CN111181977B - Login method, device, electronic equipment and medium - Google Patents

Login method, device, electronic equipment and medium Download PDF

Info

Publication number
CN111181977B
CN111181977B CN201911418866.3A CN201911418866A CN111181977B CN 111181977 B CN111181977 B CN 111181977B CN 201911418866 A CN201911418866 A CN 201911418866A CN 111181977 B CN111181977 B CN 111181977B
Authority
CN
China
Prior art keywords
login
client
token
identifier
web browser
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911418866.3A
Other languages
Chinese (zh)
Other versions
CN111181977A (en
Inventor
李强
张页飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ruiting Network Technology Shanghai Co ltd
Original Assignee
Ruiting Network Technology Shanghai Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ruiting Network Technology Shanghai Co ltd filed Critical Ruiting Network Technology Shanghai Co ltd
Priority to CN201911418866.3A priority Critical patent/CN111181977B/en
Publication of CN111181977A publication Critical patent/CN111181977A/en
Application granted granted Critical
Publication of CN111181977B publication Critical patent/CN111181977B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention discloses a login method, a login device, electronic equipment and a login medium. The method comprises the following steps: obtaining the unique device identifier of the client, sending a login request carrying the unique device identifier to the server, so that after the server determines that the unique device identifier exists in the device list, generating a login authentication result according to the login request, receiving the login authentication result returned by the server, when the login verification result is successful, jumping to a web browser, opening a target page of the client in a login state, so that when the login operation is not allowed to be directly performed through the web browser, the client logs in and then switches to the web browser, thereby avoiding the problems that the web browser can remember information such as account numbers and passwords and the user can log in on the client of the user or others, therefore, the problems of difficulty in management and hidden danger in safety caused by the existing login mode are solved, and the login safety is improved.

Description

Login method, device, electronic equipment and medium
Technical Field
The present invention relates to the field of data processing technologies, and in particular, to a login method, a login apparatus, an electronic device, and a computer-readable storage medium.
Background
With the development of internet technology, more and more network services have both web page versions and APPs (applications), and users can log in on web pages, APPs, and also different clients, and the user logs in freely and randomly and generally cannot be controlled.
Some corporate, group or organizational users may be in management or security needs, requiring some control over the employee's login. For example, currently, most employees of a house brokerage company log in through inputting an account and a password in a web browser, so that the employees can log in on their own clients and also log in on other clients, which causes management difficulty.
Disclosure of Invention
In view of the above problems, a login method, a login device, an electronic device, and a computer-readable storage medium are provided to solve the problems of management difficulty and security hidden trouble caused by the existing login method.
According to an aspect of the present invention, there is provided a login method applied to a client, including:
acquiring a device unique identifier of the client for installing the application program;
sending a login request carrying the unique equipment identifier to a server of the application program, so that the server generates a login verification result according to the login request after determining that the unique equipment identifier exists in an equipment list;
receiving the login verification result returned by the server;
and under the condition that the login verification result is successful, jumping to a webpage browser corresponding to the application program, so that a target page of the client in a login state is opened in the webpage browser.
Optionally, the login request further carries a device token, and before the login request carrying the unique device identifier is sent to the server of the application program, the method further includes:
sending a token acquisition request to the server side, so that the server side can verify a user identifier, a user password, a user group identifier and the unique device identifier carried in the token acquisition request, and if the verification result is consistent, generating the device token according to the user identifier, the unique device identifier and a timestamp of the token acquisition request;
and receiving the device token returned by the server.
Optionally, the method further comprises:
receiving prompt information which is returned by the server and does not exist in the equipment list;
and prompting that the unique equipment identifier does not exist in the equipment list according to the prompt information.
Optionally, the login verification result includes a page link of the target page, and the jumping to the web browser corresponding to the application program causes that opening the target page of the client in the login state in the web browser includes:
sending a control instruction to the web browser, wherein the control instruction carries the page link;
and opening the target page in the web browser according to the control instruction.
According to another aspect of the present invention, there is provided a login method applied to a server, including:
receiving a login request which is sent by a client for installing an application program and carries a unique equipment identifier of the client;
determining that the device unique identifier exists in a device list;
generating a login verification result according to the login request;
and sending the login verification result to the client, so that the client jumps to a web browser corresponding to the application program under the condition that the login verification result is successful, and a target page of the client in a login state is opened in the web browser.
Optionally, the login request further carries a device token, and before the login request which is sent by the client for installing the application and carries the device unique identifier of the client is received, the method further includes:
receiving a token acquisition request sent by the client;
verifying the user identification, the user password, the user group identification and the unique equipment identification carried by the token acquisition request;
if the verification result is consistent, generating the equipment token according to the user identification, the equipment unique identification and the time stamp of the token acquisition request;
sending the device token to the client.
Optionally, the generating a login verification result according to the login request includes:
generating verification data according to the user identifier and the unique device identifier cached by the server and the timestamp of the token acquisition request;
comparing the equipment token with the verification data to obtain a comparison result;
and generating the login verification result according to the comparison result.
Optionally, the login request further carries a first network address, and the generating a login verification result according to the login request includes:
searching a second network address cached by the server according to the user identifier carried by the login request;
and when the first network address and the second network address are determined to be consistent, determining that the login verification is passed.
According to another aspect of the present invention, there is provided a login apparatus applied to a client, including:
the identification acquisition module is used for acquiring the unique equipment identification of the client side for installing the application program;
the request sending module is used for sending a login request carrying the unique equipment identifier to a server of the application program, so that the server generates a login verification result according to the login request after determining that the unique equipment identifier exists in an equipment list;
the result receiving module is used for receiving the login verification result returned by the server;
and the page opening module is used for jumping to a web browser corresponding to the application program under the condition that the login verification result is successful, so that a target page of the client in a login state is opened in the web browser.
Optionally, the login request further carries an equipment token, and the apparatus further includes:
a token generation module, configured to send a token acquisition request to a server of the application before sending a login request carrying the unique device identifier to the server, so that the server verifies a user identifier, a user password, a user group identifier, and the unique device identifier carried in the token acquisition request, and if a verification result is consistent, generate the device token according to the user identifier, the unique device identifier, and a timestamp of the token acquisition request;
and the token receiving module is used for receiving the equipment token returned by the server.
Optionally, the apparatus further comprises:
the information receiving module is used for receiving prompt information which is returned by the server and does not exist in the equipment list;
and the prompting module is used for prompting that the unique equipment identifier does not exist in the equipment list according to the prompting information.
Optionally, the login verification result includes a page link of the target page, and the page opening module includes:
the instruction sending submodule is used for sending a control instruction to the web browser, wherein the control instruction carries the page link;
and the page opening sub-module is used for opening the target page in the web browser according to the control instruction.
According to another aspect of the present invention, there is provided a login device applied to a server, including:
the request receiving module is used for receiving a login request which is sent by a client side for installing an application program and carries a unique device identifier of the client side;
a determining module, configured to determine that the device unique identifier exists in a device list;
the result generation module is used for generating a login verification result according to the login request;
and the result sending module is used for sending the login verification result to the client so that the client jumps to a web browser corresponding to the application program under the condition that the login verification result is successful, and a target page of the client in a login state is opened in the web browser.
Optionally, the login request further carries an equipment token, and the apparatus further includes:
the request receiving module is used for receiving a token acquisition request sent by a client side for installing an application program before receiving a login request which is sent by the client side and carries a device unique identifier of the client side;
the verification module is used for verifying the user identification, the user password, the user group identification and the unique equipment identification carried by the token acquisition request;
the token generation module is used for generating the equipment token according to the user identifier, the equipment unique identifier and the timestamp of the token acquisition request if the verification result is consistent;
and the token sending module is used for sending the equipment token to the client.
Optionally, the result generation module includes:
the data generation submodule is used for generating verification data according to the user identifier and the unique device identifier cached by the server and the timestamp of the token acquisition request;
the comparison submodule is used for comparing the equipment token with the verification data to obtain a comparison result;
and the result generation submodule is used for generating the login verification result according to the comparison result.
Optionally, the login request further carries a first network address, and the result generation module includes:
the address searching submodule is used for searching a second network address cached by the server according to the user identification carried by the login request;
and the determining submodule is used for determining that the login verification is passed when the first network address and the second network address are determined to be consistent.
In accordance with another aspect of the present invention, there is provided an electronic apparatus including: a processor, a memory and a computer program stored on the memory and executable on the processor, the computer program implementing the above-mentioned logging method when executed by the processor.
According to another aspect of the present invention, a computer-readable storage medium is provided, which is characterized in that the computer-readable storage medium has stored thereon a computer program, which when executed by a processor implements the above-mentioned login method.
To sum up, according to the embodiments of the present invention, a login request carrying a device unique identifier is sent to a server of an application program by obtaining the device unique identifier of the client that installs the application program, so that the server generates a login authentication result according to the login request after determining that the device unique identifier exists in a device list, receives the login authentication result returned by the server, and jumps to a web browser corresponding to the application program when the login authentication result is successful, so as to open a target page of the client in a login state in the web browser, so that when the login operation is not allowed directly through the web browser, the client logs in and then switches to the web browser, thereby avoiding that the web browser memorizes information such as an account number and a password, and the user can log in on the client of the user or others, thereby solving the problems of difficult management and hidden danger in safety caused by the existing login mode and improving the login safety.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
fig. 1 is a flowchart illustrating a login method according to a first embodiment of the present invention;
fig. 2 is a flowchart illustrating a login method according to a second embodiment of the present invention;
fig. 3 is a block diagram showing a login apparatus in a third embodiment of the present invention;
fig. 4 is a block diagram showing a login apparatus according to a fourth embodiment of the present invention;
fig. 5 shows a block diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
Example one
Referring to fig. 1, a flowchart of a login method in a first embodiment of the present invention is shown, and is applied to a client, which may specifically include:
step 101, obtaining a device unique identifier of the client for installing the application program.
In the embodiment of the present invention, the client includes a mobile phone, a tablet computer, a notebook computer, an intelligent wearable device, or any other suitable client, which is not limited in this embodiment of the present invention. The Device Unique Identifier is used to uniquely identify the client, for example, an IMEI (International Mobile Equipment Identity), an UDID (Unique Device Identifier Description), or any other applicable Device Unique Identifier, which is not limited in this embodiment of the present invention. The client is provided with an application program which can be used for the login method of the invention. For example, the device unique identification of the client is sent by the application to the server.
And 102, sending a login request carrying the unique equipment identifier to a server of the application program, so that the server generates a login verification result according to the login request after determining that the unique equipment identifier exists in an equipment list.
The login request is a request for the user to log in a website or a program application system, and after the login is successful, the user can legally use various capabilities of the account, for example, a mailbox user can send and receive mails, view/change an address book and the like; forum users may view/modify data, send and receive posts, etc.; the instant messaging application may send and receive messages, view/change material, view/change relationship chain information, and the like.
In the embodiment of the invention, the login request needs to carry the unique device identifier, and the application program on the client sends the login request to the server. In specific implementation, for each user set such as a company, a group or an organization, a device access limiting switch and a trusted device list are maintained at a server, that is, one device access limiting switch is correspondingly set for one company, group or organization, and the device list cannot have a repeated unique device identifier. After the device access limit corresponding to the user set is opened, if the user performs login operation on a webpage through a webpage browser, the user set where the user set is located is prompted to open device authorized login, an account is requested to be logged in from an application program, a shortcut for downloading the application program can be provided, and when the application program is downloaded, a proper application program version can be automatically selected for downloading according to an operating system of a client used by the user.
For example, if the application is dedicated to login, and when the property brokerage firm opens device access restrictions, the broker in that firm will prompt "you are in the firm to open device authorized login, please log in account from the application, download the application" when logging in on the web page via the web browser. Of course, the broker may log in directly from the application.
In the embodiment of the invention, after receiving the login request, the server firstly determines whether the unique device identifier exists in the device list, and generates the login verification result according to the login request under the condition of determining that the unique device identifier exists in the device list. For example, the server first searches whether the device unique identifier exists in the device list, if so, checks an account number, a password and the like in the login request, if the check is passed, generates a login verification result of successful login, and if the check is not passed, generates a login verification result of failed login.
In the embodiment of the present invention, optionally, the method may further include: receiving prompt information which is returned by the server and does not exist in the equipment list; and prompting that the unique equipment identifier does not exist in the equipment list according to the prompt information.
For example, the user logs in with an application program on the client for the first time, or the company of the user has not added the device unique identifier of the client of the user to the device list of the server, when the relevant information is filled in and the login is clicked, the server returns prompt information that the device unique identifier does not exist in the device list, the client may pop up to prompt that "the device is not authorized yet", at this time, the device unique identifier needs to be added to the device list corresponding to the company, and the user may send the device unique identifier to the relevant responsible person in a manner of an application program or mail on the client and the like to add the device unique identifier to the device list.
In this embodiment of the present invention, optionally, the login request further carries an equipment token, and before the sending the login request carrying the unique identifier of the equipment to the server, the method may further include: sending a token acquisition request to the server side, so that the server side can verify a user identifier, a user password, a user group identifier and the unique device identifier carried in the token acquisition request, and if the verification result is consistent, generating the device token according to the user identifier, the unique device identifier and a timestamp of the token acquisition request; and receiving the device token returned by the server.
The device token is generated based on the user identification, the device unique identification, and the timestamp of the token acquisition request. For example, the server generates a Device Token (Device Token) by passing a string composed of the user identifier, the Device unique identifier, and the time stamp of the Token acquisition request through the SHA-256 algorithm.
The SHA (Secure Hash Algorithm) series Algorithm is a cryptographic Hash function and can be divided into two major categories, namely SHA-1 and SHA-2. Wherein, the sub-version of SHA-2 comprises SHA-224, SHA-256, SHA-384 and SHA-512, and the output results are respectively 224, 256, 384 and 512 bits. The SHA-256 algorithm uses a hash value of 256 bits in length.
Before sending a login request to a server, a client sends a token obtaining request for obtaining an equipment token, wherein the token obtaining request carries a user identifier, a user password, a user group identifier and an equipment unique identifier. The user group identification is used to distinguish the user group to which the user belongs, e.g. a company identification. The method comprises the steps that a server side firstly verifies a user identifier, a user password, a user group identifier and an equipment unique identifier, for example, a corresponding company user name list is searched according to a company identifier, the user name exists in the company user name list, so that the user is determined to be a user in a company, the user name and the user password are determined to be correct, the equipment unique identifier is required to be determined to be in a trusted equipment list of the company, if the verification result is consistent, an equipment token can be generated according to the user identifier and the equipment unique identifier and a time stamp of a token acquisition request, the equipment token is returned to an application program on a client side, and the application program on the client side receives the equipment token returned by the server side. The server also needs to cache the user identifier, the user password, the user group identifier and the unique device identifier carried in the token acquisition request, and also can cache the generated device token.
When the application program on the client sends a login request to the server, the login request needs to carry the device token, when the server verifies the login request, whether the device token is correct or not needs to be verified, and if the device token is incorrect, the login verification result is that the login verification fails, so that the dynamically-changed device token is issued to the application program on the client during each login, and the login safety through the application program on the client is improved.
For example, after a user clicks login, an application program on a client side sends an HTTP (Hypertext Transfer Protocol) request for obtaining a device token, parameters include a company id, a user id, a password and a device unique identifier, after the server side receives the request, the server side verifies whether the user is a user in a company and the correctness of the user id and the password through the company id, the user id and the password, after the verification is passed, a device token is generated through a SHA-256 algorithm by using a character string formed by the user id, a time stamp of the token obtaining request and the device unique identifier, and then the device token is returned to the application program on the client side, and the company id, the user id, the password and the device unique identifier are cached.
Step 103, receiving the login verification result returned by the server.
In the embodiment of the invention, after the server generates the login verification result according to the login request, the login verification result is returned to the application program on the client, and the client receives the login verification result returned by the server.
And 104, under the condition that the login verification result is successful, jumping to a webpage browser corresponding to the application program, so that a target page of the client in a login state is opened in the webpage browser.
In the embodiment of the present invention, when the login verification result is that the login verification is successful, the application program on the client may jump to the web browser corresponding to the application program on the client, and open the target page of the client in the login state in the web browser. The web browser corresponding to the application program may be a web browser default for the operating system, or a web browser specified by the application program. For example, after the login is clicked in the application program and the server passes the authentication, the client switches from the application program to the corresponding web browser, and opens the website home page or the personal center page of the client in the login state.
In this embodiment of the present invention, optionally, the login verification result includes a page link of the target page, and the jumping to the web browser corresponding to the application program makes an implementation manner of opening the target page of the client in the login state in the web browser include: sending a control instruction to the web browser, wherein the control instruction carries the page link; and opening the target page in the web browser according to the control instruction.
The login verification result returned by the server side can comprise a page link of the target page. And the application program on the client sends a control instruction to the web browser, the control instruction carries the page link, and the web browser opens a new label page according to the control instruction and accesses the page link carried in the control instruction, so that a target page in a login state is opened.
To sum up, according to the embodiments of the present invention, a login request carrying a device unique identifier is sent to a server of an application program by obtaining the device unique identifier of the client that installs the application program, so that the server generates a login authentication result according to the login request after determining that the device unique identifier exists in a device list, receives the login authentication result returned by the server, and jumps to a web browser corresponding to the application program when the login authentication result is successful, so as to open a target page of the client in a login state in the web browser, so that when the login operation is not allowed directly through the web browser, the client logs in and then switches to the web browser, thereby avoiding that the web browser memorizes information such as an account number and a password, and the user can log in on the client of the user or others, thereby solving the problems of difficult management and hidden danger in safety caused by the existing login mode and improving the login safety.
Example two
Referring to fig. 2, a flowchart of a login method in the second embodiment of the present invention is shown, and is applied to a server, and specifically may include:
step 201, receiving a login request carrying a device unique identifier of a client sent by the client for installing an application program.
In the embodiment of the present invention, the specific implementation manner of this step may refer to the description in the foregoing embodiment, and details are not described herein.
In this embodiment of the present invention, optionally, before receiving the login request with the device unique identifier of the client sent by the client that installs the application program, the method further includes: receiving a token acquisition request sent by the client; verifying the user identification, the user password, the user group identification and the unique equipment identification carried by the token acquisition request; if the verification result is consistent, generating the equipment token according to the user identification, the equipment unique identification and the time stamp of the token acquisition request; sending the device token to the client.
In the embodiment of the present invention, the specific implementation manner of this step may refer to the description in the foregoing embodiment, and details are not described herein.
Step 202, determining that the device unique identifier exists in the device list.
In the embodiment of the present invention, the specific implementation manner of this step may refer to the description in the foregoing embodiment, and details are not described herein.
Step 203, generating a login verification result according to the login request.
In the embodiment of the present invention, the specific implementation manner of this step may refer to the description in the foregoing embodiment, and details are not described herein.
In this embodiment of the present invention, optionally, an implementation manner of generating a login verification result according to the login request may include: and generating verification data according to the user identifier and the unique equipment identifier cached by the server and the timestamp of the token acquisition request, comparing the equipment token with the verification data to obtain a comparison result, and generating the login verification result according to the comparison result.
The login request carries an equipment token, after receiving the login request, the server side generates verification data according to the cached user identification and the equipment unique identification and the timestamp of the token acquisition request, and the mode of generating the verification data is completely the same as the mode of generating the equipment token, namely, the equipment token is generated again. And then comparing the device token with the check data to obtain a comparison result, if the comparison result is consistent and no other verification fails, the generated login verification result is login verification pass, and if the comparison result is inconsistent, the generated login verification result is login verification fail.
In this embodiment of the present invention, optionally, the login request further carries a first network address, and in an implementation manner of generating a login verification result according to the login request, the method may include: and searching a second network address cached by the server according to the user identifier carried by the login request, and determining that the login verification is passed when the first network address and the second network address are determined to be consistent.
The first network address is a network address carried by the login request, and when the application program on the client sends the login request, the current network address of the client is obtained and added into the login request to be sent to the server. The second network address is a network address cached by the server, and may be a network address acquired by the server when the application program on the client sends a token acquisition request to the server, or a network address acquired by the server when the client logs in for the first time. The server searches a second network address corresponding to the user identification cached by the server according to the user identification carried by the login request, then compares whether the first network address is consistent with the second network address, if the first network address is consistent with the second network address, the login verification result is generated to be that the login verification is passed, and if the first network address is inconsistent with the second network address, the login verification result is generated to be that the login verification is not passed, so that the control of the local network address of the client is realized, and the login safety of using the application program on the client for login is improved.
And 204, sending the login verification result to the client, so that the client jumps to a web browser corresponding to the application program under the condition that the login verification result is successful, and a target page of the client in a login state is opened in the web browser.
In the embodiment of the present invention, the specific implementation manner of this step may refer to the description in the foregoing embodiment, and details are not described herein.
To sum up, according to the embodiments of the present invention, a login request carrying a device unique identifier of a client and sent by the client for installing an application is received, it is determined that the device unique identifier exists in a device list, a login authentication result is generated according to the login request, the login authentication result is sent to the client, so that the client jumps to a web browser corresponding to the application when the login authentication result is successful, so as to open a target page of the client in a login state in the web browser, so that when the login operation is not allowed to be directly performed through the web browser, the client switches to the web browser after logging in, thereby avoiding the problems that the web browser can remember information such as an account number and a password, and a user can log in on his or other client, therefore, the problems of difficulty in management and hidden danger in safety caused by the existing login mode are solved, and the login safety is improved.
EXAMPLE III
Referring to fig. 3, a block diagram of a login apparatus in a third embodiment of the present invention is shown, and the login apparatus is applied to a client, and may specifically include:
an identifier obtaining module 301, configured to obtain a device unique identifier of the client that installs the application program;
a request sending module 302, configured to send a login request carrying the unique device identifier to a server of the application program, so that after determining that the unique device identifier exists in a device list, the server generates a login verification result according to the login request;
a result receiving module 303, configured to receive the login verification result returned by the server;
a page opening module 304, configured to jump to a web browser corresponding to the application program when the login verification result is that the login verification is successful, so as to open a target page of the client in a login state in the web browser.
In this embodiment of the present invention, optionally, the login request further carries an equipment token, and the apparatus further includes:
a token generation module, configured to send a token acquisition request to a server of the application before sending a login request carrying the unique device identifier to the server, so that the server verifies a user identifier, a user password, a user group identifier, and the unique device identifier carried in the token acquisition request, and if a verification result is consistent, generate the device token according to the user identifier, the unique device identifier, and a timestamp of the token acquisition request;
and the token receiving module is used for receiving the equipment token returned by the server.
In this embodiment of the present invention, optionally, the apparatus further includes:
the information receiving module is used for receiving prompt information which is returned by the server and does not exist in the equipment list;
and the prompting module is used for prompting that the unique equipment identifier does not exist in the equipment list according to the prompting information.
In this embodiment of the present invention, optionally, the login verification result includes a page link of the target page, and the page opening module includes:
the instruction sending submodule is used for sending a control instruction to the web browser, wherein the control instruction carries the page link;
and the page opening sub-module is used for opening the target page in the web browser according to the control instruction.
To sum up, according to the embodiments of the present invention, a login request carrying a device unique identifier is sent to a server of an application program by obtaining the device unique identifier of the client that installs the application program, so that the server generates a login authentication result according to the login request after determining that the device unique identifier exists in a device list, receives the login authentication result returned by the server, and jumps to a web browser corresponding to the application program when the login authentication result is successful, so as to open a target page of the client in a login state in the web browser, so that when the login operation is not allowed directly through the web browser, the client logs in and then switches to the web browser, thereby avoiding that the web browser memorizes information such as an account number and a password, and the user can log in on the client of the user or others, thereby solving the problems of difficult management and hidden danger in safety caused by the existing login mode and improving the login safety.
Referring to fig. 4, a block diagram of a login apparatus in a fourth embodiment of the present invention is shown, and the login apparatus is applied to a server, and may specifically include:
a request receiving module 401, configured to receive a login request that is sent by a client that installs an application and carries an apparatus unique identifier of the client;
a determining module 402, configured to determine that the device unique identifier exists in a device list;
a result generating module 403, configured to generate a login verification result according to the login request;
a result sending module 404, configured to send the login verification result to the client, so that the client jumps to a web browser corresponding to the application program when the login verification result is that the login verification is successful, so that a target page of the client in a login state is opened in the web browser.
In this embodiment of the present invention, optionally, the login request further carries an equipment token, and the apparatus further includes:
the request receiving module is used for receiving a token acquisition request sent by a client side for installing an application program before receiving a login request which is sent by the client side and carries a device unique identifier of the client side;
the verification module is used for verifying the user identification, the user password, the user group identification and the unique equipment identification carried by the token acquisition request;
the token generation module is used for generating the equipment token according to the user identifier, the equipment unique identifier and the timestamp of the token acquisition request if the verification result is consistent;
and the token sending module is used for sending the equipment token to the client.
In this embodiment of the present invention, optionally, the result generating module includes:
the data generation submodule is used for generating verification data according to the user identifier and the unique device identifier cached by the server and the timestamp of the token acquisition request;
the comparison submodule is used for comparing the equipment token with the verification data to obtain a comparison result;
and the result generation submodule is used for generating the login verification result according to the comparison result.
In this embodiment of the present invention, optionally, the login request further carries a first network address, and the result generating module includes:
the address searching submodule is used for searching a second network address cached by the server according to the user identification carried by the login request;
and the determining submodule is used for determining that the login verification is passed when the first network address and the second network address are determined to be consistent.
To sum up, according to the embodiments of the present invention, a login request carrying a device unique identifier of a client and sent by the client for installing an application is received, it is determined that the device unique identifier exists in a device list, a login authentication result is generated according to the login request, the login authentication result is sent to the client, so that the client jumps to a web browser corresponding to the application when the login authentication result is successful, so as to open a target page of the client in a login state in the web browser, so that when the login operation is not allowed to be directly performed through the web browser, the client switches to the web browser after logging in, thereby avoiding the problems that the web browser can remember information such as an account number and a password, and a user can log in on his or other client, therefore, the problems of difficulty in management and hidden danger in safety caused by the existing login mode are solved, and the login safety is improved.
For the device embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, refer to the partial description of the method embodiment.
Fig. 5 is a block diagram of an electronic device according to an embodiment of the present invention. As shown in fig. 5, the electronic device 800 may include one or more processors 801 and one or more memories 802 coupled to the processors 801. The electronic device 800 may also include an input interface 803 and an output interface 804 for communicating with another apparatus or system. Program code executed by the CPU of the processor 801 may be stored in the memory 802.
The processor 801 in the electronic device 800 calls the program code stored in the memory 802 to execute the login method in the above-described embodiment.
The processor is the control center of the server and provides a processing device for executing instructions, performing interrupt operations, providing timing functions and various other functions. The processor may be a single core (single CPU) processor or a multi-core (multi-CPU) processor. Unless otherwise stated, a component such as a processor or a memory described as performing a task may be implemented as a general component, which is temporarily used to perform the task at a given time, or as a specific component specially manufactured to perform the task. The term "processor" as used herein refers to one or more devices, circuits and/or processing cores that process data, such as computer program instructions.
The above elements in the above server may be connected to each other by a bus, such as one of a data bus, an address bus, a control bus, an expansion bus, and a local bus, or any combination thereof.
There is also provided, in accordance with an embodiment of the present invention, a computer-readable storage medium having a computer program stored thereon, where the storage medium may be a Read-Only Memory (ROM) or a Read-write medium, such as a hard disk or a flash Memory. The computer program, when executed by a processor, implements the login method of the aforementioned embodiments.
The embodiments in the present specification are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, apparatus, or computer program product. Accordingly, embodiments of the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, embodiments of the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
Embodiments of the present invention are described with reference to flowchart illustrations and/or block diagrams of methods, terminal devices (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing terminal to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing terminal, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing terminal to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing terminal to cause a series of operational steps to be performed on the computer or other programmable terminal to produce a computer implemented process such that the instructions which execute on the computer or other programmable terminal provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications of these embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all such alterations and modifications as fall within the scope of the embodiments of the invention.
Finally, it should also be noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or terminal that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or terminal. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or terminal that comprises the element.
The login method, the login device, the electronic device and the login medium provided by the invention are described in detail, a specific example is applied in the description to explain the principle and the implementation of the invention, and the description of the embodiment is only used for helping to understand the method and the core idea of the invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.

Claims (13)

1. A login method is applied to a client side and comprises the following steps:
acquiring a device unique identifier of the client for installing the application program;
sending a login request carrying the unique equipment identifier to a server of the application program, so that the server generates a login verification result according to the login request after determining that the unique equipment identifier exists in an equipment list;
receiving the login verification result returned by the server;
when the login verification result is that the login verification is successful, jumping to a web browser corresponding to the application program, so that a target page of the client in a login state is opened in the web browser;
the login verification result includes a page link of the target page, and the jump to the web browser corresponding to the application program is performed, so that the step of opening the target page of the client in the login state in the web browser includes:
sending a control instruction to the web browser, wherein the control instruction carries the page link;
and opening the target page in the web browser according to the control instruction.
2. The method according to claim 1, wherein the login request further carries a device token, and before the login request carrying the device unique identifier is sent to the server of the application program, the method further comprises:
sending a token acquisition request to the server side, so that the server side can verify a user identifier, a user password, a user group identifier and the unique device identifier carried in the token acquisition request, and if the verification result is consistent, generating the device token according to the user identifier, the unique device identifier and a timestamp of the token acquisition request;
and receiving the device token returned by the server.
3. The method of claim 1, further comprising:
when the application program on the client is used for logging for the first time or the unique device identifier is not added into the device list of the server, receiving prompt information which is returned by the server and does not exist in the device list;
and prompting that the unique equipment identifier does not exist in the equipment list according to the prompt information.
4. A login method is applied to a server side and comprises the following steps:
receiving a login request which is sent by a client for installing an application program and carries a unique equipment identifier of the client;
determining that the device unique identifier exists in a device list;
generating a login verification result according to the login request;
sending the login verification result to the client, so that the client jumps to a web browser corresponding to the application program under the condition that the login verification result is successful, and a target page of the client in a login state is opened in the web browser;
the login verification result includes a page link of the target page, and the jump to the web browser corresponding to the application program is performed, so that the step of opening the target page of the client in the login state in the web browser includes:
sending a control instruction to the web browser, wherein the control instruction carries the page link;
and opening the target page in the web browser according to the control instruction.
5. The method of claim 4, wherein the login request further carries a device token, and before the receiving of the login request carrying the device unique identifier of the client sent by the client for installing the application, the method further comprises:
receiving a token acquisition request sent by the client;
verifying the user identification, the user password, the user group identification and the unique equipment identification carried by the token acquisition request;
if the verification result is consistent, generating the equipment token according to the user identification, the equipment unique identification and the time stamp of the token acquisition request;
sending the device token to the client.
6. The method of claim 5, wherein generating a login verification result based on the login request comprises:
generating verification data according to the user identifier and the unique device identifier cached by the server and the timestamp of the token acquisition request;
comparing the equipment token with the verification data to obtain a comparison result;
and generating the login verification result according to the comparison result.
7. The method of claim 4, wherein the login request further carries a first network address, and wherein generating a login verification result according to the login request comprises:
searching a second network address cached by the server according to the user identifier carried by the login request;
and when the first network address and the second network address are determined to be consistent, determining that the login verification is passed.
8. A login device applied to a client comprises:
the identification acquisition module is used for acquiring the unique equipment identification of the client side for installing the application program;
the request sending module is used for sending a login request carrying the unique equipment identifier to a server of the application program, so that the server generates a login verification result according to the login request after determining that the unique equipment identifier exists in an equipment list;
the result receiving module is used for receiving the login verification result returned by the server;
the page opening module is used for jumping to a webpage browser corresponding to the application program under the condition that the login verification result is successful, so that a target page of the client in a login state is opened in the webpage browser;
the login verification result includes a page link of the target page, and the jump to the web browser corresponding to the application program is performed, so that the step of opening the target page of the client in the login state in the web browser includes:
sending a control instruction to the web browser, wherein the control instruction carries the page link;
and opening the target page in the web browser according to the control instruction.
9. The apparatus of claim 8, wherein the login request further carries a device token, the apparatus further comprising:
a token generation module, configured to send a token acquisition request to a server of the application before sending a login request carrying the unique device identifier to the server, so that the server verifies a user identifier, a user password, a user group identifier, and the unique device identifier carried in the token acquisition request, and if a verification result is consistent, generate the device token according to the user identifier, the unique device identifier, and a timestamp of the token acquisition request;
and the token receiving module is used for receiving the equipment token returned by the server.
10. A login device is applied to a server side and comprises:
the request receiving module is used for receiving a login request which is sent by a client side for installing an application program and carries a unique device identifier of the client side;
a determining module, configured to determine that the device unique identifier exists in a device list;
the result generation module is used for generating a login verification result according to the login request;
a result sending module, configured to send the login verification result to the client, so that the client jumps to a web browser corresponding to the application program when the login verification result is that login verification is successful, so that a target page of the client in a login state is opened in the web browser;
the login verification result includes a page link of the target page, and the jump to the web browser corresponding to the application program is performed, so that the step of opening the target page of the client in the login state in the web browser includes:
sending a control instruction to the web browser, wherein the control instruction carries the page link;
and opening the target page in the web browser according to the control instruction.
11. The apparatus of claim 10, wherein the login request further carries a device token, the apparatus further comprising:
the request receiving module is used for receiving a token acquisition request sent by a client side for installing an application program before receiving a login request which is sent by the client side and carries a device unique identifier of the client side;
the verification module is used for verifying the user identification, the user password, the user group identification and the unique equipment identification carried by the token acquisition request;
the token generation module is used for generating the equipment token according to the user identifier, the equipment unique identifier and the timestamp of the token acquisition request if the verification result is consistent;
and the token sending module is used for sending the equipment token to the client.
12. An electronic device, comprising: processor, memory and computer program stored on the memory and executable on the processor, which computer program, when executed by the processor, implements a login method as claimed in any one of claims 1-7.
13. A computer-readable storage medium, characterized in that a computer program is stored on the computer-readable storage medium, which computer program, when being executed by a processor, carries out the login method according to one of claims 1 to 7.
CN201911418866.3A 2019-12-31 2019-12-31 Login method, device, electronic equipment and medium Active CN111181977B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911418866.3A CN111181977B (en) 2019-12-31 2019-12-31 Login method, device, electronic equipment and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911418866.3A CN111181977B (en) 2019-12-31 2019-12-31 Login method, device, electronic equipment and medium

Publications (2)

Publication Number Publication Date
CN111181977A CN111181977A (en) 2020-05-19
CN111181977B true CN111181977B (en) 2021-06-04

Family

ID=70650815

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911418866.3A Active CN111181977B (en) 2019-12-31 2019-12-31 Login method, device, electronic equipment and medium

Country Status (1)

Country Link
CN (1) CN111181977B (en)

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116361755A (en) * 2020-06-28 2023-06-30 支付宝(杭州)信息技术有限公司 Application program login verification method, device, equipment and storage medium
CN112069436B (en) * 2020-08-11 2024-07-02 长沙市到家悠享网络科技有限公司 Page display method, system and equipment
CN112039889B (en) * 2020-08-31 2022-11-29 康键信息技术(深圳)有限公司 Password-free login method, device, equipment and storage medium
CN112187815B (en) * 2020-09-30 2023-04-28 湖南快乐阳光互动娱乐传媒有限公司 Method and system for acquiring unique identifier of electronic equipment
CN112380506B (en) * 2020-11-11 2024-07-23 随锐科技集团股份有限公司 Method, system, storage medium and electronic equipment for automatically logging in browser
CN112990913A (en) * 2021-03-26 2021-06-18 中国工商银行股份有限公司 Automatic filling method, server and system for browser payment login page
CN113377302A (en) * 2021-06-16 2021-09-10 苏州博瑞凯德信息技术有限公司 Passive login method and device for printer, storage medium and electronic equipment
CN113360868A (en) * 2021-06-29 2021-09-07 平安普惠企业管理有限公司 Application program login method and device, computer equipment and storage medium
CN113569229B (en) * 2021-09-18 2021-12-24 北京金堤科技有限公司 Synchronous login method and device, storage medium and electronic equipment
CN114124534A (en) * 2021-11-24 2022-03-01 航天信息股份有限公司 Data interaction system and method
CN114172716A (en) * 2021-12-02 2022-03-11 北京金山云网络技术有限公司 Login method, login device, electronic equipment and storage medium
CN114422179B (en) * 2021-12-10 2023-11-21 北京升明科技有限公司 Login method and device of terminal equipment browser

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104767719A (en) * 2014-01-07 2015-07-08 阿里巴巴集团控股有限公司 Method and server for determining whether log-in terminal of website being mobile terminal or not
CN109981664A (en) * 2019-03-29 2019-07-05 北京致远互联软件股份有限公司 Website logging method, device and the realization device of page end

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7673135B2 (en) * 2005-12-08 2010-03-02 Microsoft Corporation Request authentication token
CN102833276A (en) * 2011-06-14 2012-12-19 赛酷特(北京)信息技术有限公司 Webpage login system based on token
CN103139182B (en) * 2011-12-01 2016-04-06 北大方正集团有限公司 A kind of method that user of permission accesses, client, server and system
CN105991614B (en) * 2015-03-03 2019-07-23 阿里巴巴集团控股有限公司 It is a kind of it is open authorization, resource access method and device, server
CN113014568B (en) * 2016-10-10 2023-06-30 创新先进技术有限公司 Account login method, equipment and server
CN108040065B (en) * 2017-12-22 2021-02-19 平安养老保险股份有限公司 Login-free method and device after webpage skipping, computer equipment and storage medium
CN108289101B (en) * 2018-01-25 2021-02-12 中企动力科技股份有限公司 Information processing method and device

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104767719A (en) * 2014-01-07 2015-07-08 阿里巴巴集团控股有限公司 Method and server for determining whether log-in terminal of website being mobile terminal or not
CN109981664A (en) * 2019-03-29 2019-07-05 北京致远互联软件股份有限公司 Website logging method, device and the realization device of page end

Also Published As

Publication number Publication date
CN111181977A (en) 2020-05-19

Similar Documents

Publication Publication Date Title
CN111181977B (en) Login method, device, electronic equipment and medium
CA2697632C (en) System and method for authentication, data transfer, and protection against phishing
US20120254768A1 (en) Customizing mobile applications
CN106911684B (en) Authentication method and system
WO2015062362A1 (en) Method, device, and system for user login
MX2008011277A (en) Digipass for the web-functional description.
CN104767719A (en) Method and server for determining whether log-in terminal of website being mobile terminal or not
US20100235754A1 (en) User information widgets and methods for updating and retrieving user information
Tate et al. Multi-user dynamic proofs of data possession using trusted hardware
CN108810003B (en) Safety verification scheme for multi-service party message access
CN111818088A (en) Authorization mode management method and device, computer equipment and readable storage medium
CN112995357B (en) Domain name management method, device, medium and electronic equipment based on cloud hosting service
US8127033B1 (en) Method and apparatus for accessing local computer system resources from a browser
RU2638779C1 (en) Method and server for executing authorization of application on electronic device
CN105959293B (en) The management method and device of electronic account
CN111259368A (en) Method and equipment for logging in system
KR101745919B1 (en) User authentication method and system using software-based HSM without password exposure
CN109729045A (en) Single-point logging method, system, server and storage medium
US20190098045A1 (en) Browser injection prevention method, browser client and apparatus
US20230403562A1 (en) Systems and methods for verified communication between mobile applications
CN111404946B (en) Account authentication method based on browser and server
CN112597118B (en) Shared file adding method and device
CN115174122A (en) Verification code generation method, verification code verification method, device, equipment and medium
EP2374084A1 (en) Midlet signing and revocation
CN112134705B (en) Data authentication method and device, storage medium and electronic device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant