CN113656779A - User login method, system, electronic equipment and storage medium - Google Patents
User login method, system, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN113656779A CN113656779A CN202110942424.XA CN202110942424A CN113656779A CN 113656779 A CN113656779 A CN 113656779A CN 202110942424 A CN202110942424 A CN 202110942424A CN 113656779 A CN113656779 A CN 113656779A
- Authority
- CN
- China
- Prior art keywords
- user
- computer
- login
- identity
- target
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 38
- 238000013507 mapping Methods 0.000 claims abstract description 55
- 238000011084 recovery Methods 0.000 claims description 18
- 238000010586 diagram Methods 0.000 description 4
- 238000012986 modification Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 238000012795 verification Methods 0.000 description 3
- 238000011156 evaluation Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention provides a user login method, a user login system, electronic equipment and a storage medium.A first computer generates a first target login request based on a login request sent by a user, a public identity authentication unit authenticates the identity of the user according to a first identity token, and if the identity of the user passes the authentication, a second target login request is sent to a second computer indicated by a preset identity mapping relation; the second computer feeds back a second identity token generated based on the second target login request to the public identity authentication unit; if the public identity authentication unit passes the identity authentication of the user according to the second identity token, the public identity authentication unit sends identity authentication passing information of the user to the first computer and the second computer; and the first computer and the second computer respectively complete the login of the user based on the authentication passing information of the user. The invention can simultaneously satisfy the condition that the user logs in the same user on each device with the business logic relationship on the basis of improving the user experience.
Description
Technical Field
The present invention relates to the field of computer technologies, and in particular, to a user login method, a user login system, an electronic device, and a storage medium.
Background
In practical applications, users often need to log in multiple devices to complete the operation of some services. For example, for each employee of an enterprise, during their work, multiple devices may be required to log in to the enterprise, such as a device installed with a human resource system, a device installed with a work log system, a device installed with a product evaluation system, and a device installed with a product release system. Generally, an enterprise allocates a user account and a password corresponding to each device to each employee to log in the device equipped with the system, so that the enterprise management is facilitated.
However, this method requires the user to repeatedly log in between different devices, which is tedious in operation and poor in user experience, and in practical applications, sometimes the user needs to log in the same user on each device having a business logic relationship, and this method cannot meet the application requirements. The equipment with the business logic relationship can be equipment provided with a human resource system and equipment provided with a work log system, or equipment provided with the work log system and equipment provided with a product evaluation system.
Therefore, how to provide a method for simultaneously logging in the same user on each device having a business logic relationship on the basis of improving user experience is an urgent problem to be solved in the present application.
Disclosure of Invention
In view of this, the present invention provides a user login method, a user login system, an electronic device, and a storage medium, so as to achieve the purpose that a user simultaneously logs in the same user on each device having a business logic relationship on the basis of improving user experience.
The invention discloses a user login method in a first aspect, which is applied to a user login system, wherein the user login system comprises a public identity authentication unit, a first computer and a second computer, the first computer stores a preset identity mapping relation, the second computer stores the preset identity mapping relation, and the preset identity mapping relation represents that a business logic relation exists between the first computer and the second computer, and the method comprises the following steps:
a first computer generates a first target login request based on a login request sent by a user, and sends the first target login request to a public identity authentication unit, wherein the first target login request at least comprises basic information of the user, a first identity token and a preset identity mapping relation;
the public identity authentication unit authenticates the identity of the user according to the first identity token, and if the identity of the user passes the authentication, a second target login request is sent to the second computer indicated by the preset identity mapping relation;
the second computer generates a second identity token based on the second target login request and feeds the second identity token back to the public identity authentication unit;
the public identity authentication unit authenticates the identity of the user according to the second identity token, and if the identity of the user passes the authentication, the public identity authentication unit simultaneously sends authentication passing information of the user to the first computer and the second computer;
the first computer completes the login of the user based on the authentication passing information of the user;
and the second computer completes the login of the user based on the authentication passing information of the user.
Optionally, the generating, by the first computer, a first target login request based on a login request sent by a user includes:
the first computer receives a login request sent by the user, wherein the user request comprises basic information of the user, a first login account and a first login password for logging in the first computer;
the first computer generates a first identity token based on the first login account and the first login password;
the first computer obtains a preset identity mapping relation and generates a first target login request according to the basic information of the user, the first identity token and the preset identity mapping relation.
Optionally, the authenticating, by the public identity authentication unit, the user according to the first identity token includes:
acquiring target login information according to the basic information of the user, wherein the target login information comprises a target login password and a target login account;
judging whether the target login password is the same as the first login password in the first identity token or not and whether the target login account is the same as the first login account in the first identity token or not;
if the target login password is the same as the first login password in the first identity token and the target login account is the same as the first login account in the first identity token, determining that the user passes the identity authentication;
and if the target login password is not the same as the first login password in the first identity token, or the target login account is not the same as the first login account in the first identity token, determining that the authentication of the user does not pass.
Optionally, the second computer generates a corresponding second identity token based on the second target login request, including:
receiving a second target login request sent by the public identity authentication unit, wherein the second target login request at least comprises basic information of the user;
obtaining login information for logging in the second computer according to the basic information of the user, wherein the login information comprises a second login account and a second login password;
generating a second identity token based on the login information.
Optionally, the authenticating the user by the public identity authentication unit according to the second identity token includes:
judging whether the target login password is the same as the second login password in the second identity token or not and whether the target login account is the same as the second login account in the second identity token or not;
if the target login password is the same as the first login password in the second identity token and the target login account is the same as the second login account in the second identity token, determining that the identity of the user passes authentication;
and if the target login password is not the same as the second login password in the second identity token or the target login account is the same as the second login account in the second identity token, determining that the authentication of the user does not pass.
Optionally, the method includes:
when detecting that the first computer/the second computer is recovered due to a fault, the public identity authentication unit sends authentication passing information of the user to the first computer/the second computer, and simultaneously sends a data recovery request to the second computer/the first computer;
the first computer/the second computer completes the login of the user based on the authentication passing information of the user;
and the second computer/the first computer synchronizes the data of the second computer/the first computer to the first computer/the second computer based on the data recovery request.
The second aspect of the present invention discloses a user login system, which comprises a public identity authentication unit, a first computer and a second computer, wherein the first computer stores a preset identity mapping relationship, the second computer stores the preset identity mapping relationship, and the preset identity mapping relationship represents that a certain business logic relationship exists between the first computer and the second computer;
the first computer is used for generating a first target login request based on a login request sent by a user and sending the first target login request to the public identity authentication unit; after receiving the authentication passing information of the user sent by the public authentication unit, completing the login of the user based on the authentication passing information of the user; the first target login request at least comprises basic information of the user, a first identity token and an identity mapping relation;
the public identity authentication unit is used for authenticating the identity of the user according to the first identity token, and if the identity of the user passes the authentication, sending a second target login request to the second computer indicated by the preset identity mapping relation; and after receiving a second identity token which is generated based on the second target login request and fed back by the second computer, performing identity authentication on the user according to the second identity token, and if the identity authentication passes, simultaneously performing identity authentication passing information on the user to the first computer and the second computer.
The second computer is used for generating a second identity token based on the second target login request and feeding the second identity token back to the public identity authentication unit; and after receiving the authentication passing information of the user sent by the public authentication unit, finishing the login of the user based on the authentication passing information of the user.
Optionally, the first computer configured to generate a first target login request based on a login request sent by a user is specifically configured to:
receiving a login request sent by the user, wherein the user request comprises basic information of the user, a first login account and a first login password for logging in the first computer;
generating a first identity token based on the first login account number and the first login password;
and acquiring a preset identity mapping relation, and generating a first target login request according to the basic information of the user, the first identity token and the preset identity mapping relation.
In a third aspect of the invention, an electronic device is disclosed, comprising a processor and a memory, said memory being used for program code and data for user login, said processor being used for invoking program instructions in said memory for performing a user login as shown in the first aspect of the invention.
A fourth aspect of the present invention discloses a storage medium, where the storage medium includes a storage program, and when the program runs, the storage medium is controlled to execute a user login method as shown in the first aspect of the present invention.
The invention provides a user login method, a user login system, electronic equipment and a storage medium, wherein an identity mapping relation is preset and stored in a first computer and a second computer, and the identity mapping relation is used for indicating that a certain business logic relation exists between the first computer and the second computer; when the first computer receives a login request sent by a user, a first target login request generated according to the received login request is sent to the public identity authentication unit, the public identity authentication unit authenticates the user according to a first identity token in the first target login request, under the condition of passing the verification, sending a second target login request to a second computer indicated by the identity mapping relation carried in the first target login request, so that the second computer generates a second identity token according to the second target login request and sends the second identity token to the public identity authentication unit, the public identity authentication unit authenticates the user again according to the second identity token, under the condition that the identity authentication is passed, simultaneously sending the identity authentication passing information of the user to the first computer and the second computer so that the first computer completes the login of the user based on the identity authentication passing information of the user; the second computer completes the login of the user through the information based on the identity authentication of the user, the user does not need to log in the first computer and the second computer respectively, and the user experience is improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a schematic structural diagram of a user login system according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of another user login system according to an embodiment of the present invention;
fig. 3 is a schematic flowchart of a user login method according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The term "include" and variations thereof as used herein are open-ended, i.e., "including but not limited to". The term "based on" is "based, at least in part, on". The term "one embodiment" means "at least one embodiment"; the term "another embodiment" means "at least one additional embodiment"; the term "some embodiments" means "at least some embodiments". Relevant definitions for other terms will be given in the following description.
It should be noted that the terms "first", "second", and the like in the present disclosure are only used for distinguishing different devices, modules, or units, and are not used for limiting the order or interdependence of the functions performed by the devices, modules, or units.
It is noted that references to "a", "an", and "the" modifications in the disclosure are exemplary rather than limiting, and that those skilled in the art will understand that "one or more" unless the context clearly dictates otherwise.
Referring to fig. 1, a schematic structural diagram of a user login system provided in an embodiment of the present invention is shown, where the user login system includes a public identity authentication unit 101, a first computer 102, and a second computer 103.
The public identity authentication unit 101, the first computer 102 and the second computer 103 may be connected via a wireless network.
The first computer 102 is configured to declare a first target login request based on a login request sent by a user, and send the first target login request to the public identity authentication unit 101.
In the embodiment of the present application, an identity mapping relationship between the second computer 103 and the first computer 102 having a business logic relationship is preset, and the preset identity mapping relationships are respectively stored in the first computer 102 and the second computer 103.
In this embodiment, after receiving a login request sent by a user, the first computer 102 generates a first identity token according to a login account and a login password for logging in the first computer 102 in the login request (for convenience of distinguishing, the login account for logging in the first computer 102 carried in the login request is referred to as a first login account, and the login password for logging in the first computer 102 carried in the login request is referred to as a first login password); and acquiring a pre-stored preset identity mapping relation, and generating a first target login request according to the basic information of the user, the first identity token and the preset identity mapping relation.
The login request also carries basic information of the user, wherein the basic information of the user comprises user identity information.
And the public identity authentication unit 101 is configured to authenticate the user according to the first identity token, and send a second target login request to the second computer 103 indicated by the preset identity mapping relationship if the user passes the authentication.
In this embodiment of the present application, the user login system provided by the present invention further includes a configuration management unit 104, as shown in fig. 2, the configuration management unit 104 stores a user authority level of each user and login information corresponding to each computer login of each user, where the login information includes a login password and a login account.
The configuration management unit 104 may be connected to the public identity authentication unit 101, the first computer 102, and the second computer 103 through a wireless network.
It should be noted that the login information of the first computer 102 and the second computer 103 having the identity mapping relationship is the same. That is, when the first computer 102 and the second computer 103 have the identity mapping relationship, the login account numbers and the login passwords for logging in the first computer 102 and the second computer 103 are the same.
In this embodiment of the application, after receiving a first target login request sent by a first computer 102, a public identity authentication unit 101 obtains corresponding target login information from a configuration management unit 104 according to basic information of a user in the first target login request, and determines whether a target login password is the same as a first login password in a first identity token and whether a target login account is the same as the first login account in the first identity token; and if the target login password is not the same as the first login password in the first identity token or the target login account is the same as the first login account in the first identity token, determining that the user does not pass the authentication.
If the target login password is the same as the first login password in the first identity token and the target login account is the same as the first login account in the first identity token, the identity of the user is determined to pass the authentication, and under the condition that the identity of the user is determined to pass the authentication, a second target login request is generated according to the basic information of the user, and the second target login request is sent to the second computer 103 indicated by the preset identity mapping relationship.
In this embodiment, if the target login password is different from the first login password in the first identity token, or the target login account is different from the first login account in the first identity token, a user authentication non-passing message may be sent to the first computer 102, so as to prompt that the login account or the login password currently input by the user is wrong.
The target login information is login information of the user to login to the first computer, which is stored in the configuration management unit 104.
And the second computer 103 is configured to generate a second identity token based on the second target login request, and feed the second identity token back to the public identity authentication unit 101.
In this embodiment, after receiving the second target login request sent by the public identity authentication unit 101, the second computer 103 obtains login information for logging in the second computer 103 from the configuration management unit 104 according to the basic information of the user in the second target login request, generates a second identity token according to the obtained login information for logging in the second computer 103, and finally sends the generated second identity token to the public identity authentication unit 101.
And the public identity authentication unit 101 is configured to authenticate the user according to the second identity token, and if the user passes the authentication, send authentication passing information of the user to the first computer 102 and the second computer 103 at the same time.
In this embodiment, after receiving a second identity token sent by the second computer 103, the public identity authentication unit 101 determines whether the target login password is the same as a second login password in the second identity token and whether the target login account is the same as a second login account in the second identity token; and if the target login password is not the same as the second login password in the second identity token or the target login account is the same as the second login account in the second identity token, determining that the identity authentication of the user does not pass.
If the target login password is the same as the first login password in the second identity token and the target login account is the same as the second login account in the second identity token, the identity authentication of the user is determined to pass, and under the condition that the identity authentication of the user is determined to pass, the identity authentication passing information of the user is sent to the first computer 102 and the second computer 103 at the same time, so that the first computer 102 completes the login of the user according to the received identity authentication passing information of the user, and the second computer 103 completes the login of the user according to the received identity serious passing information of the user.
The invention provides a user login system, which is characterized in that an identity mapping relation is preset and stored in a first computer and a second computer, and the identity mapping relation is used for indicating that a certain business logic relation exists between the first computer and the second computer; when the first computer receives a login request sent by a user, a first target login request generated according to the received login request is sent to the public identity authentication unit, the public identity authentication unit authenticates the user according to a first identity token in the first target login request, under the condition of passing the verification, sending a second target login request to a second computer indicated by the identity mapping relation carried in the first target login request, so that the second computer generates a second identity token according to the second target login request and sends the second identity token to the public identity authentication unit, the public identity authentication unit authenticates the user again according to the second identity token, under the condition that the identity authentication is passed, simultaneously sending the identity authentication passing information of the user to the first computer and the second computer so that the first computer completes the login of the user based on the identity authentication passing information of the user; the second computer completes the login of the user through the information based on the identity authentication of the user, the user does not need to log in the first computer and the second computer respectively, and the user experience is improved.
Further, on the basis of the user login system provided in the above embodiment of the present invention, the user login system provided in the embodiment of the present invention further includes:
the public identity authentication unit 101 is configured to monitor the first computer 102/the second computer 103 in real time when detecting that the first computer 102/the second computer 103 has a fault, and send the authentication passing information of the user to the first computer 102/the second computer 103 until detecting that the fault recovery request sent by the first computer 102/the second computer 103 is detected, so that the first computer/the second computer complete the login of the user based on the authentication passing information of the user.
In the embodiment of the present application, while the authentication passing information of the user is sent to the first computer 102/the second computer 103, a data recovery request is sent to the second computer 103/the first computer 102, so that the second computer 103/the first computer 102 synchronizes its own data to the first computer 102/the second computer 103 based on the data recovery request.
In the embodiment of the application, when receiving the failure recovery of the first computer/the second computer, the public identity authentication unit sends a data recovery request to the second computer/the first computer, so that the second computer/the first computer synchronizes the data thereof to the first computer/the second computer based on the data recovery request, thereby realizing the automatic data recovery of the first computer/the second computer.
Based on the user login system shown in fig. 1, an embodiment of the present invention further discloses a user login method, as shown in fig. 3, which is applied to the user login system shown in fig. 1, and the user login method specifically includes the following steps:
s301: the first computer generates a first target login request based on a login request sent by a user, and sends the first target login request to the public identity authentication unit, wherein the first target login request at least comprises basic information of the user, a first identity token and a preset identity mapping relation.
In the embodiment of the application, an identity mapping relationship between second computers having a business logic relationship with a first computer is preset, and the preset identity mapping relationships are respectively stored in the first computer and the second computer.
In the specific process of step S301, after receiving a login request sent by a user, a first computer generates a first identity token according to a login account and a login password for logging in the first computer in the login request (for convenience of distinguishing, the login account for logging in the first computer carried in the login request is referred to as a first login account, and the login password for logging in the first computer carried in the login request is referred to as a first login password); and acquiring a pre-stored preset identity mapping relation, and generating a first target login request according to the basic information of the user, the first identity token and the preset identity mapping relation.
The login request also carries basic information of the user, wherein the basic information of the user comprises user identity information.
S302: and the public identity authentication unit authenticates the identity of the user according to the first identity token, and if the identity of the user passes the authentication, the public identity authentication unit sends a second target login request to a second computer indicated by a preset identity mapping relation.
In this embodiment of the present application, the user login system provided by the present invention further includes a configuration management unit 104, as shown in fig. 2, the configuration management unit 104 stores a user authority level of each user and login information corresponding to each computer login of each user, where the login information includes a login password and a login account.
It should be noted that the login information of the first computer and the second computer having the identity mapping relationship is the same. That is, when the first computer and the second computer have an identity mapping relationship, the login account numbers and the login passwords for logging in the first computer and the second computer are the same.
In the specific process of step S302, after receiving a first target login request sent by a first computer, a public identity authentication unit obtains corresponding target login information from a configuration management unit according to basic information of a user in the first target login request, and determines whether a target login password is the same as a first login password in a first identity token and whether a target login account is the same as the first login account in the first identity token; and if the target login password is not the same as the first login password in the first identity token or the target login account is the same as the first login account in the first identity token, determining that the user does not pass the authentication.
And if the target login password is the same as the first login password in the first identity token and the target login account is the same as the first login account in the first identity token, determining that the identity of the user passes the authentication, generating a second target login request according to the basic information of the user under the condition that the identity of the user passes the authentication, and sending the second target login request to a second computer indicated by a preset identity mapping relation.
In this embodiment of the application, if the target login password is different from the first login password in the first identity token, or the target login account is different from the first login account in the first identity token, the user authentication non-passing information may be sent to the first computer, so as to prompt that the login account or the login password currently input by the user is wrong.
The target login information is login information of the user to login to the first computer, which is stored in the configuration management unit.
S303: and the second computer generates a second identity token based on the second target login request and feeds the second identity token back to the public identity authentication unit.
In the process of specifically executing step S303, after receiving the second target login request sent by the public identity authentication unit, the second computer obtains login information for logging in the second computer from the configuration management unit according to the basic information of the user in the second target login request, generates a second identity token according to the obtained login information for logging in the second computer, and finally sends the generated second identity token to the public identity authentication unit.
S304: and the public identity authentication unit is used for authenticating the identity of the user according to the second identity token, and simultaneously sending the identity authentication passing information of the user to the first computer and the second computer if the identity authentication passes.
In the specific process of executing step S304, after receiving the second identity token sent by the second computer, the public identity authentication unit determines whether the target login password is the same as the second login password in the second identity token and whether the target login account is the same as the second login account in the second identity token; and if the target login password is not the same as the second login password in the second identity token or the target login account is the same as the second login account in the second identity token, determining that the identity authentication of the user does not pass.
If the target login password is the same as the first login password in the second identity token and the target login account is the same as the second login account in the second identity token, the identity authentication of the user is determined to pass, and under the condition that the identity authentication of the user is determined to pass, the identity authentication passing information of the user is sent to the first computer and the second computer at the same time, so that the first computer completes the login of the user according to the received identity authentication passing information of the user, and the second computer completes the login of the user according to the received identity serious passing information of the user.
S305: the first computer completes the login of the user through the information based on the authentication of the user.
In the specific process of step S305, after receiving the user authentication passing information sent by the public authentication unit, the first computer completes the login of the user based on the user authentication passing information.
S306: the second computer completes the login of the user through the information based on the authentication of the user.
In the specific process of executing step S306, after receiving the authentication passing information of the user sent by the public authentication unit, the second computer completes the login of the user based on the authentication passing information of the user.
The invention provides a user login method, which is characterized in that an identity mapping relation is preset and stored in a first computer and a second computer, and the identity mapping relation is used for indicating that a certain business logic relation exists between the first computer and the second computer; when the first computer receives a login request sent by a user, a first target login request generated according to the received login request is sent to the public identity authentication unit, the public identity authentication unit authenticates the user according to a first identity token in the first target login request, under the condition of passing the verification, sending a second target login request to a second computer indicated by the identity mapping relation carried in the first target login request, so that the second computer generates a second identity token according to the second target login request and sends the second identity token to the public identity authentication unit, the public identity authentication unit authenticates the user again according to the second identity token, under the condition that the identity authentication is passed, simultaneously sending the identity authentication passing information of the user to the first computer and the second computer so that the first computer completes the login of the user based on the identity authentication passing information of the user; the second computer completes the login of the user through the information based on the identity authentication of the user, the user does not need to log in the first computer and the second computer respectively, and the user experience is improved.
Further, on the basis of the user login method provided by the above embodiment of the present invention, the user login method provided by the embodiment of the present invention further includes:
the public identity authentication unit monitors the first computer/the second computer in real time under the condition that the first computer/the second computer is detected to have a fault, and sends the identity authentication passing information of the user to the first computer/the second computer until the fault recovery request sent by the first computer/the second computer is detected, so that the first computer/the second computer can complete the login of the user based on the identity authentication passing information of the user.
In the embodiment of the application, the authentication passing information of the user is sent to the first computer/the second computer, and meanwhile, the data recovery request is sent to the second computer/the first computer, so that the second computer/the first computer can synchronize the data of the second computer/the first computer to the first computer/the second computer based on the data recovery request.
In the embodiment of the application, when receiving the failure recovery of the first computer/the second computer, the public identity authentication unit sends a data recovery request to the second computer/the first computer, so that the second computer/the first computer synchronizes the data thereof to the first computer/the second computer based on the data recovery request, thereby realizing the automatic data recovery of the first computer/the second computer.
An electronic device is provided in an embodiment of the present application, as shown in fig. 4, the electronic device includes a processor 401 and a memory 402, where the memory 402 is used to store program codes and data for user login, and the processor 401 is used to call program instructions in the memory to execute steps shown in the method for implementing user login in the foregoing embodiment.
The embodiment of the application provides a storage medium, the storage medium comprises a storage program, and when the program runs, a device where the storage medium is located is controlled to execute the user login method shown in the embodiment.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, the system or system embodiments are substantially similar to the method embodiments and therefore are described in a relatively simple manner, and reference may be made to some of the descriptions of the method embodiments for related points. The above-described system and system embodiments are merely illustrative, wherein units described as separate components may or may not be physically separate, and components shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
The foregoing is only a preferred embodiment of the present invention, and it should be noted that it is obvious to those skilled in the art that various modifications and improvements can be made without departing from the principle of the present invention, and these modifications and improvements should also be considered as the protection scope of the present invention.
Claims (10)
1. A user login method is applied to a user login system, the user login system comprises a public identity authentication unit, a first computer and a second computer, wherein a preset identity mapping relation is stored in the first computer, the preset identity mapping relation is stored in the second computer, and the preset identity mapping relation represents that a business logic relation exists between the first computer and the second computer, and the method comprises the following steps:
a first computer generates a first target login request based on a login request sent by a user, and sends the first target login request to a public identity authentication unit, wherein the first target login request at least comprises basic information of the user, a first identity token and a preset identity mapping relation;
the public identity authentication unit authenticates the identity of the user according to the first identity token, and if the identity of the user passes the authentication, a second target login request is sent to the second computer indicated by the preset identity mapping relation;
the second computer generates a second identity token based on the second target login request and feeds the second identity token back to the public identity authentication unit;
the public identity authentication unit authenticates the identity of the user according to the second identity token, and if the identity of the user passes the authentication, the public identity authentication unit simultaneously sends authentication passing information of the user to the first computer and the second computer;
the first computer completes the login of the user based on the authentication passing information of the user;
and the second computer completes the login of the user based on the authentication passing information of the user.
2. The method of claim 1, wherein generating the first target login request by the first computer based on a login request sent by a user comprises:
the first computer receives a login request sent by the user, wherein the user request comprises basic information of the user, a first login account and a first login password for logging in the first computer;
the first computer generates a first identity token based on the first login account and the first login password;
the first computer obtains a preset identity mapping relation and generates a first target login request according to the basic information of the user, the first identity token and the preset identity mapping relation.
3. The method of claim 2, wherein the public authentication unit authenticating the user based on the first identity token comprises:
acquiring target login information according to the basic information of the user, wherein the target login information comprises a target login password and a target login account;
judging whether the target login password is the same as the first login password in the first identity token or not and whether the target login account is the same as the first login account in the first identity token or not;
if the target login password is the same as the first login password in the first identity token and the target login account is the same as the first login account in the first identity token, determining that the user passes the identity authentication;
and if the target login password is not the same as the first login password in the first identity token, or the target login account is not the same as the first login account in the first identity token, determining that the authentication of the user does not pass.
4. The method of claim 3, wherein generating, by the second computer, a corresponding second identity token based on the second target logon request comprises:
receiving a second target login request sent by the public identity authentication unit, wherein the second target login request at least comprises basic information of the user;
obtaining login information for logging in the second computer according to the basic information of the user, wherein the login information comprises a second login account and a second login password;
generating a second identity token based on the login information.
5. The method of claim 4, wherein the public authentication unit authenticates the user based on the second identity token, comprising:
judging whether the target login password is the same as the second login password in the second identity token or not and whether the target login account is the same as the second login account in the second identity token or not;
if the target login password is the same as the first login password in the second identity token and the target login account is the same as the second login account in the second identity token, determining that the identity of the user passes authentication;
and if the target login password is not the same as the second login password in the second identity token or the target login account is the same as the second login account in the second identity token, determining that the authentication of the user does not pass.
6. The method according to claim 1, characterized in that it comprises:
when detecting that the first computer/the second computer is recovered due to a fault, the public identity authentication unit sends authentication passing information of the user to the first computer/the second computer, and simultaneously sends a data recovery request to the second computer/the first computer;
the first computer/the second computer completes the login of the user based on the authentication passing information of the user;
and the second computer/the first computer synchronizes the data of the second computer/the first computer to the first computer/the second computer based on the data recovery request.
7. A user login system is characterized by comprising a public identity authentication unit, a first computer and a second computer, wherein the first computer stores a preset identity mapping relation, the second computer stores the preset identity mapping relation, and the preset identity mapping relation represents that a certain business logic relation exists between the first computer and the second computer;
the first computer is used for generating a first target login request based on a login request sent by a user and sending the first target login request to the public identity authentication unit; after receiving the authentication passing information of the user sent by the public authentication unit, completing the login of the user based on the authentication passing information of the user; the first target login request at least comprises basic information of the user, a first identity token and an identity mapping relation;
the public identity authentication unit is used for authenticating the identity of the user according to the first identity token, and if the identity of the user passes the authentication, sending a second target login request to the second computer indicated by the preset identity mapping relation; after receiving a second identity token generated based on the second target login request and fed back by the second computer, performing identity authentication on the user according to the second identity token, and if the identity authentication passes, simultaneously sending identity authentication passing information of the user to the first computer and the second computer;
the second computer is used for generating a second identity token based on the second target login request and feeding the second identity token back to the public identity authentication unit; and after receiving the authentication passing information of the user sent by the public authentication unit, finishing the login of the user based on the authentication passing information of the user.
8. The system of claim 7, wherein the first computer configured to generate a first target login request based on a login request sent by a user is specifically configured to:
receiving a login request sent by the user, wherein the user request comprises basic information of the user, a first login account and a first login password for logging in the first computer;
generating a first identity token based on the first login account number and the first login password;
and acquiring a preset identity mapping relation, and generating a first target login request according to the basic information of the user, the first identity token and the preset identity mapping relation.
9. An electronic device, comprising a processor and a memory, the memory storing program code and data for user login, the processor being configured to invoke program instructions in the memory to perform a user login method as claimed in any one of claims 1 to 6.
10. A storage medium, characterized in that the storage medium comprises a stored program, wherein the program, when running, controls a device on which the storage medium is located to execute a user login method according to any one of claims 1-6.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110942424.XA CN113656779A (en) | 2021-08-17 | 2021-08-17 | User login method, system, electronic equipment and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110942424.XA CN113656779A (en) | 2021-08-17 | 2021-08-17 | User login method, system, electronic equipment and storage medium |
Publications (1)
Publication Number | Publication Date |
---|---|
CN113656779A true CN113656779A (en) | 2021-11-16 |
Family
ID=78479908
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110942424.XA Pending CN113656779A (en) | 2021-08-17 | 2021-08-17 | User login method, system, electronic equipment and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113656779A (en) |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103118032A (en) * | 2013-03-01 | 2013-05-22 | 北京奇艺世纪科技有限公司 | Method, terminals and server for synchronization of terminal login accounts |
CN103457951A (en) * | 2013-09-02 | 2013-12-18 | 小米科技有限责任公司 | Method and device for allowing multiple terminals to login to server |
JP2014038612A (en) * | 2012-08-16 | 2014-02-27 | Naver Corp | Log-in server using one-time password, method and computer readable recording medium |
CN104796436A (en) * | 2015-05-20 | 2015-07-22 | 郑州悉知信息技术有限公司 | User login method and system, first platform server and related platform server |
CN109145571A (en) * | 2018-08-10 | 2019-01-04 | 维沃移动通信有限公司 | A kind of account login method, terminal and server |
CN110278187A (en) * | 2019-05-13 | 2019-09-24 | 网宿科技股份有限公司 | Multiple terminals single-point logging method, system, sync server and medium |
CN111466099A (en) * | 2018-09-03 | 2020-07-28 | 华为技术有限公司 | Login method, token sending method and device |
-
2021
- 2021-08-17 CN CN202110942424.XA patent/CN113656779A/en active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2014038612A (en) * | 2012-08-16 | 2014-02-27 | Naver Corp | Log-in server using one-time password, method and computer readable recording medium |
CN103118032A (en) * | 2013-03-01 | 2013-05-22 | 北京奇艺世纪科技有限公司 | Method, terminals and server for synchronization of terminal login accounts |
CN103457951A (en) * | 2013-09-02 | 2013-12-18 | 小米科技有限责任公司 | Method and device for allowing multiple terminals to login to server |
CN104796436A (en) * | 2015-05-20 | 2015-07-22 | 郑州悉知信息技术有限公司 | User login method and system, first platform server and related platform server |
CN109145571A (en) * | 2018-08-10 | 2019-01-04 | 维沃移动通信有限公司 | A kind of account login method, terminal and server |
CN111466099A (en) * | 2018-09-03 | 2020-07-28 | 华为技术有限公司 | Login method, token sending method and device |
CN110278187A (en) * | 2019-05-13 | 2019-09-24 | 网宿科技股份有限公司 | Multiple terminals single-point logging method, system, sync server and medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106101258B (en) | Interface calling method, device and system of hybrid cloud | |
CN108900559B (en) | Login certificate management method and device, computer equipment and storage medium | |
CN111917773B (en) | Service data processing method and device and server | |
US8667294B2 (en) | Apparatus and method for preventing falsification of client screen | |
US10212151B2 (en) | Method for operating a designated service, service unlocking method, and terminal | |
CN104023032B (en) | Application based on credible performing environment technology is limited discharging method, server and terminal | |
CN111490981B (en) | Access management method and device, bastion machine and readable storage medium | |
CN109391615A (en) | A kind of server exempts from close login method and system | |
CN110247897B (en) | System login method, device, gateway and computer readable storage medium | |
CN113761509B (en) | iframe verification login method and device | |
CN111405036A (en) | Service access method, device, related equipment and computer readable storage medium | |
CN110221949A (en) | Automate operation management method, apparatus, equipment and readable storage medium storing program for executing | |
CN112187465B (en) | Non-inductive login method, device, computer equipment and storage medium | |
CN111817999A (en) | User login method and device | |
CN111737232A (en) | Database management method, system, device, equipment and computer storage medium | |
CN116015824A (en) | Unified authentication method, equipment and medium for platform | |
CN111259368A (en) | Method and equipment for logging in system | |
CN111343177B (en) | Method, device, equipment and medium for supervising lightweight node | |
CN115840937B (en) | Control method and device and electronic equipment | |
CN109213572A (en) | A kind of confidence level based on virtual machine determines method and server | |
CN108924149B (en) | Token-based identity validity verification method and system | |
CN113656779A (en) | User login method, system, electronic equipment and storage medium | |
CN110380865B (en) | Single sign-on method, device, medium and equipment of multi-node management system | |
CN112134705B (en) | Data authentication method and device, storage medium and electronic device | |
CN114238939A (en) | Authority verification method, device and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information | ||
CB02 | Change of applicant information |
Country or region after: China Address after: No. 309 Liuhe Road, Binjiang District, Hangzhou City, Zhejiang Province (High tech Zone) Applicant after: Zhongkong Technology Co.,Ltd. Address before: No. six, No. 309, Binjiang District Road, Hangzhou, Zhejiang Applicant before: ZHEJIANG SUPCON TECHNOLOGY Co.,Ltd. Country or region before: China |