CN108848113B - Client device login control method and device, storage medium and server - Google Patents

Client device login control method and device, storage medium and server Download PDF

Info

Publication number
CN108848113B
CN108848113B CN201810928114.0A CN201810928114A CN108848113B CN 108848113 B CN108848113 B CN 108848113B CN 201810928114 A CN201810928114 A CN 201810928114A CN 108848113 B CN108848113 B CN 108848113B
Authority
CN
China
Prior art keywords
login
client
client device
record information
equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810928114.0A
Other languages
Chinese (zh)
Other versions
CN108848113A (en
Inventor
陈勇辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Shiyuan Electronics Thecnology Co Ltd
Guangzhou Shirui Electronics Co Ltd
Original Assignee
Guangzhou Shiyuan Electronics Thecnology Co Ltd
Guangzhou Shirui Electronics Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Shiyuan Electronics Thecnology Co Ltd, Guangzhou Shirui Electronics Co Ltd filed Critical Guangzhou Shiyuan Electronics Thecnology Co Ltd
Priority to CN201810928114.0A priority Critical patent/CN108848113B/en
Publication of CN108848113A publication Critical patent/CN108848113A/en
Application granted granted Critical
Publication of CN108848113B publication Critical patent/CN108848113B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/535Tracking the activity of the user

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Information Transfer Between Computers (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses a method, a device, a storage medium and a server for controlling login of client equipment, wherein the method comprises the following steps: acquiring a plurality of pieces of login state record information pre-stored in a server; determining a plurality of client devices logged in to the server through the same account number according to the login state information; selecting at least one client device from the plurality of client devices as a client device to be managed according to a preset account login management strategy; and configuring access authentication information in the login state record information of the client equipment to be managed, so that the corresponding client equipment is authenticated as illegal when performing access operation to prohibit the access operation of the corresponding client equipment. The login verification process of the client equipment account number is decoupled from the login state management control of the client equipment, so that the login efficiency of the client equipment is improved.

Description

Client device login control method and device, storage medium and server
Technical Field
The invention belongs to the technical field of communication, and particularly relates to a login control method and device for client equipment, a storage medium and a server.
Background
Along with the development of science and technology, more and more intelligent terminals can access the internet, and the requirement that a user can log in to the same account on different equipment and the equipment of different geographical positions to the arbitrary application of user is satisfied to current account login technique. However, the multi-terminal login of the same account of the application causes the account login security problem and the confusion of account information management. In the prior art, account password verification and management of client number control of the same account login are performed in the process of account login of a user by using a client, so that the problems of account login safety and account information management confusion caused by multi-terminal login of the same account of an application are solved. However, the prior art has the following disadvantages: in the process that a user logs in an account through a client, the system couples the checking logic of account login and the management and judgment logic of the login state of the client in the login logic, so that the login time of the client is prolonged, and the login experience of the user is influenced.
Disclosure of Invention
The embodiment of the invention provides a client device login control method, a client device login control device, a storage medium and a server, which are used for improving the login efficiency of client devices by decoupling the login verification process of client device accounts and the login state management control of the client devices.
In a first aspect, an embodiment of the present invention provides a client device login control method, including the following steps:
acquiring a plurality of pieces of login state record information pre-stored in a server; the login state recording information is used for recording one-time operation that each client device successfully logs in the server through a legal account; the login state record information comprises account information of a login account, equipment information of the client equipment and access verification information for verifying the validity of subsequent access operation of the client equipment after successful login;
determining a plurality of client devices logged in the server through the same account number according to the plurality of pieces of login state record information;
selecting at least one client device from the plurality of client devices as a client device to be managed according to a preset account login management strategy;
and configuring access authentication information in the login state record information of the client equipment to be managed, so that the corresponding client equipment is authenticated as illegal when performing access operation to prohibit the access operation of the corresponding client equipment.
Further, the acquiring a plurality of pieces of login state record information pre-stored in the server specifically includes:
and acquiring a plurality of pieces of login state record information pre-stored in the server at regular time according to the preset scanning time.
Further, the periodically acquiring a plurality of pieces of login state record information pre-stored in the server according to the preset scanning time specifically includes:
regularly acquiring all login state record information pre-stored in a server according to preset scanning time;
and according to the equipment information of the client equipment, screening out login state record information corresponding to the client equipment meeting preset equipment conditions from all the obtained login state record information so as to obtain the login state record information.
Further, the client device login control method further includes:
receiving an account login request sent by client equipment; the account login request comprises account information and equipment information of the client equipment;
checking the account information; when the verification is successful, generating login state record information corresponding to the client equipment; the login state record information also comprises a login certificate bound with the login state record information;
and sending the login credentials to the client equipment so that the logged-in client equipment performs subsequent access operation according to the login credentials.
Further, the client device login control method further includes:
in response to receiving the access operation of the client device, searching corresponding login state record information according to the login credentials carried by the access operation;
verifying the client equipment according to the access verification information in the searched login state record information;
and when the verification is successful, judging that the access operation of the client equipment is legal and responding to the access operation, otherwise, judging that the access operation of the client equipment is illegal and forbidding responding to the access operation.
Further, the access authentication information comprises login time and login validity period;
the verifying the client device according to the access verification information in the found login state record information specifically includes:
judging whether the login validity period is valid data or invalid data;
when the login validity period is invalid data, determining that the authentication on the client device fails;
when the login validity period is valid data, judging whether the time interval between the current time and the login time is greater than the login validity period, if so, judging that the verification of the client equipment fails, otherwise, successfully verifying the client equipment;
the configuring access verification information in the login state record information of the client device to be managed so that the corresponding client device is verified as being illegal to prohibit the access operation of the corresponding client device when performing the access operation specifically comprises:
and configuring the login validity period of the access authentication information in the login state record information of the client device to be managed as invalid data, so that the corresponding client device is authenticated as illegal when performing access operation to prohibit the access operation of the corresponding client device.
Further, the selecting at least one client device from the plurality of client devices as a client device to be managed according to a preset account login management policy specifically includes:
counting the number of the plurality of client devices logged in the server through the same account;
judging whether the number of the plurality of client devices exceeds a threshold value in a preset account login management strategy or not;
when the log-in time exceeds the threshold value, selecting N client devices with the earliest or latest log-in time as the client devices to be managed; and the numerical value of N is the number of the plurality of client devices exceeding the threshold value.
In a second aspect, an embodiment of the present invention further provides a client device login control apparatus, including:
the login state record information acquisition module is used for acquiring a plurality of pieces of login state record information which are pre-stored in the server; the login state recording information is used for recording one-time operation that each client device successfully logs in the server through a legal account; the login state record information comprises account information of a login account, equipment information of the client equipment and access verification information for verifying the validity of subsequent access operation of the client equipment after successful login;
the client equipment determining module is used for determining a plurality of client equipment logged in the server through the same account number according to the login state record information;
the client device selection module is used for selecting at least one client device from the plurality of client devices as the client device to be managed according to a preset account login management strategy;
and the configuration module is used for configuring the access verification information in the login state record information of the client equipment to be managed, so that the corresponding client equipment is verified to be illegal when access operation is carried out, and the access operation of the corresponding client equipment is forbidden.
In a third aspect, an embodiment of the present invention further provides a computer-readable storage medium, where the computer-readable storage medium includes a stored program, and when the program runs, the apparatus where the computer-readable storage medium is located is controlled to execute the method for controlling login of a client device according to the first aspect.
In a fourth aspect, an embodiment of the present invention further provides a client device login control server, including a processor, a memory, and a computer program stored in the memory and configured to be executed by the processor, where the processor implements the client device login control method according to the first aspect when executing the computer program.
Compared with the prior art, the login control method, the login control device, the login control storage device and the login control server for the client equipment have the advantages that: recording information by acquiring a plurality of login states stored in a server in advance; the login state recording information is used for recording one-time operation that each client device successfully logs in the server through a legal account; the login state record information comprises account information of a login account, equipment information of the client equipment and access verification information for verifying the validity of subsequent access operation of the client equipment after successful login; determining a plurality of client devices logged in the server through the same account number according to the plurality of pieces of login state record information; selecting at least one client device from the plurality of client devices as a client device to be managed according to a preset account login management strategy; and configuring access authentication information in the login state record information of the client equipment to be managed, so that the corresponding client equipment is authenticated as illegal when performing access operation to prohibit the access operation of the corresponding client equipment. After the client device logs in the account, corresponding login state record information in the server is configured according to the account login management strategy, so that the client device management for logging in the same account is realized, the account login verification process of the client device is decoupled from the login state management control of the client device, and the login efficiency of the client device is improved.
Drawings
Fig. 1 is a schematic flowchart of a method for controlling login of a client device according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of a login account in a login control method for a client device according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram illustrating generation and acquisition of login status record information in a login control method for a client device according to an embodiment of the present invention;
fig. 4 is a schematic flowchart of an access operation in a login control method for a client device according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a login control apparatus for a client device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
[ EXAMPLES one ]
Referring to fig. 1, a flowchart of a method for controlling login of a client device according to an embodiment of the present invention is shown.
In a first aspect, embodiments of the present invention provide a client device login control method, which is executable by a server, and the server is used as an execution subject for the following description.
The login control method of the client equipment comprises the following steps:
s101, acquiring a plurality of pieces of login state record information pre-stored in a server; the login state recording information is used for recording one-time operation that each client device successfully logs in the server through a legal account; the login state record information comprises account information of a login account, equipment information of the client equipment and access verification information for verifying the validity of subsequent access operation of the client equipment after successful login;
s102, determining a plurality of client devices logged in a server through the same account through the plurality of pieces of login state record information;
s103, selecting at least one client device from the plurality of client devices as a client device to be managed according to a preset account login management strategy;
s104, configuring access authentication information in the login state record information of the client device to be managed, so that the corresponding client device is authenticated as illegal when performing access operation, and the access operation of the corresponding client device is forbidden.
It should be noted that, in the embodiment of the present invention, a user can log in the same account through different client devices (such as a WEB terminal, a PC teacher terminal, a student Android terminal, and a student Chrome terminal). When each client device successfully logs in the server through the legal account, a piece of login state record information which is correspondingly generated and stored in the server records one time of operation of logging in the server by the client device. The login state record information comprises account information of a login account, equipment information of the client equipment and access verification information for verifying the validity of subsequent access operation of the client equipment after successful login; the device information of the client device includes a client identifier (Android, Chrome, etc.) and a client MAC address. After the server acquires a plurality of pieces of login state record information pre-stored in the server, a plurality of client devices which log in to the server through the same account are determined through account information in the plurality of pieces of login state record information.
The server selects at least one client device from a plurality of client devices which log in the server through the same account number as the client device to be managed according to an account number login management strategy preset by a management background, and configures access verification information in login state record information of the client device to be managed, so that the corresponding client device is verified to be illegal when performing access operation, and the access operation of the corresponding client device is forbidden. The account login management strategy is created by an administrator through a management background and comprises various client device management strategies, such as limiting a single-end or multi-end login mode of an account, setting strategy execution time and execution interval, managing a strategy effective range, setting a client device threshold value allowing login of the same account, starting a strategy (a timing strategy switch) or not, and the like. After the client device logs in the account, the corresponding login state record information in the server is configured according to the account login management strategy, so that the client device management for logging in the same account is realized, the client login state control of the account is decoupled from the client device login, and the login efficiency of the client device is improved.
Specifically, when two different client devices a and B log in a server through the same account, the server first performs account login password verification on the client devices a and B, so that the client devices a and B successfully log in the accounts after verification is successful. After the client device A and the client device B log in the account, login state record information corresponding to the client devices A and B is generated and stored in the server; the login state record information includes account information of a login account, device information of the client device, and access verification information for verifying the validity of subsequent access operation of the client device after successful login.
When the server executes the login control method of the client device, a plurality of pieces of login state record information which are stored in the server in advance and contain login state record information corresponding to the client devices A and B are obtained; and determining the client device A and the client device B which log in the server through the account according to the log-in state record information. The server selects at least one client device from the client devices A and B as the client device to be managed according to a preset account login management strategy; and configuring access authentication information in the login state record information of the client equipment to be managed, so that the client equipment A or B is authenticated as illegal when performing access operation to prohibit the access operation of the corresponding client equipment, thereby realizing the login state management control of the client equipment. The login verification process of the client equipment account number is decoupled from the login state management control of the client equipment, so that the login efficiency of the client equipment is improved.
[ example two ]
Further, in step S101, the acquiring a plurality of pieces of login state record information pre-stored in the server specifically includes:
and acquiring a plurality of pieces of login state record information pre-stored in the server at regular time according to the preset scanning time.
Further, the periodically acquiring a plurality of pieces of login state record information pre-stored in the server according to the preset scanning time specifically includes:
regularly acquiring all login state record information pre-stored in a server according to preset scanning time;
and according to the equipment information of the client equipment, screening out login state record information corresponding to the client equipment meeting preset equipment conditions from all the obtained login state record information so as to obtain the login state record information.
It should be noted that, in the embodiment of the present invention, the step S101 in the method for executing login control of the client device by the server specifically includes: scanning at regular time according to the execution interval time (1 second or 5 seconds and the like) preset by the management background to acquire all login state record information stored in a server in advance; and screening login state record information corresponding to the client equipment meeting preset equipment conditions from all the acquired login state record information according to the equipment information of the corresponding client equipment, wherein the preset equipment conditions are determined by a management strategy effective range set by a management background, and the management strategy effective range comprises the type of the client equipment, the position of the client equipment and the like.
If the management strategy effective range is an android mobile phone terminal, and the preset device condition is the android mobile phone terminal, screening login state record information corresponding to the client device meeting the preset device condition from all the obtained login state record information according to the device information of the client device, specifically: and screening login state record information corresponding to the android mobile phone device from all the obtained login state record information according to the client identifier of the corresponding client device contained in each login state record information, so that the obtained login state record information are all the login state record information corresponding to the android mobile phone devices.
If the effective range of the management strategy is school, the preset equipment condition is that the address information is the client equipment of the school, the server screens out login state record information corresponding to the client equipment of the school from all the obtained login state record information according to the client MAC address of the corresponding client equipment contained in each login state record information, and therefore the obtained login state record information are all login state record information corresponding to a plurality of client equipment of which the address information is the school.
[ EXAMPLE III ]
Fig. 2 is a schematic flowchart of a login account in a login control method for a client device according to an embodiment of the present invention.
Further, the client device login control method further includes:
s201, receiving an account login request sent by client equipment; the account login request comprises account information and equipment information of the client equipment;
s202, checking the account information; when the verification is successful, generating login state record information corresponding to the client equipment; the login state record information also comprises a login certificate bound with the login state record information;
s203, the login credentials are sent to the client device, so that the logged-in client device performs subsequent access operation according to the login credentials.
It should be noted that, as shown in fig. 3, the structure diagram is a schematic diagram of generating and acquiring login status record information in a login control method for a client device according to an embodiment of the present invention. The Server executing the login control method of the client device in the embodiment of the invention comprises a user center Server UC Server, a login state Server Online Server and a database DB. Specifically, the user center Server UC Server is configured to process a client device login logic, such as a conventional account password check; the login state Server is used for receiving an account login management strategy sent by the management background and performing management control on the login state of the client equipment; the DB database is used to store various service data, for example, to store login status record information generated each time the client device logs in an account.
When a user logs in through an account by client equipment, the client equipment sends an http request login interface to link with the user center server for account login. After receiving an account login request sent by client equipment, the user center server performs account legality verification and login password verification according to the account information; when the user center server successfully verifies the account information, login state record information corresponding to the client equipment is generated, and the login state record information of this time is stored in a DB database; the login state record information comprises login credentials bound with the account information of the login account, the equipment information of the client equipment and access verification information used for verifying the validity of subsequent access operation of the client equipment after successful login; the login credentials are randomly generated unique login credential ids and are unique identifiers of login state record information bound with the login credentials.
And the user center server sends the login credentials to the client equipment so that the logged-in client equipment performs subsequent access operation according to the login credentials. When the same account is logged in for multiple times through the client device, the original login state record information of the same account of the same client device is stored in a database in a covering mode when the login state record information is newly generated. The login logic verification of the client device is separated from the login state management judgment logic of the client device, so that the login efficiency of the client device is improved, and the login experience of a user is improved.
Fig. 4 is a schematic flowchart of an access operation in a login control method for a client device according to an embodiment of the present invention.
Further, the client device login control method further includes:
s301, in response to receiving an access operation of the client device, searching corresponding login state record information according to a login certificate carried by the access operation;
s302, verifying the client equipment according to the access verification information in the searched login state record information;
s303, judging that the access operation of the client device is legal and responding to the access operation when the verification is successful, otherwise judging that the access operation of the client device is illegal and forbidding responding to the access operation.
It should be noted that, in the embodiment of the present invention, in response to receiving an access operation of a client device, a server searches for corresponding login state record information according to a login credential carried in the access operation; because the login certificate is the only identification of the login state record information bound with the login certificate, the corresponding login state record information stored in the database can be inquired through the SQL statement of the database. And the server verifies the client equipment according to the access verification information in the searched login state record information, thereby judging whether the access operation of the client equipment is legal or not and limiting the access authority of the client equipment. Since the access authentication information is configured in step S104, after the access authentication information corresponding to any client device is configured according to the account management policy, if the client device performs the same account login again, the server fails to authenticate the client device, thereby determining that the access operation of the client device is illegal, prohibiting the response to the access operation, and implementing management and control of the account login of the client device according to the account management policy.
[ EXAMPLE IV ]
Further, the access authentication information comprises login time and login validity period; the validity period is generally a default time of the system service, and the default validity period time of the system in the embodiment of the present invention is one week.
The verifying the client device according to the access verification information in the found login state record information specifically includes:
judging whether the login validity period is valid data or invalid data;
when the login validity period is invalid data, determining that the authentication on the client device fails;
when the login validity period is valid data, judging whether the time interval between the current time and the login time is greater than the login validity period, if so, judging that the verification of the client equipment fails, otherwise, successfully verifying the client equipment;
the configuring access verification information in the login state record information of the client device to be managed so that the corresponding client device is verified as being illegal to prohibit the access operation of the corresponding client device when performing the access operation specifically comprises:
and configuring the login validity period of the access authentication information in the login state record information of the client device to be managed as invalid data, so that the corresponding client device is authenticated as illegal when performing access operation to prohibit the access operation of the corresponding client device.
It should be noted that, in the embodiment of the present invention, as shown in fig. 3, the login status server periodically scans and acquires all login status record information currently and pre-stored in the DB database according to the execution interval time preset by the management background; and according to the device information of the corresponding client device contained in each login state record information, screening out login state record information corresponding to the client device meeting preset device conditions from all the obtained login state record information, selecting at least one client device from the plurality of client devices as the client device to be managed according to a preset account login management strategy, and configuring the login valid period of the access verification information in the login state record information of the client device to be managed as invalid data or clearing the valid period, so that the corresponding client device is verified as being illegal to prohibit the access operation of the corresponding client device when the access operation is carried out.
[ EXAMPLE V ]
Further, the selecting at least one client device from the plurality of client devices as a client device to be managed according to a preset account login management policy specifically includes:
counting the number of the plurality of client devices logged in the server through the same account;
judging whether the number of the plurality of client devices exceeds a threshold value in a preset account login management strategy or not;
when the log-in time exceeds the threshold value, selecting N client devices with the earliest or latest log-in time as the client devices to be managed; and the numerical value of N is the number of the plurality of client devices exceeding the threshold value.
It should be noted that, the threshold in the account login management policy is determined by a threshold of a client device allowing login of the same account and a login mode of a restricted account set by a management background, and when the account login management policy is single-end login of the restricted account, the threshold is 1; when the account login management strategy is that the number of client devices is not limited by account multi-terminal login, the threshold value is an infinite value; and when the threshold value of the client equipment which allows login of the same account is set by the account login management strategy, the threshold value is a set value. The login state server utilizes a multi-service and multi-thread mode to merge and process step by step, the number of the obtained remainders is 1 according to the hash of the account id, namely the hash (account id)/the number of threads, the thread 1 is used for processing the account id, the number of the threads is determined according to the performance of the service, the higher the performance is, the more the number can be, the higher the processing speed is, and the multi-thread processing of a plurality of different accounts according to the account login management strategy is realized.
When the login state server judges that the number of the plurality of client devices exceeds a threshold value in a preset account login management strategy, according to an account login management strategy type (a client device which logs in first is offline first, a client device which logs in after is limited is offline first and the like) preset by a management background, selecting N client devices with the earliest login time as the client devices to be managed (corresponding to the account login management strategy type which logs in first and the account login management strategy type which logs in last and the client devices which logs in last and the account login management strategy type which logs in second and the account login management strategy type which logs in first and the account login management strategy type which logs in last and the account login management; and the numerical value of N is the number of the plurality of client devices exceeding the threshold value. Because the account login management strategy is flexible and configurable, a client device management scheme compatible with various account logins is realized, and the client device management is more efficient and convenient.
The embodiment of the invention provides a login control method of client equipment, which comprises the steps of obtaining a plurality of pieces of login state record information pre-stored in a server; the login state recording information is used for recording one-time operation that each client device successfully logs in the server through a legal account; the login state record information comprises account information of a login account, equipment information of the client equipment and access verification information for verifying the validity of subsequent access operation of the client equipment after successful login; determining a plurality of client devices logged in the server through the same account number according to the plurality of pieces of login state record information; selecting at least one client device from the plurality of client devices as a client device to be managed according to a preset account login management strategy; and configuring access authentication information in the login state record information of the client equipment to be managed, so that the corresponding client equipment is authenticated as illegal when performing access operation to prohibit the access operation of the corresponding client equipment. After the client device logs in the account, corresponding login state record information in the server is configured according to the account login management strategy, so that the client device management for logging in the same account is realized, the account login verification process of the client device is decoupled from the login state management control of the client device, and the login efficiency of the client device is improved.
Fig. 5 is a schematic structural diagram of a login control apparatus for a client device according to an embodiment of the present invention.
In a second aspect, an embodiment of the present invention further provides a client device login control apparatus, including:
a login state record information obtaining module 501, configured to obtain a plurality of pieces of login state record information pre-stored in a server; the login state recording information is used for recording one-time operation that each client device successfully logs in the server through a legal account; the login state record information comprises account information of a login account, equipment information of the client equipment and access verification information for verifying the validity of subsequent access operation of the client equipment after successful login;
a client device determining module 502, configured to determine, through the pieces of login state record information, a plurality of client devices that log in to the server through the same account;
a client device selection module 503, configured to select at least one client device from the multiple client devices as a client device to be managed according to a preset account login management policy;
a configuration module 504, configured to configure access authentication information in the login status record information of the client device to be managed, so that the corresponding client device is authenticated as being illegal when performing an access operation, so as to prohibit the access operation of the corresponding client device.
According to the login control device for the client device, after the client device logs in the account, the corresponding login state record information in the server is configured according to the account login management strategy, so that the client device management for logging in the same account is realized, the account login verification process of the client device is decoupled from the login state management control of the client device, and the login efficiency of the client device is improved.
It should be noted that, in the login control apparatus for a client device according to an embodiment of the present invention, the login state record information obtaining module 501 further includes:
the scanning acquisition unit is used for acquiring all login state record information stored in the server in advance at fixed time according to preset scanning time; and the screening unit is used for screening the login state record information corresponding to the client equipment meeting the preset equipment condition from all the obtained login state record information according to the equipment information of the client equipment so as to obtain the login state record information.
Further, in the embodiment of the present invention, the login control device for client devices further includes:
the account login request receiving module is used for receiving an account login request sent by the client equipment; the account login request comprises account information and equipment information of the client equipment;
the account information checking module is used for checking the account information; when the verification is successful, generating login state record information corresponding to the client equipment; the login state record information also comprises a login certificate bound with the login state record information;
and the login credential sending module is used for sending the login credential to the client device so as to enable the logged-in client device to perform subsequent access operation according to the login credential.
Further, in the embodiment of the present invention, the login control device for client devices further includes:
the login state record information searching module is used for responding to the received access operation of the client equipment and searching corresponding login state record information according to the login credentials carried by the access operation;
the login state record information verification module is used for verifying the client equipment according to the access verification information in the searched login state record information;
and the verification judgment execution module is used for judging that the access operation of the client equipment is legal and responding to the access operation when the verification is successful, and otherwise, judging that the access operation of the client equipment is illegal and forbidding responding to the access operation.
Further, the login state record information verification module further includes:
a login validity period judging unit for judging whether the login validity period is valid data or invalid data;
a first authentication determination unit configured to determine that authentication has failed for the client device when the login validity period is invalid data;
and the second verification judging unit is used for judging whether the time interval between the current time and the login time is greater than the login validity period or not when the login validity period is valid data, judging that the verification of the client equipment fails if the time interval is greater than the login validity period, and judging that the verification of the client equipment succeeds if the time interval is not greater than the login validity period.
Further, the configuration module 504 further includes:
and the validity period configuration unit is used for configuring the login validity period of the access authentication information in the login state record information of the client device to be managed into invalid data, so that the corresponding client device is authenticated to be illegal when performing access operation to prohibit the access operation of the corresponding client device.
Further, the client device selecting module 503 further includes:
the client equipment number counting unit is used for counting the number of the plurality of client equipment logged in the server through the same account;
the judging unit is used for judging whether the number of the plurality of client devices exceeds a threshold value in a preset account login management strategy;
the client device selection unit to be managed is used for selecting N client devices with the earliest or latest login time as the client devices to be managed when the threshold value is exceeded; and the numerical value of N is the number of the plurality of client devices exceeding the threshold value.
In a third aspect, an embodiment of the present invention further provides a computer-readable storage medium, where the computer-readable storage medium includes a stored program, and when the program runs, the apparatus where the computer-readable storage medium is located is controlled to execute the method for controlling login of a client device according to the first aspect.
In a fourth aspect, an embodiment of the present invention further provides a client device login control server, including a processor, a memory, and a computer program stored in the memory and configured to be executed by the processor, where the processor implements the client device login control method according to the first aspect when executing the computer program.
The client device login control server of the embodiment of the invention comprises: a processor, a memory, and a computer program, such as a client device login control program, stored in the memory and executable on the processor. The processor, when executing the computer program, implements the steps in the client device login control method embodiment in the first aspect, for example, steps S101 to S104 shown in fig. 1. Alternatively, the processor implements the functions of the modules/units in the above embodiments of the apparatuses when executing the computer program, for example, the client device logs in to the control apparatus.
Illustratively, the computer program may be partitioned into one or more modules/units that are stored in the memory and executed by the processor to implement the invention. The one or more modules/units may be a series of computer program instruction segments capable of performing specific functions, which are used to describe the execution process of the computer program in the client device login control server device. For example, the computer program may be divided into a login state record information acquisition module 501, a client device determination module 502, a client device selection module 503, and a configuration module 504.
The specific functions of each module are as follows: a login state record information obtaining module 501, configured to obtain a plurality of pieces of login state record information pre-stored in a server; the login state recording information is used for recording one-time operation that each client device successfully logs in the server through a legal account; the login state record information comprises account information of a login account, equipment information of the client equipment and access verification information for verifying the validity of subsequent access operation of the client equipment after successful login;
a client device determining module 502, configured to determine, through the pieces of login state record information, a plurality of client devices that log in to the server through the same account;
a client device selection module 503, configured to select at least one client device from the multiple client devices as a client device to be managed according to a preset account login management policy;
a configuration module 504, configured to configure access authentication information in the login status record information of the client device to be managed, so that the corresponding client device is authenticated as being illegal when performing an access operation, so as to prohibit the access operation of the corresponding client device.
The client device login control device can be a desktop computer, a notebook, a palm computer, a cloud server and other computing devices. The client device login control server may include, but is not limited to, a processor, a memory. It will be understood by those skilled in the art that the schematic diagram of fig. 5 is merely an example of a client device login control device, and does not constitute a limitation of the client device login control device, and may include more or less components than those shown, or combine some components, or different components, for example, the client device login control device/server may further include an input/output device, a network access device, a bus, etc.
The Processor may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic, discrete hardware components, etc. The general purpose processor may be a microprocessor or the processor may be any conventional processor or the like, the processor is a control center of the client device login control apparatus, and various interfaces and lines are used to connect various parts of the whole client device login control apparatus.
The memory may be used to store the computer program and/or module, and the processor may implement various functions of the client device login control apparatus by running or executing the computer program and/or module stored in the memory and calling data stored in the memory. The memory may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required by at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data (such as audio data, a phonebook, etc.) created according to the use of the cellular phone, and the like. In addition, the memory may include high speed random access memory, and may also include non-volatile memory, such as a hard disk, a memory, a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), at least one magnetic disk storage device, a Flash memory device, or other volatile solid state storage device.
The module/unit integrated with the client device login control device/server may be stored in a computer readable storage medium if it is implemented in the form of a software functional unit and sold or used as a stand-alone product. Based on such understanding, all or part of the flow of the method according to the embodiments of the present invention may also be implemented by a computer program, which may be stored in a computer-readable storage medium, and when the computer program is executed by a processor, the steps of the method embodiments may be implemented. Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer-readable medium may include: any entity or device capable of carrying the computer program code, recording medium, usb disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-Only Memory (ROM), Random Access Memory (RAM), electrical carrier wave signals, telecommunications signals, software distribution medium, and the like. It should be noted that the computer readable medium may contain content that is subject to appropriate increase or decrease as required by legislation and patent practice in jurisdictions, for example, in some jurisdictions, computer readable media does not include electrical carrier signals and telecommunications signals as is required by legislation and patent practice.
In summary, the embodiments of the present invention provide a method, an apparatus, a storage medium, and a server for controlling login of a client device, by obtaining a plurality of pieces of login state record information pre-stored in the server; the login state recording information is used for recording one-time operation that each client device successfully logs in the server through a legal account; the login state record information comprises account information of a login account, equipment information of the client equipment and access verification information for verifying the validity of subsequent access operation of the client equipment after successful login; determining a plurality of client devices logged in the server through the same account number according to the plurality of pieces of login state record information; selecting at least one client device from the plurality of client devices as a client device to be managed according to a preset account login management strategy; and configuring access authentication information in the login state record information of the client equipment to be managed, so that the corresponding client equipment is authenticated as illegal when performing access operation to prohibit the access operation of the corresponding client equipment. After the client device logs in the account, corresponding login state record information in the server is configured according to the account login management strategy, so that the client device management for logging in the same account is realized, the account login verification process of the client device is decoupled from the login state management control of the client device, and the login efficiency of the client device is improved.
It should be noted that the above-described device embodiments are merely illustrative, where the units described as separate parts may or may not be physically separate, and the parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on multiple network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. In addition, in the drawings of the embodiment of the apparatus provided by the present invention, the connection relationship between the modules indicates that there is a communication connection between them, and may be specifically implemented as one or more communication buses or signal lines. One of ordinary skill in the art can understand and implement it without inventive effort.
While the foregoing is directed to the preferred embodiment of the present invention, it will be understood by those skilled in the art that various changes and modifications may be made without departing from the spirit and scope of the invention.

Claims (10)

1. A client device login control method is characterized by comprising the following steps:
acquiring a plurality of pieces of login state record information pre-stored in a server; the login state recording information is used for recording one-time operation that each client device successfully logs in the server through a legal account; the login state record information comprises account information of a login account, equipment information of the client equipment and access verification information for verifying the validity of subsequent access operation of the client equipment after successful login;
determining a plurality of client devices logged in the server through the same account number according to the plurality of pieces of login state record information;
selecting at least one client device from the plurality of client devices as a client device to be managed according to a preset account login management strategy;
and configuring access authentication information in the login state record information of the client equipment to be managed, so that the corresponding client equipment is authenticated as illegal when performing access operation to prohibit the access operation of the corresponding client equipment.
2. The method for controlling login of client device according to claim 1, wherein said obtaining a plurality of pieces of login status record information pre-stored in a server specifically comprises:
and acquiring a plurality of pieces of login state record information pre-stored in the server at regular time according to the preset scanning time.
3. The method for controlling login of client device according to claim 2, wherein the periodically obtaining a plurality of pieces of login status record information pre-stored in the server according to the preset scanning time specifically comprises:
regularly acquiring all login state record information pre-stored in a server according to preset scanning time;
and according to the equipment information of the client equipment, screening out login state record information corresponding to the client equipment meeting preset equipment conditions from all the obtained login state record information so as to obtain the login state record information.
4. The client device login control method of claim 1, wherein the method further comprises:
receiving an account login request sent by client equipment; the account login request comprises account information and equipment information of the client equipment;
checking the account information; when the verification is successful, generating login state record information corresponding to the client equipment; the login state record information also comprises a login certificate bound with the login state record information;
and sending the login credentials to the client equipment so that the logged-in client equipment performs subsequent access operation according to the login credentials.
5. The client device login control method of claim 4, wherein the method further comprises:
in response to receiving the access operation of the client device, searching corresponding login state record information according to the login credentials carried by the access operation;
verifying the client equipment according to the access verification information in the searched login state record information;
and when the verification is successful, judging that the access operation of the client equipment is legal and responding to the access operation, otherwise, judging that the access operation of the client equipment is illegal and forbidding responding to the access operation.
6. The client device login control method of claim 5, wherein the access authentication information comprises a login time and a login validity period;
the verifying the client device according to the access verification information in the found login state record information specifically includes:
judging whether the login validity period is valid data or invalid data;
when the login validity period is invalid data, determining that the authentication on the client device fails;
when the login validity period is valid data, judging whether the time interval between the current time and the login time is greater than the login validity period, if so, judging that the verification of the client equipment fails, otherwise, judging that the verification of the client equipment succeeds;
the configuring access verification information in the login state record information of the client device to be managed so that the corresponding client device is verified as being illegal to prohibit the access operation of the corresponding client device when performing the access operation specifically comprises:
and configuring the login validity period of the access authentication information in the login state record information of the client device to be managed as invalid data, so that the corresponding client device is authenticated as illegal when performing access operation to prohibit the access operation of the corresponding client device.
7. The method for controlling login of client device according to claim 1, wherein the selecting at least one client device from the plurality of client devices as the client device to be managed according to a preset account login management policy specifically comprises:
counting the number of the plurality of client devices logged in the server through the same account;
judging whether the number of the plurality of client devices exceeds a threshold value in a preset account login management strategy or not;
when the log-in time exceeds the threshold value, selecting N client devices with the earliest or latest log-in time as the client devices to be managed; and the numerical value of N is the number of the plurality of client devices exceeding the threshold value.
8. A client device login control apparatus, comprising:
the login state record information acquisition module is used for acquiring a plurality of pieces of login state record information which are pre-stored in the server; the login state recording information is used for recording one-time operation that each client device successfully logs in the server through a legal account; the login state record information comprises account information of a login account, equipment information of the client equipment and access verification information for verifying the validity of subsequent access operation of the client equipment after successful login;
the client equipment determining module is used for determining a plurality of client equipment logged in the server through the same account number according to the login state record information;
the client device selection module is used for selecting at least one client device from the plurality of client devices as the client device to be managed according to a preset account login management strategy;
and the configuration module is used for configuring the access verification information in the login state record information of the client equipment to be managed, so that the corresponding client equipment is verified to be illegal when access operation is carried out, and the access operation of the corresponding client equipment is forbidden.
9. A computer-readable storage medium, comprising a stored program, wherein when the program runs, the computer-readable storage medium controls a device in which the computer-readable storage medium is located to execute the client device login control method according to any one of claims 1 to 7.
10. A client device login control server comprising a processor, a memory, and a computer program stored in the memory and configured to be executed by the processor, the processor implementing the client device login control method of any one of claims 1 to 7 when executing the computer program.
CN201810928114.0A 2018-08-15 2018-08-15 Client device login control method and device, storage medium and server Active CN108848113B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810928114.0A CN108848113B (en) 2018-08-15 2018-08-15 Client device login control method and device, storage medium and server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810928114.0A CN108848113B (en) 2018-08-15 2018-08-15 Client device login control method and device, storage medium and server

Publications (2)

Publication Number Publication Date
CN108848113A CN108848113A (en) 2018-11-20
CN108848113B true CN108848113B (en) 2021-03-26

Family

ID=64188473

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810928114.0A Active CN108848113B (en) 2018-08-15 2018-08-15 Client device login control method and device, storage medium and server

Country Status (1)

Country Link
CN (1) CN108848113B (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109657435A (en) * 2018-12-19 2019-04-19 北京奇安信科技有限公司 Control method, equipment, system and the medium of user's access mandate
CN109697342B (en) * 2018-12-24 2022-04-08 北京字节跳动网络技术有限公司 Login equipment management method and device
CN112948783A (en) * 2021-02-26 2021-06-11 平安消费金融有限公司 Client login management method, device, server and storage medium
CN113112274B (en) * 2021-04-12 2023-03-24 支付宝(中国)网络技术有限公司 Payment information processing method, device, equipment and medium
CN113329010B (en) * 2021-05-27 2022-11-08 北京沃东天骏信息技术有限公司 User access management method and system
CN113591043B (en) * 2021-06-25 2024-03-29 深圳市跨越新科技有限公司 Analysis method, system, terminal and storage medium for remote logging of Bagun account
CN113392386B (en) * 2021-06-30 2022-11-04 未鲲(上海)科技服务有限公司 Login method and device of business system, computer equipment and storage medium
CN113343217B (en) * 2021-07-05 2022-08-23 湖南快乐阳光互动娱乐传媒有限公司 Account login limiting method, device, storage medium and equipment
CN116980238B (en) * 2023-09-25 2023-12-08 北京智麟科技有限公司 Multi-terminal login control method and system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101588344A (en) * 2008-05-20 2009-11-25 中兴通讯股份有限公司 System and method for controlling same account login in network system
CN103246840A (en) * 2013-04-01 2013-08-14 天脉聚源(北京)传媒科技有限公司 Method and device for distributing user permissions
CN105978947A (en) * 2016-04-27 2016-09-28 努比亚技术有限公司 Same account number login equipment number control method and mobile terminal
CN107147644A (en) * 2017-05-10 2017-09-08 四川长虹电器股份有限公司 It is a kind of to realize the method that mobile APP user logs in single equipment
CN107196949A (en) * 2017-06-12 2017-09-22 环球智达科技(北京)有限公司 The system for limiting same user account registration terminal quantity
CN107864216A (en) * 2017-11-21 2018-03-30 福建中金在线信息科技有限公司 For multi-client processing method, device and the electronic equipment of identical account

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9054919B2 (en) * 2012-04-05 2015-06-09 Box, Inc. Device pinning capability for enterprise cloud service and storage accounts
CN103095688A (en) * 2012-12-21 2013-05-08 大唐移动通信设备有限公司 Control method of client terminal and server
CN106790126B (en) * 2016-12-27 2019-12-24 深圳技威时代科技有限公司 Account authorization method and device of application program and terminal

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101588344A (en) * 2008-05-20 2009-11-25 中兴通讯股份有限公司 System and method for controlling same account login in network system
CN103246840A (en) * 2013-04-01 2013-08-14 天脉聚源(北京)传媒科技有限公司 Method and device for distributing user permissions
CN105978947A (en) * 2016-04-27 2016-09-28 努比亚技术有限公司 Same account number login equipment number control method and mobile terminal
CN107147644A (en) * 2017-05-10 2017-09-08 四川长虹电器股份有限公司 It is a kind of to realize the method that mobile APP user logs in single equipment
CN107196949A (en) * 2017-06-12 2017-09-22 环球智达科技(北京)有限公司 The system for limiting same user account registration terminal quantity
CN107864216A (en) * 2017-11-21 2018-03-30 福建中金在线信息科技有限公司 For multi-client processing method, device and the electronic equipment of identical account

Also Published As

Publication number Publication date
CN108848113A (en) 2018-11-20

Similar Documents

Publication Publication Date Title
CN108848113B (en) Client device login control method and device, storage medium and server
CN110463161B (en) Password state machine for accessing protected resources
CN110730153B (en) Account configuration method, device and system of cloud equipment and data processing method
CN107210916B (en) Conditional access promotion
US9781097B2 (en) Device fingerprint updating for single sign on authentication
US9245145B2 (en) Methods and systems for regulating database activity
US10097667B2 (en) Methods and systems for regulating database activity
US11425166B2 (en) Identifier-based application security
CN110177124B (en) Identity authentication method based on block chain and related equipment
CN110493184B (en) Method and device for processing login page in client and electronic device
US9787678B2 (en) Multifactor authentication for mail server access
CN110069909B (en) Method and device for login of third-party system without secret
US10103948B1 (en) Computing devices for sending and receiving configuration information
CN111182527A (en) OTA firmware upgrading method, device, terminal equipment and storage medium thereof
CN109756469B (en) Public account management method and device and computer readable storage medium
US20220311777A1 (en) Hardening remote administrator access
CN110048864B (en) Method and apparatus for authenticating an administrator of a device-specific message group
CN108200013B (en) Cloud-based remote security access method, device and system
CN113612729A (en) Authentication method and related device
US20140059661A1 (en) Management device, computer-readable recording medium, and management method
US20210243195A1 (en) Application program access control
CN113342763B (en) Distributed data synchronization method, equipment and medium based on IPFS
CN115987668B (en) Access control method, system, electronic device and storage medium
CN114978779A (en) Data processing method and device for web account login and terminal equipment
CN117119456B (en) 5G MEC multi-container remote certification method, system, device and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant