CN110572371A - identity uniqueness check control method based on HTML5 local storage mechanism - Google Patents
identity uniqueness check control method based on HTML5 local storage mechanism Download PDFInfo
- Publication number
- CN110572371A CN110572371A CN201910766741.3A CN201910766741A CN110572371A CN 110572371 A CN110572371 A CN 110572371A CN 201910766741 A CN201910766741 A CN 201910766741A CN 110572371 A CN110572371 A CN 110572371A
- Authority
- CN
- China
- Prior art keywords
- login
- storage structure
- structure object
- javascript
- local storage
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
An identity uniqueness check control method based on HTML5 local storage mechanism includes defining a storage structure object for storing client information, a check code for checking integrity of the storage structure object, a login authority control mark variable and a time length variable, carrying out double check on nonempty and integrity of the storage structure object in local storage when system is initialized and logged in, downloading and updating the storage structure object from server when check is not passed, checking uniqueness of current login user by using the storage structure object, and carrying out user name password login check operation normally by user meeting requirement. The identity uniqueness verification control method provided by the invention can efficiently and safely solve the verification control problem of the login of the client user of the browser/server nB/S framework.
Description
Technical Field
The invention relates to an identity uniqueness check control method based on an HTML5 local storage mechanism, which is suitable for a browser/server (B/S) architecture system which needs identity check and ensures uniqueness login.
background
currently, a browser/server (B/S) -based architecture model is adopted by a wide range of information systems because the development, maintenance and use processes of the system are greatly simplified. In a browser/server (B/S) system, user login authentication is a content that must be considered, but the browser/server (B/S) system has relatively weak control capability on security, so the security uniqueness problem in the user login stage is more important, especially for a browser/server (B/S) system with high requirements on identity for online examination, check-in and the like. The system based on the client/server (C/S) architecture can utilize computer software and hardware resources to control the uniqueness of the login identity of a client user due to larger control authority and capacity, and the browser/server (B/S) system is more at a Web server side and combines a database technology to realize the detection and control of a certain user identity. However, this method mainly depends on the processing completion of the server, which brings a heavy computational processing load to the server and is inefficient.
disclosure of Invention
The invention aims to overcome the problems in the prior art and provide a user identity uniqueness check control method based on an HTML5 local storage mechanism, which utilizes a local storage mechanism, a data check technology and the like of an HTML5 to design a safe and efficient user uniqueness check model, can effectively solve the check control problem of client user login in a browser/server (B/S) framework, and can effectively reduce the burden of a Web server.
the technical scheme adopted by the invention is as follows:
1) Defining a Javascript storage structure object in local storage, wherein the Javascript storage structure object comprises an object state identification string with or without data values, a login ID number and a client identification value capable of storing IP address information or network card hardware address MAC information, setting a check code variable of the Javascript storage structure object, setting a login state array, comprising a first login mark, a second login mark and a specific login mark, setting a timeout time mark and setting a user login mark controlled by an administrator;
2) and loading the login main page, and checking the Javascript storage structure object. If the Javascript storage structure object does not exist, obtaining the Javascript storage structure object from a server, namely executing the step 4);
3) Judging the overtime identifier in the step 1), if the current time is less than the time identifier, entering a login page, and executing subsequent operation, namely executing according to the step 7;
4) searching whether a corresponding login record exists in a database at a server side according to a client side identifier, creating a Java script storage structure object with the same structure as that in the step 1) at the server side, if the corresponding record is not detected by the database, setting an object state identifier string in the Java script storage structure object as no data, and otherwise, setting the object state identifier string as data;
5) Encrypting the Javascript storage structure object at the server side, generating a check code of the Javascript storage structure object data, and sending the check code back to the browser in a JSON character string mode;
6) The browser client analyzes the JSON, updates Javascript storage structure object data and Javascript storage structure object check code information in the local storage in the step 1), and clears a user name and a password in the login page;
7) inputting a user name and a password in a login page, verifying the non-vacancy and the integrity of the Javascript storage structure object in the step 1), preventing local storage information from being deleted or tampered during login, and executing the step 4 if verification fails;
8) reading an object state identification string in the Javascript storage structure object in the step 1), if the object state identification string is data-free, indicating that a new user logs in and resource conflict does not exist between the new user and other logged-in users, and carrying out user password verification operation, namely executing the step 10);
9) the method comprises the following steps of carrying out uniqueness identity check on a user name input by a current login page to prevent two different users from carrying out login operation on the same computer, and if the user name and the password are in accordance with requirements, carrying out user name and password detection, otherwise, refusing the login operation;
10) and (3) checking the user name and the password, and if the user name and the password pass the checking, updating corresponding content in a local storage according to the login state array content in the step 1) and entering a system main page. If the content of the login state array is the first login, the object state identification string is modified to be data, if the specific login is performed, the login mark attribute of the current user is modified to be the normal login state, and if the specific login is performed for the second time, the local storage content does not need to be updated.
In the step 5), the created check code of the Javascript storage structure object data is generated as follows:
1) Encrypting the created Javascript storage structure object;
2) and calculating and acquiring the verification code of the encrypted data of the Javascript storage structure object by using a HASH algorithm. The HASH algorithm can be selected from SHA1, MD5, SHA2 and other algorithms.
The integrity check of the Javascript storage structure object in the local storage in the step 7) specifically comprises the following steps:
1) calculating the HASH value of the encrypted data of the Javascript storage structure object in the local storage in the step 1);
2) comparing the HASH value with the HASH value of the Javascript storage structure object stored in the local storage in the step 1), if the HASH values are the same, indicating that the Javascript storage structure object in the step 1) is not tampered, otherwise, indicating that the data is tampered, and needing to download the Javascript storage structure object in the step 1) again.
the step 9) of performing uniqueness identity check on the user name input by the login page comprises the following specific steps:
1) judging whether the user name input by the login page is the same as the login ID in the Javascript storage structure object in the local storage in the step 1), if so, indicating that the same user logs in for the second time, and detecting the user name and the password;
2) if the user names are different, the user names log in the same computer, the user name log-in identification attribute input by the log-in page is detected and controlled by an administrator, and if the user names log in with high authority, the user name and password detection operation is carried out;
3) and if the user name login mark attribute is normal login, rejecting subsequent operation, displaying an error, and prompting that two different users can not login in the same computer.
by adopting the technical scheme, the invention has the following beneficial technical effects:
1. the method can effectively solve the problem of checking control of client user login of a browser/server (B/S) framework, improve the system execution efficiency by using a local storage mechanism, and effectively reduce the burden of a Web server;
2. the integrity of the data in the local storage is checked by adopting a HASH algorithm, so that the local data can be efficiently and safely protected from being illegally tampered;
3. aiming at the problems that the control capability of a browser/server (B/S) system is relatively weak, the efficiency of the current browser/server (B/S) system is low in the problem of user identity uniqueness test, the load of a server end is heavy and the like, the invention designs a user uniqueness test model by utilizing the technologies of a local storage mechanism, data verification and the like of HTML5, and can efficiently and safely solve the problem of verification control of client user login of the browser/server (B/S) system. The model has wide development prospect and can be applied to various browser/server (B/S) systems which need identity verification and ensure unique login.
Drawings
FIG. 1 is a flow chart of the present invention.
Detailed Description
the following detailed description of embodiments of the invention refers to the accompanying drawings.
refer to fig. 1. The invention is mainly used for solving the check control problem of client user login of browser/server (B/S) architecture, firstly defining a storage structure object for storing client information, a check code for checking the integrity of the storage structure object, a login authority control mark variable and a duration variable, when the system is respectively initialized and logged in, carrying out double check on the non-vacancy and the integrity of the storage structure object in local storage, when the check is not passed, downloading and updating the storage structure from the server, and checking the uniqueness of the current login user by using the storage structure object, so that the user meeting the requirement can normally carry out the user name and password login check operation.
the specific implementation process is as follows:
1) defining a Javascript storage structure object storObj in the local storage, wherein the Javascript storage structure object storObj comprises an object state identification string flag with the value of 'EMPT' null or 'INFO' non-null, a login ID number userID and a client identification value ClientFlag, the client identification value ClientFlag can store IP address value information, network card hardware address MAC information and the like, the IP address value information is taken as an example for illustration, and a check code variable VCode, storObj and VCode of the storObj are set and stored in the local storage sessionStorage. Setting a login state array LoginState, including a first login FirstLogin, a second login SecLogin and a specific login mark SPLogin, setting a timeout identifier serverTimeout, defining a login identifier allowFlag of a login user, including high-authority login and normal-authority login, and setting by an administrator;
2) and loading a login main page, and checking whether the storObj object exists in the local storage. If the object is not empty, executing the next step, and if the object is not empty, executing the step 4);
3) judging and comparing the overtime identifier servermeout, if the current time is greater than the overtime identifier servermeout, executing the next step, otherwise, executing the step 7);
4) searching whether a corresponding login record exists in a database at a server side according to IP address value information in a client identification value ClientFlag, creating an object storObjS with the same structure as the object of the storObj in a local storage at the server side, setting a flag in the object of the storObjS to be 'EMPT' null if a corresponding record is not detected in the database, otherwise, setting the flag to be 'INFO' non-null, and adding the inquired user name to the UserID in the object of the storObjS;
5) encrypting the storObjS object at the server, generating a check code of the encrypted data of the storObj object in the local storage by using a HASH algorithm, and sending the check code back to the browser in a JSON character string mode; the HASH algorithm can be selected from SHA1, MD5, SHA2 and other algorithms, and the SHA1 is taken as an example for explanation;
6) The browser client analyzes the JSON, updates the storObj object data and the corresponding check code VCode information in the local storage, and clears the user name and the password in the login page;
7) And inputting a user name and a password in the login page, and checking the non-null property and the integrity of the storObj object in the local storage. Calculating SHA1 value of storObj object data in local storage, recording as CCode, if the storObj is empty or CCode is not equal to the VCode, executing step 4);
8) reading an object state identification string flag of a storObj object in a local storage, if the object state identification string flag is 'EMPT', indicating that a new user logs in and has no resource conflict with other logged-in users, executing step 11), and if the content of the identification string is 'INFO', continuing the next step;
9) judging whether the user name input by the login page is the same as the UserID in the storObj object in the local storage, if so, indicating that the same user logs in for the second time, and executing the step 11), otherwise, indicating that different user names log in the same computer, and continuing to execute the next step;
10) Detecting a login authority identification allowFlag of a user name input in a login page, if the allowFlag identification is high authority login, continuing to execute the next step, otherwise, executing the step 13);
11) verifying the user name and the password, if the user name and the password are failed to be verified, prompting login failure information, and if not, continuing the next step;
12) and if the login inspection is successful, updating corresponding contents in the local storage according to the contents of the login state array LoginState, and entering a main page of the system. If the content of the logging state array LoginState is that first logging is first Login, the flag is modified into 'INFO', if special logging is SPLogin, allowFlag of the current user is modified into a normal state, and if secondary logging is performed, the local storage content does not need to be updated;
13) and refusing to log in, displaying errors and prompting two different users that the login can not be performed in the same computer.
Claims (5)
1. an identity uniqueness check control method based on an HTML5 local storage mechanism is characterized in that:
1) defining a Javascript storage structure object in local storage, wherein the Javascript storage structure object comprises an object state identification string with or without data values, a login ID number and a client identification value capable of storing IP address information or network card hardware address MAC information, setting a check code variable of the Javascript storage structure object, setting a login state array, comprising a first login mark, a second login mark and a specific login mark, setting a timeout time mark and setting a user login authority mark controlled by an administrator;
2) loading a login main page, checking a Javascript storage structure object, and if the storage structure object does not exist, acquiring the Javascript storage structure object from a server, namely executing the Javascript storage structure object according to the step 4;
3) Judging the overtime identifier in the step 1), if the current time is less than the time identifier, entering a login page, and executing subsequent operation, namely executing according to the step 7;
4) Searching whether a corresponding login record exists in a database at a server side according to the client side identification value, creating a Javascript storage structure object with the same structure as the structure in the step 1) at the server side, if the corresponding record is not detected by the database, setting an object state identification string in the Javascript storage structure as no data, and if not, setting the object state identification string as data;
5) encrypting the Javascript storage structure object at the server side, generating a check code of the Javascript storage structure object data, and sending the check code back to the browser in a JSON character string mode;
6) the browser client analyzes the JSON, updates JavaScript storage structure object data in the local storage in the step 1) and check code information of the JavaScript storage structure object, and clears a user name and a password in a login page;
7) Inputting a user name and a password in a login page, verifying the non-vacancy and integrity of the Javascript storage structure object locally stored in the step 1), preventing local storage information from being deleted or tampered during login, and returning to execute the step 4 if verification fails;
8) Reading an object state identification string in the Javascript storage structure object in the step 1), if the object state identification string is data-free, indicating that a new user logs in and resource conflict does not exist between the object state identification string and other logged-in users, and performing user password verification operation, namely executing the operation according to the step 10);
9) carrying out uniqueness identity check on the user name input by the current login page, if the user name and the password are in accordance with requirements, carrying out user name and password detection, and if not, refusing login operation;
10) And (2) checking a user name and a password, if the user name and the password are checked, updating corresponding contents in a local storage according to the login state array contents in the step 1), entering a system main page, if the login state array contents are first login, modifying the object state identification string into data, if the login state array contents are specific login, modifying the login mark attribute of the current user into a normal login state, and if the login state array contents are second login, not updating the local storage contents.
2. The identity uniqueness check control method based on the HTML5 local storage mechanism as claimed in claim 1, wherein the specific generation step of the check code of the Javascript storage structure object in step 5) is as follows:
1) Encrypting the created Javascript storage structure object;
2) and calculating and acquiring the verification code of the encrypted data of the Javascript storage structure object by using a HASH algorithm.
3. The identity uniqueness check control method according to claim 2, wherein the HTML5 local storage mechanism is based on the shash algorithm selected from the SHA1, MD5 and SHA2 algorithms.
4. the identity uniqueness check control method based on the HTML5 local storage mechanism as claimed in claim 1, wherein the integrity check of the Javascript storage structure object in the local storage in step 7) comprises the following specific steps:
1) calculating the HASH value of the encrypted data of the Javascript storage structure object in the local storage;
2) And comparing the HASH value with the HASH value of the Javascript storage structure object stored in the local storage, if the HASH value is the same as the HASH value, the Javascript storage structure object is not tampered, otherwise, the data is tampered, and the Javascript storage structure object needs to be downloaded again.
5. the identity uniqueness check control method based on the HTML5 local storage mechanism as claimed in claim 1, wherein the identity check of the user name input in the current login page in step 9) comprises the following specific steps:
1) judging whether the user name input by the login page is the same as the login ID in the Javascript storage structure object in the local storage, if so, indicating that the same user logs in for the second time, and detecting the user name and the password;
2) If the user names are different, different user names are shown to log in the same computer, the login authority identification attribute of the user name input by the login page is detected, and if the user name and the password are logged in at high authority, the user name and the password are detected;
3) and if the login mark attribute is normal login, rejecting subsequent operation, displaying an error, and prompting two different users that login cannot be performed on the same computer.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910766741.3A CN110572371B (en) | 2019-08-20 | 2019-08-20 | Identity uniqueness check control method based on HTML5 local storage mechanism |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910766741.3A CN110572371B (en) | 2019-08-20 | 2019-08-20 | Identity uniqueness check control method based on HTML5 local storage mechanism |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110572371A true CN110572371A (en) | 2019-12-13 |
| CN110572371B CN110572371B (en) | 2021-07-13 |
Family
ID=68774025
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910766741.3A Active CN110572371B (en) | 2019-08-20 | 2019-08-20 | Identity uniqueness check control method based on HTML5 local storage mechanism |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110572371B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113626800A (en) * | 2021-08-12 | 2021-11-09 | 中国北方车辆研究所 | Vehicle information system authority management method |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103401957A (en) * | 2013-08-07 | 2013-11-20 | 五八同城信息技术有限公司 | Method for identifying client machine uniquely in web environment |
| CN104301316A (en) * | 2014-10-13 | 2015-01-21 | 中国电子科技集团公司第二十八研究所 | Single sign-on system and implementation method thereof |
| US9325696B1 (en) * | 2012-01-31 | 2016-04-26 | Google Inc. | System and method for authenticating to a participating website using locally stored credentials |
| CN105721502A (en) * | 2016-04-11 | 2016-06-29 | 上海上实龙创智慧能源科技股份有限公司 | Authorized access method for browser client and server |
| US20170366547A1 (en) * | 2015-06-02 | 2017-12-21 | ALTR Solutions, Inc. | Remotely deauthenticating a user from a web-based application using a centralized login server |
| CN108153772A (en) * | 2016-12-05 | 2018-06-12 | 天脉聚源(北京)科技有限公司 | A kind of method and system for exempting from password login webpage |
| US20180332027A1 (en) * | 2007-06-22 | 2018-11-15 | Google Llc | Web based system that allows users to log into websites without entering username and password information |
| CN109462602A (en) * | 2018-12-13 | 2019-03-12 | 平安普惠企业管理有限公司 | Log-on message storage method, login validation method, device, equipment and medium |
-
2019
- 2019-08-20 CN CN201910766741.3A patent/CN110572371B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20180332027A1 (en) * | 2007-06-22 | 2018-11-15 | Google Llc | Web based system that allows users to log into websites without entering username and password information |
| US9325696B1 (en) * | 2012-01-31 | 2016-04-26 | Google Inc. | System and method for authenticating to a participating website using locally stored credentials |
| CN103401957A (en) * | 2013-08-07 | 2013-11-20 | 五八同城信息技术有限公司 | Method for identifying client machine uniquely in web environment |
| CN104301316A (en) * | 2014-10-13 | 2015-01-21 | 中国电子科技集团公司第二十八研究所 | Single sign-on system and implementation method thereof |
| US20170366547A1 (en) * | 2015-06-02 | 2017-12-21 | ALTR Solutions, Inc. | Remotely deauthenticating a user from a web-based application using a centralized login server |
| CN105721502A (en) * | 2016-04-11 | 2016-06-29 | 上海上实龙创智慧能源科技股份有限公司 | Authorized access method for browser client and server |
| CN108153772A (en) * | 2016-12-05 | 2018-06-12 | 天脉聚源(北京)科技有限公司 | A kind of method and system for exempting from password login webpage |
| CN109462602A (en) * | 2018-12-13 | 2019-03-12 | 平安普惠企业管理有限公司 | Log-on message storage method, login validation method, device, equipment and medium |
Non-Patent Citations (1)
| Title |
|---|
| 张成的CSDN: "HTML5本地存储Localstorage实现注册登录以及验证", 《HTTPS://BLOG.CSDN.NET/QQ_35607510/ARTICLE/DETAILS/75221023》 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113626800A (en) * | 2021-08-12 | 2021-11-09 | 中国北方车辆研究所 | Vehicle information system authority management method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110572371B (en) | 2021-07-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9479526B1 (en) | Dynamic comparative analysis method and apparatus for detecting and preventing code injection and other network attacks | |
| US9473568B2 (en) | Detecting code injections through cryptographic methods | |
| EP2179532B1 (en) | System and method for authentication, data transfer, and protection against phishing | |
| US7673135B2 (en) | Request authentication token | |
| US20180020008A1 (en) | Secure asynchronous communications | |
| US8818906B1 (en) | Systems and methods for performing authentication of a customer interacting with a banking platform | |
| US11240228B2 (en) | Data security utilizing historical password data | |
| US8650405B1 (en) | Authentication using dynamic, client information based PIN | |
| US9015817B2 (en) | Resilient and restorable dynamic device identification | |
| US10694330B2 (en) | Validating mobile applications for accessing regulated content | |
| KR20190127124A (en) | Method and apparatus for verifying integrity of source code and related data using blockchain | |
| CN111143808B (en) | System security authentication method and device, computing equipment and storage medium | |
| CN113676452A (en) | Replay attack resisting method and system based on one-time secret key | |
| CN108028843A (en) | Passive type web application firewalls | |
| US9860230B1 (en) | Systems and methods for digitally signing executables with reputation information | |
| Ivanov et al. | Ethclipper: a clipboard meddling attack on hardware wallets with address verification evasion | |
| CN106709281A (en) | Patch releasing and obtaining method and device | |
| CN110572371B (en) | Identity uniqueness check control method based on HTML5 local storage mechanism | |
| US11057215B1 (en) | Automated hash validation | |
| CN109145543B (en) | Identity authentication method | |
| CN116010926A (en) | Login authentication method, login authentication device, computer equipment and storage medium | |
| CN112738249B (en) | File uploading method, device, equipment and storage medium based on quantitative transaction | |
| CN113672888A (en) | Cloud platform access method, device and system and cloud platform server | |
| AU2014200698B2 (en) | A computer-implemented method for detecting domain injection or evasion | |
| CN111614620A (en) | Database access control method, system and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |