CN112199652A - Login method, terminal, server, system, medium and equipment of application program - Google Patents

Login method, terminal, server, system, medium and equipment of application program Download PDF

Info

Publication number
CN112199652A
CN112199652A CN202011148600.4A CN202011148600A CN112199652A CN 112199652 A CN112199652 A CN 112199652A CN 202011148600 A CN202011148600 A CN 202011148600A CN 112199652 A CN112199652 A CN 112199652A
Authority
CN
China
Prior art keywords
identity authentication
user
login
application program
authentication server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011148600.4A
Other languages
Chinese (zh)
Other versions
CN112199652B (en
Inventor
吴帆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Netease Hangzhou Network Co Ltd
Original Assignee
Netease Hangzhou Network Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Netease Hangzhou Network Co Ltd filed Critical Netease Hangzhou Network Co Ltd
Priority to CN202011148600.4A priority Critical patent/CN112199652B/en
Publication of CN112199652A publication Critical patent/CN112199652A/en
Application granted granted Critical
Publication of CN112199652B publication Critical patent/CN112199652B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication

Abstract

The invention provides a login method, a terminal, a server, a system, a medium and electronic equipment of an application program. Wherein, the method comprises the following steps: sending a login request for logging in an application program to an identity authentication server; in response to receiving a request for acquiring equipment information sent by an identity authentication server, sending the equipment information to the identity authentication server so that the identity authentication server determines an equipment identifier for uniquely representing the terminal based on the equipment information; responding to the identity authentication server to determine that the equipment identification is associated with any one or more accounts in the application set according to the equipment identification, and receiving a login response which is sent by the identity authentication server and takes the user identity as a legal state, so that the user can login the application program; wherein the application set at least comprises application programs. Aiming at the login of the application programs in the application set, the technical scheme can effectively save the computing resources occupied by the identity authentication process and reduce the time consumption for login.

Description

Login method, terminal, server, system, medium and equipment of application program
Technical Field
The present invention relates to the field of information processing technologies, and in particular, to a login method, a terminal, a server, a login system for an application program, and a computer-readable medium and an electronic device for implementing the login system for the application program.
Background
This section is intended to provide a background or context to the invention that is recited in the claims. The description herein is not admitted to be prior art by inclusion in this section.
In order to ensure the security of an account, each application program in the current market generally needs to perform user identity authentication before the user does not perform identity authentication. For example, the identity authentication may be performed by inputting an account and a password, the identity authentication may be performed by the account and biological features such as fingerprints, facial expressions, facial features, and the like, and the identity authentication may be performed by checking the account and a short message. And the application program can provide service for the user after the identity authentication is passed.
Therefore, in the technical scheme provided in the prior art, identity authentication is required before the account of the application program is successfully logged in, and the identity authentication process causes certain waste of computing resources and much time consumption in the login process, so that the user is not facilitated to log in the application program conveniently.
Disclosure of Invention
Therefore, an improved application login system is highly needed to effectively save the computing resources occupied by the identity authentication process, reduce the time consumption for login, and enable the user to conveniently log in the application.
In this context, embodiments of the present invention are intended to provide an application login system, an application login method, a terminal, a server, a computer-readable medium, and an electronic device.
In a first aspect of an embodiment of the present invention, an application login system is provided, which is applied to a terminal, where the terminal is capable of loading a corresponding application, and the method includes:
sending a login request for logging in an application program to an identity authentication server; in response to receiving a request for acquiring equipment information sent by the identity authentication server, sending the equipment information to the identity authentication server so that the identity authentication server determines an equipment identifier for uniquely representing the terminal based on the equipment information; responding to the identity authentication server to determine that the equipment identification is associated with any one or more accounts in the application set according to the equipment identification, and receiving a login response which is sent by the identity authentication server and is in a legal state, wherein the login response is used for a user to log in the application program; wherein the set of applications includes at least the application program.
In an exemplary embodiment, based on the foregoing scheme, the method further includes: responding to any account number in the application set which is not related to the equipment identification, and receiving a user identity authentication request generated by the identity authentication server so as to authenticate the identity of the user; receiving identity authentication information of the user as an identity authentication response and sending the identity authentication response to the identity authentication server so that the identity authentication server associates the equipment identifier and a first account corresponding to the identity authentication information after the identity authentication of the user is successful; and responding to the successful identity authentication of the identity authentication server to the user based on the identity authentication response, receiving a login response which is sent by the identity authentication server and takes the user identity as a legal state, and logging in the application program by using the first account.
In an exemplary embodiment, based on the foregoing scheme, the receiving a login response that a user identity sent by the identity authentication server is in a legal state includes: responding to the identity authentication server to determine that the account number associated with the equipment identifier in the application set is currently in a login state, and receiving the second account number in the login state sent by the identity authentication server for the user to select the second account number; receiving a second account selected by the user and sending the second account to the identity authentication server; and responding to the second account selected by the user and received by the identity authentication server, and receiving a login response which is sent by the identity authentication server and indicates that the user identity is in a legal state.
In an exemplary embodiment, based on the foregoing scheme, the receiving a login response that a user identity sent by the identity authentication server is in a legal state includes:
in response to the identity authentication server determining that the account number associated with the device identifier in the application set is currently in a login state, receiving a plurality of second account numbers in the login state sent by the identity authentication server, and allowing the user to select from the plurality of second account numbers; receiving at least one second account selected by the user from a plurality of second accounts, and sending the second account to the identity authentication server; and responding to the fact that the identity authentication server receives at least one second account selected by the user, and receiving a login response which is sent by the identity authentication server and in which the user identity is in a legal state.
In an exemplary embodiment, based on the foregoing scheme, the receiving the second account in the login state sent by the identity authentication server includes: after the identity authentication server desensitizes the second account, receiving the desensitized second account sent by the identity authentication server.
In an exemplary embodiment, based on the foregoing scheme, the receiving a login response that a user identity sent by the identity authentication server is in a legal state includes: responding to the identity authentication server to determine that the account number associated with the equipment identifier in the application set is not in a login state currently, and receiving a request for acquiring a third historical login account number sent by the identity authentication server so that a user can provide the third account number; receiving a third account input by a user and successfully logged in history, and sending the third account to the identity authentication server; and responding to the identity authentication server to determine that the third account provided by the user is the account which is successfully logged in history, and receiving a login response which is sent by the identity authentication server and is in a legal state.
In an exemplary embodiment, based on the foregoing scheme, the device information includes one or more of the following information: a network address of the terminal, system information of the terminal, model information of the terminal, and component information of the terminal.
In an exemplary embodiment, based on the foregoing scheme, the device identifier is generated by the identity authentication server encoding the device information according to a preset mapping rule.
In an exemplary embodiment, based on the foregoing scheme, the device information is multiple, and the device identifier is a series of corresponding multiple hash values generated by the identity authentication server encoding the multiple device information according to a hash algorithm, where the hash values are used to evaluate identity probabilities of the respective terminals according to the weighted similarities.
In an exemplary embodiment, based on the foregoing scheme, after the receiving the login response that the user identity sent by the identity authentication server is in a legal state, the method further includes: and the terminal sends the login response to an application server so that the application server provides the service of the application program to the terminal.
In a second aspect provided in an embodiment of the present invention, a login method for an application program is provided, which is applied to an identity authentication server, where the method includes: the method comprises the steps of responding to a login request for logging in an application program, obtaining equipment information of a terminal loading the application program, and determining an equipment identifier for uniquely representing the terminal based on the equipment information; determining that the device identifier is associated with any one or more accounts in an application set according to the device identifier, wherein the application set at least comprises the application program; and sending a login response with the user identity in a legal state to the terminal so that the user can log in the application program.
In an exemplary embodiment, based on the foregoing scheme, after sending the login response with the user identity in the legal state to the terminal, the method further includes: and associating the equipment identification with the first account so as to increase the number of accounts associated with the equipment identification.
In an exemplary embodiment, based on the foregoing scheme, the method further includes: in response to the fact that the equipment identification is not related to any account number in the application set, generating a user identity authentication request and sending the user identity authentication request to the terminal so as to authenticate the identity of the user; receiving an identity authentication response of the terminal, and associating the equipment identifier and a first account corresponding to the identity authentication information after the identity authentication of the user is successful; and sending a login response with the user identity in a legal state to the terminal so as to enable the first account to log in the application program.
In an exemplary embodiment, based on the foregoing scheme, the sending, to the terminal, the login response with the user identity in the legal state includes: determining that an account number associated with the device identifier in the application set is currently in a login state, and sending the second account number in the login state to the terminal for the user to select the second account number; and responding to the second account selected by the user, and sending a login response with the user identity in a legal state to the terminal.
In an exemplary embodiment, based on the foregoing scheme, the sending, to the terminal, a login response that the user identity is in a legal state includes:
determining that an account number associated with the device identifier in the application set is currently in a login state, and sending the multiple second account numbers in the login state to the terminal so that the user can select from the multiple second account numbers; and responding to the received at least one second account selected by the user in the plurality of second accounts received by the terminal, and sending a login response with the user identity in a legal state to the terminal.
In an exemplary embodiment, based on the foregoing scheme, the sending the second account in the login state to the terminal includes: desensitizing the second account, and sending the desensitized second account to the terminal.
In an exemplary embodiment, based on the foregoing scheme, the sending, to the terminal, the login response with the user identity in the legal state includes: determining that the account number associated with the device identifier in the application set is not in a login state currently, and sending a request for acquiring a third historical login account number to the terminal so that a user provides the third account number; and responding to the fact that the third account provided by the user is an account which is successfully logged in historically, and sending a login response with the user identity in a legal state.
In an exemplary embodiment, based on the foregoing scheme, the device information includes one or more of the following information: a network address of the terminal, system information of the terminal, model information of the terminal, and component information of the terminal.
In an exemplary embodiment, based on the foregoing scheme, the determining, based on the device information, a device identifier for uniquely representing the terminal includes: and coding the equipment information according to a preset mapping rule to generate an equipment identifier for uniquely representing the terminal.
In an exemplary embodiment, based on the foregoing scheme, the determining, by the terminal, a device identifier uniquely representing the terminal based on the device information includes: and a series of corresponding multiple hash values generated by encoding the multiple pieces of equipment information according to a hash algorithm, wherein the hash values are used for evaluating the identity probability of the corresponding terminals according to the weighted similarity.
In an exemplary embodiment, based on the foregoing scheme, after a fourth account logs in successfully, a comparison device identifier corresponding to the fourth account is stored; wherein, the determining that the device identifier is associated with any one or more accounts in an application set including the application program according to the device identifier includes: and determining a current equipment identifier according to the equipment information, and determining that the comparison equipment identifier is associated with any one or more accounts in an application set containing the application program when the difference value between the current equipment identifier and the comparison equipment identifier is smaller than a preset value.
In an exemplary embodiment, based on the foregoing scheme, after sending the login response with the user identity in the legal state to the terminal, the method further includes: and the terminal sends the login response to an application server so that the application server provides the service of the application program to the terminal.
In a third aspect of the embodiments of the present invention, there is provided a terminal, where the terminal is capable of loading a corresponding application program, and the terminal includes:
the first sending module is used for sending a login request for logging in the application program to the identity authentication server; a second sending module, configured to send, in response to receiving a request sent by the identity authentication server for obtaining device information, the device information to the identity authentication server, so that the identity authentication server determines, based on the device information, a device identifier that uniquely represents the terminal; the receiving module is used for responding to the identity authentication server, determining that the equipment identification is associated with any one or more accounts in the application set according to the equipment identification, and receiving a login response which is sent by the identity authentication server and is in a legal state, so that the user can log in the application program; wherein the set of applications includes at least the application program.
In a fourth aspect of embodiments of the present invention, there is provided a server, wherein the server comprises:
the device comprises a first acquisition module, a second acquisition module and a third acquisition module, wherein the first acquisition module is used for responding to a login request for logging in an application program, acquiring the device information of a terminal for loading the application program, and determining a device identifier for uniquely representing the terminal based on the device information; the determining module is used for determining that the equipment identifier is associated with any one or more accounts in an application set according to the equipment identifier, wherein the application set at least comprises the application program; and the third sending module is used for sending a login response that the user identity is in a legal state to the terminal so that the user can log in the application program.
In a fifth aspect of the embodiments of the present invention, there is provided a login system of an application, wherein the system includes: a terminal capable of loading a corresponding application program, the terminal being capable of implementing the login method for the application program according to the first aspect; and an identity authentication server capable of implementing the login method of the application program of the second aspect.
In a sixth aspect of embodiments of the present invention, there is provided a computer-readable medium on which a computer program is stored, the program, when executed by a processor, implementing the method of logging in the application program as described above in the first aspect.
In a seventh aspect of embodiments of the present invention, there is provided an electronic apparatus, comprising: a processor and a memory, the memory storing executable instructions, the processor being configured to invoke the executable instructions stored by the memory to perform the login method of the application program as described in the above first aspect.
In the embodiment provided by the invention, firstly, after a terminal loading a corresponding application program sends a login request for logging in the application program to an identity authentication server, the identity authentication server determines a device identifier for uniquely representing the terminal based on device information. According to the technical scheme, the terminal is uniquely identified through the equipment identifier, the account information which is successfully logged in is associated with the equipment identifier, and therefore if the equipment identifier is associated with any one or more accounts in the application set, the user is considered to be the user which is authenticated, the identity of the user is determined to be in a legal state, the user can be logged in the application program without identity authentication again, namely the user can successfully log in the application program without providing any account information or password information, and the technical effect that the terminal equipment is the identity is achieved. For the login of any application program in the application set, as long as any account number is subjected to identity authentication, the login of other account numbers can be avoided from being subjected to identity authentication again, and therefore, the technical scheme can avoid repeated identity authentication of the user, thereby effectively saving the computing resources occupied by the identity authentication process, reducing the login time and being beneficial to improving the convenience of the user in logging in the application program.
Drawings
The above and other objects, features and advantages of exemplary embodiments of the present invention will become readily apparent from the following detailed description read in conjunction with the accompanying drawings. Several embodiments of the invention are illustrated by way of example, and not by way of limitation, in the figures of the accompanying drawings and in which:
FIG. 1 schematically shows a flow diagram of an application login system according to an embodiment of the invention;
FIG. 2 schematically shows a flow diagram of an application login system according to another embodiment of the invention;
FIG. 3 schematically shows an interaction diagram of an application login system according to an embodiment of the invention;
fig. 4 schematically shows a flow diagram of a device identification determination method according to an embodiment of the invention;
fig. 5 schematically shows a flowchart of a device identifier comparison method according to an embodiment of the present invention;
FIG. 6 schematically shows an interaction diagram of an application login system according to an embodiment of the present invention;
FIG. 7 schematically illustrates an interaction diagram of an application login system according to an embodiment of the present invention;
fig. 8 schematically shows a structural diagram of a terminal according to an embodiment of the present invention;
FIG. 9 schematically shows a structural diagram of a server according to an embodiment of the invention;
fig. 10 schematically shows a structural diagram of a login system of an application according to an embodiment of the present invention;
FIG. 11 schematically shows a schematic view of a computer-readable medium according to an example embodiment of the invention; and the number of the first and second groups,
fig. 12 schematically shows a block diagram of an electronic device according to an exemplary embodiment of the invention.
In the drawings, the same or corresponding reference numerals indicate the same or corresponding parts.
Detailed Description
The principles and spirit of the present invention will be described with reference to a number of exemplary embodiments. It is understood that these embodiments are given solely for the purpose of enabling those skilled in the art to better understand and to practice the invention, and are not intended to limit the scope of the invention in any way. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art.
As will be appreciated by one skilled in the art, embodiments of the present invention may be embodied as a system, apparatus, device, or computer program product. Thus, the present invention may be embodied in the form of: entirely hardware, entirely software (including firmware, resident software, micro-code, etc.), or a combination of hardware and software.
According to an embodiment of the present invention, an application login system, an application login method, a terminal, a server, a computer-readable medium, and an electronic device are provided.
Moreover, any number of elements in the drawings are by way of example and not by way of limitation, and any nomenclature is used solely for differentiation and not by way of limitation.
The principles and spirit of the present invention are explained in detail below with reference to several representative embodiments of the invention.
Summary of The Invention
The inventor finds that, with the first application login system provided in the prior art, when a user uses applications in an application set (or referred to as "application federation") on the same device, identity authentication is required. This results in the notion of "application collections/application federation" as a dummy, i.e., the user is not provided with an experience that is more convenient to log in to applications within an application collection, so that the user cannot feel the relationship between applications within an application collection.
The inventor also finds that, for the second application program login system provided in the prior art, the following are provided: at present, the login state of the application program in the application alliance in the market is transferred and shared, user information authorization needs to be carried out by relying on a central management server (or a private protocol pulls current login information of a user to the central management server), at this time, the current equipment needs to be ensured to be provided with the application related to the central management server, and the application is in an effective login state, so that a relatively convenient application program login scheme in the alliance can be provided for the user. If the application related to the central management server is in the unregistered state, the user still needs to perform account identity authentication once when logging in any application program in the alliance.
The following disadvantages exist for the second application login scheme existing in the related art: when a user uses an application program in a alliance on the same device, the central management server needs to be actively or passively called to acquire login account information of the user in the central management server, so that the purpose of transferring the login state of the application program in the application alliance is achieved. Therefore, the risk that a forged application program cracks the intermediate protocol and steals authorization information to forge account login may exist in each authorization process.
Moreover, for a user, each time the application system which does not perform identity authentication is used, authorization of the central application server needs to be invoked, if the application related to the central management server is in an unregistered state, account identity authentication still needs to be performed, and the problem of repeated identity authentication also exists when the application program in the federation is logged in an account.
Based on the above, the basic idea of the present invention is to uniquely identify a terminal by an equipment identifier, and associate account information that is successfully logged in with the equipment identifier, so that if the equipment identifier is associated with any one or more accounts in an application set, the user is considered to be a user who has undergone identity authentication, and thus the identity of the user is determined to be a legal state, and the user can log in the application program without performing identity authentication again, that is, the user can successfully log in the application program without providing any account information or password information, thereby achieving the technical effect of terminal equipment, that is, identity.
Having described the basic principles of the present invention, an exemplary use scenario for the present invention is described below.
Application scene overview
It should be noted that the following application scenarios are merely illustrated to facilitate understanding of the spirit and principles of the present invention, and the embodiments of the present invention are not limited in this respect. Rather, embodiments of the present invention may be applied to any scenario where applicable.
The technical scheme is suitable for the account in the application set to be subjected to identity authentication once and then be prevented from being subjected to identity authentication login when the same terminal logs in the account in any application set again. The application set comprises at least one application program, and each application program at least comprises an account. The technical scheme does not limit the application types in the application set or the relationship between the applications.
For example, the application set may be a plurality of applications deployed by a company on the market, such as: xx mailbox class application programs, xx music class application programs and xx shopping class application programs. The application set can also be a group which is created by the user according to the requirement of the user's preference and contains a plurality of application programs, such as: a user creates multiple shopping applications as a set of applications.
In an exemplary usage scenario, a collection of applications may be referred to as a "federation". And on the premise of ensuring the safety of the user account, carrying out one-time authentication on the user identity. After one-time authentication is successful, in order to facilitate the user to log in accounts of other applications in the alliance or other accounts of the same application, the technical scheme that identity authentication does not need to be carried out again is provided.
In an exemplary usage scenario, in the prior art, if a user uninstalls an application program or does not use the application program for a long time, when the status of authentication is invalid, the user still needs to perform account authentication when logging in the application program on the same device by reusing the same account, which results in inconvenient and quick experience. Through the technical scheme provided by the application, even if a certain application program in the alliance is uninstalled or the application program is not used for a long time after the user completes identity authentication once, the user can still successfully log in without identity authentication.
Various non-limiting embodiments of the invention are described in detail below.
Exemplary method
In conjunction with the application scenario described above, an application login system according to an exemplary embodiment of the present invention is described below with reference to any one of fig. 1 to 7.
Fig. 1 and 2 each schematically show a flowchart of an application login system according to an embodiment of the present invention. The main execution body of the method shown in fig. 1 is a terminal, and the main execution body of the method shown in fig. 2 is an identity recognition server. Referring to fig. 1, when the execution subject is a terminal capable of loading a corresponding application, the application login system includes:
step S11, sending a login request for logging in the application program to the identity authentication server; step S12, in response to receiving the request for obtaining the device information sent by the identity authentication server, sending the device information to the identity authentication server, so that the identity authentication server determines a device identifier uniquely representing the terminal based on the device information; step S13, in response to the identity authentication server determining that the device identifier is associated with any one or more accounts in the application set according to the device identifier, receiving a login response that the user identity sent by the identity authentication server is in a legal state, so that the user logs in the application program; wherein the set of applications includes at least the application program.
Referring to fig. 2, when the execution subject is the authentication server, the application login system includes:
step S21, responding to the received login request for logging in the application program, acquiring the device information of the terminal loading the application program, and determining the device identification for uniquely representing the terminal based on the device information; step S22, determining that the device identifier is associated with any one or more accounts in an application set according to the device identifier, where the application set at least includes the application program; step S23, sending a login response with the user identity in a legal state to the terminal, so that the user can log in the application program.
And fig. 3 schematically shows an information interaction diagram when the terminal and the identity authentication server execute the application program login system. Specific embodiments of the steps shown in fig. 1 and 2 are described below in conjunction with fig. 3:
as a specific embodiment of step S11, in step S1, the terminal 31 sends a login request for logging in to the application to the authentication server 32.
The application program is essentially a program for logging in through account number and identity authentication. For example, the Application may be an APP (Application) based on a client/server network architecture mode, a web page version Application based on a browser/server network architecture mode, an applet, and the like.
Illustratively, the terminal 31 provides a control for the user to trigger a login request. For example, if the user logs in "xx music" through the terminal, after the application is opened, the user may trigger the terminal 31 to send a login request for logging in the application of "xx music" to the authentication server 32 through a "login" control displayed on the terminal.
As a specific embodiment of step S21, in step S2, in response to receiving the login request, the authentication server 32 sends a request for acquiring device information of the terminal to the terminal 31, which is loaded with the application. And, as a specific embodiment of step S12, in step S3, the terminal 31 transmits device information about the terminal to the authentication server 32.
In an exemplary embodiment, the device information includes one or more of the following: a network address of the terminal, system information of the terminal, model information of the terminal, and component information of the terminal. In particular, reference may be made to table 1:
TABLE 1
Figure BDA0002740457380000121
Figure BDA0002740457380000131
In this embodiment, the device identifier is determined by the device information of multiple types/multiple dimensions as shown in table 1, which has the following beneficial effects: on one hand, if the device identifier determined by the information with the single dimension is used, the possibility of being forged is high, and therefore the technical scheme is beneficial to improving the login safety of the application program. On the other hand, even for the same terminal, if the operating systems are different, the types of the device information that can be acquired are different, and the user authorization states during different times of device information acquisition may also be different, the type difference of the device information acquired twice is large, and further, the device identifiers determined twice may be different, thereby affecting the recognition accuracy of the terminal. For example, in the two login processes on the same device, the device information acquired at one time includes [ information-1 ], [ information-2 ], [ information-3 ], and the device information acquired at another time includes [ information-1 ], [ information-4 ], [ information-5 ], so that the difference between the device identifiers determined at two times is definitely large, and further, the successful login of the account without identity authentication cannot be guaranteed.
Even if the acquired equipment information is partially lost or updated, the identification of the equipment identifier is not influenced, and the technical scheme is favorable for improving the robustness of terminal identification. On the other hand, even for the same terminal, some time-dependent and location-dependent device information (such as operator information and GPS information, respectively) is unavoidable, and when the time-dependent and location-dependent device information changes, the accuracy of the type of device information can be ensured by controlling the type of threshold control and/or machine learning calculation, so that the identification accuracy of the terminal is not affected by the change of part of the device information. In another aspect, because the system of the terminal is under continuous development and upgrade (such as version update of an operating system, network type change, etc.), the technical solution uses multi-dimensional device information to calculate the device identifier, so that flexible expansion and compatibility can be performed, and good expansibility and compatibility are provided for device information of systems with more versions and models in the future, so as to further improve robustness for terminal identification.
Further, as a specific embodiment of step S21, the identity authentication server 32 determines a device identifier uniquely indicating the terminal based on the device information in step S4.
In an exemplary embodiment, the device information is encoded according to a preset mapping rule to generate a device identifier for uniquely representing the terminal.
Illustratively, the login request received by the identity authentication server includes an application set identifier to which the application to be logged in belongs, so as to indicate to which application set the application to be logged in belongs. Meanwhile, in order to distinguish different application sets, or to judge whether the current application belongs to the application set a or the application set B (specifically, the judgment may be made according to the application set identifier included in the login request), it is necessary that the device identifiers determined by different application sets (which may be referred to as "alliances") are different for the same terminal. Thus, the algorithm for determining the device identity is different for different sets of applications. That is, the device identification is determined by a unified algorithm for the accounts of the applications of the same set of applications.
In an exemplary embodiment, fig. 4 schematically shows a flow diagram of a method of assessing device identity according to an embodiment of the invention. Specifically, a hash value used as a device identifier is first determined, and device identity is further evaluated based on the hash value. Referring to fig. 4, including:
step S41, encoding the plurality of pieces of device information according to a hash algorithm to generate a series of corresponding plurality of hash values; and a step S42 of evaluating the identity probability of the corresponding terminal according to the weighted similarity based on the hash value.
In this embodiment, the hash value of each piece of device information is determined based on a hash algorithm corresponding to an application set to which an application program belongs. The device information is terminal-related information that the user allows to obtain, as shown in table 1.
Illustratively, the acquired device information is arranged according to a preset sequence and is divided into a plurality of blocks, and characters are generated based on a hash value of the information, wherein the hash value characters are unique mapping identifiers of the information.
For example: the device information acquired by the terminal M includes [ information-1 ], [ information-2 ], [ information-3 ], [ … … ], [ information-100 ], and then the format of the device identifier may be represented as: (Hash value 1) - (Hash value 2) - (Hash value 3) - … … - (Hash value 100). Wherein the content of the first and second substances,
(hash value-1) is [ information-1 ] a character generated based on a hash value method, such as: "(hash value-1)" is: 416d363aa99f 802;
(hash value-2) is [ information-2 ] a character generated based on a hash value method, such as: "(hash value-2)" is: 6d363aa99f802f 3;
(hash value-3) is [ information-3 ] a character generated based on a hash value method, such as: "(hash value-3)" is: d363aa99f802f3 g;
……
(hash value-100) is [ information-100 ] characters generated based on a hash value mode, such as: "(hash value-100)" is: a3416d363aa99f 8.
The device identification of this terminal M can then be represented as a series of hash values: 416d363aa99f802-6d363aa99f802f3-d363aa99f802f3g- … … -a3416d363aa99f 8.
In an exemplary embodiment, the algorithms for determining device identifications are the same for the same set/federation of applications. However, when account numbers of different applications in the same application set log in, when account numbers of different applications log in, and when the same account number logs in at different times, there may be differences in the acquired device information, for example, the "system version" in the device information acquired when the first account number of the application logs in is "10.3.2", and the "system version" in the device information acquired when the second account number of the application logs in is "10.3.5". Therefore, after the device identifier corresponding to the current account is calculated, it should be determined whether the current device identifier is the same as the device identifier associated with the account (referred to as "comparison device identifier"), so as to further improve the login security of the application program.
In an exemplary embodiment, as a specific implementation manner of step S42, fig. 5 schematically shows a flowchart of a device identifier comparison method according to an embodiment of the present invention. Referring to fig. 5, including:
step S51, after the login of the fourth account is successful, storing the comparison equipment identifier corresponding to the fourth account; and step S52, determining a current device identifier according to the device information, and determining that the comparison device identifier is associated with any one or more accounts in an application set including the application program when a difference between the current device identifier and the comparison device identifier is smaller than a preset value.
For example, different identification weights are set for the hash values corresponding to the pieces of equipment information, so that when the collected equipment information changes, the accuracy of the equipment identification determination is not affected.
For example, if more information can be collected by the identification server when the terminal is subsequently opened, the corresponding hash value can be sequentially added to the original hash value, so that the identification of the previously collected information is not affected, and the accuracy of determining the device identifier is not affected.
Illustratively, [ information-1 ] in 100 pieces of device information collected for the terminal a is a network address of the terminal, and the terminal a can be uniquely represented only by [ information-1 ]. The identification weight of the information-1 can be set to a larger value, so that the information-1 can influence the identity authentication server to a greater extent on identifying whether the terminal devices are the same. Illustratively, [ information-50 ] of the 100 pieces of device information collected for the terminal a is changed when the first account is logged in and when the fourth account is logged in. The identification weight of [ information-50 ] can be set to a smaller value so as not to influence whether the identity authentication server identifies the same terminal device. For example, the recognition weight of each piece of information can be dynamically adjusted through artificial intelligence learning so as to determine the recognition accuracy of the equipment identification.
For example, whether two device identifiers obtained by obtaining device information twice belong to the same terminal (i.e., the evaluation of identity is achieved) may be determined according to the following formula:
device identity probability (information 1 contrast information 1 weight ratio) + (information 2 contrast information 2 weight ratio) + (information 3 contrast information 3 weight ratio) + … … + (information 100 contrast information 100 weight ratio)
If the device identity probability is within the range determined by the system, the terminals can be regarded as the same terminal. That is, it may be determined whether the current device identifier and the comparison device identifier correspond to the same terminal.
In an exemplary embodiment, in step S22, it is determined whether the device identifier is associated with any one or more accounts in the application set according to the device information.
If the device identifier is associated with an account in the application set, which indicates that there are accounts that have successfully logged in the application set, that is, the user identities are legal for all the accounts in the application set, so referring to fig. 3, in step S5, the identity authentication server 32 determines that the device identifier is associated with any one or more accounts in the application set, then step S23/S6 is executed: a login response is sent to the terminal 31 with the user identity in a legitimate state.
If the device identifier is not associated with an account in the application set, it indicates that there is no account that has successfully logged in the application set, that is, the user needs to perform identity authentication once. Step S24 is executed: and in response to the fact that the equipment identification is not related to any account in the application set, generating a user identity authentication request and sending the user identity authentication request to the terminal so as to authenticate the identity of the user. Further, in order to avoid performing identity authentication again when other applications in the application set subsequently log in, step S25 is executed: the identity authentication server receives an identity authentication response of the terminal, and associates the equipment identifier and a first account corresponding to the identity authentication information after the identity authentication of the user is successful; and sending a login response with the user identity in a legal state to the terminal so as to enable the first account to log in the application program.
The identity authentication information at least comprises account password information, physical sign information of a terminal user and/or short message verification code information received by the terminal.
Therefore, after the application program login authentication is passed, the identity authentication service can associate the account number in the identity authentication information with the equipment identifier, so that when a user logs in other application programs in the same application set on the same equipment, the repeated identity authentication can be avoided by judging that the equipment identifier is associated with the first account number, the application login speed is increased, and the application login experience of the user is favorably improved.
In an exemplary embodiment, in order to further improve the security of user account login, before step S6/step S23 is executed, that is, before a login response that the user identity is in a legal state is sent to the terminal, the technical solution further determines, by the identity authentication server 32, whether the account associated with the device identifier is currently in a login state.
The first condition is as follows:
if the account associated with the device identifier is currently in a login state (referred to as a "second account"), the identity authentication server may consider that the user of the current terminal (i.e., the user attempting to login the application) and the user of the second account belong to the same user with a high probability, so that a manner of letting the user select confirmation may be employed to determine whether the current user and the user of the second account are the same user. For example, fig. 6 shows a technical solution in a case where a second account associated with a device identifier is currently in a login state. Fig. 6 is implemented on the basis of fig. 3, and specifically, referring to fig. 6, the method includes:
step S5', it is determined that the device identifier is associated with a second account in the application set, and the second account is in a login state; step S61, the identity authentication server 32 sends the second account in the login state to the terminal, so that the user can select the second account; and step S62, in response to receiving the second account selected by the user, the identity authentication server 32 sends a login response that the user identity is in a legal state to the terminal 31.
In an exemplary embodiment, if there are a plurality of second accounts in the login state, the specific implementation manner that the identity authentication server sends the login response that the user identity is in the legal state includes:
the identity authentication server determines that the account number associated with the equipment identifier in the application set is currently in a login state, and then the identity authentication server sends a plurality of second account numbers in the login state to the terminal for the user to select from the plurality of second account numbers; further, after the user selects the second account, the terminal sends at least one second account selected by the user from the plurality of second accounts to the identity authentication server, so that the identity authentication server receives the at least one second account selected by the user, and sends a login response that the user identity is in a legal state.
Illustratively, a user logs in "xx music" at present, after receiving the login request and determining an equipment identifier according to acquired equipment information, the identity authentication server acquires that "xx mailbox" account and "xx game" account associated with the equipment identifier are all currently in a login state, and then the identity authentication server sends the "xx mailbox" account and the "xx game" account currently in the login state to a terminal for the user to select and confirm. If the user confirms the account belonging to the user after checking the related second accounts (such as the account of the 'xx mailbox' and the account of the 'xx game'), the terminal sends at least one account belonging to the user in the second accounts to the identity authentication server. Therefore, the identity authentication server determines that the current user and the user of the second account are the same user. Furthermore, since the second account is associated with the device identifier, and is an account that has undergone identity authentication, it is currently determined whether the current user is the same user as the user of the second account, and therefore the user can be allowed to directly log in the "xx music" without repeatedly performing identity authentication.
For example, the first application, the second application, and the third application belong to a same application set. The first application program is used for identity authentication of the microblog through the account number password, and the second application program is used for identity authentication of the microblog through the sign information. When the user wants to log in the third application program, the identity authentication server can selectively feed back account information of the WeChat or account information of the microblog to the user for the user to select and confirm, and if the user confirms that the user successfully logs in the WeChat or the microblog on the terminal equipment, the identity authentication server allows the user to successfully log in the third application program without identity authentication.
Illustratively, in order to determine the security of the account, the second account needs to be desensitized, and then the desensitized second account is sent to the terminal, for example, the "xx mailbox" account is displayed as "136 × 9579@ xx. The second account may be displayed to the terminal display in a manner of displaying a control, so that the user may manually select the second account in step S60. Of course, the second account may also be played by the terminal in voice for the user to select the second account by voice control in step S60.
For example, when a plurality of second accounts are available, for example, a user wants to log in "xx music", after receiving the login request and determining a device identifier according to the collected device information, the identity authentication server finds that all "xx mailbox" accounts and "xx game" accounts associated with the device identifier are currently in a login state, and the terminal may display the "xx mailbox" accounts and the "xx game" accounts in a list manner, so that the user can view and select the accounts.
In this embodiment, when a user uses an application program in an application set (or referred to as a "federation") on a device, the identity authentication server retrieves, through the device identifier, one or more accounts in the federation associated with the device identifier (i.e., retrieves other accounts in the federation that have logged in on the same device), and determines that the associated account is currently in a login state (i.e., the second account), returns relevant information of the second account to the terminal for the user to confirm. After the user confirms that the returned second account belongs to the own account, the identity authentication server considers that the current user is a user who passes the identity authentication, that is, the user can directly and successfully log in the application in the alliance on the same device, and the technical effect of the device, that is, the identity, is achieved.
Case two:
if the account associated with the device identifier is not currently in a login state (denoted as a "third account"), for example, the user logs out of accounts for logging in all applications in the federation on the same device, or the user deletes all applications in the federation on the same device, or the user restarts the device, and so on, in order to ensure the security of the accounts, the identity authentication server may not consider that the user of the current terminal (i.e., the user trying to log in the applications) and the user of the third account belong to the same user with a high probability, and then the user is required to provide the third account which has been successfully logged in historically, and then verify whether the user of the current user and the user of the third account are the same user. For example, fig. 7 shows a technical solution in a case that the third account associated with the device identifier is not currently in a login state. Fig. 7 is also implemented on the basis of fig. 3, and in particular, with reference to fig. 7, the method includes:
step S5', it is determined that the device identifier is associated with a third account in the application set, and the third account is not in a login state; step S71, the identity authentication server 32 sends a request for obtaining a third account logged in history to the terminal 31, so that the user provides the third account; and step S72, in response to the third account provided by the user being an account that has been successfully logged in history, the identity authentication server 32 sends a login response that the user identity is in a legal state.
For example, a user needs to log in "xx music" (an application to be logged in) currently, after receiving the login request and determining a device identifier according to collected device information, the identity authentication server obtains an "xx mailbox" account and an "xx game" account associated with the device identifier, but none of the "xx mailbox" account and the "xx game" account is currently in a login state. In order to further verify whether the user trying to log in the "XX music" (i.e. the application to be logged in) is the same user as the user of the "XX mailbox" account and the "XX game" account, the identity authentication server sends a request for acquiring a third account logged in history to the terminal. For example, "please provide the account information of 'xx mailbox' that you have logged in history" or "please provide the account information of 'xx game' that you have logged in history".
If the identity authentication server judges that the account information provided by the user is consistent with the third account information, the current user and the user of the third account can be determined to be the same user. Furthermore, since the third account is associated with the device identifier, the third account is an account that has undergone identity authentication, and it is currently determined that the current user and the user of the third account are the same user, so that the user can be allowed to log in the application program to be logged in with the third account, that is, the user can be allowed to log in "xx music" with an account of the "xx game" or the "xx mailbox", thereby avoiding a process of performing identity authentication on the account of the "xx music".
For example, the request for obtaining the third account logged in history may be displayed to the terminal display in the form of a display control, so that the user may manually input the third account at the display control in step S70. Of course, the request for obtaining the history logged-in third account may also be played by the terminal in a voice manner, so that the user may input the history logged-in successful third account in step S70 by voice control.
In an exemplary embodiment, referring to fig. 3, 6 or 7, in step S6, the authentication server 32 sends a login response that the user identity is in a legal state to the terminal 31. Further, in step S7, the terminal 31 delivers the authentication result of the legitimate state to the application server 33. Further, in step S8, the application server 33 provides the terminal with an application service corresponding to the application program. Therefore, the user can successfully log in the application program without repeatedly performing identity authentication, and the application service corresponding to the application program can be conveniently obtained.
In an exemplary embodiment, the identity authentication server 32 may perform step S9 after sending the login response that the user identity is in a legal state to the terminal 31: and associating the equipment identification with the account of the application program. The account of the current application program can be associated to the device corresponding to the device identifier by the user, so that the account of the application program can be used as an alternative second account or third account in the future to log in other application programs. For example: after the user successfully logs in to the xx music through the account of the xx game, the user can select to quit the account of the xx game, the account of the xx music is used for replacing the account of the xx music, and the login state of the xx music is maintained, at this time, the account of the xx music can be associated with the equipment corresponding to the equipment identification by the user, so that the user can conveniently log in other application programs in the alliance in the future by taking the account of the xx music as a second account or a third account, and the identity authentication process is avoided.
It should be noted that the identity authentication server in fig. 3, fig. 6, and fig. 7 is used to provide the identity authentication service, and the application server is used to provide the application service, which is only one way to provide the identity authentication service and the application service. In the actual operation process, the identity authentication service and the application service may be from the same server, and the application is not particularly limited.
According to the technical scheme provided by the invention, the terminal equipment is uniquely identified through the equipment identification, and the account information which is successfully logged in is associated with the equipment identification, so that if the equipment identification is associated with any one or more accounts in the application set, the user is considered as the user which is authenticated, the identity of the user is determined to be in a legal state, the user can log in the application program without identity authentication again, namely, the user can successfully log in the application program without providing any account information or password information, and the technical effect of terminal equipment namely identity is achieved. For the application programs in the application set, as long as the account of any one of the application programs is subjected to identity authentication, the user can be prevented from performing identity authentication again when logging in other application programs.
Exemplary devices
Having described the method of the exemplary embodiment of the present invention, next, a terminal and a server of an exemplary embodiment of the present invention will be described with reference to fig. 8 and 9, respectively.
Fig. 8 schematically shows a structural diagram of a terminal according to an embodiment of the present invention, where the terminal is capable of loading a corresponding application. Referring to fig. 8, a terminal 800 includes: a first sending module 801, a second sending module 802 and a receiving module 803.
The first sending module 801 is configured to send a login request for logging in an application program to an identity authentication server; the second sending module 802 is configured to, in response to receiving a request for obtaining device information sent by the identity authentication server, send the device information to the identity authentication server, so that the identity authentication server determines, based on the device information, a device identifier uniquely representing the terminal; the receiving module 803 is configured to respond to the identity authentication server determining that the device identifier is associated with any one or more accounts in the application set according to the device identifier, and receive a login response that the user identity is in a legal state and is sent by the identity authentication server, so that the user logs in the application program;
wherein the set of applications includes at least the application program.
Fig. 9 schematically shows a structural diagram of a server according to an embodiment of the present invention. Referring to fig. 9, the server 900 includes: a first obtaining module 901, a determining module 902 and a third sending module 903.
The first obtaining module 901 is configured to, in response to receiving a login request for logging in an application, obtain device information of a terminal that loads the application, and determine, based on the device information, a device identifier that uniquely represents the terminal; the determining module 902 is configured to determine, according to the device identifier, that the device identifier is associated with any one or more accounts in an application set, where the application set at least includes the application program; and the third sending module 903 is configured to send a login response that the user identity is in a legal state to the terminal, so that the user logs in the application program.
Fig. 10 schematically shows a structural diagram of a login system of an application according to an embodiment of the present invention. Referring to fig. 10, the login system 1000 of the application program includes: the terminal 800 and the server 900. The terminal 800 and the server 900
The specific details of each module in the terminal 800 and each module in the server 900 have been described in detail in the login method of the corresponding application program, and therefore are not described herein again.
It should be noted that although in the above detailed description several modules or units of the device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit, according to embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units.
Moreover, although the steps of the methods of the present disclosure are depicted in the drawings in a particular order, this does not require or imply that the steps must be performed in this particular order, or that all of the depicted steps must be performed, to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step execution, and/or one step broken down into multiple step executions, etc.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a server, a mobile terminal, or a network device, etc.) to execute the method according to the embodiments of the present disclosure.
Exemplary Medium
Having described the login system of the application program of the exemplary embodiment of the present invention, the medium of the exemplary embodiment of the present invention will be explained next.
In some possible embodiments, aspects of the present invention may also be implemented as a medium having stored thereon program code for implementing steps in an application logging system according to various exemplary embodiments of the present invention described in the above section "exemplary method" of this specification, when the program code is executed by a processor of a device.
For example, the processor of the device may implement step S11 as described in fig. 1 when executing the program code, sending a login request for logging in to the application to the identity authentication server; step S12, in response to receiving the request for obtaining the device information sent by the identity authentication server, sending the device information to the identity authentication server, so that the identity authentication server determines a device identifier uniquely representing the terminal based on the device information; step S13, in response to the identity authentication server determining that the device identifier is associated with any one or more accounts in the application set according to the device identifier, receiving a login response that the user identity sent by the identity authentication server is in a legal state, so that the user logs in the application program; wherein the set of applications includes at least the application program.
Referring to fig. 11, a program product 1100 for implementing the above-described application login system according to an embodiment of the present invention is described, which may employ a portable compact disc read only memory (CD-ROM) and include program code, and may be run on a terminal device, such as a personal computer. However, the program product of the present invention is not limited thereto.
It should be noted that: the above-mentioned medium may be a readable signal medium or a readable storage medium. The readable storage medium may be, for example but not limited to: an electrical, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination thereof. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
A readable signal medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take a variety of forms, including, but not limited to: an electromagnetic signal, an optical signal, or any suitable combination of the foregoing. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wired, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the consumer electronic device, partly on a remote electronic device, or entirely on the remote electronic device or server. In the case of remote electronic devices, the remote electronic devices may be connected to the consumer electronic device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external electronic device (e.g., through the internet using an internet service provider).
Exemplary electronic device
Having described the application login system, the application login method, the terminal, the server, and the computer-readable medium according to the exemplary embodiments of the present invention, an electronic device according to another exemplary embodiment of the present invention will be described next.
As will be appreciated by one skilled in the art, aspects of the present invention may be embodied as a system, method or program product. Thus, various aspects of the invention may be embodied in the form of: an entirely hardware embodiment, an entirely software embodiment (including firmware, microcode, etc.) or an embodiment combining hardware and software aspects that may all generally be referred to herein as a "circuit," module "or" system.
In some possible embodiments, an electronic device according to embodiments of the present invention may include at least one processor, and at least one memory. Wherein the memory stores program code that, when executed by the processor, causes the processor to perform the steps in the application login system according to various exemplary embodiments of the present invention described in the "exemplary methods" section above in this specification. For example, the processor may execute step S11 described in fig. 1, sending a login request for logging in to the application to the identity authentication server; step S12, in response to receiving the request for obtaining the device information sent by the identity authentication server, sending the device information to the identity authentication server, so that the identity authentication server determines a device identifier uniquely representing the terminal based on the device information; step S13, in response to the identity authentication server determining that the device identifier is associated with any one or more accounts in the application set according to the device identifier, receiving a login response that the user identity sent by the identity authentication server is in a legal state, so that the user logs in the application program; wherein the set of applications includes at least the application program.
An electronic device 1200 according to an exemplary embodiment of the invention is described below with reference to fig. 12. The electronic device 1200 shown in fig. 12 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present invention.
As shown in fig. 12, the electronic apparatus 1200 is represented in the form of a general electronic apparatus. The components of the electronic device 1200 may include, but are not limited to: the at least one processing unit 1201, the at least one memory unit 1202, and the bus 1203 connecting the various system components (including the memory unit 1202 and the processing unit 1201).
The bus 1203 includes a data bus, an address bus, and a control bus.
The storage unit 1202 may include readable media in the form of volatile memory, such as Random Access Memory (RAM)12021 and/or cache memory 12022, and may further include Read Only Memory (ROM) 12023.
The storage unit 1202 may also include a program/utility 12025 having a set (at least one) of program modules 12024, such program modules 12024 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
The electronic device 1200 may also communicate with one or more external devices 1204 (e.g., keyboard, pointing device, bluetooth device, etc.), with one or more devices that enable a user to interact with the electronic device 1200, and/or with any devices (e.g., router, modem, etc.) that enable the electronic device 1200 to communicate with one or more other electronic devices. Such communication may occur via input/output (I/O) interfaces 1205. Also, the electronic device 1200 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the internet) through the network adapter 1206. As shown, the network adapter 1206 communicates with the other modules of the electronic device 1200 over a bus 1203. It should be appreciated that although not shown, other hardware and/or software modules may be used in conjunction with the electronic device 1200, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
It should be noted that although in the above detailed description several units/modules or sub-units/modules of the data processing apparatus are mentioned, such a division is merely exemplary and not mandatory. Indeed, the features and functionality of two or more of the units/modules described above may be embodied in one unit/module according to embodiments of the invention. Conversely, the features and functions of one unit/module described above may be further divided into embodiments by a plurality of units/modules.
It should be noted that although in the above detailed description several units or sub-units of the terminal and the server are mentioned, such a division is only exemplary and not mandatory. Indeed, the features and functions of two or more modules or units described above may be embodied in one module or unit according to embodiments of the invention. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units.
Moreover, while the operations of the method of the invention are depicted in the drawings in a particular order, this does not require or imply that the operations must be performed in this particular order, or that all of the illustrated operations must be performed, to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step execution, and/or one step broken down into multiple step executions.
While the spirit and principles of the invention have been described with reference to several particular embodiments, it is to be understood that the invention is not limited to the particular embodiments disclosed, nor is the division of the aspects, which is for convenience only as the features in these aspects may not be combined to benefit from the present disclosure. The invention is intended to cover various modifications and equivalent arrangements included within the spirit and scope of the appended claims.

Claims (10)

1. A login method of an application program is applied to a terminal, and the terminal can load the corresponding application program, wherein the method comprises the following steps:
sending a login request for logging in an application program to an identity authentication server;
in response to receiving a request for acquiring equipment information sent by the identity authentication server, sending the equipment information to the identity authentication server so that the identity authentication server determines an equipment identifier for uniquely representing the terminal based on the equipment information;
responding to the identity authentication server to determine that the equipment identification is associated with any one or more accounts in the application set according to the equipment identification, and receiving a login response which is sent by the identity authentication server and is in a legal state, wherein the login response is used for a user to log in the application program;
wherein the set of applications includes at least the application program.
2. The login method of an application program according to claim 1, wherein said method further comprises:
responding to any account number in the application set which is not related to the equipment identification, and receiving a user identity authentication request generated by the identity authentication server so as to authenticate the identity of the user;
receiving identity authentication information of the user as an identity authentication response and sending the identity authentication response to the identity authentication server so that the identity authentication server associates the equipment identifier and a first account corresponding to the identity authentication information after the identity authentication of the user is successful;
and responding to the successful identity authentication of the identity authentication server to the user based on the identity authentication response, receiving a login response which is sent by the identity authentication server and takes the user identity as a legal state, and logging in the application program by using the first account.
3. The login method of the application program according to claim 1, wherein the receiving of the login response that the user identity is in a legal state and is sent by the identity authentication server comprises:
responding to the identity authentication server to determine that the account number associated with the equipment identifier in the application set is currently in a login state, and receiving the second account number in the login state sent by the identity authentication server for the user to select the second account number;
receiving a second account selected by the user and sending the second account to the identity authentication server;
and responding to the second account selected by the user and received by the identity authentication server, and receiving a login response which is sent by the identity authentication server and indicates that the user identity is in a legal state.
4. A login method of an application program is applied to an identity authentication server, wherein the method comprises the following steps:
the method comprises the steps of responding to a login request for logging in an application program, obtaining equipment information of a terminal loading the application program, and determining an equipment identifier for uniquely representing the terminal based on the equipment information;
determining that the device identifier is associated with any one or more accounts in an application set according to the device identifier, wherein the application set at least comprises the application program;
and sending a login response with the user identity in a legal state to the terminal so that the user can log in the application program.
5. The login method of the application program according to claim 4, wherein the method further comprises:
in response to the fact that the equipment identification is not related to any account number in the application set, generating a user identity authentication request and sending the user identity authentication request to the terminal so as to authenticate the identity of the user;
receiving an identity authentication response of the terminal, and associating the equipment identifier and a first account corresponding to the identity authentication information after the identity authentication of the user is successful;
and sending a login response with the user identity in a legal state to the terminal so as to enable the first account to log in the application program.
6. A terminal capable of loading a corresponding application, wherein the terminal comprises:
the first sending module is used for sending a login request for logging in the application program to the identity authentication server;
a second sending module, configured to send, in response to receiving a request sent by the identity authentication server for obtaining device information, the device information to the identity authentication server, so that the identity authentication server determines, based on the device information, a device identifier that uniquely represents the terminal;
the receiving module is used for responding to the identity authentication server, determining that the equipment identification is associated with any one or more accounts in the application set according to the equipment identification, and receiving a login response which is sent by the identity authentication server and is in a legal state, so that the user can log in the application program;
wherein the set of applications includes at least the application program.
7. A server, wherein the server comprises:
the device comprises a first acquisition module, a second acquisition module and a third acquisition module, wherein the first acquisition module is used for responding to a login request for logging in an application program, acquiring the device information of a terminal for loading the application program, and determining a device identifier for uniquely representing the terminal based on the device information;
the determining module is used for determining that the equipment identifier is associated with any one or more accounts in an application set according to the equipment identifier, wherein the application set at least comprises the application program;
and the third sending module is used for sending a login response that the user identity is in a legal state to the terminal so that the user can log in the application program.
8. A login system for an application, wherein the system comprises:
a terminal capable of loading a corresponding application program, the terminal being capable of implementing a login method for an application program according to any one of claims 1 to 3; and the number of the first and second groups,
an authentication server capable of implementing a login method for an application as claimed in claim 4 or claim 5.
9. A computer-readable medium, on which a computer program is stored, which, when being executed by a processor, implements a login method for an application program according to any one of claims 1 to 3, and,
the program, when executed by a processor, implements a login method for an application program as claimed in claim 4 or claim 5.
10. An electronic device, comprising:
one or more processors;
storage means for storing one or more programs which, when executed by the one or more processors, cause the one or more processors to implement a login method for an application program according to any one of claims 1 to 3, and to implement a login method for an application program according to claim 4 or claim 5.
CN202011148600.4A 2020-10-23 2020-10-23 Login method, terminal, server, system, medium and equipment of application program Active CN112199652B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011148600.4A CN112199652B (en) 2020-10-23 2020-10-23 Login method, terminal, server, system, medium and equipment of application program

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011148600.4A CN112199652B (en) 2020-10-23 2020-10-23 Login method, terminal, server, system, medium and equipment of application program

Publications (2)

Publication Number Publication Date
CN112199652A true CN112199652A (en) 2021-01-08
CN112199652B CN112199652B (en) 2023-08-25

Family

ID=74011200

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011148600.4A Active CN112199652B (en) 2020-10-23 2020-10-23 Login method, terminal, server, system, medium and equipment of application program

Country Status (1)

Country Link
CN (1) CN112199652B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112765571A (en) * 2021-01-29 2021-05-07 北京达佳互联信息技术有限公司 Authority management method, system, device, server and storage medium
CN113114770A (en) * 2021-04-14 2021-07-13 每日互动股份有限公司 User identification method, electronic device, and computer-readable storage medium
CN113360868A (en) * 2021-06-29 2021-09-07 平安普惠企业管理有限公司 Application program login method and device, computer equipment and storage medium
CN113688369A (en) * 2021-07-28 2021-11-23 支付宝(杭州)信息技术有限公司 Method, device and equipment for recommending login mode after application program is uninstalled and reinstalled
CN114828000A (en) * 2022-04-14 2022-07-29 中国联合网络通信集团有限公司 Login method, device and computer readable storage medium
CN115242511A (en) * 2022-07-22 2022-10-25 成都中科大旗软件股份有限公司 Multi-environment application management platform and management method

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103856332A (en) * 2014-03-22 2014-06-11 中国科学院信息工程研究所 Implementation method of one-to-multiple account mapping binding of convenient and rapid multi-screen multi-factor WEB identity authentication
CN106605246A (en) * 2014-06-16 2017-04-26 贝宝公司 Systems and methods for authenticating a user based on a computing device
CN107317807A (en) * 2017-06-22 2017-11-03 北京洋浦伟业科技发展有限公司 A kind of apparatus bound method, apparatus and system
CN108076018A (en) * 2016-11-16 2018-05-25 阿里巴巴集团控股有限公司 Identity authorization system, method, apparatus and account authentication method
CN108460251A (en) * 2017-02-21 2018-08-28 腾讯科技(深圳)有限公司 Run the method, apparatus and system of application program
CN109413096A (en) * 2018-11-30 2019-03-01 北京海泰方圆科技股份有限公司 A kind of login method and device more applied

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103856332A (en) * 2014-03-22 2014-06-11 中国科学院信息工程研究所 Implementation method of one-to-multiple account mapping binding of convenient and rapid multi-screen multi-factor WEB identity authentication
CN106605246A (en) * 2014-06-16 2017-04-26 贝宝公司 Systems and methods for authenticating a user based on a computing device
CN108076018A (en) * 2016-11-16 2018-05-25 阿里巴巴集团控股有限公司 Identity authorization system, method, apparatus and account authentication method
CN108460251A (en) * 2017-02-21 2018-08-28 腾讯科技(深圳)有限公司 Run the method, apparatus and system of application program
CN107317807A (en) * 2017-06-22 2017-11-03 北京洋浦伟业科技发展有限公司 A kind of apparatus bound method, apparatus and system
CN109413096A (en) * 2018-11-30 2019-03-01 北京海泰方圆科技股份有限公司 A kind of login method and device more applied

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112765571A (en) * 2021-01-29 2021-05-07 北京达佳互联信息技术有限公司 Authority management method, system, device, server and storage medium
CN113114770A (en) * 2021-04-14 2021-07-13 每日互动股份有限公司 User identification method, electronic device, and computer-readable storage medium
CN113360868A (en) * 2021-06-29 2021-09-07 平安普惠企业管理有限公司 Application program login method and device, computer equipment and storage medium
CN113688369A (en) * 2021-07-28 2021-11-23 支付宝(杭州)信息技术有限公司 Method, device and equipment for recommending login mode after application program is uninstalled and reinstalled
CN113688369B (en) * 2021-07-28 2024-02-02 支付宝(杭州)信息技术有限公司 Login mode recommending method, device and equipment after unloading and reloading of application program
CN114828000A (en) * 2022-04-14 2022-07-29 中国联合网络通信集团有限公司 Login method, device and computer readable storage medium
CN114828000B (en) * 2022-04-14 2023-07-28 中国联合网络通信集团有限公司 Login method, login device and computer readable storage medium
CN115242511A (en) * 2022-07-22 2022-10-25 成都中科大旗软件股份有限公司 Multi-environment application management platform and management method
CN115242511B (en) * 2022-07-22 2024-04-12 成都中科大旗软件股份有限公司 Multi-environment application management platform and management method

Also Published As

Publication number Publication date
CN112199652B (en) 2023-08-25

Similar Documents

Publication Publication Date Title
CN112199652B (en) Login method, terminal, server, system, medium and equipment of application program
CN110855676B (en) Network attack processing method and device and storage medium
US11122089B2 (en) Authorization policy optimization method and apparatus, and storage medium
WO2017054504A1 (en) Identity authentication method and device, and storage medium
CN106650350B (en) Identity authentication method and system
CN110691085B (en) Login method, login device, password management system and computer readable medium
KR20150064063A (en) Secure identification of computing device and secure identification methods
CN113268336B (en) Service acquisition method, device, equipment and readable medium
CN112528262A (en) Application program access method, device, medium and electronic equipment based on token
CN109787959B (en) Account information processing method and related device
CN112966168B (en) Business label query method and device for realizing privacy protection
US10936705B2 (en) Authentication method, electronic device, and computer-readable program medium
CN109688183A (en) Group control device recognition methods, device, equipment and computer readable storage medium
CN113569263A (en) Secure processing method and device for cross-private-domain data and electronic equipment
CN110958234B (en) Application login control method and device and storage medium
CN111177536B (en) Method and device for transmitting customized information to unregistered user based on device fingerprint and electronic device
CN112100604B (en) Terminal equipment information processing method and device
CN110177096A (en) Client certificate method, apparatus, medium and calculating equipment
CN111786991B (en) Block chain-based platform authentication login method and related device
CN113901456A (en) User behavior security prediction method, device, equipment and medium
CN114282940A (en) Method and apparatus for intention recognition, storage medium, and electronic device
CN112988325A (en) Android simulator identification method and system based on user information
JP2021015421A (en) Information processing program, information processing method, and information processing apparatus
CN110602709A (en) Network data security method and device of wearable device and storage medium
KR20130113787A (en) Method and system for providing game service using virtual ip of pc-room

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant