CN108810896B

CN108810896B - Connection authentication method and device of wireless access point

Info

Publication number: CN108810896B
Application number: CN201810784712.5A
Authority: CN
Inventors: 高志成; 娄宏跃; 刘玉霆; 宋振宇
Original assignee: Shanghai Lianshang Network Technology Co Ltd
Current assignee: Shanghai Shangxiang Network Technology Co.,Ltd.
Priority date: 2018-07-17
Filing date: 2018-07-17
Publication date: 2020-11-06
Anticipated expiration: 2038-07-17
Also published as: CN108810896A; WO2020015583A1

Abstract

The embodiment of the application discloses a connection authentication method and device of a wireless access point. One embodiment of the method comprises: receiving a connection authentication request sent by a network access device corresponding to a wireless access point, wherein the connection authentication request comprises identification information of a first terminal and identification information of the network access device; generating an authentication graphic code based on the identification information of the first terminal and the identification information of the network access equipment; and sending the authentication graphic code to the network access equipment. The embodiment can provide the connection authentication of network access for the terminal which can not carry out Portal authentication, and reduces the threshold of the connection authentication of the user terminal.

Description

Connection authentication method and device of wireless access point

Technical Field

The embodiment of the application relates to the technical field of computers, in particular to a connection authentication method and device of a wireless access point.

Background

Portal authentication is also commonly referred to as Web authentication, and Portal authentication Web sites may be generally referred to as Web portals.

When the user is not authenticated to surf the internet, the access equipment forces the user to log in the appointed Portal website, the user can freely access the service in the appointed Portal website, when the user needs to access other internet resources, the user needs to authenticate on a Portal page, and the user can access other internet resources after the authentication.

If the user actively visits a known Portal authentication website and inputs a user name and a password for authentication, the mode is called active authentication. If a user attempts to access a site other than the designated Portal site via HTTP (HyperText Transfer Protocol), the user is forced to access the Portal authentication site, thereby starting the Portal authentication process, which is called forced authentication.

However, Portal authentication usually has certain requirements for hardware and systems of the user terminal, and when the user terminal cannot meet the authentication requirements (for example, the version of the operating system is too low), a Portal page cannot be popped up, so that authentication cannot be performed.

Disclosure of Invention

The embodiment of the application provides a connection authentication method and device of a wireless access point.

In a first aspect, some embodiments of the present application provide a connection authentication method for a wireless access point, which is applied to a first server, and the method includes: receiving a connection authentication request sent by network access equipment corresponding to a wireless access point, wherein the connection authentication request comprises identification information of a first terminal and identification information of the network access equipment; generating an authentication graphic code based on the identification information of the first terminal and the identification information of the network access equipment; and sending the authentication graphic code to the network access equipment.

In a second aspect, some embodiments of the present application provide a connection authentication method for a wireless access point, which is applied to a network access device corresponding to the wireless access point, and the method includes: in response to a network access request intercepted to a first terminal without network access authority, determining whether the first terminal meets a triggering condition of connection authentication; responding to the first terminal meeting the triggering condition of connection authentication, and sending a connection authentication request to the first server, wherein the connection authentication request comprises identification information of the first terminal and identification information of the network access equipment; receiving an authentication graphic code returned by the first server, wherein the authentication graphic code is a graphic code generated by the first server based on the identification information of the first terminal and the identification information of the network access equipment; and transmitting the authentication graphic code to the first terminal.

In a third aspect, some embodiments of the present application provide a connection authentication method for a wireless access point, which is applied to a first terminal without network access right, and the method includes: sending a network access request to a network access device corresponding to the wireless access point, wherein the network access device is configured to: in response to the network access request being intercepted, determining whether the first terminal meets a triggering condition of connection authentication; in response to the fact that the first terminal meets the triggering condition of the connection authentication, sending a connection authentication request to the first server, wherein the connection authentication request comprises identification information of the first terminal and identification information of the network access equipment; receiving an authentication graphic code sent by network access equipment, wherein the authentication graphic code is generated by a first server based on identification information of a first terminal and identification information of the network access equipment; and displaying the authentication graphic code.

In a fourth aspect, some embodiments of the present application provide a connection authentication method for a wireless access point, which is applied to a second terminal, and the method includes: scanning the authentication graphic code to obtain graphic code information of the authentication graphic code; sending the graphic code information to a second server; receiving scanning feedback information returned by the second server, wherein the scanning feedback information is used for indicating whether an authentication graphic code is scanned or not, and the authentication graphic code is a graphic code generated by the first server based on the identification information of the first terminal and the identification information of the network access equipment corresponding to the wireless access point; in response to determining that the scanning feedback information indicates that the authentication graphic code has been scanned, sending a connection confirmation instruction to the second server, the connection confirmation instruction being for allowing the first terminal to access the network through the network access device; and receiving an instruction execution result returned by the second server.

In a fifth aspect, some embodiments of the present application provide a connection authentication method for a wireless access point, which is applied to a second server, and the method includes: sending a scanning confirmation request to the first server in response to receiving the graphic code information sent by the second terminal, wherein the scanning confirmation request comprises the graphic code information; receiving scanning feedback information returned by the first server and returning the scanning feedback information to the second terminal, wherein the scanning feedback information is used for indicating whether an authentication graphic code is scanned or not, and the authentication graphic code is a graphic code generated by the first server based on identification information of the first terminal and identification information of network access equipment corresponding to the wireless access point; responding to a connection confirmation instruction sent by the second terminal, and forwarding the connection confirmation instruction to the first server, wherein the connection confirmation instruction is used for allowing the first terminal to access the network through the network access equipment; and receiving an instruction execution result returned by the first server, and returning the instruction execution result to the second terminal.

In a sixth aspect, some embodiments of the present application provide a method for connection authentication of a wireless access point, the method including: a first terminal sends a network access request to network access equipment corresponding to a wireless access point, wherein the first terminal does not have network access authority; the method comprises the steps that network access equipment intercepts a network access request, determines whether a first terminal meets a triggering condition of connection authentication or not, and sends a connection authentication request to a first server when the first terminal meets the triggering condition of the connection authentication, wherein the connection authentication request comprises identification information of the first terminal and identification information of the network access equipment; the first server generates an authentication graphic code based on the identification information of the first terminal and the identification information of the network access equipment, and returns the authentication graphic code to the network access equipment; the network access equipment sends the authentication graphic code to the first terminal; the first terminal displays the authentication graphic code.

In a seventh aspect, some embodiments of the present application provide a method for connection authentication of a wireless access point, the method including: the second terminal scans the authentication graphic code, acquires graphic code information of the authentication graphic code and sends the graphic code information to the second server; the method comprises the steps that a first server receives graphic code information forwarded by a second server, matches the graphic code information with information of an authentication graphic code to generate scanning feedback information, and returns the scanning feedback information to the second server, wherein the information of the authentication graphic code comprises identification information of a first terminal without network access authority and identification information of network access equipment corresponding to a wireless access point; the second terminal receives scanning feedback information returned by the second server, and if the scanning feedback information indicates that the authentication graphic code is scanned, the second terminal sends a connection confirmation instruction to the second server, wherein the connection confirmation instruction is used for allowing the first terminal to access the network through the network access equipment; the first server responds to the received connection confirmation instruction forwarded by the second server and sends a connection release instruction to the network access equipment, wherein the connection release instruction is used for allowing the first terminal to access the network; the network access equipment responds to the received connection release instruction, sets the first terminal to have network access authority within a preset time range, and returns a setting result to the first server.

In an eighth aspect, some embodiments of the present application provide an apparatus for connection authentication of a wireless access point, the apparatus including: a request receiving unit configured to receive a connection authentication request sent by a network access device, wherein the connection authentication request includes identification information of a first terminal and identification information of the network access device; the device comprises a graphic code generating unit, a network access device and a terminal, wherein the graphic code generating unit is configured to generate an authentication graphic code based on identification information of a first terminal and identification information of the network access device; and the graphic code sending unit is configured to send the authentication graphic code to the network access equipment.

In a ninth aspect, some embodiments of the present application provide a network device, including: one or more processors; a storage device having one or more programs stored thereon; when executed by one or more processors, cause the one or more processors to implement a method as described in any of the first to fifth aspects.

Ninth aspect, some embodiments of the present application provide a computer readable medium having stored thereon a computer program which, when executed by a processor, implements the method as described in any one of the first to fifth aspects.

According to the method and the device for connection authentication of the wireless access point, the network access equipment corresponding to the wireless access point receives the connection authentication request sent by the network access equipment under the condition that the network access request submitted by the first terminal without network access authority is intercepted and the first terminal meets the triggering condition of connection authentication, then the authentication graphic code is generated based on the identification information of the first terminal and the identification information of the network access equipment in the connection authentication request, and finally the authentication graphic code is sent to the network access equipment so that the authentication graphic code is forwarded to the first terminal and displayed on the first terminal, and therefore connection authentication of network access can be provided for the terminal incapable of Portal authentication, and the threshold of connection authentication of the user terminal is reduced.

Drawings

Other features, objects and advantages of the present application will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, made with reference to the accompanying drawings in which:

FIG. 1 is an exemplary system architecture diagram to which some embodiments of the present application may be applied;

FIG. 2 is a flow diagram of one embodiment of a connection authentication method applied to a wireless access point of a first server according to the present application;

fig. 3 is a flow diagram of another embodiment of a connection authentication method applied to a wireless access point of a first server according to the present application;

fig. 4A to 4C are schematic diagrams of an application scenario of a connection authentication method applied to a wireless access point of a first server according to the present application;

FIG. 5 is a flow diagram of one embodiment of a connection authentication method applied to a wireless access point of a network access device, in accordance with the present application;

fig. 6 is a flow chart of one embodiment of a connection authentication method applied to a wireless access point of a first terminal according to the present application;

fig. 7 is a flowchart of one embodiment of a connection authentication method applied to a wireless access point of a second terminal according to the present application;

FIG. 8 is a flow diagram of one embodiment of a connection authentication method applied to a wireless access point of a second server in accordance with the present application;

FIG. 9 is a timing diagram for one embodiment of a method of connection authentication for a wireless access point according to the present application;

fig. 10 is a timing diagram of another embodiment of a connection authentication method of a wireless access point according to the present application;

fig. 11 is a schematic structural diagram of an embodiment of a connection authentication apparatus applied to a wireless access point of a first server according to the present application;

FIG. 12 is a block diagram of a computer system suitable for use in implementing a network device of an embodiment of the present application.

Detailed Description

The present application will be described in further detail with reference to the following drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. It should be noted that, for convenience of description, only the portions related to the related invention are shown in the drawings.

It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict. The present application will be described in detail below with reference to the embodiments with reference to the attached drawings.

Fig. 1 illustrates an exemplary system architecture 100 to which embodiments of the connection authentication method of a wireless access point of the present application may be applied.

As shown in fig. 1, the system architecture 100 may include

first terminals

101, 102, 103, second terminals 107, 108, a network access device 104, and

servers

105, 106.

The user may use the

first terminal

101, 102, 103 to interact with the network access device 104 to receive or send messages or the like. The

first terminals

101, 102, 103 may have various client applications installed thereon, such as a browser application. The user may use the second terminal 107, 108 to interact with the server 106 to receive or send messages or the like. The second terminals 107, 108 may have various client applications installed thereon, such as an open network connection application.

The

first terminals

101, 102, 103 may be hardware or software. When the

first terminals

101, 102, 103 are hardware, they may be various electronic devices, including but not limited to tablet computers, laptop portable computers, desktop computers, and the like, which support access to a network but cannot install a preset application (e.g., an open network connection application). When the

first terminal

101, 102, 103 is software, it can be installed in the electronic devices listed above. It may be implemented as multiple pieces of software or software modules, or as a single piece of software or software module. And is not particularly limited herein.

The second terminals 107, 108 may be hardware or software. When the second terminal 107, 108 is hardware, it may be various electronic devices capable of installing a preset application (e.g., an open network connection application) and supporting scanning of graphic codes, including but not limited to a smart phone, a tablet computer, and the like. When the second terminal 107, 108 is software, it can be installed in the electronic devices listed above. It may be implemented as multiple pieces of software or software modules, or as a single piece of software or software module. And is not particularly limited herein.

The network access device 104 may be hardware or software. When the network access device 104 is hardware, it may be a variety of electronic devices that support broadband access, including but not limited to switches, routers, and the like. When the network access device 104 is software, it can be installed in the electronic devices listed above. It may be implemented as multiple pieces of software or software modules, or as a single piece of software or software module. And is not particularly limited herein.

The server 105 may be a server that provides various services, for example, the server 105 may be a backend server that provides a network access connection authentication service. The backend server may analyze and perform other processing on the acquired data such as the connection authentication request, and feed back a processing result (e.g., an authentication graph code) to the network access device 104.

The server 106 may also be a server that provides various services, for example, the server 106 may be a backend server that provides open network (e.g., commercial open network) services. The backend server may analyze and otherwise process the acquired data such as the graphic code information, and feed back a processing result (e.g., a scanning result, an authentication result, and the like) to the second terminals 107 and 108.

The

servers

105 and 106 may be hardware or software. When the

servers

105 and 106 are hardware, they may be implemented as a distributed network device group composed of multiple network devices, or may be implemented as a single network device. When the

servers

105, 106 are software, they may be implemented as multiple pieces of software or software modules (e.g., to provide distributed services) or as a single piece of software or software module. And is not particularly limited herein.

It should be noted that, the connection authentication method applied to the wireless access point of the first terminal provided by some embodiments of the present application may be performed by the

first terminal

101, 102, 103, the connection authentication method applied to the wireless access point of the second terminal provided by some embodiments of the present application may be performed by the second terminal 107, 108, the connection authentication method applied to the wireless access point of the network access device provided by some embodiments of the present application may be performed by the network access device 104, the connection authentication method applied to the wireless access point of the first server provided by some embodiments of the present application may be performed by the server 105, and the connection authentication method applied to the wireless access point of the second server provided by some embodiments of the present application may be performed by the server 106.

It should be understood that the number of first terminals, second terminals, network access devices, and servers in fig. 1 are merely illustrative. There may be any number of first terminals, second terminals, network access devices, and servers, as desired for an implementation.

With continued reference to fig. 2, a flow 200 of one embodiment of a connection authentication method applied to a wireless access point of a first server in accordance with the present application is shown. The connection authentication method of the wireless access point may include the steps of:

step 201, receiving a connection authentication request sent by a network access device corresponding to a wireless access point.

In this embodiment, an execution subject of the connection authentication method of the wireless access point (e.g., the server 105 shown in fig. 1) may receive a connection authentication request transmitted by a network access device (e.g., the network access device 104 shown in fig. 1). The connection authentication request may be sent by the network access device in a case where the network access device intercepts a network access request submitted by a first terminal (e.g., the

first terminal

101, 102, 103 shown in fig. 1) that does not have network access authority and determines that the first terminal satisfies a trigger condition of connection authentication. The connection authentication request may include identification information of the first terminal and identification information of the network access device. The identification information of the first terminal may include a device identification of the first terminal, for example, a Media Access Control (MAC) address of the first terminal. The identification information of the network access device may include a device identification of the network access device, for example, a MAC address of the network access device.

Here, the first terminal may be communicatively connected to the network access device through a wired connection or a wireless connection. The user may initiate a network access request using the first terminal, for example, to browse a web page through a browser installed on the first terminal. The network access equipment intercepts the network access request submitted by the first terminal because the first terminal does not have the network access right. The network access device may then determine whether the first terminal satisfies a trigger condition for connection authentication (e.g., desktop computer, operating system version below a preset version, etc.). If the first terminal is determined to meet the triggering condition of the connection authentication, the network access device may send a connection authentication request to the first server.

In some optional implementations of this embodiment, the determining, by the network access device, whether the first terminal satisfies the trigger condition of the connection authentication may include:

first, identification information of a first terminal is acquired. Here, the identification information of the first terminal may include, but is not limited to: the type and version of the operating system of the first terminal, the type and version of the browser, the rendering engine of the browser, the language of the browser, the plug-in of the browser, etc. As an example, the identification information of the first terminal may be UA (user agent) information of a browser of the first terminal.

For example, when the os type and version of the first terminal are "Windows 7" and the browser type is "Chrome", the identification information of the first terminal may include the following string "Mozilla/5.0 (Windows NT 6.1) applewskit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36". For example, when the operating system type and version of the first terminal are "Android 4.2.1" and the browser type is "Chrome", the identification information of the first terminal may include the following string "Mozilla/5.0 (Linux; Android 4.2.1; M040 Build/JOP40D) appleWebKit/537.36 (khWebTML, like Gecko) Chrome/31.0.1650.59Mobile Safari/537.36".

Then, based on the identification information of the first terminal, it may be determined whether the first terminal is a terminal capable of installing the target networking application. The target networking applications may include, among other things, application programs that are developed for a particular system environment that authorize the use of open network services, such as Android (a mobile operating system) and IOS (a mobile operating system) versions of Wi-Fi connectivity applications.

As one example, the target networking application may be a Wi-Fi connected application developed based on Android and IOS, that is, the target networking application cannot be installed in a computer device such as a desktop computer, a notebook computer, a tablet computer, etc. of other systems such as Windows, etc. The type and version of the operating system of the first terminal can be determined to be Windows 7 through the identification information of the first terminal, that is, the first terminal is a terminal which cannot install the target networking application.

Finally, in response to determining that the first terminal cannot install the terminal of the target networking application, it may be determined that the first terminal satisfies a trigger condition for connection authentication. Here, the trigger condition of the connection authentication may include, but is not limited to: the target networking application cannot be installed.

Step 202, generating an authentication graphic code based on the identification information of the first terminal and the identification information of the network access device.

In this embodiment, the execution subject may generate the authentication graph code by using the identification information of the first terminal and the identification information of the network access device in the connection authentication request. Here, the graphic code may include a graphic code obtained by encoding data (for example, identification information) to be stored according to a preset graphic encoding rule. By way of example, the graphical code may include, but is not limited to: bar codes, two-dimensional codes, three-dimensional codes, dynamic two-dimensional codes, three-dimensional codes or any other suitable graphic code that can be used to parse specific content. In this embodiment, the graphic code may be a two-dimensional code.

It should be noted that generating the two-dimensional code according to the identification information is a known technology widely studied and applied at present, and is not described herein again.

Step 203, sending the authentication graphic code to the network access equipment.

In this embodiment, the executing entity may send the authentication graph code generated in step 202 to the network access device. The network access equipment can forward the authentication graphic code to the first terminal so that the first terminal can display the authentication graphic code.

By displaying the authentication graphic code on the first terminal, the user terminal (e.g., Android phone or IOS phone) installed with the target networking application can be used to scan the authentication graphic code displayed on the first terminal, and thus the authentication of the network authority can be accessed. Therefore, the threshold of the first terminal for connection authentication is effectively reduced, and even under the condition that the first terminal does not support Portal authentication or cannot install target networking application, the user can access the Internet through the first terminal.

In the method for connection authentication of a wireless access point provided in the above embodiment of the present application, a network access device corresponding to the wireless access point receives a connection authentication request sent by the network access device when a network access request of a first terminal without network access permission is intercepted and the first terminal meets a trigger condition of connection authentication, then generates an authentication graph code based on identification information of the first terminal and identification information of the network access device in the connection authentication request, and finally sends the authentication graph code to the network access device, so that the authentication graph code is forwarded to the first terminal and displayed at the first terminal, thereby providing connection authentication of network access for a terminal that cannot perform Portal authentication, and reducing a threshold of connection authentication performed by a user terminal.

With further reference to fig. 3, a flow 300 of another embodiment of a method of connection authentication applied to a wireless access point of a first server in accordance with the present application is shown. The connection authentication method of the wireless access point may include the steps of:

step 301, receiving a connection authentication request sent by a network access device corresponding to a wireless access point.

first terminal

Step 302, based on the identification information of the first terminal and the identification information of the network access device, an authentication graphic code is generated.

Step 303, sending the authentication graphic code to the network access device.

In this embodiment, the executing entity may send the authentication graph code generated in step 302 to the network access device. The network access equipment can forward the authentication graphic code to the first terminal so that the first terminal can display the authentication graphic code.

Step 304, receiving a scan confirmation request sent by the second server.

In this embodiment, the execution subject may receive a scan confirmation request sent by the second server. Wherein the scan confirmation request may be sent by the second server (e.g., the server 106 shown in fig. 1) in response to receiving the graphic code information sent by the second terminal (e.g., the second terminals 107, 108 shown in fig. 1). The graphic code information may be obtained by the second terminal by scanning an authentication graphic code (e.g., an authentication graphic code displayed on the first terminal) and parsing the authentication graphic code. The scan confirmation request may include the graphic code information.

It should be noted that the authentication graphic code may be an authentication graphic code displayed on the first terminal, or may be an authentication graphic code displayed in other forms, for example, a printed authentication graphic code, and the like, which is not limited in this application.

Step 305, matching the graphic code information with the information of the authentication graphic code, generating scanning feedback information, and sending the scanning feedback information to the second server.

In this embodiment, the execution body may compare the graphic code information in the scan confirmation request with the information of the authentication graphic code to determine whether the graphic code information in the scan confirmation request matches the information of the authentication graphic code. Then, generating scanning feedback information based on the matching result, and sending the scanning feedback information to the second server (and further forwarding to the second terminal, so that the second terminal displays corresponding prompt information according to the scanning feedback information, for example, prompt information such as "scanned" or "scanning failed"). Wherein the scanning feedback information is used for indicating whether the authentication graphic code is scanned.

If the graphic code information in the scan confirmation request matches the authentication graphic code information, it indicates that the authentication graphic code has been scanned, and therefore, the status code of the authentication graphic code may be assigned to a parameter value (e.g., 1) indicating that the authentication graphic code has been scanned.

Here, the status code of the authentication graphic code may be used to characterize the authentication status of the authentication graphic code. The authentication status of the authentication graphic code may include, but is not limited to: not scanned, failed scan, failed, authenticated, failed authentication. A status code of the authentication graphic code may be stored in the execution body as described above, and an initial value of the status code of the authentication graphic code may be a parameter value (e.g., 0) indicating that the authentication graphic code is not scanned. For example, the parameter values may be preset (or initialized) after the authentication graphic code is generated as the authentication graphic code is not scanned.

In some optional implementation manners of this embodiment, the method for authenticating a connection of a wireless access point may further include: in response to determining that the graphical code information does not match the information authenticating the graphical code, assigning a status code of the authenticating graphical code to a parameter value (e.g., 3) indicating that the scanning of the authenticating graphical code failed.

Step 306, in response to receiving the connection confirmation instruction sent by the second server, sending a connection release instruction to the network access device.

In this embodiment, the execution body may receive a connection confirmation instruction from the second server, and send a connection release instruction to the network access device after receiving the connection confirmation instruction. Wherein the connection confirmation instruction and the connection release instruction may be used to allow the first terminal to access the network through the network access device. The connection confirmation instruction may be sent by the second terminal to the second server in a case where the scanning feedback information indicates that the authentication two-dimensional code has been scanned. The network access device may be configured to: in response to receiving the connection release instruction sent by the first server, the first terminal is set to have network access right within a preset time range (for example, within 24 hours, within 1 week and the like).

Here, the connection confirmation command and the connection release command may be the same or different, as long as the connection confirmation command and the connection release command can allow the first terminal to access the network, and the present application does not limit this.

Step 307, receiving a setting result returned by the network access device.

In this embodiment, the execution main body may receive a setting result returned by the network access device. Wherein the setting result can be used to indicate whether the first terminal is set to have the network access right within a preset time range.

In some optional implementation manners of this embodiment, the method for authenticating a connection of a wireless access point may further include: in response to determining that the setting result (e.g., "setting success") indicates that the first terminal has the network access right, the status code of the authentication graphic code is assigned to a parameter value (e.g., 2) indicating that the authentication of the authentication graphic code is successful.

In some optional implementation manners of this embodiment, the method for authenticating a connection of a wireless access point may further include: in response to determining that the setting result (e.g., "setting failure") indicates that the first terminal does not have the network access right, the status code of the authentication graphic code is assigned to a parameter value (e.g., 4) indicating that the authentication of the authentication graphic code fails.

In some optional implementations of this embodiment, the method for authenticating a connection of a wireless access point may further include: firstly, receiving an inquiry request for inquiring the state of the authentication graphic code from the network access equipment, wherein the inquiry request can be received by the network access equipment from a first terminal; then, inquiring the state of the authentication graphic code to obtain an inquiry result, wherein the inquiry result can comprise the state code of the authentication graphic code; and finally, sending the query result to the network access equipment so that the network access equipment sends corresponding prompt information to the first terminal according to the query result.

In some optional implementations of this embodiment, the network access device may be configured to: and in response to determining that the query result indicates that the authentication graphic code is not scanned, sending prompt information to the first terminal for prompting the user to scan the authentication graphic code using a second terminal installed with the target networking application.

In some optional implementations of this embodiment, the network access device may be configured to: in response to determining that the inquiry result indicates that the authentication graphical code has been scanned, sending a prompt message to the first terminal for prompting the user to confirm authentication on the terminal scanning the authentication graphical code (e.g., "please confirm release on the mobile phone").

In some optional implementations of this embodiment, the network access device may be configured to: and sending prompt information for prompting the user to be capable of accessing the network to the first terminal in response to the fact that the query result indicates that the authentication of the authentication graphic code is successful.

In some optional implementations of this embodiment, the network access device may be configured to: responding to the query result indicating that the authentication of the authentication graphic code is successful, and acquiring the page content of the network access request; and transmitting the acquired page content to the first terminal so that the first terminal displays the acquired page content.

In some optional implementations of this embodiment, the network access device may be configured to: and sending prompt information for prompting the user to scan the authentication graphic code again to the first terminal in response to the fact that the query result indicates that the authentication graphic code fails to be scanned or the authentication graphic code fails to be authenticated.

In some optional implementations of the embodiment, the graphical code information may include a timestamp, and the authentication graphical code may have a validity period (e.g., 5 minutes). The connection authentication method of the wireless access point may further include: in response to determining that the time corresponding to the time stamp of the graphic code information exceeds the validity period of the authentication graphic code, a status code of the authentication graphic code is assigned to a parameter value (e.g., 5) indicating that the authentication graphic code has failed.

In some optional implementations of this embodiment, the network access device may be configured to: and sending prompt information for prompting the user to update the authentication graphic code and rescan the updated authentication graphic code to the first terminal in response to the fact that the query result indicates that the authentication graphic code is invalid.

In some optional implementation manners of this embodiment, the method for authenticating a connection of a wireless access point may further include: firstly, receiving a graphic code updating request from a network access device, wherein the graphic code updating request can be received by the network access device from a first terminal, and the graphic code updating request can comprise identification information of the first terminal and identification information of the network access device; then, generating an updated graphic code based on the identification information of the first terminal and the identification information of the network access equipment; and finally, sending the updated authentication graphic code to the network access equipment, wherein the network access equipment can forward the updated authentication graphic code to the first terminal so that the first terminal can display the updated authentication graphic code.

With continuing reference to fig. 4A-4C, one application scenario of a method of connection authentication for a wireless access point according to the present application is shown. In fig. 4A, the notebook computer 402 does not have a network access right (e.g., cannot access internet resources), and the user 401 inputs a web address "www.xx.com" in an address bar 4021 of a browser of the notebook computer 402 and desires to browse a web page corresponding to the web address; then, the router 403 intercepts an internet access request submitted by the notebook computer 402, acquires identification information of a browser of the notebook computer 402, and further determines that the notebook computer 402 cannot install the Wi-Fi connection application (that is, the notebook computer 402 meets a trigger condition of connection authentication); then, the router 403 generates a connection authentication request based on the MAC address of the router 403 and the MAC address of the notebook computer 402, and transmits the connection authentication request to the first server 404. In fig. 4B, the first server 404 generates an authentication two-dimensional code using the MAC address of the router 403 and the MAC address of the notebook computer 402, and transmits the authentication two-dimensional code to the router 403; then, the router 403 forwards the authentication two-dimensional code to the notebook computer 402; then, the notebook computer 402 displays the authentication two-dimensional code 4022 and a prompt message "please use XXX scan"; then, the user 401 scans the authentication two-dimensional code 4022 displayed on the notebook computer 402 by using a Wi-Fi connection application on the Android mobile phone 405, analyzes the two-dimensional code to obtain two-dimensional code information, and sends the two-dimensional code information to the second server 406; then, the first server 404 receives the two-dimensional code information forwarded by the second server 406, matches the two-dimensional code information with the information of the authenticated two-dimensional code, determines that the two-dimensional code is successfully scanned, and returns a result of successful scanning. In fig. 4C, the Android phone 405 sends a release instruction to the second server 406; then, after receiving the release instruction forwarded by the server 406, the first server 404 sends the release instruction to the router 403, and changes the state of the two-dimensional authentication code into the state of successful authentication and returns the result of successful release after successful release; subsequently, the notebook computer 402 sends an inquiry request for inquiring the state of the authentication two-dimensional code to the router 403 at regular time; then, the router 403 forwards the query request to the first server 404 and obtains a query result, and sends a prompt message of successful authentication to the notebook computer 402 when the state of the two-dimensional code is successful authentication; finally, the notebook computer 402 displays the prompt message 4023 "web page can be browsed after successful authentication", and jumps to the page corresponding to the website "www.xx.com".

As can be seen from fig. 3, compared with the embodiment corresponding to fig. 2, the flow 300 of the connection authentication method of the wireless access point in the present embodiment highlights the steps of receiving the scan confirmation request and receiving the release instruction. Therefore, the scheme described in this embodiment can complete the authentication of the network access authority by scanning the authentication graphic code through the second terminal, thereby improving the convenience of the user terminal in accessing the internet.

With continuing reference to fig. 5, a flow 500 of another embodiment of a method of connection authentication applied to a wireless access point of a network access device in accordance with the present application is shown. The connection authentication method of the wireless access point may include the steps of:

step 501, in response to intercepting a network access request of a first terminal without network access right, determining whether the first terminal meets a trigger condition of connection authentication.

In this embodiment, the first terminal does not have network access rights, for example, cannot access internet resources. An executing body (e.g., the network access device 104 shown in fig. 1) of the connection authentication method may intercept a network access request (e.g., a web browsing request) submitted by a first terminal (e.g., the

first terminal

101, 102, 103 shown in fig. 1). If the network access request submitted by the first terminal is intercepted, whether the first terminal meets the triggering condition of the connection authentication can be determined.

In some optional implementations of this embodiment, step 501 may specifically include the following steps:

Then, based on the identification information of the first terminal, it may be determined whether the first terminal is a terminal capable of installing the target networking application. The target networking application may include, among other things, application programs developed for a particular system environment that authorize the use of open network services, such as Android and IOS versions of Wi-Fi connectivity applications.

Finally, in response to determining that the first terminal is unable to install the terminal of the target networking application, it may be determined that the first terminal satisfies a trigger condition for connection authentication. Here, the trigger condition of the connection authentication may include, but is not limited to: the target networking application cannot be installed.

Step 502, in response to determining that the first terminal satisfies the triggering condition of the connection authentication, sending a connection authentication request to the first server.

In this embodiment, the executing entity may send the connection authentication request to the first server (for example, the server 105 shown in fig. 1) when the first terminal satisfies the trigger condition of the connection authentication. The connection authentication request may include identification information of the first terminal and identification information of the network access device. The identification information of the first terminal may include a device identification of the first terminal, for example, a MAC address of the first terminal. The identification information of the network access device may include a device identification of the network access device, for example, a MAC address of the network access device.

Step 503, receiving the authentication graphic code returned by the first server.

In this embodiment, the execution body may receive an authentication graphic code returned by the first server. The authentication graphic code may be a graphic code generated by the first server based on the identification information of the first terminal and the identification information of the network access device. Here, the graphic code may include a graphic code obtained by encoding data (for example, identification information) to be stored according to a preset graphic encoding rule. By way of example, the graphical code may include, but is not limited to: bar codes, two-dimensional codes, three-dimensional codes, dynamic two-dimensional codes, three-dimensional codes or any other suitable graphic code that can be used to parse specific content. In this embodiment, the graphic code may be a two-dimensional code.

Step 504, the authentication graphic code is sent to the first terminal.

In this embodiment, the execution subject may transmit the authentication graphic code received in step 503 to the first terminal, so that the first terminal displays the authentication graphic code.

By displaying the authentication graphic code on the first terminal, the user terminal (e.g., Android phone or IOS phone) installed with the target networking application can be used to scan the authentication graphic code displayed on the first terminal, and thus connection authentication of network access can be performed. Therefore, the threshold of the first terminal for connection authentication is effectively reduced, and even under the condition that the first terminal does not support Portal authentication or cannot install target networking application, the user can access the network through the first terminal.

In some optional implementations of this embodiment, the method for authenticating a connection of a wireless access point may further include: firstly, responding to a received query request for querying the state of the authentication graphic code sent by a first terminal, and forwarding the query request to a first server; then, receiving a query result returned by the first server, where the query result may include a status code of the authentication graph code, and the status code of the authentication graph code may be used to indicate an authentication status of the authentication graph code, and the authentication status of the authentication graph code may include but is not limited to: not scanned, failed scan, failed, authenticated, failed authentication.

Optionally, the connection authentication method of the wireless access point may further include: in response to determining that the query result indicates that the authentication graphical code is not scanned, sending a prompt to the first terminal for prompting the user to scan the authentication graphical code using a second terminal installed with the target networking application (e.g., a prompt to "please scan the two-dimensional code using a WiFi passkey").

Optionally, the connection authentication method of the wireless access point may further include: and in response to determining that the query result indicates that the authentication graphic code has been scanned, sending prompt information to the first terminal for prompting the user to perform authentication confirmation on the terminal scanning the authentication graphic code.

Optionally, the connection authentication method of the wireless access point may further include: and sending prompt information for prompting the user to be capable of accessing the network to the first terminal in response to the fact that the query result indicates that the authentication of the authentication graphic code is successful.

Optionally, the connection authentication method of the wireless access point may further include: responding to the query result indicating that the authentication of the authentication graphic code is successful, and acquiring the page content of the network access request; and transmitting the acquired page content to the first terminal so that the first terminal displays the acquired page content.

Optionally, the connection authentication method of the wireless access point may further include: and sending prompt information for prompting the user to scan the authentication graphic code again to the first terminal in response to the fact that the query result indicates that the authentication graphic code fails to be scanned or the authentication graphic code fails to be authenticated.

Optionally, the connection authentication method of the wireless access point may further include: and sending prompt information for prompting the user to update the authentication graphic code and rescan the updated authentication graphic code to the first terminal in response to the fact that the query result indicates that the authentication graphic code is invalid.

In some optional implementations of this embodiment, the first server may be configured to: receiving a scan confirmation request of a second server (e.g., the server 106 shown in fig. 1), wherein the scan confirmation request can be sent by the second server in response to receiving graphic code information sent by a second terminal (e.g., the second terminal 107, 108 shown in fig. 1), the graphic code information can be obtained by the second terminal through scanning an authentication graphic code (e.g., an authentication graphic code displayed on the first terminal) and analyzing the authentication graphic code, and the scan confirmation request can comprise the graphic code information; matching the graphic code information with the information of the authentication graphic code to generate scanning feedback information, wherein the scanning feedback information is used for indicating whether the authentication graphic code is scanned or not; and returning the scanning feedback information to the second server.

Corresponding to this implementation, the connection authentication method of the wireless access point may further include step 505 and step 506.

In step 505, the execution main body may receive a connection release instruction sent by the first server, and set the first terminal to have network access right within a preset time range after receiving the connection release instruction. Wherein the connection release instruction may be transmitted by the first server in response to receiving a connection confirmation instruction received by the second server from the second terminal. The connection confirmation instruction may be sent by the second terminal to the second server in a case where the scan feedback information indicates that the authentication graphic code has been scanned. The connection confirmation instruction and the connection release instruction may be instructions for allowing the first terminal to access the network through the network access device.

Here, the connection confirmation command and the connection release command may be the same or different, as long as the connection confirmation command and the connection release command allow the first terminal to access the network, and the application is not limited thereto.

In step 506, the execution agent may return the setting result to the first server. Wherein the setting result can be used to indicate whether the first terminal is set to have the network access right within a preset time range.

In some optional implementation manners of this embodiment, the method for authenticating a connection of a wireless access point may further include: firstly, in response to receiving a graphic code update request of a first terminal, forwarding the graphic code update request to a first server, where the graphic code update request may include identification information of the first terminal and identification information of a network access device; then, receiving an updated authentication graph code returned by the first server, wherein the updated authentication graph code may be a graph code generated by the first server based on the identification information of the first terminal and the identification information of the network access device; and finally, sending the updated authentication graphic code to the first terminal so that the first terminal can display the updated authentication graphic code.

In the connection authentication method of the wireless access point provided in the above embodiment of the present application, a connection authentication request is sent to the first server when a network access request of the first terminal without network access permission is intercepted and the first terminal meets a trigger condition of connection authentication, then an authentication graph code is generated by receiving the identification information of the first terminal and the identification information of the network access device in the connection authentication request from the first server, and finally the authentication graph code is sent to the first terminal for display, so that connection authentication of network access can be provided for a terminal which cannot perform Portal authentication, and a threshold of connection authentication performed by a user terminal is reduced.

With further reference to fig. 6, a flow 600 of one embodiment of a method for connection authentication applied to a wireless access point of a first terminal in accordance with the present application is shown. The connection authentication method of the wireless access point may include the steps of:

step 601, sending a network access request to a network access device corresponding to the wireless access point.

In this embodiment, the first terminal does not have network access rights, for example, cannot access internet resources. The executing body of the connection authentication method (e.g., the

first terminal

101, 102, 103 shown in fig. 1) may send a network access request to a network access device (e.g., the network access device 104 shown in fig. 1). The network access request may include a request for accessing an internet resource, such as a web browsing request.

Here, the network access device may be configured to: in response to a network access request intercepted to a first terminal, determining whether the first terminal meets a triggering condition of connection authentication; in response to determining that the first terminal satisfies the trigger condition for connection authentication, a connection authentication request is sent to a first server (e.g., the server 105 shown in fig. 1), where the connection authentication request may include identification information of the first terminal and identification information of the network access device. The identification information of the first terminal may include a device identification of the first terminal, for example, a MAC address of the first terminal. The identification information of the network access device may include a device identification of the network access device, for example, a MAC address of the network access device.

It should be noted that, for a specific process of the network access device determining whether the first terminal meets the trigger condition of the connection authentication, reference may be made to specific description of the network access device determining whether the first terminal meets the trigger condition of the connection authentication in the embodiment of fig. 2, which is not described herein again.

Step 602, receiving an authentication graph code received by a network access device from a first server.

In this embodiment, the execution subject may receive an authentication graph code from the network access device. Wherein, the authentication graphic code may be received by the network access device from the first server. The authentication graphic code may be a graphic code generated by the first server based on the identification information of the first terminal and the identification information of the network access device.

Step 603, displaying the authentication graphic code.

In this embodiment, the execution body may display the authentication graphic code received in step 602, so that the user can perform scanning authentication.

By displaying the authentication graphic code on the first terminal, the user terminal (e.g., Android phone or IOS phone) installed with the target networking application can be used to scan the authentication graphic code displayed on the first terminal, and thus the authentication of the network authority can be accessed. Therefore, the threshold of the first terminal for connection authentication is effectively reduced, and even under the condition that the first terminal does not support Portal authentication or cannot install target networking application, the user can access the network through the first terminal.

In some optional implementations of this embodiment, the method for authenticating a connection of a wireless access point may further include step 604 and step 605.

In step 604, the executing entity may send a query request for querying the status of the authentication graph code to the network access device. Wherein the query request may be forwarded by the network access device to the first server.

In step 605, the executing entity may receive a prompt message returned by the network access device. Wherein the hint information may be determined by the network access device based on the query result received from the first server. The query result may include a status code of the authentication graphical code, which may be used to indicate an authentication status of the authentication graphical code, which may include but is not limited to: not scanned, failed scan, failed, authenticated, failed authentication.

Optionally, when the query result indicates that the authentication of the authentication graphic code is successful, the connection authentication method of the wireless access point may further include: firstly, receiving page content returned by the network access equipment, wherein the page content can be acquired by the network access equipment in response to a network access request of a first terminal; and finally, displaying the acquired page content.

In some optional implementation manners of this embodiment, the method for authenticating a connection of a wireless access point may further include: firstly, sending a graphic code updating request to a network access device, wherein the graphic code updating request can be forwarded to a first server by the network access device, and the graphic code updating request can comprise identification information of a first terminal and identification information of the network access device; then, receiving an updated authentication graph code received by the network access device from the first server, where the updated authentication graph code may be a graph code generated by the first server based on the identification information of the first terminal and the identification information of the network access device; and finally, displaying the updated authentication graphic code.

In the connection authentication method provided by the embodiment of the application, the first terminal sends the network access request to the network access device, then the network access device sends the connection authentication request to the first server and receives the authentication graph code generated by the first server based on the identification information of the first terminal and the identification information of the network access device in the connection authentication request when the first terminal meets the triggering condition of the connection authentication, and finally the first terminal receives the authentication graph code forwarded by the network access device and displays the authentication graph code, so that the network access connection authentication can be provided for the terminal which cannot perform Portal authentication, and the threshold of performing connection authentication by the user terminal is reduced.

With continued reference to fig. 7, a flow 700 of one embodiment of a method for connection authentication applied to a wireless access point of a second terminal in accordance with the present application is shown. The connection authentication method of the wireless access point may include the steps of:

step 701, scanning the authentication graphic code to obtain the graphic code information of the authentication graphic code.

In the present embodiment, the execution subject of the connection authentication method (e.g., the second terminal 107, 108 shown in fig. 1) may scan the authentication graphic code to acquire the graphic code information of the authentication graphic code. The authentication graphic code may be a graphic code for authenticating a network access right of a first terminal (e.g., the

first terminal

101, 102, 103 shown in fig. 1). Here, the graphic code may include a graphic code obtained by encoding data (for example, identification information) to be stored according to a preset graphic encoding rule. By way of example, the graphical code may include, but is not limited to: bar codes, two-dimensional codes, three-dimensional codes, dynamic two-dimensional codes, three-dimensional codes or any other suitable graphic code that can be used to parse specific content. In this embodiment, the graphic code may be a two-dimensional code.

Step 702, sending the graphical code information to a second server.

In this embodiment, the execution body may send the graphic code information obtained in step 701 to a second server (e.g., the server 106 shown in fig. 1). Here, the second server may be configured to: in response to receiving the graphical code information, sending a scan confirmation request to a first server (e.g., server 105 shown in fig. 1); and receiving scanning feedback information returned by the first server. Wherein the scan confirmation request may include the graphic code information.

In this embodiment, the first server may store an authentication graphic code. The scan feedback information may be generated by the first server based on a result of matching the graphical code information with stored information authenticating the graphical code.

The authentication graphic code can be generated by the first server through the following steps:

in a first step, a connection authentication request sent by a network access device (e.g., the network access device 104 shown in fig. 1) is received. The connection authentication request may be sent by the network access device when the network access device intercepts a network access request of a first terminal without network access permission and determines that the first terminal satisfies a trigger condition of connection authentication. The connection authentication request may include identification information of the first terminal and identification information of the network access device. The identification information of the first terminal may include a device identification of the first terminal, for example, a MAC address of the first terminal. The identification information of the network access device may include a device identification of the network access device, for example, a MAC address of the network access device.

And secondly, generating an authentication graphic code based on the identification information of the first terminal and the identification information of the network access equipment.

In some optional implementations of the embodiment, the authentication graphical code may be displayed on the first terminal. Wherein the authentication graphic code can be displayed on the first terminal by the following steps: the first server sends the authentication graphic code to the network access equipment; the network access equipment sends the authentication graphic code to the first terminal; the first terminal displays the authentication graphic code.

In some optional implementations of this embodiment, before step 702, the method for authenticating a connection of a wireless access point may further include: detecting whether the graphic code information is acquired by a target networking application; if the graphic code information is not acquired by the target networking application, determining whether the second terminal is provided with the target networking application; and if the second terminal is provided with the target networking application, starting the target networking application.

In some optional implementations of this embodiment, before step 702, the method for authenticating a connection of a wireless access point may further include: and if the target networking application is not installed on the second terminal, displaying prompt information for prompting the user to download the target networking application.

Here, the prompt may be a download page of the target networking application, or may be a prompt for guiding the user to enter a download interface of the target networking application (e.g., a prompt for "go to application market to download WiFi master key").

In some optional implementations of this embodiment, before step 702, the method for authenticating a connection of a wireless access point may further include: responding to the detected graphic code information and acquiring the graphic code information by the target networking application, and detecting the user login state of the target networking application; and displaying prompt information for prompting the user to log in response to the fact that the user login state of the target networking application is determined to be not logged in. The user login status may include logged in or logged out.

Since the identity information (e.g., a mobile phone number, etc.) of the user is generally required to be obtained in the connection authentication process, the login state of the user is detected, so that the relevant identity information of the user can be conveniently obtained (on the premise of informing the user).

And step 703, receiving the scanning feedback information returned by the second server.

In this embodiment, the execution subject may receive the scanning feedback information returned by the second server. Wherein, the scanning feedback information can be used to indicate whether the authentication graphic code is successfully scanned.

In some optional implementation manners of this embodiment, the method for authenticating a connection of a wireless access point may further include: and in response to determining that the scanning feedback information indicates that the scanning of the authentication graphic code fails, displaying prompt information for prompting the user to rescan the authentication graphic code (for example, prompt information of 'the server is slightly poor and does not scan successfully, and please rescan the authentication graphic code-').

In some optional implementation manners of this embodiment, the method for authenticating a connection of a wireless access point may further include: in response to determining that the scan feedback information indicates that the authentication graphical code has failed, a prompt is displayed for prompting the user to update the authentication graphical code via the first terminal (e.g., a prompt to "the graphical code has failed, please click on the graphical code to update and then scan again").

Step 704, in response to determining that the scan feedback information indicates that the authentication image code has been scanned, sending a connection confirmation instruction to the second server.

In this embodiment, the execution subject may send a connection confirmation instruction (also referred to as a release instruction) to the second server when the scan feedback information indicates that the authentication map code has been scanned. Wherein the connection confirmation instruction may be an instruction for allowing the first terminal to access the network through the network access device. Here, the second server may be configured to: forwarding the connection confirmation instruction to the first server; and receiving an instruction execution result returned by the first server. The first server may be configured to: in response to receiving the connection confirmation instruction, sending a connection release instruction to the network access equipment, wherein the connection release instruction is used for setting the first terminal to have a network access permission connection release instruction in a preset time period; and receiving a setting result returned by the network access equipment as an instruction execution result.

Step 705, receiving the instruction execution result returned by the second server.

In this embodiment, the execution subject may receive an instruction execution result returned by the second server.

Optionally, the connection authentication method of the wireless access point may further include: and in response to the fact that the instruction execution result indicates that the first terminal has the network access right, displaying prompt information for prompting the user to be capable of accessing the network by using the first terminal (for example, prompt information of 'successfully authenticated you can browse a webpage by using a computer').

Optionally, the connection authentication method of the wireless access point may further include: in response to determining that the instruction execution result indicates that the first terminal does not have the network access right, prompt information for prompting the user to rescan the authentication graphic code (for example, prompt information of "ask you for authentication again for authentication failure") is displayed.

According to the connection authentication method of the wireless access point, provided by the embodiment of the application, the graphic code information of the authentication graphic code is obtained through scanning, then the graphic code information is sent to the second server for scanning confirmation, and the scanning feedback information returned by the second server is received, so that the authentication of the access network authority of the second terminal can be realized, the terminal which cannot perform Portal authentication can obtain the network access authority, and the threshold of the user terminal for connection authentication is reduced.

With further reference to fig. 8, a flow 800 of one embodiment of a method for connection authentication of a wireless access point applied to a second server in accordance with the present application is illustrated. The connection authentication method of the wireless access point may include the steps of:

step 801, in response to receiving the graphic code information sent by the second terminal, sending a scan confirmation request to the first server.

In this embodiment, an execution subject of the connection authentication method of the wireless access point (e.g., the server 106 shown in fig. 1) may send a scan confirmation request to the first server (e.g., the first server 105 shown in fig. 1) after receiving the graphic code information sent by the second terminal (e.g., the second terminals 107 and 108 shown in fig. 1). The graphic code information may be obtained by the second terminal by scanning and analyzing the authentication graphic code. The authentication graphic code may be a graphic code for authenticating a network access authority of a first terminal (e.g., the

first terminal

101, 102, 103 shown in fig. 1). The scan confirmation request may include the graphic code information.

Here, the graphic code may include a graphic code obtained by encoding data (for example, identification information) to be stored according to a preset graphic encoding rule. By way of example, the graphical code may include, but is not limited to: bar codes, two-dimensional codes, three-dimensional codes, dynamic two-dimensional codes, three-dimensional codes or any other suitable graphic code that can be used to parse specific content. In this embodiment, the graphic code may be a two-dimensional code.

Step 802, receiving the scanning feedback information returned by the first server and returning the scanning feedback information to the second terminal.

In this embodiment, the execution main body may receive the scanning feedback information returned by the first server, and return the scanning feedback information to the second terminal. The first server may store an authentication graphic code. The scan feedback information may be generated by the first server based on a result of matching the graphic code information with the information authenticating the graphic code. The scan feedback information is used to indicate whether the authentication graphic code has been scanned.

In this embodiment, the authentication graphic code may be generated by the first server through the following steps:

Step 803, in response to receiving the connection confirmation instruction sent by the second terminal, forwarding the connection confirmation instruction to the first server.

In this embodiment, the execution main body may forward the connection confirmation instruction to the first server in response to receiving the access network connection confirmation instruction sent by the second terminal. Wherein the connection confirmation instruction may be transmitted by the second terminal in response to determining that the scanning feedback information indicates that the authentication graphical code has been scanned. The connection confirmation instruction may be for allowing the first terminal to access the network through the network access device.

And step 804, receiving the instruction execution result returned by the first server, and returning the instruction execution result to the second terminal.

In this embodiment, the execution main body may receive an instruction execution result returned by the first server, and return the instruction execution result to the second terminal. Here, the first server may be configured to: in response to receiving the connection confirmation instruction, sending a connection release instruction to the network access equipment, wherein the connection release instruction is used for setting the first terminal to have a network access permission connection release instruction in a preset time period; and receiving a setting result returned by the network access equipment as an instruction execution result.

In some optional implementations of this embodiment, the second terminal may be configured to: detecting whether the graphic code information is acquired by a target networking application; if the graphic code information is not acquired by the target networking application, determining whether the second terminal is provided with the target networking application; and if the second terminal is provided with the target networking application, starting the target networking application.

Optionally, the second terminal may be further configured to: and if the target networking application is not installed on the second terminal, displaying prompt information for prompting the user to download the target networking application.

Optionally, the second terminal may be further configured to: responding to the detected graphic code information and acquiring the graphic code information by the target networking application, and detecting the user login state of the target networking application; and displaying prompt information for prompting the user to log in response to the fact that the user login state of the target networking application is determined to be not logged in. The user login status may include logged in or logged out.

In the connection authentication method of the wireless access point provided by the embodiment of the application, the scanning confirmation request is sent to the first server after the graphic code information sent by the second terminal is received, and then the scanning feedback information returned by the first server is received and returned to the second terminal, so that the connection authentication of network access can be performed through the second terminal, so that the terminal incapable of performing Portal authentication can obtain the network access permission, and the threshold of the user terminal for performing connection authentication is reduced.

With further reference to fig. 9, illustrated is a timing diagram 900 of one embodiment of a method of connection authentication of a wireless access point according to the present application. The connection authentication method of the wireless access point may include the steps of:

in step 901, a first terminal (e.g.,

first terminal

101, 102, 103 shown in fig. 1) may send a network access request to a network access device (e.g., network access device 104 shown in fig. 1) corresponding to a wireless access point. Wherein the first terminal does not have the network access right, and the network access request may include a request for accessing an internet resource. Such as a web browsing request to browse a web page, etc.

In step 902, the network access device may intercept a network access request of the first terminal, and determine whether the first terminal satisfies a trigger condition of connection authentication after intercepting the network access request.

In some optional implementations of this embodiment, step 902 may specifically include the following steps:

first, identification information of a first terminal is acquired. Here, the identification information of the first terminal may include, but is not limited to: the type and version of the operating system of the first terminal, the type and version of the browser, the rendering engine of the browser, the language of the browser, the plug-in of the browser, etc. As an example, the browser identification information of the first terminal may be UA (User Agent) information of a browser of the first terminal.

In the second step, based on the identification information of the first terminal, it may be determined whether the first terminal is a terminal capable of installing the target networking application. The target networking application may include, among other things, application programs developed for a particular system environment that authorize the use of open network services, such as Android and IOS versions of Wi-Fi connectivity applications.

Third, in response to determining that the first terminal cannot install the terminal of the target networking application, it may be determined that the first terminal satisfies a trigger condition for connection authentication. Here, the trigger condition of the connection authentication may include, but is not limited to: the target networking application cannot be installed.

In step 903, the network access device may send a connection authentication request to a first server (e.g., the server 105 shown in fig. 1) if the first terminal satisfies a trigger condition for connection authentication. The connection authentication request may include identification information of the first terminal and identification information of the network access device. The identification information of the first terminal may include a device identification of the first terminal, for example, a MAC address of the first terminal. The identification information of the network access device may include a device identification of the network access device, for example, a MAC address of the network access device.

In step 904, the first server may generate an authentication graphic code using the identification information of the first terminal and the identification information of the network access device in the connection authentication request. Here, the graphic code may include a graphic code obtained by encoding data (for example, identification information) to be stored according to a preset graphic encoding rule. By way of example, the graphical code may include, but is not limited to: bar codes, two-dimensional codes, three-dimensional codes, dynamic two-dimensional codes, three-dimensional codes or any other suitable graphic code that can be used to parse specific content. In this embodiment, the graphic code may be a two-dimensional code.

In step 905, the first server may transmit the authentication graph code generated in step 904 to the network access device.

In step 906, the network access device may forward the authentication graphical code received in step 905 to the first terminal.

In step 907, the first terminal may display an authentication graphical code.

In some optional implementations of this embodiment, the method for authenticating a connection of a wireless access point may further include steps 908 to 923.

In step 908, the second terminal (e.g., the second terminal 107, 108 shown in fig. 1) may scan the authentication graphic code to obtain the graphic code information of the authentication graphic code. The authentication graphic code may be a graphic code for authenticating a network access right of the first terminal.

In step 909, the second terminal may transmit the graphic code information acquired in step 908 to a second server (e.g., the server 106 shown in fig. 1).

Optionally, before step 909, the method for authenticating connection of the wireless access point may further include: the second terminal may detect whether the graphical code information is obtained by the target networking application; if the graphic code information is not acquired by the target networking application, the second terminal may determine whether the second terminal is installed with the target networking application; if the second terminal is installed with the target networking application, the second terminal may start the target networking application.

Optionally, before step 909, the method for authenticating connection of the wireless access point may further include: if the second terminal does not have the target networking application installed, the second terminal may display a prompt for prompting the user to download the target networking application. Here, the prompt may be a download page of the target networking application, or may be a prompt for guiding the user to enter a download interface of the target networking application (e.g., a prompt for "go to application market to download WiFi master key").

Optionally, before step 909, the method for authenticating connection of the wireless access point may further include: in response to detecting that the graphic code information is acquired by the target networking application, the second terminal may also detect a user login state of the target networking application; if the user login state of the target networking application is not logged in, the second terminal can display prompt information for prompting the user to log in. The user login status may include logged in or logged out.

In step 910, the second server may send a scan confirmation request to the first server after receiving the graphic code information sent by the second terminal. The scan confirmation request may include the above-mentioned graphic code information.

In step 911, the first server may compare the graphic code information in the scan confirmation request with the information of the authentication graphic code to determine whether the graphic code information in the scan confirmation request matches the information of the authentication graphic code, and generate scan feedback information to be returned to the second server based on the matching result. Wherein, the scanning feedback information can be used to indicate whether the authentication graphic code is successfully scanned.

Optionally, the connection authentication method of the wireless access point may further include: if the graphic code information in the scan validation request matches the authentication graphic code information, the first server may assign a status code of the authentication graphic code to a parameter value (e.g., 1) indicating that the authentication graphic code has been scanned.

Here, the status code of the authentication graphic code may be used to characterize the authentication status of the authentication graphic code. The authentication status of the authentication graphic code may include, but is not limited to: not scanned, failed scan, failed, authenticated, failed authentication. A status code of the authentication graphic code may be stored in the first server, and an initial value of the status code of the authentication graphic code may be a parameter value (e.g., 0) indicating that the authentication graphic code is not scanned. For example, the parameter values may be preset (or initialized) after the authentication graphic code is generated as the authentication graphic code is not scanned.

Optionally, the connection authentication method of the wireless access point may further include: if the information of the graphic code does not match the information of the authentication graphic code, the first server may assign a status code of the authentication graphic code to a parameter value (e.g., 3) indicating that the scanning of the authentication graphic code fails.

Optionally, the graphical code information may include a time stamp, and the authentication graphical code may have an expiration date (e.g., 5 minutes). The connection authentication method of the wireless access point may further include: if the time corresponding to the time stamp of the graphic code information exceeds the validity period of the authentication graphic code, the first server may assign a status code of the authentication graphic code to a parameter value (e.g., 5) indicating that the authentication graphic code has failed.

In step 912, the second server may return the scanning feedback information to the second terminal, so that the second terminal displays corresponding prompt information according to the scanning feedback information.

Optionally, the connection authentication method of the wireless access point may further include: if the scanning feedback information indicates that the scanning of the authentication graphic code fails, the second terminal may display a prompt message for prompting the user to scan the authentication graphic code again (for example, a prompt message that "the server is out of tolerance and does not scan the authentication graphic code successfully, please scan the two-dimensional code again").

Optionally, the connection authentication method of the wireless access point may further include: if the scanning feedback information indicates that the authentication graphical code is invalid, the second terminal may display a prompt message for prompting the user to update the authentication graphical code through the first terminal (for example, a prompt message that "the two-dimensional code is invalid, please click the two-dimensional code and then scan again after updating").

In step 913, the second terminal may send a connection confirmation instruction (which may also be referred to as a release instruction) to the second server in case the scanning feedback information indicates that the authentication graphic code has been scanned. Wherein the connection confirmation instruction may be an instruction for allowing the first terminal to access the network through the network access device.

In step 914, the second server may forward the connection confirmation instruction to the first server after receiving the connection confirmation instruction sent by the second terminal.

In step 915, the first server may send a connection release instruction to the network access device after receiving the connection confirmation instruction forwarded by the second server. Wherein the connection release instruction may be an instruction for allowing the first terminal to access the network through the network access device.

In step 916, after receiving the connection release instruction sent by the first server, the network access device may set the first terminal to have network access right within a preset time range (e.g., within 24 hours, within 1 week, etc.), and then return the setting result to the first server as an execution result. Wherein, the execution result can be used to indicate whether the first terminal is set to have the network access right within the preset time range.

In step 917, the first server may return the execution result to the second server.

Optionally, the connection authentication method of the wireless access point may further include: if the execution result (e.g., "set successfully") indicates that the first terminal has the network access right, the first server may assign a status code of the authentication graphic code to a parameter value (e.g., 2) indicating that the authentication of the authentication graphic code is successful.

Optionally, the connection authentication method of the wireless access point may further include: if the execution result (e.g., "setting failed") indicates that the first terminal does not have the network access right, the first server may assign a status code of the authentication graphic code to a parameter value (e.g., 4) indicating that the authentication of the authentication graphic code failed.

In step 918, the second terminal may receive the execution result forwarded by the second server.

Optionally, the connection authentication method of the wireless access point may further include: if the execution result indicates that the first terminal has the network access right, the second terminal may display a prompt message for prompting the user to be able to access the network using the first terminal (e.g., a prompt message that "you can browse a webpage using a computer after successful authentication").

Optionally, the connection authentication method of the wireless access point may further include: if the instruction execution result indicates that the first terminal does not have the network access right, the second terminal may display a prompt message for prompting the user to rescan the authentication graphic code (for example, a prompt message of "ask you to perform authentication again after authentication failure").

In step 919, the first terminal may periodically send a query request for querying the status of the authentication graphic code to the network access device.

In step 920, the network access device may forward the query request of step 919 to the first server.

In step 921, the network access device may obtain a query result returned by the first server. Wherein, the inquiry result can comprise a status code of the authentication graphic code.

In step 922, the network access device may send corresponding prompt information to the first terminal according to the query result.

Optionally, step 922 may specifically include: if the query result indicates that the authentication graphical code is not scanned, the network access device may send, to the first terminal, prompt information for prompting the user to scan the authentication graphical code using the second terminal installed with the target networking application.

Optionally, step 922 may specifically include: if the query result indicates that the authentication graphic code is scanned, the network access device may send, to the first terminal, prompt information for prompting the user to perform authentication confirmation on the terminal that scans the authentication graphic code.

Optionally, step 922 may specifically include: if the query result indicates that the authentication of the authentication graphic code is successful, the network access device may send, to the first terminal, a prompt message for prompting the user that the user can access the network.

Optionally, step 922 may specifically include: if the query result indicates that the authentication of the authentication graphic code is successful, the network access device may acquire the page content requested by the network access request and send the acquired page content to the first terminal, so that the first terminal displays the acquired page content.

Optionally, step 922 may specifically include: if the query result indicates that the authentication graphic code scanning fails or the authentication graphic code authentication fails, the network access device may send, to the first terminal, prompt information for prompting the user to scan the authentication graphic code again.

Optionally, step 922 may specifically include: if the query result indicates that the authentication graph code is invalid, the network access device may send, to the first terminal, prompt information for prompting the user to update the authentication graph code and rescan the updated authentication graph code.

In step 923, the first terminal may display a prompt message sent by the network access device.

Optionally, the first terminal may further display the page content acquired by the network access device.

Optionally, the connection authentication method of the wireless access point may further include:

first, a first terminal may send a graphic code update request to a network access device, where the graphic code update request may include identification information of the first terminal and identification information of the network access device; then, the first server may receive a graphic code update request forwarded by the network access device, generate an updated graphic code based on the identification information of the first terminal and the identification information of the network access device, and send the updated authentication graphic code to the network access device; finally, the first terminal may receive the updated authentication graph code forwarded by the network access device and display the updated authentication graph code.

In the connection authentication method of the wireless access point provided in the above embodiment of the present application, the network access device intercepts the network access request of the first terminal without the network access right and sends the connection authentication request to the first server when the first terminal meets the trigger condition of the connection authentication, then the first server generates the authentication graph code based on the identification information of the first terminal and the identification information of the network access device in the connection authentication request and sends the authentication graph code to the network access device, and finally the first terminal receives and displays the authentication graph code, so that the connection authentication of the network access can be provided for the terminal which cannot perform the Portal authentication, and the threshold of the user terminal for performing the connection authentication is reduced.

With further reference to fig. 10, illustrated is a timing diagram 1000 of another embodiment of a method of connection authentication of a wireless access point according to the present application. The connection authentication method of the wireless access point may include the steps of:

in step 1001, a second terminal (e.g., the second terminal 107, 108 shown in fig. 1) may scan the authentication graphic code to acquire graphic code information of the authentication graphic code. The authentication graphic code may be a graphic code for authenticating a network access right of the first terminal. Here, the graphic code may include a graphic code obtained by encoding data (for example, identification information) to be stored according to a preset graphic encoding rule. By way of example, the graphical code may include, but is not limited to: bar codes, two-dimensional codes, three-dimensional codes, dynamic two-dimensional codes, three-dimensional codes or any other suitable graphic code that can be used to parse specific content. In this embodiment, the graphic code may be a two-dimensional code.

In step 1002, the second terminal may transmit the graphic code information acquired in step 1001 to a second server (e.g., the server 106 shown in fig. 1).

In step 1003, the second server may send a scan confirmation request to the first server after receiving the graphic code information sent by the second terminal. The scan confirmation request may include the above-mentioned graphic code information.

In step 1004, the first server may compare the graphic code information in the scan validation request with the information of the authentication graphic code to determine whether the graphic code information in the scan validation request matches the information of the authentication graphic code, and generate scan feedback information to return to the second server based on the matching result. Wherein, the scanning feedback information can be used to indicate whether the authentication graphic code is successfully scanned.

In step 1005, the second server may return the scanning feedback information to the second terminal, so that the second terminal displays corresponding prompt information according to the scanning feedback information.

In step 1006, the second terminal may send a connection confirmation instruction (which may also be referred to as a release instruction) to the second server in case the scanning feedback information indicates that the authentication graphic code has been scanned. Wherein the connection confirmation instruction may be an instruction for allowing the first terminal to access the network through the network access device.

In step 1007, the second server may forward the connection confirmation instruction to the first server after receiving the connection confirmation instruction sent by the second terminal.

In step 1008, the first server may send a connection release instruction to the network access device after receiving the connection confirmation instruction forwarded by the second server. Wherein the connection release instruction may be an instruction for allowing the first terminal to access the network through the network access device.

In step 1009, the network access device may set, after receiving the connection release instruction sent by the first server, the first terminal to have the network access right within a preset time range (for example, within 24 hours, within 1 week, and the like), and then return the setting result to the first server as the execution result. Wherein, the execution result can be used to indicate whether the first terminal is set to have the network access right within the preset time range.

In step 1010, the first server may return the execution result to the second server.

In step 1011, the second terminal may receive the execution result forwarded by the second server.

In the connection authentication method of the wireless access point provided by the embodiment of the application, the second terminal scans the authentication graphic code to obtain the graphic code information and forwards the graphic code information to the first server through the second server, and then the second terminal receives the returned scanning feedback information and sends the release instruction for allowing the first terminal to access the network under the condition that the scanning feedback information indicates that the authentication two-dimensional code is scanned, so that the connection authentication of network access can be provided for the terminal which cannot perform Portal authentication, and the threshold of the user terminal for performing connection authentication is reduced.

With continuing reference to fig. 11, as an implementation of the methods shown in fig. 2 and fig. 3, the present application provides an embodiment of a connection authentication apparatus for a wireless access point, where the embodiment of the apparatus corresponds to the embodiment of the method shown in fig. 2, and the apparatus may be specifically applied to a first server.

As shown in fig. 11, the connection authentication apparatus 1100 of the present embodiment may include a request receiving unit 1101, a graphic code generating unit 1102, and a graphic code transmitting unit 1103. The request receiving unit 1101 is configured to receive a connection authentication request sent by a network access device corresponding to a wireless access point, where the connection authentication request includes identification information of a first terminal and identification information of the network access device; the graphic code generating unit 1102 is configured to generate an authentication graphic code based on the identification information of the first terminal and the identification information of the network access device; and the graphic code transmitting unit 1103 is configured to transmit the authentication graphic code to the network access device.

In this embodiment, the processing procedure and the implementation effect of the request receiving unit 1101, the graphic code generating unit 1102 and the graphic code sending unit 1103 may refer to the description of the corresponding steps in the method embodiment shown in fig. 2, and are not described herein again.

Referring now to fig. 12, a block diagram of a computer system 1200 suitable for use in implementing network devices (e.g., the

first terminals

101, 102, 103, the second terminals 107, 108, the network access device 104, and the

servers

105, 106 shown in fig. 1) according to embodiments of the present application is shown. The network device shown in fig. 12 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present application.

As shown in fig. 12, the computer system 1200 includes one or more Central Processing Units (CPUs) 1201, which can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM)1202 or a program loaded from a storage section 1208 into a Random Access Memory (RAM) 1203. In the RAM 1203, various programs and data necessary for the operation of the system 1200 are also stored. The CPU 1201, ROM 1202, and RAM 1203 are connected to each other by a bus 1204. An input/output (I/O) interface 1205 is also connected to bus 1204.

The following components are connected to the I/O interface 1205: an input section 1206 including a camera, a keyboard, a mouse, and the like; an output portion 1207 including a display device such as an Organic Light Emitting Diode (OLED) display, a Liquid Crystal Display (LCD), and a speaker; a storage section 1208 including a hard disk and the like; and a communication section 1209 including a network interface card such as a LAN card, a modem, or the like. The communication section 1209 performs communication processing via a network such as the internet. A driver 1210 is also connected to the I/O interface 1205 as needed. A removable medium 1211, such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like, is mounted on the drive 1210 as necessary, so that a computer program read out therefrom is mounted into the storage section 1208 as necessary.

In particular, according to an embodiment of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 1209, and/or installed from the removable medium 1211. The computer program, when executed by a Central Processing Unit (CPU)1201, performs the above-described functions defined in the methods of the present application.

It should be noted that the computer readable medium described herein can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In this application, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.

Computer program code for carrying out operations for aspects of the present application may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).

The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.

The units described in the embodiments of the present application may be implemented by software or hardware. The described units may also be provided in a processor, and may be described as: a processor includes a request receiving unit, a graphic code generating unit, and a graphic code transmitting unit. The names of these units do not in some cases constitute a limitation on the unit itself, and for example, the request receiving unit may also be described as a "unit that receives a connection authentication request sent by the network access device".

As another aspect, the present application also provides a computer-readable medium, which may be included in the first terminal, the second terminal, the network access device, the first server or the second server described in the above embodiments; or may exist separately and not be incorporated into the first terminal, the second terminal, the network access device, the first server, or the second server. The computer readable medium carries one or more programs which, when executed by the first server, cause the first server to: receiving a connection authentication request sent by network access equipment corresponding to a wireless access point, wherein the connection authentication request comprises identification information of a first terminal and identification information of the network access equipment; generating an authentication graphic code based on the identification information of the first terminal and the identification information of the network access equipment; and sending the authentication graphic code to the network access equipment. The one or more programs, when executed by the network access device, cause the network access device to: in response to a network access request intercepted to a first terminal without network access authority, determining whether the first terminal meets a triggering condition of connection authentication; in response to the fact that the first terminal meets the triggering condition of the connection authentication, sending a connection authentication request to the first server, wherein the connection authentication request comprises identification information of the first terminal and identification information of the network access equipment; receiving an authentication graphic code returned by the first server, wherein the authentication graphic code is a graphic code generated by the first server based on the identification information of the first terminal and the identification information of the network access equipment; and transmitting the authentication graphic code to the first terminal. The one or more programs, when executed by the first terminal, cause the first terminal to: sending a network access request to a network access device, wherein the network access device is configured to: in response to a network access request intercepted to a first terminal without network access authority, determining whether the first terminal meets a triggering condition of connection authentication; in response to the fact that the first terminal meets the triggering condition of the connection authentication, sending a connection authentication request to the first server, wherein the connection authentication request comprises identification information of the first terminal and identification information of the network access equipment; receiving an authentication graphic code received by the network access equipment from a first server, wherein the authentication graphic code is a graphic code generated by the first server based on the identification information of the first terminal and the identification information of the network access equipment; and displaying the authentication graphic code. The one or more programs, when executed by the second terminal, cause the second terminal to: scanning the authentication graphic code to obtain graphic code information of the authentication graphic code; sending the graphic code information to a second server; receiving scanning feedback information returned by the second server, wherein the scanning feedback information is used for indicating whether an authentication graphic code is scanned or not, and the authentication graphic code is a graphic code generated by the first server based on the identification information of the first terminal and the identification information of the network access equipment; in response to determining that the scanning feedback information indicates that the authentication graphic code has been scanned, sending a connection confirmation instruction to the second server, the connection confirmation instruction being for allowing the first terminal to access the network through the network access device; and receiving an instruction execution result returned by the second server. The one or more programs, when executed by the second server, cause the second server to: sending a scanning confirmation request to the first server in response to receiving the graphic code information sent by the second terminal, wherein the scanning confirmation request comprises the graphic code information; receiving scanning feedback information returned by the first server and returning the scanning feedback information to the second terminal, wherein the scanning feedback information is used for indicating whether an authentication graphic code is scanned or not, and the authentication graphic code is a graphic code generated by the first server based on identification information of the first terminal and identification information of network access equipment; responding to a connection confirmation instruction sent by the second terminal, and forwarding the connection confirmation instruction to the first server, wherein the connection confirmation instruction is used for allowing the first terminal to access the network through the network access equipment; and receiving an instruction execution result returned by the first server, and returning the instruction execution result to the second terminal.

The above description is only a preferred embodiment of the application and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention herein disclosed is not limited to the particular combination of features described above, but also encompasses other arrangements formed by any combination of the above features or their equivalents without departing from the spirit of the invention. For example, the above features may be replaced with (but not limited to) features having similar functions disclosed in the present application.

Claims

1. A connection authentication method of a wireless access point is applied to a first server, and the method comprises the following steps:

receiving a connection authentication request sent by a network access device corresponding to a wireless access point after intercepting a network access request of a first terminal without network access authority and determining that the first terminal meets a trigger condition of connection authentication, wherein the connection authentication request comprises identification information of the first terminal and identification information of the network access device, and the trigger condition is that the first terminal cannot install a target networking application for authorizing to use an open network service;

generating an authentication graphic code based on the identification information of the first terminal and the identification information of the network access equipment;

and sending the authentication graphic code to the first terminal through the network access equipment, wherein the authentication graphic code is used for being scanned by a second terminal provided with the target networking application, and the scanning state of the authentication graphic code is used for generating a connection confirmation instruction, wherein the scanning state comprises the scanned state, and the connection confirmation instruction is used for enabling the first terminal to have the network access authority.

2. The method of claim 1, wherein the method further comprises:

receiving a query request sent by the network access equipment;

inquiring the state of the authentication graphic code to obtain an inquiry result, wherein the inquiry result comprises the state code of the authentication graphic code, and the state code of the authentication graphic code is used for indicating the authentication state of the authentication graphic code;

and sending the query result to the network access equipment.

3. The method of claim 2, wherein the status code of the authentication graphical code includes a parameter value indicating that the authentication graphical code has not been scanned; and

the method further comprises the following steps:

receiving a scanning confirmation request sent by a second server, wherein the scanning confirmation request comprises graphic code information;

in response to determining that the graphical code information matches the authentication graphical code information, assigning a status code of the authentication graphical code to a parameter value indicating that the authentication graphical code has been scanned.

4. The method of claim 3, wherein the graphical code information includes a timestamp, the authentication graphical code having a validity period; and

the method further comprises the following steps:

and in response to determining that the time corresponding to the time stamp of the graphic code information exceeds the validity period of the authentication graphic code, assigning the status code of the authentication graphic code to a parameter value indicating that the authentication graphic code has failed.

5. The method of claim 3, wherein the method further comprises:

in response to receiving a connection confirmation instruction sent by the second server, sending a connection release instruction to the network access device, wherein the connection release instruction is used for allowing the first terminal to access a network through the network access device, and the connection confirmation instruction is an instruction received by the second server based on the scanned parameter value of the authentication graph code;

and receiving an execution result returned by the network access equipment.

6. The method of claim 5, wherein the method further comprises:

and in response to the fact that the execution result indicates that the first terminal has the network access right, endowing the state code of the authentication graphic code with a parameter value indicating that the authentication of the authentication graphic code is successful.

7. The method of claim 5, wherein the method further comprises:

and in response to the fact that the execution result indicates that the first terminal does not have the network access right, endowing the state code of the authentication graphic code with a parameter value indicating authentication failure of the authentication graphic code.

8. The method of claim 1, wherein the method further comprises:

receiving a graphic code updating request sent by the network access equipment, wherein the graphic code updating request comprises identification information of the first terminal and identification information of the network access equipment;

generating an updated graphic code based on the identification information of the first terminal and the identification information of the network access equipment;

and sending the updated authentication graphic code to the network access equipment.

9. A connection authentication method of a wireless access point is applied to network access equipment corresponding to the wireless access point, and the method comprises the following steps:

in response to a network access request intercepted to a first terminal without network access authority, determining whether the first terminal meets a trigger condition of connection authentication, wherein the trigger condition is that the first terminal cannot install a target networking application for authorizing to use an open network service;

responding to the first terminal meeting a triggering condition of connection authentication, and sending a connection authentication request to a first server, wherein the connection authentication request comprises identification information of the first terminal and identification information of the network access equipment;

receiving an authentication graphic code returned by the first server, wherein the authentication graphic code is a graphic code generated by the first server based on the identification information of the first terminal and the identification information of the network access equipment;

sending the authentication graphic code to the first terminal, wherein the authentication graphic code is used for being scanned by a second terminal installed with the target networking application, and the scanning state of the authentication graphic code is used for generating a connection confirmation instruction, wherein the scanning state comprises the scanned state, and the connection confirmation instruction is used for enabling the first terminal to have the network access authority.

10. The method of claim 9, wherein the method further comprises:

responding to a received query request which is sent by the first terminal and used for querying the state of the authentication graphic code, and forwarding the query request to the first server;

and receiving a query result returned by the first server, wherein the query result comprises a status code of the authentication graphic code, and the status code of the authentication graphic code is used for indicating the authentication status of the authentication graphic code.

11. The method of claim 9, wherein the method further comprises:

setting the first terminal to have network access authority within a preset time range in response to receiving a connection release instruction sent by the first server, wherein the connection release instruction is used for allowing the first terminal to access a network through the network access device, and the connection release instruction is an instruction sent by the first server after receiving the connection confirmation instruction;

and returning a setting result to the first server.

12. The method of claim 10, wherein the method further comprises:

responding to the query result to indicate that the authentication of the authentication graphic code is successful, and acquiring the page content of the network access request;

and sending the acquired page content to the first terminal.

13. The method of claim 9, wherein the determining whether the first terminal satisfies a trigger condition for connection authentication comprises:

acquiring identification information of the first terminal;

determining whether the first terminal is a terminal capable of installing a target networking application based on the identification information of the first terminal;

and in response to determining that the first terminal cannot install a terminal of the target networking application, determining that the first terminal meets a trigger condition for connection authentication.

14. The method of claim 9, wherein the method further comprises:

in response to receiving a graphic code update request of the first terminal, forwarding the graphic code update request to the first server, where the graphic code update request includes identification information of the first terminal and identification information of the network access device;

receiving an updated authentication graph code returned by the first server, wherein the updated authentication graph code is a graph code generated by the first server based on the identification information of the first terminal and the identification information of the network access equipment;

and sending the updated authentication graphic code to the first terminal.

15. A connection authentication method is applied to a first terminal without network access authority, and comprises the following steps:

transmitting a network access request to a network access device, wherein the network access device is configured to: in response to intercepting the network access request, determining whether the first terminal meets a trigger condition of connection authentication; in response to determining that the first terminal meets a triggering condition of connection authentication, sending a connection authentication request to a first server, where the connection authentication request includes identification information of the first terminal and identification information of the network access device, and the triggering condition is that the first terminal cannot install a target networking application for authorizing to use an open network service;

receiving an authentication graphic code sent by the network access device, wherein the authentication graphic code is a graphic code generated by the first server based on the identification information of the first terminal and the identification information of the network access device, the authentication graphic code is used for being scanned by a second terminal installed with the target networking application, and the scanning state of the authentication graphic code is used for generating a connection confirmation instruction, wherein the scanning state comprises scanned state, and the connection confirmation instruction is used for enabling the first terminal to have the network access right;

and displaying the authentication graphic code.

16. The method of claim 15, wherein the method further comprises:

sending an inquiry request for inquiring the state of the authentication graphic code to the network access equipment;

and receiving prompt information returned by the network access equipment, wherein the prompt information is determined by the network access equipment based on a query result received from the first server, and the query result comprises a status code of the authentication graph code, and the status code of the authentication graph code is used for indicating the authentication status of the authentication graph code.

17. The method of claim 16, wherein the method further comprises:

receiving page content of the network access request returned by the network access equipment;

and displaying the acquired page content.

18. The method of claim 15, wherein the method further comprises:

sending a graphic code updating request to the network access equipment, wherein the graphic code updating request comprises the identification information of the first terminal and the identification information of the network access equipment;

receiving an updated authentication graph code returned by the network access equipment, wherein the updated authentication graph code is a graph code generated by the first server based on the identification information of the first terminal and the identification information of the network access equipment;

and displaying the updated authentication graphic code.

19. A connection authentication method is applied to a second terminal, and comprises the following steps:

scanning an authentication graphic code to obtain graphic code information of the authentication graphic code;

sending the graphic code information to a second server;

receiving scanning feedback information returned by the second server, wherein the scanning feedback information is used for indicating whether an authentication graphic code is scanned or not, and the authentication graphic code is a graphic code generated by the first server based on the identification information of the first terminal and the identification information of the network access equipment;

in response to determining that the scanning feedback information indicates that the authentication graphic code has been scanned, sending a connection confirmation instruction to the second server, where the connection confirmation instruction is used to allow the first terminal to access a network through the network access device;

and receiving an instruction execution result returned by the second server for executing the connection confirmation instruction.

20. The method of claim 19, wherein the method further comprises:

and in response to the fact that the instruction execution result indicates that the first terminal has the network access authority, displaying prompt information for prompting a user to be capable of accessing the network by using the first terminal.

21. The method of claim 19, wherein the method further comprises:

and displaying prompt information for prompting the user to scan the authentication graphic code again in response to the fact that the instruction execution result indicates that the first terminal does not have the network access authority.

22. The method of claim 19, wherein the method further comprises:

and in response to determining that the scanning feedback information indicates that the authentication graphic code is invalid, displaying prompt information for prompting a user to update the authentication graphic code through the first terminal.

23. The method of claim 19, wherein prior to transmitting the graphic code information to the second server, the method further comprises:

detecting whether the graphic code information is acquired by a target networking application;

determining whether the second terminal is installed with the target networking application in response to detecting that the graphic code information is not acquired by the target networking application;

and responding to the determination that the second terminal is provided with the target networking application, and starting the target networking application.

24. The method of claim 23, wherein the method further comprises:

and displaying prompt information for prompting a user to download the target networking application in response to determining that the target networking application is not installed on the second terminal.

25. The method of claim 23, wherein prior to transmitting the graphic code information to the second server, the method further comprises:

responding to the detection that the graphic code information is acquired by the target networking application, and detecting the user login state of the target networking application;

and displaying prompt information for prompting the user to log in response to the fact that the user login state of the target networking application is determined to be not logged in.

26. A connection authentication method of a wireless access point is applied to a second server, and the method comprises the following steps:

sending a scanning confirmation request to a first server in response to receiving graphic code information sent by a second terminal, wherein the scanning confirmation request comprises the graphic code information;

receiving scanning feedback information returned by the first server and returning the scanning feedback information to the second terminal, wherein the scanning feedback information is used for indicating whether an authentication graphic code is scanned or not, and the authentication graphic code is a graphic code generated by the first server based on identification information of the first terminal and identification information of network access equipment;

in response to receiving a connection confirmation instruction sent by the second terminal, forwarding the connection confirmation instruction to the first server, wherein the connection confirmation instruction is used for allowing the first terminal to access a network through the network access device;

and receiving an instruction execution result returned by the first server for executing the connection confirmation instruction, and returning the instruction execution result to the second terminal.

27. A method of connection authentication for a wireless access point, comprising:

a first terminal sends a network access request to network access equipment corresponding to a wireless access point, wherein the first terminal does not have network access authority;

the network access equipment intercepts the network access request, determines whether the first terminal meets a triggering condition of connection authentication, and sends a connection authentication request to a first server when the first terminal meets the triggering condition of connection authentication, wherein the connection authentication request comprises identification information of the first terminal and identification information of the network access equipment, and the triggering condition is that the first terminal cannot install a target networking application for authorizing to use open network service;

the first server generates an authentication graphic code based on the identification information of the first terminal and the identification information of the network access equipment, and returns the authentication graphic code to the network access equipment;

the network access equipment sends the authentication graphic code to the first terminal;

the first terminal displays the authentication graphic code, the authentication graphic code is used for being scanned by a second terminal provided with the target networking application, the scanning state of the authentication graphic code is used for generating a connection confirmation instruction, the scanning state comprises the scanned state, and the connection confirmation instruction is used for enabling the first terminal to have the network access authority.

28. The method of claim 27, wherein the method further comprises:

the second terminal scans the authentication graphic code, acquires the graphic code information of the authentication graphic code and sends the graphic code information to the second server;

the second server sends a scanning confirmation request to the first server, wherein the scanning confirmation request comprises the graphic code information;

the first server matches the graphic code information with the information of the authentication graphic code, generates scanning feedback information based on a matching result, and returns the scanning feedback information to the second server;

and the second server sends the scanning feedback information to the second terminal.

29. The method of claim 28, wherein the status code of the authentication graphical code includes a parameter value indicating that the authentication graphical code has not been scanned; and

the method further comprises the following steps:

and if the graphic code information is matched with the authentication graphic code information, the first server endows the status code of the authentication graphic code with a parameter value indicating that the authentication graphic code is scanned.

30. The method of claim 29, wherein the graphical code information includes a timestamp, the authentication graphical code having a validity period; and

the method further comprises the following steps:

and if the time corresponding to the time stamp of the graphic code information exceeds the validity period of the authentication graphic code, the first server endows the status code of the authentication graphic code with a parameter value indicating that the authentication graphic code is invalid.

31. The method of claim 27, wherein the method further comprises:

the network access equipment receives an inquiry request which is sent by the first terminal and used for inquiring the state of the authentication graphic code, and forwards the inquiry request to the first server;

the first server inquires the state of the authentication graphic code and returns an inquiry result to the network access equipment, wherein the inquiry result comprises the state code of the authentication graphic code, and the state code of the authentication graphic code is used for indicating the authentication state of the authentication graphic code.

32. The method of claim 31, wherein the method further comprises:

and if the query result indicates that the authentication graphic code is not scanned, the network access equipment sends prompt information for prompting a user to scan the authentication graphic code by using a second terminal provided with a target networking application to the first terminal.

33. The method of claim 31, wherein the method further comprises:

and if the query result indicates that the authentication graphic code is scanned, the network access equipment sends prompt information for prompting a user to perform authentication confirmation on the terminal for scanning the authentication graphic code to the first terminal.

34. The method of claim 31, wherein the method further comprises:

and if the query result indicates that the authentication graphic code is invalid, the network access equipment sends prompt information for prompting a user to update the authentication graphic code and rescan the updated authentication graphic code to the first terminal.

35. The method of claim 28, wherein the method further comprises:

if the scanning feedback information indicates that the authentication graphic code is scanned, the second terminal sends a connection confirmation instruction to the second server, wherein the connection confirmation instruction is used for allowing the first terminal to access the network through the network access device;

the second server forwarding the connection confirmation instruction to the first server;

the first server sends a connection release instruction to the network access equipment, wherein the connection release instruction is used for allowing the first terminal to access the network;

the network access equipment responds to the received connection release instruction, sets the first terminal to have network access authority within a preset time range, and returns a setting result to the first server;

the first server sends the setting result to the second server;

and the second server sends the setting result to the second terminal.

36. The method of claim 35, wherein the method further comprises:

and if the setting result indicates that the first terminal has the network access authority, the first server endows the state code of the authentication graphic code with a parameter value indicating that the authentication of the authentication graphic code is successful.

37. The method of claim 31, wherein the method further comprises:

and if the query result indicates that the authentication of the authentication graphic code is successful, the network access equipment sends prompt information for prompting that the user can access the network to the first terminal.

38. The method of claim 31, wherein the method further comprises:

if the query result indicates that the authentication of the authentication graphic code is successful, the network access equipment acquires the page content of the network access request and sends the acquired page content to the first terminal;

and the first terminal displays the acquired page content.

39. The method of claim 35, wherein the method further comprises:

and if the setting result indicates that the first terminal does not have the network access authority, the first server endows the state code of the authentication graphic code with a parameter value indicating that the authentication of the authentication graphic code fails.

40. The method of claim 31, wherein the method further comprises:

and if the query result indicates that the authentication of the authentication graphic code fails, sending prompt information for prompting the user to scan the authentication graphic code again to the first terminal.

41. The method of claim 27, wherein the determining whether the first terminal satisfies a trigger condition for connection authentication comprises:

acquiring identification information of the first terminal;

and in response to the first terminal failing to install a terminal of the target networking application, determining that the first terminal meets a trigger condition of connection authentication.

42. The method of claim 27, wherein the method further comprises:

the first terminal sends a graphic code updating request to the network access equipment, wherein the graphic code updating request comprises information of an authentication graphic code;

the network access equipment forwards the graphic code updating request to the first server;

the first server generates an updated authentication graphic code based on the information of the authentication graphic code in the graphic code updating request, and returns the updated authentication graphic code to the network access equipment;

the network access equipment sends the updated authentication graphic code to the first terminal;

and the first terminal displays the updated authentication graphic code.

43. The method of claim 28, wherein prior to transmitting the graphical code information to the second server, the method further comprises:

the second terminal detects whether the graphic code information is acquired by a target networking application;

if the authentication graphic code is not acquired by the target networking application, the second terminal determines whether the target networking application is installed;

and if the target networking application is installed on the second terminal, starting the target networking application.

44. The method of claim 43, wherein the method further comprises:

and if the target networking application is not installed on the second terminal, the second terminal displays prompt information for prompting a user to download the target networking application.

45. The method of claim 43, wherein the method further comprises:

if the authentication graphic code is acquired by the target networking application, the second terminal detects a user login state of the target networking application, wherein the user login state comprises logged-in or logged-out;

and if the user login state of the target networking application is not logged in, the second terminal displays prompt information for prompting the user to log in.

46. A method of connection authentication for a wireless access point, comprising:

the first server receives the graphic code information forwarded by the second server, matches the graphic code information with the information of an authentication graphic code to generate scanning feedback information, and returns the scanning feedback information to the second server, wherein the information of the authentication graphic code comprises identification information of the first terminal and identification information of network access equipment corresponding to the wireless access point;

the second terminal receives the scanning feedback information returned by the second server, and if the scanning feedback information indicates that the authentication graphic code is scanned, the second terminal sends a connection confirmation instruction to the second server, wherein the connection confirmation instruction is used for allowing the first terminal to access the network through the network access device;

the first server sends a connection release instruction to the network access device in response to receiving the connection confirmation instruction forwarded by the second server, wherein the connection release instruction is used for allowing the first terminal to access the network;

and the network access equipment responds to the received connection release instruction, sets the first terminal to have network access authority within a preset time range, and returns a setting result to the first server.

47. A connection authentication apparatus of a wireless access point, comprising:

a request receiving unit, configured to receive a connection authentication request sent by a network access device corresponding to a wireless access point after intercepting a network access request of a first terminal without network access permission and determining that the first terminal satisfies a trigger condition of connection authentication, wherein the connection authentication request includes identification information of the first terminal and identification information of the network access device, and the trigger condition is that the first terminal cannot install a target networking application for authorizing to use an open network service;

a graphic code generating unit configured to generate an authentication graphic code based on the identification information of the first terminal and the identification information of the network access device;

a graphic code sending unit configured to send the authentication graphic code to the first terminal through the network access device, where the authentication graphic code is used for being scanned by a second terminal installed with the target networking application, and a scanning state of the authentication graphic code is used for generating a connection confirmation instruction, where the scanning state includes scanned, and the connection confirmation instruction is used for enabling the first terminal to have the network access right.

48. A network device, comprising:

one or more processors;

a storage device having one or more programs stored thereon,

when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-26.

49. A computer-readable medium, on which a computer program is stored, wherein the program, when executed by a processor, implements the method of any one of claims 1-26.