CN116208378B - Method, device and equipment for preventing user from logging in repeatedly - Google Patents
Method, device and equipment for preventing user from logging in repeatedly Download PDFInfo
- Publication number
- CN116208378B CN116208378B CN202310004404.7A CN202310004404A CN116208378B CN 116208378 B CN116208378 B CN 116208378B CN 202310004404 A CN202310004404 A CN 202310004404A CN 116208378 B CN116208378 B CN 116208378B
- Authority
- CN
- China
- Prior art keywords
- user
- session
- request
- server
- judging
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 53
- 235000014510 cooky Nutrition 0.000 claims abstract description 52
- 238000012795 verification Methods 0.000 claims description 9
- 230000004044 response Effects 0.000 claims description 2
- 230000004630 mental health Effects 0.000 description 26
- 238000010586 diagram Methods 0.000 description 10
- 238000004590 computer program Methods 0.000 description 9
- 230000006870 function Effects 0.000 description 9
- 230000006872 improvement Effects 0.000 description 8
- 230000008569 process Effects 0.000 description 7
- 238000012545 processing Methods 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 5
- 230000003287 optical effect Effects 0.000 description 3
- 238000004519 manufacturing process Methods 0.000 description 2
- 230000003340 mental effect Effects 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- BLRPTPMANUNPDV-UHFFFAOYSA-N Silane Chemical compound [SiH4] BLRPTPMANUNPDV-UHFFFAOYSA-N 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000036541 health Effects 0.000 description 1
- 230000005055 memory storage Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/108—Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
Abstract
The embodiment of the specification discloses a method for preventing a user from logging in repeatedly, which comprises the steps of receiving a user logging request through a server, judging whether the user logging request in a browser carries a Cookie session ID or not to preliminarily judge whether the user is logged in or not, and if the preliminary judgment result shows that the user logging request in the browser does not carry the Cookie session ID, further judging whether the user has an active session or not through the server, so as to further judge whether the user logs in or not, further preventing the user from logging in repeatedly, and further preventing information in an application system from being leaked or tampered.
Description
Technical Field
The present application relates to the field of computer data processing technologies, and in particular, to a method, an apparatus, and a device for preventing a user from logging in repeatedly.
Background
The mental health work of schools is an important link of education for teenagers and students, and students with mental health problems or mental crisis states can be screened timely and effectively through establishing a student mental health management platform, and intervention treatment and tracking are performed timely, so that the harm to self, groups and even campus safety is reduced.
Based on the Internet plus big data platform, users with different roles, such as students, school mental health teachers and school leaders, can control the mental health condition of the students and intervene in time by registering the school mental health information platform respectively, so that the problems are solved, and the healthy growth of the teenagers is facilitated; however, at present, aiming at a mental health management platform of a school, a teacher or a leading registered account can be used by multiple persons at the same time under the condition of known passwords, so that mental health information of students is revealed or tampered under the condition of account and password disclosure, and further subsequent intervention aiming at the mental health problem of the students is affected. Therefore, how to provide a method for preventing multiple people from logging in the same account at the same time is a technical problem to be solved.
Disclosure of Invention
The embodiment of the specification provides a method, a device and equipment for preventing a user from logging in repeatedly, so as to solve the problem of account safety existing in the existing user logging method.
In order to solve the above technical problems, the embodiments of the present specification are implemented as follows:
the method for preventing the user from logging in repeatedly provided by the embodiment of the specification can comprise the following steps:
the server receives a user login request;
judging whether a user login request in a browser carries a Cookie session ID or not to obtain a first judgment result;
if the first judgment result indicates that the user login request in the browser does not carry the Cookie session ID, the server judges whether the user has an active session or not, and a second judgment result is obtained;
and if the second judging result indicates that the user does not have an active session, allowing the user to log in the request.
An apparatus for preventing a user from logging in repeatedly provided in an embodiment of the present disclosure may include:
the login request receiving module is used for receiving a user login request by the server;
the first judging module is used for judging whether a user login request in the browser carries a Cookie session ID or not to obtain a first judging result;
the second judging module is used for judging whether an active session exists in the user or not by the server if the first judging result indicates that the user login request in the browser does not carry the Cookie session ID, and obtaining a second judging result;
and the login decision module is used for allowing the user to login the request if the second judgment result indicates that the user does not have an active session.
The device for preventing repeated login of a user provided in the embodiment of the present specification includes:
at least one processor; the method comprises the steps of,
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to:
receiving a user login request;
judging whether a user login request in a browser carries a Cookie session ID or not to obtain a first judgment result;
if the first judgment result indicates that the user login request in the browser does not carry the Cookie session ID, the server judges whether the user has an active session or not, and a second judgment result is obtained;
and if the second judging result indicates that the user does not have an active session, allowing the user to log in the request.
At least one embodiment of the present disclosure can achieve the following beneficial effects: judging whether a user login request in a browser carries a Cookie session ID or not to preliminarily judge whether the user logs in, if the preliminary judgment result shows that the user login request in the browser does not carry the Cookie session ID, judging whether the user has an active session or not by a server, further judging whether the user logs in or not, preventing the user from logging in repeatedly, and further preventing information in an application system from being leaked or tampered.
Drawings
In order to more clearly illustrate the embodiments of the present description or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described below, it being obvious that the drawings in the following description are only some embodiments described in the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a method for preventing a user from logging in repeatedly according to an embodiment of the present disclosure;
FIG. 2 is a schematic structural diagram of a device for preventing a user from logging in repeatedly according to an embodiment of the present disclosure;
fig. 3 is a schematic structural diagram of an apparatus for preventing a user from logging in repeatedly according to an embodiment of the present disclosure.
Detailed Description
For the purposes of making the objects, technical solutions and advantages of one or more embodiments of the present specification more clear, the technical solutions of one or more embodiments of the present specification will be clearly and completely described below in connection with specific embodiments of the present specification and corresponding drawings. It will be apparent that the described embodiments are only some, but not all, of the embodiments of the present specification. All other embodiments, which can be made by one of ordinary skill in the art based on the embodiments herein without undue burden, are intended to be within the scope of one or more embodiments herein.
The following describes in detail the technical solutions provided by the embodiments of the present specification with reference to the accompanying drawings.
In the prior art, the mental health work of schools is an important link of education for teenagers and students can timely and effectively screen students with mental health problems or mental crisis states by establishing a student mental health management platform, and timely intervene, process and track the students, so that the harm of self, groups and even campus safety is reduced.
Based on the Internet plus big data platform, users with different roles, such as students, school mental health teachers and school leaders, can control the mental health condition of the students and intervene in time by registering the school mental health information platform respectively, so that the problems are solved, and the healthy growth of the teenagers is facilitated; however, at present, aiming at a mental health management platform of a school, a teacher or a leading registered account can be used by multiple persons at the same time under the condition of known passwords, so that mental health information of students is revealed or tampered under the condition of account and password disclosure, and further subsequent intervention aiming at the mental health problem of the students is affected. Therefore, how to provide a method for preventing multiple people from logging in the same account at the same time is a technical problem to be solved.
In order to solve the drawbacks of the prior art, the present solution provides the following embodiments:
fig. 1 is a flowchart of a method for preventing a user from logging in repeatedly according to an embodiment of the present disclosure. From a program perspective, the execution subject of the flow may be an application server.
As shown in fig. 1, the process may include the steps of:
step 102: and the server receives a user login request.
In the embodiment of the present disclosure, the server may be a server carried by an application that needs to be used by a user, and the application may specifically be a mental health management platform. Typically, a user may input a user account number and a password at a client of the physical health management platform to represent a request for the user to log in to an application system, and a server may receive the user login request through a network connection.
Step 104: judging whether a user login request in a browser carries a Cookie session ID or not, and obtaining a first judging result.
In the embodiment of the present disclosure, if the user has logged in the application system, the session ID is stored in the Cookie in the browser that logs in the application system, so it may be determined whether the user has logged in the application system by determining whether the Cookie session ID is carried in the browser.
Step 106: if the first judgment result indicates that the user login request in the browser does not carry the Cookie session ID, the server judges whether the user has an active session or not, and a second judgment result is obtained.
In the embodiment of the specification, the assumption that the browser does not carry the Cookie session ID indicates that the user may not send any request in the browser, but the account is still in a login state; after the user logs in the application system, the server allocates a session ID for the user, and the server can have active sessions of the user, so that whether the user has logged in can be judged by judging whether the active sessions aiming at the user exist in the service.
Step 108: and if the second judging result indicates that the user does not have an active session, allowing the user to log in the request.
In the embodiment of the present disclosure, if no session active for the user exists in the server, the current state of the user is not logged in, which belongs to the first login, so that the user can be allowed to log in; if the active session of the user exists in the server, the user is logged in, an account number is sent to a logged-in client to log in other equipment and log out, and if the logged-in client logs out, a login request of the current user is allowed.
In practical applications, a user of the mental health management platform may be a mental health consultant responsible for mental health management of a student, and if the current mental health consultant cannot give lessons to the student or answer the mental health problem consulted by the student due to personal reasons (such as leave), the current account may be logged in by other mental health consultants or school leaders to ensure the mental health safety of the student.
It should be understood that the method according to one or more embodiments of the present disclosure may include the steps in which some of the steps are interchanged as needed, or some of the steps may be omitted or deleted.
In the method in fig. 1, whether a user logs in a browser carries a Cookie session ID is determined primarily, if the result of the primary determination indicates that the user logs in the browser does not carry the Cookie session ID, the server determines whether the user has an active session, thereby further determining whether the user logs in, preventing the user from logging in repeatedly, and further preventing information in an application system from being revealed or tampered.
Based on the method of fig. 1, the examples of the present specification also provide some specific implementations of the method, as described below.
Optionally, before the first judgment result is obtained, whether the user login request in the browser carries the Cookie session ID may further include:
a session ID is assigned to the initial login user.
The session ID of the initial login user is stored in a database of the server.
The determining whether the user has an active session, to obtain a second determination result may specifically include:
judging whether the session ID of the login user exists in the database of the server or not, and obtaining a second judging result.
In the embodiment of the present disclosure, when a user logs in for the first time, a server allocates a session ID for the logged-in user and stores the session ID in a database of the server, where the database may be a MySql database; and simultaneously, the session ID can be transmitted to the cookie of the browser, and the cookie session ID can be carried by a user by sending any request to the server through the browser.
Optionally, the method may further include:
and if the first judgment result indicates that the user login request in the browser carries the Cookie session ID, judging whether the Cookie session ID is consistent with the session ID stored in the database of the server, and obtaining a third judgment result.
And if the third result shows that the cookie session ID is consistent with the session ID stored in the database of the server, allowing the user to normally access.
In the embodiment of the present disclosure, a user sends any request to a server through a browser, where the Cookie session ID carried by a user login request is carried by the user, and if the Cookie session ID carried by the user login request is consistent with the session ID stored in the database of the server, it is indicated that the user sending the login request is the same user as the current login user, and normal access request of the user can be allowed.
Optionally, the method may further include:
and judging whether the session time carried in the user request is within the session validity period, and obtaining a fourth judgment result.
And if the fourth judgment result shows that the session time carried in the user request is within the session validity period, responding to the user request.
And if the fourth judgment result shows that the session time carried in the user request is not within the session validity period, logging out.
In the embodiment of the present disclosure, the session information of the user stored in the database of the server may have a time-efficient validity period, and the validity time of the session information of the user may be set according to a specific situation, which is not particularly limited herein. For example, setting the effective time of the session information of the user to be 24 hours, if the server saves the session information of the user in the storage area for 24 hours and then the server does not update the session information of the user in the storage area, the session information of the user in the storage area is invalid and deleted; the user request can carry the session time, if the user sends the request session time exceeds the set session information effective time of the user, the user can send prompt information of ' login timeout ' to request to log in again ' so as to prompt and exit the current login user.
Optionally, before the determining whether the user login request in the browser carries the Cookie session ID to obtain the first determination result, the determining further includes:
and acquiring the identity verification information of the user.
And judging whether the authentication information of the user is consistent with the authentication information stored in the server, and obtaining a fifth judgment result.
The determining whether the user login request in the browser carries the Cookie session ID may specifically include:
and if the fifth judging result shows that the authentication information of the user is consistent with the authentication information stored in the server, judging whether the user login request in the browser carries a Cookie session ID.
In the embodiment of the specification, a user can send authentication information such as a user name and a password of the user to a server through a client, and the server can judge whether the user name and the password are correct or not through the authentication information stored in the server in advance.
Based on the same thought, the embodiment of the specification also provides a device corresponding to the method. Fig. 2 is a schematic structural diagram of a device for preventing a user from logging in repeatedly, corresponding to fig. 1, according to an embodiment of the present disclosure. As shown in fig. 2, the apparatus may include:
the login request receiving module 202 is configured to receive a user login request from a server.
The first determining module 204 is configured to determine whether the user login request in the browser carries a Cookie session ID, so as to obtain a first determination result.
And a second judging module 206, configured to, if the first judging result indicates that the user login request in the browser does not carry the Cookie session ID, judge whether an active session exists for the user by using the server, and obtain a second judging result.
And a login decision module 208, configured to allow the user to login to the request if the second determination result indicates that the user does not have an active session.
The present examples also provide some embodiments of the method based on the apparatus of fig. 2, as described below.
Optionally, the apparatus in fig. 2 may further include:
the session ID allocation module is used for allocating session IDs for initial login users;
the storage module is used for storing the session ID of the initial login user into a database of the server;
the second judging module may specifically be configured to:
judging whether the session ID of the login user exists in the database of the server or not, and obtaining a second judging result.
Optionally, the apparatus in fig. 2 may further include:
and the third judging module is used for judging whether the Cookie session ID is consistent with the session ID stored in the database of the server or not if the first judging result indicates that the user login request in the browser carries the Cookie session ID, so as to obtain a third judging result.
And the access permission module is used for permitting the user to normally access if the third result indicates that the cookie session ID is consistent with the session ID stored in the database of the server.
Optionally, the apparatus in fig. 2 may further include:
the fourth judging module is used for judging whether the session time carried in the user request is within the session validity period or not to obtain a fourth judging result;
the user request response module is used for responding to the user request if the fourth judgment result shows that the session time carried in the user request is within the session validity period;
and the login and logout module is used for logging out if the fourth judgment result indicates that the session time carried in the user request is not within the session validity period.
Optionally, the apparatus in fig. 2 may further include:
the user identity information acquisition module is used for acquiring the identity verification information of the user;
a fifth judging module, configured to judge whether the authentication information of the user is consistent with the authentication information stored in the server, to obtain a fifth judging result;
the first determining module 204 may specifically be configured to:
and if the fifth judging result shows that the authentication information of the user is consistent with the authentication information stored in the server, judging whether the user login request in the browser carries a Cookie session ID.
Based on the same thought, the embodiment of the specification also provides equipment corresponding to the method.
Fig. 3 is a schematic structural diagram corresponding to fig. 1 of a device for preventing a user from logging in repeatedly according to an embodiment of the present disclosure. As shown in fig. 3, the apparatus 300 may include:
at least one processor 310; the method comprises the steps of,
a memory 330 communicatively coupled to the at least one processor; wherein,
the memory 330 stores instructions 320 executable by the at least one processor 310, the instructions being executable by the at least one processor 310 to enable the at least one processor 310 to:
and receiving a user login request.
Judging whether a user login request in a browser carries a Cookie session ID or not, and obtaining a first judging result.
If the first judgment result indicates that the user login request in the browser does not carry the Cookie session ID, the server judges whether the user has an active session or not, and a second judgment result is obtained.
And if the second judging result indicates that the user does not have an active session, allowing the user to log in the request.
In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for a device for preventing a user from repeatedly logging in as shown in fig. 3, the description is relatively simple, as it is substantially similar to the method embodiment, with reference to the partial description of the method embodiment.
In the 90 s of the 20 th century, improvements to one technology could clearly be distinguished as improvements in hardware (e.g., improvements to circuit structures such as diodes, transistors, switches, etc.) or software (improvements to the process flow). However, with the development of technology, many improvements of the current method flows can be regarded as direct improvements of hardware circuit structures. Designers almost always obtain corresponding hardware circuit structures by programming improved method flows into hardware circuits. Therefore, an improvement of a method flow cannot be said to be realized by a hardware entity module. For example, a programmable logic device (ProgrammableLogicDevice, PLD), such as a Field programmable gate array (Field ProgrammableGateArray, FPGA), is an integrated circuit whose logic function is determined by the programming of the device by a user. A designer programs to "integrate" a digital system onto a PLD without requiring the chip manufacturer to design and fabricate application-specific integrated circuit chips. Moreover, nowadays, instead of manually manufacturing integrated circuit chips, such programming is mostly implemented by using "logic compiler" software, which is similar to the software compiler used in program development and writing, and the original code before the compiling is also written in a specific programming language, which is called hardware description language (HardwareDescriptionLanguage, HDL), and HDL is not only one but a plurality of kinds, such as ABEL (AdvancedBooleanExpressionLanguage), AHDL (Altera HardwareDescriptionLanguage), confluence, CUPL (CornellUniversity ProgrammingLanguage), HDCal, JHDL (javahard description language), lava, lola, myHDL, PALASM, RHDL (rubyhardhard description language), and so on, and VHDL (Very-High-SpeedIntegratedCircuitHardware DescriptionLanguage) and Verilog are most commonly used at present. It will also be apparent to those skilled in the art that a hardware circuit implementing the logic method flow can be readily obtained by merely slightly programming the method flow into an integrated circuit using several of the hardware description languages described above.
The controller may be implemented in any suitable manner, for example, the controller may take the form of, for example, a microprocessor or processor and a computer readable medium storing computer readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, application specific integrated circuits (Application SpecificIntegratedCircuit, ASIC), programmable logic controllers, and embedded microcontrollers, examples of which include, but are not limited to, the following microcontrollers: ARC625D, atmelAT91SAM, microchipPIC F26K20 and silicane labsc8051F320, the memory controller may also be implemented as part of the control logic of the memory. Those skilled in the art will also appreciate that, in addition to implementing the controller in a pure computer readable program code, it is well possible to implement the same functionality by logically programming the method steps such that the controller is in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers, etc. Such a controller may thus be regarded as a kind of hardware component, and means for performing various functions included therein may also be regarded as structures within the hardware component. Or even means for achieving the various functions may be regarded as either software modules implementing the methods or structures within hardware components.
The system, apparatus, module or unit set forth in the above embodiments may be implemented in particular by a computer chip or entity, or by a product having a certain function. One typical implementation is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.
For convenience of description, the above devices are described as being functionally divided into various units, respectively. Of course, the functions of each element may be implemented in the same piece or pieces of software and/or hardware when implementing the present application.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In one typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, etc., such as Read Only Memory (ROM) or flash memory (flashRAM). Memory is an example of computer-readable media.
Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Disks (DVD) or other optical storage, magnetic cassettes, magnetic tape disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transshipment) such as modulated data signals and carrier waves.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises the element.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The application may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The application may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
The foregoing is merely exemplary of the present application and is not intended to limit the present application. Various modifications and variations of the present application will be apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. which come within the spirit and principles of the application are to be included in the scope of the claims of the present application.
Claims (9)
1. A method for preventing a user from logging in repeatedly, the method comprising:
the server receives a user login request;
acquiring identity verification information of the user;
when the identity verification information of the user is consistent with the identity verification information stored in the server, judging whether a user login request in a browser carries a Cookie session ID or not, and obtaining a first judgment result; the Cookie session ID is allocated by the server when the user logs in for the first time;
if the first judgment result indicates that the user login request in the browser does not carry the Cookie session ID, the server judges whether the user has an active session or not, and a second judgment result is obtained;
and if the second judging result indicates that the user does not have an active session, allowing the user to log in the request.
2. The method of claim 1, wherein the determining whether the user login request in the browser carries the Cookie session ID, before obtaining the first determination result, further includes:
a session ID is allocated for the initial login user;
storing the session ID of the initial login user into a database of a server;
the step of judging whether the user has an active session or not to obtain a second judgment result specifically includes:
judging whether the session ID of the login user exists in the database of the server or not, and obtaining a second judging result.
3. The method according to claim 2, wherein the method further comprises:
if the first judgment result indicates that the user login request in the browser carries the Cookie session ID, judging whether the Cookie session ID is consistent with the session ID stored in the database of the server or not, and obtaining a third judgment result;
and if the third judgment result shows that the Cookie session ID is consistent with the session ID stored in the database of the server, allowing the user to normally access.
4. The method according to claim 2, wherein the method further comprises:
judging whether the session time carried in the user request is within the session validity period, and obtaining a fourth judgment result;
if the fourth judgment result shows that the session time carried in the user request is within the session validity period, responding to the user request;
and if the fourth judgment result shows that the session time carried in the user request is not within the session validity period, logging out.
5. An apparatus for preventing a user from logging in repeatedly, the apparatus comprising:
the login request receiving module is used for receiving a user login request by the server;
the user identity information acquisition module is used for the identity verification information of the user;
the first judging module is used for judging whether a user login request in a browser carries a Cookie session ID or not when the identity authentication information of the user is consistent with the identity authentication information stored in the server, so as to obtain a first judging result; the Cookie session ID is allocated by the server when the user logs in for the first time;
the second judging module is used for judging whether an active session exists in the user or not by the server if the first judging result indicates that the user login request in the browser does not carry the Cookie session ID, and obtaining a second judging result;
and the login decision module is used for allowing the user to login the request if the second judgment result indicates that the user does not have an active session.
6. The apparatus of claim 5, wherein the apparatus further comprises:
the session ID allocation module is used for allocating session IDs for initial login users;
the storage module is used for storing the session ID of the initial login user into a database of the server;
the second judging module is specifically configured to:
judging whether the session ID of the login user exists in the database of the server or not, and obtaining a second judging result.
7. The apparatus of claim 6, wherein the apparatus further comprises:
the third judging module is used for judging whether the Cookie session ID is consistent with the session ID stored in the database of the server or not if the first judging result indicates that the user login request in the browser carries the Cookie session ID, so as to obtain a third judging result;
and the access permission module is used for permitting the user to normally access if the third judgment result indicates that the Cookie session ID is consistent with the session ID stored in the database of the server.
8. The apparatus of claim 6, wherein the apparatus further comprises:
the fourth judging module is used for judging whether the session time carried in the user request is within the session validity period or not to obtain a fourth judging result;
the user request response module is used for responding to the user request if the fourth judgment result shows that the session time carried in the user request is within the session validity period;
and the login and logout module is used for logging out if the fourth judgment result indicates that the session time carried in the user request is not within the session validity period.
9. An apparatus for preventing a user from repeatedly logging in, the apparatus comprising:
at least one processor; the method comprises the steps of,
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to:
receiving a user login request;
acquiring identity verification information of the user;
when the identity verification information of the user is consistent with the identity verification information stored in the equipment, judging whether a user login request in a browser carries a Cookie session ID or not, and obtaining a first judgment result; the Cookie session ID is allocated by the device when the user logs in for the first time;
if the first judgment result indicates that the user login request in the browser does not carry the Cookie session ID, the equipment judges whether the user has an active session or not, and a second judgment result is obtained;
and if the second judging result indicates that the user does not have an active session, allowing the user to log in the request.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310004404.7A CN116208378B (en) | 2023-01-03 | 2023-01-03 | Method, device and equipment for preventing user from logging in repeatedly |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310004404.7A CN116208378B (en) | 2023-01-03 | 2023-01-03 | Method, device and equipment for preventing user from logging in repeatedly |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116208378A CN116208378A (en) | 2023-06-02 |
| CN116208378B true CN116208378B (en) | 2023-11-24 |
Family
ID=86513943
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310004404.7A Active CN116208378B (en) | 2023-01-03 | 2023-01-03 | Method, device and equipment for preventing user from logging in repeatedly |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116208378B (en) |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101075990A (en) * | 2007-06-13 | 2007-11-21 | 腾讯科技(深圳)有限公司 | Method for issuing instant telecommunication software and instant telecommunication server |
| CN101510877A (en) * | 2009-02-25 | 2009-08-19 | 中国网络通信集团公司 | Single-point logging-on method and system, communication apparatus |
| CN103067404A (en) * | 2013-01-10 | 2013-04-24 | 上海斐讯数据通信技术有限公司 | Method for accessing embedded web server by users |
| CN103248489A (en) * | 2013-05-17 | 2013-08-14 | 刘琦 | Method for realizing client login through intelligent terminal, server and intelligent terminal |
| CN103763326A (en) * | 2014-01-28 | 2014-04-30 | 广州一呼百应网络技术有限公司 | Website one-stop log-in method and system based on Memcache and Cookie |
| CN105141605A (en) * | 2015-08-19 | 2015-12-09 | 金蝶软件(中国)有限公司 | Session method, web server and browser |
| CN108600203A (en) * | 2018-04-11 | 2018-09-28 | 四川长虹电器股份有限公司 | Secure Single Sign-on method based on Cookie and its unified certification service system |
| CN109246076A (en) * | 2018-08-01 | 2019-01-18 | 北京奇虎科技有限公司 | A kind of method and apparatus of single-sign-on multisystem |
| CN110968760A (en) * | 2018-09-30 | 2020-04-07 | 北京国双科技有限公司 | Webpage data crawling method and device, and webpage login method and device |
| CN111107073A (en) * | 2019-12-11 | 2020-05-05 | 数字广东网络建设有限公司 | Application automatic login method and device, computer equipment and storage medium |
| CN111814133A (en) * | 2020-05-27 | 2020-10-23 | 平安国际智慧城市科技股份有限公司 | Unified login method and device for mobile application |
| CN112769826A (en) * | 2021-01-08 | 2021-05-07 | 深信服科技股份有限公司 | Information processing method, device, equipment and storage medium |
| CN112765583A (en) * | 2021-01-27 | 2021-05-07 | 海尔数字科技(青岛)有限公司 | Single sign-on method, device, equipment and medium |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8370908B2 (en) * | 2009-06-10 | 2013-02-05 | Microsoft Corporation | Decreasing login latency |
-
2023
- 2023-01-03 CN CN202310004404.7A patent/CN116208378B/en active Active
Patent Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101075990A (en) * | 2007-06-13 | 2007-11-21 | 腾讯科技(深圳)有限公司 | Method for issuing instant telecommunication software and instant telecommunication server |
| CN101510877A (en) * | 2009-02-25 | 2009-08-19 | 中国网络通信集团公司 | Single-point logging-on method and system, communication apparatus |
| CN103067404A (en) * | 2013-01-10 | 2013-04-24 | 上海斐讯数据通信技术有限公司 | Method for accessing embedded web server by users |
| CN103248489A (en) * | 2013-05-17 | 2013-08-14 | 刘琦 | Method for realizing client login through intelligent terminal, server and intelligent terminal |
| CN103763326A (en) * | 2014-01-28 | 2014-04-30 | 广州一呼百应网络技术有限公司 | Website one-stop log-in method and system based on Memcache and Cookie |
| CN105141605A (en) * | 2015-08-19 | 2015-12-09 | 金蝶软件(中国)有限公司 | Session method, web server and browser |
| CN108600203A (en) * | 2018-04-11 | 2018-09-28 | 四川长虹电器股份有限公司 | Secure Single Sign-on method based on Cookie and its unified certification service system |
| CN109246076A (en) * | 2018-08-01 | 2019-01-18 | 北京奇虎科技有限公司 | A kind of method and apparatus of single-sign-on multisystem |
| CN110968760A (en) * | 2018-09-30 | 2020-04-07 | 北京国双科技有限公司 | Webpage data crawling method and device, and webpage login method and device |
| CN111107073A (en) * | 2019-12-11 | 2020-05-05 | 数字广东网络建设有限公司 | Application automatic login method and device, computer equipment and storage medium |
| CN111814133A (en) * | 2020-05-27 | 2020-10-23 | 平安国际智慧城市科技股份有限公司 | Unified login method and device for mobile application |
| CN112769826A (en) * | 2021-01-08 | 2021-05-07 | 深信服科技股份有限公司 | Information processing method, device, equipment and storage medium |
| CN112765583A (en) * | 2021-01-27 | 2021-05-07 | 海尔数字科技(青岛)有限公司 | Single sign-on method, device, equipment and medium |
Non-Patent Citations (1)
| Title |
|---|
| 基于票据的单点登录***设计与实现;李晓永;王福喜;;现代电子技术(第13期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116208378A (en) | 2023-06-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3780539A1 (en) | Identity verification method, login method, apparatuses, and computer device | |
| CN108933713B (en) | Method and device for realizing sandbox debugging based on shadow link and business server | |
| CN110276178B (en) | Risk control method, device and equipment based on identity verification | |
| CN111611558B (en) | Identity verification method and device | |
| CN113408254B (en) | Page form information filling method, device, equipment and readable medium | |
| CN111683039A (en) | Authentication method, device and medium | |
| Elbitar et al. | Explanation beats context: The effect of timing & rationales on users' runtime permission decisions | |
| US11228598B2 (en) | Offline mode user authorization device and method | |
| CN116208378B (en) | Method, device and equipment for preventing user from logging in repeatedly | |
| US20150281218A1 (en) | Resetting authentication tokens based on implicit factors | |
| CN106921616A (en) | A kind of single-point logging method and device | |
| CN112231106A (en) | Access data processing method and device for Redis cluster | |
| CN111035931A (en) | Programming processing method and device and server | |
| US10938945B2 (en) | Systems and methods for controlling access to user content | |
| CN113849836A (en) | Information prompting method, device and equipment | |
| CN111368273B (en) | Identity verification method and device | |
| CN111143327B (en) | Data processing method and device | |
| Harmer | Leibniz on determinateness and possible worlds | |
| CN111400402A (en) | Data sharing method, device and equipment based on block chain | |
| CN116996475B (en) | Account use method, device, medium and equipment | |
| CN117058804B (en) | Voting method and device, storage medium and electronic equipment | |
| KR102118060B1 (en) | Method for task verification by other users based on block chain | |
| Wickramasinghe | Controlling Data Streams of IoT Devices in Smart Homes from a User Perspective | |
| US20160321439A1 (en) | Connection Prediction As Identity Verification | |
| Saldanha | WeDoCare-An IoT system to help vulnerable social groups |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |