[go: up one dir, main page]

CN111343168A - Identity authentication method and device, computer equipment and readable storage medium - Google Patents

Identity authentication method and device, computer equipment and readable storage medium Download PDF

Info

Publication number
CN111343168A
CN111343168A CN202010102388.1A CN202010102388A CN111343168A CN 111343168 A CN111343168 A CN 111343168A CN 202010102388 A CN202010102388 A CN 202010102388A CN 111343168 A CN111343168 A CN 111343168A
Authority
CN
China
Prior art keywords
information
access
verification code
terminal
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010102388.1A
Other languages
Chinese (zh)
Other versions
CN111343168B (en
Inventor
李正航
艾文敏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
OneConnect Financial Technology Co Ltd Shanghai
Original Assignee
OneConnect Financial Technology Co Ltd Shanghai
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by OneConnect Financial Technology Co Ltd Shanghai filed Critical OneConnect Financial Technology Co Ltd Shanghai
Priority to CN202010102388.1A priority Critical patent/CN111343168B/en
Publication of CN111343168A publication Critical patent/CN111343168A/en
Priority to PCT/CN2021/071060 priority patent/WO2021164459A1/en
Application granted granted Critical
Publication of CN111343168B publication Critical patent/CN111343168B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

本发明公开了一种身份验证的方法、装置、计算机设备及可读存储介质,该方法包括:接收由访问端发送来的访问请求;其中,所述访问请求包括:验证码、被访问端信息;判断所述验证码是否有效,并在所述验证码有效的情况下从本地数据库中查找到与所述验证码对应的访问权限级别;判断在与所述访问权限级别对应的权限列表中是否包含所述被访问端信息;当在所述权限列表中包含所述被访问端信息时,从与所述被访问端信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信息;将所述登录密码信息发送至与所述访问请求对应的被访问端,以利用所述登录密码信息登录所述被访问端;本发明可以简化登录流程,提高访问安全性。

Figure 202010102388

The invention discloses a method, device, computer equipment and readable storage medium for identity verification. The method includes: receiving an access request sent by an access terminal; wherein, the access request includes: verification code, information of the accessed terminal ; Judging whether the verification code is valid, and finding the access authority level corresponding to the verification code from the local database when the verification code is valid; Judging whether in the authority list corresponding to the access authority level Include the accessed terminal information; when the accessed terminal information is included in the permission list, obtain the login password information corresponding to the access authority level from the password database corresponding to the accessed terminal information; The login password information is sent to the accessed terminal corresponding to the access request, so as to use the login password information to log in to the accessed terminal; the present invention can simplify the login process and improve the access security.

Figure 202010102388

Description

一种身份验证的方法、装置、计算机设备及可读存储介质An identity verification method, apparatus, computer equipment and readable storage medium

技术领域technical field

本发明涉及互联网技术领域,具体涉及一种身份验证的方法、装置、计算机设备及可读存储介质。The present invention relates to the field of Internet technologies, and in particular, to a method, an apparatus, a computer device and a readable storage medium for identity verification.

背景技术Background technique

随着互联网技术的不断发展,企业通常需要对接多个业务系统以实现不同的业务操作,例如,在金融行业的企业需要对接产品管理、指令管理、风控合规管理、财务管理等多个业务系统;然而,每个业务系统均有不同的登录入口,企业内的用户终端需要通过频繁的登录操作才能使用不同的业务系统,而且每个业务系统的身份认证方式均不相同,企业内的用户终端需要获取各个业务系统的登录账户信息;因此,企业如何简化用户终端访问各个业务系统的复杂度、并确保用户终端访问业务系统的安全性,成为亟需解决的技术问题。With the continuous development of Internet technology, enterprises usually need to connect multiple business systems to realize different business operations. For example, companies in the financial industry need to connect with multiple businesses such as product management, instruction management, risk control compliance management, and financial management. However, each business system has a different login entry, and user terminals in the enterprise need to log in frequently to use different business systems, and the identity authentication methods of each business system are different. The terminal needs to obtain the login account information of each business system; therefore, how to simplify the complexity of the user terminal accessing each business system and ensure the security of the user terminal accessing the business system has become an urgent technical problem to be solved.

发明内容SUMMARY OF THE INVENTION

本发明的目的在于提供一种身份验证的方法、装置、计算机设备及可读存储介质,可以简化登录流程,提高访问安全性。The purpose of the present invention is to provide an identity verification method, device, computer equipment and readable storage medium, which can simplify the login process and improve the access security.

根据本发明的一个方面,提供了一种身份验证的方法,具体包括以下步骤:According to one aspect of the present invention, a method for identity verification is provided, which specifically includes the following steps:

接收由访问端发送来的访问请求;其中,所述访问请求包括:验证码、被访问端信息;Receive the access request sent by the access terminal; wherein, the access request includes: verification code, information of the accessed terminal;

判断所述验证码是否有效,并在所述验证码有效的情况下从本地数据库中查找到与所述验证码对应的访问权限级别;Judging whether the verification code is valid, and finding the access authority level corresponding to the verification code from the local database when the verification code is valid;

判断在与所述访问权限级别对应的权限列表中是否包含所述被访问端信息;Judging whether the accessed terminal information is included in the permission list corresponding to the access permission level;

当在所述权限列表中包含所述被访问端信息时,从与所述被访问端信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信息;When the accessed terminal information is included in the permission list, obtain login password information corresponding to the access authority level from a password database corresponding to the accessed terminal information;

将所述登录密码信息发送至与所述访问请求对应的被访问端,以利用所述登录密码信息登录所述被访问端。Sending the login password information to the accessed terminal corresponding to the access request, so as to log in to the accessed terminal by using the login password information.

可选的,在所述接收由访问端发送来的访问请求之前,所述方法还包括:Optionally, before the receiving the access request sent by the access terminal, the method further includes:

接收由所述访问端发送来的平台注册信息;其中,所述平台注册信息包括:登录账号信息和用户基本信息;Receive the platform registration information sent by the access terminal; wherein, the platform registration information includes: login account information and basic user information;

根据所述登录账号信息生成所述验证码,并根据所述用户基本信息确定出所述访问权限级别;Generate the verification code according to the login account information, and determine the access authority level according to the basic user information;

将所述验证码和访问权限级别存储到所述本地数据库中,并将所述验证码发送至所述访问端。The verification code and the access authority level are stored in the local database, and the verification code is sent to the access terminal.

可选的,所述判断所述验证码是否有效,具体包括:Optionally, the judging whether the verification code is valid specifically includes:

当在所述本地数据库中存在所述验证码,且存储所述验证码的第一时间与接收到所述访问请求的第二时间的时间间隔小于预设阈值时,判定所述验证码有效。When the verification code exists in the local database, and the time interval between the first time when the verification code is stored and the second time when the access request is received is less than a preset threshold, it is determined that the verification code is valid.

可选的,所述方法还包括:Optionally, the method further includes:

通过预设接口向所述被访问端发送邀请信息,并通过所述预设接口接收由所述被访问端反馈回的同意建连信息;Send invitation information to the visited terminal through a preset interface, and receive connection establishment approval information fed back by the visited terminal through the preset interface;

根据所述同意建连信息进行数据库配置,以提供用于访问所述被访问端的访问入口。Database configuration is performed according to the agreed connection establishment information, so as to provide an access entry for accessing the accessed terminal.

可选的,在所述访问端成功登录所述被访问端之后,所述方法还包括:Optionally, after the accessing terminal successfully logs in to the accessed terminal, the method further includes:

从所述被访问端中获取待办事件信息和提醒事件信息;其中,所述待办事件信息包括:待办事件数量信息、待办事件名称信息、待办事件跳转链接信息,所述提醒事件信息包括:提醒事件数量信息、提醒事件名称信息、提醒事件跳转链接信息;Obtain to-do event information and reminder event information from the visited terminal; wherein, the to-do event information includes: to-do event quantity information, to-do event name information, to-do event jump link information, and the reminder The event information includes: reminder event quantity information, reminder event name information, reminder event jump link information;

通过显示界面显示所述待办事件信息和提醒事件信息。The to-do event information and the reminder event information are displayed through the display interface.

根据本发明的另一个方面,还提供了一种身份验证的装置,具体包括以下组成部分:According to another aspect of the present invention, an identity verification device is also provided, which specifically includes the following components:

接收模块,用于接收由访问端发送来的访问请求;其中,所述访问请求包括:验证码、被访问端信息;a receiving module, configured to receive an access request sent by an access terminal; wherein, the access request includes: a verification code and information of the accessed terminal;

查找模块,用于判断所述验证码是否有效,并在所述验证码有效的情况下从本地数据库中查找到与所述验证码对应的访问权限级别;a search module for judging whether the verification code is valid, and finding the access authority level corresponding to the verification code from the local database when the verification code is valid;

判断模块,用于判断在与所述访问权限级别对应的权限列表中是否包含所述被访问端信息;a judging module for judging whether the accessed terminal information is included in the permission list corresponding to the access permission level;

获取模块,用于当在所述权限列表中包含所述被访问端信息时,从与所述被访问端信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信息;an acquisition module, configured to acquire login password information corresponding to the access authority level from a password database corresponding to the accessed terminal information when the accessed terminal information is included in the authority list;

发送模块,用于将所述登录密码信息发送至与所述访问请求对应的被访问端,以利用所述登录密码信息登录所述被访问端。A sending module, configured to send the login password information to the accessed terminal corresponding to the access request, so as to log in to the accessed terminal by using the login password information.

可选的,所述装置还包括:Optionally, the device further includes:

处理模块,用于接收由所述访问端发送来的平台注册信息;其中,所述平台注册信息包括:登录账号信息和用户基本信息;根据所述登录账号信息生成所述验证码,并根据所述用户基本信息确定出所述访问权限级别;将所述验证码和访问权限级别存储到所述本地数据库中,并将所述验证码发送至所述访问端。a processing module, configured to receive the platform registration information sent by the access terminal; wherein, the platform registration information includes: login account information and basic user information; generate the verification code according to the login account information, and The access authority level is determined from the basic user information; the verification code and the access authority level are stored in the local database, and the verification code is sent to the access terminal.

可选的,所述判断模块,具体用于:Optionally, the judgment module is specifically used for:

当在所述本地数据库中存在所述验证码,且存储所述验证码的第一时间与接收到所述访问请求的第二时间的时间间隔小于预设阈值时,判定所述验证码有效。When the verification code exists in the local database, and the time interval between the first time when the verification code is stored and the second time when the access request is received is less than a preset threshold, it is determined that the verification code is valid.

根据本发明的另一个方面,还提供了一种计算机设备,具体包括:存储器、处理器以及存储在所述存储器上并可在所述处理器上运行的计算机程序,所述处理器执行所述程序时实现上述身份验证的方法的步骤。According to another aspect of the present invention, a computer device is also provided, which specifically includes: a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor executing the Program the steps to implement the above authentication method.

根据本发明的另一个方面,还提供了一种计算机可读存储介质,其上存储有计算机程序,所述程序被处理器执行时实现上述身份验证的方法的步骤。According to another aspect of the present invention, there is also provided a computer-readable storage medium on which a computer program is stored, and when the program is executed by a processor, the steps of the above-mentioned identity verification method are implemented.

本发明提供的身份验证的方法、装置、计算机设备及可读存储介质,访问端通过集成了各个业务系统的一体化平台可以访问各个业务系统,实现了不同业务系统的统一访问入口,减少了重复访问各个业务系统的繁琐工作;本发明提供了统一身份验证的机制,实现一次登录重复认证的功能,大大减少了身份验证的维护成本。此外,本发明还能提高身份验证的安全性。With the method, device, computer equipment and readable storage medium for identity verification provided by the present invention, the access terminal can access each business system through the integrated platform integrating each business system, thereby realizing the unified access entry of different business systems and reducing duplication. The tedious work of accessing various business systems is avoided; the invention provides a unified identity verification mechanism, realizes the function of one-time login and repeated authentication, and greatly reduces the maintenance cost of identity verification. In addition, the present invention can also improve the security of identity verification.

附图说明Description of drawings

通过阅读下文优选实施方式的详细描述,各种其他的优点和益处对于本领域普通技术人员将变得清楚明了。附图仅用于示出优选实施方式的目的,而并不认为是对本发明的限制。而且在整个附图中,用相同的参考符号表示相同的部件。在附图中:Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are for the purpose of illustrating preferred embodiments only and are not to be considered limiting of the invention. Also, the same components are denoted by the same reference numerals throughout the drawings. In the attached image:

图1为实施例一提供的身份验证的方法的一种可选的流程示意图;FIG. 1 is an optional schematic flowchart of the method for identity verification provided in Embodiment 1;

图2为实施例三提供的身份验证的装置的一种可选的程序模块示意图;2 is a schematic diagram of an optional program module of the device for identity verification provided in Embodiment 3;

图3为实施例四提供的计算机设备的一种可选的硬件架构示意图。FIG. 3 is a schematic diagram of an optional hardware architecture of the computer device provided in the fourth embodiment.

具体实施方式Detailed ways

为了使本发明的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对本发明进行进一步详细说明。应当理解,此处所描述的具体实施例仅用以解释本发明,并不用于限定本发明。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。In order to make the objectives, technical solutions and advantages of the present invention clearer, the present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are only used to explain the present invention, but not to limit the present invention. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

实施例一Example 1

本发明实施例提供了一种身份验证的方法,应用于金融行业的资管集成平台,如图1所示,该方法具体包括以下步骤:An embodiment of the present invention provides an identity verification method, which is applied to an asset management integration platform in the financial industry. As shown in FIG. 1 , the method specifically includes the following steps:

步骤S101:接收由访问端发送来的访问请求;其中,所述访问请求包括:验证码、被访问端信息。Step S101: Receive an access request sent by an access terminal; wherein, the access request includes: a verification code and information of the accessed terminal.

在本实施例中,资管集成平台为集成了多个资管业务系统的一体化平台;访问端为用于通过资管集成平台访问各个资管业务系统的用户终端;每个集成在资管集成平台的资管业务系统均可被视为一个被访问端。优选的,被访问端信息为被访问端的IP地址信息或身份ID信息;In this embodiment, the asset management integration platform is an integrated platform that integrates multiple asset management business systems; the access terminal is a user terminal used to access each asset management business system through the asset management integration platform; The asset management business system of the integrated platform can be regarded as an accessed terminal. Preferably, the accessed terminal information is the IP address information or identity ID information of the accessed terminal;

具体的,在所述接收由访问端发送来的访问请求之前,所述方法还包括:Specifically, before the receiving the access request sent by the access terminal, the method further includes:

步骤A1:接收由所述访问端发送来的平台注册信息;其中,所述平台注册信息包括:登录账号信息和用户基本信息;Step A1: Receive the platform registration information sent by the access terminal; wherein, the platform registration information includes: login account information and basic user information;

当用户通过所述访问端第一次登录所述资管集成平台时,需要进行注册操作;在注册操作过程中,用户需要使用登录账号信息登录所述资管集成平台,并上报用户基本信息。When a user logs in to the asset management integration platform for the first time through the access terminal, a registration operation is required; during the registration operation, the user needs to log in to the asset management integration platform using the login account information, and report basic user information.

优选的,用户级别信息包括:用户当前网络环境信息、用户所属部门信息、和用户职位信息。Preferably, the user level information includes: the user's current network environment information, the user's department information, and the user's position information.

步骤A2:根据所述登录账号信息生成所述验证码,并根据所述用户基本信息确定出所述访问权限级别;Step A2: generating the verification code according to the login account information, and determining the access authority level according to the basic user information;

优选的,访问权限级别包括:高级、中级、低级;访问权限级别越高,访问端可访问的被访问端的数量越多;在步骤A2中,可以根据用户当前网络环境信息、用户所属部门信息、和用户职位信息按照预设算法确定出访问权限级别。Preferably, the access authority levels include: high-level, intermediate-level, and low-level; the higher the access authority level, the more the accessed terminals can be accessed by the access terminal; in step A2, according to the user's current network environment information, the user's department information, and user position information to determine the access authority level according to a preset algorithm.

步骤A3:将所述验证码和访问权限级别存储到本地数据库中,并将所述验证码发送至所述访问端。Step A3: Store the verification code and the access authority level in a local database, and send the verification code to the access terminal.

步骤S102:判断所述验证码是否有效,并在所述验证码有效的情况下从所述本地数据库中查找到与所述验证码对应的访问权限级别。Step S102: Determine whether the verification code is valid, and find the access authority level corresponding to the verification code from the local database if the verification code is valid.

具体的,所述判断所述验证码是否有效,具体包括:Specifically, the judging whether the verification code is valid includes:

当在所述本地数据库中存在所述验证码,且存储所述验证码的第一时间与接收到所述访问请求的第二时间的时间间隔小于预设阈值时,判定所述验证码有效。When the verification code exists in the local database, and the time interval between the first time when the verification code is stored and the second time when the access request is received is less than a preset threshold, it is determined that the verification code is valid.

在本申请中,验证码具有时效性,当验证码过期后,需要重新为用户分配新的验证码,从而提高了资管集成平台的安全性。In this application, the verification code is time-sensitive. When the verification code expires, a new verification code needs to be allocated to the user, thereby improving the security of the asset management integration platform.

步骤S103:判断在与所述访问权限级别对应的权限列表中是否包含所述被访问端信息。Step S103: Determine whether the accessed terminal information is included in the permission list corresponding to the access permission level.

具体的,所述方法还包括:Specifically, the method further includes:

分别为每个访问权限级别设置对应的权限列表;每个权限列表中包含对应的访问权限级别所能访问的被访问端信息。A corresponding permission list is set for each access permission level; each permission list contains the accessed terminal information that can be accessed by the corresponding access permission level.

在本实施例中,不同的用户有不同的访问权限级别,通过设置用户的访问权限级别以限制用户可以访问的被访问端的种类。In this embodiment, different users have different access authority levels, and the types of accessed terminals that the user can access are limited by setting the user's access authority levels.

步骤S104:当在所述权限列表中包含所述被访问端信息时,从与所述被访问端信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信。Step S104: When the accessed terminal information is included in the permission list, obtain a login password letter corresponding to the access authority level from a password database corresponding to the accessed terminal information.

具体的,所述方法还包括:Specifically, the method further includes:

分别为每个被访问端信息设置对应的密码数据库,并在每个密码数据库中分别为各个访问权限级别设置对应的登录密码信息;通过不同的登录密码信息以限制用户在被访问端中的访问权限。Set a corresponding password database for each accessed terminal information, and set corresponding login password information for each access level in each password database; use different login password information to restrict users' access in the accessed terminal permissions.

步骤S105:将所述登录密码信息发送至所述访问端,以供所述访问端利用所述登录密码信息登录被访问端。Step S105: Send the login password information to the access terminal, so that the access terminal uses the login password information to log in to the accessed terminal.

在本实施例中,通过验证码对用户的身份进行验证,并根据访问权限级别判断出用户是否可以访问被访问端,最后通过与访问权限级别对应的登录密码信息登录被访问端。In this embodiment, the user's identity is verified through the verification code, and whether the user can access the accessed terminal is determined according to the access authority level, and finally the accessed terminal is logged in through the login password information corresponding to the access authority level.

具体的,所述方法还包括:Specifically, the method further includes:

通过预设接口向所述被访问端发送邀请信息,并通过所述预设接口接收由所述被访问端反馈回的同意建连信息;Send invitation information to the visited terminal through a preset interface, and receive connection establishment approval information fed back by the visited terminal through the preset interface;

根据所述同意建连信息进行数据库配置,以提供用于访问所述被访问端的访问入口。Database configuration is performed according to the agreed connection establishment information, so as to provide an access entry for accessing the accessed terminal.

在本实施例中,所述资管集成平台集成了各种类型的资管业务系统(即,被访问端)的访问入口,用户可以通过所述资管集成平台访问各个资管业务系统。In this embodiment, the asset management integration platform integrates access portals of various types of asset management business systems (ie, accessed terminals), and users can access various asset management business systems through the asset management integration platform.

进一步的,在所述访问端成功登录所述被访问端之后,所述方法还包括:Further, after the accessing terminal successfully logs in to the accessed terminal, the method further includes:

从所述被访问端中获取待办事件信息和提醒事件信息;其中,所述待办事件信息包括:待办事件数量信息、待办事件名称信息、待办事件跳转链接信息,所述提醒事件信息包括:提醒事件数量信息、提醒事件名称信息、提醒事件跳转链接信息;Obtain to-do event information and reminder event information from the visited terminal; wherein, the to-do event information includes: to-do event quantity information, to-do event name information, to-do event jump link information, and the reminder The event information includes: reminder event quantity information, reminder event name information, reminder event jump link information;

通过显示界面显示所述待办事件信息和提醒事件信息。The to-do event information and the reminder event information are displayed through the display interface.

在本实施例中,用户可直观的查看各个资管业务系统中的待办事项和提醒事项,并通过待办事项链接和提醒事项链接快速访问明细数据。In this embodiment, the user can intuitively view the to-do items and reminder items in each asset management business system, and quickly access detailed data through the to-do item link and the reminder item link.

实施例二Embodiment 2

本发明实施例提供了一种身份验证的方法,该方法应用于资管集成平台,所述资管集成平台集成了各种资管业务系统,访问端通过所述资管集成平台可以访问各个资管业务系统;具体的,所述资管集成平台包括:用户交互模块、身份验证模块和业务模块;其中,所述用户交互模块与访问端连接,以供访问端通过所述用户交互模块登录所述资管集成平台;所述身份验证模块用于对登录所述资管集成平台的用户进行身份验证和权限验证,只有身份验证通过的且具有相应权限的用户可以通过所述资管集成平台访问对应的业务模块;每种业务模块对应一种资管业务系统,所述业务模块包括:产品管理模块、指令管理模块、风控合规管理模块、组合管理模块、财务管理模块。The embodiment of the present invention provides an identity verification method, which is applied to an asset management integration platform, the asset management integration platform integrates various asset management business systems, and an access terminal can access various asset management systems through the asset management integration platform. Specifically, the asset management integration platform includes: a user interaction module, an identity verification module and a business module; wherein, the user interaction module is connected to the access terminal, so that the access terminal can log in to the website through the user interaction module. The asset management integration platform is described; the identity verification module is used to perform identity verification and authority verification on users who log in to the asset management integration platform, and only users who have passed the identity verification and have corresponding permissions can access through the asset management integration platform Corresponding business modules; each business module corresponds to an asset management business system, and the business modules include: a product management module, an instruction management module, a risk control compliance management module, a portfolio management module, and a financial management module.

所述身份验证方法,具体包括以下步骤:The identity verification method specifically includes the following steps:

步骤S201:用户交互模块接收来自访问端的业务访问请求,并判断在所述业务访问请求中是否包含验证码;Step S201: the user interaction module receives the service access request from the access terminal, and judges whether the service access request contains a verification code;

若是,则执行步骤S202;若否,则向所述访问端发送拒绝请求消息。If yes, go to step S202; if no, send a rejection request message to the access terminal.

其中,所述业务访问请求是用户在所述访问端上输入的用于请求某一业务操作的信息;所述业务访问请求包括:验证码、用户所要访问的业务模块信息、以及用户所要执行的业务信息;Wherein, the service access request is the information input by the user on the access terminal to request a certain service operation; the service access request includes: verification code, service module information to be accessed by the user, and information to be executed by the user business information;

需要说明的是,本实施例中的业务模块信息相当于第一实施例中的被访问端信息,本实施例中的业务模块相当于第一实施例中的被访问端。It should be noted that the service module information in this embodiment is equivalent to the accessed terminal information in the first embodiment, and the service module in this embodiment is equivalent to the accessed terminal in the first embodiment.

具体的,在步骤S201之前,所述方法还包括:Specifically, before step S201, the method further includes:

步骤A1:所述用户交互模块接收由所述访问端发送来的平台注册信息,并将所述平台注册信息发送至所述身份验证模块;其中,所述平台注册信息包括:登录账号信息和用户基本信息;Step A1: the user interaction module receives the platform registration information sent by the access terminal, and sends the platform registration information to the identity verification module; wherein, the platform registration information includes: login account information and user Basic Information;

步骤A2:所述身份验证模块根据所述登录账号信息生成所述验证码,并根据所述用户基本信息确定出所述访问权限级别;Step A2: the identity verification module generates the verification code according to the login account information, and determines the access authority level according to the basic user information;

步骤A3:所述身份验证模块将所述验证码和所述访问权限级别存储到本地数据库中,并将所述验证码发送至所述用户交互模块;Step A3: the identity verification module stores the verification code and the access authority level in a local database, and sends the verification code to the user interaction module;

步骤A4:所述用户交互模块将所述验证码发送至所述访问端。Step A4: The user interaction module sends the verification code to the access terminal.

具体的,所述访问端当接收到所述验证码时将所述身份验证信息保存至cookie中。Specifically, the access terminal saves the identity verification information in a cookie when receiving the verification code.

在本实施例中,当访问端第一次登陆所述资管集成平台时,需要进行注册,以供所述资管集成平台为所述访问端生成验证码。In this embodiment, when the access terminal logs in to the asset management integration platform for the first time, registration is required so that the asset management integration platform can generate a verification code for the access terminal.

步骤S202:所述用户交互模块将所述业务访问请求中的验证码和业务模块信息发送至所述身份验证模块。Step S202: The user interaction module sends the verification code and the service module information in the service access request to the identity verification module.

步骤S203:所述身份验证模块判断所述验证码是否有效,若是,则执行步骤S204;若否,则向所述用户交互模块发送验证失败信息,以供所述用户交互模块在接收到验证失败信息时向所述访问端发送拒绝访问消息。Step S203: the identity verification module judges whether the verification code is valid, and if so, executes step S204; if not, sends verification failure information to the user interaction module for the user interaction module to receive verification failure information Send an access denied message to the access terminal when the information is received.

具体的,所述方法还包括:Specifically, the method further includes:

在步骤A3中,所述身份验证模块将形成所述身份验证信息的第一时间存储在所述本地数据库中。In step A3, the identity verification module stores the first time when the identity verification information is formed in the local database.

进一步的,在步骤S203中,所述身份验证模块获取接收到所述身份验证模块的第二时间,并判断所述第二时间与所述第一时间的时间间隔是否小于预设阈值,若是,则向所述用户交互模块发送验证失败消息,若否,则判定所述验证码有效。Further, in step S203, the identity verification module obtains the second time when the identity verification module is received, and judges whether the time interval between the second time and the first time is less than a preset threshold, and if so, A verification failure message is sent to the user interaction module, and if not, it is determined that the verification code is valid.

在本实施例中,为每个登陆所述资管集成平台的用户生成唯一的验证码,当所述用户需要通过所述资管集成平台访问任一业务模块时,用户交互模块会将所述用户的验证码发送至身份验证模块,以对用户的身份验证信息进行验证;在本实施例中,当用户第一次登陆所述资管集成平台时,所述身份验证模块会为所述用户分配一个验证码,所述用户在得到所述验证码之后,可以在设定时间期间内通过所述资管集成平台访问业务模块。In this embodiment, a unique verification code is generated for each user logging in the asset management integration platform. When the user needs to access any business module through the asset management integration platform, the user interaction module will The user's verification code is sent to the identity verification module to verify the user's identity verification information; in this embodiment, when the user logs in to the asset management integration platform for the first time, the identity verification module will be the user A verification code is allocated, and the user can access the business module through the asset management integration platform within a set time period after obtaining the verification code.

步骤S204:所述身份验证模块从本地数据库中查找到与所述验证码对应的访问权限级别,并判断在与所述访问权限级别对应的权限列表中是否包含所述业务模块信息;若是,则执行步骤S205,若否,则向所述用户交互模块发送验证失败信息,以供所述用户交互模块在接收到验证失败信息时向所述访问端发送拒绝访问消息。Step S204: the identity verification module finds the access authority level corresponding to the verification code from the local database, and judges whether the business module information is included in the authority list corresponding to the access authority level; if so, then Step S205 is performed, and if not, the verification failure information is sent to the user interaction module, so that the user interaction module sends an access denial message to the access terminal when the verification failure information is received.

具体的,在步骤S204之前,在所述身份验证模块中分别为每个访问权限级别设置对应的权限列表;每个权限列表中包含对应的访问权限级别所能访问的业务模块信息。Specifically, before step S204, a corresponding permission list is set for each access permission level in the identity verification module; each permission list includes information of service modules that can be accessed by the corresponding access permission level.

在本实施例中,不同的用户有不同的访问权限级别,通过设置用户的访问权限级别以限制用户可以访问的业务模块的种类。In this embodiment, different users have different access authority levels, and the types of service modules that users can access are limited by setting the user's access authority levels.

步骤S205:所述身份验证模块从与所述业务模块信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信息。Step S205: the identity verification module obtains the login password information corresponding to the access authority level from the password database corresponding to the service module information.

具体的,在步骤S205之前,所述方法还包括:所述身份验证模块分别为每个业务模块设置对应的密码数据库,并在每个业务模块的密码数据库中分别为各个访问权限级别设置对应的登录密码信息;通过不同的登录密码信息以限制用户在业务模块中的访问权限。Specifically, before step S205, the method further includes: the identity verification module sets a corresponding password database for each business module, and sets a corresponding password database for each access authority level in the password database of each business module. Login password information; use different login password information to limit the user's access rights in the business module.

在本实施例中,身份验证模块通过验证码对用户的身份进行验证,并根据访问权限级别判断出用户是否可以访问业务模块,最后通过与访问权限级别对应的登录密码信息登录业务模块。In this embodiment, the identity verification module verifies the user's identity through the verification code, determines whether the user can access the business module according to the access authority level, and finally logs in to the business module through the login password information corresponding to the access authority level.

步骤S206:所述身份验证模块将所述登录密码信息发送至与所述业务模块信息对应的业务模块,以登录所述业务模块,从而根据所述业务信息执行相应的资管业务。Step S206: The identity verification module sends the login password information to the business module corresponding to the business module information, so as to log in to the business module, so as to execute the corresponding asset management business according to the business information.

具体的,所述资管集成平台还包括:建连模块;所述建连模块用于建立所述资管集成平台与各个资管业务系统的连接,因此,所述方法还包括:Specifically, the asset management integration platform further includes: a connection establishment module; the connection establishment module is used to establish a connection between the asset management integration platform and each asset management business system. Therefore, the method further includes:

步骤B1:所述建连模块通过HTTP API接口向需要集成在所述资管集成平台中的各个资管业务系统发送邀请信息;Step B1: The connection establishment module sends invitation information to each asset management business system that needs to be integrated in the asset management integration platform through the HTTP API interface;

步骤B2:所述建连模块通过HTTP API接收由各个资管业务系统反馈回的同意建连信息;Step B2: the connection establishment module receives the connection establishment approval information fed back by each asset management business system through HTTP API;

其中,所述同意建连信息包括:业务模块名称信息、业务模块访问权限信息、和业务模块访问地址信息。Wherein, the connection approval information includes: service module name information, service module access authority information, and service module access address information.

步骤B3:所述建连模块根据各个同意建连信息进行数据库配置,以在所述资管集成平台中提供用于访问各个资管业务系统的访问入口。Step B3: The connection establishment module configures the database according to each agreed connection establishment information, so as to provide an access portal for accessing each asset management business system in the asset management integration platform.

进一步的,所述资管集成平台还包括:显示模块,用于在所述访问端成功登录所述业务模块之后,从所述业务模块中获取待办事件信息和提醒事件信息;其中,所述待办事件信息包括:待办事件数量信息、待办事件名称信息、待办事件跳转链接信息,所述提醒事件信息包括:提醒事件数量信息、提醒事件名称信息、提醒事件跳转链接信息;将所述待办时间信息和提醒事件信息发送给所述访问端,以供所述访问端通过显示界面显示所述待办事件信息和提醒事件信息。Further, the asset management integration platform further includes: a display module for acquiring to-do event information and reminder event information from the business module after the access terminal successfully logs in to the business module; wherein the The to-do event information includes: to-do event quantity information, to-do event name information, and to-do event jump link information, and the reminder event information includes: reminder event quantity information, reminder event name information, and reminder event jump link information; Sending the to-do time information and the reminder event information to the access terminal, so that the access terminal can display the to-do event information and the reminder event information through a display interface.

在本实施例中,资管集成平台为各个资管业务系统提供基于OpenAPI的通用接口,以使所有B/S架构的资管业务系统可以接入到所述资管集成平台中;此外,所述资管集成平台通过所述用户交互模块统一向用户提供各个资管业务系统的访问入口,以及通过所述用户交互模块向用户展示各个资管业务系统的待办事件信息和提醒事件信息,从而使得用户可以通过所述用户交互模块访问各个业务模块、查看各个待办事件和各个提醒事件。In this embodiment, the asset management integration platform provides a general interface based on OpenAPI for each asset management business system, so that all asset management business systems of B/S architecture can be connected to the asset management integration platform; The asset management integration platform uniformly provides users with access portals of each asset management business system through the user interaction module, and displays the to-do event information and reminder event information of each asset management business system to the user through the user interaction module, thereby The user can access various business modules, view various to-do events and various reminder events through the user interaction module.

实施例三Embodiment 3

本发明实施例提供了一种身份验证的装置,应用于资管集成平台,如图2所示,该装置具体包括以下组成部分:An embodiment of the present invention provides an identity verification device, which is applied to an asset management integration platform. As shown in FIG. 2 , the device specifically includes the following components:

接收模块301,用于接收由访问端发送来的访问请求;其中,所述访问请求包括:验证码、被访问端信息。The receiving module 301 is configured to receive an access request sent by an access terminal, wherein the access request includes: a verification code and information of the accessed terminal.

具体的,所述装置还包括:Specifically, the device further includes:

处理模块,用于接收由所述访问端发送来的平台注册信息;其中,所述平台注册信息包括:登录账号信息和用户基本信息;根据所述登录账号信息生成所述验证码,并根据所述用户基本信息确定出所述访问权限级别;将所述验证码和访问权限级别存储到所述本地数据库中,并将所述验证码发送至所述访问端。a processing module, configured to receive the platform registration information sent by the access terminal; wherein, the platform registration information includes: login account information and basic user information; generate the verification code according to the login account information, and The access authority level is determined from the basic user information; the verification code and the access authority level are stored in the local database, and the verification code is sent to the access terminal.

查找模块302,用于判断所述验证码是否有效,并在所述验证码有效的情况下从本地数据库中查找到与所述验证码对应的访问权限级别。The search module 302 is configured to judge whether the verification code is valid, and find the access authority level corresponding to the verification code from the local database if the verification code is valid.

具体的,查找模块302,具体用于:Specifically, the search module 302 is specifically used for:

当在所述本地数据库中存在所述验证码,且存储所述验证码的第一时间与接收到所述访问请求的第二时间的时间间隔小于预设阈值时,判定所述验证码有效。When the verification code exists in the local database, and the time interval between the first time when the verification code is stored and the second time when the access request is received is less than a preset threshold, it is determined that the verification code is valid.

判断模块303,用于判断在与所述访问权限级别对应的权限列表中是否包含所述被访问端信息。The judging module 303 is configured to judge whether the accessed terminal information is included in the permission list corresponding to the access permission level.

获取模块304,用于当在所述权限列表中包含所述被访问端信息时,从与所述被访问端信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信息。The obtaining module 304 is configured to obtain the login password information corresponding to the access authority level from the password database corresponding to the accessed end information when the visited end information is included in the authority list.

发送模块305,用于将所述登录密码信息发送至所述访问端,以供所述访问端利用所述登录密码信息登录被访问端。The sending module 305 is configured to send the login password information to the access terminal, so that the access terminal uses the login password information to log in to the accessed terminal.

具体的,所述装置还包括:Specifically, the device further includes:

集成模块,用于通过预设接口向所述被访问端发送邀请信息,并通过所述预设接口接收由所述被访问端反馈回的同意建连信息;根据所述同意建连信息进行数据库配置,以提供用于访问所述被访问端的访问入口。The integration module is used to send invitation information to the visited terminal through a preset interface, and receive the connection establishment consent information fed back by the visited terminal through the preset interface; configured to provide an access entry for accessing the accessed end.

进一步的,所述装置还包括:Further, the device also includes:

显示模块,用于所述访问端成功登录所述被访问端之后,从所述被访问端中获取待办事件信息和提醒事件信息;其中,所述待办事件信息包括:待办事件数量信息、待办事件名称信息、待办事件跳转链接信息,所述提醒事件信息包括:提醒事件数量信息、提醒事件名称信息、提醒事件跳转链接信息;通过显示界面显示所述待办事件信息和提醒事件信息。A display module, used for the access terminal to obtain to-do event information and reminder event information from the accessed terminal after the access terminal successfully logs in to the accessed terminal; wherein, the to-do event information includes: information on the number of to-do events , to-do event name information, to-do event jump link information, the reminder event information includes: reminder event quantity information, reminder event name information, reminder event jump link information; displaying the to-do event information and Alert event information.

实施例四Embodiment 4

本实施例还提供一种计算机设备,如可以执行程序的智能手机、平板电脑、笔记本电脑、台式计算机、机架式服务器、刀片式服务器、塔式服务器或机柜式服务器(包括独立的服务器,或者多个服务器所组成的服务器集群)等。如图3所示,本实施例的计算机设备40至少包括但不限于:可通过系统总线相互通信连接的存储器401、处理器402。需要指出的是,图3仅示出了具有组件401-402的计算机设备40,但是应理解的是,并不要求实施所有示出的组件,可以替代的实施更多或者更少的组件。This embodiment also provides a computer device, such as a smart phone, a tablet computer, a notebook computer, a desktop computer, a rack server, a blade server, a tower server, or a cabinet server (including independent servers, or A server cluster composed of multiple servers), etc. As shown in FIG. 3 , the computer device 40 in this embodiment at least includes but is not limited to: a memory 401 and a processor 402 that can be communicatively connected to each other through a system bus. It should be noted that FIG. 3 only shows the computer device 40 having components 401-402, but it should be understood that implementation of all of the illustrated components is not required, and more or fewer components may be implemented instead.

本实施例中,存储器401(即可读存储介质)包括闪存、硬盘、多媒体卡、卡型存储器(例如,SD或DX存储器等)、随机访问存储器(RAM)、静态随机访问存储器(SRAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、可编程只读存储器(PROM)、磁性存储器、磁盘、光盘等。在一些实施例中,存储器401可以是计算机设备40的内部存储单元,例如该计算机设备40的硬盘或内存。在另一些实施例中,存储器401也可以是计算机设备40的外部存储设备,例如该计算机设备40上配备的插接式硬盘,智能存储卡(Smart Media Card,SMC),安全数字(Secure Digital,SD)卡,闪存卡(Flash Card)等。当然,存储器401还可以既包括计算机设备40的内部存储单元也包括其外部存储设备。在本实施例中,存储器401通常用于存储安装于计算机设备40的操作系统和各类应用软件,例如用于实现上述实施例三的身份验证的装置的程序代码等。此外,存储器401还可以用于暂时地存储已经输出或者将要输出的各类数据。In this embodiment, the memory 401 (that is, a readable storage medium) includes a flash memory, a hard disk, a multimedia card, a card-type memory (eg, SD or DX memory, etc.), random access memory (RAM), static random access memory (SRAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), Programmable Read Only Memory (PROM), Magnetic Memory, Magnetic Disk, Optical Disk, etc. In some embodiments, the memory 401 may be an internal storage unit of the computer device 40 , such as a hard disk or a memory of the computer device 40 . In other embodiments, the memory 401 may also be an external storage device of the computer device 40, such as a plug-in hard disk, a smart memory card (Smart Media Card, SMC), a secure digital (Secure Digital, SD) card, flash memory card (Flash Card), etc. Of course, the memory 401 may also include both the internal storage unit of the computer device 40 and its external storage device. In this embodiment, the memory 401 is generally used to store the operating system and various application software installed in the computer device 40 , such as the program code of the apparatus for realizing the identity verification of the third embodiment. In addition, the memory 401 can also be used to temporarily store various types of data that have been output or will be output.

处理器402在一些实施例中可以是中央处理器(Central Processing Unit,CPU)、控制器、微控制器、微处理器、或其他数据处理芯片。该处理器402通常用于控制计算机设备40的总体操作。In some embodiments, the processor 402 may be a central processing unit (Central Processing Unit, CPU), a controller, a microcontroller, a microprocessor, or other data processing chips. The processor 402 is typically used to control the overall operation of the computer device 40 .

具体的,在本实施例中,处理器402用于执行处理器402中存储的身份验证的方法的程序,所述身份验证的方法的程序被执行时实现如下步骤:Specifically, in this embodiment, the processor 402 is configured to execute the program of the identity verification method stored in the processor 402, and the following steps are implemented when the program of the identity verification method is executed:

接收由访问端发送来的访问请求;其中,所述访问请求包括:验证码、被访问端信息;Receive the access request sent by the access terminal; wherein, the access request includes: verification code, information of the accessed terminal;

判断所述验证码是否有效,并在所述验证码有效的情况下从本地数据库中查找到与所述验证码对应的访问权限级别;Judging whether the verification code is valid, and finding the access authority level corresponding to the verification code from the local database when the verification code is valid;

判断在与所述访问权限级别对应的权限列表中是否包含所述被访问端信息;Judging whether the accessed terminal information is included in the permission list corresponding to the access permission level;

当在所述权限列表中包含所述被访问端信息时,从与所述被访问端信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信息;When the accessed terminal information is included in the permission list, obtain login password information corresponding to the access authority level from a password database corresponding to the accessed terminal information;

将所述登录密码信息发送至与所述访问请求对应的被访问端,以利用所述登录密码信息登录所述被访问端。Sending the login password information to the accessed terminal corresponding to the access request, so as to log in to the accessed terminal by using the login password information.

上述方法步骤的具体实施例过程可参见第一实施例,本实施例在此不再重复赘述。For the specific embodiment process of the above method steps, reference may be made to the first embodiment, which will not be repeated in this embodiment.

实施例五Embodiment 5

本实施例还提供一种计算机可读存储介质,如闪存、硬盘、多媒体卡、卡型存储器(例如,SD或DX存储器等)、随机访问存储器(RAM)、静态随机访问存储器(SRAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、可编程只读存储器(PROM)、磁性存储器、磁盘、光盘、服务器、App应用商城等等,其上存储有计算机程序,所述计算机程序被处理器执行时实现如下方法步骤:This embodiment also provides a computer-readable storage medium, such as a flash memory, a hard disk, a multimedia card, a card-type memory (for example, SD or DX memory, etc.), random access memory (RAM), static random access memory (SRAM), only Read-only memory (ROM), Electrically Erasable Programmable Read-Only Memory (EEPROM), Programmable Read-Only Memory (PROM), magnetic memory, magnetic disk, optical disk, server, App application mall, etc., on which computer programs are stored, When the computer program is executed by the processor, the following method steps are implemented:

接收由访问端发送来的访问请求;其中,所述访问请求包括:验证码、被访问端信息;Receive the access request sent by the access terminal; wherein, the access request includes: verification code, information of the accessed terminal;

判断所述验证码是否有效,并在所述验证码有效的情况下从本地数据库中查找到与所述验证码对应的访问权限级别;Judging whether the verification code is valid, and finding the access authority level corresponding to the verification code from the local database when the verification code is valid;

判断在与所述访问权限级别对应的权限列表中是否包含所述被访问端信息;Judging whether the accessed terminal information is included in the permission list corresponding to the access permission level;

当在所述权限列表中包含所述被访问端信息时,从与所述被访问端信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信息;When the accessed terminal information is included in the permission list, obtain login password information corresponding to the access authority level from a password database corresponding to the accessed terminal information;

将所述登录密码信息发送至与所述访问请求对应的被访问端,以利用所述登录密码信息登录所述被访问端。Sending the login password information to the accessed terminal corresponding to the access request, so as to log in to the accessed terminal by using the login password information.

上述方法步骤的具体实施例过程可参见第一实施例,本实施例在此不再重复赘述。For the specific embodiment process of the above method steps, reference may be made to the first embodiment, which will not be repeated in this embodiment.

需要说明的是,在本文中,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者装置不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者装置所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括该要素的过程、方法、物品或者装置中还存在另外的相同要素。It should be noted that, herein, the terms "comprising", "comprising" or any other variation thereof are intended to encompass non-exclusive inclusion, such that a process, method, article or device comprising a series of elements includes not only those elements, It also includes other elements not expressly listed or inherent to such a process, method, article or apparatus. Without further limitation, an element qualified by the phrase "comprising a..." does not preclude the presence of additional identical elements in a process, method, article or apparatus that includes the element.

上述本发明实施例序号仅仅为了描述,不代表实施例的优劣。The above-mentioned serial numbers of the embodiments of the present invention are only for description, and do not represent the advantages or disadvantages of the embodiments.

通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到上述实施例方法可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件,但很多情况下前者是更佳的实施方式。From the description of the above embodiments, those skilled in the art can clearly understand that the method of the above embodiment can be implemented by means of software plus a necessary general hardware platform, and of course can also be implemented by hardware, but in many cases the former is better implementation.

以上仅为本发明的优选实施例,并非因此限制本发明的专利范围,凡是利用本发明说明书及附图内容所作的等效结构或等效流程变换,或直接或间接运用在其他相关的技术领域,均同理包括在本发明的专利保护范围内。The above are only preferred embodiments of the present invention, and are not intended to limit the scope of the present invention. Any equivalent structure or equivalent process transformation made by using the contents of the description and drawings of the present invention, or directly or indirectly applied in other related technical fields , are similarly included in the scope of patent protection of the present invention.

Claims (10)

1.一种身份验证的方法,其特征在于,所述方法包括:1. a method for identity verification, characterized in that the method comprises: 接收由访问端发送来的访问请求;其中,所述访问请求包括:验证码、被访问端信息;Receive the access request sent by the access terminal; wherein, the access request includes: verification code, information of the accessed terminal; 判断所述验证码是否有效,并在所述验证码有效的情况下从本地数据库中查找到与所述验证码对应的访问权限级别;Judging whether the verification code is valid, and finding the access authority level corresponding to the verification code from the local database when the verification code is valid; 判断在与所述访问权限级别对应的权限列表中是否包含所述被访问端信息;Judging whether the accessed terminal information is included in the permission list corresponding to the access permission level; 当在所述权限列表中包含所述被访问端信息时,从与所述被访问端信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信息;When the accessed terminal information is included in the permission list, obtain login password information corresponding to the access authority level from a password database corresponding to the accessed terminal information; 将所述登录密码信息发送至与所述访问请求对应的被访问端,以利用所述登录密码信息登录所述被访问端。Sending the login password information to the accessed terminal corresponding to the access request, so as to log in to the accessed terminal by using the login password information. 2.根据权利要求1所述的身份验证的方法,其特征在于,在所述接收由访问端发送来的访问请求之前,所述方法还包括:2. The method for identity verification according to claim 1, wherein before the receiving the access request sent by the access terminal, the method further comprises: 接收由所述访问端发送来的平台注册信息;其中,所述平台注册信息包括:登录账号信息和用户基本信息;Receive the platform registration information sent by the access terminal; wherein, the platform registration information includes: login account information and basic user information; 根据所述登录账号信息生成所述验证码,并根据所述用户基本信息确定出所述访问权限级别;Generate the verification code according to the login account information, and determine the access authority level according to the basic user information; 将所述验证码和访问权限级别存储到所述本地数据库中,并将所述验证码发送至所述访问端。The verification code and the access authority level are stored in the local database, and the verification code is sent to the access terminal. 3.根据权利要求2所述的身份验证的方法,其特征在于,所述判断所述验证码是否有效,具体包括:3. The method for identity verification according to claim 2, wherein the judging whether the verification code is valid, specifically comprises: 当在所述本地数据库中存在所述验证码,且存储所述验证码的第一时间与接收到所述访问请求的第二时间的时间间隔小于预设阈值时,判定所述验证码有效。When the verification code exists in the local database, and the time interval between the first time when the verification code is stored and the second time when the access request is received is less than a preset threshold, it is determined that the verification code is valid. 4.根据权利要求1所述的身份验证的方法,其特征在于,所述方法还包括:4. The method for identity verification according to claim 1, wherein the method further comprises: 通过预设接口向所述被访问端发送邀请信息,并通过所述预设接口接收由所述被访问端反馈回的同意建连信息;Send invitation information to the visited terminal through a preset interface, and receive connection establishment approval information fed back by the visited terminal through the preset interface; 根据所述同意建连信息进行数据库配置,以提供用于访问所述被访问端的访问入口。Database configuration is performed according to the agreed connection establishment information, so as to provide an access entry for accessing the accessed terminal. 5.根据权利要求1所述的身份验证的方法,其特征在于,在所述访问端成功登录所述被访问端之后,所述方法还包括:5. The method for identity verification according to claim 1, wherein after the accessing terminal successfully logs in the accessed terminal, the method further comprises: 从所述被访问端中获取待办事件信息和提醒事件信息;其中,所述待办事件信息包括:待办事件数量信息、待办事件名称信息、待办事件跳转链接信息,所述提醒事件信息包括:提醒事件数量信息、提醒事件名称信息、提醒事件跳转链接信息;Obtain to-do event information and reminder event information from the visited terminal; wherein, the to-do event information includes: to-do event quantity information, to-do event name information, to-do event jump link information, and the reminder The event information includes: reminder event quantity information, reminder event name information, reminder event jump link information; 通过显示界面显示所述待办事件信息和提醒事件信息。The to-do event information and the reminder event information are displayed through the display interface. 6.一种身份验证的装置,其特征在于,所述装置包括:6. A device for identity verification, wherein the device comprises: 接收模块,用于接收由访问端发送来的访问请求;其中,所述访问请求包括:验证码、被访问端信息;a receiving module, configured to receive an access request sent by an access terminal; wherein, the access request includes: a verification code and information of the accessed terminal; 查找模块,用于判断所述验证码是否有效,并在所述验证码有效的情况下从本地数据库中查找到与所述验证码对应的访问权限级别;a search module for judging whether the verification code is valid, and finding the access authority level corresponding to the verification code from the local database when the verification code is valid; 判断模块,用于判断在与所述访问权限级别对应的权限列表中是否包含所述被访问端信息;a judging module for judging whether the accessed terminal information is included in the permission list corresponding to the access permission level; 获取模块,用于当在所述权限列表中包含所述被访问端信息时,从与所述被访问端信息对应的密码数据库中获取与所述访问权限级别对应的登录密码信息;an acquisition module, configured to acquire login password information corresponding to the access authority level from a password database corresponding to the accessed terminal information when the accessed terminal information is included in the authority list; 发送模块,用于将所述登录密码信息发送至与所述访问请求对应的被访问端,以利用所述登录密码信息登录所述被访问端。A sending module, configured to send the login password information to the accessed terminal corresponding to the access request, so as to log in to the accessed terminal by using the login password information. 7.根据权利要求6所述的身份验证的装置,其特征在于,所述装置还包括:7. The device for identity verification according to claim 6, wherein the device further comprises: 处理模块,用于接收由所述访问端发送来的平台注册信息;其中,所述平台注册信息包括:登录账号信息和用户基本信息;根据所述登录账号信息生成所述验证码,并根据所述用户基本信息确定出所述访问权限级别;将所述验证码和访问权限级别存储到所述本地数据库中,并将所述验证码发送至所述访问端。a processing module, configured to receive the platform registration information sent by the access terminal; wherein, the platform registration information includes: login account information and basic user information; generate the verification code according to the login account information, and The access authority level is determined from the basic user information; the verification code and the access authority level are stored in the local database, and the verification code is sent to the access terminal. 8.根据权利要求7所述的身份验证的装置,其特征在于,所述判断模块,具体用于:8. The device for identity verification according to claim 7, wherein the judging module is specifically used for: 当在所述本地数据库中存在所述验证码,且存储所述验证码的第一时间与接收到所述访问请求的第二时间的时间间隔小于预设阈值时,判定所述验证码有效。When the verification code exists in the local database, and the time interval between the first time when the verification code is stored and the second time when the access request is received is less than a preset threshold, it is determined that the verification code is valid. 9.一种计算机设备,所述计算机设备包括:存储器、处理器以及存储在所述存储器上并可在所述处理器上运行的计算机程序,其特征在于,所述处理器执行所述程序时实现权利要求1至5任一项所述方法的步骤。9. A computer device, the computer device comprising: a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein when the processor executes the program Carry out the steps of the method of any one of claims 1 to 5. 10.一种计算机可读存储介质,其上存储有计算机程序,其特征在于,所述程序被处理器执行时实现权利要求1至5任一项所述方法的步骤。10. A computer-readable storage medium on which a computer program is stored, characterized in that, when the program is executed by a processor, the steps of the method according to any one of claims 1 to 5 are implemented.
CN202010102388.1A 2020-02-19 2020-02-19 Identity authentication method and device, computer equipment and readable storage medium Expired - Fee Related CN111343168B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202010102388.1A CN111343168B (en) 2020-02-19 2020-02-19 Identity authentication method and device, computer equipment and readable storage medium
PCT/CN2021/071060 WO2021164459A1 (en) 2020-02-19 2021-01-11 Identity verification method and apparatus, computer device, and readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010102388.1A CN111343168B (en) 2020-02-19 2020-02-19 Identity authentication method and device, computer equipment and readable storage medium

Publications (2)

Publication Number Publication Date
CN111343168A true CN111343168A (en) 2020-06-26
CN111343168B CN111343168B (en) 2022-01-28

Family

ID=71186966

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010102388.1A Expired - Fee Related CN111343168B (en) 2020-02-19 2020-02-19 Identity authentication method and device, computer equipment and readable storage medium

Country Status (2)

Country Link
CN (1) CN111343168B (en)
WO (1) WO2021164459A1 (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112528305A (en) * 2020-12-16 2021-03-19 平安银行股份有限公司 Access control method, device, electronic equipment and storage medium
CN113076529A (en) * 2021-04-14 2021-07-06 湖南快乐阳光互动娱乐传媒有限公司 Access control method, device, computer readable storage medium and equipment
WO2021164459A1 (en) * 2020-02-19 2021-08-26 深圳壹账通智能科技有限公司 Identity verification method and apparatus, computer device, and readable storage medium
CN114117376A (en) * 2022-01-28 2022-03-01 蘑菇物联技术(深圳)有限公司 Identity authentication method, method for distributing dynamic password and corresponding equipment
CN115964687A (en) * 2022-12-14 2023-04-14 武汉卓讯互动信息科技有限公司 Block chain-based enterprise unified account authentication method and platform
CN119696903A (en) * 2024-12-19 2025-03-25 河南融创新合科技有限公司 Cloud computing-based cryptographic service unified management system, method and storage medium

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113707346B (en) * 2021-09-02 2022-06-14 广州方舟信息科技有限公司 Novel online inquiry system and method based on Internet hospital
CN113722691A (en) * 2021-09-14 2021-11-30 京东科技控股股份有限公司 Method and device for realizing self-service access of merchant data
CN116112279B (en) * 2023-02-22 2025-12-12 中国建设银行股份有限公司 Access control methods, apparatus, computer equipment and storage media
CN118502985B (en) * 2024-05-06 2025-02-18 广州逸虎网络科技有限公司 A method and device for acquiring sub-application data based on a unified management platform
CN118821169B (en) * 2024-06-17 2025-02-28 山东科信融创科技服务有限公司 A digital enterprise information management method and management system
CN119011306B (en) * 2024-10-25 2025-01-28 中船奥蓝托无锡软件技术有限公司 Data security protection method, device and industrial system based on 1+N architecture
CN120785660B (en) * 2025-09-10 2025-12-16 南京元时空地理信息技术有限公司 A Map Service Access Control Method and System

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1881228A (en) * 2005-06-14 2006-12-20 华为技术有限公司 Method for controlling system account right
CN102054203A (en) * 2009-11-05 2011-05-11 上海久隆信息工程有限公司 Processing method and device for enterprise-oriented information resource application integration
CN103457878A (en) * 2013-09-05 2013-12-18 电子科技大学 Network accessing control method based on streams
CN104243532A (en) * 2013-06-21 2014-12-24 鸿富锦精密工业(深圳)有限公司 Data access method and system
US20180293397A1 (en) * 2017-04-06 2018-10-11 Indais Corp. Systems and methods for access control and data management
CN109040024A (en) * 2018-07-06 2018-12-18 广东微云科技股份有限公司 Resource access authority control method and system
CN109150910A (en) * 2018-10-11 2019-01-04 平安科技(深圳)有限公司 Log in token generation and verification method, device and storage medium
CN109257391A (en) * 2018-11-30 2019-01-22 北京锐安科技有限公司 A kind of access authority opening method, device, server and storage medium
CN109492374A (en) * 2018-09-26 2019-03-19 平安医疗健康管理股份有限公司 System login method, device, server and the storage medium of identity-based verifying
CN109670768A (en) * 2018-09-27 2019-04-23 深圳壹账通智能科技有限公司 Right management method, device, platform and the readable storage medium storing program for executing in multi-service domain
CN110750765A (en) * 2019-09-27 2020-02-04 奇安信科技集团股份有限公司 Service system, front-end page control method thereof, computer device, and storage medium

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104394174B (en) * 2014-12-15 2017-06-09 邱红涛 The login method and its login system of social networking system
US11303627B2 (en) * 2018-05-31 2022-04-12 Oracle International Corporation Single Sign-On enabled OAuth token
CN109639740B (en) * 2019-01-31 2022-02-22 平安科技(深圳)有限公司 Login state sharing method and device based on equipment ID
CN110516454A (en) * 2019-08-13 2019-11-29 苏州浪潮智能科技有限公司 Exchange method, system, device and the computer readable storage medium of more equipment
CN110784450A (en) * 2019-09-24 2020-02-11 云深互联(北京)科技有限公司 Single sign-on method and device based on browser
CN111343168B (en) * 2020-02-19 2022-01-28 深圳壹账通智能科技有限公司 Identity authentication method and device, computer equipment and readable storage medium

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1881228A (en) * 2005-06-14 2006-12-20 华为技术有限公司 Method for controlling system account right
CN102054203A (en) * 2009-11-05 2011-05-11 上海久隆信息工程有限公司 Processing method and device for enterprise-oriented information resource application integration
CN104243532A (en) * 2013-06-21 2014-12-24 鸿富锦精密工业(深圳)有限公司 Data access method and system
CN103457878A (en) * 2013-09-05 2013-12-18 电子科技大学 Network accessing control method based on streams
US20180293397A1 (en) * 2017-04-06 2018-10-11 Indais Corp. Systems and methods for access control and data management
CN109040024A (en) * 2018-07-06 2018-12-18 广东微云科技股份有限公司 Resource access authority control method and system
CN109492374A (en) * 2018-09-26 2019-03-19 平安医疗健康管理股份有限公司 System login method, device, server and the storage medium of identity-based verifying
CN109670768A (en) * 2018-09-27 2019-04-23 深圳壹账通智能科技有限公司 Right management method, device, platform and the readable storage medium storing program for executing in multi-service domain
CN109150910A (en) * 2018-10-11 2019-01-04 平安科技(深圳)有限公司 Log in token generation and verification method, device and storage medium
CN109257391A (en) * 2018-11-30 2019-01-22 北京锐安科技有限公司 A kind of access authority opening method, device, server and storage medium
CN110750765A (en) * 2019-09-27 2020-02-04 奇安信科技集团股份有限公司 Service system, front-end page control method thereof, computer device, and storage medium

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021164459A1 (en) * 2020-02-19 2021-08-26 深圳壹账通智能科技有限公司 Identity verification method and apparatus, computer device, and readable storage medium
CN112528305A (en) * 2020-12-16 2021-03-19 平安银行股份有限公司 Access control method, device, electronic equipment and storage medium
CN112528305B (en) * 2020-12-16 2023-10-10 平安银行股份有限公司 Access control method, device, electronic equipment and storage medium
CN113076529A (en) * 2021-04-14 2021-07-06 湖南快乐阳光互动娱乐传媒有限公司 Access control method, device, computer readable storage medium and equipment
CN114117376A (en) * 2022-01-28 2022-03-01 蘑菇物联技术(深圳)有限公司 Identity authentication method, method for distributing dynamic password and corresponding equipment
CN115964687A (en) * 2022-12-14 2023-04-14 武汉卓讯互动信息科技有限公司 Block chain-based enterprise unified account authentication method and platform
CN119696903A (en) * 2024-12-19 2025-03-25 河南融创新合科技有限公司 Cloud computing-based cryptographic service unified management system, method and storage medium
CN119696903B (en) * 2024-12-19 2025-06-13 河南融创新合科技有限公司 Cloud computing-based password service unified management system, method and storage medium

Also Published As

Publication number Publication date
CN111343168B (en) 2022-01-28
WO2021164459A1 (en) 2021-08-26

Similar Documents

Publication Publication Date Title
CN111343168A (en) Identity authentication method and device, computer equipment and readable storage medium
EP3552098B1 (en) Operating system update management for enrolled devices
US11190513B2 (en) Gateway enrollment for internet of things device management
JP6563134B2 (en) Certificate renewal and deployment
CN111181975B (en) An account management method, device, equipment and storage medium
US10587697B2 (en) Application-specific session authentication
CN108551437B (en) Method and apparatus for authenticating information
US10567388B1 (en) Automatic account resource and policy decommissioning
US8898774B2 (en) Method and system for scanning a computer system for sensitive content
US9485202B2 (en) Alerting recipients to errors occurring when accessing external services
US20190273657A1 (en) Multiuser device staging
US9769146B2 (en) Information processing system, information processing method, and non-transitory computer-readable medium
US11855997B1 (en) System and methods for controlled access to computer resources
US10956255B1 (en) Automated agent for proactively alerting a user of L1 IT support issues through chat-based communication
US11227262B2 (en) Techniques for improving the ability of an invitee to fully participate in a meeting via a data processing system
CN108289074B (en) User account login method and device
US11411813B2 (en) Single user device staging
CN111885006A (en) Page access and authorized access method and device
CN110750765A (en) Service system, front-end page control method thereof, computer device, and storage medium
US10789518B2 (en) Barcode-based enrollment of devices with a management service
CN112583890B (en) Message pushing method and device based on enterprise office system and computer equipment
CN114362960B (en) Resource account data supervision method, device, computer equipment and medium
US9043880B1 (en) Directory service user exportation system
CN110401674B (en) Data access method, device, system, electronic equipment and computer readable medium
CN111800382A (en) Cooperative system docking method, apparatus, system and computer readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20220128