CN111343168B - Identity authentication method and device, computer equipment and readable storage medium - Google Patents

Identity authentication method and device, computer equipment and readable storage medium Download PDF

Info

Publication number
CN111343168B
CN111343168B CN202010102388.1A CN202010102388A CN111343168B CN 111343168 B CN111343168 B CN 111343168B CN 202010102388 A CN202010102388 A CN 202010102388A CN 111343168 B CN111343168 B CN 111343168B
Authority
CN
China
Prior art keywords
information
access
verification code
terminal
accessed
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010102388.1A
Other languages
Chinese (zh)
Other versions
CN111343168A (en
Inventor
李正航
艾文敏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
OneConnect Financial Technology Co Ltd Shanghai
Original Assignee
OneConnect Financial Technology Co Ltd Shanghai
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by OneConnect Financial Technology Co Ltd Shanghai filed Critical OneConnect Financial Technology Co Ltd Shanghai
Priority to CN202010102388.1A priority Critical patent/CN111343168B/en
Publication of CN111343168A publication Critical patent/CN111343168A/en
Priority to PCT/CN2021/071060 priority patent/WO2021164459A1/en
Application granted granted Critical
Publication of CN111343168B publication Critical patent/CN111343168B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a method, a device, computer equipment and a readable storage medium for identity authentication, wherein the method comprises the following steps: receiving an access request sent by an access terminal; wherein the access request comprises: verification code and accessed terminal information; judging whether the verification code is valid or not, and searching the access authority level corresponding to the verification code from a local database under the condition that the verification code is valid; judging whether the access terminal information is contained in a permission list corresponding to the access permission level; when the access terminal information is contained in the authority list, obtaining login password information corresponding to the access authority level from a password database corresponding to the access terminal information; sending the login password information to an accessed terminal corresponding to the access request so as to log in the accessed terminal by using the login password information; the invention can simplify the login process and improve the access security.

Description

Identity authentication method and device, computer equipment and readable storage medium
Technical Field
The invention relates to the technical field of internet, in particular to an identity authentication method, an identity authentication device, computer equipment and a readable storage medium.
Background
With the continuous development of internet technology, enterprises generally need to interface multiple business systems to implement different business operations, for example, enterprises in the financial industry need to interface multiple business systems for product management, instruction management, wind control compliance management, financial management, and the like; however, each business system has different login entries, the user terminal in the enterprise needs to use different business systems through frequent login operations, the identity authentication modes of each business system are different, and the user terminal in the enterprise needs to acquire login account information of each business system; therefore, how to simplify the complexity of the user terminal accessing each service system and ensure the security of the user terminal accessing the service system by the enterprise becomes a technical problem which needs to be solved urgently.
Disclosure of Invention
The invention aims to provide an identity authentication method, an identity authentication device, computer equipment and a readable storage medium, which can simplify a login process and improve access security.
According to an aspect of the present invention, there is provided an identity authentication method, specifically including the steps of:
receiving an access request sent by an access terminal; wherein the access request comprises: verification code and accessed terminal information;
judging whether the verification code is valid or not, and searching the access authority level corresponding to the verification code from a local database under the condition that the verification code is valid;
judging whether the access terminal information is contained in a permission list corresponding to the access permission level;
when the access terminal information is contained in the authority list, obtaining login password information corresponding to the access authority level from a password database corresponding to the access terminal information;
and sending the login password information to an accessed terminal corresponding to the access request so as to log in the accessed terminal by utilizing the login password information.
Optionally, before the receiving the access request sent by the access terminal, the method further includes:
receiving platform registration information sent by the access terminal; wherein the platform registration information includes: login account information and user basic information;
generating the verification code according to the login account information, and determining the access authority level according to the user basic information;
and storing the verification code and the access authority level into the local database, and sending the verification code to the access terminal.
Optionally, the determining whether the verification code is valid specifically includes:
and when the verification code exists in the local database and the time interval between the first time for storing the verification code and the second time for receiving the access request is less than a preset threshold value, judging that the verification code is valid.
Optionally, the method further includes:
sending invitation information to the accessed terminal through a preset interface, and receiving connection establishment approval information fed back by the accessed terminal through the preset interface;
and configuring a database according to the connection establishment agreement information to provide an access entrance for accessing the accessed terminal.
Optionally, after the access terminal successfully logs in the access terminal, the method further includes:
obtaining event information to be handled and reminding event information from the accessed terminal; wherein the event information to be handled includes: the event reminding method comprises the following steps of obtaining information of the number of events to be handled, name information of the events to be handled and skip link information of the events to be handled, wherein the reminding event information comprises: reminding event number information, reminding event name information and reminding event skip link information;
and displaying the information of the event to be handled and the information of the reminding event through a display interface.
According to another aspect of the present invention, there is also provided an identity verification apparatus, which specifically includes the following components:
the receiving module is used for receiving the access request sent by the access terminal; wherein the access request comprises: verification code and accessed terminal information;
the searching module is used for judging whether the verification code is valid or not and searching the access authority level corresponding to the verification code from a local database under the condition that the verification code is valid;
the judging module is used for judging whether the access terminal information is contained in the authority list corresponding to the access authority level;
the acquisition module is used for acquiring login password information corresponding to the access authority level from a password database corresponding to the accessed terminal information when the authority list contains the accessed terminal information;
and the sending module is used for sending the login password information to an accessed terminal corresponding to the access request so as to log in the accessed terminal by using the login password information.
Optionally, the apparatus further comprises:
the processing module is used for receiving the platform registration information sent by the access terminal; wherein the platform registration information includes: login account information and user basic information; generating the verification code according to the login account information, and determining the access authority level according to the user basic information; and storing the verification code and the access authority level into the local database, and sending the verification code to the access terminal.
Optionally, the determining module is specifically configured to:
and when the verification code exists in the local database and the time interval between the first time for storing the verification code and the second time for receiving the access request is less than a preset threshold value, judging that the verification code is valid.
According to another aspect of the present invention, there is also provided a computer device, specifically including: a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the steps of the method of authentication described above when executing the program.
According to another aspect of the present invention, there is also provided a computer readable storage medium, on which a computer program is stored, which program, when being executed by a processor, carries out the steps of the method of authentication described above.
According to the identity authentication method, the identity authentication device, the computer equipment and the readable storage medium, the access terminal can access each service system through the integrated platform integrating each service system, so that unified access entries of different service systems are realized, and the tedious work of repeatedly accessing each service system is reduced; the invention provides a unified identity verification mechanism, realizes the function of repeated authentication of once login, and greatly reduces the maintenance cost of identity verification. In addition, the invention can also improve the safety of identity authentication.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
fig. 1 is a schematic flow chart of an alternative method for authentication according to an embodiment;
fig. 2 is a schematic diagram of an alternative program module of the apparatus for identity authentication according to the third embodiment;
fig. 3 is a schematic diagram of an alternative hardware architecture of the computer device according to the fourth embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example one
The embodiment of the invention provides an identity authentication method, which is applied to a financial-industry resource management integrated platform, and as shown in figure 1, the identity authentication method specifically comprises the following steps:
step S101: receiving an access request sent by an access terminal; wherein the access request comprises: verification code, accessed terminal information.
In this embodiment, the resource management integrated platform is an integrated platform integrating a plurality of resource management service systems; the access terminal is a user terminal used for accessing each resource management service system through the resource management integrated platform; each of the asset management service systems integrated in the asset management integration platform can be regarded as a visited end. Preferably, the accessed terminal information is the IP address information or the ID information of the accessed terminal;
specifically, before the receiving the access request sent by the access terminal, the method further includes:
step A1: receiving platform registration information sent by the access terminal; wherein the platform registration information includes: login account information and user basic information;
when a user logs in the resource management integration platform for the first time through the access terminal, a registration operation is required; in the registration operation process, the user needs to log in the resource management integration platform by using the login account information and report the basic information of the user.
Preferably, the user level information includes: the system comprises user current network environment information, user affiliated department information and user position information.
Step A2: generating the verification code according to the login account information, and determining the access authority level according to the user basic information;
preferably, the access right level includes: high, medium, low; the higher the access authority level is, the more the number of the accessed terminals accessible by the access terminal is; in step a2, the access right level may be determined according to a preset algorithm based on the current network environment information of the user, the department information of the user, and the position information of the user.
Step A3: and storing the verification code and the access authority level into a local database, and sending the verification code to the access terminal.
Step S102: and judging whether the verification code is valid or not, and searching the access authority level corresponding to the verification code from the local database under the condition that the verification code is valid.
Specifically, the determining whether the verification code is valid specifically includes:
and when the verification code exists in the local database and the time interval between the first time for storing the verification code and the second time for receiving the access request is less than a preset threshold value, judging that the verification code is valid.
In the application, the verification code has timeliness, and after the verification code is expired, a new verification code needs to be distributed to the user again, so that the safety of the resource management integration platform is improved.
Step S103: and judging whether the access terminal information is contained in the authority list corresponding to the access authority level.
Specifically, the method further comprises:
respectively setting a corresponding authority list for each access authority level; each permission list contains accessed terminal information which can be accessed by the corresponding access permission level.
In this embodiment, different users have different access right levels, and the types of accessed terminals that can be accessed by the users are limited by setting the access right levels of the users.
Step S104: and when the access terminal information is contained in the authority list, obtaining login password information corresponding to the access authority level from a password database corresponding to the access terminal information.
Specifically, the method further comprises:
respectively setting a corresponding password database for each accessed terminal information, and respectively setting corresponding login password information for each access authority level in each password database; and the access right of the user in the accessed terminal is limited by different login password information.
Step S105: and sending the login password information to the access terminal so that the access terminal can log in the accessed terminal by using the login password information.
In this embodiment, the identity of the user is verified through the verification code, whether the user can access the accessed terminal is judged according to the access authority level, and finally the user logs in the accessed terminal through the login password information corresponding to the access authority level.
Specifically, the method further comprises:
sending invitation information to the accessed terminal through a preset interface, and receiving connection establishment approval information fed back by the accessed terminal through the preset interface;
and configuring a database according to the connection establishment agreement information to provide an access entrance for accessing the accessed terminal.
In this embodiment, the asset management integration platform integrates access portals of various types of asset management service systems (i.e., accessed terminals), and a user can access each asset management service system through the asset management integration platform.
Further, after the access terminal successfully logs in the access terminal, the method further includes:
obtaining event information to be handled and reminding event information from the accessed terminal; wherein the event information to be handled includes: the event reminding method comprises the following steps of obtaining information of the number of events to be handled, name information of the events to be handled and skip link information of the events to be handled, wherein the reminding event information comprises: reminding event number information, reminding event name information and reminding event skip link information;
and displaying the information of the event to be handled and the information of the reminding event through a display interface.
In this embodiment, the user can visually check the backlog and the reminder in each asset management service system, and quickly access the detailed data through the backlog link and the reminder link.
Example two
The embodiment of the invention provides an identity authentication method, which is applied to a resource management integration platform, wherein the resource management integration platform integrates various resource management service systems, and an access terminal can access the various resource management service systems through the resource management integration platform; specifically, the asset management integration platform comprises: the system comprises a user interaction module, an identity authentication module and a service module; the user interaction module is connected with the access terminal, so that the access terminal can log in the resource management integration platform through the user interaction module; the identity authentication module is used for performing identity authentication and authority authentication on the user logging in the resource management integration platform, and only the user who passes the identity authentication and has corresponding authority can access the corresponding service module through the resource management integration platform; each service module corresponds to a resource management service system, and the service module comprises: the system comprises a product management module, an instruction management module, a wind control compliance management module, a combination management module and a financial management module.
The identity authentication method specifically comprises the following steps:
step S201: the user interaction module receives a service access request from an access terminal and judges whether the service access request contains a verification code;
if yes, go to step S202; if not, a rejection request message is sent to the access terminal.
The service access request is information which is input by a user on the access terminal and is used for requesting a certain service operation; the service access request comprises: the method comprises the steps of verifying codes, service module information to be accessed by a user and service information to be executed by the user;
it should be noted that the service module information in this embodiment is equivalent to the visited end information in the first embodiment, and the service module in this embodiment is equivalent to the visited end in the first embodiment.
Specifically, before step S201, the method further includes:
step A1: the user interaction module receives platform registration information sent by the access terminal and sends the platform registration information to the identity verification module; wherein the platform registration information includes: login account information and user basic information;
step A2: the identity authentication module generates the authentication code according to the login account information and determines the access authority level according to the user basic information;
step A3: the identity authentication module stores the authentication code and the access authority level into a local database and sends the authentication code to the user interaction module;
step A4: and the user interaction module sends the verification code to the access terminal.
Specifically, the access terminal stores the authentication information into a cookie when receiving the authentication code.
In this embodiment, when an access terminal logs in the resource management integration platform for the first time, registration is required to be performed, so that the resource management integration platform generates a verification code for the access terminal.
Step S202: and the user interaction module sends the verification code and the service module information in the service access request to the identity verification module.
Step S203: the identity authentication module judges whether the authentication code is valid, if so, the step S204 is executed; if not, sending authentication failure information to the user interaction module, so that the user interaction module sends an access refusing message to the access terminal when receiving the authentication failure information.
Specifically, the method further comprises:
in step a3, the authentication module stores the first time at which the authentication information was formed in the local database.
Further, in step S203, the identity authentication module obtains a second time when the identity authentication module is received, and determines whether a time interval between the second time and the first time is smaller than a preset threshold, if so, sends a verification failure message to the user interaction module, and if not, determines that the verification code is valid.
In this embodiment, a unique verification code is generated for each user logging in the resource management integration platform, and when the user needs to access any service module through the resource management integration platform, the user interaction module sends the verification code of the user to the identity verification module to verify the identity verification information of the user; in this embodiment, when a user logs in the resource management integration platform for the first time, the identity authentication module may assign an authentication code to the user, and after obtaining the authentication code, the user may access the service module through the resource management integration platform within a set time period.
Step S204: the identity authentication module searches an access authority level corresponding to the authentication code from a local database and judges whether the service module information is contained in an authority list corresponding to the access authority level; if so, executing step S205, otherwise, sending verification failure information to the user interaction module, so that the user interaction module sends a message of denying access to the access terminal when receiving the verification failure information.
Specifically, before step S204, a corresponding permission list is set in the identity authentication module for each access permission level; each permission list contains the service module information which can be accessed by the corresponding access permission level.
In this embodiment, different users have different access right levels, and the types of service modules that can be accessed by the users are limited by setting the access right levels of the users.
Step S205: and the identity authentication module acquires login password information corresponding to the access authority level from a password database corresponding to the service module information.
Specifically, before step S205, the method further includes: the identity authentication module sets a corresponding password database for each service module respectively, and sets corresponding login password information for each access authority level in the password database of each service module respectively; and limiting the access right of the user in the service module through different login password information.
In this embodiment, the identity authentication module authenticates the identity of the user through the authentication code, determines whether the user can access the service module according to the access permission level, and finally logs in the service module through login password information corresponding to the access permission level.
Step S206: and the identity authentication module sends the login password information to a service module corresponding to the service module information so as to login the service module, thereby executing corresponding resource management service according to the service information.
Specifically, the resource management integration platform further comprises: building a connecting module; the connection module is used for establishing the connection between the resource management integration platform and each resource management service system, and therefore, the method further comprises the following steps:
step B1: the building module sends invitation information to each resource management service system which needs to be integrated in the resource management integration platform through an HTTP API (hyper text transport protocol API) interface;
step B2: the connection establishing module receives connection establishing agreement information fed back by each resource management service system through an HTTP API;
wherein the connection establishment agreement information comprises: service module name information, service module access authority information, and service module access address information.
Step B3: and the connection module performs database configuration according to the connection agreement information so as to provide an access entrance for accessing each resource management service system in the resource management integration platform.
Further, the resource management integration platform further comprises: the display module is used for acquiring the information of the event to be handled and the information of the reminding event from the service module after the access terminal successfully logs in the service module; wherein the event information to be handled includes: the event reminding method comprises the following steps of obtaining information of the number of events to be handled, name information of the events to be handled and skip link information of the events to be handled, wherein the reminding event information comprises: reminding event number information, reminding event name information and reminding event skip link information; and sending the to-do time information and the reminding event information to the access terminal so that the access terminal can display the to-do event information and the reminding event information through a display interface.
In this embodiment, the resource management integration platform provides a universal interface based on an OpenAPI for each resource management service system, so that all the resource management service systems of the B/S architecture can be accessed to the resource management integration platform; in addition, the resource management integrated platform provides access entries of all resource management service systems for users in a unified mode through the user interaction module, and displays the information of events to be handled and the information of reminding events of all the resource management service systems for the users through the user interaction module, so that the users can access all the service modules through the user interaction module and check all the events to be handled and all the reminding events.
EXAMPLE III
The embodiment of the invention provides an identity authentication device, which is applied to a resource management integrated platform, and as shown in fig. 2, the identity authentication device specifically comprises the following components:
a receiving module 301, configured to receive an access request sent by an access terminal; wherein the access request comprises: verification code, accessed terminal information.
Specifically, the apparatus further comprises:
the processing module is used for receiving the platform registration information sent by the access terminal; wherein the platform registration information includes: login account information and user basic information; generating the verification code according to the login account information, and determining the access authority level according to the user basic information; and storing the verification code and the access authority level into the local database, and sending the verification code to the access terminal.
The searching module 302 is configured to determine whether the verification code is valid, and search, in a local database, an access permission level corresponding to the verification code when the verification code is valid.
Specifically, the search module 302 is specifically configured to:
and when the verification code exists in the local database and the time interval between the first time for storing the verification code and the second time for receiving the access request is less than a preset threshold value, judging that the verification code is valid.
The judging module 303 is configured to judge whether the authority list corresponding to the access authority level includes the accessed terminal information.
An obtaining module 304, configured to, when the authority list includes the accessed terminal information, obtain login password information corresponding to the access authority level from a password database corresponding to the accessed terminal information.
A sending module 305, configured to send the login password information to the access end, so that the access end logs in the accessed end by using the login password information.
Specifically, the apparatus further comprises:
the integrated module is used for sending invitation information to the accessed terminal through a preset interface and receiving connection establishment approval information fed back by the accessed terminal through the preset interface; and configuring a database according to the connection establishment agreement information to provide an access entrance for accessing the accessed terminal.
Further, the apparatus further comprises:
the display module is used for acquiring information of events to be handled and information of reminding events from the accessed terminal after the accessed terminal successfully logs in the accessed terminal; wherein the event information to be handled includes: the event reminding method comprises the following steps of obtaining information of the number of events to be handled, name information of the events to be handled and skip link information of the events to be handled, wherein the reminding event information comprises: reminding event number information, reminding event name information and reminding event skip link information; and displaying the information of the event to be handled and the information of the reminding event through a display interface.
Example four
The embodiment also provides a computer device, such as a smart phone, a tablet computer, a notebook computer, a desktop computer, a rack server, a blade server, a tower server or a rack server (including an independent server or a server cluster composed of a plurality of servers) capable of executing programs, and the like. As shown in fig. 3, the computer device 40 of the present embodiment at least includes but is not limited to: a memory 401, a processor 402, which may be communicatively coupled to each other via a system bus. It is noted that FIG. 3 only shows the computer device 40 having components 401 and 402, but it is understood that not all of the shown components are required to be implemented, and that more or fewer components may be implemented instead.
In this embodiment, the memory 401 (i.e., a readable storage medium) includes a flash memory, a hard disk, a multimedia card, a card-type memory (e.g., SD or DX memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a read-only memory (ROM), an electrically erasable programmable read-only memory (EEPROM), a programmable read-only memory (PROM), a magnetic memory, a magnetic disk, an optical disk, and the like. In some embodiments, the storage 401 may be an internal storage unit of the computer device 40, such as a hard disk or a memory of the computer device 40. In other embodiments, the memory 401 may also be an external storage device of the computer device 40, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), or the like, provided on the computer device 40. Of course, the memory 401 may also include both internal and external storage devices for the computer device 40. In the present embodiment, the memory 401 is generally used for storing an operating system installed in the computer device 40 and various types of application software, such as program codes of the apparatus for implementing authentication in the third embodiment. Further, the memory 401 may also be used to temporarily store various types of data that have been output or are to be output.
Processor 402 may be a Central Processing Unit (CPU), controller, microcontroller, microprocessor, or other data Processing chip in some embodiments. The processor 402 is generally operative to control the overall operation of the computer device 40.
Specifically, in this embodiment, the processor 402 is configured to execute the program of the method for authentication stored in the processor 402, and the program of the method for authentication implements the following steps when executed:
receiving an access request sent by an access terminal; wherein the access request comprises: verification code and accessed terminal information;
judging whether the verification code is valid or not, and searching the access authority level corresponding to the verification code from a local database under the condition that the verification code is valid;
judging whether the access terminal information is contained in a permission list corresponding to the access permission level;
when the access terminal information is contained in the authority list, obtaining login password information corresponding to the access authority level from a password database corresponding to the access terminal information;
and sending the login password information to an accessed terminal corresponding to the access request so as to log in the accessed terminal by utilizing the login password information.
The specific embodiment process of the above method steps can be referred to in the first embodiment, and the detailed description of this embodiment is not repeated here.
EXAMPLE five
The present embodiments also provide a computer readable storage medium, such as a flash memory, a hard disk, a multimedia card, a card type memory (e.g., SD or DX memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a Read Only Memory (ROM), an Electrically Erasable Programmable Read Only Memory (EEPROM), a Programmable Read Only Memory (PROM), a magnetic memory, a magnetic disk, an optical disk, a server, an App application mall, etc., having stored thereon a computer program that when executed by a processor implements the method steps of:
receiving an access request sent by an access terminal; wherein the access request comprises: verification code and accessed terminal information;
judging whether the verification code is valid or not, and searching the access authority level corresponding to the verification code from a local database under the condition that the verification code is valid;
judging whether the access terminal information is contained in a permission list corresponding to the access permission level;
when the access terminal information is contained in the authority list, obtaining login password information corresponding to the access authority level from a password database corresponding to the access terminal information;
and sending the login password information to an accessed terminal corresponding to the access request so as to log in the accessed terminal by utilizing the login password information.
The specific embodiment process of the above method steps can be referred to in the first embodiment, and the detailed description of this embodiment is not repeated here.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.

Claims (10)

1. A method of identity verification, the method comprising:
receiving an access request sent by an access terminal; wherein the access request comprises: verification code and accessed terminal information;
judging whether the verification code is valid or not, and searching the access authority level corresponding to the verification code from a local database under the condition that the verification code is valid;
judging whether the access terminal information is contained in a permission list corresponding to the access permission level;
when the access terminal information is contained in the authority list, obtaining login password information corresponding to the access authority level from a password database corresponding to the access terminal information;
sending the login password information to an accessed terminal corresponding to the access request so as to log in the accessed terminal by using the login password information;
furthermore, the method further comprises:
respectively setting a corresponding authority list for each access authority level; each authority list comprises accessed terminal information which can be accessed by the corresponding access authority level;
and respectively setting a corresponding password database for each accessed terminal information, and respectively setting corresponding login password information for each access authority level in each password database.
2. The method of identity verification according to claim 1, wherein prior to said receiving the access request sent by the access terminal, the method further comprises:
receiving platform registration information sent by the access terminal; wherein the platform registration information includes: login account information and user basic information;
generating the verification code according to the login account information, and determining the access authority level according to the user basic information;
and storing the verification code and the access authority level into the local database, and sending the verification code to the access terminal.
3. The identity authentication method according to claim 2, wherein the determining whether the verification code is valid specifically comprises:
and when the verification code exists in the local database and the time interval between the first time for storing the verification code and the second time for receiving the access request is less than a preset threshold value, judging that the verification code is valid.
4. The method of identity verification according to claim 1, the method further comprising:
sending invitation information to the accessed terminal through a preset interface, and receiving connection establishment approval information fed back by the accessed terminal through the preset interface;
and configuring a database according to the connection establishment agreement information to provide an access entrance for accessing the accessed terminal.
5. The method for authenticating according to claim 1, wherein after the access terminal successfully logs in the access terminal, the method further comprises:
obtaining event information to be handled and reminding event information from the accessed terminal; wherein the event information to be handled includes: the event reminding method comprises the following steps of obtaining information of the number of events to be handled, name information of the events to be handled and skip link information of the events to be handled, wherein the reminding event information comprises: reminding event number information, reminding event name information and reminding event skip link information;
and displaying the information of the event to be handled and the information of the reminding event through a display interface.
6. An apparatus for identity verification, the apparatus comprising:
the receiving module is used for receiving the access request sent by the access terminal; wherein the access request comprises: verification code and accessed terminal information;
the searching module is used for judging whether the verification code is valid or not and searching the access authority level corresponding to the verification code from a local database under the condition that the verification code is valid;
the judging module is used for judging whether the access terminal information is contained in the authority list corresponding to the access authority level;
the acquisition module is used for acquiring login password information corresponding to the access authority level from a password database corresponding to the accessed terminal information when the authority list contains the accessed terminal information;
the sending module is used for sending the login password information to an accessed terminal corresponding to the access request so as to log in the accessed terminal by using the login password information;
furthermore, the apparatus is further configured to:
respectively setting a corresponding authority list for each access authority level; each authority list comprises accessed terminal information which can be accessed by the corresponding access authority level;
and respectively setting a corresponding password database for each accessed terminal information, and respectively setting corresponding login password information for each access authority level in each password database.
7. The apparatus for identity verification according to claim 6, wherein the apparatus further comprises:
the processing module is used for receiving the platform registration information sent by the access terminal; wherein the platform registration information includes: login account information and user basic information; generating the verification code according to the login account information, and determining the access authority level according to the user basic information; and storing the verification code and the access authority level into the local database, and sending the verification code to the access terminal.
8. The apparatus for identity authentication according to claim 7, wherein the determining module is specifically configured to:
and when the verification code exists in the local database and the time interval between the first time for storing the verification code and the second time for receiving the access request is less than a preset threshold value, judging that the verification code is valid.
9. A computer device, the computer device comprising: memory, processor and computer program stored on the memory and executable on the processor, characterized in that the steps of the method according to any of claims 1 to 5 are implemented when the processor executes the program.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 5.
CN202010102388.1A 2020-02-19 2020-02-19 Identity authentication method and device, computer equipment and readable storage medium Active CN111343168B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202010102388.1A CN111343168B (en) 2020-02-19 2020-02-19 Identity authentication method and device, computer equipment and readable storage medium
PCT/CN2021/071060 WO2021164459A1 (en) 2020-02-19 2021-01-11 Identity verification method and apparatus, computer device, and readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010102388.1A CN111343168B (en) 2020-02-19 2020-02-19 Identity authentication method and device, computer equipment and readable storage medium

Publications (2)

Publication Number Publication Date
CN111343168A CN111343168A (en) 2020-06-26
CN111343168B true CN111343168B (en) 2022-01-28

Family

ID=71186966

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010102388.1A Active CN111343168B (en) 2020-02-19 2020-02-19 Identity authentication method and device, computer equipment and readable storage medium

Country Status (2)

Country Link
CN (1) CN111343168B (en)
WO (1) WO2021164459A1 (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111343168B (en) * 2020-02-19 2022-01-28 深圳壹账通智能科技有限公司 Identity authentication method and device, computer equipment and readable storage medium
CN112528305B (en) * 2020-12-16 2023-10-10 平安银行股份有限公司 Access control method, device, electronic equipment and storage medium
CN113076529B (en) * 2021-04-14 2022-09-27 湖南快乐阳光互动娱乐传媒有限公司 Access control method, device, computer readable storage medium and equipment
CN113707346B (en) * 2021-09-02 2022-06-14 广州方舟信息科技有限公司 Novel online inquiry system and method based on Internet hospital
CN113722691A (en) * 2021-09-14 2021-11-30 京东科技控股股份有限公司 Method and device for realizing self-service access of merchant data
CN114117376B (en) * 2022-01-28 2022-04-15 蘑菇物联技术(深圳)有限公司 Identity authentication method, method for distributing dynamic password and corresponding equipment
CN115964687A (en) * 2022-12-14 2023-04-14 武汉卓讯互动信息科技有限公司 Block chain-based enterprise unified account authentication method and platform

Family Cites Families (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100464336C (en) * 2005-06-14 2009-02-25 华为技术有限公司 Method for controlling system account right
CN102054203A (en) * 2009-11-05 2011-05-11 上海久隆信息工程有限公司 Processing method and device for enterprise-oriented information resource application integration
CN104243532A (en) * 2013-06-21 2014-12-24 鸿富锦精密工业(深圳)有限公司 Data access method and system
CN103457878B (en) * 2013-09-05 2016-03-23 电子科技大学 A kind of access control method based on stream
CN104394174B (en) * 2014-12-15 2017-06-09 邱红涛 The login method and its login system of social networking system
US10783266B2 (en) * 2017-04-06 2020-09-22 Indais Corp. Systems and methods for access control and data management
US11303627B2 (en) * 2018-05-31 2022-04-12 Oracle International Corporation Single Sign-On enabled OAuth token
CN109040024A (en) * 2018-07-06 2018-12-18 广东微云科技股份有限公司 A kind of resource access right control method and system
CN109492374B (en) * 2018-09-26 2022-03-18 平安医疗健康管理股份有限公司 System login method, device, server and storage medium based on identity authentication
CN109670768A (en) * 2018-09-27 2019-04-23 深圳壹账通智能科技有限公司 Right management method, device, platform and the readable storage medium storing program for executing in multi-service domain
CN109150910A (en) * 2018-10-11 2019-01-04 平安科技(深圳)有限公司 Log in token generation and verification method, device and storage medium
CN109257391A (en) * 2018-11-30 2019-01-22 北京锐安科技有限公司 A kind of access authority opening method, device, server and storage medium
CN109639740B (en) * 2019-01-31 2022-02-22 平安科技(深圳)有限公司 Login state sharing method and device based on equipment ID
CN110516454A (en) * 2019-08-13 2019-11-29 苏州浪潮智能科技有限公司 Exchange method, system, device and the computer readable storage medium of more equipment
CN110784450A (en) * 2019-09-24 2020-02-11 云深互联(北京)科技有限公司 Single sign-on method and device based on browser
CN110750765B (en) * 2019-09-27 2022-03-01 奇安信科技集团股份有限公司 Service system, front-end page control method thereof, computer device, and storage medium
CN111343168B (en) * 2020-02-19 2022-01-28 深圳壹账通智能科技有限公司 Identity authentication method and device, computer equipment and readable storage medium

Also Published As

Publication number Publication date
CN111343168A (en) 2020-06-26
WO2021164459A1 (en) 2021-08-26

Similar Documents

Publication Publication Date Title
CN111343168B (en) Identity authentication method and device, computer equipment and readable storage medium
CN111756753B (en) Authority verification method and system
CN108200050B (en) Single sign-on server, method and computer readable storage medium
CN110348239B (en) Desensitization rule configuration method, data desensitization method, system and computer equipment
CN111181975B (en) Account management method, device, equipment and storage medium
CN110784450A (en) Single sign-on method and device based on browser
CN105162775A (en) Logging method and device of virtual machine
CN110222535B (en) Processing device, method and storage medium for block chain configuration file
CN110839014B (en) Authentication method, authentication device, computer equipment and readable storage medium
CN113132402B (en) Single sign-on method and system
CN112532392B (en) Key processing method, device, equipment and storage medium
CN113014475A (en) Message pushing integration method and device
CN111885043B (en) Internet account login method, system, equipment and storage medium
CN105162774A (en) Virtual machine login method and device used for terminal
CN113239397A (en) Information access method, device, computer equipment and medium
CN110601832A (en) Data access method and device
CN110750765B (en) Service system, front-end page control method thereof, computer device, and storage medium
CN109829321B (en) Method, device, equipment and storage medium for authenticating identity
CN103415847A (en) A system and method for accessing a service
CN111259368A (en) Method and equipment for logging in system
CN113946739A (en) Sensitive data query method, device, equipment and storage medium
CN108965108B (en) Message pushing method and related equipment
CN111030997A (en) Method and device for monitoring and filtering internal and external network flow, electronic equipment and storage medium
CN111949363A (en) Service access management method, computer equipment, storage medium and system
CN108052842B (en) Signature data storage and verification method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant