CN105141624B

CN105141624B - Login method, account management server and FTP client FTP

Info

Publication number: CN105141624B
Application number: CN201510593507.7A
Authority: CN
Inventors: 陈曙威
Original assignee: Netease Hangzhou Network Co Ltd
Current assignee: Netease Hangzhou Network Co Ltd
Priority date: 2015-09-17
Filing date: 2015-09-17
Publication date: 2018-09-25
Anticipated expiration: 2035-09-17
Also published as: CN105141624A

Abstract

The invention discloses a kind of login method, account management server and FTP client FTP, the login method includes：Receive the first logging request of the first application server transmission；Wherein, the first logging request includes the first application identities；According to the first application identities, identification code information is generated；Identification code information is sent to the first application server；Receive the verification information of the second application server transmission；The verification information is verified；After being verified, verification result is sent to the second application server, is confirmed so that the second application server is transmitted to the second client；After the confirmation message for receiving the return of the second application server, the login confirmation message for including the first application identities is sent to the first application server, so that the first application server receives the first client and logged in by the first application.Using the embodiment of the present invention, two different business can be efficiently separated, the load of server is made to share, the different application extension of same account is flexible.

Description

Login method, account management server and FTP client FTP

Technical field

The present invention relates to a kind of field of communication technology more particularly to login method, account management server and client systems System.

Background technology

It is chequered with black and white that Quick Response Code is that certain specific set figure is distributed in plane (on two-dimensional directional) according to certain rules Graphic recording data symbol information." 0 ", " 1 " for constituting computer-internal logical foundations are dexterously utilized in code compilation The concept of bit stream indicates word numerical information using several geometrical bodies corresponding with binary system, defeated by image Enter equipment or photoelectric scanning device automatically identifying and reading to realize automatic processing of information.And with the universal and development of internet, it brings A large amount of Internet Service Provider, many Internet Service Providers both provide login function, and more application service is both needed to Use is just had permission after wanting user to log in.Due to the convenience and confidentiality of Quick Response Code, more far-end server provides two Code login function is tieed up, when the application program for having permission requirement that user is provided using far-end server, can be utilized mobile whole The included camera in end scans the two-dimension code image of application program offer, and parses the verification information of two-dimension code image, will Log-on message needed for two-dimensional code authentication information and the application program is sent to far-end server.In far-end server to Quick Response Code After verification information is verified, application program is enabled to login successfully using log-on message.

In the prior art, application No. is " 201410225078.3 " to disclose log-on message transmission method and background service Device, this method by being arranged background server between client and application server, client by two-dimensional code authentication information and Log-on message is sent to background server.Background server is authenticated to send secondary-confirmation request by rear to client, is receiving It is just sent to application server after the secondary-confirmation information sent to client and logs in confirmation message, to make application server permit Perhaps client logs in.There are two same background servers of application access of same client in the technical solution, make The load of background server can not disperse, background server will not only receive the Quick Response Code log-on message of client, will also be to Its corresponding application server sends the logging in confirmation message of the task.When the Quick Response Code checking request of client and background server Compare it is more, will influence background server to application server send log in confirmation message timeliness, can not effectively by this two A different business separates, and avoids hot spot.

Invention content

A kind of login method of proposition of the embodiment of the present invention, account management server and FTP client FTP, can efficiently separate two A different business, makes the load of server share, and the different application extension of same account is flexible.

The embodiment of the present invention provides a kind of login method, including：

Receive the first logging request of the first application server transmission；Wherein, first logging request is by the first client End is sent to first application server, and first logging request includes the first application identities；

According to first application identities, identification code information is generated；

The identification code information is sent to first application server, so that first application server will be described Identification code information is transmitted to first client, and first client is made to show the identification code information；

Receive the verification information of the second application server transmission；Wherein, the verification information be by the second client according to The identification code information of first client displaying and generate, and be transmitted to second application server；The verification Information includes the identification code information and user account information；

The verification information is verified；

When being verified, verification result is sent to second application server, for second application server Second client is transmitted to be confirmed；

After receiving the confirmation message that second application server returns, sends and wrap to first application server Login confirmation message containing first application identities, so that first application server receives first client and passes through First application identities corresponding first, which are applied, to be logged in；Wherein, the confirmation message is sent out by second client Give second application server.

Further, described that the verification information is verified, it specifically includes：

By the identification code information and user account information in the verification information, respectively correspondingly with the mark in database Code information, user account information are compared, and judge whether all information are consistent；

If consistent, it is verified；

If not quite identical, verify and do not pass through.

Further, the verification information further includes the first dynamic code；First dynamic code is by second client According to the mark of second client, calculates and generate according to preconfigured dynamic code algorithm；

It is then described that the verification information is verified, it specifically includes：

According to the client identification and preconfigured dynamic code algorithm to prestore, calculates and obtain the second dynamic code；

By the first dynamic code, identification code information and the user account information in the verification information, respectively correspondingly with institute State the identification code information in the second dynamic code, database, user account information is compared, judge whether all information consistent；

If consistent, it is verified；

If not quite identical, verify and do not pass through.

Further, the verification result includes：The application for being verified prompt message, asking the application logged in corresponding The account name of client-side information and request login account corresponding to the client of verification information described in title, requests verification.

Further, the verification information is to carry out format checking and qualified verification via second application server Information.

Further, described after receiving the confirmation message that second application server returns, further include：

The prompting message for prompting first application to login successfully is sent to second application server, so that institute It states the second application server and the prompting message is transmitted to second client；

The prompting message includes：The key string generated according to the user account information；

The key string is stored by second client into key database.

Further, the user account information in the verification information is inputted according to user or by second client End is obtained from the key string stored in the key database.

On the other hand, the present invention provides a kind of account management servers, including：

First receiving unit, the first logging request for receiving the transmission of the first application server；Wherein, it described first steps on Record request is sent to first application server by the first client, and first logging request includes the first application identities；

Identification code generation unit, for according to first application identities, generating identification code information；

First transmission unit, for the identification code information to be sent to first application server, for described The identification code information is transmitted to first client by one application server, and first client is made to show the mark Code information；

Second receiving unit, the verification information for receiving the transmission of the second application server；Wherein, the verification information is It is generated according to the identification code information that first client is shown by the second client, and is transmitted to second application Server；The verification information includes the identification code information and user account information；

Authentication unit, for being verified to the verification information；

Second transmission unit, for when being verified, verification result being sent to second application server, for institute It states the second application server and is transmitted to second client and confirmed；

Third receiving unit, the confirmation message returned for receiving second application server；

Third transmission unit, for receiving the confirmation that second application server returns in the third receiving unit It after information, is sent to first application server and includes the login confirmation messages of first application identities, so that described the One application server receives first client and is logged in by corresponding first application of first application identities；Its In, the confirmation message is to be sent to second application server by second client.

Further, the authentication unit includes：

First judgment sub-unit is right respectively for by the identification code information and user account information in the verification information It is compared with the identification code information in database, user account information with answering, judges whether all information are consistent；

With the first verification subelement, for when first judgment sub-unit determines that all information are consistent, determining verification Pass through；And for when first judgment sub-unit determines that all INFORMATION OF INCOMPLETEs are consistent, determining that verification does not pass through.

The authentication unit includes：

Computation subunit obtains for according to the client identification that prestores and preconfigured dynamic code algorithm, calculating Two dynamic codes；

Second judgment sub-unit is used for the first dynamic code, identification code information and the user account in the verification information Information is respectively correspondingly compared with the identification code information in second dynamic code, database, user account information, sentences Whether all information of breaking are consistent；

With the second verification subelement, for when second judgment sub-unit determines that all information are consistent, determining verification Pass through；And for when second judgment sub-unit determines that all INFORMATION OF INCOMPLETEs are consistent, determining that verification does not pass through.

Further, the account management server further includes：

4th transmission unit, for receiving the confirmation that second application server returns in the third receiving unit After information, the prompting message for prompting first application to login successfully is sent to second application server, so that institute It states the second application server and the prompting message is transmitted to second client；

The key string is stored by second client into key database.

Yet another aspect, the present invention provides a kind of login methods, including：

First client sends the first logging request for including the first application identities to the first application server, so that described First logging request is transmitted to account management server by the first application server, so that the account management server root According to first application identities, identification code information is generated, and the identification code information is sent to first application server；

First client receives the identification code information that first application server is sent；

The identification code information that second client is shown according to first client generates verification information；Wherein, institute It includes the identification code information and user account information to state verification information；

The verification information is sent to the second application server by second client, so that second application service Device is transmitted to the account management server, so that the account management server verifies the verification information；

Second client receives the verification result that second application server is sent；Wherein, the verification result It is by the account management server authentication by being generated and sent after the verification information to second application server；

Second client sends to second application server and confirms after confirming to the verification result Information so that second application server is transmitted to the account management server so that the account management server to First application server sends the login confirmation message for including first application identities, to make the first application clothes Business device receives first client and is logged in by corresponding first application of first application identities.

Further, the verification information further includes：First dynamic code；

First dynamic code by second client according to the mark of second client, according to preconfigured Dynamic code algorithm, which calculates, to be generated.

Further, the verification result includes the application for being verified prompt message, asking the application logged in corresponding The account name of client-side information and request login account corresponding to the client of verification information described in title, requests verification.

Further, after first client is logged in by corresponding first application of first application identities, Further include：

What second client received that second application server sends logins successfully for prompt first to apply Prompting message；Wherein, the prompting message is to be generated by the account management server and be transmitted to second application service Device；The prompting message includes：The key string generated according to the user account information；

Second client will be in the key string storage to key database in the prompting message.

Another aspect, the present invention provides a kind of FTP client FTPs, including：First client and the second client；

Wherein, first client includes：

5th transmission unit, for sending the first logging request for including the first application identities to the first application server, So that first logging request is transmitted to account management server by first application server, so that the account management Server generates identification code information, and the identification code information is sent to described first and is answered according to first application identities Use server；

With, the 5th receiving unit, the identification code information sent for receiving first application server；

Second client includes：

6th receiving unit, the identification code information for being shown according to first client generate verification information； Wherein, the verification information includes the identification code information and user account information；

6th transmission unit, for the verification information to be sent to the second application server, so that second application Server is transmitted to the account management server, so that the account management server verifies the verification information；

7th receiving unit, the verification result sent for receiving second application server；Wherein, the verification knot Fruit is by the account management server authentication by being generated and sent after the verification information to second application server；

With the 7th transmission unit, for after confirming to the verification result, being sent out to second application server Confirmation message is sent, so that second application server is transmitted to the account management server, so that the account management takes Business device sends the login confirmation message for including first application identities to first application server, to make described first Application server receives first client and is logged in by corresponding first application of first application identities.

Further, the verification information further includes：First dynamic code；

Further, second client further includes：

8th receiving unit, for first client by first application identities it is corresponding first application into After row logs in, the prompting message for prompting the first application to login successfully that second application server is sent is received；Wherein, The prompting message is to be generated by the account management server and be transmitted to second application server；The prompting message Including：The key string generated according to the user account information；

With storage unit, for storing the key string in the prompting message into key database.

As it can be seen that implementing the embodiment of the present invention, have the advantages that：

A kind of login method provided in an embodiment of the present invention, including：Receive the transmission of the first application server first logs in Request, and generate identification code information according to the first application identities in the first logging request；Identification code information is sent to first Application server makes the first application server be transmitted to the first client；The mark of second the first client of client scan displaying Know code information, generate and sends verification information to the second application server；The verification information of the second application server transmission is received, And in verification information identification code and user account information verify；After being verified, sent out to the second application server Verification result is sent, is confirmed so that the second application server is transmitted to the second client；In the confirmation message for receiving return Afterwards, the login confirmation message for including the first application identities is sent to the first application server, so that the first application server receives First client is logged in by the first application.Server in compared with the prior art needs to carry out data friendship with client Mutually and account verification, technical solution of the present invention detaches the two business, and application server is responsible for and client is into line number According to interaction, account management server is responsible for account verification, to share the load of server, reduces the coupling of server Property.And when the different application of same account needs extension, since different applications connects different application servers, therefore only New application server and account management server need to be coordinated, account can be shared in different application, extension is easy. In addition, since client and account management server have no direct communication, hacker can not be from client to account management server Attack is sent out, ensure that the safety of account information.

Further, the verification information in login method of the invention is in addition to including information of identification code and user account information Outside, further include the first dynamic code；First dynamic code by the second client according to the identification code of second client, according to advance The dynamic code algorithm of configuration, which calculates, to be generated.User can in advance authorize client in account management server, to indicate Which client can carry out login authentication.Account management server will be in the identification code storage to database of authorized client. When verification information is verified, account management server calculates according to the client identification and dynamic code algorithm to prestore and obtains second Dynamic code, then by the first dynamic code, identification code information and the user account information in verification information, it is respectively correspondingly dynamic with second Identification code information, user account information in state code, database are compared, and judge whether all information are consistent.If consistent It is then verified, otherwise, verification does not pass through.It therefore, can not be in the client of unauthorized even if user account and password leakage Upper completion login authentication, ensure that the accuracy of verification information.

Further, after the verification information that the second client of account management server pair is sent is verified, verification is sent As a result the second application server is given, the second client is transmitted to by the second application server and is confirmed.User is in the second client To being verified prompt message, the Apply Names for asking the application logged in corresponding, requests verification institute in verification result in end The account name for stating the client-side information corresponding to the client of verification information and request login account is confirmed, then passes through second Client return confirmation message, account management server just allow the first application server receiving the first client login.As it can be seen that The present invention after verification information is verified, in user just applied from account management server to first after secondary-confirmation passes through Server, which is sent, logs in confirmation message, therefore even if identification code information is maliciously altered in login process, has changed using clothes The address of business device, account management server will not send any information to malicious server, further improve log-on message The safety of transmission.

Further, after user logins successfully for the first time, account management server sends to the second application server and uses In the prompting message that the first application of prompt logins successfully, so that the second application server is transmitted to the second client.The prompt disappears Breath includes according to user account information and the key string that generates, and the second client stores the key string corresponding to the user account Into key database.When user is logged on using the second client, user only needs to select without inputting password again Corresponding account name is selected, the second client searches key database and obtains corresponding key string, by user account name and key String constitutes the user account information in verification information.Key string in account management server authentication verification information whether with data Key string in library is consistent, if can unanimously confirm that user account information is verified, and simplifies user's operation, reduces use Cost is remembered at family, to improve user experience.

On the other hand, the present invention provides a kind of account management servers, and receiving the first application by the first receiving unit takes The first logging request that business device is sent, and generated according to the first application identities in the first logging request by identification code generation unit Identification code information, then identification code information is sent to the first application server by the first transmission unit, make the first application server It is transmitted to the first client.In the identification code information of second the first client of client scan displaying, generates and applied to second After server sends verification information, the second receiving unit receives the verification information that the second application server is sent, and single by verification Member in verification information identification code and user account information verify.After being verified, the second transmission unit is to second Application server sends verification result, is confirmed so that the second application server is transmitted to the second client.It is received in third After unit receives the confirmation message of return, third transmission unit is sent to the first application server comprising the first application identities Confirmation message is logged in, so that the first application server receives the first client and logged in by the first application.Compared to existing Server needs to carry out data interaction and account with client to verify, and account management server provided by the invention is by the two industry Business is detached, and application server is responsible for carrying out data interaction with client, and account management server is responsible for account verification, to Shared the load of server, reduced the coupling of server, improved the robustness of server, and same account not When needing extension with application, since different applications connect different application servers, therefore only need to by new application server with Account management server is coordinated, and account can be shared in different application, and extension is easy.In addition, due to client and account Number management server has no direct communication, and hacker can not send out attack to account management server from client, ensure that account The safety of information.

On the other hand, the present invention also provides a kind of FTP client FTPs, by the first client and the second groups of clients at One client includes the 5th transmission unit and the 5th receiving unit.5th transmission unit is used to send to the first application server and wrap The first logging request containing the first application identities, the 5th receiving unit are used to receive the identification code letter of the first application server transmission Breath.Second client includes the 6th receiving unit, the 6th transmission unit, the 7th receiving unit and the 7th transmission unit.6th connects The identification code information that unit is used to show according to the first client is received, verification information is generated.6th transmission unit will be for that will verify Information is sent to the second application server, so that the second application server is transmitted to account management server and is verified.7th Receiving unit is used to receive the verification result of the second application server.7th transmission unit to verification result for confirming Afterwards, confirmation message is sent to the second application server, so that the second application server is transmitted to account management server, so that account Number management server sends to the first application server and logs in confirmation message, to make the first application server receive the first client First application at end is logged in.Each client will individually be connect with cloud server compared with the prior art, the present invention FTP client FTP connect respectively with respective application server, avoid client from directly being connect with account management server, subtract The load of few account management server, and only user just allows the first of the first client after confirming to verification result Using being logged in, the secondary-confirmation of log-on message is realized, to improve the safety of login.

Description of the drawings

Fig. 1 is a kind of flow diagram of embodiment of login method provided by the invention；

Fig. 2 is a kind of structural schematic diagram of embodiment of account management server provided by the invention；

Fig. 3 is a kind of structural schematic diagram of embodiment of authentication unit provided by the invention；

Fig. 4 is the structural schematic diagram of another embodiment of authentication unit provided by the invention；

Fig. 5 is a kind of structural schematic diagram of another embodiment of account management server provided by the invention

Fig. 6 is the flow diagram of another embodiment of login method provided by the invention；

Fig. 7 is a kind of a kind of structural schematic diagram of embodiment of FTP client FTP provided by the invention；

Fig. 8 is the structural schematic diagram of another embodiment of FTP client FTP provided by the invention；

Fig. 9 is a kind of sequence diagram of embodiment of login method provided by the invention；

Figure 10 is a kind of information exchange schematic diagram of embodiment of login method provided by the invention.

Specific implementation mode

Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation describes, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, those of ordinary skill in the art are obtained every other without creative efforts Embodiment shall fall within the protection scope of the present invention.

Embodiment 1

It is a kind of information exchange schematic diagram of embodiment of login method provided by the invention referring to Figure 10, Figure 10.Such as figure Shown in 10, the equipment involved by login method of the invention includes：First client (the client in the first application in Figure 10 End), the second client (mobile client in Figure 10), the first application server (in Figure 10 first application in application service Device), the second application server (application server in Figure 10 in the second application) and account management server.Present invention login side The detailed process step of method can be found in Fig. 1, and Fig. 1 is a kind of flow diagram of embodiment of login method provided by the invention, This method is suitable for account management server comprising following steps：

Step 101：Receive the first logging request of the first application server transmission；Wherein, the first logging request is by first Client is sent to the first application server, and the first logging request includes the first application identities.

In the present embodiment, account management server receives the first logging request that the first application server is sent, this One logging request is sent to the first application server by the first client, and is transmitted to account management clothes by the first application server Business device.First client is the client that user need to log in, and user is accordingly stepped on using the first application in the first client Record operation, the first application generate corresponding first logging request.First logging request includes identify first application first Application identities.

In the present embodiment, the first client can be, but not limited to as computer terminal or mobile terminal.Second client can With but be not limited to the computer terminal with barcode scanning function or mobile terminal.

Step 102：According to first application identities, identification code information is generated.

In the present embodiment, account management server generates identification code information according to the first application identities.The identification code is believed Breath can be, but not limited to as Quick Response Code or bar code.

Step 103：Identification code information is sent to the first application server, so that the first application server believes identification code Breath is transmitted to the first client, and the first client is made to show the identification code information.

In the present embodiment, the first client after receiving identification code information by show equipment by identification code information into Row displaying.Such as identification code information is Quick Response Code, then the first client generates corresponding Quick Response Code figure according to the identification code information Piece, and by showing that equipment shows the two-dimension code image.As a kind of citing of the present embodiment, the first application server can also Identification code information is directly converted into corresponding two-dimension code image or bar shaped picture, picture, which is directly sent to the first client, carries out Displaying.

Step 104：Receive the verification information of the second application server transmission；Wherein, which is by the second client End is generated according to the identification code information that the first client is shown, and is transmitted to the second application server；The verification information includes Identification code information and user account information.

In this example, the identification code information of second the first client of client scan displaying, and by the second client The second application generate corresponding verification information.Verification information includes identification code information and user account information.The identification code is believed Breath is obtained by the second client scan, which can be inputted by user or according to being stored in key database Key string and obtain.

As a kind of citing of the present embodiment, verification information can also include the first dynamic code.First dynamic code is by second Client is calculated according to preconfigured dynamic code algorithm and is generated according to the mark of the second client, and the first dynamic code is provided with Effective time, the time then regenerates later, and identical apply the dynamic code generated in different clients and differ.

In the present embodiment, verification information is to carry out format checking and qualified verification letter via the second application server Breath.After the second application server receives verification information, the second application server can check verification information, such as check mark Whether the format of knowing code information correct, identification code information ask log in first apply whether legal, user account information and Whether the format of dynamic code is correct etc..

Step 105：Verification information is verified.

In the present embodiment, verification information is verified, is specifically included：By the identification code information and use in verification information Family account information is respectively correspondingly compared with the identification code information in database, user account information, judges all information It is whether consistent；If consistent, it is verified；If not quite identical, verify and do not pass through.

As a kind of citing of the present embodiment, if the verification information further includes the first dynamic code, to verification information into Row verification, specifically includes：According to the client identification and preconfigured dynamic code algorithm to prestore, calculates and obtain the second dynamic Code；By the first dynamic code, identification code information and the user account information in verification information, respectively correspondingly with the second dynamic code, Identification code information, user account information in database are compared, and judge whether all information are consistent；If consistent, verify Pass through；If not quite identical, verify and do not pass through.In this citing, account management server, will according to the Authorized operation of user Client identification is stored in database in advance.User can determine which client can complete login authentication by Authorized operation, even if User account and password leakage, can not complete login authentication in the client of unauthorized, ensure that the accurate of verification information Property.

Step 106：When being verified, verification result is sent to the second application server, for the second application server The second client is transmitted to be confirmed.

In the present embodiment, when being verified, account management server sends verification result to the second application server, with The second client is transmitted to for the second application server to be confirmed.The verification result includes：It is verified prompt message, request The corresponding Apply Names of the application of login, requests verification verification information client corresponding to client-side information and request step on Record the account name of account.Wherein, client-side information may include the IP address of client, the related letter such as geographical location of client Breath.

Step 107：After the confirmation message for receiving the return of the second application server, sends and wrap to the first application server Login confirmation message containing the first application identities, so that the first application server receives the first client and passes through the first application identities Corresponding first application is logged in；Wherein, confirmation message is to be sent to the second application server by the second client.

In the present embodiment, after user on a second client confirms verification result, the second client returns true Information is recognized to the second application server, and the second application server forwards it to account management server.Account management server After receiving the confirmation message, the login confirmation message for including the first application identities is sent to the first application server, so that First application server receives the first client and is logged in by the first application.User can continue and first in the first client Application server is communicated.

In the present embodiment, after the confirmation message for receiving the return of the second application server, further include：To the second application Server is sent for prompt first to apply the prompting message that logins successfully, so that the second application server is by the prompting message It is transmitted to the second client, continues to operate to remind user to return to the first client.The prompting message includes：According to user account Information and the key string generated, the key string are stored by the second client into key database.Pass through the second client in user After login authentication is completed at end, the corresponding key string of the user account is sent to the second client and deposited by account management server Storage.In next login authentication, user only need to select corresponding account, the second client meeting without inputting account number cipher again The corresponding key string of the account is obtained in key database, and user account information is formed by account and key string.In account pipe When managing server authentication, whether consistent with the key string of database purchase only the key string need to be verified, you can complete user's account The comparison of number information simplifies user's operation and reduces the memory cost of user.In addition, in user to this in the first client When account is first logged into, the corresponding account information of the account is inputted according to user and is obtained.

In order to better illustrate the process step of login method of the present invention, reference can be made to Fig. 9, Fig. 9 are provided by the invention step on A kind of sequence diagram of embodiment of recording method.

Therefore a kind of login method provided in an embodiment of the present invention, including：Receive the transmission of the first application server First logging request, and generate identification code information according to the first application identities in the first logging request；Identification code information is sent out The first application server is given, the first application server is made to be transmitted to the first client；Second the first client of client scan The identification code information of displaying generates and sends verification information to the second application server；Receive the transmission of the second application server Verification information, and in verification information identification code and user account information verify；After being verified, to the second application Server sends verification result, is confirmed so that the second application server is transmitted to the second client；Receiving return After confirmation message, the login confirmation message for including the first application identities is sent to the first application server, so that the first application clothes Business device receives the first client and is logged in by the first application.Server in compared with the prior art need with client into Row interaction and account verification, technical solution of the present invention detaches the two business, application server be responsible for client into Row data interaction, account management server are responsible for account verification, to share the load of server, reduce the coupling of server Conjunction property.And when the different application of same account needs extension, since different applications connects different application servers, therefore New application server and account management server need to only be coordinated, account can be shared in different application, extension is held Easily.In addition, since client and account management server have no direct communication, hacker can not be from client to account management service Device sends out attack, ensure that the safety of account information.

Embodiment 2

It is a kind of structural schematic diagram of embodiment of account management server provided by the invention referring to Fig. 2, Fig. 2.Such as Fig. 2 Shown, which includes：

First receiving unit 201, the first logging request for receiving the transmission of the first application server；Wherein, it first steps on Record request is sent to the first application server by the first client, and the first logging request includes the first application identities.

Identification code generation unit 202 is used to, according to first application identities, generate identification code information.

First transmission unit 203 is used to identification code information being sent to the first application server, for the first application service Identification code information is transmitted to the first client by device, and the first client is made to show the identification code information.

Second receiving unit 204 is used to receive the verification information of the second application server transmission；Wherein, verification information be by Second client is generated according to the identification code information that the first client is shown, and is transmitted to the second application server；The verification Information includes identification code information and user account information.

Authentication unit 205 is for verifying verification information.

Second transmission unit 206 is used for when being verified, and verification result is sent to the second application server, for second Application server is transmitted to the second client and is confirmed；

Third receiving unit 207 is used to receive the confirmation message of the second application server return.

Third transmission unit 208 is used to receive the confirmation letter of the second application server return in third receiving unit 207 After breath, the login confirmation message for including the first application identities is sent to the first application server, so that the first application server connects It is logged in by corresponding first application of the first application identities by the first client；Wherein, which is by the second visitor Family end is sent to the second application server.

In the present embodiment, be referring to Fig. 3, Fig. 3 authentication unit provided by the invention a kind of embodiment structural representation Figure.Authentication unit 205 includes that the first judgment sub-unit 301 and first verifies subelement 302.First judgment sub-unit 301 is used for By the identification code information and user account information in verification information, respectively correspondingly with the identification code information in database, user Account information is compared, and judges whether all information are consistent.First verification subelement 302 is used in the first judgment sub-unit When 301 all information of determination are consistent, determination is verified；And for determining all information not in the first judgment sub-unit 301 When completely the same, determine that verification does not pass through.

It is that the another of authentication unit provided by the invention is implemented referring to Fig. 4, Fig. 4 as a kind of citing of the present embodiment The structural schematic diagram of example.In this citing, verification information includes identification code information, user account information and the first dynamic code, is somebody's turn to do First dynamic code, according to the mark of second client, is calculated according to preconfigured dynamic code algorithm and is given birth to by the second client At.As shown in figure 4, authentication unit 205 includes：Computation subunit 401, the second judgment sub-unit 402 and second verify subelement 403.Wherein, computation subunit 401 is used to, according to the client identification and preconfigured dynamic code algorithm that prestore, calculate and obtain Second dynamic code.Second judgment sub-unit 402 is used for the first dynamic code, identification code information and the user account in verification information Information is respectively correspondingly compared with the identification code information in the second dynamic code, database, user account information, judges institute There is information whether consistent.Second verification subelement 403 is used for when the second judgment sub-unit 402 determines that all information are consistent, really Surely it is verified；And for when the second judgment sub-unit 402 determines that all information are not all consistent, determining that verification is obstructed It crosses.

In the present embodiment, verification information is to carry out format checking and qualified verification letter via the second application server Breath.

In the present embodiment, verification result includes：The application for being verified prompt message, asking the application logged in corresponding The account name of client-side information and request login account corresponding to title, the client of requests verification verification information.

It is a kind of account management server provided by the invention referring to Fig. 5, Fig. 5 as a kind of citing of the present embodiment Another structural schematic diagram of embodiment.Difference lies in account management server further includes Fig. 5 and Fig. 2：4th transmission unit 509, for third receiving unit 207 receive the second application server return confirmation message after, to the second application service Device sends the prompting message for prompting the first application to login successfully, so that the prompting message is transmitted to by the second application server Second client.Wherein, prompting message includes：The key string generated according to the user account information.The key string is by In the storage to key database of two clients.

As a kind of citing of the present embodiment, after the completion of user carries out login authentication simultaneously using the second client, second Client stores the corresponding key string of the user account, and in next login authentication, the user account information in verification information is It is obtained from the key string stored in key database by the second client, inputs account number cipher again without user, reduce and use The memory cost at family improves user experience.In addition, in user when being first logged into the account in the first client, it should The corresponding account information of account is inputted according to user and is obtained.

The more detailed operation principle of the present invention can be, but not limited to refer to the related record of embodiment 1 to process step.

Therefore the present invention provides a kind of account management servers, and the first application is received by the first receiving unit 201 The first logging request that server is sent, and marked according to the first application in the first logging request by identification code generation unit 202 Know and generate identification code information, then identification code information is sent to the first application server by the first transmission unit 203, makes first to answer It is transmitted to the first client with server.Second the first client of client scan displaying identification code information, generate and to After second application server sends verification information, the second receiving unit 204 receives the verification information that the second application server is sent, And by authentication unit 205 in verification information identification code and user account information verify.After being verified, the second hair It send unit 206 to send verification result to the second application server, is carried out so that the second application server is transmitted to the second client Confirm.After third receiving unit 207 receives the confirmation message of return, third transmission unit 208 is to the first application server The login confirmation message for including the first application identities is sent, so that the first application server receives the first client and answered by first With being logged in.It needs to carry out data interaction with client compared to existing server and account is verified, account provided by the invention Number management server detaches the two business, and application server is responsible for carrying out data interaction, account management with client Server is responsible for account verification, to share the load of server, reduces the coupling of server, improves the strong of server Strong property, and when the different application of same account needs extension, since different applications connects different application servers, therefore New application server and account management server need to only be coordinated, account can be shared in different application, extension is held Easily.In addition, since client and account management server have no direct communication, hacker can not be from client to account management service Device sends out attack, ensure that the safety of account information.

Embodiment 3

It is the flow diagram of another embodiment of login method provided by the invention referring to Fig. 6, Fig. 6.This method is suitable For FTP client FTP.This method main process flow steps are as follows：

Step 601：First client sends the first logging request for including the first application identities to the first application server, So that the first logging request is transmitted to account management server by the first application server, so that account management server is according to One application identities generate identification code information, and identification code information are sent to the first application server.

Step 602：First client receives the identification code information that the first application server is sent.

Step 603：The identification code information that second client is shown according to the first client generates verification information；Wherein, it tests It includes identification code information and user account information to demonstrate,prove information.

Step 604：Institute's verification information is sent to the second application server by the second client, so that the second application server It is transmitted to account management server, so that account management server verifies verification information.

Step 605：Second client receives the verification result that the second application server is sent；Wherein, verification result be by Account management server authentication after verification information by generating and sending to the second application server.

Step 606：Second client sends confirmation letter after confirming to verification result, to the second application server Breath, so that the second application server is transmitted to account management server, so that account management server is to the first application server The login confirmation message for including the first application identities is sent, passes through first to make the first application server receive the first client Corresponding first application of application identities is logged in.

In the present embodiment, FTP client FTP includes the first client and the second client.First in first client Using for that need to log in application, the second application in the second client is login authentication application, corresponds to the first application service respectively Device and the second application server.First application server, the second application server are connect with account management server respectively.Client End and account management server not direct communication.

As a kind of citing of the present embodiment, verification information further includes：First dynamic code.First dynamic code is by the second visitor Family end calculates according to preconfigured dynamic code algorithm and generates according to the mark of second client.User needs in advance in account License to the second client in number management server, account management server is by the client identification storage of mandate to database In so that account management server calculated according to the client identification and dynamic code algorithm that prestore the second dynamic code of acquisition with First dynamic code is consistent, to pass through verification.If client has no mandate in advance, account management server, which has no, to be deposited Corresponding client identification is stored up, calculating the second dynamic code obtained must be different from the first dynamic code, and login authentication does not pass through. Therefore, even if user account and password leakage, can not complete login authentication in the client of unauthorized, it ensure that verification letter The accuracy of breath.

In the present embodiment, verification result includes the application for being verified prompt message, asking the application logged in corresponding The account name of client-side information and request login account corresponding to title, the client of requests verification verification information.

As a kind of citing of the present embodiment, carried out by corresponding first application of the first application identities in the first client After login, further include：What the second client the second application server of reception was sent is used to prompt first to be carried using what is logined successfully Show message.Wherein, which is to be generated by account management server and be transmitted to the second application server.The prompting message Including：The key string generated according to user account information.Second client will be prompted to the storage of the key string in message to key In database.

As a kind of citing of the present embodiment, after the completion of user carries out login authentication simultaneously using the second client, second Client stores the corresponding key string of the user account, and in next login authentication, the user account information in verification information is It is obtained from the key string stored in key database by the second client, inputs account number cipher again without user, reduce and use The memory cost at family improves user experience.

Therefore the present invention also provides a kind of login methods, are suitable for by the first client and the second groups of clients At FTP client FTP.First client sends the first logging request for including the first application identities to the first application server, And receive the identification code information that the first application server is sent.Second client is believed according to the identification code that the first client is shown Breath generates verification information, then verification information is sent to the second application server, so that the second application server is transmitted to account Management server is verified.Then the second client receives the verification result of the second application server.Second client is right After verification result is confirmed, confirmation message is sent to the second application server, so that the second application server is transmitted to account Management server, so that account management server is sent to the first application server logs in confirmation message, to make the first application The first application that server receives the first client is logged in.Each client will individually and high in the clouds compared with the prior art Server connects, and FTP client FTP of the invention is connect with respective application server respectively, avoids client directly and account Management server connects, and reduces the load of account management server, and only user just permits after confirming to verification result Perhaps the first application of the first client is logged in, and improves the safety of login.

Embodiment 4

It is a kind of a kind of structural schematic diagram of embodiment of FTP client FTP provided by the invention referring to Fig. 7, Fig. 7.Such as Fig. 7 Shown, which includes：First client 701 and the second client 702.

Wherein, the first client 701 includes：5th transmission unit 7011 and the 5th receiving unit 7012

5th transmission unit 7011 is used to send the first login comprising the first application identities to the first application server and ask It asks, so that the first logging request is transmitted to account management server by the first application server, so that account management server root According to first application identities, identification code information is generated, and identification code information is sent to the first application server.

5th receiving unit 7012 is used to receive the identification code information of the first application server transmission.

Second client 702 includes：6th receiving unit 7021, the 6th transmission unit 7022, the 7th receiving unit 7023 With the 7th transmission unit 7024.

The identification code information that 6th receiving unit 7021 is used to be shown according to the first client generates verification information；Wherein, The verification information includes identification code information and user account information.

6th transmission unit 7022 is used to verification information being sent to the second application server, so that the second application server It is transmitted to account management server, so that account management server verifies verification information.

7th receiving unit 7023 is used to receive the verification result of the second application server transmission；Wherein, verification result is By account management server authentication by being generated and sent after verification information to the second application server.

7th transmission unit 7024 is used for after confirming to verification result, and confirmation letter is sent to the second application server Breath, so that the second application server is transmitted to account management server, so that account management server is to the first application server The login confirmation message for including the first application identities is sent, passes through first to make the first application server receive the first client Corresponding first application of application identities is logged in.

In the present embodiment, verification information further includes：First dynamic code.First dynamic code is by the second client according to advance The dynamic code algorithm of configuration, which calculates, to be generated.

It is the another real of FTP client FTP provided by the invention referring to Fig. 8, Fig. 8 as a kind of citing of the present embodiment Apply the structural schematic diagram of example.Difference lies in the second client 702 further includes Fig. 8 and Fig. 7：8th receiving unit 801 and storage Unit 802.8th receiving unit 801 is used to be logged in by corresponding first application of the first application identities in the first client Afterwards, the prompting message for prompting the first application to login successfully that the second application server is sent is received.Wherein, the prompting message It is to be generated by account management server and be transmitted to the second application server.The prompting message includes：According to user account information And the key string generated.Storage unit 802 is used for will be in the key string storage to key database in the prompting message.

As a kind of citing of the present embodiment, after the completion of user carries out login authentication simultaneously using the second client 702, the Two clients 702 store the corresponding key string of the user account, in next login authentication, the user account letter in verification information Breath is obtained from the key string stored in key database by the second client 702, and account number cipher is inputted again without user, The memory cost of user is reduced, user experience is improved.

The more detailed operation principle of this FTP client FTP can be, but not limited to refer to the related of embodiment 3 to steps flow chart It records.

Therefore the present invention also provides a kind of FTP client FTPs, by the first client 701 and the second client 702 Composition, the first client 701 include the 5th transmission unit 7011 and the 5th receiving unit 7012.5th transmission unit 7011 is used for It is sent to the first application server and include the first logging request of the first application identities, the 5th receiving unit 7012 is for reception the The identification code information that one application server is sent.Second client 702 includes the 6th receiving unit 7021, the 6th transmission unit 7022, the 7th receiving unit 7023 and the 7th transmission unit 7024.6th receiving unit 7021 is used for according to the first client exhibition The identification code information shown generates verification information.6th transmission unit 7022 is used to verification information being sent to the second application service Device, so that the second application server is transmitted to account management server and is verified.7th receiving unit 7023 is for receiving the The verification result of two application servers.7th transmission unit 7024 is used for after confirming to verification result, to the second application Server sends confirmation message, so that the second application server is transmitted to account management server, so that account management server It is sent to the first application server and logs in confirmation message, to make the first application server receive the first application of the first client It is logged in.Each client will individually be connect with cloud server compared with the prior art, FTP client FTP of the invention It is connect respectively with respective application server, client is avoided directly to be connect with account management server, reduce account management clothes The load of business device, and only user just allows the first application of the first client to step on after confirming to verification result Record, realizes the secondary-confirmation of log-on message, to improve the safety of login.

The above is the preferred embodiment of the present invention, it is noted that for those skilled in the art For, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications are also considered as Protection scope of the present invention.

Claims

1. a kind of login method, which is characterized in that including：

Receive the first logging request of the first application server transmission；Wherein, first logging request is sent out by the first client First application server is given, first logging request includes the first application identities；

The identification code information is sent to first application server, so that first application server is by the mark Code information is transmitted to first client, and first client is made to show the identification code information；

Receive the verification information of the second application server transmission；Wherein, the verification information be by the second client according to The identification code information of first client displaying and generate, and be transmitted to second application server；The verification information Including the identification code information and user account information；

The verification information is verified；

When being verified, verification result is sent to second application server, so that second application server forwards Confirmed to second client；

After receiving the confirmation message that second application server returns, it includes institute to be sent to first application server The login confirmation message of the first application identities is stated, so that first application server receives first client described in Corresponding first application of first application identities is logged in；Wherein, the confirmation message is sent to by second client Second application server.

2. login method according to claim 1, which is characterized in that it is described that the verification information is verified, specifically Including：

By the identification code information and user account information in the verification information, respectively correspondingly believe with the identification code in database Breath, user account information are compared, and judge whether all information are consistent；

If consistent, it is verified；

If not quite identical, verify and do not pass through.

3. login method according to claim 1, which is characterized in that the verification information further includes the first dynamic code；Institute Mark of first dynamic code by second client according to second client is stated, according to preconfigured dynamic code algorithm It calculates and generates；

By the first dynamic code, identification code information and the user account information in the verification information, respectively correspondingly with described Identification code information, user account information in two dynamic codes, database are compared, and judge whether all information are consistent；

If consistent, it is verified；

If not quite identical, verify and do not pass through.

4. login method according to claim 1, which is characterized in that the verification result includes：It is verified prompt letter It ceases, the client corresponding to the client of verification information described in the Apply Names that the application of request login is corresponding, requests verification The account name of information and request login account.

5. login method according to claim 1, which is characterized in that the verification information is to be taken via second application The verification information for device progress format checking and the qualification of being engaged in.

6. login method according to any one of claims 1 to 5, which is characterized in that described to answer receiving described second After confirmation message with server return, further include：

It is sent to second application server for prompting the prompting message that logins successfully of the first application, so that described the The prompting message is transmitted to second client by two application servers；

The key string is stored by second client into key database.

7. login method according to claim 6, which is characterized in that the user account information in the verification information is root It inputs according to user or is obtained from the key string stored in the key database by second client.

8. a kind of account management server, which is characterized in that including：

First receiving unit, the first logging request for receiving the transmission of the first application server；Wherein, first login is asked It asks and first application server is sent to by the first client, first logging request includes the first application identities；

First transmission unit is answered for the identification code information to be sent to first application server for described first The identification code information is transmitted to first client with server, first client is made to show the identification code letter Breath；

Second receiving unit, the verification information for receiving the transmission of the second application server；Wherein, the verification information is by Two clients are generated according to the identification code information that first client is shown, and are transmitted to second application service Device；The verification information includes the identification code information and user account information；

Authentication unit, for being verified to the verification information；

Second transmission unit sends verification result for when being verified to second application server, for described the Two application servers are transmitted to second client and are confirmed；

Third transmission unit, for receiving the confirmation message that second application server returns in the third receiving unit Afterwards, the login confirmation message for including first application identities is sent to first application server, so that described first answers Receive first client with server to be logged in by corresponding first application of first application identities；Wherein, institute It is to be sent to second application server by second client to state confirmation message.

9. account management server according to claim 8, which is characterized in that the authentication unit includes：

First judgment sub-unit is used for by the identification code information and user account information in the verification information, respectively correspondingly It is compared with the identification code information in database, user account information, judges whether all information are consistent；

With the first verification subelement, for when first judgment sub-unit determines that all information are consistent, determining that verification is logical It crosses；And for when first judgment sub-unit determines that all INFORMATION OF INCOMPLETEs are consistent, determining that verification does not pass through.

10. account management server according to claim 8, which is characterized in that the verification information further includes first dynamic State code；First dynamic code, according to the mark of second client, is moved by second client according to preconfigured State code algorithm, which calculates, to be generated；

The authentication unit includes：

Computation subunit, for according to the client identification and preconfigured dynamic code algorithm to prestore, it is dynamic to calculate acquisition second State code；

Second judgment sub-unit is used for the first dynamic code, identification code information and the user account information in the verification information, It is respectively correspondingly compared, judges all with the identification code information in second dynamic code, database, user account information Whether information is consistent；

With the second verification subelement, for when second judgment sub-unit determines that all information are consistent, determining that verification is logical It crosses；And for when second judgment sub-unit determines that all INFORMATION OF INCOMPLETEs are consistent, determining that verification does not pass through.

11. account management server according to claim 8, which is characterized in that the verification result includes：It is verified Corresponding to the client of verification information described in corresponding Apply Names of application that prompt message, request log in, requests verification The account name of client-side information and request login account.

12. account management server according to claim 8, which is characterized in that the verification information is via described the Two application servers carry out format checking and qualified verification information.

13. according to claim 8 to 12 any one of them account management server, which is characterized in that the account management clothes Business device further include：

4th transmission unit, for receiving the confirmation message that second application server returns in the third receiving unit Afterwards, it is sent to second application server for prompting the prompting message that logins successfully of the first application, so that described the The prompting message is transmitted to second client by two application servers；

The key string is stored by second client into key database.

14. account management server according to claim 13, which is characterized in that the user account in the verification information Information is to be inputted according to user or obtained from the key string stored in the key database by second client.

15. a kind of login method, which is characterized in that including：

First client sends the first logging request for including the first application identities to the first application server, so that described first First logging request is transmitted to account management server by application server, so that the account management server is according to institute The first application identities are stated, generate identification code information, and the identification code information is sent to first application server；

The identification code information that second client is shown according to first client generates verification information；Wherein, described to test It includes the identification code information and user account information to demonstrate,prove information；

The verification information is sent to the second application server by second client, so that second application server turns The account management server is issued, so that the account management server verifies the verification information；

Second client receives the verification result that second application server is sent；Wherein, the verification result be by The account management server authentication after the verification information by generating and sending to second application server；

Second client sends confirmation letter after confirming to the verification result, to second application server Breath, so that second application server is transmitted to the account management server, so that the account management server is to institute It states the first application server and sends the login confirmation message for including first application identities, to make first application service Device receives first client and is logged in by corresponding first application of first application identities.

16. login method according to claim 15, which is characterized in that the verification information further includes：First dynamic code；

17. login method according to claim 15, which is characterized in that the verification result includes being verified prompt letter It ceases, the client corresponding to the client of verification information described in the Apply Names that the application of request login is corresponding, requests verification The account name of information and request login account.

18. according to claim 15 to 17 any one of them login method, which is characterized in that pass through in first client After corresponding first application of first application identities is logged in, further include：

Second client receives the prompt for prompting the first application to login successfully that second application server is sent Message；Wherein, the prompting message is to be generated by the account management server and be transmitted to second application server；Institute Stating prompting message includes：The key string generated according to the user account information；

19. login method according to claim 18, which is characterized in that the user account information in the verification information is It is inputted according to user or is obtained from the key string stored in the key database by second client.

20. a kind of FTP client FTP, which is characterized in that including：First client and the second client；

Wherein, first client includes：

5th transmission unit, for sending the first logging request for including the first application identities to the first application server, so that First logging request is transmitted to account management server by first application server, so that the account management service Device generates identification code information, and the identification code information is sent to first application and is taken according to first application identities Business device；

Second client includes：

6th receiving unit, the identification code information for being shown according to first client generate verification information；Its In, the verification information includes the identification code information and user account information；

6th transmission unit, for the verification information to be sent to the second application server, so that second application service Device is transmitted to the account management server, so that the account management server verifies the verification information；

7th receiving unit, the verification result sent for receiving second application server；Wherein, the verification result is By the account management server authentication by being generated and sent after the verification information to second application server；

With the 7th transmission unit, for after confirming to the verification result, being sent to second application server true Information is recognized, so that second application server is transmitted to the account management server, so that the account management server The login confirmation message for including first application identities is sent to first application server, to make first application Server receives first client and is logged in by corresponding first application of first application identities.

21. FTP client FTP according to claim 20, which is characterized in that the verification information further includes：First dynamic Code；

22. FTP client FTP according to claim 20, which is characterized in that the verification result includes being verified prompt Client corresponding to the client of verification information described in corresponding Apply Names of application that information, request log in, requests verification The account name of client information and request login account.

23. according to claim 20 to 22 any one of them FTP client FTP, which is characterized in that second client is also wrapped It includes：

8th receiving unit, for being stepped on by corresponding first application of first application identities in first client After record, the prompting message for prompting the first application to login successfully that second application server is sent is received；Wherein, described Prompting message is to be generated by the account management server and be transmitted to second application server；The prompting message packet It includes：The key string generated according to the user account information；

24. FTP client FTP according to claim 23, which is characterized in that the user account information in the verification information It is to be inputted according to user or obtained from the key string stored in the key database by second client.