CN112671777A - User identity authentication method, device and equipment - Google Patents
User identity authentication method, device and equipment Download PDFInfo
- Publication number
- CN112671777A CN112671777A CN202011565258.8A CN202011565258A CN112671777A CN 112671777 A CN112671777 A CN 112671777A CN 202011565258 A CN202011565258 A CN 202011565258A CN 112671777 A CN112671777 A CN 112671777A
- Authority
- CN
- China
- Prior art keywords
- user
- network token
- json network
- json
- token
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 48
- 238000012795 verification Methods 0.000 claims abstract description 43
- 230000005540 biological transmission Effects 0.000 claims description 11
- 230000008569 process Effects 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 238000003058 natural language processing Methods 0.000 description 2
- 238000012015 optical character recognition Methods 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 235000014510 cooky Nutrition 0.000 description 1
- 230000010154 cross-pollination Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000003032 molecular docking Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000000926 separation method Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Images
Landscapes
- Telephonic Communication Services (AREA)
Abstract
The application discloses a user identity verification method, device and equipment, which can utilize a JSON network token jwt to verify the identity of a user more quickly and accurately, do not occupy extra storage resources, have strong expandability and better privacy, are convenient for subsequent service promotion on the user, and improve user experience. The method comprises the following steps: firstly, the front end of a micro service center receives a JSON network token sent by a user through a portal center, then, when the front end of the micro service center judges that the JSON network token is not empty and the JSON network token passes verification, the JSON network token is transmitted to a rear end server, and then, the rear end server analyzes the JSON network token to obtain personal identity information of the user; and determining the authentication result of the user according to the personal identity information of the user.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a method, an apparatus, and a device for user authentication.
Background
With the increasingly wide application of micro-services and the constantly changing market demands, the iteration of banking services is more frequent, and the multiplication of the banking traffic makes the original single application unable to adapt to the new user demands, so that the original application can be upgraded into the micro-service application by modifying the platform. Meanwhile, the business bank is helped to carry out digital transformation and play the role of the traditional column by the aid of the strategy in the data. The data center station forms a unified portal, integrates multiple functions of Natural Language Processing (NLP), Optical Character Recognition (OCR), digital large screen and the like, and integrates functions of multiple service centers into a portal website to provide services to the outside in a unified manner. The portal is an entrance, and each independent system and application function connected to the portal are connected behind the portal, so that how to interact with the portal center and how to analyze the user identity to obtain the information of the project and classify the information is a problem to be solved urgently.
Currently, a method for verifying a user identity by using a token (token) is generally classified into two verification methods: one is to adopt the device number/device mac address as token, so that the client can obtain the device number (mac address) of the device and transmit it as a parameter to the server when logging in, and after receiving the parameter, the server uses a variable to accept and store the token in the database at the same time and set the token in the session, the client needs to intercept uniformly each request, and compares the token transmitted by the client with the token in the session of the server, if the two are the same, the token is rejected if the two are different. Although the method is characterized in that the client and the server unify a token with a unique identifier, each device is guaranteed to have a unique session, the client does not need to log in again and only needs to log in once, the token can be used all the time later, the overtime problem is handled by the server, the server only needs to inquire the token transmitted by the client into the database and assign the token to the variable token, and the token is timed again when overtime occurs, but the client needs to carry a device number (mac) address as a parameter for transmission and the server also needs to store the token. The other mode is that the session value is directly used as the token, so that the client only needs to carry a user name and a password for login, the server can judge after receiving the user name and the password, if the result is correct, the locally acquired session ID is returned to the client as the token, and the client only needs to carry request data subsequently. Although the verification method does not need to store data, after the session expires, the user can only log in again through the client to access the data of the back-end server, which results in poor user experience.
Disclosure of Invention
The embodiment of the application mainly aims to provide a user identity verification method, a user identity verification device and user identity verification equipment, which can quickly and accurately verify the user identity in a micro-service architecture, do not occupy additional storage resources, have strong expandability and better privacy, are convenient for subsequent service promotion of users, and improve user experience.
In a first aspect, an embodiment of the present application provides a user identity authentication method, including:
the front end of the micro service center receives a JSON network token sent by a user through the portal center;
when the front end of the micro service center judges that the JSON network token is not empty and the JSON network token passes verification, the JSON network token is transmitted to a back-end server;
the back-end server analyzes the JSON network token to obtain the personal identity information of the user; and determining the authentication result of the user according to the personal identity information of the user.
Optionally, the JSon network token is generated by the backend server by encrypting with a private key in advance.
Optionally, when the front end of the microservice center determines that the JSon network token is not empty and the JSon network token is verified to be passed, transmitting the JSon network token to a back-end server includes:
when the front end of the micro service center judges that the JSON network token is not empty and the JSON network token passes verification, the JSON network token is stored in a header file and the header file is transmitted to a back-end server;
the back-end server analyzes the JSON network token to obtain the personal identity information of the user; and according to the personal identity information of the user, determining the identity verification result of the user, including:
the back-end server analyzes the JSON network token to obtain an attribute value of authentication information in the header file;
obtaining the personal identity information of the user according to the attribute value; and determining the authentication result of the user according to the personal identity information of the user.
Optionally, when the front end of the microservice center determines that the JSon network token is not empty and the JSon network token is verified to be passed, transmitting the JSon network token to a back-end server includes:
when the front end of the micro service center judges that the JSON network token is not empty and the JSON network token passes verification, a data acquisition request and the JSON network token are transmitted to a back-end server;
after the identity authentication of the user is verified, determining the data of the service item requested to be acquired by the user according to the data acquisition request, and returning the data of the service item to the front end of the micro-service center.
In a second aspect, an embodiment of the present application further provides a user identity authentication apparatus, including:
the receiving unit is used for receiving the JSON network token sent by the user through the portal center;
the transmission unit is used for transmitting the JSON network token to a back-end server when the JSON network token is judged not to be empty and the JSON network token passes verification;
the determining unit is used for analyzing the JSON network token to obtain the personal identity information of the user; and determining the authentication result of the user according to the personal identity information of the user.
Optionally, the JSon network token is generated by the backend server by encrypting with a private key in advance.
Optionally, the transmission unit is specifically configured to:
when the front end of the micro service center judges that the JSON network token is not empty and the JSON network token passes verification, the JSON network token is stored in a header file and the header file is transmitted to a back-end server;
the determining unit is specifically configured to:
obtaining the personal identity information of the user according to the attribute value; and determining the authentication result of the user according to the personal identity information of the user.
Optionally, the transmission unit is specifically configured to:
when the front end of the micro service center judges that the JSON network token is not empty and the JSON network token passes verification, a data acquisition request and the JSON network token are transmitted to a back-end server;
the device further comprises:
and the return unit is used for determining the data of the service item acquired by the user request according to the data acquisition request after the identity authentication of the user is verified to pass, and returning the data of the service item to the front end of the micro service center.
An embodiment of the present application further provides a user authentication device, including: a processor, a memory, a system bus;
the processor and the memory are connected through the system bus;
the memory is used for storing one or more programs, and the one or more programs comprise instructions which, when executed by the processor, cause the processor to execute any implementation manner of the user identity authentication method.
An embodiment of the present application further provides a computer-readable storage medium, where instructions are stored in the computer-readable storage medium, and when the instructions are run on a terminal device, the terminal device is enabled to execute any implementation manner of the user identity authentication method.
According to the user identity verification method, device and equipment provided by the embodiment of the application, firstly, the front end of a micro service center receives a JSON network token sent by a user through a portal center, then, when the front end of the micro service center judges that the JSON network token is not empty and the JSON network token passes verification, the JSON network token is transmitted to a back end server, and then, the back end server analyzes the JSON network token to obtain personal identity information of the user; and determining the authentication result of the user according to the personal identity information of the user. Therefore, the identity of the user can be verified more quickly and accurately by using the JSON network Token (Joson Web Token, jwt for short), extra storage resources are not occupied, expandability is strong, privacy is good, service popularization is convenient to follow-up to the user, and user experience is improved.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic flowchart of a user identity authentication method according to an embodiment of the present application;
FIG. 2 is an interaction diagram of user authentication provided by an embodiment of the present application;
fig. 3 is a schematic composition diagram of a user authentication device according to an embodiment of the present application.
Detailed Description
At present, in a micro-service architecture, a token is usually adopted to verify the identity of a user, and the method can be specifically divided into two verification methods: one is to use the device number/device mac address as token. Although the method is characterized in that the client and the server unify a token with a unique identifier, each device is guaranteed to have a unique session, the client does not need to log in again and only needs to log in once, the token can be used all the time later, the overtime problem is handled by the server, the server only needs to inquire the token transmitted by the client into the database and assign the token to the variable token, and the token is timed again when overtime occurs, but the client needs to carry a device number (mac) address as a parameter for transmission and the server also needs to store the token. Another way is to use the session value directly as token. Although the verification method does not need to store data, after the session expires, the user can only log in again through the client to access the data of the back-end server, which results in poor user experience.
In order to solve the above defects, the embodiment of the present application provides a user identity verification method, first, the front end of the micro service center receives a JSon network token sent by a user through a portal center, then, when the front end of the micro service center judges that the JSon network token is not empty and passes the JSon network token verification, the JSon network token is transmitted to a back-end server, and then, the back-end server analyzes the JSon network token to obtain personal identity information of the user; and determining the authentication result of the user according to the personal identity information of the user. Therefore, the identity of the user can be verified more quickly and accurately by using the JSON network Token (Joson Web Token, jwt for short), extra storage resources are not occupied, expandability is strong, privacy is good, service popularization is convenient to follow-up to the user, and user experience is improved.
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
First embodiment
Referring to fig. 1, a schematic flow chart of a user authentication method provided in this embodiment is shown, where the method includes the following steps:
s101: the front end of the micro service center receives the JSON network token sent by the user through the portal center.
It should be noted that, with the increasing and widening of the application of the micro-service and the changing of the market demand, the iteration of the banking business is more frequent, and the multiplication of the banking business volume makes the original single application unable to adapt to the new user demand, so the application is upgraded to the micro-service application by modifying the platform.
After the original technical architecture is upgraded to a micro-service architecture, the docking portal center micro-service has natural advantages, codes can be decoupled, different teams can be concentrated on work duties in a smaller range, the deployment can be carried out safely and frequently by using independent technologies, and service discovery and service calling are independent of a service platform. A single micro-service background adopts springboot which can support various REST API realization modes, and a front end adopts vue to realize foreground and background separation and rapid development. However, when micro-services are adopted, how to implement a series of authentication from a front end to a background and how to classify user roles into different projects according to the authentication are needed to be solved urgently.
Therefore, in this embodiment, in order to verify the user identity in the micro service architecture more quickly and accurately, without occupying additional storage resources, facilitating subsequent service promotion for the user, and improving user experience, the JSon network token sent by the user through the portal center needs to be received through the front end of the micro service center, so as to implement accurate verification of the user identity in the micro service architecture through subsequent steps S102 to S103.
The JSon Web Token (Joson Web Token, test jwt) is a lightweight cross-security platform transport format, and is also a JSon-based open standard implemented for passing declarations between Web application environments. The compact self-contained approach is used to transfer information between two communicating parties that is secured with JSON objects because the presence of digital signatures makes the information authentic. jwt contains three parts: header, payload, signature, and based on the usage scenario of the present application, it is necessary to prevent different center cross-pollination jwt while preventing jwt information playback and tampering.
An optional implementation manner is that the JSon network token is generated by the backend server by using a private key for encryption in advance, specifically, in the implementation of identity verification, after a user logs in a system by using its authentication information (e.g., unique information representing the identity of the user, such as an identification number of the user, a bank card number, and the like), the server encrypts the authentication information by using the private key to generate jwt, and then returns the jwt to the user as a token for logging next time, so that the user only needs to locally store the token. And since jwt does not use cookies, API services are provided at any domain name without worrying about cross-domain resource sharing issues.
Specifically, for a single micro service, jwt sent by a user through a portal center is received from the front end, whether the service is empty is judged jwt, and if the service is empty, the service returns to the previous step for re-transmission. If not, the jwt is further verified, if jwt verification fails, redirection to an empty page is required, and if verification succeeds, the subsequent step S102 may be executed.
S102: and when the front end of the micro service center judges that the JSON network token is not empty and the JSON network token passes the verification of the JSON network token, transmitting the JSON network token to a back-end server.
It should be noted that, it is not enough that the preliminary verification performed at the front end in step S101 is obviously accurate, and a background is also needed to cooperate to form a complete set of identity verification apparatus, so in this embodiment, if the JSon network token sent by the user through the portal center is received in step S101, and it is determined that the JSon network token is not empty and the JSon network token is verified, the JSon network token may be transmitted to the back-end server to execute the subsequent step S103.
S103: the back-end server analyzes the JSON network token to obtain personal identity information of the user; and determining the authentication result of the user according to the personal identity information of the user.
In this embodiment, after receiving the JSon network token, the backend server may further analyze the JSon network token to obtain personal identity information of the user, such as unique information representing the identity of the user, such as an identity card number of the user, a bank card number, and the like, and since the personal identity information of the user is stored when the backend server generates jwt of the user, the analyzed personal identity information of the user is matched and checked with the stored personal identity information of the user to determine an authentication result of the user, that is, when the two pieces of information are consistent, it is indicated that the user passes authentication, and when the two pieces of information are inconsistent, it is indicated that the user fails authentication.
An optional implementation manner is that when the front end of the micro service center judges that the JSon network token is not empty and the JSon network token passes verification, the JSon network token can be stored in a Header file Header and transmitted to a back-end server, so that the back-end server can obtain personal identity information of a user according to an attribute value after analyzing the JSon network token and obtaining the attribute value of authentication information in the Header file; and determining the authentication result of the user according to the personal identity information of the user.
In addition, another optional implementation manner is that when the front end of the micro service center judges that the JSon network token is not empty and the JSon network token is verified to be passed, the data acquisition request and the JSon network token can be transmitted to the back-end server together, so that after the identity verification of the user is passed, the back-end server can determine the data of the service item acquired by the user request according to the data acquisition request and return the data of the service item to the front end of the micro service center for the user to query and use.
In order to facilitate understanding of the above technical solutions of the present application, the present application provides an interactive diagram of user authentication as shown in fig. 2, specifically, a user may log in from a portal center (such as a mobile banking client or a browser web page), and sends a login request using an account number (username) and a password, the server encrypts the user's personal identification information using a private key to generate jwt, and returns jwt to the browser or the client, the front end of each micro service center can verify the information after receiving the information, and after the information passes the verification, the jwt string is placed in a request Header to send a request to the background server, the jwt is verified through the background server, the personal identity information of the user is analyzed, the corresponding service item (such as financial fund) is positioned, the corresponding service data is obtained, and the data information is returned to the browser or the client as a response resource.
For example, the following steps are carried out: taking a micro-service project as a competition platform as an example, the specific process of accessing background resources by a user is as follows: after a background of the micro-service center receives the jwt value transmitted by the competition platform, the competition platform requests detailed information of the user according to the user ID, and the competition platform automatically judges whether the competition platform is operable or not and returns roles, rights, items, modules and the like owned by the user. Different user roles have different authorities, and the current setting has ordinary users, project managers, competition platform managers, and the authorities increase in proper order, then have more operable modules. The length of the setting jwt can be expanded according to different role requirements, as shown in the following table:
the generated token format is as follows:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyaWQiOiIxMjM0NTY3ODkwIiwicHJvamVjdGlkIjoieHh4IiwiZXhwIjoiMjAyMDA0MDQyMjU3MDUiLCJzZXJ2ZXJ0b2tlbiI6Ijg2N2ViY2UwLWQzMmEtNDU3My04NzU2LTFhMjg2YzBkMzNhOCJ9.FguVpKBXak6IrsNpvoJ4QIyuTbEgmsJsUZEVlCina_A
the format for putting token value into the fullpath of the front end for delivery is as follows:
Http://ip:port/ssojwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyaWQiOiIxMjM0NTY3ODkwIiwicHJvamVjdGlkIjoieHh4IiwiZXhwIjoiMjAyMDA0MDQyMjU3MDUiLCJzZXJ2ZXJ0b2tlbiI6Ijg2N2ViY2UwLWQzMmEtNDU3My04NzU2LTFhMjg2YzBkMzNhOCJ9.FguVpKBXak6IrsNpvoJ4QIyuTbEgmsJsUZEVlCina_A。
therefore, a set of complete user identity authentication method is formed from the front end to the background, the method does not occupy extra storage resources, has strong expandability, greatly meets the requirements of self-definition and individuation of a micro-service center, solves the problem of dynamically adjusting and distributing resources according to different roles of portal users, and can be automatically expanded by a competition platform according to subsequent service requirements and processes for in-line and out-of-line popularization.
In summary, in the user identity verification method provided in this embodiment, first, the front end of the micro service center receives the JSon network token sent by the user through the portal center, and then, when the front end of the micro service center determines that the JSon network token is not empty and the JSon network token passes verification, the JSon network token is transmitted to the back end server, and then, the back end server analyzes the JSon network token to obtain personal identity information of the user; and determining the authentication result of the user according to the personal identity information of the user. Therefore, the identity of the user can be verified more quickly and accurately by using the JSON network Token (Joson Web Token, jwt for short), extra storage resources are not occupied, expandability is strong, privacy is good, service popularization is convenient to follow-up to the user, and user experience is improved.
Second embodiment
In this embodiment, a user authentication device will be described, and please refer to the above method embodiment for related contents.
Referring to fig. 3, a schematic composition diagram of a user authentication device provided in this embodiment is shown, where the device includes:
a receiving unit 301, configured to receive a JSon network token sent by a user through a portal center;
the transmission unit 302 is used for transmitting the JSON network token to a back-end server when the JSON network token is judged not to be empty and the JSON network token passes verification;
a determining unit 303, configured to analyze the JSon network token to obtain personal identity information of the user; and determining the authentication result of the user according to the personal identity information of the user.
In an implementation manner of this embodiment, the JSon network token is generated by the backend server by using a private key for encryption in advance.
In an implementation manner of this embodiment, the transmission unit 302 is specifically configured to:
when the front end of the micro service center judges that the JSON network token is not empty and the JSON network token passes verification, the JSON network token is stored in a header file and the header file is transmitted to a back-end server;
the determining unit 303 is specifically configured to:
obtaining the personal identity information of the user according to the attribute value; and determining the authentication result of the user according to the personal identity information of the user.
In an implementation manner of this embodiment, the transmission unit 302 is specifically configured to:
when the front end of the micro service center judges that the JSON network token is not empty and the JSON network token passes verification, a data acquisition request and the JSON network token are transmitted to a back-end server;
the device further comprises:
and the return unit is used for determining the data of the service item acquired by the user request according to the data acquisition request after the identity authentication of the user is verified to pass, and returning the data of the service item to the front end of the micro service center.
In summary, in the user identity authentication device provided in this embodiment, first, the front end of the micro service center receives the JSon network token sent by the user through the portal center, and then, when the front end of the micro service center determines that the JSon network token is not empty and the JSon network token passes verification, the JSon network token is transmitted to the back end server, and then, the back end server parses the JSon network token to obtain personal identity information of the user; and determining the authentication result of the user according to the personal identity information of the user. Therefore, the identity of the user can be verified more quickly and accurately by using the JSON network Token (Joson Web Token, jwt for short), extra storage resources are not occupied, expandability is strong, privacy is good, service popularization is convenient to follow-up to the user, and user experience is improved.
Further, an embodiment of the present application further provides a user authentication device, including: a processor, a memory, a system bus;
the processor and the memory are connected through the system bus;
the memory is used for storing one or more programs, and the one or more programs comprise instructions which, when executed by the processor, cause the processor to execute any implementation method of the user identity authentication method.
Further, an embodiment of the present application further provides a computer-readable storage medium, where instructions are stored in the computer-readable storage medium, and when the instructions are run on a terminal device, the terminal device is caused to execute any implementation method of the user identity authentication method.
As can be seen from the above description of the embodiments, those skilled in the art can clearly understand that all or part of the steps in the above embodiment methods can be implemented by software plus a necessary general hardware platform. Based on such understanding, the technical solution of the present application may be essentially or partially implemented in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network communication device such as a media gateway, etc.) to execute the method according to the embodiments or some parts of the embodiments of the present application.
It should be noted that, in the present specification, the embodiments are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments may be referred to each other. The device disclosed by the embodiment corresponds to the method disclosed by the embodiment, so that the description is simple, and the relevant points can be referred to the method part for description.
It is further noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (10)
1. A method for authenticating a user, comprising:
the front end of the micro service center receives a JSON network token sent by a user through the portal center;
when the front end of the micro service center judges that the JSON network token is not empty and the JSON network token passes verification, the JSON network token is transmitted to a back-end server;
the back-end server analyzes the JSON network token to obtain the personal identity information of the user; and determining the authentication result of the user according to the personal identity information of the user.
2. The method of claim 1, wherein the JSon network token is generated by the backend server in advance using private key encryption.
3. The method of claim 1, wherein transmitting the JSon network token to a backend server when the front end of the microservice center determines that the JSon network token is not empty and the JSon network token is verified comprises:
when the front end of the micro service center judges that the JSON network token is not empty and the JSON network token passes verification, the JSON network token is stored in a header file and the header file is transmitted to a back-end server;
the back-end server analyzes the JSON network token to obtain the personal identity information of the user; and according to the personal identity information of the user, determining the identity verification result of the user, including:
the back-end server analyzes the JSON network token to obtain an attribute value of authentication information in the header file;
obtaining the personal identity information of the user according to the attribute value; and determining the authentication result of the user according to the personal identity information of the user.
4. The method of claim 1, wherein transmitting the JSon network token to a backend server when the front end of the microservice center determines that the JSon network token is not empty and the JSon network token is verified comprises:
when the front end of the micro service center judges that the JSON network token is not empty and the JSON network token passes verification, a data acquisition request and the JSON network token are transmitted to a back-end server;
after the identity authentication of the user is verified, determining the data of the service item requested to be acquired by the user according to the data acquisition request, and returning the data of the service item to the front end of the micro-service center.
5. A user authentication apparatus, comprising:
the receiving unit is used for receiving the JSON network token sent by the user through the portal center;
the transmission unit is used for transmitting the JSON network token to a back-end server when the JSON network token is judged not to be empty and the JSON network token passes verification;
the determining unit is used for analyzing the JSON network token to obtain the personal identity information of the user; and determining the authentication result of the user according to the personal identity information of the user.
6. The apparatus of claim 5, wherein the JSON network token is generated by the backend server in advance using private key encryption.
7. The apparatus according to claim 5, wherein the transmission unit is specifically configured to:
when the front end of the micro service center judges that the JSON network token is not empty and the JSON network token passes verification, the JSON network token is stored in a header file and the header file is transmitted to a back-end server;
the determining unit is specifically configured to:
obtaining the personal identity information of the user according to the attribute value; and determining the authentication result of the user according to the personal identity information of the user.
8. The apparatus according to claim 5, wherein the transmission unit is specifically configured to:
when the front end of the micro service center judges that the JSON network token is not empty and the JSON network token passes verification, a data acquisition request and the JSON network token are transmitted to a back-end server;
the device further comprises:
and the return unit is used for determining the data of the service item acquired by the user request according to the data acquisition request after the identity authentication of the user is verified to pass, and returning the data of the service item to the front end of the micro service center.
9. A user authentication apparatus, comprising: a processor, a memory, a system bus;
the processor and the memory are connected through the system bus;
the memory is to store one or more programs, the one or more programs comprising instructions, which when executed by the processor, cause the processor to perform the method of any of claims 1-4.
10. A computer-readable storage medium having stored therein instructions that, when executed on a terminal device, cause the terminal device to perform the method of any one of claims 1-4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011565258.8A CN112671777B (en) | 2020-12-25 | 2020-12-25 | User identity authentication method, device and equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011565258.8A CN112671777B (en) | 2020-12-25 | 2020-12-25 | User identity authentication method, device and equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112671777A true CN112671777A (en) | 2021-04-16 |
| CN112671777B CN112671777B (en) | 2023-04-07 |
Family
ID=75409372
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011565258.8A Active CN112671777B (en) | 2020-12-25 | 2020-12-25 | User identity authentication method, device and equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112671777B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114513350A (en) * | 2022-02-08 | 2022-05-17 | 中国农业银行股份有限公司 | Identity verification method, system and storage medium |
| CN119848821A (en) * | 2024-12-05 | 2025-04-18 | 浪潮云信息技术股份公司 | User identity verification method |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107809317A (en) * | 2017-11-09 | 2018-03-16 | 郑州云海信息技术有限公司 | A kind of identity identifying method and system based on token digital signature |
| US20190095835A1 (en) * | 2017-09-22 | 2019-03-28 | Sensormatic Electronics, LLC | Use of identity and access management for service provisioning |
| CN111865984A (en) * | 2020-07-21 | 2020-10-30 | 浪潮云信息技术股份公司 | Stateless authentication method for micro-service system |
-
2020
- 2020-12-25 CN CN202011565258.8A patent/CN112671777B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20190095835A1 (en) * | 2017-09-22 | 2019-03-28 | Sensormatic Electronics, LLC | Use of identity and access management for service provisioning |
| CN107809317A (en) * | 2017-11-09 | 2018-03-16 | 郑州云海信息技术有限公司 | A kind of identity identifying method and system based on token digital signature |
| CN111865984A (en) * | 2020-07-21 | 2020-10-30 | 浪潮云信息技术股份公司 | Stateless authentication method for micro-service system |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114513350A (en) * | 2022-02-08 | 2022-05-17 | 中国农业银行股份有限公司 | Identity verification method, system and storage medium |
| CN119848821A (en) * | 2024-12-05 | 2025-04-18 | 浪潮云信息技术股份公司 | User identity verification method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112671777B (en) | 2023-04-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109587133B (en) | A single sign-on system and method | |
| US11068575B2 (en) | Authentication system | |
| KR102624700B1 (en) | Biometric identification and verification between IoT devices and applications | |
| US9438633B1 (en) | System, method and computer program product for providing unified authentication services for online applications | |
| US10861000B2 (en) | Method, system, and apparatus for application loading | |
| US8495720B2 (en) | Method and system for providing multifactor authentication | |
| CN106254560B (en) | Information transmission method and device | |
| US8819253B2 (en) | Network message generation for automated authentication | |
| US20150186875A1 (en) | Information Configuration Method, Device, System, Client And Server | |
| US7752322B2 (en) | System for ubiquitous network presence and access without cookies | |
| CN103140890A (en) | Method and apparatus for voice signature authentication | |
| CN104836812A (en) | Portal authentication method, device and system | |
| CN112866249B (en) | Application login management method, device and storage medium | |
| CN112671777B (en) | User identity authentication method, device and equipment | |
| CN109936579A (en) | Single sign-on method, device, equipment and computer readable storage medium | |
| CN114143333B (en) | Oracle data processing method and centralized oracle module | |
| US7093019B1 (en) | Method and apparatus for providing an automated login process | |
| US20040250135A1 (en) | Method of authenticating a log-on request and related apparatus | |
| US20060026692A1 (en) | Network resource access authentication apparatus and method | |
| CN110113375A (en) | Resource share method and device, system, storage medium | |
| CN109274699A (en) | Method for authenticating, device, server and storage medium | |
| CN105429978A (en) | Data access methods and system, and equipment | |
| CN107318100A (en) | Method, device and system for binding mobile phone numbers | |
| KR20210130414A (en) | Login system and authentication method | |
| CN102868981B (en) | Based on the network service push method of mobile terminal, equipment and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |