CN114266033A - Verification code generation method and device, verification code login system and electronic equipment - Google Patents
Verification code generation method and device, verification code login system and electronic equipment Download PDFInfo
- Publication number
- CN114266033A CN114266033A CN202111419911.4A CN202111419911A CN114266033A CN 114266033 A CN114266033 A CN 114266033A CN 202111419911 A CN202111419911 A CN 202111419911A CN 114266033 A CN114266033 A CN 114266033A
- Authority
- CN
- China
- Prior art keywords
- verification code
- encryption
- character string
- encrypted
- verification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012795 verification Methods 0.000 title claims abstract description 413
- 238000000034 method Methods 0.000 title claims abstract description 87
- 238000009877 rendering Methods 0.000 claims abstract description 21
- 238000012545 processing Methods 0.000 claims description 29
- 238000004422 calculation algorithm Methods 0.000 claims description 17
- 238000010586 diagram Methods 0.000 description 15
- 238000004590 computer program Methods 0.000 description 6
- 230000000694 effects Effects 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 5
- 230000008569 process Effects 0.000 description 5
- 238000010200 validation analysis Methods 0.000 description 5
- 238000004891 communication Methods 0.000 description 3
- 238000011161 development Methods 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 230000006978 adaptation Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 230000002354 daily effect Effects 0.000 description 1
- 230000003203 everyday effect Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000002427 irreversible effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Images
Abstract
The application provides a verification code generation method, a verification code generation device, a verification code login system and electronic equipment, wherein the method comprises the following steps: responding to a verification login request of a client, and generating a first verification code; sending the first verification code to a buffer for storage; rendering each character in the first verification code according to a preset rule, and randomly combining the rendered characters into a verification code picture; the verification code picture and the first prompt message are sent to the client, the first prompt message is used for prompting a user to input the first verification code according to a preset rule, and safety of the verification code is improved.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a verification code generation method, a verification code generation device, a verification code login system, and an electronic device.
Background
With the development of network technology, the internet has been related to various fields of work, study and life of people, and in the current information network era, information security is more and more important. The verification code technology is widely applied to a login system, and many network applications need verification codes during login, so that continuous login attempts can be effectively prevented by maliciously using a program violence breaking mode during login of a user.
In the verification code generation mode in the prior art, a random character string is usually generated, the character string is stored in a memory, a verification code generated by the verification code is directly displayed to a user, the user identifies the character string according to the verification code image and inputs and submits the identified character string, a server compares the character string in the memory with the character string input by the user, and if the comparison is consistent, the verification is passed.
However, in the prior art, the way of directly generating the verification code into the verification code picture makes malicious programs easily and automatically identified, so that the security of the verification code is low.
Disclosure of Invention
The application provides a verification code generation method, a verification code generation device, a verification code login system and electronic equipment, which are used for solving the technical problem of low security of a verification code in the prior art.
In a first aspect, the present application provides a verification code generation method, including:
responding to a verification login request of a client, and generating a first verification code; sending the first verification code to a buffer for storage; rendering each character in the first verification code according to a preset rule, and randomly combining the rendered characters into a verification code picture; and sending the verification code picture and first prompt information to the client, wherein the first prompt information is used for prompting a user to input the first verification code according to a preset rule.
In the embodiment of the application, after the verification code is generated, the server renders each character in the verification code according to the preset rule, then randomly combines the rendered characters into the verification code picture, and prompts a user to input the verification code according to the preset rule, so that the safety of the verification code is improved.
In a possible implementation manner, the verification code generation method provided in an embodiment of the present application sends the first verification code to the buffer for storage, and includes:
encrypting the first verification code by using a preset encryption method to generate a first encryption character string; and sending the first encryption character string to a buffer for storage.
In the embodiment of the application, the verification code is encrypted by using a preset encryption method, and the encrypted character string is stored in the buffer, so that the safety of the verification code stored in the buffer is improved.
In a possible implementation manner, the verification code generation method provided in the embodiment of the present application further includes:
receiving a second verification code sent by the client; encrypting the second verification code according to a preset encryption method to generate a second encryption character string; judging whether the second encryption character string is consistent with the first encryption character string; and if the second encrypted character string is consistent with the first encrypted character string, the verification is successful, and second prompt information is sent to the client, wherein the second prompt information is used for prompting the user that the verification code is successful.
In the embodiment of the application, the second verification code sent by the client is encrypted in the same encryption mode as the first verification code to generate the encrypted character string of the second verification code, and the encrypted character string of the second verification code is compared with the encrypted character string of the first verification code.
In a possible implementation manner, a verification code generation method provided in an embodiment of the present application performs encryption processing on a first verification code by using a preset encryption method to generate a first encryption string, and includes:
acquiring a preset secret key, a first verification code and a first current timestamp; splicing the preset secret key, the first verification code and the first current timestamp to generate a first character string to be encrypted; and encrypting the first character string to be encrypted to generate a first encrypted character string.
Encrypting the second verification code according to a preset encryption method to generate a second encryption character string, comprising:
acquiring a preset secret key, a second verification code and a plurality of preset times before a second current timestamp; splicing the preset secret key, the second verification code and a plurality of preset times to generate a plurality of second character strings to be encrypted; encrypting the second character strings to be encrypted to generate second encrypted character strings, wherein the second encrypted character strings correspond to the preset time one by one; judging whether the second encryption character string is consistent with the first encryption character string, including: judging whether a second encryption character string in the plurality of second encryption character strings is consistent with the first encryption character string; if so, the verification is successful.
In the embodiment of the application, the preset key, the verification code and the current timestamp of the splicing are encrypted to generate the encrypted character string of the verification code, so that the safety of the verification code can be improved, the effective time of the verification code can be set through the current timestamp and the preset time, and the timeliness of the verification code is guaranteed.
In a possible implementation manner, the verification code generation method provided in an embodiment of the present application performs encryption processing on a first verification code by using a preset encryption method, and includes:
the first authentication code is encrypted by a Message Digest 5 (MD 5) encryption algorithm.
In the embodiment of the application, the verification code is encrypted by adopting the MD5 encryption algorithm, so that the verification code is prevented from being calculated maliciously by a technical means, and the safety of the verification code is further ensured.
In one possible embodiment, rendering each character in the first verification code according to a preset rule includes:
and rendering each character according to the character sequence of each character in the first verification code in any one or more modes of size, color, thickness or position.
The verification code generation apparatus, the verification code login system, the electronic device, the computer readable storage medium, and the computer program product provided in the embodiments of the present application are described below, and the contents and effects thereof may refer to the verification code generation method provided in the embodiments of the present application, and are not described again.
In a second aspect, the present application provides a verification code generation apparatus, including:
and the generating module is used for responding to the verification login request of the client and generating a first verification code.
And the first sending module is used for sending the first verification code to the buffer for storage.
And the first processing module is used for rendering each character in the first verification code according to a preset rule and randomly combining the rendered characters into a verification code picture.
The second sending module is further used for sending the verification code picture and the first prompt message to the client, and the first prompt message is used for prompting a user to input the first verification code according to a preset rule.
In one possible implementation manner, the verification code generation device provided by the embodiment of the application,
the first processing module is further used for encrypting the first verification code by using a preset encryption device to generate a first encryption character string; and the first sending module is specifically used for sending the first encrypted character string to the buffer for storage.
In a possible implementation manner, the verification code generating apparatus provided in an embodiment of the present application may further include:
and the receiving module is used for receiving the second verification code sent by the client.
The second processing module is used for encrypting the second verification code according to a preset encryption device to generate a second encryption character string; and judging whether the second encryption character string is consistent with the first encryption character string.
And the second sending module is further used for sending second prompt information to the client if the second encrypted character string is consistent with the first encrypted character string, wherein the second prompt information is used for prompting the user that the verification code is successfully verified.
In a possible implementation manner, the first processing module is specifically configured to:
acquiring a preset secret key, a first verification code and a first current timestamp; splicing the preset secret key, the first verification code and the first current timestamp to generate a first character string to be encrypted; and encrypting the first character string to be encrypted to generate a first encrypted character string.
The second processing module is specifically configured to:
acquiring a preset secret key, a second verification code and a plurality of preset times before a second current timestamp; splicing the preset secret key, the second verification code and a plurality of preset times to generate a plurality of second character strings to be encrypted; encrypting the second character strings to be encrypted to generate second encrypted character strings, wherein the second encrypted character strings correspond to the preset time one by one; judging whether a second encryption character string in the plurality of second encryption character strings is consistent with the first encryption character string; if so, the verification is successful.
In a possible implementation manner, the first processing module is specifically configured to:
the first authentication code is encrypted by the MD5 encryption algorithm.
In a possible implementation manner, the first processing module is specifically configured to:
and rendering each character according to the character sequence of each character in the first verification code in any one or more modes of size, color, thickness or position.
In a third aspect, an embodiment of the present application provides an authentication code login system, which includes a client and a server.
The client sends a verification login request to the server; the server responds to a verification login request of the client, generates a first verification code and sends the first verification code to the cache for storage; rendering each character in the first verification code according to a preset rule, and randomly combining the rendered characters into a verification code picture; then sending the verification code picture and first prompt information to a client, wherein the first prompt information is used for prompting a user to input a first verification code according to a preset rule; the client receives and displays the verification code picture and the first prompt message, receives a second verification code input by a user and sends the second verification code to the server; and the server receives the second verification code sent by the client and judges whether the second verification code is consistent with the first verification code or not so as to execute verification login of the client.
In a fourth aspect, an embodiment of the present application provides an electronic device, including:
a processor, and a memory communicatively coupled to the processor;
the memory stores computer-executable instructions;
the processor executes the computer-executable instructions stored by the memory to implement the first aspect or the first aspect implementable manner to provide the verification code generation method.
In a fifth aspect, an embodiment of the present application provides a computer-readable storage medium, where computer-executable instructions are stored in the computer-readable storage medium, and when the computer-executable instructions are executed by a processor, the method for generating a verification code is implemented as provided in the first aspect or an implementation manner of the first aspect.
In a sixth aspect, an embodiment of the present application provides a computer program product, which includes computer executable instructions, and the computer executable instructions are executed by a processor to implement the verification code generation method as provided in the first aspect or the first aspect implementable manner.
According to the verification code generation method and device, the verification code login system and the electronic equipment, the first verification code is generated by responding to the verification login request of the client; sending the first verification code to a buffer for storage; then, rendering each character in the first verification code according to a preset rule, and randomly combining the rendered characters into a verification code picture; and then sending the verification code picture and first prompt information to the client, wherein the first prompt information is used for prompting a user to input the first verification code according to a preset rule. After the verification code is generated, the server renders each character in the verification code according to a preset rule, then randomly combines the rendered characters into a verification code picture, and prompts a user to input the verification code according to the preset rule, so that the safety of the verification code is improved.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present application and together with the description, serve to explain the principles of the application.
FIG. 1 is an exemplary application scenario architecture diagram provided by an embodiment of the present application;
fig. 2 is a schematic flowchart of a verification code generation method according to an embodiment of the present application;
FIGS. 3A-3B are schematic diagrams of a validation code provided in accordance with an embodiment of the present application;
FIGS. 4A-4B are schematic diagrams of verification code pictures provided in accordance with an embodiment of the present application;
FIG. 5 is a schematic interface diagram of a client according to an embodiment of the present application;
fig. 6 is a schematic flowchart of a verification code generation method according to another embodiment of the present application;
FIG. 7 is a flowchart illustrating a verification code generation method according to another embodiment of the present application;
fig. 8 is a schematic structural diagram of an authentication code generation apparatus according to an embodiment of the present application;
fig. 9 is a schematic structural diagram of an authentication code generation apparatus according to another embodiment of the present application;
FIG. 10 is a schematic flowchart illustrating a work flow of an authentication code login system according to an embodiment of the present application;
fig. 11 is a schematic structural diagram of an electronic device provided in an embodiment of the present application.
With the above figures, there are shown specific embodiments of the present application, which will be described in more detail below. These drawings and written description are not intended to limit the scope of the inventive concepts in any manner, but rather to illustrate the inventive concepts to those skilled in the art by reference to specific embodiments.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
The terms "first" and "second" in the description and claims of the present application and the above-described drawings are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the application described herein are, for example, capable of operation in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
With the development of network technology, the internet has been related to various fields of work, study and life of people, and in the current information network era, information security is more and more important. The verification code technology is widely applied to a login system, and many network applications need verification codes during login, so that continuous login attempts can be effectively prevented by maliciously using a program violence breaking mode during login of a user. However, in the verification code generation method in the prior art, a random character string is usually generated, the character string is stored in a memory, and a verification code picture is generated and displayed to a user, so that the security of the verification code is low.
The verification code generation method, the verification code generation device, the verification code login system and the electronic equipment have the inventive concept that after the verification code is generated, each character in the verification code is rendered according to a preset rule, then the rendered characters are randomly combined into a verification code picture, and a user is prompted to input the verification code according to the preset rule, so that the safety of the verification code is improved. In addition, the embodiment of the application also ensures the safety of the stored verification code by encrypting the verification code, and sets the time efficiency of the verification code by storing the current time stamp when encrypting the verification code, thereby further ensuring the safety of the verification code.
An exemplary application scenario of the embodiments of the present application is described below.
The verification code generation method provided by the embodiment of the present application may be executed by the verification code generation apparatus provided by the embodiment of the present application, and the verification code generation apparatus provided by the embodiment of the present application may be integrated on a server, or the verification code generation apparatus may be the server itself. The embodiment of the present application does not limit the specific type of the server.
In daily work and life, a mode that a user inputs an authentication code is usually required for a webpage account login interface, a login person is confirmed to be the user, and the login is not automatically identified by malicious software, so that the information security of a user account is protected. Fig. 1 is an exemplary application scenario architecture diagram provided in an embodiment of the present application, and as shown in fig. 1, the architecture mainly includes: a terminal device 11 (personal computer) and a server 12. The method comprises the steps that a verification login request of a user is obtained through a client side of a terminal device 11, the verification login request is sent to a server 12, a verification code picture is generated through the server 12 and sent to the client side, the terminal device 11 displays the verification code picture, the user identifies the verification code picture, a verification code is input to the client side, the client side receives the verification code input by the user and sends the verification code input by the user to the server 12, and the server 12 verifies the verification code to execute login. The embodiments of the present application are merely examples, and are not limited thereto. For example, the terminal device may also be a tablet computer, a smart phone, a vehicle-mounted terminal, and the like.
The following describes the technical solutions of the present application and how to solve the above technical problems with specific embodiments. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments. Embodiments of the present application will be described below with reference to the accompanying drawings.
Fig. 2 is a schematic flowchart of a verification code generation method according to an embodiment of the present application, where the verification code generation method may be executed by a verification code generation apparatus, and the apparatus may be implemented by software and/or hardware, and the verification code generation method is described below with a server as an execution subject. As shown in fig. 2, the verification code generation method provided in the embodiment of the present application may include:
step S101: and generating a first verification code in response to a verification login request of the client.
When a user logs in a user account through a client, the client sends a verification login request to a server, and the server responds to the verification login request of the client to generate a first verification code. The first verification code may include any combination of one or more of numbers, chinese characters, symbols, upper case letters, lower case letters, and the like, which is not limited in this application.
Step S102: and sending the first verification code to a buffer for storage.
After the server generates the first verification code, the first verification code is sent to the buffer for storage, and preparation is made for a follow-up verification process of the verification code by the server.
Step S103: rendering each character in the first verification code according to a preset rule, and randomly combining the rendered characters into a verification code picture.
Besides sending the first verification code to the buffer for storage, the server also needs to render each character in the first verification code according to a preset rule, and randomly combine the rendered characters into a verification code picture.
The method for rendering each character of the first verification code according to the preset rule is not limited, and in a possible implementation manner, rendering each character of the first verification code according to the preset rule includes:
and rendering each character according to the character sequence of each character in the first verification code in any one or more modes of size, color, thickness or position.
For convenience of understanding, the embodiment of the present application takes the first verification code as five english letters, i.e., ABCDE, as an example, and the embodiment of the present application is not limited thereto. In one possible implementation, fig. 3A-3B are schematic diagrams of the verification code provided in an embodiment of the present application, and as shown in fig. 3A, the server renders A, B, C, D, E in descending order according to the sequence of ABCDE in the first verification code. Or as shown in fig. 3B, the server renders A, B, C, D, E in descending order according to the sequence of ABCDE in the first verification code.
In another possible implementation manner, the server may further render A, B, C, D, E according to any one or more rules of the color brightness degree, the line thickness, the position of each letter, and the like according to the sequence of ABCDE in the first verification code, which is not described in detail herein.
After each character in the first verification code is rendered according to a preset rule, the rendered characters are randomly combined into a verification code picture. Taking the first verification code as ABCDE and the server rendering the first verification code according to the method in fig. 3A as an example, fig. 4A-4B are schematic diagrams of verification code pictures provided in an embodiment of the present application, and the verification code pictures combined by the rendered ABCDE randomly by the server may be, for example, fig. 4A or fig. 4B, or may be in other random combination forms. The embodiments of the present application are merely examples, and are not limited thereto.
Step S104: and sending the verification code picture and the first prompt message to the client.
After the verification code picture is generated by the server, the verification code picture and first prompt information are sent to the client side, wherein the first prompt information is used for prompting a user to input the first verification code according to a preset rule. The embodiment of the application does not limit the size, definition and the like of the verification code picture, and does not limit the specific content, form and the like of the first prompt message, so long as the user can understand and identify the first prompt message.
For convenience of understanding, in the embodiment of the present application, the verification code picture is taken as a picture in fig. 4A, the client is taken as an example, fig. 5 is an interface schematic diagram of the client provided in the embodiment of the present application, and as shown in fig. 5, after the user inputs an account and a password in a login interface of the client, the verification code picture sent by the server is displayed, and a first prompt message "please input the verification code according to the letter size order" is attached to the verification code picture, so as to prompt the user to input the first verification code according to a preset rule. The user can know that the verification code is ABCDE through the identification verification code picture and the first prompt message. The embodiments of the present application take the above as examples, and are not limited thereto.
The client receives a second verification code input by the user and sends the second verification code to the server, the server compares whether the first verification code and the second verification code are consistent, if the first verification code and the second verification code are consistent, verification is passed, verification login of the client is executed, and if the first verification code and the second verification code are inconsistent, login is failed. The first verification code in the buffer is invalidated regardless of whether the verification result is successful.
In the embodiment of the application, after the verification code is generated, the server renders each character in the verification code according to the preset rule, then randomly combines the rendered characters into the verification code picture, and prompts a user to input the verification code according to the preset rule, so that the safety of the verification code is improved.
Based on the embodiment shown in fig. 2, in a possible implementation manner, fig. 6 is a flowchart of a verification code generation method provided in another embodiment of the present application, where the method may be executed by a verification code generation apparatus, and the apparatus may be implemented in a software and/or hardware manner, and the following describes the verification code generation method with a server as an execution subject, as shown in fig. 6, in the verification code generation method provided in the embodiment of the present application, step S102 sends a first verification code to a buffer for storage, and may include:
step S201: and encrypting the first verification code by using a preset encryption method to generate a first encryption character string.
Step S202: and sending the first encryption character string to a buffer for storage.
After the first verification code is generated, the server encrypts the first verification code by using a preset encryption method, which is not limited in the embodiment of the present application. For example, the preset encryption method may be a symmetric encryption algorithm, an asymmetric encryption algorithm, or an MD5 encryption algorithm. In a possible implementation, the first verification code is encrypted by using a preset encryption method, which may be a symmetric encryption algorithm, an asymmetric encryption algorithm, or an MD5 encryption algorithm. Because the MD5 encryption algorithm is irreversible, the MD5 encryption algorithm is adopted to encrypt the first verification code, malicious calculation of the verification code by a technical means is avoided, and the safety of the verification code is further ensured.
And after the server generates the first encryption character string, the server sends the first encryption character string to the buffer for storage.
In the embodiment of the application, the verification code is encrypted by using a preset encryption method, and the encrypted character string is stored in the buffer, so that the safety of the verification code stored in the buffer is improved.
On the basis of the foregoing embodiment, in a possible implementation manner, fig. 7 is a flowchart of a verification code generation method provided in another embodiment of the present application, where the method may be executed by a verification code generation apparatus, and the apparatus may be implemented in a software and/or hardware manner, and the following describes the verification code generation method with a server as an execution subject, as shown in fig. 7, after sending a verification code picture and first prompt information to a client in step S104, the verification code generation method provided in the embodiment of the present application may further include:
step S301: and receiving a second verification code sent by the client.
Step S302: and encrypting the second verification code according to a preset encryption method to generate a second encryption character string.
Step S303: and judging whether the second encryption character string is consistent with the first encryption character string.
Step S304: and if the second encrypted character string is consistent with the first encrypted character string, the verification is successful, and second prompt information is sent to the client.
The user inputs a second verification code by identifying the verification code picture and the first prompt message, the client receives the second verification code input by the user and then sends the second verification code to the server, and the server receives the second verification code sent by the client and encrypts the second verification code according to a preset encryption method to generate a second encryption character string. If the second verification code is the same as the first verification code, a second encryption character string generated by encrypting the second verification code by the same preset encryption method should be consistent with the first encryption character string.
The server judges whether the second verification code is consistent with the first verification code by judging whether the second encryption character string is consistent with the first encryption character string, if so, the server indicates that the second verification code input by the user is consistent with the first verification code, the verification is successful, and second prompt information is sent to the client, and the second prompt information is used for prompting the user that the verification code is successful. If the second encrypted character string is inconsistent with the first encrypted character string, the second verification code input by the user is inconsistent with the first verification code, the verification fails, and the server can send third prompt information to the client to prompt the user that the verification code fails.
In the embodiment of the application, the second verification code sent by the client is encrypted in the same encryption mode as the first verification code to generate the encrypted character string of the second verification code, and the encrypted character string of the second verification code is compared with the encrypted character string of the first verification code.
On the basis of the above embodiment, in a possible implementation manner, in the embodiment of the present application, the timeliness control on the verification code can be realized in a manner of splicing the preset key, the current timestamp, and the verification code into a character string to be encrypted and performing encryption processing. Based on this, step S201 of the verification code generation method provided in the embodiment of the present application performs encryption processing on the first verification code by using a preset encryption method to generate a first encrypted character string, which may include:
acquiring a preset secret key, a first verification code and a first current timestamp; splicing the preset secret key, the first verification code and the first current timestamp to generate a first character string to be encrypted; and encrypting the first character string to be encrypted to generate a first encrypted character string.
The preset key may be a 16-bit random number or letter randomly generated every day, the first current timestamp may be a current timestamp generating the first verification code, and the preset key, the first verification code, and the current timestamp may be concatenated by a concatenation symbol. For example, if the first verification code is ABCDE, the preset key is 1234567890123456, the first current timestamp is 1634375609, and the concatenation symbol is &, the first string to be encrypted is 1234567890123456& ABCDE & 1634375609. The concatenation symbol may also be # or other special symbols, and the embodiment of the present application is not limited to &. The first character string to be encrypted is encrypted, and the first encryption character string can be generated by performing encryption processing through a symmetric encryption algorithm, an asymmetric encryption algorithm or an MD5 encryption algorithm.
Step S302 of the verification code generation method provided in this embodiment of the application encrypts the second verification code according to a preset encryption method to generate a second encrypted character string, which may include:
acquiring a preset secret key, a second verification code and a plurality of preset times before a second current timestamp; splicing the preset secret key, the second verification code and a plurality of preset times to generate a plurality of second character strings to be encrypted; and encrypting the second character strings to be encrypted to generate a plurality of second encrypted character strings, wherein the second encrypted character strings correspond to the preset time one by one.
The second current timestamp is a current timestamp when the second verification code is received, and the plurality of preset times before the second current timestamp may be 1 second before the second current timestamp, 2 seconds before the second current timestamp, … …, and N seconds before the second current timestamp, where N is a positive integer. And splicing the preset secret key, the second verification code and the preset time to generate a plurality of second character strings to be encrypted, and then encrypting each second encrypted character string to obtain a plurality of second encrypted character strings.
According to the embodiment of the application, the time effectiveness of the verification code can be set by setting the value of N. For example, setting N to 10 indicates that the validation code has a valid time of 10 seconds, which means that the time interval between inputting the second validation code and generating the first validation code cannot exceed 10 seconds, otherwise the validation code is invalid. The embodiment of the application does not limit the specific numerical value of N, and different verification code timeliness can be set according to different user requirements.
On the basis of the foregoing embodiment, the step S303 of the verification code generation method provided in the embodiment of the present application determines whether the second encrypted character string is consistent with the first encrypted character string, and may include: and judging whether the second encryption character string in the plurality of second encryption character strings is consistent with the first encryption character string.
By judging whether the second encrypted character string is consistent with the first encrypted character string or not in the plurality of second encrypted character strings, whether the second verification code sent by the client side is received or not in the time efficiency of the verification code can be judged.
In the embodiment of the application, the preset key, the verification code and the current timestamp of the splicing are encrypted to generate the encrypted character string of the verification code, so that the safety of the verification code can be improved, the effective time of the verification code can be set through the current timestamp and the preset time, and the timeliness of the verification code is guaranteed.
The following are embodiments of the apparatus of the present application that may be used to perform embodiments of the method of the present application. For details which are not disclosed in the embodiments of the apparatus of the present application, reference is made to the embodiments of the method of the present application.
Fig. 8 is a schematic structural diagram of an authentication code generating apparatus provided in an embodiment of the present application, where the apparatus may be implemented in software and/or hardware, for example, implemented by a server, as shown in fig. 8, the authentication code generating apparatus provided in an embodiment of the present application may include: a generating module 41, a first sending module 42, a first processing module 43 and a second sending module 44.
The generating module 41 is configured to generate a first verification code in response to a verification login request of a client.
And the first sending module 42 is configured to send the first verification code to the buffer for storage.
The first processing module 43 is configured to render each character in the first verification code according to a preset rule, and randomly combine the rendered characters into a verification code picture.
The second sending module 44 is further configured to send the verification code picture and first prompt information to the client, where the first prompt information is used to prompt the user to input the first verification code according to a preset rule.
In a possible implementation, the first processing module 43 is specifically configured to:
and rendering each character according to the character sequence of each character in the first verification code in any one or more modes of size, color, thickness or position.
The apparatus of this embodiment may perform the method embodiment shown in fig. 2, and the technical principle and technical effect are similar to those of the above embodiment, which are not described herein again.
On the basis of the embodiment shown in fig. 8, further, in a possible implementation manner, in the verification code generation apparatus provided in the embodiment of the present application, the first processing module 43 is further configured to perform encryption processing on the first verification code by using a preset encryption apparatus, so as to generate a first encrypted character string; the first sending module 42 is specifically configured to send the first encrypted string to the buffer for storage.
In a possible implementation, the first processing module 43 is specifically configured to:
the first authentication code is encrypted by the MD5 encryption algorithm.
The apparatus of this embodiment may perform the method embodiment shown in fig. 6, and the technical principle and technical effect are similar to those of the above embodiment, which are not described herein again.
On the basis of the embodiment shown in fig. 8, further, fig. 9 is a schematic structural diagram of an authentication code generating apparatus provided in another embodiment of the present application, where the apparatus may be implemented in a software and/or hardware manner, for example, may be implemented by a server, as shown in fig. 9, the authentication code generating apparatus provided in the embodiment of the present application may further include a receiving module 45 and a second processing module 46.
And the receiving module 45 is configured to receive the second verification code sent by the client.
The second processing module 46 is configured to encrypt the second verification code according to a preset encryption device, so as to generate a second encrypted character string; and judging whether the second encryption character string is consistent with the first encryption character string.
The second sending module 44 is further configured to send a second prompt message to the client if the second encrypted character string is consistent with the first encrypted character string, where the second prompt message is used to prompt the user that the verification code is successfully verified.
In a possible implementation, the first processing module 43 is specifically configured to:
acquiring a preset secret key, a first verification code and a current timestamp; splicing a preset secret key, a first verification code and a current timestamp to generate a first character string to be encrypted; and encrypting the first character string to be encrypted to generate a first encrypted character string.
The second processing module 46 is specifically configured to:
acquiring a preset secret key, a second verification code and a plurality of preset times before a current timestamp; splicing the preset secret key, the second verification code and a plurality of preset times to generate a plurality of second character strings to be encrypted; encrypting the second character strings to be encrypted to generate second encrypted character strings, wherein the second encrypted character strings correspond to the preset time one by one; judging whether a second encryption character string in the plurality of second encryption character strings is consistent with the first encryption character string; if so, the verification is successful.
The apparatus of this embodiment can execute the method embodiment shown in fig. 7, and the technical principle and technical effect thereof are similar to those of the above embodiment, and are not described herein again.
The device embodiments provided in the present application are merely schematic, and the module division in fig. 8 and fig. 9 is only one logic function division, and there may be other division ways in actual implementation. For example, multiple modules may be combined or may be integrated into another system. The coupling of the various modules to each other may be through interfaces that are typically electrical communication interfaces, but mechanical or other forms of interfaces are not excluded. Thus, modules described as separate components may or may not be physically separate, may be located in one place, or may be distributed in different locations on the same or different devices.
An embodiment of the present application provides an authentication code login system, which includes a client and a server, fig. 10 is a schematic diagram of a workflow of the authentication code login system provided in an embodiment of the present application, and as shown in fig. 10, the authentication code login system provided in an embodiment of the present application includes:
step S401: the client sends a verification login request to the server.
Step S402: the server responds to a verification login request of the client, generates a first verification code and sends the first verification code to the cache for storage; rendering each character in the first verification code according to a preset rule, and randomly combining the rendered characters into a verification code picture.
Step S403: and the server sends the verification code picture and the first prompt message to the client.
The first prompt message is used for prompting a user to input the first verification code according to a preset rule.
Step S404: the client receives and displays the verification code picture and the first prompt message, receives a second verification code input by a user and sends the second verification code to the server.
Step S405: and the server receives the second verification code sent by the client and judges whether the second verification code is consistent with the first verification code or not so as to execute verification login of the client.
In the embodiment of the application, in the process of logging in an account by a user, a client is triggered to send a verification code login request to a server, the server responds to the verification login request of the client to generate a first verification code, the first verification code is sent to a buffer for storage, each character in the first verification code is rendered according to a preset rule, the rendered characters are randomly combined into a verification code picture, and the verification code picture and first prompt information are sent to the client. The client receives and displays the verification code picture and the first prompt information, the user inputs a second verification code to the client through the verification code picture and the first prompt information displayed by the client, the client receives the second verification code input by the user and sends the second verification code to the server, and the server receives the second verification code sent by the client and judges whether the second verification code is consistent with the first verification code or not so as to execute verification login of the client.
Fig. 11 is a schematic structural diagram of an electronic device provided in an embodiment of the present application, where the electronic device may be a server, and as shown in fig. 11, the electronic device includes:
a receiver 50, a transmitter 51, a processor 52 and a memory 53 and computer programs; wherein the receiver 50 and the transmitter 51 enable data transmission with other devices, a computer program is stored in the storage 53 and configured to be executed by the processor 52, the computer program comprising instructions for performing the above-mentioned authentication code generation method, the contents and effects of which refer to the method embodiments.
In addition, embodiments of the present application further provide a computer-readable storage medium, in which computer-executable instructions are stored, and when at least one processor of the user equipment executes the computer-executable instructions, the user equipment performs the above-mentioned various possible methods.
Computer-readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one place to another. A storage media may be any available media that can be accessed by a general purpose or special purpose computer. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. Of course, the storage medium may also be integral to the processor. The processor and the storage medium may reside in an ASIC. Additionally, the ASIC may reside in user equipment. Of course, the processor and the storage medium may reside as discrete components in a communication device.
Those of ordinary skill in the art will understand that: all or a portion of the steps of implementing the above-described method embodiments may be performed by hardware associated with program instructions. The program may be stored in a computer-readable storage medium. When executed, the program performs steps comprising the method embodiments described above; and the aforementioned storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic or optical disks.
Other embodiments of the present application will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the application being indicated by the following claims.
It will be understood that the present application is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the application is limited only by the appended claims.
Claims (15)
1. A verification code generation method, comprising:
responding to a verification login request of a client, and generating a first verification code;
sending the first verification code to a buffer for storage;
rendering each character in the first verification code according to a preset rule, and randomly combining the rendered characters into a verification code picture;
and sending the verification code picture and first prompt information to the client, wherein the first prompt information is used for prompting a user to input the first verification code according to the preset rule.
2. The method of claim 1, wherein sending the first authentication code to a cache for storage comprises:
encrypting the first verification code by using a preset encryption method to generate a first encryption character string;
and sending the first encryption character string to the buffer for storage.
3. The method of claim 2, further comprising:
receiving a second verification code sent by the client;
encrypting the second verification code according to the preset encryption method to generate a second encryption character string;
judging whether the second encryption character string is consistent with the first encryption character string;
and if the second encrypted character string is consistent with the first encrypted character string, the verification is successful, and second prompt information is sent to the client, wherein the second prompt information is used for prompting the user that the verification code is successful.
4. The method according to claim 3, wherein the encrypting the first verification code by using a preset encryption method to generate a first encryption string comprises:
acquiring a preset secret key, the first verification code and a first current timestamp;
splicing the preset secret key, the first verification code and the first current timestamp to generate a first character string to be encrypted;
encrypting the first character string to be encrypted to generate the first encrypted character string;
the encrypting the second verification code according to the preset encryption method to generate a second encryption character string includes:
acquiring the preset secret key, the second verification code and a plurality of preset times before a second current timestamp;
splicing the preset secret key, the second verification code and the preset time to generate a plurality of second character strings to be encrypted;
encrypting the second character strings to be encrypted to generate a plurality of second encrypted character strings, wherein the second encrypted character strings correspond to the preset time in a one-to-one manner;
the determining whether the second encrypted string is consistent with the first encrypted string includes: judging whether a second encryption character string in the plurality of second encryption character strings is consistent with the first encryption character string;
if so, the verification is successful.
5. The method according to claim 2 or 3, wherein the encrypting the first verification code by using a preset encryption method comprises:
and encrypting the first verification code by using an MD5 encryption algorithm.
6. The method according to any one of claims 1-4, wherein the rendering each character in the first verification code according to a preset rule comprises:
and rendering each character according to the character sequence of each character in the first verification code in any one or more modes of size, color, thickness or position.
7. An authentication code generation apparatus, comprising:
the generation module is used for responding to a verification login request of a client and generating a first verification code;
the first sending module is used for sending the first verification code to a buffer for storage;
the first processing module is used for rendering each character in the first verification code according to a preset rule and randomly combining the rendered characters into a verification code picture;
and the second sending module is further used for sending the verification code picture and first prompt information to the client, wherein the first prompt information is used for prompting a user to input the first verification code according to the preset rule.
8. The apparatus of claim 7,
the first processing module is further used for encrypting the first verification code by using a preset encryption device to generate a first encryption character string;
the first sending module is specifically configured to send the first encrypted string to the buffer for storage.
9. The apparatus of claim 8, further comprising:
the receiving module is used for receiving a second verification code sent by the client;
the second processing module is used for encrypting the second verification code according to the preset encryption device to generate a second encryption character string; judging whether the second encryption character string is consistent with the first encryption character string;
the second sending module is further configured to send second prompt information to the client if the second encrypted character string is consistent with the first encrypted character string, where the second prompt information is used to prompt the user that the verification of the verification code is successful.
10. The apparatus of claim 9, wherein the first processing module is specifically configured to:
acquiring a preset secret key, the first verification code and a first current timestamp;
splicing the preset secret key, the first verification code and the first current timestamp to generate a first character string to be encrypted;
encrypting the first character string to be encrypted to generate the first encrypted character string;
the second processing module is specifically configured to:
acquiring the preset secret key, the second verification code and a plurality of preset times before a second current timestamp;
splicing the preset secret key, the second verification code and the preset time to generate a plurality of second character strings to be encrypted;
encrypting the second character strings to be encrypted to generate a plurality of second encrypted character strings, wherein the second encrypted character strings correspond to the preset time in a one-to-one manner;
judging whether a second encryption character string in the plurality of second encryption character strings is consistent with the first encryption character string;
if so, the verification is successful.
11. The apparatus according to claim 8 or 9, wherein the first processing module is specifically configured to:
and encrypting the first verification code by using an MD5 encryption algorithm.
12. The apparatus according to any one of claims 7 to 10, wherein the first processing module is specifically configured to:
and rendering each character according to the character sequence of each character in the first verification code in any one or more modes of size, color, thickness or position.
13. A verification code login system is characterized by comprising a client and a server;
the client sends a verification login request to the server;
the server responds to a verification login request of a client, generates a first verification code and sends the first verification code to a buffer for storage; rendering each character in the first verification code according to a preset rule, and randomly combining the rendered characters into a verification code picture; then sending the verification code picture and first prompt information to the client, wherein the first prompt information is used for prompting a user to input the first verification code according to the preset rule;
the client receives and displays the verification code picture and the first prompt message, receives a second verification code input by a user and sends the second verification code to the server;
and the server receives the second verification code sent by the client and judges whether the second verification code is consistent with the first verification code or not so as to execute verification login of the client.
14. An electronic device, comprising: a processor, and a memory communicatively coupled to the processor;
the memory stores computer-executable instructions;
the processor executes computer-executable instructions stored by the memory to implement the method of any of claims 1-6.
15. A computer-readable storage medium having computer-executable instructions stored therein, which when executed by a processor, are configured to implement the captcha generating method of any of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111419911.4A CN114266033A (en) | 2021-11-26 | 2021-11-26 | Verification code generation method and device, verification code login system and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111419911.4A CN114266033A (en) | 2021-11-26 | 2021-11-26 | Verification code generation method and device, verification code login system and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114266033A true CN114266033A (en) | 2022-04-01 |
Family
ID=80825738
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111419911.4A Pending CN114266033A (en) | 2021-11-26 | 2021-11-26 | Verification code generation method and device, verification code login system and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114266033A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115037515A (en) * | 2022-04-29 | 2022-09-09 | 北京龙腾佳讯科技股份公司 | Stateless verification code verification method and device in open data network and electronic equipment |
| CN115242524A (en) * | 2022-07-26 | 2022-10-25 | 济南浪潮数据技术有限公司 | Verification method, device and medium for verification code |
| CN117459326A (en) * | 2023-12-25 | 2024-01-26 | 吉林信息安全测评中心 | Network safety protection system |
-
2021
- 2021-11-26 CN CN202111419911.4A patent/CN114266033A/en active Pending
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115037515A (en) * | 2022-04-29 | 2022-09-09 | 北京龙腾佳讯科技股份公司 | Stateless verification code verification method and device in open data network and electronic equipment |
| CN115242524A (en) * | 2022-07-26 | 2022-10-25 | 济南浪潮数据技术有限公司 | Verification method, device and medium for verification code |
| CN117459326A (en) * | 2023-12-25 | 2024-01-26 | 吉林信息安全测评中心 | Network safety protection system |
| CN117459326B (en) * | 2023-12-25 | 2024-03-08 | 吉林信息安全测评中心 | Network safety protection system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3319069B1 (en) | Method for authenticating a user by means of a non-secure terminal | |
| CN105099692B (en) | Security verification method and device, server and terminal | |
| US10970378B2 (en) | Secure generation and verification of machine-readable visual codes | |
| CN111835511A (en) | Data security transmission method and device, computer equipment and storage medium | |
| WO2018145127A1 (en) | Electronic identification verification methods and systems with storage of certification records to a side chain | |
| CN114266033A (en) | Verification code generation method and device, verification code login system and electronic equipment | |
| KR20180117715A (en) | Method and system for user authentication with improved security | |
| US20190026456A1 (en) | Methods and Apparatus for Authentication of Joint Account Login | |
| MX2008011277A (en) | Digipass for the web-functional description. | |
| CN104796257A (en) | Flexible data authentication | |
| CN103036681B (en) | A kind of password safety keyboard device and system | |
| CN102946384A (en) | User authentication method and device | |
| CN113572743A (en) | Data encryption and decryption method and device, computer equipment and storage medium | |
| CN112653556B (en) | TOKEN-based micro-service security authentication method, device and storage medium | |
| CN113553572A (en) | Resource information acquisition method and device, computer equipment and storage medium | |
| KR101967874B1 (en) | Method for Generating Dynamic Code Which Varies Periodically and Method for Authenticating the Dynamic Code | |
| CN104901951A (en) | Mobile terminal based cipher data processing and interaction method in Web application | |
| CN106533677A (en) | User login method, user terminal and server | |
| CN112243000B (en) | Application data processing method and device, computer equipment and storage medium | |
| CN110659474B (en) | Inter-application communication method, device, terminal and storage medium | |
| CN113032753A (en) | Identity verification method and device | |
| CN109450643B (en) | Signature verification method realized on Android platform based on native service | |
| JP6325654B2 (en) | Network service providing apparatus, network service providing method, and program | |
| US9203607B2 (en) | Keyless challenge and response system | |
| CN109462620A (en) | One kind realizing password method for retrieving and system based on a variety of safety verification modes |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |