CN111107073B - Application automatic login method and device, computer equipment and storage medium - Google Patents
Application automatic login method and device, computer equipment and storage medium Download PDFInfo
- Publication number
- CN111107073B CN111107073B CN201911268542.6A CN201911268542A CN111107073B CN 111107073 B CN111107073 B CN 111107073B CN 201911268542 A CN201911268542 A CN 201911268542A CN 111107073 B CN111107073 B CN 111107073B
- Authority
- CN
- China
- Prior art keywords
- login
- terminal
- character
- application
- identifier
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
Abstract
The application relates to an automatic application login method, an automatic application login device, a computer device and a storage medium. The method comprises the following steps: receiving an application automatic login request of a terminal; the application automatic login request comprises a login state identifier; in response to the application automatic login request, decrypting the login state identifier through a preset algorithm, and acquiring target user information according to the decrypted login state identifier; generating a first character abstract according to the account name and the account type of the target user information; verifying a second character abstract according to the first character abstract, and receiving and executing an application operation instruction of the terminal if the second character abstract is verified to be consistent; and the second character abstract is a character obtained after the login state identification is decrypted. By adopting the method, the login state identifier can be used for realizing automatic login of the application when the text information sent by the terminal is invalid or overdue, so that the user requirements are met.
Description
Technical Field
The present application relates to the field of internet technologies, and in particular, to an automatic application login method, apparatus, computer device, and storage medium.
Background
With the continuous development of internet technology, login authentication almost becomes the standard configuration of any system, for example, a Web system, an APP, a PC client, and the like, all need to realize service access through registration, login, and authorization authentication.
However, the common login authentication method in the prior art generally has two implementation manners: one is a login authentication mode based on session, and the other is a login authentication mode based on JWT (json Web token), the difference between them is that the login authentication mode based on session is to save the user state in the server, and the login authentication mode based on JWT is to save the user state in the client, so the login authentication mode based on session cannot realize automatic login in practical application, the client has to log in again after the session stored in the server fails, and the login authentication mode based on JWT cannot adopt effective measures to repair if the JWT is stolen in practical application because the session stored in the server fails.
Therefore, the application login authentication method in the prior art has the problem that the user requirements cannot be met.
Disclosure of Invention
Therefore, it is necessary to provide an automatic application login method, an automatic application login device, a computer device, and a storage medium, which can reasonably solve the technical problem that the above application login authentication method cannot meet the user requirement.
An automatic application login method comprises the following steps:
receiving an application automatic login request of a terminal; the application automatic login request comprises a login state identifier;
in response to the application automatic login request, decrypting the login state identifier through a preset algorithm, and acquiring target user information according to the decrypted login state identifier;
generating a first character abstract according to the account name and the account type of the target user information;
verifying a second character abstract according to the first character abstract, and receiving and executing an application operation instruction of the terminal if the second character abstract is verified to be consistent; and the second character abstract is a character obtained after the login state identification is decrypted.
An automatic login device for an application, comprising:
the request receiving module is used for receiving an application automatic login request of the terminal; the application automatic login request comprises a login state identifier;
the request response module is used for responding to the application automatic login request, decrypting the login state identification through a preset algorithm and acquiring target user information according to the decrypted login state identification;
the abstract generating module is used for generating a first character abstract according to the account name and the account type of the target user information;
the abstract verification module is used for verifying the second character abstract according to the first character abstract, and receiving and executing an application operation instruction of the terminal if the second character abstract is verified to be consistent with the first character abstract; and the second character abstract is a character obtained after the login state identification is decrypted.
A computer device comprising a memory and a processor, the memory storing a computer program, the processor implementing the following steps when executing the computer program:
receiving an application automatic login request of a terminal; the application automatic login request comprises a login state identifier;
in response to the application automatic login request, decrypting the login state identifier through a preset algorithm, and acquiring target user information according to the decrypted login state identifier;
generating a first character abstract according to the account name and the account type of the target user information;
verifying a second character abstract according to the first character abstract, and receiving and executing an application operation instruction of the terminal if the second character abstract is verified to be consistent; and the second character abstract is a character obtained after the login state identification is decrypted.
A computer-readable storage medium, on which a computer program is stored which, when executed by a processor, carries out the steps of:
receiving an application automatic login request of a terminal; the application automatic login request comprises a login state identifier;
in response to the application automatic login request, decrypting the login state identifier through a preset algorithm, and acquiring target user information according to the decrypted login state identifier;
generating a first character abstract according to the account name and the account type of the target user information;
verifying a second character abstract according to the first character abstract, and receiving and executing an application operation instruction of the terminal if the second character abstract is verified to be consistent; and the second character abstract is a character obtained after the login state identification is decrypted.
According to the method, the device, the computer equipment and the storage medium for automatically logging in the application, the server can obtain the login state identification through receiving the application automatic login request of the terminal, respond to the application automatic login request and decrypt the login state identification through a preset algorithm to obtain the second character abstract and the target user information, the first character abstract generated according to the account name and the account type in the target user information belongs to data generated by prestored information of the server, the second character abstract is verified through the first character abstract, whether the login state identification sent by the terminal is tampered or not can be judged, if the two are verified to be consistent, the login state identification sent by the terminal is an effective identification, and the automatic login of the application can be further realized. By adopting the method, the login state identifier can be used for realizing automatic login of the application when the text information sent by the terminal is invalid or overdue, the user requirement can be met, meanwhile, the occupied memory of the login state identifier is small, the data transmission pressure is reduced, the login state identifier is stored on the server side, when the login state identifier is illegally tampered or overdue and invalid, the data security can be improved by deleting or modifying the login state identifier stored on the server side, and the controllability of the automatic login of the application is improved.
Drawings
FIG. 1 is a diagram of an application environment in which an automatic login method is applied in one embodiment;
FIG. 2 is a flowchart illustrating an exemplary embodiment of a method for automatic login;
FIG. 3 is a block diagram of an embodiment of an application auto-login device;
FIG. 4 is a diagram illustrating an internal structure of a computer device according to an embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
It should be noted that, in the embodiments of the present invention, the term "first \ second" merely distinguishes similar objects and does not represent a specific ordering of the objects, and it should be understood that "first \ second" may be interchanged with a specific order or sequence, where the case allows. It should be understood that "first \ second" distinct objects may be interchanged under appropriate circumstances such that embodiments of the invention described herein may be practiced in sequences other than those illustrated or described herein.
Fig. 1 is a diagram illustrating an application environment in which an automatic login method is applied in one embodiment. Referring to fig. 1, the application environment includes a terminal 110 and a server 120, which are connected to each other through a network, where the terminal 110 may be a desktop terminal or a mobile terminal, the mobile terminal may specifically be at least one of a mobile phone, a tablet computer, a notebook computer, and the like, and the server 120 may be implemented by an independent server or a server cluster formed by multiple servers. Meanwhile, networks include, but are not limited to: a wide area network, a metropolitan area network, or a local area network.
As shown in fig. 2, in an embodiment, an application automatic login method is provided, which is described by taking the application of the method to the server 120 in fig. 1 as an example, and includes the following steps:
step S210, receiving an application automatic login request of a terminal; the application auto-login request includes a login state identification.
The login state identifier may be a maintenance identifier stored on the server 120 side by the login state token, and may be represented by a "state" in an actual application, and one token is used to represent the login state of the user, so as to identify the identity of the user, that is, the login state.
In a specific implementation, a specific application program may be run on the terminal 110, and when the terminal 110 needs to access a service related to the specific application program, an application automatic login request may be sent to the server 120 through the specific application program, so that the server 120 obtains a login state identifier in the application automatic login request, and further, the login state identifier is used as a subsequent processing basis to complete automatic login of an application.
More specifically, the login status identifier in the automatic login request is derived from the first login authentication of the terminal 110 for the specific application program, that is, when the terminal 110 logs in for the first time to access the specific application program, the terminal may request authentication from the server 120 using a user name/password, and if the authentication of the server 120 is successful, a token is randomly generated and fed back to the terminal 110, so that the terminal 110 subsequently requests to log in the application access service using the token. After the terminal 110 acquires the token, an application login request with the token is sent to the server 120, the server 120 acquires the token and then calls an interface to acquire corresponding user information, and simultaneously generates a Universal Unique Identifier (UUID) according to a request timestamp and a media Access Control address (mac) address of the terminal 110, the UUID is used as a key, the user information is used as a value to generate a cookie (the data format of the cookie is key-value) and store the cookie in a redis memory database, and a cookie validity period can be further set.
Further, after the server 120 obtains the user information, it uses MD5(Message-Digest Algorithm) Algorithm to generate a character Digest of the account name and the account type of the user information, and encrypts the character Digest and the login request time of the terminal 110 using a preset Algorithm, such as AES Algorithm, to obtain the login status identifier, and encrypts the account name and the account type of the user information using the preset Algorithm to obtain encrypted account information, and similarly, the login status identifier "state" is used as key, and the encrypted account information is used as value, and may be stored in the redis memory database and may further set the validity period of the login status identifier "state".
Further, the server 120 may send the text information cookie and the login state identifier "state" stored in the redis in-memory database to the terminal 110, so that the terminal 110 requests the application to automatically log in when actually needed.
Step S220, in response to the application automatic login request, decrypting the login state identifier through a preset algorithm, and acquiring the target user information according to the decrypted login state identifier.
The preset algorithm may be a symmetric Encryption algorithm or an asymmetric Encryption algorithm, for example, a symmetric Encryption algorithm such as des (data Encryption standard), 3des (triple des), aes (advanced Encryption standard), etc., an asymmetric Encryption algorithm such as RSA Encryption algorithm, dsa (digital Signature algorithm), etc.
The user information may be information including data such as a user ID, a user account name, and a user account type. The target user information may be user information that matches the decrypted login status identification.
In a specific implementation, the preset algorithm may be an encryption algorithm used when the login status identifier is generated, and the login status identifier is decrypted by using the preset algorithm, that is, the encrypted inverse operation of the login status identifier is implemented, and after the server 120 obtains the decrypted login status identifier, the server can use the login status identifier to match with the consistent stored identifier in the redis memory database, and further read the target user information. The login state identifier "state" stored in the redis memory database may be regarded as data storage having a mapping relationship, that is, the key-value format "login state identifier-encrypted account information" mentioned in the foregoing embodiment.
Step S230, generating a first character digest according to the account name and the account type of the target user information.
The first character digest may be a character string generated by the server 120.
In a specific implementation, after the server 120 reads target user information stored in a redis memory database corresponding to the login state identifier "state", a character string may be generated by using an account name and an account type in the target user information as a first character digest, the first character digest is used for matching with a second character digest obtained by directly decrypting the login state identifier, and the automatic login verification of the application is realized through the verification of the two character digests.
However, those skilled in the art can also generate the first character digest by using other user information, for example, the first character digest can be generated according to the user ID, and all other character digests referred to in the present application are generated by the user ID. Therefore, the first character abstract referred to in the present application is not limited in its data composition form by the present contents.
Step S240, verifying the second character abstract according to the first character abstract, and receiving and executing an application operation instruction of the terminal if the second character abstract is verified to be consistent; the second character abstract is a character obtained after the login state identification is decrypted.
The second character digest may be a character digest directly obtained by performing preset algorithm inverse operation decryption on the login state identifier "state".
In a specific implementation, the server 120 decrypts the login state identifier through a preset algorithm to obtain a second character digest, the login state identifier can be used to obtain target user information corresponding to the login state identifier and pre-stored in a redis memory database, and then the target user information can be used to generate a first character digest, and the first character digest and the second character digest are further matched to determine whether the first character digest and the second character digest are consistent, so that the verification of the character digest is realized, the login state identifier "state" in the verification mode is tampered, if the verification is consistent, automatic login of a specific application program on the terminal 110 can be realized, and the server 120 can subsequently receive an application operation instruction submitted by the terminal 110.
According to the automatic application login method, the server can acquire the login state identification through receiving the automatic application login request of the terminal, respond to the automatic application login request and decrypt the login state identification through a preset algorithm, the second character abstract and the target user information can be acquired, the first character abstract generated according to the account name and the account type in the target user information belongs to data generated by prestored information of the server, the second character abstract is verified through the first character abstract, whether the login state identification sent by the terminal is tampered or not can be judged, if the two are verified to be consistent, the login state identification sent by the terminal is represented as an effective identification, and automatic application login can be further achieved. By adopting the method, the login state identifier can be used for realizing automatic login of the application when the text information sent by the terminal is invalid or overdue, the user requirement can be met, meanwhile, the occupied memory of the login state identifier is small, the data transmission pressure is reduced, the login state identifier is stored on the server side, when the login state identifier is illegally tampered or overdue and invalid, the data security can be improved by deleting or modifying the login state identifier stored on the server side, and the controllability of the automatic login of the application is improved.
In an embodiment, before receiving the application automatic login request of the terminal in step S210, the method specifically includes the following steps:
receiving an application service access request of a terminal; the application service access request comprises text information to be verified; the text information to be checked comprises a user identification code to be checked; if the user identification code to be checked is not matched with the plurality of pre-stored user identification codes, generating a text information invalid prompt; the text information invalid prompt is used for feeding back to the terminal so that the terminal can obtain the text information with valid login authentication again.
The text information to be verified can be text file information to be verified, and the content comprises a UUID universal unique identification code and user information, such as a cookie.
The user identifier to be verified can be a key element in the text information to be verified, for example, a UUID universally unique identifier.
The redis memory database is pre-stored with a plurality of user identification codes, each user identification code has corresponding user information, namely, a mapping relation exists between the user identification code and the user information, the user identification code and the user information are stored in a cookie file in a key-value format, and then a plurality of cookies are pre-stored in the redis memory database.
In a specific implementation, before receiving an application automatic login request sent by the terminal 110, the server 120 first receives an application service access request sent by the terminal 110, and the application service access request uses text information to be verified as a processing basis after the server 120 responds to the request, so that the server 120 verifies whether a user identification code to be verified in the text information to be verified exists in a redis memory database, that is, whether effective authentication is completed before the terminal 110 logs in the request this time, and stores a corresponding user identity uniqueness identifier-user identification code.
For example, before responding to an application automatic login request initiated by the terminal 110, the server 120 first receives an application service access request sent by the terminal 110, where the request includes text information to be verified, analyzes the text information to be verified to obtain a user identification code to be verified, and since the user identification code to be verified has an attribute indicating user identity and is globally unique, after obtaining the user identification code to be verified currently transmitted by the terminal 110, the server 120 further determines a plurality of user identification codes verified and stored in a redis memory database, matches the user identification codes with the user identification codes to be verified one by one, determines whether the user identification code to be verified already exists in the user identification code to be verified, and if the user identification code exists and the user identification code to be verified exists and is valid for a certain period, the application service can be directly accessed by using a cookie, and the process can refer to a user authentication mode based on session. However, if the existing user identification code is not stored in the redis memory database, it indicates that the verified and stored user identification code to be verified does not exist on the server 120 side, and a text information invalidity prompt is generated and fed back to the terminal 110, so that the terminal 120 requests application login by using the login state identifier "state".
In an embodiment, on the basis of the above embodiment, before the step S210 receives the application automatic login request of the terminal, the method specifically includes the following steps:
if the user identification code to be checked is matched with a target user identification code in the plurality of user identification codes, determining the valid period range of the target user identification code; if the valid period range of the target user identification code is not matched with the acquisition time of the text information to be checked, generating a text information expiration prompt; and the text information expiration prompt is used for feeding back to the terminal so that the terminal can send an application automatic login request with a login state identifier.
The target user identifier may be a user identifier that is stored in the redis memory database and matches with the user identifier to be verified, for example, a UUID in the cookie.
The valid period range may refer to a valid period Time range of the user identifier, where the range takes a universal Time coordinated (utc) world Time for generating the cookie as a Time start point, and the customized Time as a Time end point.
In the specific implementation, after matching the user identification code consistent with the user identification code to be checked in the redis memory database as the target user identification code, the server 120 may determine that the user identification code to be checked exists, and then further verify whether the user identification code to be checked is in the valid period, and may determine whether the cookie (uuid) requests for application login service access in the valid period by verifying the valid period range of the target user identification code stored at the server 120 side and the currently received application service access request time (text information acquisition time to be checked, user identification code acquisition time to be checked), if matching, the login cookie may be directly used for application, if not matching, the cookie text information is expired, the server 120 may generate a text information expiration prompt to be fed back to the terminal 110, so that the terminal 110 may resend the application automatic login request with the login status identifier "state", re-requesting automatic login to the particular application.
In one embodiment, in step S220, in response to the application automatic login request, decrypting the login status identifier by using a preset algorithm, and acquiring the target user information according to the decrypted login status identifier, specifically including the following steps:
in response to the application automatic login request, decrypting the login state identifier through a preset algorithm to obtain the decrypted login state identifier; the decrypted login state identifier comprises terminal login time; determining a pre-stored identifier validity period range corresponding to the login state identifier, and matching the identifier validity period range with the terminal login time; and if the validity period range of the identifier is matched with the terminal login time, acquiring the information of the target user according to the login state identifier.
The terminal login time may be the current time when the terminal 11 sends the application login request, for example, 2019, month-02, day-24, XX, hour-XX minute-XX seconds.
In a specific implementation, as mentioned in the above embodiment, the login state identifier "state" is encrypted by a character digest and terminal login time, and the character digest is encrypted by an account name and an account type of the user information by using an MD5 algorithm, so after the server 120 acquires the login state identifier sent by the terminal 110, the server 120 decrypts the login state identifier by using the inverse algorithm of the algorithm used to generate the identifier, so as to obtain the terminal login time, and since it is verified that the cookie exists in the previous sequence step but is expired, the server 120 side stores the user information of the user with the same identity, that is, the account information of the same login state identifier "state" is stored. The server 120 determines whether the login status identifier "state" is expired, and may determine by using the terminal login time and the pre-stored identifier validity range, and if the terminal login time conforms to the identifier validity range, it indicates that the login status identifier "state" is not expired, and may further extract the user information corresponding to the login status identifier "state" as the target user information.
In an embodiment, on the basis of the foregoing embodiment, if the identifier validity period range matches the terminal login time, the method specifically includes the following steps:
if the identifier validity period range is matched with the terminal login time, determining target account information from a plurality of pre-stored candidate account information according to the login state identifier; the target account information is candidate account information matched with the login state identifier; and decrypting the target account information through a preset algorithm to obtain the target user information.
The candidate account information may be account information that is stored in a redis memory database, is generated by encrypting the preamble step, and has a one-to-one mapping relationship with the login state identifier "state".
In a specific implementation, a plurality of login state identifiers "state" and encrypted account information corresponding to the login state identifiers "state" are stored in the redis memory database on the server 120 side, and a one-to-one mapping relationship exists between the login state identifiers "state" and the encrypted account information, and the encrypted account information is obtained by encrypting the account name and the account type of the user information by using a preset algorithm as mentioned in the above embodiments. Therefore, if the server 120 determines that the login status flag "state" currently sent by the terminal 110 is within the validity period, the login status flag "state" may be used to determine the target account information from the multiple candidate account information stored in the redis memory database, and further, the target account information is decrypted by using the same algorithm as that used for encrypting the user information in the previous period, so as to obtain the target user information.
In one embodiment, the step S240 of verifying the second character digest according to the first character digest, and if the second character digest is verified to be consistent with the first character digest, receiving and executing the application operation instruction of the terminal includes the following steps:
matching the first character abstract with the second character abstract; if the first character abstract is matched with the second character abstract, generating effective text information according to the target user information; and sending the effective text information to the terminal for the terminal to request to access the application service through the effective text information.
In specific implementation, the server 120 verifies whether the login state identifier "state" sent by the terminal 110 is valid, and the verification can be realized by verifying the first character abstract and the second character abstract, that is, the first character abstract and the second character abstract are matched, if the matching is consistent, the verification is valid, the login state identifier "state" sent by the terminal 110 is not tampered, and the automatic login of the application can be further executed, that is, the valid text information is regenerated according to the currently extracted target user information, and the valid text information is fed back to the terminal 110 so that a subsequent request can be sent to the application with the valid text information for successful login.
For example, the first character digest and the second character digest are matched and consistent, and it is determined that the first character digest and the second character digest are equal to each other, the server 120 stores the target user information into a redis memory database, regenerates the UUID, constructs new cookie valid text information with the newly generated UUID as a key and the target user information as a value, and feeds the valid text information back to the terminal 110, so that the invalid or expired text information to be verified in the application service access request is replaced.
In an embodiment, on the basis of the above embodiment, if the first character abstract is matched with the second character abstract, the method for generating the effective text information according to the target user information specifically includes the following steps:
if the first character abstract is matched with the second character abstract, acquiring a user identification code corresponding to the target user information; and generating effective text information according to the user identification code corresponding to the target user information and the target user information.
In a specific implementation, if the first character digest is matched with the second character digest, the user identification code corresponding to the first character digest can be regenerated according to the target user information, that is, the timestamp for receiving the application automatic login request and the terminal MAC address are acquired to generate a new user identification code, and then the target user information is used as a key, and the newly generated user identification code is used as a value to form an effective text information cookie to be fed back to the terminal 110.
In one embodiment, the preset algorithm includes at least one of an AES algorithm, a DES algorithm, a 3DES algorithm, an RSA algorithm, a DSA algorithm.
In specific implementation, a person skilled in the art can generate or decrypt the login state identifier "state" and the account information by using the preset algorithm, and in practical application, a hash algorithm such as MD5 can be used for encryption and corresponding inverse operation decryption as required. Therefore, the preset algorithm referred to in the present application may be set according to practical situations, and is not limited in the present application.
According to the scheme provided by the embodiment of the invention, the login state identifier can be used for realizing the automatic login of the application when the text information sent by the terminal is invalid or overdue, so that the requirement of a user can be met, meanwhile, the occupied memory of the login state identifier is smaller, the data transmission pressure is reduced, and further, the login state identifier is stored on the server side, when the login state identifier is illegally tampered or overdue and invalid, the data security can be improved by deleting or modifying the login state identifier stored on the server side, and the controllability of the automatic login of the application is improved.
It should be understood that, although the steps in the flowchart of fig. 2 are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least a portion of the steps in fig. 2 may include multiple sub-steps or multiple stages that are not necessarily performed at the same time, but may be performed at different times, and the order of performance of the sub-steps or stages is not necessarily sequential, but may be performed in turn or alternately with other steps or at least a portion of the sub-steps or stages of other steps.
In one embodiment, as shown in fig. 3, an application automatic login apparatus 300 is provided, which comprises a request receiving module 310, a request responding module 320, a summary generating module 330 and a summary verifying module 340, wherein:
a request receiving module 310, configured to receive an application automatic login request of a terminal; the application automatic login request comprises a login state identifier;
the request response module 320 is configured to decrypt the login status identifier through a preset algorithm in response to the application automatic login request, and obtain target user information according to the decrypted login status identifier;
the abstract generating module 330 is configured to generate a first character abstract according to the account name and the account type of the target user information;
the abstract verification module 340 is configured to verify the second character abstract according to the first character abstract, and receive and execute an application operation instruction of the terminal if the second character abstract is verified to be consistent with the first character abstract; the second character abstract is a character obtained after the login state identification is decrypted.
According to the scheme provided by the embodiment of the invention, the server can acquire the login state identifier by receiving the application automatic login request of the terminal, respond to the application automatic login request and decrypt the login state identifier through a preset algorithm to obtain the second character abstract and the target user information, and because the first character abstract generated according to the account name and the account type in the target user information belongs to the data generated by the server pre-stored information, the second character abstract is verified through the first character abstract, whether the login state identifier sent by the terminal is falsified or not can be judged, if the two are verified to be consistent, the login state identifier sent by the terminal is an effective identifier, and the automatic login of the application can be further realized. By adopting the scheme, the login state identifier can be used for realizing automatic login of the application when the text information sent by the terminal is invalid or overdue, the user requirement can be met, meanwhile, the occupied memory of the login state identifier is small, the data transmission pressure is reduced, the login state identifier is stored in the server side, when the login state identifier is illegally tampered or overdue and invalid, the data security can be improved by deleting or modifying the login state identifier stored in the server side, and the controllability of the automatic login of the application is improved.
In one embodiment, the application automatic login device 300 further includes a user identification code verification module, configured to receive an application service access request of the terminal; the application service access request comprises text information to be verified; the text information to be checked comprises a user identification code to be checked; if the user identification code to be checked is not matched with the plurality of pre-stored user identification codes, generating a text information invalid prompt; the text information invalid prompt is used for feeding back to the terminal so that the terminal can obtain the text information with valid login authentication again.
In one embodiment, the application automatic login device 300 further includes an identification code validity period verification module, configured to determine a validity period range of the target user identification code if the user identification code to be verified matches the target user identification code of the plurality of user identification codes; if the valid period range of the target user identification code is not matched with the acquisition time of the text information to be checked, generating a text information expiration prompt; and the text information expiration prompt is used for feeding back to the terminal so that the terminal can send an application automatic login request with a login state identifier.
In one embodiment, the request response module 320 is further configured to decrypt the login status identifier through a preset algorithm in response to the application automatic login request, so as to obtain a decrypted login status identifier; the decrypted login state identifier comprises terminal login time; determining a pre-stored identifier validity period range corresponding to the login state identifier, and matching the identifier validity period range with the terminal login time; and if the validity period range of the identifier is matched with the terminal login time, acquiring the information of the target user according to the login state identifier.
In one embodiment, the request response module 320 is further configured to determine target account information from a plurality of pre-stored candidate account information according to the login status identifier if the identifier validity period range matches the terminal login time; the target account information is candidate account information matched with the login state identifier; and decrypting the target account information through a preset algorithm to obtain the target user information.
In one embodiment, the digest verification module 340 is further configured to match the first character digest with the second character digest; if the first character abstract is matched with the second character abstract, generating effective text information according to the target user information; and sending the effective text information to the terminal for the terminal to request to access the application service through the effective text information.
In one embodiment, the digest verification module 340 is further configured to obtain a user identifier corresponding to the target user information if the first character digest matches the second character digest; and generating effective text information according to the user identification code corresponding to the target user information and the target user information.
According to the scheme provided by the embodiment of the invention, the login state identifier can be used for realizing automatic login of the application when the text information sent by the terminal is invalid or overdue, so that the user requirement can be met, meanwhile, the occupied memory of the login state identifier is small, the data transmission pressure is reduced, the login state identifier is stored at the server side, when the login state identifier is illegally tampered or expired, the data security can be improved by deleting or modifying the login state identifier stored at the server side, and the controllability of the automatic login of the application is improved.
For specific limitations of the above-mentioned automatic application login device, reference may be made to the above limitations of the automatic application login method, which are not described herein again. The modules in the automatic login device for the application can be wholly or partially realized by software, hardware and a combination thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In one embodiment, a computer device is provided, which may be a server, the internal structure of which may be as shown in fig. 4. The computer device includes a processor, a memory, a network interface, and a database connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The database of the computer device is used for storing identification information and device information. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement an application auto-login method.
Those skilled in the art will appreciate that the architecture shown in fig. 4 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
In one embodiment, a computer device is provided, comprising a memory and a processor, the memory having a computer program stored therein, the processor implementing the following steps when executing the computer program:
receiving an application automatic login request of a terminal; the application automatic login request comprises a login state identifier;
in response to the application automatic login request, decrypting the login state identifier through a preset algorithm, and acquiring target user information according to the decrypted login state identifier;
generating a first character abstract according to the account name and the account type of the target user information;
verifying the second character abstract according to the first character abstract, and receiving and executing an application operation instruction of the terminal if the second character abstract is verified to be consistent; the second character abstract is a character obtained after the login state identification is decrypted.
In one embodiment, the processor, when executing the computer program, further performs the steps of:
receiving an application service access request of a terminal; the application service access request comprises text information to be verified; the text information to be checked comprises a user identification code to be checked; if the user identification code to be checked is not matched with the plurality of pre-stored user identification codes, generating a text information invalid prompt; the text information invalid prompt is used for feeding back to the terminal so that the terminal can obtain the text information with valid login authentication again.
In one embodiment, the processor, when executing the computer program, further performs the steps of:
if the user identification code to be checked is matched with a target user identification code in the plurality of user identification codes, determining the valid period range of the target user identification code; if the validity period range of the target user identification code is not matched with the acquisition time of the text information to be checked, generating a text information expiration prompt; and the text information expiration prompt is used for feeding back to the terminal so that the terminal can send an application automatic login request with a login state identifier.
In one embodiment, the processor, when executing the computer program, further performs the steps of:
in response to the application automatic login request, decrypting the login state identifier through a preset algorithm to obtain the decrypted login state identifier; the decrypted login state identifier comprises terminal login time; determining a pre-stored identifier validity period range corresponding to the login state identifier, and matching the identifier validity period range with the terminal login time; and if the validity period range of the identifier is matched with the terminal login time, acquiring the information of the target user according to the login state identifier.
In one embodiment, the processor, when executing the computer program, further performs the steps of:
if the identifier validity period range is matched with the terminal login time, determining target account information from a plurality of pre-stored candidate account information according to the login state identifier; the target account information is candidate account information matched with the login state identifier; and decrypting the target account information through a preset algorithm to obtain the target user information.
In one embodiment, the processor, when executing the computer program, further performs the steps of:
matching the first character abstract with the second character abstract; if the first character abstract is matched with the second character abstract, generating effective text information according to the target user information; and sending the effective text information to the terminal for the terminal to request to access the application service through the effective text information.
In one embodiment, the processor, when executing the computer program, further performs the steps of:
if the first character abstract is matched with the second character abstract, acquiring a user identification code corresponding to the target user information; and generating effective text information according to the user identification code corresponding to the target user information and the target user information.
In one embodiment, a computer-readable storage medium is provided, having a computer program stored thereon, which when executed by a processor, performs the steps of:
receiving an application automatic login request of a terminal; the application automatic login request comprises a login state identifier;
in response to the application automatic login request, decrypting the login state identifier through a preset algorithm, and acquiring target user information according to the decrypted login state identifier;
generating a first character abstract according to the account name and the account type of the target user information;
verifying the second character abstract according to the first character abstract, and receiving and executing an application operation instruction of the terminal if the second character abstract is verified to be consistent; the second character abstract is a character obtained after the login state identification is decrypted.
In one embodiment, the computer program when executed by the processor further performs the steps of:
receiving an application service access request of a terminal; the application service access request comprises text information to be verified; the text information to be checked comprises a user identification code to be checked; if the user identification code to be checked is not matched with the plurality of pre-stored user identification codes, generating a text information invalid prompt; the text information invalid prompt is used for feeding back to the terminal so that the terminal can obtain the text information with valid login authentication again.
In one embodiment, the computer program when executed by the processor further performs the steps of:
if the user identification code to be checked is matched with a target user identification code in the plurality of user identification codes, determining the valid period range of the target user identification code; if the valid period range of the target user identification code is not matched with the acquisition time of the text information to be checked, generating a text information expiration prompt; and the text information expiration prompt is used for feeding back to the terminal so that the terminal can send an application automatic login request with a login state identifier.
In one embodiment, the computer program when executed by the processor further performs the steps of:
in response to the application automatic login request, decrypting the login state identifier through a preset algorithm to obtain the decrypted login state identifier; the decrypted login state identifier comprises terminal login time; determining a pre-stored identifier validity period range corresponding to the login state identifier, and matching the identifier validity period range with the terminal login time; and if the validity period range of the identifier is matched with the terminal login time, acquiring the information of the target user according to the login state identifier.
In one embodiment, the computer program when executed by the processor further performs the steps of:
if the identifier validity period range is matched with the terminal login time, determining target account information from a plurality of pre-stored candidate account information according to the login state identifier; the target account information is candidate account information matched with the login state identifier; and decrypting the target account information through a preset algorithm to obtain the target user information.
In one embodiment, the computer program when executed by the processor further performs the steps of:
matching the first character abstract with the second character abstract; if the first character abstract is matched with the second character abstract, generating effective text information according to the target user information; and sending the effective text information to the terminal for the terminal to request to access the application service through the effective text information.
In one embodiment, the computer program when executed by the processor further performs the steps of:
if the first character abstract is matched with the second character abstract, acquiring a user identification code corresponding to the target user information; and generating effective text information according to the user identification code corresponding to the target user information and the target user information.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), synchronous Link (Synchlink) DRAM (SLDRAM), Rambus (Rambus) direct RAM (RDRAM), direct bused dynamic RAM (DRDRAM), and bused dynamic RAM (RDRAM).
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.
Claims (10)
1. An automatic application login method is characterized by comprising the following steps:
receiving an application automatic login request of a terminal; the application automatic login request comprises a login state identifier;
in response to the application automatic login request, decrypting the login state identifier through a preset algorithm, and acquiring target user information according to the decrypted login state identifier;
generating a first character abstract according to the account name and the account type of the target user information;
matching the first character abstract with a second character abstract;
if the first character abstract is matched with the second character abstract, generating effective text information according to the target user information;
sending the effective text information to the terminal, so that the terminal can request to access an application service through the effective text information; and the second character abstract is a character obtained after the login state identification is decrypted.
2. The method according to claim 1, further comprising, prior to receiving the application auto-login request of the terminal:
receiving an application service access request of the terminal; the application service access request comprises text information to be verified; the text information to be verified comprises a user identification code to be verified;
if the user identification code to be checked is not matched with the plurality of pre-stored user identification codes, generating a text information invalid prompt; and the text information invalid prompt is used for feeding back to the terminal so that the terminal can obtain the text information with valid login authentication again.
3. The method of claim 2, further comprising:
if the user identification code to be checked is matched with a target user identification code in the plurality of user identification codes, determining the valid period range of the target user identification code;
if the validity period range of the target user identification code is not matched with the acquisition time of the text information to be checked, generating a text information expiration prompt; and the text information expiration prompt is used for feeding back to the terminal so that the terminal can send an application automatic login request with the login state identifier.
4. The method according to claim 1, wherein the decrypting the login status identifier by a preset algorithm in response to the application automatic login request, and obtaining target user information according to the decrypted login status identifier comprises:
in response to the application automatic login request, decrypting the login state identifier through a preset algorithm to obtain the decrypted login state identifier; the decrypted login state identifier comprises terminal login time;
determining a pre-stored identifier validity range corresponding to the login state identifier, and matching the identifier validity range with the terminal login time;
and if the identifier validity period range is matched with the terminal login time, acquiring target user information according to the login state identifier.
5. The method according to claim 4, wherein if the identifier validity period range matches the terminal login time, acquiring target user information according to the login status identifier comprises:
if the identifier validity period range is matched with the terminal login time, determining target account information from a plurality of pre-stored candidate account information according to the login state identifier; the target account information is candidate account information matched with the login state identification;
and decrypting the target account information through a preset algorithm to obtain target user information.
6. The method of claim 1, wherein generating valid text information based on the target user information if the first character digest matches the second character digest comprises:
if the first character abstract is matched with the second character abstract, acquiring a user identification code corresponding to the target user information;
and generating effective text information according to the user identification code corresponding to the target user information and the target user information.
7. The method of claim 1, wherein the preset algorithm comprises at least one of an AES algorithm, a DES algorithm, a 3DES algorithm, an RSA algorithm, a DSA algorithm.
8. An application auto-login apparatus, comprising:
the request receiving module is used for receiving an application automatic login request of the terminal; the application automatic login request comprises a login state identifier;
the request response module is used for responding to the application automatic login request, decrypting the login state identification through a preset algorithm and acquiring target user information according to the decrypted login state identification;
the abstract generating module is used for generating a first character abstract according to the account name and the account type of the target user information;
the abstract verification module is used for matching the first character abstract with the second character abstract; if the first character abstract is matched with the second character abstract, generating effective text information according to the target user information; the effective text information is sent to the terminal, so that the terminal can request to access the application service through the effective text information; and the second character abstract is a character obtained after the login state identification is decrypted.
9. A computer device comprising a memory and a processor, the memory storing a computer program, wherein the processor implements the steps of the method of any one of claims 1 to 7 when executing the computer program.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911268542.6A CN111107073B (en) | 2019-12-11 | 2019-12-11 | Application automatic login method and device, computer equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911268542.6A CN111107073B (en) | 2019-12-11 | 2019-12-11 | Application automatic login method and device, computer equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111107073A CN111107073A (en) | 2020-05-05 |
| CN111107073B true CN111107073B (en) | 2022-05-10 |
Family
ID=70422828
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911268542.6A Active CN111107073B (en) | 2019-12-11 | 2019-12-11 | Application automatic login method and device, computer equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111107073B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111898110A (en) * | 2020-08-05 | 2020-11-06 | 苏州朗动网络科技有限公司 | Method, device, server and storage medium for acquiring user identity information |
| CN112351421B (en) * | 2020-09-14 | 2024-02-06 | 深圳Tcl新技术有限公司 | Control method, control device and computer storage medium for data transmission |
| CN113157812A (en) * | 2021-05-21 | 2021-07-23 | 湖南快乐阳光互动娱乐传媒有限公司 | Method and system for synchronizing distributed multi-cluster state class data |
| CN114679302A (en) * | 2022-03-01 | 2022-06-28 | 中信百信银行股份有限公司 | Method, device, equipment and storage medium for docking single sign-on system |
| CN116208378B (en) * | 2023-01-03 | 2023-11-24 | 学银通融(北京)教育科技有限公司 | Method, device and equipment for preventing user from logging in repeatedly |
| CN116743461B (en) * | 2023-06-15 | 2023-12-22 | 上海银满仓数字科技有限公司 | Commodity data encryption method and device based on time stamp |
| CN117040941A (en) * | 2023-10-10 | 2023-11-10 | 北京轻松怡康信息技术有限公司 | Account login method and device, electronic equipment and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101815291A (en) * | 2010-03-22 | 2010-08-25 | 中兴通讯股份有限公司 | Method and system for logging on client automatically |
| US9379896B1 (en) * | 2011-10-24 | 2016-06-28 | Google Inc. | Compromised password mitigation |
| CN106850228A (en) * | 2017-01-11 | 2017-06-13 | 北京航空航天大学 | A kind of foundation of portable intelligent password management system and operating method |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103023908B (en) * | 2012-12-21 | 2016-08-24 | 北京奇虎科技有限公司 | A kind of website information acquisition, equipment and system |
| US9213812B1 (en) * | 2012-12-28 | 2015-12-15 | Allscripts Software, Llc | Systems and methods related to security credentials |
| CN104580248A (en) * | 2015-01-27 | 2015-04-29 | 中復保有限公司 | Secured logon method for variable secret key encryption under HTTP |
| CN106209793A (en) * | 2016-06-30 | 2016-12-07 | 上海斐讯数据通信技术有限公司 | A kind of auth method and checking system |
| CN106656505A (en) * | 2016-11-16 | 2017-05-10 | 航天信息股份有限公司 | Mobile terminal electronic signature system based on event certificate and mobile terminal electronic signature method thereof |
| CN107864160A (en) * | 2017-12-21 | 2018-03-30 | 南京东巴电子科技有限公司 | A kind of method that unifying user authentication is carried out based on unique login identification card number |
-
2019
- 2019-12-11 CN CN201911268542.6A patent/CN111107073B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101815291A (en) * | 2010-03-22 | 2010-08-25 | 中兴通讯股份有限公司 | Method and system for logging on client automatically |
| US9379896B1 (en) * | 2011-10-24 | 2016-06-28 | Google Inc. | Compromised password mitigation |
| CN106850228A (en) * | 2017-01-11 | 2017-06-13 | 北京航空航天大学 | A kind of foundation of portable intelligent password management system and operating method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111107073A (en) | 2020-05-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111107073B (en) | Application automatic login method and device, computer equipment and storage medium | |
| CN111949953B (en) | Identity authentication method, system and device based on block chain and computer equipment | |
| CN108768664B (en) | Key management method, device, system, storage medium and computer equipment | |
| CN109359691B (en) | Identity verification method and system based on block chain | |
| CN107948204B (en) | One-key login method and system, related equipment and computer readable storage medium | |
| CN106612180B (en) | Method and device for realizing session identification synchronization | |
| CN108111497B (en) | Mutual authentication method and device for camera and server | |
| CN111031047B (en) | Device communication method, device, computer device and storage medium | |
| CN107360131B (en) | Method, server and system for controlling validity of service request | |
| CN112632581A (en) | User data processing method and device, computer equipment and storage medium | |
| CN109145628B (en) | Data acquisition method and system based on trusted execution environment | |
| CN112800393B (en) | Authorization authentication method, software development kit generation method, device and electronic equipment | |
| CN110213229B (en) | Identity authentication method, system, computer equipment and storage medium | |
| CN109391618B (en) | Method and system for establishing communication link | |
| CN111460410A (en) | Server login method, device and system and computer readable storage medium | |
| CN107818255B (en) | Method for enhancing system security based on fingerprint identification encryption | |
| CN110225511B (en) | Method, device and system for acquiring IMEI number of terminal and computer equipment | |
| CN105100030B (en) | Access control method, system and device | |
| CN108390758B (en) | User password processing method and device and internal control security monitoring system | |
| CN113452519B (en) | Key synchronization method and device, computer equipment and storage medium | |
| CN109561093B (en) | Unauthorized behavior detection method and device, computer equipment and storage medium | |
| CN114239000A (en) | Password processing method, device, computer equipment and storage medium | |
| US20220035924A1 (en) | Service trust status | |
| CN112491879A (en) | Method for remotely updating firmware, computer equipment and storage medium | |
| CN113726720B (en) | Internet of things equipment communication method, equipment, server and communication system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |