[go: up one dir, main page]

CN107835160A - Third party's user authen method based on Quick Response Code - Google Patents

Third party's user authen method based on Quick Response Code Download PDF

Info

Publication number
CN107835160A
CN107835160A CN201710985290.3A CN201710985290A CN107835160A CN 107835160 A CN107835160 A CN 107835160A CN 201710985290 A CN201710985290 A CN 201710985290A CN 107835160 A CN107835160 A CN 107835160A
Authority
CN
China
Prior art keywords
user
party
quick response
response code
random
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710985290.3A
Other languages
Chinese (zh)
Inventor
蒋晓宁
黄娇卿
陈乐�
陈一乐
吴小川
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Gongshang University
Original Assignee
Zhejiang Gongshang University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang Gongshang University filed Critical Zhejiang Gongshang University
Priority to CN201710985290.3A priority Critical patent/CN107835160A/en
Publication of CN107835160A publication Critical patent/CN107835160A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0846Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0884Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

本发明提供一种基于二维码的第三方用户认证方法,所述用户认证方法包括:获取所述第三方用户对应第三方应用的所有用户信息,所述用户信息包括用户标识;根据服务器端生成的随机标识产生二维码;利用所述第三方应用扫描二维码以获取本次认证所述用户标识对应第三方用户的用户信息;在所述随机标识有效时根据所获取用户信息的用户标识查询合法用户列表以对所述第三方用户进行认证。本发明能够有效利用不同移动应用间的用户信息。

The present invention provides a third-party user authentication method based on a two-dimensional code. The user authentication method includes: obtaining all user information of the third-party user corresponding to a third-party application, the user information including the user identification; Generate a QR code with the random ID; use the third-party application to scan the QR code to obtain the user information of the third-party user corresponding to the user ID in this authentication; when the random ID is valid, according to the user ID of the obtained user information Query the legal user list to authenticate the third-party user. The invention can effectively utilize user information among different mobile applications.

Description

基于二维码的第三方用户认证方法Third-party user authentication method based on two-dimensional code

技术领域technical field

本发明涉及软件技术领域,特别涉及一种基于二维码的第三方用户认证方法、一种基于第三方应用的用户登录方法。The present invention relates to the field of software technology, in particular to a third-party user authentication method based on a two-dimensional code, and a user login method based on a third-party application.

背景技术Background technique

随着移动互联网时代的到来,借助于移动端的身份认证愈加的受欢迎,现在将二维码登录应用于实际的情况非常多,所以关于二维码登录的安全性和唯一性就更加值得关注。现有技术中,移动端的应用程序种类繁多,针对每种应用程序的用户身份都是独立的,导致用户在使用不同移动应用时频繁进行用户认证与用户登录,造成用户信息重复输入,信息资源浪费。With the advent of the mobile Internet era, identity authentication by means of mobile terminals is becoming more and more popular, and now there are many practical applications for QR code login, so the security and uniqueness of QR code login deserves more attention. In the prior art, there are many types of mobile application programs, and the user identity for each application program is independent, which leads to frequent user authentication and user login when users use different mobile applications, resulting in repeated input of user information and waste of information resources. .

发明内容Contents of the invention

本发明技术方案所解决的技术问题为,如何有效利用不同移动应用间的用户信息。The technical problem solved by the technical solution of the present invention is how to effectively utilize user information between different mobile applications.

为了解决上述技术问题,本发明技术方案提供了一种基于二维码的第三方用户认证方法,包括:In order to solve the above technical problems, the technical solution of the present invention provides a third-party user authentication method based on a two-dimensional code, including:

获取所述第三方用户对应第三方应用的所有用户信息,所述用户信息包括用户标识;Obtain all user information of the third-party user corresponding to the third-party application, where the user information includes a user identifier;

根据服务器端生成的随机标识产生二维码;Generate a QR code according to the random identification generated by the server;

利用所述第三方应用扫描二维码以获取本次认证所述用户标识对应第三方用户的用户信息;Use the third-party application to scan the QR code to obtain the user information corresponding to the third-party user whose user ID is authenticated this time;

在所述随机标识有效时根据所获取用户信息的用户标识查询合法用户列表以对所述第三方用户进行认证。When the random identifier is valid, query the legal user list according to the user identifier of the obtained user information to authenticate the third-party user.

可选的,所述获取所述第三方用户对应第三方应用的所有用户信息包括:Optionally, the obtaining all user information of the third-party user corresponding to the third-party application includes:

基于所述第三方应用申请用户端平台;Applying for a client platform based on the third-party application;

若所述第三方用户在所述第三方应用内使用所述用户端平台则有权获取该第三方用户的用户信息。If the third-party user uses the client platform in the third-party application, he has the right to obtain the user information of the third-party user.

可选的,所述获取所述第三方用户对应第三方应用的用户标识还包括:基于所述第三方应用接口获取所述第三方用户对应第三方应用的用户信息。Optionally, the obtaining the user identifier of the third-party user corresponding to the third-party application further includes: obtaining user information of the third-party user corresponding to the third-party application based on the third-party application interface.

可选的,所述根据服务器端产生的随机标识及所述用户标识产生二维码包括:认证时根据服务器端产生的随机标识及所述用户标识产生二维码。Optionally, the generating a two-dimensional code according to the random identifier generated by the server and the user identifier includes: generating a two-dimensional code according to the random identifier generated by the server and the user identifier during authentication.

可选的,所述根据服务器端生成的随机标识产生二维码包括:Optionally, said generating the two-dimensional code according to the random identification generated by the server includes:

获取所述用户信息的请求链接;A request link to obtain said user information;

获取服务器端产生的随机标识及验证所述随机标识及用户标识的验证链接;Obtain the random ID generated by the server and verify the random ID and the verification link of the user ID;

基于所述请求链接、随机标识及验证链接形成所述二维码。The two-dimensional code is formed based on the request link, the random identification and the verification link.

可选的,所述随机标识具有预定时效,所述用户信息包括:用户资料信息及用户标识,所述用户资料信息至少包括如下信息中的一种:昵称、头像、性别、地址、权限。Optionally, the random identification has a predetermined time limit, and the user information includes: user profile information and a user ID, and the user profile information includes at least one of the following information: nickname, avatar, gender, address, and authority.

可选的,所述在所述随机标识有效时根据所获取用户信息的用户标识查询合法用户列表以对所述第三方用户进行认证包括:Optionally, when the random identifier is valid, querying the legal user list according to the user identifier of the obtained user information to authenticate the third-party user includes:

将所述随机标识与本次认证获得的用户标识绑定,所述随机标识为所述第三方应用订阅有关认证的消息主题;Bind the random ID with the user ID obtained in this authentication, and the random ID subscribes to the authentication-related message topic for the third-party application;

若该用户标识存在于所述合法用户列表则上传认证成功的消息至服务器端,否则上传认证失败的消息至服务器端。If the user identifier exists in the legal user list, upload a message of successful authentication to the server; otherwise, upload a message of failed authentication to the server.

可选的,所述在所述随机标识有效时根据所获取用户信息的用户标识查询合法用户列表以对所述第三方用户进行认证包括:Optionally, when the random identifier is valid, querying the legal user list according to the user identifier of the obtained user information to authenticate the third-party user includes:

将所述随机标识与本次认证获得的用户标识绑定,所述随机标识为所述第三方应用订阅有关认证的消息主题;Bind the random ID with the user ID obtained in this authentication, and the random ID subscribes to the authentication-related message topic for the third-party application;

若该用户标识存在于所述合法用户列表则继续基于所述用户标识查询所述第三方用户的登录状态;If the user identifier exists in the legal user list, continue to query the login status of the third-party user based on the user identifier;

若该第三方用户的登录状态为未登录,则上传认证成功的消息至服务器端,否则上传认证失败的消息至服务器端。If the login status of the third-party user is not logged in, upload a message of successful authentication to the server, otherwise upload a message of failed authentication to the server.

可选的,所述基于二维码的第三方用户认证方法还包括:Optionally, the third-party user authentication method based on the two-dimensional code also includes:

基于所获取的所有用户信息及用户标识对所述第三方用户进行分组以形成所述合法用户列表。The third-party users are grouped based on the acquired user information and user identifiers to form the legal user list.

为了解决上述技术问题,本发明技术方案还提供了一种基于第三方应用的用户登录方法,包括:In order to solve the above technical problems, the technical solution of the present invention also provides a user login method based on a third-party application, including:

基于用户输入的登录请求产生二维码,所述二维码根据服务器端产生的随机标识产生,所述二维码具有请求接入所述第三方应用用户信息的链接;Generate a two-dimensional code based on a login request input by the user, the two-dimensional code is generated according to a random identifier generated by the server, and the two-dimensional code has a link requesting access to the user information of the third-party application;

利用所述第三方应用扫描所述二维码以获取本次认证所述用户标识对应第三方用户的用户信息;Use the third-party application to scan the two-dimensional code to obtain the user information of the third-party user corresponding to the user ID in this authentication;

在所述随机标识有效时根据所获取用户信息的用户标识查询合法用户列表以对所述第三方用户进行认证;When the random identifier is valid, query the legal user list according to the user identifier of the obtained user information to authenticate the third-party user;

若认证成功则用户基于所述第三方用户的用户信息进行登录。If the authentication is successful, the user logs in based on the user information of the third-party user.

本发明技术方案的有益效果至少包括:The beneficial effects of the technical solution of the present invention at least include:

本发明技术方案能够利用第三方应用的用户信息,并在客户端生成二维码,使用第三方应用的扫码功能,识别客户端的二维码信息,通过服务器端验证判断所述第三方用户是否为合法用户,从而实现基于第三方用户信息进行客户端的用户认证与用户登录,能够有效利用不同移动应用间的用户信息,实现多应用间基于相同用户信息的认证与登录,大幅度节省了用户多应用使用时应用用户认证与登录的时间,提高了用户信息使用的一致性与高效性。The technical solution of the present invention can use the user information of the third-party application to generate a two-dimensional code on the client, use the code scanning function of the third-party application to identify the two-dimensional code information of the client, and determine whether the third-party user is verified through server-side verification. It is a legal user, so as to realize the user authentication and user login of the client based on the third-party user information, which can effectively use the user information between different mobile applications, and realize the authentication and login based on the same user information between multiple applications, which greatly saves the user's multiple The application user authentication and login time during application use improves the consistency and efficiency of user information use.

本发明技术方案能够进一步提高客户端基于第三方应用进行二维码登录安全性和通用性,第三方应用通过扫描二维码获取用户信息,客户端请求第三方应用基于第三方用户授权登录,第三方用户授权之后,第三方应用授权的临时票据给第三方用户,第三方用户通过临时票据和密钥获取接口权限,本发明技术方案的二维码信息中包含微信开放平台,服务器地址,第三方用户的唯一标识,二维码的特殊标识符,基于上述内容,可不同于现有技术的传统二维码登录内容,通过扫描二维码及授权使用功能,有效提高用户信息的验证过程的有效性,并提升了一般性使用的广泛性。在本发明技术方案的可选方案中,服务器端还对所有第三方用户进行分组,以提高用户识别的准确度。The technical solution of the present invention can further improve the security and versatility of the QR code login of the client based on the third-party application. The third-party application obtains user information by scanning the QR code, and the client requests the third-party application to log in based on the authorization of the third-party user. After the three-party user authorizes, the temporary ticket authorized by the third-party application is given to the third-party user, and the third-party user obtains the interface authority through the temporary ticket and key. The two-dimensional code information of the technical solution of the present invention includes WeChat open platform, server address, third-party The unique identifier of the user and the special identifier of the two-dimensional code, based on the above content, can be different from the traditional two-dimensional code login content of the prior art. By scanning the two-dimensional code and authorizing the use function, the effectiveness of the user information verification process can be effectively improved. , and enhance the universality of general use. In an optional solution of the technical solution of the present invention, the server side further groups all third-party users, so as to improve the accuracy of user identification.

为了增强本发明的安全性,本发明技术方案还通过随机标识设置客户端显示二维码存在时效性,一段时间后,扫描二维码会被提示二维码已失效,从而导致登录失败。本发明技术方案根据得到的第三方用户的唯一标识,在服务器端查找判断此用户是否在被允许登录的用户组中。本发明技术方案还通过设置验证用户标识对应用户的登录状态,保证一个第三方用户虽然能适用于同时登录多种客户端,但是同一种客户端只能登录一个。In order to enhance the security of the present invention, the technical solution of the present invention also sets the timeliness of displaying the two-dimensional code on the client side through random identification. After a period of time, scanning the two-dimensional code will prompt that the two-dimensional code is invalid, resulting in login failure. According to the obtained unique identifier of the third-party user, the technical solution of the present invention searches and judges whether the user is in the user group allowed to log in at the server side. The technical solution of the present invention also ensures that a third-party user can log in to multiple clients at the same time, but can only log in to one client of the same type by setting the login status of the user corresponding to the verification user ID.

本发明技术方案所处理所述二维码记录信息的过程,以得到二维码记录信息中第三方用户的唯一标识(即所述用户标识)和二维码的特殊标识符(即所述随机标识),把他们两进行捆绑,从而将随机标识设定为第三方应用订阅及发布消息主题,实现认证及登录情况的即时发布沟通。The process of processing the two-dimensional code record information in the technical solution of the present invention is to obtain the unique identification of the third-party user (that is, the user identification) and the special identifier of the two-dimensional code (that is, the random code) in the two-dimensional code record information. ID), and bind them together, so that the random ID can be set as the subject of third-party application subscription and publishing messages, so as to realize the real-time release and communication of authentication and login status.

附图说明Description of drawings

通过阅读参照以下附图对非限制性实施例所作的详细描述,本发明的其他特征、目的和优点将会变得更明显:Other characteristics, objects and advantages of the present invention will become more apparent by reading the detailed description of non-limiting embodiments with reference to the following drawings:

图1为本发明技术方案所提供的一种基于二维码的第三方用户认证方法流程示意图;Fig. 1 is a schematic flow chart of a third-party user authentication method based on a two-dimensional code provided by the technical solution of the present invention;

图2为本发明技术方案所提供的一种基于二维码的第三方用户登录方法流程示意图;Fig. 2 is a schematic flow chart of a third-party user login method based on a two-dimensional code provided by the technical solution of the present invention;

图3为本发明技术方案所提供的一种基于二维码的第三方用户认证与登录方法流程示意图;Fig. 3 is a schematic flow diagram of a third-party user authentication and login method based on a two-dimensional code provided by the technical solution of the present invention;

图4为本发明技术方案实现二维码第三方安全认证登录的具体应用过程示意图;Fig. 4 is a schematic diagram of the specific application process of the technical solution of the present invention to realize the third-party security authentication login of the two-dimensional code;

图5为本发明技术方案在扫码之后服务器端认证的具体应用过程示意图。Fig. 5 is a schematic diagram of the specific application process of the server-side authentication after the code scanning of the technical solution of the present invention.

具体实施方式Detailed ways

现有技术中扫码登录的方式都是非常单一而且较为独立的,不同用户信息之间的认证过程都是独立的:In the prior art, the scan code login method is very single and relatively independent, and the authentication process between different user information is independent:

在用户扫码登录电脑客户端实际应用中,现阶段主要存在两种情况:In the actual application of the user scanning the code to log in to the computer client, there are mainly two situations at this stage:

比如一个大街网的手机app注册用户可以扫码登录网页版的大街网,这种情况是应用程序内部进行用户信息的认证与登录,不涉及外部应用的用户信息的认证与登录;For example, a registered user of the Dajie.com mobile app can scan the code to log in to the web version of Dajie.com. In this case, the authentication and login of user information is performed within the application, and does not involve the authentication and login of user information in external applications;

或者,一个微信app注册用户可以扫码登录微信客户端;微信用户可以扫码登录任意的客户端,但是这个客户端只是认证了扫码用户是否是一个合法的微信用户而没有认证所述微信用户是否被允许登录这个客户端,任何微信用户扫描二维码,并别有识别此微信用户是否是此网站或者此客户端的合法用户,这种情况下,应用之间的用户信息及其信息认证过程是相互独立的,不存在任何相互使用于认证过程的步骤流程。Alternatively, a WeChat app registered user can scan a QR code to log in to the WeChat client; a WeChat user can scan a QR code to log in to any client, but this client only verifies whether the QR code scanning user is a legitimate WeChat user without authenticating the WeChat user Whether it is allowed to log in to this client, any WeChat user scans the QR code, and does not identify whether the WeChat user is a legitimate user of this website or this client. In this case, the user information and its information authentication process between applications are independent of each other, and there is no step flow that uses each other for the authentication process.

上述两种情况普遍存在,缺乏变通性、安全性,存在安全隐患。The above two situations are ubiquitous, lack flexibility, safety, and have potential safety hazards.

本发明技术方案提供了如下实施例,涉及了一种可基于第三方用户及其用户信息进行客户端用户认证及登录的方案,可实现应用程序间用户信息的相互利用,实现用户信息在应用程序间的用户认证。The technical solution of the present invention provides the following embodiments, and relates to a solution for client user authentication and login based on third-party users and their user information, which can realize mutual utilization of user information between application programs, and realize user information in application programs between user authentication.

为了更好的使本发明的技术方案清晰的表示出来,下面结合附图对本发明作进一步说明。In order to better clearly express the technical solution of the present invention, the present invention will be further described below in conjunction with the accompanying drawings.

以下结合附图对本发明的具体实施例进行说明。Specific embodiments of the present invention will be described below in conjunction with the accompanying drawings.

实施例一Embodiment one

如图1所示的一种基于二维码的第三方用户认证方法,包括如下步骤:A third-party user authentication method based on a two-dimensional code as shown in Figure 1 includes the following steps:

步骤S100,获取所述第三方用户对应第三方应用的所有用户信息,所述用户信息包括用户标识;Step S100, obtaining all user information of the third-party user corresponding to the third-party application, the user information including a user ID;

步骤S101,根据服务器端生成的随机标识产生二维码;Step S101, generating a two-dimensional code according to the random identification generated by the server;

步骤S102,利用所述第三方应用扫描二维码以获取本次认证所述用户标识对应第三方用户的用户信息;Step S102, using the third-party application to scan the QR code to obtain the user information of the third-party user corresponding to the user ID in this authentication;

步骤S103,在所述随机标识有效时根据所获取用户信息的用户标识查询合法用户列表以对所述第三方用户进行认证。Step S103, when the random identifier is valid, query the legal user list according to the user identifier of the acquired user information to authenticate the third-party user.

根据步骤S100,所述获取所述第三方用户对应第三方应用的所有用户信息包括:According to step S100, the obtaining all user information of the third-party user corresponding to the third-party application includes:

基于所述第三方应用申请用户端平台;Applying for a client platform based on the third-party application;

若所述第三方用户在所述第三方应用内使用所述用户端平台则有权获取该第三方用户的用户信息。If the third-party user uses the client platform in the third-party application, he has the right to obtain the user information of the third-party user.

更为具体的,上述步骤S100还包括:基于所述第三方应用接口获取所述第三方用户对应第三方应用的用户信息。其中所述第三方应用接口基于所述第三方应用中用户端平台进行的。More specifically, the above step S100 further includes: acquiring user information corresponding to a third-party application of the third-party user based on the third-party application interface. Wherein the third-party application interface is based on the client platform in the third-party application.

在本实施例中,所述用户端即可以作为用户实际将要登录的客户端。所述客户端与用户端是本应用的移动端,也可以是电脑端。In this embodiment, the user terminal may be the client that the user will actually log in to. The client and user end are the mobile end of the application, and may also be the computer end.

根据步骤S101,所述根据服务器端产生的随机标识及所述用户标识产生二维码包括:认证时根据服务器端产生的随机标识及所述用户标识产生二维码。According to step S101, the generating a two-dimensional code according to the random identifier generated by the server and the user identifier includes: generating a two-dimensional code according to the random identifier generated by the server and the user identifier during authentication.

根据步骤S101,所述根据服务器端生成的随机标识产生二维码包括:According to step S101, said generating the two-dimensional code according to the random identification generated by the server includes:

获取所述用户信息的请求链接;A request link to obtain said user information;

获取服务器端产生的随机标识及验证所述随机标识及用户标识的验证链接;Obtain the random ID generated by the server and verify the random ID and the verification link of the user ID;

基于所述请求链接、随机标识及验证链接形成所述二维码。The two-dimensional code is formed based on the request link, the random identification and the verification link.

根据步骤S102,所述随机标识具有预定时效,所述用户信息包括:用户资料信息及用户标识,所述用户资料信息至少包括如下信息中的一种:昵称、头像、性别、地址、权限。According to step S102, the random identification has a predetermined time limit, and the user information includes: user profile information and user identification, and the user profile information includes at least one of the following information: nickname, profile picture, gender, address, and authority.

根据步骤S103,所述在所述随机标识有效时根据所获取用户信息的用户标识查询合法用户列表以对所述第三方用户进行认证包括:According to step S103, the querying the legal user list according to the user identification of the obtained user information when the random identification is valid to authenticate the third-party user includes:

将所述随机标识与本次认证获得的用户标识绑定,所述随机标识为所述第三方应用订阅有关认证的消息主题;Bind the random ID with the user ID obtained in this authentication, and the random ID subscribes to the authentication-related message topic for the third-party application;

若该用户标识存在于所述合法用户列表则上传认证成功的消息至服务器端,否则上传认证失败的消息至服务器端。If the user identifier exists in the legal user list, upload a message of successful authentication to the server; otherwise, upload a message of failed authentication to the server.

在上述流程步骤中,所述基于合法用户列表可以通过另外的分组步骤获取,即根据所获取的所有用户信息及用户标识对所述第三方用户进行分组以形成所述合法用户列表。In the above process steps, the legitimate user list can be obtained through another grouping step, that is, the third-party users are grouped according to all obtained user information and user identifiers to form the legitimate user list.

分组步骤可以采用另外的流程执行,也可以在上述步骤S100中进行同时执行。The grouping step can be performed in another process, or can be performed simultaneously in the above step S100.

除了使用上述实施流程实现步骤S103外,还可以增加进一步检测认证用户登录客户端唯一性的检测,以确保一个用户只能在一个客户端进行登录,确保登录的安全性与唯一性,因此,在其他实施例中,根据步骤S03,所述在所述随机标识有效时根据所获取用户信息的用户标识查询合法用户列表以对所述第三方用户进行认证还可以包括如下认证流程:In addition to implementing step S103 using the above implementation process, further detection of the uniqueness of the authentication user login client can be added to ensure that a user can only log in on one client to ensure the security and uniqueness of login. Therefore, in In other embodiments, according to step S03, when the random identification is valid, querying the legal user list according to the user identification of the obtained user information to authenticate the third-party user may also include the following authentication process:

将所述随机标识与本次认证获得的用户标识绑定,所述随机标识为所述第三方应用订阅有关认证的消息主题;Bind the random ID with the user ID obtained in this authentication, and the random ID subscribes to the authentication-related message topic for the third-party application;

若该用户标识存在于所述合法用户列表则继续基于所述用户标识查询所述第三方用户的登录状态;If the user identifier exists in the legal user list, continue to query the login status of the third-party user based on the user identifier;

若该第三方用户的登录状态为未登录,则上传认证成功的消息至服务器端,否则上传认证失败的消息至服务器端。If the login status of the third-party user is not logged in, upload a message of successful authentication to the server, otherwise upload a message of failed authentication to the server.

上述消息模式可以采用MQTT(Message Queuing Telemetry Transport,消息队列遥测传输)协议进行传输,所述随机标识可采用UUID(Universally Unique Identifier,通用唯一识别码)实现,所述用户标识可采用OPENID(以用户为中心的数字身份识别框架)实现。The above message mode can be transmitted by MQTT (Message Queuing Telemetry Transport, message queue telemetry transmission) protocol, the random identifier can be realized by UUID (Universally Unique Identifier, universally unique identification code), and the user identifier can be implemented by OPENID (Universally Unique Identifier) Centered digital identity framework) implementation.

实施例二Embodiment two

如图2所示的一种基于第三方应用的用户登录方法,包括如下步骤流程:A user login method based on a third-party application as shown in Figure 2 includes the following steps:

步骤S200,基于用户输入的登录请求产生二维码,所述二维码根据服务器端产生的随机标识产生,所述二维码具有请求接入所述第三方应用用户信息的链接;Step S200, generating a two-dimensional code based on the login request input by the user, the two-dimensional code is generated according to the random identification generated by the server, and the two-dimensional code has a link requesting access to the user information of the third-party application;

步骤S201,利用所述第三方应用扫描所述二维码以获取本次认证所述用户标识对应第三方用户的用户信息;Step S201, using the third-party application to scan the two-dimensional code to obtain the user information of the third-party user corresponding to the user ID in this authentication;

步骤S202,在所述随机标识有效时根据所获取用户信息的用户标识查询合法用户列表以对所述第三方用户进行认证;Step S202, when the random identifier is valid, query the legal user list according to the user identifier of the obtained user information to authenticate the third-party user;

步骤S203,若认证成功则用户基于所述第三方用户的用户信息进行登录。Step S203, if the authentication is successful, the user logs in based on the user information of the third-party user.

本实施例的相关流程步骤的具体实现过程可参考实施例一,此处不再赘述。For the specific implementation process of the relevant process steps in this embodiment, reference may be made to Embodiment 1, which will not be repeated here.

实施例三Embodiment three

如图3所示的一种基于第三方应用的用户认证方法,所示第三方应用为微信程序,其基于微信扫描进行认证,以实现用户登录,包括如下步骤流程:A user authentication method based on a third-party application as shown in Figure 3, the third-party application shown is a WeChat program, which performs authentication based on WeChat scanning to achieve user login, including the following steps:

步骤S300,打开客户端,利用webservice连接服务器端,使服务器端和客户端之前的通道打开。Step S300, open the client, use webservice to connect to the server, and open the channel between the server and the client.

步骤S301,被连接的服务器产生一个唯一的随机数(即上述实施例中的随机标识),并且传递给客户端,这个是作为二维码的特殊标识符。In step S301, the connected server generates a unique random number (that is, the random ID in the above-mentioned embodiment), and transmits it to the client, which is a special identifier as a two-dimensional code.

步骤S302,客户端利用得到的所述特殊标识符,加上服务器端地址,微信开放平台生成一个独一无二的二维码,显示在客户端页面。Step S302, the client uses the obtained special identifier, plus the address of the server, and the WeChat open platform generates a unique two-dimensional code, which is displayed on the client page.

步骤S303,移动微信用户打开扫一扫,解析二维码内容,获取二维码所包含的信息,包括写在二维码中的特殊标识符,根据微信开放平台得到的微信端用户信息,同时再次连接跟服务器端的通道。Step S303, the mobile WeChat user opens and scans the QR code, analyzes the content of the QR code, and obtains the information contained in the QR code, including the special identifier written in the QR code, and obtains the WeChat terminal user information according to the WeChat open platform. Reconnect to the server-side channel.

步骤S304,把获取到的用户信息和特殊标识符进行捆绑,利用服务器端判断,是否为登录客户端的合法用户。Step S304: Bind the obtained user information with the special identifier, and use the server to determine whether the user is a legal user who logs in to the client.

步骤S305,不管是否成功,将验证结果信息通过MQTT传递,以所述特殊标识符为主题,验证结果为内容上传到MQTT服务器,客户端订阅特殊标识符为主题的消息,得到所述主题的内容,判断所述微信用户是否在客户端登录成功,若客户端登录成功,所有功能被开启,微信端显示登录成功页面,若失败,客户端和微信端同时被提示登录失败。Step S305, no matter whether it is successful or not, the verification result information is transmitted through MQTT, with the special identifier as the subject, the verification result as the content is uploaded to the MQTT server, the client subscribes to the message with the special identifier as the subject, and obtains the content of the subject , judging whether the WeChat user has successfully logged in at the client terminal, if the client login is successful, all functions are enabled, and the WeChat terminal displays a successful login page, if it fails, both the client terminal and the WeChat terminal are prompted to fail to log in at the same time.

根据上述流程步骤,其中发出登录请求同时连接服务器,二维码所解析的内容要在服务器进行验证。验证过程包括如下步骤流程:According to the above process steps, the login request is sent and the server is connected at the same time, and the content parsed by the QR code needs to be verified on the server. The verification process includes the following steps:

步骤P1:首先需要保证二维码是有效的,二维码中所包含的特殊标识符存在生命周期,可以根据每个客户端对安全性的要求设置,在一定的生命周期比如说30s之后,特殊标识符会失效,这样直接导致二维码失效,当微信用户扫二维码时,会被提示二维码失效,即客户端登录失败。Step P1: First of all, it is necessary to ensure that the QR code is valid. The special identifier contained in the QR code has a life cycle, which can be set according to the security requirements of each client. After a certain life cycle, for example, 30s, The special identifier will be invalid, which directly leads to the invalidation of the QR code. When WeChat users scan the QR code, they will be prompted that the QR code is invalid, that is, the client login fails.

步骤P2:若二维码是有效的,那么二维码信息中的特殊标识符,所述生成二维码信息,具体为:所述服务器生成的特殊的随机标识符,根据所述特殊标识符和服务器地址组成了二维码信息;根据所述二维码信息获取扫码用户的唯一标识,根据用户的唯一标识可以判断此用户是否在允许登录的队列。Step P2: If the two-dimensional code is valid, then the special identifier in the two-dimensional code information, the generated two-dimensional code information, specifically: the special random identifier generated by the server, according to the special identifier and the server address to form two-dimensional code information; according to the two-dimensional code information to obtain the unique identification of the user who scans the code, according to the unique identification of the user, it can be judged whether the user is in the queue allowed to log in.

步骤P3:根据本实施例的方法,每个客户端登录和微信用户之间的关系是一对一的,即一个微信号只能登录一个客户端,根据所述的微信用户信息,我们可以在服务器端找到是否此微信用户是否在其他地方有客户端登录,若有,则登录失败;若没有,则登录成功,同时将此用户的登录状态设为登录,登录成功,同时开启客户端的所有功能。Step P3: According to the method of this embodiment, the relationship between each client login and WeChat user is one-to-one, that is, one WeChat account can only log in to one client. According to the WeChat user information, we can log in The server finds out whether the WeChat user has a client login elsewhere. If yes, the login fails; .

若在本实施例中,步骤S305中客户端登录成功,根据微信用户信息的唯一标识,可在服务器找到该用户,将登录状态设置为登录If in this embodiment, the client login is successful in step S305, according to the unique identification of WeChat user information, the user can be found on the server, and the login status is set to login

当关闭客户端时,客户端连接服务器端,根据微信用户信息的唯一标识(即上述实施例中的用户标识),在服务器找到该用户,将登录状态设置为未登录。When the client is closed, the client connects to the server, finds the user at the server according to the unique identifier of the WeChat user information (ie, the user identifier in the above-mentioned embodiment), and sets the login status to unlogged.

在本发明技术方案中,由于通过上述实施例在二维码中加入了特殊标识符;这个标识符存在固定的生存周期,在特定的时间内就会失效,从而导致二维码失效,在一定程度上保护了客户端登录的安全性。此外,本发明技术方案还在客户端中加入了状态模块,即对用户是否在本客户端中的登录状态通过上述用户信息及用户标识进行登录状态的检测,能够避免多个客户端同时使用一个账号认证登录,保障客户端的安全性和登录账号与客户端之前一对一的关系。In the technical solution of the present invention, due to the above-mentioned embodiment, a special identifier is added to the two-dimensional code; this identifier has a fixed life cycle, and it will become invalid within a specific time, thus causing the two-dimensional code to become invalid. To a certain extent, the security of client login is protected. In addition, the technical solution of the present invention also adds a state module to the client, that is, detects whether the user is in the login state of the client through the above-mentioned user information and user identification, which can prevent multiple clients from simultaneously using one Account authentication login ensures the security of the client and the one-to-one relationship between the login account and the client.

应用例Application example

图4是本发明技术方案实现二维码第三方安全认证登录的具体应用过程。Fig. 4 is a specific application process of the technical solution of the present invention to realize the third-party security authentication login of the two-dimensional code.

该应用例实现移动端第三方应用扫描电脑客户端的二维码,通过微信开放平台获取第三方用户的唯一标识,不放过任何非法登录的可能,经过身份认证登录电脑客户端的过程。This application example realizes the process of scanning the QR code of the computer client by the third-party application on the mobile terminal, obtaining the unique identification of the third-party user through the WeChat open platform, and logging into the computer client through identity authentication without letting go of any possibility of illegal login.

上述所表示的第三方用户在本发明的应用中是指微信用户。The above-mentioned third-party users refer to WeChat users in the application of the present invention.

上述所表示的微信端是指手机,平板等移动端的微信应用,支持扫一扫功能。The WeChat terminal mentioned above refers to the WeChat application on mobile terminals such as mobile phones and tablets, which support the scan function.

本具体实施方法是基于微信开放的接口,可以帮助获取扫码的微信用户的唯一标识。This specific implementation method is based on the open interface of WeChat, which can help to obtain the unique identifier of the WeChat user who scans the code.

上述具体实施方式是把二维码认证登录应用到了一个处理红外热像的客户端上。The above specific implementation method is to apply the two-dimensional code authentication login to a client that processes infrared thermal images.

微信公众平台开发是指为微信公众号进行业务开发,为移动应用、PC端网站、公众号第三方平台(为各行各业公众号运营者提供服务)的开发,请前往微信开放平台接入,具体包括如下应用流程:WeChat public platform development refers to business development for WeChat public accounts, development of mobile applications, PC-side websites, and third-party platforms for public accounts (providing services for operators of public accounts in various industries), please go to the WeChat open platform to access, Specifically, the application process includes the following:

申请一个微信认证公众号;Apply for a WeChat official account;

将微信公众号接入微擎系统;Connect the WeChat official account to the Microengine system;

在微信公众平台接入服务器域名;Access the domain name of the server on the WeChat public platform;

打开上述客户端,连接服务器端服务,服务器端产生随机数UUID。Open the above client, connect to the server service, and the server generates a random number UUID.

客户端产生二维码,其中二维码的组成,可参考如下示例:The client generates a QR code, and the composition of the QR code can refer to the following example:

http://open.weixin.qq.com/connect/auth2.0/authorize?appid=XX&redirect_uri=http://服务器验证地址/”+UUID+”&reponse_type=code&scope=snsapi_userinfo&stat=0#wechat_redict。http://open.weixin.qq.com/connect/auth2.0/authorize? appid=XX&redirect_uri=http://server verification address/"+UUID+"&reponse_type=code&scope=snsapi_userinfo&stat=0#wechat_redict.

微信用户扫描二维码,向微信开放平台发起获取用户信息请求,若已关注微信公众号,会出现是否授权获得的用户信息,若没有关注会出现关注微信号并授权获取用户信息,上述的用户信息包括了获取OPENID(相对于每个公众号每个用户的唯一标识)和用户资料(昵称、头像、国、省、城市、性别、权限);WeChat users scan the QR code and initiate a request to obtain user information from the WeChat open platform. If they have followed the WeChat official account, it will display the user information whether they are authorized to obtain it. The information includes obtaining OPENID (the unique identification of each user relative to each official account) and user information (nickname, avatar, country, province, city, gender, authority);

微信客户端扫码同时,连接服务器端验证机制;While the WeChat client scans the code, it connects to the server-side verification mechanism;

微擎后台能够看到所有的关注此微信公众号的用户,将他们分成分组,分别代表了登录客户端的合法用户和不合法用户。WeEngine’s background can see all the users who follow this WeChat official account, and divide them into groups, which represent legal users and illegal users who log in to the client.

图5是本发明技术方案在扫码之后服务器端认证的具体应用过程。Fig. 5 is the specific application process of the server-side authentication after the code scanning of the technical solution of the present invention.

服务器端验证主要包括三个方面,结合图5,具体为:Server-side verification mainly includes three aspects, combined with Figure 5, specifically:

1.判断UUID是否过期,如果过期,那么直接在公众号出现登录失败页面,客户端不做任何回应。1. Determine whether the UUID has expired. If it expires, the login failure page will appear directly on the official account, and the client will not respond.

2.若UUID没有过期,那么将OPENID和UUID绑定,根据上述获取到的用户信息,特别是OPENID,在服务器端判断此OPENID是否在合法登录用户的列表中,若不是的话,服务器端以UUID为MQTT的主题,0为内容上传到服务器,同时微信公众号显示登录失败。2. If the UUID has not expired, then bind the OPENID to the UUID. According to the user information obtained above, especially the OPENID, judge whether the OPENID is in the list of legally logged-in users on the server side. If not, the server side uses the UUID It is the topic of MQTT, 0 means that the content is uploaded to the server, and the WeChat official account shows that the login failed.

3.若UUID没有过期,OPENID在合法登录用户的列表中,通过OPENID查找此OPENID的登录状态,若已登录服务器端以UUID为MQTT的主题,0为内容上传到服务器,同时微信公众号显示登录失败;若未登录,则以UUID为MQTT的主题,1为内容上传到服务器。3. If the UUID has not expired and the OPENID is in the list of legally logged-in users, use the OPENID to find the login status of the OPENID. If you have already logged in to the server, use the UUID as the MQTT topic and 0 as the content to upload to the server, and the WeChat official account displays login Failed; if not logged in, use UUID as the MQTT topic and 1 as the content to upload to the server.

客户端订阅主题为UUID的消息,一旦服务器端有相同主题的内容上传,就可以被客户端接收,客户端根据接收的内容判断是否登录成功,若接收内容为1,则客户端登录成功,登录名为微信用户的昵称,同时发送消息给服务器,此UUID对应的登录状态为已登录。The client subscribes to the message with the subject of UUID. Once the server has uploaded the content of the same subject, it can be received by the client. The client judges whether the login is successful according to the received content. If the received content is 1, the client login is successful. Login The name is the nickname of the WeChat user, and a message is sent to the server at the same time. The login status corresponding to this UUID is logged in.

关闭客户端的同时连接服务器端,此UUID对应的登录状态为未登录。Close the client and connect to the server at the same time, the login status corresponding to this UUID is not logged in.

以上对本发明的具体实施例进行了描述。需要理解的是,本发明并不局限于上述特定实施方式,本领域技术人员可以在权利要求的范围内做出各种变形或修改,这并不影响本发明的实质内容。Specific embodiments of the present invention have been described above. It should be understood that the present invention is not limited to the specific embodiments described above, and those skilled in the art may make various changes or modifications within the scope of the claims, which do not affect the essence of the present invention.

Claims (10)

  1. A kind of 1. third party's user authen method based on Quick Response Code, it is characterised in that including:
    All user profile that the third party user corresponds to third-party application are obtained, the user profile identifies including user;
    The random identification generated according to server end produces Quick Response Code;
    Quick Response Code is scanned using the third-party application to obtain the use that user described in this certification identifies corresponding third party user Family information;
    When the random identification is effective, the user of user profile acquired in identifies inquiry validated user list with to described Third party user is authenticated.
  2. 2. third party's user authen method based on Quick Response Code as claimed in claim 1, it is characterised in that described to obtain described the All user profile that tripartite user corresponds to third-party application include:
    Based on the third-party application application user terminal platform;
    Have the right to obtain third party use if the third party user uses the user terminal platform in the third-party application The user profile at family.
  3. 3. third party's user authen method based on Quick Response Code as claimed in claim 1 or 2, it is characterised in that the acquisition institute State third party user correspond to third-party application user mark also include:The described 3rd is obtained based on the third-party application interface Square user corresponds to the user profile of third-party application.
  4. 4. third party's user authen method based on Quick Response Code as claimed in claim 1, it is characterised in that described according to server Random identification caused by end and the user, which identify generation Quick Response Code, to be included:During certification according to caused by server end random identification And the user identifies and produces Quick Response Code.
  5. It is described to be generated according to server end 5. third party's user authen method based on Quick Response Code as described in claim 1 or 4 Random identification, which produces Quick Response Code, to be included:
    Obtain the hyperlink request of the user profile;
    Obtain random identification caused by server end and the verified link of the checking random identification and user's mark;
    The Quick Response Code is formed based on the hyperlink request, random identification and verified link.
  6. 6. third party's user authen method based on Quick Response Code as claimed in claim 1, it is characterised in that the random identification tool There is predetermined timeliness, the user profile includes:Subscriber information message and user's mark, the subscriber information message comprise at least such as One kind in lower information:The pet name, head portrait, sex, address, authority.
  7. 7. third party's user authen method based on Quick Response Code as claimed in claim 1, it is characterised in that described described random The user of user profile acquired in identifies inquiry validated user list to be carried out to the third party user when identifying effective Certification includes:
    The user that the random identification and this certification obtain is identified and bound, the random identification is that the third-party application is ordered Read the message subject about certification;
    The successful message of certification is uploaded to server end if user mark is present in the validated user list, is otherwise uploaded The message of authentification failure is to server end.
  8. 8. third party's user authen method based on Quick Response Code as claimed in claim 1, it is characterised in that described described random The user of user profile acquired in identifies inquiry validated user list to be carried out to the third party user when identifying effective Certification includes:
    The user that the random identification and this certification obtain is identified and bound, the random identification is that the third-party application is ordered Read the message subject about certification;
    Continue to identify based on the user if user mark is present in the validated user list and inquire about third party's use The logging status at family;
    If the logging status of the third party user uploads the successful message of certification to server end, otherwise uploaded to be not logged in The message of authentification failure is to server end.
  9. 9. third party's user authen method based on Quick Response Code as claimed in claim 1, it is characterised in that also include:
    It is described legal to be formed that the third party user is grouped based on acquired all user profile and user's mark User list.
  10. A kind of 10. user login method based on third-party application, it is characterised in that including:
    Logging request based on user's input produces Quick Response Code, and Quick Response Code random identification according to caused by server end is produced Raw, the Quick Response Code has the link that request accesses the third-party application user profile;
    The Quick Response Code, which is scanned, using the third-party application identifies corresponding third party user to obtain user described in this certification User profile;
    When the random identification is effective, the user of user profile acquired in identifies inquiry validated user list with to described Third party user is authenticated;
    User profile of the user based on the third party user is logged in if certification success.
CN201710985290.3A 2017-10-20 2017-10-20 Third party's user authen method based on Quick Response Code Pending CN107835160A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710985290.3A CN107835160A (en) 2017-10-20 2017-10-20 Third party's user authen method based on Quick Response Code

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710985290.3A CN107835160A (en) 2017-10-20 2017-10-20 Third party's user authen method based on Quick Response Code

Publications (1)

Publication Number Publication Date
CN107835160A true CN107835160A (en) 2018-03-23

Family

ID=61648652

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710985290.3A Pending CN107835160A (en) 2017-10-20 2017-10-20 Third party's user authen method based on Quick Response Code

Country Status (1)

Country Link
CN (1) CN107835160A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109902472A (en) * 2019-02-25 2019-06-18 山东浪潮通软信息科技有限公司 A method of personal information certification is extracted based on two dimensional code and wechat small routine
CN110119611A (en) * 2019-06-06 2019-08-13 宜春宜联科技有限公司 Login method, system and equipment
CN110298421A (en) * 2019-06-26 2019-10-01 云宝宝大数据产业发展有限责任公司 A kind of online generation, offline generation and the verification method and device of two dimensional code
WO2019218747A1 (en) * 2018-05-16 2019-11-21 阿里巴巴集团控股有限公司 Third party authorized login method and system
CN111193718A (en) * 2019-12-13 2020-05-22 航天信息股份有限公司 Safe login method and system based on third party authorization
CN113505249A (en) * 2021-04-29 2021-10-15 武汉北大高科软件股份有限公司 Method and device for binding information and data evidence
CN115422228A (en) * 2022-11-03 2022-12-02 四川蜀天信息技术有限公司 Account package management system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101075864A (en) * 2007-07-16 2007-11-21 腾讯科技(深圳)有限公司 Method for synchronizing and processing data, customer terminal equipment and servo
CN103067381A (en) * 2012-12-26 2013-04-24 百度在线网络技术(北京)有限公司 Third-party service login method, login system and login device by means of platform-party account
US20160004855A1 (en) * 2014-07-03 2016-01-07 Alibaba Group Holding Limited Login using two-dimensional code

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101075864A (en) * 2007-07-16 2007-11-21 腾讯科技(深圳)有限公司 Method for synchronizing and processing data, customer terminal equipment and servo
CN103067381A (en) * 2012-12-26 2013-04-24 百度在线网络技术(北京)有限公司 Third-party service login method, login system and login device by means of platform-party account
US20160004855A1 (en) * 2014-07-03 2016-01-07 Alibaba Group Holding Limited Login using two-dimensional code

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
伍华聪: "C#开发微信门户及应用(41)--基于微信开放平台的扫码登录处理", 《HTTPS://WWW.CNBLOGS.COM/WUHUACONG/P/5583389.HTML》 *
大圣非大圣: "扫码登录", 《HTTP://BLOG.CSDN.NET/JINGLIUSHENG/ARTICLE》 *
郭利敏等: "微信二维码用于图书馆读者身份认证的实践", 《现代图书情报技术》 *

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019218747A1 (en) * 2018-05-16 2019-11-21 阿里巴巴集团控股有限公司 Third party authorized login method and system
TWI706265B (en) * 2018-05-16 2020-10-01 香港商阿里巴巴集團服務有限公司 Third-party authorized login method and system
CN109902472A (en) * 2019-02-25 2019-06-18 山东浪潮通软信息科技有限公司 A method of personal information certification is extracted based on two dimensional code and wechat small routine
CN110119611A (en) * 2019-06-06 2019-08-13 宜春宜联科技有限公司 Login method, system and equipment
CN110298421A (en) * 2019-06-26 2019-10-01 云宝宝大数据产业发展有限责任公司 A kind of online generation, offline generation and the verification method and device of two dimensional code
CN110298421B (en) * 2019-06-26 2023-11-03 云宝宝大数据产业发展有限责任公司 Online generation, offline generation and verification method and device for two-dimensional code
CN111193718A (en) * 2019-12-13 2020-05-22 航天信息股份有限公司 Safe login method and system based on third party authorization
CN113505249A (en) * 2021-04-29 2021-10-15 武汉北大高科软件股份有限公司 Method and device for binding information and data evidence
CN115422228A (en) * 2022-11-03 2022-12-02 四川蜀天信息技术有限公司 Account package management system
CN115422228B (en) * 2022-11-03 2023-01-03 四川蜀天信息技术有限公司 Account package management system

Similar Documents

Publication Publication Date Title
CN107835160A (en) Third party's user authen method based on Quick Response Code
CN103609090B (en) Identity login method and equipment
CN104135494B (en) A kind of same account untrusted terminal logs in method and system based on trusted terminal
US9887999B2 (en) Login method and apparatus
CN114679293A (en) Access control method, device and storage medium based on zero trust security
CN103051630B (en) Method, the Apparatus and system of third-party application mandate is realized based on open platform
CN102710640B (en) Authorization requesting method, device and system
CN103685139B (en) Certificate Authority processing method and processing device
US9979725B1 (en) Two-way authentication using two-dimensional codes
CN108540433B (en) User identity verification method and device
CN106331003B (en) A method and device for accessing an application portal system on a cloud desktop
WO2017028804A1 (en) Web real-time communication platform authentication and access method and device
WO2017202312A1 (en) Message permission management method and device, and storage medium
CN104967604A (en) Login method and system
CN111355726A (en) Identity authorization login method and device, electronic equipment and storage medium
CN104917727A (en) Account authentication method, system and apparatus
CN103327100A (en) Resource processing method and site server
WO2015143855A1 (en) Method, apparatus and system for accessing data resources
CN104780176A (en) Method and system for safely invoking a representational state transfer application programming interface
CN108200040A (en) Mobile client exempts from method, system, browser and the mobile terminal of close login
CN114764507A (en) Method and device for realizing resource access, electronic equipment and storage medium
CN114338078B (en) A CS client login method and device
CN111193691B (en) Authorization method, system and related equipment
CN102843584A (en) Method and system for authenticating network terminals
CN102833328A (en) Unified application calling method and unified calling client

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20180323