CN113407927B - Login method, device, equipment and medium - Google Patents

Login method, device, equipment and medium Download PDF

Info

Publication number
CN113407927B
CN113407927B CN202110748004.8A CN202110748004A CN113407927B CN 113407927 B CN113407927 B CN 113407927B CN 202110748004 A CN202110748004 A CN 202110748004A CN 113407927 B CN113407927 B CN 113407927B
Authority
CN
China
Prior art keywords
login
identification information
target
determining
logged
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110748004.8A
Other languages
Chinese (zh)
Other versions
CN113407927A (en
Inventor
钟尧
安晓江
蒋红宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Haitai Fangyuan High Technology Co Ltd
Original Assignee
Beijing Haitai Fangyuan High Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Haitai Fangyuan High Technology Co Ltd filed Critical Beijing Haitai Fangyuan High Technology Co Ltd
Priority to CN202110748004.8A priority Critical patent/CN113407927B/en
Publication of CN113407927A publication Critical patent/CN113407927A/en
Application granted granted Critical
Publication of CN113407927B publication Critical patent/CN113407927B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication

Abstract

The invention discloses a login method, a device, equipment and a medium, wherein after receiving a login request for a pre-login system, the method determines the system identification information, login time and the number of logged-in service systems of login equipment, wherein the number of the logged-in service systems is n, and if the difference value between the current time and the login time of the last logged-in system in target login information is less than a preset time threshold value, the login request is determined to be continuous access; if the number N of the logged-in service systems reaches the preset number threshold value N, the login equipment is determined to successfully log in the pre-logged-in service systems without being verified by the authentication center, so that the access amount of the authentication center is reduced, and the login request speed is increased.

Description

Login method, device, equipment and medium
Technical Field
The present invention relates to the field of computer technologies, and in particular, to a login method, device, apparatus, and medium.
Background
In the prior art, when a user logs in a service system through a login device, an independent authentication center is generally needed to verify a user account and a password, only the authentication center can receive information such as the user account and the password, and other service systems only receive indirect authorization of the authentication center without providing a login entry. The indirect authorization is realized through an authorization token, the authentication center sends the authorization token to the service system after successfully verifying the user account and the password, and the service system takes the authorization token and then creates a session with the login equipment, so that the login equipment successfully logs in the pre-logged service system.
Specifically, fig. 1 is a schematic diagram of an interaction process of a login device, a service system, and an authentication center provided in the prior art, where as shown in fig. 1, the login device sends an access request to a service system a through a browser, after the service system a receives the access request, verification fails because a user account is not logged in, and the service system a jumps a current page to an authentication page of the authentication center and uses an address of the service system a as a parameter. The authentication center determines that the user account is not logged in, and therefore returns information for failing to verify and reminding the user to log in the account.
The login equipment sends a login request for logging in the service system A to the authentication center, wherein the login request carries a user account, a password and an address of the pre-logged service system A. And after the authentication center successfully verifies the user account and the password, creating a session and an authorization token, and sending the authorization token to the service system A according to the address of the service system A. And after receiving the authorization token, the service system A sends the authorization token and the address of the service system A to the authentication center in order to verify the validity of the authorization token. And after receiving the authorization token and the address of the service system A, the authentication center determines that the authorization token is valid based on the address of the service system A, registers by adopting the received address of the service system A, and returns the information that the authorization token is valid to the service system A. And after determining that the authorization token is valid, the service system A creates a session between the service system A and the login equipment, so that the login equipment logs in the service system A and accesses protected resources.
When a single authentication center is responsible for the verification of a large service system group, the authentication center needs to make an access application to the authentication center because the project of the large service system group comprises dozens of service systems and the login equipment needs to make a login access to the service systems in the service system group, so that the request is slow or even blocked because the access amount of the authentication center is too large.
Disclosure of Invention
The invention provides a login method, a login device and a login medium, which are used for solving the problem that in the prior art, when a single authentication center is responsible for the verification of a service system group, the request is slow and even blocked due to too large access amount.
The invention provides a login method, which comprises the following steps:
receiving a login request for a pre-login service system, wherein the login request comprises target equipment identification information of login equipment, target system identification information of the pre-login service system and current time;
determining system identification information, login time and number of the logged-in service systems of the login equipment according to the target equipment identification information and a corresponding relation between prestored equipment identification information and login information, wherein the number of the logged-in service systems is n;
if the difference value between the current time and the login time of the last logged-in service system of the login device is smaller than a preset time threshold, determining that the login request is continuous access, and if the number N reaches a preset number threshold N, determining that the login device successfully logs in the service system identified by the target system identification information.
Further, before determining that the login device successfully logs in the service system identified by the target system identification information, the method further includes:
determining M coordinates on a curve corresponding to the curve function of the N-1 times according to a pre-generated curve function of the N-1 times, and randomly distributing the M coordinates to M service systems, wherein N is smaller than M, and a constant item coefficient of the curve function of the N-1 times is login state identification information;
determining target login state identification information in the curve function for the N-1 times according to N-1 coordinates corresponding to any N-1 logged-in service systems and coordinates corresponding to a pre-logged-in service system identified by the target system identification information;
and if the target login state identification information is the same as the login state identification information, executing the subsequent step of determining that the login equipment successfully logs in the service system identified by the target system identification information.
Further, the method further comprises:
and if the target login state identification information is different from the login state identification information, determining that the login equipment does not successfully log in the service system identified by the target system identification information.
Further, the determining, according to the target device identification information and the correspondence between the device identification information and the login information that are pre-stored, the system identification information and the login time of the n service systems that the login device has logged in includes:
determining target login information corresponding to the target equipment identification information according to the target equipment identification information and a corresponding relation between pre-stored equipment identification information and login information;
and if the target system identification information does not exist in the target login information, determining the system identification information and the login time of the n service systems which are logged in by the login equipment from the target login information.
Further, the method further comprises:
and if the target system identification information exists in the target login information, determining that the login equipment has logged in the service system identified by the target system identification information.
Further, the method further comprises:
if the difference is not smaller than the preset time threshold or if the number N does not reach the preset number threshold N, sending a login request to an authentication center according to a user account and a password carried by the login request;
and receiving an authorization token sent by the authentication center, and determining that the login equipment successfully logs in the service system identified by the target system identification information.
Accordingly, the present invention provides a login device, the device comprising:
the system comprises a receiving module, a pre-login service system and a processing module, wherein the receiving module is used for receiving a login request of the pre-login service system, and the login request comprises target equipment identification information of login equipment, target system identification information of the pre-login service system and current time;
the determining module is used for determining system identification information, login time and number of n logged-in service systems of the login equipment according to the target equipment identification information and a corresponding relation between pre-stored equipment identification information and login information, wherein the number of the logged-in service systems is n; if the difference value between the current time and the login time of the last logged-in service system of the login device is smaller than a preset time threshold, determining that the login request is continuous access, and if the number N reaches a preset number threshold N, determining that the login device successfully logs in the service system identified by the target system identification information.
Further, the determining module is further configured to determine, before the login device is determined to successfully log in the service system identified by the target system identification information, M coordinates located on a curve corresponding to the N-1-time curve function according to a pre-generated N-1-time curve function, and randomly allocate the M coordinates to the M service systems, where N is smaller than M, and a constant term coefficient of the N-1-time curve function is login state identification information; determining target login state identification information in the curve function for the N-1 times according to N-1 coordinates corresponding to any N-1 logged-in service systems and coordinates corresponding to a pre-logged-in service system identified by the target system identification information; and if the target login state identification information is the same as the login state identification information, executing the subsequent step of determining that the login equipment successfully logs in the service system identified by the target system identification information.
Further, the determining module is further configured to determine that the login device does not successfully log in the service system identified by the target system identification information if the target login state identification information is different from the login state identification information.
Further, the determining module is specifically configured to determine target login information corresponding to the target device identification information according to the target device identification information and a correspondence between pre-stored device identification information and login information; and if the target system identification information does not exist in the target login information, determining the system identification information and the login time of the n service systems which are logged in by the login equipment from the target login information.
Further, the determining module is specifically configured to determine that the login device has logged in the service system identified by the target system identification information if the target system identification information exists in the target login information.
Further, the determining module is further configured to send a login request to an authentication center according to a user account and a password carried by the login request if the difference is not smaller than the preset time threshold or if the number N does not reach the preset number threshold N; and receiving an authorization token sent by the authentication center, and determining that the login equipment successfully logs in the service system identified by the target system identification information.
Accordingly, the present invention provides an electronic device comprising: the system comprises a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory complete mutual communication through the communication bus; the memory has stored therein a computer program which, when executed by the processor, causes the processor to perform the steps of any of the above-described image banding artifact removal methods.
Accordingly, the present invention provides a computer readable storage medium having stored thereon a computer program which, when being executed by a processor, carries out the steps of any one of the above-mentioned logging methods.
The invention provides a login method, a device, equipment and a medium, wherein after receiving a login request for a pre-login system, the method determines the system identification information, login time and number of the logged-in service systems of login equipment, wherein the number of the logged-in service systems is n, and if the difference value between the current time and the login time of the last logged-in system in target login information is less than a preset time threshold value, the login request is determined to be continuous access; if the number N of the logged-in service systems reaches the preset number threshold value N, the login equipment is determined to successfully log in the pre-logged-in service systems without being verified by the authentication center, so that the access amount of the authentication center is reduced, and the login request speed is increased.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive exercise.
Fig. 1 is an interaction diagram of a login device, a service system and an authentication center provided in the prior art;
fig. 2 is a schematic process diagram of a login method according to an embodiment of the present invention;
fig. 3 is a schematic process diagram of a login method according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a login apparatus according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of another login device according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the present invention will be described in further detail with reference to the accompanying drawings, and it is apparent that the described embodiments are only a part of the embodiments of the present invention, not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In order to reduce the access amount of an authentication center and improve the login request speed, the embodiment of the invention provides a login method, a login device, login equipment and a login medium.
Example 1:
fig. 2 is a schematic process diagram of a login method according to an embodiment of the present invention, where the process includes the following steps:
s201: and receiving a login request for the pre-login service system, wherein the login request comprises target equipment identification information of login equipment, target system identification information of the pre-login service system and current time.
The login method provided by the embodiment of the invention is applied to the electronic equipment, wherein the electronic equipment can be a PC, a tablet computer, an intelligent terminal, a server and the like, and the server can be a local server or a cloud server.
In order to realize the login of the pre-login service system in the service system group, the electronic device first receives a login request for the pre-login service system, where the login request is sent by a login device, and therefore the login request carries target device identification information of the login device, and the target device identification information may be an Internet Protocol (IP) Address, a physical Access Control (MAC) Address, and the like.
In order to determine which service system the login request is directed to, the login request also carries target system identification information of the pre-login service system, where the target system identification information may be a system number of the pre-login service system in the service system group, or a website of the service system, and the like, and the login request also carries current time, and the current time is time when the login request is generated by the login device.
S202: and determining the system identification information, login time and number of the logged-in service systems of the login equipment according to the target equipment identification information and the corresponding relation between the pre-stored equipment identification information and the login information, wherein the number of the logged-in service systems is n.
In order to realize the login of the pre-login system, the electronic device further stores a corresponding relationship between device identification information and login information, wherein the login information includes system identification information and login time of a logged-in service system, and the number of the logged-in service systems in the login information corresponding to each device identification information in the corresponding relationship may be 1, or may be 2 or more.
According to the target device identification information in the obtained login request and the corresponding relation between the device identification information and the login information which is stored in advance, the target login information corresponding to the target device identification information is determined in the corresponding relation, so that the system identification information and the login time of the business system which is logged in by the login device are determined from the target login information, the number of the logged business systems is determined, and the number is represented by a letter n.
S203: if the difference value between the current time and the login time of the last logged-in service system of the login device is smaller than a preset time threshold, determining that the login request is continuous access, and if the number N reaches a preset number threshold N, determining that the login device successfully logs in the service system identified by the target system identification information.
In order to reduce access requests to the authentication center, in the embodiment of the present invention, after it is determined that the login device performs continuous access to the service systems in the service system group and it is determined that the number of the logged-in service systems of the login device reaches a certain number, the remaining unregistered service systems in the service system group may be directly logged in without passing authentication of the authentication center.
In order to determine whether the login device performs continuous access, in the embodiment of the present invention, a preset time threshold is preset, where the preset time threshold is set based on experience, and if it is desired to improve the security of the login service system, the preset time threshold may be set to be smaller, and if it is desired to improve the robustness of the login service system, the preset time threshold may be set to be larger.
And according to the login time of the last logged-in service system and the current time of the pre-logged-in service system, determining the difference value between the current time and the login time of the last logged-in service system.
According to the difference and the preset time threshold, if the difference is smaller than the preset time threshold, the login request can be determined to be continuous access to the service systems in the service system group, and if the difference is not smaller than the preset time threshold, the login request can be determined not to be continuous access to the service systems in the service system group.
After the login request is determined to be continuous access, in order to determine whether the number of the logged-in service systems reaches a certain number, in the embodiment of the present invention, a preset number threshold N is preset, where the preset number threshold N is preset based on experience, and if it is desired to improve the security of system login, the preset number threshold N may be set to be larger, and if it is desired to improve the robustness of system login, the preset number threshold N may be set to be smaller.
If the number of the logged-in service systems is not less than the preset number threshold value N, it can be determined that the number of the logged-in service systems reaches a certain number, and if the number of the logged-in service systems is less than the preset number threshold value N, it can be determined that the number of the logged-in service systems does not reach the certain number.
And if the number N reaches the preset number threshold N, determining that the login equipment successfully logs in the service system identified by the target system identification information.
After receiving a login request for a pre-login system, determining system identification information, login time and number of service systems logged in by login equipment, wherein the number of the logged-in service systems is n, and if a difference value between the current time and the login time of the last logged-in system in target login information is smaller than a preset time threshold, determining that the login request is continuous access; if the number N of the logged-in service systems reaches the preset number threshold value N, the login equipment is determined to successfully log in the pre-logged-in service systems without being verified by the authentication center, so that the access amount of the authentication center is reduced, and the login request speed is increased.
Example 2:
in order to improve the security of system login, on the basis of the foregoing embodiment, in an embodiment of the present invention, before determining that the login device successfully logs in the service system identified by the target system identification information, the method further includes:
determining M coordinates on a curve corresponding to the curve function of the N-1 times according to a pre-generated curve function of the N-1 times, and randomly distributing the M coordinates to M service systems, wherein N is smaller than M, and a constant item coefficient of the curve function of the N-1 times is login state identification information;
determining target login state identification information in the curve function for the N-1 times according to N-1 coordinates corresponding to any N-1 logged-in service systems and coordinates corresponding to a pre-logged-in service system identified by the target system identification information;
and if the target login state identification information is the same as the login state identification information, executing the subsequent step of determining that the login equipment successfully logs in the service system identified by the target system identification information.
In the embodiment of the invention, in order to log in the service system, the login state identification information is generated in advance, and the login into the service system is determined based on the login state identification information. In order to prevent the security of the login service system from being reduced due to the fact that the login state identification information is leaked, in the embodiment of the invention, the login state identification information is preset to be a constant, and an N-1-time curve function is generated in advance based on the login state identification information, so that the login state identification information is hidden in the N-1-time curve function, and the risk of the login state identification information leakage is reduced.
Specifically, in a pre-generated N-1-time curve function, preset login state identification information is used as a constant term coefficient of the N-1-time curve function, wherein N is a preset number threshold, and the login state identification information is hidden in the N-1-time curve function, so that the safety of the login state identification information is improved.
For example, the N-1 th-order curve function is f (x) ═ L + a1x+A2x2+……+AN-1xN-1The constant term L in the N-1-th-order curve function is preset registration state identification information, and if N is 2, a first-order curve function is generated in advance, and if N is 3, a second-order curve function is generated in advance, and y is ax2+ bx + c, the constant term coefficient c of the quadratic curve function is the login state identification information hidden in the quadratic curve function.
The number of the service systems contained in the service system group is M, M coordinates are determined according to the curve function of the N-1 times, the M coordinates are randomly distributed to the M service systems, each coordinate can be represented by (M, f (M)), and the M coordinates are all located on the curve corresponding to the curve function of the N-1 times. The total number of the service systems included in the service system group is M, and the preset number threshold N does not reach the total number M of the service systems, so N is certainly smaller than M.
For example, the service system group includes 5 service systems, and the preset number threshold N is 3, that is, after logging in 3 of the service systems, the remaining 2 service systems in the service system group may be directly logged in. According to the function of a quadratic curve y ═ ax2And determining 5 coordinates by + bx + c, randomly allocating the 5 coordinates to 5 service systems, wherein the coordinates corresponding to the 5 service systems are the coordinates of 5 points on the curve corresponding to the quadratic curve function.
And when the number N of the logged-in service systems is greater than a preset number threshold value N, randomly selecting any N-1 service systems from the N logged-in service systems, determining N-1 coordinates corresponding to the N-1 service systems, and determining the coordinates corresponding to the pre-logged-in service system identified by the target system identification information.
And determining a curve function for N-1 times according to the N-1 coordinates corresponding to the N-1 service systems and the coordinates corresponding to the pre-login service system, and determining the identification information of the target login state according to the curve function for N-1 times. According to the determined target login state identification information and the pre-stored login state identification information, if the target login state identification information is the same as the login state identification information, the login request is a login request generated and sent by the login device and is not modified in the sending process, and therefore the subsequent step of determining that the login device successfully logs in the service system identified by the target system identification information is executed.
If the target login state identification information is different from the login state identification information, the login request is not the login request generated and sent by the login equipment, and is modified in the sending process, and the fact that the login equipment does not successfully log in the service system identified by the target system identification information is determined.
Example 3:
in order to improve the login efficiency of the pre-login service system and reduce resource consumption, on the basis of the foregoing embodiments, in an embodiment of the present invention, the determining, according to the target device identification information and the correspondence between the pre-stored device identification information and login information, the system identification information and the login time of n service systems that the login device has logged in to includes:
determining target login information corresponding to the target equipment identification information according to the target equipment identification information and a corresponding relation between pre-stored equipment identification information and login information;
and if the target system identification information does not exist in the target login information, determining the system identification information and the login time of the n service systems which are logged in by the login equipment from the target login information.
In order to improve the login efficiency of the pre-login service system, in the embodiment of the invention, before determining the system identification information and the login time of the n service systems which are logged in by the login equipment, the electronic equipment also determines in advance whether the login equipment has logged in the pre-login service system identified by the target system identification information.
And determining the identification information of the target equipment in the corresponding relation according to the identification information of the target equipment and the corresponding relation between the pre-stored equipment identification information and the login information, and determining the target login information corresponding to the identification information of the target equipment.
Judging whether target system identification information exists in the target login information according to the target login information corresponding to the target equipment identification information, if the target system identification information does not exist in the target login information, indicating that the login equipment does not log in the pre-login service system identified by the target system identification information, and determining the system identification information and the login time of the n service systems logged in by the login equipment from the target login information.
If the target login information includes target system identification information, in the embodiment of the present invention, the method further includes:
and if the target system identification information exists in the target login information, determining that the login equipment has logged in the service system identified by the target system identification information.
If the target login information contains the target system identification information, the login equipment is indicated to already log in the pre-login service system identified by the target system identification information, so that the pre-login service system does not need to be logged in again, and the pre-login service system can be directly used.
Example 4:
in order to realize the login of the pre-login service system, on the basis of the foregoing embodiments, in an embodiment of the present invention, the method further includes:
if the difference is not smaller than the preset time threshold or if the number N does not reach the preset number threshold N, sending a login request to an authentication center according to a user account and a password carried by the login request;
and receiving an authorization token sent by the authentication center, and determining that the login equipment successfully logs in the service system identified by the target system identification information.
If the difference is not less than the preset time threshold or the number n of the logged-in service systems does not reach the preset number threshold, it indicates that the logging-in device cannot directly log in the pre-logged-in service system. Therefore, in order to realize the login of the pre-login service system, in the embodiment of the present invention, the electronic device further sends a login request to the authentication center according to the user account and the password carried in the login request. The process of the authentication center performing authentication based on the user account and the password belongs to the prior art, and is not described in detail in the embodiment of the present invention.
If the authorization token sent by the authentication center is received, the authentication center is proved to pass the authentication of the user account and the password, and the login equipment is determined to successfully log in the service system identified by the identification information of the target system. Specifically, the service system in which the login device logs in the identification information of the target system based on the authorization token belongs to the prior art, and details thereof are not described in the embodiment of the present invention.
As a possible implementation manner, in the embodiment of the present invention, after determining that the login device successfully logs in the service system identified by the target system identification information, the target system identification information and the current time of the pre-login service system in the login request are also recorded in the target login information.
Specifically, if the difference between the current time and the login time of the last logged-in service system is not less than the preset time threshold, deleting the data in the target login information identified by the target device identification information, and writing the target system identification information of the pre-logged-in service system and the current time in the login request into the target login information again. And if the difference value is smaller than the preset time threshold value, directly writing the target system identification information and the current time of the pre-login service system in the login request into the target login information.
Example 5:
a process of a login method is fully described below by a specific embodiment, and fig. 3 is a schematic process diagram of a login method provided by an embodiment of the present invention, as shown in fig. 3, the method includes the following steps:
s301: and receiving a login request for the pre-login service system, wherein the login request comprises target equipment identification information of login equipment, target system identification information of the pre-login service system and current time.
S302: and determining target login information corresponding to the target equipment identification information according to the target equipment identification information and the corresponding relation between the equipment identification information and the login information which is stored in advance.
S303: it is determined whether target system identification information is present in the target registration information, and if so, S304 is performed, and if not, S305 is performed.
S304: and determining that the login equipment has logged in the service system identified by the target system identification information.
S305: and determining system identification information and login time of the n service systems which are logged in by the login equipment from the target login information.
S306: and judging whether the difference value between the current time and the login time of the last logged-in service system of the login device is smaller than a preset time threshold value, if so, performing S307, and if not, performing S314.
S307: the login request is determined to be a continuous access.
S308: and judging whether the number N of the logged service systems of the logging device reaches a preset number threshold value N, if so, performing S309, and if not, performing S314.
S309: and determining M coordinates on a curve corresponding to the curve function of the N-1 times according to a pre-generated curve function of the N-1 times, and randomly distributing the M coordinates to M service systems, wherein N is smaller than M, and a constant term coefficient of the curve function of the N-1 times is login state identification information.
S310: and determining target login state identification information in the curve function for N-1 times according to N-1 coordinates corresponding to any N-1 logged service systems and coordinates corresponding to the pre-logged service system identified by the target system identification information.
S311: and judging whether the target login state identification information is the same as the login state identification information, if so, performing S312, and if not, performing S313.
S312: and determining that the login equipment successfully logs in the service system identified by the target system identification information.
S313: and determining that the login equipment does not successfully log in the service system identified by the target system identification information.
S314: and sending a login request to an authentication center according to a user account and a password carried by the login request, receiving an authorization token sent by the authentication center, and determining that the login equipment successfully logs in the service system identified by the target system identification information.
Example 6:
fig. 4 is a schematic structural diagram of a login apparatus according to an embodiment of the present invention, and based on the foregoing embodiments, a login apparatus according to an embodiment of the present invention further includes:
a receiving module 401, configured to receive a login request for a pre-login service system, where the login request includes target device identification information of a login device, target system identification information of the pre-login service system, and current time;
a determining module 402, configured to determine system identification information, login time, and number of n service systems that have been logged in by the login device according to the target device identification information and a correspondence between pre-stored device identification information and login information, where the number of the logged-in service systems is n; if the difference value between the current time and the login time of the last logged-in service system of the login device is smaller than a preset time threshold, determining that the login request is continuous access, and if the number N reaches a preset number threshold N, determining that the login device successfully logs in the service system identified by the target system identification information.
Further, the determining module is further configured to determine, before the login device is determined to successfully log in the service system identified by the target system identification information, M coordinates located on a curve corresponding to the N-1-time curve function according to a pre-generated N-1-time curve function, and randomly allocate the M coordinates to the M service systems, where N is smaller than M, and a constant term coefficient of the N-1-time curve function is login state identification information; determining target login state identification information in the curve function for the N-1 times according to N-1 coordinates corresponding to any N-1 logged-in service systems and coordinates corresponding to a pre-logged-in service system identified by the target system identification information; and if the target login state identification information is the same as the login state identification information, executing the subsequent step of determining that the login equipment successfully logs in the service system identified by the target system identification information.
Further, the determining module is further configured to determine that the login device does not successfully log in the service system identified by the target system identification information if the target login state identification information is different from the login state identification information.
Further, the determining module is specifically configured to determine target login information corresponding to the target device identification information according to the target device identification information and a correspondence between pre-stored device identification information and login information; and if the target system identification information does not exist in the target login information, determining the system identification information and the login time of the n service systems which are logged in by the login equipment from the target login information.
Further, the determining module is specifically configured to determine that the login device has logged in the service system identified by the target system identification information if the target system identification information exists in the target login information.
Further, the determining module is further configured to send a login request to an authentication center according to a user account and a password carried by the login request if the difference is not smaller than the preset time threshold or if the number N does not reach the preset number threshold N; and receiving an authorization token sent by the authentication center, and determining that the login equipment successfully logs in the service system identified by the target system identification information.
Fig. 5 is a schematic structural diagram of another login apparatus according to an embodiment of the present invention, as shown in fig. 5, the login apparatus includes: a time threshold control module 501, a user access information recording module 502, a login state generating module 503, a user login state recording module 504 and an access authority judging module 505.
The time threshold control module 501 is configured to receive a login request for a pre-login service system, determine whether a difference between a current time and a login time of a last logged-in service system of a login device is smaller than a preset time threshold, trigger the user access information recording module 502 if the difference is not smaller than the preset time threshold, and trigger the user access information recording module 502 and the access right determining module 505 if the difference is smaller than the preset time threshold. In the embodiment of the present invention, the time threshold control module 501 is equivalent to the receiving module 401 and the determining module 402.
The user access information recording module 502 is configured to record login information for the device identification information, specifically, record system identification information and login time of a service system that a login device identified by the device identification information has logged in. In the embodiment of the present invention, the user access information recording module 502 corresponds to the determination module 402.
Specifically, if the difference is not less than the preset time threshold, it indicates that the login request is not continuous access, the user accesses the information recording module 502, deletes the data in the login information identified in the device identification information, and restarts recording the system identification information and login time of the service system that is requested to log in this time. If the difference is smaller than the preset time threshold, the login request is continuous access, and the system identification information and the login time of the service system which is requested to be logged in this time are recorded in the login information identified by the equipment identification information.
And the login state generating module 503 is configured to determine M coordinates on a curve corresponding to the N-1-time curve function according to a pre-generated N-1-time curve function, where N is smaller than M, and a constant term coefficient of the N-1-time curve function is login state identification information.
And the user login state recording module 504 is configured to randomly allocate the M coordinates to the M service systems.
An access authority judgment module 505, configured to obtain target login information corresponding to the target device identification information from the access information recording module 402 according to the target device identification information and a correspondence between pre-stored device identification information and login information, determine the number N of logged-in service systems of the login device, and if the number N reaches a preset number threshold N, determine target login state identification information in the N-1-time curve function according to N-1 coordinates corresponding to any N-1 logged-in service systems and coordinates corresponding to pre-logged-in service systems identified by the target system identification information; and if the target login state identification information is the same as the login state identification information, determining that the login equipment successfully logs in the service system identified by the target system identification information. In the embodiment of the present invention, the login state generating module 503, the user login state recording module 504, and the access right judging module 505 are equivalent to the determining module 402.
Example 7:
fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present invention, and on the basis of the foregoing embodiments, an electronic device according to an embodiment of the present invention is further provided, where the electronic device includes a processor 601, a communication interface 602, a memory 603, and a communication bus 604, where the processor 601, the communication interface 602, and the memory 603 complete communication therebetween through the communication bus 604;
the memory 603 has stored therein a computer program which, when executed by the processor 601, causes the processor 601 to perform the steps of:
receiving a login request for a pre-login service system, wherein the login request comprises target equipment identification information of login equipment, target system identification information of the pre-login service system and current time;
determining system identification information, login time and number of the logged-in service systems of the login equipment according to the target equipment identification information and a corresponding relation between prestored equipment identification information and login information, wherein the number of the logged-in service systems is n;
if the difference value between the current time and the login time of the last logged-in service system of the login device is smaller than a preset time threshold, determining that the login request is continuous access, and if the number N reaches a preset number threshold N, determining that the login device successfully logs in the service system identified by the target system identification information.
Further, the processor 601 is further configured to, before the determining that the login device successfully logs in the service system identified by the target system identification information, the method further includes:
determining M coordinates on a curve corresponding to the curve function of the N-1 times according to a pre-generated curve function of the N-1 times, and randomly distributing the M coordinates to M service systems, wherein N is smaller than M, and a constant item coefficient of the curve function of the N-1 times is login state identification information;
determining target login state identification information in the curve function for the N-1 times according to N-1 coordinates corresponding to any N-1 logged-in service systems and coordinates corresponding to a pre-logged-in service system identified by the target system identification information;
and if the target login state identification information is the same as the login state identification information, executing the subsequent step of determining that the login equipment successfully logs in the service system identified by the target system identification information.
Further, the processor 601 is further configured to determine that the login device does not successfully log in the service system identified by the target system identification information if the target login state identification information is different from the login state identification information.
Further, the determining, by the processor 601, system identification information and login time of n service systems that the login device has logged in according to the target device identification information and a correspondence between pre-stored device identification information and login information includes:
determining target login information corresponding to the target equipment identification information according to the target equipment identification information and a corresponding relation between pre-stored equipment identification information and login information;
and if the target system identification information does not exist in the target login information, determining the system identification information and the login time of the n service systems which are logged in by the login equipment from the target login information.
Further, the processor 601 is further configured to determine that the login device has logged in the service system identified by the target system identification information if the target system identification information exists in the target login information.
Further, the processor 601 is further configured to send a login request to an authentication center according to a user account and a password carried in the login request if the difference is not smaller than the preset time threshold or if the number N does not reach the preset number threshold N;
and receiving an authorization token sent by the authentication center, and determining that the login equipment successfully logs in the service system identified by the target system identification information.
The communication bus mentioned in the electronic device may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The communication bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown, but this does not mean that there is only one bus or one type of bus.
The communication interface 602 is used for communication between the above-described electronic apparatus and other apparatuses.
The Memory may include a Random Access Memory (RAM) or a Non-Volatile Memory (NVM), such as at least one disk Memory. Alternatively, the memory may be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, including a central processing unit, a Network Processor (NP), and the like; but may also be a Digital instruction processor (DSP), an application specific integrated circuit, a field programmable gate array or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or the like.
Example 8:
on the basis of the foregoing embodiments, an embodiment of the present invention further provides a computer-readable storage medium, which stores a computer program, where the computer program is executed by a processor to perform the following steps:
receiving a login request for a pre-login service system, wherein the login request comprises target equipment identification information of login equipment, target system identification information of the pre-login service system and current time;
determining system identification information, login time and number of the logged-in service systems of the login equipment according to the target equipment identification information and a corresponding relation between prestored equipment identification information and login information, wherein the number of the logged-in service systems is n;
if the difference value between the current time and the login time of the last logged-in service system of the login device is smaller than a preset time threshold, determining that the login request is continuous access, and if the number N reaches a preset number threshold N, determining that the login device successfully logs in the service system identified by the target system identification information.
Further, before determining that the login device successfully logs in the service system identified by the target system identification information, the method further includes:
determining M coordinates on a curve corresponding to the curve function of the N-1 times according to a pre-generated curve function of the N-1 times, and randomly distributing the M coordinates to M service systems, wherein N is smaller than M, and a constant item coefficient of the curve function of the N-1 times is login state identification information;
determining target login state identification information in the curve function for the N-1 times according to N-1 coordinates corresponding to any N-1 logged-in service systems and coordinates corresponding to a pre-logged-in service system identified by the target system identification information;
and if the target login state identification information is the same as the login state identification information, executing the subsequent step of determining that the login equipment successfully logs in the service system identified by the target system identification information.
Further, the method further comprises:
and if the target login state identification information is different from the login state identification information, determining that the login equipment does not successfully log in the service system identified by the target system identification information.
Further, the determining, according to the target device identification information and the correspondence between the device identification information and the login information that are pre-stored, the system identification information and the login time of the n service systems that the login device has logged in includes:
determining target login information corresponding to the target equipment identification information according to the target equipment identification information and a corresponding relation between pre-stored equipment identification information and login information;
and if the target system identification information does not exist in the target login information, determining the system identification information and the login time of the n service systems which are logged in by the login equipment from the target login information.
Further, the method further comprises:
and if the target system identification information exists in the target login information, determining that the login equipment has logged in the service system identified by the target system identification information.
Further, the method further comprises:
if the difference is not smaller than the preset time threshold or if the number N does not reach the preset number threshold N, sending a login request to an authentication center according to a user account and a password carried by the login request;
and receiving an authorization token sent by the authentication center, and determining that the login equipment successfully logs in the service system identified by the target system identification information.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present application without departing from the spirit and scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.

Claims (14)

1. A method of logging in, the method comprising:
receiving a login request for a pre-login service system, wherein the login request comprises target equipment identification information of login equipment, target system identification information of the pre-login service system and current time;
determining system identification information, login time and number of the logged-in service systems of the login equipment according to the target equipment identification information and a corresponding relation between prestored equipment identification information and login information, wherein the number of the logged-in service systems is n;
if the difference value between the current time and the login time of the last logged-in service system of the login device is smaller than a preset time threshold, determining that the login request is continuous access, and if the number N reaches a preset number threshold N, determining that the login device successfully logs in the service system identified by the target system identification information.
2. The method of claim 1, wherein before determining that the login device successfully logs in the service system identified by the target system identification information, the method further comprises:
determining M coordinates on a curve corresponding to the curve function of the N-1 times according to a pre-generated curve function of the N-1 times, and randomly distributing the M coordinates to M service systems, wherein N is smaller than M, and a constant item coefficient of the curve function of the N-1 times is login state identification information;
determining target login state identification information in the curve function for the N-1 times according to N-1 coordinates corresponding to any N-1 logged-in service systems and coordinates corresponding to a pre-logged-in service system identified by the target system identification information;
and if the target login state identification information is the same as the login state identification information, executing the subsequent step of determining that the login equipment successfully logs in the service system identified by the target system identification information.
3. The method of claim 2, further comprising:
and if the target login state identification information is different from the login state identification information, determining that the login equipment does not successfully log in the service system identified by the target system identification information.
4. The method according to claim 1, wherein the determining system identification information and login time of the n service systems that the login device has logged in according to the target device identification information and a correspondence between pre-stored device identification information and login information comprises:
determining target login information corresponding to the target equipment identification information according to the target equipment identification information and a corresponding relation between pre-stored equipment identification information and login information;
and if the target system identification information does not exist in the target login information, determining the system identification information and the login time of the n service systems which are logged in by the login equipment from the target login information.
5. The method of claim 4, further comprising:
and if the target system identification information exists in the target login information, determining that the login equipment has logged in the service system identified by the target system identification information.
6. The method of claim 1, further comprising:
if the difference is not smaller than the preset time threshold or if the number N does not reach the preset number threshold N, sending a login request to an authentication center according to a user account and a password carried by the login request;
and receiving an authorization token sent by the authentication center, and determining that the login equipment successfully logs in the service system identified by the target system identification information.
7. A login apparatus, the apparatus comprising:
the system comprises a receiving module, a pre-login service system and a processing module, wherein the receiving module is used for receiving a login request of the pre-login service system, and the login request comprises target equipment identification information of login equipment, target system identification information of the pre-login service system and current time;
the determining module is used for determining system identification information, login time and number of n logged-in service systems of the login equipment according to the target equipment identification information and a corresponding relation between pre-stored equipment identification information and login information, wherein the number of the logged-in service systems is n; if the difference value between the current time and the login time of the last logged-in service system of the login device is smaller than a preset time threshold, determining that the login request is continuous access, and if the number N reaches a preset number threshold N, determining that the login device successfully logs in the service system identified by the target system identification information.
8. The apparatus according to claim 7, wherein the determining module is further configured to, before the login device is determined to successfully log in the service system identified by the target system identification information, determine, according to a pre-generated N-1-times curve function, M coordinates located on a curve corresponding to the N-1-times curve function, and randomly allocate the M coordinates to M service systems, where N is smaller than M, and a constant term coefficient of the N-1-times curve function is login state identification information; determining target login state identification information in the curve function for the N-1 times according to N-1 coordinates corresponding to any N-1 logged-in service systems and coordinates corresponding to a pre-logged-in service system identified by the target system identification information; and if the target login state identification information is the same as the login state identification information, executing the subsequent step of determining that the login equipment successfully logs in the service system identified by the target system identification information.
9. The apparatus of claim 8, wherein the determining module is further configured to determine that the login device is not successful in logging in the service system identified by the target system identification information if the target login-state identification information is different from the login-state identification information.
10. The apparatus according to claim 7, wherein the determining module is specifically configured to determine target login information corresponding to the target device identification information according to the target device identification information and a correspondence between pre-stored device identification information and login information; and if the target system identification information does not exist in the target login information, determining the system identification information and the login time of the n service systems which are logged in by the login equipment from the target login information.
11. The apparatus according to claim 10, wherein the determining module is further configured to determine that the login device has logged in the service system identified by the target system identification information if the target system identification information exists in the target login information.
12. The apparatus according to claim 7, wherein the determining module is further configured to send a login request to an authentication center according to a user account and a password carried in the login request if the difference is not smaller than the preset time threshold or if the number N does not reach the preset number threshold N; and receiving an authorization token sent by the authentication center, and determining that the login equipment successfully logs in the service system identified by the target system identification information.
13. An electronic device, comprising: the system comprises a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory complete mutual communication through the communication bus;
the memory has stored therein a computer program which, when executed by the processor, causes the processor to perform the method of any of claims 1-6.
14. A computer-readable storage medium, in which a computer program is stored which is executable by a processor, which program, when run on the processor, causes the processor to carry out the method of any one of claims 1-6.
CN202110748004.8A 2021-07-02 2021-07-02 Login method, device, equipment and medium Active CN113407927B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110748004.8A CN113407927B (en) 2021-07-02 2021-07-02 Login method, device, equipment and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110748004.8A CN113407927B (en) 2021-07-02 2021-07-02 Login method, device, equipment and medium

Publications (2)

Publication Number Publication Date
CN113407927A CN113407927A (en) 2021-09-17
CN113407927B true CN113407927B (en) 2021-12-24

Family

ID=77680876

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110748004.8A Active CN113407927B (en) 2021-07-02 2021-07-02 Login method, device, equipment and medium

Country Status (1)

Country Link
CN (1) CN113407927B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104270391A (en) * 2014-10-24 2015-01-07 中国建设银行股份有限公司 Method and device for processing access request
CA2894091A1 (en) * 2014-06-12 2015-12-12 Nadapass, Inc. Password-less authentication system and method
CN107483418A (en) * 2017-07-27 2017-12-15 阿里巴巴集团控股有限公司 Login process method, method for processing business, device and server
CN111769939A (en) * 2020-06-29 2020-10-13 北京海泰方圆科技股份有限公司 Business system access method and device, storage medium and electronic equipment

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2894091A1 (en) * 2014-06-12 2015-12-12 Nadapass, Inc. Password-less authentication system and method
CN104270391A (en) * 2014-10-24 2015-01-07 中国建设银行股份有限公司 Method and device for processing access request
CN107483418A (en) * 2017-07-27 2017-12-15 阿里巴巴集团控股有限公司 Login process method, method for processing business, device and server
CN111769939A (en) * 2020-06-29 2020-10-13 北京海泰方圆科技股份有限公司 Business system access method and device, storage medium and electronic equipment

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
供电企业门户单点登录及内容管理子系统的设计与实现;韦吉文;《中国优秀硕士学位论文全文数据库 信息科技辑》;20110815;全文 *

Also Published As

Publication number Publication date
CN113407927A (en) 2021-09-17

Similar Documents

Publication Publication Date Title
US20210139127A1 (en) Methods and systems for identifying and authorizing a user based on a mini-game login
CN107612895B (en) Internet anti-attack method and authentication server
CN107426235B (en) Authority authentication method, device and system based on equipment fingerprint
CN107733883B (en) Method and device for detecting account numbers registered in batches
CN108900561A (en) The method, apparatus and system of single-sign-on
CN106357694B (en) Access request processing method and device
CN110069909B (en) Method and device for login of third-party system without secret
CN110324344B (en) Account information authentication method and device
CN105939491A (en) Video playing method and device
CN112000951A (en) Access method, device, system, electronic equipment and storage medium
CN107454041B (en) Method and device for preventing server from being attacked
CN110545272B (en) Identity authentication method, authority authentication method, device, user management system and storage medium
CN112948851A (en) User authentication method, device, server and storage medium
CN111881441B (en) Method for online activation of device, electronic device and storage medium
CN111259368A (en) Method and equipment for logging in system
CN108600259B (en) Authentication and binding method of equipment, computer storage medium and server
CN108235067B (en) Authentication method and device for video stream address
CN110601852B (en) Authentication and authorization method and system for electronic equipment of voice conversation platform
CN113407927B (en) Login method, device, equipment and medium
CN107276966B (en) Control method and login system of distributed system
CN111585978A (en) Method, client, server and system for intercepting false requests
CN108924149B (en) Token-based identity validity verification method and system
EP3819797B1 (en) Methods and systems for identifying and authorizing a user based on a mini-game login
CN115018509A (en) Object processing method and device, electronic equipment and storage medium
CN110730063B (en) Security verification method and system, internet of things platform, terminal and readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant