CN114448722B - Cross-browser login method and device, computer equipment and storage medium - Google Patents
Cross-browser login method and device, computer equipment and storage medium Download PDFInfo
- Publication number
- CN114448722B CN114448722B CN202210250023.2A CN202210250023A CN114448722B CN 114448722 B CN114448722 B CN 114448722B CN 202210250023 A CN202210250023 A CN 202210250023A CN 114448722 B CN114448722 B CN 114448722B
- Authority
- CN
- China
- Prior art keywords
- browser
- character string
- password
- website
- jumped
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The application relates to a cross-browser login method, a cross-browser login device, computer equipment and a storage medium. The method comprises the following steps: receiving an account and a password through a first browser, and logging in a first server according to the account and the password; when a second browser needs to be jumped to, opening the second browser in the first browser, and acquiring a website to be jumped; the account and the password are sent to a second server corresponding to the website to be jumped through the second browser, and the second server is used for logging in the website to be jumped according to the account and the password; and when receiving the message that the second server successfully logs in, jumping to the website to be jumped. The method can save time.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a cross-browser login method, an apparatus, a computer device, and a storage medium.
Background
With the development of computer technology, various background server systems appear, browsers supported by a plurality of service systems are different, and when one service system needs to call another service system, if browsers supported by two service systems are different, only switching of the browsers can be performed.
In the conventional technology, after switching browsers, a user needs to re-input an account and a password for logging in.
However, the process of re-entering the account number and password for login takes a lot of time for the user.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a cross-browser login method, apparatus, computer device and storage medium that can save time.
A cross-browser login method is applied to a terminal and comprises the following steps:
receiving an account and a password through a first browser, and logging in a first server according to the account and the password;
when a second browser needs to be jumped to, opening the second browser in the first browser, and acquiring a website to be jumped;
sending the account and the password to a second server corresponding to the website to be jumped through the second browser, wherein the second server is used for logging in the website to be jumped according to the account and the password;
and when receiving the message that the second server successfully logs in, jumping to the website to be jumped.
In one embodiment, the sending, by the second browser, the account and the password to the second server corresponding to the website to be jumped includes:
acquiring a system identifier;
splicing the system identification, the website to be jumped, the account and the password to obtain a first spliced character string;
sending the first splicing character string to a second server corresponding to the website to be jumped; and the system identifier is used for indicating the second server to judge whether the system identifier in the first spliced character string meets a first requirement, and if so, logging in the website to be jumped according to the account number and the password.
In one embodiment, after logging in the first server according to the account number and the password, the method further includes:
encrypting the password to obtain an encrypted character string;
before the opening of the second browser in the first browser, the method further includes:
acquiring system time, and splicing the system time, the encrypted character strings and the user name to obtain a second spliced character string;
encrypting the second splicing character string to obtain a first ciphertext;
the splicing the system identifier, the website to be skipped, and the account and the password to obtain a first spliced character string includes:
splicing the system identification, the website to be jumped and the first ciphertext to obtain a first spliced character string; the first splicing character string is used for indicating the second server to judge whether a system identifier in the first splicing character string meets a first requirement or not, if the system identifier meets the first requirement, the first ciphertext is continuously decrypted to obtain a third splicing character string, the third splicing character string is encrypted to obtain a second ciphertext, whether the account number and the second ciphertext meet a second requirement or not is judged, and if the second ciphertext meets the second requirement, the website to be jumped is logged in according to the account number and the password.
In one embodiment, the encrypting the password to obtain an encrypted string includes:
and performing salt encryption on the password to obtain an encrypted character string.
A cross-browser login method is applied to a second server and comprises the following steps:
receiving a login request sent by a terminal, wherein the login request is generated according to an account and a password stored in a first browser and is sent by the second browser after the terminal receives the account and the password through the first browser, and when the terminal needs to jump to the second browser, the second browser is opened in the first browser, a website to be jumped is acquired, and the login request is generated according to the account and the password stored in the first browser;
verifying the account and the password;
and when the verification is successful, returning a login success message to the terminal, wherein the login success message is used for indicating the terminal to jump to the website to be jumped in the second browser.
In one embodiment, the login request further carries a first splicing character string, and the first splicing character string is obtained by splicing a system identifier, the website to be jumped, the account and the password; before the account and the password are verified, the method further comprises the following steps:
extracting a system identifier in the first spliced character string;
judging whether the system identification meets a first requirement or not;
and when the system identification meets the first requirement, the account and the password are continuously verified.
In one embodiment, the first splicing character string is obtained by splicing according to the system identifier, the website to be jumped and a first ciphertext, the first ciphertext is obtained by encrypting a second splicing character string, the second splicing character string is obtained by obtaining system time before the second browser is opened in the first browser, and splicing the system time, the encryption character string and a user name, and the encryption character string is obtained by encrypting the account by the terminal; when the system identification meets the first requirement, the account and the password are continuously verified, and the method comprises the following steps:
when the system identification meets a first requirement, decrypting the first ciphertext to obtain a third splicing character string;
encrypting the encrypted character string in the third spliced character string to obtain a second ciphertext;
judging whether the account number and the second ciphertext meet a second requirement;
and if the second ciphertext meets a second requirement, verifying the account and the password.
In one embodiment, before encrypting the encrypted character string in the third spliced character string to obtain the second ciphertext, the method further includes:
acquiring current time, and judging whether the difference value between the system time in the third spliced character string and the current time meets the time requirement or not;
if the time requirement is not met, returning a login page to the terminal;
and if the time requirement is met, continuously encrypting the encrypted character string in the third spliced character string to obtain a second ciphertext.
In one embodiment, the encrypting the encrypted character string in the third spliced character string to obtain a second ciphertext includes:
and performing salt encryption on the encrypted character string in the third spliced character string to obtain a second ciphertext.
A cross-browser login device applied to a terminal, the device comprising:
the first receiving module is used for receiving an account and a password through a first browser and logging in a first server according to the account and the password;
the website acquisition module is used for opening a second browser in the first browser and acquiring a website to be jumped when the second browser needs to be jumped to;
the first sending module is used for sending the account and the password to a second server corresponding to the website to be jumped through the second browser, and the second server is used for logging in the website to be jumped according to the account and the password;
and the skipping module is used for skipping to the website to be skipped when receiving the message that the second server successfully logs in.
A cross-browser login device applied to a server, the device comprising:
the second receiving module is used for receiving a login request sent by a terminal, wherein the login request is that the terminal receives an account and a password through a first browser, and after logging in a first server according to the account and the password, when a user needs to jump to a second browser, the user opens the second browser in the first browser and obtains a website to be jumped, and the website to be jumped is generated according to the account and the password stored in the first browser and sent through the second browser;
the verification module is used for verifying the account and the password;
and the second sending module is used for returning a successful login message to the terminal when the verification is successful, wherein the successful login message is used for indicating that the terminal jumps to the website to be jumped in the second browser.
A computer device comprising a memory storing a computer program and a processor implementing the steps of the method as described in any one of the above embodiments when the processor executes the computer program.
A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method as set forth in any one of the above embodiments.
According to the cross-browser login method, the cross-browser login device, the computer equipment and the storage medium, the first browser is logged in through the account number and the password, when the user needs to jump to the second browser, the second browser is opened in the first browser, the website to be jumped is obtained, the account number and the password are sent to the corresponding second server, the second server can conveniently log in the website to be jumped according to the account number and the password, the website to be jumped is returned to the terminal after the login is successful, the terminal can jump to the website to be jumped, the user does not need to input the account number and the password again, and time is saved.
Drawings
FIG. 1 is a diagram of an application environment for a cross-browser login method in one embodiment;
FIG. 2 is a flowchart illustrating a cross-browser login method in one embodiment;
FIG. 3 is a flowchart illustrating a cross-browser login method according to another embodiment;
FIG. 4 is a timing diagram of a cross-browser login method in one embodiment;
FIG. 5 is a block diagram of a cross-browser login device in one embodiment;
FIG. 6 is a block diagram showing the structure of a cross-browser login apparatus in another embodiment;
FIG. 7 is a diagram illustrating an internal structure of a computer device according to an embodiment;
fig. 8 is an internal structural view of a computer device in another embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
The cross-browser login method provided by the application can be applied to the application environment shown in fig. 1. The terminal 102 communicates with the first server 104 and the second server 106 through a network, wherein the terminal 102 receives an account and a password through the first browser, logs in the first server 104 according to the account and the password, and when a jump to the second browser is required, firstly, the second browser is opened in the first browser, and a website to be jumped is obtained; and then the account and the password are sent to the second server 106 corresponding to the website to be jumped through the second browser, so that the second server 106 logs in the website to be jumped according to the account and the password, and sends a message of successful login to the terminal 102, so that the terminal 102 directly jumps to the website to be jumped without inputting the account and the password on a login page again, and the time is saved. The terminal 102 may be, but is not limited to, various personal computers, notebook computers, smart phones, tablet computers, and portable wearable devices, and the first server 104 and the second server 106 may be implemented by an independent second server or a second server cluster formed by a plurality of second servers.
In one embodiment, as shown in fig. 2, a cross-browser login method is provided, which is described by taking the method as an example applied to the terminal in fig. 1, and includes the following steps:
s202: and receiving the account and the password through the first browser, and logging in the first server according to the account and the password.
Specifically, the first browser may be any type of browser, such as an IE browser, a google browser, a dog search browser, a fox search browser, and the like, and the second browser may also be any type of browser, such as an IE browser, a google browser, a dog search browser, a fox search browser, and the like, where the types of the first browser and the second browser are different.
The terminal firstly opens a first browser and receives an input account and a password, or queries and caches the account and the password corresponding to the current website to log in a first server through the first browser. Optionally, the first browser may be opened at the corresponding client, for example, the terminal opens an application page corresponding to the first browser in the corresponding APP.
S204: and when the second browser needs to be jumped to, opening the second browser in the first browser and acquiring the website to be jumped.
Specifically, when the user needs to jump to the second browser, the user may jump from the first system to the second system according to the service requirement, for example, the user needs to jump to the second system from the first system during the service execution, and browsers supported by the first system and the second system are different, so that the terminal may open the second browser in the first browser and acquire the website to be jumped.
The point to be described is that browsers supported by various systems are preconfigured, when a user needs to jump to different systems during service processing, the terminal can directly acquire a browser supported by a system to be jumped to, if the supported browser is the same as the current browser in type, the user can directly log in, and processing of different servers does not exist. If the type of the browser supported by the server is different from that of the current browser, the server firstly acquires a second browser supported by the system with the jump function, then opens the second browser in the first browser, and acquires the website to be jumped.
The website to be jumped is related to the service flow, that is, in the process of the current service flow of the current browser, the currently displayed page carries the next website to be jumped, so that the terminal can directly acquire the website to be jumped.
In the actual processing, the terminal acquires a next website to be jumped corresponding to a currently displayed page of a current browser, then acquires a system corresponding to the next website to be jumped, judges whether the system is a cross-browser login according to the browser supported by the system, if not, jumps directly, keeps the current login state, if not, the server acquires a second browser supported by the system with the jump, then opens the second browser in the first browser, and sends the website to be jumped to the corresponding second server.
S206: and sending the account number and the password to a second server corresponding to the website to be jumped through a second browser, wherein the second server is used for logging in the website to be jumped according to the account number and the password.
Specifically, in order to realize the non-inductive login, the terminal sends the account and the password to the second server corresponding to the website to be jumped, that is, the terminal first obtains the address of the second server corresponding to the website to be jumped, and then sends the account and the password to the second server.
Therefore, the second server can directly successfully log in after the account and the password are verified to be correct, and the user does not need to input the account and the password again to log in.
S208: and when receiving the message that the second server successfully logs in, jumping to the website to be jumped.
Specifically, after the server verifies the account password successfully, the second server is logged in successfully, so that the website to be jumped to can be jumped to, wherein the website to be jumped to is a next website required by service processing. For example, in the process of business processing, a website for face recognition needs to be called, face entry is performed, and the like, the website to be jumped is the website for face entry, if the account password is successfully verified, the user directly logs in the face entry website, otherwise, a login interface is displayed in a second browser, and after the user inputs the account password, the login is performed only if the authentication of the second server is successful.
According to the cross-browser login method, the user logs in to a first browser through an account number and a password, when the user needs to jump to a second browser, the second browser is opened in the first browser, the website to be jumped is obtained, the account number and the password are sent to the corresponding second server, the second server can conveniently log in the website to be jumped according to the account number and the password, the website to be jumped is returned to the terminal after the login is successful, the terminal jumps to the website to be jumped, the user does not need to input the account number and the password again, and time is saved.
In one embodiment, the sending the account number and the password to a second server corresponding to the website to be jumped through a second browser includes: acquiring a system identifier; splicing the system identification, the website to be jumped, the account and the password to obtain a first spliced character string; sending the first splicing character string to a second server corresponding to the website to be jumped; and the system identifier is used for indicating the second server to judge whether the system identifier in the first spliced character string meets the first requirement or not, and logging in the website to be jumped according to the account number and the password if the system identifier in the first spliced character string meets the first requirement.
Specifically, in this embodiment, after the terminal acquires the website to be skipped, the terminal acquires a system identifier, and splices the system identifier, the website to be skipped, the account and the password to obtain a first spliced character string, where the splicing sequence is not specifically limited, but preferably, the system identifier, the account and the password are spliced in the order of the website to be skipped.
The system identifier is used for representing a unique identifier of the system, and is an identity identifier agreed by the terminal and the server.
The terminal requests a corresponding website to be jumped according to the spliced first splicing character string, wherein the terminal jumps to a second browser first, and then sends the first splicing character string to a second server in the second browser, so that the second server obtains the first splicing character string and reads a corresponding system identifier, whether the system identifier meets the first requirement is judged, for example, whether the system identifier is correct is judged, if yes, the website to be jumped is continuously logged in according to the account number and the password, otherwise, a login interface is returned to the terminal, and the user is enabled to re-input the account number and the password.
In the above embodiment, the verification is performed according to the system identifier, so that a system error is avoided, that is, a jump is made to a server that does not correspond to the system.
In one embodiment, after logging in the first server according to the account number and the password, the method further includes: encrypting the password to obtain an encrypted character string; before the second browser is opened in the first browser, the method further comprises the following steps: acquiring system time, and splicing the system time, the encrypted character string and the user name to obtain a second spliced character string; encrypting the second spliced character string to obtain a first ciphertext; splicing the system identification, the website to be jumped, the account and the password to obtain a first spliced character string, which comprises the following steps: splicing the system identification, the website to be jumped and the first ciphertext to obtain a first spliced character string; the first splicing character string is used for indicating the second server to judge whether a system identifier in the first splicing character string meets a first requirement or not, if the system identifier meets the first requirement, the first ciphertext is continuously decrypted to obtain a third splicing character string, the third splicing character string is encrypted to obtain a second ciphertext, whether the account number and the second ciphertext meet a second requirement or not is judged, and if the second ciphertext meets the second requirement, the website to be skipped is logged in according to the account number and the password.
Specifically, in this embodiment, after receiving the account and the password through the first browser, the terminal logs in to the first server, and after the login is successful, encrypts the password to obtain an encrypted string, preferably, the terminal performs salt encryption on the password, for example, performs salt encryption on the password through an MD5 encryption algorithm, and further optionally, after the salt encryption, the terminal further converts the generated string into an uppercase and stores the uppercase in the session, so as to ensure that the encrypted string can be read at any time. In the above embodiment, the account number is made more secure by encrypting the password by adding salt, that is, by adding salt and encrypting.
When the terminal needs to jump to a second browser, reading the system time, and performing secondary encryption on the account number, the system time and the encryption character string to obtain a first ciphertext, wherein the terminal is located in the current goods area to the system time, such as 2021-07-16, 08.579, and then performing secondary encryption according to the sequence of the encryption character string, the account number and the system time, wherein the secondary encryption is preferably encrypted by using an asymmetric encryption algorithm. After the terminal obtains the first ciphertext, the website to be skipped, the system identifier and the first ciphertext are spliced to obtain a first character string, wherein the website to be skipped, the system identifier and the first ciphertext are optionally spliced in sequence.
And the terminal opens the second browser by means of the plug-in of the first browser and requests the website to be jumped.
When the terminal successfully opens the second browser in the first browser, the second server corresponding to the to-be-skipped website acquires the first character string, the second server acquires the first spliced character string, reads the corresponding system identifier, and judges whether the system identifier meets a first requirement, for example, whether the system identifier is correct, if so, optionally, the second server decrypts the first ciphertext and obtains the account number, the system time and the encrypted character string according to the splicing sequence. Optionally, the second server judges whether the system time is within a preset time range of the current time, for example, within 1 minute, if not, the login interface is jumped to, otherwise, the account and the encrypted character string are obtained, the character string is obtained after salt adding encryption and capitalization conversion are carried out again, the obtained character string is inquired in the database, if the data are inquired, the login is completed, the session is written, and otherwise, the login page is jumped to.
In the embodiment, the password is encrypted, so that the security of the password is ensured, and the password transmitted between the terminal and the server in time cannot be acquired by a third party.
In one embodiment, as shown in fig. 3, a cross-browser login method is provided, which is described by taking the method as an example applied to the second server in fig. 1, and includes the following steps:
s302: and receiving a login request sent by a terminal, wherein the login request is generated according to the account and the password stored in the first browser and sent by the second browser.
Specifically, the first browser may be any type of browser, such as an IE browser, a google browser, a dog search browser, a fox search browser, and the like, and the second browser may also be any type of browser, such as an IE browser, a google browser, a dog search browser, a fox search browser, and the like, where the types of the first browser and the second browser are different.
The terminal firstly opens a first browser and receives an input account and a password, or queries and caches the account and the password corresponding to the current website to log in a first server through the first browser. Optionally, the first browser may be opened at the corresponding client, for example, the terminal opens an application page corresponding to the first browser in the corresponding APP.
When the user needs to jump to the second browser, the user may jump from the first system to the second system according to the service requirement, for example, in the process of executing the service, browsers supported by the first system and the second system are different, so that the terminal may open the second browser in the first browser and obtain the website to be jumped.
The point to be described is that browsers supported by various systems are preconfigured, when a user needs to jump to different systems during service processing, the terminal can directly acquire a browser supported by a system to be jumped to, if the supported browser is the same as the current browser in type, the user can directly log in, and processing of different servers does not exist. If the supported browser is different from the current browser in type, the server first acquires a second browser supported by the system with the jump, then opens the second browser in the first browser, and acquires the website to be jumped.
The website to be jumped is related to the service flow, that is, in the process of the current service flow of the current browser, the currently displayed page carries the next website to be jumped, so that the terminal can directly acquire the website to be jumped.
In actual processing, a terminal acquires a next website to be jumped corresponding to a currently displayed page of a current browser, then acquires a system corresponding to the next website to be jumped, judges whether the system is a cross-browser login according to the browser supported by the system, if not, jumps directly, keeps the current login state, and if not, a server acquires a second browser supported by the system with jump, then opens the second browser in the first browser, and sends the website to be jumped to a corresponding second server.
S304: and verifying the account number and the password.
Specifically, in order to realize the non-inductive login, the terminal sends the account and the password to the second server corresponding to the website to be jumped, that is, the terminal first obtains the address of the second server corresponding to the website to be jumped, and then sends the account and the password to the second server. Therefore, the second server can directly log in successfully after the account and the password are verified to be correct, and the user does not need to input the account and the password again for logging in.
S306: and when the verification is successful, returning a successful login message to the terminal, wherein the successful login message is used for indicating the terminal to jump to the website to be jumped in the second browser.
Specifically, after the server verifies the account password successfully, the second server is logged in successfully, so that the website to be jumped can be jumped to, wherein the website to be jumped is the next website required by service processing. For example, in the process of business processing, a website for face recognition needs to be called, face entry is performed, and the like, the website to be jumped is the website for face entry, if the account password is successfully verified, the user directly logs in the face entry website, otherwise, a login interface is displayed in a second browser, and after the user inputs the account password, the login is performed only if the authentication of the second server is successful.
According to the cross-browser login method, the user logs in to a first browser through an account number and a password, when the user needs to jump to a second browser, the second browser is opened in the first browser, the website to be jumped is obtained, the account number and the password are sent to the corresponding second server, the second server can conveniently log in the website to be jumped according to the account number and the password, the website to be jumped is returned to the terminal after the login is successful, the terminal jumps to the website to be jumped, the user does not need to input the account number and the password again, and time is saved.
In one embodiment, the login request also carries a first splicing character string, and the first splicing character string is obtained by splicing a system identifier, a website to be jumped, an account and a password; before the account number and the password are verified, the method further comprises the following steps: extracting a system identifier in the first spliced character string; judging whether the system identification meets a first requirement or not; and when the system identification meets the first requirement, the account and the password are continuously verified.
Specifically, after the terminal acquires the website to be jumped, the terminal acquires a system identifier, and splices the system identifier, the website to be jumped, the account and the password to obtain a first spliced character string, wherein the splicing sequence is not specifically limited, but preferably, the system identifier, the account and the password are spliced in the sequence of the website to be jumped, the system identifier and the account and the password.
The system identifier is used for representing a unique identifier of the system, and is an identity identifier agreed by the terminal and the server.
The method comprises the steps that a terminal requests a corresponding website to be jumped according to a spliced first splicing character string, wherein the terminal jumps to a second browser firstly, then the first splicing character string is sent to a second server in the second browser, so that the second server obtains the first splicing character string and reads a corresponding system identifier, whether the system identifier meets a first requirement is judged, for example, whether the system identifier is correct is judged, if yes, the website to be jumped is continuously logged in according to an account number and a password, and if not, a login interface is returned to the terminal, namely, a user inputs the account number and the password again.
In the above embodiment, the verification is performed according to the system identifier, so that a system error is avoided, that is, a server which is not corresponding to the system is skipped.
In one embodiment, the first splicing character string is obtained by splicing according to a system identifier, a website to be skipped and a first ciphertext, the first ciphertext is obtained by encrypting a second splicing character string, the second splicing character string is obtained by obtaining system time before a second browser is opened in a first browser, and splicing the system time, the encryption character string and a user name, wherein the encryption character string is obtained by encrypting an account number by a terminal; when the system identification meets the first requirement, the account number and the password are continuously verified, and the method comprises the following steps: when the system identification meets the first requirement, the first ciphertext is decrypted to obtain a third splicing character string; encrypting the encrypted character string in the third spliced character string to obtain a second ciphertext; judging whether the account number and the second ciphertext meet a second requirement or not; and if the second ciphertext meets the second requirement, verifying the account and the password.
In this embodiment, after receiving the account and the password through the first browser, the terminal logs in to the first server, and after the login is successful, encrypts the password to obtain an encrypted string, preferably, the terminal performs salt encryption on the password, for example, performs salt encryption on the password through an MD5 encryption algorithm, and optionally, after the salt encryption, the terminal further converts the generated string into an uppercase to store in the session, so as to ensure that the encrypted string can be read at any time. In the above embodiment, the account is more secure by encrypting the password by adding salt, that is, by adding salt and encrypting.
When the terminal needs to jump to a second browser, reading the system time, and performing secondary encryption on the account number, the system time and the encryption character string to obtain a first ciphertext, wherein the terminal is from the current area to the system time, for example, 2021-07-16 08.579, and then performing secondary encryption according to the sequence of the encryption character string, the account number and the system time, wherein the secondary encryption is preferably encrypted by using an asymmetric encryption algorithm. After the terminal obtains the first ciphertext, the website to be skipped, the system identifier and the first ciphertext are spliced to obtain a first character string, wherein the website to be skipped, the system identifier and the first ciphertext are optionally spliced in sequence.
And the terminal opens the second browser by means of the plug-in of the first browser and requests the website to be jumped.
When the terminal successfully opens the second browser in the first browser, the second server corresponding to the to-be-skipped website acquires the first character string, the second server acquires the first spliced character string, reads the corresponding system identifier, and judges whether the system identifier meets a first requirement, for example, whether the system identifier is correct, if so, optionally, the second server decrypts the first ciphertext and obtains the account number, the system time and the encrypted character string according to the splicing sequence.
In one embodiment, before encrypting the encrypted string in the third spliced string to obtain the second ciphertext, the method further includes: acquiring current time, and judging whether the difference value between the system time in the third spliced character string and the current time meets the time requirement or not; if the time requirement is not met, returning a login page to the terminal; and if the time requirement is met, continuously encrypting the encrypted character string in the third spliced character string to obtain a second ciphertext.
Optionally, the second server determines whether the system time is within a preset time range of the current time, for example, within 1 minute, according to the system time, and if not, jumps to the login interface.
Optionally, encrypting the encrypted string in the third spliced string to obtain a second ciphertext includes: and performing salt encryption on the encrypted character string in the third spliced character string to obtain a second ciphertext.
If the time is overtime, the second server obtains the account and the encrypted character string, carries out salt addition encryption again to convert capitalization to obtain the character string, queries the obtained character string in a database, completes login if data is queried, writes session, and jumps to a login page if the data is queried.
In one embodiment, referring to fig. 4, fig. 4 is a timing diagram of a cross-browser login method in an embodiment, where the cross-browser login method includes:
the terminal opens a first browser and inputs an account password to log in a corresponding first server.
And the terminal encrypts the input account and password by adding salt and performs capitalization to obtain an encrypted character string.
When a user needs to jump to a second browser, the terminal obtains the account and the current system time in the first browser, splices the encrypted character string, the account and the system time in the following sequence to obtain a second spliced character string, and asymmetrically encrypts the second spliced character string to obtain a first ciphertext.
And the terminal acquires the website to be jumped, and splices the system identification and the first ciphertext behind the website to obtain a first spliced character string.
And the terminal opens a second browser through the plug-in of the first browser and requests the website to be skipped, namely the terminal sends the first splicing character string to a second server through the second browser.
And after receiving the first splicing character string, the second server firstly identifies to obtain a system identifier, and judges whether the system identifier is correct, namely whether the system identifier is matched with a standard system identifier stored in the second server, if so, the subsequent processing is continued, otherwise, a login page of a corresponding system in the second server is returned to the terminal, so that the user can login in a mode of inputting an account password.
And if the system identifier is correct, the second server decrypts the first ciphertext through the asymmetric encryption algorithm to obtain the account number, the encrypted character string and the system time.
And the second server judges whether the difference between the system time and the current time meets the requirement, for example, whether the difference is within 1 minute, if so, the subsequent processing is continued, and if not, a login page of the corresponding system in the second server is returned to the terminal, so that the user can log in by inputting an account password.
And after the second server judges that the time is correct, the account and the encrypted character string are subjected to salt encryption again, the character string to be processed is obtained after the character string is subjected to capitalization, the character string to be processed is inquired in a database of the second server, if the inquiry is successful, a system corresponding to the second server is logged in, and the system is written into a session, otherwise, a login page of the system corresponding to the second server is returned to the terminal, so that the user can log in by inputting an account password.
In the embodiment, no matter what system only supports the browser of the system, the technology can jump to other different browsers and complete single sign-on. The system jumps to different systems from one system, can automatically log in under the condition that browsers are different and incompatible, and has good user experience.
It should be understood that although the various steps in the flow charts of fig. 2-4 are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least some of the steps in fig. 2-4 may include multiple steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of performing the steps or stages is not necessarily sequential, but may be performed alternately or alternatingly with other steps or at least some of the other steps or stages.
In one embodiment, as shown in fig. 5, there is provided a cross-browser login apparatus, including: a first receiving module 501, a website address obtaining module 502, a first sending module 503 and a skipping module 504, wherein:
a first receiving module 501, configured to receive an account and a password through a first browser, and log in a first server according to the account and the password;
a website acquisition module 502, configured to open a second browser in the first browser when a user needs to jump to the second browser, and acquire a website to be jumped;
the first sending module 503 is configured to send the account and the password to a second server corresponding to the website to be skipped through a second browser, where the second server is configured to log in the website to be skipped according to the account and the password;
and the skipping module 504 is configured to skip to the website to be skipped when receiving the message that the second server successfully logs in.
In one embodiment, the first sending module 503 includes:
an identifier acquisition unit for acquiring a system identifier;
the first splicing unit is used for splicing the system identifier, the website to be jumped, the account and the password to obtain a first splicing character string;
the first sending unit is used for sending the first splicing character string to a second server corresponding to the website to be jumped; and the system identifier is used for indicating the second server to judge whether the system identifier in the first spliced character string meets the first requirement or not, and logging in the website to be jumped according to the account number and the password if the system identifier in the first spliced character string meets the first requirement.
In one embodiment, the cross-browser login apparatus further includes:
the first encryption module is used for encrypting the password to obtain an encrypted character string;
the second splicing module is used for acquiring system time before a second browser is opened in the first browser, and splicing the system time, the encrypted character strings and the user name to obtain second splicing character strings;
the second encryption module is used for encrypting the second splicing character string to obtain a first ciphertext;
the first splicing unit is also used for splicing the system identification, the website to be jumped and the first ciphertext to obtain a first splicing character string; the first splicing character string is used for indicating the second server to judge whether a system identifier in the first splicing character string meets a first requirement or not, if the system identifier meets the first requirement, the first ciphertext is continuously decrypted to obtain a third splicing character string, the third splicing character string is encrypted to obtain a second ciphertext, whether the account number and the second ciphertext meet a second requirement or not is judged, and if the second ciphertext meets the second requirement, the website to be skipped is logged in according to the account number and the password.
In one embodiment, the first encryption module is configured to perform salt encryption on the password to obtain an encrypted string.
In one embodiment, as shown in fig. 6, there is provided a cross-browser login apparatus, including: a second receiving module 601, a verifying module 602 and a second sending module 603, wherein:
the second receiving module 601 is configured to receive a login request sent by a terminal, where the login request is that the terminal receives an account and a password through a first browser, and after logging in a first server according to the account and the password, when a user needs to jump to a second browser, the user opens the second browser in the first browser, obtains a website to be jumped, generates a login request according to the account and the password stored in the first browser, and sends the login request through the second browser;
the verification module 602 is configured to verify the account and the password;
and a second sending module 603, configured to, when the verification is successful, return a message of successful login to the terminal, where the message of successful login is used to instruct the terminal to jump to the website to be jumped in the second browser.
In one embodiment, the login request also carries a first splicing character string, and the first splicing character string is obtained by splicing a system identifier, a website to be jumped, an account and a password; the cross-browser login device further includes:
the extraction module is used for extracting the system identification in the first spliced character string;
the first judgment module is used for judging whether the system identifier meets a first requirement or not;
the verifying module 602 is configured to continue to verify the account and the password when the system identifier meets the first requirement.
In one embodiment, the first splicing character string is obtained by splicing according to a system identifier, a website to be skipped and a first ciphertext, the first ciphertext is obtained by encrypting a second splicing character string, the second splicing character string is obtained by obtaining system time before a second browser is opened in a first browser, and splicing the system time, the encryption character string and a user name, wherein the encryption character string is obtained by encrypting an account number by a terminal; the verification module 602 includes:
the decryption unit is used for decrypting the first ciphertext to obtain a third splicing character string when the system identifier meets the first requirement;
the second encryption unit is used for encrypting the encrypted character string in the third spliced character string to obtain a second ciphertext;
the second judgment module is used for judging whether the account number and the second ciphertext meet a second requirement;
and the verification unit is used for verifying the account and the password if the second ciphertext meets the second requirement.
In one embodiment, the cross-browser login apparatus further includes:
the time judgment module is used for acquiring the current time and judging whether the difference value between the system time in the third spliced character string and the current time meets the time requirement or not;
the return module is used for returning a login page to the terminal if the time requirement is not met;
and the second encryption unit is used for continuously encrypting the encrypted character string in the third spliced character string to obtain a second ciphertext if the time requirement is met.
In one embodiment, the second encryption unit is configured to perform salt encryption on the encrypted character string in the third spliced character string to obtain a second ciphertext. When a common encryption technology is used, an interference character string is added in the encryption process so as to increase the difficulty of password cracking.
For specific limitations of the cross-browser login apparatus, reference may be made to the above limitations of the cross-browser login method, which are not described herein again. The various modules in the cross-browser login apparatus described above may be implemented in whole or in part by software, hardware, and combinations thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In one embodiment, a computer device is provided, which may be a second server, the internal structure of which may be as shown in fig. 7. The computer device includes a processor, a memory, and a network interface connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operating system and the computer program to run on the non-volatile storage medium. The database of the computer device is used for storing account numbers and encryption character strings. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program when executed by a processor implements a cross-browser login method.
In one embodiment, a computer device is provided, which may be a terminal, and its internal structure diagram may be as shown in fig. 8. The computer device comprises a processor, a memory, a communication interface, a display screen and an input device which are connected through a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The communication interface of the computer device is used for communicating with an external terminal in a wired or wireless manner, and the wireless manner can be realized through WIFI, an operator network, NFC (near field communication) or other technologies. The computer program when executed by a processor implements a cross-browser login method. The display screen of the computer equipment can be a liquid crystal display screen or an electronic ink display screen, and the input device of the computer equipment can be a touch layer covered on the display screen, a key, a track ball or a touch pad arranged on the shell of the computer equipment, an external keyboard, a touch pad or a mouse and the like.
It will be appreciated by those skilled in the art that the configurations shown in fig. 7 and 8 are only block diagrams of some of the configurations relevant to the present application, and do not constitute a limitation on the computing devices to which the present application is applied, and a particular computing device may include more or less components than those shown in the figures, or may combine certain components, or have a different arrangement of components.
In one embodiment, a computer device is provided, comprising a memory having a computer program stored therein and a processor that when executing the computer program performs the steps of: receiving an account and a password through a first browser, and logging in a first server according to the account and the password; when the second browser needs to be jumped to, opening the second browser in the first browser and acquiring a website to be jumped; the account and the password are sent to a second server corresponding to the website to be jumped through a second browser, and the second server is used for logging in the website to be jumped according to the account and the password; and when receiving the message that the second server successfully logs in, jumping to the website to be jumped.
In one embodiment, the sending, by the processor, the account and the password to the second server corresponding to the website to be jumped through the second browser when the processor executes the computer program includes: acquiring a system identifier; splicing the system identification, the website to be jumped, the account and the password to obtain a first spliced character string; sending the first splicing character string to a second server corresponding to the website to be jumped; and the system identifier is used for indicating the second server to judge whether the system identifier in the first spliced character string meets the first requirement or not, and logging in the website to be jumped according to the account number and the password if the system identifier in the first spliced character string meets the first requirement.
In one embodiment, after logging in the first server according to the account number and the password, the processor, when executing the computer program, further includes: encrypting the password to obtain an encrypted character string; before the second browser is opened in the first browser, the processor, implemented when executing the computer program, further includes: acquiring system time, and splicing the system time, the encrypted character strings and the user name to obtain a second spliced character string; encrypting the second spliced character string to obtain a first ciphertext; the method for splicing the system identification, the website to be jumped, the account and the password to obtain a first spliced character string when the processor executes the computer program comprises the following steps: splicing the system identification, the website to be jumped and the first ciphertext to obtain a first spliced character string; the first splicing character string is used for indicating the second server to judge whether a system identifier in the first splicing character string meets a first requirement or not, if the system identifier meets the first requirement, the first ciphertext is continuously decrypted to obtain a third splicing character string, the third splicing character string is encrypted to obtain a second ciphertext, whether the account number and the second ciphertext meet a second requirement or not is judged, and if the second ciphertext meets the second requirement, the website to be skipped is logged in according to the account number and the password.
In one embodiment, encrypting the password implemented by the processor when executing the computer program results in an encrypted string, comprising: and (4) salt encryption is carried out on the password to obtain an encrypted character string.
In one embodiment, a computer device is provided, comprising a memory and a processor, the memory having a computer program stored therein, the processor implementing the following steps when executing the computer program: receiving a login request sent by a terminal, wherein the login request is generated according to an account and a password stored in a first browser and sent through a second browser after the terminal receives the account and the password through the first browser, and when the terminal needs to jump to the second browser, the second browser is opened in the first browser, and a website to be jumped is acquired; verifying the account number and the password; and when the verification is successful, returning a successful login message to the terminal, wherein the successful login message is used for indicating the terminal to jump to the website to be jumped in the second browser.
In one embodiment, the login request realized when the processor executes the computer program also carries a first splicing character string, wherein the first splicing character string is obtained by splicing a system identifier, a website to be jumped, an account and a password; before the account number and the password are verified when the processor executes the computer program, the method further comprises the following steps: extracting a system identifier in the first spliced character string; judging whether the system identification meets a first requirement or not; and when the system identification meets the first requirement, the account and the password are continuously verified.
In one embodiment, a first splicing character string realized when a processor executes a computer program is obtained by splicing according to a system identifier, a website to be jumped and a first ciphertext, the first ciphertext is obtained by encrypting a second splicing character string, the second splicing character string is obtained by acquiring system time before a second browser is opened in the first browser, and splicing the system time, an encryption character string and a user name, wherein the encryption character string is obtained by encrypting an account number by a terminal; when the system identification meets the first requirement, the account number and the password are continuously verified, wherein the verification is realized when the processor executes the computer program, and the verification comprises the following steps: when the system identification meets the first requirement, the first ciphertext is decrypted to obtain a third splicing character string; encrypting the encrypted character string in the third spliced character string to obtain a second ciphertext; judging whether the account number and the second ciphertext meet a second requirement or not; and if the second ciphertext meets the second requirement, verifying the account number and the password.
In one embodiment, before the encrypting the encrypted string in the third spliced string to obtain the second ciphertext, the processor, implemented when executing the computer program, further includes: acquiring current time, and judging whether the difference value between the system time in the third spliced character string and the current time meets the time requirement or not; if the time requirement is not met, returning a login page to the terminal; and if the time requirement is met, continuously encrypting the encrypted character string in the third spliced character string to obtain a second ciphertext.
In one embodiment, the encrypting the encrypted string in the third spliced string to obtain the second ciphertext, implemented when the processor executes the computer program, includes: and performing salt encryption on the encrypted character string in the third spliced character string to obtain a second ciphertext.
In one embodiment, a computer-readable storage medium is provided, on which a computer program is stored which, when executed by a processor, performs the steps of: receiving an account and a password through a first browser, and logging in a first server according to the account and the password; when the second browser needs to be jumped to, opening the second browser in the first browser and acquiring a website to be jumped; the account and the password are sent to a second server corresponding to the website to be jumped through a second browser, and the second server is used for logging in the website to be jumped according to the account and the password; and when receiving the message that the second server successfully logs in, jumping to the website to be jumped.
In one embodiment, the sending of the account and the password to the second server corresponding to the website to be jumped through the second browser when the computer program is executed by the processor includes: acquiring a system identifier; splicing the system identification, the website to be jumped, the account and the password to obtain a first spliced character string; sending the first splicing character string to a second server corresponding to the website to be jumped; and the system identification is used for indicating the second server to judge whether the system identification in the first spliced character string meets a first requirement or not, and if so, logging in the website to be jumped according to the account and the password.
In one embodiment, the computer program when executed by the processor, after logging in to the first server according to the account number and the password, further comprises: encrypting the password to obtain an encrypted character string; before the second browser is opened in the first browser, the processor, implemented when executing the computer program, further includes: acquiring system time, and splicing the system time, the encrypted character string and the user name to obtain a second spliced character string; encrypting the second spliced character string to obtain a first ciphertext; the method for splicing the system identifier, the website to be jumped, the account and the password to obtain a first spliced character string when the processor executes the computer program comprises the following steps: splicing the system identification, the website to be jumped and the first ciphertext to obtain a first spliced character string; the first splicing character string is used for indicating the second server to judge whether a system identifier in the first splicing character string meets a first requirement or not, if the system identifier meets the first requirement, the first ciphertext is continuously decrypted to obtain a third splicing character string, the third splicing character string is encrypted to obtain a second ciphertext, whether the account number and the second ciphertext meet a second requirement or not is judged, and if the second ciphertext meets the second requirement, the website to be skipped is logged in according to the account number and the password.
In one embodiment, encrypting a password to obtain an encrypted string, implemented when the computer program is executed by a processor, comprises: and (4) carrying out salt encryption on the password to obtain an encrypted character string.
In one embodiment, a computer-readable storage medium is provided, having a computer program stored thereon, which when executed by a processor, performs the steps of: receiving a login request sent by a terminal, wherein the login request is generated according to an account and a password stored in a first browser and sent through a second browser after the terminal receives the account and the password through the first browser, and when the terminal needs to jump to the second browser, the second browser is opened in the first browser, and a website to be jumped is acquired; verifying the account number and the password; and when the verification is successful, returning a successful login message to the terminal, wherein the successful login message is used for indicating the terminal to jump to the website to be jumped in the second browser.
In one embodiment, the login request realized when the computer program is executed by the processor also carries a first splicing character string, wherein the first splicing character string is obtained by splicing a system identifier, a website to be jumped, an account and a password; before the account number and the password are verified when the computer program is executed by the processor, the method further comprises the following steps: extracting a system identifier in the first spliced character string; judging whether the system identification meets a first requirement or not; and when the system identification meets the first requirement, the account number and the password are continuously verified.
In one embodiment, a first splicing character string realized when a computer program is executed by a processor is obtained by splicing according to a system identifier, a website to be jumped and a first ciphertext, the first ciphertext is obtained by encrypting a second splicing character string, the second splicing character string is obtained by obtaining system time before a second browser is opened in the first browser, and the system time, the encryption character string and a user name are spliced, wherein the encryption character string is obtained by encrypting an account number by a terminal; when the system identification meets the first requirement, the computer program is implemented by a processor, and the verification of the account number and the password is continued, and the method comprises the following steps: when the system identification meets the first requirement, the first ciphertext is decrypted to obtain a third splicing character string; encrypting the encrypted character string in the third spliced character string to obtain a second ciphertext; judging whether the account number and the second ciphertext meet a second requirement; and if the second ciphertext meets the second requirement, verifying the account and the password.
In one embodiment, before encrypting the encrypted string in the third spliced string to obtain the second ciphertext, the computer program, when executed by the processor, further includes: acquiring current time, and judging whether the difference value between the system time in the third spliced character string and the current time meets the time requirement or not; if the time requirement is not met, returning a login page to the terminal; and if the time requirement is met, continuously encrypting the encrypted character string in the third spliced character string to obtain a second ciphertext.
In one embodiment, encrypting the encrypted string in the third concatenated string to obtain the second ciphertext, when performed by the processor, includes: and performing salt encryption on the encrypted character string in the third spliced character string to obtain a second ciphertext.
In an embodiment, a computer program product is provided, comprising a computer program which, when executed by a processor, carries out the steps in the method embodiments described above.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database or other medium used in the embodiments provided herein can include at least one of non-volatile and volatile memory. Non-volatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, or the like. Volatile Memory can include Random Access Memory (RAM) or external cache Memory. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM), among others.
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.
Claims (10)
1. A cross-browser login method is applied to a terminal, and comprises the following steps:
receiving an account and a password through a first browser, logging in a first server according to the account and the password, after logging in successfully, performing salt addition encryption on the password to obtain an encrypted character string, converting the encrypted character string into capitals, storing the capitals in a session, acquiring system time, and splicing the system time, the encrypted character string and the account to obtain a second spliced character string; encrypting the second spliced character string to obtain a first ciphertext; when the types of browsers supported by a first system and a second system are different, judging that the browser needs to be jumped to a second browser;
when a second browser needs to be jumped to, opening the second browser in the first browser, and acquiring a website to be jumped;
sending the account number and the password to a second server corresponding to the website to be jumped through the second browser, wherein the steps of: acquiring a system identifier; splicing the system identification, the website to be jumped and the first ciphertext to obtain a first spliced character string; sending the first splicing character string to a second server corresponding to the website to be jumped; the first splicing character string is used for indicating the second server to judge whether a system identifier in the first splicing character string meets a first requirement or not, if the system identifier meets the first requirement, the first ciphertext is continuously decrypted to obtain a third splicing character string, the third splicing character string is encrypted to obtain a second ciphertext, whether the account number and the second ciphertext meet a second requirement or not is judged, and if the second ciphertext meets the second requirement, the website to be jumped is logged in according to the account number and the password;
and when receiving the message that the second server successfully logs in, jumping to the website to be jumped.
2. A cross-browser login method applied to a second server, the method comprising:
receiving a login request sent by a terminal, wherein the login request is generated according to an account and a password stored in a first browser and is sent by the second browser after the terminal receives the account and the password through the first browser, and when the terminal needs to jump to the second browser, the second browser is opened in the first browser, a website to be jumped is acquired, and the login request is generated according to the account and the password stored in the first browser; the method comprises the steps that in the process of service execution, a first system needs to jump to a second system, and the types of browsers supported by the first system and the second system are different, the fact that the browser needs to jump to the second browser is judged; the login request carries a first splicing character string, and the first splicing character string is obtained by splicing a system identifier, a website to be jumped and a first ciphertext; the first ciphertext is obtained by encrypting a second spliced character string, the second spliced character string is obtained by splicing the system time, the encrypted character string and the account, the encrypted character string is obtained by adding salt to the password and encrypting the password after logging in the first server successfully according to the account and the password, and the encrypted character string is converted into the capital letter and stored in the session;
judging whether the system identification in the first spliced character string meets a first requirement, if so, continuing to decrypt the first ciphertext to obtain a third spliced character string, encrypting the third spliced character string to obtain a second ciphertext, and judging whether the account number and the second ciphertext meet a second requirement;
if the second ciphertext meets a second requirement, logging in the website to be jumped according to the account and the password, and returning a successful logging message to the terminal, wherein the successful logging message is used for indicating the terminal to jump to the website to be jumped in the second browser.
3. The method of claim 2, wherein before encrypting the third concatenated string to obtain the second ciphertext, further comprising:
acquiring current time, and judging whether the difference value between the system time in the third spliced character string and the current time meets the time requirement or not;
if the time requirement is not met, returning a login page to the terminal;
and if the time requirement is met, continuously encrypting the encrypted character string in the third spliced character string to obtain a second ciphertext.
4. The method of claim 2, wherein encrypting the third concatenated string to obtain the second ciphertext comprises:
and performing salt encryption on the encrypted character string in the third spliced character string to obtain a second ciphertext.
5. A cross-browser login apparatus, applied to a terminal, the apparatus comprising:
the first receiving module is used for receiving an account and a password through a first browser, logging in a first server according to the account and the password, adding salt to the password for encryption after the login is successful to obtain an encrypted character string, converting the encrypted character string into capital for storage in a session, acquiring system time, and splicing the system time, the encrypted character string and the account to obtain a second spliced character string; encrypting the second spliced character string to obtain a first ciphertext, wherein when the first system needs to jump to a second system in the service execution process and the browser types supported by the first system and the second system are different, the second system needs to jump to a second browser;
the website acquisition module is used for opening a second browser in the first browser and acquiring a website to be jumped when the second browser needs to be jumped to;
the first sending module is configured to send the account and the password to a second server corresponding to the website to be jumped through the second browser, and includes: splicing the system identification, the website to be jumped and the first ciphertext to obtain a first spliced character string; sending the first splicing character string to a second server corresponding to the website to be jumped; the first splicing character string is used for indicating the second server to judge whether a system identifier in the first splicing character string meets a first requirement or not, if the system identifier meets the first requirement, the first ciphertext is continuously decrypted to obtain a third splicing character string, the third splicing character string is encrypted to obtain a second ciphertext, whether the account number and the second ciphertext meet a second requirement or not is judged, and if the second ciphertext meets the second requirement, the website to be jumped is logged in according to the account number and the password;
and the skipping module is used for skipping to the website to be skipped when receiving the message that the second server successfully logs in.
6. A cross-browser login apparatus, applied to a server, the apparatus comprising:
the second receiving module is used for receiving a login request sent by a terminal, wherein the login request is that the terminal receives an account and a password through a first browser, and after logging in a first server according to the account and the password, when a user needs to jump to a second browser, the user opens the second browser in the first browser and obtains a website to be jumped, and the website to be jumped is generated according to the account and the password stored in the first browser and sent through the second browser; the method comprises the steps that in the process of service execution, a first system needs to jump to a second system, and the types of browsers supported by the first system and the second system are different, the fact that the browser needs to jump to the second browser is judged; the login request carries a first splicing character string, and the first splicing character string is obtained by splicing a system identifier, a website to be jumped and a first ciphertext; the first ciphertext is obtained by encrypting a second spliced character string, the second spliced character string is obtained by splicing system time, an encrypted character string and an account, the encrypted character string is obtained by salting and encrypting a password after logging in a first server successfully according to the account and the password, and the encrypted character string is converted into an uppercase and stored in a session;
the verification module is used for judging whether the system identifier in the first spliced character string meets the first requirement, if the system identifier meets the first requirement, continuously decrypting the first ciphertext to obtain a third spliced character string, encrypting the third spliced character string to obtain a second ciphertext, and judging whether the account number and the second ciphertext meet the second requirement;
and the second sending module is used for logging in the website to be jumped according to the account and the password if the second ciphertext meets a second requirement, and returning a successful logging message to the terminal, wherein the successful logging message is used for indicating the terminal to jump to the website to be jumped in the second browser.
7. The apparatus of claim 6, wherein the cross-browser login means further comprises:
the time judgment module is used for acquiring current time and judging whether the difference value between the system time in the third spliced character string and the current time meets the time requirement or not;
the return module is used for returning a login page to the terminal if the time requirement is not met;
and the verification module is further used for continuously encrypting the encrypted character string in the third spliced character string to obtain a second ciphertext if the time requirement is met.
8. The apparatus of claim 6, wherein the verification module is further configured to salt an encrypted string in the third spliced string to obtain a second ciphertext.
9. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor, when executing the computer program, implements the steps of the method of any of claims 1 to 4.
10. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210250023.2A CN114448722B (en) | 2022-03-15 | 2022-03-15 | Cross-browser login method and device, computer equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210250023.2A CN114448722B (en) | 2022-03-15 | 2022-03-15 | Cross-browser login method and device, computer equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114448722A CN114448722A (en) | 2022-05-06 |
| CN114448722B true CN114448722B (en) | 2023-01-10 |
Family
ID=81360360
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210250023.2A Active CN114448722B (en) | 2022-03-15 | 2022-03-15 | Cross-browser login method and device, computer equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114448722B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116595284B (en) * | 2023-07-13 | 2023-10-03 | 太平金融科技服务(上海)有限公司 | Webpage system operation method, device, equipment, storage medium and program |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103139162A (en) * | 2011-11-29 | 2013-06-05 | 阿里巴巴集团控股有限公司 | Login method and equipment of network account |
| CN104301316A (en) * | 2014-10-13 | 2015-01-21 | 中国电子科技集团公司第二十八研究所 | Single sign-on system and implementation method thereof |
| CN107016074A (en) * | 2017-03-24 | 2017-08-04 | 腾讯科技(深圳)有限公司 | A kind of webpage loading method and device |
| CN107835248A (en) * | 2017-11-13 | 2018-03-23 | 暴风集团股份有限公司 | Cookie information sharing method, device and terminal |
| CN110647736A (en) * | 2019-08-13 | 2020-01-03 | 平安科技(深圳)有限公司 | Plug-in agent system login method and device, computer equipment and storage medium |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9413750B2 (en) * | 2011-02-11 | 2016-08-09 | Oracle International Corporation | Facilitating single sign-on (SSO) across multiple browser instance |
| CN104426862B (en) * | 2013-08-27 | 2019-02-22 | 腾讯科技(深圳)有限公司 | Realize method, system and browser that cross-domain request logs in |
| CN107733847B (en) * | 2017-07-25 | 2020-06-09 | 深圳壹账通智能科技有限公司 | Method and device for platform login website, computer equipment and readable storage medium |
-
2022
- 2022-03-15 CN CN202210250023.2A patent/CN114448722B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103139162A (en) * | 2011-11-29 | 2013-06-05 | 阿里巴巴集团控股有限公司 | Login method and equipment of network account |
| CN104301316A (en) * | 2014-10-13 | 2015-01-21 | 中国电子科技集团公司第二十八研究所 | Single sign-on system and implementation method thereof |
| CN107016074A (en) * | 2017-03-24 | 2017-08-04 | 腾讯科技(深圳)有限公司 | A kind of webpage loading method and device |
| CN107835248A (en) * | 2017-11-13 | 2018-03-23 | 暴风集团股份有限公司 | Cookie information sharing method, device and terminal |
| CN110647736A (en) * | 2019-08-13 | 2020-01-03 | 平安科技(深圳)有限公司 | Plug-in agent system login method and device, computer equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114448722A (en) | 2022-05-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110493202B (en) | Login token generation and verification method and device and server | |
| KR102493744B1 (en) | Security Verification Method Based on Biometric Characteristics, Client Terminal, and Server | |
| WO2019184135A1 (en) | Application login method and apparatus, and computer device and storage medium | |
| CN112425114B (en) | Password manager protected by public key-private key pair | |
| US9686344B2 (en) | Method for implementing cross-domain jump, browser, and domain name server | |
| US9769654B2 (en) | Method of implementing a right over a content | |
| CN110399717B (en) | Key acquisition method and device, storage medium and electronic device | |
| WO2017067201A1 (en) | Wi-fi connection method, terminal, and system | |
| CN111897786B (en) | Log reading method, device, computer equipment and storage medium | |
| CN109951295B (en) | Key processing and using method, device, equipment and medium | |
| CN110768784B (en) | Password transmission method, device, computer equipment and storage medium | |
| CN113297559B (en) | Single sign-on method and device, computer equipment and storage medium | |
| US8984599B2 (en) | Real time password generation apparatus and method | |
| US20220417020A1 (en) | Information processing device, information processing method, and non-transitory computer readable storage medium | |
| CN114448722B (en) | Cross-browser login method and device, computer equipment and storage medium | |
| CN106533685B (en) | Identity authentication method, device and system | |
| CN111628985A (en) | Security access control method, security access control device, computer equipment and storage medium | |
| CN114567557B (en) | Message processing method, device, computer equipment and storage medium | |
| CN110602700A (en) | Seed key processing method and device and electronic equipment | |
| CN108259456B (en) | Method, device, equipment and computer storage medium for realizing user login-free | |
| CN113595871B (en) | Account login method and device, computer equipment and storage medium | |
| CN112543194B (en) | Mobile terminal login method and device, computer equipment and storage medium | |
| CN112769565B (en) | Method, device, computing equipment and medium for upgrading cryptographic algorithm | |
| CN112260997B (en) | Data access method, device, computer equipment and storage medium | |
| TWI441534B (en) | A method of the data transmission of the mobile phone and the system therefore |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |