CN114826604A - Applet login verification method, device and equipment based on face recognition and storage medium - Google Patents

Applet login verification method, device and equipment based on face recognition and storage medium Download PDF

Info

Publication number
CN114826604A
CN114826604A CN202210299653.9A CN202210299653A CN114826604A CN 114826604 A CN114826604 A CN 114826604A CN 202210299653 A CN202210299653 A CN 202210299653A CN 114826604 A CN114826604 A CN 114826604A
Authority
CN
China
Prior art keywords
user
face
face recognition
login
applet
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210299653.9A
Other languages
Chinese (zh)
Inventor
夏柳娟
杨周龙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Dongpu Software Co Ltd
Original Assignee
Dongpu Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Dongpu Software Co Ltd filed Critical Dongpu Software Co Ltd
Priority to CN202210299653.9A priority Critical patent/CN114826604A/en
Publication of CN114826604A publication Critical patent/CN114826604A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • G06N3/045Combinations of networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Mathematical Physics (AREA)
  • Data Mining & Analysis (AREA)
  • Molecular Biology (AREA)
  • Computational Linguistics (AREA)
  • Biophysics (AREA)
  • General Physics & Mathematics (AREA)
  • Evolutionary Computation (AREA)
  • Software Systems (AREA)
  • Biomedical Technology (AREA)
  • Artificial Intelligence (AREA)
  • Computer Hardware Design (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Collating Specific Patterns (AREA)

Abstract

The invention specifically discloses a small program login verification method, a small program login verification device, small program login verification equipment and a readable memory based on face recognition, wherein the small program login verification method comprises the following steps: the server configures trust login parameters, and analyzes the trust login parameters for a user logged in by an applet so as to finish primary identification on the user identity; judging whether the user binds an SOA account number or not so as to complete account verification of the user; acquiring the face image information of the user, and performing face recognition on the face image of the user by using a pre-trained face recognition model; and outputting the face recognition verification result of the user through the face recognition model so as to display the verification result on the user. The method initially identifies the user identity and then judges whether the user binds an SOA account to verify the user authority, so that the safety is ensured; the face image verification of the user is completed by using the face recognition model, and the verification accuracy and safety are improved.

Description

Applet login verification method, device and equipment based on face recognition and storage medium
Technical Field
The invention belongs to the technical field of small program login verification, and particularly relates to a small program login verification method, a small program login verification device, small program login verification equipment and a storage medium based on face recognition.
Background
The applet is an application which can be used without downloading and installing, the development of the applet is simple and convenient for a developer on the basis of an applet development platform, and the applet can be used at any time without installing and uninstalling the applet for a user, so that the applet is more and more popular with an application market and the user. With the rapid development of the express industry in recent years, logistics enterprises are rapidly developed, small programs are applied to logistics management, and the logistics management means planning, organizing, commanding, coordinating, controlling and supervising logistics activities according to the law of material data entity flow and the basic principle and scientific method of management in the social reproduction process, so that the logistics activities are optimally coordinated and matched, the logistics cost is reduced, and the logistics efficiency and economic benefit are improved; the company account number of the small program of the logistics enterprise is used by a plurality of people, so that the information safety and the fund safety are not facilitated, and when problems occur, people in charge cannot be tracked, and the management of the logistics enterprise is not facilitated.
Disclosure of Invention
In order to solve the above problems, the present invention aims to provide a small program login verification method, apparatus, device and storage medium based on face recognition, wherein the small program login verification method, apparatus, device and storage medium based on face recognition primarily recognize or judge the identity of a user, and then judge whether the user binds to an SOA account to primarily verify the user authority, thereby ensuring safety; the face image verification of the user is completed by using the face recognition model, and the verification accuracy and safety are improved.
In order to achieve the purpose, the technical scheme of the invention is as follows:
a small program login verification method based on face recognition comprises the following steps:
the server configures trust login parameters, and analyzes the trust login parameters for a user logged in by an applet so as to finish primary identification on the user identity; judging whether the user binds an SOA account number or not so as to complete account verification of the user; acquiring the face image information of the user, and performing face recognition on the face image of the user by using a pre-trained face recognition model; and outputting the face recognition verification result of the user through the face recognition model so as to display the verification result on the user.
In one embodiment, the server configures a trusted login parameter that is parsed for users logged in with the applet, further comprising: the server receives a registration request of a user, judges whether the user has a trusted certificate, if so, carries out the next step, if not, further carries out login authentication on the user, distributes trusted login parameters to the user passing the login authentication, and sends a protected trusted certificate to the user; the server installs a public key on the user and saves a key of the protected certificate; and when the server receives the request data, the key encryption is firstly carried out on the data to be sent at present so as to decrypt the data transmitted by the user through the public key.
In one embodiment, before configuring the trusted login parameter, the server further comprises: the server generates an applet two-dimensional code and displays the applet two-dimensional code to the user; receiving a first login request sent by the user through an applet; and generating a random number according to the user name of the user, further storing the adaptation relation between the user name and the random number, and then sending the user name and the random number to the user so that the user can encrypt the user name and the random number after combining the user name and the random number according to a preset rule.
In one embodiment, the server configures trust login parameters, and parsing the trust login parameters for a user logged in with an applet further comprises: the server receives a second login request of the user and analyzes the user name and password information of the user; firstly, the user name and the random number which are pre-stored by the server are taken out; then, password information pre-adapted to the user name is taken out, and then the password information and the random array are combined and encrypted according to the same preset rule to obtain an encrypted ciphertext; and comparing the password ciphertext with the password information to obtain a login request result.
In an embodiment, the determining whether the user binds to an SOA account further includes: receiving SOA account information input by the user, searching the SOA account information in a properties file, and allowing the user to input an SOA account password after the SOA account information is successfully searched; and receiving the SOA account password input by the user, searching and matching the SOA account information and the SOA account password in the properties file, determining the integrity authentication of the user information if the matched user is successful, and determining that the user binds the SOA account if the matched user passes the authentication.
In one embodiment, the method for performing face recognition on the face image of the user by using a pre-trained face recognition model comprises the following steps: acquiring a face image; carrying out face detection on the face image by adopting a multitask cascade convolution network model to obtain a face front area; extracting a face feature vector of the face image by adopting a lightweight face recognition network model according to the face front area; and comparing the face characteristic vector with the sample characteristic vector of each face sample image in a characteristic database to determine a characteristic distance, and outputting an identification result according to a comparison result of the characteristic distance and an identification threshold.
In an embodiment, the extracting the face feature vector of the face image by using the lightweight face recognition network model specifically includes: the method comprises the steps that a 3D alignment mode is adopted in a deep face model of the server, an LBP histogram is used for carrying out picture texturing and extracting corresponding features, SVR processing is used for the extracted features to extract a face and six corresponding basic points, affine change is carried out according to the six basic points, corresponding 67 face key points are obtained according to a 3D model, then triangular division is carried out according to the points to finally obtain a corresponding 3D face, and face feature vectors of a face image are extracted; the comparing according to the face feature vector and the sample feature vector of each face sample image in the feature database further comprises: the DeepFace model adopts a CNN structure to process the aligned human face, the human face normalization mainly changes the characteristic values of the human face to be between (0,1), and the normalization mode is as follows: firstly, normalizing each dimension, dividing each dimension by the maximum value of the dimension, then normalizing the whole vector, and respectively comparing the face feature vector subjected to face normalization processing with the sample feature vector in the feature database.
Based on the same conception, the invention also provides a small program login verification device based on face recognition, which comprises: the primary identification processing module is used for configuring trust login parameters, analyzing the trust login parameters for a user logged in by an applet to finish primary identification on the identity of the user, and judging whether the user binds an SOA account to finish account verification on the user; a face recognition module: the face recognition module is used for acquiring face image information of the user and carrying out face recognition on the face image of the user by using a pre-trained face recognition model; and the verification result display module is used for outputting the face recognition verification result of the user through the face recognition model so as to display the verification result on the user.
Based on the same concept, the present invention also provides a computer apparatus comprising: a memory for storing a processing program; and the processor is used for realizing the small program login verification method based on the face recognition when executing the processing program.
Based on the same conception, the invention also provides a readable storage medium, wherein a processing program is stored on the readable storage medium, and the processing program is executed by a processor to carry out the small program login verification method based on the face recognition.
After the technical scheme is adopted, compared with the prior art, the invention has the advantages that:
firstly, preliminarily identifying or judging the identity of a user, and then judging whether the user binds an SOA account so as to preliminarily verify the user authority and ensure the safety; the face image verification of the user is completed by using the face recognition model, and the verification accuracy and safety are improved. According to the invention, the random number and the password are combined in a preset mode, so that the combination number of each login request changes along with the change of the random number and corresponds to the user requesting login at present one by one, the mobile user cannot forge, and the safety is further improved. The face recognition model is adopted to detect, align, extract and classify the face image of the face, so that the recognition precision is further improved.
Drawings
The following detailed description of embodiments of the invention is provided in conjunction with the appended drawings, in which:
FIG. 1 is a flowchart of a first embodiment of a method for verifying applet login based on face recognition according to the present invention;
FIG. 2 is a flowchart illustrating an example of whether a user binds to an SOA account according to the present invention;
FIG. 3 is a flowchart of an exemplary method for starting a face recognition model for recognition verification according to the present invention;
FIG. 4 is a flowchart of a second embodiment of a method for verifying applet login based on face recognition according to the present invention;
FIG. 5 is a schematic diagram of an embodiment of an applet login authentication apparatus based on face recognition according to the present invention;
FIG. 6 is a schematic diagram of an embodiment of a computer device of the present invention.
Detailed Description
The invention is described in further detail below with reference to the figures and specific examples. Advantages and features of the present invention will become apparent from the following description and from the claims. It is to be noted that the drawings are in a very simplified form and are each provided with a non-precise ratio for the purpose of facilitating and clearly facilitating the description of the embodiments of the present invention.
It should be noted that all the directional indicators (such as up, down, left, right, front, and rear … …) in the embodiment of the present invention are only used to explain the relative position relationship between the components, the movement situation, etc. in a specific posture (as shown in the drawing), and if the specific posture is changed, the directional indicator is changed accordingly.
Example one
The business account number of this embodiment to commodity circulation enterprise applet is because many people use, is unfavorable for information security and fund safety, when the problem appeared simultaneously, also can't track the person of responsibility, the management of the commodity circulation enterprise of being not convenient for.
Specifically, as shown in fig. 1, a flowchart of a first example of the applet login authentication method based on face recognition is shown. It comprises the following steps:
s110, the server configures trust login parameters, and analyzes the trust login parameters for the user logged in by the applet so as to finish primary identification on the user identity;
s120, judging whether the user binds an SOA account number to finish the account verification of the user;
s130, collecting the face image information of the user, and carrying out face recognition on the face image of the user by using a pre-trained face recognition model;
and S140, outputting the face recognition verification result of the user through the face recognition model so as to display the verification result on the user.
In the embodiment, the server configures and analyzes the trust login parameters to preliminarily identify or judge the identity of the user, and then judges whether the user binds an SOA account number to preliminarily verify the account of the user, so that the safety is ensured; finally, a face recognition model is used for finishing a face image of the user, so that the face recognition accuracy is improved; the face information has the advantages of being incapable of being copied and stolen, simple, convenient and visual, the information safety and the fund safety of the system can be ensured, the cost of the image acquisition equipment is lower than that of identification technologies such as fingerprints and irises, and the face information has the tracking capacity of monitoring and rechecking.
In this example, the authentication of the user by the server is divided into the following three processes: the method comprises the steps of (I) carrying out a primary identification process on the user identity, (II) verifying an account, and (III) carrying out face identification. Through the identification and verification in the three processes, the safety and the comprehensiveness of the server for the user authentication logged in by the applet are greatly improved.
(I) S110 is explained in detail.
In the process of primary identification of the user identity, the server can configure the trust login parameters first. The trust login refers to the step of logging in a currently accessed website by using a relatively mature user library of a third party, and when a user needs to access a server, the server sends a protected trust certificate to the user.
When a server receives a login request of a user, whether a certificate sent by the user is trusted is judged, if so, a public key is installed at a user side, and the server has a secret key of a protected certificate.
There are many configurations for the server to configure the trusted login parameters. For example, after the server provides the two-dimensional code through the WeChat, the server receives a login request of the user for the applet through scanning the two-dimensional code, and may configure a trusted login parameter of the user, and the server may configure an issuer ID (APPID) and a developer password (APPSecret) of a WeChat public account of the user: filling in wechat webpage end parameters in ' wechat platform background-website setting-trust login-wechat parameter configuration ', wherein app _ id corresponds to APPID, app _ key corresponds to APPSecre, interface authority in a wechat public account of a user ' -webpage authorization acquires user basic information, and a JS interface safety domain name fills in an access domain name of a wap end, for example: service, javamall, com, cn, web authorized domain name fills in the api domain name of the server, for example: service. javamall. com. cn.
The server may configure trusted login parameters when the user first submits a login request.
When logging in subsequently, the server installs the public key at the user end and stores the key of the protected certificate; when the server receives the request data, the key encryption is firstly carried out on the data to be sent at present, so that the data transmitted by the user is decrypted through the public key.
Step S120 is explained in detail.
And judging whether the user binds an SOA account number or not so as to finish the account verification of the user.
Specifically, the SOA account is a company account in "a company account of a small program of a logistics enterprise is used by many people" in the background art, and after a current login user inputs a correct account, the operation taken by the current user can be bound with the account and the current user, so that the monitoring of different user operations of a unified account can be realized.
Referring to fig. 2, the process of determining whether the user binds to an SOA account further includes:
s201: receiving SOA account information input by the user, searching SOA account information in a properties file (note that the properties file is a configuration file and is mainly used for expressing configuration information, the file type is X. properties, the format is a text file, the content of the file is in a format of 'key value', in the properties file, '#' can be used for annotation, the properties file has a lot of places used in Java programming and is convenient to operate), and allowing the user to input an SOA account password after the SOA account information is searched successfully;
s202: and receiving the SOA account password input by the user, searching and matching the SOA account information and the SOA account password in the properties file, determining the integrity authentication of the user information by the successfully matched user, and if the user passes the authentication, determining that the user binds the SOA account.
The user needs to input the login account password, and the password can not be input until the input account is correct.
In this example, the number of times of verification may be set in advance, and the remaining number of times may be prompted. And when the preset verification times are reached, locking the login authority of the user.
And under the condition that the account and the password can be searched and matched in the properties file, judging that the user binds the SOA account.
Further, under the condition that the current login user is confirmed to be bound with the account, a face recognition model is started to realize safe recognition and verification of the account.
(III) the step S130 is explained in detail.
Acquiring the face image information of the user, and performing face recognition on the face image of the user by using a pre-trained face recognition model;
please refer to fig. 3, which is a diagram illustrating an example of a method for performing face recognition on a face image of a user by using a pre-trained face recognition model. It includes:
s301: acquiring a face image;
specifically, an image within a specific range is acquired by an image acquisition device of a user.
In this embodiment, a preset camera on the mobile terminal may be used to capture a picture of the currently operated object, or a specific image capture device may be used to capture an image, for example, a camera pre-installed on an express cabinet.
S302: carrying out face detection on the face image by adopting a multitask cascade convolution network model to obtain a face front area;
specifically, the flow of face alignment may include:
a. face detection, using 6 base points;
b. two-dimensional cutting, namely cutting out a face part;
c.67 base points, then Delaunay triangularization, adding triangles at the contour to avoid discontinuity;
d. converting the triangulated face into a 3D shape;
e. the triangulated face becomes a 3D triangulation network with depth;
f. deflecting the triangulation network to enable the front of the face to face forwards;
g. and finally, putting the face right.
The effect of this step is to align the faces using the 3D model, so that subsequent feature extraction can be made to take maximum effect.
After 3D alignment, the images formed are all 152 x 152 images, input into the network structure.
S303: extracting a face feature vector of the face image by adopting a lightweight face recognition network model according to the face front area;
specifically, the parameters of the structure are as follows:
conv 32 convolution kernels of 11X 3
max-pooling:3×3,stride=2
Conv 16 9 × 9 convolution kernels
16 convolution kernels of 9 × 9, Local-Conv, meaning that the parameters of the convolution kernels do not share
Local-Conv 16 convolution kernels of 7 × 7, parameters not shared
Local-Conv 16 5 × 5 convolution kernels with no parameter sharing
4096-dimentional Fully-connected
Softmax 4030 dimension
Purpose of the first three layers: it consists in extracting low-level features such as simple edges and textures. Wherein the Max-posing layer makes the convolution output more robust to small offset situations. But not too many Max-pooling layers because too many Max-pooling layers would cause the network to lose image information.
The purpose of the last three layers: are convolution kernels with no shared parameters.
The connecting layer connects each unit of the previous layer with all the units of the current layer and is used for capturing the correlation among the features of different positions of the face image. Wherein layer 7 (4096-d) is used to represent a human face.
S304: and comparing the face feature vector with the sample feature vector of each face sample image in a feature database to determine a feature distance, and outputting an identification result according to the comparison result of the feature distance and an identification threshold.
Specifically, the classification method adopts a weighted chi-square distance and a siemese network structure, and if f1 and f2 are set as feature vectors, the output of the previous step includes:
1. weighted chi-square distance: the calculation formula is as follows, and the weighting parameters are calculated by a linear SVM:
χ 2 (f 1 ,f 2 )=∑ i w i (f 1 [i]-f 2 [i]) 2 /(f 1 [i]+f 2 [i])
2. siamese network: the network structure is trained in pairs, and the obtained feature representation is used for calculating the distance by using the following formula:
d(f 1 ,f 2 )=∑ i α i |f 1 [i]-f 2 [i]|
optionally, the face recognition model may also perform face recognition work using a network model such as deep id1, deep id2, deep id2+, deep id3, FaceNet, and the like. The present face model is not limited to the above-described deep face model, and may be any model as long as the face recognition function can be realized.
The above is only an example, and the following scheme may also be adopted in this example, where the extracting of the face feature vector of the face image by using the lightweight face recognition network model may specifically include: the method comprises the steps that a 3D alignment mode is adopted in a Deepface model of the server, an LBP histogram is subjected to picture texturing, corresponding features are extracted, the extracted features are subjected to SVR processing to extract a human face and six corresponding basic points, affine change is carried out according to the six basic points, corresponding 67 face key points are obtained according to a 3D model, and a triangle division is carried out according to the points to finally obtain a corresponding 3D human face;
the comparing according to the face feature vector and the sample feature vector of each face sample image in the feature database further comprises: the DeepFace model adopts a CNN structure to process the aligned human face, the human face normalization mainly changes the characteristic values of the human face into (0,1), and the normalization mode is as follows: each dimension is normalized first, and each dimension is divided by the maximum value of the dimension, and then the whole vector is normalized.
(IV) step S140 is specifically described.
And outputting the face recognition verification result of the user through the face recognition model so as to display the verification result on the user.
Specifically, after the face recognition model passes the identification verification, the verification of the identity of the user, the account and the operating user who currently request to log in is completed. And the server sends a verification result that the verification is passed or not passed to the client according to the verification result.
The method initially identifies or judges the identity of the user, and then judges whether the user binds an SOA account so as to initially verify the user authority and ensure the safety; the face image verification of the user is completed by using the face recognition model, and the verification accuracy and safety are improved. According to the invention, the random number and the password are combined in a preset mode, so that the combination number of each login request changes along with the change of the random number and corresponds to the user who requests to login one by one, the user cannot forge, and the safety is further improved. The face recognition model is adopted to detect, align, extract and classify the face image of the face, so that the recognition precision is further improved.
Example two
Compared with the first embodiment, the server may perform the primary identity authentication by using the secondary identity authentication (see fig. 4).
S401: the server generates an applet two-dimensional code and displays the applet two-dimensional code to the user;
the server generates a two-dimensional Code for a user to scan to open the small program, wherein a Code manufacturing method for generating the two-dimensional Code can adopt Data Matrix, Maxi Code, Aztec, QR Code, Vericode, PDF417, Ultracode, Code 49, Code 16K and the like. And the user sends a login request to the server through the applet.
S402: receiving a first login request sent by the user through an applet;
specifically, the user may send a user name to the server; after receiving the user name, the server generates a string of random numbers and responds the random numbers to the user.
S403: and generating a random number according to the user name of the user, further storing the adaptation relation between the user name and the random number, and then sending the user name and the random number to the user so that the user can encrypt the user name and the random number after combining the user name and the random number according to a preset rule.
Specifically, the server acquires a user name of a user and generates a group of random numbers, and stores the user name and the random numbers in a Session (Session: in a computer, especially in a network application, called as "Session control". the Session object stores attributes and configuration information required by a specific user Session).
Specifically, the server sends the generated random number to the user, and the user performs operation based on the random number and the password to generate a user operation result.
And allowing the user to initially log in the server under the condition that the server side operation result and the user operation result meet preset conditions.
The server configures the trust login parameters, and the analysis of the trust login parameters for the user logged in by the applet further comprises the following steps: the server receives a second login request of the user and analyzes the user name and password information of the user; firstly, the user name and the random number which are pre-stored in the home terminal are taken out; then, a user password pre-adapted to the user name is taken, and then the user password and the random array are combined and encrypted according to the same preset rule to obtain an encrypted ciphertext;
the password and the random number are combined according to a certain rule, the password of each login request is guaranteed to be different along with the difference of the random number, the random number is generated by the server, is equivalent to a public key and is unique and corresponding to the login operation, and a user cannot forge the password.
In specific implementation, there are many rules for combining the password and the random number, for example:
the password is ABCD and the random number is 1234, then the resulting combined number can be A1B2C3D4, ABCD1234, or AB12CD34, in any case, as long as it can be described by a preset program.
Encrypting the combined number based on an MD5(MD5, Message-Digest Algorithm) Algorithm to obtain a cryptogram, and sending the cryptogram to a server for request verification;
where MD5 processes incoming information in 512-bit packets, and each packet is divided into 16 32-bit sub-packets, after a series of processing, the output of the algorithm is composed of four 32-bit packets, and the concatenation of these four 32-bit packets will generate a 128-bit hash value.
First step, filling: if the length of the input information (bit) is not equal to 448 as a result of the remainder for 512, padding is required so that the result of the remainder for 512 is equal to 448. The method of padding is to pad one 1 and n 0. After filling, the length of the information is N × 512+448 (bit);
step two, recording information length: the pre-padding information length is stored with 64 bits. These 64 bits are added after the result of the first step, so that the information length becomes N512 +448+64 ═ N +1 ═ 512 bits.
Third, load standard magic numbers (four integers): the standard magic numbers (physical order) are (a ═ 01234567)16, B ═ 89ABCDEF)16, C ═ FEDCBA98)16, and D ═ 76543210) 16. If the definition in the program should be:
(A=0X67452301L,B=0XEFCDAB89L,C=0X98BADCFEL,D=0X10325476L)。
step four, four-wheel cycle operation: the number of cycles is the number of packets (N + 1).
In a specific implementation, the server provides an MD5 checksum in advance, after the user downloads the file, the MD5 algorithm is used for calculating the MD5 checksum of the downloaded file, and then whether the downloaded file is in error can be judged by checking whether the two checksums are consistent.
And comparing the password ciphertext with the password information to obtain a login request result.
And under the condition that the password ciphertext and the password information meet preset conditions, the user is allowed to log in.
EXAMPLE III
As shown in fig. 5, based on the same concept, the present invention further provides a small program login verification apparatus 500 based on face recognition, where the small program login verification apparatus 500 based on face recognition includes: a preliminary identification processing module 501, configured to configure a trust login parameter, and perform preliminary identification on the identity of a user logged in by an applet; an SOA account verification module 502, configured to determine whether the user binds to an SOA account, so as to complete account verification on the user; a face recognition module 503, configured to collect face image information of the user, and perform face recognition on the face image of the user by using a pre-trained face recognition model; a verification result display module 504, configured to output a face recognition verification result of the user through the face recognition model, so as to display the verification result on the user.
Example four
Based on the same concept, as shown in fig. 6, the present invention also provides a computer device 600, which may have relatively large differences due to different configurations or performances, and may include one or more processors 610 (CPUs) 710 (e.g., one or more processors) and a memory 620, one or more storage media 630 (e.g., one or more mass storage devices) storing applications 633 or data 632. Memory 620 and storage medium 630 may be, among other things, transient or persistent storage. The program stored in the storage medium 630 may include one or more modules (not shown), each of which may include a sequence of instructions for operating on the computer device 600. Further, the processor 610 may be configured to communicate with the storage medium 630 to execute a series of instruction operations in the storage medium 630 on the computer device 600.
The computer device 600 may also include one or more power supplies 640, one or more wired or wireless network interfaces 650, one or more input-output interfaces 660, and/or one or more operating systems 631, such as Windows Server, Mac OS X, Unix, Linux, FreeBSD, and so forth. Those skilled in the art will appreciate that the computer device configuration illustrated in FIG. 6 does not constitute a limitation of the computer device and may include more or fewer components than illustrated, or some components may be combined, or a different arrangement of components.
The computer readable instructions, when executed by the processor, cause the processor to perform the steps of:
the server configures trust login parameters, and analyzes the trust login parameters for a user logged in by an applet so as to finish primary identification on the user identity; judging whether the user binds an SOA account number or not so as to complete account verification of the user; acquiring the face image information of the user, and performing face recognition on the face image of the user by using a pre-trained face recognition model; and outputting the face recognition verification result of the user through the face recognition model so as to display the verification result on the user.
In one embodiment, the server configures a trusted login parameter that is parsed for users logged in with the applet, further comprising: the server receives a registration request of a user, judges whether the user has a trusted certificate, if so, carries out the next step, if not, further carries out login authentication on the user, distributes trusted login parameters to the user passing the login authentication, and sends a protected trusted certificate to the user; the server installs a public key on the user and saves a key of the protected certificate; and when the server receives the request data, the server firstly encrypts the data to be sent at present by the secret key so as to decrypt the data transmitted by the user by the public key.
In one embodiment, before configuring the trusted login parameter, the server further comprises: the server generates an applet two-dimensional code and displays the applet two-dimensional code to the user; receiving a first login request sent by the user through an applet; and generating a random number according to the user name of the user, further storing the adaptation relation between the user name and the random number, and then sending the user name and the random number to the user so that the user can encrypt the user name and the random number after combining the user name and the random number according to a preset rule.
In one embodiment, the server configures trust login parameters, and parsing the trust login parameters for a user logged in with an applet further comprises: the server receives a second login request of the user and analyzes the user name and password information of the user; firstly, the user name and the random number which are pre-stored by the server are taken out; then, password information pre-adapted to the user name is taken out, and then the password information and the random array are combined and encrypted according to the same preset rule to obtain an encrypted ciphertext; and comparing the password ciphertext with the password information to obtain a login request result.
In an embodiment, the determining whether the user binds to an SOA account further includes: receiving SOA account information input by the user, searching the SOA account information in a properties file, and allowing the user to input an SOA account password after the SOA account information is successfully searched; and receiving the SOA account password input by the user, searching and matching the SOA account information and the SOA account password in the properties file, determining the integrity authentication of the user information if the matched user is successful, and determining that the user binds the SOA account if the matched user passes the authentication.
In one embodiment, the performing face recognition on the face image of the user by using a pre-trained face recognition model includes: acquiring a face image; carrying out face detection on the face image by adopting a multitask cascade convolution network model to obtain a face front area; extracting a face feature vector of the face image by adopting a lightweight face recognition network model according to the face front area; and comparing the face feature vector with the sample feature vector of each face sample image in a feature database to determine a feature distance, and outputting an identification result according to the comparison result of the feature distance and an identification threshold.
In one embodiment, extracting the face feature vector of the face image by using a lightweight face recognition network model further comprises: the method comprises the steps that a 3D alignment mode is adopted in a deep face model of the server, an LBP histogram is used for carrying out picture texturing and extracting corresponding features, SVR processing is used for the extracted features to extract a face and six corresponding basic points, affine change is carried out according to the six basic points, corresponding 67 face key points are obtained according to a 3D model, then triangular division is carried out according to the points to finally obtain a corresponding 3D face, and face feature vectors of a face image are extracted; comparing the face feature vector with a sample feature vector of each face sample image in a feature database further comprises: the DeepFace model adopts a CNN structure to process the aligned human face, the human face normalization mainly changes the characteristic values of the human face to be between (0,1), and the normalization mode is as follows: firstly, normalizing each dimension, dividing each dimension by the maximum value of the dimension, then normalizing the whole vector, and respectively comparing the face feature vector subjected to face normalization processing with the sample feature vector in the feature database.
In an embodiment, a readable storage medium is provided, and when executed by one or more processors, the computer readable instructions enable the one or more processors to execute the above applet login verification method based on face recognition, and specific steps are not described herein again.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a read-only memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the same; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims (10)

1. An applet login verification method based on face recognition is characterized by comprising the following steps:
the server configures trust login parameters, and analyzes the trust login parameters for a user logged in by an applet so as to finish primary identification on the user identity;
judging whether the user binds an SOA account number or not so as to complete account verification of the user;
acquiring the face image information of the user, and performing face recognition on the face image of the user by using a pre-trained face recognition model;
and outputting the face recognition verification result of the user through the face recognition model so as to display the verification result on the user.
2. The applet login verification method according to claim 1, wherein the server configures trusted login parameters, and parsing the trusted login parameters for the user logged in by the applet further comprises:
the server receives a registration request of a user, judges whether the user has a trusted certificate, if so, carries out the next step, if not, further carries out login authentication on the user, distributes trusted login parameters to the user passing the login authentication, and sends a protected trusted certificate to the user;
the server installs a public key on the user and saves a key of the protected certificate;
and when the server receives the request data, the key encryption is firstly carried out on the data to be sent at present so as to decrypt the data transmitted by the user through the public key.
3. The applet login verification method based on face recognition according to claim 1 or 2, wherein the server before configuring the trusted login parameters further comprises:
the server generates an applet two-dimensional code and displays the applet two-dimensional code to the user;
receiving a first login request sent by the user through an applet;
and generating a random number according to the user name of the user, further storing the adaptation relation between the user name and the random number, and then sending the user name and the random number to the user so that the user can encrypt the user name and the random number after combining the user name and the random number according to a preset rule.
4. The applet login verification method based on face recognition according to claim 3, wherein the server configures the trusted login parameters, and the parsing the trusted login parameters for the user logged in by the applet further comprises:
the server receives a second login request of the user and analyzes the user name and password information of the user;
firstly, the user name and the random number which are pre-stored by the server are taken out, then the password information which is pre-adapted to the user name is taken out, and then the password information and the random number group are combined and encrypted according to the same preset rule, and then the encrypted ciphertext is obtained;
and comparing the password ciphertext with the password information to obtain a login request result.
5. The applet login verification method based on face recognition according to claim 1, wherein the determining whether the user is bound to an SOA account further comprises:
receiving SOA account information input by the user, searching the SOA account information in a properties file, and allowing the user to input an SOA account password after the SOA account information is successfully searched;
and receiving the SOA account password input by the user, searching and matching the SOA account information and the SOA account password in the properties file, determining the integrity authentication of the user information if the matched user is successful, and determining that the user binds the SOA account if the matched user passes the authentication.
6. The applet login verification method based on face recognition according to claim 1, wherein the face recognition of the face image of the user by using a pre-trained face recognition model comprises:
acquiring a face image;
carrying out face detection on the face image by adopting a multitask cascade convolution network model to obtain a face front area;
extracting a face feature vector of the face image by adopting a lightweight face recognition network model according to the face front area;
and comparing the face feature vector with the sample feature vector of each face sample image in a feature database to determine a feature distance, and outputting an identification result according to the comparison result of the feature distance and an identification threshold.
7. The applet login authentication method based on face recognition according to claim 6,
the extracting of the face feature vector of the face image by adopting the lightweight face recognition network model specifically comprises: the method comprises the steps that a 3D alignment mode is adopted in a deep face model of the server, an LBP histogram is used for carrying out picture texturing and extracting corresponding features, SVR processing is used for the extracted features to extract a face and six corresponding basic points, affine change is carried out according to the six basic points, corresponding 67 face key points are obtained according to a 3D model, then triangular division is carried out according to the points to finally obtain a corresponding 3D face, and face feature vectors of a face image are extracted;
the comparing according to the face feature vector and the sample feature vector of each face sample image in the feature database further comprises: the DeepFace model adopts a CNN structure to process the aligned human face, the human face normalization mainly changes the characteristic values of the human face to be between (0,1), and the normalization mode is as follows: firstly, normalizing each dimension, dividing each dimension by the maximum value of the dimension, then normalizing the whole vector, and respectively comparing the face feature vector subjected to face normalization processing with the sample feature vector in the feature database.
8. An applet login verification apparatus based on face recognition, comprising:
the primary identification processing module is used for configuring a trust login parameter and analyzing the trust login parameter for a user logged in by an applet so as to complete primary identification on the identity of the user;
the SOA account verification module is used for judging whether the user binds an SOA account so as to complete account verification of the user;
the face recognition module is used for acquiring the face image information of the user and carrying out face recognition on the face image of the user by using a pre-trained face recognition model;
and the verification result display module is used for outputting the face recognition verification result of the user through the face recognition model so as to display the verification result on the user.
9. A computer device, comprising:
a memory for storing a processing program;
a processor, which when executing the processing program implements the applet login authentication method based on face recognition according to any one of claims 1 to 7.
10. A readable storage medium, characterized in that the readable storage medium has stored thereon a processing program, which when executed by a processor implements the applet login authentication method based on face recognition according to any one of claims 1 to 7.
CN202210299653.9A 2022-03-25 2022-03-25 Applet login verification method, device and equipment based on face recognition and storage medium Pending CN114826604A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210299653.9A CN114826604A (en) 2022-03-25 2022-03-25 Applet login verification method, device and equipment based on face recognition and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210299653.9A CN114826604A (en) 2022-03-25 2022-03-25 Applet login verification method, device and equipment based on face recognition and storage medium

Publications (1)

Publication Number Publication Date
CN114826604A true CN114826604A (en) 2022-07-29

Family

ID=82531086

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210299653.9A Pending CN114826604A (en) 2022-03-25 2022-03-25 Applet login verification method, device and equipment based on face recognition and storage medium

Country Status (1)

Country Link
CN (1) CN114826604A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115879076A (en) * 2022-12-09 2023-03-31 山东和同信息科技股份有限公司 Intelligent heat supply management system based on cloud computing
CN116453196A (en) * 2023-04-22 2023-07-18 北京易知环宇文化传媒有限公司 Face recognition method and system

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115879076A (en) * 2022-12-09 2023-03-31 山东和同信息科技股份有限公司 Intelligent heat supply management system based on cloud computing
CN115879076B (en) * 2022-12-09 2023-05-26 山东和同信息科技股份有限公司 Intelligent heat supply management system based on cloud computing
CN116453196A (en) * 2023-04-22 2023-07-18 北京易知环宇文化传媒有限公司 Face recognition method and system
CN116453196B (en) * 2023-04-22 2023-11-17 深圳市中惠伟业科技有限公司 Face recognition method and system

Similar Documents

Publication Publication Date Title
US10484178B2 (en) Systems and methods for providing a universal decentralized solution for verification of users with cross-verification features
US9954842B2 (en) Method, client, server and system of login verification
US20180343120A1 (en) Systems and methods for providing a universal decentralized solution for verification of users with cross-verification features
CN111466097B (en) Server-assisted privacy preserving biometric comparison
US9152869B2 (en) Biometric authentication systems and methods
US20180115426A1 (en) Systems and methods for providing a universal decentralized solution for verification of users with cross-verification features
EP3121991B1 (en) System and method of user authentication using digital signatures
TW202026984A (en) User identity verification method, device and system
CN114826604A (en) Applet login verification method, device and equipment based on face recognition and storage medium
CN111915306B (en) Service data verification method and verification platform
CN111415163A (en) Service processing and verifying method, system and verifying node based on block chain
EP3206329B1 (en) Security check method, device, terminal and server
CN110290134A (en) A kind of identity identifying method, device, storage medium and processor
US20230050280A1 (en) Computer-implemented user identity verification method
CN111949986A (en) Service processing method, system and storage medium
CN111949972A (en) Verification method, system, equipment and storage medium of artificial intelligence model
CN111581661A (en) Terminal management method and device based on biological feature recognition and computer equipment
WO2022042745A1 (en) Key management method and apparatus
CN116018590A (en) Dynamic privacy protection application authentication
US8910260B2 (en) System and method for real time secure image based key generation using partial polygons assembled into a master composite image
Xu et al. A secure mobile payment framework based on face authentication
CN114625756A (en) Data query method and device and server
CN115280309A (en) Method, system and computer program product for authentication
CN111695096B (en) Identity verification method and device
CN114598528B (en) Identity authentication method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination