CN109639622B - Offline application login method, terminal and server - Google Patents

Offline application login method, terminal and server Download PDF

Info

Publication number
CN109639622B
CN109639622B CN201710931675.1A CN201710931675A CN109639622B CN 109639622 B CN109639622 B CN 109639622B CN 201710931675 A CN201710931675 A CN 201710931675A CN 109639622 B CN109639622 B CN 109639622B
Authority
CN
China
Prior art keywords
login
client
check code
offline
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710931675.1A
Other languages
Chinese (zh)
Other versions
CN109639622A (en
Inventor
伍海君
文飞
王杰
郑钟焱
李鹏宏
张书鑫
王辉
寇华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201710931675.1A priority Critical patent/CN109639622B/en
Publication of CN109639622A publication Critical patent/CN109639622A/en
Application granted granted Critical
Publication of CN109639622B publication Critical patent/CN109639622B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2133Verifying human interaction, e.g., Captcha

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Telephonic Communication Services (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention relates to an offline application login method, a terminal and a server, and belongs to the technical field of computers. The method comprises the following steps: after an offline login request is obtained, a login two-dimensional code corresponding to the login is generated, wherein the login two-dimensional code comprises a uniform resource locator and a login parameter corresponding to the first client; acquiring a check code for verifying whether the offline login is legal or not, wherein the check code is acquired from a server by a second client side located in a second terminal according to the login two-dimensional code; and controlling the first client to perform offline login when the check code is determined to be legal. Therefore, when the first client side performs offline login, the second client side is used for verifying the legality of the first client side and the server, the safety and the reliability of application offline login are improved, and the user experience is improved.

Description

Offline application login method, terminal and server
Technical Field
The invention relates to the technical field of computers, in particular to an offline application login method, a terminal and a server.
Background
With the development of network and computer technologies, various applications are developed and widely used in life, study, and work of users. Many applications require the identity of a user to be verified at the time of use.
At present, in order to meet the user requirements, when the terminal is in a state without network connection, applications in the terminal can also log in according to historical login information, and the application login mode is poor in security and user experience.
Disclosure of Invention
The present invention is directed to solving, at least to some extent, one of the technical problems in the related art.
To this end, an embodiment of a first aspect of the present invention provides an offline application login method, which is applied to a first client, where the first client is located in a first terminal, and the method includes:
after an offline login request is obtained, a login two-dimensional code corresponding to the login is generated, wherein the login two-dimensional code comprises a uniform resource locator and a login parameter corresponding to the first client;
acquiring a check code for verifying whether the offline login is legal or not, wherein the check code is acquired from a server by a second client side located in a second terminal according to the login two-dimensional code;
and controlling the first client to perform offline login when the check code is determined to be legal.
According to the off-line application login method provided by the embodiment of the invention, after the off-line login request is obtained, the login two-dimensional code corresponding to the login is generated, then the check code for verifying whether the off-line login is legal is obtained, and when the check code is determined to be legal, the first client side is controlled to perform off-line login. Therefore, when the first client side performs offline login, the second client side is used for verifying the legality of the first client side and the server, the safety and the reliability of application offline login are improved, and the user experience is improved.
The embodiment of the second aspect of the present invention provides another offline application login method, which is applied to a second client, where the second client is located in a second terminal, and the method includes:
analyzing a login two-dimensional code displayed in a first terminal, and determining a uniform resource locator and a login parameter included in the login two-dimensional code;
sending the login parameters to a server corresponding to the uniform resource locator;
and acquiring and outputting the check code returned by the server.
The off-line application login method provided by the embodiment of the invention comprises the steps of firstly analyzing the login two-dimensional code displayed in the first terminal, determining the uniform resource locator and the login parameter included in the login two-dimensional code, then sending the login parameter to the server corresponding to the uniform resource locator, and finally obtaining and outputting the check code returned by the server. Therefore, when the first client side performs offline login, the second client side is used for verifying the legality of the first client side and the server, the safety and the reliability of application offline login are improved, and the user experience is improved.
The third embodiment of the invention provides another offline application login method, which is applied to a server and comprises the following steps:
acquiring login parameters sent by a second client;
determining a check code corresponding to the login parameter according to the login parameter;
and returning the check code to the second client.
The off-line application login method provided by the embodiment of the invention comprises the steps of firstly obtaining login parameters sent by the second client, and then determining the check codes corresponding to the login parameters according to the login parameters, so that the check codes are returned to the second client. Therefore, when the first client side performs offline login, the second client side is used for verifying the legality of the first client side and the server, the safety and the reliability of application offline login are improved, and the user experience is improved.
An embodiment of a fourth aspect of the present invention provides a terminal, including:
a memory, a processor and a computer program stored on the memory and executable on the processor, which when executed by the processor implements the offline application login method as described in the first aspect and/or implements the offline application login method as described in the second aspect.
According to the terminal provided by the embodiment of the invention, when the first client performs offline login, the second client is utilized to verify the validity of the server, so that the safety and reliability of application offline login are improved, and the user experience is improved.
An embodiment of a fifth aspect of the present invention provides a server, including:
a memory, a processor and a computer program stored on the memory and executable on the processor, the program when executed by the processor implementing the offline application login method according to the third aspect.
The server provided by the embodiment of the invention firstly acquires the login parameters sent by the second client, and then determines the check codes corresponding to the login parameters according to the login parameters, so that the check codes are returned to the second client. Therefore, when the first client side performs offline login, the second client side is used for verifying the legality of the first client side and the server, the safety and the reliability of application offline login are improved, and the user experience is improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the invention, as claimed.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the invention and together with the description, serve to explain the principles of the invention.
FIG. 1 is a flowchart illustrating a method for offline application login in accordance with an exemplary embodiment;
FIG. 1A is an exemplary diagram illustrating an offline application login method in accordance with one illustrative embodiment;
FIG. 1B is another exemplary diagram illustrating an offline application login method in accordance with one illustrative embodiment;
FIG. 2 is a flowchart illustrating a method of offline application login in accordance with another exemplary embodiment;
FIG. 2A is an exemplary diagram illustrating an offline application login method in accordance with one illustrative embodiment;
FIG. 3 is a flowchart illustrating a method of offline application login in accordance with another exemplary embodiment;
FIG. 3A is an exemplary diagram illustrating an offline application login method in accordance with one illustrative embodiment;
FIG. 3B illustrates an application scenario diagram of a first client, a second client, and a server, according to an example embodiment;
FIG. 4 is a signaling interaction diagram illustrating a method of offline application login in accordance with an exemplary embodiment;
fig. 5 is a signaling interaction diagram illustrating an offline application login method according to another exemplary embodiment.
With the above figures, certain embodiments of the invention have been illustrated and described in more detail below. The drawings and the description are not intended to limit the scope of the inventive concept in any way, but rather to illustrate it by those skilled in the art with reference to specific embodiments.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present invention. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the invention, as detailed in the appended claims.
The embodiments of the invention provide an offline application login method aiming at the problems of poor security and poor user experience of the existing application login method due to the fact that when a terminal is in a non-network connection state, an application in the terminal is logged in according to historical login information.
According to the off-line application login method provided by the embodiment of the invention, after a first client side positioned in a first terminal obtains an off-line login request, a login two-dimensional code for logging in at this time can be generated, then a second client side positioned in a second terminal analyzes the login two-dimensional code, a uniform resource locator and a login parameter included in the login two-dimensional code are determined, the login parameter is sent to a server corresponding to the uniform resource locator, the server determines a corresponding check code according to the login parameter and returns the check code to the second client side, the second client side can output the check code after obtaining the check code, and therefore, the first client side obtains the check code output by the second client side, and when the check code is verified to be legal, the first client side can be controlled to log in off-line. Therefore, when the first client side performs offline login, the second client side is used for verifying the legality of the first client side and the server, the safety and the reliability of application offline login are improved, and the user experience is improved.
The offline application login method, the terminal and the server provided by the present application will be described in detail below with reference to the accompanying drawings.
First, the first client side is taken as an example to describe in detail the offline application login method provided in the embodiment of the present invention.
Fig. 1 is a flowchart illustrating an offline application login method according to an exemplary embodiment.
As shown in fig. 1, the offline application login method is applied to a first client, where the first client is located in a first terminal, and the method includes the following steps:
step 101, when an offline login request is acquired, a login two-dimensional code corresponding to the login is generated.
The login two-dimensional code comprises a uniform resource locator and a login parameter corresponding to the first client.
Specifically, the offline application login method provided in the embodiment of the present invention may be executed by the first client provided in the embodiment of the present invention. The first client can be configured in any terminal, so that when the first terminal where the first client is located is in a non-network connection state, namely an offline state, offline application login can be performed. The types of the terminal are many, for example, the terminal may be a mobile phone, a computer, or the like.
The offline application login refers to a login mode of the client when the terminal where the client is located is in an offline condition without network connection.
In particular implementations, the offline login request may be triggered in a variety of ways.
For example, when a user logs in a first client, if the first terminal is in a state without network connection, an offline login request may be automatically triggered; or when the user logs in the first client, the user can select networking login or offline login according to the requirement, and if the user selects offline login, the user can trigger an offline login request; or, when the first terminal is in a no-network-connection state, the user may be prompted whether to perform offline login, and if the user selects yes, an offline login request is triggered, and so on.
Correspondingly, before step 101, the method may further include:
triggering an offline login request when the first terminal is determined to be in a no-network-connection state currently;
or acquiring an offline login request input by a user.
For example, assuming that when the user logs in the game application, the terminal where the application is located is in an unconnected state, the application may pop up a window as shown in fig. 1A to prompt the user whether to start the game using the offline mode, and if the user selects "Yes", the offline login request is triggered.
In the embodiment of the invention, the login parameter is used for uniquely identifying the login information during the login. Specifically, the User Information to be logged in may be User Information, such as a User name, a User identification number (UIN for short), a mailbox, a User password, and the like, or the User Information may further include an identifier of the first client, a randomly generated random number, an identity number of the User, a mobile phone number of the User, and the like. This embodiment is not limited to this.
And the uniform resource locator corresponding to the first client is used for uniquely determining and verifying whether the offline login is legal or not.
Specifically, since the login parameters include the information of the user to be logged in, such as an account number and a password of the user, in order to determine that the login parameters of the first client are not acquired by other clients, in a possible implementation form of the embodiment of the present invention, the login two-dimensional code corresponding to the login may be generated in the following manner:
encrypting the user information to be logged in to generate encrypted data;
modifying the uniform resource locator corresponding to the first client by using the encrypted data;
and generating a login two-dimensional code according to the modified uniform resource locator.
Specifically, the identifier of the first client and the user information to be logged in may be encrypted through a plurality of methods. For example, the random number may be encrypted by using an encryption method (Order caching encryption scheme, abbreviated as OPES) for storing numerical data, or by using a method such as substitution or replacement.
In another possible implementation form of the embodiment of the present invention, the login parameter may further include a random number, that is, before generating the encrypted data, the method may further include:
generating a random number according to a second preset rule;
accordingly, generating encrypted data includes:
encrypting the random number and the user information to be logged in to generate encrypted data;
the second preset rule is a rule for generating a random number.
Specifically, the random number may be generated according to various rules. For example, random numbers uniformly distributed in the (0, 1) interval may be taken as the random numbers; or, after the UIN of the user is operated by a specific algorithm, the obtained result is used as a random number, and the like.
The number of digits of the random number may be arbitrarily set as needed, and the random number may include only numbers, or may include numbers, letters, and the like, and is not limited herein.
It should be noted that, after the first client generates the login two-dimensional code, the login two-dimensional code may be displayed on the first terminal, and in addition, a prompt message asking the user to scan the two-dimensional code may be displayed while the login two-dimensional code is displayed, so as to prompt the user to scan the login two-dimensional code.
For example, when a user logs in to an application, a login two-dimensional code is generated according to user information to be logged in, the login two-dimensional code is displayed on the first terminal in a form shown in fig. 1B, and the user can be prompted to scan the two-dimensional code for verification by using the WeChat application and input a verification result.
Step 102, acquiring a check code for verifying whether the offline login is legal or not.
And the check code is acquired from the server by a second client side positioned in the second terminal according to the login two-dimensional code.
Specifically, after the first client generates the login two-dimensional code, the second client can analyze the login two-dimensional code to determine the uniform resource locator and the login parameter included in the login two-dimensional code, and send the login parameter to the server corresponding to the uniform resource locator, after the server obtains the login parameter, the server can determine the corresponding check code according to the login parameter, and return the check code to the second client, after the second client obtains the check code, the check code can be output, so that the first client can obtain the check code to verify whether the offline login is legal or not.
In specific implementation, the first client may obtain the check code output by the second client in multiple ways. For example, after the second client acquires the check code, the check code may be displayed on the second terminal, so that the user may directly input the check code displayed on the second terminal in the first client; or after the second client acquires the check code, the two-dimensional code containing the check code can be generated, so that the first terminal can scan the second two-dimensional code in the second terminal to acquire the check code; or after the second client acquires the check code, a section of special verification result voice can be generated, the verification result is encoded in the voice, and therefore the first client can analyze the voice after monitoring the verification result voice, and the verification code is decoded.
Accordingly, step 102 may be implemented by:
acquiring a check code input by a user;
or scanning the two-dimensional code in the second terminal to obtain the check code;
or analyzing the acquired voice and determining the check code.
The two-dimensional code in the second terminal or the voice output by the second terminal may be the two-dimensional code or the voice containing the check code generated and returned to the second client after the server determines the check code corresponding to the login parameter, or the two-dimensional code or the voice containing the check code generated by the second terminal after the server determines the check code corresponding to the login parameter and returns the check code to the second client, which is not limited here.
It should be noted that, in the embodiment of the present invention, a method for acquiring the check code may be selected according to needs.
For example, the two-dimensional code corresponding to the login generated by the first client may include information about whether the first terminal has a microphone or a camera, and after the second client parses the two-dimensional code, the information about whether the first terminal has a microphone or a camera may be sent to the server.
If the server determines that the first terminal has the microphone, after the check code corresponding to the login parameter is generated, the voice containing the check code can be generated and sent to the second client, and then the first client can obtain the check code by analyzing the obtained voice.
If the server determines that the first terminal is provided with the camera, after the check code corresponding to the login parameter is generated, the two-dimensional code containing the check code can be generated and sent to the second client, and then the first client can acquire the check code in a mode of scanning the two-dimensional code in the second terminal.
If the server determines that the first terminal is provided with the microphone and the camera, after the check code corresponding to the login parameter is generated, the server can optionally select to generate the voice or the two-dimensional code containing the check code and send the voice or the two-dimensional code to the second client, so that the first client can obtain the check code according to a corresponding mode.
If the server determines that the first terminal does not have the microphone and the camera, the server can directly send the check code to the second client after generating the check code corresponding to the login parameter, so that the user can directly input the check code in the first client.
Or, a check code form returned by the server to the second client and a check code obtaining form of the first client may also be preset, so that the first client can obtain the check code in a preset manner.
And 103, controlling the first client to perform offline login when the check code is determined to be legal.
Specifically, after the first client acquires the check code, whether the check code is legal or not can be determined, and if the check code is legal, the first client can be controlled to perform offline login.
In specific implementation, if the login parameter includes a random number, it may be determined whether the check code is legal by the following means:
in a first mode
And when the check code is determined to be consistent with the preset check code, determining that the check code is legal.
Specifically, a check code may be preset in the first client, and a mapping relationship exists between the check code and the user information to be logged in, and the mapping relationship is stored in the server. After the server acquires the login parameters sent by the second client, the server can determine the check code corresponding to the identifier of the first client and the user information to be logged in according to the identifier of the first client and the user information to be logged in the login parameters by searching the preset mapping relation, and return the check code to the second client, so that after the first client acquires the check code from the second client, if the acquired check code is consistent with the preset check code, the check code can be determined to be legal, namely the offline login is legal, and the first client can be controlled to perform offline login.
Mode two
And when the check code is determined to be consistent with the check code generated according to the first preset rule, determining that the check code is legal.
The first preset rule is a rule for generating a check code corresponding to the user information to be logged in.
Specifically, the first client and the server may be preset to generate the check code corresponding to the user information to be logged in according to a first preset rule. Therefore, the server can return the check code which is generated according to the first preset rule and corresponds to the user information to be logged in to the second client. After the first client side obtains the check code from the second client side, if the obtained check code is consistent with the check code generated by the first client side according to the first preset rule, the check code is determined to be legal, namely the offline login is legal, so that the first client side can be controlled to perform offline login.
Mode III
And when the check code is determined to be consistent with the random number, determining that the check code is legal.
Specifically, if the login parameter includes the random number, the server may decrypt the login parameter to obtain the check code, and return the check code to the first client, so that the first client may determine whether the obtained check code is consistent with the previously generated random number, and determine whether the login is legal.
According to the off-line application login method provided by the embodiment of the invention, after the off-line login request is obtained, the login two-dimensional code corresponding to the login is generated, then the check code for verifying whether the off-line login is legal is obtained, and when the check code is determined to be legal, the first client side is controlled to perform off-line login. Therefore, when the first client side performs offline login, the second client side is used for verifying the legality of the first client side and the server, the safety and the reliability of application offline login are improved, and the user experience is improved.
The second client side is taken as an example, and the offline application login method provided by the embodiment of the invention is described in detail below.
Fig. 2 is a flowchart illustrating an offline application login method according to another exemplary embodiment of the present invention.
As shown in fig. 2, the offline application login method is applied to a second client, where the second client is located in a second terminal, and includes the following steps:
step 201, analyzing the login two-dimensional code displayed in the first terminal, and determining a uniform resource locator and a login parameter included in the login two-dimensional code.
Specifically, the offline application login method provided in the embodiment of the present invention may be executed by the second client provided in the embodiment of the present invention. The second client may be configured in any terminal. The types of the terminal are many, for example, the terminal may be a mobile phone, a computer, or the like.
Step 202, the login parameters are sent to the server corresponding to the uniform resource locator.
And step 203, acquiring and outputting the check code returned by the server.
Specifically, after the second client sends the login parameters to the server corresponding to the uniform resource locator, the server may determine the corresponding check code according to the login parameters, and return the check code to the second client, so that the second client may obtain and output the check code returned by the server.
In particular, step 203 can be implemented in a variety of ways.
In a first mode
And acquiring the check code returned by the server, and displaying the check code on a display screen of the second terminal.
Specifically, after determining the corresponding check code according to the login parameter, the server may directly return the check code to the second client, so that the second client may directly display the check code on the second terminal, as shown in fig. 2A, so that the user may directly input the check code displayed on the second terminal in the first client, and then determine whether the login is legal or not according to the check code.
Mode two
And acquiring and displaying the first two-dimensional code which is returned by the server and contains the check code.
Specifically, after determining the corresponding check code according to the login parameter, the server may generate a first two-dimensional code including the check code, and return the first two-dimensional code to the second client, so that the second client may display the first two-dimensional code on the second terminal after acquiring the first two-dimensional code, so that the first terminal may scan the first two-dimensional code in the second terminal to acquire the check code, and then determine whether the login is legal or not according to the check code.
Mode III
And acquiring the check code returned by the server, and generating a second two-dimensional code according to the check code.
Specifically, after determining the corresponding check code according to the login parameter, the server may return the check code to the second client, and the second client may generate the second two-dimensional code including the check code according to the check code and display the second two-dimensional code on the second terminal, so that the first terminal may scan the second two-dimensional code in the second terminal to obtain the check code, and then determine whether the login is legal or not according to the check code.
Mode IV
And acquiring the check code returned by the server, and playing the check code in a voice mode.
Specifically, after determining the corresponding check code according to the login parameter, the server may return the check code to the second client, and the second client may generate the voice including the check code according to the check code and play the voice to the first client, so that the first terminal may analyze the voice played by the second terminal to obtain the check code, and then determine whether the login is legal or not according to the check code.
It should be noted that, the above example of obtaining and outputting the check code returned by the server is only an illustrative example, and cannot be taken as a limitation to the technical solution of the present application, and on the basis, a person skilled in the art may set any way to obtain and output the check code returned by the server according to needs, and the present application is not limited herein.
In specific implementation, the check code returned by the server can be acquired and output in any mode according to needs.
For example, the two-dimensional code corresponding to the login generated by the first client may include information about whether the first terminal has a microphone or a camera. If the second client side determines that the first terminal has the microphone after analyzing the login two-dimensional code, the second client side can play the check code in a voice mode after acquiring the check code returned by the server; if the second client determines that the first terminal has the camera after analyzing the login two-dimensional code, the second client can generate a second two-dimensional code including the check code according to the check code after acquiring the check code returned by the server, and the second two-dimensional code is displayed on the second terminal, and so on.
It should be noted that, in order to further improve the security of the information of the user to be logged in, the server may also verify the validity of the second client before returning the check code to the second client, that is, in a preferred implementation form of the present invention, the second client may send verification information to the server, so that the server verifies whether the second client is valid according to the verification information.
That is, after step 202, it may further include:
and sending the verification information input by the user in the login verification interface to the server.
The authentication information may be a password of the first client, or an answer to a reserved question, or the like.
Specifically, after obtaining the login parameter sent by the second client, the server may return a login verification interface corresponding to the login parameter to the second client, so that the user may input verification information in the verification login interface. The second client may send the verification information to the server, so that the server verifies whether the second client is legal according to the verification information input by the user.
The off-line application login method provided by the embodiment of the invention comprises the steps of firstly analyzing the login two-dimensional code displayed in the first terminal, determining the uniform resource locator and the login parameter included in the login two-dimensional code, then sending the login parameter to the server corresponding to the uniform resource locator, and finally obtaining and outputting the check code returned by the server. Therefore, when the first client side performs offline login, the second client side is used for verifying the legality of the first client side and the server, the safety and the reliability of application offline login are improved, and the user experience is improved.
The following describes the offline application login method provided in the embodiment of the present invention in detail, taking a server side as an example.
Fig. 3 is a flowchart illustrating an offline application login method according to another exemplary embodiment.
As shown in fig. 3, the offline application login method, applied to a server, includes:
step 301, obtaining the login parameters sent by the second client.
The offline application login method provided by the embodiment of the invention can be executed by the server provided by the embodiment of the invention.
Specifically, when the first client acquires the offline login request, a login two-dimensional code corresponding to the login can be generated and displayed on the first terminal, wherein the login two-dimensional code comprises a uniform resource locator and login parameters corresponding to the first client. The second client can analyze the login two-dimensional code displayed in the first terminal to determine the uniform resource locator and the login parameter included in the login two-dimensional code, and send the login parameter to the server corresponding to the uniform resource locator, so that the server can obtain the login parameter sent by the second client.
Step 302, according to the login parameters, determining the check codes corresponding to the login parameters.
Specifically, after the server obtains the login parameters, the check code corresponding to the login parameters can be determined according to the login parameters.
In specific implementation, the first client may generate a random number and generate the login two-dimensional code by encrypting the random number, so that the login parameter sent to the server after the second client analyzes the login two-dimensional code may include the encrypted random number. After the server acquires the random number containing the encryption, the verification code can be determined by decrypting the login parameters.
That is, step 302 may include:
and decrypting the login parameters to determine the check code.
In addition, the login parameters sent by the second client may only include the user information to be logged in, and in step 302, the check code corresponding to the login parameters may also be determined in the following manner.
In a first mode
And determining a check code corresponding to the identifier of the first client and the user information to be logged in by searching a preset mapping relation table.
Specifically, a check code may be preset in the first client, and a mapping relationship exists between the check code and the user information to be logged in, and the mapping relationship is stored in the server. Therefore, after the server acquires the login parameters sent by the second client, the server can determine the check code corresponding to the user information to be logged in by searching the preset mapping relation.
Mode two
And generating a check code corresponding to the identifier of the first client and the user information to be logged in according to a first preset rule.
The first preset rule is a rule for generating a check code corresponding to the identifier of the first client and the user information to be logged in.
Specifically, it may be preset that both the first client and the server generate the check code corresponding to the identifier of the first client and the user information to be logged in according to a second preset rule. Therefore, after the server acquires the login parameters sent by the second client, the server can generate the check code corresponding to the identifier of the first client and the user information to be logged in according to a second preset rule.
Step 303, returning the check code to the second client.
Specifically, after determining the check code corresponding to the login parameter, the server may return the check code to the second client, so that the first client obtains the check code output by the second client, and determines whether the offline login is legal or not according to the obtained check code, thereby controlling the first client to perform the offline login.
Further, in order to improve the security and reliability of the offline login, in a preferred implementation form of the present application, before the server returns the check code to the second client, it may also verify whether the second client is legal. Specifically, whether the second client is legal or not may be determined in various ways.
For example, the server may return a login authentication interface to the second client according to the login parameters, so that the user may input authentication information in the authentication login interface. After the second client acquires the verification information input by the user, the second client can send the verification information to the server, so that the server can determine that the second client is a legal client according to the verification information sent by the second client.
The authentication information may be a password corresponding to the user to log in, or an answer to a reserved question, and the like.
For example, assume that the authentication information is a password corresponding to the UIN, that is, a login authentication interface as shown in fig. 3A is displayed in the second client, so that the user can input the password corresponding to the UIN in the login authentication interface. After the second client sends the authentication information input by the user to the server, the server can judge whether the obtained password corresponding to the UIN is the same as the password corresponding to the UIN stored in the server, and if the obtained password is the same as the password, the second client can be determined to be a legal client.
Or, when the server logs in the first client, the identifier corresponding to the valid second client or the second terminal may be stored, so that when the second client sends the login parameter to the server, the identifier corresponding to the second client or the second terminal may be sent to the server, so that the server determines whether the current second client is valid according to the obtained identifier corresponding to the second client or the second terminal and the pre-stored identifier of the valid second client or the second terminal. If the identifier corresponding to the second client or the second terminal acquired by the server matches with the identifier of the second client or the second terminal stored in advance, it can be determined that the current second client is a valid client.
It should be noted that, the above example of determining whether the second client is legal is only an illustrative example, and is not meant to be a limitation to the technical solution of the present application.
The off-line application login method provided by the embodiment of the invention comprises the steps of firstly obtaining login parameters sent by the second client, and then determining the check code corresponding to the login parameters according to the login parameters, so that when the second client is determined to be legal, the check code is returned to the second client. Therefore, when the first client side performs offline login, the second client side is used for verifying the legality of the first client side and the server, the safety and the reliability of application offline login are improved, and the user experience is improved.
Fig. 3B is a diagram illustrating an application scenario of a first client, a second client, and a server, according to an example embodiment.
The first client is illustrated by taking a computer as an example, and the second client is illustrated by taking a mobile phone as an example.
As shown in fig. 3B, after obtaining the offline login request, the first client may generate a random number according to a second preset rule, encrypt the random number, the user identifier to be logged in, and the password to generate encrypted data, and further modify the uniform resource locator according to the encrypted data, so as to generate a login two-dimensional code according to the modified uniform resource locator, and display the login two-dimensional code in the first terminal. Here, the random number is "30596".
The second client can analyze the login two-dimensional code displayed in the first client, determine the uniform resource locator and the login parameter included in the login two-dimensional code, and send the login parameter to the server corresponding to the uniform resource locator.
After the server acquires the login parameters sent by the second client, the server can decrypt the login parameters, determine the check codes corresponding to the login parameters, and return the check codes to the second client. Wherein, the check code is '30596'.
And after the second client acquires the check code returned by the server, the check code can be output. Wherein, the check code is '30596'.
The first client can obtain the check code output by the second client, and the check code is the same as the random number '30596' generated according to the first rule, so that the check code can be determined to be legal, and the first client is controlled to log in.
Fig. 4 is a signaling interaction diagram illustrating an offline application login method according to an example embodiment.
As shown in fig. 4, the offline application login method is executed by a first client a, a second client B and a server S, and the specific interaction process is as follows:
step 401, a obtains an offline login request input by a user.
In step 402, after obtaining the offline login request, a generates a random number according to a first preset rule.
In step 403, a encrypts the random number and the user information to be logged in to generate encrypted data.
And step 404, modifying the uniform resource locator by using the encrypted data, and generating a login two-dimensional code according to the modified uniform resource locator.
The login two-dimensional code comprises a uniform resource locator and a login parameter corresponding to the first client.
The login parameters include a random number.
Step 405, B analyzes the login two-dimensional code displayed in the first terminal, and determines the uniform resource locator and the login parameters included in the login two-dimensional code.
In step 406, B sends the login parameters to S corresponding to the uniform resource locator.
Step 407, S decrypts the login parameter, and determines the check code.
And step 408, when the S determines that the B is legal, the S returns the check code to the B.
And step 409, A acquires the check code output by B.
And step 410, when the check code is determined to be consistent with the random number, determining that the check code is legal, and controlling the first client to perform offline login.
The first client A, the second client B and the server S can realize the offline login of the application through the interaction, and the interaction of A, B and the server S verifies whether the offline login is legal or not, so that the safety of the offline login application is improved, and the user experience is improved.
Fig. 5 is a signaling interaction diagram illustrating an offline application login method according to an example embodiment.
As shown in fig. 5, the offline application login method is executed by a first client a, a second client B and a server S, and the specific interaction process is as follows:
step 501, a obtains an offline login request input by a user.
Step 502, a encrypts the user information to be logged in to generate encrypted data.
Step 503, a modifies the uniform resource locator corresponding to the first client by using the encrypted data.
And step 504, generating a login two-dimensional code according to the modified uniform resource locator.
The login two-dimensional code comprises a uniform resource locator and a login parameter corresponding to the first client.
The login parameters comprise the identification of the first client and the information of the user to be logged in.
Step 505, B analyzes the login two-dimensional code displayed in the first terminal, and determines the uniform resource locator and the login parameter included in the login two-dimensional code.
Step 506, B sends the login parameter to S corresponding to the uniform resource locator.
Step 507, S determines a check code corresponding to the user information to be logged in by searching a preset mapping relationship table.
And step 508, when the S determines that the B is legal, the S returns the check code to the B.
In step 509, a obtains the check code output by B.
Step 510, when the check code is determined to be consistent with the preset check code, determining that the check code is legal, and controlling the first client to perform offline login.
The first client A, the second client B and the server S can realize the offline login of the application through the interaction, and the interaction of A, B and the server S verifies whether the offline login is legal or not, so that the safety of the offline login application is improved, and the user experience is improved.
In an exemplary embodiment, there is also provided a terminal including:
memory, processor and computer program stored on the memory and executable on the processor, characterized in that the processor implements the offline application login method according to the first aspect when executing the program and/or implements the offline application login method according to the second aspect.
In an exemplary embodiment, there is also provided a server, including:
memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the offline application login method according to the third aspect is implemented when the processor executes the program.
In an exemplary embodiment, a computer readable storage medium is also provided, on which a computer program is stored, which when executed by a processor implements the offline application login method as described in the embodiments of the first aspect above, and/or implements the offline application login method as described in the embodiments of the second aspect above.
In an exemplary embodiment, there is also provided a computer readable storage medium, on which a computer program is stored, which when executed by a processor, implements the offline application login method as described in the third aspect embodiment above.
In an exemplary embodiment, there is also provided a computer program product, which when executed by an instruction processor performs the offline application login method as described in the embodiment of the first aspect above, and/or performs the offline application login method as described in the embodiment of the second aspect above.
In an exemplary embodiment, there is also provided a computer program product, which when executed by an instruction processor performs the offline application login method as described in the embodiment of the third aspect.
In the description of the present invention, it is to be understood that the terms "first", "second" and the like are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implying any number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include one or more of that feature. In the description of the present invention, "a plurality" means two or more unless specifically defined otherwise.
In the description of the specification, reference to the description of the term "one embodiment", "some embodiments", "an example", "a specific example", or "some examples", etc., means that a particular feature or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above are not necessarily intended to refer to the same embodiment or example. Furthermore, the particular features or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, various embodiments or examples and features of different embodiments or examples described in this specification can be combined and combined by one skilled in the art without contradiction.
Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing specific logical functions or steps of the process, and alternate implementations are included within the scope of the preferred embodiment of the present invention in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the present invention.
The logic and/or steps represented in the flowcharts or otherwise described herein, e.g., an ordered listing of executable instructions that can be considered to implement logical functions, can be embodied in any computer-readable medium for use by or in connection with an instruction execution system, apparatus, or device, such as a computer-based system, processor-containing system, or other system that can fetch the instructions from the instruction execution system, apparatus, or device and execute the instructions. For the purposes of this description, a "computer-readable medium" can be any means that can contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device. More specific examples (a non-exhaustive list) of the computer-readable medium would include the following: an electrical connection (electronic device) having one or more wires, a portable computer diskette (magnetic device), a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber device, and a portable compact disc read-only memory (CDROM). Additionally, the computer-readable medium could even be paper or another suitable medium upon which the program is printed, as the program can be electronically captured, via for instance optical scanning of the paper or other medium, then compiled, interpreted or otherwise processed in a suitable manner if necessary, and then stored in a computer memory.
It should be understood that portions of the present invention may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.
It will be understood by those skilled in the art that all or part of the steps carried by the method for implementing the above embodiments may be implemented by hardware related to instructions of a program, which may be stored in a computer readable storage medium, and when the program is executed, the program includes one or a combination of the steps of the method embodiments.
In addition, functional units in the embodiments of the present invention may be integrated into one processing module, or each unit may exist alone physically, or two or more units are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. The integrated module, if implemented in the form of a software functional module and sold or used as a stand-alone product, may also be stored in a computer readable storage medium.
The storage medium mentioned above may be a read-only memory, a magnetic or optical disk, etc. Although embodiments of the present invention have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present invention, and that variations, modifications, substitutions and alterations can be made to the above embodiments by those of ordinary skill in the art within the scope of the present invention.

Claims (14)

1. An offline application login method is applied to a first client, wherein the first client is located in a first terminal, and the method is characterized by comprising the following steps:
after an offline login request is obtained, a login two-dimensional code corresponding to the login is generated, wherein the login two-dimensional code comprises a uniform resource locator and a login parameter corresponding to the first client; the login parameters comprise user information to be logged in; the generating of the login two-dimensional code corresponding to the login comprises the following steps: encrypting the user information to be logged in to generate encrypted data; utilizing the encrypted data to modify a uniform resource locator corresponding to the first client; generating the login two-dimensional code according to the modified uniform resource locator;
acquiring a check code for verifying whether the offline login is legal or not, wherein the check code is acquired from a server by a second client side located in a second terminal according to the login two-dimensional code;
and controlling the first client to perform offline login when the check code is determined to be legal.
2. The method of claim 1, wherein said determining that the check code is legitimate comprises:
and when the check code is determined to be consistent with a preset check code, or when the check code is determined to be consistent with a check code generated according to a first preset rule, determining that the check code is legal.
3. The method of claim 1, wherein prior to generating the encrypted data, further comprising:
generating a random number according to a second preset rule;
the generating of the encrypted data includes:
encrypting the random number and the user information to be logged in to generate encrypted data;
the determining that the check code is legal includes:
and when the check code is determined to be consistent with the random number, determining that the check code is legal.
4. The method according to any one of claims 1 to 3, wherein before obtaining the offline login request, the method further comprises:
triggering an offline login request when the first terminal is determined to be in a no-network-connection state currently;
or acquiring an offline login request input by a user.
5. A method according to any one of claims 1-3, wherein said obtaining a check code for verifying whether the offline login is legitimate comprises:
acquiring a check code input by a user;
or scanning the two-dimensional code in the second terminal to obtain the check code;
or analyzing the acquired voice and determining the check code.
6. An offline application login method is applied to a second client, wherein the second client is located in a second terminal, and the method is characterized by comprising the following steps:
the method comprises the steps that a login two-dimensional code corresponding to the login generated after an offline login request is obtained and displayed in a first terminal is analyzed, and a uniform resource locator and login parameters included in the login two-dimensional code are determined; the login parameters comprise user information to be logged in; the generating of the login two-dimensional code corresponding to the login comprises the following steps: encrypting the user information to be logged in to generate encrypted data; the first client is positioned in the first terminal, and the encrypted data is used for modifying the uniform resource locator corresponding to the first client; generating the login two-dimensional code according to the modified uniform resource locator;
sending the login parameters to a server corresponding to the uniform resource locator;
and acquiring and outputting the check code returned by the server, and further controlling the first client to perform offline login when the check code is determined to be legal.
7. The method of claim 6, wherein said obtaining and outputting the check code returned by the server comprises:
acquiring a check code returned by the server, and displaying the check code on a display screen of the second terminal;
or, acquiring and displaying a first two-dimensional code which is returned by the server and contains the check code;
or acquiring a check code returned by the server, and generating a second two-dimensional code according to the check code;
or acquiring the check code returned by the server and playing the check code in a voice mode.
8. The method of claim 6, wherein after sending the login parameters to the server corresponding to the uniform resource locator, further comprising:
and sending the verification information input by the user in the login verification interface to the server.
9. An off-line application login method is applied to a server, and is characterized by comprising the following steps:
acquiring login parameters sent by a second client; the login parameters are the login two-dimensional code which is displayed in the first terminal by the second client and is generated after the offline login request is obtained, the login two-dimensional code corresponding to the login is analyzed, and the uniform resource locator and the login parameters which are included in the login two-dimensional code are determined; the login parameters comprise user information to be logged in; the generating of the login two-dimensional code corresponding to the login comprises the following steps: encrypting the user information to be logged in to generate encrypted data; the first client is positioned in the first terminal, and the encrypted data is used for modifying the uniform resource locator corresponding to the first client; generating the login two-dimensional code according to the modified uniform resource locator;
determining a check code corresponding to the login parameter according to the login parameter;
and returning the check code to the second client, and further controlling the first client to perform offline login when the check code is determined to be legal.
10. The method of claim 9, wherein the login parameters include information of a user to be logged in;
the determining the check code corresponding to the login parameter includes:
determining a check code corresponding to the identifier of the first client and the user information to be logged in by searching a preset mapping relation table;
or generating a check code corresponding to the identifier of the first client and the user information to be logged in according to a first preset rule.
11. The method of claim 9, wherein the login parameters include an encrypted random number;
the determining the check code corresponding to the login parameter includes:
and decrypting the login parameters to determine the check code.
12. The method of any of claims 9-11, wherein prior to returning the check code to the second client, further comprising:
determining the second client as a legal client according to the verification information sent by the second client;
or, according to the user identifier to which the second client belongs, determining that the second client is legal;
or determining that the second client is legal according to the identifier of the second terminal where the second client is located.
13. A terminal for an offline application login method, comprising a memory and a computer program stored on said memory and executable on a processor, characterized in that said processor, when executing said program, implements the offline application login method according to any of claims 1-5 and/or implements the offline application login method according to any of claims 6-8.
14. A server for an offline application login method, comprising a memory and a computer program stored on the memory and executable on a processor, wherein the processor, when executing the program, implements the offline application login method according to any one of claims 9-12.
CN201710931675.1A 2017-10-09 2017-10-09 Offline application login method, terminal and server Active CN109639622B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710931675.1A CN109639622B (en) 2017-10-09 2017-10-09 Offline application login method, terminal and server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710931675.1A CN109639622B (en) 2017-10-09 2017-10-09 Offline application login method, terminal and server

Publications (2)

Publication Number Publication Date
CN109639622A CN109639622A (en) 2019-04-16
CN109639622B true CN109639622B (en) 2021-02-12

Family

ID=66050881

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710931675.1A Active CN109639622B (en) 2017-10-09 2017-10-09 Offline application login method, terminal and server

Country Status (1)

Country Link
CN (1) CN109639622B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112134888A (en) * 2020-09-23 2020-12-25 中海油能源发展珠海石化销售有限公司 Maritime task checking method
CN114442872B (en) * 2020-10-19 2023-10-27 聚好看科技股份有限公司 Layout and interaction method of virtual user interface and three-dimensional display equipment
CN113378142A (en) * 2021-06-28 2021-09-10 平安普惠企业管理有限公司 Verification method, device and equipment based on graphic verification code and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102903045A (en) * 2011-07-25 2013-01-30 上海博路信息技术有限公司 Offline payment method with internet manner
CN103001973A (en) * 2012-12-26 2013-03-27 百度在线网络技术(北京)有限公司 Method, system and device used for controlling login and based on two-dimensional code
CN103297231A (en) * 2012-03-01 2013-09-11 盛大计算机(上海)有限公司 Identity authentication method and system
CN105099707A (en) * 2015-08-27 2015-11-25 赛肯(北京)科技有限公司 Offline authentication method, server and system
WO2016169423A1 (en) * 2015-04-20 2016-10-27 信码互通(北京)科技有限公司 Data authenticity identification method for safety check of two-dimensional code

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040168066A1 (en) * 2003-02-25 2004-08-26 Alden Kathryn A. Web site management system and method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102903045A (en) * 2011-07-25 2013-01-30 上海博路信息技术有限公司 Offline payment method with internet manner
CN103297231A (en) * 2012-03-01 2013-09-11 盛大计算机(上海)有限公司 Identity authentication method and system
CN103001973A (en) * 2012-12-26 2013-03-27 百度在线网络技术(北京)有限公司 Method, system and device used for controlling login and based on two-dimensional code
WO2016169423A1 (en) * 2015-04-20 2016-10-27 信码互通(北京)科技有限公司 Data authenticity identification method for safety check of two-dimensional code
CN105099707A (en) * 2015-08-27 2015-11-25 赛肯(北京)科技有限公司 Offline authentication method, server and system

Also Published As

Publication number Publication date
CN109639622A (en) 2019-04-16

Similar Documents

Publication Publication Date Title
TWI686075B (en) Identity verification method and device, electronic equipment
CN107864115B (en) Method for user account login verification by using portable terminal
CN107251035B (en) Account recovery protocol
CN107332808B (en) Cloud desktop authentication method, server and terminal
CN103685311B (en) A kind of login validation method and equipment
CN108023874B (en) Single sign-on verification device and method and computer readable storage medium
CN104519066B (en) A kind of method for activating mobile terminal token
CN103281340B (en) 2 D code verification method, system, client, issue and cloud server
CN108965331B (en) Login verification method, device and system
TW201706900A (en) Method and device for authentication using dynamic passwords
WO2015062378A1 (en) User registration method, mobile terminal and server of client application program
CN103986720A (en) Log-in method and device
US20150089214A1 (en) Enhanced authentication and/or enhanced identification of a secure element of a communication device
CN109413096B (en) A kind of login method and device more applied
CN109639622B (en) Offline application login method, terminal and server
CN104660416A (en) Work methods of voice certification system and equipment
CN104023012B (en) The method, apparatus and system of service are called in cluster
CN112615834B (en) Security authentication method and system
CN105447715A (en) Method and apparatus for anti-theft electronic coupon sweeping by cooperating with third party
EP3618428A1 (en) Method and system for storing video, and method for accessing video
CN108337210A (en) Equipment configuration method and device, system
CN107484032A (en) Prevent the verification method and device brushed
CN110311895A (en) Session authorization check method, system and the electronic equipment of identity-based verifying
CN106899546B (en) User information acquisition method and device
CN110691091A (en) Data acquisition method and device based on identity authentication and computer equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant