CN113746857A

CN113746857A - Login method, device, equipment and computer readable storage medium

Info

Publication number: CN113746857A
Application number: CN202111057560.7A
Authority: CN
Inventors: 汪利飞; 孟湘琴; 傅宇; 杜健
Original assignee: Shenzhen Tencent Domain Computer Network Co Ltd
Current assignee: Shenzhen Tencent Domain Computer Network Co Ltd
Priority date: 2021-09-09
Filing date: 2021-09-09
Publication date: 2021-12-03
Anticipated expiration: 2041-09-09
Also published as: CN113746857B

Abstract

The embodiment of the application provides a login method, a login device and a computer-readable storage medium, and the login method comprises the following steps: receiving a login certificate sent by a first client from a terminal, wherein the login certificate is used for representing that the first client logs in a user through a login component of any one of at least two second clients on the terminal; in response to determining that the login credential is legal, sending a first message to the second server to indicate the second server to determine an access token according to the first message; receiving an access token sent by a second server, and determining the identity of any second client according to the access token; and in response to determining that the mapping relationship exists between any user identifier in the first service end and any second client identifier, sending a login state to the first client to indicate the first client to log in the user.

Description

Login method, device, equipment and computer readable storage medium

Technical Field

The present application relates to the field of computer technologies, and in particular, to a login method, device, apparatus, and computer-readable storage medium.

Background

The electronic competition is a sports item of which the electronic game competition reaches the competitive level, and the electronic competition is a match which is carried out by using electronic equipment as a sports apparatus and combines intelligence and physical strength between people. With the explosion of electronic sports, more and more game APPs (applications) are emerging. In some game APPs in the prior art, a user may log in through a client a of a third party, a client B of the third party, and the like. However, the account of the client A and the account of the client B are not associated, and when a user logs in the client A and the client B respectively, the two accounts are generated, so that the use cost of the user is increased; when the service platform counts the number of game users, the counted number of users is larger than the actual number of users, so that the counted number of users is inaccurate.

Disclosure of Invention

Aiming at the defects of the existing mode, the login method, the login device, the login equipment and the computer-readable storage medium are provided, so that the problems of how to realize the association of the accounts of the clients of at least two third parties in a user login scene and ensuring the safety of a user are solved.

In a first aspect, the present application provides a login method, executed by a first server, including:

receiving a login certificate sent by a first client from a terminal, wherein the login certificate is used for representing that the first client logs in a user through a login component of any one of at least two second clients on the terminal;

in response to determining that the login credential is legal, sending a first message to the second server to indicate the second server to determine an access token according to the first message;

receiving an access token sent by a second server, and determining the identity of any second client according to the access token;

and in response to determining that the mapping relationship exists between any user identifier in the first service end and any second client identifier, sending a login state to the first client to indicate the first client to log in the user.

In one embodiment, in response to determining that the login credentials are legitimate, sending a first message to the second server, comprises:

and responding to the fact that the preset verification interface is called to determine that the login certificate is legal, and sending a first message including the login certificate to the second server to indicate the second server to determine an access token according to the login certificate, the key of any second client and the account of any second client.

In one embodiment, determining the identity of any second client based on the access token comprises:

in response to the fact that the access token is determined to be legal, based on the access token, calling a preset user information interface to inquire user information, and sending the inquired user information to the second server to indicate the second server to obtain verification information according to the access token and the user information;

and receiving the verification information sent by the second server, and determining the identity of any second client according to the verification information.

In one embodiment, if it is determined that no mapping relationship exists between any user identifier and any identity identifier of any second client in the first service end, sending a second message to the first client to indicate the first client to send the communication number of the terminal and the verification code related to the communication number of the terminal;

and receiving the communication number and the verification code of the terminal sent by the first client, generating a user identifier which has a mapping relation with the identity identifier of any second client in response to the fact that the communication number and the verification code of the terminal are determined to be legal, and sending a login state to the first client.

In one embodiment, before receiving the login credential sent by the first client from the terminal, the method further comprises:

receiving a login state stored by a first client sent by the first client;

when the login state stored by the first client is determined to be expired, sending a third message to the first client for indicating the first client to jump to a login interface;

receiving a login credential sent by a first client from a terminal, comprising:

and receiving a login credential which is sent by a first client of the terminal and is generated by triggering of a user through a login interface.

receiving a login state stored by a first client sent by the first client;

when the fact that the login state stored by the first service end is not overdue is determined according to the login state stored by the first client, updating the login state stored by the first service end to obtain an updated login state;

and sending the updated login state to the first client to indicate that the first client successfully logs in directly.

In one embodiment, a mapping relationship exists between any user identifier and any second client; and a mapping relation exists between any user identification and the communication number of the terminal.

In a second aspect, the present application provides a login apparatus, which is executed by a first server, and includes:

the first processing module is used for receiving a login certificate sent by a first client side from the terminal, wherein the login certificate is used for representing that the first client side logs in a user through a login component of any one of at least two second client sides on the terminal;

the second processing module is used for responding to the fact that the login certificate is legal and sending a first message to the second server to indicate the second server to determine an access token according to the first message;

the third processing module is used for receiving the access token sent by the second server and determining the identity of any second client according to the access token;

and the fourth processing module is used for sending a login state to the first client in response to determining that the mapping relationship exists between any user identifier in the first service end and any identity identifier of any second client, so as to indicate the first client to log in the user.

In a third aspect, the present application provides an electronic device, comprising: a processor, a memory, and a bus;

a bus for connecting the processor and the memory;

a memory for storing operating instructions;

and the processor is used for executing the login method of the first aspect of the application by calling the operation instruction.

In a fourth aspect, the present application provides a computer-readable storage medium storing a computer program for performing the login method of the first aspect of the present application.

The technical scheme provided by the embodiment of the application at least has the following beneficial effects:

the method comprises the steps that a first service end receives a login certificate sent by a first client end from a terminal, wherein the login certificate is used for representing that the first client end carries out user login through a login component of any one of second client ends of at least two third parties on the terminal; in response to the fact that the login credential is determined to be legal, sending a first message to a second server corresponding to any second client to indicate the second server to determine an access token according to the first message; receiving an access token sent by a second server, and determining the identity of any second client according to the access token; when a user logs in for a non-first time, a mapping relation exists between a user identifier and the identity identifiers of at least two second clients in a first service end, namely a binding relation exists between the user identifier and the accounts of the at least two second clients; in response to determining that a mapping relation exists between any user identifier and any second client identifier in the first service side, sending a login state to the first client to indicate the first client to log in the user; therefore, the account numbers of at least two second clients are simultaneously associated to the unique user identification of the user in the user login scene, so that the use cost of the user is reduced, and the accuracy of counting the number of game users by the service platform is improved. The whole account system of the user takes the user identification as the unique user identification of the user, the mobile phone number (mobile phone number) of the user can be changed, and the user identification of the user cannot be changed, namely, the user identification and the mapping relation between the user identification and the identity identifications (account numbers) of at least two second clients cannot be influenced by the change of the mobile phone number of the user; after the user changes the mobile phone number, the user does not timely unbundle or change the binding, and even if the old mobile phone number is registered by other users, the security risk that the user account is lost can not occur.

Drawings

In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings used in the description of the embodiments of the present application will be briefly described below.

Fig. 1 is a schematic structural diagram of a login system according to an embodiment of the present application;

fig. 2 is a schematic flowchart of a login method according to an embodiment of the present application;

FIG. 3 is a schematic diagram of a login provided in an embodiment of the present application;

FIG. 4 is a schematic diagram of a login provided in an embodiment of the present application;

FIG. 5 is a schematic diagram of a login provided in an embodiment of the present application;

FIG. 6 is a schematic diagram of a login provided in an embodiment of the present application;

fig. 7 is a schematic flowchart of a login method according to an embodiment of the present application;

fig. 8 is a schematic flowchart of a login method according to an embodiment of the present application;

fig. 9 is a schematic flowchart of a login method according to an embodiment of the present application;

fig. 10 is a schematic structural diagram of a login apparatus according to an embodiment of the present application;

fig. 11 is a schematic structural diagram of an electronic device according to an embodiment of the present application.

Detailed Description

In order to make the objects, features and advantages of the present invention more apparent and understandable, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application, and it is apparent that the described embodiments are only a part of the embodiments of the present application, and not all the embodiments of the present application. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.

Reference will now be made in detail to embodiments of the present application, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are exemplary only for the purpose of explaining the present application and are not to be construed as limiting the present application.

As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.

The embodiment of the application relates to a login method provided by a login system, and the login method relates to various fields of cloud technology, such as cloud computing, cloud service, cloud games and the like in the cloud technology.

Cloud computing (cloud computing) is a computing model that distributes computing tasks over a pool of resources formed by a large number of computers, enabling various application systems to obtain computing power, storage space, and information services as needed. The network that provides the resources is referred to as the "cloud". Resources in the "cloud" appear to the user as being infinitely expandable and available at any time, available on demand, expandable at any time, and paid for on-demand.

As a basic capability provider of cloud computing, a cloud computing resource pool (called as an ifas (Infrastructure as a Service) platform for short is established, and multiple types of virtual resources are deployed in the resource pool and are selectively used by external clients.

According to the logic function division, a PaaS (Platform as a Service) layer can be deployed on an IaaS (Infrastructure as a Service) layer, a SaaS (Software as a Service) layer is deployed on the PaaS layer, and the SaaS can be directly deployed on the IaaS. PaaS is a platform on which software runs, such as a database, a web container, etc. SaaS is a variety of business software, such as web portal, sms, and mass texting. Generally speaking, SaaS and PaaS are upper layers relative to IaaS.

So-called artificial intelligence cloud services are also commonly referred to as AIaaS (AIas a Service, chinese "AI as a Service"). The method is a service mode of an artificial intelligence platform, and particularly, the AIaaS platform splits several types of common AI services and provides independent or packaged services at a cloud. This service model is similar to the one opened in an AI theme mall: all developers can access one or more artificial intelligence services provided by the platform through an API (application programming interface), and part of the qualified developers can also use an AI framework and an AI infrastructure provided by the platform to deploy and operate and maintain the self-dedicated cloud artificial intelligence services.

Artificial Intelligence (AI) is a theory, method, technique and application system that uses a digital computer or a machine controlled by a digital computer to simulate, extend and expand human Intelligence, perceive the environment, acquire knowledge and use the knowledge to obtain the best results. In other words, artificial intelligence is a comprehensive technique of computer science that attempts to understand the essence of intelligence and produce a new intelligent machine that can react in a manner similar to human intelligence. Artificial intelligence is the research of the design principle and the realization method of various intelligent machines, so that the machines have the functions of perception, reasoning and decision making.

The artificial intelligence technology is a comprehensive subject and relates to the field of extensive technology, namely the technology of a hardware level and the technology of a software level. The artificial intelligence infrastructure generally includes technologies such as sensors, dedicated artificial intelligence chips, cloud computing, distributed storage, big data processing technologies, operation/interaction systems, mechatronics, and the like. The artificial intelligence software technology mainly comprises a computer vision technology, a voice processing technology, a natural language processing technology, machine learning/deep learning, automatic driving, intelligent traffic and the like.

Cloud gaming (Cloud gaming), also known as game on demand (gaming), is an online gaming technology based on Cloud computing technology. Cloud game technology enables light-end devices (thin clients) with relatively limited graphics processing and data computing capabilities to run high-quality games. In a cloud game scene, a game is not operated in a player game terminal but in a cloud server, and the cloud server renders the game scene into a video and audio stream which is transmitted to the player game terminal through a network. The player game terminal does not need to have strong graphic operation and data processing capacity, and only needs to have basic streaming media playing capacity and capacity of acquiring player input instructions and sending the instructions to the cloud server.

For better understanding and description of the embodiments of the present application, some technical terms used in the embodiments of the present application will be briefly described below.

The login mode of WeChat: and using a login component of the WeChat to log in by utilizing the authorization of the WeChat.

The login method of the hand Q: the hand Q can be a mobile phone QQ, the hand Q can be instant messaging software, and the hand Q can be a QQ client on the mobile phone; using the login component of the QQ, each login jumps to the QQ client for authorized login.

Session: in computers, and in particular in network applications, it is known as session control. The Session object stores Session data that includes a Session id, attributes required for a particular user (e.g., a cell phone user) Session, and configuration information. Thus, when a user jumps between Web pages of an application, the variables stored in the Session object will not be lost, but will persist throughout the user Session. When a user requests a Web page from an application, the Web server will automatically create a Session object if the user has not already a Session. When a session expires or is abandoned, the server will terminate the session.

Session _ id: the id number representing the Session address.

Access token (Access token): and issuing an effective login character string under a WeChat and hand Q login system.

Oauth 2.0: OAuth2.0 is a continuation version of the OAuth protocol, and OAuth2.0 focuses on the ease of client developers, allowing third party applications to gain access on behalf of users. OAuth is an open protocol that allows a user to have a third party application obtain private resources, such as user personal information, photos, videos, contact lists, etc., stored by the user on a website, mobile or desktop application in a secure and standard manner without having to provide the third party application with a username and password. OAuth2.0 is the next version of the OAuth protocol, but is not backward compatible with OAuth 1.0. OAuth allows users to provide a token, rather than a username and password, to access data they have deposited with a particular service provider. Each token grants a particular website (e.g., a video editing website) access to a particular resource (e.g., only videos in a certain album) for a particular period of time (e.g., the next 2 hours). In this way, OAuth allows users to authorize third party websites to access information they store on additional service providers without having to share all of their access permissions or their data.

Uid: the user id, like the user identification number, is unique for each user. For example, the length of Uid may be defined as a 9-bit positive integer starting with 1 to 9.

The technical scheme provided by the embodiment of the present application relates to a cloud technology, and the following detailed description is provided on the technical scheme of the present application and how to solve the technical problem in the technical scheme of the present application with specific embodiments. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments. Embodiments of the present application will be described below with reference to the accompanying drawings.

The scheme provided by the embodiment of the application can be suitable for any application scene needing user login in the technical field of cloud.

In order to better understand the scheme provided by the embodiment of the present application, the scheme is described below with reference to a specific application scenario.

In an embodiment, fig. 1 shows an architecture diagram of a login system to which the embodiment of the present application is applied, and it can be understood that the login method provided by the embodiment of the present application may be applied to, but is not limited to, the application scenario shown in fig. 1.

In this example, as shown in fig. 1, the architecture of the login system in this example may include, but is not limited to, a terminal 101, a first service end 102, and at least two second service ends 103, where the terminal 101 has a first client and at least two second clients installed, the first client corresponds to the first service end 102, and the second client corresponds to the second service end 103. The terminal 101, the first service terminal 102 and the at least two second service terminals 103 can interact with each other through a network. A first service terminal 102 receives a login credential sent by a first client terminal from a terminal 101, wherein the login credential is used for representing that the first client terminal logs in a user through a login component of any one of at least two second client terminals on the terminal; in response to determining that the login credential is legal, the first server 102 sends a first message to the second server 103 to instruct the second server 103 to determine an access token according to the first message; the first service end 102 receives the access token sent by the second service end 103, and determines the identity of any second client according to the access token; in response to determining that there is a mapping relationship between any user identifier and any identity identifier of any second client in the first service end 102, the first service end 102 sends a login state to the first client to indicate the first client to perform user login.

It is understood that the above is only an example, and the present embodiment is not limited thereto.

The terminal 101 may be a smart phone (e.g., an Android phone, an iOS phone, etc.), a phone simulator, a tablet computer, a notebook computer, a digital broadcast receiver, an MID (Mobile Internet Devices), a PDA (personal digital assistant), a desktop computer, a vehicle terminal (e.g., a vehicle navigation terminal), a smart speaker, a smart watch, etc. The first client may be a game APP and the second client may be a hand Q or WeChat. The first service end 102 and the second service end 103 may be independent physical servers, may also be a server cluster or a distributed system formed by a plurality of physical servers, and may also be a cloud server or a server cluster providing basic cloud computing services such as a cloud service, a cloud database, cloud computing, a cloud function, cloud storage, a Network service, cloud communication, a middleware service, a domain name service, a security service, a CDN (Content Delivery Network), a big data and artificial intelligence platform, and the like. Such networks may include, but are not limited to: a wired network, a wireless network, wherein the wired network comprises: a local area network, a metropolitan area network, and a wide area network, the wireless network comprising: bluetooth, Wi-Fi, and other networks that enable wireless communication. The determination may also be based on the requirements of the actual application scenario, and is not limited herein.

Referring to fig. 2, fig. 2 shows a flowchart of a login method provided in an embodiment of the present application, where the method may be executed by any electronic device, such as a first server, and as an alternative implementation, the method may be executed by the first server. As shown in fig. 2, the login method provided in the embodiment of the present application includes the following steps:

s101, receiving a login certificate sent by a first client side from a terminal, wherein the login certificate is used for representing that the first client side logs in a user through a login component of any one of at least two second client sides on the terminal.

In one embodiment, the first client may be a game APP, or an APP of a cloud game; the second client may be a hand Q client (APP of hand Q), a wechat client (APP of wechat), etc. The first server may be a server corresponding to the game APP.

For example, as shown in step S219 in fig. 8, the client receives a callback code (login credential), and the client sends the login credential code to the server by calling the login interface. The code is used for representing that the game APP performs user login through a login component of any one of a handheld Q client and a WeChat client on a terminal (such as a mobile phone); when the login component of the user authorized hand Q client performs user login, the code is used for representing that the user authorized game APP performs user login through the login component of the user authorized hand Q client on the terminal; when the user authorizes the login component of the WeChat client to perform user login, the code is used for representing that the user authorizes the game APP to perform user login through the login component of the WeChat client on the terminal. The code may be an authorized code.

S102, responding to the fact that the login certificate is legal, sending a first message to the second server to indicate the second server to determine an access token according to the first message.

In one embodiment, the first message includes login credentials, the login credentials being a code. The second server can be a hand Q server, a WeChat server and the like.

For example, as shown in steps S220 and S221 in fig. 8, the predetermined authentication interface is the oauth2.0 authentication interface; when the second server is a hand Q server, the hand Q server verifies the code, the secret key secret of the hand Q client and the account number appid of the hand Q client to obtain an access token _ token; and when the second server side is the WeChat server side, the WeChat server side verifies the code, the secret key secret of the WeChat client side and the account number api of the WeChat client side to obtain the access token access _ token.

S103, receiving the access token sent by the second server, and determining the identity of any second client according to the access token.

In one embodiment, the identity is openid, and the openid may be an identity of a hand Q client, that is, the openid may be an identity corresponding to a hand Q number or a hand Q account of the user; the openid can be an identity of the wechat client, that is, the openid can be an identity corresponding to a micro-signal or a wechat account of the user.

In one embodiment, determining the identity of any second client based on the access token includes steps A1-A2:

step A1, in response to determining that the access token is legal, based on the access token, invoking a predetermined user information interface to query the user information, and sending the queried user information to the second server to instruct the second server to obtain the verification information according to the access token and the user information.

In one embodiment, the user information interface is an Oauth2.0 user information interface. The user information includes: openid, user nickname, user gender, province filled in by user personal data, city filled in by common user personal data, country, user head portrait, user privilege information and the like.

For example, as shown in steps S220 and S221 in fig. 8, the handy Q server or the WeChat server verifies the access token access _ token based on the user information to obtain verification information.

Step A2, receiving the verification information sent by the second server, and determining the identity of any second client according to the verification information.

For example, as shown in steps S220 and S221 in fig. 8, the handy Q server or the wechat server sends the verification information to the server (the first server), and the server determines the identity openid according to the verification information.

And S104, in response to the fact that the mapping relation exists between any user identifier and any second client identifier in the first service side, sending a login state to the first client to indicate the first client to log in the user.

In one embodiment, a user registers and logs in for the first time, the first service end generates any user identification, and any user identification is stored in the first service end. And the subsequent user logs in again, and when any user identifier and any second client identity identifier are in a mapping relation, the first service side sends a login state to the first client side.

In one embodiment, one user only corresponds to one Uid, the Uid can simultaneously correspond to a plurality of openids, and mapping relationships exist between the Uid and the openids. The Uid corresponds to a mobile phone number (mobile phone number, i.e. a communication number of a terminal) of the user, a mapping relationship exists between the Uid and the mobile phone number of the user, the mobile phone number of the user can be changed, and the Uid of the user cannot be changed. The entire account system of the user takes Uid as a unique user identification. For example, the Uid of a user, the openid of the hand Q client (openid corresponding to the hand Q number), the openid of the wechat client (openid corresponding to the wechat), and the mobile phone number of the user are bound to each other.

In one embodiment, the verification code related to the communication number of the terminal includes a Session _ id, and when the first server determines that the Session _ id is valid, a Uid (any user identifier) is generated, an openid (any second client identity identifier) and the Uid are bound, and a mapping relationship between the openid and the Uid is established.

In one embodiment, a user has a micro signal and a QQ number, one micro signal corresponds to one openid, one QQ number corresponds to another openid, a mapping relationship exists between the two different openids and the mobile phone number of the user, a mapping relationship exists between the mobile phone number of the user and the Uid, the mobile phone number of the user can be changed, and the Uid is not changed. When a user registers and logs in for the first time, the first service end can bind two different openids with the mobile phone number of the user and provide a Uid at the same time.

receiving a login state stored by a first client sent by the first client;

In one embodiment, when the login state stored by the client is expired or the client does not store the login state, the client jumps to a login interface, and the user needs to log in again.

receiving a login state stored by a first client sent by the first client;

In one embodiment, a user starts a client, when a login state stored by the client is not expired, a first server updates the login state to obtain an updated login state, the client receives the updated login state sent by the first server, and the client stores the updated login state.

In the embodiment of the application, a user uses a hand q or WeChat to perform authorized login in the login process, the first client and the first server simultaneously store a temporary Session _ id (login state), and the Session _ id is periodically refreshed and checked. In the user login process, the Uid and the Session _ id are stored in a Session object in the first server, and the current Session _ id is expired after the user logs in at other places, so that the user can log in only one device at a time, and the purpose of safety is achieved. The hand q and the WeChat can be associated by using the mobile phone number, and an independent user identification Uid is distributed in the first login process of the user, so that a set of complete, safe and independent user account system is formed. Mapping relations exist among the Uid, the hand Q and the WeChat, so that the hand Q and the WeChat are associated to the same user identifier in a user login scene, namely, one user only corresponds to one user identifier, the use cost of the user is reduced, and the accuracy of counting the number of game users by the service platform is improved.

In order to better understand the method provided by the embodiment of the present application, the following further describes the scheme of the embodiment of the present application with reference to an example of a specific application scenario.

The login method provided by the embodiment of the application is applied to the user login scene of the game APP (client), for example, the user login scene of the electronic competition community APP (client).

In one embodiment, the user first logs in the interface as shown in fig. 3, for example, the icon 1 corresponds to a login component of the wechat client, the user logs in first using the wechat, first binds the mobile phone number, then binds the wechat account number (micro signal), and finally the system prompts to bind the QQ account number (QQ number or hand Q number); icon 2 corresponds to the login component of the hand Q client, and the user logs in with hand Q for the first time, binds the mobile phone number first, then binds the QQ account number (QQ number or hand Q number), and finally the system prompts and binds the WeChat account number (micro signal).

In one embodiment, the user may preferentially read local login information during the login process, and prompt whether the user logs in a local account or other accounts, such as the non-first-time login interface shown in fig. 4; then, the account binding association of the hand Q and the WeChat is performed by using the mobile phone number (mobile phone number), as shown in fig. 5 and fig. 6; as shown in fig. 5, in a non-initial login interface, a user logs in by using a QQ account, and the login interface prompts that a mobile phone number is bound and a WeChat account number is bound; as shown in fig. 6, in a non-initial login interface, a user logs in by using a WeChat account, and the login interface prompts that a mobile phone number and a QQ account are bound.

An embodiment of the present application provides a login method, a flowchart of the method is shown in fig. 7, and the method includes:

s201, the user starts the client.

In one embodiment, the client may be a game APP, for example, the client is a power race community APP.

S202, the client reads local Session data of the client.

S203, the client judges whether the Session _ id exists in the local Session data of the client, and if the Session _ id exists in the local Session data of the client, the step S204 is carried out; when it is determined that Session _ id does not exist in the Session data local to the client, the process proceeds to step S209.

And S204, the client calls and refreshes a login state interface, and sends Session _ id to the server.

For example, the server is a server of the electronic competition community.

S205, the server receives the Session _ id sent by the client and reads the local Session data of the server; before the server receives the Session _ id sent by the client, the local Session data of the server already includes: the same Session _ id as the client sent, and the expiration of the Session _ id.

S206, the server judges whether the Session _ id sent by the client is expired, if the Session _ id sent by the client is determined not to be expired, the Session _ id is updated to obtain an updated Session _ id, the updated Session _ id is sent to the client, and the step S207 is carried out; when it is determined that the Session _ id transmitted by the client is expired, the process proceeds to step S209.

S207, the client receives the updated Session _ id and stores the updated Session _ id, namely the latest login state.

S208, the user successfully refreshes the login state.

S209, the client jumps to a login interface.

In the embodiment of the application, a user starts a client, and when the login state stored by the client is not expired, the client enters the logged-in state; and when the login state stored by the client is expired, the client jumps to a login interface, and the user needs to log in again.

An embodiment of the present application provides a login method, a flowchart of the method is shown in fig. 8, and the method includes:

s210, the user selects a login type.

In one embodiment, the login type includes a login manner of the hand Q and a login manner of the WeChat. The user can select one mode from the login mode of the hand Q and the login mode of the WeChat as the current login type.

In one embodiment, step S210 in FIG. 8 is performed after step S209 in FIG. 7.

S211, the client pulls the authorization.

In one embodiment, the client pulls up the corresponding handq client (APP of handq) or wechat client (APP of wechat) for authorized login.

S212, the hand Q client or the WeChat client provides an authorization interface.

S213, the user confirms authorization.

In one embodiment, the user confirms whether to authorize login through the login component of the hand Q client or the login component of the wechat client through an authorization interface provided by the hand Q client or the wechat client. For example, when the user clicks on a confirmation icon on the authorization interface provided by the Q client, the user confirms authorization to log in through the login component of the Q client. For another example, when the user clicks a confirmation icon on the authorization interface provided by the WeChat client, the user confirms authorization to log in through the login component of the WeChat client.

S214, the hand Q client or the WeChat client confirms whether the user is authorized, and if the user is not authorized, the step S215 is carried out; when the user authorization is confirmed, processing proceeds to step S217.

S215, the client receives the callback unauthorized.

In one embodiment, the client receives the unauthorized callback of the user sent by the Q-handed client or the WeChat client, and the client sends an error prompt to the user.

S216, the user receives an error prompt.

S217, the hand Q server or the WeChat server generates a login credential code.

In one embodiment, the code may be an authorized code.

And S218, carrying the code callback client by the hand Q client or the WeChat client.

S219, the client receives the callback code and calls the login interface.

In one embodiment, the client sends the code to the server through the login interface.

S220, the server side calls the Oauth2.0 verification interface.

In one embodiment, the server side calls an Oauth2.0 verification interface to determine that the code is legal, and sends a first message including the code to the Q server side or the WeChat server side.

S221, the hand Q server or the WeChat server verifies the code, the key secret and the account appid, and generates an access token access _ token.

In one embodiment, the hand Q server verifies the code, the key secret of the hand Q client, and the account appid of the hand Q client, and obtains the access token access _ token.

In one embodiment, the wechat server verifies the code, the secret key of the wechat client and the account appid of the wechat client to obtain the access token access _ token.

S222, the server analyzes the access _ token.

In one embodiment, the server receives the access _ token sent by the hand Q server or the WeChat server, and parses the access _ token.

S223, the server judges whether the access _ token is valid, and when the access _ token is determined not to be valid, the process goes to the step S224; when it is determined that the access _ token is valid, the process proceeds to step S225.

S224, the client restarts the authorization process.

In one embodiment, the access _ token returned by the client receiving server is invalid, and the client restarts the authorization flow and goes to the processing of step S209 in fig. 7.

And S225, the server side stores the result.

In one embodiment, the server maintains an access token.

S226, the server side calls the Oauth2.0 user information interface.

In one embodiment, the server terminal calls the oauth2.0 user information interface to query the user information based on the access _ token, and sends the queried user information to the hand Q server terminal or the WeChat server terminal.

S227, the hand Q server or the WeChat server verifies the access _ token and returns verification data.

In one embodiment, the hand Q server or the WeChat server verifies the access _ token based on the user information to obtain verification information. And the hand Q server or the WeChat server sends the verification data (verification information) to the server.

S228, the server judges whether the identity identifier openid is acquired, and if the identity identifier openid is not acquired, the step goes to step S229 for processing; when it is determined that openid is acquired, this goes to the processing of step S230.

In one embodiment, the identity is openid, which may be the identity of the hand Q client, that is, openid may be the identity corresponding to the hand Q number of the user; the openid can be an identity of the wechat client, that is, the openid can be an identity corresponding to the user's micro-signal. For example, the Uid of a user, the openid of the hand Q client (openid corresponding to the hand Q number), the openid of the wechat client (openid corresponding to the wechat), and the mobile phone number of the user are bound to each other.

S229, the client prompts for an exception.

In one embodiment, the client raises the exception and proceeds to step S224.

And S230, the server reads the mapping relation data between the openid and the Uid.

S231, the server judges whether a binding relationship (mapping relationship) exists between the openid and the Uid, and if the binding relationship exists between the openid and the Uid, the step S232 is carried out; when it is determined that there is no binding relationship between the openid and the Uid, processing goes to step S234.

It should be noted that when it is determined that there is no binding relationship between the openid and the Uid, it is indicated that there is no mapping relationship between the Uid and the openid at the server.

And S232, the client saves the latest login state.

In one embodiment, the client receives the login state sent by the server and stores the login state.

S233, the user successfully logs in.

And S234, the client binds a mobile phone number interface.

In the embodiment of the application, in non-first-time login of a user, because a mapping relationship exists between a user identifier Uid and an identity identifier openid of a hand Q, and a mapping relationship exists between the Uid and an identity identifier openid of a WeChat, namely binding relationships exist between the Uid, the hand Q and the WeChat, so that the hand Q and the WeChat are associated to the same Uid in a user login scene, namely a hand Q number (a hand Q account) and a WeChat (a WeChat account) are both bound with the Uid, and one user only corresponds to one Uid, the use cost of the user is reduced, and the accuracy of counting the number of game users by a service platform is improved.

An embodiment of the present application provides a login method, a flowchart of the method is shown in fig. 9, and the method includes:

and S235, inputting the mobile phone number and the robot-proof verification code by the user.

In one embodiment, step S235 in fig. 9 is performed after step S234 in fig. 8.

S236, the client calls the interface for sending the verification code.

In one embodiment, the client calls a verification code sending interface to send a verification code and a Session _ id to the server; the passcode may be an anti-robot passcode.

S237, the server judges whether to trigger the anti-brushing mechanism, and when the anti-brushing mechanism is determined to be triggered, the step S238 is carried out; when it is determined that the anti-swipe mechanism is not triggered, processing proceeds to step S240.

In one embodiment, the server determines whether to trigger the anti-refresh mechanism based on the received authentication code and Session _ id.

And S238, the client displays the cooling time, the verification code, the error information and the like through an anti-flashing mechanism.

In one embodiment, the client sends an error prompt to the user.

And S239, receiving an error prompt sent by the client by the user.

S240, the server generates a verification code.

S241, the server stores the information related to the verification code in the session data.

S242, the Service terminal calls an SMS (Short Message Service) interface and sends the verification code to the operator.

S243, the operator sends the short message to the user.

S244, the user receives the verification code.

And S245, the user inputs the verification code and sends the verification code to the client.

S246, the client calls the binding interface.

In one embodiment, the client calls the binding interface to send the authorized Session _ id to the server.

S247, the server reads the authorized Session _ id.

S248, the server side judges whether the Session _ id is valid; when it is determined that the Session _ id is not valid, processing proceeds to step S249; when it is determined that the Session _ id is valid, processing proceeds to step S250.

S249, the client restarts the authorization process.

In one embodiment, after the client restarts the authorization flow, the process goes to step S209 in fig. 7.

And S250, the server generates a Uid and a login state, binds the openid and the Uid, and establishes a mapping relation between the openid and the Uid.

In one embodiment, the server binds the openid of the hand Q client, the openid and the Uid of the wechat client and the mobile phone number, and establishes a mapping relationship between the openid of the hand Q client, the openid and the Uid of the wechat client and the mobile phone number.

In an embodiment, the server updates the Session _ id in step S248 to generate an updated Session _ id, where the updated Session _ id is the login state in step S250, and the server sends the login state and the user data to the client.

And S251, the server side stores the Session data, the user data and the mapping data.

In one embodiment, the Session data includes a login state (updated Session _ id), and the mapping data includes mapping relationships among openid, Uid and mobile phone number.

And S252, the client saves the login state.

And S253, the user successfully logs in.

In the embodiment of the application, a mapping relation among openid of a hand Q client, openid and Uid of a WeChat client and a mobile phone number needs to be established when a user logs in for the first time; one user only corresponds to one Uid, the Uid can simultaneously correspond to a plurality of openids, the Uid simultaneously corresponds to the mobile phone number of the user, and the Uid is used as the unique user identifier in the whole account system of the user. The mobile phone number of the user can be changed, and the Uid of the user cannot be changed, namely, the Uid and the mapping relation between the Uid and the openids cannot be influenced when the mobile phone number of the user is changed; after the user changes the mobile phone number, the user does not timely unbundle or change the binding, and even if the old mobile phone number is registered by other users, the security risk that the user account is lost can not occur.

Based on the same inventive concept, the embodiment of the present application further provides a login apparatus, the login apparatus is executed by a first server, a schematic structural diagram of the login apparatus is shown in fig. 10, and the login apparatus 40 includes a first processing module 401, a second processing module 402, a third processing module 403, and a fourth processing module 404.

The first processing module 401 is configured to receive a login credential sent by a first client from a terminal, where the login credential is used to characterize that the first client performs user login through a login component of any one of at least two second clients on the terminal;

a second processing module 402, configured to send, in response to determining that the login credential is legal, a first message to the second server to instruct the second server to determine an access token according to the first message;

a third processing module 403, configured to receive an access token sent by a second server, and determine an identity of any second client according to the access token;

the fourth processing module 404 is configured to send a login status to the first client to indicate the first client to perform user login in response to determining that a mapping relationship exists between any user identifier in the first service and an identity identifier of any second client.

In an embodiment, the second processing module 402 is specifically configured to:

In an embodiment, the third processing module 403 is specifically configured to:

In one embodiment, the fourth processing module 404 is further configured to:

if the fact that the mapping relation does not exist between any user identifier and any second client identity identifier in the first service end is determined, a second message is sent to the first client to indicate the first client to send the communication number of the terminal and the verification code related to the communication number of the terminal;

In one embodiment, before receiving the login credential sent by the first client from the terminal, the first processing module 401 is further configured to:

receiving a login state stored by a first client sent by the first client;

the first processing module 401 is specifically configured to:

receiving a login state stored by a first client sent by the first client;

The application of the embodiment of the application has at least the following beneficial effects:

Based on the same inventive concept, the embodiment of the present application further provides an electronic device, a schematic structural diagram of which is shown in fig. 11, where the electronic device 9000 includes at least one processor 9001, a memory 9002, and a bus 9003, and at least one processor 9001 is electrically connected to the memory 9002; the memory 9002 is configured to store at least one computer executable instruction, and the processor 9001 is configured to execute the at least one computer executable instruction to perform the steps of any of the login methods as provided by any of the embodiments or any of the alternative embodiments in the present application.

Further, the processor 9001 may be an FPGA (Field-Programmable Gate Array) or other devices with logic processing capability, such as an MCU (micro controller Unit) and a CPU (Central processing Unit).

Based on the same inventive concept, the embodiments of the present application further provide a computer-readable storage medium, which stores a computer program, and the computer program is used for implementing the steps of any one of the login methods provided in any one of the embodiments or any one of the alternative embodiments of the present application when being executed by a processor.

The computer-readable storage medium provided by the embodiments of the present application includes, but is not limited to, any type of disk including floppy disks, hard disks, optical disks, CD-ROMs, and magneto-optical disks, ROMs (Read-Only memories), RAMs (Random Access memories), EPROMs (Erasable Programmable Read-Only memories), EEPROMs (Electrically Erasable Programmable Read-Only memories), flash memories, magnetic cards, or optical cards. That is, a readable storage medium includes any medium that stores or transmits information in a form readable by a device (e.g., a computer).

Embodiments of the present application further provide a computer program product containing instructions, which when run on a computer device, cause the computer device to execute the login method provided by the foregoing method embodiments.

It will be understood by those within the art that each block of the block diagrams and/or flowchart illustrations, and combinations of blocks in the block diagrams and/or flowchart illustrations, can be implemented by computer programs. Those skilled in the art will appreciate that the computer program product may be implemented by a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, implement the aspects specified in the block or blocks of the block diagrams and/or flowchart illustrations disclosed herein.

Those of skill in the art will appreciate that the various operations, methods, steps in the processes, acts, or solutions discussed in this application can be interchanged, modified, combined, or eliminated. Further, other steps, measures, or schemes in various operations, methods, or flows that have been discussed in this application can be alternated, altered, rearranged, broken down, combined, or deleted. Further, steps, measures, schemes in the prior art having various operations, methods, procedures disclosed in the present application may also be alternated, modified, rearranged, decomposed, combined, or deleted.

The foregoing is only a partial embodiment of the present application, and it should be noted that, for those skilled in the art, several modifications and decorations can be made without departing from the principle of the present application, and these modifications and decorations should also be regarded as the protection scope of the present application.

Claims

1. A login method executed by a first server side is characterized by comprising the following steps:

receiving a login credential sent by a first client from a terminal, wherein the login credential is used for representing that the first client performs user login through a login component of any one of at least two second clients on the terminal;

in response to determining that the login credential is legal, sending a first message to a second server to indicate the second server to determine an access token according to the first message;

receiving an access token sent by the second server, and determining the identity of any second client according to the access token;

and in response to determining that a mapping relationship exists between any user identifier in the first service end and any second client identifier, sending a login state to the first client to indicate the first client to log in the user.

2. The method of claim 1, wherein sending a first message to a second server in response to determining that the login credentials are legitimate comprises:

and responding to a preset verification interface to determine that the login credential is legal, and sending the first message including the login credential to a second server to indicate the second server to determine an access token according to the login credential, the key of any second client and the account of any second client.

3. The method of claim 1, wherein determining the identity of any second client according to the access token comprises:

in response to determining that the access token is legal, calling a predetermined user information interface to inquire user information based on the access token, and sending the inquired user information to the second server to indicate the second server to obtain verification information according to the access token and the user information;

4. The method of claim 1, further comprising:

if the fact that the mapping relation does not exist between any user identifier and the identity identifier of any second client in the first service end is determined, sending a second message to the first client to indicate the first client to send the communication number of the terminal and a verification code related to the communication number of the terminal;

and receiving the communication number and the verification code of the terminal sent by the first client, generating a user identifier which has a mapping relation with the identity identifier of any second client in response to determining that the communication number and the verification code of the terminal are legal, and sending a login state to the first client.

5. The method according to claim 1, wherein before said receiving the login credentials sent by the first client from the terminal, further comprising:

receiving a login state stored by the first client sent by the first client;

when the login state stored by the first server is determined to be expired according to the login state stored by the first client, sending a third message to the first client for indicating the first client to jump to a login interface;

the receiving of the login credential sent by the first client from the terminal includes:

and receiving a login credential which is sent by a first client of the terminal and is generated by the triggering of the user through the login interface.

6. The method according to claim 1, wherein before said receiving the login credentials sent by the first client from the terminal, further comprising:

receiving a login state stored by the first client sent by the first client;

when the fact that the login state stored by the first server is not expired is determined according to the login state stored by the first client, updating the login state stored by the first server to obtain an updated login state;

7. The method according to any one of claims 1-6, wherein a mapping relationship exists between any user identifier and any second client; and a mapping relation exists between any user identifier and the communication number of the terminal.

8. A login device, the login device being executed by a first server, the login device comprising:

the terminal comprises a first processing module, a second processing module and a third processing module, wherein the first processing module is used for receiving a login credential sent by a first client side from a terminal, and the login credential is used for representing that the first client side performs user login through a login component of any one of at least two second client sides on the terminal;

the second processing module is used for responding to the fact that the login certificate is legal and sending a first message to a second server so as to indicate the second server to determine an access token according to the first message;

and the fourth processing module is configured to send a login state to the first client to indicate the first client to perform user login in response to determining that a mapping relationship exists between any user identifier in the first service and an identity identifier of any second client.

9. An electronic device, comprising: a processor, a memory;

the memory for storing a computer program;

the processor, configured to execute the login method according to any one of claims 1 to 7 by calling the computer program.

10. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, is adapted to carry out the login method according to any one of claims 1-7.