WO2019134234A1 - Rooting-prevention log-in method, device, terminal apparatus, and storage medium - Google Patents

Rooting-prevention log-in method, device, terminal apparatus, and storage medium Download PDF

Info

Publication number
WO2019134234A1
WO2019134234A1 PCT/CN2018/077313 CN2018077313W WO2019134234A1 WO 2019134234 A1 WO2019134234 A1 WO 2019134234A1 CN 2018077313 W CN2018077313 W CN 2018077313W WO 2019134234 A1 WO2019134234 A1 WO 2019134234A1
Authority
WO
WIPO (PCT)
Prior art keywords
verification
serial number
terminal
login
client
Prior art date
Application number
PCT/CN2018/077313
Other languages
French (fr)
Chinese (zh)
Inventor
辜坤
Original Assignee
平安科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 平安科技(深圳)有限公司 filed Critical 平安科技(深圳)有限公司
Publication of WO2019134234A1 publication Critical patent/WO2019134234A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Definitions

  • the present application relates to the field of network security, and in particular, to a method, an apparatus, a terminal device, and a storage medium for preventing a brush login.
  • the C/S (Client/Server, Client and Server) structure is a common Internet architecture. By fully utilizing the advantages of the hardware environments at both ends, the tasks are reasonably distributed to the client and server. In order to maintain the security of the server, the server in the C/S structure needs to authenticate the client before performing the task.
  • the graphic verification code is a commonly used authentication method. At present, the graphic authentication code authentication method does not have an anti-brush mechanism, and the security is not high.
  • the embodiment of the present invention provides a method, a device, a terminal device, and a storage medium for preventing the brush registration, so as to solve the problem that the current graphic verification code authentication method does not have an anti-brush mechanism and the security is not high.
  • the embodiment of the present application provides a method for preventing a brush login, including:
  • the serial number information of the verification serial number is updated, a graphic verification code corresponding to the verification serial number is generated, and the graphic verification code is sent to the client corresponding to the terminal ID.
  • an apparatus for preventing a brush login including:
  • Obtaining a login verification request module configured to obtain a login verification request sent by the client, where the login verification request includes a terminal ID;
  • Determining a verification serial number module configured to query a database based on the terminal ID, and determine whether a verification serial number corresponding to the terminal ID exists in the database;
  • Sending a graphic verification code module if the verification serial number is valid, updating the serial number information of the verification serial number, generating a graphic verification code corresponding to the verification serial number, and transmitting the graphic verification code to the client corresponding to the terminal ID end.
  • a third aspect of the present application provides a terminal device including a memory, a processor, and computer readable instructions stored in the memory and executable on the processor, the computer readable instructions being implemented by a processor The following steps:
  • the verification serial number If the verification serial number is valid, updating the serial number information of the verification serial number, generating a graphic verification code corresponding to the verification serial number, and transmitting the graphic verification code to the client corresponding to the terminal ID end.
  • a fourth aspect of the present application provides a computer readable storage medium storing computer readable instructions that, when executed by a processor, implement the following steps:
  • the verification serial number If the verification serial number is valid, updating the serial number information of the verification serial number, generating a graphic verification code corresponding to the verification serial number, and transmitting the graphic verification code to the client corresponding to the terminal ID end.
  • the method, device, terminal device and storage medium of the anti-brushing login are implemented by determining whether the verification serial number corresponding to the terminal ID of the client is valid. If the verification serial number exists in the database, and when the verification serial number is valid, a graphic verification code corresponding to the verification serial number is generated, and the graphic verification code is sent to the client corresponding to the terminal ID.
  • the server only responds to the client that validates the serial number, which greatly reduces the risk of hacking the server after multiple flashes.
  • 1 is a flow chart of a method for preventing an anti-brushing in the first embodiment of the present application.
  • FIG. 2 is another specific flowchart of a method for preventing anti-brushing in Embodiment 1 of the present application.
  • FIG. 3 is another specific flowchart of a method for preventing anti-brushing in Embodiment 1 of the present application.
  • FIG. 4 is a schematic block diagram of an apparatus for preventing an anti-brushing in the second embodiment of the present application.
  • FIG. 5 is a schematic diagram of a terminal device in Embodiment 4 of the present application.
  • Fig. 1 is a flow chart showing a method of anti-brush registration in the embodiment. This embodiment is applied to the Internet architecture of the C/S (Client/Server, client and server) structure, wherein the execution entity of the solution is a server configured with a database. As shown in FIG. 1, the method for preventing the brush login includes the following steps:
  • the client in this embodiment includes, but is not limited to, a smart phone, a computer, a PAD, and the like, which can be used by the user to input information and interact with the server.
  • the login verification request is a request for the user to establish a secure connection after the user enters the authentication information (the authentication information can be a user ID and a user password) from the client.
  • the authentication information can be a user ID and a user password
  • the terminal ID is an identifier for identifying the client that sent the login verification request.
  • the server may determine, according to the terminal ID, an IP address for identifying the client or a login MAC address or the like.
  • the server is connected to the server through the login verification request sent by the client, and the security of the client can be confirmed before the server establishes a secure connection with the client.
  • the verification serial number is a unique number assigned by the server to the terminal ID corresponding to the client based on the first login verification request of any client.
  • the server can subsequently find the verification serial number corresponding to the client from the database based on the terminal ID of the client.
  • the verification serial number associated with the terminal ID is stored in the database, and the verification serial number of the terminal ID can be quickly matched in the server storing the massive data, and the client corresponding to the terminal ID is obtained.
  • Serial number information for secure verification based on the serial number information.
  • the serial number information is a login status of the terminal ID associated with the verification serial number, such as the number of logins of the verification serial number, the verification period, and the effective number of times.
  • the verification period is the time that the server sets the number of logins for the client according to the actual situation; the effective number is the maximum number of logins in the verification period set by the server according to the actual situation; the number of logins is the login verification request sent by the client. frequency.
  • the verification sequence number is valid, and vice versa. That is, when determining whether the verification sequence number is valid based on the serial number information, it is necessary to determine whether the current time of the system is within the verification period of the serial number information, and determine whether the number of logins corresponding to the terminal ID is within the effective number of serial number information, if the current system If the time is within the verification period, and the number of logins corresponding to the terminal ID is within the effective number, the verification serial number is valid; if the current time of the system is not within the verification period or the number of logins is not within the effective number, the verification serial number is invalid.
  • the serial number information of the client can be quickly obtained through the serial number information, so as to determine the validity of the verification serial number based on the serial number information, and provide a corresponding feedback action.
  • the serial number information of the verification sequence number corresponding to the terminal ID is updated to change the serial number information in real time.
  • the temporary database such as REDIS
  • No. Information REDIS is an open source, log-based, Key-Value database written in ANSI C, supporting the network, and can be persisted based on memory. Quick query can be achieved by using REDIS to store serial number information.
  • the verification period can be set to 2 minutes and the effective number can be set to 20 times. That is, if the client does not log in more than 20 times within 2 minutes, the client's verification serial number is still valid. Understandably, if the client has 20 logins in 2 minutes, the client's verification serial number is invalid.
  • the verification serial number is valid, and the serial number information associated with the verification serial number meets a preset requirement, including but not limited to: verifying the number of logins of the serial number within the valid number of times during the verification period of the verification serial number, and the like.
  • the server receives the login verification request, and determines that the verification sequence number is valid based on the obtained sequence number information associated with the terminal ID, and then needs to update the dynamic content in the sequence number information, for example, the verification sequence. Number of logins. Specifically, when the server receives a new login verification request, and when the verification serial number is valid, the number of logins of the verification serial number is incremented by 1, and so on.
  • the login verification request of the client is limited, and only the graphic verification code is sent to the client whose verification serial number is valid, thereby effectively protecting the server from the malicious flashing initiated by the client.
  • the method for preventing the brush login is implemented by determining whether the verification sequence number corresponding to the terminal ID of the client is valid. If the verification serial number exists in the database, and when the verification serial number is valid, a graphic verification code corresponding to the verification serial number is generated, and the graphic verification code is sent to the client corresponding to the terminal ID.
  • the server only responds to the client that validates the serial number. On the one hand, it greatly reduces the risk of hacking the server through multiple flashes. On the other hand, the access is restricted by the authentication serial number associated with the terminal ID. Increased user experience by restricting access to the server through IP.
  • the method for preventing the login is further included:
  • the verification sequence number is invalid, that is, the sequence number information associated with the current verification sequence number does not meet the preset requirement. It can be understood that when the number of logins of the verification serial number exceeds the effective number within the verification period of the verification serial number, the verification serial number is invalid.
  • the number of logins of the verification serial number exceeds the effective number, indicating that the client logs in to the server multiple times during the verification period, and there may be factors that the client is not secure.
  • the verification serial number corresponding to the client is also deleted in the database, which alleviates redundant data of the database, and facilitates the client to log in to the server again after unlocking. In this embodiment, by locking the client whose verification serial number is invalid, the server can be effectively protected from malicious brushing.
  • the login failure information is the notification information sent by the server to the client to notify the client of the login failure and to lock the information of the client during the lock period.
  • the server sends the login failure information to the client to remind the client to re-access the server after the lock period.
  • the method for preventing the login before the step S20, that is, before the step of determining whether there is a verification serial number corresponding to the terminal ID in the database, the method for preventing the login further includes:
  • the client there are various situations in the client that logs in to the server: the first login, the login when the verification serial number is valid, the login when the verification serial number is invalid, the login during the locked period, the login after unlocking, etc., in which case the client is When logging in during lockout, the login status corresponding to the terminal ID is locked.
  • the server After receiving the login verification request sent by the client, the server needs to quickly distinguish the login status of the client in order to respond to the response.
  • the terminal ID of the client first determines whether the client is in the locked state, and can quickly respond to the login verification request sent by the client.
  • the login failure information is notification information sent by the server to the client, to notify the client that the login fails, and the information that the client locks during the locking period.
  • the server sends the login failure information to the client, which is used to remind the client to log in to the server again after the lock period.
  • the user experience is improved by sending a login failure message to the client and giving the client a corresponding reminder.
  • the step of determining whether there is a verification sequence number corresponding to the terminal ID in the database is performed.
  • the client may be initially determined to be a secure client, and the subsequent verification of the verification serial number of the client may be performed.
  • the non-locked state here includes, but is not limited to, the first login, the login when the verification serial number is valid, the login after the verification serial number is invalid, and the login after the unlock.
  • the client is not locked, that is, not locked, and it can be confirmed that the client is temporarily a secure client, and the subsequent verification step (ie, the step after step S20) can be quickly performed, thereby improving the verification efficiency.
  • the method for preventing the login further includes:
  • the terminal ID of the client does not have a corresponding verification sequence number, indicating that the serial number information of the terminal ID does not exist in the database, and the server needs to establish a new record for the terminal ID for subsequent identification of the client.
  • a verification sequence number corresponding thereto is established based on the terminal ID
  • corresponding sequence number information is established based on the verification sequence number, so as to establish complete record information in the server for the client.
  • the serial number information of the initialization verification sequence number refers to setting the number of logins in the serial number information to 1, so that the last time the login verification request sent by the same client is received, the last record can be recorded. The number of logins is incremented by one to verify that the verification serial number is valid based on its number of logins.
  • the verification serial number is assigned to the client that does not have the verification serial number, it indicates that the client is the first login server, and the client can be temporarily determined to be a secure verification code.
  • the server can respond according to the serial number information of the client when the client applies for logging in to the server.
  • the method for preventing anti-brushing further includes: the serial number information includes a verification period and an effective number of times.
  • timing update instruction includes a program ID.
  • the timing update instruction is an instruction for initiating an effective number of times in updating the sequence number information.
  • the program ID is a unique number used to identify each instruction, and the server can call different program instructions by the program ID.
  • the verification sequence number corresponding to the verification period still exists, and it is proved that the verification sequence number is still valid, that is, the number of logins of the client is within the effective number of times. Because the serial number corresponding to the client is valid during the verification period, the client can be initially confirmed as a secure client, and the client can be assigned the next verification period. It can be understood that, at this time, the effective number of times corresponding to the verification sequence number is zero, that is, the verification sequence number is continued for one verification period.
  • the verification period can be set to 2 minutes and the effective number can be set to 20 times. That is, if the number of logins by the client within 2 minutes does not exceed 20 times, the client may initially determine that the client is a secure client, and the verification serial number may be reserved and corresponding to the next verification period. It can be understood that if the verification serial number corresponding to the client is within the effective number of times in the first 2 minutes, the maximum number of logins of the verification serial number may be 19 times in the second 2 minutes. At this time, it is necessary to clear the valid number of times corresponding to the verification serial number at the end of the first 2-minute verification period to re-count.
  • the server automatically continues the next verification period for the client whose verification serial number is valid, and ensures the security of the server, and is also beneficial to improving the customer experience.
  • the method for preventing the login is further included:
  • the access verification request is a request for the server to verify the current verification code by sending a current verification code to the server based on the graphic verification code sent by the server.
  • the server verifies the current verification code sent by the client, and is used to further determine the security of the client, so as to prevent the server from being maliciously initiated by the client.
  • the server each time the client corresponding to the terminal ID sends an access verification request to the server, the server obtains a graphic verification code stored in the database based on the terminal ID query, so as to match the current verification code input by the client based on the graphic verification code. verification. It can be understood that after the server sends the graphic verification code to the client corresponding to the terminal ID, the graphic verification code needs to be stored in the database, so as to perform security verification based on the graphic verification code.
  • the security state of the client can be determined, which is simple and effective.
  • the client that matches the current verification code sent with the graphic verification code in the server can quickly access the verification request, which simplifies the verification process and ensures the security of the server.
  • the server needs to confirm whether to send the graphic verification code to the client for verification, that is, the database needs to be queried based on the terminal ID in the access verification request, and the verification corresponding to the terminal ID is obtained.
  • the serial number and then performing the step of judging whether the verification serial number is valid based on the serial number information in the verification serial number (ie, step S30).
  • the serial number information corresponding to the terminal ID needs to be updated, and a graphic verification code is sent to the client to remind the client to re-enter the access verification request.
  • the serial number information can be used to quickly know the serial number information of the client, determine the validity of the verification serial number, and give corresponding feedback actions.
  • the security of the matching client may be firstly determined through the graphic verification code and the current verification, which is simple and effective; when the graphic verification code fails to pass the verification, The serial number information corresponding to the terminal ID is determined to perform a feedback action.
  • Fig. 5 is a block diagram showing the operation of the apparatus for preventing the brush registration in one-to-one correspondence with the method of the anti-friction registration in the first embodiment.
  • the device for preventing the brush registration includes a login verification request module 10, a determination verification serial number module 20, a determination serial number effective module 30, and a transmission graphic verification code module 40.
  • the steps of obtaining the login verification request module 10, determining the verification serial number module 20, determining the serial number validating module 30, and transmitting the graphic verification code module 40 correspond to the steps corresponding to the method for preventing the login in the embodiment, in order to avoid As described above, this embodiment will not be described in detail.
  • the login verification request module 10 is configured to obtain a login verification request sent by the client, where the login verification request includes a terminal ID.
  • the verification verification serial number module 20 is configured to query the database based on the terminal ID to determine whether there is a verification serial number corresponding to the terminal ID in the database.
  • the determining serial number validating module 30 is configured to determine, according to the serial number information in the verification serial number, whether the verification serial number is valid if the verification serial number exists.
  • Sending a graphic verification code module 40 if the verification serial number is valid, updating the serial number information of the verification serial number, generating a graphic verification code corresponding to the verification serial number, and transmitting the graphic verification code to the terminal ID corresponding to the terminal Client.
  • the device for preventing the brush registration further includes a clear verification serial number module 50.
  • the implementation function of the clearing verification serial number module 50 corresponds to the steps corresponding to the method for preventing the anti-sparking in the embodiment. To avoid redundancy, the present embodiment will not be described in detail.
  • the verification verification serial number module 50 is configured to clear the verification serial number in the database if the verification serial number is invalid, set the login status of the terminal ID to the locked state in the database, and send the login failure information to the client.
  • the device for preventing the login of the brush further includes a determination lock status module 60, a send login failure information module 70, and an execution verification serial number module 80.
  • the steps of determining the lock status module 60, the sending login failure information module 70, and the execution verification serial number module 80 are in one-to-one correspondence with the steps corresponding to the method for preventing the login in the embodiment. To avoid redundancy, the present embodiment does not. Detailed.
  • the lock status module 60 is configured to determine whether the login status corresponding to the terminal ID is a lock status.
  • the sending login failure information module 70 is configured to send the login failure information to the client if the login status is the locked state.
  • the verification verification serial number module 80 is configured to perform a step of determining whether there is a verification serial number corresponding to the terminal ID in the database if the login state is not the locked state.
  • the device for preventing the login of the brush further includes a distribution verification serial number module 90.
  • the implementation function of the distribution verification serial number module 90 corresponds to the steps corresponding to the method for preventing the login in the embodiment. To avoid redundancy, the present embodiment will not be described in detail.
  • the distribution verification serial number module 90 is configured to assign a corresponding verification serial number to the terminal ID if the verification serial number does not exist, initialize the serial number information of the verification serial number, generate a graphic verification code associated with the verification serial number, and display the graphic The verification code is sent to the client corresponding to the terminal ID.
  • the determining serial number validating module 30 is configured to verify that the serial number is valid if the current time of the system is within the verification period and the number of times the login verification request corresponding to the terminal ID is within the effective number, and vice versa.
  • the device for preventing the login of the brush further includes an acquisition update instruction module 110 and a departure update program module 120.
  • the implementation functions of the acquisition update command module 110 and the departure update program module 120 are in one-to-one correspondence with the steps S110 and S120 corresponding to the method for the anti-scratch registration in the first embodiment. To avoid redundancy, the present embodiment will not be described in detail.
  • the update instruction module 110 is configured to acquire a timing update instruction, where the timing update instruction includes a program ID and a trigger time.
  • the departure update program module 120 is configured to trigger an update program corresponding to the program ID when the current time of the system is the trigger time, and clear the verification sequence number that the current time of the system is not in the verification period.
  • the anti-scratch login device further includes an acquisition access request module 130, an acquisition graphic verification code module 140, an access verification request module 150, and an access verification verification request module 160.
  • the steps of the access access requesting module 130, the obtaining the graphic verification code module 140, the access verification requesting module 150, and the access denied verification requesting module 160 are corresponding to the steps corresponding to the method of the anti-sparking login in the embodiment, in order to avoid redundancy. This embodiment is not described in detail.
  • the access requesting module 130 is configured to obtain an access verification request sent by the client, where the access verification request includes a terminal ID and a current verification code.
  • the graphic verification code module 140 is configured to acquire a corresponding graphic verification code based on the terminal ID.
  • the access verification request module 150 is configured to access the verification request by accessing the verification code if the current verification code matches the graphic verification code.
  • the access verification request module 160 is configured to perform a step of determining whether the verification serial number is valid based on the serial number information in the verification serial number if the current verification code does not match the graphic verification code.
  • the embodiment provides a computer readable storage medium on which computer readable instructions are stored, and when the computer readable instructions are executed by the processor, the method for preventing the login in the embodiment 1 is implemented. I won't go into details here. Alternatively, when the computer readable instructions are executed by the processor, the functions of the modules/units in the apparatus for preventing the login in the second embodiment are implemented. To avoid repetition, details are not described herein again.
  • the computer readable storage medium may include any entity or device capable of carrying the computer readable instruction code, a recording medium, a USB flash drive, a removable hard disk, a magnetic disk, an optical disk, a computer memory, a read only memory (ROM, Read- Only Memory), Random Access Memory (RAM), electrical carrier signals, telecommunications signals, and software distribution media.
  • FIG. 5 is a schematic diagram of a device/terminal device for anti-brushing login according to an embodiment of the present application.
  • the device/terminal device 500 of the anti-spy login of this embodiment includes a processor 510, a memory 520, and computer readable instructions 530 stored in the memory 520 and operable on the processor 510, such as Brush the login program.
  • the processor 510 when executing the computer readable instructions 530, implements the steps in the method embodiments of the various anti-swipe logins described above, such as steps S10 through S40 shown in FIG.
  • processor 510 when executing computer readable instructions 530, implements the functions of the various modules/units of the various apparatus embodiments described above, such as the functions of modules 10-40 shown in FIG.

Abstract

Disclosed in the present application are a rooting-prevention log-in method, a device, a terminal apparatus, and a storage medium, pertaining to the technical field of network security. The rooting-prevention log-in method comprises: acquiring a log-in authentication request sent by a client, the log-in authentication request comprising a terminal ID; performing a search in a database on the basis of the terminal ID, and determining whether the database comprises an authentication serial number corresponding to the terminal ID; if so, determining, on the basis of serial number information in the authentication serial number, whether the authentication serial number is valid; if so, updating the serial number information of the authentication serial number, generating a graphic authentication code corresponding to the authentication serial number, and sending the graphic authentication code to the client corresponding to the terminal ID. A server in the method only responds to a client having a valid authentication serial number, thereby significantly reducing the risk of the server being hacked by means of multiple rooting operations.

Description

防刷登录的方法、装置、终端设备及存储介质Anti-brush login method, device, terminal device and storage medium
本专利申请以2018年01月08日提交的申请号为201810014424.1,名称为“防刷登录的方法、装置、终端设备及存储介质”的中国发明专利申请为基础,并要求其优先权。This patent application is based on the Chinese Patent Application No. 201810014424.1 filed on Jan. 08, 2018, entitled "Method, Apparatus, Terminal Equipment and Storage Medium for Anti-Brushing," and requires priority.
技术领域Technical field
本申请涉及网络安全领域,尤其涉及一种防刷登录的方法、装置、终端设备及存储介质。The present application relates to the field of network security, and in particular, to a method, an apparatus, a terminal device, and a storage medium for preventing a brush login.
背景技术Background technique
C/S(Client/Server,客户端和服务器)结构是常见的互联网架构,通过充分利用两端硬件环境的优势,将任务合理分配到客户端和服务器来实现。为了维护服务器的安全,C/S结构中服务器执行任务前需要对客户端进行身份认证,通过图形验证码是常用的认证方式。目前图形验证码认证方式大都不具备防刷机制,安全性不高。The C/S (Client/Server, Client and Server) structure is a common Internet architecture. By fully utilizing the advantages of the hardware environments at both ends, the tasks are reasonably distributed to the client and server. In order to maintain the security of the server, the server in the C/S structure needs to authenticate the client before performing the task. The graphic verification code is a commonly used authentication method. At present, the graphic authentication code authentication method does not have an anti-brush mechanism, and the security is not high.
发明内容Summary of the invention
本申请实施例提供一种防刷登录的方法、装置、终端设备及存储介质,以解决目前图形验证码认证方式大都不具备防刷机制,安全性不高的问题。The embodiment of the present invention provides a method, a device, a terminal device, and a storage medium for preventing the brush registration, so as to solve the problem that the current graphic verification code authentication method does not have an anti-brush mechanism and the security is not high.
第一方面,本申请实施例提供一种防刷登录的方法,包括:In a first aspect, the embodiment of the present application provides a method for preventing a brush login, including:
获取客户端发送的登录验证请求,登录验证请求包括终端ID;Obtaining a login verification request sent by the client, where the login verification request includes a terminal ID;
基于终端ID查询数据库,判断数据库中是否存在与终端ID相对应的验证序列号;Querying the database based on the terminal ID, determining whether there is a verification serial number corresponding to the terminal ID in the database;
若存在验证序列号,则基于验证序列号中的序列号信息判断验证序列号是否有效;If there is a verification serial number, it is determined whether the verification serial number is valid based on the serial number information in the verification serial number;
若验证序列号有效,则更新验证序列号的序列号信息,生成与验证序列号相对应的图形验证码,并将图形验证码发送给与终端ID相对应的客户端。If the verification serial number is valid, the serial number information of the verification serial number is updated, a graphic verification code corresponding to the verification serial number is generated, and the graphic verification code is sent to the client corresponding to the terminal ID.
第二方面,本申请实施例提供一种防刷登录的装置,包括:In a second aspect, an embodiment of the present application provides an apparatus for preventing a brush login, including:
获取登录验证请求模块,用于获取客户端发送的登录验证请求,登录验证请求包括终端ID;Obtaining a login verification request module, configured to obtain a login verification request sent by the client, where the login verification request includes a terminal ID;
判断验证序列号模块,用于基于终端ID查询数据库,判断数据库中是否存在与终端ID相对应的验证序列号;Determining a verification serial number module, configured to query a database based on the terminal ID, and determine whether a verification serial number corresponding to the terminal ID exists in the database;
判断序列号有效模块,用于若存在验证序列号,则基于验证序列号中的序列号信息判断验证序列号是否有效;Determining a serial number valid module, if there is a verification serial number, determining whether the verification serial number is valid based on the serial number information in the verification serial number;
发送图形验证码模块,用于若验证序列号有效,则更新验证序列号的序列号信息,生成与验证序列号相对应的图形验证码,并将图形验证码发送给与终端ID相对应的客户端。Sending a graphic verification code module, if the verification serial number is valid, updating the serial number information of the verification serial number, generating a graphic verification code corresponding to the verification serial number, and transmitting the graphic verification code to the client corresponding to the terminal ID end.
本申请第三方面提供一种终端设备,包括存储器、处理器以及存储在所述存储器中并可在所述处理器上运行的计算机可读指令,所述计算机可读指令被处理器执行时实现如下步骤:A third aspect of the present application provides a terminal device including a memory, a processor, and computer readable instructions stored in the memory and executable on the processor, the computer readable instructions being implemented by a processor The following steps:
获取客户端发送的登录验证请求,所述登录验证请求包括终端ID;Obtaining a login verification request sent by the client, where the login verification request includes a terminal ID;
基于所述终端ID查询数据库,判断所述数据库中是否存在与所述终端ID相对应的验证序列号;Determining, according to the terminal ID, a database, whether a verification sequence number corresponding to the terminal ID exists in the database;
若存在所述验证序列号,则基于所述验证序列号中的序列号信息判断所述验证序列号是否有效;If the verification serial number exists, determining whether the verification serial number is valid based on the serial number information in the verification serial number;
若所述验证序列号有效,则更新所述验证序列号的序列号信息,生成与验证序列号相对应的图形验证码,并将所述图形验证码发送给与所述终端ID相对应的客户端。If the verification serial number is valid, updating the serial number information of the verification serial number, generating a graphic verification code corresponding to the verification serial number, and transmitting the graphic verification code to the client corresponding to the terminal ID end.
本申请第四方面提供一种计算机可读存储介质,所述计算机可读存储介质存储有计算机可读指令,所述计算机可读指令被处理器执行时实现如下步骤:A fourth aspect of the present application provides a computer readable storage medium storing computer readable instructions that, when executed by a processor, implement the following steps:
获取客户端发送的登录验证请求,所述登录验证请求包括终端ID;Obtaining a login verification request sent by the client, where the login verification request includes a terminal ID;
基于所述终端ID查询数据库,判断所述数据库中是否存在与所述终端ID相对应的验证序列号;Determining, according to the terminal ID, a database, whether a verification sequence number corresponding to the terminal ID exists in the database;
若存在所述验证序列号,则基于所述验证序列号中的序列号信息判断所述验证序列号是否有效;If the verification serial number exists, determining whether the verification serial number is valid based on the serial number information in the verification serial number;
若所述验证序列号有效,则更新所述验证序列号的序列号信息,生成与验证序列号相对应的图形验证码,并将所述图形验证码发送给与所述终端ID相对应的客户端。If the verification serial number is valid, updating the serial number information of the verification serial number, generating a graphic verification code corresponding to the verification serial number, and transmitting the graphic verification code to the client corresponding to the terminal ID end.
本申请实施例提供的防刷登录的方法、装置、终端设备及存储介质,是通过判断与客户端的终端ID相对应的验证序列号是否有效来实现的。若数据库中存在验证序列号,且当验证序列号有效时,生成与验证序列号相对应的图形验证码,并将图形验证码发送给与终端ID相对应的客户端。服务器只对验证序列号有效的客户端作出响应,一方面极大降低了通过多次刷机后破解服务器非法侵入的危险性。The method, device, terminal device and storage medium of the anti-brushing login provided by the embodiment of the present application are implemented by determining whether the verification serial number corresponding to the terminal ID of the client is valid. If the verification serial number exists in the database, and when the verification serial number is valid, a graphic verification code corresponding to the verification serial number is generated, and the graphic verification code is sent to the client corresponding to the terminal ID. The server only responds to the client that validates the serial number, which greatly reduces the risk of hacking the server after multiple flashes.
附图说明DRAWINGS
为了更清楚地说明本申请实施例的技术方案,下面将对本申请实施例的描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings used in the description of the embodiments of the present application will be briefly described below. It is obvious that the drawings in the following description are only some embodiments of the present application. Other drawings may also be obtained from those of ordinary skill in the art based on these drawings without the inventive labor.
图1是本申请实施例1中防刷登录的方法的一流程图。1 is a flow chart of a method for preventing an anti-brushing in the first embodiment of the present application.
图2是本申请实施例1中防刷登录的方法的另一具体流程图。FIG. 2 is another specific flowchart of a method for preventing anti-brushing in Embodiment 1 of the present application.
图3是本申请实施例1中防刷登录的方法的另一具体流程图。FIG. 3 is another specific flowchart of a method for preventing anti-brushing in Embodiment 1 of the present application.
图4是本申请实施例2中防刷登录的装置的一原理框图。4 is a schematic block diagram of an apparatus for preventing an anti-brushing in the second embodiment of the present application.
图5是本申请实施例4中终端设备的一示意图。FIG. 5 is a schematic diagram of a terminal device in Embodiment 4 of the present application.
具体实施方式Detailed ways
下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。The technical solutions in the embodiments of the present application are clearly and completely described in the following with reference to the drawings in the embodiments of the present application. It is obvious that the described embodiments are a part of the embodiments of the present application, and not all of the embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present application without departing from the inventive scope are the scope of the present application.
实施例1Example 1
图1示出本实施例中防刷登录的方法的流程图。本实施例应用在C/S(Client/Server,客户端和服务器)结构的互联网架构中,其中,本方案的执行主体是配置有数据库的服务器。如图1所示,该防刷登录的方法包括如下步骤:Fig. 1 is a flow chart showing a method of anti-brush registration in the embodiment. This embodiment is applied to the Internet architecture of the C/S (Client/Server, client and server) structure, wherein the execution entity of the solution is a server configured with a database. As shown in FIG. 1, the method for preventing the brush login includes the following steps:
S10.获取客户端发送的登录验证请求,登录验证请求包括终端ID。S10. Obtain a login verification request sent by the client, where the login verification request includes a terminal ID.
具体地,本实施例中的客户端包括但不限于智能手机、电脑、PAD等可供用户录入信息与服务器进行交互的终端。Specifically, the client in this embodiment includes, but is not limited to, a smart phone, a computer, a PAD, and the like, which can be used by the user to input information and interact with the server.
登录验证请求是用户从客户端提供的入口录入验证信息(验证信息可以为用户ID和用户密码等)后,向服务器发送建立安全连接的请求。The login verification request is a request for the user to establish a secure connection after the user enters the authentication information (the authentication information can be a user ID and a user password) from the client.
终端ID是用于识别发送该登录验证请求的客户端的标识。服务器可根据该终端ID确定其为用于识别客户端的IP地址或者登录MAC地址等。The terminal ID is an identifier for identifying the client that sent the login verification request. The server may determine, according to the terminal ID, an IP address for identifying the client or a login MAC address or the like.
本实施例通过客户端发送的登录验证请求连接服务器,可在服务器与客户端建立安全连接前确认客户端的安全性。In this embodiment, the server is connected to the server through the login verification request sent by the client, and the security of the client can be confirmed before the server establishes a secure connection with the client.
S20.基于终端ID查询数据库,判断数据库中是否存在与终端ID相对应的验证序列号。S20. Query the database based on the terminal ID, and determine whether there is a verification serial number corresponding to the terminal ID in the database.
验证序列号是服务器基于任一客户端的首次登录验证请求给客户端对应的终端ID分配的唯一号码。服务器后续可基于客户端的终端ID,从数据库中查找该客户端对应的验证序列号。The verification serial number is a unique number assigned by the server to the terminal ID corresponding to the client based on the first login verification request of any client. The server can subsequently find the verification serial number corresponding to the client from the database based on the terminal ID of the client.
本实施例中基于客户端的终端ID,在数据库中存储与终端ID关联的验证序列号,可在存储海量数据的服务器中迅速匹配出该终端ID的验证序列号, 获取该终端ID对应的客户端的序列号信息,以便基于该序列号信息进行安全验证。In this embodiment, based on the terminal ID of the client, the verification serial number associated with the terminal ID is stored in the database, and the verification serial number of the terminal ID can be quickly matched in the server storing the massive data, and the client corresponding to the terminal ID is obtained. Serial number information for secure verification based on the serial number information.
S30.若存在验证序列号,则基于验证序列号中的序列号信息判断验证序列号是否有效。S30. If the verification sequence number exists, it is determined whether the verification sequence number is valid based on the serial number information in the verification sequence number.
具体地,序列号信息是记录与验证序列号关联的终端ID的登录情况,比如验证序列号的登录次数、验证时段和有效次数。验证时段是服务器根据实际情况设定的用以限定客户端登录次数的时间;有效次数是服务器根据实际情况设定的在验证时段内的最多登录次数;登录次数是客户端发送的登录验证请求的次数。Specifically, the serial number information is a login status of the terminal ID associated with the verification serial number, such as the number of logins of the verification serial number, the verification period, and the effective number of times. The verification period is the time that the server sets the number of logins for the client according to the actual situation; the effective number is the maximum number of logins in the verification period set by the server according to the actual situation; the number of logins is the login verification request sent by the client. frequency.
进一步地,若系统当前时间在验证时段内,且获取终端ID对应的登录次数在有效次数内,则验证序列号有效,反之则无效。即在基于序列号信息判断验证序列号是否有效时,需判断系统当前时间是否在序列号信息的验证时段内,并判断终端ID对应的登录次数是否在序列号信息的有效次数内,若系统当前时间在验证时段内,且获取终端ID对应的登录次数在有效次数内,则验证序列号有效;若系统当前时间不在验证时段内或登录次数不在有效次数内,则验证序列号无效。Further, if the current time of the system is within the verification period, and the number of logins corresponding to the terminal ID is within the effective number of times, the verification sequence number is valid, and vice versa. That is, when determining whether the verification sequence number is valid based on the serial number information, it is necessary to determine whether the current time of the system is within the verification period of the serial number information, and determine whether the number of logins corresponding to the terminal ID is within the effective number of serial number information, if the current system If the time is within the verification period, and the number of logins corresponding to the terminal ID is within the effective number, the verification serial number is valid; if the current time of the system is not within the verification period or the number of logins is not within the effective number, the verification serial number is invalid.
本实施例中,通过序列号信息可以迅速获知客户端的序列号信息,以便基于该序列号信息判断出验证序列号的有效性,给出相应的反馈动作。In this embodiment, the serial number information of the client can be quickly obtained through the serial number information, so as to determine the validity of the verification serial number based on the serial number information, and provide a corresponding feedback action.
服务器每获取到一登录验证信息时,需对与其终端ID相对应的验证序列号的序列号信息进行更新,以使其序列号信息实时变动,本实施例可以采用临时数据库(比如REDIS)存储序列号信息。REDIS是一个开源的使用ANSI C语言编写、支持网络、可基于内存亦可持久化的日志型、Key-Value数据库。采用REDIS存储序列号信息可实现快速查询。Each time the server obtains the login verification information, the serial number information of the verification sequence number corresponding to the terminal ID is updated to change the serial number information in real time. In this embodiment, the temporary database (such as REDIS) storage sequence may be used. No. Information. REDIS is an open source, log-based, Key-Value database written in ANSI C, supporting the network, and can be persisted based on memory. Quick query can be achieved by using REDIS to store serial number information.
例如,可将验证时段设定为2分钟,将有效次数设定为20次。也即,若客户端在2分钟内的登录次数未超过20次,则该客户端的验证序列号还有效。可以理解地,若客户端在2分钟内的登录次数达到20次,则该客户端的验证 序列号无效。For example, the verification period can be set to 2 minutes and the effective number can be set to 20 times. That is, if the client does not log in more than 20 times within 2 minutes, the client's verification serial number is still valid. Understandably, if the client has 20 logins in 2 minutes, the client's verification serial number is invalid.
本实施例中,通过限定在有限的验证时段内的登录次数未超过有效次数,可确定验证序列号有效,提高了确认验证序列号是否有效的真实性和准确性。In this embodiment, by limiting the number of logins within the limited verification period not exceeding the effective number, it can be determined that the verification sequence number is valid, and the authenticity and accuracy of confirming whether the verification sequence number is valid is improved.
S40.若验证序列号有效,则更新验证序列号的序列号信息,生成与验证序列号相对应的图形验证码,并将图形验证码发送给与终端ID相对应的客户端。S40. If the verification serial number is valid, update the serial number information of the verification serial number, generate a graphic verification code corresponding to the verification serial number, and send the graphic verification code to the client corresponding to the terminal ID.
具体地,验证序列号有效包括验证序列号关联的序列号信息符合预设要求,包括但不限于:在验证序列号的验证时段内验证序列号的登录次数在有效次数内等。Specifically, the verification serial number is valid, and the serial number information associated with the verification serial number meets a preset requirement, including but not limited to: verifying the number of logins of the serial number within the valid number of times during the verification period of the verification serial number, and the like.
服务器接收到本次登录验证请求,在基于获取到的与终端ID相关联的序列号信息进行有效性判断确定其验证序列号有效时,则需要更新序列号信息中的动态内容,比如,验证序列号的登录次数。具体地,当服务器接收到新的登录验证请求,并在验证序列号有效时,使验证序列号的登录次数加1,以此类推。The server receives the login verification request, and determines that the verification sequence number is valid based on the obtained sequence number information associated with the terminal ID, and then needs to update the dynamic content in the sequence number information, for example, the verification sequence. Number of logins. Specifically, when the server receives a new login verification request, and when the verification serial number is valid, the number of logins of the verification serial number is incremented by 1, and so on.
本实施例中,对客户端的登录验证请求作出限定,只向验证序列号有效的客户端发送图形验证码,有效地保障服务器免于客户端发起的恶意刷机。In this embodiment, the login verification request of the client is limited, and only the graphic verification code is sent to the client whose verification serial number is valid, thereby effectively protecting the server from the malicious flashing initiated by the client.
本实施例提供的防刷登录的方法,是通过判断与客户端的终端ID相对应的验证序列号是否有效来实现的。若数据库中存在验证序列号,且当验证序列号有效时,生成与验证序列号相对应的图形验证码,并将图形验证码发送给与终端ID相对应的客户端。服务器只对验证序列号有效的客户端作出响应,一方面极大降低了通过多次刷机后破解服务器非法侵入的危险性;另一方面,因通过终端ID关联的验证序列号限制访问,不再通过IP限制访问服务器,提升了用户体验。The method for preventing the brush login provided in this embodiment is implemented by determining whether the verification sequence number corresponding to the terminal ID of the client is valid. If the verification serial number exists in the database, and when the verification serial number is valid, a graphic verification code corresponding to the verification serial number is generated, and the graphic verification code is sent to the client corresponding to the terminal ID. The server only responds to the client that validates the serial number. On the one hand, it greatly reduces the risk of hacking the server through multiple flashes. On the other hand, the access is restricted by the authentication serial number associated with the terminal ID. Increased user experience by restricting access to the server through IP.
在一具体实施方式中,如图1所示,在步骤S30之后,即在基于验证序列号中的序列号信息判断验证序列号是否有效的步骤之后,该防刷登录的方法还包括:In a specific embodiment, as shown in FIG. 1, after the step S30, that is, after the step of determining whether the verification serial number is valid based on the serial number information in the verification serial number, the method for preventing the login is further included:
S50.若验证序列号无效,则清除数据库中的验证序列号,在数据库中设置终端ID的登录状态为锁定状态,并向客户端发送登录失败信息。S50. If the verification serial number is invalid, the verification serial number in the database is cleared, the login status of the terminal ID is set to the locked state in the database, and the login failure information is sent to the client.
具体地,若验证序列号无效,即当前验证序列号关联的序列号信息未满足预设要求的情况。可以理解地,在验证序列号的验证时段内验证序列号的登录次数超过有效次数,即可认定该验证序列号无效。Specifically, if the verification sequence number is invalid, that is, the sequence number information associated with the current verification sequence number does not meet the preset requirement. It can be understood that when the number of logins of the verification serial number exceeds the effective number within the verification period of the verification serial number, the verification serial number is invalid.
在验证序列号的验证时段内验证序列号的登录次数超过有效次数,说明客户端在验证时段内多次登录服务器,可能存在客户端不安全的因素。此时,在数据库中设置终端ID的登录状态为锁定状态,可将其锁定状态的锁定期间设置为预设时间,比如2小时或者1天,锁定该客户端,拒绝该客户端发起的登录验证请求。锁定的同时,将该客户端对应的验证序列号也在数据库中删除,减轻数据库的冗余数据,并且利于客户端在解锁后重新登录服务器。本实施例中,通过锁定验证序列号无效的客户端,可以有效地保护服务器,避免恶意刷机。During the verification period of the verification serial number, the number of logins of the verification serial number exceeds the effective number, indicating that the client logs in to the server multiple times during the verification period, and there may be factors that the client is not secure. At this time, set the login status of the terminal ID to the locked state in the database, and set the lock period of the locked state to a preset time, such as 2 hours or 1 day, lock the client, and reject the login verification initiated by the client. request. At the same time of locking, the verification serial number corresponding to the client is also deleted in the database, which alleviates redundant data of the database, and facilitates the client to log in to the server again after unlocking. In this embodiment, by locking the client whose verification serial number is invalid, the server can be effectively protected from malicious brushing.
登录失败信息是服务器向客户端发送的通知信息,用以通知客户端登录失败,并将客户端在锁定期间内锁定的信息。服务器将该登录失败信息发送给客户端,用于提醒客户端在锁定期间之后才可以重新访问服务器。The login failure information is the notification information sent by the server to the client to notify the client of the login failure and to lock the information of the client during the lock period. The server sends the login failure information to the client to remind the client to re-access the server after the lock period.
在一具体实施方式中,如图1所示,在步骤S20之前,也即在判断数据库中是否存在与终端ID相对应的验证序列号的步骤之前,防刷登录的方法还包括:In a specific embodiment, as shown in FIG. 1, before the step S20, that is, before the step of determining whether there is a verification serial number corresponding to the terminal ID in the database, the method for preventing the login further includes:
S60.判断终端ID对应的登录状态是否为锁定状态。S60. Determine whether the login status corresponding to the terminal ID is a locked state.
具体地,登录服务器的客户端存在多种情况:第一次登录、在验证序列号有效时登录、在验证序列号无效时登录、被锁定期间登录、解锁后登录等,这些情况中客户端被锁定期间登录时,其终端ID对应的登录状态为锁定状态。服务器需要在接收到客户端发送的登录验证请求后,迅速区分出该客户端的登录情况,以便作出响应的反馈。Specifically, there are various situations in the client that logs in to the server: the first login, the login when the verification serial number is valid, the login when the verification serial number is invalid, the login during the locked period, the login after unlocking, etc., in which case the client is When logging in during lockout, the login status corresponding to the terminal ID is locked. After receiving the login verification request sent by the client, the server needs to quickly distinguish the login status of the client in order to respond to the response.
本实施例中,通过客户端的终端ID首先判定客户端是否处于锁定状态, 可以快速地对客户端发送的登录验证请求作出回应。In this embodiment, the terminal ID of the client first determines whether the client is in the locked state, and can quickly respond to the login verification request sent by the client.
S70.若登录状态为锁定状态,则向客户端发送登录失败信息。S70. If the login status is locked, the login failure information is sent to the client.
具体地,登录失败信息是服务器向客户端发送的通知信息,用以通知客户端登录失败,并将客户端在锁定期间内锁定的信息。服务器将该登录失败信息发送给客户端,用于提醒客户端在锁定期间后才可以重新登录服务器。Specifically, the login failure information is notification information sent by the server to the client, to notify the client that the login fails, and the information that the client locks during the locking period. The server sends the login failure information to the client, which is used to remind the client to log in to the server again after the lock period.
本实施例中,通过向客户端发送登录失败信息,给客户端相应的提醒,提升了用户体验。In this embodiment, the user experience is improved by sending a login failure message to the client and giving the client a corresponding reminder.
S80.若登录状态不为锁定状态,则执行判断数据库中是否存在与终端ID相对应的验证序列号的步骤。S80. If the login status is not the locked state, the step of determining whether there is a verification sequence number corresponding to the terminal ID in the database is performed.
具体地,若登录状态不为锁定状态,可以初步判定该客户端暂时为安全客户端,可以进行后续对于该客户端的验证序列号的判定。这里的不为锁定状态包括但不限于第一次登录、在验证序列号有效时登录、在验证序列号无效时登录和解锁后登录等情形。Specifically, if the login status is not the locked state, the client may be initially determined to be a secure client, and the subsequent verification of the verification serial number of the client may be performed. The non-locked state here includes, but is not limited to, the first login, the login when the verification serial number is valid, the login after the verification serial number is invalid, and the login after the unlock.
本实施例中,首先判定客户端未被锁定,即不为锁定状态,可确认客户端暂时为安全客户端,可迅速执行后续的验证步骤(即步骤S20之后的步骤),提高了验证效率。In this embodiment, it is first determined that the client is not locked, that is, not locked, and it can be confirmed that the client is temporarily a secure client, and the subsequent verification step (ie, the step after step S20) can be quickly performed, thereby improving the verification efficiency.
在一具体实施方式中,如图1所示,在步骤S20之后,也即在判断数据库中是否存在与终端ID相对应的验证序列号的步骤之后,该防刷登录的方法还包括:In a specific embodiment, as shown in FIG. 1, after the step S20, that is, after determining whether there is a verification sequence number corresponding to the terminal ID in the database, the method for preventing the login further includes:
S90.若不存在验证序列号,则给终端ID分配对应的验证序列号,初始化验证序列号的序列号信息,生成与验证序列号相关联的图形验证码,将图形验证码发送给与终端ID相对应的客户端。S90. If the verification sequence number does not exist, assign a corresponding verification sequence number to the terminal ID, initialize the serial number information of the verification serial number, generate a graphic verification code associated with the verification serial number, and send the graphic verification code to the terminal ID. Corresponding client.
具体地,客户端的终端ID不存在对应的验证序列号,说明数据库中不存在该终端ID的序列号信息,服务器需要给该终端ID建立新的记录,用以后续识别该客户端。进一步地,基于该终端ID建立与其对应的验证序列号,基于该验证序列号,建立相应的序列号信息,用以对该客户端在服务器中建立 完整的记录信息。本实施例中,初始化验证序列号的序列号信息是指将其序列号信息中的登录次数设置为1,以便在后续每接收到同一客户端发送的登录验证请求时,可在上次记录的登录次数的基础上加1,以便于基于其登录次数验证验证序列号是否有效。Specifically, the terminal ID of the client does not have a corresponding verification sequence number, indicating that the serial number information of the terminal ID does not exist in the database, and the server needs to establish a new record for the terminal ID for subsequent identification of the client. Further, a verification sequence number corresponding thereto is established based on the terminal ID, and corresponding sequence number information is established based on the verification sequence number, so as to establish complete record information in the server for the client. In this embodiment, the serial number information of the initialization verification sequence number refers to setting the number of logins in the serial number information to 1, so that the last time the login verification request sent by the same client is received, the last record can be recorded. The number of logins is incremented by one to verify that the verification serial number is valid based on its number of logins.
可以理解地,当给不存在验证序列号的客户端分配验证序列号时,说明该客户端是初次登录服务器,可以暂时认定为安全的客户端发送图形验证码。It can be understood that when the verification serial number is assigned to the client that does not have the verification serial number, it indicates that the client is the first login server, and the client can be temporarily determined to be a secure verification code.
本实施例中,通过给初次登录服务器的客户端分配验证序列号,并建立相关的序列号信息,利于后续该客户端申请登录服务器时,服务器根据该客户端的序列号信息作出响应。In this embodiment, by assigning a verification serial number to the client that logs in to the server for the first time, and establishing related serial number information, the server can respond according to the serial number information of the client when the client applies for logging in to the server.
在一具体实施方式中,如图2所示,本实施例提出的防刷登录的方法还包括:序列号信息包括验证时段和有效次数。In a specific embodiment, as shown in FIG. 2, the method for preventing anti-brushing according to the embodiment further includes: the serial number information includes a verification period and an effective number of times.
S110.获取定时更新指令,定时更新指令包括程序ID。S110. Acquire a timing update instruction, where the timing update instruction includes a program ID.
具体地,定时更新指令是用于发起更新序列号信息中有效次数的指令。程序ID是用于标识每个指令的唯一的号码,服务器可通过程序ID调用不同的程序指令。Specifically, the timing update instruction is an instruction for initiating an effective number of times in updating the sequence number information. The program ID is a unique number used to identify each instruction, and the server can call different program instructions by the program ID.
S120.在系统当前时间为每个验证时段结束时,触发与程序ID相对应的更新程序,更新序列号信息的有效次数为零。S120. When the current time of the system ends for each verification period, an update program corresponding to the program ID is triggered, and the effective number of times of updating the serial number information is zero.
进一步地,在每个验证时段结束时,该验证时段对应的验证序列号还存在,证明该验证序列号还有效,也即客户端的登录次数在有效次数内。因本验证时段该客户端对应的序列号有效,可初步确认客户端为安全客户端,可给客户端分配下一个验证时段。可以理解地,此时将该验证序列号对应的有效次数置零,就是给该验证序列号继续延续一个验证时段。Further, at the end of each verification period, the verification sequence number corresponding to the verification period still exists, and it is proved that the verification sequence number is still valid, that is, the number of logins of the client is within the effective number of times. Because the serial number corresponding to the client is valid during the verification period, the client can be initially confirmed as a secure client, and the client can be assigned the next verification period. It can be understood that, at this time, the effective number of times corresponding to the verification sequence number is zero, that is, the verification sequence number is continued for one verification period.
例如,可将验证时段设定为2分钟,将有效次数设定为20次。也即,若客户端在2分钟内的登录次数未超过20次,则该客户端可初步判定为安全的客户端,该验证序列号可保留并对应开启下一个验证时段。可以理解地,该客户端对应的验证序列号在第一个2分钟内登录次数在有效次数内,则在第 二个2分钟内,该验证序列号的最大登录次数还可以为19次。此时,就需要在第一个2分钟的验证时段结束时,将该验证序列号对应的有效次数清零,以便重新进行计数。For example, the verification period can be set to 2 minutes and the effective number can be set to 20 times. That is, if the number of logins by the client within 2 minutes does not exceed 20 times, the client may initially determine that the client is a secure client, and the verification serial number may be reserved and corresponding to the next verification period. It can be understood that if the verification serial number corresponding to the client is within the effective number of times in the first 2 minutes, the maximum number of logins of the verification serial number may be 19 times in the second 2 minutes. At this time, it is necessary to clear the valid number of times corresponding to the verification serial number at the end of the first 2-minute verification period to re-count.
本实施例中,服务器给验证序列号有效的客户端自动继续延续下一个验证时段,保证服务器安全性的同时,也利于提升客户体验。In this embodiment, the server automatically continues the next verification period for the client whose verification serial number is valid, and ensures the security of the server, and is also beneficial to improving the customer experience.
在一具体实施方式中,如图3所示,在将图形验证码发送给与终端ID相对应的客户端的步骤之后,该防刷登录的方法还包括:In a specific implementation, as shown in FIG. 3, after the step of sending the graphic verification code to the client corresponding to the terminal ID, the method for preventing the login is further included:
S130.获取客户端发送的访问验证请求,访问验证请求包括终端ID和当前验证码。S130. Obtain an access verification request sent by the client, where the access verification request includes a terminal ID and a current verification code.
具体地,访问验证请求是客户端基于服务器发送的图形验证码,向服务器发送当前验证码,用以服务器对当前验证码进行验证的请求。Specifically, the access verification request is a request for the server to verify the current verification code by sending a current verification code to the server based on the graphic verification code sent by the server.
本实施例中,服务器通过对客户端发送的当前验证码进行验证,用于进一步判定客户端的安全性,可避免服务器受到客户端发起的恶意刷机。In this embodiment, the server verifies the current verification code sent by the client, and is used to further determine the security of the client, so as to prevent the server from being maliciously initiated by the client.
S140.基于终端ID获取对应的图形验证码。S140. Acquire a corresponding graphic verification code based on the terminal ID.
具体地,每次终端ID对应的客户端给服务器发送访问验证请求时,服务器会基于终端ID查询获取存储在数据库中图形验证码,以便基于该图形验证码与客户端输入的当前验证码进行匹配验证。可以理解地,服务器在将图形验证码发送给终端ID相对应的客户端之后,需将该图形验证码存储在数据库中,以便于后续基于该图形验证码进行安全验证。Specifically, each time the client corresponding to the terminal ID sends an access verification request to the server, the server obtains a graphic verification code stored in the database based on the terminal ID query, so as to match the current verification code input by the client based on the graphic verification code. verification. It can be understood that after the server sends the graphic verification code to the client corresponding to the terminal ID, the graphic verification code needs to be stored in the database, so as to perform security verification based on the graphic verification code.
本实施例中,通过获取服务器存储的终端ID对应的图形验证码,可以对客户端的安全状态作出判定,简单有效。In this embodiment, by obtaining the graphic verification code corresponding to the terminal ID stored by the server, the security state of the client can be determined, which is simple and effective.
S150.若当前验证码与图形验证码相匹配,则通过访问验证请求。S150. If the current verification code matches the graphic verification code, the verification request is accessed.
本实施例中,将发送的当前验证码与服务器中的图形验证码匹配的客户端可以快速通过访问验证请求,简化了验证程序的同时,也可以保证服务器的安全性。In this embodiment, the client that matches the current verification code sent with the graphic verification code in the server can quickly access the verification request, which simplifies the verification process and ensures the security of the server.
S160.若当前验证码与图形验证码不匹配,则执行基于验证序列号中的序 列号信息判断验证序列号是否有效的步骤。S160. If the current verification code does not match the graphic verification code, perform a step of determining whether the verification serial number is valid based on the serial number information in the verification serial number.
具体地,若当前验证码与图形验证码不匹配,需要服务器确认是否再次发送图形验证码给客户端进行验证,即需要基于访问验证请求中的终端ID查询数据库,获取与终端ID相对应的验证序列号,再执行基于验证序列号中的序列号信息判断验证序列号是否有效的步骤(即步骤S30)。Specifically, if the current verification code does not match the graphic verification code, the server needs to confirm whether to send the graphic verification code to the client for verification, that is, the database needs to be queried based on the terminal ID in the access verification request, and the verification corresponding to the terminal ID is obtained. The serial number, and then performing the step of judging whether the verification serial number is valid based on the serial number information in the verification serial number (ie, step S30).
进一步地,通过终端ID对应的验证序列号,基于该验证序列号记录的序列号信息(比如验证序列号的登录次数、验证时段和有效次数等),判定验证序列号是否有效,若有效,则需更新与终端ID相对应的序列号信息,并向客户端发送图形验证码,以提醒客户端重新输入访问验证请求。Further, determining, by the verification sequence number corresponding to the terminal ID, based on the serial number information recorded by the verification serial number (such as the number of logins of the verification serial number, the verification period, the effective number of times, etc.), whether the verification serial number is valid, and if valid, The serial number information corresponding to the terminal ID needs to be updated, and a graphic verification code is sent to the client to remind the client to re-enter the access verification request.
通过序列号信息可以迅速获知客户端的序列号信息,判断出验证序列号的有效性,给出相应的反馈动作。The serial number information can be used to quickly know the serial number information of the client, determine the validity of the verification serial number, and give corresponding feedback actions.
本实施例中,通过获取客户端发送的带有当前验证码的访问验证请求,可以首先通过图形验证码和当前验证定匹配客户端的安全性,简单有效;当图形验证码未通过验证时,再对该终端ID对应的序列号信息进行判定,以便作出反馈动作。In this embodiment, by obtaining the access verification request with the current verification code sent by the client, the security of the matching client may be firstly determined through the graphic verification code and the current verification, which is simple and effective; when the graphic verification code fails to pass the verification, The serial number information corresponding to the terminal ID is determined to perform a feedback action.
应理解,上述实施例中各步骤的序号的大小并不意味着执行顺序的先后,各过程的执行顺序应以其功能和内在逻辑确定,而不应对本申请实施例的实施过程构成任何限定。It should be understood that the size of the sequence of the steps in the above embodiments does not mean that the order of execution is performed. The order of execution of each process should be determined by its function and internal logic, and should not be construed as limiting the implementation process of the embodiments of the present application.
实施例2Example 2
图5示出与实施例1中防刷登录的方法一一对应的防刷登录的装置的原理框图。如图5所示,该防刷登录的装置包括获取登录验证请求模块10、判断验证序列号模块20、判断序列号有效模块30和发送图形验证码模块40。其中,获取登录验证请求模块10、判断验证序列号模块20、判断序列号有效模块30和发送图形验证码模块40的实现功能与实施例中防刷登录的方法对应的步骤一一对应,为避免赘述,本实施例不一一详述。Fig. 5 is a block diagram showing the operation of the apparatus for preventing the brush registration in one-to-one correspondence with the method of the anti-friction registration in the first embodiment. As shown in FIG. 5, the device for preventing the brush registration includes a login verification request module 10, a determination verification serial number module 20, a determination serial number effective module 30, and a transmission graphic verification code module 40. The steps of obtaining the login verification request module 10, determining the verification serial number module 20, determining the serial number validating module 30, and transmitting the graphic verification code module 40 correspond to the steps corresponding to the method for preventing the login in the embodiment, in order to avoid As described above, this embodiment will not be described in detail.
获取登录验证请求模块10,用于获取客户端发送的登录验证请求,登录 验证请求包括终端ID。The login verification request module 10 is configured to obtain a login verification request sent by the client, where the login verification request includes a terminal ID.
判断验证序列号模块20,用于基于终端ID查询数据库,判断数据库中是否存在与终端ID相对应的验证序列号。The verification verification serial number module 20 is configured to query the database based on the terminal ID to determine whether there is a verification serial number corresponding to the terminal ID in the database.
判断序列号有效模块30,用于若存在验证序列号,则基于验证序列号中的序列号信息判断验证序列号是否有效。The determining serial number validating module 30 is configured to determine, according to the serial number information in the verification serial number, whether the verification serial number is valid if the verification serial number exists.
发送图形验证码模块40,用于若验证序列号有效,则更新验证序列号的序列号信息,生成与验证序列号相对应的图形验证码,并将图形验证码发送给与终端ID相对应的客户端。Sending a graphic verification code module 40, if the verification serial number is valid, updating the serial number information of the verification serial number, generating a graphic verification code corresponding to the verification serial number, and transmitting the graphic verification code to the terminal ID corresponding to the terminal Client.
优选地,如图5所示,该防刷登录的装置还包括清除验证序列号模块50。其中,清除验证序列号模块50的实现功能与实施例中防刷登录的方法对应的步骤一一对应,为避免赘述,本实施例不一一详述。清除验证序列号模块50,用于若验证序列号无效,则清除数据库中的验证序列号,在数据库中设置终端ID的登录状态为锁定状态,并向客户端发送登录失败信息。Preferably, as shown in FIG. 5, the device for preventing the brush registration further includes a clear verification serial number module 50. The implementation function of the clearing verification serial number module 50 corresponds to the steps corresponding to the method for preventing the anti-sparking in the embodiment. To avoid redundancy, the present embodiment will not be described in detail. The verification verification serial number module 50 is configured to clear the verification serial number in the database if the verification serial number is invalid, set the login status of the terminal ID to the locked state in the database, and send the login failure information to the client.
优选地,如图5所示,该防刷登录的装置还包括判断锁定状态模块60、发送登录失败信息模块70和执行验证序列号模块80。其中,判断锁定状态模块60、发送登录失败信息模块70和执行验证序列号模块80的实现功能与实施例中防刷登录的方法对应的步骤一一对应,为避免赘述,本实施例不一一详述。Preferably, as shown in FIG. 5, the device for preventing the login of the brush further includes a determination lock status module 60, a send login failure information module 70, and an execution verification serial number module 80. The steps of determining the lock status module 60, the sending login failure information module 70, and the execution verification serial number module 80 are in one-to-one correspondence with the steps corresponding to the method for preventing the login in the embodiment. To avoid redundancy, the present embodiment does not. Detailed.
判断锁定状态模块60,用于判断终端ID对应的登录状态是否为锁定状态。The lock status module 60 is configured to determine whether the login status corresponding to the terminal ID is a lock status.
发送登录失败信息模块70,用于若登录状态为锁定状态,则向客户端发送登录失败信息。The sending login failure information module 70 is configured to send the login failure information to the client if the login status is the locked state.
执行验证序列号模块80,用于若登录状态不为锁定状态,则执行判断数据库中是否存在与终端ID相对应的验证序列号的步骤。The verification verification serial number module 80 is configured to perform a step of determining whether there is a verification serial number corresponding to the terminal ID in the database if the login state is not the locked state.
优选地,如图5所示,该防刷登录的装置还包括分配验证序列号模块90。其中,分配验证序列号模块90的实现功能与实施例中防刷登录的方法对应的步骤一一对应,为避免赘述,本实施例不一一详述。Preferably, as shown in FIG. 5, the device for preventing the login of the brush further includes a distribution verification serial number module 90. The implementation function of the distribution verification serial number module 90 corresponds to the steps corresponding to the method for preventing the login in the embodiment. To avoid redundancy, the present embodiment will not be described in detail.
分配验证序列号模块90,用于若不存在验证序列号,则给终端ID分配对应的验证序列号,初始化验证序列号的序列号信息,生成与验证序列号相关联的图形验证码,将图形验证码发送给与终端ID相对应的客户端。The distribution verification serial number module 90 is configured to assign a corresponding verification serial number to the terminal ID if the verification serial number does not exist, initialize the serial number information of the verification serial number, generate a graphic verification code associated with the verification serial number, and display the graphic The verification code is sent to the client corresponding to the terminal ID.
优选地,判断序列号有效模块30,用于若系统当前时间在验证时段内,且获取终端ID对应的登录验证请求的次数在有效次数内,则验证序列号有效,反之则无效。Preferably, the determining serial number validating module 30 is configured to verify that the serial number is valid if the current time of the system is within the verification period and the number of times the login verification request corresponding to the terminal ID is within the effective number, and vice versa.
优选地,如图5所示,该防刷登录的装置还包括获取更新指令模块110和出发更新程序模块120。其中,获取更新指令模块110和出发更新程序模块120的实现功能与实施例1中防刷登录的方法对应的步骤S110和S120一一对应,为避免赘述,本实施例不一一详述。Preferably, as shown in FIG. 5, the device for preventing the login of the brush further includes an acquisition update instruction module 110 and a departure update program module 120. The implementation functions of the acquisition update command module 110 and the departure update program module 120 are in one-to-one correspondence with the steps S110 and S120 corresponding to the method for the anti-scratch registration in the first embodiment. To avoid redundancy, the present embodiment will not be described in detail.
获取更新指令模块110,用于获取定时更新指令,定时更新指令包括程序ID和触发时间。The update instruction module 110 is configured to acquire a timing update instruction, where the timing update instruction includes a program ID and a trigger time.
出发更新程序模块120,用于在系统当前时间为触发时间时,触发与程序ID相对应的更新程序,清除系统当前时间不在验证时段的验证序列号。The departure update program module 120 is configured to trigger an update program corresponding to the program ID when the current time of the system is the trigger time, and clear the verification sequence number that the current time of the system is not in the verification period.
优选地,如图5所示,该防刷登录的装置还包括获取访问请求模块130、获取图形验证码模块140、通过访问验证请求模块150、拒绝访问验证请求模块160。其中,获取访问请求模块130、获取图形验证码模块140、通过访问验证请求模块150、拒绝访问验证请求模块160的实现功能与实施例中防刷登录的方法对应的步骤一一对应,为避免赘述,本实施例不一一详述。Preferably, as shown in FIG. 5, the anti-scratch login device further includes an acquisition access request module 130, an acquisition graphic verification code module 140, an access verification request module 150, and an access verification verification request module 160. The steps of the access access requesting module 130, the obtaining the graphic verification code module 140, the access verification requesting module 150, and the access denied verification requesting module 160 are corresponding to the steps corresponding to the method of the anti-sparking login in the embodiment, in order to avoid redundancy. This embodiment is not described in detail.
获取访问请求模块130,用于获取客户端发送的访问验证请求,访问验证请求包括终端ID和当前验证码。The access requesting module 130 is configured to obtain an access verification request sent by the client, where the access verification request includes a terminal ID and a current verification code.
获取图形验证码模块140,用于基于终端ID获取对应的图形验证码。The graphic verification code module 140 is configured to acquire a corresponding graphic verification code based on the terminal ID.
通过访问验证请求模块150,用于若当前验证码与图形验证码相匹配,则通过访问验证请求。The access verification request module 150 is configured to access the verification request by accessing the verification code if the current verification code matches the graphic verification code.
拒绝访问验证请求模块160,用于若当前验证码与图形验证码不匹配,则执行基于验证序列号中的序列号信息判断验证序列号是否有效的步骤。The access verification request module 160 is configured to perform a step of determining whether the verification serial number is valid based on the serial number information in the verification serial number if the current verification code does not match the graphic verification code.
实施例3Example 3
本实施例提供一计算机可读存储介质,该计算机可读存储介质上存储有计算机可读指令,该计算机可读指令被处理器执行时实现实施例1中防刷登录的方法,为避免重复,这里不再赘述。或者,该计算机可读指令被处理器执行时实现实施例2中防刷登录的装置中各模块/单元的功能,为避免重复,这里不再赘述。The embodiment provides a computer readable storage medium on which computer readable instructions are stored, and when the computer readable instructions are executed by the processor, the method for preventing the login in the embodiment 1 is implemented. I won't go into details here. Alternatively, when the computer readable instructions are executed by the processor, the functions of the modules/units in the apparatus for preventing the login in the second embodiment are implemented. To avoid repetition, details are not described herein again.
所述计算机可读存储介质可以包括:能够携带所述计算机可读指令代码的任何实体或装置、记录介质、U盘、移动硬盘、磁碟、光盘、计算机存储器、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、电载波信号、电信信号以及软件分发介质等。The computer readable storage medium may include any entity or device capable of carrying the computer readable instruction code, a recording medium, a USB flash drive, a removable hard disk, a magnetic disk, an optical disk, a computer memory, a read only memory (ROM, Read- Only Memory), Random Access Memory (RAM), electrical carrier signals, telecommunications signals, and software distribution media.
实施例4Example 4
图5是本申请一实施例提供的防刷登录的装置/终端设备的示意图。如图5所示,该实施例的防刷登录的装置/终端设备500包括:处理器510、存储器520以及存储在存储器520中并可在处理器510上运行的计算机可读指令530,例如防刷登录的程序。处理器510执行计算机可读指令530时实现上述各个防刷登录的方法实施例中的步骤,例如图1所示的步骤S10至S40。或者,处理器510执行计算机可读指令530时实现上述各装置实施例中各模块/单元的功能,例如图5所示模块10至40的功能。FIG. 5 is a schematic diagram of a device/terminal device for anti-brushing login according to an embodiment of the present application. As shown in FIG. 5, the device/terminal device 500 of the anti-spy login of this embodiment includes a processor 510, a memory 520, and computer readable instructions 530 stored in the memory 520 and operable on the processor 510, such as Brush the login program. The processor 510, when executing the computer readable instructions 530, implements the steps in the method embodiments of the various anti-swipe logins described above, such as steps S10 through S40 shown in FIG. Alternatively, processor 510, when executing computer readable instructions 530, implements the functions of the various modules/units of the various apparatus embodiments described above, such as the functions of modules 10-40 shown in FIG.
所属领域的技术人员可以清楚地了解到,为了描述的方便和简洁,仅以上述各功能单元、模块的划分进行举例说明,实际应用中,可以根据需要而将上述功能分配由不同的功能单元、模块完成,即将所述装置的内部结构划分成不同的功能单元或模块,以完成以上描述的全部或者部分功能。It will be apparent to those skilled in the art that, for convenience and brevity of description, only the division of each functional unit and module described above is exemplified. In practical applications, the above functions may be assigned to different functional units as needed. The module is completed by dividing the internal structure of the device into different functional units or modules to perform all or part of the functions described above.
以上所述实施例仅用以说明本申请的技术方案,而非对其限制;尽管参照前述实施例对本申请进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱 离本申请各实施例技术方案的精神和范围,均应包含在本申请的保护范围之内。The above-mentioned embodiments are only used to explain the technical solutions of the present application, and are not limited thereto; although the present application has been described in detail with reference to the foregoing embodiments, those skilled in the art should understand that they can still implement the foregoing embodiments. The technical solutions described in the examples are modified or equivalently replaced with some of the technical features; and the modifications or substitutions do not deviate from the spirit and scope of the technical solutions of the embodiments of the present application, and should be included in Within the scope of protection of this application.

Claims (20)

  1. 一种防刷登录的方法,其特征在于,包括:A method for preventing a brush login, which is characterized by comprising:
    获取客户端发送的登录验证请求,所述登录验证请求包括终端ID;Obtaining a login verification request sent by the client, where the login verification request includes a terminal ID;
    基于所述终端ID查询数据库,判断所述数据库中是否存在与所述终端ID相对应的验证序列号;Determining, according to the terminal ID, a database, whether a verification sequence number corresponding to the terminal ID exists in the database;
    若存在所述验证序列号,则基于所述验证序列号中的序列号信息判断所述验证序列号是否有效;If the verification serial number exists, determining whether the verification serial number is valid based on the serial number information in the verification serial number;
    若所述验证序列号有效,则更新所述验证序列号的序列号信息,生成与验证序列号相对应的图形验证码,并将所述图形验证码发送给与所述终端ID相对应的客户端。If the verification serial number is valid, updating the serial number information of the verification serial number, generating a graphic verification code corresponding to the verification serial number, and transmitting the graphic verification code to the client corresponding to the terminal ID end.
  2. 如权利要求1所述的防刷登录的方法,其特征在于,所述防刷登录的方法还包括:The method of the anti-scratch login method of claim 1, wherein the method of anti-brushing login further comprises:
    若所述验证序列号无效,则清除所述数据库中的所述验证序列号,在所述数据库中设置所述终端ID的登录状态为锁定状态,并向所述客户端发送登录失败信息。And if the verification serial number is invalid, clearing the verification serial number in the database, setting a login status of the terminal ID to a locked state in the database, and sending login failure information to the client.
  3. 如权利要求1所述的防刷登录的方法,其特征在于,在所述判断所述数据库中是否存在与所述终端ID相对应的验证序列号的步骤之前,所述防刷登录的方法还包括:The method of anti-scratch registration according to claim 1, wherein the method of preventing the login is further performed before the step of determining whether there is a verification serial number corresponding to the terminal ID in the database include:
    判断所述终端ID对应的登录状态是否为锁定状态;Determining whether the login status corresponding to the terminal ID is a locked state;
    若所述登录状态为锁定状态,则向所述客户端发送登录失败信息;Sending login failure information to the client if the login status is a locked state;
    若所述登录状态不为锁定状态,则执行判断所述数据库中是否存在与所述终端ID相对应的验证序列号的步骤。If the login status is not the locked status, performing a step of determining whether the verification sequence number corresponding to the terminal ID exists in the database.
  4. 如权利要求1所述的防刷登录的方法,其特征在于,所述防刷登录的方法还包括:The method of the anti-scratch login method of claim 1, wherein the method of anti-brushing login further comprises:
    若不存在所述验证序列号,则给所述终端ID分配对应的验证序列号,初 始化所述验证序列号的序列号信息,生成与所述验证序列号相关联的图形验证码,将所述图形验证码发送给与所述终端ID相对应的客户端。If the verification sequence number does not exist, assign a corresponding verification sequence number to the terminal ID, initialize sequence number information of the verification sequence number, and generate a graphic verification code associated with the verification sequence number, The graphic verification code is sent to the client corresponding to the terminal ID.
  5. 如权利要求1所述的防刷登录的方法,其特征在于,所述序列号信息包括验证时段、登录次数和有效次数;The method of claim 1 according to claim 1, wherein the serial number information comprises a verification period, a login number, and an effective number of times;
    所述基于所述验证序列号中的序列号信息判断所述验证序列号是否有效,包括:Determining whether the verification serial number is valid based on the serial number information in the verification serial number, including:
    若系统当前时间在所述验证时段内,且获取所述终端ID对应的登录次数在所述有效次数内,则所述验证序列号有效,反之则无效。If the current time of the system is within the verification period, and the number of logins corresponding to the terminal ID is within the valid number of times, the verification sequence number is valid, and vice versa.
  6. 如权利要求1所述的防刷登录的方法,其特征在于,所述序列号信息包括验证时段和有效次数;The method of claim 1 for claim 1, wherein the serial number information comprises a verification period and an effective number of times;
    所述防刷登录的方法还包括:The method for preventing the brush login further includes:
    获取定时更新指令,所述定时更新指令包括程序ID;Obtaining a timing update instruction, the timing update instruction including a program ID;
    在系统当前时间为每个所述验证时段结束时,触发与所述程序ID相对应的更新程序,更新所述序列号信息的有效次数为零。At the end of each of the verification periods at the current time of the system, an update procedure corresponding to the program ID is triggered, and the effective number of times of updating the serial number information is zero.
  7. 如权利要求1或4所述的防刷登录的方法,其特征在于,在所述将所述图形验证码发送给与所述终端ID相对应的客户端的步骤之后,所述方法还包括:The method of claim 1 or 4, wherein after the step of transmitting the graphic verification code to a client corresponding to the terminal ID, the method further comprises:
    获取客户端发送的访问验证请求,所述访问验证请求包括终端ID和当前验证码;Obtaining an access verification request sent by the client, where the access verification request includes a terminal ID and a current verification code;
    基于所述终端ID获取对应的图形验证码;Obtaining a corresponding graphic verification code based on the terminal ID;
    若所述当前验证码与所述图形验证码相匹配,则通过所述访问验证请求;And if the current verification code matches the graphic verification code, verifying the request by using the access;
    若所述当前验证码与所述图形验证码不匹配,则执行基于验证序列号中的序列号信息判断验证序列号是否有效的步骤。If the current verification code does not match the graphic verification code, performing a step of determining whether the verification serial number is valid based on the serial number information in the verification serial number.
  8. 一种防刷登录的装置,其特征在于,包括:An anti-brushing device, characterized in that it comprises:
    获取登录验证请求模块,用于获取客户端发送的登录验证请求,所述登录验证请求包括终端ID;Obtaining a login verification request module, configured to obtain a login verification request sent by the client, where the login verification request includes a terminal ID;
    判断验证序列号模块,用于基于所述终端ID查询数据库,判断所述数据库中是否存在与所述终端ID相对应的验证序列号;Determining a verification serial number module, configured to query a database based on the terminal ID, and determine whether a verification serial number corresponding to the terminal ID exists in the database;
    判断序列号有效模块,用于若存在所述验证序列号,则基于所述验证序列号中的序列号信息判断所述验证序列号是否有效;Determining a serial number effective module, if the verification serial number is present, determining whether the verification serial number is valid based on the serial number information in the verification serial number;
    发送图形验证码模块,用于若所述验证序列号有效,则更新所述验证序列号的序列号信息,生成与验证序列号相对应的图形验证码,并将所述图形验证码发送给与所述终端ID相对应的客户端。Sending a graphic verification code module, if the verification serial number is valid, updating the serial number information of the verification serial number, generating a graphic verification code corresponding to the verification serial number, and transmitting the graphic verification code to The client corresponding to the terminal ID.
  9. 一种终端设备,包括存储器、处理器以及存储在所述存储器中并可在所述处理器上运行的计算机可读指令,其特征在于,所述处理器执行所述计算机可读指令时实现如下步骤:A terminal device comprising a memory, a processor, and computer readable instructions stored in the memory and operable on the processor, wherein the processor executes the computer readable instructions as follows step:
    获取客户端发送的登录验证请求,所述登录验证请求包括终端ID;Obtaining a login verification request sent by the client, where the login verification request includes a terminal ID;
    基于所述终端ID查询数据库,判断所述数据库中是否存在与所述终端ID相对应的验证序列号;Determining, according to the terminal ID, a database, whether a verification sequence number corresponding to the terminal ID exists in the database;
    若存在所述验证序列号,则基于所述验证序列号中的序列号信息判断所述验证序列号是否有效;If the verification serial number exists, determining whether the verification serial number is valid based on the serial number information in the verification serial number;
    若所述验证序列号有效,则更新所述验证序列号的序列号信息,生成与验证序列号相对应的图形验证码,并将所述图形验证码发送给与所述终端ID相对应的客户端。If the verification serial number is valid, updating the serial number information of the verification serial number, generating a graphic verification code corresponding to the verification serial number, and transmitting the graphic verification code to the client corresponding to the terminal ID end.
  10. 如权利要求9所述的终端设备,其特征在于,所述处理器执行所述计算机可读指令时还实现如下步骤:The terminal device according to claim 9, wherein said processor further implements the following steps when said computer readable instructions are executed:
    若所述验证序列号无效,则清除所述数据库中的所述验证序列号,在所述数据库中设置所述终端ID的登录状态为锁定状态,并向所述客户端发送登录失败信息。And if the verification serial number is invalid, clearing the verification serial number in the database, setting a login status of the terminal ID to a locked state in the database, and sending login failure information to the client.
  11. 如权利要求9所述的终端设备,其特征在于,在所述判断所述数据库中是否存在与所述终端ID相对应的验证序列号的步骤之前,所述处理器执行所述计算机可读指令时还实现如下步骤:The terminal device according to claim 9, wherein said processor executes said computer readable instruction before said step of determining whether said verification sequence number corresponding to said terminal ID exists in said database The following steps are also implemented:
    判断所述终端ID对应的登录状态是否为锁定状态;Determining whether the login status corresponding to the terminal ID is a locked state;
    若所述登录状态为锁定状态,则向所述客户端发送登录失败信息;Sending login failure information to the client if the login status is a locked state;
    若所述登录状态不为锁定状态,则执行判断所述数据库中是否存在与所述终端ID相对应的验证序列号的步骤。If the login status is not the locked status, performing a step of determining whether the verification sequence number corresponding to the terminal ID exists in the database.
  12. 如权利要求9所述的终端设备,其特征在于,所述处理器执行所述计算机可读指令时还实现如下步骤:The terminal device according to claim 9, wherein said processor further implements the following steps when said computer readable instructions are executed:
    若不存在所述验证序列号,则给所述终端ID分配对应的验证序列号,初始化所述验证序列号的序列号信息,生成与所述验证序列号相关联的图形验证码,将所述图形验证码发送给与所述终端ID相对应的客户端。If the verification sequence number does not exist, assign a corresponding verification sequence number to the terminal ID, initialize sequence number information of the verification sequence number, and generate a graphic verification code associated with the verification sequence number, The graphic verification code is sent to the client corresponding to the terminal ID.
  13. 如权利要求9所述的终端设备,其特征在于,所述序列号信息包括验证时段、登录次数和有效次数;The terminal device according to claim 9, wherein the serial number information comprises a verification period, a login number, and an effective number of times;
    所述基于所述验证序列号中的序列号信息判断所述验证序列号是否有效,包括:Determining whether the verification serial number is valid based on the serial number information in the verification serial number, including:
    若系统当前时间在所述验证时段内,且获取所述终端ID对应的登录次数在所述有效次数内,则所述验证序列号有效,反之则无效。If the current time of the system is within the verification period, and the number of logins corresponding to the terminal ID is within the valid number of times, the verification sequence number is valid, and vice versa.
  14. 如权利要求9所述的终端设备,其特征在于,所述序列号信息包括验证时段和有效次数;The terminal device according to claim 9, wherein the serial number information includes a verification period and an effective number of times;
    所述处理器执行所述计算机可读指令时还实现如下步骤:The processor further implements the following steps when executing the computer readable instructions:
    获取定时更新指令,所述定时更新指令包括程序ID;Obtaining a timing update instruction, the timing update instruction including a program ID;
    在系统当前时间为每个所述验证时段结束时,触发与所述程序ID相对应的更新程序,更新所述序列号信息的有效次数为零。At the end of each of the verification periods at the current time of the system, an update procedure corresponding to the program ID is triggered, and the effective number of times of updating the serial number information is zero.
  15. 一种计算机可读存储介质,所述计算机可读存储介质存储有计算机可读指令,其特征在于,所述计算机可读指令被处理器执行时实现下步骤:A computer readable storage medium storing computer readable instructions, wherein the computer readable instructions are executed by a processor to implement the following steps:
    获取客户端发送的登录验证请求,所述登录验证请求包括终端ID;Obtaining a login verification request sent by the client, where the login verification request includes a terminal ID;
    基于所述终端ID查询数据库,判断所述数据库中是否存在与所述终端ID相对应的验证序列号;Determining, according to the terminal ID, a database, whether a verification sequence number corresponding to the terminal ID exists in the database;
    若存在所述验证序列号,则基于所述验证序列号中的序列号信息判断所述验证序列号是否有效;If the verification serial number exists, determining whether the verification serial number is valid based on the serial number information in the verification serial number;
    若所述验证序列号有效,则更新所述验证序列号的序列号信息,生成与验证序列号相对应的图形验证码,并将所述图形验证码发送给与所述终端ID相对应的客户端。If the verification serial number is valid, updating the serial number information of the verification serial number, generating a graphic verification code corresponding to the verification serial number, and transmitting the graphic verification code to the client corresponding to the terminal ID end.
  16. 如权利要求15所述的计算机可读存储介质,其特征在于,所述计算机可读指令被处理器执行时实现下步骤:The computer readable storage medium of claim 15 wherein said computer readable instructions are executed by a processor to implement the following steps:
    若所述验证序列号无效,则清除所述数据库中的所述验证序列号,在所述数据库中设置所述终端ID的登录状态为锁定状态,并向所述客户端发送登录失败信息。And if the verification serial number is invalid, clearing the verification serial number in the database, setting a login status of the terminal ID to a locked state in the database, and sending login failure information to the client.
  17. 如权利要求15所述的计算机可读存储介质,其特征在于,在所述判断所述数据库中是否存在与所述终端ID相对应的验证序列号的步骤之前,所述处理器执行所述计算机可读指令时还实现如下步骤:A computer readable storage medium according to claim 15, wherein said processor executes said computer before said step of determining whether said verification sequence number corresponding to said terminal ID exists in said database The following steps are also implemented when the instructions are readable:
    判断所述终端ID对应的登录状态是否为锁定状态;Determining whether the login status corresponding to the terminal ID is a locked state;
    若所述登录状态为锁定状态,则向所述客户端发送登录失败信息;Sending login failure information to the client if the login status is a locked state;
    若所述登录状态不为锁定状态,则执行判断所述数据库中是否存在与所述终端ID相对应的验证序列号的步骤。If the login status is not the locked status, performing a step of determining whether the verification sequence number corresponding to the terminal ID exists in the database.
  18. 如权利要求15所述的计算机可读存储介质,其特征在于,所述处理器执行所述计算机可读指令时还实现如下步骤:The computer readable storage medium of claim 15, wherein the processor further implements the following steps when the computer readable instructions are executed:
    若不存在所述验证序列号,则给所述终端ID分配对应的验证序列号,初始化所述验证序列号的序列号信息,生成与所述验证序列号相关联的图形验证码,将所述图形验证码发送给与所述终端ID相对应的客户端。If the verification sequence number does not exist, assign a corresponding verification sequence number to the terminal ID, initialize sequence number information of the verification sequence number, and generate a graphic verification code associated with the verification sequence number, The graphic verification code is sent to the client corresponding to the terminal ID.
  19. 如权利要求15所述的计算机可读存储介质,其特征在于,所述序列号信息包括验证时段、登录次数和有效次数;The computer readable storage medium according to claim 15, wherein said serial number information comprises a verification period, a number of logins, and a number of times of validity;
    所述基于所述验证序列号中的序列号信息判断所述验证序列号是否有效,包括:Determining whether the verification serial number is valid based on the serial number information in the verification serial number, including:
    若系统当前时间在所述验证时段内,且获取所述终端ID对应的登录次数在所述有效次数内,则所述验证序列号有效,反之则无效。If the current time of the system is within the verification period, and the number of logins corresponding to the terminal ID is within the valid number of times, the verification sequence number is valid, and vice versa.
  20. 如权利要求15所述的计算机可读存储介质,其特征在于,所述序列号信息包括验证时段和有效次数;The computer readable storage medium of claim 15, wherein the serial number information comprises a verification period and an effective number of times;
    所述处理器执行所述计算机可读指令时还实现如下步骤:The processor further implements the following steps when executing the computer readable instructions:
    获取定时更新指令,所述定时更新指令包括程序ID;Obtaining a timing update instruction, the timing update instruction including a program ID;
    在系统当前时间为每个所述验证时段结束时,触发与所述程序ID相对应的更新程序,更新所述序列号信息的有效次数为零。At the end of each of the verification periods at the current time of the system, an update procedure corresponding to the program ID is triggered, and the effective number of times of updating the serial number information is zero.
PCT/CN2018/077313 2018-01-08 2018-02-27 Rooting-prevention log-in method, device, terminal apparatus, and storage medium WO2019134234A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201810014424.1 2018-01-08
CN201810014424.1A CN108462687B (en) 2018-01-08 2018-01-08 Anti-swipe login method and device, terminal device and storage medium

Publications (1)

Publication Number Publication Date
WO2019134234A1 true WO2019134234A1 (en) 2019-07-11

Family

ID=63221218

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/077313 WO2019134234A1 (en) 2018-01-08 2018-02-27 Rooting-prevention log-in method, device, terminal apparatus, and storage medium

Country Status (2)

Country Link
CN (1) CN108462687B (en)
WO (1) WO2019134234A1 (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109508531A (en) * 2018-10-17 2019-03-22 航天信息股份有限公司 Sign and issue the method, apparatus and storage medium of soft certificate
CN110161873B (en) * 2019-06-12 2022-11-18 东屋世安物联科技(江苏)股份有限公司 Method and system for low-power-consumption data secure transmission of smart home sensor
CN110768995B (en) * 2019-10-30 2022-04-01 北京达佳互联信息技术有限公司 Security verification method, device, system and storage medium
CN112866179B (en) * 2019-11-27 2023-06-27 北京沃东天骏信息技术有限公司 Current limiting method and current limiting device
CN111181722A (en) * 2020-03-06 2020-05-19 联想(北京)有限公司 Authentication method and system
CN111585956B (en) * 2020-03-31 2022-09-09 完美世界(北京)软件科技发展有限公司 Website anti-brushing verification method and device
CN112950236B (en) * 2021-03-31 2023-05-23 四川虹美智能科技有限公司 Sequence number writing method, device and computer readable medium
CN113486344B (en) * 2021-07-14 2023-09-05 北京奇艺世纪科技有限公司 Interface anti-brushing method and device, server side and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1832401A (en) * 2006-04-06 2006-09-13 陈珂 Method for protecting safety of account number cipher
CN102300182A (en) * 2011-09-07 2011-12-28 飞天诚信科技股份有限公司 Short-message-based authentication method, system and device
CN102546914A (en) * 2010-12-27 2012-07-04 梁志龙 Automatic login system based on smart phone and control method
US20170017890A1 (en) * 2015-07-14 2017-01-19 Jewel Dohan Method and System For Identifying Potentially Successful Dating Relationship

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9767040B2 (en) * 2015-08-31 2017-09-19 Salesforce.Com, Inc. System and method for generating and storing real-time analytics metric data using an in memory buffer service consumer framework
CN105897670A (en) * 2015-11-13 2016-08-24 乐视云计算有限公司 Website user login authentication method and system
CN106789855A (en) * 2015-11-25 2017-05-31 北京奇虎科技有限公司 The method and device of user login validation

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1832401A (en) * 2006-04-06 2006-09-13 陈珂 Method for protecting safety of account number cipher
CN102546914A (en) * 2010-12-27 2012-07-04 梁志龙 Automatic login system based on smart phone and control method
CN102300182A (en) * 2011-09-07 2011-12-28 飞天诚信科技股份有限公司 Short-message-based authentication method, system and device
US20170017890A1 (en) * 2015-07-14 2017-01-19 Jewel Dohan Method and System For Identifying Potentially Successful Dating Relationship

Also Published As

Publication number Publication date
CN108462687B (en) 2020-02-14
CN108462687A (en) 2018-08-28

Similar Documents

Publication Publication Date Title
WO2019134234A1 (en) Rooting-prevention log-in method, device, terminal apparatus, and storage medium
US9432339B1 (en) Automated token renewal using OTP-based authentication codes
US7234157B2 (en) Remote authentication caching on a trusted client or gateway system
US10630676B2 (en) Protecting against malicious discovery of account existence
EP3226506B1 (en) Sophisitcated preparation of an authorization token
US8336087B2 (en) Robust digest authentication method
US20140223178A1 (en) Securing Communication over a Network Using User Identity Verification
US10389693B2 (en) Keys for encrypted disk partitions
US7032026B1 (en) Method and apparatus to facilitate individual and global lockouts to network applications
US11470075B2 (en) Systems and methods for provisioning network devices
JP2019075074A (en) Secure environment investigation
US20180176206A1 (en) Dynamic Data Protection System
US20200382500A1 (en) Methods, systems, and computer readable mediums for securely establishing credential data for a computing device
WO2020001455A1 (en) Cpk-based linux operating system login authentication method, device, terminal and server
CN114301617A (en) Identity authentication method and device for multi-cloud application gateway, computer equipment and medium
US11868476B2 (en) Boot-specific key access in a virtual device platform
US20180176197A1 (en) Dynamic Data Protection System
US10158623B2 (en) Data theft deterrence
TW201430608A (en) Single-sign-on system and method
US20200137044A1 (en) System, server and method
CN112929388B (en) Network identity cross-device application rapid authentication method and system, and user agent device
US11693994B2 (en) System and method for securing cache boards of an enterprise network data storage system
WO2017219886A1 (en) Simple network protocol authentication method and device
US10375056B2 (en) Providing a secure communication channel during active directory disaster recovery
CN114117373B (en) Equipment authentication system and method based on secret key

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18898707

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205 DATED 15.10.2020.)

122 Ep: pct application non-entry in european phase

Ref document number: 18898707

Country of ref document: EP

Kind code of ref document: A1