[go: up one dir, main page]

CN108763889A - A kind of login validation method, device, equipment and readable storage medium storing program for executing - Google Patents

A kind of login validation method, device, equipment and readable storage medium storing program for executing Download PDF

Info

Publication number
CN108763889A
CN108763889A CN201810550572.5A CN201810550572A CN108763889A CN 108763889 A CN108763889 A CN 108763889A CN 201810550572 A CN201810550572 A CN 201810550572A CN 108763889 A CN108763889 A CN 108763889A
Authority
CN
China
Prior art keywords
user
login
login verification
target user
login authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN201810550572.5A
Other languages
Chinese (zh)
Inventor
王凤丽
张大帅
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhengzhou Yunhai Information Technology Co Ltd
Original Assignee
Zhengzhou Yunhai Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhengzhou Yunhai Information Technology Co Ltd filed Critical Zhengzhou Yunhai Information Technology Co Ltd
Priority to CN201810550572.5A priority Critical patent/CN108763889A/en
Publication of CN108763889A publication Critical patent/CN108763889A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

本发明公开了一种登录验证方法,该方法包括以下步骤:当获取到目标用户发送的登录验证请求时,读取指定配置文件目录下的用户登录验证失败记录文件;查找并判断目标用户登录验证失败记录文件中是否已记载目标用户的登录验证失败记录;如果已记载,则利用预设条件,确定目标用户是否具有登录验证资格;如果未记载,则直接确定目标用户具有登录验证资格;若目标用户具有登录验证资格,则利用预设数据库中的用户数据对登录验证请求进行处理。利用用户登录验证失败文件解决非法用户暴力破解用户名密码的同时,还可减少对数据库的访问次数。提高登录验证效率,提升用户体验。本发明还公开了一种登录验证装置、设备及可读存储介质,具有相应的技术效果。

The invention discloses a login verification method, which comprises the following steps: when the login verification request sent by the target user is obtained, reading the user login verification failure record file under the specified configuration file directory; finding and judging the target user login verification Whether the login verification failure record of the target user has been recorded in the failure record file; if it has been recorded, then use the preset conditions to determine whether the target user has the login verification qualification; if not, directly determine that the target user has the login verification qualification; if the target user If the user is qualified for login verification, the user data in the preset database is used to process the login verification request. Use the user login verification failure file to solve illegal users' violent cracking of username and password, and at the same time reduce the number of visits to the database. Improve login verification efficiency and enhance user experience. The invention also discloses a login verification device, equipment and a readable storage medium, which have corresponding technical effects.

Description

一种登录验证方法、装置、设备及可读存储介质A login verification method, device, equipment and readable storage medium

技术领域technical field

本发明涉及安全保障技术领域,特别是涉及一种登录验证方法、装置、设备及可读存储介质。The invention relates to the technical field of safety assurance, in particular to a login verification method, device, equipment and a readable storage medium.

背景技术Background technique

为了加强用户身份合法性的校验,越来越多的GUI(图形用户界面,GraphicalUser Interface)软件对用户登录验证添加了鉴别失败处理功能,以便防止非法用户暴力破解用户名密码,对系统或用户信息造成破坏。In order to strengthen the verification of user identity legality, more and more GUI (Graphical User Interface, Graphical User Interface) software has added authentication failure processing function to user login verification, so as to prevent illegal users from violently cracking username and password, and damage the system or user. Information wreaks havoc.

现有的,为了防止非法用户暴力破解用户名密码,在数据库用户信息表中增加用户登录记录,以便在各个用户发起登录请求时,利用这些记录,来防止非法用户暴力破解用户名密码。如此,便导致频繁地对数据库中的数据进行访问和处理,会造成数据库性能下降。尤其在用户登录访问量较大时,数据库性能也随之变差,出现数据库查询,更新速度慢,进而导致用户身份合法性校验变慢,影响用户体验。Currently, in order to prevent illegal users from violently cracking usernames and passwords, user login records are added to the database user information table, so that when each user initiates a login request, these records are used to prevent illegal users from cracking usernames and passwords violently. In this way, the data in the database is frequently accessed and processed, and the performance of the database is degraded. Especially when there is a large number of user login visits, the performance of the database will also deteriorate, and database queries will appear, and the update speed will be slow, which will lead to slow verification of user identity validity and affect user experience.

综上所述,如何有效地提高用户登录验证效率等问题,是目前本领域技术人员急需解决的技术问题。To sum up, how to effectively improve the efficiency of user login verification is a technical problem urgently needed to be solved by those skilled in the art.

发明内容Contents of the invention

本发明的目的是提供一种登录验证方法、装置、设备及可读存储介质,以提高用户登录验证的效率,提升用户体验。The purpose of the present invention is to provide a login verification method, device, equipment and readable storage medium, so as to improve the efficiency of user login verification and improve user experience.

为解决上述技术问题,本发明提供如下技术方案:In order to solve the above technical problems, the present invention provides the following technical solutions:

一种登录验证方法,包括:A login verification method, comprising:

当获取到目标用户发送的登录验证请求时,读取指定配置文件目录下的用户登录验证失败记录文件;When the login verification request sent by the target user is obtained, read the user login verification failure record file under the specified configuration file directory;

查找并判断所述目标用户登录验证失败记录文件中是否已记载所述目标用户的登录验证失败记录;Finding and judging whether the target user's login verification failure record has been recorded in the target user's login verification failure record file;

如果已记载,则利用预设条件,确定所述目标用户是否具有登录验证资格;If it has been recorded, using preset conditions to determine whether the target user has login verification qualifications;

如果未记载,则直接确定所述目标用户具有所述登录验证资格;If not recorded, directly determine that the target user has the login verification qualification;

若所述目标用户具有所述登录验证资格,则利用预设数据库中的用户数据对所述登录验证请求进行处理;其中,所述用户数据包括合法用户的登录验证信息。If the target user has the login verification qualification, the user data in a preset database is used to process the login verification request; wherein the user data includes login verification information of a legitimate user.

优选地,在所述读取指定配置文件目录下的用户登录验证失败记录文件之前,还包括:Preferably, before reading the user login verification failure record file under the specified configuration file directory, it also includes:

将用户登录验证失败记录文件导入到指定配置文件目录下;其中,所述用户登录验证记录文件中记载了登录验证失败用户的登录验证失败次数、最新验证失败时间。Import the user login verification failure record file into the designated configuration file directory; wherein, the user login verification record file records the number of login verification failures and the latest verification failure time of the user who failed the login verification.

优选地,所述利用预设条件,确定所述目标用户是否具有登录验证资格,包括:Preferably, the use of preset conditions to determine whether the target user has login verification qualifications includes:

读取所述目标用户的登录验证失败次数,并判断所述登录验证失败次数是否超过预设阈值;Reading the number of login verification failures of the target user, and judging whether the number of login verification failures exceeds a preset threshold;

如果超过,则利用所述目标用户的最新验证失败时间,判断所述登录验证请求是否属于预设账户锁定时段之外,并在属于所述预设账户锁定时段之外时,确定所述目标用户具有登录验证资格;If so, use the latest verification failure time of the target user to determine whether the login verification request falls outside the preset account lockout period, and determine the target user if it falls outside the preset account lockout period Qualified for login verification;

如果未超过,则确定所述目标用户具有登录验证资格。If not, it is determined that the target user is qualified for login verification.

优选地,所述利用预设数据库中的用户数据对所述登录验证请求进行处理,包括:Preferably, the processing of the login verification request using user data in a preset database includes:

当登录验证失败时,则在所述用户登录验证失败记录文件中更新或添加所述目标用户的登录验证失败记录。When the login verification fails, update or add the target user's login verification failure record in the user login verification failure record file.

优选地,所述利用预设数据库中的用户数据对所述登录验证请求进行处理,包括:Preferably, the processing of the login verification request using user data in a preset database includes:

当登录验证成功时,将所述目标用户的登录验证失败记录从所述用户登录验证失败记录文件中删除。When the login verification is successful, the target user's login verification failure record is deleted from the user login verification failure record file.

一种登录验证装置,包括:A login verification device, comprising:

文件读取模块,用于当获取到目标用户发送的登录验证请求时,读取指定配置文件目录下的用户登录验证失败记录文件;The file reading module is used to read the user login verification failure record file under the specified configuration file directory when the login verification request sent by the target user is obtained;

登录验证失败记录查找判断模块,用于查找并判断所述目标用户登录验证失败记录文件中是否已记载所述目标用户的登录验证失败记录;A login verification failure record search and judgment module, used to search and judge whether the target user's login verification failure record has been recorded in the target user's login verification failure record file;

登录验证资格确定模块,用于若所述目标用户登录验证失败记录文件中已记载所述目标用户的登录验证失败记录,则利用预设条件,确定所述目标用户是否具有登录验证资格;若所述用户登录验证失败记录文件中未记载所述目标用户的登录验证失败记录,则直接确定所述目标用户具有所述登录验证资格;The login verification qualification determination module is used to determine whether the target user has the login verification qualification if the target user's login verification failure record has been recorded in the target user's login verification failure record file by using preset conditions; If the login verification failure record of the target user is not recorded in the user login verification failure record file, it is directly determined that the target user has the login verification qualification;

登录验证请求处理模块,用于若所述目标用户具有所述登录验证资格,则利用预设数据库中的用户数据对所述登录验证请求进行处理;其中,所述用户数据包括合法用户的登录验证信息。A login verification request processing module, configured to use user data in a preset database to process the login verification request if the target user has the login verification qualification; wherein, the user data includes the login verification of a legal user information.

优选地,还包括:Preferably, it also includes:

用户登录验证失败记录文件导入模块,用于在所述读取指定配置文件目录下的用户登录验证失败记录文件之前,将用户登录验证失败记录文件导入到指定配置文件目录下;其中,所述用户登录验证记录文件中记载了登录验证失败用户的登录验证失败次数、最新验证失败时间。The user login verification failure record file import module is used to import the user login verification failure record file into the specified configuration file directory before reading the user login verification failure record file under the specified configuration file directory; wherein the user The login verification record file records the number of login verification failures and the latest verification failure time of the user who failed the login verification.

优选地,登录验证请求处理模块,具体用于当登录验证失败时,则在所述用户登录验证失败记录文件中更新或添加所述目标用户的登录验证失败记录。Preferably, the login verification request processing module is specifically configured to update or add the target user's login verification failure record in the user login verification failure record file when the login verification fails.

一种登录验证设备,包括:A login verification device, comprising:

存储器,用于存储计算机程序;memory for storing computer programs;

处理器,用于执行所述计算机程序时实现上述登录验证方法的步骤。A processor, configured to implement the steps of the above login verification method when executing the computer program.

一种可读存储介质,所述可读存储介质上存储有计算机程序,所述计算机程序被处理器执行时实现上述登录验证方法的步骤。A readable storage medium, where a computer program is stored on the readable storage medium, and when the computer program is executed by a processor, the steps of the above login verification method are realized.

应用本发明实施例所提供的方法,当获取到目标用户发送的登录验证请求时,读取指定配置文件目录下的用户登录验证失败记录文件;查找并判断目标用户登录验证失败记录文件中是否已记载目标用户的登录验证失败记录;如果已记载,则利用预设条件,确定目标用户是否具有登录验证资格;如果未记载,则直接确定目标用户具有登录验证资格;若目标用户具有登录验证资格,则利用预设数据库中的用户数据对登录验证请求进行处理;其中,用户数据包括合法用户的登录验证信息。在对登录验证请求进行处理之前,先利用指定配置文件目录下的用户登录验证失败记录文件,确定出目标用户是否具有登录验证资格。仅当其具有登录验证资格时,利用预设数据库对目标用户的登录验证请求进行处理。也就是说,在利用用户登录验证失败文件解决非法用户暴力破解用户名密码问题的同时,还可减少对数据库的访问次数。提高对合法用户的验证效率,提升用户体验。Apply the method provided by the embodiment of the present invention, when the login verification request sent by the target user is obtained, read the user login verification failure record file under the specified configuration file directory; find and judge whether the target user login verification failure record file has Record the login verification failure record of the target user; if it has been recorded, use the preset conditions to determine whether the target user has the login verification qualification; if it is not recorded, directly determine that the target user has the login verification qualification; if the target user has the login verification qualification, Then use the user data in the preset database to process the login verification request; wherein, the user data includes the login verification information of the legal user. Before processing the login verification request, first use the user login verification failure record file under the specified configuration file directory to determine whether the target user has the login verification qualification. Only when the target user is qualified for login verification, the target user's login verification request is processed using a preset database. That is to say, while using the user login verification failure file to solve the problem of illegal users violently cracking the username and password, it can also reduce the number of visits to the database. Improve the verification efficiency of legitimate users and improve user experience.

相应地,本发明实施例还提供了与上述登录验证方法相对应的登录验证装置、设备和可读存储介质,具有上述技术效果,在此不再赘述。Correspondingly, the embodiments of the present invention also provide a login verification device, equipment, and readable storage medium corresponding to the above login verification method, which have the above technical effects and will not be repeated here.

附图说明Description of drawings

为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the following will briefly introduce the drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description are only These are some embodiments of the present invention. Those skilled in the art can also obtain other drawings based on these drawings without creative work.

图1为本发明实施例中一种登录验证方法的实施流程图;Fig. 1 is the implementation flowchart of a kind of login verification method in the embodiment of the present invention;

图2为本发明实施例中另一种登录验证方法的流程图;FIG. 2 is a flow chart of another login verification method in an embodiment of the present invention;

图3为本发明实施例中一种登录验证方法的具体应用流程示意图;3 is a schematic diagram of a specific application flow of a login verification method in an embodiment of the present invention;

图4为本发明实施例中一种登录验证装置的结构示意图;4 is a schematic structural diagram of a login verification device in an embodiment of the present invention;

图5为本发明实施例中一种登录验证设备的结构示意图。Fig. 5 is a schematic structural diagram of a login verification device in an embodiment of the present invention.

具体实施方式Detailed ways

为了使本技术领域的人员更好地理解本发明方案,下面结合附图和具体实施方式对本发明作进一步的详细说明。显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。In order to enable those skilled in the art to better understand the solution of the present invention, the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments. Apparently, the described embodiments are only some of the embodiments of the present invention, but not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

实施例一:Embodiment one:

请参考图1,图1为本发明实施例中一种登录验证方法的流程图,该方法包括以下步骤:Please refer to FIG. 1. FIG. 1 is a flow chart of a login verification method in an embodiment of the present invention. The method includes the following steps:

S101、当获取到目标用户发送的登录验证请求时,读取指定配置文件目录下的用户登录验证失败记录文件。S101. When the login verification request sent by the target user is obtained, read the user login verification failure record file under the specified configuration file directory.

目标用户可以通过GUI软件或命令行终端发送登录验证请求,在该登陆验证请求中可以包括用户名(或账号)和身份验证信息(如密码)。当获取到目标用户发送的登录验证请求时,可以读取指定配置文件目录下的用户登录验证失败文件。具体的,用户登录验证失败文件为记录了指定软件系统的用户登录验证失败的记录信息。例如,可以记载用户登录失败的次数,登录失败的时间、登录失败的原因等信息。The target user can send a login verification request through GUI software or a command line terminal, and the login verification request can include a user name (or account number) and identity verification information (such as a password). When the login verification request sent by the target user is obtained, the user login verification failure file under the specified configuration file directory can be read. Specifically, the user login verification failure file is record information that records the user login verification failure of the specified software system. For example, information such as the number of failed logins, the time of failed logins, and the reason for failed logins can be recorded.

S102查找并判断目标用户登录验证失败记录文件中是否已记载目标用户的登录验证失败记录。S102 Search and determine whether the target user's login verification failure record has been recorded in the target user's login verification failure record file.

读取到用户登录验证失败文件之后,可以通过查找遍历该用户登录验证失败文件中的用户登录失败记录,确定是否存在目标用户是否有登录验证失败记录。如果存在登录验证失败记录,则进入步骤S103,如果不存在登录验证失败记载,则进入步骤S104。After reading the user login verification failure file, you can determine whether there is a login verification failure record for the target user by searching and traversing the user login failure records in the user login verification failure file. If there is a log-in verification failure record, go to step S103; if there is no log-in verification failure record, go to step S104.

S103、利用预设条件,确定目标用户是否具有登录验证资格。S103. Using preset conditions, determine whether the target user has login verification qualifications.

在本实施例中,可以预先设置用于判断用户是否具有登录验证资格的条件。该预设条件的具体内容可以预先确定,也可以根据实际情况进行确认和调整,在此不做限定。In this embodiment, conditions for judging whether the user has login verification qualifications may be preset. The specific content of the preset condition can be determined in advance, or can be confirmed and adjusted according to the actual situation, which is not limited here.

当用户登录验证失败记录文件中记载了目标用户的登录失败验证记录时,可以利用预设条件,确定目标用户是否具有登录验证资格。When the user login verification failure record file records the target user's login failure verification record, preset conditions can be used to determine whether the target user has the login verification qualification.

S104、直接确定目标用户具有登录验证资格。S104. Directly determine that the target user is qualified for login verification.

当用户登录验证失败文件中未记载目标用户的登录失败验证记录时,可以认为目标用户不存在暴力破解的嫌疑,此时,可认为目标用户具有登录验证资格。When the target user's login failure verification record is not recorded in the user login verification failure file, it can be considered that the target user is not suspected of brute force cracking, and at this time, the target user can be considered to have the login verification qualification.

S105、若目标用户具有登录验证资格,则利用预设数据库中的用户数据对登录验证请求进行处理。S105. If the target user has the login verification qualification, process the login verification request by using the user data in the preset database.

其中,用户数据包括合法用户的登录验证信息。Wherein, the user data includes the login verification information of the legal user.

在确定目标用户具有登录验证资格之后,则可以利用预设数据库中的用户数据对该登录验证请求进行处理。其中,预设数据库包括合法用户的登录验证信息,也就是说,利用这些登录验证信息可以对目标用户的登录验证请求进行判断处理,最终确定是否令目标用户成功登录。After it is determined that the target user has the login verification qualification, the login verification request can be processed by using the user data in the preset database. Wherein, the preset database includes login verification information of legitimate users, that is, the login verification information of the target user can be used to judge and process the login verification request of the target user, and finally determine whether the target user successfully logs in.

应用本发明实施例所提供的方法,当获取到目标用户发送的登录验证请求时,读取指定配置文件目录下的用户登录验证失败记录文件;查找并判断目标用户登录验证失败记录文件中是否已记载目标用户的登录验证失败记录;如果已记载,则利用预设条件,确定目标用户是否具有登录验证资格;如果未记载,则直接确定目标用户具有登录验证资格;若目标用户具有登录验证资格,则利用预设数据库中的用户数据对登录验证请求进行处理;其中,用户数据包括合法用户的登录验证信息。在对登录验证请求进行处理之前,先利用指定配置文件目录下的用户登录验证失败记录文件,确定出目标用户是否具有登录验证资格。仅当其具有登录验证资格时,利用预设数据库对目标用户的登录验证请求进行处理。也就是说,在利用用户登录验证失败文件解决非法用户暴力破解用户名密码问题的同时,还可减少对数据库的访问次数。提高对合法用户的验证效率,提升用户体验。Apply the method provided by the embodiment of the present invention, when the login verification request sent by the target user is obtained, read the user login verification failure record file under the specified configuration file directory; find and judge whether the target user login verification failure record file has Record the login verification failure record of the target user; if it has been recorded, use the preset conditions to determine whether the target user has the login verification qualification; if it is not recorded, directly determine that the target user has the login verification qualification; if the target user has the login verification qualification, Then use the user data in the preset database to process the login verification request; wherein, the user data includes the login verification information of the legal user. Before processing the login verification request, first use the user login verification failure record file under the specified configuration file directory to determine whether the target user has the login verification qualification. Only when the target user is qualified for login verification, the target user's login verification request is processed using a preset database. That is to say, while using the user login verification failure file to solve the problem of illegal users violently cracking the username and password, it can also reduce the number of visits to the database. Improve the verification efficiency of legitimate users and improve user experience.

需要说明的是,基于上述实施例一,本发明实施例还提供了相应的改进方案。在后续实施例中涉及与上述实施例一中相同步骤或相应步骤之间可相互参考,相应的有益效果也可相互参照,在下文的改进实施例中不再一一赘述。It should be noted that, based on the first embodiment above, the embodiment of the present invention also provides a corresponding improvement solution. In subsequent embodiments, the same steps as in the first embodiment above or corresponding steps may be referred to each other, and the corresponding beneficial effects may also be referred to each other, and will not be repeated in the improved embodiments below.

实施例二:Embodiment two:

请参考图2,图2为本发明实施例中另一种登录验证方法的流程图,该方法包括以下步骤:Please refer to Figure 2, Figure 2 is a flowchart of another login verification method in an embodiment of the present invention, the method includes the following steps:

S201、将用户登录验证失败记录文件导入到指定配置文件目录下。S201. Import the user login verification failure record file into a specified configuration file directory.

其中,用户登录验证记录文件中记载了登录验证失败用户的登录验证失败次数、最新验证失败时间。Wherein, the user login verification record file records the number of login verification failures and the latest verification failure time of the user who failed the login verification.

具体的,可以先新建一个用户登录验证失败记录文件,并在该用户登录失败记录文件中记载登录验证失败用户的登录验证失败次数、最新验证失败时间(即最后一次登录验证失败时间)等信息。然后将用户登录验证失败记录文件导入到指定配置文件目录下。若当前系统具备配置文件目录,则直接将用户登录验证失败记录文件直接导入到该目录下,若当前系统不存在配置文件目录,则可以在该系统下新建一个配置文件,然将用户登录验证失败记录文件导入其中。因配置文件不在数据库中,所以访问登录验证失败记录文件时不会干扰数据库的正常使用。Specifically, a new user login verification failure record file can be created first, and information such as the number of login verification failures of the login verification failure user, the latest verification failure time (ie the last login verification failure time) and the like can be recorded in the user login failure record file. Then import the user login verification failure record file to the specified configuration file directory. If the current system has a configuration file directory, directly import the user login verification failure record file directly into this directory. Log files are imported into it. Since the configuration file is not in the database, accessing the login authentication failure record file will not interfere with the normal use of the database.

S202、当获取到目标用户发送的登录验证请求时,读取指定配置文件目录下的用户登录验证失败记录文件。S202. When the login verification request sent by the target user is obtained, read the user login verification failure record file under the specified configuration file directory.

S203、查找并判断目标用户登录验证失败记录文件中是否已记载目标用户的登录验证失败记录。S203. Find and determine whether the target user's login verification failure record has been recorded in the target user's login verification failure record file.

如果已记载,则进入步骤S204,如果未记载,则进入步骤S207。If it has been recorded, go to step S204, if not, go to step S207.

S204、读取目标用户的登录验证失败次数,并判断登录验证失败次数是否超过预设阈值。S204. Read the number of login verification failures of the target user, and determine whether the number of login verification failures exceeds a preset threshold.

在本实施例中,为了防止非法用户暴力破解用户名和密码,可以预先设置一个用于限制登录验证失败次数的阈值。具体的,该预设阈值的具体数值可以预先确定,也可以根据实际情况进行确定和调整,在此不做限定。In this embodiment, in order to prevent illegal users from brute force cracking the user name and password, a threshold for limiting the number of login verification failures may be preset. Specifically, the specific value of the preset threshold may be predetermined, or may be determined and adjusted according to actual conditions, and is not limited here.

读取到目标用户的登录验证失败次数之后,将登录验证失败次数与预设阈值进行判断。After reading the number of login verification failures of the target user, judge the number of login verification failures and the preset threshold.

如果超过预设阈值,即表明当前的目标用户可能存在暴力破解用户名和密码的嫌疑,则进入步骤S205;如果未超过预设阈值,即表明当前目标用户可能是因为输错密码等常规原因导致存在登录验证失败记录,暂时不存在暴利破解用户名密码的嫌疑,则进入步骤S206、If it exceeds the preset threshold, it means that the current target user may be suspected of brute force cracking the user name and password, then enter step S205; If there is no log-in verification failure record, and there is no suspicion of cracking the user name and password with huge profits, go to step S206,

S205、利用目标用户的最新验证失败时间,判断登录验证请求是否属于预设账户锁定时段之外,并在属于预设账户锁定时段之外时,确定目标用户具有登录验证资格。S205. Using the latest verification failure time of the target user, determine whether the login verification request is outside the preset account lockout period, and determine that the target user is qualified for login verification if it is outside the preset account lockout period.

在本实施例中,还可以在用户登录次数超过预设阈值之后,对用户账号进行锁定的操作。具体的,可以设置最后一次登录验证失败至下一次允许正常进行登录验证间隔时间作为账户锁定时段。具体的,该预设账户锁定时段的时长可以预先确定,也可以根据实际情况进行确定和调整,在此不做限定。In this embodiment, the user account may also be locked after the number of login times of the user exceeds a preset threshold. Specifically, the interval between the last failed login verification and the next normal login verification can be set as the account lockout period. Specifically, the length of the preset account locking period can be predetermined, or can be determined and adjusted according to actual conditions, which is not limited here.

利用目标用户的最新验证时间,可以确定当前获得到的登录验证请求的发起时间是否属于预设账户锁定时间之外,若在该预设账户锁定时段之外,则认为可以对目标用户发送的登录验证请求进行正常验证处理。如果登录验证请求的发起时间是否属于预设账户锁定时间之内,则认为目标用户发送的登录验证请求过于频繁,为了保障用户账号安全,可以不进行任何处理。Using the latest verification time of the target user, it can be determined whether the initiation time of the currently obtained login verification request is outside the preset account lockout time. If it is outside the preset account lockout time, the login sent by the target user is considered Authentication requests undergo normal authentication processing. If the initiation time of the login verification request is within the preset account lockout time, it is considered that the target user sends too frequent login verification requests, and no processing may be performed to ensure the security of the user account.

S206、确定目标用户具有登录验证资格。S206. Determine that the target user is qualified for login verification.

如果登录验证失败次数未超过预设阈值,即表明当前目标用户可能是因为输错密码等常规原因导致存在登录验证失败记录,暂时不存在暴利破解用户名密码的嫌疑。可以认为目标用户具有登录验证资格。If the number of login verification failures does not exceed the preset threshold, it indicates that the current target user may have a login verification failure record due to common reasons such as entering a wrong password, and there is no suspicion of cracking the username and password with huge profits for the time being. It can be considered that the target user is qualified for login verification.

S207、直接确定目标用户具有登录验证资格。S207. Directly determine that the target user is qualified for login verification.

S208、若目标用户具有登录验证资格,则利用预设数据库中的用户数据对登录验证请求进行处理。S208. If the target user is qualified for login verification, process the login verification request by using the user data in the preset database.

优选地,在对登录验证请求进行处理时,还可以针对用户登录验证失败记录文件进行修改和调整,以便更匹配实际应用需求。即,当登录验证失败时,则在用户登录验证失败记录文件中更新或添加目标用户的登录验证失败记录。和/或,当登录验证成功时,将目标用户的登录验证失败记录从用户登录验证失败记录文件中删除。Preferably, when the login verification request is processed, the user login verification failure record file can also be modified and adjusted so as to better match the actual application requirements. That is, when the login verification fails, the log-in verification failure record of the target user is updated or added in the user login verification failure record file. And/or, when the login verification is successful, the target user's login verification failure record is deleted from the user login verification failure record file.

也就是说,当对目标用户的登录验证请求进行验证成功之后,可以认为登录验证失败文件中关于目标用户的登录验证失败记录可能是目标输错用户名或密码等正常登录验证失败时,进行记录的。因此,在确定目标用户已成功验证之后,可以将其对应的登录验证失败记录从用户登录验证失败记录中删除,以便加快下一次该目标用户的登录验证处理流程。That is to say, after the target user's login verification request is successfully verified, it can be considered that the log-in verification failure record about the target user in the login verification failure file may be that the target user enters the wrong user name or password when the normal login verification fails, and records it. of. Therefore, after it is determined that the target user has been successfully authenticated, the corresponding login verification failure record may be deleted from the user login verification failure record, so as to speed up the next login verification processing flow of the target user.

当对目标用户的登录验证请求进行验证,且验证失败之后,此时,可以认为该目标用户存在暴力破解用户名和用户密码的嫌疑,因此需将此次登录验证失败记录。具体的,当用户登录验证失败文件中已记载有该目标用户的登录验证失败记录时,仅需将其中登录验证失败次数加1,并将最新登录验证时间更新为此次登录验证失败时间。当用户登录验证失败文件中未记载目标用户的登录验证失败记录时,则需为该目标用户创建登录验证失败记录。When the login verification request of the target user is verified and the verification fails, it can be considered that the target user is suspected of brute force cracking the user name and password, so the login verification failure needs to be recorded. Specifically, when the target user's failed login verification record has been recorded in the user login verification failure file, it is only necessary to add 1 to the number of failed login verifications in the file, and update the latest login verification time to the time of this login verification failure. When the failed login verification record of the target user is not recorded in the user login verification failure file, a login verification failure record needs to be created for the target user.

为了便于本领域技术人员更好的理解本发明实施例所提供的技术方案,下面结合具体的登录验证流程,对本发明实施例所提供的技术方案进行详细说明。In order to facilitate those skilled in the art to better understand the technical solution provided by the embodiment of the present invention, the technical solution provided by the embodiment of the present invention will be described in detail below in conjunction with a specific login verification process.

为了加强用户身份合法性的校验,越来越多的GUI软件对用户身份的合法性添加了鉴别失败处理功能。通过对尝试登录次数限制,频繁登录失败锁定账户并设置锁定时间对系统进行保护,防止非法用户暴力破解用户名密码,对系统造成破坏。In order to strengthen the verification of the validity of the user identity, more and more GUI software has added an authentication failure processing function for the validity of the user identity. The system is protected by limiting the number of login attempts, locking accounts for frequent login failures, and setting a lockout time to prevent illegal users from violently cracking usernames and passwords and causing damage to the system.

为实现此功能,现有的解决方案为:将用户在Web登录界面输入用户名密码,并将用户名,密码下发至逻辑处理层,逻辑处理层读取数据库中的用户名、密码、是否锁定、登录次数、上次登录失败时间等登录信息,并利用这些登录信息判断,根据判断结果决定用户进入系统首页还是在登录页提示对应错误信息。此功能需要在数据库用户信息表中增加上次登录失败时间,登录失败次数字段,同时此方案会频繁的进行数据库的查询,更新等操作,每次操作数据库需要将数据读入内存,CPU解析处理数据,处理完成,将结果返回到内存,由内存在写入数据库,频繁的进行数据处理会造成数据库性能下降,数据库性能较差时,则数据库查询,更新速度变慢,进而导致用户身份合法性校验变慢,影响用户体验。In order to realize this function, the existing solution is: the user enters the user name and password on the web login interface, and sends the user name and password to the logical processing layer, and the logical processing layer reads the user name, password, whether Login information such as lock, number of logins, last login failure time, etc., and use these login information to judge, and according to the judgment result, decide whether the user enters the system home page or prompts the corresponding error message on the login page. This function needs to add the last login failure time and login failure times fields in the database user information table. At the same time, this solution will frequently perform database query, update and other operations. Every time the database is operated, the data needs to be read into the memory and processed by the CPU. After the data is processed, the result is returned to the memory, and the memory is written into the database. Frequent data processing will cause the performance of the database to degrade. The verification becomes slower and affects the user experience.

数据库性能一般受制于物理服务器的硬件配置,硬件配置高,则数据库性能好,数据库操作很快返回校验结果,则用户体验佳;硬件配置较低,则会造成物理服务器无法响应前端请求,系统卡死的假象,极大的减弱用户体验。影响数据库性能的另一方面则是数据库中各数据表的大小,数据库表大的时候,将数据库表读入内存的速度变慢,一次只能读取部分表数据,若读入内存的表数据不包含检索的数据,还需将表的剩余数据装入内存检索,直到检索到数据。The performance of the database is generally limited by the hardware configuration of the physical server. If the hardware configuration is high, the database performance will be good, and the database operation will return the verification result quickly, and the user experience will be good; if the hardware configuration is low, the physical server will not be able to respond to front-end requests, and the system will The illusion of being stuck greatly weakens the user experience. Another aspect that affects database performance is the size of each data table in the database. When the database table is large, the speed of reading the database table into the memory becomes slower, and only part of the table data can be read at a time. If the table data in the memory is read The retrieved data is not included, and the remaining data of the table needs to be loaded into the memory for retrieval until the data is retrieved.

增大物理服务器硬件配置势必增加硬件成本,如果减少数据库大小,减少操作数据库次数,则能提升数据库性能,操作数据库时响应速度必定提高。Increasing the hardware configuration of the physical server will inevitably increase the hardware cost. If the size of the database is reduced and the number of operations on the database is reduced, the performance of the database can be improved, and the response speed when operating the database must be improved.

本发明实施例提供的技术方案即是在不增加硬件配置的情况下对数据库减负达到优化性能目的,进而提高鉴别用户处理效率。具体的,此本发明实施例提供的技术方案需要增加用户登录失败记录文件,用于保存用户登录失败记录结果,Web层将用户名,密码下发至逻辑处理层后,逻辑处理层检索用户登录失败文件,检索用户登录信息,若用户登录超过5次(当然,在本发明的其他实施例中还可以为其他数值)且据上次登录失败的时间不超过30分钟(当然,在本发明的其他实施例中还可以为其他时长),则直接拒绝用户登录,无需操作数据库。检索用户登录失败文件不操作数据库可完成瞬间响应。若上次登录时间和此次登录时间超过30分钟,则查询数据库获取用户名密码比对,如果通过校验则清除用户登录失败记录文件中用户信息。如此则减少了数据库的频繁操作,用户信息表中减少登录失败次数Error_time,上次登录失败时间Last_log_time字段,数据库表存储信息较少,数据库表载入内存则变快,检索数据效率变快。优化后的方案从减少数据库操作和在逻辑处理层先部分校验,两方面提升鉴别用户身份合法性处理效率。The technical solution provided by the embodiment of the present invention is to reduce the load on the database to achieve the purpose of optimizing performance without increasing the hardware configuration, thereby improving the processing efficiency of identifying users. Specifically, the technical solution provided by this embodiment of the present invention needs to add a user login failure record file to save the user login failure record result. After the Web layer sends the username and password to the logic processing layer, the logic processing layer retrieves the user login failure record file. Failure file, retrieve user login information, if the user has logged in more than 5 times (of course, in other embodiments of the present invention, it can also be other values) and the time of last login failure is not more than 30 minutes (of course, in the present invention In other embodiments, it can also be other durations), then the user is directly refused to log in without operating the database. Instant response can be achieved by retrieving user login failure files without operating the database. If the last login time and this login time exceed 30 minutes, query the database to obtain the user name and password comparison, and if it passes the verification, clear the user information in the user login failure record file. In this way, the frequent operation of the database is reduced, the number of login failures Error_time and the Last_log_time field of the last login failure time are reduced in the user information table, the database table stores less information, the database table loads into memory faster, and the retrieval data efficiency becomes faster. The optimized solution improves the processing efficiency of identifying the legitimacy of user identities by reducing database operations and performing partial verification at the logic processing layer.

其具体处理流程请请参考图3,图3为本发明实施例中一种登录验证方法的具体应用流程示意图。Please refer to FIG. 3 for its specific processing flow. FIG. 3 is a schematic diagram of a specific application flow of a login verification method in an embodiment of the present invention.

S1、在浏览器中输入Web系统地址,进入系统登录页面;S1. Enter the web system address in the browser to enter the system login page;

S2、用户输入用户名密码,并将用户名密码下发至逻辑处理层;S2. The user enters the user name and password, and sends the user name and password to the logical processing layer;

S3、逻辑处理层读取用户登录失败记录文件;S3, the logical processing layer reads the user login failure record file;

S4、查找登录失败记录文件中是否存在登录用户信息(如当前请求登录的用户的用户名),不存在进行步骤S5,存在进行步骤S9;S4, find whether there is login user information (as the user name of the user who currently requests to log in) in the log-in failure record file, if there is no step S5, and if there is step S9;

S5、逻辑处理层查询用户名密码,并和Web层的用户名密码比较;S5, the logical processing layer queries the username and password, and compares it with the username and password of the Web layer;

具体的,逻辑处理层查询用户名密码为数据库中的用户名密码。Specifically, the logic processing layer queries the user name and password as the user name and password in the database.

S6、Web层用户名密码验证是否通过;S6, whether the verification of the username and password of the Web layer is passed;

通过验证后进入步骤S7,否则进入步骤S8;Go to step S7 after passing the verification, otherwise go to step S8;

S7、在系统首页完成登录;S7, complete the login on the system homepage;

S8、以User_ErrorTime_Last_log_time格式记录登录用户信息;S8. Record the login user information in the format of User_ErrorTime_Last_log_time;

S9、检索用户登录验证失败记录文件,获得用户的Error_time和Last_log_time;S9. Retrieve the user login verification failure record file, and obtain the user's Error_time and Last_log_time;

S10、判断Error_time是否大于等于5;S10, judging whether Error_time is greater than or equal to 5;

如果是,则进入步骤S11,如果否,则进入步骤S13;If yes, then enter step S11, if no, then enter step S13;

S11、当前时间和上次登录失败时间做差,时间是否大于30分钟;S11. The difference between the current time and the last login failure time, whether the time is greater than 30 minutes;

如果是,则进入步骤S20;如果否,则进入步骤S12;If yes, then enter step S20; if no, then enter step S12;

S12、在登录页提示用户,账户已经锁定,禁止登录;S12. Prompt the user on the login page that the account has been locked and login is prohibited;

S13、逻辑处理层查询数据库的用户名,密码,并验证;S13, the logic processing layer queries the user name and password of the database, and verifies;

S14、判断验证是否通过;S14, judging whether the verification is passed;

如果是,进入步骤S15;如果否,则进入步骤S17;If yes, enter step S15; if no, enter step S17;

S15、在系统首页完成登录;S15. Complete the login on the system home page;

S16、删除用户登录失败记录文件Login_error_record文件中的用户信息;S16, delete the user information in the user login failure record file Login_error_record file;

S17、修改Login_error_record文件中的用户信息,ErrorTime加1,Last_log_time更新问Current_time;S17. Modify the user information in the Login_error_record file, add 1 to ErrorTime, update Last_log_time to Current_time;

S18、查询数据库获取用户名密码,并和Web层的用户名,密码比较;S18, query the database to obtain the user name and password, and compare with the user name and password of the Web layer;

如果验证通过,则进入步骤S15;如果验证失败,则进入步骤S19;If the verification is passed, then enter step S15; if the verification fails, then enter step S19;

S19、修改Login_error_record文件中的用户信息,Error_time加1,Last_log_time更新为Current_time。S19. Modify the user information in the Login_error_record file, add 1 to Error_time, and update Last_log_time to Current_time.

相应于上面的方法实施例,本发明实施例还提供了一种登录验证装置,下文描述的登录验证装置与上文描述的登录验证方法可相互对应参照。Corresponding to the above method embodiments, an embodiment of the present invention also provides a login verification device, and the login verification device described below and the login verification method described above can be referred to in correspondence.

参见图4所示,该装置包括以下模块:Referring to shown in Figure 4, the device includes the following modules:

文件读取模块101,用于当获取到目标用户发送的登录验证请求时,读取指定配置文件目录下的用户登录验证失败记录文件;The file reading module 101 is used to read the user login verification failure record file under the specified configuration file directory when the login verification request sent by the target user is obtained;

登录验证失败记录查找判断模块102,用于查找并判断目标用户登录验证失败记录文件中是否已记载目标用户的登录验证失败记录;Login verification failure record search judgment module 102, for searching and judging whether the login verification failure record of the target user has been recorded in the target user login verification failure record file;

登录验证资格确定模块103,用于若目标用户登录验证失败记录文件中已记载目标用户的登录验证失败记录,则利用预设条件,确定目标用户是否具有登录验证资格;若用户登录验证失败记录文件中未记载目标用户的登录验证失败记录,则直接确定目标用户具有登录验证资格;Login verification qualification determination module 103, for if the log-in verification failure record of the target user has been recorded in the target user login verification failure record file, then utilize preset conditions to determine whether the target user has login verification qualification; if the user login verification failure record file If the login verification failure record of the target user is not recorded in , it is directly determined that the target user has the login verification qualification;

登录验证请求处理模块104,用于若目标用户具有登录验证资格,则利用预设数据库中的用户数据对登录验证请求进行处理;其中,用户数据包括合法用户的登录验证信息。The login verification request processing module 104 is configured to use user data in a preset database to process the login verification request if the target user has the login verification qualification; wherein, the user data includes login verification information of legal users.

应用本发明实施例所提供的装置,当获取到目标用户发送的登录验证请求时,读取指定配置文件目录下的用户登录验证失败记录文件;查找并判断目标用户登录验证失败记录文件中是否已记载目标用户的登录验证失败记录;如果已记载,则利用预设条件,确定目标用户是否具有登录验证资格;如果未记载,则直接确定目标用户具有登录验证资格;若目标用户具有登录验证资格,则利用预设数据库中的用户数据对登录验证请求进行处理;其中,用户数据包括合法用户的登录验证信息。在对登录验证请求进行处理之前,先利用指定配置文件目录下的用户登录验证失败记录文件,确定出目标用户是否具有登录验证资格。仅当其具有登录验证资格时,利用预设数据库对目标用户的登录验证请求进行处理。也就是说,在利用用户登录验证失败文件解决非法用户暴力破解用户名密码问题的同时,还可减少对数据库的访问次数。提高对合法用户的验证效率,提升用户体验。Apply the device provided by the embodiment of the present invention, when the login verification request sent by the target user is obtained, read the user login verification failure record file under the specified configuration file directory; find and judge whether the target user login verification failure record file has Record the login verification failure record of the target user; if it has been recorded, use the preset conditions to determine whether the target user has the login verification qualification; if it is not recorded, directly determine that the target user has the login verification qualification; if the target user has the login verification qualification, Then use the user data in the preset database to process the login verification request; wherein, the user data includes the login verification information of the legal user. Before processing the login verification request, first use the user login verification failure record file under the specified configuration file directory to determine whether the target user has the login verification qualification. Only when the target user is qualified for login verification, the target user's login verification request is processed using a preset database. That is to say, while using the user login verification failure file to solve the problem of illegal users violently cracking the username and password, it can also reduce the number of visits to the database. Improve the verification efficiency of legitimate users and improve user experience.

在本发明的一种具体实施方式中,还包括:In a specific embodiment of the present invention, it also includes:

用户登录验证失败记录文件导入模块,用于在读取指定配置文件目录下的用户登录验证失败记录文件之前,将用户登录验证失败记录文件导入到指定配置文件目录下;其中,用户登录验证记录文件中记载了登录验证失败用户的登录验证失败次数、最新验证失败时间。The user login verification failure record file import module is used to import the user login verification failure record file into the specified configuration file directory before reading the user login verification failure record file under the specified configuration file directory; wherein, the user login verification record file Records the number of login authentication failures and the latest authentication failure time of the user whose login authentication failed.

在本发明的一种具体实施方式中,登录验证请求处理模块104,具体用于当登录验证失败时,则在用户登录验证失败记录文件中更新或添加目标用户的登录验证失败记录。In a specific embodiment of the present invention, the login verification request processing module 104 is specifically configured to update or add the target user's login verification failure record in the user login verification failure record file when the login verification fails.

在本发明的一种具体实施方式中,登录验证请求处理模块104,具体用于In a specific implementation manner of the present invention, the login verification request processing module 104 is specifically used to

当登录验证成功时,将目标用户的登录验证失败记录从用户登录验证失败记录文件中删除。When the login verification succeeds, the target user's login verification failure record is deleted from the user login verification failure record file.

在本发明的一种具体实施方式中,登录验证资格确定模块103,包括:In a specific implementation manner of the present invention, the login verification qualification determination module 103 includes:

登录验证失败次数判断单元,用于读取目标用户的登录验证失败次数,并判断登录验证失败次数是否超过预设阈值;The failed login verification times judging unit is used to read the failed login verification times of the target user, and judge whether the failed login verification times exceed a preset threshold;

账户锁定判断单元,用于如果目标用户的登录验证失败次数超过预设阈值,则利用目标用户的最新验证失败时间,判断登录验证请求是否属于预设账户锁定时段之外,并在属于预设账户锁定时段之外时,确定目标用户具有登录验证资格;The account lock judging unit is used to determine whether the login verification request is outside the preset account lock period by using the latest verification failure time of the target user if the number of failed login verifications of the target user exceeds the preset threshold, and if it belongs to the preset account When the lockout period is outside, determine that the target user is qualified for login verification;

登录验证资格确定单元,用于目标用户的登录验证失败次数未超过预设阈值,则确定目标用户具有登录验证资格。The login verification qualification determination unit is configured to determine that the target user has the login verification qualification if the number of failed login verifications of the target user does not exceed a preset threshold.

相应于上面的方法实施例,本发明实施例还提供了一种登录验证设备,下文描述的一种登录验证设备与上文描述的一种登录验证方法可相互对应参照。Corresponding to the above method embodiment, the embodiment of the present invention also provides a login verification device, and a login verification device described below and a login verification method described above can be referred to in correspondence.

参见图5所示,该登录验证设备包括:As shown in Figure 5, the login verification device includes:

存储器D1,用于存储计算机程序;memory D1 for storing computer programs;

处理器D2,用于执行计算机程序时实现上述方法实施例的登录验证方法的步骤。The processor D2 is configured to implement the steps of the login verification method in the above method embodiment when executing the computer program.

相应于上面的方法实施例,本发明实施例还提供了一种可读存储介质,下文描述的一种可读存储介质与上文描述的一种登录验证方法可相互对应参照。Corresponding to the above method embodiment, the embodiment of the present invention also provides a readable storage medium, and a readable storage medium described below and a login verification method described above can be referred to in correspondence.

一种可读存储介质,可读存储介质上存储有计算机程序,计算机程序被处理器执行时实现上述方法实施例的登录验证方法的步骤。A readable storage medium. A computer program is stored on the readable storage medium. When the computer program is executed by a processor, the steps of the login verification method in the above method embodiment are implemented.

该计算机可读存储介质具体可以为U盘、移动硬盘、只读存储器(Read-OnlyMemory,ROM)、随机存取存储器(Random Access Memory,RAM)、磁碟或者光盘等各种可存储程序代码的可读存储介质。The computer-readable storage medium may specifically be a USB flash drive, a mobile hard disk, a read-only memory (Read-Only Memory, ROM), a random access memory (Random Access Memory, RAM), a magnetic disk or an optical disk, and other various storage devices that can store program codes. readable storage media.

本说明书中各个实施例采用递进的方式描述,每个实施例重点说明的都是与其它实施例的不同之处,各个实施例之间相同或相似部分互相参见即可。对于实施例公开的装置而言,由于其与实施例公开的方法相对应,所以描述的比较简单,相关之处参见方法部分说明即可。Each embodiment in this specification is described in a progressive manner, each embodiment focuses on the difference from other embodiments, and the same or similar parts of each embodiment can be referred to each other. As for the device disclosed in the embodiment, since it corresponds to the method disclosed in the embodiment, the description is relatively simple, and for the related information, please refer to the description of the method part.

专业人员还可以进一步意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,能够以电子硬件、计算机软件或者二者的结合来实现,为了清楚地说明硬件和软件的可互换性,在上述说明中已经按照功能一般性地描述了各示例的组成及步骤。这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但这种实现不应认为超出本发明的范围。Professionals can further realize that the units and algorithm steps of the examples described in conjunction with the embodiments disclosed herein can be implemented by electronic hardware, computer software or a combination of the two. In order to clearly illustrate the possible For interchangeability, in the above description, the composition and steps of each example have been generally described according to their functions. Whether these functions are executed by hardware or software depends on the specific application and design constraints of the technical solution. Those skilled in the art may use different methods to implement the described functions for each specific application, but such implementation should not be regarded as exceeding the scope of the present invention.

结合本文中所公开的实施例描述的方法或算法的步骤可以直接用硬件、处理器执行的软件模块,或者二者的结合来实施。软件模块可以置于随机存储器(RAM)、内存、只读存储器(ROM)、电可编程ROM、电可擦除可编程ROM、寄存器、硬盘、可移动磁盘、CD-ROM、或技术领域内所公知的任意其它形式的存储介质中。The steps of the methods or algorithms described in connection with the embodiments disclosed herein may be directly implemented by hardware, software modules executed by a processor, or a combination of both. Software modules can be placed in random access memory (RAM), internal memory, read-only memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, removable disk, CD-ROM, or any other Any other known storage medium.

本文中应用了具体个例对本发明的原理及实施方式进行了阐述,以上实施例的说明只是用于帮助理解本发明的技术方案及其核心思想。应当指出,对于本技术领域的普通技术人员来说,在不脱离本发明原理的前提下,还可对本发明进行若干改进和修饰,这些改进和修饰也落入本发明权利要求保护范围内。In this paper, specific examples are used to illustrate the principles and implementation methods of the present invention, and the descriptions of the above embodiments are only used to help understand the technical solutions and core ideas of the present invention. It should be pointed out that for those skilled in the art, without departing from the principles of the present invention, some improvements and modifications can also be made to the present invention, and these improvements and modifications also fall within the protection scope of the claims of the present invention.

Claims (10)

1. a kind of login validation method, which is characterized in that including:
When getting the login authentication request of target user's transmission, the user login validation under specified configuration file directory is read Failure record file;
Search and judge whether to have recorded in target user's login authentication failure record file the login of the target user Authentication failed records;
If recorded, preset condition is utilized, determines whether the target user has login authentication qualification;
If do not recorded, directly determine that the target user has the login authentication qualification;
If the target user has the login authentication qualification, using the user data in presetting database to the login Checking request is handled;Wherein, the user data includes the login authentication information of validated user.
2. login validation method according to claim 1, which is characterized in that under the reading specified configuration file directory User login validation failure record file before, further include:
User login validation failure record file is imported under specified configuration file directory;Wherein, the user login validation The login authentication frequency of failure of login authentication failure user, newest authentication failed time have been recorded in record file.
3. login validation method according to claim 2, which is characterized in that it is described to utilize preset condition, determine the mesh Mark whether user has login authentication qualification, including:
The login authentication frequency of failure of the target user is read, and judges whether the login authentication frequency of failure is more than default Threshold value;
If it does, then utilizing the newest authentication failed time of the target user, judge whether the login authentication request belongs to It is locked except the period in default account, and when belonging to except the default account locking period, determines target user's tool There is login authentication qualification;
If be less than, it is determined that the target user has login authentication qualification.
4. login validation method according to any one of claims 1 to 3, which is characterized in that described to utilize presetting database In user data to the login authentication request handle, including:
When login authentication fails, then the target user is updated or added in the user login validation failure record file Login authentication failure record.
5. login validation method according to any one of claims 1 to 3, which is characterized in that described to utilize presetting database In user data to the login authentication request handle, including:
When login authentication success, the login authentication failure record of the target user is unsuccessfully remembered from the user login validation It is deleted in record file.
6. a kind of login authentication device, which is characterized in that including:
File read module, for when getting the login authentication request of target user's transmission, reading specified configuration file mesh User login validation failure record file under record;
Login authentication failure record searches judgment module, for searching and judging target user's login authentication failure record text Whether the login authentication failure record of the target user has been recorded in part;
Login authentication qualification determining module, if for having recorded the mesh in target user's login authentication failure record file The login authentication failure record of user is marked, then utilizes preset condition, determines whether the target user has login authentication qualification; If not recording the login authentication failure record of the target user in the user login validation failure record file, directly really The fixed target user has the login authentication qualification;
Login authentication request processing module utilizes present count if having the login authentication qualification for the target user Login authentication request is handled according to the user data in library;Wherein, the user data includes stepping on for validated user Record verification information.
7. login authentication device according to claim 6, which is characterized in that further include:
User login validation failure record file import modul is stepped on for the user under the reading specified configuration file directory Before recording authentication failed record file, user login validation failure record file is imported under specified configuration file directory;Its In, the login authentication frequency of failure of login authentication failure user has been recorded in user login validation record file, newest has been tested Demonstrate,prove Time To Failure.
8. the login authentication device described according to claim 6 or 7, which is characterized in that login authentication request processing module, specifically For when login authentication fails, then the target user being updated or adding in the user login validation failure record file Login authentication failure record.
9. a kind of login authentication equipment, which is characterized in that including:
Memory, for storing computer program;
Processor, realizing the login validation method as described in any one of claim 1 to 5 when for executing the computer program Step.
10. a kind of readable storage medium storing program for executing, which is characterized in that be stored with computer program, the meter on the readable storage medium storing program for executing It is realized when calculation machine program is executed by processor as described in any one of claim 1 to 5 the step of login validation method.
CN201810550572.5A 2018-05-31 2018-05-31 A kind of login validation method, device, equipment and readable storage medium storing program for executing Withdrawn CN108763889A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810550572.5A CN108763889A (en) 2018-05-31 2018-05-31 A kind of login validation method, device, equipment and readable storage medium storing program for executing

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810550572.5A CN108763889A (en) 2018-05-31 2018-05-31 A kind of login validation method, device, equipment and readable storage medium storing program for executing

Publications (1)

Publication Number Publication Date
CN108763889A true CN108763889A (en) 2018-11-06

Family

ID=64001499

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810550572.5A Withdrawn CN108763889A (en) 2018-05-31 2018-05-31 A kind of login validation method, device, equipment and readable storage medium storing program for executing

Country Status (1)

Country Link
CN (1) CN108763889A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112202730A (en) * 2020-09-11 2021-01-08 苏州浪潮智能科技有限公司 Access control method, system, terminal and storage medium based on blacklist
CN112836241A (en) * 2021-03-08 2021-05-25 珠海格力电器股份有限公司 Power-on password anti-cracking method and air conditioner
CN112861120A (en) * 2019-11-27 2021-05-28 深信服科技股份有限公司 Identification method, device and storage medium
CN113114693A (en) * 2021-04-16 2021-07-13 北京天空卫士网络安全技术有限公司 Account state display method and device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1917484A (en) * 2006-09-13 2007-02-21 阿里巴巴公司 Method of fast access of instant communicating system and system thereof
US20150007278A1 (en) * 2013-06-28 2015-01-01 Business Objects Software Ltd. Authentication for single page web interfaces
CN105335470A (en) * 2015-09-29 2016-02-17 北京奇虎科技有限公司 Method and device for showing user login information
CN105897670A (en) * 2015-11-13 2016-08-24 乐视云计算有限公司 Website user login authentication method and system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1917484A (en) * 2006-09-13 2007-02-21 阿里巴巴公司 Method of fast access of instant communicating system and system thereof
US20150007278A1 (en) * 2013-06-28 2015-01-01 Business Objects Software Ltd. Authentication for single page web interfaces
CN105335470A (en) * 2015-09-29 2016-02-17 北京奇虎科技有限公司 Method and device for showing user login information
CN105897670A (en) * 2015-11-13 2016-08-24 乐视云计算有限公司 Website user login authentication method and system

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112861120A (en) * 2019-11-27 2021-05-28 深信服科技股份有限公司 Identification method, device and storage medium
CN112202730A (en) * 2020-09-11 2021-01-08 苏州浪潮智能科技有限公司 Access control method, system, terminal and storage medium based on blacklist
CN112202730B (en) * 2020-09-11 2022-05-13 苏州浪潮智能科技有限公司 A blacklist-based access control method, system, terminal and storage medium
CN112836241A (en) * 2021-03-08 2021-05-25 珠海格力电器股份有限公司 Power-on password anti-cracking method and air conditioner
CN113114693A (en) * 2021-04-16 2021-07-13 北京天空卫士网络安全技术有限公司 Account state display method and device

Similar Documents

Publication Publication Date Title
US9491182B2 (en) Methods and systems for secure internet access and services
CN107480555B (en) Database access authority control method and device based on block chain
US7849320B2 (en) Method and system for establishing a consistent password policy
US9112828B2 (en) Method for defending against session hijacking attacks and firewall
CN102098158B (en) Cross-domain name single sign on and off method and system as well as corresponding equipment
CN104917716B (en) Page security management method and device
CN108763889A (en) A kind of login validation method, device, equipment and readable storage medium storing program for executing
CN110690972B (en) Token authentication method and device, electronic equipment and storage medium
CN111431753A (en) Asset information updating method, device, equipment and storage medium
CN108632241B (en) Unified login method and device for multiple application systems
US10362055B2 (en) System and methods for active brute force attack protection
CN106487744A (en) A kind of Shiro verification method based on Redis storage
WO2019144548A1 (en) Security test method, apparatus, computer device and storage medium
CN105022939A (en) Information verification method and device
CN112685718A (en) Method for invalidating original access token during multi-terminal login of same account based on OAuth protocol
CN114404998A (en) Account abnormity verification method, account abnormity verification device, client and computer readable storage medium
CN106878335A (en) A kind of method and system for login authentication
CN111090882B (en) Operation control method, device and equipment for redis database
CN103067376B (en) A kind of SQL injection attacks means of defences based on internal memory
CN112464225B (en) Request processing method, request processing device and computer readable storage medium
CN116975839A (en) Resource sharing method, equipment and medium based on STRUTS2 component
CN114640536A (en) Data access monitoring method
CN107689964B (en) Method for preventing replay attack of embedded WEB server
CN104113514A (en) Information safety processing method and device
CN116248365B (en) A protection method and device for website access

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication

Application publication date: 20181106

WW01 Invention patent application withdrawn after publication