CN115834101A - Login control method, system, storage medium and electronic equipment - Google Patents
Login control method, system, storage medium and electronic equipment Download PDFInfo
- Publication number
- CN115834101A CN115834101A CN202211099313.8A CN202211099313A CN115834101A CN 115834101 A CN115834101 A CN 115834101A CN 202211099313 A CN202211099313 A CN 202211099313A CN 115834101 A CN115834101 A CN 115834101A
- Authority
- CN
- China
- Prior art keywords
- website
- login
- information
- user
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Telephonic Communication Services (AREA)
Abstract
The embodiment of the invention provides a login control method, a login control system, a storage medium and electronic equipment. Wherein, the method comprises the following steps: analyzing the user login request, and acquiring and generating website parameters based on the user equipment information; adding the website parameters into a target website to obtain a login website; sending the login website to the client, and sending the identity authentication information to the second server by using the login website for verification; receiving callback parameters returned by the second server, analyzing the callback parameters to obtain a verification result, and if the verification result is that the verification is passed, obtaining user registration information; if the website parameters are obtained through analysis, user equipment information is obtained based on the website parameters; and generating a safety authentication result based on the user equipment information and the user registration information, and performing user login control by using the safety authentication result. According to the invention, the user login control is carried out through the security authentication result obtained based on the user equipment information and the user registration information, so that the security prevention and control effect of the account number can be improved.
Description
Technical Field
The present invention relates to the field of internet technologies, and in particular, to a login control method, system, storage medium, and electronic device.
Background
When a user logs in, the user identity is usually authenticated, and the user can log in successfully after the authentication is passed. However, for some service scenarios, security protection and control needs to be performed on login operation, for example, device verification is performed, and the login mode that the user can successfully log in only through user identity authentication is successful is lack of a protection and control measure for user account security, so that the security of the login system and the user account cannot be ensured, and the risk of user login is increased. Therefore, it is essential how to perform user login control to reduce the risk of login.
Disclosure of Invention
Embodiments of the present invention provide a login control method, system, storage medium, and electronic device, which can improve the security prevention and control effect of an account. The specific technical scheme is as follows:
the invention provides a login control method, which is applied to a first server and comprises the following steps:
receiving a user login request, analyzing the user login request, obtaining user equipment information, and generating a website parameter based on the user equipment information;
adding the website parameter to a target website corresponding to the user login request to obtain a login website;
sending the login website to a client side so that the client side sends identity authentication information to a second server for verification by using the login website; the second server is different from the first server;
receiving a callback parameter returned by the second server, analyzing the callback parameter to obtain a verification result, and if the verification result is verification passing, obtaining user registration information based on the verification result passing the verification; under the condition that the website parameters are obtained through analysis, the user equipment information is obtained based on the website parameters;
and generating a safety authentication result based on the user equipment information and the user registration information, and performing user login control by using the safety authentication result.
Optionally, the user equipment information at least includes an equipment identifier, and after the website parameter is generated based on the user equipment information, the method further includes:
under the condition that the data volume of the website parameters is smaller than the preset data volume, sending the website parameters to the client for storage;
and/or the presence of a gas in the gas,
and sending the website parameters and the equipment identification to a cloud for corresponding storage.
Optionally, the method further includes:
under the condition that the website parameters are not obtained, the website parameters stored by the client are obtained;
or the like, or, alternatively,
and under the condition that the website parameters are not obtained, the website parameters which are stored in the cloud and correspond to the equipment identification are obtained.
Optionally, the obtaining user registration information based on the verification result that the verification passes includes:
sending the verification result passing the verification to the second server to obtain an access token returned by the second server;
sending the access token to the second server to obtain second identification information; the second identification information is user identification information stored in the second server;
searching first identification information which has a corresponding relation with the second identification information; the first identification information is user identification information stored in the first server;
and obtaining user registration information which is stored in the first server and corresponds to the first identification information by utilizing the first identification information.
Optionally, the performing user login control by using the security authentication result includes:
and if the security authentication result is that the security authentication is passed, sending login information carrying the first identification information to the client so that the client performs login operation based on the login information.
Optionally, the generating a website parameter based on the user equipment information includes:
compressing the user equipment information, encrypting the compressed user equipment information, and generating the website parameter;
or the like, or, alternatively,
and encrypting the user equipment information, compressing the encrypted user equipment information, and generating the website parameter.
Optionally, the obtaining the user equipment information based on the website parameter includes:
when the website parameter is obtained by compressing the user equipment information and encrypting the compressed user equipment information, decrypting the website parameter and decompressing the decrypted information to obtain the user equipment information;
and decompressing the website parameters under the condition that the website parameters are obtained by encrypting the user equipment information and compressing the encrypted user equipment information, and decrypting the decompressed information to obtain the user equipment information.
The invention also provides a login control system, which is applied to the first server, and the system comprises:
the website parameter generating module is configured to receive a user login request, analyze the user login request, obtain user equipment information and generate a website parameter based on the user equipment information;
a login website acquisition module configured to add the website parameter to a target website corresponding to the user login request to acquire a login website;
the information checking module is configured to send the login website to a client so that the client sends the identity authentication information to a second server for checking by using the login website; the second server is different from the first server;
the analysis module is configured to receive the callback parameter returned by the second server, analyze the callback parameter to obtain a verification result, and if the verification result is verification passing, obtain user registration information based on the verification result passing the verification; under the condition that the website parameters are obtained through analysis, the user equipment information is obtained based on the website parameters;
and the login control module is configured to generate a security authentication result based on the user equipment information and the user registration information, and perform user login control by using the security authentication result.
The present invention also provides a computer-readable storage medium having a program stored thereon, the program, when executed by a processor, implementing the login control method described above.
The present invention also provides an electronic device comprising:
at least one processor, and at least one memory, bus connected with the processor;
the processor and the memory complete mutual communication through the bus; the processor is used for calling the program instructions in the memory so as to execute the login control method.
According to the login control method, the login control system, the storage medium and the electronic device provided by the embodiment of the invention, the website parameter obtained based on the user equipment information is carried in the login website, the user equipment information can be obtained through the website parameter, the user login control is carried out through the security authentication result obtained based on the user equipment information and the user registration information, and the account security prevention and control effect can be improved under some service scenes needing equipment verification through obtaining the user equipment information.
Of course, it is not necessary for any product or method of practicing the invention to achieve all of the above-described advantages at the same time.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of a login control method according to an embodiment of the present invention;
fig. 2 is a signaling diagram of an embodiment of a login control method according to an embodiment of the present invention;
fig. 3 is a signaling diagram of another embodiment of a login control method according to an embodiment of the present invention;
fig. 4 is a signaling diagram of another embodiment of a login control method according to an embodiment of the present invention;
fig. 5 is a structural diagram of a login control system according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without making any creative effort based on the embodiments in the present invention, belong to the protection scope of the present invention.
The invention provides a login control method which is applied to a first server, wherein the first server is provided with a login interface and a callback interface.
The server may be hardware or software. When the server is hardware, it may be implemented as a distributed server cluster formed by multiple servers, or may be implemented as a single server. When the server is software, it may be implemented as multiple pieces of software or software modules (e.g., to provide distributed services), or as a single piece of software or software module. And is not particularly limited herein. The login interface and the callback interface can be deployed on the same first server or different servers, and data of the login interface and data of the callback interface cannot be shared.
As shown in fig. 1, the login control method provided by the present invention is applied to a first server, and the method includes:
step 101: and receiving a user login request, analyzing the user login request, acquiring user equipment information, and generating a website parameter based on the user equipment information.
The user login request may be a request for logging in a target APP (Application, application program) sent by the client, and the user login request may be analyzed to obtain a request for logging in the target APP through a registered account of an APP other than the target APP.
When the client sends the user login request, the context information of the user login request can be sent to the login interface of the first server, and the login interface receives and analyzes the user login request. The context information may include user equipment information, which may reflect the user equipment of the login target APP. The user equipment information may include one or more of a device identification, a device source address, a device source platform. The device identifier may be a device identifier, such as an International Mobile Equipment Identifier (IMEI), the device source may be a Mobile terminal or a PC terminal, the device source address may be an IP address, and the source platform may be an operating system of the device, such as android and IOS. The security of the user account can be detected based on the user equipment information, so that the account security prevention and control are performed when the user logs in.
As an optional implementation manner, the method for generating a website parameter based on user equipment information includes: and compressing the user equipment information, and encrypting the compressed user equipment information to obtain the website parameters.
As another optional implementation, a method for generating a website parameter based on user equipment information includes: and encrypting the user equipment information, and compressing the encrypted user equipment information to obtain the website parameters.
Step 102: and adding the website parameters to a target website corresponding to the user login request to obtain a login website.
The login interface analyzes the user login request, not only can obtain the user equipment information, but also can obtain a target website pointed by the user login request, and the target website can provide a login page for the user. The method for obtaining the target website may be: identifying a client type based on the user login request; if the client type is a mobile phone end APP, a first target website is obtained, and the first target website can provide a mobile phone end APP login page for a user; and if the client type is a web browser, acquiring a second target website, wherein the second target website can provide a web page version login page for the user.
Optionally, the website parameter may be a state parameter, which is a user-defined parameter, and may be embedded in the website as a suffix of the website, and splicing the state parameter in the target website does not affect the effectiveness of the target website, that is, the login website obtained after adding the website parameter in the target website may provide a login page for the user, and the login page corresponding to the login website may be the same as the login page corresponding to the target website.
Step 103: and sending the login website to the client so that the client sends the identity authentication information to the second server for verification by using the login website. The second server is different from the first server.
After the login website is sent to the client side by the login interface of the first server, the client side can jump to a login page through the login website, identity authentication information input by a user on the login page is obtained, and the identity authentication information is sent to the second server for verification. Of course, if the authorization key or the authorization two-dimensional code is displayed in the login page, the authorization information generated after the user operates based on the authorization key or the authorization two-dimensional code may be sent from the login page to the second server.
The identity authentication information may be identity authentication information, such as a user name and a password, entered by the user in other APPs except the target APP. The first server can be a server of the target APP, the second server can be a server of other APPs except the target APP, the user registers in other APPs except the target APP, the second server stores the user's storage information, and after the identity authentication information is sent to the second server, the user identity can be verified.
Step 104: receiving callback parameters returned by the second server, analyzing the callback parameters to obtain a verification result, and if the verification result is verification passing, obtaining user registration information based on the verification result of the verification passing; and under the condition of analyzing to obtain the website parameters, obtaining the user equipment information based on the website parameters.
After the second server verifies the identity authentication information, a request is sent to a callback address of the first server, the request carries callback parameters, after the second server passes the verification based on the identity authentication information, the callback parameters can include code information, a verification result can be obtained by analyzing the callback parameters, and if the verification result is that the verification passes, the callback interface of the first server can request the second server to obtain user registration information.
As an optional implementation manner, obtaining the user registration information based on the verification result that the verification passes includes: sending the verification result passing the verification to the second server to obtain an access token returned by the second server; sending the access token to a second server to obtain second identification information; the second identification information is user identification information stored in a second server; searching first identification information corresponding to the second identification information; the first identification information is user identification information stored in the first server; and obtaining user registration information which is stored in the first server and corresponds to the first identification information by utilizing the first identification information.
Optionally, the check result may be code information, the callback interface sends the code information to the second server to exchange for an access token, the access token may be a token parameter, the callback interface may obtain second identification information after receiving the token parameter, the second identification information is user identification information stored in the second server, the second identification information may be openid, the callback interface may search the user identification information stored in the first server by using a correspondence between the second identification information and the first identification information, to obtain the first identification information, the first identification information may be uid, and user registration information may be obtained through the uid.
If the user identification information stored in the first server is not found by using the corresponding relationship between the second identification information and the first identification information, the user is a user who is not registered in the target APP, and at this time, the account of the target APP may be registered for the user at least based on the second identification information openid returned by the second server. Certainly, the account of the target APP may also be registered for the user based on the second identification information openid returned by the second server, and the user's head portrait and nickname stored in the second server by the user.
Because the interface interaction of the server is based on the HTTP protocol which is a stateless protocol, and parameters cannot be shared between cross-requests based on a request-response mode, the data of the login interface and the data of the callback interface cannot be shared. The invention sends the user equipment information to the second server through the login interface of the first server, and then calls back to the call-back interface of the first server by utilizing the second server, so that the call-back interface has the user equipment information.
The callback parameter returned by the second server may or may not include a website parameter, and the user equipment information may be obtained based on the website parameter when the website parameter is parsed from the callback parameter.
As an optional implementation manner, obtaining the user equipment information based on the website parameter includes:
and under the condition that the website parameters are obtained by compressing the user equipment information and encrypting the compressed user equipment information, decrypting the website parameters, and decompressing the decrypted information to obtain the user equipment information.
And when the website parameter is obtained by encrypting the user equipment information and compressing the encrypted user equipment information, decompressing the website parameter, and decrypting the decompressed information to obtain the user equipment information.
Optionally, the method for encrypting the user equipment information may be a symmetric encryption method, and after the user equipment information is encrypted by using the symmetric encryption method, the encrypted user equipment information may be decrypted by using the symmetric encryption method. The method for compressing the user equipment information can be used for serializing the protobuf so as to compress the length of the user equipment information, and when the compressed user equipment information is decompressed, deserialization can be performed through the protobuf. Through the above operation, user equipment information can be obtained.
In order to prevent the second server from being unable to return the website parameter and the callback interface is unable to obtain the user equipment information, after obtaining the website parameter based on the user equipment information in step 101, the login interface may send the website parameter to the client and/or the cloud for storage, so that when the second server is unable to return the website parameter, the website parameter may be obtained from the client and/or the cloud.
As an optional implementation manner, after the login interface obtains the website parameter based on the user equipment information, the website parameter is sent to the client for storage under the condition that the data volume of the website parameter is smaller than the preset data volume.
In this embodiment, the callback interface may obtain the website parameter stored by the client when the callback interface does not obtain the website parameter returned by the second server.
Optionally, the login interface sends the website parameter to the client in the form of cookie, the cookie limits the length, the preset data size may be the maximum data size allowed by the cookie, and the login interface sends the website parameter to the client for storage when the data size of the website parameter is smaller than the preset data size. If the data volume of the website parameter is greater than the preset data volume, the callback interface fails to acquire the website parameter stored by the client.
As another optional implementation manner, after the login interface obtains the website parameter based on the user device information, the website parameter and the device identifier are sent to the cloud for corresponding storage.
In this embodiment, the callback interface may acquire the website parameter corresponding to the device identifier stored in the cloud when the callback interface does not acquire the website parameter returned by the second server or when the callback interface fails to acquire the website parameter from the client.
Step 105: and generating a safety authentication result based on the user equipment information and the user registration information, and performing user login control by using the safety authentication result.
Optionally, the first server may generate a security authentication result based on the user device information and the user registration information. The user registration information may include one or more of a mailbox, a mobile phone number, a user name, and a user password. Certainly, the mailbox, the mobile phone number and the password can be desensitized and then sent to the security prevention and control system together with the user equipment information. The security control system may detect the security of the user login operation based on the user device information and the user registration information to obtain a security authentication result, where the security authentication result may reflect whether the user login is secure.
As an optional implementation manner, the performing user login control by using the security authentication result includes: and if the security authentication result is that the security authentication is passed, the callback interface sends login information carrying the first identification information to the client so that the client performs login operation based on the login information.
Fig. 2 is a signaling diagram of an embodiment of a login control method according to the present application, as shown in fig. 2, in step 201, a user client sends a user login request to a first server. And the login interface of the first server receives the user login request.
In step 202, the login interface of the first server parses the user login request to obtain the user device information, obtains the website parameter based on the user device information, and adds the website parameter to the target website pointed by the user login request to obtain the login website. Optionally, the website parameter is a state parameter, and the state parameter is used as a suffix of the target website to obtain the login website.
In step 203, the login interface of the first server sends a login website to the user client.
In step 204, the user client may send the authentication information to the second server by logging on the website.
In step 205, the second server checks the identity authentication information and returns the check result to the callback interface of the first server, and simultaneously returns the callback interface of the first server with the website parameter value.
In step 206, the callback interface of the first server may obtain the user registration information based on the verification result that the verification passes, and may also obtain the user equipment information based on the website parameter.
Optionally, the process of obtaining the user registration information based on the verification result that passes the verification may be: the callback interface of the first server sends the verification result passing the verification to the second server, and the second server returns an access token to the callback interface; the callback interface sends the access token to a second server, and the second server sends second identification information to the first server, wherein the second identification information is user identification information stored in the second server; the callback interface searches for first identification information, wherein the first identification information is user identification information which is stored in the first server and corresponds to the second identification information; and the callback interface acquires user registration information corresponding to the first identification information.
In step 207, the callback interface of the first server sends the user registration information and the user equipment information to the security protection and control system.
In step 208, the security prevention and control system generates a security authentication result based on the user registration information and the user device information.
In step 209, the security control system sends the security authentication result to the callback interface of the first server.
In step 210, the callback interface of the first server performs user login control based on the security authentication result.
Fig. 3 is a signaling diagram of another embodiment of a login control method according to the present application, as shown in fig. 3, the steps in fig. 3 are different from those in fig. 2 in that:
in step 303, the login interface of the first server sends the website parameter to the user client. Optionally, the first server may send the website parameter as a cookie to the user client when the data amount of the website parameter is smaller than the preset data amount.
In step 304, the user client stores the website parameters.
In step 307, the second server returns the verification result to the first server. The second server cannot return the website address parameter to the first server, and step 308 is executed.
In step 308, the first server obtains the website address parameters from the user client, and then performs step 309.
Fig. 4 is a signaling diagram of another embodiment of a login control method according to the present application, as shown in fig. 4, the steps in fig. 4 are different from those in fig. 2 in that:
in step 403, the first server sends the website parameter to the cloud. Optionally, the login interface of the first server sends the website parameter and the device identifier in the user device information to the cloud for corresponding storage.
In step 404, the cloud stores the website parameters.
In step 407, the second server returns the verification result to the first server. The second server is unable to return the URL parameter to the first server, and step 408 is performed.
In step 408, the first server obtains the website parameters from the cloud. Optionally, the callback interface of the first server obtains the website parameter corresponding to the device identifier and stored in the cloud.
The present invention also provides a login control system applied to a first server, as shown in fig. 5, the system includes:
the website parameter generating module 501 is configured to receive a user login request, analyze the user login request, obtain user equipment information, and generate a website parameter based on the user equipment information.
A website parameter generating module 501, configured to compress the user equipment information, encrypt the compressed user equipment information, and generate a website parameter; or encrypting the user equipment information, compressing the encrypted user equipment information and generating the website parameter.
A login website obtaining module 502 configured to add the website parameter to the target website corresponding to the user login request, so as to obtain a login website.
An information checking module 503, configured to send the login website to the client, so that the client sends the identity authentication information to the second server for checking by using the login website; the second server is different from the first server.
The analysis module 504 is configured to receive the callback parameter returned by the second server, analyze the callback parameter to obtain a verification result, and if the verification result is that the verification is passed, obtain the user registration information based on the verification result that the verification is passed; and under the condition of analyzing to obtain the website parameters, obtaining the user equipment information based on the website parameters.
The parsing module 504 is specifically configured to send the verification result that passes the verification to the second server, so as to obtain an access token returned by the second server; sending the access token to a second server to obtain second identification information; the second identification information is user identification information stored in a second server; searching first identification information corresponding to the second identification information; the first identification information is user identification information stored in the first server; and obtaining user registration information which is stored in the first server and corresponds to the first identification information by utilizing the first identification information.
The parsing module 504 is further configured to decrypt the website parameter and decompress the decrypted information to obtain the user equipment information when the website parameter is obtained by compressing the user equipment information and encrypting the compressed user equipment information; and when the website parameter is obtained by encrypting the user equipment information and compressing the encrypted user equipment information, decompressing the website parameter, and decrypting the decompressed information to obtain the user equipment information.
And a login control module 505 configured to generate a security authentication result based on the user device information and the user registration information, and perform user login control using the security authentication result.
The login control module 505 is specifically configured to send login information carrying the first identification information to the client if the security authentication result is that the security authentication passes, so that the client performs a login operation based on the login information.
The login control system further comprises:
the parameter sending module is configured to send the website parameters to the client for storage under the condition that the data volume of the website parameters is smaller than the preset data volume; and/or sending the website parameters and the equipment identification to the cloud for corresponding storage.
The parameter acquisition module is configured to acquire the website parameters stored by the client under the condition that the website parameters are not acquired; or, under the condition that the website parameters are not obtained, the website parameters corresponding to the device identification and stored in the cloud are obtained.
An embodiment of the present invention provides a computer-readable storage medium on which a program is stored, the program implementing the above-described login control method when executed by a processor.
An embodiment of the present invention provides an electronic device, as shown in fig. 6, an electronic device 60 includes at least one processor 601, at least one memory 602 connected to the processor 601, and a bus 603; the processor 601 and the memory 602 complete communication with each other through the bus 603; the processor 601 is used for calling the program instructions in the memory 602 to execute the login control method described above. The electronic device herein may be a server, a PC, a PAD, a mobile phone, etc.
The present application also provides a computer program product adapted to execute a program, when executed on a data processing device, for initializing the steps comprised by the login control method as described above.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, systems and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a device includes one or more processors (CPUs), memory, and a bus. The device may also include input/output interfaces, network interfaces, and the like.
The memory may include volatile memory in a computer readable medium, random Access Memory (RAM) and/or nonvolatile memory such as Read Only Memory (ROM) or flash memory (flash RAM), and the memory includes at least one memory chip. The memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and so forth) having computer-usable program code embodied therein.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising a," "8230," "8230," or "comprising" does not exclude the presence of additional identical elements in the process, method, article, or apparatus comprising the element.
All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on differences from other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
The above are merely examples of the present application and are not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.
Claims (10)
1. A login control method applied to a first server, the method comprising:
receiving a user login request, analyzing the user login request, obtaining user equipment information, and generating a website parameter based on the user equipment information;
adding the website parameter to a target website corresponding to the user login request to obtain a login website;
sending the login website to a client side so that the client side sends identity authentication information to a second server for verification by using the login website; the second server is different from the first server;
receiving a callback parameter returned by the second server, analyzing the callback parameter to obtain a verification result, and if the verification result is verification passing, obtaining user registration information based on the verification result passing the verification; under the condition that the website parameters are obtained through analysis, the user equipment information is obtained based on the website parameters;
and generating a safety authentication result based on the user equipment information and the user registration information, and performing user login control by using the safety authentication result.
2. The login control method according to claim 1, wherein the user equipment information at least includes an equipment identifier, and after the generating the website address parameter based on the user equipment information, the method further comprises:
under the condition that the data volume of the website parameter is smaller than the preset data volume, sending the website parameter to the client for storage;
and/or the presence of a gas in the gas,
and sending the website parameters and the equipment identification to a cloud for corresponding storage.
3. The login control method according to claim 2, further comprising:
under the condition that the website parameters are not obtained, the website parameters stored by the client are obtained;
or the like, or, alternatively,
and under the condition that the website parameters are not obtained, the website parameters which are stored in the cloud and correspond to the equipment identification are obtained.
4. The login control method according to claim 1, wherein the obtaining user registration information based on the verification result that the verification passes comprises:
sending the verification result passing the verification to the second server to obtain an access token returned by the second server;
sending the access token to the second server to obtain second identification information; the second identification information is user identification information stored in the second server;
searching first identification information which has a corresponding relation with the second identification information; the first identification information is user identification information stored in the first server;
and obtaining user registration information which is stored in the first server and corresponds to the first identification information by utilizing the first identification information.
5. The login control method according to claim 4, wherein the performing of the user login control using the security authentication result includes:
and if the security authentication result is that the security authentication is passed, sending login information carrying the first identification information to the client so that the client performs login operation based on the login information.
6. The login control method according to claim 1, wherein the generating a website parameter based on the user equipment information comprises:
compressing the user equipment information, encrypting the compressed user equipment information, and generating the website parameter;
or the like, or a combination thereof,
and encrypting the user equipment information, compressing the encrypted user equipment information, and generating the website parameter.
7. The login control method according to any one of claims 1 to 6, wherein the obtaining the user equipment information based on the website address parameter comprises:
when the website parameter is obtained by compressing the user equipment information and encrypting the compressed user equipment information, decrypting the website parameter and decompressing the decrypted information to obtain the user equipment information;
and decompressing the website parameters under the condition that the website parameters are obtained by encrypting the user equipment information and compressing the encrypted user equipment information, and decrypting the decompressed information to obtain the user equipment information.
8. A login control system, applied to a first server, the system comprising:
the website parameter generating module is configured to receive a user login request, analyze the user login request, obtain user equipment information and generate a website parameter based on the user equipment information;
a login website acquisition module configured to add the website parameter to a target website corresponding to the user login request to acquire a login website;
the information checking module is configured to send the login website to a client so that the client sends the identity authentication information to a second server for checking by using the login website; the second server is different from the first server;
the analysis module is configured to receive the callback parameter returned by the second server, analyze the callback parameter to obtain a verification result, and if the verification result is verification passing, obtain user registration information based on the verification result passing the verification; under the condition that the website parameters are obtained through analysis, the user equipment information is obtained based on the website parameters;
and the login control module is configured to generate a security authentication result based on the user equipment information and the user registration information, and perform user login control by using the security authentication result.
9. A computer-readable storage medium, characterized in that the computer-readable storage medium has stored thereon a program which, when executed by a processor, implements the login control method according to any one of claims 1 to 7.
10. An electronic device, comprising:
at least one processor, and at least one memory, bus connected with the processor;
the processor and the memory complete mutual communication through the bus; the processor is configured to call program instructions in the memory to perform the login control method of any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211099313.8A CN115834101A (en) | 2022-09-08 | 2022-09-08 | Login control method, system, storage medium and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211099313.8A CN115834101A (en) | 2022-09-08 | 2022-09-08 | Login control method, system, storage medium and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115834101A true CN115834101A (en) | 2023-03-21 |
Family
ID=85523485
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211099313.8A Pending CN115834101A (en) | 2022-09-08 | 2022-09-08 | Login control method, system, storage medium and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115834101A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116032889A (en) * | 2023-03-30 | 2023-04-28 | 新华三技术有限公司 | IP address allocation method and device |
| CN119781876A (en) * | 2024-12-17 | 2025-04-08 | 中国工商银行股份有限公司 | Method and device for calling business software, storage medium and electronic device |
-
2022
- 2022-09-08 CN CN202211099313.8A patent/CN115834101A/en active Pending
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116032889A (en) * | 2023-03-30 | 2023-04-28 | 新华三技术有限公司 | IP address allocation method and device |
| CN116032889B (en) * | 2023-03-30 | 2023-07-21 | 新华三技术有限公司 | IP address allocation method and device |
| CN119781876A (en) * | 2024-12-17 | 2025-04-08 | 中国工商银行股份有限公司 | Method and device for calling business software, storage medium and electronic device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104735066B (en) | A kind of single-point logging method of object web page application, device and system | |
| CN111556006B (en) | Third-party application system login method, device, terminal and SSO service platform | |
| KR102193406B1 (en) | Method and device for identifying user identity | |
| US9686344B2 (en) | Method for implementing cross-domain jump, browser, and domain name server | |
| CN109194625B (en) | Client application protection method and device based on cloud server and storage medium | |
| EP2963958B1 (en) | Network device, terminal device and information security improving method | |
| CN107196950B (en) | Verification method, verification device and server | |
| CN108243188B (en) | Interface access, interface call and interface verification processing method and device | |
| WO2017028804A1 (en) | Web real-time communication platform authentication and access method and device | |
| CN109039987A (en) | A kind of user account login method, device, electronic equipment and storage medium | |
| CN104144419A (en) | Identity authentication method, device and system | |
| CN109218334B (en) | Data processing method, device, access control equipment, authentication server and system | |
| CN107566323B (en) | Application system login method and device | |
| CN105025041A (en) | Method, device and system for uploading files | |
| CN113204772A (en) | Data processing method, device, system, terminal, server and storage medium | |
| CN108156119B (en) | Login verification method and device | |
| CN115834101A (en) | Login control method, system, storage medium and electronic equipment | |
| CN105701423A (en) | Data storage method and device applied to cloud payment transactions | |
| CN112491890A (en) | Access method and device | |
| CN111314288A (en) | Relay processing method, relay processing device, server, and storage medium | |
| CN111355730A (en) | Platform login method, device, equipment and computer readable storage medium | |
| CN113329242A (en) | Resource management method and device | |
| CN115361683A (en) | A service access method, SIM card, server and service platform | |
| CN115567271A (en) | Authentication method and device, page skip method and device, electronic equipment and medium | |
| CN105429978B (en) | Data access method, equipment and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |