CN108462687A - Method, apparatus, terminal device and the storage medium that anti-brush logs in - Google Patents
Method, apparatus, terminal device and the storage medium that anti-brush logs in Download PDFInfo
- Publication number
- CN108462687A CN108462687A CN201810014424.1A CN201810014424A CN108462687A CN 108462687 A CN108462687 A CN 108462687A CN 201810014424 A CN201810014424 A CN 201810014424A CN 108462687 A CN108462687 A CN 108462687A
- Authority
- CN
- China
- Prior art keywords
- sequence number
- verification
- termination
- client
- brush
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
Abstract
The invention discloses a kind of method, apparatus, terminal device and storage mediums that anti-brush logs in, and are related to technical field of network security.This it is anti-brush log in method include:The login authentication request that client is sent is obtained, login authentication request includes Termination ID;Database is inquired based on Termination ID, judges to whether there is verification sequence number corresponding with Termination ID in database;If there is verification sequence number, judge whether verification sequence number is effective based on the sequence number information in verification sequence number;If verifying, sequence number is effective, updates the sequence number information of verification sequence number, generates graphical verification code corresponding with verification sequence number, and graphical verification code is sent to client corresponding with Termination ID.Server only makes a response the verification effective client of sequence number in this method, greatly reduces the danger trespassed by crack servers after multiple brush machine.
Description
Technical field
The present invention relates to network safety filed more particularly to a kind of method, apparatus, terminal device and storages that anti-brush logs in
Medium.
Background technology
C/S (Client/Server, client and server) structure is common Internet architecture, by making full use of
Task is reasonably allocated to client and server to realize by the advantage of both ends hardware environment.For the safety of safeguard service device,
It needs to carry out authentication to client before server execution task in C/S structures, is common certification by graphical verification code
Mode.Graphical verification code authentication mode does not have anti-brush mechanism mostly at present, and safety is not high.
Invention content
The embodiment of the present invention provides a kind of method, apparatus, terminal device and storage medium that anti-brush logs in, current to solve
Graphical verification code authentication mode does not have anti-brush mechanism, the not high problem of safety mostly.
In a first aspect, the embodiment of the present invention provides a kind of method that anti-brush logs in, including:
The login authentication request that client is sent is obtained, login authentication request includes Termination ID;
Database is inquired based on Termination ID, judges to whether there is verification sequence number corresponding with Termination ID in database;
If there is verification sequence number, judge to verify whether sequence number has based on the sequence number information in verification sequence number
Effect;
If verifying, sequence number is effective, updates the sequence number information of verification sequence number, generates corresponding with verification sequence number
Graphical verification code, and graphical verification code is sent to client corresponding with Termination ID.
Second aspect, the embodiment of the present invention provide a kind of device that anti-brush logs in, including:
Login authentication request module is obtained, the login authentication request for obtaining client transmission, login authentication request bag
Include Termination ID;
Judgement verification sequence number module judges to whether there is and end in database for inquiring database based on Termination ID
Hold the corresponding verification sequence numbers of ID;
The effective module of sequence number is judged, if for there is verification sequence number, based on the sequence number letter in verification sequence number
Breath judges whether verification sequence number is effective;
Graphical verification code module is sent, if effective for verifying sequence number, updates the sequence number information of verification sequence number,
Graphical verification code corresponding with verification sequence number is generated, and graphical verification code is sent to client corresponding with Termination ID
End.
Third aspect present invention provides a kind of terminal device, including memory, processor and is stored in the memory
In and the computer program that can run on the processor, the processor realize such as this hair when executing the computer program
The step of method that the bright anti-brush logs in.
Fourth aspect present invention provides a kind of computer readable storage medium, and the computer-readable recording medium storage has
Computer program realizes anti-the step of brushing the method logged in as described herein when the computer program is executed by processor.
It is provided in an embodiment of the present invention it is anti-brush log in method, apparatus, terminal device and storage medium, be by judge with
Whether the Termination ID of client corresponding verification sequence number is effectively realized.If there is verification sequence number in database, and
When verify sequence number it is effective when, generate with the corresponding graphical verification code of verification sequence number, and graphical verification code is sent to and
The corresponding client of Termination ID.Server only makes a response the verification effective client of sequence number, on the one hand greatly reduces
The danger trespassed by crack servers after multiple brush machine.
Description of the drawings
In order to illustrate the technical solution of the embodiments of the present invention more clearly, below by institute in the description to the embodiment of the present invention
Attached drawing to be used is needed to be briefly described, it should be apparent that, the accompanying drawings in the following description is only some implementations of the present invention
Example, for those of ordinary skill in the art, without having to pay creative labor, can also be according to these attached drawings
Obtain other attached drawings.
Fig. 1 is a flow chart of the method that anti-brush logs in the embodiment of the present invention 1.
Fig. 2 is another particular flow sheet for the method that anti-brush logs in the embodiment of the present invention 1.
Fig. 3 is another particular flow sheet for the method that anti-brush logs in the embodiment of the present invention 1.
Fig. 4 is a functional block diagram of the device that anti-brush logs in the embodiment of the present invention 2.
Fig. 5 is a schematic diagram of terminal device in the embodiment of the present invention 4.
Specific implementation mode
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation describes, it is clear that described embodiments are some of the embodiments of the present invention, instead of all the embodiments.Based on this hair
Embodiment in bright, the every other implementation that those of ordinary skill in the art are obtained without creative efforts
Example, shall fall within the protection scope of the present invention.
Embodiment 1
Fig. 1 shows the flow chart for the method that anti-brush logs in the present embodiment.The present embodiment is applied in C/S (Client/
Server, client and server) structure Internet architecture in, wherein the executive agent of this programme is equipped with database
Server.As shown in Figure 1, the method that the anti-brush logs in includes the following steps:
S10. the login authentication request that client is sent is obtained, login authentication request includes Termination ID.
Specifically, the client in the present embodiment includes but not limited to smart mobile phone, computer, PAD etc. for user's typing
The terminal that information is interacted with server.
Login authentication request is that (verification information can be User ID to the entrance typing verification information that is provided from client of user
With user password etc.) after, the request for establishing secure connection is sent to server.
Termination ID is the mark for the client for sending login authentication request for identification.Server can be according to the Termination ID
Determine that it is the IP address of client for identification or log in MAC Address etc..
The present embodiment asks Connection Service device by the login authentication that client is sent, and can be established in server and client
The safety of client is confirmed before secure connection.
S20. it is based on Termination ID and inquires database, judge to whether there is verification sequence corresponding with Termination ID in database
Number.
It is that first log into checking request of the server based on any client gives client corresponding terminal to verify sequence number
The one number of ID distribution.Server subsequently can client-based Termination ID, it is corresponding that the client is searched from database
Verify sequence number.
Client-based Termination ID in the present embodiment, in the database storage with the associated verification sequence number of Termination ID,
The verification sequence number that the Termination ID can be matched rapidly in the server of storage mass data, obtains the corresponding visitor of the Termination ID
The sequence number information at family end carries out safety verification to be based on the sequence number information.
If S30. there is verification sequence number, judge whether verify sequence number based on the sequence number information in verification sequence number
Effectively.
Specifically, sequence number information is the login situation of record and the verification associated Termination ID of sequence number, for example verifies sequence
Login times, verification period and the effective degree of row number.The verification period be server be set according to actual conditions limiting
The time of client login times;Effective degree is most logins within the verification period that server is set according to actual conditions
Number;Login times are the numbers for the login authentication request that client is sent.
Further, if the current time in system is within the verification period, and the corresponding login times of Termination ID are obtained effective
In number, then it is effective to verify sequence number, on the contrary then invalid.Judging whether verification sequence number is effective based on sequence number information
When, the current time in system need to be judged whether within the verification period of sequence number information, and judges the corresponding login times of Termination ID
Whether in the effective degree of sequence number information, if the current time in system within the verification period, and obtains that Termination ID is corresponding steps on
Number is recorded in effective degree, then it is effective to verify sequence number;If the current time in system not verification the period in or login times not
In effective degree, then invalid sequence number is verified.
In the present embodiment, the sequence number information of client can be known rapidly by sequence number information, to be based on the sequence
Row information judges the validity of verification sequence number, provides corresponding feedback action.
When server often gets a login authentication information, a pair sequence for verification sequence number corresponding with its Termination ID is needed
Number information is updated, so that its sequence number information changes in real time, volatile data base (such as REDIS) may be used in the present embodiment
Store sequence number information.REDIS is that a use ANSI C language increased income is write, supports network, can also be held based on memory
Log type, the Key-Value databases changed long.Quick search can be realized using REDIS storages sequence number information.
For example, can be 2 minutes by verification slot setup, effective degree be set as 20 times.That is, if client is at 2 points
Login times in clock are less than 20 times, then the verification sequence number of the client is also effective.It is to be appreciated that if client is 2
Login times in minute reach 20 times, then the verification invalid sequence number of the client.
In the present embodiment, effective degree is less than by the login times being limited in the limited verification period, it may be determined that
It is effective to verify sequence number, improves the whether effective authenticity of confirmation verification sequence number and accuracy.
If S40. verification sequence number is effective, the sequence number information of verification sequence number is updated, is generated and verification sequence number phase
Corresponding graphical verification code, and graphical verification code is sent to client corresponding with Termination ID.
Specifically, verification sequence number effectively meets preset requirement including the verification associated sequence number information of sequence number, including
But it is not limited to:The login times of verification sequence number are in effective degree etc. within the verification period of verification sequence number.
Server receives the request of this login authentication, based on getting sequence number information associated with Termination ID
When progress Effective judgement determines that its verification sequence number is effective, then the dynamic content in renewal sequence information is needed, for example, testing
Demonstrate,prove the login times of sequence number.Specifically, it is asked when server receives new login authentication, and effective in verification sequence number
When, so that the login times of verification sequence number is added 1, and so on.
In the present embodiment, the login authentication request of client is defined, only to the verification effective client of sequence number
Graphical verification code is sent, effectively ensures the malice brush machine that server is initiated from client.
The method that anti-brush provided in this embodiment logs in, is by judging verification sequence corresponding with the Termination ID of client
Whether row number is effectively realized.If there is verification sequence number in database, and when verification sequence number is effective, generate and verification
The corresponding graphical verification code of sequence number, and graphical verification code is sent to client corresponding with Termination ID.Server is only
The verification effective client of sequence number is made a response, is on the one hand greatly reduced illegal by crack servers after multiple brush machine
The danger of intrusion;On the other hand, it because being accessed by the associated verification sequence number limitation of Termination ID, is no longer limited and is accessed by IP
Server, the user experience is improved.
In a specific embodiment, as shown in Figure 1, after step S30, i.e., based on the sequence in verification sequence number
Number information judges after verifying the whether effective step of sequence number that method that the anti-brush logs in further includes:
If S50. verifying invalid sequence number, Termination ID is arranged in the verification sequence number in the library that clears data in the database
Login status be lock-out state, and to client send login failure information.
Specifically, if verification invalid sequence number, the i.e. associated sequence number information of current authentication sequence number do not meet default want
The case where asking.It is to be appreciated that the login times of verification sequence number are more than effective degree within the verification period of verification sequence number,
It can assert the verification invalid sequence number.
The login times of verification sequence number are more than effective degree within the verification period of verification sequence number, illustrate that client exists
Verify multiple login service device in the period, it is understood that there may be the unsafe factor of client.At this point, Termination ID is arranged in the database
Login status be lock-out state, preset time, such as 2 hours or 1 day are set as during the locking that state can be locked,
The client is locked, the login authentication request of client initiation is refused.While locking, by the corresponding verification sequence of the client
Row number is also deleted in the database, mitigates the redundant data of database, and conducive to client after unlock login service again
Device.In the present embodiment, the client of invalid sequence number being verified by locking, can be effectively protected server, malice is avoided to brush
Machine.
Login failure information is the notification information that server is sent to client, to notify client login failure, and
By client during locking the fixed information of internal lock.The login failure information is sent to client by server, for reminding visitor
Family end can just access server again later during locking.
In a specific embodiment, as shown in Figure 1, before step S20, namely whether there is in judging database
Before the step of verification sequence number corresponding with Termination ID, the method that anti-brush logs in further includes:
S60. judge whether the corresponding login status of Termination ID is lock-out state.
Specifically, there are a variety of situations for the client of login service device:It logs in, stepped on when verification sequence number is effective for the first time
Record, login etc. after login, locked period login, unlock when verifying invalid sequence number, client is locked in these situations
When period logs in, the corresponding login status of Termination ID is lock-out state.Server needs receiving stepping on for client transmission
After recording checking request, the login situation of the client is distinguished rapidly, so as to the feedback made a response.
In the present embodiment, judge whether client is in the lock state first by the Termination ID of client, it can be quick
Ground responds to the login authentication request that client is sent.
If S70. login status is lock-out state, login failure information is sent to client.
Specifically, login failure information is the notification information that server is sent to client, to notify client to log in
Failure, and by client during locking the fixed information of internal lock.The login failure information is sent to client by server, is used for
Remind client during locking after just can login service device again.
In the present embodiment, by sending login failure information to client, is reminded accordingly to client, improve user
Experience.
If S80. login status is not lock-out state, executes and judge in database with the presence or absence of corresponding with Termination ID
The step of verifying sequence number.
Specifically, can be with the preliminary judgement client temporarily for security client if login status is not lock-out state, it can
To carry out the judgement of the subsequently verification sequence number for the client.Here not be lock-out state include but not limited to for the first time
Log in, verify sequence number it is effective when log in, when verify invalid sequence number log in and unlock after login etc. situations.
In the present embodiment, judge that client is not locked out first, i.e., be not lock-out state, it is peace that can confirm client temporarily
Full client can execute rapidly subsequent verification step (i.e. the step of after step S20), improve verification efficiency.
In a specific embodiment, as shown in Figure 1, after step S20, namely whether there is in judging database
After the step of verification sequence number corresponding with Termination ID, the method which logs in further includes:
If verification sequence number is S90. not present, the corresponding verification sequence number of terminal ID assignment, initialization verification sequence are given
Number sequence number information, generate and verify the associated graphical verification code of sequence number, graphical verification code is sent to and Termination ID
Corresponding client.
Specifically, corresponding verification sequence number is not present in the Termination ID of client, and the terminal is not present in database of descriptions
The sequence number information of ID, server need to establish new record to the Termination ID, subsequently to identify the client.Further
Corresponding verification sequence number is established on ground based on the Termination ID, is based on the verification sequence number, establishes corresponding sequence number letter
Breath, to establish complete record information in the server to the client.In the present embodiment, the sequence of initialization verification sequence number
Row information refers to that the login times in its sequence number information are set as 1, subsequently often to receive same client hair
When the login authentication request sent, 1 can be added on the basis of the login times of last registration, in order to be based on the verification of its login times
Whether effective verify sequence number.
It is to be appreciated that when to there is no when the client distribution verification sequence number of verification sequence number, illustrate the client
It is first login server, can temporarily regards as safe client and send graphical verification code.
In the present embodiment, by the client distribution verification sequence number to first login server, and relevant sequence is established
Row information, when being conducive to the follow-up client application login service device, server is made according to the sequence number information of the client
Response.
In a specific embodiment, as shown in Fig. 2, the method that the anti-brush that the present embodiment proposes logs in further includes:Sequence
Number information includes verification period and effective degree.
S110. timing more new command is obtained, timing more new command includes program ID.
Specifically, timing more new command is the instruction for initiating effective degree in renewal sequence information.Program ID is
For identifying the unique number each instructed, server can call different program instructions by program ID.
S120. at the end of the current time in system is each verification period, more new procedures corresponding with program ID are triggered,
The effective degree of renewal sequence information is zero.
Further, at the end of each verification period, the verification period corresponding verification sequence number there is also, it was demonstrated that should
Verify that sequence number is also effective namely login times of client are in effective degree.The Yin Ben verification periods, the client was corresponding
Sequence number is effective, can tentatively confirm that client is security client, can distribute next verification period to client.It is appreciated that
Ground, at this time by the corresponding effective degree zero setting of the verification sequence number, when exactly continuing to continue a verification to the verification sequence number
Section.
For example, can be 2 minutes by verification slot setup, effective degree be set as 20 times.That is, if client is at 2 points
Login times in clock are less than 20 times, then the client can preliminary judgement be safety client, which can protect
It stays and corresponds to and open next verification period.It is to be appreciated that the corresponding verification sequence number of the client is at first in 2 minutes
Login times are in effective degree, then at second in 2 minutes, the maximum login times of the verification sequence number can also be 19
It is secondary.At this time, it is necessary at the end of first 2 minutes verification period, the corresponding effective degree of the verification sequence number is reset,
It is counted to re-start.
In the present embodiment, server is automatically continued to the verification effective client of sequence number continues next verification period,
While ensureing Server Security, also it is conducive to promote customer experience.
In a specific embodiment, as shown in figure 3, graphical verification code is sent to client corresponding with Termination ID
After the step of end, the method which logs in further includes:
S130. the access checking request that client is sent is obtained, it includes Termination ID and current verification code to access checking request.
Specifically, it is the graphical verification code that client is sent based on server to access checking request, is worked as to server transmission
Preceding identifying code, the request that current verification code is verified to server.
In the present embodiment, server is by verifying the current verification code that client is sent, for further determining
The safety of client can avoid the malice brush machine that server is initiated by client.
S140. it is based on Termination ID and obtains corresponding graphical verification code.
Specifically, when the corresponding client of each Termination ID sends access checking request to server, server can be based on
Termination ID inquiry obtains storage graphical verification code in the database, current to be inputted with client based on the graphical verification code
Identifying code carries out matching verification.It is to be appreciated that graphical verification code is being sent to the corresponding client of Termination ID by server
Later, which need to be stored in the database, safety verification is carried out in order to subsequently be based on the graphical verification code.
It, can be to client by obtaining the corresponding graphical verification code of Termination ID of server storage in the present embodiment
Safe condition is decision making, simple and effective.
If S150. current verification code matches with graphical verification code, by accessing checking request.
It, can be fast by the matched client of graphical verification code in the current verification code and server of transmission in the present embodiment
Speed is by accessing checking request, while simplifying proving program, it is also ensured that the safety of server.
If S160. current verification code is mismatched with graphical verification code, execute based on the sequence number letter in verification sequence number
Breath judges to verify the whether effective step of sequence number.
Specifically, if current verification code is mismatched with graphical verification code, server is needed to be confirmed whether to send figure again
Identifying code is verified to client, that is, needs to inquire database, acquisition and terminal based on the Termination ID accessed in checking request
The corresponding verification sequence numbers of ID, then execute and judge whether verification sequence number effective based on the sequence number information in verification sequence number
The step of (i.e. step S30).
Further, by the corresponding verification sequence number of Termination ID, the sequence number information based on verification sequence number record
(such as the login times of verification sequence number, verification period and effective degree etc.), whether decision verification sequence number is effective, if having
Effect then needs update sequence number information corresponding with Termination ID, and sends graphical verification code to client, to remind client weight
New input accesses checking request.
The sequence number information that can know client rapidly by sequence number information is judged to verify the effective of sequence number
Property, provide corresponding feedback action.
In the present embodiment, the access checking request with current verification code sent by obtaining client can be first
Match the safety of client surely by graphical verification code and current authentication, it is simple and effective;When graphical verification code is not verified
When, then the corresponding sequence number information of the Termination ID is judged, to make feedback action.
It should be understood that the size of the serial number of each step is not meant that the order of the execution order in above-described embodiment, each process
Execution sequence should be determined by its function and internal logic, the implementation process without coping with the embodiment of the present invention constitutes any limit
It is fixed.
Embodiment 2
The functional block diagram for the device that the one-to-one anti-brush of method that Fig. 5 is shown with anti-brush logs in embodiment 1 logs in.Such as
Shown in Fig. 5, the device which logs in includes obtaining login authentication request module 10, judging verification sequence number module 20, judge
The effective module 30 of sequence number and transmission graphical verification code module 40.Wherein, it obtains login authentication request module 10, judge verification sequence
Row number module 20 judges the effective module 30 of sequence number and sends anti-brush in the realization function and embodiment of graphical verification code module 40
The corresponding step of method of login corresponds, and to avoid repeating, the present embodiment is not described in detail one by one.
Login authentication request module 10 is obtained, the login authentication request for obtaining client transmission, login authentication request
Including Termination ID.
Judge verification sequence number module 20, for inquiring database based on Termination ID, judge in database with the presence or absence of with
The corresponding verification sequence number of Termination ID.
The effective module 30 of sequence number is judged, if for there is verification sequence number, based on the sequence number in verification sequence number
Information judges whether verification sequence number is effective.
Graphical verification code module 40 is sent, if effective for verifying sequence number, updates the sequence number letter of verification sequence number
Breath generates graphical verification code corresponding with verification sequence number, and graphical verification code is sent to visitor corresponding with Termination ID
Family end.
Preferably, as shown in figure 5, the device that the anti-brush logs in further includes removing verification sequence number module 50.Wherein, it removes
The realization function step corresponding with the method that anti-brush logs in embodiment for verifying sequence number module 50 corresponds, to avoid going to live in the household of one's in-laws on getting married
It states, the present embodiment is not described in detail one by one.Verification sequence number module 50 is removed, if for verifying invalid sequence number, clear data library
In verification sequence number, in the database be arranged Termination ID login status be lock-out state, and to client send log in lose
Lose information.
Preferably, as shown in figure 5, the device that the anti-brush logs in further includes judging lock-out state module 60, sending to log in and lose
It loses information module 70 and executes verification sequence number module 80.Wherein, judge lock-out state module 60, send login failure information mould
Block 70 and the realization function of executing verification sequence number module 80 step 1 corresponding with the method that anti-brush logs in embodiment are a pair of
It answers, to avoid repeating, the present embodiment is not described in detail one by one.
Lock-out state module 60 is judged, for judging whether the corresponding login status of Termination ID is lock-out state.
Login failure information module 70 is sent, if being lock-out state for login status, sends to log in client and lose
Lose information.
Execute verification sequence number module 80, if being not lock-out state for login status, execute judge be in database
It is no to there is the step of verification sequence number corresponding with Termination ID.
Preferably, as shown in figure 5, the device that the anti-brush logs in further includes distribution verification sequence number module 90.Wherein, it distributes
The realization function step corresponding with the method that anti-brush logs in embodiment for verifying sequence number module 90 corresponds, to avoid going to live in the household of one's in-laws on getting married
It states, the present embodiment is not described in detail one by one.
Distribution verification sequence number module 90, if for there is no verification sequence number, gives the corresponding verification of terminal ID assignment
Sequence number, the sequence number information of initialization verification sequence number, generates graphical verification code associated with verification sequence number, by figure
Identifying code is sent to client corresponding with Termination ID.
Preferably, judge the effective module 30 of sequence number, if for the current time in system within the verification period, and obtain terminal
For the number of ID corresponding login authentication requests in effective degree, then it is effective to verify sequence number, on the contrary it is then in vain.
Preferably, as shown in figure 5, the device that the anti-brush logs in further includes obtaining update instruction module 110 and update of setting out
Program module 120.Wherein, the realization function and embodiment 1 of update instruction module 110 and the more new program module 120 that sets out are obtained
In step S110 and S120 corresponding to the method that logs in of anti-brush correspond, to avoid repeating, the present embodiment is not described in detail one by one.
Update instruction module 110 is obtained, for obtaining timing more new command, timing more new command includes program ID and triggering
Time.
Set out more new program module 120, for when the current time in system is the triggered time, triggering to be corresponding with program ID
More new procedures, remove the current time in system not verification the period verification sequence number.
Preferably, as shown in figure 5, device that the anti-brush logs in further includes obtaining access request module 130, obtaining figure and test
Demonstrate,prove code module 140, by accessing checking request module 150, denied access checking request module 160.Wherein, access request is obtained
Module 130 obtains graphical verification code module 140, by accessing checking request module 150, denied access checking request module 160
Realization function corresponded with the corresponding step of method that anti-brush logs in embodiment, to avoid repeating, the present embodiment differs
One is described in detail.
Access request module 130 is obtained, the access checking request for obtaining client transmission, accessing checking request includes
Termination ID and current verification code.
Graphical verification code module 140 is obtained, for obtaining corresponding graphical verification code based on Termination ID.
Pass through access if matching for current verification code and graphical verification code by accessing checking request module 150
Checking request.
Denied access checking request module 160, if being mismatched for current verification code and graphical verification code, execution is based on
Sequence number information in verification sequence number judges to verify the whether effective step of sequence number.
Embodiment 3
The present embodiment provides a computer readable storage medium, computer journey is stored on the computer readable storage medium
Sequence realizes the method that anti-brush logs in embodiment 1, to avoid repeating, here no longer when the computer program is executed by processor
It repeats.Alternatively, realizing each module/unit in the device that anti-brush logs in embodiment 2 when the computer program is executed by processor
Function, to avoid repeating, which is not described herein again.
Embodiment 4
Fig. 5 is the schematic diagram for device/terminal device that the anti-brush that one embodiment of the invention provides logs in.As shown in figure 5, should
Device/terminal device 500 that the anti-brush of embodiment logs in includes:Processor 510, memory 520 and it is stored in memory 520
In and the computer program 530 that can be run on processor 510, such as program that anti-brush logs in.Processor 510 executes computer
The step in the embodiment of the method that above-mentioned each anti-brush logs in, such as step S10 to S40 shown in FIG. 1 are realized when program 530.
Alternatively, processor 510 realizes the function of each module/unit in above-mentioned each device embodiment when executing computer program 530, such as
The function of module 10 to 40 shown in Fig. 5.
Illustratively, computer program 530 can be divided into one or more module/units, one or more mould
Block/unit is stored in memory 520, and is executed by processor 510, to complete the present invention.One or more module/units
Can be the series of computation machine program instruction section that can complete specific function, the instruction segment is for describing computer program 530
Implementation procedure in device/terminal device 500 that anti-brush logs in.It is stepped on for example, computer program 530 can be divided into acquisition
Record checking request module 10 judges verification sequence number module 20, judges the effective module 30 of sequence number and sends graphical verification code mould
Block 40 (module in virtual bench), each module concrete function are corresponded with the step of method that anti-brush logs in embodiment 1,
To avoid repeating, do not repeat one by one herein.
Device/terminal device 500 that anti-brush logs in can be desktop PC, notebook, palm PC and high in the clouds clothes
The computing devices such as business device.Device/terminal device that anti-brush logs in may include, but be not limited only to, processor 510, memory 520.
It will be understood by those skilled in the art that Fig. 5 is only the example for device/terminal device 500 that anti-brush logs in, do not constitute to anti-
The restriction for brushing the device/terminal device 500 logged in may include than illustrating more or fewer components, or the certain portions of combination
Part or different components, such as device/terminal device that anti-brush logs in can also include input-output equipment, network insertion
Equipment, bus etc..
Alleged processor 510 can be central processing unit (Central Processing Unit, CPU), can also be
Other general processors, digital signal processor (Digital Signal Processor, DSP), application-specific integrated circuit
(Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field-
Programmable Gate Array, FPGA) either other programmable logic device, discrete gate or transistor logic,
Discrete hardware components etc..General processor can be microprocessor or the processor can also be any conventional processor
Deng.
Memory 520 can be the internal storage unit for device/terminal device 500 that anti-brush logs in, such as the login of anti-brush
Device/terminal device 500 hard disk or memory.Memory 520 can also be device/terminal device 500 that anti-brush logs in
The plug-in type hard disk being equipped on External memory equipment, such as device/terminal device 500 of anti-brush login, intelligent memory card
(Smart Media Card, SMC), secure digital (Secure Digital, SD) card, flash card (Flash Card) etc..Into
One step, memory 520 can also be both including the anti-internal storage unit for brushing the device/terminal device 500 logged in or including outer
Portion's storage device.Memory 520 is used to store other journeys needed for device/terminal device that computer program and anti-brush log in
Sequence and data.Memory 520 can be also used for temporarily storing the data that has exported or will export.
It is apparent to those skilled in the art that for convenience of description and succinctly, only with above-mentioned each work(
Can unit, module division progress for example, in practical application, can be as needed and by above-mentioned function distribution by different
Functional unit, module are completed, i.e., the internal structure of device are divided into different functional units or module, to complete above description
All or part of function.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, it can also
It is that each unit physically exists alone, it can also be during two or more units be integrated in one unit.Above-mentioned integrated list
The form that hardware had both may be used in member is realized, can also be realized in the form of SFU software functional unit.
If the integrated module/unit be realized in the form of SFU software functional unit and as independent product sale or
In use, can be stored in a computer read/write memory medium.Based on this understanding, the present invention realizes above-mentioned implementation
All or part of flow in example method, can also instruct relevant hardware to complete, computer journey by computer program
Sequence can be stored in a computer readable storage medium, and the computer program is when being executed by processor, it can be achieved that above-mentioned each
The step of embodiment of the method.Wherein, computer program includes computer program code, and computer program code can be source code
Form, object identification code form, executable file or certain intermediate forms etc..The computer-readable medium may include:It can
Carry any entity or device, recording medium, USB flash disk, mobile hard disk, magnetic disc, CD, computer of the computer program code
Memory, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access
Memory), electric carrier signal, telecommunication signal and software distribution medium etc..It should be noted that the computer-readable medium
Including content can carry out increase and decrease appropriate according to legislation in jurisdiction and the requirement of patent practice, such as in certain departments
Method administrative area, according to legislation and patent practice, computer-readable medium is including being not electric carrier signal and telecommunication signal.
Embodiment described above is merely illustrative of the technical solution of the present invention, rather than its limitations;Although with reference to aforementioned reality
Applying example, invention is explained in detail, it will be understood by those of ordinary skill in the art that:It still can be to aforementioned each
Technical solution recorded in embodiment is modified or equivalent replacement of some of the technical features;And these are changed
Or replace, the spirit and scope for various embodiments of the present invention technical solution that it does not separate the essence of the corresponding technical solution should all
It is included within protection scope of the present invention.
Claims (10)
1. a kind of method that anti-brush logs in, which is characterized in that including:
The login authentication request that client is sent is obtained, the login authentication request includes Termination ID;
Database is inquired based on the Termination ID, judges to whether there is verification corresponding with the Termination ID in the database
Sequence number;
If there are the verification sequence number, the verification sequence number is judged based on the sequence number information in the verification sequence number
Whether effectively;
If the verification sequence number is effective, the sequence number information of the verification sequence number is updated, is generated and verification sequence number phase
Corresponding graphical verification code, and the graphical verification code is sent to client corresponding with the Termination ID.
2. the method that anti-brush as described in claim 1 logs in, which is characterized in that the method that the anti-brush logs in further includes:
If the verification invalid sequence number, the verification sequence number in the database is removed, is set in the database
The login status for setting the Termination ID is lock-out state, and sends login failure information to the client.
3. the method that anti-brush as described in claim 1 logs in, which is characterized in that judge whether deposited in the database described
Before the verification sequence number corresponding with the Termination ID the step of, the method that the anti-brush logs in further includes:
Judge whether the corresponding login status of the Termination ID is lock-out state;
If the login status is lock-out state, login failure information is sent to the client;
If the login status is not lock-out state, executes and judge in the database with the presence or absence of opposite with the Termination ID
The step of verification sequence number answered.
4. the method that anti-brush as described in claim 1 logs in, which is characterized in that the method that the anti-brush logs in further includes:
If the verification sequence number is not present, the corresponding verification sequence number of the terminal ID assignment is given, the verification is initialized
The sequence number information of sequence number generates graphical verification code associated with the verification sequence number, the graphical verification code is sent out
Give client corresponding with the Termination ID.
5. the method that anti-brush as described in claim 1 logs in, which is characterized in that the sequence number information include the verification period,
Login times and effective degree;
The sequence number information based in the verification sequence number judges whether the verification sequence number is effective, including:
If the current time in system obtains the corresponding login times of the Termination ID described effectively secondary within the verification period
In number, then the verification sequence number is effective, on the contrary then invalid.
6. the method that anti-brush as described in claim 1 logs in, which is characterized in that the sequence number information include the verification period and
Effective degree;
It is described it is anti-brush log in method further include:
Timing more new command is obtained, the timing more new command includes program ID;
At the end of the current time in system is each verification period, more new procedures corresponding with described program ID are triggered,
The effective degree for updating the sequence number information is zero.
7. the method that anti-brush as described in claim 1 or 4 logs in, which is characterized in that send out the graphical verification code described
After the step of giving client corresponding with the Termination ID, the method further includes:
The access checking request that client is sent is obtained, the access checking request includes Termination ID and current verification code;
Corresponding graphical verification code is obtained based on the Termination ID;
If the current verification code matches with the graphical verification code, pass through the access checking request;
If the current verification code is mismatched with the graphical verification code, execute based on the sequence number information in verification sequence number
Judge to verify the whether effective step of sequence number.
8. a kind of device that anti-brush logs in, which is characterized in that including:
Login authentication request module is obtained, the login authentication request for obtaining client transmission, the login authentication request bag
Include Termination ID;
Judge verification sequence number module, for inquiring database based on the Termination ID, judges to whether there is in the database
Verification sequence number corresponding with the Termination ID;
The effective module of sequence number is judged, if for there are the verification sequence numbers, based on the sequence in the verification sequence number
Number information judges whether the verification sequence number is effective;
Graphical verification code module is sent, if effective for the verification sequence number, updates the sequence number of the verification sequence number
Information generates graphical verification code corresponding with verification sequence number, and the graphical verification code is sent to and the Termination ID
Corresponding client.
9. a kind of terminal device, including memory, processor and it is stored in the memory and can be on the processor
The computer program of operation, which is characterized in that the processor realizes such as claim 1 to 7 when executing the computer program
The step of method that any one anti-brush logs in.
10. a kind of computer readable storage medium, the computer-readable recording medium storage has computer program, feature to exist
In the step for the method that realization anti-brush as described in any one of claim 1 to 7 logs in when the computer program is executed by processor
Suddenly.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810014424.1A CN108462687B (en) | 2018-01-08 | 2018-01-08 | Anti-swipe login method and device, terminal device and storage medium |
| PCT/CN2018/077313 WO2019134234A1 (en) | 2018-01-08 | 2018-02-27 | Rooting-prevention log-in method, device, terminal apparatus, and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810014424.1A CN108462687B (en) | 2018-01-08 | 2018-01-08 | Anti-swipe login method and device, terminal device and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108462687A true CN108462687A (en) | 2018-08-28 |
| CN108462687B CN108462687B (en) | 2020-02-14 |
Family
ID=63221218
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810014424.1A Active CN108462687B (en) | 2018-01-08 | 2018-01-08 | Anti-swipe login method and device, terminal device and storage medium |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN108462687B (en) |
| WO (1) | WO2019134234A1 (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109508531A (en) * | 2018-10-17 | 2019-03-22 | 航天信息股份有限公司 | Sign and issue the method, apparatus and storage medium of soft certificate |
| CN110161873A (en) * | 2019-06-12 | 2019-08-23 | 南京东屋电气有限公司 | A kind of method and system of smart home sensor low power consumption data safe transmission |
| CN110768995A (en) * | 2019-10-30 | 2020-02-07 | 北京达佳互联信息技术有限公司 | Security verification method, device and system |
| CN111181722A (en) * | 2020-03-06 | 2020-05-19 | 联想(北京)有限公司 | Authentication method and system |
| CN111585956A (en) * | 2020-03-31 | 2020-08-25 | 完美世界(北京)软件科技发展有限公司 | Website anti-brushing verification method and device |
| CN112866179A (en) * | 2019-11-27 | 2021-05-28 | 北京沃东天骏信息技术有限公司 | Current limiting method and current limiting device |
| CN112950236A (en) * | 2021-03-31 | 2021-06-11 | 四川虹美智能科技有限公司 | Serial number writing method and device and computer readable medium |
| CN113486344A (en) * | 2021-07-14 | 2021-10-08 | 北京奇艺世纪科技有限公司 | Interface anti-brushing method and device, server and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102300182A (en) * | 2011-09-07 | 2011-12-28 | 飞天诚信科技股份有限公司 | Short-message-based authentication method, system and device |
| CN105897670A (en) * | 2015-11-13 | 2016-08-24 | 乐视云计算有限公司 | Website user login authentication method and system |
| CN106789855A (en) * | 2015-11-25 | 2017-05-31 | 北京奇虎科技有限公司 | The method and device of user login validation |
| US9767040B2 (en) * | 2015-08-31 | 2017-09-19 | Salesforce.Com, Inc. | System and method for generating and storing real-time analytics metric data using an in memory buffer service consumer framework |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1832401A (en) * | 2006-04-06 | 2006-09-13 | 陈珂 | Method for protecting safety of account number cipher |
| CN102546914A (en) * | 2010-12-27 | 2012-07-04 | 梁志龙 | Automatic login system based on smart phone and control method |
| US20170017890A1 (en) * | 2015-07-14 | 2017-01-19 | Jewel Dohan | Method and System For Identifying Potentially Successful Dating Relationship |
-
2018
- 2018-01-08 CN CN201810014424.1A patent/CN108462687B/en active Active
- 2018-02-27 WO PCT/CN2018/077313 patent/WO2019134234A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102300182A (en) * | 2011-09-07 | 2011-12-28 | 飞天诚信科技股份有限公司 | Short-message-based authentication method, system and device |
| US9767040B2 (en) * | 2015-08-31 | 2017-09-19 | Salesforce.Com, Inc. | System and method for generating and storing real-time analytics metric data using an in memory buffer service consumer framework |
| CN105897670A (en) * | 2015-11-13 | 2016-08-24 | 乐视云计算有限公司 | Website user login authentication method and system |
| CN106789855A (en) * | 2015-11-25 | 2017-05-31 | 北京奇虎科技有限公司 | The method and device of user login validation |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109508531A (en) * | 2018-10-17 | 2019-03-22 | 航天信息股份有限公司 | Sign and issue the method, apparatus and storage medium of soft certificate |
| CN110161873A (en) * | 2019-06-12 | 2019-08-23 | 南京东屋电气有限公司 | A kind of method and system of smart home sensor low power consumption data safe transmission |
| CN110768995A (en) * | 2019-10-30 | 2020-02-07 | 北京达佳互联信息技术有限公司 | Security verification method, device and system |
| CN110768995B (en) * | 2019-10-30 | 2022-04-01 | 北京达佳互联信息技术有限公司 | Security verification method, device, system and storage medium |
| CN112866179A (en) * | 2019-11-27 | 2021-05-28 | 北京沃东天骏信息技术有限公司 | Current limiting method and current limiting device |
| CN111181722A (en) * | 2020-03-06 | 2020-05-19 | 联想(北京)有限公司 | Authentication method and system |
| CN111585956A (en) * | 2020-03-31 | 2020-08-25 | 完美世界(北京)软件科技发展有限公司 | Website anti-brushing verification method and device |
| CN111585956B (en) * | 2020-03-31 | 2022-09-09 | 完美世界(北京)软件科技发展有限公司 | Website anti-brushing verification method and device |
| CN112950236A (en) * | 2021-03-31 | 2021-06-11 | 四川虹美智能科技有限公司 | Serial number writing method and device and computer readable medium |
| CN112950236B (en) * | 2021-03-31 | 2023-05-23 | 四川虹美智能科技有限公司 | Sequence number writing method, device and computer readable medium |
| CN113486344A (en) * | 2021-07-14 | 2021-10-08 | 北京奇艺世纪科技有限公司 | Interface anti-brushing method and device, server and storage medium |
| CN113486344B (en) * | 2021-07-14 | 2023-09-05 | 北京奇艺世纪科技有限公司 | Interface anti-brushing method and device, server side and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108462687B (en) | 2020-02-14 |
| WO2019134234A1 (en) | 2019-07-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108462687A (en) | Method, apparatus, terminal device and the storage medium that anti-brush logs in | |
| CN112637214B (en) | Resource access method and device and electronic equipment | |
| US8856892B2 (en) | Interactive authentication | |
| US7010600B1 (en) | Method and apparatus for managing network resources for externally authenticated users | |
| CN108462704A (en) | Login validation method, device, computer equipment and storage medium | |
| CN109802941A (en) | A kind of login validation method, device, storage medium and server | |
| JP6574168B2 (en) | Terminal identification method, and method, system, and apparatus for registering machine identification code | |
| US20190306148A1 (en) | Method for oauth service through blockchain network, and terminal and server using the same | |
| CN112651011B (en) | Login verification method, device and equipment for operation and maintenance system and computer storage medium | |
| CN109522726A (en) | Method for authenticating, server and the computer readable storage medium of small routine | |
| US20060265598A1 (en) | Access to a computing environment by computing devices | |
| CN109587126B (en) | User authentication method and system | |
| KR102192370B1 (en) | Method for oauth service through blockchain, and terminal and server using the same | |
| KR102252086B1 (en) | Method for oauth service through blockchain, and terminal and server using the same | |
| CN110049048B (en) | Data access method, equipment and readable medium for government affair public service | |
| US9882914B1 (en) | Security group authentication | |
| EP2366164A1 (en) | Method and system for impersonating a user | |
| CN106878250B (en) | Cross-application single-state login method and device | |
| CN108881309A (en) | Access method, device, electronic equipment and the readable storage medium storing program for executing of big data platform | |
| CN114021103A (en) | Single sign-on method, device, terminal and storage medium based on identity authentication | |
| EP3062254B1 (en) | License management for device management system | |
| WO2015156788A1 (en) | Identifying suspicious activity in a load test | |
| CN114510701A (en) | Single sign-on method, device, equipment and storage medium | |
| US10255558B1 (en) | Managing knowledge-based authentication systems | |
| CN109861982A (en) | A kind of implementation method and device of authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |