CN115589308A - Login verification method, device, equipment and storage medium based on coordinate offset - Google Patents
Login verification method, device, equipment and storage medium based on coordinate offset Download PDFInfo
- Publication number
- CN115589308A CN115589308A CN202211124857.5A CN202211124857A CN115589308A CN 115589308 A CN115589308 A CN 115589308A CN 202211124857 A CN202211124857 A CN 202211124857A CN 115589308 A CN115589308 A CN 115589308A
- Authority
- CN
- China
- Prior art keywords
- user
- login
- offset
- information
- token
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/107—Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Transfer Between Computers (AREA)
Abstract
Description
技术领域technical field
本发明涉及网络技术与安全领域,特别是涉及一种基于坐标偏移的登录验证方法、一种基于坐标偏移的登录验证装置、相应的一种电子设备以及相应的一种计算机存储介质。The present invention relates to the field of network technology and security, in particular to a coordinate offset-based login verification method, a coordinate offset-based login verification device, a corresponding electronic device, and a corresponding computer storage medium.
背景技术Background technique
随着移动互联网的发展,移动端/客户端的用户体量日益增加,面对庞大的用户体量需要对服务器集中承载的访问压力,其中需要对客户端每次请求服务器均需访问数据库校验账号密码的压力问题进行解决。With the development of the mobile Internet, the number of mobile/client users is increasing day by day. Facing the huge number of users, there is a need to centralize the access pressure on the server. Every time the client requests the server, it is necessary to access the database to verify the account number. The password stress problem is solved.
目前,可以通过引入生成Token的方式对上述问题进行解决,Token表现为服务端生成的一串字符串,其可以作为客户端进行请求的一个令牌,通常服务器在生成一个Token后返回给客户端,以便客户端在进行登录时能够基于令牌进行登录验证。传统的令牌生成方式中,通常基于用户登录账号进行令牌的生成,这种令牌生成方式在获取到解密后的密文,容易破解获得用户的账号密码信息,加密数据的安全性低。At present, the above problems can be solved by introducing the method of generating Token. Token is a string of strings generated by the server, which can be used as a token for the client to request. Usually, the server returns to the client after generating a Token. , so that the client can perform login authentication based on the token when logging in. In the traditional token generation method, the token is usually generated based on the user's login account. This token generation method is easy to crack the user's account password information after obtaining the decrypted ciphertext, and the security of encrypted data is low.
发明内容Contents of the invention
鉴于上述问题,提出了本发明实施例以便提供一种克服上述问题或者至少部分地解决上述问题的一种基于坐标偏移的登录验证方法、一种基于坐标偏移的登录验证装置、相应的一种电子设备以及相应的一种计算机存储介质。In view of the above problems, the embodiments of the present invention are proposed to provide a coordinate offset-based login verification method, a coordinate offset-based login verification device, and a corresponding An electronic device and a corresponding computer storage medium.
本发明实施例公开了一种基于坐标偏移的登录验证方法,应用于服务端,所述方法包括:The embodiment of the present invention discloses a login verification method based on coordinate offset, which is applied to the server, and the method includes:
获取用户数据信息,根据所述用户数据信息确定用户偏移量;所述用户偏移量用于表示在更新时间间隔期间用户的坐标偏移;Obtain user data information, and determine a user offset according to the user data information; the user offset is used to represent the coordinate offset of the user during the update time interval;
获取用户登录信息,根据所述用户登录信息和所述用户偏移量,生成登录令牌;Obtain user login information, and generate a login token according to the user login information and the user offset;
根据所生成的登录令牌进行登录验证。Login verification is performed based on the generated login token.
可选地,所述用户数据信息包括用户所在的经纬度信息和步数信息;所述根据所述用户数据信息确定用户偏移量,包括:Optionally, the user data information includes latitude and longitude information and step information where the user is located; determining the user offset according to the user data information includes:
根据所述用户所在的经纬度信息确定用户偏移距离;determining the user offset distance according to the latitude and longitude information of the user;
根据所述用户偏移距离和所述步数信息,确定用户偏移量。Determine a user offset according to the user offset distance and the step number information.
可选地,所述用户所在的经纬度信息包括当前时刻用户所在的第一经纬度和距离更新时间间隔之前的上一时刻用户所在的第二经纬度,所述步数信息包括当前时刻所统计的第一运动步数和距离所述更新时间间隔之前的上一时刻所统计的第二运动步数;Optionally, the latitude and longitude information of the user includes the first latitude and longitude of the user at the current moment and the second latitude and longitude of the user at the previous moment before the update time interval, and the step number information includes the first latitude and longitude counted at the current moment. The number of motion steps and the second motion steps counted at the previous moment before the update time interval;
所述根据所述用户所在的经纬度确定用户偏移距离,包括:The determining the user offset distance according to the latitude and longitude where the user is located includes:
以所述第二经纬度为原点构建平面直角坐标系;Constructing a plane Cartesian coordinate system with the second latitude and longitude as the origin;
在所述平面直角坐标系中,采用所述第一经纬度和所述第二经纬度,计算用户从距离更新时间间隔之前的上一时刻至当前时刻的第一用户偏移距离;In the planar Cartesian coordinate system, using the first latitude and longitude and the second latitude and longitude to calculate the first user offset distance of the user from the previous moment before the distance update time interval to the current moment;
从所述距离更新时间间隔之前的上一时刻至当前时刻的时间段内随机选取任一时刻,采用所述第一用户偏移距离、当前时刻以及所选取的任一时刻,计算用户从所选取的任一时刻至距离更新时间间隔之前的上一时刻的第二用户偏移距离。Randomly select any time within the time period from the previous time before the distance update time interval to the current time, and use the first user offset distance, the current time, and any selected time to calculate the user's distance from the selected time. The second user offset distance from any moment of to the previous moment before the update time interval.
可选地,所述用户偏移距离包括从所述距离更新时间间隔之前的上一时刻至当前时刻的时间段内所选取的任一时刻,至当前时刻的第二用户偏移距离;Optionally, the user offset distance includes a second user offset distance to the current moment at any moment selected within the time period from the previous moment before the distance update time interval to the current moment;
所述根据所述用户偏移距离和所述步数信息,确定用户偏移量,包括:The determining the user offset according to the user offset distance and the step number information includes:
采用当前时刻所统计的第一运动步数和距离所述更新时间间隔之前的上一时刻所统计的第二运动步数,计算用户在距离更新时间间隔之前的上一时刻至当前时刻的第三运动步数;Using the first number of motion steps counted at the current moment and the second number of motion steps counted at the previous moment before the update time interval, calculate the user's third movement steps from the previous moment before the update time interval to the current moment. number of steps;
获取所述第一经纬度相应坐标点在所述平面坐标系中的垂直坐标点,根据所述垂直坐标点确定所述平面直角坐标系中所构成三角形的角度弦值;Obtain the vertical coordinate point of the corresponding coordinate point of the first latitude and longitude in the plane coordinate system, and determine the angle chord value of the triangle formed in the plane Cartesian coordinate system according to the vertical coordinate point;
根据所述第一运动步数、第二用户偏移距离、第三运动步数以及所构成三角形的角度弦值,确定用户偏移量。The user offset is determined according to the first number of motion steps, the second user offset distance, the third number of motion steps, and the angle chord of the formed triangle.
可选地,所述角度弦值包括第一角度正弦值、第二角度余弦值以及第三角度正切值;所述根据所述第二用户偏移距离、第三运动步数以及所构成三角形的角度弦值,确定用户偏移量,包括:Optionally, the angle sine value includes a first angle sine value, a second angle cosine value, and a third angle tangent value; Angle chord, which determines user offsets, includes:
采用所述第一运动步数和第一角度正弦值的乘积,与所述第三运动步数和第二角度余弦值的乘积,以及与所述第二用户偏移距离和第三角度正切值的乘积的和,计算用户偏移量。Using the product of the first number of motion steps and the sine value of the first angle, the product of the third number of motion steps and the cosine value of the second angle, and the offset distance from the second user and the tangent value of the third angle The sum of the products of , calculates the user offset.
可选地,所述根据所述用户登录信息和所述用户偏移量,生成登录令牌,包括:Optionally, the generating a login token according to the user login information and the user offset includes:
获取所述用户登录信息中用户登录账号、用户登录密码、用户在当前时刻所在的运动方向以及当前时刻;Acquiring the user login account number, user login password, user's movement direction at the current moment and the current moment in the user login information;
将所述当前时刻转换为当前时间毫秒值,并将所述用户登录账号、用户登录密码、用户在当前时刻所在的运动方向、所述当前时间毫秒值以及所述用户偏移量,拼接得到加密内容;Convert the current time into milliseconds of the current time, and concatenate and encrypt the user login account, user login password, the direction of movement of the user at the current moment, the milliseconds of the current time, and the user offset content;
将所述加密内容按照预设加密方式进行加密,生成登录令牌。Encrypt the encrypted content according to a preset encryption method to generate a login token.
可选地,所述登录令牌以所述更新时间间隔作为登录有效期;所述根据所生成的登录令牌进行登录验证,包括:Optionally, the login token uses the update time interval as the login validity period; and performing login verification according to the generated login token includes:
在所述登录有效期内,若用户端所发送的登录请求携带有所生成的登录令牌,则登录验证通过。During the login validity period, if the login request sent by the client carries the generated login token, the login verification is passed.
本发明实施例还公开了一种基于坐标偏移的登录验证装置,应用于服务端,所述装置包括:The embodiment of the present invention also discloses a login verification device based on coordinate offset, which is applied to the server, and the device includes:
用户偏移量确定模块,用于获取用户数据信息,根据所述用户数据信息确定用户偏移量;所述用户偏移量用于表示在更新时间间隔期间用户的坐标偏移;A user offset determining module, configured to obtain user data information, and determine a user offset according to the user data information; the user offset is used to represent the coordinate offset of the user during the update time interval;
令牌生成模块,用于获取用户登录信息,根据所述用户登录信息和所述用户偏移量,生成登录令牌;A token generating module, configured to obtain user login information, and generate a login token according to the user login information and the user offset;
登录验证模块,用于根据所生成的登录令牌进行登录验证。The login verification module is configured to perform login verification according to the generated login token.
可选地,所述用户数据信息包括用户所在的经纬度信息和步数信息;所述用户偏移量确定模块包括:Optionally, the user data information includes latitude and longitude information and step information where the user is located; the user offset determination module includes:
用户偏移距离确定子模块,用于根据所述用户所在的经纬度信息确定用户偏移距离;A user offset distance determining submodule, configured to determine the user offset distance according to the latitude and longitude information where the user is located;
用户偏移量确定子模块,用于根据所述用户偏移距离和所述步数信息,确定用户偏移量。The user offset determination submodule is configured to determine the user offset according to the user offset distance and the step number information.
可选地,所述用户所在的经纬度信息包括当前时刻用户所在的第一经纬度和距离更新时间间隔之前的上一时刻用户所在的第二经纬度,所述步数信息包括当前时刻所统计的第一运动步数和距离所述更新时间间隔之前的上一时刻所统计的第二运动步数;Optionally, the latitude and longitude information of the user includes the first latitude and longitude of the user at the current moment and the second latitude and longitude of the user at the previous moment before the update time interval, and the step number information includes the first latitude and longitude counted at the current moment. The number of motion steps and the second motion steps counted at the previous moment before the update time interval;
所述用户偏移距离确定子模块包括:The user offset distance determination submodule includes:
坐标系构建单元,用于以所述第二经纬度为原点构建平面直角坐标系;A coordinate system construction unit, configured to construct a plane Cartesian coordinate system with the second latitude and longitude as the origin;
第一用户偏移距离确定单元,用于在所述平面直角坐标系中,采用所述第一经纬度和所述第二经纬度,计算用户从距离更新时间间隔之前的上一时刻至当前时刻的第一用户偏移距离;The first user offset distance determination unit is configured to use the first latitude and longitude and the second latitude and longitude in the plane Cartesian coordinate system to calculate the user's second distance from the previous moment before the distance update time interval to the current moment. a user offset distance;
第二用户偏移距离确定单元,用于从所述距离更新时间间隔之前的上一时刻至当前时刻的时间段内随机选取任一时刻,采用所述第一用户偏移距离、当前时刻以及所选取的任一时刻,计算用户从所选取的任一时刻至距离更新时间间隔之前的上一时刻的第二用户偏移距离。The second user offset distance determining unit is configured to randomly select any time within the time period from the previous moment before the distance update time interval to the current moment, and adopt the first user offset distance, the current moment and the At any selected moment, the second user offset distance of the user from the selected moment to the previous moment before the update time interval is calculated.
可选地,所述用户偏移距离包括从所述距离更新时间间隔之前的上一时刻至当前时刻的时间段内所选取的任一时刻,至当前时刻的第二用户偏移距离;Optionally, the user offset distance includes a second user offset distance to the current moment at any moment selected within the time period from the previous moment before the distance update time interval to the current moment;
所述用户偏移量确定子模块包括:The user offset determination submodule includes:
第三运动步数确定单元,用于采用当前时刻所统计的第一运动步数和距离所述更新时间间隔之前的上一时刻所统计的第二运动步数,计算用户在距离更新时间间隔之前的上一时刻至当前时刻的第三运动步数;The third motion step determination unit is configured to use the first motion step counted at the current moment and the second motion step counted at the previous moment before the update time interval to calculate the user's distance before the update time interval The number of third movement steps from the previous moment to the current moment;
角度弦值确定单元,用于获取所述第一经纬度相应坐标点在所述平面坐标系中的垂直坐标点,根据所述垂直坐标点确定所述平面直角坐标系中所构成三角形的角度弦值;An angle chord determination unit, configured to obtain the vertical coordinate point of the corresponding coordinate point of the first latitude and longitude in the plane coordinate system, and determine the angle chord value of the triangle formed in the plane Cartesian coordinate system according to the vertical coordinate point ;
用户偏移量确定单元,用于根据所述第一运动步数、第二用户偏移距离、第三运动步数以及所构成三角形的角度弦值,确定用户偏移量。The user offset determining unit is configured to determine the user offset according to the first movement steps, the second user offset distance, the third movement steps and the angle chords of the formed triangles.
可选地,所述角度弦值包括第一角度正弦值、第二角度余弦值以及第三角度正切值;所述用户偏移量确定单元包括:Optionally, the angle sine value includes a first angle sine value, a second angle cosine value, and a third angle tangent value; the user offset determination unit includes:
用户偏移量确定子单元,用于采用所述第一运动步数和第一角度正弦值的乘积,与所述第三运动步数和第二角度余弦值的乘积,以及与所述第二用户偏移距离和第三角度正切值的乘积的和,计算用户偏移量。The user offset determining subunit is used to use the product of the first motion steps and the sine value of the first angle, the product of the third motion steps and the second angle cosine value, and the product of the second The sum of the product of the user offset distance and the tangent of the third angle is used to calculate the user offset.
可选地,所述令牌生成模块包括:Optionally, the token generation module includes:
用户登录信息获取子模块,用于获取所述用户登录信息中用户登录账号、用户登录密码、用户在当前时刻所在的运动方向以及当前时刻;The user login information acquisition sub-module is used to acquire the user login account number, user login password, movement direction of the user at the current moment and the current moment in the user login information;
加密内容生成子模块,用于将所述当前时刻转换为当前时间毫秒值,并将所述用户登录账号、用户登录密码、用户在当前时刻所在的运动方向、所述当前时间毫秒值以及所述用户偏移量,拼接得到加密内容;The encrypted content generation sub-module is used to convert the current time into the millisecond value of the current time, and convert the user login account, the user login password, the direction of movement of the user at the current moment, the millisecond value of the current time, and the User offset, splicing to get encrypted content;
令牌生成子模块,用于将所述加密内容按照预设加密方式进行加密,生成登录令牌。The token generation sub-module is used to encrypt the encrypted content according to a preset encryption method to generate a login token.
可选地,所述登录令牌以所述更新时间间隔作为登录有效期;所述登录验证模块包括:Optionally, the login token uses the update time interval as the login validity period; the login verification module includes:
登录验证子模块,用于在所述登录有效期内,若用户端所发送的登录请求携带有所生成的登录令牌,则登录验证通过。The login verification sub-module is configured to pass the login verification if the login request sent by the client carries the generated login token within the validity period of the login.
本发明实施例还公开了一种电子设备,包括:处理器、存储器及存储在所述存储器上并能够在所述处理器上运行的计算机程序,所述计算机程序被所述处理器执行时实现任一项所述基于坐标偏移的登录验证方法。The embodiment of the present invention also discloses an electronic device, including: a processor, a memory, and a computer program stored on the memory and capable of running on the processor. When the computer program is executed by the processor, the Any one of the coordinate offset-based login verification methods.
本发明实施例还公开了一种计算机可读存储介质,所述计算机可读存储介质上存储计算机程序,所述计算机程序被处理器执行时实现任一项所述基于坐标偏移的登录验证方法。The embodiment of the present invention also discloses a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, any one of the coordinate offset-based login verification methods described above is implemented .
本发明实施例包括以下优点:Embodiments of the present invention include the following advantages:
在本发明实施例中,服务端可以获取用户数据信息,并根据所获取的用户数据信息确定用户偏移量,所确定的用户偏移量可用于表示在更新时间间隔期间用户的坐标偏移,此时可以根据用户登录信息和用于表示坐标偏移的用户偏移量进行加密生成登录令牌,以用于对用户端进行登录验证。所用于生成登录令牌的数据与用户数据信息相关,保证了所生成的登录令牌的随机性,以及基于确定用户坐标偏移的用户数据信息的不确定性,还能够保证加密后数据的不可破解性,提高用户登录验证的安全性。In the embodiment of the present invention, the server can acquire user data information, and determine the user offset according to the acquired user data information, and the determined user offset can be used to represent the coordinate offset of the user during the update time interval, At this time, a login token may be generated by encrypting the user login information and the user offset used to represent the coordinate offset, so as to perform login verification on the user terminal. The data used to generate the login token is related to the user data information, which ensures the randomness of the generated login token and the uncertainty of the user data information based on the determination of the user coordinate offset, and can also ensure the unreliability of the encrypted data. Crackability, improve the security of user login verification.
附图说明Description of drawings
图1是本发明的一种基于坐标偏移的登录验证方法实施例的步骤流程图;Fig. 1 is a flow chart of the steps of an embodiment of a coordinate offset-based login verification method of the present invention;
图2是本发明的另一种基于坐标偏移的登录验证方法实施例的步骤流程图;Fig. 2 is a flow chart of the steps of another embodiment of the login verification method based on coordinate offset of the present invention;
图3是本发明实施例提供的进行令牌生成的过程示意图;FIG. 3 is a schematic diagram of a token generation process provided by an embodiment of the present invention;
图4是本发明实施例提供的进行用户数据信息获取的实施示意图;Fig. 4 is an implementation schematic diagram of obtaining user data information provided by an embodiment of the present invention;
图5是本发明实施例提供的基于坐标偏移的登录验证的应用场景图;Fig. 5 is an application scenario diagram of login verification based on coordinate offset provided by an embodiment of the present invention;
图6是本发明的一种基于坐标偏移的登录验证装置实施例的结构框图。Fig. 6 is a structural block diagram of an embodiment of a coordinate offset-based login verification device of the present invention.
具体实施方式detailed description
为使本发明的上述目的、特征和优点能够更加明显易懂,下面结合附图和具体实施方式对本发明作进一步详细的说明。In order to make the above objects, features and advantages of the present invention more comprehensible, the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments.
随着移动互联网的发展,在信息时代用户个人信息与企业资产数据的价值较高,保证用户登录账号的安全性是互联网产品发展的重中之重,要求互联网产品需要考虑到用户登录账号的安全性,保证用户登录账号的高安全性。为了保证用户登录账号的安全性,通常可引入所生成的登录令牌Token在用户端采用用户登录账号进行登录时进行登录验证。With the development of the mobile Internet, the value of user personal information and enterprise asset data is high in the information age. Ensuring the security of user login accounts is the top priority in the development of Internet products. Internet products are required to consider the security of user login accounts To ensure the high security of user login account. In order to ensure the security of the user's login account, the generated login token Token can usually be introduced to perform login verification when the user end uses the user's login account to log in.
本发明实施例的核心思想之一在于将表示用户坐标偏移的用户偏移量作为用于生成登录令牌的相关数据,所用于生成登录令牌的数据与用户数据信息相关,能够保证所生成的登录令牌的随机性,增加登录令牌被破解的难度;以及,用户数据信息可以包括用户的经纬度信息和步数信息,基于用户每天出行方式的不同,以及步数与地点等数据的不确定性,能够保证加密后数据的不可破解性,提高用户登录验证的安全性;进一步地,基于用户形成经过一系列算法生成登录令牌的过程,可以按照所设定的更新时间间隔实现对登录令牌的定期更新,在提升登陆令牌额的安全性的同时,还能够保证所生成的登录令牌的不可重复性,以及就算被各种手段获取到加密后的密文,也无法通过市面上的传统的加密方式破解获取到用户的账号密码信息,增加了加密后数据的随机性与破解难度,显著提高了加密数据的安全性。此外,为了不侵犯用户的个人隐私,其在进行登录令牌进行生成的过程中所使用的用户数据信息主要是基于更新时间间隔进行采集的,即所获取的仅为当前时刻的数据以及数据更新上次时刻所使用的数据,并不对用户数据信息进行实时记录,且本发明实施例所提出的令牌生成算法能够降低登录令牌的生成成本,并节省系统资源。One of the core ideas of the embodiments of the present invention is to use the user offset representing the offset of the user coordinates as the relevant data for generating the login token, and the data used to generate the login token is related to the user data information, which can ensure that the generated The randomness of the login token increases the difficulty of cracking the login token; and, user data information can include the user's latitude and longitude information and step information, based on the user's daily travel mode, as well as the number of steps and locations. Determinism, which can ensure the uncrackability of encrypted data and improve the security of user login verification; further, based on the process of generating login tokens through a series of algorithms based on user formation, the login can be implemented according to the set update time interval The regular update of the token, while improving the security of the login token amount, can also ensure the non-repeatability of the generated login token, and even if the encrypted ciphertext is obtained by various means, it cannot be passed through the market. The traditional encryption method on the Internet can obtain the user's account password information, which increases the randomness of the encrypted data and the difficulty of cracking, and significantly improves the security of the encrypted data. In addition, in order not to infringe on the personal privacy of the user, the user data information used in the process of generating the login token is mainly collected based on the update time interval, that is, only the current data and data update are obtained. The data used at the last moment does not record user data information in real time, and the token generation algorithm proposed by the embodiment of the present invention can reduce the cost of generating login tokens and save system resources.
参照图1,示出了本发明的一种基于坐标偏移的登录验证方法实施例的步骤流程图,应用于服务端,具体可以包括如下步骤:Referring to FIG. 1 , it shows a flow chart of steps of an embodiment of a coordinate offset-based login verification method of the present invention, which is applied to the server, and may specifically include the following steps:
步骤101,获取用户数据信息,根据用户数据信息确定用户偏移量;
在本发明实施例中,所用于生成登录令牌的数据与用户数据信息相关,能够保证所生成的登录令牌的随机性,增加登录令牌被破解的难度。此时可以将表示用户坐标偏移的用户偏移量作为用于生成登录令牌的相关数据,基于用户坐标偏移中用户每天出行方式的不同,以及步数与地点等数据的不确定性,保证加密后数据的不可破解性,提高用户登录验证的安全性。In the embodiment of the present invention, the data used to generate the login token is related to user data information, which can ensure the randomness of the generated login token and increase the difficulty of cracking the login token. At this time, the user offset representing the user coordinate offset can be used as the relevant data for generating the login token, based on the difference in the user's daily travel mode in the user coordinate offset, as well as the uncertainty of the number of steps and location data, Ensure the uncrackability of encrypted data and improve the security of user login verification.
在本发明的一种实施例中,表示用户坐标偏移的用户偏移量,可以通过所获取的用户数据信息进行确定,所获取的用户数据信息可以是与用户坐标偏移相关的数据,例如用户的经纬度信息、步数信息等,以便基于与坐标偏移相关的数据确定用户偏移量。In an embodiment of the present invention, the user offset representing the user coordinate offset can be determined through the acquired user data information, and the acquired user data information can be data related to the user coordinate offset, for example The user's latitude and longitude information, step information, etc., so as to determine the user offset based on the data related to the coordinate offset.
其中,所确定的用户偏移量可以用于表示在更新时间间隔期间用户的坐标偏移,那么在所获取的用户数据信息中,所获取的经纬度信息可以包括当前时刻用户所在的第一经纬度和当前距离更新时间间隔这一时长之前的时刻,即上一时刻用户所在的第二经纬度,而所获取的步数信息可以包括当前时刻所统计的第一运动步数和当前距离更新时间间隔这一时长之前的时刻,即上一时刻所统计的第二运动步数,即在采用用户数据信息进行用户偏移量的计算时,所采用的用户数据信息为当前时刻和当前距离更新时间间隔这一时长之前的时刻,即上一时刻的与用户坐标偏移相关的数据。Wherein, the determined user offset can be used to represent the coordinate offset of the user during the update time interval, then in the acquired user data information, the acquired latitude and longitude information can include the first latitude and longitude where the user is at the current moment and The moment before the current distance update time interval, that is, the second latitude and longitude where the user was at the last moment, and the acquired step information may include the first movement steps counted at the current moment and the current distance update time interval. The moment before the duration, that is, the second number of motion steps counted at the last moment, that is, when the user data information is used to calculate the user offset, the user data information used is the current moment and the current distance update time interval. The time before the duration, that is, the data related to the user coordinate offset at the previous time.
需要说明的是,为了不侵犯用户的个人隐私,其在进行登录令牌进行生成的过程中所使用的用户数据信息主要是基于更新时间间隔进行采集的,即所获取的仅为当前时刻的数据以及数据更新上次时刻所使用的数据,并不对用户数据信息进行实时记录,且基于更新时间间隔对用户数据信息所进行的采集行为是在用户知晓且允许的情况下进行的。It should be noted that, in order not to violate the personal privacy of the user, the user data information used in the process of generating the login token is mainly collected based on the update time interval, that is, the data obtained is only the current moment As well as the data used at the last moment of data update, the user data information is not recorded in real time, and the collection of user data information based on the update time interval is performed with the user's knowledge and permission.
此外,更新时间间隔不仅可以指的是对用户数据信息进行采集的时间间隔,还可以指的是对后续所生成的登录令牌的更新时间,以及还可以指的是所生成的登录令牌的登录有效期,而对于更新时间间隔的具体设定,主要可基于实际业务情况进行设定,对此,本发明实施例不加以限制。In addition, the update time interval may not only refer to the time interval for collecting user data information, but may also refer to the update time of the subsequent generated login token, and may also refer to the time interval of the generated login token. The login validity period, and the specific setting of the update time interval can be mainly set based on actual business conditions, which is not limited by the embodiment of the present invention.
步骤102,获取用户登录信息,根据用户登录信息和用户偏移量,生成登录令牌;
在获取基于用户偏移位置相关的信息生成的用户偏移量之后,除了可以将表示用户在更新时间间隔期间内坐标偏移的用户偏移量作为用于生成登录令牌的相关数据以外,还可以获取用户登录信息,将用户登录信息与用户偏移量同时作为用于生成登录令牌的相关数据。After obtaining the user offset generated based on the information related to the user offset location, in addition to using the user offset indicating the coordinate offset of the user during the update time interval as the relevant data for generating the login token, User login information can be obtained, and the user login information and user offset can be used as relevant data for generating a login token.
其中,所获取的用户登录信息除了包括用户端在进行登录时,常规所需的用户登录账号以及用户登录密码以外,还可以包括同样属于与用户坐标偏移相关的其他数据,例如用户在当前时刻所在的运动方向、当前时刻等,以进一步地基于这些数据的不确定性,保证加密后数据的不可破解性,提高用户登录验证的安全性。Wherein, the obtained user login information may not only include the user login account and user login password routinely required when the client logs in, but also include other data related to the user coordinate offset, for example, the user is currently The direction of movement, the current moment, etc. are further based on the uncertainty of these data to ensure the uncrackability of encrypted data and improve the security of user login verification.
在实际应用中,在根据用户登录信息和用户偏移量加密生成登录令牌的过程中,可以通过将用户登录信息与所确定的用户偏移量进行拼接,将所拼接得到的内容进行加密生成。In practical applications, in the process of encrypting and generating a login token based on user login information and user offset, the spliced content can be encrypted and generated by splicing the user login information and the determined user offset .
在一种优选的实施例中,所生成的登录令牌具有所设定的与更新时间间隔相同的登录有效期,此时可以基于更新时间间隔对所生成的登录令牌进行更新,未在登录有效期内的登录令牌失效。示例性地,假设所设定的更新时间间隔为一个小时,那么所生成的登录令牌每隔一小时将会更新一次,具体可以每隔一个小时重新采集用户数据信息,并按照重新采集的用户数据信息重新生成登录令牌。In a preferred embodiment, the generated login token has the same set login validity period as the update time interval, at this time, the generated login token can be updated based on the update time interval. The login token within is invalid. Exemplarily, assuming that the set update time interval is one hour, the generated login token will be updated every hour. Specifically, user data information can be re-collected every hour, and according to the re-collected user The data information regenerates the login token.
步骤103,根据所生成的登录令牌进行登录验证。
在生成登录令牌后,可以根据所生成的登录令牌对用户端进行登录验证,由于所用于生成登录令牌的数据与用户数据信息相关,保证了所生成的登录令牌的随机性,以及基于确定用户坐标偏移的用户数据信息的不确定性,还能够保证加密后数据的不可破解性,提高用户登录验证的安全性。After the login token is generated, the user terminal can be logged in and verified according to the generated login token. Since the data used to generate the login token is related to the user data information, the randomness of the generated login token is guaranteed, and Based on the uncertainty of the user data information for determining the user coordinate offset, it can also ensure the uncrackability of encrypted data and improve the security of user login verification.
在实际应用中,服务端在生成登录令牌后,可以将所生成的登录令牌进行缓存,并向用户端返回登录令牌。此时,用户端在采用用户登录账号和用户登录密码进行账号登录时,所发送的登录请求通常可以携带有服务端所生成的登录令牌,服务端在接收到登录请求时,可以通过判定登录请求是否携带有登录令牌,且所携带的登录令牌是否处于登录有效期内,即所携带的登录令牌是否与其缓存的登录令牌是否一致,此时在登录有效期内,若用户端所发送的登录请求携带有所生成的登录令牌,则判定对用户端当前所进行的登录验证通过。In practical applications, after the server generates the login token, it can cache the generated login token and return the login token to the user. At this time, when the client uses the user login account and user login password for account login, the login request sent usually carries the login token generated by the server. When the server receives the login request, it can determine the login token. Whether the request carries a login token, and whether the carried login token is within the login validity period, that is, whether the carried login token is consistent with the cached login token. At this time, within the login validity period, if the client sends If the login request carries the generated login token, it is determined that the current login verification of the client is passed.
在本发明实施例中,服务端可以获取用户数据信息,并根据所获取的用户数据信息确定用户偏移量,所确定的用户偏移量可用于表示在更新时间间隔期间用户的坐标偏移,此时可以根据用户登录信息和用于表示坐标偏移的用户偏移量进行加密生成登录令牌,以用于对用户端进行登录验证。所用于生成登录令牌的数据与用户数据信息相关,保证了所生成的登录令牌的随机性,以及基于确定用户坐标偏移的用户数据信息的不确定性,还能够保证加密后数据的不可破解性,提高用户登录验证的安全性。In the embodiment of the present invention, the server can acquire user data information, and determine the user offset according to the acquired user data information, and the determined user offset can be used to represent the coordinate offset of the user during the update time interval, At this time, a login token may be generated by encrypting the user login information and the user offset used to represent the coordinate offset, so as to perform login verification on the user terminal. The data used to generate the login token is related to the user data information, which ensures the randomness of the generated login token and the uncertainty of the user data information based on the determination of the user coordinate offset, and can also ensure the unreliability of the encrypted data. Crackability, improve the security of user login verification.
参照图2,示出了本发明的另一种基于坐标偏移的登录验证方法实施例的步骤流程图,应用于服务端,具体可以包括如下步骤:Referring to FIG. 2 , it shows a flow chart of steps of another embodiment of a coordinate offset-based login verification method of the present invention, which is applied to the server, and may specifically include the following steps:
步骤201,根据用户所在的经纬度信息确定用户偏移距离;
在本发明实施例中,所用于生成登录令牌的数据与用户数据信息相关,能够保证所生成的登录令牌的随机性,增加登录令牌被破解的难度。此时可以将表示用户坐标偏移的用户偏移量作为用于生成登录令牌的相关数据,基于用户坐标偏移中用户每天出行方式的不同,以及步数与地点等数据的不确定性,保证加密后数据的不可破解性,提高用户登录验证的安全性。In the embodiment of the present invention, the data used to generate the login token is related to user data information, which can ensure the randomness of the generated login token and increase the difficulty of cracking the login token. At this time, the user offset representing the user coordinate offset can be used as the relevant data for generating the login token, based on the difference in the user's daily travel mode in the user coordinate offset, as well as the uncertainty of the number of steps and location data, Ensure the uncrackability of encrypted data and improve the security of user login verification.
具体地,参照图3,示出了本发明实施例提供的进行令牌生成的过程示意图,可以通过所获取的用户数据信息对表示坐标偏移的用户偏移量进行确定,所获取的用户数据信息可以是与用户坐标偏移相关的数据,例如用户的经纬度信息、步数信息等,以便基于与坐标偏移相关的数据确定用户偏移量。Specifically, referring to FIG. 3 , it shows a schematic diagram of the token generation process provided by the embodiment of the present invention. The user offset representing the coordinate offset can be determined through the acquired user data information. The acquired user data The information may be data related to the user's coordinate offset, such as the user's latitude and longitude information, step information, etc., so as to determine the user offset based on the data related to the coordinate offset.
所确定的用户偏移量可以用于表示在更新时间间隔期间用户的坐标偏移,那么在所获取的用户数据信息中,所获取的经纬度信息可以包括当前时刻用户所在的第一经纬度和当前距离更新时间间隔这一时长之前的时刻,即上一时刻用户所在的第二经纬度,而所获取的步数信息可以包括当前时刻所统计的第一运动步数和当前距离更新时间间隔这一时长之前的时刻,即上一时刻所统计的第二运动步数,即在采用用户数据信息进行用户偏移量的计算时,所采用的用户数据信息为当前时刻和当前距离更新时间间隔这一时长之前的时刻,即上一时刻的与用户坐标偏移相关的数据。The determined user offset can be used to represent the coordinate offset of the user during the update time interval, then in the acquired user data information, the acquired latitude and longitude information can include the first latitude and longitude where the user is at the current moment and the current distance The moment before the update time interval, that is, the second latitude and longitude where the user was at the last moment, and the acquired step information can include the first movement steps counted at the current moment and the current distance before the update time interval. The moment, that is, the second number of motion steps counted at the previous moment, that is, when the user data information is used to calculate the user offset, the user data information used is before the current moment and the current distance update time interval. The moment of , that is, the data related to the user coordinate offset at the previous moment.
需要说明的是,为了不侵犯用户的个人隐私,其在进行登录令牌进行生成的过程中所使用的用户数据信息主要是基于更新时间间隔进行采集的,即所获取的仅为当前时刻的数据以及数据更新上次时刻所使用的数据,并不对用户数据信息进行实时记录,且基于更新时间间隔对用户数据信息所进行的采集行为是在用户知晓且允许的情况下进行的。It should be noted that, in order not to violate the personal privacy of the user, the user data information used in the process of generating the login token is mainly collected based on the update time interval, that is, the data obtained is only the current moment As well as the data used at the last moment of data update, the user data information is not recorded in real time, and the collection of user data information based on the update time interval is performed with the user's knowledge and permission.
为了确定用户偏移量,首先可以确定与用户位置偏移相关的用户偏移距离,计算从当前时刻到当前距离更新时间间隔这一时长之前的时刻,即上一时刻这一时间段内的用户偏移距离,具体可以获取用户所在的经纬度信息,通过当前时刻用户所在的第一经纬度和当前距离更新时间间隔这一时长之前的时刻,即上一时刻用户所在的第二经纬度进行确定。In order to determine the user offset, the user offset distance related to the user position offset can be determined first, and the time from the current moment to the time before the current distance update time interval is calculated, that is, the user within the time period of the previous moment The offset distance can specifically obtain the latitude and longitude information where the user is located, and determine it through the first latitude and longitude where the user is at the current moment and the time before the current distance update time interval, that is, the second latitude and longitude where the user was at the previous moment.
具体地,如图4所示,可以以第二经纬度相应坐标点为原点构建平面直角坐标系,此时可以在平面直角坐标系中,采用第一经纬度和第二经纬度,计算用户从当前距离更新时间间隔这一时长之前的时刻,即上一时刻至当前时刻的第一用户偏移距离;此时为了避免存在用户运动距离重合的情况,可基于随机选取的任一时刻增加随机性,以增加后续所生成的登录令牌的散列性,具体可以表现为从当前距离更新时间间隔这一时长之前的时刻,即上一时刻至当前时刻的时间段内随机选取任一时刻,采用第一用户偏移距离、当前时刻以及所选取的任一时刻,计算用户从所选取的任一时刻至上一时刻的第二用户偏移距离。Specifically, as shown in Figure 4, a plane Cartesian coordinate system can be constructed with the corresponding coordinate point of the second latitude and longitude as the origin. At this time, in the plane Cartesian coordinate system, the first latitude and longitude and the second latitude and longitude can be used to calculate the update distance from the current distance of the user. The moment before the time interval, that is, the first user offset distance from the previous moment to the current moment; at this time, in order to avoid the overlap of user movement distances, the randomness can be increased based on any randomly selected moment to increase The hashability of the subsequent generated login token can be specifically expressed as a time before the current distance update time interval, that is, randomly select any time within the time period from the previous time to the current time, and use the first user Based on the offset distance, the current moment and any selected moment, the second user offset distance from the selected moment to the previous moment is calculated.
示例性地,假设用户当前位置,即当前时刻t1用户所在的第一经纬度相应的坐标点为a点,其第一经纬度为(x1,y1),上一时刻为t2,假设所设定的更新时间间隔为一个小时,t2可以表现为当前时间提前一小时前的时刻,在这时刻用户所在的第二经纬度相应的坐标点可以为b点,其第二经纬度为(x2,y2)。那么,可以以b点为原点构建平面直角坐标系,然后可以取a点在平面直角坐标系中的垂直坐标点,即c点以构成直角三角形,确定t2至t1该时间段内的第一用户偏移距离,为√(x12+y12)。For example, assume that the user's current location, that is, the coordinate point corresponding to the first longitude and latitude where the user is located at the current moment t1 is point a, the first longitude and latitude of which is (x1, y1), and the previous moment is t2, assuming that the set update The time interval is one hour, and t2 can be expressed as the time before the current time is advanced by one hour. At this moment, the corresponding coordinate point of the user's second longitude and latitude can be point b, and its second longitude and latitude is (x2, y2). Then, a plane Cartesian coordinate system can be constructed with point b as the origin, and then the vertical coordinate point of point a in the plane Cartesian coordinate system can be taken, that is, point c to form a right triangle, and the first user within the time period from t2 to t1 can be determined The offset distance is √(x1 2 +y1 2 ).
此时可以在t2至t1的时间区间随机选取任一时刻t3,假设用户在这个时间内匀速运动,那么用户在t2至t3时该时间段内的第二用户偏移距离可以表现为(t3-t2)/(t1-t2)*√(x12+y12)。At this time, any moment t3 can be randomly selected in the time interval from t2 to t1. Assuming that the user moves at a constant speed during this time, the second user offset distance of the user in this time period from t2 to t3 can be expressed as (t3- t2)/(t1-t2)*√(x1 2 +y1 2 ).
需要说明的是,若用户在t1时刻所获取的第一经纬度与用户在t2时刻所获取的第二经纬度的位置并未发生变化,可以将用户所在市或者地区中心位置作为点b,即作为构建的平面直角坐标系的原点。It should be noted that if the position of the first longitude and latitude obtained by the user at time t1 and the second longitude and latitude obtained by the user at time t2 do not change, the user's city or district center can be taken as point b, that is, as the construction The origin of the rectangular coordinate system of the plane.
步骤202,根据用户偏移距离和步数信息,确定用户偏移量;
如图3所示,为了确定用户偏移量,除了计算用户偏移距离以外,还可以对步数信息进行处理,以基于所处理得到的数据和用户偏移距离,确定用户偏移量。As shown in FIG. 3 , in order to determine the user offset, in addition to calculating the user offset distance, the step information may also be processed to determine the user offset based on the processed data and the user offset distance.
具体地,可以采用当前时刻所统计的第一运动步数和上一时刻所统计的第二运动步数,计算用户在上一时刻至当前时刻的第三运动步数。示例性地,假设当前时刻t1所统计的第一运动步数为Z1,上一时刻为t2,假设所设定的更新时间间隔为一个小时,t2可以表现为当前时间提前一小时前的时刻,在这时刻所统计的第二运动步数为Z2,此时可以将第一运动步数Z1减去第二运动步数Z2,计算第三运动步数,即表现为(Z1-Z2)。Specifically, the third number of exercise steps of the user from the previous moment to the current moment may be calculated by using the first number of exercise steps counted at the current moment and the second number of exercise steps counted at the previous moment. For example, assuming that the first number of motion steps counted at the current moment t1 is Z1, and the previous moment is t2, assuming that the set update time interval is one hour, t2 can be expressed as the moment before the current time is one hour ahead, The second number of motion steps counted at this moment is Z2. At this time, the third number of motion steps can be calculated by subtracting the second number of motion steps Z1 from the first number of motion steps Z1, which is expressed as (Z1-Z2).
其中,对于运动步数统计的初始时刻可以是凌晨00:00,即从凌晨开始对运动步数进行统计,得到当前时刻t1所统计的第一运动步数Z1,以及上一时刻t2所统计的第二运动步数Z2。需要说明的是,用户的出行方式可能在t2至t1该时间段进行乘车出行,此时所统计的第一运动步数Z1与第二运动步数Z2并未发生改变,在后续确定用户偏移量时可以直接采用第二运动步数Z2,并不进行对于第三运动步数的计算。需要说明的是,本发明实施例并不对用户具体的出行方式进行获取,而是侧重于体现用户进行点位偏移的相关数据。Wherein, the initial moment for counting the number of motion steps can be 00:00 in the morning, that is, counting the number of motion steps from the early morning to obtain the first motion step number Z1 counted at the current time t1 and the counted number of motion steps Z1 at the previous time t2 The second number of motion steps Z2. It should be noted that the user's travel mode may be traveling by car during the time period from t2 to t1. At this time, the first number of exercise steps Z1 and the second number of exercise steps Z2 have not changed. The second number of motion steps Z2 can be directly used for the amount of movement, and the calculation of the third number of motion steps is not performed. It should be noted that the embodiment of the present invention does not acquire the specific travel mode of the user, but focuses on reflecting the relevant data of the point offset by the user.
如图4所示,还可以获取第一经纬度相应坐标点(即a点)在平面坐标系中的垂直坐标点c点,c点可以与a点、b点构成直角三角形,此时可以根据垂直坐标点确定平面直角坐标系中所构成三角形的角度弦值,以便根据第一运动步数、第二用户偏移距离、第三运动步数以及所构成三角形的角度弦值,确定用户偏移量。As shown in Figure 4, the vertical coordinate point c point in the plane coordinate system of the corresponding coordinate point (i.e. point a) of the first longitude and latitude can also be obtained, and point c can form a right-angled triangle with point a and point b. The coordinate points determine the angle chord value of the triangle formed in the plane Cartesian coordinate system, so as to determine the user offset according to the first movement steps, the second user offset distance, the third movement steps and the angle chord value of the formed triangle .
需要说明的是,所获取的a点在平面坐标系中的垂直坐标点c点,不仅可以表现为如图4所示的a点垂直在横轴上的垂直坐标点c点(x1,0),还可以表现为a点垂直在纵轴上的垂直坐标点c点(0,y1)。It should be noted that the obtained vertical coordinate point c of point a in the plane coordinate system can not only be expressed as the vertical coordinate point c (x1,0) of point a perpendicular to the horizontal axis as shown in Figure 4 , which can also be expressed as point c (0, y1), the vertical coordinate point of point a perpendicular to the vertical axis.
所构成三角形的角度弦值可以包括第一角度正弦值、第二角度余弦值以及第三角度正切值。以a点垂直在横轴上的垂直坐标点c点(x1,0)为例,如图4所示,所构成的直角三角形为△ABC,此时可以分别将∠abc记为∠d、将∠acb记为∠f、将∠bac记为∠e,那么第一角度正弦值可以表现为∠d的正弦值(即sin∠d),第二角度余弦值可以表现为∠f的余弦值(即cos∠f),第三角度正切值可以表现为∠e的正切值(即tan∠e)。The angle sine values of the formed triangle may include a first angle sine value, a second angle cosine value and a third angle tangent value. Take the vertical coordinate point c (x1,0) of point a perpendicular to the horizontal axis as an example, as shown in Figure 4, the formed right triangle is △ABC, at this time, ∠abc can be recorded as ∠d, and ∠acb is recorded as ∠f, and ∠bac is recorded as ∠e, then the sine value of the first angle can be expressed as the sine value of ∠d (ie sin∠d), and the cosine value of the second angle can be expressed as the cosine value of ∠f ( Namely cos∠f), the tangent value of the third angle can be expressed as the tangent value of ∠e (ie tan∠e).
其中,第一角度∠d可以表现为AB边与BC边所构成的夹角,第二角度∠f可以表现为AC边与BC边所构成的夹角,第三角度∠e可以表现为AB边与AC边所构成的夹角,需要说明的是,其对于第一角度、第二角度与第三角度的确定方式,适用于垂直坐标点c点位于横轴以及纵轴的情况。Among them, the first angle ∠d can be expressed as the angle formed by the AB side and the BC side, the second angle ∠f can be expressed as the included angle formed by the AC side and the BC side, and the third angle ∠e can be expressed as the AB side It should be noted that the method for determining the first angle, the second angle, and the third angle for the angle formed with side AC is applicable to the case where the vertical coordinate point c is located on the horizontal axis and the vertical axis.
在本发明实施例中,在计算得到第三运动步数(Z1-Z2),以及得到所构成三角形的各个角度弦值之后,可以采用第一运动步数Z1和第一角度正弦值sin∠d的乘积,与第三运动步数(Z1-Z2)和第二角度余弦值cos∠f的乘积,以及与第二用户偏移距离(t3-t2)/(t1-t2)*√(x12+y12)和第三角度正切值tan∠e的乘积的和,计算用户偏移量。In the embodiment of the present invention, after calculating the third number of motion steps (Z1-Z2) and obtaining the angle chord values of the formed triangles, the first number of motion steps Z1 and the first angle sine value sin∠d can be used The product of the third motion steps (Z1-Z2) and the second angle cosine value cos∠f, and the offset distance from the second user (t3-t2)/(t1-t2)*√(x1 2 +y1 2 ) and the product of the third angle tangent tan∠e to calculate the user offset.
即用于计算用户偏移量的公式可以表现为:That is, the formula used to calculate the user offset can be expressed as:
Z1*sin∠d+(Z1-Z2)*cos∠f+((t3-t2)/(t1-t2)*√(x12+y12))*tan∠eZ1*sin∠d+(Z1-Z2)*cos∠f+((t3-t2)/(t1-t2)*√(x1 2 +y1 2 ))*tan∠e
步骤203,将用户登录信息中用户登录账号、用户登录密码、用户在当前时刻所在的运动方向以及当前时刻,与用户偏移量进行拼接,并加密生成登录令牌;
在获取基于用户偏移位置相关的信息生成的用户偏移量之后,除了可以将表示用户在更新时间间隔期间内坐标偏移的用户偏移量作为用于生成登录令牌的相关数据以外,还可以获取用户登录信息,将用户登录信息与用户偏移量同时作为用于生成登录令牌的相关数据。After obtaining the user offset generated based on the information related to the user offset location, in addition to using the user offset indicating the coordinate offset of the user during the update time interval as the relevant data for generating the login token, User login information can be obtained, and the user login information and user offset can be used as relevant data for generating a login token.
所获取的用户登录信息除了包括用户端在进行登录时,常规所需的用户登录账号以及用户登录密码以外,还可以包括同样属于与用户坐标偏移相关的其他数据,例如用户在当前时刻所在的运动方向、当前时刻等,以进一步地基于这些数据的不确定性,保证加密后数据的不可破解性,提高用户登录验证的安全性。The acquired user login information may include other data related to the user coordinate offset, such as the user's location at the current moment, in addition to the routinely required user login account and user login password when the client is logging in. Movement direction, current time, etc., to further ensure the uncrackability of encrypted data based on the uncertainty of these data, and improve the security of user login verification.
在实际应用中,在根据用户登录信息和用户偏移量加密生成登录令牌的过程中,可以通过将用户登录信息与所确定的用户偏移量进行拼接,将所拼接得到的内容进行加密生成。In practical applications, in the process of encrypting and generating a login token based on user login information and user offset, the spliced content can be encrypted and generated by splicing the user login information and the determined user offset .
具体地,可以获取用户登录信息中用户登录账号、用户登录密码、用户在当前时刻所在的运动方向以及当前时刻,并将当前时刻转换为当前时间毫秒值,具体可以将当前时刻所包含的小时与分钟分别转换为秒值,将当前时刻所包含的秒值与所转换得到的秒值进行相加后再转换为毫秒值实现;然后可以将用户登录账号、用户登录密码、用户在当前时刻所在的运动方向以及当前时间毫秒值,拼接得到加密内容,即表现为用户登录账号+用户登录密码+用户在当前时刻所在的运动方向+当前时刻毫秒值+Z1*sin∠d+(Z1-Z2)*cos∠f+((t3-t2)/(t1-t2)*√(x12+y12))*tan∠e。Specifically, the user login account, the user login password, the direction of movement of the user at the current moment, and the current time can be obtained from the user login information, and the current time can be converted into the millisecond value of the current time. Specifically, the hour contained in the current moment can be compared with Minutes are converted into seconds respectively, and the second value contained in the current time is added to the converted second value and then converted into a millisecond value; then the user login account, user login password, and the user's current location at the current time can be added The direction of movement and the millisecond value of the current time are spliced to obtain encrypted content, which is expressed as the user login account + user login password + the direction of movement of the user at the current moment + the millisecond value of the current moment + Z1*sin∠d+(Z1-Z2)*cos ∠f+((t3-t2)/(t1-t2)*√(x1 2 +y1 2 ))*tan∠e.
其中,用户在当前时刻所在的运动方向,主要可以通过将正东(即X轴正半轴)、正西(即X轴负半轴)、正南(即Y轴负半轴)、正北(即Y轴正半轴)、东北(即第一象限)、东南(即第二象限)、西南(即第三象限)、西北(即第四象限)等八个方向放进一个数组中,通过判断a点在平面直角坐标系中所属的象限确定相应运动方向实现。Among them, the direction of movement of the user at the current moment can be mainly determined by setting due east (i.e. the positive semi-axis of the X axis), due west (i.e. the negative semi-axis of the X axis), due south (i.e. the negative semi-axis of the Y axis), and due north (i.e. the positive semi-axis of the Y axis), northeast (i.e. the first quadrant), southeast (i.e. the second quadrant), southwest (i.e. the third quadrant), and northwest (i.e. the fourth quadrant) and other eight directions into an array, The corresponding motion direction is determined by judging the quadrant that point a belongs to in the plane Cartesian coordinate system.
需要说明的是,对于运动方向的确定基于当前位置所在的象限确定即可,所建立的数组主要是针对用户所在方向进行建立的,其主要可用于存储用户在不同的更新时刻的运动方向,以便于在进行令牌生成时对相应运行方向的获取操作,例如假设在时刻t2用户的运动方向为东北方向,则其数组可以表现为(0,0,0,0,1,0,0,0);而在下一更新时刻t1,若用户的运动方向为东南方向,则其数组内的数值也相应更改。对于运动方向的存储方式除了上述建立数组进行存储的方式以外,还可以采用其他方式,本发明实施例对此不加以限制。It should be noted that the direction of movement can be determined based on the quadrant where the current location is located, and the established array is mainly established for the direction of the user, which can be used to store the direction of movement of the user at different update moments, so that It is used to obtain the corresponding running direction during token generation. For example, assuming that the user’s moving direction is northeast at time t2, the array can be expressed as (0,0,0,0,1,0,0,0 ); and at the next update time t1, if the user's movement direction is southeast, the values in the array will also be changed accordingly. In addition to the above method of creating an array for storage, other methods may be used for storing the motion direction, which is not limited in this embodiment of the present invention.
那么,在具体实现中,可以将加密内容按照预设加密方式进行加密,生成登录令牌,具体可通过MD5算法(Message-DigestAlgorithm 5,信息-摘要算法5,用于确保信息传输完整一致)进行加密生成登录令牌,以基于所生成的登录令牌进行登录校验。Then, in a specific implementation, the encrypted content can be encrypted according to the preset encryption method to generate a login token, specifically through the MD5 algorithm (Message-DigestAlgorithm 5, information-digest algorithm 5, used to ensure the integrity and consistency of information transmission) Cryptographically generate a login token for login verification based on the generated login token.
步骤204,在登录有效期内,若用户端所发送的登录请求携带有所生成的登录令牌,则登录验证通过。
在生成登录令牌后,可以根据所生成的登录令牌对用户端进行登录验证,由于所用于生成登录令牌的数据与用户数据信息相关,保证了所生成的登录令牌的随机性,以及基于确定用户坐标偏移的用户数据信息的不确定性,还能够保证加密后数据的不可破解性,提高用户登录验证的安全性。After the login token is generated, the user terminal can be logged in and verified according to the generated login token. Since the data used to generate the login token is related to the user data information, the randomness of the generated login token is guaranteed, and Based on the uncertainty of the user data information for determining the user coordinate offset, it can also ensure the uncrackability of encrypted data and improve the security of user login verification.
在实际应用中,服务端在生成登录令牌后,可以将所生成的登录令牌进行缓存,并向用户端返回登录令牌。此时,用户端在采用用户登录账号和用户登录密码进行账号登录时,所发送的登录请求通常可以携带有服务端所生成的登录令牌,服务端在接收到登录请求时,可以通过判定登录请求是否携带有登录令牌,且所携带的登录令牌是否处于登录有效期内,即所携带的登录令牌是否与其缓存的登录令牌是否一致,此时在登录有效期内,若用户端所发送的登录请求携带有所生成的登录令牌,则判定对用户端当前所进行的登录验证通过。In practical applications, after the server generates the login token, it can cache the generated login token and return the login token to the user. At this time, when the client uses the user login account and user login password for account login, the login request sent usually carries the login token generated by the server. When the server receives the login request, it can determine the login token. Whether the request carries a login token, and whether the carried login token is within the login validity period, that is, whether the carried login token is consistent with the cached login token. At this time, within the login validity period, if the client sends If the login request carries the generated login token, it is determined that the current login verification of the client is passed.
在一种优选的实施例中,所生成的登录令牌具有所设定的与更新时间间隔相同的登录有效期,此时可以基于更新时间间隔对所生成的登录令牌进行更新,未在登录有效期内的登录令牌失效。示例性地,假设所设定的更新时间间隔为一个小时,那么所生成的登录令牌每隔一小时将会更新一次,具体可以每隔一个小时重新采集用户数据信息,并按照重新采集的用户数据信息重新生成登录令牌,即基于所设定的更新时间间隔重复进行前述步骤201至步骤203的具体实施方式。In a preferred embodiment, the generated login token has the same set login validity period as the update time interval, at this time, the generated login token can be updated based on the update time interval. The login token within is invalid. Exemplarily, assuming that the set update time interval is one hour, the generated login token will be updated every hour. Specifically, user data information can be re-collected every hour, and according to the re-collected user The data information regenerates the login token, that is, the specific implementation manner of repeating the
需要说明的是,更新时间间隔不仅可以指的是对用户数据信息进行采集的时间间隔,还可以指的是对后续所生成的登录令牌的更新时间,以及还可以指的是所生成的登录令牌的登录有效期,而对于更新时间间隔的具体设定,主要可基于实际业务情况进行设定,对此,本发明实施例不加以限制。It should be noted that the update time interval may not only refer to the time interval for collecting user data information, but also refer to the update time of the subsequent login token generated, and may also refer to the generated login token The login validity period of the token, and the specific setting of the update time interval can be mainly set based on actual business conditions, which is not limited by the embodiment of the present invention.
在本发明实施例中,服务端可以获取用户数据信息,并根据所获取的用户数据信息确定用户偏移量,所确定的用户偏移量可用于表示在更新时间间隔期间用户的坐标偏移,此时可以根据用户登录信息和用于表示坐标偏移的用户偏移量进行加密生成登录令牌,以用于对用户端进行登录验证。所用于生成登录令牌的数据与用户数据信息相关,保证了所生成的登录令牌的随机性,以及基于确定用户坐标偏移的用户数据信息的不确定性,还能够保证加密后数据的不可破解性,提高用户登录验证的安全性。In the embodiment of the present invention, the server can acquire user data information, and determine the user offset according to the acquired user data information, and the determined user offset can be used to represent the coordinate offset of the user during the update time interval, At this time, a login token may be generated by encrypting the user login information and the user offset used to represent the coordinate offset, so as to perform login verification on the user terminal. The data used to generate the login token is related to the user data information, which ensures the randomness of the generated login token and the uncertainty of the user data information based on the determination of the user coordinate offset, and can also ensure the unreliability of the encrypted data. Crackability, improve the security of user login verification.
参照图5,示出了本发明实施例提供的基于坐标偏移的登录验证的应用场景示意图,涉及用户端510和服务端511,用户端510和服务端511进行通信连接,其中用户端510可以通过输入用户登录账号以及用户登录密码,向服务端511发起登录请求,此时服务端511需要对用户端所发起的登录请求进行登录验证,其登录验证并不通过访问数据库校验账号密码实现,而是通过登录请求所携带的登录令牌Token实现。Referring to FIG. 5 , it shows a schematic diagram of an application scenario of login verification based on coordinate offset provided by an embodiment of the present invention, involving a
在具体实现中,服务端511可以将所生成的登录令牌进行缓存,并向用户端510返回登录令牌。此时,用户端在采用用户登录账号和用户登录密码进行账号登录时,所发送的登录请求通常可以携带有服务端511所生成的登录令牌,服务端511在接收到登录请求时,可以通过判定登录请求是否携带有登录令牌,且所携带的登录令牌是否处于登录有效期内,即所携带的登录令牌是否与其缓存的登录令牌是否一致,此时在登录有效期内,若用户端510所发送的登录请求携带有所生成的登录令牌,则可以判定对用户端510当前所进行的登录验证通过。In a specific implementation, the
其中,对于登录令牌的生成过程,可以如图3所示。所用于生成登录令牌的数据与用户数据信息相关,能够保证所生成的登录令牌的随机性,增加登录令牌被破解的难度。此时可以将表示用户坐标偏移的用户偏移量作为用于生成登录令牌的相关数据,基于用户坐标偏移中用户每天出行方式的不同,以及步数与地点等数据的不确定性,保证加密后数据的不可破解性,提高用户登录验证的安全性。Wherein, the generation process of the login token may be as shown in FIG. 3 . The data used to generate the login token is related to user data information, which can ensure the randomness of the generated login token and increase the difficulty of cracking the login token. At this time, the user offset representing the user coordinate offset can be used as the relevant data for generating the login token, based on the difference in the user's daily travel mode in the user coordinate offset, as well as the uncertainty of the number of steps and location data, Ensure the uncrackability of encrypted data and improve the security of user login verification.
示例性地,假设更新时间间距为一个小时,当前时刻t1为2022-06-2308:13:26,用户当前位置,即在t1时刻用户所在的第一经纬度相应的坐标点为a点,其第一经纬度为(116.3852581°,40.0106419°),所统计的第一运动步数Z1为3536;而用户在上一时刻t2为2022-06-2307:13:26,在t2时刻用户所在的第二经纬度相应的坐标点为b点,其第二经纬度为(116.3727537°,39.9978197°),所统计的第二运动步数Z2为2679。For example, assuming that the update time interval is one hour, the current time t1 is 2022-06-2308:13:26, the user's current location, that is, the coordinate point corresponding to the first longitude and latitude where the user is at the time t1 is point a, and its first The first latitude and longitude is (116.3852581°, 40.0106419°), and the first counted number of motion steps Z1 is 3536; and the user’s second latitude and longitude at the last moment t2 is 2022-06-2307:13:26. The corresponding coordinate point is point b, its second latitude and longitude is (116.3727537°, 39.9978197°), and the counted second number of motion steps Z2 is 2679.
此时可以如图4所示,以b点为原点构建平面直角坐标系,那么可以计算得到用户在过去一小时的第一用户偏移距离为√(116.3852581^2+40.0106419^2),此时可以在两个时刻t1与t2之间,随机选取任一时刻t3,例如t3为2022-06-2307:36:11,设定该用户在这个时间区间段内进行匀速运动,那么该用户在2022-06-2307:13:26(即t2)至2022-06-2307:36:11(即t3)这一时间段内的偏移距离为(07:36:11-07:13:26)/(08:13:26-07:13:26)*√(116.3852581^2+40.0106419^2);且b点在第一象限,确定用户在当前时刻的运动方向为东北方向,且用户在更新时间间隔(即一小时之内)的运动步数Z1-Z2为857,此时可以将用户登录账号、用户登录密码、用户在当前时刻所在的运动方向以及当前时间毫秒值,拼接得到加密内容M,即为123456789(用户登录账号)+88888888(用户登录密码)+东北+1655943206(当前时刻毫秒值)+3536**sin∠d+857*cos∠f+(07:36:11-07:13:26)/(08:13:26-07:13:26)*√(116.3852581^2+40.0106419^2)*tan∠e。At this time, as shown in Figure 4, a plane Cartesian coordinate system can be constructed with point b as the origin, then the first user offset distance of the user in the past hour can be calculated as √(116.3852581^2+40.0106419^2), at this time Any time t3 can be randomly selected between two times t1 and t2, for example, t3 is 2022-06-2307:36:11, and the user is set to exercise at a constant speed within this time interval, then the user will The offset distance during the period from -06-2307:13:26 (ie t2) to 2022-06-2307:36:11 (ie t3) is (07:36:11-07:13:26)/ (08:13:26-07:13:26)*√(116.3852581^2+40.0106419^2); and point b is in the first quadrant, it is determined that the user's movement direction at the current moment is northeast, and the user is updating time The number of motion steps Z1-Z2 at intervals (that is, within one hour) is 857. At this time, the encrypted content M can be obtained by splicing the user login account, user login password, the user's movement direction at the current moment, and the millisecond value of the current time. That is 123456789 (user login account) + 88888888 (user login password) + northeast + 1655943206 (millisecond value at the current moment) + 3536**sin∠d+857*cos∠f+(07:36:11-07:13:26 )/(08:13:26-07:13:26)*√(116.3852581^2+40.0106419^2)*tan∠e.
服务端511将M通过MD5算法进行加密后,即可生成登录令牌v1sa65g16ad1b6fd6z1b6df6SDFcDvDV5v61V6v1d6515165v61vs74cs7df1v6s1vG16G1sd6VDv11v66VSvdfh1a5r6h4a61g6dfz1b6z54bfz61VZD45FUBubyubuVCVK161,服务端将加密得到的登录令牌进行缓存,并返回给客户端,以便用于进行登录验证。服务端511将M通过MD5算法进行加密后,即可生成登录令牌v1sa65g16ad1b6fd6z1b6df6SDFcDvDV5v61V6v1d6515165v61vs74cs7df1v6s1vG16G1sd6VDv11v66VSvdfh1a5r6h4a61g6dfz1b6z54bfz61VZD45FUBubyubuVCVK161,服务端将加密得到的登录令牌进行缓存,并返回给客户端,以便用于进行登录验证。
在实际应用中,所生成的登录令牌具有所设定的与更新时间间隔相同的登录有效期,此时可以基于更新时间间隔对所生成的登录令牌进行更新,未在登录有效期内的登录令牌失效。示例性地,假设所设定的更新时间间隔为一个小时,那么所生成的登录令牌每隔一小时将会更新一次,具体可以每隔一个小时重新采集用户数据信息,并按照重新采集的用户数据信息重新生成登录令牌。In practical applications, the generated login token has the same login validity period set as the update time interval. At this time, the generated login token can be updated based on the update time interval. The login token that is not within the login validity period Card expires. Exemplarily, assuming that the set update time interval is one hour, the generated login token will be updated every hour. Specifically, user data information can be re-collected every hour, and according to the re-collected user The data information regenerates the login token.
需要说明的是,用户量增加的同时各种互联网产品也随之增加,本发明实施例提出的基于坐标偏移的登录验证方式,能够在各种互联网产品尤其是APP端进行广泛应用,存在较强的市场潜力。It should be noted that as the number of users increases, various Internet products also increase accordingly. The login verification method based on coordinate offsets proposed in the embodiment of the present invention can be widely used in various Internet products, especially APPs. Strong market potential.
在本发明实施例中,将表示用户坐标偏移的用户偏移量作为用于生成登录令牌的相关数据,所用于生成登录令牌的数据与用户数据信息相关,能够保证所生成的登录令牌的随机性,增加登录令牌被破解的难度;以及,用户数据信息可以包括用户的经纬度信息和步数信息,基于用户每天出行方式的不同,以及步数与地点等数据的不确定性,能够保证加密后数据的不可破解性,提高用户登录验证的安全性;进一步地,基于用户形成经过一系列算法生成登录令牌的过程,可以按照所设定的更新时间间隔实现对登录令牌的定期更新,在提升登陆令牌额的安全性的同时,还能够保证所生成的登录令牌的不可重复性,以及就算被各种手段获取到加密后的密文,也无法通过市面上的传统的加密方式破解获取到用户的账号密码信息,增加了加密后数据的随机性与破解难度,显著提高了加密数据的安全性。此外,为了不侵犯用户的个人隐私,其在进行登录令牌进行生成的过程中所使用的用户数据信息主要是基于更新时间间隔进行采集的,即所获取的仅为当前时刻的数据以及数据更新上次时刻所使用的数据,并不对用户数据信息进行实时记录,且本发明实施例所提出的令牌生成算法能够降低登录令牌的生成成本,并节省系统资源。In the embodiment of the present invention, the user offset representing the offset of the user coordinates is used as the relevant data for generating the login token, and the data used to generate the login token is related to the user data information, which can ensure that the generated login token The randomness of the card increases the difficulty of cracking the login token; and, the user data information can include the user's latitude and longitude information and step information, based on the user's daily travel mode, as well as the uncertainty of data such as the number of steps and location, It can ensure the uncrackability of the encrypted data and improve the security of user login verification; further, based on the process of generating a login token through a series of algorithms based on the user's formation, the login token can be verified according to the set update time interval. Regularly updated, while improving the security of the login token amount, it can also ensure the non-repeatability of the generated login token, and even if the encrypted ciphertext is obtained by various means, it cannot pass the traditional ciphertext on the market. The user's account password information is obtained by cracking the encryption method, which increases the randomness of the encrypted data and the difficulty of cracking, and significantly improves the security of the encrypted data. In addition, in order not to infringe on the personal privacy of the user, the user data information used in the process of generating the login token is mainly collected based on the update time interval, that is, only the current data and data update are obtained. The data used at the last moment does not record user data information in real time, and the token generation algorithm proposed by the embodiment of the present invention can reduce the cost of generating login tokens and save system resources.
需要说明的是,对于方法实施例,为了简单描述,故将其都表述为一系列的动作组合,但是本领域技术人员应该知悉,本发明实施例并不受所描述的动作顺序的限制,因为依据本发明实施例,某些步骤可以采用其他顺序或者同时进行。其次,本领域技术人员也应该知悉,说明书中所描述的实施例均属于优选实施例,所涉及的动作并不一定是本发明实施例所必须的。It should be noted that, for the method embodiment, for the sake of simple description, it is expressed as a series of action combinations, but those skilled in the art should know that the embodiment of the present invention is not limited by the described action sequence, because According to the embodiment of the present invention, certain steps may be performed in other orders or simultaneously. Secondly, those skilled in the art should also know that the embodiments described in the specification belong to preferred embodiments, and the actions involved are not necessarily required by the embodiments of the present invention.
参照图6,示出了本发明的一种基于坐标偏移的登录验证装置实施例的结构框图,应用于服务端,具体可以包括如下模块:Referring to FIG. 6 , it shows a structural block diagram of an embodiment of a coordinate offset-based login verification device of the present invention, which is applied to the server, and may specifically include the following modules:
用户偏移量确定模块601,用于获取用户数据信息,根据所述用户数据信息确定用户偏移量;所述用户偏移量用于表示在更新时间间隔期间用户的坐标偏移;The user offset
令牌生成模块602,用于获取用户登录信息,根据所述用户登录信息和所述用户偏移量,生成登录令牌;A
登录验证模块603,用于根据所生成的登录令牌进行登录验证。A
在本发明的一种实施例中,所述用户数据信息包括用户所在的经纬度信息和步数信息;用户偏移量确定模块601可以包括如下子模块:In an embodiment of the present invention, the user data information includes latitude and longitude information and step information of the user; the user offset
用户偏移距离确定子模块,用于根据所述用户所在的经纬度信息确定用户偏移距离;A user offset distance determining submodule, configured to determine the user offset distance according to the latitude and longitude information where the user is located;
用户偏移量确定子模块,用于根据所述用户偏移距离和所述步数信息,确定用户偏移量。The user offset determination submodule is configured to determine the user offset according to the user offset distance and the step number information.
在本发明的一种实施例中,所述用户所在的经纬度信息包括当前时刻用户所在的第一经纬度和距离更新时间间隔之前的上一时刻用户所在的第二经纬度,所述步数信息包括当前时刻所统计的第一运动步数和距离所述更新时间间隔之前的上一时刻所统计的第二运动步数;In an embodiment of the present invention, the latitude and longitude information of the user includes the first latitude and longitude of the user at the current moment and the second latitude and longitude of the user at the previous moment before the update time interval, and the step number information includes the current latitude and longitude of the user. The first number of motion steps counted at the moment and the second number of motion steps counted at the previous moment before the update time interval;
用户偏移距离确定子模块可以包括如下单元:The user offset distance determination submodule may include the following units:
坐标系构建单元,用于以所述第二经纬度为原点构建平面直角坐标系;A coordinate system construction unit, configured to construct a plane Cartesian coordinate system with the second latitude and longitude as the origin;
第一用户偏移距离确定单元,用于在所述平面直角坐标系中,采用所述第一经纬度和所述第二经纬度,计算用户从距离更新时间间隔之前的上一时刻至当前时刻的第一用户偏移距离;The first user offset distance determination unit is configured to use the first latitude and longitude and the second latitude and longitude in the plane Cartesian coordinate system to calculate the user's second distance from the previous moment before the distance update time interval to the current moment. a user offset distance;
第二用户偏移距离确定单元,用于从所述距离更新时间间隔之前的上一时刻至当前时刻的时间段内随机选取任一时刻,采用所述第一用户偏移距离、当前时刻以及所选取的任一时刻,计算用户从所选取的任一时刻至距离更新时间间隔之前的上一时刻的第二用户偏移距离。The second user offset distance determining unit is configured to randomly select any time within the time period from the previous moment before the distance update time interval to the current moment, and adopt the first user offset distance, the current moment and the At any selected moment, the second user offset distance of the user from the selected moment to the previous moment before the update time interval is calculated.
在本发明的一种实施例中,所述用户偏移距离包括从所述距离更新时间间隔之前的上一时刻至当前时刻的时间段内所选取的任一时刻,至当前时刻的第二用户偏移距离;In an embodiment of the present invention, the user offset distance includes any time selected within the time period from the last time before the distance update time interval to the current time, and the second user at the current time offset distance;
用户偏移量确定子模块可以包括如下单元:The user offset determination submodule may include the following units:
第三运动步数确定单元,用于采用当前时刻所统计的第一运动步数和距离所述更新时间间隔之前的上一时刻所统计的第二运动步数,计算用户在距离更新时间间隔之前的上一时刻至当前时刻的第三运动步数;The third motion step determination unit is configured to use the first motion step counted at the current moment and the second motion step counted at the previous moment before the update time interval to calculate the user's distance before the update time interval The number of third movement steps from the previous moment to the current moment;
角度弦值确定单元,用于获取所述第一经纬度相应坐标点在所述平面坐标系中的垂直坐标点,根据所述垂直坐标点确定所述平面直角坐标系中所构成三角形的角度弦值;An angle chord determination unit, configured to obtain the vertical coordinate point of the corresponding coordinate point of the first latitude and longitude in the plane coordinate system, and determine the angle chord value of the triangle formed in the plane Cartesian coordinate system according to the vertical coordinate point ;
用户偏移量确定单元,用于根据所述第一运动步数、第二用户偏移距离、第三运动步数以及所构成三角形的角度弦值,确定用户偏移量。The user offset determining unit is configured to determine the user offset according to the first movement steps, the second user offset distance, the third movement steps and the angle chords of the formed triangles.
在本发明的一种实施例中,所述角度弦值包括第一角度正弦值、第二角度余弦值以及第三角度正切值;用户偏移量确定单元可以包括如下子单元:In an embodiment of the present invention, the angle sine value includes a first angle sine value, a second angle cosine value, and a third angle tangent value; the user offset determination unit may include the following subunits:
用户偏移量确定子单元,用于采用所述第一运动步数和第一角度正弦值的乘积,与所述第三运动步数和第二角度余弦值的乘积,以及与所述第二用户偏移距离和第三角度正切值的乘积的和,计算用户偏移量。The user offset determining subunit is used to use the product of the first motion steps and the sine value of the first angle, the product of the third motion steps and the second angle cosine value, and the product of the second The sum of the product of the user offset distance and the tangent of the third angle is used to calculate the user offset.
在本发明的一种实施例中,令牌生成模块602可以包括如下子模块:In one embodiment of the present invention, the
用户登录信息获取子模块,用于获取所述用户登录信息中用户登录账号、用户登录密码、用户在当前时刻所在的运动方向以及当前时刻;The user login information acquisition sub-module is used to acquire the user login account number, user login password, movement direction of the user at the current moment and the current moment in the user login information;
加密内容生成子模块,用于将所述当前时刻转换为当前时间毫秒值,并将所述用户登录账号、用户登录密码、用户在当前时刻所在的运动方向、所述当前时间毫秒值以及所述用户偏移量,拼接得到加密内容;The encrypted content generation sub-module is used to convert the current time into the millisecond value of the current time, and convert the user login account, the user login password, the direction of movement of the user at the current moment, the millisecond value of the current time, and the User offset, splicing to get encrypted content;
令牌生成子模块,用于将所述加密内容按照预设加密方式进行加密,生成登录令牌。The token generation sub-module is used to encrypt the encrypted content according to a preset encryption method to generate a login token.
在本发明的一种实施例中,所述登录令牌以所述更新时间间隔作为登录有效期;登录验证模块603可以包括如下子模块:In an embodiment of the present invention, the login token takes the update time interval as the login validity period; the
登录验证子模块,用于在所述登录有效期内,若用户端所发送的登录请求携带有所生成的登录令牌,则登录验证通过。The login verification sub-module is configured to pass the login verification if the login request sent by the client carries the generated login token within the validity period of the login.
本发明实施例所提出的基于坐标偏移的登录验证装置,可以获取用户数据信息,并根据所获取的用户数据信息确定用户偏移量,所确定的用户偏移量可用于表示在更新时间间隔期间用户的坐标偏移,此时可以根据用户登录信息和用于表示坐标偏移的用户偏移量进行加密生成登录令牌,以用于对用户端进行登录验证。所用于生成登录令牌的数据与用户数据信息相关,保证了所生成的登录令牌的随机性,以及基于确定用户坐标偏移的用户数据信息的不确定性,还能够保证加密后数据的不可破解性,提高用户登录验证的安全性。The login verification device based on coordinate offset proposed by the embodiment of the present invention can obtain user data information, and determine the user offset according to the acquired user data information, and the determined user offset can be used to indicate During the coordinate offset of the user, at this time, a login token can be generated by encrypting the user login information and the user offset used to represent the coordinate offset, so as to perform login verification on the user terminal. The data used to generate the login token is related to the user data information, which ensures the randomness of the generated login token and the uncertainty of the user data information based on the determination of the user coordinate offset, and can also ensure the unreliability of the encrypted data. Crackability, improve the security of user login verification.
对于装置实施例而言,由于其与方法实施例基本相似,所以描述的比较简单,相关之处参见方法实施例的部分说明即可。As for the device embodiment, since it is basically similar to the method embodiment, the description is relatively simple, and for related parts, please refer to the part of the description of the method embodiment.
本发明实施例还提供了一种电子设备,包括:The embodiment of the present invention also provides an electronic device, including:
包括处理器、存储器及存储在所述存储器上并能够在所述处理器上运行的计算机程序,该计算机程序被处理器执行时实现上述基于坐标偏移的登录验证方法实施例的各个过程,且能达到相同的技术效果,为避免重复,这里不再赘述。It includes a processor, a memory, and a computer program stored on the memory and capable of running on the processor. When the computer program is executed by the processor, each process of the above embodiment of the login verification method based on coordinate offset is realized, and The same technical effect can be achieved, so in order to avoid repetition, details will not be repeated here.
本发明实施例还提供了一种计算机可读存储介质,计算机可读存储介质上存储计算机程序,计算机程序被处理器执行时实现上述基于坐标偏移的登录验证方法实施例的各个过程,且能达到相同的技术效果,为避免重复,这里不再赘述。The embodiment of the present invention also provides a computer-readable storage medium, on which a computer program is stored. When the computer program is executed by a processor, each process of the above-mentioned embodiment of the login verification method based on coordinate offset can be realized, and can To achieve the same technical effect, in order to avoid repetition, no more details are given here.
本说明书中的各个实施例均采用递进的方式描述,每个实施例重点说明的都是与其他实施例的不同之处,各个实施例之间相同相似的部分互相参见即可。Each embodiment in this specification is described in a progressive manner, each embodiment focuses on the difference from other embodiments, and the same and similar parts of each embodiment can be referred to each other.
本领域内的技术人员应明白,本发明实施例的实施例可提供为方法、装置、或计算机程序产品。因此,本发明实施例可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本发明实施例可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art should understand that the embodiments of the present invention may be provided as methods, devices, or computer program products. Accordingly, embodiments of the invention may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, embodiments of the invention may take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
本发明实施例是参照根据本发明实施例的方法、终端设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理终端设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理终端设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。Embodiments of the present invention are described with reference to flowcharts and/or block diagrams of methods, terminal devices (systems), and computer program products according to embodiments of the present invention. It should be understood that each procedure and/or block in the flowchart and/or block diagram, and a combination of procedures and/or blocks in the flowchart and/or block diagram can be realized by computer program instructions. These computer program instructions may be provided to a general purpose computer, special purpose computer, embedded processor or processor of other programmable data processing terminal equipment to produce a machine such that instructions executed by the computer or processor of other programmable data processing terminal equipment Produce means for realizing the functions specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理终端设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。These computer program instructions may also be stored in a computer-readable memory capable of directing a computer or other programmable data processing terminal to operate in a specific manner, such that the instructions stored in the computer-readable memory produce an article of manufacture comprising instruction means, the The instruction means implements the functions specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.
这些计算机程序指令也可装载到计算机或其他可编程数据处理终端设备上,使得在计算机或其他可编程终端设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程终端设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded into a computer or other programmable data processing terminal equipment, so that a series of operational steps are performed on the computer or other programmable terminal equipment to produce computer-implemented processing, thereby The instructions executed above provide steps for implementing the functions specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.
尽管已描述了本发明实施例的优选实施例,但本领域内的技术人员一旦得知了基本创造性概念,则可对这些实施例做出另外的变更和修改。所以,所附权利要求意欲解释为包括优选实施例以及落入本发明实施例范围的所有变更和修改。Having described preferred embodiments of embodiments of the present invention, additional changes and modifications to these embodiments can be made by those skilled in the art once the basic inventive concept is appreciated. Therefore, the appended claims are intended to be construed to cover the preferred embodiment and all changes and modifications which fall within the scope of the embodiments of the present invention.
最后,还需要说明的是,在本文中,诸如第一和第二等之类的关系术语仅仅用来将一个实体或者操作与另一个实体或操作区分开来,而不一定要求或者暗示这些实体或操作之间存在任何这种实际的关系或者顺序。而且,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者终端设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者终端设备所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括所述要素的过程、方法、物品或者终端设备中还存在另外的相同要素。Finally, it should also be noted that in this text, relational terms such as first and second etc. are only used to distinguish one entity or operation from another, and do not necessarily require or imply that these entities or operations, any such actual relationship or order exists. Furthermore, the term "comprises", "comprises" or any other variation thereof is intended to cover a non-exclusive inclusion such that a process, method, article, or terminal equipment comprising a set of elements includes not only those elements, but also includes elements not expressly listed. other elements identified, or also include elements inherent in such a process, method, article, or end-equipment. Without further limitations, an element defined by the phrase "comprising a ..." does not exclude the presence of additional identical elements in the process, method, article or terminal device comprising said element.
以上对本发明所提供的一种基于坐标偏移的登录验证方法、一种基于坐标偏移的登录验证装置、相应的一种电子设备以及相应的一种计算机存储介质,进行了详细介绍,本文中应用了具体个例对本发明的原理及实施方式进行了阐述,以上实施例的说明只是用于帮助理解本发明的方法及其核心思想;同时,对于本领域的一般技术人员,依据本发明的思想,在具体实施方式及应用范围上均会有改变之处,综上所述,本说明书内容不应理解为对本发明的限制。A login verification method based on coordinate offset, a login verification device based on coordinate offset, a corresponding electronic device, and a corresponding computer storage medium provided by the present invention have been introduced above in detail. Application of specific examples has explained principle of the present invention and implementation mode, and the description of above embodiment is only used to help understanding method of the present invention and core idea thereof; Simultaneously, for those of ordinary skill in the art, according to thought of the present invention , there will be changes in specific implementation methods and application ranges. In summary, the content of this specification should not be construed as limiting the present invention.
Claims (10)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211124857.5A CN115589308A (en) | 2022-09-15 | 2022-09-15 | Login verification method, device, equipment and storage medium based on coordinate offset |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211124857.5A CN115589308A (en) | 2022-09-15 | 2022-09-15 | Login verification method, device, equipment and storage medium based on coordinate offset |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115589308A true CN115589308A (en) | 2023-01-10 |
Family
ID=84773087
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211124857.5A Pending CN115589308A (en) | 2022-09-15 | 2022-09-15 | Login verification method, device, equipment and storage medium based on coordinate offset |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115589308A (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103401689A (en) * | 2013-08-22 | 2013-11-20 | 赵忠华 | Positional information based dynamic token and encryption method thereof |
| WO2016134016A1 (en) * | 2015-02-17 | 2016-08-25 | Visa International Service Association | Token and cryptogram using transaction specific information |
| CN106034104A (en) * | 2015-03-07 | 2016-10-19 | 华为技术有限公司 | Authentication method, device and system for network application access |
-
2022
- 2022-09-15 CN CN202211124857.5A patent/CN115589308A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103401689A (en) * | 2013-08-22 | 2013-11-20 | 赵忠华 | Positional information based dynamic token and encryption method thereof |
| WO2016134016A1 (en) * | 2015-02-17 | 2016-08-25 | Visa International Service Association | Token and cryptogram using transaction specific information |
| CN106034104A (en) * | 2015-03-07 | 2016-10-19 | 华为技术有限公司 | Authentication method, device and system for network application access |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10944570B2 (en) | Method and server for providing notary service for file and verifying file recorded by notary service | |
| US10235538B2 (en) | Method and server for providing notary service for file and verifying file recorded by notary service | |
| US20220100838A1 (en) | Verification request authentication machine | |
| US10015171B1 (en) | Authentication using metadata from posts made to social networking websites | |
| JP2023542681A (en) | Integrating device identity into blockchain permission frameworks | |
| US11570180B1 (en) | Systems configured for validation with a dynamic cryptographic code and methods thereof | |
| US20230208644A1 (en) | Systems configured for credential exchange with a dynamic cryptographic code and methods thereof | |
| CN114978577B (en) | Identity authentication method and device and electronic equipment | |
| Albeshri et al. | Enhanced geoproof: improved geographic assurance for data in the cloud | |
| EP3395031A1 (en) | Method for storing data on a storage entity | |
| WO2024011863A1 (en) | Communication method and apparatus, sim card, electronic device, and terminal device | |
| US11074351B2 (en) | Location specific identity verification system | |
| KR20220088747A (en) | Prevents data manipulation and protects user privacy when measuring accurate location events | |
| CN112000993A (en) | Block chain-based data storage verification method, equipment and storage medium | |
| Khan et al. | Lucy with agents in the sky: trustworthiness of cloud storage for industrial internet of things | |
| CN115589308A (en) | Login verification method, device, equipment and storage medium based on coordinate offset | |
| CN116150788A (en) | Data exchange validity verification method, device and equipment | |
| CN112751675B (en) | Information monitoring method, system, equipment and storage medium based on block chain | |
| KR102375144B1 (en) | Device, method, system and computer readable storage medium for managing private key using blockchain | |
| CN115829729B (en) | Three-chain architecture-based supply chain financial credit evaluation system and method | |
| CN114024964B (en) | A resource access method, device, device and computer-readable storage medium | |
| US11972525B2 (en) | Generating training data through image augmentation | |
| CN118803799A (en) | Location-based systems and technologies for minting non-fungible tokens (NFTs) | |
| CN115208640A (en) | Named data network public key management method based on block chain intelligent contract | |
| Alblooshi | Blockchain-based Ownership Management for Medical IoT (MIoT) Devices and their Data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |