CN109379192A - A kind of login authentication processing method, system and device - Google Patents

A kind of login authentication processing method, system and device Download PDF

Info

Publication number
CN109379192A
CN109379192A CN201811105898.3A CN201811105898A CN109379192A CN 109379192 A CN109379192 A CN 109379192A CN 201811105898 A CN201811105898 A CN 201811105898A CN 109379192 A CN109379192 A CN 109379192A
Authority
CN
China
Prior art keywords
token
version number
caching
terminal
read
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811105898.3A
Other languages
Chinese (zh)
Other versions
CN109379192B (en
Inventor
朱朝卓
唐正
洪基明
周慧能
谭绍龙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Xiaopeng Motors Technology Co Ltd
Original Assignee
Guangzhou Xiaopeng Motors Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Xiaopeng Motors Technology Co Ltd filed Critical Guangzhou Xiaopeng Motors Technology Co Ltd
Priority to CN201811105898.3A priority Critical patent/CN109379192B/en
Publication of CN109379192A publication Critical patent/CN109379192A/en
Application granted granted Critical
Publication of CN109379192B publication Critical patent/CN109379192B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/70Software maintenance or management
    • G06F8/71Version control; Configuration management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/568Storing data temporarily at an intermediate stage, e.g. caching
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention discloses a kind of login authentication processing method, system and devices, this method comprises: when receiving the logging request for carrying the first token of first terminal transmission, after first token is decrypted, after reading the version number for obtaining the first token, the version number of reading is compared with the version number of caching, executes and logs in state verification;When the token for carrying the second token for receiving first terminal transmission updates request, after the second token is decrypted, the version number in the second token is read, the version number of reading is compared with the version number of caching, executes corresponding token update processing;Wherein, the validity period of the second token is longer than the validity period of the first token, and second token is used to refresh the first token for first terminal.This method can guarantee that multiple concurrent requests update the idempotent processing of the solicited message of token, guarantee the logical correctness for logging in state verifying, improve user experience, can be widely applied in information security industry.

Description

A kind of login authentication processing method, system and device
Technical field
The present invention relates to field of information security technology, more particularly to a kind of login authentication processing method, system and device.
Background technique
Term is explained:
OAuth: a kind of agreement of opening, for user resources authorization provide it is a safety, open and easy Standard.
Token: token, label, computerese.
At present in technology, the login mechanism of the login system based on OAuth2.0 agreement is that distribution a pile logs in state token, Including short-period token AccessToken and macrocyclic token RefreshToken, AccessToken is general, and validity period is Several hours, RefreshToken general validity period are some months.In traditional technology, system is randomly assigned two random train conducts Then AccessToken and RefreshToken is respectively cached this to random train in cache server, user's verification When AccessToken and RefreshToken, directly control cache server current cache 2 random trains whether one It causes, judges legal login state token if be unanimously only, and the corresponding random train of newly generated token is cached to caching Server, 2 tokens before covering.
When refreshing login state token concurrent request according to RefreshToken, concurrently refresh token if there is multiple Request, due to service server not can guarantee concurrently refresh token request sequence, and login service device verification correct one New random train can be generated after the consistency of secondary random train at once and covers current caching, is enabled then will lead to concurrent refreshing Only one request of the request of board updates token success, and other requests can be because of the random train of caching and the random train of request It is inconsistent and cause request fail.And the packet that returns of concurrent request not can guarantee sequencing yet, it is possible to successfully apply Before the request of refreshing not yet returns, the inconsistent request time packet for causing to refresh token failure of random train has returned to client, Cause client end response to the state of user to be that user logs in state failure, and then user is needed to step on again through account number cipher Record not can guarantee the idempotence for logging in state, and seriously affect user experience.
Summary of the invention
In order to solve the above technical problems, the object of the present invention is to provide login authentication processing method, system and devices.
The technical solution adopted by the present invention to solve the technical problems is:
One aspect of the present invention provides a kind of login authentication processing method, comprising the following steps:
When receiving the logging request for carrying the first token of first terminal transmission, the first token is decrypted Afterwards, after reading the version number for obtaining the first token, the version number of reading is compared with the version number of caching, executes and logs in state Verification;
When the token for carrying the second token for receiving first terminal transmission updates request, the second token is solved After close, the version number in the second token is read, the version number of reading is compared with the version number of caching, executes corresponding order Board update processing;
Wherein, the validity period of the second token is longer than the validity period of the first token, and second token is used for for first eventually The first token is refreshed at end.
Further, further comprising the steps of:
When the logon information for receiving first terminal transmission and when verifying successfully, build version number, and by version number with step on After land information is encrypted, the first token and the second token are obtained respectively;
Version number is cached, and the first token and the second token are issued to first terminal.
Further, it is that first terminal is judging that the token for carrying the second token that the first terminal is sent, which updates request, It is generated after second token is expired.
Further, first token is AccessToken, and second token is RefreshToken.
Further, described when receiving the logging request for carrying the first token of first terminal transmission, it is enabled to first After board is decrypted, after reading the version number for obtaining the first token, the version number of reading is compared with the version number of caching, The step for logging in state verification is executed, specifically:
When receiving the logging request for carrying the first token of first terminal transmission, the first token is decrypted Afterwards, after reading the version number for obtaining the first token, the version number of reading is compared with the version number of caching, is read in judgement Version number be more than or equal to caching version number when, judge log in state verify successfully, conversely, judge reading version number be less than When the version number of caching, judge to log in state verification failure.
Further, described to execute the step for corresponding token updates processing, it specifically includes:
When the version number for judging to read from the second token is smaller than the version number of caching, verification failure is determined, and notify First terminal;
When the version number for judging to read from the second token is identical as the version number of caching, version number and token are carried out more New processing;
When the version number for judging to read from the second token is greater than the version number of caching, more by the version number of current cache Newly replace with the version number read from the second token.
Further, described when the version number for judging to read from the second token is identical as the version number of caching, carry out version This number updates the step for handling with token, specifically includes:
When the version number for judging to read from the second token is identical as the version number of caching, stepping in the second token is read Land information, while generating new version number, and after new version number and logon information are encrypted, generate the first new token With the second token;
New the first token and the second token are issued to first terminal, so that first terminal is currently stored by its respectively The first token and the second token update replace with new the first token and the second token;
Wherein, the version number that the version number generated each time generates than the last time is orderly incremented by.
Further, the version number is defined as: creation time stamp+N;Wherein N is random natural number.
Another aspect of the present invention provides a kind of login authentication processing system, comprising:
At least one processor;
At least one processor, for storing at least one program;
When at least one described program is executed by least one described processor, so that at least one described processor is realized Login authentication processing method as described in the present invention.
Another aspect of the present invention provides a kind of login authentication processing unit, comprising:
Comparison module, for when receive first terminal transmission the logging request for carrying the first token when, to first After token is decrypted, after reading the version number for obtaining the first token, the version number of reading and the version number of caching are compared It is right, it executes and logs in state verification;
Token update module, for updating request when the token for carrying the second token for receiving first terminal transmission When, after the second token is decrypted, read the version number in the second token, by the version number of reading and the version number of caching into Row compares, and executes corresponding token update processing;
Wherein, the validity period of the second token is longer than the validity period of the first token, and second token is used for for first eventually The first token is refreshed at end.
The beneficial effects of the present invention are: in the present invention, the is generated by build version number and according to version number and random train After one token and the second token, version number is cached, and the first token and the second token are issued to first terminal, thus In logging in state verification process, processing is compared in conjunction with version number information, the version number sent according to first terminal and caching Version number comparison result, then realize corresponding token update processing, this method can be updated by reasonable set token The update opportunity of Cheng Zhong version number guarantees to step on to guarantee that multiple concurrent requests update the idempotent processing of the solicited message of token The logical correctness for recording state verifying, improves user experience.
Detailed description of the invention
Fig. 1 is the flow chart of login authentication processing method of the invention;
Fig. 2 is the detailed process figure in the specific embodiment of login authentication processing method of the invention;
Fig. 3 is the structural block diagram of login authentication processing system of the invention.
Specific embodiment
Embodiment of the method
Referring to Fig.1, a kind of login authentication processing method is present embodiments provided, this method is mainly in login service device It executes, for realizing supporting the refreshing of idempotence to log in state process, specifically includes the following steps:
S1, after receiving the checking solicited message for carrying logon information that first terminal is sent, login verification is carried out, and After verifying successfully, next step is continued to execute;Logon information includes the information such as login account and password;In practical implementation In, only after verification logon information is correct, the following steps are just continued to execute, are stepped on using state verification mode progress account is logged in Record;Here, first terminal can be the various intelligent terminals such as smart phone, plate, computer, car-mounted terminal;
S2, when the logon information for receiving first terminal transmission and when verifying successfully, build version number, and by version number with After logon information is encrypted, the first token and the second token are obtained respectively;The side that version number and logon information are encrypted Formula can use any cipher mode, such as symmetric cryptography, perhaps character string reconfigured according to certain rule or By the way of existing various key encryptions etc., the present invention is not specifically limited;
After version number and logon information are encrypted, the step of obtaining the first token and the second token respectively, is specifically such as Under: after version number, logon information and the first validity period are encrypted, the first token is obtained, while by version number, logon information After being encrypted with the second validity period, the second token is obtained, wherein the first validity period was the validity period of the first token, and second has The effect phase is the validity period of the second token;The validity period of first token and the second token can be preset, be also possible to Basis enters data to setting during generating token, and the present invention does not limit specific setting means;
S3, version number is cached, and the first token and the second token is issued to first terminal;In this step, needle The checking solicited message version number generated that user issues for the first time is cached, so that subsequent can be based on the version of caching It number carries out logging in state verifying;Specifically, when carrying out data buffer storage version can be being used by data buffer storage to cache server When this number progress proving and comparisom, the corresponding version number that reads from cache server is compared;
S4, when receive first terminal transmission the logging request for carrying the first token when, the first token is solved After close, after reading the version number for obtaining the first token, the version number of reading be compared with the version number of caching, executes login State verification;
S5, when receive first terminal transmission carry the second token token update request when, to the second token into After row decryption, the version number in the second token is read, the version number of reading is compared with the version number of caching, executes correspondence Token update processing;
Wherein, the validity period of the second token is longer than the validity period of the first token, and second token is used for for first eventually The first token is refreshed at end.First token is to obtain token, and for carrying out logging request verifying for first terminal, the second token is brush New token refreshes the first token for first terminal after the first token is expired.
It is further used as preferred embodiment, the token for carrying the second token that the first terminal is sent, which updates, asks Seeking Truth first terminal is generated after judging that the second token is expired.After the second token is expired, first terminal respective request is more New second token accesses verifying convenient for the subsequent mode for continuing through token.
It is further used as preferred embodiment, first token is AccessToken, and second token is RefreshToken.The validity period of AccessToken is generally a few houres, the validity period of RefreshToken be generally several days with On in addition some months.This method mainly guarantees that first terminal changes the preciseness of RefreshToken process, by adding version This number idempotent processing for guaranteeing that RefreshToken renewal process can keep concurrent update to request.
In practical applications, it is carried out when user inputs the logon information comprising login account and password in first terminal for the first time When log on request, the logon information that first terminal generation carries checking solicited message is sent to this method executing subject, such as Game server.Game server executes step S1 and carries out logging in verification, after verifying successfully, execution step S2 build version number, First token and the second token, and the first token and the second token are issued to first terminal, first terminal receives the first token It is stored with after the second token.For user next time when first terminal logs in, first terminal has locally saved user's Logon information inputs logon information again without user and verifies, it is only necessary to directly transmit the login for carrying the first token It requests to game server log in state verification, i.e., carries out logging in state verifying by step S4.Due to the first token and Second token has validity period, and after it's validity period has past the first token, log in state verification using the first token will be verified Failure refreshes AccessToken using RefreshToken at this point, first terminal refreshes the first token according to the second token, After refreshing, continues to use the first token and carry out logging in state verification.And when first terminal judges the second token i.e. RefreshToken It after expired, that is, generate and is sent to game server after carrying the update request of the second token, request game server updates second Token continues to carry out logging in state verification using token mechanism convenient for subsequent.It is specific how to use the first token and the second token, With AccessToken in the prior art and RefreshToken using identical, the present invention is not repeated.
In the present invention, after generating the first token and the second token by build version number and according to version number and random train, Version number is cached, and the first token and the second token are issued to first terminal, thus in logging in state verification process, Processing is compared in conjunction with version number information, the comparison result of the version number of the version number and caching that are sent according to first terminal, Realize corresponding token update processing again, this method can be by reasonable set token renewal process when the update of version number Machine guarantees to log in the logically true of state verifying to guarantee that multiple concurrent requests update the idempotent processing of the solicited message of token Property, improve user experience.
For one detailed process of this method as shown in Fig. 2, in Fig. 2, user logs in letter by the APP program input of first terminal Breath, connect with login service device realize account login authentication after, in subsequent process, by AccessToken with RefreshToken carries out the specific state that logs in and refreshes verifying.Illustrate the more detailed implementation procedure of this method below in conjunction with Fig. 2:
The step S4, specifically:
When receiving the logging request for carrying the first token of first terminal transmission, the first token is decrypted Afterwards, after reading the version number for obtaining the first token, the version number of reading is compared with the version number of caching, is read in judgement Version number be more than or equal to caching version number when, judge log in state verify successfully, conversely, judge reading version number be less than When the version number of caching, judge to log in state verification failure.
In this step, the version number in the first token directly sent according to first terminal carries out login verification, judges the Whether the logging request that one terminal is sent, which passes through, logs in state verification, if passing through, then the other data read in the first token carry out Login authentication, conversely, directly the verification of notice first terminal is unsuccessful.
It is further used as preferred embodiment, the corresponding token of execution described in the step S5, which updates, handles this step Suddenly, it specifically includes:
When the version number for judging to read from the second token is smaller than the version number of caching, verification failure is determined, and notify First terminal;
When the version number for judging to read from the second token is identical as the version number of caching, version number and token are carried out more New processing;
When the version number for judging to read from the second token is greater than the version number of caching, more by the version number of current cache Newly replace with the version number read from the second token.
The version number read from the second token indicates that the version number is expired version number than the version number hour of caching, Therefore judgement verification failure, updates without token.And the version number read from the second token is identical as the version number of caching When, it indicates that request is normal, corresponding token update processing can be carried out.When the version number read from the second token is greater than caching Version number when, indicate first terminal storage version number be greater than caching version number, i.e., first terminal storage version number be Therefore the version number of cache server current cache is updated and replaces with what this read from the second token by newest version number Version number, when this step is by being greater than the version number of caching in the version number for judging that first terminal stores, then by current cache Version number, which updates, replaces with the version number read from the second token, realizes the update of the version number of caching, it is ensured that simultaneously The request that hair updates the second token can continue normal verification, ensure that the logical correctness and idempotence of renewal process, Improve user experience.
It is further used as preferred embodiment, it is described when the version for judging the version number and caching read from the second token This number it is identical when, carry out the step for version number and token update processing, specifically include:
When the version number for judging to read from the second token is identical as the version number of caching, stepping in the second token is read Land information, while generating new version number, and after new version number and logon information are encrypted, generate the first new token With the second token;
New the first token and the second token are issued to first terminal, so that first terminal is currently stored by its respectively The first token and the second token update replace with new the first token and the second token;
Wherein, the version number that the version number generated each time generates than the last time is orderly incremented by.
In this step, after generating new version number, new the first token and the second token are generated using new version number, and Caching new the first token and the second token, while new the first token and the second token are issued to first terminal, for first Terminal carries out login authentication.In this step, version number of the new version number without updating current cache immediately is generated, but will collection First terminal is returned at the first token of new version number information and the second token, so that current version number will not be stood Covering is carved, allows current concurrent multiple requests that can continue to use current version number and is verified.For example, when according to login After solicited message 1 generates new version number B, the first token for being integrated with version number B and the second token are returned into first terminal, The version number A of current cache can't be covered at once, therefore, in the short time, then receive the logging request letter for carrying version number A When ceasing 2, since the version number of caching is still version number A, it still can carry out normally logging in state verification, it is non-without being treated as Method request processing.After token until receiving carrying version number B updates solicited message, just the version number A of caching is updated to Version number B, subsequent to carry out logging in state verification according still further to version number B, therefore, this method can guarantee in short cycle concurrent multiple The idempotent of logging request logs in.
And this method, new the first token and the second token are issued to first terminal, so that first terminal is distinguished After its first currently stored token and the update of the second token are replaced with new the first token and the second token, it is equivalent to first Terminal holds the relevant information of newest version number always, and only when first terminal accesses, entrained version number is big When the version number of cache server current cache, the version number of first terminal can just be updated into cache server, thus The consistency for ensureing the version number that the version number cached in cache server and first terminal send over, can be avoided first The version number that terminal sends history verify it is caused can not idempotent processing the problem of, to ensure that this method is logging in Idempotence in verification process.
It is further used as preferred embodiment, the version number is defined as: creation time stamp+N;Wherein N is any Natural number.For example, version number can be defined as creation time stamp+4, it, can by the way that version number to be defined as being positively correlated with timestamp To guarantee that version number of the version number generated every time than last time generation is big, this method is facilitated to compare processing.And in reality In the application process of border, can also set the version number generated every time than last time generate version number it is small, as long as at this point, by right The verification mode answered is in turn.
System embodiment
Referring to Fig. 3, another aspect of the present invention provides a kind of login authentication processing system, comprising:
At least one processor 100;
At least one processor 200, for storing at least one program;
When at least one described program is executed by least one described processor 100, so that at least one described processor 100 realize the login authentication processing method.
The processing of login authentication provided by embodiment of the present invention method can be performed in the login authentication processing system of the present embodiment Method, any combination implementation steps of executing method embodiment have the corresponding function of this method and beneficial effect.
Installation practice
Another aspect of the present invention provides a kind of login authentication processing unit, comprising:
Comparison module, for when receive first terminal transmission the logging request for carrying the first token when, to first After token is decrypted, after reading the version number for obtaining the first token, the version number of reading and the version number of caching are compared It is right, it executes and logs in state verification;
Token update module, for updating request when the token for carrying the second token for receiving first terminal transmission When, after the second token is decrypted, read the version number in the second token, by the version number of reading and the version number of caching into Row compares, and executes corresponding token update processing;
Wherein, the validity period of the second token is longer than the validity period of the first token, and second token is used for for first eventually The first token is refreshed at end.
It is further used as preferred embodiment, described device further include:
Correction verification module, after receiving the checking solicited message for carrying login account and password that first terminal is sent, Login verification is carried out, and after verifying successfully, continues to execute token generation module;
Token generation module, for generating the first random train and the second random train at random, and after build version number, by version It number is encrypted into the first random train and the second random train respectively, obtains the first token and the second token;
Processing module is issued to first terminal for caching version number, and by the first token and the second token.
The processing of login authentication provided by embodiment of the present invention method can be performed in the login authentication processing unit of the present embodiment Method, any combination implementation steps of executing method embodiment have the corresponding function of this method and beneficial effect.
It is to be illustrated to preferable implementation of the invention, but the invention is not limited to the implementation above Example, those skilled in the art can also make various equivalent variations on the premise of without prejudice to spirit of the invention or replace It changes, these equivalent variation or replacement are all included in the scope defined by the claims of the present application.

Claims (10)

1. a kind of login authentication processing method, which comprises the following steps:
When receiving the logging request for carrying the first token of first terminal transmission, after the first token is decrypted, read After taking the version number for obtaining the first token, the version number of reading is compared with the version number of caching, executes and log in state verification;
When the token for carrying the second token for receiving first terminal transmission updates request, the second token is decrypted Afterwards, the version number in the second token is read, the version number of reading is compared with the version number of caching, executes corresponding token Update processing;
Wherein, the validity period of the second token is longer than the validity period of the first token, and second token is used for for first terminal brush New first token.
2. login authentication processing method according to claim 1, which is characterized in that further comprising the steps of:
When the logon information for receiving first terminal transmission and when verifying successfully, build version number, and by version number and log in letter After breath is encrypted, the first token and the second token are obtained respectively;
Version number is cached, and the first token and the second token are issued to first terminal.
3. login authentication processing method according to claim 1, which is characterized in that the first terminal was sent carries It is that first terminal is generated after judging that the second token is expired that the token of second token, which updates request,.
4. login authentication processing method according to claim 1, which is characterized in that first token is AccessToken, second token are RefreshToken.
5. login authentication processing method according to claim 1, which is characterized in that described to receive first terminal transmission The logging request for carrying the first token when, after the first token is decrypted, read obtain the first token version number after, The version number of reading is compared with the version number of caching, executes the step for logging in state verification, specifically:
When receiving the logging request for carrying the first token of first terminal transmission, after the first token is decrypted, read After taking the version number for obtaining the first token, the version number of reading is compared with the version number of caching, in the version that judgement is read This number be more than or equal to caching version number when, judge log in state verify successfully, conversely, judgement read version number less than cache Version number when, judge log in state verification failure.
6. login authentication processing method according to claim 1, which is characterized in that described to execute at corresponding token update The step for reason, specifically includes:
When the version number for judging to read from the second token is smaller than the version number of caching, verification failure is determined, and notify first Terminal;
When the version number for judging to read from the second token is identical as the version number of caching, carry out at version number and token update Reason;
When the version number for judging to read from the second token is greater than the version number of caching, the version number of current cache is updated and is replaced It is changed to the version number read from the second token.
7. login authentication processing method according to claim 6, which is characterized in that described to judge to read from the second token When the version number taken is identical as the version number of caching, carries out version number and token updates the step for handling, specifically include:
When the version number for judging to read from the second token is identical as the version number of caching, reads in the second token and log in letter Breath, while generating new version number, and after new version number and logon information are encrypted, and generates new the first token and the Two tokens;
New the first token and the second token are issued to first terminal so that first terminal respectively by its currently stored One token and the update of the second token replace with new the first token and the second token;
Wherein, the version number that the version number generated each time generates than the last time is orderly incremented by.
8. login authentication processing method according to claim 7, which is characterized in that the version number is defined as: creation Timestamp+N;Wherein N is random natural number.
9. a kind of login authentication processing system characterized by comprising
At least one processor;
At least one processor, for storing at least one program;
When at least one described program is executed by least one described processor, so that at least one described processor is realized as weighed Benefit requires the described in any item login authentication processing methods of 1-8.
10. a kind of login authentication processing unit characterized by comprising
Comparison module, for when receive first terminal transmission the logging request for carrying the first token when, to the first token After being decrypted, after reading the version number for obtaining the first token, the version number of reading is compared with the version number of caching, is held Row logs in state verification;
Token update module, for when receive first terminal transmission carry the second token token update request when, it is right After second token is decrypted, the version number in the second token is read, the version number of the version number of reading and caching is compared It is right, execute corresponding token update processing;
Wherein, the validity period of the second token is longer than the validity period of the first token, and second token is used for for first terminal brush New first token.
CN201811105898.3A 2018-09-21 2018-09-21 Login verification processing method, system and device Active CN109379192B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811105898.3A CN109379192B (en) 2018-09-21 2018-09-21 Login verification processing method, system and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811105898.3A CN109379192B (en) 2018-09-21 2018-09-21 Login verification processing method, system and device

Publications (2)

Publication Number Publication Date
CN109379192A true CN109379192A (en) 2019-02-22
CN109379192B CN109379192B (en) 2021-10-12

Family

ID=65401580

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811105898.3A Active CN109379192B (en) 2018-09-21 2018-09-21 Login verification processing method, system and device

Country Status (1)

Country Link
CN (1) CN109379192B (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110266703A (en) * 2019-06-25 2019-09-20 广州小鹏汽车科技有限公司 Token method for refreshing, device, storage medium and controlling terminal
CN110912700A (en) * 2019-11-13 2020-03-24 上汽大通汽车有限公司 JWT (just-before-wt) -based distributed system security authentication method
CN111698264A (en) * 2020-06-28 2020-09-22 京东数字科技控股有限公司 Method and apparatus for maintaining user authentication sessions
CN111865970A (en) * 2020-07-17 2020-10-30 北京百度网讯科技有限公司 Method and apparatus for implementing interface idempotency
CN112138404A (en) * 2019-06-28 2020-12-29 北京智明星通科技股份有限公司 Game APP login verification method and system
CN112511563A (en) * 2020-12-22 2021-03-16 四川长虹电器股份有限公司 Method for logging in terminal equipment by cloud user
CN112671539A (en) * 2020-11-23 2021-04-16 苏州浪潮智能科技有限公司 Method, system, medium and device for processing overdue renewal of multi-request token
CN113271296A (en) * 2021-04-28 2021-08-17 北京沃东天骏信息技术有限公司 Login authority management method and device
CN113535427A (en) * 2021-06-29 2021-10-22 上海晶赞融宣科技有限公司 Method, device, system, terminal and storage medium for processing request message
CN114978605A (en) * 2022-04-25 2022-08-30 联仁健康医疗大数据科技股份有限公司 Page access method and device, electronic equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104980925A (en) * 2015-06-01 2015-10-14 走遍世界(北京)信息技术有限公司 Authentication method and authentication device for user request
US20160099941A1 (en) * 2014-10-03 2016-04-07 Gopro, Inc. Authenticating a limited input device via an authenticated application
CN106453396A (en) * 2016-11-18 2017-02-22 传线网络科技(上海)有限公司 Double token account login method and login verification device
CN106789987A (en) * 2016-12-08 2017-05-31 武汉斗鱼网络科技有限公司 The multi-service of mobile terminal single-sign-on interconnects the method and system of APP
CN108449187A (en) * 2018-06-19 2018-08-24 福建天泉教育科技有限公司 A kind of method and device that token refreshes

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160099941A1 (en) * 2014-10-03 2016-04-07 Gopro, Inc. Authenticating a limited input device via an authenticated application
CN104980925A (en) * 2015-06-01 2015-10-14 走遍世界(北京)信息技术有限公司 Authentication method and authentication device for user request
CN106453396A (en) * 2016-11-18 2017-02-22 传线网络科技(上海)有限公司 Double token account login method and login verification device
CN106789987A (en) * 2016-12-08 2017-05-31 武汉斗鱼网络科技有限公司 The multi-service of mobile terminal single-sign-on interconnects the method and system of APP
CN108449187A (en) * 2018-06-19 2018-08-24 福建天泉教育科技有限公司 A kind of method and device that token refreshes

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110266703A (en) * 2019-06-25 2019-09-20 广州小鹏汽车科技有限公司 Token method for refreshing, device, storage medium and controlling terminal
CN112138404A (en) * 2019-06-28 2020-12-29 北京智明星通科技股份有限公司 Game APP login verification method and system
CN110912700A (en) * 2019-11-13 2020-03-24 上汽大通汽车有限公司 JWT (just-before-wt) -based distributed system security authentication method
CN111698264A (en) * 2020-06-28 2020-09-22 京东数字科技控股有限公司 Method and apparatus for maintaining user authentication sessions
CN111865970A (en) * 2020-07-17 2020-10-30 北京百度网讯科技有限公司 Method and apparatus for implementing interface idempotency
CN111865970B (en) * 2020-07-17 2022-09-16 北京百度网讯科技有限公司 Method and apparatus for implementing interface idempotency
CN112671539A (en) * 2020-11-23 2021-04-16 苏州浪潮智能科技有限公司 Method, system, medium and device for processing overdue renewal of multi-request token
CN112671539B (en) * 2020-11-23 2022-09-20 苏州浪潮智能科技有限公司 Method, system, medium and device for processing overdue renewal of multi-request token
CN112511563A (en) * 2020-12-22 2021-03-16 四川长虹电器股份有限公司 Method for logging in terminal equipment by cloud user
CN113271296A (en) * 2021-04-28 2021-08-17 北京沃东天骏信息技术有限公司 Login authority management method and device
CN113271296B (en) * 2021-04-28 2023-08-04 北京沃东天骏信息技术有限公司 Login authority management method and device
CN113535427A (en) * 2021-06-29 2021-10-22 上海晶赞融宣科技有限公司 Method, device, system, terminal and storage medium for processing request message
CN114978605A (en) * 2022-04-25 2022-08-30 联仁健康医疗大数据科技股份有限公司 Page access method and device, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN109379192B (en) 2021-10-12

Similar Documents

Publication Publication Date Title
CN109379192A (en) A kind of login authentication processing method, system and device
CN106850699B (en) A kind of mobile terminal login authentication method and system
US10785201B2 (en) Synchronizing authentication sessions between applications
CN106534175B (en) Open platform authorization identifying system and method based on OAuth agreement
CN111371805A (en) Token-based unified identity authentication interface and method
US20170289134A1 (en) Methods and apparatus for assessing authentication risk and implementing single sign on (sso) using a distributed consensus database
CN104320423B (en) Single-sign-on lightweight implementation method based on Cookie
CN110069908A (en) A kind of authority control method and device of block chain
US8438383B2 (en) User authentication system
CN107483509A (en) A kind of auth method, server and readable storage medium storing program for executing
CN111708991A (en) Service authorization method, service authorization device, computer equipment and storage medium
WO2022121461A1 (en) Method, apparatus and device for constructing token for cloud platform resource access control
CN106713276B (en) A kind of data capture method and its system based on authorization identifying
CN111241555B (en) Access method and device for simulating user login, computer equipment and storage medium
CN106302606B (en) Across the application access method and device of one kind
CN110336807A (en) A kind of identity identifying method based on Web service, equipment and storage medium
CN109274650A (en) A kind of management system and method that electron image is had access to
CN111641615A (en) Distributed identity authentication method and system based on certificate
CN110414248A (en) Method for debugging microprocessor and microprocessor
WO2023093500A1 (en) Access verification method and apparatus
CN110490741A (en) Data validity and the apparatus and method of controllability management in a kind of block chain
CN107682321B (en) A kind of method and device of SDN controller cluster single-sign-on
CN113312576A (en) Page jump method, system and device
CN106529216B (en) Software authorization system and software authorization method based on public storage platform
CN115021995B (en) Multi-channel login method, device, equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant