CN109718557B - Cross-server login method - Google Patents
Cross-server login method Download PDFInfo
- Publication number
- CN109718557B CN109718557B CN201910068709.8A CN201910068709A CN109718557B CN 109718557 B CN109718557 B CN 109718557B CN 201910068709 A CN201910068709 A CN 201910068709A CN 109718557 B CN109718557 B CN 109718557B
- Authority
- CN
- China
- Prior art keywords
- server
- cross
- account
- client
- login
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The invention relates to a cross-server login method, which is characterized in that a user logs in a game server by using a client, after a cross-server activity starts, the client applies for joining the cross-server activity, the game server generates a cross-server token based on an authentication random number generated by the cross-server, and the client logs in the cross-server by holding the cross-server token. The method reduces the pressure of the server on the basis of ensuring the safety of cross-server login.
Description
[ technical field ] A method for producing a semiconductor device
The invention belongs to the field of computers and information security, and particularly relates to a cross-server login method.
[ background of the invention ]
Existing network games typically have multiple game servers, and a player needs to log in to a server of his choice so as to interact with other players on the game server, but cannot interact with players on other game servers. To overcome this limitation, some network games propose the concept of cross-server activities, i.e., players can participate in cross-server activities under certain conditions (e.g., specified times) to interact with other players from different game servers participating in cross-server activities.
In particular, a server for performing cross-server activities is generally required to be introduced to accept players from various game servers, so that the players are incorporated into the same cross-server. When a cross-server activity begins, the cross-server may face a large number of player login requests, placing a great deal of stress on the cross-server. Therefore, how to process a large number of login requests and ensure the security of the login of the player is a technical problem to be solved.
[ summary of the invention ]
In order to solve the above problems in the prior art, the present invention provides a cross-server login method.
The technical scheme adopted by the invention is as follows:
a cross-server login method comprises the following steps:
(1) a user logs in a game server by using a client; the game server generates a login Token for the user, namely Token ═ E (account, R), wherein account is an account number of the user, E is a symmetric encryption algorithm, and R is a random number;
(2) after the cross-server starts the cross-server activity, when the cross-server starts each time period, the login number K which can be accepted in the time period is calculated according to the current load of the cross-server;
(3) the cross-server inquires how many authentication random numbers are kept in the database server at present;
(4) the database server replies the number m of the currently held authentication random numbers to the cross-server, if m is less than K, the cross-server generates K-m random numbers as new authentication random numbers to be sent to the database server, and the database server stores the K-m authentication random numbers; if m is larger than K, the cross-server informs the database server to delete m-K authentication random numbers in the cross-server;
(5) a user puts forward a request for participating in cross-server activities to a game server through a client;
(6) the game server sends a request to the database server to apply for an authentication random number; if the database server does not have the authentication random number at present, rejecting the application; otherwise, the database server selects one from the stored random numbers and returns the selected random number to the game server, and deletes the selected random number from the stored random numbers;
(7) after receiving the random number R1, the game server generates a Token1, i.e., Token1 ═ E (account, R2), where R2 ═ R R1, and sends the Token to the client;
(8) the client sends a user account and the cross-server token to the cross-server to apply for login, and the cross-server sends the cross-server token to the game server as verification data;
(9) the game server decrypts the cross-server token to obtain account and R2, and meanwhile, the game server obtains a random number R corresponding to the account and calculates to obtain R1-R2R;
(10) and the game server sends the account and the R1 obtained in the step 9 to the cross-server, the cross-server judges whether the account is the same as the user account received in the step 8, if the account is different, the client login is rejected, if the account is the same, the server judges whether the R1 is the authentication random number generated in the latest period of time, if the account is not the authentication random number, the client login is rejected, otherwise, the client login is accepted.
Further, the key of the encryption algorithm E is stored only by the game server.
Further, the account of the user and the corresponding random number R are stored in the game server in an associated manner.
Further, the login domain has an expiration time.
Further, the step 5 specifically includes: after the cross-service activity starts, the game server informs the client, the client displays corresponding participation options to the user, and the user sends a request for participating in the cross-service activity to the game server by selecting the options.
Further, in step 6, after the database server rejects the application of the game server, the game server notifies the client that the current server is busy, or waits for a period of time for reapplication.
Further, in the step 10, the latest period of time is set to be within the latest two time periods.
The invention has the beneficial effects that: on the basis of guaranteeing the safety of cross-server login, the pressure of the server is reduced.
[ description of the drawings ]
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, and are not to be considered limiting of the invention, in which:
FIG. 1 is a block diagram of a cross-server gaming system of the present invention.
[ detailed description ] embodiments
The present invention will now be described in detail with reference to the drawings and specific embodiments, wherein the exemplary embodiments and descriptions are provided only for the purpose of illustrating the present invention and are not to be construed as limiting the present invention.
Referring to fig. 1, a block diagram of an overall cross-server gaming system is shown, the overall system including a plurality of game clients, a plurality of game servers, a cross-server, and a database server. In general, a user logs in a game server to which the user belongs to play a game using a client, and when a cross-server event (for example, a cross-server battle) is required, the client logs in the cross-server to play the game. The client and the game server, and different servers can communicate with each other through a network, and the communication performed by the login method of the invention is performed in a secure channel, for example, through an https protocol.
Based on the above system configuration, the method of the present invention will be described in detail below.
(1) The user logs in the game server by using the client.
Before the cross-service activity is performed, a user firstly needs to log in a corresponding game server, specifically, the user inputs an account number and a password at a client, the client calculates a hash value of the password, and the hash value and the account number are sent to the game server.
The game server randomly generates a random number R, and generates a login Token for the user, i.e., Token ═ E (account, R), where account is the user's account number and E is a symmetric encryption algorithm, and the encryption algorithm uses a key known only to the game server and can be decrypted only by the game server.
The game server sends the login token to the client, and the client can directly log in the game server with the login token. Specifically, when the game server generates a login token, the game server correspondingly stores the user account and the random number R in the game server, so that when the game server receives the login token, the game server decrypts the login token, judges whether the account and the random number R in the login token correspond to each other, and if so, allows the client to log in with the identity of the user account.
Preferably, the game server may set an expiration time for the login token, after which the user is required to re-login using their account password and generate a new login token.
(2) After the cross-server starts the cross-server activity, when the cross-server starts each time period, the login number K which can be accepted in the time period is calculated according to the current load of the cross-server.
The time period is predetermined, e.g., 10 minutes, and the cross-server calculates how many users can be logged in the next 10 minutes without placing excessive stress on the cross-server. And the cross server is calculated every 10 minutes to obtain the acceptable login number of the next 10 minutes.
Because the load of the cross-server is dynamically changed, a new user logs in each time period, and the user logs out of the cross-server activity, the acceptable login number calculated for each time period is different.
(3) The cross-server queries the database server for how many authentication random numbers it currently holds.
The authentication random number is generated by the cross-server (specific generation and action see the subsequent steps), and is stored by the database server, and the number of the authentication random numbers is controlled by the cross-server.
(4) The database server replies the number (assuming that m are available) of the currently-stored authentication random numbers to the cross-server, if m is smaller than K, the cross-server generates K-m random numbers as new authentication random numbers and sends the new authentication random numbers to the database server, and the database server stores the K-m authentication random numbers; and if m is larger than K, the cross-server informs the database server to delete m-K authentication random numbers in the cross-server.
The authentication random number is used for authenticating acceptable cross-server login, and through the step 4, the cross-server ensures that only K authentication random numbers exist in the database server, and the number corresponds to the login number in the current time period.
(5) A user makes a request to a game server through a client to participate in a cross-server activity.
Specifically, after the cross-server activity starts, the game server notifies the client, the client also presents corresponding participation options to the user, and the user sends a request for participating in the cross-server activity to the game server by selecting such options.
(6) The game server sends a request to the database server to apply for an authentication random number; if the database server does not have the authentication random number at present, rejecting the application; otherwise, the database server selects one from the stored random numbers and returns it to the game server, and deletes the selected random number from the stored random numbers.
Step 6 means that each user applying for the cross-service activity obtains an authentication random number from the database server indirectly through the game server. The database server assigns the authentication random numbers it holds based on the game server's applications, one for each application, and once assigned, is removed from the database server. Therefore, the number of the users capable of logging in the cross-server within a period of time is controlled by authenticating the distribution number of the random numbers, and the pressure of large-scale logging on the cross-server is avoided. Meanwhile, the cross-server transfers the work to the database server, and the stress of the cross-server is dispersed.
If the database server does not hold the random number of authentication currently, the application of the game server is refused, the game server can inform the client that the current server is busy or wait for a period of time to reapply, and the specific processing mode is not limited by the invention.
(7) After receiving the random number R1, the game server generates a Token1, i.e., Token1 ═ E (account, R2), where R2 ═ R R1, and sends the Token to the client.
As can be seen from the above calculation process, the cross-server token actually includes the related information of the login token at the same time, and the cross-server token is associated with the login token of the client for subsequent authentication.
(8) The client sends the user account and the cross-server token to the cross-server to apply for login, and the cross-server sends the cross-server token to the game server as verification data.
The cross-server token actually contains account information of the user, so that the cross-server token and the cross-server token need to correspond to each other to pass the verification of the cross-server. Since only the game server can decrypt the cross-server token, the cross-server needs to verify the cross-server token through the game server.
(9) The game server decrypts the cross-server token to obtain account and R2, and meanwhile, the game server obtains a random number R corresponding to the account and calculates to obtain R1-R2R.
As described above, the game server stores the user account and the random number R thereof in correspondence. Since there may be multiple clients simultaneously requesting to log in the cross-server, the game server needs to obtain the random number R corresponding to the client according to the user account, and further calculates R1.
(10) And the game server sends the account and the R1 obtained in the step 9 to the cross-server, the cross-server judges whether the account is the same as the user account received in the step 8, if the account is different, the client login is rejected, if the account is the same, the server judges whether the R1 is the authentication random number generated in the latest period of time, if the account is not the authentication random number, the client login is rejected, otherwise, the client login is accepted.
The last period of time may be predetermined to limit the login delay of the client, for example, set to the last two time periods. Meanwhile, for comparison, the cross-server also needs to store the authentication random number generated in the last period of time.
Based on the login process, the cross-server sets the authentication random number in each time period and transfers the verification work to the game server and the database server, thereby avoiding large-flow login verification at the same time and reducing the server pressure. On the other hand, the setting of the authentication random number and the cross-service token also ensures the security of cross-service login.
The above description is only a preferred embodiment of the present invention, and all equivalent changes or modifications of the structure, characteristics and principles described in the present invention are included in the scope of the present invention.
Claims (7)
1. A cross-server login method is characterized by comprising the following steps:
(1) a user logs in a game server by using a client; the game server generates a login Token for the user, namely Token ═ E (account, R), wherein account is an account number of the user, E is a symmetric encryption algorithm, and R is a random number;
(2) after the cross-server starts the cross-server activity, when the cross-server starts each time period, the login number K which can be accepted in the time period is calculated according to the current load of the cross-server;
(3) the cross-server inquires how many authentication random numbers are kept in the database server at present;
(4) the database server replies the number m of the currently held authentication random numbers to the cross-server, if m is less than K, the cross-server generates K-m random numbers as new authentication random numbers to be sent to the database server, and the database server stores the K-m authentication random numbers; if m is larger than K, the cross-server informs the database server to delete m-K authentication random numbers in the cross-server;
(5) a user puts forward a request for participating in cross-server activities to a game server through a client;
(6) the game server sends a request to the database server to apply for an authentication random number; if the database server does not have the authentication random number at present, rejecting the application; otherwise, the database server selects one from the stored random numbers and returns the selected random number to the game server, and deletes the selected random number from the stored random numbers;
(7) the game server receives the random number of authentication R1 and generates a Token1, i.e. Token1 ═ E (account, R2), wherein
And sending the cross-service token to the client;
(8) the client sends a user account and the cross-server token to the cross-server to apply for login, and the cross-server sends the cross-server token to the game server as verification data;
(9) the game server decrypts the cross-server token to obtain account and R2 in the cross-server token, and simultaneously obtains the random number corresponding to the accountThe machine number R is obtained by calculation
(10) And the game server sends the account and the R1 obtained in the step 9 to the cross-server, the cross-server judges whether the account is the same as the user account received in the step 8, if the account is different, the client login is rejected, if the account is the same, the server judges whether the R1 is the authentication random number generated in the latest period of time, if the account is not the authentication random number, the client login is rejected, otherwise, the client login is accepted.
2. The method of claim 1, wherein the key of encryption algorithm E is stored only by the game server.
3. The method according to any one of claims 1-2, wherein the association between the user account count and the corresponding random number R is stored in the game server.
4. The method of any of claims 1-2, wherein the login token has an expiration time.
5. The method according to any one of claims 1-2, wherein step 5 specifically comprises: after the cross-service activity starts, the game server informs the client, the client displays corresponding participation options to the user, and the user sends a request for participating in the cross-service activity to the game server by selecting the options.
6. The method of any one of claims 1-2, wherein in step 6, after the database server refuses the application of the game server, the game server notifies the client that the current server is busy or waits for a period of time for re-application.
7. The method of claim 1, wherein in step 10, the latest period of time is set to be within the latest two time periods.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910068709.8A CN109718557B (en) | 2019-01-24 | 2019-01-24 | Cross-server login method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910068709.8A CN109718557B (en) | 2019-01-24 | 2019-01-24 | Cross-server login method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109718557A CN109718557A (en) | 2019-05-07 |
| CN109718557B true CN109718557B (en) | 2022-02-08 |
Family
ID=66299991
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910068709.8A Active CN109718557B (en) | 2019-01-24 | 2019-01-24 | Cross-server login method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109718557B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111282262B (en) * | 2020-01-13 | 2023-04-18 | 网易(杭州)网络有限公司 | Game server communication method and device |
| CN111786948B (en) * | 2020-05-21 | 2022-01-28 | 中清龙图计算机科技(上海)有限公司 | Cloud game control method, device, system, equipment and medium |
| CN112604270A (en) * | 2020-12-29 | 2021-04-06 | 北京冰封互娱科技有限公司 | Cross-server method, device and equipment for online game |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1283631A2 (en) * | 2001-08-06 | 2003-02-12 | Sun Microsystems, Inc. | Web based applications single sign on system and method |
| CN1556491A (en) * | 2003-12-30 | 2004-12-22 | 北京金山数字娱乐科技有限公司 | Servicer system |
| CN102111410A (en) * | 2011-01-13 | 2011-06-29 | 中国科学院软件研究所 | Agent-based single sign on (SSO) method and system |
| CN104506542A (en) * | 2014-12-29 | 2015-04-08 | 深圳中兴网信科技有限公司 | Security certification method and security certification system |
| CN105262848A (en) * | 2015-06-30 | 2016-01-20 | 清华大学 | User internet identity and generation method and system thereof |
| CN105472052A (en) * | 2014-09-03 | 2016-04-06 | 阿里巴巴集团控股有限公司 | Login method and system of cross-domain server |
-
2019
- 2019-01-24 CN CN201910068709.8A patent/CN109718557B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1283631A2 (en) * | 2001-08-06 | 2003-02-12 | Sun Microsystems, Inc. | Web based applications single sign on system and method |
| CN1556491A (en) * | 2003-12-30 | 2004-12-22 | 北京金山数字娱乐科技有限公司 | Servicer system |
| CN102111410A (en) * | 2011-01-13 | 2011-06-29 | 中国科学院软件研究所 | Agent-based single sign on (SSO) method and system |
| CN105472052A (en) * | 2014-09-03 | 2016-04-06 | 阿里巴巴集团控股有限公司 | Login method and system of cross-domain server |
| CN104506542A (en) * | 2014-12-29 | 2015-04-08 | 深圳中兴网信科技有限公司 | Security certification method and security certification system |
| CN105262848A (en) * | 2015-06-30 | 2016-01-20 | 清华大学 | User internet identity and generation method and system thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109718557A (en) | 2019-05-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108810029B (en) | Authentication system and optimization method between micro-service architecture services | |
| CN109718557B (en) | Cross-server login method | |
| CN106357649B (en) | User identity authentication system and method | |
| EP3219049B1 (en) | Account recovery protocol | |
| US6877095B1 (en) | Session-state manager | |
| RU2417422C2 (en) | Single network login distributed service | |
| EP3316544B1 (en) | Token generation and authentication method, and authentication server | |
| EP2904759B1 (en) | A method for providing security using secure computation | |
| DE60308099T2 (en) | Secure key exchange with mutual authentication | |
| US8984613B2 (en) | Server pool Kerberos authentication scheme | |
| US8631481B2 (en) | Access to a network for distributing digital content | |
| CN108965338B (en) | Three-factor identity authentication and key agreement method under multi-server environment | |
| US8516566B2 (en) | Systems and methods for using external authentication service for Kerberos pre-authentication | |
| CN100534056C (en) | User log-on method and system in network game | |
| CN111447220B (en) | Authentication information management method, server of application system and computer storage medium | |
| CN106713276B (en) | A kind of data capture method and its system based on authorization identifying | |
| CN101129014A (en) | System and method for multi-session establishment | |
| CN110868290B (en) | Key service method and device without central control | |
| CN111010396A (en) | Internet identity authentication management method | |
| TW200948016A (en) | Distributed processing system, authentication server, distributed server, and distributed processing method | |
| CN105825383A (en) | Random number generation and verification method with both sides in participation | |
| JP6081857B2 (en) | Authentication system and authentication method | |
| CN104244030B (en) | One kind records program sharing method and system | |
| CN115499437B (en) | Authentication method of lightweight group authentication system in distributed edge collaboration | |
| US20240137353A1 (en) | A method for authenticating a user towards a multi-node party |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |