CN105577619B - Client login method, client and system - Google Patents
Client login method, client and system Download PDFInfo
- Publication number
- CN105577619B CN105577619B CN201410545605.9A CN201410545605A CN105577619B CN 105577619 B CN105577619 B CN 105577619B CN 201410545605 A CN201410545605 A CN 201410545605A CN 105577619 B CN105577619 B CN 105577619B
- Authority
- CN
- China
- Prior art keywords
- client
- target client
- login
- target
- login verification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Information Transfer Between Computers (AREA)
Abstract
The embodiment of the invention discloses a client login method, a client and a system, wherein the client login method comprises the following steps: receiving a login verification request sent by a target client; acquiring identity authentication matching information of the target client according to the login authentication request; submitting an associated login authentication request to a first server so that the first server acquires login authentication information of the target client according to the associated login authentication request; receiving login verification information of the target client returned by the first server; and sending the login verification information of the target client to the target client so that the target client logs in to a second server by using the login verification information of the target client. By adopting the invention, the risk of stealing login authentication information is effectively avoided while the application client is rapidly logged in, and the login security of the client is improved.
Description
Technical Field
The invention relates to the technical field of internet, in particular to a client login method, a client and a system.
Background
With the rapid development of internet technology, more and more application clients appear in the lives of people, and users can obtain services from the internet by logging in the application clients. Generally, a user needs to submit login authentication information on different clients respectively to log in a background server corresponding to the client when logging in different clients, which is troublesome to operate.
In the prior art, a fast login mode of a client is provided, and a first client can acquire login authentication information from a trusted second client during login so as to log in, so that operations of inputting a login account number, authentication information and the like during login of the first client by a user are omitted. However, in the implementation process of the existing fast login mode, it is found that there is a security risk of being stolen because the login authentication information is hard-coded and stored in the relevant file of the trusted second client.
Disclosure of Invention
In view of this, embodiments of the present invention provide a client login method, a client and a system, which can effectively avoid the risk of stealing login authentication information while implementing fast login of an application client, and improve the login security of the client.
In order to solve the above technical problem, an embodiment of the present invention provides a client login method, where the method includes:
the method comprises the steps that an associated client receives a login verification request sent by a target client, wherein the target client and at least one associated client establish an associated relationship;
the associated client acquires the identity authentication matching information of the target client according to the login authentication request;
the associated client side submits an associated login verification request to a first server, wherein the associated login verification request carries login verification information of the associated client side and identity verification matching information of the target client side, so that the first server obtains the login verification information of the target client side according to the associated login verification request;
the associated client receives login verification information of the target client returned by the first server;
and the associated client sends the login verification information of the target client to the target client so that the target client logs in a second server by using the login verification information of the target client.
Correspondingly, the embodiment of the invention also provides a client login method, which comprises the following steps:
a target client sends a login verification request to an associated client, wherein the target client and at least one associated client establish an associated relationship;
the associated client acquires the identity authentication matching information of the target client according to the login authentication request;
the associated client side submits an associated login verification request to a first server, wherein the associated login verification request carries login verification information of the associated client side and identity verification matching information of the target client side, so that the first server obtains the login verification information of the target client side according to the associated login verification request;
the associated client receives login verification information of the target client returned by the first server;
the associated client side sends login verification information of the target client side to the target client side;
and the target client receives the login verification information of the target client sent by the associated client and logs in a second server by using the login verification information of the target client.
Correspondingly, the embodiment of the invention also provides a client login method, which comprises the following steps:
receiving an associated login verification request submitted by an associated client, wherein the associated login verification request carries login verification information of the associated client and identity verification matching information of a target client acquired by the associated client, and the target client and at least one associated client establish an associated relationship;
acquiring login authentication information of the target client according to the associated login authentication request;
and returning the login verification information of the target client to the associated client, so that the associated client sends the login verification information of the target client to the target client, and the target client logs in a second server by using the login verification information of the target client.
Correspondingly, an embodiment of the present invention further provides an associated client, including:
the system comprises a verification request receiving module, a login verification request receiving module and a login verification request sending module, wherein the login verification request is sent by a target client, and the target client and at least one associated client establish an associated relationship;
the identity information acquisition module is used for acquiring the identity authentication matching information of the target client according to the login authentication request;
the system comprises an association verification request module, a first server and a second server, wherein the association verification request module is used for submitting an association login verification request to the first server, and the association login verification request carries login verification information of an association client and identity verification matching information of a target client so that the first server can obtain the login verification information of the target client according to the association login verification request;
the verification information receiving module is used for receiving login verification information of the target client returned by the first server;
and the verification information returning module is used for sending the login verification information of the target client to the target client so that the target client logs in to a second server by using the login verification information of the target client.
Correspondingly, an embodiment of the present invention further provides a server, including:
the system comprises an association request receiving module, a correlation verification module and a correlation verification module, wherein the association request receiving module is used for receiving an association login verification request submitted by an association client, and the association login verification request carries login verification information of the association client and identity verification matching information of a target client acquired by the association client;
the verification information acquisition module is used for acquiring login verification information of the target client according to the associated login verification request;
and the verification information returning module is used for returning the login verification information of the target client to the associated client so that the associated client sends the login verification information of the target client to the target client, and the target client logs in a second server by using the login verification information of the target client.
Correspondingly, the embodiment of the invention also provides a client login system, which is characterized by comprising a target client and an associated client, wherein:
the target client is used for sending a login verification request to the associated client;
the associated client is used for receiving a login authentication request sent by a target client and acquiring the identity authentication matching information of the target client according to the login authentication request; submitting an associated login verification request to a first server, wherein the associated login verification request carries login verification information of the associated client and identity verification matching information of the target client, so that the first server obtains the login verification information of the target client according to the associated login verification request; receiving login verification information of the target client returned by the first server, and sending the login verification information of the target client to the target client;
the target client is also used for logging in to a second server by using the login verification information of the target client.
The associated client in this embodiment can request the server corresponding to the associated client to obtain the login authentication information of the target client according to the login authentication information of the associated client and the authentication matching information of the target client after obtaining the login authentication request of the target client, and send the obtained login authentication information to the target client to log in, so that the risk that the login authentication information is stolen is effectively avoided while the target client is rapidly logged in, and the login security of the client is improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic flowchart of a client login method in an embodiment of the present invention;
FIG. 2 is a flowchart illustrating a client login method according to another embodiment of the present invention;
FIG. 3 is a flowchart illustrating a client login method according to another embodiment of the present invention;
FIG. 4 is a schematic diagram of a client fast login page in an embodiment of the invention;
FIG. 5 is a schematic structural diagram of an associated client in an embodiment of the present invention;
FIG. 6 is a schematic structural diagram of a client in an embodiment of the present invention;
FIG. 7 is a schematic diagram of a server according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of a client login system in an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The client, the target client, the associated client and the like mentioned in the embodiments of the present invention may be application programs running in the user terminal, may be web applications loaded in a web page, and the target client and the associated client may be mutually independent application clients, such as an instant messaging client, an SNS (Social Networking Services) client, a web browser, an email management client, a game client and the like, or may be associated and bound in a nested, built-in or other form, such as an instant messaging client, an embedded application client, a web browser and a web client loaded therewith. The user terminal can comprise a mobile phone, a personal computer, a tablet computer, an electronic reader, a vehicle-mounted terminal, a wearable intelligent device and the like. The target client and the associated client may operate in the same user terminal and communicate therebetween through inter-process communication, and in an optional embodiment, the target client and the associated client may also operate in different user terminals and communicate therebetween through a local area network.
Fig. 1 is a schematic flow chart of a client login method in an embodiment of the present invention, which is mainly described in terms of associating a client, and as shown in the drawing, the flow of the client login method in the embodiment includes:
s101, the associated client receives a login authentication request sent by a target client.
In a specific implementation, a relationship is pre-established between the target client and at least one associated client, and the target client may pre-set an associated client list, where the associated client list includes a client identifier of the at least one associated client, such as a process identifier or a package identifier, and when the target client opens a login page, whether an operating associated client exists in an operating system where the target client is currently located may be determined according to the client identifier included in the associated client list, and if so, a login verification request is sent to the associated client. The login verification request may carry a client identifier of the target client and may also carry a data transmission public key of the target client, and is used to provide the associated client to use the data transmission public key to perform secure encryption on the returned login verification information, where the data transmission public key may be preset by the target client and may also be generated by the target client immediately when the login page is opened. In another optional embodiment, the login authentication request may also carry authentication matching information of the target client. In another optional embodiment, the target client may further search whether an associated client that is running exists in the local area network, and if so, send a login authentication request to the associated client, and may also send the login authentication request in a form of broadcasting in the local area network, and set a security policy to ensure that only a preset associated client can successfully resolve the login authentication request.
In an optional embodiment, before sending the login authentication request to the associated client, the target client may further determine whether login authentication information of the target client exists in a local designated location, if the login authentication information of the target client exists in the local designated location, login may be performed using the login authentication information stored in the local designated location, and if the login authentication information of the target client does not exist in the local designated location or login authentication information stored in the local designated location is received, the target client sends the login authentication request to the associated client.
And S102, the associated client acquires the identity authentication matching information of the target client according to the login authentication request.
In a specific implementation, the login authentication request may carry authentication matching information of the target client. The associated client can also acquire the identity authentication matching information from the target client according to the login authentication request. Further, in an optional embodiment, if the login authentication request includes the client identifier of the target client, the associated client may call a preset system function according to the client identifier to obtain the authentication matching information of the target client, so that a risk of signature information leakage possibly caused by inter-process communication may be effectively reduced.
The authentication matching information may include a client package identifier and signature data of the target client, such as a package name of an android app, a signature public key or a package name of an ios app, bundle id, and credential information for identifying a client identity.
S103, the associated client side submits an associated login verification request to a first server, and the associated login verification request carries login verification information of the associated client side and identity verification matching information of the target client side, so that the first server obtains the login verification information of the target client side according to the associated login verification request.
The first server is a background server corresponding to the associated client, and presets an association relationship between login authentication information of the associated client and login authentication information of the target client, and after receiving an associated login authentication request submitted by the associated client, the first server can find the login authentication information of the target client corresponding to the login authentication information of the associated client according to the login authentication information of the associated client and the authentication matching information of the target client.
The login authentication information may include a login account corresponding to the client and authentication information corresponding to the login account, and the authentication information may include any one or more of a password, a voiceprint, a fingerprint, an iris, and the like.
S104, the associated client receives the login verification information of the target client returned by the first server.
S105, the associated client sends the login verification information of the target client to the target client, so that the target client logs in to a second server by using the login verification information of the target client.
Specifically, after receiving the login verification information of the target client sent by the associated client, the target client may display a fast login page as shown in fig. 4, and after obtaining an instruction for the user to click fast login, the target client may submit the login verification information to the second server for login. The second server is a background server corresponding to the target client. In an alternative embodiment, the second server and the first server may be the same server.
In an optional embodiment, if the login authentication request of the target client received in S101 carries the data transmission public key of the target client, the associated client may encrypt the login authentication information of the target client received from the first server by using the data transmission public key, and then send the encrypted login authentication information of the target client to the target client, thereby further enhancing the security of the transmission of the login authentication information between clients. After receiving the encrypted login verification information, the target client can decrypt the encrypted login verification information by using the data transmission private key corresponding to the data transmission public key to obtain the login verification information of the target client, so that the login verification information can be submitted to a second server for login.
Further, in an optional embodiment, after the target client logs in to the second server by using the login authentication information of the target client, the login authentication information of the target client may be stored in a local designated location, so that the target client can log in by directly using the locally stored login authentication information in the next login.
The associated client in this embodiment can request the server corresponding to the associated client to obtain the login authentication information of the target client according to the login authentication information of the associated client and the authentication matching information of the target client after obtaining the login authentication request of the target client, and send the obtained login authentication information to the target client to log in, so that the risk that the login authentication information is stolen is effectively avoided while the target client is rapidly logged in, and the login security of the client is improved.
Fig. 2 is a schematic flow chart of a client login method in another embodiment of the present invention, which is mainly described in terms of an associated client, a target client, a first server corresponding to the associated client, and a second server corresponding to the target client, where as shown in the figure, the client login method in this embodiment may include:
s201, the target client determines that the login verification information of the target client does not exist in the local specified position.
In a specific implementation, when the target client opens a login page, whether login verification information of the target client exists at a local specified position or not can be judged, and if the login verification information of the target client exists at the local specified position, the target client can log in to a second server by using the login verification information of the target client at the local specified position; otherwise, S202 is performed.
S202, the target client sends a login verification request to the associated client.
In a specific implementation, the target client establishes a relationship with at least one associated client, and the target client can send a login verification request to the associated client after determining that the login verification information of the target client does not exist in a local specified position. The login authentication request in this embodiment may carry a client identifier of the target client.
S203, the associated client acquires the authentication matching information of the target client according to the client identifier.
In this embodiment, the login verification request includes a client identifier of the target client, and the associated client may call a preset system function according to the client identifier to obtain the authentication matching information of the target client, so that a risk of signature information leakage possibly caused by inter-process communication may be effectively reduced. The authentication matching information may include a client package identifier and signature data of the target client, such as a package name of an android app, a signature public key or a package name of an ios app, bundle id, and credential information for identifying a client identity.
S204, the associated client side submits an associated login verification request to the first server, and the associated login verification request carries login verification information of the associated client side and identity verification matching information of the target client side.
S205, the first server obtains the login authentication information of the target client according to the associated login authentication request.
The first server is a background server corresponding to the associated client, and presets an association relationship between login authentication information of the associated client and login authentication information of the target client, and after receiving an associated login authentication request submitted by the associated client, the first server can find the login authentication information of the target client corresponding to the login authentication information of the associated client according to the login authentication information of the associated client and the authentication matching information of the target client.
The login authentication information may include a login account corresponding to the client and authentication information corresponding to the login account, and the authentication information may include any one or more of a password, a voiceprint, a fingerprint, an iris, and the like.
S206, the first server returns the login verification information of the target client to the associated client.
And S207, the associated client sends login verification information of the target client to the target client.
And S208, the target client submits login verification information to the second server for login.
In an alternative embodiment, the second server may be the same object as the first server.
S209, the second server returns login success to the target client.
Specifically, the second server may perform login verification on the login verification information submitted by the target client, that is, match the login verification information submitted by the target client with pre-stored login verification information, and if consistent login verification information exists, that is, the login account number and the corresponding verification information are both consistent, return a login success to the target client.
S210, the target client stores the login verification information of the target client at a local designated position, so that the next login can be performed by directly using the locally stored login verification information.
The target client side sends a login verification request to the associated client side when confirming that the local login verification information does not exist, the associated client side requests the server corresponding to the associated client side to acquire the login verification information of the target client side according to the login verification information of the associated client side and the identity verification matching information of the target client side, and the acquired login verification information is sent to the target client side to log in, so that the risk that the login verification information is stolen is effectively avoided while the target client side is rapidly logged in, and the login safety of the client side is improved.
Fig. 3 is a schematic flow chart of a client login method in another embodiment of the present invention, which is mainly described in terms of an associated client, a target client, a first server corresponding to the associated client, and a second server corresponding to the target client, where as shown in the figure, the client login method in this embodiment may include:
s301, the target client generates a data transmission public key and a corresponding data transmission private key.
Specifically, the target client generates the data transmission public key and the data transmission private key when opening the login page, and the public/private key pair may be set to be used once and regenerated when needed next time. In other optional embodiments, the data transmission public key and the corresponding data transmission private key may also be pre-stored for the target client and retrieved when needed.
S302, the target client sends a login verification request to the associated client, wherein the login verification request carries the client identifier of the target client and the data transmission public key.
And S303, the associated client acquires the authentication matching information of the target client according to the client identifier.
In specific implementation, the associated client may call a preset system function according to the client identifier to obtain the authentication matching information of the target client, so that a risk of signature information leakage possibly caused by inter-process communication may be effectively reduced. The authentication matching information may include a client package identifier and signature data of the target client, such as a package name of an android app, a signature public key or a package name of an ios app, bundle id, and credential information for identifying a client identity.
S304, the associated client side submits an associated login verification request to the first server, and the associated login verification request carries login verification information of the associated client side and identity verification matching information of the target client side.
S305, the first server acquires the login authentication information of the target client according to the associated login authentication request.
The first server is a background server corresponding to the associated client, and presets an association relationship between login authentication information of the associated client and login authentication information of the target client, and after receiving an associated login authentication request submitted by the associated client, the first server can find the login authentication information of the target client corresponding to the login authentication information of the associated client according to the login authentication information of the associated client and the authentication matching information of the target client.
The login authentication information may include a login account corresponding to the client and authentication information corresponding to the login account, and the authentication information may include any one or more of a password, a voiceprint, a fingerprint, an iris, and the like.
S306, the first server returns the login verification information of the target client to the associated client.
S307, the associated client encrypts the login verification information of the target client by using the data transmission public key.
S308, the associated client sends the encrypted login verification information of the target client to the target client.
S309, the target client uses the data transmission private key corresponding to the data transmission public key to decrypt the data transmission private key to obtain the login verification information of the target client.
S310, the target client submits login verification information to the second server for login.
In an alternative embodiment, the second server may be the same object as the first server.
According to the embodiment of the invention, the target client side carries the data transmission public key in the login verification request sent to the associated client side, so that after the associated client side obtains the login verification information of the target client side from the server corresponding to the associated client side according to the login verification information of the associated client side and the identity verification matching information of the target client side, the data transmission private key can be used for encrypting the login verification information and sending the encrypted login verification information to the target client side for login, therefore, the risk that the login verification information is stolen is effectively avoided while the target client side is rapidly logged in, and the login safety of the client side is improved.
Fig. 5 is a schematic structural diagram of an association client in the embodiment of the present invention, where as shown in the figure, the association client in the embodiment of the present invention may include:
an authentication request receiving module 510, configured to receive a login authentication request sent by a target client.
In a specific implementation, a relationship is established between the target client and at least one associated client, and the target client may preset an associated client list including a client identifier of the at least one associated client, such as a process identifier or a package identifier, and when the target client opens a login page, whether an operating associated client exists in the operating system where the target client is currently located may be determined according to the client identifier included in the associated client list, and if so, a login verification request is sent to the associated client. The login verification request may carry a client identifier of the target client and may also carry a data transmission public key of the target client, and is used to provide the associated client to use the data transmission public key to perform secure encryption on the returned login verification information, where the data transmission public key may be preset by the target client and may also be generated by the target client immediately when the login page is opened. In another optional embodiment, the login authentication request may also carry authentication matching information of the target client. In another optional embodiment, the target client may further search whether an associated client that is running exists in the local area network, and if so, send a login authentication request to the associated client, and may also send the login authentication request in a form of broadcasting in the local area network, and set a security policy to ensure that only a preset associated client can successfully resolve the login authentication request.
An identity information obtaining module 520, configured to obtain, according to the login authentication request, identity authentication matching information of the target client.
In a specific implementation, the login authentication request may carry authentication matching information of the target client. The identity information obtaining module 520 may also obtain the identity verification matching information from the target client according to the login verification request. Further, in an optional embodiment, if the login authentication request includes the client identifier of the target client, the identity information obtaining module 520 may call a preset system function according to the client identifier to obtain the identity authentication matching information of the target client, so that a risk of signature information leakage possibly caused by inter-process communication may be effectively reduced.
The authentication matching information may include a client package identifier and signature data of the target client, such as a package name of an android app, a signature public key or a package name of an ios app, bundle id, and credential information for identifying a client identity.
An association verification request module 530, configured to submit an association login verification request to a first server, where the association login verification request carries login verification information of the association client and authentication matching information of the target client, so that the first server obtains the login verification information of the target client according to the association login verification request.
The first server is a background server corresponding to the associated client, and presets an association relationship between login authentication information of the associated client and login authentication information of the target client, and after receiving an associated login authentication request submitted by the associated client, the first server can find the login authentication information of the target client corresponding to the login authentication information of the associated client according to the login authentication information of the associated client and the authentication matching information of the target client.
The login authentication information may include a login account corresponding to the client and authentication information corresponding to the login account, and the authentication information may include any one or more of a password, a voiceprint, a fingerprint, an iris, and the like.
An authentication information receiving module 540, configured to receive login authentication information of the target client returned by the first server.
And an authentication information returning module 550, configured to send the login authentication information of the target client to the target client, so that the target client logs in to a second server using the login authentication information of the target client.
Specifically, after receiving the login verification information of the target client sent by the associated client, the target client may display a fast login page as shown in fig. 4, and after obtaining an instruction for the user to click fast login, the target client may submit the login verification information to the second server for login. The second server is a background server corresponding to the target client. In an alternative embodiment, the second server and the first server may be the same server.
Further in an optional embodiment, the verification information returning module 550 may further include:
the encryption unit is used for encrypting the login verification information of the target client by using the data transmission public key;
and the return unit is used for sending the encrypted login verification information of the target client to the target client so that the target client can decrypt the encrypted login verification information by using a data transmission private key corresponding to the data transmission public key to obtain the login verification information of the target client.
The associated client in this embodiment can request the server corresponding to the associated client to obtain the login authentication information of the target client according to the login authentication information of the associated client and the authentication matching information of the target client after obtaining the login authentication request of the target client, and send the obtained login authentication information to the target client to log in, so that the risk that the login authentication information is stolen is effectively avoided while the target client is rapidly logged in, and the login security of the client is improved.
Fig. 6 is a schematic structural diagram of a client in an embodiment of the present invention, where the client in this embodiment is the aforementioned target client, as shown in the figure, the client in this embodiment may include:
the authentication request sending module 610 is configured to send a login authentication request to an associated client, so that the associated client obtains authentication matching information of the client fast login device according to the login authentication request, submits the associated login authentication request to a first server, and receives login authentication information of the client obtained according to the associated login authentication request from the first server, where the associated login authentication request carries the login authentication information of the associated client and the authentication matching information of the client.
In a specific implementation, the target client may preset an associated client list, where the associated client list includes at least one client identifier of an associated client, such as a process identifier or a package identifier, and when the target client opens a login page, whether an operating associated client exists in the current operating system according to the client identifier included in the associated client list may be determined, and if yes, the verification request sending module 610 sends a login verification request to the associated client. The login verification request may carry a client identifier of the target client and may also carry a data transmission public key of the target client, and is used to provide the associated client to use the data transmission public key to perform secure encryption on the returned login verification information, where the data transmission public key may be preset by the target client and may also be generated by the target client immediately when the login page is opened. In another optional embodiment, the login authentication request may also carry authentication matching information of the target client.
In an optional embodiment, the verification request sending module 610 may further search whether there is an operating associated client in the local area network, send a login verification request to the associated client if there is an operating associated client, send the login verification request in a broadcast manner in the local area network, and ensure that only a preset associated client can successfully resolve the login verification request by setting a security policy.
And an authentication information receiving module 620, configured to receive login authentication information of the client returned by the associated client.
In an optional embodiment, the login verification information of the client returned by the associated client is encrypted by using a data transmission public key of the associated client, and the verification information receiving module 620 decrypts the login verification information of the client returned by the associated client by using a data transmission private key corresponding to the data transmission public key after receiving the login verification information of the client returned by the associated client to obtain the login verification information of the client.
A login module 640, configured to log in to the second server using the login authentication information of the client.
Specifically, after receiving the login verification information of the target client sent by the associated client, the target client may display a fast login page as shown in fig. 4, and after obtaining an instruction for the user to click fast login, the target client may submit the login verification information to the second server for login. The second server is a background server corresponding to the target client. In an alternative embodiment, the second server and the first server may be the same server.
Further optionally, the client in this embodiment may further include:
a key generating module 650, configured to generate the data transmission public key and the corresponding data transmission private key.
Specifically, the key generation module 650 may generate the data transmission public key and the data transmission private key when the target client opens the login page, and the public/private key pair may be set to be used once and regenerated when needed next time. In other alternative embodiments, the key generation module 650 may generate the data transmission public key and the corresponding data transmission private key in advance and store them in a local preset path, so that the authentication request sending module 610 can call them when necessary.
Further optionally, the client in this embodiment may further include:
the verification information searching module 660 is configured to determine whether login verification information of the client exists at a locally specified location, and if the login verification information of the client exists at the locally specified location, trigger the login module 640 to log in to a second server by using the login verification information of the client at the locally specified location; otherwise, the authentication request sending module 610 is triggered to send a login authentication request to the associated client.
Further optionally, the client in this embodiment may further include:
the authentication information storage module 670 is configured to store the login authentication information of the client at a local designated location after the login module 640 logs in to the second server by using the login authentication information of the client, so that the login can be performed by directly using the locally stored login authentication information at the next login.
The target client side sends a login verification request to the associated client side during login, so that the associated client side requests the server corresponding to the associated client side to acquire the login verification information of the target client side according to the login verification information of the associated client side and the identity verification matching information of the target client side, and sends the acquired login verification information to the target client side to log in, thereby realizing quick login of the target client side, effectively avoiding the risk of stealing the login verification information and improving the login safety of the client side.
Fig. 7 is a schematic structural diagram of a server in an embodiment of the present invention, where the server in the embodiment of the present invention may be the first server mentioned in the foregoing embodiment, that is, a background server corresponding to an associated client, and as shown in the figure, the server in the embodiment of the present invention may include:
an association request receiving module 710, configured to receive an association login authentication request submitted by an association client, where the association login authentication request carries login authentication information of the association client and authentication matching information of a target client obtained by the association client;
and an authentication information obtaining module 720, configured to obtain the login authentication information of the target client according to the associated login authentication request.
In a specific implementation, the server in the embodiment of the present invention presets an association relationship between login authentication information of an associated client and login authentication information of a target client, and after the association request receiving module 710 receives an association login authentication request submitted by the associated client, the authentication information obtaining module 720 may find, according to the login authentication information of the associated client and the authentication matching information of the target client, the login authentication information of the target client corresponding to the login authentication information of the associated client.
The login authentication information may include a login account corresponding to the client and authentication information corresponding to the login account, and the authentication information may include any one or more of a password, a voiceprint, a fingerprint, an iris, and the like.
The verification information returning module 730 is configured to return the login verification information of the target client to the associated client, so that the associated client sends the login verification information of the target client to the target client, and the target client logs in to a second server by using the login verification information of the target client.
In an alternative embodiment, the second server may be the same object as the server in this embodiment.
Fig. 8 is a schematic structural diagram of a client login system in an embodiment of the present invention, as shown in the figure, the client login system in an embodiment of the present invention may include a target client 810 and an associated client 820, where:
The associated client 820 is configured to receive a login authentication request sent by a target client 810, and obtain authentication matching information of the target client 810 according to the login authentication request; submitting an associated login authentication request to a first server, wherein the associated login authentication request carries login authentication information of the associated client 820 and identity authentication matching information of the target client 810, so that the first server obtains the login authentication information of the target client 810 according to the associated login authentication request; receiving login verification information of the target client 810 returned by the first server, and sending the login verification information of the target client 810 to the target client 810;
the target client 810 is further configured to log in to a second server using the login authentication information of the target client 810.
In an optional embodiment, the login authentication request carries a client identifier of the target client 810;
the obtaining, by the associated client 820, the authentication matching information of the target client 810 according to the login authentication request includes:
the associated client 820 obtains the authentication matching information of the target client according to the client identifier of the target client 810.
In an optional embodiment, the login authentication request carries the data transmission public key of the target client 810;
the step of the associated client 820 sending the login verification information of the target client 810 to the target client 810 includes:
the associated client 820 encrypts the login authentication information of the target client 810 by using the data transmission public key;
the associated client 820 sends the encrypted login verification information of the target client 810 to the target client 810;
the target client 810, after receiving the login verification information of the target client 810 sent by the associated client 820, is further configured to: and decrypting the data transmission private key corresponding to the data transmission public key to obtain login verification information of the target client 810.
In an alternative embodiment, the target client 810, before sending the login authentication request to the associated client 820, is further configured to:
and generating the data transmission public key and the corresponding data transmission private key.
In an alternative embodiment, the target client 810, before sending the login authentication request to the associated client 820, is further configured to:
judging whether login verification information of the target client 810 exists in a local designated position; if the login authentication information of the target client 810 exists in the local designated position, logging in a second server by using the login authentication information of the target client 810 in the local designated position; otherwise, a login authentication request is sent to the associated client 820.
Further in an optional embodiment, the target client 810, after logging in to the second server using the login authentication information of the target client 810, is further configured to:
the login authentication information of the target client 810 is saved at a locally designated location.
The associated client in this embodiment can request the server corresponding to the associated client to obtain the login authentication information of the target client according to the login authentication information of the associated client and the authentication matching information of the target client after obtaining the login authentication request of the target client, and send the obtained login authentication information to the target client to log in, so that the risk that the login authentication information is stolen is effectively avoided while the target client is rapidly logged in, and the login security of the client is improved.
The associated client, the server and the client login system described in the above embodiments of the present invention may all be used to implement the method embodiment flows described in detail in fig. 1 to 3 of the present invention, and the specific implementation manner thereof may refer to the method embodiment described in conjunction with fig. 1 to 3 of the present invention.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.
The above disclosure is only for the purpose of illustrating the preferred embodiments of the present invention, and it is therefore to be understood that the invention is not limited by the scope of the appended claims.
Claims (20)
1. A client login method, the method comprising:
the method comprises the steps that an associated client receives a login verification request sent by a target client, wherein the target client and at least one associated client establish an associated relationship, and the login verification request carries a client identifier of the target client;
the associated client calls a preset system function according to the client identification of the target client to acquire the identity verification matching information of the target client;
the associated client side submits an associated login verification request to a first server, wherein the associated login verification request carries login verification information of the associated client side and identity verification matching information of the target client side, so that the first server obtains the login verification information of the target client side according to the associated login verification request;
the associated client receives login verification information of the target client returned by the first server;
and the associated client sends the login verification information of the target client to the target client so that the target client logs in a second server by using the login verification information of the target client.
2. The client login method of claim 1, wherein the login authentication request carries a data transmission public key of the target client;
the step of sending the login verification information of the target client to the target client by the associated client comprises the following steps:
the associated client encrypts login verification information of the target client by using the data transmission public key;
and the associated client sends the encrypted login verification information of the target client to the target client so that the target client decrypts the encrypted login verification information of the target client by using a data transmission private key corresponding to the data transmission public key to obtain the login verification information of the target client.
3. The client login method of any one of claims 1 or 2, wherein the authentication match information comprises a client package identification and signature data of the target client.
4. A client login method, the method comprising:
a target client sends a login verification request to an associated client, wherein the target client establishes an associated relationship with at least one associated client, and the login verification request carries a client identifier of the target client;
the associated client calls a preset system function according to the client identification of the target client to acquire the identity verification matching information of the target client;
the associated client side submits an associated login verification request to a first server, wherein the associated login verification request carries login verification information of the associated client side and identity verification matching information of the target client side, so that the first server obtains the login verification information of the target client side according to the associated login verification request;
the associated client receives login verification information of the target client returned by the first server;
the associated client side sends login verification information of the target client side to the target client side;
and the target client receives the login verification information of the target client sent by the associated client and logs in a second server by using the login verification information of the target client.
5. The client login method of claim 4, wherein the login authentication request carries a data transmission public key of the target client;
the step of sending the login verification information of the target client to the target client by the associated client comprises the following steps:
the associated client encrypts login verification information of the target client by using the data transmission public key;
the correlation client sends the encrypted login verification information of the target client to the target client;
after the target client receives the login verification information of the target client sent by the associated client, the method further comprises the following steps:
and the target client decrypts the data transmission private key corresponding to the data transmission public key to obtain the login verification information of the target client.
6. The client login method of claim 5, wherein the target client further comprises, before sending the login authentication request to the associated client:
and generating the data transmission public key and the corresponding data transmission private key.
7. The client login method of claim 4, wherein the target client further comprises, before sending the login authentication request to the associated client:
the target client judges whether login verification information of the target client exists in a local designated position;
if the login verification information of the target client exists in the local specified position, the target client logs in a second server by using the login verification information of the target client in the local specified position; otherwise, the target client sends a login verification request to the associated client.
8. The client login method of claim 7, wherein the target client, after logging in to the second server using the login authentication information of the target client, further comprises:
and storing the login verification information of the target client at a local designated position.
9. A client login method, the method comprising:
receiving an associated login verification request submitted by an associated client, wherein the associated login verification request carries login verification information of the associated client and identity verification matching information of a target client acquired by the associated client, an associated relationship is established between the target client and at least one associated client, the associated client receives the login verification request sent by the target client, the login verification request carries a client identifier of the target client, and the associated client calls a preset system function according to the client identifier of the target client to acquire the identity verification matching information of the target client;
acquiring login authentication information of the target client according to the associated login authentication request;
and returning the login verification information of the target client to the associated client, so that the associated client sends the login verification information of the target client to the target client, and the target client logs in a second server by using the login verification information of the target client.
10. An association client, comprising:
the system comprises a verification request receiving module, a login verification request receiving module and a login verification processing module, wherein the verification request receiving module is used for receiving a login verification request sent by a target client, a correlation relationship is established between the target client and at least one correlation client, and the login verification request carries a client identifier of the target client;
the identity information acquisition module is used for calling a preset system function according to the client identification of the target client to acquire identity verification matching information of the target client;
the system comprises an association verification request module, a first server and a second server, wherein the association verification request module is used for submitting an association login verification request to the first server, and the association login verification request carries login verification information of an association client and identity verification matching information of a target client so that the first server can obtain the login verification information of the target client according to the association login verification request;
the verification information receiving module is used for receiving login verification information of the target client returned by the first server;
and the verification information returning module is used for sending the login verification information of the target client to the target client so that the target client logs in to a second server by using the login verification information of the target client.
11. The correlation client according to claim 10, wherein the login authentication request received by the authentication request receiving module carries the data transmission public key of the target client;
the authentication information return module includes:
the encryption unit is used for encrypting the login verification information of the target client by using the data transmission public key;
and the return unit is used for sending the encrypted login verification information of the target client to the target client so that the target client can decrypt the encrypted login verification information by using a data transmission private key corresponding to the data transmission public key to obtain the login verification information of the target client.
12. A server, comprising:
the system comprises an association request receiving module, a target client and an association client, wherein the association request receiving module is used for receiving an association login verification request submitted by the association client, the association login verification request carries login verification information of the association client and identity verification matching information of the target client acquired by the association client, an association relationship is established between the target client and at least one association client, the association client receives the login verification request sent by the target client, the login verification request carries a client identifier of the target client, and the association client calls a preset system function according to the client identifier of the target client to acquire the identity verification matching information of the target client;
the verification information acquisition module is used for acquiring login verification information of the target client according to the associated login verification request;
and the verification information returning module is used for returning the login verification information of the target client to the associated client so that the associated client sends the login verification information of the target client to the target client, and the target client logs in a second server by using the login verification information of the target client.
13. A client login system comprising a target client and an associated client, wherein:
the target client is used for sending a login verification request to the associated client, wherein the login verification request carries the client identifier of the target client;
the associated client is used for receiving a login verification request sent by a target client, and calling a preset system function according to a client identifier of the target client to acquire identity verification matching information of the target client; submitting an associated login verification request to a first server, wherein the associated login verification request carries login verification information of the associated client and identity verification matching information of the target client, so that the first server obtains the login verification information of the target client according to the associated login verification request; receiving login verification information of the target client returned by the first server, and sending the login verification information of the target client to the target client;
and the target client is also used for receiving the login verification information of the target client sent by the associated client and logging in a second server by using the login verification information of the target client.
14. The client login system of claim 13, wherein the login authentication request carries a data transmission public key of the target client;
the step of sending the login verification information of the target client to the target client by the associated client comprises the following steps:
the associated client encrypts login verification information of the target client by using the data transmission public key;
the correlation client sends the encrypted login verification information of the target client to the target client;
the target client is further configured to, after receiving the login verification information of the target client sent by the associated client: and decrypting the data transmission private key corresponding to the data transmission public key to obtain the login verification information of the target client.
15. The client logon system of claim 14, wherein the target client, prior to sending a logon validation request to the associated client, is further configured to:
and generating the data transmission public key and the corresponding data transmission private key.
16. The client logon system of claim 13, wherein the target client, prior to sending a logon validation request to the associated client, is further configured to:
judging whether login verification information of the target client exists in a local designated position or not; if the login verification information of the target client exists in the local designated position, the login verification information of the target client in the local designated position is used for logging in a second server; otherwise, sending a login authentication request to the associated client.
17. The client login system of claim 16, wherein the target client, after logging in to the second server using the target client's login authentication information, is further configured to:
and storing the login verification information of the target client at a local designated position.
18. A computer-readable storage medium, in which one or more programs are stored, the programs being configured to perform the client login method according to any one of claims 1 to 3.
19. A computer-readable storage medium, in which one or more programs are stored, the programs being configured to perform the client login method according to any one of claims 4 to 8.
20. A computer-readable storage medium having one or more programs stored therein for performing the client login method of claim 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410545605.9A CN105577619B (en) | 2014-10-15 | 2014-10-15 | Client login method, client and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410545605.9A CN105577619B (en) | 2014-10-15 | 2014-10-15 | Client login method, client and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105577619A CN105577619A (en) | 2016-05-11 |
| CN105577619B true CN105577619B (en) | 2020-03-03 |
Family
ID=55887285
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410545605.9A Active CN105577619B (en) | 2014-10-15 | 2014-10-15 | Client login method, client and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105577619B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106982212B (en) * | 2017-03-30 | 2019-02-26 | 腾讯科技(深圳)有限公司 | The login method and device of IP address |
| CN107818244A (en) * | 2017-11-16 | 2018-03-20 | 珠海市魅族科技有限公司 | Checking information sending method, system, computer equipment and readable storage medium storing program for executing |
| CN107959757B (en) * | 2017-12-11 | 2020-12-15 | 北京小米移动软件有限公司 | User information processing method and device, APP server and terminal equipment |
| CN110493183B (en) * | 2019-07-05 | 2022-07-12 | 深圳市邦健科技有限公司 | Multi-account simultaneous online processing method and device, storage medium and equipment |
| CN110380865B (en) * | 2019-07-12 | 2022-05-24 | 苏州浪潮智能科技有限公司 | Single sign-on method, device, medium and equipment of multi-node management system |
| CN114039754B (en) * | 2021-10-28 | 2023-07-18 | 中国联合网络通信集团有限公司 | Security verification method and device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102222200A (en) * | 2011-06-24 | 2011-10-19 | 宇龙计算机通信科技(深圳)有限公司 | Application program logging method and logging management system |
| CN102710759A (en) * | 2012-05-22 | 2012-10-03 | 中国联合网络通信集团有限公司 | Web server, business logging method and system |
| CN103188221A (en) * | 2011-12-28 | 2013-07-03 | 腾讯科技(深圳)有限公司 | Application login method, application login device and mobile terminal |
| US9129126B2 (en) * | 2011-05-20 | 2015-09-08 | Red Hat, Inc. | Updating changes to caches |
Family Cites Families (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2008508639A (en) * | 2004-08-02 | 2008-03-21 | 株式会社ジャストシステム | Document processing and management method for adding an exclusive plug-in for realizing a desired function |
| CN103297410B (en) * | 2012-03-05 | 2018-05-01 | 盛趣信息技术(上海)有限公司 | Account intercommunication system and its application method |
| CN103856472B (en) * | 2012-12-06 | 2017-08-18 | 阿里巴巴集团控股有限公司 | A kind of method and device of Account Logon |
| CN103905497B (en) * | 2012-12-27 | 2018-04-27 | 腾讯科技(深圳)有限公司 | Realize the method, apparatus and application platform of third-party application business website log |
| CN103414745A (en) * | 2013-07-05 | 2013-11-27 | 惠州Tcl移动通信有限公司 | Mobile terminal cross-browser login method and device |
| CN103402203B (en) * | 2013-07-30 | 2017-08-25 | 努比亚技术有限公司 | Fast access method and device based on bio-identification |
| CN103457951B (en) * | 2013-09-02 | 2018-04-27 | 小米科技有限责任公司 | The method and device of multiple terminals login service device |
| CN103986720B (en) * | 2014-05-26 | 2017-11-17 | 网之易信息技术(北京)有限公司 | A kind of login method and device |
-
2014
- 2014-10-15 CN CN201410545605.9A patent/CN105577619B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9129126B2 (en) * | 2011-05-20 | 2015-09-08 | Red Hat, Inc. | Updating changes to caches |
| CN102222200A (en) * | 2011-06-24 | 2011-10-19 | 宇龙计算机通信科技(深圳)有限公司 | Application program logging method and logging management system |
| CN103188221A (en) * | 2011-12-28 | 2013-07-03 | 腾讯科技(深圳)有限公司 | Application login method, application login device and mobile terminal |
| CN102710759A (en) * | 2012-05-22 | 2012-10-03 | 中国联合网络通信集团有限公司 | Web server, business logging method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105577619A (en) | 2016-05-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR102307665B1 (en) | identity authentication | |
| CN109150835B (en) | Cloud data access method, device, equipment and computer readable storage medium | |
| CN105577619B (en) | Client login method, client and system | |
| EP2929479B1 (en) | Method and apparatus of account login | |
| US20190026456A1 (en) | Methods and Apparatus for Authentication of Joint Account Login | |
| CN109328348B (en) | Service authentication method, system and related equipment | |
| US20220394026A1 (en) | Network identity protection method and device, and electronic equipment and storage medium | |
| CN112559993B (en) | Identity authentication method, device and system and electronic equipment | |
| JP2018532301A (en) | User authentication method and apparatus | |
| CN105634737B (en) | Data transmission method, terminal and system | |
| KR20170080669A (en) | Establishing communication between mobile terminals | |
| CA2665961C (en) | Method and system for delivering a command to a mobile device | |
| CN111431719A (en) | Mobile terminal password protection module, mobile terminal and password protection method | |
| CN104065621A (en) | Identify verification method for third-party service, client and system | |
| CN109145628B (en) | Data acquisition method and system based on trusted execution environment | |
| WO2017020426A1 (en) | Communication method, apparatus and system based on biological feature identification | |
| US11271922B2 (en) | Method for authenticating a user and corresponding device, first and second servers and system | |
| CN111130798B (en) | Request authentication method and related equipment | |
| WO2017076216A1 (en) | Server, mobile terminal, and internet real name authentication system and method | |
| WO2017206524A1 (en) | Electronic device control method, terminal and control system | |
| CN112272089B (en) | Cloud host login method, device, equipment and computer readable storage medium | |
| CN108667800B (en) | Access authority authentication method and device | |
| CN109246062B (en) | Authentication method and system based on browser plug-in | |
| EP2985712B1 (en) | Application encryption processing method, apparatus, and terminal | |
| CN112118209A (en) | Account number operation method and device of vehicle equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |