CN116738405A - System login method, device, equipment and storage medium - Google Patents

System login method, device, equipment and storage medium Download PDF

Info

Publication number
CN116738405A
CN116738405A CN202310666549.3A CN202310666549A CN116738405A CN 116738405 A CN116738405 A CN 116738405A CN 202310666549 A CN202310666549 A CN 202310666549A CN 116738405 A CN116738405 A CN 116738405A
Authority
CN
China
Prior art keywords
authentication
credential
verification
login
authorization
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310666549.3A
Other languages
Chinese (zh)
Inventor
智益
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Bank of China Ltd
Original Assignee
Bank of China Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bank of China Ltd filed Critical Bank of China Ltd
Priority to CN202310666549.3A priority Critical patent/CN116738405A/en
Publication of CN116738405A publication Critical patent/CN116738405A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/41User authentication where a single sign-on provides access to a plurality of computers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The application provides a system login method, a device, equipment and a storage medium, which can be used in the field of big data. The method comprises the following steps: responding to the system switching login operation of the user, sending a credential application request to an authentication and authorization system, so that the authentication and authorization system generates an authentication credential according to the credential application request after receiving the credential application request, and sends the authentication credential to a first system; receiving an authentication credential sent by an authentication and authorization system; the authentication authorization system is used for verifying the authentication credentials in the credential verification request after receiving the credential verification request, and after the authentication is successful, the authentication result is sent to the second system, so that the login efficiency of system switching is improved.

Description

System login method, device, equipment and storage medium
Technical Field
The present application relates to the field of big data, and in particular, to a system login method, device, equipment, and storage medium.
Background
To meet the increasing data storage requirements and achieve better data processing results, the system often needs to be updated and replaced, and at the same time, the user needs to log in to a new system.
In the related art, after a system is updated, a great deal of user information of an old system needs to be migrated to a new system, an undelivered user cannot log in and use the new system, the new system cannot cover online functions of all the old systems at one time, only part of users can migrate to the new line for use, and if the old system users need to use the functions of the new system, two sets of same functions need to be developed.
However, the prior art method of switching system login is complex to implement, time-consuming and labor-consuming.
Disclosure of Invention
The application provides a system login method, a device, equipment and a storage medium, which are used for solving the problems of complex implementation, time consumption and labor consumption of a system login switching method in the prior art.
In a first aspect, the present application provides a system login method, applied to a first system, including:
responding to system switching login operation of a user, sending a credential application request to an authentication and authorization system, so that the authentication and authorization system generates an authentication credential according to the credential application request after receiving the credential application request, and sends the authentication credential to the first system;
Receiving an authentication credential sent by the authentication authorization system;
the method comprises the steps of jumping to a second system, sending the authentication credentials to the second system, enabling the second system to send a credential verification request to an authentication authorization system according to the authentication credentials after receiving the authentication credentials, and performing password-free login of a user according to a verification result sent by the authentication authorization system, wherein the authentication authorization system is used for verifying the authentication credentials in the credential verification request after receiving the credential verification request, and sending a verification result to the second system after verification is successful.
The application provides a method for quickly logging in a new system, if a user only registers user information in a first system or the user information is only stored in the first system, when the user wants to directly jump to log in a second system, the first system can initiate a credential application request to an authentication and authorization system, the authentication and authorization system generates an authentication credential, the first system transmits the authentication credential to the second system, the second system can acquire the user information according to the authentication credential to verify by the authentication and authorization system, so that the user can realize the password-free login of the user without a large amount of data migration, the user can flexibly realize login switching among the systems, the implementation mode is simple, the time and manpower and material resources are saved, and the efficiency is high.
Optionally, the sending, in response to the system switch login operation of the user, a credential application request to the authentication and authorization system includes:
responding to system switching login operation of a user, and acquiring login information of the user;
acquiring user information from a database according to the login information;
generating a credential application request according to the user information;
and sending a credential application request to an authentication and authorization system.
The first system directly acquires the user information according to the login information of the user, generates a credential authentication request according to the user information and transmits the credential authentication request to the authentication and authorization system, so that the authentication and authorization system can acquire the user information quickly and conveniently, the quick migration of the user information is realized, and conditions are provided for the user login of the second system.
In a second aspect, the present application provides a system login method, applied to an authentication and authorization system, including:
generating an authentication credential according to a credential application request after receiving the credential application request sent by a first system, wherein the credential application request is sent to an authentication authorization system by the first system in response to a system switching login operation of a user;
the authentication credentials are sent to the first system, so that the first system receives the authentication credentials sent by the authentication and authorization system, jumps to a second system and sends the authentication credentials to the second system, wherein the second system is used for sending credential verification requests to the authentication and authorization system according to the authentication credentials after receiving the authentication credentials;
After receiving a credential verification request sent by the second system, verifying an authentication credential in the credential verification request;
and after the verification is successful, sending a verification result to the second system, so that the second system performs password-free login of the user according to the verification result sent by the authentication and authorization system.
The authentication authorization system provides the generation and verification functions of the authentication credentials for other systems, when a user needs to jump from a first system which is already logged in to a second system which is not registered and logged in, the authentication authorization system can provide the authentication credentials for authentication, the second system can acquire user information to realize password-free login by means of verification of the authentication authorization system according to the credentials, and a large amount of user information does not need to be migrated before logging in, so that the realization mode is simple, the cost consumption of manpower and material resources is reduced, and the efficiency of system switching and updating is improved.
Optionally, the generating an authentication credential according to the credential application request includes:
acquiring user information according to the credential application request;
and generating an authentication credential through a hash algorithm according to the user information, the generation time and the random number.
According to the user information, the generation time and the random number, the authentication certificate is generated through the hash algorithm, the encryption mode is simple, safe and effective, and the efficiency and the safety of system login are improved.
Optionally, the verifying the authentication credential in the credential verification request includes:
acquiring the generation time of the authentication credentials;
determining whether the user verification is overtime according to the generation time;
if the user verification is not overtime, comparing the authentication credentials with a preset authentication credential database, and judging whether the verification is successful or not according to the comparison result;
if the verification is successful, decrypting the authentication credentials to obtain the user information;
correspondingly, the sending the verification result to the second system includes:
and transmitting user information to the second system.
When authentication credentials are verified, whether the verification is overtime is determined according to the generation time, so that the security of system login is further ensured, meanwhile, user information can be directly obtained according to decryption of the authentication credentials, rapid migration of the user information in a second system is realized, the security of system login is improved, and the complexity of system login is reduced.
In a third aspect, the present application provides a system login method, applied to a second system, including:
receiving an authentication credential sent by a first system, wherein the authentication credential is generated by an authentication authorization system according to a credential application request after receiving the credential application request sent by the first system, and the authentication credential is sent to the first system, and the credential application request is sent to the authentication authorization system by the first system in response to a system switching login operation of a user;
sending a credential verification request to the authentication and authorization system according to the authentication credential, so that the authentication and authorization system verifies the authentication credential in the credential verification request after receiving the credential verification request, and sends a verification result to the second system after verification is successful;
and performing password-free login of the user according to the verification result sent by the authentication and authorization system.
Here, if the second system receives the skip login request from the first system, verification can be initiated to the authentication authorization system through the authentication credentials sent by the first system, so that quick login is realized, and login efficiency and security are high.
Optionally, after the performing the password-free login of the user according to the verification result sent by the authentication and authorization system, the method further includes:
and storing the verification result.
The verification result can be user information or authentication credentials corresponding to the user, so that repeated authentication is not needed when the login request of the user is received next time, the password-free login of the user can be directly realized according to the stored verification result, the efficiency of cross-system login is further improved, the complexity is reduced, and the login cost and the login time are saved.
In a fourth aspect, the present application provides a system login method, applied to a system login system, where the system login system includes a first system, a second system, and an authentication and authorization system, and the method includes:
the first system responds to the system switching login operation of the user and sends a credential application request to an authentication and authorization system;
after receiving the credential application request, the authentication authorization system generates an authentication credential according to the credential application request;
the authentication authorization system sends the authentication credentials to the first system;
the first system jumps to a second system and sends the authentication credentials to the second system;
After receiving the authentication credentials, the second system sends a credential verification request to the authentication authorization system according to the authentication credentials;
after receiving the credential verification request, the authentication authorization system verifies an authentication credential in the credential verification request;
after the authentication authorization system is successfully verified, sending a verification result to the second system;
and the second system performs password-free login of the user according to the verification result sent by the authentication and authorization system.
In a fifth aspect, the present application provides a system login device, applied to a first system, including
The first sending module is used for responding to the system switching login operation of the user and sending a credential application request to the authentication and authorization system so that the authentication and authorization system generates an authentication credential according to the credential application request after receiving the credential application request and sends the authentication credential to the first system;
the first receiving module is used for receiving the authentication credentials sent by the authentication and authorization system;
the first processing module is used for jumping to a second system and sending the authentication credentials to the second system, so that the second system sends a credential verification request to the authentication authorization system according to the authentication credentials after receiving the authentication credentials, and performs password-free login of the user according to a verification result sent by the authentication authorization system, wherein the authentication authorization system is used for verifying the authentication credentials in the credential verification request after receiving the credential verification request, and sending a verification result to the second system after verification is successful.
Optionally, the first sending module is specifically configured to:
responding to system switching login operation of a user, and acquiring login information of the user;
acquiring user information from a database according to the login information;
generating a credential application request according to the user information;
and sending a credential application request to an authentication and authorization system.
In a sixth aspect, the present application provides a system login device, applied to an authentication and authorization system, including:
the system comprises a credential generation module, a first authentication authorization system and a second authentication authorization system, wherein the credential generation module is used for generating an authentication credential according to a credential application request sent by the first system after receiving the credential application request, wherein the credential application request is sent to the authentication authorization system by the first system in response to a system switching login operation of a user;
the second sending module is used for sending the authentication credentials to the first system so that the first system receives the authentication credentials sent by the authentication and authorization system, jumps to a second system and sends the authentication credentials to the second system, wherein the second system is used for sending a credential verification request to the authentication and authorization system according to the authentication credentials after receiving the authentication credentials;
The verification module is used for verifying the authentication credentials in the credential verification request after receiving the credential verification request sent by the second system;
and the third sending module is used for sending a verification result to the second system after the verification is successful, so that the second system performs password-free login of the user according to the verification result sent by the authentication and authorization system.
Optionally, the credential generation module is specifically configured to:
acquiring user information according to the credential application request;
and generating an authentication credential through a hash algorithm according to the user information, the generation time and the random number.
Optionally, the verification module is specifically configured to:
acquiring the generation time of the authentication credentials;
determining whether the user verification is overtime according to the generation time;
if the user verification is not overtime, comparing the authentication credentials with a preset authentication credential database, and judging whether the verification is successful or not according to the comparison result;
if the verification is successful, decrypting the authentication credentials to obtain the user information;
correspondingly, the third sending module is specifically configured to:
and transmitting user information to the second system.
In a seventh aspect, the present application provides a system login device, applied to a second system, including:
the second receiving module is used for receiving an authentication credential sent by a first system, wherein the authentication credential is generated by an authentication authorization system according to a credential application request after receiving the credential application request sent by the first system, and the authentication credential is sent to the first system, and the credential application request is sent to the authentication authorization system by the first system in response to a system switching login operation of a user;
a fourth sending module, configured to send a credential verification request to the authentication authorization system according to the authentication credential, so that the authentication authorization system verifies the authentication credential in the credential verification request after receiving the credential verification request, and sends a verification result to the second system after the verification is successful;
and the login module is used for performing password-free login of the user according to the verification result sent by the authentication and authorization system.
Optionally, after the login module is configured to perform password-free login of the user according to the verification result sent by the authentication and authorization system, the apparatus further includes:
And the storage module is used for storing the verification result.
In an eighth aspect, the present application provides a system login device, comprising: at least one processor and memory;
the memory stores computer-executable instructions;
the at least one processor executes the computer-executable instructions stored by the memory, causing the at least one processor to perform the system login method as described above in the first aspect and the various possible designs of the first aspect.
In a ninth aspect, the present application provides a computer readable storage medium having stored therein computer executable instructions which, when executed by a processor, implement the system login method according to the first aspect and the various possible designs of the first aspect.
In a tenth aspect, the present application provides a computer program product comprising a computer program which, when executed by a processor, implements the system login method according to the first aspect and the various possible designs of the first aspect.
In an eleventh aspect, the present application provides a system login device, comprising: at least one processor and memory;
the memory stores computer-executable instructions;
The at least one processor executes computer-executable instructions stored in the memory to cause the at least one processor to perform the system login method as described above in the second aspect and the various possible designs of the second aspect.
In a twelfth aspect, the present application provides a computer readable storage medium, in which computer executable instructions are stored, which when executed by a processor, implement the system login method according to the above second aspect and the various possible designs of the second aspect.
In a thirteenth aspect, the present application provides a computer program product comprising a computer program which, when executed by a processor, implements the system login method according to the above second aspect and the various possible designs of the second aspect.
In a fourteenth aspect, the present application provides a system login device, comprising: at least one processor and memory;
the memory stores computer-executable instructions;
the at least one processor executes computer-executable instructions stored by the memory, causing the at least one processor to perform the system login method as described above in the third aspect and the various possible designs of the third aspect.
In a fifteenth aspect, the present application provides a computer readable storage medium having stored therein computer executable instructions which, when executed by a processor, implement the system login method according to the third aspect and the various possible designs of the third aspect.
In a sixteenth aspect, the present application provides a computer program product comprising a computer program which, when executed by a processor, implements the system login method according to the above third aspect and the various possible designs of the third aspect.
The system login method, the device, the equipment and the storage medium provided by the application, wherein in the method, if a user only registers user information in a first system or the user information is only stored in the first system, when the user wants to directly jump to login in a second system, the first system can initiate a credential application request to an authentication and authorization system, the authentication and authorization system generates an authentication credential, the first system transmits the authentication credential to the second system, the second system can acquire the user information according to the authentication credential to verify by the authentication and authorization system, so that the user can realize password-free login without a large amount of data migration, the user can flexibly realize login switching among the systems, the implementation mode is simple, the time and manpower and material resources are saved, and the efficiency is high.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the application and together with the description, serve to explain the principles of the application.
FIG. 1 is a schematic diagram of a system login system architecture according to an embodiment of the present application;
fig. 2 is a schematic flow chart of a system login method according to an embodiment of the present application;
FIG. 3 is a flowchart of another system login method according to an embodiment of the present application;
FIG. 4 is a flowchart of another system login method according to an embodiment of the present application;
FIG. 5 is a flowchart of another system login method according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of a system login device according to an embodiment of the present application;
fig. 7 is a block diagram illustrating a system login device, according to an example embodiment.
Specific embodiments of the present application have been shown by way of the above drawings and will be described in more detail below. The drawings and the written description are not intended to limit the scope of the inventive concepts in any way, but rather to illustrate the inventive concepts to those skilled in the art by reference to the specific embodiments.
Detailed Description
Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings refer to the same or similar elements, unless otherwise indicated. The implementations described in the following exemplary examples do not represent all implementations consistent with the application. Rather, they are merely examples of apparatus and methods consistent with aspects of the application as detailed in the accompanying claims.
It should be noted that, the user information (including but not limited to user equipment information, user personal information, etc.) and the data (including but not limited to data for analysis, stored data, presented data, etc.) related to the present application are information and data authorized by the user or fully authorized by each party, and the collection, use and processing of the related data need to comply with related laws and regulations and standards, and provide corresponding operation entries for the user to select authorization or rejection.
It should be noted that the system login method, device, equipment and storage medium of the present application may be used in the big data field, and may also be used in any field other than the big data field, and the application fields of the system login method, device, equipment and storage medium of the present application are not limited.
The specific application scenario of the application is directed to a cross-system user login method, for example, in the process that a service side updates a service from an old system to a new system, because of insufficient capacity, the new line function of the new system is different from the old line function of the old system, if a user wants to use the function of the new system, a developer needs to develop and maintain two sets of same function codes in the old system and the new system, or a great amount of user information of the old system is migrated to the new system, and an un-migrated user cannot use the new system. The prior art switching system login method is complex to realize, time-consuming and labor-consuming.
The application provides a data transmission method, which aims to solve the technical problems in the prior art.
In order to solve the above problems, embodiments of the present application provide a system login method, device, apparatus, and storage medium, where when a user wants to directly skip to login to a second system, a first system may initiate a credential application request to an authentication and authorization system, the authentication and authorization system generates an authentication credential, the first system transmits the authentication credential to the second system, and the second system verifies with the authentication and authorization system according to the authentication credential, so that the second system can obtain user information to implement secure login without performing a large amount of data migration, and the user may flexibly implement login switching between systems.
In the embodiment of the application, the first system and the second system are two different systems, wherein the first system can be an old system of a certain service, and the second system is a new system. Or the first system may be a new system for a certain service and the second system an old system. The user can flexibly realize jump login between two different systems. The authentication authorization system is different from the first system and the second system.
Optionally, fig. 1 is a schematic diagram of a system login system architecture according to an embodiment of the present application. Included in fig. 1 are a first system 101, a second system 102, and an authentication authorization system 103. The first system 101, the second system 102, and the authentication and authorization system 103 may be servers or terminal devices. Communication can be achieved between any two of the above systems.
Processing devices may be included in each of the first system 101, the second system 102, and the authentication and authorization system 103.
It should be understood that the architecture illustrated in the embodiments of the present application does not constitute a specific limitation on the architecture of the system login system. In other possible embodiments of the present application, the architecture may include more or less components than those illustrated, or some components may be combined, some components may be split, or different component arrangements may be specifically determined according to the actual application scenario, and the present application is not limited herein. The components shown in fig. 1 may be implemented in hardware, software, or a combination of software and hardware.
It will be appreciated that the processing device described above may be implemented by a processor reading instructions in a memory and executing the instructions, or by a chip circuit.
In addition, the network architecture and the service scenario described in the embodiments of the present application are for more clearly describing the technical solution of the embodiments of the present application, and do not constitute a limitation on the technical solution provided by the embodiments of the present application, and as a person of ordinary skill in the art can know, with evolution of the network architecture and occurrence of a new service scenario, the technical solution provided by the embodiments of the present application is also applicable to similar technical problems.
The following describes the technical scheme of the present application and how the technical scheme of the present application solves the above technical problems in detail with specific embodiments. The following embodiments may be combined with each other, and the same or similar concepts or processes may not be described in detail in some embodiments. Embodiments of the present application will be described below with reference to the accompanying drawings.
Optionally, fig. 2 is a schematic flow chart of a system login method according to an embodiment of the present application. The execution body of the embodiment of the present application may be the first system 101 in fig. 1, and the specific execution body may be determined according to an actual application scenario. As shown in fig. 2, the method comprises the steps of:
S201: and responding to the system switching login operation of the user, sending a credential application request to the authentication and authorization system, so that the authentication and authorization system generates an authentication credential according to the credential application request after receiving the credential application request, and sending the authentication credential to the first system.
Alternatively, a new system login button may be directly displayed on the first system interface, and the user may click the button to trigger the system to switch the login operation.
Optionally, a part of functions of the new system may be directly displayed on the first system interface, and the user may click on the functions to trigger the system to switch the login operation.
Optionally, in response to a system switch login operation of the user, sending a credential application request to the authentication authorization system, including: responding to the system switching login operation of the user, and acquiring login information of the user; acquiring user information from a database according to the login information; generating a credential application request according to the user information; and sending a credential application request to an authentication and authorization system.
The first system directly acquires the user information according to the login information of the user, generates a credential authentication request according to the user information and transmits the credential authentication request to the authentication and authorization system, so that the authentication and authorization system can acquire the user information quickly and conveniently, the quick migration of the user information is realized, and conditions are provided for the user login of the second system.
S202: and receiving an authentication credential sent by the authentication and authorization system.
Optionally, the authentication credentials pass through a hash algorithm based on the user information, the generation time, and the random number.
Optionally, the authentication credentials may include a storage address for the user information.
S203: and jumping to the second system, and sending the authentication credentials to the second system, so that the second system sends a credential verification request to the authentication and authorization system according to the authentication credentials after receiving the authentication credentials, and performs password-free login of the user according to a verification result sent by the authentication and authorization system.
The authentication authorization system is used for verifying the authentication credentials in the credential verification request after receiving the credential verification request, and sending a verification result to the second system after successful verification.
Alternatively, the jump may be made directly after receiving the authentication credentials.
Optionally, whether to skip the page or not may be popped up after receiving the authentication credentials to prompt the user, and the skip may be implemented according to the user instruction.
The embodiment of the application provides a method for quickly logging in a new system, if a user only registers user information in a first system or the user information is only stored in the first system, when the user wants to directly jump to log in a second system, the first system can initiate a credential application request to an authentication and authorization system, the authentication and authorization system generates an authentication credential, the first system transmits the authentication credential to the second system, the second system can acquire the user information according to the authentication credential to verify by the authentication and authorization system, so that the user can realize password-free login without a large amount of data migration, the user can flexibly realize login switching among the systems, the implementation mode is simple, the time and manpower and material resources are saved, and the efficiency is high.
Optionally, fig. 3 is a flowchart of another system login method according to an embodiment of the present application. The execution subject of the embodiment of the present application may be the authentication and authorization system 103 in fig. 1, and the specific execution subject may be determined according to an actual application scenario. As shown in fig. 3, the method comprises the steps of:
s301: and after receiving the credential application request sent by the first system, generating an authentication credential according to the credential application request.
The credential application request is sent to the authentication and authorization system by the first system in response to a system switching login operation of the user.
Optionally, generating the authentication credential according to the credential application request includes: acquiring user information according to the credential application request; and generating an authentication credential through a hash algorithm according to the user information, the generation time and the random number.
According to the embodiment of the application, the authentication credential is generated through a hash algorithm according to the user information, the generation time and the random number, the encryption mode is simple, safe and effective, and the efficiency and the security of system login are improved.
Alternatively, a storage address of the user information may be acquired, and the authentication credential is generated by a hash algorithm according to the storage address of the user information, the generation time, and the random number.
S302: and sending the authentication credentials to the first system, so that the first system receives the authentication credentials sent by the authentication and authorization system, jumps to the second system, and sends the authentication credentials to the second system.
The second system is used for sending a credential verification request to the authentication and authorization system according to the authentication credentials after receiving the authentication credentials.
S303: and after receiving the credential verification request sent by the second system, verifying the authentication credential in the credential verification request.
Optionally, verifying the authentication credential in the credential verification request includes:
acquiring the generation time of an authentication credential; determining whether the user verification is overtime according to the generation time; if the user verification is not overtime, comparing the authentication credentials with a preset authentication credential database, and judging whether the verification is successful or not according to the comparison result; if the verification is successful, decrypting the authentication credentials to obtain user information; accordingly, sending the verification result to the second system includes: and transmitting the user information to the second system.
Optionally, acquiring a generation time of the authentication credentials; determining whether the user verification is overtime according to the generation time comprises determining overtime if the time difference between the current time and the generation time is greater than a preset time threshold, wherein the preset time threshold can be determined according to actual conditions, and the embodiment of the application is not particularly limited.
Optionally, comparing the authentication credential with a preset authentication credential database, and judging whether the authentication is successful according to the comparison result, including: if the preset authentication credential database comprises authentication credentials, judging that the authentication is successful.
Optionally, decrypting by a hash algorithm.
When the authentication credentials are verified, whether the verification is overtime is determined according to the generation time, so that the security of system login is further ensured, meanwhile, user information can be directly obtained according to decryption of the authentication credentials, rapid migration of the user information in a second system is realized, the security of system login is improved, and the complexity of system login is reduced.
S304: and after the verification is successful, sending a verification result to the second system, so that the second system performs password-free login of the user according to the verification result sent by the authentication and authorization system.
Here, the authentication authorization system of the embodiment of the application provides the generation and verification functions of authentication credentials for other systems, when a user needs to jump from a first system which is already logged in to a second system which is not registered and logged in, the authentication authorization system can provide the authentication credentials for authentication, the second system can acquire user information by virtue of the verification of the authentication authorization system according to the credentials to realize password-free login, and a large amount of user information does not need to be migrated before login, so that the realization mode is simple, the cost consumption of manpower and material resources is reduced, and the efficiency of system switching and updating is improved.
Optionally, fig. 4 is a flowchart of another system login method according to an embodiment of the present application. The execution body of the embodiment of the present application may be the second system 102 in fig. 1, and the specific execution body may be determined according to an actual application scenario. As shown in fig. 4, the method comprises the steps of:
s401: an authentication credential sent by a first system is received.
The authentication credentials are generated according to the credential application request after the authentication authorization system receives the credential application request sent by the first system, the authentication credentials are sent to the first system, and the credential application request is sent to the authentication authorization system by the first system in response to the system switching login operation of the user.
S402: and sending a credential verification request to the authentication authorization system according to the authentication credentials, so that the authentication authorization system verifies the authentication credentials in the credential verification request after receiving the credential verification request, and sends a verification result to the second system after the verification is successful.
S403: and performing password-free login of the user according to the verification result sent by the authentication and authorization system.
Here, if the second system receives the skip login request from the first system, verification can be initiated to the authentication authorization system through the authentication credentials sent by the first system, so that quick login is realized, and login efficiency and security are high.
Optionally, after performing the password-free login of the user according to the verification result sent by the authentication and authorization system, the method further comprises: and (5) saving the verification result.
The verification result can be user information or authentication credentials corresponding to the user, so that repeated authentication is not needed when the login request of the user is received next time, the password-free login of the user can be directly realized according to the stored verification result, the efficiency of cross-system login is further improved, the complexity is reduced, and the login cost and the login time are saved.
Optionally, fig. 5 is a flowchart of another system login method according to an embodiment of the present application. The execution subject of the embodiment of the application can be the system login system in fig. 1, and the specific execution subject can be determined according to the actual application scenario. As shown in fig. 5, the method comprises the steps of:
s501: the first system responds to the system switching login operation of the user and sends a credential application request to the authentication and authorization system.
S502: and after receiving the credential application request, the authentication authorization system generates an authentication credential according to the credential application request.
S503: the authentication authorization system sends the authentication credentials to the first system.
S504: the first system jumps to the second system and sends authentication credentials to the second system.
S505: the second system, after receiving the authentication credentials, sends a credential verification request to an authentication authorization system in accordance with the authentication credentials.
S506: and the authentication authorization system verifies the authentication credentials in the credential verification request after receiving the credential verification request.
S507: and after the authentication and authorization system is successfully verified, sending a verification result to the second system.
S508: and the second system performs password-free login of the user according to the verification result sent by the authentication and authorization system.
According to the embodiment of the application, only new functions need to be developed in the system, old system users can experience the new system functions through old jump, the software development cost is reduced, the new functions can be developed preferentially, and the existing functions of the old system can be slowly smoothed.
Fig. 6 is a schematic structural diagram of a system login device according to an embodiment of the present application, and as shown in fig. 6, the device according to the embodiment of the present application includes: a first transmitting module 601, a first receiving module 602 and a first processing module 603. The system registration device may be a processing device of the first system 101, a processor itself, or a chip or an integrated circuit that realizes the functions of the processor. Here, the division of the first transmitting module 601, the first receiving module 602, and the first processing module 603 is just a division of a logic function, and both may be integrated or independent physically.
The first sending module is used for responding to the system switching login operation of the user and sending a credential application request to the authentication and authorization system so that the authentication and authorization system can generate an authentication credential according to the credential application request after receiving the credential application request and send the authentication credential to the first system;
the first receiving module is used for receiving the authentication credentials sent by the authentication and authorization system;
the first processing module is used for jumping to the second system and sending the authentication credentials to the second system, so that the second system sends a credential verification request to the authentication authorization system according to the authentication credentials after receiving the authentication credentials, and performs password-free login of the user according to the verification result sent by the authentication authorization system, wherein the authentication authorization system is used for verifying the authentication credentials in the credential verification request after receiving the credential verification request, and sending the verification result to the second system after successful verification.
Optionally, the first sending module is specifically configured to:
responding to the system switching login operation of the user, and acquiring login information of the user;
acquiring user information from a database according to the login information;
generating a credential application request according to the user information;
And sending a credential application request to an authentication and authorization system.
The embodiment of the application also provides another system login device which is applied to an authentication and authorization system and comprises:
the system comprises a credential generation module, a first authentication authorization system and a second authentication authorization system, wherein the credential generation module is used for generating an authentication credential according to a credential application request after receiving the credential application request sent by the first system, wherein the credential application request is sent to the authentication authorization system by the first system in response to the system switching login operation of a user;
the second sending module is used for sending the authentication credentials to the first system so that the first system receives the authentication credentials sent by the authentication and authorization system, jumps to the second system and sends the authentication credentials to the second system, wherein the second system is used for sending a credential verification request to the authentication and authorization system according to the authentication credentials after receiving the authentication credentials;
the verification module is used for verifying the authentication credentials in the credential verification request after receiving the credential verification request sent by the second system;
and the third sending module is used for sending the verification result to the second system after the verification is successful, so that the second system performs password-free login of the user according to the verification result sent by the authentication and authorization system.
Optionally, the credential generation module is specifically configured to:
acquiring user information according to the credential application request;
and generating an authentication credential through a hash algorithm according to the user information, the generation time and the random number.
Optionally, the verification module is specifically configured to:
acquiring the generation time of an authentication credential;
determining whether the user verification is overtime according to the generation time;
if the user verification is not overtime, comparing the authentication credentials with a preset authentication credential database, and judging whether the verification is successful or not according to the comparison result;
if the verification is successful, decrypting the authentication credentials to obtain user information;
correspondingly, the third sending module is specifically configured to:
and transmitting the user information to the second system.
The embodiment of the application also provides a system login device which is applied to a second system and comprises:
the second receiving module is used for receiving an authentication credential sent by the first system, wherein the authentication credential is generated by the authentication authorization system according to the credential application request after receiving the credential application request sent by the first system, and the authentication credential is sent to the first system, and the credential application request is sent to the authentication authorization system by the first system in response to the system switching login operation of a user;
The fourth sending module is used for sending a credential verification request to the authentication and authorization system according to the authentication credentials, so that the authentication and authorization system verifies the authentication credentials in the credential verification request after receiving the credential verification request, and sends a verification result to the second system after the verification is successful;
and the login module is used for carrying out password-free login of the user according to the verification result sent by the authentication and authorization system.
Optionally, after the login module is used for performing password-free login of the user according to the verification result sent by the authentication and authorization system, the device further comprises:
and the storage module is used for storing the verification result.
Referring to fig. 7, there is shown a schematic diagram of a system login device 700 suitable for use in implementing embodiments of the present disclosure, which system login device 700 may be a terminal device or a server. The terminal device may include, but is not limited to, a mobile terminal such as a mobile phone, a notebook computer, a digital broadcast receiver, a personal digital assistant (Personal Digital Assistant, PDA for short), a tablet (Portable Android Device, PAD for short), a portable multimedia player (Portable Media Player, PMP for short), an in-vehicle terminal (e.g., an in-vehicle navigation terminal), and the like, and a fixed terminal such as a digital TV, a desktop computer, and the like. The system login device shown in fig. 7 is only one example and should not impose any limitation on the functionality and scope of use of the embodiments of the present disclosure.
As shown in fig. 7, the system login device 700 may include a processing means (e.g., a central processing unit, a graphics processor, etc.) 701, which may perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 702 or a program loaded from a storage 708 into a random access Memory (Random Access Memory, RAM) 703. In the RAM 703, various programs and data necessary for the operation of the system login device 700 are also stored. The processing device 701, the ROM 702, and the RAM 703 are connected to each other through a bus 704. An input/output (I/O) interface 705 is also connected to bus 704.
In general, the following devices may be connected to the I/O interface 705: input devices 706 including, for example, a touch screen, touchpad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, and the like; an output device 707 including, for example, a liquid crystal display (Liquid Crystal Display, LCD for short), a speaker, a vibrator, and the like; storage 708 including, for example, magnetic tape, hard disk, etc.; and a communication device 709. The communication means 709 may allow the system login device 700 to communicate wirelessly or by wire with other devices to exchange data. While fig. 7 shows a system login device 700 with various means, it should be understood that not all of the illustrated means are required to be implemented or provided. More or fewer devices may be implemented or provided instead.
In particular, according to embodiments of the present disclosure, the processes described above with reference to flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method shown in the flowcharts. In such an embodiment, the computer program may be downloaded and installed from a network via communication device 709, or installed from storage 708, or installed from ROM 702. The above-described functions defined in the methods of the embodiments of the present disclosure are performed when the computer program is executed by the processing device 701.
It should be noted that the computer readable medium described in the present disclosure may be a computer readable signal medium or a computer readable storage medium, or any combination of the two. The computer readable storage medium can be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples of the computer-readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this disclosure, a computer-readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present disclosure, however, the computer-readable signal medium may include a data signal propagated in baseband or as part of a carrier wave, with the computer-readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, fiber optic cables, RF (radio frequency), and the like, or any suitable combination of the foregoing.
The computer readable medium may be contained in the system login device; or may exist alone without being fitted into the system login device.
The computer-readable medium carries one or more programs which, when executed by the system entry device, cause the system entry device to perform the method shown in the above-described embodiments.
Computer program code for carrying out operations of the present disclosure may be written in one or more programming languages, including an object oriented programming language such as Java, smalltalk, C ++ and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any kind of network, including a local area network (Local Area Network, LAN for short) or a wide area network (Wide Area Network, WAN for short), or it may be connected to an external computer (e.g., connected via the internet using an internet service provider).
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units involved in the embodiments of the present disclosure may be implemented by means of software, or may be implemented by means of hardware. The name of the unit does not in any way constitute a limitation of the unit itself, for example the first acquisition unit may also be described as "unit acquiring at least two internet protocol addresses".
The functions described above herein may be performed, at least in part, by one or more hardware logic components. For example, without limitation, exemplary types of hardware logic components that may be used include: a Field Programmable Gate Array (FPGA), an Application Specific Integrated Circuit (ASIC), an Application Specific Standard Product (ASSP), a system on a chip (SOC), a Complex Programmable Logic Device (CPLD), and the like.
In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. The machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
The system login device of the embodiment of the present application may be used to execute the technical solutions of the embodiments of the above methods of the present application, and its implementation principle and technical effects are similar, and are not repeated here.
The embodiment of the application also provides a computer readable storage medium, wherein computer execution instructions are stored in the computer readable storage medium, and the computer execution instructions are used for realizing the interface testing method of any one of the above when being executed by a processor.
The embodiment of the application also provides a computer program product, which comprises a computer program, wherein the computer program is used for realizing the interface testing method of any one of the above steps when being executed by a processor.
Other embodiments of the application will be apparent to those skilled in the art from consideration of the specification and practice of the application disclosed herein. This application is intended to cover any variations, uses, or adaptations of the application following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the application pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the application being indicated by the following claims.
It is to be understood that the application is not limited to the precise arrangements and instrumentalities shown in the drawings, which have been described above, and that various modifications and changes may be effected without departing from the scope thereof. The scope of the application is limited only by the appended claims.

Claims (13)

1. A system login method, applied to a first system, comprising:
responding to system switching login operation of a user, sending a credential application request to an authentication and authorization system, so that the authentication and authorization system generates an authentication credential according to the credential application request after receiving the credential application request, and sends the authentication credential to the first system;
receiving an authentication credential sent by the authentication authorization system;
the method comprises the steps of jumping to a second system, sending the authentication credentials to the second system, enabling the second system to send a credential verification request to an authentication authorization system according to the authentication credentials after receiving the authentication credentials, and performing password-free login of a user according to a verification result sent by the authentication authorization system, wherein the authentication authorization system is used for verifying the authentication credentials in the credential verification request after receiving the credential verification request, and sending a verification result to the second system after verification is successful.
2. The method of claim 1, wherein the sending a credential application request to the authentication authorization system in response to a system switch login operation of the user comprises:
responding to system switching login operation of a user, and acquiring login information of the user;
acquiring user information from a database according to the login information;
generating a credential application request according to the user information;
and sending a credential application request to an authentication and authorization system.
3. A system login method, applied to an authentication and authorization system, comprising:
generating an authentication credential according to a credential application request after receiving the credential application request sent by a first system, wherein the credential application request is sent to an authentication authorization system by the first system in response to a system switching login operation of a user;
the authentication credentials are sent to the first system, so that the first system receives the authentication credentials sent by the authentication and authorization system, jumps to a second system and sends the authentication credentials to the second system, wherein the second system is used for sending credential verification requests to the authentication and authorization system according to the authentication credentials after receiving the authentication credentials;
After receiving a credential verification request sent by the second system, verifying an authentication credential in the credential verification request;
and after the verification is successful, sending a verification result to the second system, so that the second system performs password-free login of the user according to the verification result sent by the authentication and authorization system.
4. A method according to claim 3, wherein said generating authentication credentials from said credential application request comprises:
acquiring user information according to the credential application request;
and generating an authentication credential through a hash algorithm according to the user information, the generation time and the random number.
5. The method of claim 4, wherein verifying the authentication credential in the credential verification request comprises:
acquiring the generation time of the authentication credentials;
determining whether the user verification is overtime according to the generation time;
if the user verification is not overtime, comparing the authentication credentials with a preset authentication credential database, and judging whether the verification is successful or not according to the comparison result;
if the verification is successful, decrypting the authentication credentials to obtain the user information;
Correspondingly, the sending the verification result to the second system includes:
and transmitting user information to the second system.
6. A system login method, applied to a second system, comprising:
receiving an authentication credential sent by a first system, wherein the authentication credential is generated by an authentication authorization system according to a credential application request after receiving the credential application request sent by the first system, and the authentication credential is sent to the first system, and the credential application request is sent to the authentication authorization system by the first system in response to a system switching login operation of a user;
sending a credential verification request to the authentication and authorization system according to the authentication credential, so that the authentication and authorization system verifies the authentication credential in the credential verification request after receiving the credential verification request, and sends a verification result to the second system after verification is successful;
and performing password-free login of the user according to the verification result sent by the authentication and authorization system.
7. The method of claim 6, further comprising, after said performing a password-free login of said user based on a verification result sent by said authentication authorization system:
And storing the verification result.
8. A system login method, applied to a system login system, the system login system comprising a first system, a second system and an authentication and authorization system, the method comprising:
the first system responds to the system switching login operation of the user and sends a credential application request to an authentication and authorization system;
after receiving the credential application request, the authentication authorization system generates an authentication credential according to the credential application request;
the authentication authorization system sends the authentication credentials to the first system;
the first system jumps to a second system and sends the authentication credentials to the second system;
after receiving the authentication credentials, the second system sends a credential verification request to the authentication authorization system according to the authentication credentials;
after receiving the credential verification request, the authentication authorization system verifies an authentication credential in the credential verification request;
after the authentication authorization system is successfully verified, sending a verification result to the second system;
and the second system performs password-free login of the user according to the verification result sent by the authentication and authorization system.
9. A system login device, which is applied to a first system and comprises
The first sending module is used for responding to the system switching login operation of the user and sending a credential application request to the authentication and authorization system so that the authentication and authorization system generates an authentication credential according to the credential application request after receiving the credential application request and sends the authentication credential to the first system;
the first receiving module is used for receiving the authentication credentials sent by the authentication and authorization system;
the first processing module is used for jumping to a second system and sending the authentication credentials to the second system, so that the second system sends a credential verification request to the authentication authorization system according to the authentication credentials after receiving the authentication credentials, and performs password-free login of the user according to a verification result sent by the authentication authorization system, wherein the authentication authorization system is used for verifying the authentication credentials in the credential verification request after receiving the credential verification request, and sending a verification result to the second system after verification is successful.
10. A system login device, for use in an authentication authorization system, comprising:
The system comprises a credential generation module, a first authentication authorization system and a second authentication authorization system, wherein the credential generation module is used for generating an authentication credential according to a credential application request sent by the first system after receiving the credential application request, wherein the credential application request is sent to the authentication authorization system by the first system in response to a system switching login operation of a user;
the second sending module is used for sending the authentication credentials to the first system so that the first system receives the authentication credentials sent by the authentication and authorization system, jumps to a second system and sends the authentication credentials to the second system, wherein the second system is used for sending a credential verification request to the authentication and authorization system according to the authentication credentials after receiving the authentication credentials;
the verification module is used for verifying the authentication credentials in the credential verification request after receiving the credential verification request sent by the second system;
and the third sending module is used for sending a verification result to the second system after the verification is successful, so that the second system performs password-free login of the user according to the verification result sent by the authentication and authorization system.
11. A system login device, for use in a second system, comprising:
The second receiving module is used for receiving an authentication credential sent by a first system, wherein the authentication credential is generated by an authentication authorization system according to a credential application request after receiving the credential application request sent by the first system, and the authentication credential is sent to the first system, and the credential application request is sent to the authentication authorization system by the first system in response to a system switching login operation of a user;
a fourth sending module, configured to send a credential verification request to the authentication authorization system according to the authentication credential, so that the authentication authorization system verifies the authentication credential in the credential verification request after receiving the credential verification request, and sends a verification result to the second system after the verification is successful;
and the login module is used for performing password-free login of the user according to the verification result sent by the authentication and authorization system.
12. A system login device, comprising: a processor, and a memory communicatively coupled to the processor;
the memory stores computer-executable instructions;
the processor executes computer-executable instructions stored in the memory to implement the method of any one of claims 1 or 2.
13. A computer readable storage medium having stored therein computer executable instructions which when executed by a processor are adapted to carry out the method of any one of claims 1 or 2.
CN202310666549.3A 2023-06-06 2023-06-06 System login method, device, equipment and storage medium Pending CN116738405A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310666549.3A CN116738405A (en) 2023-06-06 2023-06-06 System login method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310666549.3A CN116738405A (en) 2023-06-06 2023-06-06 System login method, device, equipment and storage medium

Publications (1)

Publication Number Publication Date
CN116738405A true CN116738405A (en) 2023-09-12

Family

ID=87905510

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310666549.3A Pending CN116738405A (en) 2023-06-06 2023-06-06 System login method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN116738405A (en)

Similar Documents

Publication Publication Date Title
CN111639319B (en) User resource authorization method, device and computer readable storage medium
CN111991813B (en) Method and device for logging in game, electronic equipment and storage medium
WO2023185514A1 (en) Message transmission methods and apparatuses, storage medium and electronic device
CN115801299B (en) Meta universe identity authentication method, device, equipment and storage medium
CN115102744B (en) Data access method and device
CN109491908B (en) Page detection method and device, electronic equipment and storage medium
CN110855655B (en) Information verification method, device, equipment and storage medium
CN109635558B (en) Access control method, device and system
CN114979048B (en) Identity verification method, system, electronic device and medium based on instant messaging
CN115174558B (en) Cloud network end integrated identity authentication method, device, equipment and storage medium
CN111935138B (en) Protection method and device for secure login and electronic equipment
US20240177200A1 (en) Business service interaction method and apparatus, device, and storage medium
CN113329028B (en) Cross-domain access method and device
CN116738405A (en) System login method, device, equipment and storage medium
CN115412347A (en) Device login method, device and storage medium
CN109714371B (en) Industrial control network safety detection system
CN109933990B (en) Multi-mode matching-based security vulnerability discovery method and device and electronic equipment
CN116527284B (en) Data storage security determination method, device, equipment and storage medium
CN111367590A (en) Interrupt event processing method and device
CN116471327B (en) Cloud resource processing method, device, equipment and storage medium
CN113660100B (en) Method, system and electronic equipment for generating soft token seed
CN115879135B (en) Bid data processing method, device, equipment and storage medium
CN114245161B (en) Live broadcast push method and device, storage medium and electronic equipment
CN118427791A (en) Private cloud authorization method and device
CN117201160A (en) Online reading processing method, device, equipment and medium in public network environment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination