CN111898110A - Method, device, server and storage medium for acquiring user identity information - Google Patents
Method, device, server and storage medium for acquiring user identity information Download PDFInfo
- Publication number
- CN111898110A CN111898110A CN202010776705.8A CN202010776705A CN111898110A CN 111898110 A CN111898110 A CN 111898110A CN 202010776705 A CN202010776705 A CN 202010776705A CN 111898110 A CN111898110 A CN 111898110A
- Authority
- CN
- China
- Prior art keywords
- token
- user equipment
- user
- identity information
- acquisition request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
Abstract
The application relates to a method, a device, a server and a storage medium for acquiring user identity information. The method comprises the following steps: receiving a token acquisition request sent by user equipment when the user equipment restarts the application program, randomly generating a temporary token according to the token acquisition request, extracting user identity information from a first token previously distributed to the user equipment according to an identifier of the user equipment in the token acquisition request, and adding the user identity information to the temporary token to obtain a second token. By adopting the method, when the user equipment determines that the first token is invalid, the server can find the corresponding first token through the identification of the user equipment, and extract the user identity information from the first token and generate the second token, so that the process that the user logs in the application program again to input the user privacy information is avoided, and the possibility of exposing the user privacy information is greatly avoided.
Description
Technical Field
The present application relates to the field of internet technologies, and in particular, to a method, an apparatus, a server, and a storage medium for acquiring user identity information.
Background
With the rapid development of mobile internet, Applications (APPs) at a mobile terminal are increasing, and a user can meet some use requirements of the user through interaction with the APPs. Generally, in the interaction process between a user and an APP, data acquisition cannot be performed, and the APP generally needs to interact with a back-end server to acquire data required by the user, and then is displayed to the user.
Generally, the APP includes a start state and a login state, and the APP can acquire data in the start state and also in the login state. Generally, when an APP is started, a back-end server randomly generates a temporary token (token) and sends the token to the APP, and after a user logs in the APP through user privacy information (such as an account number and a password), the server obtains basic identity information (such as a user nickname and a user level) of the user, adds the basic identity information to the temporary token, and sends the temporary token added with the basic identity information to the APP to be stored locally. Therefore, when the APP requests the back-end server to acquire data, the back-end server only needs to check the validity of the temporary token carried in the data acquisition request of the APP, and returns the requested data to the APP when the token is legal.
However, since the token has timeliness, when the token fails, the back-end server may lose the basic identity information of the user, so that when the back-end server needs to obtain the basic identity information of the user again, the user needs to log in the APP again, the complexity of user operation is increased, and the possibility of exposing the privacy information of the user is increased.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a method, an apparatus, a server and a storage medium for acquiring user identity information.
A method for acquiring user identity information comprises the following steps:
receiving a token acquisition request sent by user equipment when the user equipment starts an application program again, wherein the token acquisition request carries an identifier of the user equipment; when the user equipment starts the application program again, determining that the first token locally stored by the user equipment is invalid;
and randomly generating a temporary token according to the token acquisition request, extracting user identity information from a first token which is previously distributed to the user equipment according to the identifier of the user equipment, and adding the user identity information to the temporary token to obtain a second token.
In one embodiment, before receiving the token obtaining request sent when the user equipment starts the application again, the method further includes:
receiving a login request which is sent by the user equipment and used for logging in the application program, wherein the login request carries a previous temporary token, user privacy information and user identity information;
under the condition that the user privacy information is verified to be legal, adding the user identity information to the prior temporary token to obtain the first token;
and sending the first token to the user equipment.
In one embodiment, before receiving a login request sent by the user equipment for logging in the application program, the method further includes:
receiving a starting request sent by a user when an application program is started in advance, wherein the starting request carries an identifier of the user equipment;
randomly generating the prior temporary token according to the identifier of the user equipment, and establishing a mapping relation between the identifier of the user equipment and the prior temporary token;
and sending the prior temporary token to the user equipment.
In one embodiment, after obtaining the second token, the method further includes:
and sending the second token to the user equipment, so that the user equipment can locally store the second token.
In one embodiment, after obtaining the second token, the method further includes:
and establishing a mapping relation between the second token and the identifier of the user equipment.
In one embodiment, the method further includes:
receiving a data acquisition request sent by the user equipment, wherein the data acquisition request carries a token to be verified;
and if the token to be verified is the same as the second token, sending the data corresponding to the data acquisition request to the user equipment.
In one embodiment, the user identity information includes a user name and a user rating of the user in the application.
An apparatus for acquiring user identity information, the apparatus comprising:
the receiving module is used for receiving a token acquisition request sent by user equipment when the user equipment restarts an application program, wherein the token acquisition request carries an identifier of the user equipment; when the user equipment starts the application program again, determining that the first token locally stored by the user equipment is invalid;
a first generation module, configured to randomly generate a temporary token according to the token acquisition request;
and the second generation module is used for extracting user identity information from the first token which is distributed to the user equipment in advance according to the identification of the user equipment, and adding the user identity information to the temporary token to obtain a second token.
A server comprises a receiver, a memory and a processor, wherein the memory stores a computer program, and the receiver is used for receiving a token acquisition request sent by user equipment when the user equipment restarts an application program when executing the computer program, wherein the token acquisition request carries an identifier of the user equipment; when the user equipment starts the application program again, determining that the first token locally stored by the user equipment is invalid;
the processor, when executing the computer program, is configured to randomly generate a temporary token according to the token acquisition request, extract user identity information from a first token previously assigned to the user equipment according to the identifier of the user equipment, and add the user identity information to the temporary token to obtain a second token.
A computer-readable storage medium, on which a computer program is stored which, when executed by a processor, carries out the steps of:
receiving a token acquisition request sent by user equipment when the user equipment starts an application program again, wherein the token acquisition request carries an identifier of the user equipment; when the user equipment starts the application program again, determining that the first token locally stored by the user equipment is invalid;
and randomly generating a temporary token according to the token acquisition request, extracting user identity information from a first token which is previously distributed to the user equipment according to the identifier of the user equipment, and adding the user identity information to the temporary token to obtain a second token.
According to the method, the device, the server and the storage medium for acquiring the user identity information, the server receives a token acquisition request sent by the user equipment when the application program is restarted, a temporary token is randomly generated according to the token acquisition request, the user identity information is extracted from a first token which is previously allocated to the user equipment according to the identification of the user equipment in the token acquisition request, and the user identity information is added into the temporary token to obtain a second token. That is to say, in the method of the present application, when the user equipment determines that the first token is invalid, the server may find the corresponding first token through the identifier of the user equipment, and extract the user identity information from the first token and generate the second token, thereby avoiding a process in which the user logs in the application program again to input the user privacy information, and further greatly avoiding a possibility of exposing the user privacy information.
Drawings
FIG. 1 is a diagram of an exemplary environment in which a method for obtaining user identity information may be implemented;
FIG. 2 is a flowchart illustrating a method for obtaining user identity information according to an embodiment;
fig. 3 is a schematic flow chart of a method for acquiring user identity information in another embodiment;
fig. 4 is a schematic flow chart of a method for acquiring user identity information in another embodiment;
FIG. 5 is a block diagram of an apparatus for obtaining user identification information according to an embodiment;
fig. 6 is an internal configuration diagram of a server in one embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
The method for acquiring the user identity information can be applied to the application environment shown in fig. 1. Wherein the terminal 101 communicates with the server 102 via a network. The terminal 101 may be, but not limited to, various personal computers, notebook computers, smart phones, tablet computers, and portable wearable devices, and the server 102 may be implemented by an independent server or a server cluster formed by a plurality of servers.
In an embodiment, as shown in fig. 2, a method for obtaining user identity information is provided, which is described by taking the method as an example applied to the server in fig. 1, and includes the following steps:
s201, receiving a token acquisition request sent by user equipment when the user equipment restarts an application program, wherein the token acquisition request carries an identifier of the user equipment; and when the user equipment starts the application program again, determining that the first token locally stored by the user equipment is invalid.
In particular, an application generally includes a launch state and a login state, where the launch state may correspond to an unregistered state. The APP can acquire data in a starting state and can also acquire data in a login state. In this embodiment, when a user decides to log in an application, a login request is generally sent to a server through a user device where the application is located, where the login request carries user privacy information, such as a user name or a password, and may also carry a previous temporary token that the server sends to the application when the application is started. When the server verifies that the user privacy information is legal, the server determines that the user can log in the current application program, and the server forms a first token together with the user identity information carried in the login request and the online temporary token, and sends the first token to the user equipment for local storage.
However, due to the timeliness of the token, if the user wants to start the application again after a certain time interval, but the first token stored locally before is expired or invalid, the user equipment will send a token acquisition request to the server again, where the acquisition request carries the identifier of the user equipment. Optionally, the identifier of the user equipment may be a unique Identifier (ID) of the user equipment where the application program is currently located; optionally, if the ID of the user equipment where the application program is located can be directly obtained, the user terminal device TD is preferentially used; if the user equipment where the application program is located restricts the acquisition of the user equipment ID, a unique identification code corresponding to the application program of the current user equipment can be generated through the related program to serve as the identification of the user equipment.
S202, randomly generating a temporary token according to the token acquisition request, extracting user identity information from a first token which is previously distributed to the user equipment according to the identification of the user equipment, and adding the user identity information to the temporary token to obtain a second token.
Specifically, the server side is preset with a correspondence between the identifier of the user equipment and a first token previously assigned to the user equipment, and is preset with identifiers of other user equipments and identifiers of tokens previously assigned to the other user equipments. After receiving a token acquisition request sent by user equipment, a server randomly generates a temporary token, which can be a 32-bit random character string, and acquires a failed first token corresponding to an identifier of the user equipment from a preset corresponding relationship by combining the identifier of the user equipment carried in the token acquisition request. Since the first token includes the user identity information, the server may extract the user identity information based on the first token, for example, the server may extract the user identity information from the first token through a refresh plugin or a refresh tool. And finally, the server adds the user identity information to the temporary token to obtain a second token, so that the second token comprises the user identity information. Optionally, the user identity information may include a user name and a user level of the user in the application program, where the user name may be a nickname of the user in the application program, and the user level may represent a right, an annual fund, a honor level, and the like of the user using the application program.
In the traditional technology, after a token containing user identity information is invalid, a user is required to log in an application program again by inputting user privacy information, and a server regenerates a token containing the user identity information and issues the token to user equipment after verifying that the token is legal, so that the complexity of user operation is increased, and the possibility of exposing the user privacy information is also increased; however, as can be seen from the description of the above embodiment, after the first token is invalid, the server may obtain, according to the identifier of the user equipment carried in the token obtaining request sent when the application program is restarted, the first token used by the user equipment before from the corresponding relationship, extract the user identity information from the first token, and further form the second token with the temporary token.
According to the method for acquiring the user identity information, a server receives a token acquisition request sent when user equipment restarts an application program, a temporary token is randomly generated according to the token acquisition request, the user identity information is extracted from a first token which is distributed to the user equipment in advance according to the identification of the user equipment in the token acquisition request, and the user identity information is added to the temporary token to obtain a second token. That is to say, in the embodiment of the application, when the user equipment determines that the first token is invalid, the server may find the corresponding first token through the identifier of the user equipment, and extract the user identity information from the first token and generate the second token, so that a process that the user logs in the application program again to input the user privacy information is avoided, and further, the possibility that the user privacy information is exposed is greatly avoided.
Fig. 3 is a schematic flowchart of a method for acquiring user identity information in another embodiment, which relates to an alternative implementation process in which a server issues a first token to a user equipment. On the basis of the above embodiment, as shown in fig. 3, before S201, the method further includes:
s301, a login request sent by user equipment for logging in an application program is received, wherein the login request carries a previous temporary token, user privacy information and user identity information.
In particular, as previously described, an application generally includes a launch state and a login state, wherein the launch state may correspond to an unregistered state. The APP can acquire data in a starting state and can also acquire data in a login state. The interaction between the user equipment and the server in the startup state and the login state is specifically described herein.
When the application program is started, the user equipment sends a starting request to the server, and the starting request carries the identification of the user equipment. After receiving the start request, the server randomly generates a previous temporary token according to the identifier of the user equipment, and establishes a mapping relationship between the identifier of the user equipment and the previous temporary token, wherein the previous temporary token is a token not containing user identity information. The server then sends the previous temporary token to the user device. Thus, in the application startup state (i.e. in the non-logged state of the application), if the application wants to acquire some data, the application may carry the previous temporary token in a data acquisition request sent to the server. And after verifying that the prior temporary token is the token corresponding to the identifier of the user equipment, the server sends the required data to the user equipment.
If the user wants to log in the application program after the application program is started, the user equipment sends a login request to the server, wherein the login request carries the prior temporary token, the user privacy information and the user identity information. The user privacy information may be a user account and password, or may also be sensitive information such as a user's identification number.
S302, under the condition that the user privacy information is verified to be legal, the user identity information is added to the previous temporary token to obtain a first token.
Specifically, after receiving a login request from a user, the server extracts user privacy information in the login request, and verifies the user privacy information, for example, whether a user name and a password input by the user are correct is verified, and the verification process may be: verifying whether the user name carried in the user login request exists or not through the user name and the password which are pre-stored in the server and used when the user is registered; if the user name does not exist, returning a result that the user name does not exist to the user equipment; if the user name exists, verifying whether the password carried in the user login request is consistent with the password stored in the server by the user name; if the verification result is inconsistent, returning a result of the password error to the user equipment; if the verification result is consistent, the user name and password information carried in the user login request is correct, and if the verification is passed, the successful login result is returned to the user equipment.
And after the server verifies that the user privacy information is legal, adding the user identity information carried in the login request to the previous temporary token to obtain a first token, and storing the first token in the server.
S303, sending the first token to the user equipment.
And the server sends the first token added with the user identity information to the user equipment, and the user equipment locally stores the first token. The first token is used for a page which can be accessed only by a user logging in an application program, when the user equipment requests to acquire data from the server, the first token can be carried in the data acquisition request, the server verifies the validity of the first token carried in the data acquisition request, and if the verification is passed, the server returns the data corresponding to the data acquisition request to the user equipment.
In this embodiment, the server receives an identifier start request carrying user equipment sent when a user starts an application program in advance, randomly generates a previous temporary token according to the identifier of the user equipment, establishes a mapping relationship between the identifier of the user equipment and the previous temporary token, and sends the previous temporary token to the user equipment, so that when the user wants to log in the application program, the user equipment can send a login request carrying the previous temporary token, user privacy information, and user identity information to the server, and after receiving the login request and under the condition that the user privacy information is verified to be legal, the server adds the user identity information to the previous temporary token to obtain a first token and sends the first token to the user equipment, and meanwhile, the server binds the identifier of the user equipment and the first token. Therefore, after the first token is invalid, when the server receives a token acquisition request for acquiring the token again, the server can find the corresponding first token through the identification of the user equipment in the token acquisition request, extract the user identity information from the first token and generate the second token, so that the process that the user logs in the application program again to input the user privacy information is avoided, and the possibility of exposing the user privacy information is greatly avoided.
In one embodiment, after the above S202, the method further comprises:
and sending the second token to the user equipment, so that the user equipment can locally store the second token.
And the server sends the second token added with the user identity information to the user equipment, so that the user equipment can locally store the second token. Because the second token already contains the user identity information, when the application program sends a data acquisition request which can be obtained only by user login, the second token locally stored by the user equipment is carried, and the server returns data required by the data acquisition request after verifying that the second token is legal.
Optionally, the server may further establish a mapping relationship between the second token and the identifier of the user equipment, so that after the second token fails, the server may find the second token from the corresponding relationship stored in the server according to the identifier of the user equipment in the token acquisition request sent again by the user equipment, and further extract the user identity information, thereby ensuring that the server can continuously acquire the user identity information from the failed token, and further avoiding a process that the user needs to log in the application again to acquire the user identity information, thereby avoiding a possibility that the user privacy information is exposed, and further enabling the user identity information to be persistently stored in the server.
Fig. 4 is a flowchart illustrating a method for acquiring user identity information in another embodiment, which relates to a complete process from start-up to login to data acquisition of a user equipment. As shown in fig. 4, the method includes:
s401: when the user equipment starts the application program, a starting request is sent to the server. The start request carries an identifier of the user equipment.
S402: the server receives the initiation request.
S403: and the server randomly generates a prior temporary token according to the identifier of the user equipment and establishes a mapping relation between the identifier of the user equipment and the prior temporary token.
S404: and the server sends the prior temporary token to the user equipment.
S405: in the starting state of the application program, the user equipment sends a first data acquisition request to the server, wherein the first data acquisition request carries a previous temporary token.
S406: the server receives the first data acquisition request and verifies whether the prior temporary token is legal or not.
S407: and after the server verifies that the prior temporary token is legal, sending first data corresponding to the first data acquisition request to the user equipment.
S408: and the user equipment sends a login request for logging in the application program to the server, wherein the login request carries the prior temporary token, the user privacy information and the user identity information.
S409: and the server receives the login request, and adds the user identity information to the prior temporary token to obtain a first token under the condition of verifying that the user privacy information is legal.
S410: and the server sends the first token to the user equipment.
At this point, the application on the user device is in a logged-on state. Assuming that the first token is invalid after a period of time, the following steps may be performed.
S411: and when the user equipment determines that the first token is invalid after the application program is started again, the user equipment sends a token acquisition request to the server, wherein the token acquisition request carries the identifier of the user equipment.
S412: the server randomly generates a temporary token according to the token acquisition request, extracts user identity information from a first token previously distributed to the user equipment according to the identifier of the user equipment, and adds the user identity information to the temporary token to obtain a second token.
S413: and the server sends the second token to the user equipment, so that the user equipment can locally store the second token.
S414: if the user equipment wants to acquire data in the application program login state, the user equipment may send a second data acquisition request to the server, where the second data acquisition request carries a token to be authenticated.
Specifically, in the process of accessing the application program, the user needs to continuously interact with the server to obtain data of different pages. After the user sends a second data acquisition request carrying the token to be verified to the server, the server can extract the token to be verified based on the second acquisition request; the token to be verified is a token locally stored by the user equipment, the token locally stored by the user equipment is a corresponding token generated by the server according to the identifier of the user equipment, and the token is also added with user identity information.
S415: and the server verifies the validity of the token to be verified, and if the token to be verified is the same as the second token, the server sends the data corresponding to the second data acquisition request to the user equipment.
The server compares the token to be verified with a second token stored in a server database, and if the token to be verified is the same as the second token, the token to be verified is legal and is not falsified or forged; that is, it can be verified that the second data acquisition request is a request sent to the server by the user equipment, and the server sends data corresponding to the second data acquisition request to the user equipment.
In the embodiment, the server compares the token to be verified carried in the received data request with the second token stored in the server database, and if the token to be verified is the same as the second token, the server sends the data corresponding to the data acquisition request to the user equipment, so that the security of data interaction between the application program and the server can be ensured, the user information can be protected, and the possibility that the user information is stolen can be reduced.
It should be understood that although the various steps in the flow charts of fig. 2-4 are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least some of the steps in fig. 2-4 may include multiple steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed in turn or alternately with other steps or at least some of the other steps.
In one embodiment, as shown in fig. 5, there is provided an apparatus for acquiring user identity information, including: a receiving module 10, a first generating module 11 and a second generating module 12, wherein:
a receiving module 10, configured to receive a token acquisition request sent when the user equipment restarts the application program, where the token acquisition request carries an identifier of the user equipment; when the user equipment starts the application program again, determining that the first token locally stored by the user equipment is invalid;
a first generating module 11, configured to randomly generate a temporary token according to the token obtaining request;
a second generating module 12, configured to extract, according to the identifier of the user equipment, user identity information from a first token previously allocated to the user equipment, and add the user identity information to the temporary token to obtain a second token.
In one embodiment, on the basis of the above embodiment, the above apparatus further includes: a third generation module and a sending module. In this embodiment, the receiving module 10 is further configured to receive a login request for logging in the application program, where the login request is sent by the user equipment and carries a previous temporary token, user privacy information, and user identity information, before receiving a token acquisition request sent by the user equipment when the application program is restarted; the third generating module is configured to, under a condition that the user privacy information is verified to be legitimate, add the user identity information to the previous temporary token to obtain the first token; the sending module is configured to send the first token to the user equipment.
In one embodiment, on the basis of the above embodiment, the above apparatus further includes: and a fourth generation module. In this embodiment, the receiving module 10 is further configured to receive, before receiving a login request sent by the user equipment and used for logging in the application program, a start request sent by a user when the user starts the application program first, where the start request carries an identifier of the user equipment; the fourth generating module is configured to randomly generate the previous temporary token according to the identifier of the user equipment, and establish a mapping relationship between the identifier of the user equipment and the previous temporary token; the sending module is further configured to send the previous temporary token to the user equipment.
In an embodiment, the sending module is further configured to send the second token to the user equipment after the second generating module 12 obtains the second token, so that the user equipment locally stores the second token.
In an embodiment, the second generating module 12 is further configured to establish a mapping relationship between the second token and the identifier of the user equipment.
In an embodiment, the receiving module 10 is further configured to receive a data obtaining request sent by the user equipment, where the data obtaining request carries a token to be verified; the sending module is further configured to send data corresponding to the data obtaining request to the user equipment when the token to be verified is the same as the second token.
In one embodiment, the user identity information includes a user name and a user rating of the user in the application.
The implementation principle and technical effect of the apparatus for acquiring user identity information provided by the above embodiment may be referred to the above embodiment, and are not described herein again.
For specific limitations of the means for acquiring the user identity information, reference may be made to the above limitations on the method for acquiring the user identity information, which are not described herein again. All or part of the modules in the device for acquiring the user identity information can be realized by software, hardware and a combination thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In one embodiment, a computer device is provided, which may be a server, and its internal structure diagram may be as shown in fig. 6. The computer device includes a processor, a memory, a network interface, a receiver, and a transmitter connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The database of the computer device is used for storing data of the identification, token and user identity information of the user device. The network interface of the computer device is used for communicating with an external terminal through a network connection. The receiver and the transmitter of the computer device can be arranged independently, or can be integrated into a transceiver for carrying out air interface communication with an external terminal. The computer program is executed by a processor to implement a method of obtaining user identity information.
Those skilled in the art will appreciate that the architecture shown in fig. 6 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
In one embodiment, a server is provided comprising a receiver, a memory having a computer program stored therein, and a processor; the receiver is used for receiving a token acquisition request sent by user equipment when the user equipment restarts an application program when executing the computer program, wherein the token acquisition request carries an identifier of the user equipment; when the user equipment starts the application program again, determining that the first token locally stored by the user equipment is invalid; the processor is configured to randomly generate a temporary token according to the token obtaining request when executing the computer program, extract user identity information from a first token previously allocated to the user equipment according to the identifier of the user equipment, and add the user identity information to the temporary token to obtain a second token.
In one embodiment, the server further comprises a transmitter. In this embodiment, the receiver is further configured to receive a login request sent by the user equipment for logging in the application program before receiving a token acquisition request sent by the user equipment when the application program is restarted, where the login request carries a previous temporary token, user privacy information, and user identity information; the processor is further configured to add the user identity information to the previous temporary token to obtain the first token when the user privacy information is verified to be legitimate; the transmitter is configured to transmit the first token to the user equipment.
In an embodiment, the receiver is further configured to receive, before receiving a login request sent by the user equipment for logging in the application program, a start request sent by a user when the user starts the application program first, where the start request carries an identifier of the user equipment; the processor is further configured to randomly generate the previous temporary token according to the identifier of the user equipment, and establish a mapping relationship between the identifier of the user equipment and the previous temporary token; the transmitter is further configured to transmit the previous temporary token to the user equipment.
In an embodiment, the transmitter is further configured to send the second token to the user equipment after obtaining the second token, so that the user equipment locally stores the second token.
In an embodiment, the processor is further configured to establish a mapping relationship between the second token and the identifier of the user equipment after obtaining the second token.
In an embodiment, the receiver is further configured to receive a data acquisition request sent by the user equipment, where the data acquisition request carries a token to be verified; the transmitter is further configured to send data corresponding to the data acquisition request to the user equipment when the token to be authenticated is the same as the second token.
In one embodiment, the user identity information includes a user name and a user rating of the user in the application.
In one embodiment, a computer-readable storage medium is provided, having a computer program stored thereon, which when executed by a processor, performs the steps of:
receiving a token acquisition request sent by user equipment when the user equipment starts an application program again, wherein the token acquisition request carries an identifier of the user equipment; when the user equipment starts the application program again, determining that the first token locally stored by the user equipment is invalid;
and randomly generating a temporary token according to the token acquisition request, extracting user identity information from a first token which is previously distributed to the user equipment according to the identifier of the user equipment, and adding the user identity information to the temporary token to obtain a second token.
In one embodiment, the computer program when executed by the processor further performs the steps of: receiving a login request which is sent by the user equipment and used for logging in the application program, wherein the login request carries a previous temporary token, user privacy information and user identity information; the user identity information comprises a user name and a user grade of the user in the application program; under the condition that the user privacy information is verified to be legal, adding the user identity information to the prior temporary token to obtain the first token; and sending the first token to the user equipment.
In one embodiment, the computer program when executed by the processor further performs the steps of: receiving a starting request sent by a user when an application program is started first, wherein the starting request carries an identifier of the user equipment; randomly generating the prior temporary token according to the identifier of the user equipment, and establishing a mapping relation between the identifier of the user equipment and the prior temporary token; and sending the prior temporary token to the user equipment.
In one embodiment, the computer program when executed by the processor further performs the steps of: and sending the second token to the user equipment, so that the user equipment can locally store the second token.
In one embodiment, the computer program when executed by the processor further performs the steps of: and establishing a mapping relation between the second token and the identifier of the user equipment.
In one embodiment, the computer program when executed by the processor further performs the steps of: receiving a data acquisition request sent by the user equipment, wherein the data acquisition request carries a token to be verified; and if the token to be verified is the same as the second token, sending the data corresponding to the data acquisition request to the user equipment.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database or other medium used in the embodiments provided herein can include at least one of non-volatile and volatile memory. Non-volatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical storage, or the like. Volatile Memory can include Random Access Memory (RAM) or external cache Memory. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM), among others.
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.
Claims (10)
1. A method for acquiring user identity information is characterized by comprising the following steps:
receiving a token acquisition request sent by user equipment when the user equipment starts an application program again, wherein the token acquisition request carries an identifier of the user equipment; when the user equipment starts the application program again, determining that the first token locally stored by the user equipment is invalid;
and randomly generating a temporary token according to the token acquisition request, extracting user identity information from a first token which is previously distributed to the user equipment according to the identification of the user equipment, and adding the user identity information to the temporary token to obtain a second token.
2. The method of claim 1, wherein before receiving the token obtaining request sent when the user equipment restarts the application, the method further comprises:
receiving a login request which is sent by the user equipment and used for logging in the application program, wherein the login request carries a previous temporary token, user privacy information and user identity information;
under the condition that the user privacy information is verified to be legal, adding the user identity information to the prior temporary token to obtain the first token;
sending the first token to the user equipment.
3. The method of claim 2, wherein prior to receiving the login request sent by the user device to login to the application, the method further comprises:
receiving a starting request sent by a user when an application program is started in advance, wherein the starting request carries an identifier of the user equipment;
randomly generating the prior temporary token according to the identifier of the user equipment, and establishing a mapping relation between the identifier of the user equipment and the prior temporary token;
sending the prior temporary token to the user equipment.
4. The method of any of claims 1-3, wherein after obtaining the second token, the method further comprises:
and sending the second token to the user equipment, so that the user equipment can locally store the second token.
5. The method of any of claims 1-3, wherein after obtaining the second token, the method further comprises:
establishing a mapping relationship between the second token and the identity of the user equipment.
6. The method of claim 4, further comprising:
receiving a data acquisition request sent by the user equipment, wherein the data acquisition request carries a token to be verified;
and if the token to be verified is the same as the second token, sending the data corresponding to the data acquisition request to the user equipment.
7. The method of claim 2, wherein the user identity information comprises a user name and a user rating of the user in the application.
8. An apparatus for acquiring user identity information, comprising:
the receiving module is used for receiving a token acquisition request sent by user equipment when the user equipment restarts an application program, wherein the token acquisition request carries an identifier of the user equipment; when the user equipment starts the application program again, determining that the first token locally stored by the user equipment is invalid;
a first generation module, configured to randomly generate a temporary token according to the token acquisition request;
and the second generation module is used for extracting user identity information from the first token which is allocated to the user equipment in advance according to the identifier of the user equipment, and adding the user identity information to the temporary token to obtain a second token.
9. A server comprising a receiver, a memory storing a computer program, and a processor, characterized in that,
the receiver is configured to receive a token acquisition request sent when the user equipment restarts the application program when executing the computer program, where the token acquisition request carries an identifier of the user equipment; when the user equipment starts the application program again, determining that the first token locally stored by the user equipment is invalid;
the processor, when executing the computer program, is configured to randomly generate a temporary token according to the token acquisition request, extract user identity information from a first token previously assigned to the user equipment according to the identifier of the user equipment, and add the user identity information to the temporary token to obtain a second token.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010776705.8A CN111898110A (en) | 2020-08-05 | 2020-08-05 | Method, device, server and storage medium for acquiring user identity information |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010776705.8A CN111898110A (en) | 2020-08-05 | 2020-08-05 | Method, device, server and storage medium for acquiring user identity information |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111898110A true CN111898110A (en) | 2020-11-06 |
Family
ID=73245831
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010776705.8A Pending CN111898110A (en) | 2020-08-05 | 2020-08-05 | Method, device, server and storage medium for acquiring user identity information |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111898110A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113378221A (en) * | 2021-06-11 | 2021-09-10 | 上海妙一生物科技有限公司 | Account information processing method and device |
| CN113708938A (en) * | 2021-10-28 | 2021-11-26 | 湖南新云网科技有限公司 | Token obtaining method, token obtaining device and terminal equipment |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140355034A1 (en) * | 2013-05-29 | 2014-12-04 | Canon Kabushiki Kaisha | Image forming apparatus, server device, information processing method, and computer-readable storage medium |
| US20170111345A1 (en) * | 2015-10-16 | 2017-04-20 | Bank Of America Corporation | Tokenization of sensitive personal data for use in transactions |
| CN107948186A (en) * | 2017-12-13 | 2018-04-20 | 山东浪潮商用系统有限公司 | A kind of safety certifying method and device |
| CN108363786A (en) * | 2018-02-12 | 2018-08-03 | 苏州朗动网络科技有限公司 | Load method, apparatus, computer equipment and the storage medium of data |
| CN108989291A (en) * | 2018-06-25 | 2018-12-11 | 阿里巴巴集团控股有限公司 | Login validation method, the verification method of automated log on, server-side and client |
| CN109495426A (en) * | 2017-09-12 | 2019-03-19 | 腾讯科技(深圳)有限公司 | A kind of data access method, device and electronic equipment |
| CN109660343A (en) * | 2019-01-17 | 2019-04-19 | 平安科技(深圳)有限公司 | Token updating method, device, computer equipment and storage medium |
| CN109802941A (en) * | 2018-12-14 | 2019-05-24 | 平安科技(深圳)有限公司 | A kind of login validation method, device, storage medium and server |
| CN110493202A (en) * | 2019-07-29 | 2019-11-22 | 深圳壹账通智能科技有限公司 | Log in generation and the verification method, device and server of token |
| CN111107073A (en) * | 2019-12-11 | 2020-05-05 | 数字广东网络建设有限公司 | Application automatic login method and device, computer equipment and storage medium |
| CN111212095A (en) * | 2020-04-20 | 2020-05-29 | 国网电子商务有限公司 | Authentication method, server, client and system for identity information |
-
2020
- 2020-08-05 CN CN202010776705.8A patent/CN111898110A/en active Pending
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140355034A1 (en) * | 2013-05-29 | 2014-12-04 | Canon Kabushiki Kaisha | Image forming apparatus, server device, information processing method, and computer-readable storage medium |
| US20170111345A1 (en) * | 2015-10-16 | 2017-04-20 | Bank Of America Corporation | Tokenization of sensitive personal data for use in transactions |
| CN109495426A (en) * | 2017-09-12 | 2019-03-19 | 腾讯科技(深圳)有限公司 | A kind of data access method, device and electronic equipment |
| CN107948186A (en) * | 2017-12-13 | 2018-04-20 | 山东浪潮商用系统有限公司 | A kind of safety certifying method and device |
| CN108363786A (en) * | 2018-02-12 | 2018-08-03 | 苏州朗动网络科技有限公司 | Load method, apparatus, computer equipment and the storage medium of data |
| CN108989291A (en) * | 2018-06-25 | 2018-12-11 | 阿里巴巴集团控股有限公司 | Login validation method, the verification method of automated log on, server-side and client |
| CN109802941A (en) * | 2018-12-14 | 2019-05-24 | 平安科技(深圳)有限公司 | A kind of login validation method, device, storage medium and server |
| CN109660343A (en) * | 2019-01-17 | 2019-04-19 | 平安科技(深圳)有限公司 | Token updating method, device, computer equipment and storage medium |
| CN110493202A (en) * | 2019-07-29 | 2019-11-22 | 深圳壹账通智能科技有限公司 | Log in generation and the verification method, device and server of token |
| CN111107073A (en) * | 2019-12-11 | 2020-05-05 | 数字广东网络建设有限公司 | Application automatic login method and device, computer equipment and storage medium |
| CN111212095A (en) * | 2020-04-20 | 2020-05-29 | 国网电子商务有限公司 | Authentication method, server, client and system for identity information |
Non-Patent Citations (1)
| Title |
|---|
| 郭烜: "手机动态令牌认证系统的研究与实现", 《中国优秀硕士学位论文全文数据库 信息科技辑》, no. 08, pages 138 - 895 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113378221A (en) * | 2021-06-11 | 2021-09-10 | 上海妙一生物科技有限公司 | Account information processing method and device |
| CN113378221B (en) * | 2021-06-11 | 2022-09-23 | 上海妙一生物科技有限公司 | Account information processing method and device |
| CN113708938A (en) * | 2021-10-28 | 2021-11-26 | 湖南新云网科技有限公司 | Token obtaining method, token obtaining device and terminal equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6756051B2 (en) | Reliable login methods, servers, and systems | |
| CN113079134B (en) | Mobile terminal access method, mobile terminal access device, computer equipment and medium | |
| CN109684873B (en) | Data access control method and device, computer equipment and storage medium | |
| CN104025505A (en) | Method, Device, And System For Managing User Authentication | |
| US20200145421A1 (en) | Method for authentication and authorization and authentication server using the same | |
| CN112559993B (en) | Identity authentication method, device and system and electronic equipment | |
| CN103475484B (en) | USB key authentication methods and system | |
| CN110198296B (en) | Authentication method and device, storage medium and electronic device | |
| CN111241555B (en) | Access method and device for simulating user login, computer equipment and storage medium | |
| CN110839014B (en) | Authentication method, authentication device, computer equipment and readable storage medium | |
| CN106254319B (en) | Light application login control method and device | |
| CN111176794A (en) | Container management method and device and readable storage medium | |
| CN111291345A (en) | Voiceprint data processing method and device, computer equipment and storage medium | |
| WO2019140790A1 (en) | Service tracking method and apparatus, terminal device, and storage medium | |
| CN111898110A (en) | Method, device, server and storage medium for acquiring user identity information | |
| CN110691085A (en) | Login method, login device, password management system and computer readable medium | |
| CN109286933B (en) | Authentication method, device, system, computer equipment and storage medium | |
| CN112860778A (en) | Database management method, device, equipment and medium for desktop application program | |
| CN116484338A (en) | Database access method and device | |
| JP2017102842A (en) | Personal identification system, personal identification information output system, authentication server, personal identification method, personal identification information output method, and program | |
| WO2021169469A1 (en) | Voiceprint data processing method and apparatus, computer device, and storage medium | |
| CN107005558B (en) | Location-based user disambiguation | |
| CN114238883A (en) | Identity authentication method, device, equipment and storage medium | |
| CN108418809B (en) | Chat data processing method and device, computer equipment and storage medium | |
| CN113872990A (en) | VPN network certificate authentication method and device based on SSL protocol and computer equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |