A kind of verification system and method for login application program
Technical field
The invention belongs to technical field of telecommunications more particularly to a kind of verification system and method for login application program.
Background technology
In recent years, wireless domain flourishes, and smart mobile phone and tablet computer are significantly universal.Meanwhile it various answering
It is also emerged one after another with program.A large amount of PC (Personal Computer, PC) business is transplanted, on the mobile apparatus
It can complete the identical work on computer.User is on mobile terminals using numerous different applications or the various services of access
Third-party application, such as:Instant messaging application, game application etc. are required for progress account to step on before using application program
Record verification.
At present in the login authentication solution of application program generally based on short message verification code, supplemented by speech identifying code
Scheme.
Mobile phone note verification code:Mobile phone note verification code is by sending identifying code to mobile phone, and large-scale website is especially purchased
Object website is provided with mobile phone note verification code function, can more accurately and safely ensure that the safety of shopping, verification are used
The correctness at family.
Speech identifying code:User is used when logging in website or application program using phone number by high-quality line call-up
Identifying code is informed at family, is completed user identification confirmation, is smoothly fast logged in.
But slow, unstable, the from far-off regions signal difference of operator SMS gateway speed.And both schemes are all charges
, generally in every 4 points of between 8 points of, if it is large-scale application program, the active amount of user is big, needs to send every year
More than one hundred million short messages need to just spend millions of RMB on identifying code;And after user has used verification short message, need cost volume
The short breath of verification of outer time cleaning operator, great inconvenience is caused to user.
Application program login process method as disclosed in the patent of invention of Publication No. CN106130739A and device, packet
It includes:After mobile terminal receives the trigger action of user's login application program, obtain as history data store in the to be tested of local
User information is demonstrate,proved, and acquires the finger print information to be verified of user;User information and finger print information are merged and generate verification information, and
Verification is compared with the verification sample to prestore in verification information;It is verified, executes if the mobile terminal judgement is known
The application program.The scheme of the invention is a kind of by verifying fingerprint, verification foundation when as login application program, but with
The progress of science and technology, either traditional numerical ciphers or finger-print cipher all have stolen risk, when corresponding password quilt
After robber, what account can be random logs in other-end, and there are still great security risks for the login mode of this application program.
For above-mentioned defect, how when logging on the account in the terminal of a logged account, no longer
It needs to use short message or telephone authentication code, saves the expense consumed when login account, and avoid the account of user arbitrary
Terminal can log in, additionally it is possible to which the login mode with high safety becomes present invention problem to be solved.
Invention content
The present invention is by the server, logging in the terminal iidentification storage of the account of user and login account when next time
When, according to account input by user, terminal iidentification corresponding with account is searched in the server, if with current login account
Terminal iidentification is the same, if information is the same, directly allows current Account Logon to be logged in, free verification provided by the invention
Solution to reduce operation input of the businessman in login authentication, while can ensure that an account can only correspond to one
Terminal logs in.
To reach above-mentioned technical purpose, the present invention adopts the following technical scheme that:
A kind of verification system of login application program comprising:
Memory module, for binding and preserving the unique identifier of the account of application program and terminal;
Communication module waits for log-on message for receiving;It is described to wait for that log-on message includes:It account to be logged in and described waits stepping on
The unique identifier of terminal used in the account login application program of record;
Correction verification module, if account and unique identifier that the communication module receives, the account with memory module storage
Number unique identifier corresponding with the account is consistent, then directly returns to verification information.
As a preference of the present invention, the correction verification module includes:
Matching module, the account information for being received according to the communication module, matching and institute in the memory module
State the unique identifier of the account binding of reception;
Judgment module, the unique identifier and the matching module for judging the communication module reception are matched unique
Whether identifier is consistent;
Control module sends verification code information or figure if the result that the judgment module judges is consistent by interface
Piece verification information is to application program;If the result that the judgment module judges is inconsistent, returns and verify not by information extremely
Application program.
As a preference of the present invention, the verification system further includes:Message transmission module, for sentencing in the judgment module
When disconnected result is inconsistent, and wait for that the password of login account sends out verification code information according to reception.
As a preference of the present invention, the memory module further includes updating unit, if judge for the judgment module
When being as a result inconsistent, and detect it is described when login account logins successfully, then will have been preserved in the memory module with
It waits for that the unique identifier of login account binding is removed, and the unique identifier that the communication module receives is tied up with login account is waited for
Determine and preserves.
As a preference of the present invention, the unique identifier uses international mobile equipment identification number and/or Electronic Serial Number
And/or mobile device identification code.
As a preference of the present invention, the interface uses the POST modes in hypertext transfer protocol, and the communication
Module described in the interface by waiting for log-on message.
A kind of verification method of login application program comprising:
S1, the unique identifier of the account of application program and terminal is bound and is preserved;
S2, reception wait for log-on message;It is described to wait for that log-on message includes:Account to be logged in and the account to be logged in are stepped on
Record the unique identifier of the terminal used in application program;
If S3, the account received and unique identifier, unique identifier corresponding with the account of storage and the account one
It causes, then directly returns to verification information.
As a preference of the present invention, the step S3 includes:
S31, according to the account information of the reception, the account binding of matching and the reception is only in the information of preservation
One identifier;
Whether S32, the unique identifier for judging the reception and the matched unique identifier are consistent;
If S32, the result judged are consistent, verification code information or picture verification information are sent to using journey by interface
Sequence;If the result judged is inconsistent, verification is returned not by information to application program.
As a preference of the present invention, the verification method further includes:
If S4, the result judged are inconsistent, and wait for that the password of login account sends out identifying code according to reception
Information.
As a preference of the present invention, the step S1 further includes:
If S11, the result judged are inconsistent, and detect described when login account logins successfully, then will
What is preserved removes with the unique identifier of login account binding is waited for, and the unique identifier of reception and account to be logged in are tied up
Determine and preserves.
Technical solution provided by the invention can include the following benefits:
1, the short message of abandoning tradition of the present invention or phone send the scheme of identifying code login application program, using passing through account
It is bound with terminal exclusive identification code to verify the mode of account, after the logged APP of user, user only needs to input when next time logs in
Account, server judge whether the equipment of login account matches, and directly return to identifying code by interface if matching is correct, play frame
Occur, user is allowed to input.Reduce the number for sending verification short message, the operation cost of application program is greatly saved, verification takes
With almost free, the time consumed when reducing the waste of resource, while logging in is shorter.
2, this programme needs whether to verify the unique identifier for waiting for the terminal used in login account in login application program
Legal, the defect of the account can be used by avoiding arbitrary terminal, ensure that an account is only associated with an equipment and uses, user
The safety is improved for account, and the user experience is improved.
3, scheme through the invention, even if after user's changes terminal, by updating account and terminal in the server only
The binding information of one identifier prevents once logged equipment from logging in the account and is operated.
Description of the drawings
Fig. 1 is a kind of verification system construction drawing of login application program of the embodiment of the present invention 1;
Fig. 2 is a kind of verification system construction drawing of login application program of the embodiment of the present invention 2;
Fig. 3 is a kind of verification method flow chart of login application program of the embodiment of the present invention 3.
Specific implementation mode
Referring now to attached drawing hereinafter, the present invention is described in more detail below, shows the embodiment of the present invention in the figure.
However, the present invention can be presented as many different forms, and it should not be construed as being limited to specific embodiment presented herein.
Exactly, these embodiments are for conveying the scope of the invention to those skilled in the art.
Unless otherwise defined, otherwise, term (including technical and scientific terms) used herein is interpreted as
With the identical meaning of the meaning that is generally understood with the technical staff in the field belonging to the present invention.Also, it is to be understood that
Term used herein is interpreted as having the meaning consistent with the meaning in this specification and related field, and does not answer
It is explained by ideal or excessively formal meaning, unless being clearly specified that herein.
Embodiment 1
Carry out the technical solution that the present invention will be described in detail below in conjunction with the accompanying drawings.
A kind of verification system of login application program is present embodiments provided, as shown in Figure 1, including:Memory module 100,
The specific operation process of communication module 200, correction verification module 300, this programme is as follows:
Memory module 100, for binding and preserving the unique identifier of the account of application program and terminal.
When user logs in a certain application program for the first time, it is desired nonetheless to by the verification mode of account and identifying code, log in
The application program.
The account that memory module 100 is used to for the first time log in user, unique mark with terminal used in login account
Know symbol, then one-to-one binding preserves.
As the preferred embodiment of the present embodiment, the unique identifier of terminal uses IMEI (InternationalMobile
Equipment Identity, international mobile equipment identification number) and/or ESN (ElectronicSerial Number, electronics sequence
Row number) and/or each terminal such as EMID (Mobile Equipment Identifier, mobile device identification code) have only
One identification code, but it is not limited to above-mentioned several identification codes.
Terminal can be the electronic equipment that mobile phone, tablet computer, laptop etc. can log in application program.
Communication module 200 waits for log-on message for receiving;It is described to wait for that log-on message includes:Account to be logged in and described
The unique identifier of terminal used in account login application program to be logged in.
Preferably, communication module 200 is received by the POST modes in HTTP (hypertext transfer protocol) and described waits logging in
Information.
Communication module 200 obtains user by POST modes and prepares the account logged in and account login specific application journey
The unique identifier of terminal used in sequence.
For example:
The request method POST of HTTP.
The supplemental characteristic of POST includes:USERID and account is respectively that the unique mark of equipment meets and APP (applications
Program) account.
Such as:USERID:a57837377dfs;
CallBackURL:http://myapp.phicomm.com/passverify。
Correction verification module 300, if account and unique identifier that the communication module 200 receives, with the memory module 100
The account of storage unique identifier corresponding with the account is consistent, then directly returns to verification information.
Correction verification module 300 verifies whether user's account currently to be logged in can allow for its login.If communication module 200 connects
The unique mark of the account binding stored in the unique identifier for receiving the equipment used in login account, with memory module 100
Symbol is consistent, then directly returns to verification information by network interface, and user after validation information, that is, logins successfully this in playing frame
Application program.
Otherwise, the login mode of user's input account and password is needed to log in the application program.
In conclusion a kind of verification system of login application program provided in this embodiment, the short message or electricity of abandoning tradition
Words send the scheme of identifying code login application program, and the side of account is verified using being bound by account and terminal exclusive identification code
Formula, after the logged APP of user, next time log in when user only need input account, server judge login account equipment whether
Matching, directly identifying code is returned to if matching is correct by interface, and bullet outlines now, allows user to input, be greatly saved using journey
The operation cost of sequence verifies expense almost free, reduces the waste of resource.
Embodiment 2
The present embodiment and above-described embodiment 1 are essentially identical, include the memory module 100 of embodiment 1, communication module 200, school
Module 300 is tested, difference lies in the present embodiment further includes the present embodiment with embodiment 1:Matching module 310, judgment module 320,
Control module 330, message transmission module 400, updating unit 110, as shown in Fig. 2, the specific operation process of the present embodiment is as follows:
The verification of the correction verification module 300 waits for whether logon information is correct, especially by matching module 310, judgment module
320, control module 330 is realized, process is as follows:
Matching module 310, the account information for being received according to the communication module 200, in the memory module 100
The unique identifier that the account of matching and the reception is bound.
Account to be logged in is received by communication module 200, the account logs in unique mark of the terminal used in application program
Know symbol.
The scheme for obtaining terminal unique identifier has been the more ripe prior art, has no longer been specifically described herein.
According to the account to be logged in of reception, matching module 310 matches in the memory module 100 and waits logging in described
Account binding terminal unique identifier.
Due to the unique identifier information of storage and account binding in memory module 100.Matching module 310 is storing first
It is found in module 100 preservation with the duplicate account information of account to be logged in;Memory module 100 preserve with the account
The unique identifier of binding is and waits for login account correctly corresponding unique identifier.
Judgment module 320, the unique identifier for judging the reception of the communication module 200 and the matching module 310
Whether matched unique identifier is consistent.
Communication module 200 receives the unique identifier of terminal used when login account logs in application program;Matching
Module 310 matches in the memory module 100 and waits for login account correctly corresponding unique identifier;
Judgment module 320 judges the unique identifier and 310 matched unique mark of matching module that communication module 200 receives
Whether symbol is consistent.
Control module 330 sends identifying code letter if the result that the judgment module 320 judges is consistent by interface
Breath or picture verification information are to application program;If the result that the judgment module 320 judges is inconsistent, it is obstructed to return to verification
Information is crossed to application program.
For example:
Return when log-on message is correct:
{"Success":true,"ErrorCode":""}
Success:Indicate whether the result that judgment module 320 judges is consistent;True indicates that verification is correct, and server is to answering
Number or alphabetical identifying code or one picture verification of pop-up are returned with program;If user inputs correct identifying code in playing frame,
Or sliding picture then can successfully log in the application program to defined position.
False indicates that verification is incorrect, and server does not allow current to wait for that login account logs in.
Return when log-on message is incorrect:
{"Success":false,"ErrorCode":"The verification of 101 secret keys does not pass through;}
ErrorCode:There is value when Success is false, is corresponding error code.
The present embodiment further includes:Message transmission module 400, the result for judging in the judgment module 320 are inconsistent
When, and wait for that the password of login account sends out verification code information according to reception.
Message transmission module 400 is used for when the result that the judgment module 320 judges is inconsistent, and according to reception
Wait for that the password of login account sends out verification code information.
When the verification of correction verification module 300 is when login account login current device is illegal, it may be possible to since user replaces
Mobile phone, user's mobile phone that this time login account uses are different from the mobile phone that last login uses.User is needed to input account at this time
Number and the account password obtain login authentication code, if the password of server authentication account be proper password, message send mould
Block 400 sends out short message verification code to the account.The whether correct scheme of password is verified, has the more ripe prior art, herein
No longer it is described in detail.
The memory module 100 further includes updating unit 110, if the result for the judgment module to judge is inconsistent
When, and detect described when login account logins successfully, then it will be preserved in the memory module 100 and waited for login account
The unique identifier of binding is removed, and unique identifier that the communication module receives is bound and preserved with login account is waited for.
When the short message verification code that user sends out according to message transmission module 400, when successfully logging in corresponding application program, this
When update module 110 by the binding information of the stored account of memory module 100 and terminal unique identifier delete, and from
The dynamic unique identifier for obtaining the terminal that the account currently logs in, the terminal that update module 110 currently logs in the account is only
One identifier is bound with the account, and is preserved to memory module 100.This programme avoids the once logged equipment of user, private
It is operated from the account of login user.
In conclusion a kind of verification system of login application program provided in this embodiment, improves traditional login every time
Shi Douxu sends the defect of short-message verification, and whether the equipment used when this equipment and last login for logging in by verification is identical
Decide whether to allow to log in, the time consumed when saving a large amount of operation cost, and logging in is shorter.Meanwhile it being answered in login
When with program, needs to verify and wait for whether the unique identifier of the terminal used in login account is legal, and avoiding arbitrary terminal can
Using the defect of the account, the safety of user account ensure that, the user experience is improved.Scheme through the invention, that is, use
After the changes terminal of family, by updating the binding information of account and terminal unique identifier in the server, prevent once logged
Equipment log in the account and operated.
Embodiment 3
A kind of verification method of login application program is present embodiments provided, as shown in figure 3, its detailed process may include
Following steps:
S1, the unique identifier of the account of application program and terminal is bound and is preserved.
When user logs in a certain application program for the first time, it is desired nonetheless to by the verification mode of account and identifying code, log in
The application program.
The account that user is logged in for the first time, the unique identifier with terminal used in login account, one-to-one binding,
Then it preserves.
As the preferred embodiment of the present embodiment, the unique identifier of terminal uses IMEI (InternationalMobile
Equipment Identity, international mobile equipment identification number) and/or ESN (ElectronicSerial Number, electronics sequence
Row number) and/or each terminal such as EMID (Mobile Equipment Identifier, mobile device identification code) have only
One identification code, but it is not limited to above-mentioned several identification codes.
S2, reception wait for log-on message;It is described to wait for that log-on message includes:Account to be logged in and the account to be logged in are stepped on
Record the unique identifier of the terminal used in application program.
Preferably, it is received by the POST modes in HTTP (hypertext transfer protocol) and described waits for log-on message.
The terminal used in the account and account login application-specific that user's preparation logs in is obtained by POST modes
Unique identifier.The scheme for obtaining the unique identifier of terminal has the more ripe prior art, and this will not be detailed here.
If S3, the account received and unique identifier, unique identifier corresponding with the account of storage and the account one
It causes, then directly returns to verification information.
Whether verification user account currently to be logged in can allow for its login.If receiving the equipment used in login account
Unique identifier, consistent with the unique identifier that the account of storage is bound, then verification currently waits for that log-on message is correct, permission
Current account logs in;Otherwise, the login mode of user's input account and password is needed to log in the application program.
Step S3 specifically includes following steps:
S31, according to the account information of the reception, the account binding of matching and the reception is only in the information of preservation
One identifier;
Account to be logged in is received by step S2, the account logs in the unique identifier of the terminal used in application program.
According to the account to be logged in of reception, it is unique to match the terminal bound with the account to be logged in preserved
Identifier.
Whether S32, the unique identifier for judging the reception and the matched unique identifier are consistent.
Compare the unique identifier for receiving terminal used when login account logs in application program, and matches and wait for
Correctly whether corresponding unique identifier is consistent for login account.
If S32, the result judged are consistent, verification code information or picture verification information are sent to using journey by interface
Sequence;If the result judged is inconsistent, verification is returned not by information to application program.
If the result judged is consistent, verification information is directly returned to application program, waits for user's input correctly verification
After information, current account is allowed to log in the application program;If the result judged is inconsistent, the incorrect information of verification is returned
To application program.
The present embodiment further includes:
If S4, the result judged are inconsistent, and wait for that the password of login account sends out identifying code according to reception
Information.
When verification when login account log in current device it is illegal when, it may be possible to since user has replaced mobile phone, user this
The mobile phone that secondary login account uses is different from the mobile phone that last login uses.User is needed to input account and the account at this time
Password obtains login authentication code, if the password of server authentication account is proper password, short message verification code is sent out to the account.
Make user according to identifying code login application program.
The step S1 further includes:
If S11, the result judged are inconsistent, and detect described when login account logins successfully, then will
What is preserved removes with the unique identifier of login account binding is waited for, and the unique identifier of reception and account to be logged in are tied up
Determine and preserves.
When user is according to the short message verification code sent out that disappears, and after successfully logging in corresponding application program, will deposit at this time
The account of storage and the binding information of terminal unique identifier are deleted, and obtain the unique of the terminal that the account currently logs in automatically
Identifier, the unique identifier for the terminal which is currently logged in is bound with the account, and is preserved.This programme avoids user
Once logged equipment, privately the account of login user operated.
In conclusion a kind of verification method of login application program provided in this embodiment, improves tradition and steps on every time
The defect for all needing to send short-message verification when record, by the verification equipment this time logged in and the equipment that is used when last login whether phase
With deciding whether to allow to log in, the time consumed when saving a large amount of operation cost, and logging in is shorter.Meanwhile it logging in
When application program, needs to verify and wait for whether the unique identifier of the terminal used in login account is legal, avoids arbitrary terminal all
The defect that the account can be used, ensure that the safety of user account, the user experience is improved.Scheme through the invention, even if
After user's changes terminal, by updating the binding information of account and terminal unique identifier in the server, prevent from once logging in
The equipment crossed logs in the account and is operated.
Those skilled in the art after considering the specification and implementing the invention disclosed here, will readily occur to the present invention and disclose
Other embodiments.This application is intended to cover any variations, uses, or adaptations of the disclosure, these modifications are used
Way or adaptive change follow the general principles of this disclosure and include undocumented in the art known of the disclosure
Common sense or conventional techniques.The description and examples are only to be considered as illustrative, and the true scope and spirit of the disclosure are under
The claim in face is pointed out.