Background
The method has the advantages that wireless coverage is more and more at present, mobile terminal equipment such as mobile phones is more and more used, internet surfing is achieved through WiFi (wireless fidelity) to become a current mainstream mode, short message authentication is one of the common modes of wireless Portal authentication, certain security loopholes exist, in one case, when a user inputs a mobile phone number to click to obtain a short message authentication code, the short message authentication code is not received within 60 seconds, a Portal page can be refreshed repeatedly, and the short message authentication code can be obtained repeatedly after being submitted for multiple times.
The prior art can limit the resubmission within 60 seconds through the local cookie of the browser, but the method using some local cookies of the browser fails, the loophole can be utilized by hackers, and large-scale short message authentication requests are sent, so that the server is abnormal, and the short message limit is exhausted quickly.
Disclosure of Invention
The invention aims to provide a WIFI hotspot access authentication method, device and system, which improve the safety of WIFI internet access.
The technical scheme provided by the invention is as follows:
the invention discloses an authentication method for WIFI hotspot access, which comprises the following steps: s10, receiving an authentication request carrying identification information sent by a user; s20, counting the authentication request times of the current user according to the identification information; judging whether the current authentication request of the user is abnormal or not according to the times of the authentication requests; if the result is abnormal, the authentication request of the user is not passed through S30; when the S40 does not belong to the abnormality, the authentication request by the user is passed.
The invention also discloses another authentication method for WIFI hotspot access, which comprises the following steps: s10, receiving an authentication request carrying identification information sent by a user; s20, counting the authentication request times of the current user according to the identification information; judging whether the current authentication request of the user is abnormal or not according to the times of the authentication requests; s30, if the authentication request is abnormal, recording all authentication requests of the user within a first preset time; identifying the status flag bit of the authentication request as a rejection status; generating a history request record according to all the authentication requests; not passing the authentication request of the user; when the S40 does not belong to the abnormity, recording all authentication requests of the user within a first preset time; marking the authentication request adding state flag bit as an accepting state; and generating a history request record according to all the authentication requests, and passing the authentication requests of the user.
The invention also discloses another authentication method for WIFI hotspot access, which comprises the following steps: s10, receiving an authentication request carrying identification information sent by a user; s21, according to the identification information, searching whether the history request record has the authentication request of the current user; if yes, executing the next step; otherwise, executing S401; s22, counting the authentication request times of the current user according to the history request record; s23 judging whether the current user 'S authentication request is abnormal according to the current user' S authentication request times; if yes, the authentication request of the user is not passed; otherwise, executing step S401; s30, if the authentication request is abnormal, recording all authentication requests of the user within a first preset time; identifying the status flag bit of the authentication request as a rejection status; generating a history request record according to all the authentication requests; not passing the authentication request of the user; when the S40 does not belong to the abnormity, recording all authentication requests of the user within a first preset time; marking the authentication request adding state flag bit as an accepting state; and generating a history request record according to all the authentication requests, and passing the authentication requests of the user.
The invention also discloses another authentication method for WIFI hotspot access, which comprises the following steps: s10, receiving an authentication request carrying identification information sent by a user; s21, according to the identification information, searching whether the history request record has the authentication request of the current user; if yes, executing the next step; otherwise, executing S401; s22, counting the authentication request times of the current user according to the history request record; s230, judging whether the authentication request times of the current user is less than or equal to a preset first time; s231, when the number of times of the authentication request of the user is greater than the preset first number of times, judging that the current authentication request of the current user is abnormal and does not pass the current authentication request of the current user, and executing the step S30; s232, when the times of the authentication requests of the user are less than or equal to a preset first time, continuously judging whether the authentication request of the current user is abnormal; if yes, the authentication request of the user is not passed; otherwise, executing step S401; s30, if the authentication request is abnormal, recording all authentication requests of the user within a first preset time; identifying the status flag bit of the authentication request as a rejection status; generating a history request record according to all the authentication requests; not passing the authentication request of the user; when the S40 does not belong to the abnormity, recording all authentication requests of the user within a first preset time; marking the authentication request adding state flag bit as an accepting state; and generating a history request record according to all the authentication requests, and passing the authentication requests of the user.
The invention also discloses another authentication method for WIFI hotspot access, which comprises the following steps: s10, receiving an authentication request carrying identification information sent by a user; s21, according to the identification information, searching whether the history request record has the authentication request of the current user; if yes, executing the next step; otherwise, executing S401; s22, counting the authentication request times of the current user according to the history request record; s230, judging whether the authentication request times of the current user is less than or equal to a preset first time; s2311, when the number of times of the authentication request of the user is greater than the preset first number of times and less than the preset second number of times, determining that the current authentication request of the user is abnormal, adding the terminal where the current user is located to a blacklist of a second preset time, and not receiving the authentication request of the user within the second preset time, and performing step S30; s232, when the times of the authentication requests of the user are less than or equal to a preset first time, continuously judging whether the authentication request of the current user is abnormal; if yes, the authentication request of the user is not passed; otherwise, executing step S401; s30, if the authentication request is abnormal, recording all authentication requests of the user within a first preset time; identifying the status flag bit of the authentication request as a rejection status; generating a history request record according to all the authentication requests; not passing the authentication request of the user; when the S40 does not belong to the abnormity, recording all authentication requests of the user within a first preset time; marking the authentication request adding state flag bit as an accepting state; and generating a history request record according to all the authentication requests, and passing the authentication requests of the user.
The invention also discloses another authentication method for WIFI hotspot access, which comprises the following steps: s10, receiving an authentication request carrying identification information sent by a user; s21, according to the identification information, searching whether the history request record has the authentication request of the current user; if yes, executing the next step; otherwise, executing S401; s22, counting the authentication request times of the current user according to the history request record; s230, judging whether the authentication request times of the current user is less than or equal to a preset first time; s2312, when the number of times of the authentication request of the user is greater than the preset second number of times, judging that the authentication request of the current user is abnormal, adding the terminal where the current user is located into a permanent blacklist, and executing the step S30 without receiving the authentication request of the user; s232, when the times of the authentication requests of the user are less than or equal to a preset first time, continuously judging whether the authentication request of the current user is abnormal; if yes, the authentication request of the user is not passed; otherwise, executing step S401; s30, if the authentication request is abnormal, recording all authentication requests of the user within a first preset time; identifying the status flag bit of the authentication request as a rejection status; generating a history request record according to all the authentication requests; not passing the authentication request of the user; when the S40 does not belong to the abnormity, recording all authentication requests of the user within a first preset time; marking the authentication request adding state flag bit as an accepting state; and generating a history request record according to all the authentication requests, and passing the authentication requests of the user.
The invention also discloses another authentication method for WIFI hotspot access, which comprises the following steps: s10, receiving an authentication request carrying identification information sent by a user; s21, according to the identification information, searching whether the history request record has the authentication request of the current user; if yes, executing the next step; otherwise, executing S401; s22, counting the authentication request times of the current user according to the history request record; s230, judging whether the authentication request times of the current user is less than or equal to a preset first time; s231, when the number of times of the authentication request of the user is greater than the preset first number of times, judging that the current authentication request of the current user is abnormal and does not pass the current authentication request of the current user, and executing the step S30; s2321, when the authentication request times of the user is less than or equal to a preset first time, the latest authentication request of the current user in the history request record is searched; s2322 judges whether the status flag bit of the latest authentication request is in an accepting state; if yes, executing step S2323; otherwise, executing step S401; s2323 compares whether a difference between the request timestamp of the current authentication request of the current user and the request timestamp of the latest authentication request is smaller than a preset difference; if yes, go to step S301; otherwise, executing step S401; s30, if the authentication request is abnormal, recording all authentication requests of the user within a first preset time; identifying the status flag bit of the authentication request as a rejection status; generating a history request record according to all the authentication requests; not passing the authentication request of the user; when the S40 does not belong to the abnormity, recording all authentication requests of the user within a first preset time; marking the authentication request adding state flag bit as an accepting state; and generating a history request record according to all the authentication requests, and passing the authentication requests of the user.
The invention discloses an authentication device for WIFI hotspot access, which comprises an AC server: the AC server includes: the receiving module is used for receiving an authentication request which is sent by a user and carries identification information; the abnormity judgment module is used for counting the times of the authentication request of the current user according to the identification information and judging whether the authentication request of the current user is abnormal or not according to the times of the authentication request; and the execution module is used for not passing the authentication request of the user when the authentication request of the current user is abnormal, and is also used for passing the authentication request of the user when the authentication request of the current user is not abnormal.
The invention also discloses another authentication device for WIFI hotspot access, and the authentication device comprises the AC server: the AC server includes: the receiving module is used for receiving an authentication request which is sent by a user and carries identification information; the abnormity judgment module is used for counting the times of the authentication request of the current user according to the identification information and judging whether the authentication request of the current user is abnormal or not according to the times of the authentication request; the execution module is used for not passing the authentication request of the user when the authentication request of the current user is abnormal and also used for passing the authentication request of the user when the authentication request of the current user is not abnormal; and the authentication code generation module is used for generating an authentication code for accessing the WIFI hotspot when the execution module passes the authentication request of the current user.
Further preferably, the identification information includes a mobile phone number of the user, a request timestamp, and a terminal MAC address.
The invention discloses an authentication device for WIFI hotspot access, which comprises an AC server: the AC server includes: the receiving module is used for receiving an authentication request which is sent by a user and carries identification information; the abnormity judgment module is used for counting the times of the authentication request of the current user according to the identification information and judging whether the authentication request of the current user is abnormal or not according to the times of the authentication request; the execution module is used for not passing the authentication request of the user when the authentication request of the current user is abnormal and also used for passing the authentication request of the user when the authentication request of the current user is not abnormal; the authentication code generation module is used for generating an authentication code for accessing the WIFI hotspot when the execution module passes the authentication request of the current user; the recording module is used for recording all authentication requests of a user within first preset time; the authentication request comprises identification information of a user and a request timestamp; the identification module is used for adding a state flag bit to the authentication request to identify that the authentication request is in an accepting state or a rejecting state; and the generating module is used for generating a history request record according to all the authentication requests.
The invention discloses an authentication device for WIFI hotspot access, which comprises an AC server: the AC server includes: the receiving module is used for receiving an authentication request which is sent by a user and carries identification information; the searching module is used for searching whether the historical request record has the authentication request of the current user according to the identification information; the statistical module is used for counting the authentication request times of the current user when the authentication request of the current user exists in the history request record; the judging module is used for judging whether the authentication request of the current user is abnormal or not according to the authentication request times of the current user; the execution module is used for not passing the authentication request of the user when the authentication request of the current user is abnormal and also used for passing the authentication request of the user when the authentication request of the current user is not abnormal; the authentication code generation module is used for generating an authentication code for accessing the WIFI hotspot when the execution module passes the authentication request of the current user; the recording module is used for recording all authentication requests of a user within first preset time; the authentication request comprises identification information of a user and a request timestamp; the identification module is used for adding a state flag bit to the authentication request to identify that the authentication request is in an accepting state or a rejecting state; and the generating module is used for generating a history request record according to all the authentication requests.
The invention also discloses an authentication system for WIFI hotspot access, which comprises the device, a terminal and a short message gateway; the terminal is used for generating an authentication request according to the identification information input by the user and sending the authentication request to the AC server; the AC server is used for judging whether the authentication request is abnormal or not, passing the authentication request when the authentication request is judged to be abnormal, generating an authentication code for WIFI hotspot access according to the authentication request and sending the authentication code to a short message gateway; the short message gateway forwards the authentication code to a terminal; and the terminal receives the authentication code and is connected with the WIFI hotspot through the authentication code.
Compared with the prior art, the method and the system have the advantages that the AC server is utilized to carry out anomaly detection, whether the behavior submitted by the user meets the requirement or not is judged, namely the same mobile phone number is refused to repeatedly submit the application short message authentication code within 60 seconds, whether the application short message authentication code enters a blacklist or not is determined according to the repeated submission frequency, and the user terminal equipment is directly kicked out when the situation is serious.
Detailed Description
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the following description will be made with reference to the accompanying drawings. It is obvious that the drawings in the following description are only some examples of the invention, and that for a person skilled in the art, other drawings and embodiments can be derived from them without inventive effort.
For the sake of simplicity, the drawings only schematically show the parts relevant to the present invention, and they do not represent the actual structure as a product. In addition, in order to make the drawings concise and understandable, components having the same structure or function in some of the drawings are only schematically illustrated or only labeled. In this document, "one" means not only "only one" but also a case of "more than one".
When a user selects the SSID of one AP through a terminal and connects to a WiFi network after association, the AP (Access Point) pops up a Portal page through a user browser, a mobile phone number is required to be input for using short message authentication, the user inputs the mobile phone number, the authentication code is prompted to be obtained through clicking, and the WIFI hotspot is accessed after the authentication is successfully obtained through inputting the authentication code. Short message authentication usually encounters repeated authentication or hacking, thereby causing security problems.
Fig. 1 is a main flowchart of an authentication method for WIFI hotspot access according to the present invention. As shown in fig. 1, an authentication method for WIFI hotspot access includes: s10, receiving an authentication request carrying identification information sent by a user; s20, counting the authentication request times of the current user according to the identification information; judging whether the current authentication request of the user is abnormal or not according to the times of the authentication requests; if the result is abnormal, the authentication request of the user is not passed through S30; when the S40 does not belong to the abnormality, the authentication request by the user is passed. .
Specifically, in this embodiment, the identification information includes, but is not limited to, a mobile phone number of the user. The authentication request provided by the user is firstly detected by the AC server, the AC server judges whether the authentication request is abnormal or not, when the authentication request meets the requirement, the authentication request is forwarded to the short message gateway, and the short message gateway generates an authentication code according to the received authentication request so that the user can access the WIFI hotspot.
The embodiment is improved to obtain another authentication method for WIFI hotspot access, and the authentication method comprises the following steps: s10, receiving an authentication request carrying identification information sent by a user; s20, counting the authentication request times of the current user according to the identification information; judging whether the current authentication request of the user is abnormal or not according to the times of the authentication requests; s30, if the authentication request is abnormal, recording all authentication requests of the user within a first preset time; identifying the status flag bit of the authentication request as a rejection status; generating a history request record according to all the authentication requests; not passing the authentication request of the user; when the S40 does not belong to the abnormity, recording all authentication requests of the user within a first preset time; marking the authentication request adding state flag bit as an accepting state; and generating a history request record according to all the authentication requests, and passing the authentication requests of the user.
Specifically, in this embodiment, the first preset time is set to 30 minutes, and may be set to other times according to actual situations, which is not limited specifically. After receiving the authentication request of the user, the AC server records the authentication request list of the user (using the mobile phone number keyword) in the last 30 minutes as required, the field contents include the STA MAC address, the AP SN, the mobile phone number and the request timestamp, and adds a Flag bit field Flag to identify whether the state of the request is accepted or rejected, and the specific table fields are shown in table 1.
The embodiment is improved to obtain another authentication method for WIFI hotspot access, and the authentication method comprises the following steps: s10, receiving an authentication request carrying identification information sent by a user; s21, according to the identification information, searching whether the history request record has the authentication request of the current user; if yes, executing the next step; otherwise, executing S401; s22, counting the authentication request times of the current user according to the history request record; s23 judging whether the current user 'S authentication request is abnormal according to the current user' S authentication request times; if yes, the authentication request of the user is not passed; otherwise, executing step S401; s30, if the authentication request is abnormal, recording all authentication requests of the user within a first preset time; identifying the status flag bit of the authentication request as a rejection status; generating a history request record according to all the authentication requests; not passing the authentication request of the user; when the S40 does not belong to the abnormity, recording all authentication requests of the user within a first preset time; marking the authentication request adding state flag bit as an accepting state; and generating a history request record according to all the authentication requests, and passing the authentication requests of the user.
Specifically, in this embodiment, the AC server searches whether there is the same record in the history request record by using the mobile phone number of the user as a keyword, and if the history request record is empty, the user is considered as a first request, and through the authentication request, the record Flag is accepted, and through the authentication request, the short message gateway receives the authentication request, generates an authentication code according to the authentication request, and sends the authentication code to the user, and the user inputs the received authentication code and can immediately access the WIFI hotspot. If the request record of the same user is found in the history request record, the AC server counts the number of times of the user request in the last 30 minutes, wherein the number of times of the user request comprises two states of a receiving state Flag (Accept) and a rejecting state Flag (Deny). And judging whether the request is abnormal or not according to the number of the requests of the user in the last 30 minutes.
The embodiment is improved to obtain another authentication method for WIFI hotspot access, and the authentication method comprises the following steps: s10, receiving an authentication request carrying identification information sent by a user; s21, according to the identification information, searching whether the history request record has the authentication request of the current user; if yes, executing the next step; otherwise, executing S401; s22, counting the authentication request times of the current user according to the history request record; s230, judging whether the authentication request times of the current user is less than or equal to a preset first time; s231, when the number of times of the authentication request of the user is greater than the preset first number of times, judging that the current authentication request of the current user is abnormal and does not pass the current authentication request of the current user, and executing the step S30; s232, when the times of the authentication requests of the user are less than or equal to a preset first time, continuously judging whether the authentication request of the current user is abnormal; if yes, the authentication request of the user is not passed; otherwise, executing step S401; s30, if the authentication request is abnormal, recording all authentication requests of the user within a first preset time; identifying the status flag bit of the authentication request as a rejection status; generating a history request record according to all the authentication requests; not passing the authentication request of the user; when the S40 does not belong to the abnormity, recording all authentication requests of the user within a first preset time; marking the authentication request adding state flag bit as an accepting state; and generating a history request record according to all the authentication requests, and passing the authentication requests of the user.
Specifically, in this embodiment, the preset first number of times is 10, that is, when the number of times of the authentication request of the user is greater than 10 times, it is determined that the current authentication request of the user is abnormal and does not pass the current authentication request of the user.
The embodiment is improved to obtain another authentication method for WIFI hotspot access, and the authentication method comprises the following steps: s10, receiving an authentication request carrying identification information sent by a user; s21, according to the identification information, searching whether the history request record has the authentication request of the current user; if yes, executing the next step; otherwise, executing S401; s22, counting the authentication request times of the current user according to the history request record; s230, judging whether the authentication request times of the current user is less than or equal to a preset first time; s2311, when the number of times of the authentication request of the user is greater than the preset first number of times and less than the preset second number of times, determining that the current authentication request of the user is abnormal, adding the terminal where the current user is located to a blacklist of a second preset time, and not receiving the authentication request of the user within the second preset time, and performing step S30; s232, when the times of the authentication requests of the user are less than or equal to a preset first time, continuously judging whether the authentication request of the current user is abnormal; if yes, the authentication request of the user is not passed; otherwise, executing step S401; s30, if the authentication request is abnormal, recording all authentication requests of the user within a first preset time; identifying the status flag bit of the authentication request as a rejection status; generating a history request record according to all the authentication requests; not passing the authentication request of the user; when the S40 does not belong to the abnormity, recording all authentication requests of the user within a first preset time; marking the authentication request adding state flag bit as an accepting state; and generating a history request record according to all the authentication requests, and passing the authentication requests of the user. .
Specifically, in this embodiment, the preset first number is 10, and the second number is 1000, that is, when the number of times of the authentication request of the user is greater than 10 and less than 1000, it is determined that the current authentication request of the current user is abnormal, the current authentication request of the current user is not passed, the AP device associated with the current user is searched through the AP SN, the user is immediately kicked away through the AP, the terminal MAC is added to the AP blacklist of all the second preset times in the network area, and the wireless association request of the user is no longer received. In this embodiment, the second preset time is set to 24 hours, that is, the authentication request of the user is no longer accepted within 24 hours.
The embodiment is improved to obtain another authentication method for WIFI hotspot access, and the authentication method comprises the following steps: s10, receiving an authentication request carrying identification information sent by a user; s21, according to the identification information, searching whether the history request record has the authentication request of the current user; if yes, executing the next step; otherwise, executing S401; s22, counting the authentication request times of the current user according to the history request record; s230, judging whether the authentication request times of the current user is less than or equal to a preset first time; s2312, when the number of times of the authentication request of the user is greater than the preset second number of times, judging that the authentication request of the current user is abnormal, adding the terminal where the current user is located into a permanent blacklist, and executing the step S30 without receiving the authentication request of the user; s232, when the times of the authentication requests of the user are less than or equal to a preset first time, continuously judging whether the authentication request of the current user is abnormal; if yes, the authentication request of the user is not passed; otherwise, executing step S401; s30, if the authentication request is abnormal, recording all authentication requests of the user within a first preset time; identifying the status flag bit of the authentication request as a rejection status; generating a history request record according to all the authentication requests; not passing the authentication request of the user; when the S40 does not belong to the abnormity, recording all authentication requests of the user within a first preset time; marking the authentication request adding state flag bit as an accepting state; and generating a history request record according to all the authentication requests, and passing the authentication requests of the user.
Specifically, in this embodiment, the preset first number is 10, the second number is 1000, and the authentication request is sent more than 1000 times at the same time in a short time, so that the user is considered to have a hacking behavior, the AP SN is used to search for the AP device associated with the user, the AP is used to immediately kick off the user, and the terminal MAC is added to all the permanent AP blacklists in the network area, and the wireless association request of the user is not received.
The embodiment is improved to obtain another authentication method for WIFI hotspot access, and the authentication method comprises the following steps: s10, receiving an authentication request carrying identification information sent by a user; s21, according to the identification information, searching whether the history request record has the authentication request of the current user; if yes, executing the next step; otherwise, executing S401; s22, counting the authentication request times of the current user according to the history request record; s230, judging whether the authentication request times of the current user is less than or equal to a preset first time; s231, when the number of times of the authentication request of the user is greater than the preset first number of times, judging that the current authentication request of the current user is abnormal and does not pass the current authentication request of the current user, and executing the step S30; s2321, when the authentication request times of the user is less than or equal to a preset first time, the latest authentication request of the current user in the history request record is searched; s2322 judges whether the status flag bit of the latest authentication request is in an accepting state; if yes, executing step S2323; otherwise, executing step S401; s2323 compares whether a difference between the request timestamp of the current authentication request of the current user and the request timestamp of the latest authentication request is smaller than a preset difference; if yes, go to step S301; otherwise, executing step S401; s30, if the authentication request is abnormal, recording all authentication requests of the user within a first preset time; identifying the status flag bit of the authentication request as a rejection status; generating a history request record according to all the authentication requests; not passing the authentication request of the user; when the S40 does not belong to the abnormity, recording all authentication requests of the user within a first preset time; marking the authentication request adding state flag bit as an accepting state; and generating a history request record according to all the authentication requests, and passing the authentication requests of the user.
Specifically, in this embodiment, the preset first number is 10.
The AC server searches whether the same record exists in the history request record by using the mobile phone number of the user as a keyword, and if the same record exists, the AC server counts the number of times of the user request in the last 30 minutes (the 30 minutes is the first preset time), wherein the number of times of the user request comprises two states of Flag ═ Accept and Deny.
If the number of request times N is 10, searching the latest authentication request in the history request record through the mobile phone number, judging whether the Flag bit is Flag is Accept, if not, considering the user as the first request, and passing the authentication request; if one authentication request record is found, the time stamps of two authentication requests are compared.
If the timestamp difference of the two authentication requests is smaller than or equal to the preset difference, (in this embodiment, the preset difference is set to 60 seconds), the authentication request is ignored, the authentication request is recorded in the history request record, and the status Flag of the authentication request is set to Deny.
If the difference value of the timestamps of the two authentication requests is more than 60 seconds, the authentication request is passed, an authentication code is generated according to the authentication request, and the authentication code is sent to the user through the short message gateway; meanwhile, the authentication request is recorded in the history request record, and the status Flag of the authentication request is set to Accept.
According to the invention, the AC server is used for carrying out abnormity detection on the user authentication request frequency, whether the behavior submitted by the user meets the requirement is judged, namely, the same mobile phone number is refused to repeatedly submit the application short message authentication code within the specified time, whether the application short message authentication code enters a blacklist is determined according to the repeated submission frequency, and the user terminal equipment is directly kicked out in case of serious conditions, so that the system safety is ensured, and wireless resources and economic resources are saved.
Fig. 2 is a complete flowchart of an authentication method for WIFI hotspot access according to the present invention. The working process of the invention is described in detail in connection with the complete flow chart.
S10 receives the authentication request sent by the user.
S21, searching the history record, and judging whether the authentication request of the current user exists; if yes, go to step S22; otherwise, step S401 is executed.
S22 counts the number of authentication requests of the current user.
S230 determining whether the number of times of the authentication request is less than or equal to a preset first number of times, if so, performing step S2321; otherwise, steps S2311 and S2312 are performed.
S2311, if the number of times of the authentication request from the user is greater than the first number and less than the second number, adding the terminal where the current user is located to the AP blacklist for the second preset time, and performing step S30.
S2312, if the number of times of the authentication request of the user is greater than the preset second number of times, adding the terminal where the current user is located to the permanent AP blacklist, and performing step S30.
S2321 searches for the last authentication request of the current user in the history request record.
S2322 determines whether the status flag of the latest authentication request is in an accepted status, if so, step S2323 is executed, otherwise, step S401 is executed.
S2323 determines whether a difference between the request timestamp of the current authentication request of the current user and the request timestamp of the latest authentication request is smaller than a preset difference, if so, executes step S301, otherwise, executes step S401.
S301, recording an authentication request, and marking a status flag bit of the authentication request as a rejection status; a history request record is generated.
S30 ignores the authentication request.
S401, recording an authentication request, and marking a status flag bit of the authentication request as a rejection status; a history request record is generated.
And S40, generating a WIFI authentication code for accessing the WIFI hotspot at the same time according to the authentication request of the current user, and sending the WIFI authentication code to the user.
It should be noted that, step S2311 and step S2312 in fig. 2 may also go directly to step S301, that is, record the authentication request of the user this time before ignoring the authentication request, and identify the status flag of the authentication request as reject.
Fig. 3 is a schematic diagram illustrating a configuration of an authentication device for WIFI hotspot access according to the present invention, and as shown in fig. 3, an authentication device 100 for WIFI hotspot access, using the above method, includes: the AC server includes: the receiving module 1 is used for receiving an authentication request which is sent by a user and carries identification information; an anomaly determination module 232, configured to count the authentication request times of the current user according to the identification information, and determine whether the authentication request of the current user is abnormal according to the authentication request times; the execution module 3 is configured to not pass the authentication request of the user when the authentication request of the current user is abnormal, and is further configured to pass the authentication request of the user when the authentication request of the current user is not abnormal.
The above embodiment is improved to obtain another authentication apparatus 100 for WIFI hotspot access, and using the above method, the authentication apparatus includes: the AC server includes: the receiving module 1 is used for receiving an authentication request which is sent by a user and carries identification information; an anomaly determination module 232, configured to count the authentication request times of the current user according to the identification information, and determine whether the authentication request of the current user is abnormal according to the authentication request times; the execution module 3 is used for not passing the authentication request of the user when the authentication request of the current user is abnormal, and is also used for passing the authentication request of the user when the authentication request of the current user is not abnormal; and the authentication code generating module 4 is configured to generate an authentication code for accessing the WIFI hotspot when the executing module 3 passes the authentication request of the current user.
The above embodiment is improved to obtain another authentication apparatus 100 for WIFI hotspot access, and using the above method, the authentication apparatus includes: the AC server includes: the receiving module 1 is used for receiving an authentication request which is sent by a user and carries identification information; an anomaly determination module 232, configured to count the authentication request times of the current user according to the identification information, and determine whether the authentication request of the current user is abnormal according to the authentication request times; the execution module 3 is used for not passing the authentication request of the user when the authentication request of the current user is abnormal, and is also used for passing the authentication request of the user when the authentication request of the current user is not abnormal; the authentication code generation module 4 is configured to generate an authentication code for accessing the WIFI hotspot when the execution module 3 passes the current authentication request of the current user; the recording module 5 is used for recording all authentication requests of a user within a first preset time; the authentication request comprises identification information of a user and a request timestamp; an identification module 6, configured to add a status flag bit to the authentication request to identify that the authentication request is in an accept or reject status; and a history request record generating module 7, configured to generate a history request record according to all the authentication requests.
The above embodiment is improved to obtain another authentication apparatus 100 for WIFI hotspot access, and using the above method, the authentication apparatus includes: the AC server includes: the receiving module 1 is used for receiving an authentication request which is sent by a user and carries identification information; the searching module 21 is configured to search whether an authentication request of a current user exists in a history request record according to the identification information; a counting module 22, configured to count the number of times of authentication requests of the current user when the history request record includes the authentication request of the current user; the judging module 23 is configured to judge whether the current authentication request of the current user is abnormal according to the number of times of the authentication request of the current user; the execution module 3 is used for not passing the authentication request of the user when the authentication request of the current user is abnormal, and is also used for passing the authentication request of the user when the authentication request of the current user is not abnormal; the authentication code generation module 4 is configured to generate an authentication code for accessing the WIFI hotspot when the execution module 3 passes the current authentication request of the current user; the recording module 5 is used for recording all authentication requests of a user within a first preset time; the authentication request comprises identification information of a user and a request timestamp; an identification module 6, configured to add a status flag bit to the authentication request to identify that the authentication request is in an accept or reject status; and the generating module is used for generating a history request record according to all the authentication requests.
Fig. 5 is a block diagram of an authentication system for WIFI hotspot access according to the present invention, as shown in fig. 5, including the above devices, further including a terminal 200 and a short message gateway 300; the terminal 200 is configured to generate an authentication request according to the identification information input by the user and send the authentication request to the AC server; the AC server is used for judging whether the authentication request is abnormal or not, passing the authentication request when the authentication request is judged to be abnormal, generating an authentication code for WIFI hotspot access according to the authentication request, and sending the authentication code to the short message gateway 300; the short message gateway 300 forwards the authentication code to the terminal 200; and the terminal 200 receives the authentication code and is connected with the WIFI hotspot through the authentication code.
Fig. 6 is a partial flowchart of an authentication system for WIFI hotspot access according to the present invention.
S60 the user connects to the AP.
S70 judging whether the user is in the blacklist; if yes, go to step S90 to reject the authentication request; otherwise, step S80 is executed.
S80 provides the authentication page to the user, and generates an authentication request based on the identification information of the user.
S10 receives the authentication request sent by the user.
It should be noted that the above embodiments can be freely combined as necessary. The foregoing is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.