WO2021164459A1 - 一种身份验证的方法、装置、计算机设备及可读存储介质 - Google Patents

一种身份验证的方法、装置、计算机设备及可读存储介质 Download PDF

Info

Publication number
WO2021164459A1
WO2021164459A1 PCT/CN2021/071060 CN2021071060W WO2021164459A1 WO 2021164459 A1 WO2021164459 A1 WO 2021164459A1 CN 2021071060 W CN2021071060 W CN 2021071060W WO 2021164459 A1 WO2021164459 A1 WO 2021164459A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
access
verification code
terminal
accessed
Prior art date
Application number
PCT/CN2021/071060
Other languages
English (en)
French (fr)
Inventor
李正航
艾文敏
Original Assignee
深圳壹账通智能科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳壹账通智能科技有限公司 filed Critical 深圳壹账通智能科技有限公司
Publication of WO2021164459A1 publication Critical patent/WO2021164459A1/zh

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Definitions

  • This application relates to the field of Internet technology, and in particular to an identity verification method, device, computer equipment, and readable storage medium.
  • the purpose of this application is to provide an identity verification method, device, computer equipment and readable storage medium, which can simplify the login process and improve access security.
  • a method of identity verification which specifically includes the following steps: receiving an access request sent by an access terminal; wherein the access request includes: a verification code and information of the accessed terminal; Whether the verification code is valid, and when the verification code is valid, the access authority level corresponding to the verification code is found from the local database; it is judged whether the permission list corresponding to the access authority level includes the Access terminal information; when the accessed terminal information is included in the authority list, obtain the login password information corresponding to the access authority level from the password database corresponding to the accessed terminal information; log in The password information is sent to the accessed end corresponding to the access request, so as to use the login password information to log in to the accessed end.
  • an identity verification device which specifically includes the following components: a receiving module for receiving an access request sent by an access terminal; wherein the access request includes: a verification code, Accessed terminal information; a search module for judging whether the verification code is valid, and when the verification code is valid, the access authority level corresponding to the verification code is searched from the local database; the judgment module is used for Determine whether the accessed terminal information is included in the authority list corresponding to the access authority level; an acquisition module is used to obtain information from the accessed terminal when the accessed terminal information is included in the authority list The password database corresponding to the information obtains the login password information corresponding to the access authority level; a sending module is configured to send the login password information to the accessed end corresponding to the access request, so as to use the login password information Log in to the accessed end.
  • a computer device which specifically includes: a memory, a processor, and a computer program stored on the memory and running on the processor, and the processor executes the The program implements the following method: receiving an access request sent by the access terminal; wherein the access request includes: a verification code and information of the accessed terminal; determining whether the verification code is valid, and when the verification code is valid Find the access authority level corresponding to the verification code from the local database; determine whether the accessed terminal information is included in the authority list corresponding to the access authority level; when the authority list includes the access authority When accessing terminal information, obtain the login password information corresponding to the access authority level from the password database corresponding to the accessed terminal information; send the login password information to the accessed terminal corresponding to the access request, Log in to the accessed terminal by using the login password information.
  • a computer-readable storage medium on which a computer program is stored.
  • the access request includes: a verification code and information of the accessed terminal; determining whether the verification code is valid, and finding the access authority level corresponding to the verification code from a local database when the verification code is valid; determining Whether the accessed terminal information is included in the authority list corresponding to the access authority level; when the accessed terminal information is included in the authority list, from the password database corresponding to the accessed terminal information Obtain login password information corresponding to the access authority level; send the login password information to the accessed end corresponding to the access request, so as to log in to the accessed end using the login password information.
  • the access terminal can access each business system through an integrated platform that integrates each business system, realizes a unified access entry for different business systems, and reduces the tedious work of repeatedly accessing each business system;
  • this application provides a unified identity verification
  • the mechanism realizes the function of re-authentication for one login, which greatly reduces the maintenance cost of identity verification.
  • this application can also improve the security of identity verification.
  • FIG. 1 is a schematic diagram of an optional process of the identity verification method provided in the first embodiment.
  • Fig. 2 is a schematic diagram of an optional program module of the identity verification device provided in the third embodiment.
  • FIG. 3 is a schematic diagram of an optional hardware architecture of the computer device provided in the fourth embodiment.
  • the technical solution of this application can be applied to the fields of artificial intelligence, smart city, blockchain and/or big data technology to realize identity verification.
  • the data involved in this application such as the permission list and/or login password information, can be stored in a database, or can be stored in a blockchain, such as distributed storage through a blockchain, which is not limited in this application.
  • the embodiment of the present application provides an identity verification method, which is applied to an asset management integration platform in the financial industry. As shown in FIG. 1, the method specifically includes the following steps.
  • Step S101 Receive an access request sent by an access terminal; wherein, the access request includes: a verification code and information of the accessed terminal.
  • the asset management integration platform is an integrated platform that integrates multiple asset management business systems;
  • the access terminal is a user terminal used to access each asset management business system through the asset management integration platform; each integrated in the asset management
  • the asset management business system of the integrated platform can be regarded as a visited end.
  • the accessed terminal information is IP address information or identity ID information of the accessed terminal.
  • the method before the receiving the access request sent by the access terminal, the method further includes the following steps.
  • Step A1 Receive platform registration information sent by the access terminal; wherein, the platform registration information includes: login account information and basic user information.
  • the user level information includes: the user's current network environment information, the user's department information, and the user's position information.
  • Step A2 Generate the verification code according to the login account information, and determine the access authority level according to the basic user information.
  • the access authority levels include: high-level, medium-level, and low-level; the higher the access authority level, the greater the number of accessed terminals that the access terminal can access; in step A2, it can be based on the user’s current network environment information, the user’s department information, And the user’s position information determines the access authority level according to a preset algorithm.
  • Step A3 Store the verification code and the access authority level in a local database, and send the verification code to the access terminal.
  • Step S102 Determine whether the verification code is valid, and find the access authority level corresponding to the verification code from the local database when the verification code is valid.
  • the judging whether the verification code is valid includes: when the verification code exists in the local database, and the first time when the verification code is stored and the second time when the access request is received When the time interval of is less than the preset threshold, it is determined that the verification code is valid.
  • the verification code has timeliness.
  • a new verification code needs to be assigned to the user, thereby improving the security of the asset management integration platform.
  • Step S103 Determine whether the accessed terminal information is included in the permission list corresponding to the access permission level.
  • the method further includes: setting a corresponding permission list for each access permission level; each permission list contains the information of the accessed end that can be accessed by the corresponding access permission level.
  • the user's access authority level is set to limit the types of accessed terminals that the user can access.
  • Step S104 When the accessed terminal information is included in the authority list, obtain the login password information corresponding to the access authority level from the password database corresponding to the accessed terminal information.
  • the method further includes: setting a corresponding password database for each accessed terminal information, and setting corresponding login password information for each access authority level in each password database; using different login password information to Restrict the user's access authority in the accessed terminal.
  • Step S105 Send the login password information to the access terminal, so that the access terminal uses the login password information to log in to the accessed terminal.
  • the identity of the user is verified through the verification code, and whether the user can access the accessed terminal is determined according to the access authority level, and finally the accessed terminal is logged in through the login password information corresponding to the access authority level.
  • the method further includes: sending invitation information to the visited end through a preset interface, and receiving the connection establishment approval information fed back by the visited end through the preset interface; Connect the information to perform database configuration to provide an access entry for accessing the accessed end.
  • the asset management integration platform integrates access portals of various types of asset management business systems (that is, the accessed end), and users can access various asset management business systems through the asset management integration platform.
  • the method further includes: obtaining to-do event information and reminder event information from the visited terminal; wherein the to-do event information includes: To-do event quantity information, to-do event name information, and to-do event jump link information.
  • the reminder event information includes: reminder event number information, reminder event name information, and reminder event jump link information; the information is displayed on the display interface To-do event information and reminder event information.
  • the user can intuitively view the to-do items and reminders in each asset management business system, and quickly access detailed data through the to-do item links and the reminder item links.
  • the embodiment of the application provides an identity verification method, which is applied to an asset management integration platform, which integrates various asset management business systems, and the access terminal can access various assets through the asset management integration platform.
  • Management business system specifically, the asset management integration platform includes: a user interaction module, an identity verification module, and a business module; wherein the user interaction module is connected to the access terminal for the access terminal to log in to the office through the user interaction module.
  • the asset management integration platform; the identity verification module is used to perform identity verification and authorization verification for users who log in to the asset management integration platform, and only users who have passed the identity verification and have corresponding permissions can access through the asset management integration platform
  • the identity verification method specifically includes the following steps.
  • Step S201 The user interaction module receives a service access request from the access terminal, and judges whether the service access request includes a verification code.
  • step S202 If yes, perform step S202; if not, send a rejection request message to the access terminal.
  • the service access request is information input by the user on the access terminal to request a certain service operation; the service access request includes: a verification code, information about the service module that the user wants to access, and what the user wants to perform Business information.
  • business module information in this embodiment is equivalent to the accessed terminal information in the first embodiment, and the business module in this embodiment is equivalent to the accessed terminal in the first embodiment.
  • step S201 the method further includes the following steps.
  • Step A1 The user interaction module receives platform registration information sent by the access terminal, and sends the platform registration information to the identity verification module; wherein the platform registration information includes: login account information and user Basic Information.
  • Step A2 The identity verification module generates the verification code according to the login account information, and determines the access authority level according to the basic user information.
  • Step A3 The identity verification module stores the verification code and the access authority level in a local database, and sends the verification code to the user interaction module.
  • Step A4 The user interaction module sends the verification code to the access terminal.
  • the access terminal saves the identity verification information in a cookie when receiving the verification code.
  • Step S202 The user interaction module sends the verification code and service module information in the service access request to the identity verification module.
  • Step S203 The identity verification module judges whether the verification code is valid, and if it is, step S204 is executed; if not, it sends verification failure information to the user interaction module, so that the user interaction module receives the verification failure. Sending an access rejection message to the access terminal when information.
  • the method further includes: in step A3, the identity verification module stores the first time when the identity verification information is formed in the local database.
  • the identity verification module obtains the second time when the identity verification module is received, and determines whether the time interval between the second time and the first time is less than a preset threshold, if so, Then, a verification failure message is sent to the user interaction module, and if not, it is determined that the verification code is valid.
  • a unique verification code is generated for each user logging in the asset management integration platform.
  • the user interaction module will The user’s verification code is sent to the identity verification module to verify the user’s identity verification information; in this embodiment, when the user logs into the asset management integration platform for the first time, the identity verification module will A verification code is allocated, and after the user obtains the verification code, the user can access the business module through the asset management integration platform within a set time period.
  • Step S204 The identity verification module finds the access authority level corresponding to the verification code from the local database, and determines whether the service module information is included in the authority list corresponding to the access authority level; if so, then Step S205 is executed, and if not, the authentication failure information is sent to the user interaction module, so that the user interaction module sends an access rejection message to the access terminal when the user interaction module receives the authentication failure information.
  • each permission list contains information about the business modules that can be accessed by the corresponding access permission level.
  • the user's access authority level is set to limit the types of business modules that the user can access.
  • Step S205 The identity verification module obtains the login password information corresponding to the access authority level from the password database corresponding to the service module information.
  • the method further includes: the identity verification module sets a corresponding password database for each business module, and sets a corresponding password database for each access authority level in the password database of each business module. Login password information; through different login password information to restrict the user's access authority in the business module.
  • the identity verification module verifies the user's identity through the verification code, determines whether the user can access the service module according to the access authority level, and finally logs in to the service module through the login password information corresponding to the access authority level.
  • Step S206 The identity verification module sends the login password information to the service module corresponding to the service module information to log in to the service module, so as to execute the corresponding asset management service according to the service information.
  • the asset management integration platform further includes: a connection establishment module; the connection establishment module is used to establish a connection between the asset management integration platform and each asset management business system. Therefore, the method further includes the following steps.
  • Step B1 The connection establishment module sends invitation information to each asset management business system that needs to be integrated in the asset management integration platform through the HTTP API interface.
  • Step B2 The connection establishment module receives the connection establishment approval information fed back by each asset management business system via HTTP API.
  • connection establishment approval information includes: business module name information, business module access authority information, and business module access address information.
  • Step B3 The connection establishment module configures the database according to each agreed connection establishment information, so as to provide access portals for accessing various asset management business systems in the asset management integration platform.
  • the asset management integration platform further includes: a display module for obtaining to-do event information and reminder event information from the business module after the access terminal successfully logs in to the business module; wherein, the The to-do event information includes: to-do event quantity information, to-do event name information, to-do event jump link information, and the reminder event information includes: reminder event number information, reminder event name information, and reminder event jump link information;
  • the to-do time information and reminder event information are sent to the access terminal, so that the access terminal can display the to-do event information and reminder event information through a display interface.
  • the asset management integration platform provides a common interface based on OpenAPI for each asset management business system, so that all asset management business systems of the B/S architecture can be connected to the asset management integration platform;
  • the asset management integration platform uniformly provides users with access to various asset management business systems through the user interaction module, and displays to-do event information and reminder event information of each asset management business system to users through the user interaction module, thereby This allows the user to access various business modules, view various to-do events and various reminder events through the user interaction module.
  • the embodiment of the present application provides an identity verification device, which is applied to an asset management integration platform. As shown in FIG. 2, the device specifically includes the following components:
  • the receiving module 301 is configured to receive an access request sent by an access terminal; wherein, the access request includes: a verification code and information of the accessed terminal.
  • the device further includes: a processing module for receiving platform registration information sent by the access terminal; wherein the platform registration information includes: login account information and user basic information; according to the login account information Generate the verification code, and determine the access authority level according to the basic user information; store the verification code and the access authority level in the local database, and send the verification code to the access terminal .
  • the platform registration information includes: login account information and user basic information; according to the login account information Generate the verification code, and determine the access authority level according to the basic user information; store the verification code and the access authority level in the local database, and send the verification code to the access terminal .
  • the searching module 302 is configured to determine whether the verification code is valid, and to find the access authority level corresponding to the verification code from a local database when the verification code is valid.
  • the search module 302 is specifically configured to: when the verification code exists in the local database, and the time interval between the first time when the verification code is stored and the second time when the access request is received is less than a preset time When the threshold is set, it is determined that the verification code is valid.
  • the judging module 303 is configured to judge whether the accessed terminal information is included in the permission list corresponding to the access permission level.
  • the obtaining module 304 is configured to obtain the login password information corresponding to the access authority level from the password database corresponding to the accessed terminal information when the accessed terminal information is included in the authority list.
  • the sending module 305 is configured to send the login password information to the access terminal, so that the access terminal uses the login password information to log in to the accessed terminal.
  • the device further includes: an integration module, configured to send invitation information to the visited end through a preset interface, and receive connection establishment approval information fed back by the visited end through the preset interface;
  • the database configuration is performed according to the connection establishment approval information to provide an access entry for accessing the accessed end.
  • the device further includes: a display module for obtaining to-do event information and reminding event information from the accessed terminal after the access terminal successfully logs in to the accessed terminal; wherein, the to-do event
  • the file information includes: to-do event quantity information, to-do event name information, and to-do event jump link information.
  • the reminder event information includes: reminder event number information, reminder event name information, and reminder event jump link information; The interface displays the to-do event information and reminder event information.
  • This embodiment also provides a computer device, such as a smart phone, a tablet computer, a notebook computer, a desktop computer, a rack server, a blade server, a tower server, or a cabinet server (including independent servers, or A server cluster composed of multiple servers), etc.
  • the computer device 40 of this embodiment at least includes but is not limited to: a memory 401 and a processor 402 that can be communicatively connected to each other through a system bus. It should be pointed out that FIG. 3 only shows the computer device 40 with components 401-402, but it should be understood that it is not required to implement all of the illustrated components, and more or fewer components may be implemented instead.
  • the memory 401 (readable storage medium) includes flash memory, hard disk, multimedia card, card-type memory (for example, SD or DX memory, etc.), random access memory (RAM), static random access memory (SRAM), Read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), programmable read-only memory (PROM), magnetic memory, magnetic disks, optical disks, etc.
  • the memory 401 may be an internal storage unit of the computer device 40, such as a hard disk or memory of the computer device 40.
  • the memory 401 may also be an external storage device of the computer device 40, such as a plug-in hard disk, a smart memory card (Smart Media Card, SMC), and a secure digital (Secure Digital, SD) card, flash card (Flash Card), etc.
  • the memory 401 may also include both the internal storage unit of the computer device 40 and its external storage device.
  • the memory 401 is generally used to store the operating system and various application software installed in the computer device 40, such as the program code of the device for realizing the identity verification in the third embodiment.
  • the memory 401 can also be used to temporarily store various types of data that have been output or will be output.
  • the processor 402 may be a central processing unit (Central Processing Unit, CPU), a controller, a microcontroller, a microprocessor, or other data processing chips in some embodiments.
  • the processor 402 is generally used to control the overall operation of the computer device 40.
  • the processor 402 is configured to execute the program of the identity verification method stored in the processor 402, and when the program of the identity verification method is executed, the following steps are implemented: An access request; wherein the access request includes: a verification code and information of the accessed terminal; it is determined whether the verification code is valid, and the verification code corresponding to the verification code is found from the local database when the verification code is valid Access authority level; determine whether the accessed terminal information is included in the authority list corresponding to the access authority level; when the accessed terminal information is included in the authority list, follow the information of the accessed terminal Obtain the login password information corresponding to the access authority level from the corresponding password database; send the login password information to the accessed end corresponding to the access request, so as to use the login password information to log in to the accessed end .
  • This embodiment also provides a computer-readable storage medium, such as flash memory, hard disk, multimedia card, card-type memory (for example, SD or DX memory, etc.), random access memory (RAM), static random access memory (SRAM), only Readable memory (ROM), electrically erasable programmable read-only memory (EEPROM), programmable read-only memory (PROM), magnetic memory, magnetic disks, optical disks, servers, App application malls, etc., on which computer programs are stored,
  • the computer program is executed by the processor, the following method steps are implemented: receiving an access request sent by an access terminal; wherein the access request includes: a verification code and information of the accessed terminal; determining whether the verification code is valid, and When the verification code is valid, the access authority level corresponding to the verification code is found from the local database; it is determined whether the accessed terminal information is included in the authority list corresponding to the access authority level; When the authority list contains the accessed terminal information, obtain the login password information corresponding to the access authority level from the password database corresponding to the accessed
  • the storage medium involved in this application such as a computer-readable storage medium, may be non-volatile or volatile.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

本申请公开了一种身份验证的方法、装置、计算机设备及可读存储介质,该方法包括:接收由访问端发送来的访问请求;其中,所述访问请求包括:验证码、被访问端信息;判断所述验证码是否有效,并在所述验证码有效的情况下从本地数据库中查找到与所述验证码对应的访问权限级别;判断在与所述访问权限级别对应的权限列表中是否包含所述被访问端信息;当在所述权限列表中包含所述被访问端信息时,从与所述被访问端信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信息;将所述登录密码信息发送至与所述访问请求对应的被访问端,以利用所述登录密码信息登录所述被访问端;本申请可以简化登录流程,提高访问安全性。

Description

一种身份验证的方法、装置、计算机设备及可读存储介质
本申请要求于2020年2月19日提交中国专利局、申请号为202010102388.1,发明名称为“一种身份验证的方法、装置、计算机设备及可读存储介质”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
技术领域
本申请涉及互联网技术领域,具体涉及一种身份验证的方法、装置、计算机设备及可读存储介质。
背景技术
随着互联网技术的不断发展,企业通常需要对接多个业务系统以实现不同的业务操作,例如,在金融行业的企业需要对接产品管理、指令管理、风控合规管理、财务管理等多个业务系统;然而,发明人意识到,每个业务系统均有不同的登录入口,企业内的用户终端需要通过频繁的登录操作才能使用不同的业务系统,而且每个业务系统的身份认证方式均不相同,企业内的用户终端需要获取各个业务系统的登录账户信息;因此,企业如何简化用户终端访问各个业务系统的复杂度、并确保用户终端访问业务系统的安全性,成为亟需解决的技术问题。
技术问题
本申请的目的在于提供一种身份验证的方法、装置、计算机设备及可读存储介质,可以简化登录流程,提高访问安全性。
技术解决方案
根据本申请的一个方面,提供了一种身份验证的方法,具体包括以下步骤:接收由访问端发送来的访问请求;其中,所述访问请求包括:验证码、被访问端信息;判断所述验证码是否有效,并在所述验证码有效的情况下从本地数据库中查找到与所述验证码对应的访问权限级别;判断在与所述访问权限级别对应的权限列表中是否包含所述被访问端信息;当在所述权限列表中包含所述被访问端信息时,从与所述被访问端信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信息;将所述登录密码信息发送至与所述访问请求对应的被访问端,以利用所述登录密码信息登录所述被访问端。
根据本申请的另一个方面,还提供了一种身份验证的装置,具体包括以下组成部分:接收模块,用于接收由访问端发送来的访问请求;其中,所述访问请求包括:验证码、被访问端信息;查找模块,用于判断所述验证码是否有效,并在所述验证码有效的情况下从本地数据库中查找到与所述验证码对应的访问权限级别;判断模块,用于判断在与所述访问权限级别对应的权限列表中是否包含所述被访问端信息;获取模块,用于当在所述权限列表中包含所述被访问端信息时,从与所述被访问端信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信息;发送模块,用于将所述登录密码信息发送至与所述访问请求对应的被访问端,以利用所述登录密码信息登录所述被访问端。
根据本申请的另一个方面,还提供了一种计算机设备,具体包括:存储器、处理器以及存储在所述存储器上并可在所述处理器上运行的计算机程序,所述处理器执行所述程序时实现以下方法:接收由访问端发送来的访问请求;其中,所述访问请求包括:验证码、被访问端信息;判断所述验证码是否有效,并在所述验证码有效的情况下从本地数据库中查找到与所述验证码对应的访问权限级别;判断在与所述访问权限级别对应的权限列表中是否包含所述被访问端信息;当在所述权限列表中包含所述被访问端信息时,从与所述被访问端信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信息;将所述登录密码信息发送至与所述访问请求对应的被访问端,以利用所述登录密码信息登录所述被访问端。
根据本申请的另一个方面,还提供了一种计算机可读存储介质,其上存储有计算机程序,所述程序被处理器执行时实现以下方法:接收由访问端发送来的访问请求;其中,所述访问请求包括:验证码、被访问端信息;判断所述验证码是否有效,并在所述验证码有效的情况下从本地数据库中查找到与所述验证码对应的访问权限级别;判断在与所述访问权限级别对应的权限列表中是否包含所述被访问端信息;当在所述权限列表中包含所述被访问端信息时,从与所述被访问端信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信息;将所述登录密码信息发送至与所述访问请求对应的被访问端,以利用所述登录密码信息登录所述被访问端。
有益效果
本申请中访问端通过集成了各个业务系统的一体化平台可以访问各个业务系统,实现了不同业务系统的统一访问入口,减少了重复访问各个业务系统的繁琐工作;本申请提供了统一身份验证的机制,实现一次登录重复认证的功能,大大减少了身份验证的维护成本。此外,本申请还能提高身份验证的安全性。
附图说明
通过阅读下文优选实施方式的详细描述,各种其他的优点和益处对于本领域普通技术人员将变得清楚明了。附图仅用于示出优选实施方式的目的,而并不认为是对本申请的限制。而且在整个附图中,用相同的参考符号表示相同的部件。图1为实施例一提供的身份验证的方法的一种可选的流程示意图。
图2为实施例三提供的身份验证的装置的一种可选的程序模块示意图。
图3为实施例四提供的计算机设备的一种可选的硬件架构示意图。
本发明的实施方式
为了使本申请的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对本申请进行进一步详细说明。应当理解,此处所描述的具体实施例仅用以解释本申请,并不用于限定本申请。基于本申请中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。
本申请的技术方案可应用于人工智能、智慧城市、区块链和/或大数据技术领域,以实现身份验证。可选的,本申请涉及的数据如权限列表和/或登录密码信息等可存储于数据库中,或者可以存储于区块链中,比如通过区块链分布式存储,本申请不做限定。
实施例一。
本申请实施例提供了一种身份验证的方法,应用于金融行业的资管集成平台,如图1所示,该方法具体包括以下步骤。
步骤S101:接收由访问端发送来的访问请求;其中,所述访问请求包括:验证码、被访问端信息。
在本实施例中,资管集成平台为集成了多个资管业务系统的一体化平台;访问端为用于通过资管集成平台访问各个资管业务系统的用户终端;每个集成在资管集成平台的资管业务系统均可被视为一个被访问端。优选的,被访问端信息为被访问端的IP地址信息或身份ID信息。
具体的,在所述接收由访问端发送来的访问请求之前,所述方法还包括以下步骤。
步骤A1:接收由所述访问端发送来的平台注册信息;其中,所述平台注册信息包括:登录账号信息和用户基本信息。
当用户通过所述访问端第一次登录所述资管集成平台时,需要进行注册操作;在注册操作过程中,用户需要使用登录账号信息登录所述资管集成平台,并上报用户基本信息。
优选的,用户级别信息包括:用户当前网络环境信息、用户所属部门信息、和用户职位信息。
步骤A2:根据所述登录账号信息生成所述验证码,并根据所述用户基本信息确定出所述访问权限级别。
优选的,访问权限级别包括:高级、中级、低级;访问权限级别越高,访问端可访问的被访问端的数量越多;在步骤A2中,可以根据用户当前网络环境信息、用户所属部门信息、和用户职位信息按照预设算法确定出访问权限级别。
步骤A3:将所述验证码和访问权限级别存储到本地数据库中,并将所述验证码发送至所述访问端。
步骤S102:判断所述验证码是否有效,并在所述验证码有效的情况下从所述本地数据库中查找到与所述验证码对应的访问权限级别。
具体的,所述判断所述验证码是否有效,具体包括:当在所述本地数据库中存在所述验证码,且存储所述验证码的第一时间与接收到所述访问请求的第二时间的时间间隔小于预设阈值时,判定所述验证码有效。
在本申请中,验证码具有时效性,当验证码过期后,需要重新为用户分配新的验证码,从而提高了资管集成平台的安全性。
步骤S103:判断在与所述访问权限级别对应的权限列表中是否包含所述被访问端信息。
具体的,所述方法还包括:分别为每个访问权限级别设置对应的权限列表;每个权限列表中包含对应的访问权限级别所能访问的被访问端信息。
在本实施例中,不同的用户有不同的访问权限级别,通过设置用户的访问权限级别以限制用户可以访问的被访问端的种类。
步骤S104:当在所述权限列表中包含所述被访问端信息时,从与所述被访问端信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信息。
具体的,所述方法还包括:分别为每个被访问端信息设置对应的密码数据库,并在每个密码数据库中分别为各个访问权限级别设置对应的登录密码信息;通过不同的登录密码信息以限制用户在被访问端中的访问权限。
步骤S105:将所述登录密码信息发送至所述访问端,以供所述访问端利用所述登录密码信息登录被访问端。
在本实施例中,通过验证码对用户的身份进行验证,并根据访问权限级别判断出用户是否可以访问被访问端,最后通过与访问权限级别对应的登录密码信息登录被访问端。
具体的,所述方法还包括:通过预设接口向所述被访问端发送邀请信息,并通过所述预设接口接收由所述被访问端反馈回的同意建连信息;根据所述同意建连信息进行数据库配置,以提供用于访问所述被访问端的访问入口。
在本实施例中,所述资管集成平台集成了各种类型的资管业务系统(即,被访问端)的访问入口,用户可以通过所述资管集成平台访问各个资管业务系统。
进一步的,在所述访问端成功登录所述被访问端之后,所述方法还包括:从所述被访问端中获取待办事件信息和提醒事件信息;其中,所述待办事件信息包括:待办事件数量信息、待办事件名称信息、待办事件跳转链接信息,所述提醒事件信息包括:提醒事件数量信息、提醒事件名称信息、提醒事件跳转链接信息;通过显示界面显示所述待办事件信息和提醒事件信息。
在本实施例中,用户可直观的查看各个资管业务系统中的待办事项和提醒事项,并通过待办事项链接和提醒事项链接快速访问明细数据。
实施例二。
本申请实施例提供了一种身份验证的方法,该方法应用于资管集成平台,所述资管集成平台集成了各种资管业务系统,访问端通过所述资管集成平台可以访问各个资管业务系统;具体的,所述资管集成平台包括:用户交互模块、身份验证模块和业务模块;其中,所述用户交互模块与访问端连接,以供访问端通过所述用户交互模块登录所述资管集成平台;所述身份验证模块用于对登录所述资管集成平台的用户进行身份验证和权限验证,只有身份验证通过的且具有相应权限的用户可以通过所述资管集成平台访问对应的业务模块;每种业务模块对应一种资管业务系统,所述业务模块包括:产品管理模块、指令管理模块、风控合规管理模块、组合管理模块、财务管理模块。
所述身份验证方法,具体包括以下步骤。
步骤S201:用户交互模块接收来自访问端的业务访问请求,并判断在所述业务访问请求中是否包含验证码。
若是,则执行步骤S202;若否,则向所述访问端发送拒绝请求消息。
其中,所述业务访问请求是用户在所述访问端上输入的用于请求某一业务操作的信息;所述业务访问请求包括:验证码、用户所要访问的业务模块信息、以及用户所要执行的业务信息。
需要说明的是,本实施例中的业务模块信息相当于第一实施例中的被访问端信息,本实施例中的业务模块相当于第一实施例中的被访问端。
具体的,在步骤S201之前,所述方法还包括以下步骤。
步骤A1:所述用户交互模块接收由所述访问端发送来的平台注册信息,并将所述平台注册信息发送至所述身份验证模块;其中,所述平台注册信息包括:登录账号信息和用户基本信息。
步骤A2:所述身份验证模块根据所述登录账号信息生成所述验证码,并根据所述用户基本信息确定出所述访问权限级别。
步骤A3:所述身份验证模块将所述验证码和所述访问权限级别存储到本地数据库中,并将所述验证码发送至所述用户交互模块。
步骤A4:所述用户交互模块将所述验证码发送至所述访问端。
具体的,所述访问端当接收到所述验证码时将所述身份验证信息保存至cookie中。
在本实施例中,当访问端第一次登陆所述资管集成平台时,需要进行注册,以供所述资管集成平台为所述访问端生成验证码。
步骤S202:所述用户交互模块将所述业务访问请求中的验证码和业务模块信息发送至所述身份验证模块。
步骤S203:所述身份验证模块判断所述验证码是否有效,若是,则执行步骤S204;若否,则向所述用户交互模块发送验证失败信息,以供所述用户交互模块在接收到验证失败信息时向所述访问端发送拒绝访问消息。
具体的,所述方法还包括:在步骤A3中,所述身份验证模块将形成所述身份验证信息的第一时间存储在所述本地数据库中。
进一步的,在步骤S203中,所述身份验证模块获取接收到所述身份验证模块的第二时间,并判断所述第二时间与所述第一时间的时间间隔是否小于预设阈值,若是,则向所述用户交互模块发送验证失败消息,若否,则判定所述验证码有效。
在本实施例中,为每个登陆所述资管集成平台的用户生成唯一的验证码,当所述用户需要通过所述资管集成平台访问任一业务模块时,用户交互模块会将所述用户的验证码发送至身份验证模块,以对用户的身份验证信息进行验证;在本实施例中,当用户第一次登陆所述资管集成平台时,所述身份验证模块会为所述用户分配一个验证码,所述用户在得到所述验证码之后,可以在设定时间期间内通过所述资管集成平台访问业务模块。
步骤S204:所述身份验证模块从本地数据库中查找到与所述验证码对应的访问权限级别,并判断在与所述访问权限级别对应的权限列表中是否包含所述业务模块信息;若是,则执行步骤S205,若否,则向所述用户交互模块发送验证失败信息,以供所述用户交互模块在接收到验证失败信息时向所述访问端发送拒绝访问消息。
具体的,在步骤S204之前,在所述身份验证模块中分别为每个访问权限级别设置对应的权限列表;每个权限列表中包含对应的访问权限级别所能访问的业务模块信息。
在本实施例中,不同的用户有不同的访问权限级别,通过设置用户的访问权限级别以限制用户可以访问的业务模块的种类。
步骤S205:所述身份验证模块从与所述业务模块信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信息。
具体的,在步骤S205之前,所述方法还包括:所述身份验证模块分别为每个业务模块设置对应的密码数据库,并在每个业务模块的密码数据库中分别为各个访问权限级别设置对应的登录密码信息;通过不同的登录密码信息以限制用户在业务模块中的访问权限。
在本实施例中,身份验证模块通过验证码对用户的身份进行验证,并根据访问权限级别判断出用户是否可以访问业务模块,最后通过与访问权限级别对应的登录密码信息登录业务模块。
步骤S206:所述身份验证模块将所述登录密码信息发送至与所述业务模块信息对应的业务模块,以登录所述业务模块,从而根据所述业务信息执行相应的资管业务。
具体的,所述资管集成平台还包括:建连模块;所述建连模块用于建立所述资管集成平台与各个资管业务系统的连接,因此,所述方法还包括以下步骤。
步骤B1:所述建连模块通过HTTP API接口向需要集成在所述资管集成平台中的各个资管业务系统发送邀请信息。
步骤B2:所述建连模块通过HTTP API接收由各个资管业务系统反馈回的同意建连信息。
其中,所述同意建连信息包括:业务模块名称信息、业务模块访问权限信息、和业务模块访问地址信息。
步骤B3:所述建连模块根据各个同意建连信息进行数据库配置,以在所述资管集成平台中提供用于访问各个资管业务系统的访问入口。
进一步的,所述资管集成平台还包括:显示模块,用于在所述访问端成功登录所述业务模块之后,从所述业务模块中获取待办事件信息和提醒事件信息;其中,所述待办事件信息包括:待办事件数量信息、待办事件名称信息、待办事件跳转链接信息,所述提醒事件信息包括:提醒事件数量信息、提醒事件名称信息、提醒事件跳转链接信息;将所述待办时间信息和提醒事件信息发送给所述访问端,以供所述访问端通过显示界面显示所述待办事件信息和提醒事件信息。
在本实施例中,资管集成平台为各个资管业务系统提供基于OpenAPI的通用接口,以使所有B/S架构的资管业务系统可以接入到所述资管集成平台中;此外,所述资管集成平台通过所述用户交互模块统一向用户提供各个资管业务系统的访问入口,以及通过所述用户交互模块向用户展示各个资管业务系统的待办事件信息和提醒事件信息,从而使得用户可以通过所述用户交互模块访问各个业务模块、查看各个待办事件和各个提醒事件。
实施例三。
本申请实施例提供了一种身份验证的装置,应用于资管集成平台,如图2所示,该装置具体包括以下组成部分:
接收模块301,用于接收由访问端发送来的访问请求;其中,所述访问请求包括:验证码、被访问端信息。
具体的,所述装置还包括:处理模块,用于接收由所述访问端发送来的平台注册信息;其中,所述平台注册信息包括:登录账号信息和用户基本信息;根据所述登录账号信息生成所述验证码,并根据所述用户基本信息确定出所述访问权限级别;将所述验证码和访问权限级别存储到所述本地数据库中,并将所述验证码发送至所述访问端。
查找模块302,用于判断所述验证码是否有效,并在所述验证码有效的情况下从本地数据库中查找到与所述验证码对应的访问权限级别。
具体的,查找模块302,具体用于:当在所述本地数据库中存在所述验证码,且存储所述验证码的第一时间与接收到所述访问请求的第二时间的时间间隔小于预设阈值时,判定所述验证码有效。
判断模块303,用于判断在与所述访问权限级别对应的权限列表中是否包含所述被访问端信息。
获取模块304,用于当在所述权限列表中包含所述被访问端信息时,从与所述被访问端信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信息。
发送模块305,用于将所述登录密码信息发送至所述访问端,以供所述访问端利用所述登录密码信息登录被访问端。
具体的,所述装置还包括:集成模块,用于通过预设接口向所述被访问端发送邀请信息,并通过所述预设接口接收由所述被访问端反馈回的同意建连信息;根据所述同意建连信息进行数据库配置,以提供用于访问所述被访问端的访问入口。
进一步的,所述装置还包括:显示模块,用于所述访问端成功登录所述被访问端之后,从所述被访问端中获取待办事件信息和提醒事件信息;其中,所述待办事件信息包括:待办事件数量信息、待办事件名称信息、待办事件跳转链接信息,所述提醒事件信息包括:提醒事件数量信息、提醒事件名称信息、提醒事件跳转链接信息;通过显示界面显示所述待办事件信息和提醒事件信息。
实施例四。
本实施例还提供一种计算机设备,如可以执行程序的智能手机、平板电脑、笔记本电脑、台式计算机、机架式服务器、刀片式服务器、塔式服务器或机柜式服务器(包括独立的服务器,或者多个服务器所组成的服务器集群)等。如图3所示,本实施例的计算机设备40至少包括但不限于:可通过系统总线相互通信连接的存储器401、处理器402。需要指出的是,图3仅示出了具有组件401-402的计算机设备40,但是应理解的是,并不要求实施所有示出的组件,可以替代的实施更多或者更少的组件。
本实施例中,存储器401(即可读存储介质)包括闪存、硬盘、多媒体卡、卡型存储器(例如,SD或DX存储器等)、随机访问存储器(RAM)、静态随机访问存储器(SRAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、可编程只读存储器(PROM)、磁性存储器、磁盘、光盘等。在一些实施例中,存储器401可以是计算机设备40的内部存储单元,例如该计算机设备40的硬盘或内存。在另一些实施例中,存储器401也可以是计算机设备40的外部存储设备,例如该计算机设备40上配备的插接式硬盘,智能存储卡(Smart Media Card, SMC),安全数字(Secure Digital, SD)卡,闪存卡(Flash Card)等。当然,存储器401还可以既包括计算机设备40的内部存储单元也包括其外部存储设备。在本实施例中,存储器401通常用于存储安装于计算机设备40的操作系统和各类应用软件,例如用于实现上述实施例三的身份验证的装置的程序代码等。此外,存储器401还可以用于暂时地存储已经输出或者将要输出的各类数据。
处理器402在一些实施例中可以是中央处理器(Central Processing Unit,CPU)、控制器、微控制器、微处理器、或其他数据处理芯片。该处理器402通常用于控制计算机设备40的总体操作。
具体的,在本实施例中,处理器402用于执行处理器402中存储的身份验证的方法的程序,所述身份验证的方法的程序被执行时实现如下步骤:接收由访问端发送来的访问请求;其中,所述访问请求包括:验证码、被访问端信息;判断所述验证码是否有效,并在所述验证码有效的情况下从本地数据库中查找到与所述验证码对应的访问权限级别;判断在与所述访问权限级别对应的权限列表中是否包含所述被访问端信息;当在所述权限列表中包含所述被访问端信息时,从与所述被访问端信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信息;将所述登录密码信息发送至与所述访问请求对应的被访问端,以利用所述登录密码信息登录所述被访问端。
上述方法步骤的具体实施例过程可参见第一实施例,本实施例在此不再重复赘述。
实施例五。
本实施例还提供一种计算机可读存储介质,如闪存、硬盘、多媒体卡、卡型存储器(例如,SD或DX存储器等)、随机访问存储器(RAM)、静态随机访问存储器(SRAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、可编程只读存储器(PROM)、磁性存储器、磁盘、光盘、服务器、App应用商城等等,其上存储有计算机程序,所述计算机程序被处理器执行时实现如下方法步骤:接收由访问端发送来的访问请求;其中,所述访问请求包括:验证码、被访问端信息;判断所述验证码是否有效,并在所述验证码有效的情况下从本地数据库中查找到与所述验证码对应的访问权限级别;判断在与所述访问权限级别对应的权限列表中是否包含所述被访问端信息;当在所述权限列表中包含所述被访问端信息时,从与所述被访问端信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信息;将所述登录密码信息发送至与所述访问请求对应的被访问端,以利用所述登录密码信息登录所述被访问端。
上述方法步骤的具体实施例过程可参见第一实施例,本实施例在此不再重复赘述。
可选的,本申请涉及的存储介质如计算机可读存储介质可以是非易失性的,也可以是易失性的。
需要说明的是,在本文中,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者装置不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者装置所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括该要素的过程、方法、物品或者装置中还存在另外的相同要素。
上述本申请实施例序号仅仅为了描述,不代表实施例的优劣。
通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到上述实施例方法可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件,但很多情况下前者是更佳的实施方式。
以上仅为本申请的优选实施例,并非因此限制本申请的专利范围,凡是利用本申请说明书及附图内容所作的等效结构或等效流程变换,或直接或间接运用在其他相关的技术领域,均同理包括在本申请的专利保护范围内。

Claims (20)

  1. 一种身份验证的方法,其中,所述方法包括:
    接收由访问端发送来的访问请求;其中,所述访问请求包括:验证码、被访问端信息;
    判断所述验证码是否有效,并在所述验证码有效的情况下从本地数据库中查找到与所述验证码对应的访问权限级别;
    判断在与所述访问权限级别对应的权限列表中是否包含所述被访问端信息;
    当在所述权限列表中包含所述被访问端信息时,从与所述被访问端信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信息;
    将所述登录密码信息发送至与所述访问请求对应的被访问端,以利用所述登录密码信息登录所述被访问端。
  2. 根据权利要求1所述的身份验证的方法,其中,在所述接收由访问端发送来的访问请求之前,所述方法还包括:
    接收由所述访问端发送来的平台注册信息;其中,所述平台注册信息包括:登录账号信息和用户基本信息;
    根据所述登录账号信息生成所述验证码,并根据所述用户基本信息确定出所述访问权限级别;
    将所述验证码和访问权限级别存储到所述本地数据库中,并将所述验证码发送至所述访问端。
  3. 根据权利要求2所述的身份验证的方法,其中,所述判断所述验证码是否有效,具体包括:
    当在所述本地数据库中存在所述验证码,且存储所述验证码的第一时间与接收到所述访问请求的第二时间的时间间隔小于预设阈值时,判定所述验证码有效。
  4. 根据权利要求1所述的身份验证的方法,其中,所述方法还包括:
    通过预设接口向所述被访问端发送邀请信息,并通过所述预设接口接收由所述被访问端反馈回的同意建连信息;
    根据所述同意建连信息进行数据库配置,以提供用于访问所述被访问端的访问入口。
  5. 根据权利要求1所述的身份验证的方法,其中,在所述访问端成功登录所述被访问端之后,所述方法还包括:
    从所述被访问端中获取待办事件信息和提醒事件信息;其中,所述待办事件信息包括:待办事件数量信息、待办事件名称信息、待办事件跳转链接信息,所述提醒事件信息包括:提醒事件数量信息、提醒事件名称信息、提醒事件跳转链接信息;
    通过显示界面显示所述待办事件信息和提醒事件信息。
  6. 根据权利要求1-5任一项所述的身份验证的方法,其中,所述方法还包括:
    分别为每个被访问端信息设置对应的密码数据库,并在每个密码数据库中分别为各个访问权限级别设置对应的登录密码信息;其中,所述登录密码信息用于限制用户在被访问端中的访问权限。
  7. 一种身份验证的装置,其中,所述装置包括:
    接收模块,用于接收由访问端发送来的访问请求;其中,所述访问请求包括:验证码、被访问端信息;
    查找模块,用于判断所述验证码是否有效,并在所述验证码有效的情况下从本地数据库中查找到与所述验证码对应的访问权限级别;
    判断模块,用于判断在与所述访问权限级别对应的权限列表中是否包含所述被访问端信息;
    获取模块,用于当在所述权限列表中包含所述被访问端信息时,从与所述被访问端信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信息;
    发送模块,用于将所述登录密码信息发送至与所述访问请求对应的被访问端,以利用所述登录密码信息登录所述被访问端。
  8. 根据权利要求7所述的身份验证的装置,其中,所述装置还包括:
    处理模块,用于接收由所述访问端发送来的平台注册信息;其中,所述平台注册信息包括:登录账号信息和用户基本信息;根据所述登录账号信息生成所述验证码,并根据所述用户基本信息确定出所述访问权限级别;将所述验证码和访问权限级别存储到所述本地数据库中,并将所述验证码发送至所述访问端。
  9. 一种计算机设备,所述计算机设备包括:存储器、处理器以及存储在所述存储器上并可在所述处理器上运行的计算机程序,其中,所述处理器执行所述程序时实现以下方法:
    接收由访问端发送来的访问请求;其中,所述访问请求包括:验证码、被访问端信息;
    判断所述验证码是否有效,并在所述验证码有效的情况下从本地数据库中查找到与所述验证码对应的访问权限级别;
    判断在与所述访问权限级别对应的权限列表中是否包含所述被访问端信息;
    当在所述权限列表中包含所述被访问端信息时,从与所述被访问端信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信息;
    将所述登录密码信息发送至与所述访问请求对应的被访问端,以利用所述登录密码信息登录所述被访问端。
  10. 根据权利要求9所述的计算机设备,其中,在所述接收由访问端发送来的访问请求之前,所述处理器执行所述程序时还用于实现:
    接收由所述访问端发送来的平台注册信息;其中,所述平台注册信息包括:登录账号信息和用户基本信息;
    根据所述登录账号信息生成所述验证码,并根据所述用户基本信息确定出所述访问权限级别;
    将所述验证码和访问权限级别存储到所述本地数据库中,并将所述验证码发送至所述访问端。
  11. 根据权利要求10所述的计算机设备,其中,所述判断所述验证码是否有效时,具体实现:
    当在所述本地数据库中存在所述验证码,且存储所述验证码的第一时间与接收到所述访问请求的第二时间的时间间隔小于预设阈值时,判定所述验证码有效。
  12. 根据权利要求9所述的计算机设备,其中,所述处理器执行所述程序时还用于实现:
    通过预设接口向所述被访问端发送邀请信息,并通过所述预设接口接收由所述被访问端反馈回的同意建连信息;
    根据所述同意建连信息进行数据库配置,以提供用于访问所述被访问端的访问入口。
  13. 根据权利要求9所述的计算机设备,其中,在所述访问端成功登录所述被访问端之后,所述处理器执行所述程序时还用于实现:
    从所述被访问端中获取待办事件信息和提醒事件信息;其中,所述待办事件信息包括:待办事件数量信息、待办事件名称信息、待办事件跳转链接信息,所述提醒事件信息包括:提醒事件数量信息、提醒事件名称信息、提醒事件跳转链接信息;
    通过显示界面显示所述待办事件信息和提醒事件信息。
  14. 根据权利要求9-13任一项所述的计算机设备,其中,所述处理器执行所述程序时还用于实现:
    分别为每个被访问端信息设置对应的密码数据库,并在每个密码数据库中分别为各个访问权限级别设置对应的登录密码信息;其中,所述登录密码信息用于限制用户在被访问端中的访问权限。
  15. 一种计算机可读存储介质,其上存储有计算机程序,其中,所述程序被处理器执行时实现以下方法:
    接收由访问端发送来的访问请求;其中,所述访问请求包括:验证码、被访问端信息;
    判断所述验证码是否有效,并在所述验证码有效的情况下从本地数据库中查找到与所述验证码对应的访问权限级别;
    判断在与所述访问权限级别对应的权限列表中是否包含所述被访问端信息;
    当在所述权限列表中包含所述被访问端信息时,从与所述被访问端信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信息;
    将所述登录密码信息发送至与所述访问请求对应的被访问端,以利用所述登录密码信息登录所述被访问端。
  16. 根据权利要求15所述的计算机可读存储介质,其中,在所述接收由访问端发送来的访问请求之前,所述程序被处理器执行时还用于实现:
    接收由所述访问端发送来的平台注册信息;其中,所述平台注册信息包括:登录账号信息和用户基本信息;
    根据所述登录账号信息生成所述验证码,并根据所述用户基本信息确定出所述访问权限级别;
    将所述验证码和访问权限级别存储到所述本地数据库中,并将所述验证码发送至所述访问端。
  17. 根据权利要求16所述的计算机可读存储介质,其中,所述判断所述验证码是否有效时,具体实现:
    当在所述本地数据库中存在所述验证码,且存储所述验证码的第一时间与接收到所述访问请求的第二时间的时间间隔小于预设阈值时,判定所述验证码有效。
  18. 根据权利要求15所述的计算机可读存储介质,其中,所述程序被处理器执行时还用于实现:
    通过预设接口向所述被访问端发送邀请信息,并通过所述预设接口接收由所述被访问端反馈回的同意建连信息;
    根据所述同意建连信息进行数据库配置,以提供用于访问所述被访问端的访问入口。
  19. 根据权利要求15所述的计算机可读存储介质,其中,在所述访问端成功登录所述被访问端之后,所述程序被处理器执行时还用于实现:
    从所述被访问端中获取待办事件信息和提醒事件信息;其中,所述待办事件信息包括:待办事件数量信息、待办事件名称信息、待办事件跳转链接信息,所述提醒事件信息包括:提醒事件数量信息、提醒事件名称信息、提醒事件跳转链接信息;
    通过显示界面显示所述待办事件信息和提醒事件信息。
  20. 根据权利要求15-19任一项所述的计算机可读存储介质,其中,所述程序被处理器执行时还用于实现:
    分别为每个被访问端信息设置对应的密码数据库,并在每个密码数据库中分别为各个访问权限级别设置对应的登录密码信息;其中,所述登录密码信息用于限制用户在被访问端中的访问权限。
PCT/CN2021/071060 2020-02-19 2021-01-11 一种身份验证的方法、装置、计算机设备及可读存储介质 WO2021164459A1 (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010102388.1 2020-02-19
CN202010102388.1A CN111343168B (zh) 2020-02-19 2020-02-19 一种身份验证的方法、装置、计算机设备及可读存储介质

Publications (1)

Publication Number Publication Date
WO2021164459A1 true WO2021164459A1 (zh) 2021-08-26

Family

ID=71186966

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/071060 WO2021164459A1 (zh) 2020-02-19 2021-01-11 一种身份验证的方法、装置、计算机设备及可读存储介质

Country Status (2)

Country Link
CN (1) CN111343168B (zh)
WO (1) WO2021164459A1 (zh)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113707346A (zh) * 2021-09-02 2021-11-26 广州方舟信息科技有限公司 一种基于互联网医院的新型在线问诊系统及方法
CN113722691A (zh) * 2021-09-14 2021-11-30 京东科技控股股份有限公司 商家数据自助接入实现方法和装置

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111343168B (zh) * 2020-02-19 2022-01-28 深圳壹账通智能科技有限公司 一种身份验证的方法、装置、计算机设备及可读存储介质
CN112528305B (zh) * 2020-12-16 2023-10-10 平安银行股份有限公司 访问控制方法、装置、电子设备及存储介质
CN113076529B (zh) * 2021-04-14 2022-09-27 湖南快乐阳光互动娱乐传媒有限公司 一种访问控制方法、装置、计算机可读存储介质和设备
CN114117376B (zh) * 2022-01-28 2022-04-15 蘑菇物联技术(深圳)有限公司 身份认证的方法、分配动态密码的方法及相应的设备
CN115964687A (zh) * 2022-12-14 2023-04-14 武汉卓讯互动信息科技有限公司 基于区块链的企业统一账号认证方法和认证平台

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104394174A (zh) * 2014-12-15 2015-03-04 邱红涛 社交网络系统的登录方法及其登录系统
CN109639740A (zh) * 2019-01-31 2019-04-16 平安科技(深圳)有限公司 一种基于设备id的登录态共享方法及装置
CN110516454A (zh) * 2019-08-13 2019-11-29 苏州浪潮智能科技有限公司 多设备的交互方法、系统、装置及计算机可读存储介质
US20190372962A1 (en) * 2018-05-31 2019-12-05 Oracle International Corporation Single sign-on enabled oauth token
CN110784450A (zh) * 2019-09-24 2020-02-11 云深互联(北京)科技有限公司 一种基于浏览器的单点登录方法和装置
CN111343168A (zh) * 2020-02-19 2020-06-26 深圳壹账通智能科技有限公司 一种身份验证的方法、装置、计算机设备及可读存储介质

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100464336C (zh) * 2005-06-14 2009-02-25 华为技术有限公司 一种控制系统帐号权限的方法
CN102054203A (zh) * 2009-11-05 2011-05-11 上海久隆信息工程有限公司 适用于面向企业信息资源应用整合的处理方法及装置
CN104243532A (zh) * 2013-06-21 2014-12-24 鸿富锦精密工业(深圳)有限公司 数据访问方法及系统
CN103457878B (zh) * 2013-09-05 2016-03-23 电子科技大学 一种基于流的网络接入控制方法
WO2018187696A1 (en) * 2017-04-06 2018-10-11 Indais Corp. Systems and methods for access control and data management
CN109040024A (zh) * 2018-07-06 2018-12-18 广东微云科技股份有限公司 一种资源访问权限控制方法及系统
CN109492374B (zh) * 2018-09-26 2022-03-18 平安医疗健康管理股份有限公司 基于身份验证的系统登录方法、装置、服务器及存储介质
CN109670768A (zh) * 2018-09-27 2019-04-23 深圳壹账通智能科技有限公司 多业务域的权限管理方法、装置、平台及可读存储介质
CN109150910A (zh) * 2018-10-11 2019-01-04 平安科技(深圳)有限公司 登录令牌生成及验证方法、装置及存储介质
CN109257391A (zh) * 2018-11-30 2019-01-22 北京锐安科技有限公司 一种访问权限开放方法、装置、服务器及存储介质
CN110750765B (zh) * 2019-09-27 2022-03-01 奇安信科技集团股份有限公司 服务系统及其前端页面控制方法、计算机设备和存储介质

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104394174A (zh) * 2014-12-15 2015-03-04 邱红涛 社交网络系统的登录方法及其登录系统
US20190372962A1 (en) * 2018-05-31 2019-12-05 Oracle International Corporation Single sign-on enabled oauth token
CN109639740A (zh) * 2019-01-31 2019-04-16 平安科技(深圳)有限公司 一种基于设备id的登录态共享方法及装置
CN110516454A (zh) * 2019-08-13 2019-11-29 苏州浪潮智能科技有限公司 多设备的交互方法、系统、装置及计算机可读存储介质
CN110784450A (zh) * 2019-09-24 2020-02-11 云深互联(北京)科技有限公司 一种基于浏览器的单点登录方法和装置
CN111343168A (zh) * 2020-02-19 2020-06-26 深圳壹账通智能科技有限公司 一种身份验证的方法、装置、计算机设备及可读存储介质

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113707346A (zh) * 2021-09-02 2021-11-26 广州方舟信息科技有限公司 一种基于互联网医院的新型在线问诊系统及方法
CN113722691A (zh) * 2021-09-14 2021-11-30 京东科技控股股份有限公司 商家数据自助接入实现方法和装置

Also Published As

Publication number Publication date
CN111343168A (zh) 2020-06-26
CN111343168B (zh) 2022-01-28

Similar Documents

Publication Publication Date Title
WO2021164459A1 (zh) 一种身份验证的方法、装置、计算机设备及可读存储介质
CN111756753B (zh) 一种权限验证方法及系统
EP3552098B1 (en) Operating system update management for enrolled devices
AU2017444205B2 (en) Systems and methods for generating and maintaining immutable digital meeting records within distributed network nodes
CN108551437B (zh) 用于认证信息的方法和装置
US11411881B2 (en) Organization level identity management
US10587697B2 (en) Application-specific session authentication
CN111181975B (zh) 一种账号管理方法、装置、设备及存储介质
US20120246740A1 (en) Strong rights management for computing application functionality
CN111680310B (zh) 一种权限控制的方法及装置、电子设备、存储介质
CN101411163A (zh) 跟踪网格系统中的安全执行的系统和方法
US10567388B1 (en) Automatic account resource and policy decommissioning
US20140258435A1 (en) Alerting recipients to errors occurring when accessing external services
EP3937040A1 (en) Systems and methods for securing login access
US10333778B2 (en) Multiuser device staging
CN110619206A (zh) 运维风险控制方法、系统、设备及计算机可读存储介质
CN113239397A (zh) 信息访问方法、装置、计算机设备及介质
US20240291822A1 (en) System and methods for controlled access to computer resources
CN116325654A (zh) 租户感知相互tls认证
CN112433985A (zh) 控制提交给计算系统的信息的组合
CN108449367B (zh) 管理用户登录安全性的方法、装置、电子设备及可读介质
CN103051607B (zh) 访问方法、设备及系统
CN114362960B (zh) 资源账户的数据监管方法、装置、计算机设备及介质
CN114095230B (zh) 一种数据处理方法、装置、计算机设备以及存储介质
US20080295150A1 (en) Method for improving application performance and user directory integrity

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21756741

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 19/01/2023)

122 Ep: pct application non-entry in european phase

Ref document number: 21756741

Country of ref document: EP

Kind code of ref document: A1