check code according to the user account, the management equipment identifier and the current time of the server; judging whether the check code is the same as the one-time password or not; and if the check code is the same as the one-time password, determining that the user login is successful. Compared with the fixed password form corresponding to the user account in the prior art, the embodiment adopts the mode of generating the check code according to the user account, the management equipment identifier and the current time of the server to check the identity of the user, and because the mode of generating the one-time password by the mobile terminal and the mode of generating the check code by the server are systematic, the server can still realize the check of the one-time password in the login request even if no network communication exists between the server and the mobile terminal, so the accuracy of the user identity check can be improved through the invention, and the network safety of a related service system is ensured.
Referring to fig. 3, a user identity verification method according to an embodiment of the present invention is described in terms of server execution, and includes steps S301 to S3052:
step S301, a login request sent by a user through a management device is received, wherein the login request comprises a user account, a management device identifier and a one-time password.
The one-time password is generated by a mobile terminal bound by the management equipment; the login request also comprises a sending time difference calculated according to the current time of the pre-estimation server of the mobile terminal and the request sending time. The request sending time is the time for the management device to send the login request, the current time of the estimation server of the mobile terminal is determined according to the current time of the mobile terminal and the obtained preset starting time, if the preset starting time is 2022-08-19 18, the time for the mobile terminal to obtain the preset starting time is 2022-08-19, the time for the login request sent by the user is 2022-08-19, that is, the mobile terminal passes 1 hour and zero 1 minute after obtaining the preset starting time, so the current time of the estimation server of the mobile terminal is 2022-08-19.
Step S302, calculating a receiving time difference between the current time of the server and the request receiving time.
Step S303, determining whether a difference between the sending time difference and the receiving time difference is smaller than a first preset value.
For example, the estimated server current time of the mobile terminal is 2022-08-19 18, the request sending time is 2022-08-19, the server current time is 2022-08-19 02, the request receiving time is 2022-08-19.
Step S304A, if the difference value is smaller than the first preset value, a check code is generated according to the user account, the management equipment identifier and the current time of the server.
Step S304B, if it is determined that the difference is greater than or equal to the first preset value, determining whether a time difference between the current time of the server and the current time of the pre-estimated server of the mobile terminal is greater than a second preset value.
Step S304B is a parallel step of step S304A, and if it is determined that the difference is smaller than the first preset value, it indicates that the network delay is smaller and the time difference between the mobile terminal and the server is smaller, at this time, a check code may be generated according to the user account, the management device identifier, and the current time of the server, where the generation of the check code may specifically refer to the description of the corresponding step in fig. 2, and this embodiment is not described herein again.
On the contrary, if the difference is greater than or equal to the first preset value, it is indicated that the network delay is large and/or the time difference between the mobile terminal and the server is large, and at this time, it is further determined whether the time difference between the current time of the server and the estimated current time of the server of the mobile terminal is greater than the second preset value, that is, it is determined whether the difference is large due to the time inconsistency between the mobile terminal and the server.
And S3051, if the current time is greater than the second preset value, generating a two-dimensional code according to the current time of the server, and sending the two-dimensional code to the mobile terminal, so that the user obtains the current time of the server by scanning the two-dimensional code, and generates the one-time password according to the obtained current time of the server, the user account and the management equipment identifier.
And S3052, if the value is less than or equal to a second preset value, sending a prompt message of requesting to log in again for the network fault to the management equipment.
In this embodiment, the time difference between the current time of the server and the current time of the pre-estimated server of the mobile terminal is greater than the second preset value, which indicates that the time difference between the mobile terminal and the server is large, and at this time, the current time of the server needs to be synchronized to the mobile terminal. The specific mode is as follows: and generating a two-dimensional code according to the current time of the server, sending the two-dimensional code to the mobile terminal, enabling a user to obtain the current time of the server by scanning the two-dimensional code, updating the preset starting time according to the obtained current time of the server, and then generating the one-time password according to the obtained current time of the server, the user account and the management equipment identifier.
In an embodiment provided by the present invention, before receiving a login request sent by a user through a management device, the method further includes: receiving a registration request sent by a user through management equipment, wherein the registration request comprises a user account and a user password; if the user account and the user password pass the verification, acquiring the management equipment identifier and the mobile terminal identifier; correspondingly storing the user account, the management equipment identification and the mobile terminal identification, and binding the management equipment and the mobile terminal corresponding to the mobile terminal identification; and generating a two-dimensional code according to the current time of the server, sending the two-dimensional code to the management equipment, enabling the mobile terminal bound with the management equipment to scan the two-dimensional code so as to acquire and store the current time of the server, and storing the acquired current time of the server as a preset starting time into the mobile terminal.
In an optional embodiment provided by the present invention, after determining that the user login is successful, the method further includes: counting the operating frequency of each function authority owned by the user on the management equipment; and deleting the function authority of which the user operation frequency is less than the target numerical value. Wherein, the target value can be set according to actual requirements. Specifically, a system administrator gives a user authority to a certain account, a user has an unused menu in daily use, the system can count the use condition and is divided into two stages, the menus in the first stage move downwards sequentially, and if the menus which have been moved downwards in the second stage are still not used for a long time, the authority of the current account can be removed.
It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by functions and internal logic of the process, and should not limit the implementation process of the embodiments of the present invention in any way.
In an embodiment, a user identity verification apparatus is provided, where the user identity verification apparatus corresponds to the user identity verification method in the foregoing embodiment one to one. As shown in fig. 4, the functional modules of the user identity verification apparatus are described in detail as follows:
a receiving module 41, configured to receive a login request sent by a user through a management device, where the login request includes a user account, a management device identifier, and a one-time password; the one-time password is generated by the mobile terminal bound by the management equipment;
a generating module 42, configured to generate a check code according to the user account, the management device identifier, and the current time of the server; no network communication exists between the server and the mobile terminal;
a judging module 43, configured to judge whether the check code is the same as the one-time password;
a determining module 44, configured to determine that the user successfully logs in if the check code is the same as the one-time password.
In an optional embodiment, the login request further includes a sending time difference calculated according to the current time of the estimation server of the mobile terminal and the request sending time, and the apparatus further includes a calculating module 45:
a calculation module 45, configured to calculate a receiving time difference between the current time of the server and the request receiving time;
a determining module 43, configured to determine whether a difference between the sending time difference and the receiving time difference is smaller than a first preset value;
a generating module 42, configured to generate a check code according to the user account, the management device identifier, and the current time of the server if it is determined that the difference is smaller than the first preset value.
In an optional embodiment, the generating module 42 is further configured to, if it is determined that the difference is greater than or equal to the first preset value, generate a two-dimensional code according to the current time of the server, and send the two-dimensional code to the mobile terminal, so that the user obtains the current time of the server by scanning the two-dimensional code, and generates the one-time password according to the obtained current time of the server, the user account, and the management device identifier.
In an optional embodiment, the determining module 43 is configured to determine whether a time difference between the current time of the server and the current time of the pre-estimated server of the mobile terminal is greater than a second preset value;
a generating module 42, configured to generate a two-dimensional code according to the current time of the server if the current time is greater than the second preset value, and send the two-dimensional code to the mobile terminal, so that the user obtains the current time of the server by scanning the two-dimensional code, and generates the one-time password according to the obtained current time of the server, the user account, and the management device identifier; and if the value is less than or equal to the second preset value, sending network fault re-login prompt information to the management equipment.
In an optional embodiment, the generating module 42 is specifically configured to:
the acquisition module is used for acquiring codes of a time section corresponding to the current time of the server, wherein the time section is a fixed duration;
a calculating module 45, configured to calculate a quotient of a difference between the current time of the server and a preset starting time compared with the fixed duration; rounding up the quotient to obtain a target value;
and a generating module 42, configured to generate a check code according to the user account, the management device identifier, the code of the time segment, and the target value.
In an optional embodiment, the receiving module 41 is further configured to receive a registration request sent by a user through the management device, where the registration request includes a user account and a user password;
the acquisition module is used for acquiring the management equipment identifier and the mobile terminal identifier if the user account and the user password pass verification;
the storage binding module is used for correspondingly storing the user account, the management equipment identifier and the mobile terminal identifier and binding the management equipment and the mobile terminal corresponding to the mobile terminal identifier;
and the generating module 42 is configured to generate a two-dimensional code according to the current time of the server, and send the two-dimensional code to the management device, so that the mobile terminal bound to the management device scans the two-dimensional code to obtain and store the current time of the server.
In an optional embodiment, the apparatus further comprises:
the statistical module is used for counting the operation frequency of each function authority owned by the user on the management equipment;
and the deleting module is used for deleting the function authority of which the user operation frequency is less than the target numerical value.
For the specific definition of the user identity verification apparatus, reference may be made to the above definition of the user identity verification method, which is not described herein again. The various modules in the above-described apparatus may be implemented in whole or in part by software, hardware, and combinations thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In one embodiment, a computer device is provided, which may be a server, the internal structure of which may be as shown in fig. 5. The computer device includes a processor, a memory, a network interface, and a database connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a user identity verification method.
In one embodiment, there is provided a computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the following steps when executing the computer program:
receiving a login request sent by a user through management equipment, wherein the login request comprises a user account, a management equipment identifier and a one-time password; the one-time password is generated by the mobile terminal bound by the management equipment;
generating a check code according to the user account, the management equipment identifier and the current time of the server; no network communication exists between the server and the mobile terminal;
judging whether the check code is the same as the one-time password or not;
and if the check code is the same as the one-time password, determining that the user successfully logs in.
In one embodiment, a computer-readable storage medium is provided, having a computer program stored thereon, which when executed by a processor, performs the steps of:
receiving a login request sent by a user through management equipment, wherein the login request comprises a user account, a management equipment identifier and a one-time password; the one-time password is generated by the mobile terminal bound by the management equipment;
generating a check code according to the user account, the management equipment identifier and the current time of the server; no network communication exists between the server and the mobile terminal;
judging whether the check code is the same as the one-time password or not;
and if the check code is the same as the one-time password, determining that the user login is successful.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above may be implemented by hardware instructions of a computer program, which may be stored in a non-volatile computer-readable storage medium, and when executed, may include the processes of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), programmable ROM (PROM), electrically Programmable ROM (EPROM), electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double Data Rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous Link DRAM (SLDRAM), rambus (Rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-mentioned division of the functional units and modules is illustrated, and in practical applications, the above-mentioned function distribution may be performed by different functional units and modules according to needs, that is, the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-mentioned functions.
The above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not depart from the spirit and scope of the embodiments of the present invention, and they should be construed as being included therein.
Claims (10)
1. A user identity verification method is applied to a server, and comprises the following steps:
receiving a login request sent by a user through management equipment, wherein the login request comprises a user account, a management equipment identifier and a one-time password; the one-time password is generated by the mobile terminal bound by the management equipment;
generating a check code according to the user account, the management equipment identifier and the current time of the server; no network communication exists between the server and the mobile terminal;
judging whether the check code is the same as the one-time password or not;
and if the check code is the same as the one-time password, determining that the user login is successful.
2. The method according to claim 1, wherein the login request further includes a sending time difference calculated according to a current time of a pre-estimation server of the mobile terminal and a request sending time, and before generating the check code according to the user account, the management device identifier and the current time of the server, the method further includes:
calculating a receiving time difference between the current time of the server and the request receiving time;
judging whether the difference value of the sending time difference and the receiving time difference is smaller than a first preset value or not;
the generating a check code according to the user account, the management device identifier and the current time of the server includes:
and if the difference value is smaller than the first preset value, generating a check code according to the user account, the management equipment identifier and the current time of the server.
3. The method of claim 2, wherein after determining whether the difference between the transmission time difference and the reception time difference is less than a first predetermined value, the method further comprises:
if the difference is determined to be larger than or equal to the first preset value, a two-dimensional code is generated according to the current time of the server, the two-dimensional code is sent to the mobile terminal, the user obtains the current time of the server by scanning the two-dimensional code, and the one-time password is generated according to the obtained current time of the server, the user account and the management equipment identifier.
4. The method of claim 2, wherein after determining that the difference is greater than or equal to the first preset value, the method further comprises:
judging whether the time difference between the current time of the server and the current time of the pre-estimated server of the mobile terminal is greater than a second preset value or not;
if the current time is greater than the second preset value, generating a two-dimensional code according to the current time of the server, and sending the two-dimensional code to the mobile terminal, so that the user obtains the current time of the server by scanning the two-dimensional code, and generates the one-time password according to the obtained current time of the server, the user account and the management equipment identifier;
and if the value is less than or equal to the second preset value, sending a prompt message of network fault re-login request to the management equipment.
5. The method according to any one of claims 1 to 4, wherein the generating a check code according to the user account, the management device identifier, and a current time of a server comprises:
acquiring codes of a time section corresponding to the current time of the server, wherein the time section is a fixed time length;
calculating a quotient value of the difference value of the current time and the preset starting time of the server to the fixed time length; rounding up the quotient to obtain a target value;
and generating a check code according to the user account, the management equipment identifier, the code of the time section and the target value.
6. The method of claim 1, wherein prior to receiving a login request sent by a user via the management device, the method further comprises:
receiving a registration request sent by a user through management equipment, wherein the registration request comprises a user account and a user password;
if the user account and the user password pass the verification, acquiring the management equipment identifier and the mobile terminal identifier;
correspondingly storing the user account, the management equipment identifier and the mobile terminal identifier, and binding the management equipment and the mobile terminal corresponding to the mobile terminal identifier;
and generating a two-dimensional code according to the current time of the server, and sending the two-dimensional code to the management equipment, so that the mobile terminal bound with the management equipment scans the two-dimensional code to acquire and store the current time of the server.
7. The method of claim 1, wherein after determining that the user login is successful, the method further comprises:
counting the operation frequency of each function authority of the user on the management equipment;
and deleting the function authority of which the user operation frequency is less than the target numerical value.
8. A user identity verification apparatus, the apparatus comprising:
the system comprises a receiving module, a login module and a management module, wherein the receiving module is used for receiving a login request sent by a user through management equipment, and the login request comprises a user account, a management equipment identifier and a one-time password; the one-time password is generated by the mobile terminal bound by the management equipment;
the generating module is used for generating a check code according to the user account, the management equipment identifier and the current time of the server; no network communication exists between the server and the mobile terminal;
the judging module is used for judging whether the check code is the same as the one-time password or not;
and the determining module is used for determining that the user successfully logs in if the check code is the same as the one-time password.
9. A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, wherein the processor implements the user identity verification method according to any one of claims 1 to 7 when executing the computer program.
10. A computer-readable storage medium, in which a computer program is stored, which, when being executed by a processor, carries out a user identity verification method according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211021582.2A CN115396192A (en) | 2022-08-24 | 2022-08-24 | User identity verification method and device, computer equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211021582.2A CN115396192A (en) | 2022-08-24 | 2022-08-24 | User identity verification method and device, computer equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115396192A true CN115396192A (en) | 2022-11-25 |
Family
ID=84122865
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211021582.2A Pending CN115396192A (en) | 2022-08-24 | 2022-08-24 | User identity verification method and device, computer equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115396192A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117336102A (en) * | 2023-11-30 | 2024-01-02 | 北京冠程科技有限公司 | Identity authentication system with multiple verification and authentication method thereof |
| CN117556397A (en) * | 2024-01-12 | 2024-02-13 | 国投人力资源服务有限公司 | Intelligent early warning system, method and storage medium for big data analysis |
-
2022
- 2022-08-24 CN CN202211021582.2A patent/CN115396192A/en active Pending
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117336102A (en) * | 2023-11-30 | 2024-01-02 | 北京冠程科技有限公司 | Identity authentication system with multiple verification and authentication method thereof |
| CN117336102B (en) * | 2023-11-30 | 2024-03-01 | 北京冠程科技有限公司 | Identity authentication system with multiple verification and authentication method thereof |
| CN117556397A (en) * | 2024-01-12 | 2024-02-13 | 国投人力资源服务有限公司 | Intelligent early warning system, method and storage medium for big data analysis |
| CN117556397B (en) * | 2024-01-12 | 2024-04-09 | 国投人力资源服务有限公司 | Intelligent early warning system, method and storage medium for big data analysis |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109474578B (en) | Message checking method, device, computer equipment and storage medium | |
| CN115396192A (en) | User identity verification method and device, computer equipment and storage medium | |
| CN107733847B (en) | Method and device for platform login website, computer equipment and readable storage medium | |
| CN109462601B (en) | Multi-platform access method and device based on eSIM | |
| CN110784450A (en) | Single sign-on method and device based on browser | |
| CN110895603B (en) | Multi-system account information integration method and device | |
| CN113271296B (en) | Login authority management method and device | |
| CN112860778B (en) | Database management method, device, equipment and medium for desktop application program | |
| CN108966159B (en) | Short message withdrawing method, system, computer equipment and storage medium | |
| WO2021169305A1 (en) | Voiceprint data processing method and apparatus, computer device, and storage medium | |
| CN110011796B (en) | Certificate updating method and device, computer equipment and storage medium | |
| AU2014256198A1 (en) | Terminal, network side device, terminal application control method, and system | |
| CN110740163A (en) | Idempotent control method, idempotent control device, electronic equipment and readable storage medium | |
| CN112565239B (en) | Authentication method, device, computer equipment and storage medium for integrating multiple operators | |
| CN109348472B (en) | OTA (over the air) upgrading method and system based on single-point pushing | |
| CN112597118B (en) | Shared file adding method and device | |
| CN115004666A (en) | Registration method, device, equipment and storage medium of Internet of things equipment | |
| CN115510366A (en) | Business message pushing method and device, computer equipment and storage medium | |
| CN110597843A (en) | Waybill query method and device, computer equipment and storage medium | |
| CN110020040B (en) | Method, device and system for querying data | |
| CN116156498A (en) | Verification code processing method, device, storage medium and equipment | |
| CN110995437B (en) | ETC system-based user information input method, device, equipment and storage medium | |
| CN111552551A (en) | User management method and device based on master-slave system, computer equipment and medium | |
| CN112583890A (en) | Message pushing method and device based on enterprise office system and computer equipment | |
| CN111901299A (en) | Application authentication method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |