CN117407857A - Medical application program authorization authentication method and related equipment thereof - Google Patents

Medical application program authorization authentication method and related equipment thereof Download PDF

Info

Publication number
CN117407857A
CN117407857A CN202311306357.8A CN202311306357A CN117407857A CN 117407857 A CN117407857 A CN 117407857A CN 202311306357 A CN202311306357 A CN 202311306357A CN 117407857 A CN117407857 A CN 117407857A
Authority
CN
China
Prior art keywords
login
authentication
target
authorization
mobile phone
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311306357.8A
Other languages
Chinese (zh)
Inventor
乐志亮
黄璟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Health Insurance Company of China Ltd
Original Assignee
Ping An Health Insurance Company of China Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Health Insurance Company of China Ltd filed Critical Ping An Health Insurance Company of China Ltd
Priority to CN202311306357.8A priority Critical patent/CN117407857A/en
Publication of CN117407857A publication Critical patent/CN117407857A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Medical Treatment And Welfare Office Work (AREA)

Abstract

The embodiment of the application belongs to the technical field of digital medical treatment, is applied to a medical application login scene, and relates to a medical application authorization authentication method and related equipment, wherein the medical application authorization authentication method comprises the steps of receiving a medical application login authentication request sent by a target client; analyzing the login authentication request to obtain an authorization code for login authentication; authenticating the authorization code through a preset authentication center to obtain target login identification information and a login permission token; returning the target login identification information to the target client, and screening out the program function of the target client with access rights from the medical application program according to the login rights token; unlocking the program function at the target client so that the program function is in an accessible state, and completing the authorization authentication of the medical application program. The authorization code is convenient for the subsequent and rapid allocation of corresponding application program functions to the client, and is also convenient for timely sending information update prompts to the client.

Description

Medical application program authorization authentication method and related equipment thereof
Technical Field
The application relates to the technical field of digital medical treatment, and is applied to a medical application program login scene, in particular to a medical application program authorization authentication method and related equipment thereof.
Background
Along with the development of the computer industry and artificial intelligence and the coming of the big data age, the traditional medical mode is gradually converted into the digital medical mode. Currently, in order to perfect the construction of digital medical systems, various medical applications such as bean sprouts, new oxygen doctors, jingle medicines and the like have been proposed, and the generation of such applications is originally intended to be convenient for the national people to better and more conveniently receive medical services.
Although medical application programs bring better and more convenient services to the national citizens, at present, some problems still exist, such as on the registration of medical application programs, on the authorization of service functions, the problem of medical application program registration from multiple popularization channels, such as WeChat authorization registration, apple authorization registration, three-party platform account number and password joint registration, tremble voice authorization registration and the like, exist, and because the registration of medical application programs by multiple popularization channels often leads to the fact that after registration, functions of strong binding of mobile phone numbers or personal identity information in medical application programs cannot be used, the problem of the need of authorization authentication function perfection exists on the medical application program registration from multiple popularization channels at present.
Disclosure of Invention
The embodiment of the application aims to provide a medical application authorization and authentication method and related equipment thereof, so as to realize perfect authorization and authentication functions of medical applications registered from multiple popularization and aggregation channels.
In order to solve the above technical problems, the embodiment of the present application provides a medical application authorization authentication method, which adopts the following technical scheme:
a medical application authorization authentication method, comprising the steps of:
receiving a medical application program login authentication request sent by a target client, wherein the login authentication request carries an authorization code for login authentication;
analyzing the login authentication request to obtain the authorization code for login authentication;
authenticating the authorization code through a preset authentication center to obtain target login identification information and a login permission token corresponding to the target login identification information;
returning the target login identification information to the target client, and screening out the program function of the target client with access rights from the medical application program according to the login rights token;
unlocking the program function at the target client so that the program function is in an accessible state, and completing authorization authentication of the medical application program.
Further, the preset authentication center includes a login authentication portion and an authority authentication portion, and the step of authenticating the authorization code through the preset authentication center to obtain target login identification information and a login authority token corresponding to the target login identification information specifically includes:
performing login authentication on the authorization code through the login authentication part to obtain target login identification information;
and carrying out authority authentication on the authorization code through the authority authentication part to obtain a login authority token corresponding to the target login identification information.
Further, before the step of performing the authority authentication on the authorization code by the authority authentication part to obtain the login authority token corresponding to the target login identification information, the method further includes:
acquiring a scope defined in advance according to the access authority range of a target client, wherein different scopes correspond to different access authority ranges;
and starting a preset login right token authorization server, wherein the login right token authorization server is an oauth 2.0-based login right token authorization server, and the oauth 2.0-based login right token authorization server comprises the steps of generating corresponding login right tokens according to different acting fields, distributing authorization codes for client users with different login identification information according to registration information in a registration stage, and authorizing the corresponding login right tokens for the different authorization codes.
Further, the step of obtaining the login permission token corresponding to the target login identification information by performing permission authentication on the authorization code through the permission authentication part specifically includes:
when the authorization code for login authentication is obtained, automatically triggering an authority authentication request according to a preset triggering component, and adding the target login identification information and the authorization code into the authority authentication request as carrying information;
identifying a login rights token authorized by the login rights token authorization server for the authorization code in a registration stage through the rights authentication request and the rights authentication part;
and taking the login permission token as the login permission token corresponding to the target login identification information.
Further, the step of assigning authorization codes to the client users with different login identification information according to the registration information in the registration stage specifically includes:
obtaining the registration information through a data analysis mode;
identifying whether the registration information is bound with a mobile phone number or not, and whether a user corresponding to the mobile phone number is a member user or not;
if the registration information is not bound with the mobile phone number, a first authorization code is allocated for the client user of the target login identification information corresponding to the registration information;
If the registration information binds a mobile phone number, but a user corresponding to the mobile phone number is a non-member user, a second type authorization code is allocated to a client user of the target login identification information corresponding to the registration information;
if the registration information binds a mobile phone number and the user corresponding to the mobile phone number is a member user, a third type authorization code is allocated to the client user of the target login identification information corresponding to the registration information,
the scope range of the login permission token corresponding to the third type authorization code is larger than the scope range of the login permission token corresponding to the second type authorization code, the scope range of the login permission token corresponding to the second type authorization code is larger than the scope range of the login permission token corresponding to the first type authorization code, and the scope range refers to the access permission range corresponding to the scope.
Further, after the step of identifying, by the rights authentication request and the rights authentication section, a login rights token authorized by the login rights token authorization server for the authorization code in the registration stage, the method further includes:
identifying whether a target client for login authentication request is bound with a mobile phone number or not according to the category of the authorization code, and whether a user corresponding to the mobile phone number is a member user or not, wherein the category of the authorization code comprises a first type authorization code, a second type authorization code and a third type authorization code;
If the target client side carrying out the login authentication request does not bind the mobile phone number, a mobile phone number binding prompt is sent to the target client side;
if the target client side carrying out the login authentication request binds the mobile phone number, identifying whether the current mobile phone number of the target client side is consistent with the bound mobile phone number;
if the current mobile phone number of the target client is consistent with the bound mobile phone number and the user corresponding to the mobile phone number is a non-member user, a member joining prompt is sent to the target client;
if the current mobile phone number of the target client is consistent with the bound mobile phone number and the user corresponding to the mobile phone number is a member user, a login permission token update prompt is sent to the target client;
and if the current mobile phone number of the target client is inconsistent with the bound mobile phone number, sending a bound mobile phone number updating prompt to the target client.
Further, the step of returning the target login identification information to the target client and screening the program function of the target client with the access right from the medical application program according to the login right token specifically includes:
Identifying a scope corresponding to the login permission token through the permission authentication part;
determining the access authority range of the target client according to the scope;
screening the program functions from the medical application program based on the access authority range;
the step of unlocking the program function at the target client to enable the program function to be in an accessible state and completing authorization authentication of the medical application program specifically comprises the following steps:
mapping the program function to the target client, setting the program function to be in an accessible state, and completing authorization authentication of the medical application program.
In order to solve the above technical problems, the embodiments of the present application further provide a medical application authorization authentication device, which adopts the following technical scheme:
a medical application authorization authentication device, comprising:
the login authentication request receiving module is used for receiving a medical application login authentication request sent by a target client, wherein the login authentication request carries an authorization code for login authentication;
the login authentication request analysis module is used for analyzing the login authentication request and obtaining the authorization code for login authentication;
The authentication center authentication module is used for authenticating the authorization code through a preset authentication center to obtain target login identification information and a login permission token corresponding to the target login identification information;
the target program function screening module is used for returning the target login identification information to the target client and screening out the program function of the target client with access rights from the medical application program according to the login rights token;
and the target program function unlocking module is used for unlocking the program function at the target client so that the program function is in an accessible state and the authorization authentication of the medical application program is completed.
In order to solve the above technical problems, the embodiments of the present application further provide a computer device, which adopts the following technical schemes:
a computer device comprising a memory having stored therein computer readable instructions which when executed by the processor implement the steps of the medical application authorization authentication method described above.
In order to solve the above technical problems, embodiments of the present application further provide a computer readable storage medium, which adopts the following technical solutions:
A computer readable storage medium having stored thereon computer readable instructions which when executed by a processor implement the steps of a medical application authorization authentication method as described above.
Compared with the prior art, the embodiment of the application has the following main beneficial effects:
according to the medical application program authorization authentication method, a medical application program login authentication request sent by a target client is received, wherein the login authentication request carries an authorization code for login authentication; analyzing the login authentication request to obtain the authorization code for login authentication; authenticating the authorization code through a preset authentication center to obtain target login identification information and a login permission token corresponding to the target login identification information; returning the target login identification information to the target client, and screening out the program function of the target client with access rights from the medical application program according to the login rights token; unlocking the program function at the target client so that the program function is in an accessible state, and completing authorization authentication of the medical application program. The authorization code is convenient for the subsequent and rapid allocation of corresponding application program functions to the client, and is also convenient for timely sending information update prompts to the client.
Drawings
For a clearer description of the solution in the present application, a brief description will be given below of the drawings that are needed in the description of the embodiments of the present application, it being obvious that the drawings in the following description are some embodiments of the present application, and that other drawings may be obtained from these drawings without inventive effort for a person of ordinary skill in the art.
FIG. 1 is an exemplary system architecture diagram in which the present application may be applied;
FIG. 2 is a flow chart of one embodiment of a medical application authorization authentication method according to the present application;
FIG. 3 is a flow chart of one embodiment of step 203 shown in FIG. 2;
FIG. 4 is a flow chart of one embodiment of step 302 shown in FIG. 3;
FIG. 5 is a schematic structural view of one embodiment of a medical application authorization authentication device according to the present application;
FIG. 6 is a schematic diagram illustrating the construction of one embodiment of the authorization code assignment module 506 in a medical application authorization authentication device according to the present application;
FIG. 7 is a schematic diagram illustrating the structure of one embodiment of the target information adjustment module 507 in a medical application authorization authentication device according to the present application;
FIG. 8 is a schematic structural diagram of one embodiment of a computer device according to the present application.
Detailed Description
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs; the terminology used in the description of the applications herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application; the terms "comprising" and "having" and any variations thereof in the description and claims of the present application and in the description of the figures above are intended to cover non-exclusive inclusions. The terms first, second and the like in the description and in the claims or in the above-described figures, are used for distinguishing between different objects and not necessarily for describing a sequential or chronological order.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment may be included in at least one embodiment of the present application. The appearances of such phrases in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. Those of skill in the art will explicitly and implicitly appreciate that the embodiments described herein may be combined with other embodiments.
In order to better understand the technical solutions of the present application, the following description will clearly and completely describe the technical solutions in the embodiments of the present application with reference to the accompanying drawings.
As shown in fig. 1, a system architecture 100 may include terminal devices 101, 102, 103, a network 104, and a server 105. The network 104 is used as a medium to provide communication links between the terminal devices 101, 102, 103 and the server 105. The network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, among others.
The user may interact with the server 105 via the network 104 using the terminal devices 101, 102, 103 to receive or send messages or the like. Various communication client applications, such as a web browser application, a shopping class application, a search class application, an instant messaging tool, a mailbox client, social platform software, etc., may be installed on the terminal devices 101, 102, 103.
The terminal devices 101, 102, 103 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smartphones, tablet computers, electronic book readers, MP3 players (Moving Picture ExpertsGroup Audio Layer III, dynamic video expert compression standard audio plane 3), MP4 (Moving PictureExperts Group Audio Layer IV, dynamic video expert compression standard audio plane 4) players, laptop and desktop computers, and the like.
The server 105 may be a server providing various services, such as a background server providing support for pages displayed on the terminal devices 101, 102, 103.
It should be noted that, the medical application authorization and authentication method provided in the embodiments of the present application is generally executed by a server/terminal device, and accordingly, the medical application authorization and authentication device is generally disposed in the server/terminal device.
It should be understood that the number of terminal devices, networks and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
With continued reference to fig. 2, a flow chart of one embodiment of a medical application authorization authentication method according to the present application is shown. The medical application program authorization authentication method comprises the following steps:
step 201, receiving a login authentication request of a medical application program sent by a target client, wherein the login authentication request carries an authorization code for login authentication.
In this embodiment, the authorization code for login authentication is an authorization code allocated by a preset login permission token authorization server to client users with different login identification information according to registration information in a registration stage, and in general, different users have different authorization codes, and users with the same authorization have the same type of authorization code.
In this embodiment, the target client includes a mobile phone client or a computer client, and the medical application program is, for example, a safe doctor.
Step 202, analyzing the login authentication request to obtain the authorization code for login authentication.
And 203, authenticating the authorization code through a preset authentication center to obtain target login identification information and a login permission token corresponding to the target login identification information.
In this embodiment, the preset authentication center includes a login authentication part and a permission authentication part.
With continued reference to fig. 3, fig. 3 is a flow chart of one embodiment of step 203 shown in fig. 2, comprising:
step 301, performing login authentication on the authorization code through the login authentication part to obtain target login identification information;
and 302, performing authority authentication on the authorization code through the authority authentication part to obtain a login authority token corresponding to the target login identification information.
In this embodiment, before executing the step of performing authority authentication on the authorization code by the authority authentication portion to obtain the login authority token corresponding to the target login identification information, the method further includes: acquiring a scope defined in advance according to the access authority range of a target client, wherein different scopes correspond to different access authority ranges; and starting a preset login right token authorization server, wherein the login right token authorization server is an oauth 2.0-based login right token authorization server, and the oauth 2.0-based login right token authorization server comprises the steps of generating corresponding login right tokens according to different acting fields, distributing authorization codes for client users with different login identification information according to registration information in a registration stage, and authorizing the corresponding login right tokens for the different authorization codes.
In this embodiment, the step of assigning authorization codes to client users with different login identification information according to the registration information in the registration stage specifically includes: obtaining the registration information through a data analysis mode; identifying whether the registration information is bound with a mobile phone number or not, and whether a user corresponding to the mobile phone number is a member user or not; if the registration information is not bound with the mobile phone number, a first authorization code is allocated for the client user of the target login identification information corresponding to the registration information; if the registration information binds a mobile phone number, but a user corresponding to the mobile phone number is a non-member user, a second type authorization code is allocated to a client user of the target login identification information corresponding to the registration information; if the registration information binds a mobile phone number and the user corresponding to the mobile phone number is a member user, a third type authorization code is allocated to the client user of the target login identification information corresponding to the registration information, wherein the scope of the login permission token corresponding to the third type authorization code is larger than that of the login permission token corresponding to the second type authorization code, the scope of the login permission token corresponding to the second type authorization code is larger than that of the login permission token corresponding to the first type authorization code, and the scope refers to the access permission scope corresponding to the scope.
Different types of authorization codes are distributed for the client users of the corresponding target login identification information according to the registration information, so that corresponding application program functions can be distributed for the clients conveniently and rapidly according to related information such as mobile phone numbers, members and the like.
With continued reference to FIG. 4, FIG. 4 is a flow chart of one embodiment of step 302 shown in FIG. 3, including:
step 401, when the authorization code for login authentication is obtained, automatically triggering a permission authentication request according to a preset triggering component, and adding the target login identification information and the authorization code as carrying information into the permission authentication request;
step 402, identifying the login authority token authorized by the login authority token authorization server for the authorization code in the registration stage through the authority authentication request and the authority authentication part;
in this embodiment, after the step of identifying, by the rights authentication request and the rights authentication section, the login rights token authorized by the login rights token authorization server for the authorization code in the registration stage, the method further includes: identifying whether a target client for login authentication request is bound with a mobile phone number or not according to the category of the authorization code, and whether a user corresponding to the mobile phone number is a member user or not, wherein the category of the authorization code comprises a first type authorization code, a second type authorization code and a third type authorization code; if the target client side carrying out the login authentication request does not bind the mobile phone number, a mobile phone number binding prompt is sent to the target client side; if the target client side carrying out the login authentication request binds the mobile phone number, identifying whether the current mobile phone number of the target client side is consistent with the bound mobile phone number; if the current mobile phone number of the target client is consistent with the bound mobile phone number and the user corresponding to the mobile phone number is a non-member user, a member joining prompt is sent to the target client; if the current mobile phone number of the target client is consistent with the bound mobile phone number and the user corresponding to the mobile phone number is a member user, a login permission token update prompt is sent to the target client; and if the current mobile phone number of the target client is inconsistent with the bound mobile phone number, sending a bound mobile phone number updating prompt to the target client.
According to the category of the authorization code, whether the target client is bound with the mobile phone number, whether the target client is a member user or not, whether the mobile phone number bound during registration is consistent with the mobile phone number used by the current login or not is rapidly identified, and the method is convenient to combine with a mobile phone number strong binding mode and send an information updating prompt to the client in time. Moreover, because of the one-to-one binding relationship between the personal mobile phone number and the identity card information at present, the mobile phone number strong binding mode can rapidly identify the identity information of the corresponding medical application program corresponding to the user, and is convenient for popularization of the medical application program.
And step 403, using the login permission token as the login permission token corresponding to the target login identification information.
And 204, returning the target login identification information to the target client, and screening out the program function of the target client with the access right from the medical application program according to the login right token.
In this embodiment, the step of returning the target login identification information to the target client, and screening the program function of the target client with the access right from the medical application according to the login right token specifically includes: identifying a scope corresponding to the login permission token through the permission authentication part; determining the access authority range of the target client according to the scope; and screening the program functions from the medical application program based on the access authority range.
Step 205, unlocking the program function at the target client, so that the program function is in an accessible state, and completing authorization authentication of the medical application program.
In this embodiment, the step of unlocking the program function at the target client to enable the program function to be in an accessible state and complete authorization and authentication of the medical application program specifically includes: mapping the program function to the target client, setting the program function to be in an accessible state, and completing authorization authentication of the medical application program.
The method comprises the steps of receiving a medical application login authentication request sent by a target client, wherein the login authentication request carries an authorization code for login authentication; analyzing the login authentication request to obtain the authorization code for login authentication; authenticating the authorization code through a preset authentication center to obtain target login identification information and a login permission token corresponding to the target login identification information; returning the target login identification information to the target client, and screening out the program function of the target client with access rights from the medical application program according to the login rights token; unlocking the program function at the target client so that the program function is in an accessible state, and completing authorization authentication of the medical application program. By distributing authorization codes of different categories for the client users of the corresponding target login identification information according to the registration information, the corresponding application program functions can be distributed to the clients rapidly according to the related information such as mobile phone numbers, members and the like, whether the target clients bind the mobile phone numbers, whether the mobile phone numbers are member users or not and whether the mobile phone numbers bound during registration are consistent with the mobile phone numbers used in the current login can be rapidly identified according to the categories of the authorization codes, and the information updating prompt can be sent to the clients in time by combining the mobile phone number strong binding mode conveniently.
The embodiment of the application can acquire and process the related data based on the artificial intelligence technology. Among these, artificial intelligence (Artificial Intelligence, AI) is the theory, method, technique and application system that uses a digital computer or a digital computer-controlled machine to simulate, extend and extend human intelligence, sense the environment, acquire knowledge and use knowledge to obtain optimal results.
Artificial intelligence infrastructure technologies generally include technologies such as sensors, dedicated artificial intelligence chips, cloud computing, distributed storage, big data processing technologies, operation/interaction systems, mechatronics, and the like. The artificial intelligence software technology mainly comprises a computer vision technology, a robot technology, a biological recognition technology, a voice processing technology, a natural language processing technology, machine learning/deep learning and other directions.
In the embodiment of the application, a login authentication request of a medical application program sent by a target client is received, wherein the login authentication request carries an authorization code for login authentication; analyzing the login authentication request to obtain the authorization code for login authentication; authenticating the authorization code through a preset authentication center to obtain target login identification information and a login permission token corresponding to the target login identification information; returning the target login identification information to the target client, and screening out the program function of the target client with access rights from the medical application program according to the login rights token; unlocking the program function at the target client so that the program function is in an accessible state, and completing authorization authentication of the medical application program. By distributing authorization codes of different categories for the client users of the corresponding target login identification information according to the registration information, the corresponding application program functions can be distributed to the clients rapidly according to the related information such as mobile phone numbers, members and the like, whether the target clients bind the mobile phone numbers, whether the mobile phone numbers are member users or not and whether the mobile phone numbers bound during registration are consistent with the mobile phone numbers used in the current login can be rapidly identified according to the categories of the authorization codes, and the information updating prompt can be sent to the clients in time by combining the mobile phone number strong binding mode conveniently.
With further reference to fig. 5, as an implementation of the method shown in fig. 2 described above, the present application provides an embodiment of a medical application authorization authentication apparatus, which corresponds to the method embodiment shown in fig. 2, and which is particularly applicable to various electronic devices.
As shown in fig. 5, the medical application authorization authentication device 500 according to the present embodiment includes: a login authentication request receiving module 501, a login authentication request analyzing module 502, an authentication center authenticating module 503, a target program function screening module 504, and a target program function unlocking module 505. Wherein:
a login authentication request receiving module 501, configured to receive a medical application login authentication request sent by a target client, where the login authentication request carries an authorization code for login authentication;
a login authentication request analysis module 502, configured to analyze the login authentication request and obtain the authorization code for login authentication;
an authentication center authentication module 503, configured to authenticate the authorization code through a preset authentication center, and obtain target login identification information and a login permission token corresponding to the target login identification information;
A target program function screening module 504, configured to return the target login identification information to the target client, and screen, according to the login permission token, a program function of the target client that has access permission from the medical application;
and the target program function unlocking module 505 is configured to unlock the program function at the target client, so that the program function is in an accessible state, and complete authorization authentication of the medical application program.
With continued reference to fig. 6, in some embodiments of the present application, the medical application authorization authentication device 500 further includes an authorization code allocation module 506, where the authorization code allocation module 506 includes a registration information parsing sub-module 601, a registration information identifying sub-module 602, a first allocation sub-module 603, a second allocation sub-module 604, and a third allocation sub-module 605. Wherein:
a registration information analysis sub-module 601, configured to obtain the registration information through a data analysis manner;
a registration information identifying sub-module 602, configured to identify whether the registration information is bound to a mobile phone number, and whether a user corresponding to the mobile phone number is a member user;
a first allocation submodule 603, configured to allocate a first type authorization code to a client user of target login identification information corresponding to the registration information if the registration information is not bound to a mobile phone number;
A second allocation submodule 604, configured to allocate a second type authorization code to a client user of the target login identification information corresponding to the registration information if the registration information binds a mobile phone number, but the user corresponding to the mobile phone number is a non-member user;
and a third allocation submodule 605, configured to allocate a third class authorization code to a client user of the target login identification information corresponding to the registration information if the registration information binds a mobile phone number and the user corresponding to the mobile phone number is a member user, where a scope of a login permission token corresponding to the third class authorization code is greater than a scope of a login permission token corresponding to the second class authorization code, and the scope of the login permission token corresponding to the second class authorization code is greater than a scope of a login permission token corresponding to the first class authorization code, and the scope refers to an access permission scope corresponding to the scope.
With continued reference to fig. 7, in some embodiments of the present application, the medical application authorization authentication device 500 further includes a target information adjustment module 507, where the target information adjustment module 507 includes a target information first recognition sub-module 701, a first prompt sub-module 702, a target information second recognition sub-module 703, a second prompt sub-module 704, a third prompt sub-module 705, and a fourth prompt sub-module 706. Wherein:
A target information first identifying sub-module 701, configured to identify, according to the class of the authorization codes, whether a target client performing a login authentication request is bound to a mobile phone number, and whether a user corresponding to the mobile phone number is a member user, where the class of the authorization codes includes a first class authorization code, a second class authorization code, and a third class authorization code;
a first prompting sub-module 702, configured to send a mobile phone number binding prompt to the target client if the target client performing the login authentication request does not bind the mobile phone number;
a second target information identifying sub-module 703, configured to identify whether the current mobile phone number of the target client is consistent with the bound mobile phone number if the mobile phone number is bound to the target client that performs the login authentication request;
a second prompt sub-module 704, configured to send a member joining prompt to the target client if the current mobile phone number of the target client is consistent with the bound mobile phone number and the user corresponding to the mobile phone number is a non-member user;
a third prompt sub-module 705, configured to send a login permission token update prompt to the target client if the current mobile phone number of the target client is consistent with the bound mobile phone number and the user corresponding to the mobile phone number is a member user;
And the fourth prompting sub-module 706 is configured to send a binding mobile phone number update prompt to the target client if the current mobile phone number of the target client is inconsistent with the binding mobile phone number.
The method comprises the steps of receiving a medical application login authentication request sent by a target client, wherein the login authentication request carries an authorization code for login authentication; analyzing the login authentication request to obtain the authorization code for login authentication; authenticating the authorization code through a preset authentication center to obtain target login identification information and a login permission token corresponding to the target login identification information; returning the target login identification information to the target client, and screening out the program function of the target client with access rights from the medical application program according to the login rights token; unlocking the program function at the target client so that the program function is in an accessible state, and completing authorization authentication of the medical application program. By distributing authorization codes of different categories for the client users of the corresponding target login identification information according to the registration information, the corresponding application program functions can be distributed to the clients rapidly according to the related information such as mobile phone numbers, members and the like, whether the target clients bind the mobile phone numbers, whether the mobile phone numbers are member users or not and whether the mobile phone numbers bound during registration are consistent with the mobile phone numbers used in the current login can be rapidly identified according to the categories of the authorization codes, and the information updating prompt can be sent to the clients in time by combining the mobile phone number strong binding mode conveniently.
Those skilled in the art will appreciate that implementing all or part of the above described embodiment methods may be accomplished by computer readable instructions, stored on a computer readable storage medium, that the program when executed may comprise the steps of embodiments of the methods described above. The storage medium may be a nonvolatile storage medium such as a magnetic disk, an optical disk, a Read-Only Memory (ROM), or a random access Memory (Random Access Memory, RAM).
It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, these steps are not necessarily performed in order as indicated by the arrows. The steps are not strictly limited in order and may be performed in other orders, unless explicitly stated herein. Moreover, at least some of the steps in the flowcharts of the figures may include a plurality of sub-steps or stages that are not necessarily performed at the same time, but may be performed at different times, the order of their execution not necessarily being sequential, but may be performed in turn or alternately with other steps or at least a portion of the other steps or stages.
In order to solve the technical problems, the embodiment of the application also provides computer equipment. Referring specifically to fig. 8, fig. 8 is a basic structural block diagram of a computer device according to the present embodiment.
The computer device 8 comprises a memory 8a, a processor 8b, a network interface 8c communicatively connected to each other via a system bus. It should be noted that only computer device 8 having components 8a-8c is shown in the figures, but it should be understood that not all of the illustrated components need be implemented, and that more or fewer components may alternatively be implemented. It will be appreciated by those skilled in the art that the computer device herein is a device capable of automatically performing numerical calculations and/or information processing in accordance with predetermined or stored instructions, the hardware of which includes, but is not limited to, microprocessors, application specific integrated circuits (Application Specific Integrated Circuit, ASICs), programmable gate arrays (fields-Programmable Gate Array, FPGAs), digital processors (Digital Signal Processor, DSPs), embedded devices, etc.
The computer equipment can be a desktop computer, a notebook computer, a palm computer, a cloud server and other computing equipment. The computer equipment can perform man-machine interaction with a user through a keyboard, a mouse, a remote controller, a touch pad or voice control equipment and the like.
The memory 8a includes at least one type of readable storage medium including flash memory, hard disk, multimedia card, card memory (e.g., SD or DX memory, etc.), random Access Memory (RAM), static Random Access Memory (SRAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), programmable Read Only Memory (PROM), magnetic memory, magnetic disk, optical disk, etc. In some embodiments, the storage 8a may be an internal storage unit of the computer device 8, such as a hard disk or a memory of the computer device 8. In other embodiments, the memory 8a may also be an external storage device of the computer device 8, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash Card (Flash Card) or the like, which are provided on the computer device 8. Of course, the memory 8a may also comprise both an internal memory unit of the computer device 8 and an external memory device. In this embodiment, the memory 8a is typically used to store an operating system and various application software installed on the computer device 8, such as computer readable instructions for a medical application authorization authentication method. Further, the memory 8a may be used to temporarily store various types of data that have been output or are to be output.
The processor 8b may be a central processing unit (Central Processing Unit, CPU), controller, microcontroller, microprocessor, or other data processing chip in some embodiments. The processor 8b is typically used to control the overall operation of the computer device 8. In this embodiment, the processor 8b is configured to execute computer readable instructions stored in the memory 8a or process data, such as computer readable instructions for executing the medical application authorization authentication method.
The network interface 8c may comprise a wireless network interface or a wired network interface, which network interface 8c is typically used to establish a communication connection between the computer device 8 and other electronic devices.
The computer equipment provided by the embodiment belongs to the technical field of digital medical treatment, and is applied to a medical application program login scene. The method comprises the steps of receiving a medical application login authentication request sent by a target client, wherein the login authentication request carries an authorization code for login authentication; analyzing the login authentication request to obtain the authorization code for login authentication; authenticating the authorization code through a preset authentication center to obtain target login identification information and a login permission token corresponding to the target login identification information; returning the target login identification information to the target client, and screening out the program function of the target client with access rights from the medical application program according to the login rights token; unlocking the program function at the target client so that the program function is in an accessible state, and completing authorization authentication of the medical application program. By distributing authorization codes of different categories for the client users of the corresponding target login identification information according to the registration information, the corresponding application program functions can be distributed to the clients rapidly according to the related information such as mobile phone numbers, members and the like, whether the target clients bind the mobile phone numbers, whether the mobile phone numbers are member users or not and whether the mobile phone numbers bound during registration are consistent with the mobile phone numbers used in the current login can be rapidly identified according to the categories of the authorization codes, and the information updating prompt can be sent to the clients in time by combining the mobile phone number strong binding mode conveniently.
The present application also provides another embodiment, namely, a computer readable storage medium storing computer readable instructions executable by a processor to cause the processor to perform the steps of the medical application authorization authentication method as described above.
The computer readable storage medium provided by the embodiment belongs to the technical field of digital medical treatment, and is applied to a medical application program login scene. The method comprises the steps of receiving a medical application login authentication request sent by a target client, wherein the login authentication request carries an authorization code for login authentication; analyzing the login authentication request to obtain the authorization code for login authentication; authenticating the authorization code through a preset authentication center to obtain target login identification information and a login permission token corresponding to the target login identification information; returning the target login identification information to the target client, and screening out the program function of the target client with access rights from the medical application program according to the login rights token; unlocking the program function at the target client so that the program function is in an accessible state, and completing authorization authentication of the medical application program. By distributing authorization codes of different categories for the client users of the corresponding target login identification information according to the registration information, the corresponding application program functions can be distributed to the clients rapidly according to the related information such as mobile phone numbers, members and the like, whether the target clients bind the mobile phone numbers, whether the mobile phone numbers are member users or not and whether the mobile phone numbers bound during registration are consistent with the mobile phone numbers used in the current login can be rapidly identified according to the categories of the authorization codes, and the information updating prompt can be sent to the clients in time by combining the mobile phone number strong binding mode conveniently.
From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk), comprising several instructions for causing a terminal device (which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) to perform the method described in the embodiments of the present application.
It is apparent that the embodiments described above are only some embodiments of the present application, but not all embodiments, the preferred embodiments of the present application are given in the drawings, but not limiting the patent scope of the present application. This application may be embodied in many different forms, but rather, embodiments are provided in order to provide a more thorough understanding of the present disclosure. Although the present application has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that modifications may be made to the embodiments described in the foregoing, or equivalents may be substituted for elements thereof. All equivalent structures made by the specification and the drawings of the application are directly or indirectly applied to other related technical fields, and are also within the protection scope of the application.

Claims (10)

1. A medical application authorization authentication method, comprising the steps of:
receiving a medical application program login authentication request sent by a target client, wherein the login authentication request carries an authorization code for login authentication;
analyzing the login authentication request to obtain the authorization code for login authentication;
authenticating the authorization code through a preset authentication center to obtain target login identification information and a login permission token corresponding to the target login identification information;
returning the target login identification information to the target client, and screening out the program function of the target client with access rights from the medical application program according to the login rights token;
unlocking the program function at the target client so that the program function is in an accessible state, and completing authorization authentication of the medical application program.
2. The medical application authorization authentication method according to claim 1, wherein the preset authentication center includes a login authentication part and a permission authentication part, and the step of authenticating the authorization code through the preset authentication center to obtain target login identification information and a login permission token corresponding to the target login identification information specifically includes:
Performing login authentication on the authorization code through the login authentication part to obtain target login identification information;
and carrying out authority authentication on the authorization code through the authority authentication part to obtain a login authority token corresponding to the target login identification information.
3. The medical application authorization authentication method according to claim 2, wherein before the step of obtaining a login permission token corresponding to the target login identification information by performing permission authentication on the authorization code by the permission authentication section, the method further comprises:
acquiring a scope defined in advance according to the access authority range of a target client, wherein different scopes correspond to different access authority ranges;
and starting a preset login right token authorization server, wherein the login right token authorization server is an oauth 2.0-based login right token authorization server, and the oauth 2.0-based login right token authorization server comprises the steps of generating corresponding login right tokens according to different acting fields, distributing authorization codes for client users with different login identification information according to registration information in a registration stage, and authorizing the corresponding login right tokens for the different authorization codes.
4. The medical application authorization authentication method according to claim 2, wherein the step of obtaining the login permission token corresponding to the target login identification information by performing permission authentication on the authorization code by the permission authentication section specifically includes:
when the authorization code for login authentication is obtained, automatically triggering an authority authentication request according to a preset triggering component, and adding the target login identification information and the authorization code into the authority authentication request as carrying information;
identifying a login rights token authorized by the login rights token authorization server for the authorization code in a registration stage through the rights authentication request and the rights authentication part;
and taking the login permission token as the login permission token corresponding to the target login identification information.
5. A medical application authorization authentication method according to claim 3, wherein the step of assigning authorization codes to client users of different login identification information according to registration information in the registration stage specifically comprises:
obtaining the registration information through a data analysis mode;
identifying whether the registration information is bound with a mobile phone number or not, and whether a user corresponding to the mobile phone number is a member user or not;
If the registration information is not bound with the mobile phone number, a first authorization code is allocated for the client user of the target login identification information corresponding to the registration information;
if the registration information binds a mobile phone number, but a user corresponding to the mobile phone number is a non-member user, a second type authorization code is allocated to a client user of the target login identification information corresponding to the registration information;
if the registration information binds a mobile phone number and the user corresponding to the mobile phone number is a member user, a third type authorization code is allocated to the client user of the target login identification information corresponding to the registration information,
the scope range of the login permission token corresponding to the third type authorization code is larger than the scope range of the login permission token corresponding to the second type authorization code, the scope range of the login permission token corresponding to the second type authorization code is larger than the scope range of the login permission token corresponding to the first type authorization code, and the scope range refers to the access permission range corresponding to the scope.
6. The medical application authorization authentication method according to claim 4, wherein after the step of identifying a login right token authorized by the login right token authorization server for the authorization code in the registration phase by executing the right authentication request and the right authentication section, the method further comprises:
Identifying whether a target client for login authentication request is bound with a mobile phone number or not according to the category of the authorization code, and whether a user corresponding to the mobile phone number is a member user or not, wherein the category of the authorization code comprises a first type authorization code, a second type authorization code and a third type authorization code;
if the target client side carrying out the login authentication request does not bind the mobile phone number, a mobile phone number binding prompt is sent to the target client side;
if the target client side carrying out the login authentication request binds the mobile phone number, identifying whether the current mobile phone number of the target client side is consistent with the bound mobile phone number;
if the current mobile phone number of the target client is consistent with the bound mobile phone number and the user corresponding to the mobile phone number is a non-member user, a member joining prompt is sent to the target client;
if the current mobile phone number of the target client is consistent with the bound mobile phone number and the user corresponding to the mobile phone number is a member user, a login permission token update prompt is sent to the target client;
and if the current mobile phone number of the target client is inconsistent with the bound mobile phone number, sending a bound mobile phone number updating prompt to the target client.
7. The medical application authorization authentication method according to claim 3, wherein the step of returning the target login identification information to the target client and screening the program function of the target client with the access right from the medical application according to the login right token specifically comprises the steps of:
identifying a scope corresponding to the login permission token through the permission authentication part;
determining the access authority range of the target client according to the scope;
screening the program functions from the medical application program based on the access authority range;
the step of unlocking the program function at the target client to enable the program function to be in an accessible state and completing authorization authentication of the medical application program specifically comprises the following steps:
mapping the program function to the target client, setting the program function to be in an accessible state, and completing authorization authentication of the medical application program.
8. A medical application authorization authentication device, comprising:
the login authentication request receiving module is used for receiving a medical application login authentication request sent by a target client, wherein the login authentication request carries an authorization code for login authentication;
The login authentication request analysis module is used for analyzing the login authentication request and obtaining the authorization code for login authentication;
the authentication center authentication module is used for authenticating the authorization code through a preset authentication center to obtain target login identification information and a login permission token corresponding to the target login identification information;
the target program function screening module is used for returning the target login identification information to the target client and screening out the program function of the target client with access rights from the medical application program according to the login rights token;
and the target program function unlocking module is used for unlocking the program function at the target client so that the program function is in an accessible state and the authorization authentication of the medical application program is completed.
9. A computer device comprising a memory having stored therein computer readable instructions which when executed implement the steps of the medical application authorization authentication method of any one of claims 1 to 7.
10. A computer readable storage medium having stored thereon computer readable instructions which when executed by a processor implement the steps of the medical application authorization authentication method according to any of claims 1 to 7.
CN202311306357.8A 2023-10-09 2023-10-09 Medical application program authorization authentication method and related equipment thereof Pending CN117407857A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311306357.8A CN117407857A (en) 2023-10-09 2023-10-09 Medical application program authorization authentication method and related equipment thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311306357.8A CN117407857A (en) 2023-10-09 2023-10-09 Medical application program authorization authentication method and related equipment thereof

Publications (1)

Publication Number Publication Date
CN117407857A true CN117407857A (en) 2024-01-16

Family

ID=89486361

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311306357.8A Pending CN117407857A (en) 2023-10-09 2023-10-09 Medical application program authorization authentication method and related equipment thereof

Country Status (1)

Country Link
CN (1) CN117407857A (en)

Similar Documents

Publication Publication Date Title
US9178866B2 (en) Techniques for user authentication
US8732795B2 (en) System and method for user authentication
US20130049928A1 (en) Just in time visitor authentication and visitor access media issuance for a physical site
CN111311251A (en) Binding processing method, device and equipment
US20130185645A1 (en) Determining repeat website users via browser uniqueness tracking
CN109359449B (en) Authentication method, device, server and storage medium based on micro service
CN111523102B (en) Applet login method, device, equipment and computer readable storage medium
CN113239397A (en) Information access method, device, computer equipment and medium
CN113259342A (en) Login verification method, device, computer equipment and medium
CN113630253A (en) Login method, device, computer system and readable storage medium
US10936705B2 (en) Authentication method, electronic device, and computer-readable program medium
CN111651749A (en) Method and device for finding account based on password, computer equipment and storage medium
CN113282591B (en) Authority filtering method, authority filtering device, computer equipment and storage medium
CN113486316A (en) User identity authentication method and device, electronic equipment and readable storage medium
CN112966249A (en) Multi-user account switching method and device, computer equipment and medium
CN117094729A (en) Request processing method, device, computer equipment and storage medium
US11409856B2 (en) Video-based authentication
CN116956326A (en) Authority data processing method and device, computer equipment and storage medium
CN116383787A (en) Page creation method, page creation device, computer equipment and storage medium
US9479492B1 (en) Authored injections of context that are resolved at authentication time
CN117407857A (en) Medical application program authorization authentication method and related equipment thereof
WO2022185269A1 (en) Methods, systems and computer program products for secure remote hardware access through cross-device authentication
CN111353768A (en) Book borrowing supervision method, device, equipment and storage medium
CN115250200B (en) Service authorization authentication method and related equipment thereof
CN115426146B (en) System login method, device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination