CN118157879A - Web application login method and device - Google Patents

Abstract

The application provides a login method and device of a Web application program, wherein the method comprises the following steps: receiving an access request aiming at a first Web application program and sent by terminal equipment; responding to the access request, and determining a first login authentication mode code module from a plurality of preset login authentication mode code modules according to a first login authentication mode configuration item in a first configuration file, wherein the first login authentication mode code module corresponds to the first login authentication mode; generating a login interface task according to codes in the first login authentication mode code module; and sending the login interface task to the terminal equipment, so that the terminal equipment displays a login interface of the first Web application program based on the login interface generation task, and the login interface corresponds to the first login authentication mode. According to the method, the login authentication mode configuration item in the configuration file is modified to switch the login authentication mode of the Web application program, so that the labor cost can be reduced, and the efficiency of switching the login authentication mode of the Web application program is improved.

Description

Login method and device for Web application program

Technical Field

The application belongs to the technical field of software development, and particularly relates to a login method and device of a Web application program.

Background

With the advent of the internet era, the digitalized transformation of various industries is urgent, and under this trend, various Web applications emerge like spring bamboo shoots after rain, and as the first entry of using applications, the login link of the applications is certainly one of the most important parts in product experience.

Generally, a login authentication mode corresponding to a Web application is fixed, and a login authentication mode may include one or more login modes. Different application scenarios of the same Web application often have different requirements for login authentication modes, and the fixed login authentication mode is difficult to meet the requirements of the different application scenarios. In order to enable a certain Web application program to meet the requirements of different application scenes on login authentication modes, the code of the Web application program is often required to be modified, and the modification often consumes a great deal of labor cost.

Therefore, how to realize the switching of different login authentication modes of an application at low cost is a technical problem to be solved.

Disclosure of Invention

The embodiment of the application provides a login method and a login device for a Web application program, which can solve the technical problem of how to realize the switching of different login authentication modes of an application at low cost in the prior art.

In a first aspect, an embodiment of the present application provides a login method of a Web application, which is applied to a server, where the first Web application includes a first configuration file and a plurality of preset login authentication mode code modules; each login authentication mode code module corresponds to a login authentication mode; the first configuration file includes a first login authentication mode configuration item that is determined and set according to a first login authentication mode used by the first Web application, the method comprising:

Receiving an access request aiming at a first Web application program and sent by terminal equipment;

responding to the access request, and determining a first login authentication mode code module from a plurality of preset login authentication mode code modules according to a first login authentication mode configuration item in a first configuration file, wherein the first login authentication mode code module corresponds to the first login authentication mode;

generating a login interface task according to codes in the first login authentication mode code module;

And sending the login interface task to the terminal equipment, so that the terminal equipment displays a login interface of the first Web application program based on the login interface generation task, and the login interface corresponds to the first login authentication mode.

The Web application in the method comprises a plurality of preset login authentication mode code modules and configuration files, wherein each login authentication mode code module corresponds to one login authentication mode, the configuration files comprise login authentication mode configuration items, one login authentication mode configuration item corresponds to one login authentication mode, and the login authentication mode configuration items in the configuration files determine the login authentication mode used by the Web application. When the login authentication mode of the Web application program is required to be changed, only the login authentication mode configuration item in the configuration file is required to be changed into the login authentication mode configuration item corresponding to the login authentication mode to be adopted, and the modification mode can avoid modifying a large number of codes, so that the labor cost of switching the login mode of the Web application program is reduced, and the efficiency of switching the login authentication mode of the Web application program is improved.

In one possible implementation manner of the first aspect, the first configuration file is hosted on a cloud platform. The first configuration file is hosted on the cloud platform, and the corresponding login mode of the Web application program can be modified by modifying the content in the cloud platform configuration file, so that the modification of the first configuration file is more convenient, and the login authentication mode switching efficiency of the Web application program is further improved.

In a possible implementation manner of the first aspect, the first login authentication mode is CAS login, shiro login, OAuth login, weChat login, or a fusion login of any two or more of CAS login, shiro login, OAuth login and WeChat login.

In a possible implementation manner of the first aspect, the first Web application includes a business logic code module, and the method further includes:

receiving a user login authentication request sent by a terminal device, wherein the user login authentication request is sent by the terminal device in response to login operation performed by a user on a login interface;

based on a user login authentication request, performing login authentication on a user to obtain a login authentication result;

Generating an application interface task based on codes in the business logic code module under the condition that the login authentication result is that the login authentication is successful;

and sending the application interface task to the terminal equipment so that the terminal equipment displays the application interface of the first Web application program based on the application interface task.

In the implementation mode, the codes related to the business logic in the Web application program and the codes related to the login authentication are separated by setting the business logic code block, so that the development and maintenance of the codes of the Web application program are more convenient.

In a possible implementation manner of the first aspect, based on a user login authentication request, performing login authentication on a user to obtain a login authentication result; comprising the following steps:

Based on the user login authentication request, performing login authentication on the user by using the user information stored in the authentication interaction database to obtain a login authentication result; the authentication interaction database comprises a plurality of preset user information, the target database comprises user information using a first login authentication mode, and the user information in the authentication interaction database is updated periodically according to the user information in the target database. In the implementation mode, the user information stored in the target database is all user information, and the authentication interaction database is periodically finer according to the target database, so that all newly added users can be ensured to smoothly log in the first Web application program, and the user experience is improved; meanwhile, the deleted user is prevented from logging in the first Web application program, and data security is ensured.

In a possible implementation manner of the first aspect, in a case that the login authentication result is that the login authentication is successful, a Redis sentinel mode cluster is adopted to cache session information related to the user generated in the login authentication process. In this embodiment, the server stores session information, and when login authentication is required for the user again, the server can read data through the memory, so that the data can be read faster than the data from the database, and the login authentication efficiency is improved.

In a second aspect, an embodiment of the present application provides a login device for a Web application, where the login device includes: means for performing the steps of the method as described in any of the embodiments of the first aspect above.

In a third aspect, an embodiment of the present application provides a computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, the processor implementing the steps of the method as described in any of the embodiments of the first aspect above when the computer program is executed.

In a fourth aspect, embodiments of the present application provide a computer-readable storage medium having stored therein a computer program or instructions which, when read and executed by a computer, cause the computer to perform the steps of the method as described in any of the embodiments of the first aspect above.

In a fifth aspect, the present embodiments provide a computer program product which, when run on a server, causes the server to perform the steps of the method described in any of the embodiments of the first aspect above.

In a sixth aspect, an embodiment of the present application provides a chip, including: a processor for calling and running a computer program from a memory, causing a computer device on which the chip is mounted to perform the method as described in any of the embodiments of the first aspect above.

It will be appreciated that the advantages of the second to sixth aspects may be found in the relevant description of the first aspect, and are not described here again.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the embodiments or the description of the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings can be obtained according to these drawings without inventive effort for a person skilled in the art.

Fig. 1 is a flowchart of a configuration method of a login authentication mode of a Web application according to an embodiment of the present application;

FIG. 2 is an interaction diagram of a method for logging in a Web application according to an embodiment of the present application;

FIG. 3 is a schematic diagram of a login interface of a Web application according to an embodiment of the present application;

FIG. 4 is a schematic diagram of the basic protocol process of CAS login used by a Web application in one embodiment of the present application.

FIG. 5 is a flow chart of CAS login used by a Web application in one embodiment of the present application;

FIG. 6 is a schematic diagram of a login interface for a Web application provided in another embodiment of the present application;

FIG. 7 is a schematic diagram of Shiro login used by a Web application in one embodiment of the application;

FIG. 8 is a schematic diagram of a login interface for a Web application provided in accordance with another embodiment of the present application;

Fig. 9 is a schematic diagram of OAuth login used by a Web application in an embodiment of the present application.

FIG. 10 is a block diagram of a login device for a Web application according to an embodiment of the present application;

Fig. 11 is a schematic diagram of an internal structure of a computer device according to an embodiment of the present application.

Detailed Description

In the following description, for purposes of explanation and not limitation, specific details are set forth such as the particular system architecture, techniques, etc., in order to provide a thorough understanding of the embodiments of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary detail.

It should be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.

It should also be understood that the term "and/or" as used in the present specification and the appended claims refers to any and all possible combinations of one or more of the associated listed items, and includes such combinations.

As used in the present description and the appended claims, the term "if" may be interpreted as "when..once" or "in response to a determination" or "in response to detection" depending on the context. Similarly, the phrase "if a determination" or "if a [ described condition or event ] is detected" may be interpreted in the context of meaning "upon determination" or "in response to determination" or "upon detection of a [ described condition or event ]" or "in response to detection of a [ described condition or event ]".

Furthermore, the terms first, second, third and the like in the description of the present application and in the claims, are used for distinguishing between the descriptions and not necessarily for indicating or implying a relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include one or more such feature. In the description of the present application, the meaning of "a plurality" is two or more, unless explicitly defined otherwise.

Reference in the specification to "one embodiment" or "some embodiments" or the like means that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the application. Thus, appearances of the phrases "in one embodiment," "in some embodiments," "in other embodiments," and the like in the specification are not necessarily all referring to the same embodiment, but mean "one or more but not all embodiments" unless expressly specified otherwise. The terms "comprising," "including," "having," and variations thereof mean "including but not limited to," unless expressly specified otherwise.

In order that the application may be more readily understood, a description of certain terms involved in the application will be provided below.

Web application: also known as a Web application, is an application that can be accessed through the Web. The user can access the Web application program only by using a browser without installing other software.

Login authentication mode: the specific technology used in the application program login authentication process may be, for example, CAS login for implementing single sign-on of a multi-application system, OAuth login for implementing flexible switching between the application program and a third party application program, shiro login for identity authentication and authority management, weChat login for facilitating user use, or the like, or may also be a login authentication mode in which any two or more of CAS (Central Authentication Service ) login, shiro login, OAuth login and WeChat login are combined.

The login mode is as follows: the specific operation method based on the user login application program can be, for example, account password login, third party login (such as WeChat login, QQ login and the like), sweep two-dimensional code login (adopting the client version application program to scan the two-dimensional code of the webpage version application program) or short message verification code login and the like.

With the advent of the internet era, web applications were visible everywhere, and the login link was the first entry for a user to access a Web application. Unused Web applications may have unused login authentication patterns, and generally the login authentication pattern corresponding to a Web application is fixed, and one login authentication pattern may include one or more login modes.

At present, many Web applications often need to be deployed in a personalized manner according to specific application scenarios, that is, the same Web application needs to meet the requirements of a plurality of different application scenarios. The requirements of different application scenes on the login authentication modes of the same Web application function often have differences, so that the fixed login authentication modes make it difficult for the Web application program to meet the requirements of different application scenes. To meet the requirements of different application scenarios, a lot of modifications are often required to the code of the Web application program, resulting in a lot of manpower costs.

For example, different application scenarios may be different subordinate departments of the same group (e.g., group), and different application scenarios may also be different clients corresponding to the same Web application.

In order to make the technical problem related to the present application more clearly understood, the following first exemplifies the case where the service data management system X (a Web application program) is applied to different subordinate departments within a group, and it is difficult to satisfy the requirements of the different departments in a fixed login authentication manner.

It is assumed that the current login authentication mode of the service data management system X adopts CAS login, so that a user can realize single sign-on with other application systems inside a group. Two different subordinate departments are respectively a department X1 and a department X2, and the needs of the department X1 and the department X2 on the login authentication mode of the business data management system X are different, specifically as follows:

For the department X1, the user of the department X1 needs to use a plurality of other application systems inside the group in addition to the service data management system X, so that it is desirable that the service data management system X and the other application systems inside the group can realize single sign-on, and therefore, the current login authentication mode of the service data management system X meets the requirement of the department X1, and the service data management system X is deployed for the department X1 without modifying the service data management system X.

For the department X2, the user of the department X2 mainly uses the service data management system X, and does not need to use other application systems inside the group, so that the user of the department X2 wants the service data management system X to realize WeChat login. The current login authentication mode of the service data management system X does not meet the requirements of the department X2. Then when the service data management system X is deployed for the department X2, in order to meet the requirement of the department X2, modification of the service data management system X is required, for example, development of the login authentication mode part of the service data management system X is resumed. Such modifications involve modification of a large amount of code content, are labor intensive, and therefore require a large amount of labor costs.

In the following, a case where a fixed login authentication mode is difficult to satisfy different client requirements will be exemplarily described by taking an application of the database service system Y (a Web application) between different clients as an example.

It is assumed that the current login authentication mode of the database service system Y adopts CAS login, so that a client can implement single sign-on of the database service system Y with a plurality of other application systems. Two different clients are respectively enterprise a and enterprise B, and the requirements of enterprise a and enterprise B on login authentication modes of the database service system Y are different, specifically as follows:

For enterprise a, enterprise a belongs to a large-scale enterprise, in order to facilitate staff to use various application programs, enterprise a hopes that the database service system Y can realize single sign-on with other applications in the enterprise, and therefore, the current login authentication mode of the database service system Y meets the requirements of enterprise a.

For enterprise B, which is a small enterprise, enterprise B wishes to have access to database service system Y by WeChat in order to facilitate employee use of database service system Y. The current login authentication mode of the database service system Y does not meet the requirements of the enterprise B. Then, when deploying the database service system Y for the enterprise B, in order to meet the requirements of the enterprise B, the database service system Y needs to be modified, for example, the login authentication mode part of the database service system Y needs to be developed again. Such modifications involve modification of a large amount of code content, are labor intensive, and therefore require a large amount of labor costs.

After the technical problems are clearly explained, the technical scheme of the application based on the technical problems is explained below.

In view of the above technical problems, the present application provides a login method for a Web application, in which the Web application includes a plurality of preset login authentication mode code modules (also referred to as login portions) and a configuration file, where each of the login authentication mode code modules corresponds to a login authentication mode, the configuration file includes a login authentication mode configuration item, one of the login authentication mode configuration items corresponds to one of the login authentication modes, and the login authentication mode configuration item in the configuration file determines the login authentication mode used by the Web application. When the login authentication mode of the Web application program is required to be changed, only the login authentication mode configuration item in the configuration file is required to be changed into the login authentication mode configuration item corresponding to the login authentication mode to be adopted, and the modification mode can avoid modifying a large number of codes, so that the labor cost of switching the login authentication mode of the Web application program is reduced, and the efficiency of switching the login authentication mode of the Web application program is improved.

It will be appreciated that in some embodiments, the Web application includes a business logic code module (also referred to as a business logic portion) in addition to a plurality of preset login authentication pattern code modules and configuration files. By setting the business logic code block, the codes related to business logic in the Web application program and the codes related to login authentication are separated, so that the development and maintenance of the codes of the Web application program are more convenient.

The following specifically explains three parts of a plurality of preset login authentication mode code modules, service logic code modules and configuration files in the Web application program respectively.

It should be understood that the service logic code module includes code corresponding to the service logic of the Web application, i.e., functions related to the actual service for implementing the Web application. For example, the business logic code module may be used to process the business logic related to the Web application program, abstract the business scenario, and perform operations such as data reading, record modification, etc. according to different actions, steps, etc. in the business operation, so as to maintain the normal business operation of the Web application program.

It should also be appreciated that a plurality of preset login authentication mode code modules are used to implement functions related to the login process of the Web application. For example, the functions that a certain login authentication mode code module may implement include: generating a login interface task corresponding to the preset login authentication mode so that the terminal equipment displays a login interface based on the login interface task; authenticating the identity of the user according to login information input by the user on a login interface; when the user login authentication is passed, a business logic code module is called to generate an application interface task of the Web application program, so that the terminal equipment displays an application interface of the Web application program based on the application interface task; when the login authentication of the user fails, a prompt task can be generated, so that the terminal equipment displays login failure prompt information to the user based on the prompt task, and the user is reminded to carry out login authentication again.

For example, the Web application may employ a micro-service architecture, where a plurality of preset login authentication mode code modules are first micro-service modules and the business logic code modules are second micro-service modules. Specifically, after the user login authentication is successful, the first micro-service module invokes the second micro-service module through a remote procedure call (Remote Producer Call, RPC). By setting a plurality of preset login authentication mode code modules and business logic code modules as two independent micro-service modules which can be mutually called, the Web application program is decomposed into two manageable micro-service modules while the overall function of the Web application program is not changed, and a single micro-service module can be developed more quickly and understood and maintained more simply.

It should be understood that in other embodiments, the service logic code module may be integrated with a plurality of preset login authentication mode code modules, that is, each login authentication mode code module is integrated with the service logic code module, that is, each login authentication mode code module includes all codes that can implement the login function and the service function of one Web application.

In the embodiment of the application, the configuration file is provided with a login authentication mode configuration item, the login authentication mode configuration item is modifiable content, and the login authentication mode configuration item included in the configuration file corresponds to a login authentication mode used by the Web application program.

It can be appreciated that the login authentication mode configuration item in the configuration file matches the login authentication mode code module used; when logging in the Web application program, a login authentication mode code module matched with the login authentication mode configuration item is selected, and the Web application program is logged in based on the matched login authentication mode code module.

It may be understood that, in the Web application, the configuration file may be a configuration file dedicated to setting the login authentication mode configuration item, or may be a configuration file shared by the login authentication mode configuration item and other configuration information, which is not limited in this aspect of the present application.

In some embodiments, the configuration file or login authentication configuration item in the configuration file may be hosted on the cloud platform. It can be understood that when the configuration file is hosted on a cloud platform, the configuration file is stored in both the cloud platform and the local cloud platform, and the content of the configuration file in the cloud platform and the content of the local configuration file are changed synchronously, so that the switching of the login authentication mode of the Web application can be realized by modifying the login authentication mode configuration item in the configuration file of the cloud platform. And the configuration files in the cloud platform can be shared, namely, other people can be authorized to modify the content of the configuration files through the cloud platform.

Illustratively, the cloud platform may be GitHub, bitbucket or Gitee (code cloud), or the like.

It should be understood that, in the embodiment of the present application, the specific form of the cloud platform is not limited, as long as the cloud platform can implement synchronous modification of the configuration file content and the local configuration file content, and can implement sharing of the configuration file of the cloud platform.

In the above embodiment, the configuration file is hosted on the cloud platform, and the modification of the login mode of the corresponding Web application program can be realized by modifying the content in the configuration file of the cloud platform, for example, the client can be authorized to modify the content of the configuration file, so that the modification of the login mode of the Web application program is more convenient and faster.

In the embodiment of the application, the required login authentication mode is required to be configured for the Web application program, and then the Web application program can be logged in based on the required login authentication mode. Therefore, before introducing the login mode of the Web application, a configuration method of the login authentication mode of the Web application will be described below.

Fig. 1 is a flowchart of a method for configuring a login authentication mode of a Web application according to an embodiment of the present application, and the method for configuring a login authentication mode according to the embodiment shown in fig. 1 is described by taking a first Web application as an example, but the scope of the present application is not limited thereto. As shown in fig. 1, the method may include S101 to S102. The respective steps are explained below.

It should be appreciated that the first Web application includes a plurality of preset login authentication pattern code modules, each corresponding to one of the login authentication patterns, and a first profile.

S101: determining a first login authentication mode used by the first Web application program, wherein the first login authentication mode corresponds to a first login authentication mode code module, and the first login authentication mode code module is any one of a plurality of preset login authentication mode code modules.

In the embodiment of the application, the first login authentication mode used by the first Web application program is determined according to the requirement of the user.

Assuming that the first Web application includes three preset login authentication code modules, since each login authentication code module corresponds to one login authentication mode, it is explained that the first Web application corresponds to three login authentication modes. The first login authentication mode is therefore any one of the three login authentication modes.

It should be understood that the first login authentication mode may include one login mode or a plurality of login modes, for example, in some embodiments, the first login authentication mode may include only account password login, in other embodiments, the first login authentication mode may also include account password login and mobile phone verification code login, and the present application does not limit the types of login modes included in the first login authentication mode in any way,

It is understood that the first login authentication mode may be CAS login, shiro login, OAuth login, weChat login, or a fusion login of any two or more of CAS login, shiro login, OAuth login, and WeChat login. Of course, the first login authentication mode may be any other available login authentication mode, which is not described herein.

S102: setting a first login authentication configuration item in a first configuration file of the first Web application program, wherein the first login authentication configuration item is matched with the first login authentication mode code module.

It may be appreciated that the first login authentication configuration item matches the first login authentication pattern code module, in particular that the first login authentication configuration item forms a pairing with the first login authentication pattern code module; the first Web application can automatically implement login using the first login authentication code module as long as the first login authentication configuration item is set in the first configuration.

For example, a flag may be set in each preset login authentication mode code module, and the flags in different login authentication mode code modules are different; assuming that the mark in the first login authentication mode code module is the first mark, when the first Web application needs to use the first login authentication mode (the login authentication mode corresponding to the first login authentication mode code module), only the first login authentication mode configuration item in the first configuration file needs to be set to the content corresponding to the first mark.

For example, the @ ConditionalOnExpression annotation may be used as a first tag in the first login authentication mode code module, and the annotation parameter of the @ ConditionalOnExpression annotation may be set as a first login authentication mode configuration item in the first configuration file.

Illustratively, when the first login authentication mode is OAuth login, @ ConditionalOnExpression ("# - { ' OAuthLogin '. Equals (' $ { login type }))" (first flag) is included in the first login authentication mode code module; if the first login authentication mode is desired as the login authentication mode of the first Web application, then "login.type= OAuthLogin" is written in the first profile. It can be appreciated that login. Type= OAuthLogin is the first login authentication mode configuration item).

In the configuration method of the login authentication mode of the Web application program, the first login authentication mode can be configured as the login authentication mode of the first Web application program by setting the first login authentication mode configuration item matched with the first login authentication mode code module in the first configuration file. The configuration process is simple and convenient, and only the content in the configuration file is required to be set (or modified) in the configuration process. The above procedure does not require any modification of the code of the first Web application, and thus a great deal of labor cost can be saved. Because the configuration process of the login authentication mode is simpler, the login authentication mode of the first Web application program can be switched at any time, and the satisfaction degree of the user on the first Web application program is improved.

In some embodiments, a second login authentication code module may be added to the first Web application according to requirements, where the second login authentication code module corresponds to a second login mode different from the first login authentication mode. The new login authentication mode can be added for the first Web application program according to the requirement, so that the application range of the first Web application program can be improved.

Of course, a certain login authentication mode of the first Web application may be deleted as needed; in the deleting process, only one login authentication mode code module in a plurality of preset login authentication code modules is required to be deleted, and the corresponding login authentication mode can be deleted.

It will be appreciated that after completion of the configuration of the login authentication mode of the first Web application, the user can login to the first Web application using the first login authentication mode. The login method of the first Web application after the first login authentication mode is configured is described below with reference to the drawings.

Fig. 2 is an interaction diagram of a login method of a Web application according to an embodiment of the present application, where a first Web application is exemplified in fig. 2, and as shown in fig. 2, the method may include S201 to S212. The individual steps are described in detail below in connection with fig. 1.

Step S201: the terminal device receives a first operation of a user, wherein the first operation is used for opening a first Web application program.

In some embodiments, the user may perform a first operation on the terminal device, the first operation being for opening the first Web application. For example, the first operation may be that the user inputs a website corresponding to the first Web application program in the browser, or may be that the user clicks a client icon corresponding to the first Web application program in the terminal device.

It should be understood that, in the embodiment of the present application, the specific form of the first operation is not limited, as long as the first operation is used to trigger the opening of the first Web application.

Step S202: the terminal device sends a first Web application access request to the server according to a first operation of a user.

Step S203: the server responds to the access request, and determines a first login authentication mode code module from a plurality of preset login authentication mode code modules according to a first login authentication mode configuration item in the first configuration file, wherein the first login authentication mode code module corresponds to the first login authentication mode.

It may be appreciated that the first login authentication mode configuration item in the first configuration file is modifiable content, and the first login authentication mode configuration item is determined according to a first login authentication mode required by the client in a login authentication mode configuration process of the first Web application.

It should be understood that the process of determining the first login authentication mode code module is a process of searching and pairing the first login authentication mode configuration item in a plurality of preset login authentication mode code modules. The specific method may refer to the content of the first login authentication configuration item in step S102 that is matched with the first login authentication mode code module, which is not described herein.

In some embodiments, a plurality of other Web applications may be deployed in the server in addition to the first Web application, where different login authentication modes may exist between different Web applications, where configuration files need to be set in the server for Web applications corresponding to the different login authentication modes respectively. In addition, when the first Web application deployed in the same server may also correspond to a plurality of different application scenarios (for example, to different clients or departments), the same Web application may also correspond to different login authentication modes, and in this case, it is also necessary to set configuration files in the server for clients corresponding to different login authentication modes, respectively. Thus, there may be a plurality of different profiles in the server. The server therefore needs to determine the required first profile from the plurality of profiles after receiving the access request of the Web application.

For example, in some embodiments, the first Web application access request carries an identifier of the terminal device used by the user and an identifier of the first Web application; prior to step S203, the login method of the Web application further includes: and the server determines a first configuration file from the plurality of configuration files according to the identification of the first Web application program and the identification of the terminal equipment. In the method, the server identifies which Web application program the first configuration file to be searched specifically belongs to according to the identification of the first Web application program, and identifies the application scene (namely different clients or departments) of the first Web application program according to the identification of the terminal equipment.

Of course, only the first Web application may be deployed in the server, and the first Web application service may have a plurality of application scenarios (for example, corresponding to a plurality of clients or departments, etc.). In this case, the first Web application access request carries the identifier of the terminal device used by the user; prior to step S203, the login method of the Web application further includes: and the server determines a first configuration file from the plurality of configuration files according to the identification of the terminal equipment.

In other embodiments, only the first Web application may be deployed in the server, with the first Web application service having multiple application scenarios (e.g., corresponding to multiple clients or departments, etc.). Only one configuration file in the embodiment of the application exists in the server. In this case, the configuration file existing in the server is the first configuration file.

Step S204: and the server generates a login interface task according to the codes in the first login authentication mode code module.

Step S205: and the server sends the login interface task to the terminal equipment.

Step S206: the terminal equipment generates a task based on the login interface, displays a login interface of the first Web application program to a user, and the login interface corresponds to the first login authentication mode.

It can be understood that the content displayed on the login interface is used for prompting and guiding the user to perform login operation, for example, the login interface may include an input box of a user and a password, an input box of a mobile phone number and a verification code, or a two-dimensional code for performing scan login through third party software, etc. The content in the login interface is related to a login mode included in the first login authentication mode.

According to the login method of the Web application program, the login authentication mode configuration item in the first configuration file is modifiable, and the login authentication mode configuration item is determined according to the type of the login authentication mode required by the client in the login authentication mode configuration process of the first Web application program. Therefore, when the login authentication mode of the first Web application program is required to be modified, the code content of the first Web application program is not required to be modified, and the configuration item of the first login authentication mode in the first configuration file is directly modified.

It will be appreciated that the terminal device displays a login interface to the user, only the selection of the login mode of the first Web application is completed. After the terminal device displays the login interface to the user, the login method further comprises login operation performed by the user. The login method further comprises the following steps: s207 to S213, each step is described below.

Step S207: and the terminal equipment receives login operation performed by the user on a login interface displayed by the terminal equipment.

In some embodiments, the login operation may be to input a user name and a password, or to input a mobile phone number and a verification code, or to input a scan two-dimensional code. In the embodiment of the present application, there is no particular limitation to this.

Step S208: and the terminal equipment responds to the login operation of the user and sends a user login authentication request to the server.

Step S209: and the server carries out login authentication on the user based on the user login authentication request to obtain a login authentication result.

In the embodiment of the application, the login authentication of the user can be identity authentication or identity authentication and authority determination. The authentication is used for determining whether the user is a legal user of the first Web application program, and the permission determination refers to a function of determining that the user can specifically use the first Web application program.

It is understood that the login authentication result may be that the login authentication is successful or the login authentication is failed.

Step S210: and the server generates an application interface task based on the codes in the service logic code module under the condition that the login authentication result is that the login authentication is successful.

Step S211: and the server sends the application interface task to the terminal equipment.

Step S212: the terminal device displays an application interface of the first Web application program to the user based on the application interface task.

In the embodiment of the application, the application interface is an interface displayed after the user successfully logs in the first Web application program, and the user uses the service function of the first Web application program in the interface.

In some embodiments, when the server determines that the login authentication of the user fails, the server sends a login failure message to the terminal device, and displays the first login interface to the user again so that the user performs login authentication again. Under the condition that the login authentication of the user fails, the terminal equipment displays the login failure message to the user, so that the user can be promoted to log in again, and further the user experience is promoted.

In some embodiments, when the server performs login authentication on the user, specifically, the server performs login authentication on the user by using the user information stored in the authentication interaction database, so as to obtain a login authentication result; the authentication interaction database comprises a plurality of preset user information, the user information in the authentication interaction database is updated periodically according to the user information in the target database, and the target database comprises the user information using the first login authentication mode.

The user is authenticated by login authentication by using user information stored in the authentication interaction database, more specifically, the user information is obtained by comparing information input by the user with user information in the interaction database, for example, a user name and a password are input by the user, the server searches and compares data in the authentication interaction database, if the user name and the password can be found, the login authentication is successful, and if the user and/or the password cannot be found, the login authentication is failed.

It should be understood that the user information stored in the target database is all user information, and the authentication interaction database is periodically finer according to the target database, so that all newly added users can be ensured to successfully log in the first Web application program, and the user experience is improved; meanwhile, the deleted user is prevented from logging in the first Web application program, and data security is ensured.

In other embodiments, when the server performs login authentication on the user, the server may specifically perform login authentication on the user by using the user information stored in the authentication interaction database to obtain a login authentication result; the authentication interaction database comprises user information using a first login authentication mode, and the user information in the authentication interaction database is updated periodically by adopting an ETL (Extract-Transform-Load). And the authentication data in the authentication interaction database is dynamically updated by combining with the ETL task, so that the updating efficiency can be improved.

It will be appreciated that the periodic updates may be finer to the user information after a predetermined period of time. For example, the update may be performed at a fixed time of day, week, or month, for example. The specific update frequency and update method may be set according to the requirement, and will not be described herein.

In some embodiments, when the login authentication result is that the login authentication is successful, a Redis sentinel mode cluster is adopted to cache session information related to the user generated in the login authentication process.

It can be understood that the Redis sentinel pattern cluster is REDIS SENTINEL clusters, and the Session information refers to Session information. The server is used for caching Session information related to a user generated in a login authentication process, the server comprises a master server and at least one slave server, the server acquires whether the working state of the master server is normal or not in a monitoring mode, when the master server fails, the server automatically performs fault transfer (Failover), and the monitored slave server is promoted to the master server, so that the high availability of the system is ensured, and the safety of the stored Session information is further ensured.

In addition, the Session information comprises user information input in the user login process, the server stores the Session information, and when login authentication is needed for the user again, the data can be read through a memory (a Redis sentinel mode cluster stores the data in the memory), so that the data can be read faster than the data from a database, and the login authentication efficiency is improved; and the Session data sharing among servers of different Web application programs can be realized, and the data utilization rate is improved.

In order to make the login mode of the present application clearly understood, the different login authentication modes will be described below by way of example with reference to the accompanying drawings, wherein the login mode is Shiro login, OAuth login and CAS login.

Fig. 3 is a schematic diagram of a login interface of a Web application provided in an embodiment of the present application, where a login authentication mode corresponding to the login interface is CAS login, and the login authentication mode shown in fig. 3 includes two login modes. The login mode displayed in the login interface shown in fig. 3 is an account password login, and the user can switch the login mode to a scanning two-dimensional code login by clicking the two-dimensional code icon 301 in fig. 3.

The CAS registry is described below as a framework for single sign-On (SINGLE SIGN On, SSO), all referred to as Central Authentication Service. The CAS has the following characteristics: (1) is an open source enterprise level single sign-on solution. (2) The CAS server side (i.e., CAS SERVER) is the Web application that needs to be deployed independently. (3) CAS clients (CAS CLIENT) support very many language types of clients (this client refers to individual Web applications in a single sign-on system), including Java, · Net, PHP, perl, apache, uPortal, ruby, etc.

FIG. 4 is a schematic diagram of a basic protocol process of CAS login used by a Web application in one embodiment of the present application. As shown in fig. 4, the framework of CAS login is structurally composed of 2 parts: CAS server side (i.e., CAS SERVER) and CAS client side. The CAS server side needs independent deployment and is mainly responsible for authentication work of users; the CAS client is responsible for processing access requests for the client protected resources, and redirecting to the CAS server when login is needed. The CAS client is deployed with the protected client application (i.e., web application program) to protect the protected resources in a Filter fashion. The Web browser in fig. 4 accesses a Web application for a user request.

Steps 1 to 6 shown in fig. 4 are explained below:

step 1, accessing service: the user sends a request to the CAS client requesting access to the service resource provided by the Web application. The CAS client analyzes whether the user request contains SERVICE TICKET; if SERVICE TICKET is not included in the request, it is indicated that the current user has not logged in (or that the user is logged in to the Web application for the first time), and the CAS client then performs the next step (i.e., step 2 below).

Step 2, directional authentication: the CAS client may redirect the user request to the CAS server.

Step 3, user authentication: user identity authentication, user input authentication information, login authentication, if login authentication is successful, then the next step (i.e. step 4) is executed.

Step 4, issuing a bill: the CAS server generates a random service ticket (SERVICE TICKET).

Step 5, verifying the bill: the CAS client performs identity verification with the CAS server to ensure the legitimacy of the service ticket (SERVICE TICKET), and after verification passes, the CAS client is allowed to access the service.

Step 6, transmitting user information: after the CAS server-side re-service ticket (SERVICE TICKET) passes the verification, the User authentication result information (User name) is transmitted to the CAS client.

In the embodiment of the present application, the CAS login is improved, and fig. 5 is a schematic flow chart of the CAS login used by the Web application in an embodiment of the present application, as shown in fig. 5, after the CAS login is started, the CAS login mainly includes a process of authorization and authentication, and in the authentication process, user information (for example, user account password) stored in a database is used for authentication, wherein the user information in the database is updated by using ETL.

As shown in fig. 5, in the user authentication link in login, the database (for example, a company database capable of integrating users) is utilized to verify the account passwords of the users, and the user account password information in the database is updated periodically by a scheduling task (adopting ETL), so that not only can the login of the user account passwords in most companies be realized, but also the user information can be dynamically updated by combining the scheduling task with the ETL task, and the updating efficiency can be improved.

Fig. 6 is a schematic diagram of a login interface of a Web application provided in another embodiment of the present application, where a login authentication mode corresponding to the login interface includes only one login mode (account password login), and the login authentication mode is Shiro login. Those skilled in the art will recognize that other login modes may be added to the login mode as desired.

Fig. 7 is a schematic diagram of Shiro login principle used by the Web application in an embodiment of the present application, where Shiro is a security framework residing in java implementation, to simplify authentication and authorization. The Shiro framework is available in both JavaEE and JavaSE and is primarily used to handle authentication, authorization, enterprise session management, encryption, and the like. The following describes the various functional points numbered ① through ⑤ in fig. 7:

① Authentication/login, verifying whether the user (Subject) has a corresponding identity;

② Authorization, verifying whether a certain authenticated (verified) user has a certain authority;

③ Session management, wherein a user logs in once or a session is performed once, and all user information exists in the session before the Web application program is not exited;

④ Encryption, which is to encrypt the password, is performed to ensure the security of the data;

⑤ The Shiro framework can be very easily integrated into a Web environment for Web support.

As shown in fig. 7, the embodiment of the present application is partially improved on the basis of the basic Shiro login authentication authorization, and the unmodified content in fig. 7 can be understood by referring to the definition in the prior art, which is not described herein. The content of the improvement is described below in conjunction with fig. 7:

As shown in fig. 7, the embodiment of the present application adds a user filter (Customer filter, i.e., the filter function block 701 in fig. 7) that can be customized based on the basic Shiro login authentication authorization, so as to ensure successful routing of websites (i.e., URLs, urluniform resource locator) of other interfaces in the web application after the login authentication is completed. In addition, as shown in fig. 7, the embodiment of the present application may further use a Redis sentinel mode cluster (including a master server and at least one slave server) (implemented by the Redis function block 702 in fig. 7) to cache the Session information of the login user, so that the Session information may be directly obtained from the Redis sentinel mode cluster when performing login authentication, so that the Session information may be quickly read and written, and the authentication authorization efficiency is improved. In addition, the Redis sentinel mode realizes that the user login Session information is shared between the servers of the Web application programs, and the modification can be suitable for most Web application programs, so that the authentication and authorization efficiency is further improved.

Fig. 8 is a schematic diagram of a login interface of a Web application provided in another embodiment of the present application, where a login authentication mode corresponding to the login interface includes only one login mode (account password login), and the login authentication mode is OAuth login. Those skilled in the art will recognize that other login modes may be added to the login mode as desired.

OAuth authentication is to enable a user to authorize him to access a Resource interface in an open platform (a Resource Server in a main access platform) without obtaining user sensitive information (such as an account number and a user PIN) by a third party application.

FIG. 9 is a schematic diagram of OAuth login used by a Web application in one embodiment of the present application, where in FIG. 9 a User (Resource runner) uses a User agent to interact with an authentication server (Authorization Server) and a third party application (Client). For convenience of description, a User agent (User agent) is omitted in the following description of the User's interactions with the authentication server and the third party application. As shown in fig. 9, the flow of OAuth login includes steps (a) to (E) shown in fig. 9, and each step is briefly described below.

It will be appreciated that the user (Resource owner) first keeps logging in to the Web application described in the implementation of the application (assumed to be Web application M) before step (a) is performed, i.e. the user is already authenticated in Web application M. At this time, the Rediss sentinel mode cluster already stores Session information (the Session information includes user information) generated when the user logs in the Web application M, and the authentication server may acquire the user information from the Rediss sentinel mode cluster.

The following procedure is an authentication step when the user logs into the third party application:

(A) The third party application requests user authorization Auth code request (i.e., pops up an operator interface for the user to confirm authorization to the third party application).

(B) User authorization is performed User authenticates, after which the third party application requests an authorization code from the authentication server Authorization code, and the request also carries a callback address (redirect _ uri) (a link to the third party application may be skipped).

(C) The third party application obtains the authorization code from the authentication server (Authorization code), after which the authentication server web page where the user is located will jump to the callback address (redirect _ uri) (i.e., to the third party application).

(D) The third party application carries an "authorization code" and application authentication information (client_id & client_secret) to the authentication server in exchange for an Access token (Authorization code +URI).

(E) The third party application brings up an Access token (Access token+ optional refresh token) when accessing the open platform.

As shown in fig. 9, the embodiment of the present application is partially improved on the basis of the basic Shiro login authentication authorization, and the unmodified part in fig. 9 can be understood by referring to the definition in the prior art, which is not described herein. The content of the improvement is described below in conjunction with fig. 9:

In the embodiment of the present application, a Redis sentinel mode cluster (including a master server and at least one slave server) is introduced to store Session information (mainly user information (user info) therein) and Cache (Cache) information (i.e., functions implemented by a Redis function block 901 shown in FIG. 9) of a user, and user information (i.e., functions implemented by a function block 902 shown in FIG. 9) of a plurality of systems may be added, so that multi-system user information sharing is implemented while an OAuth login authentication mode is used. Wherein the plurality of systems (system a, system B, system C, and system D in functional block 902 shown in fig. 9) refer to a plurality of Web applications, i.e., the Redis may store user information of a plurality of different Web applications, and the plurality of servers of the Redis sentinel pattern cluster may share Session data, which may be compatible with multiple system users.

It should be understood that the sequence number of each step in the foregoing embodiment does not mean that the execution sequence of each process should be determined by the function and the internal logic, and should not limit the implementation process of the embodiment of the present application.

Corresponding to the login method of the Web application of the above embodiment, the embodiment of the present application further provides a login device of the Web application, which includes a unit for executing each step executed by the server in the login method of the Web application of any of the above embodiments.

An exemplary description of a login device for a Web application in an embodiment of the present application is described below with reference to the accompanying drawings.

As shown in fig. 10, a block diagram of a login device for a Web application according to an embodiment of the present application is shown, and for convenience of explanation, only a portion related to the embodiment of the present application is shown. Referring to fig. 10, the login device 1000 of the Web application includes: a receiving unit 1001, a determining unit 1002, a login interface task unit 1003, and a transmitting unit 1004: wherein:

A receiving unit 1001, configured to receive an access request sent by a terminal device and directed to a first Web application, where the first Web application includes a first configuration file and a plurality of preset login authentication mode code modules; each login authentication mode code module corresponds to a login authentication mode; the first configuration file comprises a first login authentication mode configuration item which is determined and set according to a first login authentication mode used by the first Web application program;

A determining unit 1002, configured to determine, in response to an access request, a first login authentication mode code module from a plurality of preset login authentication mode code modules according to a first login authentication mode configuration item in a first configuration file, where the first login authentication mode code module corresponds to a first login authentication mode;

a login interface task unit 1003, configured to generate a login interface task according to the code in the first login authentication mode code module;

And the sending unit 1004 is configured to send a login interface task to the terminal device, so that the terminal device displays a login interface of the first Web application program based on the login interface generation task, and the login interface corresponds to the first login authentication mode.

Optionally, the first configuration file is hosted on a cloud platform.

Optionally, the first login authentication mode is CAS login, shiro login, OAuth login, weChat login, or a fusion login of any two or more of CAS login, shiro login, OAuth login and WeChat login.

Optionally, the first Web application includes a service logic code module, and the login device 1000 of the Web application further includes a login authentication unit and an application interface generating unit, where:

a receiving unit 1001, configured to receive a user login authentication request sent by a terminal device, where the user login authentication request is sent by the terminal device in response to a login operation performed by a user on a login interface;

The login authentication unit is used for carrying out login authentication on the user based on the user login authentication request to obtain a login authentication result;

the application interface generating unit is used for generating an application interface task based on codes in the service logic code module under the condition that the login authentication result is that the login authentication is successful;

And the sending unit 1004 is configured to send the application interface task to the terminal device, so that the terminal device displays an application interface of the first Web application program based on the application interface task.

Optionally, the login authentication unit is configured to perform login authentication on a user based on a user login authentication request, and obtain a login authentication result, and includes:

Based on the user login authentication request, performing login authentication on the user by using the user information stored in the authentication interaction database to obtain a login authentication result; the authentication interaction database comprises a plurality of preset user information, the target database comprises user information using a first login authentication mode, and the user information in the authentication interaction database is updated periodically according to the user information in the target database.

Optionally, the login device 1000 of the Web application further includes a caching unit, where:

And the caching unit is used for caching session information related to the user, which is generated in the login authentication process, by adopting a Redis sentinel mode cluster under the condition that the login authentication result is that the login authentication is successful.

It should be understood that, for the sake of brevity, the specific process of executing the corresponding steps by each unit in the login device 1000 of the Web application is referred to the description related to the login method of the Web application in the foregoing description, and will not be repeated here.

An embodiment of the present application further provides a computer device 1100, it being understood that the computer device in this embodiment may be a server in a method embodiment. As shown in fig. 11, the computer device 1100 of this embodiment includes: a processor 1101, a memory 1102, and a computer program 1104 stored in the memory 1102 and executable on the processor 1101. The computer program 1104 may be run by the processor 1101, generating instructions 1103, and the processor 1101 may implement the steps of the login method embodiments of the respective Web application described above according to the instructions 1103. Or the processor 1101 when executing the computer program 1104 implements the functions of the modules/units in the above-described apparatus embodiments, such as the functions of the receiving unit 1001 to the transmitting unit 1004 shown in fig. 10.

By way of example, the computer program 1104 may be partitioned into one or more modules/units that are stored in the memory 1102 and executed by the processor 1101 to accomplish the present application. One or more of the modules/units may be a series of computer program instruction segments capable of performing particular functions to describe the execution of the computer program 1104 in the computer device 1100.

It will be appreciated by those skilled in the art that fig. 11 is merely an example of a computer device 1100 and is not intended to limit the computer device 1100, and that the computer device 1100 may include more or less components than illustrated, or may combine certain components, or different components, e.g., the computer device 1100 may also include input and output devices, network access devices, buses, etc.

The Processor 1101 may be a central processing unit (Central Processing Unit, CPU), but may also be other general purpose processors, digital signal processors (DIGITAL SIGNAL Processor, DSP), application SPECIFIC INTEGRATED Circuit (ASIC), field-Programmable gate array (Field-Programmable GATE ARRAY, FPGA) or other Programmable logic device, discrete gate or transistor logic device, discrete hardware components, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.

The memory 1102 may be an internal storage unit of the computer device 1100, such as a hard disk or memory of the computer device 1100. The memory 1102 may also be an external storage device of the computer device 1100, such as a plug-in hard disk provided on the computer device 1100, a smart memory card (SMART MEDIA CARD, SMC), a Secure Digital (SD) card, a flash memory card (FLASH CARD), or the like. Further, the memory 1102 may also include both internal and external storage units of the computer device 1100. Memory 1102 is used to store computer programs and other programs and data required by computer device 1100. Memory 1102 may also be used to temporarily store data that has been output or is to be output.

It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-described division of the functional units and modules is illustrated, and in practical application, the above-described functional distribution may be performed by different functional units and modules according to needs, i.e. the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-described functions. The functional units and modules in the embodiment may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit, where the integrated units may be implemented in a form of hardware or a form of a software functional unit. In addition, the specific names of the functional units and modules are only for distinguishing from each other, and are not used for limiting the protection scope of the present application. The specific working process of the units and modules in the above system may refer to the corresponding process in the foregoing method embodiment, which is not described herein again.

Embodiments of the present application also provide a computer-readable storage medium having stored therein a computer program or instructions which, when read and executed by a computer, cause the computer to perform the steps of the method embodiments described above. The readable medium may be read-only memory (ROM) or random access memory (random access memory, RAM), to which embodiments of the application are not limited.

Embodiments of the present application provide a computer program product which, when run on a server, causes the server to perform the steps of the method embodiments described above.

The embodiment of the application also provides a chip in the first embodiment, which comprises: a processing unit, which may be, for example, a processor, and a communication unit, which may be, for example, an input/output interface, pins or circuitry, etc. The processing unit may execute the computer instructions to cause the computer device to execute any of the login methods for the Web application provided in the embodiments of the present application.

Optionally, the computer instructions are stored in a storage unit.

Alternatively, the storage unit is a storage unit in the chip, such as a register, a cache, etc., and the storage unit may also be a storage unit in the terminal located outside the chip, such as a ROM or other type of static storage device that can store static information and instructions, a random RAM, etc. The processor mentioned in any of the above may be a CPU, microprocessor, ASIC, or one or more integrated circuits for controlling the display of the electronic device and the execution of the program of the control method. The processing unit and the storage unit may be decoupled and respectively disposed on different physical devices, and the respective functions of the processing unit and the storage unit are implemented by wired or wireless connection, so as to support the system chip to implement the various functions in the foregoing embodiments. Or the processing unit and the memory may be coupled to the same device.

It may be understood that the chip provided by the embodiment of the present application may be an integrated circuit for implementing any one of the above-mentioned login methods of the Web application, and the main function of the chip is to implement the steps or procedures defined by the login method of the Web application in the embodiment of the present application, that is, implement the login method of the Web application in the embodiment of the present application by means of hardware. The computer readable storage medium provided in the embodiment of the present application is mainly used for storing a computer program, where the computer program when executed implements steps or procedures defined by any one of the above-described login methods of the Web application program, that is, implements the login method of the Web application program in the embodiment of the present application in the form of computer software.

In the foregoing embodiments, the descriptions of the embodiments are emphasized, and in part, not described or illustrated in any particular embodiment, reference is made to the related descriptions of other embodiments.

Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.

In the embodiments provided in the present application, it should be understood that the disclosed apparatus/device and method may be implemented in other manners. For example, the apparatus/device embodiments described above are merely illustrative, e.g., the division of the modules or units is merely a logical functional division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection via interfaces, devices or units, which may be in electrical, mechanical or other forms.

The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.

In addition, each functional unit in the embodiments of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.

The integrated modules/units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the present application may implement all or part of the flow of the method of the above embodiments, and may be implemented by a computer program to instruct related hardware, where the computer program may be stored in a computer readable storage medium, and when the computer program is executed by a processor, the computer program may implement the steps of each of the method embodiments described above. Wherein the computer program comprises computer program code which may be in source code form, object code form, executable file or some intermediate form etc. The computer readable medium may include at least: any entity or device capable of carrying computer program code to an apparatus/server, a recording medium, a computer Memory, a Read-Only Memory (ROM), a random access Memory (RAM, randomAccess Memory), an electrical carrier signal, a telecommunications signal, and a software distribution medium. Such as a U-disk, removable hard disk, magnetic or optical disk, etc. In some jurisdictions, computer readable media may not be electrical carrier signals and telecommunications signals in accordance with legislation and patent practice.

The above embodiments are only for illustrating the technical solution of the present application, and not for limiting the same; although the application has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present application, and are intended to be included in the scope of the present application.

Claims (10)

1. A login method of a Web application program is applied to a server and is characterized in that the first Web application program comprises a first configuration file and a plurality of preset login authentication mode code modules; each login authentication mode code module corresponds to a login authentication mode; the first configuration file comprises a first login authentication mode configuration item which is determined and set according to a first login authentication mode used by the first Web application program; the method comprises the following steps:

Receiving an access request aiming at the first Web application program and sent by terminal equipment;

Responding to the access request, and determining a first login authentication mode code module from the plurality of preset login authentication mode code modules according to a first login authentication mode configuration item in the first configuration file, wherein the first login authentication mode code module corresponds to the first login authentication mode;

generating a login interface task according to the codes in the first login authentication mode code module;

And sending the login interface task to the terminal equipment so that the terminal equipment displays a login interface of the first Web application program based on the login interface generation task, wherein the login interface corresponds to the first login authentication mode.

2. The method of claim 1, wherein the first configuration file is hosted on a cloud platform.

3. The method of claim 1, wherein the first login authentication mode is CAS login, shiro login, OAuth login, weChat login, or a fusion login of any two or more of CAS login, shiro login, OAuth login, and WeChat login.

4. A method according to any one of claims 1 to 3, wherein the first Web application comprises a business logic code module, the method further comprising:

receiving a user login authentication request sent by the terminal equipment, wherein the user login authentication request is sent by the terminal equipment in response to login operation performed by a user on the login interface;

based on the user login authentication request, performing login authentication on the user to obtain a login authentication result;

Generating an application interface task based on codes in the service logic code module under the condition that the login authentication result is that the login authentication is successful;

and sending the application interface task to the terminal equipment so that the terminal equipment displays the application interface of the first Web application program based on the application interface task.

5. The method according to claim 4, wherein the login authentication is performed on the user based on the user login authentication request to obtain a login authentication result; comprising the following steps:

Based on the user login authentication request, performing login authentication on the user by using user information stored in an authentication interaction database, and obtaining the login authentication result; the authentication interaction database comprises a plurality of preset user information, the target database comprises the user information using the first login authentication mode, and the user information in the authentication interaction database is updated periodically according to the user information in the target database.

6. The method according to claim 4, wherein in case the login authentication result is that the login authentication is successful, a Redis sentinel mode cluster is adopted to cache session information related to the user generated in the login authentication process.

7. A logging device for Web applications, characterized in that the device comprises means for performing the steps of the method according to any of claims 1 to 6.

8. A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the steps of the method according to any of claims 1 to 6 when the computer program is executed.

9. A computer-readable storage medium, in which a computer program or instructions is stored which, when read and executed by a computer, cause the computer to perform the method of any one of claims 1 to 6.

10. A chip, comprising: a processor for calling and running a computer program from a memory, causing a computer device on which the chip is mounted to perform the method of any one of claims 1 to 6.