CN110276180A

CN110276180A - Authority checking method, authority checking device and computer readable storage medium

Info

Publication number: CN110276180A
Application number: CN201910480437.2A
Authority: CN
Inventors: 刘硕; 罗文楠; 马彦兵; 李明
Original assignee: Beijing Dajia Internet Information Technology Co Ltd
Current assignee: Beijing Dajia Internet Information Technology Co Ltd
Priority date: 2019-06-04
Filing date: 2019-06-04
Publication date: 2019-09-24

Abstract

The disclosure is about a kind of authority checking method, authority checking device and computer readable storage medium.The authority checking method is applied to when client include: the random random number for generating multidigit as identifying code；The identifying code is sent to Short Message Service Gateway；After receiving the identifying code that the Short Message Service Gateway is sent and receiving receipt, the identifying code is sent to server；And the server is received in the authorization receipt for comparing the identifying code received from the Short Message Service Gateway and generating after the identifying code that the client receives to pass through authority checking.The authority checking method by generating random number as identifying code in client at random, and active transmission is distinguished to Short Message Service Gateway and server, authorization receipt is generated after comparing two identifying codes by server to pass through authority checking, rapidly and accurately complete the authority checking actively initiated by client, mitigate gateway pressure, the verification time is saved, verification efficiency is improved.

Description

Authority checking method, authority checking device and computer readable storage medium

Technical field

The disclosure belongs to computer software application field more particularly to authority checking method and authority checking device.

Background technique

In the related technology, most of APP in client, which are provided, verifies the identity of user by phone number or awards Weigh user and execute a certain operation, and usually required when carrying out authentication by phone number transmitting short message identifying code come into Row authorization.

But sometimes data-bag lost may be led to due to performance reason, the network cause etc. of Short Message Service Gateway, in turn Cause user to can not receive the corresponding short message comprising identifying code, influences user's normal use product.Particularly with such as banking The sensitive services such as business, if can not receive identifying code cannot transacting business, the influence to user is very big.

And short message verification code is collected there are many not real-time enough reason possibility, such as operator's bandwidth reasons, Short Message Service Gateway net Excessively high etc. reasons of network reason, Short Message Service Gateway performance reason or Loss Rate, whether identifying code caused by which kind of reason is lost, all It can make the client waste plenty of time to carry out the acquisition of identifying code, influence the progress of other business, and repeatedly send out to gateway Request is sent, the pressure that will also result in gateway and server increases, and cannot handle the demand of user in time.

Summary of the invention

The disclosure provides a kind of authority checking method and authority checking device, at least to solve in the related technology due to operation When not can guarantee in terms of quotient or Short Message Service Gateway service downlink push availability, asking for the authority checking function of product can not be carried out Topic.The technical solution of the disclosure is as follows:

According to the first aspect of the embodiments of the present disclosure, a kind of authority checking method, the authority checking method application are provided In client, comprising:

The random random number for generating multidigit is as identifying code；

The identifying code is sent to Short Message Service Gateway；

After receiving the identifying code that the Short Message Service Gateway is sent and receiving receipt, the identifying code is sent to server；And

The server is received to compare the identifying code received from the Short Message Service Gateway and receiving from the client Identifying code after the authorization receipt that generates to pass through authority checking.

Optionally, before the step of random random number for generating multidigit is as identifying code, the authority checking side Method further include:

When repeatedly sending checking request to Short Message Service Gateway and not receiving response data, pause sends the checking request；

Proactive authentication instruction is generated on the current page of the client, the client refers to according to the Proactive authentication It enables and generates random number.

Optionally, Proactive authentication instruction includes indicating that the client is switched to the of second page by first page One switching command, the current page of the client are first page, and the client is tested to described in Short Message Service Gateway transmission The page for demonstrate,proving code is second page.

Optionally, it includes indicating that the client is cut by second page that the identifying code that the Short Message Service Gateway is sent, which receives receipt, It is changed to the second switching command of first page, the client receives the identifying code in the second page and receives receipt.

Optionally, the random number is locally generated in the client.

Optionally, the client sends the checking request to the Short Message Service Gateway at least twice and does not receive number of responses According to when, pause sends the checking request.

Optionally, the identifying code that the business carried out in the first page of the digit of the random number and the client needs Digit it is identical.

Optionally, the described the step of identifying code is sent to Short Message Service Gateway, includes:

Using the random number generated using random digit generation method as identifying code；

The word message of Proactive authentication is generated in the second page of the client, the word message includes described tests Demonstrate,prove code；And

It receives and sends the word message to the Short Message Service Gateway after sending operational order.

Optionally, described the step of sending the identifying code to server, includes:

The client switches to first page by the second page according to second switching command；

The random number of the multidigit is shown that the identifying code in the first page fills in place one by one；And

It receives and sends the random number to the server after sending operational order.

Optionally, when repeatedly sending checking request to Short Message Service Gateway and not receiving response data, pause send described in test Before the step of card request, the authority checking method further include:

Client sends checking request until receiving response data to Short Message Service Gateway, and the response data includes visitor The short message verification code that family end needs；

It shows the short message verification code one by one on the current page of the client, and is receiving transmission operational order The short message verification code is sent to the server afterwards；

The server is received to compare the short message verification code received from the Short Message Service Gateway and terminating from the client The authorization receipt generated after the short message verification code received is to pass through authority checking.

According to the second aspect of an embodiment of the present disclosure, a kind of authority checking method, the authority checking method application are provided In server end, comprising:

The identifying code that Short Message Service Gateway is sent is received, the identifying code is that client generates at random and is sent to Short Message Service Gateway Multidigit random number；

Receive the identifying code that the client directly transmits；

The identifying code received more twice, when the identifying code received twice is identical, generation is authorized back It holds；

The authorization receipt is sent to the client, passes through authority checking.

Optionally, when the identifying code received from the Short Message Service Gateway and the identifying code directly received from the client When not exactly the same, authentication failed receipt is generated.

According to the third aspect of an embodiment of the present disclosure, a kind of authority checking device, the authority checking device application are provided In client, comprising:

Random number generation module is configured as generating the random number of multidigit at random as identifying code；

First sending module is configured as the identifying code being sent to Short Message Service Gateway；

Second sending module is configured as after receiving the identifying code that the Short Message Service Gateway is sent and receiving receipt, to service Device sends the identifying code；And

Authority checking module is configured as receiving the server and is comparing the identifying code received from the Short Message Service Gateway With the authorization receipt that is generated after the identifying code that the client receives to pass through authority checking.

Optionally, the authority checking device further include:

Request pause sending module, is configured as not receiving response data repeatedly sending checking request to Short Message Service Gateway When, pause sends the checking request；

Message display module is configured as generating Proactive authentication instruction, the visitor on the current page of the client Family end instructs according to the Proactive authentication and generates random number.

Optionally, it includes indicating the client by second that the identifying code that second sending module receives, which receives receipt, Page switching is the second switching command of first page, and the client receives the identifying code in the second page and receives Receipt.

Optionally, the request pause sending module is at least in the client twice to described in Short Message Service Gateway transmission When checking request does not receive response data, pause sends the checking request.

Optionally, first sending module includes:

Word message generation module, the text for being configured as generating Proactive authentication in the second page of the client disappear Breath, the word message includes the identifying code；And

Word message sending module, be configured as receiving send operational order after to the Short Message Service Gateway send the text Word message.

Optionally, second sending module includes:

Page switching module is configured as switching to first page by the second page according to second switching command Face；

Identifying code display module is configured as the random number of the multidigit showing testing in the first page one by one Card code fills in place；And

Identifying code sending module, be configured as receiving send operational order after sent to the server it is described random Number.

Optionally, the authority checking device further include:

Receiving module is responded, is configured as sending checking request until receiving response data to Short Message Service Gateway, institute Stating response data includes the short message verification code that client needs；And

Identifying code processing module is configured as showing the short-message verification one by one on the current page of the client Code, and the short message verification code is sent to the server after receiving transmission operational order.

According to a fourth aspect of the embodiments of the present invention, a kind of authority checking device, the authority checking device application are provided In server end, comprising:

First receiving module, be configured as receive Short Message Service Gateway send identifying code, the identifying code be client to Short Message Service Gateway repeatedly sends the random of multidigit that is generating when checking request does not receive response data and being sent to Short Message Service Gateway Number；

Second receiving module is configured as receiving the identifying code that the client directly transmits；

Comparison module is configured as the identifying code received more twice, when the identifying code received twice is complete When identical, authorization receipt is generated；

Receipt sending module is authorized, is configured as sending the authorization receipt to the client, passes through authority checking.

According to a fifth aspect of the embodiments of the present disclosure, a kind of electronic equipment is provided characterized by comprising

Processor；

Memory for storage processor executable instruction；

Wherein, the processor is configured to executing the authority checking side for being applied to client described in above-mentioned any one Method.

According to a sixth aspect of the embodiments of the present invention, a kind of computer readable storage medium is provided, which is characterized in that described Computer-readable recording medium storage has computer instruction, and it is above-mentioned applied to client that the computer instruction is performed realization Authority checking method.

According to the 7th of embodiment of the present disclosure aspect, provide a kind of application program, when the instruction in the application program by When the processor of electronic equipment executes, so that electronic equipment is able to carry out the above-mentioned authority checking method applied to client.

According to a eighth aspect of the embodiments of the present invention, a kind of electronic equipment is provided characterized by comprising

Processor；

Memory for storage processor executable instruction；

Wherein, the processor is configured to executing the authority checking for being applied to server end described in above-mentioned any one Method.

According to a ninth aspect of the embodiments of the present invention, a kind of computer readable storage medium is provided, which is characterized in that described Computer-readable recording medium storage has computer instruction, and it is above-mentioned applied to server that the computer instruction is performed realization The authority checking method at end.

According to the tenth of embodiment of the present disclosure aspect, provide a kind of application program, when the instruction in the application program by When the processor of electronic equipment executes, so that electronic equipment is able to carry out the above-mentioned authority checking method applied to server end.

The technical scheme provided by this disclosed embodiment at least bring it is following the utility model has the advantages that

The authority checking method actively initiates the thinking of authority checking by client to carry out authority checking, by client The identifying code of random number is actively generated, and sends the mode of identifying code respectively to Short Message Service Gateway and server to carry out authorization and test Card forms the reversed verifying access for being different from the relevant technologies, server is rapidly and accurately authorized, to the greatest extent The fast authentication for completing user, avoids relying on the service availability of downlink short message gateway and identifying code is caused to receive bottleneck, this Disclosed authority checking method is due to client active transmission identifying code, so that upstream gateway only receives the short of client transmission Letter, so pressure is very small, availability and stability are more much higher than the push of downlink gateway, more convenient can be accurately performed authorization Verifying.

Another embodiment of the present disclosure provide technical solution at least bring it is following the utility model has the advantages that

Client carries out authority checking by initiating checking request to Short Message Service Gateway first, when receiving containing identifying code Short message when, client show identifying code, pass through authority checking；Identifying code is not received when repeatedly sending checking request When, authority checking is carried out using the method by client active transmission identifying code so that client have multiple choices come into Row authority checking, can guarantee the timeliness and accuracy of authority checking, and can mitigate the pressure of server and gateway, pass through Uplink and downlink Short Message Service Gateway supports complete user's message code authorization function together.

It should be understood that above general description and following detailed description be only it is exemplary and explanatory, not The disclosure can be limited.

Detailed description of the invention

The drawings herein are incorporated into the specification and forms part of this specification, and shows the implementation for meeting the disclosure Example, and together with specification for explaining the principles of this disclosure, do not constitute the improper restriction to the disclosure.

Fig. 1 a is the flow chart of the authority checking method shown according to an exemplary embodiment applied to client；

Fig. 1 b is the flow chart of the authority checking method shown according to an exemplary embodiment applied to server end；

Fig. 2 is the interaction figure of authority checking method shown according to an exemplary embodiment；

Fig. 3 a is the process of the authority checking method shown according to an exemplary embodiment that summarize applied to client Figure；

Fig. 3 b is the stream of the authority checking method summarized applied to client shown according to another exemplary embodiment Cheng Tu；

Fig. 4 is the flow chart of the authority checking method shown according to an exemplary embodiment summarized；

Fig. 5 is the schematic diagram of the authority checking device shown according to an exemplary embodiment applied to client；

Fig. 6 is the schematic diagram of the authority checking device shown according to an exemplary embodiment applied to server end；

Fig. 7 is the schematic diagram of the authority checking device shown according to an exemplary embodiment summarized；

Fig. 8 is a kind of block diagram of electronic equipment for executing authority checking method shown according to an exemplary embodiment；

Fig. 9 is a kind of frame of authority checking device for executing authority checking method shown according to an exemplary embodiment Figure.

Specific embodiment

In order to make ordinary people in the field more fully understand the technical solution of the disclosure, below in conjunction with attached drawing, to this public affairs The technical solution opened in embodiment is clearly and completely described.

It should be noted that the specification and claims of the disclosure and term " first " in above-mentioned attached drawing, " Two " etc. be to be used to distinguish similar objects, without being used to describe a particular order or precedence order.It should be understood that using in this way Data be interchangeable under appropriate circumstances, so as to embodiment of the disclosure described herein can in addition to illustrating herein or Sequence other than those of description is implemented.Embodiment described in following exemplary embodiment does not represent and disclosure phase Consistent all embodiments.On the contrary, they are only and as detailed in the attached claim, the disclosure some aspects The example of consistent device and method.

Fig. 1 a is the flow chart of the authority checking method shown according to an exemplary embodiment applied to client, specifically Include the following steps.

In step s101, the random number of multidigit is generated at random as identifying code.

Most of APP in client, which are provided, executes certain by the identity or authorized user of phone number verifying user Operation function, therefore user using APP carry out business operation or carry out authentication when, need client input from Oneself phone number.Then it clicks and obtains identifying code, Short Message Service Gateway is waited to be awarded to phone number transmitting short message identifying code Power.

When because network cause etc. causes to can not receive identifying code for a long time, use of the user to APP can be greatly influenced, Therefore, the embodiment of the present disclosure provides a kind of authority checking method, without waiting for the response of Short Message Service Gateway, but directly by client Identifying code actively is sent to Short Message Service Gateway, reversed connected network access realizes use of the user to APP as early as possible.

Forward direction verifying is conventional operation, such as from Short Message Service Gateway to client transmitting short message identifying code, then reversed verifying As client actively sends identifying code to Short Message Service Gateway, so subsequent also referred to as Proactive authentication.When client unlatching is reversely tested When card, it is first randomly generated a random number, using the random number as identifying code.

In one embodiment, random number is locally generated in client.And the digit of random number and the current page of client The digit for the identifying code that the business carried out on face needs is identical.Verifying code length as APP needs on current page is 4, visitor Family end can then generate 4 random digits as identifying code at random.

In step s 102, identifying code is sent to Short Message Service Gateway.

Using the random number of the multidigit generated in above-mentioned steps as identifying code, active transmission to Short Message Service Gateway waits short message The identifying code of gateway receives receipt.Its realization process is, for example, user's input handset number on the APP of client, is then carried out Proactive authentication, by the identifying code generated at random in a manner of short message active transmission to Short Message Service Gateway.

In one embodiment, the step of identifying code being sent to Short Message Service Gateway include:

In sub-step S1021, using the random number generated using random digit generation method as identifying code.

The random number that identical digit is generated according to the verifying code bit number needed on client current page, which is made For identifying code, the current page of client is first page.

In sub-step S1022, the word message of Proactive authentication is generated in the second page of client, word message includes Identifying code.

After generating random number verification code, client switches to second page by first page, and second page is the short message page, In the word message that the generation of the short message page includes identifying code, such as by identifying code editor in short message.

In sub-step S1023, receives and send word message to Short Message Service Gateway after sending operational order.

After editting the short message with identifying code in the short message page, operational order to be sent is waited, sends operation when receiving After instruction, short message is sent to Short Message Service Gateway by client, i.e., identifying code is sent to Short Message Service Gateway.Operational order is, for example, to click Or sliding.

In step s 103, after receiving the identifying code that Short Message Service Gateway is sent and receiving receipt, identifying code is sent to server.

Client to Short Message Service Gateway send random number verification code after, wait the response of Short Message Service Gateway, due to be at this time using Upstream gateway, pressure is smaller, so Short Message Service Gateway can comparatively fast receive identifying code, can send out to client after receiving identifying code It returns identifying code and receives receipt, client receives the identifying code and receives receipt, indicates that Short Message Service Gateway receives successfully.

And after the identifying code that client receives Short Message Service Gateway transmission receives receipt, it can be again actively to authorization server The identifying code for sending the random number shows as filling in the page in the identifying code of APP, by the random number verification code filling pair of generation Then the position answered initiates to verify, which is sent to server to authorization server.

In one embodiment, include: to the step of server transmission identifying code

In sub-step S1031, client switches to first page by second page according to the second switching command.

When client sends identifying code to Short Message Service Gateway, client is switched to according to the first switching command by first page Second page, and when client sends identifying code to authorization server again, client is according to the second switching command by second Page switching carries out the transmission of identifying code to first page in the page that APP needs to fill in identifying code.

In sub-step S1032, the random number of multidigit is shown that the identifying code in first page fills in place one by one.

The page where first page, that is, APP shows random number verification code by turn in the light for needing to fill in identifying code At mark, wait to be sent.

In sub-step S1033, receives and send random number to server after sending operational order.

After client, which receives, sends operational order, the random number verification code, operational order are sent to authorization server It e.g. clicks or slides.

In step S104, receives server and comparing the identifying code received from Short Message Service Gateway and received from client Identifying code after the authorization receipt that generates to pass through authority checking.

In above step, client has sent random number verification code to Short Message Service Gateway and authorization server respectively, And the identifying code that client is sent to Short Message Service Gateway is authorized to server and obtains, authorization server is comparing received twice test After demonstrate,proving code, comparison result can be returned to client, after client receives the authorization receipt of authorization server transmission, by awarding Power verifying carries out business operation into APP.When not receiving authorization receipt or when receiving authentication failed receipt, client Identifying code is regenerated, S101-S104 step is executed.

The authority checking method of the present embodiment initiates the thinking of authority checking actively by client to carry out authority checking, The identifying code of random number is actively generated by client, and sends the mode of identifying code respectively to Short Message Service Gateway and server to carry out Authority checking forms the reversed verifying access for being different from the relevant technologies, server is rapidly and accurately carried out Authorization completes the authentication of user as early as possible, avoids relying on the service availability of downlink short message gateway and identifying code is caused to receive Bottleneck, the authority checking method of the disclosure is due to client active transmission identifying code, so that upstream gateway only receives client hair The short message sent, so pressure is very small, availability and stability are more much higher than the push of downlink gateway, can be more convenient accurately complete At authority checking.

Fig. 1 b is the flow chart of the authority checking method shown according to an exemplary embodiment applied to server end, tool Body includes the following steps.

In step s 201, the identifying code that Short Message Service Gateway is sent is received, identifying code is that client generates at random and sends To the random number of the multidigit of Short Message Service Gateway.

This step is the operation carried out in server end by authorization server, server corresponding with the operation of client Identifying code is obtained from Short Message Service Gateway first, save simultaneously user bound relationship to identifying code, the verifying obtained from Short Message Service Gateway Code is the random number that client generates at random in Proactive authentication.Random number is sent to Short Message Service Gateway by client Afterwards, server obtains the identifying code from Short Message Service Gateway again.

In step S202, the identifying code that client directly transmits is received.

Server receives the random number verification code directly transmitted from client again, which is also saved, two The identifying code of secondary acquisition is marked respectively.

In step S203, the identifying code received more twice is raw when the identifying code received twice is identical At authorization receipt.

Authorization server compares receive from Short Message Service Gateway and client two identifying codes, and judgement receives twice Whether the identifying code arrived is identical, since identifying code is the same random number of client transmission generated at random twice, so Ought to be identical, but if occurring mistake in transmission process, it may cause identifying code and change, so needing authorization server pair Identifying code twice is compared.

In one embodiment, when the identifying code received from Short Message Service Gateway and the identifying code directly received from client When identical, authorization receipt is generated.When two identifying codes are identical, it is believed that authorization passes through, then generates authorization receipt.? In one embodiment, when the identifying code received from Short Message Service Gateway and the identifying code that directly receives from client are not exactly the same When, generate authentication failed receipt.When the identifying code received twice there are it is different when, may occur mistake in transmission process Deng then cannot sending authentication failed receipt to client by authority checking, need to reacquire identifying code at this time.

In step S204, authorization receipt is sent to client, passes through authority checking.

By server relatively after, it is found that when two identifying codes are identical, it is believed that authorization pass through, then generate and authorize back It holds, is sent to client, authorized user logs in APP or completes authentication.

Fig. 2 is the interaction figure of authority checking method shown according to an exemplary embodiment.

In conjunction with Fig. 1 a- Fig. 2, as shown in Fig. 2, the authority checking method is used for client 11, authorization server 12 and short message In gateway 13, include the following steps.

In step S01, client 11 sends authority checking request to Short Message Service Gateway 13, requests short message verification code.

When user is when client 11 carries out authentication or logs in the operation such as APP, first can input handset number, so Authority checking request is sent to Short Message Service Gateway 13 afterwards, requests short message verification code, if primary send does not receive response data, then Secondary transmission authority checking request, can send multiple request.

In step S02, client 11 does not receive response, local to generate multidigit random number, as identifying code.

When more than 13 times of client to Short Message Service Gateway 13 to send authority checking request be to receive response when, can choose use Proactive authentication method, at this point, client locally generates the random number of multidigit, as identifying code.

In step S03,11 active of client sends random number verification code to Short Message Service Gateway 13.

In step S04, client 11 receives the identifying code that Short Message Service Gateway 13 is sent and receives successful receipt.

Above-mentioned two step has had a detailed description in fig 1 a, and details are not described herein again.By the two steps, verifying is completed The first time of code sends.

In step S05, Short Message Service Gateway 13 uploads received random number verification code to authorization server 12.

Short Message Service Gateway 13 can adjust back the interface of authorization server 12 after the identifying code for receiving the transmission of client 11, will test Card code is uploaded to authorization server 12, and authorization server 12 again saves identifying code, user bound relationship and setting fail Time etc..

In step S06, client 11 actively sends random number verification code to authorization server 12 again, carries out authorization and asks It asks.

This 11 active of step, that is, client shows the random number verification code of generation in APP or authentication, needs to fill out Then the position of write verification code sends the identifying code.

In step S07, authorization server compares received random number verification code twice, generates authorization receipt.

In step S08, authorization server 12 issues authorization receipt to client 11, and authority checking passes through.

Above-mentioned two step has had a detailed description in Figure 1b, and details are not described herein again.

Fig. 3 a is the process of the authority checking method shown according to an exemplary embodiment that summarize applied to client Figure.

In step S3011, when repeatedly sending checking request to Short Message Service Gateway and not receiving response data, pause is sent Checking request；

In step S3012, Proactive authentication instruction is generated on the current page of client, client is according to Proactive authentication Instruction generates random number；

In step S3013, the random random number for generating multidigit is as identifying code；

In step S3014, identifying code is sent to Short Message Service Gateway；

In step S3015, after receiving the identifying code that Short Message Service Gateway is sent and receiving receipt, sends and verify to server Code；

In step S3016, receives server and comparing the identifying code received from Short Message Service Gateway and received from client To identifying code after the authorization receipt that generates to pass through authority checking.

The step S3013-S3016 of the present embodiment is identical as embodiment shown in Fig. 1 a, is not repeating.

In step S3011, when repeatedly sending checking request to Short Message Service Gateway and not receiving response data, pause is sent Checking request.

When user uses APP, it is necessary first to which client sends authority checking request to Short Message Service Gateway, if in setting Identifying code is not received in time, then sends authority checking request again, if circulation is repeatedly still obtained less than Short Message Service Gateway The identifying code issued, then client can choose carries out authority checking by the way of Proactive authentication, at this time client stop to Short Message Service Gateway sends authority checking request.

The reason of not receiving short message verification code may be that downlink gateway pressure is big, and Push notice (carries out user interface Active and real-time message push) cannot temporarily issue, client can choose whether using Proactive authentication method at this time.Such as Fruit user selects to carry out actively reversed verifying, needs client to suspend to Short Message Service Gateway and sends authority checking request.

In one embodiment, client sends checking request to Short Message Service Gateway at least twice and does not receive response data When, pause sends checking request.The request of authority checking twice is even sent when not receiving identifying code, stops sending the request, Using Proactive authentication.

In step S3012, Proactive authentication instruction is generated on the current page of client, client is according to Proactive authentication Instruction generates random number.

When client is repeatedly to receive response to Short Message Service Gateway transmission authority checking request, user be can choose whether Using the method for Proactive authentication, at this point, Proactive authentication instruction, Proactive authentication instruction catalogue will be generated on the current page of client An e.g. hyperlink, an a verifying message either control etc., work as Proactive authentication when on the page of present client For message when client is shown as hyperlink, the word message that the page is shown is, for example, " the reversed verifying of starting " or " starting is actively Verifying ", user clicks the hyperlink, can start reversed verifying.

After the reversed verifying of starting, client is instructed according to Proactive authentication generates random number, and Proactive authentication instruction includes instruction Client is switched to the first switching command of second page by first page, and the current page of client is first page, client Holding the page for sending identifying code to Short Message Service Gateway is second page.It, can be automatically by current page after i.e. user clicks the hyperlink It jumps to short message and sends the page, the text that the fixed format comprising random number verification code is automatically generated in short message editing frame disappears Breath is clicked and is sent, short message is sent to Short Message Service Gateway, i.e., completion client sends random number verification code to Short Message Service Gateway.

Similarly, in one embodiment, it includes instruction client by second that the identifying code that Short Message Service Gateway is sent, which receives receipt, Page switching is the second switching command of first page, and client receives identifying code in second page and receives receipt, and client End sends identifying code to server in first page, sends identifying code to Short Message Service Gateway in second page.Work as client After receiving the identifying code reception receipt that Short Message Service Gateway is sent back to, the page where short message page switching to APP automatically is understood again, to Server sends identifying code.

In the authority checking method of the disclosure, client is authorized by initiating checking request to Short Message Service Gateway first Verifying shows identifying code in client, passes through authority checking when receiving the short message containing identifying code；It is tested when not receiving When demonstrate,proving code, authority checking is carried out by client active transmission identifying code using the method reversely verified, so that client has Multiple choices carry out authority checking, can guarantee the timeliness and accuracy of authority checking, and can mitigate server and net The pressure of pass supports complete user's message code authorization function by uplink and downlink Short Message Service Gateway together.

Fig. 3 b is the stream of the authority checking method summarized applied to client shown according to another exemplary embodiment Cheng Tu.

In step S3021, client sends checking request until receiving response data to Short Message Service Gateway, response Data include the short message verification code that client needs；

In step S3022, short message verification code is shown one by one on the current page of client, and send behaviour receiving Short message verification code is sent to server after instructing；

In step S3023, receives server and comparing the short message verification code received from Short Message Service Gateway and from client The authorization receipt generated after the short message verification code received is to pass through authority checking；

In step S3024, when repeatedly sending checking request to Short Message Service Gateway and not receiving response data, pause is sent Checking request；

In step S3025, Proactive authentication instruction is generated on the current page of client, client is according to Proactive authentication Instruction generates random number；

In step S3026, the random random number for generating multidigit is as identifying code；

In step S3027, identifying code is sent to Short Message Service Gateway；

In step S3028, after receiving the identifying code that Short Message Service Gateway is sent and receiving receipt, sends and verify to server Code；

In step S3029, receives server and comparing the identifying code received from Short Message Service Gateway and received from client To identifying code after the authorization receipt that generates to pass through authority checking.

The step S3011-S3016 of step S3024-S3029 and Fig. 3 a embodiment of the present embodiment is identical, no longer superfluous herein It states.

In step S3021, client sends checking request until receiving response data to Short Message Service Gateway, response Data include the short message verification code that client needs.In the embodiment of the present disclosure, user can choose whether that starting is actively reversely tested Card is constantly in the stage of positive verifying if user does not start Proactive authentication, so client is sent to Short Message Service Gateway always Authority checking request, until receiving the response data that Short Message Service Gateway is sent back to, send has certain waiting time every time, Response data includes the short message verification code that client needs.

In step S3022, short message verification code is shown one by one on the current page of client, and send behaviour receiving Short message verification code is sent to server after instructing.

The short message verification code received is filled in identifying code to fill at cursor, is operated when receiving the transmission that user assigns After instruction, identifying code is sent to server, and server will get Short Message Service Gateway at this time from Short Message Service Gateway and issue Response data in identifying code.

In step S3023, receives server and comparing the short message verification code received from Short Message Service Gateway and from client The authorization receipt generated after the short message verification code received is to pass through authority checking.

Authorization server received identifying code will compare twice, return to authorization receipt to client, complete authorization.

So selecting positive verification method in the lesser situation of gateway pressure, improving the safety and standard of authority checking True property；And in the biggish situation of gateway pressure, reversed verification method is selected, random number verification code is locally generated by client, And active transmission reduces the pressure of gateway and the pressure of server, authority checking can be rapidly completed to Short Message Service Gateway and server, Guarantee the timeliness of authority checking.

Fig. 4 is the flow chart of the authority checking method shown according to an exemplary embodiment summarized, mainly includes following Step.

In step S401, client sends checking request to Short Message Service Gateway；

User carries out business operation using APP, after inputting the phone number of oneself, sends authority checking request, waits short Believe that gateway sends corresponding identifying code.

In step S402, judge whether client receives the response data comprising identifying code；

Judge whether client receives the response data comprising identifying code of Short Message Service Gateway transmission, if receiving number of responses According to thening follow the steps S4031-S4033, if not receiving response data, then follow the steps S403.

In step S4031, identifying code is shown one by one on the current page of client；

When receive include the response data of identifying code when, extract identifying code therein, it shown by turn in client On the current page at end.

In step S4032, identifying code is sent to server after receiving transmission operational order；

Obtain click or the operational orders such as sliding (clicking the buttons such as " confirmation ", " transmission ") that user carries out, client to Server sends identifying code.

In step S4033, the identifying code in response data is uploaded to server by Short Message Service Gateway；

Identifying code in response data is also uploaded to server by Short Message Service Gateway, is waited to be verified.

In step S403, client sends checking request to Short Message Service Gateway again；

If client does not receive the identifying code that Short Message Service Gateway issues within the set time, such as in one minute, at this point, client End sends authority checking request to Short Message Service Gateway again, again requests verification code.

In step s 404, judge whether client receives the response data comprising identifying code again；

Client judges whether to receive the response data comprising identifying code again, if not receiving yet, thens follow the steps S405, Start Proactive authentication.If client receives response data at this time, 4031-S4033 is thened follow the steps.

Here only illustrated for sending the request of authority checking twice, but transmission can actually be set according to actual needs Number does not receive response data after sending n times authority checking request yet, executes step S405 at this time.

In step S405, pause sends checking request, and Proactive authentication instruction is generated on the current page of client；

User obtains always less than response data, and reason may be that downlink gateway pressure is big or loss of data, so this Shi Qidong is reversely verified, and is suspended to Short Message Service Gateway and is sent checking request.But it generates on the current page of client and actively tests Card instruction, such as the bottom end of the current page of codes to be verified shows a hyperlink or a word message in client etc. [carrying out Proactive authentication].

In step S406, client instructs the random random number for generating multidigit as identifying code according to Proactive authentication；

Clickable hyperlinks, carry out Proactive authentication, and the digit for the identifying code that client is needed according to current business at this time generates The random digit of corresponding digit, such as verifying code length is 4, then can generate 4 bit digitals, the i.e. function of Proactive authentication instruction at random It can be the random number for generating multidigit.

In step S 407, the multidigit random number verification code of generation is sent to Short Message Service Gateway by client；

Hyperlink also includes page switching instruction, can jump to short message page by current page automatically after clicking the link The short message page has been adjusted in face, and the official documents and correspondence that has corresponded to is generated in input frame, including the short message verification code of fixed format, Such as 2424, which is sent to Short Message Service Gateway in the form of short message.Destination is the uplink receiving number of service note gateway, by The short message of user is only received in upstream gateway, so pressure is very small, availability and stability are more much higher than downlink gateway.

In step S408, after Short Message Service Gateway receives identifying code, identifying code is sent to client and receives receipt；

In short message Page user without inputting new content, transmission key is clicked directly on, system sends short message, short message automatically The identifying code that [other side has received] can be returned after sending successfully receives receipt, can be confirmed that uplink short message gateway has received at this time The identifying code short message that client is sent.

In step S409, random number verification code is sent to server after client reception receipt；

After receiving identifying code and receiving receipt, jump back to the page where APP automatically, system will be sent just now automatically Identifying code is filled up at corresponding identifying code input cursor, and user clicks [verifying] or [confirmation] button, at this time to server end Initiate authority checking.

In step S410, server compares respectively from Short Message Service Gateway and the identifying code received from client；

Due to being switched to active transmission state from passive reception state at this time, and user's active transmission at this time Short message is to the uplink short message gateway of business, then server directly compares the identifying code of user's input and by uplink short message net at this time Close the relationship between the identifying code received.The next step of step S4033 and step S409 are step S410, i.e. forward direction is tested Card and reversed verifying require server and carry out final authority checking.

In step S411, whether the identifying code that server judgement receives twice is identical；

Whether the identifying code that server judgement receives twice is identical, if equal, directly by verifying, executes Step S412, if identifying code is not identical twice, return step S401 retransmits authority checking request, waits Short Message Service Gateway Response data or return step S405, are reversely verified again.

In step S412, server sends authorization receipt to client, and authority checking passes through.

Client receives the authorization receipt of server transmission, then authority checking passes through, and user logs in APP, completes identity Verifying, can be used normally product, thus completes entire authorization verification process.

Fig. 5 is the schematic diagram of the authority checking device shown according to an exemplary embodiment applied to client, this is awarded Power verifying device 500 includes random number generation module 501, the first sending module 502, the transmission mould of receipt receiving module 503, second Block 504 and authority checking module 505.

Random number generation module 501 is configured as generating the random number of multidigit at random as identifying code；

First sending module 502 is configured as identifying code being sent to Short Message Service Gateway；

Second sending module 503 is configured as after receiving the identifying code that Short Message Service Gateway is sent and receiving receipt, to server Send identifying code；

Authority checking module 504 is configured as receiving server and is comparing the identifying code received from Short Message Service Gateway and from visitor The authorization receipt generated after the identifying code that family termination receives is to pass through authority checking.

In one embodiment, authority checking device 500 further includes message display module (not shown), is configured as Proactive authentication instruction is generated on the current page of client, client instructs according to Proactive authentication and generates random number.Wherein, main Dynamic verifying instruction includes the first switching command that instruction client is switched to second page by first page, the current page of client Face is first page, and client sends the page of identifying code to Short Message Service Gateway as second page.The digit and client of random number First page on the digit of identifying code that needs of the business that carries out it is identical.

Identifying code that second sending module 503 receives receives receipt, and to include instruction client be switched to the by second page Second switching command of one page, client send identifying code to Short Message Service Gateway in second page.

The authority checking device of the present embodiment initiates the thinking of authority checking actively by client to carry out authority checking, The identifying code of random number is actively generated by client, and sends the mode of identifying code respectively to Short Message Service Gateway and server to carry out Authority checking forms the reversed verifying access for being different from the relevant technologies, server is rapidly and accurately carried out Authorization completes the authentication of user as early as possible, avoids relying on the service availability of downlink short message gateway and identifying code is caused to receive Bottleneck, and due to client active transmission identifying code, so that upstream gateway only receives the short message of client transmission, so pressure is non- Often small, availability and stability are more much higher than the push of downlink gateway, more convenient can be accurately performed authority checking.

In one embodiment, the first sending module 502 includes: that word message generation module and word message send mould Block.Word message generation module is configured as generating the word message reversely verified in the second page of client, and text disappears Breath includes identifying code；Word message sending module is configured as Short Message Service Gateway transmission text after receiving transmission operational order and disappears Breath.

Second sending module 503 includes page switching module, identifying code display module and identifying code sending module.The page is cut Mold changing block is configured as switching to first page by second page according to the second switching command；Identifying code show mould be configured as by The identifying code that the random number of multidigit is shown in one by one in first page fills in place；Identifying code sending module is configured as receiving hair It send and sends random number to server after operational order.

In one embodiment, authority checking device 500 further include: response receiving module (not shown) and identifying code Processing module (not shown).Response receiving module is configured as sending checking request to Short Message Service Gateway until receiving response Until data, response data includes the short message verification code that client needs；Identifying code processing module is configured as in client Short message verification code is shown on current page one by one, and sends short message verification code to server after receiving transmission operational order.

The authority checking device that the embodiment of the present disclosure provides is configured as client first by testing to Short Message Service Gateway initiation Card request is to carry out authority checking, when receiving the short message containing identifying code, shows identifying code in client, is tested by authorization Card；When not receiving identifying code, authority checking is carried out by client active transmission identifying code using the method for Proactive authentication, So that there are client multiple choices to carry out authority checking, the timeliness and accuracy of authority checking can guarantee, and can be with The pressure for mitigating server and gateway, supports complete user's message code authorization function by uplink and downlink Short Message Service Gateway together Energy.

Fig. 6 is the schematic diagram of the authority checking device shown according to an exemplary embodiment applied to server end, should Authority checking device 600 includes that the first receiving module 601, the second receiving module 602, comparison module 603 and authorization receipt are sent Module 604.

First receiving module 601 is configured as receiving the identifying code that Short Message Service Gateway is sent, and identifying code is that client is given birth at random At and the multidigit that is sent to Short Message Service Gateway random number；Second receiving module 602 is configured as reception client and directly transmits Identifying code；Comparison module 603 is configured as the identifying code received more twice, when the complete phase of the identifying code received twice Meanwhile generating authorization receipt；Authorization receipt sending module 604 is configured as sending authorization receipt to client, is tested by authorization Card.

In one embodiment, when the identifying code received from Short Message Service Gateway and the identifying code directly received from client When not exactly the same, authentication failed receipt is generated.

Fig. 7 is the optimization to the embodiment of Fig. 5 and Fig. 6, and it includes random number generation module which, which removes, 501, the first sending module 502, the second sending module 503 and authority checking module 504 and the first receiving module 601, second Outside receiving module 602, comparison module 603 and authorization receipt sending module 604 further include: request sending module 701, request pause Sending module 702, message display module 703, response receiving module 704 and identifying code processing module 705.

Request sending module 701 is configured as sending authority checking request to Short Message Service Gateway, can be carried out as needed repeatedly It sends, request pause sending module 702 is configured as not receiving response data repeatedly sending checking request to Short Message Service Gateway When, pause sends checking request, and message display module 703 is shown on the current page of client reversely verifies message, and first Sending module 502 and the second sending module 503 execute the step of describing such as Fig. 5 respectively.First receiving module 601 and second receives Module 602 is corresponding to receive the identifying code from Short Message Service Gateway and client, comparison module 603 after comparing two identifying codes, Receipt sending module 604 is authorized to send authorization receipt to client if identical.Wherein, request pause sending module 702 at least client twice to Short Message Service Gateway send checking request do not receive response data when, pause send checking request.

After request sending module 701, which sends authority checking to Short Message Service Gateway, requests, response receiving module 704 is received After request, transmitting short message identifying code, and it is uploaded to server, and client receives the short-message verification issued from Short Message Service Gateway Code, identifying code processing module 705 shows identifying code in client corresponding page, and is sent to server, comparison module 603 Compare two identifying codes, it is identical, it authorizes receipt sending module 604 to send authorization receipt, passes through verifying.

About the clock synchronization apparatus in above-described embodiment, since the function of wherein modules is same in above-mentioned clock It is described in detail in the embodiment of one step process, has thus carried out relatively simple description.

Fig. 8 is a kind of electronic equipment 800 for above-mentioned authority checking method shown according to an exemplary embodiment Block diagram.For example, electronic equipment 800 can be mobile phone, computer, digital broadcasting terminal, messaging device, game control Platform, tablet device, Medical Devices, body-building equipment, personal digital assistant etc..

Referring to Fig. 8, electronic equipment 800 may include following one or more components: processing component 802, memory 804, Electric power assembly 806, multimedia component 808, audio component 810, the interface 812 of input/output (I/O), sensor module 814, And communication component 816.

The integrated operation of the usual controlling electronic devices 800 of processing component 802, such as with display, call, data are logical Letter, camera operation and record operate associated operation.Processing component 802 may include one or more processors 820 to hold Row instruction, to perform all or part of the steps of the methods described above.In addition, processing component 802 may include one or more moulds Block, convenient for the interaction between processing component 802 and other assemblies.For example, processing component 802 may include multi-media module, with Facilitate the interaction between multimedia component 808 and processing component 802.

Memory 804 is configured as storing various types of data to support the operation in electronic equipment 800.These data Example include any application or method for being operated on electronic equipment 800 instruction, contact data, telephone directory Data, message, picture, video etc..Memory 804 can by any kind of volatibility or non-volatile memory device or it Combination realize, such as static random access memory (SRAM), electrically erasable programmable read-only memory (EEPROM) is erasable Except programmable read only memory (EPROM), programmable read only memory (PROM), read-only memory (ROM), magnetic memory, fastly Flash memory, disk or CD.

Power supply module 806 provides electric power for the various assemblies of electronic equipment 800.Power supply module 806 may include power supply pipe Reason system, one or more power supplys and other with for electronic equipment 800 generate, manage, and distribute the associated component of electric power.

Multimedia component 808 includes the screen of one output interface of offer between the electronic equipment 800 and user. In some embodiments, screen may include liquid crystal display (LCD) and touch panel (TP).If screen includes touch surface Plate, screen may be implemented as touch screen, to receive input signal from the user.Touch panel includes one or more touches Sensor is to sense the gesture on touch, slide, and touch panel.The touch sensor can not only sense touch or sliding The boundary of movement, but also detect duration and pressure associated with the touch or slide operation.In some embodiments, Multimedia component 808 includes a front camera and/or rear camera.When electronic equipment 800 is in operation mode, as clapped When taking the photograph mode or video mode, front camera and/or rear camera can receive external multi-medium data.It is each preposition Camera and rear camera can be a fixed optical lens system or have focusing and optical zoom capabilities.

Audio component 810 is configured as output and/or input audio signal.For example, audio component 810 includes a Mike Wind (MIC), when electronic equipment 800 is in operation mode, when such as call mode, recording mode, and voice recognition mode, microphone It is configured as receiving external audio signal.The received audio signal can be further stored in memory 804 or via logical Believe that component 816 is sent.In some embodiments, audio component 810 further includes a loudspeaker, is used for output audio signal.

I/O interface 812 provides interface between processing component 802 and peripheral interface module, and above-mentioned peripheral interface module can To be keyboard, click wheel, button etc..These buttons may include, but are not limited to: home button, volume button, start button and lock Determine button.

Sensor module 814 includes one or more sensors, for providing the state of various aspects for electronic equipment 800 Assessment.For example, sensor module 814 can detecte the state that opens/closes of electronic equipment 800, the relative positioning of component, example Such as the display and keypad that the component is device 800, sensor module 814 can also detect electronic equipment 800 or electronics The position change of 800 1 components of equipment, the existence or non-existence that user contacts with electronic equipment 800,800 orientation of electronic equipment Or the temperature change of acceleration/deceleration and electronic equipment 800.Sensor module 814 may include proximity sensor, be configured to It detects the presence of nearby objects without any physical contact.Sensor module 814 can also include optical sensor, such as CMOS or ccd image sensor, for being used in imaging applications.In some embodiments, which can be with Including acceleration transducer, gyro sensor, Magnetic Sensor, pressure sensor or temperature sensor.

Communication component 816 is configured to facilitate the communication of wired or wireless way between electronic equipment 800 and other equipment. Electronic equipment 800 can access the wireless network based on communication standard, such as WiFi, carrier network (such as 2G, 3G, 4G or 5G), Or their combination.In one exemplary embodiment, communication component 816 receives via broadcast channel and comes from external broadcasting management The broadcast singal or broadcast related information of system.In one exemplary embodiment, the communication component 816 further includes that near field is logical (NFC) module is believed, to promote short range communication.For example, radio frequency identification (RFID) technology, infrared data association can be based in NFC module Meeting (IrDA) technology, ultra wide band (UWB) technology, bluetooth (BT) technology and other technologies are realized.

In the exemplary embodiment, electronic equipment 800 can be by one or more application specific integrated circuit (ASIC), number Word signal processor (DSP), digital signal processing appts (DSPD), programmable logic device (PLD), field programmable gate array (FPGA), controller, microcontroller, microprocessor or other electronic components are realized, for executing above-mentioned authority checking method.

In the exemplary embodiment, a kind of non-transitorycomputer readable storage medium including instruction, example are additionally provided It such as include the memory 804 of instruction, above-metioned instruction can be executed by the processor 1220 of electronic equipment 800 to complete the above method. For example, the non-transitorycomputer readable storage medium can be ROM, random access memory (RAM), CD-ROM, tape, Floppy disk and optical data storage devices etc..

Fig. 9 is a kind of authority checking device for above-mentioned authority checking method shown according to an exemplary embodiment 900 block diagram.For example, device 900 may be provided as a server.Referring to Fig. 9, device 900 includes processing component 922, It further comprise one or more processors, and the memory resource as representated by memory 932, it can be by handling for storing The instruction of the execution of component 922, such as application program.The application program stored in memory 932 may include one or one Each above corresponds to the module of one group of instruction.In addition, processing component 922 is configured as executing instruction, it is above-mentioned to execute Authority checking method.

Device 900 can also include the power management that a power supply module 926 is configured as executive device 900, and one has Line or radio network interface 950 are configured as device 900 being connected to network and input and output (I/O) interface 958.Dress Setting 900 can operate based on the operating system for being stored in memory 932, such as Windows ServerTM, Mac OS XTM, UnixTM, LinuxTM, FreeBSDTM or similar.

Those skilled in the art after considering the specification and implementing the invention disclosed here, will readily occur to its of the disclosure Its embodiment.The disclosure is intended to cover any variations, uses, or adaptations of the disclosure, these modifications, purposes or Person's adaptive change follows the general principles of this disclosure and including the undocumented common knowledge in the art of the disclosure Or conventional techniques.The description and examples are only to be considered as illustrative, and the true scope and spirit of the disclosure are by following Claim is pointed out.

It should be understood that the present disclosure is not limited to the precise structures that have been described above and shown in the drawings, and And various modifications and changes may be made without departing from the scope thereof.The scope of the present disclosure is only limited by the accompanying claims.

Claims

1. a kind of authority checking method, which is characterized in that the authority checking method is applied to client, comprising:

The random random number for generating multidigit is as identifying code；

The identifying code is sent to Short Message Service Gateway；

The server is received to compare the identifying code received from the Short Message Service Gateway and testing from what the client received The authorization receipt generated after card code is to pass through authority checking.

2. authority checking method according to claim 1, which is characterized in that make in the random random number for generating multidigit Before the step of for identifying code, the authority checking method further include:

Proactive authentication instruction is generated on the current page of the client, the client is instructed according to the Proactive authentication and given birth to At random number.

3. authority checking method according to claim 2, which is characterized in that the Proactive authentication instruction includes described in instruction Client is switched to the first switching command of second page by first page, and the current page of the client is first page, The client sends the page of the identifying code to the Short Message Service Gateway as second page.

4. authority checking method according to claim 3, which is characterized in that the identifying code that the Short Message Service Gateway is sent receives Receipt includes indicating that the client is switched to the second switching command of first page by second page, and the client is described The identifying code is received in second page receives receipt.

5. authority checking method according to claim 2, which is characterized in that the client is at least twice to the short message When the gateway transmission checking request does not receive response data, pause sends the checking request.

6. a kind of authority checking method, which is characterized in that the authority checking method is applied to server end, comprising:

Receive Short Message Service Gateway send identifying code, the identifying code be client generate at random and be sent to Short Message Service Gateway it is more The random number of position；

Receive the identifying code that the client directly transmits；

The identifying code received more twice generates authorization receipt when the identifying code received twice is identical；

7. a kind of authority checking device, the authority checking device is applied to client characterized by comprising

Second sending module is configured as after receiving the identifying code that the Short Message Service Gateway is sent and receiving receipt, sends out to server Send the identifying code；And

Authority checking module, be configured as receiving the server compare the identifying code received from the Short Message Service Gateway and from The authorization receipt generated after the identifying code that the client receives is to pass through authority checking.

8. a kind of authority checking device, the authority checking device is applied to server end characterized by comprising

First receiving module is configured as receiving the identifying code that Short Message Service Gateway is sent, and the identifying code is client to short message Gateway repeatedly sends the random number of multidigit that is generating when checking request does not receive response data and being sent to Short Message Service Gateway；

Comparison module is configured as the identifying code received more twice, when the identifying code received twice is identical When, generate authorization receipt；

9. a kind of electronic equipment characterized by comprising

Processor；

Memory for storage processor executable instruction；

Wherein, the processor is configured to described instruction is executed, to realize awarding as described in any one of claim 1-5 Weigh verification method.

10. a kind of electronic equipment characterized by comprising

Processor；

Memory for storage processor executable instruction；

Wherein, the processor is configured to executing authority checking method described in the claims 6.