CN110012301B - Authentication method and device for video stream address - Google Patents

Authentication method and device for video stream address Download PDF

Info

Publication number
CN110012301B
CN110012301B CN201810008833.0A CN201810008833A CN110012301B CN 110012301 B CN110012301 B CN 110012301B CN 201810008833 A CN201810008833 A CN 201810008833A CN 110012301 B CN110012301 B CN 110012301B
Authority
CN
China
Prior art keywords
authentication
video stream
algorithm
stream address
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810008833.0A
Other languages
Chinese (zh)
Other versions
CN110012301A (en
Inventor
周志刚
张文明
陈少杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuhan Douyu Network Technology Co Ltd
Original Assignee
Wuhan Douyu Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuhan Douyu Network Technology Co Ltd filed Critical Wuhan Douyu Network Technology Co Ltd
Priority to CN201810008833.0A priority Critical patent/CN110012301B/en
Publication of CN110012301A publication Critical patent/CN110012301A/en
Application granted granted Critical
Publication of CN110012301B publication Critical patent/CN110012301B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/21Server components or server architectures
    • H04N21/218Source of audio or video content, e.g. local disk arrays
    • H04N21/2187Live feed
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/26606Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing entitlement messages, e.g. Entitlement Control Message [ECM] or Entitlement Management Message [EMM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4623Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/64Addressing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/80Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
    • H04N21/85Assembly of content; Generation of multimedia applications
    • H04N21/854Content authoring

Abstract

The embodiment of the invention provides an authentication method and a device for a video stream address, wherein the method comprises the following steps: generating a first algorithm based on a room number corresponding to the video stream address and a current time, and generating a second algorithm based on the environment information; generating a video stream address authentication algorithm according to the first algorithm and the second algorithm, and generating first information for authentication based on the video stream address authentication algorithm; sending the first information for authentication to a client, receiving the video stream address request information sent by the client, and determining a second authentication value according to the first information for authentication and the video stream address authentication algorithm; and judging whether the first authentication value is matched with the second authentication value, and enabling the client to pass the video stream address authentication when the first authentication value is matched with the second authentication value. The method solves the technical problem of low security in the prior art because hackers can easily acquire the address information of the video stream.

Description

Authentication method and device for video stream address
Technical Field
The invention relates to the technical field of computers, in particular to an authentication method and device for video stream addresses.
Background
With the development of HTML technology, HTML5 has become the next generation HTML standard, and most browsers can support HTML5, so that new features based on HTML5 are increasingly applied to WEB programs, such as playing live video and the like.
In the prior art, video playing is also based on the HTML5 technology, and after a server receives a video streaming request from a client, the server sends a video streaming address corresponding to the video streaming request to the client, so that the client plays a corresponding video based on the video streaming address. However, in the video stream playing based on the HTML5 technology, the video stream address information is expressed by a JavaScript language, and since the JavaScript language is an explanatory script language, the video stream address information in the client browser is presented in the form of a source code, so that a hacker can easily acquire the video stream address information and then crack the code logic therein, and thus the video content corresponding to the video stream address can be acquired without any authorization, thereby increasing the risk of illegally acquiring the video, and the security is low.
Therefore, in the prior art, a hacker can easily obtain the address information of the video stream, so that the technical problem of low security exists.
Disclosure of Invention
The embodiment of the invention provides an authentication method and device for a video stream address, which are used for solving the technical problem of low security in the prior art because a hacker can easily acquire video stream address information.
In a first aspect, the present invention provides an authentication method for video stream addresses, including:
generating a first algorithm based on the room number corresponding to the video stream address and the current time;
receiving environment information sent after a client logs in, and generating a second algorithm based on the environment information;
generating a video stream address authentication algorithm according to the first algorithm and the second algorithm, and generating first information for authentication based on the video stream address authentication algorithm;
sending the first information for authentication to a client so that the client obtains a first authentication value through the first information for authentication and the video stream address authentication algorithm, and generating video stream address request information according to the first authentication value;
receiving the video stream address request information sent by the client, and obtaining the first authentication value according to the video stream address request information;
determining a second authentication value according to the first information for authentication and the video stream address authentication algorithm;
and judging whether the first authentication value is matched with the second authentication value, and enabling the client to pass the video stream address authentication when the first authentication value is matched with the second authentication value.
Optionally, after the generating the first algorithm based on the room number corresponding to the video stream address and the current time, the method further comprises:
when receiving a message played by a main broadcast, judging whether the difference between the time played by the main broadcast and the generation time of the first algorithm is within a preset range;
and if the first algorithm is not in the preset range, updating the first algorithm.
Optionally, the current time is a date.
Optionally, after said authenticating the client with the video stream address when the first authentication value matches the second authentication value, the method further comprises:
and sending the video stream address corresponding to the video stream address request information to the client.
Based on the same inventive concept, a second aspect of the present invention provides an authentication method for video stream addresses, including:
after logging in, a client sends environment information to a server so that the server generates first information for authentication based on a video stream address authentication algorithm, wherein the video stream address authentication algorithm is generated by the server according to a first algorithm and a second algorithm, the first algorithm is generated by the server based on a room number corresponding to a video stream address and the current time, and the second algorithm is generated by the server based on the environment information;
receiving the first information for authentication sent by the server, and obtaining a first authentication value through the first information for authentication and the video stream address authentication algorithm;
generating video stream address request information according to the first authentication value;
and sending the video stream address request information to a server so that the server obtains the first authentication value through the video stream address request information, determining a second authentication value through the first information for authentication and the video stream address authentication algorithm, and then judging whether the first authentication value is matched with the second authentication value, wherein when the first authentication value is matched with the second authentication value, the client side authenticates through the video stream address.
Optionally, after the client is authenticated by the video stream address, the method further includes:
and receiving the video stream address corresponding to the video stream address request information sent by the server.
Based on the same inventive concept, a third aspect of the present invention provides an authentication apparatus for video stream addresses, where the apparatus is a server, and the apparatus includes:
a first generating module for generating a first algorithm based on a room number corresponding to the video stream address and a current time;
the first receiving module is used for receiving the environment information sent by the client after logging in and generating a second algorithm based on the environment information;
the second generation module is used for generating a video stream address authentication algorithm according to the first algorithm and the second algorithm and generating first information for authentication based on the video stream address authentication algorithm;
the first sending module is used for sending the first information for authentication to a client so that the client obtains a first authentication value through the first information for authentication and the video stream address authentication algorithm and generates video stream address request information according to the first authentication value;
the second receiving module is used for receiving the video stream address request information sent by the client and obtaining the first authentication value according to the video stream address request information;
the determining module is used for determining a second authentication value according to the first information for authentication and the video stream address authentication algorithm;
and the authentication module is used for judging whether the first authentication value is matched with the second authentication value or not, and enabling the client to pass the video stream address authentication when the first authentication value is matched with the second authentication value.
Based on the same inventive concept, a fourth aspect of the present invention provides an authentication apparatus for video stream addresses, where the apparatus is a client, and includes:
the system comprises a first sending module, a second sending module and a third sending module, wherein the first sending module is used for sending environment information to a server after logging in so as to enable the server to generate first information for authentication based on a video stream address authentication algorithm, the video stream address authentication algorithm is generated by the server according to a first algorithm and a second algorithm, the first algorithm is generated by the server based on a room number corresponding to a video stream address and the current time, and the second algorithm is generated by the server based on the environment information;
the first receiving module is used for receiving the first information for authentication sent by the server and obtaining a first authentication value through the first information for authentication and the video stream address authentication algorithm;
the generating module is used for generating video stream address request information according to the first authentication value;
and the second sending module is used for sending the video stream address request information to a server so that the server obtains the first authentication value through the video stream address request information, and then judges whether the first authentication value is matched with the second authentication value after determining the second authentication value through the first information for authentication and the video stream address authentication algorithm, wherein when the first authentication value is matched with the second authentication value, the client side passes the video stream address authentication.
Based on the same inventive concept, a fifth aspect of the present invention provides a computer-readable storage medium, having stored thereon a computer program, which, when being executed by a processor, carries out the method of the first aspect.
Based on the same inventive concept, a sixth aspect of the present invention provides a computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the method of the first aspect when executing the program.
One or more technical solutions in the embodiments of the present application have at least one or more of the following technical effects:
in the method provided by the invention, on one hand, the server generates first information for authentication according to a video stream address authentication algorithm before sending the video stream address to the client, the method utilizes the first information to authenticate, the client can generate the video stream address request information only after processing the first information for authentication through the video stream address authentication algorithm to obtain the corresponding first authentication value, compared with the prior server which directly receives the video stream address request information generated by the client, the method authenticates the video stream address through the first information, only when the server obtains the first authentication value according to the video stream address request information sent by the client, when the authentication value is matched with the second authentication value determined by the server, the server enables the client to pass the authentication, therefore, the legality of the client is ensured, and the safety and reliability of the video stream address request information are improved; on the other hand, the first algorithm is generated based on the room number corresponding to the video stream address and the current time, so that the first algorithms of different room numbers and different moments are different, and the video stream address authentication algorithm is obtained according to the first algorithm, so that the complexity of the video stream address authentication algorithm is increased, the cracking difficulty of the authentication algorithm is increased, the safety is further improved, and the technical problem of low safety caused by the fact that a hacker easily obtains the video stream address information in the prior art is solved.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.
Fig. 1 is a flowchart of an authentication method for video stream addresses according to an embodiment of the present invention;
FIG. 2 is a flow chart of another method for authenticating an address of a video stream according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an authentication apparatus for video stream addresses according to an embodiment of the present invention;
FIG. 4 is a schematic diagram of an apparatus for authenticating an address of a video stream according to another embodiment of the present invention;
FIG. 5 is a schematic structural diagram of a computer-readable storage medium according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a computer device according to an embodiment of the present invention.
Detailed Description
The embodiment of the application provides an authentication method and an authentication device for a video stream address, so that the technical problem of low security in the prior art due to the fact that a hacker easily obtains video stream address information is solved, and the technical effects of improving the security and reliability of video stream address request information are achieved.
The technical scheme in the embodiment of the application has the following general idea: after the client logs in the server, the client can generate the video stream address request information only after acquiring the first authentication value through the first information for authentication sent by the server and the video stream address authentication algorithm, rather than directly sending the video stream address request information to the server, and when the first authentication value calculated by the client is matched with the second authentication value calculated by the server according to the same method, the client passes the authentication and then can receive the corresponding video stream address, so that before the client sends the video stream address, the server can discriminate and judge the legality of the video stream address request information of the client, and compared with the situation that the client directly sends the video stream address request information to the server, the security of the video stream address request information can be improved. And the first algorithm is generated based on the room number corresponding to the video stream address and the current time, so that the first algorithms of different room numbers and different moments are different, and the video stream address authentication algorithm used by the client for processing the first information for authentication is obtained according to the first algorithm, so that the complexity of the video stream address authentication algorithm is increased, the cracking difficulty of the authentication algorithm is increased, the security is further improved, and the technical problem of low security in the prior art because a hacker easily obtains the video stream address information is solved.
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example one
It should be noted that the method provided by this embodiment is applied to a server, and the server and the client are connected through a network to implement communication; in a specific implementation process, the client may be applied to a mobile terminal device (e.g., a mobile phone, a tablet computer), and may also be applied to a fixed terminal device (e.g., a desktop computer), which is not limited herein. The server is a server for processing video information, and may be a single server or a server group consisting of a plurality of servers.
The embodiment provides an authentication method for video stream addresses, as shown in fig. 1, the method includes:
step S101: a first algorithm is generated based on the room number corresponding to the video stream address and the current time.
In particular, each video stream address has a corresponding room number, denoted by RoomID, and the current Time is denoted by Time, then the first algorithm may be generated using RoomID and Time. For example, there can be several ways:
first, a first algorithm is obtained by performing a calculation using the RoomID and Time, for example, a geometric calculation using the RoomID and Time.
Secondly, the MD5 algorithm is used to calculate the roommid and Time, and generate a video stream address authentication algorithm, specifically BaseKey ═ md5.create (roommd + Time).
By the method, the first algorithms corresponding to different room numbers are different, and the first algorithms at different moments are different, so that the first algorithms are more complex, different first algorithms are adopted for live broadcasting rooms corresponding to different room numbers, the number of the live broadcasting rooms is limited, and algorithm codes of the same live broadcasting room can be cached in the CDN, so that the pressure of the server can be reduced.
Step S102: and receiving environment information sent after the client logs in, and generating a second algorithm based on the environment information.
The client logs in the server at first, and preferably, when the audience opens the live broadcast room, the client browser uses the Websocket to link the live broadcast platform server and performs network communication with the live broadcast platform server, and the network transmission uses the Websocket to perform transmission, so that the safety of data transmission can be improved. The environmental information may include any one or a combination of more of the following: token information Token, unique identifier UID of user account, unique identifier DID of client device, or internet protocol address IP address.
The second algorithm is generated based on the environment information, and there may be several ways:
first, a second algorithm is obtained by performing geometric operation on information included in the environment information.
Second, the MD5 algorithm is used to calculate information included in the environment information, and a second algorithm, specifically LiveKey ═ md5.create (Token + UID + DID), is generated.
Step S103: and generating a video stream address authentication algorithm according to the first algorithm and the second algorithm, and generating first information for authentication based on the video stream address authentication algorithm.
Specifically, the video stream address authentication algorithm is obtained by integrating a first algorithm and a second algorithm, and in a specific implementation process, an open-source encryption algorithm may be used to operate the LiveKey and the BaseKey, so as to generate the video stream address authentication algorithm, where the encryption algorithm may be a TEA packet encryption algorithm, a DES symmetric encryption algorithm, or the like. Taking TEA packet encryption algorithm as an example, the video stream address authentication algorithm may be TEA.
As for the first information for authentication, it can be written in JavaScript language:
function encryptliveKey(LiveKey,BaseKey)
{
BaseKey=Md5.Create(RoomId+Time)
LiveKey=Md5.Create(Token+UID+DID);
encryptliveKey=Tea.Encrypt(LiveKey,BaseKey)
}
the code for calculating the BaseKey algorithm is calculated by the server according to the number of each room and the current time, the LiveKey is calculated by the server according to the environment information, and the code of the first information for authentication simultaneously contains the code for calculating the BaseKey and the LiveKey; and the html page template JavaScript codes of the html page of each live broadcast room are stored, and when the client requests the html page of the live broadcast room, the client requests to send the JavaScript codes, so that the codes in the live broadcast room are executed to request the video stream address. Since the room number of each live broadcast room is different and the request time is different, the first algorithm, i.e., the method for calculating BaseKEY, is different, and the video stream address authentication algorithm is also different, so that the JavaScript code generated by the final server, i.e., the first information, is also different.
Step S104: and sending the first information for authentication to a client so that the client obtains a first authentication value through the first information for authentication and the video stream address authentication algorithm, and generating video stream address request information according to the first authentication value.
Specifically, the client needs to generate video stream address request information, and first needs to determine a first authentication value according to first information for authentication and a video stream address authentication algorithm, that is, the client calculates the first information for authentication by using the video stream address algorithm to obtain the first authentication value, and then generates the video stream address request information. In a specific implementation process, the client may request the video stream address from the server by using a POST method of HTTP:
Post
/live/room_idClientType=H5Web&TimeStamp=1505487520&Did=Abdef1258ewfefefsw3&Auth=encryptliveKey
the interface of the Post server is live/room _ ID, and the parameters carried in the request include the type ClientType of the client, the time TimeStamp of the system, the unique device ID of the UID client and the first authentication value encryptliveKey.
Step S105: and receiving the video stream address request information sent by the client, and obtaining the first authentication value according to the video stream address request information.
Specifically, after receiving the video stream address request information sent by the client, the server extracts the first authentication value from the video stream address request information.
Step S106: and determining a second authentication value according to the first information for authentication and the video stream address authentication algorithm.
Specifically, the server calculates the second authentication value by the same method as that used by the client to calculate the first authentication value, that is, the room number and the current Time are first calculated by MD5 to obtain the value of BaseKey, that is, md5.create (roommd + Time), then the LiveKey is calculated by md5.create (UID + Token + DID), and then the encryptliveKey is calculated by the packet encryption algorithm.
Step S107: and judging whether the first authentication value is matched with the second authentication value, and enabling the client to pass the video stream address authentication when the first authentication value is matched with the second authentication value.
Specifically, the server matches the first authentication value of the second authentication value calculated by the server, namely, whether the first authentication value and the second authentication value are the same is judged, if the first authentication value and the second authentication value are the same, the client is legal, and the client is authenticated through the video stream address.
In the method provided in this embodiment, after generating the first algorithm based on the room number corresponding to the video stream address and the current time, the method further includes:
when receiving a message played by a main broadcast, judging whether the difference between the time played by the main broadcast and the generation time of the first algorithm is within a preset range;
and if the first algorithm is not in the preset range, updating the first algorithm.
Specifically, since the first algorithm is generated according to the room number and the current time, the first algorithm corresponds to a generation time, i.e. corresponds to the current time, which may be, for example, a day, an hour, a minute, or the like. If the current Time is calculated in days, the format of the Time may be 20171001. The server stores the generation time of the current video stream authentication algorithm for each live broadcast room, and updates the generation time of the algorithm when the video stream authentication algorithm changes. When the anchor is broadcast, the server receives the message broadcast by the anchor, and the server acquires the broadcast time of the anchor and judges whether the difference between the broadcast time and the generation time of the first algorithm is within a preset range, wherein the preset range can be a week, a day, an hour, a minute and the like, and can be set according to specific conditions.
If the current algorithm is within the preset range, the current first algorithm can be adopted, and if the current algorithm is not within the preset range, the server generates the first algorithm according to the current time and the room number and updates the html template code of the page of the live broadcast room, so that the current algorithm is ensured to be updated. And the server will update the stored update time for each live-air video stream authentication algorithm. And meanwhile, the server can update the server cache of the CDN to refresh the algorithm of the video stream authentication of the current live broadcast room. If the first algorithm is updated with the time when the audience enters the live room, the amount of requests to the server per day is huge due to the huge number of audiences, thereby causing huge request pressure and calculation pressure to the server. The invention judges whether to update the first algorithm or not through the difference between the time of the main broadcast and the generation time of the first algorithm, and can reduce the calculation pressure of the server while ensuring the continuous update of the first algorithm.
In the method provided by this embodiment, in order to relieve the stress on the server, the current time is a date. That is, when the first algorithm is generated, the unit of the current time adopts the date, and if the request is from the same day, the first algorithm is kept unchanged, so that the updating period of the first algorithm is properly controlled, and the first algorithm is prevented from generating the first algorithm too frequently to stress the server.
In the method provided in this embodiment, after the authenticating the client by the video stream address when the first authentication value matches the second authentication value, the method further includes:
and sending the video stream address corresponding to the video stream address request information to the client.
In the method provided in this embodiment, when the first authentication value does not match the second authentication value, the video stream address is rejected from being sent to the client.
Specifically, if the client is a fake client, since the method of calculating the first authentication value is different from that of the server, the obtained first authentication value will also be different from the second authentication value obtained by the server, and at this time, the server will not send the video stream address to the client.
Based on the same inventive concept, the application also provides another authentication method for the video stream address, which is applied to the client and is described in the second embodiment.
Example two
The embodiment provides an authentication method for video stream addresses, as shown in fig. 2, the method includes:
step S201: after logging in, a client sends environment information to a server so that the server generates first information for authentication based on a video stream address authentication algorithm, wherein the video stream address authentication algorithm is generated by the server according to a first algorithm and a second algorithm, the first algorithm is generated by the server based on a room number corresponding to a video stream address and the current time, and the second algorithm is generated by the server based on the environment information;
in the first embodiment, the method for generating the first information for authentication has been described in detail, and therefore, the detailed description is omitted here.
Step S202: receiving the first information for authentication sent by the server, and obtaining a first authentication value through the first information for authentication and the video stream address authentication algorithm;
in the first embodiment, the method for calculating the first authentication value has been described in detail, and therefore, the description thereof is omitted here.
Step S203: generating video stream address request information according to the first authentication value;
in the first embodiment, the method for generating the video stream address request information has been described in detail, and thus, the description thereof is omitted here.
Step S204: and sending the video stream address request information to a server so that the server obtains the first authentication value through the video stream address request information, determining a second authentication value through the first information for authentication and the video stream address authentication algorithm, and then judging whether the first authentication value is matched with the second authentication value, wherein when the first authentication value is matched with the second authentication value, the client side authenticates through the video stream address.
In the first embodiment, the authentication process of the server has been described in detail, and therefore, the details are not described herein.
It should be noted that the method provided in this embodiment is applied to a client, where the client is connected to the server through a network to implement communication; in a specific implementation process, the client may be applied to a mobile terminal device (e.g., a mobile phone, a tablet computer), and may also be applied to a fixed terminal device (e.g., a desktop computer), which is not limited herein. The server is a server for processing video information.
Since the method described in the second embodiment of the present invention and the method described in the first embodiment belong to the same inventive concept, the implementation steps and principles of the method provided in the second embodiment will be understood by those skilled in the art based on the first embodiment, and thus will not be described herein again.
Based on the same inventive concept, the application also provides a device corresponding to the authentication method of the video stream address in the third embodiment.
EXAMPLE III
This embodiment provides an authentication apparatus for video streaming addresses, where the apparatus is a server, as shown in fig. 3, and the apparatus includes:
a first generating module 301 for generating a first algorithm based on a room number corresponding to the video stream address and a current time;
a first receiving module 302, configured to receive environment information sent after a client logs in, and generate a second algorithm based on the environment information;
a second generating module 303, configured to generate a video stream address authentication algorithm according to the first algorithm and the second algorithm, and generate first information for authentication based on the video stream address authentication algorithm;
a first sending module 304, configured to send the first information for authentication to a client, so that the client obtains a first authentication value through the first information for authentication and the video stream address authentication algorithm, and generates video stream address request information according to the first authentication value;
a second receiving module 305, configured to receive the video stream address request information sent by the client, and obtain the first authentication value according to the video stream address request information;
a determining module 306, configured to determine a second authentication value according to the first information for authentication and the video stream address authentication algorithm;
an authentication module 307, configured to determine whether the first authentication value matches the second authentication value, and enable the client to pass the video stream address authentication when the first authentication value matches the second authentication value.
The apparatus provided in this implementation further includes a determining module, configured to, after generating the first algorithm based on the room number corresponding to the video stream address and the current time:
when receiving a message played by a main broadcast, judging whether the difference between the time played by the main broadcast and the generation time of the first algorithm is within a preset range;
and if the first algorithm is not in the preset range, updating the first algorithm.
In the device provided by this embodiment, the current time is a date.
The apparatus further includes a second sending module, configured to, after the client passes the video stream address authentication when the first authentication value matches the second authentication value:
and sending the video stream address corresponding to the video stream address request information to the client.
Since the device introduced in the third embodiment of the present invention is a device used for implementing the authentication method for video stream addresses in the first embodiment of the present invention, based on the method introduced in the first embodiment of the present invention, those skilled in the art can understand the specific structure and deformation of the device, and thus, details are not described herein again. All the devices adopted in the method of the first embodiment of the present invention belong to the protection scope of the present invention.
Based on the same inventive concept, the application also provides a device corresponding to the authentication method of the video stream address in the second embodiment, which is detailed in the fourth embodiment.
Example four
This embodiment provides an authentication apparatus for video stream addresses, where the apparatus is a client, as shown in fig. 4, the apparatus includes:
a first sending module 401, configured to send environment information to a server after logging in, so that the server generates first information for authentication based on a video stream address authentication algorithm, where the video stream address authentication algorithm is generated by the server according to a first algorithm and a second algorithm, the first algorithm is generated by the server based on a room number corresponding to a video stream address and a current time, and the second algorithm is generated by the server based on the environment information;
a first receiving module 402, configured to receive the first information for authentication sent by the server, and obtain a first authentication value through the first information for authentication and the video stream address authentication algorithm;
a generating module 403, configured to generate video stream address request information according to the first authentication value;
a second sending module 404, configured to send the video stream address request message to a server, so that the server obtains the first authentication value through the video stream address request message, and determines a second authentication value through the first information for authentication and the video stream address authentication algorithm, and then determines whether the first authentication value matches the second authentication value, where when the first authentication value matches the second authentication value, the client performs authentication through the video stream address.
The device provided by this implementation further includes a second receiving module, configured to, after the client side authenticates through the video stream address:
and receiving the video stream address corresponding to the video stream address request information sent by the server.
Since the device described in the fourth embodiment of the present invention is a device used for implementing the authentication method for video stream addresses in the second embodiment of the present invention, based on the method described in the second embodiment of the present invention, those skilled in the art can understand the specific structure and deformation of the device, and thus, details are not described herein again. All the devices adopted by the method of the second embodiment of the invention belong to the protection scope of the invention.
EXAMPLE five
Based on the same inventive concept, the present application also provides a computer-readable storage medium 500 on which a computer program 511 is stored, which when executed by a processor implements a method in one implementation.
EXAMPLE six
Based on the same inventive concept, the present application further provides a computer device, please refer to fig. 6, which includes a storage 601, a processor 602, and a computer program 603 stored on the storage and running on the processor, wherein the processor 602 implements the method in one embodiment when executing the program.
For convenience of explanation, only the parts related to the embodiments of the present invention are shown, and details of the specific techniques are not disclosed. The memory 601 may be used to store a computer program 603 including software programs, modules and data, and the processor 602 executes various functional applications of the electronic device and data processing by executing the computer program 603 stored in the memory 601.
In a specific implementation process, the memory 601 may be used for storing software programs and modules, and the processor 602 executes various functional applications and data processing of the electronic device by executing the software programs and modules stored in the memory 601. The memory 601 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function, and the like; the storage data area may store data created according to use of the electronic device, and the like. Further, the memory 601 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device. The processor 602 is a control center of the electronic device, connects various parts of the whole electronic device by using various interfaces and lines, and performs various functions of the electronic device and processes data by running or executing software programs and/or modules stored in the memory 601 and calling data stored in the memory 601, thereby performing overall monitoring of the electronic device. Alternatively, processor 602 may include one or more processing units; preferably, the processor 602 may be integrated with an application processor, wherein the application processor mainly handles operating systems, user interfaces, application programs, and the like.
Similarly, for the client for video stream address authentication provided in the fourth embodiment, a corresponding computer readable storage medium and a corresponding computer device may also be provided to implement the method in the second embodiment.
One or more technical solutions in the embodiments of the present application have at least one or more of the following technical effects:
in the method provided by the invention, on one hand, the server generates first information for authentication according to a video stream address authentication algorithm before sending the video stream address to the client, the method utilizes the first information to authenticate, the client can generate the video stream address request information only after processing the first information for authentication through the video stream address authentication algorithm to obtain the corresponding first authentication value, compared with the prior server which directly receives the video stream address request information generated by the client, the method authenticates the video stream address through the first information, only when the server obtains the first authentication value according to the video stream address request information sent by the client, when the authentication value is matched with the second authentication value determined by the server, the server enables the client to pass the authentication, therefore, the legality of the client is ensured, and the safety and reliability of the video stream address request information are improved; on the other hand, the first algorithm is generated based on the room number corresponding to the video stream address and the current time, so that the first algorithms of different room numbers and different moments are different, and the video stream address authentication algorithm is obtained according to the first algorithm, so that the complexity of the video stream address authentication algorithm is increased, the cracking difficulty of the authentication algorithm is increased, the safety is further improved, and the technical problem of low safety caused by the fact that a hacker easily obtains the video stream address information in the prior art is solved.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various modifications and variations can be made in the embodiments of the present invention without departing from the spirit or scope of the embodiments of the invention. Thus, if such modifications and variations of the embodiments of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to encompass such modifications and variations.

Claims (10)

1. An authentication method for video stream addresses, the method is applied to a server, and is characterized by comprising the following steps:
generating a first algorithm based on the room number corresponding to the video stream address and the current time;
receiving environment information sent after a client logs in, wherein the environment information comprises token information, a unique identifier of a user account and a unique identifier of client equipment, and generating a second algorithm based on the environment information;
generating first information for authentication according to the first algorithm and the second algorithm, wherein the first information for authentication is written in JavaScript language and comprises codes for calculating the first algorithm and the second algorithm;
sending the first information for authentication and the video stream address authentication algorithm to a client so that the client obtains a first authentication value through the first information for authentication and the video stream address authentication algorithm and generates video stream address request information according to the first authentication value;
receiving the video stream address request information sent by the client, and obtaining the first authentication value according to the video stream address request information;
determining a second authentication value according to the first information for authentication and the video stream address authentication algorithm;
judging whether the first authentication value is matched with the second authentication value, and enabling the client to pass the video stream address authentication when the first authentication value is matched with the second authentication value;
and the server periodically updates the stored updating time of each live broadcast room video stream address authentication algorithm so as to update the corresponding video stream address authentication algorithm.
2. The method of claim 1, wherein after generating the first algorithm based on the room number corresponding to the video stream address and the current time, the method further comprises:
when receiving a message played by a main broadcast, judging whether the difference between the time played by the main broadcast and the generation time of the first algorithm is within a preset range;
and if the first algorithm is not in the preset range, updating the first algorithm.
3. The method of claim 1, wherein the current time is a date.
4. The method of claim 1, wherein after said authenticating the client with the video stream address when the first authentication value matches the second authentication value, the method further comprises:
and sending the video stream address corresponding to the video stream address request information to the client.
5. An authentication method for video stream addresses, the method is applied to a client, and is characterized by comprising the following steps:
sending environment information to a server after a client logs in, wherein the environment information comprises token information, a unique identifier of a user account and a unique identifier of client equipment, so that the server generates a first algorithm based on a room number corresponding to a video stream address and the current time, generates a second algorithm based on the environment information, and generates first information for authentication according to the first algorithm and the second algorithm, and the first information for authentication is written in a JavaScript language and comprises codes for calculating the first algorithm and the second algorithm;
receiving the first information for authentication and the video stream address authentication algorithm sent by the server, and obtaining a first authentication value through the first information for authentication and the video stream address authentication algorithm;
generating video stream address request information according to the first authentication value;
sending the video stream address request information to a server so that the server obtains the first authentication value through the video stream address request information, determining a second authentication value through the first information for authentication and the video stream address authentication algorithm, and then judging whether the first authentication value is matched with the second authentication value, wherein when the first authentication value is matched with the second authentication value, a client side authenticates through a video stream address;
and the server periodically updates the stored updating time of each live broadcast room video stream address authentication algorithm so as to update the corresponding video stream address authentication algorithm.
6. The method of claim 5, wherein after the client authenticates with the video stream address, the method further comprises:
and receiving the video stream address corresponding to the video stream address request information sent by the server.
7. An apparatus for authenticating an address of a video stream, the apparatus being a server, comprising:
a first generating module for generating a first algorithm based on a room number corresponding to the video stream address and a current time;
the first receiving module is used for receiving environment information sent by a client after logging in, wherein the environment information comprises token information, a unique identifier of a user account and a unique identifier of client equipment, and a second algorithm is generated based on the environment information;
the second generation module is used for generating first information for authentication according to the first algorithm and the second algorithm, wherein the first information for authentication is written in a JavaScript language and comprises codes for calculating the first algorithm and the second algorithm;
the first sending module is used for sending the first information for authentication and the video stream address authentication algorithm to a client so that the client can obtain a first authentication value through the first information for authentication and the video stream address authentication algorithm and generate video stream address request information according to the first authentication value;
the second receiving module is used for receiving the video stream address request information sent by the client and obtaining the first authentication value according to the video stream address request information;
the determining module is used for determining a second authentication value according to the first information for authentication and the video stream address authentication algorithm;
the authentication module is used for judging whether the first authentication value is matched with the second authentication value or not, and enabling the client to pass the video stream address authentication when the first authentication value is matched with the second authentication value;
and the server periodically updates the stored updating time of each live broadcast room video stream address authentication algorithm so as to update the corresponding video stream address authentication algorithm.
8. An apparatus for authenticating video stream addresses, said apparatus being a client, comprising:
the system comprises a first sending module, a second sending module and a third sending module, wherein the first sending module is used for sending environment information to a server after logging in, the environment information comprises token information, a unique identifier of a user account and a unique identifier of client equipment, so that the server generates a first algorithm based on a room number corresponding to a video stream address and the current time, generates a second algorithm based on the environment information, and generates first information for authentication according to the first algorithm and the second algorithm, and the first information for authentication is written in a JavaScript language and comprises codes for calculating the first algorithm and the second algorithm;
the first receiving module is used for receiving the first information for authentication and the video stream address authentication algorithm sent by the server and obtaining a first authentication value through the first information for authentication and the video stream address authentication algorithm;
the generating module is used for generating video stream address request information according to the first authentication value;
a second sending module, configured to send the video stream address request message to a server, so that the server obtains the first authentication value through the video stream address request message, and determines a second authentication value through the first information for authentication and the video stream address authentication algorithm, and then determines whether the first authentication value matches the second authentication value, where when the first authentication value matches the second authentication value, the client authenticates through the video stream address;
and the server periodically updates the stored updating time of each live broadcast room video stream address authentication algorithm so as to update the corresponding video stream address authentication algorithm.
9. A computer-readable storage medium, on which a computer program is stored, which program, when being executed by a processor, carries out the method of any one of claims 1 to 4.
10. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor when executing the program implements the method of any one of claims 1 to 4.
CN201810008833.0A 2018-01-04 2018-01-04 Authentication method and device for video stream address Active CN110012301B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810008833.0A CN110012301B (en) 2018-01-04 2018-01-04 Authentication method and device for video stream address

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810008833.0A CN110012301B (en) 2018-01-04 2018-01-04 Authentication method and device for video stream address

Publications (2)

Publication Number Publication Date
CN110012301A CN110012301A (en) 2019-07-12
CN110012301B true CN110012301B (en) 2022-01-04

Family

ID=67164388

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810008833.0A Active CN110012301B (en) 2018-01-04 2018-01-04 Authentication method and device for video stream address

Country Status (1)

Country Link
CN (1) CN110012301B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111131849B (en) * 2019-12-26 2022-07-08 视联动力信息技术股份有限公司 Streaming media live broadcast method and device and computer readable storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105721411A (en) * 2015-05-15 2016-06-29 乐视云计算有限公司 Method for preventing hotlinking, server and client terminalfor preventing hotlinking
CN105721903A (en) * 2014-12-26 2016-06-29 乐视网信息技术(北京)股份有限公司 Method and system for playing online videos
CN107135408A (en) * 2017-03-31 2017-09-05 武汉斗鱼网络科技有限公司 A kind of method for authenticating and device of video flowing address
CN107426589A (en) * 2017-03-31 2017-12-01 武汉斗鱼网络科技有限公司 A kind of video request, video broadcasting method and device

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8621540B2 (en) * 2007-01-24 2013-12-31 Time Warner Cable Enterprises Llc Apparatus and methods for provisioning in a download-enabled system
WO2014181470A1 (en) * 2013-05-10 2014-11-13 株式会社 東芝 Content reproduction device, content reproduction method, and content reproduction system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105721903A (en) * 2014-12-26 2016-06-29 乐视网信息技术(北京)股份有限公司 Method and system for playing online videos
CN105721411A (en) * 2015-05-15 2016-06-29 乐视云计算有限公司 Method for preventing hotlinking, server and client terminalfor preventing hotlinking
CN107135408A (en) * 2017-03-31 2017-09-05 武汉斗鱼网络科技有限公司 A kind of method for authenticating and device of video flowing address
CN107426589A (en) * 2017-03-31 2017-12-01 武汉斗鱼网络科技有限公司 A kind of video request, video broadcasting method and device

Also Published As

Publication number Publication date
CN110012301A (en) 2019-07-12

Similar Documents

Publication Publication Date Title
CN111556006B (en) Third-party application system login method, device, terminal and SSO service platform
US10880306B2 (en) Verification information update
CN110011950B (en) Authentication method and device for video stream address
CN103957436B (en) A kind of video anti-stealing link method based on OTT business
TWI682297B (en) Method, device and system for preventing cross-website request forgery
CN112671720B (en) Token construction method, device and equipment for cloud platform resource access control
CN107483987B (en) Authentication method and device for video stream address
US11463431B2 (en) System and method for public API authentication
US20140282696A1 (en) Advertising download verification
US11470067B1 (en) Secure authentication of devices
CN107483407B (en) Method and system for preventing hotlinking
CN111431920A (en) Security control method and system based on dynamic token
WO2019061598A1 (en) Data verification method and client
CN108235067B (en) Authentication method and device for video stream address
CN105307052B (en) A kind of video request processing method and processing device
CN107888623B (en) Method and device for preventing hijacking of audio and video data streams of live broadcast software
US9165126B1 (en) Techniques for reliable network authentication
CN110012301B (en) Authentication method and device for video stream address
WO2018176816A1 (en) Video requesting and playing method and device
CN108055356A (en) A kind of information processing method, server, client and readable storage medium storing program for executing
CN116647345A (en) Method and device for generating permission token, storage medium and computer equipment
CN105392051B (en) A kind of video request processing method and processing device
CN110012319B (en) Authentication method and device for video stream address
CN108924149B (en) Token-based identity validity verification method and system
CN108696509B (en) Access processing method and device for terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant