WO2018024176A1 - Device and method preventing repeated logins of same user - Google Patents

Device and method preventing repeated logins of same user Download PDF

Info

Publication number
WO2018024176A1
WO2018024176A1 PCT/CN2017/095307 CN2017095307W WO2018024176A1 WO 2018024176 A1 WO2018024176 A1 WO 2018024176A1 CN 2017095307 W CN2017095307 W CN 2017095307W WO 2018024176 A1 WO2018024176 A1 WO 2018024176A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
login
client
feature information
information
Prior art date
Application number
PCT/CN2017/095307
Other languages
French (fr)
Chinese (zh)
Inventor
郭磊
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2018024176A1 publication Critical patent/WO2018024176A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention discloses a device and method preventing repeated logins of the same user. The method comprises: receiving a login request containing a user identification and user terminal characteristic information of a user terminal being used by a user; acquiring record information comprising a user identification field and a corresponding user terminal characteristic information field recording the user identification of the user and the user terminal characteristic information of the user terminal being used by the user, respectively; determining, according to the login request and the record information, whether a repeated login has performed by the user; and if so, generating a response to prevent the same user from repeatedly logging in. The embodiment ensures security and uniqueness of user information. In comparison to an unfavorable impact of adopting the prior art on website service performance, employing the invention results in no impact on website performance, causing no performance bottleneck to the website when the website is accessed by a large number of users, facilitating enhancement of user experience and expansion of website capacity, and providing advantages of simple implementation and small development costs.

Description

一种防止同一用户重复登录的装置和方法Device and method for preventing repeated login by same user 技术领域Technical field
本发明涉及通信技术领域,具体涉及一种防止同一用户重复登录的装置和方法。The present invention relates to the field of communications technologies, and in particular, to an apparatus and method for preventing repeated login by the same user.
背景技术Background technique
在最近几年里,移动通信和互联网成为当今世界发展最快、市场潜力最大、前景最诱人的两大业务。这一历史上从来没有过的高速增长现象反映了随着时代与技术的进步,人类对移动性和信息的需求急剧上升。越来越多的人希望接入互联网,获取急需的信息。基于PC(Personal Computer,个人电脑)端和移动终端的网站如雨后春笋般的大量涌现,大多数网站都需要用户注册登录,才能使用网站的提供的相关业务。In recent years, mobile communications and the Internet have become the two fastest growing businesses in the world with the greatest market potential and the most attractive prospects. The rapid growth that has never been seen in this history reflects the dramatic rise in human demand for mobility and information as times and technologies advance. More and more people want to access the Internet and get much-needed information. Websites based on PC (Personal Computer) and mobile terminals have sprung up, and most websites require users to log in and log in to use the related services provided by the website.
为了提高用户的体验感和数据安全性,同一时刻需要保持同一个用户处于非重复登录状态,即保持同一时刻同一个用户只在一个终端上登录的状态。In order to improve the user experience and data security, it is necessary to keep the same user in a non-repeating login state at the same time, that is, to keep the same user logged in only one terminal at the same time.
对于网站而言,可以采用单服务器的方式部署。但是由于网民的基数庞大,网站的访问人数一般较多,为了提高性能为用户带来更优良的体验,大多数的网站一般都采用了服务器集群方式部署。For the website, it can be deployed in a single server. However, due to the large number of Internet users, the number of visitors to the website is generally large. In order to improve the performance and bring a better experience to users, most websites generally adopt server cluster deployment.
对于单服务器部署的网站,可以利用服务软件会话特性保持同一时刻同一个用户只在一个终端上登录的状态,对于集群服务器部署的网站,一般采用服务器软件会话自动同步复制功能或借助数据库来保持同一时刻同一个用户只在一个终端上登录的状态。但现有技术中的上述方法都会影响网站业务性能,特别是当网站上有大用户量的情况下,会成为网站的性能瓶颈。 For a single-server deployment site, you can use the service software session feature to keep the same user logged in on only one terminal at the same time. For the website deployed by the cluster server, the server software session automatic synchronous replication function or the database is used to maintain the same. The state in which the same user only logs in on one terminal. However, the above methods in the prior art all affect the performance of the website business, especially when there are large users on the website, it will become a performance bottleneck of the website.
发明内容Summary of the invention
本发明实施例要解决的主要技术问题是,提供一种防止同一用户重复登录的装置和方法,解决现有技术中由于利用服务软件会话特性,或服务器软件会话自动同步复制功能,或借助数据库来保持同一时刻同一个用户只在一个终端上登录,而导致的影响网站业务性能,在大量用户情况下成为网站性能瓶颈的问题。The main technical problem to be solved by the embodiments of the present invention is to provide an apparatus and method for preventing repeated login by the same user, which solves the problem of utilizing the service software session feature or the server software session automatic synchronous replication function in the prior art, or by using a database. Keeping the same user logged in on only one terminal at the same time, which affects the performance of the website business, becomes a problem of website performance bottleneck in the case of a large number of users.
为解决上述技术问题,本发明实施例提供一种防止同一用户重复登录的装置,包括:To solve the above technical problem, an embodiment of the present invention provides an apparatus for preventing repeated login by the same user, including:
接收模块,设置为接收用户的登录请求,登录请求中携带的信息包括用户身份标识和用户当前所使用客户端的客户端特征信息;The receiving module is configured to receive a login request of the user, where the information carried in the login request includes the user identity and the client feature information of the client currently used by the user;
判断模块,设置为根据登录请求中携带的信息以及获取的记录信息,判断用户本次是否为重复登录,记录信息包括用户身份标识字段,以及与用户身份标识字段对应的客户端特征信息字段,用户身份标识字段用于记录授权用户的用户身份标识,客户端特征信息字段用于记录对应用户当前处于登录成功状态所使用的客户端的客户端特征信息;The determining module is configured to determine, according to the information carried in the login request and the obtained record information, whether the user is a duplicate login, the record information includes a user identity identifier field, and a client feature information field corresponding to the user identity identifier field, the user The identity identifier field is used to record the user identity of the authorized user, and the client feature information field is used to record the client feature information of the client that is currently used by the user in the login success state;
响应模块,设置为若判断模块的判断结果为重复登录,则按照预设方式响应登录请求,以防止同一用户重复登录。The response module is configured to respond to the login request according to a preset manner if the judgment result of the determination module is repeated login, so as to prevent the same user from repeatedly logging in.
为解决上述技术问题,本发明实施例还提供一种防止同一用户重复登录的方法,包括:To solve the above technical problem, the embodiment of the present invention further provides a method for preventing the same user from repeatedly logging in, including:
接收用户的登录请求,登录请求中携带的信息包括用户身份标识和用户当前所使用客户端的客户端特征信息;Receiving a login request of the user, where the information carried in the login request includes the user identity and the client feature information of the client currently used by the user;
根据登录请求中携带的信息以及获取的记录信息,判断用户本次是否为重复登录,记录信息包括用户身份标识字段,以及与用户身份标识字段对应的客户端特征信息字段,用户身份标识字段用于记录授权用户的用户身份标识,客户端特征信息字段用于记录对应用户当前处于登录成功状态所使用的客户端的客户端特征信息;Determining whether the user is a duplicate login according to the information carried in the login request and the obtained record information, the record information includes a user identity identifier field, and a client feature information field corresponding to the user identity identifier field, where the user identity identifier field is used. Recording the user identity of the authorized user, and the client feature information field is used to record the client feature information of the client that is currently used by the user in the login success state;
若判断结果为重复登录,则按照预设方式响应登录请求,以防止同一 用户重复登录。If the result of the judgment is repeated login, the login request is responded to in a preset manner to prevent the same The user logs in repeatedly.
在本发明实施例中,还提供了一种计算机存储介质,该计算机存储介质可以存储有执行指令,该执行指令用于执行上述实施例中的防止同一用户重复登录方法的实现。In an embodiment of the present invention, a computer storage medium is further provided, and the computer storage medium may store an execution instruction for performing the implementation of preventing the same user from repeatedly logging in the foregoing embodiment.
本发明实施例公开了一种防止同一用户重复登录的装置和方法,可以接收到用户的登录请求,获取记录信息,登录请求中携带了用户身份标识和用户当前所使用客户端的客户端特征信息,记录信息中对应存储了用户身份标识字段和客户端特征信息字段,分别用于记录授权用户的用户身份标识和对应用户当前处于登录成功状态所使用的客户端的客户端特征信息,当接收到用户的登录请求后,根据登录请求中携带的信息以及记录信息,就可以准确、快速判断用户本次是否为重复登录,并在判断结果为重复登录时,做出相应的响应,防止同一用户重复登录,保证用户数据安全唯一,相对于现有技术中,利用服务软件会话特性,或采用服务器软件会话自动同步复制功能,或借助数据库来保持同一用户登录状态的方式,本实施例对网站的性能没有影响,在大量用户使用网站的情况下,不会对网站造成性能瓶颈,有利于提高用户的网站使用感和扩大网站的容量。The embodiment of the invention discloses a device and a method for preventing the same user from repeatedly logging in. The user may receive the login request of the user and obtain the record information. The login request carries the user identity and the client feature information of the client currently used by the user. The user identity field and the client feature information field are respectively stored in the record information, and are used to record the user identity of the authorized user and the client feature information of the client used by the corresponding user in the login success state, respectively, when receiving the user's After the login request, according to the information carried in the login request and the record information, it is possible to accurately and quickly determine whether the user is a duplicate login, and when the judgment result is a duplicate login, respond accordingly to prevent the same user from repeatedly logging in. The user data is guaranteed to be unique. Compared with the prior art, the service software session feature is used, or the server software session automatic synchronous replication function is used, or the database is used to maintain the login status of the same user. This embodiment has no effect on the performance of the website. In the big Without the user's use of the website, the site will not cause a performance bottleneck, help to improve the user's sense of the use of the site and increasing the capacity of the site.
附图说明DRAWINGS
图1为本发明实施例一提供的一种防止同一用户重复登录的方法的流程图;FIG. 1 is a flowchart of a method for preventing repeated login by the same user according to Embodiment 1 of the present invention;
图2为本发明实施例二提供的一种防止同一用户重复登录的装置的模块示意图;2 is a schematic block diagram of an apparatus for preventing repeated login by the same user according to Embodiment 2 of the present invention;
图3为本发明实施例二提供的另一种防止同一用户重复登录的装置的模块示意图。FIG. 3 is a schematic diagram of another apparatus for preventing repeated login by the same user according to Embodiment 2 of the present invention.
具体实施方式detailed description
下面通过具体实施方式结合附图对本发明作进一步详细说明。 The present invention will be further described in detail below with reference to the accompanying drawings.
实施例一:Embodiment 1:
参见图1,本实施例提供一种防止同一用户重复登录的方法,可以利用用户登录请求中携带的用户身份标识和用户使用的客户端的客户端特征信息以及记录信息实现对用户重复登录情况的控制,其中,记录信息中记录了授权用户的用户身份标识和对应于身份标识的客户端特征信息,并且该客户端特征信息是登录成功的客户端特征信息。由此,只要根据用户的登录请求中的客户端特征信息和记录信息中的客户端特征信息,即可得到用户本次登录是否为重复登录的判断结果,然后就可以根据判断结果进行响应,达到防止同一用户重复登录的目的。有效地避免了用户的重复登录行为,提高了用户账户的安全程度,避免了重复登录带来的安全信息的泄漏,特别适用于对网站上的用户私密信息安全要求比较高的情形。Referring to FIG. 1, the embodiment provides a method for preventing the same user from repeatedly logging in. The user identity identifier carried in the user login request and the client feature information and the record information of the client used by the user can be used to control the repeated login of the user. The user identifier of the authorized user and the client feature information corresponding to the identity identifier are recorded in the record information, and the client feature information is client feature information that is successfully logged in. Therefore, according to the client feature information in the login request of the user and the client feature information in the record information, whether the user's current login is a duplicate login result can be obtained, and then the response can be obtained according to the judgment result. Prevent the same user from repeatedly logging in. The user's repeated login behavior is effectively avoided, the security level of the user account is improved, and the leakage of security information caused by repeated login is avoided, which is particularly suitable for the situation where the security requirement of the user's private information on the website is relatively high.
参见图1,示出了本实施例的防止同一用户重复登录的方法,包括:Referring to FIG. 1, a method for preventing repeated login by the same user in this embodiment is shown, including:
S101、接收用户的登录请求,登录请求中携带的信息包括用户身份标识和用户当前所使用客户端的客户端特征信息;S101. Receive a login request of the user, where the information carried in the login request includes the user identity identifier and client feature information of the client currently used by the user.
S102、根据登录请求中携带的信息以及获取的记录信息,判断用户本次是否为重复登录,记录信息包括用户身份标识字段,以及与用户身份标识字段对应的客户端特征信息字段,用户身份标识字段用于记录授权用户的用户身份标识,客户端特征信息字段用于记录对应用户当前处于登录成功状态所使用的客户端的客户端特征信息;S102. Determine, according to the information carried in the login request and the obtained record information, whether the user is a duplicate login, the record information includes a user identity identifier field, and a client feature information field corresponding to the user identity identifier field, and the user identity identifier field. The user identity information used to record the authorized user, and the client feature information field is used to record the client feature information of the client that is currently used by the user in the login success state;
S103、若判断结果为重复登录,则按照预设方式响应登录请求,以防止同一用户重复登录。S103. If the result of the determination is repeated login, respond to the login request in a preset manner to prevent the same user from repeatedly logging in.
在本实施例中,用户使用登录请求登录的对象包括但不限于各种门户网站如淘宝、糯米、美团等网站和各种APP例如QQ、微信等等。客户端包括但不限于移动终端、平板电脑、台式电脑等电子设备。其中,客户端登录时可以通过无线网或有线网等方式与网站的服务器交换数据。在本实施例中,登录的网站可以是单服务器部署的网站,也可以是服务器以集群 方式部署的网站。本实施例对此没有限定。In this embodiment, the objects that the user logs in using the login request include, but are not limited to, various portal websites such as Taobao, glutinous rice, Meituan, and various websites such as QQ, WeChat, and the like. Clients include, but are not limited to, electronic devices such as mobile terminals, tablets, and desktop computers. The client can exchange data with the server of the website through a wireless network or a wired network when logging in. In this embodiment, the website that is logged in may be a website deployed by a single server, or may be a cluster of servers. Way to deploy the site. This embodiment is not limited thereto.
其中,用户身份标识是用于区分不同用户的信息,可以理解为登录的账户信息,例如用户ID(user ID)。客户端特征信息则是可以用来区分不同客户端的信息,客户端特征信息可以根据客户端的类型不同而不同,包括但不限于IP、移动终端的标识IMEI号、会话标识。The user identity is information used to distinguish different users, and can be understood as login account information, such as a user ID. The client feature information is information that can be used to distinguish different clients. The client feature information may be different according to the type of the client, including but not limited to IP, the identifier of the mobile terminal, the IMEI number, and the session identifier.
在本实施例中,S102中的记录信息的存储位置可以是在登录网站的服务器中,也可以是在其他的存储区间中。比较优选的方式是,将记录信息存储到外部的缓存空间中,这里的外部是相对于网站的服务器而言的,外部的缓存空间可以是第三方的分布式缓存空间,分布式缓存可以保障服务器集群环境下的用户数据唯一性,安全性,访问性能的高效性。此外,外部缓存空间可以是其他类型的存储空间,本实施例对此没有限定。In this embodiment, the storage location of the record information in S102 may be in the server of the login website, or may be in another storage section. The preferred way is to store the record information in an external cache space, where the external is relative to the server of the website, the external cache space can be a third-party distributed cache space, and the distributed cache can guarantee the server. User data uniqueness, security, and access performance efficiency in a cluster environment. In addition, the external cache space may be other types of storage space, which is not limited in this embodiment.
优选地,在S102中获取记录信息的步骤包括:从外部缓存空间获取记录信息。Preferably, the step of acquiring the record information in S102 comprises: acquiring the record information from the external cache space.
记录信息中包括用户身份标识字段和客户端特征信息字段,分别用于记录记录授权用户的用户身份标识,和授权用户当前处于登录成功状态的使用的客户端的客户端特征信息。可以理解的是,用户身份标识和客户端特征信息在记录信息中是对应存储的,优选地,可以利用表格对应存储记录信息中的用户身份标识和客户端特征信息,将用户身份标识字段和客户端特征信息字段作为表格的抬头,在记录时,将授权用户的用户身份标识填写到用户身份标识字段下的单元格中,将同一授权用户当前处于登录成功状态所使用的客户端的客户端特征信息填写到客户端特征信息字段下对应的单元格中。The record information includes a user identity field and a client feature information field, which are used to record the user identity of the authorized user, and the client feature information of the client that is authorized to use the user in the login success state. It can be understood that the user identity and the client feature information are correspondingly stored in the record information. Preferably, the user identity identifier and the client feature information in the record corresponding information may be used to store the user identity field and the client. The end feature information field is used as the header of the table. When recording, the user identity of the authorized user is filled in the cell under the user identity field, and the client feature information of the client used by the same authorized user is currently in the login success state. Fill in the corresponding cell under the client feature information field.
此外,本实施例中的用户身份标识字段和客户端特征信息字段可以以键值对的形式存在,当需要记录登陆成功的用户和客户端的相关信息时,可以将用户身份标识作为键名,将客户端特征信息作为键值,形成用户身份标识-客户端特征信息键值对,其中,一个键值对中的用户身份标识是 授权用户的用户身份标识,客户端特征信息是授权用户登录成功使用的客户端的客户端特征信息。In addition, the user identity field and the client feature information field in this embodiment may exist in the form of a key-value pair. When it is required to record related information of the user and the client that successfully log in, the user identity may be used as the key name. The client feature information is used as a key value to form a user identity-client feature information key-value pair, wherein the user identity in a key-value pair is The user identity of the authorized user. The client feature information is the client feature information of the client that is authorized to log in successfully.
在本实施例中,记录信息中的用户身份标识是授权用户的用户身份标识,为了保证登录成功的用户是已经注册成功的授权用户,在S102之前,一般还需要对S101中的登录请求中携带的信息中的用户身份标识进行验证,当服务端对用户身份标识验证通过之后,才会为用户接入登录的网站。验证的具体过程一般是对登录请求中的用户身份标识与注册成功的用户身份标识进行匹配,匹配成功,则验证通过,匹配失败,验证不通过。本实施例中,注册成功的用户身份标识可以存在特定的注册表中。In this embodiment, the user identity in the record information is the user identity of the authorized user. To ensure that the user who is successfully logged in is the authorized user who has successfully registered, before S102, the login request in S101 is generally required to be carried. The user identity in the information is verified. After the server verifies the user identity, the user accesses the logged-in website. The specific process of the verification is generally to match the user identity in the login request with the user identity that is successfully registered. If the matching is successful, the verification succeeds, the matching fails, and the verification fails. In this embodiment, the user identity that is successfully registered may exist in a specific registry.
在本实施例中,将用户身份标识记录到记录信息中的方式包括但不限于以下的两种:In this embodiment, the manner in which the user identity is recorded into the record information includes but is not limited to the following two types:
第一种方式:在用户注册成功后,将用户注册的用户身份标识记录到记录信息中。The first way: after the user is successfully registered, the user identity registered by the user is recorded in the record information.
第二种方式:在用户每一次登陆成功后,将登陆成功的用户身份标识记录到记录信息中。可以预见,采用第二种方式,如果某个用户退出登陆,则记录信息中对应的用户身份标识和客户端标识信息都会被清空。The second way: after each successful login of the user, the user identity of the successful login is recorded in the record information. It can be foreseen that in the second way, if a user logs out, the corresponding user identity and client identification information in the record information will be cleared.
在本实施例中,若在记录信息中的用户身份标识采用第一种记录方式,记录信息中记录的就是所有注册成功的用户的用户身份标识,在对登录请求中携带的用户身份标识进行验证时,可以直接将登录请求中的用户身份标识与记录信息进行匹配,而不用额外设置注册表记录注册用户的用户身份标识,节约系统的计算资源和存储资源。若采用第二种记录方式,需要额外地增设注册表记录注册用户的用户身份标识,浪费存储空间。所以在本实施例中,第一种记录方式明显更具有优势。In this embodiment, if the user identity in the record information adopts the first record mode, the user identity of all registered users is recorded in the record information, and the user identity carried in the login request is verified. The user identity in the login request can be directly matched with the record information, without additionally setting a registry record to register the user identity of the user, thereby saving system computing resources and storage resources. If the second recording mode is adopted, it is necessary to additionally add a registry record to register the user identity of the user, which wastes storage space. Therefore, in the present embodiment, the first recording mode is obviously more advantageous.
此外,在本实施例中,由于记录信息中记录的客户端特征信息是用户当前处于登录状态所使用的客户端的客户端特征信息,可以预见,当用户退出当前登录后,用户之前处于成功登录状态使用的客户端在记录信息中对应的记录-客户端特征信息会被清空,若记录信息使用表格记录用户标 识信息和客户端特征信息,则清空的是客户端特征信息字段下的对应于该用户的用户标识信息的客户特征信息。对于用户标识信息,可以同时删除,也可以保留,若保留,当用户下一次使用该用户身份标识登录时,可以直接将对应的登录成功的客户端的客户端特征信息记录到记录信息中。In addition, in this embodiment, since the client feature information recorded in the record information is the client feature information of the client currently used by the user in the login state, it can be foreseen that the user is successfully in the login state after the user logs out of the current login. The client uses the corresponding record in the record information - the client feature information will be cleared, if the record information uses the form to record the user mark The information and the client feature information are emptied, and the customer feature information corresponding to the user identification information of the user under the client feature information field is emptied. The user identification information can be deleted or saved at the same time. If the user logs in with the user identity, the client feature information of the corresponding successfully registered client can be directly recorded in the record information.
当用户在注册后初次使用客户端登录注册网站时,可以预见,记录信息中该用户的用户身份标识对应的客户端特征信息为空,只有当用户登录成功后,才会将客户端特征信息记录到对应的空间上。而用户退出登录后,客户端特征信息被清空,直到下一次用户登录成功,才填入用户对应使用的客户端的客户端特征信息。When the user first uses the client to log in to the registration website after registration, it can be foreseen that the client feature information corresponding to the user identity of the user in the record information is empty, and the client feature information is recorded only after the user successfully logs in. Go to the corresponding space. After the user logs out, the client feature information is cleared until the next time the user logs in successfully, and then the client feature information of the client corresponding to the user is filled in.
在使用网站的过程中,不可避免的会出现用户利用其它客户端对同一网站重复登录的情况,而考虑到用户的体验感和数据安全性,同一时刻需要保持同一个用户处于登录状态。In the process of using the website, it is inevitable that the user can use other clients to repeatedly log in to the same website. Considering the user's experience and data security, the same user needs to be in the login state at the same time.
所以需要在S102中判断用户本次登录是否为重复登录,由于本实施例中的记录信息记录的是当前处于登录状态使用的客户端的客户端特征信息,所以记录信息中的客户端特征信息能实时反映用户当前使用的登陆成功的客户端,所以本实施例能根据记录信息进行本次登录是否为重复登录的判断。Therefore, it is determined in S102 whether the user's current login is a duplicate login. Since the record information in this embodiment records the client feature information of the client currently used in the login state, the client feature information in the record information can be real-time. The client that successfully logs in to the user is reflected. Therefore, the present embodiment can determine whether the login is a duplicate login based on the record information.
当登录请求中的用户身份标识验证通过,可以进行本次登录是否为重复登录的判断。在S102中,根据登录请求中携带的信息以及获取的记录信息,判断用户本次是否为重复登录的方式包括以下两种方式中的任一种:When the user identity verification in the login request is verified, it can be determined whether the login is a duplicate login. In S102, according to the information carried in the login request and the obtained record information, determining whether the user is a duplicate login in this manner includes any one of the following two methods:
第一种:根据登录请求中携带的用户身份标识,查询记录信息中同一用户身份标识对应的客户端特征信息字段是否为空;若否,则判断结果为用户本次为重复登录。The first type: according to the user identity carried in the login request, whether the client feature information field corresponding to the identity of the same user in the record information is empty; if not, the result of the determination is that the user is a duplicate login.
当然,若同一用户身份标识对应的客户端特征信息字段为空,则本次登录为非重复登录。允许本次登录不会导致重复登录的问题。Of course, if the client feature information field corresponding to the identity of the same user is empty, the current login is a non-duplicate login. Allowing this login will not cause duplicate logins.
第二种:根据登录请求中携带的用户身份标识,查询记录信息中同一用户身份标识对应的客户端特征信息字段中的客户端特征信息是否与登 录请求中携带的客户端特征信息相匹配;如不匹配,则判断结果为用户本次为重复登录。The second type: according to the user identity carried in the login request, whether the client feature information in the client feature information field corresponding to the same user identity in the record information is queried The client feature information carried in the request is matched; if it does not match, the result of the judgment is that the user is a duplicate login this time.
在第二种判断方式中,若记录信息中同一用户身份标识对应的客户端特征信息字段中的客户端特征信息为空,则匹配结果还是为非重复登录。In the second determination mode, if the client feature information in the client feature information field corresponding to the same user identity in the record information is empty, the matching result is still a non-duplicate login.
在本实施例中,上述的两种方式可以结合使用,例如,先判断记录信息中同一用户身份标识对应的客户端特征信息字段是否为空,为空,则判断结果为用户本次为非重复登录,不为空,则继续判断记录信息中同一用户身份标识对应的客户端特征信息字段中的客户端特征信息是否与登录请求中携带的客户端特征信息相匹配,不匹配则判断结果为用户本次为重复登录,匹配,则判断结果为用户本次为非重复登录。In this embodiment, the foregoing two methods may be used in combination. For example, it is determined whether the client feature information field corresponding to the same user identity in the record information is empty or empty, and the result of the determination is that the user is non-repeating this time. If the login is not empty, it is determined whether the client feature information in the client feature information field corresponding to the same user identity in the record information matches the client feature information carried in the login request. If the match does not match, the result is a user. This time, if the login is repeated and the match is made, the result of the judgment is that the user is a non-duplicate login.
在S102的判断结果为非重复登录时,可以预见,记录信息中与登录请求携带的用户身份标识对应的客户端特征信息字段为空,表明当前用户没有使用任何客户端处于登录成功状态,允许本次登录也不会造成重复登录,所以S103中,防止同一用户重复登录还包括:判断结果为非重复登录时,允许用户本次登录成功,并将登陆请求中携带的客户端特征信息填充到记录信息中同一用户身份标识对应的客户端特征信息字段。When the result of the determination in S102 is a non-repeated login, it is foreseen that the client feature information field corresponding to the user identity carried in the login request is empty, indicating that the current user is not using any client in the login success state, and the permission is allowed. The secondary login does not cause repeated logins. Therefore, in S103, preventing the same user from repeatedly logging in includes: when the result of the determination is non-repeating login, the user is allowed to log in successfully, and the client feature information carried in the login request is filled into the record. The client feature information field corresponding to the same user identity in the message.
在S102的判断结果为重复登录时,为了提高用户体验和数据的安全性,避免造成用户隐私泄露,需要避免出现同一用户同时从多个客户端登录。此时,S103中,按照预设方式响应登录请求包括以下三种方式中的任一种:When the result of the determination in S102 is repeated login, in order to improve the security of the user experience and data, and to avoid leakage of user privacy, it is necessary to prevent the same user from logging in from multiple clients at the same time. At this time, in S103, responding to the login request according to the preset manner includes any one of the following three methods:
第一种:拒绝用户的本次登录请求。First: Deny the user's login request.
第二种:提示用户是否强制登录,若收到用户的强制登录请求,则强制退出用户当前登录成功的客户端,并允许用户本次登录成功,将记录信息中用户的用户身份标识对应的客户端特征信息字段中的客户端特征信息替换成用户当前所使用客户端的客户端特征信息。The second type: prompts the user whether to force the login. If the user is forced to log in, the user is forced to log out of the client that is successfully logged in, and the user is allowed to log in successfully. The user corresponding to the user ID of the user in the record information is recorded. The client feature information in the end feature information field is replaced with the client feature information of the client currently used by the user.
在第二种方式中,可以通过用户本次登录使用的终端利用语音,对话框等形式提示用户是否强制登录,在终端的交互界面上可以为用户提供是 否强制登录的选择键,当用户选择强制登录时,终端生成出强制登录请求,请求强制退出用户当前登录成功的客户端,并允许用户本次登录,当服务端侧收到强制登录请求并实现强制登录后,登录成功的客户端发生变化,需要将记录信息中用户的用户身份标识对应的客户端特征信息字段中的客户端特征信息替换成用户当前所使用客户端的客户端特征信息。In the second mode, the user can use the voice, dialog box, and the like to prompt the user to log in through the terminal used by the user to log in. The user can provide the user with the interface on the interactive interface of the terminal. If the user chooses to force login, the terminal generates a forced login request, requests the forced exit of the client that the user is successfully logged in, and allows the user to log in this time. When the server receives the mandatory login request and implements After the login is successful, the client that successfully logs in changes, and the client feature information in the client feature information field corresponding to the user identity of the user in the record information needs to be replaced with the client feature information of the client currently used by the user.
第三种:判断用户的当前登录成功状态是否为强制登录,若是,则拒绝用户的本次登录请求。The third type: determine whether the current login success status of the user is mandatory login, and if so, reject the user's current login request.
第三种方式是为了防止强制登录实施后,已经被强制退出登录的客户端访问业务时,服务端侧允许其登录,导致重复登录的问题出现,所以,当用户在已经被强制退出登录的客户端操作访问业务时,可以对用户的当前登录成功状态是否为强制登录进行判断,若是,则表明当前登录成功的客户端是通过强制登录的方式登录的,其他客户端可能是被强制退出的终端,需要拒绝其他客户端的登录,避免出现重复登录。The third way is to prevent the problem that the server side is allowed to log in when the client has been forced to log out of the login service after the forced login is implemented. As a result, the user is forced to log out. When the terminal accesses the service, it can determine whether the current login success status of the user is mandatory login. If yes, the client that successfully logs in is logged in by means of mandatory login. Other clients may be forced to exit. You need to deny logins from other clients to avoid double logins.
在用户使用客户端的过程中,当用户不再需要登录网站访问业务时,若客户端上还是处于登录成功状态,可能出现其他人通过该客户端获取授权用户在网站上的用户信息的情形,从而导致用户信息的泄漏,造成隐私泄露或更严重的经济损失。所以在本实施例中,为了进一步保护用户数据的安全,可以记录用户未通过该登录成功的客户端操作的闲置时间,当闲置时间超过时间阈值,可以强制退出当前登录成功的客户端,并删除缓存中的用户客户端特征。对闲置时间的监听可以利用自动退出或者主动退出会调用会话session监听器实现。In the process of using the client, when the user no longer needs to log in to the website to access the service, if the client is still in the login success state, other users may obtain the user information of the authorized user on the website through the client, thereby Lead to leakage of user information, resulting in privacy leaks or more serious economic losses. Therefore, in this embodiment, in order to further protect the security of the user data, the idle time of the client operation that the user has not successfully passed the login may be recorded. When the idle time exceeds the time threshold, the client successfully successfully logged out may be deleted and deleted. User client characteristics in the cache. Listening for idle time can be achieved by calling the session session listener with automatic exit or active exit.
采用本实施例的防止同一用户重复登录的方法,获取的记录信息中对应存储了用户身份标识字段和客户端特征信息字段,分别用于记录授权用户的用户身份标识和对应用户当前处于登录成功状态所使用的客户端的客户端特征信息,当接收到用户的登录请求后,根据登录请求中携带的用户身份标识和用户当前所使用客户端的客户端特征信息以及记录信息,就可以准确、快速判断用户本次是否为重复登录,并在判断结果为重复登录 时,做出相应的响应,防止同一用户重复登录,保证用户数据安全唯一,相对于现有技术中,利用服务软件会话特性,或采用服务器软件会话自动同步复制功能,或借助数据库来保持同一用户登录状态的方式,本实施例对网站的性能没有影响,在大量用户使用网站的情况下,不会对网站造成性能瓶颈,有利于提高用户的网站使用感和扩大网站的容量,且本实施例的实现简单,开发成本小,具体实施时可以结合服务器软件的特点做适当的调整,具有更高的灵活性。With the method for preventing the same user from repeatedly logging in, the obtained record information correspondingly stores the user identity identifier field and the client feature information field, which are respectively used to record the user identity of the authorized user and the corresponding user is currently in the login success state. After receiving the login request of the user, the client's client feature information can accurately and quickly determine the user according to the user identity carried in the login request and the client feature information and the record information of the client currently used by the client. Whether this time is a repeated login, and the result of the judgment is repeated login. When responding, the same user is prevented from repeatedly logging in, ensuring that the user data is unique and secure. Compared with the prior art, the service software session feature is utilized, or the server software session is automatically synchronized, or the database is used to maintain the same user. In the manner of the login status, the performance of the website has no effect on the performance of the website. In the case that a large number of users use the website, the performance bottleneck is not caused to the website, which is beneficial to improving the user's website usage and expanding the capacity of the website. The implementation is simple, the development cost is small, and the specific implementation can be appropriately adjusted in combination with the characteristics of the server software, and has higher flexibility.
实施例二:Embodiment 2:
参见图2,本实施例示出了一种防止同一用户重复登录的装置,包括:Referring to FIG. 2, the embodiment shows an apparatus for preventing duplicate login by the same user, including:
接收模块21,设置为接收用户的登录请求,登录请求中携带的信息包括用户身份标识和用户当前所使用客户端的客户端特征信息;The receiving module 21 is configured to receive a login request of the user, where the information carried in the login request includes the user identity identifier and client feature information of the client currently used by the user;
判断模块22,设置为根据登录请求中携带的信息以及获取的记录信息,判断用户本次是否为重复登录,记录信息包括用户身份标识字段,以及与用户身份标识字段对应的客户端特征信息字段,用户身份标识字段用于记录授权用户的用户身份标识,客户端特征信息字段用于记录对应用户当前处于登录成功状态所使用的客户端的客户端特征信息;The determining module 22 is configured to determine, according to the information carried in the login request and the obtained record information, whether the user is a duplicate login, the record information includes a user identity identifier field, and a client feature information field corresponding to the user identity identifier field, The user identity field is used to record the user identity of the authorized user, and the client feature information field is used to record the client feature information of the client that is currently used by the user in the login success state.
响应模块23,设置为若判断模块的判断结果为重复登录,则按照预设方式响应登录请求,以防止同一用户重复登录。The response module 23 is configured to respond to the login request in a preset manner to prevent the same user from repeatedly logging in if the determination result of the determination module is repeated login.
本实施例中的防止同一用户重复登录的装置可以分布在服务端一侧,进行防治重复登录的操作。The device for preventing the same user from repeatedly logging in in this embodiment may be distributed on the server side to perform an operation of preventing repeated login.
本实施例的客户端包括但不限于移动终端、平板电脑、台式电脑等电子设备。其中,客户端登录时可以通过无线网或有线网等方式与网站的服务器交换数据。The client of this embodiment includes, but is not limited to, an electronic device such as a mobile terminal, a tablet computer, or a desktop computer. The client can exchange data with the server of the website through a wireless network or a wired network when logging in.
其中,用户身份标识是用于区分不同用户的信息,可以理解为登录的账户信息,例如用户ID(user ID)。客户端特征信息则是可以用来区分不同客户端的信息,客户端特征信息可以根据客户端的类型不同而不同,包 括但不限于IP、移动终端的标识IMEI号、会话标识。The user identity is information used to distinguish different users, and can be understood as login account information, such as a user ID. The client feature information is information that can be used to distinguish different clients. The client feature information can be different according to the type of the client. Including but not limited to IP, the identifier of the mobile terminal, the IMEI number, and the session identifier.
在本实施例中,获取的记录信息的存储位置可以是在登录网站的服务器中,也可以是在其他的存储区间中。比较优选的方式是,将记录信息存储到外部的缓存空间中,这里的外部是相对于网站的服务器而言的,外部的缓存空间可以是第三方的分布式缓存空间,分布式缓存可以保障服务器集群环境下的用户数据唯一性,安全性,访问性能的高效性。此外,外部缓存空间可以是其他类型的存储空间,本实施例对此没有限定。In this embodiment, the storage location of the acquired record information may be in the server of the login website, or may be in another storage section. The preferred way is to store the record information in an external cache space, where the external is relative to the server of the website, the external cache space can be a third-party distributed cache space, and the distributed cache can guarantee the server. User data uniqueness, security, and access performance efficiency in a cluster environment. In addition, the external cache space may be other types of storage space, which is not limited in this embodiment.
进一步地,参见图3,本实施例的防止同一用户重复登录的装置还包括:获取模块24,设置为从外部缓存空间获取记录信息。此外,当记录信息存储在其他特定空间中时,获取模块24也可以设置为从其他特定空间中获取记录信息。Further, referring to FIG. 3, the apparatus for preventing duplicate login by the same user in this embodiment further includes: an obtaining module 24 configured to acquire record information from an external cache space. Further, when the record information is stored in other specific spaces, the acquisition module 24 can also be set to acquire record information from other specific spaces.
在本实施例中,记录信息中的用户身份标识是授权用户的用户身份标识,为了保证登录成功的用户是已经注册成功的授权用户,在判断模块22判断之前,一般还需要对登录请求中携带的信息中的用户身份标识进行验证,对用户身份标识验证通过之后,才会为用户接入登录的网站。In this embodiment, the user identity in the record information is the user identity of the authorized user. In order to ensure that the user who is successfully logged in is an authorized user who has successfully registered, the judgment module 22 generally needs to carry the login request. The user identity in the information is verified, and the user's identity is authenticated before the user accesses the logged-in website.
所以本实施例的防止同一用户重复登录的装置还可以包括:验证模块,设置为对登录请求中的用户身份标识与获取的注册表中的用户身份标识进行匹配,匹配成功,则验证通过,匹配失败,验证不通过。注册表中存储的是注册成功的用户的用户身份标识,注册表可以是服务侧在用户注册成功后,将注册的用户身份标识收集形成的。注册表可以与记录信息存储在同一缓存空间中,也可以存储在不同的空间中。Therefore, the apparatus for preventing the same user from repeatedly logging in may further include: a verification module configured to match the user identity in the login request with the user identity in the acquired registry, and if the matching is successful, the verification succeeds, and the matching is performed. Failure, verification failed. The user identifier of the user who is successfully registered is stored in the registry, and the registry may be formed by the service side collecting the registered user identity after the user successfully registers. The registry can be stored in the same cache space as the record information, or it can be stored in a different space.
在本实施例中,记录信息中的用户身份标识的填充方式包括:在用户注册成功后,将用户注册的用户身份标识填充到记录信息中,或者,在用户每一次登陆成功后,将登陆成功的用户身份标识填充到记录信息中。可以预见,采用后一种方式,如果某个用户退出登陆,则记录信息中对应的用户身份标识和客户端标识信息都会被清空。In this embodiment, the filling manner of the user identity in the record information includes: after the user is successfully registered, filling the user identity registered by the user into the record information, or successfully logging in after each successful login of the user. The user ID is populated into the record information. It can be foreseen that in the latter way, if a user logs out, the corresponding user identity and client identification information in the record information will be cleared.
在本实施例中,若在记录信息中的用户身份标识采用前一种填充方式, 记录信息中记录的就是所有注册成功的用户的用户身份标识,在验证模块24对登录请求中携带的用户身份标识进行验证时,可以直接将登录请求中的用户身份标识与记录信息进行匹配,而不用额外设置注册表记录注册用户的用户身份标识,节约系统的计算资源和存储资源。若采用后二种记录方式,需要额外地增设注册表记录注册用户的用户身份标识,浪费存储空间。所以前一种记录方式明显更具有优势。In this embodiment, if the user identity in the record information adopts the former padding method, Recorded in the record information is the user identity of all registered users. When the verification module 24 verifies the user identity carried in the login request, the user identity in the login request can be directly matched with the record information. There is no need to additionally set the registry record to register the user's user identity, saving system computing resources and storage resources. If the latter two recording methods are adopted, it is necessary to additionally add a registry record to register the user identity of the user, which wastes storage space. Therefore, the former recording method is obviously more advantageous.
本实施例中,由于获取的记录信息中记录的客户端特征信息是用户当前处于登录状态所使用的客户端的客户端特征信息,可以预见,当用户退出当前登录后,用户推出前使用的客户端在记录信息中对应的记录-客户端特征信息会被清空,若记录信息使用表格记录用户标识信息和客户端特征信息,则清空的是客户端特征信息字段下的对应于该用户的用户标识信息的客户特征信息。对于用户标识信息,可以同时删除,也可以保留,若保留,当用户下一次使用该用户身份标识登录时,可以根据该用户身份标识直接将对应的登录成功的客户端的客户端特征信息填充到记录信息中。In this embodiment, since the client feature information recorded in the acquired record information is the client feature information of the client currently used by the user in the login state, it can be foreseen that the client used before the user launches after the user logs out of the current login. The corresponding record-client feature information in the record information is cleared. If the record information uses the form to record the user identification information and the client feature information, the user identification information corresponding to the user under the client feature information field is cleared. Customer profile information. The user identification information may be deleted or deleted at the same time. If the user logs in with the user identity, the user identity information of the corresponding successfully registered client may be directly filled into the record according to the user identity. Information.
在使用网站的过程中,不可避免的会出现用户利用其它客户端对同一网站重复登录的情况,而考虑到用户的体验感和数据安全性,同一时刻需要保持同一个用户处于登录状态。In the process of using the website, it is inevitable that the user can use other clients to repeatedly log in to the same website. Considering the user's experience and data security, the same user needs to be in the login state at the same time.
所以判断模块22需要判断用户本次登录是否为重复登录,由于本实施例中的记录信息记录的是当前处于登录状态使用的客户端的客户端特征信息,所以记录信息中的客户端特征信息能实时反映用户当前使用的登陆成功的客户端,所以本实施例能根据记录信息进行本次登录是否为重复登录的判断。Therefore, the judging module 22 needs to determine whether the user's current login is a duplicate login. Since the record information in this embodiment records the client feature information of the client currently used in the login state, the client feature information in the log information can be real-time. The client that successfully logs in to the user is reflected. Therefore, the present embodiment can determine whether the login is a duplicate login based on the record information.
进一步地,判断模块22设置为根据登录请求中携带的用户身份标识,查询记录信息中同一用户身份标识对应的客户端特征信息字段是否为空;若否,则判断结果为用户本次为重复登录;Further, the determining module 22 is configured to query, according to the user identity carried in the login request, whether the client feature information field corresponding to the same user identity in the record information is empty; if not, the result of the determination is that the user is the duplicate login. ;
或者,根据登录请求中携带的用户身份标识,查询记录信息中同一用户身份标识对应的客户端特征信息字段中的客户端特征信息是否与登录 请求中携带的客户端特征信息相匹配;如不匹配,则判断结果为用户本次为重复登录。Or, according to the user identity carried in the login request, whether the client feature information in the client feature information field corresponding to the same user identity in the record information is logged in The client feature information carried in the request matches; if it does not match, the judgment result is that the user is a duplicate login this time.
当然,判断模块22也可以将上述的两种判断方式结合使用。Of course, the judging module 22 can also use the above two judgment methods in combination.
其中,当判断模块22的判断结果为非重复登录时,响应模块还设置为允许用户本次登录成功,并将登陆请求中携带的客户端特征信息填充到记录信息中同一用户身份标识对应的客户端特征信息字段。The response module is further configured to allow the user to log in successfully, and the client feature information carried in the login request is filled into the client corresponding to the same user identity in the record information. End feature information field.
当判断模块22的判断结果为重复登录时,响应模块23设置为通过以下三种方式中的一种进行响应:When the judgment result of the judgment module 22 is repeated login, the response module 23 is configured to respond by one of the following three methods:
拒绝用户的本次登录请求;Reject the user's login request;
提示用户是否强制登录,若收到用户的强制登录请求,则强制退出用户当前登录成功的客户端,并允许用户本次登录成功,将记录信息中用户的用户身份标识对应的客户端特征信息字段中的客户端特征信息替换成用户当前所使用客户端的客户端特征信息;If the user is forced to log in, if the user is forced to log in, the user is forced to log out of the client that is successfully logged in, and the user is allowed to log in successfully. The client feature information field corresponding to the user ID of the user in the record information is recorded. The client feature information in the client is replaced with the client feature information of the client currently used by the user;
判断用户的当前登录成功状态是否为强制登录,若是,则拒绝用户的本次登录请求。Determines whether the current login success status of the user is mandatory login. If yes, the user's current login request is rejected.
在本实施例中,当用户长时间不再需要登录网站访问业务时,若客户端上还是处于登录成功状态,可能出现其他人通过该客户端获取授权用户在网站上的用户信息的情形,从而导致用户信息的泄漏,造成隐私泄露或更严重的经济损失。所以在本实施例中,为了进一步保护用户数据的安全,防止同一用户重复登录的装置还可以包括保护模块。设置为获取用户未通过该登录成功的客户端进行操作的闲置时间,当闲置时间超过时间阈值,强制退出当前登录成功的客户端,并删除缓存中的用户客户端特征。其中,对闲置时间的监听可以利用自动退出或者主动退出会调用会话session监听器实现。In this embodiment, when the user no longer needs to log in to the website to access the service for a long time, if the client is still in the login success state, the user may obtain the user information of the authorized user on the website through the client, thereby Lead to leakage of user information, resulting in privacy leaks or more serious economic losses. Therefore, in this embodiment, in order to further protect the security of the user data, the device for preventing the same user from repeatedly logging in may further include a protection module. Set to obtain the idle time for the user who has not successfully passed the login. When the idle time exceeds the time threshold, the client successfully logs out and deletes the user feature in the cache. Among them, the monitoring of the idle time can be realized by using the automatic session or the active exit to invoke the session session listener.
采用本实施例的防止同一用户重复登录的装置,接收模块可以接收用户的登录请求,判断模块根据登录请求中携带用户身份标识和用户当前所使用客户端的客户端特征信息,以及记录信息中记载的用户身份标识和对 应用户当前处于登录成功状态所使用的客户端的客户端特征信息进行本次登录是否为重复登录的判断,并利用响应模块在判断结果为重复登录时,进行相应的响应,避免同一用户重复登录,采用本实施例的装置,实现简单,可以快速、准确地判断重复登录行为并作出响应,保证用户数据安全唯一,相对于采用现有技术中带来的对网站业务性能的不利影响,本实施例的装置不影响业务性能,不会导致网站性能瓶颈,能给用户带来更好的体验。With the device for preventing the same user from repeatedly logging in, the receiving module can receive the login request of the user, and the determining module carries the user identity identifier and the client feature information of the client currently used by the user according to the login request, and the record information recorded in the record information. User identity and pair The client's client feature information used by the user in the login success state is used to determine whether the login is a duplicate login, and the response module uses the corresponding response when the determination result is a duplicate login, thereby avoiding repeated logins by the same user. The device of the embodiment is simple in implementation, and can repeatedly and accurately determine the repeated login behavior and respond to ensure that the user data is unique and secure, and the embodiment has an adverse effect on the service performance of the website caused by the prior art. The device does not affect the performance of the business, does not cause a performance bottleneck of the website, and can bring a better experience to the user.
显然,本领域的技术人员应该明白,上述本发明的各模块或各步骤可以用通用的计算装置来实现,它们可以集中在单个的计算装置上,或者分布在多个计算装置所组成的网络上,可选地,它们可以用计算装置可执行的程序代码来实现,从而,可以将它们存储在存储介质(ROM/RAM、磁碟、光盘)中由计算装置来执行,并且在某些情况下,可以以不同于此处的顺序执行所示出或描述的步骤,或者将它们分别制作成各个集成电路模块,或者将它们中的多个模块或步骤制作成单个集成电路模块来实现。所以,本发明不限制于任何特定的硬件和软件结合。Obviously, those skilled in the art should understand that the above modules or steps of the present invention can be implemented by a general-purpose computing device, which can be concentrated on a single computing device or distributed over a network composed of multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device such that they may be stored in a storage medium (ROM/RAM, diskette, optical disk) by a computing device, and in some cases The steps shown or described may be performed in an order different than that herein, or they may be separately fabricated into individual integrated circuit modules, or a plurality of the modules or steps may be implemented as a single integrated circuit module. Therefore, the invention is not limited to any particular combination of hardware and software.
以上内容是结合具体的实施方式对本发明所作的进一步详细说明,不能认定本发明的具体实施只局限于这些说明。对于本发明所属技术领域的普通技术人员来说,在不脱离本发明构思的前提下,还可以做出若干简单推演或替换,都应当视为属于本发明的保护范围。The above is a further detailed description of the present invention in connection with the specific embodiments, and the specific embodiments of the present invention are not limited to the description. It will be apparent to those skilled in the art that the present invention may be made without departing from the spirit and scope of the invention.
工业实用性Industrial applicability
本发明实施例公开了一种防止同一用户重复登录的装置和方法,可以接收到用户的登录请求,获取记录信息,登录请求中携带了用户身份标识和用户当前所使用客户端的客户端特征信息,记录信息中对应存储了用户身份标识字段和客户端特征信息字段,分别用于记录授权用户的用户身份 标识和对应用户当前处于登录成功状态所使用的客户端的客户端特征信息,当接收到用户的登录请求后,根据登录请求中携带的信息以及记录信息,就可以准确、快速判断用户本次是否为重复登录,并在判断结果为重复登录时,做出相应的响应,防止同一用户重复登录,保证用户数据安全唯一,相对于现有技术中,利用服务软件会话特性,或采用服务器软件会话自动同步复制功能,或借助数据库来保持同一用户登录状态的方式,本实施例对网站的性能没有影响,在大量用户使用网站的情况下,不会对网站造成性能瓶颈,有利于提高用户的网站使用感和扩大网站的容量。 The embodiment of the invention discloses a device and a method for preventing the same user from repeatedly logging in. The user may receive the login request of the user and obtain the record information. The login request carries the user identity and the client feature information of the client currently used by the user. The user identity field and the client feature information field are stored in the record information, and are used to record the identity of the authorized user. The identifier and the client feature information of the client that is currently in the login success state of the user, after receiving the login request of the user, according to the information carried in the login request and the record information, can accurately and quickly determine whether the user is currently Repeat the login, and when the judgment result is repeated login, respond accordingly to prevent the same user from repeatedly logging in to ensure that the user data is unique and secure. Compared with the prior art, the service software session feature is used, or the server software session is automatically synchronized. The copy function, or the way to maintain the login status of the same user by means of the database, has no effect on the performance of the website. When a large number of users use the website, the performance bottleneck is not caused to the website, which is beneficial to improving the user's website usage. And expand the capacity of the website.

Claims (10)

  1. 一种防止同一用户重复登录的装置,包括:A device for preventing duplicate logins by the same user, including:
    接收模块,设置为接收用户的登录请求,所述登录请求中携带的信息包括用户身份标识和用户当前所使用客户端的客户端特征信息;The receiving module is configured to receive a login request of the user, where the information carried in the login request includes the user identity identifier and client feature information of the client currently used by the user;
    判断模块,设置为根据所述登录请求中携带的信息以及获取的记录信息,判断所述用户本次是否为重复登录,所述记录信息包括用户身份标识字段,以及与用户身份标识字段对应的客户端特征信息字段,所述用户身份标识字段用于记录授权用户的用户身份标识,所述客户端特征信息字段用于记录对应用户当前处于登录成功状态所使用的客户端的客户端特征信息;The determining module is configured to determine, according to the information carried in the login request and the obtained record information, whether the user is a duplicate login, the record information includes a user identity identifier field, and a client corresponding to the user identity identifier field. An end feature information field, where the user identity identifier field is used to record a user identity of the authorized user, and the client feature information field is used to record client feature information of the client that is currently used by the user in the login success state;
    响应模块,设置为若所述判断模块的判断结果为重复登录,则按照预设方式响应所述登录请求,以防止同一用户重复登录。The response module is configured to respond to the login request according to a preset manner if the determination result of the determining module is a repeated login, to prevent the same user from repeatedly logging in.
  2. 如权利要求1所述的防止同一用户重复登录的装置,其中,The apparatus for preventing repeated login by the same user according to claim 1, wherein
    所述响应模块还设置为若所述判断模块的判断结果为非重复登录,则允许所述用户本次登录成功,并将所述登陆请求中携带的客户端特征信息填充到所述记录信息中同一用户身份标识对应的客户端特征信息字段。The response module is further configured to: if the determination result of the determining module is a non-repetitive login, permit the user to successfully log in this time, and fill the record information carried in the login request into the record information. The client feature information field corresponding to the same user identity.
  3. 如权利要求1所述的防止同一用户重复登录的装置,其中,所述判断模块设置为:The apparatus for preventing repeated login by the same user according to claim 1, wherein the determining module is configured to:
    根据所述登录请求中携带的所述用户身份标识,查询所述记录信息中同一用户身份标识对应的客户端特征信息字段是否为空;若否,则判断结果为所述用户本次为重复登录;Determining, according to the user identity identifier carried in the login request, whether the client feature information field corresponding to the identity of the same user in the record information is empty; if not, determining that the user is a duplicate login this time ;
    或者,根据所述登录请求中携带的所述用户身份标识,查询所述记录信息中同一用户身份标识对应的客户端特征信息字段中的客户端特征信息是否与所述登录请求中携带的所述客户端特征信息相匹配;如不匹配,则判断结果为所述用户本次为重复登录。Or, according to the user identity identifier carried in the login request, querying whether the client feature information in the client feature information field corresponding to the same user identity in the record information is the same as that carried in the login request. The client feature information is matched; if there is no match, the judgment result is that the user is a duplicate login this time.
  4. 如权利要求1所述的防止同一用户重复登录的装置,其中,还包括:获取模块,设置为从外部缓存空间获取所述记录信息。 The apparatus for preventing repeated login by the same user according to claim 1, further comprising: an obtaining module configured to acquire the record information from an external cache space.
  5. 如权利要求1至4任一项所述的防止同一用户重复登录的装置,其中,所述响应模块设置为若所述判断模块的判断结果为重复登录,则通过以下三种方式中的一种进行响应:The apparatus for preventing repeated login by the same user according to any one of claims 1 to 4, wherein the response module is configured to pass one of the following three methods if the determination result of the determination module is repeated login Respond:
    拒绝所述用户的本次登录请求;Rejecting the current login request of the user;
    提示所述用户是否强制登录,若收到所述用户的强制登录请求,则强制退出所述用户当前登录成功的客户端,并允许所述用户本次登录成功,将所述记录信息中所述用户的用户身份标识对应的客户端特征信息字段中的客户端特征信息替换成用户当前所使用客户端的客户端特征信息;Prompting whether the user is forced to log in. If the user is forced to log in, the user is forced to log out of the client that is successfully logged in, and the user is allowed to log in successfully. The client feature information in the client feature information field corresponding to the user identity of the user is replaced with the client feature information of the client currently used by the user;
    判断所述用户的当前登录成功状态是否为强制登录,若是,则拒绝所述用户的本次登录请求。Determining whether the current login success status of the user is a mandatory login, and if yes, rejecting the current login request of the user.
  6. 一种防止同一用户重复登录的方法,包括:A method for preventing duplicate logins by the same user, including:
    接收用户的登录请求,所述登录请求中携带的信息包括用户身份标识和用户当前所使用客户端的客户端特征信息;Receiving a login request of the user, where the information carried in the login request includes a user identity identifier and client feature information of a client currently used by the user;
    根据所述登录请求中携带的信息以及获取的记录信息,判断所述用户本次是否为重复登录,所述记录信息包括用户身份标识字段,以及与用户身份标识字段对应的客户端特征信息字段,所述用户身份标识字段用于记录授权用户的用户身份标识,所述客户端特征信息字段用于记录对应用户当前处于登录成功状态所使用的客户端的客户端特征信息;Determining, according to the information carried in the login request and the obtained record information, whether the user is a duplicate login, the record information includes a user identity identifier field, and a client feature information field corresponding to the user identity identifier field, The user identity field is used to record the user identity of the authorized user, and the client feature information field is used to record the client feature information of the client that is currently used by the user in the login success state;
    若判断结果为重复登录,则按照预设方式响应所述登录请求,以防止同一用户重复登录。If the result of the determination is a repeated login, the login request is responded to in a preset manner to prevent the same user from repeatedly logging in.
  7. 如权利要求6所述的防止同一用户重复登录的方法,其中,还包括:The method for preventing repeated login by the same user according to claim 6, further comprising:
    若判断结果为非重复登录,则允许所述用户本次登录成功,并将所述登陆请求中携带的客户端特征信息填充到所述记录信息中同一用户身份标识对应的客户端特征信息字段。If the result of the determination is a non-repeated login, the user is allowed to log in successfully, and the client feature information carried in the login request is filled in the client feature information field corresponding to the same user identity in the record information.
  8. 如权利要求6所述的防止同一用户重复登录的方法,其中, 根据所述登录请求中携带的信息以及获取的记录信息,判断所述用户本次是否为重复登录包括:A method of preventing repeated login by the same user as claimed in claim 6, wherein Determining whether the user is a duplicate login this time according to the information carried in the login request and the obtained record information includes:
    根据所述登录请求中携带的所述用户身份标识,查询所述记录信息中同一用户身份标识对应的客户端特征信息字段是否为空;若否,则判断结果为所述用户本次为重复登录;Determining, according to the user identity identifier carried in the login request, whether the client feature information field corresponding to the identity of the same user in the record information is empty; if not, determining that the user is a duplicate login this time ;
    或者,根据所述登录请求中携带的所述用户身份标识,查询所述记录信息中同一用户身份标识对应的客户端特征信息字段中的客户端特征信息是否与所述登录请求中携带的所述客户端特征信息相匹配;如不匹配,则判断结果为所述用户本次为重复登录。Or, according to the user identity identifier carried in the login request, querying whether the client feature information in the client feature information field corresponding to the same user identity in the record information is the same as that carried in the login request. The client feature information is matched; if there is no match, the judgment result is that the user is a duplicate login this time.
  9. 如权利要求6所述的防止同一用户重复登录的方法,其中,还包括以下获取所述记录信息的步骤:The method for preventing repeated login by the same user according to claim 6, further comprising the step of acquiring the record information as follows:
    从外部缓存空间获取所述记录信息。The record information is obtained from an external cache space.
  10. 如权利要求6至9任一项所述的防止同一用户重复登录的方法,其中,若判断结果为重复登录,则按照预设方式响应所述登录请求包括以下三种方式中的一种:The method for preventing repeated login by the same user according to any one of claims 6 to 9, wherein if the determination result is repeated login, responding to the login request according to a preset manner includes one of the following three manners:
    拒绝所述用户的本次登录请求;Rejecting the current login request of the user;
    提示所述用户是否强制登录,若收到所述用户的强制登录请求,则强制退出所述用户当前登录成功的客户端,并允许所述用户本次登录成功,将所述记录信息中所述用户的用户身份标识对应的客户端特征信息字段中的客户端特征信息替换成用户当前所使用客户端的客户端特征信息;Prompting whether the user is forced to log in. If the user is forced to log in, the user is forced to log out of the client that is successfully logged in, and the user is allowed to log in successfully. The client feature information in the client feature information field corresponding to the user identity of the user is replaced with the client feature information of the client currently used by the user;
    判断所述用户的当前登录成功状态是否为强制登录,若是,则拒绝所述用户的本次登录请求。 Determining whether the current login success status of the user is a mandatory login, and if yes, rejecting the current login request of the user.
PCT/CN2017/095307 2016-08-04 2017-07-31 Device and method preventing repeated logins of same user WO2018024176A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610635704.5A CN107689941A (en) 2016-08-04 2016-08-04 A kind of apparatus and method for preventing same user's repeat logon
CN201610635704.5 2016-08-04

Publications (1)

Publication Number Publication Date
WO2018024176A1 true WO2018024176A1 (en) 2018-02-08

Family

ID=61072778

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/095307 WO2018024176A1 (en) 2016-08-04 2017-07-31 Device and method preventing repeated logins of same user

Country Status (2)

Country Link
CN (1) CN107689941A (en)
WO (1) WO2018024176A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114978779A (en) * 2022-08-01 2022-08-30 广州市保伦电子有限公司 Data processing method and device for web account login and terminal equipment

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110839041A (en) * 2019-11-22 2020-02-25 苏州浪潮智能科技有限公司 Single-user login method, device, equipment and medium supporting multi-node deployment
CN111565181A (en) * 2020-04-28 2020-08-21 中国联合网络通信集团有限公司 Single equipment login method, server and client
CN111600858B (en) * 2020-05-06 2021-12-14 腾讯科技(深圳)有限公司 Application login method, device and system
CN112637181A (en) * 2020-12-18 2021-04-09 上海销氪信息科技有限公司 Client login method, device and medium
CN113190812A (en) * 2021-05-24 2021-07-30 中国工商银行股份有限公司 Login method, system, electronic equipment and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7814330B2 (en) * 2005-08-01 2010-10-12 Oracle International Corporation Method and apparatus for facilitating multi-level computer system authentication
KR20110036805A (en) * 2011-03-24 2011-04-11 주식회사 케이티 Method of controlling of user session using terminal's macid
CN102739686A (en) * 2012-07-05 2012-10-17 无锡中科泛在信息技术研发中心有限公司 Method for restricting users to login at multiple locations simultaneously

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7814330B2 (en) * 2005-08-01 2010-10-12 Oracle International Corporation Method and apparatus for facilitating multi-level computer system authentication
KR20110036805A (en) * 2011-03-24 2011-04-11 주식회사 케이티 Method of controlling of user session using terminal's macid
CN102739686A (en) * 2012-07-05 2012-10-17 无锡中科泛在信息技术研发中心有限公司 Method for restricting users to login at multiple locations simultaneously

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114978779A (en) * 2022-08-01 2022-08-30 广州市保伦电子有限公司 Data processing method and device for web account login and terminal equipment

Also Published As

Publication number Publication date
CN107689941A (en) 2018-02-13

Similar Documents

Publication Publication Date Title
CN110086822B (en) Method and system for implementing micro-service architecture-oriented unified identity authentication strategy
WO2018024176A1 (en) Device and method preventing repeated logins of same user
US20210328992A1 (en) Computer readable storage media for tiered connection pooling and methods and systems for utilizing same
US11790077B2 (en) Methods, mediums, and systems for establishing and using security questions
US20220215082A1 (en) Method and apparatus for facilitating the login of an account
US10541991B2 (en) Method for OAuth service through blockchain network, and terminal and server using the same
TWI587672B (en) Login authentication method, client, server and system
CN107277049B (en) Access method and device of application system
US9292670B2 (en) Systems and methods for generating and authenticating one time dynamic password based on context information
US20150121491A1 (en) System and method of authenticating user account login request messages
US9554276B2 (en) System and method for on the fly protocol conversion in obtaining policy enforcement information
US8869258B2 (en) Facilitating token request troubleshooting
EP3316544A1 (en) Token generation and authentication method, and authentication server
CN111291043A (en) Identification value query method, identification resolution server and storage medium
WO2021027600A1 (en) Single log-in method, apparatus and device, and computer-readable storage medium
US20210011905A1 (en) Method for providing relational decentralized identifier service and blockchain node using the same
US9635024B2 (en) Methods for facilitating improved user authentication using persistent data and devices thereof
CN106487744A (en) A kind of Shiro verification method based on Redis storage
CN108289074B (en) User account login method and device
US9680814B2 (en) Method, device, and system for registering terminal application
TW201335777A (en) Distributed data storing and accessing system and method
US10931662B1 (en) Methods for ephemeral authentication screening and devices thereof
CN112272093B (en) Token management method, electronic equipment and readable storage medium
CN111371811B (en) Resource calling method, resource calling device, client and service server
TW201430608A (en) Single-sign-on system and method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17836358

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17836358

Country of ref document: EP

Kind code of ref document: A1