CN112214743A - Method, device, equipment and storage medium for simulating account login - Google Patents
Method, device, equipment and storage medium for simulating account login Download PDFInfo
- Publication number
- CN112214743A CN112214743A CN202011137356.1A CN202011137356A CN112214743A CN 112214743 A CN112214743 A CN 112214743A CN 202011137356 A CN202011137356 A CN 202011137356A CN 112214743 A CN112214743 A CN 112214743A
- Authority
- CN
- China
- Prior art keywords
- account
- information
- login
- identity
- target
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Information Transfer Between Computers (AREA)
Abstract
本申请提供一种模拟账户登录的方法、装置、设备及存储介质,涉及计算机技术领域,用以提升模拟账户登录时的账户安全。该方法包括:服务管理设备接收终端发送的目标请求后,若确定目标请求中包含目标身份转换信息,则基于目标身份转换信息获得第一账户的登录态标识;将登录态标识添加到目标请求后发送给第一网站,使终端基于登录态标识通过第一账户的身份信息登录第一网站;目标身份转换信息包含第一账户的身份信息和第二账户的身份信息,登录态标识基于第一账户的身份信息确定。该方法中在无需获知第一账户的登录账户和登录密码的情况下,通过第一账户的身份信息登录第一网站,提升了模拟第一账户登录时第一账户的账户登录信息的安全程度。
The present application provides a method, device, device and storage medium for logging in with a simulated account, which relate to the field of computer technology and are used to improve account security when logging in with a simulated account. The method includes: after the service management device receives the target request sent by the terminal, if it is determined that the target request contains target identity conversion information, obtaining a login status identifier of the first account based on the target identity conversion information; adding the login status identifier to the target request Sent to the first website, so that the terminal can log in to the first website through the identity information of the first account based on the logon state identifier; the target identity conversion information includes the identity information of the first account and the identity information of the second account, and the logon state identifier is based on the first account. identification information. In this method, without knowing the login account and login password of the first account, the first website is logged in through the identity information of the first account, which improves the security of the account login information of the first account when simulating the login of the first account.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a method, an apparatus, a device, and a storage medium for simulating account login.
Background
In some scenarios, a user needs to simulate another user to log in a corresponding website to enable the user to complete some operations through the website with the identity of the other user, but in related technologies, a user often directly requests account login information such as a login account and a login password of the other user, and then an account logs in the website by using the account login information of the other account, but in the process, the account login information of the other user is known by the user, and the account of the other user has a great security risk, so how to reduce the account security risk caused by simulating account login is a problem to be considered.
Disclosure of Invention
The embodiment of the application provides a method, a device, equipment and a storage medium for simulating account login, which are used for improving the account security degree.
In a first aspect of the present application, a method for simulating account login is provided, including:
receiving a target request sent by a terminal and used for logging in a first website;
if the target request is determined to contain target identity conversion information, acquiring a login state identifier of a first account based on the target identity conversion information; the target identity conversion information comprises identity information of a first account and identity information of a second account, the target identity conversion information is used for indicating the second account to request to log in the first website through the identity information of the first account, and the login state identification is determined based on the identity information of the first account;
adding the login state identification to the target request;
and sending a target request for adding the login state identification to the first website, so that the terminal logs in the first website through the identity information of the first account based on the login state identification.
In a possible implementation manner, after receiving the target request for logging in the first website sent by the terminal, the method further includes:
if it is determined that the target request does not contain target identity conversion information and does not contain the login state identification of the first account, second prompt information is sent to the terminal, and the terminal loads a login page of the first website based on the second prompt information;
if it is determined that the target request does not contain target identity conversion information and the target request contains the login state identification of the first account, the target request is sent to the first website, and the terminal is enabled to log in the first website through the identity information of the first account based on the login state identification of the first account.
In a second aspect of the present application, a method for simulating account login is provided, including:
receiving a login skip request sent by a terminal, wherein the login skip request carries identity information of a first account and is triggered by a simulated login instruction of a second account;
determining identity information of a second account triggering the login skip request;
generating identity conversion information containing identity information of the first account and identity information of the second account, wherein the identity conversion information is used for indicating the second account to request to log in the first website with the identity information of the first account;
and returning login indication information containing the identity conversion information to the terminal so that the terminal sends a target request containing the identity conversion information, wherein the target request is used for enabling the terminal to login the first website through the identity information of the first account.
In one possible implementation, the method further includes: and storing the identity conversion information into a preset identity conversion information base so that after receiving the target request, the service management equipment determines whether to send first prompt information to the terminal according to the identity conversion information, wherein the first prompt information is used for indicating that the target request is abnormal.
In a third aspect of the present application, a method for simulating account login is provided, including:
responding to a simulated login instruction of a second account, and sending a login skip request to a target website, wherein the login skip request carries identity information of a first account, and the target website is a first website registered by the first account or a second website except the first website;
receiving login indication information returned by the target website based on the login skip request;
determining identity conversion information contained in the login indication information as target identity conversion information; the identity conversion information comprises identity information of the first account and identity information of the second account, and the identity conversion information is used for indicating the second account to request to log in the first website with the identity information of the first account;
and sending a target request containing the target identity conversion information to service management equipment so as to log in the first website through the identity information of the first account based on the target identity conversion information.
In a possible implementation manner, the simulated login instruction is triggered by a target jump object corresponding to the first account, and the target jump object indicates that the first website is requested to be logged in through the identity information of the first account.
In a fourth aspect of the present application, there is provided an apparatus for simulating account login, including:
the request receiving unit is used for receiving a target request which is sent by a terminal and used for logging in a first website;
the first processing unit is used for obtaining a login state identifier of a first account based on the target identity conversion information if the target request is determined to contain the target identity conversion information; the target identity conversion information comprises identity information of a first account and identity information of a second account, the target identity conversion information is used for indicating the second account to request to log in the first website through the identity information of the first account, and the login state identification is determined based on the identity information of the first account;
the second processing unit is used for adding the login state identification into the target request;
and the request sending unit is used for sending a target request for adding the login state identifier to the first website, so that the terminal logs in the first website through the identity information of the first account based on the login state identifier.
In a possible implementation manner, the first processing unit is specifically configured to:
acquiring a mapping relation between preset identity conversion information and a login state identifier;
if a login state identifier corresponding to the target identity conversion information is recorded in the mapping relation, acquiring the login state identifier;
if the mapping relation does not record the login state identification corresponding to the target identity conversion information, generating a corresponding login state identification based on the identity information of the first account contained in the target identity conversion information, and creating and storing the mapping relation between the target identity conversion information and the generated login state identification.
In one possible implementation manner, the first processing unit is further configured to:
after the target request is determined to contain target identity conversion information, before a login state identifier of a first account is obtained based on the target identity conversion information, a preset identity conversion information base is accessed through a target interface;
if the identity conversion information matched with the target identity conversion information is not stored in the identity conversion information base, first prompt information is sent to the terminal, and the first prompt information is used for indicating that the target request is abnormal; the identity conversion information matched with the target identity conversion information is used for indicating the second account to request to log in the first website by using the identity information of the first account.
In a possible implementation manner, the request receiving unit is further configured to:
if it is determined that the target request does not contain target identity conversion information and does not contain the login state identification of the first account, second prompt information is sent to the terminal, and the terminal loads a login page of the first website based on the second prompt information;
if it is determined that the target request does not contain target identity conversion information and the target request contains the login state identification of the first account, the target request is sent to the first website, and the terminal is enabled to log in the first website through the identity information of the first account based on the login state identification of the first account.
In a fifth aspect of the present application, there is provided an apparatus for simulating account login, including:
the terminal comprises a request receiving unit, a login skip unit and a log-in processing unit, wherein the request receiving unit is used for receiving a login skip request sent by the terminal, the login skip request carries identity information of a first account, and the login skip request is triggered by a simulated login instruction of a second account;
the first processing unit is used for determining the identity information of the second account triggering the login skip request;
the second processing unit is used for generating identity conversion information containing the identity information of the first account and the identity information of the second account, and the identity conversion information is used for indicating the second account to request to log in the first website by the identity information of the first account;
and the information sending unit is used for returning login indication information containing the identity conversion information to the terminal so as to enable the terminal to send a target request containing the identity conversion information, wherein the target request is used for enabling the terminal to log in the first website through the identity information of the first account.
In one possible implementation manner, the second processing unit is further configured to:
and storing the identity conversion information into a preset identity conversion information base so that after receiving the target request, the service management equipment determines whether to send first prompt information to the terminal according to the identity conversion information, wherein the first prompt information is used for indicating that the target request is abnormal.
In a possible implementation manner, the apparatus is applied to an account registered by a second website other than the first website, the login skip request is sent after the terminal logs in the second website through the second account, and the login indication information is used for enabling the terminal to open the first website and send the target request after the first website is opened.
In a sixth aspect of the present application, there is provided an apparatus for simulating account login, including:
the request sending unit is used for responding to a simulated login instruction of a second account and sending a login skip request to a target website, wherein the login skip request carries identity information of a first account, and the target website is a first website registered by the first account or a second website except the first website;
an information receiving unit, configured to receive login indication information returned by the target website based on the login skip request;
the first processing unit is used for determining the identity conversion information contained in the login indication information as target identity conversion information; the identity conversion information comprises identity information of the first account and identity information of the second account, and the identity conversion information is used for indicating the second account to request to log in the first website with the identity information of the first account;
and the second processing unit is used for sending a target request containing the target identity conversion information to service management equipment so as to log in the first website through the identity information of the first account based on the target identity conversion information.
In a possible implementation manner, the target website is the second website, and the simulated login instruction is triggered after the terminal logs in the second website through the second account; the information receiving unit is further configured to:
and after receiving login indication information returned by the target website based on the login skip request and before sending a target request containing the target identity conversion information to service management equipment, opening the first website based on the login indication information.
In a possible implementation manner, the simulated login instruction is triggered by a target jump object corresponding to the first account, and the target jump object indicates that the first website is requested to be logged in through the identity information of the first account.
In a seventh aspect of the present application, there is provided a computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor executes the program to implement the method of the first aspect and any one of the possible embodiments.
In an eighth aspect of the present application, there is provided a computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor executes the program to implement the method of the second aspect and any of the possible embodiments.
In a ninth aspect of the present application, there is provided a computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the method of the third aspect and any one of the possible embodiments when executing the program.
In a tenth aspect of the present application, a computer program product is provided that includes computer instructions stored in a computer readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions to cause the computer device to perform the methods provided in the various possible implementations of the first aspect, the second aspect, or the third aspect described above.
In an eleventh aspect of the present application, there is provided a computer readable storage medium having stored thereon computer instructions which, when run on a computer, cause the computer to perform the method of any of the first, second or third aspects.
Due to the adoption of the technical scheme, the embodiment of the application has at least the following technical effects:
according to the method and the device, after the service management device determines that the target request is a second account request to log in the first website through the identity information of the first account according to the target identity conversion information, the login state identification of the first account is directly and automatically acquired, the acquired login state identification is added to the target request and then is sent to the first website, so that the terminal logs in the first website through the identity information of the first account based on the login state identification information without acquiring the login password of the first account, the simulated login of the second account through the identity information of the first account to the first website is realized under the condition that the login account and the login password of the first account are not acquired, and the safety degree of the account login information of the first account is further improved.
Drawings
Fig. 1 is a schematic diagram of an application scenario provided in an embodiment of the present application;
fig. 2 is a schematic diagram of another application scenario provided in the embodiment of the present application;
FIG. 3 is a schematic diagram illustrating a process of simulating account login according to an embodiment of the present disclosure;
FIG. 4 is a diagram of an example of a first account query page of a target website according to an embodiment of the present application;
FIG. 5 is a diagram illustrating an example of a first account query page of a target website according to an embodiment of the present application;
FIG. 6 is a schematic diagram illustrating a process of simulating account login according to an embodiment of the present disclosure;
FIG. 7 is a schematic diagram illustrating a process for simulating account login according to an embodiment of the present disclosure;
fig. 8 is a schematic diagram of a process of simulating account login of a service management device according to an embodiment of the present application;
FIG. 9 is a schematic diagram illustrating a simulated account login provided in an embodiment of the present application;
FIG. 10 is a diagram illustrating an example of a peer-to-peer interaction process provided by an embodiment of the present application;
fig. 11 is a schematic diagram of a peer-to-peer interaction process provided in an embodiment of the present application;
FIG. 12 is a schematic diagram illustrating a simulated account login provided in an embodiment of the present application;
fig. 13 is a schematic diagram of a peer-to-peer interaction process provided in an embodiment of the present application;
FIG. 14 is a schematic diagram of a peer-to-peer interaction process provided by an embodiment of the present application;
FIG. 15 is a diagram illustrating an example of a structure of a device for simulating account login according to an embodiment of the present application;
FIG. 16 is a diagram illustrating an exemplary structure of an apparatus for simulating account login according to an embodiment of the present disclosure;
FIG. 17 is a diagram illustrating an exemplary structure of an apparatus for simulating account login according to an embodiment of the present disclosure;
fig. 18 is a diagram illustrating a structure of a terminal according to an embodiment of the present application;
fig. 19 is a diagram illustrating a structure of a computer device according to an embodiment of the present application.
Detailed Description
In order to better understand the technical solutions provided by the embodiments of the present application, the following detailed description is made with reference to the drawings and specific embodiments.
In order to facilitate those skilled in the art to better understand the technical solutions of the present application, the following description refers to the technical terms of the present application.
The first account and the second account are as follows: in the embodiment of the application, the first account is an account which is simulated to log in, and the first account is an account which is registered in the first website; the second account is an account for requesting to log in the first website by using the identity information of the first account; the second account may be an account that has been registered at the first website and is different from the first account, and the second account may also be an account that has been registered at the second website.
The first website and the second website: the first website in the embodiment of the application is a website for providing services for the first account, and the services may include, but are not limited to, at least one of viewing information, electronic shopping, games, social contact, content sharing, live broadcasting and the like; the first website can use the service management equipment as a unified entrance of all dynamic requests; the second website is a website other than the first website, and the second website may be, but is not limited to, a website for managing the first website, that is, the second website may be a background management system of the first website; if the first website provides banking services, the second account can be an account of a bank worker, and the bank worker can inquire the bank flow information of the first account through the second website; when the first website provides communication service, the second account can be a communication customer service person, and the communication customer service person can inquire the mobile phone call record of the first account through the second website; when the first website provides traffic services (such as aviation, high-speed rail or automobile services and the like), the second account can be a transportation customer service person, and the transportation customer service person can inquire the traffic ticket information of the first account through the second website, order and change the first account, or carry out ticket refunding operation on the traffic ticket.
Identity information of accounts (including first account and second account): the information that can uniquely identify the identity of the account may include, but is not limited to, an account identity number, an account number, and the like.
Identity conversion information: the information for instructing the second account to request to log in the first website through the identity information of the first account may include, but is not limited to, the identity information of the first account and the identity information of the second account.
The login state identification of the account is as follows: the identification information is used for representing that the first website is logged in by the identity information of the account, the login state identification of the first account refers to the identification information used for representing that the first website is logged in by the identity information of the first account, and the login state identification information may be, but is not limited to, a character string, a specific numerical value, or the like.
Simulating account login: the second account requests to log in the first website through the identity information of the first account at the second website, and then the second account views the page display content of the first website seen after the first account logs in the first website from the view angle of the first account.
cookie information: in the browser application, the cookie information is information for storing text data recorded locally by a website, and the size of the cookie information does not exceed 4KB generally; the most common use of cookie information is to store the login state of an account in a website by sessionId, the cookie information refers to data (usually encrypted) stored on a local terminal of the account by some websites for identifying the account identity, and the cookie information is a technology that enables a server of the website to store a small amount of data to a hard disk or a memory on a client on the terminal or read data from the hard disk of the client; the cookie information can record account ID, password, browsed web pages, stay time and other information of an account accessing the website, and when the account accesses the website again, the website reads the cookie information to obtain the related information of the account, so that corresponding action can be performed.
The Cloud service technology (Cloud technology) is based on a general term of a network technology, an information technology, an integration technology, a management platform technology, an application technology and the like applied in a Cloud computing business model, can form a resource pool, is used as required, and is flexible and convenient. Cloud service technology is an important support; background services of the technical network system require a large amount of computing and storage resources, such as video websites, picture-like websites and more web portals.
The following explains the concept of the present application.
In some scenarios, one user needs to simulate another user to log in a corresponding website, for example, when another user logs in the website through a registered account and obtains a service provided by the website and a problem occurs during operation through the website or the other user is inconvenient to operate through the website, the one user needs to log in the website through the account of the other user to replace the other user to solve the problem encountered during operation or replace the other user to complete a target operation; at present, the user logs in the website through the login account and the login password by directly using the login information of the account, the login password and the like of another user, but the user acquires the login information of the account of the other user in the process, and the login information of the account has great safety risk; in the related art, a technician also has an information query function of a background management system for perfectly managing the website, and when one user can query another user through the background management system of the website to have a problem when the other user operates through the website, the method for perfectly managing the background management system consumes a large amount of time and workload, and further causes untimely information query and low query efficiency, so that how to improve the safety degree of an account in the process of simulating account login and improve the login efficiency of simulating account login becomes a problem to be considered.
In view of the above, the inventor designs a method, an apparatus, a device and a storage medium for simulating account login; in view of the fact that directly acquiring the account login information of the account subjected to the simulated login when the account is simulated to log in can greatly affect the security of the account login information of the account subjected to the simulated login, in the embodiment of the application, the account login information of the account subjected to the simulated login is logged in the first website under the condition that the account login information of the account subjected to the simulated login is unknown in a mode of modifying the account login information in the target request for logging in the first website; specifically, after it is determined that the target request sent by the terminal is the simulated login request, the identity information of the account requesting to log in the first website in the target request is rewritten into the identity information of the first account based on the identity information of the first account and the identity information of the second account carried in the target request, and then the target request is sent to the first website, so that the terminal logs in the first website through the identity information of the first account.
In order to improve the login efficiency of simulating account login, the service management device may modify the identity information of the account that logs in the first website in the target request.
For a clearer understanding of the design concept of the present application, the following detailed description of the embodiments of the present application is provided in conjunction with the accompanying drawings. In order to more clearly understand the design concept of the present application, two application scenarios are provided as follows:
first application scenario:
the first website and the second website are the same website; the first account and the second account are both accounts registered at the first website; the second account is an account other than the first account, and the first account and the second account may be, but are not limited to, different types of accounts; for example, when the first account and the second account are accounts with different operation permissions, for example, when the first website provides services for electronic shopping, the first account may be an account with a permission to purchase goods, the second account may be an account with a consultation service provided for the first account (for example, but not limited to, an account of a serviceman who includes the first website), the second account may also be an account with information about goods or accounts or order information, and the like.
Referring to fig. 1, the first application scenario includes at least one terminal 100, a service management device 200, and a first server 300 of a first website; the terminal 100 and the service management device 200 can communicate with each other, the service management device 200 and the first server 300 can communicate with each other, and the terminal 100 and the first server 300 can communicate with each other through the bridge of the service management device 200; wherein:
the terminal 100 (such as but not limited to 100-1 or 100-2 in the figures) may send a login skip request to the first server 300 in response to the simulated login instruction of the second account; receiving login indication information returned by the first server 300; specifically, the terminal 100 may send a login skip request to the service management apparatus 200, and receive the login skip request returned by the first server 300 forwarded by the service management apparatus 200; and the terminal adds the target identity conversion information contained in the login indication information to the target request to send the service management device 200, so as to log in the first website through the identity information of the first account.
The service management device 200 forwards the login skip request sent by the terminal 100 to the first server 300, and forwards the login skip request returned by the first server 300 to the terminal 100; and receiving the target request sent by the terminal 100, if it is determined that the target request includes the target identity conversion information, obtaining the login state identifier of the first account based on the target identity conversion information, and sending the login state identifier to the first server 300 after adding the login state identifier to the target request.
The first server 300 (such as but not limited to 300-1, 300-2, or 300-3 in the figure) receives the login skip request sent by the terminal 100, sends login indication information to the terminal 100, and receives a target request containing a login state identifier sent by the service management device 200, allows the first website to be logged in through the identity information of the first account, and further, can send the resource requested by the terminal 100 to the terminal 100 in the process.
Second application scenario:
the first website and the second website are different websites; the first account is an account registered at a first website, and the second account is an account registered at a second website; if the first website provides electronic shopping service, and the second account is a background management system of the first website, the first account may be an account having a right to purchase goods, the second account may be an account having a right to provide consulting service for the first account (such as an account that may include, but is not limited to, an account of a serviceman of the first website), and the second account may also be an account having a right to manage the first website, and the like.
Referring to fig. 2, the second application scenario includes at least one terminal 100, a service management device 200, a first server 300 of a first website, and a second server 400 of a second website; wherein:
the terminal 100 (such as but not limited to 100-1 or 100-2 in the figures) may send a login skip request to the second server 400 in response to the simulated login instruction of the second account; and receives the login indication information returned by the second server 400, and further adds the identity conversion information included in the login indication information to the target request to send the service management device 200.
The second server 400 (such as but not limited to 400-1, 400-2, or 400-3 in the figures) receives the login skip request sent by the terminal 100, and sends login indication information to the terminal 100, wherein the second server 400 and the terminal 100 may communicate directly, or the second server 400 and the terminal 100 may bridge through the service management device 200 to implement communication between the second server 400 and the terminal 100, and those skilled in the art may set according to actual requirements.
The service management device 200 receives the target request sent by the terminal 100, obtains the login state identifier of the first account based on the target identity conversion information if it is determined that the target request includes the target identity conversion information, adds the login state identifier to the target request, and sends the target request to the first server 300.
The first server 300 (such as but not limited to 300-1, 300-2, or 300-3 in the figures) receives the target request containing the login status identifier sent by the service management device 200, allows the first website to be logged in through the identity information of the first account, and further can send the resource requested by the terminal 100 to the terminal 100 in the server.
The service management device 200 in this embodiment is a device for uniformly managing each website for services, and the service management device 200 may be, but is not limited to, a server or an Application Programming Interface (API) gateway, where the API gateway is used to implement API hosted services, and in website applications, the API gateway is generally used as an entry for all external requests; the API gateway packages various back-end services and provides the services to all parties for calling in an API form; the API gateway serves as an entrance for all requests, and can be generally used for functions such as flow limitation, monitoring, API management, and the like.
Any one of the first server 300 and the second server 400 in the embodiment of the present application, the cloud computing system may be an independent physical server, or a server cluster or a distributed system formed by a plurality of physical servers, or may be a plurality of cloud servers providing basic cloud computing services such as a cloud service, a cloud database, cloud computing, a cloud function, cloud storage, a web service, cloud communication, a middleware service, a domain name service, a security service, a CDN, a big data and artificial intelligence platform, and the like through a cloud service technology (for example, the first server 300 may include, but is not limited to, the server 300-1, the server 300-2, or the server 300-3 illustrated in the drawing, and the second server 400 may include, but is not limited to, the server 400-1, the server 400-2, or the server 400-3 illustrated in the drawing); the functions of the first server 300 may be implemented by one or more cloud servers, or may be implemented by one or more cloud server clusters, and so on; the functions of the second server 400 may be implemented by one or more cloud servers, one or more cloud server clusters, and the like.
The terminal 100 in the embodiments of the present application may be a mobile terminal, a fixed terminal, or a portable terminal, such as a mobile handset, a station, a unit, a device, a multimedia computer, a multimedia tablet, an internet node, a communicator, a desktop computer, a laptop computer, a notebook computer, a netbook computer, a tablet computer, a Personal Communication System (PCS) device, a personal navigation device, a Personal Digital Assistant (PDA), an audio/video player, a digital camera/camcorder, a positioning device, a television receiver, a radio broadcast receiver, an electronic book device, a game device, or any combination thereof, including accessories and peripherals of these devices, or any combination thereof.
Based on the application scenarios of fig. 1 and fig. 2, the following describes an example of the simulated account login method according to the present application.
Referring to fig. 3, a method for simulating account login designed in the embodiment of the present application is shown, and for the terminal 100, the method specifically includes the following steps:
step S301, responding to a simulated login instruction of a second account, and sending a login skip request to a target website, wherein the login skip request carries identity information of a first account, and the target website is the first website or a second website;
specifically, when the embodiment of the application is applied to the first application scenario, the target website is a first website, and the second account may be, but is not limited to, triggering a simulated login instruction after logging in the first website through the identity information of the second account; when the embodiment of the application is applied to the second application scenario, the target website is a second website, and the second account may be, but is not limited to, triggering a simulated login instruction after logging in the second website through the identity information of the second account.
Step S302, receiving the login indication information returned by the target website based on the login skip request.
The content of the target website determining the login indication information based on the login skip request will be described below.
Step S303, the identity conversion information contained in the login indication information is determined as target identity conversion information; the identity conversion information is used for indicating the second account to request to log in the first website by the identity information of the first account, and the identity conversion information comprises the identity information of the first account and the identity information of the second account.
Step S304, sending a target request including the target identity conversion information to the service management device 200, so as to log in the first website through the identity information of the first account based on the target identity conversion information.
As an embodiment, after determining the target identity conversion information, the terminal 100 may store the target identity conversion information in a local preset storage space, and when the second account requests to log in the first account in a simulated manner, the terminal 100 automatically obtains the target identity conversion information from the preset storage space, and sends a target request carrying the target identity conversion information to indicate that the request requests to log in the first website through the identity information of the first account; if the first account requests to log in the first website, the preset storage space stores the login state identification of the first account, but does not store the target identity conversion information, so that when the first account requests to log in the first website, the target request sent by the terminal does not contain the target identity conversion information.
For convenience of understanding, a specific example is given here, if the terminal 100 accesses the first website through the browser, the preset storage space may include, but is not limited to, cookie information corresponding to the first website in the browser, and after the terminal 100 acquires the target identity conversion information, the target identity conversion information may be stored in the cookie information corresponding to the first network in the browser; due to the characteristics of the browser, all target requests for logging in the first website sent by the browser carry cookie information, and when the second account request performs simulated logging in on the first account in the embodiment of the application, the target requests sent by the browser carry cookie information corresponding to the first website (the cookie information contains the target identity conversion information); in the case that the first account requests to log in the first website through the browser, the target website does not return login indication information, and the terminal 100 cannot acquire the target identity conversion information, so that the cookie information corresponding to the first website does not include the target identity conversion information.
The terminal 100 may also store the target identity conversion information in a space other than the cookie information, and when the terminal 100 sends the target request, the target identity conversion information may be added at a set string position of the target request; if the target request is a hypertext Transfer Protocol (HTTP) request, an HTTP header called Auth-Token may be added to the HTTP request, and the first server 300 may uniformly obtain a value of Auth-Token from the header to check a login status, where the value of Auth-Token is the target identity conversion information.
It should be noted that, when the target website is the first website, the second account has already logged in the first website before step 301, that is, the terminal 100 has already opened the first website; however, when the target website is the second website, the second website has been registered in the second account before step 301, the terminal 100 has opened the second website, the simulated login instruction is triggered after the terminal 100 logs in the second website through the identity information of the second account, and the terminal 100 opens the second website in steps S301 to S303, but in this embodiment, the terminal 100 is intended to log in the first website through the identity information of the first account, therefore, after step S303 and before step S304, the terminal 100 needs to redirect to the first website, and the terminal 100 may open the first website based on the received login instruction information.
As an embodiment, in order to improve the accuracy of the simulated login instruction, the simulated login instruction in step S301 may be triggered by a target jump object corresponding to the first account; the target jump object is used for indicating the second account to request to log in the first website through the identity information of the first account, and a person skilled in the art can set a specific form of a simulated login instruction according to actual requirements, for example, but not limited to, the target jump object may be set as a simulated login jump link or a keystroke, and the like.
It should be noted that the second account needs to acquire the information of the first account that is simulated to log in before step S301, that is, before step S301, a user corresponding to the second account may acquire account query information of the first account in a certain manner (for example, a manner of making a call with a user corresponding to the first account, a network chat, or the like), and then the second account may determine a target jump object corresponding to the first account through the account query information of the first account; the account query information may be used to indicate identity information of the first account, the account query information may be, but is not limited to, an account name or an account identity of the first account, the account identity may be, but is not limited to, an account identity number of the first account, or a unique character string assigned to the first account by the first website, and the like.
In order to improve the convenience of triggering the login skip instruction, in this embodiment of the application, a target application for accessing a website may be installed on the terminal 100, and the terminal 100 may open a page of a target website (the first website or the second website) through the target application; the target jump object may be displayed in a page of a target website, and the target application may be, but is not limited to, the browser; to facilitate understanding of the mechanism for triggering the login jump instruction, two examples of procedures for triggering the login jump instruction are given below.
The first trigger mode is as follows:
referring to fig. 4, in the embodiment of the present application, a first account query page 4000 of a target website is provided, and after the terminal 100 logs in the target website through the identity information of the second account, account query information of the first account may be input in an account query box 401; further, after detecting that the second account clicks the query key 402, the terminal 100 queries a target jump object of the first account matched with the account query information input by the second account, and displays the queried target object in the account information display area 403; the target jump object may be, but is not limited to, the simulated login key 404 in the figure, and the second account may trigger the simulated login instruction by clicking or long-pressing the simulated login key 404; further, when querying a target jump object of the first account matched with the account query information input by the second account, the terminal 100 may further obtain the account information of the first account, and display the obtained account information in the account information display area 403; the account information may include, but is not limited to, an account name of the first account, identity information of the first account, creation time, operation information, and the like, which are illustrated in the figure, the operation information may include, but is not limited to, an account modification button 405 and a removal button 406, the second account may trigger modification of information of the first account through the information modification button 405, and may delete the account information of the first account through the removal button 406.
The second trigger mode of the login jump instruction is as follows:
referring to fig. 5, an embodiment of the present application provides a first account query page 4000 of a target website, where the account query information may further include item information of an item to which a first account belongs; after the terminal 100 logs in the first website through the identity information of the second account, target jump objects of all first accounts under corresponding items can be queried through the item information, and then a target jump object corresponding to a first account which is simulated to log in is determined from the target jump objects of all first accounts, in the figure, an XX item is taken as an example of an item to which the first account which is simulated to log in, the terminal 100 can display the queried target jump objects of all first accounts under the XX item in an account information display area 501, the target jump object can be but is not limited to a simulated login key 502 in the figure, and then the second account can trigger the simulated login instruction by clicking or long-needed simulated login key 502 corresponding to the first account which is simulated to log in; further, when querying target jump objects of all first accounts in the item XX, the terminal 100 may further obtain account information of all first accounts in the item XX, and display the obtained account information in the account information display area 501; the above account information can be referred to the above description, and will not be repeated here.
Referring to fig. 6, a method for simulating account login designed in this embodiment of the present application is shown, and for a server of a target website (the first server 300 or the second server 400), the method specifically includes the following steps:
step S601, receiving a login skip request sent by the terminal 100, where the login skip request carries identity information of the first account.
For a detailed description of the login skip request, reference is made to the above description, and the description is not repeated here.
Step S602, determining the identity information of the second account triggering the login skip request.
In general, a request sent by an account to a target website carries identity information of the account, so in this step, a server of the target website may directly determine identity information of a second account sending a login skip request based on the received login skip request.
Step S603, generating identity conversion information including the identity information of the first account and the identity information of the second account.
Specifically, the server of the target website may use the identity information of the first account and the identity information of the second account as a parameter to obtain the identity conversion information, for example, but not limited to, the identity information of the first account and the identity information of the second account may be stored in a parameter of a specific data format to obtain the identity conversion information, where the specific parameter format may include, but is not limited to, a key-value pair, a list, an array, and the like; for example, based on the identity information of the first account and the identity information of the second account, a key-value pair K-V1 is generated, and the key-value pair K-V1 is determined as the identity conversion information, where the key K in the key-value pair K-V1 may be, but is not limited to, a string of random characters K1, where K1 is used to identify the identity conversion information, and the value V1 may be the identity information of the first account and the identity information of the second account.
As an embodiment, in view of improving the security degree of the simulated account login, the generated identity conversion information may be further stored in the embodiment of the present application, so as to determine whether the target request is legal based on the stored identity conversion information at a later stage, for example, the generated identity conversion information may be stored in a preset identity conversion information base; specifically, if the identity conversion information is the key value pair K-V1, and the identity information of the first account includes the name "li chi" of the first account and the first account ID "2918374", and the identity information of the second account includes the name "zhangzhuo" of the second account and the second account ID "zhanggmou", the server of the target website may store the key value pair K-V1 into a preset identity conversion information base according to the storage field shown in table 1, so that after the service management device 200 receives the target request including the identity conversion information, it determines whether the target request is legal according to the identity conversion information to determine whether to send the first prompt information indicating that the target request is abnormal to the terminal 100, where a specific process of sending the first prompt information by the service management device 200 will be described in detail in the following description.
Table 1: storage field of key-value pair K-V1
Step S604, returning login instruction information including the identity conversion information to the terminal 100, so that the terminal 100 sends a target request including the identity conversion information, where the target request is used for the terminal 100 to log in the first website through the identity information of the first account.
As an embodiment, when the target website is the first website in the embodiment of the present application, the login indication information may include, but is not limited to, identity conversion information; the first server 300 of the first website may further include receiving the target request forwarded by the service management apparatus 200 after step S604, and returning resources and data corresponding to the target request to the terminal 100 based on the received target request.
In this embodiment, when the target website is the second website, the login indication information may include information indicating that the terminal 100 opens the first website, in addition to the identity conversion information, so that the terminal 100 opens the first website after receiving the login indication information.
As an embodiment, when the target website is the second website, in order to improve the efficiency of the terminal opening the first website based on the login indication information, the login indication information may be, but is not limited to, a redirection link url, and the redirection link may be, but is not limited to, HTTP 302 redirection; if the website address of the first website is https:// nei.com, and the website address of the second website is https:// wai.com, the redirection link may be, but not limited to, https:// wai.comocktoken ═ xxxx >, where mockToken is the identity transformation information, and < xxx > is the value V1 of the key value pair K-V1 of the identity transformation information, and those skilled in the art may set the specific form of the login indication information or redirection link according to actual needs, which is not limited herein.
The above steps S301 to S303 on the terminal 100 and the steps S601 to S602 on the server of the target website are combined, so that the target identity conversion information can be stored on the terminal 100, and then the terminal 100 can send the target request containing the target identity conversion information to the service management device 200 through the step S304, so as to log in the first website through the identity information of the first account.
It should be noted that, when the target website is the second website in this embodiment of the application, the second website may manage one first website, or may manage a plurality of first websites, that is, in this embodiment of the application, the simulated account registration may be implemented for one first website, or may be implemented for a plurality of first websites, and for the above two cases, the triggering manner of the login skip request and the content of the login instruction information are slightly different, which is further described below.
(one) realizing simulated account login aiming at first website
In this case, on the first account query page 4000 or the first account query page 5000, a corresponding target jump object may be set for a first account, and the target jump object may not carry website indication information of the first website, the second account may trigger a login jump instruction by clicking or long-pressing the target jump object, and the terminal 100 sends a login jump request to the second server 400 based on the login jump instruction.
The first website for realizing the simulated account login is known in advance in the second server 400 of the second website, and website jump indication information of the first website can be configured in the second server 400; after receiving the login skip request, in step S604, the second server 400 may send the login indication information carrying the website skip indication information of the first website to the terminal 100, so that the terminal 100 opens the first website based on the website skip indication information.
(II) realizing simulated account login aiming at a plurality of first websites
In this case, for a first account, a corresponding target jump object may be set for different first websites on the first account query page 4000 or the first account query page 5000, and the target jump object may carry website indication information of the corresponding first website; the second account can trigger a login skip instruction carrying website indication information by clicking or long-pressing one of the target skip objects corresponding to the first account; further, the terminal 100 sends a login skip request to the second server 400 based on the login skip instruction, where the login skip request carries website instruction information.
The first website for realizing the simulated account login is not known in advance in the second server 400 of the second website; further, after the second server 400 receives the login skip request, in step S604, the website skip instruction information of the first website corresponding to the website instruction information in the login skip request may be carried in the login instruction information and sent to the terminal 100, so that the terminal 100 opens the first website based on the website skip instruction information.
Referring to fig. 7, a method for simulating account login designed in the embodiment of the present application is shown, and for the upper service management device 200, the method specifically includes the following steps:
in step S701, a target request for logging in to the first website, which is transmitted from the terminal 100, is received.
For a detailed description of the target request, reference is made to the above description, and a description thereof will not be repeated.
Step S702, if the target request is determined to contain target identity conversion information, acquiring a login state identifier of a first account based on the target identity conversion information; the login state identification is determined based on the identity information of the first account, and the target identity conversion information comprises the identity information of the first account and the identity information of the second account.
For specific descriptions of the target identity transformation information, reference is made to the above contents, and the description is not repeated here; the form of the login state identifier is not limited, such as but not limited to sessionId of an account in browser technology.
Referring to the related description in step S304, when the second account requests to perform simulated login on the first account, the target request sent by the terminal 100 includes the target identity conversion information, and when the first account itself requests to log in the first website, the target request sent by the terminal 100 does not include the target identity conversion information, then in step S702, the service management device 200 determines that the target request includes the target identity conversion information, and may determine that the target request is triggered when the second account requests to perform simulated login on the first account.
Step S703, add the login status identifier to the target request.
Specifically, the login state identifier may be directly added to the target request, such as but not limited to being added to a header of the target request; if the login state is identified as sessionId, a sessionId ═ yy > can be directly added to the header of the cookie information in the target request, where < yy > is the value of sessionId; or directly replacing target identity conversion information in the target request with the login state identifier to obtain the target request added with the login state identifier; the login state identifier may be added to the target request in other forms by those skilled in the art according to actual needs.
Step S704 is to send a target request for adding the login status identifier to the first website, so that the terminal 100 logs in the first website through the identity information of the first account based on the login status identifier.
As an embodiment, considering that the target request sent by the terminal 100 may also be a normal login request that is sent to request to log in the first website when the first website is not logged in by the first account, and the normal login request does not include the target identity conversion information and the login status identifier of the first account, after step S701 in this embodiment of the application, if it is determined that the target request does not include the target identity conversion information and the target request does not include the login status identifier of the first account, the service management apparatus 200 sends the second prompt information to the terminal 100, so that the terminal 100 loads the login page of the first website based on the second prompt information, where the login page is used for the terminal 100 to log in the first website through the identity information of the first account.
As an embodiment, considering that the target request sent by the terminal 100 may also be a normal access request that is sent by the first account after logging in the first website and requests to access the resource of the first website, and the normal access request includes the login status identifier of the first account but does not include the target identity conversion information, after step S701 in this embodiment of the application, if it is determined that the target request does not include the target identity conversion information and the target request includes the login status identifier of the first account, the service management device 200 logs in the first website through the identity information of the first account.
As an embodiment, in order to improve the efficiency of obtaining the login state identifier of the first account, in step S702 in this embodiment of the application, a mapping relationship between the identity conversion information and the login state identifier may be set, and the login state identifier may be quickly obtained based on the mapping relationship.
Specifically, a mapping relationship between preset identity conversion information and a login state identifier may be obtained; if a login state identifier corresponding to the target identity conversion information is recorded in the mapping relation, acquiring the login state identifier; if the mapping relation does not record the login state identification corresponding to the target identity conversion information, generating a corresponding login state identification based on the identity information of the first account contained in the target identity conversion information, and creating and storing the mapping relation between the target identity conversion information and the generated login state identification; the login-state identifier may be generated by the first server 300, and when acquiring the login-state identifier, the service management device 200 may call a login-state planting interface between the service management device 200 and the first server 300, and the first server 300 generates a corresponding login-state identifier based on the identity information of the first account.
As an embodiment, in order to reduce the security risk of the first website and the security risk of the first account, after determining that the target request is a simulated login request (i.e., a request for simulated login of the first account by the second account request) in step S702, it may be determined whether the simulated login request is legal, so as to prevent an illegal simulated login request from affecting the security of the first website or the security of the first account, so that the service management apparatus 200 may access a preset identity transformation information base through the target interface after determining that the target request includes the target identity transformation information and before obtaining the login status identifier of the first account based on the target identity transformation information, and determine whether the simulated login request is legal based on the identity transformation information stored in the preset identity transformation information base; specifically, if the identity conversion information base stores identity conversion information matched with the target identity conversion information, the target request is a legal simulated login request; if the identity conversion information matched with the target identity conversion information is not stored in the identity conversion information base, the target request is an illegal simulated login request, and first prompt information is sent to the terminal 100 and used for indicating that the target request is abnormal; and the identity conversion information and the target identity conversion information which are matched with the target identity conversion information are both used for indicating the same second account to request to log in the first website by using the identity information of the same first account.
An example of a complete flow of the service management device 200 is provided below, please refer to fig. 8, which specifically includes the following steps:
in step S801, the target request transmitted by the terminal 100 is received.
Step S802, determine whether the target request includes the login status identifier of the first account, if not, go to step S803, and if so, go to step S812.
Step S803, determine whether the target request includes target identity conversion information, if yes, go to step S804, otherwise go to step S813.
Step S804 determines whether the preset identity conversion information base stores the identity conversion information matched with the target identity conversion information, if yes, step S805 is performed, otherwise, step S814 is performed.
Step S805, obtaining a mapping relationship between the preset identity transformation information and the login state identifier.
Step S806 determines whether the obtained mapping relationship records the login status identifier of the target identity conversion information, if so, step S807 is performed, otherwise, step S808 is performed.
Step S807, obtain the login status identifier of the target identity transformation information from the mapping relationship.
Step S808, generating a corresponding login status identifier based on the identity information of the first account included in the target identity conversion information, and entering steps S809 and S810.
Step S809, creating and saving the mapping relationship between the target identity transformation information and the generated login status identifier.
Step S810, add the login status identifier to the target request.
It should be noted here that step S809 and step S810 do not have a fixed sequence.
Step S811, sending a target request for adding the login status identifier to the first website.
Step S812, sending a target request including the login status identifier of the first account to the first website.
Step S813 is sending a second prompt message to the terminal 100, where the second prompt message is used to instruct the terminal 100 to load the login page of the first website.
Step S814, sending a first prompt message to the terminal 100 to indicate that the target request is abnormal.
The following contents in the embodiment of the present application provide an example of a complete interaction flow between the terminal 100, the service management device 200, the first server 300, and the second server 400 when the method is applied to the first application scenario and the second scenario; for convenience of understanding, in the following example, the method of the terminal 100 is executed by a browser (i.e., the target application) in the terminal 100, and the terminal 100 stores target identity conversion information into cookie information of a first website in the browser, and the service management apparatus 200 is an API gateway, and the target jump object is an analog login jump link.
Example 1: is applied to the first application scenario
Referring to fig. 9, in this example, a user B of the second account and a user a of the first account may obtain account query information of the first account in a telephone or network chat manner, and after the user B logs in the first website through identity information of the second account, the user B queries a target skip object of the first account based on the account query information of the first account, and triggers a login skip instruction by clicking the target skip object of the first account.
The process of acquiring the target identity conversion information comprises the following steps: after detecting a login skip instruction, the browser on the terminal 100 sends a login skip request to the API gateway; the API gateway forwards the login skip request sent by the browser to the first server 300; the first server 300 determines login indication information containing identity conversion information based on the login skip request, and forwards the login indication information to the browser through the API gateway; and then the browser determines the identity conversion information in the login indication information as target identity conversion information.
The process of simulating account login comprises the following steps: the browser sends a target request containing target identity conversion information to the API gateway; the API gateway adds the login state identification of the target identity conversion information into the target request and sends the target request to the first server 300; the first server 300 receives a target request of a login state identifier sent by the API gateway, allows the browser to log in through the identity information of the first account, and sends information corresponding to the target request to the browser through the API gateway.
In the above process, the interaction process of the browser, the API gateway and the first server 300 may specifically, but is not limited to, include the following steps:
the first process is as follows: browser obtains target identity conversion information
Referring to fig. 10, the process specifically includes:
after the user B of the second account communicates with the user A of the first account and acquires account query information of the first account, the user B inputs the website of the first website into a browser and requests to open the first website.
Step S1001, the browser opens the first website based on the website of the first website and logs in the first website through the identity information of the second account based on the indication.
After the user B logs in the first website by using the identity information of the second account, the account query information of the first account is input in the first website to obtain the simulated login skip link corresponding to the first account, and then the user B clicks the simulated login skip link.
Step S1002, when the browser detects that the simulated login skip link of the first account is clicked, a login skip request is sent to the API gateway, and the login skip request carries identity information of the first account.
In step S1003, the API gateway forwards the login skip request to the first server 300.
In step S1004, the first server 300 obtains the identity information of the first account from the login skip request, and determines the identity information of the second account triggering the login skip request.
In step S1005, the first server 300 generates identity conversion information including the identity information of the first account and the identity information of the second account.
In step S1006, the first server 300 stores the identity transformation information into a preset identity transformation information base.
In step S1007, the first server 300 creates login instruction information including the identity conversion information, and sends the login instruction information to the API gateway.
In step S1008, the API gateway sends login instruction information including the identity conversion information to the browser.
In step S1009, the browser determines the identity conversion information in the login indication information as target identity conversion information, and stores the target identity conversion information in the cookie information corresponding to the first website.
The second process: simulating an account login process
Please refer to fig. 11, which specifically includes the following steps:
in step S1101, the browser creates a target request containing cookie information containing target identity conversion information.
The target request may be, but is not limited to, an http request.
In step S1102, the browser sends the target request containing the cookie information to the API gateway.
Step S1103, the API gateway determines that the target request includes target identity conversion information.
It should be noted that, in this example, only the case of simulating account login is described, so the target request includes the target identity conversion information, and reference is made to the above description about the case where the first account logs in the first website by itself, and the description is not repeated here.
In step S1104, the API gateway accesses the identity conversion information base stored on the first server 300 through the target interface with the first server 300.
Step S1105, if it is determined that the identity conversion information matched with the target identity conversion information is stored in the preset identity conversion information base, the API gateway obtains a mapping relationship between the preset identity conversion information and the login state identifier.
Step S11051, if the API gateway determines that the obtained mapping relationship records the login state identifier of the target identity conversion information, the API gateway obtains the login state identifier of the target identity conversion information from the mapping relationship.
Step S11052, if the API gateway determines that the obtained mapping relationship does not record the login state identifier of the target identity conversion information, generates a corresponding login state identifier based on the identity information of the first account included in the target identity conversion information.
Step S11053, the API gateway creates and stores the mapping relationship between the target identity transformation information and the generated login state identifier.
Step S1106, the API gateway adds the login state identifier to the cookie information in the target request.
In step S1107, the API gateway sends the target request with the login state identifier added to the cookie information to the first server 300.
Step S1108, if the API gateway determines that the identity conversion information matching the target identity conversion information is not stored in the preset identity conversion information base, the API gateway sends a first prompt message to the browser.
Example 2: applied to the second application scenario
Referring to fig. 12, in this example, a user B of the second account and a user a of the first account may obtain account query information of the first account in a telephone or network chat manner, and after the user B logs in the second website through identity information of the second account, the user B queries a target skip object of the first account based on the account query information of the first account, and triggers a login skip instruction by clicking the target skip object of the first account.
The process of acquiring the target identity conversion information comprises the following steps: after detecting the login skip instruction, the browser on the terminal 100 sends a login skip request to the second server 400; the second server 400 determines login indication information including identity conversion information based on the login skip request, and sends the login indication information including the identity conversion information to the browser; and then the browser determines the identity conversion information in the login indication information as target identity conversion information.
The process of simulating account login comprises the following steps: the browser sends a target request containing target identity conversion information to the API gateway; the API gateway adds the login state identification of the target identity conversion information into the target request and sends the target request to the first server 300; the first server 300 receives a target request of a login state identifier sent by the API gateway, allows the browser to log in through the identity information of the first account, and sends information corresponding to the target request to the browser through the API gateway.
In the above process, the interaction process of the browser, the API gateway, the first server 300 and the second server 400 may specifically, but not limited to, include the following steps:
the first process is as follows: browser obtains target identity conversion information
Referring to fig. 13, the process specifically includes:
after the user B of the second account communicates with the user A of the first account and acquires account query information of the first account, the user B inputs the website of the second website into the browser and requests to open the second website.
Step S1301, the browser opens the second website based on the website address of the second website, and logs in the second website through the identity information of the second account based on the instruction.
After the user B logs in the second website by using the identity information of the second account, the account query information of the first account is input in the second website to obtain the simulated login skip link corresponding to the first account, and then the user B clicks the simulated login skip link.
In step S1302, when the browser detects that the simulated login skip link of the first account is clicked, it sends a login skip request to the second server 400, where the login skip request carries the identity information of the first account.
In step S1303, the second server 400 obtains the identity information of the first account from the login skip request, and determines the identity information of the second account triggering the login skip request.
In step S1304, the second server 400 generates identity conversion information including the identity information of the first account and the identity information of the second account.
In step S1305, the second server 400 stores the identity conversion information into a preset identity conversion information base.
In step S1306, the second server 400 creates login instruction information including the identity conversion information, and transmits the login instruction information to the browser.
In step S1307, the browser opens the second website based on the login instruction information.
Step S1308, the browser determines the identity conversion information in the login indication information as target identity conversion information, and stores the target identity conversion information in cookie information corresponding to the first website.
Specifically, the front-end code of the first website running in the browser may obtain the identity conversion information from the login indication information, and store the obtained identity conversion information as the target identity conversion information in the cookie information corresponding to the first website.
The second process: simulating an account login process
Referring to fig. 14, the method specifically includes the following steps:
steps S1401 to S1403 are the same as steps S1101 to S1103 described above, and description thereof will not be repeated.
In step S1404, the API gateway accesses the identity conversion information base stored on the second server 400 through the target interface with the second server 400.
Step S1405 to step S1408 are the same as step S1105 to step S1108, and specific contents can be referred to the above description, and the description is not repeated here.
In the embodiment of the application, the second account can log in the first website through the identity information of the first account without requiring the login account and the login password of the first website to be logged in from the first account, so that the account security degree of the first account is improved; in addition, in the embodiment of the application, a large amount of time is not needed to be spent on developing and perfecting the information query function of the target website (the first website or the second website), so that the development amount of the additional functions of the target website is reduced, and the efficiency of simulating account login is further improved; on the other hand, the business code of the first website is not sensed in the embodiment of the application, so that the invasion degree of the business code of the first website is reduced, the possibility of other unpredictable problems in the simulated account login is further reduced, and the security risk of the first website caused by the simulated account login is reduced.
Referring to fig. 15, based on the same inventive concept, an embodiment of the present application provides an apparatus 1500 for simulating account login, including:
a request receiving unit 1501, configured to receive a target request for logging in a first website sent by a terminal;
a first processing unit 1502, configured to obtain a login status identifier of a first account based on target identity conversion information if it is determined that the target request includes the target identity conversion information; the target identity conversion information includes identity information of a first account and identity information of a second account, the target identity conversion information is used for indicating the second account to request to log in the first website through the identity information of the first account, and the login state identifier is determined based on the identity information of the first account;
a second processing unit 1503, configured to add the login state identifier to the target request;
a request sending unit 1504, configured to send a target request for adding the login status identifier to the first website, so that the terminal logs in the first website through the identity information of the first account based on the login status identifier.
As an embodiment, the first processing unit 1502 is specifically configured to: acquiring a mapping relation between preset identity conversion information and a login state identifier; if a login state identifier corresponding to the target identity conversion information is recorded in the mapping relation, acquiring the login state identifier; if the mapping relation does not record the login state identification corresponding to the target identity conversion information, generating a corresponding login state identification based on the identity information of the first account contained in the target identity conversion information, and creating and storing the mapping relation between the target identity conversion information and the generated login state identification.
As an embodiment, the first processing unit 1502 is further configured to: after the target request is determined to contain target identity conversion information, before a login state identifier of a first account is obtained based on the target identity conversion information, a preset identity conversion information base is accessed through a target interface; if the identity conversion information matched with the target identity conversion information is stored in the identity conversion information base, first prompt information is sent to the terminal, and the first prompt information is used for indicating that the target request is abnormal; the identity conversion information matched with the target identity conversion information is used for indicating the second account to request to log in the first website by using the identity information of the first account.
As an embodiment, the request receiving unit 1501 is further configured to:
if it is determined that the target request does not contain target identity conversion information and does not contain the login state identification of the first account, sending second prompt information to the terminal, and enabling the terminal to load a login page of the first website based on the second prompt information;
and if the target request does not contain target identity conversion information and contains the login state identification of the first account, sending the target request to the first website, and enabling the terminal to log in the first website through the identity information of the first account based on the login state identification of the first account.
As an example, the apparatus in fig. 15 may be used to implement any one of the simulated account login methods of the service management device 200 discussed above.
Referring to fig. 16, based on the same inventive concept, an embodiment of the present application provides an apparatus 1600 for simulating account login, including:
a request receiving unit 1601, configured to receive a login skip request sent by a terminal, where the login skip request carries identity information of a first account, and the login skip request is triggered by a simulated login instruction of a second account;
a first processing unit 1602, configured to determine identity information of a second account that triggers the login skip request;
a second processing unit 1603, configured to generate identity conversion information including identity information of the first account and identity information of the second account, where the identity conversion information is used to instruct the second account to request to register the first website with the identity information of the first account;
an information sending unit 1604, configured to return registration instruction information including the identity conversion information to the terminal, so that the terminal sends a target request including the identity conversion information, where the target request is used for enabling the terminal to register the first website through the identity information of the first account.
As an example, the second processing unit 1603 is further configured to: and storing the identity conversion information into a preset identity conversion information base so that after receiving the target request, the service management equipment determines whether to send first prompt information to the terminal according to the identity conversion information, wherein the first prompt information is used for indicating that the target request is abnormal.
In one embodiment, the apparatus is applied to an account registered in a second website other than the first website, the login skip request is transmitted after the terminal logs in the second website through the second account, and the login instruction information is used to cause the terminal to open the first website and transmit the target request after the first website is opened.
As an example, the apparatus in fig. 16 may be used to implement any of the simulated account login methods discussed above for the first server 300 or the second server 400.
Referring to fig. 17, based on the same inventive concept, an embodiment of the present application provides an apparatus 1700 for simulating account login, including:
a request sending unit 1701, configured to send a login skip request to a target website in response to a simulated login instruction of a second account, where the login skip request carries identity information of a first account, and the target website is a first website registered in the first account or a second website other than the first website;
an information receiving unit 1702, configured to receive login instruction information returned by the target website based on the login skip request;
a first processing unit 1703, configured to determine identity conversion information included in the login indication information as target identity conversion information; the identity conversion information includes identity information of the first account and identity information of the second account, and the identity conversion information is used for indicating the second account to request to log in the first website with the identity information of the first account;
a second processing unit 1704, configured to send a target request including the target identity transformation information to a service management device, so as to log in the first website through the identity information of the first account based on the target identity transformation information.
In one embodiment, the target website is the second website, and the simulated login command is triggered after the terminal logs in the second website through the second account; information receiving unit 1702 is further configured to:
and after receiving login indication information returned by the target website based on the login skip request and before sending a target request containing the target identity conversion information to service management equipment, opening the first website based on the login indication information.
As an embodiment, the simulated login command is triggered by a target jump object corresponding to the first account, where the target jump object indicates a request to log in the first website through the identity information of the first account.
As an example, the apparatus in fig. 17 may be used to implement any of the simulated account login methods of the terminal 100 discussed above.
Based on the same inventive concept, the present embodiment provides a terminal 100, and the terminal 100 is described below.
Referring to fig. 18, the target application, the browser, and the like may be installed on the terminal 100, and the terminal 100 includes a display unit 1840, a processor 1880, and a memory 1820, where the display unit 1840 includes a display panel 1841 for displaying information input by a user or information provided to the user, and various operation interfaces of the target application and the browser, and the like, and in this embodiment, is mainly used for displaying an interface of a client installed in the terminal 100, a shortcut window, and the like.
Alternatively, the Display panel 1841 may be configured in the form of a Liquid Crystal Display (LCD), an Organic Light-Emitting Diode (OLED), or the like.
The processor 1880 is configured to read the computer program and then execute a method defined by the computer program, for example, the processor 1880 reads an application corresponding to a client, so as to run the application on the terminal 100, and displays an interface of the application on the display unit 1840. The Processor 1880 may include one or more general-purpose processors, and may further include one or more DSPs (Digital Signal processors) for performing relevant operations to implement the solutions provided in the embodiments of the present application.
The display unit 1840 is used to receive input digital information, character information, or a contact touch operation/non-contact gesture, and generate signal input related to user setting and function control of the terminal 100, and the like. Specifically, in the embodiment of the present application, the display unit 1840 may include a display panel 1841. The display panel 1841, for example, a touch screen, may collect touch operations by a user (for example, operations by the user on the display panel 1841 or on the display panel 1841 using any suitable object or accessory such as a finger, a stylus, etc.) on or near the display panel 1841, and drive the corresponding connection device according to a preset program. Alternatively, the display panel 1841 may include two parts of a touch detection device and a touch controller. The touch detection device detects the touch direction of a player, detects a signal brought by touch operation and transmits the signal to the touch controller; the touch controller receives touch information from the touch sensing device, converts the touch information into touch point coordinates, and sends the touch point coordinates to the processor 1880, and can receive and execute commands sent by the processor 1880. In this embodiment, if the user clicks the client, the touch detection device in the display panel 1841 detects a touch operation, the touch controller transmits a signal corresponding to the detected touch operation, converts the signal into a touch point coordinate, and transmits the touch point coordinate to the processor 1880, and the processor 1880 determines an operation that the user needs to perform according to the received touch point coordinate.
The display panel 1841 may be implemented by various types, such as a resistive type, a capacitive type, an infrared ray, and a surface acoustic wave. In addition to the display unit 1840, the terminal 100 may further include an input unit 1830, and the input unit 1830 may include a graphical input device 1831 and other input devices 1832, wherein the other input devices may include, but are not limited to, one or more of a physical keyboard, function keys (such as volume control keys, switch keys, etc.), a trackball, a mouse, a joystick, and the like.
In addition to the above, the terminal 100 may also include a power supply 1890 for supplying power to other modules, an audio circuit 1860, a near field communication module 1870, and an RF circuit 1810. The terminal 100 can also include one or more sensors 1850, such as acceleration sensors, light sensors, pressure sensors, and the like. The audio circuit 1860 specifically includes a speaker 1861, a microphone 1862, and the like, and for example, the terminal 100 may collect the voice of the user through the microphone 1862 to perform corresponding operations.
The number of processors 1880 may be one or more and the processor 1880 and memory 1820 may be in a coupled arrangement or may be in a relatively independent arrangement, for example.
The processor 1880 in fig. 18 may be used to implement the functions of the aforementioned terminal 100 or browser, as an example.
An example of the hardware entity of the above apparatus 1500 is a computer device shown in fig. 19, which includes a processor 1901, a storage medium 1902, and at least one external communication interface 1903; the processor 1901, the storage medium 1902, and the external communication interface 1903 are connected via a bus 1904.
The storage medium 1902 has stored therein a computer program;
the processor 1901, when executing the computer program, implements the simulated account login method of the service management device 200 discussed above.
Fig. 19 illustrates one processor 1901, but the number of processors 1901 is not limited in practice.
The storage medium 1902 may be a volatile storage medium (volatile memory), such as a random-access memory (RAM); the storage medium 1902 may also be a non-volatile storage medium (non-volatile memory) such as, but not limited to, a read-only memory (rom), a flash memory (flash memory), a hard disk (HDD) or a solid-state drive (SSD), or the storage medium 1902 may be any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer. The storage medium 1902 may be a combination of the storage media described above.
As an example of the hardware entity of the apparatus 1600, reference may be made to a computer device shown in fig. 19, where when the computer device shown in fig. 19 is used as the hardware entity of the apparatus 1600, the storage medium 1902 stores a computer program therein; the processor 1901, when executing the computer program, implements the method of simulating account login of the first server 300 or the second server 400 discussed above.
According to an aspect of the application, a computer program product or computer program is provided, comprising computer instructions, the computer instructions being stored in a computer readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions, so that the computer device executes a live broadcast control method provided by the embodiment of the application.
Those of ordinary skill in the art will understand that: all or part of the steps for implementing the method embodiments may be implemented by hardware related to program instructions, and the program may be stored in a computer readable storage medium, and when executed, the program performs the steps including the method embodiments; and the aforementioned storage medium includes: a mobile storage device, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
Alternatively, the integrated unit of the invention may be stored in a computer-readable storage medium if it is implemented in the form of a software functional module and sold or used as a separate product. Based on such understanding, the technical solutions of the embodiments of the present invention may be essentially implemented or a part contributing to the prior art may be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the above methods of the embodiments of the present invention. And the aforementioned storage medium includes: a removable storage device, a ROM, a RAM, a magnetic or optical disk, or various other media that can store program code.
Based on the same technical concept, the embodiment of the present application also provides a computer-readable storage medium, which stores computer instructions that, when executed on a computer, cause the computer to execute the simulated account login method as discussed above.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present application without departing from the spirit and scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.
Claims (10)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011137356.1A CN112214743A (en) | 2020-10-22 | 2020-10-22 | Method, device, equipment and storage medium for simulating account login |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011137356.1A CN112214743A (en) | 2020-10-22 | 2020-10-22 | Method, device, equipment and storage medium for simulating account login |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112214743A true CN112214743A (en) | 2021-01-12 |
Family
ID=74054720
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011137356.1A Pending CN112214743A (en) | 2020-10-22 | 2020-10-22 | Method, device, equipment and storage medium for simulating account login |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112214743A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116820624A (en) * | 2023-08-29 | 2023-09-29 | 阿里健康科技(中国)有限公司 | Method, device, equipment and medium for sending and processing operation instruction |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2013149238A (en) * | 2011-12-22 | 2013-08-01 | Canon Marketing Japan Inc | Information processing device, information processing method, and program |
| US20140137226A1 (en) * | 2011-07-20 | 2014-05-15 | Tencent Technology (Shenzhen) Company Ltd. | Method and System for Processing Identity Information |
| CN104735021A (en) * | 2013-12-18 | 2015-06-24 | 腾讯科技(深圳)有限公司 | Account login method, device and system |
| CN107359996A (en) * | 2016-05-09 | 2017-11-17 | 阿里巴巴集团控股有限公司 | Automatic logging method and device between more websites |
| CN111191198A (en) * | 2019-11-25 | 2020-05-22 | 京东数字科技控股有限公司 | Account information processing method and device, computer readable medium and electronic equipment |
-
2020
- 2020-10-22 CN CN202011137356.1A patent/CN112214743A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140137226A1 (en) * | 2011-07-20 | 2014-05-15 | Tencent Technology (Shenzhen) Company Ltd. | Method and System for Processing Identity Information |
| JP2013149238A (en) * | 2011-12-22 | 2013-08-01 | Canon Marketing Japan Inc | Information processing device, information processing method, and program |
| CN104735021A (en) * | 2013-12-18 | 2015-06-24 | 腾讯科技(深圳)有限公司 | Account login method, device and system |
| CN107359996A (en) * | 2016-05-09 | 2017-11-17 | 阿里巴巴集团控股有限公司 | Automatic logging method and device between more websites |
| CN111191198A (en) * | 2019-11-25 | 2020-05-22 | 京东数字科技控股有限公司 | Account information processing method and device, computer readable medium and electronic equipment |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116820624A (en) * | 2023-08-29 | 2023-09-29 | 阿里健康科技(中国)有限公司 | Method, device, equipment and medium for sending and processing operation instruction |
| CN116820624B (en) * | 2023-08-29 | 2023-12-01 | 阿里健康科技(中国)有限公司 | Method, device, equipment and medium for sending and processing operation instruction |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10379818B2 (en) | Multi-tenant, tenant-specific applications | |
| US9792006B2 (en) | Automatic lifecycle management for pages on a mobile application | |
| US20150088982A1 (en) | Load balanced inter-device messaging | |
| US10152660B2 (en) | Smart card read/write method and apparatus | |
| US10394577B2 (en) | Method and apparatus for automatic processing of service requests on an electronic device | |
| TW201839593A (en) | Interaction processing method and device | |
| WO2019205718A1 (en) | Method and device for sharing hosted applications | |
| US11882154B2 (en) | Template representation of security resources | |
| US10027644B2 (en) | Analysis with embedded electronic spreadsheets | |
| US10372512B2 (en) | Method and apparatus for automatic processing of service requests on an electronic device | |
| KR20150004817A (en) | User interface web services | |
| US20150227630A1 (en) | Caching queries for dynamic webpages | |
| US11556608B2 (en) | Caching for single page web applications | |
| CN112214743A (en) | Method, device, equipment and storage medium for simulating account login | |
| US12067422B2 (en) | Dynamically acquiring scoped permissions to perform operations in compute capacity and resources | |
| US11671383B2 (en) | Natural language service interaction through an inbox | |
| US20160378574A1 (en) | Integration and synchronization using a virtual data provider | |
| US9753788B2 (en) | Extensibility of engines in computing systems | |
| CN115437725A (en) | Information interaction method and device and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |