CN114338132A - Secret-free login method, client application, operator server and electronic equipment - Google Patents
Secret-free login method, client application, operator server and electronic equipment Download PDFInfo
- Publication number
- CN114338132A CN114338132A CN202111605156.9A CN202111605156A CN114338132A CN 114338132 A CN114338132 A CN 114338132A CN 202111605156 A CN202111605156 A CN 202111605156A CN 114338132 A CN114338132 A CN 114338132A
- Authority
- CN
- China
- Prior art keywords
- mobile phone
- phone number
- electronic device
- dynamic
- query request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 98
- 230000006855 networking Effects 0.000 claims abstract description 74
- 238000012790 confirmation Methods 0.000 claims description 29
- 238000012795 verification Methods 0.000 description 14
- 238000010586 diagram Methods 0.000 description 12
- 238000004590 computer program Methods 0.000 description 8
- 238000004891 communication Methods 0.000 description 5
- 230000003993 interaction Effects 0.000 description 3
- 238000011161 development Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000006978 adaptation Effects 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Landscapes
- Telephonic Communication Services (AREA)
Abstract
本申请提供的免密登录方法、客户端应用、运营商服务器及电子设备,当应用于客户端应用时,该方法包括:接收用户的免密登录请求;获取电子设备当前联网的运营商标识以及电子设备当前联网的动态IP;确定运营商标识对应的服务接口,并通过服务接口向运营商标识对应的运营商服务器发送查询请求,查询请求中包括动态IP;接收运营商服务器依据查询请求中的动态IP确定第二手机号码,比对第一手机号以及第二手机号,若比对结果一致,则执行登录操作。通过上述免密登录方式,可以确保当前电子设备所联网的手机号与登录客户端应用的手机号一致时,才可实现免密登录,即确保客户端应用在通过手机号免密登录时,其余电子设备无法通过该手机号实现登录。
The password-free login method, client application, operator server and electronic device provided by this application, when applied to the client application, the method includes: receiving a user's password-free login request; The dynamic IP of the current networking of the electronic device; determine the service interface corresponding to the operator identification, and send a query request to the operator server corresponding to the operator identification through the service interface, and the query request includes the dynamic IP; receive the operator server according to the query request. The dynamic IP determines the second mobile phone number, compares the first mobile phone number and the second mobile phone number, and performs a login operation if the comparison results are consistent. Through the above password-free login method, it can be ensured that the password-free login can be realized only when the mobile phone number connected to the current electronic device is the same as the mobile phone number used to log in to the client application, that is, when the client application logs in without password through the mobile phone number, the rest of the Electronic devices cannot log in with this mobile phone number.
Description
技术领域technical field
本申请涉及通信领域,尤其涉及一种免密登录方法、客户端应用、运营商服务器及电子设备。The present application relates to the field of communications, and in particular, to a password-free login method, a client application, an operator server, and an electronic device.
背景技术Background technique
随着电子技术的不断发展,目前在用户在登录使用各种应用时,通常采用登录账号以及验证码的认证方式,实现应用的登录。With the continuous development of electronic technology, at present, when a user logs in to use various applications, an authentication method of a login account and a verification code is usually used to realize application login.
然而,当采用上述登录方法时,若验证码被其余用户恶意获取时,则其余用户可以在其它设备上采用恶意获取的验证码实现应用登陆,无法确保该登录账号对应的数据的信息安全,即上述登录方法无法确保登录账号与登录的电子设备之间的一一对应的绑定关系,使得同一账号会被其余用户恶意在其它电子设备上登录,造成数据泄露。However, when the above login method is used, if the verification code is maliciously obtained by other users, the remaining users can use the maliciously obtained verification code to log in to the application on other devices, and the information security of the data corresponding to the login account cannot be guaranteed, that is, The above login method cannot ensure a one-to-one binding relationship between the login account and the logged in electronic device, so that the same account may be maliciously logged in by other users on other electronic devices, resulting in data leakage.
发明内容SUMMARY OF THE INVENTION
本申请提供一种免密登录方法、客户端应用、运营商服务器及电子设备,用以解决相关技术中登录方法,无法确保登录账号与登录设备之间的一一对应的绑定关系,容易引起数据安全的问题。This application provides a password-free login method, a client application, an operator server and an electronic device, which are used to solve the problem that the login method in the related art cannot ensure the one-to-one binding relationship between the login account and the login device, which is easy to cause data security issues.
第一方面,本申请提供一种免密登录方法,应用于电子设备中的客户端应用,所述方法包括:In a first aspect, the present application provides a password-free login method, which is applied to a client application in an electronic device, and the method includes:
接收用户的免密登录请求,其中,所述免密登录请求中包括第一手机号;receiving a password-free login request from a user, wherein the password-free login request includes a first mobile phone number;
获取所述电子设备当前联网的运营商标识以及所述电子设备当前联网的动态IP;Obtain the operator identifier of the current network of the electronic device and the dynamic IP of the current network of the electronic device;
确定所述运营商标识对应的服务接口,并通过所述服务接口向所述运营商标识对应的运营商服务器发送查询请求,所述查询请求中包括所述动态IP;determining the service interface corresponding to the operator identification, and sending a query request to the operator server corresponding to the operator identification through the service interface, where the query request includes the dynamic IP;
接收所述运营商服务器依据所述查询请求中的动态IP确定的所述动态IP对应的第二手机号码,并比对所述第一手机号以及所述第二手机号;receiving the second mobile phone number corresponding to the dynamic IP determined by the operator server according to the dynamic IP in the query request, and comparing the first mobile phone number and the second mobile phone number;
若所述第一手机号以及所述第二手机号比对结果一致,则执行登录操作。If the comparison results of the first mobile phone number and the second mobile phone number are consistent, a login operation is performed.
在一种可能的实现方式中,所述接收用户的免密登录请求之前,所述方法还包括:In a possible implementation manner, before receiving the user's password-free login request, the method further includes:
接收用户的登录提示信息,向用户发送至少一个预先存储的手机号,其中,所述预先存储的手机号包括所述第一手机号。The login prompt information of the user is received, and at least one pre-stored mobile phone number is sent to the user, wherein the pre-stored mobile phone number includes the first mobile phone number.
在一种可能的实现方式中,所述获取所述电子设备当前联网的运营商标识以及所述电子设备当前联网的动态IP,包括:In a possible implementation manner, the obtaining the operator identifier of the electronic device currently connected to the Internet and the dynamic IP of the electronic device currently connected to the Internet include:
通过所述电子设备获取当前联网的第三手机号;Obtain the third mobile phone number currently connected to the Internet through the electronic device;
对比所述第一手机号以及所述第三手机号,若一致,则获取所述电子设备当前联网的运营商标识以及所述电子设备当前联网的动态IP。The first mobile phone number and the third mobile phone number are compared, and if they are consistent, the operator identifier of the electronic device currently connected to the Internet and the dynamic IP of the electronic device currently connected to the Internet are acquired.
在一种可能的实现方式中,所述方法还包括:In a possible implementation, the method further includes:
若所述第一手机号以及所述第三手机号不一致,则向用户发送第一提示信息,所述第一提示信息用于提示用户切换当前联网网络。If the first mobile phone number and the third mobile phone number are inconsistent, first prompt information is sent to the user, and the first prompt information is used to prompt the user to switch the current network network.
在一种可能的实现方式中,所述获取所述电子设备当前联网的运营商标识以及所述电子设备当前联网的动态IP,包括:In a possible implementation manner, the obtaining the operator identifier of the electronic device currently connected to the Internet and the dynamic IP of the electronic device currently connected to the Internet include:
确定所述电子设备当前联网方式,所述联网方式包括:无线连接方式、移动数据连接方式;Determine the current networking mode of the electronic device, where the networking mode includes: a wireless connection mode and a mobile data connection mode;
若所述联网方式为移动数据联网方式,则获取所述电子设备当前联网的运营商标识以及所述电子设备当前联网的动态IP。If the networking method is a mobile data networking method, the operator identifier of the electronic device currently connected to the network and the dynamic IP of the electronic device currently connected to the network are acquired.
在一种可能的实现方式中,所述方法还包括:In a possible implementation, the method further includes:
若所述联网方式为无线联网方式,则向用户发送第二提示信息,所述第二提示信息用于提示用户切换联网方式为移动数据联网方式。If the networking mode is the wireless networking mode, second prompt information is sent to the user, and the second prompt information is used to prompt the user to switch the networking mode to the mobile data networking mode.
在一种可能的实现方式中,所述方法还包括:In a possible implementation, the method further includes:
若比对结果不一致,则向用户发送网络确认信息,所述网络确认信息用于指示用户确认所述免密登录请求中的第一手机号与所述电子设备当前联网的第三手机号是否一致。If the comparison results are inconsistent, network confirmation information is sent to the user, and the network confirmation information is used to instruct the user to confirm whether the first mobile phone number in the password-free login request is consistent with the third mobile phone number currently connected to the electronic device. .
在一种可能的实现方式中,所述获取所述电子设备当前联网的运营商标识以及所述电子设备当前联网的动态IP,包括:In a possible implementation manner, the obtaining the operator identifier of the electronic device currently connected to the Internet and the dynamic IP of the electronic device currently connected to the Internet include:
向用户发送网络确认信息,所述网络确认信息用于指示用户确认所述免密登录请求中的第一手机号与所述电子设备当前联网的第三手机号是否一致;Sending network confirmation information to the user, where the network confirmation information is used to instruct the user to confirm whether the first mobile phone number in the password-free login request is consistent with the third mobile phone number currently connected to the electronic device;
若接收到确认一致信息,则获取所述电子设备当前联网的运营商标识以及所述电子设备当前联网的动态IP。If the confirmation consistent information is received, the operator identifier of the current network of the electronic device and the dynamic IP of the current network of the electronic device are acquired.
在一种可能的实现方式中,所述通过所述服务接口向所述运营商标识对应的运营商服务器发送查询请求,包括:In a possible implementation manner, the sending a query request to the operator server corresponding to the operator identifier through the service interface includes:
依据预设算法对所述查询请求进行加密处理得到加密后的查询请求;Encrypting the query request according to a preset algorithm to obtain an encrypted query request;
通过所述服务接口向所述运营商标识对应的运营商服务器发送加密后的查询请求。Send the encrypted query request to the operator server corresponding to the operator identification through the service interface.
第二方面,本申请提供一种免密登录方法,应用于运营商服务器,所述方法包括:In a second aspect, the present application provides a password-free login method, which is applied to an operator server, and the method includes:
接收客户端应用通过所述运营商服务器对应的服务接口发送的查询请求,所述查询请求中包括动态IP;receiving a query request sent by a client application through a service interface corresponding to the operator server, where the query request includes a dynamic IP;
依据所述查询请求中的动态IP,确定所述动态IP对应的第二手机号码;Determine the second mobile phone number corresponding to the dynamic IP according to the dynamic IP in the query request;
向所述客户端应用发送所述第二手机号码。Send the second mobile phone number to the client application.
在一种可能的实现方式中,所述查询请求为加密后的查询请求;所述依据所述查询请求中的动态IP,确定所述动态IP对应的第二手机号码,包括:In a possible implementation manner, the query request is an encrypted query request; the determining the second mobile phone number corresponding to the dynamic IP according to the dynamic IP in the query request includes:
依据预设算法对所述加密后的查询请求进行解密处理,得到所述查询请求中的动态IP;Decrypt the encrypted query request according to a preset algorithm to obtain the dynamic IP in the query request;
依据所述动态IP,确定所述动态IP对应的第二手机号码。According to the dynamic IP, the second mobile phone number corresponding to the dynamic IP is determined.
第三方面,本申请提供一种客户端应用,所述客户端应用包括:In a third aspect, the present application provides a client application, where the client application includes:
第一接收单元,用于接收用户的免密登录请求,其中,所述免密登录请求中包括第一手机号;a first receiving unit, configured to receive a password-free login request from a user, wherein the password-free login request includes a first mobile phone number;
获取单元,用于获取所述电子设备当前联网的运营商标识以及所述电子设备当前联网的动态IP;an obtaining unit, configured to obtain the operator identifier of the electronic device currently connected to the Internet and the dynamic IP of the electronic device currently connected to the Internet;
第一确定单元,用于确定所述运营商标识对应的服务接口,并通过所述服务接口向所述运营商标识对应的运营商服务器发送查询请求,所述查询请求中包括所述动态IP;a first determining unit, configured to determine a service interface corresponding to the operator identification, and send a query request to an operator server corresponding to the operator identification through the service interface, where the query request includes the dynamic IP;
比对单元,用于接收所述运营商服务器依据所述查询请求中的动态IP确定的所述动态IP对应的第二手机号码,并比对所述第一手机号以及所述第二手机号;A comparison unit, configured to receive the second mobile phone number corresponding to the dynamic IP determined by the operator server according to the dynamic IP in the query request, and compare the first mobile phone number and the second mobile phone number ;
登录单元,用于若所述第一手机号以及所述第二手机号比对结果一致,则执行登录操作。A login unit, configured to perform a login operation if the comparison results of the first mobile phone number and the second mobile phone number are consistent.
在一种可能的实现方式中,所述客户端应用还包括:第二接收单元,用于在所述第一接收单元接收用户的免密登录请求之前,接收用户的登录提示信息,向用户发送至少一个预先存储的手机号,其中,所述预先存储的手机号包括所述第一手机号。In a possible implementation manner, the client application further includes: a second receiving unit, configured to receive the user's login prompt information before the first receiving unit receives the user's password-free login request, and send it to the user At least one pre-stored mobile phone number, wherein the pre-stored mobile phone number includes the first mobile phone number.
在一种可能的实现方式中,所述获取单元,包括:In a possible implementation manner, the obtaining unit includes:
第一获取模块,用于通过所述电子设备获取当前联网的第三手机号;a first obtaining module, configured to obtain a third mobile phone number currently connected to the Internet through the electronic device;
比对模块,用于对比所述第一手机号以及所述第三手机号,若一致,则获取所述电子设备当前联网的运营商标识以及所述电子设备当前联网的动态IP。The comparison module is configured to compare the first mobile phone number and the third mobile phone number, and if they are consistent, obtain the operator identifier of the electronic device currently connected to the Internet and the dynamic IP of the electronic device currently connected to the Internet.
在一种可能的实现方式中,所述获取单元还包括:In a possible implementation manner, the obtaining unit further includes:
第一提示模块,用于若所述第一手机号以及所述第三手机号不一致,则向用户发送第一提示信息,所述第一提示信息用于提示用户切换当前联网网络。The first prompt module is configured to send first prompt information to the user if the first mobile phone number and the third mobile phone number are inconsistent, where the first prompt information is used to prompt the user to switch the current network network.
在一种可能的实现方式中,所述获取单元,包括:In a possible implementation manner, the obtaining unit includes:
第一确定模块,用于确定所述电子设备当前联网方式,所述联网方式包括:无线连接方式、移动数据连接方式;a first determining module, configured to determine the current networking mode of the electronic device, where the networking mode includes: a wireless connection mode and a mobile data connection mode;
第二获取模块,用于若所述联网方式为移动数据联网方式,则获取所述电子设备当前联网的运营商标识以及所述电子设备当前联网的动态IP。The second acquiring module is configured to acquire, if the networking mode is the mobile data networking mode, the operator identifier of the current networking of the electronic device and the dynamic IP of the electronic device currently networking.
在一种可能的实现方式中,所述获取单元,还包括:In a possible implementation manner, the obtaining unit further includes:
第二提示模块,用于若所述联网方式为无线联网方式,则向用户发送第二提示信息,所述第二提示信息用于提示用户切换联网方式为移动数据联网方式。The second prompting module is configured to send second prompt information to the user if the networking mode is wireless networking, where the second prompt information is used to prompt the user to switch the networking mode to the mobile data networking mode.
在一种可能的实现方式中,客户端应用还包括:In a possible implementation manner, the client application further includes:
确认单元,用于若比对结果不一致,则向用户发送网络确认信息,所述网络确认信息用于指示用户确认所述免密登录请求中的第一手机号与所述电子设备当前联网的第三手机号是否一致;The confirmation unit is configured to send network confirmation information to the user if the comparison results are inconsistent, and the network confirmation information is used to instruct the user to confirm that the first mobile phone number in the password-free login request is the first mobile phone number currently connected to the electronic device. Whether the three mobile phone numbers are the same;
在一种可能的实现方式中,所述获取单元,包括:In a possible implementation manner, the obtaining unit includes:
发送模块,用于向用户发送网络确认信息,所述网络确认信息用于指示用户确认所述免密登录请求中的第一手机号与所述电子设备当前联网的第三手机号是否一致;a sending module, configured to send network confirmation information to the user, where the network confirmation information is used to instruct the user to confirm whether the first mobile phone number in the password-free login request is consistent with the third mobile phone number currently connected to the electronic device;
接收模块,用于若接收到确认一致信息,则获取所述电子设备当前联网的运营商标识以及所述电子设备当前联网的动态IP。The receiving module is configured to acquire the operator identifier of the current network of the electronic device and the dynamic IP of the current network of the electronic device if the confirmation consistent information is received.
在一种可能的实现方式中,所述第一确定单元具体用于依据预设算法对所述查询请求进行加密处理得到加密后的查询请求;通过所述服务接口向所述运营商标识对应的运营商服务器发送加密后的查询请求。In a possible implementation manner, the first determining unit is specifically configured to encrypt the query request according to a preset algorithm to obtain an encrypted query request; identify the corresponding query request to the operator through the service interface The carrier server sends the encrypted query request.
第四方面,本申请提供一种运营商服务器,包括:In a fourth aspect, the present application provides an operator server, including:
第三接收单元,接收客户端应用通过所述运营商服务器对应的服务接口发送的查询请求,所述查询请求中包括动态IP;a third receiving unit, receiving a query request sent by a client application through a service interface corresponding to the operator server, where the query request includes a dynamic IP;
第二确定单元,用于依据所述查询请求中的动态IP,确定所述动态IP对应的第二手机号码;a second determining unit, configured to determine the second mobile phone number corresponding to the dynamic IP according to the dynamic IP in the query request;
发送单元,用于向所述客户端应用发送所述第二手机号码。A sending unit, configured to send the second mobile phone number to the client application.
在一种可能的实现方式中,所述查询请求为加密后的查询请求;所述第二确定单元包括:In a possible implementation manner, the query request is an encrypted query request; the second determining unit includes:
解密模块,用于依据预设算法对所述加密后的查询请求进行解密处理,得到所述查询请求中的动态IP;a decryption module, configured to decrypt the encrypted query request according to a preset algorithm, and obtain the dynamic IP in the query request;
第二确定模块,用于依据所述动态IP,确定所述动态IP对应的第二手机号码。The second determining module is configured to determine the second mobile phone number corresponding to the dynamic IP according to the dynamic IP.
第五方面,本申请提供一种电子设备,包括:存储器,处理器。In a fifth aspect, the present application provides an electronic device, comprising: a memory and a processor.
存储器,用于存储所述处理器可执行指令的存储器;a memory for storing the processor-executable instructions;
其中,所述处理器,用于根据所述可执行指令执行如第一方面任一项所述的方法。Wherein, the processor is configured to execute the method according to any one of the first aspect according to the executable instructions.
第六方面,本申请提供一种电子设备,包括:存储器,处理器。In a sixth aspect, the present application provides an electronic device, including: a memory and a processor.
存储器,用于存储所述处理器可执行指令的存储器;a memory for storing the processor-executable instructions;
其中,所述处理器,用于根据所述可执行指令执行如第二方面任一项所述的方法。Wherein, the processor is configured to execute the method according to any one of the second aspect according to the executable instructions.
第七方面,本申请一种计算机可读存储介质,所述计算机可读存储介质中存储有计算机执行指令,所述计算机执行指令被处理器执行时用于实现如第一方面任一项所述的方法。In a seventh aspect, the present application provides a computer-readable storage medium, where computer-executable instructions are stored in the computer-readable storage medium, and when the computer-executable instructions are executed by a processor, are used to implement any one of the first aspect. Methods.
第八方面,本申请一种计算机可读存储介质,所述计算机可读存储介质中存储有计算机执行指令,所述计算机执行指令被处理器执行时用于实现如第一方面任一项所述的方法。In an eighth aspect, the present application provides a computer-readable storage medium, where computer-executable instructions are stored in the computer-readable storage medium, and when the computer-executable instructions are executed by a processor, are used to implement any one of the first aspect. Methods.
第九方面,本申请提供一种计算机程序产品,包括计算机程序,该计算机程序被处理器执行时实现如第一方面任一项所述的方法。In a ninth aspect, the present application provides a computer program product, including a computer program, which implements the method according to any one of the first aspects when the computer program is executed by a processor.
第十方面,本申请提供一种计算机程序产品,包括计算机程序,该计算机程序被处理器执行时实现如第一方面任一项所述的方法。In a tenth aspect, the present application provides a computer program product, including a computer program, which implements the method according to any one of the first aspects when the computer program is executed by a processor.
本申请提供的免密登录方法、客户端应用、运营商服务器及电子设备,当应用于客户端应用时,该方法包括:接收用户的免密登录请求,其中,免密登录请求中包括第一手机号;获取电子设备当前联网的运营商标识以及电子设备当前联网的动态IP;确定运营商标识对应的服务接口,并通过服务接口向运营商标识对应的运营商服务器发送查询请求,查询请求中包括动态IP;接收所述运营商服务器依据查询请求中的动态IP确定的动态IP对应的第二手机号码,并比对第一手机号以及第二手机号;若所述第一手机号以及所述第二手机号比对结果一致,则执行登录操作。通过上述免密登录方式,可以确保当前电子设备所联网的手机号与登录客户端应用的手机号一致时,才可实现免密登录,即确保客户端应用在通过手机号免密登录时,其余电子设备无法通过该手机号实现登录。The password-free login method, client application, operator server and electronic device provided by the present application, when applied to the client application, the method includes: receiving a user's password-free login request, wherein the password-free login request includes the first Mobile phone number; obtain the current networked operator ID of the electronic device and the current dynamic IP of the electronic device; determine the service interface corresponding to the operator ID, and send a query request to the operator server corresponding to the operator ID through the service interface. Including dynamic IP; receive the second mobile phone number corresponding to the dynamic IP determined by the operator server according to the dynamic IP in the query request, and compare the first mobile phone number and the second mobile phone number; if the first mobile phone number and all If the comparison result of the second mobile phone number is consistent, the login operation is performed. Through the above password-free login method, it can be ensured that the password-free login can be realized only when the mobile phone number connected to the current electronic device is the same as the mobile phone number used to log in to the client application. Electronic devices cannot log in through this mobile phone number.
附图说明Description of drawings
此处的附图被并入说明书中并构成本说明书的一部分,示出了符合本申请的实施例,并与说明书一起用于解释本申请的原理。The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the application and together with the description serve to explain the principles of the application.
图1为本申请实施例提供的一种免密登录方法的流程示意图;1 is a schematic flowchart of a password-free login method provided by an embodiment of the present application;
图2为本申请实施例提供的一种获取运营商标识和动态IP的方法的流程示意图;2 is a schematic flowchart of a method for obtaining an operator identifier and a dynamic IP according to an embodiment of the present application;
图3为本申请实施例提供的又一种获取运营商标识和动态IP的方法的流程示意图;3 is a schematic flowchart of another method for obtaining an operator identifier and a dynamic IP provided by an embodiment of the present application;
图4为本申请实施例提供的一种免密登录方法的流程示意图;4 is a schematic flowchart of a password-free login method provided by an embodiment of the present application;
图5为本申请实施例提供的一种免密登录方法的交互流程示意图;5 is a schematic diagram of an interaction flow of a password-free login method provided by an embodiment of the present application;
图6为本申请实施例提供一种客户端应用的结构示意图;FIG. 6 provides a schematic structural diagram of a client application according to an embodiment of the present application;
图7为本申请实施例提供另一种客户端应用的结构示意图;FIG. 7 is a schematic structural diagram of another client application according to an embodiment of the present application;
图8为本申请实施例提供一种运营商服务器的结构示意图;FIG. 8 provides a schematic structural diagram of an operator server according to an embodiment of the present application;
图9为本申请实施例提供又一种运营商服务器的结构示意图;FIG. 9 provides a schematic structural diagram of another operator server according to an embodiment of the present application;
图10为本申请实施例提供的一种电子设备的结构示意图。FIG. 10 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
通过上述附图,已示出本申请明确的实施例,后文中将有更详细的描述。这些附图和文字描述并不是为了通过任何方式限制本申请构思的范围,而是通过参考特定实施例为本领域技术人员说明本申请的概念。Specific embodiments of the present application have been shown by the above-mentioned drawings, and will be described in more detail hereinafter. These drawings and written descriptions are not intended to limit the scope of the concepts of the present application in any way, but to illustrate the concepts of the present application to those skilled in the art by referring to specific embodiments.
具体实施方式Detailed ways
这里将详细地对示例性实施例进行说明,其示例表示在附图中。下面的描述涉及附图时,除非另有表示,不同附图中的相同数字表示相同或相似的要素。以下示例性实施例中所描述的实施方式并不代表与本申请相一致的所有实施方式。相反,它们仅是与如所附权利要求书中所详述的、本申请的一些方面相一致的装置和方法的例子。Exemplary embodiments will be described in detail herein, examples of which are illustrated in the accompanying drawings. Where the following description refers to the drawings, the same numerals in different drawings refer to the same or similar elements unless otherwise indicated. The implementations described in the illustrative examples below are not intended to represent all implementations consistent with this application. Rather, they are merely examples of apparatus and methods consistent with some aspects of the present application as recited in the appended claims.
随着电子技术的不断发展,目前在用户在登录使用各种应用时,通常采用账号以及验证码的认证方式,实现应用的登录。然而,当采用上述登录方法时,若验证码被其余用户恶意获取时,则其余用户可以在其它设备上采用恶意获取的验证码实现应用登陆,无法确保登录账户中的信息安全。With the continuous development of electronic technology, at present, when a user logs in to use various applications, an authentication method of an account number and a verification code is usually used to realize the login of the application. However, when the above login method is adopted, if the verification code is maliciously obtained by other users, the remaining users can use the maliciously obtained verification code to log in the application on other devices, which cannot ensure the security of the information in the login account.
例如,对于金融类的应用程序而言,当采用账号与验证码的登录方式进行验证登录时,若验证码被其余用户恶意截获,则其余用户可在其它设备上利用获取的验证码实现应用程序的登录。即,上述登录方法无法确保登录账号与登录的电子设备之间的绑定关系,使得同一账号会被其余用户恶意在其它电子设备上登录,造成数据泄露。For example, for financial applications, when the login method of account number and verification code is used for verification and login, if the verification code is maliciously intercepted by other users, the remaining users can use the obtained verification code on other devices to implement the application. login. That is, the above login method cannot ensure the binding relationship between the login account and the logged in electronic device, so that the same account may be maliciously logged in by other users on other electronic devices, resulting in data leakage.
本申请提供的免密登录方法、客户端应用、运营商服务器及电子设备,用以解决上述技术问题。The password-free login method, client application, operator server and electronic device provided in this application are used to solve the above technical problems.
下面以具体地实施例对本申请的技术方案以及本申请的技术方案如何解决上述技术问题进行详细说明。下面这几个具体的实施例可以相互结合,对于相同或相似的概念或过程可能在某些实施例中不再赘述。下面将结合附图,对本申请的实施例进行描述。The technical solutions of the present application and how the technical solutions of the present application solve the above-mentioned technical problems will be described in detail below with specific examples. The following specific embodiments may be combined with each other, and the same or similar concepts or processes may not be repeated in some embodiments. The embodiments of the present application will be described below with reference to the accompanying drawings.
图1为本申请实施例提供的一种免密登录方法的流程示意图,应用于电子设备中的客户端应用,方法包括:1 is a schematic flowchart of a password-free login method provided by an embodiment of the present application, which is applied to a client application in an electronic device, and the method includes:
S101、接收用户的免密登录请求,其中,免密登录请求中包括第一手机号。S101. Receive a password-free login request from a user, where the password-free login request includes a first mobile phone number.
示例性地,本申请实施例提供一种免密登录方法,该登录方法无需输入校验码或者密码,且该登录方法可以应用于电子设备,具体地,可以应用于电子设备中集成有免密登录功能的SDK(Software Development Kit,软件开发工具包)。Exemplarily, the embodiment of the present application provides a password-free login method, which does not require inputting a check code or a password, and the login method can be applied to an electronic device, specifically, it can be applied to an electronic device integrated with a password-free login method. The SDK (Software Development Kit) of the login function.
一个示例中,接收到的用户免密登录请求可以为用户通过触发客户端应用的操作界面中的免密登录确认按钮后所生成的免密登录请求,具体地,对于用户触发免密登录按钮的方式可以为点击或者滑动等,本示例中不做具体限制,In an example, the received user password-free login request may be the password-free login request generated by the user by triggering the password-free login confirmation button in the operation interface of the client application. The method can be click or slide, etc. There is no specific limitation in this example.
一个示例中,用户登录请求中所包含的第一手机号码,可以为在客户端应用操作界面输入的手机号码,也可以为客户端应用的操作界面开启之后,推送给用户的手机号码。例如,当用户打开相应的客户端应用操作界面之后,客户端应用会监测到用户的操作行为,并将用户之前使用过的登录手机号推送给用户。In an example, the first mobile phone number included in the user login request may be the mobile phone number entered in the operation interface of the client application, or the mobile phone number pushed to the user after the operation interface of the client application is enabled. For example, after the user opens the corresponding operation interface of the client application, the client application will monitor the operation behavior of the user, and push the user's previously used login mobile phone number to the user.
S102、获取电子设备当前联网的运营商标识以及电子设备当前联网的动态IP。S102: Acquire the operator identifier of the current networking of the electronic device and the dynamic IP of the current networking of the electronic device.
示例性地,由于各大运营商所具有的IP资源是有限,因此当电子设备需要联网时,通常是运营商依据电子设备的联网请求随机将空闲的IP地址给电子设备,也就是为电子设备分配动态IP,进而实现电子设备的联网。Exemplarily, since the IP resources possessed by major operators are limited, when an electronic device needs to be connected to the Internet, the operator usually randomly assigns an idle IP address to the electronic device according to the network connection request of the electronic device, that is, for the electronic device. Allocate dynamic IP to realize networking of electronic devices.
当客户端应用接收到用户的登录请求之后,获取当前客户端应用所处的电子设备当前联网的动态IP地址以及该电子设备当前所连接的网络所归属的运营商标识。After the client application receives the user's login request, it acquires the current networked dynamic IP address of the electronic device where the current client application is located and the operator identifier to which the network to which the electronic device is currently connected belongs.
一个示例中,在确定当前所连接的网络所归属的运营商时,可以依据电子设备联网所使用的基站信息、电子设备的短信中心号码或者手机卡序列号进行获取。In an example, when determining the operator to which the currently connected network belongs, it can be obtained according to the base station information used by the electronic device for networking, the short message center number of the electronic device or the serial number of the mobile phone card.
一个示例中,在电子设备中存储有运营商服务器分配的动态IP,客户端应用可直接读取设备中所存储的动态IP。In one example, a dynamic IP assigned by an operator server is stored in the electronic device, and the client application can directly read the dynamic IP stored in the device.
S103、确定运营商标识对应的服务接口,并通过服务接口向运营商标识对应的运营商服务器发送查询请求,查询请求中包括动态IP。S103: Determine a service interface corresponding to the operator identifier, and send a query request to an operator server corresponding to the operator identifier through the service interface, where the query request includes a dynamic IP.
示例性地,在客户端应用中还设置有与多个运营商服务器建立连接关系的服务接口,且服务接口与运营商标识之间一一对应。当确定出当前电子设备联网的运营商标识之后,可以依据服务接口与运营商标识之间的对应关系确定出与当前运营商标识对应的服务接口。之后,通过该服务接口,向该运营商标识对应的运营商服务器发送查询请求,其中,该查询请求用于请求运营商服务器查找请求中所包含的动态IP所对应的手机号码,即第二手机号码。Exemplarily, the client application is also provided with a service interface that establishes a connection relationship with a plurality of operator servers, and there is a one-to-one correspondence between the service interface and the operator identifier. After the operator identification of the current networked electronic device is determined, the service interface corresponding to the current operator identification can be determined according to the correspondence between the service interface and the operator identification. Afterwards, a query request is sent to the operator server corresponding to the operator identification through the service interface, wherein the query request is used to request the operator server to find the mobile phone number corresponding to the dynamic IP included in the request, that is, the second mobile phone Number.
S104、接收运营商服务器依据查询请求中的动态IP确定的动态IP对应的第二手机号码,并比对第一手机号以及第二手机号。S104: Receive the second mobile phone number corresponding to the dynamic IP determined by the operator server according to the dynamic IP in the query request, and compare the first mobile phone number with the second mobile phone number.
S105、若第一手机号以及第二手机号比对结果一致,则执行登录操作。S105 , if the comparison results of the first mobile phone number and the second mobile phone number are consistent, perform a login operation.
示例性地,在客户端应用接收到运营商服务器依据动态IP确定的第二手机号码时,会将该第二手机号码与接收到的用户免密登录请求中的第一手机号码进行比对,进而当比对结果一致时,则表明当前客户端应用的登录的手机号与当前电子设备联网的手机号一致,则此时可继续执行登录操作。Exemplarily, when the client application receives the second mobile phone number determined by the operator server according to the dynamic IP, it will compare the second mobile phone number with the first mobile phone number in the received user password-free login request, Furthermore, when the comparison results are consistent, it indicates that the logged-in mobile phone number of the current client application is consistent with the current mobile phone number of the electronic device connected to the Internet, and the login operation can be continued at this time.
一个示例中,在步骤S104之后,还包括以下步骤,若客户端应用确定第一手机号与第二手机号不一致,则表明当前登录客户端的手机号与当前电子设备联网的手机号不一致,则此时拒绝登录,即向用户推送登录失败的信息。In an example, after step S104, the following steps are further included. If the client application determines that the first mobile phone number is inconsistent with the second mobile phone number, it means that the mobile phone number currently logged into the client is inconsistent with the mobile phone number currently connected to the electronic device, then this When the login is rejected, the login failure information is pushed to the user.
本实施例中所提供的免密登录方式中,通过将电子设备对应的动态IP传输给运营商服务器并且基于运营商服务器依据动态IP确定的第二手机号与客户端接收到的登录请求中的手机号进行比对,进而当比对结果一致时,才可以执行登录操作。通过上述免密登录方式,可以确保当前电子设备所对应的手机号(即,通过动态IP查询到的手机号)与登录客户端应用的手机号一致时,才可实现免密登录,即确保客户端应用在通过手机号免密登录时,其余电子设备(即,搭载其余手机号码的电子设备)无法通过该手机号实现登录。并且,该方法相较于通过短信验证码的登录方式,缩短了验证时间,提高了用户体验。In the password-free login method provided in this embodiment, the dynamic IP corresponding to the electronic device is transmitted to the operator server and based on the second mobile phone number determined by the operator server according to the dynamic IP and the login request received by the client The mobile phone number is compared, and the login operation can be performed only when the comparison results are consistent. Through the above password-free login method, it can be ensured that the mobile phone number corresponding to the current electronic device (that is, the mobile phone number queried through the dynamic IP) is the same as the mobile phone number used to log in to the client application. When the terminal application uses the mobile phone number to log in without password, other electronic devices (that is, electronic devices carrying other mobile phone numbers) cannot log in through the mobile phone number. Moreover, compared with the login method through the SMS verification code, the method shortens the verification time and improves the user experience.
在一些实施例中,在接收用户登录请求之前,即步骤S101之前,还包括以下步骤,接收用户的登录提示信息,其中该免密登录提示信息用于表征当前用户需要进行登录操作。In some embodiments, before receiving the user login request, that is, before step S101, the following step is further included: receiving the user's login prompt information, wherein the password-free login prompt information is used to indicate that the current user needs to perform a login operation.
举例来说,当用户在客户端应用的登陆界面上选择通过免密登录按钮之后,客户端应用会接收到用户登录提示信息,并且发送预先存储的至少一个手机号,其中,预先存储的手机号码包括第一手机号。举例来说,该预先存储的手机号可以为用户登录该客户端应用时所采用的登录手机号,也可以为从电子设备中查找到的当前电子设备所搭载手机卡的手机号码,例如,在一些搭载两个SIM卡的电子设备中,可以发送两个预先存储的手机号,其中,这两个手机号可以由用户预先设置有两个手机卡对应的手机号码,也可以是通过SIM卡确定出的手机号码,此处不做具体限制。进而,通过上述方法,用户可以依据客户端应用发送的预先存储的手机号,选择当前需要登录的手机号码,并将该选择的号码作为免密登录请求中的第一手机号码,免去了用户手动输入需要登录的第一手机号的步骤,提升用户体验。For example, after the user selects the password-free login button on the login interface of the client application, the client application will receive the user login prompt information, and send at least one pre-stored mobile phone number, wherein the pre-stored mobile phone number Include the first phone number. For example, the pre-stored mobile phone number may be the login mobile phone number used by the user to log in the client application, or may be the mobile phone number of the mobile phone card mounted on the current electronic device found from the electronic device, for example, in In some electronic devices equipped with two SIM cards, two pre-stored mobile phone numbers can be sent, wherein the two mobile phone numbers can be preset by the user with the mobile phone numbers corresponding to the two mobile phone cards, or can be determined by the SIM card. There is no specific restriction here. Further, through the above method, the user can select the mobile phone number that needs to be logged in currently according to the pre-stored mobile phone number sent by the client application, and use the selected number as the first mobile phone number in the password-free login request, eliminating the need for the user to log in. The steps of manually entering the first mobile phone number to be logged in can improve the user experience.
在一些实施例中,在执行步骤S102时,即在获取电子设备当前联网的运营商标识以及电子设备当前联网的动态IP时,具体的,可以通过以下步骤实现。图2为本申请实施例提供的一种获取运营商标识和动态IP的方法的流程示意图,如图2所示,包括以下步骤:In some embodiments, when step S102 is performed, that is, when the operator identifier of the electronic device currently connected to the Internet and the dynamic IP of the electronic device currently connected to the Internet are obtained, specifically, the following steps can be used. FIG. 2 is a schematic flowchart of a method for obtaining an operator identifier and a dynamic IP provided by an embodiment of the present application, as shown in FIG. 2 , including the following steps:
S201、通过获取电子设备当前联网的第三手机号。S201, by acquiring a third mobile phone number currently connected to the electronic device.
示例性的,本实施例适用于搭载有多个手机卡的电子设备。当电子设备搭载多个手机卡时,此时,用户可以通过电子设备中的任一手机卡实现联网,则仅有正在联网的手机卡才被分配有对应的动态IP。为了避免用户选择登录的手机号码与当前联网的手机号码不一致时,直接通过运营商服务器获取手机号码进行校验会出现比对失败,无法登录的情况,本实施例中,在电子设备获取运营商标识以及动态IP之前,会首先获取当前电子设备联网所选用的第三手机号。Exemplarily, this embodiment is applicable to an electronic device equipped with multiple mobile phone cards. When the electronic device is equipped with multiple mobile phone cards, at this time, the user can realize networking through any mobile phone card in the electronic device, and only the mobile phone card that is being connected to the Internet is assigned a corresponding dynamic IP. In order to avoid the situation where the mobile phone number that the user chooses to log in is inconsistent with the mobile phone number currently connected to the Internet, the mobile phone number obtained directly from the operator's server for verification will fail to compare and cannot log in. In this embodiment, the operator is obtained from the electronic device. Before the identification and dynamic IP, the third mobile phone number selected by the current electronic device for networking will be obtained first.
一个示例中,在确认当前联网的第三手机号时,可以通过查找当前上网的手机卡以及用户设置的手机号码与手机卡之间的对应关系确定第三手机号。以手机为例,可以在设置中查询到每一手机卡对应的移动网络手机号码,则此时,客户端应用可以获取电子设备已经查询并存储在电子设备中的手机号码。In an example, when confirming the third mobile phone number currently connected to the Internet, the third mobile phone number can be determined by searching the mobile phone card currently connected to the Internet and the correspondence between the mobile phone number set by the user and the mobile phone card. Taking a mobile phone as an example, the mobile network mobile phone number corresponding to each mobile phone card can be queried in the settings. At this time, the client application can obtain the mobile phone number that has been queried by the electronic device and stored in the electronic device.
S202、对比第一手机号以及第三手机号,若一致,则获取电子设备当前联网的运营商标识以及电子设备当前联网的动态IP。S202. Compare the first mobile phone number and the third mobile phone number, and if they are the same, obtain the operator identifier of the current networked electronic device and the current networked dynamic IP of the electronic device.
S203、若确定第一手机号以及第三手机号不一致,则向用户发送第一提示信息,第一提示信息用于提示用户切换当前联网网络。S203. If it is determined that the first mobile phone number and the third mobile phone number are inconsistent, send first prompt information to the user, where the first prompt information is used to prompt the user to switch the current network network.
示例性地,在获得当前联网的手机号码之后,若第一手机号(即登录时用户选择的手机号)与第三手机号(即,当前电子设备联网的手机号)一致,则可以继续获取运营商标识以及动态IP。若不一致,则提示用户进行网络切换。Exemplarily, after obtaining the mobile phone number currently connected to the Internet, if the first mobile phone number (that is, the mobile phone number selected by the user when logging in) is consistent with the third mobile phone number (that is, the mobile phone number of the current electronic device connected to the Internet), the acquisition can be continued. Operator ID and dynamic IP. If not, the user is prompted to perform network switching.
并且,在用户切换网络之后,继续重复判断,直到一致后,在执行步骤S102-S105,再次通过运营商返回的手机号码进行再次比对确认。And, after the user switches the network, continue to repeat the judgment until they are consistent, and then perform steps S102-S105, and perform another comparison and confirmation through the mobile phone number returned by the operator.
本实施例中,在实现用户免密登录验证时,在通过运营商查询当前电子设备联网的第二手机号之前,还可以在电子设备内部首先进行登录手机号(即,第一手机号)与联网手机号(即,第三手机号)的比对判断,进而避免当通过电子设备确认出的联网手机号(即,第三手机号)与登录手机号不一致时,后续出现登录失败的现象。并且,本实施例中,在第一手机号与第三手机号比对一致之后,还会继续通过运营商服务器确认当前联网的IP对应的第二手机号,由于电子设备相比于运营商服务器而言本身安全性较低,因此通过电子设备获取的第三手机号也存在一定的安全风险,即可能遭受恶意篡改,因此可以通过运营商服务器返回的第二手机号进一步进行验证,进而确保在其它电子设备上无法登录本机的账号。In this embodiment, when implementing the user password-free login verification, before querying the second mobile phone number of the current electronic device connected to the Internet through the operator, the login mobile phone number (that is, the first mobile phone number) can also be first logged in the electronic device. The comparison and judgment of the networked mobile phone number (ie, the third mobile phone number), thereby avoiding the phenomenon of subsequent login failure when the networked mobile phone number (ie, the third mobile phone number) confirmed by the electronic device is inconsistent with the login mobile phone number. In addition, in this embodiment, after the first mobile phone number is consistent with the third mobile phone number, the operator server will continue to confirm the second mobile phone number corresponding to the currently connected IP. The security itself is relatively low, so the third mobile phone number obtained through electronic devices also has certain security risks, that is, it may be maliciously tampered with, so it can be further verified by the second mobile phone number returned by the operator's server to ensure The account of this unit cannot be logged in on other electronic devices.
在一些示例中,在执行步骤S102时,即在获取电子设备当前联网的运营商标识以及电子设备当前联网的动态IP时,具体的,还可以通过以下步骤实现。图3为本申请实施例提供的一种获取运营商标识和动态IP的方法的流程示意图,如图3所示,包括以下步骤:In some examples, when step S102 is performed, that is, when acquiring the operator identifier of the electronic device currently connected to the Internet and the dynamic IP of the electronic device currently connected to the Internet, specifically, the following steps can also be used. 3 is a schematic flowchart of a method for obtaining an operator identifier and a dynamic IP provided by an embodiment of the present application, as shown in FIG. 3 , including the following steps:
S301、确定电子设备当前联网方式,联网方式包括:无线连接方式、移动数据连接方式;S301. Determine the current networking mode of the electronic device, and the networking mode includes: a wireless connection mode and a mobile data connection mode;
示例性地,本实施例中,由于当电子设备采用无线连接的方式联网时,此时不会占用运营商分配的动态IP。因此,在获取电子设备当前联网的运营商标识以及当前电子设备上网的动态IP时,首先会确定当前电子设备的联网方式,并且本实施例中的电子设备联网方式包括无线联网方式以及移动数据联网方式。Exemplarily, in this embodiment, when the electronic device is connected to the Internet in a wireless connection manner, the dynamic IP allocated by the operator will not be occupied at this time. Therefore, when acquiring the operator identifier of the electronic device currently connected to the Internet and the current dynamic IP of the electronic device to access the Internet, the current networking mode of the electronic device will be determined first, and the electronic device networking mode in this embodiment includes wireless networking and mobile data networking. Way.
一个示例中,在确定电子设备的联网方式时,可以通过监测电子设备的网络开关按钮来确定,例如,在电子设备中包括有移动数据按钮以及无线连接按钮,可以通过查看按钮的选中方式来确定当前电子设备的联网方式。或者是通过调用电子设备内部预置的联网方式判断程序接口来确定。In an example, when determining the networking mode of the electronic device, it can be determined by monitoring the network switch button of the electronic device. For example, the electronic device includes a mobile data button and a wireless connection button, which can be determined by checking the selection mode of the buttons. How current electronic devices are networked. Or it can be determined by invoking a networked method preset in the electronic device to determine the program interface.
S302、若联网方式为移动数据联网方式,则获取电子设备当前联网的运营商标识以及电子设备当前联网的动态IP。S302. If the networking mode is the mobile data networking mode, obtain the operator identifier of the current networking of the electronic device and the dynamic IP of the current networking of the electronic device.
示例性地,若确定出当前电子设备的联网方式为移动数据联网方式时,进一步的可直接执行获取运营商标识以及电子设备当前联网的动态IP的步骤。Exemplarily, if it is determined that the current networking mode of the electronic device is the mobile data networking mode, further steps of acquiring the operator identifier and the dynamic IP of the current networking of the electronic device may be directly performed.
一个示例中,当确定出采用移动数据联网方式时,进一步的也可以执行图2所示的方法,即进一步的确定电子设备当前联网的手机号与用户选择登录的手机号是否一致操作过程。In an example, when it is determined that the mobile data networking mode is adopted, the method shown in FIG. 2 can be further performed, that is, the operation process of further determining whether the mobile phone number currently connected to the electronic device and the mobile phone number selected by the user to log in is consistent.
S303、若联网方式为无线联网方式,则向用户发送第二提示信息,第二提示信息用于提示用户切换联网方式为移动数据联网方式。S303. If the networking mode is the wireless networking mode, send second prompt information to the user, where the second prompt information is used to prompt the user to switch the networking mode to the mobile data networking mode.
示例性地,若确定出当前电子设备的联网方式为无线连接方式时,则此时为了后续运营商无法返回手机号导致认证失败的现象,则此时,可以提示用户切换电子设备当前的联网方式至移动数据联网方式。Exemplarily, if it is determined that the current networking mode of the electronic device is a wireless connection mode, at this time, in order to cause the subsequent operator to fail to return the mobile phone number, the authentication fails, then at this time, the user can be prompted to switch the current networking mode of the electronic device. to mobile data networking.
本实施例中,通过在向运营商服务器发送查询请求之前,查询当前电子设备联网的方式,进而避免出现由于使用无线登录方式而导致客户端应用免密登录失败的问题。In this embodiment, before sending the query request to the operator server, the current networking mode of the electronic device is inquired, thereby avoiding the problem that the client application fails to log in without password due to the use of the wireless login mode.
在一些实施例中,在执行步骤S102之前,也可以向用户发送网络确认信息,其中,该网络确认信息用于提醒用户检查当前联网的手机号码与所选择的登录手机号码是否一致。若接收到用户返回的确认一致信息,则可直接执行步骤S102。In some embodiments, before step S102 is performed, network confirmation information may also be sent to the user, wherein the network confirmation information is used to remind the user to check whether the currently connected mobile phone number is consistent with the selected login mobile phone number. If the confirmation consistent information returned by the user is received, step S102 may be directly executed.
在一些实施例中,在图1所示的实施例的基础上,若第一手机号与第二手机号比对结果不一致时,此时,也可以向用户发送网络确认信息,用于提示用户对登录请求中的第一手机号与联网的第三手机号进行一致性比对,以便用户确认登录失败原因,提高用户满意度。In some embodiments, based on the embodiment shown in FIG. 1 , if the comparison result between the first mobile phone number and the second mobile phone number is inconsistent, at this time, network confirmation information may also be sent to the user to prompt the user Consistently compare the first mobile phone number in the login request with the third mobile phone number connected to the Internet, so that the user can confirm the reason for the login failure and improve user satisfaction.
需要说明的是,在一些实施例中,客户端应用也可以直接将用于登录的第一手机号与查询到的动态IP同时上传至运营商服务器,由运营商服务器进行手机号与动态IP的匹配关系的确定,若可以查询到,则可直接向客户端应用返回确认一致结果,以使客户端应用执行免密登录操作。若查询不到,则可返回确认不一致的结果,之后由客户端应用向用户推送登录失败的信息。It should be noted that, in some embodiments, the client application may also directly upload the first mobile phone number used for logging in and the dynamic IP queried to the operator server at the same time, and the operator server will perform the comparison between the mobile phone number and the dynamic IP. If the matching relationship is determined, if it can be queried, a consistent confirmation result can be directly returned to the client application, so that the client application can perform a password-free login operation. If the query cannot be found, the result of confirming the inconsistency can be returned, and then the client application pushes the login failure information to the user.
在一些实施例中,在客户端发送查询请求前,还会依据预设的算法对包含有动态IP的查询请求进行加密,之后将加密处理后的查询请求通过服务接口发送至对应的运营商服务器,以降低查询请求在传输过程中被泄露篡改的风险。需要说明的是,本申请中对预设加密算法不做具体限定。In some embodiments, before the client sends the query request, the query request including the dynamic IP is also encrypted according to a preset algorithm, and then the encrypted query request is sent to the corresponding operator server through the service interface , to reduce the risk of query requests being leaked and tampered with during transmission. It should be noted that the preset encryption algorithm is not specifically limited in this application.
图4为本申请实施例提供的一种免密登录方法的流程示意图,该方法应用于运营商服务器,该方法包括:4 is a schematic flowchart of a password-free login method provided by an embodiment of the present application. The method is applied to an operator server, and the method includes:
S401、接收客户端应用通过运营商服务器对应的服务接口发送的查询请求,查询请求中包括动态IP。S401. Receive a query request sent by a client application through a service interface corresponding to an operator server, where the query request includes a dynamic IP.
S402、依据查询请求中的动态IP,确定动态IP对应的第二手机号码。S402. Determine the second mobile phone number corresponding to the dynamic IP according to the dynamic IP in the query request.
示例性地,运营商服务器中存储有动态IP与手机号码之间的对应关系,当动态被运营商分配之后,则会将分配的手机号与动态IP对应存储起来,当手机号对应的电子设备断开该手机号的网络连接时,则运营商服务器可以将该动态IP对应的手机号删除,当运营商服务器中动态IP没有对应的手机号码时,则表明该动态IP处于待分配状态。即,运营商服务器中存储的动态IP与手机号码之间的对应关系为实时更新的。当运营商服务器接收到客户端发送的查询请求之后,会依据查询请求中的动态IP在运营商服务器中查找当前该动态IP对应的第二手机号。Exemplarily, the correspondence between the dynamic IP and the mobile phone number is stored in the operator server, and after the dynamic is allocated by the operator, the allocated mobile phone number and the dynamic IP are stored correspondingly, when the electronic device corresponding to the mobile phone number is stored. When the network connection of the mobile phone number is disconnected, the operator server can delete the mobile phone number corresponding to the dynamic IP. When the dynamic IP in the operator server does not have a corresponding mobile phone number, it indicates that the dynamic IP is in a state to be allocated. That is, the correspondence between the dynamic IP and the mobile phone number stored in the operator's server is updated in real time. After the operator server receives the query request sent by the client, it will search the operator server for the second mobile phone number corresponding to the current dynamic IP according to the dynamic IP in the query request.
在一些实施例中,当接收到的查询请求为加密后的查询请求时,则依据预设算法对加密后的查询请求进行解密处理,进而得到查询请求中的动态请求。In some embodiments, when the received query request is an encrypted query request, the encrypted query request is decrypted according to a preset algorithm, thereby obtaining the dynamic request in the query request.
S403、向客户端应用发送第二手机号码。S403. Send the second mobile phone number to the client application.
一个示例中,当运营商服务器未查询到动态IP对应的手机号码时,则返回错误信息至客户端应用,进而客户端应用依据该错误信息停止免密登录操作。In one example, when the operator server does not query the mobile phone number corresponding to the dynamic IP, it returns an error message to the client application, and then the client application stops the password-free login operation according to the error message.
图5为本申请实施例提供的一种免密登录方法的交互流程示意图。如图所示,该方法包括以下步骤:FIG. 5 is a schematic diagram of an interaction flow of a password-free login method provided by an embodiment of the present application. As shown in the figure, the method includes the following steps:
S501、客户端应用接收用户的免密登录请求,其中,免密登录请求中包括第一手机号。S501. The client application receives a user's password-free login request, where the password-free login request includes a first mobile phone number.
S502、客户端应用获取电子设备当前联网的运营商标识以及电子设备当前联网的动态IP。S502, the client application acquires the operator identifier of the current networking of the electronic device and the dynamic IP of the current networking of the electronic device.
S503、客户端应用确定运营商标识对应的服务接口;S503, the client application determines the service interface corresponding to the operator identifier;
S504、通过服务接口向运营商标识对应的运营商服务器发送查询请求,查询请求中包括动态IP。S504: Send a query request to the operator server corresponding to the operator identifier through the service interface, where the query request includes the dynamic IP.
S505、运营商服务器依据查询请求中的动态IP,确定动态IP对应的第二手机号码。S505, the operator server determines the second mobile phone number corresponding to the dynamic IP according to the dynamic IP in the query request.
S506、运营商服务器向客户端应用发送第二手机号码。S506, the operator server sends the second mobile phone number to the client application.
S507、客户端应用接收运营商服务器依据查询请求中的动态IP确定的动态IP对应的第二手机号码,并比对第一手机号以及第二手机号。S507. The client application receives the second mobile phone number corresponding to the dynamic IP determined by the operator server according to the dynamic IP in the query request, and compares the first mobile phone number with the second mobile phone number.
S508、客户端应用若确定比对结果一致,则执行登录操作。S508. If the client application determines that the comparison results are consistent, a login operation is performed.
本实施例提供的交互方法,用于实现上述方法提供的技术方案,其实现原理和技术效果类似,不再赘述。The interaction method provided in this embodiment is used to implement the technical solution provided by the above method, and the implementation principle and technical effect thereof are similar, and are not repeated here.
图6为本申请实施例提供一种客户端应用的结构示意图,客户端应用包括:FIG. 6 provides a schematic structural diagram of a client application according to an embodiment of the present application. The client application includes:
第一接收单元61,用于接收用户的免密登录请求,其中,免密登录请求中包括第一手机号;The
获取单元62,用于获取电子设备当前联网的运营商标识以及电子设备当前联网的动态IP;an obtaining
第一确定单元63,用于确定运营商标识对应的服务接口,并通过服务接口向运营商标识对应的运营商服务器发送查询请求,查询请求中包括动态IP;The first determining
比对单元64,用于接收运营商服务器依据查询请求中的动态IP确定的动态IP对应的第二手机号码,并比对第一手机号以及第二手机号;A
登录单元65,用于若第一手机号以及第二手机号比对结果一致,则执行登录操作。The
本实施例提供的装置,用于实现上述方法提供的技术方案,其实现原理和技术效果类似,不再赘述。The apparatus provided in this embodiment is used to implement the technical solution provided by the above method, and the implementation principle and technical effect thereof are similar, and will not be repeated here.
图7为本申请实施例提供另一种客户端应用的结构示意图,在图6所示的结构的基础上,客户端应用还包括:第二接收单元66,用于在第一接收单元61接收用户的免密登录请求之前,接收用户的登录提示信息,向用户发送至少一个预先存储的手机号,其中,预先存储的手机号包括第一手机号。FIG. 7 is a schematic structural diagram of another client application according to an embodiment of the present application. On the basis of the structure shown in FIG. 6 , the client application further includes: a
在一种可能的实现方式中,获取单元62,包括:In a possible implementation manner, the obtaining
第一获取模块621,用于通过电子设备获取当前联网的第三手机号;The first obtaining
比对模块622,用于对比第一手机号以及第三手机号,若一致,则获取电子设备当前联网的运营商标识以及电子设备当前联网的动态IP。The
在一种可能的实现方式中,获取单元62还包括:In a possible implementation manner, the obtaining
第一提示模块623,用于若第一手机号以及第三手机号不一致,则向用户发送第一提示信息,第一提示信息用于提示用户切换当前联网网络。The first
在一种可能的实现方式中,获取单元62,包括:In a possible implementation manner, the obtaining
第一确定模块624,用于确定电子设备当前联网方式,联网方式包括:无线连接方式、移动数据连接方式;The first determining
第二获取模块625,用于若联网方式为移动数据联网方式,则获取电子设备当前联网的运营商标识以及电子设备当前联网的动态IP。The second obtaining module 625 is configured to obtain, if the networking mode is the mobile data networking mode, the operator identifier of the current networking of the electronic device and the dynamic IP of the current networking of the electronic device.
在一种可能的实现方式中,获取单元62,还包括:In a possible implementation manner, the obtaining
第二提示模块626,用于若联网方式为无线联网方式,则向用户发送第二提示信息,第二提示信息用于提示用户切换联网方式为移动数据联网方式。The second prompt module 626 is configured to send second prompt information to the user if the networking mode is the wireless networking mode, and the second prompt information is used to prompt the user to switch the networking mode to the mobile data networking mode.
在一种可能的实现方式中,客户端应用还包括:In a possible implementation manner, the client application further includes:
确认单元67,用于若比对结果不一致,则向用户发送网络确认信息,网络确认信息用于指示用户确认免密登录请求中的第一手机号与电子设备当前联网的第三手机号是否一致;The
在一种可能的实现方式中,获取单元62,包括:In a possible implementation manner, the obtaining
发送模块627,用于向用户发送网络确认信息,网络确认信息用于指示用户确认免密登录请求中的第一手机号与电子设备当前联网的第三手机号是否一致;The sending
接收模块628,用于若接收到确认一致信息,则获取电子设备当前联网的运营商标识以及电子设备当前联网的动态IP。The receiving
在一种可能的实现方式中,第一确定单元63具体用于依据预设算法对查询请求进行加密处理得到加密后的查询请求;通过服务接口向运营商标识对应的运营商服务器发送加密后的查询请求。In a possible implementation manner, the first determining
本实施例提供的装置,用于实现上述方法提供的技术方案,其实现原理和技术效果类似,不再赘述。The apparatus provided in this embodiment is used to implement the technical solution provided by the above method, and the implementation principle and technical effect thereof are similar, and will not be repeated here.
图8为本申请实施例提供一种运营商服务器的结构示意图,如图所示,包括:FIG. 8 provides a schematic structural diagram of an operator server according to an embodiment of the present application, as shown in the figure, including:
第三接收单元81,接收客户端应用通过运营商服务器对应的服务接口发送的查询请求,查询请求中包括动态IP;The
第二确定单元82,用于依据查询请求中的动态IP,确定动态IP对应的第二手机号码;The second determining
发送单元83,用于向客户端应用发送第二手机号码。The sending
图9为本申请实施例提供又一种运营商服务器的结构示意图。在图8所示的结构的基础上查询请求为加密后的查询请求;第二确定单元82包括:FIG. 9 is a schematic structural diagram of yet another operator server according to an embodiment of the present application. On the basis of the structure shown in FIG. 8, the query request is an encrypted query request; the second determining
解密模块821,用于依据预设算法对加密后的查询请求进行解密处理,得到查询请求中的动态IP;The
第二确定模块822,用于依据动态IP,确定动态IP对应的第二手机号码。The second determining
本申请提供一种电子设备,包括:存储器,处理器。The present application provides an electronic device, including: a memory and a processor.
存储器,用于存储处理器可执行指令的存储器;memory, memory for storing processor-executable instructions;
其中,处理器,用于根据可执行指令执行如图1-图3所示的方法,或者用于根据可执行指令执行如图4所示的方法。The processor is configured to execute the method shown in FIG. 1 to FIG. 3 according to the executable instruction, or to execute the method shown in FIG. 4 according to the executable instruction.
图10为本申请实施例提供的一种电子设备的结构示意图,如图10所示,该电子设备包括:FIG. 10 is a schematic structural diagram of an electronic device provided by an embodiment of the application. As shown in FIG. 10 , the electronic device includes:
处理器(processor)291,电子设备还包括了存储器(memory)292;还可以包括通信接口(Communication Interface)293和总线294。其中,处理器291、存储器292、通信接口293、可以通过总线294完成相互间的通信。通信接口293可以用于信息传输。处理器291可以调用存储器294中的逻辑指令,以执行上述实施例的方法。A processor (processor) 291 , and the electronic device further includes a memory (memory) 292 ; it may also include a communication interface (Communication Interface) 293 and a
此外,上述的存储器292中的逻辑指令可以通过软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。In addition, the above-mentioned logic instructions in the
存储器292作为一种计算机可读存储介质,可用于存储软件程序、计算机可执行程序,如本申请实施例中的方法对应的程序指令/模块。处理器291通过运行存储在存储器292中的软件程序、指令以及模块,从而执行功能应用以及数据处理,即实现上述方法实施例中的方法。As a computer-readable storage medium, the
存储器292可包括存储程序区和存储数据区,其中,存储程序区可存储操作系统、至少一个功能所需的应用程序;存储数据区可存储根据终端设备的使用所创建的数据等。此外,存储器292可以包括高速随机存取存储器,还可以包括非易失性存储器。The
本申请一种计算机可读存储介质,计算机可读存储介质中存储有计算机执行指令,计算机执行指令被处理器执行时用于实现如图1-图3所示的方法,或者用于实现如图4所示的方法。The present application is a computer-readable storage medium, where computer-executable instructions are stored in the computer-readable storage medium, and when the computer-executable instructions are executed by a processor, are used to implement the methods shown in FIGS. 4 shows the method.
本申请提供一种计算机程序产品,包括计算机程序,该计算机程序被处理器执行时实现如图1-图3所示的方法或者实现如图4所示的方法。The present application provides a computer program product, including a computer program, which, when executed by a processor, implements the methods shown in FIG. 1 to FIG. 3 or implements the method shown in FIG. 4 .
本领域技术人员在考虑说明书及实践这里公开的发明后,将容易想到本申请的其它实施方案。本申请旨在涵盖本申请的任何变型、用途或者适应性变化,这些变型、用途或者适应性变化遵循本申请的一般性原理并包括本申请未公开的本技术领域中的公知常识或惯用技术手段。说明书和实施例仅被视为示例性的,本申请的真正范围和精神由下面的权利要求书指出。Other embodiments of the present application will readily occur to those skilled in the art upon consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses or adaptations of this application that follow the general principles of this application and include common knowledge or conventional techniques in the technical field not disclosed in this application . The specification and examples are to be regarded as exemplary only, with the true scope and spirit of the application being indicated by the following claims.
应当理解的是,本申请并不局限于上面已经描述并在附图中示出的精确结构,并且可以在不脱离其范围进行各种修改和改变。本申请的范围仅由所附的权利要求书来限制。It is to be understood that the present application is not limited to the precise structures described above and illustrated in the accompanying drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the application is limited only by the appended claims.
Claims (17)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111605156.9A CN114338132B (en) | 2021-12-24 | 2021-12-24 | Password-free login method, client application, operator server and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111605156.9A CN114338132B (en) | 2021-12-24 | 2021-12-24 | Password-free login method, client application, operator server and electronic equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114338132A true CN114338132A (en) | 2022-04-12 |
| CN114338132B CN114338132B (en) | 2023-08-01 |
Family
ID=81013793
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111605156.9A Active CN114338132B (en) | 2021-12-24 | 2021-12-24 | Password-free login method, client application, operator server and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114338132B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114978748A (en) * | 2022-06-14 | 2022-08-30 | 中国电信股份有限公司 | Login control method and device, readable storage medium and electronic equipment |
| CN117725609A (en) * | 2023-11-09 | 2024-03-19 | 联通在线信息科技有限公司 | User authorization information storage method, device, electronic equipment and storage medium |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108712440A (en) * | 2018-05-31 | 2018-10-26 | 中国联合网络通信集团有限公司 | User information management method, device, server and storage medium |
| CN109787991A (en) * | 2019-01-31 | 2019-05-21 | 平安科技(深圳)有限公司 | Password-free login method, device, device and storage medium based on mobile terminal |
| CN110266656A (en) * | 2019-05-30 | 2019-09-20 | 世纪龙信息网络有限责任公司 | Exempt from close authenticating identity recognition methods, device and computer equipment |
| CN110557299A (en) * | 2019-07-31 | 2019-12-10 | 苏州浪潮智能科技有限公司 | network transmission function batch test method, system, terminal and storage medium |
| CN110719249A (en) * | 2018-07-13 | 2020-01-21 | 中国电信股份有限公司 | Method and system for reverse checking user number based on IP and NAT firewall |
| CN110798453A (en) * | 2019-10-16 | 2020-02-14 | 上海易点时空网络有限公司 | Data processing method and device for one-key login |
| CN111107093A (en) * | 2019-12-25 | 2020-05-05 | 苏州达家迎信息技术有限公司 | Application login method, device, terminal and storage medium |
| US20200236105A1 (en) * | 2019-01-22 | 2020-07-23 | Adp, Llc | Rich communication services security authentication system |
| CN111666546A (en) * | 2020-06-19 | 2020-09-15 | 上海连尚网络科技有限公司 | Application login method and device |
| CN111740942A (en) * | 2020-01-17 | 2020-10-02 | 北京沃东天骏信息技术有限公司 | Login/registration method, device, system, electronic equipment and storage medium |
| CN112565239A (en) * | 2020-12-01 | 2021-03-26 | 深圳市和讯华谷信息技术有限公司 | Authentication method and device for integrating multiple operators, computer equipment and storage medium |
| CN113553557A (en) * | 2021-07-23 | 2021-10-26 | 咪咕文化科技有限公司 | Application secret-free login method and device, electronic equipment and storage medium |
-
2021
- 2021-12-24 CN CN202111605156.9A patent/CN114338132B/en active Active
Patent Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108712440A (en) * | 2018-05-31 | 2018-10-26 | 中国联合网络通信集团有限公司 | User information management method, device, server and storage medium |
| CN110719249A (en) * | 2018-07-13 | 2020-01-21 | 中国电信股份有限公司 | Method and system for reverse checking user number based on IP and NAT firewall |
| US20200236105A1 (en) * | 2019-01-22 | 2020-07-23 | Adp, Llc | Rich communication services security authentication system |
| CN109787991A (en) * | 2019-01-31 | 2019-05-21 | 平安科技(深圳)有限公司 | Password-free login method, device, device and storage medium based on mobile terminal |
| CN110266656A (en) * | 2019-05-30 | 2019-09-20 | 世纪龙信息网络有限责任公司 | Exempt from close authenticating identity recognition methods, device and computer equipment |
| CN110557299A (en) * | 2019-07-31 | 2019-12-10 | 苏州浪潮智能科技有限公司 | network transmission function batch test method, system, terminal and storage medium |
| CN110798453A (en) * | 2019-10-16 | 2020-02-14 | 上海易点时空网络有限公司 | Data processing method and device for one-key login |
| CN111107093A (en) * | 2019-12-25 | 2020-05-05 | 苏州达家迎信息技术有限公司 | Application login method, device, terminal and storage medium |
| CN111740942A (en) * | 2020-01-17 | 2020-10-02 | 北京沃东天骏信息技术有限公司 | Login/registration method, device, system, electronic equipment and storage medium |
| CN111666546A (en) * | 2020-06-19 | 2020-09-15 | 上海连尚网络科技有限公司 | Application login method and device |
| WO2021254075A1 (en) * | 2020-06-19 | 2021-12-23 | 上海连尚网络科技有限公司 | Application login method and apparatus |
| CN112565239A (en) * | 2020-12-01 | 2021-03-26 | 深圳市和讯华谷信息技术有限公司 | Authentication method and device for integrating multiple operators, computer equipment and storage medium |
| CN113553557A (en) * | 2021-07-23 | 2021-10-26 | 咪咕文化科技有限公司 | Application secret-free login method and device, electronic equipment and storage medium |
Non-Patent Citations (2)
| Title |
|---|
| 贺晓东;曹维华;彭巍;李文云;: "基于IP溯源的免密认证方法探讨", 广东通信技术, no. 08 * |
| 郭茂文;张荣;卢燕青;黎艳;: "运营商发展统一账号认证业务技术方案", 电信科学, no. 05 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114978748A (en) * | 2022-06-14 | 2022-08-30 | 中国电信股份有限公司 | Login control method and device, readable storage medium and electronic equipment |
| CN117725609A (en) * | 2023-11-09 | 2024-03-19 | 联通在线信息科技有限公司 | User authorization information storage method, device, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114338132B (en) | 2023-08-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103746812B (en) | A kind of access authentication method and system | |
| CN105376216B (en) | A remote access method, proxy server and client | |
| CN106657152B (en) | Authentication method, server and access control device | |
| CN102625297B (en) | For identity management method and the device of mobile terminal | |
| CN108540433B (en) | User identity verification method and device | |
| US11271922B2 (en) | Method for authenticating a user and corresponding device, first and second servers and system | |
| CN108512846A (en) | Mutual authentication method and device between a kind of terminal and server | |
| CN111131300B (en) | Communication method, terminal and server | |
| CN107094127B (en) | Processing method and device, and obtaining method and device of security information | |
| CN103095861A (en) | Determining whether a device is inside a network | |
| CN115473655B (en) | Terminal authentication method, device and storage medium for access network | |
| CN110944319A (en) | 5G communication identity authentication method, equipment and storage medium | |
| CN114338132B (en) | Password-free login method, client application, operator server and electronic equipment | |
| CN104660567A (en) | D2D terminal access authentication method as well as D2D terminal and server | |
| CN109729000B (en) | Instant messaging method and device | |
| WO2021138217A1 (en) | Method, chip, device and system for authenticating a set of at least two users | |
| CN107211265B (en) | Method and device for secure interaction between terminals | |
| CN104219626A (en) | Identity authentication method and device | |
| CN106790036B (en) | Information tamper-proofing method and device, server and terminal | |
| CN108377499A (en) | A kind of method for network access, routing device and terminal | |
| CN106537962B (en) | Wireless network configuration, access and access method, device and equipment | |
| CN114521013A (en) | Terminal positioning method, system, storage medium and electronic device | |
| CN104243423A (en) | Ad-hoc network encryption and authentication method and system and terminals | |
| CN103108316A (en) | Authentication method, device and system for aerial card writing | |
| CN113194471B (en) | Wireless network access method, device and terminal based on block chain network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |